proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-07-06 06:00:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: Handle role capability using dynamic capability

Browse Source 
When setting local-role for the neighbor, force sending ROLE capability via
dynamic capability if it's enabled.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
This commit is contained in:
Donatas Abraitis 2023-08-05 22:32:57 +03:00
parent d65249aa65
commit 454d37aec2
3 changed files with 80 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
bgpd/bgp_packet.c
View File

@ -1272,7 +1272,15 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
case CAPABILITY_CODE_FQDN: case CAPABILITY_CODE_FQDN:
case CAPABILITY_CODE_ENHE: case CAPABILITY_CODE_ENHE:
case CAPABILITY_CODE_EXT_MESSAGE: case CAPABILITY_CODE_EXT_MESSAGE:
break;
case CAPABILITY_CODE_ROLE: case CAPABILITY_CODE_ROLE:
if (peer->local_role != ROLE_UNDEFINED) {
SET_FLAG(peer->cap, PEER_CAP_ROLE_ADV);
stream_putc(s, action);
stream_putc(s, CAPABILITY_CODE_ROLE);
stream_putc(s, CAPABILITY_CODE_ROLE_LEN);
stream_putc(s, peer->local_role);
}
break; break;
default: default:
break; break;
@ -2876,7 +2884,22 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
case CAPABILITY_CODE_FQDN: case CAPABILITY_CODE_FQDN:
case CAPABILITY_CODE_ENHE: case CAPABILITY_CODE_ENHE:
case CAPABILITY_CODE_EXT_MESSAGE: case CAPABILITY_CODE_EXT_MESSAGE:
break;
case CAPABILITY_CODE_ROLE: case CAPABILITY_CODE_ROLE:
SET_FLAG(peer->cap, PEER_CAP_ROLE_RCV);
if (hdr->length != CAPABILITY_CODE_ROLE_LEN) {
flog_warn(EC_BGP_CAPABILITY_INVALID_LENGTH,
"Role: Received invalid length %d",
hdr->length);
bgp_notify_send(peer, BGP_NOTIFY_CEASE,
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
return BGP_Stop;
}
uint8_t role;
memcpy(&role, pnt + 3, sizeof(role));
peer->remote_role = role;
break; break;
default: default:
flog_warn( flog_warn(

84
bgpd/bgp_vty.c
View File

@ -6786,14 +6786,9 @@ static uint8_t get_role_by_name(const char *role_str)
return ROLE_UNDEFINED; return ROLE_UNDEFINED;
} }
static int peer_role_set_vty(struct vty *vty, const char *ip_str, static int peer_role_set_vty(struct vty *vty, struct peer *peer,
const char *role_str, bool strict_mode) const char *role_str, bool strict_mode)
{ {
struct peer *peer;
peer = peer_and_group_lookup_vty(vty, ip_str);
if (!peer)
return CMD_WARNING_CONFIG_FAILED;
uint8_t role = get_role_by_name(role_str); uint8_t role = get_role_by_name(role_str);
if (role == ROLE_UNDEFINED) if (role == ROLE_UNDEFINED)
@ -6801,50 +6796,66 @@ static int peer_role_set_vty(struct vty *vty, const char *ip_str,
return bgp_vty_return(vty, peer_role_set(peer, role, strict_mode)); return bgp_vty_return(vty, peer_role_set(peer, role, strict_mode));
} }
static int peer_role_unset_vty(struct vty *vty, const char *ip_str)
{
struct peer *peer;
peer = peer_and_group_lookup_vty(vty, ip_str);
if (!peer)
return CMD_WARNING_CONFIG_FAILED;
return bgp_vty_return(vty, peer_role_unset(peer));
}
DEFPY(neighbor_role, DEFPY(neighbor_role,
neighbor_role_cmd, neighbor_role_cmd,
"neighbor <A.B.C.D|X:X::X:X|WORD> local-role <provider|rs-server|rs-client|customer|peer>", "neighbor <A.B.C.D|X:X::X:X|WORD>$neighbor local-role <provider|rs-server|rs-client|customer|peer>$role",
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR2
"Set session role\n" "Set session role\n"
ROLE_STR) ROLE_STR)
{ {
int idx_peer = 1; int ret;
int idx_role = 3; struct peer *peer;
return peer_role_set_vty(vty, argv[idx_peer]->arg, argv[idx_role]->arg, peer = peer_and_group_lookup_vty(vty, neighbor);
false); if (!peer)
return CMD_WARNING_CONFIG_FAILED;
ret = peer_role_set_vty(vty, peer, role, false);
if (peer_established(peer)) {
if (CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV) &&
CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV))
bgp_capability_send(peer, AFI_IP, SAFI_UNICAST,
CAPABILITY_CODE_ROLE,
CAPABILITY_ACTION_SET);
}
return ret;
} }
DEFPY(neighbor_role_strict, DEFPY(neighbor_role_strict,
neighbor_role_strict_cmd, neighbor_role_strict_cmd,
"neighbor <A.B.C.D|X:X::X:X|WORD> local-role <provider|rs-server|rs-client|customer|peer> strict-mode", "neighbor <A.B.C.D|X:X::X:X|WORD>$neighbor local-role <provider|rs-server|rs-client|customer|peer>$role strict-mode",
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR2
"Set session role\n" "Set session role\n"
ROLE_STR ROLE_STR
"Use additional restriction on peer\n") "Use additional restriction on peer\n")
{ {
int idx_peer = 1; int ret;
int idx_role = 3; struct peer *peer;
return peer_role_set_vty(vty, argv[idx_peer]->arg, argv[idx_role]->arg, peer = peer_and_group_lookup_vty(vty, neighbor);
true); if (!peer)
return CMD_WARNING_CONFIG_FAILED;
ret = peer_role_set_vty(vty, peer, role, true);
if (peer_established(peer)) {
if (CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV) &&
CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV))
bgp_capability_send(peer, AFI_IP, SAFI_UNICAST,
CAPABILITY_CODE_ROLE,
CAPABILITY_ACTION_SET);
}
return ret;
} }
DEFPY(no_neighbor_role, DEFPY(no_neighbor_role,
no_neighbor_role_cmd, no_neighbor_role_cmd,
"no neighbor <A.B.C.D|X:X::X:X|WORD> local-role <provider|rs-server|rs-client|customer|peer> [strict-mode]", "no neighbor <A.B.C.D|X:X::X:X|WORD>$neighbor local-role <provider|rs-server|rs-client|customer|peer> [strict-mode]",
NO_STR NO_STR
NEIGHBOR_STR NEIGHBOR_STR
NEIGHBOR_ADDR_STR2 NEIGHBOR_ADDR_STR2
@ -6852,9 +6863,24 @@ DEFPY(no_neighbor_role,
ROLE_STR ROLE_STR
"Use additional restriction on peer\n") "Use additional restriction on peer\n")
{ {
int idx_peer = 2; int ret;
struct peer *peer;
return peer_role_unset_vty(vty, argv[idx_peer]->arg); peer = peer_and_group_lookup_vty(vty, neighbor);
if (!peer)
return CMD_WARNING_CONFIG_FAILED;
ret = bgp_vty_return(vty, peer_role_unset(peer));
if (peer_established(peer)) {
if (CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV) &&
CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV))
bgp_capability_send(peer, AFI_IP, SAFI_UNICAST,
CAPABILITY_CODE_ROLE,
CAPABILITY_ACTION_UNSET);
}
return ret;
} }
/* disable-connected-check */ /* disable-connected-check */

