bgpd: Allow sending Origin Validation State extended community over EBGP-OAD

https://datatracker.ietf.org/doc/html/draft-uttaro-idr-bgp-oad#section-3.13

Extended communities which are non-transitive across an AS boundary MAY be
advertised over an EBGP-OAD session if allowed by explicit policy configuration.

If allowed, all the members of the OAD SHOULD be configured to use the same
criteria.

For example, the Origin Validation State Extended Community, defined as
non-transitive in [RFC8097], can be advertised to peers in the same OAD.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>

diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index d6aa41bd36fa0a232a69873023f4e94c85d73306..e1387b032181c5b3d26be776982bba7f50c72460 100644 (file)
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -2661,8 +2661,12 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi,
 
        /* If this is an iBGP, send Origin Validation State (OVS)
         * extended community (rfc8097).
+        * draft-uttaro-idr-bgp-oad states:
+        *   For example, the Origin Validation State Extended Community,
+        *   defined as non-transitive in [RFC8097], can be advertised to
+        *   peers in the same OAD.
         */
-       if (peer->sort == BGP_PEER_IBGP) {
+       if (peer->sort == BGP_PEER_IBGP || peer->sub_sort == BGP_PEER_EBGP_OAD) {
                enum rpki_states rpki_state = RPKI_NOT_BEING_USED;
 
                rpki_state = hook_call(bgp_rpki_prefix_status, peer, attr, p);