BGP: Require explicit import and export policies for EBGP channels

To comply with RFC 8212 requirements.

4 files changed, 39 insertions, 5 deletions

diff --git a/doc/bird.sgml b/doc/bird.sgml
index bde825c3..04f9258b 100644
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -794,11 +794,13 @@ inherited from templates can be updated by new definitions.
 	<tag><label id="proto-import">import all | none | filter <m/name/ | filter { <m/filter commands/ } | where <m/boolean filter expression/</tag>
 	Specify a filter to be used for filtering routes coming from the
 	protocol to the routing table. <cf/all/ is for keeping all routes,
-	<cf/none/ is for dropping all routes. Default: <cf/all/.
+	<cf/none/ is for dropping all routes. Default: <cf/all/ (except for
+	EBGP).
 
 	<tag><label id="proto-export">export <m/filter/</tag>
 	This is similar to the <cf>import</cf> keyword, except that it works in
-	the direction from the routing table to the protocol. Default: <cf/none/.
+	the direction from the routing table to the protocol. Default: <cf/none/
+	(except for EBGP).
 
 	<tag><label id="proto-import-keep-filtered">import keep filtered <m/switch/</tag>
 	Usually, if an import filter rejects a route, the route is forgotten.
@@ -866,10 +868,12 @@ template bgp {
 	ipv4 {
 		table mytable4;
 		import filter { ... };
+		export none;
 	};
 	ipv6 {
 		table mytable6;
 		import filter { ... };
+		export none;
 	};
 }
 
@@ -2073,6 +2077,7 @@ avoid routing loops.
 <item> <rfc id="7947"> - Internet Exchange BGP Route Server
 <item> <rfc id="8092"> - BGP Large Communities Attribute
 <item> <rfc id="8203"> - BGP Administrative Shutdown Communication
+<item> <rfc id="8212"> - Default EBGP Route Propagation Behavior without Policies
 </itemize>
 
 <sect1>Route selection rules
@@ -2459,6 +2464,12 @@ together with their appropriate channels follows.
 </tabular>
 </table>
 
+<p>Due to <rfc id="8212">, external BGP protocol requires explicit configuration
+of import and export policies (in contrast to other protocols, where default
+policies of <cf/import all/ and <cf/export none/ are used in absence of explicit
+configuration). Note that blanket policies like <cf/all/ or <cf/none/ can still
+be used in explicit configuration.
+
 <p>BGP channels have additional config options (together with the common ones):
 
 <descrip>
@@ -3631,13 +3642,13 @@ protocol kernel kern2 {
 }
 
 protocol bgp bgp1 {			# The outside connections
-	ipv4 { table as1; export all; };
+	ipv4 { table as1; import all; export all; };
 	local as 1;
 	neighbor 192.168.0.1 as 1001;
 }
 
 protocol bgp bgp2 {
-	ipv4 { table as2; export all; };
+	ipv4 { table as2; import all; export all; };
 	local as 2;
 	neighbor 10.0.0.1 as 1002;
 }
@@ -4419,7 +4430,10 @@ protocol bgp {
 	debug all;
 	local as 65000;
 	neighbor 192.168.2.1 as 65001;
-	ipv4 { import filter peer_in_v4; };
+	ipv4 {
+		import filter peer_in_v4;
+		export none;
+	};
 }
 </code>
 
diff --git a/filter/filter.h b/filter/filter.h
index c277b67c..89cd80e6 100644
--- a/filter/filter.h
+++ b/filter/filter.h
@@ -122,6 +122,7 @@ void val_format(struct f_val v, buffer *buf);
 
 #define FILTER_ACCEPT NULL
 #define FILTER_REJECT ((void *) 1)
+#define FILTER_UNDEF  ((void *) 2)	/* Used in BGP */
 
 /* Type numbers must be in 0..0xff range */
 #define T_MASK 0xff
diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c
index 8da5b0aa..9db26050 100644
--- a/proto/bgp/bgp.c
+++ b/proto/bgp/bgp.c
@@ -99,6 +99,7 @@
  * <item> <rfc id="7947"> - Internet Exchange BGP Route Server
  * <item> <rfc id="8092"> - BGP Large Communities Attribute
  * <item> <rfc id="8203"> - BGP Administrative Shutdown Communication
+ * <item> <rfc id="8212"> - Default EBGP Route Propagation Behavior without Policies
  * </itemize>
 */
 
@@ -113,6 +114,7 @@
 #include "nest/cli.h"
 #include "nest/locks.h"
 #include "conf/conf.h"
+#include "filter/filter.h"
 #include "lib/socket.h"
 #include "lib/resource.h"
 #include "lib/string.h"
@@ -1621,6 +1623,7 @@ bgp_postconfig(struct proto_config *CF)
 {
   struct bgp_config *cf = (void *) CF;
   int internal = (cf->local_as == cf->remote_as);
+  int interior = internal || cf->confederation_member;
 
   /* Do not check templates at all */
   if (cf->c.class == SYM_TEMPLATE)
@@ -1677,6 +1680,20 @@ bgp_postconfig(struct proto_config *CF)
   struct bgp_channel_config *cc;
   WALK_LIST(cc, CF->channels)
   {
+    /* Handle undefined import filter */
+    if (cc->c.in_filter == FILTER_UNDEF)
+      if (interior)
+	cc->c.in_filter = FILTER_ACCEPT;
+      else
+	cf_error("EBGP requires explicit import policy");
+
+    /* Handle undefined export filter */
+    if (cc->c.out_filter == FILTER_UNDEF)
+      if (interior)
+	cc->c.out_filter = FILTER_REJECT;
+      else
+	cf_error("EBGP requires explicit export policy");
+
     /* Disable after error incompatible with restart limit action */
     if ((cc->c.in_limit.action == PLA_RESTART) && cf->disable_after_error)
       cc->c.in_limit.action = PLA_DISABLE;
diff --git a/proto/bgp/config.Y b/proto/bgp/config.Y
index 4e819eb7..04e6d666 100644
--- a/proto/bgp/config.Y
+++ b/proto/bgp/config.Y
@@ -163,6 +163,8 @@ bgp_channel_start: bgp_afi
   /* New channel */
   if (!BGP_CC->desc)
   {
+    BGP_CC->c.in_filter = FILTER_UNDEF;
+    BGP_CC->c.out_filter = FILTER_UNDEF;
     BGP_CC->c.ra_mode = RA_UNDEF;
     BGP_CC->afi = $1;
     BGP_CC->desc = desc;