summaryrefslogtreecommitdiff
path: root/lib
AgeCommit message (Collapse)Author
2017-09-06Basic VRF supportOndrej Zajicek (work)
Add basic VRF (virtual routing and forwarding) support. Protocols can be associated with VRFs, such protocols will be restricted to interfaces assigned to the VRF (as reported by Linux kernel) and will use sockets bound to the VRF. E.g., different multihop BGP instances can use diffent kernel routing tables to handle BGP TCP connections. The VRF support is preliminary, currently there are several limitations: - Recent Linux kernels (4.11) do not handle correctly sockets bound to interaces that are part of VRF, so most protocols other than multihop BGP do not work. This will be fixed by future kernel versions. - Neighbor cache ignores VRFs. Breaks config with the same prefix on local interfaces in different VRFs. Not much problem as single hop protocols do not work anyways. - Olock code ignores VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. - Incoming BGP connections are not dispatched according to VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. Perhaps we would need some kernel API to read VRF of incoming connection? Or probably use multiple listening sockets in int-new branch. - We should handle master VRF interface up/down events and perhaps disable associated protocols when VRF goes down. Or at least disable associated interfaces. - Also we should check if the master iface is really VRF iface and not some other kind of master iface. - BFD session request dispatch should be aware of VRFs. - Perhaps kernel protocol should read default kernel table ID from VRF iface so it is not necessary to configure it. - Perhaps we should have per-VRF default table.
2017-05-23Minor cleanups and fixesOndrej Zajicek (work)
2017-05-19Fix type mixing in flowspec formattingOndrej Zajicek (work)
Variable of u64 type was passed to vararg function as uint.
2017-05-17Merge remote-tracking branch 'origin/int-new' into int-newOndrej Zajicek (work)
2017-05-16Linpool: default allocation sizeJan Moskyto Matejka
2017-05-16Merge branch 'master' into int-newOndrej Zajicek (work)
2017-05-16Remove autoconf macros for time_t and alignmentOndrej Zajicek (work)
Replaced by constant compile-time expressions. CPU_STRUCT_ALIGN is not really correct, but is consistent with the old behavior.
2017-04-26Flowspec: Max tcp mask length is 12 bitsOndrej Zajicek (work)
2017-04-26Merge branch 'int-new' of gitlab.labs.nic.cz:labs/bird into int-newJan Moskyto Matejka
2017-04-26Flowspec: split net_format_flowspec into several functionsJan Moskyto Matejka
2017-04-18Check validity of dest w.r.t. net_typeOndrej Zajicek (work)
Allow to define static roa/flow routes without dest.
2017-03-28Simpler format of VPN RDJan Moskyto Matejka
2017-03-22BGP: Support for MPLS labels and VPN SAFIOndrej Zajicek (work)
Basic support for SAFI 4 and 128 (MPLS labeled IP and VPN) for IPv4 and IPv6. Should work for route reflector, but does not properly handle originating routes with next hop self. Based on patches from Jan Matejka.
2017-03-17Nexthop: Fixed recursive route mpls label mergingJan Moskyto Matejka
2017-03-14Minor cleanupsOndrej Zajicek (work)
BTW, 'prefices' is hypercorrection, as 'prefix' is from 'praefixum' with plural 'praefixa'.
2017-03-13Filters: VPN Route Distinguishers, Prefix Type, Docs UpdateJan Moskyto Matejka
2017-03-09Static: Minor overhaulOndrej Zajicek (work)
The patch fixes several bugs introduced in previous changes, simplifies the protocol by handing routes uniformly, introduces asynchronous route processing to avoid issues with separate notifications for each next-hop in ECMP routes, and makes reconfiguration faster by avoiding quadratic complexity.
2017-02-22Merge branch 'int-new' into nexthop-mergedJan Moskyto Matejka
2017-02-20Several minor fixesOndrej Zajicek (work)
2017-02-08Merge branch 'master' into int-newOndrej Zajicek (work)
2016-12-22VPN4 and VPN6 literalsJan Moskyto Matejka
From now on, protocol static accepts VPN4 and VPN6 addressess. With some concerns about VPN6 Route Distinguishers, I finally chose to have the same format as for VPN4 (where it is defined by RFC 4364).
2016-12-22Netlink: MPLS routes in kernelJan Moskyto Matejka
Anyway, Bird is now capable to insert both MPLS routes and MPLS encap routes into kernel. It was (among others) needed to define platform-specific AF_MPLS to 28 as this constant has been assigned in the linux kernel. No support for BSD now, it may be added in the future.
