Commit graph

700 commits

Author SHA1 Message Date
Pavel Tvrdik
f6e8e141df Check table type at `show route for ...' 2016-12-07 09:35:24 +01:00
Pavel Tvrdík
65d2a88dd2 RPKI protocol with one cache server per protocol
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...
2016-12-07 09:35:24 +01:00
Pavel Tvrdik
0eb7f17d9a nest/a-path.c: Fix description of BS constant (block size) 2016-11-30 11:57:35 +01:00
Ondrej Zajicek (work)
261816b0d4 BGP: Cluster list item should be prepended
Commit 3c09af41... changed behavior of int_set_add() from prepend to
append, which makes more sense for community list, but prepend must be
used for cluster list. Add int_set_prepend() and use it in cluster list
handling code.
2016-11-15 16:24:39 +01:00
Pavel Tvrdik
5e3cd0e5b5 Birdtest: Replace BT_SUCCESS and BT_FAILURE with 1 and 0 2016-11-11 17:43:09 +01:00
Ondrej Zajicek (work)
9b0a0ba9e6 Unit Testing for BIRD
- Unit Testing Framework (BirdTest)
 - Integration of BirdTest into the BIRD build system
 - Tests for several BIRD modules

 Based on squashed Pavel Tvrdik's int-test branch, updated for
 current int-new branch.
2016-11-09 16:36:34 +01:00
Ondrej Zajicek (work)
8860e991f6 Merge branch 'master' into int-new 2016-11-08 19:27:58 +01:00
Ondrej Zajicek (work)
cc5b93f72d Merge tag 'v1.6.2' into int-new 2016-11-08 17:04:29 +01:00
Ondrej Zajicek (work)
390601f038 RIP: Use message authentication interface
Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Pavel Tvrdík
56cb3bedc2 Nest: Add support for MAC algorithms in grammar 2016-11-02 16:23:53 +01:00
Ondrej Zajicek (work)
de2a27e255 Add generic message authentication interface
Add generic interface for generating and verifying MACs (message
authentication codes). Replace multiple HMAC implementation with
a generic one.
2016-11-02 16:23:53 +01:00
Jan Moskyto Matejka
3e236955c9 Build: switch on -Wextra, get rid of most of the warnings
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
2016-11-01 14:52:54 +01:00
Pavel Tvrdik
3c09af4169 Clist: The add() function will append a new value
The add() function used to prepend a new community to clist, but after
this fix the add() function appends new community.
2016-10-13 16:59:15 +02:00
Jan Moskyto Matejka
2e7fb11a6e Fixed memory bloating on kernel merge paths together with export filter.
Some memory was being allocated from bad linpool, not from the given one
as they should.

Thanks to Madhu and Justin Cattle for reporting this.
2016-10-12 14:22:01 +02:00
Pavel Tvrdik
9df52a98e2 Doc: Change debug to { flag1|flag2|flag3 [, ...] } style
Thanks to Micah Anderson for bug report and Ondrej Zajicek for the idea!
2016-10-12 12:48:29 +02:00
Pavel Tvrdik
9fcb9637b5 Nest: Remove trailing whitespaces 2016-10-12 12:48:29 +02:00
Ondrej Zajicek (work)
a46e01eeef Nest: Fix signedness of large communities 2016-10-04 12:45:39 +02:00
Ondrej Zajicek (work)
66dbdbd993 BGP: Support for large communities
Add support for large communities (draft-ietf-idr-large-community),
96bit alternative to RFC 1997 communities.

Thanks to Matt Griswold for the original patch.
2016-10-03 12:48:56 +02:00
Pavel Tvrdik
a290da25a1 rt-table: Fix kernel protocol export filter memory bug
Kernel protocol calls rt_export_merged(), which used @rte_update_pool for
temporary allocations, supposing it is called from other functions from
rt-table.c that handles locking and flushing of the linpool. Therefore,
linpool was not flushed properly and memory leaked.

Add linpool argument to rt_export_merged() and use @krt_filter_lp when
called from kernel protocol.

