diff options
| author | Philippe Guibert <philippe.guibert@6wind.com> | 2020-02-03 13:36:58 +0100 |
|---|---|---|
| committer | Philippe Guibert <philippe.guibert@6wind.com> | 2020-07-02 08:17:51 +0200 |
| commit | 0feaf6478530e2244a1bc6ab50b3d7b7f447410c (patch) | |
| tree | 792c46fb406aa5eb1db62fc291bd9e7b3f0f2002 | |
| parent | 1f8d139ffd22917016c7257c2326a29c7fd14ca0 (diff) | |
bgpd: validation of bgp routes with rpki done on according vrf
the validation of rpki routes will impact the matching bgp instance.
Until now, the rpki was triggering validation of all bgp entries.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
| -rw-r--r-- | bgpd/bgp_rpki.c | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/bgpd/bgp_rpki.c b/bgpd/bgp_rpki.c index b4b210116e..608542e87f 100644 --- a/bgpd/bgp_rpki.c +++ b/bgpd/bgp_rpki.c @@ -159,7 +159,7 @@ static enum route_map_cmd_result_t route_match(void *rule, void *object); static void *route_match_compile(const char *arg); static void revalidate_bgp_node(struct bgp_dest *dest, afi_t afi, safi_t safi); -static void revalidate_all_routes(void); +static void revalidate_all_routes(struct rpki_vrf *rpki_vrf); static int rpki_debug_conf, rpki_debug_term; @@ -518,6 +518,7 @@ static int bgpd_sync_callback(struct thread *thread) struct prefix *prefix; struct pfx_record rec; struct rpki_vrf *rpki_vrf = THREAD_ARG(thread); + struct vrf *vrf = NULL; thread_add_read(bm->master, bgpd_sync_callback, rpki_vrf, rpki_vrf->rpki_sync_socket_bgpd, NULL); @@ -531,7 +532,7 @@ static int bgpd_sync_callback(struct thread *thread) atomic_store_explicit(&rpki_vrf->rtr_update_overflow, 0, memory_order_seq_cst); - revalidate_all_routes(); + revalidate_all_routes(rpki_vrf); return 0; } @@ -546,10 +547,24 @@ static int bgpd_sync_callback(struct thread *thread) afi_t afi = (rec.prefix.ver == LRTR_IPV4) ? AFI_IP : AFI_IP6; + if (rpki_vrf->vrfname) { + vrf = vrf_lookup_by_name(rpki_vrf->vrfname); + if (!vrf) { + zlog_err("%s(): vrf for rpki %s not found", + __func__, rpki_vrf->vrfname); + return 0; + } + } + for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp)) { struct peer *peer; struct listnode *peer_listnode; + if (!vrf && bgp->vrf_id != VRF_DEFAULT) + continue; + if (vrf && bgp->vrf_id != vrf->vrf_id) + continue; + for (ALL_LIST_ELEMENTS_RO(bgp->peer, peer_listnode, peer)) { safi_t safi; @@ -608,15 +623,30 @@ static void revalidate_bgp_node(struct bgp_dest *bgp_dest, afi_t afi, } } -static void revalidate_all_routes(void) +static void revalidate_all_routes(struct rpki_vrf *rpki_vrf) { struct bgp *bgp; struct listnode *node; + struct vrf *vrf = NULL; + + if (rpki_vrf->vrfname) { + vrf = vrf_lookup_by_name(rpki_vrf->vrfname); + if (!vrf) { + zlog_err("%s(): vrf for rpki %s not found", + __func__, rpki_vrf->vrfname); + return; + } + } for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp)) { struct peer *peer; struct listnode *peer_listnode; + if (!vrf && bgp->vrf_id != VRF_DEFAULT) + continue; + if (vrf && bgp->vrf_id != vrf->vrf_id) + continue; + for (ALL_LIST_ELEMENTS_RO(bgp->peer, peer_listnode, peer)) { for (size_t i = 0; i < 2; i++) { |