Browse Source

ospf6d: review LSA sequence number comparison

It seems that there is a bug in ospf6d in ospf6_lsa_compare(): If LSA A
has sequence number smaller than 0x80000000 and LSA B has sequence
number larger than 0x80000000, ospf6_lsa_compare() returns that B is
more recent than A, although RFC says that sequence numbers should be
compared as signed numbers (0x8000001 smallest and 0x7FFFFFFF largest).

In ospfd, the function ospf_lsa_more_recent() has it right.

The problem appears when Quagga is used together with OSPFv3 in
development version of BIRD daemon ( ),
which creates LSAs with maximum sequence number (0x7FFFFFFF)
as a part of flushing/premature aging LSA from OSPF area.

Because both daemons has different idea of which LSA instance
is more recent, it would lead to LSA storm.
Ondrej Zajicek 11 years ago
1 changed files with 4 additions and 7 deletions
  1. 4 7

+ 4 - 7

@@ -256,7 +256,7 @@ ospf6_lsa_premature_aging (struct ospf6_lsa *lsa)
 ospf6_lsa_compare (struct ospf6_lsa *a, struct ospf6_lsa *b)
-  signed long seqnuma, seqnumb;
+  int seqnuma, seqnumb;
   u_int16_t cksuma, cksumb;
   u_int16_t agea, ageb;
@@ -264,16 +264,13 @@ ospf6_lsa_compare (struct ospf6_lsa *a, struct ospf6_lsa *b)
   assert (b && b->header);
   assert (OSPF6_LSA_IS_SAME (a, b));
-  seqnuma = ((signed long) ntohl (a->header->seqnum))
-             - (signed long) INITIAL_SEQUENCE_NUMBER;
-  seqnumb = ((signed long) ntohl (b->header->seqnum))
-             - (signed long) INITIAL_SEQUENCE_NUMBER;
+  seqnuma = (int) ntohl (a->header->seqnum);
+  seqnumb = (int) ntohl (b->header->seqnum);
   /* compare by sequence number */
-  /* XXX, LS sequence number wrapping */
   if (seqnuma > seqnumb)
     return -1;
-  else if (seqnuma < seqnumb)
+  if (seqnuma < seqnumb)
     return 1;
   /* Checksum */