reads ok
and yes on sthens suggestion
Peter Hessler(phess...@openbsd.org) on 2017.05.27 14:50:25 +0200:
> Allow us to receive our own AS paths from a neighbor.
>
> Like several of the related diffs, this also invites dragons and grues
> into your network.
>
> Probably needs the most love in the man page, as usual ;).
>
> OK?
>
>
> Index: bgpd.conf.5
> ===================================================================
> RCS file: /cvs/openbsd/src/usr.sbin/bgpd/bgpd.conf.5,v
> retrieving revision 1.154
> diff -u -p -u -p -r1.154 bgpd.conf.5
> --- bgpd.conf.5 27 May 2017 10:33:15 -0000 1.154
> +++ bgpd.conf.5 27 May 2017 12:49:42 -0000
> @@ -767,6 +767,19 @@ section in
> .Sx GLOBAL CONFIGURATION .
> .Pp
> .It Xo
> +.Ic enforce local-as
> +.Pq Ic yes Ns | Ns Ic no
> +.Xc
> +If set to
> +.Ic no ,
> +.Em AS paths
> +will not be checked for AS loop detection.
> +Since there is no AS path loop check, this option is dangerous, and
> +requires you to add filters to prevent receiving your own prefixes.
> +The default value is
> +.Ic yes .
> +.Pp
> +.It Xo
> .Ic enforce neighbor-as
> .Pq Ic yes Ns | Ns Ic no
> .Xc
> Index: bgpd.h
> ===================================================================
> RCS file: /cvs/openbsd/src/usr.sbin/bgpd/bgpd.h,v
> retrieving revision 1.303
> diff -u -p -u -p -r1.303 bgpd.h
> --- bgpd.h 27 May 2017 12:09:27 -0000 1.303
> +++ bgpd.h 27 May 2017 12:34:57 -0000
> @@ -309,6 +309,7 @@ struct peer_config {
> u_int32_t max_prefix;
> enum announce_type announce_type;
> enum enforce_as enforce_as;
> + enum enforce_as enforce_local_as;
> enum reconf_action reconf_action;
> u_int16_t max_prefix_restart;
> u_int16_t holdtime;
> Index: parse.y
> ===================================================================
> RCS file: /cvs/openbsd/src/usr.sbin/bgpd/parse.y,v
> retrieving revision 1.303
> diff -u -p -u -p -r1.303 parse.y
> --- parse.y 27 May 2017 10:33:15 -0000 1.303
> +++ parse.y 27 May 2017 12:35:33 -0000
> @@ -1183,6 +1183,12 @@ peeropts : REMOTEAS as4number {
> else
> curpeer->conf.enforce_as = ENFORCE_AS_OFF;
> }
> + | ENFORCE LOCALAS yesno {
> + if ($3)
> + curpeer->conf.enforce_local_as = ENFORCE_AS_ON;
> + else
> + curpeer->conf.enforce_local_as = ENFORCE_AS_OFF;
> + }
> | MAXPREFIX NUMBER restart {
> if ($2 < 0 || $2 > UINT_MAX) {
> yyerror("bad maximum number of prefixes");
> @@ -3690,6 +3696,8 @@ neighbor_consistent(struct peer *p)
> if (p->conf.enforce_as == ENFORCE_AS_UNDEF)
> p->conf.enforce_as = p->conf.ebgp ?
> ENFORCE_AS_ON : ENFORCE_AS_OFF;
> + if (p->conf.enforce_local_as == ENFORCE_AS_UNDEF)
> + p->conf.enforce_local_as = ENFORCE_AS_ON;
>
> /* EBGP neighbors are not allowed in route reflector clusters */
> if (p->conf.reflector_client && p->conf.ebgp) {
> Index: printconf.c
> ===================================================================
> RCS file: /cvs/openbsd/src/usr.sbin/bgpd/printconf.c,v
> retrieving revision 1.102
> diff -u -p -u -p -r1.102 printconf.c
> --- printconf.c 27 May 2017 10:33:15 -0000 1.102
> +++ printconf.c 27 May 2017 12:38:13 -0000
> @@ -470,6 +470,10 @@ print_peer(struct peer_config *p, struct
> printf("%s\tenforce neighbor-as yes\n", c);
> else
> printf("%s\tenforce neighbor-as no\n", c);
> + if (p->enforce_local_as == ENFORCE_AS_ON)
> + printf("%s\tenforce local-as yes\n", c);
> + else
> + printf("%s\tenforce local-as no\n", c);
> if (p->reflector_client) {
> if (conf->clusterid == 0)
> printf("%s\troute-reflector\n", c);
> Index: rde.c
> ===================================================================
> RCS file: /cvs/openbsd/src/usr.sbin/bgpd/rde.c,v
> retrieving revision 1.362
> diff -u -p -u -p -r1.362 rde.c
> --- rde.c 27 May 2017 10:33:15 -0000 1.362
> +++ rde.c 27 May 2017 12:41:06 -0000
> @@ -1104,6 +1104,7 @@ rde_update_dispatch(struct imsg *imsg)
>
> /* aspath needs to be loop free nota bene this is not a hard error */
> if (peer->conf.ebgp &&
> + peer->conf.enforce_local_as == ENFORCE_AS_ON &&
> !aspath_loopfree(asp->aspath, peer->conf.local_as))
> asp->flags |= F_ATTR_LOOP;
>
>
>
>
> --
> The porcupine with the sharpest quills gets stuck on a tree more often.
>
