0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2025-01-23 09:21:53 +00:00
Commit Graph

125 Commits

Author SHA1 Message Date
Maria Matejka
8349536278 BFD: Fix session reconfiguration locking order
The sessions have to be updated asynchronously to avoid
cross-locking between protocols.

Testsuite: cf-ibgp-bfd-switch, cf-ibgp-multi-bfd-auth
Fixes: #139

Thanks to Daniel Suchy <danny@danysek.cz> for reporting:
https://trubka.network.cz/pipermail/bird-users/2024-December/017984.html
2024-12-21 19:12:54 +01:00
Maria Matejka
731593685b Merge commit 'd85fa48e' into thread-next
The resource dumping routines needed to be updated in v3 to use the new
API introduced in v2.

Conflicts:
	filter/f-util.c
	filter/filter.c
	lib/birdlib.h
	lib/event.c
	lib/mempool.c
	lib/resource.c
	lib/resource.h
	lib/slab.c
	lib/timer.c
	nest/config.Y
	nest/iface.c
	nest/iface.h
	nest/locks.c
	nest/neighbor.c
	nest/proto.c
	nest/route.h
	nest/rt-attr.c
	nest/rt-table.c
	proto/bfd/bfd.c
	proto/bmp/bmp.c
	sysdep/unix/io.c
	sysdep/unix/krt.c
	sysdep/unix/main.c
	sysdep/unix/unix.h
2024-12-13 15:58:10 +01:00
Maria Matejka
da8a23277e CLI: Dumping internal data structures to files, not to debug output
All the 'dump something' CLI commands now have a new mandatory
argument -- name of the file where to dump the data. This allows
for more flexible dumping even for production deployments where
the debug output is by default off.

Also the dump commands are now restricted (they weren't before)
to assure that only the appropriate users can run these time consuming
commands.
2024-12-02 06:54:54 +01:00
Maria Matejka
1b0ffdf80e Merge commit '82d57fb7' into thread-merge-2.16 2024-11-29 11:26:18 +01:00
Maria Matejka
e6242ef948 Merge commit '8a40bccf' into thread-merge-2.16 2024-11-28 09:36:33 +01:00
Maria Matejka
ce2ecbdcb6 Merge commit 'e29f134a' into thread-merge-2.16 2024-11-28 09:04:31 +01:00
Maria Matejka
74800729c0 Proto: The active flag converted to actual fifth protocol state
What was PS_DOWN before, is now PS_DOWN and PS_FLUSH.
2024-11-18 22:21:12 +01:00
Maria Matejka
eb6918e4db Neighbor cache: fixed neighbor referencing 2024-11-14 11:41:37 +01:00
Piotr Wydrych
82d57fb7ad CLI: Add timeformat command
Adds ability to override time format of show commands for current CLI session
so that it does not depend on configuration and may ease parsing when CLI is
called from tools.

Minor changes by committer.
2024-11-07 15:08:51 +01:00
Alexander Zubkov
8a40bccffe BFD: Add option to accept zero checksum for IPv6 UDP packets
Some vendors do not fill the checksum for IPv6 UDP packets.
For interoperability with such implementations one can set
UDP_NO_CHECK6_RX socket option on Linux.

Thanks to Ville O for the suggestion.

Minor changes by committer.
2024-06-26 16:29:57 +02:00
Maria Matejka
61dcbb1d83 Global runtime values separated from config 2024-06-14 23:16:07 +02:00
Ondrej Zajicek
e29f134ad9 BFD: Fix build when BFD is disabled
Move bfd_opts grammar inside BFD parser code to avoid dependences between
nest and BFD grammars, which breaks when BFD build is disabled.

Add dummy bfd_opts grammar rule, so protocols can use this nonterminal
even with BFD disabled.

