diff options
author | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2016-01-17 06:16:33 -0800 |
---|---|---|
committer | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2016-01-17 06:21:23 -0800 |
commit | f4c409941848b72ba5b162405dc5022d76fcc59f (patch) | |
tree | 03d378ab66b07b94ff7473d2e000be44d71a28e6 /server | |
parent | 1e564f2d3085e394c0983627ea6fcc95df49a50d (diff) |
update rpki monitor API
- handle withdraw
- added some new info (peer address, timestamp, aspath attribute)
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Diffstat (limited to 'server')
-rw-r--r-- | server/rpki.go | 5 | ||||
-rw-r--r-- | server/server.go | 70 |
2 files changed, 65 insertions, 10 deletions
diff --git a/server/rpki.go b/server/rpki.go index ed4af2ea..6a205aa3 100644 --- a/server/rpki.go +++ b/server/rpki.go @@ -462,12 +462,17 @@ func (c *roaManager) validate(pathList []*table.Path, isMonitor bool) []*api.ROA return apiRoaList }() rr := &api.ROAResult{ + Address: path.GetSource().Address.String(), + Timestamp: path.GetTimestamp().Unix(), OriginAs: path.GetSourceAs(), Prefix: path.GetNlri().String(), OldResult: api.ROAResult_ValidationResult(path.Validation().ToInt()), NewResult: api.ROAResult_ValidationResult(r.ToInt()), Roas: apiRoaList, } + if b := path.GetAsPath(); b != nil { + rr.AspathAttr, _ = b.Serialize() + } results = append(results, rr) } path.SetValidation(config.RpkiValidationResultType(r)) diff --git a/server/server.go b/server/server.go index bdf8988a..75f23ac8 100644 --- a/server/server.go +++ b/server/server.go @@ -564,6 +564,7 @@ func (server *BgpServer) dropPeerAllRoutes(peer *Peer) []*SenderMsg { for _, rf := range peer.configuredRFlist() { dsts := server.globalRib.DeletePathsByPeer(peer.fsm.peerInfo, rf) + server.validatePaths(dsts) if peer.isRouteServerClient() { pathList := make([]*table.Path, len(dsts)) for _, targetPeer := range server.neighborMap { @@ -761,6 +762,63 @@ func (server *BgpServer) RSimportPaths(peer *Peer, pathList []*table.Path) []*ta return moded } +func (server *BgpServer) validatePaths(dsts []*table.Destination) { + isMonitor := func() bool { + if len(server.broadcastReqs) > 0 { + for _, req := range server.broadcastReqs { + if req.RequestType == REQ_MONITOR_ROA_VALIDATION_RESULT { + return true + } + } + return false + } + return false + }() + for _, dst := range dsts { + if isMonitor { + rrList := make([]*api.ROAResult, 0, len(dst.WithdrawnList)) + for _, path := range dst.WithdrawnList { + if path.Validation() == config.RPKI_VALIDATION_RESULT_TYPE_INVALID { + rr := &api.ROAResult{ + Address: path.GetSource().Address.String(), + Timestamp: path.GetTimestamp().Unix(), + OriginAs: path.GetSourceAs(), + Prefix: path.GetNlri().String(), + OldResult: api.ROAResult_ValidationResult(path.Validation().ToInt()), + NewResult: api.ROAResult_ValidationResult(path.Validation().ToInt()), + } + if b := path.GetAsPath(); b != nil { + rr.AspathAttr, _ = b.Serialize() + } + rrList = append(rrList, rr) + } + } + server.broadcastValidationResults(rrList) + } + if vResults := server.roaManager.validate(dst.UpdatedPathList, isMonitor); isMonitor { + for i, path := range dst.UpdatedPathList { + old := func() config.RpkiValidationResultType { + for _, withdrawn := range dst.WithdrawnList { + if path.GetSource().Equal(withdrawn.GetSource()) { + return withdrawn.Validation() + } + } + return config.RPKI_VALIDATION_RESULT_TYPE_NONE + }() + vResults[i].OldResult = api.ROAResult_ValidationResult(old.ToInt()) + } + rrList := make([]*api.ROAResult, 0, len(vResults)) + for _, rr := range vResults { + invalid := api.ROAResult_ValidationResult(config.RPKI_VALIDATION_RESULT_TYPE_INVALID.ToInt()) + if rr.NewResult == invalid || rr.OldResult == invalid { + rrList = append(rrList, rr) + } + } + server.broadcastValidationResults(rrList) + } + } +} + func (server *BgpServer) propagateUpdate(peer *Peer, pathList []*table.Path) ([]*SenderMsg, []*table.Path) { msgs := make([]*SenderMsg, 0) rib := server.globalRib @@ -779,6 +837,7 @@ func (server *BgpServer) propagateUpdate(peer *Peer, pathList []*table.Path) ([] moded = append(moded, server.RSimportPaths(targetPeer, pathList)...) } dsts := rib.ProcessPaths(append(pathList, moded...)) + server.validatePaths(dsts) for _, targetPeer := range server.neighborMap { if !targetPeer.isRouteServerClient() || targetPeer.fsm.state != bgp.BGP_FSM_ESTABLISHED { continue @@ -801,6 +860,7 @@ func (server *BgpServer) propagateUpdate(peer *Peer, pathList []*table.Path) ([] } alteredPathList = pathList dsts := rib.ProcessPaths(pathList) + server.validatePaths(dsts) sendPathList := make([]*table.Path, 0, len(dsts)) for _, dst := range dsts { path := dst.NewFeed(table.GLOBAL_RIB_NAME) @@ -922,16 +982,6 @@ func (server *BgpServer) handleFSMMessage(peer *Peer, e *FsmMsg) []*SenderMsg { } if len(pathList) > 0 { - isMonitor := func() bool { - if len(server.broadcastReqs) > 0 { - return true - } - return false - }() - vResults := server.roaManager.validate(pathList, isMonitor) - if isMonitor { - server.broadcastValidationResults(vResults) - } m, altered := server.propagateUpdate(peer, pathList) msgs = append(msgs, m...) if server.watchers.watching(WATCHER_EVENT_POST_POLICY_UPDATE_MSG) { |