From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Thu, 11 Jan 2024 09:18:14 +0000 (+0200)
Subject: bgpd: Allow sending Origin Validation State extended community over EBGP-OAD
X-Git-Tag: base_10.0~132^2
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=a56beac98bf1c7660ad8ea3066b37e712302ba4b;p=matthieu%2Ffrr.git

bgpd: Allow sending Origin Validation State extended community over EBGP-OAD

https://datatracker.ietf.org/doc/html/draft-uttaro-idr-bgp-oad#section-3.13

Extended communities which are non-transitive across an AS boundary MAY be
advertised over an EBGP-OAD session if allowed by explicit policy configuration.

If allowed, all the members of the OAD SHOULD be configured to use the same
criteria.

For example, the Origin Validation State Extended Community, defined as
non-transitive in [RFC8097], can be advertised to peers in the same OAD.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
---

diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index d6aa41bd36..e1387b0321 100644
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -2661,8 +2661,12 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi,
 
 	/* If this is an iBGP, send Origin Validation State (OVS)
 	 * extended community (rfc8097).
+	 * draft-uttaro-idr-bgp-oad states:
+	 *   For example, the Origin Validation State Extended Community,
+	 *   defined as non-transitive in [RFC8097], can be advertised to
+	 *   peers in the same OAD.
 	 */
-	if (peer->sort == BGP_PEER_IBGP) {
+	if (peer->sort == BGP_PEER_IBGP || peer->sub_sort == BGP_PEER_EBGP_OAD) {
 		enum rpki_states rpki_state = RPKI_NOT_BEING_USED;
 
 		rpki_state = hook_call(bgp_rpki_prefix_status, peer, attr, p);