summaryrefslogtreecommitdiff
path: root/proto
AgeCommit message (Collapse)Author
2022-07-24Merge branch 'master' into backportOndrej Zajicek
2022-07-12BGP: Minor improvements to BGP rolesOndrej Zajicek
Add support for bgp_otc in filters and warning for configuration inside confederations.
2022-07-11BGP: Implement BGP rolesEugene Bogomazov
Implement BGP roles as described in RFC 9234. It is a mechanism for route leak prevention and automatic route filtering based on common BGP topology relationships. It defines role capability (controlled by 'local role' option) and OTC route attribute, which is used for automatic route filtering and leak detection. Minor changes done by commiter.
2022-07-11Merge remote-tracking branch 'origin/master' into backportMaria Matejka
2022-07-11Merge commit 'beb5f78a' into backportMaria Matejka
2022-07-10Merge version 2.0.10 into backportMaria Matejka
2022-06-27Filter: Improve handling of stack frames in filter bytecodeOndrej Zajicek (work)
When f_line is done, we have to pop the stack frame. The old code just removed nominal number of args/vars. Change it to use stored ventry value modified by number of returned values. This allows to allocate variables on a stack frame during execution of f_lines instead of just at start. But we need to know the number of returned values for a f_line. It is 1 for term, 0 for cmd. Store that to f_line during linearization.
2022-06-27Preexport callback now takes the channel instead of protocol as argumentMaria Matejka
Passing protocol to preexport was in fact a historical relic from the old times when channels weren't a thing. Refactoring that to match current extensibility needs.
2022-06-05Babel: Do not try to remove multicast seqno request objects from neighbour listOndrej Zajicek
The Babel seqno request code keeps track of which seqno requests are outstanding for a neighbour by putting them onto a per-neighbour list. When reusing a seqno request, it will try to remove this node, but if the seqno request in question was a multicast request with no neighbour attached this will result in a crash because it tries to remove a list node that wasn't added to any list. Fix this by making the list remove conditional. Also fix neighbor removal which were changing seqno requests to multicast ones instead of removing them. Fixes: ebd5751cdeb4 ("Babel: Seqno requests are properly decoupled from neighbors when the underlying interface disappears"). Based on the patch from Toke Høiland-Jørgensen <toke@toke.dk>, bug reported by Stefan Haller <stefan.haller@stha.de>, thanks.
2022-05-30Merge remote-tracking branch 'origin/master' into haugesund-to-2.0Maria Matejka
2022-05-30Merge commit '692055e3df6cc9f0d428d3b0dd8cdd8e825eb6f4' into haugesund-to-2.0Maria Matejka
2022-05-21BGP: Display neighbor port on show protocolOndrej Zajicek
2022-05-21RPKI: Display cache server port on show protocolOndrej Zajicek
Thanks to Luiz Amaral for the idea.
2022-05-19RPKI: Implement VRF supportLuiz Amaral
2022-05-15BGP: Improve tx performance during feed/flushOndrej Zajicek
The prefix hash table in BGP used the same hash function as the rtable. When a batch of routes are exported during feed/flush to the BGP, they all have similar hash values, so they are all crowded in a few slots in the BGP prefix table (which is much smaller - around the size of the batch - and uses higher bits from hash values), making it much slower due to excessive collisions. Use a different hash function to avoid this. Also, increase the batch size to fill 4k BGP packets and increase minimum BGP bucket and prefix hash sizes to avoid back and forth resizing during flushes. This leads to order of magnitude faster flushes (on my test data).
2022-04-22Babel: Fix compilation when LOCAL_DEBUG is set in packets.cToke Høiland-Jørgensen
The debug output was not updated with the rest of the code, so packets.c fails to compile if LOCAL_DEBUG is set.
2022-04-22Babel: Send out low-interval hello on shutdownToke Høiland-Jørgensen
When shutting down a Babel instance we send a wildcard retraction to make sure all peers can quickly switch to other route origins. Add another small optimisation borrowed from babeld: sending a Hello message (along with the retraction) with a very low interval. This will cause neighbours to modify their expiry timers for the node's state to quickly time it out, thus conserving resources in the network.
2022-04-13RIP: fixed the EA_RIP_FROM attributeMaria Matejka
The interface pointer was improperly converted to u32 and back. Fixing this by explicitly allocating an adata structure for it. It's not so memory efficient, we'll optimize this later.
2022-04-07BFD: Add 'strict bind' optionOndrej Zajicek (work)
Add BFD protocol option 'strict bind' to use separate listening socket for each BFD interface bound to its address instead of using shared listening sockets.
2022-04-06BGP uses lp_save / lp_restore instead of linpool flushingMaria Matejka
It is too cryptic to flush tmp_linpool in these cases and we don't want anybody in the future to break this code by adding an allocation somewhere which should persist over that flush. Saving and restoring linpool state is safer.
