0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-22 17:51:53 +00:00
Commit Graph

1113 Commits

Author SHA1 Message Date
Maria Matejka
f2f3163f6c Filters always allocate from tmp_linpool 2022-05-04 15:37:41 +02:00
Maria Matejka
de86040b2c Attribute list normalization cleanup 2022-05-04 15:37:41 +02:00
Maria Matejka
3fb70b26fa Complex route attributes are data structures, shall be in lib also 2022-05-04 15:37:41 +02:00
Maria Matejka
ef6a903e6f Splitting route data structures out to lib 2022-05-04 15:37:41 +02:00
Maria Matejka
0e1e632f70 FIB is a data structure generic enough to be in lib 2022-05-04 15:37:41 +02:00
Maria Matejka
0d0f6554a5 Unified attribute and filter types
This commit removes the EAF_TYPE_* namespace completely and also for
route attributes, filter-based types T_* are used. This simplifies
fetching and setting route attributes from filters.

Also, there is now union bval which serves as an universal value holder
instead of private unions held separately by eattr and filter code.
2022-05-04 15:37:41 +02:00
Maria Matejka
cd9550b244 Implicit ROA check converted to explicit filter instruction sequence 2022-05-04 15:37:41 +02:00
Maria Matejka
22f95d9889 Special attribute types for enums 2022-05-04 15:37:41 +02:00
Maria Matejka
e261b32511 Dropping EAF_VAR_LENGTH as the attribute data is either embedded or adata 2022-05-04 15:37:41 +02:00
Maria Matejka
bc17fee1bf Filter: Bitfield eattrs reading / writing moved to filter code
Before this change, fetch-update-write and bitmasking was hardcoded in
attribute access code cased by the attribute type. Several filter
instructions are used to do it instead.

As this is certainly going to be a little bit slower than before, the
switch block in attribute access code should be completely removed in
near future, helping with both performance and code cleanliness.

The user interface should have stayed intact.
2022-05-04 15:37:41 +02:00
Maria Matejka
98fd158e28 RIP: fixed the EA_RIP_FROM attribute
The interface pointer was improperly converted to u32 and back. Fixing
this by explicitly allocating an adata structure for it. It's not so
memory efficient, we'll optimize this later.
2022-04-13 17:05:12 +02:00
Maria Matejka
4a23ede2b0 Protocols have their own explicit init routines 2022-04-06 18:14:08 +02:00
Maria Matejka
ebd807c0b8 Slab allocator can free the blocks without knowing the parent structure 2022-04-06 18:14:08 +02:00
Maria Matejka
7e86ff2076 All linpools use pages to allocate regular blocks 2022-04-06 18:14:08 +02:00
Maria Matejka
0f68515263 Unsetting route attributes without messing with type system 2022-04-06 18:14:08 +02:00
Maria Matejka
63cf5d5d8c Eattr flags (originated and fresh) get their own struct fields 2022-04-06 18:14:08 +02:00
Maria Matejka
af8568a870 Minor fix: f_val literals should always have named struct fields 2022-04-06 18:14:08 +02:00
Maria Matejka
c53f547a0b Printf variant with a result allocated inside a pool / linpool 2022-03-15 11:21:46 +01:00
Maria Matejka
41572e0c1b Merge commit 'f81702b7' into haugesund 2022-03-09 15:03:48 +01:00
Maria Matejka
9dc1d7782e Merge commit '0767a0c2' into haugesund
Conflicts:
	nest/rt-table.c
2022-03-09 14:40:09 +01:00
Maria Matejka
6151e51ffa Merge commit '8f3942a9' into haugesund
Conflicts:
	nest/rt-table.c
2022-03-09 14:09:34 +01:00
Maria Matejka
4eeae48214 Merge commit '56c8f2f0' into haugesund
Conflicts:
	nest/route.h
	nest/rt-table.c
2022-03-09 13:49:31 +01:00
Maria Matejka
01c9f3d78e Merge commit '575da88f' into haugesund
Conflicts:
	nest/rt-table.c
2022-03-09 13:37:12 +01:00
Maria Matejka
92b832380d Merge commit '1b9189d5' into haugesund 2022-03-09 13:13:05 +01:00
Maria Matejka
1b9189d5fd Route validity check converted to generic macro dispatch 2022-03-09 12:30:05 +01:00
Maria Matejka
19e727a248 Merge commit '60880b539b8886f76961125d89a265c6e1112b7a' into haugesund 2022-03-09 11:29:56 +01:00
Maria Matejka
8a4bc4fdbf BGP Flowspec validation: Removed in-route optimization for multithreading compatibility 2022-03-09 11:27:34 +01:00
Maria Matejka
24773af9e0 Merge commit 'e42eedb9' into haugesund 2022-03-09 11:02:55 +01:00
Maria Matejka
83d9920f90 Merge commit '5cff1d5f' into haugesund
Conflicts:
      proto/bgp/attrs.c
      proto/pipe/pipe.c
2022-03-09 10:56:06 +01:00
Maria Matejka
ff47cd80dd Merge commit 'd5a32563' into haugesund 2022-03-09 10:50:38 +01:00
Maria Matejka
9e60a1fbc3 Fixed resource initialization in unit tests 2022-03-09 10:30:42 +01:00
Maria Matejka
c78247f9b9 Single-threaded version of sark-branch memory page management 2022-03-09 09:10:44 +01:00
Maria Matejka
d814a8cb93 Replaced custom linpools in tests for the common tmp_linpool 2022-03-02 12:13:49 +01:00
Ondrej Zajicek (work)
53a2540687 Merge branch 'oz-trie-table' 2022-02-06 23:42:10 +01:00
Ondrej Zajicek (work)
5a89edc6fd Nest: Implement locking of prefix tries during walks
The prune loop may may rebuild the prefix trie and therefore invalidate
walk state for asynchronous walks (used in 'show route in' cmd). Fix it
by adding locking that keeps the old trie in memory until current walks
are done.

