On Tue, Sep 04, 2018 at 01:56:12PM +0200, Claudio Jeker wrote:
> On Mon, Aug 27, 2018 at 12:11:43PM +0200, Claudio Jeker wrote:
> > This is in preparation for introducing as-sets (a fast lookup table for
> > when you want to make sure that your peering partner is realy only passing
> > you traffic he should).
> >
> > To make as-set possible lets do some cleanup beforehands. This mainly
> > removes one element from the filter_as struct, uses as_min for unary
> > operations and changes the way we pass the and check the neighbor-as.
> > as_compare() and aspath_match() now take the neighbor-as as last argument
> > and will match against it if AS_FLAG_NEIGHBORAS is set. Simplifies the
> > rde_filter_match() a fair bit.
> >
> > OK?
>
OK denis@ if you patch bgpctl too.
> --
> :wq Claudio
>
>
> Index: bgpd.h
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/bgpd.h,v
> retrieving revision 1.330
> diff -u -p -r1.330 bgpd.h
> --- bgpd.h 9 Aug 2018 21:12:33 -0000 1.330
> +++ bgpd.h 27 Aug 2018 10:03:55 -0000
> @@ -647,7 +647,6 @@ enum aslen_spec {
> };
>
> struct filter_as {
> - u_int32_t as;
> u_int16_t flags;
> enum as_spec type;
> u_int8_t op;
> Index: parse.y
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v
> retrieving revision 1.330
> diff -u -p -r1.330 parse.y
> --- parse.y 27 Aug 2018 09:49:00 -0000 1.330
> +++ parse.y 27 Aug 2018 10:03:56 -0000
> @@ -1902,7 +1902,7 @@ filter_as : as4number_any {
> if (($$ = calloc(1, sizeof(struct filter_as_l))) ==
> NULL)
> fatal(NULL);
> - $$->a.as = $1;
> + $$->a.as_min = $1;
> $$->a.op = OP_EQ;
> }
> | NEIGHBORAS {
> @@ -1916,7 +1916,7 @@ filter_as : as4number_any {
> NULL)
> fatal(NULL);
> $$->a.op = $1;
> - $$->a.as = $2;
> + $$->a.as_min = $2;
> }
> | as4number_any binaryop as4number_any {
> if (($$ = calloc(1, sizeof(struct filter_as_l))) ==
> Index: printconf.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/printconf.c,v
> retrieving revision 1.109
> diff -u -p -r1.109 printconf.c
> --- printconf.c 11 Jul 2018 14:08:46 -0000 1.109
> +++ printconf.c 27 Aug 2018 10:03:56 -0000
> @@ -619,10 +619,10 @@ void print_as(struct filter_rule *r)
> printf("%s ", log_as(r->match.as.as_max));
> break;
> case OP_NE:
> - printf("!= %s ", log_as(r->match.as.as));
> + printf("!= %s ", log_as(r->match.as.as_min));
> break;
> default:
> - printf("%s ", log_as(r->match.as.as));
> + printf("%s ", log_as(r->match.as.as_min));
> break;
> }
> }
> Index: rde.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
> retrieving revision 1.414
> diff -u -p -r1.414 rde.c
> --- rde.c 9 Aug 2018 12:54:06 -0000 1.414
> +++ rde.c 27 Aug 2018 10:03:57 -0000
> @@ -2149,7 +2149,7 @@ rde_dump_filter(struct prefix *p, struct
> return;
> if (req->type == IMSG_CTL_SHOW_RIB_AS &&
> !aspath_match(asp->aspath->data, asp->aspath->len,
> - &req->as, req->as.as))
> + &req->as, 0))
> return;
> if (req->type == IMSG_CTL_SHOW_RIB_COMMUNITY &&
> !community_match(asp, req->community.as,
> @@ -3769,5 +3769,4 @@ rde_mark_prefixsets_dirty(struct prefixs
> }
> }
> }
> - return;
> }
> Index: rde_filter.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/rde_filter.c,v
> retrieving revision 1.99
> diff -u -p -r1.99 rde_filter.c
> --- rde_filter.c 3 Aug 2018 16:31:22 -0000 1.99
> +++ rde_filter.c 27 Aug 2018 10:03:57 -0000
