summaryrefslogtreecommitdiff
path: root/sysdep/linux
AgeCommit message (Collapse)Author
2017-09-06Basic VRF supportOndrej Zajicek (work)
Add basic VRF (virtual routing and forwarding) support. Protocols can be associated with VRFs, such protocols will be restricted to interfaces assigned to the VRF (as reported by Linux kernel) and will use sockets bound to the VRF. E.g., different multihop BGP instances can use diffent kernel routing tables to handle BGP TCP connections. The VRF support is preliminary, currently there are several limitations: - Recent Linux kernels (4.11) do not handle correctly sockets bound to interaces that are part of VRF, so most protocols other than multihop BGP do not work. This will be fixed by future kernel versions. - Neighbor cache ignores VRFs. Breaks config with the same prefix on local interfaces in different VRFs. Not much problem as single hop protocols do not work anyways. - Olock code ignores VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. - Incoming BGP connections are not dispatched according to VRFs. Breaks config with multiple BGP peers with the same IP address in different VRFs. Perhaps we would need some kernel API to read VRF of incoming connection? Or probably use multiple listening sockets in int-new branch. - We should handle master VRF interface up/down events and perhaps disable associated protocols when VRF goes down. Or at least disable associated interfaces. - Also we should check if the master iface is really VRF iface and not some other kind of master iface. - BFD session request dispatch should be aware of VRFs. - Perhaps kernel protocol should read default kernel table ID from VRF iface so it is not necessary to configure it. - Perhaps we should have per-VRF default table.
2017-09-05KRT: Fix IPv6 ECMP handling with Linux 4.11+Ondrej Zajicek (work)
Starting from Linux 4.11, IPv6 ECMP routes are now notified using RTA_MULTIPATH, like IPv4 ones. The patch adds support for RTA_MULTIPATH parsing for IPv6 routes. This also enables to parse ECMP alien routes correctly. Thanks to Vincent Bernat for the original patch.
2017-05-16Some more autoconf cleanupsOndrej Zajicek (work)
Replace integer type width detection with C99 fixed-width types. Also remove some unused or obsolete code. Thanks to Ruben Kerkhof for the patchset.
2016-12-20Netlink: fix occasional netlink hangs on busy machinesJan Moskyto Matejka
2016-11-08Minor code cleanupsOndrej Zajicek (work)
2016-11-01Build: switch on -Wextra, get rid of most of the warningsJan Moskyto Matejka
There are several unresolved -Wmissing-field-initializers on older versions of GCC than 5.1, all of them false positive.
2016-09-29Kernel socket missing err_hook fixJan Moskyto Matejka
Thanks to Tim Weippert for bugreport.
2016-09-19KRT: Add krt_scope attributeOndrej Zajicek (work)
Add a new route attribute, krt_scope, to expose the Linux kernel route scope. Constants from /etc/iproute2/rt_scopes (prefixed by "ips_") are expected to be used with the attribute. Both import and export are supported. Also, the patch fixes device route export to the kernel, by setting link scope automatically.
2016-09-15KRT: Add kernel metric protocol optionOndrej Zajicek (work)
Kernel routes with different metrics do not clash with each other, therefore using dedicated metric value is a reliable way to avoid overwriting routes from other sources (e.g. kernel device routes). Although kernel route metric could already be set as a route attribute by filters, that is not consistent with the way how Linux kernel handles route metric - not just a route attribute, but a part of a route key.
2016-09-14KRT: Support for IPv6 ECMPOndrej Zajicek (work)
Linux represents IPv6 ECMP routes as a sequence of unipath routes with the same prefix. We have to translate between our representation (one route with multipath next hop) and the Linux representation in both directions. Proper learning of alien IPv6 ECMP routes still not supported. Thanks to Mikhail Sennikovskii for the original patch.
2016-08-30KRT: Forbid path merging on BSDOndrej Zajicek (work)
We support ECMP routes only on Linux. Exported routes are checked in krt_capable(), but a route generated during path merging avoids this check.
