Revert "Rpki Encapsulation"

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
2025-07-31 06:56:13 +00:00 · 2020-07-14 15:37:14 -04:00 · 2020-07-14 15:37:14 -04:00 · 1d4cfa5de1
commit 1d4cfa5de1
parent 35d78b8b86
11 changed files with 238 additions and 1191 deletions
--- a/bgpd/bgp_debug.c
+++ b/bgpd/bgp_debug.c
@ -30,7 +30,6 @@
 #include "memory.h"
 #include "queue.h"
 #include "filter.h"
-#include "hook.h"

 #include "bgpd/bgpd.h"
 #include "bgpd/bgp_aspath.h"
@ -48,9 +47,6 @@
 #include "bgpd/bgp_vty.h"
 #include "bgpd/bgp_flowspec.h"

-DEFINE_HOOK(bgp_hook_config_write_debug, (struct vty *vty, bool running),
-	    (vty, running))
-
 unsigned long conf_bgp_debug_as4;
 unsigned long conf_bgp_debug_neighbor_events;
 unsigned long conf_bgp_debug_events;
@ -2172,7 +2168,7 @@ DEFUN_NOSH (show_debugging_bgp,
 		vty_out(vty, "  BGP policy based routing debugging is on\n");
 	if (BGP_DEBUG(pbr, PBR_ERROR))
 		vty_out(vty, "  BGP policy based routing error debugging is on\n");
-	hook_call(bgp_hook_config_write_debug, vty, false);
+
 	vty_out(vty, "\n");
 	return CMD_SUCCESS;
 }
@ -2288,9 +2284,6 @@ static int bgp_config_write_debug(struct vty *vty)
 		vty_out(vty, "debug bgp graceful-restart\n");
 		write++;
 	}
-
-	if (hook_call(bgp_hook_config_write_debug, vty, true))
-		write++;
 	return write;
 }

--- a/bgpd/bgp_debug.h
+++ b/bgpd/bgp_debug.h
@ -21,15 +21,9 @@
 #ifndef _QUAGGA_BGP_DEBUG_H
 #define _QUAGGA_BGP_DEBUG_H

-#include "hook.h"
-#include "vty.h"
-
 #include "bgp_attr.h"
 #include "bgp_updgrp.h"

-DECLARE_HOOK(bgp_hook_config_write_debug, (struct vty *vty, bool running),
-	     (vty, running))
-
 /* sort of packet direction */
 #define DUMP_ON        1
 #define DUMP_SEND      2
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@ -61,16 +61,10 @@
 #include "bgpd/bgp_network.h"
 #include "bgpd/bgp_errors.h"

-DEFINE_HOOK(bgp_hook_config_write_vrf, (struct vty *vty, struct vrf *vrf),
-	    (vty, vrf))
-
 #ifdef ENABLE_BGP_VNC
 #include "bgpd/rfapi/rfapi_backend.h"
 #endif

-DEFINE_HOOK(bgp_hook_vrf_update, (struct vrf *vrf, bool enabled),
-	    (vrf, enabled))
-
 /* bgpd options, we use GNU getopt library. */
 static const struct option longopts[] = {
 	{"bgp_port", required_argument, NULL, 'p'},
@ -308,7 +302,6 @@ static int bgp_vrf_enable(struct vrf *vrf)
 		if (old_vrf_id != bgp->vrf_id)
 			bgp_redistribute_redo(bgp);
 		bgp_instance_up(bgp);
-		hook_call(bgp_hook_vrf_update, vrf, true);
 		vpn_leak_zebra_vrf_label_update(bgp, AFI_IP);
 		vpn_leak_zebra_vrf_label_update(bgp, AFI_IP6);
 		vpn_leak_postchange(BGP_VPN_POLICY_DIR_TOVPN, AFI_IP,
@ -358,37 +351,16 @@ static int bgp_vrf_disable(struct vrf *vrf)
 		if (old_vrf_id != bgp->vrf_id)
 			bgp_unset_redist_vrf_bitmaps(bgp, old_vrf_id);
 		bgp_instance_down(bgp);
-		hook_call(bgp_hook_vrf_update, vrf, false);
 	}

 	/* Note: This is a callback, the VRF will be deleted by the caller. */
 	return 0;
 }

