From c8ded86e9ef9aa4182f2b6f86a1467532e06f29e Mon Sep 17 00:00:00 2001
From: Rafael Zalamena <rzalamena@opensourcerouting.org>
Date: Tue, 10 May 2022 08:23:24 -0300
Subject: [PATCH 1/4] yang,pimd: support shutdown and SA limit

Add MSDP shutdown and SA limiting configuration to YANG model.

(no implementation, just boiler plate code)

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
---
 pimd/pim_nb.c        |  7 +++++++
 pimd/pim_nb.h        |  2 ++
 pimd/pim_nb_config.c | 42 ++++++++++++++++++++++++++++++++++++++++++
 yang/frr-pim.yang    |  6 ++++++
 4 files changed, 57 insertions(+)

diff --git a/pimd/pim_nb.c b/pimd/pim_nb.c
index 4a5ad87942..f030995278 100644
--- a/pimd/pim_nb.c
+++ b/pimd/pim_nb.c
@@ -208,6 +208,13 @@ const struct frr_yang_module_info frr_pim_info = {
 				.destroy = pim_msdp_peer_authentication_key_destroy,
 			}
 		},
+		{
+			.xpath = "/frr-routing:routing/control-plane-protocols/control-plane-protocol/frr-pim:pim/address-family/msdp-peer/sa-limit",
+			.cbs = {
+				.modify = pim_msdp_peer_sa_limit_modify,
+				.destroy = pim_msdp_peer_sa_limit_destroy,
+			}
+		},
 		{
 			.xpath = "/frr-routing:routing/control-plane-protocols/control-plane-protocol/frr-pim:pim/address-family/mlag",
 			.cbs = {
diff --git a/pimd/pim_nb.h b/pimd/pim_nb.h
index a9693c65d8..0c1ce6ab85 100644
--- a/pimd/pim_nb.h
+++ b/pimd/pim_nb.h
@@ -76,6 +76,8 @@ int pim_msdp_peer_sa_filter_out_destroy(struct nb_cb_destroy_args *args);
 int pim_msdp_peer_authentication_type_modify(struct nb_cb_modify_args *args);
 int pim_msdp_peer_authentication_key_modify(struct nb_cb_modify_args *args);
 int pim_msdp_peer_authentication_key_destroy(struct nb_cb_destroy_args *args);
+int pim_msdp_peer_sa_limit_modify(struct nb_cb_modify_args *args);
+int pim_msdp_peer_sa_limit_destroy(struct nb_cb_destroy_args *args);
 int routing_control_plane_protocols_control_plane_protocol_pim_address_family_mlag_create(
 	struct nb_cb_create_args *args);
 int routing_control_plane_protocols_control_plane_protocol_pim_address_family_mlag_destroy(
diff --git a/pimd/pim_nb_config.c b/pimd/pim_nb_config.c
index 171614208f..b563bf5a30 100644
--- a/pimd/pim_nb_config.c
+++ b/pimd/pim_nb_config.c
@@ -1579,6 +1579,48 @@ int pim_msdp_peer_sa_filter_out_destroy(struct nb_cb_destroy_args *args)
 	return NB_OK;
 }
 
+/*
+ * XPath:
+ * /frr-routing:routing/control-plane-protocols/control-plane-protocol/frr-pim:pim/address-family/msdp-peer/sa-limit
+ */
+int pim_msdp_peer_sa_limit_modify(struct nb_cb_modify_args *args)
+{
+	struct pim_msdp_peer *mp;
+
+	switch (args->event) {
+	case NB_EV_VALIDATE:
+	case NB_EV_PREPARE:
+	case NB_EV_ABORT:
+		/* NOTHING */
+		break;
+	case NB_EV_APPLY:
+		mp = nb_running_get_entry(args->dnode, NULL, true);
+		/* TODO: apply limitation. */
+		break;
+	}
+
+	return NB_OK;
+}
+
+int pim_msdp_peer_sa_limit_destroy(struct nb_cb_destroy_args *args)
+{
+	struct pim_msdp_peer *mp;
+
+	switch (args->event) {
+	case NB_EV_VALIDATE:
+	case NB_EV_PREPARE:
+	case NB_EV_ABORT:
+		/* NOTHING */
+		break;
+	case NB_EV_APPLY:
+		mp = nb_running_get_entry(args->dnode, NULL, true);
+		/* TODO: remove limitation. */
+		break;
+	}
+
+	return NB_OK;
+}
+
 /*
  * XPath: /frr-routing:routing/control-plane-protocols/control-plane-protocol/frr-pim:pim/address-family/mlag
  */
diff --git a/yang/frr-pim.yang b/yang/frr-pim.yang
index 33602fd29e..3343ed84b7 100644
--- a/yang/frr-pim.yang
+++ b/yang/frr-pim.yang
@@ -337,6 +337,12 @@ module frr-pim {
       }
 
       uses msdp-authentication;
+
+      leaf sa-limit {
+        type uint32;
+        description
+          "Peer SA maximum limit.";
+      }
     }
 
     container mlag {

From a38ed18a4ed77a31584f2692da6f40fb53cd47fe Mon Sep 17 00:00:00 2001
From: Rafael Zalamena <rzalamena@opensourcerouting.org>
Date: Tue, 10 May 2022 08:23:40 -0300
Subject: [PATCH 2/4] pimd: implement MSDP peer SA limiting