In future this could be improved by rebuilding trie walk states (by
lookup for last found prefix) after the prefix trie rebuild.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
de6318f70a Nest: Implement prefix trie pruning
When rtable is pruned and network fib nodes are removed, we also need to
prune prefix trie. Unfortunately, rebuilding prefix trie takes long time
(got about 400 ms for 1M networks), so must not be atomic, we have to
rebuild a new trie while current one is still active. That may require
some considerable amount of temporary memory, so we do that only if
we expect significant trie size reduction.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
1f2eb2aca8 BGP: Implement flowspec validation procedure
Implement flowspec validation procedure as described in RFC 8955 sec. 6
and RFC 9117. The Validation procedure enforces that only routers in the
forwarding path for a network can originate flowspec rules for that
network.

The patch adds new mechanism for tracking inter-table dependencies, which
is necessary as the flowspec validation depends on IP routes, and flowspec
rules must be revalidated when best IP routes change.

The validation procedure is disabled by default and requires that
relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
1ae42e5223 Nest: Add routing table configuration blocks
Allow to specify sorted flag, trie fla, and min/max settle time.

Also do not enable trie by default, it must be explicitly enabled.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
fde1cff012 Nest: Add convenience functions to check rtable net type 2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
61375bd0b3 Nest: Avoid unnecessary net_format() in 'show route' command
When output of 'show route' command was generated, the net_format() was
called for each network prematurely, even if the result was not needed.

Fix the code to call net_format() only when needed. This makes queries
that process many networks but show only few (e.g. 'show route where ..',
or 'show route count') much faster (like 5x - 10x faster).
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
9ac16df3d7 Nest: Add trie iteration code to 'show route'
Add trie iteration code to rt_show_cont() CLI hook and use it to
accelerate 'show route in <addr>' commands using interval queries.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
ea97b89051 Nest: Implement 'show route in <addr>' command
Implement 'show route in <addr>' command, which shows all routes in
networks that are subnets of given network. Currently limited to IP
network types.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
836a87b8ac Nest: Attach prefix trie to rtable for faster LPM and interval queries
Attach a prefix trie to IP/VPN/ROA tables. Use it for net_route() and
net_roa_check(). This leads to 3-5x speedups for IPv4 and 5-10x
speedup for IPv6 of these calls.

TODO:
 - Rebuild the trie during rt_prune_table()
 - Better way to avoid trie_add_prefix() in net_get() for existing tables
 - Make it configurable (?)
2022-02-06 23:27:13 +01:00
Alexander Zubkov
0e1fd7ea6a Filter: Add operators to find minimum and maximum element of sets
Add operators .min and .max to find minumum or maximum element in sets
of types: clist, eclist, lclist. Example usage:

bgp_community.min
bgp_ext_community.max
filter(bgp_large_community, [(as1, as2, *)]).min

Signed-off-by: Alexander Zubkov <green@qrator.net>
2021-12-28 04:07:09 +01:00
Ondrej Zajicek (work)
b21104c97e Nest: Do not ignore secondary flag changes in ifa updates
Compare all IA_* flags that are set by sysdep iface code.

The old code ignores IA_SECONDARY flag when comparing whether iface
address updates from kernel changed anything. This is usually not an
issue as kernel removes all secondary addresses due to removal of the
primary one, but it breaks when sysctl 'promote_secondaries' is enabled
and kernel promotes secondary addresses to primary ones.

Thanks to 'Alexander' for the bugreport.
2021-12-18 01:09:52 +01:00
Maria Matejka
f772afc525 Memory statistics split into Effective and Overhead
This feature is intended mostly for checking that BIRD's allocation
strategies don't consume much memory space. There are some cases where
withdrawing routes in a specific order lead to memory fragmentation and
this output should give the user at least a notion of how much memory is
actually used for data storage and how much memory is "just allocated"
or used for overhead.

Also raising the "system allocator overhead estimation" from 8 to 16
bytes; it is probably even more. I've found 16 as a local minimum in
best scenarios among reachable machines. I couldn't find any reasonable
method to estimate this value when BIRD starts up.

This commit also fixes the inaccurate computation of memory overhead for
slabs where the "system allocater overhead estimation" was improperly
added to the size of mmap-ed memory.
2021-11-27 22:54:15 +01:00
Maria Matejka
644e9ca94e Directly mapped pages are kept for future use if temporarily not needed 2021-11-24 19:42:52 +00:00
Maria Matejka
5395880908 Fixed pipe reload/refeed 2021-11-23 12:06:27 +00:00
Maria Matejka
4ba991f19c Fixed channel export map confusion 2021-11-23 11:12:32 +00:00
Maria Matejka
adf37d8eff VRF setting reduced to one argument, using default dummy iface for default vrf 2021-11-22 19:05:44 +01:00
Maria Matejka
4f3fa1623f Pipe runs in parallel. 2021-11-22 19:05:44 +01:00
Maria Matejka
c7d0c5b252 Route subscription uses events 2021-11-22 19:05:44 +01:00
Maria Matejka
18f66055e3 Global table update pool removed 2021-11-22 19:05:44 +01:00
Maria Matejka
038fcf1c8b Locking route attributes cache
To access route attribute cache from multiple threads at once, we have
to lock the cache on writing. The route attributes data structures are
safe to read unless somebody tries to tamper with the cache itself.
2021-11-22 19:05:44 +01:00
Maria Matejka
f0507f05ce Route sources have an explicit owner
This commit prevents use-after-free of routes belonging to protocols
which have been already destroyed, delaying also all the protocols'
shutdown until all of their routes have been finally propagated through
all the pipes down to the appropriate exports.

