0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-22 09:41:54 +00:00
Commit Graph

553 Commits

Author SHA1 Message Date
Pavel Tvrdík
41f4b5940f RPKI protocol with integrated RTRLib inside
Add the RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

The code should work properly with one or more cache servers per protocol.

Example configuration of bird.conf:
  ...
  roa4 table roatable;

  protocol rpki {
    table roatable;

    cache 127.0.0.1; # defaults: port 8282, preference 1, no encryption

    cache 127.0.0.1 {
      preference 1;
      port 2222;
      ssh encryption {
        bird private key "/home/birdgeek/.ssh/id_rsa";
        cache public key "/home/birdgeek/.ssh/known_hosts";
        user "birdgeek";
      };
    };

    cache "rpki-validator.realmv6.org" {
      preference 2;
    };
  }
  ...
2016-01-25 15:39:38 +01:00
Jan Moskyto Matejka
2fad92144e BSD: fix no-return warning 2016-01-21 15:47:04 +01:00
Jan Moskyto Matejka
3f35816136 BSD: Explicitly dropping routes with mismatched AF's. 2016-01-21 14:55:33 +01:00
Pavel Tvrdík
259052199b Add forgotten semicolon 2016-01-20 16:46:58 +01:00
Jan Moskyto Matejka
8109eb765f BSD integration fixes 2016-01-20 12:05:16 +01:00
Jan Moskyto Matejka
6ffa8f5393 Hidden AF_INET* inside sysdep/ 2016-01-11 09:29:51 +01:00
Ondrej Zajicek (work)
e691d16a63 Explicit ip4_addr / ip6_addr printf support 2015-12-29 17:12:47 +01:00
Jan Moskyto Matejka
9a70c8d6c3 Netlink: Removed forgotten if-stub (caused strange errors) 2015-12-29 13:02:45 +01:00
Ondrej Zajicek (work)
04632fd77f Follow-up work on integration 2015-12-24 15:56:04 +01:00
Jan Moskyto Matejka
70b90dde23 Better fix of missing AF_INET6? definition in lib/socket.h
Moved the code to sysdep.
2015-12-22 09:45:09 +01:00
Ondrej Zajicek (work)
600998fcb1 Modify FIB_WALK() and FIB_ITERATE() to work with new FIB code
Returned user data pointers have offset relative to fib_node.
2015-12-21 20:28:44 +01:00
Ondrej Zajicek (work)
0bf95f99e6 Follow-up work on integration
Contains some patches from Jan Moskyto Matejka
2015-12-21 17:17:21 +01:00
Ondrej Zajicek (work)
23c212e7f1 Follow-up work on integration 2015-12-21 03:33:18 +01:00
Ondrej Zajicek (work)
d549b83fc2 Delete ipv6 option from configure 2015-12-20 19:47:36 +01:00
Ondrej Zajicek (work)
29a6416276 KRT: Integration of IPv4/IPv6 in sysdep/linux 2015-12-20 16:58:37 +01:00
Jan Moskyto Matejka
9656dce72e ROA code switchoff 2015-12-20 13:04:07 +01:00
Jan Moskyto Matejka
d7661fbe9d Removed BITS_PER_IP_ADDRESS, MAX_PREFIX_LENGTH, BIRD_AF
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.

Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-19 15:57:09 +01:00
Jan Moskyto Matejka
9b136840d9 Netlink and BSD: Integrating IPv4 and IPv6
Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-18 20:03:47 +01:00
Ondrej Zajicek (work)
04ae8ddaa1 Merge branch 'master' into int-new 2015-11-25 14:24:35 +01:00
Jan Moskyto Matejka
ad27615760 Netlink: attribute validation before parsing
Wanted netlink attributes are defined in a table, specifying
their size and neediness. Removing the long conditions that did the
validation before.

Also parsing IPv4 and IPv6 versions regardless on the IPV6 macro.
2015-11-24 14:30:20 +01:00
Ondrej Zajicek (work)
1e4891e48e Nest: Fix bug in device proto
If an interface address notification is received during device protocol
shutdown/restart, BIRD crashed.

Thanks to Wei Huang for the bugreport.
2015-11-23 11:13:40 +01:00
Ondrej Zajicek (work)
d44e686e9b Follow-up commit on integrated BIRD
Use net_addr for interface address prefixes, support net_addr in
configuration parser.
2015-11-12 02:03:59 +01:00
Pavel Tvrdík
fce764f90e Fix compiling with --enable-debug option 2015-11-11 11:46:38 +01:00
Jan Moskyto Matejka
9ddbfbddf8 Netlink: Allow more than 256 routing tables.
Since 2.6.19, the netlink API defines RTA_TABLE routing attribute to
allow 32-bit routing table IDs. Using this attribute to index routing
tables at Linux, instead of 8-bit rtm_table field.
2015-11-11 11:40:49 +01:00
Ondrej Zajicek (work)
9b9a7143c4 Conf: Fixes bug in symbol lookup during reconfiguration
Symbol lookup by cf_find_symbol() not only did the lookup but also added
new void symbols allocated from cfg_mem linpool, which gets broken when
lookups are done outside of config parsing, which may lead to crashes
during reconfiguration.

The patch separates lookup-only cf_find_symbol() and config-modifying
cf_get_symbol(), while the later is called only during parsing. Also
new_config and cfg_mem global variables are NULLed outside of parsing.
2015-11-09 00:42:02 +01:00
Ondrej Zajicek (work)
fe9f1a6ded Initial commit on integrated BIRD
New data types net_addr and variants (in lib/net.h) describing
network addresses (prefix/pxlen). Modifications of FIB structures
to handle these data types and changing everything to use these
data types instead of prefix/pxlen pairs where possible.

