diff options
| -rw-r--r-- | policy/policy.go | 33 | ||||
| -rw-r--r-- | policy/policy_test.go | 109 | ||||
| -rw-r--r-- | server/peer.go | 169 | ||||
| -rw-r--r-- | server/server.go | 184 |
4 files changed, 174 insertions, 321 deletions
diff --git a/policy/policy.go b/policy/policy.go index 988b70ca..62a667af 100644 --- a/policy/policy.go +++ b/policy/policy.go @@ -996,18 +996,16 @@ type RoutingAction struct { } func NewRoutingAction(action config.Actions) *RoutingAction { - r := &RoutingAction{ + return &RoutingAction{ AcceptRoute: action.RouteDisposition.AcceptRoute, } - return r } func (r *RoutingAction) apply(path *table.Path) *table.Path { if r.AcceptRoute { return path - } else { - return nil } + return nil } type CommunityAction struct { @@ -1346,7 +1344,7 @@ func NewPrefix(prefixStr string, maskRange string) (Prefix, error) { // Compare path with a policy's condition in stored order in the policy. // If a condition match, then this function stops evaluation and // subsequent conditions are skipped. -func (p *Policy) Apply(path *table.Path) (bool, RouteType, *table.Path) { +func (p *Policy) Apply(path *table.Path) (RouteType, *table.Path) { for _, statement := range p.Statements { result := statement.evaluate(path) @@ -1356,23 +1354,24 @@ func (p *Policy) Apply(path *table.Path) (bool, RouteType, *table.Path) { "PolicyName": p.Name, }).Debug("statement evaluate : ", result) - var p *table.Path if result { //Routing action - p = statement.routingAction.apply(path) - if p != nil { - // apply all modification actions - cloned := path.Clone(p.IsWithdraw) - for _, action := range statement.modificationActions { - cloned = action.apply(cloned) - } - return true, ROUTE_TYPE_ACCEPT, cloned - } else { - return true, ROUTE_TYPE_REJECT, nil + p := statement.routingAction.apply(path) + if p == nil { + return ROUTE_TYPE_REJECT, path + } + if len(statement.modificationActions) == 0 { + return ROUTE_TYPE_ACCEPT, path + } + // apply all modification actions + cloned := path.Clone(p.IsWithdraw) + for _, action := range statement.modificationActions { + cloned = action.apply(cloned) } + return ROUTE_TYPE_ACCEPT, cloned } } - return false, ROUTE_TYPE_NONE, nil + return ROUTE_TYPE_NONE, path } func ipPrefixCalculate(path *table.Path, cPrefix Prefix) bool { diff --git a/policy/policy_test.go b/policy/policy_test.go index 981d1723..b36dae6c 100644 --- a/policy/policy_test.go +++ b/policy/policy_test.go @@ -243,10 +243,9 @@ func TestPolicyNotMatch(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, false, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_NONE, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) } func TestPolicyMatchAndReject(t *testing.T) { @@ -275,10 +274,9 @@ func TestPolicyMatchAndReject(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) } func TestPolicyMatchAndAccept(t *testing.T) { @@ -307,8 +305,7 @@ func TestPolicyMatchAndAccept(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.Equal(t, path, newPath) } @@ -349,15 +346,13 @@ func TestPolicyRejectOnlyPrefixSet(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path1) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path1) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path1) - match2, pType2, newPath2 := p.Apply(path2) - assert.Equal(t, false, match2) + pType2, newPath2 := p.Apply(path2) assert.Equal(t, ROUTE_TYPE_NONE, pType2) - assert.Nil(t, newPath2) + assert.Equal(t, newPath2, path2) } func TestPolicyRejectOnlyNeighborSet(t *testing.T) { @@ -396,15 +391,13 @@ func TestPolicyRejectOnlyNeighborSet(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path1) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path1) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path1) - match2, pType2, newPath2 := p.Apply(path2) - assert.Equal(t, false, match2) + pType2, newPath2 := p.Apply(path2) assert.Equal(t, ROUTE_TYPE_NONE, pType2) - assert.Nil(t, newPath2) + assert.Equal(t, newPath2, path2) } func TestPolicyDifferentRoutefamilyOfPathAndPolicy(t *testing.T) { @@ -450,15 +443,13 @@ func TestPolicyDifferentRoutefamilyOfPathAndPolicy(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match1, pType1, newPath1 := p.Apply(pathIPv4) - assert.Equal(t, true, match1) + pType1, newPath1 := p.Apply(pathIPv4) assert.Equal(t, ROUTE_TYPE_REJECT, pType1) - assert.Nil(t, newPath1) + assert.Equal(t, newPath1, pathIPv4) - match2, pType2, newPath2 := p.Apply(pathIPv6) - assert.Equal(t, true, match2) + pType2, newPath2 := p.Apply(pathIPv6) assert.Equal(t, ROUTE_TYPE_REJECT, pType2) - assert.Nil(t, newPath2) + assert.Equal(t, newPath2, pathIPv6) } func TestAsPathLengthConditionEvaluate(t *testing.T) { @@ -550,10 +541,9 @@ func TestAsPathLengthConditionWithOtherCondition(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) } @@ -889,10 +879,9 @@ func TestAsPathConditionWithOtherCondition(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) } @@ -1121,17 +1110,15 @@ func TestCommunityConditionEvaluateWithOtherCondition(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) df = pl.DefinedSets p = NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[1], df) - match, pType, newPath = p.Apply(path) - assert.Equal(t, false, match) + pType, newPath = p.Apply(path) assert.Equal(t, ROUTE_TYPE_NONE, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) } @@ -1168,8 +1155,7 @@ func TestPolicyMatchAndAddCommunities(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) log.Debug(newPath) @@ -1212,8 +1198,7 @@ func TestPolicyMatchAndReplaceCommunities(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) assert.Equal(t, []uint32{stringToCommunityValue(community)}, newPath.GetCommunities()) @@ -1255,8 +1240,7 @@ func TestPolicyMatchAndRemoveCommunities(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) assert.Equal(t, []uint32{stringToCommunityValue(community2)}, newPath.GetCommunities()) @@ -1301,8 +1285,7 @@ func TestPolicyMatchAndClearCommunities(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) //assert.Equal(t, []uint32{}, newPath.GetCommunities()) @@ -1632,16 +1615,14 @@ func TestExtCommunityConditionEvaluateWithOtherCondition(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, false, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_NONE, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) p = NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[1], df) - match, pType, newPath = p.Apply(path) - assert.Equal(t, true, match) + pType, newPath = p.Apply(path) assert.Equal(t, ROUTE_TYPE_REJECT, pType) - assert.Nil(t, newPath) + assert.Equal(t, newPath, path) } @@ -1678,8 +1659,7 @@ func TestPolicyMatchAndReplaceMed(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) v, err := newPath.GetMed() @@ -1720,8 +1700,7 @@ func TestPolicyMatchAndAddingMed(t *testing.T) { //test df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) @@ -1765,8 +1744,7 @@ func TestPolicyMatchAndAddingMedOverFlow(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) @@ -1810,8 +1788,7 @@ func TestPolicyMatchAndSubtractMed(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) @@ -1855,8 +1832,7 @@ func TestPolicyMatchAndSubtractMedUnderFlow(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) @@ -1897,8 +1873,7 @@ func TestPolicyMatchWhenPathHaveNotMed(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(t, true, match) + pType, newPath := p.Apply(path) assert.Equal(t, ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(t, nil, newPath) @@ -1944,8 +1919,7 @@ func TestPolicyAsPathPrepend(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(true, match) + pType, newPath := p.Apply(path) assert.Equal(ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(nil, newPath) assert.Equal([]uint32{65002, 65002, 65002, 65002, 65002, 65002, 65002, 65002, 65002, 65002, 65001, 65000}, newPath.GetAsSeqList()) @@ -1988,8 +1962,7 @@ func TestPolicyAsPathPrependLastAs(t *testing.T) { df := pl.DefinedSets p := NewPolicy(pl.PolicyDefinitions.PolicyDefinitionList[0], df) - match, pType, newPath := p.Apply(path) - assert.Equal(true, match) + pType, newPath := p.Apply(path) assert.Equal(ROUTE_TYPE_ACCEPT, pType) assert.NotEqual(nil, newPath) assert.Equal([]uint32{65002, 65002, 65002, 65002, 65002, 65002, 65001, 