0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-30 13:41:53 +00:00
Commit Graph

5037 Commits

Author SHA1 Message Date
Maria Matejka
b8a230e478 Interface subsystem locking 2023-04-04 17:00:58 +02:00
Maria Matejka
a26d307eab Proto: published protocol-loop connections 2023-04-04 16:44:54 +02:00
Ondrej Zajicek
f881b98d9b BGP: Fix bgp_med handling
Missing translation from BGP attribute ID to eattr ID in bgp_unset_attr()
broke automatic removal of bgp_med during export to EBGP peers.

Thanks to Edward Sun for the bugreport.
2023-04-04 05:20:49 +02:00
Johannes Moos
231c63851e Add missing references to "show route in" in the cli-help and doc.
The feature of showing all prefixes inside the given one has been added
in v2.0.9 but not well documented. Fixing it by this update.

Text in doc and commit message added by commiter.
2023-03-18 15:36:05 +01:00
Maria Matejka
2b712554d1 BGP: Free bind applies also to outbound connections
Even though the free bind option is primarily meant to alleviate problems
with addresses assigned too late, it's also possible to use BIRD with AnyIP
configuration, assigning whole ranges to the machine. Therefore free bind
allows also to create an outbound connection from specific address even though
such address is not assigned.
2023-03-16 19:23:33 +01:00
Ondrej Zajicek
6b38285f58 Net: Replace runtime checks with STATIC_ASSERT() 2023-03-06 11:57:40 +01:00
Petr Vaněk
0f679438f3 Printf test suite fails on systems with musl libc because tests for "%m"
and "%M" formats expect "Input/output error" message but musl returns
"I/O error". Proposed change compares the printf output with string
returned from strerror function for EIO constant.

See-also: https://bugs.gentoo.org/836713

Minor change from committer.
2023-03-06 11:33:27 +01:00
Maria Matejka
2f080b5432 Config: Dropping filter instruction trees after linearization 2023-02-22 14:54:09 +01:00
Maria Matejka
6c058ae40c Linpool flush drops all the allocated pages but one
When a linpool is used to allocate a one-off big load of memory, it
makes no sense to keep that amount of memory for future use inside the
linpool. Contrary to previous implementations where the memory was
directly free()d, we now use the page allocator which has an internal
cache which keeps the released pages for us and subsequent allocations
simply get these released pages back.

And even if the page cleanup routine kicks in inbetween, the pages get
only madvise()d, not munmap()ed so performance aspects are negligible.

This may fix some memory usage peaks in extreme cases.
2023-02-22 14:54:09 +01:00
Ondrej Zajicek
913ec57f27 BGP: Update RFC references 2023-02-19 15:42:18 +01:00
Ondrej Zajicek
501256cfc8 Babel: Update RFC references 2023-02-19 15:34:43 +01:00
Ondrej Zajicek
eefb296799 Conf: Fix too early free of old configuration
The change 371eb49043 introduced early free
of old_config. Unfortunately, it did not properly check whether it is not
still in use (blocked by obstacle during reconfiguration). Fix that.

It also means that we still could have a short peak when three configs
are in use (when a new reconfig is requeste while the previous one is
still active).
2023-02-19 04:08:31 +01:00
Toke Høiland-Jørgensen
ee91965894 Babel: Keep separate auth PC counters for unicast and multicast
The babel protocol normally sends all its messages as multicast packets,
but the protocol specification allows most messages to be sent as either
unicast or multicast, and the two can be mixed freely. In particular, the
babeld implementation can be configured to unicast updates to all peers
instead of sending them as unicast.

Daniel discovered that this can cause problems with the packet counter
checks in the MAC extension due to packet reordering. This happens on WiFi
networks where clients have power save enabled (which is quite common in
infrastructure networks): in this case, the access point will buffer all
multicast traffic and only send it out along with its beacons, leading to a
maximum buffering in default Linux-based access point configuration of up
to 200 ms.

This means that a Babel sender that mixes unicast and multicast messages
can have the unicast messages overtake the multicast messages because of
this buffering; when authentication is enabled, this causes the receiver to
discard the multicast message when it does arrive because it now has a
packet counter value less than the unicast message that arrived before it.
Daniel observed that this happens frequently enough that Babel ceases to
work entirely when runner over a WiFi network.

The issue has been described in draft-ietf-babel-mac-relaxed, which is
currently pending RFC publication. That also describes two mitigation
mechanisms: Keeping separate PC counters for unicast and multicast, and
using a reorder window for PC values. This patch implements the former as
that is the simplest, and resolves the particular issue seen on WiFi.