2022-04-06All linpools use pages to allocate regular blocksMaria Matejka
2022-04-06BGP: Fixed LLGR depreferencing in bgp_rte_mergableMaria Matejka
2022-04-06Protocols have their own explicit init routinesMaria Matejka
2022-04-06Unsetting route attributes without messing with type systemMaria Matejka
2022-04-06Eattr flags (originated and fresh) get their own struct fieldsMaria Matejka
2022-04-06Slab allocator can free the blocks without knowing the parent structureMaria Matejka
2022-03-09Merge commit '60880b539b8886f76961125d89a265c6e1112b7a' into haugesundMaria Matejka
2022-03-09BGP Flowspec validation: Removed in-route optimization for multithreading ↵Maria Matejka
compatibility
2022-03-09Merge commit 'e42eedb9' into haugesundMaria Matejka
2022-03-09Merge commit '5cff1d5f' into haugesundMaria Matejka
Conflicts: proto/bgp/attrs.c proto/pipe/pipe.c
2022-03-09Merge commit 'd5a32563' into haugesundMaria Matejka
2022-03-09Merge commit '0c59f7ff' into haugesundMaria Matejka
2022-03-02Replacing BGP temporary linpools by the common temporary linpoolMaria Matejka
2022-03-02Introducing an universal temporary linpool flushed after every taskMaria Matejka
2022-03-02Merge commit '2c13759136951ef0e70a3e3c2b2d3c9a387f7ed9' into haugesundMaria Matejka
2022-02-27Babel: Fix bug in iface reconfigurationOndrej Zajicek (work)
A recent change in Babel causes ifaces to disappear after reconfiguration. The patch fixes that. Thanks to Johannes Kimmel for an insightful bugreport.
2022-02-06Merge branch 'oz-trie-table'Ondrej Zajicek (work)
2022-02-06BGP: Implement flowspec validation procedureOndrej Zajicek (work)
Implement flowspec validation procedure as described in RFC 8955 sec. 6 and RFC 9117. The Validation procedure enforces that only routers in the forwarding path for a network can originate flowspec rules for that network. The patch adds new mechanism for tracking inter-table dependencies, which is necessary as the flowspec validation depends on IP routes, and flowspec rules must be revalidated when best IP routes change. The validation procedure is disabled by default and requires that relevant IP table uses trie, as it uses interval queries for subnets.
2022-02-06Nest: Attach prefix trie to rtable for faster LPM and interval queriesOndrej Zajicek (work)
Attach a prefix trie to IP/VPN/ROA tables. Use it for net_route() and net_roa_check(). This leads to 3-5x speedups for IPv4 and 5-10x speedup for IPv6 of these calls. TODO: - Rebuild the trie during rt_prune_table() - Better way to avoid trie_add_prefix() in net_get() for existing tables - Make it configurable (?)
2022-01-28BGP: Make routing loops silentOndrej Zajicek (work)
One of previous commits added error logging of invalid routes. This also inadvertently caused error logging of route loops, which should be ignored silently. Fix that.
2022-01-28BGP: Use proper class in attribute error messagesOndrej Zajicek (work)
Most error messages in attribute processing are in rx/decode step and these use L_REMOTE log class. But there are few that are in tx/export step and these should use L_ERR log class. Use tx-specific macro (REJECT()) in tx/export code and rename field err_withdraw to err_reject in struct bgp_export_state to ensure that appropriate error reporting macros are called in proper contexts.
2022-01-28BGP: Improve 'invalid next hop' error reportingOndrej Zajicek (work)
Distinguish multiple causes of 'invalid next hop' message and report the relevant next hop address. Thanks to Simon Ruderich for the original patch.
2022-01-24BGP: Log route updates that were changed to withdrawsOndrej Zajicek (work)
Typical BGP error handling is treat-as-withdraw, where an invalid route is replaced with a withdraw. Log route network when it happens.
2022-01-09BGP: Add option 'free bind'Ondrej Zajicek (work)
The BGP 'free bind' option applies the IP_FREEBIND/IPV6_FREEBIND socket option for the BGP listening socket. Thanks to Alexander Zubkov for the idea.
2021-12-18RPKI: Add contextual out-of-bound checks in RTR Prefix PDU handlerJob Snijders
RFC 6810 and RFC 8210 specify that the "Max Length" value MUST NOT be less than the Prefix Length element (underflow). On the other side, overflow of the Max Length element also is possible, it being an 8-bit unsigned integer allows for values larger than 32 or 128. This also implicitly ensures there is no overflow of "Length" value. When a PDU is received where the Max Length field is corrputed, the RTR client (BIRD) should immediately terminate the session, flush all data learned from that cache, and log an error for the operator. Minor changes done by commiter.
2021-10-13Route: moved rte_src pointer from rta to rteMaria Matejka
It is an auxiliary key in the routing table, not a route attribute.
2021-10-13Preexport: No route modification, no linpool neededMaria Matejka
2021-10-13RIP fixup + dropping the tmp_attrs mechanism as obsoleteMaria Matejka
2021-10-13Dropping the RTS_DUMMY temporary route storage.Maria Matejka
Kernel route sync is done by other ways now and this code is not used currently.
2021-10-13Preference moved to RTA and set explicitly in protocolsMaria Matejka