0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-23 10:11:53 +00:00
Commit Graph

118 Commits

Author SHA1 Message Date
Maria Matejka
1106927213 Merge commit '913ec57f' into thread-next-iface 2023-04-14 13:43:24 +02:00
Maria Matejka
ea30d596d3 Merge commit 'ee919658' into thread-next-iface 2023-04-14 13:42:42 +02:00
Maria Matejka
a1fcd1c57a Merge commit 'dc4c5f51' into thread-next-iface 2023-04-14 11:32:20 +02:00
Maria Matejka
98f69aa419 Propagated const through route feed routines 2023-04-04 17:00:58 +02:00
Maria Matejka
b8a230e478 Interface subsystem locking 2023-04-04 17:00:58 +02:00
Ondrej Zajicek
501256cfc8 Babel: Update RFC references 2023-02-19 15:34:43 +01:00
Toke Høiland-Jørgensen
ee91965894 Babel: Keep separate auth PC counters for unicast and multicast
The babel protocol normally sends all its messages as multicast packets,
but the protocol specification allows most messages to be sent as either
unicast or multicast, and the two can be mixed freely. In particular, the
babeld implementation can be configured to unicast updates to all peers
instead of sending them as unicast.

Daniel discovered that this can cause problems with the packet counter
checks in the MAC extension due to packet reordering. This happens on WiFi
networks where clients have power save enabled (which is quite common in
infrastructure networks): in this case, the access point will buffer all
multicast traffic and only send it out along with its beacons, leading to a
maximum buffering in default Linux-based access point configuration of up
to 200 ms.

This means that a Babel sender that mixes unicast and multicast messages
can have the unicast messages overtake the multicast messages because of
this buffering; when authentication is enabled, this causes the receiver to
discard the multicast message when it does arrive because it now has a
packet counter value less than the unicast message that arrived before it.
Daniel observed that this happens frequently enough that Babel ceases to
work entirely when runner over a WiFi network.

The issue has been described in draft-ietf-babel-mac-relaxed, which is
currently pending RFC publication. That also describes two mitigation
mechanisms: Keeping separate PC counters for unicast and multicast, and
using a reorder window for PC values. This patch implements the former as
that is the simplest, and resolves the particular issue seen on WiFi.

Thanks to Daniel Gröber for the bugreport.

Minor changes from committer.
2023-02-14 18:18:32 +01:00
Andreas Rammhold
eecc3f02e4 Babel: Implement IPv4 via IPv6 extension (RFC 9229)
The patch implements an IPv4 via IPv6 extension (RFC 9229) to the Babel
routing protocol (RFC 8966) that allows annoncing routes to an IPv4
prefix with an IPv6 next hop, which makes it possible for IPv4 traffic
to flow through interfaces that have not been assigned an IPv4 address.

The implementation is compatible with the current Babeld version.

Thanks to Toke Høiland-Jørgensen for early review on this work.

Minor changes from committer.
2023-02-14 16:17:03 +01:00
Maria Matejka
a2fd889a3b Merge commit '0bb04d5390f21b0c96fc4894ba5d5510c541f0ef' into HEAD 2023-02-07 14:27:23 +01:00
Maria Matejka
c354e8f4c1 Interface updates are asynchronous
Instead of propagating interface updates as they are loaded from kernel,
they are enqueued and all the notifications are called from a
protocol-specific event. This change allows to break the locking loop
between protocols and interfaces.

Anyway, this change is based on v2 branch to keep the changes between v2
and v3 smaller.
2023-02-02 15:57:21 +01:00
Toke Høiland-Jørgensen
dc4c5f51f8 Babel: Initialise source seqno from incoming message
When creating a new babel_source object we initialise the seqno to 0. The
caller will update the source object with the right metric and seqno value,
for both newly created and old source objects. However if we initialise the
source object seqno to 0 that may actually turn out to be a valid (higher)
seqno than the one in the routing table, because of seqno wrapping. In this
case the source metric will not be set properly, which breaks feasibility
tracking for subsequent updates.

