summaryrefslogtreecommitdiff
path: root/proto
AgeCommit message (Collapse)Author
2023-08-22BMP: Improve peer_down handlingOndrej Zajicek
Move all bmp_peer_down() calls to one place and make it synchronous with BGP session down, ensuring that BMP receives peer_down before route withdraws from flushing. Also refactor bmp_peer_down_() message generating code.
2023-08-21BMP: Use generic channel feed instead of direct walk over rtableOndrej Zajicek
Now we use rt_notify() and channels for both feed and notifications, in both import tables (pre-policy) and regular tables (post-policy). Remove direct walk in bmp_route_monitor_snapshot().
2023-08-18BMP: Fix route timestampsOndrej Zajicek
2023-08-18BMP: Refactor route monitoringOndrej Zajicek
- Manage BMP state through bmp_peer, bmp_stream, bmp_table structures - Use channels and rt_notify() hook for route announcements - Add support for post-policy monitoring - Send End-of-RIB even when there is no routes - Remove rte_update_in_notify() hook from import tables - Update import tables to support channels - Add bmp_hack (no feed / no flush) flag to channels
2023-08-01BMP: Remove useless bufferOndrej Zajicek
2023-08-01BMP: Simplify route monitoring hooksOndrej Zajicek
No need for *_begin(), *_commit(), and *_end() hooks. The hook *_notify() is sufficient for everything.
2023-06-08BMP: Ensure that bmp_fire_tx() does nothing when not upOndrej Zajicek
2023-06-08BMP: Support multiple instances of BMP protocolOndrej Zajicek
Add internal BMP functions with plicit bmp_proto *p as first argument, which allows using TRACE() macro. Keep list of BMP instances and call internal functions. Old BMP functions are wrappers that call internal functions for all enabled BMP instances. Extract End-of-RIB mark into separate function. Based on patch from Michal Zagorski <mzagorsk@akamai.com>. Thanks!
2023-05-31BMP: Fix bug in buffer resizeOndrej Zajicek
The buffer code in bmp_buffer_grow(), reuse the MRT buffer handling code. Based on comments by Michal Zagorski <mzagorsk@akamai.com>, Thanks!
2023-05-31BMP: Proper reconfiguration and protocol statusOndrej Zajicek
Based on patches from Michal Zagorski <mzagorsk@akamai.com> co-authored with Pawel Maslanka <pmaslank@akamai.com>. Thanks!
2023-05-30BMP: Add station address checkOndrej Zajicek
Also, do not initialize it to IPA_NONE4, use regular IPA_NONE.
2023-05-30BMP: Add local address optionMichal Zagorski
Also remove unused local and ip_post_policy options. Co-authored with Pawel Maslanka <pmaslank@akamai.com>. Minor changes by committer.
2023-05-30BMP: Minor formatting cleanupsOndrej Zajicek
Based on patches from Michal Zagorski <mzagorsk@akamai.com> co-authored with Pawel Maslanka <pmaslank@akamai.com>. Thanks!
2023-05-30BGP: Improve bgp_create_update_bmp()Ondrej Zajicek
Fix issue with missing AF cap (e.g. IPv4 unicast when no capabilities are announced). Add Linpool save/restore action similar to bgp_create_update(). Based on patch from Michal Zagorski <mzagorsk@akamai.com> co-authored with Pawel Maslanka <pmaslank@akamai.com>. Thanks!
2023-05-01BMP: Use OPEN messages stored in BGPOndrej Zajicek
The BMP protocol needs OPEN messages of established BGP sessions to construct appropriate Peer Up messages. Instead of saving them internally we use OPEN messages stored in BGP instances. This allows BMP instances to be restarted or enabled later. Because of this change, we can simplify BMP data structures. No need to keep track of BGP sessions when we are not started. We have to iterate over all (established) BGP sessions when the BMP session is established. This is just a scaffolding now, but some kind of iteration would be necessary anyway. Also, the commit cleans up handling of msg/msg_length arguments to be body/body_length consistently in both rx/tx and peer_up/peer_down calls.
2023-05-01BGP: Save sent and received OPEN messagesOndrej Zajicek
These are necessary for BMP Peer UP message and it is better to keep them in BGP than in BMP (so BMP could be restarted or added later).
2023-04-27Conf: Improve handling of keywordsOndrej Zajicek
For whatever reason, parser allocated a symbol for every parsed keyword in each scope. That wasted time and memory. The effect is worsened with recent changes allowing local scopes, so keywords often promote soft scopes (with no symbols) to real scopes. Do not allocate a symbol for a keyword. Take care of keywords that could be promoted to symbols (kw_sym) and do it explicitly.
2023-04-20BMP: Silence some log messagesOndrej Zajicek
Hooks called from BGP to BMP should not log warning when BMP is not connected, that is not an error (and we do not want to flood logs with a ton of messages). Blocked sk_send() should not log warning, that is expected situation. Error during sk_send() is handled in error hook anyway.
