0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-23 10:11:53 +00:00
Commit Graph

332 Commits

Author SHA1 Message Date
Maria Matejka
794f555f63 BGP: fix listen socket cleanup 2023-05-11 11:41:01 +02:00
Maria Matejka
a818a3011e Channel: configurable feed block size 2023-05-11 11:41:01 +02:00
Maria Matejka
318ac8720f OLocks in BGP must be freed early 2023-05-09 10:33:23 +02:00
Ondrej Zajicek
aa3c35498d BMP: Use OPEN messages stored in BGP
The BMP protocol needs OPEN messages of established BGP sessions to
construct appropriate Peer Up messages. Instead of saving them internally
we use OPEN messages stored in BGP instances. This allows BMP instances
to be restarted or enabled later.

Because of this change, we can simplify BMP data structures. No need to
keep track of BGP sessions when we are not started. We have to iterate
over all (established) BGP sessions when the BMP session is established.
This is just a scaffolding now, but some kind of iteration would be
necessary anyway.

Also, the commit cleans up handling of msg/msg_length arguments to be
body/body_length consistently in both rx/tx and peer_up/peer_down calls.
2023-05-01 04:01:16 +02:00
Ondrej Zajicek
1be0be1b71 BGP: Save sent and received OPEN messages
These are necessary for BMP Peer UP message and it is better to keep them
in BGP than in BMP (so BMP could be restarted or added later).
2023-05-01 04:01:16 +02:00
Maria Matejka
ce7495b49a Refactoring of domains connected to pools 2023-04-25 09:52:28 +02:00
Maria Matejka
22f54eaee6 Resource pools are now bound with domains.
Memory allocation is a fragile part of BIRD and we need checking that
everybody is using the resource pools in an appropriate way. To assure
this, all the resource pools are associated with locking domains and
every resource manipulation is thoroughly checked whether the
appropriate locking domain is locked.

With transitive resource manipulation like resource dumping or mass free
operations, domains are locked and unlocked on the go, thus we require
pool domains to have higher order than their parent to allow for this
transitive operations.

Adding pool locking revealed some cases of insecure memory manipulation
and this commit fixes that as well.
2023-04-24 10:33:28 +02:00
Maria Matejka
b3f805ce29 Socket closing has its dedicated function 2023-04-22 20:48:42 +02:00
Ondrej Zajicek
02164814b4 BMP: Allow build without BMP and disable BMP build by default
It has still several important issues to be enabled by default.
2023-04-18 17:21:13 +02:00
Ondrej Zajicek (work)
4adebdf198 BMP: Minor cleanups
Remove redundant 'disable' option, simplify IP address serialization,
and remove useless macros.
2023-04-16 20:05:17 +02:00
Pawel Maslanka
a848dad40a BMP protocol support
Initial implementation of a basic subset of the BMP (BGP Monitoring
Protocol, RFC 7854) from Akamai team. Submitted for further review
and improvement.
2023-04-16 20:05:15 +02:00
Maria Matejka
1106927213 Merge commit '913ec57f' into thread-next-iface 2023-04-14 13:43:24 +02:00
Maria Matejka
22a0900ec2 BFD: fixed a request pickup race condition
When several BGPs requested a BFD session in short time, chances were
that the second BGP would file a request while the pickup routine was
still running and it would get enqueued into the waiting list instead of
being picked up.

Fixed this by enforcing pickup loop restart when new requests got added,
and also by atomically moving the unpicked requests to a temporary list
to announce admin down before actually being added into the wait list.
2023-04-06 12:48:02 +02:00
Maria Matejka
4a69a64745 BGP: set free bind also for connect sockets if configured 2023-04-04 17:00:59 +02:00
Maria Matejka
e33902e15c BGP now has its own loop 2023-04-04 17:00:59 +02:00
Maria Matejka
836e857b30 Sockets: Unified API for main and other loops
Now sk_open() requires an explicit IO loop to open the socket in. Also
specific functions for socket RX pause / resume are added to allow for
BGP corking.

