0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-24 18:51:54 +00:00
Commit Graph

3913 Commits

Author SHA1 Message Date
Maria Matejka
5a65ae45e5 Tamed harmless i368 warnings 2022-02-04 15:50:21 +01:00
Maria Matejka
cc73726620 Compilation fixes for CLang 2022-02-04 15:42:04 +01:00
Maria Matejka
fe840ddad9 Merge commit 'a9646efd40569f3a1d749bc1bd13219876b33a00' into sark-bgp-rebased 2022-02-04 15:26:36 +01:00
Maria Matejka
14bb6fd29a Merge commit 'bcb25084d31fdb90fcf1666f10e73fe0f863afc0' into sark-bgp-rebased 2022-02-04 15:24:28 +01:00
Maria Matejka
92e48894c3 Merge commit '75aceadaf746f8ed0acce0424f89903283dacf16' into sark-bgp-rebased 2022-02-04 15:21:16 +01:00
Maria Matejka
28a43d53e7 Merge commit '00410fd6c17697a5919cb32a44f7117dd3a0834a' into sark-bgp-rebased 2022-02-04 15:18:48 +01:00
Maria Matejka
d62a3d0274 Thread performance: Moved graph key to left top corner where it fits better 2022-02-04 15:18:44 +01:00
Maria Matejka
b554457e5e Thread documentation: Final version of chapter 3 2022-02-04 15:18:06 +01:00
Maria Matejka
765c940094 Thread documentation: Rewritten chapter 3 on loops and locks once again 2022-02-03 22:42:26 +01:00
Maria Matejka
216bcb7c68 Protocol limit restart/down must be callable from protocol context 2022-02-03 10:30:33 +01:00
Maria Matejka
d262695d4e BFD: direct notifications to protocol loops 2022-02-03 10:30:33 +01:00
Maria Matejka
09380db594 Neighbor prune fixup 2022-02-03 10:30:33 +01:00
Maria Matejka
c019008383 IO loop duration fixup 2022-02-03 10:30:33 +01:00
Maria Matejka
aca4c3fc8e BGP now runs in its own thread 2022-02-03 10:30:33 +01:00
Maria Matejka
fccaeb0141 BGP: Static global linpools replaced by private linpools 2022-02-03 10:30:33 +01:00
Maria Matejka
8447b24e59 Socket cork fixes 2022-02-03 10:30:33 +01:00
Maria Matejka
127862f626 Asynchronous neighbor notifications fixes 2022-02-03 10:30:33 +01:00
Maria Matejka
0f6ea95754 Explicitly storing and checking loop information in sockets 2022-02-03 10:30:33 +01:00
Maria Matejka
d37513a372 Neighbors: Locking and asynchronous notifications 2022-02-03 10:30:33 +01:00
Maria Matejka
c651cef737 Global interface list renamed to not clash with local lists 2022-02-03 10:30:33 +01:00
Maria Matejka
b6c9263543 Interfaces and neighbor notifications do properly enter protocol loops 2022-02-03 10:30:33 +01:00
Maria Matejka
b5155d5cea Page cleanup routines updated to allow nested birdloops 2022-02-03 10:30:33 +01:00
Maria Matejka
87512ccdff Route table fast prune fixup 2022-02-03 10:30:33 +01:00
Maria Matejka
f22bab9818 Babel: fixed interface pool removal 2022-02-03 10:30:33 +01:00
Maria Matejka
3cf5e0f144 Dropping a nonsensical assert which broke Babel 2022-02-03 10:03:37 +01:00
Maria Matejka
ee84ff14a1 Removing periodic wakeup of mainloop in debug version to search for notification issues 2022-02-03 10:03:37 +01:00
Maria Matejka
935b0b7124 Performance data of sark vs. v2.0.8 with a chart generator 2022-02-03 10:03:17 +01:00
Matous Holinka
a9646efd40 .gitlab-ci.yml: minor changes inside the .yml file.
+ ubuntu:21.10 added into the pipeline,
- ubuntu:20.10 removed from the pipeline,

+ misc/docker/ubuntu-21.10-amd64/Dockerfile added,
- misc/docker/ubuntu-20.10-amd64/Dockerfile removed.
2022-01-17 05:17:50 +01:00
Ondrej Zajicek (work)
81ee6cda2e Netlink: Add option to specify netlink socket receive buffer size
Add option 'netlink rx buffer' to specify netlink socket receive buffer
size. Uses SO_RCVBUFFORCE, so it can override rmem_max limit.

