summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2022-06-16NEWS and version updatev2.0.102.0.10Ondrej Zajicek
2022-06-07IPv4 flowspec literals should reject IPv6 prefices in a well-behaved wayMaria Matejka
When writing flow4 { dst 2001:db8::dead:beef/128; }, BIRD crashed on an not-well-debuggable segfault as it tried to copy the whole 128-bit prefix into an IPv4-sized memory.
2022-06-05Babel: Do not try to remove multicast seqno request objects from neighbour listOndrej Zajicek
The Babel seqno request code keeps track of which seqno requests are outstanding for a neighbour by putting them onto a per-neighbour list. When reusing a seqno request, it will try to remove this node, but if the seqno request in question was a multicast request with no neighbour attached this will result in a crash because it tries to remove a list node that wasn't added to any list. Fix this by making the list remove conditional. Also fix neighbor removal which were changing seqno requests to multicast ones instead of removing them. Fixes: ebd5751cdeb4 ("Babel: Seqno requests are properly decoupled from neighbors when the underlying interface disappears"). Based on the patch from Toke Høiland-Jørgensen <toke@toke.dk>, bug reported by Stefan Haller <stefan.haller@stha.de>, thanks.
2022-06-04IO: Improve resolution of latency debugging messagesOndrej Zajicek
2022-06-04Nest: Improve GC strategy for rtablesOndrej Zajicek
Use timer (configurable as 'gc period') to schedule routing table GC/pruning to ensure that prune is done on time but not too often. Randomize GC timers to avoid concentration of GC events from different tables in one loop cycle. Fix a bug that caused minimum inter-GC interval be 5 us instead of 5 s. Make default 'gc period' adaptive based on number of routing tables, from 10 s for small setups to 600 s for large ones. In marge multi-table RS setup, the patch improved time of flushing a downed peer from 20-30 min to <2 min and removed 40s latencies.
2022-05-27CI: Remove broken FreeBSD buildsOndrej Zajicek
We currently do not have FreeBSD CI workers.
2022-05-21BGP: Display neighbor port on show protocolOndrej Zajicek
2022-05-21RPKI: Display cache server port on show protocolOndrej Zajicek
Thanks to Luiz Amaral for the idea.
2022-05-19RPKI: Implement VRF supportLuiz Amaral
2022-05-15BGP: Improve tx performance during feed/flushOndrej Zajicek
The prefix hash table in BGP used the same hash function as the rtable. When a batch of routes are exported during feed/flush to the BGP, they all have similar hash values, so they are all crowded in a few slots in the BGP prefix table (which is much smaller - around the size of the batch - and uses higher bits from hash values), making it much slower due to excessive collisions. Use a different hash function to avoid this. Also, increase the batch size to fill 4k BGP packets and increase minimum BGP bucket and prefix hash sizes to avoid back and forth resizing during flushes. This leads to order of magnitude faster flushes (on my test data).
2022-04-22Doc: fix mating -> matching in flowspec sectionVincent Bernat
2022-04-22Babel: Fix compilation when LOCAL_DEBUG is set in packets.cToke Høiland-Jørgensen
The debug output was not updated with the rest of the code, so packets.c fails to compile if LOCAL_DEBUG is set.
2022-04-22Babel: Send out low-interval hello on shutdownToke Høiland-Jørgensen
When shutting down a Babel instance we send a wildcard retraction to make sure all peers can quickly switch to other route origins. Add another small optimisation borrowed from babeld: sending a Hello message (along with the retraction) with a very low interval. This will cause neighbours to modify their expiry timers for the node's state to quickly time it out, thus conserving resources in the network.
2022-04-13Fixed a munmap abort bugMaria Matejka
When BIRD was munmapping too many pages, it sometimes aborted, saying that munmap failed with "Not enough memory" as the address space was getting more and more fragmented. There is a workaround in place, simply keeping that page for future use, yet it has never been compiled in because I somehow forgot to include errno.h. And because I also thought that somebody may have ENOMEM not defined (why?!), there was a check which quietly omitted that workaround. Anyway, ENOMEM is POSIX. It's an utter nonsense to check for its existence. If it doesn't exist, something is broken.
2022-04-07BFD: Add 'strict bind' optionOndrej Zajicek (work)
Add BFD protocol option 'strict bind' to use separate listening socket for each BFD interface bound to its address instead of using shared listening sockets.
2022-03-16Netlink: Remove superfluous sysdep/linux/netlink.c.origOndrej Zajicek (work)
Thanks to Vincent Bernat for notice.
2022-03-16Lib: Allow use of 240.0.0.0/4 as a private rangeOndrej Zajicek (work)
There were several requests to allow use of 240.0.0.0/4 as a private range, and Linux kernel already allows such routes, so perhaps we can allow that too. Thanks to Vincent Bernat and others for suggestion and patches.
2022-03-11Pkg: Improve RPM package unit fileVincent Bernat
Update the RPM package unit file to check configuration before start and to use "birdc configure" instead of "kill -HUP".
2022-03-11Client: Use exit status to report errorsOndrej Zajicek (work)
When birdc is called with a command as an argument, it should set exit status to non-zero when BIRD replied with an error reply code. Thanks to Vincent Bernat and others for suggestion.
2022-03-02Small improvement in directory testOndrej Filip
2022-02-27Babel: Fix bug in iface reconfigurationOndrej Zajicek (work)
A recent change in Babel causes ifaces to disappear after reconfiguration. The patch fixes that. Thanks to Johannes Kimmel for an insightful bugreport.
2022-02-20Small change to fix doc building on Debianv2.0.9Ondrej Filip
2022-02-20Small changes related to the new releaseOndrej Filip
2022-02-13NEWS: Fix formatting and add some notesOndrej Zajicek (work)
2022-02-09NEWS and version updateOndrej Zajicek (work)
2022-02-08Alloc: Use posix_memalign() instead of aligned_alloc()Ondrej Zajicek (work)
For compatibility with older systems use posix_memalign(). We can switch to aligned_alloc() when we commit to C11 for multithreading.
2022-02-08Netlink: Minor cleanupOndrej Zajicek (work)
2022-02-07Lib: Update alignment of slabsOndrej Zajicek (work)
Alignment of slabs should be at least sizeof(ptr) to avoid unaligned pointers in slab structures. Fixme: Use proper way to choose alignment for internal allocators.
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06Trie: Fix trie formatOndrej Zajicek (work)
After switching to 16-way tries, trie format ignored unaligned / internal prefixes and only reported the primary prefix of a trie node. Fix trie format by showing internal prefixes based on the 'local' bitmask of a node. Also do basic (intra-node) reconstruction of prefix patterns by finding common subtrees in 'local' bitmask. In future, we could improve that by doing inter-node reconstruction, so prefixes entered as one pattern for a subtree (e.g. 192.168.0.0/18+) would be reported as such, like with aligned prefixes.
2022-02-06Nest: Implement locking of prefix tries during walksOndrej Zajicek (work)
The prune loop may may rebuild the prefix trie and therefore invalidate walk state for asynchronous walks (used in 'show route in' cmd). Fix it by adding locking that keeps the old trie in memory until current walks are done. In future this could be improved by rebuilding trie walk states (by lookup for last found prefix) after the prefix trie rebuild.
2022-02-06Nest: Implement prefix trie pruningOndrej Zajicek (work)
When rtable is pruned and network fib nodes are removed, we also need to prune prefix trie. Unfortunately, rebuilding prefix trie takes long time (got about 400 ms for 1M networks), so must not be atomic, we have to rebuild a new trie while current one is still active. That may require some considerable amount of temporary memory, so we do that only if we expect significant trie size reduction.
2022-02-06Trie: Add prefix counterOndrej Zajicek (work)
Add counter of prefixes stored in trie. Works only for 'restricted' tries composed of explicit prefixes (pxlen == l == h), like ones used in rtables.
2022-02-06Doc: Describe routing table optionsOndrej Zajicek (work)
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-06Nest: Add routing table configuration blocksOndrej Zajicek (work)
Allow to specify sorted flag, trie fla, and min/max settle time. Also do not enable trie by default, it must be explicitly enabled.
2022-02-06Nest: Add convenience functions to check rtable net typeOndrej Zajicek (work)
2022-02-06Nest: Avoid unnecessary net_format() in 'show route' commandOndrej Zajicek (work)
When output of 'show route' command was generated, the net_format() was called for each network prematurely, even if the result was not needed. Fix the code to call net_format() only when needed. This makes queries that process many networks but show only few (e.g. 'show route where ..', or 'show route count') much faster (like 5x - 10x faster).
2022-02-06Nest: Add trie iteration code to 'show route'Ondrej Zajicek (work)
Add trie iteration code to rt_show_cont() CLI hook and use it to accelerate 'show route in <addr>' commands using interval queries.
2022-02-06Nest: Implement 'show route in <addr>' commandOndrej Zajicek (work)
Implement 'show route in <addr>' command, which shows all routes in networks that are subnets of given network. Currently limited to IP network types.
2022-02-06Nest: Attach prefix trie to rtable for faster LPM and interval queriesOndrej Zajicek (work)
Attach a prefix trie to IP/VPN/ROA tables. Use it for net_route() and net_roa_check(). This leads to 3-5x speedups for IPv4 and 5-10x speedup for IPv6 of these calls. TODO: - Rebuild the trie during rt_prune_table() - Better way to avoid trie_add_prefix() in net_get() for existing tables - Make it configurable (?)
2022-01-28BGP: Make routing loops silentOndrej Zajicek (work)
One of previous commits added error logging of invalid routes. This also inadvertently caused error logging of route loops, which should be ignored silently. Fix that.
2022-01-28BGP: Use proper class in attribute error messagesOndrej Zajicek (work)
Most error messages in attribute processing are in rx/decode step and these use L_REMOTE log class. But there are few that are in tx/export step and these should use L_ERR log class. Use tx-specific macro (REJECT()) in tx/export code and rename field err_withdraw to err_reject in struct bgp_export_state to ensure that appropriate error reporting macros are called in proper contexts.
2022-01-28BGP: Improve 'invalid next hop' error reportingOndrej Zajicek (work)
Distinguish multiple causes of 'invalid next hop' message and report the relevant next hop address. Thanks to Simon Ruderich for the original patch.
2022-01-24BGP: Log route updates that were changed to withdrawsOndrej Zajicek (work)
Typical BGP error handling is treat-as-withdraw, where an invalid route is replaced with a withdraw. Log route network when it happens.
2022-01-17.gitlab-ci.yml: minor changes inside the .yml file.Matous Holinka
+ ubuntu:21.10 added into the pipeline, - ubuntu:20.10 removed from the pipeline, + misc/docker/ubuntu-21.10-amd64/Dockerfile added, - misc/docker/ubuntu-20.10-amd64/Dockerfile removed.
2022-01-17Netlink: Add option to specify netlink socket receive buffer sizeOndrej Zajicek (work)
Add option 'netlink rx buffer' to specify netlink socket receive buffer size. Uses SO_RCVBUFFORCE, so it can override rmem_max limit. Thanks to Trisha Biswas and Michal for the original patches.
2022-01-15Netlink: Add another workaround for older kernel headersOndrej Zajicek (work)
Unfortunately, SOL_NETLINK is both recently added and arch-dependent, so we cannot just define it.
2022-01-14Netlink: Add workaround for older kernel headersOndrej Zajicek (work)
2022-01-14Netlink: Enable strict checking for KRT dumpsOndrej Zajicek (work)
Add strict checking for netlink KRT dumps to avoid PMTU cache records from FNHE table dump along with KRT. Linux Kernel added FNHE table dump to the netlink API in patch: https://patchwork.ozlabs.org/project/netdev/patch/8d3b68cd37fb5fddc470904cdd6793fcf480c6c1.1561131177.git.sbrivio@redhat.com/ Therefore, since Linux 5.3 these route cache entries are dumped together with regular routes during periodic KRT scans, which in some cases may be huge amount of useless data. This can be avoided by using strict checking for netlink dumps: https://lore.kernel.org/netdev/20181008031644.15989-1-dsahern@kernel.org/ The patch mitigates the risk of receiving unknown and potentially large number of FNHE records that would block BIRD I/O in each sync. There is a known issue caused by the GRE tunnels on Linux that seems to be creating one FNHE record for each destination IP address that is routed through the tunnel, even when the PMTU equals to GRE interface MTU. Thanks to Tomas Hlavacek for the original patch.