summaryrefslogtreecommitdiff
path: root/sysdep/linux/netlink.c
AgeCommit message (Collapse)Author
2022-08-18Fixed initialization of Linux kernel route attributesMaria Matejka
2022-07-27Merge branch 'master' into backportOndrej Zajicek
2022-07-26Netlink: Restrict route replace for IPv6Ondrej Zajicek
Seems like the previous patch was too optimistic, as route replace is still broken even in Linux 4.19 LTS (but fixed in Linux 5.10 LTS) for: ip route add 2001:db8::/32 via fe80::1 dev eth0 ip route replace 2001:db8::/32 dev eth0 It ends with two routes instead of just the second. The issue is limited to direct and special type (e.g. unreachable) routes, the patch restricts route replace for cases when the new route is a regular route (with a next hop address).
2022-07-25Netlink: Simplify handling of IPv6 ECMP routesOndrej Zajicek
When IPv6 ECMP support first appeared in Linux kernel, it used different API than IPv4 ECMP. Individual next hops were updated and announced separately, instead of using RTA_MULTIPATH as in IPv4. This has several drawbacks and requires complex code to merge received notifications to one multipath route. When Linux came with IPv6 RTA_MULTIPATH support, the initial versions were somewhat buggy, so we kept using the old API for updates (splitting multipath routes to sequences of route updates), while accepting both old-style routes and RTA_MULTIPATH routes in scans / notifications. As IPv6 RTA_MULTIPATH support is here for a long time, this patch fully switches Netlink to the IPv6 RTA_MULTIPATH API and removes old complex code for handling individual next hop announces. The required Linux version is at least 4.11 for reliable operation. Thanks to Daniel Gröber for the original patch.
2022-07-24KRT: Scan routing tables separetely on linux to avoid congestionOndrej Zajicek
Remove compile-time sysdep option CONFIG_ALL_TABLES_AT_ONCE, replace it with runtime ability to run either separate table scans or shared scan. On Linux, use separate table scans by default when the netlink socket option NETLINK_GET_STRICT_CHK is available, but retreat to shared scan when it fails. Running separate table scans has advantages where some routing tables are managed independently, e.g. when multiple routing daemons are running on the same machine, as kernel routing table modification performance is significantly reduced when the table is modified while it is being scanned. Thanks Daniel Gröber for the original patch and Toke Høiland-Jørgensen for suggestions.
2022-03-09Merge commit 'e42eedb9' into haugesundMaria Matejka
2022-03-09Merge commit '5cff1d5f' into haugesundMaria Matejka
Conflicts: proto/bgp/attrs.c proto/pipe/pipe.c
2022-02-08Netlink: Minor cleanupOndrej Zajicek (work)
2022-01-17Netlink: Add option to specify netlink socket receive buffer sizeOndrej Zajicek (work)
Add option 'netlink rx buffer' to specify netlink socket receive buffer size. Uses SO_RCVBUFFORCE, so it can override rmem_max limit. Thanks to Trisha Biswas and Michal for the original patches.
2022-01-15Netlink: Add another workaround for older kernel headersOndrej Zajicek (work)
Unfortunately, SOL_NETLINK is both recently added and arch-dependent, so we cannot just define it.
2022-01-14Netlink: Add workaround for older kernel headersOndrej Zajicek (work)
2022-01-14Netlink: Enable strict checking for KRT dumpsOndrej Zajicek (work)
Add strict checking for netlink KRT dumps to avoid PMTU cache records from FNHE table dump along with KRT. Linux Kernel added FNHE table dump to the netlink API in patch: https://patchwork.ozlabs.org/project/netdev/patch/8d3b68cd37fb5fddc470904cdd6793fcf480c6c1.1561131177.git.sbrivio@redhat.com/ Therefore, since Linux 5.3 these route cache entries are dumped together with regular routes during periodic KRT scans, which in some cases may be huge amount of useless data. This can be avoided by using strict checking for netlink dumps: https://lore.kernel.org/netdev/20181008031644.15989-1-dsahern@kernel.org/ The patch mitigates the risk of receiving unknown and potentially large number of FNHE records that would block BIRD I/O in each sync. There is a known issue caused by the GRE tunnels on Linux that seems to be creating one FNHE record for each destination IP address that is routed through the tunnel, even when the PMTU equals to GRE interface MTU. Thanks to Tomas Hlavacek for the original patch.