6
bgpd/bgpd.c
View File

@ -4444,8 +4444,8 @@ static const struct peer_flag_action peer_flag_action_list[] = {
{PEER_FLAG_UPDATE_SOURCE, 0, peer_change_none}, {PEER_FLAG_UPDATE_SOURCE, 0, peer_change_none},
{PEER_FLAG_DISABLE_LINK_BW_ENCODING_IEEE, 0, peer_change_none}, {PEER_FLAG_DISABLE_LINK_BW_ENCODING_IEEE, 0, peer_change_none},
{PEER_FLAG_EXTENDED_OPT_PARAMS, 0, peer_change_reset}, {PEER_FLAG_EXTENDED_OPT_PARAMS, 0, peer_change_reset},
{PEER_FLAG_ROLE_STRICT_MODE, 0, peer_change_reset}, {PEER_FLAG_ROLE_STRICT_MODE, 0, peer_change_none},
{PEER_FLAG_ROLE, 0, peer_change_reset}, {PEER_FLAG_ROLE, 0, peer_change_none},
{PEER_FLAG_PORT, 0, peer_change_reset}, {PEER_FLAG_PORT, 0, peer_change_reset},
{PEER_FLAG_AIGP, 0, peer_change_none}, {PEER_FLAG_AIGP, 0, peer_change_none},
{PEER_FLAG_GRACEFUL_SHUTDOWN, 0, peer_change_none}, {PEER_FLAG_GRACEFUL_SHUTDOWN, 0, peer_change_none},
@ -5167,7 +5167,6 @@ int peer_role_set(struct peer *peer, uint8_t role, bool strict_mode)
else else
UNSET_FLAG(peer->flags, UNSET_FLAG(peer->flags,
PEER_FLAG_ROLE_STRICT_MODE); PEER_FLAG_ROLE_STRICT_MODE);
bgp_session_reset(peer);
} }
return CMD_SUCCESS; return CMD_SUCCESS;
@ -5212,7 +5211,6 @@ int peer_role_set(struct peer *peer, uint8_t role, bool strict_mode)
UNSET_FLAG(member->flags, UNSET_FLAG(member->flags,
PEER_FLAG_ROLE_STRICT_MODE); PEER_FLAG_ROLE_STRICT_MODE);
} }
bgp_session_reset(member);
} }
} }