Skip to content

Commit

Permalink
Merge pull request #105 from cjeker/kill_aspa_afi
Browse files Browse the repository at this point in the history
Remove the AFI dependency for ASPA
  • Loading branch information
job authored Dec 21, 2023
2 parents 3289b5d + e7fd422 commit 4dc8601
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 70 deletions.
12 changes: 2 additions & 10 deletions cmd/rtrdump/rtrdump.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,22 +117,14 @@ func (c *Client) HandlePDU(cs *rtr.ClientSession, pdu rtr.PDU) {

case *rtr.PDUASPA:
if c.Data.ASPA == nil {
c.Data.ASPA = &prefixfile.ProviderAuthorizationsJson{
IPv4: make([]prefixfile.ASPAJson, 0),
IPv6: make([]prefixfile.ASPAJson, 0),
}
c.Data.ASPA = make([]prefixfile.ASPAJson, 0)
}
aj := prefixfile.ASPAJson{
CustomerAsid: pdu.CustomerASNumber,
Providers: pdu.ProviderASNumbers,
}

switch pdu.AFIFlags {
case rtr.AFI_IPv4:
c.Data.ASPA.IPv4 = append(c.Data.ASPA.IPv4, aj)
case rtr.AFI_IPv6:
c.Data.ASPA.IPv6 = append(c.Data.ASPA.IPv6, aj)
}
c.Data.ASPA = append(c.Data.ASPA, aj)

if *LogDataPDU {
log.Debugf("Received: %v", pdu)
Expand Down
33 changes: 9 additions & 24 deletions cmd/stayrtr/stayrtr.go
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,7 @@ func isValidPrefixLength(prefix netip.Prefix, maxLength uint8) bool {
// Will return a deduped slice, as well as total VRPs, IPv4 VRPs, IPv6 VRPs, BGPsec Keys and ASPA records
func processData(vrplistjson []prefixfile.VRPJson,
brklistjson []prefixfile.BgpSecKeyJson,
aspajson *prefixfile.ProviderAuthorizationsJson) /*Export*/ ([]rtr.VRP, []rtr.BgpsecKey, []rtr.VAP, int, int, int) {
aspajson []prefixfile.ASPAJson) /*Export*/ ([]rtr.VRP, []rtr.BgpsecKey, []rtr.VAP, int, int, int) {
filterDuplicates := make(map[string]struct{})

// It may be tempting to change this to a simple time.Since() but that will
Expand Down Expand Up @@ -313,16 +313,7 @@ func processData(vrplistjson []prefixfile.VRPJson,
})
}

if aspajson != nil {
aspalist = handleASPAList(aspajson.IPv4, NowUnix, aspalist, rtr.AFI_IPv4)
aspalist = handleASPAList(aspajson.IPv6, NowUnix, aspalist, rtr.AFI_IPv6)
}

return vrplist, brklist, aspalist, countv4 + countv6, countv4, countv6
}

func handleASPAList(list []prefixfile.ASPAJson, NowUnix int64, aspalist []rtr.VAP, AFI uint8) []rtr.VAP {
for _, v := range list {
for _, v := range aspajson {
if v.Expires != nil {
if NowUnix > *v.Expires {
continue
Expand All @@ -336,12 +327,12 @@ func handleASPAList(list []prefixfile.ASPAJson, NowUnix int64, aspalist []rtr.VA
})

aspalist = append(aspalist, rtr.VAP{
AFI: AFI,
CustomerASN: v.CustomerAsid,
Providers: v.Providers,
})
}
return aspalist

return vrplist, brklist, aspalist, countv4 + countv6, countv4, countv6
}

type IdenticalFile struct {
Expand All @@ -368,10 +359,7 @@ func (s *state) updateFromNewState() error {
}
aspajson := s.lastdata.ASPA
if aspajson == nil {
aspajson = &prefixfile.ProviderAuthorizationsJson{
IPv4: make([]prefixfile.ASPAJson, 0),
IPv6: make([]prefixfile.ASPAJson, 0),
}
aspajson = make([]prefixfile.ASPAJson, 0)
}

buildtime, err := time.Parse(time.RFC3339, s.lastdata.Metadata.Buildtime)
Expand All @@ -390,7 +378,7 @@ func (s *state) updateFromNewState() error {
}

if s.slurm != nil {
vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson, log.StandardLogger())
vrpsjson, aspajson, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson, bgpsecjson, log.StandardLogger())
}

vrps, brks, vaps, count, countv4, countv6 := processData(vrpsjson, bgpsecjson, aspajson)
Expand All @@ -413,10 +401,7 @@ func (s *state) reloadFromCurrentState() error {
}
aspajson := s.lastdata.ASPA
if aspajson == nil {
aspajson = &prefixfile.ProviderAuthorizationsJson{
IPv4: make([]prefixfile.ASPAJson, 0),
IPv6: make([]prefixfile.ASPAJson, 0),
}
aspajson = make([]prefixfile.ASPAJson, 0)
}

