prefix-list no check for duplicate entries
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	Unknown Object (User)
	Jan 19 2022, 2:00 AM

Description

Tested in VyOS 1.4-rolling-202201060842

1.4 allows for prefix lists with duplicate entries:

set policy prefix-list TST_PRF_LST rule 10 action 'permit'
set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
set policy prefix-list TST_PRF_LST rule 20 action 'permit'
set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
set policy prefix-list TST_PRF_LST rule 30 action 'permit'
set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'

commit

As a result, there are problems with the operation of tools such as BGP route-map filtering

The expected behavior is an error as in 1.3:

set policy prefix-list TST_PRF_LST rule 10 action 'permit'
set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
set policy prefix-list TST_PRF_LST rule 20 action 'permit'
set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
set policy prefix-list TST_PRF_LST rule 30 action 'permit'
set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'

vyos@vyos# commit
[ policy prefix-list TST_PRF_LST rule 30 ]
% Configuration failed.

Error type: validation
Error description: duplicated prefix list value: 10.6.6.0/24

[[policy prefix-list TST_PRF_LST]] failed
Commit failed
[edit]

Details

Difficulty level: Unknown (require assessment)
Version: VyOS 1.4-rolling-202201060842
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Event Timeline

Unknown Object (User) created this task.Jan 19 2022, 2:00 AM

Unknown Object (User) created this object in space S1 VyOS Public.

In fact you find a new bug in 1.4

With such configuration:

set policy prefix-list TST_PRF_LST rule 10 action 'permit'
set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
set policy prefix-list TST_PRF_LST rule 20 action 'permit'
set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
set policy prefix-list TST_PRF_LST rule 30 action 'permit'
set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'

commit

There are no any policy in vtysh:

vyos@r11-roll# vtysh -c "show run"
Building configuration...

Current configuration:
!
frr version 8.1
frr defaults traditional
hostname r11-roll
log syslog
log facility local7
agentx
service integrated-vtysh-config
!
ip route 0.0.0.0/0 192.0.2.14
!
end
[edit]
vyos@r11-roll#

pasik added a subscriber: pasik.Jan 19 2022, 2:58 PM

PR https://github.com/vyos/vyos-1x/pull/1190

set policy prefix-list TST_PRF_LST rule 10 action 'permit'
set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
set policy prefix-list TST_PRF_LST rule 20 action 'permit'
set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
set policy prefix-list TST_PRF_LST rule 30 action 'permit'
set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'

vyos@r11-roll# commit
[ policy ]
Prefix 10.6.6.0/24 is duplicated!

[[policy]] failed
Commit failed
[edit]
vyos@r11-roll#

Viacheslav changed the task status from Open to Needs testing.Feb 2 2022, 4:59 PM

Tested on VyOS 1.4-rolling-202202150317:

###### Check for duplicte error ######
vyos@vyos# set policy prefix-list TST_PRF_LST rule 10 action 'permit'
[edit]
vyos@vyos# set policy prefix-list TST_PRF_LST rule 10 prefix '10.5.5.0/24'
[edit]
vyos@vyos# set policy prefix-list TST_PRF_LST rule 20 action 'permit'
[edit]
vyos@vyos# set policy prefix-list TST_PRF_LST rule 20 prefix '10.6.6.0/24'
[edit]
vyos@vyos# set policy prefix-list TST_PRF_LST rule 30 action 'permit'
[edit]
vyos@vyos# set policy prefix-list TST_PRF_LST rule 30 prefix '10.6.6.0/24'
[edit]
vyos@vyos# commit

Prefix 10.6.6.0/24 is duplicated!


###### Delete duplicate, commit, and verify config  ######
vyos@vyos# del policy prefix-list TST_PRF_LST rule 30
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# sudo vtysh -c "show run"
Building configuration...

Current configuration:
!
frr version 8.1
frr defaults traditional
hostname vyos
log syslog
log facility local7
service integrated-vtysh-config
!
ip route 0.0.0.0/0 192.168.122.1 eth0 tag 210 210
!
ip prefix-list TST_PRF_LST seq 10 permit 10.5.5.0/24
ip prefix-list TST_PRF_LST seq 20 permit 10.6.6.0/24
!

n.fort closed this task as Resolved.Feb 23 2022, 3:48 PM

n.fort claimed this task.

prefix-list no check for duplicate entriesClosed, ResolvedPublicBUGActions

Description

Details

Event Timeline

prefix-list no check for duplicate entries
Closed, ResolvedPublicBUG
Actions