pimd: interface commands to enable/disable bsm processing

(intf)ip pim bsm - to enable bsm processing on the interface (intf)no ip pim bsm - to disable bsm processing on the interface (intf)ip pim unicast-bsm - to enable ucast bsm processing on the interface (intf)no ip pim unicast-bsm - to disable ucast bsm processing on the interface Note: bsm processing and ucast bsm processing is enabled by default on a pim interface. The CLI is implemented as a security feature as recommended by RFC 5059 Signed-off-by: Saravanan K <saravanank@vmware.com>
2025-08-06 09:00:55 +00:00 · 2019-05-02 08:04:47 -07:00 · 2019-05-02 08:04:47 -07:00 · 16c926c85d
commit 16c926c85d
parent 025725f70d
4 changed files with 117 additions and 2 deletions
--- a/pimd/pim_bsm.c
+++ b/pimd/pim_bsm.c
@ -22,7 +22,6 @@
 #include "if.h"
 #include "pimd.h"
 #include "pim_iface.h"
-#include "pim_cmd.h"
 #include "pim_instance.h"
 #include "pim_rpf.h"
 #include "pim_hello.h"
@ -36,6 +35,20 @@ static void pim_bs_timer_start(struct bsm_scope *scope, int bs_timeout);
 static int pim_on_bs_timer(struct thread *t);
 static void pim_bs_timer_stop(struct bsm_scope *scope);

+/* pim_bsm_write_config - Write the interface pim bsm configuration.*/
+void
+pim_bsm_write_config(struct vty *vty, struct interface *ifp)
+{
+	struct pim_interface *pim_ifp = ifp->info;
+
+	if (pim_ifp) {
+		if (!pim_ifp->bsm_enable)
+			vty_out(vty, " no ip pim bsm\n");
+		if (!pim_ifp->ucast_bsm_accept)
+			vty_out(vty, " no ip pim unicast-bsm\n");
+	}
+}
+
 static void pim_free_bsgrp_data(struct bsgrp_node * bsgrp_node)
 {
 	if (bsgrp_node->bsrp_list)
--- a/pimd/pim_bsm.h
+++ b/pimd/pim_bsm.h
@ -187,5 +187,5 @@ struct bsmmsg_rpinfo {
 /* API */
 void pim_bsm_proc_init(struct pim_instance *pim);
 void pim_bsm_proc_free(struct pim_instance *pim);
-
+void pim_bsm_write_config(struct vty *vty, struct interface *ifp);
 #endif
--- a/pimd/pim_cmd.c
+++ b/pimd/pim_cmd.c
@ -7755,6 +7755,94 @@ DEFUN (no_ip_pim_bfd,
 	return CMD_SUCCESS;
 }

+DEFUN (ip_pim_bsm,
+       ip_pim_bsm_cmd,
+       "ip pim bsm",
+       IP_STR
+       PIM_STR
+       "Enables BSM support on the interface\n")
+{
+	VTY_DECLVAR_CONTEXT(interface, ifp);
+	struct pim_interface *pim_ifp = ifp->info;
+
+	if (!pim_ifp) {
+		if (!pim_cmd_interface_add(ifp)) {
+			vty_out(vty, "Could not enable PIM SM on interface\n");
+			return CMD_WARNING;
+		}
+	}
+
+	pim_ifp = ifp->info;
+	pim_ifp->bsm_enable = true;
+
+	return CMD_SUCCESS;
+}
+
+DEFUN (no_ip_pim_bsm,
+       no_ip_pim_bsm_cmd,
+       "no ip pim bsm",
+       NO_STR
+       IP_STR
+       PIM_STR
+       "Disables BSM support\n")
+{
+	VTY_DECLVAR_CONTEXT(interface, ifp);
+	struct pim_interface *pim_ifp = ifp->info;
+
+	if (!pim_ifp) {
+		vty_out(vty, "Pim not enabled on this interface\n");
+		return CMD_WARNING;
+	}
+
+	pim_ifp->bsm_enable = false;
+
+	return CMD_SUCCESS;
+}
+
+DEFUN (ip_pim_ucast_bsm,
+       ip_pim_ucast_bsm_cmd,
+       "ip pim unicast-bsm",
+       IP_STR
+       PIM_STR
+       "Accept/Send unicast BSM on the interface\n")
+{
+	VTY_DECLVAR_CONTEXT(interface, ifp);
+	struct pim_interface *pim_ifp = ifp->info;
+
+	if (!pim_ifp) {
+		if (!pim_cmd_interface_add(ifp)) {
+			vty_out(vty, "Could not enable PIM SM on interface\n");
+			return CMD_WARNING;
+		}
+	}
+
+	pim_ifp = ifp->info;
+	pim_ifp->ucast_bsm_accept = true;
+
+	return CMD_SUCCESS;
+}
+
+DEFUN (no_ip_pim_ucast_bsm,
+       no_ip_pim_ucast_bsm_cmd,
+       "no ip pim unicast-bsm",
+       NO_STR
+       IP_STR
+       PIM_STR
+       "Block send/receive unicast BSM on this interface\n")
+{
+	VTY_DECLVAR_CONTEXT(interface, ifp);
+	struct pim_interface *pim_ifp = ifp->info;
+
+	if (!pim_ifp) {
+		vty_out(vty, "Pim not enabled on this interface\n");
+		return CMD_WARNING;
+	}
+
+	pim_ifp->ucast_bsm_accept = false;
+
+	return CMD_SUCCESS;
+}
+
 #if HAVE_BFDD > 0
 DEFUN_HIDDEN(
 #else
@ -9487,6 +9575,11 @@ void pim_cmd_init(void)
 	install_element(VIEW_NODE, &show_ip_pim_vxlan_sg_work_cmd);
 	install_element(INTERFACE_NODE, &interface_pim_use_source_cmd);
 	install_element(INTERFACE_NODE, &interface_no_pim_use_source_cmd);
+	/* Install BSM command */
+	install_element(INTERFACE_NODE, &ip_pim_bsm_cmd);
+	install_element(INTERFACE_NODE, &no_ip_pim_bsm_cmd);
+	install_element(INTERFACE_NODE, &ip_pim_ucast_bsm_cmd);
+	install_element(INTERFACE_NODE, &no_ip_pim_ucast_bsm_cmd);
 	/* Install BFD command */
 	install_element(INTERFACE_NODE, &ip_pim_bfd_cmd);
 	install_element(INTERFACE_NODE, &ip_pim_bfd_param_cmd);
--- a/pimd/pim_vty.c
+++ b/pimd/pim_vty.c
@ -39,6 +39,7 @@
 #include "pim_msdp.h"
 #include "pim_ssm.h"
 #include "pim_bfd.h"
+#include "pim_bsm.h"
 #include "pim_vxlan.h"

 int pim_debug_config_write(struct vty *vty)
@ -120,6 +121,11 @@ int pim_debug_config_write(struct vty *vty)
 		++writes;
 	}

+	if (PIM_DEBUG_BSM) {
+		vty_out(vty, "debug pim bsm\n");
+		++writes;
+	}
+
 	if (PIM_DEBUG_VXLAN) {
 		vty_out(vty, "debug pim vxlan\n");
 		++writes;
@ -383,7 +389,10 @@ int pim_interface_config_write(struct vty *vty)

 				writes +=
 					pim_static_write_mroute(pim, vty, ifp);
+				pim_bsm_write_config(vty, ifp);
+				++writes;
 				pim_bfd_write_config(vty, ifp);
+				++writes;
 			}
 			vty_endframe(vty, "!\n");
 			++writes;