diff options
| author | Donald Sharp <sharpd@nvidia.com> | 2021-03-06 09:31:45 -0500 |
|---|---|---|
| committer | Donald Sharp <sharpd@nvidia.com> | 2021-03-07 07:08:33 -0500 |
| commit | b5b99af8532b14ab60af3e79ac2b5ebd59b55a2d (patch) | |
| tree | 1b2f4cf1b9b275a77f15c89453e7f8e57e3b8bdb | |
| parent | 130daf24ae1acf5db602e55c13b9ffca139a1dbf (diff) | |
bgpd: Display RPKI validation state if we have it
When dumping data about prefixes in bgp. Let's dump the
rpki validation state as well:
Output if rpki is turned on:
janelle# show rpki prefix 2003::/19
Prefix Prefix Length Origin-AS
2003:: 19 - 19 3320
janelle# show bgp ipv6 uni 2003::/19
BGP routing table entry for 2003::/19
Paths: (1 available, best #1, table default)
Not advertised to any peer
15096 6939 3320
::ffff:4113:867a from 65.19.134.122 (193.72.216.231)
(fe80::e063:daff:fe79:1dab) (used)
Origin IGP, valid, external, best (First path received), validation-state: valid
Last update: Sat Mar 6 09:20:51 2021
janelle# show rpki prefix 8.8.8.0/24
Prefix Prefix Length Origin-AS
janelle# show bgp ipv4 uni 8.8.8.0/24
BGP routing table entry for 8.8.8.0/24
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
100.99.229.142
15096 6939 15169
65.19.134.122 from 65.19.134.122 (193.72.216.231)
Origin IGP, valid, external, best (First path received), validation-state: not found
Last update: Sat Mar 6 09:21:25 2021
Example output when rpki is not configured:
eva# show bgp ipv4 uni 8.8.8.0/24
BGP routing table entry for 8.8.8.0/24
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
janelle(192.168.161.137)
64539 15096 6939 15169
192.168.161.137(janelle) from janelle(192.168.161.137) (192.168.44.1)
Origin IGP, valid, external, bestpath-from-AS 64539, best (First path received)
Last update: Sat Mar 6 09:33:51 2021
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
| -rw-r--r-- | bgpd/bgp_route.c | 35 | ||||
| -rw-r--r-- | bgpd/bgp_rpki.c | 1 | ||||
| -rw-r--r-- | bgpd/bgpd.h | 5 |
3 files changed, 41 insertions, 0 deletions
diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index ea6bf95d14..a753b7ef60 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -97,6 +97,11 @@ DEFINE_HOOK(bgp_snmp_update_stats, (struct bgp_node *rn, struct bgp_path_info *pi, bool added), (rn, pi, added)) +DEFINE_HOOK(bgp_rpki_prefix_status, + (struct peer *peer, struct attr *attr, + const struct prefix *prefix), + (peer, attr, prefix)) + /* Extern from bgp_dump.c */ extern const char *bgp_origin_str[]; extern const char *bgp_origin_long_str[]; @@ -7554,6 +7559,21 @@ static const char *bgp_origin2str(uint8_t origin) return "n/a"; } +static const char *bgp_rpki_validation2str(int v_state) +{ + switch (v_state) { + case 1: + return "valid"; + case 2: + return "not found"; + case 3: + return "invalid"; + default: + break; + } + return "ERROR"; +} + int bgp_aggregate_unset(struct bgp *bgp, struct prefix *prefix, afi_t afi, safi_t safi, char *errmsg, size_t errmsg_len) { @@ -9568,6 +9588,7 @@ void route_vty_out_detail(struct vty *vty, struct bgp *bgp, int i; char *nexthop_hostname = bgp_nexthop_hostname(path->peer, path->nexthop); + int rpki_validation_state = 0; if (json_paths) { json_path = json_object_new_object(); @@ -10166,6 +10187,20 @@ void route_vty_out_detail(struct vty *vty, struct bgp *bgp, } } + const struct prefix *p = bgp_dest_get_prefix(bn); + if (p->family == AF_INET || p->family == AF_INET6) + rpki_validation_state = hook_call(bgp_rpki_prefix_status, + path->peer, path->attr, p); + if (rpki_validation_state) { + if (json_paths) + json_object_string_add( + json_path, "rpkiValidationState", + bgp_rpki_validation2str(rpki_validation_state)); + else + vty_out(vty, ", validation-state: %s", + bgp_rpki_validation2str(rpki_validation_state)); + } + if (json_bestpath) json_object_object_add(json_path, "bestpath", json_bestpath); diff --git a/bgpd/bgp_rpki.c b/bgpd/bgp_rpki.c index 6bb33ff859..42951efb01 100644 --- a/bgpd/bgp_rpki.c +++ b/bgpd/bgp_rpki.c @@ -562,6 +562,7 @@ static int bgp_rpki_module_init(void) { lrtr_set_alloc_functions(malloc_wrapper, realloc_wrapper, free_wrapper); + hook_register(bgp_rpki_prefix_status, rpki_validate_prefix); hook_register(frr_late_init, bgp_rpki_init); hook_register(frr_early_fini, &bgp_rpki_fini); diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h index 23d0e9dfb1..3f5ec07796 100644 --- a/bgpd/bgpd.h +++ b/bgpd/bgpd.h @@ -2371,6 +2371,11 @@ DECLARE_HOOK(bgp_snmp_update_last_changed, (struct bgp *bgp), (bgp)) DECLARE_HOOK(bgp_snmp_update_stats, (struct bgp_node *rn, struct bgp_path_info *pi, bool added), (rn, pi, added)) +DECLARE_HOOK(bgp_rpki_prefix_status, + (struct peer * peer, struct attr *attr, + const struct prefix *prefix), + (peer, attr, prefix)) + void peer_nsf_stop(struct peer *peer); #endif /* _QUAGGA_BGPD_H */ |