diff options
author | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2017-12-07 21:54:47 +0100 |
---|---|---|
committer | Ondrej Zajicek (work) <santiago@crfreenet.org> | 2017-12-07 21:54:47 +0100 |
commit | 830ba75e6dd369c3e64d122f0537cc85211e56e6 (patch) | |
tree | 23989d7955618540ab2bad467d6e376229ad922c | |
parent | 46434a3cad99260b5a659e5df874eab4615bcb36 (diff) | |
parent | 1e8721e2aeccfbc3f533e8b8abc07582cee77e9a (diff) |
Merge commit '1e8721e2aeccfbc3f533e8b8abc07582cee77e9a' into int-new
-rw-r--r-- | doc/bird.sgml | 96 | ||||
-rw-r--r-- | filter/filter.c | 3 | ||||
-rw-r--r-- | filter/filter.h | 1 | ||||
-rw-r--r-- | nest/config.Y | 12 | ||||
-rw-r--r-- | nest/proto.c | 61 | ||||
-rw-r--r-- | nest/protocol.h | 18 | ||||
-rw-r--r-- | nest/route.h | 3 | ||||
-rw-r--r-- | proto/babel/packets.c | 23 | ||||
-rw-r--r-- | proto/bgp/bgp.c | 44 | ||||
-rw-r--r-- | proto/bgp/bgp.h | 2 | ||||
-rw-r--r-- | proto/bgp/packets.c | 58 | ||||
-rw-r--r-- | proto/radv/config.Y | 49 | ||||
-rw-r--r-- | proto/radv/packets.c | 97 | ||||
-rw-r--r-- | proto/radv/radv.c | 345 | ||||
-rw-r--r-- | proto/radv/radv.h | 48 |
15 files changed, 676 insertions, 184 deletions
diff --git a/doc/bird.sgml b/doc/bird.sgml index b51234f7..ab515191 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -1941,7 +1941,7 @@ protocol bfd [<name>] { computation. <tag>password "<M>text</M>"</tag> - Specifies a password used for authentication. See <ref id="dsc-pass" + Specifies a password used for authentication. See <ref id="proto-pass" name="password"> common option for detailed description. Note that password option <cf/algorithm/ is not available in BFD protocol. The algorithm is selected by <cf/authentication/ option for all passwords. @@ -3560,7 +3560,8 @@ time intervals or as an answer to a request) advertisement packets to connected networks. These packets contain basic information about a local network (e.g. a list of network prefixes), which allows network hosts to autoconfigure network addresses and choose a default route. BIRD implements router behavior as defined -in <rfc id="4861"> and also the DNS extensions from <rfc id="6106">. +in <rfc id="4861">, router preferences and specific routes (<rfc id="4191">), +and DNS extensions (<rfc id="6106">). <sect1>Configuration <label id="radv-config"> @@ -3597,7 +3598,7 @@ definitions, prefix definitions and DNS definitions: definitions may also be interface-specific when used inside interface options. By default, interface uses both global and interface-specific options, but that can be changed by <cf/rdnss local/ option. -dsc-iface + <tag><label id="radv-dnssl">dnssl { <m/options/ }</tag> DNSSL definitions allow to specify a list of advertised DNS search domains together with their options. Like <cf/rdnss/ above, multiple @@ -3622,6 +3623,18 @@ dsc-iface default router. <cf/preferred lifetime/ and <cf/valid lifetime/ could also be configured as <cf/sensitive/ for a prefix, which would cause autoconfigured IPs to be deprecated or even removed. + + <tag><label id="radv-propagate-routes">propagate routes <m/switch/</tag> + This option controls propagation of more specific routes, as defined in + <rfc id="4191">. If enabled, all routes exported to the RAdv protocol, + with the exception of the trigger prefix, are added to advertisments as + additional options. The lifetime and preference of advertised routes can + be set individually by <cf/ra_lifetime/ and <cf/ra_preference/ route + attributes, or per interface by <cf/route lifetime/ and + <cf/route preference/ options. Default: disabled. + + Note that the RFC discourages from sending more than 17 routes and + recommends the routes to be configured manually. </descrip> <p>Interface specific options: @@ -3668,21 +3681,45 @@ dsc-iface hosts. Valid values are 0-255, 0 means unspecified. Default: 64 <tag><label id="radv-iface-default-lifetime">default lifetime <m/expr/ [sensitive <m/switch/]</tag> - This option specifies the time (in seconds) how long (after the receipt + This option specifies the time (in seconds) how long (since the receipt of RA) hosts may use the router as a default router. 0 means do not use as a default router. For <cf/sensitive/ option, see <ref id="radv-trigger" name="trigger">. Default: 3 * <cf/max ra interval/, <cf/sensitive/ yes. - <tag><label id="radv-iface-linger-time">linger time <m/expr/</tag> - When a prefix disappears, it is advertised for some time with 0 - lifetime, to inform clients the prefix is no longer usable. This option - sets the time for how long it is advertised (in seconds). Maximum is - 3600, 0 means disabled. Default: 300. - - <tag><label id="radv-iface-default-preference-low">default preference low|medium|high</tag> + <tag><label id="radv-iface-default-preference">default preference low|medium|high</tag> This option specifies the Default Router Preference value to advertise to hosts. Default: medium. + <tag><label id="radv-iface-route-lifetime">route lifetime <m/expr/ [sensitive <m/switch/]</tag> + This option specifies the default value of advertised lifetime for + specific routes; i.e., the time (in seconds) for how long (since the + receipt of RA) hosts should consider these routes valid. A special value + 0xffffffff represents infinity. The lifetime can be overriden on a per + route basis by the <ref id="rta-ra-lifetime" name="ra_lifetime"> route + attribute. Default: 3 * <cf/max ra interval/, <cf/sensitive/ no. + + For the <cf/sensitive/ option, see <ref id="radv-trigger" name="trigger">. + If <cf/sensitive/ is enabled, even the routes with the <cf/ra_lifetime/ + attribute become sensitive to the trigger. + + <tag><label id="radv-iface-route-preference">route preference low|medium|high</tag> + This option specifies the default value of advertised route preference + for specific routes. The value can be overriden on a per route basis by + the <ref id="rta-ra-preference" name="ra_preference"> route attribute. + Default: medium. + + <tag><label id="radv-prefix-linger-time">prefix linger time <m/expr/</tag> + When a prefix or a route disappears, it is advertised for some time with + zero lifetime, to inform clients it is no longer valid. This option + specifies the time (in seconds) for how long prefixes are advertised + that way. Default: 3 * <cf/max ra interval/. + + <tag><label id="radv-route-linger-time">route linger time <m/expr/</tag> + When a prefix or a route disappears, it is advertised for some time with + zero lifetime, to inform clients it is no longer valid. This option + specifies the time (in seconds) for how long routes are advertised + that way. Default: 3 * <cf/max ra interval/. + <tag><label id="radv-iface-rdnss-local">rdnss local <m/switch/</tag> Use only local (interface-specific) RDNSS definitions for this interface. Otherwise, both global and local definitions are used. Could @@ -3729,7 +3766,6 @@ dsc-iface <cf/sensitive/ no. </descrip> - <p>RDNSS specific options: <descrip> @@ -3762,12 +3798,48 @@ dsc-iface RDNSS <cf/lifetime/ option above. Default: 3 * <cf/max ra interval/. </descrip> +<sect1>Attributes +<label id="radv-attr"> + +<p>RAdv defines two route attributes: + +<descrip> + <tag><label id="rta-ra-preference">enum ra_preference/</tag> + The preference of the route. The value can be <it/RA_PREF_LOW/, + <it/RA_PREF_MEDIUM/ or <it/RA_PREF_HIGH/. If the attribute is not set, + the <ref id="radv-iface-route-preference" name="route preference"> + option is used. + + <tag><label id="rta-ra-lifetime">int ra_lifetime/</tag> + The advertised lifetime of the route, in seconds. The special value of + 0xffffffff represents infinity. If the attribute is not set, the + <ref id="radv-iface-route-lifetime" name="route lifetime"> + option is used. +</descrip> <sect1>Example <label id="radv-exam"> <p><code> +table radv_routes; # Manually configured routes go here + +protocol static { + table radv_routes; + + route 2001:0DB8:4000::/48 unreachable; + route 2001:0DB8:4010::/48 unreachable; + + route 2001:0DB8:4020::/48 unreachable { + ra_preference = RA_PREF_HIGH; + ra_lifetime = 3600; + }; +} + protocol radv { + propagate routes yes; # Propagate the routes from the radv_routes table + table radv_routes; + export all; + interface "eth2" { max ra interval 5; # Fast failover with more routers managed yes; # Using DHCPv6 on eth2 diff --git a/filter/filter.c b/filter/filter.c index 7dcf22ed..aef4f44a 100644 --- a/filter/filter.c +++ b/filter/filter.c @@ -1089,7 +1089,8 @@ interpret(struct f_inst *what) switch (what->aux & EAF_TYPE_MASK) { case EAF_TYPE_INT: - if (v1.type != T_INT) + // Enums are also ints, so allow them in. + if (v1.type != T_INT && (v1.type < T_ENUM_LO || v1.type > T_ENUM_HI)) runtime( "Setting int attribute to non-int value" ); l->attrs[0].u.data = v1.val.i; break; diff --git a/filter/filter.h b/filter/filter.h index 6c81b9bc..c277b67c 100644 --- a/filter/filter.h +++ b/filter/filter.h @@ -147,6 +147,7 @@ void val_format(struct f_val v, buffer *buf); #define T_ENUM_RTD 0x34 #define T_ENUM_ROA 0x35 #define T_ENUM_NETTYPE 0x36 +#define T_ENUM_RA_PREFERENCE 0x37 /* new enums go here */ #define T_ENUM_EMPTY 0x3f /* Special hack for atomic_aggr */ diff --git a/nest/config.Y b/nest/config.Y index ad45a39d..555c9e05 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -756,12 +756,12 @@ echo_size: } ; -CF_CLI(DISABLE, proto_patt, <protocol> | \"<pattern>\" | all, [[Disable protocol]]) -{ proto_apply_cmd($2, proto_cmd_disable, 1, 0); } ; -CF_CLI(ENABLE, proto_patt, <protocol> | \"<pattern>\" | all, [[Enable protocol]]) -{ proto_apply_cmd($2, proto_cmd_enable, 1, 0); } ; -CF_CLI(RESTART, proto_patt, <protocol> | \"<pattern>\" | all, [[Restart protocol]]) -{ proto_apply_cmd($2, proto_cmd_restart, 1, 0); } ; +CF_CLI(DISABLE, proto_patt opttext, (<protocol> | \"<pattern>\" | all) [message], [[Disable protocol]]) +{ proto_apply_cmd($2, proto_cmd_disable, 1, (uintptr_t) $3); } ; +CF_CLI(ENABLE, proto_patt opttext, (<protocol> | \"<pattern>\" | all) [message], [[Enable protocol]]) +{ proto_apply_cmd($2, proto_cmd_enable, 1, (uintptr_t) $3); } ; +CF_CLI(RESTART, proto_patt opttext, (<protocol> | \"<pattern>\" | all) [message], [[Restart protocol]]) +{ proto_apply_cmd($2, proto_cmd_restart, 1, (uintptr_t) $3); } ; CF_CLI(RELOAD, proto_patt, <protocol> | \"<pattern>\" | all, [[Reload protocol]]) { proto_apply_cmd($2, proto_cmd_reload, 1, CMD_RELOAD); } ; CF_CLI(RELOAD IN, proto_patt, <protocol> | \"<pattern>\" | all, [[Reload protocol (just imported routes)]]) diff --git a/nest/proto.c b/nest/proto.c index ecc3b0fe..a2a2bc7e 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -980,6 +980,7 @@ proto_rethink_goal(struct proto *p) proto_remove_channels(p); rem_node(&p->n); rfree(p->event); + mb_free(p->message); mb_free(p); if (!nc) return; @@ -1334,6 +1335,39 @@ proto_schedule_down(struct proto *p, byte restart, byte code) tm_start_max(proto_shutdown_timer, restart ? 250 MS : 0); } +/** + * proto_set_message - set administrative message to protocol + * @p: protocol + * @msg: message + * @len: message length (-1 for NULL-terminated string) + * + * The function sets administrative message (string) related to protocol state + * change. It is called by the nest code for manual enable/disable/restart + * commands all routes to the protocol, and by protocol-specific code when the + * protocol state change is initiated by the protocol. Using NULL message clears + * the last message. The message string may be either NULL-terminated or with an + * explicit length. + */ +void +proto_set_message(struct proto *p, char *msg, int len) +{ + mb_free(p->message); + p->message = NULL; + + if (!msg || !len) + return; + + if (len < 0) + len = strlen(msg); + + if (!len) + return; + + p->message = mb_alloc(proto_pool, len + 1); + memcpy(p->message, msg, len); + p->message[len] = 0; +} + static const char * channel_limit_name(struct channel_limit *l) @@ -1622,7 +1656,7 @@ channel_show_info(struct channel *c) } void -proto_cmd_show(struct proto *p, uint verbose, int cnt) +proto_cmd_show(struct proto *p, uintptr_t verbose, int cnt) { byte buf[256], tbuf[TM_DATETIME_BUFFER_SIZE]; @@ -1646,6 +1680,8 @@ proto_cmd_show(struct proto *p, uint verbose, int cnt) { if (p->cf->dsc) cli_msg(-1006, " Description: %s", p->cf->dsc); + if (p->message) + cli_msg(-1006, " Message: %s", p->message); if (p->cf->router_id) cli_msg(-1006, " Router ID: %R", p->cf->router_id); if (p->vrf) @@ -1665,7 +1701,7 @@ proto_cmd_show(struct proto *p, uint verbose, int cnt) } void -proto_cmd_disable(struct proto *p, uint arg UNUSED, int cnt UNUSED) +proto_cmd_disable(struct proto *p, uintptr_t arg, int cnt UNUSED) { if (p->disabled) { @@ -1676,12 +1712,13 @@ proto_cmd_disable(struct proto *p, uint arg UNUSED, int cnt UNUSED) log(L_INFO "Disabling protocol %s", p->name); p->disabled = 1; p->down_code = PDC_CMD_DISABLE; + proto_set_message(p, (char *) arg, -1); proto_rethink_goal(p); cli_msg(-9, "%s: disabled", p->name); } void -proto_cmd_enable(struct proto *p, uint arg UNUSED, int cnt UNUSED) +proto_cmd_enable(struct proto *p, uintptr_t arg, int cnt UNUSED) { if (!p->disabled) { @@ -1691,12 +1728,13 @@ proto_cmd_enable(struct proto *p, uint arg UNUSED, int cnt UNUSED) log(L_INFO "Enabling protocol %s", p->name); p->disabled = 0; + proto_set_message(p, (char *) arg, -1); proto_rethink_goal(p); cli_msg(-11, "%s: enabled", p->name); } void -proto_cmd_restart(struct proto *p, uint arg UNUSED, int cnt UNUSED) +proto_cmd_restart(struct proto *p, uintptr_t arg, int cnt UNUSED) { if (p->disabled) { @@ -1707,6 +1745,7 @@ proto_cmd_restart(struct proto *p, uint arg UNUSED, int cnt UNUSED) log(L_INFO "Restarting protocol %s", p->name); p->disabled = 1; p->down_code = PDC_CMD_RESTART; + proto_set_message(p, (char *) arg, -1); proto_rethink_goal(p); p->disabled = 