Skip to content

Use ipv4 class E addresses (240.0.0.0/4) as connected routes by default (backport #18095) #19176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 11, 2025
Merged

Use ipv4 class E addresses (240.0.0.0/4) as connected routes by default (backport #18095) #19176

merged 2 commits into from
Jul 11, 2025

Conversation

mergify[bot]
Copy link

@mergify mergify bot commented Jul 10, 2025

Changes allow ipv4 class E addresses in the 240.0.0.0/4 range to be displayed and used as connected routes in zebra by default.

Reason for changes are cloud providers (with customers still using obsolete ipv4 protocol, i.e. Azure, AWS) running out of ip space and abusing class E for addressing instances (announced via BGP) over tunneling connections back to customers on premise infrastructure.

Kernel routing table:

root@frr:~# ip route
default via 192.168.1.1 dev enp10s0 
192.168.1.0/24 dev enp10s0 proto kernel scope link src 192.168.1.111
192.168.122.0/24 dev enp9s0 proto kernel scope link src 192.168.122.253
240.12.12.0/24 dev enp1s0 proto kernel scope link src 240.12.12.12 <---
240.80.45.0/24 dev enp1s0 proto kernel scope link src 240.80.45.1 <---

Without patch:

frr# show ip route
Codes: K - kernel route, C - connected, L - local, S - static,
       R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric, t - Table-Direct,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

IPv4 unicast VRF default:
K>* 0.0.0.0/0 [0/0] via 192.168.1.1, enp10s0, weight 1, 00:00:14
C>* 192.168.1.0/24 is directly connected, enp10s0, weight 1, 00:00:14
L>* 192.168.1.111/32 is directly connected, enp10s0, weight 1, 00:00:14
C>* 192.168.122.0/24 is directly connected, enp9s0, weight 1, 00:00:14
L>* 192.168.122.253/32 is directly connected, enp9s0, weight 1, 00:00:14
K>* 240.12.12.0/24 [0/0] is directly connected, enp1s0, weight 1, 00:00:14 <---
K>* 240.80.45.0/24 [0/0] is directly connected, enp1s0, weight 1, 00:00:14 <---

With patch:

frr# show ip route
Codes: K - kernel route, C - connected, L - local, S - static,
       R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric, t - Table-Direct,
       > - selected route, * - FIB route, q - queued, r - rejected, b - backup
       t - trapped, o - offload failure

IPv4 unicast VRF default:
K>* 0.0.0.0/0 [0/0] via 192.168.1.1, enp10s0, weight 1, 00:00:16
C>* 192.168.1.0/24 is directly connected, enp10s0, weight 1, 00:00:16
L>* 192.168.1.111/32 is directly connected, enp10s0, weight 1, 00:00:16
C>* 192.168.122.0/24 is directly connected, enp9s0, weight 1, 00:00:16
L>* 192.168.122.253/32 is directly connected, enp9s0, weight 1, 00:00:16
C>* 240.12.12.0/24 is directly connected, enp1s0, weight 1, 00:00:16 <---
L>* 240.12.12.12/32 is directly connected, enp1s0, weight 1, 00:00:16 <---
C>* 240.80.45.0/24 is directly connected, enp1s0, weight 1, 00:00:16 <---
L>* 240.80.45.1/32 is directly connected, enp1s0, weight 1, 00:00:16 <---

Related issues:
#16326
#17942

This is an automatic backport of pull request #18095 done by Mergify.

davischw added 2 commits July 10, 2025 22:08
@davischw @mergify
lib,zebra: Allow class E prefixes in RIB
ae08c6a 
Changes allow ipv4 class E addresses and prefixes in the 240.0.0.0/4
range to be configured on interfaces, imported from the kernel routing
table and redistributed as connected routes in zebra by default.

Changes also fix routes with class E prefixes in kernel routing table
getting rejected by zebra during early daemon startup.

Drivin this change in default behavior are cloud providers (with
customers still using obsolete ipv4 protocol, i.e. Azure, AWS) running
out of ip space and abusing class E for addressing instances (announced
via BGP) over tunneling connections back to customers on premise
infrastructure.

Signed-off-by: David Schweizer <dschweizer@opensourcerouting.org>
(cherry picked from commit 1eef3a7)
@davischw @mergify
doc: Update description of 'allow-reserved-ranges'
9c4597b 
Update user documentation to reflect behavior of config command
'allow-reserved-ranges' after changes enable use of ipv4 class E
addresses by default.

Signed-off-by: David Schweizer <dschweizer@opensourcerouting.org>
(cherry picked from commit 1951e71)
@mergify mergify bot mentioned this pull request Jul 10, 2025
Merged
@ton31337 ton31337 merged commit fb33ae6 into stable/10.3 Jul 11, 2025
21 checks passed
@ton31337 ton31337 deleted the mergify/bp/stable/10.3/pr-18095 branch July 11, 2025 05:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
documentation libfrr size/S stable/10.3 zebra
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ton31337 @davischw