The use-after-free was somehow hypothetic yet theoretically possible in
rare conditions, when one BGP protocol authors a lot of routes and the
user deletes that protocol by reconfiguring in the same time as next hop
update is requested, causing rte_better() to be called on a
not-yet-pruned network prefix while the owner protocol has been already
freed.

In parallel execution environments, this would happen an inter-thread
use-after-free, causing possible heisenbugs or other nasty problems.
2021-11-22 19:05:44 +01:00
Maria Matejka
dc160e11e1 Route table import-to-export announcement indirection to reduce pipe traffic 2021-11-22 19:05:44 +01:00
Maria Matejka
878eeec12b Routing tables now have their own loops.
This basically means that:
* there are some more levels of indirection and asynchronicity, mostly
  in cleanup procedures, requiring correct lock ordering
* all the internal table operations (prune, next hop update) are done
  without blocking the other parts of BIRD
* the protocols may get their own loops very soon
2021-11-22 19:05:44 +01:00
Maria Matejka
aadf690b14 Higher settle times when route refresh in the source table is running 2021-11-22 19:05:44 +01:00
Maria Matejka
df476c2e5d Corking also feed start to keep BIRD running when refeeds would easily cause congestion 2021-11-22 19:05:44 +01:00
Maria Matejka
0fd1c1d091 Route attribute cache is now lockless on read / clone.
Lots of time was spent locking when accessing route attribute cache.
This overhead should be now reduced to a minimum.
2021-11-22 19:05:44 +01:00
Maria Matejka
2a224a9e1e Route sources have their separate global lock 2021-11-22 19:05:44 +01:00
Maria Matejka
94eb0858c2 Converting the former BFD loop to a universal IO loop and protocol loop.
There is a simple universal IO loop, taking care of events, timers and
sockets. Primarily, one instance of a protocol should use exactly one IO
loop to do all its work, as is now done in BFD.

Contrary to previous versions, the loop is now launched and cleaned by
the nest/proto.c code, allowing for a protocol to just request its own
loop by setting the loop's lock order in config higher than the_bird.

It is not supported nor checked if any protocol changed the requested
lock order in reconfigure. No protocol should do it at all.
2021-11-22 19:05:43 +01:00
Maria Matejka
c70b3198dc Route export is now asynchronous.
To allow for multithreaded execution, we need to break the import-export
chain and buffer the exports before actually processing them.
2021-11-22 19:05:43 +01:00
Maria Matejka
f18968f52f Better profylaction recursive route loops
In some specific configurations, it was possible to send BIRD into an
infinite loop of recursive next hop resolution. This was caused by route
priority inversion.

To prevent priority inversions affecting other next hops, we simply
refuse to resolve any next hop if the best route for the matching prefix
is recursive or any other route with the same preference is recursive.

Next hop resolution doesn't change route priority, therefore it is
perfectly OK to resolve BGP next hops e.g. by an OSPF route, yet if the
same (or covering) prefix is also announced by iBGP, by retraction of
the OSPF route we would get a possible priority inversion.
2021-11-22 19:05:43 +01:00
Maria Matejka
3b20722a1f Table cork: Stop creating updates when there are too many pending.
The corked procedure gets a callback when uncorked. Supported by table
maintenance routines and also BGP.
2021-11-22 19:05:43 +01:00
Maria Matejka
44f26c49f9 Special table hooks rectified.
* internal tables are now more standalone, having their own import and
  export hooks
* route refresh/reload uses stale counter instead of stale flag,
  allowing to drop walking the table at the beginning
* route modify (by BGP LLGR) is now done by a special refeed hook,
  reimporting the modified routes directly without filters
2021-11-22 19:05:43 +01:00
Maria Matejka
445eeaf3df Split route table event into separate events
The former rt_event is dropped in favour of separate table events.
This allows for selective corking of NHU and prune.
2021-11-22 19:05:43 +01:00
Maria Matejka
f81702b7e4 Table import and export are now explicit hooks.
Channels have now included rt_import_req and rt_export_req to hook into
the table instead of just one list node. This will (in future) allow for:

* channel import and export bound to different tables
* more efficient pipe code (dropping most of the channel code)
* conversion of 'show route' to a special kind of export
* temporary static routes from CLI