-static int bgp_vrf_config_write(struct vty *vty)
-{
-	struct vrf *vrf;
-
-	RB_FOREACH (vrf, vrf_name_head, &vrfs_by_name) {
-		if (vrf->vrf_id == VRF_DEFAULT) {
-			vty_out(vty, "!\n");
-			continue;
-		}
-		vty_out(vty, "vrf %s\n", vrf->name);
-
-		hook_call(bgp_hook_config_write_vrf, vty, vrf);
-
-		vty_out(vty, " exit-vrf\n!\n");
-	}
-
-	return 0;
-}
-
 static void bgp_vrf_init(void)
 {
 	vrf_init(bgp_vrf_new, bgp_vrf_enable, bgp_vrf_disable,
 		 bgp_vrf_delete, bgp_vrf_enable);
-	vrf_cmd_init(bgp_vrf_config_write, &bgpd_privs);
 }

 static void bgp_vrf_terminate(void)
--- a/bgpd/bgp_rpki.c
+++ b/bgpd/bgp_rpki.c
--- a/bgpd/bgpd.h
+++ b/bgpd/bgpd.h
@ -43,9 +43,6 @@
 #include "bgp_labelpool.h"
 #include "bgp_addpath_types.h"

-DECLARE_HOOK(bgp_hook_config_write_vrf, (struct vty *vty, struct vrf *vrf),
-	    (vty, vrf))
-
 #define BGP_MAX_HOSTNAME 64	/* Linux max, is larger than most other sys */
 #define BGP_PEER_MAX_HASH_SIZE 16384

@ -681,8 +678,6 @@ DECLARE_HOOK(bgp_inst_delete, (struct bgp *bgp), (bgp))
 DECLARE_HOOK(bgp_inst_config_write,
 		(struct bgp *bgp, struct vty *vty),
 		(bgp, vty))
-DECLARE_HOOK(bgp_hook_vrf_update, (struct vrf *vrf, bool enabled),
-	    (vrf, enabled))

 /* Thread callback information */
 struct afi_safi_info {
--- a/doc/user/rpki.rst
+++ b/doc/user/rpki.rst
@ -60,9 +60,8 @@ Enabling RPKI
   This command enables the RPKI configuration mode. Most commands that start
   with *rpki* can only be used in this mode.

-   This command is available either in *configure node* for default *vrf* or
-   in *vrf node* for specific *vrf*. When it is used in a telnet session,
-   leaving of this mode cause rpki to be initialized.
+   When it is used in a telnet session, leaving of this mode cause rpki to be
+   initialized.

   Executing this command alone does not activate prefix validation. You need
   to configure at least one reachable cache server. See section
@ -92,9 +91,6 @@ Examples of the error::
   router(config)# rpki
   % [BGP] Unknown command: rpki

-   router(config-vrf)# rpki
-   % [BGP] Unknown command: rpki
-
 Note that the RPKI commands will be available in vtysh when running
 ``find rpki`` regardless of whether the module is loaded.

@ -103,14 +99,7 @@ Note that the RPKI commands will be available in vtysh when running
 Configuring RPKI/RTR Cache Servers
 ----------------------------------

-RPKI/RTR can be configured independently, either in configure node, or in *vrf*
-sub context. If configured in configure node, the core *bgp* instance of default
-*vrf* is impacted by the configuration.
-
-Each RPKI/RTR context is mapped to a *vrf* and can be made up of a specific list
-of cache-servers, and specific settings.
-
-The following commands are available for independent of a specific cache server.
+The following commands are independent of a specific cache server.

 .. index:: rpki polling_period (1-3600)
 .. clicmd:: rpki polling_period (1-3600)
@ -211,27 +200,27 @@ Debugging
 Displaying RPKI
 ---------------

-.. index:: show rpki prefix <A.B.C.D/M|X:X::X:X/M> [(1-4294967295)] [vrf NAME]
-.. clicmd:: show rpki prefix <A.B.C.D/M|X:X::X:X/M> [(1-4294967295)] [vrf NAME]
+.. index:: show rpki prefix <A.B.C.D/M|X:X::X:X/M> [(1-4294967295)]
+.. clicmd:: show rpki prefix <A.B.C.D/M|X:X::X:X/M> [(1-4294967295)]

   Display validated prefixes received from the cache servers filtered
   by the specified prefix.

-.. index:: show rpki as-number ASN [vrf NAME]
-.. clicmd:: show rpki as-number ASN [vrf NAME]
+.. index:: show rpki as-number ASN
+.. clicmd:: show rpki as-number ASN

   Display validated prefixes received from the cache servers filtered
   by ASN.

-.. index:: show rpki prefix-table [vrf NAME]
-.. clicmd:: show rpki prefix-table [vrf NAME]
+.. index:: show rpki prefix-table
+.. clicmd:: show rpki prefix-table

   Display all validated prefix to origin AS mappings/records which have been
   received from the cache servers and stored in the router. Based on this data,
   the router validates BGP Updates.

-.. index:: show rpki cache-connection [vrf NAME]
-.. clicmd:: show rpki cache-connection [vrf NAME]
+.. index:: show rpki cache-connection
+.. clicmd:: show rpki cache-connection

   Display all configured cache servers, whether active or not.

