diff options
Diffstat (limited to 'bgpd')
| -rw-r--r-- | bgpd/bgp_attr.c | 4 | ||||
| -rw-r--r-- | bgpd/bgp_vty.c | 17 | ||||
| -rw-r--r-- | bgpd/bgpd.c | 21 | ||||
| -rw-r--r-- | bgpd/bgpd.h | 3 |
4 files changed, 35 insertions, 10 deletions
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index 7e302652..01598c87 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -373,8 +373,8 @@ attrhash_key_make (void *p) #ifdef HAVE_IPV6 MIX(attr->extra->mp_nexthop_len); - key = jhash2(attr->extra->mp_nexthop_global.s6_addr, 16, key); - key = jhash2(attr->extra->mp_nexthop_local.s6_addr, 16, key); + key = jhash(attr->extra->mp_nexthop_global.s6_addr, 16, key); + key = jhash(attr->extra->mp_nexthop_local.s6_addr, 16, key); #endif /* HAVE_IPV6 */ } diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index d93c5d36..e7e7dba1 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -216,6 +216,9 @@ bgp_vty_return (struct vty *vty, int ret) case BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK: str = "ebgp-multihop and ttl-security cannot be configured together"; break; + case BGP_ERR_NO_IBGP_WITH_TTLHACK: + str = "ttl-security only allowed for EBGP peers"; + break; } if (str) { @@ -7643,10 +7646,16 @@ bgp_show_peer (struct vty *vty, struct peer *p) p->host, VTY_NEWLINE); } - /* EBGP Multihop */ - if (peer_sort (p) != BGP_PEER_IBGP && p->ttl > 1) - vty_out (vty, " External BGP neighbor may be up to %d hops away.%s", - p->ttl, VTY_NEWLINE); + /* EBGP Multihop and GTSM */ + if (peer_sort (p) != BGP_PEER_IBGP) + { + if (p->gtsm_hops > 0) + vty_out (vty, " External BGP neighbor may be up to %d hops away.%s", + p->gtsm_hops, VTY_NEWLINE); + else if (p->ttl > 1) + vty_out (vty, " External BGP neighbor may be up to %d hops away.%s", + p->ttl, VTY_NEWLINE); + } /* Local address. */ if (p->su_local) diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c index 5a412f23..ee0cc5da 100644 --- a/bgpd/bgpd.c +++ b/bgpd/bgpd.c @@ -4376,7 +4376,7 @@ peer_ttl_security_hops_set (struct peer *peer, int gtsm_hops) zlog_debug ("peer_ttl_security_hops_set: set gtsm_hops to %d for %s", gtsm_hops, peer->host); if (peer_sort (peer) == BGP_PEER_IBGP) - return 0; + return BGP_ERR_NO_IBGP_WITH_TTLHACK; /* We cannot configure ttl-security hops when ebgp-multihop is already set. For non peer-groups, the check is simple. For peer-groups, it's @@ -4430,8 +4430,23 @@ peer_ttl_security_hops_set (struct peer *peer, int gtsm_hops) peer->gtsm_hops = group->conf->gtsm_hops; - if (peer->fd >= 0 && peer->gtsm_hops != 0) - sockopt_minttl (peer->su.sa.sa_family, peer->fd, MAXTTL + 1 - peer->gtsm_hops); + /* Change setting of existing peer + * established then change value (may break connectivity) + * not established yet (teardown session and restart) + * no session then do nothing (will get handled by next connection) + */ + if (peer->status == Established) + { + if (peer->fd >= 0 && peer->gtsm_hops != 0) + sockopt_minttl (peer->su.sa.sa_family, peer->fd, + MAXTTL + 1 - peer->gtsm_hops); + } + else if (peer->status < Established) + { + if (BGP_DEBUG (events, EVENTS)) + zlog_debug ("%s Min-ttl changed", peer->host); + BGP_EVENT_ADD (peer, BGP_Stop); + } } } diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h index 39cdf8eb..4da19e71 100644 --- a/bgpd/bgpd.h +++ b/bgpd/bgpd.h @@ -802,7 +802,8 @@ enum bgp_clear_type #define BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS -28 #define BGP_ERR_TCPSIG_FAILED -29 #define BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK -30 -#define BGP_ERR_MAX -31 +#define BGP_ERR_NO_IBGP_WITH_TTLHACK -31 +#define BGP_ERR_MAX -32 extern struct bgp_master *bm; |