On Thu, May 05, 2022 at 11:37:24AM +0200, Claudio Jeker wrote: > So most routing daemons and other network daemons like pppd do not allow > 240/4 as IPs because they check the IP against IN_BADCLASS(). > I think it is time to remove this restriction. > > Now there is another magical network 0.0.0.0/8 which is not allowed in > some but not all of the routing daemons. Not sure if that should be > removed or blocked in all daemons.
The discussion about this diff totally derailed so lets try again. Anyone wants to OK this? -- :wq Claudio Index: usr.sbin/bgpd/kroute.c =================================================================== RCS file: /cvs/src/usr.sbin/bgpd/kroute.c,v retrieving revision 1.244 diff -u -p -r1.244 kroute.c --- usr.sbin/bgpd/kroute.c 8 Mar 2022 12:58:57 -0000 1.244 +++ usr.sbin/bgpd/kroute.c 5 May 2022 08:48:27 -0000 @@ -1448,12 +1448,11 @@ kr_redistribute(int type, struct ktable return; /* - * We consider the loopback net, multicast and experimental addresses + * We consider the loopback net and multicast addresses * as not redistributable. */ a = ntohl(kr->prefix.s_addr); - if (IN_MULTICAST(a) || IN_BADCLASS(a) || - (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) + if (IN_MULTICAST(a) || (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) return; /* Check if the nexthop is the loopback addr. */ Index: usr.sbin/bgpd/rde.c =================================================================== RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v retrieving revision 1.544 diff -u -p -r1.544 rde.c --- usr.sbin/bgpd/rde.c 22 Mar 2022 10:53:08 -0000 1.544 +++ usr.sbin/bgpd/rde.c 5 May 2022 08:48:49 -0000 @@ -1790,10 +1790,10 @@ bad_flags: UPD_READ(&nexthop.v4.s_addr, p, plen, 4); /* * Check if the nexthop is a valid IP address. We consider - * multicast and experimental addresses as invalid. + * multicast addresses as invalid. */ tmp32 = ntohl(nexthop.v4.s_addr); - if (IN_MULTICAST(tmp32) || IN_BADCLASS(tmp32)) { + if (IN_MULTICAST(tmp32)) { rde_update_err(peer, ERR_UPDATE, ERR_UPD_NEXTHOP, op, len); return (-1); Index: usr.sbin/eigrpd/util.c =================================================================== RCS file: /cvs/src/usr.sbin/eigrpd/util.c,v retrieving revision 1.10 diff -u -p -r1.10 util.c --- usr.sbin/eigrpd/util.c 7 Dec 2018 08:40:54 -0000 1.10 +++ usr.sbin/eigrpd/util.c 5 May 2022 08:53:31 -0000 @@ -224,7 +224,7 @@ bad_addr_v4(struct in_addr addr) if (((a >> IN_CLASSA_NSHIFT) == 0) || ((a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) || - IN_MULTICAST(a) || IN_BADCLASS(a)) + IN_MULTICAST(a)) return (1); return (0); Index: usr.sbin/ldpd/util.c =================================================================== RCS file: /cvs/src/usr.sbin/ldpd/util.c,v retrieving revision 1.5 diff -u -p -r1.5 util.c --- usr.sbin/ldpd/util.c 7 Dec 2018 08:40:54 -0000 1.5 +++ usr.sbin/ldpd/util.c 5 May 2022 08:54:03 -0000 @@ -223,7 +223,7 @@ bad_addr_v4(struct in_addr addr) if (((a >> IN_CLASSA_NSHIFT) == 0) || ((a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) || - IN_MULTICAST(a) || IN_BADCLASS(a)) + IN_MULTICAST(a)) return (1); return (0); Index: usr.sbin/mrouted/inet.c =================================================================== RCS file: /cvs/src/usr.sbin/mrouted/inet.c,v retrieving revision 1.6 diff -u -p -r1.6 inet.c --- usr.sbin/mrouted/inet.c 21 Apr 2013 06:42:43 -0000 1.6 +++ usr.sbin/mrouted/inet.c 5 May 2022 08:57:09 -0000 @@ -36,7 +36,6 @@ inet_valid_host(u_int32_t naddr) addr = ntohl(naddr); return (!(IN_MULTICAST(addr) || - IN_BADCLASS (addr) || (addr & 0xff000000) == 0)); } @@ -83,7 +82,7 @@ inet_valid_subnet(u_int32_t nsubnet, u_i (subnet & 0xff000000) == 0x7f000000 || (subnet & 0xff000000) == 0x00000000) return (FALSE); } - else if (IN_CLASSD(subnet) || IN_BADCLASS(subnet)) { + else if (IN_CLASSD(subnet)) { /* Above Class C address space */ return (FALSE); } Index: usr.sbin/ospfd/kroute.c =================================================================== RCS file: /cvs/src/usr.sbin/ospfd/kroute.c,v retrieving revision 1.114 diff -u -p -r1.114 kroute.c --- usr.sbin/ospfd/kroute.c 20 Aug 2020 03:09:28 -0000 1.114 +++ usr.sbin/ospfd/kroute.c 5 May 2022 08:54:30 -0000 @@ -565,12 +565,11 @@ kr_redist_eval(struct kroute *kr, struct goto dont_redistribute; /* - * We consider the loopback net, multicast and experimental addresses + * We consider the loopback net and multicast addresses * as not redistributable. */ a = ntohl(kr->prefix.s_addr); - if (IN_MULTICAST(a) || IN_BADCLASS(a) || - (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) + if (IN_MULTICAST(a) || (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) goto dont_redistribute; /* * Consider networks with nexthop loopback as not redistributable Index: usr.sbin/pppd/auth.c =================================================================== RCS file: /cvs/src/usr.sbin/pppd/auth.c,v retrieving revision 1.39 diff -u -p -r1.39 auth.c --- usr.sbin/pppd/auth.c 17 Nov 2017 20:48:30 -0000 1.39 +++ usr.sbin/pppd/auth.c 5 May 2022 09:01:51 -0000 @@ -1120,7 +1120,7 @@ bad_ip_adrs(addr) { addr = ntohl(addr); return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET - || IN_MULTICAST(addr) || IN_BADCLASS(addr); + || IN_MULTICAST(addr); } /* Index: usr.sbin/ripd/kroute.c =================================================================== RCS file: /cvs/src/usr.sbin/ripd/kroute.c,v retrieving revision 1.34 diff -u -p -r1.34 kroute.c --- usr.sbin/ripd/kroute.c 11 Dec 2019 21:04:59 -0000 1.34 +++ usr.sbin/ripd/kroute.c 5 May 2022 08:54:46 -0000 @@ -357,12 +357,11 @@ dont_redistribute: return; /* - * We consider the loopback net, multicast and experimental addresses + * We consider the loopback net and multicast addresses * as not redistributable. */ a = ntohl(kr->prefix.s_addr); - if (IN_MULTICAST(a) || IN_BADCLASS(a) || - (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) + if (IN_MULTICAST(a) || (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) return; /* * Consider networks with nexthop loopback as not redistributable