Age | Commit message (Collapse) | Author |
|
Actually much simpler than expected.
|
|
Add basic VRF (virtual routing and forwarding) support. Protocols can be
associated with VRFs, such protocols will be restricted to interfaces
assigned to the VRF (as reported by Linux kernel) and will use sockets
bound to the VRF. E.g., different multihop BGP instances can use diffent
kernel routing tables to handle BGP TCP connections.
The VRF support is preliminary, currently there are several limitations:
- Recent Linux kernels (4.11) do not handle correctly sockets bound
to interaces that are part of VRF, so most protocols other than multihop
BGP do not work. This will be fixed by future kernel versions.
- Neighbor cache ignores VRFs. Breaks config with the same prefix on
local interfaces in different VRFs. Not much problem as single hop
protocols do not work anyways.
- Olock code ignores VRFs. Breaks config with multiple BGP peers with the
same IP address in different VRFs.
- Incoming BGP connections are not dispatched according to VRFs.
Breaks config with multiple BGP peers with the same IP address in
different VRFs. Perhaps we would need some kernel API to read VRF of
incoming connection? Or probably use multiple listening sockets in
int-new branch.
- We should handle master VRF interface up/down events and perhaps
disable associated protocols when VRF goes down. Or at least disable
associated interfaces.
- Also we should check if the master iface is really VRF iface and
not some other kind of master iface.
- BFD session request dispatch should be aware of VRFs.
- Perhaps kernel protocol should read default kernel table ID from VRF
iface so it is not necessary to configure it.
- Perhaps we should have per-VRF default table.
|
|
Starting from Linux 4.11, IPv6 ECMP routes are now notified using
RTA_MULTIPATH, like IPv4 ones. The patch adds support for RTA_MULTIPATH
parsing for IPv6 routes. This also enables to parse ECMP alien routes
correctly.
Thanks to Vincent Bernat for the original patch.
|
|
Incorrect structure alignment breaks kernel routing table updates on
FreeBSD/ARM (and perhaps other platforms).
Thanks to Eugene Sevastyanov for the original patch.
|
|
|
|
Add configuration and docker definitions for tests and builds in Gitlab
CI platform.
Some of them currently fail, which is a known problem.
|
|
|
|
|
|
Keep a cache of all the relevant prefixes we send out. When a prefix
appears, insert it into the cache. If it dies, keep it there for a
while, marked as dead.
Send out the dead prefixes with zero lifetime.
|
|
Put the prefix option preparation into a separate function. We're going
to reuse that bit of code.
|
|
|
|
non-primary is ugly, just omit it (and use primary in the other case).
|
|
A non-primary address isn't necessarily secondary, that's an independent
flag.
|
|
|
|
A TODO file last updated 5 years ago is useless.
|
|
|
|
Adapt the naming conventions to be a bit closer to the other protocols.
proto_radv -> radv_proto
struct radv_proto *ra -> struct radv_proto *p
struct proto *p -> struct proto *P
|
|
|
|
Thanks to Lennert Buytenhek <buytenh@wantstofly.org> for the patch.
|
|
|
|
|
|
The old hash table had fixed size, which makes it slow for config files
with large number of symbols and symbol lookups. The new one is growing
according to needs.
|
|
Function isspace() expects to get *unsigned* chars (encoded as ints),
not that it matters for plain ASCII.
|
|
|
|
|
|
|
|
|
|
Simplify BIRD client library checks, add proper devel header checks and
prefer dependency on just tinfo than full ncurses.
|
|
Replaced by constant compile-time expressions. CPU_STRUCT_ALIGN is not
really correct, but is consistent with the old behavior.
|
|
Make indentation and quotation consistent in configure macros.
Also remove --with-sysinclude option, which was broken for 7 years
and nobody complained.
Thanks to Ruben Kerkhof for source patches.
|
|
|
|
Replace integer type width detection with C99 fixed-width types.
Also remove some unused or obsolete code.
Thanks to Ruben Kerkhof for the patchset.
|
|
The patch allows to use autoreconf, replaces some long obsolete
constructs and does some other minor cleanups. Also, the file
configure.in is renamed to configure.ac, as the old name has been
deprecated for a long time.
Thanks to Ruben Kerkhof for the patchset.
|
|
This may be useful if multple interfaces share the same network range.
Thanks to Fritz Grimpen for the original patch.
|
|
When a BGP session with ADD_PATH is restarted and the neighbor do not
announce ADD_PATH capability during reconnect, the accept_ra_types is
still set to RA_ANY.
Thanks to Lennert Buytenhek for the bugreport
|
|
Adds option 'allow bgp_local_pref' to override the usual restriction of
LOCAL_PREF on eBGP sessions.
Thanks to Lennert Buytenhek for the patch.
|
|
|
|
Thanks to Steve Leung for the bugreport.
|
|
During reconfiguration, old and new filter expressions in static routes
are compared using i_same() function. When filter expressions contain
function calls, it is necessary that old filter expressions are the
second argument in i_same(), as it is internally modified by i_same().
Otherwise pointers to old (and freed) data appear in the config
structure.
Thanks to Lennert Buytenhek for tracking and reporting the bug.
|
|
Thanks to Vincent Bernat for the patch.
|
|
FreeBSD 11 changed endianity of ip_len field from host order to network
order. Also DragonFly BSD allegedly expects network order here.
Thanks to Olivier Cochard-Labbé for the patch.
|
|
|
|
|
|
The variable nfa is not cleaned before each loop iteration and can have
a wrong value of nfa.nhs_reuse from the previous step.
Thanks to Bernardo Figueiredo for the bugreport and analysis.
|
|
Stubnet nodes in OSPF FIB were removed during rt_sync(), but the pointer
remained in top_hash_entry.nf, so net-summary LSA origination was
confused, reported 'LSA ID collision' and net-summary LSAs were not
originated properly.
Thanks to Naveen Chowdary Yerramneni for bugreport and analysis.
|
|
Prefix and bucket tables are initialized when entering established state
but not explicitly freed when leaving it (that is handled by protocol
restart). With graceful restart, BGP may enter and leave established
state multiple times without hard protocol restart causing memory leak.
|
|
Commit 3c09af41... changed behavior of int_set_add() from prepend to
append, which makes more sense for community list, but prepend must be
used for cluster list. Add int_set_prepend() and use it in cluster list
handling code.
|
|
|
|
|
|
Implement BFD authentication (part of RFC 5880). Supports plaintext
passwords and cryptographic MD5 / SHA-1 authentication.
Based on former commit from Pavel Tvrdik
|