0; proto_rethink_goal(p); @@ -1714,7 +1753,7 @@ proto_cmd_restart(struct proto *p, uint arg UNUSED, int cnt UNUSED) } void -proto_cmd_reload(struct proto *p, uint dir, int cnt UNUSED) +proto_cmd_reload(struct proto *p, uintptr_t dir, int cnt UNUSED) { struct channel *c; @@ -1753,19 +1792,19 @@ proto_cmd_reload(struct proto *p, uint dir, int cnt UNUSED) } void -proto_cmd_debug(struct proto *p, uint mask, int cnt UNUSED) +proto_cmd_debug(struct proto *p, uintptr_t mask, int cnt UNUSED) { p->debug = mask; } void -proto_cmd_mrtdump(struct proto *p, uint mask, int cnt UNUSED) +proto_cmd_mrtdump(struct proto *p, uintptr_t mask, int cnt UNUSED) { p->mrtdump = mask; } static void -proto_apply_cmd_symbol(struct symbol *s, void (* cmd)(struct proto *, uint, int), uint arg) +proto_apply_cmd_symbol(struct symbol *s, void (* cmd)(struct proto *, uintptr_t, int), uintptr_t arg) { if (s->class != SYM_PROTO) { @@ -1778,7 +1817,7 @@ proto_apply_cmd_symbol(struct symbol *s, void (* cmd)(struct proto *, uint, int) } static void -proto_apply_cmd_patt(char *patt, void (* cmd)(struct proto *, uint, int), uint arg) +proto_apply_cmd_patt(char *patt, void (* cmd)(struct proto *, uintptr_t, int), uintptr_t arg) { struct proto *p; int cnt = 0; @@ -1794,8 +1833,8 @@ proto_apply_cmd_patt(char *patt, void (* cmd)(struct proto *, uint, int), uint a } void -proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uint, int), - int restricted, uint arg) +proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uintptr_t, int), + int restricted, uintptr_t arg) { if (restricted && cli_access_restricted()) return; diff --git a/nest/protocol.h b/nest/protocol.h index d7e84a44..c8f37367 100644 --- a/nest/protocol.h +++ b/nest/protocol.h @@ -162,6 +162,7 @@ struct proto { u32 hash_key; /* Random key used for hashing of neighbors */ btime last_state_change; /* Time of last state transition */ char *last_state_name_announced; /* Last state name we've announced to the user */ + char *message; /* State-change message, allocated from proto_pool */ /* * General protocol hooks: @@ -238,6 +239,7 @@ struct proto_spec { void *proto_new(struct proto_config *); void *proto_config_new(struct protocol *, int class); void proto_copy_config(struct proto_config *dest, struct proto_config *src); +void proto_set_message(struct proto *p, char *msg, int len); void graceful_restart_recovery(void); void graceful_restart_init(void); @@ -250,15 +252,15 @@ void channel_graceful_restart_unlock(struct channel *c); void channel_show_limit(struct channel_limit *l, const char *dsc); void channel_show_info(struct channel *c); -void proto_cmd_show(struct proto *, uint, int); -void proto_cmd_disable(struct proto *, uint, int); -void proto_cmd_enable(struct proto *, uint, int); -void proto_cmd_restart(struct proto *, uint, int); -void proto_cmd_reload(struct proto *, uint, int); -void proto_cmd_debug(struct proto *, uint, int); -void proto_cmd_mrtdump(struct proto *, uint, int); +void proto_cmd_show(struct proto *, uintptr_t, int); +void proto_cmd_disable(struct proto *, uintptr_t, int); +void proto_cmd_enable(struct proto *, uintptr_t, int); +void proto_cmd_restart(struct proto *, uintptr_t, int); +void proto_cmd_reload(struct proto *, uintptr_t, int); +void proto_cmd_debug(struct proto *, uintptr_t, int); +void proto_cmd_mrtdump(struct proto *, uintptr_t, int); -void proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uint, int), int restricted, uint arg); +void proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uintptr_t, int), int restricted, uintptr_t arg); struct proto *proto_get_named(struct symbol *, struct protocol *); #define CMD_RELOAD 0 diff --git a/nest/route.h b/nest/route.h index c9e2b3bf..bb0cb4a4 100644 --- a/nest/route.h +++ b/nest/route.h @@ -470,7 +470,8 @@ typedef struct eattr { #define EAP_OSPF 3 /* OSPF */ #define EAP_KRT 4 /* Kernel route attributes */ #define EAP_BABEL 5 /* Babel attributes */ -#define EAP_MAX 6 +#define EAP_RADV 6 /* Router advertisment attributes */ +#define EAP_MAX 7 #define EA_CODE(proto,id) (((proto) << 8) | (id)) #define EA_PROTO(ea) ((ea) >> 8) diff --git a/proto/babel/packets.c b/proto/babel/packets.c index 5b356fae..dd86222a 100644 --- a/proto/babel/packets.c +++ b/proto/babel/packets.c @@ -42,7 +42,7 @@ struct babel_tlv_ack { struct babel_tlv_hello { u8 type; u8 length; - u16 reserved; + u16 flags; u16 seqno; u16 interval; } PACKED; @@ -106,8 +106,12 @@ struct babel_tlv_seqno_request { } PACKED; -#define BABEL_FLAG_DEF_PREFIX 0x80 -#define BABEL_FLAG_ROUTER_ID 0x40 +/* Hello flags */ +#define BABEL_HF_UNICAST 0x8000 + +/* Update flags */ +#define BABEL_UF_DEF_PREFIX 0x80 +#define BABEL_UF_ROUTER_ID 0x40 struct babel_parse_state { @@ -343,6 +347,11 @@ babel_read_hello(struct babel_tlv *hdr, union babel_msg *m, struct babel_tlv_hello *tlv = (void *) hdr; struct babel_msg_hello *msg = &m->hello; + /* We currently don't support unicast Hello */ + u16 flags = get_u16(&tlv->flags); + if (flags & BABEL_HF_UNICAST) + return PARSE_IGNORE; + msg->type = BABEL_TLV_HELLO; msg->seqno = get_u16(&tlv->seqno); msg->interval = get_time16(&tlv->interval); @@ -606,7 +615,7 @@ babel_read_update(struct babel_tlv *hdr, union babel_msg *m, ip4_addr prefix4 = get_ip4(buf); net_fill_ip4(&msg->net, prefix4, tlv->plen); - if (tlv->flags & BABEL_FLAG_DEF_PREFIX) + if (tlv->flags & BABEL_UF_DEF_PREFIX) { put_ip4(state->def_ip4_prefix, prefix4); state->def_ip4_prefix_seen = 1; @@ -631,13 +640,13 @@ babel_read_update(struct babel_tlv *hdr, union babel_msg *m, ip6_addr prefix6 = get_ip6(buf); net_fill_ip6(&msg->net, prefix6, tlv->plen); - if (tlv->flags & BABEL_FLAG_DEF_PREFIX) + if (tlv->flags & BABEL_UF_DEF_PREFIX) { put_ip6(state->def_ip6_prefix, prefix6); state->def_ip6_prefix_seen = 1; } - if (tlv->flags & BABEL_FLAG_ROUTER_ID) + if (tlv->flags & BABEL_UF_ROUTER_ID) { state->router_id = ((u64) _I2(prefix6)) << 32 | _I3(prefix6); state->router_id_seen = 1; @@ -750,7 +759,7 @@ babel_write_update(struct babel_tlv *hdr, union babel_msg *m, else { put_ip6_px(tlv->addr, &msg->net); - tlv->flags |= BABEL_FLAG_DEF_PREFIX; + tlv->flags |= BABEL_UF_DEF_PREFIX; put_ip6(state->def_ip6_prefix, net6_prefix(&msg->net)); state->def_ip6_pxlen = tlv->plen; diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index b0814791..30fe75ba 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -403,7 +403,7 @@ bgp_update_startup_delay(struct bgp_proto *p) } static void -bgp_graceful_close_conn(struct bgp_conn *conn, uint subcode) +bgp_graceful_close_conn(struct bgp_conn *conn, uint subcode, byte *data, uint len) { switch (conn->state) { @@ -419,7 +419,7 @@ bgp_graceful_close_conn(struct bgp_conn *conn, uint subcode) case BS_OPENSENT: case BS_OPENCONFIRM: case BS_ESTABLISHED: - bgp_error(conn, 6, subcode, NULL, 0); + bgp_error(conn, 6, subcode, data, len); return; default: @@ -459,11 +459,11 @@ bgp_decision(void *vp) } void -bgp_stop(struct