0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-11-08 20:28:43 +00:00
Commit Graph

1618 Commits

Author SHA1 Message Date
Jan Maria Matejka
23e3b1e665 Filter: Some people can't pronounce "postfixify" correctly. Let's try "linearize" instead.
This is just a naming change.
2019-05-22 15:20:02 +00:00
Maria Matejka
9eef9c648c Lexer now returns known sym / unknown sym / keyword 2019-05-17 22:26:21 +02:00
Alexander Azimov
7ff34ca2cb BGP: Compliance with RFC8203bis 2019-04-30 13:55:43 +02:00
Ondrej Zajicek (work)
0b1e1e1a00 BGP: Output Local AS number in show protocol
Useful for implementation of agents implementing the SNMP-BGP MIB, which
requires the local AS of a session to be specified.

Thanks to Jan-Philipp Litza for the patch.
2019-04-30 13:44:11 +02:00
Ondrej Zajicek (work)
e0835db4f1 BGP: Dynamic BGP
Support for dynamically spawning BGP protocols for incoming connections.
Use 'neighbor range' to specify range of valid neighbor addresses, then
incoming connections from these addresses spawn new BGP instances.
2019-04-30 13:32:39 +02:00
Ondrej Zajicek (work)
6ff8119765 OSPFv3: Fix some overlooked cases in IPv4 mode
Prefixes with max length (/32) were not handled properly.

Thanks to bauen1 for the bugreport.
2019-04-12 14:11:23 +02:00
Ondrej Zajicek (work)
4a50c8bd03 BGP: Handle corner cases in event ordering
When BGP connection is opened, it may happen that rx hook (with remote
OPEN) is called before tx hook (for local OPEN). Therefore, we need to do
internal changes (like setting local_caps) synchronously with OPENSENT
transition and we need to ensure that OPEN is sent before KEEPALIVE.
2019-04-08 16:56:56 +02:00
Ondrej Zajicek (work)
23ee6b1cd6 BGP: Promiscuous ASN mode
Allow to specify just 'internal' or 'external' for remote neighbor
instead of specific ASN. In the second case that means BGP peers with
any non-local ASNs are accepted.
2019-04-03 15:54:50 +02:00
Ondrej Zajicek (work)
a22c3e5968 BGP: Separate runtime and config usage of local/remote ip and as fields 2019-04-02 17:22:31 +02:00
Ondrej Zajicek (work)
3c3605818f BGP: Mandatory option for channels
Allow to mark channel to be mandatory, and do not allow BGP sessions if
no common AFI/SAFI is established.
2019-03-19 17:44:50 +01:00
Ondrej Zajicek (work)
7e5f769d91 BGP: Handle case where capabilites are not used
If peer does not announce capabilities at all, or when we have
capabilities disabled, handle that as implicit IPv4 unicast.
2019-03-18 14:29:12 +01:00
Maria Matejka
8d65add626 Merge branch 'master' into HEAD 2019-03-18 12:54:40 +01:00
Maria Matejka
2f02c25e36 Perf: fixed stupid allocation bug 2019-03-15 16:34:26 +01:00
Ondrej Zajicek (work)
875cc073b0 Nest: Update handling of temporary attributes
The temporary atttributes are no longer removed by ea_do_prune(), but
they are undefined by store_tmp_attrs() protocol hooks. This fixes
several bugs where temporary attributes were removed when they should
not or not removed when they should be. The flag EAF_TEMP is no longer
needed and was removed.

Update all protocol make_tmp_attrs() / store_tmp_attrs() hooks to use
helper functions and to handle unset attributes properly.

Also fix some related bugs like improper handling of empty eattr list.
2019-03-14 17:31:40 +01:00
Ondrej Zajicek (work)
9aa77fcceb OSPF: Improved handling of tmpattrs
Keep track of whether OSPF tmpattrs are actually defined for given route
(using flags in rte->pflags). That makes them behave more like real
eattrs so a protocol can define just a subset of them or they can be
undefined by filters.

Do not set ospf_metric2 for other than type 2 external OSPF routes and do
not set ospf_tag for non-external OSPF routes. That also fixes a bug
where internal/inter-area route propagated from one OSPF instance to
another is initiated with infinity ospf_metric2.

Thanks to Yaroslav Dronskii for the bugreport.
2019-03-06 18:28:00 +01:00
Maria Matejka
0b39b1cbb7 Conf: Symbol implementation converted from void pointers to union
... and consted some declarations.
2019-02-20 22:30:55 +01:00
Maria Matejka
4f082dfa89 Filter: merged filter instruction constructors, counting line size on instruction construct 2019-02-20 22:30:54 +01:00
Maria Matejka
c0e958e022 Filter + Config: Fix bugs, tests and split symbols by type 2019-02-20 22:30:54 +01:00
Maria Matejka
9b46748d5b Filter: refactoring of instruction constructors 2019-02-20 22:30:54 +01:00
Maria Matejka
4c553c5a5b Filter refactoring: dropped the recursion from the interpreter
This is a major change of how the filters are interpreted. If everything
works how it should, it should not affect you unless you are hacking the
filters themselves.

Anyway, this change should make a huge improvement in the filter performance
as previous benchmarks showed that our major problem lies in the
recursion itself.

There are also some changes in nest and protocols, related mostly to
spreading const declarations throughout the whole BIRD and also to
refactored dynamic attribute definitions. The need of these came up
during the whole work and it is too difficult to split out these
not-so-related changes.
2019-02-20 22:30:54 +01:00
Ondrej Zajicek (work)
bf8d7bba9e OSPF: Reset LSAs during area type change
When area is reconfigured to a different type, we need to flush LSAs as
they may not be valid (e.g. NSSA-LSA for non-NSSA area). Also, when we
have have just one OSPF area and that changes type, we could restart OSPF
as there is no state to keep anyway. That solves issue with different
handling of external routes exported to OSPF based of main area type.
2019-02-17 01:54:01 +01:00
Ondrej Zajicek (work)
4a3f5b3617 OSPF: Basic support for DN-bit handling (RFC 4576)
External LSAs originated by OSPF routers with VPN-PE behavior enabled are
marked by DN flag and they are ignored by other OSPF routers with VPN-PE
enabled.
2019-02-13 15:53:36 +01:00
Ondrej Zajicek (work)
1e958e52d3 OSPF: Do not originate Router-Information LSA
As we do not have much usage for it yet.
2019-02-09 16:15:01 +01:00
Ondrej Zajicek (work)
cd16538fc9 Merge remote-tracking branch 'origin/mq-opt' 2019-02-09 15:53:16 +01:00
Ondrej Zajicek (work)
a9b97cbcb7 OSPF: Send direct acknowledgements as unicast
Direct acknowledgements should be send as unicast to a corresponding
neighbor. Only delayed acks should be send as multicast to all/designated
routers.
2019-02-03 20:22:40 +01:00
Ondrej Zajicek (work)
16605f2fda OSPF: Reject duplicate DBDES packets after dead interval
Master may free last DBDES packet immediately. Slave must wait dead
interval before freeing last DBDES packet and then reject duplicate
DBDES packets with SeqNumberMismatch.
2019-02-03 17:31:27 +01:00
Ondrej Zajicek (work)
9c94583a3d OSPF: DD seqnum should be initialized only for first attempts
After SeqNumberMismatch/BadLSReq, we should continue with the old
seqnum++. The old code tries to do that by n->adj, but it was set
nowhere.
2019-02-03 16:20:37 +01:00
Ondrej Zajicek (work)
267da8138d OSPF: Reject DBDES packets with non-matching MTU
As it is specified in RFC 2328. The old code just provided warning.
2019-02-03 15:45:43 +01:00
Maria Matejka
f9b97f1c62 Perf: Added forgotten all-protocol options 2019-02-01 14:09:01 +01:00
Maria Matejka
e85e37d91d Perf: Prune the table after every loop to have clean state. 2019-01-31 15:05:40 +01:00
Maria Matejka
7411b694c3 Perf: Write also BIRD version to have all the needed data in the logfile 2019-01-31 15:03:43 +01:00
Ondrej Zajicek (work)
1c730ee761 Doc: Remove doc for already removed option 2019-01-26 20:44:37 +01:00
Ondrej Zajicek (work)
b8a3608aa5 BGP: Cleanup channels when going down
When going up, uncleaned old channel state may trigger unexpected
conditions crashing bird.
2019-01-26 19:48:16 +01:00
Ondrej Zajicek (work)
5a50a98980 OSPF: Opaque LSAs and Router Information LSA
Add support for OSPFv2 Opaque LSAs (RFC 5250) and for Router Information
LSA (RFC 7770). The second part is here mainly for testing opaque LSAs.
2019-01-24 22:45:27 +01:00
Ondrej Zajicek (work)
470740f97b BGP: Better dispatch of incoming connections
Since v2 we have multiple listening BGP sockets, and each BGP protocol
has associated one of them. Use listening socket that accepted the
incoming connection as a key in the dispatch process so only BGP
protocols assocaited with that listening socket can be selected.
This is necesary for proper dispatch when VRFs are used.
2019-01-02 16:01:21 +01:00
Ondrej Zajicek (work)
e16b0aef31 BGP: Postpone setting link_addr
It may happen that the LLv6 address for given iface is not defined during
BGP start, so we postpone the check to the the session establishment.
2019-01-02 15:57:14 +01:00
Maria Matějka
82b742533b Perf: Protocol to measure BIRD performance internally
This protocol is highly experimental and nobody should use it in
production. Anyway it may help you getting some insight into what eats
so much time in filter processing.
2018-12-18 15:08:31 +01:00
Ondrej Zajicek (work)
cea2e25f41 OSPF: Fix wrong LSA collisions detection
In some circumstances (old LSA flushed but not acknowledged and not
removed) origination of a new LSA may wrongly triggers LSA collision
code. The patch fixes that.