And last but not least, socket reloop is now synchronous to resolve
weird cases of the target loop stopping before actually picking up the
relooped socket. Now the caller must ensure that both loops are locked
while relooping, and this way all sockets always have their respective
loop.
2023-04-04 17:00:59 +02:00
Maria Matejka
571c4f69bf More efficient IO loop event execution to avoid long loops
If there are lots of loops in a single thread and only some of the loops
are actually active, the other loops are now kept aside and not checked
until they actually get some timers, events or active sockets.

This should help with extreme loads like 100k tables and protocols.

Also ping and loop pickup mechanism was allowing subtle race
conditions. Now properly handling collisions between loop ping and pickup.
2023-04-04 17:00:59 +02:00
Maria Matejka
731ec00840 Allowing to restart a route refresh.
Repeated pipe refeed should not end route refresh as the prune routine
may start pruning otherwise valid routes.

The same applies for BGP repeated route refresh.
2023-04-04 17:00:58 +02:00
Maria Matejka
90de93ca03 Fixed unwanted reloads while reconfiguring protocols with import table on 2023-04-04 17:00:58 +02:00
Maria Matejka
adbce76517 BGP: show detailed TX state in show proto all output 2023-04-04 17:00:58 +02:00
Maria Matejka
6543303ad4 BFD notifications respect protocol loop settings 2023-04-04 17:00:58 +02:00
Maria Matejka
2b712554d1 BGP: Free bind applies also to outbound connections
Even though the free bind option is primarily meant to alleviate problems
with addresses assigned too late, it's also possible to use BIRD with AnyIP
configuration, assigning whole ranges to the machine. Therefore free bind
allows also to create an outbound connection from specific address even though
such address is not assigned.
2023-03-16 19:23:33 +01:00
Ondrej Zajicek
913ec57f27 BGP: Update RFC references 2023-02-19 15:42:18 +01:00
Maria Matejka
a2fd889a3b Merge commit '0bb04d5390f21b0c96fc4894ba5d5510c541f0ef' into HEAD 2023-02-07 14:27:23 +01:00
Maria Matejka
0bb04d5390 BGP: opening and closing listening socket asynchronously 2023-02-07 11:52:03 +01:00
Maria Matejka
c354e8f4c1 Interface updates are asynchronous
Instead of propagating interface updates as they are loaded from kernel,
they are enqueued and all the notifications are called from a
protocol-specific event. This change allows to break the locking loop
between protocols and interfaces.

Anyway, this change is based on v2 branch to keep the changes between v2
and v3 smaller.
2023-02-02 15:57:21 +01:00
Maria Matejka
05d8c3699d Object locks use events
Instead of calling custom hooks from object locks, we use standard event
sending mechanism to inform protocols about object lock changes. This is
a backport from version 3 where these events are passed across threads.

This implementation of object locks doesn't use mutexes to lock the
whole data structure. In version 3, this data structure may get accessed
from multiple threads and must be protected by mutex.
2023-01-26 13:22:28 +01:00
Maria Matejka
f7c2a886c9 Object locks use events
Instead of calling custom hooks from object locks, we use standard event
sending mechanism to inform protocols about object lock changes. As
event sending is lockless, the unlocking protocol simply enqueues the
appropriate event to the given loop when the locking is done.
2023-01-24 11:34:36 +01:00
Maria Matejka
02b2a4ecaa Merge commit '3186ffe79714a48542d5ad61a94c81216b522fd0' into thread-next 2023-01-24 09:45:40 +01:00
Maria Matejka
985c060342 Merge commit '3859e4efc1597368df647323c5a3cc1771cb64ca' into thread-next 2023-01-21 23:45:13 +01:00
Ondrej Zajicek
af611f93aa BGP: Add received role value to role mismatch log message 2023-01-20 15:55:47 +01:00
Ondrej Zajicek
3859e4efc1 BGP: Improve handling of hold and keepalive timers
The effective keepalive time now scales relative to the negotiated
hold time, to maintain proportion between the keepalive time and the
hold time. This avoids issues when both keepalive and hold times
were configured, the hold time was negotiated to a smaller value,
but the keepalive time stayed the same.