The commit is WiP, some protocols are not yet updated (BGP, Kernel),
and the code contains some temporary scaffolding.

Comments are welcome.
2015-11-05 12:48:52 +01:00
Ondrej Zajicek (work)
3aed0a6ff7 IO: Fix the previous bugfix
I should check it after making some trivial changes. The original patch
from Alexander has it right.
2015-11-03 11:27:27 +01:00
Ondrej Zajicek (work)
338f85ca77 IO: Handle fd values too big for select()
If the number of sockets is too much for select(), we should at least
handle it with proper error messages and reject new sockets instead of
breaking the event loop.

Thanks to Alexander V. Chernikov for the patch.
2015-11-03 11:08:57 +01:00
Ondrej Zajicek (work)
acb04cfdc5 Minor changes 2015-10-17 14:43:37 +02:00
Ondrej Zajicek
641172c6e5 Netlink: Fixes uninitialized variable
Thanks to Pavel Tvrdik for the bugfix
2015-07-28 12:36:03 +02:00
Ondrej Zajicek
8d9eef1771 BGP multipath support
Kernel option 'merge paths' allows to merge routes exported to kernel
protocol (currently BGP and static routes) to multipath routes.
2015-06-08 02:24:08 +02:00
Ondrej Zajicek
78a2cc289f KRT: Fixes some minor bugs in kernel protocol 2015-06-08 02:24:08 +02:00
Pavel Tvrdík
ae80a2de95 unsigned [int] -> uint 2015-06-08 02:24:08 +02:00
Pavel Tvrdík
e348ef01b4 unsgined char -> byte 2015-06-08 02:24:08 +02:00
Ondrej Zajicek
38e835dede Fix in the last commit 2015-05-13 13:19:26 +02:00
Ondrej Zajicek
9fdf9d29b6 KRT: Add support for plenty of kernel route metrics
Linux kernel route metrics (RTA_METRICS netlink route attribute) are
represented and accessible as new route attributes:

krt_mtu, krt_window, krt_rtt, krt_rttvar, krt_sstresh, krt_cwnd, krt_advmss,
krt_reordering, krt_hoplimit, krt_initcwnd, krt_rto_min, krt_initrwnd,
krt_quickack, krt_lock_mtu, krt_lock_window, krt_lock_rtt, krt_lock_rttvar,
krt_lock_sstresh, krt_lock_cwnd, krt_lock_advmss, krt_lock_reordering,
krt_lock_hoplimit, krt_lock_rto_min, krt_feature_ecn, krt_feature_allfrag
2015-05-12 16:42:22 +02:00
Ondrej Zajicek
7069fc9e72 KRT: Fixes route reload
Did not really worked
2015-04-25 21:41:43 +02:00
Ondrej Zajicek
c5ff44a703 KRT: Fixes learning of preferred kernel routes.
When a new route was imported from kernel and chosen as preferred, then
the old best route was propagated as a withdraw to the kernel protocol.
Under some circumstances such withdraw propagated to the BSD kernel could
remove the new alien route and thus reverting the import.
2015-04-25 20:43:43 +02:00
Ondrej Zajicek
90097f4fb9 KRT: Support for RTM_CHANGE on BSD 2015-04-22 10:53:15 +02:00
Ondrej Zajicek
deec752ef9 NEWS and version update 2015-04-20 12:27:00 +02:00
Ondrej Zajicek
b867a87c2f Fixes port range socket option 2015-04-19 00:31:59 +02:00
Ondrej Zajicek
304ac2e861 Minor fixes 2015-04-12 10:47:17 +02:00
Ondrej Zajicek
16a3254c4c Understand IFF_MULTICAST flag on ifaces in Linux
Unfortunately, some interfaces support multicast but do not have
this flag set, so we use it only as a positive hint.

Thanks to Clint Armstrong for noticing the problem.
2015-03-31 23:59:40 +02:00
Ondrej Zajicek
9aed29e605 BGP: Enhanced route refresh (RFC 7313) support
Also hook feed_done is renamed to feed_end.
2015-03-29 18:29:49 +02:00
Ondrej Zajicek
af454f9b7c Fixes bug in debug dumps
Using 'dump sockets' in IPv6 mode caused crash due to mismatched format string.

Thanks to Pavel Tvrdik for noticing it.
2015-03-02 09:42:44 +01:00
Ondrej Zajicek
8bcb5fb1e8 Implement latency tracking, internal event log and watchdog 2015-03-02 09:41:14 +01:00
Ondrej Zajicek
9c89560e6c Use IP_PORTRANGE_HIGH for BFD where available 2015-02-22 20:14:14 +01:00
Ondrej Zajicek
86c3eea0f3 Use AF_UNSPEC for RTM_GETLINK
This value is specified in documentation.
2015-02-21 21:19:49 +01:00
Ondrej Zajicek
2bbc308321 Store protocol config size inside protocol structure
Make proto_config_new() use this info instead of supplied size.

Thanks to Alexander V. Chernikov for the patch.
2015-02-21 21:08:23 +01:00
Pavel Tvrdik
e598853e68 Add const to a param msg at functions log_msg, log_rl, die, bug and debug 2015-02-21 19:32:57 +01:00