Thanks to Asbjorn Mikkelsen for the bugreport and @mdelagueronniere
for the original patch.
2018-12-17 17:01:08 +01:00
Ondrej Zajicek (work)
1cab2b4a7c BGP: Extend 'next hop keep' and 'next hop self' options
Extend 'next hop keep' and 'next hop self' options to have boolean values
(enabled / disabled) and also values 'ibgp'/ 'ebgp' to restrict it to
routes received from IBGP / EBGP. This allows to have it enabled by
default in some cases, matches features of other implementations, and
allows to handle some strange cases like EBGP border router with 'next
hop self' also doing IBGP route reflecting.

Change default of 'next hop keep' to enabled for route servers, and
'ibgp' for route reflectors.

Update documentation for these options.
2018-12-16 23:44:24 +01:00
Ondrej Zajicek (work)
cb311b441a BGP: Better handling of non-matching AFI in nexthops 2018-12-16 15:43:58 +01:00
Ondrej Zajicek (work)
3a2a3c7325 Doc: Rename code documentation files back to Doc 2018-12-14 02:03:42 +01:00
Ondrej Zajicek (work)
532116e7e3 BGP: Do not prepend ASN in export from non-RS EBGP to RS EBGP
When route is exported to regular EBGP, local ASN should be prepended to
AS_PATH. When route is propagated by route server (between RS-marked
EBGP peers), it should not change AS_PATH. Question is what to do in
other cases (from non-RS EBGP, IBGP, or locally originated to RS EBGP).

In 1.6.x, we did not prepend ASN in non-RS EBGP or IBGP to RS EBGP, but
we prepended in local to RS EBGP.

In 2.0.x, we changed that so only RS-EBGP to RS-EBGP is not prepended.
We received some negative responses (thanks to heisenbug and Alexander
Zubkov), we decided to change it back. One reason is that it is simple
to modify the AS_PATH by filters, but not possible to un-modify
changes done by BGP itself. Also, as 1.6.x behavior was not really
consistent, the final behavior is that ASN is never prepended when
exported to RS EBGP, like to IBGP.

Note that i do not express an opinion about whether such configurations
are even reasonable.
2018-12-12 17:36:54 +01:00
Ondrej Zajicek (work)
0f40405fc9 Update RFC references
Progdoc comments do not allow SGML tags
2018-12-12 16:38:30 +01:00
Ondrej Zajicek (work)
682d3f7de0 BGP: implement Adj-RIB-In
The patch implements optional internal import table to a channel and
hooks it to BGP so it can be used as Adj-RIB-In. When enabled, all
received (pre-filtered) routes are stored there and import filters can
be re-evaluated without explicit route refresh. An import table can be
examined using e.g. 'show route import table bgp1.ipv4'.
2018-12-12 14:46:24 +01:00
Ondrej Zajicek (work)
d506263da7 Nest: Forbid adding channels during reconfiguration
When a new channel is found during reconfiguration, do force restart
of the protocol, like with any other un-reconfigurable change.

The old behavior was that the new channel was added but remained in down
state, even if the protocol was up, so a manual protocol restart was
often necessary.

In the future this should be improved such that a reconfigurable
channel addition (e.g. direct) is accepted and channel is started,
while an un-reconfigurable addition forces protocol restart.
2018-12-11 17:57:14 +01:00
Ondrej Zajicek (work)
baeacdcfd3 OSPF: Fix reconfiguration of vlinks
Fix crash during reconfiguration of OSPF config with vlinks. When vlink
is reconfigured, a generic iface-reconfiguration code is used, which in
one place supposes that it is running on a regular iface.

Thanks to Cybertinus for a bugreport.
2018-12-10 02:15:06 +01:00
Jan Maria Matejka
14375237f6 Terminology cleanup: The import_control hook is now called preexport.
Once upon a time, far far away, there were the old Bird developers
discussing what direction of route flow shall be called import and
export. They decided to say "import to protocol" and "export to table"
when speaking about a protocol. When speaking about a table, they
spoke about "importing to table" and "exporting to protocol".

The latter terminology was adopted in configuration, then also the
bird CLI in commit ea2ae6dd0 started to use it (in year 2009). Now
it's 2018 and the terminology is the latter. Import is from protocol to
table, export is from table to protocol. Anyway, there was still an
import_control hook which executed right before route export.

One thing is funny. There are two commits in April 1999 with just two
minutes between them. The older announces the final settlement
on config terminology, the newer uses the other definition. Let's see
their commit messages as the git-log tool shows them (the newer first):

    commit 9e0e485e50
    Author: Martin Mares <mj@ucw.cz>
    Date:   Mon Apr 5 20:17:59 1999 +0000

	Added some new protocol hooks (look at the comments for better explanation):

		make_tmp_attrs          Convert inline attributes to ea_list
		store_tmp_attrs         Convert ea_list to inline attributes
		import_control          Pre-import decisions

    commit 5056c559c4
    Author: Martin Mares <mj@ucw.cz>
    Date:   Mon Apr 5 20:15:31 1999 +0000

	Changed syntax of attaching filters to protocols to hopefully the final
	version:

		EXPORT <filter-spec>    for outbound routes (i.e., those announced
					by BIRD to the rest of the world).
		IMPORT <filter-spec>    for inbound routes (i.e., those imported
					by BIRD from the rest of the world).

	where <filter-spec> is one of:

		ALL                     pass all routes
		NONE                    drop all routes
		FILTER <name>           use named filter
		FILTER { <filter> }     use explicitly defined filter

	For all protocols, the default is IMPORT ALL, EXPORT NONE. This includes
	the kernel protocol, so that you need to add EXPORT ALL to get the previous
	configuration of kernel syncer (as usually, see doc/bird.conf.example for
	a bird.conf example :)).

Let's say RIP to this almost 19-years-old inconsistency. For now, if you
import a route, it is always from protocol to table. If you export a
route, it is always from table to protocol.