buildtime, err := time.Parse(time.RFC3339, s.lastdata.Metadata.Buildtime)
Expand All @@ -435,7 +420,7 @@ func (s *state) reloadFromCurrentState() error {
}

if s.slurm != nil {
vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson.IPv4, aspajson.IPv6, bgpsecjson, log.StandardLogger())
vrpsjson, aspajson, bgpsecjson = s.slurm.FilterAssert(vrpsjson, aspajson, bgpsecjson, log.StandardLogger())
}

vrps, brks, vaps, count, countv4, countv6 := processData(vrpsjson, bgpsecjson, aspajson)
Expand All @@ -448,7 +433,7 @@ func (s *state) reloadFromCurrentState() error {

func (s *state) applyUpdateFromNewState(vrps []rtr.VRP, brks []rtr.BgpsecKey, vaps []rtr.VAP,
sessid uint16,
vrpsjson []prefixfile.VRPJson, brksjson []prefixfile.BgpSecKeyJson, aspajson *prefixfile.ProviderAuthorizationsJson,
vrpsjson []prefixfile.VRPJson, brksjson []prefixfile.BgpSecKeyJson, aspajson []prefixfile.ASPAJson,
countv4 int, countv6 int) error {

SDs := make([]rtr.SendableData, 0, len(vrps)+len(brks)+len(vaps))
Expand Down
21 changes: 14 additions & 7 deletions lib/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -979,7 +979,6 @@ func (brk *BgpsecKey) GetFlag() uint8 {

type VAP struct {
Flags uint8
AFI uint8
CustomerASN uint32
Providers []uint32
}
Expand All @@ -989,11 +988,11 @@ func (vap *VAP) Type() string {
}

func (vap *VAP) String() string {
return fmt.Sprintf("ASPA AS%v -> AFI %d, Providers: %v", vap.CustomerASN, vap.AFI, vap.Providers)
return fmt.Sprintf("ASPA AS%v -> Providers: %v", vap.CustomerASN, vap.Providers)
}

func (vap *VAP) HashKey() string {
return fmt.Sprintf("%v-%x-%v", vap.CustomerASN, vap.AFI, vap.Providers)
return fmt.Sprintf("%v-%v", vap.CustomerASN, vap.Providers)
}

func (r1 *VAP) Equals(r2 SendableData) bool {
Expand All @@ -1008,7 +1007,6 @@ func (r1 *VAP) Equals(r2 SendableData) bool {
func (vap *VAP) Copy() SendableData {
cop := VAP{
CustomerASN: vap.CustomerASN,
AFI: vap.AFI,
Flags: vap.Flags,
Providers: make([]uint32, 0),
}
Expand Down Expand Up @@ -1120,15 +1118,24 @@ func (c *Client) SendData(sd SendableData) {
return
}

pdu := &PDUASPA{
pdu4 := &PDUASPA{
Version: c.version,
Flags: t.Flags,
AFIFlags: t.AFI,
AFIFlags: AFI_IPv4,
ProviderASCount: uint16(len(t.Providers)),
CustomerASNumber: t.CustomerASN,
ProviderASNumbers: t.Providers,
}
c.SendPDU(pdu)
pdu6 := &PDUASPA{
Version: c.version,
Flags: t.Flags,
AFIFlags: AFI_IPv6,
ProviderASCount: uint16(len(t.Providers)),
CustomerASNumber: t.CustomerASN,
ProviderASNumbers: t.Providers,
}
c.SendPDU(pdu4)
c.SendPDU(pdu6)
}
}

Expand Down
7 changes: 1 addition & 6 deletions prefixfile/prefixfile.go
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ type VRPList struct {
Metadata MetaData `json:"metadata,omitempty"`
Data []VRPJson `json:"roas"` // for historical reasons this is called 'roas', but should've been called vrps
BgpSecKeys []BgpSecKeyJson `json:"bgpsec_keys,omitempty"`
ASPA *ProviderAuthorizationsJson `json:"provider_authorizations,omitempty"`
ASPA []ASPAJson `json:"aspas,omitempty"`
}

type BgpSecKeyJson struct {
Expand All @@ -53,11 +53,6 @@ type BgpSecKeyJson struct {
}

// ASPA
type ProviderAuthorizationsJson struct {
IPv4 []ASPAJson `json:"ipv4"`
IPv6 []ASPAJson `json:"ipv6"`
}

type ASPAJson struct {
CustomerAsid uint32 `json:"customer_asid"`
Expires *int64 `json:"expires,omitempty"`
Expand Down
33 changes: 13 additions & 20 deletions prefixfile/slurm.go
Original file line number Diff line number Diff line change
Expand Up @@ -267,24 +267,20 @@ func (s *SlurmLocallyAddedAssertions) AssertVRPs() []VRPJson {
return vrps
}

func (s *SlurmLocallyAddedAssertions) AssertVAPs() (v4, v6 []ASPAJson) {
vapsv4, vapsv6 := make([]ASPAJson, 0), make([]ASPAJson, 0)
func (s *SlurmLocallyAddedAssertions) AssertVAPs() []ASPAJson {
vaps := make([]ASPAJson, 0)

