20190702-1 never cleans up `route-allowed-ips` when it's disabled

Question

20190702-1 never cleans up `route-allowed-ips` when it's disabled

Opened this issue 5 years ago · 1 comments

If at a certain point you set route-allowed-ips to true, commit your config, then set it back again to false (for example, because you'll use manual static routes), the Kernel routes aren't removed, and traffic is blackholed.

Rebooting the device (with a saved set to "false") seems to make it so they're not added in the first place.

Answer 1 · 2019-09-09T15:37:25.000Z

Haven't tested this myself, but just from looking at the templates it looks like there's indeed not any logic for disabling route-allowed-ips properly.

AFAIK the only time we remove routes is when removing allowed-ips entries.