0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-23 10:11:53 +00:00
Commit Graph

212 Commits

Author SHA1 Message Date
Maria Matejka
54ddf90f63 Conf: debug tables
For now just a dummy config but it is needed for forward
compatibility with v3.
2023-12-07 14:38:05 +01:00
Ondrej Zajicek
3397ca51f8 Nest: Fix missing RTS_* values in filters 2023-10-04 13:12:05 +02:00
Ondrej Zajicek
9ca86ef69c MPLS: Add support for per-VRF labeling policy
The new labeling policy MPLS_POLICY_VRF assigns one label to all routes
(from the same FEC map associated with one VRF), while replaces their
next hops with a lookup to a VRF table. This is useful for L3VPN
protocol.
2023-10-04 13:01:21 +02:00
Ondrej Zajicek
333ddd4f98 MPLS subsystem
The MPLS subsystem manages MPLS labels and handles their allocation to
MPLS-aware routing protocols. These labels are then attached to IP or VPN
routes representing label switched paths -- LSPs.

There was already a preliminary MPLS support consisting of MPLS label
net_addr, MPLS routing tables with static MPLS routes, remote labels in
next hops, and kernel protocol support.

This patch adds the MPLS domain as a basic structure representing local
label space with dynamic label allocator and configurable label ranges.
To represent LSPs, allocated local labels can be attached as route
attributes to IP or VPN routes with local labels as attributes.

There are several steps for handling LSP routes in routing protocols --
deciding to which forwarding equivalence class (FEC) the LSP route
belongs, allocating labels for new FECs, announcing MPLS routes for new
FECs, attaching labels to LSP routes. The FEC map structure implements
basic code for managing FECs in routing protocols, therefore existing
protocols can be made MPLS-aware by adding FEC map and delegating
most work related to local label management to it.
2023-10-04 13:01:21 +02:00
Maria Matejka
51f2e7afaf Conf: Symbol manipulation gets its context explicitly 2023-09-12 15:36:46 +02:00
Maria Matejka
8e177cf35b Conf: Symbol hashes for all scopes
This is a backport cherry-pick of commits
  165156beeb
  cce974e8ea

from the v3.0 branch as we need symbol hashes directly inside their
scopes for more general usage than before.
2023-09-12 15:20:50 +02:00
Ondrej Zajicek
f5140d1027 Conf: Allow keywords to be redefined by user symbols
Most syntactic constructs in BIRD configuration (e.g. protocol options)
are defined as keywords, which are distinct from symbols (user-defined
names for protocols, variables, ...). That may cause backwards
compatibility issue when a new feature is added, as it may collide with
existing user names.

We can allow keywords to be shadowed by symbols in almost all cases to
avoid this issue.

This replaces the previous mechanism, where shadowable symbols have to be
explictly added to kw_syms.
2023-08-25 23:50:44 +02:00
Ondrej Zajicek
32427c9ce1 Nest: Fix missing bar in kw_sym
Thanks to Alexander Zubkov for the notice.
2023-08-25 04:29:32 +02:00
Ondrej Zajicek
f411a19bb0 Conf: Use nonterminal bytestring instead of BYTETEXT
Nonterminal bytestring allows to provide expressions to be evaluated in
places where BYTETEXT is used now: passwords, radv custom option.

Based on the patch from Alexander Zubkov <green@qrator.net>, thanks!
2023-08-24 16:59:23 +02:00
Alexander Zubkov
0dbcc92726 Filter: Use more generic approach for intra-config expressions
Replace f_eval_int() function with a type-generic variant: cf_eval().
Implement similar fuction: cf_eval_int() via inline call to cf_eval().
2023-08-24 04:45:55 +02:00
Alexander Zubkov
fc3547880a Filter: Add bytestring type
- Rename BYTESTRING lexem to BYTETEXT, not to collide with 'bytestring' type name
 - Add bytestring type with id T_BYTESTRING (0x2c)
 - Add from_hex() filter function to create bytestring from hex string
 - Add filter test cases for bytestring type

Minor changes by committer.
2023-08-24 04:33:33 +02:00
Ondrej Zajicek
a8a64ca0fe Conf: Improve handling of keywords
For whatever reason, parser allocated a symbol for every parsed keyword
in each scope. That wasted time and memory. The effect is worsened with
recent changes allowing local scopes, so keywords often promote soft
scopes (with no symbols) to real scopes.

Do not allocate a symbol for a keyword. Take care of keywords that could
be promoted to symbols (kw_sym) and do it explicitly.
2023-04-27 18:41:01 +02:00
Johannes Moos
231c63851e Add missing references to "show route in" in the cli-help and doc.
The feature of showing all prefixes inside the given one has been added
in v2.0.9 but not well documented. Fixing it by this update.

