0
0
mirror of https://gitlab.nic.cz/labs/bird.git synced 2024-12-22 09:41:54 +00:00
Commit Graph

877 Commits

Author SHA1 Message Date
Ondrej Zajicek
df22b3140c IO: Avoid re-binding accepted sockets to VRF
When VRFs are used, BIRD correctly binds listening (and connecting)
sockets to their VRFs but also re-binds accepted sockets to the same VRF.
This is not needed as the interface bind is inherited in this case, and
indeed this redundant bind causes an -EPERM if BIRD is running as
non-root making BIRD close the connection and reject the peer.

Thanks to Christian Svensson for the original patch and Alexander Zubkov
for suggestions.
2024-07-30 16:33:51 +02:00
Maria Matejka
08ff0af898 Additional CLI sockets may now be restricted
This allows to have one main socket for the heavy operations
very restricted just for the appropriate users, whereas the
looking glass socket may be more open.

Implemented an idea originally submitted and requested by Akamai.
2024-06-27 04:14:39 +02:00
Maria Matejka
f3b6661ddd Additional CLI sockets can be now configured in the config file
If the user has such a need, they may configure additional sockets
in the config file. This may work for e.g. some advanced access control.
2024-06-27 04:14:38 +02:00
Maria Matejka
a95fff3793 CLI now has a configuration structure 2024-06-27 04:14:38 +02:00
Alexander Zubkov
8a40bccffe BFD: Add option to accept zero checksum for IPv6 UDP packets
Some vendors do not fill the checksum for IPv6 UDP packets.
For interoperability with such implementations one can set
UDP_NO_CHECK6_RX socket option on Linux.

Thanks to Ville O for the suggestion.

Minor changes by committer.
2024-06-26 16:29:57 +02:00
Ondrej Zajicek
00b139bd25 Kernel: Do not use route replace when krt_metric differs
The krt_metric is a part of the primary key, so it cannot differ for
route replace operation.

Thanks to Leif Jakob for the bugreport.
2024-05-30 16:12:15 +02:00
Maria Matejka
b95dc8f29f Expanded usage of stdbool.h to the whole BIRD 2024-03-25 09:39:58 +01:00
Ondrej Zajicek
0b684a43bd NEWS and version update 2024-03-22 01:40:43 +01:00
Ondrej Zajicek
adfff44878 NEWS and version update 2024-03-10 18:57:04 +01:00
Ondrej Zajicek
5c04f0e235 Netlink: Fix spelling of krt_ssthresh / krt_lock_ssthresh
BIRD route attribute for RTAX_SSTHRESH metric was krt_sstresh instead of
krt_ssthresh. Fix that and keep old name as an depreacted alias.
2024-02-16 15:00:03 +01:00
Ondrej Zajicek
e68363909c Netlink: Cleanups in route metrics
- Add krt_fastopen_no_cookie atttibute
- Add missing krt_lock_* bits
- Fix krt_feature_allfrag
- Fix type of EA_KRT_LOCK and EA_KRT_FEATURES
2024-02-16 15:00:03 +01:00
Ondrej Zajicek
225943eaea Filter: Add support for setting TCP congestion control algorithm
Allow to set TCP congestion control algorithm using krt_congctl
route attribute.

Based on patch from Trisha Biswas <tbiswas@fastly.com>, thanks!
2024-02-14 14:29:19 +01:00
Ondrej Zajicek
f40e2bc270 Nest: Fix bug in recursive routes with MPLS-labeled nexthops
When a recursive route with MPLS-labeled nexthop was exported to kernel
and read back, the nexthop_same() failed due to different labels_orig
field and kernel protocol reinstalled it unnecessarily.

For comparing hext hops, route cache has to distinguish ones with
different labels_orig, but KRT has to ignore that, so we need two
nexthop compare functions.

Thanks to Marcel Menzel for the bugreport.
2024-01-27 17:38:06 +01:00
Ondrej Zajicek
2c7555cf2a Log: Add support for UDP logging
Add support for UDP logging, using RFC 3164 syslog protocol.