Thanks to Yuri Honegger for the bugreport.
2024-05-28 15:31:52 +02:00
Maria Matejka
76ca53e4f8 SKIP_BACK_DECLARE: easier embedded-to-parent typecasting 2024-05-25 19:37:16 +02:00
Katerina Kubecova
e6dbde6883 BFD: Set password per session 2024-04-16 15:30:59 +02:00
Ondrej Zajicek
0883ce66bf Merge commit '1b064355f752b9bfe4644f775697bbd9b711f762' into thread-next 2024-04-01 18:20:18 +02:00
Ondrej Zajicek
f27d1bae0f Merge commit '26dd61ee7f91c15157601b2404de5b6500a6061c' into thread-next 2024-04-01 03:01:59 +02:00
Ondrej Zajicek
1b064355f7 Client: Add support for completion of command options
We can easily extend command completion to handle also keywords for
command options. Help for command options is not yet supported.
2024-03-05 19:04:10 +01:00
Ondrej Zajicek
26dd61ee7f BFD: Add arguments to 'show bfd sessions' command
Add several arguments to 'show bfd sessions' command to filter
the list of sessions.
2024-03-05 00:02:16 +01:00
Ondrej Zajicek
4737937375 BFD: Improve 'show bfd sessions all' command 2024-03-04 23:51:37 +01:00
Katerina Kubecova
a48dc5efe0 BFD: Show session for ip / ip prefix 2024-03-04 23:35:10 +01:00
Katerina Kubecova
37bf207843 BFD: show bfd sessions all 2024-03-04 23:35:10 +01:00
Maria Matejka
d615633437 Merge commit '13c6cf8a7430a6b133e46525256eb5554b3f0a2b' into thread-next 2024-01-28 23:09:47 +01:00
Ondrej Zajicek
13c6cf8a74 Trivial code cleanups 2024-01-22 06:29:14 +01:00
Maria Matejka
ddf698ec99 Renamed nest/rt.h back to nest/route.h
Some [redacted] (yes, myself) had a really bad idea
to rename nest/route.h to nest/rt.h while refactoring
some data structures out of it.

This led to unnecessarily complex problems with
merging updates from v2. Reverting this change
to make my life a bit easier.

At least it needed only one find-sed command:

    find -name '*.[chlY]' -type f -exec sed -i 's#nest/rt.h#nest/route.h#' '{}' +
2023-10-29 16:29:26 +01:00
Maria Matejka
1a49a4aea8 Merge commit 'fc9d471b' into thread-next
Conflicts:
	conf/cf-lex.l
	conf/conf.h
	filter/config.Y
	filter/data.c
	filter/data.h
2023-10-28 23:42:21 +02:00
Maria Matejka
6c85016dd4 Merge commit 'aa70e14c' into thread-next 2023-10-24 09:34:06 +02:00
Maria Matejka
6f798683a3 Conf: config warnings show the file position 2023-09-12 15:58:07 +02:00
Ondrej Zajicek
aa70e14c9e BFD: Improve handling of AdminDown
According to RFC 5882, system should not interpret the local or remote
session state transition to AdminDown as failure. We followed that for
the local session state but not for the remote session state (which
just triggered a transition of the local state to Down). The patch
fixes that.

We do not properly generate AdminDown on our side, so the patch is
relevant just for interoperability with other systems.

Thanks to Sunnat Samadov for the bugreport.
2023-08-29 18:23:29 +02:00
Maria Matejka
5ba9878b4f BFD: Fixed reconfiguration issues
After converting BFD to the new IO loop system, reconfiguration never
really worked. Sadly, we missed this case in our testing suite so it
passed under the radar for quite a while.

Thanks to Andrei Dinu <andrei.dinu@digitalit.ro> for reporting and
isolating this issue.
2023-05-29 19:32:26 +02:00
Maria Matejka
ce7495b49a Refactoring of domains connected to pools 2023-04-25 09:52:28 +02:00
Maria Matejka
22f54eaee6 Resource pools are now bound with domains.
Memory allocation is a fragile part of BIRD and we need checking that
everybody is using the resource pools in an appropriate way. To assure
this, all the resource pools are associated with locking domains and
every resource manipulation is thoroughly checked whether the
appropriate locking domain is locked.