To fix this, add a new initial_seqno argument to babel_get_source() which
is used when allocating a new object, and set that to the seqno value of
the update we're sending.

Thanks to Juliusz Chroboczek for the bugreport.
2023-01-31 15:52:14 +01:00
Ondrej Zajicek
96d7c4679d Babel: Improve clarity of unfeasible update handling.
Add a comment and (unnecessary) check to make correctness obvious.
2023-01-30 23:49:20 +01:00
Toke Høiland-Jørgensen
3e7e4a7186 Babel: Fix missing modulo comparison of seqnos
Juliusz noticed there were a couple of places we were doing straight
inequality comparisons of seqnos in Babel. This is wrong because seqnos can
wrap: so we need to use the modulo-64k comparison function for these cases
as well.

Introduce a strict-inequality version of the modulo-comparison for this
purpose.
2023-01-30 23:36:39 +01:00
Maria Matejka
05d8c3699d Object locks use events
Instead of calling custom hooks from object locks, we use standard event
sending mechanism to inform protocols about object lock changes. This is
a backport from version 3 where these events are passed across threads.

This implementation of object locks doesn't use mutexes to lock the
whole data structure. In version 3, this data structure may get accessed
from multiple threads and must be protected by mutex.
2023-01-26 13:22:28 +01:00
Maria Matejka
4334f86251 VRF setting reduced to one argument, using default dummy iface for default vrf 2023-01-25 13:33:31 +01:00
Maria Matejka
f7c2a886c9 Object locks use events
Instead of calling custom hooks from object locks, we use standard event
sending mechanism to inform protocols about object lock changes. As
event sending is lockless, the unlocking protocol simply enqueues the
appropriate event to the given loop when the locking is done.
2023-01-24 11:34:36 +01:00
Maria Matejka
3ac628e0f0 Merge v2.0.12 into thread-next 2023-01-24 11:04:28 +01:00
Maria Matejka
4e6cd1b2e3 Merge commit 'b28431e557c4f63923476094a919a0630001275e' into thread-next 2023-01-23 19:39:45 +01:00
Maria Matejka
5aeaa0c2ca Merge commit '8b06a4d8af46511f0f8dbb8905afa88590a831b6' into thread-next 2023-01-23 18:57:13 +01:00
Ondrej Zajicek
a82683694d VRF: Fix issues with reconfiguration
Protocols receive if_notify() announcements that are filtered according
to their VRF setting, but during reconfiguration, they access iface_list
directly and forgot to check VRF setting here, which leads to all
interfaces be addedd.

Fix this issue for Babel, OSPF, RAdv and RIP protocols.

Thanks to Marcel Menzel for the bugreport.
2023-01-22 18:21:08 +01:00
Ondrej Zajicek
b28431e557 Nest: Fix leaking internal attributes in RIP and Babel
During backporting attribute changes from 3.0-branch, some internal
attributes (RIP iface and Babel seqno) leaked to 'show route all' output.
Allow protocols to hide specific attributes with GA_HIDDEN value.

Thanks to Nigel Kukard for the bugreport.
2023-01-03 17:01:54 +01:00
Ondrej Zajicek
6d1ae197d1 Nest: Fix several issues with pflags
There were some confusion about validity and usage of pflags, which
caused incorrect usage after some flags from (now removed) protocol-
specific area were moved to pflags.

We state that pflags:

 - Are secondary data used by protocol-specific hooks
 - Can be changed on an existing route (in contrast to copy-on-write
   for primary data)
 - Are irrelevant for propagation (not propagated when changed)
 - Are specific to a routing table (not propagated by pipe)

The patch did these fixes:

 - Do not compare pflags in rte_same(), as they may keep cached values
   like BGP_REF_STALE, causing spurious propagation.