The import / export states are also updated to the new algorithms.
2021-11-22 18:33:53 +01:00
Maria Matejka
0767a0c288 Secondary and merged exports get a whole feed instead of traversing the table structures directly 2021-11-09 19:20:41 +01:00
Maria Matejka
8f3942a97e Route export: rejected by filter bitmap
If a route has been rejected by filter, store that information
to avoid repeated export filter runs on rejected routes.
2021-11-09 19:20:41 +01:00
Maria Matejka
56c8f2f03a Nest: Route generations and explicit tracking route propagion through pipes 2021-11-09 19:20:41 +01:00
Maria Matejka
575da88f7a Recursive route nexthop updates now announced with valid new_best/old_best information 2021-11-09 19:20:41 +01:00
Maria Matejka
69d1ffde4c Split route data structure to storage (ro) / manipulation (rw) structures.
Routes are now allocated only when they are just to be inserted to the
table. Updating a route needs a locally allocated route structure.
Ownership of the attributes is also now not transfered from protocols to
tables and vice versa but just borrowed which should be easier to handle
in a multithreaded environment.
2021-11-09 19:20:41 +01:00
Maria Matejka
3a8197a9dc Limit containment 2021-11-09 19:20:41 +01:00
Maria Matejka
c56752e436 Protocol stats split to import and export 2021-11-09 19:20:41 +01:00
Maria Matejka
1c2f66f2bd Refeed is done from export table when appropriate 2021-11-09 19:20:41 +01:00
Maria Matejka
60880b539b Extended route trace: logging Path Identifiers 2021-11-09 17:42:36 +01:00
Maria Matejka
0b295d695a Dropping the unused rte_same hook 2021-10-13 19:09:05 +02:00
Maria Matejka
89ff49f8f0 Dropping rte-local dumper entries 2021-10-13 19:09:05 +02:00
Maria Matejka
e42eedb912 Kernel: Convert the rte-local attributes to extended attributes and flags to pflags 2021-10-13 19:09:04 +02:00
Maria Matejka
5cff1d5f02 Route: moved rte_src pointer from rta to rte
It is an auxiliary key in the routing table, not a route attribute.
2021-10-13 19:09:04 +02:00
Maria Matejka
d5a32563df Preexport: No route modification, no linpool needed 2021-10-13 19:09:04 +02:00
Maria Matejka
541881bedf RIP fixup + dropping the tmp_attrs mechanism as obsolete 2021-10-13 19:09:04 +02:00
Maria Matejka
3660f19dd5 Dropping the RTS_DUMMY temporary route storage.
Kernel route sync is done by other ways now and this code is not used
currently.
2021-10-13 19:09:04 +02:00
Maria Matejka
eb937358c0 Preference moved to RTA and set explicitly in protocols 2021-10-13 19:09:04 +02:00
Maria Matejka
cee0cd148c Export table: Delay freeing of old stored route.
This is needed to provide the protocols the full old route after filters
when export table is enabled.
2021-10-13 19:09:04 +02:00
Maria Matejka
ddd89ba12d BGP: Moved the suppressed and stale flags to pflags 2021-10-13 19:09:04 +02:00
Maria Matejka
c507fb41bb Babel: Convert the rte-local attributes to extended attributes 2021-10-13 19:09:04 +02:00
Maria Matejka
8216ec3027 There may be a symbol with NULL protocol when reconfiguring 2021-10-13 19:09:04 +02:00
Maria Matejka
5f0cb61d82 OSPF: Convert the rte-local attributes to extended attributes 2021-10-13 19:09:04 +02:00
Maria Matejka
8ac20511e1 Show route may be accidentally called on shutdown also when not all default tables are present 2021-10-13 19:09:04 +02:00
Maria Matejka
a0e4c66404 RIP: convert the rte-local attributes to extended attributes 2021-10-13 19:09:04 +02:00
Maria Matejka
6e13df70fd Extended route attributes may include also pointers 2021-10-13 19:09:04 +02:00
Maria Matejka
d471d5fc7c IGP metric getter refactoring to protocol callback
Direct protocol hooks for IGP metric inside nest/rt-table.c make the
protocol API unnecessarily complex. Instead, we use a proper callback.
2021-10-13 19:09:04 +02:00
Ondrej Zajicek (work)
47d92d8f9d Nest: Clean up main channel handling
Remove assumption that main channel is the only channel.
2021-09-10 17:32:05 +02:00
Ondrej Zajicek (work)
f761be6b30 Nest: Clean up main channel handling
Remove assumption that main channel is the only channel.
2021-06-17 16:56:51 +02:00
Ondrej Zajicek (work)
1b9bf4e192 Nest: Fix export of tmpattrs through pipes
Pipes copy the original rte with old values, so they require rte to be
exported with stored tmpattrs. Other protocols access stored attributes
using eattr list, so they require rte to be exported with expanded
tmpattrs. This is temporary hack, we plan to remove whoe tmpattr mechanism.

Thanks to Paul Donohue for the bugreport.
2021-06-14 20:02:50 +02:00
Ondrej Zajicek (work)
3ebabab277 Revert "Nest: Fix export of tmpattrs through pipes"
This reverts commit f8e273b5e7.
2021-06-14 17:58:37 +02:00
Ondrej Zajicek (work)
f8e273b5e7 Nest: Fix export of tmpattrs through pipes
In most cases of export there is no need to store back temporary
attributes to rte, as receivers (protocols) access eattr list anyway.
But pipe copies the original rte with old values, so we should store
tmpattrs also during export.

Thanks to Paul Donohue for the bugreport.
2021-06-14 16:30:59 +02:00
Ondrej Zajicek (work)
596f2e32e3 Nest: Allow both 'password' and 'key' keywords for authentication keys 2021-06-09 19:54:01 +02:00
Ondrej Zajicek (work)
8eea396baf Nest: Fix password list parsing code
One of previous patches broke password list parsing code, fix that.
2021-06-06 19:10:33 +02:00
Toke Høiland-Jørgensen
589f7d1e4f Nest: Allow MAC algorithms to specify min/max key length
Add min/max key length fields to the MAC algorithm description and
validate configured keys before they are used.
2021-06-06 16:28:18 +02:00
Toke Høiland-Jørgensen
35f88b305a Nest: Allow specifying security keys as hex bytes as well as strings
Add support for specifying a password in hexadecimal format, The result
is the same whether a password is specified as a quoted string or a
hex-encoded byte string, this just makes it more convenient to input
high-entropy byte strings as MAC keys.
2021-06-06 16:28:18 +02:00
Toke Høiland-Jørgensen
725d9af94a Lib: Add Blake2s and Blake2b hash functions
The Babel MAC authentication RFC recommends implementing Blake2s as one of
the supported algorithms. In order to achieve do this, add the blake2b and
blake2s hash functions for MAC authentication. The hashing function
implementations are the reference implementations from blake2.net.

The Blake2 algorithms allow specifying an arbitrary output size, and the
Babel MAC spec says to implement Blake2s with 128-bit output. To satisfy
this, we add two different variants of each of the algorithms, one using
the default size (256 bits for Blake2s, 512 bits for Blake2b), and one
using half the default output size.

