diff options
| author | David Lamparter <equinox@opensourcerouting.org> | 2021-07-27 16:10:23 +0200 |
|---|---|---|
| committer | Adriano Marto Reis <adrianomarto@gmail.com> | 2023-10-09 23:58:21 +0200 |
| commit | f5917bae53cee2367d97ae5712a0e18065981252 (patch) | |
| tree | ff68b15b0312560f56c7b48a374d5263585bc585 | |
| parent | ospf6d: allow configuring PtP neighbors & cost (diff) | |
| download | frr-f5917bae53cee2367d97ae5712a0e18065981252.tar.xz frr-f5917bae53cee2367d97ae5712a0e18065981252.zip | |
ospf6d: option to restrict PtP neighbor list
This adds a knob to refuse forming adjacencies with neighbors not listed
in the config. Only works on PtP/PtMP of course, otherwise the DR/BDR
machinery gets broken.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
| -rw-r--r-- | ospf6d/ospf6_interface.c | 33 | ||||
| -rw-r--r-- | ospf6d/ospf6_interface.h | 3 | ||||
| -rw-r--r-- | ospf6d/ospf6_message.c | 18 | ||||
| -rw-r--r-- | ospf6d/ospf6_neighbor.c | 6 | ||||
| -rw-r--r-- | ospf6d/ospf6_neighbor.h | 2 |
5 files changed, 58 insertions, 4 deletions
diff --git a/ospf6d/ospf6_interface.c b/ospf6d/ospf6_interface.c index c3b905572..0fef0c95d 100644 --- a/ospf6d/ospf6_interface.c +++ b/ospf6d/ospf6_interface.c @@ -2646,6 +2646,34 @@ DEFUN (no_ipv6_ospf6_network, return CMD_SUCCESS; } +DEFPY (ipv6_ospf6_p2xp_only_cfg_neigh, + ipv6_ospf6_p2xp_only_cfg_neigh_cmd, + "[no] ipv6 ospf6 p2p-p2mp config-neighbors-only", + NO_STR + IP6_STR + OSPF6_STR + "Point-to-point and Point-to-Multipoint parameters\n" + "Only form adjacencies with explicitly configured neighbors\n") +{ + VTY_DECLVAR_CONTEXT(interface, ifp); + struct ospf6_interface *oi = ifp->info; + + if (no) { + if (!oi) + return CMD_SUCCESS; + + oi->p2xp_only_cfg_neigh = false; + return CMD_SUCCESS; + } + + if (!oi) + oi = ospf6_interface_create(ifp); + + oi->p2xp_only_cfg_neigh = true; + return CMD_SUCCESS; +} + + static int config_write_ospf6_interface(struct vty *vty, struct vrf *vrf) { struct ospf6_interface *oi; @@ -2714,6 +2742,9 @@ static int config_write_ospf6_interface(struct vty *vty, struct vrf *vrf) vty_out(vty, " ipv6 ospf6 graceful-restart hello-delay %u\n", oi->gr.hello_delay.interval); + if (oi->p2xp_only_cfg_neigh) + vty_out(vty, + " ipv6 ospf6 p2p-p2mp config-neighbors-only\n"); ospf6_bfd_write_config(vty, oi); @@ -2839,6 +2870,8 @@ void ospf6_interface_init(void) install_element(INTERFACE_NODE, &ipv6_ospf6_network_cmd); install_element(INTERFACE_NODE, &no_ipv6_ospf6_network_cmd); + install_element(INTERFACE_NODE, &ipv6_ospf6_p2xp_only_cfg_neigh_cmd); + /* reference bandwidth commands */ install_element(OSPF6_NODE, &auto_cost_reference_bandwidth_cmd); install_element(OSPF6_NODE, &no_auto_cost_reference_bandwidth_cmd); diff --git a/ospf6d/ospf6_interface.h