 - Initialize pflags to zero in rte_get_temp(), avoid initialization in
   protocol code, fixing at least two forgotten initializations (krt
   and one case in babel).

 - Improve documentation about pflags
2023-01-01 20:10:23 +01:00
Toke Høiland-Jørgensen
8b06a4d8af Babel: Rework seqno request handling
The seqno request retransmission handling was tracking the destination
that a forwarded request was being sent to and always retransmitting to
that same destination. This is unnecessary because we only need to
retransmit requests we originate ourselves, not those we forward on
behalf of others; in fact retransmitting on behalf of others can lead to
exponential multiplication of requests, which would be bad.

So rework the seqno request tracking so that instead of storing the
destination of a request, we just track whether it was a request that we
forwarded on behalf of another node, or if it was a request we originated
ourselves. Forwarded requests are not retransmitted, they are only used
for duplicate suppression, and for triggering an update when satisfied.
If we end up originating a request that we previously forwarded, we
"upgrade" the old request and restart the retransmit counter.

One complication with this is that requests sent in response to unfeasible
updates (section 3.8.2.2 of the RFC) have to be sent as unicast to a
particular peer. However, we don't really need to retransmit those as
there's no starvation when sending such a request; so we just change
such requests to be one-off unicast requests that are not subject to
retransmission or duplicate suppression. This is the same behaviour as
babeld has for such requests.

Minor changes from committer.
2022-12-24 15:52:12 +01:00
Maria Matejka
71b434a987 Merge commit 'f0507f05ce57398e135651896dace4cb68eeed54' into thread-next 2022-08-02 22:08:59 +02:00
Maria Matejka
432dfe3b9b Fixed a rarely used part of Babel: comparing two routes in table by their metric 2022-07-22 15:48:20 +02:00
Maria Matejka
af0d5ec279 Merge commit 'd429bc5c841a8e9d4c81786973edfa56d20a407e' into thread-next 2022-07-13 12:54:20 +02:00
Maria Matejka
5be34f5ab4 Merge commit '7e9cede1fd1878fb4c00e793bccd0ca6c18ad452' into thread-next 2022-07-13 12:02:34 +02:00
Maria Matejka
d429bc5c84 Merge commit 'beb5f78a' into backport 2022-07-11 10:41:17 +02:00
Maria Matejka
7e9cede1fd Merge version 2.0.10 into backport 2022-07-10 14:19:24 +02:00
Maria Matejka
beb5f78ada Preexport callback now takes the channel instead of protocol as argument
Passing protocol to preexport was in fact a historical relic from the
old times when channels weren't a thing. Refactoring that to match
current extensibility needs.
2022-06-27 19:04:24 +02:00
Maria Matejka
4364ee9b6f Merge commit '938742decc6e1d6d3a0375dd012b75172e747bbc' into haugesund 2022-06-08 15:31:28 +02:00
Maria Matejka
cae5979871 Merge commit '950775f6fa3d569a9d7cd05e33538d35e895d688' into haugesund
There were quite a lot of conflicts in flowspec validation code which
ultimately led to some code being a bit rewritten, not only adapted from
this or that branch, yet it is still in a limit of a merge.
2022-06-08 11:47:49 +02:00
Ondrej Zajicek
ad686c55c3 Babel: Do not try to remove multicast seqno request objects from neighbour list
The Babel seqno request code keeps track of which seqno requests are
outstanding for a neighbour by putting them onto a per-neighbour list. When
reusing a seqno request, it will try to remove this node, but if the seqno
request in question was a multicast request with no neighbour attached this
will result in a crash because it tries to remove a list node that wasn't
added to any list.

Fix this by making the list remove conditional. Also fix neighbor removal
which were changing seqno requests to multicast ones instead of removing
them.

Fixes: ebd5751cde ("Babel: Seqno requests are properly decoupled from
neighbors when the underlying interface disappears").