2016-07-20Netlink: Fix build with older headers missing IFA_FLAGSOndrej Zajicek (work)
2016-07-20Netlink: Ignore tentative addressesOndrej Zajicek (work)
Ignore tentative IPv6 addresses and wait until finish of Duplicate Address Detection (We got notification when an address is no longer tentative) to avoid problems when protocols try to use interfaces with tentative link-local addresses. Based on patch from Jan Moskyto Matejka
2016-05-10netlink: update struct msghdrStijn Tintel
The netlink code assumes an order for the members of struct msghdr. This breaks recvmsg and sendmsg with musl libc on mips64. Fix this by using designated initializers instead. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-04-13BSD: Add the IPsec SA/SP database entries controlOndrej Zajicek (work)
Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are handled automatically on both Linux and FreeBSD. Based on patches from Pavel Tvrdik.
2016-04-06KRT: Fix route learn scan when route changedOndrej Zajicek (work)
When a kernel route changed, function krt_learn_scan() noticed that and replaced the route in internal kernel FIB, but after that, function krt_learn_prune() failed to propagate the new route to the nest, because it confused the new route with the (removed) old best route and decided that the best route did not changed. Wow, the original code (and the bug) is almost 17 years old.
2015-11-24Netlink: attribute validation before parsingJan Moskyto Matejka
Wanted netlink attributes are defined in a table, specifying their size and neediness. Removing the long conditions that did the validation before. Also parsing IPv4 and IPv6 versions regardless on the IPV6 macro.
2015-11-23Nest: Fix bug in device protoOndrej Zajicek (work)
If an interface address notification is received during device protocol shutdown/restart, BIRD crashed. Thanks to Wei Huang for the bugreport.
2015-11-11Fix compiling with --enable-debug optionPavel Tvrdík
2015-11-11Netlink: Allow more than 256 routing tables.Jan Moskyto Matejka
Since 2.6.19, the netlink API defines RTA_TABLE routing attribute to allow 32-bit routing table IDs. Using this attribute to index routing tables at Linux, instead of 8-bit rtm_table field.
2015-10-17Minor changesOndrej Zajicek (work)
2015-07-28Netlink: Fixes uninitialized variableOndrej Zajicek
Thanks to Pavel Tvrdik for the bugfix
2015-06-08KRT: Fixes some minor bugs in kernel protocolOndrej Zajicek
2015-06-08unsigned [int] -> uintPavel Tvrdík
2015-05-13Fix in the last commitOndrej Zajicek
2015-05-12KRT: Add support for plenty of kernel route metricsOndrej Zajicek
Linux kernel route metrics (RTA_METRICS netlink route attribute) are represented and accessible as new route attributes: krt_mtu, krt_window, krt_rtt, krt_rttvar, krt_sstresh, krt_cwnd, krt_advmss, krt_reordering, krt_hoplimit, krt_initcwnd, krt_rto_min, krt_initrwnd, krt_quickack, krt_lock_mtu, krt_lock_window, krt_lock_rtt, krt_lock_rttvar, krt_lock_sstresh, krt_lock_cwnd, krt_lock_advmss, krt_lock_reordering, krt_lock_hoplimit, krt_lock_rto_min, krt_feature_ecn, krt_feature_allfrag
2015-03-31Understand IFF_MULTICAST flag on ifaces in LinuxOndrej Zajicek
Unfortunately, some interfaces support multicast but do not have this flag set, so we use it only as a positive hint. Thanks to Clint Armstrong for noticing the problem.
2015-02-21Use AF_UNSPEC for RTM_GETLINKOndrej Zajicek
This value is specified in documentation.
2014-10-02Implements token bucket filter for rate limiting.Ondrej Zajicek
2014-06-26Ensures that msg_controllen includes last padding.Ondrej Zajicek
Although RFC 3542 allows both cases, Theo de Raadt thinks he knows better, and msg_controllen without last padding fails on OpenBSD. Thanks to Job Snijders for the bugreport.
2014-05-18IPv4/IPv6 integrated socket code.Ondrej Zajicek
2014-03-31Fixes build on some old systems.Ondrej Zajicek
2014-02-26Fixes longstanding issue with interfaces staying in IF_TMP_DOWN.Ondrej Zajicek
Thanks to Pierluigi Rolando and others for the bugreport.