Thanks to Justin Cattle and Alexander Frolkin for the bugreport.

(Commit squashed and updated by Ondrej Zajicek)
2016-09-15 15:57:51 +02:00
Ondrej Zajicek (work)
84cac51a51 Nest: Keep multipath next hops sorted 2016-09-14 11:53:54 +02:00
Pavel Tvrdik
d107ef78df Whitespace fixes 2016-08-16 13:02:32 +02:00
Ondrej Zajicek (work)
12640c1499 Babel: Documentation updates
This updates the documentation to correctly mention Babel when protocols
are listed, and adds examples and route attribute documentation to the
Babel section of the docs.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-07-19 12:16:51 +02:00
Ondrej Filip
6887f409f0 Prepare for longer interface names - clean up of the code. 2016-07-17 14:54:52 +02:00
Ondrej Filip
a0fe1944d1 Add AS# ranges to bgpmask. 2016-06-08 16:22:44 +02:00
Jan Moskyto Matejka
5af7b59660 Merge branch 'int-new' of gitlab.labs.nic.cz:labs/bird into int-new 2016-05-13 13:48:04 +02:00
Jan Moskyto Matejka
d39d41fbda Hash: Fix of previous commit 2016-05-13 13:46:46 +02:00
Ondrej Zajicek (work)
659f80f262 Make int-new compilable again 2016-05-12 21:47:29 +02:00
Ondrej Zajicek (work)
776d6b2c05 Merge remote-tracking branch 'origin/int-new' into int-new 2016-05-12 18:11:12 +02:00
Ondrej Zajicek (work)
af678af0d5 Merge remote-tracking branch 'origin/master' into int-new 2016-05-12 18:03:23 +02:00
Jan Moskyto Matejka
54ac0becee Hash: fixed rta hashing wrt. structure padding 2016-05-12 16:16:25 +02:00
Ondrej Zajicek (work)
286e2011d2 Miscellaneous minor fixes 2016-05-12 16:04:47 +02:00
Pavel Tvrdik
8e433d6a52 Prog Doc: Complete several missing parameters 2016-05-12 15:49:44 +02:00
Jan Moskyto Matejka
0c6dfe5236 Merge branch 'int-new' into int-new-merged 2016-05-10 14:30:49 +02:00
Jan Moskyto Matejka
92912f063a Merge remote-tracking branch 'origin/rte-update' into int-new 2016-05-10 14:21:15 +02:00
Jan Moskyto Matejka
7152e5efbb Build system reworked to one global Makefile with includes and no nesting
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.

Fixed make doc on recent Debian together with moving generated doc into
objdir.

Moved Makefile.in into root dir

Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
2016-05-10 14:07:34 +02:00
Ondrej Zajicek (work)
937e75d8f1 Add the Babel routing protocol (RFC 6126)
This patch implements the IPv6 subset of the Babel routing protocol.
Based on the patch from Toke Hoiland-Jorgensen, with some heavy
modifications and bugfixes.

Thanks to Toke Hoiland-Jorgensen for the original patch.
2016-04-28 18:01:40 +02:00
Ondrej Zajicek (work)
e90dd656cc Direct: Implement check link for direct protocol
When enabled, direct protocol generates routes only if the underlying
link state is up.
2016-04-08 15:11:21 +02:00
Jan Moskyto Matejka
2003a18407 Route update: move table lookup from protocols into rte_update2().
Many protocols do almost the same when creating a rte_update request
before calling rte_update2(). This commit should simplify the protocol
side of the route-creation routine.
2016-04-08 13:09:06 +02:00
Jan Moskyto Matejka
7a7ac65682 Merge branch 'master' into int-new-channels 2016-04-08 12:28:33 +02:00
Jan Moskyto Matejka
4bdf1881dc Channelize: rt_notify arg conversion table -> channel 2016-04-07 10:08:23 +02:00
Jan Moskyto Matejka
0c8c8151fc Merge branch 'int-new-channels' of gitlab.labs.nic.cz:labs/bird into int-new-channels 2016-04-07 09:58:31 +02:00
Ondrej Zajicek (work)
06edbb67ed Nest: Reset export route counter during graceful restart
Counter exp_routes is increased during initial route feed after GR
recovery, so it has to start with zero, otherwise BIRD will end with
double value in exp_routes.
2016-04-07 01:10:24 +02:00
Ondrej Zajicek (work)
e86cfd41d9 KRT: Fix route learn scan when route changed
When a kernel route changed, function krt_learn_scan() noticed that and
replaced the route in internal kernel FIB, but after that, function
krt_learn_prune() failed to propagate the new route to the nest, because
it confused the new route with the (removed) old best route and decided
that the best route did not changed.

