summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOndrej Zajicek (work) <santiago@crfreenet.org>2017-12-07 21:54:47 +0100
committerOndrej Zajicek (work) <santiago@crfreenet.org>2017-12-07 21:54:47 +0100
commit830ba75e6dd369c3e64d122f0537cc85211e56e6 (patch)
tree23989d7955618540ab2bad467d6e376229ad922c
parent46434a3cad99260b5a659e5df874eab4615bcb36 (diff)
parent1e8721e2aeccfbc3f533e8b8abc07582cee77e9a (diff)
Merge commit '1e8721e2aeccfbc3f533e8b8abc07582cee77e9a' into int-new
-rw-r--r--doc/bird.sgml96
-rw-r--r--filter/filter.c3
-rw-r--r--filter/filter.h1
-rw-r--r--nest/config.Y12
-rw-r--r--nest/proto.c61
-rw-r--r--nest/protocol.h18
-rw-r--r--nest/route.h3
-rw-r--r--proto/babel/packets.c23
-rw-r--r--proto/bgp/bgp.c44
-rw-r--r--proto/bgp/bgp.h2
-rw-r--r--proto/bgp/packets.c58
-rw-r--r--proto/radv/config.Y49
-rw-r--r--proto/radv/packets.c97
-rw-r--r--proto/radv/radv.c345
-rw-r--r--proto/radv/radv.h48
15 files changed, 676 insertions, 184 deletions
diff --git a/doc/bird.sgml b/doc/bird.sgml
index b51234f7..ab515191 100644
--- a/doc/bird.sgml
+++ b/doc/bird.sgml
@@ -1941,7 +1941,7 @@ protocol bfd [&lt;name&gt;] {
computation.
<tag>password "<M>text</M>"</tag>
- Specifies a password used for authentication. See <ref id="dsc-pass"
+ Specifies a password used for authentication. See <ref id="proto-pass"
name="password"> common option for detailed description. Note that
password option <cf/algorithm/ is not available in BFD protocol. The
algorithm is selected by <cf/authentication/ option for all passwords.
@@ -3560,7 +3560,8 @@ time intervals or as an answer to a request) advertisement packets to connected
networks. These packets contain basic information about a local network (e.g. a
list of network prefixes), which allows network hosts to autoconfigure network
addresses and choose a default route. BIRD implements router behavior as defined
-in <rfc id="4861"> and also the DNS extensions from <rfc id="6106">.
+in <rfc id="4861">, router preferences and specific routes (<rfc id="4191">),
+and DNS extensions (<rfc id="6106">).
<sect1>Configuration
<label id="radv-config">
@@ -3597,7 +3598,7 @@ definitions, prefix definitions and DNS definitions:
definitions may also be interface-specific when used inside interface
options. By default, interface uses both global and interface-specific
options, but that can be changed by <cf/rdnss local/ option.
-dsc-iface
+
<tag><label id="radv-dnssl">dnssl { <m/options/ }</tag>
DNSSL definitions allow to specify a list of advertised DNS search
domains together with their options. Like <cf/rdnss/ above, multiple
@@ -3622,6 +3623,18 @@ dsc-iface
default router. <cf/preferred lifetime/ and <cf/valid lifetime/ could
also be configured as <cf/sensitive/ for a prefix, which would cause
autoconfigured IPs to be deprecated or even removed.
+
+ <tag><label id="radv-propagate-routes">propagate routes <m/switch/</tag>
+ This option controls propagation of more specific routes, as defined in
+ <rfc id="4191">. If enabled, all routes exported to the RAdv protocol,
+ with the exception of the trigger prefix, are added to advertisments as
+ additional options. The lifetime and preference of advertised routes can
+ be set individually by <cf/ra_lifetime/ and <cf/ra_preference/ route
+ attributes, or per interface by <cf/route lifetime/ and
+ <cf/route preference/ options. Default: disabled.
+
+ Note that the RFC discourages from sending more than 17 routes and
+ recommends the routes to be configured manually.
</descrip>
<p>Interface specific options:
@@ -3668,21 +3681,45 @@ dsc-iface
hosts. Valid values are 0-255, 0 means unspecified. Default: 64
<tag><label id="radv-iface-default-lifetime">default lifetime <m/expr/ [sensitive <m/switch/]</tag>
- This option specifies the time (in seconds) how long (after the receipt
+ This option specifies the time (in seconds) how long (since the receipt
of RA) hosts may use the router as a default router. 0 means do not use
as a default router. For <cf/sensitive/ option, see <ref id="radv-trigger" name="trigger">.
Default: 3 * <cf/max ra interval/, <cf/sensitive/ yes.
- <tag><label id="radv-iface-linger-time">linger time <m/expr/</tag>
- When a prefix disappears, it is advertised for some time with 0
- lifetime, to inform clients the prefix is no longer usable. This option
- sets the time for how long it is advertised (in seconds). Maximum is
- 3600, 0 means disabled. Default: 300.
-
- <tag><label id="radv-iface-default-preference-low">default preference low|medium|high</tag>
+ <tag><label id="radv-iface-default-preference">default preference low|medium|high</tag>
This option specifies the Default Router Preference value to advertise
to hosts. Default: medium.
+ <tag><label id="radv-iface-route-lifetime">route lifetime <m/expr/ [sensitive <m/switch/]</tag>
+ This option specifies the default value of advertised lifetime for
+ specific routes; i.e., the time (in seconds) for how long (since the
+ receipt of RA) hosts should consider these routes valid. A special value
+ 0xffffffff represents infinity. The lifetime can be overriden on a per
+ route basis by the <ref id="rta-ra-lifetime" name="ra_lifetime"> route
+ attribute. Default: 3 * <cf/max ra interval/, <cf/sensitive/ no.
+
+ For the <cf/sensitive/ option, see <ref id="radv-trigger" name="trigger">.
+ If <cf/sensitive/ is enabled, even the routes with the <cf/ra_lifetime/
+ attribute become sensitive to the trigger.
+
+ <tag><label id="radv-iface-route-preference">route preference low|medium|high</tag>
+ This option specifies the default value of advertised route preference
+ for specific routes. The value can be overriden on a per route basis by
+ the <ref id="rta-ra-preference" name="ra_preference"> route attribute.
+ Default: medium.
+
+ <tag><label id="radv-prefix-linger-time">prefix linger time <m/expr/</tag>
+ When a prefix or a route disappears, it is advertised for some time with
+ zero lifetime, to inform clients it is no longer valid. This option
+ specifies the time (in seconds) for how long prefixes are advertised
+ that way. Default: 3 * <cf/max ra interval/.
+
+ <tag><label id="radv-route-linger-time">route linger time <m/expr/</tag>
+ When a prefix or a route disappears, it is advertised for some time with
+ zero lifetime, to inform clients it is no longer valid. This option
+ specifies the time (in seconds) for how long routes are advertised
+ that way. Default: 3 * <cf/max ra interval/.
+
<tag><label id="radv-iface-rdnss-local">rdnss local <m/switch/</tag>
Use only local (interface-specific) RDNSS definitions for this
interface. Otherwise, both global and local definitions are used. Could
@@ -3729,7 +3766,6 @@ dsc-iface
<cf/sensitive/ no.
</descrip>
-
<p>RDNSS specific options:
<descrip>
@@ -3762,12 +3798,48 @@ dsc-iface
RDNSS <cf/lifetime/ option above. Default: 3 * <cf/max ra interval/.
</descrip>
+<sect1>Attributes
+<label id="radv-attr">
+
+<p>RAdv defines two route attributes:
+
+<descrip>
+ <tag><label id="rta-ra-preference">enum ra_preference/</tag>
+ The preference of the route. The value can be <it/RA_PREF_LOW/,
+ <it/RA_PREF_MEDIUM/ or <it/RA_PREF_HIGH/. If the attribute is not set,
+ the <ref id="radv-iface-route-preference" name="route preference">
+ option is used.
+
+ <tag><label id="rta-ra-lifetime">int ra_lifetime/</tag>
+ The advertised lifetime of the route, in seconds. The special value of
+ 0xffffffff represents infinity. If the attribute is not set, the
+ <ref id="radv-iface-route-lifetime" name="route lifetime">
+ option is used.
+</descrip>
<sect1>Example
<label id="radv-exam">
<p><code>
+table radv_routes; # Manually configured routes go here
+
+protocol static {
+ table radv_routes;
+
+ route 2001:0DB8:4000::/48 unreachable;
+ route 2001:0DB8:4010::/48 unreachable;
+
+ route 2001:0DB8:4020::/48 unreachable {
+ ra_preference = RA_PREF_HIGH;
+ ra_lifetime = 3600;
+ };
+}
+
protocol radv {
+ propagate routes yes; # Propagate the routes from the radv_routes table
+ table radv_routes;
+ export all;
+
interface "eth2" {
max ra interval 5; # Fast failover with more routers
managed yes; # Using DHCPv6 on eth2
diff --git a/filter/filter.c b/filter/filter.c
index 7dcf22ed..aef4f44a 100644
--- a/filter/filter.c
+++ b/filter/filter.c
@@ -1089,7 +1089,8 @@ interpret(struct f_inst *what)
switch (what->aux & EAF_TYPE_MASK) {
case EAF_TYPE_INT:
- if (v1.type != T_INT)
+ // Enums are also ints, so allow them in.