@ -282,54 +271,5 @@ RPKI Configuration Example
   route-map rpki permit 40
   !

-RPKI Configuration Example with VRF
-----------------------------------
-
-.. code-block:: frr
-
-   hostname bgpd1
-   password zebra
-   ! log stdout
-   debug bgp updates
-   debug bgp keepalives
-   debug rpki
-   !
-   vrf vrf_connect
-    rpki
-     rpki polling_period 1000
-     rpki timeout 10
-      ! SSH Example:
-      rpki cache example.com 22 rtr-ssh ./ssh_key/id_rsa ./ssh_key/id_rsa.pub preference 1
-      ! TCP Example:
-      rpki cache rpki-validator.realmv6.org 8282 preference 2
-      exit
-    !
-    exit-vrf
-   router bgp 60001 vrf vrf_connect
-    bgp router-id 141.22.28.223
-    network 192.168.0.0/16
-    neighbor 123.123.123.0 remote-as 60002
-    neighbor 123.123.123.0 route-map rpki in
-   !
-    address-family ipv6
-     neighbor 123.123.123.0 activate
-      neighbor 123.123.123.0 route-map rpki in
-    exit-address-family
-   !
-   route-map rpki permit 10
-    match rpki invalid
-    set local-preference 10
-   !
-   route-map rpki permit 20
-    match rpki notfound
-    set local-preference 20
-   !
-   route-map rpki permit 30
-    match rpki valid
-    set local-preference 30
-   !
-   route-map rpki permit 40
-   !
-
 .. [Securing-BGP] Geoff Huston, Randy Bush: Securing BGP, In: The Internet Protocol Journal, Volume 14, No. 2, 2011. <http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_14-2/142_bgp.html>
 .. [Resource-Certification] Geoff Huston: Resource Certification, In: The Internet Protocol Journal, Volume 12, No.1, 2009. <http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_12-1/121_resource.html>
--- a/lib/command.c
+++ b/lib/command.c
@ -841,9 +841,6 @@ enum node_type node_parent(enum node_type node)
 	case BFD_PROFILE_NODE:
 		ret = BFD_NODE;
 		break;
-	case RPKI_VRF_NODE:
-		ret = VRF_NODE;
-		break;
 	default:
 		ret = CONFIG_NODE;
 		break;
--- a/lib/command.h
+++ b/lib/command.h
@ -159,7 +159,6 @@ enum node_type {
 	OPENFABRIC_NODE,	/* OpenFabric router configuration node */
 	VRRP_NODE,		 /* VRRP node */
 	BMP_NODE,		/* BMP config under router bgp */
-	RPKI_VRF_NODE,  /* RPKI node for VRF */
 	NODE_TYPE_MAX, /* maximum */
 };

--- a/vtysh/vtysh.c
+++ b/vtysh/vtysh.c
@ -1481,13 +1481,6 @@ static struct cmd_node rpki_node = {
 	.prompt = "%s(config-rpki)# ",
 };

-static struct cmd_node rpki_vrf_node = {
-	.name = "rpki",
-	.node = RPKI_VRF_NODE,
-	.parent_node = VRF_NODE,
-	.prompt = "%s(config-vrf-rpki)# ",
-};
-
 #if HAVE_BFDD > 0
 static struct cmd_node bfd_node = {
 	.name = "bfd",
@ -1669,26 +1662,13 @@ DEFUNSH(VTYSH_BGPD, address_family_ipv6_labeled_unicast,
 	return CMD_SUCCESS;
 }

-DEFUNSH(VTYSH_BGPD,
-	no_rpki,
-	no_rpki_cmd,
-	"no rpki",
-	NO_STR
-	"rpki\n")
-{
-	return CMD_SUCCESS;
-}
-
 DEFUNSH(VTYSH_BGPD,
 	rpki,
 	rpki_cmd,
 	"rpki",
 	"Enable rpki and enter rpki configuration mode\n")
 {
-	if (vty->node == CONFIG_NODE)
-		vty->node = RPKI_NODE;
-	else
-		vty->node = RPKI_VRF_NODE;
+	vty->node = RPKI_NODE;
 	return CMD_SUCCESS;
 }

