From 11cb620266035ffbe17b21c4a174380cb8b6a521 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Sun, 26 Oct 2008 22:36:08 +0100 Subject: Implementation of 4B ASN support for BGP --- proto/bgp/bgp.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'proto/bgp/bgp.c') diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index cedd223..ed2524c 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -76,6 +76,7 @@ static void bgp_connect(struct bgp_proto *p); static void bgp_initiate(struct bgp_proto *p); static void bgp_setup_listen_sk(void); + static void bgp_close(struct bgp_proto *p UNUSED) { @@ -611,6 +612,10 @@ bgp_check(struct bgp_config *c) cf_error("Local AS number must be set"); if (!c->remote_as) cf_error("Neighbor must be configured"); + if (!bgp_as4_support && (c->local_as > 0xFFFF)) + cf_error("Local AS number out of range"); + if (!bgp_as4_support && (c->remote_as > 0xFFFF)) + cf_error("Neighbor AS number out of range"); } static void -- cgit v1.2.3 From d51aa2819005a03e4cfb6f62333be6ccadfb3c06 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Sun, 26 Oct 2008 22:42:39 +0100 Subject: Implementation of MD5 authentication of BGP sessions. --- proto/bgp/bgp.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'proto/bgp/bgp.c') diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index ed2524c..e1f5ec0 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -78,10 +78,14 @@ static void bgp_setup_listen_sk(void); static void -bgp_close(struct bgp_proto *p UNUSED) +bgp_close(struct bgp_proto *p) { ASSERT(bgp_counter); bgp_counter--; + + if (p->cf->password) + sk_set_md5_auth(bgp_listen_sk, p->cf->remote_ip, NULL); + if (!bgp_counter) { rfree(bgp_listen_sk); @@ -330,6 +334,7 @@ bgp_connect(struct bgp_proto *p) /* Enter Connect state and start establishing c bgp_setup_conn(p, conn); bgp_setup_sk(p, conn, s); s->tx_hook = bgp_connected; + s->password = p->cf->password; conn->state = BS_CONNECT; if (sk_open(s)) { @@ -506,6 +511,7 @@ bgp_start(struct proto *P) bgp_counter++; bgp_setup_listen_sk(); + if (!bgp_linpool) bgp_linpool = lp_new(&root_pool, 4080); @@ -523,6 +529,17 @@ bgp_start(struct proto *P) lock->hook = bgp_start_locked; lock->data = p; olock_acquire(lock); + + /* We should create security association after we get a lock not to + * break existing connections. + */ + if (p->cf->password) + { + int rv = sk_set_md5_auth(bgp_listen_sk, p->cf->remote_ip, p->cf->password); + if (rv < 0) + return PS_STOP; + } + return PS_START; } -- cgit v1.2.3 From 4847a894bf7d4852325c3f1ea4bb4890054a1f66 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Sun, 26 Oct 2008 22:45:09 +0100 Subject: Implementation of route reflection for BGP --- proto/bgp/bgp.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'proto/bgp/bgp.c') diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index e1f5ec0..5fa1249 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -485,6 +485,13 @@ bgp_start_locked(struct object_lock *lock) p->local_id = cf->c.global->router_id; p->next_hop = cf->multihop ? cf->multihop_via : cf->remote_ip; p->neigh = neigh_find(&p->p, &p->next_hop, NEF_STICKY); + + if (cf->rr_client) + { + p->rr_cluster_id = cf->rr_cluster_id ? cf->rr_cluster_id : p->local_id; + p->rr_client = cf->rr_client; + } + if (!p->neigh) { log(L_ERR "%s: Invalid next hop %I", p->p.name, p->next_hop); @@ -633,6 +640,8 @@ bgp_check(struct bgp_config *c) cf_error("Local AS number out of range"); if (!bgp_as4_support && (c->remote_as > 0xFFFF)) cf_error("Neighbor AS number out of range"); + if ((c->local_as != c->remote_as) && (c->rr_client)) + cf_error("Only internal neighbor can be RR client"); } static void -- cgit v1.2.3 From ba5ed6f3e4eb4b2899cdad08e2edb99063bfbcee Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Sun, 26 Oct 2008 22:48:02 +0100 Subject: Implementation of an option for disabling AS4 support per BGP instance. --- proto/bgp/bgp.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'proto/bgp/bgp.c') diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index 5fa1249..0d580be 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -636,9 +636,11 @@ bgp_check(struct bgp_config *c) cf_error("Local AS number must be set"); if (!c->remote_as) cf_error("Neighbor must be configured"); - if (!bgp_as4_support && (c->local_as > 0xFFFF)) + if (!bgp_as4_support && c->enable_as4) + cf_error("AS4 support disabled globbaly"); + if (!c->enable_as4 && (c->local_as > 0xFFFF)) cf_error("Local AS number out of range"); - if (!bgp_as4_support && (c->remote_as > 0xFFFF)) + if (!c->enable_as4 && (c->remote_as > 0xFFFF)) cf_error("Neighbor AS number out of range"); if ((c->local_as != c->remote_as) && (c->rr_client)) cf_error("Only internal neighbor can be RR client"); -- cgit v1.2.3