Expose BGP Origin Validation state in bgpctl show commands

OK denis@ claudio@
author: job <job@openbsd.org> 2018-10-01 23:09:53 +0000
committer: job <job@openbsd.org> 2018-10-01 23:09:53 +0000
commit: 2f429709f1e1316f2ede975e8bc22bfd469272a3 (patch)
tree: fbdec015690dd3d2403378120b5635516667c368
parent: fix obvious pasto in the HISTORY section (diff)
download: wireguard-openbsd-2f429709f1e1316f2ede975e8bc22bfd469272a3.tar.xz
wireguard-openbsd-2f429709f1e1316f2ede975e8bc22bfd469272a3.zip
5 files changed, 43 insertions, 16 deletions
diff --git a/usr.sbin/bgpctl/bgpctl.c b/usr.sbin/bgpctl/bgpctl.c
index 7275ea6a2c4..26f543290d5 100644
--- a/usr.sbin/bgpctl/bgpctl.c
+++ b/usr.sbin/bgpctl/bgpctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bgpctl.c,v 1.218 2018/09/26 15:48:47 claudio Exp $ */
+/*	$OpenBSD: bgpctl.c,v 1.219 2018/10/01 23:09:53 job Exp $ */
 
 /*
  * Copyright (c) 2003 Henning Brauer <henning@openbsd.org>
@@ -72,8 +72,9 @@ int		 show_nexthop_msg(struct imsg *);
 void		 show_interface_head(void);
 int		 show_interface_msg(struct imsg *);
 void		 show_rib_summary_head(void);
-void		 print_prefix(struct bgpd_addr *, u_int8_t, u_int8_t);
+void		 print_prefix(struct bgpd_addr *, u_int8_t, u_int8_t, u_int8_t);
 const char *	 print_origin(u_int8_t, int);
+const char *	 print_ovs(u_int8_t, int);
 void		 print_flags(u_int8_t, int);
 int		 show_rib_summary_msg(struct imsg *);
 int		 show_rib_detail_msg(struct imsg *, int, int);
@@ -183,6 +184,7 @@ main(int argc, char *argv[])
 		ribreq.neighbor = neighbor;
 		ribreq.aid = res->aid;
 		ribreq.flags = res->flags;
+		ribreq.validation_state = res->validation_state;
 		show_mrt.arg = &ribreq;
 		if (!(res->flags & F_CTL_DETAIL))
 			show_rib_summary_head();
@@ -1183,17 +1185,20 @@ show_rib_summary_head(void)
 {
 	printf("flags: * = Valid, > = Selected, I = via IBGP, A = Announced,\n"
 	    "       S = Stale, E = Error\n");
+	printf("origin validation state: N = not-found, V = valid, ! = invalid\n");
 	printf("origin: i = IGP, e = EGP, ? = Incomplete\n\n");
-	printf("%-5s %-20s %-15s  %5s %5s %s\n", "flags", "destination",
+	printf("%-5s %3s %-20s %-15s  %5s %5s %s\n", "flags", "ovs", "destination",
 	    "gateway", "lpref", "med", "aspath origin");
 }
 
 void
-print_prefix(struct bgpd_addr *prefix, u_int8_t prefixlen, u_int8_t flags)
+print_prefix(struct bgpd_addr *prefix, u_int8_t prefixlen, u_int8_t flags,
+    u_int8_t ovs)
 {
 	char			*p;
 
 	print_flags(flags, 1);
+	printf("%3s ", print_ovs(ovs, 1));
 	if (asprintf(&p, "%s/%u", log_addr(prefix), prefixlen) == -1)
 		err(1, NULL);
 	printf("%-20s", p);
@@ -1252,6 +1257,19 @@ print_flags(u_int8_t flags, int sum)
 	}
 }
 
+const char *
+print_ovs(u_int8_t validation_state, int sum)
+{
+	switch (validation_state) {
+	case ROA_INVALID:
+		return (sum ? "!" : "invalid");
+	case ROA_VALID:
+		return (sum ? "V" : "valid");
+	default:
+		return (sum ? "N" : "not-found");
+	}
+}
+
 int
 show_rib_summary_msg(struct imsg *imsg)
 {
@@ -1309,7 +1327,7 @@ show_rib_brief(struct ctl_show_rib *r, u_char *asdata)
 {
 	char			*aspath;
 
-	print_prefix(&r->prefix, r->prefixlen, r->flags);
+	print_prefix(&r->prefix, r->prefixlen, r->flags, r->validation_state);
 	printf(" %-15s ", log_addr(&r->exit_nexthop));
 	printf(" %5u %5u ", r->local_pref, r->med);
 
@@ -1346,8 +1364,9 @@ show_rib_detail(struct ctl_show_rib *r, u_char *asdata, int nodescr, int flag0)
 	id.s_addr = htonl(r->remote_id);
 	printf("%s)%c", inet_ntoa(id), EOL0(flag0));
 