> @@ -340,7 +340,6 @@ int
> rde_filter_match(struct filter_rule *f, struct rde_peer *peer,
> struct filterstate *state, struct prefix *p)
> {
> - u_int32_t pas;
> int cas, type;
> int64_t las, ld1, ld2;
> struct prefixset_item *psi;
> @@ -349,20 +348,16 @@ rde_filter_match(struct filter_rule *f,
> if (state != NULL)
> asp = &state->aspath;
>
> - if (asp != NULL && f->match.as.type != AS_NONE) {
> - if (f->match.as.flags & AS_FLAG_NEIGHBORAS)
> - pas = peer->conf.remote_as;
> - else
> - pas = f->match.as.as;
> - if (aspath_match(asp->aspath->data, asp->aspath->len,
> - &f->match.as, pas) == 0)
> - return (0);
> - }
> -
> if (f->peer.ebgp && !peer->conf.ebgp)
> return (0);
> if (f->peer.ibgp && peer->conf.ebgp)
> return (0);
> +
> + if (asp != NULL && f->match.as.type != AS_NONE) {
> + if (aspath_match(asp->aspath->data, asp->aspath->len,
> + &f->match.as, peer->conf.remote_as) == 0)
> + return (0);
> + }
>
> if (asp != NULL && f->match.aslen.type != ASLEN_NONE)
> if (aspath_lenmatch(asp->aspath, f->match.aslen.type,
> Index: util.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/bgpd/util.c,v
> retrieving revision 1.30
> diff -u -p -r1.30 util.c
> --- util.c 10 Aug 2018 11:13:01 -0000 1.30
> +++ util.c 27 Aug 2018 10:03:57 -0000
> @@ -313,22 +313,40 @@ aspath_strlen(void *data, u_int16_t len)
> }
>
> static int
> -as_compare(struct filter_as *f, u_int32_t as, u_int32_t match)
> +as_compare(struct filter_as *f, u_int32_t as, u_int32_t neighas)
> {
> - if ((f->op == OP_NONE || f->op == OP_EQ) && as == match)
> - return (1);
> - else if (f->op == OP_NE && as != match)
> - return (1);
> - else if (f->op == OP_RANGE && as >= f->as_min && as <= f->as_max)
> - return (1);
> - else if (f->op == OP_XRANGE && (as < f->as_min || as > f->as_max))
> - return (1);
> + u_int32_t match;
> +
> + if (f->flags & AS_FLAG_NEIGHBORAS)
> + match = neighas;
> + else
> + match = f->as_min;
> +
> + switch (f->op) {
> + case OP_NONE:
> + case OP_EQ:
> + if (as == match)
> + return (1);
> + break;
> + case OP_NE:
> + if (as != match)
> + return (1);
> + break;
> + case OP_RANGE:
> + if (as >= f->as_min && as <= f->as_max)
> + return (1);
> + break;
> + case OP_XRANGE:
> + if (as < f->as_min || as > f->as_max)
> + return (1);
> + break;
> + }
> return (0);
> }
>
> /* we need to be able to search more than one as */
> int
> -aspath_match(void *data, u_int16_t len, struct filter_as *f, u_int32_t match)
> +aspath_match(void *data, u_int16_t len, struct filter_as *f, u_int32_t
> neighas)
> {
> u_int8_t *seg;
> int final;
> @@ -348,7 +366,7 @@ aspath_match(void *data, u_int16_t len,
> /* just check the leftmost AS */
> if (f->type == AS_PEER && len >= 6) {
> as = aspath_extract(seg, 0);
> - if (as_compare(f, as, match))
> + if (as_compare(f, as, neighas))
> return (1);
> else
> return (0);
> @@ -372,7 +390,7 @@ aspath_match(void *data, u_int16_t len,
> /* not yet in the final segment */
> if (!final)
> continue;
> - if (as_compare(f, as, match))
> + if (as_compare(f, as, neighas))
> return (1);
> else
> return (0);
> @@ -386,7 +404,7 @@ aspath_match(void *data, u_int16_t len,
> if (final && i == seg_len - 1 && f->type == AS_TRANSIT)
> return (0);
> as = aspath_extract(seg, i);
> - if (as_compare(f, as, match))
> + if (as_compare(f, as, neighas))
> return (1);
> }
> }
>