And they lived happily ever after.
2018-12-04 10:53:01 +01:00
Ondrej Zajicek (work)
e2ae08694e Nest: Do not hard-reset interface when preferred address is changed
Modify protocols to use preferred address change notification instead on
depending on hard-reset of interfaces in that case, and remove hard-reset
in that case. This avoids issue when e.g. IPv6 protocol restarts
interface when IPv4 preferred address changed (as hard-reset is
unavoidable and common for whole iface).

The patch also fixes a bug when removing last address does not send
preferred address change notification.
2018-11-28 16:55:32 +01:00
Ondrej Zajicek (work)
863ecfc785 The MRT protocol
The new MRT protocol is responsible for periodic RIB table dumps in the
MRT format (RFC 6396). Also the existing code for BGP4MP MRT dumps is
refactored and splitted between BGP to MRT protocols, will be more
integrated into MRT in the future.

Example:

protocol mrt {
        table "*";
        filename "%N_%F_%T.mrt";
        period 60;
}

It is partially based on the old MRT code from Pavel Tvrdik.
2018-11-20 17:45:35 +01:00
Ondrej Zajicek (work)
e19d08055a BGP: Fix VRF for listening socket
Listening socket should be bound to specified interface and VRF.

Thanks to Alexander Zubkov for the bugreport.
2018-10-26 19:11:33 +02:00
Ondrej Zajicek (work)
0ac9cb2c1f OSPF: Fix some trace messages
Missing argument in MTU change trace message can crash bird when MTU
change happens and trace messages are active.

Thanks to Alexander Velkov for the bugreport.
2018-10-25 17:22:37 +02:00
Ondrej Zajicek (work)
961671c0f5 Lib: Add and use ev_new_init() 2018-10-01 15:55:23 +02:00
Ondrej Zajicek (work)
0db7a1d69c BGP: Fix bug in show protocol related to LLGR
When channel is not active due to not be negotiated during sessino
establishment, the LLGR timer is not allocated, so we should not show it.
2018-10-01 15:35:43 +02:00
Jan Maria Matejka
d4cebc6bbe No more warnings ...
no more warnings
No more warnings over me
And while it is being compiled all the log is black and white
Release BIRD now and then let it flee

(use the melody of well-known Oh Freedom!)
2018-09-18 14:21:11 +02:00
Ondrej Zajicek (work)
5bd734317c BGP: Long-lived graceful restart
The patch implements long-lived graceful restart for BGP, namely
draft-uttaro-idr-bgp-persistence-03.
2018-07-31 18:40:38 +02:00
Ondrej Zajicek (work)
0ed3129f6b RAdv: Fix crash during prefix change
Thanks to Julian Schuh for the bugreport.
2018-07-19 20:54:55 +02:00
Ondrej Zajicek (work)
8bd718b3ba OSPF: Fix crash during route removal
The bug was introduced by an earler patch which removed additional eattr
argument to rt_notify hook.
2018-07-19 20:48:13 +02:00
Ondrej Zajicek (work)
7b9b0c0a00 Cleanup some warnings 2018-07-03 18:08:35 +02:00
Ondrej Zajicek (work)
8e86ffce82 BGP: Use implicit-NULL label when announcing MPLS routes with local next-hop
We currently cannot assing local labels, but we can still be LSP egress
router. Therefore when we announce labeled route with local next-hop, we
should announce implicit-NULL label instead of rejecting it completely.
2018-07-01 01:03:16 +02:00
Ondrej Zajicek (work)
93c1defdb0 BGP: Fix parsing of MPLS withdrawals
RFC 3107 was bit vague with regard to labeled withdrawals, RFC 8277
clarified that. The old code was incompatible with some implementations,
namely with Juniper.

Thanks to Vadim Fedorenko for the original patch.
2018-07-01 00:43:24 +02:00
Maria Jan Matejka
daf113ac66 BGP: Attribute set function merged with its common counterpart 2018-06-29 17:26:28 +02:00
Ondrej Zajicek (work)
586c1800c4 Nest: Neighbor cache cleanups
Simplify neighbor cache code, fix several minor bugs, and improve
handling of ONLINK flag.
2018-06-27 16:57:07 +02:00
Maria Matejka
c2fc4c10ac Doc: renamed progdoc files Doc -> progdoc to fix collision with doc/ folder on case-insensitive filesystems 2018-06-26 17:09:12 +02:00
Jan Maria Matejka
f851f0d7e3 Config: Dropping CF_ADDTO. 2018-06-26 14:29:03 +02:00
Jan Maria Matejka
1ef23f05ee Merge branch 'int-new' into HEAD 2018-06-19 14:32:16 +02:00
Ondrej Zajicek (work)
caa9d03d65 Babel: Fix handling of missing IPv4 next hops
In case of missing IPv4 next hop, we should skip such routes
on transmit and ignore such routes on receive.

Thanks to Julian Schuh for the bugreport and Toke Hoiland-Jorgensen
for the original patch.
2018-06-13 15:22:29 +02:00
Ondrej Zajicek (work)
9c9050ff12 BGP: Handle missing NEXT_HOP attribute properly
RFC 7606 specifies handle-as-withdraw instead of session reset.
2018-06-13 14:47:37 +02:00
Jan Maria Matejka
13c0be19d3 Nest: Removing separate tmpa from route propagation
This is a fundamental change of an original (1999) concept of route
processing inside BIRD. During import/export, there was a temporary
ea_list created which was to be used instead of the another one inside
the route itself.

This led to some confusion, quirks, and strange filter code that handled
extended route attributes. Dropping it now.

The protocol interface has changed in an uniform way -- the
`struct ea_list *attrs` argument has been removed from store_tmp_attrs(),
import_control(), rt_notify() and get_route_info().
2018-05-30 17:08:49 +02:00
Ondrej Zajicek (work)
18b4f2082c OSPF: Fix invalid NSSA RFC references 2018-05-29 14:23:14 +02:00
Jan Maria Matejka
ee7e2ffd26 Protocol: Introducing an enum protocol_class
This supersedes the EAP_* constants.
2018-05-29 12:35:06 +02:00
Ondrej Zajicek (work)
feae132e0f Do not initialize route metrics in import_control hook
During route export, the receiving protocol often initialized route
metrics to default value in its import_control hook before export filter
was executed. This is inconsistent with the expectation that an export
filter would process the same route as one in the routing table and it
breaks setting these metrics before (e.g. for static routes directly in
static protocol).

The patch removes the initialization of route metrics in import_control
hook, the default values are already handled in rt_notify hook called
after export filters.

The patch also changed the behavior of OSPF to keep metrics when a route
is reannounced between OSPF instances (to be consistent with other
protocols) and the behavior when both ospf_metric1 and ospf_metric2
are specified (to have more expected behavior).
2018-05-24 14:51:05 +02:00
Ondrej Zajicek (work)
70fab17837 Babel: Add option to randomize router ID
When a Babel node restarts, it loses its sequence number, which can cause
its routes to be rejected by peers until the state is cleared out by other
nodes in the network (which can take on the order of minutes).

There are two ways to fix this: Having stable storage to keep the sequence
number across restarts, or picking a different router ID each time.

This implements the latter, by introducing a new option that will cause
BIRD to randomize a high 32 bits of router ID every time it starts up.
This avoids the problem at the cost of not having stable router IDs in
the network.

Thanks to Toke Hoiland-Jorgensen for the patch.
2018-05-03 16:55:11 +02:00
Ondrej Zajicek (work)
23b079043b Babel: Fix type of route entry router ID
The router ID being assigned to routes was a uint, which discards the
upper 32 bits. This also has the nice side effect of echoing the wrong
router ID back to other routers.

