matthieu/frr
1
0
Fork 0
forked from Mirror/frr
Code Pull requests Activity

Merge pull request #17451 from opensourcerouting/fix/bgp_optimizations

Browse source 
bgpd: Optimize the outbound path if RFC8212 is applied
This commit is contained in:
Donald Sharp 2024-11-17 12:03:52 -05:00 committed by GitHub
parent 564a8bca2c 2dc7db9251
commit 724624a35c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 21 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
bgpd/bgp_route.c
View file

@ -2326,6 +2326,27 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi,
} }
} }
/* RFC 8212 to prevent route leaks.
* This specification intends to improve this situation by requiring the
* explicit configuration of both BGP Import and Export Policies for any
* External BGP (EBGP) session such as customers, peers, or
* confederation boundaries for all enabled address families. Through
* codification of the aforementioned requirement, operators will
* benefit from consistent behavior across different BGP
* implementations.
*/
if (CHECK_FLAG(bgp->flags, BGP_FLAG_EBGP_REQUIRES_POLICY))
if (!bgp_outbound_policy_exists(peer, filter)) {
if (monotime_since(&bgp->ebgprequirespolicywarning, NULL) >
FIFTEENMINUTE2USEC ||
bgp->ebgprequirespolicywarning.tv_sec == 0) {
zlog_warn("%pBP [Update:SEND] %pFX EBGP outbound policy not properly setup, please configure in order for your peering to work correctly",
peer, p);
monotime(&bgp->ebgprequirespolicywarning);
}
return false;
}
/* Output filter check. */ /* Output filter check. */
if (bgp_output_filter(peer, p, piattr, afi, safi) == FILTER_DENY) { if (bgp_output_filter(peer, p, piattr, afi, safi) == FILTER_DENY) {
if (bgp_debug_update(NULL, p, subgrp->update_group, 0)) if (bgp_debug_update(NULL, p, subgrp->update_group, 0))
@ -2580,27 +2601,6 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi,
bgp_peer_remove_private_as(bgp, afi, safi, peer, attr); bgp_peer_remove_private_as(bgp, afi, safi, peer, attr);
bgp_peer_as_override(bgp, afi, safi, peer, attr); bgp_peer_as_override(bgp, afi, safi, peer, attr);
/* RFC 8212 to prevent route leaks.
* This specification intends to improve this situation by requiring the
* explicit configuration of both BGP Import and Export Policies for any
* External BGP (EBGP) session such as customers, peers, or
* confederation boundaries for all enabled address families. Through
* codification of the aforementioned requirement, operators will
* benefit from consistent behavior across different BGP
* implementations.
*/
if (CHECK_FLAG(bgp->flags, BGP_FLAG_EBGP_REQUIRES_POLICY))
if (!bgp_outbound_policy_exists(peer, filter)) {
if (monotime_since(&bgp->ebgprequirespolicywarning,
NULL) > FIFTEENMINUTE2USEC ||
bgp->ebgprequirespolicywarning.tv_sec == 0) {
zlog_warn("%pBP [Update:SEND] %pFX EBGP outbound policy not properly setup, please configure in order for your peering to work correctly",
peer, p);
monotime(&bgp->ebgprequirespolicywarning);
}
return false;
}
/* draft-ietf-idr-deprecate-as-set-confed-set /* draft-ietf-idr-deprecate-as-set-confed-set
* Filter routes having AS_SET or AS_CONFED_SET in the path. * Filter routes having AS_SET or AS_CONFED_SET in the path.
* Eventually, This document (if approved) updates RFC 4271 * Eventually, This document (if approved) updates RFC 4271