Based on the patch from Alexander Zubkov <green@qrator.net>, thanks!
2023-12-13 04:01:09 +01:00
Ondrej Zajicek
0e1fbaa5b2 NEWS and version update 2023-10-06 18:53:25 +02:00
Pavel Šorejs
e83beb70bd KRT: Allow to learn routes with RTPROT_KERNEL
The Kernel protocol, even with the option 'learn' enabled, ignores
direct routes created by the OS kernel (on Linux these are routes
with rtm_protocol == RTPROT_KERNEL).

Implement optional behavior where both OS kernel and third-party routes
are learned, it can be enabled by 'learn all' option.

Minor changes by committer.
2023-10-06 04:55:56 +02:00
Ondrej Zajicek
6a242b3ec6 IO: Fix race condition in event processing
When regular event was added from work event, we did remember that
regular event list was empty and therefore we did not use zero time
in poll(). This leads to ~3 s latency in route reload during
reconfiguration.
2023-10-04 17:36:03 +02:00
Ondrej Zajicek
333ddd4f98 MPLS subsystem
The MPLS subsystem manages MPLS labels and handles their allocation to
MPLS-aware routing protocols. These labels are then attached to IP or VPN
routes representing label switched paths -- LSPs.

There was already a preliminary MPLS support consisting of MPLS label
net_addr, MPLS routing tables with static MPLS routes, remote labels in
next hops, and kernel protocol support.

This patch adds the MPLS domain as a basic structure representing local
label space with dynamic label allocator and configurable label ranges.
To represent LSPs, allocated local labels can be attached as route
attributes to IP or VPN routes with local labels as attributes.

There are several steps for handling LSP routes in routing protocols --
deciding to which forwarding equivalence class (FEC) the LSP route
belongs, allocating labels for new FECs, announcing MPLS routes for new
FECs, attaching labels to LSP routes. The FEC map structure implements
basic code for managing FECs in routing protocols, therefore existing
protocols can be made MPLS-aware by adding FEC map and delegating
most work related to local label management to it.
2023-10-04 13:01:21 +02:00
Maria Matejka
51f2e7afaf Conf: Symbol manipulation gets its context explicitly 2023-09-12 15:36:46 +02:00
Maria Matejka
8659818391 Conf: Adding dummy thread-number setting for easier sharing of configuration between v2 and v3 2023-09-12 14:53:55 +02:00
Ondrej Zajicek
e3c0eca956 Nest: Treat VRF interfaces as inside respective VRFs
Despite not having defined 'master interface', VRF interfaces should be
treated as being inside respective VRFs. They behave as a loopback for
respective VRFs. Treating the VRF interface as inside the VRF allows
e.g. OSPF to pick up IP addresses defined on the VRF interface.

For this, we also need to tell apart VRF interfaces and regular interfaces.
Extend Netlink code to parse interface type and mark VRF interfaces with
IF_VRF flag.

Based on the patch from Erin Shepherd, thanks!
2023-08-23 16:08:40 +02:00
Maria Matejka
5f2ecb2298 Merge tag 'v2.13.1' 2023-06-22 17:25:18 +02:00
Maria Matejka
52bae235b7 NEWS and version update 2023-06-22 16:14:12 +02:00
Luiz Amaral
f8bcb037b5 Netlink: Allow RTA_VIA even without MPLS support
It is necessary for IPv4 over IPv6 nexthop support on FreeBSD,
and RTA_VIA is not really related to MPLS.

It breaks build for some very old systems like Debian 8 and CentOS 7,
but we generally do not support older kernels than 4.14 LTS anyway.
2023-06-15 16:07:36 +02:00
Toke Høiland-Jørgensen
d8cf3cad51 IO: Add current_time_now() function for immediate timestamp
Add a current_time_now() function which gets an immediate monotonic
timestamp instead of using the cached value from the event loop. This is
useful for callers that need precise times, such as the Babel RTT
measurement code.

