summaryrefslogtreecommitdiff
path: root/nest
AgeCommit message (Collapse)Author
2022-03-09Merge commit '60880b539b8886f76961125d89a265c6e1112b7a' into haugesundMaria Matejka
2022-03-09BGP Flowspec validation: Removed in-route optimization for multithreading ↵Maria Matejka
compatibility
2022-03-09Merge commit 'e42eedb9' into haugesundMaria Matejka
2022-03-09Merge commit '5cff1d5f' into haugesundMaria Matejka
Conflicts: proto/bgp/attrs.c proto/pipe/pipe.c
2022-03-09Merge commit 'd5a32563' into haugesundMaria Matejka
2022-03-09Fixed resource initialization in unit testsMaria Matejka
2022-03-09Single-threaded version of sark-branch memory page managementMaria Matejka
2022-03-02Replaced custom linpools in tests for the common tmp_linpoolMaria Matejka
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06Nest: Implement locking of prefix tries during walksOndrej Zajicek (work)
The prune loop may may rebuild the prefix trie and therefore invalidate walk state for asynchronous walks (used in 'show route in' cmd). Fix it by adding locking that keeps the old trie in memory until current walks are done. In future this could be improved by rebuilding trie walk states (by lookup for last found prefix) after the prefix trie rebuild.
2022-02-06Nest: Implement prefix trie pruningOndrej Zajicek (work)
When rtable is pruned and network fib nodes are removed, we also need to prune prefix trie. Unfortunately, rebuilding prefix trie takes long time (got about 400 ms for 1M networks), so must not be atomic, we have to rebuild a new trie while current one is still active. That may require some considerable amount of temporary memory, so we do that only if we expect significant trie size reduction.
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-06Nest: Add routing table configuration blocksOndrej Zajicek (work)
Allow to specify sorted flag, trie fla, and min/max settle time. Also do not enable trie by default, it must be explicitly enabled.
2022-02-06Nest: Add convenience functions to check rtable net typeOndrej Zajicek (work)
2022-02-06Nest: Avoid unnecessary net_format() in 'show route' commandOndrej Zajicek (work)
When output of 'show route' command was generated, the net_format() was called for each network prematurely, even if the result was not needed. Fix the code to call net_format() only when needed. This makes queries that process many networks but show only few (e.g. 'show route where ..', or 'show route count') much faster (like 5x - 10x faster).
2022-02-06Nest: Add trie iteration code to 'show route'Ondrej Zajicek (work)
Add trie iteration code to rt_show_cont() CLI hook and use it to accelerate 'show route in <addr>' commands using interval queries.
2022-02-06Nest: Implement 'show route in <addr>' commandOndrej Zajicek (work)
Implement 'show route in <addr>' command, which shows all routes in networks that are subnets of given network. Currently limited to IP network types.
2022-02-06Nest: Attach prefix trie to rtable for faster LPM and interval queriesOndrej Zajicek (work)
Attach a prefix trie to IP/VPN/ROA tables. Use it for net_route() and net_roa_check(). This leads to 3-5x speedups for IPv4 and 5-10x speedup for IPv6 of these calls. TODO: - Rebuild the trie during rt_prune_table() - Better way to avoid trie_add_prefix() in net_get() for existing tables - Make it configurable (?)
2021-12-28Filter: Add operators to find minimum and maximum element of setsAlexander Zubkov
Add operators .min and .max to find minumum or maximum element in sets of types: clist, eclist, lclist. Example usage: bgp_community.min bgp_ext_community.max filter(bgp_large_community, [(as1, as2, *)]).min Signed-off-by: Alexander Zubkov <green@qrator.net>
2021-12-18Nest: Do not ignore secondary flag changes in ifa updatesOndrej Zajicek (work)
Compare all IA_* flags that are set by sysdep iface code. The old code ignores IA_SECONDARY flag when comparing whether iface address updates from kernel changed anything. This is usually not an issue as kernel removes all secondary addresses due to removal of the primary one, but it breaks when sysctl 'promote_secondaries' is enabled and kernel promotes secondary addresses to primary ones. Thanks to 'Alexander' for the bugreport.
2021-11-27Memory statistics split into Effective and OverheadMaria Matejka
This feature is intended mostly for checking that BIRD's allocation strategies don't consume much memory space. There are some cases where withdrawing routes in a specific order lead to memory fragmentation and this output should give the user at least a notion of how much memory is actually used for data storage and how much memory is "just allocated" or used for overhead. Also raising the "system allocator overhead estimation" from 8 to 16 bytes; it is probably even more. I've found 16 as a local minimum in best scenarios among reachable machines. I couldn't find any reasonable method to estimate this value when BIRD starts up. This commit also fixes the inaccurate computation of memory overhead for slabs where the "system allocater overhead estimation" was improperly added to the size of mmap-ed memory.
