summaryrefslogtreecommitdiff
path: root/lib/socket.h
AgeCommit message (Collapse)Author
2022-07-18Merge commit '94eb0858' into thread-nextMaria Matejka
2022-01-08IO: Support nonlocal bind in socket interfaceAlexander Zubkov
Add option to socket interface for nonlocal binding, i.e. binding to an IP address that is not present on interfaces. This behaviour is enabled when SKF_FREEBIND socket flag is set. For Linux systems, it is implemented by IP_FREEBIND socket flag. Minor changes done by commiter.
2021-11-22Converting the former BFD loop to a universal IO loop and protocol loop.Maria Matejka
There is a simple universal IO loop, taking care of events, timers and sockets. Primarily, one instance of a protocol should use exactly one IO loop to do all its work, as is now done in BFD. Contrary to previous versions, the loop is now launched and cleaned by the nest/proto.c code, allowing for a protocol to just request its own loop by setting the loop's lock order in config higher than the_bird. It is not supported nor checked if any protocol changed the requested lock order in reconfigure. No protocol should do it at all.
2020-04-09Configuration strings are constant.Maria Matejka
This is merely a const propagation. There was no problem in there.
2020-02-27BGP: Support for MD5SIG together with remote rangeOndrej Zajicek (work)
When dynamic BGP with remote range is configured, MD5SIG needs to use newer socket option (TCP_MD5SIG_EXT) to specify remote addres range for listening socket. Thanks to Adam Kułagowski for the suggestion.
2019-08-12RAdv: Allow solicited RAs to be sent as unicastOndrej Zajicek (work)
Add option to send solicited router advertisements as unicast directly to soliciting nodes instead of as multicast to all-nodes group.
2017-12-07Merge commit '7b2c5f3d2826e3175bf31b1c36056c9efc587a2b' into int-newOndrej Zajicek (work)
2017-09-06Basic VRF supportOndrej Zajicek (work)
Add basic VRF (virtual routing and forwarding) support. Protocols can be associated with VRFs, such protocols will be restricted to interfaces assigned to the VRF (as reported by Linux kernel) and will use sockets bound to the VRF. E.g., different multihop BGP instances can use diffent kernel routing tables to handle BGP TCP connections. The VRF support is preliminary, currently there are several limitations: - Recent Linux kernels (4.11) do not handle correctly sockets bound to interaces that are part of VRF, so most protocols other than multihop BGP do not work. This will be fixed by future kernel versions. - Neighbor cache ignores VRFs. Breaks config with the same prefix on local interfaces in different VRFs. Not much problem as single hop protocols do not work anyways. - Olock code ignores VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. - Incoming BGP connections are not dispatched according to VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. Perhaps we would need some kernel API to read VRF of incoming connection? Or probably use multiple listening sockets in int-new branch. - We should handle master VRF interface up/down events and perhaps disable associated protocols when VRF goes down. Or at least disable associated interfaces. - Also we should check if the master iface is really VRF iface and not some other kind of master iface. - BFD session request dispatch should be aware of VRFs. - Perhaps kernel protocol should read default kernel table ID from VRF iface so it is not necessary to configure it. - Perhaps we should have per-VRF default table.
2016-12-07Merge branch 'int-new-rpki-squashed' (early part) into int-newJan Moskyto Matejka
2016-12-07LibSSH may be switched off together with RPKIJan Moskyto Matejka
2016-12-07RPKI protocol with one cache server per protocolPavel Tvrdík
The RPKI protocol (RFC 6810) using the RTRLib (http://rpki.realmv6.org/) that is integrated inside the BIRD's code. Implemeted transports are: - unprotected transport over TCP - secure transport over SSHv2 Example configuration of bird.conf: ... roa4 table r4; roa6 table r6; protocol rpki { debug all; # Import both IPv4 and IPv6 ROAs roa4 { table r4; }; roa6 { table r6; }; # Set cache server (validator) address, # overwrite default port 323 remote "rpki-validator.realmv6.org" port 8282; # Overwrite default time intervals retry 10; # Default 600 seconds refresh 60; # Default 3600 seconds expire 600; # Default 7200 seconds } protocol rpki { debug all; # Import only IPv4 routes roa4 { table r4; }; # Set cache server address to localhost, # use default ports tcp => 323 or ssh => 22 remote 127.0.0.1; # Use SSH transport instead of unprotected transport over TCP ssh encryption { bird private key "/home/birdgeek/.ssh/id_rsa"; remote public key "/home/birdgeek/.ssh/known_hosts"; user "birdgeek"; }; } ...
2016-11-08Merge branch 'master' into int-newOndrej Zajicek (work)
2016-11-01Build: switch on -Wextra, get rid of most of the warningsJan Moskyto Matejka
There are several unresolved -Wmissing-field-initializers on older versions of GCC than 5.1, all of them false positive.
2016-05-17IO: Minor changes in socket AF handingOndrej Zajicek (work)
AF can be specified implicitly by saddr or daddr, flags SKF_V4ONLY and SKF_V6ONLY are to be removed.
2016-05-12Merge remote-tracking branch 'origin/master' into int-newOndrej Zajicek (work)
2016-04-13BSD: Add the IPsec SA/SP database entries controlOndrej Zajicek (work)
Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are handled automatically on both Linux and FreeBSD. Based on patches from Pavel Tvrdik.
