Pavel Tvrdík
e45dc8e01d
RPKI: refactore transports
2016-01-25 15:39:38 +01:00
Pavel Tvrdík
4c1e54d4a6
RPKI: improve reconfiguration
2016-01-25 15:39:38 +01:00
Pavel Tvrdík
c727c28404
RPKI: replace sock->af usage with sock->fam
2016-01-25 15:39:38 +01:00
Pavel Tvrdík
cf2d812e9d
RPKI: Add a documentation
2016-01-25 15:39:38 +01:00
Pavel Tvrdík
41f4b5940f
RPKI protocol with integrated RTRLib inside
...
Add the RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/ ) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
The code should work properly with one or more cache servers per protocol.
Example configuration of bird.conf:
...
roa4 table roatable;
protocol rpki {
table roatable;
cache 127.0.0.1; # defaults: port 8282, preference 1, no encryption
cache 127.0.0.1 {
preference 1;
port 2222;
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
cache public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
};
cache "rpki-validator.realmv6.org" {
preference 2;
};
}
...
2016-01-25 15:39:38 +01:00
Jan Moskyto Matejka
74d9416763
RIPng: fixed misrejection of host routes
2016-01-25 10:29:06 +01:00
Jan Moskyto Matejka
2fad92144e
BSD: fix no-return warning
2016-01-21 15:47:04 +01:00
Jan Moskyto Matejka
3f35816136
BSD: Explicitly dropping routes with mismatched AF's.
2016-01-21 14:55:33 +01:00
Jan Moskyto Matejka
0e965f6991
All the current pthread implementations are OK and working with us.
...
No more need to disable pthread for specific BSD's.
2016-01-21 14:55:33 +01:00
Pavel Tvrdík
7eb9e79648
Add condition for max_pxlen by ROA grammar
2016-01-21 10:37:08 +01:00
Pavel Tvrdík
a4caa1c0a3
Use net_addr pointer for net_addr_roaX
...
net_addr_roa6 is bigger than net_addr
Thanks to Ondrej Zajicek for notice
2016-01-21 10:37:08 +01:00
Pavel Tvrdík
259052199b
Add forgotten semicolon
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
650b418942
Delete old ROA code
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
0264ccf6f4
Rewrite roa_check() for integrated BIRD
...
Thanks to Ondrej Zajicek for his support with writing this code.
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
cb1bd816db
Add ROA_* constants values to grammar of configuration
...
Add ROA_UNKNOWN, ROA_VALID and ROA_INVALID
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
513ad0a85e
Add ROA net_addr to grammar
...
Example:
protocol static
{
route 10.110.0.0/16 max 16 as 1000 blackhole;
route 10.120.0.0/16 max 24 as 1000 blackhole;
route 10.130.0.0/16 max 24 as 2000 blackhole;
route 10.130.128.0/18 max 24 as 3000 blackhole;
...
}
2016-01-20 16:46:30 +01:00
Jan Moskyto Matejka
8109eb765f
BSD integration fixes
2016-01-20 12:05:16 +01:00
Pavel Tvrdík
f9d729ab68
NET ROAx: add max_pxlen, fix format
2016-01-14 14:31:55 +01:00
Jan Moskyto Matejka
9a883adf95
Net address format: Do not print the -4 or -6 suffix in %I4 and %I6
2016-01-13 13:21:25 +01:00
Pavel Tvrdík
a820ae1074
NET ROAx more small changes
...
- Remove `u8 src` from net_add_roaX
- Add `u8 max_pxlen` to net_add_roaX
- Add some missing macro and functions for ROA
- Remove ASN from hash function for ROA
Thanks to Ondrej Santiago Zajicek
2016-01-12 11:41:10 +01:00
Pavel Tvrdík
93e807292c
ROA change printf 'ASN: xxx' to 'ASxxx'
2016-01-12 11:40:50 +01:00
Jan Moskyto Matejka
6ffa8f5393
Hidden AF_INET* inside sysdep/
2016-01-11 09:29:51 +01:00
Jan Moskyto Matejka
5b218c3d9b
BFD: split of v4/v6 sockets
2016-01-11 09:29:51 +01:00
Pavel Tvrdík
b9f5692186
Fix check in net_route() in debug mode
2016-01-07 18:24:14 +01:00
Pavel Tvrdík
de9b87f558
Add NET ROA4/6 structures
2016-01-07 18:21:31 +01:00
Ondrej Zajicek (work)
e691d16a63
Explicit ip4_addr / ip6_addr printf support
2015-12-29 17:12:47 +01:00
Ondrej Zajicek (work)
74c838a870
Move ID allocator to a separate file and use it also in OSPF
2015-12-29 15:42:12 +01:00
Jan Moskyto Matejka
9a70c8d6c3
Netlink: Removed forgotten if-stub (caused strange errors)
2015-12-29 13:02:45 +01:00
Ondrej Zajicek (work)
04632fd77f
Follow-up work on integration
2015-12-24 15:56:04 +01:00
Jan Moskyto Matejka
70b90dde23
Better fix of missing AF_INET6? definition in lib/socket.h
...