2021-11-24Directly mapped pages are kept for future use if temporarily not neededMaria Matejka
2021-11-09Extended route trace: logging Path IdentifiersMaria Matejka
2021-10-13Dropping the unused rte_same hookMaria Matejka
2021-10-13Dropping rte-local dumper entriesMaria Matejka
2021-10-13Kernel: Convert the rte-local attributes to extended attributes and flags to ↵Maria Matejka
pflags
2021-10-13Route: moved rte_src pointer from rta to rteMaria Matejka
It is an auxiliary key in the routing table, not a route attribute.
2021-10-13Preexport: No route modification, no linpool neededMaria Matejka
2021-10-13RIP fixup + dropping the tmp_attrs mechanism as obsoleteMaria Matejka
2021-10-13Dropping the RTS_DUMMY temporary route storage.Maria Matejka
Kernel route sync is done by other ways now and this code is not used currently.
2021-10-13Preference moved to RTA and set explicitly in protocolsMaria Matejka
2021-10-13Export table: Delay freeing of old stored route.Maria Matejka
This is needed to provide the protocols the full old route after filters when export table is enabled.
2021-10-13BGP: Moved the suppressed and stale flags to pflagsMaria Matejka
2021-10-13Babel: Convert the rte-local attributes to extended attributesMaria Matejka
2021-10-13There may be a symbol with NULL protocol when reconfiguringMaria Matejka
2021-10-13OSPF: Convert the rte-local attributes to extended attributesMaria Matejka
2021-10-13Show route may be accidentally called on shutdown also when not all default ↵Maria Matejka
tables are present
2021-10-13RIP: convert the rte-local attributes to extended attributesMaria Matejka
2021-10-13Extended route attributes may include also pointersMaria Matejka
2021-10-13IGP metric getter refactoring to protocol callbackMaria Matejka
Direct protocol hooks for IGP metric inside nest/rt-table.c make the protocol API unnecessarily complex. Instead, we use a proper callback.
2021-09-10Nest: Clean up main channel handlingOndrej Zajicek (work)
Remove assumption that main channel is the only channel.
2021-06-17Nest: Clean up main channel handlingOndrej Zajicek (work)
Remove assumption that main channel is the only channel.
2021-06-14Nest: Fix export of tmpattrs through pipesOndrej Zajicek (work)
Pipes copy the original rte with old values, so they require rte to be exported with stored tmpattrs. Other protocols access stored attributes using eattr list, so they require rte to be exported with expanded tmpattrs. This is temporary hack, we plan to remove whoe tmpattr mechanism. Thanks to Paul Donohue for the bugreport.
2021-06-14Revert "Nest: Fix export of tmpattrs through pipes"Ondrej Zajicek (work)
This reverts commit f8e273b5e7a3c721f4a30cf27a0b4fe54602e83f.
2021-06-14Nest: Fix export of tmpattrs through pipesOndrej Zajicek (work)
In most cases of export there is no need to store back temporary attributes to rte, as receivers (protocols) access eattr list anyway. But pipe copies the original rte with old values, so we should store tmpattrs also during export. Thanks to Paul Donohue for the bugreport.
2021-06-09Nest: Allow both 'password' and 'key' keywords for authentication keysOndrej Zajicek (work)
2021-06-06Nest: Fix password list parsing codeOndrej Zajicek (work)
One of previous patches broke password list parsing code, fix that.
2021-06-06Nest: Allow MAC algorithms to specify min/max key lengthToke Høiland-Jørgensen
Add min/max key length fields to the MAC algorithm description and validate configured keys before they are used.
2021-06-06Nest: Allow specifying security keys as hex bytes as well as stringsToke Høiland-Jørgensen
Add support for specifying a password in hexadecimal format, The result is the same whether a password is specified as a quoted string or a hex-encoded byte string, this just makes it more convenient to input high-entropy byte strings as MAC keys.
2021-06-06Lib: Add Blake2s and Blake2b hash functionsToke Høiland-Jørgensen
The Babel MAC authentication RFC recommends implementing Blake2s as one of the supported algorithms. In order to achieve do this, add the blake2b and blake2s hash functions for MAC authentication. The hashing function implementations are the reference implementations from blake2.net. The Blake2 algorithms allow specifying an arbitrary output size, and the Babel MAC spec says to implement Blake2s with 128-bit output. To satisfy this, we add two different variants of each of the algorithms, one using the default size (256 bits for Blake2s, 512 bits for Blake2b), and one using half the default output size. Update to BIRD coding style done by committer.