-	printf("    Origin %s, metric %u, localpref %u, weight %u, ",
-	    print_origin(r->origin, 0), r->med, r->local_pref, r->weight);
+	printf("    Origin %s, metric %u, localpref %u, weight %u, ovs %s, ",
+	    print_origin(r->origin, 0), r->med, r->local_pref, r->weight,
+	    print_ovs(r->validation_state, 0));
 	print_flags(r->flags, 0);
 
 	now = time(NULL);
diff --git a/usr.sbin/bgpctl/parser.h b/usr.sbin/bgpctl/parser.h
index fd4847b199c..ea5d69bdbc7 100644
--- a/usr.sbin/bgpctl/parser.h
+++ b/usr.sbin/bgpctl/parser.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parser.h,v 1.30 2017/08/10 14:12:34 benno Exp $ */
+/*	$OpenBSD: parser.h,v 1.31 2018/10/01 23:09:53 job Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -70,6 +70,7 @@ struct parse_result {
 	char			 shutcomm[SHUT_COMM_LEN];
 	char			*irr_outdir;
 	int			 flags;
+	u_int8_t		 validation_state;
 	u_int			 rtableid;
 	enum actions		 action;
 	u_int8_t		 prefixlen;
diff --git a/usr.sbin/bgpd/bgpd.h b/usr.sbin/bgpd/bgpd.h
index 8e6a4bcb2c7..4957d42cfe3 100644
--- a/usr.sbin/bgpd/bgpd.h
+++ b/usr.sbin/bgpd/bgpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bgpd.h,v 1.347 2018/09/29 08:11:11 claudio Exp $ */
+/*	$OpenBSD: bgpd.h,v 1.348 2018/10/01 23:09:53 job Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -90,6 +90,15 @@
 #define	F_CTL_INVALID		0x40000 /* only used by bgpctl */
 
 /*
+ * Note that these numeric assignments differ from the numbers commonly
+ * used in route origin validation context.
+ */
+#define	ROA_NOTFOUND		0x0	/* default */
+#define	ROA_INVALID		0x1
+#define	ROA_VALID		0x2
+#define	ROA_MASK		0x3
+
+/*
  * Limit the number of messages queued in the session engine.
  * The SE will send an IMSG_XOFF messages to the RDE if the high water mark
  * is reached. The RDE should then throttle this peer or control connection.
@@ -668,6 +677,7 @@ struct ctl_show_rib {
 	u_int16_t		aspath_len;
 	u_int8_t		prefixlen;
 	u_int8_t		origin;
+	u_int8_t		validation_state;
 	/* plus a aspath_len bytes long aspath */
 };
 
@@ -768,6 +778,7 @@ struct ctl_show_rib_request {
 	struct filter_largecommunity large_community;
 	u_int32_t		peerid;
 	u_int32_t		flags;
+	u_int8_t		validation_state;
 	pid_t			pid;
 	enum imsg_type		type;
 	u_int8_t		prefixlen;
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c
index 6bdbe96fc15..6e9d032cca7 100644
--- a/usr.sbin/bgpd/rde.c
+++ b/usr.sbin/bgpd/rde.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde.c,v 1.431 2018/09/30 10:56:47 denis Exp $ */
+/*	$OpenBSD: rde.c,v 1.432 2018/10/01 23:09:53 job Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -2177,6 +2177,7 @@ rde_dump_rib_as(struct prefix *p, struct rde_aspath *asp, pid_t pid, int flags)
 	pt_getaddr(p->re->prefix, &rib.prefix);
 	rib.prefixlen = p->re->prefix->prefixlen;
 	rib.origin = asp->origin;
+	rib.validation_state = p->validation_state;
 	rib.flags = 0;
 	if (p->re->active == p)
 		rib.flags |= F_PREF_ACTIVE;
diff --git a/usr.sbin/bgpd/rde.h b/usr.sbin/bgpd/rde.h
index 69962d83585..b174fb78420 100644
--- a/usr.sbin/bgpd/rde.h
+++ b/usr.sbin/bgpd/rde.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: rde.h,v 1.195 2018/09/29 08:11:11 claudio Exp $ */
+/*	$OpenBSD: rde.h,v 1.196 2018/10/01 23:09:53 job Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org> and
@@ -36,11 +36,6 @@ enum peer_state {
 	PEER_ERR	/* error occurred going to PEER_DOWN state */
 };
 
-#define	ROA_NOTFOUND	0x0	/* default */
-#define	ROA_INVALID	0x1
-#define	ROA_VALID	0x2
-#define	ROA_MASK	0x3
-
 /*
  * How do we identify peers between the session handler and the rde?
  * Currently I assume that we can do that with the neighbor_ip...
author	job <job@openbsd.org>	2018-10-01 23:09:53 +0000
committer	job <job@openbsd.org>	2018-10-01 23:09:53 +0000
commit	2f429709f1e1316f2ede975e8bc22bfd469272a3 (patch)
tree	fbdec015690dd3d2403378120b5635516667c368
parent	fix obvious pasto in the HISTORY section (diff)
download	wireguard-openbsd-2f429709f1e1316f2ede975e8bc22bfd469272a3.tar.xz wireguard-openbsd-2f429709f1e1316f2ede975e8bc22bfd469272a3.zip