+ if (v1.type != T_INT && (v1.type < T_ENUM_LO || v1.type > T_ENUM_HI))
runtime( "Setting int attribute to non-int value" );
l->attrs[0].u.data = v1.val.i;
break;
diff --git a/filter/filter.h b/filter/filter.h
index 6c81b9bc..c277b67c 100644
--- a/filter/filter.h
+++ b/filter/filter.h
@@ -147,6 +147,7 @@ void val_format(struct f_val v, buffer *buf);
#define T_ENUM_RTD 0x34
#define T_ENUM_ROA 0x35
#define T_ENUM_NETTYPE 0x36
+#define T_ENUM_RA_PREFERENCE 0x37
/* new enums go here */
#define T_ENUM_EMPTY 0x3f /* Special hack for atomic_aggr */
diff --git a/nest/config.Y b/nest/config.Y
index ad45a39d..555c9e05 100644
--- a/nest/config.Y
+++ b/nest/config.Y
@@ -756,12 +756,12 @@ echo_size:
}
;
-CF_CLI(DISABLE, proto_patt, <protocol> | \"<pattern>\" | all, [[Disable protocol]])
-{ proto_apply_cmd($2, proto_cmd_disable, 1, 0); } ;
-CF_CLI(ENABLE, proto_patt, <protocol> | \"<pattern>\" | all, [[Enable protocol]])
-{ proto_apply_cmd($2, proto_cmd_enable, 1, 0); } ;
-CF_CLI(RESTART, proto_patt, <protocol> | \"<pattern>\" | all, [[Restart protocol]])
-{ proto_apply_cmd($2, proto_cmd_restart, 1, 0); } ;
+CF_CLI(DISABLE, proto_patt opttext, (<protocol> | \"<pattern>\" | all) [message], [[Disable protocol]])
+{ proto_apply_cmd($2, proto_cmd_disable, 1, (uintptr_t) $3); } ;
+CF_CLI(ENABLE, proto_patt opttext, (<protocol> | \"<pattern>\" | all) [message], [[Enable protocol]])
+{ proto_apply_cmd($2, proto_cmd_enable, 1, (uintptr_t) $3); } ;
+CF_CLI(RESTART, proto_patt opttext, (<protocol> | \"<pattern>\" | all) [message], [[Restart protocol]])
+{ proto_apply_cmd($2, proto_cmd_restart, 1, (uintptr_t) $3); } ;
CF_CLI(RELOAD, proto_patt, <protocol> | \"<pattern>\" | all, [[Reload protocol]])
{ proto_apply_cmd($2, proto_cmd_reload, 1, CMD_RELOAD); } ;
CF_CLI(RELOAD IN, proto_patt, <protocol> | \"<pattern>\" | all, [[Reload protocol (just imported routes)]])
diff --git a/nest/proto.c b/nest/proto.c
index ecc3b0fe..a2a2bc7e 100644
--- a/nest/proto.c
+++ b/nest/proto.c
@@ -980,6 +980,7 @@ proto_rethink_goal(struct proto *p)
proto_remove_channels(p);
rem_node(&p->n);
rfree(p->event);
+ mb_free(p->message);
mb_free(p);
if (!nc)
return;
@@ -1334,6 +1335,39 @@ proto_schedule_down(struct proto *p, byte restart, byte code)
tm_start_max(proto_shutdown_timer, restart ? 250 MS : 0);
}
+/**
+ * proto_set_message - set administrative message to protocol
+ * @p: protocol
+ * @msg: message
+ * @len: message length (-1 for NULL-terminated string)
+ *
+ * The function sets administrative message (string) related to protocol state
+ * change. It is called by the nest code for manual enable/disable/restart
+ * commands all routes to the protocol, and by protocol-specific code when the
+ * protocol state change is initiated by the protocol. Using NULL message clears
+ * the last message. The message string may be either NULL-terminated or with an
+ * explicit length.
+ */
+void
+proto_set_message(struct proto *p, char *msg, int len)
+{
+ mb_free(p->message);
+ p->message = NULL;
+
+ if (!msg || !len)
+ return;
+
+ if (len < 0)
+ len = strlen(msg);
+
+ if (!len)
+ return;
+
+ p->message = mb_alloc(proto_pool, len + 1);
+ memcpy(p->message, msg, len);
+ p->message[len] = 0;
+}
+
static const char *
channel_limit_name(struct channel_limit *l)
@@ -1622,7 +1656,7 @@ channel_show_info(struct channel *c)
}
void
-proto_cmd_show(struct proto *p, uint verbose, int cnt)
+proto_cmd_show(struct proto *p, uintptr_t verbose, int cnt)
{
byte buf[256], tbuf[TM_DATETIME_BUFFER_SIZE];
@@ -1646,6 +1680,8 @@ proto_cmd_show(struct proto *p, uint verbose, int cnt)
{
if (p->cf->dsc)
cli_msg(-1006, " Description: %s", p->cf->dsc);
+ if (p->message)
+ cli_msg(-1006, " Message: %s", p->message);
if (p->cf->router_id)
cli_msg(-1006, " Router ID: %R", p->cf->router_id);
if (p->vrf)
@@ -1665,7 +1701,7 @@ proto_cmd_show(struct proto *p, uint verbose, int cnt)
}
void
-proto_cmd_disable(struct proto *p, uint arg UNUSED, int cnt UNUSED)
+proto_cmd_disable(struct proto *p, uintptr_t arg, int cnt UNUSED)
{
if (p->disabled)
{
@@ -1676,12 +1712,13 @@ proto_cmd_disable(struct proto *p, uint arg UNUSED, int cnt UNUSED)
log(L_INFO "Disabling protocol %s", p->name);
p->disabled = 1;
p->down_code = PDC_CMD_DISABLE;
+ proto_set_message(p, (char *) arg, -1);
proto_rethink_goal(p);
cli_msg(-9, "%s: disabled", p->name);
}
void
-proto_cmd_enable(struct proto *p, uint arg UNUSED, int cnt UNUSED)
+proto_cmd_enable(struct proto *p, uintptr_t arg, int cnt UNUSED)
{
if (!p->disabled)
{
@@ -1691,12 +1728,13 @@ proto_cmd_enable(struct proto *p, uint arg UNUSED, int cnt UNUSED)
log(L_INFO "Enabling protocol %s", p->name);
p->disabled = 0;
+ proto_set_message(p, (char *) arg, -1);
proto_rethink_goal(p);
cli_msg(-11, "%s: enabled", p->name);
}
void
-proto_cmd_restart(struct proto *p, uint arg UNUSED, int cnt UNUSED)
+proto_cmd_restart(struct proto *p, uintptr_t arg, int cnt UNUSED)
{
if (p->disabled)
{
@@ -1707,6 +1745,7 @@ proto_cmd_restart(struct proto *p, uint arg UNUSED, int cnt UNUSED)
log(L_INFO "Restarting protocol %s", p->name);
p->disabled = 1;
p->down_code = PDC_CMD_RESTART;
+ proto_set_message(p, (char *) arg, -1);
proto_rethink_goal(p);
p->disabled = 0;
proto_rethink_goal(p);
@@ -1714,7 +1753,7 @@ proto_cmd_restart(struct proto *p, uint arg UNUSED, int cnt UNUSED)
}
void
-proto_cmd_reload(struct proto *p, uint dir, int cnt UNUSED)
+proto_cmd_reload(struct proto *p, uintptr_t dir, int cnt UNUSED)
{
struct channel *c;
@@ -1753,19 +1792,19 @@ proto_cmd_reload(struct proto *p, uint dir, int cnt UNUSED)
}
void
-proto_cmd_debug(struct proto *p, uint mask, int cnt UNUSED)
+proto_cmd_debug(struct proto *p, uintptr_t mask, int cnt UNUSED)
{
p->debug = mask;
}
void
-proto_cmd_mrtdump(struct proto *p, uint mask, int cnt UNUSED)
+proto_cmd_mrtdump(struct proto *p, uintptr_t mask, int cnt UNUSED)
{
p->mrtdump = mask;
}
static void
-proto_apply_cmd_symbol(struct symbol *s, void (* cmd)(struct proto *, uint, int), uint arg)
+proto_apply_cmd_symbol(struct symbol *s, void (* cmd)(struct proto *, uintptr_t, int), uintptr_t arg)
{
if (s->class != SYM_PROTO)
{
@@ -1778,7 +1817,7 @@ proto_apply_cmd_symbol(struct symbol *s, void (* cmd)(struct proto *, uint, int)
}
static void
-proto_apply_cmd_patt(char *patt, void (* cmd)(struct proto *, uint, int), uint arg)
+proto_apply_cmd_patt(char *patt, void (* cmd)(struct proto *, uintptr_t, int), uintptr_t arg)
{
