Beispiel #1
0
func TestValidate0(t *testing.T) {
	assert := assert.New(t)

	manager, _ := NewROAManager(0)
	manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("192.168.0.0").To4(), 24, 32, 100, ""))
	manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("192.168.0.0").To4(), 24, 24, 200, ""))

	var r config.RpkiValidationResultType

	tree := manager.Roas[bgp.RF_IPv4_UC]
	r = validateOne(tree, "192.168.0.0/24", "100")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_VALID)

	r = validateOne(tree, "192.168.0.0/24", "100 200")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_VALID)

	r = validateOne(tree, "192.168.0.0/24", "300")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_INVALID)

	r = validateOne(tree, "192.168.0.0/25", "100")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_VALID)

	r = validateOne(tree, "192.168.0.0/25", "200")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_INVALID)

	r = validateOne(tree, "192.168.0.0/25", "300")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_INVALID)
}
Beispiel #2
0
func TestValidate5(t *testing.T) {
	assert := assert.New(t)

	manager, _ := NewROAManager(0)
	manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("10.0.0.0").To4(), 17, 17, 65000, ""))
	manager.addROA(table.NewROA(bgp.AFI_IP, net.ParseIP("10.0.128.0").To4(), 17, 17, 65000, ""))

	var r config.RpkiValidationResultType
	tree := manager.Roas[bgp.RF_IPv4_UC]
	r = validateOne(tree, "10.0.0.0/16", "65000")
	assert.Equal(r, config.RPKI_VALIDATION_RESULT_TYPE_NOT_FOUND)
}
Beispiel #3
0
func (cli *GoBGPClient) GetROA(family bgp.RouteFamily) ([]*table.ROA, error) {
	rsp, err := cli.cli.GetRoa(context.Background(), &api.GetRoaRequest{
		Family: uint32(family),
	})
	if err != nil {
		return nil, err
	}
	roas := make([]*table.ROA, 0, len(rsp.Roas))
	for _, r := range rsp.Roas {
		ip := net.ParseIP(r.Prefix)
		if ip.To4() != nil {
			ip = ip.To4()
		}
		afi, _ := bgp.RouteFamilyToAfiSafi(family)
		roa := table.NewROA(int(afi), []byte(ip), uint8(r.Prefixlen), uint8(r.Maxlen), r.As, net.JoinHostPort(r.Conf.Address, r.Conf.RemotePort))
		roas = append(roas, roa)
	}
	return roas, nil
}
Beispiel #4
0
func (c *roaManager) handleRTRMsg(client *roaClient, state *config.RpkiServerState, buf []byte) {
	received := &state.RpkiMessages.RpkiReceived

	m, err := rtr.ParseRTR(buf)
	if err == nil {
		switch msg := m.(type) {
		case *rtr.RTRSerialNotify:
			if before(client.serialNumber, msg.RTRCommon.SerialNumber) {
				client.enable(client.serialNumber)
			} else if client.serialNumber == msg.RTRCommon.SerialNumber {
				// nothing
			} else {
				// should not happen. try to get the whole ROAs.
				client.softReset()
			}
			received.SerialNotify++
		case *rtr.RTRSerialQuery:
		case *rtr.RTRResetQuery:
		case *rtr.RTRCacheResponse:
			received.CacheResponse++
			client.endOfData = false
		case *rtr.RTRIPPrefix:
			family := bgp.AFI_IP
			if msg.Type == rtr.RTR_IPV4_PREFIX {
				received.Ipv4Prefix++
			} else {
				family = bgp.AFI_IP6
				received.Ipv6Prefix++
			}
			roa := table.NewROA(family, msg.Prefix, msg.PrefixLen, msg.MaxLen, msg.AS, client.host)
			if (msg.Flags & 1) == 1 {
				if client.endOfData {
					c.addROA(roa)
				} else {
					client.pendingROAs = append(client.pendingROAs, roa)
				}
			} else {
				c.deleteROA(roa)
			}
		case *rtr.RTREndOfData:
			received.EndOfData++
			if client.sessionID != msg.RTRCommon.SessionID {
				// remove all ROAs related with the
				// previous session
				c.deleteAllROA(client.host)
			}
			client.sessionID = msg.RTRCommon.SessionID
			client.serialNumber = msg.RTRCommon.SerialNumber
			client.endOfData = true
			if client.timer != nil {
				client.timer.Stop()
				client.timer = nil
			}
			for _, roa := range client.pendingROAs {
				c.addROA(roa)
			}
			client.pendingROAs = make([]*table.ROA, 0)
		case *rtr.RTRCacheReset:
			client.softReset()
			received.CacheReset++
		case *rtr.RTRErrorReport:
			received.Error++
		}
	} else {
		log.WithFields(log.Fields{
			"Topic": "rpki",
			"Host":  client.host,
			"Error": err,
		}).Info("Failed to parse an RTR message")
	}
}