"ip neigh flush" command removes entries with "extern_learn" and "permanent" set

Question

If arp/neighbor entries are programmed with both "extern_learn" and "permanent", "ip neigh flush" command throws "Invalid argument" error, but the entries are removed. Since they are control plane programmed entries, they should't be removed. Is this a known issue?

For example,

ip neigh show|grep 1.2.3.4        
1.2.3.4 dev Vlan100 lladdr 00:00:11:22:33:44 extern_learn  PERMANENT

ip neigh flush 1.2.3.4        
Failed to send flush request: Invalid argument

ip neigh show|grep 1.2.3.4         
====> returns nothing

for your info

uname -a    
Linux sonic 4.19.0-9-2-amd64 #1 SMP Debian 4.19.118-2+deb10u1 (2020-06-07) x86_64 GNU/Linux

Answer 1

The API that ip uses is the same API was used to program the entries in the first place, and now they're getting removed the same way that the "control plane" would remove them – for all it knows, they could've been added by hand through ip neigh add with the same flags.

The optional 'protocol' field should be used to distinguish entries added by the control plane. It is commonly seen in the routing table; e.g. manually added routes default to 'proto boot', BIRD tags its own routes 'proto bird', Quagga/FRR tags its 'proto zebra' – so one can use ip route flush proto boot to avoid deleting the automatically configured ones. (Looks like this doesn't quite work properly for neighbour table yet.)