From: Mark Stapp Date: Thu, 20 Oct 2022 20:47:12 +0000 (-0400) Subject: bgpd: fix config of allowas_in; add to show output X-Git-Tag: base_8.5~308^2 X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=refs%2Fpull%2F12187%2Fhead;p=mirror%2Ffrr.git bgpd: fix config of allowas_in; add to show output Ensure that un-configuring allowas-in for a peer or group clears the related flags and integer value. Tighten the use of the integer counter so that it's only used when the config flag is set. Add show output if allowas-in is enabled. Signed-off-by: Mark Stapp --- diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index f6b6cb93db..38332bd6fd 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -4000,6 +4000,7 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id, bool force_evpn_import = false; safi_t orig_safi = safi; bool leak_success = true; + int allowas_in = 0; if (frrtrace_enabled(frr_bgp, process_update)) { char pfxprint[PREFIX2STR_BUFFER]; @@ -4045,6 +4046,10 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id, && peer != bgp->peer_self) bgp_adj_in_set(dest, peer, attr, addpath_id); + /* Update permitted loop count */ + if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ALLOWAS_IN)) + allowas_in = peer->allowas_in[afi][safi]; + /* Check previously received route. */ for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next) if (pi->peer == peer && pi->type == type @@ -4054,8 +4059,8 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id, /* AS path local-as loop check. */ if (peer->change_local_as) { - if (peer->allowas_in[afi][safi]) - aspath_loop_count = peer->allowas_in[afi][safi]; + if (allowas_in) + aspath_loop_count = allowas_in; else if (!CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND)) aspath_loop_count = 1; @@ -4078,11 +4083,10 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id, /* AS path loop check. */ if (do_loop_check) { - if (aspath_loop_check(attr->aspath, bgp->as) - > peer->allowas_in[afi][safi] - || (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION) - && aspath_loop_check(attr->aspath, bgp->confed_id) - > peer->allowas_in[afi][safi])) { + if (aspath_loop_check(attr->aspath, bgp->as) > allowas_in || + (CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION) && + (aspath_loop_check(attr->aspath, bgp->confed_id) > + allowas_in))) { peer->stat_pfx_aspath_loop++; reason = "as-path contains our own AS;"; goto filtered; diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index f380460a95..ec0fcd8f11 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -12282,6 +12282,16 @@ static void bgp_show_peer_afi(struct vty *vty, struct peer *p, afi_t afi, json_addr, "privateAsNumsRemovedInUpdatesToNbr"); + if (CHECK_FLAG(p->af_flags[afi][safi], PEER_FLAG_ALLOWAS_IN)) { + if (CHECK_FLAG(p->af_flags[afi][safi], + PEER_FLAG_ALLOWAS_IN_ORIGIN)) + json_object_boolean_true_add(json_addr, + "allowAsInOrigin"); + else + json_object_int_add(json_addr, "allowAsInCount", + p->allowas_in[afi][safi]); + } + if (p->addpath_type[afi][safi] != BGP_ADDPATH_NONE) json_object_boolean_true_add( json_addr, @@ -12598,6 +12608,17 @@ static void bgp_show_peer_afi(struct vty *vty, struct peer *p, afi_t afi, vty_out(vty, " Private AS numbers removed in updates to this neighbor\n"); + if (CHECK_FLAG(p->af_flags[afi][safi], PEER_FLAG_ALLOWAS_IN)) { + if (CHECK_FLAG(p->af_flags[afi][safi], + PEER_FLAG_ALLOWAS_IN_ORIGIN)) + vty_out(vty, + " Local AS allowed as path origin\n"); + else + vty_out(vty, + " Local AS allowed in path, %d occurrences\n", + p->allowas_in[afi][safi]); + } + if (p->addpath_type[afi][safi] != BGP_ADDPATH_NONE) vty_out(vty, " %s\n", bgp_addpath_names(p->addpath_type[afi][safi])