proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-09 09:46:54 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: set rpki validation state in vrf table

Browse Source 
Set the RPKI validation state in the VRF BGP table. It allows applying
a route-maps with "match rpki <state>" on a VRF neighbor.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
This commit is contained in:
Philippe Guibert 2020-02-03 13:36:58 +01:00 committed by Louis Scalbert
parent a42d490ac2
commit a54050ae75
1 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
bgpd/bgp_rpki.c
View File

@ -151,7 +151,7 @@ static enum route_map_cmd_result_t route_match(void *rule,
void *object); void *object);
static void *route_match_compile(const char *arg); static void *route_match_compile(const char *arg);
static void revalidate_bgp_node(struct bgp_dest *dest, afi_t afi, safi_t safi); static void revalidate_bgp_node(struct bgp_dest *dest, afi_t afi, safi_t safi);
static void revalidate_all_routes(void); static void revalidate_all_routes(struct rpki_vrf *rpki_vrf);
static bool rpki_debug_conf, rpki_debug_term; static bool rpki_debug_conf, rpki_debug_term;
@ -580,6 +580,7 @@ static void bgpd_sync_callback(struct event *thread)
struct prefix prefix; struct prefix prefix;
struct pfx_record rec; struct pfx_record rec;
struct rpki_vrf *rpki_vrf = EVENT_ARG(thread); struct rpki_vrf *rpki_vrf = EVENT_ARG(thread);
struct vrf *vrf = NULL;
event_add_read(bm->master, bgpd_sync_callback, rpki_vrf, event_add_read(bm->master, bgpd_sync_callback, rpki_vrf,
rpki_vrf->rpki_sync_socket_bgpd, NULL); rpki_vrf->rpki_sync_socket_bgpd, NULL);
@ -592,7 +593,7 @@ static void bgpd_sync_callback(struct event *thread)
atomic_store_explicit(&rpki_vrf->rtr_update_overflow, 0, atomic_store_explicit(&rpki_vrf->rtr_update_overflow, 0,
memory_order_seq_cst); memory_order_seq_cst);
revalidate_all_routes(); revalidate_all_routes(rpki_vrf);
return; return;
} }
@ -606,9 +607,23 @@ static void bgpd_sync_callback(struct event *thread)
afi_t afi = (rec.prefix.ver == LRTR_IPV4) ? AFI_IP : AFI_IP6; afi_t afi = (rec.prefix.ver == LRTR_IPV4) ? AFI_IP : AFI_IP6;
if (rpki_vrf->vrfname) {
vrf = vrf_lookup_by_name(rpki_vrf->vrfname);
if (!vrf) {
zlog_err("%s(): vrf for rpki %s not found", __func__,
rpki_vrf->vrfname);
return;
}
}
for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp)) { for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp)) {
safi_t safi; safi_t safi;
if (!vrf && bgp->vrf_id != VRF_DEFAULT)
continue;
if (vrf && bgp->vrf_id != vrf->vrf_id)
continue;
for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) { for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
struct bgp_table *table = bgp->rib[afi][safi]; struct bgp_table *table = bgp->rib[afi][safi];
struct rpki_revalidate_prefix *rrp; struct rpki_revalidate_prefix *rrp;
@ -674,15 +689,30 @@ static void bgp_rpki_revalidate_peer(struct event *thread)
XFREE(MTYPE_BGP_RPKI_REVALIDATE, rvp); XFREE(MTYPE_BGP_RPKI_REVALIDATE, rvp);
} }
static void revalidate_all_routes(void) static void revalidate_all_routes(struct rpki_vrf *rpki_vrf)
{ {
struct bgp *bgp; struct bgp *bgp;
struct listnode *node; struct listnode *node;
struct vrf *vrf = NULL;
if (rpki_vrf->vrfname) {
vrf = vrf_lookup_by_name(rpki_vrf->vrfname);
if (!vrf) {
zlog_err("%s(): vrf for rpki %s not found", __func__,
rpki_vrf->vrfname);
return;
}
}
for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp)) { for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp)) {
struct peer *peer; struct peer *peer;
struct listnode *peer_listnode; struct listnode *peer_listnode;
if (!vrf && bgp->vrf_id != VRF_DEFAULT)
continue;
if (vrf && bgp->vrf_id != vrf->vrf_id)
continue;
for (ALL_LIST_ELEMENTS_RO(bgp->peer, peer_listnode, peer)) { for (ALL_LIST_ELEMENTS_RO(bgp->peer, peer_listnode, peer)) {
afi_t afi; afi_t afi;
safi_t safi; safi_t safi;