b/ospf6d/ospf6_interface.h index 2c01a6a51..aeb16216c 100644 --- a/ospf6d/ospf6_interface.h +++ b/ospf6d/ospf6_interface.h @@ -70,6 +70,9 @@ struct ospf6_interface { /* P2P/P2MP behavior: */ + /* only allow explicitly configured neighbors? */ + bool p2xp_only_cfg_neigh; + struct ospf6_if_p2xp_neighcfgs_head p2xp_neighs; /* Router Priority */ diff --git a/ospf6d/ospf6_message.c b/ospf6d/ospf6_message.c index b50b408ea..7a855d1af 100644 --- a/ospf6d/ospf6_message.c +++ b/ospf6d/ospf6_message.c @@ -407,6 +407,24 @@ static void ospf6_hello_recv(struct in6_addr *src, struct in6_addr *dst, hello = (struct ospf6_hello *)((caddr_t)oh + sizeof(struct ospf6_header)); + if (oi->state == OSPF6_INTERFACE_POINTTOPOINT + && oi->p2xp_only_cfg_neigh) { + /* NEVER, never, ever, do this on broadcast (or NBMA)! + * DR/BDR election requires everyone to talk to everyone else + * only for PtP/PtMP we can be selective in adjacencies! + */ + struct ospf6_if_p2xp_neighcfg *p2xp_cfg; + + p2xp_cfg = ospf6_if_p2xp_find(oi, src); + if (!p2xp_cfg) { + if (IS_OSPF6_DEBUG_MESSAGE(oh->type, RECV_HDR)) + zlog_debug( + "ignoring PtP/PtMP hello from %pI6, neighbor not configured", + src); + return; + } + } + /* HelloInterval check */ if (ntohs(hello->hello_interval) != oi->hello_interval) { zlog_warn( diff --git a/ospf6d/ospf6_neighbor.c b/ospf6d/ospf6_neighbor.c index 78c0f43e5..45aa24a6f 100644 --- a/ospf6d/ospf6_neighbor.c +++ b/ospf6d/ospf6_neighbor.c @@ -39,8 +39,6 @@ DEFINE_MTYPE_STATIC(OSPF6D, OSPF6_NEIGHBOR_P2XP_CFG, static int ospf6_if_p2xp_neighcfg_cmp(const struct ospf6_if_p2xp_neighcfg *a, const struct ospf6_if_p2xp_neighcfg *b); -static struct ospf6_if_p2xp_neighcfg * -ospf6_if_p2xp_find(struct ospf6_interface *oi, const struct in6_addr *addr); DECLARE_RBTREE_UNIQ(ospf6_if_p2xp_neighcfgs, struct ospf6_if_p2xp_neighcfg, item, ospf6_if_p2xp_neighcfg_cmp); @@ -652,8 +650,8 @@ static int ospf6_if_p2xp_neighcfg_cmp(const struct ospf6_if_p2xp_neighcfg *a, return IPV6_ADDR_CMP(&a->addr, &b->addr); } -static struct ospf6_if_p2xp_neighcfg * -ospf6_if_p2xp_find(struct ospf6_interface *oi, const struct in6_addr *addr) +struct ospf6_if_p2xp_neighcfg *ospf6_if_p2xp_find(struct ospf6_interface *oi, + const struct in6_addr *addr) { struct ospf6_if_p2xp_neighcfg ref; diff --git a/ospf6d/ospf6_neighbor.h b/ospf6d/ospf6_neighbor.h index c6d81006e..c629f09f1 100644 --- a/ospf6d/ospf6_neighbor.h +++ b/ospf6d/ospf6_neighbor.h @@ -218,6 +218,8 @@ void ospf6_neighbor_delete(struct ospf6_neighbor *on); void ospf6_neighbor_lladdr_set(struct ospf6_neighbor *on, const struct in6_addr *addr); +struct ospf6_if_p2xp_neighcfg *ospf6_if_p2xp_find(struct ospf6_interface *oi, + const struct in6_addr *addr); uint32_t ospf6_neighbor_cost(struct ospf6_neighbor *on); |