0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-23 18:21:54 +00:00
Commit Graph

162 Commits

Author SHA1 Message Date
Maria Matejka
18f66055e3 Global table update pool removed 2021-11-22 19:05:44 +01:00
Maria Matejka
f0507f05ce Route sources have an explicit owner
This commit prevents use-after-free of routes belonging to protocols
which have been already destroyed, delaying also all the protocols'
shutdown until all of their routes have been finally propagated through
all the pipes down to the appropriate exports.

The use-after-free was somehow hypothetic yet theoretically possible in
rare conditions, when one BGP protocol authors a lot of routes and the
user deletes that protocol by reconfiguring in the same time as next hop
update is requested, causing rte_better() to be called on a
not-yet-pruned network prefix while the owner protocol has been already
freed.

In parallel execution environments, this would happen an inter-thread
use-after-free, causing possible heisenbugs or other nasty problems.
2021-11-22 19:05:44 +01:00
Maria Matejka
44f26c49f9 Special table hooks rectified.
* internal tables are now more standalone, having their own import and
  export hooks
* route refresh/reload uses stale counter instead of stale flag,
  allowing to drop walking the table at the beginning
* route modify (by BGP LLGR) is now done by a special refeed hook,
  reimporting the modified routes directly without filters
2021-11-22 19:05:43 +01:00
Maria Matejka
1c2f66f2bd Refeed is done from export table when appropriate 2021-11-09 19:20:41 +01:00
Maria Matejka
69d1ffde4c Split route data structure to storage (ro) / manipulation (rw) structures.
Routes are now allocated only when they are just to be inserted to the
table. Updating a route needs a locally allocated route structure.
Ownership of the attributes is also now not transfered from protocols to
tables and vice versa but just borrowed which should be easier to handle
in a multithreaded environment.
2021-11-09 19:20:41 +01:00
Maria Matejka
ddd89ba12d BGP: Moved the suppressed and stale flags to pflags 2021-10-13 19:09:04 +02:00
Maria Matejka
5cff1d5f02 Route: moved rte_src pointer from rta to rte
It is an auxiliary key in the routing table, not a route attribute.
2021-10-13 19:09:04 +02:00
Maria Matejka
eb937358c0 Preference moved to RTA and set explicitly in protocols 2021-10-13 19:09:04 +02:00
Ondrej Zajicek (work)
91d0458389 BGP: Ensure that freed neighbor entry is not accessed
Routes from downed protocols stay in rtable (until next rtable prune
cycle ends) and may be even exported to another protocol. In BGP case,
source BGP protocol is examined, although dynamic parts (including
neighbor entries) are already freed. That may lead to crash under some
race conditions. Ensure that freed neighbor entry is not accessed to
avoid this issue.
2021-06-01 02:20:26 +02:00
Vincent Bernat
714238716e BGP: Add support for BGP hostname capability
This is an implementation of draft-walton-bgp-hostname-capability-02.
It is implemented since quite some time for FRR and in datacenter, this
gives a nice output to avoid using IP addresses.

It is disabled by default. The hostname is retrieved from uname(2) and
can be overriden with "hostname" option. The domain name is never set
nor displayed.

Minor changes by committer.
2021-02-10 16:53:57 +01:00
Ondrej Zajicek (work)
17de3a023f BGP: Fix handling of strange IPv6 link-local-only next hops
There are three common ways how to encode IPv6 link-local-only next hops:
(:: ll), (ll), and (ll ll). We use the first one but we should accept all
three. The patch fixes handling of the last one.

Thanks to Sebastian Hahn for the bugreport.
2020-04-29 02:50:29 +02:00
Ondrej Zajicek (work)
78e4a123bb BGP: Handle flowspec rules without dst part
The RFC 5575 does not explicitly reject flowspec rules without dst part,
it just requires dst part in validation procedure for feasibility, which
we do not implement anyway. Thus flow without dst prefix is syntactically
valid, but unfeasible (if feasibilty testing is done).

Thanks to Alex D. for the bugreport.
2020-03-03 17:45:16 +01:00
Ondrej Zajicek (work)
21d09632a5 BGP: Add some statistics
Add some statistic counters to BGP consistent with BGP MIB (RFC 4273),
including persistent 'FSM established transitions'.
2019-12-03 18:05:41 +01:00
Ondrej Zajicek (work)
0f88200247 BGP: Fix processing of IPv6 Flowspec
During NLRI parsing of IPv6 Flowspec, dst prefix was not properly
extracted from NLRI, therefore a received flow was stored in a different
position in flowspec routing table, and was not reachable by command
'show route <flow>'.

Add proper prefix part accessors to flowspec code and use them from BGP
NLRI parsing code.

Thanks to Alex D. for the bugreport.
2019-11-18 17:56:51 +01:00
Ondrej Zajicek (work)
09ee846d92 BGP: AIGP metric support (RFC 7311) 2019-10-09 17:53:23 +02:00
Ondrej Zajicek (work)
8388f5a7e1 BGP: Fix bugs in handling of shutdown messages
There is an improper check for valid message size, which may lead to
stack overflow and buffer leaks to log when a large message is received.

