| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
Add flow4/flow6 network and rt-table type and operations, config grammar
and static protocol support.
Squashed flowspec branch from Pavel Tvrdik.
|
|
|
|
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
|
|
|
|
Example:
bird> eval (1.2.0.0/16 max 20 as 1234).asn
1234
Todo: Should be described in user docs
|
|
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
|
|
Prefix and bucket tables are initialized when entering established state
but not explicitly freed when leaving it (that is handled by protocol
restart). With graceful restart, BGP may enter and leave established
state multiple times without hard protocol restart causing memory leak.
|
|
|
|
|
|
- Unit Testing Framework (BirdTest)
- Integration of BirdTest into the BIRD build system
- Tests for several BIRD modules
Based on squashed Pavel Tvrdik's int-test branch, updated for
current int-new branch.
|
|
|
|
|
|
|
|
|
|
Based on former commit from Pavel Tvrdik
|
|
Add generic interface for generating and verifying MACs (message
authentication codes). Replace multiple HMAC implementation with
a generic one.
|
|
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
|
|
BIRD passed string from configuration to openlog(), which kept it
internally. After reconfiguration the old string was freed, therefore
openlog had invalid copy.
Thanks to Chris Caputo for the original patch.
|
|
|
|
AF can be specified implicitly by saddr or daddr, flags SKF_V4ONLY and
SKF_V6ONLY are to be removed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.
Fixed make doc on recent Debian together with moving generated doc into
objdir.
Moved Makefile.in into root dir
Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
|
|
This patch implements the IPv6 subset of the Babel routing protocol.
Based on the patch from Toke Hoiland-Jorgensen, with some heavy
modifications and bugfixes.
Thanks to Toke Hoiland-Jorgensen for the original patch.
|
|
Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database
at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are
handled automatically on both Linux and FreeBSD.
Based on patches from Pavel Tvrdik.
|
|
|
|
Add option that changes default paths for config file and control socket
to the current working directory.
|
|
In BIRD, RX has lower priority than TX with the exception of RX from
control socket. The patch replaces heuristic based on socket type with
explicit mark and uses it for both control socket and BGP session waiting
to be established.
This should avoid an issue when during heavy load, outgoing connection
could connect (TX event), send open, but then failed to receive OPEN /
establish in time, not sending notifications between and therefore
got hold timer expired error from the neighbor immediately after it
finally established the connection.
|
|
The old linked list implementation used some wild typecasts and required
GCC option -fno-strict-aliasing to work properly. This patch fixes that.
However, we still keep the option due to other potential problems.
(Commited by Ondrej Santiago Zajicek)
|
|
To avoid byzantine behavior in case of some errors, linked lists are
cleared after rem_node() and resource headers are cleared after rfree().
|
|
|
|
... and reworked the hashes a bit. Also added mem_hash function
which just computes a hash of given memory block.
|
|
The patch adds support for channels, structures connecting protocols and
tables and handling most interactions between them. The documentation is
missing yet.
|
|
|
|
|
|
- Remove `u8 src` from net_add_roaX
- Add `u8 max_pxlen` to net_add_roaX
- Add some missing macro and functions for ROA
- Remove ASN from hash function for ROA
Thanks to Ondrej Santiago Zajicek
|
|
|
|
|
