| Age | Commit message (Collapse) | Author |
|---|
|
Currently, the "FlowSpecComponentItem" uses int type for the "Op" and
"Value" fields, but Golang int type has 4 bytes length on the 32-bit
env and 8 bytes length on the 64-bit env.
For example, to support the SNAP (Type 20) rule, which has 5 bytes
value field, int type has not enough length on 32-bit env.
This patch fixes to use the fixed length integer types for the
FlowSpec components and avoid overflows of value range.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Currently, the parser for the string representation of FlowSpec rules
splits the given string into characters and validates them character
by character.
So we need to handle the unexpected white spaces carefully.
This patch introduces the regular expressions to parse the FlowSpec
rules and simplify the parsers.
Also improves robustness for the unexpectedly inserted white spaces
like "& == tcp".
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
This patch introduces String() functions for the flags and reserved
values related to the FlowSpec rules.
Also removes the unused types and functions.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Currently, if the both NOT and MATCH bit are set for the FlowSpec
bitmask operand, the string representation will be "=!".
For the readability and the consistency with the representation of
numeric operator, it should be "!=".
This patch inverts "=!" into "!=" for the bitmask operand.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Currently, we sort the FlowSpec rules when creating a new path
containing the FlowSpec NLRI and when parsing CLI arguments for
the FlowSpec rules.
This patch moves sorting the rules into the inside of the "packet"
module and sorts them when decoding binary and creating new NLRI.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
V4 NLRI needs more 4 bytes with addpath enabled.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch supports EVPN Router's MAC Extended Community which described
on "draft-ietf-bess-evpn-inter-subnet-forwarding".
According to "draft-ietf-bess-evpn-prefix-advertisement" This extended
community might be carried with EVPN IP Prefix Route NLRI.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
According to "draft-ietf-bess-evpn-prefix-advertisement-08", the GW IP
field SHOULD be zero if it is not used, but currently, GoBGP skips
encoding the GW IP field (not composed).
This patch fixes to fill zeros to solve this problem.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
This patch enables to check the value range of Label included in EVPN
routes or PMSI Tunnel attribute when decoding and serialising it.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
This patch fixes to use the string representation of ESI in the string
representation of EVPN Ethernet Segment Route.
Currently, displayed in the default representation of ESI structure.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Currently, the value field of EVPN ESI might be corrupted when ESI type
is ARBITRARY (not "single-homed") or unknown type because the value
field will be formatted as the raw byte slice in this case.
This patch fixes to convert the byte slice into the colon separated hex
values which is corresponding to the format of the CLI input.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Currently, the representation of AS number in EVPN ESI Type AS (Type 5)
uses the colon separated 2 octet values format, but in other places,
the AS4_PATH attribute for example, the single decimal format is used.
This patch fixes to use the decimal AS number for the consistency with
the AS_PATH/AS4_PATH attributes and also the CLI input format.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
This patch introduces a new function to parse EVPN ESI from string slice
which passed via CLI for example.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
This patch renames some variable names in snake case (e.g.,
"last_byte_value") to that in the camel case (e.g., "lastByte")
because Go prefers the camel case for variable names.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
|
|
RFC 5065 says that:
"It is a error for a BGP speaker to receive an update message from a
confederation peer that is not in the same Member-AS that does not
have AS_CONFED_SEQUENCE as the first segment."
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
In the near feature (likely in Go1.10),
'go test' will never work if 'go vet' fails.
(See: https://github.com/golang/go/issues/18084)
This commit is for dealing with such a situation
(and also for improving the quality of our code).
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Currently, the parsing results of flags in flowsspec filter
will be varied every time they are parsed.
For example, the tcp-flag '=UFP' may be represented to '=UPF' or '=PUF'
and so on.
This is due to the use of interation to map. Iterations over maps
does not happen in a consistent order.
This fixes it by iterating sorted slices instead of maps.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
RFC7432 and draft-ietf-bess-evpn-prefix-advertisement says some fields
in EVPN NLRIs (e.g., MPLS Label(s)) should no be treated as the route
key, but currently, GoBGP's string representations of EVPN NLRIs include
all fields.
So the paths should be treated as the same (e.g., only different in MPLS
Label and other field is the same) can be treated as the different.
This patch removes non route key fields from NLRI string representation
and fixes this problem.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
This patch enables GoBGP to keep the session established
even if the received BGPUpdate message contains some errors,
and to handle these errors according to what defined in RFC7606.
This feature is enabled when 'treat-as-withdraw' in
'neighbors.error-handling.config' is specified to true
in the GoBGP config file.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
For Revised Error Handling(RFC7606),
this patch modifies the BGPUpdate message decoder/validator
to return ErrorHandling according to what was detected as an error.
In addition, this patch adds some validation defined in RFC7606.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
This patch extends MessageError to contain error handling level
and error path attribute.
These informations are needed to Revised Error Handling (RFC7606).
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
RFC4760 says "An UPDATE message that carries the MP_REACH_NLRI
MUST also carry the ORIGIN and the AS_PATH attributes".
This patch adds a validation to comply with it.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
add-path support needs two identifiers, remote (rx) and local
(tx). The remote identifiers are assigined by remote peers, the local
ones are assigned by gobgpd itself.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
RFC 5575 suggests using "bitmask operand format" for fragmentation
field, but GoBGP does not have an interface to configure it.
This patch introduce the way to configure bitmask operands for
"fragment" field.
The syntax is similar to TCP flags rules.
For example:
=not-a-fragment
=is-fragment&!last-fragment
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
This flag format is not only used for "tcp-flag" field,
but also "fragment" field.
To express the above, this patch renames the format.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Currently, if TCP Flags field is specified from CLI command,
GoBGP sets 'AND' bit to the invalid operand.
RFC 5575 says it represents the previous term is logically ANDed or not,
and "It should be unset in the first operator byte of a sequence".
This patch fixes this to comply with RFC5575.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
|
|
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
|
|
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
support for IPv6 NLRI with IPv4 nexthop
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
|
|
since BGP unnumbered peers are typically trusted, skip asn negotiation
for easy configuration.
from configuration file:
```toml
[[neighbors]]
[[neighbors.config]]
neighbor-interface = "eth0"
```
from cli:
```
$ gobgp neighbor add interface eth0
```
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
|
|
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
|
|
Current mp-reach-nlri attribute decoder/encoder assumes NLRI's address family
and that of nexthop is the same.
However, when extended nexthop capability(RFC5549) is negotiated, this
is not the case. This commit removes the assumption.
Signed-off-by: ISHIDA Wataru <ishida.wataru@lab.ntt.co.jp>
|
|
|
|
This patch proposes a new way to configure BGP flowspec TCP flags
rules It allows to comply with RFC 5575 by defining flags like this
=SA =A / '!SA' / '=SA&=!U' = means match, ! means not, & means and,
all TCP flags are identified by their first charater S for SYN A for
Ack ...
|
|
|
|
This patch enable to send an arbitrary message on the Cease NOTIFICATION
message with "Administrative Shutdown" and "Administrative Reset" subcodes
with "--reason" option.
Usage:
$ gobgp neighbor <neighbor address> shutdown --reason "some messages"
$ gobgp neighbor <neighbor address> reset --reason "some messages"
Reference: https://tools.ietf.org/html/draft-ietf-idr-shutdown-04
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
