0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-11-08 12:18:42 +00:00
Commit Graph

4235 Commits

Author SHA1 Message Date
Ondrej Zajicek
c9836207f5 IO: Fix missing return introduced in one of earlier patches 2024-07-30 16:42:32 +02:00
Ondrej Zajicek
df22b3140c IO: Avoid re-binding accepted sockets to VRF
When VRFs are used, BIRD correctly binds listening (and connecting)
sockets to their VRFs but also re-binds accepted sockets to the same VRF.
This is not needed as the interface bind is inherited in this case, and
indeed this redundant bind causes an -EPERM if BIRD is running as
non-root making BIRD close the connection and reject the peer.

Thanks to Christian Svensson for the original patch and Alexander Zubkov
for suggestions.
2024-07-30 16:33:51 +02:00
Maria Matejka
08ff0af898 Additional CLI sockets may now be restricted
This allows to have one main socket for the heavy operations
very restricted just for the appropriate users, whereas the
looking glass socket may be more open.

Implemented an idea originally submitted and requested by Akamai.
2024-06-27 04:14:39 +02:00
Maria Matejka
f3b6661ddd Additional CLI sockets can be now configured in the config file
If the user has such a need, they may configure additional sockets
in the config file. This may work for e.g. some advanced access control.
2024-06-27 04:14:38 +02:00
Maria Matejka
a95fff3793 CLI now has a configuration structure 2024-06-27 04:14:38 +02:00
Maria Matejka
09f50f3766 Typed lists: added forgotten #undef 2024-06-27 04:14:38 +02:00
Maria Matejka
f27004fb4d Backported typed list updates from v3
Source: dda37842dc
2024-06-27 04:14:38 +02:00
Ondrej Zajicek
333c7e8536 Doc: Minor cleanups in BFD documentation 2024-06-26 16:38:03 +02:00
Alexander Zubkov
8a40bccffe BFD: Add option to accept zero checksum for IPv6 UDP packets
Some vendors do not fill the checksum for IPv6 UDP packets.
For interoperability with such implementations one can set
UDP_NO_CHECK6_RX socket option on Linux.

Thanks to Ville O for the suggestion.

Minor changes by committer.
2024-06-26 16:29:57 +02:00
Ondrej Zajicek
00b139bd25 Kernel: Do not use route replace when krt_metric differs
The krt_metric is a part of the primary key, so it cannot differ for
route replace operation.

Thanks to Leif Jakob for the bugreport.
2024-05-30 16:12:15 +02:00
Ondrej Zajicek
a5b4c21d81 Filter: Silence some warnings in clang 2024-05-30 02:40:55 +02:00
Ondrej Zajicek
3327d61298 Lib: Fix BSD build 2024-05-30 02:11:06 +02:00
Ondrej Zajicek
c130b4e1ae Lib: Use access() function attribute 2024-05-29 13:03:10 +02:00
Ondrej Zajicek
2d6fb31cd1 Lib: Use alloc_size() function attribute 2024-05-28 16:41:24 +02:00
Ondrej Zajicek
e29f134ad9 BFD: Fix build when BFD is disabled
Move bfd_opts grammar inside BFD parser code to avoid dependences between
nest and BFD grammars, which breaks when BFD build is disabled.

Add dummy bfd_opts grammar rule, so protocols can use this nonterminal
even with BFD disabled.

Thanks to Yuri Honegger for the bugreport.
2024-05-28 15:31:52 +02:00
Maria Matejka
765debf523 Formalized our contribution policy which we're currently applying 2024-05-07 17:34:57 +02:00
Ondrej Zajicek
d0512ba74b Doc: BFD update 2024-04-17 17:07:47 +02:00
Katerina Kubecova
e6dbde6883 BFD: Set password per session 2024-04-16 15:30:59 +02:00
Ondrej Zajicek
13c10ee062 Doc: Fix datetime format for password entries
In BIRD 1, we used DD-MM-YYYY, while in BIRD 2 we switched to the usual
format YYYY-MM-DD.