Text in doc and commit message added by commiter.
2023-03-18 15:36:05 +01:00
Alexander Zubkov
5aebce5e0c Doc: Add documentation for "show route (import|export) table" 2022-10-18 04:25:29 +02:00
Maria Matejka
2e5bfeb73a Merge remote-tracking branch 'origin/master' into backport 2022-07-11 11:08:10 +02:00
Maria Matejka
7e9cede1fd Merge version 2.0.10 into backport 2022-07-10 14:19:24 +02:00
Ondrej Zajicek (work)
a2527ee53d Filter: Improve handling of stack frames in filter bytecode
When f_line is done, we have to pop the stack frame. The old code just
removed nominal number of args/vars. Change it to use stored ventry value
modified by number of returned values. This allows to allocate variables
on a stack frame during execution of f_lines instead of just at start.

But we need to know the number of returned values for a f_line. It is 1
for term, 0 for cmd. Store that to f_line during linearization.
2022-06-27 21:13:32 +02:00
Ondrej Zajicek
a8a3d95be5 Nest: Improve GC strategy for rtables
Use timer (configurable as 'gc period') to schedule routing table
GC/pruning to ensure that prune is done on time but not too often.

Randomize GC timers to avoid concentration of GC events from different
tables in one loop cycle.

Fix a bug that caused minimum inter-GC interval be 5 us instead of 5 s.

Make default 'gc period' adaptive based on number of routing tables,
from 10 s for small setups to 600 s for large ones.

In marge multi-table RS setup, the patch improved time of flushing
a downed peer from 20-30 min to <2 min and removed 40s latencies.
2022-06-04 17:34:57 +02:00
Maria Matejka
24773af9e0 Merge commit 'e42eedb9' into haugesund 2022-03-09 11:02:55 +01:00
Ondrej Zajicek (work)
1ae42e5223 Nest: Add routing table configuration blocks
Allow to specify sorted flag, trie fla, and min/max settle time.

Also do not enable trie by default, it must be explicitly enabled.
2022-02-06 23:27:13 +01:00
Ondrej Zajicek (work)
ea97b89051 Nest: Implement 'show route in <addr>' command
Implement 'show route in <addr>' command, which shows all routes in
networks that are subnets of given network. Currently limited to IP
network types.
2022-02-06 23:27:13 +01:00
Maria Matejka
3660f19dd5 Dropping the RTS_DUMMY temporary route storage.
Kernel route sync is done by other ways now and this code is not used
currently.
2021-10-13 19:09:04 +02:00
Ondrej Zajicek (work)
596f2e32e3 Nest: Allow both 'password' and 'key' keywords for authentication keys 2021-06-09 19:54:01 +02:00
Ondrej Zajicek (work)
8eea396baf Nest: Fix password list parsing code
One of previous patches broke password list parsing code, fix that.
2021-06-06 19:10:33 +02:00
Toke Høiland-Jørgensen
589f7d1e4f Nest: Allow MAC algorithms to specify min/max key length
Add min/max key length fields to the MAC algorithm description and
validate configured keys before they are used.
2021-06-06 16:28:18 +02:00
Toke Høiland-Jørgensen
35f88b305a Nest: Allow specifying security keys as hex bytes as well as strings
Add support for specifying a password in hexadecimal format, The result
is the same whether a password is specified as a quoted string or a
hex-encoded byte string, this just makes it more convenient to input
high-entropy byte strings as MAC keys.
2021-06-06 16:28:18 +02:00
Toke Høiland-Jørgensen
725d9af94a Lib: Add Blake2s and Blake2b hash functions
The Babel MAC authentication RFC recommends implementing Blake2s as one of
the supported algorithms. In order to achieve do this, add the blake2b and
blake2s hash functions for MAC authentication. The hashing function
implementations are the reference implementations from blake2.net.

The Blake2 algorithms allow specifying an arbitrary output size, and the
Babel MAC spec says to implement Blake2s with 128-bit output. To satisfy
this, we add two different variants of each of the algorithms, one using
the default size (256 bits for Blake2s, 512 bits for Blake2b), and one
using half the default output size.

Update to BIRD coding style done by committer.
2021-06-06 16:26:58 +02:00
Ondrej Zajicek (work)
0a3db4c680 Minor fixes for restricted builds 2021-03-17 15:56:12 +01:00
Ondrej Zajicek (work)
d3782c72b9 Nest: Add option to control automatic RPKI reload
Also, no automatic reload for BGP channels without import/export table.
2021-02-12 05:05:18 +01:00
Vincent Bernat
714238716e BGP: Add support for BGP hostname capability
This is an implementation of draft-walton-bgp-hostname-capability-02.
It is implemented since quite some time for FRR and in datacenter, this
gives a nice output to avoid using IP addresses.

It is disabled by default. The hostname is retrieved from uname(2) and
can be overriden with "hostname" option. The domain name is never set
nor displayed.

Minor changes by committer.
2021-02-10 16:53:57 +01:00
Ondrej Zajicek (work)
61dae32b29 Nest: Per-channel debug flags
The patch add support for per-channel debug flags, currently just
'states', 'routes', and 'filters'. Flag 'states' is used for channel
state changes, remaining two for routes passed through the channel.
The per-protocol debug flags 'routes'/'filters' still enable reporting
of routes for all channels, to keep existing behavior.