Implement a command to enable/disable per peer MSDP SA limiting.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
---
 pimd/pim_cmd.c       | 24 ++++++++++++++++++++++++
 pimd/pim_msdp.c      | 12 ++++++++++++
 pimd/pim_msdp.h      |  3 +++
 pimd/pim_nb_config.c |  4 ++--
 4 files changed, 41 insertions(+), 2 deletions(-)

diff --git a/pimd/pim_cmd.c b/pimd/pim_cmd.c
index f4c25ea81e..c2d88f400e 100644
--- a/pimd/pim_cmd.c
+++ b/pimd/pim_cmd.c
@@ -7578,6 +7578,29 @@ DEFPY(msdp_shutdown,
 	return nb_cli_apply_changes(vty, NULL);
 }
 
+DEFPY(msdp_peer_sa_limit, msdp_peer_sa_limit_cmd,
+      "[no] msdp peer A.B.C.D$peer sa-limit ![(1-4294967294)$sa_limit]",
+      NO_STR
+      CFG_MSDP_STR
+      "Configure MSDP peer\n"
+      "MSDP peer address\n"
+      "Limit amount of SA\n"
+      "Maximum number of SA\n")
+{
+	const struct lyd_node *peer_node;
+	char xpath[XPATH_MAXLEN + 24];
+
+	snprintf(xpath, sizeof(xpath), "%s/msdp-peer[peer-ip='%s']", VTY_CURR_XPATH, peer_str);
+	peer_node = yang_dnode_get(vty->candidate_config->dnode, xpath);
+	if (peer_node == NULL) {
+		vty_out(vty, "%% MSDP peer %s not yet configured\n", peer_str);
+		return CMD_SUCCESS;
+	}
+
+	nb_cli_enqueue_change(vty, "./sa-limit", NB_OP_MODIFY, sa_limit_str);
+	return nb_cli_apply_changes(vty, "%s", xpath);
+}
+
 static void ip_msdp_show_mesh_group(struct vty *vty, struct pim_msdp_mg *mg,
 				    struct json_object *json)
 {
@@ -8973,6 +8996,7 @@ void pim_cmd_init(void)
 	install_element(PIM_NODE, &msdp_log_neighbor_changes_cmd);
 	install_element(PIM_NODE, &msdp_log_sa_changes_cmd);
 	install_element(PIM_NODE, &msdp_shutdown_cmd);
+	install_element(PIM_NODE, &msdp_peer_sa_limit_cmd);
 
 	install_element(PIM_NODE, &pim_bsr_candidate_rp_cmd);
 	install_element(PIM_NODE, &pim_bsr_candidate_rp_group_cmd);
diff --git a/pimd/pim_msdp.c b/pimd/pim_msdp.c
index ae887b2482..bd86ca502d 100644
--- a/pimd/pim_msdp.c
+++ b/pimd/pim_msdp.c
@@ -359,6 +359,15 @@ void pim_msdp_sa_ref(struct pim_instance *pim, struct pim_msdp_peer *mp,
 	struct rp_info *rp_info;
 	struct prefix grp;
 
+	/* Check peer SA limit. */
+	if (mp && mp->sa_limit && mp->sa_cnt >= mp->sa_limit) {
+		if (pim_msdp_log_sa_events(pim))
+			zlog_debug("MSDP peer %pI4 reject SA (%pI4, %pI4): SA limit %u of %u",
+				   &mp->peer, &sg->src, &sg->grp, mp->sa_cnt, mp->sa_limit);
+
+		return;
+	}
+
 	sa = pim_msdp_sa_add(pim, sg, rp);
 	if (!sa) {
 		return;
@@ -1316,6 +1325,9 @@ bool pim_msdp_peer_config_write(struct vty *vty, struct pim_instance *pim)
 			vty_out(vty, " msdp peer %pI4 sa-filter %s out\n",
 				&mp->peer, mp->acl_out);
 
