summaryrefslogtreecommitdiff
path: root/doc
AgeCommit message (Collapse)Author
2022-04-07BFD: Add 'strict bind' optionOndrej Zajicek (work)
Add BFD protocol option 'strict bind' to use separate listening socket for each BFD interface bound to its address instead of using shared listening sockets.
2022-03-09Merge commit '56c8f2f0' into haugesundMaria Matejka
Conflicts: nest/route.h nest/rt-table.c
2022-03-09Merge commit 'e42eedb9' into haugesundMaria Matejka
2022-03-02Minor doc and gendist changes3.0-alpha0Ondrej Filip
2022-02-20Small changes related to the new releaseOndrej Filip
2022-02-07Blogpost about performance + data.Maria Matejka
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06Doc: Describe routing table optionsOndrej Zajicek (work)
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-04Merge commit 'a9646efd40569f3a1d749bc1bd13219876b33a00' into sark-bgp-rebasedMaria Matejka
2022-02-04Merge commit '75aceadaf746f8ed0acce0424f89903283dacf16' into sark-bgp-rebasedMaria Matejka
2022-02-04Merge commit '00410fd6c17697a5919cb32a44f7117dd3a0834a' into sark-bgp-rebasedMaria Matejka
2022-02-04Thread performance: Moved graph key to left top corner where it fits betterMaria Matejka
2022-02-04Thread documentation: Final version of chapter 3Maria Matejka
2022-02-03Thread documentation: Rewritten chapter 3 on loops and locks once againMaria Matejka
2022-02-03Performance data of sark vs. v2.0.8 with a chart generatorMaria Matejka
2022-01-17Netlink: Add option to specify netlink socket receive buffer sizeOndrej Zajicek (work)
Add option 'netlink rx buffer' to specify netlink socket receive buffer size. Uses SO_RCVBUFFORCE, so it can override rmem_max limit. Thanks to Trisha Biswas and Michal for the original patches.
2022-01-09BGP: Add option 'free bind'Ondrej Zajicek (work)
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND socket option for the BGP listening socket. Thanks to Alexander Zubkov for the idea.
2021-12-28Doc: Document min/max operators for listsAlexander Zubkov
2021-12-28Doc: Document community components access operatorsAlexander Zubkov
2021-12-22Thread documentation: Chapter 4 on memory managementMaria Matejka
2021-12-18Doc: bgp: remove "advertise ipv4"Simon Ruderich
The option was removed in d15b0b0a ("BGP redesign", 2016-12-07) but the documentation wasn't updated.
2021-12-08Thread documentation: Completely rewritten chapter 3 on loops and locksMaria Matejka
2021-12-08Final version of asynchronous export documentationMaria Matejka
2021-12-08Thread documentation: chapter 3, coroutines and lockingMaria Matejka
2021-12-08Thread documentation: chapters 0, 1 and 2Maria Matejka
2021-11-09Nest: Route generations and explicit tracking route propagion through pipesMaria Matejka
2021-10-13Dropping the RTS_DUMMY temporary route storage.Maria Matejka
Kernel route sync is done by other ways now and this code is not used currently.
2021-10-13Multipage allocationMaria Matejka
We can also quite simply allocate bigger blocks. Anyway, we need these blocks to be aligned to their size which needs one mmap() two times bigger and then two munmap()s returning the unaligned parts. The user can specify -B <N> on startup when <N> is the exponent of 2, setting the block size to 2^N. On most systems, N is 12, anyway if you know that your configuration is going to eat gigabytes of RAM, you are almost forced to raise your block size as you may easily get into memory fragmentation issues or you have to raise your maximum mapping count, e.g. "sysctl vm.max_map_count=(number)".
2021-06-09Nest: Allow both 'password' and 'key' keywords for authentication keysOndrej Zajicek (work)
2021-06-06Babel: Add MAC authentication support - updateOndrej Zajicek (work)
Some cleanups and bugfixes to the previous patch, including: - Fix rate limiting in index mismatch check - Fix missing BABEL_AUTH_INDEX_LEN in auth_tx_overhead computation - Fix missing auth_tx_overhead recalculation during reconfiguration - Fix pseudoheader construction in babel_auth_sign() (sport vs fport) - Fix typecasts for ptrdiffs in log messages - Make auth log messages similar to corresponding RIP/OSPF ones - Change auth log messages for events that happen during regular operation to debug messages - Switch meaning of babel_auth_check*() functions for consistency with corresponding RIP/OSPF ones - Remove requirement for min/max key length, only those required by given MAC code are enforced
2021-06-06Babel: Add MAC authentication supportToke Høiland-Jørgensen
This implements support for MAC authentication in the Babel protocol, as specified by RFC 8967. The implementation seeks to follow the RFC as close as possible, with the only deliberate deviation being the addition of support for all the HMAC algorithms already supported by Bird, as well as the Blake2b variant of the Blake algorithm. For description of applicability, assumptions and security properties, see RFC 8967 sections 1.1 and 1.2.