struct proto *p;
int cnt = 0;
@@ -1794,8 +1833,8 @@ proto_apply_cmd_patt(char *patt, void (* cmd)(struct proto *, uint, int), uint a
}
void
-proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uint, int),
- int restricted, uint arg)
+proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uintptr_t, int),
+ int restricted, uintptr_t arg)
{
if (restricted && cli_access_restricted())
return;
diff --git a/nest/protocol.h b/nest/protocol.h
index d7e84a44..c8f37367 100644
--- a/nest/protocol.h
+++ b/nest/protocol.h
@@ -162,6 +162,7 @@ struct proto {
u32 hash_key; /* Random key used for hashing of neighbors */
btime last_state_change; /* Time of last state transition */
char *last_state_name_announced; /* Last state name we've announced to the user */
+ char *message; /* State-change message, allocated from proto_pool */
/*
* General protocol hooks:
@@ -238,6 +239,7 @@ struct proto_spec {
void *proto_new(struct proto_config *);
void *proto_config_new(struct protocol *, int class);
void proto_copy_config(struct proto_config *dest, struct proto_config *src);
+void proto_set_message(struct proto *p, char *msg, int len);
void graceful_restart_recovery(void);
void graceful_restart_init(void);
@@ -250,15 +252,15 @@ void channel_graceful_restart_unlock(struct channel *c);
void channel_show_limit(struct channel_limit *l, const char *dsc);
void channel_show_info(struct channel *c);
-void proto_cmd_show(struct proto *, uint, int);
-void proto_cmd_disable(struct proto *, uint, int);
-void proto_cmd_enable(struct proto *, uint, int);
-void proto_cmd_restart(struct proto *, uint, int);
-void proto_cmd_reload(struct proto *, uint, int);
-void proto_cmd_debug(struct proto *, uint, int);
-void proto_cmd_mrtdump(struct proto *, uint, int);
+void proto_cmd_show(struct proto *, uintptr_t, int);
+void proto_cmd_disable(struct proto *, uintptr_t, int);
+void proto_cmd_enable(struct proto *, uintptr_t, int);
+void proto_cmd_restart(struct proto *, uintptr_t, int);
+void proto_cmd_reload(struct proto *, uintptr_t, int);
+void proto_cmd_debug(struct proto *, uintptr_t, int);
+void proto_cmd_mrtdump(struct proto *, uintptr_t, int);
-void proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uint, int), int restricted, uint arg);
+void proto_apply_cmd(struct proto_spec ps, void (* cmd)(struct proto *, uintptr_t, int), int restricted, uintptr_t arg);
struct proto *proto_get_named(struct symbol *, struct protocol *);
#define CMD_RELOAD 0
diff --git a/nest/route.h b/nest/route.h
index c9e2b3bf..bb0cb4a4 100644
--- a/nest/route.h
+++ b/nest/route.h
@@ -470,7 +470,8 @@ typedef struct eattr {
#define EAP_OSPF 3 /* OSPF */
#define EAP_KRT 4 /* Kernel route attributes */
#define EAP_BABEL 5 /* Babel attributes */
-#define EAP_MAX 6
+#define EAP_RADV 6 /* Router advertisment attributes */
+#define EAP_MAX 7
#define EA_CODE(proto,id) (((proto) << 8) | (id))
#define EA_PROTO(ea) ((ea) >> 8)
diff --git a/proto/babel/packets.c b/proto/babel/packets.c
index 5b356fae..dd86222a 100644
--- a/proto/babel/packets.c
+++ b/proto/babel/packets.c
@@ -42,7 +42,7 @@ struct babel_tlv_ack {
struct babel_tlv_hello {
u8 type;
u8 length;
- u16 reserved;
+ u16 flags;
u16 seqno;
u16 interval;
} PACKED;
@@ -106,8 +106,12 @@ struct babel_tlv_seqno_request {
} PACKED;
-#define BABEL_FLAG_DEF_PREFIX 0x80
-#define BABEL_FLAG_ROUTER_ID 0x40
+/* Hello flags */
+#define BABEL_HF_UNICAST 0x8000
+
+/* Update flags */
+#define BABEL_UF_DEF_PREFIX 0x80
+#define BABEL_UF_ROUTER_ID 0x40
struct babel_parse_state {
@@ -343,6 +347,11 @@ babel_read_hello(struct babel_tlv *hdr, union babel_msg *m,
struct babel_tlv_hello *tlv = (void *) hdr;
struct babel_msg_hello *msg = &m->hello;
+ /* We currently don't support unicast Hello */
+ u16 flags = get_u16(&tlv->flags);
+ if (flags & BABEL_HF_UNICAST)
+ return PARSE_IGNORE;
+
msg->type = BABEL_TLV_HELLO;
msg->seqno = get_u16(&tlv->seqno);
msg->interval = get_time16(&tlv->interval);
@@ -606,7 +615,7 @@ babel_read_update(struct babel_tlv *hdr, union babel_msg *m,
ip4_addr prefix4 = get_ip4(buf);
net_fill_ip4(&msg->net, prefix4, tlv->plen);
- if (tlv->flags & BABEL_FLAG_DEF_PREFIX)
+ if (tlv->flags & BABEL_UF_DEF_PREFIX)
{
put_ip4(state->def_ip4_prefix, prefix4);
state->def_ip4_prefix_seen = 1;
@@ -631,13 +640,13 @@ babel_read_update(struct babel_tlv *hdr, union babel_msg *m,
ip6_addr prefix6 = get_ip6(buf);
net_fill_ip6(&msg->net, prefix6, tlv->plen);
- if (tlv->flags & BABEL_FLAG_DEF_PREFIX)
+ if (tlv->flags & BABEL_UF_DEF_PREFIX)
{
put_ip6(state->def_ip6_prefix, prefix6);
state->def_ip6_prefix_seen = 1;
}
- if (tlv->flags & BABEL_FLAG_ROUTER_ID)
+ if (tlv->flags & BABEL_UF_ROUTER_ID)
{
state->router_id = ((u64) _I2(prefix6)) << 32 | _I3(prefix6);
state->router_id_seen = 1;
@@ -750,7 +759,7 @@ babel_write_update(struct babel_tlv *hdr, union babel_msg *m,
else
{
put_ip6_px(tlv->addr, &msg->net);
- tlv->flags |= BABEL_FLAG_DEF_PREFIX;
+ tlv->flags |= BABEL_UF_DEF_PREFIX;
put_ip6(state->def_ip6_prefix, net6_prefix(&msg->net));
state->def_ip6_pxlen = tlv->plen;
diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c
index b0814791..30fe75ba 100644
--- a/proto/bgp/bgp.c
+++ b/proto/bgp/bgp.c
@@ -403,7 +403,7 @@ bgp_update_startup_delay(struct bgp_proto *p)
}
static void
-bgp_graceful_close_conn(struct bgp_conn *conn, uint subcode)
+bgp_graceful_close_conn(struct bgp_conn *conn, uint subcode, byte *data, uint len)
{
switch (conn->state)
{
@@ -419,7 +419,7 @@ bgp_graceful_close_conn(struct bgp_conn *conn, uint subcode)
case BS_OPENSENT:
case BS_OPENCONFIRM:
case BS_ESTABLISHED:
- bgp_error(conn, 6, subcode, NULL, 0);
+ bgp_error(conn, 6, subcode, data, len);
return;
default:
@@ -459,11 +459,11 @@ bgp_decision(void *vp)
}
void
-bgp_stop(struct bgp_proto *p, uint subcode)
+bgp_stop(struct bgp_proto *p, uint subcode, byte *data, uint len)
{
proto_notify_state(&p->p, PS_STOP);
- bgp_graceful_close_conn(&p->outgoing_conn, subcode);
- bgp_graceful_close_conn(&p->incoming_conn, subcode);
+ bgp_graceful_close_conn(&p->outgoing_conn, subcode, data, len);
+ bgp_graceful_close_conn(&p->incoming_conn, subcode, data, len);
ev_schedule(p->event);
}
@@ -606,7 +606,7 @@ bgp_conn_leave_established_state(struct bgp_proto *p)
// bgp_free_bucket_table(p);
if (p->p.proto_state == PS_UP)
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
void
@@ -725,7 +725,7 @@ bgp_graceful_restart_timeout(timer *t)
struct bgp_proto *p = t->data;
