server: ignore routes when local AS is in AS_PATH

RFC4271 9.1.2 Phase 2: Route Selection If the AS_PATH attribute of a BGP route contains an AS loop, the BGP route should be excluded from the Phase 2 decision function. AS loop detection is done by scanning the full AS path (as specified in the AS_PATH attribute), and checking that the autonomous system number of the local system does not appear in the AS path. Operations of a BGP speaker that is configured to accept routes with its own autonomous system number in the AS path are outside the scope of this document. Also this commit adds support for allow-own-as option to relax this. Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
author: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp> 2017-05-09 07:47:09 +0000
committer: Wataru Ishida <ishida.wataru@lab.ntt.co.jp> 2017-05-09 11:10:45 -0400
commit: 0f62519cd77f1cf38dee5b58377d0c347fe619bc (patch)
tree: 836c0fc65d09a6129c4edc16f04267ccd584075a /server/server.go
parent: 485b88244076b76a4bc1cef7b0630b3e70703fda (diff)
1 files changed, 27 insertions, 8 deletions
diff --git a/server/server.go b/server/server.go
index f3861de3..6e20979b 100644
--- a/server/server.go
+++ b/server/server.go
@@ -1317,7 +1317,17 @@ func (s *BgpServer) softResetIn(addr string, family bgp.RouteFamily) error {
 		for _, path := range peer.adjRibIn.PathList(families, false) {
 			exResult := path.Filtered(peer.ID())
 			path.Filter(peer.ID(), table.POLICY_DIRECTION_NONE)
-			if s.policy.ApplyPolicy(peer.ID(), table.POLICY_DIRECTION_IN, path, nil) != nil {
+
+			// RFC4271 9.1.2 Phase 2: Route Selection
+			//
+			// If the AS_PATH attribute of a BGP route contains an AS loop, the BGP
+			// route should be excluded from the Phase 2 decision function.
+			var asLoop bool
+			if aspath := path.GetAsPath(); aspath != nil {
+				asLoop = hasOwnASLoop(peer.fsm.peerInfo.LocalAS, int(peer.fsm.pConf.AsPathOptions.Config.AllowOwnAs), aspath)
+			}
+
+			if !asLoop && s.policy.ApplyPolicy(peer.ID(), table.POLICY_DIRECTION_IN, path, nil) != nil {
 				pathList = append(pathList, path.Clone(false))
 				// this path still in rib's
 				// knownPathList. We can't
@@ -1482,13 +1492,13 @@ func (s *BgpServer) GetAdjRib(addr string, family bgp.RouteFamily, in bool, pref
 		if !ok {
 			return fmt.Errorf("Neighbor that has %v doesn't exist.", addr)
 		}
-		id := peer.TableID()
+		id := peer.ID()
 
 		var adjRib *table.AdjRib
 		if in {
 			adjRib = peer.adjRibIn
 		} else {
-			adjRib = table.NewAdjRib(peer.ID(), peer.configuredRFlist())
+			adjRib = table.NewAdjRib(id, peer.configuredRFlist())
 			accepted, _ := peer.getBestFromLocal(peer.configuredRFlist())
 			adjRib.Update(accepted)
 		}
@@ -1707,7 +1717,7 @@ func (s *BgpServer) DeleteNeighbor(c *config.Neighbor) error {
 	}, true)
 }
 
-func (s *BgpServer) UpdateNeighbor(c *config.Neighbor) (policyUpdated bool, err error) {
+func (s *BgpServer) UpdateNeighbor(c *config.Neighbor) (needsSoftResetIn bool, err error) {
 	err = s.mgmtOperation(func() error {
 		addr := c.Config.NeighborAddress
 		peer, ok := s.neighborMap[addr]
@@ -1722,10 +1732,19 @@ func (s *BgpServer) UpdateNeighbor(c *config.Neighbor) (policyUpdated bool, err
 			}).Info("Update ApplyPolicy")
 			s.policy.Reset(nil, map[string]config.ApplyPolicy{peer.ID(): c.ApplyPolicy})
 			peer.fsm.pConf.ApplyPolicy = c.ApplyPolicy
-			policyUpdated = true
+			needsSoftResetIn = true
 		}
 		original := peer.fsm.pConf
 
+		if !original.AsPathOptions.Config.Equal(&c.AsPathOptions.Config) {
+			log.WithFields(log.Fields{
+				"Topic": "Peer",
+				"Key":   peer.ID(),
+			}).Info("Update aspath options")
+			peer.fsm.pConf.AsPathOptions = c.AsPathOptions
+			needsSoftResetIn = true
+		}
+
 		if !original.Config.Equal(&c.Config) || !original.Transport.Config.Equal(&c.Transport.Config) || config.CheckAfiSafisChange(original.AfiSafis, c.AfiSafis) {
 			sub := uint8(bgp.BGP_ERROR_SUB_OTHER_CONFIGURATION_CHANGE)
 			if original.Config.AdminDown != c.Config.AdminDown {
@@ -1738,7 +1757,7 @@ func (s *BgpServer) UpdateNeighbor(c *config.Neighbor) (policyUpdated bool, err
 					"Topic": "Peer",
 					"Key":   peer.ID(),
 					"State": state,
-				}).Info("update admin-state configuration")
+				}).Info("Update admin-state configuration")
 			} else if original.Config.PeerAs != c.Config.PeerAs {
 				sub = bgp.BGP_ERROR_SUB_PEER_DECONFIGURED
 			}
@@ -1763,7 +1782,7 @@ func (s *BgpServer) UpdateNeighbor(c *config.Neighbor) (policyUpdated bool, err
 			log.WithFields(log.Fields{
 				"Topic": "Peer",
 				"Key":   peer.ID(),
-			}).Info("update timer configuration")
+			}).Info("Update timer configuration")
 			peer.fsm.pConf.Timers.Config = c.Timers.Config
 		}
 
@@ -1778,7 +1797,7 @@ func (s *BgpServer) UpdateNeighbor(c *config.Neighbor) (policyUpdated bool, err
 		}
 		return err
 	}, true)
-	return policyUpdated, err
+	return needsSoftResetIn, err
 }
 
 func (s *BgpServer) addrToPeers(addr string) (l []*Peer, err error) {
author	ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>	2017-05-09 07:47:09 +0000
committer	Wataru Ishida <ishida.wataru@lab.ntt.co.jp>	2017-05-09 11:10:45 -0400
commit	0f62519cd77f1cf38dee5b58377d0c347fe619bc (patch)
tree	836c0fc65d09a6129c4edc16f04267ccd584075a /server/server.go
parent	485b88244076b76a4bc1cef7b0630b3e70703fda (diff)