Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bgpd: Filter Prefix-SID, Encap, PMSI Tunnel #16652

Merged
merged 4 commits into from
Aug 27, 2024
Merged

bgpd: Filter Prefix-SID, Encap, PMSI Tunnel #16652

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f390253
bgpd: Allow filtering Prefix-SID attribute
ton31337 Aug 25, 2024
f0bb262
bgpd: Allow filtering PMSI Tunnel attribute
ton31337 Aug 25, 2024
b713df8
bgpd: Allow filtering Encap attribute
ton31337 Aug 25, 2024
d84cae2
bgpd: Set encap attribute if received and parsed
ton31337 Aug 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
28 changes: 27 additions & 1 deletion bgpd/bgp_attr.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2790,6 +2790,9 @@ static int bgp_attr_encap(struct bgp_attr_parser_args *args)
uint8_t type = args->type;
uint8_t flag = args->flags;

if (peer->discard_attrs[args->type] || peer->withdraw_attrs[args->type])
goto encap_ignore;

if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
|| !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
zlog_err("Tunnel Encap attribute flag isn't optional and transitive %d",
Expand Down Expand Up @@ -2908,7 +2911,14 @@ static int bgp_attr_encap(struct bgp_attr_parser_args *args)
args->total);
}

return 0;
SET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ENCAP));

return BGP_ATTR_PARSE_PROCEED;

encap_ignore:
stream_forward_getp(peer->curr, length);

return bgp_attr_ignore(peer, type);
}


Expand Down Expand Up @@ -3300,6 +3310,9 @@ enum bgp_attr_parse_ret bgp_attr_prefix_sid(struct bgp_attr_parser_args *args)
size_t headersz = sizeof(type) + sizeof(length);
size_t psid_parsed_length = 0;

if (peer->discard_attrs[args->type] || peer->withdraw_attrs[args->type])
goto prefix_sid_ignore;

while (STREAM_READABLE(peer->curr) > 0
&& psid_parsed_length < args->length) {

Expand Down Expand Up @@ -3347,6 +3360,11 @@ enum bgp_attr_parse_ret bgp_attr_prefix_sid(struct bgp_attr_parser_args *args)
SET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID));

return BGP_ATTR_PARSE_PROCEED;

prefix_sid_ignore:
stream_forward_getp(peer->curr, args->length);

return bgp_attr_ignore(peer, args->type);
}

/* PMSI tunnel attribute (RFC 6514)
Expand All @@ -3361,6 +3379,9 @@ bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
uint8_t tnl_type;
int attr_parse_len = 2 + BGP_LABEL_BYTES;

if (peer->discard_attrs[args->type] || peer->withdraw_attrs[args->type])
goto pmsi_tunnel_ignore;

/* Verify that the receiver is expecting "ingress replication" as we
* can only support that.
*/
Expand Down Expand Up @@ -3397,6 +3418,11 @@ bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args)
stream_forward_getp(peer->curr, length - attr_parse_len);

return BGP_ATTR_PARSE_PROCEED;

pmsi_tunnel_ignore:
stream_forward_getp(peer->curr, length);

return bgp_attr_ignore(peer, args->type);
}

/* AIGP attribute (rfc7311) */
Expand Down
Loading