mirrors/bird
mirrors/bird
0
0
Fork 0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-10-18 09:58:43 +00:00
Code Releases Activity
2,727 Commits 142 Branches 57 Tags 28 MiB
int-new-rpki
Commit Graph

2727 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pavel Tvrdík
a1f92cf15b RPKI: remove old code from grammar 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
53e411b363 RPKI: Refresh docs, example BGP origin validation 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
2c73a9c70d RPKI: Use '%N' key in printf net_addr 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
3f2e839844 RPKI: Improve get_status cb and add show_proto_info cb 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
25fc1cc645 RPKI: Force refresh group status after reconfigure 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
e45dc8e01d RPKI: refactore transports 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
4c1e54d4a6 RPKI: improve reconfiguration 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
c727c28404 RPKI: replace sock->af usage with sock->fam 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
cf2d812e9d RPKI: Add a documentation 2016-01-25 15:39:38 +01:00
Pavel Tvrdík
41f4b5940f RPKI protocol with integrated RTRLib inside 
Add the RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

The code should work properly with one or more cache servers per protocol.

Example configuration of bird.conf:
  ...
  roa4 table roatable;

  protocol rpki {
    table roatable;

    cache 127.0.0.1; # defaults: port 8282, preference 1, no encryption

    cache 127.0.0.1 {
      preference 1;
      port 2222;
      ssh encryption {
        bird private key "/home/birdgeek/.ssh/id_rsa";
        cache public key "/home/birdgeek/.ssh/known_hosts";
        user "birdgeek";
      };
    };

    cache "rpki-validator.realmv6.org" {
      preference 2;
    };
  }
  ...
 2016-01-25 15:39:38 +01:00
Jan Moskyto Matejka
74d9416763 RIPng: fixed misrejection of host routes 2016-01-25 10:29:06 +01:00
Jan Moskyto Matejka
2fad92144e BSD: fix no-return warning 2016-01-21 15:47:04 +01:00
Jan Moskyto Matejka
3f35816136 BSD: Explicitly dropping routes with mismatched AF's. 2016-01-21 14:55:33 +01:00
Jan Moskyto Matejka
0e965f6991 All the current pthread implementations are OK and working with us. 
No more need to disable pthread for specific BSD's.
 2016-01-21 14:55:33 +01:00
Pavel Tvrdík
7eb9e79648 Add condition for max_pxlen by ROA grammar 2016-01-21 10:37:08 +01:00
Pavel Tvrdík
a4caa1c0a3 Use net_addr pointer for net_addr_roaX 
net_addr_roa6 is bigger than net_addr

Thanks to Ondrej Zajicek for notice
 2016-01-21 10:37:08 +01:00
Pavel Tvrdík
259052199b Add forgotten semicolon 2016-01-20 16:46:58 +01:00
Pavel Tvrdík
650b418942 Delete old ROA code 2016-01-20 16:46:58 +01:00
Pavel Tvrdík
0264ccf6f4 Rewrite roa_check() for integrated BIRD 
Thanks to Ondrej Zajicek for his support with writing this code.
 2016-01-20 16:46:58 +01:00
Pavel Tvrdík
cb1bd816db Add ROA_* constants values to grammar of configuration 
Add ROA_UNKNOWN, ROA_VALID and ROA_INVALID
 2016-01-20 16:46:58 +01:00
Pavel Tvrdík
513ad0a85e Add ROA net_addr to grammar 
Example:
  protocol static
  {
    route 10.110.0.0/16 max 16 as 1000 blackhole;
    route 10.120.0.0/16 max 24 as 1000 blackhole;
    route 10.130.0.0/16 max 24 as 2000 blackhole;
    route 10.130.128.0/18 max 24 as 3000 blackhole;
    ...
  }
 2016-01-20 16:46:30 +01:00
Jan Moskyto Matejka
8109eb765f BSD integration fixes 2016-01-20 12:05:16 +01:00
Pavel Tvrdík
f9d729ab68 NET ROAx: add max_pxlen, fix format 2016-01-14 14:31:55 +01:00
Jan Moskyto Matejka
9a883adf95 Net address format: Do not print the -4 or -6 suffix in %I4 and %I6 2016-01-13 13:21:25 +01:00
Pavel Tvrdík
a820ae1074 NET ROAx more small changes 
- Remove `u8 src` from net_add_roaX
- Add `u8 max_pxlen` to net_add_roaX
- Add some missing macro and functions for ROA
- Remove ASN from hash function for ROA