2022-01-14Netlink: Explicitly skip received cloned routesOndrej Zajicek (work)
Kernel uses cloned routes to keep route cache entries, but reports them together with regular routes. They were skipped implicitly as they do not have rtm_protocol filled. Add explicit check for cloned flag and skip such routes explicitly. Also, improve debug logs of skipped routes.
2022-01-05Netlink: Do not ignore dead routes from BIRDOndrej Zajicek (work)
Currently, BIRD ignores dead routes to consider them absent. But it also ignores its own routes and thus it can not correctly manage such routes in some cases. This patch makes an exception for routes with proto bird when ignoring dead routes, so they can be properly updated or removed. Thanks to Alexander Zubkov for the original patch.
2022-01-05Netlink: Improve multipath parsing errorsOndrej Zajicek (work)
Function nl_parse_multipath() should handle errors internally.
2021-10-13Kernel: Convert the rte-local attributes to extended attributes and flags to ↵Maria Matejka
pflags
2021-10-13Route: moved rte_src pointer from rta to rteMaria Matejka
It is an auxiliary key in the routing table, not a route attribute.
2021-10-13Dropping the RTS_DUMMY temporary route storage.Maria Matejka
Kernel route sync is done by other ways now and this code is not used currently.
2021-01-14Netlink: Ignore dead routesOndrej Zajicek (work)
With net.ipv4.conf.XXX.ignore_routes_with_linkdown sysctl, a user can ensure the kernel does not use a route whose target interface is down. Such route is marked with a 'dead' / RTNH_F_DEAD flag. Ignore these routes or multipath nexthops during scan. Thanks to Vincent Bernat for the original patch.
2021-01-06Kernel: Fix handling of krt_realm with ECMP routesOndrej Zajicek (work)
For ECMP routes, RTA_FLOW attribute must be set per-nexthop, not per-route. Our corresponding krt_realm attribute is per-route. Thanks to Mikhail Petrov for the bugreport.
2020-06-03Netlink: Fix parsing of MPLS multipath routesKazuki Yamaguchi
Add support for RTA_MULTIPATH attribute parsing for AF_MPLS routes. BIRD is capable of installing a multipath route into kernel on Linux, but it would not be seen because parsing fails. This made BIRD attempt to install the same route repeatedly. (The patch minorly updated by committer)
2020-05-01Nest: Added const to ea_show just to declare that this shouldn't really ↵Maria Matejka
change anything
2020-03-07Netlink: Handle interfaces with missing broadcast addressesOndrej Zajicek (work)
2019-12-19KRT: Remove KRF_SYNC_ERROR flagOndrej Zajicek (work)
This info is now stored in an internal bmap. Unfortunately, net.flags is still needed for temporary kernel data.
2019-11-12Netlink: Handle IPv4 routes with IPv6 nexthopsOndrej Zajicek
Accept RTA_VIA attribute in all cases. The old code always used RTA_GATEWAY for IPv4 / IPv6 and RTA_VIA for MPLS. The new code uses RTA_VIA in cases where AF of network and AF of nexthop differs.
2019-07-24Merge remote-tracking branch 'origin/mq-filter-stack'Ondrej Zajicek (work)
2019-07-15Netlink: Fix parsing of multipath routes with MPLS labelsOndrej Zajicek (work)
2019-07-15Netlink: Use route replace for IPv4Ondrej Zajicek (work)
Use route replace netlink op instead of delete+add netlink ops for kernel IPv4 route replace. This avoids some packetloss during route replace. Still use the old behavior for IPv6, as some kernel bugs are hidden in IPv6 ECMP handling.
2019-07-10Merge branch 'master' into mq-filter-stackMaria Matejka
2019-07-02Netlink: Handle alien routes with unsorted nexthopsOndrej Zajicek (work)
Nest requires that nexthops are sorted, the kernel protocol have to ensure that for alien routes.
2019-07-02Netlink: Do unified scan for both IPv4 and IPv6Ondrej Zajicek (work)
Instead of separate scans for IPv4, IPv6 and MPLS, do one AF_UNSPEC scan. This also avoids kernel issue when kernel reported IPv4 and IPv6 routes during MPLS scan if MPLS is not active.
2019-02-20Filter refactoring: dropped the recursion from the interpreterMaria Matejka
This is a major change of how the filters are interpreted. If everything works how it should, it should not affect you unless you are hacking the filters themselves. Anyway, this change should make a huge improvement in the filter performance as previous benchmarks showed that our major problem lies in the recursion itself. There are also some changes in nest and protocols, related mostly to spreading const declarations throughout the whole BIRD and also to refactored dynamic attribute definitions. The need of these came up during the whole work and it is too difficult to split out these not-so-related changes.