Thanks to Daniel McCarney for bugreport and analysis.
2019-09-09 03:13:35 +02:00
Ondrej Zajicek (work)
4fa0e472cf BGP: Use reallocation for capability structure
Instead of having large stack buffer for max amount of AFI/SAFI pairs.
The old code is not correct w.r.t. extendeded option length, as more
AFI/SAFI pairs may fit into the capability option.
2019-08-21 17:16:08 +02:00
Ondrej Zajicek (work)
524d253853 BGP: Implement extended optional parameters length
Extends BGP options/capabilities data length to 16bit, to avoid issues
with too many capabilities. See draft-ietf-idr-ext-opt-param-07
2019-08-20 19:15:50 +02:00
Maria Matejka
eac9250fd5 Merge branch 'master' into mq-filter-stack 2019-07-03 11:12:25 +02:00
Maria Jan Matejka
9dac814ee8 BGP: split tx explicitly
If BGP has too many data to send and BIRD is slower than the link, TX is
always possible until all data is sent. This patch limits maximum number
of generated BGP messages in one iteration of TX hook.
2019-07-01 09:05:50 +02:00
Alexander Azimov
7ff34ca2cb BGP: Compliance with RFC8203bis 2019-04-30 13:55:43 +02:00
Ondrej Zajicek (work)
4a50c8bd03 BGP: Handle corner cases in event ordering
When BGP connection is opened, it may happen that rx hook (with remote
OPEN) is called before tx hook (for local OPEN). Therefore, we need to do
internal changes (like setting local_caps) synchronously with OPENSENT
transition and we need to ensure that OPEN is sent before KEEPALIVE.
2019-04-08 16:56:56 +02:00
Ondrej Zajicek (work)
23ee6b1cd6 BGP: Promiscuous ASN mode
Allow to specify just 'internal' or 'external' for remote neighbor
instead of specific ASN. In the second case that means BGP peers with
any non-local ASNs are accepted.
2019-04-03 15:54:50 +02:00
Ondrej Zajicek (work)
a22c3e5968 BGP: Separate runtime and config usage of local/remote ip and as fields 2019-04-02 17:22:31 +02:00
Ondrej Zajicek (work)
3c3605818f BGP: Mandatory option for channels
Allow to mark channel to be mandatory, and do not allow BGP sessions if
no common AFI/SAFI is established.
2019-03-19 17:44:50 +01:00
Ondrej Zajicek (work)
7e5f769d91 BGP: Handle case where capabilites are not used
If peer does not announce capabilities at all, or when we have
capabilities disabled, handle that as implicit IPv4 unicast.
2019-03-18 14:29:12 +01:00
Maria Matejka
4c553c5a5b Filter refactoring: dropped the recursion from the interpreter
This is a major change of how the filters are interpreted. If everything
works how it should, it should not affect you unless you are hacking the
filters themselves.

Anyway, this change should make a huge improvement in the filter performance
as previous benchmarks showed that our major problem lies in the
recursion itself.

There are also some changes in nest and protocols, related mostly to
spreading const declarations throughout the whole BIRD and also to
refactored dynamic attribute definitions. The need of these came up
during the whole work and it is too difficult to split out these
not-so-related changes.
2019-02-20 22:30:54 +01:00
Ondrej Zajicek (work)
1cab2b4a7c BGP: Extend 'next hop keep' and 'next hop self' options
Extend 'next hop keep' and 'next hop self' options to have boolean values
(enabled / disabled) and also values 'ibgp'/ 'ebgp' to restrict it to
routes received from IBGP / EBGP. This allows to have it enabled by
default in some cases, matches features of other implementations, and
allows to handle some strange cases like EBGP border router with 'next
hop self' also doing IBGP route reflecting.

Change default of 'next hop keep' to enabled for route servers, and
'ibgp' for route reflectors.

Update documentation for these options.
2018-12-16 23:44:24 +01:00
Ondrej Zajicek (work)
cb311b441a BGP: Better handling of non-matching AFI in nexthops 2018-12-16 15:43:58 +01:00
Ondrej Zajicek (work)
682d3f7de0 BGP: implement Adj-RIB-In
The patch implements optional internal import table to a channel and
hooks it to BGP so it can be used as Adj-RIB-In. When enabled, all
received (pre-filtered) routes are stored there and import filters can
be re-evaluated without explicit route refresh. An import table can be
examined using e.g. 'show route import table bgp1.ipv4'.
2018-12-12 14:46:24 +01:00
Ondrej Zajicek (work)
863ecfc785 The MRT protocol
The new MRT protocol is responsible for periodic RIB table dumps in the
MRT format (RFC 6396). Also the existing code for BGP4MP MRT dumps is
refactored and splitted between BGP to MRT protocols, will be more
integrated into MRT in the future.

