| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
|
|
|
|
|
|
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.
Implemeted transports are:
- unprotected transport over TCP
- secure transport over SSHv2
Example configuration of bird.conf:
...
roa4 table r4;
roa6 table r6;
protocol rpki {
debug all;
# Import both IPv4 and IPv6 ROAs
roa4 { table r4; };
roa6 { table r6; };
# Set cache server (validator) address,
# overwrite default port 323
remote "rpki-validator.realmv6.org" port 8282;
# Overwrite default time intervals
retry 10; # Default 600 seconds
refresh 60; # Default 3600 seconds
expire 600; # Default 7200 seconds
}
protocol rpki {
debug all;
# Import only IPv4 routes
roa4 { table r4; };
# Set cache server address to localhost,
# use default ports tcp => 323 or ssh => 22
remote 127.0.0.1;
# Use SSH transport instead of unprotected transport over TCP
ssh encryption {
bird private key "/home/birdgeek/.ssh/id_rsa";
remote public key "/home/birdgeek/.ssh/known_hosts";
user "birdgeek";
};
}
...
|
|
- Unit Testing Framework (BirdTest)
- Integration of BirdTest into the BIRD build system
- Tests for several BIRD modules
Based on squashed Pavel Tvrdik's int-test branch, updated for
current int-new branch.
|
|
|
|
|
|
|
|
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
|
|
BIRD passed string from configuration to openlog(), which kept it
internally. After reconfiguration the old string was freed, therefore
openlog had invalid copy.
Thanks to Chris Caputo for the original patch.
|
|
Thanks to Tim Weippert for bugreport.
|
|
|
|
Kernel protocol calls rt_export_merged(), which used @rte_update_pool for
temporary allocations, supposing it is called from other functions from
rt-table.c that handles locking and flushing of the linpool. Therefore,
linpool was not flushed properly and memory leaked.
Add linpool argument to rt_export_merged() and use @krt_filter_lp when
called from kernel protocol.
Thanks to Justin Cattle and Alexander Frolkin for the bugreport.
(Commit squashed and updated by Ondrej Zajicek)
|
|
|
|
We support ECMP routes only on Linux. Exported routes are checked in
krt_capable(), but a route generated during path merging avoids this
check.
|
|
|
|
Logging is not yet initialized, we have to use fprintf() here.
Thanks to Pavel Tvrdik for noticing and debugging it.
|
|
|
|
In a header file write it with extern keyword. And in one of the *.c
file declare it without extern keyword.
|
|
|
|
BSD lib/setkey.h and lib/sysio.h #include fixes.
OpenBSD's flex needs -o param without space.
V6ONLY for SK_IP fix.
|
|
AF can be specified implicitly by saddr or daddr, flags SKF_V4ONLY and
SKF_V6ONLY are to be removed.
|
|
|
|
|
|
|
|
|
|
|
|
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.
Fixed make doc on recent Debian together with moving generated doc into
objdir.
Moved Makefile.in into root dir
Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
|
|
==00:00:00:02.831 2468== Syscall param socketcall.setsockopt(optval) points to uninitialised byte(s)
==00:00:00:02.831 2468== at 0x513BDEA: setsockopt (in /usr/lib/libc-2.23.so)
==00:00:00:02.831 2468== by 0x45C7AF: sk_setup (io.c:1216)
==00:00:00:02.831 2468== by 0x45CDFF: sk_open (io.c:1417)
==00:00:00:02.831 2468== by 0x44B562: rip_open_socket (packets.c:740)
==00:00:00:02.831 2468== by 0x4481A7: rip_iface_locked (rip.c:616)
==00:00:00:02.831 2468== by 0x4133E4: olock_run_event (locks.c:177)
==00:00:00:02.831 2468== by 0x45A6DE: ev_run (event.c:85)
==00:00:00:02.831 2468== by 0x45A7AD: ev_run_list (event.c:142)
==00:00:00:02.831 2468== by 0x45E0FC: io_loop (io.c:2066)
==00:00:00:02.831 2468== by 0x463B56: main (main.c:845)
==00:00:00:02.831 2468== Address 0xffefffd24 is on thread 1's stack
==00:00:00:02.831 2468== in frame #1, created by sk_setup (io.c:1188)
==00:00:00:02.831 2468== Uninitialised value was created by a stack allocation
==00:00:00:02.831 2468== at 0x45C6BB: sk_setup (io.c:1188)
|
|
Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database
at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are
handled automatically on both Linux and FreeBSD.
Based on patches from Pavel Tvrdik.
|
|
Many protocols do almost the same when creating a rte_update request
before calling rte_update2(). This commit should simplify the protocol
side of the route-creation routine.
|
|
|
|
Add option that changes default paths for config file and control socket
to the current working directory.
|
|
|
|
Event cycle may took too much time and trigger next timer events, so
avoid cycling between timer and event cycles inside the loop cycle.
|
|
In BIRD, RX has lower priority than TX with the exception of RX from
control socket. The patch replaces heuristic based on socket type with
explicit mark and uses it for both control socket and BGP session waiting
to be established.
This should avoid an issue when during heavy load, outgoing connection
could connect (TX event), send open, but then failed to receive OPEN /
establish in time, not sending notifications between and therefore
got hold timer expired error from the neighbor immediately after it
finally established the connection.
|
|
When a kernel route changed, function krt_learn_scan() noticed that and
replaced the route in internal kernel FIB, but after that, function
krt_learn_prune() failed to propagate the new route to the nest, because
it confused the new route with the (removed) old best route and decided
that the best route did not changed.
Wow, the original code (and the bug) is almost 17 years old.
|
|
The events variable is used in the short loop decision. The reasons are
not much clear, keeping this to keep the former behaviour.
|
|
It does strange things when even one fd larger than FD_SETSIZE is
passed to select().
|
|
|
|
This should lift the limit of FD_SETSIZE and allow more than 1024 fd's.
FD_SETSIZE limit doesn't matter now when creating new sockets.
|
|
Pointer to current_log_name has to be changed even if the name is the
same, because the old one will be invalid/freed after reconfiguration.
|
|
The patch adds support for channels, structures connecting protocols and
tables and handling most interactions between them. The documentation is
missing yet.
|
|
|
|
|
|
|
|
|