Update to BIRD coding style done by committer.
2021-06-06 16:26:58 +02:00
Maria Matejka
3d90241f62 Internal route tables have a reduced cleanup routine
This fixes an internal table cleanup bug introduced
in ff397df7ed.
2021-04-19 15:14:55 +02:00
Maria Matejka
7c8b7649f9 Allocation of ea_list in one contiguous memory block
This saves some bytes of memory for complex ea's.
2021-03-30 21:56:08 +02:00
Maria Matejka
ff397df7ed Routing table is now a resource allocated from its own pool
This also fixes memory leaks from import/export tables being never
cleaned up and freed.
2021-03-30 21:56:08 +02:00
Maria Matejka
4635314cef Routing tables list iteration should use explicit node struct position 2021-03-30 21:56:08 +02:00
Ondrej Zajicek (work)
0a3db4c680 Minor fixes for restricted builds 2021-03-17 15:56:12 +01:00
Ondrej Zajicek (work)
2f98153490 Pipe: Propagate debug flags from protocol to channels
Pipe channels are kind-of implicit, so setting protocol debug flags
should also set pipe debug flags.
2021-03-16 20:10:00 +01:00
Ondrej Zajicek (work)
7be3af7fa6 Rate-limit scheduling of work-events
In general, events are code handling some some condition, which is
scheduled when such condition happened and executed independently from
I/O loop. Work-events are a subgroup of events that are scheduled
repeatedly until some (often significant) work is done (e.g. feeding
routes to protocol). All scheduled events are executed during each
I/O loop iteration.

Separate work-events from regular events to a separate queue and
rate limit their execution to a fixed number per I/O loop iteration.
That should prevent excess latency when many work-events are
scheduled at one time (e.g. simultaneous reload of many BGP sessions).
2021-03-12 15:35:56 +01:00
Ondrej Zajicek (work)
211fe69c98 Nest: No automatic ROA reload on non-reloadable channels 2021-03-09 18:37:52 +01:00
Ondrej Zajicek (work)
d3782c72b9 Nest: Add option to control automatic RPKI reload
Also, no automatic reload for BGP channels without import/export table.
2021-02-12 05:05:18 +01:00
Vincent Bernat
714238716e BGP: Add support for BGP hostname capability
This is an implementation of draft-walton-bgp-hostname-capability-02.
It is implemented since quite some time for FRR and in datacenter, this
gives a nice output to avoid using IP addresses.

It is disabled by default. The hostname is retrieved from uname(2) and
can be overriden with "hostname" option. The domain name is never set
nor displayed.

Minor changes by committer.
2021-02-10 16:53:57 +01:00
Ondrej Zajicek (work)
00b85905b9 Nest: Automatic channel reloads based on RPKI changes
If there are roa_check() calls in channel filters, then the channel
subscribes to ROA table notifications, which are sent when ROA tables
are updated (subject to settle time) and trigger channel reload or
refeed.
2021-02-10 03:09:57 +01:00
Ondrej Zajicek (work)
d06a875b04 Filter: Recursive filter iteration code
Add macros for recursive filter iteration that allows to examine
all instructions reachable from a filter.
2021-02-07 19:21:42 +01:00
Ondrej Zajicek (work)
7a1f4baac1 Nest: remove last_tx_filter_change
No longer needed after redesign of export handling.
2021-01-06 14:51:49 +01:00
James Lu
455c13dc99 Nest: Read Babel metric as IGP metric
(Minor syntactic changes by committer)
2020-12-29 02:25:21 +01:00
Ondrej Zajicek (work)
61dae32b29 Nest: Per-channel debug flags
The patch add support for per-channel debug flags, currently just
'states', 'routes', and 'filters'. Flag 'states' is used for channel
state changes, remaining two for routes passed through the channel.
The per-protocol debug flags 'routes'/'filters' still enable reporting
of routes for all channels, to keep existing behavior.

The patch causes minor changes in some log messages.
2020-12-07 22:19:40 +01:00
Ondrej Zajicek (work)
30b8468269 Minor cleanups with cfg_allocz()
Also fixes some more failed asserts due to add_tail().
2020-11-24 04:09:11 +01:00
Ondrej Zajicek (work)
1678bc0746 Fix some failed asserts due to add_tail()
When config structures are copied due to template application,
we need to reset list node structure before calling add_tail().

Thanks to Mikael Magnusson for patches.
2020-11-24 03:42:23 +01:00
Ondrej Zajicek (work)
c9ae81656f Some minor sl_allocz() cleanups 2020-11-24 03:21:44 +01:00
Ondrej Zajicek (work)
b962967e20 Nest: Fix crash in receive limit handling in import table
Logging as a result of triggered receive limit in import table code
accesset rte->net, which was not filed yet.

Thanks to Pier Carlo Chiodi for the bugreport.
2020-11-15 16:01:19 +01:00
Ondrej Zajicek (work)
3b56bf8849 BFD: Better handling of BFD options in BGP configs
Merge multiple BFD option blocks in BGP configs instead of using the last
one. That is necessary for proper handling of templates when BFD options
are used both in a BGP template and in a BGP protocol derived from that
template.
2020-11-12 04:02:38 +01:00
Ondrej Zajicek (work)
9d3fc3062b BFD: Allow per-request session options
BFD session options are configured per interface in BFD protocol. This
patch allows to specify them also per-request in protocols requesting
sessions (currently limited to BGP).
2020-11-08 15:33:22 +01:00
Ondrej Zajicek (work)
c0e1f534c9 Nest: Keep route ordering during route updates
Put new non-best routes to the end of list instead of the second
position. Put updated routes to their old position. Position is changed
just by best route selection.
2020-07-16 15:02:10 +02:00
Ondrej Zajicek (work)
c26c6bc2d7 Show info from multiple protocols when protocol is not specified
Most commands like 'show ospf neighbors' fail when protocol is not
specified and there are multiple instances of given protocol type.
This is annoying in BIRD 2, as many protocols have IPv4 and IPv6
instances. The patch changes that by showing output from all protocol
instances of appropriate type.

