From 174b88088dfd1e67afec1cddfc81284f65458476 Mon Sep 17 00:00:00 2001 From: claudio Date: Wed, 28 Aug 2024 13:18:11 +0000 Subject: [PATCH] Check the max_prefix and max_out_prefix limit during config reload. This is cheap and will trigger immediatly instead of waiting until the next UPDATE happens (which could happen a lot later). OK tb@ job@ --- usr.sbin/bgpd/rde.c | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 81c1084dfb6..eefd7880def 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.627 2024/08/20 11:59:39 claudio Exp $ */ +/* $OpenBSD: rde.c,v 1.628 2024/08/28 13:18:11 claudio Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -3627,6 +3627,27 @@ rde_reload_done(void) continue; peer->reconf_out = 0; peer->reconf_rib = 0; + + /* max prefix checker */ + if (peer->conf.max_prefix && + peer->stats.prefix_cnt > peer->conf.max_prefix) { + log_peer_warnx(&peer->conf, + "prefix limit reached (>%u/%u)", + peer->stats.prefix_cnt, peer->conf.max_prefix); + rde_update_err(peer, ERR_CEASE, ERR_CEASE_MAX_PREFIX, + NULL); + } + /* max prefix checker outbound */ + if (peer->conf.max_out_prefix && + peer->stats.prefix_out_cnt > peer->conf.max_out_prefix) { + log_peer_warnx(&peer->conf, + "outbound prefix limit reached (>%u/%u)", + peer->stats.prefix_out_cnt, + peer->conf.max_out_prefix); + rde_update_err(peer, ERR_CEASE, + ERR_CEASE_MAX_SENT_PREFIX, NULL); + } + if (peer->export_type != peer->conf.export_type) { log_peer_info(&peer->conf, "export type change, " "reloading"); -- 2.20.1