Age | Commit message (Collapse) | Author |
|
|
|
Covers IPv4/VPNv4 routes with IPv6 next hop (RFC 5549), IPv6 routes with
IPv4 next hop (RFC 4798) and VPNv6 routes with IPv4 next hop (RFC 4659).
Unfortunately it also makes next hop hooks more messy.
Each BGP channel now could have two IGP tables, one for IPv4 next hops,
the other for IPv6 next hops.
|
|
|
|
Basic support for SAFI 4 and 128 (MPLS labeled IP and VPN) for IPv4 and
IPv6. Should work for route reflector, but does not properly handle
originating routes with next hop self.
Based on patches from Jan Matejka.
|
|
|
|
|
|
|
|
The patch fixes several bugs introduced in previous changes, simplifies
the protocol by handing routes uniformly, introduces asynchronous route
processing to avoid issues with separate notifications for each next-hop
in ECMP routes, and makes reconfiguration faster by avoiding quadratic
complexity.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Mostly capability signalling
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Dropped struct mpnh and mpnh_*()
Now struct nexthop exists, nexthop_*(), and also included struct nexthop
into struct rta.
Also converted RTD_DEVICE and RTD_ROUTER to RTD_UNICAST. If it is needed
to distinguish between these two cases, RTD_DEVICE is equivalent to
IPA_ZERO(a->nh.gw), RTD_ROUTER is then IPA_NONZERO(a->nh.gw).
From now on, we also explicitely want C99 compatible compiler. We assume
that this 20-year norm should be known almost everywhere.
|
|
|
|
The variable nfa is not cleaned before each loop iteration and can have
a wrong value of nfa.nhs_reuse from the previous step.
Thanks to Bernardo Figueiredo for the bugreport and analysis.
|
|
|
|
Stubnet nodes in OSPF FIB were removed during rt_sync(), but the pointer
remained in top_hash_entry.nf, so net-summary LSA origination was
confused, reported 'LSA ID collision' and net-summary LSAs were not
originated properly.
Thanks to Naveen Chowdary Yerramneni for bugreport and analysis.
|
|
|
|
|
|
|
|
|
|
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
|
|
|
|
|
|
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
|
|
Prefix and bucket tables are initialized when entering established state
but not explicitly freed when leaving it (that is handled by protocol
restart). With graceful restart, BGP may enter and leave established
state multiple times without hard protocol restart causing memory leak.
|
|
Commit 3c09af41... changed behavior of int_set_add() from prepend to
append, which makes more sense for community list, but prepend must be
used for cluster list. Add int_set_prepend() and use it in cluster list
handling code.
|
|
- Unit Testing Framework (BirdTest)
- Integration of BirdTest into the BIRD build system
- Tests for several BIRD modules
Based on squashed Pavel Tvrdik's int-test branch, updated for
current int-new branch.
|
|
|
|
|
|
|
|
Implement BFD authentication (part of RFC 5880). Supports plaintext
passwords and cryptographic MD5 / SHA-1 authentication.
Based on former commit from Pavel Tvrdik
|
|
Based on former commit from Pavel Tvrdik
|
|
Based on former commit from Pavel Tvrdik
|
|
|
|
Add generic interface for generating and verifying MACs (message
authentication codes). Replace multiple HMAC implementation with
a generic one.
|
|
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
|
|
|
|
Add support for large communities (draft-ietf-idr-large-community),
96bit alternative to RFC 1997 communities.
Thanks to Matt Griswold for the original patch.
|