routing

package
Version: v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 4, 2020 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Overview

Package routing defines implementations around the routing decisions for the gateway.

This package defines the file format for the routing policies. A routing policy consists of a list of rules. Each rule consists of an action and three matchers. Optionally, a rule can have a comment that is persisted across deserialization and serialization.

Policies are defined in plain text. Each line represents a rule. Each rule consists of four whitespace separated columns. The optional comment is appended at the end of the line and needs to start with a '#'.

accept       1-ff00:0:110     1-ff00:0:112    10.0.1.0/24,10.0.2.0/24    # Accept from AS 110.
accept       2-0              1-ff00:0:112    10.0.3.0/24                # Accept from ISD 2.
reject       !1-ff00:0:110    1-ff00:0:112    10.0.0.0/8                 # Reject unless AS 110.
advertise    1-ff00:0:112     1-ff00:0:110    10.0.9.0/8                 # Advertise to AS 112.

The first column represents the action. Currently, we support:

accept    <a> <b> <prefixes>: <b> accepts the IP prefixes <prefixes> from <a>.
reject    <a> <b> <prefixes>: <b> rejects the IP prefixes <prefixes> from <a>.
advertise <a> <b> <prefixes>: <a> advertists the IP prefixes <prefixes> to <b>.

The remaining three columns define the matchers of a rule. The second and third column are ISD-AS matchers, the forth column is a prefix matcher.

The second column matches the 'from' ISD-AS. The third column the 'to' ISD-AS. ISD-AS matchers support wildcards and negation:

1-ff00:0:110   Matches for 1-ff00:0:110 only.
0-ff00:0:110   Matches for all ASes with AS number ff00:0:110.
1-0            Matches for all ASes in ISD 1.
0-0            Matches for all ASes.

!0-ff00:0:110  Matches for all ASes except the ones with AS number 'ff00:0:110'.
!1-ff00:0:110  Matches for all ASes except 1-ff00:0:110.
!1-0           Matches for all ASes not in ISD 1.

Network prefix matcher consist of a list of IP prefixes to match. The list is comma-separated. A prefix matches, if it is in the subset of the union of the IP prefixes in the list. The network prefix matcher can also be negated. The negation applies to the entire list. A prefix matches in the negated case, if it is not a subset of the union of the prefix list.

10.0.1.0/24,10.0.2.0/24    Matches all IP prefixes that are a subset of 10.0.1.0/24 or
                           10.0.2.0/24. It also matches 10.0.1.0/24 and 10.0.2.0/24.
!10.0.1.0/24,10.0.2.0/24   Matches all IP prefixes that are not a subset of 10.0.1.0/24 and
                           not a subset of 10.0.2.0/24.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AdvertiseList

func AdvertiseList(pol Policy, from, to addr.IA) []*net.IPNet

AdvertiseList returns the list of prefixes to advertise for the given policy and ISD-ASes.

func NewPolicyHandler

func NewPolicyHandler(policyPublisher PolicyPublisher,
	path string) func(http.ResponseWriter, *http.Request)

NewPolicyHandler creates a HTTP handler for the reloadable policy. If the path is not empty, a PUT request will write a valid received policy to this path.

Types

type Action

type Action int

Action represents the rule decision.

const (
	UnknownAction Action = iota
	Accept
	Reject
)

List of available actions.

func (Action) String

func (a Action) String() string

type IAMatcher

type IAMatcher interface {
	Match(addr.IA) bool
}

IAMatcher matches ISD-AS.

type NetworkMatcher

type NetworkMatcher interface {
	Match(*net.IPNet) bool
}

NetworkMatcher matches IP networks.

type Policy

type Policy struct {
	// Rules is a list of rules that the policy iterates during matching.
	Rules []Rule
	// DefaultAction is used as the action in the default rule. If not set, this
	// defaults to UnknownAction.
	DefaultAction Action
}

Policy represents a set of rules. The rules of the policy are traversed in order during matching. The first rule that matches is returned. In case no rule matches, a default rule is returned.

The default rule only has the action field set, everything else is the zero value. By default, the action is UnknownAction. It can be configured to the desired value by setting the DefaultAction field to the appropriate value.

func LoadPolicy

func LoadPolicy(path string) (Policy, error)

LoadPolicy loads the policy file from the path.

func (Policy) Copy

func (p Policy) Copy() *Policy

Copy returns a deep-copied routing policy object. The method uses marshal/unmarshal to create a deep copy, if either marshaling or unmarshaling fails, this method panics.

func (Policy) MarshalText

func (p Policy) MarshalText() ([]byte, error)

MarshalText marshals the policy.

func (Policy) Match

func (p Policy) Match(from, to addr.IA, network *net.IPNet) Rule

Match iterates through the list of rules in order and returns the first rule that matches. If no rule is matched, a rule with DefaultAction is returned.

func (*Policy) UnmarshalText

func (p *Policy) UnmarshalText(b []byte) error

UnmarshalText unmarshals a policy.

type PolicyPublisher

type PolicyPublisher interface {
	PublishRoutingPolicy(*Policy)
	RoutingPolicy() *Policy
}

PolicyPublisher is used to publish policies.

type Rule

type Rule struct {
	Action  Action
	From    IAMatcher
	To      IAMatcher
	Network NetworkMatcher
	Comment string
}

Rule represents a routing policy rule.

func (Rule) Match

func (r Rule) Match(from, to addr.IA, network *net.IPNet) bool

Match indicates if this rule matches the input.

Directories

Path Synopsis
exporters
Package mock_routing is a generated GoMock package.
Package mock_routing is a generated GoMock package.
internal

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL