BGP Flowspec VPNv4/VPNv6
Ondrej Zajicek
santiago at crfreenet.org
Sat Oct 26 02:14:57 CEST 2024
On Fri, Oct 25, 2024 at 06:18:54PM +0200, Vincent Bernat wrote:
> Hey!
>
> I would be interested in implementing BGP Flowspec for VPNv4/VPNv6. Hacking
> flow4/flow6 to be VPNv4/VPNv6 instead of IPv4/IPv6 instead is easy, but I am
> unsure of the right way to *add* VPNv4/VPNv6. Should I add flowvpn4/flowvpn6
> tables or reuse flow4/flow6 and only add "vpn4/vpn6 flow" channels to the
> BGP protocol?
Hi
I think you would need to add flowvpn4/flowvpn6 tables and also new
net_addr subtypes to lib/net.h, as it is a new route type with a slightly
different semantic (specifically RD is a part of the table key). That is
mostly a copy-and-paste job from the regular flowspec nettypes.
Well, alternatively one could add RD to regular net_addr_flowX, keep it
zero for regular flowspec with the argument that flowspec NLRI are huge
anyways, so unused u64 for RD does not matter. But for the uniformity i
would prefer the first approach.
Different net type leads naturally to different rtables.
--
Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago at crfreenet.org)
"To err is human -- to blame it on a computer is even more so."
More information about the Bird-users
mailing list