From 8ecbaf9c70b802a1200ad37f2bfd4bc64173c5fe Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 16 Aug 2012 13:09:26 +0200 Subject: Fixes a bug with neighbor cache and overlapping IP prefixes. When there are overlapping IP prefixes and one disappears, neighbors associated with it was removed even if there is another covering IP prefix. --- nest/neighbor.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'nest') diff --git a/nest/neighbor.c b/nest/neighbor.c index 506d9bde..9dce8119 100644 --- a/nest/neighbor.c +++ b/nest/neighbor.c @@ -114,7 +114,7 @@ neighbor * neigh_find2(struct proto *p, ip_addr *a, struct iface *ifa, unsigned flags) { neighbor *n; - int class, scope = -1; ; + int class, scope = -1; unsigned int h = neigh_hash(p, a); struct iface *i; @@ -240,7 +240,21 @@ neigh_down(neighbor *n) n->proto->neigh_notify(n); rem_node(&n->n); if (n->flags & NEF_STICKY) - add_tail(&sticky_neigh_list, &n->n); + { + add_tail(&sticky_neigh_list, &n->n); + + /* Respawn neighbor if there is another matching prefix */ + struct iface *i; + int scope; + + if (!n->iface) + WALK_LIST(i, iface_list) + if ((scope = if_connected(&n->addr, i)) >= 0) + { + neigh_up(n, i, scope); + return; + } + } else sl_free(neigh_slab, n); } -- cgit v1.2.3 From cf98be7b6743e45dde9e0458664cc0762bf08867 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Sat, 10 Nov 2012 14:26:13 +0100 Subject: Allows rejected routes to be kept and examined. When 'import keep rejected' protocol option is activated, routes rejected by the import filter are kept in the routing table, but they are hidden and not propagated to other protocols. It is possible to examine them using 'show route rejected'. --- doc/bird.sgml | 22 +++++++++-- nest/config.Y | 9 ++++- nest/proto.c | 20 +++++++--- nest/protocol.h | 5 ++- nest/route.h | 10 ++++- nest/rt-table.c | 113 ++++++++++++++++++++++++++++++++++++++---------------- proto/bgp/attrs.c | 2 +- proto/bgp/bgp.c | 2 +- sysdep/unix/krt.c | 4 +- 9 files changed, 135 insertions(+), 52 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index 24bc3026..e5550590 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -459,6 +459,14 @@ to zero to disable it. An empty is equivalent to import keep rejected + Usually, if an import filter rejects a route, the route is + forgotten. When this option is active, rejected routes are + kept in the routing table, but they are hidden and not + propagated to other protocols. But it is possible to show them + using import limit Specify an import route limit (a maximum number of routes imported from the protocol) and optionally the action to be @@ -467,8 +475,11 @@ to zero to disable it. An empty is equivalent to export limit Specify an export route limit, works similarly to @@ -661,6 +672,9 @@ This argument can be omitted if there exists only a single instance.

You can also select just routes added by a specific protocol. protocol . +

If BIRD is configured to keep rejected routes (see The rdnss local + rdnss local Use only local (interface-specific) RDNSS definitions for this interface. Otherwise, both global and local definitions are used. Could also be used to disable RDNSS for given interface if no local definitons are specified. Default: no. - dnssl local + dnssl local Use only local DNSSL definitions for this interface. See diff --git a/nest/config.Y b/nest/config.Y index a75dd0c3..93402d90 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -44,7 +44,7 @@ CF_DECLS CF_KEYWORDS(ROUTER, ID, PROTOCOL, TEMPLATE, PREFERENCE, DISABLED, DEBUG, ALL, OFF, DIRECT) CF_KEYWORDS(INTERFACE, IMPORT, EXPORT, FILTER, NONE, TABLE, STATES, ROUTES, FILTERS) -CF_KEYWORDS(LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE) +CF_KEYWORDS(LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE, KEEP, REJECTED) CF_KEYWORDS(PASSWORD, FROM, PASSIVE, TO, ID, EVENTS, PACKETS, PROTOCOLS, INTERFACES) CF_KEYWORDS(PRIMARY, STATS, COUNT, FOR, COMMANDS, PREEXPORT, GENERATE, ROA, MAX, FLUSH) CF_KEYWORDS(LISTEN, BGP, V6ONLY, DUAL, ADDRESS, PORT, PASSWORDS, DESCRIPTION, SORTED) @@ -187,6 +187,7 @@ proto_item: | EXPORT imexport { this_proto->out_filter = $2; } | IMPORT LIMIT limit_spec { this_proto->in_limit = $3; } | EXPORT LIMIT limit_spec { this_proto->out_limit = $3; } + | IMPORT KEEP REJECTED bool { this_proto->in_keep_rejected = $4; } | TABLE rtable { this_proto->table = $2; } | ROUTER ID idval { this_proto->router_id = $3; } | DESCRIPTION TEXT { this_proto->dsc = $2; } @@ -405,7 +406,7 @@ CF_CLI(SHOW INTERFACES SUMMARY,,, [[Show summary of network interfaces]]) { if_show_summary(); } ; CF_CLI_HELP(SHOW ROUTE, ..., [[Show routing table]]) -CF_CLI(SHOW ROUTE, r_args, [[[|for |for ] [table ] [filter |where ] [all] [primary] [(export|preexport)

] [protocol

] [stats|count]]], [[Show routing table]]) +CF_CLI(SHOW ROUTE, r_args, [[[|for |for ] [table ] [filter |where ] [all] [primary] [rejected] [(export|preexport)

] [protocol

] [stats|count]]], [[Show routing table]]) { rt_show($3); } ; r_args: @@ -451,6 +452,10 @@ r_args: $$ = $1; $$->primary_only = 1; } + | r_args REJECTED { + $$ = $1; + $$->rejected = 1; + } | r_args export_or_preexport SYM { struct proto_config *c = (struct proto_config *) $3->def; $$ = $1; diff --git a/nest/proto.c b/nest/proto.c index 53d3f1a2..2fb0e796 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -414,6 +414,7 @@ proto_reconfigure(struct proto *p, struct proto_config *oc, struct proto_config p->main_ahook->out_filter = nc->out_filter; p->main_ahook->in_limit = nc->in_limit; p->main_ahook->out_limit = nc->out_limit; + p->main_ahook->in_keep_rejected = nc->in_keep_rejected; } /* Update routes when filters changed. If the protocol in not UP, @@ -719,8 +720,9 @@ proto_fell_down(struct proto *p) { DBG("Protocol %s down\n", p->name); - if (p->stats.imp_routes != 0) - log(L_ERR "Protocol %s is down but still has %d routes", p->name, p->stats.imp_routes); + u32 all_routes = p->stats.imp_routes + p->stats.rej_routes; + if (all_routes != 0) + log(L_ERR "Protocol %s is down but still has %d routes", p->name, all_routes); bzero(&p->stats, sizeof(struct proto_stats)); proto_free_ahooks(p); @@ -796,6 +798,7 @@ proto_schedule_feed(struct proto *p, int initial) p->main_ahook->out_filter = p->cf->out_filter; p->main_ahook->in_limit = p->cf->in_limit; p->main_ahook->out_limit = p->cf->out_limit; + p->main_ahook->in_keep_rejected = p->cf->in_keep_rejected; proto_reset_limit(p->main_ahook->in_limit); proto_reset_limit(p->main_ahook->out_limit); } @@ -1093,10 +1096,15 @@ proto_state_name(struct proto *p) } static void -proto_show_stats(struct proto_stats *s) +proto_show_stats(struct proto_stats *s, int in_keep_rejected) { - cli_msg(-1006, " Routes: %u imported, %u exported, %u preferred", - s->imp_routes, s->exp_routes, s->pref_routes); + if (in_keep_rejected) + cli_msg(-1006, " Routes: %u imported, %u rejected, %u exported, %u preferred", + s->imp_routes, s->rej_routes, s->exp_routes, s->pref_routes); + else + cli_msg(-1006, " Routes: %u imported, %u exported, %u preferred", + s->imp_routes, s->exp_routes, s->pref_routes); + cli_msg(-1006, " Route change stats: received rejected filtered ignored accepted"); cli_msg(-1006, " Import updates: %10u %10u %10u %10u %10u", s->imp_updates_received, s->imp_updates_invalid, @@ -1134,7 +1142,7 @@ proto_show_basic_info(struct proto *p) proto_show_limit(p->cf->out_limit, "Export limit:"); if (p->proto_state != PS_DOWN) - proto_show_stats(&p->stats); + proto_show_stats(&p->stats, p->cf->in_keep_rejected); } void diff --git a/nest/protocol.h b/nest/protocol.h index 11fcb164..b10016d7 100644 --- a/nest/protocol.h +++ b/nest/protocol.h @@ -91,6 +91,7 @@ struct proto_config { int class; /* SYM_PROTO or SYM_TEMPLATE */ u32 debug, mrtdump; /* Debugging bitfields, both use D_* constants */ unsigned preference, disabled; /* Generic parameters */ + int in_keep_rejected; /* Routes rejected in import filter are kept */ u32 router_id; /* Protocol specific router ID */ struct rtable_config *table; /* Table we're attached to */ struct filter *in_filter, *out_filter; /* Attached filters */ @@ -106,7 +107,8 @@ struct proto_config { struct proto_stats { /* Import - from protocol to core */ u32 imp_routes; /* Number of routes successfully imported to the (adjacent) routing table */ - u32 pref_routes; /* Number of routes that are preferred, sum over all routing table */ + u32 rej_routes; /* Number of routes rejected in import filter but kept in the routing table */ + u32 pref_routes; /* Number of routes that are preferred, sum over all routing tables */ u32 imp_updates_received; /* Number of route updates received */ u32 imp_updates_invalid; /* Number of route updates rejected as invalid */ u32 imp_updates_filtered; /* Number of route updates rejected by filters */ @@ -410,6 +412,7 @@ struct announce_hook { struct proto_limit *out_limit; /* Output limit */ struct proto_stats *stats; /* Per-table protocol statistics */ struct announce_hook *next; /* Next hook for the same protocol */ + int in_keep_rejected; /* Routes rejected in import filter are kept */ }; struct announce_hook *proto_add_announce_hook(struct proto *p, struct rtable *t, struct proto_stats *stats); diff --git a/nest/route.h b/nest/route.h index 524e69b3..3c10fc55 100644 --- a/nest/route.h +++ b/nest/route.h @@ -221,6 +221,14 @@ typedef struct rte { } rte; #define REF_COW 1 /* Copy this rte on write */ +#define REF_REJECTED 2 /* Route is rejected by import filter */ + +/* Route is valid for propagation (may depend on other flags in the future), accepts NULL */ +static inline int rte_is_valid(rte *r) { return r && !(r->flags & REF_REJECTED); } + +/* Route just has REF_REJECTED flag */ +static inline int rte_is_rejected(rte *r) { return !!(r->flags & REF_REJECTED); } + /* Types of route announcement, also used as flags */ #define RA_OPTIMAL 1 /* Announcement of optimal route change */ @@ -263,7 +271,7 @@ struct rt_show_data { struct fib_iterator fit; struct proto *show_protocol; struct proto *export_protocol; - int export_mode, primary_only; + int export_mode, primary_only, rejected; struct config *running_on_config; int net_counter, rt_counter, show_counter; int stats, show_for; diff --git a/nest/rt-table.c b/nest/rt-table.c index 118f4c25..421a05ea 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -69,7 +69,7 @@ net_route(rtable *tab, ip_addr a, int len) { a0 = ipa_and(a, ipa_mkmask(len)); n = fib_find(&tab->fib, &a0, len); - if (n && n->routes) + if (n && rte_is_valid(n->routes)) return n; len--; } @@ -139,8 +139,11 @@ rte_better(rte *new, rte *old) { int (*better)(rte *, rte *); - if (!old) + if (!rte_is_valid(old)) return 1; + if (!rte_is_valid(new)) + return 0; + if (new->pref > old->pref) return 1; if (new->pref < old->pref) @@ -399,9 +402,13 @@ rt_notify_accepted(struct announce_hook *ah, net *net, rte *new_changed, rte *ol rte *old_free = NULL; rte *r; - /* Used to track whether we met old_changed position. If it is NULL - it was the first and met it implicitly before current best route. */ - int old_meet = (old_changed && !before_old) ? 1 : 0; + /* Used to track whether we met old_changed position. If before_old is NULL + old_changed was the first and we met it implicitly before current best route. */ + int old_meet = old_changed && !before_old; + + /* Note that before_old is either NULL or valid (not rejected) route. + If old_changed is valid, before_old have to be too. If old changed route + was not valid, caller must use NULL for both old_changed and before_old. */ if (new_changed) stats->exp_updates_received++; @@ -409,7 +416,7 @@ rt_notify_accepted(struct announce_hook *ah, net *net, rte *new_changed, rte *ol stats->exp_withdraws_received++; /* First, find the new_best route - first accepted by filters */ - for (r=net->routes; r; r=r->next) + for (r=net->routes; rte_is_valid(r); r=r->next) { if (new_best = export_filter(ah, r, &new_free, &tmpa, 0)) break; @@ -428,7 +435,8 @@ rt_notify_accepted(struct announce_hook *ah, net *net, rte *new_changed, rte *ol if (feed) { if (feed == 2) /* refeed */ - old_best = new_best ? new_best : net->routes; + old_best = new_best ? new_best : + (rte_is_valid(net->routes) ? net->routes : NULL); else old_best = NULL; @@ -477,7 +485,7 @@ rt_notify_accepted(struct announce_hook *ah, net *net, rte *new_changed, rte *ol } /* Fourth case */ - for (r=r->next; r; r=r->next) + for (r=r->next; rte_is_valid(r); r=r->next) { if (old_best = export_filter(ah, r, &old_free, NULL, 1)) goto found; @@ -531,7 +539,14 @@ rt_notify_accepted(struct announce_hook *ah, net *net, rte *new_changed, rte *ol static void rte_announce(rtable *tab, unsigned type, net *net, rte *new, rte *old, rte *before_old, ea_list *tmpa) { - struct announce_hook *a; + if (!rte_is_valid(old)) + old = before_old = NULL; + + if (!rte_is_valid(new)) + new = NULL; + + if (!old && !new) + return; if (type == RA_OPTIMAL) { @@ -544,6 +559,7 @@ rte_announce(rtable *tab, unsigned type, net *net, rte *new, rte *old, rte *befo rt_notify_hostcache(tab, net); } + struct announce_hook *a; WALK_LIST(a, tab->hooks) { ASSERT(a->proto->core_state == FS_HAPPY || a->proto->core_state == FS_FEEDING); @@ -650,8 +666,13 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str if (new && rte_same(old, new)) { /* No changes, ignore the new route */ - stats->imp_updates_ignored++; - rte_trace_in(D_ROUTES, p, new, "ignored"); + + if (!rte_is_rejected(new)) + { + stats->imp_updates_ignored++; + rte_trace_in(D_ROUTES, p, new, "ignored"); + } + rte_free_quick(new); #ifdef CONFIG_RIP /* lastmod is used internally by RIP as the last time @@ -680,8 +701,10 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str struct proto_limit *l = ah->in_limit; if (l && !old && new) { - if (stats->imp_routes >= l->limit) - proto_notify_limit(ah, l, stats->imp_routes); + u32 all_routes = stats->imp_routes + stats->rej_routes; + + if (all_routes >= l->limit) + proto_notify_limit(ah, l, all_routes); if (l->state == PLS_BLOCKED) { @@ -692,15 +715,15 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str } } - if (new) + if (new && !rte_is_rejected(new)) stats->imp_updates_accepted++; else stats->imp_withdraws_accepted++; if (new) - stats->imp_routes++; + rte_is_rejected(new) ? stats->rej_routes++ : stats->imp_routes++; if (old) - stats->imp_routes--; + rte_is_rejected(old) ? stats->rej_routes-- : stats->imp_routes--; if (table->config->sorted) { @@ -900,27 +923,41 @@ rte_update2(struct announce_hook *ah, net *net, rte *new, struct proto *src) stats->imp_updates_invalid++; goto drop; } + if (filter == FILTER_REJECT) { stats->imp_updates_filtered++; rte_trace_in(D_FILTERS, p, new, "filtered out"); - goto drop; + + if (! ah->in_keep_rejected) + goto drop; + + /* new is a private copy, i could modify it */ + new->flags |= REF_REJECTED; } - if (src->make_tmp_attrs) - tmpa = src->make_tmp_attrs(new, rte_update_pool); - if (filter) + else { - ea_list *old_tmpa = tmpa; - int fr = f_run(filter, &new, &tmpa, rte_update_pool, 0); - if (fr > F_ACCEPT) + if (src->make_tmp_attrs) + tmpa = src->make_tmp_attrs(new, rte_update_pool); + if (filter && (filter != FILTER_REJECT)) { - stats->imp_updates_filtered++; - rte_trace_in(D_FILTERS, p, new, "filtered out"); - goto drop; + ea_list *old_tmpa = tmpa; + int fr = f_run(filter, &new, &tmpa, rte_update_pool, 0); + if (fr > F_ACCEPT) + { + stats->imp_updates_filtered++; + rte_trace_in(D_FILTERS, p, new, "filtered out"); + + if (! ah->in_keep_rejected) + goto drop; + + new->flags |= REF_REJECTED; + } + if (tmpa != old_tmpa && src->store_tmp_attrs) + src->store_tmp_attrs(new, tmpa); } - if (tmpa != old_tmpa && src->store_tmp_attrs) - src->store_tmp_attrs(new, tmpa); } + if (!(new->attrs->aflags & RTAF_CACHED)) /* Need to copy attributes */ new->attrs = rta_lookup(new->attrs); new->flags |= REF_COW; @@ -1553,9 +1590,11 @@ again: return 0; } + /* XXXX perhaps we should change feed for RA_ACCEPTED to not use 'new' */ + if ((p->accept_ra_types == RA_OPTIMAL) || (p->accept_ra_types == RA_ACCEPTED)) - if (e) + if (rte_is_valid(e)) { if (p->core_state != FS_FEEDING) return 1; /* In the meantime, the protocol fell down. */ @@ -1564,7 +1603,7 @@ again: } if (p->accept_ra_types == RA_ANY) - for(e = n->routes; e != NULL; e = e->next) + for(e = n->routes; rte_is_valid(e); e = e->next) { if (p->core_state != FS_FEEDING) return 1; /* In the meantime, the protocol fell down. */ @@ -1817,7 +1856,8 @@ rt_update_hostentry(rtable *tab, struct hostentry *he) net *n = net_route(tab, he->addr, MAX_PREFIX_LENGTH); if (n) { - rta *a = n->routes->attrs; + rte *e = n->routes; + rta *a = e->attrs; pxlen = n->n.pxlen; if (a->hostentry) @@ -1850,7 +1890,7 @@ rt_update_hostentry(rtable *tab, struct hostentry *he) } he->src = rta_clone(a); - he->igp_metric = rt_get_igp_metric(n->routes); + he->igp_metric = rt_get_igp_metric(e); } done: @@ -1980,14 +2020,19 @@ rt_show_net(struct cli *c, net *n, struct rt_show_data *d) int ok; bsprintf(ia, "%I/%d", n->n.prefix, n->n.pxlen); - if (n->routes) - d->net_counter++; + for(e=n->routes; e; e=e->next) { + if (rte_is_rejected(e) != d->rejected) + continue; + struct ea_list *tmpa; struct proto *p0 = e->attrs->proto; struct proto *p1 = d->export_protocol; struct proto *p2 = d->show_protocol; + + if (ia[0]) + d->net_counter++; d->rt_counter++; ee = e; rte_update_lock(); /* We use the update buffer for filtering */ diff --git a/proto/bgp/attrs.c b/proto/bgp/attrs.c index e5bc84dd..9f71544e 100644 --- a/proto/bgp/attrs.c +++ b/proto/bgp/attrs.c @@ -1346,7 +1346,7 @@ bgp_rte_recalculate(rtable *table, net *net, rte *new, rte *old, rte *old_best) /* The default case - find a new best-in-group route */ r = new; /* new may not be in the list */ - for (s=net->routes; s; s=s->next) + for (s=net->routes; rte_is_valid(s); s=s->next) if (use_deterministic_med(s) && same_group(s, lpref, lasn)) { s->u.bgp.suppressed = 1; diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index dbc59eea..2eb8ccb4 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -1188,7 +1188,7 @@ bgp_show_proto_info(struct proto *P) cli_msg(-1006, " Source address: %I", p->source_addr); if (P->cf->in_limit) cli_msg(-1006, " Route limit: %d/%d", - p->p.stats.imp_routes, P->cf->in_limit->limit); + p->p.stats.imp_routes + p->p.stats.rej_routes, P->cf->in_limit->limit); cli_msg(-1006, " Hold timer: %d/%d", tm_remains(c->hold_timer), c->hold_time); cli_msg(-1006, " Keepalive timer: %d/%d", diff --git a/sysdep/unix/krt.c b/sysdep/unix/krt.c index 2128e136..6c0e5e91 100644 --- a/sysdep/unix/krt.c +++ b/sysdep/unix/krt.c @@ -581,7 +581,7 @@ krt_flush_routes(struct krt_proto *p) { net *n = (net *) f; rte *e = n->routes; - if (e && (n->n.flags & KRF_INSTALLED)) + if (rte_is_valid(e) && (n->n.flags & KRF_INSTALLED)) { /* FIXME: this does not work if gw is changed in export filter */ krt_replace_rte(p, e->net, NULL, e, NULL); @@ -656,7 +656,7 @@ krt_got_route(struct krt_proto *p, rte *e) } old = net->routes; - if ((net->n.flags & KRF_INSTALLED) && old) + if ((net->n.flags & KRF_INSTALLED) && rte_is_valid(old)) { /* There may be changes in route attributes, we ignore that. Also, this does not work well if gw is changed in export filter */ -- cgit v1.2.3 From 15550957957f3c790f3bec3f6b8721559ea25969 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 15 Nov 2012 01:29:01 +0100 Subject: Changes 'rejected' to 'filtered' in one of the last patches. --- doc/bird.sgml | 12 ++++++------ nest/config.Y | 10 +++++----- nest/proto.c | 16 ++++++++-------- nest/protocol.h | 6 +++--- nest/route.h | 10 +++++----- nest/rt-table.c | 20 ++++++++++---------- proto/bgp/bgp.c | 2 +- 7 files changed, 38 insertions(+), 38 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index e5550590..7cea3921 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -459,12 +459,12 @@ to zero to disable it. An empty is equivalent to import keep rejected + import keep filtered Usually, if an import filter rejects a route, the route is - forgotten. When this option is active, rejected routes are + forgotten. When this option is active, these routes are kept in the routing table, but they are hidden and not propagated to other protocols. But it is possible to show them - using import limit @@ -476,7 +476,7 @@ to zero to disable it. An empty is equivalent to You can also select just routes added by a specific protocol. protocol . -

If BIRD is configured to keep rejected routes (see If BIRD is configured to keep filtered routes (see The out_filter = $2; } | IMPORT LIMIT limit_spec { this_proto->in_limit = $3; } | EXPORT LIMIT limit_spec { this_proto->out_limit = $3; } - | IMPORT KEEP REJECTED bool { this_proto->in_keep_rejected = $4; } + | IMPORT KEEP FILTERED bool { this_proto->in_keep_filtered = $4; } | TABLE rtable { this_proto->table = $2; } | ROUTER ID idval { this_proto->router_id = $3; } | DESCRIPTION TEXT { this_proto->dsc = $2; } @@ -406,7 +406,7 @@ CF_CLI(SHOW INTERFACES SUMMARY,,, [[Show summary of network interfaces]]) { if_show_summary(); } ; CF_CLI_HELP(SHOW ROUTE, ..., [[Show routing table]]) -CF_CLI(SHOW ROUTE, r_args, [[[|for |for ] [table ] [filter |where ] [all] [primary] [rejected] [(export|preexport)

] [protocol

] [stats|count]]], [[Show routing table]]) +CF_CLI(SHOW ROUTE, r_args, [[[|for |for ] [table ] [filter |where ] [all] [primary] [filtered] [(export|preexport)