Based on the patch from Toke Høiland-Jørgensen <toke@toke.dk>,
bug reported by Stefan Haller <stefan.haller@stha.de>, thanks.
2022-06-05 04:11:32 +02:00
Maria Matejka
1493695c6b Merge commit 'f15f2fcee7eeb5a100bd204a0e67018e25953420' into haugesund 2022-05-30 17:37:08 +02:00
Maria Matejka
41508ceac3 Merge commit '1c30b689ddd032ef8000fb7836348a48ba3184ff' into haugesund 2022-05-30 17:26:25 +02:00
Maria Matejka
65254128e1 Merge commit '702c04fbef222e802ca4dfac645dc75ede522db6' into haugesund 2022-05-30 17:18:46 +02:00
Maria Matejka
1a92ee9d4d Merge commit '337c04c45e1472d6d9b531a3c55f1f2d30ebf308' into haugesund 2022-05-30 17:18:03 +02:00
Maria Matejka
674587d9c8 Merge commit 'd8661a4397e4576ac404661b192dd99d928e7890' into haugesund 2022-05-30 17:11:30 +02:00
Maria Matejka
5051e3c4af Merge commit '17f91f9e6e70f7e3f29502e854823c0d48571eaa' into haugesund 2022-05-30 16:59:24 +02:00
Maria Matejka
b7e2edd441 Merge commit '1d309c4ce6e95b68c64a8f007f6dd2f1830a5707' into haugesund 2022-05-30 16:48:17 +02:00
Maria Matejka
54344f15f8 Merge commit '0d0f6554a5c233bf2bf830ae319191c4b1808d49' into haugesund 2022-05-30 15:43:13 +02:00
Maria Matejka
45af19dd99 Merge commit '652be92a21f5575e5f74f6abe98eb4200b86776c' into haugesund 2022-05-30 15:36:54 +02:00
Maria Matejka
d7b077f5d6 Merge commit '4a23ede2b056a41456790cc20a0c3d92a7137693' into haugesund 2022-05-30 15:31:19 +02:00
Maria Matejka
d024f471ea Merge commit 'ebd807c0b8eb0b7a3dc3371cd4c87ae886c00885' into haugesund 2022-05-30 15:27:46 +02:00
Maria Matejka
652be92a21 Merge remote-tracking branch 'origin/master' into haugesund-to-2.0 2022-05-30 15:20:21 +02:00
Maria Matejka
938742decc Squashing the route attribute structure into one level.
For now, all route attributes are stored as eattrs in ea_list. This
should make route manipulation easier and it also allows for a layered
approach of route attributes where updates from filters will be stored
as an overlay over the previous version.
2022-05-30 14:39:09 +02:00
Maria Matejka
950775f6fa Route destination field merged with nexthop attribute; splitting flowspec validation result out.
As there is either a nexthop or another destination specification
(or othing in case of ROAs and Flowspec), it may be merged together.
This code is somehow quirky and should be replaced in future by better
implementation of nexthop.

Also flowspec validation result has its own attribute now as it doesn't
have anything to do with route nexthop.
2022-05-30 14:39:09 +02:00
Maria Matejka
f15f2fcee7 Moved nexthop from struct rta to extended attribute.
This doesn't do anything more than to put the whole structure inside
adata. The overall performance is certainly going downhill; we'll
optimize this later.

Anyway, this is one of the latest items inside rta and in several
commits we may drop rta completely and move to eattrs-only routes.
2022-05-26 12:34:26 +02:00
Maria Matejka
1c30b689dd Moved route source attribute (RTS_*) to eattrs 2022-05-04 15:39:53 +02:00
Maria Matejka
702c04fbef Removing the route scope attribute. Use custom attributes instead.
The route scope attribute was used for simple user route marking. As
there is a better tool for this (custom attributes), the old and limited
way can be dropped.
2022-05-04 15:39:21 +02:00