Age | Commit message (Collapse) | Author |
|
|
|
The RFC 5575 does not explicitly reject flowspec rules without dst part,
it just requires dst part in validation procedure for feasibility, which
we do not implement anyway. Thus flow without dst prefix is syntactically
valid, but unfeasible (if feasibilty testing is done).
Thanks to Alex D. for the bugreport.
|
|
When dynamic BGP with remote range is configured, MD5SIG needs to use
newer socket option (TCP_MD5SIG_EXT) to specify remote addres range for
listening socket.
Thanks to Adam KuĊagowski for the suggestion.
|
|
|
|
Recent changes in neighbor code caused RIP to access neighbor field which
is NULL during interface/neighbor removal and caused crash when debug
messages are enabled. Use correct field to get iface from neighbor.
|
|
|
|
Allows to configure IPv4/IPv6-only or direct/multihop-only BFD protocol
instances.
|
|
Function ifa_tx_hdrlen() uses fields autype and passwords, so it must be
called after these are set.
Thanks to Kenth Eriksson for the bugreport.
|
|
Add some statistic counters to BGP consistent with BGP MIB (RFC 4273),
including persistent 'FSM established transitions'.
|
|
During NLRI parsing of IPv6 Flowspec, dst prefix was not properly
extracted from NLRI, therefore a received flow was stored in a different
position in flowspec routing table, and was not reachable by command
'show route <flow>'.
Add proper prefix part accessors to flowspec code and use them from BGP
NLRI parsing code.
Thanks to Alex D. for the bugreport.
|
|
This is optional check described in RFC 4271. Although this can be also
done by filters, it is widely implemented option in BGP implementations.
Thanks to Eugene Bogomazov for the original patch.
|
|
There is a pending draft to make them obsolete
|
|
|
|
Transitive extended communities should be removed on external sessions,
the old code them in all cases.
Thanks to Jean-Daniel Pauget for the original patch.
|
|
The old code used just sizeof(struct sockaddr) bytes of IP address.
|
|
Change of some options requires route refresh, but when import table is
active, channel reload is done from it instead of doing full route
refresh. So in this case we request it internally.
|
|
|
|
Use 'l' for s64/u64 instead of for long/ulong, as that is much more
useful. Also make number() correct with regard to signed/unsigned
typecasts.
|
|
|
|
The bfd_reconfigure_neighbors() returned after first reconfigured
neighbor instead of continuing with the next one.
Thanks to Winston Chen for the bugreport and a patch.
|
|
Based on a patch from Liam Nattrass, thanks.
|
|
The attribute should not be modifiable by filters as we do not
support its type.
|
|
There is an improper check for valid message size, which may lead to
stack overflow and buffer leaks to log when a large message is received.
Thanks to Daniel McCarney for bugreport and analysis.
|
|
It crashed when used without protocol argument.
Thanks to Alexander for the bugreport.
|
|
Instead of having large stack buffer for max amount of AFI/SAFI pairs.
The old code is not correct w.r.t. extendeded option length, as more
AFI/SAFI pairs may fit into the capability option.
|
|
Extends BGP options/capabilities data length to 16bit, to avoid issues
with too many capabilities. See draft-ietf-idr-ext-opt-param-07
|
|
The patch implements optional internal export table to a channel and
hooks it to BGP so it can be used as Adj-RIB-Out. When enabled, all
exported (post-filtered) routes are stored there. An export table can be
examined using e.g. 'show route export table bgp1.ipv4'.
|
|
Add option to send solicited router advertisements as unicast directly
to soliciting nodes instead of as multicast to all-nodes group.
|
|
Several BGP channel options (including 'next hop self') could be
reconfigured without session reset, with just route refeed/refresh.
The patch improves reconfiguration code to do it that way.
|
|
The 'deterministic med' option is implemented by suppressing other than
best-in-group routes (grouped by ASN) from best route selection. This
interferes with 'merge paths' as supressed routes are no longer mergable
with best route. This is fixed by suppressing only those routes that are
not mergable with best-in-group route.
|
|
|
|
The formatting was broken due to longer date in 'since' column.
|
|
|
|
Protocol can have specified VRF, in such case it is restricted to a set
of ifaces associated with the VRF, otherwise it can use all interfaces.
The patch allows to specify VRF as 'default', in which case it is
restricted to a set of iface not associated with any VRF.
|
|
The formatting was broken when too short router-id was used.
|
|
|
|
Allow multiple BFD instances in separate VRFs, dispatch BFD requests
according to VRFs.
Thanks to Alexander Zubkov for notice and patches.
|
|
|
|
Per RFC 3101, N-bit signalling NSSA support should be used only in Hello
packets, not in DBDES packets. BIRD since 2.0.4 verifies N-bit in
neighbor structure, which is learned from DBDES packets, therefore
NSSA-LSAs are not propagated to proper implementations of RFC 3101.
This patch fixes that. Both removing the check and removing N-bit from
DBDES packet. This will fix compatibility issues with proper
implementations, but causes compatibility issues with BIRD 2.0.4.
|
|
|
|
Most LSA origination is blocked in ospf_update_topology(), this fix
blocks LSA origination from ospf_rt_spf().
|
|
When priority is reconfigured locally, we need to trigger DR election.
(recommiting, was reset by the previous commit)
|
|
We need to flush learned external LSAs a bit later than other LSAs (after
first feed after end of the graceful restart) to avoid flap of external
routes.
|
|
When priority is reconfigured locally, we need to trigger DR election.
|
|
|
|
|
|
This doesn't make any change for you until you have
millions of updates waiting to be sent. Increasing
the max hash size from 2^20 to 2^24.
|
|
If BGP has too many data to send and BIRD is slower than the link, TX is
always possible until all data is sent. This patch limits maximum number
of generated BGP messages in one iteration of TX hook.
|
|
Implement OSPFv2 (RFC 3623) and OSPFv3 (RFC 5187) graceful restart,
for both restarting and helper sides. Graceful restart is initiated
by 'graceful down' command.
|
|
When 'graceful down' command is entered, protocols are shut down
with regard to graceful restart. Namely Kernel protocol does
not remove routes and BGP protocol does not send notification,
just closes the connection.
|