commit 89b6d1f8e2759cc38bc768067abe3a296d93f454
author Stephen Hemminger <shemminger@vyatta.com> Thu Mar 24 10:51:59 2011 +0000
committer Paul Jakma <paul@quagga.net> Thu Mar 24 10:51:59 2011 +0000
tree ebf4d27f1d93558bba8d0bf6f1022182f7066404
parent fa411a212b55bba650d68fd0456686f3e47b7395

bgpd: Cleanups & fixes for minttl / GTSM

* bgp_vty.c: (peer_ebgp_multihop_{un,}set_vty) tail-call cleanup.
  ({no_,}neighbor_ttl_security) ditto.
* bgpd.c: (peer_ttl_security_hops_set) Peer group checks and TTL set only
  need to be done on transition.
* sockunion.c: (sockopt_minttl) remove always-on debug and improve readability.

bgpd/bgpd.c

diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
index cc0ea8d..5a412f2 100644
--- a/bgpd/bgpd.c
+++ b/bgpd/bgpd.c
@@ -4376,7 +4376,7 @@
   zlog_debug ("peer_ttl_security_hops_set: set gtsm_hops to %d for %s", gtsm_hops, peer->host);
 
   if (peer_sort (peer) == BGP_PEER_IBGP)
-      return 0;
+    return 0;
 
   /* We cannot configure ttl-security hops when ebgp-multihop is already
      set.  For non peer-groups, the check is simple.  For peer-groups, it's
@@ -4385,35 +4385,36 @@
      before actually applying the ttl-security rules.  Cisco really made a
      mess of this configuration parameter, and OpenBGPD got it right.
   */
+  
+  if (peer->gtsm_hops == 0) {
+    if (CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP))
+      {
+        group = peer->group;
+        if (group->conf->ttl != 1)
+          return BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK;
 
-  if (CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP))
-    {
-      group = peer->group;
-      if (group->conf->ttl != 1)
-        return BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK;
+        for (ALL_LIST_ELEMENTS (group->peer, node, nnode, peer1))
+          {
+            if (peer_sort (peer1) == BGP_PEER_IBGP)
+              continue;
 
-      for (ALL_LIST_ELEMENTS (group->peer, node, nnode, peer1))
-        {
-          if (peer_sort (peer1) == BGP_PEER_IBGP)
-            continue;
-
-          if (peer1->ttl != 1)
-            return BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK;
-        }
-    }
-  else
-    {
-      if (peer->ttl != 1)
-        return BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK;
-    }
-
+            if (peer1->ttl != 1)
+              return BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK;
+          }
+      }
+    else
+      {
+        if (peer->ttl != 1)
+          return BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK;
+      }
+    /* specify MAXTTL on outgoing packets */
+    ret = peer_ebgp_multihop_set (peer, MAXTTL);
+    if (ret != 0)
+      return ret;
+  }
+  
   peer->gtsm_hops = gtsm_hops;
 
-  /* specify MAXTTL on outgoing packets */
-  ret = peer_ebgp_multihop_set (peer, MAXTTL);
-  if (ret != 0)
-    return ret;
-
   if (! CHECK_FLAG (peer->sflags, PEER_STATUS_GROUP))
     {
       if (peer->fd >= 0 && peer_sort (peer) != BGP_PEER_IBGP)
@@ -4793,7 +4794,7 @@
      /* ttl-security hops */
       if (peer_sort (peer) != BGP_PEER_IBGP && peer->gtsm_hops != 0)
         if (! peer_group_active (peer) || g_peer->gtsm_hops != peer->gtsm_hops)
-          vty_out (vty, " neighbor %s ttl-security hops %d%s", addr, 
+          vty_out (vty, " neighbor %s ttl-security hops %d%s", addr,
                    peer->gtsm_hops, VTY_NEWLINE);
 
       /* disable-connected-check.  */