2021-06-06Nest: Allow specifying security keys as hex bytes as well as stringsToke Høiland-Jørgensen
Add support for specifying a password in hexadecimal format, The result is the same whether a password is specified as a quoted string or a hex-encoded byte string, this just makes it more convenient to input high-entropy byte strings as MAC keys.
2021-06-06Lib: Add Blake2s and Blake2b hash functionsToke Høiland-Jørgensen
The Babel MAC authentication RFC recommends implementing Blake2s as one of the supported algorithms. In order to achieve do this, add the blake2b and blake2s hash functions for MAC authentication. The hashing function implementations are the reference implementations from blake2.net. The Blake2 algorithms allow specifying an arbitrary output size, and the Babel MAC spec says to implement Blake2s with 128-bit output. To satisfy this, we add two different variants of each of the algorithms, one using the default size (256 bits for Blake2s, 512 bits for Blake2b), and one using half the default output size. Update to BIRD coding style done by committer.
2021-05-18Flowspec: Documentation updateOndrej Zajicek (work)
2021-05-18Flowspec: Do not use comma for bitmask operatorsOndrej Zajicek (work)
For numeric operators, comma is used for disjunction in expressions like "10, 20, 30..40". But for bitmask operators, comma is used for conjunction in a way that does not really make much sense. Use always explicit logical operators (&& and ||) to connect bitmask operators. Thanks to Matt Corallo for the bugreport.
2021-05-17Filter: Add MPLS label route attributeTrisha Biswas
Add support to set or read outgoing MPLS labels using filters. Currently this supports the addition of one label per route for the first next hop. Minor changes by committer.
2021-04-25Doc: Include full LinuxDocTools codeOndrej Zajicek (work)
BIRD uses hacked LinuxDocTools for building documentation, keeping some parts locally and using remaining parts from system-installed one. This setup breaks when LinuxDocTools makes some internal changes and is hard to keep consistent. Just include full LinuxDocTools code (both hacked and unmodified parts) to avoid consistency issues. Note that we still need some binaries from LinuxDocTools, so it still needs to be installed to build documentation.
2021-04-03Doc: Fix flowspec exampleOndrej Zajicek (work)
Thanks to Matt Corallo for the bugreport.
2021-03-15Doc: Document automatic RPKI reloadOndrej Zajicek (work)
2021-03-15Doc: Document channel debug optionsOndrej Zajicek (work)
2021-02-10BGP: Add support for BGP hostname capabilityVincent Bernat
This is an implementation of draft-walton-bgp-hostname-capability-02. It is implemented since quite some time for FRR and in datacenter, this gives a nice output to avoid using IP addresses. It is disabled by default. The hostname is retrieved from uname(2) and can be overriden with "hostname" option. The domain name is never set nor displayed. Minor changes by committer.
2021-01-07Doc: Describe per-nexthop static route optionsOndrej Zajicek (work)
Also remove description of (no longer supported) per-route 'bfd' option, and add examples of IPv6 routes with link-local nexthops.
2021-01-06BGP: Deprecate 'missing lladdr' optionOndrej Zajicek (work)
The option is not implemented since transition to 2.0 and no plan to add it. Also remove some deprecated RTS_* valus from documentation. Thanks to Sébastien Parisot for notification.
2020-12-02Filter: Add 'weight' route attributeOndrej Zajicek (work)
Add 'weight' route attribute that allows to get and set ECMP weight of nexthops. Similar to 'gw' attribute, it is limited to the first nexthop, but it is useful for handling BGP multipath, where an ECMP route is merged from multiple regular routes.
2020-11-19Static: Support for multiple routes with the same networkOndrej Zajicek (work)
Add support for proper handling of multiple routes with the same network to the static protocol. Routes are distinguished by internal index, which is assigned automatically (sequentially for routes within each network). Having different route preference or igp_metric attribute is optional.
2020-11-18Doc: Added example of static routes with BGP large communitiesNigel Kukard
2020-11-15Doc: Fix typoOndrej Zajicek (work)
Thanks to Hexhu for the bugreport.
2020-11-12BFD: Update documentation about per-session optionsOndrej Zajicek (work)
2020-10-11RPKI: Add 'ignore max length' optionOndrej Zajicek (work)
Add 'ignore max length' option to RPKI protocol, which ignores received max length in ROA records and instead uses max value (32 or 128). This may be useful for implementing loose RPKI check for blackholes.