2018-12-28KRT: Fix debug messages in netlink codeArthur Gautier
2018-06-27Nest: Neighbor cache cleanupsOndrej Zajicek (work)
Simplify neighbor cache code, fix several minor bugs, and improve handling of ONLINK flag.
2018-05-30Nest: Removing separate tmpa from route propagationJan Maria Matejka
This is a fundamental change of an original (1999) concept of route processing inside BIRD. During import/export, there was a temporary ea_list created which was to be used instead of the another one inside the route itself. This led to some confusion, quirks, and strange filter code that handled extended route attributes. Dropping it now. The protocol interface has changed in an uniform way -- the `struct ea_list *attrs` argument has been removed from store_tmp_attrs(), import_control(), rt_notify() and get_route_info().
2018-05-29Protocol: Introducing an enum protocol_classJan Maria Matejka
This supersedes the EAP_* constants.
2018-02-13Add support for source-specific IPv6 routes to BIRD coreOndrej Zajicek (work)
This patch adds support for source-specific IPv6 routes to BIRD core. This is based on Dean Luga's original patch, with the review comments addressed. SADR support is added to network address parsing in confbase.Y and to the kernel protocol on Linux. Currently there is no way to mix source-specific and non-source-specific routes (i.e., SADR tables cannot be connected to non-SADR tables). Thanks to Toke Hoiland-Jorgensen for the original patch. Minor changes by Ondrej Santiago Zajicek.
2017-12-16Netlink: Fix memory leakOndrej Zajicek (work)
2017-12-13Netlink: Use linpool instead of static bufferOndrej Zajicek (work)
2017-12-12Revive FIB and kernel MPLS codeOndrej Zajicek (work)
2017-12-11KRT: Fix bug in multipath handlingOndrej Zajicek (work)
2017-12-10Switchoff for MPLS in kernel.Maria Jan Matejka
2017-12-08Enable ECMP and Link detection by defaultOndrej Zajicek (work)
ECMP is not enabled on BSD, where it is not supported by BIRD.
2017-12-07Merge commit '7b2c5f3d2826e3175bf31b1c36056c9efc587a2b' into int-newOndrej Zajicek (work)
2017-12-07Merge commit '98bb80a243b58c43453e9be69d19d0350286549c' into int-newOndrej Zajicek (work)
2017-12-07Timers: Revert temporary names and remove old timer.hOndrej Zajicek (work)
2017-12-07Timers: Fix TBF and some last remainsOndrej Zajicek (work)
2017-12-07Nest: Maintain separate IPv4, IPv6 and LLv6 preferred addressesOndrej Zajicek (work)
Also redesign preferred address selection and update protocols to use appropriate preferred address. Based on a previous work by Jan Maria Matejka.
2017-09-06Basic VRF supportOndrej Zajicek (work)
Add basic VRF (virtual routing and forwarding) support. Protocols can be associated with VRFs, such protocols will be restricted to interfaces assigned to the VRF (as reported by Linux kernel) and will use sockets bound to the VRF. E.g., different multihop BGP instances can use diffent kernel routing tables to handle BGP TCP connections. The VRF support is preliminary, currently there are several limitations: - Recent Linux kernels (4.11) do not handle correctly sockets bound to interaces that are part of VRF, so most protocols other than multihop BGP do not work. This will be fixed by future kernel versions. - Neighbor cache ignores VRFs. Breaks config with the same prefix on local interfaces in different VRFs. Not much problem as single hop protocols do not work anyways. - Olock code ignores VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. - Incoming BGP connections are not dispatched according to VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. Perhaps we would need some kernel API to read VRF of incoming connection? Or probably use multiple listening sockets in int-new branch. - We should handle master VRF interface up/down events and perhaps disable associated protocols when VRF goes down. Or at least disable associated interfaces. - Also we should check if the master iface is really VRF iface and not some other kind of master iface. - BFD session request dispatch should be aware of VRFs. - Perhaps kernel protocol should read default kernel table ID from VRF iface so it is not necessary to configure it. - Perhaps we should have per-VRF default table.
2017-09-05KRT: Fix IPv6 ECMP handling with Linux 4.11+Ondrej Zajicek (work)
Starting from Linux 4.11, IPv6 ECMP routes are now notified using RTA_MULTIPATH, like IPv4 ones. The patch adds support for RTA_MULTIPATH parsing for IPv6 routes. This also enables to parse ECMP alien routes correctly. Thanks to Vincent Bernat for the original patch.