Add new options 'min hold time' and 'min keepalive time', which reject
session attempts with too small hold time.

Improve validation of config options an their documentation.

Thanks to Alexander Zubkov and Sergei Goriunov for suggestions.
2022-12-09 05:53:24 +01:00
Maria Matejka
54179a1ab3 Merge commit '8f79e6b9' into thread-next 2022-11-07 10:24:56 +01:00
Maria Matejka
34e803c6c3 Merge commit '54430df9' into thread-next 2022-11-07 10:09:01 +01:00
Maria Matejka
fdacb89a53 BGP refeed and reload with Adj-RIB-In/Out is done without route refresh 2022-10-12 10:05:16 +02:00
Maria Matejka
26552a7ec8 Fixed BGP reload limits 2022-10-12 10:05:14 +02:00
Maria Matejka
6abef2b20b BGP: End route refresh before another starts 2022-10-12 10:03:55 +02:00
Ondrej Zajicek
8f79e6b93e BGP: Add option 'next hop prefer global'
Add BGP channel option 'next hop prefer global' that modifies BGP
recursive next hop resolution to use global next hop IPv6 address instead
of link-local next hop IPv6 address for immediate next hop of received
routes.
2022-10-10 05:06:19 +02:00
Ondrej Zajicek
54430df953 BGP: Do not assume that all channels are struct bgp_channel
In principle, the channel list is a list of parent struct proto and can
contain general structures of type struct channel, That is useful e.g.
for adding MPLS channels to BGP.
2022-10-03 20:18:12 +02:00
Maria Matejka
636bc44e61 Exporter routine refactoring to allow for nicer table locking 2022-09-05 12:19:38 +02:00
Maria Matejka
397fec4741 Default tables are not created unless actually used.
This allows for setting default table values at the beginning of config
file before "master4" and "master6" tables are initialized.
2022-09-01 17:44:46 +02:00
Maria Matejka
12ae5d1b6b Merge commit '971721c9' into thread-next 2022-08-05 10:26:13 +02:00
Maria Matejka
5a96b9b124 Merge commit '97476e00' into thread-next
Had to fix route source locking inside BGP export table as we need to
keep the route sources properly allocated until even last BGP pending
update is sent out, therefore the export table printout is accurate.
2022-08-03 14:07:53 +02:00
Maria Matejka
97476e002d BGP: The bucket/prefix hashes are now a resource to allow for proper cleanup 2022-08-03 11:57:29 +02:00
Maria Matejka
71b434a987 Merge commit 'f0507f05ce57398e135651896dace4cb68eeed54' into thread-next 2022-08-02 22:08:59 +02:00
Maria Matejka
449cd471ad BGP: respecting table cork 2022-08-02 17:34:38 +02:00
Ondrej Zajicek
2e484f8d29 Merge branch 'master' into backport 2022-07-24 20:08:02 +02:00
Maria Matejka
08c8484608 Merge commit '94eb0858' into thread-next 2022-07-18 12:33:00 +02:00
Ondrej Zajicek
971721c9b5 BGP: Minor improvements to BGP roles
Add support for bgp_otc in filters and warning for configuration
inside confederations.
2022-07-12 15:03:17 +02:00
Maria Matejka
bc2ce4aaa8 Removing the rte_modify API
For BGP LLGR purposes, there was an API allowing a protocol to directly
modify their stale routes in table before flushing them. This API was
called by the table prune routine which violates the future locking
requirements.

Instead of this, BGP now requests a special route export and reimports
these routes into the table, allowing for asynchronous execution without
locking the table on export.
2022-07-12 14:45:27 +02:00
Maria Matejka
080cbd1219 Route refresh in tables uses a stale counter.
Until now, we were marking routes as REF_STALE and REF_DISCARD to
cleanup old routes after route refresh. This needed a synchronous route
table walk at both beginning and the end of route refresh routine,
marking the routes by the flags.