bgp_proto *p, uint subcode) +bgp_stop(struct bgp_proto *p, uint subcode, byte *data, uint len) { proto_notify_state(&p->p, PS_STOP); - bgp_graceful_close_conn(&p->outgoing_conn, subcode); - bgp_graceful_close_conn(&p->incoming_conn, subcode); + bgp_graceful_close_conn(&p->outgoing_conn, subcode, data, len); + bgp_graceful_close_conn(&p->incoming_conn, subcode, data, len); ev_schedule(p->event); } @@ -606,7 +606,7 @@ bgp_conn_leave_established_state(struct bgp_proto *p) // bgp_free_bucket_table(p); if (p->p.proto_state == PS_UP) - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } void @@ -725,7 +725,7 @@ bgp_graceful_restart_timeout(timer *t) struct bgp_proto *p = t->data; BGP_TRACE(D_EVENTS, "Neighbor graceful restart timeout"); - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } @@ -1125,7 +1125,7 @@ bgp_neigh_notify(neighbor *n) BGP_TRACE(D_EVENTS, "Neighbor lost"); bgp_store_error(p, NULL, BE_MISC, BEM_NEIGHBOR_LOST); /* Perhaps also run bgp_update_startup_delay(p)? */ - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } } else if (p->cf->check_link && !(n->iface->flags & IF_LINK_UP)) @@ -1136,7 +1136,7 @@ bgp_neigh_notify(neighbor *n) bgp_store_error(p, NULL, BE_MISC, BEM_LINK_DOWN); if (ps == PS_UP) bgp_update_startup_delay(p); - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } } else @@ -1161,7 +1161,7 @@ bgp_bfd_notify(struct bfd_request *req) bgp_store_error(p, NULL, BE_MISC, BEM_BFD_DOWN); if (ps == PS_UP) bgp_update_startup_delay(p); - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } } @@ -1349,6 +1349,10 @@ bgp_shutdown(struct proto *P) struct bgp_proto *p = (struct bgp_proto *) P; uint subcode = 0; + char *message = NULL; + byte *data = NULL; + uint len = 0; + BGP_TRACE(D_EVENTS, "Shutdown requested"); switch (P->down_code) @@ -1365,10 +1369,12 @@ bgp_shutdown(struct proto *P) case PDC_CMD_DISABLE: case PDC_CMD_SHUTDOWN: subcode = 2; // Errcode 6, 2 - administrative shutdown + message = P->message; break; case PDC_CMD_RESTART: subcode = 4; // Errcode 6, 4 - administrative reset + message = P->message; break; case PDC_RX_LIMIT_HIT: @@ -1393,8 +1399,22 @@ bgp_shutdown(struct proto *P) bgp_store_error(p, NULL, BE_MAN_DOWN, 0); p->startup_delay = 0; + /* RFC 8203 - shutdown communication */ + if (message) + { + uint msg_len = strlen(message); + msg_len = MIN(msg_len, 128); + + /* Buffer will be freed automatically by protocol shutdown */ + data = mb_alloc(p->p.pool, msg_len + 1); + len = msg_len + 1; + + data[0] = msg_len; + memcpy(data+1, message, msg_len); + } + done: - bgp_stop(p, subcode); + bgp_stop(p, subcode, data, len); return p->p.proto_state; } @@ -1785,7 +1805,7 @@ bgp_error(struct bgp_conn *c, uint code, uint subcode, byte *data, int len) if (code != 6) { bgp_update_startup_delay(p); - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } } diff --git a/proto/bgp/bgp.h b/proto/bgp/bgp.h index 3d940c22..40c4b3f0 100644 --- a/proto/bgp/bgp.h +++ b/proto/bgp/bgp.h @@ -437,7 +437,7 @@ void bgp_graceful_restart_done(struct bgp_channel *c); void bgp_refresh_begin(struct bgp_channel *c); void bgp_refresh_end(struct bgp_channel *c); void bgp_store_error(struct bgp_proto *p, struct bgp_conn *c, u8 class, u32 code); -void bgp_stop(struct bgp_proto *p, unsigned subcode); +void bgp_stop(struct bgp_proto *p, uint subcode, byte *data, uint len); struct rte_source *bgp_find_source(struct bgp_proto *p, u32 path_id); struct rte_source *bgp_get_source(struct bgp_proto *p, u32 path_id); diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c index 0e974746..038e89f9 100644 --- a/proto/bgp/packets.c +++ b/proto/bgp/packets.c @@ -2678,38 +2678,72 @@ bgp_error_dsc(uint code, uint subcode) return buff; } +/* RFC 8203 - shutdown communication message */ +static int +bgp_handle_message(struct bgp_proto *p, byte *data, uint len, byte **bp) +{ + byte *msg = data + 1; + uint msg_len = data[0]; + uint i; + + /* Handle zero length message */ + if (msg_len == 0) + return 1; + + /* Handle proper message */ + if ((msg_len > 128) && (msg_len + 1 > len)) + return 0; + + /* Some elementary cleanup */ + for (i = 0; i < msg_len; i++) + if (msg[i] < ' ') + msg[i] = ' '; + + proto_set_message(&p->p, msg, msg_len); + *bp += bsprintf(*bp, ": \"%s\"", p->p.message); + return 1; +} + void bgp_log_error(struct bgp_proto *p, u8 class, char *msg, uint code, uint subcode, byte *data, uint len) { - const byte *name; - byte *t, argbuf[36]; + byte argbuf[256], *t = argbuf; uint i; /* Don't report Cease messages generated by myself */ if (code == 6 && class == BE_BGP_TX) return; - name = bgp_error_dsc(code, subcode); - t = argbuf; + /* Reset shutdown message */ + if ((code == 6) && ((subcode == 2) || (subcode == 4))) + proto_set_message(&p->p, NULL, 0); + if (len) { - *t++ = ':'; - *t++ = ' '; - + /* Bad peer AS - we would like to print the AS */ if ((code == 2) && (subcode == 2) && ((len == 2) || (len == 4))) { - /* Bad peer AS - we would like to print the AS */ - t += bsprintf(t, "%u", (len == 2) ? get_u16(data) : get_u32(data)); + t += bsprintf(t, ": %u", (len == 2) ? get_u16(data) : get_u32(data)); goto done; } + + /* RFC 8203 - shutdown communication */ + if (((code == 6) && ((subcode == 2) || (subcode == 4)))) + if (bgp_handle_message(p, data, len, &t)) + goto done; + + *t++ = ':'; + *t++ = ' '; if (len > 16) len = 16; for (i=0; i<len; i++) t += bsprintf(t, "%02x", data[i]); } - done: + +done: *t = 0; - log(L_REMOTE "%s: %s: %s%s", p->p.name, msg, name, argbuf); + const byte *dsc = bgp_error_dsc(code, subcode); + log(L_REMOTE "%s: %s: %s%s", p->p.name, msg, dsc, argbuf); } static void @@ -2733,7 +2767,7 @@ bgp_rx_notification(struct bgp_conn *conn, byte *pkt, uint len) if (err) { bgp_update_startup_delay(p); - bgp_stop(p, 0); + bgp_stop(p, 0, NULL, 0); } } diff --git a/proto/radv/config.Y b/proto/radv/config.Y index 0e43c237..37815f0d 100644 --- a/proto/radv/config.Y +++ b/proto/radv/config.Y @@ -30,7 +30,10 @@ CF_KEYWORDS(RADV, PREFIX, INTERFACE, MIN, MAX, RA, DELAY, INTERVAL, MANAGED, OTHER, CONFIG, LINGER, LINK, MTU, REACHABLE, TIME, RETRANS, TIMER, CURRENT, HOP, LIMIT, DEFAULT, VALID, PREFERRED, MULT, LIFETIME, SKIP, ONLINK, AUTONOMOUS, RDNSS, DNSSL, NS, DOMAIN, - LOCAL, TRIGGER, SENSITIVE, PREFERENCE, LOW, MEDIUM, HIGH) + LOCAL, TRIGGER, SENSITIVE, PREFERENCE, LOW, MEDIUM, HIGH, PROPAGATE, + ROUTE, ROUTES, RA_PREFERENCE, RA_LIFETIME) + +CF_ENUM(T_ENUM_RA_PREFERENCE, RA_PREF_, LOW, MEDIUM, HIGH) %type<i> radv_mult radv_sensitive radv_preference @@ -56,6 +59,7 @@ radv_proto_item: | RDNSS { init_list(&radv_dns_list); } radv_rdnss { add_tail_list(&RADV_CFG->rdnss_list, &radv_dns_list); } | DNSSL { init_list(&radv_dns_list); } radv_dnssl { add_tail_list(&RADV_CFG->dnssl_list, &radv_dns_list); } | TRIGGER net_ip6 { RADV_CFG->trigger = $2; } + | PROPAGATE ROUTES bool { RADV_CFG->propagate_routes = $3; } ; radv_proto_opts: @@ -76,14 +80,18 @@ radv_iface_start: init_list(&RADV_IFACE->rdnss_list); init_list(&RADV_IFACE->dnssl_list); - RADV_IFACE->min_ra_int = -1; /* undefined */ + RADV_IFACE->min_ra_int = (u32) -1; /* undefined */ RADV_IFACE->max_ra_int = DEFAULT_MAX_RA_INT; RADV_IFACE->min_delay = DEFAULT_MIN_DELAY; + RADV_IFACE->prefix_linger_time = (u32) -1; + RADV_IFACE->route_linger_time = (u32) -1; RADV_IFACE->current_hop_limit = DEFAULT_CURRENT_HOP_LIMIT; - RADV_IFACE->linger_time = DEFAULT_LINGER_TIME; - RADV_IFACE->default_lifetime = -1; + RADV_IFACE->default_lifetime = (u32) -1; RADV_IFACE->default_lifetime_sensitive = 1; RADV_IFACE->default_preference = RA_PREF_MEDIUM; + RADV_IFACE->route_lifetime = (u32) -1; + RADV_IFACE->route_lifetime_sensitive = 0; + RADV_IFACE->route_preference = RA_PREF_MEDIUM; }; radv_iface_item: @@ -95,14 +103,20 @@ radv_iface_item: | LINK MTU expr { RADV_IFACE->link_mtu = $3; } | REACHABLE TIME expr { RADV_IFACE->reachable_time = $3; if ($3 > 3600000) cf_error("Reachable time must be in range 0-3600000"); } | RETRANS TIMER expr { RADV_IFACE->retrans_timer = $3; } - | LINGER TIME expr { RADV_IFACE->linger_time = $3; if ($3 > 3600) cf_error("Linger time must be in range 0-3600"); } | CURRENT HOP LIMIT expr { RADV_IFACE->current_hop_limit = $4; if ($4 > 255) cf_error("Current hop limit must be in range 0-255"); } | DEFAULT LIFETIME expr radv_sensitive { RADV_IFACE->default_lifetime = $3; if ($3 > 9000) cf_error("Default lifetime must be in range 0-9000"); if ($4 != (uint) -1) RADV_IFACE->default_lifetime_sensitive = $4; } + | ROUTE LIFETIME expr radv_sensitive { + RADV_IFACE->route_lifetime = $3; + if ($4 != (uint) -1) RADV_IFACE->route_lifetime_sensitive = $4; + } | DEFAULT PREFERENCE radv_preference { RADV_IFACE->default_preference = $3; } + | ROUTE PREFERENCE radv_preference { RADV_IFACE->route_preference = $3; } + | PREFIX LINGER TIME expr { RADV_IFACE->prefix_linger_time = $4; } + | ROUTE LINGER TIME expr { RADV_IFACE->route_linger_time = $4; } | PREFIX radv_prefix { add_tail(&RADV_IFACE->pref_list, NODE this_radv_prefix); } | RDNSS { init_list(&radv_dns_list); } radv_rdnss { add_tail_list(&RADV_IFACE->rdnss_list, &radv_dns_list); } | DNSSL { init_list(&radv_dns_list); } radv_dnssl { add_tail_list(&RADV_IFACE->dnssl_list, &radv_dns_list); } @@ -125,12 +139,32 @@ radv_iface_finish: if (ic->default_lifetime == (u32) -1) ic->default_lifetime = 3 * ic->max_ra_int; + if (ic->route_lifetime == (u32) -1) + ic->route_lifetime = 3 * ic->max_ra_int; + + if (ic->prefix_linger_time == (u32) -1) + ic->prefix_linger_time = 3 * ic->max_ra_int; + + if (ic->route_linger_time == (u32) -1) + ic->route_linger_time = 3 * ic->max_ra_int; + if ((ic->min_ra_int > 3) && (ic->min_ra_int > (ic->max_ra_int * 3 / 4))) cf_error("Min RA interval must be at most 3/4 * Max RA interval"); if ((ic->default_lifetime > 0) && (ic->default_lifetime < ic->max_ra_int)) cf_error("Default lifetime must be either 0 or at least Max RA interval"); + + if ((ic->route_lifetime > 0) && (ic->route_lifetime < ic->max_ra_int)) + cf_error("Route lifetime must be either 0 or at least Max RA interval"); + + if ((ic->prefix_linger_time > 0) && (ic->prefix_linger_time < ic->max_ra_int)) + cf_error("Prefix linger time must be either 0 or at least Max RA interval"); + + if ((ic->route_linger_time > 0) && (ic->route_linger_time < ic->max_ra_int)) + cf_error("Route linger time must be either 0 or at least Max RA interval"); + + RADV_CFG->max_linger_time = MAX_(RADV_CFG->max_linger_time, ic->route_linger_time); }; @@ -294,10 +328,13 @@ radv_mult: ; radv_sensitive: - /* empty */ { $$ = -1; } + /* empty */ { $$ = (uint) -1; } | SENSITIVE bool { $$ = $2; } ; +CF_ADDTO(dynamic_attr, RA_PREFERENCE { $$ = f_new_dynamic_attr(EAF_TYPE_INT, T_ENUM_RA_PREFERENCE, EA_RA_PREFERENCE); }) +CF_ADDTO(dynamic_attr, RA_LIFETIME { $$ = f_new_dynamic_attr(EAF_TYPE_INT, T_INT, EA_RA_LIFETIME); }) + CF_CODE CF_END diff --git a/proto/radv/packets.c b/proto/radv/packets.c index 7c148b7d..b12d3a12 100644 --- a/proto/radv/packets.c +++ b/proto/radv/packets.c @@ -26,6 +26,7 @@ struct radv_ra_packet #define OPT_PREFIX 3 #define OPT_MTU 5 +#define OPT_ROUTE 24 #define OPT_RDNSS 25 #define OPT_DNSSL 31 @@ -52,6 +53,15 @@ struct radv_opt_mtu u32 mtu; }; +struct radv_opt_route { + u8 type; + u8 length; + u8 pxlen; + u8 flags; + u32 lifetime; + u8 prefix[]; +}; + struct radv_opt_rdnss { u8 type; @@ -71,6 +81,44 @@ struct radv_opt_dnssl }; static int +radv_prepare_route(struct radv_iface *ifa, struct radv_route *rt, + char **buf, char *bufend) +{ + struct radv_proto *p = ifa->ra; + u8 px_blocks = (net6_pxlen(rt->n.addr) + 63) / 64; + u8 opt_len = 8 * (1 + px_blocks); + + if (*buf + opt_len > bufend) + { + log(L_WARN, "%s: Too many RA options on interface %s", + p->p.name, ifa->iface->name); + return -1; + } + + uint preference = rt->preference_set ? rt->preference : ifa->cf->route_preference; + uint lifetime = rt->lifetime_set ? rt->lifetime : ifa->cf->route_lifetime; + uint valid = rt->valid && p->valid && (p->active || !ifa->cf->route_lifetime_sensitive); + + struct radv_opt_route *opt = (void *) *buf; + *buf += opt_len; + opt->type = OPT_ROUTE; + opt->length = 1 + px_blocks; + opt->pxlen = net6_pxlen(rt->n.addr); + opt->flags = preference; + opt->lifetime = valid ? htonl(lifetime) : 0; + + /* Copy the relevant part of the prefix */ + ip6_addr px_addr = ip6_hton(net6_prefix(rt->n.addr)); + memcpy(opt->prefix, &px_addr, 8 * px_blocks); + + /* Keeping track of first linger timeout */ + if (!rt->valid) + ifa->valid_time = MIN(ifa->valid_time, rt->changed + ifa->cf->route_linger_time S); + + return 0; +} + +static int radv_prepare_rdnss(struct radv_iface *ifa, list *rdnss_list, char **buf, char *bufend) { struct radv_rdnss_config *rcf = HEAD(*rdnss_list); @@ -231,6 +279,10 @@ radv_prepare_prefix(struct radv_iface *ifa, struct radv_prefix *px, op->prefix = ip6_hton(px->prefix.prefix); *buf += sizeof(*op); + /* Keeping track of first linger timeout */ + if (!px->valid) + ifa->valid_time = MIN(ifa->valid_time, px->changed + ifa->cf->prefix_linger_time S); + return 0; } @@ -240,6 +292,7 @@ radv_prepare_ra(struct radv_iface *ifa) struct radv_proto *p = ifa->ra; struct radv_config *cf = (struct radv_config *) (p->p.cf); struct radv_iface_config *ic = ifa->cf; + btime now = current_time(); char *buf = ifa->sk->tbuf; char *bufstart = buf; @@ -250,7 +303,7 @@ radv_prepare_ra(struct radv_iface *ifa) pkt->code = 0; pkt->checksum = 0; pkt->current_hop_limit = ic->current_hop_limit; - pkt->router_lifetime = (p->active || !ic->default_lifetime_sensitive) ? + pkt->router_lifetime = (p->valid && (p->active || !ic->default_lifetime_sensitive)) ? htons(ic->default_lifetime) : 0; pkt->flags = (ic->managed ? OPT_RA_MANAGED : 0) | (ic->other_config ? OPT_RA_OTHER_CFG : 0) | @@ -269,10 +322,17 @@ radv_prepare_ra(struct radv_iface *ifa) buf += sizeof (*om); } - struct radv_prefix *prefix; - WALK_LIST(prefix, ifa->prefixes) + /* Keeping