Thanks to Ondrej Santiago Zajicek
 2016-01-12 11:41:10 +01:00
Pavel Tvrdík
93e807292c ROA change printf 'ASN: xxx' to 'ASxxx' 2016-01-12 11:40:50 +01:00
Jan Moskyto Matejka
6ffa8f5393 Hidden AF_INET* inside sysdep/ 2016-01-11 09:29:51 +01:00
Jan Moskyto Matejka
5b218c3d9b BFD: split of v4/v6 sockets 2016-01-11 09:29:51 +01:00
Pavel Tvrdík
b9f5692186 Fix check in net_route() in debug mode 2016-01-07 18:24:14 +01:00
Pavel Tvrdík
de9b87f558 Add NET ROA4/6 structures 2016-01-07 18:21:31 +01:00
Ondrej Zajicek (work)
e691d16a63 Explicit ip4_addr / ip6_addr printf support 2015-12-29 17:12:47 +01:00
Ondrej Zajicek (work)
74c838a870 Move ID allocator to a separate file and use it also in OSPF 2015-12-29 15:42:12 +01:00
Jan Moskyto Matejka
9a70c8d6c3 Netlink: Removed forgotten if-stub (caused strange errors) 2015-12-29 13:02:45 +01:00
Ondrej Zajicek (work)
04632fd77f Follow-up work on integration 2015-12-24 15:56:04 +01:00
Jan Moskyto Matejka
70b90dde23 Better fix of missing AF_INET6? definition in lib/socket.h 
Moved the code to sysdep.
 2015-12-22 09:45:09 +01:00
Ondrej Zajicek (work)
600998fcb1 Modify FIB_WALK() and FIB_ITERATE() to work with new FIB code 
Returned user data pointers have offset relative to fib_node.
 2015-12-21 20:28:44 +01:00
Jan Moskyto Matejka
67aa88336a BSD wants to include sys/socket.h in lib/socket.h (AF_INET6? definitions) 2015-12-21 18:23:08 +01:00
Ondrej Zajicek (work)
0bf95f99e6 Follow-up work on integration 
Contains some patches from Jan Moskyto Matejka
 2015-12-21 17:17:21 +01:00
Ondrej Zajicek (work)
23c212e7f1 Follow-up work on integration 2015-12-21 03:33:18 +01:00
Ondrej Zajicek (work)
e92a4b855f Filter: Fix some changes in IP<->Quad implicit conversion 2015-12-20 21:43:00 +01:00
Ondrej Zajicek (work)
d549b83fc2 Delete ipv6 option from configure 2015-12-20 19:47:36 +01:00
Ondrej Zajicek (work)
0f7d5b1a88 Nest: Reimplement fib_route() and add some consts 2015-12-20 18:16:48 +01:00
Ondrej Zajicek (work)
29a6416276 KRT: Integration of IPv4/IPv6 in sysdep/linux 2015-12-20 16:58:37 +01:00
Jan Moskyto Matejka
7fd4143ead Integrated address print lengths 
Minor changes by Ondrej Santiago Zajicek
 2015-12-20 13:47:39 +01:00
Jan Moskyto Matejka
9656dce72e ROA code switchoff 2015-12-20 13:04:07 +01:00
Jan Moskyto Matejka
aedd3a6bab Implemented missing prefix manipulation functions 2015-12-20 12:53:40 +01:00
Jan Moskyto Matejka
5e173e9f63 Stop perusing f_prefix for non-prefix-set uses 
Multiple changes by Ondrej Santiago Zajicek
 2015-12-19 23:49:47 +01:00
Jan Moskyto Matejka
d7661fbe9d Removed BITS_PER_IP_ADDRESS, MAX_PREFIX_LENGTH, BIRD_AF 
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.

Squashing and minor changes by Ondrej Santiago Zajicek
 2015-12-19 15:57:09 +01:00
Jan Moskyto Matejka
9b136840d9 Netlink and BSD: Integrating IPv4 and IPv6 
Squashing and minor changes by Ondrej Santiago Zajicek
 2015-12-18 20:03:47 +01:00
Ondrej Zajicek (work)
04ae8ddaa1 Merge branch 'master' into int-new 2015-11-25 14:24:35 +01:00