Minor changes by committer.
2023-06-02 00:26:41 +02:00
Ondrej Zajicek
ca0f239c72 NEWS and version update 2023-04-21 20:26:47 +02:00
Luiz Amaral
d61505b039 BSD: IPv4 over IPv6 nexthop support on FreeBSD
The support for IPv4 routes with IPv6 nexthops was implemented in FreeBSD
13.1, this patch allows to import and export such routes from/to kernel.

Minor change from committer.
2023-04-21 02:03:31 +02:00
Ondrej Zajicek
6b38285f58 Net: Replace runtime checks with STATIC_ASSERT() 2023-03-06 11:57:40 +01:00
Ondrej Zajicek
5437104afa NEWS and version update 2023-01-23 02:23:19 +01:00
Ondrej Zajicek
804916daa9 Alloc: Minor cleanups
- Fix THP disable on old systems
 - Failed syscalls should use die() instead of bug()
 - Our printf uses %ld for s64 instead of long
2023-01-18 13:40:21 +01:00
Maria Matejka
6bb992cb04 Merge branch 'master' of https://gitlab.nic.cz/labs/bird 2023-01-18 12:33:06 +01:00
Maria Matejka
973aa37e1e Fix memory pre-allocation
When BIRD has no free memory mapped, it allocates several pages in
advance just to be sure that there is some memory available if needed.
This hysteresis tactics works quite well to reduce memory ping-ping with
kernel.

Yet it had a subtle bug: this pre-allocation didn't take a memory
coldlist into account, therefore requesting new pages from kernel even
in cases when there were other pages available. This led to slow memory
bloating.

To demonstrate this behavior fast enough to be seen well, you may:
  * temporarily set the values in sysdep/unix/alloc.c as follows to
    exacerbate the issue:
      #define KEEP_PAGES_MAIN_MAX    4096
      #define KEEP_PAGES_MAIN_MIN    1000
      #define CLEANUP_PAGES_BULK     4096
  * create a config file with several millions of static routes
  * periodically disable all static protocols and then reload config
  * log memory consumption

This should give you a steady growth rate of about 16kB per cycle. If
you don't set the values this high, the issue happens much more slowly,
yet after 14 days of running, you are going to see an OOM kill.

After this fix, pre-allocation uses the memory coldlist to get some hot
pages and the same test as described here gets you a perfectly stable
constant memory consumption (after some initial wobbling).

Thanks to NIX-CZ for reporting and helping to investigate this issue.
Thanks to Santiago for finding the cause in the code.
2023-01-18 09:39:45 +01:00
Ondrej Zajicek
928a1cb034 Alloc: Disable transparent huge pages
The usage pattern implemented in allocator seems to be incompatible with
transparent huge pages, as memory released using madvise(MADV_DONTNEED)
with regular page size and alignment does not seem to trigger demotion
of huge pages back to regular pages, even when significant number of
pages is released. Even if demotion is triggered when system memory
is low, it still breaks memory accounting.
2023-01-17 17:13:50 +01:00
Ondrej Zajicek
f8276812e6 Minor cleanups 2023-01-13 13:32:29 +01:00
Ondrej Zajicek
7fb23041a5 BSD: Add support for kernel route metric
Add support for kernel route metric/priority, exported as krt_metric
attribute, like in Linux. This should also fix issues with overwriting
or removing system routes.
2023-01-13 13:17:46 +01:00
Mike Crute
64a2b7aaa3 Log message before aborting
Log message before aborting due to watchdog timeout. We have to use
async-safe write to debug log, as it is done in signal handler.