Thanks to Toke Hoiland-Jorgensen for the patch.
2018-05-03 16:02:29 +02:00
Ondrej Zajicek (work)
4727d1db9d OSPF: Support of authentication trailer for OSPFv3
Implement RFC 7166, crypthographic authentication for OSPFv3
analogous to authentication used for OSPFv2.
2018-04-25 15:54:53 +02:00
Ondrej Zajicek (work)
f3a8cf050e BGP: Fix extended next hop handling
For IPv4 with extended next hop, we use MP-BGP format and therefore no
independent NEXT_HOP attribute.

Thanks to Arvin Gan for the bugreport.
2018-04-12 16:55:56 +02:00
Ondrej Zajicek (work)
d0f47327f8 Merge branch 'master' into int-new 2018-03-07 17:41:49 +01:00
Ondrej Zajicek (work)
2d6d4b8053 Babel: Fix build with restricted protocol set
All keywords used in Babel config have to be declared locally.

Thanks to Leo Vandewoestijne for the bugreport.
2018-03-07 17:35:24 +01:00
Ondrej Zajicek (work)
5ce7adfcf9 Babel: Fix accidental bitwise or assignment
Fix an accidental bitwise or assignment that was supposed to be a
comparison.

Thanks to Toke Hoiland-Jorgensen for the patch.
2018-02-13 16:42:03 +01:00
Ondrej Zajicek (work)
185a0a51f8 Babel: Add source-specific routing support
This patch adds support for source-specific routing to the Babel protocol.
It changes the protocol to support both NET_IP6 and NET_IP6_SADR channels
for IPv6 addresses. If only a NET_IP6 channel is configured,
source-specific updates are ignored. Otherwise, non-source-specific
routes are simply treated as source-specific routes with SADR prefix 0.

Thanks to Toke Hoiland-Jorgensen for the original patch.
Minor changes by Ondrej Santiago Zajicek.
2018-02-13 16:40:14 +01:00
Ondrej Zajicek (work)
75d98b6013 Merge branch 'master' into int-new 2018-01-23 18:29:32 +01:00
Jan Maria Matejka
8adaf730c0 Pipe: show export state 2018-01-23 13:52:17 +01:00
Jan Maria Matejka
c591810d46 Pipe: fixed template bug
When pipe inherited from template, every channel config was lost.
2018-01-23 13:52:01 +01:00
Ondrej Zajicek (work)
63472779ad BGP: Implement 'disable after cease' option
The option allows to specify that some cease subcodes should
disable the protocol when received.
2018-01-16 19:17:04 +01:00
Ondrej Zajicek (work)
3831b61966 BGP: Require explicit import and export policies for EBGP channels
To comply with RFC 8212 requirements.
2018-01-16 04:14:49 +01:00
Ondrej Zajicek (work)
2e507a7457 Use non-fatal asserts even for regular build 2018-01-10 16:17:37 +01:00
Ondrej Zajicek (work)
72163bd5f3 Nest: Allow modification of channels inherited from templates
Multiple definitions of same channels are forbidden, but inherited
channel can be redefined. In such case channel options are merged.
2018-01-09 18:42:22 +01:00
Ondrej Zajicek (work)
d493d0f180 BGP: Fix unknown attribute handling 2018-01-02 16:57:45 +01:00
Ondrej Zajicek (work)
e62cd03307 BGP: Fix graceful restart timer
Should use remote value, not local value.
2018-01-02 14:30:08 +01:00
Ondrej Zajicek (work)
e87a95d97d Minor fixes for debug mode 2017-12-16 16:31:43 +01:00
Ondrej Zajicek (work)
8396094156 Minor cleanups 2017-12-14 22:15:01 +01:00
Ondrej Zajicek (work)
d807ea087f BGP: Fix non-transitive ext communities 2017-12-13 15:57:44 +01:00
Ondrej Zajicek (work)
a32a7b58ce Lib: Fix macro/keyword collisions
Old code breaks with some versions of bison
2017-12-10 13:16:31 +01:00
Ondrej Zajicek (work)
7fc55925be Several minor fixes 2017-12-10 00:55:34 +01:00
Ondrej Zajicek (work)
dea9886454 BGP: Link check just for single-hop 2017-12-08 17:04:59 +01:00
Ondrej Zajicek (work)
517d05dff1 Enable ECMP and Link detection by default
ECMP is not enabled on BSD, where it is not supported by BIRD.
2017-12-08 16:00:33 +01:00
Ondrej Zajicek (work)
49c7ef3b21 BGP: Fix IPv6 MPLS/VPN multicast SAFI 2017-12-08 14:00:36 +01:00
Ondrej Zajicek (work)
ccee67ca3b BGP: Autoconfigure BGP next hops from preferred addresses 2017-12-08 02:26:17 +01:00
Ondrej Zajicek (work)
830ba75e6d Merge commit '1e8721e2aeccfbc3f533e8b8abc07582cee77e9a' into int-new 2017-12-07 21:54:47 +01:00
Ondrej Zajicek (work)
46434a3cad Merge commit '7b2c5f3d2826e3175bf31b1c36056c9efc587a2b' into int-new 2017-12-07 18:35:46 +01:00
Ondrej Zajicek (work)
4ff15a75c5 Merge commit '98bb80a243b58c43453e9be69d19d0350286549c' into int-new 2017-12-07 17:41:09 +01:00
Ondrej Zajicek (work)
a6f79ca57f Timers: Revert temporary names and remove old timer.h 2017-12-07 13:54:59 +01:00
Ondrej Zajicek (work)
574b232427 Timers: Fix TBF and some last remains 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
3b3b0910ff Babel: More changes and bugfixes
Several changes and bugfixes in Babel, namely:

- Exported route parameters stored directly in route table entry
- Exported non-babel routes no longer stored in per-entry route list
- Route update, selection and retraction simplified and fixed
- Route feasibility is evalualated per update and stored with route
- Unreachable route handling fixed, based on hold interval
- Added 'show babel routes' command

Overall, it fixes some issues with proper propagation of triggered
updates, making Babel convergence after topology change almost
instant.
2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
dbf1ed263c Babel: Fix handling of seqno requests
Old behavior has several deficiencies compared to standard behavior
(no triggered updates for replies, no retransmissions, ...).
2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
672fb78e12 Babel: Fix handling of IPv4 retractions
Babel TLV parsing code rejected IPv4 retractions without next-hop,
although next-hop is needed just for regular updates.
2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
268dc7c8b3 Babel: Remove babel_proto ptr from babel_entry 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
738a57b69b Babel: Fix hello timeout for short hello intervals 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
b47eaefe12 Babel: Revamp cost computation and run route selection when cost change
Also fix several minor bugs and add 'limit' option for k-out-of-j
link sensing strategy. Change default from 8-of-16 to 12-of-16.
Change IHU expiry factor from 1.5 to 3.5 (as in RFC 6126).
2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
f00221fadb Babel: Fix unicast seqno requests 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
38f4721092 Babel: Avoid batch seqno updates 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
5ee69d11f2 Babel: Fix Hello and IHU expiration 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
8b58f565e4 Babel: Update to new timers 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
cc881bd155 BGP: Update to new timers 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
b32d557a6e OSPF: Update to new timers
Note that recurrent timers are currently limited to ~1 hour.
2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
ee528fbd5d Timers: Add typecast to unit-converting macros 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
92cc1e7457 RIP: Update to new timers 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
c521b3ac32 RAdv: Update to new timers 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work)
d59c1a2958 RPKI: Update to new timers 2017-12-07 13:52:21 +01:00
Ondrej Zajicek (work)
d3fa9e84e9 Timers: Show sub-second times in some protocol outputs 2017-12-07 13:49:27 +01:00
Ondrej Zajicek (work)
f047271cb9 Timers: Parse and format functions for microsecond times
Date/time output (e.g. in logs, show commands) can use %f to specify
subsecond time. By default, millisecond precision is used in output.
2017-12-07 13:49:27 +01:00
Ondrej Zajicek (work)
025525266f Timers: Replace old timers with microsecond timers
The old timer interface is still kept, but implemented by new timers. The
plan is to switch from the old inteface to the new interface, then clean
it up.
2017-12-07 13:49:27 +01:00
Ondrej Zajicek (work)
534215a18f Timers: Split microsecond timers from BFD code to lib 2017-12-07 13:46:53 +01:00
Ondrej Zajicek (work)
153f02da3b Nest: Maintain separate IPv4, IPv6 and LLv6 preferred addresses
Also redesign preferred address selection and update protocols to use
appropriate preferred address.

