Skip to content

pbrd: fix disorder of rule #19332

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

pbrd: fix disorder of rule #19332

wants to merge 1 commit into from
+1 −0

Conversation

anlancs
Copy link
Contributor

@anlancs anlancs commented Aug 4, 2025
edited
Loading

When pbr_nht_delete_individual_nexthop() removes nexthop, the pbr common is indeed updated when the last one is being updated or deleted as comment said in this function. But if there are more than one nexthops in one pbr-map instance, it wrongly doesn't remove the ip rule which is previously sent to the kernel. In this case, it will lead to the disorder of rule in kernel.

With this configuration: ( The nexthops of "1300::3" and "3.3.3.3" is in "vrf1", and not in vrf "default".)

pbr-map aa seq 1
 match dst-ip 9.9.9.9/32
 set nexthop 3.3.3.3 nexthop-vrf vrf1
exit
!
pbr-map aa seq 2
 match dst-ip 9999::9/32
 set nexthop 1300::3 nexthop-vrf vrf1
exit
!

int vlan100
  pbr-policy  aa
exit

Now all is okay.

Then, trigger pbr_nht_delete_individual_nexthop() by:

anlan# config
anlan(config)# pbr-map aa seq 1
anlan(config-pbr-map)# set nexthop 3.3.3.3
anlan(config-pbr-map)#

Now ip rule/ip route will be in disorder/inconsistent status. For example, ip rule is with table 10001, but there is empty things in ip table 10001.

@anlancs
pbrd: fix disorder of rule
a06d9bf 
When `pbr_nht_delete_individual_nexthop()` removes nexthop, the pbr common is
indeed updated when the last one is being updated or deleted as comment said in
this function.  But if there are more than one nexthops in one pbr-map instance,
it wrongly doesn't remove the `ip rule` which is previously sent to the kernel.
In this case, it will lead to the disorder of rule in kernel.

Signed-off-by: anlan_cs <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bugfix master pbr size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anlancs