reads ok
Claudio Jeker(cje...@diehard.n-r-g.com) on 2020.04.23 10:04:15 +0200:
> local-address is one of those values that need to be set in some cases but
> is not very flexible to use. This diff tries to change this a bit.
>
> It allows to set the local-address for both IPv4 and IPv6 at the same time
> and also allows to unset a previously set local-address. For example:
>
> group IBGP {
> local-address 192.0.2.1
> local-address 2001:db8:abcd::1
>
> neighbor 192.0.2.2 { remote-as $AS }
> neighbor 2001:db8:abcd::2 { remote-as $AS }
>
> # reset the local-address for whatever reason
> neighbor 192.0.2.3 {
> no local-address
> remote-as $AS
> }
> }
>
> As usual setting a local-address on the neighbor will override the group
> config. I think for IBGP and multihop sessions this can simplify the
> config a fair bit. In my case this will collaps IPv4 and IPv6 specific
> groups back together since the only reason they are split is because of
> local-address.
>
> What do other bgpd user think?
> --
> :wq Claudio
>
> Index: bgpd.h
> ===
> RCS file: /cvs/src/usr.sbin/bgpd/bgpd.h,v
> retrieving revision 1.401
> diff -u -p -r1.401 bgpd.h
> --- bgpd.h14 Feb 2020 13:54:31 - 1.401
> +++ bgpd.h22 Apr 2020 15:50:46 -
> @@ -365,7 +365,8 @@ struct capabilities {
>
> struct peer_config {
> struct bgpd_addr remote_addr;
> - struct bgpd_addr local_addr;
> + struct bgpd_addr local_addr_v4;
> + struct bgpd_addr local_addr_v6;
> struct peer_auth auth;
> struct capabilities capabilities;
> char group[PEER_DESCR_LEN];
> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v
> retrieving revision 1.405
> diff -u -p -r1.405 parse.y
> --- parse.y 16 Mar 2020 14:47:30 - 1.405
> +++ parse.y 23 Apr 2020 07:51:25 -
> @@ -1260,8 +1260,27 @@ peeropts : REMOTEAS as4number{
> free($2);
> }
> | LOCALADDR address {
> - memcpy(>conf.local_addr, &$2,
> - sizeof(curpeer->conf.local_addr));
> + if ($2.aid == AID_INET)
> + memcpy(>conf.local_addr_v4, &$2,
> + sizeof(curpeer->conf.local_addr_v4));
> + else if ($2.aid == AID_INET6)
> + memcpy(>conf.local_addr_v6, &$2,
> + sizeof(curpeer->conf.local_addr_v6));
> + else {
> + yyerror("Unsupported address family %s for "
> + "local-addr", aid2str($2.aid));
> + YYERROR;
> + }
> + }
> + | yesno LOCALADDR {
> + if ($1) {
> + yyerror("bad local-address definition");
> + YYERROR;
> + }
> + memset(>conf.local_addr_v4, 0,
> + sizeof(curpeer->conf.local_addr_v4));
> + memset(>conf.local_addr_v6, 0,
> + sizeof(curpeer->conf.local_addr_v6));
> }
> | MULTIHOP NUMBER {
> if ($2 < 2 || $2 > 255) {
> @@ -4176,11 +4195,17 @@ str2key(char *s, char *dest, size_t max_
> int
> neighbor_consistent(struct peer *p)
> {
> - /* local-address and peer's address: same address family */
> - if (p->conf.local_addr.aid &&
> - p->conf.local_addr.aid != p->conf.remote_addr.aid) {
> - yyerror("local-address and neighbor address "
> - "must be of the same address family");
> + struct bgpd_addr *local_addr;
> +
> + switch (p->conf.remote_addr.aid) {
> + case AID_INET:
> + local_addr = >conf.local_addr_v4;
> + break;
> + case AID_INET6:
> + local_addr = >conf.local_addr_v6;
> + break;
> + default:
> + yyerror("Bad address family for remote-addr");
> return (-1);
> }
>
> @@ -4189,7 +4214,7 @@ neighbor_consistent(struct peer *p)
> p->conf.auth.method == AUTH_IPSEC_IKE_AH ||
> p->conf.auth.method == AUTH_IPSEC_MANUAL_ESP ||
> p->conf.auth.method == AUTH_IPSEC_MANUAL_AH) &&
> - !p->conf.local_addr.aid) {
> + local_addr->aid == AID_UNSPEC) {
> yyerror("neighbors with any form of IPsec configured "
> "need local-address to be specified");
> return (-1);
> Index: pfkey.c
> ===
> RCS file: /cvs/src/usr.sbin/bgpd/pfkey.c,v
> retrieving