BGP_TRACE(D_EVENTS, "Neighbor graceful restart timeout");
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
@@ -1125,7 +1125,7 @@ bgp_neigh_notify(neighbor *n)
BGP_TRACE(D_EVENTS, "Neighbor lost");
bgp_store_error(p, NULL, BE_MISC, BEM_NEIGHBOR_LOST);
/* Perhaps also run bgp_update_startup_delay(p)? */
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
}
else if (p->cf->check_link && !(n->iface->flags & IF_LINK_UP))
@@ -1136,7 +1136,7 @@ bgp_neigh_notify(neighbor *n)
bgp_store_error(p, NULL, BE_MISC, BEM_LINK_DOWN);
if (ps == PS_UP)
bgp_update_startup_delay(p);
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
}
else
@@ -1161,7 +1161,7 @@ bgp_bfd_notify(struct bfd_request *req)
bgp_store_error(p, NULL, BE_MISC, BEM_BFD_DOWN);
if (ps == PS_UP)
bgp_update_startup_delay(p);
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
}
@@ -1349,6 +1349,10 @@ bgp_shutdown(struct proto *P)
struct bgp_proto *p = (struct bgp_proto *) P;
uint subcode = 0;
+ char *message = NULL;
+ byte *data = NULL;
+ uint len = 0;
+
BGP_TRACE(D_EVENTS, "Shutdown requested");
switch (P->down_code)
@@ -1365,10 +1369,12 @@ bgp_shutdown(struct proto *P)
case PDC_CMD_DISABLE:
case PDC_CMD_SHUTDOWN:
subcode = 2; // Errcode 6, 2 - administrative shutdown
+ message = P->message;
break;
case PDC_CMD_RESTART:
subcode = 4; // Errcode 6, 4 - administrative reset
+ message = P->message;
break;
case PDC_RX_LIMIT_HIT:
@@ -1393,8 +1399,22 @@ bgp_shutdown(struct proto *P)
bgp_store_error(p, NULL, BE_MAN_DOWN, 0);
p->startup_delay = 0;
+ /* RFC 8203 - shutdown communication */
+ if (message)
+ {
+ uint msg_len = strlen(message);
+ msg_len = MIN(msg_len, 128);
+
+ /* Buffer will be freed automatically by protocol shutdown */
+ data = mb_alloc(p->p.pool, msg_len + 1);
+ len = msg_len + 1;
+
+ data[0] = msg_len;
+ memcpy(data+1, message, msg_len);
+ }
+
done:
- bgp_stop(p, subcode);
+ bgp_stop(p, subcode, data, len);
return p->p.proto_state;
}
@@ -1785,7 +1805,7 @@ bgp_error(struct bgp_conn *c, uint code, uint subcode, byte *data, int len)
if (code != 6)
{
bgp_update_startup_delay(p);
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
}
diff --git a/proto/bgp/bgp.h b/proto/bgp/bgp.h
index 3d940c22..40c4b3f0 100644
--- a/proto/bgp/bgp.h
+++ b/proto/bgp/bgp.h
@@ -437,7 +437,7 @@ void bgp_graceful_restart_done(struct bgp_channel *c);
void bgp_refresh_begin(struct bgp_channel *c);
void bgp_refresh_end(struct bgp_channel *c);
void bgp_store_error(struct bgp_proto *p, struct bgp_conn *c, u8 class, u32 code);
-void bgp_stop(struct bgp_proto *p, unsigned subcode);
+void bgp_stop(struct bgp_proto *p, uint subcode, byte *data, uint len);
struct rte_source *bgp_find_source(struct bgp_proto *p, u32 path_id);
struct rte_source *bgp_get_source(struct bgp_proto *p, u32 path_id);
diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c
index 0e974746..038e89f9 100644
--- a/proto/bgp/packets.c
+++ b/proto/bgp/packets.c
@@ -2678,38 +2678,72 @@ bgp_error_dsc(uint code, uint subcode)
return buff;
}
+/* RFC 8203 - shutdown communication message */
+static int
+bgp_handle_message(struct bgp_proto *p, byte *data, uint len, byte **bp)
+{
+ byte *msg = data + 1;
+ uint msg_len = data[0];
+ uint i;
+
+ /* Handle zero length message */
+ if (msg_len == 0)
+ return 1;
+
+ /* Handle proper message */
+ if ((msg_len > 128) && (msg_len + 1 > len))
+ return 0;
+
+ /* Some elementary cleanup */
+ for (i = 0; i < msg_len; i++)
+ if (msg[i] < ' ')
+ msg[i] = ' ';
+
+ proto_set_message(&p->p, msg, msg_len);
+ *bp += bsprintf(*bp, ": \"%s\"", p->p.message);
+ return 1;
+}
+
void
bgp_log_error(struct bgp_proto *p, u8 class, char *msg, uint code, uint subcode, byte *data, uint len)
{
- const byte *name;
- byte *t, argbuf[36];
+ byte argbuf[256], *t = argbuf;
uint i;
/* Don't report Cease messages generated by myself */
if (code == 6 && class == BE_BGP_TX)
return;
- name = bgp_error_dsc(code, subcode);
- t = argbuf;
+ /* Reset shutdown message */
+ if ((code == 6) && ((subcode == 2) || (subcode == 4)))
+ proto_set_message(&p->p, NULL, 0);
+
if (len)
{
- *t++ = ':';
- *t++ = ' ';
-
+ /* Bad peer AS - we would like to print the AS */
if ((code == 2) && (subcode == 2) && ((len == 2) || (len == 4)))
{
- /* Bad peer AS - we would like to print the AS */
- t += bsprintf(t, "%u", (len == 2) ? get_u16(data) : get_u32(data));
+ t += bsprintf(t, ": %u", (len == 2) ? get_u16(data) : get_u32(data));
goto done;
}
+
+ /* RFC 8203 - shutdown communication */
+ if (((code == 6) && ((subcode == 2) || (subcode == 4))))
+ if (bgp_handle_message(p, data, len, &t))
+ goto done;
+
+ *t++ = ':';
+ *t++ = ' ';
if (len > 16)
len = 16;
for (i=0; i<len; i++)
t += bsprintf(t, "%02x", data[i]);
}
- done:
+
+done:
*t = 0;
- log(L_REMOTE "%s: %s: %s%s", p->p.name, msg, name, argbuf);
+ const byte *dsc = bgp_error_dsc(code, subcode);
+ log(L_REMOTE "%s: %s: %s%s", p->p.name, msg, dsc, argbuf);
}
static void
@@ -2733,7 +2767,7 @@ bgp_rx_notification(struct bgp_conn *conn, byte *pkt, uint len)
if (err)
{
bgp_update_startup_delay(p);
- bgp_stop(p, 0);
+ bgp_stop(p, 0, NULL, 0);
}
}
diff --git a/proto/radv/config.Y b/proto/radv/config.Y
index 0e43c237..37815f0d 100644
--- a/proto/radv/config.Y
+++ b/proto/radv/config.Y
@@ -30,7 +30,10 @@ CF_KEYWORDS(RADV, PREFIX, INTERFACE, MIN, MAX, RA, DELAY, INTERVAL,
MANAGED, OTHER, CONFIG, LINGER, LINK, MTU, REACHABLE, TIME, RETRANS,
TIMER, CURRENT, HOP, LIMIT, DEFAULT, VALID, PREFERRED, MULT,
LIFETIME, SKIP, ONLINK, AUTONOMOUS, RDNSS, DNSSL, NS, DOMAIN,
- LOCAL, TRIGGER, SENSITIVE, PREFERENCE, LOW, MEDIUM, HIGH)
+ LOCAL, TRIGGER, SENSITIVE, PREFERENCE, LOW, MEDIUM, HIGH, PROPAGATE,
+ ROUTE, ROUTES, RA_PREFERENCE, RA_LIFETIME)
+
+CF_ENUM(T_ENUM_RA_PREFERENCE, RA_PREF_, LOW, MEDIUM, HIGH)
%type<i> radv_mult radv_sensitive radv_preference
@@ -56,6 +59,7 @@ radv_proto_item:
| RDNSS { init_list(&radv_dns_list); } radv_rdnss { add_tail_list(&RADV_CFG->rdnss_list, &radv_dns_list); }
| DNSSL { init_list(&radv_dns_list); } radv_dnssl { add_tail_list(&RADV_CFG->dnssl_list, &radv_dns_list); }
| TRIGGER net_ip6 { RADV_CFG->trigger = $2; }
+ | PROPAGATE ROUTES bool { RADV_CFG->propagate_routes = $3; }
;
radv_proto_opts:
@@ -76,14 +80,18 @@ radv_iface_start:
init_list(&RADV_IFACE->rdnss_list);
init_list(&RADV_IFACE->dnssl_list);
- RADV_IFACE->min_ra_int = -1; /* undefined */
+ RADV_IFACE->min_ra_int = (u32) -1; /* undefined */