Wow, the original code (and the bug) is almost 17 years old.
2016-04-06 11:46:25 +02:00
Pavel Tvrdík
79a4f74a65 BGP: Add documentaion for extended messages 2016-03-17 18:40:54 +01:00
Pavel Tvrdík
43fd8fae52 nest/proto fix local_debug mode 2016-03-10 16:07:44 +01:00
Pavel Tvrdík
062d18fdb1 Fix typo 2016-03-10 16:07:44 +01:00
Jan Moskyto Matejka
a815d62d59 Hash: typecast error fix 2016-02-19 16:33:07 +01:00
Ondrej Zajicek (work)
9c9cc35c02 Filter: Implement last_nonaggregated operator on bgp_path 2016-02-16 17:33:58 +01:00
Jan Moskyto Matejka
9a74622ca1 Updated RTA hashes to 32-bit values.
... and reworked the hashes a bit. Also added mem_hash function
which just computes a hash of given memory block.
2016-02-10 13:26:07 +01:00
Pavel Tvrdík
1bb3ecb2a5 Fix closing flushed channel
Fix reading from freed memory.
  Free at: channel_set_state(c, CS_DOWN)
  Read at: WALK_LIST2_DELSAFE(c, n, x, tab->channels, table_node)

==00:00:00:00.261 24718==
==00:00:09:31.755 24718== Invalid read of size 8
==00:00:09:31.755 24718==    at 0x4061BA: rt_prune_table (rt-table.c:1688)
==00:00:09:31.755 24718==    by 0x405D5E: rt_event (rt-table.c:1559)
==00:00:09:31.755 24718==    by 0x45D089: ev_run (event.c:85)
==00:00:09:31.755 24718==    by 0x45D158: ev_run_list (event.c:142)
==00:00:09:31.755 24718==    by 0x462814: io_loop (io.c:2412)
==00:00:09:31.755 24718==    by 0x468712: main (main.c:833)
==00:00:09:31.755 24718==  Address 0x5601538 is 136 bytes inside a block of size 304 free'd
==00:00:09:31.755 24718==    at 0x4C29D2A: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==00:00:09:31.755 24718==    by 0x46FF3E: rfree (resource.c:166)
==00:00:09:31.755 24718==    by 0x470309: mb_free (resource.c:415)
==00:00:09:31.755 24718==    by 0x406A6B: rt_unlock_table (rt-table.c:1921)
==00:00:09:31.755 24718==    by 0x40DAE3: channel_do_down (proto.c:297)
==00:00:09:31.755 24718==    by 0x40DD46: channel_set_state (proto.c:359)
==00:00:09:31.755 24718==    by 0x4061AD: rt_prune_table (rt-table.c:1692)
==00:00:09:31.755 24718==    by 0x405D5E: rt_event (rt-table.c:1559)
==00:00:09:31.755 24718==    by 0x45D089: ev_run (event.c:85)
==00:00:09:31.755 24718==    by 0x45D158: ev_run_list (event.c:142)
==00:00:09:31.755 24718==    by 0x462814: io_loop (io.c:2412)
==00:00:09:31.755 24718==    by 0x468712: main (main.c:833)
==00:00:09:31.755 24718==  Block was alloc'd at
==00:00:09:31.755 24718==    at 0x4C28C10: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==00:00:09:31.755 24718==    by 0x470FBC: bird_xmalloc (xmalloc.c:29)
==00:00:09:31.755 24718==    by 0x4701E6: mb_alloc (resource.c:339)
==00:00:09:31.755 24718==    by 0x406C29: rt_commit (rt-table.c:1977)
==00:00:09:31.755 24718==    by 0x45C36D: config_do_commit (conf.c:269)
==00:00:09:31.755 24718==    by 0x45C545: config_commit (conf.c:361)
==00:00:09:31.755 24718==    by 0x4686F9: main (main.c:822)