track of first linger timeout */ + ifa->valid_time = TIME_INFINITY; + + struct radv_prefix *px; + WALK_LIST(px, ifa->prefixes) { - if (radv_prepare_prefix(ifa, prefix, &buf, bufend) < 0) + /* Skip invalid prefixes that are past linger timeout but still not pruned */ + if (!px->valid && ((px->changed + ic->prefix_linger_time S) <= now)) + continue; + + if (radv_prepare_prefix(ifa, px, &buf, bufend) < 0) goto done; } @@ -290,13 +350,27 @@ radv_prepare_ra(struct radv_iface *ifa) if (radv_prepare_dnssl(ifa, &ic->dnssl_list, &buf, bufend) < 0) goto done; + if (p->fib_up) + { + FIB_WALK(&p->routes, struct radv_route, rt) + { + /* Skip invalid routes that are past linger timeout but still not pruned */ + if (!rt->valid && ((rt->changed + ic->route_linger_time S) <= now)) + continue; + + if (radv_prepare_route(ifa, rt, &buf, bufend) < 0) + goto done; + } + FIB_WALK_END; + } + done: ifa->plen = buf - bufstart; } void -radv_send_ra(struct radv_iface *ifa, int shutdown) +radv_send_ra(struct radv_iface *ifa) { struct radv_proto *p = ifa->ra; @@ -304,19 +378,6 @@ radv_send_ra(struct radv_iface *ifa, int shutdown) if (!ifa->plen) radv_prepare_ra(ifa); - if (shutdown) - { - /* - * Modify router lifetime to 0, it is not restored because we suppose that - * the iface will be removed. The preference value also has to be zeroed. - * (RFC 4191 2.2: If router lifetime is 0, the preference value must be 0.) - */ - - struct radv_ra_packet *pkt = (void *) ifa->sk->tbuf; - pkt->router_lifetime = 0; - pkt->flags &= ~RA_PREF_MASK; - } - RADV_TRACE(D_PACKETS, "Sending RA via %s", ifa->iface->name); sk_send_to(ifa->sk, ifa->plen, IP6_ALL_NODES, 0); } diff --git a/proto/radv/radv.c b/proto/radv/radv.c index e9140115..0a2a3e78 100644 --- a/proto/radv/radv.c +++ b/proto/radv/radv.c @@ -12,59 +12,63 @@ /** * DOC: Router Advertisements * - * The RAdv protocol is implemented in two files: |radv.c| containing - * the interface with BIRD core and the protocol logic and |packets.c| - * handling low level protocol stuff (RX, TX and packet formats). - * The protocol does not export any routes. + * The RAdv protocol is implemented in two files: |radv.c| containing the + * interface with BIRD core and the protocol logic and |packets.c| handling low + * level protocol stuff (RX, TX and packet formats). The protocol does not + * export any routes. * - * The RAdv is structured in the usual way - for each handled interface - * there is a structure &radv_iface that contains a state related to - * that interface together with its resources (a socket, a timer). - * There is also a prepared RA stored in a TX buffer of the socket - * associated with an iface. These iface structures are created - * and removed according to iface events from BIRD core handled by - * radv_if_notify() callback. + * The RAdv is structured in the usual way - for each handled interface there is + * a structure &radv_iface that contains a state related to that interface + * together with its resources (a socket, a timer). There is also a prepared RA + * stored in a TX buffer of the socket associated with an iface. These iface + * structures are created and removed according to iface events from BIRD core + * handled by radv_if_notify() callback. * - * The main logic of RAdv consists of two functions: - * radv_iface_notify(), which processes asynchronous events (specified - * by RA_EV_* codes), and radv_timer(), which triggers sending RAs and - * computes the next timeout. + * The main logic of RAdv consists of two functions: radv_iface_notify(), which + * processes asynchronous events (specified by RA_EV_* codes), and radv_timer(), + * which triggers sending RAs and computes the next timeout. * - * The RAdv protocol could receive routes (through - * radv_import_control() and radv_rt_notify()), but only the - * configured trigger route is tracked (in &active var). When a radv - * protocol is reconfigured, the connected routing table is examined - * (in radv_check_active()) to have proper &active value in case of - * the specified trigger prefix was changed. + * The RAdv protocol could receive routes (through radv_import_control() and + * radv_rt_notify()), but only the configured trigger route is tracked (in + * &active var). When a radv protocol is reconfigured, the connected routing + * table is examined (in radv_check_active()) to have proper &active value in + * case of the specified trigger prefix was changed. * * Supported standards: * - RFC 4861 - main RA standard + * - RFC 4191 - Default Router Preferences and More-Specific Routes * - RFC 6106 - DNS extensions (RDDNS, DNSSL) - * - RFC 4191 (partial) - Default Router Preference */ +static void radv_prune_prefixes(struct radv_iface *ifa); +static void radv_prune_routes(struct radv_proto *p); + +/* Invalidate cached RA packet */ +static inline void radv_invalidate(struct radv_iface *ifa) +{ ifa->plen = 0; } + static void radv_timer(timer *tm) { struct radv_iface *ifa = tm->data; struct radv_proto *p = ifa->ra; + btime now = current_time(); RADV_TRACE(D_EVENTS, "Timer fired on %s", ifa->iface->name); - /* - * If some dead prefixes expired, regenerate the prefix list and the packet. - * We do so by pretending there was a change on the interface. - * - * This sets the timer, but we replace it just at the end of this function - * (replacing a timer is fine). - */ - if (ifa->prefix_expires && (ifa->prefix_expires <= current_time())) - radv_iface_notify(ifa, RA_EV_GC); + if (ifa->valid_time <= now) + radv_invalidate(ifa); + + if (ifa->prune_time <= now) + radv_prune_prefixes(ifa); - radv_send_ra(ifa, 0); + if (p->prune_time <= now) + radv_prune_routes(p); + + radv_send_ra(ifa); /* Update timer */ - ifa->last = current_time(); + ifa->last = now; btime t = ifa->cf->min_ra_int S; btime r = (ifa->cf->max_ra_int - ifa->cf->min_ra_int) S; t += random() % (r + 1); @@ -115,8 +119,8 @@ static void radv_prepare_prefixes(struct radv_iface *ifa) { struct radv_proto *p = ifa->ra; - struct radv_iface_config *cf = ifa->cf; - struct radv_prefix *pfx; + struct radv_prefix *pfx, *next; + btime now = current_time(); /* First mark all the prefixes as unused */ WALK_LIST(pfx, ifa->prefixes) @@ -159,55 +163,58 @@ radv_prepare_prefixes(struct radv_iface *ifa) * Update the information (it may have changed, or even bring a prefix back * to life). */ - existing->alive = 1; + existing->valid = 1; + existing->changed = now; existing->mark = 1; existing->cf = pc; } - /* - * Garbage-collect the prefixes. If something isn't used, it dies (but isn't - * dropped just yet). If something is dead and rots there for long enough, - * clean it up. - */ - btime now_ = current_time(); - btime expires = now_ + cf->linger_time S; - btime expires_min = 0; - struct radv_prefix *next; WALK_LIST_DELSAFE(pfx, next, ifa->prefixes) { - if (pfx->alive && !pfx->mark) + if (pfx->valid && !pfx->mark) { - RADV_TRACE(D_EVENTS, "Marking