Based on a previous work by Jan Maria Matejka.
2017-12-07 13:06:01 +01:00
Ondrej Zajicek (work)
1e8721e2ae Babel: Parse flags in Hello TLV
RFC6126bis introduces a flags field for the Hello TLV, and adds a unicast flag
that is used to signify that a hello was sent as unicast. This adds parsing of
the flags field and ignores such unicast hellos, which preserves compatibility
until we can add a proper implementation of the unicast hello mechanism.

Thanks to Toke Hoiland-Jorgensen for the patch.
2017-11-28 19:33:33 +01:00
Jan Maria Matejka
4ae3ee1200 Babel: Interface address irrelevant for interface pattern matching. 2017-10-17 16:52:18 +02:00
Ondrej Zajicek (work)
2d7fb19c3c OSPF: Add option to disable OSPFv3-AF 2017-10-10 16:10:02 +02:00
Ondrej Zajicek (work)
2549300b54 OSPF: Fix minor issue in TTL check
The TTL check must be done after instance ID dispatch to avoid warnings
when a physical iface is shared by multiple instances and some use TTL
security and some not.
2017-10-10 16:10:02 +02:00
Ondrej Zajicek (work)
f097f7659c OSPF: Fix next hop calculation for PtP links in IPv4 OSPFv3-AF
In such case, next hop has to be taken from Link-LSA like in broadcast
case, not from neighbor source address like in other PtP cases.

Also add some checks, comments and code cleanup.
2017-10-10 16:10:02 +02:00
Ondrej Zajicek (work)
d3f4f92b0e OSPF: Support of address families in OSPFv3
OSPFv3-AF can handle multiple topologies of diferent address families
(IPv4, IPv6, both unicast and multicast) using separate instances
distinguished by instance ID ranges.
2017-10-10 16:10:02 +02:00
Ondrej Zajicek (work)
7c0bab3a39 RAdv: Change specific route options to be per-interface
And change default values of specific route options to be consistent with
values of default router options.
2017-10-06 12:24:37 +02:00
Michal 'vorner' Vaner
2a95e63343 RAdv: Support for more specific routes (RFC 4191)
The patch implements Default Router Preferences and More-Specific Routes
(RFC 4191) for RAdv protocol, allowing to announce router preference and
more specific routes in router advertisements. Routes can be exported to
RAdv like to regular routing protocols.

Some cleanups, bugfixes and other changes done by Ondrej Zajicek.
2017-10-04 16:27:02 +02:00
Ondrej Zajicek (work)
cd1d99611e BGP: Shutdown communication (RFC 8203)
The patch implements BGP Administrative Shutdown Communication (RFC 8203)
allowing BGP operators to pass messages related to BGP session
administrative shutdown/restart. It handles both transmit and receive of
shutdown messages. Messages are logged and may be displayed by show
protocol all command.

Thanks to Job Snijders for the basic patch.
2017-09-19 19:57:52 +02:00
Ondrej Zajicek (work)
f2dd602fef Backport some minor changes from int-new 2017-09-12 16:33:29 +02:00
Ondrej Zajicek (work)
9f4908fe78 Nest: VRF support for neighbor cache and olock code
Actually much simpler than expected.
2017-09-12 15:49:36 +02:00
Ondrej Zajicek (work)
943478b00f Basic VRF support
Add basic VRF (virtual routing and forwarding) support. Protocols can be
associated with VRFs, such protocols will be restricted to interfaces
assigned to the VRF (as reported by Linux kernel) and will use sockets
bound to the VRF. E.g., different multihop BGP instances can use diffent
kernel routing tables to handle BGP TCP connections.

The VRF support is preliminary, currently there are several limitations:

- Recent Linux kernels (4.11) do not handle correctly sockets bound
to interaces that are part of VRF, so most protocols other than multihop
BGP do not work. This will be fixed by future kernel versions.

- Neighbor cache ignores VRFs. Breaks config with the same prefix on
local interfaces in different VRFs. Not much problem as single hop
protocols do not work anyways.

- Olock code ignores VRFs. Breaks config with multiple BGP peers with the
same IP address in different VRFs.

- Incoming BGP connections are not dispatched according to VRFs.
Breaks config with multiple BGP peers with the same IP address in
different VRFs. Perhaps we would need some kernel API to read VRF of
incoming connection? Or probably use multiple listening sockets in
int-new branch.

- We should handle master VRF interface up/down events and perhaps
disable associated protocols when VRF goes down. Or at least disable
associated interfaces.

- Also we should check if the master iface is really VRF iface and
not some other kind of master iface.

- BFD session request dispatch should be aware of VRFs.

- Perhaps kernel protocol should read default kernel table ID from VRF
iface so it is not necessary to configure it.

- Perhaps we should have per-VRF default table.
2017-09-06 17:38:48 +02:00
Ondrej Zajicek (work)
08b6a617e8 RAdv: Some style nitpicks 2017-08-30 16:34:15 +02:00
Michal 'vorner' Vaner
ec7d6a506e RAdv: Configure how long a dead prefix is advertised 2017-08-30 16:34:15 +02:00
Michal 'vorner' Vaner
e2d2b3ef21 RAdv: Buffer prefixes awhile after they disappear
Keep a cache of all the relevant prefixes we send out. When a prefix
appears, insert it into the cache. If it dies, keep it there for a
while, marked as dead.

Send out the dead prefixes with zero lifetime.
2017-08-30 16:34:15 +02:00
Michal 'vorner' Vaner
3ac5d1ce4c RAdv: Extract prefix option preparation
Put the prefix option preparation into a separate function. We're going
to reuse that bit of code.
2017-08-30 16:34:15 +02:00
Ondrej Zajicek (work)
69f7399247 Merge branch 'master' into int-new 2017-08-09 12:46:27 +02:00
Ondrej Zajicek (work)
b3fae3a817 RAdv: Fix typo 2017-08-09 12:41:44 +02:00
Michal 'vorner' Vaner
1f182675c8 RAdv: Style updates
Adapt the naming conventions to be a bit closer to the other protocols.

proto_radv -> radv_proto
struct radv_proto *ra -> struct radv_proto *p
struct proto *p -> struct proto *P
2017-08-09 12:38:20 +02:00
Michal 'vorner' Vaner
5a41eed26d RAdv: Style updates
Adapt the naming conventions to be a bit closer to the other protocols.

proto_radv -> radv_proto
struct radv_proto *ra -> struct radv_proto *p
struct proto *p -> struct proto *P
2017-08-09 12:22:15 +02:00
Michal 'vorner' Vaner
637ed49868 radv: Fix RFC reference in comments 2017-08-09 11:59:36 +02:00
Michal 'vorner' Vaner
afd9845e26
radv: Fix RFC reference in comments 2017-08-04 10:52:57 +02:00
Ondrej Zajicek (work)
a1f5e514ef Implement onlink flag for nexthops
Add proper support for per-nexthop onlink flag in routes to handle next
hop addresses that are not covered by interface IP ranges. Supported by
kernel and static protocols.

Thanks to Vincent Bernat for the idea.
2017-07-04 23:36:21 +02:00
Ondrej Zajicek (work)
5220cb63e3 Babel: Fix pointer arithmetic in subtlv parsing
The subtlv parsing code was doing byte-based arithmetic with non-void pointers,
causing it to read beyond the end of the packet.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-06-14 12:34:43 +02:00
Ondrej Zajicek (work)
145ebfa1df Babel: Parse sub-TLVs and skip TLVs with mandatory sub-TLV
RFC6126bis formally introduces sub-TLVs to the Babel protocol, including
mandatory sub-TLVs. This adds support for parsing sub-TLVs to the Babel
protocol and skips TLVs that contain mandatory sub-TLVs, as per the spec.