Minor changes from committer.
2023-01-12 17:40:53 +01:00
Ondrej Zajicek
2b7643e1f8 BSD: Use ip_mreqn on FreeBSD 12.1+ and OpenBSD 6.9+ 2022-12-18 20:23:46 +01:00
Alexander Chernikov
6825f94570 FreeBSD: use interface index instead of IP address when specifying multicast interface
Minor changes from committer.
2022-12-16 19:37:26 +01:00
Alexander Chernikov
176fc68aed Netlink: move OS-specific headers and defines to sysdep
Minor changes from committer.
2022-12-16 19:21:51 +01:00
Ondrej Zajicek
7b6c964977 BSD: Add missing makefile for bsd-netlink target
Use symlinks to linux/netlink* to avoid limitations of our buildsystem.
2022-12-16 19:03:41 +01:00
Ondrej Zajicek
1e47b9f203 NEWS and version update 2022-12-11 17:28:14 +01:00
Ondrej Zajicek
34ebc4e1ba BSD: Workaround for direct routes on FreeBSD 13.0
FreeBSD 13.0 added some safechecks for syscalls, rejecting sockaddrs that
are too small, later versions loosen up the check.
2022-12-11 16:28:28 +01:00
Ondrej Zajicek
4c19a8a984 CLI: Fix for long-lived sessions during high loads
When there is a continuos stream of CLI commands, cli_get_command()
always returns 1 (there is a new command). Anyway, the socket receive
buffer was reset only when there was no command at all, leading to a
strange behavior: after a while, the CLI receive buffer came to its end,
then read() was called with zero size buffer, it returned 0 which was
interpreted as EOF.

The patch fixes that by resetting the buffer position after each command
and moving remaining data at the beginning of buffer.

Thanks to Maria Matejka for examining the bug and for the original bugfix.
2022-12-10 17:32:42 +01:00
Alexander V. Chernikov
a80cd47074 Netlink on FreeBSD support
Netlink support was added to FreeBSD recently. It is not as full-featured
as its Linux counterpart yet, however the added subset is enough to make
a routing daemon work. Specifically, it supports multiple tables,
multipath, nexthops and nexthops groups. No MPLS support yet.

The attached change adds 'bsd-netlink’ sysconf target, allowing to build
both netlink & rtsock versions on FreeBSD.
2022-12-09 16:01:30 +01:00
Ondrej Zajicek
543c8ba097 BSD: Fix krt socket code w.r.t. rte/rta changes 2022-11-30 02:43:39 +01:00
Ondrej Zajicek
bbac9ca958 Conf: Make 'configure check' command restricted
While it does not directly change BIRD state, it can trigger reading
arbitrary files and eating significant memory.
2022-11-09 22:02:46 +01:00
Ondrej Zajicek
371eb49043 Conf: Free stored old config before parsing new one
BIRD keeps a previous (old) configuration for the purpose of undo. The
existing code frees it after a new configuration is successfully parsed
during reconfiguration. That causes memory usage spikes as there are
temporarily three configurations (old, current, and new). The patch
changes it to free the old one before parsing the new one (as user
already requested a new config). The disadvantage is that undo is
not available after failed reconfiguration.
2022-11-09 21:54:45 +01:00
Maria Matejka
57308fb277 Page allocator: Fixed minor bugs and added commentary 2022-11-03 12:38:57 +01:00
Maria Matejka
9d03c3f56c Memory pages are not munmapped, instead we just madvise()
Memory unmapping causes slow address space fragmentation, leading in
extreme cases to failing to allocate pages at all. Removing this problem
by keeping all the pages allocated to us, yet calling madvise() to let
kernel dispose of them.

This adds a little complexity and overhead as we have to keep the
pointers to the free pages, therefore to hold e.g. 1 GB of 4K pages with
8B pointers, we have to store 2 MB of data.
2022-11-02 12:56:54 +01:00
Ondrej Zajicek
3242529750 Netlink: Parse onlink flag even on direct routes
While onlink flag is meaningful only with explicit next hops, it can be
defined also on direct routes. Parse it also in this case to avoid
periodic updates of the same route.

Thanks to Marcin Saklak for the bugreport.
2022-10-12 17:57:26 +02:00