] [protocol

] [stats|count]]], [[Show routing table]]) { rt_show($3); } ; r_args: @@ -452,9 +452,9 @@ r_args: $$ = $1; $$->primary_only = 1; } - | r_args REJECTED { + | r_args FILTERED { $$ = $1; - $$->rejected = 1; + $$->filtered = 1; } | r_args export_or_preexport SYM { struct proto_config *c = (struct proto_config *) $3->def; diff --git a/nest/proto.c b/nest/proto.c index 2fb0e796..e9afa2fe 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -414,7 +414,7 @@ proto_reconfigure(struct proto *p, struct proto_config *oc, struct proto_config p->main_ahook->out_filter = nc->out_filter; p->main_ahook->in_limit = nc->in_limit; p->main_ahook->out_limit = nc->out_limit; - p->main_ahook->in_keep_rejected = nc->in_keep_rejected; + p->main_ahook->in_keep_filtered = nc->in_keep_filtered; } /* Update routes when filters changed. If the protocol in not UP, @@ -720,7 +720,7 @@ proto_fell_down(struct proto *p) { DBG("Protocol %s down\n", p->name); - u32 all_routes = p->stats.imp_routes + p->stats.rej_routes; + u32 all_routes = p->stats.imp_routes + p->stats.filt_routes; if (all_routes != 0) log(L_ERR "Protocol %s is down but still has %d routes", p->name, all_routes); @@ -798,7 +798,7 @@ proto_schedule_feed(struct proto *p, int initial) p->main_ahook->out_filter = p->cf->out_filter; p->main_ahook->in_limit = p->cf->in_limit; p->main_ahook->out_limit = p->cf->out_limit; - p->main_ahook->in_keep_rejected = p->cf->in_keep_rejected; + p->main_ahook->in_keep_filtered = p->cf->in_keep_filtered; proto_reset_limit(p->main_ahook->in_limit); proto_reset_limit(p->main_ahook->out_limit); } @@ -1096,11 +1096,11 @@ proto_state_name(struct proto *p) } static void -proto_show_stats(struct proto_stats *s, int in_keep_rejected) +proto_show_stats(struct proto_stats *s, int in_keep_filtered) { - if (in_keep_rejected) - cli_msg(-1006, " Routes: %u imported, %u rejected, %u exported, %u preferred", - s->imp_routes, s->rej_routes, s->exp_routes, s->pref_routes); + if (in_keep_filtered) + cli_msg(-1006, " Routes: %u imported, %u filtered, %u exported, %u preferred", + s->imp_routes, s->filt_routes, s->exp_routes, s->pref_routes); else cli_msg(-1006, " Routes: %u imported, %u exported, %u preferred", s->imp_routes, s->exp_routes, s->pref_routes); @@ -1142,7 +1142,7 @@ proto_show_basic_info(struct proto *p) proto_show_limit(p->cf->out_limit, "Export limit:"); if (p->proto_state != PS_DOWN) - proto_show_stats(&p->stats, p->cf->in_keep_rejected); + proto_show_stats(&p->stats, p->cf->in_keep_filtered); } void diff --git a/nest/protocol.h b/nest/protocol.h index b10016d7..cf2ca0a4 100644 --- a/nest/protocol.h +++ b/nest/protocol.h @@ -91,7 +91,7 @@ struct proto_config { int class; /* SYM_PROTO or SYM_TEMPLATE */ u32 debug, mrtdump; /* Debugging bitfields, both use D_* constants */ unsigned preference, disabled; /* Generic parameters */ - int in_keep_rejected; /* Routes rejected in import filter are kept */ + int in_keep_filtered; /* Routes rejected in import filter are kept */ u32 router_id; /* Protocol specific router ID */ struct rtable_config *table; /* Table we're attached to */ struct filter *in_filter, *out_filter; /* Attached filters */ @@ -107,7 +107,7 @@ struct proto_config { struct proto_stats { /* Import - from protocol to core */ u32 imp_routes; /* Number of routes successfully imported to the (adjacent) routing table */ - u32 rej_routes; /* Number of routes rejected in import filter but kept in the routing table */ + u32 filt_routes; /* Number of routes rejected in import filter but kept in the routing table */ u32 pref_routes; /* Number of routes that are preferred, sum over all routing tables */ u32 imp_updates_received; /* Number of route updates received */ u32 imp_updates_invalid; /* Number of route updates rejected as invalid */ @@ -412,7 +412,7 @@ struct announce_hook { struct proto_limit *out_limit; /* Output limit */ struct proto_stats *stats; /* Per-table protocol statistics */ struct announce_hook *next; /* Next hook for the same protocol */ - int in_keep_rejected; /* Routes rejected in import filter are kept */ + int in_keep_filtered; /* Routes rejected in import filter are kept */ }; struct announce_hook *proto_add_announce_hook(struct proto *p, struct rtable *t, struct proto_stats *stats); diff --git a/nest/route.h b/nest/route.h index 3c10fc55..177baa38 100644 --- a/nest/route.h +++ b/nest/route.h @@ -221,13 +221,13 @@ typedef struct rte { } rte; #define REF_COW 1 /* Copy this rte on write */ -#define REF_REJECTED 2 /* Route is rejected by import filter */ +#define REF_FILTERED 2 /* Route is rejected by import filter */ /* Route is valid for propagation (may depend on other flags in the future), accepts NULL */ -static inline int rte_is_valid(rte *r) { return r && !(r->flags & REF_REJECTED); } +static inline int rte_is_valid(rte *r) { return r && !(r->flags & REF_FILTERED); } -/* Route just has REF_REJECTED flag */ -static inline int rte_is_rejected(rte *r) { return !!(r->flags & REF_REJECTED); } +/* Route just has REF_FILTERED flag */ +static inline int rte_is_filtered(rte *r) { return !!(r->flags & REF_FILTERED); } /* Types of route announcement, also used as flags */ @@ -271,7 +271,7 @@ struct rt_show_data { struct fib_iterator fit; struct proto *show_protocol; struct proto *export_protocol; - int export_mode, primary_only, rejected; + int export_mode, primary_only, filtered; struct config *running_on_config; int net_counter, rt_counter, show_counter; int stats, show_for; diff --git a/nest/rt-table.c b/nest/rt-table.c index 421a05ea..102218b2 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -667,7 +667,7 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str { /* No changes, ignore the new route */ - if (!rte_is_rejected(new)) + if (!rte_is_filtered(new)) { stats->imp_updates_ignored++; rte_trace_in(D_ROUTES, p, new, "ignored"); @@ -701,7 +701,7 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str struct proto_limit *l = ah->in_limit; if (l && !old && new) { - u32 all_routes = stats->imp_routes + stats->rej_routes; + u32 all_routes = stats->imp_routes + stats->filt_routes; if (all_routes >= l->limit) proto_notify_limit(ah, l, all_routes); @@ -715,15 +715,15 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str } } - if (new && !rte_is_rejected(new)) + if (new && !rte_is_filtered(new)) stats->imp_updates_accepted++; else stats->imp_withdraws_accepted++; if (new) - rte_is_rejected(new) ? stats->rej_routes++ : stats->imp_routes++; + rte_is_filtered(new) ? stats->filt_routes++ : stats->imp_routes++; if (old) - rte_is_rejected(old) ? stats->rej_routes-- : stats->imp_routes--; + rte_is_filtered(old) ? stats->filt_routes-- : stats->imp_routes--; if (table->config->sorted) { @@ -929,11 +929,11 @@ rte_update2(struct announce_hook *ah, net *net, rte *new, struct proto *src) stats->imp_updates_filtered++; rte_trace_in(D_FILTERS, p, new, "filtered out"); - if (! ah->in_keep_rejected) + if (! ah->in_keep_filtered) goto drop; /* new is a private copy, i could modify it */ - new->flags |= REF_REJECTED; + new->flags |= REF_FILTERED; } else { @@ -948,10 +948,10 @@ rte_update2(struct announce_hook *ah, net *net, rte *new, struct proto *src) stats->imp_updates_filtered++; rte_trace_in(D_FILTERS, p, new, "filtered out"); - if (! ah->in_keep_rejected) + if (! ah->in_keep_filtered) goto drop; - new->flags |= REF_REJECTED; + new->flags |= REF_FILTERED; } if (tmpa != old_tmpa && src->store_tmp_attrs) src->store_tmp_attrs(new, tmpa); @@ -2023,7 +2023,7 @@ rt_show_net(struct cli *c, net *n, struct rt_show_data *d) for(e=n->routes; e; e=e->next) { - if (rte_is_rejected(e) != d->rejected) + if (rte_is_filtered(e) != d->filtered) continue; struct ea_list *tmpa; diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index 2eb8ccb4..346c641b 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -1188,7 +1188,7 @@ bgp_show_proto_info(struct proto *P) cli_msg(-1006, " Source address: %I", p->source_addr); if (P->cf->in_limit) cli_msg(-1006, " Route limit: %d/%d", - p->p.stats.imp_routes + p->p.stats.rej_routes, P->cf->in_limit->limit); + p->p.stats.imp_routes + p->p.stats.filt_routes, P->cf->in_limit->limit); cli_msg(-1006, " Hold timer: %d/%d", tm_remains(c->hold_timer), c->hold_time); cli_msg(-1006, " Keepalive timer: %d/%d", -- cgit v1.2.3 From 70577529244d6d920b75d95e797156e05141db30 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Fri, 16 Nov 2012 13:29:16 +0100 Subject: Fixes route tracing w.r.t. kept filtered routes. --- nest/rt-table.c | 49 +++++++++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 22 deletions(-) (limited to 'nest') diff --git a/nest/rt-table.c b/nest/rt-table.c index 102218b2..2f0840f0 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -627,6 +627,8 @@ rte_same(rte *x, rte *y) (!x->attrs->proto->rte_same || x->attrs->proto->rte_same(x, y)); } +static inline int rte_is_ok(rte *e) { return e && !rte_is_filtered(e); } + static void rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, struct proto *src) { @@ -715,10 +717,15 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str } } - if (new && !rte_is_filtered(new)) + int new_ok = rte_is_ok(new); + int old_ok = rte_is_ok(old); + + if (new_ok) stats->imp_updates_accepted++; - else + else if (old_ok) stats->imp_withdraws_accepted++; + else + stats->imp_withdraws_ignored++; if (new) rte_is_filtered(new) ? stats->filt_routes++ : stats->imp_routes++; @@ -808,17 +815,19 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str new->lastmod = now; /* Log the route change */ - if (new) - rte_trace_in(D_ROUTES, p, new, net->routes == new ? "added [best]" : "added"); - - if (!new && (p->debug & D_ROUTES)) + if (p->debug & D_ROUTES) { - if (old != old_best) - rte_trace_in(D_ROUTES, p, old, "removed"); - else if (net->routes) - rte_trace_in(D_ROUTES, p, old, "removed [replaced]"); - else - rte_trace_in(D_ROUTES, p, old, "removed [sole]"); + if (new_ok) + rte_trace(p, new, '>', new == net->routes ? "added [best]" : "added"); + else if (old_ok) + { + if (old != old_best) + rte_trace(p, old, '>', "removed"); + else if (rte_is_ok(net->routes)) + rte_trace(p, old, '>', "removed [replaced]"); + else + rte_trace(p, old, '>', "removed [sole]"); + } } /* Propagate the route change */ @@ -833,17 +842,13 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str (table->gc_time + table->config->gc_min_time <= now)) rt_schedule_gc(table); + if (old_ok && p->rte_remove) + p->rte_remove(net, old); + if (new_ok && p->rte_insert) + p->rte_insert(net, new); + if (old) - { - if (p->rte_remove) - p->rte_remove(net, old); - rte_free_quick(old); - } - if (new) - { - if (p->rte_insert) - p->rte_insert(net, new); - } + rte_free_quick(old); } static int rte_update_nest_cnt; /* Nesting counter to allow recursive updates */ -- cgit v1.2.3 From a92cf57dd6ba021a495fe7268c86dc8e6aeecbb2 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Wed, 26 Dec 2012 12:40:48 +0100 Subject: Implements undo command and optional timeout for configuration Several new configure command variants: configure undo - undo last reconfiguration configure timeout - configure with scheduled undo if not confirmed in timeout configure confirm - confirm last configuration configure check - just parse and validate config file --- conf/conf.c | 253 ++++++++++++++++++++++++++++++++++++++------------- conf/conf.h | 29 +++--- conf/gen_commands.m4 | 3 + conf/gen_parser.m4 | 1 + doc/bird.sgml | 37 +++++++- doc/reply_codes | 6 ++ nest/cli.c | 20 +++- nest/cli.h | 2 + nest/cmds.c | 6 +- nest/proto.c | 4 +- sysdep/unix/config.Y | 33 +++++-- sysdep/unix/io.c | 5 +- sysdep/unix/krt.c | 2 +- sysdep/unix/main.c | 113 ++++++++++++++++++----- sysdep/unix/timer.h | 1 + sysdep/unix/unix.h | 7 +- 16 files changed, 407 insertions(+), 115 deletions(-) (limited to 'nest') diff --git a/conf/conf.c b/conf/conf.c index 9375861f..6dfa3691 100644 --- a/conf/conf.c +++ b/conf/conf.c @@ -21,9 +21,12 @@ * There can exist up to four different configurations at one time: an active * one (pointed to by @config), configuration we are just switching from * (@old_config), one queued for the next reconfiguration (@future_config; - * if it's non-%NULL and the user wants to reconfigure once again, we just + * if there is one and the user wants to reconfigure once again, we just * free the previous queued config and replace it with the new one) and - * finally a config being parsed (@new_config). + * finally a config being parsed (@new_config). The stored @old_config + * is also used for undo reconfiguration, which works in a similar way. + * Reconfiguration could also have timeout (using @config_timer) and undo + * is automatically called if the new configuration is not confirmed later. * * Loading of new configuration is very simple: just call config_alloc() * to get a new &config structure, then use config_parse() to parse a @@ -55,10 +58,23 @@ static jmp_buf conf_jmpbuf; -struct config *config, *new_config, *old_config, *future_config; -static event *config_event; -int shutting_down, future_type; -bird_clock_t boot_time; +struct config *config, *new_config; + +static struct config *old_config; /* Old configuration */ +static struct config *future_config; /* New config held here if recon requested during recon */ +static int old_cftype; /* Type of transition old_config -> config (RECONFIG_SOFT/HARD) */ +static int future_cftype; /* Type of scheduled transition, may also be RECONFIG_UNDO */ +/* Note that when future_cftype is RECONFIG_UNDO, then future_config is NULL, + therefore proper check for future scheduled config checks future_cftype */ + +static event *config_event; /* Event for finalizing reconfiguration */ +static timer *config_timer; /* Timer for scheduled configuration rollback */ + +/* These are public just for cmd_show_status(), should not be accessed elsewhere */ +int shutting_down; /* Shutdown requested, do not accept new config changes */ +int configuring; /* Reconfiguration is running */ +int undo_available; /* Undo was not requested from last reconfiguration */ +/* Note that both shutting_down and undo_available are related to requests, not processing */ /** * config_alloc - allocate a new configuration @@ -82,8 +98,6 @@ config_alloc(byte *name) c->load_time = now; c->tf_base.fmt1 = c->tf_log.fmt1 = "%d-%m-%Y %T"; - if (!boot_time) - boot_time = now; return c; } @@ -154,7 +168,8 @@ cli_parse(struct config *c) void config_free(struct config *c) { - rfree(c->pool); + if (c) + rfree(c->pool); } void @@ -170,10 +185,7 @@ config_del_obstacle(struct config *c) DBG("+++ deleting obstacle %d\n", c->obstacle_count); c->obstacle_count--; if (!c->obstacle_count) - { - ASSERT(config_event); - ev_schedule(config_event); - } + ev_schedule(config_event); } static int @@ -197,16 +209,31 @@ global_commit(struct config *new, struct config *old) static int config_do_commit(struct config *c, int type) { - int force_restart, nobs; + if (type == RECONFIG_UNDO) + { + c = old_config; + type = old_cftype; + } + else + config_free(old_config); - DBG("do_commit\n"); old_config = config; - config = new_config = c; + old_cftype = type; + config = c; + + configuring = 1; + if (old_config && !config->shutdown) + log(L_INFO "Reconfiguring"); + + /* This should not be necessary, but it seems there are some + functions that access new_config instead of config */ + new_config = config; + if (old_config) old_config->obstacle_count++; DBG("sysdep_commit\n"); - force_restart = sysdep_commit(c, old_config); + int force_restart = sysdep_commit(c, old_config); DBG("global_commit\n"); force_restart |= global_commit(c, old_config); DBG("rt_commit\n"); @@ -214,38 +241,38 @@ config_do_commit(struct config *c, int type) roa_commit(c, old_config); DBG("protos_commit\n"); protos_commit(c, old_config, force_restart, type); - new_config = NULL; /* Just to be sure nobody uses that now */ + + /* Just to be sure nobody uses that now */ + new_config = NULL; + + int obs = 0; if (old_config) - nobs = --old_config->obstacle_count; - else - nobs = 0; - DBG("do_commit finished with %d obstacles remaining\n", nobs); - return !nobs; + obs = --old_config->obstacle_count; + + DBG("do_commit finished with %d obstacles remaining\n", obs); + return !obs; } static void config_done(void *unused UNUSED) { - struct config *c; + if (config->shutdown) + sysdep_shutdown_done(); + + configuring = 0; + if (old_config) + log(L_INFO "Reconfigured"); - DBG("config_done\n"); - for(;;) + if (future_cftype) { - if (config->shutdown) - sysdep_shutdown_done(); - log(L_INFO "Reconfigured"); - if (old_config) - { - config_free(old_config); - old_config = NULL; - } - if (!future_config) - break; - c = future_config; + int type = future_cftype; + struct config *conf = future_config; + future_cftype = RECONFIG_NONE; future_config = NULL; + log(L_INFO "Reconfiguring to queued configuration"); - if (!config_do_commit(c, future_type)) - break; + if (config_do_commit(conf, type)) + config_done(NULL); } } @@ -253,6 +280,7 @@ config_done(void *unused UNUSED) * config_commit - commit a configuration * @c: new configuration * @type: type of reconfiguration (RECONFIG_SOFT or RECONFIG_HARD) + * @timeout: timeout for undo (or 0 for no timeout) * * When a configuration is parsed and prepared for use, the * config_commit() function starts the process of reconfiguration. @@ -265,6 +293,10 @@ config_done(void *unused UNUSED) * using config_del_obstacle(), the old configuration is freed and * everything runs according to the new one. * + * When @timeout is nonzero, the undo timer is activated with given + * timeout. The timer is deactivated when config_commit(), + * config_confirm() or config_undo() is called. + * * Result: %CONF_DONE if the configuration has been accepted immediately, * %CONF_PROGRESS if it will take some time to switch to it, %CONF_QUEUED * if it's been queued due to another reconfiguration being in progress now @@ -272,49 +304,147 @@ config_done(void *unused UNUSED) * are accepted. */ int -config_commit(struct config *c, int type) +config_commit(struct config *c, int type, int timeout) { - if (!config) /* First-time configuration */ + if (shutting_down) { - config_do_commit(c, RECONFIG_HARD); - return CONF_DONE; + config_free(c); + return CONF_SHUTDOWN; } - if (old_config) /* Reconfiguration already in progress */ + + undo_available = 1; + if (timeout > 0) + tm_start(config_timer, timeout); + else + tm_stop(config_timer); + + if (configuring) { - if (shutting_down == 2) - { - log(L_INFO "New configuration discarded due to shutdown"); - config_free(c); - return CONF_SHUTDOWN; - } - if (future_config) + if (future_cftype) { log(L_INFO "Queueing new configuration, ignoring the one already queued"); config_free(future_config); } else - log(L_INFO "Queued new configuration"); + log(L_INFO "Queueing new configuration"); + + future_cftype = type; future_config = c; - future_type = type; return CONF_QUEUED; } - if (!shutting_down) - log(L_INFO "Reconfiguring"); - if (config_do_commit(c, type)) { config_done(NULL); return CONF_DONE; } - if (!config_event) + return CONF_PROGRESS; +} + +/** + * config_confirm - confirm a commited configuration + * + * When the undo timer is activated by config_commit() with nonzero timeout, + * this function can be used to deactivate it and therefore confirm + * the current configuration. + * + * Result: %CONF_CONFIRM when the current configuration is confirmed, + * %CONF_NONE when there is nothing to confirm (i.e. undo timer is not active). + */ +int +config_confirm(void) +{ + if (config_timer->expires == 0) + return CONF_NOTHING; + + tm_stop(config_timer); + + return CONF_CONFIRM; +} + +/** + * config_undo - undo a configuration + * + * Function config_undo() can be used to change the current + * configuration back to stored %old_config. If no reconfiguration is + * running, this stored configuration is commited in the same way as a + * new configuration in config_commit(). If there is already a + * reconfiguration in progress and no next reconfiguration is + * scheduled, then the undo is scheduled for later processing as + * usual, but if another reconfiguration is already scheduled, then + * such reconfiguration is removed instead (i.e. undo is applied on + * the last commit that scheduled it). + * + * Result: %CONF_DONE if the configuration has been accepted immediately, + * %CONF_PROGRESS if it will take some time to switch to it, %CONF_QUEUED + * if it's been queued due to another reconfiguration being in progress now, + * %CONF_UNQUEUED if a scheduled reconfiguration is removed, %CONF_NOTHING + * if there is no relevant configuration to undo (the previous config request + * was config_undo() too) or %CONF_SHUTDOWN if BIRD is in shutdown mode and + * no new configuration changes are accepted. + */ +int +config_undo(void) +{ + if (shutting_down) + return CONF_SHUTDOWN; + + if (!undo_available || !old_config) + return CONF_NOTHING; + + undo_available = 0; + tm_stop(config_timer); + + if (configuring) { - config_event = ev_new(&root_pool); - config_event->hook = config_done; + if (future_cftype) + { + config_free(future_config); + future_config = NULL; + + log(L_INFO "Removing queued configuration"); + future_cftype = RECONFIG_NONE; + return CONF_UNQUEUED; + } + else + { + log(L_INFO "Queueing undo configuration"); + future_cftype = RECONFIG_UNDO; + return CONF_QUEUED; + } + } + + if (config_do_commit(NULL, RECONFIG_UNDO)) + { + config_done(NULL); + return CONF_DONE; } return CONF_PROGRESS; } +extern void cmd_reconfig_undo_notify(void); + +static void +config_timeout(struct timer *t) +{ + log(L_INFO "Config timeout expired, starting undo"); + cmd_reconfig_undo_notify(); + + int r = config_undo(); + if (r < 0) + log(L_ERR "Undo request failed"); +} + +void +config_init(void) +{ + config_event = ev_new(&root_pool); + config_event->hook = config_done; + + config_timer = tm_new(&root_pool); + config_timer->hook = config_timeout; +} + /** * order_shutdown - order BIRD shutdown * @@ -328,15 +458,16 @@ order_shutdown(void) if (shutting_down) return; + log(L_INFO "Shutting down"); c = lp_alloc(config->mem, sizeof(struct config)); memcpy(c, config, sizeof(struct config)); init_list(&c->protos); init_list(&c->tables); c->shutdown = 1; + + config_commit(c, RECONFIG_HARD, 0); shutting_down = 1; - config_commit(c, RECONFIG_HARD); - shutting_down = 2; } /** diff --git a/conf/conf.h b/conf/conf.h index c76832b6..19300f54 100644 --- a/conf/conf.h +++ b/conf/conf.h @@ -54,28 +54,33 @@ struct config { /* Please don't use these variables in protocols. Use proto_config->global instead. */ extern struct config *config; /* Currently active configuration */ extern struct config *new_config; /* Configuration being parsed */ -extern struct config *old_config; /* Old configuration when reconfiguration is in progress */ -extern struct config *future_config; /* New config held here if recon requested during recon */ - -extern int shutting_down; -extern bird_clock_t boot_time; struct config *config_alloc(byte *name); int config_parse(struct config *); int cli_parse(struct config *); void config_free(struct config *); -int config_commit(struct config *, int type); -#define RECONFIG_HARD 0 -#define RECONFIG_SOFT 1 +int config_commit(struct config *, int type, int timeout); +int config_confirm(void); +int config_undo(void); +void config_init(void); void cf_error(char *msg, ...) NORET; void config_add_obstacle(struct config *); void config_del_obstacle(struct config *); void order_shutdown(void); -#define CONF_DONE 0 -#define CONF_PROGRESS 1 -#define CONF_QUEUED 2 -#define CONF_SHUTDOWN 3 +#define RECONFIG_NONE 0 +#define RECONFIG_HARD 1 +#define RECONFIG_SOFT 2 +#define RECONFIG_UNDO 3 + +#define CONF_DONE 0 +#define CONF_PROGRESS 1 +#define CONF_QUEUED 2 +#define CONF_UNQUEUED 3 +#define CONF_CONFIRM 4 +#define CONF_SHUTDOWN -1 +#define CONF_NOTHING -2 + /* Pools */ diff --git a/conf/gen_commands.m4 b/conf/gen_commands.m4 index a88ba014..3ed21f13 100644 --- a/conf/gen_commands.m4 +++ b/conf/gen_commands.m4 @@ -10,6 +10,9 @@ m4_divert(-1)m4_dnl m4_define(CF_CLI, `m4_divert(0){ "m4_translit($1,A-Z,a-z)", "$3", "$4", 1 }, m4_divert(-1)') +m4_define(CF_CLI_CMD, `m4_divert(0){ "m4_translit($1,A-Z,a-z)", "$2", "$3", 1 }, +m4_divert(-1)') + m4_define(CF_CLI_HELP, `m4_divert(0){ "m4_translit($1,A-Z,a-z)", "$2", "$3", 0 }, m4_divert(-1)') diff --git a/conf/gen_parser.m4 b/conf/gen_parser.m4 index 74385f32..00b55023 100644 --- a/conf/gen_parser.m4 +++ b/conf/gen_parser.m4 @@ -44,6 +44,7 @@ m4_define(CF_CLI, `m4_define([[CF_cmd]], cmd_[[]]m4_translit($1, [[ ]], _))DNL m4_divert(2)CF_KEYWORDS(m4_translit($1, [[ ]], [[,]])) m4_divert(3)CF_ADDTO(cli_cmd, CF_cmd) CF_cmd: $1 $2 END') +m4_define(CF_CLI_CMD, `') m4_define(CF_CLI_HELP, `') # ENUM declarations are ignored diff --git a/doc/bird.sgml b/doc/bird.sgml index d351cedc..615ced98 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -702,19 +702,48 @@ This argument can be omitted if there exists only a single instance. flush roa [table ] Remove all dynamic ROA entries from a ROA table. - configure [soft] [" + configure [soft] [" Reload configuration from a given file. BIRD will smoothly switch itself to the new configuration, protocols are reconfigured if possible, restarted otherwise. Changes in - filters usually lead to restart of affected protocols. If - configure confirm + Deactivate the config undo timer and therefore confirm the current + configuration. + + configure undo + Undo the last configuration change and smoothly switch back to + the previous (stored) configuration. If the last configuration + change was soft, the undo change is also soft. There is only + one level of undo, but in some specific cases when several + reconfiguration requests are given immediately in a row and + the intermediate ones are skipped then the undo also skips them back. + + configure check [" + Read and parse given config file, but do not use it. useful + for checking syntactic and some semantic validity of an config + file. + enable|disable|restart - Enable, disable or restart a given protocol instance, instances matching the or or + reload [in|out] diff --git a/doc/reply_codes b/doc/reply_codes index 7ec2e27d..58807241 100644 --- a/doc/reply_codes +++ b/doc/reply_codes @@ -25,6 +25,12 @@ Reply codes of BIRD command-line interface 0014 Route count 0015 Reloading 0016 Access restricted +0017 Reconfiguration already in progress, removing queued config +0018 Reconfiguration confirmed +0019 Nothing to do (configure undo/confirm) +0020 Configuration OK +0021 Undo requested +0022 Undo scheduled 1000 BIRD version 1001 Interface list diff --git a/nest/cli.c b/nest/cli.c index d245790b..11f98794 100644 --- a/nest/cli.c +++ b/nest/cli.c @@ -122,6 +122,7 @@ cli_printf(cli *c, int code, char *msg, ...) va_list args; byte buf[CLI_LINE_SIZE]; int cd = code; + int errcode; int size, cnt; if (cd < 0) @@ -131,16 +132,26 @@ cli_printf(cli *c, int code, char *msg, ...) size = bsprintf(buf, " "); else size = bsprintf(buf, "%04d-", cd); + errcode = -8000; + } + else if (cd == CLI_ASYNC_CODE) + { + size = 1; buf[0] = '+'; + errcode = cd; } else - size = bsprintf(buf, "%04d ", cd); + { + size = bsprintf(buf, "%04d ", cd); + errcode = 8000; + } + c->last_reply = cd; va_start(args, msg); cnt = bvsnprintf(buf+size, sizeof(buf)-size-1, msg, args); va_end(args); if (cnt < 0) { - cli_printf(c, code < 0 ? -8000 : 8000, ""); + cli_printf(c, errcode, ""); return; } size += cnt; @@ -385,12 +396,17 @@ cli_echo(unsigned int class, byte *msg) } } +/* Hack for scheduled undo notification */ +extern cli *cmd_reconfig_stored_cli; + void cli_free(cli *c) { cli_set_log_echo(c, 0, 0); if (c->cleanup) c->cleanup(c); + if (c == cmd_reconfig_stored_cli) + cmd_reconfig_stored_cli = NULL; rfree(c->pool); } diff --git a/nest/cli.h b/nest/cli.h index ea64680a..396656e8 100644 --- a/nest/cli.h +++ b/nest/cli.h @@ -49,6 +49,8 @@ typedef struct cli { extern pool *cli_pool; extern struct cli *this_cli; /* Used during parsing */ +#define CLI_ASYNC_CODE 10000 + /* Functions to be called by command handlers */ void cli_printf(cli *, int, char *, ...); diff --git a/nest/cmds.c b/nest/cmds.c index 2a803930..54ace169 100644 --- a/nest/cmds.c +++ b/nest/cmds.c @@ -14,6 +14,9 @@ #include "lib/string.h" #include "lib/resource.h" +extern int shutting_down; +extern int configuring; + void cmd_show_status(void) { @@ -27,9 +30,10 @@ cmd_show_status(void) cli_msg(-1011, "Last reboot on %s", tim); tm_format_datetime(tim, &config->tf_base, config->load_time); cli_msg(-1011, "Last reconfiguration on %s", tim); + if (shutting_down) cli_msg(13, "Shutdown in progress"); - else if (old_config) + else if (configuring) cli_msg(13, "Reconfiguration in progress"); else cli_msg(13, "Daemon is up and running"); diff --git a/nest/proto.c b/nest/proto.c index e9afa2fe..1334884e 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -516,7 +516,7 @@ protos_commit(struct config *new, struct config *old, int force_reconfig, int ty p->down_code = nc->disabled ? PDC_CF_DISABLE : PDC_CF_RESTART; p->cf_new = nc; } - else if (!shutting_down) + else if (!new->shutdown) { log(L_INFO "Removing protocol %s", p->name); p->down_code = PDC_CF_REMOVE; @@ -537,7 +537,7 @@ protos_commit(struct config *new, struct config *old, int force_reconfig, int ty WALK_LIST(nc, new->protos) if (!nc->proto) { - if (old_config) /* Not a first-time configuration */ + if (old) /* Not a first-time configuration */ log(L_INFO "Adding protocol %s", nc->name); proto_init(nc); } diff --git a/sysdep/unix/config.Y b/sysdep/unix/config.Y index 844f53df..7bade918 100644 --- a/sysdep/unix/config.Y +++ b/sysdep/unix/config.Y @@ -14,9 +14,9 @@ CF_HDR CF_DECLS CF_KEYWORDS(LOG, SYSLOG, ALL, DEBUG, TRACE, INFO, REMOTE, WARNING, ERROR, AUTH, FATAL, BUG, STDERR, SOFT) -CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, BASE, NAME) +CF_KEYWORDS(TIMEFORMAT, ISO, SHORT, LONG, BASE, NAME, CONFIRM, UNDO, CHECK, TIMEOUT) -%type log_mask log_mask_list log_cat +%type log_mask log_mask_list log_cat cfg_timeout %type log_file %type cfg_name %type timeformat_which @@ -104,13 +104,26 @@ timeformat_base: /* Unix specific commands */ -CF_CLI_HELP(CONFIGURE, [soft] [\"\"], [[Reload configuration]]) +CF_CLI_HELP(CONFIGURE, ..., [[Reload configuration]]) -CF_CLI(CONFIGURE, cfg_name, [\"\"], [[Reload configuration]]) -{ cmd_reconfig($2, RECONFIG_HARD); } ; +CF_CLI(CONFIGURE, cfg_name cfg_timeout, [\"\"] [timeout []], [[Reload configuration]]) +{ cmd_reconfig($2, RECONFIG_HARD, $3); } ; -CF_CLI(CONFIGURE SOFT, cfg_name, [\"\"], [[Reload configuration and ignore changes in filters]]) -{ cmd_reconfig($3, RECONFIG_SOFT); } ; +CF_CLI(CONFIGURE SOFT, cfg_name cfg_timeout, [\"\"] [timeout []], [[Reload configuration and ignore changes in filters]]) +{ cmd_reconfig($3, RECONFIG_SOFT, $4); } ; + +/* Hack to get input completion for 'timeout' */ +CF_CLI_CMD(CONFIGURE TIMEOUT, [], [[Reload configuration with undo timeout]]) +CF_CLI_CMD(CONFIGURE SOFT TIMEOUT, [], [[Reload configuration with undo timeout]]) + +CF_CLI(CONFIGURE CONFIRM,,, [[Confirm last configuration change - deactivate undo timeout]]) +{ cmd_reconfig_confirm(); } ; + +CF_CLI(CONFIGURE UNDO,,, [[Undo last configuration change]]) +{ cmd_reconfig_undo(); } ; + +CF_CLI(CONFIGURE CHECK, cfg_name, [\"\"], [[Parse configuration and check its validity]]) +{ cmd_check_config($3); } ; CF_CLI(DOWN,,, [[Shut the daemon down]]) { cmd_shutdown(); } ; @@ -120,6 +133,12 @@ cfg_name: | TEXT ; +cfg_timeout: + /* empty */ { $$ = 0; } + | TIMEOUT { $$ = UNIX_DEFAULT_CONFIGURE_TIMEOUT; } + | TIMEOUT expr { $$ = $2; } + ; + CF_CODE CF_END diff --git a/sysdep/unix/io.c b/sysdep/unix/io.c index f91b5278..80914afe 100644 --- a/sysdep/unix/io.c +++ b/sysdep/unix/io.c @@ -121,7 +121,7 @@ static list near_timers, far_timers; static bird_clock_t first_far_timer = TIME_INFINITY; /* now must be different from 0, because 0 is a special value in timer->expires */ -bird_clock_t now = 1, now_real; +bird_clock_t now = 1, now_real, boot_time; static void update_times_plain(void) @@ -1530,6 +1530,7 @@ io_init(void) krt_io_init(); init_times(); update_times(); + boot_time = now; srandom((int) now_real); } @@ -1557,7 +1558,7 @@ io_loop(void) tm_shot(); continue; } - timo.tv_sec = events ? 