Note that the patch also removes terminating cli_msg() call from these
commands and moves it to the common iterating code.
2020-06-28 15:38:47 +02:00
Ondrej Zajicek (work)
1ca7665fa4 Nest: Allow key id 0
There is nothing in RFCs specifying that id 0 is not allowed. Some
implementations does not support it, while some other use key id 0 by
default. We allow it but start with key id 1 by default.

Thanks to Kenth Eriksson for the bugreport.
2020-05-19 02:50:47 +02:00
Ondrej Zajicek (work)
ec430a7fee Nest: Implement BGP path mask loop operator
Implement regex-like '+' operator in BGP path masks to match previous
path mask item multiple times. This is useful as ASNs may appear
multiple times in paths due to path prepending for traffic engineering
purposes.
2020-05-18 16:25:08 +02:00
Ondrej Zajicek (work)
b8bbbbaf56 Nest: Fix neighbor handling for colliding ranges
Resolve neighbors using longest prefix match. Although interface ranges
should not generally collide, it may happen for unnumbered links.

Thanks to Kenth Eriksson for the bugreport.
2020-05-11 04:29:36 +02:00
Maria Matejka
b12442c985 Fixed a harmless warning in production build 2020-05-01 15:41:42 +02:00
Maria Matejka
3bb10b4d31 Uninitialized list nodes fixes 2020-05-01 15:19:12 +02:00
Maria Matejka
258be56539 Nest: Added const to ea_show just to declare that this shouldn't really change anything 2020-05-01 15:19:12 +02:00
Maria Matejka
0fa8bf91cd Nest: Several assumptions to tame the static analyzer 2020-05-01 15:19:12 +02:00
Maria Matejka
bbe49ae569 Nest: Assumption in rt-show for not-so-intuitive invariant. 2020-05-01 15:19:12 +02:00
Nasato Goto
a6548d5b5b BGP: Fix handling of 16bit-only ASN translation
The bug generated invalid AGGREGATOR attribute during translation of
32bit ASN to 16bit-only BGP peer. The patch fixes that.
2020-04-15 03:46:53 +02:00
Maria Matejka
fd9f0c0640 Configuration strings are constant.
This is merely a const propagation. There was no problem in there.
2020-04-09 15:37:14 +02:00
Ondrej Zajicek (work)
2755002890 Filter: Optimize IPv4 prefix sets
Use separate IPv4 and IPv6 implementation of prefix sets. Just this
change makes IPv4 prefix sets 60% smaller and 50% faster.
2020-03-26 03:57:48 +01:00
Ondrej Zajicek (work)
22c3cf955d RIP: Demand circuit support (RFC 2091) 2020-02-21 02:35:50 +01:00
Maria Matejka
4bbc10614f Added missing extern
Thanks to Robert Scheck <bird@robert-scheck.de> who reported it
and Toke Høiland-Jørgensen <toke@toke.dk> who suggested this patch.
2020-02-04 10:11:16 +01:00
Ondrej Zajicek (work)
7d767c5a3d KRT: Improve syncer code to avoid using temporary data in rtable
The old code stored route verdicts and temporary routes directly in
rtable. The new code do not store received routes (it immediately
compares them with exported routes and resolves conflicts) and uses
internal bitmap to keep track of which routes were received and which
needs to be reinstalled.

By not putting 'invalid' temporary routes to rtable, we keep rtable
in consistent state, therefore scan no longer needs to be atomic
operation and could be splitted to multiple events.
2020-01-07 18:35:03 +01:00
Ondrej Zajicek (work)
cc75b3e1dc KRT: Remove KRF_SYNC_ERROR flag
This info is now stored in an internal bmap. Unfortunately, net.flags
is still needed for temporary kernel data.
2019-12-19 16:34:35 +01:00
Ondrej Zajicek (work)
c132acae36 KRT: Remove KRF_INSTALLED flag
The same information is stored in export_map of kernel protocol.
2019-12-16 02:42:24 +01:00
Ondrej Zajicek (work)
4ab54f1aef Nest: Fix bitmap cleanup
Channel currently does not have independent pool and uses protocol pool,
which is freed when protocol changes state to down, while channel is
still in flushing. Move some some cleanup code to channel_do_flush()
so it is done before freeing of protocol pool.
2019-12-10 18:18:02 +01:00
Ondrej Zajicek (work)
5ea39eaa96 Nest: Use bitmaps to keep track of exported routes
Use a hierarchical bitmap in a routing table to assign ids to routes, and
then use bitmaps (indexed by route id) in channels to keep track whether
routes were exported. This avoids unreliable and inefficient re-evaluation
of filters for old routes in order to determine whether they were exported.
2019-11-26 18:39:25 +01:00
Ondrej Zajicek (work)
d033e6327d CLI: Fix continuation lines after final one
Continuation lines may use short form (with space instead of message
number), but this should not be done when previous line is final.

Thanks to Kenth Eriksson for the bugreport and analysis.
2019-11-26 16:43:09 +01:00
Ondrej Zajicek (work)
a52476c9be BGP: Add option to reject AS_SETs
There is a pending draft to make them obsolete
2019-11-04 22:09:35 +01:00
Ondrej Zajicek (work)
0edf0c8cd9 Support for address family constants
We already had them defined on BGP level, but they are more general.
2019-11-03 22:25:44 +01:00
Ondrej Zajicek (work)
08c4c9a30b Nest: Fix bug in export table
For regular channels do not compare src in export table, as we want to
keep here only the best (exported) route per network.
2019-11-03 20:25:42 +01:00
Ondrej Zajicek (work)
498d8145c0 Nest: Fix primary flag in show route
The route is changed by rte_make_tmp_attrs(), so we need to compare
net->routes to the original one.

