summaryrefslogtreecommitdiff
path: root/proto/bgp
AgeCommit message (Collapse)Author
2022-07-12BGP: Minor improvements to BGP rolesOndrej Zajicek
Add support for bgp_otc in filters and warning for configuration inside confederations.
2022-07-11BGP: Implement BGP rolesEugene Bogomazov
Implement BGP roles as described in RFC 9234. It is a mechanism for route leak prevention and automatic route filtering based on common BGP topology relationships. It defines role capability (controlled by 'local role' option) and OTC route attribute, which is used for automatic route filtering and leak detection. Minor changes done by commiter.
2022-06-27Preexport callback now takes the channel instead of protocol as argumentMaria Matejka
Passing protocol to preexport was in fact a historical relic from the old times when channels weren't a thing. Refactoring that to match current extensibility needs.
2022-05-21BGP: Display neighbor port on show protocolOndrej Zajicek
2022-05-15BGP: Improve tx performance during feed/flushOndrej Zajicek
The prefix hash table in BGP used the same hash function as the rtable. When a batch of routes are exported during feed/flush to the BGP, they all have similar hash values, so they are all crowded in a few slots in the BGP prefix table (which is much smaller - around the size of the batch - and uses higher bits from hash values), making it much slower due to excessive collisions. Use a different hash function to avoid this. Also, increase the batch size to fill 4k BGP packets and increase minimum BGP bucket and prefix hash sizes to avoid back and forth resizing during flushes. This leads to order of magnitude faster flushes (on my test data).
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-01-28BGP: Make routing loops silentOndrej Zajicek (work)
One of previous commits added error logging of invalid routes. This also inadvertently caused error logging of route loops, which should be ignored silently. Fix that.
2022-01-28BGP: Use proper class in attribute error messagesOndrej Zajicek (work)
Most error messages in attribute processing are in rx/decode step and these use L_REMOTE log class. But there are few that are in tx/export step and these should use L_ERR log class. Use tx-specific macro (REJECT()) in tx/export code and rename field err_withdraw to err_reject in struct bgp_export_state to ensure that appropriate error reporting macros are called in proper contexts.
2022-01-28BGP: Improve 'invalid next hop' error reportingOndrej Zajicek (work)
Distinguish multiple causes of 'invalid next hop' message and report the relevant next hop address. Thanks to Simon Ruderich for the original patch.
2022-01-24BGP: Log route updates that were changed to withdrawsOndrej Zajicek (work)
Typical BGP error handling is treat-as-withdraw, where an invalid route is replaced with a withdraw. Log route network when it happens.
2022-01-09BGP: Add option 'free bind'Ondrej Zajicek (work)
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND socket option for the BGP listening socket. Thanks to Alexander Zubkov for the idea.
2021-06-01BGP: Ensure that freed neighbor entry is not accessedOndrej Zajicek (work)
Routes from downed protocols stay in rtable (until next rtable prune cycle ends) and may be even exported to another protocol. In BGP case, source BGP protocol is examined, although dynamic parts (including neighbor entries) are already freed. That may lead to crash under some race conditions. Ensure that freed neighbor entry is not accessed to avoid this issue.
2021-03-30BGP: Do not keep BAF_EXT_LEN flag internallyOndrej Zajicek (work)
The flag makes sense just in external representation. It is reset during BGP export, but keeping it internally broke MRT dumps for short attributes that used it anyways. Thanks to Simon Marsh for the bugreport and the patch.
2021-03-18BGP: Do not show statisticsOndrej Zajicek (work)
BGP statistics code was preliminary and i wanted to replace it by separate 'show X stats' command. The patch hides the preliminary output in 'show protocols all' so it is not part of the released version.
2021-02-10BGP: Add support for BGP hostname capabilityVincent Bernat
This is an implementation of draft-walton-bgp-hostname-capability-02. It is implemented since quite some time for FRR and in datacenter, this gives a nice output to avoid using IP addresses. It is disabled by default. The hostname is retrieved from uname(2) and can be overriden with "hostname" option. The domain name is never set nor displayed. Minor changes by committer.
2021-01-12MRT: Fix IPv6 table dumpsOndrej Zajicek (work)
Add fake MP_REACH_NLRI attribute with BGP next hop when encoding MRT table dumps for IPv6 routes. That is necessary to encode next hop as NEXT_HOP attribute is not used for MP-BGP. Thanks to Santiago Aggio for the bugreport.
2021-01-06BGP: Deprecate 'missing lladdr' optionOndrej Zajicek (work)
The option is not implemented since transition to 2.0 and no plan to add it. Also remove some deprecated RTS_* valus from documentation. Thanks to Sébastien Parisot for notification.
2020-11-25BGP: Zero the newly allocated bucket structureOndrej Zajicek (work)
This fixes an issue with dirty node passed to add_tail(). Thanks to Andreas Rammhold for the initial patch.
2020-11-24Some minor sl_allocz() cleanupsOndrej Zajicek (work)
2020-11-12BFD: Better handling of BFD options in BGP configsOndrej Zajicek (work)
Merge multiple BFD option blocks in BGP configs instead of using the last one. That is necessary for proper handling of templates when BFD options are used both in a BGP template and in a BGP protocol derived from that template.
2020-11-08BFD: Allow per-request session optionsOndrej Zajicek (work)
BFD session options are configured per interface in BFD protocol. This patch allows to specify them also per-request in protocols requesting sessions (currently limited to BGP).