0 : tout - now; + timo.tv_sec = events ? 0 : MIN(tout - now, 3); timo.tv_usec = 0; if (sock_recalc_fdsets_p) diff --git a/sysdep/unix/krt.c b/sysdep/unix/krt.c index 6c0e5e91..3761ace6 100644 --- a/sysdep/unix/krt.c +++ b/sysdep/unix/krt.c @@ -900,7 +900,7 @@ krt_notify(struct proto *P, struct rtable *table UNUSED, net *net, { struct krt_proto *p = (struct krt_proto *) P; - if (shutting_down) + if (config->shutdown) return; if (!(net->n.flags & KRF_INSTALLED)) old = NULL; diff --git a/sysdep/unix/main.c b/sysdep/unix/main.c index f0344a8f..23040e54 100644 --- a/sysdep/unix/main.c +++ b/sysdep/unix/main.c @@ -210,7 +210,7 @@ read_config(void) else die("Unable to open configuration file %s: %m", config_name); } - config_commit(conf, RECONFIG_HARD); + config_commit(conf, RECONFIG_HARD, 0); } void @@ -228,19 +228,17 @@ async_config(void) config_free(conf); } else - config_commit(conf, RECONFIG_HARD); + config_commit(conf, RECONFIG_HARD, 0); } -void -cmd_reconfig(char *name, int type) +static struct config * +cmd_read_config(char *name) { struct config *conf; - if (cli_access_restricted()) - return; - if (!name) name = config_name; + cli_msg(-2, "Reading configuration from %s", name); if (!unix_read_config(&conf, name)) { @@ -249,24 +247,94 @@ cmd_reconfig(char *name, int type) else cli_msg(8002, "%s: %m", name); config_free(conf); + conf = NULL; } - else + + return conf; +} + +void +cmd_check_config(char *name) +{ + struct config *conf = cmd_read_config(name); + if (!conf) + return; + + cli_msg(20, "Configuration OK"); + config_free(conf); +} + +static void +cmd_reconfig_msg(int r) +{ + switch (r) { - switch (config_commit(conf, type)) - { - case CONF_DONE: - cli_msg(3, "Reconfigured."); - break; - case CONF_PROGRESS: - cli_msg(4, "Reconfiguration in progress."); - break; - case CONF_SHUTDOWN: - cli_msg(6, "Reconfiguration ignored, shutting down."); - break; - default: - cli_msg(5, "Reconfiguration already in progress, queueing new config"); - } + case CONF_DONE: cli_msg( 3, "Reconfigured"); break; + case CONF_PROGRESS: cli_msg( 4, "Reconfiguration in progress"); break; + case CONF_QUEUED: cli_msg( 5, "Reconfiguration already in progress, queueing new config"); break; + case CONF_UNQUEUED: cli_msg(17, "Reconfiguration already in progress, removing queued config"); break; + case CONF_CONFIRM: cli_msg(18, "Reconfiguration confirmed"); break; + case CONF_SHUTDOWN: cli_msg( 6, "Reconfiguration ignored, shutting down"); break; + case CONF_NOTHING: cli_msg(19, "Nothing to do"); break; + default: break; + } +} + +/* Hack for scheduled undo notification */ +cli *cmd_reconfig_stored_cli; + +void +cmd_reconfig_undo_notify(void) +{ + if (cmd_reconfig_stored_cli) + { + cli *c = cmd_reconfig_stored_cli; + cli_printf(c, CLI_ASYNC_CODE, "Config timeout expired, starting undo"); + cli_write_trigger(c); + } +} + +void +cmd_reconfig(char *name, int type, int timeout) +{ + if (cli_access_restricted()) + return; + + struct config *conf = cmd_read_config(name); + if (!conf) + return; + + int r = config_commit(conf, type, timeout); + + if ((r >= 0) && (timeout > 0)) + { + cmd_reconfig_stored_cli = this_cli; + cli_msg(-22, "Undo scheduled in %d s", timeout); } + + cmd_reconfig_msg(r); +} + +void +cmd_reconfig_confirm(void) +{ + if (cli_access_restricted()) + return; + + int r = config_confirm(); + cmd_reconfig_msg(r); +} + +void +cmd_reconfig_undo(void) +{ + if (cli_access_restricted()) + return; + + cli_msg(-21, "Undo requested"); + + int r = config_undo(); + cmd_reconfig_msg(r); } /* @@ -623,6 +691,7 @@ main(int argc, char **argv) rt_init(); if_init(); roa_init(); + config_init(); uid_t use_uid = get_uid(use_user); gid_t use_gid = get_gid(use_group); diff --git a/sysdep/unix/timer.h b/sysdep/unix/timer.h index a788ae27..17450322 100644 --- a/sysdep/unix/timer.h +++ b/sysdep/unix/timer.h @@ -32,6 +32,7 @@ void tm_dump_all(void); extern bird_clock_t now; /* Relative, monotonic time in seconds */ extern bird_clock_t now_real; /* Time in seconds since fixed known epoch */ +extern bird_clock_t boot_time; static inline bird_clock_t tm_remains(timer *t) diff --git a/sysdep/unix/unix.h b/sysdep/unix/unix.h index 3e85c85c..1fc26db2 100644 --- a/sysdep/unix/unix.h +++ b/sysdep/unix/unix.h @@ -19,9 +19,14 @@ extern char *bird_name; void async_config(void); void async_dump(void); void async_shutdown(void); -void cmd_reconfig(char *name, int type); +void cmd_check_config(char *name); +void cmd_reconfig(char *name, int type, int timeout); +void cmd_reconfig_confirm(void); +void cmd_reconfig_undo(void); void cmd_shutdown(void); +#define UNIX_DEFAULT_CONFIGURE_TIMEOUT 300 + /* io.c */ volatile int async_config_flag; -- cgit v1.2.3 From 79b4e12e6032faf6bb1f3feac385bd36ee53019e Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 27 Dec 2012 12:56:23 +0100 Subject: Implements interface masks for choosing router id. Router ID could be automatically determined based of subset of ifaces/addresses specified by 'router id from' option. The patch also does some minor changes related to router ID reconfiguration. Thanks to Alexander V. Chernikov for most of the work. --- conf/conf.c | 16 +++++++++++--- conf/conf.h | 1 + doc/bird.sgml | 13 ++++++++++- nest/config.Y | 17 +++++++++++--- nest/iface.c | 66 +++++++++++++++++++++++++++++++++++++++---------------- nest/iface.h | 4 ++++ nest/proto.c | 14 +++++++++--- proto/bgp/bgp.c | 3 +++ proto/ospf/ospf.c | 3 +++ 9 files changed, 108 insertions(+), 29 deletions(-) (limited to 'nest') diff --git a/conf/conf.c b/conf/conf.c index 6dfa3691..14225d3b 100644 --- a/conf/conf.c +++ b/conf/conf.c @@ -200,9 +200,19 @@ global_commit(struct config *new, struct config *old) log(L_WARN "Reconfiguration of BGP listening socket not implemented, please restart BIRD."); if (!new->router_id) - new->router_id = old->router_id; - if (new->router_id != old->router_id) - return 1; + { + new->router_id = old->router_id; + + if (new->router_id_from) + { + u32 id = if_choose_router_id(new->router_id_from, old->router_id); + if (!id) + log(L_WARN "Cannot determine router ID, using old one"); + else + new->router_id = id; + } + } + return 0; } diff --git a/conf/conf.h b/conf/conf.h index 19300f54..683374e0 100644 --- a/conf/conf.h +++ b/conf/conf.h @@ -26,6 +26,7 @@ struct config { int mrtdump_file; /* Configured MRTDump file (sysdep, fd in unix) */ char *syslog_name; /* Name used for syslog (NULL -> no syslog) */ struct rtable_config *master_rtc; /* Configuration of master routing table */ + struct iface_patt *router_id_from; /* Configured list of router ID iface patterns */ u32 router_id; /* Our Router ID */ ip_addr listen_bgp_addr; /* Listening BGP socket should use this address */ diff --git a/doc/bird.sgml b/doc/bird.sgml index 615ced98..4e04a138 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -337,7 +337,18 @@ protocol rip { Besides, there are some predefined numeric constants based on /etc/iproute2/rt_* files. A list of defined constants can be seen (together with other symbols) using 'show symbols' command. - router id Set BIRD's router ID. It's a world-wide unique identification of your router, usually one of router's IPv4 addresses. Default: in IPv4 version, the lowest IP address of a non-loopback interface. In IPv6 version, this option is mandatory. + router id + Set BIRD's router ID. It's a world-wide unique identification + of your router, usually one of router's IPv4 addresses. + Default: in IPv4 version, the lowest IP address of a + non-loopback interface. In IPv6 version, this option is + mandatory. + + router id from [-] [ " + Set BIRD's router ID based on an IP address of an interface + specified by an interface pattern. The option is applicable + for IPv4 version only. See + section for detailed description of interface patterns. listen bgp [address This option allows to specify address and port where BGP diff --git a/nest/config.Y b/nest/config.Y index cb6a85c2..dbd72055 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -75,9 +75,9 @@ CF_GRAMMAR CF_ADDTO(conf, rtrid) -rtrid: ROUTER ID idval ';' { - new_config->router_id = $3; - } +rtrid: + ROUTER ID idval ';' { new_config->router_id = $3; } + | ROUTER ID FROM iface_patt ';' { new_config->router_id_from = this_ipatt; } ; idval: @@ -264,6 +264,17 @@ iface_patt_list: | iface_patt_list ',' iface_patt_node ; +iface_patt_init: { + /* Generic this_ipatt init */ + this_ipatt = cfg_allocz(sizeof(struct iface_patt)); + init_list(&this_ipatt->ipn_list); + } + ; + +iface_patt: + iface_patt_init iface_patt_list + ; + /* Direct device route protocol */ diff --git a/nest/iface.c b/nest/iface.c index eea3d3b1..da79b21f 100644 --- a/nest/iface.c +++ b/nest/iface.c @@ -35,8 +35,6 @@ static pool *if_pool; -static void auto_router_id(void); - list iface_list; /** @@ -354,9 +352,6 @@ if_end_update(void) struct iface *i; struct ifa *a, *b; - if (!config->router_id) - auto_router_id(); - WALK_LIST(i, iface_list) { if (!(i->flags & IF_UPDATED)) @@ -583,24 +578,57 @@ ifa_delete(struct ifa *a) } } -static void -auto_router_id(void) +u32 +if_choose_router_id(struct iface_patt *mask, u32 old_id) { #ifndef IPV6 - struct iface *i, *j; + struct iface *i; + struct ifa *a, *b; - j = NULL; + b = NULL; WALK_LIST(i, iface_list) - if ((i->flags & IF_ADMIN_UP) && - !(i->flags & (IF_IGNORE | IF_SHUTDOWN)) && - i->addr && - !(i->addr->flags & IA_PEER) && - (!j || ipa_to_u32(i->addr->ip) < ipa_to_u32(j->addr->ip))) - j = i; - if (!j) - die("Cannot determine router ID (no suitable network interface found), please configure it manually"); - log(L_INFO "Guessed router ID %I according to interface %s", j->addr->ip, j->name); - config->router_id = ipa_to_u32(j->addr->ip); + { + if (!(i->flags & IF_ADMIN_UP) || + (i->flags & (IF_IGNORE | IF_SHUTDOWN))) + continue; + + WALK_LIST(a, i->addrs) + { + if (a->flags & IA_SECONDARY) + continue; + + if (a->scope <= SCOPE_LINK) + continue; + + /* FIXME: This should go away */ + if (a->flags & IA_PEER) + continue; + + /* FIXME: This should go away too */ + if (!mask && (a != i->addr)) + continue; + + /* Check pattern if specified */ + if (mask && !iface_patt_match(mask, i, a)) + continue; + + /* No pattern or pattern matched */ + if (!b || ipa_to_u32(a->ip) < ipa_to_u32(b->ip)) + b = a; + } + } + + if (!b) + return 0; + + u32 id = ipa_to_u32(b->ip); + if (id != old_id) + log(L_INFO "Chosen router ID %R according to interface %s", id, b->iface->name); + + return id; + +#else + return 0; #endif } diff --git a/nest/iface.h b/nest/iface.h index 2416f82f..697ea543 100644 --- a/nest/iface.h +++ b/nest/iface.h @@ -101,6 +101,7 @@ struct iface *if_find_by_name(char *); struct iface *if_get_by_name(char *); void ifa_recalc_all_primary_addresses(void); + /* The Neighbor Cache */ typedef struct neighbor { @@ -161,4 +162,7 @@ int iface_patt_match(struct iface_patt *ifp, struct iface *i, struct ifa *a); struct iface_patt *iface_patt_find(list *l, struct iface *i, struct ifa *a); int iface_patts_equal(list *, list *, int (*)(struct iface_patt *, struct iface_patt *)); + +u32 if_choose_router_id(struct iface_patt *mask, u32 old_id); + #endif diff --git a/nest/proto.c b/nest/proto.c index 1334884e..b976a6cb 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -382,11 +382,9 @@ proto_reconfigure(struct proto *p, struct proto_config *oc, struct proto_config /* If there is a too big change in core attributes, ... */ if ((nc->protocol != oc->protocol) || (nc->disabled != p->disabled) || - (nc->table->table != oc->table->table) || - (proto_get_router_id(nc) != proto_get_router_id(oc))) + (nc->table->table != oc->table->table)) return 0; - p->debug = nc->debug; p->mrtdump = nc->mrtdump; proto_reconfig_type = type; @@ -552,6 +550,16 @@ protos_commit(struct config *new, struct config *old, int force_reconfig, int ty initial_device_proto = NULL; } + /* Determine router ID for the first time - it has to be here and not in + global_commit() because it is postponed after start of device protocol */ + if (!config->router_id) + { + config->router_id = if_choose_router_id(config->router_id_from, 0); + if (!config->router_id) + die("Cannot determine router ID, please configure it manually"); + } + + /* Start all other protocols */ WALK_LIST_DELSAFE(p, n, initial_proto_list) proto_rethink_goal(p); } diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index 346c641b..249d2e07 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -1009,6 +1009,9 @@ bgp_reconfigure(struct proto *P, struct proto_config *C) struct bgp_proto *p = (struct bgp_proto *) P; struct bgp_config *old = p->cf; + if (proto_get_router_id(C) != p->local_id) + return 0; + int same = !memcmp(((byte *) old) + sizeof(struct proto_config), ((byte *) new) + sizeof(struct proto_config), // password item is last and must be checked separately diff --git a/proto/ospf/ospf.c b/proto/ospf/ospf.c index 6654e107..a3b6b2e7 100644 --- a/proto/ospf/ospf.c +++ b/proto/ospf/ospf.c @@ -729,6 +729,9 @@ ospf_reconfigure(struct proto *p, struct proto_config *c) struct ospf_iface *ifa, *ifx; struct ospf_iface_patt *ip; + if (proto_get_router_id(c) != po->router_id) + return 0; + if (po->rfc1583 != new->rfc1583) return 0; -- cgit v1.2.3 From b662290f40ea0fa0b1a1ba283e50e833724f2050 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 10 Jan 2013 13:07:33 +0100 Subject: Separate import and receive limits. They have different behavior w.r.t. filtered routes that are kept. --- README | 2 +- doc/bird.sgml | 20 ++++++++++++++------ nest/config.Y | 3 ++- nest/proto.c | 21 +++++++++++++++------ nest/protocol.h | 15 ++++++++++++--- nest/rt-table.c | 49 ++++++++++++++++++++++++++++++++++++++++++++----- proto/bgp/bgp.c | 1 + proto/pipe/pipe.c | 5 +++++ 8 files changed, 94 insertions(+), 22 deletions(-) (limited to 'nest') diff --git a/README b/README index 5c2ef076..daeb18bd 100644 --- a/README +++ b/README @@ -3,7 +3,7 @@ (c) 1998--2008 Martin Mares (c) 1998--2000 Pavel Machek (c) 1998--2008 Ondrej Filip - (c) 2009--2011 CZ.NIC z.s.p.o. + (c) 2009--2013 CZ.NIC z.s.p.o. ================================================================================ diff --git a/doc/bird.sgml b/doc/bird.sgml index 4e04a138..b0d4e6a1 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -482,15 +482,23 @@ to zero to disable it. An empty is equivalent to receive limit + Specify an receive route limit (a maximum number of routes + received from the protocol and remembered). It works almost + identically to import limit option, the only + difference is that if export limit Specify an export route limit, works similarly to diff --git a/nest/config.Y b/nest/config.Y index dbd72055..e46b5fb5 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -44,7 +44,7 @@ CF_DECLS CF_KEYWORDS(ROUTER, ID, PROTOCOL, TEMPLATE, PREFERENCE, DISABLED, DEBUG, ALL, OFF, DIRECT) CF_KEYWORDS(INTERFACE, IMPORT, EXPORT, FILTER, NONE, TABLE, STATES, ROUTES, FILTERS) -CF_KEYWORDS(LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE, KEEP, FILTERED) +CF_KEYWORDS(RECEIVE, LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE, KEEP, FILTERED) CF_KEYWORDS(PASSWORD, FROM, PASSIVE, TO, ID, EVENTS, PACKETS, PROTOCOLS, INTERFACES) CF_KEYWORDS(PRIMARY, STATS, COUNT, FOR, COMMANDS, PREEXPORT, GENERATE, ROA, MAX, FLUSH) CF_KEYWORDS(LISTEN, BGP, V6ONLY, DUAL, ADDRESS, PORT, PASSWORDS, DESCRIPTION, SORTED) @@ -185,6 +185,7 @@ proto_item: | MRTDUMP mrtdump_mask { this_proto->mrtdump = $2; } | IMPORT imexport { this_proto->in_filter = $2; } | EXPORT imexport { this_proto->out_filter = $2; } + | RECEIVE LIMIT limit_spec { this_proto->rx_limit = $3; } | IMPORT LIMIT limit_spec { this_proto->in_limit = $3; } | EXPORT LIMIT limit_spec { this_proto->out_limit = $3; } | IMPORT KEEP FILTERED bool { this_proto->in_keep_filtered = $4; } diff --git a/nest/proto.c b/nest/proto.c index b976a6cb..7e7fb7fa 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -344,6 +344,7 @@ protos_postconfig(struct config *c) WALK_LIST(x, c->protos) { DBG(" %s", x->name); + p = x->protocol; if (p->postconfig) p->postconfig(x); @@ -410,6 +411,7 @@ proto_reconfigure(struct proto *p, struct proto_config *oc, struct proto_config { p->main_ahook->in_filter = nc->in_filter; p->main_ahook->out_filter = nc->out_filter; + p->main_ahook->rx_limit = nc->rx_limit; p->main_ahook->in_limit = nc->in_limit; p->main_ahook->out_limit = nc->out_limit; p->main_ahook->in_keep_filtered = nc->in_keep_filtered; @@ -804,9 +806,11 @@ proto_schedule_feed(struct proto *p, int initial) p->main_ahook = proto_add_announce_hook(p, p->table, &p->stats); p->main_ahook->in_filter = p->cf->in_filter; p->main_ahook->out_filter = p->cf->out_filter; + p->main_ahook->rx_limit = p->cf->rx_limit; p->main_ahook->in_limit = p->cf->in_limit; p->main_ahook->out_limit = p->cf->out_limit; p->main_ahook->in_keep_filtered = p->cf->in_keep_filtered; + proto_reset_limit(p->main_ahook->rx_limit); proto_reset_limit(p->main_ahook->in_limit); proto_reset_limit(p->main_ahook->out_limit); } @@ -978,6 +982,7 @@ proto_limit_name(struct proto_limit *l) * proto_notify_limit: notify about limit hit and take appropriate action * @ah: announce hook * @l: limit being hit + * @dir: limit direction (PLD_*) * @rt_count: the number of routes * * The function is called by the route processing core when limit @l @@ -985,10 +990,11 @@ proto_limit_name(struct proto_limit *l) * according to @l->action. */ void -proto_notify_limit(struct announce_hook *ah, struct proto_limit *l, u32 rt_count) +proto_notify_limit(struct announce_hook *ah, struct proto_limit *l, int dir, u32 rt_count) { + const char *dir_name[PLD_MAX] = { "receive", "import" , "export" }; + const byte dir_down[PLD_MAX] = { PDC_RX_LIMIT_HIT, PDC_IN_LIMIT_HIT, PDC_OUT_LIMIT_HIT }; struct proto *p = ah->proto; - int dir = (ah->in_limit == l); if (l->state == PLS_BLOCKED) return; @@ -996,7 +1002,7 @@ proto_notify_limit(struct announce_hook *ah, struct proto_limit *l, u32 rt_count /* For warning action, we want the log message every time we hit the limit */ if (!l->state || ((l->action == PLA_WARN) && (rt_count == l->limit))) log(L_WARN "Protocol %s hits route %s limit (%d), action: %s", - p->name, dir ? "import" : "export", l->limit, proto_limit_name(l)); + p->name, dir_name[dir], l->limit, proto_limit_name(l)); switch (l->action) { @@ -1011,8 +1017,7 @@ proto_notify_limit(struct announce_hook *ah, struct proto_limit *l, u32 rt_count case PLA_RESTART: case PLA_DISABLE: l->state = PLS_BLOCKED; - proto_schedule_down(p, l->action == PLA_RESTART, - dir ? PDC_IN_LIMIT_HIT : PDC_OUT_LIMIT_HIT); + proto_schedule_down(p, l->action == PLA_RESTART, dir_down[dir]); break; } } @@ -1146,6 +1151,7 @@ proto_show_basic_info(struct proto *p) cli_msg(-1006, " Input filter: %s", filter_name(p->cf->in_filter)); cli_msg(-1006, " Output filter: %s", filter_name(p->cf->out_filter)); + proto_show_limit(p->cf->rx_limit, "Receive limit:"); proto_show_limit(p->cf->in_limit, "Import limit:"); proto_show_limit(p->cf->out_limit, "Export limit:"); @@ -1267,7 +1273,10 @@ proto_cmd_reload(struct proto *p, unsigned int dir, int cnt UNUSED) * Perhaps, but these hooks work asynchronously. */ if (!p->proto->multitable) - proto_reset_limit(p->main_ahook->in_limit); + { + proto_reset_limit(p->main_ahook->rx_limit); + proto_reset_limit(p->main_ahook->in_limit); + } } /* re-exporting routes */ diff --git a/nest/protocol.h b/nest/protocol.h index cf2ca0a4..033a0ede 100644 --- a/nest/protocol.h +++ b/nest/protocol.h @@ -95,6 +95,8 @@ struct proto_config { u32 router_id; /* Protocol specific router ID */ struct rtable_config *table; /* Table we're attached to */ struct filter *in_filter, *out_filter; /* Attached filters */ + struct proto_limit *rx_limit; /* Limit for receiving routes from protocol + (relevant when in_keep_filtered is active) */ struct proto_limit *in_limit; /* Limit for importing routes from protocol */ struct proto_limit *out_limit; /* Limit for exporting routes to protocol */ @@ -225,8 +227,9 @@ struct proto_spec { #define PDC_CMD_DISABLE 0x11 /* Result of disable command */ #define PDC_CMD_RESTART 0x12 /* Result of restart command */ #define PDC_CMD_SHUTDOWN 0x13 /* Result of global shutdown */ -#define PDC_IN_LIMIT_HIT 0x21 /* Route import limit reached */ -#define PDC_OUT_LIMIT_HIT 0x22 /* Route export limit reached */ +#define PDC_RX_LIMIT_HIT 0x21 /* Route receive limit reached */ +#define PDC_IN_LIMIT_HIT 0x22 /* Route import limit reached */ +#define PDC_OUT_LIMIT_HIT 0x23 /* Route export limit reached */ void *proto_new(struct proto_config *, unsigned size); @@ -373,6 +376,11 @@ extern struct proto_config *cf_dev_proto; * Protocol limits */ +#define PLD_RX 0 /* Receive limit */ +#define PLD_IN 1 /* Import limit */ +#define PLD_OUT 2 /* Export limit */ +#define PLD_MAX 3 + #define PLA_WARN 1 /* Issue log warning */ #define PLA_BLOCK 2 /* Block new routes */ #define PLA_RESTART 4 /* Force protocol restart */ @@ -388,7 +396,7 @@ struct proto_limit { byte state; /* State of limit (PLS_*) */ }; -void proto_notify_limit(struct announce_hook *ah, struct proto_limit *l, u32 rt_count); +void proto_notify_limit(struct announce_hook *ah, struct proto_limit *l, int dir, u32 rt_count); static inline void proto_reset_limit(struct proto_limit *l) @@ -408,6 +416,7 @@ struct announce_hook { struct proto *proto; struct filter *in_filter; /* Input filter */ struct filter *out_filter; /* Output filter */ + struct proto_limit *rx_limit; /* Receive limit (for in_keep_filtered) */ struct proto_limit *in_limit; /* Input limit */ struct proto_limit *out_limit; /* Output limit */ struct proto_stats *stats; /* Per-table protocol statistics */ diff --git a/nest/rt-table.c b/nest/rt-table.c index 2f0840f0..99175448 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -285,7 +285,7 @@ do_rt_notify(struct announce_hook *ah, net *net, rte *new, rte *old, ea_list *tm if (l && new) { if ((!old || refeed) && (stats->exp_routes >= l->limit)) - proto_notify_limit(ah, l, stats->exp_routes); + proto_notify_limit(ah, l, PLD_OUT, stats->exp_routes); if (l->state == PLS_BLOCKED) { @@ -700,16 +700,22 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str return; } - struct proto_limit *l = ah->in_limit; + int new_ok = rte_is_ok(new); + int old_ok = rte_is_ok(old); + + struct proto_limit *l = ah->rx_limit; if (l && !old && new) { u32 all_routes = stats->imp_routes + stats->filt_routes; if (all_routes >= l->limit) - proto_notify_limit(ah, l, all_routes); + proto_notify_limit(ah, l, PLD_RX, all_routes); if (l->state == PLS_BLOCKED) { + /* In receive limit the situation is simple, old is NULL so + we just free new and exit like nothing happened */ + stats->imp_updates_ignored++; rte_trace_in(D_FILTERS, p, new, "ignored [limit]"); rte_free_quick(new); @@ -717,8 +723,39 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str } } - int new_ok = rte_is_ok(new); - int old_ok = rte_is_ok(old); + l = ah->in_limit; + if (l && !old_ok && new_ok) + { + if (stats->imp_routes >= l->limit) + proto_notify_limit(ah, l, PLD_IN, stats->imp_routes); + + if (l->state == PLS_BLOCKED) + { + /* In import limit the situation is more complicated. We + shouldn't just drop the route, we should handle it like + it was filtered. We also have to continue the route + processing if old or new is non-NULL, but we should exit + if both are NULL as this case is probably assumed to be + already handled. */ + + stats->imp_updates_ignored++; + rte_trace_in(D_FILTERS, p, new, "ignored [limit]"); + + if (ah->in_keep_filtered) + new->flags |= REF_FILTERED; + else + { rte_free_quick(new); new = NULL; } + + /* Note that old && !new could be possible when + ah->in_keep_filtered changed in the recent past. */ + + if (!old && !new) + return; + + new_ok = 0; + goto skip_stats1; + } + } if (new_ok) stats->imp_updates_accepted++; @@ -727,6 +764,8 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str else stats->imp_withdraws_ignored++; + skip_stats1: + if (new) rte_is_filtered(new) ? stats->filt_routes++ : stats->imp_routes++; if (old) diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index 249d2e07..0f351b44 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -878,6 +878,7 @@ bgp_shutdown(struct proto *P) subcode = 4; // Errcode 6, 4 - administrative reset break; + case PDC_RX_LIMIT_HIT: case PDC_IN_LIMIT_HIT: subcode = 1; // Errcode 6, 1 - max number of prefixes reached /* log message for compatibility */ diff --git a/proto/pipe/pipe.c b/proto/pipe/pipe.c index 6099d284..51be3c7d 100644 --- a/proto/pipe/pipe.c +++ b/proto/pipe/pipe.c @@ -200,6 +200,11 @@ pipe_postconfig(struct proto_config *C) cf_error("Name of peer routing table not specified"); if (c->peer == C->table) cf_error("Primary table and peer table must be different"); + + if (C->in_keep_filtered) + cf_error("Pipe protocol prohibits keeping filtered routes"); + if (C->rx_limit) + cf_error("Pipe protocol does not support receive limits"); } extern int proto_reconfig_type; -- cgit v1.2.3 From 36da2857bc911924a250a234f38cf58c3b21f1bc Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Fri, 8 Feb 2013 23:58:27 +0100 Subject: Implements router advertisements activated by received routes. The RAdv protocol could be configured to change its behavior based on availability of routes, e.g., do not announce router lifetime when a default route is not available. --- doc/bird.sgml | 43 +++++++++++++++++++------ filter/filter.c | 6 ++++ nest/route.h | 7 ++++ nest/rt-table.c | 37 ++++++++++++++++++--- proto/radv/config.Y | 36 ++++++++++++++++++--- proto/radv/packets.c | 32 ++++++++++-------- proto/radv/radv.c | 91 ++++++++++++++++++++++++++++++++++++++++++++++++++-- proto/radv/radv.h | 8 +++++ 8 files changed, 225 insertions(+), 35 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index f6f9aad7..762834e3 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -691,8 +691,8 @@ This argument can be omitted if there exists only a single instance.

You can also select just routes added by a specific protocol. protocol . -

If BIRD is configured to keep filtered routes (see If BIRD is configured to keep filtered routes (see The dnssl that just specifies one DNS search domain. + +

Interface specific options: @@ -2525,11 +2545,12 @@ interface definitions, prefix definitions and DNS definitions: This option specifies which value of Hop Limit should be used by hosts. Valid values are 0-255, 0 means unspecified. Default: 64 - default lifetime + default lifetime This option specifies the time (in seconds) how long (after the receipt of RA) hosts may use the router as a default - router. 0 means do not use as a default router. Default: 3 * - . + Default: 3 * rdnss local Use only local (interface-specific) RDNSS definitions for this @@ -2561,18 +2582,20 @@ interface definitions, prefix definitions and DNS definitions: This option specifies whether hosts may use the advertised prefix for stateless autoconfiguration. Default: yes - valid lifetime + valid lifetime This option specifies the time (in seconds) how long (after the receipt of RA) the prefix information is valid, i.e., autoconfigured IP addresses can be assigned and hosts with that IP addresses are considered directly reachable. 0 means - the prefix is no longer valid. Default: 86400 (1 day) + the prefix is no longer valid. For . Default: 86400 (1 day), preferred lifetime + preferred lifetime This option specifies the time (in seconds) how long (after the receipt of RA) IP addresses generated from the prefix - using stateless autoconfiguration remain preferred. Default: - 14400 (4 hours) + using stateless autoconfiguration remain preferred. For + . + Default: 14400 (4 hours), diff --git a/filter/filter.c b/filter/filter.c index 44fcf293..c35d0425 100644 --- a/filter/filter.c +++ b/filter/filter.c @@ -1429,6 +1429,12 @@ i_same(struct f_inst *f1, struct f_inst *f2) int f_run(struct filter *filter, struct rte **rte, struct ea_list **tmp_attrs, struct linpool *tmp_pool, int flags) { + if (filter == FILTER_ACCEPT) + return F_ACCEPT; + + if (filter == FILTER_REJECT) + return F_REJECT; + int rte_cow = ((*rte)->flags & REF_COW); DBG( "Running filter `%s'...", filter->name ); diff --git a/nest/route.h b/nest/route.h index 177baa38..8fd01a66 100644 --- a/nest/route.h +++ b/nest/route.h @@ -235,6 +235,12 @@ static inline int rte_is_filtered(rte *r) { return !!(r->flags & REF_FILTERED); #define RA_ACCEPTED 2 /* Announcement of first accepted route */ #define RA_ANY 3 /* Announcement of any route change */ +/* Return value of import_control() callback */ +#define RIC_ACCEPT 1 /* Accepted by protocol */ +#define RIC_PROCESS 0 /* Process it through import filter */ +#define RIC_REJECT -1 /* Rejected by protocol */ +#define RIC_DROP -2 /* Silently dropped by protocol */ + struct config; void rt_init(void); @@ -250,6 +256,7 @@ rte *rte_get_temp(struct rta *); void rte_update2(struct announce_hook *ah, net *net, rte *new, struct proto *src); static inline void rte_update(rtable *tab, net *net, struct proto *p, struct proto *src, rte *new) { rte_update2(p->main_ahook, net, new, src); } void rte_discard(rtable *tab, rte *old); +int rt_examine(rtable *t, ip_addr prefix, int pxlen, struct proto *p, struct filter *filter); void rte_dump(rte *); void rte_free(rte *); rte *rte_do_cow(rte *); diff --git a/nest/rt-table.c b/nest/rt-table.c index 99175448..75bfa6ba 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -213,7 +213,8 @@ export_filter(struct announce_hook *ah, rte *rt0, rte **rt_free, ea_list **tmpa, goto reject; stats->exp_updates_rejected++; - rte_trace_out(D_FILTERS, p, rt, "rejected by protocol"); + if (v == RIC_REJECT) + rte_trace_out(D_FILTERS, p, rt, "rejected by protocol"); goto reject; } if (v > 0) @@ -1042,6 +1043,34 @@ rte_discard(rtable *t, rte *old) /* Non-filtered route deletion, used during gar rte_update_unlock(); } +/* Check rtable for best route to given net whether it would be exported do p */ +int +rt_examine(rtable *t, ip_addr prefix, int pxlen, struct proto *p, struct filter *filter) +{ + net *n = net_find(t, prefix, pxlen); + rte *rt = n ? n->routes : NULL; + + if (!rte_is_valid(rt)) + return 0; + + rte_update_lock(); + + /* Rest is stripped down export_filter() */ + struct proto *src = rt->attrs->proto; + ea_list *tmpa = src->make_tmp_attrs ? src->make_tmp_attrs(rt, rte_update_pool) : NULL; + int v = p->import_control ? p->import_control(p, &rt, &tmpa, rte_update_pool) : 0; + if (v == RIC_PROCESS) + v = (f_run(filter, &rt, &tmpa, rte_update_pool, FF_FORCE_TMPATTR) <= F_ACCEPT); + + /* Discard temporary rte */ + if (rt != n->routes) + rte_free(rt); + + rte_update_unlock(); + + return v > 0; +} + /** * rte_dump - dump a route * @e: &rte to be dumped @@ -2081,7 +2110,7 @@ rt_show_net(struct cli *c, net *n, struct rt_show_data *d) ee = e; rte_update_lock(); /* We use the update buffer for filtering */ tmpa = p0->make_tmp_attrs ? p0->make_tmp_attrs(e, rte_update_pool) : NULL; - ok = (d->filter == FILTER_ACCEPT || f_run(d->filter, &e, &tmpa, rte_update_pool, FF_FORCE_TMPATTR) <= F_ACCEPT); + ok = f_run(d->filter, &e, &tmpa, rte_update_pool, FF_FORCE_TMPATTR) <= F_ACCEPT; if (p2 && p2 != p0) ok = 0; if (ok && d->export_mode) { @@ -2095,8 +2124,8 @@ rt_show_net(struct cli *c, net *n, struct rt_show_data *d) 'configure soft' command may change the export filter and do not update routes */ - if ((a = proto_find_announce_hook(p1, d->table)) && ((a->out_filter == FILTER_REJECT) || - (a->out_filter && f_run(a->out_filter, &e, &tmpa, rte_update_pool, FF_FORCE_TMPATTR) > F_ACCEPT))) + if ((a = proto_find_announce_hook(p1, d->table)) && + (f_run(a->out_filter, &e, &tmpa, rte_update_pool, FF_FORCE_TMPATTR) > F_ACCEPT)) ok = 0; } } diff --git a/proto/radv/config.Y b/proto/radv/config.Y index abccd2c7..fbec5a0a 100644 --- a/proto/radv/config.Y +++ b/proto/radv/config.Y @@ -30,9 +30,9 @@ CF_KEYWORDS(RADV, PREFIX, INTERFACE, MIN, MAX, RA, DELAY, INTERVAL, MANAGED, OTHER, CONFIG, LINK, MTU, REACHABLE, TIME, RETRANS, TIMER, CURRENT, HOP, LIMIT, DEFAULT, VALID, PREFERRED, MULT, LIFETIME, SKIP, ONLINK, AUTONOMOUS, RDNSS, DNSSL, NS, DOMAIN, - LOCAL) + LOCAL, TRIGGER, SENSITIVE) -%type radv_mult +%type radv_mult radv_sensitive CF_GRAMMAR @@ -53,6 +53,11 @@ radv_proto_item: | PREFIX radv_prefix { add_tail(&RADV_CFG->pref_list, NODE this_radv_prefix); } | RDNSS { init_list(&radv_dns_list); } radv_rdnss { add_tail_list(&RADV_CFG->rdnss_list, &radv_dns_list); } | DNSSL { init_list(&radv_dns_list); } radv_dnssl { add_tail_list(&RADV_CFG->dnssl_list, &radv_dns_list); } + | TRIGGER prefix { + RADV_CFG->trigger_prefix = $2.addr; + RADV_CFG->trigger_pxlen = $2.len; + RADV_CFG->trigger_valid = 1; + } ; radv_proto_opts: @@ -78,6 +83,7 @@ radv_iface_start: RADV_IFACE->min_delay = DEFAULT_MIN_DELAY; RADV_IFACE->current_hop_limit = DEFAULT_CURRENT_HOP_LIMIT; RADV_IFACE->default_lifetime = -1; + RADV_IFACE->default_lifetime_sensitive = 1; }; radv_iface_item: @@ -90,7 +96,11 @@ radv_iface_item: | REACHABLE TIME expr { RADV_IFACE->reachable_time = $3; if (($3 < 0) || ($3 > 3600000)) cf_error("Reachable time must be in range 0-3600000"); } | RETRANS TIMER expr { RADV_IFACE->retrans_timer = $3; if ($3 < 0) cf_error("Retrans timer must be 0 or positive"); } | CURRENT HOP LIMIT expr { RADV_IFACE->current_hop_limit = $4; if (($4 < 0) || ($4 > 255)) cf_error("Current hop limit must be in range 0-255"); } - | DEFAULT LIFETIME expr { RADV_IFACE->default_lifetime = $3; if (($3 < 0) || ($3 > 9000)) cf_error("Default lifetime must be in range 0-9000"); } + | DEFAULT LIFETIME expr radv_sensitive { + RADV_IFACE->default_lifetime = $3; + if (($3 < 0) || ($3 > 9000)) cf_error("Default lifetime must be in range 0-9000"); + if ($4 != -1) RADV_IFACE->default_lifetime_sensitive = $4; + } | PREFIX radv_prefix { add_tail(&RADV_IFACE->pref_list, NODE this_radv_prefix); } | RDNSS { init_list(&radv_dns_list); } radv_rdnss { add_tail_list(&RADV_IFACE->rdnss_list, &radv_dns_list); } | DNSSL { init_list(&radv_dns_list); } radv_dnssl { add_tail_list(&RADV_IFACE->dnssl_list, &radv_dns_list); } @@ -147,14 +157,25 @@ radv_prefix_item: SKIP bool { RADV_PREFIX->skip = $2; } | ONLINK bool { RADV_PREFIX->onlink = $2; } | AUTONOMOUS bool { RADV_PREFIX->autonomous = $2; } - | VALID LIFETIME expr { RADV_PREFIX->valid_lifetime = $3; if ($3 < 0) cf_error("Valid lifetime must be 0 or positive"); } - | PREFERRED LIFETIME expr { RADV_PREFIX->preferred_lifetime = $3; if ($3 < 0) cf_error("Preferred lifetime must be 0 or positive"); } + | VALID LIFETIME expr radv_sensitive { + RADV_PREFIX->valid_lifetime = $3; + if ($3 < 0) cf_error("Valid lifetime must be 0 or positive"); + if ($4 != -1) RADV_PREFIX->valid_lifetime_sensitive = $4; + } + | PREFERRED LIFETIME expr radv_sensitive { + RADV_PREFIX->preferred_lifetime = $3; + if ($3 < 0) cf_error("Preferred lifetime must be 0 or positive"); + if ($4 != -1) RADV_PREFIX->preferred_lifetime_sensitive = $4; + } ; radv_prefix_finish: { if (RADV_PREFIX->preferred_lifetime > RADV_PREFIX->valid_lifetime) cf_error("Preferred lifetime must be at most Valid lifetime"); + + if (RADV_PREFIX->valid_lifetime_sensitive > RADV_PREFIX->preferred_lifetime_sensitive) + cf_error("Valid lifetime sensitive requires that Preferred lifetime is sensitive too"); }; radv_prefix_opts: @@ -268,6 +289,11 @@ radv_mult: | MULT expr { $$ = 0; radv_mult_val = $2; if (($2 < 1) || ($2 > 254)) cf_error("Multiplier must be in range 1-254"); } ; +radv_sensitive: + /* empty */ { $$ = -1 } + | SENSITIVE bool { $$ = $2 } + ; + CF_CODE CF_END diff --git a/proto/radv/packets.c b/proto/radv/packets.c index 6fdfcaa3..dd839536 100644 --- a/proto/radv/packets.c +++ b/proto/radv/packets.c @@ -240,6 +240,7 @@ radv_prepare_ra(struct radv_iface *ifa) { struct proto_radv *ra = ifa->ra; struct radv_config *cf = (struct radv_config *) (ra->p.cf); + struct radv_iface_config *ic = ifa->cf; char *buf = ifa->sk->tbuf; char *bufstart = buf; @@ -249,21 +250,22 @@ radv_prepare_ra(struct radv_iface *ifa) pkt->type = ICMPV6_RA; pkt->code = 0; pkt->checksum = 0; - pkt->current_hop_limit = ifa->cf->current_hop_limit; - pkt->flags = (ifa->cf->managed ? OPT_RA_MANAGED : 0) | - (ifa->cf->other_config ? OPT_RA_OTHER_CFG : 0); - pkt->router_lifetime = htons(ifa->cf->default_lifetime); - pkt->reachable_time = htonl(ifa->cf->reachable_time); - pkt->retrans_timer = htonl(ifa->cf->retrans_timer); + pkt->current_hop_limit = ic->current_hop_limit; + pkt->flags = (ic->managed ? OPT_RA_MANAGED : 0) | + (ic->other_config ? OPT_RA_OTHER_CFG : 0); + pkt->router_lifetime = (ra->active || !ic->default_lifetime_sensitive) ? + htons(ic->default_lifetime) : 0; + pkt->reachable_time = htonl(ic->reachable_time); + pkt->retrans_timer = htonl(ic->retrans_timer); buf += sizeof(*pkt); - if (ifa->cf->link_mtu) + if (ic->link_mtu) { struct radv_opt_mtu *om = (void *) buf; om->type = OPT_MTU; om->length = 1; om->reserved = 0; - om->mtu = htonl(ifa->cf->link_mtu); + om->mtu = htonl(ic->link_mtu); buf += sizeof (*om); } @@ -288,26 +290,28 @@ radv_prepare_ra(struct radv_iface *ifa) op->pxlen = addr->pxlen; op->flags = (pc->onlink ? OPT_PX_ONLINK : 0) | (pc->autonomous ? OPT_PX_AUTONOMOUS : 0); - op->valid_lifetime = htonl(pc->valid_lifetime); - op->preferred_lifetime = htonl(pc->preferred_lifetime); + op->valid_lifetime = (ra->active || !pc->valid_lifetime_sensitive) ? + htonl(pc->valid_lifetime) : 0; + op->preferred_lifetime = (ra->active || !pc->preferred_lifetime_sensitive) ? + htonl(pc->preferred_lifetime) : 0; op->reserved = 0; op->prefix = addr->prefix; ipa_hton(op->prefix); buf += sizeof(*op); } - if (! ifa->cf->rdnss_local) + if (! ic->rdnss_local) if (radv_prepare_rdnss(ifa, &cf->rdnss_list, &buf, bufend) < 0) goto done; - if (radv_prepare_rdnss(ifa, &ifa->cf->rdnss_list, &buf, bufend) < 0) + if (radv_prepare_rdnss(ifa, &ic->rdnss_list, &buf, bufend) < 0) goto done; - if (! ifa->cf->dnssl_local) + if (! ic->dnssl_local) if (radv_prepare_dnssl(ifa, &cf->dnssl_list, &buf, bufend) < 0) goto done; - if (radv_prepare_dnssl(ifa, &ifa->cf->dnssl_list, &buf, bufend) < 0) + if (radv_prepare_dnssl(ifa, &ic->dnssl_list, &buf, bufend) < 0) goto done; done: diff --git a/proto/radv/radv.c b/proto/radv/radv.c index 5e7296a3..a6b9b16c 100644 --- a/proto/radv/radv.c +++ b/proto/radv/radv.c @@ -30,6 +30,13 @@ * by RA_EV_* codes), and radv_timer(), which triggers sending RAs and * computes the next timeout. * + * The RAdv protocol could receive routes (through + * radv_import_control() and radv_rt_notify()), but only the + * configured trigger route is tracked (in &active var). When a radv + * protocol is reconfigured, the connected routing table is examined + * (in radv_check_active()) to have proper &active value in case of + * the specified trigger prefix was changed. + * * Supported standards: * - RFC 4861 - main RA standard * - RFC 6106 - DNS extensions (RDDNS, DNSSL) @@ -93,6 +100,16 @@ radv_iface_notify(struct radv_iface *ifa, int event) tm_start(ifa->timer, after); } +static void +radv_iface_notify_all(struct proto_radv *ra, int event) +{ + struct radv_iface *ifa; + + WALK_LIST(ifa, ra->iface_list) + radv_iface_notify(ifa, event); +} + + static struct radv_iface * radv_iface_find(struct proto_radv *ra, struct iface *what) { @@ -238,11 +255,68 @@ radv_ifa_notify(struct proto *p, unsigned flags, struct ifa *a) radv_iface_notify(ifa, RA_EV_CHANGE); } +static inline int radv_net_match_trigger(struct radv_config *cf, net *n) +{ + return cf->trigger_valid && + (n->n.pxlen == cf->trigger_pxlen) && + ipa_equal(n->n.prefix, cf->trigger_prefix); +} + +int +radv_import_control(struct proto *p, rte **new, ea_list **attrs UNUSED, struct linpool *pool UNUSED) +{ + // struct proto_radv *ra = (struct proto_radv *) p; + struct radv_config *cf = (struct radv_config *) (p->cf); + + if (radv_net_match_trigger(cf, (*new)->net)) + return RIC_PROCESS; + + return RIC_DROP; +} + +static void +radv_rt_notify(struct proto *p, rtable *tbl UNUSED, net *n, rte *new, rte *old UNUSED, ea_list *attrs UNUSED) +{ + struct proto_radv *ra = (struct proto_radv *) p; + struct radv_config *cf = (struct radv_config *) (p->cf); + + if (radv_net_match_trigger(cf, n)) + { + u8 old_active = ra->active; + ra->active = !!new; + + if (ra->active == old_active) + return; + + if (ra->active) + RADV_TRACE(D_EVENTS, "Triggered"); + else + RADV_TRACE(D_EVENTS, "Suppressed"); + + radv_iface_notify_all(ra, RA_EV_CHANGE); + } +} + +static int +radv_check_active(struct proto_radv *ra) +{ + struct radv_config *cf = (struct radv_config *) (ra->p.cf); + + if (! cf->trigger_valid) + return 1; + + return rt_examine(ra->p.table, cf->trigger_prefix, cf->trigger_pxlen, + &(ra->p), ra->p.cf->out_filter); +} + static struct proto * radv_init(struct proto_config *c) { struct proto *p = proto_new(c, sizeof(struct proto_radv)); + p->accept_ra_types = RA_OPTIMAL; + p->import_control = radv_import_control; + p->rt_notify = radv_rt_notify; p->if_notify = radv_if_notify; p->ifa_notify = radv_ifa_notify; return p; @@ -252,9 +326,10 @@ static int radv_start(struct proto *p) { struct proto_radv *ra = (struct proto_radv *) p; - // struct radv_config *cf = (struct radv_config *) (p->cf); + struct radv_config *cf = (struct radv_config *) (p->cf); init_list(&(ra->iface_list)); + ra->active = !cf->trigger_valid; return PS_UP; } @@ -293,6 +368,9 @@ radv_reconfigure(struct proto *p, struct proto_config *c) * causing nodes to temporary remove their default routes. */ + p->cf = c; /* radv_check_active() requires proper p->cf */ + ra->active = radv_check_active(ra); + struct iface *iface; WALK_LIST(iface, iface_list) { @@ -335,6 +413,14 @@ radv_copy_config(struct proto_config *dest, struct proto_config *src) cfg_copy_list(&d->pref_list, &s->pref_list, sizeof(struct radv_prefix_config)); } +static void +radv_get_status(struct proto *p, byte *buf) +{ + struct proto_radv *ra = (struct proto_radv *) p; + + if (!ra->active) + strcpy(buf, "Suppressed"); +} struct protocol proto_radv = { .name = "RAdv", @@ -343,5 +429,6 @@ struct protocol proto_radv = { .start = radv_start, .shutdown = radv_shutdown, .reconfigure = radv_reconfigure, - .copy_config = radv_copy_config + .copy_config = radv_copy_config, + .get_status = radv_get_status }; diff --git a/proto/radv/radv.h b/proto/radv/radv.h index 48af8c00..f80e4530 100644 --- a/proto/radv/radv.h +++ b/proto/radv/radv.h @@ -52,6 +52,10 @@ struct radv_config list pref_list; /* Global list of prefix configs (struct radv_prefix_config) */ list rdnss_list; /* Global list of RDNSS configs (struct radv_rdnss_config) */ list dnssl_list; /* Global list of DNSSL configs (struct radv_dnssl_config) */ + + ip_addr trigger_prefix; /* Prefix of a trigger route, if defined */ + u8 trigger_pxlen; /* Pxlen of a trigger route, if defined */ + u8 trigger_valid; /* Whether a trigger route is defined */ }; struct radv_iface_config @@ -75,6 +79,7 @@ struct radv_iface_config u32 retrans_timer; u32 current_hop_limit; u32 default_lifetime; + u8 default_lifetime_sensitive; /* Whether default_lifetime depends on trigger */ }; struct radv_prefix_config @@ -88,6 +93,8 @@ struct radv_prefix_config u8 autonomous; u32 valid_lifetime; u32 preferred_lifetime; + u8 valid_lifetime_sensitive; /* Whether valid_lifetime depends on trigger */ + u8 preferred_lifetime_sensitive; /* Whether preferred_lifetime depends on trigger */ }; struct radv_rdnss_config @@ -113,6 +120,7 @@ struct proto_radv { struct proto p; list iface_list; /* List of active ifaces */ + u8 active; /* Whether radv is active w.r.t. triggers */ }; struct radv_iface -- cgit v1.2.3 From 0bc3542ab6e0a96342e35ead8ff1c52f980facc2 Mon Sep 17 00:00:00 2001 From: Ondrej Filip Date: Sun, 10 Feb 2013 19:06:56 +0100 Subject: Route limits can be disabled - this makes sense for protocol templates --- doc/bird.sgml | 12 ++++++------ nest/config.Y | 1 + 2 files changed, 7 insertions(+), 6 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index 762834e3..1baa1528 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -478,7 +478,7 @@ to zero to disable it. An empty is equivalent to import limit + import limit [ Specify an import route limit (a maximum number of routes imported from the protocol) and optionally the action to be taken when the limit is hit. Warn action just prints warning @@ -486,9 +486,9 @@ to zero to disable it. An empty is equivalent to receive limit + receive limit [ Specify an receive route limit (a maximum number of routes received from the protocol and remembered). It works almost identically to import limit option, the only @@ -498,9 +498,9 @@ to zero to disable it. An empty is equivalent to export limit + export limit [ Specify an export route limit, works similarly to the import limit option, but for the routes exported to the protocol. This option is experimental, there are some @@ -509,7 +509,7 @@ to zero to disable it. An empty is equivalent to description " This is an optional description of the protocol. It is displayed as a part of the diff --git a/nest/config.Y b/nest/config.Y index e46b5fb5..75728e0d 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -216,6 +216,7 @@ limit_spec: l->action = $2; $$ = l; } + | OFF { $$ = 0; } ; rtable: -- cgit v1.2.3 From 9d969be5f2d867704e82bd7d6c8049623d50708f Mon Sep 17 00:00:00 2001 From: Ondrej Filip Date: Thu, 14 Feb 2013 23:35:51 +0100 Subject: I still believe that 0 == NULL, however this patch will make Santiago happy. :-) --- nest/config.Y | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nest') diff --git a/nest/config.Y b/nest/config.Y index 75728e0d..07e1af31 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -216,7 +216,7 @@ limit_spec: l->action = $2; $$ = l; } - | OFF { $$ = 0; } + | OFF { $$ = NULL; } ; rtable: -- cgit v1.2.3 From e667622a35722ec007137e678f4f70841562e57f Mon Sep 17 00:00:00 2001 From: Ondrej Filip Date: Mon, 25 Feb 2013 10:39:46 +0100 Subject: Default rounting table for 'show route export/preexport/protocol' is the one related to a respective protocol. --- doc/bird.sgml | 3 ++- nest/config.Y | 1 - nest/rt-table.c | 5 +++++ 3 files changed, 7 insertions(+), 2 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index 893d3bfa..e83cf0e1 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -670,7 +670,8 @@ This argument can be omitted if there exists only a single instance. Show the list of symbols defined in the configuration (names of protocols, routing tables etc.). show route [[for] - Show contents of a routing table (by default of the main one), + Show contents of a routing table (by default of the main one or + the table attached to a respective protocol), that is routes, their metrics and (in case the pxlen = 256; $$->filter = FILTER_ACCEPT; - $$->table = config->master_rtc->table; } | r_args prefix { $$ = $1; diff --git a/nest/rt-table.c b/nest/rt-table.c index 75bfa6ba..e3fd985c 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -2204,6 +2204,11 @@ rt_show(struct rt_show_data *d) { net *n; + /* Default is either a master table or a table related to a respective protocol */ + if ((!d->table) && d->export_protocol) d->table = d->export_protocol->table; + if ((!d->table) && d->show_protocol) d->table = d->show_protocol->table; + if (!d->table) d->table = config->master_rtc->table; + if (d->pxlen == 256) { FIB_ITERATE_INIT(&d->fit, &d->table->fib); -- cgit v1.2.3 From cd3b02d198093abbbe671f647e4deb2470eb9cf1 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Tue, 16 Apr 2013 17:53:22 +0200 Subject: Allows IP of loopback to be used in automatic router ID selection. Thanks to Alexander V. Chernikov for the patch. --- nest/iface.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'nest') diff --git a/nest/iface.c b/nest/iface.c index da79b21f..b4ab70c3 100644 --- a/nest/iface.c +++ b/nest/iface.c @@ -589,7 +589,7 @@ if_choose_router_id(struct iface_patt *mask, u32 old_id) WALK_LIST(i, iface_list) { if (!(i->flags & IF_ADMIN_UP) || - (i->flags & (IF_IGNORE | IF_SHUTDOWN))) + (i->flags & IF_SHUTDOWN)) continue; WALK_LIST(a, i->addrs) @@ -612,6 +612,10 @@ if_choose_router_id(struct iface_patt *mask, u32 old_id) if (mask && !iface_patt_match(mask, i, a)) continue; + /* FIXME: This should go away too */ + if ((i->flags & IF_IGNORE) && !mask) + continue; + /* No pattern or pattern matched */ if (!b || ipa_to_u32(a->ip) < ipa_to_u32(b->ip)) b = a; -- cgit v1.2.3 From fad04c750ca6906fb095f1b45958dec0ac8e210c Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 13 Jun 2013 11:27:14 +0200 Subject: Fixes problems with kernel routes multiple routing tables. Temporary dummy routes created by a kernel protocol during routing table scan get mixed with real routes propagated from another kernel protocol through a pipe. --- nest/rt-table.c | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) (limited to 'nest') diff --git a/nest/rt-table.c b/nest/rt-table.c index e3fd985c..ebdac833 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -906,6 +906,26 @@ rte_update_unlock(void) lp_flush(rte_update_pool); } +static inline void +rte_hide_dummy_routes(net *net, rte **dummy) +{ + if (net->routes && net->routes->attrs->source == RTS_DUMMY) + { + *dummy = net->routes; + net->routes = (*dummy)->next; + } +} + +static inline void +rte_unhide_dummy_routes(net *net, rte **dummy) +{ + if (*dummy) + { + (*dummy)->next = net->routes; + net->routes = *dummy; + } +} + /** * rte_update - enter a new update to a routing table * @table: table to be updated @@ -955,6 +975,7 @@ rte_update2(struct announce_hook *ah, net *net, rte *new, struct proto *src) struct proto_stats *stats = ah->stats; struct filter *filter = ah->in_filter; ea_list *tmpa = NULL; + rte *dummy = NULL; rte_update_lock(); if (new) @@ -1010,14 +1031,18 @@ rte_update2(struct announce_hook *ah, net *net, rte *new, struct proto *src) else stats->imp_withdraws_received++; + recalc: + rte_hide_dummy_routes(net, &dummy); rte_recalculate(ah, net, new, tmpa, src); + rte_unhide_dummy_routes(net, &dummy); rte_update_unlock(); return; -drop: + drop: rte_free(new); - rte_recalculate(ah, net, NULL, NULL, src); - rte_update_unlock(); + new = NULL; + tmpa = NULL; + goto recalc; } /* Independent call to rte_announce(), used from next hop -- cgit v1.2.3 From ef4a50be10c6dd0abffd957132cd146029c3d79d Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Mon, 24 Jun 2013 16:37:30 +0200 Subject: Better packet priority and traffic class handling. Implements support for IPv6 traffic class, sets higher priority for OSPF and RIP outgoing packets by default and allows to configure ToS/DS/TClass IP header field and the local priority of outgoing packets. --- doc/bird.sgml | 48 +++++++++++++++++++++++++++++++++++++++++------- lib/ipv6.h | 7 +------ lib/socket.h | 4 +++- nest/config.Y | 8 ++++++-- proto/ospf/config.Y | 6 +++++- proto/ospf/iface.c | 8 ++++++-- proto/ospf/ospf.h | 2 ++ proto/rip/config.Y | 6 +++++- proto/rip/rip.c | 7 +++++-- proto/rip/rip.h | 2 ++ sysdep/bsd/sysio.h | 9 +++++++++ sysdep/linux/sysio.h | 19 +++++++++++++++++++ sysdep/unix/io.c | 11 +++++++++-- 13 files changed, 113 insertions(+), 24 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index 0681bd53..7277b2b9 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -567,6 +567,22 @@ to zero to disable it. An empty is equivalent to interface "eth*" 192.168.1.0/24; - start the protocol on all ethernet interfaces that have address from 192.168.1.0/24. +

There are two options that can be specified per-interface. First is metric, with -default one. Second is mode multicast|broadcast|quiet|nolisten|version1, it selects mode for -rip to work in. If nothing is specified, rip runs in multicast mode. version1 is -currently equivalent to broadcast, and it makes RIP talk to a broadcast address even -through multicast mode is possible. quiet option means that RIP will not transmit -any periodic messages to this interface and nolisten means that RIP will send to this -interface but not listen to it. +

There are some options that can be specified per-interface: + + + metric + This option specifies the metric of the interface. Valid + + mode multicast|broadcast|quiet|nolisten|version1 + This option selects the mode for RIP to work in. If nothing is + specified, RIP runs in multicast mode. tx class|dscp|priority + These options specify the ToS/DiffServ/Traffic class/Priority + of the outgoing RIP packets. See common option for detailed description. +

The following options generally override behavior specified in RFC. If you use any of these options, BIRD will no longer be RFC-compliant, which means it will not be able to talk to anything diff --git a/lib/ipv6.h b/lib/ipv6.h index 6f8e7b3c..2247d3fd 100644 --- a/lib/ipv6.h +++ b/lib/ipv6.h @@ -128,11 +128,6 @@ static inline byte * ipv6_put_addr(byte *buf, ip_addr a) return buf+16; } -/* - * RFC 1883 defines packet precendece, but RFC 2460 replaces it - * by generic Traffic Class ID with no defined semantics. Better - * not use it yet. - */ -#define IP_PREC_INTERNET_CONTROL -1 +#define IP_PREC_INTERNET_CONTROL 0xc0 #endif diff --git a/lib/socket.h b/lib/socket.h index 0ee43b52..fbddfb4c 100644 --- a/lib/socket.h +++ b/lib/socket.h @@ -20,7 +20,8 @@ typedef struct birdsock { void *data; /* User data */ ip_addr saddr, daddr; /* IPA_NONE = unspecified */ unsigned sport, dport; /* 0 = unspecified (for IP: protocol type) */ - int tos; /* TOS and priority, -1 = default */ + int tos; /* TOS / traffic class, -1 = default */ + int priority; /* Local socket priority, -1 = default */ int ttl; /* Time To Live, -1 = default */ u32 flags; struct iface *iface; /* Interface; specify this for broad/multicast sockets */ @@ -81,6 +82,7 @@ sk_send_buffer_empty(sock *sk) return sk->tbuf == sk->tpos; } +extern int sk_priority_control; /* Suggested priority for control traffic, should be sysdep define */ /* Socket flags */ diff --git a/nest/config.Y b/nest/config.Y index 183059e8..b85a5733 100644 --- a/nest/config.Y +++ b/nest/config.Y @@ -48,7 +48,7 @@ CF_KEYWORDS(RECEIVE, LIMIT, ACTION, WARN, BLOCK, RESTART, DISABLE, KEEP, FILTERE CF_KEYWORDS(PASSWORD, FROM, PASSIVE, TO, ID, EVENTS, PACKETS, PROTOCOLS, INTERFACES) CF_KEYWORDS(PRIMARY, STATS, COUNT, FOR, COMMANDS, PREEXPORT, GENERATE, ROA, MAX, FLUSH) CF_KEYWORDS(LISTEN, BGP, V6ONLY, DUAL, ADDRESS, PORT, PASSWORDS, DESCRIPTION, SORTED) -CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, IGP_METRIC) +CF_KEYWORDS(RELOAD, IN, OUT, MRTDUMP, MESSAGES, RESTRICT, MEMORY, IGP_METRIC, CLASS, DSCP) CF_ENUM(T_ENUM_RTS, RTS_, DUMMY, STATIC, INHERIT, DEVICE, STATIC_DEVICE, REDIRECT, RIP, OSPF, OSPF_IA, OSPF_EXT1, OSPF_EXT2, BGP, PIPE) @@ -65,7 +65,7 @@ CF_ENUM(T_ENUM_ROA, ROA_, UNKNOWN, VALID, INVALID) %type roa_args %type roa_table_arg %type sym_args -%type proto_start echo_mask echo_size debug_mask debug_list debug_flag mrtdump_mask mrtdump_list mrtdump_flag export_or_preexport roa_mode limit_action tab_sorted +%type proto_start echo_mask echo_size debug_mask debug_list debug_flag mrtdump_mask mrtdump_list mrtdump_flag export_or_preexport roa_mode limit_action tab_sorted tos %type proto_patt proto_patt2 %type limit_spec @@ -277,6 +277,10 @@ iface_patt: iface_patt_init iface_patt_list ; +tos: + CLASS expr { $$ = $2 & 0xfc; if (($2 < 0) || ($2 > 255)) cf_error("TX class must be in range 0-255"); } + | DSCP expr { $$ = ($2 & 0x3f) << 2; if (($2 < 0) || ($2 > 63)) cf_error("TX DSCP must be in range 0-63"); } + ; /* Direct device route protocol */ diff --git a/proto/ospf/config.Y b/proto/ospf/config.Y index ba050d85..d9379a7c 100644 --- a/proto/ospf/config.Y +++ b/proto/ospf/config.Y @@ -131,7 +131,7 @@ CF_KEYWORDS(NONE, SIMPLE, AUTHENTICATION, STRICT, CRYPTOGRAPHIC) CF_KEYWORDS(ELIGIBLE, POLL, NETWORKS, HIDDEN, VIRTUAL, CHECK, LINK) CF_KEYWORDS(RX, BUFFER, LARGE, NORMAL, STUBNET, HIDDEN, SUMMARY, TAG, EXTERNAL) CF_KEYWORDS(WAIT, DELAY, LSADB, ECMP, LIMIT, WEIGHT, NSSA, TRANSLATOR, STABILITY) -CF_KEYWORDS(GLOBAL, LSID, ROUTER, SELF, INSTANCE, REAL, NETMASK) +CF_KEYWORDS(GLOBAL, LSID, ROUTER, SELF, INSTANCE, REAL, NETMASK, TX, PRIORITY) %type opttext %type lsadb_args @@ -305,6 +305,8 @@ ospf_iface_item: | RX BUFFER LARGE { OSPF_PATT->rxbuf = OSPF_RXBUF_LARGE ; } | RX BUFFER NORMAL { OSPF_PATT->rxbuf = OSPF_RXBUF_NORMAL ; } | RX BUFFER expr { OSPF_PATT->rxbuf = $3 ; if (($3 < OSPF_RXBUF_MINSIZE) || ($3 > OSPF_MAX_PKT_SIZE)) cf_error("Buffer size must be in range 256-65535"); } + | TX tos { OSPF_PATT->tx_tos = $2; } + | TX PRIORITY expr { OSPF_PATT->tx_priority = $3; } | password_list ; @@ -367,6 +369,8 @@ ospf_iface_start: init_list(&OSPF_PATT->nbma_list); OSPF_PATT->autype = OSPF_AUTH_NONE; OSPF_PATT->ptp_netmask = 2; /* not specified */ + OSPF_PATT->tx_tos = IP_PREC_INTERNET_CONTROL; + OSPF_PATT->tx_priority = sk_priority_control; reset_passwords(); } ; diff --git a/proto/ospf/iface.c b/proto/ospf/iface.c index 3da8f56c..bc3b1ef6 100644 --- a/proto/ospf/iface.c +++ b/proto/ospf/iface.c @@ -77,7 +77,8 @@ ospf_sk_open(struct ospf_iface *ifa) sk->dport = OSPF_PROTO; sk->saddr = IPA_NONE; - sk->tos = IP_PREC_INTERNET_CONTROL; + sk->tos = ifa->cf->tx_tos; + sk->priority = ifa->cf->tx_priority; sk->rx_hook = ospf_rx_hook; sk->tx_hook = ospf_tx_hook; sk->err_hook = ospf_err_hook; @@ -659,7 +660,10 @@ ospf_iface_reconfigure(struct ospf_iface *ifa, struct ospf_iface_patt *new) if (ifa->stub != new_stub) return 0; - if (new->real_bcast != ifa->cf->real_bcast) + /* Change of these options would require to reset the iface socket */ + if ((new->real_bcast != ifa->cf->real_bcast) || + (new->tx_tos != ifa->cf->tx_tos) || + (new->tx_priority != ifa->cf->tx_priority)) return 0; ifa->cf = new; diff --git a/proto/ospf/ospf.h b/proto/ospf/ospf.h index 7608225f..56ebcd31 100644 --- a/proto/ospf/ospf.h +++ b/proto/ospf/ospf.h @@ -800,6 +800,8 @@ struct ospf_iface_patt u32 priority; u32 voa; u32 vid; + int tx_tos; + int tx_priority; u16 rxbuf; #define OSPF_RXBUF_NORMAL 0 #define OSPF_RXBUF_LARGE 1 diff --git a/proto/rip/config.Y b/proto/rip/config.Y index cd4f30e7..ec82aa3d 100644 --- a/proto/rip/config.Y +++ b/proto/rip/config.Y @@ -27,7 +27,7 @@ CF_DECLS CF_KEYWORDS(RIP, INFINITY, METRIC, PORT, PERIOD, GARBAGE, TIMEOUT, MODE, BROADCAST, MULTICAST, QUIET, NOLISTEN, VERSION1, AUTHENTICATION, NONE, PLAINTEXT, MD5, - HONOR, NEVER, NEIGHBOR, ALWAYS, + HONOR, NEVER, NEIGHBOR, ALWAYS, TX, PRIORITY, RIP_METRIC, RIP_TAG) %type rip_mode rip_auth @@ -76,6 +76,8 @@ rip_mode: rip_iface_item: | METRIC expr { RIP_IPATT->metric = $2; } | MODE rip_mode { RIP_IPATT->mode |= $2; } + | TX tos { RIP_IPATT->tx_tos = $2; } + | TX PRIORITY expr { RIP_IPATT->tx_priority = $3; } ; rip_iface_opts: @@ -94,6 +96,8 @@ rip_iface_init: add_tail(&RIP_CFG->iface_list, NODE this_ipatt); init_list(&this_ipatt->ipn_list); RIP_IPATT->metric = 1; + RIP_IPATT->tx_tos = IP_PREC_INTERNET_CONTROL; + RIP_IPATT->tx_priority = sk_priority_control; } ; diff --git a/proto/rip/rip.c b/proto/rip/rip.c index 341df7eb..c09eae79 100644 --- a/proto/rip/rip.c +++ b/proto/rip/rip.c @@ -707,7 +707,8 @@ new_iface(struct proto *p, struct iface *new, unsigned long flags, struct iface_ if (new) { rif->sock->ttl = 1; - rif->sock->tos = IP_PREC_INTERNET_CONTROL; + rif->sock->tos = PATT->tx_tos; + rif->sock->priority = PATT->tx_priority; rif->sock->flags = SKF_LADDR_RX; } @@ -1007,7 +1008,9 @@ static int rip_pat_compare(struct rip_patt *a, struct rip_patt *b) { return ((a->metric == b->metric) && - (a->mode == b->mode)); + (a->mode == b->mode) && + (a->tx_tos == b->tx_tos) && + (a->tx_priority == b->tx_priority)); } static int diff --git a/proto/rip/rip.h b/proto/rip/rip.h index e0816d0e..2cce8c81 100644 --- a/proto/rip/rip.h +++ b/proto/rip/rip.h @@ -128,6 +128,8 @@ struct rip_patt { #define IM_QUIET 4 #define IM_NOLISTEN 8 #define IM_VERSION1 16 + int tx_tos; + int tx_priority; }; struct rip_proto_config { diff --git a/sysdep/bsd/sysio.h b/sysdep/bsd/sysio.h index 4f91def5..085f16fa 100644 --- a/sysdep/bsd/sysio.h +++ b/sysdep/bsd/sysio.h @@ -284,3 +284,12 @@ sk_set_min_ttl6(sock *s, int ttl) #endif + +int sk_priority_control = -1; + +static int +sk_set_priority(sock *s, int prio UNUSED) +{ + log(L_WARN "Socket priority not supported"); + return -1; +} diff --git a/sysdep/linux/sysio.h b/sysdep/linux/sysio.h index 90b3ebd9..41287e71 100644 --- a/sysdep/linux/sysio.h +++ b/sysdep/linux/sysio.h @@ -310,3 +310,22 @@ sk_set_min_ttl6(sock *s, int ttl) } #endif + + +#ifndef IPV6_TCLASS +#define IPV6_TCLASS 67 +#endif + +int sk_priority_control = 7; + +static int +sk_set_priority(sock *s, int prio) +{ + if (setsockopt(s->fd, SOL_SOCKET, SO_PRIORITY, &prio, sizeof(prio)) < 0) + { + log(L_WARN "sk_set_priority: setsockopt: %m"); + return -1; + } + + return 0; +} diff --git a/sysdep/unix/io.c b/sysdep/unix/io.c index 80914afe..434a05be 100644 --- a/sysdep/unix/io.c +++ b/sysdep/unix/io.c @@ -598,7 +598,7 @@ sock_new(pool *p) sock *s = ralloc(p, &sk_class); s->pool = p; // s->saddr = s->daddr = IPA_NONE; - s->tos = s->ttl = -1; + s->tos = s->priority = s->ttl = -1; s->fd = -1; return s; } @@ -783,11 +783,18 @@ sk_setup(sock *s) ERR("fcntl(O_NONBLOCK)"); if (s->type == SK_UNIX) return NULL; -#ifndef IPV6 + +#ifdef IPV6 + if ((s->tos >= 0) && setsockopt(fd, SOL_IPV6, IPV6_TCLASS, &s->tos, sizeof(s->tos)) < 0) + WARN("IPV6_TCLASS"); +#else if ((s->tos >= 0) && setsockopt(fd, SOL_IP, IP_TOS, &s->tos, sizeof(s->tos)) < 0) WARN("IP_TOS"); #endif + if (s->priority >= 0) + sk_set_priority(s, s->priority); + #ifdef IPV6 int v = 1; if ((s->flags & SKF_V6ONLY) && setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &v, sizeof(v)) < 0) -- cgit v1.2.3 From cc31b75a8fd7949533c12db2c3e9d67eeaf46d10 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Tue, 9 Jul 2013 23:27:10 +0200 Subject: Implements 'bgppath ~ int set' filter op. --- doc/bird.sgml | 2 +- filter/filter.c | 3 +++ filter/test.conf | 4 ++-- nest/a-path.c | 23 +++++++++++++++++++++++ nest/attrs.h | 3 +++ 5 files changed, 32 insertions(+), 3 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index aa8a53ec..27f8b869 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -1090,7 +1090,7 @@ incompatible with each other (that is to prevent you from shooting in the foot). Special operators include There is one operator related to ROA infrastructure - data; + u8 *q = p+path->length; + int i, n; + + while (p Date: Wed, 24 Jul 2013 14:11:12 +0200 Subject: Fixes bug in protocol flushing and rtable pruning. When route was propagated to another rtable through a pipe and then the pipe was reconfigured softly in such a way that any subsequent route updates are filtered, then the source protocol shutdown didn't clean up the route in the second rtable which caused stale routes and potential crashes. --- nest/proto.c | 6 +++++- nest/route.h | 3 +-- nest/rt-table.c | 48 ++++++++++++++++++++++++++++++------------------ 3 files changed, 36 insertions(+), 21 deletions(-) (limited to 'nest') diff --git a/nest/proto.c b/nest/proto.c index 7e7fb7fa..60495aa0 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -835,14 +835,18 @@ static void proto_schedule_flush_loop(void) { struct proto *p; + struct announce_hook *h; if (flush_loop_state) return; flush_loop_state = 1; - rt_schedule_prune_all(); WALK_LIST(p, flush_proto_list) + { p->flushing = 1; + for (h=p->ahooks; h; h=h->next) + h->table->prune_state = 1; + } ev_schedule(proto_flush_event); } diff --git a/nest/route.h b/nest/route.h index 8fd01a66..35b5fa19 100644 --- a/nest/route.h +++ b/nest/route.h @@ -141,7 +141,7 @@ typedef struct rtable { int gc_counter; /* Number of operations since last GC */ bird_clock_t gc_time; /* Time of last GC */ byte gc_scheduled; /* GC is scheduled */ - byte prune_state; /* Table prune state, 1 -> prune is running */ + byte prune_state; /* Table prune state, 1 -> scheduled, 2-> running */ byte hcu_scheduled; /* Hostcache update is scheduled */ byte nhu_state; /* Next Hop Update state */ struct fib_iterator prune_fit; /* Rtable prune FIB iterator */ @@ -265,7 +265,6 @@ void rt_dump(rtable *); void rt_dump_all(void); int rt_feed_baby(struct proto *p); void rt_feed_baby_abort(struct proto *p); -void rt_schedule_prune_all(void); int rt_prune_loop(void); struct rtable_config *rt_new_table(struct symbol *s); diff --git a/nest/rt-table.c b/nest/rt-table.c index ebdac833..16dd9bcd 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -1268,19 +1268,8 @@ rt_init(void) } -/* Called from proto_schedule_flush_loop() only, - ensuring that all prune states are zero */ -void -rt_schedule_prune_all(void) -{ - rtable *t; - - WALK_LIST(t, routing_tables) - t->prune_state = 1; -} - static inline int -rt_prune_step(rtable *tab, int *max_feed) +rt_prune_step(rtable *tab, int step, int *max_feed) { struct fib_iterator *fit = &tab->prune_fit; @@ -1306,8 +1295,8 @@ again: rescan: for (e=n->routes; e; e=e->next) - if (e->sender->proto->core_state != FS_HAPPY && - e->sender->proto->core_state != FS_FEEDING) + if (e->sender->proto->flushing || + (step && e->attrs->proto->flushing)) { if (*max_feed <= 0) { @@ -1315,6 +1304,10 @@ again: return 0; } + if (step) + log(L_WARN "Route %I/%d from %s still in %s after flush", + n->n.prefix, n->n.pxlen, e->attrs->proto->name, tab->name); + rte_discard(tab, e); (*max_feed)--; @@ -1339,23 +1332,42 @@ again: /** * rt_prune_loop - prune routing tables - * @tab: routing table to be pruned * * The prune loop scans routing tables and removes routes belonging to - * inactive protocols and also stale network entries. Returns 1 when + * flushing protocols and also stale network entries. Returns 1 when * all such routes are pruned. It is a part of the protocol flushing * loop. + * + * The prune loop runs in two steps. In the first step it prunes just + * the routes with flushing senders (in explicitly marked tables) so + * the route removal is propagated as usual. In the second step, all + * remaining relevant routes are removed. Ideally, there shouldn't be + * any, but it happens when pipe filters are changed. */ int rt_prune_loop(void) { - rtable *t; + static int step = 0; int max_feed = 512; + rtable *t; + again: WALK_LIST(t, routing_tables) - if (! rt_prune_step(t, &max_feed)) + if (! rt_prune_step(t, step, &max_feed)) return 0; + if (step == 0) + { + /* Prepare for the second step */ + WALK_LIST(t, routing_tables) + t->prune_state = 1; + + step = 1; + goto again; + } + + /* Done */ + step = 0; return 1; } -- cgit v1.2.3 From 508d936078aecc8fbbb9ca1218104599c4a3cb4a Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 25 Jul 2013 13:15:32 +0200 Subject: Implements eval command and minor CLI cleanups. Implemented eval command can be used to evaluate expressions. The patch also documents echo command and allows to use log classes instead of integer as a mask for echo. --- doc/bird.sgml | 16 ++++++++++++---- doc/reply_codes | 2 ++ filter/filter.c | 32 ++++++++++++++++++++++---------- filter/filter.h | 3 +++ nest/cmds.c | 20 ++++++++++++++++++++ nest/cmds.h | 3 +++ nest/config.Y | 8 ++++++-- sysdep/unix/log.c | 2 ++ 8 files changed, 70 insertions(+), 16 deletions(-) (limited to 'nest') diff --git a/doc/bird.sgml b/doc/bird.sgml index 27f8b869..a1d3dc2c 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -282,7 +282,7 @@ protocol rip { include " This statement causes inclusion of a new file. The maximal depth is set to 5. - log " +

Bidirectional Forwarding Detection (BFD) is not a routing protocol itself, it +is an independent tool providing liveness and failure detection. Routing +protocols like OSPF and BGP use integrated periodic "hello" messages to monitor +liveness of neighbors, but detection times of these mechanisms are high (e.g. 40 +seconds by default in OSPF, could be set down to several seconds). BFD offers +universal, fast and low-overhead mechanism for failure detection, which could be +attached to any routing protocol in an advisory role. + +

BFD consists of mostly independent BFD sessions. Each session monitors an +unicast bidirectional path between two BFD-enabled routers. This is done by +periodically sending control packets in both directions. BFD does not handle +neighbor discovery, BFD sessions are created on demand by request of other +protocols (like OSPF or BGP), which supply appropriate information like IP +addresses and associated interfaces. When a session changes its state, these +protocols are notified and act accordingly (e.g. break an OSPF adjacency when +the BFD session went down). + +

BIRD implements basic BFD behavior as defined in +RFC 5880 +(some advanced features like the echo mode or authentication are not implemented), +IP transport for BFD as defined in +RFC 5881 and +RFC 5883 +and interaction with client protocols as defined in +RFC 5882. + +

Note that BFD implementation in BIRD is currently a new feature in +development, expect some rough edges and possible UI and configuration changes +in the future. Also note that we currently support at most one protocol instance. + +Configuration + +

BFD configuration consists mainly of multiple definitions of interfaces. +Most BFD config options are session specific. When a new session is requested +and dynamically created, it is configured from one of these definitions. For +sessions to directly connected neighbors, Note that to use BFD for other protocols like OSPF or BGP, these protocols +also have to be configured to request BFD sessions, usually by Some of BFD session options require +protocol bfd [<name>] { + interface <interface pattern> { + interval <time>; + min rx interval <time>; + min tx interval <time>; + idle tx interval <time>; + multiplier <num>; + passive <switch>; + }; + multihop { + interval <time>; + min rx interval <time>; + min tx interval <time>; + idle tx interval <time>; + multiplier <num>; + passive <switch>; + }; + neighbor <ip> [dev "<interface>"] [local <ip>] [multihop <switch>]; +} + + + + interface + Interface definitions allow to specify options for sessions associated + with such interfaces and also may contain interface specific options. + See common option for a detailed + description of interface patterns. Note that contrary to the behavior of + multihop { + Multihop definitions allow to specify options for multihop BFD sessions, + in the same manner as neighbor + BFD sessions are usually created on demand as requested by other + protocols (like OSPF or BGP). This option allows to explicitly add + a BFD session to the specified neighbor regardless of such requests. + + The session is identified by the IP address of the neighbor, with + optional specification of used interface and local IP. By default + the neighbor must be directly connected, unless the the session is + configured as multihop. Note that local IP must be specified for + multihop sessions. + + +

Session specific options (part of + interval + BFD ensures availability of the forwarding path associated with the + session by periodically sending BFD control packets in both + directions. The rate of such packets is controlled by two options, + min rx interval + This option specifies the minimum RX interval, which is announced to the + neighbor and used there to limit the neighbor's rate of generated BFD + control packets. Default: 10 ms. + + min tx interval + This option specifies the desired TX interval, which controls the rate + of generated BFD control packets (together with idle tx interval + In order to limit unnecessary traffic in cases where a neighbor is not + available or not running BFD, the rate of generated BFD control packets + is lower when the BFD session is not up. This option specifies the + desired TX interval in such cases instead of multiplier + Failure detection time for BFD sessions is based on established rate of + BFD control packets (min rx/tx interval) multiplied by this + multiplier, which is essentially (ignoring jitter) a number of missed + packets after which the session is declared down. Note that rates and + multipliers could be different in each direction of a BFD session. + Default: 5. + + passive + Generally, both BFD session endpoinds try to establish the session by + sending control packets to the other side. This option allows to enable + passive mode, which means that the router does not send BFD packets + until it has received one from the other side. Default: disabled. + + +Example + +

+protocol bfd { + interface "eth*" { + min rx interval 20 ms; + min tx interval 50 ms; + idle tx interval 300 ms; + }; + interface "gre*" { + interval 200 ms; + multiplier 10; + passive; + }; + multihop { + interval 200 ms; + multiplier 10; + }; + + neighbor 192.168.1.10; + neighbor 192.168.2.2 dev "eth2"; + neighbor 192.168.10.1 local 192.168.1.1 multihop; +} + + BGP

The Border Gateway Protocol is the routing protocol used for backbone @@ -1258,8 +1430,8 @@ AS). Each AS is a part of the network with common management and common routing policy. It is identified by a unique 16-bit number (ASN). Routers within each AS usually exchange AS-internal routing information with each other using an interior gateway protocol (IGP, -such as OSPF or RIP). Boundary routers at the border of -the AS communicate global (inter-AS) network reachability information with +such as OSPF or RIP). Boundary routers at the border of the AS +communicate global (inter-AS) network reachability information with their neighbors in the neighboring AS'es via exterior BGP (eBGP) and redistribute received information to other routers in the AS via interior BGP (iBGP). @@ -1412,7 +1584,15 @@ for each neighbor using the following configuration parameters: igp table Specifies a table that is used as an IGP routing table. Default: the same as the table BGP is connected to. - + + bfd switch + BGP could use BFD protocol as an advisory mechanism for neighbor + liveness and failure detection. If enabled, BIRD setups a BFD session + for the BGP neighbor and tracks its liveness by it. This has an + advantage of an order of magnitude lower detection times in case of + failure. Note that BFD protocol also has to be configured, see + section for details. Default: disabled. + ttl security Use GTSM (RFC 5082 - the generalized TTL security mechanism). GTSM protects against spoofed packets by ignoring received packets with a smaller @@ -1986,6 +2166,7 @@ protocol ospf <name> { real broadcast <switch>; ptp netmask <switch>; check link <switch>; + bfd <switch>; ecmp weight <num>; ttl security [<switch>; | tx only] tx class|dscp <num>; @@ -2260,6 +2441,14 @@ protocol ospf <name> { prefix) is propagated. It is possible that some hardware drivers or platforms do not implement this feature. Default value is no. + bfd switch + OSPF could use BFD protocol as an advisory mechanism for neighbor + liveness and failure detection. If enabled, BIRD setups a BFD session + for each OSPF neighbor and tracks its liveness by it. This has an + advantage of an order of magnitude lower detection times in case of + failure. Note that BFD protocol also has to be configured, see + section for details. Default value is no. + ttl security [ TTL security is a feature that protects routing protocols from remote spoofed packets by using TTL 255 instead of TTL 1 diff --git a/lib/birdlib.h b/lib/birdlib.h index 2d6849e1..a5424958 100644 --- a/lib/birdlib.h +++ b/lib/birdlib.h @@ -24,6 +24,8 @@ #define _MAX(a,b) (((a)>(b))?(a):(b)) #ifndef PARSER +#undef MIN +#undef MAX #define MIN(a,b) _MIN(a,b) #define MAX(a,b) _MAX(a,b) #endif diff --git a/lib/printf.c b/lib/printf.c index d8600b61..41e1cc0d 100644 --- a/lib/printf.c +++ b/lib/printf.c @@ -276,7 +276,7 @@ int bvsnprintf(char *buf, int size, const char *fmt, va_list args) ip_ntox(va_arg(args, ip_addr), ipbuf); else { ip_ntop(va_arg(args, ip_addr), ipbuf); - if (field_width > 0) + if (field_width == 1) field_width = STD_ADDRESS_P_LENGTH; } s = ipbuf; diff --git a/nest/proto.c b/nest/proto.c index 0c85c2d9..c15247be 100644 --- a/nest/proto.c +++ b/nest/proto.c @@ -681,6 +681,9 @@ proto_build(struct protocol *p) } } +/* FIXME: convert this call to some protocol hook */ +extern void bfd_init_all(void); + /** * protos_build - build a protocol list * @@ -718,8 +721,10 @@ protos_build(void) #ifdef CONFIG_BGP proto_build(&proto_bgp); #endif - // XXX +#ifdef CONFIG_BFD proto_build(&proto_bfd); + bfd_init_all(); +#endif proto_pool = rp_new(&root_pool, "Protocols"); proto_flush_event = ev_new(proto_pool); diff --git a/proto/bfd/bfd.c b/proto/bfd/bfd.c index 3e2af9d5..5ebfadc1 100644 --- a/proto/bfd/bfd.c +++ b/proto/bfd/bfd.c @@ -4,6 +4,103 @@ * Can be freely distributed and used under the terms of the GNU GPL. */ +/** + * DOC: Bidirectional Forwarding Detection + * + * The BFD protocol is implemented in three files: |bfd.c| containing the + * protocol logic and the protocol glue with BIRD core, |packets.c| handling BFD + * packet processing, RX, TX and protocol sockets. |io.c| then contains generic + * code for the event loop, threads and event sources (sockets, microsecond + * timers). This generic code will be merged to the main BIRD I/O code in the + * future. + * + * The BFD implementation uses a separate thread with an internal event loop for + * handling the protocol logic, which requires high-res and low-latency timing, + * so it is not affected by the rest of BIRD, which has several low-granularity + * hooks in the main loop, uses second-based timers and cannot offer good + * latency. The core of BFD protocol (the code related to BFD sessions, + * interfaces and packets) runs in the BFD thread, while the rest (the code + * related to BFD requests, BFD neighbors and the protocol glue) runs in the + * main thread. + * + * BFD sessions are represented by structure &bfd_session that contains a state + * related to the session and two timers (TX timer for periodic packets and hold + * timer for session timeout). These sessions are allocated from @session_slab + * and are accessible by two hash tables, @session_hash_id (by session ID) and + * @session_hash_ip (by IP addresses of neighbors). Slab and both hashes are in + * the main protocol structure &bfd_proto. The protocol logic related to BFD + * sessions is implemented in internal functions bfd_session_*(), which are + * expected to be called from the context of BFD thread, and external functions + * bfd_add_session(), bfd_remove_session() and bfd_reconfigure_session(), which + * form an interface to the BFD core for the rest and are expected to be called + * from the context of main thread. + * + * Each BFD session has an associated BFD interface, represented by structure + * &bfd_iface. A BFD interface contains a socket used for TX (the one for RX is + * shared in &bfd_proto), an interface configuration and reference counter. + * Compared to interface structures of other protocols, these structures are not + * created and removed based on interface notification events, but according to + * the needs of BFD sessions. When a new session is created, it requests a + * proper BFD interface by function bfd_get_iface(), which either finds an + * existing one in &iface_list (from &bfd_proto) or allocates a new one. When a + * session is removed, an associated iface is dicharged by bfd_free_iface(). + * + * BFD requests are the external API for the other protocols. When a protocol + * wants a BFD session, it calls bfd_request_session(), which creates a + * structure &bfd_request containing approprite information and an notify hook. + * This structure is a resource associated with the caller's resource pool. When + * a BFD protocol is available, a BFD request is submitted to the protocol, an + * appropriate BFD session is found or created and the request is attached to + * the session. When a session changes state, all attached requests (and related + * protocols) are notified. Note that BFD requests do not depend on BFD protocol + * running. When the BFD protocol is stopped or removed (or not available from + * beginning), related BFD requests are stored in @bfd_wait_list, where waits + * for a new protocol. + * + * BFD neighbors are just a way to statically configure BFD sessions without + * requests from other protocol. Structures &bfd_neighbor are part of BFD + * configuration (like static routes in the static protocol). BFD neighbors are + * handled by BFD protocol like it is a BFD client -- when a BFD neighbor is + * ready, the protocol just creates a BFD request like any other protocol. + * + * The protocol uses a new generic event loop (structure &birdloop) from |io.c|, + * which supports sockets, timers and events like the main loop. Timers + * (structure &timer2) are new microsecond based timers, while sockets and + * events are the same. A birdloop is associated with a thread (field @thread) + * in which event hooks are executed. Most functions for setting event sources + * (like sk_start() or tm2_start()) must be called from the context of that + * thread. Birdloop allows to temporarily acquire the context of that thread for + * the main thread by calling birdloop_enter() and then birdloop_leave(), which + * also ensures mutual exclusion with all event hooks. Note that resources + * associated with a birdloop (like timers) should be attached to the + * independent resource pool, detached from the main resource tree. + * + * There are two kinds of interaction between the BFD core (running in the BFD + * thread) and the rest of BFD (running in the main thread). The first kind are + * configuration calls from main thread to the BFD thread (like bfd_add_session()). + * These calls are synchronous and use birdloop_enter() mechanism for mutual + * exclusion. The second kind is a notification about session changes from the + * BFD thread to the main thread. This is done in an asynchronous way, sesions + * with pending notifications are linked (in the BFD thread) to @notify_list in + * &bfd_proto, and then bfd_notify_hook() in the main thread is activated using + * bfd_notify_kick() and a pipe. The hook then processes scheduled sessions and + * calls hooks from associated BFD requests. This @notify_list (and state fields + * in structure &bfd_session) is protected by a spinlock in &bfd_proto and + * functions bfd_lock_sessions() / bfd_unlock_sessions(). + * + * There are few data races (accessing @p->p.debug from TRACE() from the BFD + * thread and accessing some some private fields of %bfd_session from + * bfd_show_sessions() from the main thread, but these are harmless (i hope). + * + * TODO: document functions and access restrictions for fields in BFD structures. + * + * Supported standards: + * - RFC 5880 - main BFD standard + * - RFC 5881 - BFD for IP links + * - RFC 5882 - generic application of BFD + * - RFC 5883 - BFD for multihop paths + */ + #include "bfd.h" @@ -17,23 +114,34 @@ #define HASH_IP_EQ(a,b) ipa_equal(a,b) #define HASH_IP_FN(k) ipa_hash(k) +static list bfd_proto_list; +static list bfd_wait_list; const char *bfd_state_names[] = { "AdminDown", "Down", "Init", "Up" }; +static void bfd_session_set_min_tx(struct bfd_session *s, u32 val); +static struct bfd_iface *bfd_get_iface(struct bfd_proto *p, ip_addr local, struct iface *iface); +static void bfd_free_iface(struct bfd_iface *ifa); static inline void bfd_notify_kick(struct bfd_proto *p); + +/* + * BFD sessions + */ + static void bfd_session_update_state(struct bfd_session *s, uint state, uint diag) { - struct bfd_proto *p = s->bfd; + struct bfd_proto *p = s->ifa->bfd; + uint old_state = s->loc_state; int notify; - if (s->loc_state == state) + if (state == old_state) return; - TRACE(D_EVENTS, "Session changed %I %d %d", s->addr, state, diag); - debug("STATE %I %d %d %d\n", s->addr, s->loc_state, state, diag); - + TRACE(D_EVENTS, "Session to %I changed state from %s to %s", + s->addr, bfd_state_names[old_state], bfd_state_names[state]); + bfd_lock_sessions(p); s->loc_state = state; s->loc_diag = diag; @@ -43,21 +151,14 @@ bfd_session_update_state(struct bfd_session *s, uint state, uint diag) add_tail(&p->notify_list, &s->n); bfd_unlock_sessions(p); - if (notify) - bfd_notify_kick(p); -} + if (state == BFD_STATE_UP) + bfd_session_set_min_tx(s, s->ifa->cf->min_tx_int); -static void -bfd_session_timeout(struct bfd_session *s) -{ - s->rem_state = BFD_STATE_DOWN; - s->rem_id = 0; - s->rem_min_tx_int = 0; - s->rem_min_rx_int = 1; - s->rem_demand_mode = 0; - s->rem_detect_mult = 0; + if (old_state == BFD_STATE_UP) + bfd_session_set_min_tx(s, s->ifa->cf->idle_tx_int); - bfd_session_update_state(s, BFD_STATE_DOWN, BFD_DIAG_TIMEOUT); + if (notify) + bfd_notify_kick(p); } static void @@ -93,10 +194,9 @@ bfd_session_update_detection_time(struct bfd_session *s, int kick) } static void -bfd_session_control_tx_timer(struct bfd_session *s) +bfd_session_control_tx_timer(struct bfd_session *s, int reset) { - if (!s->opened) - goto stop; + // if (!s->opened) goto stop; if (s->passive && (s->rem_id == 0)) goto stop; @@ -111,10 +211,12 @@ bfd_session_control_tx_timer(struct bfd_session *s) goto stop; /* So TX timer should run */ - if (tm2_active(s->tx_timer)) - return; + if (reset || !tm2_active(s->tx_timer)) + { + s->last_tx = 0; + tm2_start(s->tx_timer, 0); + } - tm2_start(s->tx_timer, 0); return; stop: @@ -125,6 +227,10 @@ bfd_session_control_tx_timer(struct bfd_session *s) static void bfd_session_request_poll(struct bfd_session *s, u8 request) { + /* Not sure about this, but doing poll in this case does not make sense */ + if (s->rem_id == 0) + return; + s->poll_scheduled |= request; if (s->poll_active) @@ -132,7 +238,8 @@ bfd_session_request_poll(struct bfd_session *s, u8 request) s->poll_active = s->poll_scheduled; s->poll_scheduled = 0; - bfd_send_ctl(s->bfd, s, 0); + + bfd_session_control_tx_timer(s, 1); } static void @@ -146,11 +253,10 @@ bfd_session_terminate_poll(struct bfd_session *s) if (poll_done & BFD_POLL_RX) s->req_min_rx_int = s->req_min_rx_new; - s->poll_active = 0; + s->poll_active = s->poll_scheduled; + s->poll_scheduled = 0; /* Timers are updated by caller - bfd_session_process_ctl() */ - - // xxx_restart_poll(); } void @@ -191,10 +297,32 @@ bfd_session_process_ctl(struct bfd_session *s, u8 flags, u32 old_tx_int, u32 old if (next_state) bfd_session_update_state(s, next_state, diag); - bfd_session_control_tx_timer(s); + bfd_session_control_tx_timer(s, 0); if (flags & BFD_FLAG_POLL) - bfd_send_ctl(s->bfd, s, 1); + bfd_send_ctl(s->ifa->bfd, s, 1); +} + +static void +bfd_session_timeout(struct bfd_session *s) +{ + struct bfd_proto *p = s->ifa->bfd; + + TRACE(D_EVENTS, "Session to %I expired", s->addr); + + s->rem_state = BFD_STATE_DOWN; + s->rem_id = 0; + s->rem_min_tx_int = 0; + s->rem_min_rx_int = 1; + s->rem_demand_mode = 0; + s->rem_detect_mult = 0; + + s->poll_active = 0; + s->poll_scheduled = 0; + + bfd_session_update_state(s, BFD_STATE_DOWN, BFD_DIAG_TIMEOUT); + + bfd_session_control_tx_timer(s, 1); } static void @@ -255,8 +383,7 @@ bfd_tx_timer_hook(timer2 *t) struct bfd_session *s = t->data; s->last_tx = current_time(); - // debug("TX %d\n", (s32) (s->last_tx TO_MS)); - bfd_send_ctl(s->bfd, s, 0); + bfd_send_ctl(s->ifa->bfd, s, 0); } static void @@ -277,48 +404,53 @@ bfd_get_free_id(struct bfd_proto *p) } static struct bfd_session * -bfd_add_session(struct bfd_proto *p, ip_addr addr, struct bfd_session_config *opts) +bfd_add_session(struct bfd_proto *p, ip_addr addr, ip_addr local, struct iface *iface) { birdloop_enter(p->loop); + struct bfd_iface *ifa = bfd_get_iface(p, local, iface); + struct bfd_session *s = sl_alloc(p->session_slab); bzero(s, sizeof(struct bfd_session)); s->addr = addr; + s->ifa = ifa; s->loc_id = bfd_get_free_id(p); - debug("XXX INS1 %d %d %u %I\n", p->session_hash_id.count, p->session_hash_ip.count, s->loc_id, s->addr); + HASH_INSERT(p->session_hash_id, HASH_ID, s); - debug("XXX INS2 %d %d\n", p->session_hash_id.count, p->session_hash_ip.count); HASH_INSERT(p->session_hash_ip, HASH_IP, s); - debug("XXX INS3 %d %d\n", p->session_hash_id.count, p->session_hash_ip.count); - s->bfd = p; + /* Initialization of state variables - see RFC 5880 6.8.1 */ s->loc_state = BFD_STATE_DOWN; s->rem_state = BFD_STATE_DOWN; - s->des_min_tx_int = s->des_min_tx_new = opts->min_tx_int; // XXX opts->idle_tx_int; - s->req_min_rx_int = s->req_min_rx_new = opts->min_rx_int; + s->des_min_tx_int = s->des_min_tx_new = ifa->cf->idle_tx_int; + s->req_min_rx_int = s->req_min_rx_new = ifa->cf->min_rx_int; s->rem_min_rx_int = 1; - s->detect_mult = opts->multiplier; - s->passive = opts->passive; + s->detect_mult = ifa->cf->multiplier; + s->passive = ifa->cf->passive; s->tx_timer = tm2_new_init(p->tpool, bfd_tx_timer_hook, s, 0, 0); s->hold_timer = tm2_new_init(p->tpool, bfd_hold_timer_hook, s, 0, 0); bfd_session_update_tx_interval(s); + bfd_session_control_tx_timer(s, 1); + + init_list(&s->request_list); + s->last_state_change = now; + + TRACE(D_EVENTS, "Session to %I added", s->addr); birdloop_leave(p->loop); return s; } +/* static void bfd_open_session(struct bfd_proto *p, struct bfd_session *s, ip_addr local, struct iface *ifa) { birdloop_enter(p->loop); - s->bsock = bfd_get_socket(p, local, ifa); - // s->local = local; - // s->iface = ifa; s->opened = 1; bfd_session_control_tx_timer(s); @@ -331,10 +463,6 @@ bfd_close_session(struct bfd_proto *p, struct bfd_session *s) { birdloop_enter(p->loop); - bfd_free_socket(s->bsock); - s->bsock = NULL; - // s->local = IPA_NONE; - // s->iface = NULL; s->opened = 0; bfd_session_update_state(s, BFD_STATE_DOWN, BFD_DIAG_PATH_DOWN); @@ -342,54 +470,295 @@ bfd_close_session(struct bfd_proto *p, struct bfd_session *s) birdloop_leave(p->loop); } +*/ static void bfd_remove_session(struct bfd_proto *p, struct bfd_session *s) { + ip_addr ip = s->addr; + birdloop_enter(p->loop); - bfd_free_socket(s->bsock); + bfd_free_iface(s->ifa); rfree(s->tx_timer); rfree(s->hold_timer); - debug("XXX REM1 %d %d %u %I\n", p->session_hash_id.count, p->session_hash_ip.count, s->loc_id, s->addr); HASH_REMOVE(p->session_hash_id, HASH_ID, s); - debug("XXX REM2 %d %d\n", p->session_hash_id.count, p->session_hash_ip.count); HASH_REMOVE(p->session_hash_ip, HASH_IP, s); - debug("XXX REM3 %d %d\n", p->session_hash_id.count, p->session_hash_ip.count); sl_free(p->session_slab, s); + TRACE(D_EVENTS, "Session to %I removed", ip); + birdloop_leave(p->loop); } static void -bfd_configure_session(struct bfd_proto *p, struct bfd_session *s, - struct bfd_session_config *opts) +bfd_reconfigure_session(struct bfd_proto *p, struct bfd_session *s) { birdloop_enter(p->loop); - // XXX opts->idle_tx_int; + struct bfd_iface_config *cf = s->ifa->cf; - bfd_session_set_min_tx(s, opts->min_tx_int); - bfd_session_set_min_rx(s, opts->min_rx_int); - s->detect_mult = opts->multiplier; - s->passive = opts->passive; + u32 tx = (s->loc_state == BFD_STATE_UP) ? cf->min_tx_int : cf->idle_tx_int; + bfd_session_set_min_tx(s, tx); + bfd_session_set_min_rx(s, cf->min_rx_int); + s->detect_mult = cf->multiplier; + s->passive = cf->passive; - bfd_session_control_tx_timer(s); + bfd_session_control_tx_timer(s, 0); birdloop_leave(p->loop); + + TRACE(D_EVENTS, "Session to %I reconfigured", s->addr); +} + + +/* + * BFD interfaces + */ + +static struct bfd_iface_config bfd_default_iface = { + .min_rx_int = BFD_DEFAULT_MIN_RX_INT, + .min_tx_int = BFD_DEFAULT_MIN_TX_INT, + .idle_tx_int = BFD_DEFAULT_IDLE_TX_INT, + .multiplier = BFD_DEFAULT_MULTIPLIER +}; + +static inline struct bfd_iface_config * +bfd_find_iface_config(struct bfd_config *cf, struct iface *iface) +{ + struct bfd_iface_config *ic; + + ic = iface ? (void *) iface_patt_find(&cf->patt_list, iface, NULL) : cf->multihop; + + return ic ? ic : &bfd_default_iface; +} + +static struct bfd_iface * +bfd_get_iface(struct bfd_proto *p, ip_addr local, struct iface *iface) +{ + struct bfd_iface *ifa; + + WALK_LIST(ifa, p->iface_list) + if (ipa_equal(ifa->local, local) && (ifa->iface == iface)) + return ifa->uc++, ifa; + + struct bfd_config *cf = (struct bfd_config *) (p->p.cf); + struct bfd_iface_config *ic = bfd_find_iface_config(cf, iface); + + ifa = mb_allocz(p->tpool, sizeof(struct bfd_iface)); + ifa->local = local; + ifa->iface = iface; + ifa->cf = ic; + ifa->bfd = p; + + ifa->sk = bfd_open_tx_sk(p, local, iface); + ifa->uc = 1; + + add_tail(&p->iface_list, &ifa->n); + + return ifa; +} + +static void +bfd_free_iface(struct bfd_iface *ifa) +{ + if (!ifa || --ifa->uc) + return; + + rem_node(&ifa->n); + sk_stop(ifa->sk); + rfree(ifa->sk); + mb_free(ifa); +} + +static void +bfd_reconfigure_iface(struct bfd_proto *p, struct bfd_iface *ifa, struct bfd_config *nc) +{ + struct bfd_iface_config *nic = bfd_find_iface_config(nc, ifa->iface); + ifa->changed = !!memcmp(nic, ifa->cf, sizeof(struct bfd_iface_config)); + + /* This should be probably changed to not access ifa->cf from the BFD thread */ + birdloop_enter(p->loop); + ifa->cf = nic; + birdloop_leave(p->loop); +} + + +/* + * BFD requests + */ + +static void +bfd_request_notify(struct bfd_request *req, u8 state, u8 diag) +{ + u8 old_state = req->state; + + if (state == old_state) + return; + + req->state = state; + req->diag = diag; + req->old_state = old_state; + req->down = (old_state == BFD_STATE_UP) && (state == BFD_STATE_DOWN); + + if (req->hook) + req->hook(req); +} + +static int +bfd_add_request(struct bfd_proto *p, struct bfd_request *req) +{ + struct bfd_session *s = bfd_find_session_by_addr(p, req->addr); + u8 state, diag; + + if (!s) + s = bfd_add_session(p, req->addr, req->local, req->iface); + + rem_node(&req->n); + add_tail(&s->request_list, &req->n); + req->session = s; + + bfd_lock_sessions(p); + state = s->loc_state; + diag = s->loc_diag; + bfd_unlock_sessions(p); + + bfd_request_notify(req, state, diag); + + return 1; +} + +static void +bfd_submit_request(struct bfd_request *req) +{ + node *n; + + WALK_LIST(n, bfd_proto_list) + if (bfd_add_request(SKIP_BACK(struct bfd_proto, bfd_node, n), req)) + return; + + rem_node(&req->n); + add_tail(&bfd_wait_list, &req->n); + req->session = NULL; + bfd_request_notify(req, BFD_STATE_ADMIN_DOWN, 0); +} + +static void +bfd_take_requests(struct bfd_proto *p) +{ + node *n, *nn; + + WALK_LIST_DELSAFE(n, nn, bfd_wait_list) + bfd_add_request(p, SKIP_BACK(struct bfd_request, n, n)); +} + +static void +bfd_drop_requests(struct bfd_proto *p) +{ + node *n; + + HASH_WALK(p->session_hash_id, next_id, s) + { + /* We assume that p is not in bfd_proto_list */ + WALK_LIST_FIRST(n, s->request_list) + bfd_submit_request(SKIP_BACK(struct bfd_request, n, n)); + } + HASH_WALK_END; +} + +static struct resclass bfd_request_class; + +struct bfd_request * +bfd_request_session(pool *p, ip_addr addr, ip_addr local, struct iface *iface, + void (*hook)(struct bfd_request *), void *data) +{ + struct bfd_request *req = ralloc(p, &bfd_request_class); + + /* Hack: self-link req->n, we will call rem_node() on it */ + req->n.prev = req->n.next = &req->n; + + req->addr = addr; + req->local = local; + req->iface = iface; + + bfd_submit_request(req); + + req->hook = hook; + req->data = data; + + return req; +} + +static void +bfd_request_free(resource *r) +{ + struct bfd_request *req = (struct bfd_request *) r; + struct bfd_session *s = req->session; + + rem_node(&req->n); + + /* Remove the session if there is no request for it. Skip that if + inside notify hooks, will be handled by bfd_notify_hook() itself */ + + if (s && EMPTY_LIST(s->request_list) && !s->notify_running) + bfd_remove_session(s->ifa->bfd, s); +} + +static void +bfd_request_dump(resource *r) +{ + struct bfd_request *req = (struct bfd_request *) r; + + debug("(code %p, data %p)\n", req->hook, req->data); +} + +static struct resclass bfd_request_class = { + "BFD request", + sizeof(struct bfd_request), + bfd_request_free, + bfd_request_dump, + NULL, + NULL +}; + + +/* + * BFD neighbors + */ + +static void +bfd_neigh_notify(struct neighbor *nb) +{ + struct bfd_proto *p = (struct bfd_proto *) nb->proto; + struct bfd_neighbor *n = nb->data; + + if (!n) + return; + + if ((nb->scope > 0) && !n->req) + { + ip_addr local = ipa_nonzero(n->local) ? n->local : nb->iface->addr->ip; + n->req = bfd_request_session(p->p.pool, n->addr, local, nb->iface, NULL, NULL); + } + + if ((nb->scope <= 0) && n->req) + { + rfree(n->req); + n->req = NULL; + } } static void bfd_start_neighbor(struct bfd_proto *p, struct bfd_neighbor *n) { - n->session = bfd_add_session(p, n->addr, n->opts); + n->active = 1; - if (n->opts->multihop) + if (n->multihop) { - bfd_open_session(p, n->session, n->local, NULL); + n->req = bfd_request_session(p->p.pool, n->addr, n->local, NULL, NULL, NULL); return; } @@ -402,14 +771,15 @@ bfd_start_neighbor(struct bfd_proto *p, struct bfd_neighbor *n) if (nb->data) { - log(L_ERR "%s: Duplicate remote address %I", p->p.name, n->addr); + log(L_ERR "%s: Duplicate neighbor %I", p->p.name, n->addr); return; } - nb->data = n->session; + n->neigh = nb; + nb->data = n; if (nb->scope > 0) - bfd_open_session(p, n->session, nb->iface->addr->ip, nb->iface); + bfd_neigh_notify(nb); else TRACE(D_EVENTS, "Waiting for %I%J to become my neighbor", n->addr, n->iface); } @@ -417,33 +787,54 @@ bfd_start_neighbor(struct bfd_proto *p, struct bfd_neighbor *n) static void bfd_stop_neighbor(struct bfd_proto *p, struct bfd_neighbor *n) { - if (!n->opts->multihop) - { - struct neighbor *nb = neigh_find2(&p->p, &n->addr, n->iface, 0); - if (nb) - nb->data = NULL; - } + if (n->neigh) + n->neigh->data = NULL; + n->neigh = NULL; - bfd_remove_session(p, n->session); + rfree(n->req); + n->req = NULL; } -static void -bfd_neigh_notify(struct neighbor *nb) +static inline int +bfd_same_neighbor(struct bfd_neighbor *x, struct bfd_neighbor *y) { - struct bfd_proto *p = (struct bfd_proto *) nb->proto; - struct bfd_session *s = nb->data; + return ipa_equal(x->addr, y->addr) && ipa_equal(x->local, y->local) && + (x->iface == y->iface) && (x->multihop == y->multihop); +} - if (!s) - return; +static void +bfd_reconfigure_neighbors(struct bfd_proto *p, struct bfd_config *new) +{ + struct bfd_config *old = (struct bfd_config *) (p->p.cf); + struct bfd_neighbor *on, *nn; - if ((nb->scope > 0) && !s->opened) - bfd_open_session(p, s, nb->iface->addr->ip, nb->iface); + WALK_LIST(on, old->neigh_list) + { + WALK_LIST(nn, new->neigh_list) + if (bfd_same_neighbor(nn, on)) + { + nn->neigh = on->neigh; + if (nn->neigh) + nn->neigh->data = nn; + + nn->req = on->req; + nn->active = 1; + return; + } + + bfd_stop_neighbor(p, on); + } - if ((nb->scope <= 0) && s->opened) - bfd_close_session(p, s); + WALK_LIST(nn, new->neigh_list) + if (!nn->active) + bfd_start_neighbor(p, nn); } +/* + * BFD notify socket + */ + /* This core notify code should be replaced after main loop transition to birdloop */ int pipe(int pipefd[2]); @@ -456,6 +847,8 @@ bfd_notify_hook(sock *sk, int len) struct bfd_proto *p = sk->data; struct bfd_session *s; list tmp_list; + u8 state, diag; + node *n, *nn; pipe_drain(sk->fd); @@ -469,10 +862,21 @@ bfd_notify_hook(sock *sk, int len) { bfd_lock_sessions(p); rem2_node(&s->n); + state = s->loc_state; + diag = s->loc_diag; bfd_unlock_sessions(p); - // XXX do something - TRACE(D_EVENTS, "Notify: session changed %I %d %d", s->addr, s->loc_state, s->loc_diag); + /* FIXME: convert to btime and move to bfd_session_update_state() */ + s->last_state_change = now; + + s->notify_running = 1; + WALK_LIST_DELSAFE(n, nn, s->request_list) + bfd_request_notify(SKIP_BACK(struct bfd_request, n, n), state, diag); + s->notify_running = 0; + + /* Remove the session if all requests were removed in notify hooks */ + if (EMPTY_LIST(s->request_list)) + bfd_remove_session(p, s); } return 0; @@ -523,6 +927,17 @@ bfd_notify_init(struct bfd_proto *p) } +/* + * BFD protocol glue + */ + +void +bfd_init_all(void) +{ + init_list(&bfd_proto_list); + init_list(&bfd_wait_list); +} + static struct proto * bfd_init(struct proto_config *c) { @@ -539,25 +954,28 @@ bfd_start(struct proto *P) struct bfd_proto *p = (struct bfd_proto *) P; struct bfd_config *cf = (struct bfd_config *) (P->cf); - p->loop = birdloop_new(P->pool); + p->loop = birdloop_new(); p->tpool = rp_new(NULL, "BFD thread root"); pthread_spin_init(&p->lock, PTHREAD_PROCESS_PRIVATE); p->session_slab = sl_new(P->pool, sizeof(struct bfd_session)); - HASH_INIT(p->session_hash_id, P->pool, 4); - HASH_INIT(p->session_hash_ip, P->pool, 4); - - init_list(&p->sock_list); + HASH_INIT(p->session_hash_id, P->pool, 8); + HASH_INIT(p->session_hash_ip, P->pool, 8); + init_list(&p->iface_list); init_list(&p->notify_list); bfd_notify_init(p); + add_tail(&bfd_proto_list, &p->bfd_node); + birdloop_enter(p->loop); p->rx_1 = bfd_open_rx_sk(p, 0); p->rx_m = bfd_open_rx_sk(p, 1); birdloop_leave(p->loop); + bfd_take_requests(p); + struct bfd_neighbor *n; WALK_LIST(n, cf->neigh_list) bfd_start_neighbor(p, n); @@ -572,76 +990,79 @@ static int bfd_shutdown(struct proto *P) { struct bfd_proto *p = (struct bfd_proto *) P; + struct bfd_config *cf = (struct bfd_config *) (P->cf); + + rem_node(&p->bfd_node); birdloop_stop(p->loop); + struct bfd_neighbor *n; + WALK_LIST(n, cf->neigh_list) + bfd_stop_neighbor(p, n); + + bfd_drop_requests(p); + /* FIXME: This is hack */ birdloop_enter(p->loop); rfree(p->tpool); birdloop_leave(p->loop); - return PS_DOWN; -} - -static inline int -bfd_same_neighbor(struct bfd_neighbor *x, struct bfd_neighbor *y) -{ - return ipa_equal(x->addr, y->addr) && ipa_equal(x->local, y->local) && - (x->iface == y->iface) && (x->opts->multihop == y->opts->multihop); -} - -static void -bfd_match_neighbor(struct bfd_proto *p, struct bfd_neighbor *on, struct bfd_config *new) -{ - struct bfd_neighbor *nn; - - WALK_LIST(nn, new->neigh_list) - if (bfd_same_neighbor(nn, on)) - { - nn->session = on->session; - bfd_configure_session(p, nn->session, nn->opts); - return; - } + birdloop_free(p->loop); - bfd_stop_neighbor(p, on); + return PS_DOWN; } static int bfd_reconfigure(struct proto *P, struct proto_config *c) { struct bfd_proto *p = (struct bfd_proto *) P; - struct bfd_config *old = (struct bfd_config *) (P->cf); + // struct bfd_config *old = (struct bfd_config *) (P->cf); struct bfd_config *new = (struct bfd_config *) c; - struct bfd_neighbor *n; + struct bfd_iface *ifa; birdloop_mask_wakeups(p->loop); - WALK_LIST(n, old->neigh_list) - bfd_match_neighbor(p, n, new); + WALK_LIST(ifa, p->iface_list) + bfd_reconfigure_iface(p, ifa, new); + + HASH_WALK(p->session_hash_id, next_id, s) + { + if (s->ifa->changed) + bfd_reconfigure_session(p, s); + } + HASH_WALK_END; - WALK_LIST(n, new->neigh_list) - if (!n->session) - bfd_start_neighbor(p, n); + bfd_reconfigure_neighbors(p, new); birdloop_unmask_wakeups(p->loop); return 1; } +/* Ensure one instance */ +struct bfd_config *bfd_cf; + +static void +bfd_preconfig(struct protocol *P UNUSED, struct config *c UNUSED) +{ + bfd_cf = NULL; +} + static void bfd_copy_config(struct proto_config *dest, struct proto_config *src) { struct bfd_config *d = (struct bfd_config *) dest; // struct bfd_config *s = (struct bfd_config *) src; - /* We clean up neigh_list, ifaces are non-sharable */ + /* We clean up patt_list and neigh_list, neighbors and ifaces are non-sharable */ + init_list(&d->patt_list); init_list(&d->neigh_list); - } void bfd_show_sessions(struct proto *P) { + byte tbuf[TM_DATETIME_BUFFER_SIZE]; struct bfd_proto *p = (struct bfd_proto *) P; uint state, diag; u32 tx_int, timeout; @@ -655,22 +1076,25 @@ bfd_show_sessions(struct proto *P) } cli_msg(-1013, "%s:", p->p.name); - cli_msg(-1013, "%-12s\t%s\t%s\t%s\t%s", "Router IP", "Iface", - "State", "TX Int", "Timeout"); + cli_msg(-1013, "%-25s %-10s %-10s %-10s %8s %8s", + "IP address", "Interface", "State", "Since", "Interval", "Timeout"); - debug("XXX WALK %d %d\n", p->session_hash_id.count, p->session_hash_ip.count); HASH_WALK(p->session_hash_id, next_id, s) { - // FIXME this is unsafe + /* FIXME: this is thread-unsafe, but perhaps harmless */ state = s->loc_state; diag = s->loc_diag; - ifname = (s->bsock && s->bsock->sk->iface) ? s->bsock->sk->iface->name : "---"; - tx_int = (MAX(s->des_min_tx_int, s->rem_min_rx_int) TO_MS); + ifname = (s->ifa && s->ifa->sk->iface) ? s->ifa->sk->iface->name : "---"; + tx_int = s->last_tx ? (MAX(s->des_min_tx_int, s->rem_min_rx_int) TO_MS) : 0; timeout = (MAX(s->req_min_rx_int, s->rem_min_tx_int) TO_MS) * s->rem_detect_mult; - cli_msg(-1013, "%I\t%s\t%s %d\t%u\t%u", - s->addr, ifname, bfd_state_names[state], diag, tx_int, timeout); + state = (state < 4) ? state : 0; + tm_format_datetime(tbuf, &config->tf_proto, s->last_state_change); + + cli_msg(-1013, "%-25I %-10s %-10s %-10s %3u.%03u %3u.%03u", + s->addr, ifname, bfd_state_names[state], tbuf, + tx_int / 1000, tx_int % 1000, timeout / 1000, timeout % 1000); } HASH_WALK_END; @@ -685,5 +1109,6 @@ struct protocol proto_bfd = { .start = bfd_start, .shutdown = bfd_shutdown, .reconfigure = bfd_reconfigure, + .preconfig = bfd_preconfig, .copy_config = bfd_copy_config, }; diff --git a/proto/bfd/bfd.h b/proto/bfd/bfd.h index 66c6ed17..f4ab3fcc 100644 --- a/proto/bfd/bfd.h +++ b/proto/bfd/bfd.h @@ -20,6 +20,7 @@ #include "lib/socket.h" #include "lib/string.h" +#include "nest/bfd.h" #include "io.h" @@ -33,19 +34,23 @@ #define BFD_DEFAULT_MULTIPLIER 5 +struct bfd_iface_config; + struct bfd_config { struct proto_config c; - list neigh_list; /* List of struct bfd_neighbor */ + list patt_list; /* List of iface configs (struct bfd_iface_config) */ + list neigh_list; /* List of configured neighbors (struct bfd_neighbor) */ + struct bfd_iface_config *multihop; /* Multihop pseudoiface config */ }; -struct bfd_session_config +struct bfd_iface_config { + struct iface_patt i; u32 min_rx_int; u32 min_tx_int; u32 idle_tx_int; u8 multiplier; - u8 multihop; u8 passive; }; @@ -55,9 +60,12 @@ struct bfd_neighbor ip_addr addr; ip_addr local; struct iface *iface; - struct bfd_session_config *opts; - struct bfd_session *session; + struct neighbor *neigh; + struct bfd_request *req; + + u8 multihop; + u8 active; }; struct bfd_proto @@ -66,6 +74,7 @@ struct bfd_proto struct birdloop *loop; pool *tpool; pthread_spinlock_t lock; + node bfd_node; slab *session_slab; HASH(struct bfd_session) session_hash_id; @@ -77,25 +86,31 @@ struct bfd_proto sock *rx_1; sock *rx_m; - list sock_list; + list iface_list; }; -struct bfd_socket +struct bfd_iface { node n; + ip_addr local; + struct iface *iface; + struct bfd_iface_config *cf; + struct bfd_proto *bfd; + sock *sk; u32 uc; + u8 changed; }; struct bfd_session { node n; ip_addr addr; /* Address of session */ + struct bfd_iface *ifa; /* Iface associated with session */ struct bfd_session *next_id; /* Next in bfd.session_hash_id */ struct bfd_session *next_ip; /* Next in bfd.session_hash_ip */ - struct bfd_proto *bfd; - u8 opened; + u8 opened_unused; u8 passive; u8 poll_active; u8 poll_scheduled; @@ -123,7 +138,9 @@ struct bfd_session timer2 *tx_timer; /* Periodic control packet timer */ timer2 *hold_timer; /* Timer for session down detection time */ - struct bfd_socket *bsock; /* Socket associated with session */ + list request_list; /* List of client requests (struct bfd_request) */ + bird_clock_t last_state_change; /* Time of last state change */ + u8 notify_running; /* 1 if notify hooks are running */ }; @@ -168,10 +185,7 @@ void bfd_show_sessions(struct proto *P); /* packets.c */ void bfd_send_ctl(struct bfd_proto *p, struct bfd_session *s, int final); sock * bfd_open_rx_sk(struct bfd_proto *p, int multihop); -struct bfd_socket * bfd_get_socket(struct bfd_proto *p, ip_addr local, struct iface *ifa); -void bfd_free_socket(struct bfd_socket *sk); - - +sock * bfd_open_tx_sk(struct bfd_proto *p, ip_addr local, struct iface *ifa); #endif /* _BIRD_BFD_H_ */ diff --git a/proto/bfd/config.Y b/proto/bfd/config.Y index f1193d70..1bf8764f 100644 --- a/proto/bfd/config.Y +++ b/proto/bfd/config.Y @@ -12,20 +12,21 @@ CF_HDR CF_DEFINES #define BFD_CFG ((struct bfd_config *) this_proto) -#define BFD_SESSION this_bfd_session +#define BFD_IFACE ((struct bfd_iface_config *) this_ipatt) #define BFD_NEIGHBOR this_bfd_neighbor -static struct bfd_session_config *this_bfd_session; static struct bfd_neighbor *this_bfd_neighbor; +extern struct bfd_config *bfd_cf; CF_DECLS -CF_KEYWORDS(BFD, MIN, IDLE, RX, TX, INTERVAL, MULTIPLIER, MULTIHOP, PASSIVE, - NEIGHBOR, DEV) +CF_KEYWORDS(BFD, MIN, IDLE, RX, TX, INTERVAL, MULTIPLIER, PASSIVE, + INTERFACE, MULTIHOP, NEIGHBOR, DEV, LOCAL) %type bfd_neigh_iface %type bfd_neigh_local +%type bfd_neigh_multihop CF_GRAMMAR @@ -34,12 +35,19 @@ CF_ADDTO(proto, bfd_proto) bfd_proto_start: proto_start BFD { this_proto = proto_config_new(&proto_bfd, sizeof(struct bfd_config), $1); + init_list(&BFD_CFG->patt_list); init_list(&BFD_CFG->neigh_list); + + if (bfd_cf) + cf_error("Only one BFD instance allowed"); + bfd_cf = BFD_CFG; }; bfd_proto_item: proto_item - | bfd_neighbor + | INTERFACE bfd_iface + | MULTIHOP bfd_multihop + | NEIGHBOR bfd_neighbor ; bfd_proto_opts: @@ -51,38 +59,41 @@ bfd_proto: bfd_proto_start proto_name '{' bfd_proto_opts '}'; -bfd_session_start: +bfd_iface_start: { - this_bfd_session = cfg_allocz(sizeof(struct bfd_session_config)); + this_ipatt = cfg_allocz(sizeof(struct bfd_iface_config)); + init_list(&this_ipatt->ipn_list); - BFD_SESSION->min_rx_int = BFD_DEFAULT_MIN_RX_INT; - BFD_SESSION->min_tx_int = BFD_DEFAULT_MIN_TX_INT; - BFD_SESSION->idle_tx_int = BFD_DEFAULT_IDLE_TX_INT; - BFD_SESSION->multiplier = BFD_DEFAULT_MULTIPLIER; + BFD_IFACE->min_rx_int = BFD_DEFAULT_MIN_RX_INT; + BFD_IFACE->min_tx_int = BFD_DEFAULT_MIN_TX_INT; + BFD_IFACE->idle_tx_int = BFD_DEFAULT_IDLE_TX_INT; + BFD_IFACE->multiplier = BFD_DEFAULT_MULTIPLIER; }; -bfd_session_item: - INTERVAL expr_us { BFD_SESSION->min_rx_int = BFD_SESSION->min_tx_int = $2; } - | MIN RX INTERVAL expr_us { BFD_SESSION->min_rx_int = $4; } - | MIN TX INTERVAL expr_us { BFD_SESSION->min_tx_int = $4; } - | IDLE TX INTERVAL expr_us { BFD_SESSION->idle_tx_int = $4; } - | MULTIPLIER expr { BFD_SESSION->multiplier = $2; } - | MULTIHOP bool { BFD_SESSION->multihop = $2; } - | PASSIVE bool { BFD_SESSION->passive = $2; } +bfd_iface_item: + INTERVAL expr_us { BFD_IFACE->min_rx_int = BFD_IFACE->min_tx_int = $2; } + | MIN RX INTERVAL expr_us { BFD_IFACE->min_rx_int = $4; } + | MIN TX INTERVAL expr_us { BFD_IFACE->min_tx_int = $4; } + | IDLE TX INTERVAL expr_us { BFD_IFACE->idle_tx_int = $4; } + | MULTIPLIER expr { BFD_IFACE->multiplier = $2; } + | PASSIVE bool { BFD_IFACE->passive = $2; } ; -bfd_session_opts: +bfd_iface_opts: /* empty */ - | bfd_session_opts bfd_session_item ';' + | bfd_iface_opts bfd_iface_item ';' ; -bfd_session_opt_list: +bfd_iface_opt_list: /* empty */ - | '{' bfd_session_opts '}' + | '{' bfd_iface_opts '}' ; -bfd_session: - bfd_session_start bfd_session_opt_list; +bfd_iface: bfd_iface_start iface_patt_list bfd_iface_opt_list +{ add_tail(&BFD_CFG->patt_list, NODE this_ipatt); }; + +bfd_multihop: bfd_iface_start bfd_iface_opt_list +{ BFD_CFG->multihop = BFD_IFACE; }; bfd_neigh_iface: @@ -96,15 +107,26 @@ bfd_neigh_local: | LOCAL ipa { $$ = $2; } ; -bfd_neighbor: NEIGHBOR ipa bfd_neigh_iface bfd_neigh_local bfd_session +bfd_neigh_multihop: + /* empty */ { $$ = 0; } + | MULTIHOP bool { $$ = $2; } + ; + +bfd_neighbor: ipa bfd_neigh_iface bfd_neigh_local bfd_neigh_multihop { this_bfd_neighbor = cfg_allocz(sizeof(struct bfd_neighbor)); add_tail(&BFD_CFG->neigh_list, NODE this_bfd_neighbor); - BFD_NEIGHBOR->addr = $2; - BFD_NEIGHBOR->local = $4; - BFD_NEIGHBOR->iface = $3; - BFD_NEIGHBOR->opts = BFD_SESSION; + BFD_NEIGHBOR->addr = $1; + BFD_NEIGHBOR->local = $3; + BFD_NEIGHBOR->iface = $2; + BFD_NEIGHBOR->multihop = $4; + + if ($4 && $2) + cf_error("Neighbor cannot set both interface and multihop"); + + if ($4 && ipa_zero($3)) + cf_error("Multihop neighbor requires specified local address"); }; diff --git a/proto/bfd/io.c b/proto/bfd/io.c index 2c1f7b03..fb150040 100644 --- a/proto/bfd/io.c +++ b/proto/bfd/io.c @@ -52,6 +52,9 @@ struct birdloop }; +/* + * Current thread context + */ static pthread_key_t current_loop_key; @@ -74,6 +77,9 @@ birdloop_init_current(void) } +/* + * Time clock + */ static void times_update_alt(struct birdloop *loop); @@ -163,6 +169,9 @@ current_time(void) } +/* + * Wakeup code for birdloop + */ static void pipe_new(int *pfds) @@ -244,6 +253,9 @@ wakeup_kick(struct birdloop *loop) } +/* + * Events + */ static inline uint events_waiting(struct birdloop *loop) @@ -279,12 +291,14 @@ ev2_schedule(event *e) } +/* + * Timers + */ #define TIMER_LESS(a,b) ((a)->expires < (b)->expires) #define TIMER_SWAP(heap,a,b,t) (t = heap[a], heap[a] = heap[b], heap[b] = t, \ heap[a]->index = (a), heap[b]->index = (b)) - static inline uint timers_count(struct birdloop *loop) { return loop->timers.used - 1; } @@ -425,6 +439,9 @@ timers_fire(struct birdloop *loop) } +/* + * Sockets + */ static void sockets_init(struct birdloop *loop) @@ -494,12 +511,16 @@ sk_stop(sock *s) static inline uint sk_want_events(sock *s) { return (s->rx_hook ? POLLIN : 0) | ((s->ttx != s->tpos) ? POLLOUT : 0); } +/* +FIXME: this should be called from sock code + static void sockets_update(struct birdloop *loop, sock *s) { if (s->index >= 0) loop->poll_fd.data[s->index].events = sk_want_events(s); } +*/ static void sockets_prepare(struct birdloop *loop) @@ -594,17 +615,21 @@ sockets_fire(struct birdloop *loop) } +/* + * Birdloop + */ static void * birdloop_main(void *arg); struct birdloop * -birdloop_new(pool *p) +birdloop_new(void) { /* FIXME: this init should be elsewhere and thread-safe */ static int init = 0; if (!init) { birdloop_init_current(); init = 1; } + pool *p = rp_new(NULL, "Birdloop root"); struct birdloop *loop = mb_allocz(p, sizeof(struct birdloop)); loop->pool = p; pthread_mutex_init(&loop->mutex, NULL); @@ -640,6 +665,12 @@ birdloop_stop(struct birdloop *loop) die("pthread_join(): %M", rv); } +void +birdloop_free(struct birdloop *loop) +{ + rfree(loop->pool); +} + void birdloop_enter(struct birdloop *loop) @@ -735,4 +766,3 @@ birdloop_main(void *arg) } - diff --git a/proto/bfd/io.h b/proto/bfd/io.h index 4f7c678d..3f166a47 100644 --- a/proto/bfd/io.h +++ b/proto/bfd/io.h @@ -63,6 +63,13 @@ tm2_new_init(pool *p, void (*hook)(struct timer2 *), void *data, uint rec, uint return t; } +static inline void +tm2_set_max(timer2 *t, btime when) +{ + if (when > t->expires) + tm2_set(t, when); +} + /* static inline void tm2_start_max(timer2 *t, btime after) @@ -78,9 +85,11 @@ void sk_stop(sock *s); -struct birdloop *birdloop_new(pool *p); +struct birdloop *birdloop_new(void); void birdloop_start(struct birdloop *loop); void birdloop_stop(struct birdloop *loop); +void birdloop_free(struct birdloop *loop); + void birdloop_enter(struct birdloop *loop); void birdloop_leave(struct birdloop *loop); void birdloop_mask_wakeups(struct birdloop *loop); diff --git a/proto/bfd/packets.c b/proto/bfd/packets.c index 0e24114b..fc2616ca 100644 --- a/proto/bfd/packets.c +++ b/proto/bfd/packets.c @@ -62,7 +62,7 @@ bfd_format_flags(u8 flags, char *buf) void bfd_send_ctl(struct bfd_proto *p, struct bfd_session *s, int final) { - sock *sk = s->bsock->sk; + sock *sk = s->ifa->sk; struct bfd_ctl_packet *pkt = (struct bfd_ctl_packet *) sk->tbuf; char fb[8]; @@ -143,7 +143,7 @@ bfd_rx_hook(sock *sk, int len) s = bfd_find_session_by_addr(p, sk->faddr); /* FIXME: better session matching and message */ - if (!s || !s->opened) + if (!s) return 1; } @@ -155,7 +155,7 @@ bfd_rx_hook(sock *sk, int len) u32 old_tx_int = s->des_min_tx_int; u32 old_rx_int = s->rem_min_rx_int; - s->rem_id = ntohl(pkt->snd_id); + s->rem_id= ntohl(pkt->snd_id); s->rem_state = bfd_pkt_get_state(pkt); s->rem_diag = bfd_pkt_get_diag(pkt); s->rem_demand_mode = pkt->flags & BFD_FLAG_DEMAND; @@ -213,7 +213,7 @@ bfd_open_rx_sk(struct bfd_proto *p, int multihop) return NULL; } -static inline sock * +sock * bfd_open_tx_sk(struct bfd_proto *p, ip_addr local, struct iface *ifa) { sock *sk = sk_new(p->tpool); @@ -246,32 +246,3 @@ bfd_open_tx_sk(struct bfd_proto *p, ip_addr local, struct iface *ifa) rfree(sk); return NULL; } - -struct bfd_socket * -bfd_get_socket(struct bfd_proto *p, ip_addr local, struct iface *ifa) -{ - struct bfd_socket *sk; - - WALK_LIST(sk, p->sock_list) - if (ipa_equal(sk->sk->saddr, local) && (sk->sk->iface == ifa)) - return sk->uc++, sk; - - sk = mb_allocz(p->tpool, sizeof(struct bfd_socket)); - sk->sk = bfd_open_tx_sk(p, local, ifa); - sk->uc = 1; - add_tail(&p->sock_list, &sk->n); - - return sk; -} - -void -bfd_free_socket(struct bfd_socket *sk) -{ - if (!sk || --sk->uc) - return; - - rem_node(&sk->n); - sk_stop(sk->sk); - rfree(sk->sk); - mb_free(sk); -} diff --git a/proto/bgp/bgp.c b/proto/bgp/bgp.c index 7cad75df..07ad31f3 100644 --- a/proto/bgp/bgp.c +++ b/proto/bgp/bgp.c @@ -59,8 +59,9 @@ #include "nest/iface.h" #include "nest/protocol.h" #include "nest/route.h" -#include "nest/locks.h" +#include "nest/bfd.h" #include "nest/cli.h" +#include "nest/locks.h" #include "conf/conf.h" #include "lib/socket.h" #include "lib/resource.h" @@ -76,6 +77,7 @@ static void bgp_close(struct bgp_proto *p, int apply_md5); static void bgp_connect(struct bgp_proto *p); static void bgp_active(struct bgp_proto *p); static sock *bgp_setup_listen_sk(ip_addr addr, unsigned port, u32 flags); +static void bgp_update_bfd(struct bgp_proto *p, int use_bfd); /** @@ -153,8 +155,12 @@ bgp_initiate(struct bgp_proto *p) if (rv < 0) return; + if (p->cf->bfd) + bgp_update_bfd(p, p->cf->bfd); + if (p->startup_delay) { + p->start_state = BSS_DELAY; BGP_TRACE(D_EVENTS, "Startup delayed by %d seconds", p->startup_delay); bgp_start_timer(p->startup_timer, p->startup_delay); } @@ -765,6 +771,37 @@ bgp_neigh_notify(neighbor *n) } } +static void +bgp_bfd_notify(struct bfd_request *req) +{ + struct bgp_proto *p = req->data; + int ps = p->p.proto_state; + + if (req->down && ((ps == PS_START) || (ps == PS_UP))) + { + BGP_TRACE(D_EVENTS, "BFD session down"); + bgp_store_error(p, NULL, BE_MISC, BEM_BFD_DOWN); + if (ps == PS_UP) + bgp_update_startup_delay(p); + bgp_stop(p, 0); + } +} + +static void +bgp_update_bfd(struct bgp_proto *p, int use_bfd) +{ + if (use_bfd && !p->bfd_req) + p->bfd_req = bfd_request_session(p->p.pool, p->cf->remote_ip, p->source_addr, + p->cf->multihop ? NULL : p->neigh->iface, + bgp_bfd_notify, p); + + if (!use_bfd && p->bfd_req) + { + rfree(p->bfd_req); + p->bfd_req = NULL; + } +} + static int bgp_reload_routes(struct proto *P) { @@ -825,6 +862,7 @@ bgp_start(struct proto *P) p->outgoing_conn.state = BS_IDLE; p->incoming_conn.state = BS_IDLE; p->neigh = NULL; + p->bfd_req = NULL; rt_lock_table(p->igp_table); @@ -992,6 +1030,9 @@ bgp_check_config(struct bgp_config *c) ipa_has_link_scope(c->source_addr))) cf_error("Multihop BGP cannot be used with link-local addresses"); + if (c->multihop && c->bfd && ipa_zero(c->source_addr)) + cf_error("Multihop BGP with BFD requires specified source address"); + /* Different default based on rs_client */ if (!c->missing_lladdr) @@ -1034,6 +1075,9 @@ bgp_reconfigure(struct proto *P, struct proto_config *C) || (old->password && new->password && !strcmp(old->password, new->password))) && (get_igp_table(old) == get_igp_table(new)); + if (same && (p->start_state > BSS_PREPARE)) + bgp_update_bfd(p, new->bfd); + /* We should update our copy of configuration ptr as old configuration will be freed */ if (same) p->cf = new; @@ -1115,7 +1159,7 @@ bgp_store_error(struct bgp_proto *p, struct bgp_conn *c, u8 class, u32 code) static char *bgp_state_names[] = { "Idle", "Connect", "Active", "OpenSent", "OpenConfirm", "Established", "Close" }; static char *bgp_err_classes[] = { "", "Error: ", "Socket: ", "Received: ", "BGP Error: ", "Automatic shutdown: ", ""}; -static char *bgp_misc_errors[] = { "", "Neighbor lost", "Invalid next hop", "Kernel MD5 auth failed", "No listening socket" }; +static char *bgp_misc_errors[] = { "", "Neighbor lost", "Invalid next hop", "Kernel MD5 auth failed", "No listening socket", "BFD session down" }; static char *bgp_auto_errors[] = { "", "Route limit exceeded"}; static const char * diff --git a/proto/bgp/bgp.h b/proto/bgp/bgp.h index 77a36715..6da38949 100644 --- a/proto/bgp/bgp.h +++ b/proto/bgp/bgp.h @@ -14,6 +14,7 @@ struct linpool; struct eattr; +struct bfd_request; struct bgp_config { struct proto_config c; @@ -52,8 +53,10 @@ struct bgp_config { unsigned error_delay_time_min; /* Time to wait after an error is detected */ unsigned error_delay_time_max; unsigned disable_after_error; /* Disable the protocol when error is detected */ + char *password; /* Password used for MD5 authentication */ struct rtable_config *igp_table; /* Table used for recursive next hop lookups */ + int bfd; /* Use BFD for liveness detection */ }; #define MLL_SELF 1 @@ -99,6 +102,7 @@ struct bgp_proto { struct bgp_conn incoming_conn; /* Incoming connection we have neither accepted nor rejected yet */ struct object_lock *lock; /* Lock for neighbor connection */ struct neighbor *neigh; /* Neighbor entry corresponding to remote ip, NULL if multihop */ + struct bfd_request *bfd_req; /* BFD request, if BFD is used */ ip_addr source_addr; /* Local address used as an advertised next hop */ rtable *igp_table; /* Table used for recursive next hop lookups */ struct event *event; /* Event for respawning and shutting process */ @@ -287,6 +291,7 @@ void bgp_log_error(struct bgp_proto *p, u8 class, char *msg, unsigned code, unsi #define BEM_INVALID_NEXT_HOP 2 #define BEM_INVALID_MD5 3 /* MD5 authentication kernel request failed (possibly not supported) */ #define BEM_NO_SOCKET 4 +#define BEM_BFD_DOWN 5 /* Automatic shutdown error codes */ diff --git a/proto/bgp/config.Y b/proto/bgp/config.Y index d5e5aaca..0292c234 100644 --- a/proto/bgp/config.Y +++ b/proto/bgp/config.Y @@ -26,7 +26,7 @@ CF_KEYWORDS(BGP, LOCAL, NEIGHBOR, AS, HOLD, TIME, CONNECT, RETRY, PREFER, OLDER, MISSING, LLADDR, DROP, IGNORE, ROUTE, REFRESH, INTERPRET, COMMUNITIES, BGP_ORIGINATOR_ID, BGP_CLUSTER_LIST, IGP, TABLE, GATEWAY, DIRECT, RECURSIVE, MED, TTL, SECURITY, DETERMINISTIC, - SECONDARY) + SECONDARY, BFD) CF_GRAMMAR @@ -110,6 +110,7 @@ bgp_proto: | bgp_proto SECONDARY bool ';' { BGP_CFG->secondary = $3; } | bgp_proto IGP TABLE rtable ';' { BGP_CFG->igp_table = $4; } | bgp_proto TTL SECURITY bool ';' { BGP_CFG->ttl_security = $4; } + | bgp_proto BFD bool ';' { BGP_CFG->bfd = $3; cf_check_bfd($3); } ; CF_ADDTO(dynamic_attr, BGP_ORIGIN diff --git a/proto/ospf/config.Y b/proto/ospf/config.Y index f042e1aa..f06dd311 100644 --- a/proto/ospf/config.Y +++ b/proto/ospf/config.Y @@ -309,6 +309,7 @@ ospf_iface_item: | TX PRIORITY expr { OSPF_PATT->tx_priority = $3; } | TTL SECURITY bool { OSPF_PATT->ttl_security = $3; } | TTL SECURITY TX ONLY { OSPF_PATT->ttl_security = 2; } + | BFD bool { OSPF_PATT->bfd = $2; cf_check_bfd($2); } | password_list ; diff --git a/proto/ospf/hello.c b/proto/ospf/hello.c index d5aa1b95..bac2a589 100644 --- a/proto/ospf/hello.c +++ b/proto/ospf/hello.c @@ -140,6 +140,9 @@ ospf_hello_receive(struct ospf_packet *ps_i, struct ospf_iface *ifa, #ifdef OSPFv3 n->iface_id = ntohl(ps->iface_id); #endif + + if (n->ifa->cf->bfd) + ospf_neigh_update_bfd(n, n->ifa->bfd); } ospf_neigh_sm(n, INM_HELLOREC); diff --git a/proto/ospf/iface.c b/proto/ospf/iface.c index 63c26466..f1409840 100644 --- a/proto/ospf/iface.c +++ b/proto/ospf/iface.c @@ -536,6 +536,7 @@ ospf_iface_new(struct ospf_area *oa, struct ifa *addr, struct ospf_iface_patt *i ifa->check_link = ip->check_link; ifa->ecmp_weight = ip->ecmp_weight; ifa->check_ttl = (ip->ttl_security == 1); + ifa->bfd = ip->bfd; #ifdef OSPFv2 ifa->autype = ip->autype; @@ -840,6 +841,19 @@ ospf_iface_reconfigure(struct ospf_iface *ifa, struct ospf_iface_patt *new) ifa->ecmp_weight = new->ecmp_weight; } + /* BFD */ + if (ifa->bfd != new->bfd) + { + OSPF_TRACE(D_EVENTS, "%s BFD on interface %s", + new->bfd ? "Enabling" : "Disabling", ifname); + ifa->bfd = new->bfd; + + struct ospf_neighbor *n; + WALK_LIST(n, ifa->neigh_list) + ospf_neigh_update_bfd(n, ifa->bfd); + } + + /* instance_id is not updated - it is part of key */ return 1; diff --git a/proto/ospf/neighbor.c b/proto/ospf/neighbor.c index 26d81dce..61224ec2 100644 --- a/proto/ospf/neighbor.c +++ b/proto/ospf/neighbor.c @@ -582,6 +582,36 @@ ospf_neigh_remove(struct ospf_neighbor *n) OSPF_TRACE(D_EVENTS, "Deleting neigbor."); } +static void +ospf_neigh_bfd_hook(struct bfd_request *req) +{ + struct ospf_neighbor *n = req->data; + struct proto *p = &n->ifa->oa->po->proto; + + if (req->down) + { + OSPF_TRACE(D_EVENTS, "BFD session down for %I on %s", + n->ip, n->ifa->iface->name); + + ospf_neigh_remove(n); + } +} + +void +ospf_neigh_update_bfd(struct ospf_neighbor *n, int use_bfd) +{ + if (use_bfd && !n->bfd_req) + n->bfd_req = bfd_request_session(n->pool, n->ip, n->ifa->addr->ip, n->ifa->iface, + ospf_neigh_bfd_hook, n); + + if (!use_bfd && n->bfd_req) + { + rfree(n->bfd_req); + n->bfd_req = NULL; + } +} + + void ospf_sh_neigh_info(struct ospf_neighbor *n) { diff --git a/proto/ospf/neighbor.h b/proto/ospf/neighbor.h index f593faed..e674927d 100644 --- a/proto/ospf/neighbor.h +++ b/proto/ospf/neighbor.h @@ -16,6 +16,7 @@ void bdr_election(struct ospf_iface *ifa); struct ospf_neighbor *find_neigh(struct ospf_iface *ifa, u32 rid); struct ospf_neighbor *find_neigh_by_ip(struct ospf_iface *ifa, ip_addr ip); void ospf_neigh_remove(struct ospf_neighbor *n); +void ospf_neigh_update_bfd(struct ospf_neighbor *n, int use_bfd); void ospf_sh_neigh_info(struct ospf_neighbor *n); #endif /* _BIRD_OSPF_NEIGHBOR_H_ */ diff --git a/proto/ospf/ospf.h b/proto/ospf/ospf.h index f1409af3..46a1c3c1 100644 --- a/proto/ospf/ospf.h +++ b/proto/ospf/ospf.h @@ -46,6 +46,7 @@ do { if ((p->debug & D_PACKETS) || OSPF_FORCE_DEBUG) \ #include "nest/route.h" #include "nest/cli.h" #include "nest/locks.h" +#include "nest/bfd.h" #include "conf/conf.h" #include "lib/string.h" @@ -276,6 +277,7 @@ struct ospf_iface u8 ecmp_weight; /* Weight used for ECMP */ u8 ptp_netmask; /* Send real netmask for P2P */ u8 check_ttl; /* Check incoming packets for TTL 255 */ + u8 bfd; /* Use BFD on iface */ }; struct ospf_md5 @@ -708,6 +710,7 @@ struct ospf_neighbor #define ACKL_DIRECT 0 #define ACKL_DELAY 1 timer *ackd_timer; /* Delayed ack timer */ + struct bfd_request *bfd_req; /* BFD request, if BFD is used */ u32 csn; /* Last received crypt seq number (for MD5) */ }; @@ -818,6 +821,7 @@ struct ospf_iface_patt u8 real_bcast; /* Not really used in OSPFv3 */ u8 ptp_netmask; /* bool + 2 for unspecified */ u8 ttl_security; /* bool + 2 for TX only */ + u8 bfd; #ifdef OSPFv2 list *passwords; diff --git a/proto/radv/radv.c b/proto/radv/radv.c index a6b9b16c..90408536 100644 --- a/proto/radv/radv.c +++ b/proto/radv/radv.c @@ -15,7 +15,7 @@ * The RAdv protocol is implemented in two files: |radv.c| containing * the interface with BIRD core and the protocol logic and |packets.c| * handling low level protocol stuff (RX, TX and packet formats). - * The protocol does not import or export any routes. + * The protocol does not export any routes. * * The RAdv is structured in the usual way - for each handled interface * there is a structure &radv_iface that contains a state related to diff --git a/sysdep/autoconf.h.in b/sysdep/autoconf.h.in index ac6f7a87..a9e46e27 100644 --- a/sysdep/autoconf.h.in +++ b/sysdep/autoconf.h.in @@ -39,10 +39,14 @@ #undef CONFIG_STATIC #undef CONFIG_RIP #undef CONFIG_RADV +#undef CONFIG_BFD #undef CONFIG_BGP #undef CONFIG_OSPF #undef CONFIG_PIPE +/* We use multithreading */ +#undef USE_PTHREADS + /* We have and syslog() */ #undef HAVE_SYSLOG diff --git a/sysdep/unix/io.c b/sysdep/unix/io.c index f0ec6dae..da8343f9 100644 --- a/sysdep/unix/io.c +++ b/sysdep/unix/io.c @@ -538,6 +538,8 @@ sk_free(resource *r) if (s->fd >= 0) { close(s->fd); + + /* FIXME: we should call sk_stop() for SKF_THREAD sockets */ if (s->flags & SKF_THREAD) return; diff --git a/sysdep/unix/log.c b/sysdep/unix/log.c index 67b70773..9dd4d66f 100644 --- a/sysdep/unix/log.c +++ b/sysdep/unix/log.c @@ -36,13 +36,20 @@ static const bird_clock_t rate_limit_time = 5; static const int rate_limit_count = 5; -// XXX add ifdef for threads +#ifdef USE_PTHREADS #include static pthread_mutex_t log_mutex; static inline void log_lock(void) { pthread_mutex_lock(&log_mutex); } static inline void log_unlock(void) { pthread_mutex_unlock(&log_mutex); } +#else + +static inline void log_lock(void) { } +static inline void log_unlock(void) { } + +#endif + #ifdef HAVE_SYSLOG #include -- cgit v1.2.3 From 7c9930f9c8feb3b08f7a9e94a08807ccbbc096f5 Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Thu, 21 Nov 2013 11:36:49 +0100 Subject: Adds a missing file. I forgot to add that to the previous commit. --- nest/bfd.h | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 nest/bfd.h (limited to 'nest') diff --git a/nest/bfd.h b/nest/bfd.h new file mode 100644 index 00000000..79c3c921 --- /dev/null +++ b/nest/bfd.h @@ -0,0 +1,51 @@ +/* + * BIRD -- Bidirectional Forwarding Detection (BFD) + * + * Can be freely distributed and used under the terms of the GNU GPL. + */ + +#ifndef _BIRD_NBFD_H_ +#define _BIRD_NBFD_H_ + +#include "lib/lists.h" +#include "lib/resource.h" + +struct bfd_session; + +struct bfd_request { + resource r; + node n; + + ip_addr addr; + ip_addr local; + struct iface *iface; + + void (*hook)(struct bfd_request *); + void *data; + + struct bfd_session *session; + + u8 state; + u8 diag; + u8 old_state; + u8 down; +}; + + +#ifdef CONFIG_BFD + +struct bfd_request * bfd_request_session(pool *p, ip_addr addr, ip_addr local, struct iface *iface, void (*hook)(struct bfd_request *), void *data); + +static inline void cf_check_bfd(int use) { } + +#else + +static inline struct bfd_request * bfd_request_session(pool *p, ip_addr addr, ip_addr local, struct iface *iface, void (*hook)(struct bfd_request *), void *data) { return NULL; } + +static inline void cf_check_bfd(int use) { if (use) cf_error("BFD not available"); } + +#endif /* CONFIG_BFD */ + + + +#endif /* _BIRD_NBFD_H_ */ -- cgit v1.2.3 From 548c329cde371bceef05f86b7f904378a392d89c Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Fri, 22 Nov 2013 01:20:32 +0100 Subject: Adds rate limiting to some log messages. --- nest/rt-table.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'nest') diff --git a/nest/rt-table.c b/nest/rt-table.c index 16dd9bcd..fc554081 100644 --- a/nest/rt-table.c +++ b/nest/rt-table.c @@ -636,6 +636,7 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str struct proto *p = ah->proto; struct rtable *table = ah->table; struct proto_stats *stats = ah->stats; + static struct rate_limit rl_pipe; rte *before_old = NULL; rte *old_best = net->routes; rte *old = NULL; @@ -659,7 +660,7 @@ rte_recalculate(struct announce_hook *ah, net *net, rte *new, ea_list *tmpa, str { if (new) { - log(L_ERR "Pipe collision detected when sending %I/%d to table %s", + log_rl(&rl_pipe, L_ERR "Pipe collision detected when sending %I/%d to table %s", net->n.prefix, net->n.pxlen, table->name); rte_free_quick(new); } @@ -1271,6 +1272,7 @@ rt_init(void) static inline int rt_prune_step(rtable *tab, int step, int *max_feed) { + static struct rate_limit rl_flush; struct fib_iterator *fit = &tab->prune_fit; DBG("Pruning route table %s\n", tab->name); @@ -1305,7 +1307,7 @@ again: } if (step) - log(L_WARN "Route %I/%d from %s still in %s after flush", + log_rl(&rl_flush, L_WARN "Route %I/%d from %s still in %s after flush", n->n.prefix, n->n.pxlen, e->attrs->proto->name, tab->name); rte_discard(tab, e); -- cgit v1.2.3