2023-04-20BMP: Fix connection managementOndrej Zajicek
Replace broken TCP connection management with a simple state machine. Handle failed attempts properly with a timeout, detect and handle TCP connection close and try to reconnect after that. Remove useless 'station_connected' flag. Keep open messages saved even after the BMP session establishment, so they can be used after BMP session flaps. Use proper log messages for session events.
2023-04-18BMP: Fix reconfigurationOndrej Zajicek
It is not supported, but at least it must update internal config pointer to not keep old one.
2023-04-18BMP: Allow build without BMP and disable BMP build by defaultOndrej Zajicek
It has still several important issues to be enabled by default.
2023-04-18BMP: Move initialization to bmp_start()Ondrej Zajicek
That fixes BMP socket allocation from an invalid pool.
2023-04-18BMP: Fix missing templateOndrej Zajicek
It is mandatory for protocol.
2023-04-16BMP: Add some missing bmp_buffer_free() callsOndrej Zajicek (work)
They were inadvertently removed during recent code refactoring. Thanks to Dawid Macek for the bugreport and patch.
2023-04-16BMP: Remove duplicate functions for update encodingOndrej Zajicek (work)
Use existing BGP functions also for BMP update encoding.
2023-04-16BMP: Integrate bmp_conn to bmp_protoOndrej Zajicek (work)
There is only one socket per BMP instance, no need to have separate struct (like in BGP).
2023-04-16BMP: Minor cleanupsOndrej Zajicek (work)
Remove redundant 'disable' option, simplify IP address serialization, and remove useless macros.
2023-04-16BMP: Do not use global instance ptr internallyOndrej Zajicek (work)
Use local variable to refence relevant instance instead of using global instance ptr. Also, use 'p' variable instead of 'bmp' so we can use common macros like TRACE().
2023-04-16BMP: Remove superfluous error handlingOndrej Zajicek (work)
Most error handling code was was for cases that cannot happen, or they would be code bugs (and should use ASSERT()). Keep error handling for just for I/O errors, like in rest of BIRD.
2023-04-16BMP protocol supportPawel Maslanka
Initial implementation of a basic subset of the BMP (BGP Monitoring Protocol, RFC 7854) from Akamai team. Submitted for further review and improvement.
2023-04-14BGP: Add 'allow bgp_med' option for EBGP sessionsTrisha Biswas
This option allows to treat bgp_med as regular transitive attribute on EBGP sessions (without hacks in filters). Minor changes from committer.
2023-04-04BGP: Fix bgp_med handlingOndrej Zajicek
Missing translation from BGP attribute ID to eattr ID in bgp_unset_attr() broke automatic removal of bgp_med during export to EBGP peers. Thanks to Edward Sun for the bugreport.
2023-03-16BGP: Free bind applies also to outbound connectionsMaria Matejka
Even though the free bind option is primarily meant to alleviate problems with addresses assigned too late, it's also possible to use BIRD with AnyIP configuration, assigning whole ranges to the machine. Therefore free bind allows also to create an outbound connection from specific address even though such address is not assigned.
2023-02-19BGP: Update RFC referencesOndrej Zajicek
2023-02-19Babel: Update RFC referencesOndrej Zajicek
2023-02-14Babel: Keep separate auth PC counters for unicast and multicastToke Høiland-Jørgensen
The babel protocol normally sends all its messages as multicast packets, but the protocol specification allows most messages to be sent as either unicast or multicast, and the two can be mixed freely. In particular, the babeld implementation can be configured to unicast updates to all peers instead of sending them as unicast. Daniel discovered that this can cause problems with the packet counter checks in the MAC extension due to packet reordering. This happens on WiFi networks where clients have power save enabled (which is quite common in infrastructure networks): in this case, the access point will buffer all multicast traffic and only send it out along with its beacons, leading to a maximum buffering in default Linux-based access point configuration of up to 200 ms. This means that a Babel sender that mixes unicast and multicast messages can have the unicast messages overtake the multicast messages because of this buffering; when authentication is enabled, this causes the receiver to discard the multicast message when it does arrive because it now has a packet counter value less than the unicast message that arrived before it. Daniel observed that this happens frequently enough that Babel ceases to work entirely when runner over a WiFi network. The issue has been described in draft-ietf-babel-mac-relaxed, which is currently pending RFC publication. That also describes two mitigation mechanisms: Keeping separate PC counters for unicast and multicast, and using a reorder window for PC values. This patch implements the former as that is the simplest, and resolves the particular issue seen on WiFi. Thanks to Daniel Gröber for the bugreport. Minor changes from committer.
2023-02-14Babel: Implement IPv4 via IPv6 extension (RFC 9229)Andreas Rammhold
The patch implements an IPv4 via IPv6 extension (RFC 9229) to the Babel routing protocol (RFC 8966) that allows annoncing routes to an IPv4 prefix with an IPv6 next hop, which makes it possible for IPv4 traffic to flow through interfaces that have not been assigned an IPv4 address. The implementation is compatible with the current Babeld version. Thanks to Toke Høiland-Jørgensen for early review on this work. Minor changes from committer.
