summaryrefslogtreecommitdiffhomepage
path: root/pkg/server
diff options
context:
space:
mode:
authorFUJITA Tomonori <fujita.tomonori@gmail.com>2019-09-08 22:43:08 +0900
committerFUJITA Tomonori <fujita.tomonori@gmail.com>2019-09-08 22:43:08 +0900
commit25438b289c9c37a6f6a067b087836b979025e611 (patch)
tree100b23a5f12b34f25b40e58b22f79588c97e2e0e /pkg/server
parent07e70de118842609a8e1e4740fdb82179f4bdaca (diff)
execute rpki validation for policy only when it's necessary
currently, validate is executed even if the result is not necessary. Signed-off-by: FUJITA Tomonori <fujita.tomonori@gmail.com>
Diffstat (limited to 'pkg/server')
-rw-r--r--pkg/server/server.go19
1 files changed, 10 insertions, 9 deletions
diff --git a/pkg/server/server.go b/pkg/server/server.go
index e92155b8..d1257cda 100644
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@@ -640,10 +640,6 @@ func (s *BgpServer) prePolicyFilterpath(peer *peer, path, old *table.Path) (*tab
OldNextHop: path.GetNexthop(),
}
path = table.UpdatePathAttrs(peer.fsm.gConf, peer.fsm.pConf, peer.fsm.peerInfo, path)
-
- if v := s.roaManager.validate(path); v != nil {
- options.ValidationResult = v
- }
peer.fsm.lock.RUnlock()
return path, options, false
@@ -678,6 +674,7 @@ func (s *BgpServer) filterpath(peer *peer, path, old *table.Path) *table.Path {
if stop {
return path
}
+ options.Validate = s.roaManager.validate
path = peer.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_EXPORT, path, options)
// When 'path' is filtered (path == nil), check 'old' has been sent to this peer.
// If it has, send withdrawal to the peer.
@@ -984,6 +981,7 @@ func (s *BgpServer) sendSecondaryRoutes(peer *peer, newPath *table.Path, dsts []
if stop {
return nil
}
+ options.Validate = s.roaManager.validate
path = peer.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_EXPORT, path, options)
if path != nil {
return s.postFilterpath(peer, path)
@@ -1097,16 +1095,15 @@ func (s *BgpServer) propagateUpdate(peer *peer, pathList []*table.Path) {
}
}
- policyOptions := &table.PolicyOptions{}
+ policyOptions := &table.PolicyOptions{
+ Validate: s.roaManager.validate,
+ }
if !rs && peer != nil {
peer.fsm.lock.RLock()
policyOptions.Info = peer.fsm.peerInfo
peer.fsm.lock.RUnlock()
}
- if v := s.roaManager.validate(path); v != nil {
- policyOptions.ValidationResult = v
- }
if p := s.policy.ApplyPolicy(tableId, table.POLICY_DIRECTION_IMPORT, path, policyOptions); p != nil {
path = p
@@ -2452,7 +2449,10 @@ func (s *BgpServer) getAdjRib(addr string, family bgp.RouteFamily, in bool, enab
adjRib = peer.adjRibIn
if enableFiltered {
for _, path := range peer.adjRibIn.PathList([]bgp.RouteFamily{family}, true) {
- if s.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_IMPORT, path, &table.PolicyOptions{}) == nil {
+ options := &table.PolicyOptions{
+ Validate: s.roaManager.validate,
+ }
+ if s.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_IMPORT, path, options) == nil {
filtered[path.GetNlri().String()] = path
}
}
@@ -2465,6 +2465,7 @@ func (s *BgpServer) getAdjRib(addr string, family bgp.RouteFamily, in bool, enab
if stop {
continue
}
+ options.Validate = s.roaManager.validate
p := peer.policy.ApplyPolicy(peer.TableID(), table.POLICY_DIRECTION_EXPORT, path, options)
if p == nil {
filtered[path.GetNlri().String()] = path