Description
Describe the bug
IS-IS TLV 135 Sub-TLV presence bit is 1 when length is 0.
- [ x ] Did you check if this is a duplicate issue?
- Did you test it on the latest FRRouting/frr master branch?
To Reproduce
# frr.conf
!
frr version 9.0.1_git
frr defaults traditional
hostname router-npm20.lab
no ipv6 forwarding
!
interface eth1
ip address 10.1.20.20/24
ip router isis 1
isis circuit-type level-2-only
isis network point-to-point
exit
!
interface lo
ip address 10.0.20.1/32
ip router isis 1
exit
!
router isis 1
is-type level-2-only
net 49.0000.0100.0002.0001.00
exit
!
end
Expected behavior
Sub-TLV presence bit: 0
Versions
- OS Version:
AlmaLinux 8.8 - Kernel:
4.18.0-477.10.1.el8_8.x86_64 - FRR Version:
9.0.1 (Docker)
Additional context
According to RFC3505 4.2:
4.2. Expandability of the Extended IP Reachability TLV with Sub-TLVs
The extended IP reachability TLV can hold sub-TLVs that apply to a
particular prefix. This allows for easy future extensions. If there
are no sub-TLVs associated with a prefix, the bit indicating the
presence of sub-TLVs SHALL be set to 0. If this bit is set to 1, the
first octet after the prefix will be interpreted as the length of all
sub-TLVs associated with this IPv4 prefix. Please note that while
the encoding allows for 255 octets of sub-TLVs, the maximum value
cannot fit in the overall extended IP reachability TLV. The
practical maximum is 255 octets minus the 5-9 octets described above,
or 250 octets.
However, in this capture, the TLV presence indicator bit is 1 with no Sub-TLVs attached, indicated by the length 0:
No. Src MAC Dst MAC Src Port Dest Port VLAN Length MPLS Label MPLS TTL Info
1 02:42:0a:01:14:14 DEC-MAP-(or-OSI?)-Intermediate-System-Hello? 122 L2 LSP, LSP-ID: 0100.0002.0001.00-00, Sequence: 0x00000002, Lifetime: 980s
Frame 1: 122 bytes on wire (976 bits), 122 bytes captured (976 bits) on interface -, id 0
IEEE 802.3 Ethernet
Logical-Link Control
ISO 10589 ISIS InTRA Domain Routeing Information Exchange Protocol
Intradomain Routing Protocol Discriminator: ISIS (0x83)
Length Indicator: 27
Version/Protocol ID Extension: 1
ID Length: 0
000. .... = Reserved: 0x0
...1 0100 = PDU Type: L2 LSP (20)
Version: 1
Reserved: 0
Maximum Area Addresses: 0
ISO 10589 ISIS Link State Protocol Data Unit
PDU length: 105
Remaining lifetime: 980
LSP-ID: 0100.0002.0001.00-00
Sequence number: 0x00000002
Checksum: 0x7720 [correct]
[Checksum Status: Good]
Type block(0x03): Partition Repair:0, Attached bits:0, Overload bit:0, IS type:3
Protocols supported (t=129, l=1)
Area address(es) (t=1, l=2)
Hostname (t=137, l=16)
Router Capability (t=242, l=5)
Traffic Engineering Router ID (t=134, l=4)
Extended IS reachability (t=22, l=11)
IP Interface address(es) (t=132, l=4)
Extended IP Reachability (t=135, l=19)
Type: 135
Length: 19
Ext. IP Reachability: 10.1.20.0/24
Metric: 10
0... .... = Distribution: Up
.1.. .... = Sub-TLV: Yes
..01 1000 = Prefix Length: 24
IPv4 prefix: 10.1.20.0
SubCLV Length: 0
Ext. IP Reachability: 10.0.20.1/32
Metric: 10
0... .... = Distribution: Up
.1.. .... = Sub-TLV: Yes
..10 0000 = Prefix Length: 32
IPv4 prefix: 10.0.20.1
SubCLV Length: 0
When an Arista EOS is neighboured to an IS-IS adjacency transmitting this PDU, Arista determined the LSP is malformed:
Isis: Instance 0: %ISIS-3-ISIS_LSP_CORRUPT: L2 LSP ID: 0100.0002.0001.0000, Sequence number 0x6 TLV #135(0x87) malformed and fails to process the LSP leaving the adjacency state incomplete.