Thanks to Janne Pisilä for the bugreport.
2024-04-11 18:54:23 +02:00
Ondrej Zajicek
280daed57d OSPF: Allow loopback nexthop in OSPFv3-IPv4
In OSPFv3-IPv4 there is no requirement that link-local next hop announced
in Link-LSA must be in interface address range. Therefore, for interfaces
that do not have IPv4 address we can use some loopback IP address and
announce it as a next hop. Also we should accept such address.
2024-04-04 18:37:26 +02:00
Maria Matejka
bc10975adb ASPA: checks done in filters; no autoreload yet 2024-03-25 14:15:30 +01:00
Maria Matejka
08571b2059 ASPA: basic data structures and Static protocol support 2024-03-25 14:15:30 +01:00
Maria Matejka
b95dc8f29f Expanded usage of stdbool.h to the whole BIRD 2024-03-25 09:39:58 +01:00
Ondrej Zajicek
0b684a43bd NEWS and version update 2024-03-22 01:40:43 +01:00
Ondrej Zajicek
a698f8d917 Static: Fix invalid combination of nexthop options
BFD requires defined local IP, but for nexthop with onlink there might
not be such address. So we reject this combination of nexthop options.
This prevent crash where such combination of options is used.
2024-03-22 00:40:06 +01:00
Ondrej Zajicek
d21a508e8d Revert "OSPF: On physical PtP links, skip next-hop resolving"
This reverts commit 31aa62ae6d.
2024-03-21 15:59:26 +01:00
Ondrej Zajicek
46a4932574 Merge commit '44e351d1522f0099687aac9fd65dcea73a04af43' 2024-03-21 15:58:52 +01:00
Ondrej Zajicek
66d6ac7085 Babel: Fix build with limited set of protocols 2024-03-19 15:39:46 +01:00
Ondrej Zajicek
06209c1917 Aggregator: Fix build with limited set of protocols 2024-03-19 15:39:19 +01:00
Michal Zagorski
099898ffdd Static: Fix build with limited set of protocols 2024-03-11 12:57:13 +01:00
Ondrej Zajicek
adfff44878 NEWS and version update 2024-03-10 18:57:04 +01:00
Ondrej Zajicek
1b064355f7 Client: Add support for completion of command options
We can easily extend command completion to handle also keywords for
command options. Help for command options is not yet supported.
2024-03-05 19:04:10 +01:00
Ondrej Zajicek
114be2af28 Filter: Add route attribute gw_mpls_stack
Add route attribute gw_mpls_stack to make MPLS stack of route nexthop
accessible from filters. Its type is T_CLIST, which is really not correct
(as it is a list, while T_CLIST is a set). Therefore, we keep this
attribute *undocumented* and it will be *changed* without further notice.

Based on a patch from Trisha Biswas <tbiswas@fastly.com>, thanks!
2024-03-05 16:47:08 +01:00
Ondrej Zajicek
26dd61ee7f BFD: Add arguments to 'show bfd sessions' command
Add several arguments to 'show bfd sessions' command to filter
the list of sessions.
2024-03-05 00:02:16 +01:00
Ondrej Zajicek
4737937375 BFD: Improve 'show bfd sessions all' command 2024-03-04 23:51:37 +01:00
Katerina Kubecova
a48dc5efe0 BFD: Show session for ip / ip prefix 2024-03-04 23:35:10 +01:00
Katerina Kubecova
37bf207843 BFD: show bfd sessions all 2024-03-04 23:35:10 +01:00
Job Snijders
e2728c8078 RPKI: Add 'local address' configuration option
Allow to explicitly configure the source IP address for RPKI-To-Router
sessions. Predictable source addresses are useful for minimizing the
holes to be poked in ACLs.