For details, see section 4.4 of
https://tools.ietf.org/html/draft-ietf-babel-rfc6126bis-02

Thanks to Toke Høiland-Jørgensen <toke@toke.dk> for the patch.
2017-06-09 14:33:06 +02:00
Ondrej Zajicek (work)
b3c6273efa Babel: Implement IPv6 prefix compression on outgoing updates
Previously, the Babel protocol would never use prefix compression on outgoing
updates (but would parse it on incoming ones). This adds compression of IPv6
addresses of outgoing updates.

The compression only works to the extent that the FIB is walked in lexicographic
order; i.e. a prefix is only compressed if it shares bytes with the previous
prefix in the same packet.

Thanks to Toke Høiland-Jørgensen <toke@toke.dk> for the patch.
2017-06-09 13:00:20 +02:00
Ondrej Zajicek (work)
4324025f98 Babel: Add support for dual-stack IPv4/IPv6 operation
This adds support for dual-stack v4/v6 operation to the Babel protocol.
Routing messages will be exchanged over IPv6, but IPv4 routes can be
carried in the messages being exchanged. This matches how the reference
Babel implementation (babeld) works.

The nexthop address for v4 can be configured per interface, and will
default to the first available IPv4 address on the given interface. For
symmetry, a configuration option to configure the IPv6 nexthop address
is also added.

Thanks to Toke Høiland-Jørgensen <toke@toke.dk> for the patch.
2017-06-08 12:18:16 +02:00
Ondrej Zajicek (work)
6aaaa63519 Change parser to handle numbers as unsigned
Lexer always parsed numbers as unsigned, but parser handled them as
signed and grammar contained many unnecessary checks for negativity.
2017-05-23 17:40:19 +02:00
Ondrej Zajicek (work)
734e9fb8a9 Minor cleanups and fixes 2017-05-23 13:12:25 +02:00
Jan Moskyto Matejka
05d47bd53e Linpool: default allocation size 2017-05-16 15:34:57 +02:00
Ondrej Zajicek (work)
1d21306785 Minor fixes 2017-04-29 01:24:30 +02:00
Ondrej Zajicek (work)
e919601aaf Merge master into int-new 2017-04-28 11:19:12 +02:00
Ondrej Zajicek (work)
4278abfe27 Check validity of dest w.r.t. net_type
Allow to define static roa/flow routes without dest.
2017-04-18 13:56:40 +02:00
Ondrej Zajicek (work)
711d617dc1 BGP: Add support for SAFI 129 (VPN multicast)
Which, in contrast to SAFI 128, does not use MPLS labels.
2017-04-12 16:04:22 +02:00
Ondrej Zajicek (work)
ffb38dfb8b Static: Support for dual-AF IGP tables
When recursive routes with hybrid next hops (e.g. IPv6 route with IPv4 next
hop) are allowed, we need both IPv4 and IPv6 IGP tables.
2017-04-12 16:04:22 +02:00
Ondrej Zajicek (work)
6fe11c9941 BGP: Simplify igp table options 2017-03-29 15:31:04 +02:00
Ondrej Zajicek (work)
c49e4a6565 BGP: Update list of supported standards 2017-03-29 13:48:23 +02:00
Ondrej Zajicek (work)
ef57b70fa5 BGP: Support for routes with mixed-AF next hops
Covers IPv4/VPNv4 routes with IPv6 next hop (RFC 5549), IPv6 routes with
IPv4 next hop (RFC 4798) and VPNv6 routes with IPv4 next hop (RFC 4659).
Unfortunately it also makes next hop hooks more messy.

Each BGP channel now could have two IGP tables, one for IPv4 next hops,
the other for IPv6 next hops.
2017-03-26 19:20:15 +02:00
Ondrej Zajicek (work)
01111fc42c BGP: Bugfix in VPN NLRI encoding 2017-03-23 14:10:42 +01:00
Ondrej Zajicek (work)
1e37e35c3e BGP: Support for MPLS labels and VPN SAFI
Basic support for SAFI 4 and 128 (MPLS labeled IP and VPN) for IPv4 and
IPv6. Should work for route reflector, but does not properly handle
originating routes with next hop self.

Based on patches from Jan Matejka.
2017-03-22 18:16:49 +01:00
Jan Moskyto Matejka
ead7b8f498 Merge branch 'nexthop-merged' into int-new 2017-03-22 14:54:00 +01:00
Jan Moskyto Matejka
3c74416465 Nexthop: Fixed recursive route mpls label merging 2017-03-17 15:48:32 +01:00
Ondrej Zajicek (work)
33b6c292c3 BGP: Allow to specify interface for regular sessions
This may be useful if multple interfaces share the same network range.

Thanks to Fritz Grimpen for the original patch.
2017-03-14 12:56:47 +01:00
Ondrej Zajicek (work)
27f6ba651e BGP: Fix bug in ADD_PATH
When a BGP session with ADD_PATH is restarted and the neighbor do not
announce ADD_PATH capability during reconnect, the accept_ra_types is
still set to RA_ANY.

Thanks to Lennert Buytenhek for the bugreport
2017-03-14 12:56:12 +01:00
Ondrej Zajicek (work)
665be7f6bd Nest: Minor fixes in show route 2017-03-09 13:47:00 +01:00
Ondrej Zajicek (work)
7126cadf80 Static: Minor overhaul
The patch fixes several bugs introduced in previous changes, simplifies
the protocol by handing routes uniformly, introduces asynchronous route
processing to avoid issues with separate notifications for each next-hop
in ECMP routes, and makes reconfiguration faster by avoiding quadratic
complexity.
2017-03-09 13:47:00 +01:00
Ondrej Zajicek (work)
da3cf9eae3 Update OSPF and RIP protocol names and related documentation 2017-03-08 17:37:11 +01:00
Jan Moskyto Matejka
039a65d0e4 Nexthop: Fixed hostentry 2017-02-24 14:05:11 +01:00
Ondrej Zajicek (work)
1950a479c0 BGP: Allow exchanging LOCAL_PREF with eBGP peers
Adds option 'allow bgp_local_pref' to override the usual restriction of
LOCAL_PREF on eBGP sessions.

Thanks to Lennert Buytenhek for the patch.
2017-02-23 16:32:07 +01:00
Jan Moskyto Matejka
b2b84359ab Babel post-merge fixes 2017-02-22 12:02:28 +01:00
Jan Moskyto Matejka
c609d03986 Merge branch 'int-new' into nexthop-merged 2017-02-22 11:58:04 +01:00
Ondrej Zajicek (work)
2be9218a3b BGP: Update RFC references 2017-02-20 02:28:04 +01:00
Ondrej Zajicek (work)
62e64905b7 Several minor fixes 2017-02-20 02:26:45 +01:00
Ondrej Zajicek (work)
4e379bde60 BGP: Update RFC references 2017-02-19 12:02:39 +01:00
Ondrej Zajicek (work)
30c734fc73 Static: Fix bug in static route filter expressions
During reconfiguration, old and new filter expressions in static routes
are compared using i_same() function. When filter expressions contain
function calls, it is necessary that old filter expressions are the
second argument in i_same(), as it is internally modified by i_same().
Otherwise pointers to old (and freed) data appear in the config
structure.