2020-05-01Merge remote-tracking branch 'origin/mq-static-analysis'Maria Matejka
2020-05-01Nest: Added const to ea_show just to declare that this shouldn't really ↵Maria Matejka
change anything
2020-04-29BGP: Fix handling of strange IPv6 link-local-only next hopsOndrej Zajicek (work)
There are three common ways how to encode IPv6 link-local-only next hops: (:: ll), (ll), and (ll ll). We use the first one but we should accept all three. The patch fixes handling of the last one. Thanks to Sebastian Hahn for the bugreport.
2020-04-28Not calling memcpy with n=0.Maria Matejka
2020-04-15BGP: Fix handling of 16bit-only ASN translationNasato Goto
The bug generated invalid AGGREGATOR attribute during translation of 32bit ASN to 16bit-only BGP peer. The patch fixes that.
2020-04-09Configuration strings are constant.Maria Matejka
This is merely a const propagation. There was no problem in there.
2020-03-03BGP: Handle flowspec rules without dst partOndrej Zajicek (work)
The RFC 5575 does not explicitly reject flowspec rules without dst part, it just requires dst part in validation procedure for feasibility, which we do not implement anyway. Thus flow without dst prefix is syntactically valid, but unfeasible (if feasibilty testing is done). Thanks to Alex D. for the bugreport.
2020-02-27BGP: Support for MD5SIG together with remote rangeOndrej Zajicek (work)
When dynamic BGP with remote range is configured, MD5SIG needs to use newer socket option (TCP_MD5SIG_EXT) to specify remote addres range for listening socket. Thanks to Adam Kułagowski for the suggestion.
2019-12-03BGP: Add some statisticsOndrej Zajicek (work)
Add some statistic counters to BGP consistent with BGP MIB (RFC 4273), including persistent 'FSM established transitions'.
2019-11-18BGP: Fix processing of IPv6 FlowspecOndrej Zajicek (work)
During NLRI parsing of IPv6 Flowspec, dst prefix was not properly extracted from NLRI, therefore a received flow was stored in a different position in flowspec routing table, and was not reachable by command 'show route <flow>'. Add proper prefix part accessors to flowspec code and use them from BGP NLRI parsing code. Thanks to Alex D. for the bugreport.
2019-11-10BGP: Add option to enforce first AS in AS_PATHOndrej Zajicek (work)
This is optional check described in RFC 4271. Although this can be also done by filters, it is widely implemented option in BGP implementations. Thanks to Eugene Bogomazov for the original patch.
2019-11-04BGP: Add option to reject AS_SETsOndrej Zajicek (work)
There is a pending draft to make them obsolete
2019-10-26BGP: RFC 8654 got releasedOndrej Zajicek (work)
2019-10-24BGP: Fix handling of transitive extended communitiesOndrej Zajicek (work)
Transitive extended communities should be removed on external sessions, the old code them in all cases. Thanks to Jean-Daniel Pauget for the original patch.
2019-10-10BGP: Fix reconfiguration with import tableOndrej Zajicek (work)
Change of some options requires route refresh, but when import table is active, channel reload is done from it instead of doing full route refresh. So in this case we request it internally.
2019-10-09BGP: AIGP metric support (RFC 7311)Ondrej Zajicek (work)
2019-09-17BGP: Fix setup with multiple dynamic BGP rangesOndrej Zajicek (work)
Based on a patch from Liam Nattrass, thanks.
2019-09-09BGP: Fix handling of bgp_aggregator atttributeOndrej Zajicek (work)
The attribute should not be modifiable by filters as we do not support its type.
2019-09-09BGP: Fix bugs in handling of shutdown messagesOndrej Zajicek (work)
There is an improper check for valid message size, which may lead to stack overflow and buffer leaks to log when a large message is received. Thanks to Daniel McCarney for bugreport and analysis.
2019-08-21BGP: Use reallocation for capability structureOndrej Zajicek (work)
Instead of having large stack buffer for max amount of AFI/SAFI pairs. The old code is not correct w.r.t. extendeded option length, as more AFI/SAFI pairs may fit into the capability option.
2019-08-20BGP: Implement extended optional parameters lengthOndrej Zajicek (work)
Extends BGP options/capabilities data length to 16bit, to avoid issues with too many capabilities. See draft-ietf-idr-ext-opt-param-07
2019-08-14BGP: implement Adj-RIB-OutOndrej Zajicek (work)
The patch implements optional internal export table to a channel and hooks it to BGP so it can be used as Adj-RIB-Out. When enabled, all exported (post-filtered) routes are stored there. An export table can be examined using e.g. 'show route export table bgp1.ipv4'.
2019-08-06BGP: Improve reconfigurationOndrej Zajicek (work)
Several BGP channel options (including 'next hop self') could be reconfigured without session reset, with just route refeed/refresh. The patch improves reconfiguration code to do it that way.
2019-08-06BGP: Fix 'deterministic med' to work with 'merge paths'Ondrej Zajicek (work)
The 'deterministic med' option is implemented by suppressing other than best-in-group routes (grouped by ASN) from best route selection. This interferes with 'merge paths' as supressed routes are no longer mergable with best route. This is fixed by suppressing only those routes that are not mergable with best-in-group route.
2019-07-24Merge remote-tracking branch 'origin/mq-filter-stack'Ondrej Zajicek (work)
2019-07-23RPKI: Fix reconfiguration when ssh parameters are undefinedOndrej Zajicek (work)
2019-07-17BFD: Support for VRFsOndrej Zajicek (work)
Allow multiple BFD instances in separate VRFs, dispatch BFD requests according to VRFs. Thanks to Alexander Zubkov for notice and patches.
2019-07-03Merge branch 'master' into mq-filter-stackMaria Matejka