From ce6b2a559f15b1970c4cea4c826f3c4f67bc9835 Mon Sep 17 00:00:00 2001 From: eddie barlev Date: Mon, 5 Aug 2024 10:56:56 +0300 Subject: [PATCH] Use configured local address over the one that is taken from the BGP session. This is needed in cases when using VRFs over GENEVE Tunnels where we bind the listening address to one internal IP for security reasons. Without this fix the local address was overridden with the listening address resulting in wrong nexthop advertisement. --- pkg/server/server.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkg/server/server.go b/pkg/server/server.go index 8888f39ab..69e2c837b 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -879,6 +879,9 @@ func (s *BgpServer) toConfig(peer *peer, getAdvertised bool) *oc.Neighbor { if state == bgp.BGP_FSM_ESTABLISHED { peer.fsm.lock.RLock() conf.Transport.State.LocalAddress, conf.Transport.State.LocalPort = peer.fsm.LocalHostPort() + if conf.Transport.Config.LocalAddress != "0.0.0.0" { + conf.Transport.State.LocalAddress = conf.Transport.Config.LocalAddress + } _, conf.Transport.State.RemotePort = peer.fsm.RemoteHostPort() buf, _ := peer.fsm.recvOpen.Serialize() // need to copy all values here @@ -1616,6 +1619,10 @@ func (s *BgpServer) handleFSMMessage(peer *peer, e *fsmMsg) { // exclude zone info ipaddr, _ := net.ResolveIPAddr("ip", laddr) peer.fsm.peerInfo.LocalAddress = ipaddr.IP + if peer.fsm.pConf.Transport.Config.LocalAddress != "0.0.0.0" { + peer.fsm.peerInfo.LocalAddress = net.ParseIP(peer.fsm.pConf.Transport.Config.LocalAddress) + peer.fsm.pConf.Transport.State.LocalAddress = peer.fsm.pConf.Transport.Config.LocalAddress + } neighborAddress := peer.fsm.pConf.State.NeighborAddress peer.fsm.lock.Unlock() deferralExpiredFunc := func(family bgp.RouteFamily) func() {