Thanks to Lennert Buytenhek for tracking and reporting the bug.
2017-02-17 22:54:06 +01:00
Ondrej Zajicek (work)
c259669fa3 Merge branch 'master' into int-new 2017-02-08 14:34:48 +01:00
Ondrej Zajicek (work)
82f42ea091 BGP: Minor cleanups 2017-02-07 15:55:51 +01:00
Ondrej Zajicek (work)
d8022d26fc BGP: Partial support for IPv4 routes with IPv6 next hop (RFC 5549)
Mostly capability signalling
2017-01-24 02:00:35 +01:00
Ondrej Zajicek (work)
5509e17d0c BGP: Support for AS confederations (RFC 5065) 2017-01-22 16:32:42 +01:00
Ondrej Zajicek (work)
f8aad5d5b7 Minor cleanups 2017-01-03 16:30:27 +01:00
Jan Moskyto Matejka
d47c3d64b2 MPLS: Label stack concatenation for recursive routes 2016-12-22 21:38:33 +01:00
Jan Moskyto Matejka
f2010f9c65 Static: Protocol rework wrt. struct nexthop changes; MPLS label support 2016-12-22 21:38:33 +01:00
Jan Moskyto Matejka
ec5e5d23fa Nexthop: Support for label stack in nest 2016-12-22 13:23:52 +01:00
Jan Moskyto Matejka
5b208e296f Removing (struct rta)->cast. Never used. 2016-12-22 13:09:59 +01:00
Jan Moskyto Matejka
4e276a8920 Merged multipath and single-path data structures.
Dropped struct mpnh and mpnh_*()
Now struct nexthop exists, nexthop_*(), and also included struct nexthop
into struct rta.

Also converted RTD_DEVICE and RTD_ROUTER to RTD_UNICAST. If it is needed
to distinguish between these two cases, RTD_DEVICE is equivalent to
IPA_ZERO(a->nh.gw), RTD_ROUTER is then IPA_NONZERO(a->nh.gw).

From now on, we also explicitely want C99 compatible compiler. We assume
that this 20-year norm should be known almost everywhere.
2016-12-22 13:01:06 +01:00
Ondrej Zajicek (work)
256cc8ee08 BGP: Report capabilities in show protocols all 2016-12-20 17:39:59 +01:00
Ondrej Zajicek (work)
7d95c44572 OSPF: Fix ECMP external merging
The variable nfa is not cleaned before each loop iteration and can have
a wrong value of nfa.nhs_reuse from the previous step.

Thanks to Bernardo Figueiredo for the bugreport and analysis.
2016-12-15 15:37:27 +01:00
Ondrej Zajicek (work)
eeba61ccd5 Minor cleanups 2016-12-13 20:18:11 +01:00
Ondrej Zajicek (work)
9e7d3a7810 OSPF: Fix net-summary origination combined with stubnet option
Stubnet nodes in OSPF FIB were removed during rt_sync(), but the pointer
remained in top_hash_entry.nf, so net-summary LSA origination was
confused, reported 'LSA ID collision' and net-summary LSAs were not
originated properly.

Thanks to Naveen Chowdary Yerramneni for bugreport and analysis.
2016-12-13 17:34:42 +01:00
Ondrej Zajicek (work)
5e8df049fb Babel: Update to integrated branch 2016-12-10 00:44:13 +01:00
Ondrej Zajicek (work)
ac3ad139f6 BGP: Add support for flowspec (RFC 5575) 2016-12-07 18:29:34 +01:00
Jan Moskyto Matejka
b94e5e58db RPKI: fixed some of the extended warnings 2016-12-07 15:35:35 +01:00
Jan Moskyto Matejka
ad88b94bca Merge branch 'int-new-rpki-squashed' (early part) into int-new 2016-12-07 15:30:46 +01:00
Ondrej Zajicek (work)
d15b0b0a1b BGP redesign
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
2016-12-07 14:20:52 +01:00
Jan Moskyto Matejka
af62c0f9f1 LibSSH may be switched off together with RPKI 2016-12-07 14:15:35 +01:00
Jan Moskyto Matejka
f7f70bed8f Make: upgrade Babel makefiles 2016-12-07 09:35:24 +01:00
Pavel Tvrdík
65d2a88dd2 RPKI protocol with one cache server per protocol
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...
2016-12-07 09:35:24 +01:00
Ondrej Zajicek (work)
ed1a908e53 BGP: Fix memory leak in graceful restart code
Prefix and bucket tables are initialized when entering established state
but not explicitly freed when leaving it (that is handled by protocol
restart). With graceful restart, BGP may enter and leave established
state multiple times without hard protocol restart causing memory leak.
2016-11-25 11:51:38 +01:00
Ondrej Zajicek (work)
261816b0d4 BGP: Cluster list item should be prepended
Commit 3c09af41... changed behavior of int_set_add() from prepend to
append, which makes more sense for community list, but prepend must be
used for cluster list. Add int_set_prepend() and use it in cluster list
handling code.
2016-11-15 16:24:39 +01:00
Ondrej Zajicek (work)
9b0a0ba9e6 Unit Testing for BIRD
- Unit Testing Framework (BirdTest)
 - Integration of BirdTest into the BIRD build system
 - Tests for several BIRD modules

 Based on squashed Pavel Tvrdik's int-test branch, updated for
 current int-new branch.
2016-11-09 16:36:34 +01:00
Ondrej Zajicek (work)
8860e991f6 Merge branch 'master' into int-new 2016-11-08 19:27:58 +01:00
Ondrej Zajicek (work)
c8cafc8ebb Minor code cleanups 2016-11-08 17:46:29 +01:00
Ondrej Zajicek (work)
cc5b93f72d Merge tag 'v1.6.2' into int-new 2016-11-08 17:04:29 +01:00
Ondrej Zajicek (work)
e03dc6a984 BFD: Authentication
Implement BFD authentication (part of RFC 5880). Supports plaintext
passwords and cryptographic MD5 / SHA-1 authentication.

Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Ondrej Zajicek (work)
29239ba2bb OSPF: Use message authentication interface
Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Ondrej Zajicek (work)
390601f038 RIP: Use message authentication interface
Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Pavel Tvrdík
56cb3bedc2 Nest: Add support for MAC algorithms in grammar 2016-11-02 16:23:53 +01:00
Ondrej Zajicek (work)
de2a27e255 Add generic message authentication interface
Add generic interface for generating and verifying MACs (message
authentication codes). Replace multiple HMAC implementation with
a generic one.
2016-11-02 16:23:53 +01:00
Jan Moskyto Matejka
3e236955c9 Build: switch on -Wextra, get rid of most of the warnings
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
2016-11-01 14:52:54 +01:00
Ondrej Filip
3213273d82 IANA assigned a different number to large BGP communities - changed. 2016-10-27 11:08:28 +02:00
Ondrej Zajicek (work)
66dbdbd993 BGP: Support for large communities
Add support for large communities (draft-ietf-idr-large-community),
96bit alternative to RFC 1997 communities.

