[quagga-dev 8598] Re: [PATCH] BGP minttl more complete support

Stephen Hemminger shemminger at vyatta.com
Thu Mar 24 16:45:58 GMT 2011


Revision to BGP minttl support. I added this to add more error case checking
to be more like the other router vendors.

For example, adding minttl to an IBGP peer causes error message rather than
being silently ignored. Also, changing minttl resets the minttl of active
peers.

---
v2 - avoid setting minttl twice in case of peer change

 bgpd/bgp_vty.c |   17 +++++++++++++----
 bgpd/bgpd.c    |   21 ++++++++++++++++++---
 bgpd/bgpd.h    |    3 ++-
 3 files changed, 33 insertions(+), 8 deletions(-)

--- a/bgpd/bgp_vty.c	2011-03-24 08:38:13.634819200 -0700
+++ b/bgpd/bgp_vty.c	2011-03-24 08:41:14.333787817 -0700
@@ -216,6 +216,9 @@ bgp_vty_return (struct vty *vty, int ret
     case BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK:
       str = "ebgp-multihop and ttl-security cannot be configured together";
       break;
+    case BGP_ERR_NO_IBGP_WITH_TTLHACK:
+      str = "ttl-security only allowed for EBGP peers";
+      break;
     }
   if (str)
     {
@@ -7643,10 +7646,16 @@ bgp_show_peer (struct vty *vty, struct p
 		 p->host, VTY_NEWLINE);
     }
 
-  /* EBGP Multihop */
-  if (peer_sort (p) != BGP_PEER_IBGP && p->ttl > 1)
-    vty_out (vty, "  External BGP neighbor may be up to %d hops away.%s",
-	     p->ttl, VTY_NEWLINE);
+  /* EBGP Multihop and GTSM */
+  if (peer_sort (p) != BGP_PEER_IBGP)
+    {
+      if (p->gtsm_hops > 0)
+	vty_out (vty, "  External BGP neighbor may be up to %d hops away.%s",
+		 p->gtsm_hops, VTY_NEWLINE);
+      else if (p->ttl > 1)
+	vty_out (vty, "  External BGP neighbor may be up to %d hops away.%s",
+		 p->ttl, VTY_NEWLINE);
+    }
 
   /* Local address. */
   if (p->su_local)
--- a/bgpd/bgpd.c	2011-03-24 08:38:13.514825207 -0700
+++ b/bgpd/bgpd.c	2011-03-24 09:45:18.740608168 -0700
@@ -4376,7 +4376,7 @@ peer_ttl_security_hops_set (struct peer
   zlog_debug ("peer_ttl_security_hops_set: set gtsm_hops to %d for %s", gtsm_hops, peer->host);
 
   if (peer_sort (peer) == BGP_PEER_IBGP)
-    return 0;
+    return BGP_ERR_NO_IBGP_WITH_TTLHACK;
 
   /* We cannot configure ttl-security hops when ebgp-multihop is already
      set.  For non peer-groups, the check is simple.  For peer-groups, it's
@@ -4430,8 +4430,23 @@ peer_ttl_security_hops_set (struct peer
 
 	  peer->gtsm_hops = group->conf->gtsm_hops;
 
-	  if (peer->fd >= 0 && peer->gtsm_hops != 0)
-            sockopt_minttl (peer->su.sa.sa_family, peer->fd, MAXTTL + 1 - peer->gtsm_hops);
+	  /* Change setting of existing peer
+	   *   established then change value (may break connectivity)
+	   *   not established yet (teardown session and restart)
+	   *   no session then do nothing (will get handled by next connection)
+	   */
+	  if (peer->status == Established)
+	    {
+	      if (peer->fd >= 0 && peer->gtsm_hops != 0)
+		sockopt_minttl (peer->su.sa.sa_family, peer->fd,
+				MAXTTL + 1 - peer->gtsm_hops);
+	    }
+	  else if (peer->status < Established)
+	    {
+	      if (BGP_DEBUG (events, EVENTS))
+		zlog_debug ("%s Min-ttl changed", peer->host);
+	      BGP_EVENT_ADD (peer, BGP_Stop);
+	    }
 	}
     }
 
--- a/bgpd/bgpd.h	2011-03-24 08:38:13.474827210 -0700
+++ b/bgpd/bgpd.h	2011-03-24 08:41:14.569776079 -0700
@@ -802,7 +802,8 @@ enum bgp_clear_type
 #define BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS    -28
 #define BGP_ERR_TCPSIG_FAILED			-29
 #define BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK	-30
-#define BGP_ERR_MAX				-31
+#define BGP_ERR_NO_IBGP_WITH_TTLHACK		-31
+#define BGP_ERR_MAX				-32
 
 extern struct bgp_master *bm;
 



More information about the Quagga-dev mailing list