Thanks to Kenth Eriksson for the bugreport.
2019-10-25 13:28:51 +02:00
Fabrice Fontaine
f9eb9b4cab Nest: Fix build without protocols
(CHECK keyword added by commiter)
2019-10-19 12:50:27 +02:00
Ondrej Zajicek (work)
843b10c8b0 Nest: Handle non-MPLS on MPLS case in recursive route update
When non-MPLS recursive route resolves to MPLS underlying route,
then it should get MPLS labels from the the underlying route.
2019-10-10 15:25:36 +02:00
Ondrej Zajicek (work)
9eace84342 Nest: Handle PtP links in recursive route update
Underlying (IGP) route may lead to PtP link, in this case it does not
need gateway. Which is different than direct route without gateway.

When recursive (BGP) route uses PtP route, it should not use recursive
next hop as immediate next hop, while for direct routes it should.
2019-10-10 15:06:32 +02:00
Ondrej Zajicek (work)
cb2b6e0494 Nest: Fix recursive route update
Missing cleanup can lead to dangling pointer to old next hops.
2019-10-10 14:01:16 +02:00
Ondrej Zajicek (work)
09ee846d92 BGP: AIGP metric support (RFC 7311) 2019-10-09 17:53:23 +02:00
Ondrej Zajicek (work)
ca2dacfcee Nest: Fix bug in export table
Exported route may be in modified state, we need to get cached one for
rte_same() and rta_clone() to work properly.
2019-09-24 17:17:37 +02:00
Maria Matejka
32a254050d Channel refeed with import table splitting between routes for one prefix 2019-08-27 19:14:15 +02:00
Ondrej Zajicek (work)
a297a4f044 Nest: Fix crash in route reload when some channels are not up.
Only channels that are up can be reloaded.
2019-08-14 06:02:33 +02:00
Ondrej Zajicek (work)
b7d7599ce3 BGP: implement Adj-RIB-Out
The patch implements optional internal export table to a channel and
hooks it to BGP so it can be used as Adj-RIB-Out. When enabled, all
exported (post-filtered) routes are stored there. An export table can be
examined using e.g. 'show route export table bgp1.ipv4'.
2019-08-14 06:02:33 +02:00
Ondrej Zajicek (work)
9f3e098320 Filter: Allow to use set constants / expressions in path masks
Allow to not only use set literals in path masks, but also existing
set constants or set expressions.
2019-08-06 18:54:19 +02:00
Ondrej Zajicek (work)
ef113c6f72 Filter: Allow to use sets in path masks 2019-08-06 16:58:13 +02:00
Ondrej Zajicek (work)
e2b530aa72 BGP: Improve reconfiguration
Several BGP channel options (including 'next hop self') could be
reconfigured without session reset, with just route refeed/refresh.
The patch improves reconfiguration code to do it that way.
2019-08-06 15:29:06 +02:00
Maria Matejka
2de1e2062e Conf: Fixed symbol redefinition 2019-07-30 14:28:40 +02:00
Ondrej Zajicek (work)
cec40a7467 Merge remote-tracking branch 'origin/mq-filter-stack' 2019-07-24 15:38:32 +02:00
Ondrej Zajicek (work)
18f70a6229 Nest: VRF of protocol can be explicitly specified as 'default'
Protocol can have specified VRF, in such case it is restricted to a set
of ifaces associated with the VRF, otherwise it can use all interfaces.

The patch allows to specify VRF as 'default', in which case it is
restricted to a set of iface not associated with any VRF.
2019-07-24 15:08:03 +02:00
Ondrej Zajicek (work)
cf7ff99513 BFD: Support for VRFs
Allow multiple BFD instances in separate VRFs, dispatch BFD requests
according to VRFs.

Thanks to Alexander Zubkov for notice and patches.
2019-07-17 16:20:35 +02:00
Maria Matejka
b2a4feeb4c Merge branch 'master' into mq-filter-stack 2019-07-10 11:27:08 +02:00
Maria Matejka
05e3933c06 Nest: Uninitialized variable fix
Thanks to Vincent Bernat for reporting this.
2019-07-08 13:05:14 +02:00
Maria Matejka
eac9250fd5 Merge branch 'master' into mq-filter-stack 2019-07-03 11:12:25 +02:00
Maria Matejka
84ac62d396 Filter: CLI command to dump all the linearized filters 2019-07-03 08:27:56 +02:00
Maria Matejka
3265c9169d Removed obsolete comment at as_path_cut() 2019-07-03 00:04:24 +02:00
Maria Matejka
78976974e7 Dynamic attributes definition split whether it is bitmask or not. 2019-07-03 00:00:11 +02:00
Ondrej Zajicek (work)
59d3a3611f Netlink: Handle alien routes with unsorted nexthops
Nest requires that nexthops are sorted, the kernel protocol have to
ensure that for alien routes.
2019-07-02 18:23:06 +02:00
Ondrej Zajicek (work)
8a68316eb9 Nest: Add command to request graceful restart
When 'graceful down' command is entered, protocols are shut down
with regard to graceful restart. Namely Kernel protocol does
not remove routes and BGP protocol does not send notification,
just closes the connection.
2019-06-30 21:29:24 +02:00
Jan Maria Matejka
23e3b1e665 Filter: Some people can't pronounce "postfixify" correctly. Let's try "linearize" instead.
This is just a naming change.
2019-05-22 15:20:02 +00:00
Maria Matejka
9eef9c648c Lexer now returns known sym / unknown sym / keyword 2019-05-17 22:26:21 +02:00
Ondrej Zajicek (work)
e0835db4f1 BGP: Dynamic BGP
Support for dynamically spawning BGP protocols for incoming connections.
Use 'neighbor range' to specify range of valid neighbor addresses, then
incoming connections from these addresses spawn new BGP instances.
2019-04-30 13:32:39 +02:00
Maria Matejka
7078aa63ae Fixed one warning and one undefined value. 2019-03-22 21:40:35 +01:00
Maria Matejka
2ab680c697 Fixed an undefined symbol bug in CLI introduced by filter refactoring 2019-03-20 16:50:58 +01:00
Maria Matejka
8d65add626 Merge branch 'master' into HEAD 2019-03-18 12:54:40 +01:00
Ondrej Zajicek (work)
875cc073b0 Nest: Update handling of temporary attributes
The temporary atttributes are no longer removed by ea_do_prune(), but
they are undefined by store_tmp_attrs() protocol hooks. This fixes
several bugs where temporary attributes were removed when they should
not or not removed when they should be. The flag EAF_TEMP is no longer
needed and was removed.