RADV_IFACE->max_ra_int = DEFAULT_MAX_RA_INT;
RADV_IFACE->min_delay = DEFAULT_MIN_DELAY;
+ RADV_IFACE->prefix_linger_time = (u32) -1;
+ RADV_IFACE->route_linger_time = (u32) -1;
RADV_IFACE->current_hop_limit = DEFAULT_CURRENT_HOP_LIMIT;
- RADV_IFACE->linger_time = DEFAULT_LINGER_TIME;
- RADV_IFACE->default_lifetime = -1;
+ RADV_IFACE->default_lifetime = (u32) -1;
RADV_IFACE->default_lifetime_sensitive = 1;
RADV_IFACE->default_preference = RA_PREF_MEDIUM;
+ RADV_IFACE->route_lifetime = (u32) -1;
+ RADV_IFACE->route_lifetime_sensitive = 0;
+ RADV_IFACE->route_preference = RA_PREF_MEDIUM;
};
radv_iface_item:
@@ -95,14 +103,20 @@ radv_iface_item:
| LINK MTU expr { RADV_IFACE->link_mtu = $3; }
| REACHABLE TIME expr { RADV_IFACE->reachable_time = $3; if ($3 > 3600000) cf_error("Reachable time must be in range 0-3600000"); }
| RETRANS TIMER expr { RADV_IFACE->retrans_timer = $3; }
- | LINGER TIME expr { RADV_IFACE->linger_time = $3; if ($3 > 3600) cf_error("Linger time must be in range 0-3600"); }
| CURRENT HOP LIMIT expr { RADV_IFACE->current_hop_limit = $4; if ($4 > 255) cf_error("Current hop limit must be in range 0-255"); }
| DEFAULT LIFETIME expr radv_sensitive {
RADV_IFACE->default_lifetime = $3;
if ($3 > 9000) cf_error("Default lifetime must be in range 0-9000");
if ($4 != (uint) -1) RADV_IFACE->default_lifetime_sensitive = $4;
}
+ | ROUTE LIFETIME expr radv_sensitive {
+ RADV_IFACE->route_lifetime = $3;
+ if ($4 != (uint) -1) RADV_IFACE->route_lifetime_sensitive = $4;
+ }
| DEFAULT PREFERENCE radv_preference { RADV_IFACE->default_preference = $3; }
+ | ROUTE PREFERENCE radv_preference { RADV_IFACE->route_preference = $3; }
+ | PREFIX LINGER TIME expr { RADV_IFACE->prefix_linger_time = $4; }
+ | ROUTE LINGER TIME expr { RADV_IFACE->route_linger_time = $4; }
| PREFIX radv_prefix { add_tail(&RADV_IFACE->pref_list, NODE this_radv_prefix); }
| RDNSS { init_list(&radv_dns_list); } radv_rdnss { add_tail_list(&RADV_IFACE->rdnss_list, &radv_dns_list); }
| DNSSL { init_list(&radv_dns_list); } radv_dnssl { add_tail_list(&RADV_IFACE->dnssl_list, &radv_dns_list); }
@@ -125,12 +139,32 @@ radv_iface_finish:
if (ic->default_lifetime == (u32) -1)
ic->default_lifetime = 3 * ic->max_ra_int;
+ if (ic->route_lifetime == (u32) -1)
+ ic->route_lifetime = 3 * ic->max_ra_int;
+
+ if (ic->prefix_linger_time == (u32) -1)
+ ic->prefix_linger_time = 3 * ic->max_ra_int;
+
+ if (ic->route_linger_time == (u32) -1)
+ ic->route_linger_time = 3 * ic->max_ra_int;
+
if ((ic->min_ra_int > 3) &&
(ic->min_ra_int > (ic->max_ra_int * 3 / 4)))
cf_error("Min RA interval must be at most 3/4 * Max RA interval");
if ((ic->default_lifetime > 0) && (ic->default_lifetime < ic->max_ra_int))
cf_error("Default lifetime must be either 0 or at least Max RA interval");
+
+ if ((ic->route_lifetime > 0) && (ic->route_lifetime < ic->max_ra_int))
+ cf_error("Route lifetime must be either 0 or at least Max RA interval");
+
+ if ((ic->prefix_linger_time > 0) && (ic->prefix_linger_time < ic->max_ra_int))
+ cf_error("Prefix linger time must be either 0 or at least Max RA interval");
+
+ if ((ic->route_linger_time > 0) && (ic->route_linger_time < ic->max_ra_int))
+ cf_error("Route linger time must be either 0 or at least Max RA interval");
+
+ RADV_CFG->max_linger_time = MAX_(RADV_CFG->max_linger_time, ic->route_linger_time);
};
@@ -294,10 +328,13 @@ radv_mult:
;
radv_sensitive:
- /* empty */ { $$ = -1; }
+ /* empty */ { $$ = (uint) -1; }
| SENSITIVE bool { $$ = $2; }
;
+CF_ADDTO(dynamic_attr, RA_PREFERENCE { $$ = f_new_dynamic_attr(EAF_TYPE_INT, T_ENUM_RA_PREFERENCE, EA_RA_PREFERENCE); })
+CF_ADDTO(dynamic_attr, RA_LIFETIME { $$ = f_new_dynamic_attr(EAF_TYPE_INT, T_INT, EA_RA_LIFETIME); })
+
CF_CODE
CF_END
diff --git a/proto/radv/packets.c b/proto/radv/packets.c
index 7c148b7d..b12d3a12 100644
--- a/proto/radv/packets.c
+++ b/proto/radv/packets.c
@@ -26,6 +26,7 @@ struct radv_ra_packet
#define OPT_PREFIX 3
#define OPT_MTU 5
+#define OPT_ROUTE 24
#define OPT_RDNSS 25
#define OPT_DNSSL 31
@@ -52,6 +53,15 @@ struct radv_opt_mtu
u32 mtu;
};
+struct radv_opt_route {
+ u8 type;
+ u8 length;
+ u8 pxlen;
+ u8 flags;
+ u32 lifetime;
+ u8 prefix[];
+};
+
struct radv_opt_rdnss
{
u8 type;
@@ -71,6 +81,44 @@ struct radv_opt_dnssl
};
static int
+radv_prepare_route(struct radv_iface *ifa, struct radv_route *rt,
+ char **buf, char *bufend)
+{
+ struct radv_proto *p = ifa->ra;
+ u8 px_blocks = (net6_pxlen(rt->n.addr) + 63) / 64;
+ u8 opt_len = 8 * (1 + px_blocks);
+
+ if (*buf + opt_len > bufend)
+ {
+ log(L_WARN, "%s: Too many RA options on interface %s",
+ p->p.name, ifa->iface->name);
+ return -1;
+ }
+
+ uint preference = rt->preference_set ? rt->preference : ifa->cf->route_preference;
+ uint lifetime = rt->lifetime_set ? rt->lifetime : ifa->cf->route_lifetime;
+ uint valid = rt->valid && p->valid && (p->active || !ifa->cf->route_lifetime_sensitive);
+
+ struct radv_opt_route *opt = (void *) *buf;
+ *buf += opt_len;
+ opt->type = OPT_ROUTE;
+ opt->length = 1 + px_blocks;
+ opt->pxlen = net6_pxlen(rt->n.addr);
+ opt->flags = preference;
+ opt->lifetime = valid ? htonl(lifetime) : 0;
+
+ /* Copy the relevant part of the prefix */
+ ip6_addr px_addr = ip6_hton(net6_prefix(rt->n.addr));
+ memcpy(opt->prefix, &px_addr, 8 * px_blocks);
+
+ /* Keeping track of first linger timeout */
+ if (!rt->valid)
+ ifa->valid_time = MIN(ifa->valid_time, rt->changed + ifa->cf->route_linger_time S);
+
+ return 0;
+}
+
+static int
radv_prepare_rdnss(struct radv_iface *ifa, list *rdnss_list, char **buf, char *bufend)
{
struct radv_rdnss_config *rcf = HEAD(*rdnss_list);
@@ -231,6 +279,10 @@ radv_prepare_prefix(struct radv_iface *ifa, struct radv_prefix *px,
op->prefix = ip6_hton(px->prefix.prefix);
*buf += sizeof(*op);
+ /* Keeping track of first linger timeout */
+ if (!px->valid)
+ ifa->valid_time = MIN(ifa->valid_time, px->changed + ifa->cf->prefix_linger_time S);
+
return 0;
}
@@ -240,6 +292,7 @@ radv_prepare_ra(struct radv_iface *ifa)
struct radv_proto *p = ifa->ra;
struct radv_config *cf = (struct radv_config *) (p->p.cf);
struct radv_iface_config *ic = ifa->cf;
+ btime now = current_time();
char *buf = ifa->sk->tbuf;
char *bufstart = buf;
@@ -250,7 +303,7 @@ radv_prepare_ra(struct radv_iface *ifa)
pkt->code = 0;
pkt->checksum = 0;
pkt->current_hop_limit = ic->current_hop_limit;
- pkt->router_lifetime = (p->active || !ic->default_lifetime_sensitive) ?