Thanks to Trisha Biswas and Michal for the original patches.
2022-01-17 05:11:29 +01:00
Ondrej Zajicek (work)
bbc33f6ec3 Netlink: Add another workaround for older kernel headers
Unfortunately, SOL_NETLINK is both recently added and arch-dependent,
so we cannot just define it.
2022-01-15 22:39:40 +01:00
Ondrej Zajicek (work)
8988264a64 Netlink: Add workaround for older kernel headers 2022-01-14 23:15:05 +01:00
Ondrej Zajicek (work)
e818f16448 Netlink: Enable strict checking for KRT dumps
Add strict checking for netlink KRT dumps to avoid PMTU cache records
from FNHE table dump along with KRT.

Linux Kernel added FNHE table dump to the netlink API in patch:

8d3b68cd37.1561131177.git.sbrivio@redhat.com/

Therefore, since Linux 5.3 these route cache entries are dumped together
with regular routes during periodic KRT scans, which in some cases may be
huge amount of useless data. This can be avoided by using strict checking
for netlink dumps:

https://lore.kernel.org/netdev/20181008031644.15989-1-dsahern@kernel.org/

The patch mitigates the risk of receiving unknown and potentially large
number of FNHE records that would block BIRD I/O in each sync. There is a
known issue caused by the GRE tunnels on Linux that seems to be creating
one FNHE record for each destination IP address that is routed through
the tunnel, even when the PMTU equals to GRE interface MTU.

Thanks to Tomas Hlavacek for the original patch.
2022-01-14 21:53:40 +01:00
Ondrej Zajicek (work)
d0dd1d20cd Netlink: Explicitly skip received cloned routes
Kernel uses cloned routes to keep route cache entries, but reports them
together with regular routes. They were skipped implicitly as they
do not have rtm_protocol filled. Add explicit check for cloned flag
and skip such routes explicitly.

Also, improve debug logs of skipped routes.
2022-01-14 19:07:57 +01:00
Ondrej Zajicek (work)
60e9def9ef BGP: Add option 'free bind'
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND
socket option for the BGP listening socket.

Thanks to Alexander Zubkov for the idea.
2022-01-09 02:44:32 +01:00
Alexander Zubkov
87a02489f3 IO: Support nonlocal bind in socket interface
Add option to socket interface for nonlocal binding, i.e. binding to an
IP address that is not present on interfaces. This behaviour is enabled
when SKF_FREEBIND socket flag is set. For Linux systems, it is
implemented by IP_FREEBIND socket flag.

Minor changes done by commiter.
2022-01-08 19:02:31 +01:00
Ondrej Zajicek (work)
bcb25084d3 Test: Activate some remaining build tests 2022-01-05 20:07:27 +01:00
Ondrej Zajicek (work)
f5c8fb5fba Netlink: Do not ignore dead routes from BIRD
Currently, BIRD ignores dead routes to consider them absent. But it also
ignores its own routes and thus it can not correctly manage such routes
in some cases. This patch makes an exception for routes with proto bird
when ignoring dead routes, so they can be properly updated or removed.

Thanks to Alexander Zubkov for the original patch.
2022-01-05 19:25:42 +01:00
Ondrej Zajicek (work)
77d032c71f Netlink: Improve multipath parsing errors
Function nl_parse_multipath() should handle errors internally.
2022-01-05 18:46:41 +01:00
Ondrej Zajicek (work)
29dda184e5 Conf: Fix parsing full-length IPv6 addresses
Lexer expression for bytestring was too loose, accepting also
full-length IPv6 addresses. It should be restricted such that
colon is used between every byte or never.

Fix the regex and also add some test cases for it.