+		if (mp->sa_limit)
+			vty_out(vty, " msdp peer %pI4 sa-limit %u\n", &mp->peer, mp->sa_limit);
+
 		written = true;
 	}
 
diff --git a/pimd/pim_msdp.h b/pimd/pim_msdp.h
index d0aa83d997..15ed685b3c 100644
--- a/pimd/pim_msdp.h
+++ b/pimd/pim_msdp.h
@@ -152,6 +152,9 @@ struct pim_msdp_peer {
 	char *acl_in;
 	/** SA output access list name. */
 	char *acl_out;
+
+	/** SA maximum amount. */
+	uint32_t sa_limit;
 };
 
 struct pim_msdp_mg_mbr {
diff --git a/pimd/pim_nb_config.c b/pimd/pim_nb_config.c
index b563bf5a30..fbba045982 100644
--- a/pimd/pim_nb_config.c
+++ b/pimd/pim_nb_config.c
@@ -1595,7 +1595,7 @@ int pim_msdp_peer_sa_limit_modify(struct nb_cb_modify_args *args)
 		break;
 	case NB_EV_APPLY:
 		mp = nb_running_get_entry(args->dnode, NULL, true);
-		/* TODO: apply limitation. */
+		mp->sa_limit = yang_dnode_get_uint32(args->dnode, NULL);
 		break;
 	}
 
@@ -1614,7 +1614,7 @@ int pim_msdp_peer_sa_limit_destroy(struct nb_cb_destroy_args *args)
 		break;
 	case NB_EV_APPLY:
 		mp = nb_running_get_entry(args->dnode, NULL, true);
-		/* TODO: remove limitation. */
+		mp->sa_limit = 0;
 		break;
 	}
 

From 0d904c28c3b7c509454e63e002e35074f563ceb0 Mon Sep 17 00:00:00 2001
From: Rafael Zalamena <rzalamena@opensourcerouting.org>
Date: Tue, 26 Nov 2024 11:13:47 -0300
Subject: [PATCH 3/4] topotests: test new MSDP SA limit feature

Test that only the limit amount of SAs is learned from the peer.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
---
 tests/topotests/msdp_topo1/test_msdp_topo1.py | 36 +++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/tests/topotests/msdp_topo1/test_msdp_topo1.py b/tests/topotests/msdp_topo1/test_msdp_topo1.py
index 8c25eeca06..5143ef67a5 100755
--- a/tests/topotests/msdp_topo1/test_msdp_topo1.py
+++ b/tests/topotests/msdp_topo1/test_msdp_topo1.py
@@ -511,6 +511,42 @@ def test_msdp_sa_filter():
     assert val is None, "multicast route convergence failure"
 
 
+def test_msdp_sa_limit():
+    "Test MSDP SA limiting."
+
+    tgen = get_topogen()
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    tgen.gears["r4"].vtysh_cmd(
+        """
+    configure terminal
+    router pim
+     msdp log sa-events
+     msdp peer 192.168.2.1 sa-limit 4
+     msdp peer 192.168.3.1 sa-limit 4
+    """
+    )
+
+    # Flow from r1 -> r4
+    for multicast_address in [
+        "229.1.2.10",
+        "229.1.2.11",
+        "229.1.2.12",
+        "229.1.2.13",
+        "229.1.2.14",
+    ]:
+        app_helper.run("h1", [multicast_address, "h1-eth0"])
+        app_helper.run("h2", ["--send=0.7", multicast_address, "h2-eth0"])
+
+    def test_sa_limit_log():
+        r4_log = tgen.gears["r4"].net.getLog("log", "pimd")
+        return re.search(r"MSDP peer .+ reject SA (.+, .+): SA limit \d+ of 4", r4_log)
+
+    _, val = topotest.run_and_expect(test_sa_limit_log, None, count=30, wait=1)
+    assert val is None, "SA limit check failed"
+
+
 def test_msdp_log_events():
     "Test that the enabled logs are working as expected."
 

From 98c68a37d8e73e5c832548af0646de22b9fe002e Mon Sep 17 00:00:00 2001
From: Rafael Zalamena <rzalamena@opensourcerouting.org>
Date: Tue, 26 Nov 2024 11:26:43 -0300
Subject: [PATCH 4/4] doc: document new SA limit command

Let user know about the new MSDP SA limit command.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
---
 doc/user/pim.rst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/user/pim.rst b/doc/user/pim.rst
index 05418da5a9..6c188a48b6 100644
--- a/doc/user/pim.rst
+++ b/doc/user/pim.rst
@@ -467,6 +467,10 @@ Commands available for MSDP
       The filtering will only take effect starting from the command
       application.
 
+.. clicmd:: msdp peer A.B.C.D sa-limit <AMOUNT>
+
+   Configure the maximum number of SAs to learn from peer.
+
 .. clicmd:: msdp peer A.B.C.D password WORD
 
    Use MD5 authentication to connect with the remote peer.