summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorEugene Bogomazov <eb@qrator.net>2022-07-11 17:19:34 +0200
committerOndrej Zajicek <santiago@crfreenet.org>2022-07-11 17:25:54 +0200
commitc73b5d2d3d94204d2a81d93efd02c4c115859353 (patch)
treebf1e351517975543730967b68df0c2d34e70578e /doc
parentcb339a30677901f2c248de08ff535cf0a9efab3d (diff)
BGP: Implement BGP roles
Implement BGP roles as described in RFC 9234. It is a mechanism for route leak prevention and automatic route filtering based on common BGP topology relationships. It defines role capability (controlled by 'local role' option) and OTC route attribute, which is used for automatic route filtering and leak detection. Minor changes done by commiter.
Diffstat (limited to 'doc')
-rw-r--r--doc/bird.sgml28
1 files changed, 28 insertions, 0 deletions
diff --git a/doc/bird.sgml b/doc/bird.sgml
index 89b1541c..c1ce1b91 100644
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -2377,6 +2377,7 @@ avoid routing loops.
<item> <rfc id="8203"> - BGP Administrative Shutdown Communication
<item> <rfc id="8212"> - Default EBGP Route Propagation Behavior without Policies
<item> <rfc id="9117"> - Revised Validation Procedure for BGP Flow Specifications
+<item> <rfc id="9234"> - Route Leak Prevention and Detection Using Roles
</itemize>
<sect1>Route selection rules
@@ -2817,6 +2818,28 @@ using the following configuration parameters:
protocol itself (for example, if a route is received through eBGP and
therefore does not have such attribute). Default: 100 (0 in pre-1.2.0
versions of BIRD).
+
+ <tag><label id="bgp-local-role">local role <m/role-name/</tag>
+ BGP roles are a mechanism for route leak prevention and automatic route
+ filtering based on common BGP topology relationships. They are defined
+ in <rfc id="9234">. Instead of manually configuring filters and
+ communities, automatic filtering is done with the help of the OTC
+ attribute - a flag for routes that should be sent only to customers.
+ The same attribute is also used to automatically detect and filter route
+ leaks created by third parties.
+
+ This option is valid for EBGP sessions, but it is not recommended to be
+ used within AS confederations.
+
+ Possible <cf><m/role-name/</cf> values are: <cf/provider/,
+ <cf/rs_server/, <cf/rs_client/, <cf/customer/ and <cf/peer/.
+ Default: No local role assigned.
+
+ <tag><label id="bgp-require-roles">require roles <m/switch/</tag>
+ If this option is set, the BGP roles must be defined on both sides,
+ otherwise the session will not be established. This behavior is defined
+ in <rfc id="9234"> as "strict mode" and is used to enforce corresponding
+ configuration at your conterpart side. Default: disabled.
</descrip>
<sect1>Channel configuration
@@ -3124,6 +3147,11 @@ some of them (marked with `<tt/O/') are optional.
This attribute contains accumulated IGP metric, which is a total
distance to the destination through multiple autonomous systems.
Currently, the attribute is not accessible from filters.
+
+ <tag><label id="bgp-otc">int bgp_otc [O]</tag>
+ This attribute is defined in <rfc id="9234">. OTC is a flag that marks
+ routes that should be sent only to customers. If <ref id="bgp-role"
+ name="local Role"> is configured it set automatically.
</descrip>
<sect1>Example