bgpd: Disable sending ROV extended community by default

https://datatracker.ietf.org/doc/html/rfc8097 defines ROV extended community,
but https://datatracker.ietf.org/doc/draft-ietf-sidrops-avoid-rpki-state-in-bgp
is against sending it by default even for iBGP peers.

Let's do this practice and reverse it.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>

diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
index f4426a5a681d1f4e875182a231d29b0646fefa13..cba1cdaf1a917e9c66a782de27534f33002a0db8 100644 (file)
--- a/bgpd/bgp_vty.c
+++ b/bgpd/bgp_vty.c
@@ -19132,9 +19132,7 @@ static void bgp_config_write_peer_af(struct vty *vty, struct bgp *bgp,
 
                if (peergroup_af_flag_check(peer, afi, safi,
                                            PEER_FLAG_SEND_EXT_COMMUNITY_RPKI))
-                       vty_out(vty,
-                               "  no neighbor %s send-community extended rpki\n",
-                               addr);
+                       vty_out(vty, "  neighbor %s send-community extended rpki\n", addr);
        }
 
        /* Default information */

diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
index aa2bd5c3719c7b56d380f2221ca07827e826711c..01a12337eaaf8a143d9fdaa7beca2b118c489356 100644 (file)
--- a/bgpd/bgpd.c
+++ b/bgpd/bgpd.c
@@ -1565,19 +1565,13 @@ struct peer *peer_new(struct bgp *bgp)
        /* Set default flags. */
        FOREACH_AFI_SAFI (afi, safi) {
                SET_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_COMMUNITY);
-               SET_FLAG(peer->af_flags[afi][safi],
-                        PEER_FLAG_SEND_EXT_COMMUNITY);
-               SET_FLAG(peer->af_flags[afi][safi],
-                        PEER_FLAG_SEND_EXT_COMMUNITY_RPKI);
+               SET_FLAG(peer->af_flags[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY);
                SET_FLAG(peer->af_flags[afi][safi],
                         PEER_FLAG_SEND_LARGE_COMMUNITY);
 
                SET_FLAG(peer->af_flags_invert[afi][safi],
                         PEER_FLAG_SEND_COMMUNITY);
-               SET_FLAG(peer->af_flags_invert[afi][safi],
-                        PEER_FLAG_SEND_EXT_COMMUNITY);
-               SET_FLAG(peer->af_flags_invert[afi][safi],
-                        PEER_FLAG_SEND_EXT_COMMUNITY_RPKI);
+               SET_FLAG(peer->af_flags_invert[afi][safi], PEER_FLAG_SEND_EXT_COMMUNITY);
                SET_FLAG(peer->af_flags_invert[afi][safi],
                         PEER_FLAG_SEND_LARGE_COMMUNITY);
                peer->addpath_type[afi][safi] = BGP_ADDPATH_NONE;

diff --git a/doc/user/bgp.rst b/doc/user/bgp.rst
index 0c7fcecb9b9684abeb885952d1cd8026cd954d08..c0db7f2b875fae857d95a31200ab3910d6a2a87b 100644 (file)
--- a/doc/user/bgp.rst
+++ b/doc/user/bgp.rst
@@ -1803,7 +1803,7 @@ Configuring Peers
    Send the extended RPKI communities to the peer. RPKI extended community
    can be send only to iBGP and eBGP-OAD peers.
 
-   Default: enabled.
+   Default: disabled.
 
 .. clicmd:: neighbor PEER weight WEIGHT
 

diff --git a/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf b/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf
index 4de177dc25869895d59b8dac7a183c593d6d67b1..e5dc7f65f93b79e0c4986fcc379668c9416ce1c3 100644 (file)
--- a/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf
+++ b/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf
@@ -9,6 +9,7 @@ router bgp 65002
  neighbor 192.168.4.4 timers connect 1
  address-family ipv4 unicast
   neighbor 192.168.4.4 next-hop-self
+  neighbor 192.168.4.4 send-community extended rpki
  exit-address-family
 !
 router bgp 65002 vrf vrf10