Add a 'ovs' command to filter on Origin Validation State.
'bgpctl show rib ovs invalid' returns only prefixes that failed route origin
validation.
Index: bgpctl/bgpctl.8
===================================================================
RCS file: /cvs/src/usr.sbin/bgpctl/bgpctl.8,v
retrieving revision 1.82
diff -u -p -r1.82 bgpctl.8
--- bgpctl/bgpctl.8 9 Sep 2018 12:53:00 -0000 1.82
+++ bgpctl/bgpctl.8 3 Oct 2018 10:53:08 -0000
@@ -357,6 +357,8 @@ Show only entries from the specified RIB
Show all entries with
.Ar as
anywhere but rightmost.
+.It Cm ovs Pq Ic valid | not-found | invalid
+Show all entries with matching Origin Validation State (OVS).
.El
.Pp
Additionally, the following
Index: bgpctl/parser.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpctl/parser.c,v
retrieving revision 1.85
diff -u -p -r1.85 parser.c
--- bgpctl/parser.c 7 Sep 2018 05:47:02 -0000 1.85
+++ bgpctl/parser.c 3 Oct 2018 10:53:08 -0000
@@ -81,6 +81,7 @@ static const struct token t_show[];
static const struct token t_show_summary[];
static const struct token t_show_fib[];
static const struct token t_show_rib[];
+static const struct token t_show_ovs[];
static const struct token t_show_mrt[];
static const struct token t_show_mrt_file[];
static const struct token t_show_rib_neigh[];
@@ -185,11 +186,18 @@ static const struct token t_show_rib[] =
{ KEYWORD, "table", NONE, t_show_rib_rib},
{ KEYWORD, "summary", SHOW_SUMMARY, t_show_summary},
{ KEYWORD, "memory", SHOW_RIB_MEM, NULL},
+ { KEYWORD, "ovs", NONE, t_show_ovs},
{ FAMILY, "", NONE, t_show_rib},
{ PREFIX, "", NONE, t_show_prefix},
{ ENDTOKEN, "", NONE, NULL}
};
+static const struct token t_show_ovs[] = {
+ { FLAG, "valid" , F_CTL_OVS_VALID, t_show_rib},
+ { FLAG, "invalid", F_CTL_OVS_INVALID, t_show_rib},
+ { FLAG, "not-found", F_CTL_OVS_NOTFOUND, t_show_rib},
+ { ENDTOKEN, "", NONE, NULL}
+};
static const struct token t_show_mrt[] = {
{ NOTOKEN, "", NONE, NULL},
Index: bgpd/bgpd.h
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/bgpd.h,v
retrieving revision 1.348
diff -u -p -r1.348 bgpd.h
--- bgpd/bgpd.h 1 Oct 2018 23:09:53 -0000 1.348
+++ bgpd/bgpd.h 3 Oct 2018 10:53:08 -0000
@@ -88,6 +88,10 @@
#define F_RTLABEL 0x10000
#define F_CTL_SSV 0x20000 /* only used by bgpctl */
#define F_CTL_INVALID 0x40000 /* only used by bgpctl */
+#define F_CTL_OVS_VALID 0x80000
+#define F_CTL_OVS_INVALID 0x100000
+#define F_CTL_OVS_NOTFOUND 0x200000
+
/*
* Note that these numeric assignments differ from the numbers commonly
Index: bgpd/rde.c
===================================================================
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving revision 1.432
diff -u -p -r1.432 rde.c
--- bgpd/rde.c 1 Oct 2018 23:09:53 -0000 1.432
+++ bgpd/rde.c 3 Oct 2018 10:53:08 -0000
@@ -126,6 +126,7 @@ void network_dump_upcall(struct rib_en
void rde_shutdown(void);
int sa_cmp(struct bgpd_addr *, struct sockaddr *);
+int ovs_match(struct prefix *, u_int32_t);
volatile sig_atomic_t rde_quit = 0;
struct bgpd_config *conf, *nconf;
@@ -2286,6 +2287,8 @@ rde_dump_filter(struct prefix *p, struct
!community_large_match(asp, req->large_community.as,
req->large_community.ld1, req->large_community.ld2))
return;
+ if (!ovs_match(p, req->flags))
+ return;
rde_dump_rib_as(p, asp, req->pid, req->flags);
}
}
@@ -3958,4 +3961,30 @@ rde_roa_validity(struct rde_prefixset *p
r = trie_roa_check(&ps->th, prefix, plen, as);
return (r & ROA_MASK);
+}
+
+int
+ovs_match(struct prefix *p, u_int32_t flag)
+{
+ if (flag & F_CTL_OVS_VALID || flag & F_CTL_OVS_INVALID ||
+ flag & F_CTL_OVS_NOTFOUND) {
+ switch (prefix_vstate(p)) {
+ case ROA_VALID:
+ if (!(flag & F_CTL_OVS_VALID))
+ return 0;
+ break;
+ case ROA_INVALID:
+ if (!(flag & F_CTL_OVS_INVALID))
+ return 0;
+ break;
+ case ROA_NOTFOUND:
+ if (!(flag & F_CTL_OVS_NOTFOUND))
+ return 0;
+ break;
+ default:
+ break;
+ }
+ }
+
+ return 1;
}