+ pkt->router_lifetime = (p->valid && (p->active || !ic->default_lifetime_sensitive)) ?
htons(ic->default_lifetime) : 0;
pkt->flags = (ic->managed ? OPT_RA_MANAGED : 0) |
(ic->other_config ? OPT_RA_OTHER_CFG : 0) |
@@ -269,10 +322,17 @@ radv_prepare_ra(struct radv_iface *ifa)
buf += sizeof (*om);
}
- struct radv_prefix *prefix;
- WALK_LIST(prefix, ifa->prefixes)
+ /* Keeping track of first linger timeout */
+ ifa->valid_time = TIME_INFINITY;
+
+ struct radv_prefix *px;
+ WALK_LIST(px, ifa->prefixes)
{
- if (radv_prepare_prefix(ifa, prefix, &buf, bufend) < 0)
+ /* Skip invalid prefixes that are past linger timeout but still not pruned */
+ if (!px->valid && ((px->changed + ic->prefix_linger_time S) <= now))
+ continue;
+
+ if (radv_prepare_prefix(ifa, px, &buf, bufend) < 0)
goto done;
}
@@ -290,13 +350,27 @@ radv_prepare_ra(struct radv_iface *ifa)
if (radv_prepare_dnssl(ifa, &ic->dnssl_list, &buf, bufend) < 0)
goto done;
+ if (p->fib_up)
+ {
+ FIB_WALK(&p->routes, struct radv_route, rt)
+ {
+ /* Skip invalid routes that are past linger timeout but still not pruned */
+ if (!rt->valid && ((rt->changed + ic->route_linger_time S) <= now))
+ continue;
+
+ if (radv_prepare_route(ifa, rt, &buf, bufend) < 0)
+ goto done;
+ }
+ FIB_WALK_END;
+ }
+
done:
ifa->plen = buf - bufstart;
}
void
-radv_send_ra(struct radv_iface *ifa, int shutdown)
+radv_send_ra(struct radv_iface *ifa)
{
struct radv_proto *p = ifa->ra;
@@ -304,19 +378,6 @@ radv_send_ra(struct radv_iface *ifa, int shutdown)
if (!ifa->plen)
radv_prepare_ra(ifa);
- if (shutdown)
- {
- /*
- * Modify router lifetime to 0, it is not restored because we suppose that
- * the iface will be removed. The preference value also has to be zeroed.
- * (RFC 4191 2.2: If router lifetime is 0, the preference value must be 0.)
- */
-
- struct radv_ra_packet *pkt = (void *) ifa->sk->tbuf;
- pkt->router_lifetime = 0;
- pkt->flags &= ~RA_PREF_MASK;
- }
-
RADV_TRACE(D_PACKETS, "Sending RA via %s", ifa->iface->name);
sk_send_to(ifa->sk, ifa->plen, IP6_ALL_NODES, 0);
}
diff --git a/proto/radv/radv.c b/proto/radv/radv.c
index e9140115..0a2a3e78 100644
--- a/proto/radv/radv.c
+++ b/proto/radv/radv.c
@@ -12,59 +12,63 @@
/**
* DOC: Router Advertisements
*
- * The RAdv protocol is implemented in two files: |radv.c| containing
- * the interface with BIRD core and the protocol logic and |packets.c|
- * handling low level protocol stuff (RX, TX and packet formats).
- * The protocol does not export any routes.
+ * The RAdv protocol is implemented in two files: |radv.c| containing the
+ * interface with BIRD core and the protocol logic and |packets.c| handling low
+ * level protocol stuff (RX, TX and packet formats). The protocol does not
+ * export any routes.
*
- * The RAdv is structured in the usual way - for each handled interface
- * there is a structure &radv_iface that contains a state related to
- * that interface together with its resources (a socket, a timer).
- * There is also a prepared RA stored in a TX buffer of the socket
- * associated with an iface. These iface structures are created
- * and removed according to iface events from BIRD core handled by
- * radv_if_notify() callback.
+ * The RAdv is structured in the usual way - for each handled interface there is
+ * a structure &radv_iface that contains a state related to that interface
+ * together with its resources (a socket, a timer). There is also a prepared RA
+ * stored in a TX buffer of the socket associated with an iface. These iface
+ * structures are created and removed according to iface events from BIRD core
+ * handled by radv_if_notify() callback.
*
- * The main logic of RAdv consists of two functions:
- * radv_iface_notify(), which processes asynchronous events (specified
- * by RA_EV_* codes), and radv_timer(), which triggers sending RAs and
- * computes the next timeout.
+ * The main logic of RAdv consists of two functions: radv_iface_notify(), which
+ * processes asynchronous events (specified by RA_EV_* codes), and radv_timer(),
+ * which triggers sending RAs and computes the next timeout.
*
- * The RAdv protocol could receive routes (through
- * radv_import_control() and radv_rt_notify()), but only the
- * configured trigger route is tracked (in &active var). When a radv
- * protocol is reconfigured, the connected routing table is examined
- * (in radv_check_active()) to have proper &active value in case of
- * the specified trigger prefix was changed.
+ * The RAdv protocol could receive routes (through radv_import_control() and
+ * radv_rt_notify()), but only the configured trigger route is tracked (in
+ * &active var). When a radv protocol is reconfigured, the connected routing
+ * table is examined (in radv_check_active()) to have proper &active value in
+ * case of the specified trigger prefix was changed.
*
* Supported standards:
* - RFC 4861 - main RA standard
+ * - RFC 4191 - Default Router Preferences and More-Specific Routes
* - RFC 6106 - DNS extensions (RDDNS, DNSSL)
- * - RFC 4191 (partial) - Default Router Preference
*/
+static void radv_prune_prefixes(struct radv_iface *ifa);
+static void radv_prune_routes(struct radv_proto *p);
+
+/* Invalidate cached RA packet */
+static inline void radv_invalidate(struct radv_iface *ifa)
+{ ifa->plen = 0; }
+
static void
radv_timer(timer *tm)
{
struct radv_iface *ifa = tm->data;
struct radv_proto *p = ifa->ra;
+ btime now = current_time();
RADV_TRACE(D_EVENTS, "Timer fired on %s", ifa->iface->name);
- /*
- * If some dead prefixes expired, regenerate the prefix list and the packet.
- * We do so by pretending there was a change on the interface.
- *
- * This sets the timer, but we replace it just at the end of this function
- * (replacing a timer is fine).
- */
- if (ifa->prefix_expires && (ifa->prefix_expires <= current_time()))
- radv_iface_notify(ifa, RA_EV_GC);
+ if (ifa->valid_time <= now)
+ radv_invalidate(ifa);
+
+ if (ifa->prune_time <= now)
+ radv_prune_prefixes(ifa);
- radv_send_ra(ifa, 0);
+ if (p->prune_time <= now)
+ radv_prune_routes(p);
+
+ radv_send_ra(ifa);
/* Update timer */
- ifa->last = current_time();
+ ifa->last = now;
btime t = ifa->cf->min_ra_int S;
btime r = (ifa->cf->max_ra_int - ifa->cf->min_ra_int) S;
t += random() % (r + 1);
@@ -115,8 +119,8 @@ static void
radv_prepare_prefixes(struct radv_iface *ifa)
{
struct radv_proto *p = ifa->ra;
- struct radv_iface_config *cf = ifa->cf;
- struct radv_prefix *pfx;
+ struct radv_prefix *pfx, *next;
+ btime now = current_time();
/* First mark all the prefixes as unused */
WALK_LIST(pfx, ifa->prefixes)
@@ -159,55 +163,58 @@ radv_prepare_prefixes(struct radv_iface *ifa)
* Update the information (it may have changed, or even bring a prefix back
* to life).
*/
- existing->alive = 1;
+ existing->valid = 1;
+ existing->changed = now;
existing->mark = 1;
existing->cf = pc;
}
- /*
- * Garbage-collect the prefixes. If something isn't used, it dies (but isn't
- * dropped just yet). If something is dead and rots there for long enough,
- * clean it up.