We avoid these walks by using a stale counter. Every route contains:
  u8 stale_cycle;
Every import hook contains:
  u8 stale_set;
  u8 stale_valid;
  u8 stale_pruned;
  u8 stale_pruning;

In base_state, stale_set == stale_valid == stale_pruned == stale_pruning
and all routes' stale_cycle also have the same value.

The route refresh looks like follows:
+ ----------- + --------- + ----------- + ------------- + ------------ +
|             | stale_set | stale_valid | stale_pruning | stale_pruned |
| Base        |     x     |      x      |        x      |       x      |
| Begin       |    x+1    |      x      |        x      |       x      |
  ... now routes are being inserted with stale_cycle == (x+1)
| End         |    x+1    |     x+1     |        x      |       x      |
  ... now table pruning routine is scheduled
| Prune begin |    x+1    |     x+1     |       x+1     |       x      |
  ... now routes with stale_cycle not between stale_set and stale_valid
      are deleted
| Prune end   |    x+1    |     x+1     |       x+1     |      x+1     |
+ ----------- + --------- + ----------- + ------------- + ------------ +

The pruning routine is asynchronous and may have high latency in
high-load environments. Therefore, multiple route refresh requests may
happen before the pruning routine starts, leading to this situation:

| Prune begin |    x+k    |     x+k     |    x -> x+k   |       x      |
  ... or even
| Prune begin |   x+k+1   |     x+k     |    x -> x+k   |       x      |
  ... if the prune event starts while another route refresh is running.

In such a case, the pruning routine still deletes routes not fitting
between stale_set and and stale_valid, effectively pruning the remnants
of all unpruned route refreshes from before:

| Prune end   |    x+k    |     x+k     |       x+k     |      x+k     |

In extremely rare cases, there may happen too many route refreshes
before any route prune routine finishes. If the difference between
stale_valid and stale_pruned becomes more than 128 when requesting for
another route refresh, the routine walks the table synchronously and
resets all the stale values to a base state, while logging a warning.
2022-07-12 12:22:41 +02:00
Eugene Bogomazov
c73b5d2d3d BGP: Implement BGP roles
Implement BGP roles as described in RFC 9234. It is  a mechanism for
route leak prevention and automatic route filtering based on common BGP
topology relationships. It defines role capability (controlled by 'local
role' option) and OTC route attribute, which is used for automatic route
filtering and leak detection.

Minor changes done by commiter.
2022-07-11 17:25:54 +02:00
Maria Matejka
6b0368cc2c Export tables merged with BGP prefix hash
Until now, if export table was enabled, Nest was storing exactly the
route before rt_notify() was called on it. This was quite sloppy and
spooky and it also wasn't reflecting the changes BGP does before
sending. And as BGP is storing the routes to be sent anyway, we are
simply keeping the already-sent routes in there to better rule out
unneeded reexports.

Some of the route attributes (IGP metric, preference) make no sense in
BGP, therefore these will be probably replaced by something sensible.
Also the nexthop shown in the short output is the BGP nexthop.
2022-07-11 16:07:09 +02:00
Maria Matejka
becab5072d Import tables are stored as an attribute layer inside the main tables.
The separate import tables were too memory-greedy, there is no need for
them being stored as full-sized tables.
2022-06-20 11:56:38 +02:00
Maria Matejka
5051e3c4af Merge commit '17f91f9e6e70f7e3f29502e854823c0d48571eaa' into haugesund 2022-05-30 16:59:24 +02:00
Maria Matejka
b3649ec77e Merge commit 'ef6a903e6f44b467f9606018446095521ad01ef1' into haugesund 2022-05-30 16:20:35 +02:00
Maria Matejka
45af19dd99 Merge commit '652be92a21f5575e5f74f6abe98eb4200b86776c' into haugesund 2022-05-30 15:36:54 +02:00
Maria Matejka
d7b077f5d6 Merge commit '4a23ede2b056a41456790cc20a0c3d92a7137693' into haugesund 2022-05-30 15:31:19 +02:00
Maria Matejka
652be92a21 Merge remote-tracking branch 'origin/master' into haugesund-to-2.0 2022-05-30 15:20:21 +02:00
Ondrej Zajicek
a9c19b923c BGP: Display neighbor port on show protocol 2022-05-21 16:21:34 +02:00
Maria Matejka
17f91f9e6e Explicit definition structures of route attributes
Changes in internal API:

* Every route attribute must be defined as struct ea_class somewhere.
* Registration of route attributes known at startup must be done by
  ea_register_init() from protocol build functions.
* Every attribute has now its symbol registered in a global symbol table
  defined as SYM_ATTRIBUTE
* All attribute ID's are dynamically allocated.
* Attribute value custom formatting hook is defined in the ea_class.
* Attribute names are the same for display and filters, always prefixed
  by protocol name.

Also added some unit testing code for filters with route attributes.
2022-05-04 15:39:19 +02:00
Maria Matejka
ef6a903e6f Splitting route data structures out to lib 2022-05-04 15:37:41 +02:00
Maria Matejka
4a23ede2b0 Protocols have their own explicit init routines 2022-04-06 18:14:08 +02:00
Maria Matejka
41572e0c1b Merge commit 'f81702b7' into haugesund 2022-03-09 15:03:48 +01:00
Maria Matejka
24773af9e0 Merge commit 'e42eedb9' into haugesund 2022-03-09 11:02:55 +01:00
Maria Matejka
06ece3265e Replacing BGP temporary linpools by the common temporary linpool 2022-03-02 12:13:49 +01:00
Ondrej Zajicek (work)
53a2540687 Merge branch 'oz-trie-table' 2022-02-06 23:42:10 +01:00
Ondrej Zajicek (work)
1f2eb2aca8 BGP: Implement flowspec validation procedure
Implement flowspec validation procedure as described in RFC 8955 sec. 6
and RFC 9117. The Validation procedure enforces that only routers in the
forwarding path for a network can originate flowspec rules for that
network.

The patch adds new mechanism for tracking inter-table dependencies, which
is necessary as the flowspec validation depends on IP routes, and flowspec
rules must be revalidated when best IP routes change.

The validation procedure is disabled by default and requires that
relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
60e9def9ef BGP: Add option 'free bind'
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND
socket option for the BGP listening socket.

Thanks to Alexander Zubkov for the idea.
2022-01-09 02:44:32 +01:00
Maria Matejka
f0507f05ce Route sources have an explicit owner
This commit prevents use-after-free of routes belonging to protocols
which have been already destroyed, delaying also all the protocols'
shutdown until all of their routes have been finally propagated through
all the pipes down to the appropriate exports.

The use-after-free was somehow hypothetic yet theoretically possible in
rare conditions, when one BGP protocol authors a lot of routes and the
user deletes that protocol by reconfiguring in the same time as next hop
update is requested, causing rte_better() to be called on a
not-yet-pruned network prefix while the owner protocol has been already
freed.

In parallel execution environments, this would happen an inter-thread
use-after-free, causing possible heisenbugs or other nasty problems.
2021-11-22 19:05:44 +01:00
Maria Matejka
94eb0858c2 Converting the former BFD loop to a universal IO loop and protocol loop.
There is a simple universal IO loop, taking care of events, timers and
sockets. Primarily, one instance of a protocol should use exactly one IO
loop to do all its work, as is now done in BFD.

Contrary to previous versions, the loop is now launched and cleaned by
the nest/proto.c code, allowing for a protocol to just request its own
loop by setting the loop's lock order in config higher than the_bird.