Thanks to Daniel Gröber for the bugreport.

Minor changes from committer.
2023-02-14 18:18:32 +01:00
Andreas Rammhold
eecc3f02e4 Babel: Implement IPv4 via IPv6 extension (RFC 9229)
The patch implements an IPv4 via IPv6 extension (RFC 9229) to the Babel
routing protocol (RFC 8966) that allows annoncing routes to an IPv4
prefix with an IPv6 next hop, which makes it possible for IPv4 traffic
to flow through interfaces that have not been assigned an IPv4 address.

The implementation is compatible with the current Babeld version.

Thanks to Toke Høiland-Jørgensen for early review on this work.

Minor changes from committer.
2023-02-14 16:17:03 +01:00
Maria Matejka
9508cd85ce Protocol shutdown/restart from limits is respecting the loops 2023-02-07 14:28:25 +01:00
Maria Matejka
a2fd889a3b Merge commit '0bb04d5390f21b0c96fc4894ba5d5510c541f0ef' into HEAD 2023-02-07 14:27:23 +01:00
Maria Matejka
0bb04d5390 BGP: opening and closing listening socket asynchronously 2023-02-07 11:52:03 +01:00
Maria Matejka
0851fcde65 Documentation: Adding roadmap as decided in January 2023 2023-02-03 09:12:34 +01:00
Maria Matejka
597a4b33a7 Macro: stringify 2023-02-02 15:57:21 +01:00
Maria Matejka
226839c977 Lists: fixed bugs in expensive checks in quirky usecases 2023-02-02 15:57:21 +01:00
Maria Matejka
c354e8f4c1 Interface updates are asynchronous
Instead of propagating interface updates as they are loaded from kernel,
they are enqueued and all the notifications are called from a
protocol-specific event. This change allows to break the locking loop
between protocols and interfaces.

Anyway, this change is based on v2 branch to keep the changes between v2
and v3 smaller.
2023-02-02 15:57:21 +01:00
Maria Matejka
64e0877525 Proto: Adding a list of associated neighbors
This makes for safer and faster pruning and notifying as protocol now on
its shutdown prunes only its neighbors and nothing else.
2023-02-02 14:40:00 +01:00
Maria Matejka
6e035a9a8c Typed lists: shortcut for simple nodes 2023-02-02 14:40:00 +01:00
Maria Matejka
e077d0e770 Moved interface list flush to device protocol cleanup hook.
The interface list must be flushed when device protocol is stopped. This
was done in a hardcoded specific hook inside generic protocol routines.
The cleanup hook was originally used for table reference counting late
cleanup, yet it can be also simply used for prettier interface list flush.
2023-02-02 14:40:00 +01:00
Ondrej Zajicek
0ab62f2674 Build: Partial revert of one of previous changes
There are many compatibility issues with echo -e, scratch that.
2023-02-01 19:30:21 +01:00
Ondrej Zajicek
ba348b2029 Build: Minor improvement to build output 2023-02-01 17:47:17 +01:00
Ondrej Zajicek
23f3dd5cfb Nest: Minor cleanup in buildsystem
There ware missing dependencies for proto-build.c generation, which
sometimes lead to failed builds, and ignores changes in the set of
built protocols. Fix that, and also improve formatting of proto-build.c
2023-02-01 17:31:18 +01:00
Toke Høiland-Jørgensen
dc4c5f51f8 Babel: Initialise source seqno from incoming message
When creating a new babel_source object we initialise the seqno to 0. The
caller will update the source object with the right metric and seqno value,
for both newly created and old source objects. However if we initialise the
source object seqno to 0 that may actually turn out to be a valid (higher)
seqno than the one in the routing table, because of seqno wrapping. In this
case the source metric will not be set properly, which breaks feasibility
tracking for subsequent updates.

To fix this, add a new initial_seqno argument to babel_get_source() which
is used when allocating a new object, and set that to the seqno value of
the update we're sending.

Thanks to Juliusz Chroboczek for the bugreport.
2023-01-31 15:52:14 +01:00
Ondrej Zajicek
96d7c4679d Babel: Improve clarity of unfeasible update handling.
Add a comment and (unnecessary) check to make correctness obvious.
2023-01-30 23:49:20 +01:00
Toke Høiland-Jørgensen
3e7e4a7186 Babel: Fix missing modulo comparison of seqnos
Juliusz noticed there were a couple of places we were doing straight
inequality comparisons of seqnos in Babel. This is wrong because seqnos can
wrap: so we need to use the modulo-64k comparison function for these cases
as well.