Example:

protocol mrt {
        table "*";
        filename "%N_%F_%T.mrt";
        period 60;
}

It is partially based on the old MRT code from Pavel Tvrdik.
2018-11-20 17:45:35 +01:00
Ondrej Zajicek (work)
5bd734317c BGP: Long-lived graceful restart
The patch implements long-lived graceful restart for BGP, namely
draft-uttaro-idr-bgp-persistence-03.
2018-07-31 18:40:38 +02:00
Ondrej Zajicek (work)
8e86ffce82 BGP: Use implicit-NULL label when announcing MPLS routes with local next-hop
We currently cannot assing local labels, but we can still be LSP egress
router. Therefore when we announce labeled route with local next-hop, we
should announce implicit-NULL label instead of rejecting it completely.
2018-07-01 01:03:16 +02:00
Ondrej Zajicek (work)
93c1defdb0 BGP: Fix parsing of MPLS withdrawals
RFC 3107 was bit vague with regard to labeled withdrawals, RFC 8277
clarified that. The old code was incompatible with some implementations,
namely with Juniper.

Thanks to Vadim Fedorenko for the original patch.
2018-07-01 00:43:24 +02:00
Ondrej Zajicek (work)
586c1800c4 Nest: Neighbor cache cleanups
Simplify neighbor cache code, fix several minor bugs, and improve
handling of ONLINK flag.
2018-06-27 16:57:07 +02:00
Ondrej Zajicek (work)
75d98b6013 Merge branch 'master' into int-new 2018-01-23 18:29:32 +01:00
Ondrej Zajicek (work)
63472779ad BGP: Implement 'disable after cease' option
The option allows to specify that some cease subcodes should
disable the protocol when received.
2018-01-16 19:17:04 +01:00
Ondrej Zajicek (work)
d493d0f180 BGP: Fix unknown attribute handling 2018-01-02 16:57:45 +01:00
Ondrej Zajicek (work)
7fc55925be Several minor fixes 2017-12-10 00:55:34 +01:00
Ondrej Zajicek (work)
49c7ef3b21 BGP: Fix IPv6 MPLS/VPN multicast SAFI 2017-12-08 14:00:36 +01:00
Ondrej Zajicek (work)
830ba75e6d Merge commit '1e8721e2aeccfbc3f533e8b8abc07582cee77e9a' into int-new 2017-12-07 21:54:47 +01:00
Ondrej Zajicek (work)
cd1d99611e BGP: Shutdown communication (RFC 8203)
The patch implements BGP Administrative Shutdown Communication (RFC 8203)
allowing BGP operators to pass messages related to BGP session
administrative shutdown/restart. It handles both transmit and receive of
shutdown messages. Messages are logged and may be displayed by show
protocol all command.

Thanks to Job Snijders for the basic patch.
2017-09-19 19:57:52 +02:00
Ondrej Zajicek (work)
711d617dc1 BGP: Add support for SAFI 129 (VPN multicast)
Which, in contrast to SAFI 128, does not use MPLS labels.
2017-04-12 16:04:22 +02:00
Ondrej Zajicek (work)
c49e4a6565 BGP: Update list of supported standards 2017-03-29 13:48:23 +02:00
Ondrej Zajicek (work)
ef57b70fa5 BGP: Support for routes with mixed-AF next hops
Covers IPv4/VPNv4 routes with IPv6 next hop (RFC 5549), IPv6 routes with
IPv4 next hop (RFC 4798) and VPNv6 routes with IPv4 next hop (RFC 4659).
Unfortunately it also makes next hop hooks more messy.

Each BGP channel now could have two IGP tables, one for IPv4 next hops,
the other for IPv6 next hops.
2017-03-26 19:20:15 +02:00
Ondrej Zajicek (work)
01111fc42c BGP: Bugfix in VPN NLRI encoding 2017-03-23 14:10:42 +01:00
Ondrej Zajicek (work)
1e37e35c3e BGP: Support for MPLS labels and VPN SAFI
Basic support for SAFI 4 and 128 (MPLS labeled IP and VPN) for IPv4 and
IPv6. Should work for route reflector, but does not properly handle
originating routes with next hop self.

Based on patches from Jan Matejka.
2017-03-22 18:16:49 +01:00
Jan Moskyto Matejka
3c74416465 Nexthop: Fixed recursive route mpls label merging 2017-03-17 15:48:32 +01:00
Ondrej Zajicek (work)
27f6ba651e BGP: Fix bug in ADD_PATH
When a BGP session with ADD_PATH is restarted and the neighbor do not
announce ADD_PATH capability during reconnect, the accept_ra_types is
still set to RA_ANY.

Thanks to Lennert Buytenhek for the bugreport
2017-03-14 12:56:12 +01:00
Jan Moskyto Matejka
039a65d0e4 Nexthop: Fixed hostentry 2017-02-24 14:05:11 +01:00