2014-02-06Many changes in I/O and OSPF sockets and packet handling.Ondrej Zajicek
I/O: - BSD: specify src addr on IP sockets by IP_HDRINCL - BSD: specify src addr on UDP sockets by IP_SENDSRCADDR - Linux: specify src addr on IP/UDP sockets by IP_PKTINFO - IPv6: specify src addr on IP/UDP sockets by IPV6_PKTINFO - Alternative SKF_BIND flag for binding to IP address - Allows IP/UDP sockets without tx_hook, on these sockets a packet is discarded when TX queue is full - Use consistently SOL_ for socket layer values. OSPF: - Packet src addr is always explicitly set - Support for secondary addresses in BSD - Dynamic RX/TX buffers - Fixes some minor buffer overruns - Interface option 'tx length' - Names for vlink pseudoifaces (vlinkX) - Vlinks use separate socket for TX - Vlinks do not use fixed associated iface - Fixes TTL for direct unicast packets - Fixes DONTROUTE for OSPF sockets - Use ifa->ifname instead of ifa->iface->name
2013-11-25Merge branch 'master' into add-pathOndrej Zajicek
2013-11-25Changes primary addr selection on BSD to respect SIOCGIFADDR ioctl() result.Ondrej Zajicek
Thanks to Alexander V. Chernikov for the original patch.
2013-11-23Removes workaround related to import of kernel device routes.Ondrej Zajicek
Thanks to Benjamin Cama for notification.
2013-11-23Merge branch 'master' into add-pathOndrej Zajicek
Conflicts: filter/filter.c nest/proto.c nest/rt-table.c proto/bgp/bgp.h proto/bgp/config.Y
2013-09-26Fixes missing unregister of kernel table handling code.Ondrej Zajicek
And some minor fixes. Thanks to Sergey Popovich for the patch.
2013-07-04Makes krt.c much more readable.Ondrej Zajicek
2013-06-25Implements TTL security for OSPF and RIP.Ondrej Zajicek
Interfaces for OSPF and RIP could be configured to use (and request) TTL 255 for traffic to direct neighbors. Thanks to Simon Dickhoven for the original patch for RIPng.
2013-06-24Better packet priority and traffic class handling.Ondrej Zajicek
Implements support for IPv6 traffic class, sets higher priority for OSPF and RIP outgoing packets by default and allows to configure ToS/DS/TClass IP header field and the local priority of outgoing packets.
2013-05-28Fixes problems with routing table scans on some platforms.Ondrej Zajicek
Negative bit shifts are definitely undefined oprations.
2012-08-14Implements ADD-PATH extension for BGP.Ondrej Zajicek
Allows to send and receive multiple routes for one network by one BGP session. Also contains necessary core changes to support this (routing tables accepting several routes for one network from one protocol). It needs some more cleanup before merging to the master branch.
2012-08-06Some minor fixes.Ondrej Zajicek
2012-05-11Minor cleanups.Ondrej Zajicek
2012-05-04Cleanup in sysdep KRT code, part 4.Ondrej Zajicek
Adding some files that was accidentally removed (instead of moved) in cleanup part 2.
2012-04-30Cleanup in sysdep KRT code, part 2.Ondrej Zajicek
Remove support for historic Linux kernels, merge krt-iface, krt-set and krt-scan stub headers.
2012-04-30Cleanup in sysdep KRT code, part 1.Ondrej Zajicek
OS-dependent functions renamed to be more consistent, prepared to merge krt-set and krt-scan headers. Name changes: struct krt_if_params -> struct kif_params struct krt_if_status -> struct kif_status struct krt_set/scan_params -> struct krt_params struct krt_set/scan_status -> struct krt_status krt_if_params_same -> kif_sys_reconfigure krt_if_copy_params -> kif_sys_copy_config krt_set/scan_params_same -> krt_sys_reconfigure krt_set/scan_copy_params -> krt_sys_copy_config krt_if_scan -> kif_do_scan krt_set_notify -> krt_do_notify krt_scan_fire -> krt_do_scan krt_if_ -> kif_sys_ krt_scan_ -> krt_sys_ krt_set_ -> krt_sys_
2012-04-24Merge commit 'origin/master'Ondrej Zajicek