Re: bgpctl(8): filter based on origin validation state

Wed, 03 Oct 2018 04:18:28 -0700 

On Wed, Oct 03, 2018 at 01:08:19PM +0200, Denis Fondras wrote:
> Add a 'ovs' command to filter on Origin Validation State.
> 
> 'bgpctl show rib ovs invalid' returns only prefixes that failed route origin
> validation.
> 
> 
> Index: bgpctl/bgpctl.8
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpctl/bgpctl.8,v
> retrieving revision 1.82
> diff -u -p -r1.82 bgpctl.8
> --- bgpctl/bgpctl.8   9 Sep 2018 12:53:00 -0000       1.82
> +++ bgpctl/bgpctl.8   3 Oct 2018 10:53:08 -0000
> @@ -357,6 +357,8 @@ Show only entries from the specified RIB
>  Show all entries with
>  .Ar as
>  anywhere but rightmost.
> +.It Cm ovs Pq Ic valid | not-found | invalid
> +Show all entries with matching Origin Validation State (OVS).
>  .El
>  .Pp
>  Additionally, the following
> Index: bgpctl/parser.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpctl/parser.c,v
> retrieving revision 1.85
> diff -u -p -r1.85 parser.c
> --- bgpctl/parser.c   7 Sep 2018 05:47:02 -0000       1.85
> +++ bgpctl/parser.c   3 Oct 2018 10:53:08 -0000
> @@ -81,6 +81,7 @@ static const struct token t_show[];
>  static const struct token t_show_summary[];
>  static const struct token t_show_fib[];
>  static const struct token t_show_rib[];
> +static const struct token t_show_ovs[];
>  static const struct token t_show_mrt[];
>  static const struct token t_show_mrt_file[];
>  static const struct token t_show_rib_neigh[];
> @@ -185,11 +186,18 @@ static const struct token t_show_rib[] =
>       { KEYWORD,      "table",        NONE,           t_show_rib_rib},
>       { KEYWORD,      "summary",      SHOW_SUMMARY,   t_show_summary},
>       { KEYWORD,      "memory",       SHOW_RIB_MEM,   NULL},
> +     { KEYWORD,      "ovs",          NONE,           t_show_ovs},
>       { FAMILY,       "",             NONE,           t_show_rib},
>       { PREFIX,       "",             NONE,           t_show_prefix},
>       { ENDTOKEN,     "",             NONE,           NULL}
>  };
>  
> +static const struct token t_show_ovs[] = {
> +     { FLAG,         "valid" ,       F_CTL_OVS_VALID,        t_show_rib},
> +     { FLAG,         "invalid",      F_CTL_OVS_INVALID,      t_show_rib},
> +     { FLAG,         "not-found",    F_CTL_OVS_NOTFOUND,     t_show_rib},
> +     { ENDTOKEN,     "",             NONE,           NULL}
> +};
>  
>  static const struct token t_show_mrt[] = {
>       { NOTOKEN,      "",             NONE,           NULL},
> Index: bgpd/bgpd.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/bgpd.h,v
> retrieving revision 1.348
> diff -u -p -r1.348 bgpd.h
> --- bgpd/bgpd.h       1 Oct 2018 23:09:53 -0000       1.348
> +++ bgpd/bgpd.h       3 Oct 2018 10:53:08 -0000
> @@ -88,6 +88,10 @@
>  #define      F_RTLABEL               0x10000
>  #define      F_CTL_SSV               0x20000 /* only used by bgpctl */
>  #define      F_CTL_INVALID           0x40000 /* only used by bgpctl */
> +#define      F_CTL_OVS_VALID         0x80000
> +#define      F_CTL_OVS_INVALID       0x100000
> +#define      F_CTL_OVS_NOTFOUND      0x200000
> +

Extra newline.

>  
>  /*
>   * Note that these numeric assignments differ from the numbers commonly
> Index: bgpd/rde.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
> retrieving revision 1.432
> diff -u -p -r1.432 rde.c
> --- bgpd/rde.c        1 Oct 2018 23:09:53 -0000       1.432
> +++ bgpd/rde.c        3 Oct 2018 10:53:08 -0000
> @@ -126,6 +126,7 @@ void               network_dump_upcall(struct rib_en
>  
>  void          rde_shutdown(void);
>  int           sa_cmp(struct bgpd_addr *, struct sockaddr *);
> +int           ovs_match(struct prefix *, u_int32_t);
>  
>  volatile sig_atomic_t         rde_quit = 0;
>  struct bgpd_config   *conf, *nconf;
> @@ -2286,6 +2287,8 @@ rde_dump_filter(struct prefix *p, struct
>                   !community_large_match(asp, req->large_community.as,
>                   req->large_community.ld1, req->large_community.ld2))
>                       return;
> +             if (!ovs_match(p, req->flags))
> +                     return;
>               rde_dump_rib_as(p, asp, req->pid, req->flags);
>       }
>  }
> @@ -3958,4 +3961,30 @@ rde_roa_validity(struct rde_prefixset *p
>  
>       r = trie_roa_check(&ps->th, prefix, plen, as);
>       return (r & ROA_MASK);
> +}
> +
> +int
> +ovs_match(struct prefix *p, u_int32_t flag)
> +{
> +     if (flag & F_CTL_OVS_VALID || flag & F_CTL_OVS_INVALID ||
> +         flag & F_CTL_OVS_NOTFOUND) {

I would write this as:
        if (flag & (F_CTL_OVS_VALID|F_CTL_OVS_INVALID|F_CTL_OVS_NOTFOUND)) {

> +             switch (prefix_vstate(p)) {
> +             case ROA_VALID:
> +                     if (!(flag & F_CTL_OVS_VALID))
> +                             return 0;
> +                     break;
> +             case ROA_INVALID:
> +                     if (!(flag & F_CTL_OVS_INVALID))
> +                             return 0;
> +                     break;
> +             case ROA_NOTFOUND:
> +                     if (!(flag & F_CTL_OVS_NOTFOUND))
> +                             return 0;
> +                     break;
> +             default:
> +                     break;
> +             }
> +     }
> +
> +     return 1;
>  }
> 

Apart from that OK claudio.

-- 
:wq Claudio

Reply via email to