It is not supported nor checked if any protocol changed the requested
lock order in reconfigure. No protocol should do it at all.
2021-11-22 19:05:43 +01:00
Maria Matejka
3b20722a1f Table cork: Stop creating updates when there are too many pending.
The corked procedure gets a callback when uncorked. Supported by table
maintenance routines and also BGP.
2021-11-22 19:05:43 +01:00
Maria Matejka
44f26c49f9 Special table hooks rectified.
* internal tables are now more standalone, having their own import and
  export hooks
* route refresh/reload uses stale counter instead of stale flag,
  allowing to drop walking the table at the beginning
* route modify (by BGP LLGR) is now done by a special refeed hook,
  reimporting the modified routes directly without filters
2021-11-22 19:05:43 +01:00
Maria Matejka
f81702b7e4 Table import and export are now explicit hooks.
Channels have now included rt_import_req and rt_export_req to hook into
the table instead of just one list node. This will (in future) allow for:

* channel import and export bound to different tables
* more efficient pipe code (dropping most of the channel code)
* conversion of 'show route' to a special kind of export
* temporary static routes from CLI

The import / export states are also updated to the new algorithms.
2021-11-22 18:33:53 +01:00
Maria Matejka
d471d5fc7c IGP metric getter refactoring to protocol callback
Direct protocol hooks for IGP metric inside nest/rt-table.c make the
protocol API unnecessarily complex. Instead, we use a proper callback.
2021-10-13 19:09:04 +02:00
Ondrej Zajicek (work)
91d0458389 BGP: Ensure that freed neighbor entry is not accessed
Routes from downed protocols stay in rtable (until next rtable prune
cycle ends) and may be even exported to another protocol. In BGP case,
source BGP protocol is examined, although dynamic parts (including
neighbor entries) are already freed. That may lead to crash under some
race conditions. Ensure that freed neighbor entry is not accessed to
avoid this issue.
2021-06-01 02:20:26 +02:00
Ondrej Zajicek (work)
5a6e8380f8 BGP: Do not show statistics
BGP statistics code was preliminary and i wanted to replace it by
separate 'show X stats' command. The patch hides the preliminary
output in 'show protocols all' so it is not part of the released
version.
2021-03-18 15:44:04 +01:00
Vincent Bernat
714238716e BGP: Add support for BGP hostname capability
This is an implementation of draft-walton-bgp-hostname-capability-02.
It is implemented since quite some time for FRR and in datacenter, this
gives a nice output to avoid using IP addresses.

It is disabled by default. The hostname is retrieved from uname(2) and
can be overriden with "hostname" option. The domain name is never set
nor displayed.

Minor changes by committer.
2021-02-10 16:53:57 +01:00
Ondrej Zajicek (work)
4155104c90 BGP: Deprecate 'missing lladdr' option
The option is not implemented since transition to 2.0 and no plan to add it.
Also remove some deprecated RTS_* valus from documentation.

Thanks to Sébastien Parisot for notification.
2021-01-06 14:44:23 +01:00
Ondrej Zajicek (work)
9d3fc3062b BFD: Allow per-request session options
BFD session options are configured per interface in BFD protocol. This
patch allows to specify them also per-request in protocols requesting
sessions (currently limited to BGP).
2020-11-08 15:33:22 +01:00
Ondrej Zajicek (work)
757cab18d6 BGP: Support for MD5SIG together with remote range
When dynamic BGP with remote range is configured, MD5SIG needs to use
newer socket option (TCP_MD5SIG_EXT) to specify remote addres range for
listening socket.

Thanks to Adam Kułagowski for the suggestion.
2020-02-27 17:29:17 +01:00
Ondrej Zajicek (work)
21d09632a5 BGP: Add some statistics
Add some statistic counters to BGP consistent with BGP MIB (RFC 4273),
including persistent 'FSM established transitions'.
2019-12-03 18:05:41 +01:00
Ondrej Zajicek (work)
0b228fca04 BGP: Add option to enforce first AS in AS_PATH
This is optional check described in RFC 4271. Although this can be also
done by filters, it is widely implemented option in BGP implementations.

