[dhcpv6 relay] - DHCPv6 relay forwards request from client with malformed payload

[ppikh]

Description

DHCPv6 relay forwards request from client with malformed payload

For example in case when topology is next: DHCP6 client ------ > DHCP6 relay ------ > DHCP6 server

Scenario can be emulated using Scapy traffic generator

Connection in scenario is next: Ethernet116 - connected to enp130s0f0 which will send request message to DHCP6 relay Ethernet120 - connected to enp131s0f1 which act as DHCPv6 server - here we expect to get packet

Steps to reproduce the issue:

1. Add IP on host which act as DHCPv6 server: ip addr add 6900::2/64 dev enp131s0f1
2. Do config on DUT:

   
   config interface ip add Ethernet120 6900::1/64

config vlan add 690 config interface ip add Vlan690 6900:1::1/64

config vlan member add -u 690 Ethernet116

3. Do DHCPv6 relay config on DUT by applying config(dhcp_config.json):

{ "DHCP_RELAY": { "Vlan690": { "dhcpv6_servers": [ "6900::2" ] } }, "VLAN": { "Vlan690": { "dhcpv6_servers": [ "6900::2" ] } } }

config load -y dhcp_config.json config save -y config reload -y

4. Check that DHCPv6 relay config applied: "show vlan brief"
5. Send packet using scapy from host connected to port Ethernet116

ifc = 'enp130s0f0'

pkt = Ether(dst="33:33:00:01:00:02")/IPv6(src="fe80::e42:a1ff:fec0:993e", dst="ff02::1:2")/UDP(sport=546, dport=547)/DHCP6_Request()/Raw("test string here")

sendp(pkt, iface=ifc)

6. Check that packet forwarded by DHCPv6 relay to dhcp server - to IP 6900::2

#### Describe the results you received:
Packet forwarded by DHCPv6 relay to DHCP server IP 6900::2

#### Describe the results you expected:
Packet not forwarded by DHCPv6 relay to DHCP server IP 6900::2

#### Output of `show version`:

SONiC Software Version: SONiC.master.253-dbdce62ef_Internal Distribution: Debian 11.2 Kernel: 5.10.0-8-2-amd64 Build commit: dbdce62ef Build date: Tue Jan 4 20:39:14 UTC 2022 Built by: sw-r2d2-bot@r-build-sonic-ci02-241

Platform: x86_64-mlnx_msn2410-r0 HwSKU: ACS-MSN2410 ASIC: mellanox ASIC Count: 1 Serial Number: MT1921X01546 Model Number: MSN2410-CB2FO Hardware Revision: A2 Uptime: 13:38:01 up 4:15, 1 user, load average: 1.47, 2.45, 4.12

Docker images: REPOSITORY TAG IMAGE ID SIZE docker-syncd-mlnx latest 46cb7cb27c65 1.01GB docker-syncd-mlnx master.253-dbdce62ef_Internal 46cb7cb27c65 1.01GB docker-platform-monitor latest bf0d3b324f90 810MB docker-platform-monitor master.253-dbdce62ef_Internal bf0d3b324f90 810MB urm.nvidia.com/sw-nbu-sws-sonic-docker/sonic-wjh 1.0.0-master-internal-21 4200ee0c4d1c 467MB docker-teamd latest 6eb7e9deb6c5 438MB docker-teamd master.253-dbdce62ef_Internal 6eb7e9deb6c5 438MB docker-sflow latest cca0a6bacbc1 439MB docker-sflow master.253-dbdce62ef_Internal cca0a6bacbc1 439MB docker-orchagent latest 6a0813492654 458MB docker-orchagent master.253-dbdce62ef_Internal 6a0813492654 458MB docker-nat latest d929afd91b99 441MB docker-nat master.253-dbdce62ef_Internal d929afd91b99 441MB docker-macsec latest dcbc568ccec6 441MB docker-macsec master.253-dbdce62ef_Internal dcbc568ccec6 441MB docker-fpm-frr latest 72dd6b2bbabd 457MB docker-fpm-frr master.253-dbdce62ef_Internal 72dd6b2bbabd 457MB docker-dhcp-relay latest c646bc83cc8c 436MB docker-sonic-telemetry latest 606f26ae194f 511MB docker-sonic-telemetry master.253-dbdce62ef_Internal 606f26ae194f 511MB docker-sonic-mgmt-framework latest 7c86fd946748 578MB docker-sonic-mgmt-framework master.253-dbdce62ef_Internal 7c86fd946748 578MB docker-snmp latest 546605aaf36c 465MB docker-snmp master.253-dbdce62ef_Internal 546605aaf36c 465MB docker-router-advertiser latest dafc3d1fb775 423MB docker-router-advertiser master.253-dbdce62ef_Internal dafc3d1fb775 423MB docker-mux latest b68969e05d75 475MB docker-mux master.253-dbdce62ef_Internal b68969e05d75 475MB docker-lldp latest 85f1ea2eb1a0 463MB docker-lldp master.253-dbdce62ef_Internal 85f1ea2eb1a0 463MB docker-database latest 89d24c1c4f64 423MB docker-database master.253-dbdce62ef_Internal 89d24c1c4f64 423MB

#### Output of `show techsupport`:

sonic_dump_r-spider-05_20220106_133320.tar.gz

#### Additional information you deem important (e.g. issue happens only occasionally):
Scenario above can pass(packet will not be forwarded) on image from branch 202106(with different DHCPv6 relay implementation)

[liat-grozovik]

@kellyyeh could you please update on next steps?

[kellyyeh]

@liat-grozovik This item is work in progress. Will update thread once the fix is in.

[shlomibitton]

@kellyyeh Do you have an ETA for this fix?

[kellyyeh]

@shlomibitton PR in progress: https://github.com/Azure/sonic-buildimage/pull/10486

[shlomibitton]

@shlomibitton PR in progress: #10486 @kellyyeh Thanks!