2023-01-31Babel: Initialise source seqno from incoming messageToke Høiland-Jørgensen
When creating a new babel_source object we initialise the seqno to 0. The caller will update the source object with the right metric and seqno value, for both newly created and old source objects. However if we initialise the source object seqno to 0 that may actually turn out to be a valid (higher) seqno than the one in the routing table, because of seqno wrapping. In this case the source metric will not be set properly, which breaks feasibility tracking for subsequent updates. To fix this, add a new initial_seqno argument to babel_get_source() which is used when allocating a new object, and set that to the seqno value of the update we're sending. Thanks to Juliusz Chroboczek for the bugreport.
2023-01-30Babel: Improve clarity of unfeasible update handling.Ondrej Zajicek
Add a comment and (unnecessary) check to make correctness obvious.
2023-01-30Babel: Fix missing modulo comparison of seqnosToke Høiland-Jørgensen
Juliusz noticed there were a couple of places we were doing straight inequality comparisons of seqnos in Babel. This is wrong because seqnos can wrap: so we need to use the modulo-64k comparison function for these cases as well. Introduce a strict-inequality version of the modulo-comparison for this purpose.
2023-01-22BFD: Improve incoming packet matchingOndrej Zajicek
For active sessions, ignore received packets with zero local id and mismatched remote id. That forces a session timeout instead of an immediate session restart. It makes BFD sessions more resilient to packet spoofing. Thanks to André Grüneberg for the suggestion.
2023-01-22VRF: Fix issues with reconfigurationOndrej Zajicek
Protocols receive if_notify() announcements that are filtered according to their VRF setting, but during reconfiguration, they access iface_list directly and forgot to check VRF setting here, which leads to all interfaces be addedd. Fix this issue for Babel, OSPF, RAdv and RIP protocols. Thanks to Marcel Menzel for the bugreport.
2023-01-20BGP: Add received role value to role mismatch log messageOndrej Zajicek
2023-01-13Minor cleanupsOndrej Zajicek
2023-01-03BGP: Allow role specific keywords to be used as symbolsOndrej Zajicek
Some of these new BGP role keywords use generic names that collides with user-defined symbols. Allow them to be redefined. Also remove duplicit keyword definition for 'prefer'.
2023-01-03Nest: Fix leaking internal attributes in RIP and BabelOndrej Zajicek
During backporting attribute changes from 3.0-branch, some internal attributes (RIP iface and Babel seqno) leaked to 'show route all' output. Allow protocols to hide specific attributes with GA_HIDDEN value. Thanks to Nigel Kukard for the bugreport.
2023-01-01Nest: Fix several issues with pflagsOndrej Zajicek
There were some confusion about validity and usage of pflags, which caused incorrect usage after some flags from (now removed) protocol- specific area were moved to pflags. We state that pflags: - Are secondary data used by protocol-specific hooks - Can be changed on an existing route (in contrast to copy-on-write for primary data) - Are irrelevant for propagation (not propagated when changed) - Are specific to a routing table (not propagated by pipe) The patch did these fixes: - Do not compare pflags in rte_same(), as they may keep cached values like BGP_REF_STALE, causing spurious propagation. - Initialize pflags to zero in rte_get_temp(), avoid initialization in protocol code, fixing at least two forgotten initializations (krt and one case in babel). - Improve documentation about pflags
2022-12-24Babel: Rework seqno request handlingToke Høiland-Jørgensen
The seqno request retransmission handling was tracking the destination that a forwarded request was being sent to and always retransmitting to that same destination. This is unnecessary because we only need to retransmit requests we originate ourselves, not those we forward on behalf of others; in fact retransmitting on behalf of others can lead to exponential multiplication of requests, which would be bad. So rework the seqno request tracking so that instead of storing the destination of a request, we just track whether it was a request that we forwarded on behalf of another node, or if it was a request we originated ourselves. Forwarded requests are not retransmitted, they are only used for duplicate suppression, and for triggering an update when satisfied. If we end up originating a request that we previously forwarded, we "upgrade" the old request and restart the retransmit counter. One complication with this is that requests sent in response to unfeasible updates (section 3.8.2.2 of the RFC) have to be sent as unicast to a particular peer. However, we don't really need to retransmit those as there's no starvation when sending such a request; so we just change such requests to be one-off unicast requests that are not subject to retransmission or duplicate suppression. This is the same behaviour as babeld has for such requests. Minor changes from committer.
2022-12-10BGP: Log unacceptable hold time as decimal numberOndrej Zajicek
Thanks Johannes Moos for the suggestion.
2022-12-09BGP: Improve handling of hold and keepalive timersOndrej Zajicek
The effective keepalive time now scales relative to the negotiated hold time, to maintain proportion between the keepalive time and the hold time. This avoids issues when both keepalive and hold times were configured, the hold time was negotiated to a smaller value, but the keepalive time stayed the same. Add new options 'min hold time' and 'min keepalive time', which reject session attempts with too small hold time. Improve validation of config options an their documentation. Thanks to Alexander Zubkov and Sergei Goriunov for suggestions.