- */
- btime now_ = current_time();
- btime expires = now_ + cf->linger_time S;
- btime expires_min = 0;
- struct radv_prefix *next;
WALK_LIST_DELSAFE(pfx, next, ifa->prefixes)
{
- if (pfx->alive && !pfx->mark)
+ if (pfx->valid && !pfx->mark)
{
- RADV_TRACE(D_EVENTS, "Marking prefix %N on %s as dead",
+ RADV_TRACE(D_EVENTS, "Invalidating prefix %N on %s",
pfx->prefix, ifa->iface->name);
- pfx->alive = 0;
- pfx->expires = expires;
+ pfx->valid = 0;
+ pfx->changed = now;
pfx->cf = &dead_prefix;
}
+ }
+}
+
+static void
+radv_prune_prefixes(struct radv_iface *ifa)
+{
+ struct radv_proto *p = ifa->ra;
+ btime now = current_time();
+ btime next = TIME_INFINITY;
+ btime expires = 0;
- if (!pfx->alive)
+ struct radv_prefix *px, *pxn;
+ WALK_LIST_DELSAFE(px, pxn, ifa->prefixes)
+ {
+ if (!px->valid)
{
- if (pfx->expires <= now_)
+ expires = px->changed + ifa->cf->prefix_linger_time S;
+
+ if (expires <= now)
{
RADV_TRACE(D_EVENTS, "Removing prefix %N on %s",
- pfx->prefix, ifa->iface->name);
+ px->prefix, ifa->iface->name);
- rem_node(NODE pfx);
- mb_free(pfx);
+ rem_node(NODE px);
+ mb_free(px);
}
else
- {
- /* Find minimum expiration time */
- if (!expires_min || (pfx->expires < expires_min))
- expires_min = pfx->expires;
- }
+ next = MIN(next, expires);
}
}
- ifa->prefix_expires = expires_min;
+ ifa->prune_time = next;
}
-static char* ev_name[] = { NULL, "Init", "Change", "RS", "Garbage collect" };
+static char* ev_name[] = { NULL, "Init", "Change", "RS" };
void
radv_iface_notify(struct radv_iface *ifa, int event)
@@ -222,18 +229,17 @@ radv_iface_notify(struct radv_iface *ifa, int event)
switch (event)
{
case RA_EV_CHANGE:
- case RA_EV_GC:
- ifa->plen = 0;
+ radv_invalidate(ifa);
case RA_EV_INIT:
ifa->initial = MAX_INITIAL_RTR_ADVERTISEMENTS;
+ radv_prepare_prefixes(ifa);
+ radv_prune_prefixes(ifa);
break;
case RA_EV_RS:
break;
}
- radv_prepare_prefixes(ifa);
-
/* Update timer */
btime t = ifa->last + ifa->cf->min_delay S - current_time();
tm_start(ifa->timer, t);
@@ -248,7 +254,6 @@ radv_iface_notify_all(struct radv_proto *p, int event)
radv_iface_notify(ifa, event);
}
-
static struct radv_iface *
radv_iface_find(struct radv_proto *p, struct iface *what)
{
@@ -291,6 +296,7 @@ radv_iface_new(struct radv_proto *p, struct iface *iface, struct radv_iface_conf
ifa->iface = iface;
ifa->addr = iface->llv6;
init_list(&ifa->prefixes);
+ ifa->prune_time = TIME_INFINITY;
add_tail(&p->iface_list, NODE ifa);
@@ -397,14 +403,19 @@ radv_import_control(struct proto *P, rte **new, ea_list **attrs UNUSED, struct l
if (radv_net_match_trigger(cf, (*new)->net))
return RIC_PROCESS;
- return RIC_DROP;
+ if (cf->propagate_routes)
+ return RIC_PROCESS;
+ else
+ return RIC_DROP;
}
static void
-radv_rt_notify(struct proto *P, struct channel *ch UNUSED, net *n, rte *new, rte *old UNUSED, ea_list *attrs UNUSED)
+radv_rt_notify(struct proto *P, struct channel *ch UNUSED, net *n, rte *new, rte *old UNUSED, ea_list *attrs)
{
struct radv_proto *p = (struct radv_proto *) P;
struct radv_config *cf = (struct radv_config *) (P->cf);
+ struct radv_route *rt;
+ eattr *ea;
if (radv_net_match_trigger(cf, n))
{
@@ -420,7 +431,123 @@ radv_rt_notify(struct proto *P, struct channel *ch UNUSED, net *n, rte *new, rte
RADV_TRACE(D_EVENTS, "Suppressed");
radv_iface_notify_all(p, RA_EV_CHANGE);
+ return;
+ }
+
+ if (!cf->propagate_routes)
+ return;
+
+ /*
+ * Some other route we want to send (or stop sending). Update the cache,
+ * with marking a removed one as dead or creating a new one as needed.
+ *
+ * And yes, we exclude the trigger route on purpose.
+ */
+
+ if (new)
+ {
+ /* Update */
+
+ ea = ea_find(attrs, EA_RA_PREFERENCE);
+ uint preference = ea ? ea->u.data : RA_PREF_MEDIUM;
+ uint preference_set = !!ea;
+
+ ea = ea_find(attrs, EA_RA_LIFETIME);
+ uint lifetime = ea ? ea->u.data : 0;
+ uint lifetime_set = !!ea;
+
+ if ((preference != RA_PREF_LOW) &&
+ (preference != RA_PREF_MEDIUM) &&
+ (preference != RA_PREF_HIGH))
+ {
+ log(L_WARN "%s: Invalid ra_preference value %u on route %N",
+ p->p.name, preference, n->n.addr);
+ preference = RA_PREF_MEDIUM;
+ preference_set = 1;
+ lifetime = 0;
+ lifetime_set = 1;
+ }
+
+ rt = fib_get(&p->routes, n->n.addr);
+
+ /* Ignore update if nothing changed */
+ if (rt->valid &&
+ (rt->preference == preference) &&
+ (rt->preference_set == preference_set) &&
+ (rt->lifetime == lifetime) &&
+ (rt->lifetime_set == lifetime_set))
+ return;
+
+ if (p->routes.entries == 18)
+ log(L_WARN "%s: More than 17 routes exported to RAdv", p->p.name);
+
+ rt->valid = 1;
+ rt->changed = current_time();
+ rt->preference = preference;
+ rt->preference_set = preference_set;
+ rt->lifetime = lifetime;
+ rt->lifetime_set = lifetime_set;
+ }
+ else
+ {
+ /* Withdraw */
+ rt = fib_find(&p->routes, n->n.addr);
+
+ if (!rt || !rt->valid)
+ return;
+
+ /* Invalidate the route */
+ rt->valid = 0;
+ rt->changed = current_time();
+
+ /* Invalidated route will be pruned eventually */
+ btime expires = rt->changed + cf->max_linger_time S;
+ p->prune_time = MIN(p->prune_time, expires);
}
+
+ radv_iface_notify_all(p, RA_EV_CHANGE);
+}
+
+/*
+ * Cleans up all the dead routes that expired and schedules itself to be run
+ * again if there are more routes waiting for expiration.
+ */
+static void
+radv_prune_routes(struct radv_proto *p)
+{
+ struct radv_config *cf = (struct radv_config *) (p->p.cf);
+ btime now = current_time();
+ btime next = TIME_INFINITY;
+ btime expires = 0;
+
+ /* Should not happen */
+ if (!p->fib_up)
+ return;
+
+ struct fib_iterator fit;
+ FIB_ITERATE_INIT(&fit, &p->routes);
+
+again:
+ FIB_ITERATE_START(&p->routes, &fit, struct radv_route, rt)
+ {
+ if (!rt->valid)
+ {
+ expires = rt->changed + cf->max_linger_time S;
+
+ /* Delete expired nodes */
+ if (expires <= now)
+ {
+ FIB_ITERATE_PUT(&fit);
+ fib_delete(&p->routes, rt);
+ goto again;
+ }
+ else
+ next = MIN(next, expires);
+ }
+ }
+ FIB_ITERATE_END;
+
+ p->prune_time = next;
}
static int
@@ -460,6 +587,22 @@ radv_init(struct proto_config *CF)
return P;
}
+static void
+radv_set_fib(struct radv_proto *p, int up)
+{
+ if (up == p->fib_up)
+ return;
+
+ if (up)
+ fib_init(&p->routes, p->p.pool, NET_IP6, sizeof(struct radv_route),
+ OFFSETOF(struct radv_route, n), 4, NULL);
+ else
+ fib_free(&p->routes);
+
+ p->fib_up = up;
+ p->prune_time = TIME_INFINITY;
+}
+
static int
radv_start(struct proto *P)
{
@@ -467,8 +610,13 @@ radv_start(struct proto *P)
struct radv_config *cf = (struct radv_config *) (P->cf);
init_list(&(p->iface_list));
+ p->valid = 1;
p->active = !radv_trigger_valid(cf);
+ p->fib_up = 0;
+ radv_set_fib(p, cf->propagate_routes);
+ p->prune_time = TIME_INFINITY;
+
return PS_UP;
}
@@ -476,7 +624,10 @@ static inline void
radv_iface_shutdown(struct radv_iface *ifa)
{
if (ifa->sk)
- radv_send_ra(ifa, 1);
+ {
+ radv_invalidate(ifa);
+ radv_send_ra(ifa);
+ }
}
static int
@@ -484,6 +635,8 @@ radv_shutdown(struct proto *P)
{
struct radv_proto *p = (struct radv_proto *) P;
+ p->valid = 0;
+
struct radv_iface *ifa;
WALK_LIST(ifa, p->iface_list)
radv_iface_shutdown(ifa);
@@ -495,23 +648,22 @@ static int
radv_reconfigure(struct proto *P, struct proto_config *CF)
{
struct radv_proto *p = (struct radv_proto *) P;
- // struct radv_config *old = (struct radv_config *) (p->cf);
+ struct radv_config *old = (struct radv_config *) (P->cf);
struct radv_config *new = (struct radv_config *) CF;
- /*
- * The question is why there is a reconfigure function for RAdv if
- * it has almost none internal state so restarting the protocol
- * would probably suffice. One small reason is that restarting the
- * protocol would lead to sending a RA with Router Lifetime 0
- * causing nodes to temporary remove their default routes.
