commit 21775861a453dd25aacb50e76637bdec1d1a31cf from: Stefan Sperling date: Wed Oct 09 14:45:30 2024 UTC preserve only manually added ndp table entries in startup config nsh was mistakenly adding all ndp table entries to startup-config when the configuration was saved with write-config. This results in spurious 'permanent' ndp entries when the written config is loaded. If you find spurious permanent ndp entries on your system these entries must be removed via 'no ndp ', then use 'write-config' to save the fixed the configuration. Alternatively, remove all lines which set unwanted permanent NDP entries from /etc/nshrc and reboot. Problem reported and fix tested by Tom. ok Tom commit - a19921892669f5995d8ded4c0cf7238bf40e6213 commit + 21775861a453dd25aacb50e76637bdec1d1a31cf blob - cd771f24c72f9b2004e4a92ebb224c853e8c0b9b blob + fb50b6294674355067d69e1886d059c6cfa3e2a1 --- ndp.c +++ ndp.c @@ -755,8 +755,6 @@ conf_ndp(FILE *output, char *delim) for (next = rtdump->buf; next < rtdump->lim; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)next; if (rtm->rtm_version != RTM_VERSION) - continue; - if (!(rtm->rtm_flags & RTF_HOST)) continue; conf_ndp_entry(output, delim, rtm); } @@ -769,6 +767,19 @@ conf_ndp_entry(FILE *output, char *delim, struct rt_ms { struct sockaddr_in6 *sin6; struct sockaddr_dl *sdl; + static struct in6_nbrinfo *nbi; + + /* Ignore entries which describe routes to networks. */ + if (!(rtm->rtm_flags & RTF_HOST)) + return; + + /* + * Ignore local entries. These correspond to addresses configured + * on our network interfaces, and will already be preserved in case + * of static IPs, and should not be preserved for dynamic IPs. + */ + if (rtm->rtm_flags & RTF_LOCAL) + return; sin6 = (struct sockaddr_in6 *)((char *)rtm + rtm->rtm_hdrlen); in6_fillscopeid(sin6); @@ -776,6 +787,15 @@ conf_ndp_entry(FILE *output, char *delim, struct rt_ms if (sdl->sdl_family != AF_LINK) return; + /* Skip table entries for addresses learned via NDP protocol. */ + nbi = getnbrinfo(&sin6->sin6_addr, sdl->sdl_index, 0); + if (nbi == NULL || nbi->expire != 0) + return; + + /* + * This is a 'permanent' non-local entry. We assume this entry + * was manually added to the NDP table, and should be preserved. + */ fprintf(output, "%s%s %s", delim, routename6(sin6), ether_str(sdl)); if (rtm->rtm_flags & RTF_ANNOUNCE) fputs(" proxy", output);