summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEugene Bogomazov <eb@qrator.net>2022-06-22 12:47:22 +0300
committerEugene Bogomazov <eb@qrator.net>2022-06-22 13:34:51 +0300
commit5a78f2bcb0d1135fceb4ef62f9f7f6487c8c35ea (patch)
tree8b1127c3ad86b80021f48666be943d96ea5a6b46
parentaee05e20fd06ba702c85de47b20dd6e4730d7abd (diff)
bgpd: add AFI/SAFI check for RFC 9234
RFC 9234 mandates that role rules apply only to IPv4/IPv6 unicast bgp sessions. If the OTC attribute appears in other sessions, it will remain untouched. Signed-off-by: Eugene Bogomazov <eb@qrator.net>
Diffstat
-rw-r--r--bgpd/bgp_route.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index 90e3f88058..b7b069fbed 100644
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -1598,6 +1598,11 @@ static bool bgp_otc_egress(struct peer *peer, struct attr *attr)
return false;
}
+static bool bgp_check_role_applicability(afi_t afi, safi_t safi)
+{
+ return ((afi == AFI_IP || afi == AFI_IP6) && safi == SAFI_UNICAST);
+}
+
static int bgp_input_modifier(struct peer *peer, const struct prefix *p,
struct attr *attr, afi_t afi, safi_t safi,
const char *rmap_name, mpls_label_t *label,
@@ -2202,7 +2207,8 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi,
memset(&attr->mp_nexthop_local, 0, IPV6_MAX_BYTELEN);
}
- if (bgp_otc_egress(peer, attr))
+ if (bgp_check_role_applicability(afi, safi) &&
+ bgp_otc_egress(peer, attr))
return false;
bgp_peer_remove_private_as(bgp, afi, safi, peer, attr);
@@ -4001,12 +4007,12 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id,
goto filtered;
}
- if (bgp_otc_filter(peer, &new_attr)) {
+ if (bgp_check_role_applicability(afi, safi) &&
+ bgp_otc_filter(peer, &new_attr)) {
reason = "failing otc validation";
bgp_attr_flush(&new_attr);
goto filtered;
}
-
/* The flag BGP_NODE_FIB_INSTALL_PENDING is for the following
* condition :
* Suppress fib is enabled