- */
-
if (!proto_configure_channel(P, &P->main_channel, proto_cf_main_channel(CF)))
return 0;
P->cf = CF; /* radv_check_active() requires proper P->cf */
p->active = radv_check_active(p);
+ /* Allocate or free FIB */
+ radv_set_fib(p, new->propagate_routes);
+
+ /* We started to accept routes so we need to refeed them */
+ if (!old->propagate_routes && new->propagate_routes)
+ channel_request_feeding(p->p.main_channel);
+
struct iface *iface;
WALK_LIST(iface, iface_list)
{
@@ -574,9 +726,43 @@ radv_get_status(struct proto *P, byte *buf)
strcpy(buf, "Suppressed");
}
+static const char *
+radv_pref_str(u32 pref)
+{
+ switch (pref)
+ {
+ case RA_PREF_LOW:
+ return "low";
+ case RA_PREF_MEDIUM:
+ return "medium";
+ case RA_PREF_HIGH:
+ return "high";
+ default:
+ return "??";
+ }
+}
+
+/* The buffer has some minimal size */
+static int
+radv_get_attr(eattr *a, byte *buf, int buflen UNUSED)
+{
+ switch (a->id)
+ {
+ case EA_RA_PREFERENCE:
+ bsprintf(buf, "preference: %s", radv_pref_str(a->u.data));
+ return GA_FULL;
+ case EA_RA_LIFETIME:
+ bsprintf(buf, "lifetime");
+ return GA_NAME;
+ default:
+ return GA_UNKNOWN;
+ }
+}
+
struct protocol proto_radv = {
.name = "RAdv",
.template = "radv%d",
+ .attr_class = EAP_RADV,
.channel_mask = NB_IP6,
.proto_size = sizeof(struct radv_proto),
.config_size = sizeof(struct radv_config),
@@ -586,5 +772,6 @@ struct protocol proto_radv = {
.shutdown = radv_shutdown,
.reconfigure = radv_reconfigure,
.copy_config = radv_copy_config,
- .get_status = radv_get_status
+ .get_status = radv_get_status,
+ .get_attr = radv_get_attr
};
diff --git a/proto/radv/radv.h b/proto/radv/radv.h
index 4672e3b2..66f785a7 100644
--- a/proto/radv/radv.h
+++ b/proto/radv/radv.h
@@ -35,7 +35,6 @@
#define DEFAULT_MAX_RA_INT 600
#define DEFAULT_MIN_DELAY 3
#define DEFAULT_CURRENT_HOP_LIMIT 64
-#define DEFAULT_LINGER_TIME 300
#define DEFAULT_VALID_LIFETIME 86400
#define DEFAULT_PREFERRED_LIFETIME 14400
@@ -52,6 +51,8 @@ struct radv_config
list dnssl_list; /* Global list of DNSSL configs (struct radv_dnssl_config) */
net_addr trigger; /* Prefix of a trigger route, if defined */
+ u8 propagate_routes; /* Do we propagate more specific routes (RFC 4191)? */
+ u32 max_linger_time; /* Maximum of interface route_linger_time */
};
struct radv_iface_config
@@ -65,8 +66,8 @@ struct radv_iface_config
u32 max_ra_int;
u32 min_delay;
- u32 linger_time; /* How long a dead prefix should still be advertised with 0
- lifetime */
+ u32 prefix_linger_time; /* How long we advertise dead prefixes with lifetime 0 */
+ u32 route_linger_time; /* How long we advertise dead routes with lifetime 0 */
u8 rdnss_local; /* Global list is not used for RDNSS */
u8 dnssl_local; /* Global list is not used for DNSSL */
@@ -78,8 +79,11 @@ struct radv_iface_config
u32 retrans_timer;
u32 current_hop_limit;
u32 default_lifetime;
+ u32 route_lifetime; /* Lifetime for the RFC 4191 routes */
u8 default_lifetime_sensitive; /* Whether default_lifetime depends on trigger */
- u8 default_preference; /* Default Router Preference (RFC 4191) */
+ u8 route_lifetime_sensitive; /* Whether route_lifetime depends on trigger */
+ u8 default_preference; /* Default Router Preference (RFC 4191) */
+ u8 route_preference; /* Specific Route Preference (RFC 4191) */
};
struct radv_prefix_config
@@ -114,12 +118,34 @@ struct radv_dnssl_config
char *domain; /* Domain for DNS search list, in processed form */
};
+/*
+ * One more specific route as per RFC 4191.
+ *
+ * Note that it does *not* contain the next hop field. The next hop is always
+ * the router sending the advertisment and the more specific route only allows
+ * overriding the preference of the route.
+ */
+struct radv_route
+{
+ u32 lifetime; /* Lifetime from an attribute */
+ u8 lifetime_set; /* Whether lifetime is defined */
+ u8 preference; /* Preference of the route, RA_PREF_* */
+ u8 preference_set; /* Whether preference is defined */
+ u8 valid; /* Whethe route is valid or withdrawn */
+ btime changed; /* Last time when the route changed */
+
+ struct fib_node n;
+};
struct radv_proto
{
struct proto p;
list iface_list; /* List of active ifaces */
+ u8 valid; /* Router is valid for forwarding, used for shutdown */
u8 active; /* Whether radv is active w.r.t. triggers */
+ u8 fib_up; /* FIB table (routes) is initialized */
+ struct fib routes; /* FIB table of specific routes (struct radv_route) */
+ btime prune_time; /* Next time of route table pruning */
};
struct radv_prefix /* One prefix we advertise */
@@ -127,11 +153,10 @@ struct radv_prefix /* One prefix we advertise */
node n;
net_addr_ip6 prefix;
- u8 alive; /* Is the prefix alive? If not, we advertise it
+ u8 valid; /* Is the prefix valid? If not, we advertise it
with 0 lifetime, so clients stop using it */
u8 mark; /* A temporary mark for processing */
- btime expires; /* The time when we drop this prefix from
- advertising. It is valid only if !alive. */
+ btime changed; /* Last time when the prefix changed */
struct radv_prefix_config *cf; /* The config tied to this prefix */
};
@@ -144,7 +169,8 @@ struct radv_iface
struct ifa *addr; /* Link-local address of iface */
struct pool *pool; /* A pool for interface-specific things */
list prefixes; /* The prefixes we advertise (struct radv_prefix) */
- btime prefix_expires; /* When the soonest prefix expires (0 = none dead) */
+ btime prune_time; /* Next time of prefix list pruning */
+ btime valid_time; /* Cached packet is valid until first linger timeout */
timer *timer;
struct object_lock *lock;
@@ -158,7 +184,6 @@ struct radv_iface
#define RA_EV_INIT 1 /* Switch to initial mode */
#define RA_EV_CHANGE 2 /* Change of options or prefixes */
#define RA_EV_RS 3 /* Received RS */
-#define RA_EV_GC 4 /* Internal garbage collection of prefixes */
/* Default Router Preferences (RFC 4191) */
#define RA_PREF_LOW 0x18
@@ -166,6 +191,9 @@ struct radv_iface
#define RA_PREF_HIGH 0x08
#define RA_PREF_MASK 0x18
+/* Attributes */
+#define EA_RA_PREFERENCE EA_CODE(EAP_RADV, 0)
+#define EA_RA_LIFETIME EA_CODE(EAP_RADV, 1)
#ifdef LOCAL_DEBUG
#define RADV_FORCE_DEBUG 1
@@ -181,7 +209,7 @@ void radv_iface_notify(struct radv_iface *ifa, int event);
/* packets.c */
int radv_process_domain(struct radv_dnssl_config *cf);
-void radv_send_ra(struct radv_iface *ifa, int shutdown);
+void radv_send_ra(struct radv_iface *ifa);
int radv_sk_open(struct radv_iface *ifa);