Thanks to Alexander Zubkov for the bugreport
2022-01-05 16:38:49 +01:00
Matous
75aceadaf7 gitlab-ci.yml: failing gitlab runner fixed.
'registry.labs.nic.cz' -> 'registry.nic.cz' changed
2022-01-05 04:13:39 +01:00
Alexander Zubkov
77042292ff Doc: Document min/max operators for lists 2021-12-28 04:09:36 +01:00
Alexander Zubkov
0e1fd7ea6a Filter: Add operators to find minimum and maximum element of sets
Add operators .min and .max to find minumum or maximum element in sets
of types: clist, eclist, lclist. Example usage:

bgp_community.min
bgp_ext_community.max
filter(bgp_large_community, [(as1, as2, *)]).min

Signed-off-by: Alexander Zubkov <green@qrator.net>
2021-12-28 04:07:09 +01:00
Alexander Zubkov
e15e465720 Doc: Document community components access operators 2021-12-28 04:07:09 +01:00
Alexander Zubkov
a2a268da4f Filter: Add operators to pick community components
Add operators that can be used to pick components from
pair (standard community) or lc (large community) types.
For example:

(10, 20).asn --> 10
(10, 20).data --> 20

(10, 20, 30).asn --> 10
(10, 20, 30).data1 --> 20
(10, 20, 30).data2 --> 30

Signed-off-by: Alexander Zubkov <green@qrator.net>
2021-12-28 04:07:00 +01:00
Ondrej Zajicek (work)
a39cd2cc0b BSD: Assume onlink flag on ifaces with only host addresses
The BSD kernel does not support the onlink flag and BIRD does not use
direct routes for next hop validation, instead depends on interface
address ranges. We would like to handle PtMP cases with only host
addresses configured, like:

  ifconfig wg0 192.168.0.10/32
  route add 192.168.0.4 -iface wg0
  route add 192.168.0.8 -iface wg0

To accept BIRD routes with onlink next-hop, like:

  route 192.168.42.0/24 via 192.168.0.4%wg0 onlink

BIRD would dismiss the route when receiving from the kernel, as the
next-hop 192.168.0.4 is not part of any interface subnet and onlink
flag is not kept by the BSD kernel.

The commit fixes this by assuming that for routes received from the
kernel, any next-hop is onlink on ifaces with only host addresses.

Thanks to Stefan Haller for the original patch.
2021-12-27 21:00:04 +01:00
Maria Matejka
ffa6a51c58 Thread documentation: Chapter 4 on memory management 2021-12-22 15:35:49 +01:00
Job Snijders
b9f38727a7 RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handler
RFC 6810 and RFC 8210 specify that the "Max Length" value MUST NOT be
less than the Prefix Length element (underflow). On the other side,
overflow of the Max Length element also is possible, it being an 8-bit
unsigned integer allows for values larger than 32 or 128. This also
implicitly ensures there is no overflow of "Length" value.

When a PDU is received where the Max Length field is corrputed, the RTR
client (BIRD) should immediately terminate the session, flush all data
learned from that cache, and log an error for the operator.

Minor changes done by commiter.
2021-12-18 16:35:28 +01:00
Simon Ruderich
00410fd6c1 Doc: bgp: remove "advertise ipv4"
The option was removed in d15b0b0a ("BGP redesign", 2016-12-07)
but the documentation wasn't updated.
2021-12-18 03:17:48 +01:00
Ondrej Zajicek (work)
b21104c97e Nest: Do not ignore secondary flag changes in ifa updates
Compare all IA_* flags that are set by sysdep iface code.

The old code ignores IA_SECONDARY flag when comparing whether iface
address updates from kernel changed anything. This is usually not an
issue as kernel removes all secondary addresses due to removal of the
primary one, but it breaks when sysctl 'promote_secondaries' is enabled
and kernel promotes secondary addresses to primary ones.

Thanks to 'Alexander' for the bugreport.
2021-12-18 01:09:52 +01:00
Maria Matejka
a840170e84 Thread documentation: Completely rewritten chapter 3 on loops and locks 2021-12-08 20:31:12 +01:00