The Babel seqno wraps around when reaching its maximum value (UINT16_MAX).
When comparing seqnos, this has to be taken into account. Therefore,
plain number comparisons do not work.
Implement several options (min/max graceful restart time, min/max long
lived stale time) to override graceful restart and long-lived graceful
restart timer values, as suggested by RFC 9494.
It seems that it should be 'providers' instead of 'provider'.
It matches keyword declaration and documentation. Mismatch beween keyword
declaration also breaks static-only builds.
Fix several errors including:
- Unaligned memory access to 'Length of Error Text' field
- No validation of 'Length of Encapsulated PDU' field
- No validation of 'Error Code' field
- No validation of characters in diagnostic message
All the 'dump something' CLI commands now have a new mandatory
argument -- name of the file where to dump the data. This allows
for more flexible dumping even for production deployments where
the debug output is by default off.
Also the dump commands are now restricted (they weren't before)
to assure that only the appropriate users can run these time consuming
commands.
Instead of several levels of functions, just have two functions
(one for routes, the other for end-of-rib), this allows to create
messages in a simple linear fashion.
Also reduce three duplicite functions to construct BGP header for
BMP messages to just one.
This commit is quite a substantial rework of the underlying layers in
BMP TX:
- several unnecessary layers of indirection dropped, including most of
the original BMP's buffer machinery
- all messages are now written directly into one protocol's buffer
allocated for the whole time big enough to fit every possible message
- output blocks are allocated by pages and immediately returned when
used, improving the overall memory footprint
- no intermediary allocation is done from the heap altogether
- there is a documented and configurable limit on the TX queue size
We shouldn't convert bytes 2 and 3 of the PDU blindly, there are several
cases where these are used by bytes. Instead, the conversion is done
only where needed.
This fixes misinterpretation bug of ASPA PDU flags on little endian
architectures.
The END_OF_DATA PDU was extended in version 1, so it has different length
in different versions. We should do the PDU length check according to its
version.
Adds ability to override time format of show commands for current CLI session
so that it does not depend on configuration and may ease parsing when CLI is
called from tools.
Minor changes by committer.
The original algorithm assumed principles not consistent with the RFC
and could have lead to false invalids.
Also added filter tests showing also how the ASPA literals are used in
the static protocol.
RPKI-To-Router (RTR) sessions seem to be similar security-sensitivity as
IBGP sessions. BIRD already offered a choice of either "plain TCP" (meh)
or "SSH" (secure, albeit a bit more hassle to set up than TCP-MD5).
The patch adds TCP-MD5 as another option. TCP-MD5 for RTR is specified
through RFC 6810 section 7.3 and RFC 8210 section 9.3.
Minor changes by committer.
Some vendors do not fill the checksum for IPv6 UDP packets.
For interoperability with such implementations one can set
UDP_NO_CHECK6_RX socket option on Linux.
Thanks to Ville O for the suggestion.
Minor changes by committer.
Move bfd_opts grammar inside BFD parser code to avoid dependences between
nest and BFD grammars, which breaks when BFD build is disabled.
Add dummy bfd_opts grammar rule, so protocols can use this nonterminal
even with BFD disabled.
Thanks to Yuri Honegger for the bugreport.
In OSPFv3-IPv4 there is no requirement that link-local next hop announced
in Link-LSA must be in interface address range. Therefore, for interfaces
that do not have IPv4 address we can use some loopback IP address and
announce it as a next hop. Also we should accept such address.
BFD requires defined local IP, but for nexthop with onlink there might
not be such address. So we reject this combination of nexthop options.
This prevent crash where such combination of options is used.
Allow to explicitly configure the source IP address for RPKI-To-Router
sessions. Predictable source addresses are useful for minimizing the
holes to be poked in ACLs.
Changed from 'source address' to 'local address' by committer.
BGP route attributes have flags (Optional, Transitive) that are validated
on decode and set to valid value on export. But if such attribute is
modified by filter or set internally by BGP during import, then its flags
would be zero in local tables. That usually does not matter, as they are
not used locally and they were fixed on export, but invalid flags leaked
in BMP and MRT dumps.
Keep route attribute flags set to valid values even when set by filters
or modified by BGP.
Allow to define both nexthop and interface using iproute2-like syntax,
e.g.: route 10.0.0.0/16 via 10.1.0.1 dev "eth0";
Now we can avoid to use link-local scope hack (e.g. 10.1.0.1%eth0)
for cases where both nexthop and interface have to be defined.
Thanks to Marcin Saklak for the suggestion.
We can distinguish BGP sessions if at least one side uses a different IP
address. Extend olock mechanism to handle local IP as a part of key, with
optional wildcard, so BGP sessions could local IP in the olock and not
block themselves.
Increase max length of notification data in error logs from 16 to 128.
There is already enough space in the buffer.
Thanks to Marco d'Itri for the suggestion.
With very busy deployments, RPKI may kill cache connection too early.
Instead of that, we want it to keep loading if any data is waiting to
be read and the reason for delay is just our congestion.
Also, when we kill the session because of actually slow cache, we want
to reload from scratch as the data we have is unreliable and nobody
knows whether the state is still valid.
