Rework route priority filter.

reads OK benno@ remi@

4 files changed, 76 insertions, 12 deletions

diff --git a/usr.sbin/ospf6d/kroute.c b/usr.sbin/ospf6d/kroute.c
index 8faf37c21ec..6a6fce0be80 100644
--- a/usr.sbin/ospf6d/kroute.c
+++ b/usr.sbin/ospf6d/kroute.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kroute.c,v 1.61 2019/12/12 08:21:34 denis Exp $ */
+/*	$OpenBSD: kroute.c,v 1.62 2019/12/16 08:28:33 denis Exp $ */
 
 /*
  * Copyright (c) 2004 Esben Norby <norby@openbsd.org>
@@ -97,10 +97,11 @@ RB_PROTOTYPE(kroute_tree, kroute_node, entry, kroute_compare)
 RB_GENERATE(kroute_tree, kroute_node, entry, kroute_compare)
 
 int
-kr_init(int fs, u_int rdomain, u_int8_t fib_prio)
+kr_init(int fs, u_int rdomain, int redis_label_or_prefix, u_int8_t fib_prio)
 {
 	int		opt = 0, rcvbuf, default_rcvbuf;
 	socklen_t	optlen;
+	int		filter_prio = fib_prio;
 
 	kr_state.fib_sync = fs;
 	kr_state.rdomain = rdomain;
@@ -117,6 +118,18 @@ kr_init(int fs, u_int rdomain, u_int8_t fib_prio)
 	    &opt, sizeof(opt)) == -1)
 		log_warn("kr_init: setsockopt");	/* not fatal */
 
+	if (redis_label_or_prefix) {
+		filter_prio = 0;
+		log_info("%s: priority filter disabled", __func__);
+	} else
+		log_debug("%s: priority filter enabled", __func__);
+
+	if (setsockopt(kr_state.fd, AF_ROUTE, ROUTE_PRIOFILTER, &filter_prio,
+	    sizeof(filter_prio)) == -1) {
+		log_warn("%s: setsockopt AF_ROUTE ROUTE_PRIOFILTER", __func__);
+		/* not fatal */
+	}
+
 	/* grow receive buffer, don't wanna miss messages */
 	optlen = sizeof(default_rcvbuf);
 	if (getsockopt(kr_state.fd, SOL_SOCKET, SO_RCVBUF,
@@ -353,6 +366,21 @@ kr_fib_decouple(void)
 	log_info("kernel routing table decoupled");
 }
 
+void
+kr_fib_update_prio(u_int8_t fib_prio)
+{
+	struct kroute_node	*kr;
+
+	RB_FOREACH(kr, kroute_tree, &krt)
+		if ((kr->r.flags & F_OSPFD_INSERTED))
+			kr->r.priority = fib_prio;
+
+	log_info("fib priority changed from %hhu to %hhu", kr_state.fib_prio,
+	    fib_prio);
+
+	kr_state.fib_prio = fib_prio;
+}
+
 /* ARGSUSED */
 void
 kr_dispatch_msg(int fd, short event, void *bula)
@@ -522,11 +550,25 @@ kr_redistribute(struct kroute_node *kh)
 }
 
 void
-kr_reload(void)
+kr_reload(int redis_label_or_prefix)
 {
 	struct kroute_node	*kr, *kn;
 	u_int32_t		 dummy;
 	int			 r;
+	int			 filter_prio = kr_state.fib_prio;
+
+	/* update the priority filter */
+	if (redis_label_or_prefix) {
+		filter_prio = 0;
+		log_info("%s: priority filter disabled", __func__);
+	} else
+		log_debug("%s: priority filter enabled", __func__);
+
+	if (setsockopt(kr_state.fd, AF_ROUTE, ROUTE_PRIOFILTER, &filter_prio,
+	    sizeof(filter_prio)) == -1) {
+		log_warn("%s: setsockopt AF_ROUTE ROUTE_PRIOFILTER", __func__);
+		/* not fatal */
+	}
 
 	RB_FOREACH(kr, kroute_tree, &krt) {
 		for (kn = kr; kn; kn = kn->next) {
diff --git a/usr.sbin/ospf6d/ospf6d.c b/usr.sbin/ospf6d/ospf6d.c
index 8734f8da6af..703992230ad 100644
--- a/usr.sbin/ospf6d/ospf6d.c
+++ b/usr.sbin/ospf6d/ospf6d.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ospf6d.c,v 1.44 2019/03/25 20:53:33 jca Exp $ */
+/*	$OpenBSD: ospf6d.c,v 1.45 2019/12/16 08:28:33 denis Exp $ */
 
 /*
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -280,7 +280,8 @@ main(int argc, char *argv[])
 		fatal("unveil");
 
 	if (kr_init(!(ospfd_conf->flags & OSPFD_FLAG_NO_FIB_UPDATE),
-	    ospfd_conf->rdomain, ospfd_conf->fib_priority) == -1)
+	    ospfd_conf->rdomain, ospfd_conf->redist_label_or_prefix,
+	    ospfd_conf->fib_priority) == -1)
 		fatalx("kr_init failed");
 
 	event_dispatch();
@@ -631,7 +632,7 @@ ospf_reload(void)
 
 	merge_config(ospfd_conf, xconf);
 	/* update redistribute lists */
-	kr_reload();
+	kr_reload(ospfd_conf->redist_label_or_prefix);
 	return (0);
 #else
 	return (-1);
@@ -654,12 +655,16 @@ merge_config(struct ospfd_conf *conf, struct ospfd_conf *xconf)
 	struct area		*a, *xa, *na;
 	struct iface		*iface;
 	struct redistribute	*r;
+	int			 rchange = 0;
 
