| Age | Commit message (Collapse) | Author |
|---|
|
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
|
|
|
|
|
|
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.
Fixed make doc on recent Debian together with moving generated doc into
objdir.
Moved Makefile.in into root dir
Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
|
|
|
|
|
|
Thanks to Ondrej Zajicek for his support with writing this code.
|
|
Add ROA_UNKNOWN, ROA_VALID and ROA_INVALID
|
|
|
|
|
|
Contains some patches from Jan Moskyto Matejka
|
|
|
|
|
|
|
|
Multiple changes by Ondrej Santiago Zajicek
|
|
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.
Squashing and minor changes by Ondrej Santiago Zajicek
|
|
New data types net_addr and variants (in lib/net.h) describing
network addresses (prefix/pxlen). Modifications of FIB structures
to handle these data types and changing everything to use these
data types instead of prefix/pxlen pairs where possible.
The commit is WiP, some protocols are not yet updated (BGP, Kernel),
and the code contains some temporary scaffolding.
Comments are welcome.
|
|
The patch adds suport for specifying route attributes together with
static routes, e.g.:
route 10.1.1.0/24 via 10.0.0.1 { krt_advmss = 1200; ospf_metric1 = 100; };
|
|
Kernel option 'merge paths' allows to merge routes exported to kernel
protocol (currently BGP and static routes) to multipath routes.
|
|
|
|
|
|
Thanks to Alexander Chernikov for the patch.
|
|
|
|
Thanks to Michael Fincham for the bugreport.
|
|
|
|
|
|
|
|
Conflicts:
filter/filter.c
nest/proto.c
nest/rt-table.c
proto/bgp/bgp.h
proto/bgp/config.Y
|
|
|
|
|
|
|
|
Similar to allowas-in option on other routers.
|
|
|
|
Thanks to Sergey Popovich for the original patch.
|
|
Thanks to Sergey Popovich for original patches.
|
|
Thanks to Sergey Popovich for the patch.
|
|
Also fixes missing type check for element ~ set.
|
|
Thanks to Sergey Popovich for the original ifname/ifindex patch.
|
|
When global set variables were used, every reconfiguration restarted
protocols that use it in filters.
Thanks to Sergey Popovich for a bugreport.
|
|
|
|
Thanks to Sergey Popovich for the bugreport.
|
|
Thanks to Javor Kliachev for the bugreport.
|
|
|
|
Implemented eval command can be used to evaluate expressions.
The patch also documents echo command and allows to use log classes
instead of integer as a mask for echo.
|
|
|
|
The RAdv protocol could be configured to change its behavior based on
availability of routes, e.g., do not announce router lifetime when a
default route is not available.
|
|
|
|
|
|
Allows to send and receive multiple routes for one network by one BGP
session. Also contains necessary core changes to support this (routing
tables accepting several routes for one network from one protocol).
It needs some more cleanup before merging to the master branch.
|
|
Also fixes some minor bugs in include.
Thanks Kelly Cochran for suggestion and draft patch.
|
