proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-11-01 05:08:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: Allow specification of AS 0 for rpki commands

Browse Source 
RFC-7607 specifically calls out the allowed usage
of AS 0 to signal that the a particular address is
not in use and should be guarded against.  Add
the ability to specify this special AS in the rpki
commands.

eva# show rpki  as-number 0
RPKI/RTR prefix table
Prefix                                   Prefix Length  Origin-AS
2.57.180.0                                  22 -  24   0
2.58.144.0                                  22 -  22   0
2.59.116.0                                  24 -  24   0
4.42.228.0                                  22 -  22   0
5.57.80.0                                   22 -  22   0
<snip>
2a13:df87:b400::                            38 -  38   0
2a13:df84::                                 32 -  32   0
2630::                                      16 -  16   0
Number of IPv4 Prefixes: 1166
Number of IPv6 Prefixes: 617

eva# show rpki prefix 2630::/16 0
Prefix                                   Prefix Length  Origin-AS
2630::                                      16 -  16   0
eva#

Fixes: #15778
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
This commit is contained in:
Donald Sharp 2024-04-17 09:40:00 -04:00
parent 5ef6a2bb54
commit cfee4e3cf5
2 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
bgpd/bgp_rpki.c
View File

@ -2088,16 +2088,18 @@ DEFPY (show_rpki_prefix_table,
DEFPY (show_rpki_as_number,
show_rpki_as_number_cmd,
"show rpki as-number ASNUM$by_asn [vrf NAME$vrfname] [json$uj]",
"show rpki as-number <0$zero|ASNUM$by_asn> [vrf NAME$vrfname] [json$uj]",
SHOW_STR
RPKI_OUTPUT_STRING
"Lookup by ASN in prefix table\n"
"AS Number of 0, see RFC-7607\n"
"AS Number\n"
VRF_CMD_HELP_STR
JSON_STR)
{
struct json_object *json = NULL;
struct rpki_vrf *rpki_vrf;
as_t as;
if (uj)
json = json_object_new_object();
@ -2118,18 +2120,24 @@ DEFPY (show_rpki_as_number,
return CMD_WARNING;
}
print_prefix_table_by_asn(vty, by_asn, rpki_vrf, json);
if (zero)
as = 0;
else
as = by_asn;
print_prefix_table_by_asn(vty, as, rpki_vrf, json);
return CMD_SUCCESS;
}
DEFPY (show_rpki_prefix,
show_rpki_prefix_cmd,
"show rpki prefix <A.B.C.D/M|X:X::X:X/M> [ASNUM$asn] [vrf NAME$vrfname] [json$uj]",
"show rpki prefix <A.B.C.D/M|X:X::X:X/M> [0$zero|ASNUM$asn] [vrf NAME$vrfname] [json$uj]",
SHOW_STR
RPKI_OUTPUT_STRING
"Lookup IP prefix and optionally ASN in prefix table\n"
"IPv4 prefix\n"
"IPv6 prefix\n"
"AS Number of 0, see RFC-7607\n"
"AS Number\n"
VRF_CMD_HELP_STR
JSON_STR)
@ -2138,6 +2146,7 @@ DEFPY (show_rpki_prefix,
json_object *json_records = NULL;
enum asnotation_mode asnotation;
struct rpki_vrf *rpki_vrf;
as_t as;
if (uj)
json = json_object_new_object();
@ -2153,6 +2162,11 @@ DEFPY (show_rpki_prefix,
return CMD_WARNING;
}
if (zero)
as = 0;
else
as = asn;
struct lrtr_ip_addr addr;
char addr_str[INET6_ADDRSTRLEN];
size_t addr_len = strchr(prefix_str, '/') - prefix_str;
@ -2174,7 +2188,7 @@ DEFPY (show_rpki_prefix,
enum pfxv_state result;
if (pfx_table_validate_r(rpki_vrf->rtr_config->pfx_table, &matches,
&match_count, asn, &addr, prefix->prefixlen,
&match_count, as, &addr, prefix->prefixlen,
&result) != PFX_SUCCESS) {
if (json) {
json_object_string_add(json, "error", "Prefix lookup failed.");
@ -2198,7 +2212,7 @@ DEFPY (show_rpki_prefix,
const struct pfx_record *record = &matches[i];
if (record->max_len >= prefix->prefixlen &&
((asn != 0 && (uint32_t)asn == record->asn) || asn == 0)) {
((as != 0 && (uint32_t)as == record->asn) || asn == 0)) {
print_record(&matches[i], vty, json_records,
asnotation);
}

9
doc/user/rpki.rst
View File

@ -215,15 +215,18 @@ Displaying RPKI
Display RPKI configuration state including timers values.
.. clicmd:: show rpki prefix <A.B.C.D/M|X:X::X:X/M> [(1-4294967295)] [vrf NAME] [json]
.. clicmd:: show rpki prefix <A.B.C.D/M|X:X::X:X/M> [ASN] [vrf NAME] [json]
Display validated prefixes received from the cache servers filtered
by the specified prefix.
by the specified prefix. The AS number space has been increased
to allow the choice of using AS 0 because RFC-7607 specifically
calls out the usage of 0 in a special case.
.. clicmd:: show rpki as-number ASN [vrf NAME] [json]
Display validated prefixes received from the cache servers filtered
by ASN.
by ASN. The usage of AS 0 is allowed because RFC-76067 specifically
calls out the usage of 0 in a special case.
.. clicmd:: show rpki prefix-table [vrf NAME] [json]