 	/* change of rtr_id needs a restart */
 	conf->flags = xconf->flags;
 	conf->spf_delay = xconf->spf_delay;
 	conf->spf_hold_time = xconf->spf_hold_time;
-	conf->redistribute = xconf->redistribute;
+	if (SIMPLEQ_EMPTY(&conf->redist_list) !=
+	    SIMPLEQ_EMPTY(&xconf->redist_list))
+		rchange = 1;
+	conf->redist_label_or_prefix = xconf->redist_label_or_prefix;
 
 	if (ospfd_process == PROC_MAIN) {
 		/* main process does neither use areas nor interfaces */
@@ -671,6 +676,15 @@ merge_config(struct ospfd_conf *conf, struct ospfd_conf *xconf)
 			SIMPLEQ_REMOVE_HEAD(&xconf->redist_list, entry);
 			SIMPLEQ_INSERT_TAIL(&conf->redist_list, r, entry);
 		}
+
+		/* adjust FIB priority if changed */
+		if (conf->fib_priority != xconf->fib_priority) {
+			kr_fib_decouple();
+			kr_fib_update_prio(xconf->fib_priority);
+			conf->fib_priority = xconf->fib_priority;
+			kr_fib_couple();
+		}
+
 		goto done;
 	}
 
@@ -792,6 +806,8 @@ merge_interfaces(struct area *a, struct area *xa)
 			dirty = 1;
 		i->metric = xi->metric;
 		i->priority = xi->priority;
+		if (i->self)
+			i->self->priority = i->priority;
 		i->flags = xi->flags; /* needed? */
 		i->type = xi->type; /* needed? */
 		i->if_type = xi->if_type; /* needed? */
diff --git a/usr.sbin/ospf6d/ospf6d.h b/usr.sbin/ospf6d/ospf6d.h
index 5f77a35f637..27efdea1f77 100644
--- a/usr.sbin/ospf6d/ospf6d.h
+++ b/usr.sbin/ospf6d/ospf6d.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ospf6d.h,v 1.40 2019/06/11 05:00:09 remi Exp $ */
+/*	$OpenBSD: ospf6d.h,v 1.41 2019/12/16 08:28:33 denis Exp $ */
 
 /*
  * Copyright (c) 2004, 2007 Esben Norby <norby@openbsd.org>
@@ -385,6 +385,7 @@ struct ospfd_conf {
 	int			spf_state;
 	int			ospf_socket;
 	int			flags;
+	int			redist_label_or_prefix;
 	u_int8_t		border;
 	u_int8_t		redistribute;
 	u_int8_t		fib_priority;
@@ -540,15 +541,16 @@ u_int16_t	 in_cksum(void *, size_t);
 u_int16_t	 iso_cksum(void *, u_int16_t, u_int16_t);
 
 /* kroute.c */
-int		 kr_init(int, u_int, u_int8_t);
+int		 kr_init(int, u_int, int, u_int8_t);
 int		 kr_change(struct kroute *, int);
 int		 kr_delete(struct kroute *);
 void		 kr_shutdown(void);
 void		 kr_fib_couple(void);
 void		 kr_fib_decouple(void);
+void		 kr_fib_update_prio(u_int8_t);
 void		 kr_dispatch_msg(int, short, void *);
 void		 kr_show_route(struct imsg *);
-void		 kr_reload(void);
+void		 kr_reload(int);
 
 void		 embedscope(struct sockaddr_in6 *);
 void		 recoverscope(struct sockaddr_in6 *);
diff --git a/usr.sbin/ospf6d/parse.y b/usr.sbin/ospf6d/parse.y
index 69339f9cd27..47e90db25f8 100644
--- a/usr.sbin/ospf6d/parse.y
+++ b/usr.sbin/ospf6d/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.45 2019/06/11 05:00:09 remi Exp $ */
+/*	$OpenBSD: parse.y,v 1.46 2019/12/16 08:28:33 denis Exp $ */
 
 /*
  * Copyright (c) 2004, 2005 Esben Norby <norby@openbsd.org>
@@ -289,8 +289,10 @@ redistribute	: no REDISTRIBUTE STRING optlist dependon {
 				r->type = REDIST_STATIC;
 			else if (!strcmp($3, "connected"))
 				r->type = REDIST_CONNECTED;
-			else if (prefix($3, &r->addr, &r->prefixlen))
+			else if (prefix($3, &r->addr, &r->prefixlen)) {
 				r->type = REDIST_ADDR;
+				conf->redist_label_or_prefix = !$1;
+			}
 			else {
 				yyerror("unknown redistribute type");
 				free($3);
@@ -318,6 +320,8 @@ redistribute	: no REDISTRIBUTE STRING optlist dependon {
 			r->label = rtlabel_name2id($4);
 			if ($1)
 				r->type |= REDIST_NO;
+			else
+				conf->redist_label_or_prefix = 1;
 			r->metric = $5;
 			if ($6)
 				strlcpy(r->dependon, $6, sizeof(r->dependon));