From 6784254120e96f9239e4d10730ffb398cd2849e2 Mon Sep 17 00:00:00 2001 From: Claudio Jeker Date: Mon, 13 Mar 2023 16:52:43 +0000 Subject: Add F_CTL_LEAKED and F_CTL_INELIGIBLE flags for bgpctl to show leaked and ineligible paths. While there rename F_PREF_OTC_LOOP to F_PREF_OTC_LEAK since this indicates that a route leak was detected. OK tb@ --- usr.sbin/bgpd/bgpd.h | 20 +++++++++++--------- usr.sbin/bgpd/rde.c | 17 +++++++++++------ usr.sbin/bgpd/rde.h | 4 ++-- usr.sbin/bgpd/rde_decide.c | 4 ++-- usr.sbin/bgpd/rde_update.c | 4 ++-- 5 files changed, 28 insertions(+), 21 deletions(-) (limited to 'usr.sbin') diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h index dc65a2bc082..02c70720ddf 100644 --- a/usr.sbin/bgpd/bgpd.h +++ b/usr.sbin/bgpd/bgpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bgpd.h,v 1.464 2023/03/10 07:57:15 claudio Exp $ */ +/* $OpenBSD: bgpd.h,v 1.465 2023/03/13 16:52:41 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -83,20 +83,22 @@ #define F_MPLS 0x0080 #define F_LONGER 0x0200 #define F_SHORTER 0x0400 -#define F_CTL_DETAIL 0x1000 /* only set on requests */ -#define F_CTL_ADJ_IN 0x2000 /* only set on requests */ -#define F_CTL_ADJ_OUT 0x4000 /* only set on requests */ +#define F_CTL_DETAIL 0x1000 /* only set on requests */ +#define F_CTL_ADJ_IN 0x2000 /* only set on requests */ +#define F_CTL_ADJ_OUT 0x4000 /* only set on requests */ #define F_CTL_BEST 0x8000 -#define F_CTL_SSV 0x20000 /* only used by bgpctl */ -#define F_CTL_INVALID 0x40000 /* only set on requests */ +#define F_CTL_INELIGIBLE 0x10000 /* only set on requests */ +#define F_CTL_LEAKED 0x20000 /* only set on requests */ +#define F_CTL_INVALID 0x40000 /* only set on requests */ #define F_CTL_OVS_VALID 0x80000 #define F_CTL_OVS_INVALID 0x100000 #define F_CTL_OVS_NOTFOUND 0x200000 -#define F_CTL_NEIGHBORS 0x400000 /* only used by bgpctl */ -#define F_CTL_HAS_PATHID 0x800000 /* only set on requests */ +#define F_CTL_NEIGHBORS 0x400000 /* only used by bgpctl */ +#define F_CTL_HAS_PATHID 0x800000 /* only set on requests */ #define F_CTL_AVS_VALID 0x1000000 #define F_CTL_AVS_INVALID 0x2000000 #define F_CTL_AVS_UNKNOWN 0x4000000 +#define F_CTL_SSV 0x80000000 /* only used by bgpctl */ #define CTASSERT(x) extern char _ctassert[(x) ? 1 : -1 ] \ __attribute__((__unused__)) @@ -837,7 +839,7 @@ struct ctl_neighbor { #define F_PREF_STALE 0x010 #define F_PREF_INVALID 0x020 #define F_PREF_PATH_ID 0x040 -#define F_PREF_OTC_LOOP 0x080 +#define F_PREF_OTC_LEAK 0x080 #define F_PREF_ECMP 0x100 #define F_PREF_AS_WIDE 0x200 diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 64153f87c49..deee26eb73e 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.595 2023/03/10 07:57:15 claudio Exp $ */ +/* $OpenBSD: rde.c,v 1.596 2023/03/13 16:52:42 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -1608,7 +1608,7 @@ rde_update_dispatch(struct rde_peer *peer, struct imsg *imsg) } } else { /* Only IPv4 and IPv6 unicast do OTC handling */ - state.aspath.flags &= ~F_ATTR_OTC_LOOP; + state.aspath.flags &= ~F_ATTR_OTC_LEAK; } /* unlock the previously locked nexthop, it is no longer used */ @@ -2194,13 +2194,13 @@ bad_flags: switch (peer->role) { case ROLE_PROVIDER: case ROLE_RS: - a->flags |= F_ATTR_OTC_LOOP; + a->flags |= F_ATTR_OTC_LEAK; break; case ROLE_PEER: