On Fri, Jan 20, 2023 at 02:44:16PM +0100, Claudio Jeker wrote: > On Fri, Jan 20, 2023 at 12:21:14PM +0100, Claudio Jeker wrote: > > This diff adds the reload logic and rewrites larger parts of what was > > already there to have ASPA validation in the RDE. > > > > The main reason this diff is so large is that the ASPA state cache on > > struct rde_aspath needs to be afi/aid and role independent. So I changed > > the aspa functions to be role and aid independent which results in a lot > > of churn. > > > > The code now uses rde_aspa_validity() with the cache in rde_aspath to > > figure out if a prefix is ASPA valid, invalid or unknown. > > rde_aspa_validity() is cheap since it just checks various bits to decide. > > The cache is updated by checking a generation counter that is increased > > during reload. This is done since the tables are walked by prefix and not > > by ASPATH. > > > > There is still no filter syntax available to deny aspa invalid routes but > > that will follow soon. > > > > The diff includes bgpd, bgpctl and regress test changes. There is a lot of > > churn in regress test because of bgpctl output changes. > > I missed a small bit in the diff. In rde_filter_match() the state->vstate > needs to be masked with the ROA_MASK else the ovs validity will not match. > > I added this to the big diff but just included the delta here.
I spent a lot of time on this diff and can't spot anything wrong with it. It is super tricky, so it is of course very easy to miss subtleties... ok tb
