summaryrefslogtreecommitdiff
path: root/proto
AgeCommit message (Collapse)Author
2022-05-04Attribute list normalization cleanupMaria Matejka
2022-05-04Complex route attributes are data structures, shall be in lib alsoMaria Matejka
2022-05-04Splitting route data structures out to libMaria Matejka
2022-05-04Unified attribute and filter typesMaria Matejka
This commit removes the EAF_TYPE_* namespace completely and also for route attributes, filter-based types T_* are used. This simplifies fetching and setting route attributes from filters. Also, there is now union bval which serves as an universal value holder instead of private unions held separately by eattr and filter code.
2022-05-04Opaque types are named opaque also in filtersMaria Matejka
2022-05-04Special attribute types for enumsMaria Matejka
2022-04-13RIP: fixed the EA_RIP_FROM attributeMaria Matejka
The interface pointer was improperly converted to u32 and back. Fixing this by explicitly allocating an adata structure for it. It's not so memory efficient, we'll optimize this later.
2022-04-06BGP uses lp_save / lp_restore instead of linpool flushingMaria Matejka
It is too cryptic to flush tmp_linpool in these cases and we don't want anybody in the future to break this code by adding an allocation somewhere which should persist over that flush. Saving and restoring linpool state is safer.
2022-04-06All linpools use pages to allocate regular blocksMaria Matejka
2022-04-06BGP: Fixed LLGR depreferencing in bgp_rte_mergableMaria Matejka
2022-04-06Protocols have their own explicit init routinesMaria Matejka
2022-04-06Unsetting route attributes without messing with type systemMaria Matejka
2022-04-06Eattr flags (originated and fresh) get their own struct fieldsMaria Matejka
2022-04-06Slab allocator can free the blocks without knowing the parent structureMaria Matejka
2022-03-09Merge commit '60880b539b8886f76961125d89a265c6e1112b7a' into haugesundMaria Matejka
2022-03-09BGP Flowspec validation: Removed in-route optimization for multithreading ↵Maria Matejka
compatibility
2022-03-09Merge commit 'e42eedb9' into haugesundMaria Matejka
2022-03-09Merge commit '5cff1d5f' into haugesundMaria Matejka
Conflicts: proto/bgp/attrs.c proto/pipe/pipe.c
2022-03-09Merge commit 'd5a32563' into haugesundMaria Matejka
2022-03-09Merge commit '0c59f7ff' into haugesundMaria Matejka
2022-03-02Replacing BGP temporary linpools by the common temporary linpoolMaria Matejka
2022-03-02Introducing an universal temporary linpool flushed after every taskMaria Matejka
2022-03-02Merge commit '2c13759136951ef0e70a3e3c2b2d3c9a387f7ed9' into haugesundMaria Matejka
2022-02-27Babel: Fix bug in iface reconfigurationOndrej Zajicek (work)
A recent change in Babel causes ifaces to disappear after reconfiguration. The patch fixes that. Thanks to Johannes Kimmel for an insightful bugreport.
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-06Nest: Attach prefix trie to rtable for faster LPM and interval queriesOndrej Zajicek (work)
Attach a prefix trie to IP/VPN/ROA tables. Use it for net_route() and net_roa_check(). This leads to 3-5x speedups for IPv4 and 5-10x speedup for IPv6 of these calls. TODO: - Rebuild the trie during rt_prune_table() - Better way to avoid trie_add_prefix() in net_get() for existing tables - Make it configurable (?)
2022-01-28BGP: Make routing loops silentOndrej Zajicek (work)
One of previous commits added error logging of invalid routes. This also inadvertently caused error logging of route loops, which should be ignored silently. Fix that.
2022-01-28BGP: Use proper class in attribute error messagesOndrej Zajicek (work)
Most error messages in attribute processing are in rx/decode step and these use L_REMOTE log class. But there are few that are in tx/export step and these should use L_ERR log class. Use tx-specific macro (REJECT()) in tx/export code and rename field err_withdraw to err_reject in struct bgp_export_state to ensure that appropriate error reporting macros are called in proper contexts.