memcpy(&tmp32, p, sizeof(tmp32)); tmp32 = ntohl(tmp32); if (tmp32 != peer->conf.remote_as) - a->flags |= F_ATTR_OTC_LOOP; + a->flags |= F_ATTR_OTC_LEAK; break; default: break; @@ -2678,8 +2678,8 @@ rde_dump_rib_as(struct prefix *p, struct rde_aspath *asp, pid_t pid, int flags, if (prefix_eligible(p)) rib.flags |= F_PREF_ELIGIBLE; /* otc loop includes parse err so skip the latter if the first is set */ - if (asp->flags & F_ATTR_OTC_LOOP) - rib.flags |= F_PREF_OTC_LOOP; + if (asp->flags & F_ATTR_OTC_LEAK) + rib.flags |= F_PREF_OTC_LEAK; else if (asp->flags & F_ATTR_PARSE_ERR) rib.flags |= F_PREF_INVALID; staletime = peer->staletime[p->pt->aid]; @@ -2773,6 +2773,11 @@ rde_dump_filter(struct prefix *p, struct ctl_show_rib_request *req, int adjout) if ((req->flags & F_CTL_INVALID) && (asp->flags & F_ATTR_PARSE_ERR) == 0) return; + if ((req->flags & F_CTL_INELIGIBLE) && prefix_eligible(p)) + return; + if ((req->flags & F_CTL_LEAKED) && + (asp->flags & F_ATTR_OTC_LEAK) == 0) + return; if ((req->flags & F_CTL_HAS_PATHID)) { /* Match against the transmit path id if adjout is used. */ if (adjout) { diff --git a/usr.sbin/bgpd/rde.h b/usr.sbin/bgpd/rde.h index e37007e2e45..f6c315404b6 100644 --- a/usr.sbin/bgpd/rde.h +++ b/usr.sbin/bgpd/rde.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.h,v 1.285 2023/03/10 07:57:15 claudio Exp $ */ +/* $OpenBSD: rde.h,v 1.286 2023/03/13 16:52:42 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Claudio Jeker and @@ -203,7 +203,7 @@ struct rde_community { #define F_PREFIX_ANNOUNCED 0x00400 #define F_ANN_DYNAMIC 0x00800 #define F_ATTR_OTC 0x01000 /* OTC present */ -#define F_ATTR_OTC_LOOP 0x02000 /* otc loop, not eligible */ +#define F_ATTR_OTC_LEAK 0x02000 /* otc leak, not eligible */ #define F_ATTR_PARSE_ERR 0x10000 /* parse error, not eligible */ #define F_ATTR_LINKED 0x20000 /* if set path is on various lists */ diff --git a/usr.sbin/bgpd/rde_decide.c b/usr.sbin/bgpd/rde_decide.c index 4313be095c9..cf752b4adb5 100644 --- a/usr.sbin/bgpd/rde_decide.c +++ b/usr.sbin/bgpd/rde_decide.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_decide.c,v 1.100 2023/03/09 13:12:19 claudio Exp $ */ +/* $OpenBSD: rde_decide.c,v 1.101 2023/03/13 16:52:42 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Claudio Jeker @@ -488,7 +488,7 @@ prefix_eligible(struct prefix *p) /* The aspath needs to be loop and error free */ if (asp == NULL || - asp->flags & (F_ATTR_LOOP|F_ATTR_OTC_LOOP|F_ATTR_PARSE_ERR)) + asp->flags & (F_ATTR_LOOP|F_ATTR_OTC_LEAK|F_ATTR_PARSE_ERR)) return 0; /* The nexthop must be valid. */ diff --git a/usr.sbin/bgpd/rde_update.c b/usr.sbin/bgpd/rde_update.c index 4276c3680bb..dba64a1b374 100644 --- a/usr.sbin/bgpd/rde_update.c +++ b/usr.sbin/bgpd/rde_update.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde_update.c,v 1.158 2023/03/10 07:57:16 claudio Exp $ */ +/* $OpenBSD: rde_update.c,v 1.159 2023/03/13 16:52:42 claudio Exp $ */ /* * Copyright (c) 2004 Claudio Jeker @@ -66,7 +66,7 @@ up_test_update(struct rde_peer *peer, struct prefix *p) if (asp == NULL || asp->flags & F_ATTR_PARSE_ERR) fatalx("try to send out a botched path"); - if (asp->flags & (F_ATTR_LOOP | F_ATTR_OTC_LOOP)) + if (asp->flags & (F_ATTR_LOOP | F_ATTR_OTC_LEAK)) fatalx("try to send out a looped path"); if (peer == frompeer) -- cgit v1.2.3