if s.AspaAssertions == nil || len(s.AspaAssertions) == 0 {
return vapsv4, vapsv6
return vaps
}
for _, assertion := range s.AspaAssertions {
vap := ASPAJson{
CustomerAsid: assertion.CustomerASNid,
Providers: assertion.ProviderSet,
}
if strings.Contains(assertion.Afi, "6") {
vapsv6 = append(vapsv6, vap)
} else {
vapsv4 = append(vapsv4, vap)
}
vaps = append(vaps, vap)
}
return vapsv4, vapsv6
return vaps
}

func (s *SlurmLocallyAddedAssertions) AssertBRKs() []BgpSecKeyJson {
Expand All @@ -305,26 +301,24 @@ func (s *SlurmLocallyAddedAssertions) AssertBRKs() []BgpSecKeyJson {
return brks
}

func (s *SlurmConfig) GetAssertions() (vrps []VRPJson, VAPv4, VAPv6 []ASPAJson, BRKs []BgpSecKeyJson) {
func (s *SlurmConfig) GetAssertions() (vrps []VRPJson, vaps []ASPAJson, BRKs []BgpSecKeyJson) {
vrps = s.LocallyAddedAssertions.AssertVRPs()
VAPv4, VAPv6 = s.LocallyAddedAssertions.AssertVAPs()
vaps = s.LocallyAddedAssertions.AssertVAPs()
BRKs = s.LocallyAddedAssertions.AssertBRKs()
return
}

func (s *SlurmConfig) FilterAssert(vrps []VRPJson, VAPv4, VAPv6 []ASPAJson, BRKs []BgpSecKeyJson, log Logger) (
ovrps []VRPJson, oVAPv4, oVAPv6 []ASPAJson, oBRKs []BgpSecKeyJson) {
func (s *SlurmConfig) FilterAssert(vrps []VRPJson, vaps []ASPAJson, BRKs []BgpSecKeyJson, log Logger) (
ovrps []VRPJson, ovaps []ASPAJson, oBRKs []BgpSecKeyJson) {
//
filteredVRPs, removedVRPs := s.ValidationOutputFilters.FilterOnVRPs(vrps)
filteredVAP4s, removedVAP4s := s.ValidationOutputFilters.FilterOnVAPs(VAPv4, false)
filteredVAP6s, removedVAP6s := s.ValidationOutputFilters.FilterOnVAPs(VAPv6, true)
filteredVAPs, removedVAPs := s.ValidationOutputFilters.FilterOnVAPs(vaps, false)
filteredBRKs, removedBRKs := s.ValidationOutputFilters.FilterOnBRKs(BRKs)

assertVRPs, assertVAP4, assertVAP6, assertBRKs := s.GetAssertions()
assertVRPs, assertVAPs, assertBRKs := s.GetAssertions()

ovrps = append(filteredVRPs, assertVRPs...)
oVAPv4 = append(filteredVAP4s, assertVAP4...)
oVAPv6 = append(filteredVAP6s, assertVAP6...)
ovaps = append(filteredVAPs, assertVAPs...)
oBRKs = append(filteredBRKs, assertBRKs...)

if log != nil {
Expand All @@ -337,8 +331,7 @@ func (s *SlurmConfig) FilterAssert(vrps []VRPJson, VAPv4, VAPv6 []ASPAJson, BRKs
}

if len(s.ValidationOutputFilters.AspaFilters) != 0 {
log.Infof("Slurm ASPA v4 filtering: %v kept, %v removed, %v asserted", len(filteredVAP4s), len(removedVAP4s), len(oVAPv4))
log.Infof("Slurm ASPA v6 filtering: %v kept, %v removed, %v asserted", len(filteredVAP6s), len(removedVAP6s), len(oVAPv6))
log.Infof("Slurm ASPA filtering: %v kept, %v removed, %v asserted", len(filteredVAPs), len(removedVAPs), len(ovaps))
}
}
return
Expand Down
6 changes: 3 additions & 3 deletions prefixfile/slurm_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -241,8 +241,8 @@ func TestSlurmEndToEnd(t *testing.T) {
panic(err)
}

finalVRP, _, finalASPA6, finalBgpsec :=
config.FilterAssert(vrplist.Data, vrplist.ASPA.IPv4, vrplist.ASPA.IPv6, vrplist.BgpSecKeys, nil)
finalVRP, finalASPA, finalBgpsec :=
config.FilterAssert(vrplist.Data, vrplist.ASPA, vrplist.BgpSecKeys, nil)

foundAssertVRP := false
for _, vrps := range finalVRP {
Expand All @@ -259,7 +259,7 @@ func TestSlurmEndToEnd(t *testing.T) {
}

foundAssertVAP := false
for _, vaps := range finalASPA6 {
for _, vaps := range finalASPA {
if vaps.CustomerAsid == 64499 {
foundAssertVAP = true
}
Expand Down

0 comments on commit 4dc8601

Please sign in to comment.