2022-01-28BGP: Improve 'invalid next hop' error reportingOndrej Zajicek (work)
Distinguish multiple causes of 'invalid next hop' message and report the relevant next hop address. Thanks to Simon Ruderich for the original patch.
2022-01-24BGP: Log route updates that were changed to withdrawsOndrej Zajicek (work)
Typical BGP error handling is treat-as-withdraw, where an invalid route is replaced with a withdraw. Log route network when it happens.
2022-01-09BGP: Add option 'free bind'Ondrej Zajicek (work)
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND socket option for the BGP listening socket. Thanks to Alexander Zubkov for the idea.
2021-12-18RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handlerJob Snijders
RFC 6810 and RFC 8210 specify that the "Max Length" value MUST NOT be less than the Prefix Length element (underflow). On the other side, overflow of the Max Length element also is possible, it being an 8-bit unsigned integer allows for values larger than 32 or 128. This also implicitly ensures there is no overflow of "Length" value. When a PDU is received where the Max Length field is corrputed, the RTR client (BIRD) should immediately terminate the session, flush all data learned from that cache, and log an error for the operator. Minor changes done by commiter.
2021-10-13Route: moved rte_src pointer from rta to rteMaria Matejka
It is an auxiliary key in the routing table, not a route attribute.
2021-10-13Preexport: No route modification, no linpool neededMaria Matejka
2021-10-13RIP fixup + dropping the tmp_attrs mechanism as obsoleteMaria Matejka
2021-10-13Dropping the RTS_DUMMY temporary route storage.Maria Matejka
Kernel route sync is done by other ways now and this code is not used currently.
2021-10-13Preference moved to RTA and set explicitly in protocolsMaria Matejka
2021-10-13BGP: Moved the suppressed and stale flags to pflagsMaria Matejka
2021-10-13Babel: Convert the rte-local attributes to extended attributesMaria Matejka
2021-10-13OSPF: Convert the rte-local attributes to extended attributesMaria Matejka
2021-10-13RIP: convert the rte-local attributes to extended attributesMaria Matejka
2021-10-13IGP metric getter refactoring to protocol callbackMaria Matejka
Direct protocol hooks for IGP metric inside nest/rt-table.c make the protocol API unnecessarily complex. Instead, we use a proper callback.
2021-10-13OSPF: explicitly stop the periodic tick on shutdown to avoid recalculation racesMaria Matejka
2021-09-10OSPF: Setting a list node NULL before useMaria Matejka
2021-09-10Nest: Clean up main channel handlingOndrej Zajicek (work)
Remove assumption that main channel is the only channel.
2021-06-17Nest: Clean up main channel handlingOndrej Zajicek (work)
Remove assumption that main channel is the only channel.
2021-06-09Babel: Simplify auth expirationOndrej Zajicek (work)
Just use hello_expiry for that, keep init_expiry for initial unauthentized neighbors.
2021-06-06Babel: Add MAC authentication support - updateOndrej Zajicek (work)
Some cleanups and bugfixes to the previous patch, including: - Fix rate limiting in index mismatch check - Fix missing BABEL_AUTH_INDEX_LEN in auth_tx_overhead computation - Fix missing auth_tx_overhead recalculation during reconfiguration - Fix pseudoheader construction in babel_auth_sign() (sport vs fport) - Fix typecasts for ptrdiffs in log messages - Make auth log messages similar to corresponding RIP/OSPF ones - Change auth log messages for events that happen during regular operation to debug messages - Switch meaning of babel_auth_check*() functions for consistency with corresponding RIP/OSPF ones - Remove requirement for min/max key length, only those required by given MAC code are enforced
2021-06-06Babel: Add MAC authentication supportToke Høiland-Jørgensen
This implements support for MAC authentication in the Babel protocol, as specified by RFC 8967. The implementation seeks to follow the RFC as close as possible, with the only deliberate deviation being the addition of support for all the HMAC algorithms already supported by Bird, as well as the Blake2b variant of the Blake algorithm. For description of applicability, assumptions and security properties, see RFC 8967 sections 1.1 and 1.2.