65000}, newPath.GetAsSeqList()) diff --git a/server/peer.go b/server/peer.go index 2d3b4083..3b0bd44b 100644 --- a/server/peer.go +++ b/server/peer.go @@ -43,6 +43,10 @@ type Peer struct { outgoing chan *bgp.BGPMessage inPolicies []*policy.Policy defaultInPolicy config.DefaultPolicyType + importPolicies []*policy.Policy + defaultImportPolicy config.DefaultPolicyType + exportPolicies []*policy.Policy + defaultExportPolicy config.DefaultPolicyType isConfederationMember bool recvOpen *bgp.BGPMessage } @@ -213,10 +217,10 @@ func (peer *Peer) handleBGPmessage(m *bgp.BGPMessage) ([]*table.Path, bool, []*b return pathList, update, bgpMsgList } -func (peer *Peer) getBests(loc *LocalRib) []*table.Path { +func (peer *Peer) getBests(rib *table.TableManager) []*table.Path { pathList := []*table.Path{} for _, rf := range peer.configuredRFlist() { - for _, paths := range loc.rib.GetBestPathList(rf) { + for _, paths := range rib.GetBestPathList(rf) { pathList = append(pathList, paths) } } @@ -293,13 +297,7 @@ func (peer *Peer) ToApiStruct() *api.Peer { advertized += uint32(peer.adjRib.GetOutCount(rf)) received += uint32(peer.adjRib.GetInCount(rf)) // FIXME: we should store 'accepted' in memory - for _, p := range peer.adjRib.GetInPathList(rf) { - applied, path := peer.applyPolicies(POLICY_DIRECTION_IN, p) - if applied && path == nil || !applied && peer.defaultInPolicy != config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { - continue - } - accepted += 1 - } + accepted += uint32(len(peer.ApplyPolicy(POLICY_DIRECTION_IN, peer.adjRib.GetInPathList(rf)))) } } @@ -364,43 +362,8 @@ func (peer *Peer) setPolicy(policyMap map[string]*policy.Policy) { } peer.inPolicies = inPolicies peer.defaultInPolicy = policyConf.ApplyPolicyConfig.DefaultInPolicy -} -func (peer *Peer) applyPolicies(d Direction, original *table.Path) (bool, *table.Path) { - var policies []*policy.Policy - switch d { - case POLICY_DIRECTION_IN: - policies = peer.inPolicies - } - return applyPolicy("Peer", peer.conf.NeighborConfig.NeighborAddress.String(), d, policies, original) -} - -type LocalRib struct { - rib *table.TableManager - importPolicies []*policy.Policy - defaultImportPolicy config.DefaultPolicyType - exportPolicies []*policy.Policy - defaultExportPolicy config.DefaultPolicyType -} - -func NewLocalRib(owner string, rfList []bgp.RouteFamily, minLabel, maxLabel uint32) *LocalRib { - return &LocalRib{ - rib: table.NewTableManager(owner, rfList, minLabel, maxLabel), - } -} - -func (loc *LocalRib) OwnerName() string { - return loc.rib.OwnerName() -} - -func (loc *LocalRib) isGlobal() bool { - return loc.OwnerName() == "global" -} - -func (loc *LocalRib) setPolicy(peer *Peer, policyMap map[string]*policy.Policy) { - // configure import policy - policyConf := peer.conf.ApplyPolicy - inPolicies := make([]*policy.Policy, 0) + importPolicies := make([]*policy.Policy, 0) for _, policyName := range policyConf.ApplyPolicyConfig.ImportPolicy { log.WithFields(log.Fields{ "Topic": "Peer", @@ -409,14 +372,14 @@ func (loc *LocalRib) setPolicy(peer *Peer, policyMap map[string]*policy.Policy) }).Info("import policy installed") if pol, ok := policyMap[policyName]; ok { log.Debug("import policy : ", pol) - inPolicies = append(inPolicies, pol) + importPolicies = append(importPolicies, pol) } } - loc.importPolicies = inPolicies - loc.defaultImportPolicy = policyConf.ApplyPolicyConfig.DefaultImportPolicy + peer.importPolicies = importPolicies + peer.defaultImportPolicy = policyConf.ApplyPolicyConfig.DefaultImportPolicy // configure export policy - outPolicies := make([]*policy.Policy, 0) + exportPolicies := make([]*policy.Policy, 0) for _, policyName := range policyConf.ApplyPolicyConfig.ExportPolicy { log.WithFields(log.Fields{ "Topic": "Peer", @@ -425,73 +388,69 @@ func (loc *LocalRib) setPolicy(peer *Peer, policyMap map[string]*policy.Policy) }).Info("export policy installed") if pol, ok := policyMap[policyName]; ok { log.Debug("export policy : ", pol) - outPolicies = append(outPolicies, pol) + exportPolicies = append(exportPolicies, pol) } } - loc.exportPolicies = outPolicies - loc.defaultExportPolicy = policyConf.ApplyPolicyConfig.DefaultExportPolicy + peer.exportPolicies = exportPolicies + peer.defaultExportPolicy = policyConf.ApplyPolicyConfig.DefaultExportPolicy } -// apply policies to the path -// if multiple policies are defined, -// this function applies each policy to the path in the order that -// policies are stored in the array passed to this function. -// -// the way of applying statements inside a single policy -// - apply statement until the condition in the statement matches. -// if the condition matches the path, apply the action on the statement and -// return value that indicates 'applied' to caller of this function -// - if no statement applied, then process the next policy -// -// if no policy applied, return value that indicates 'not applied' to the caller of this function -// -// return values: -// bool -- indicates that any of policy applied to the path that is passed to this function -// table.Path -- indicates new path object that is the result of modification according to -// policy's action. -// If the applied policy doesn't have a modification action, -// then return the path itself that is passed to this function, otherwise return -// modified path. -// If action of the policy is 'reject', return nil -// -func (loc *LocalRib) applyPolicies(d Direction, original *table.Path) (bool, *table.Path) { - var policies []*policy.Policy +func (peer *Peer) GetPolicy(d PolicyDirection) []*policy.Policy { switch d { + case POLICY_DIRECTION_IN: + return peer.inPolicies + case POLICY_DIRECTION_IMPORT: + return peer.importPolicies case POLICY_DIRECTION_EXPORT: - policies = loc.exportPolicies + return peer.exportPolicies + } + return nil +} + +func (peer *Peer) GetDefaultPolicy(d PolicyDirection) policy.RouteType { + var def config.DefaultPolicyType + switch d { + case POLICY_DIRECTION_IN: + def = peer.defaultInPolicy case POLICY_DIRECTION_IMPORT: - policies = loc.importPolicies + def = peer.defaultImportPolicy + case POLICY_DIRECTION_EXPORT: + def = peer.defaultExportPolicy } - return applyPolicy("Loc", loc.OwnerName(), d, policies, original) + + if def == config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { + return policy.ROUTE_TYPE_ACCEPT + } + return policy.ROUTE_TYPE_REJECT } -func applyPolicy(component, owner string, d Direction, policies []*policy.Policy, original *table.Path) (bool, *table.Path) { - var applied bool = true - for _, pol := range policies { - if result, action, newpath := pol.Apply(original); result { - log.Debug("newpath: ", newpath) - if action == policy.ROUTE_TYPE_REJECT { - log.WithFields(log.Fields{ - "Topic": component, - "Key": owner, - "NLRI": original.GetNlri(), - "Dir": d, - }).Debug("path was rejected") - // return applied, nil, this means path was rejected - return applied, nil - } else { - // return applied, new path - return applied, newpath +func (peer *Peer) ApplyPolicy(d PolicyDirection, paths []*table.Path) []*table.Path { + newpaths := make([]*table.Path, 0, len(paths)) + for _, path := range paths { + result := policy.ROUTE_TYPE_NONE + newpath := path + for _, p := range peer.GetPolicy(d) { + result, newpath = p.Apply(path) + if result != policy.ROUTE_TYPE_NONE { + break } } - } - log.WithFields(log.Fields{ - "Topic": component, - "Key": owner, - "Len": len(policies), - "NLRI": original, - "Dir": d, - }).Debug("no policy applied") - return !applied, original + if result == policy.ROUTE_TYPE_NONE { + result = peer.GetDefaultPolicy(d) + } + + switch result { + case policy.ROUTE_TYPE_ACCEPT: + newpaths = append(newpaths, newpath) + case policy.ROUTE_TYPE_REJECT: + log.WithFields(log.Fields{ + "Topic": "Peer", + "Key": peer.conf.NeighborConfig.NeighborAddress, + "Path": path, + "Direction": d, + }).Debug("reject") + } + } + return newpaths } diff --git a/server/server.go b/server/server.go index a989e48d..9d444a32 100644 --- a/server/server.go +++ b/server/server.go @@ -37,12 +37,12 @@ const ( GLOBAL_RIB_NAME = "global" ) -type Direction string +type PolicyDirection int const ( - POLICY_DIRECTION_IMPORT Direction = "import" - POLICY_DIRECTION_EXPORT = "export" - POLICY_DIRECTION_IN = "in" + POLICY_DIRECTION_IMPORT PolicyDirection = iota + POLICY_DIRECTION_EXPORT + POLICY_DIRECTION_IN ) type SenderMsg struct { @@ -101,7 +101,7 @@ type BgpServer struct { broadcastReqs []*GrpcRequest broadcastMsgs []broadcastMsg neighborMap map[string]*Peer - localRibMap map[string]*LocalRib + localRibMap map[string]*table.TableManager zclient *zebra.Client roaClient *roaClient bmpClient *bmpClient @@ -119,7 +119,7 @@ func NewBgpServer(port int) *BgpServer { b.bmpConnCh = make(chan *bmpConn) b.GrpcReqCh = make(chan *GrpcRequest, 1) b.policyUpdateCh = make(chan config.RoutingPolicy) - b.localRibMap = make(map[string]*LocalRib) + b.localRibMap = make(map[string]*table.TableManager) b.neighborMap = make(map[string]*Peer) b.listenPort = port b.roaClient, _ = newROAClient(config.RpkiServers{}) @@ -150,7 +150,7 @@ func listenAndAccept(proto string, port int, ch chan *net.TCPConn) (*net.TCPList return l, nil } -func (server *BgpServer) addLocalRib(rib *LocalRib) { +func (server *BgpServer) addLocalRib(rib *table.TableManager) { server.localRibMap[rib.OwnerName()] = rib } @@ -224,7 +224,7 @@ func (server *BgpServer) Serve() { return rfList }(g.AfiSafis.AfiSafiList) - server.addLocalRib(NewLocalRib(GLOBAL_RIB_NAME, rfList, g.MplsLabelRange.MinLabel, g.MplsLabelRange.MaxLabel)) + server.addLocalRib(table.NewTableManager(GLOBAL_RIB_NAME, rfList, g.MplsLabelRange.MinLabel, g.MplsLabelRange.MaxLabel)) listenerMap := make(map[string]*net.TCPListener) acceptCh := make(chan *net.TCPConn) @@ -354,10 +354,8 @@ func (server *BgpServer) Serve() { name := config.NeighborConfig.NeighborAddress.String() if config.RouteServer.RouteServerConfig.RouteServerClient { - loc := NewLocalRib(name, peer.configuredRFlist(), g.MplsLabelRange.MinLabel, g.MplsLabelRange.MaxLabel) - server.addLocalRib(loc) - loc.setPolicy(peer, server.policyMap) - // set in policy + rib := table.NewTableManager(name, peer.configuredRFlist(), g.MplsLabelRange.MinLabel, g.MplsLabelRange.MaxLabel) + server.addLocalRib(rib) peer.setPolicy(server.policyMap) pathList := make([]*table.Path, 0) @@ -369,9 +367,9 @@ func (server *BgpServer) Serve() { pathList = append(pathList, p.adjRib.GetInPathList(rf)...) } } - pathList = applyPolicies(peer, loc, POLICY_DIRECTION_IMPORT, pathList) + pathList = peer.ApplyPolicy(POLICY_DIRECTION_IMPORT, pathList) if len(pathList) > 0 { - loc.rib.ProcessPaths(pathList) + rib.ProcessPaths(pathList) } } server.neighborMap[name] = peer @@ -411,8 +409,6 @@ func (server *BgpServer) Serve() { peer := server.neighborMap[addr] if peer.isRouteServerClient() { peer.conf.ApplyPolicy = config.ApplyPolicy - loc := server.localRibMap[addr] - loc.setPolicy(peer, server.policyMap) peer.setPolicy(server.policyMap) } case e := <-incoming: @@ -555,12 +551,12 @@ func (server *BgpServer) dropPeerAllRoutes(peer *Peer) []*SenderMsg { for _, rf := range peer.configuredRFlist() { if peer.isRouteServerClient() { - for _, loc := range server.localRibMap { - targetPeer := server.neighborMap[loc.OwnerName()] - if loc.isGlobal() || loc.OwnerName() == peer.conf.NeighborConfig.NeighborAddress.String() { + for _, rib := range server.localRibMap { + targetPeer := server.neighborMap[rib.OwnerName()] + if rib.OwnerName() == GLOBAL_RIB_NAME || rib.OwnerName() == peer.conf.NeighborConfig.NeighborAddress.String() { continue } - pathList, _ := loc.rib.DeletePathsforPeer(peer.peerInfo, rf) + pathList, _ := rib.DeletePathsforPeer(peer.peerInfo, rf) pathList = dropSameAsPath(targetPeer.conf.NeighborConfig.PeerAs, pathList) if targetPeer.fsm.state != bgp.BGP_FSM_ESTABLISHED || len(pathList) == 0 { continue @@ -570,8 +566,8 @@ func (server *BgpServer) dropPeerAllRoutes(peer *Peer) []*SenderMsg { targetPeer.adjRib.UpdateOut(pathList) } } else { - loc := server.localRibMap[GLOBAL_RIB_NAME] - pathList, _ := loc.rib.DeletePathsforPeer(peer.peerInfo, rf) + rib := server.localRibMap[GLOBAL_RIB_NAME] + pathList, _ := rib.DeletePathsforPeer(peer.peerInfo, rf) if len(pathList) == 0 { continue } @@ -591,59 +587,6 @@ func (server *BgpServer) dropPeerAllRoutes(peer *Peer) []*SenderMsg { return msgs } -func applyPolicies(peer *Peer, loc *LocalRib, d Direction, pathList []*table.Path) []*table.Path { - var defaultPolicy config.DefaultPolicyType - ret := make([]*table.Path, 0, len(pathList)) - - switch d { - case POLICY_DIRECTION_EXPORT: - defaultPolicy = loc.defaultExportPolicy - case POLICY_DIRECTION_IMPORT: - defaultPolicy = loc.defaultImportPolicy - case POLICY_DIRECTION_IN: - defaultPolicy = peer.defaultInPolicy - default: - log.WithFields(log.Fields{ - "Topic": "Server", - "Key": peer.conf.NeighborConfig.NeighborAddress, - }).Error("direction is not specified.") - return ret - } - - for _, path := range pathList { - if !path.IsWithdraw { - var applied bool = false - switch d { - case POLICY_DIRECTION_IN: - applied, path = peer.applyPolicies(d, path) - case POLICY_DIRECTION_IMPORT, POLICY_DIRECTION_EXPORT: - applied, path = loc.applyPolicies(d, path) - } - - if applied { - if path == nil { - log.WithFields(log.Fields{ - "Topic": "Peer", - "Key": peer.conf.NeighborConfig.NeighborAddress, - "Data": path, - }).Debug("Policy applied and rejected.") - continue - } - } else if defaultPolicy != config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { - log.WithFields(log.Fields{ - "Topic": "Peer", - "Key": peer.conf.NeighborConfig.NeighborAddress, - "Data": path, - }).Debug("Default policy applied and rejected.") - continue - } - } - // FIXME: probably we already clone. - ret = append(ret, path.Clone(path.IsWithdraw)) - } - return ret -} - func (server *BgpServer) broadcastBests(bests []*table.Path) { for _, path := range bests { if !path.IsFromZebra { @@ -717,19 +660,19 @@ func (server *BgpServer) propagateUpdate(peer *Peer, pathList []*table.Path) []* msgs := make([]*SenderMsg, 0) if peer != nil && peer.isRouteServerClient() { - newPathList := applyPolicies(peer, nil, POLICY_DIRECTION_IN, pathList) - for _, loc := range server.localRibMap { - targetPeer := server.neighborMap[loc.OwnerName()] + newPathList := peer.ApplyPolicy(POLICY_DIRECTION_IN, pathList) + for _, rib := range server.localRibMap { + targetPeer := server.neighborMap[rib.OwnerName()] neighborAddress := peer.conf.NeighborConfig.NeighborAddress.String() - if loc.isGlobal() || loc.OwnerName() == neighborAddress { + if rib.OwnerName() == GLOBAL_RIB_NAME || rib.OwnerName() == neighborAddress { continue } - sendPathList, _ := loc.rib.ProcessPaths(applyPolicies(targetPeer, loc, POLICY_DIRECTION_IMPORT, + sendPathList, _ := rib.ProcessPaths(targetPeer.ApplyPolicy(POLICY_DIRECTION_IMPORT, dropSameAsPath(targetPeer.conf.NeighborConfig.PeerAs, filterpath(targetPeer, newPathList)))) if targetPeer.fsm.state != bgp.BGP_FSM_ESTABLISHED || len(sendPathList) == 0 { continue } - sendPathList = applyPolicies(targetPeer, loc, POLICY_DIRECTION_EXPORT, sendPathList) + sendPathList = targetPeer.ApplyPolicy(POLICY_DIRECTION_EXPORT, sendPathList) if len(sendPathList) == 0 { continue } @@ -738,8 +681,8 @@ func (server *BgpServer) propagateUpdate(peer *Peer, pathList []*table.Path) []* msgs = append(msgs, newSenderMsg(targetPeer, msgList)) } } else { - globalLoc := server.localRibMap[GLOBAL_RIB_NAME] - sendPathList, _ := globalLoc.rib.ProcessPaths(pathList) + rib := server.localRibMap[GLOBAL_RIB_NAME] + sendPathList, _ := rib.ProcessPaths(pathList) if len(sendPathList) == 0 { return msgs } @@ -775,7 +718,6 @@ func (server *BgpServer) handleFSMMessage(peer *Peer, e *fsmMsg, incoming chan * oldState := bgp.FSMState(peer.conf.NeighborState.SessionState) peer.conf.NeighborState.SessionState = uint32(nextState) peer.fsm.StateChange(nextState) - globalRib := server.localRibMap[GLOBAL_RIB_NAME] if oldState == bgp.BGP_FSM_ESTABLISHED { if ch := server.bmpClient.send(); ch != nil { @@ -811,12 +753,13 @@ func (server *BgpServer) handleFSMMessage(peer *Peer, e *fsmMsg, incoming chan * } pathList := make([]*table.Path, 0) if peer.isRouteServerClient() { - loc := server.localRibMap[peer.conf.NeighborConfig.NeighborAddress.String()] - pathList = applyPolicies(peer, loc, POLICY_DIRECTION_EXPORT, peer.getBests(loc)) + rib := server.localRibMap[peer.conf.NeighborConfig.NeighborAddress.String()] + pathList = peer.ApplyPolicy(POLICY_DIRECTION_EXPORT, peer.getBests(rib)) } else { + rib := server.localRibMap[GLOBAL_RIB_NAME] l, _ := peer.fsm.LocalHostPort() peer.conf.Transport.TransportConfig.LocalAddress = net.ParseIP(l) - for _, path := range filterpath(peer, peer.getBests(globalRib)) { + for _, path := range filterpath(peer, peer.getBests(rib)) { p := path.Clone(path.IsWithdraw) p.UpdatePathAttrs(&server.bgpConfig.Global, &peer.conf) pathList = append(pathList, p) @@ -939,17 +882,15 @@ func (server *BgpServer) SetPolicy(pl config.RoutingPolicy) { func (server *BgpServer) handlePolicy(pl config.RoutingPolicy) { server.SetPolicy(pl) - for _, loc := range server.localRibMap { - if loc.isGlobal() { + for _, rib := range server.localRibMap { + if rib.OwnerName() == GLOBAL_RIB_NAME { continue } - targetPeer := server.neighborMap[loc.OwnerName()] + targetPeer := server.neighborMap[rib.OwnerName()] log.WithFields(log.Fields{ "Topic": "Peer", "Key": targetPeer.conf.NeighborConfig.NeighborAddress, }).Info("call set policy") - loc.setPolicy(targetPeer, server.policyMap) - // set distribute policy targetPeer.setPolicy(server.policyMap) } } @@ -1132,12 +1073,12 @@ func (server *BgpServer) handleModPathRequest(grpcReq *GrpcRequest) []*table.Pat rf = bgp.AfiSafiToRouteFamily(nlri.AFI(), nlri.SAFI()) if arg.Resource == api.Resource_VRF { - label, err := server.localRibMap[GLOBAL_RIB_NAME].rib.GetNextLabel(arg.Name, nexthop, path.IsWithdraw) + label, err := server.localRibMap[GLOBAL_RIB_NAME].GetNextLabel(arg.Name, nexthop, path.IsWithdraw) if err != nil { result.ResponseErr = err goto ERR } - vrf := server.localRibMap[GLOBAL_RIB_NAME].rib.Vrfs[arg.Name] + vrf := server.localRibMap[GLOBAL_RIB_NAME].Vrfs[arg.Name] switch rf { case bgp.RF_IPv4_UC: n := nlri.(*bgp.IPAddrPrefix) @@ -1172,7 +1113,7 @@ func (server *BgpServer) handleModPathRequest(grpcReq *GrpcRequest) []*table.Pat macIpAdv := evpnNlri.RouteTypeData.(*bgp.EVPNMacIPAdvertisementRoute) etag := macIpAdv.ETag mac := macIpAdv.MacAddress - paths := server.localRibMap[GLOBAL_RIB_NAME].rib.GetBestPathList(bgp.RF_EVPN) + paths := server.localRibMap[GLOBAL_RIB_NAME].GetBestPathList(bgp.RF_EVPN) if m := getMacMobilityExtendedCommunity(etag, mac, paths); m != nil { extcomms = append(extcomms, m) } @@ -1196,7 +1137,7 @@ ERR: } func (server *BgpServer) handleVrfMod(arg *api.ModVrfArguments) ([]*table.Path, error) { - manager := server.localRibMap[GLOBAL_RIB_NAME].rib + rib := server.localRibMap[GLOBAL_RIB_NAME] var msgs []*table.Path switch arg.Operation { case api.Operation_ADD: @@ -1224,13 +1165,13 @@ func (server *BgpServer) handleVrfMod(arg *api.ModVrfArguments) ([]*table.Path, AS: server.bgpConfig.Global.GlobalConfig.As, LocalID: server.bgpConfig.Global.GlobalConfig.RouterId, } - msgs, err = manager.AddVrf(arg.Vrf.Name, rd, importRt, exportRt, pi) + msgs, err = rib.AddVrf(arg.Vrf.Name, rd, importRt, exportRt, pi) if err != nil { return nil, err } case api.Operation_DEL: var err error - msgs, err = manager.DeleteVrf(arg.Vrf.Name) + msgs, err = rib.DeleteVrf(arg.Vrf.Name) if err != nil { return nil, err } @@ -1247,7 +1188,7 @@ func (server *BgpServer) handleVrfRequest(req *GrpcRequest) []*table.Path { switch req.RequestType { case REQ_VRF: name := req.Name - rib := server.localRibMap[GLOBAL_RIB_NAME].rib + rib := server.localRibMap[GLOBAL_RIB_NAME] vrfs := rib.Vrfs if _, ok := vrfs[name]; !ok { result.ResponseErr = fmt.Errorf("vrf %s not found", name) @@ -1279,7 +1220,7 @@ func (server *BgpServer) handleVrfRequest(req *GrpcRequest) []*table.Path { } goto END case REQ_VRFS: - vrfs := server.localRibMap[GLOBAL_RIB_NAME].rib.Vrfs + vrfs := server.localRibMap[GLOBAL_RIB_NAME].Vrfs for _, vrf := range vrfs { req.ResponseCh <- &GrpcResponse{ Data: vrf.ToApiStruct(), @@ -1336,11 +1277,11 @@ func (server *BgpServer) handleGrpc(grpcReq *GrpcRequest) []*SenderMsg { switch grpcReq.RequestType { case REQ_GLOBAL_RIB: var results []*GrpcResponse - if t, ok := server.localRibMap[GLOBAL_RIB_NAME].rib.Tables[grpcReq.RouteFamily]; ok { + if t, ok := server.localRibMap[GLOBAL_RIB_NAME].Tables[grpcReq.RouteFamily]; ok { results = make([]*GrpcResponse, len(t.GetDestinations())) switch grpcReq.RouteFamily { case bgp.RF_IPv4_UC, bgp.RF_IPv6_UC: - results = sortedDsts(server.localRibMap[GLOBAL_RIB_NAME].rib.Tables[grpcReq.RouteFamily]) + results = sortedDsts(server.localRibMap[GLOBAL_RIB_NAME].Tables[grpcReq.RouteFamily]) default: i := 0 for _, dst := range t.GetDestinations() { @@ -1392,11 +1333,11 @@ func (server *BgpServer) handleGrpc(grpcReq *GrpcRequest) []*SenderMsg { var results []*GrpcResponse if peer.isRouteServerClient() && peer.fsm.adminState != ADMIN_STATE_DOWN { remoteAddr := grpcReq.Name - if t, ok := server.localRibMap[remoteAddr].rib.Tables[grpcReq.RouteFamily]; ok { + if t, ok := server.localRibMap[remoteAddr].Tables[grpcReq.RouteFamily]; ok { results = make([]*GrpcResponse, len(t.GetDestinations())) switch grpcReq.RouteFamily { case bgp.RF_IPv4_UC, bgp.RF_IPv6_UC: - results = sortedDsts(server.localRibMap[remoteAddr].rib.Tables[grpcReq.RouteFamily]) + results = sortedDsts(server.localRibMap[remoteAddr].Tables[grpcReq.RouteFamily]) default: i := 0 for _, dst := range t.GetDestinations() { @@ -1547,15 +1488,6 @@ func (server *BgpServer) handleGrpc(grpcReq *GrpcRequest) []*SenderMsg { if err != nil { break } - loc := server.localRibMap[peer.conf.NeighborConfig.NeighborAddress.String()] - if loc == nil { - result := &GrpcResponse{ - ResponseErr: fmt.Errorf("no local rib for %s", peer.conf.NeighborConfig.NeighborAddress.String()), - } - grpcReq.ResponseCh <- result - close(grpcReq.ResponseCh) - break - } extract := func(policyNames []string) []*api.PolicyDefinition { pdList := server.routingPolicy.PolicyDefinitions.PolicyDefinitionList @@ -1593,10 +1525,10 @@ func (server *BgpServer) handleGrpc(grpcReq *GrpcRequest) []*SenderMsg { defaultImportPolicy := policy.ROUTE_REJECT defaultExportPolicy := policy.ROUTE_REJECT defaultInPolicy := policy.ROUTE_REJECT - if loc.defaultImportPolicy == config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { + if peer.defaultImportPolicy == config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { defaultImportPolicy = policy.ROUTE_ACCEPT } - if loc.defaultExportPolicy == config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { + if peer.defaultExportPolicy == config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { defaultExportPolicy = policy.ROUTE_ACCEPT } if peer.defaultInPolicy == config.DEFAULT_POLICY_TYPE_ACCEPT_ROUTE { @@ -1655,17 +1587,7 @@ func (server *BgpServer) handleGrpc(grpcReq *GrpcRequest) []*SenderMsg { applyPolicy.InPolicy = make([]string, 0) } - if grpcReq.RequestType == REQ_NEIGHBOR_POLICY_ADD_IN || - grpcReq.RequestType == REQ_NEIGHBOR_POLICY_DEL_IN { - peer.setPolicy(reqPolicyMap) - } else { - loc, ok := server.localRibMap[peer.conf.NeighborConfig.NeighborAddress.String()] - if ok { - loc.setPolicy(peer, reqPolicyMap) - } else { - result.ResponseErr = fmt.Errorf("no local rib for %s", peer.conf.NeighborConfig.NeighborAddress.String()) - } - } + peer.setPolicy(reqPolicyMap) grpcReq.ResponseCh <- result close(grpcReq.ResponseCh) @@ -2318,24 +2240,24 @@ func (server *BgpServer) handleMrt(grpcReq *GrpcRequest) { now := uint32(time.Now().Unix()) view := "" result := &GrpcResponse{} - var manager *table.TableManager + var rib *table.TableManager switch grpcReq.RequestType { case REQ_MRT_GLOBAL_RIB: - manager = server.localRibMap[GLOBAL_RIB_NAME].rib + rib = server.localRibMap[GLOBAL_RIB_NAME] case REQ_MRT_LOCAL_RIB: _, err := server.checkNeighborRequest(grpcReq) if err != nil { return } - loc, ok := server.localRibMap[grpcReq.Name] + var ok bool + rib, ok = server.localRibMap[grpcReq.Name] if !ok { result.ResponseErr = fmt.Errorf("no local rib for %s", grpcReq.Name) grpcReq.ResponseCh <- result close(grpcReq.ResponseCh) return } - manager = loc.rib view = grpcReq.Name } @@ -2354,7 +2276,7 @@ func (server *BgpServer) handleMrt(grpcReq *GrpcRequest) { return } - tbl, ok := manager.Tables[grpcReq.RouteFamily] + tbl, ok := rib.Tables[grpcReq.RouteFamily] if !ok { result.ResponseErr = fmt.Errorf("unsupported route family: %s", grpcReq.RouteFamily) grpcReq.ResponseCh <- result |