Thanks to Matt Griswold for the original patch.
2016-10-03 12:48:56 +02:00
Pavel Tvrdik
0f5054f685 BFD: Fix invalid read from pollfd array
It is possible that sockets_add() are called between sockets_prepare()
and sockets_fire() during poll loop in birdloop_main(), so we need to
use loop->poll_fd.used instead of loop->sock_num to find the last field.
2016-09-15 16:18:32 +02:00
Ondrej Zajicek (work)
84cac51a51 Nest: Keep multipath next hops sorted 2016-09-14 11:53:54 +02:00
Ondrej Zajicek (work)
13a31a4001 Babel: Immediately update hello interval on interface reconfigure
An interface reconfiguration may change both the hello and update
intervals. An update interval change is immediately put into effect,
while a hello interval change is not. This also updates the hello
interval immediately (if the new interval is shorter than the old one),
and sends a hello to notify peers of the change.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-20 15:55:45 +02:00
Ondrej Zajicek (work)
c6ed5a0f99 Babel: Do not maintain feasibility distance for our own routes
We do not need to maintain feasibility distances for our own router
ID (we ignore the updates anyway). Not doing so makes the routes be
garbage collected sooner when export filters change.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-19 14:38:36 +02:00
Ondrej Zajicek (work)
0f67366601 Babel: Do not keep an infeasible route as selected
When a route becomes infeasible it should not be kept as selected; this
is forbidden by section 3.6 of the RFC and prevents subsequent updates
from the same router ID from replacing it.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-19 14:28:53 +02:00
Ondrej Zajicek (work)
5d6ca22085 Babel: Send wildcard retractions on shutdown and startup
This makes BIRD send a wildcard retraction on all interfaces before
shutting down and right after starting up. This helps ensure that
neighbours will discard the announced routes as soon as possible,
rather than only after the normal timeout procedures.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-19 14:23:41 +02:00
Ondrej Zajicek (work)
ecae2f43f3 Babel: Rework handling of retractions
An update with wildcard AE and infinite metric should be treated as a
global retraction of all prefixes announced by that neighbour, per
section 4.4.9 of the RFC. In addition, router ID and seqno in retraction
updates should be ignored. This reworks the handling of retractions and
adjusts the parser to handle all this correctly.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-19 13:33:02 +02:00
Ondrej Zajicek (work)
321ff8c404 Babel: Make sure intervals do not overflow
Intervals are carried as 16-bit centisecond values, but kept internally
in 16-bit second values, which causes a potential for overflow. This adds
some checks to make sure this does not happen.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-19 11:57:20 +02:00
Ondrej Zajicek (work)
ea0cb652e9 BGP: Fix extended messages
Change attribute length limit to handle extended (64 kB) messages.

Do not mix updates and withdraws (RFC 7606).
2016-07-11 20:41:32 +02:00
Ondrej Zajicek (work)
775a5a8195 BGP: Skip empty path segments in received AS_PATH
Although RFC 4271 does not forbid empty path segments, they are useless
and some implementations consider them invalid. It is clarified in RFC 7606,
specifying that AS_PATH with empty segment is considered malformed.
2016-06-29 14:24:32 +02:00
Ondrej Zajicek (work)
08b3a24da5 IO: Minor changes in socket AF handing
AF can be specified implicitly by saddr or daddr, flags SKF_V4ONLY and
SKF_V6ONLY are to be removed.
2016-05-17 15:21:49 +02:00
Ondrej Zajicek (work)
af678af0d5 Merge remote-tracking branch 'origin/master' into int-new 2016-05-12 18:03:23 +02:00
Pavel Tvrdik
8e433d6a52 Prog Doc: Complete several missing parameters 2016-05-12 15:49:44 +02:00
Jan Moskyto Matejka
0c6dfe5236 Merge branch 'int-new' into int-new-merged 2016-05-10 14:30:49 +02:00
Jan Moskyto Matejka
92912f063a Merge remote-tracking branch 'origin/rte-update' into int-new 2016-05-10 14:21:15 +02:00
Jan Moskyto Matejka
7152e5efbb Build system reworked to one global Makefile with includes and no nesting
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.

Fixed make doc on recent Debian together with moving generated doc into
objdir.

Moved Makefile.in into root dir

Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
2016-05-10 14:07:34 +02:00
Ondrej Zajicek (work)
937e75d8f1 Add the Babel routing protocol (RFC 6126)
This patch implements the IPv6 subset of the Babel routing protocol.
Based on the patch from Toke Hoiland-Jorgensen, with some heavy
modifications and bugfixes.

Thanks to Toke Hoiland-Jorgensen for the original patch.
2016-04-28 18:01:40 +02:00
Ondrej Zajicek (work)
a7baa09862 BSD: Add the IPsec SA/SP database entries control
Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database
at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are
handled automatically on both Linux and FreeBSD.

Based on patches from Pavel Tvrdik.
2016-04-13 14:37:09 +02:00
Jan Moskyto Matejka
2003a18407 Route update: move table lookup from protocols into rte_update2().
Many protocols do almost the same when creating a rte_update request
before calling rte_update2(). This commit should simplify the protocol
side of the route-creation routine.
2016-04-08 13:09:06 +02:00
Jan Moskyto Matejka
7a7ac65682 Merge branch 'master' into int-new-channels 2016-04-08 12:28:33 +02:00
Jan Moskyto Matejka
4bdf1881dc Channelize: rt_notify arg conversion table -> channel 2016-04-07 10:08:23 +02:00
Ondrej Zajicek (work)
bd22d7f41d IO: Avoid multiple event cycles in one loop cycle.
Event cycle may took too much time and trigger next timer events, so
avoid cycling between timer and event cycles inside the loop cycle.
2016-04-06 11:57:28 +02:00
Ondrej Zajicek (work)
9e7b3ebdf9 IO: Replace RX priority heuristic with explicit mark
In BIRD, RX has lower priority than TX with the exception of RX from
control socket. The patch replaces heuristic based on socket type with
explicit mark and uses it for both control socket and BGP session waiting
to be established.

This should avoid an issue when during heavy load, outgoing connection
could connect (TX event), send open, but then failed to receive OPEN /
establish in time, not sending notifications between and therefore
got hold timer expired error from the neighbor immediately after it
finally established the connection.
2016-04-06 11:49:34 +02:00
Ondrej Zajicek (work)
665b8e5283 Birdlib: Do cleanups after remove/free
To avoid byzantine behavior in case of some errors, linked lists are
cleared after rem_node() and resource headers are cleared after rfree().
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
39a6b19d6d OSPF: Fix bogus LSA ID collisions between received and originated LSAs
After restart, LSAs locally originated by the previous instance are
received from neighbors. They are installed to LSA db and flushed. If
export of a route triggers origination of a new external LSA before flush
of the received one is complete, the check in ospf_originate_lsa() causes
origination to fail (because en->nf is NULL for the old LSA and non-NULL
for the new LSA). The patch fixes this by updating the en->nf for LSAs
being flushed (as is already done for empty ones). Generally, en->nf
field deserves some better description in the code.

Thanks to Jigar Mehta for analyzing the problem.
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
a459f4df16 OSPF: Fix reading from freed memory
Thanks to Pavel Tvrdik for noticing it.
2016-03-23 02:21:42 +01:00
Jan Moskyto Matejka
62a4ad3657 Merge remote-tracking branch 'origin/poll' 2016-03-22 13:23:55 +01:00
Pavel Tvrdík
9036bbf2b7 RIP: fix typo in configuration at rx length opt 2016-03-17 18:40:54 +01:00
Jan Moskyto Matejka
fd926ed4ee Poll: Prevent the improbable case of EAGAIN after POLLIN 2016-03-15 14:57:49 +01:00
Ondrej Zajicek (work)
e3f506f9b5 OSPF: Multicast ability is irrelevant for stub interfaces 2016-02-25 18:23:39 +01:00
Ondrej Zajicek (work)
487c6961cb BGP: Fix bug in incoming connection handling
When a BGP session was established by an outgoing connection with
Graceful Restart behavior negotiated, a pending incoming connection in
OpenSent state, and another incoming connection was received, then the
outgoing connection (and whole BGP session) was closed, but the old
incoming connection was just overwritten by the new one. That later
caused a crash when the hold timer from the old connection fired.
2016-02-11 16:38:28 +01:00
Ondrej Zajicek (work)
f4a60a9bc4 Channels - explicit links between protocols and tables
The patch adds support for channels, structures connecting protocols and
tables and handling most interactions between them. The documentation is
missing yet.
2016-02-01 10:28:50 +01:00
Pavel Tvrdík
d82987d12e RIP: Fix DBG output 2016-01-27 12:41:32 +01:00
Jan Moskyto Matejka
74d9416763 RIPng: fixed misrejection of host routes 2016-01-25 10:29:06 +01:00
Jan Moskyto Matejka
6ffa8f5393 Hidden AF_INET* inside sysdep/ 2016-01-11 09:29:51 +01:00
Jan Moskyto Matejka
5b218c3d9b BFD: split of v4/v6 sockets 2016-01-11 09:29:51 +01:00