With transitive resource manipulation like resource dumping or mass free
operations, domains are locked and unlocked on the go, thus we require
pool domains to have higher order than their parent to allow for this
transitive operations.

Adding pool locking revealed some cases of insecure memory manipulation
and this commit fixes that as well.
2023-04-24 10:33:28 +02:00
Maria Matejka
b3f805ce29 Socket closing has its dedicated function 2023-04-22 20:48:42 +02:00
Maria Matejka
787fb56da3 IO: added a specific loop pickup group for BFD; to be done better in future 2023-04-17 13:30:14 +02:00
Maria Matejka
22a0900ec2 BFD: fixed a request pickup race condition
When several BGPs requested a BFD session in short time, chances were
that the second BGP would file a request while the pickup routine was
still running and it would get enqueued into the waiting list instead of
being picked up.

Fixed this by enforcing pickup loop restart when new requests got added,
and also by atomically moving the unpicked requests to a temporary list
to announce admin down before actually being added into the wait list.
2023-04-06 12:48:02 +02:00
Maria Matejka
836e857b30 Sockets: Unified API for main and other loops
Now sk_open() requires an explicit IO loop to open the socket in. Also
specific functions for socket RX pause / resume are added to allow for
BGP corking.

And last but not least, socket reloop is now synchronous to resolve
weird cases of the target loop stopping before actually picking up the
relooped socket. Now the caller must ensure that both loops are locked
while relooping, and this way all sockets always have their respective
loop.
2023-04-04 17:00:59 +02:00
Maria Matejka
d9f0f4af7d Resource dumps also write out block addresses 2023-04-04 17:00:59 +02:00
Maria Matejka
6543303ad4 BFD notifications respect protocol loop settings 2023-04-04 17:00:58 +02:00
Maria Matejka
a2fd889a3b Merge commit '0bb04d5390f21b0c96fc4894ba5d5510c541f0ef' into HEAD 2023-02-07 14:27:23 +01:00
Maria Matejka
c354e8f4c1 Interface updates are asynchronous
Instead of propagating interface updates as they are loaded from kernel,
they are enqueued and all the notifications are called from a
protocol-specific event. This change allows to break the locking loop
between protocols and interfaces.

Anyway, this change is based on v2 branch to keep the changes between v2
and v3 smaller.
2023-02-02 15:57:21 +01:00
Maria Matejka
4334f86251 VRF setting reduced to one argument, using default dummy iface for default vrf 2023-01-25 13:33:31 +01:00
Maria Matejka
3ac628e0f0 Merge v2.0.12 into thread-next 2023-01-24 11:04:28 +01:00
Ondrej Zajicek
99872676df BFD: Improve incoming packet matching
For active sessions, ignore received packets with zero local id and
mismatched remote id. That forces a session timeout instead of an
immediate session restart. It makes BFD sessions more resilient to
packet spoofing.

Thanks to André Grüneberg for the suggestion.
2023-01-22 23:42:08 +01:00
Maria Matejka
6768e0cf9e Pipe kick-and-drain packed into a neat structure and functions. 2022-09-20 17:17:50 +02:00
Maria Matejka
4b4fe1bd65 BFD: The old pipe notification mechanism replaced by events 2022-09-20 17:14:31 +02:00
Maria Matejka
28427a68c3 Merge commit 'adf37d8e' into thread-next 2022-09-20 09:14:39 +02:00
Maria Matejka
26bfd4cc03 Merge commit 'd2c1036a42881d413ec97203ede92a69f8cd218f' into thread-next 2022-09-09 13:15:50 +02:00
Maria Matejka
fb7fb67445 Table access is now locked. 2022-09-08 15:24:02 +02:00
Maria Matejka
dc28c6ed1c Simplified the protocol hookup code in Makefiles 2022-08-18 22:07:30 +02:00
Maria Matejka
08c8484608 Merge commit '94eb0858' into thread-next 2022-07-18 12:33:00 +02:00
Maria Matejka
4b6f5ee870 Merge commit 'a4451535' into thread-next 2022-07-18 11:11:46 +02:00