2016-04-08Merge branch 'master' into int-new-channelsJan Moskyto Matejka
2016-04-06IO: Replace RX priority heuristic with explicit markOndrej Zajicek (work)
In BIRD, RX has lower priority than TX with the exception of RX from control socket. The patch replaces heuristic based on socket type with explicit mark and uses it for both control socket and BGP session waiting to be established. This should avoid an issue when during heavy load, outgoing connection could connect (TX event), send open, but then failed to receive OPEN / establish in time, not sending notifications between and therefore got hold timer expired error from the neighbor immediately after it finally established the connection.
2016-01-11Hidden AF_INET* inside sysdep/Jan Moskyto Matejka
2015-12-22Better fix of missing AF_INET6? definition in lib/socket.hJan Moskyto Matejka
Moved the code to sysdep.
2015-12-21BSD wants to include sys/socket.h in lib/socket.h (AF_INET6? definitions)Jan Moskyto Matejka
2015-12-21Follow-up work on integrationOndrej Zajicek (work)
2015-06-08unsigned [int] -> uintPavel Tvrdík
2015-02-22Use IP_PORTRANGE_HIGH for BFD where availableOndrej Zajicek
2014-10-24Integrated IP functions.Ondrej Zajicek
2014-05-18IPv4/IPv6 integrated socket code.Ondrej Zajicek
2014-02-06Many changes in I/O and OSPF sockets and packet handling.Ondrej Zajicek
I/O: - BSD: specify src addr on IP sockets by IP_HDRINCL - BSD: specify src addr on UDP sockets by IP_SENDSRCADDR - Linux: specify src addr on IP/UDP sockets by IP_PKTINFO - IPv6: specify src addr on IP/UDP sockets by IPV6_PKTINFO - Alternative SKF_BIND flag for binding to IP address - Allows IP/UDP sockets without tx_hook, on these sockets a packet is discarded when TX queue is full - Use consistently SOL_ for socket layer values. OSPF: - Packet src addr is always explicitly set - Support for secondary addresses in BSD - Dynamic RX/TX buffers - Fixes some minor buffer overruns - Interface option 'tx length' - Names for vlink pseudoifaces (vlinkX) - Vlinks use separate socket for TX - Vlinks do not use fixed associated iface - Fixes TTL for direct unicast packets - Fixes DONTROUTE for OSPF sockets - Use ifa->ifname instead of ifa->iface->name
2013-09-10Initial BFD commit, work in progress.Ondrej Zajicek
2013-06-25Implements TTL security for OSPF and RIP.Ondrej Zajicek
Interfaces for OSPF and RIP could be configured to use (and request) TTL 255 for traffic to direct neighbors. Thanks to Simon Dickhoven for the original patch for RIPng.
2013-06-24Better packet priority and traffic class handling.Ondrej Zajicek
Implements support for IPv6 traffic class, sets higher priority for OSPF and RIP outgoing packets by default and allows to configure ToS/DS/TClass IP header field and the local priority of outgoing packets.
2012-07-18Rename sk_new() to avoid name collision with OpenSSL.Ondrej Zajicek
2012-01-08Better support for link-local addresses in IO code.Ondrej Zajicek
2011-08-16The generalized TTL security mechanism (RFC 5082) support.Ondrej Zajicek
Thanks to Alexander V. Chernikov for the patch.
2011-03-13Implements Router Advertisement protocol.Ondrej Zajicek
2010-03-11Merge branch 'new' into socket2Ondrej Zajicek
2010-02-21Fix configure to enable warnings and fix most of them.Ondrej Zajicek
2010-02-11Moves errno.h include.Ondrej Zajicek
2010-02-11Temporary OSPF commit - socket changes.Ondrej Zajicek
2010-01-08Socket table update.Ondrej Zajicek
2009-11-09Use IPv6 checksums in OSPFv3.Ondrej Zajicek
2009-11-09Merge branch 'dev' into ospf3Ondrej Zajicek
2009-10-11Workaround for stupid callback scheduler.Ondrej Zajicek
There is no reak callback scheduler and previous behavior causes bad things during hard congestion (like BGP hold timeouts). Smart callback scheduler is still missing, but main loop was changed such that it first processes all tx callbacks (which are fast enough) (but max 4* per socket) + rx callbacks for CLI, and in the second phase it processes one rx callback per socket up to four sockets (as rx callback can be slow when there are too many protocols, because route redistribution is done synchronously inside rx callback). If there is event callback ready, second phase is skipped in 90% of iterations (to speed up CLI during congestion).
2009-09-04Temporary OSPFv3 development commit (changing multicast support).Ondrej Zajicek
2009-06-18Implements option that changes BGP listening socket parametres.Ondrej Zajicek
2008-11-01Multihop BGP was completely broken, because listening socket has alwaysOndrej Zajicek
ttl 1.
2008-10-26Implementation of MD5 authentication of BGP sessions.Ondrej Zajicek
2004-06-04OSPF is ready for changing MTU.Ondrej Filip
2004-05-31Rewritten the I/O loop. All socket operations are now safe, meaning thatMartin Mares
you can delete the socket from anywhere in the hooks and nothing should break. Also, the receive/transmit buffers are now regular xmalloc()'ed buffers, not separate resources which would need shuffling around between pools. sk_close() is gone, use rfree() instead.
2000-03-30Defined sk_close() which closes the socket safely even if called fromMartin Mares
socket hook. Replaces the SK_DELETED hack. Squashed a couple of bugs in handling of TCP sockets.
1999-10-29Implemented unix-domain sockets.Martin Mares