Update all protocol make_tmp_attrs() / store_tmp_attrs() hooks to use
helper functions and to handle unset attributes properly.

Also fix some related bugs like improper handling of empty eattr list.
2019-03-14 17:31:40 +01:00
Ondrej Zajicek (work)
9aa77fcceb OSPF: Improved handling of tmpattrs
Keep track of whether OSPF tmpattrs are actually defined for given route
(using flags in rte->pflags). That makes them behave more like real
eattrs so a protocol can define just a subset of them or they can be
undefined by filters.

Do not set ospf_metric2 for other than type 2 external OSPF routes and do
not set ospf_tag for non-external OSPF routes. That also fixes a bug
where internal/inter-area route propagated from one OSPF instance to
another is initiated with infinity ospf_metric2.

Thanks to Yaroslav Dronskii for the bugreport.
2019-03-06 18:28:00 +01:00
Ondrej Zajicek (work)
93af78d2d2 Nest: Do not compare rte.flags during rte_update()
Route flags are mosty internal state of rtable, they are not significant
to whether a route has changed. With the old code, all routes received as
a part of enhanced route refresh are always re-announced to other peers
due to change in REF_STALE.
2019-02-22 02:16:39 +01:00
Maria Matejka
0b39b1cbb7 Conf: Symbol implementation converted from void pointers to union
... and consted some declarations.
2019-02-20 22:30:55 +01:00
Maria Matejka
dd4d409551 Filter: Merged postfixify routine 2019-02-20 22:30:54 +01:00
Maria Matejka
de12cd18fb Filter: Merged filter line item dumpers into common generated source 2019-02-20 22:30:54 +01:00
Maria Matejka
5289304519 Filter data manipulation functions separated to their file 2019-02-20 22:30:54 +01:00
Maria Matejka
4f082dfa89 Filter: merged filter instruction constructors, counting line size on instruction construct 2019-02-20 22:30:54 +01:00
Maria Matejka
8bdb05edb2 Filters: split the large filter.h file to smaller files.
This should be revised, there are still ugly things in the filter API.
2019-02-20 22:30:54 +01:00
Maria Matejka
c0e958e022 Filter + Config: Fix bugs, tests and split symbols by type 2019-02-20 22:30:54 +01:00
Maria Matejka
9b46748d5b Filter: refactoring of instruction constructors 2019-02-20 22:30:54 +01:00
Maria Matejka
4c553c5a5b Filter refactoring: dropped the recursion from the interpreter
This is a major change of how the filters are interpreted. If everything
works how it should, it should not affect you unless you are hacking the
filters themselves.

Anyway, this change should make a huge improvement in the filter performance
as previous benchmarks showed that our major problem lies in the
recursion itself.

There are also some changes in nest and protocols, related mostly to
spreading const declarations throughout the whole BIRD and also to
refactored dynamic attribute definitions. The need of these came up
during the whole work and it is too difficult to split out these
not-so-related changes.
2019-02-20 22:30:54 +01:00
Jan Maria Matejka
7afa143886 Filter refactoring: Passing the resulting struct f_val as a pointer.
This also drops the multiplexing of errors with the f_val itself
together with the T_RETURN f_val type flag.
2019-02-20 22:30:54 +01:00
Jan Maria Matejka
25566c6810 Filter refactoring: Moved the bitfield bit position formula to route.h 2019-02-20 22:30:54 +01:00
Ondrej Zajicek (work)
3a8ca7abbc Nest: Prevent withdraws from propagation back to source protocol (for accepted mode)
Update for one of previous patches, handles the the issue for
first-accepted mode of route propagation.
2019-02-19 16:26:09 +01:00
Ondrej Zajicek (work)
cd16538fc9 Merge remote-tracking branch 'origin/mq-opt' 2019-02-09 15:53:16 +01:00
Ondrej Zajicek (work)
6e8fb66859 Nest: Improve export counter handling
One of previous workarounds for phantom route avoidance breaks export
counters by expanding sending of spurious withdraws, which are send when
we are not sure whether we have advertised that routes in the past.
If not, then export counter is decreased, but it was not increased
before, so it overflows under zero.

The patch fixes that by sendung spurious withdraws, but not counting them
on export counter. That may lead to error in the other direction, but that
happens only as a race condition (i.e., in normal operation filters
return proper values about old route export state).
2019-02-05 19:00:43 +01:00
Ondrej Zajicek (work)
52fdd1cb76 Nest: Report preferred counters also when 'import keep filtered' is enabled
Thanks to Michal Nowak for reporting the issue.
2019-02-05 15:59:26 +01:00
Ondrej Zajicek (work)
e1c275d87b Nest: Reestablish preferred counters 2019-02-02 13:28:16 +01:00
Maria Matejka
a8d0f2516c Nest: FIB rehash values tweaked for better performance 2019-01-31 15:10:51 +01:00