summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-03-03Flowspec: Fix testsOndrej Zajicek (work)
Missing dst no longer generates error.
2020-03-03BGP: Handle flowspec rules without dst partOndrej Zajicek (work)
The RFC 5575 does not explicitly reject flowspec rules without dst part, it just requires dst part in validation procedure for feasibility, which we do not implement anyway. Thus flow without dst prefix is syntactically valid, but unfeasible (if feasibilty testing is done). Thanks to Alex D. for the bugreport.
2020-02-27BGP: Support for MD5SIG together with remote rangeOndrej Zajicek (work)
When dynamic BGP with remote range is configured, MD5SIG needs to use newer socket option (TCP_MD5SIG_EXT) to specify remote addres range for listening socket. Thanks to Adam Kułagowski for the suggestion.
2020-02-21RIP: Demand circuit support (RFC 2091)Ondrej Zajicek (work)
2020-02-14RIP: Fix crash when interface is removedOndrej Zajicek (work)
Recent changes in neighbor code caused RIP to access neighbor field which is NULL during interface/neighbor removal and caused crash when debug messages are enabled. Use correct field to get iface from neighbor.
2020-02-04Conf: Better error message when reading iproute2 configMaria Matejka
Reported by: Martin Weinelt <martin@darmstadt.freifunk.net>
2020-02-04RPKI: Allow build without libSSHMaria Matejka
2020-02-04Added missing externMaria Matejka
Thanks to Robert Scheck <bird@robert-scheck.de> who reported it and Toke Høiland-Jørgensen <toke@toke.dk> who suggested this patch.
2020-01-28BFD: Option to specify which class of BFD sessions are acceptedOndrej Zajicek (work)
Allows to configure IPv4/IPv6-only or direct/multihop-only BFD protocol instances.
2020-01-09OSPF: Fix bad initialization of tx_hdrlen fieldOndrej Zajicek (work)
Function ifa_tx_hdrlen() uses fields autype and passwords, so it must be called after these are set. Thanks to Kenth Eriksson for the bugreport.
2020-01-07KRT: Improve syncer code to avoid using temporary data in rtableOndrej Zajicek (work)
The old code stored route verdicts and temporary routes directly in rtable. The new code do not store received routes (it immediately compares them with exported routes and resolves conflicts) and uses internal bitmap to keep track of which routes were received and which needs to be reinstalled. By not putting 'invalid' temporary routes to rtable, we keep rtable in consistent state, therefore scan no longer needs to be atomic operation and could be splitted to multiple events.
2020-01-07Filter: Fix typecheck for AND/OR.Ondrej Zajicek (work)
Do not apply dynamic type check for second argument of AND/OR, as it is not evaluated immediately like regular argument would be. Thanks to Mikael for the bugreport.
2019-12-19KRT: Remove KRF_SYNC_ERROR flagOndrej Zajicek (work)
This info is now stored in an internal bmap. Unfortunately, net.flags is still needed for temporary kernel data.
2019-12-17KRT: Fix removal of KRF_INSTALLEDOndrej Zajicek (work)
Use route id from net->routes to check export_map. Route received from sysdep KRT code does not have proper id.
2019-12-17Test: Improve filter_testOndrej Zajicek (work)
Initial parsing of test.conf must be done directly in filter_test main, while reconfiguration is handled as a regular test. Also fix several minor issues in test code.
2019-12-16Doc: Fix documentation of BGP gateway optionOndrej Zajicek (work)
Thanks to Nico Schottelius for the bugreport.
2019-12-16KRT: Remove KRF_INSTALLED flagOndrej Zajicek (work)
The same information is stored in export_map of kernel protocol.
2019-12-12Filter: fix filter comparison testMaria Matejka
2019-12-10Filter: Fix function comparisonOndrej Zajicek (work)
Check the SYM_FLAG_SAME in new symbols. The old code checked that in old symbols (f2).
2019-12-10Nest: Fix bitmap cleanupOndrej Zajicek (work)
Channel currently does not have independent pool and uses protocol pool, which is freed when protocol changes state to down, while channel is still in flushing. Move some some cleanup code to channel_do_flush() so it is done before freeing of protocol pool.
2019-12-09Filter: Add support for src/dst accessors for Flowspec and SADROndrej Zajicek (work)
2019-12-03BGP: Add some statisticsOndrej Zajicek (work)
Add some statistic counters to BGP consistent with BGP MIB (RFC 4273), including persistent 'FSM established transitions'.
2019-11-26CI: Add more build testsMatous Holinka
Add more Docker images with distributions (CentOS 8, Debian 10, Fedora 27-31, OpenSUSE 15.0 & 15.1, and Ubuntu 18.04 & 19.04). Fix some issues with older ones.
2019-11-26CI: Cleanup of job templatesOndrej Zajicek (work)
Env templates were used for separate IPv4/IPv6 build, that is no longer needed.
2019-11-26CI: Update new netlab locationOndrej Zajicek (work)
2019-11-26CI: Minor updateOndrej Zajicek (work)
2019-11-26Apply relevant changes from branch mh-test-gitlabOndrej Zajicek (work)
2019-11-26Gitlab testOndrej Zajicek (work)
2019-11-26Nest: Use bitmaps to keep track of exported routesOndrej Zajicek (work)
Use a hierarchical bitmap in a routing table to assign ids to routes, and then use bitmaps (indexed by route id) in channels to keep track whether routes were exported. This avoids unreliable and inefficient re-evaluation of filters for old routes in order to determine whether they were exported.
2019-11-26Lib: Basic and hierarchical bitmapsOndrej Zajicek (work)
Basic bitmap is obvious. Hierarchical bitmap is structure of several bitmaps, where higher levels are conjunctions of intervals on level below, allowing for efficient lookup of first unset bit.
2019-11-26CLI: Fix continuation lines after final oneOndrej Zajicek (work)
Continuation lines may use short form (with space instead of message number), but this should not be done when previous line is final. Thanks to Kenth Eriksson for the bugreport and analysis.
2019-11-18BGP: Fix processing of IPv6 FlowspecOndrej Zajicek (work)
During NLRI parsing of IPv6 Flowspec, dst prefix was not properly extracted from NLRI, therefore a received flow was stored in a different position in flowspec routing table, and was not reachable by command 'show route <flow>'. Add proper prefix part accessors to flowspec code and use them from BGP NLRI parsing code. Thanks to Alex D. for the bugreport.
2019-11-12Netlink: Handle IPv4 routes with IPv6 nexthopsOndrej Zajicek
Accept RTA_VIA attribute in all cases. The old code always used RTA_GATEWAY for IPv4 / IPv6 and RTA_VIA for MPLS. The new code uses RTA_VIA in cases where AF of network and AF of nexthop differs.
2019-11-10BGP: Add option to enforce first AS in AS_PATHOndrej Zajicek (work)
This is optional check described in RFC 4271. Although this can be also done by filters, it is widely implemented option in BGP implementations. Thanks to Eugene Bogomazov for the original patch.
2019-11-05Doc: Minor fixOndrej Zajicek (work)
2019-11-05Doc: Add documentation for BGP option 'allow as sets'Ondrej Zajicek (work)
2019-11-05Filter: Add type info for more instructionsOndrej Zajicek (work)
2019-11-05Filter: Improve typecheck error messagesOndrej Zajicek (work)
2019-11-05Filter: Better constant promotionOndrej Zajicek (work)
We use constant promotion from IPv4 to Router-ID values, as they have same literals. Instead of ad-hoc code in filter instructions, add constant promotion code to parse-time typecheck code.
2019-11-05Filter: Improved parse-time typechecksOndrej Zajicek (work)
2019-11-05Filter: Parse-time typechecksOndrej Zajicek
Most expressions can be type-validated in parse time. It is not strong enough to eliminate runtime checks, but at least one gets errors immediately during reconfigure.
2019-11-04BGP: Add option to reject AS_SETsOndrej Zajicek (work)
There is a pending draft to make them obsolete
2019-11-03Support for address family constantsOndrej Zajicek (work)
We already had them defined on BGP level, but they are more general.
2019-11-03Nest: Fix bug in export tableOndrej Zajicek (work)
For regular channels do not compare src in export table, as we want to keep here only the best (exported) route per network.
2019-10-26BGP: RFC 8654 got releasedOndrej Zajicek (work)
2019-10-25Nest: Fix primary flag in show routeOndrej Zajicek (work)
The route is changed by rte_make_tmp_attrs(), so we need to compare net->routes to the original one. Thanks to Kenth Eriksson for the bugreport.
2019-10-24BGP: Fix handling of transitive extended communitiesOndrej Zajicek (work)
Transitive extended communities should be removed on external sessions, the old code them in all cases. Thanks to Jean-Daniel Pauget for the original patch.
2019-10-22Accept uppercase letters in iproute2 namesOndrej Zajicek
Names read from texfiles in /etc/iproute2/* are normalized by replacing non-alphanumeric chars with underscore. The patch fixes handling of uppercase letters, which were handled as non-alphanumberic. Thanks to Igor Gavrilov for the bugreport.
2019-10-19Nest: Fix build without protocolsFabrice Fontaine
(CHECK keyword added by commiter)
2019-10-19RPKI: Fix handling of IPv6 cache addressesOndrej Zajicek (work)
The old code used just sizeof(struct sockaddr) bytes of IP address.