Introduce a strict-inequality version of the modulo-comparison for this
purpose.
2023-01-30 23:36:39 +01:00
Maria Matejka
05d8c3699d Object locks use events
Instead of calling custom hooks from object locks, we use standard event
sending mechanism to inform protocols about object lock changes. This is
a backport from version 3 where these events are passed across threads.

This implementation of object locks doesn't use mutexes to lock the
whole data structure. In version 3, this data structure may get accessed
from multiple threads and must be protected by mutex.
2023-01-26 13:22:28 +01:00
Maria Matejka
4334f86251 VRF setting reduced to one argument, using default dummy iface for default vrf 2023-01-25 13:33:31 +01:00
Maria Matejka
f7c2a886c9 Object locks use events
Instead of calling custom hooks from object locks, we use standard event
sending mechanism to inform protocols about object lock changes. As
event sending is lockless, the unlocking protocol simply enqueues the
appropriate event to the given loop when the locking is done.
2023-01-24 11:34:36 +01:00
Maria Matejka
3ac628e0f0 Merge v2.0.12 into thread-next 2023-01-24 11:04:28 +01:00
Maria Matejka
02b2a4ecaa Merge commit '3186ffe79714a48542d5ad61a94c81216b522fd0' into thread-next 2023-01-24 09:45:40 +01:00
Maria Matejka
3d96a16ae8 Merge commit '6bb992cb04926895be57dc97e7d569ea15a07db1' into thread-next 2023-01-24 09:44:43 +01:00
Maria Matejka
717612fa18 Merge commit '9dc9124c' into thread-next 2023-01-24 09:21:34 +01:00
Maria Matejka
9dc9124cec Revert "Filter: Allow setting the 'onlink' route attribute in filters"
This reverts commit 7144c9ca46.

The onlink attribute implementation collides with the nexthop attribute
behavior in v3; keeping it aside until finding out how to reimplement it
correctly.
2023-01-24 09:20:36 +01:00
Maria Matejka
21b772fd43 Merge commit '928a1cb034e6f9e8edcdd1dc07264cd703e00827' into thread-next 2023-01-23 19:51:24 +01:00
Maria Matejka
758aabd96c Merge commit '7fb23041a52d01754c53ba963e2282e524813364' into thread-next 2023-01-23 19:46:26 +01:00
Maria Matejka
4821612c94 Merge commit 'd1cd5e5a63b2256eb71661f7438537e4ded7b01a' into thread-next 2023-01-23 19:42:12 +01:00
Maria Matejka
4e6cd1b2e3 Merge commit 'b28431e557c4f63923476094a919a0630001275e' into thread-next 2023-01-23 19:39:45 +01:00
Maria Matejka
5481bcd82f Merge commit 'd3f50ede127df338f575e188566035b2a46cf6c6' into thread-next 2023-01-23 19:05:41 +01:00
Maria Matejka
7bb93efc27 Merge commit '6d1ae197d189d50e60279796441c6e74272ddc54' into thread-next 2023-01-23 19:03:16 +01:00
Maria Matejka
5aeaa0c2ca Merge commit '8b06a4d8af46511f0f8dbb8905afa88590a831b6' into thread-next 2023-01-23 18:57:13 +01:00
Alexander Zubkov
72230d3ca3 Small fix of indenting 2023-01-23 14:23:00 +01:00
Ondrej Zajicek
5437104afa NEWS and version update 2023-01-23 02:23:19 +01:00
Ondrej Zajicek
99872676df BFD: Improve incoming packet matching
For active sessions, ignore received packets with zero local id and
mismatched remote id. That forces a session timeout instead of an
immediate session restart. It makes BFD sessions more resilient to
packet spoofing.

Thanks to André Grüneberg for the suggestion.
2023-01-22 23:42:08 +01:00
Ondrej Zajicek
a82683694d VRF: Fix issues with reconfiguration
Protocols receive if_notify() announcements that are filtered according
to their VRF setting, but during reconfiguration, they access iface_list
directly and forgot to check VRF setting here, which leads to all
interfaces be addedd.

Fix this issue for Babel, OSPF, RAdv and RIP protocols.

Thanks to Marcel Menzel for the bugreport.
2023-01-22 18:21:08 +01:00
Maria Matejka
521fec2fdc Merge commit '2b7643e1f8ecb0bd4cf9af4183b4fd53b655d19c' into thread-next 2023-01-22 13:19:22 +01:00