summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2009-03-22 22:35:01 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2009-03-22 22:35:01 +0000
commitec190bbf9f695c6eea05e314791affc4944a59d7 (patch)
tree65c618e2e9bd83fc4dc8729e992844b037f70c3e
parentbd49eb030790b0ecaed931e7e76cb7ca7bcdd22a (diff)
make transparent-as yes|no settable peer neighbor with the global setting
acting as default. per-neighbor requested by arnold nipper @ decix, ok claudio
-rw-r--r--usr.sbin/bgpd/bgpd.conf.516
-rw-r--r--usr.sbin/bgpd/bgpd.h4
-rw-r--r--usr.sbin/bgpd/parse.y9
-rw-r--r--usr.sbin/bgpd/printconf.c7
-rw-r--r--usr.sbin/bgpd/rde_update.c6
5 files changed, 31 insertions, 11 deletions
diff --git a/usr.sbin/bgpd/bgpd.conf.5 b/usr.sbin/bgpd/bgpd.conf.5
index be34b4a2d8c..d3c8e207c40 100644
--- a/usr.sbin/bgpd/bgpd.conf.5
+++ b/usr.sbin/bgpd/bgpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: bgpd.conf.5,v 1.90 2008/12/19 18:58:12 henning Exp $
+.\" $OpenBSD: bgpd.conf.5,v 1.91 2009/03/22 22:34:59 henning Exp $
.\"
.\" Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
.\" Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -16,7 +16,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: December 19 2008 $
+.Dd $Mdocdate: March 22 2009 $
.Dt BGPD.CONF 5
.Os
.Sh NAME
@@ -728,6 +728,18 @@ tcp md5sig key deadbeef
.Ed
.Pp
.It Xo
+.Ic transparent-as
+.Pq Ic yes Ns \&| Ns Ic no
+.Xc
+If set to
+.Ic yes ,
+.Em AS paths
+to EBGP neighbors are not prepended with their own AS.
+The default is inherited from the global
+.Ic transparent-as
+setting.
+.Pp
+.It Xo
.Ic ttl-security
.Pq Ic yes Ns \&| Ns Ic no
.Xc
diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h
index d4abf4b1e3c..9e3aa49c8ad 100644
--- a/usr.sbin/bgpd/bgpd.h
+++ b/usr.sbin/bgpd/bgpd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: bgpd.h,v 1.226 2009/03/18 19:41:41 claudio Exp $ */
+/* $OpenBSD: bgpd.h,v 1.227 2009/03/22 22:34:59 henning Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -262,6 +262,8 @@ struct peer_config {
u_int8_t softreconfig_in;
u_int8_t softreconfig_out;
u_int8_t ttlsec; /* TTL security hack */
+ u_int8_t flags;
+ u_int8_t pad[3];
};
struct network_config {
diff --git a/usr.sbin/bgpd/parse.y b/usr.sbin/bgpd/parse.y
index ebebd8613df..6caf37d248d 100644
--- a/usr.sbin/bgpd/parse.y
+++ b/usr.sbin/bgpd/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.220 2009/03/18 19:41:41 claudio Exp $ */
+/* $OpenBSD: parse.y,v 1.221 2009/03/22 22:34:59 henning Exp $ */
/*
* Copyright (c) 2002, 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -1058,6 +1058,12 @@ peeropts : REMOTEAS as4number {
else
curpeer->conf.softreconfig_out = $3;
}
+ | TRANSPARENT yesno {
+ if ($2 == 1)
+ curpeer->conf.flags |= BGPD_FLAG_DECISION_TRANS_AS;
+ else
+ curpeer->conf.flags &= ~BGPD_FLAG_DECISION_TRANS_AS;
+ }
;
restart : /* nada */ { $$ = 0; }
@@ -2482,6 +2488,7 @@ new_peer(void)
p->conf.local_short_as = curgroup->conf.local_short_as;
}
p->next = NULL;
+ p->conf.flags = (conf->flags & BGPD_FLAG_DECISION_TRANS_AS);
return (p);
}
diff --git a/usr.sbin/bgpd/printconf.c b/usr.sbin/bgpd/printconf.c
index 005e722905e..b444b69c736 100644
--- a/usr.sbin/bgpd/printconf.c
+++ b/usr.sbin/bgpd/printconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: printconf.c,v 1.65 2007/11/22 11:37:25 henning Exp $ */
+/* $OpenBSD: printconf.c,v 1.66 2009/03/22 22:35:00 henning Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -200,9 +200,6 @@ print_mainconf(struct bgpd_config *conf)
if (conf->flags & BGPD_FLAG_DECISION_MED_ALWAYS)
printf("rde med compare always\n");
- if (conf->flags & BGPD_FLAG_DECISION_TRANS_AS)
- printf("transparent-as yes\n");
-
if (conf->log & BGPD_LOG_UPDATES)
printf("log updates\n");
@@ -320,6 +317,8 @@ print_peer(struct peer_config *p, struct bgpd_config *conf, const char *c)
printf("%s\tdemote %s\n", c, p->demote_group);
if (p->if_depend[0])
printf("%s\tdepend on \"%s\"\n", c, p->if_depend);
+ if (p->flags & BGPD_FLAG_DECISION_TRANS_AS)
+ printf("%s\ttransparent-as yes\n", c);
if (p->auth.method == AUTH_MD5SIG)
printf("%s\ttcp md5sig\n", c);
diff --git a/usr.sbin/bgpd/rde_update.c b/usr.sbin/bgpd/rde_update.c
index 157dbc57941..bebfcff1a94 100644
--- a/usr.sbin/bgpd/rde_update.c
+++ b/usr.sbin/bgpd/rde_update.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rde_update.c,v 1.65 2009/03/13 04:18:12 claudio Exp $ */
+/* $OpenBSD: rde_update.c,v 1.66 2009/03/22 22:35:00 henning Exp $ */
/*
* Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
@@ -629,7 +629,7 @@ up_generate_attr(struct rde_peer *peer, struct update_attr *upa,
/* aspath */
if (!peer->conf.ebgp ||
- rde_decisionflags() & BGPD_FLAG_DECISION_TRANS_AS)
+ peer->conf.flags & BGPD_FLAG_DECISION_TRANS_AS)
pdata = aspath_prepend(a->aspath, rde_local_as(), 0, &plen);
else
pdata = aspath_prepend(a->aspath, rde_local_as(), 1, &plen);
@@ -762,7 +762,7 @@ up_generate_attr(struct rde_peer *peer, struct update_attr *upa,
/* NEW to OLD conversion when going sending stuff to a 2byte AS peer */
if (neednewpath) {
if (!peer->conf.ebgp ||
- rde_decisionflags() & BGPD_FLAG_DECISION_TRANS_AS)
+ peer->conf.flags & BGPD_FLAG_DECISION_TRANS_AS)
pdata = aspath_prepend(a->aspath, rde_local_as(), 0,
&plen);
else