prefix %N on %s as dead", + RADV_TRACE(D_EVENTS, "Invalidating prefix %N on %s", pfx->prefix, ifa->iface->name); - pfx->alive = 0; - pfx->expires = expires; + pfx->valid = 0; + pfx->changed = now; pfx->cf = &dead_prefix; } + } +} + +static void +radv_prune_prefixes(struct radv_iface *ifa) +{ + struct radv_proto *p = ifa->ra; + btime now = current_time(); + btime next = TIME_INFINITY; + btime expires = 0; - if (!pfx->alive) + struct radv_prefix *px, *pxn; + WALK_LIST_DELSAFE(px, pxn, ifa->prefixes) + { + if (!px->valid) { - if (pfx->expires <= now_) + expires = px->changed + ifa->cf->prefix_linger_time S; + + if (expires <= now) { RADV_TRACE(D_EVENTS, "Removing prefix %N on %s", - pfx->prefix, ifa->iface->name); + px->prefix, ifa->iface->name); - rem_node(NODE pfx); - mb_free(pfx); + rem_node(NODE px); + mb_free(px); } else - { - /* Find minimum expiration time */ - if (!expires_min || (pfx->expires < expires_min)) - expires_min = pfx->expires; - } + next = MIN(next, expires); } } - ifa->prefix_expires = expires_min; + ifa->prune_time = next; } -static char* ev_name[] = { NULL, "Init", "Change", "RS", "Garbage collect" }; +static char* ev_name[] = { NULL, "Init", "Change", "RS" }; void radv_iface_notify(struct radv_iface *ifa, int event) @@ -222,18 +229,17 @@ radv_iface_notify(struct radv_iface *ifa, int event) switch (event) { case RA_EV_CHANGE: - case RA_EV_GC: - ifa->plen = 0; + radv_invalidate(ifa); case RA_EV_INIT: ifa->initial = MAX_INITIAL_RTR_ADVERTISEMENTS; + radv_prepare_prefixes(ifa); + radv_prune_prefixes(ifa); break; case RA_EV_RS: break; } - radv_prepare_prefixes(ifa); - /* Update timer */ btime t = ifa->last + ifa->cf->min_delay S - current_time(); tm_start(ifa->timer, t); @@ -248,7 +254,6 @@ radv_iface_notify_all(struct radv_proto *p, int event) radv_iface_notify(ifa, event); } - static struct radv_iface * radv_iface_find(struct radv_proto *p, struct iface *what) { @@ -291,6 +296,7 @@ radv_iface_new(struct radv_proto *p, struct iface *iface, struct radv_iface_conf ifa->iface = iface; ifa->addr = iface->llv6; init_list(&ifa->prefixes); + ifa->prune_time = TIME_INFINITY; add_tail(&p->iface_list, NODE ifa); @@ -397,14 +403,19 @@ radv_import_control(struct proto *P, rte **new, ea_list **attrs UNUSED, struct l if (radv_net_match_trigger(cf, (*new)->net)) return RIC_PROCESS; - return RIC_DROP; + if (cf->propagate_routes) + return RIC_PROCESS; + else + return RIC_DROP; } static void -radv_rt_notify(struct proto *P, struct channel *ch UNUSED, net *n, rte *new, rte *old UNUSED, ea_list *attrs UNUSED) +radv_rt_notify(struct proto *P, struct channel *ch UNUSED, net *n, rte *new, rte *old UNUSED, ea_list *attrs) { struct radv_proto *p = (struct radv_proto *) P; struct radv_config *cf = (struct radv_config *) (P->cf); + struct radv_route *rt; + eattr *ea; if (radv_net_match_trigger(cf, n)) { @@ -420,7 +431,123 @@ radv_rt_notify(struct proto *P, struct channel *ch UNUSED, net *n, rte *new, rte RADV_TRACE(D_EVENTS, "Suppressed"); radv_iface_notify_all(p, RA_EV_CHANGE); + return; + } + + if (!cf->propagate_routes) + return; + + /* + * Some other route we want to send (or stop sending). Update the cache, + * with marking a removed one as dead or creating a new one as needed. + * + * And yes, we exclude the trigger route on purpose. + */ + + if (new) + { + /* Update */ + + ea = ea_find(attrs, EA_RA_PREFERENCE); + uint preference = ea ? ea->u.data : RA_PREF_MEDIUM; + uint preference_set = !!ea; + + ea = ea_find(attrs, EA_RA_LIFETIME); + uint lifetime = ea ? ea->u.data : 0; + uint lifetime_set = !!ea; + + if ((preference != RA_PREF_LOW) && + (preference != RA_PREF_MEDIUM) && + (preference != RA_PREF_HIGH)) + { + log(L_WARN "%s: Invalid ra_preference value %u on route %N", + p->p.name, preference, n->n.addr); + preference = RA_PREF_MEDIUM; + preference_set = 1; + lifetime = 0; + lifetime_set = 1; + } + + rt = fib_get(&p->routes, n->n.addr); + + /* Ignore update if nothing changed */ + if (rt->valid && + (rt->preference == preference) && + (rt->preference_set == preference_set) && + (rt->lifetime == lifetime) && + (rt->lifetime_set == lifetime_set)) + return; + + if (p->routes.entries == 18) + log(L_WARN "%s: More than 17 routes exported to RAdv", p->p.name); + + rt->valid = 1; + rt->changed = current_time(); + rt->preference = preference; + rt->preference_set = preference_set; + rt->lifetime = lifetime; + rt->lifetime_set = lifetime_set; + } + else + { + /* Withdraw */ + rt = fib_find(&p->routes, n->n.addr); + + if (!rt || !rt->valid) + return; + + /* Invalidate the route */ + rt->valid = 0; + rt->changed = current_time(); + + /* Invalidated route will be pruned eventually */ + btime expires = rt->changed + cf->max_linger_time S; + p->prune_time = MIN(p->prune_time, expires); } + + radv_iface_notify_all(p, RA_EV_CHANGE); +} + +/* + * Cleans up all the dead routes that expired and schedules itself to be run + * again if there are more routes waiting for expiration. + */ +static void +radv_prune_routes(struct radv_proto *p) +{ + struct radv_config *cf = (struct radv_config *) (p->p.cf); + btime now = current_time(); + btime next = TIME_INFINITY; + btime expires = 0; + + /* Should not happen */ + if (!p->fib_up) + return; + + struct fib_iterator fit; + FIB_ITERATE_INIT(&fit, &p->routes); + +again: + FIB_ITERATE_START(&p->routes, &fit, struct radv_route, rt) + { + if (!rt->valid) + { + expires = rt->changed + cf->max_linger_time S; + + /* Delete expired nodes */ + if (expires <= now) + { + FIB_ITERATE_PUT(&fit); + fib_delete(&p->routes, rt); + goto again; + } + else + next = MIN(next, expires); + } + } + FIB_ITERATE_END; + + p->prune_time = next; } static int @@ -460,6 +587,22 @@ radv_init(struct proto_config *CF) return P; } +static void +radv_set_fib(struct radv_proto *p, int up) +{ + if (up == p->fib_up) + return; + + if (up) + fib_init(&p->routes, p->p.pool, NET_IP6, sizeof(struct radv_route), + OFFSETOF(struct radv_route, n), 4, NULL); + else + fib_free(&p->routes); + + p->fib_up = up; + p->prune_time = TIME_INFINITY; +} + static int radv_start(struct proto *P) { @@ -467,8 +610,13 @@ radv_start(struct proto *P) struct radv_config *cf = (struct radv_config *) (P->cf); init_list(&(p->iface_list)); + p->valid = 1; p->active = !radv_trigger_valid(cf); + p->fib_up = 0; + radv_set_fib(p, cf->propagate_routes); + p->prune_time = TIME_INFINITY; + return PS_UP; } @@ -476,7 +624,10 @@ static inline void radv_iface_shutdown(struct radv_iface *ifa) { if (ifa->sk) - radv_send_ra(ifa, 1); + { + radv_invalidate(ifa); + radv_send_ra(ifa); + } } static int @@ -484,6 +635,8 @@ radv_shutdown(struct proto *P) { struct radv_proto *p = (struct radv_proto *) P; + p->valid = 0; + struct radv_iface *ifa; WALK_LIST(ifa, p->iface_list) radv_iface_shutdown(ifa); @@ -495,23 +648,22 @@ static int radv_reconfigure(struct proto *P, struct proto_config *CF) { struct radv_proto *p = (struct radv_proto *) P; - // struct radv_config *old = (struct radv_config *) (p->cf); + struct radv_config *old = (struct radv_config *) (P->cf); struct radv_config *new = (struct radv_config *) CF; - /* - * The question is why there is a reconfigure function for RAdv if - * it has almost none internal state so restarting the protocol - * would probably suffice. One small reason is that restarting the - * protocol would lead to sending a RA with Router Lifetime 0 - * causing nodes to temporary remove their default routes. - */ - if (!proto_configure_channel(P, &P->main_channel, proto_cf_main_channel(CF))) return 0; P->cf = CF; /* radv_check_active() requires proper P->cf */ p->active = radv_check_active(p); + /* Allocate or free FIB */ + radv_set_fib(p, new->propagate_routes); + + /* We started to accept routes so we need to refeed them */ + if (!old->propagate_routes && new->propagate_routes) + channel_request_feeding(p->p.main_channel); + struct iface *iface; WALK_LIST(iface, iface_list) { @@ -574,9 +726,43 @@ radv_get_status(struct proto *P, byte *buf) strcpy(buf, "Suppressed"); } +static const char * +radv_pref_str(u32 pref) +{ + switch (pref) + { + case RA_PREF_LOW: + return "low"; + case RA_PREF_MEDIUM: + return "medium"; + case RA_PREF_HIGH: + return "high"; + default: + return "??"; + } +} + +/* The buffer has some minimal size */ +static int +radv_get_attr(eattr *a, byte *buf, int buflen UNUSED) +{ + switch (a->id) + { + case EA_RA_PREFERENCE: + bsprintf(buf, "preference: %s", radv_pref_str(a->u.data)); + return GA_FULL; + case EA_RA_LIFETIME: + bsprintf(buf, "lifetime"); + return GA_NAME; + default: + return GA_UNKNOWN; + } +} + struct protocol proto_radv = { .name = "RAdv", .template = "radv%d", + .attr_class = EAP_RADV, .channel_mask = NB_IP6, .proto_size = sizeof(struct radv_proto), .config_size = sizeof(struct radv_config), @@ -586,5 +772,6 @@ struct protocol proto_radv = { .shutdown = radv_shutdown, .reconfigure = radv_reconfigure, .copy_config = radv_copy_config, - .get_status = radv_get_status + .get_status = radv_get_status, + .get_attr = radv_get_attr }; diff --git a/proto/radv/radv.h b/proto/radv/radv.h index 4672e3b2..66f785a7 100644 --- a/proto/radv/radv.h +++ b/proto/radv/radv.h @@ -35,7 +35,6 @@ #define DEFAULT_MAX_RA_INT 600 #define DEFAULT_MIN_DELAY 3 #define DEFAULT_CURRENT_HOP_LIMIT 64 -#define DEFAULT_LINGER_TIME 300 #define DEFAULT_VALID_LIFETIME 86400 #define DEFAULT_PREFERRED_LIFETIME 14400 @@ -52,6 +51,8 @@ struct radv_config list dnssl_list; /* Global list of DNSSL configs (struct radv_dnssl_config) */ net_addr trigger; /* Prefix of a trigger route, if defined */ + u8 propagate_routes; /* Do we propagate more specific routes (RFC 4191)? */ + u32 max_linger_time; /* Maximum of interface route_linger_time */ }; struct radv_iface_config @@ -65,8 +66,8 @@ struct radv_iface_config u32 max_ra_int; u32 min_delay; - u32 linger_time; /* How long a dead prefix should still be advertised with 0 - lifetime */ + u32 prefix_linger_time; /* How long we advertise dead prefixes with lifetime 0 */ + u32 route_linger_time; /* How long we advertise dead routes with lifetime 0 */ u8 rdnss_local; /* Global list is not used for RDNSS */ u8 dnssl_local; /* Global list is not used for DNSSL */ @@ -78,8 +79,11 @@ struct radv_iface_config u32 retrans_timer; u32 current_hop_limit; u32 default_lifetime; + u32 route_lifetime; /* Lifetime for the RFC 4191 routes */ u8 default_lifetime_sensitive; /* Whether default_lifetime depends on trigger */ - u8 default_preference; /* Default Router Preference (RFC 4191) */ + u8 route_lifetime_sensitive; /* Whether route_lifetime depends on trigger */ + u8 default_preference; /* Default Router Preference (RFC 4191) */ + u8 route_preference; /* Specific Route Preference (RFC 4191) */ }; struct radv_prefix_config @@ -114,12 +118,34 @@ struct radv_dnssl_config char *domain; /* Domain for DNS search list, in processed form */ }; +/* + * One more specific route as per RFC 4191. + * + * Note that it does *not* contain the next hop field. The next hop is always + * the router sending the advertisment and the more specific route only allows + * overriding the preference of the route. + */ +struct radv_route +{ + u32 lifetime; /* Lifetime from an attribute */ + u8 lifetime_set; /* Whether lifetime is defined */ + u8 preference; /* Preference of the route, RA_PREF_* */ + u8 preference_set; /* Whether preference is defined */ + u8 valid; /* Whethe route is valid or withdrawn */ + btime changed; /* Last time when the route changed */ + + struct fib_node n; +}; struct radv_proto { struct proto p; list iface_list; /* List of active ifaces */ + u8 valid; /* Router is valid for forwarding, used for shutdown */ u8 active; /* Whether radv is active w.r.t. triggers */ + u8 fib_up; /* FIB table (routes) is initialized */ + struct fib routes; /* FIB table of specific routes (struct radv_route) */ + btime prune_time; /* Next time of route table pruning */ }; struct radv_prefix /* One prefix we advertise */ @@ -127,11 +153,10 @@ struct radv_prefix /* One prefix we advertise */ node n; net_addr_ip6 prefix; - u8 alive; /* Is the prefix alive? If not, we advertise it + u8 valid; /* Is the prefix valid? If not, we advertise it with 0 lifetime, so clients stop using it */ u8 mark; /* A temporary mark for processing */ - btime expires; /* The time when we drop this prefix from - advertising. It is valid only if !alive. */ + btime changed; /* Last time when the prefix changed */ struct radv_prefix_config *cf; /* The config tied to this prefix */ }; @@ -144,7 +169,8 @@ struct radv_iface struct ifa *addr; /* Link-local address of iface */ struct pool *pool; /* A pool for interface-specific things */ list prefixes; /* The prefixes we advertise (struct radv_prefix) */ - btime prefix_expires; /* When the soonest prefix expires (0 = none dead) */ + btime prune_time; /* Next time of prefix list pruning */ + btime valid_time; /* Cached packet is valid until first linger timeout */ timer *timer; struct object_lock *lock; @@ -158,7 +184,6 @@ struct radv_iface #define RA_EV_INIT 1 /* Switch to initial mode */ #define RA_EV_CHANGE 2 /* Change of options or prefixes */ #define RA_EV_RS 3 /* Received RS */ -#define RA_EV_GC 4 /* Internal garbage collection of prefixes */ /* Default Router Preferences (RFC 4191) */ #define RA_PREF_LOW 0x18 @@ -166,6 +191,9 @@ struct radv_iface #define RA_PREF_HIGH 0x08 #define RA_PREF_MASK 0x18 +/* Attributes */ +#define EA_RA_PREFERENCE EA_CODE(EAP_RADV, 0) +#define EA_RA_LIFETIME EA_CODE(EAP_RADV, 1) #ifdef LOCAL_DEBUG #define RADV_FORCE_DEBUG 1 @@ -181,7 +209,7 @@ void radv_iface_notify(struct radv_iface *ifa, int event); /* packets.c */ int radv_process_domain(struct radv_dnssl_config *cf); -void radv_send_ra(struct radv_iface *ifa, int shutdown); +void radv_send_ra(struct radv_iface *ifa); int radv_sk_open(struct radv_iface *ifa); |