mirrors/bird
mirrors/bird
0
0
Fork 0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-22 17:51:53 +00:00
Code Releases Activity

RPKI: Add 'local address' configuration option

Browse Source 
Allow to explicitly configure the source IP address for RPKI-To-Router
sessions. Predictable source addresses are useful for minimizing the
holes to be poked in ACLs.

Changed from 'source address' to 'local address' by committer.
This commit is contained in:
Job Snijders 2024-02-22 14:58:29 +01:00 committed by Ondrej Zajicek
parent 2d0652dd10
commit e2728c8078
4 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/bird.sgml
View File

@ -5697,6 +5697,7 @@ protocol rpki [<name>] {
roa6 { table <tab>; }; roa6 { table <tab>; };
remote <ip> | "<domain>" [port <num>]; remote <ip> | "<domain>" [port <num>];
port <num>; port <num>;
local address <ip>;
refresh [keep] <num>; refresh [keep] <num>;
retry [keep] <num>; retry [keep] <num>;
expire [keep] <num>; expire [keep] <num>;
@ -5726,6 +5727,9 @@ specify both channels.
number is 323 for transport without any encryption and 22 for transport number is 323 for transport without any encryption and 22 for transport
with SSH encryption. with SSH encryption.
<tag>local address <m/ip/</tag>
Define local address we should use as a source address for the RTR session.
<tag>refresh [keep] <m/num/</tag> Time period in seconds. Tells how <tag>refresh [keep] <m/num/</tag> Time period in seconds. Tells how
long to wait before next attempting to poll the cache using a Serial long to wait before next attempting to poll the cache using a Serial
Query or a Reset Query packet. Must be lower than 86400 seconds (one Query or a Reset Query packet. Must be lower than 86400 seconds (one

3
proto/rpki/config.Y
View File

@ -32,7 +32,7 @@ rpki_check_unused_transport(void)
CF_DECLS CF_DECLS
CF_KEYWORDS(RPKI, REMOTE, BIRD, PRIVATE, PUBLIC, KEY, TCP, SSH, TRANSPORT, USER, CF_KEYWORDS(RPKI, REMOTE, BIRD, PRIVATE, PUBLIC, KEY, TCP, SSH, TRANSPORT, USER,
RETRY, REFRESH, EXPIRE, KEEP, IGNORE, MAX, LENGTH) RETRY, REFRESH, EXPIRE, KEEP, IGNORE, MAX, LENGTH, LOCAL, ADDRESS)
%type <i> rpki_keep_interval %type <i> rpki_keep_interval
@ -60,6 +60,7 @@ rpki_proto_item:
| REMOTE rpki_cache_addr | REMOTE rpki_cache_addr
| REMOTE rpki_cache_addr rpki_proto_item_port | REMOTE rpki_cache_addr rpki_proto_item_port
| rpki_proto_item_port | rpki_proto_item_port
| LOCAL ADDRESS ipa { RPKI_CFG->local_ip = $3; }
| TRANSPORT rpki_transport | TRANSPORT rpki_transport
| REFRESH rpki_keep_interval expr { | REFRESH rpki_keep_interval expr {
if (rpki_check_refresh_interval($3)) if (rpki_check_refresh_interval($3))

1
proto/rpki/rpki.h
View File

@ -116,6 +116,7 @@ struct rpki_proto {
struct rpki_config { struct rpki_config {
struct proto_config c; struct proto_config c;
const char *hostname; /* Full domain name or stringified IP address of cache server */ const char *hostname; /* Full domain name or stringified IP address of cache server */
ip_addr local_ip; /* Source address to use */
ip_addr ip; /* IP address of cache server or IPA_NONE */ ip_addr ip; /* IP address of cache server or IPA_NONE */
u16 port; /* Port number of cache server */ u16 port; /* Port number of cache server */
struct rpki_tr_config tr_config; /* Specific transport configuration structure */ struct rpki_tr_config tr_config; /* Specific transport configuration structure */

1
proto/rpki/transport.c
View File

@ -82,6 +82,7 @@ rpki_tr_open(struct rpki_tr_sock *tr)
sk->daddr = cf->ip; sk->daddr = cf->ip;
sk->dport = cf->port; sk->dport = cf->port;
sk->host = cf->hostname; sk->host = cf->hostname;
sk->saddr = cf->local_ip;
sk->rbsize = RPKI_RX_BUFFER_SIZE; sk->rbsize = RPKI_RX_BUFFER_SIZE;
sk->tbsize = RPKI_TX_BUFFER_SIZE; sk->tbsize = RPKI_TX_BUFFER_SIZE;
sk->tos = IP_PREC_INTERNET_CONTROL; sk->tos = IP_PREC_INTERNET_CONTROL;