2016-12-22MPLS: added net_addr_mpls variant of net_addrJan Moskyto Matejka
2016-12-13Minor cleanupsOndrej Zajicek (work)
2016-12-07BGP: Add support for flowspec (RFC 5575)Ondrej Zajicek (work)
2016-12-07Client: No need for birdlib functionsOndrej Zajicek (work)
2016-12-07Basic flow specification support (RFC 5575)Ondrej Zajicek (work)
Add flow4/flow6 network and rt-table type and operations, config grammar and static protocol support. Squashed flowspec branch from Pavel Tvrdik.
2016-12-07Merge branch 'int-new-rpki-squashed' (early part) into int-newJan Moskyto Matejka
2016-12-07BGP redesignOndrej Zajicek (work)
Integrated and extensible BGP with generalized AFI handling, support for IPv4+IPv6 AFI and unicast+multicast SAFI.
2016-12-07LibSSH may be switched off together with RPKIJan Moskyto Matejka
2016-12-07Add `.asn' operator to all ROA prefixes in filtersPavel Tvrdik
Example: bird> eval (1.2.0.0/16 max 20 as 1234).asn 1234 Todo: Should be described in user docs
2016-12-07RPKI protocol with one cache server per protocolPavel TvrdĂ­k
The RPKI protocol (RFC 6810) using the RTRLib (http://rpki.realmv6.org/) that is integrated inside the BIRD's code. Implemeted transports are: - unprotected transport over TCP - secure transport over SSHv2 Example configuration of bird.conf: ... roa4 table r4; roa6 table r6; protocol rpki { debug all; # Import both IPv4 and IPv6 ROAs roa4 { table r4; }; roa6 { table r6; }; # Set cache server (validator) address, # overwrite default port 323 remote "rpki-validator.realmv6.org" port 8282; # Overwrite default time intervals retry 10; # Default 600 seconds refresh 60; # Default 3600 seconds expire 600; # Default 7200 seconds } protocol rpki { debug all; # Import only IPv4 routes roa4 { table r4; }; # Set cache server address to localhost, # use default ports tcp => 323 or ssh => 22 remote 127.0.0.1; # Use SSH transport instead of unprotected transport over TCP ssh encryption { bird private key "/home/birdgeek/.ssh/id_rsa"; remote public key "/home/birdgeek/.ssh/known_hosts"; user "birdgeek"; }; } ...
2016-11-25BGP: Fix memory leak in graceful restart codeOndrej Zajicek (work)
Prefix and bucket tables are initialized when entering established state but not explicitly freed when leaving it (that is handled by protocol restart). With graceful restart, BGP may enter and leave established state multiple times without hard protocol restart causing memory leak.
2016-11-16Add lp_strdup function for string duplication on linpoolPavel Tvrdik
2016-11-11Birdtest: Replace BT_SUCCESS and BT_FAILURE with 1 and 0Pavel Tvrdik
2016-11-09 Unit Testing for BIRDOndrej Zajicek (work)
- Unit Testing Framework (BirdTest) - Integration of BirdTest into the BIRD build system - Tests for several BIRD modules Based on squashed Pavel Tvrdik's int-test branch, updated for current int-new branch.
2016-11-08Merge branch 'master' into int-newOndrej Zajicek (work)
2016-11-08Minor code cleanupsOndrej Zajicek (work)
2016-11-08Merge tag 'v1.6.2' into int-newOndrej Zajicek (work)
2016-11-03Add missing externOndrej Zajicek (work)
2016-11-02RIP: Use message authentication interfaceOndrej Zajicek (work)
Based on former commit from Pavel Tvrdik
2016-11-02Add generic message authentication interfaceOndrej Zajicek (work)
Add generic interface for generating and verifying MACs (message authentication codes). Replace multiple HMAC implementation with a generic one.
2016-11-01Build: switch on -Wextra, get rid of most of the warningsJan Moskyto Matejka
There are several unresolved -Wmissing-field-initializers on older versions of GCC than 5.1, all of them false positive.
2016-11-01Log: Fix broken syslog nameOndrej Zajicek (work)
BIRD passed string from configuration to openlog(), which kept it internally. After reconfiguration the old string was freed, therefore openlog had invalid copy. Thanks to Chris Caputo for the original patch.
2016-08-16Whitespace fixesPavel Tvrdik
2016-05-17IO: Minor changes in socket AF handingOndrej Zajicek (work)
AF can be specified implicitly by saddr or daddr, flags SKF_V4ONLY and SKF_V6ONLY are to be removed.
2016-05-13Merge branch 'int-new' of gitlab.labs.nic.cz:labs/bird into int-newJan Moskyto Matejka
2016-05-13Hash: Fix of previous commitJan Moskyto Matejka
2016-05-12Merge branch 'master' into int-newOndrej Zajicek (work)
2016-05-12Make int-new compilable againOndrej Zajicek (work)