I would agree with the diff.. @claudio (for what it is worth) in principle 240.0.0.0/4 was reserved for future use in the past... so changing that today makes sense to me ...
On Fri, 6 May 2022 at 13:20, Claudio Jeker <cje...@diehard.n-r-g.com> wrote: > > On Thu, May 05, 2022 at 11:37:24AM +0200, Claudio Jeker wrote: > > So most routing daemons and other network daemons like pppd do not allow > > 240/4 as IPs because they check the IP against IN_BADCLASS(). > > I think it is time to remove this restriction. > > > > Now there is another magical network 0.0.0.0/8 which is not allowed in > > some but not all of the routing daemons. Not sure if that should be > > removed or blocked in all daemons. > > The discussion about this diff totally derailed so lets try again. Anyone > wants to OK this? > > -- > :wq Claudio > > Index: usr.sbin/bgpd/kroute.c > =================================================================== > RCS file: /cvs/src/usr.sbin/bgpd/kroute.c,v > retrieving revision 1.244 > diff -u -p -r1.244 kroute.c > --- usr.sbin/bgpd/kroute.c 8 Mar 2022 12:58:57 -0000 1.244 > +++ usr.sbin/bgpd/kroute.c 5 May 2022 08:48:27 -0000 > @@ -1448,12 +1448,11 @@ kr_redistribute(int type, struct ktable > return; > > /* > - * We consider the loopback net, multicast and experimental addresses > + * We consider the loopback net and multicast addresses > * as not redistributable. > */ > a = ntohl(kr->prefix.s_addr); > - if (IN_MULTICAST(a) || IN_BADCLASS(a) || > - (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) > + if (IN_MULTICAST(a) || (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) > return; > > /* Check if the nexthop is the loopback addr. */ > Index: usr.sbin/bgpd/rde.c > =================================================================== > RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v > retrieving revision 1.544 > diff -u -p -r1.544 rde.c > --- usr.sbin/bgpd/rde.c 22 Mar 2022 10:53:08 -0000 1.544 > +++ usr.sbin/bgpd/rde.c 5 May 2022 08:48:49 -0000 > @@ -1790,10 +1790,10 @@ bad_flags: > UPD_READ(&nexthop.v4.s_addr, p, plen, 4); > /* > * Check if the nexthop is a valid IP address. We consider > - * multicast and experimental addresses as invalid. > + * multicast addresses as invalid. > */ > tmp32 = ntohl(nexthop.v4.s_addr); > - if (IN_MULTICAST(tmp32) || IN_BADCLASS(tmp32)) { > + if (IN_MULTICAST(tmp32)) { > rde_update_err(peer, ERR_UPDATE, ERR_UPD_NEXTHOP, > op, len); > return (-1); > Index: usr.sbin/eigrpd/util.c > =================================================================== > RCS file: /cvs/src/usr.sbin/eigrpd/util.c,v > retrieving revision 1.10 > diff -u -p -r1.10 util.c > --- usr.sbin/eigrpd/util.c 7 Dec 2018 08:40:54 -0000 1.10 > +++ usr.sbin/eigrpd/util.c 5 May 2022 08:53:31 -0000 > @@ -224,7 +224,7 @@ bad_addr_v4(struct in_addr addr) > > if (((a >> IN_CLASSA_NSHIFT) == 0) || > ((a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) || > - IN_MULTICAST(a) || IN_BADCLASS(a)) > + IN_MULTICAST(a)) > return (1); > > return (0); > Index: usr.sbin/ldpd/util.c > =================================================================== > RCS file: /cvs/src/usr.sbin/ldpd/util.c,v > retrieving revision 1.5 > diff -u -p -r1.5 util.c > --- usr.sbin/ldpd/util.c 7 Dec 2018 08:40:54 -0000 1.5 > +++ usr.sbin/ldpd/util.c 5 May 2022 08:54:03 -0000 > @@ -223,7 +223,7 @@ bad_addr_v4(struct in_addr addr) > > if (((a >> IN_CLASSA_NSHIFT) == 0) || > ((a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) || > - IN_MULTICAST(a) || IN_BADCLASS(a)) > + IN_MULTICAST(a)) > return (1); > > return (0); > Index: usr.sbin/mrouted/inet.c > =================================================================== > RCS file: /cvs/src/usr.sbin/mrouted/inet.c,v > retrieving revision 1.6 > diff -u -p -r1.6 inet.c > --- usr.sbin/mrouted/inet.c 21 Apr 2013 06:42:43 -0000 1.6 > +++ usr.sbin/mrouted/inet.c 5 May 2022 08:57:09 -0000 > @@ -36,7 +36,6 @@ inet_valid_host(u_int32_t naddr) > addr = ntohl(naddr); > > return (!(IN_MULTICAST(addr) || > - IN_BADCLASS (addr) || > (addr & 0xff000000) == 0)); > } > > @@ -83,7 +82,7 @@ inet_valid_subnet(u_int32_t nsubnet, u_i > (subnet & 0xff000000) == 0x7f000000 || > (subnet & 0xff000000) == 0x00000000) return (FALSE); > } > - else if (IN_CLASSD(subnet) || IN_BADCLASS(subnet)) { > + else if (IN_CLASSD(subnet)) { > /* Above Class C address space */ > return (FALSE); > } > Index: usr.sbin/ospfd/kroute.c > =================================================================== > RCS file: /cvs/src/usr.sbin/ospfd/kroute.c,v > retrieving revision 1.114 > diff -u -p -r1.114 kroute.c > --- usr.sbin/ospfd/kroute.c 20 Aug 2020 03:09:28 -0000 1.114 > +++ usr.sbin/ospfd/kroute.c 5 May 2022 08:54:30 -0000 > @@ -565,12 +565,11 @@ kr_redist_eval(struct kroute *kr, struct > goto dont_redistribute; > > /* > - * We consider the loopback net, multicast and experimental addresses > + * We consider the loopback net and multicast addresses > * as not redistributable. > */ > a = ntohl(kr->prefix.s_addr); > - if (IN_MULTICAST(a) || IN_BADCLASS(a) || > - (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) > + if (IN_MULTICAST(a) || (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) > goto dont_redistribute; > /* > * Consider networks with nexthop loopback as not redistributable > Index: usr.sbin/pppd/auth.c > =================================================================== > RCS file: /cvs/src/usr.sbin/pppd/auth.c,v > retrieving revision 1.39 > diff -u -p -r1.39 auth.c > --- usr.sbin/pppd/auth.c 17 Nov 2017 20:48:30 -0000 1.39 > +++ usr.sbin/pppd/auth.c 5 May 2022 09:01:51 -0000 > @@ -1120,7 +1120,7 @@ bad_ip_adrs(addr) > { > addr = ntohl(addr); > return (addr >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET > - || IN_MULTICAST(addr) || IN_BADCLASS(addr); > + || IN_MULTICAST(addr); > } > > /* > Index: usr.sbin/ripd/kroute.c > =================================================================== > RCS file: /cvs/src/usr.sbin/ripd/kroute.c,v > retrieving revision 1.34 > diff -u -p -r1.34 kroute.c > --- usr.sbin/ripd/kroute.c 11 Dec 2019 21:04:59 -0000 1.34 > +++ usr.sbin/ripd/kroute.c 5 May 2022 08:54:46 -0000 > @@ -357,12 +357,11 @@ dont_redistribute: > return; > > /* > - * We consider the loopback net, multicast and experimental addresses > + * We consider the loopback net and multicast addresses > * as not redistributable. > */ > a = ntohl(kr->prefix.s_addr); > - if (IN_MULTICAST(a) || IN_BADCLASS(a) || > - (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) > + if (IN_MULTICAST(a) || (a >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) > return; > /* > * Consider networks with nexthop loopback as not redistributable > -- Kindest regards, Tom Smyth.