Moved the code to sysdep.
2015-12-22 09:45:09 +01:00
Ondrej Zajicek (work)
600998fcb1
Modify FIB_WALK() and FIB_ITERATE() to work with new FIB code
...
Returned user data pointers have offset relative to fib_node.
2015-12-21 20:28:44 +01:00
Jan Moskyto Matejka
67aa88336a
BSD wants to include sys/socket.h in lib/socket.h (AF_INET6? definitions)
2015-12-21 18:23:08 +01:00
Ondrej Zajicek (work)
0bf95f99e6
Follow-up work on integration
...
Contains some patches from Jan Moskyto Matejka
2015-12-21 17:17:21 +01:00
Ondrej Zajicek (work)
23c212e7f1
Follow-up work on integration
2015-12-21 03:33:18 +01:00
Ondrej Zajicek (work)
e92a4b855f
Filter: Fix some changes in IP<->Quad implicit conversion
2015-12-20 21:43:00 +01:00
Ondrej Zajicek (work)
d549b83fc2
Delete ipv6 option from configure
2015-12-20 19:47:36 +01:00
Ondrej Zajicek (work)
0f7d5b1a88
Nest: Reimplement fib_route() and add some consts
2015-12-20 18:16:48 +01:00
Ondrej Zajicek (work)
29a6416276
KRT: Integration of IPv4/IPv6 in sysdep/linux
2015-12-20 16:58:37 +01:00
Jan Moskyto Matejka
7fd4143ead
Integrated address print lengths
...
Minor changes by Ondrej Santiago Zajicek
2015-12-20 13:47:39 +01:00
Jan Moskyto Matejka
9656dce72e
ROA code switchoff
2015-12-20 13:04:07 +01:00
Jan Moskyto Matejka
aedd3a6bab
Implemented missing prefix manipulation functions
2015-12-20 12:53:40 +01:00
Jan Moskyto Matejka
5e173e9f63
Stop perusing f_prefix for non-prefix-set uses
...
Multiple changes by Ondrej Santiago Zajicek
2015-12-19 23:49:47 +01:00
Jan Moskyto Matejka
d7661fbe9d
Removed BITS_PER_IP_ADDRESS, MAX_PREFIX_LENGTH, BIRD_AF
...
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.
Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-19 15:57:09 +01:00
Jan Moskyto Matejka
9b136840d9
Netlink and BSD: Integrating IPv4 and IPv6
...
Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-18 20:03:47 +01:00
Ondrej Zajicek (work)
04ae8ddaa1
Merge branch 'master' into int-new
2015-11-25 14:24:35 +01:00
Pavel Tvrdík
33b4f40acc
MD5: Mormalize naming style
2015-11-24 16:01:48 +01:00
Ondrej Zajicek (work)
90f78507f4
Merge branch 'master' into rip-new
2015-11-24 15:21:11 +01:00
Jan Moskyto Matejka
ad27615760
Netlink: attribute validation before parsing
...
Wanted netlink attributes are defined in a table, specifying
their size and neediness. Removing the long conditions that did the
validation before.
Also parsing IPv4 and IPv6 versions regardless on the IPV6 macro.
2015-11-24 14:30:20 +01:00
Ondrej Zajicek (work)
e422ca0f29
Some consts for function arguments
...
Patch from Pavel Tvrdik
2015-11-24 13:52:26 +01:00
Ondrej Zajicek (work)
5126380bea
Minor changes to SHA hash functions
2015-11-24 13:47:28 +01:00