Changed from 'source address' to 'local address' by committer.
2024-02-22 14:58:29 +01:00
Ondrej Zajicek
2d0652dd10 BGP: Maintain valid route attribute flags even in local tables
BGP route attributes have flags (Optional, Transitive) that are validated
on decode and set to valid value on export. But if such attribute is
modified by filter or set internally by BGP during import, then its flags
would be zero in local tables. That usually does not matter, as they are
not used locally and they were fixed on export, but invalid flags leaked
in BMP and MRT dumps.

Keep route attribute flags set to valid values even when set by filters
or modified by BGP.
2024-02-20 17:39:05 +01:00
Job Snijders
44a16bff6c BGP: Update SendHoldTimer BGP Error code
IANA registered an "Early Allocation" BGP Error code for 'Send Hold
Timer Expired' event. Update BIRD to use that error code.
2024-02-18 09:06:52 +01:00
Ondrej Zajicek
c3335b5044 Static: Allow to define both nexthop and interface
Allow to define both nexthop and interface using iproute2-like syntax,
e.g.: route 10.0.0.0/16 via 10.1.0.1 dev "eth0";

Now we can avoid to use link-local scope hack (e.g. 10.1.0.1%eth0)
for cases where both nexthop and interface have to be defined.

Thanks to Marcin Saklak for the suggestion.
2024-02-16 18:44:40 +01:00
Ondrej Zajicek
5c04f0e235 Netlink: Fix spelling of krt_ssthresh / krt_lock_ssthresh
BIRD route attribute for RTAX_SSTHRESH metric was krt_sstresh instead of
krt_ssthresh. Fix that and keep old name as an depreacted alias.
2024-02-16 15:00:03 +01:00
Ondrej Zajicek
e68363909c Netlink: Cleanups in route metrics
- Add krt_fastopen_no_cookie atttibute
- Add missing krt_lock_* bits
- Fix krt_feature_allfrag
- Fix type of EA_KRT_LOCK and EA_KRT_FEATURES
2024-02-16 15:00:03 +01:00
Ondrej Zajicek
225943eaea Filter: Add support for setting TCP congestion control algorithm
Allow to set TCP congestion control algorithm using krt_congctl
route attribute.

Based on patch from Trisha Biswas <tbiswas@fastly.com>, thanks!
2024-02-14 14:29:19 +01:00
Ondrej Zajicek
224a152c53 Filter: Add support for string route attribute 2024-02-14 14:29:19 +01:00
Alexander Zubkov
574d7eb241 BGP: Allow multiple EBGP neighbors with the same peer.
We can distinguish BGP sessions if at least one side uses a different IP
address. Extend olock mechanism to handle local IP as a part of key, with
optional wildcard, so BGP sessions could local IP in the olock and not
block themselves.
2024-02-07 19:11:10 +01:00
Inrin
0b52f7c01f birdc: Do not execute cmd on noninteractive help request
The help command triggered by '?' keeps the message in readline buffer,
so it could be edited. For noninteractive shell it leads to an unexpected
side effect that `echo <cmd> ? | birdc` executes the command <cmd> after
showing its help. Avoid this by clearing the readline buffer in such case.
2024-02-06 19:03:14 +01:00
Ondrej Zajicek
ff2ebdc7e1 BGP: Increase max length of notification data in error logs
Increase max length of notification data in error logs from 16 to 128.
There is already enough space in the buffer.

Thanks to Marco d'Itri for the suggestion.
2024-02-06 18:34:55 +01:00
Ondrej Zajicek
f40e2bc270 Nest: Fix bug in recursive routes with MPLS-labeled nexthops
When a recursive route with MPLS-labeled nexthop was exported to kernel
and read back, the nexthop_same() failed due to different labels_orig
field and kernel protocol reinstalled it unnecessarily.

For comparing hext hops, route cache has to distinguish ones with
different labels_orig, but KRT has to ignore that, so we need two
nexthop compare functions.

Thanks to Marcel Menzel for the bugreport.
2024-01-27 17:38:06 +01:00
Katerina Kubecova
472be46f7a Filter: Tests for net_addr
Minor changes by committer.
2024-01-22 07:08:11 +01:00