@ -3838,7 +3818,6 @@ void vtysh_init_vty(void)
 	install_node(&vty_node);
 	install_node(&rpki_node);
 	install_node(&bmp_node);
-	install_node(&rpki_vrf_node);
 #if HAVE_BFDD > 0
 	install_node(&bfd_node);
 	install_node(&bfd_peer_node);
@ -4083,15 +4062,9 @@ void vtysh_init_vty(void)
 	install_element(BMP_NODE, &vtysh_end_all_cmd);

 	install_element(CONFIG_NODE, &rpki_cmd);
-	install_element(CONFIG_NODE, &no_rpki_cmd);
-	install_element(VRF_NODE, &rpki_cmd);
-	install_element(VRF_NODE, &no_rpki_cmd);
 	install_element(RPKI_NODE, &rpki_exit_cmd);
 	install_element(RPKI_NODE, &rpki_quit_cmd);
 	install_element(RPKI_NODE, &vtysh_end_all_cmd);
-	install_element(RPKI_VRF_NODE, &rpki_exit_cmd);
-	install_element(RPKI_VRF_NODE, &rpki_quit_cmd);
-	install_element(RPKI_VRF_NODE, &vtysh_end_all_cmd);

 	/* EVPN commands */
 	install_element(BGP_EVPN_NODE, &bgp_evpn_vni_cmd);
--- a/vtysh/vtysh.h
+++ b/vtysh/vtysh.h
@ -54,7 +54,7 @@ DECLARE_MGROUP(MVTYSH)
 #define VTYSH_ALL	  VTYSH_ZEBRA|VTYSH_RIPD|VTYSH_RIPNGD|VTYSH_OSPFD|VTYSH_OSPF6D|VTYSH_LDPD|VTYSH_BGPD|VTYSH_ISISD|VTYSH_PIMD|VTYSH_NHRPD|VTYSH_EIGRPD|VTYSH_BABELD|VTYSH_SHARPD|VTYSH_PBRD|VTYSH_STATICD|VTYSH_BFDD|VTYSH_FABRICD|VTYSH_VRRPD
 #define VTYSH_RMAP	  VTYSH_ZEBRA|VTYSH_RIPD|VTYSH_RIPNGD|VTYSH_OSPFD|VTYSH_OSPF6D|VTYSH_BGPD|VTYSH_ISISD|VTYSH_PIMD|VTYSH_EIGRPD|VTYSH_SHARPD|VTYSH_FABRICD
 #define VTYSH_INTERFACE	  VTYSH_ZEBRA|VTYSH_RIPD|VTYSH_RIPNGD|VTYSH_OSPFD|VTYSH_OSPF6D|VTYSH_ISISD|VTYSH_PIMD|VTYSH_NHRPD|VTYSH_EIGRPD|VTYSH_BABELD|VTYSH_PBRD|VTYSH_FABRICD|VTYSH_VRRPD
-#define VTYSH_VRF	  VTYSH_ZEBRA|VTYSH_PIMD|VTYSH_STATICD|VTYSH_BGPD
+#define VTYSH_VRF	  VTYSH_ZEBRA|VTYSH_PIMD|VTYSH_STATICD
 #define VTYSH_KEYS        VTYSH_RIPD|VTYSH_EIGRPD
 /* Daemons who can process nexthop-group configs */
 #define VTYSH_NH_GROUP    VTYSH_PBRD|VTYSH_SHARPD
--- a/vtysh/vtysh_config.c
+++ b/vtysh/vtysh_config.c
@ -265,22 +265,13 @@ void vtysh_config_parse_line(void *arg, const char *line)
 				config_add_line(config->line, line);
 			} else if (!strncmp(line, " ip mroute", strlen(" ip mroute"))) {
 				config_add_line_uniq_end(config->line, line);
-			} else if ((strncmp(line, " rpki", strlen(" rpki")) == 0)
-				   && config->index == VRF_NODE) {
-				config_add_line(config->line, line);
-				config->index = RPKI_VRF_NODE;
 			} else if (config->index == RMAP_NODE
 				   || config->index == INTERFACE_NODE
 				   || config->index == VTY_NODE
 				   || config->index == VRF_NODE
 				   || config->index == NH_GROUP_NODE)
 				config_add_line_uniq(config->line, line);
-			else if (config->index == RPKI_VRF_NODE
-				 && strncmp(line, "  exit",
-					    strlen("  exit")) == 0) {
-				config_add_line(config->line, line);
-				config->index = VRF_NODE;
-			} else
+			else
 				config_add_line(config->line, line);
 		} else
 			config_add_line(config_top, line);
@ -412,8 +403,6 @@ void vtysh_config_parse_line(void *arg, const char *line)
 			config = config_get(MPLS_NODE, line);
 		else if (strncmp(line, "bfd", strlen("bfd")) == 0)
 			config = config_get(BFD_NODE, line);
-		else if (strncmp(line, "rpki", strlen("rpki")) == 0)
-			config = config_get(RPKI_NODE, line);
 		else {
 			if (strncmp(line, "log", strlen("log")) == 0
 			    || strncmp(line, "hostname", strlen("hostname"))