proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-04 22:14:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: Respect BLACKHOLE community for internal BGP peering also

Browse Source 
rfc7999 does not define to use this technique ONLY for EBGP sessions.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
This commit is contained in:
Donatas Abraitis 2024-08-27 10:08:54 +03:00
parent ab2fd988c9
commit 7a461479a0
2 changed files with 15 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
bgpd/bgp_route.c
View File

@ -4793,22 +4793,21 @@ void bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id,
false);
}
/* rfc7999:
* A BGP speaker receiving an announcement tagged with the
* BLACKHOLE community SHOULD add the NO_ADVERTISE or
* NO_EXPORT community as defined in RFC1997, or a
* similar community, to prevent propagation of the
* prefix outside the local AS. The community to prevent
* propagation SHOULD be chosen according to the operator's
* routing policy.
*/
if (bgp_attr_get_community(&new_attr) &&
community_include(bgp_attr_get_community(&new_attr),
COMMUNITY_BLACKHOLE))
bgp_attr_add_no_export_community(&new_attr);
if (peer->sort == BGP_PEER_EBGP) {
/* rfc7999:
* A BGP speaker receiving an announcement tagged with the
* BLACKHOLE community SHOULD add the NO_ADVERTISE or
* NO_EXPORT community as defined in RFC1997, or a
* similar community, to prevent propagation of the
* prefix outside the local AS. The community to prevent
* propagation SHOULD be chosen according to the operator's
* routing policy.
*/
if (bgp_attr_get_community(&new_attr) &&
community_include(bgp_attr_get_community(&new_attr),
COMMUNITY_BLACKHOLE))
bgp_attr_add_no_export_community(&new_attr);
/* If we receive the graceful-shutdown community from an eBGP
* peer we must lower local-preference */
if (bgp_attr_get_community(&new_attr) &&

2
doc/user/bgp.rst
View File

@ -2482,7 +2482,7 @@ is 4 octet long. The following format is used to define the community value.
``blackhole``
``blackhole`` represents well-known communities value ``BLACKHOLE``
``0xFFFF029A`` ``65535:666``. :rfc:`7999` documents sending prefixes to
EBGP peers and upstream for the purpose of blackholing traffic.
peers and upstream for the purpose of blackholing traffic.
Prefixes tagged with the this community should normally not be
re-advertised from neighbors of the originating network. Upon receiving
``BLACKHOLE`` community from a BGP speaker, ``NO_ADVERTISE`` community