The patch causes minor changes in some log messages.
2020-12-07 22:19:40 +01:00
Ondrej Zajicek (work)
30b8468269 Minor cleanups with cfg_allocz()
Also fixes some more failed asserts due to add_tail().
2020-11-24 04:09:11 +01:00
Ondrej Zajicek (work)
3b56bf8849 BFD: Better handling of BFD options in BGP configs
Merge multiple BFD option blocks in BGP configs instead of using the last
one. That is necessary for proper handling of templates when BFD options
are used both in a BGP template and in a BGP protocol derived from that
template.
2020-11-12 04:02:38 +01:00
Ondrej Zajicek (work)
9d3fc3062b BFD: Allow per-request session options
BFD session options are configured per interface in BFD protocol. This
patch allows to specify them also per-request in protocols requesting
sessions (currently limited to BGP).
2020-11-08 15:33:22 +01:00
Ondrej Zajicek (work)
1ca7665fa4 Nest: Allow key id 0
There is nothing in RFCs specifying that id 0 is not allowed. Some
implementations does not support it, while some other use key id 0 by
default. We allow it but start with key id 1 by default.

Thanks to Kenth Eriksson for the bugreport.
2020-05-19 02:50:47 +02:00
Ondrej Zajicek (work)
5ea39eaa96 Nest: Use bitmaps to keep track of exported routes
Use a hierarchical bitmap in a routing table to assign ids to routes, and
then use bitmaps (indexed by route id) in channels to keep track whether
routes were exported. This avoids unreliable and inefficient re-evaluation
of filters for old routes in order to determine whether they were exported.
2019-11-26 18:39:25 +01:00
Ondrej Zajicek (work)
0edf0c8cd9 Support for address family constants
We already had them defined on BGP level, but they are more general.
2019-11-03 22:25:44 +01:00
Fabrice Fontaine
f9eb9b4cab Nest: Fix build without protocols
(CHECK keyword added by commiter)
2019-10-19 12:50:27 +02:00
Ondrej Zajicek (work)
b7d7599ce3 BGP: implement Adj-RIB-Out
The patch implements optional internal export table to a channel and
hooks it to BGP so it can be used as Adj-RIB-Out. When enabled, all
exported (post-filtered) routes are stored there. An export table can be
examined using e.g. 'show route export table bgp1.ipv4'.
2019-08-14 06:02:33 +02:00
Maria Matejka
2de1e2062e Conf: Fixed symbol redefinition 2019-07-30 14:28:40 +02:00
Ondrej Zajicek (work)
cec40a7467 Merge remote-tracking branch 'origin/mq-filter-stack' 2019-07-24 15:38:32 +02:00
Ondrej Zajicek (work)
18f70a6229 Nest: VRF of protocol can be explicitly specified as 'default'
Protocol can have specified VRF, in such case it is restricted to a set
of ifaces associated with the VRF, otherwise it can use all interfaces.

The patch allows to specify VRF as 'default', in which case it is
restricted to a set of iface not associated with any VRF.
2019-07-24 15:08:03 +02:00
Maria Matejka
84ac62d396 Filter: CLI command to dump all the linearized filters 2019-07-03 08:27:56 +02:00
Maria Matejka
78976974e7 Dynamic attributes definition split whether it is bitmask or not. 2019-07-03 00:00:11 +02:00
Jan Maria Matejka
23e3b1e665 Filter: Some people can't pronounce "postfixify" correctly. Let's try "linearize" instead.
This is just a naming change.
2019-05-22 15:20:02 +00:00
Maria Matejka
9eef9c648c Lexer now returns known sym / unknown sym / keyword 2019-05-17 22:26:21 +02:00
Maria Matejka
0b39b1cbb7 Conf: Symbol implementation converted from void pointers to union
... and consted some declarations.
2019-02-20 22:30:55 +01:00
Maria Matejka
c0e958e022 Filter + Config: Fix bugs, tests and split symbols by type 2019-02-20 22:30:54 +01:00
Maria Matejka
4c553c5a5b Filter refactoring: dropped the recursion from the interpreter
This is a major change of how the filters are interpreted. If everything
works how it should, it should not affect you unless you are hacking the
filters themselves.

Anyway, this change should make a huge improvement in the filter performance
as previous benchmarks showed that our major problem lies in the
recursion itself.

There are also some changes in nest and protocols, related mostly to
spreading const declarations throughout the whole BIRD and also to
refactored dynamic attribute definitions. The need of these came up
during the whole work and it is too difficult to split out these
not-so-related changes.
2019-02-20 22:30:54 +01:00
Ondrej Zajicek (work)
682d3f7de0 BGP: implement Adj-RIB-In
The patch implements optional internal import table to a channel and
hooks it to BGP so it can be used as Adj-RIB-In. When enabled, all
received (pre-filtered) routes are stored there and import filters can
be re-evaluated without explicit route refresh. An import table can be
examined using e.g. 'show route import table bgp1.ipv4'.
2018-12-12 14:46:24 +01:00