artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a86e8a3) | patch
RFC6472 discourages the use of AS_SET segements in ASPATH attributes.
authorclaudio <claudio@openbsd.org>
Mon, 25 Jan 2021 09:15:23 +0000 (09:15 +0000)
committerclaudio <claudio@openbsd.org>
Mon, 25 Jan 2021 09:15:23 +0000 (09:15 +0000)
commitaa528464aa561a7520d3025cd43c9bfb0bd24a89
tree0cab8e0f3c572f4f713d1017d00ec48d100e613etree | snapshot
parenta86e8a3f5ae6333b227304351fa97d7d3191681ecommit | diff
RFC6472 discourages the use of AS_SET segements in ASPATH attributes.
The main reason is that AS_SET does not play nice with RPKI ROA.

Introduce a per neighbor and global config option
    'reject as-set yes' and 'reject as-set no'
If set to yes received UPDATES with AS_SET segements are rejected.
This is done the same way other ASPATH soft-errors are handled. The UPDATE
is marked invalid and all prefixes are treated as withdraws.
`bgpctl show rib in error` can be used to show prefixes that where denied
and treated as withdraws because of errors.

By default this feature is off.

OK benno@
usr.sbin/bgpd/bgpd.conf.5 diff | blob | history
usr.sbin/bgpd/bgpd.h diff | blob | history
usr.sbin/bgpd/parse.y diff | blob | history
usr.sbin/bgpd/printconf.c diff | blob | history
usr.sbin/bgpd/rde.c diff | blob | history
usr.sbin/bgpd/util.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim