summaryrefslogtreecommitdiff
path: root/doc/bird.sgml
AgeCommit message (Collapse)Author
2023-01-17Filter: Allow setting the 'onlink' route attribute in filtersRadu Carpa
Add static route attribute to set onlink flag for route next hop. Can be used to build a dynamically routed IP-in-IP overlay network. Usage: ifname = "tunl0"; onlink = true; gw = bgp_next_hop;
2022-12-09Doc: Document issue with import tablesOndrej Zajicek
The import table does not work reliably together with re-evaluation of routes due to recursive next hops or flowspec validation. We will at least document that here, as import tables are completely redesigned and this issue is fixed in BIRD 3.x branch.
2022-12-09BGP: Improve handling of hold and keepalive timersOndrej Zajicek
The effective keepalive time now scales relative to the negotiated hold time, to maintain proportion between the keepalive time and the hold time. This avoids issues when both keepalive and hold times were configured, the hold time was negotiated to a smaller value, but the keepalive time stayed the same. Add new options 'min hold time' and 'min keepalive time', which reject session attempts with too small hold time. Improve validation of config options an their documentation. Thanks to Alexander Zubkov and Sergei Goriunov for suggestions.
2022-11-09Conf: Free stored old config before parsing new oneOndrej Zajicek
BIRD keeps a previous (old) configuration for the purpose of undo. The existing code frees it after a new configuration is successfully parsed during reconfiguration. That causes memory usage spikes as there are temporarily three configurations (old, current, and new). The patch changes it to free the old one before parsing the new one (as user already requested a new config). The disadvantage is that undo is not available after failed reconfiguration.
2022-10-18Doc: Add documentation for "show route (import|export) table"Alexander Zubkov
2022-10-10BGP: Add option 'next hop prefer global'Ondrej Zajicek
Add BGP channel option 'next hop prefer global' that modifies BGP recursive next hop resolution to use global next hop IPv6 address instead of link-local next hop IPv6 address for immediate next hop of received routes.
2022-07-24Merge branch 'master' into backportOndrej Zajicek
2022-07-12BGP: Minor improvements to BGP rolesOndrej Zajicek
Add support for bgp_otc in filters and warning for configuration inside confederations.
2022-07-11BGP: Implement BGP rolesEugene Bogomazov
Implement BGP roles as described in RFC 9234. It is a mechanism for route leak prevention and automatic route filtering based on common BGP topology relationships. It defines role capability (controlled by 'local role' option) and OTC route attribute, which is used for automatic route filtering and leak detection. Minor changes done by commiter.
2022-07-11Merge remote-tracking branch 'origin/master' into backportMaria Matejka
2022-07-10Merge version 2.0.10 into backportMaria Matejka
2022-06-27Filter: Implement for loopsOndrej Zajicek (work)
For loops allow to iterate over elements in compound data like BGP paths or community lists. The syntax is: for [ <type> ] <variable> in <expr> do <command-body>
2022-06-27Filter: Implement mixed declarations of local variablesOndrej Zajicek (work)
Allow variable declarations mixed with code, also in nested blocks with proper scoping, and with variable initializers. E.g: function fn(int a) { int b; int c = 10; if a > 20 then { b = 30; int d = c * 2; print a, b, c, d; } string s = "Hello"; }
2022-06-04Nest: Improve GC strategy for rtablesOndrej Zajicek
Use timer (configurable as 'gc period') to schedule routing table GC/pruning to ensure that prune is done on time but not too often. Randomize GC timers to avoid concentration of GC events from different tables in one loop cycle. Fix a bug that caused minimum inter-GC interval be 5 us instead of 5 s. Make default 'gc period' adaptive based on number of routing tables, from 10 s for small setups to 600 s for large ones. In marge multi-table RS setup, the patch improved time of flushing a downed peer from 20-30 min to <2 min and removed 40s latencies.
2022-05-30Merge remote-tracking branch 'origin/master' into haugesund-to-2.0Maria Matejka
2022-05-30Merge commit '692055e3df6cc9f0d428d3b0dd8cdd8e825eb6f4' into haugesund-to-2.0Maria Matejka
2022-04-22Doc: fix mating -> matching in flowspec sectionVincent Bernat
2022-04-07BFD: Add 'strict bind' optionOndrej Zajicek (work)
Add BFD protocol option 'strict bind' to use separate listening socket for each BFD interface bound to its address instead of using shared listening sockets.
2022-03-09Merge commit 'e42eedb9' into haugesundMaria Matejka
2022-02-20Small changes related to the new releaseOndrej Filip
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06Doc: Describe routing table optionsOndrej Zajicek (work)
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-01-17Netlink: Add option to specify netlink socket receive buffer sizeOndrej Zajicek (work)
Add option 'netlink rx buffer' to specify netlink socket receive buffer size. Uses SO_RCVBUFFORCE, so it can override rmem_max limit. Thanks to Trisha Biswas and Michal for the original patches.
2022-01-09BGP: Add option 'free bind'Ondrej Zajicek (work)
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND socket option for the BGP listening socket. Thanks to Alexander Zubkov for the idea.
2021-12-28Doc: Document min/max operators for listsAlexander Zubkov
2021-12-28Doc: Document community components access operatorsAlexander Zubkov
2021-12-18Doc: bgp: remove "advertise ipv4"Simon Ruderich
The option was removed in d15b0b0a ("BGP redesign", 2016-12-07) but the documentation wasn't updated.
2021-10-13Dropping the RTS_DUMMY temporary route storage.Maria Matejka
Kernel route sync is done by other ways now and this code is not used currently.
2021-10-13Multipage allocationMaria Matejka
We can also quite simply allocate bigger blocks. Anyway, we need these blocks to be aligned to their size which needs one mmap() two times bigger and then two munmap()s returning the unaligned parts. The user can specify -B <N> on startup when <N> is the exponent of 2, setting the block size to 2^N. On most systems, N is 12, anyway if you know that your configuration is going to eat gigabytes of RAM, you are almost forced to raise your block size as you may easily get into memory fragmentation issues or you have to raise your maximum mapping count, e.g. "sysctl vm.max_map_count=(number)".
2021-06-09Nest: Allow both 'password' and 'key' keywords for authentication keysOndrej Zajicek (work)
2021-06-06Babel: Add MAC authentication support - updateOndrej Zajicek (work)
Some cleanups and bugfixes to the previous patch, including: - Fix rate limiting in index mismatch check - Fix missing BABEL_AUTH_INDEX_LEN in auth_tx_overhead computation - Fix missing auth_tx_overhead recalculation during reconfiguration - Fix pseudoheader construction in babel_auth_sign() (sport vs fport) - Fix typecasts for ptrdiffs in log messages - Make auth log messages similar to corresponding RIP/OSPF ones - Change auth log messages for events that happen during regular operation to debug messages - Switch meaning of babel_auth_check*() functions for consistency with corresponding RIP/OSPF ones - Remove requirement for min/max key length, only those required by given MAC code are enforced
2021-06-06Babel: Add MAC authentication supportToke Høiland-Jørgensen
This implements support for MAC authentication in the Babel protocol, as specified by RFC 8967. The implementation seeks to follow the RFC as close as possible, with the only deliberate deviation being the addition of support for all the HMAC algorithms already supported by Bird, as well as the Blake2b variant of the Blake algorithm. For description of applicability, assumptions and security properties, see RFC 8967 sections 1.1 and 1.2.
2021-06-06Nest: Allow specifying security keys as hex bytes as well as stringsToke Høiland-Jørgensen
Add support for specifying a password in hexadecimal format, The result is the same whether a password is specified as a quoted string or a hex-encoded byte string, this just makes it more convenient to input high-entropy byte strings as MAC keys.
2021-06-06Lib: Add Blake2s and Blake2b hash functionsToke Høiland-Jørgensen
The Babel MAC authentication RFC recommends implementing Blake2s as one of the supported algorithms. In order to achieve do this, add the blake2b and blake2s hash functions for MAC authentication. The hashing function implementations are the reference implementations from blake2.net. The Blake2 algorithms allow specifying an arbitrary output size, and the Babel MAC spec says to implement Blake2s with 128-bit output. To satisfy this, we add two different variants of each of the algorithms, one using the default size (256 bits for Blake2s, 512 bits for Blake2b), and one using half the default output size. Update to BIRD coding style done by committer.
2021-05-18Flowspec: Documentation updateOndrej Zajicek (work)
2021-05-18Flowspec: Do not use comma for bitmask operatorsOndrej Zajicek (work)
For numeric operators, comma is used for disjunction in expressions like "10, 20, 30..40". But for bitmask operators, comma is used for conjunction in a way that does not really make much sense. Use always explicit logical operators (&& and ||) to connect bitmask operators. Thanks to Matt Corallo for the bugreport.
2021-05-17Filter: Add MPLS label route attributeTrisha Biswas
Add support to set or read outgoing MPLS labels using filters. Currently this supports the addition of one label per route for the first next hop. Minor changes by committer.
2021-04-03Doc: Fix flowspec exampleOndrej Zajicek (work)
Thanks to Matt Corallo for the bugreport.
2021-03-15Doc: Document automatic RPKI reloadOndrej Zajicek (work)
2021-03-15Doc: Document channel debug optionsOndrej Zajicek (work)
2021-02-10BGP: Add support for BGP hostname capabilityVincent Bernat
This is an implementation of draft-walton-bgp-hostname-capability-02. It is implemented since quite some time for FRR and in datacenter, this gives a nice output to avoid using IP addresses. It is disabled by default. The hostname is retrieved from uname(2) and can be overriden with "hostname" option. The domain name is never set nor displayed. Minor changes by committer.
2021-01-07Doc: Describe per-nexthop static route optionsOndrej Zajicek (work)
Also remove description of (no longer supported) per-route 'bfd' option, and add examples of IPv6 routes with link-local nexthops.
2021-01-06BGP: Deprecate 'missing lladdr' optionOndrej Zajicek (work)
The option is not implemented since transition to 2.0 and no plan to add it. Also remove some deprecated RTS_* valus from documentation. Thanks to Sébastien Parisot for notification.
2020-12-02Filter: Add 'weight' route attributeOndrej Zajicek (work)
Add 'weight' route attribute that allows to get and set ECMP weight of nexthops. Similar to 'gw' attribute, it is limited to the first nexthop, but it is useful for handling BGP multipath, where an ECMP route is merged from multiple regular routes.
2020-11-19Static: Support for multiple routes with the same networkOndrej Zajicek (work)
Add support for proper handling of multiple routes with the same network to the static protocol. Routes are distinguished by internal index, which is assigned automatically (sequentially for routes within each network). Having different route preference or igp_metric attribute is optional.
2020-11-18Doc: Added example of static routes with BGP large communitiesNigel Kukard
2020-11-12BFD: Update documentation about per-session optionsOndrej Zajicek (work)
2020-10-11RPKI: Add 'ignore max length' optionOndrej Zajicek (work)
Add 'ignore max length' option to RPKI protocol, which ignores received max length in ROA records and instead uses max value (32 or 128). This may be useful for implementing loose RPKI check for blackholes.
2020-10-05Doc: Fix missing semicolonsOndrej Zajicek (work)
Thanks to Marco Gartmann for the bugreport.