Thanks to Eugene Bogomazov for the original patch.
2019-11-10 02:06:07 +01:00
Ondrej Zajicek (work)
be7c1aef42 BGP: RFC 8654 got released 2019-10-26 01:32:24 +02:00
Ondrej Zajicek (work)
6c9cda6f92 BGP: Fix reconfiguration with import table
Change of some options requires route refresh, but when import table is
active, channel reload is done from it instead of doing full route
refresh. So in this case we request it internally.
2019-10-10 23:33:40 +02:00
Ondrej Zajicek (work)
09ee846d92 BGP: AIGP metric support (RFC 7311) 2019-10-09 17:53:23 +02:00
Ondrej Zajicek (work)
eb1e43a9af BGP: Fix setup with multiple dynamic BGP ranges
Based on a patch from Liam Nattrass, thanks.
2019-09-17 14:45:14 +02:00
Ondrej Zajicek (work)
524d253853 BGP: Implement extended optional parameters length
Extends BGP options/capabilities data length to 16bit, to avoid issues
with too many capabilities. See draft-ietf-idr-ext-opt-param-07
2019-08-20 19:15:50 +02:00
Ondrej Zajicek (work)
b7d7599ce3 BGP: implement Adj-RIB-Out
The patch implements optional internal export table to a channel and
hooks it to BGP so it can be used as Adj-RIB-Out. When enabled, all
exported (post-filtered) routes are stored there. An export table can be
examined using e.g. 'show route export table bgp1.ipv4'.
2019-08-14 06:02:33 +02:00
Ondrej Zajicek (work)
e2b530aa72 BGP: Improve reconfiguration
Several BGP channel options (including 'next hop self') could be
reconfigured without session reset, with just route refeed/refresh.
The patch improves reconfiguration code to do it that way.
2019-08-06 15:29:06 +02:00
Ondrej Zajicek (work)
cec40a7467 Merge remote-tracking branch 'origin/mq-filter-stack' 2019-07-24 15:38:32 +02:00
Ondrej Zajicek (work)
15b0a92294 RPKI: Fix reconfiguration when ssh parameters are undefined 2019-07-23 01:52:18 +02:00
Ondrej Zajicek (work)
cf7ff99513 BFD: Support for VRFs
Allow multiple BFD instances in separate VRFs, dispatch BFD requests
according to VRFs.

Thanks to Alexander Zubkov for notice and patches.
2019-07-17 16:20:35 +02:00
Maria Matejka
eac9250fd5 Merge branch 'master' into mq-filter-stack 2019-07-03 11:12:25 +02:00
Ondrej Zajicek (work)
8a68316eb9 Nest: Add command to request graceful restart
When 'graceful down' command is entered, protocols are shut down
with regard to graceful restart. Namely Kernel protocol does
not remove routes and BGP protocol does not send notification,
just closes the connection.
2019-06-30 21:29:24 +02:00
Ondrej Zajicek (work)
d35fb9d732 BGP: Fix bug introduced in one of last patches 2019-06-12 16:37:12 +02:00
Alexander Azimov
7ff34ca2cb BGP: Compliance with RFC8203bis 2019-04-30 13:55:43 +02:00
Ondrej Zajicek (work)
0b1e1e1a00 BGP: Output Local AS number in show protocol
Useful for implementation of agents implementing the SNMP-BGP MIB, which
requires the local AS of a session to be specified.

Thanks to Jan-Philipp Litza for the patch.
2019-04-30 13:44:11 +02:00
Ondrej Zajicek (work)
e0835db4f1 BGP: Dynamic BGP
Support for dynamically spawning BGP protocols for incoming connections.
Use 'neighbor range' to specify range of valid neighbor addresses, then
incoming connections from these addresses spawn new BGP instances.
2019-04-30 13:32:39 +02:00
Ondrej Zajicek (work)
4a50c8bd03 BGP: Handle corner cases in event ordering
When BGP connection is opened, it may happen that rx hook (with remote
OPEN) is called before tx hook (for local OPEN). Therefore, we need to do
internal changes (like setting local_caps) synchronously with OPENSENT
transition and we need to ensure that OPEN is sent before KEEPALIVE.
2019-04-08 16:56:56 +02:00