From c9132633f928b88ca02847c2633323c67d21e972 Mon Sep 17 00:00:00 2001 From: claudio Date: Tue, 28 Jun 2022 11:52:24 +0000 Subject: [PATCH] Try to document 'announce policy' and add RFC 9234 to the list in bgpd.8 How RFC 9234 support will work in the long run may still change but for now at least tell people how to use it. --- usr.sbin/bgpd/bgpd.8 | 15 +++++++++++++-- usr.sbin/bgpd/bgpd.conf.5 | 26 +++++++++++++++++++++++++- 2 files changed, 38 insertions(+), 3 deletions(-) diff --git a/usr.sbin/bgpd/bgpd.8 b/usr.sbin/bgpd/bgpd.8 index 09f7ed3545d..6bf7f45f9fe 100644 --- a/usr.sbin/bgpd/bgpd.8 +++ b/usr.sbin/bgpd/bgpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bgpd.8,v 1.73 2022/06/26 05:54:38 jsg Exp $ +.\" $OpenBSD: bgpd.8,v 1.74 2022/06/28 11:52:24 claudio Exp $ .\" .\" Copyright (c) 2003, 2004 Henning Brauer .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: June 26 2022 $ +.Dd $Mdocdate: June 28 2022 $ .Dt BGPD 8 .Os .Sh NAME @@ -474,6 +474,17 @@ has been started. .%R RFC 9072 .%T Extended Optional Parameters Length for BGP OPEN Message .Re +.Pp +.Rs +.%A A. Azimov +.%A E. Bogomazov +.%A R. Bush +.%A K. Patel +.%A K. Sriram +.%D May 2022 +.%R RFC 9234 +.%T Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages +.Re .Sh HISTORY The .Nm diff --git a/usr.sbin/bgpd/bgpd.conf.5 b/usr.sbin/bgpd/bgpd.conf.5 index e48f7683f81..708ac5c7676 100644 --- a/usr.sbin/bgpd/bgpd.conf.5 +++ b/usr.sbin/bgpd/bgpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: bgpd.conf.5,v 1.222 2022/06/28 04:36:29 jsg Exp $ +.\" $OpenBSD: bgpd.conf.5,v 1.223 2022/06/28 11:52:24 claudio Exp $ .\" .\" Copyright (c) 2004 Claudio Jeker .\" Copyright (c) 2003, 2004 Henning Brauer @@ -875,6 +875,30 @@ The default is .Ic no . .Pp .It Xo +.Ic announce policy +.Pq Ic no Ns | Ns Ar role +.Op Ic enforce +.Xc +If set to +.Ic no , +do not add the open policy role capability. +The role can be one of +.Ar provider , +.Ar customer , +.Ar rs , +.Ar rs-client , +or +.Ar peer . +If the role of the neighbor does not correspond to the expected role then +the session will be closed. +If +.Ic enforce +is set the session will only establish if the neighbor also announces +the open policy capability. +The default is +.Ic no . +.Pp +.It Xo .Ic announce refresh .Pq Ic yes Ns | Ns Ic no .Xc -- 2.20.1