==00:00:09:31.755 24718==
2016-02-08 16:08:50 +01:00
Jan Moskyto Matejka
2a013bb3a0 Fixed sigsegv for missing proto->rt_notify hook
If rt_notify is NULL, the export must always stay DOWN.
2016-02-01 16:01:18 +01:00
Ondrej Zajicek (work)
f4a60a9bc4 Channels - explicit links between protocols and tables
The patch adds support for channels, structures connecting protocols and
tables and handling most interactions between them. The documentation is
missing yet.
2016-02-01 10:28:50 +01:00
Pavel Tvrdík
9f5782d969 Add 'GENERATE/ACCEPT FROM datetime TO datetime' to password options 2016-01-28 17:16:53 +01:00
Jan Moskyto Matejka
3f35816136 BSD: Explicitly dropping routes with mismatched AF's. 2016-01-21 14:55:33 +01:00
Pavel Tvrdík
650b418942 Delete old ROA code 2016-01-20 16:46:58 +01:00
Pavel Tvrdík
0264ccf6f4 Rewrite roa_check() for integrated BIRD
Thanks to Ondrej Zajicek for his support with writing this code.
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
cb1bd816db Add ROA_* constants values to grammar of configuration
Add ROA_UNKNOWN, ROA_VALID and ROA_INVALID
2016-01-20 16:46:58 +01:00
Pavel Tvrdík
f9d729ab68 NET ROAx: add max_pxlen, fix format 2016-01-14 14:31:55 +01:00
Pavel Tvrdík
b9f5692186 Fix check in net_route() in debug mode 2016-01-07 18:24:14 +01:00
Pavel Tvrdík
de9b87f558 Add NET ROA4/6 structures 2016-01-07 18:21:31 +01:00
Ondrej Zajicek (work)
74c838a870 Move ID allocator to a separate file and use it also in OSPF 2015-12-29 15:42:12 +01:00
Ondrej Zajicek (work)
04632fd77f Follow-up work on integration 2015-12-24 15:56:04 +01:00
Ondrej Zajicek (work)
600998fcb1 Modify FIB_WALK() and FIB_ITERATE() to work with new FIB code
Returned user data pointers have offset relative to fib_node.
2015-12-21 20:28:44 +01:00
Ondrej Zajicek (work)
0bf95f99e6 Follow-up work on integration
Contains some patches from Jan Moskyto Matejka
2015-12-21 17:17:21 +01:00
Ondrej Zajicek (work)
23c212e7f1 Follow-up work on integration 2015-12-21 03:33:18 +01:00
Ondrej Zajicek (work)
0f7d5b1a88 Nest: Reimplement fib_route() and add some consts 2015-12-20 18:16:48 +01:00
Jan Moskyto Matejka
7fd4143ead Integrated address print lengths
Minor changes by Ondrej Santiago Zajicek
2015-12-20 13:47:39 +01:00
Jan Moskyto Matejka
9656dce72e ROA code switchoff 2015-12-20 13:04:07 +01:00
Jan Moskyto Matejka
5e173e9f63 Stop perusing f_prefix for non-prefix-set uses
Multiple changes by Ondrej Santiago Zajicek
2015-12-19 23:49:47 +01:00
Jan Moskyto Matejka
d7661fbe9d Removed BITS_PER_IP_ADDRESS, MAX_PREFIX_LENGTH, BIRD_AF
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.

Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-19 15:57:09 +01:00
Jan Moskyto Matejka
9b136840d9 Netlink and BSD: Integrating IPv4 and IPv6
Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-18 20:03:47 +01:00
Ondrej Zajicek (work)
04ae8ddaa1 Merge branch 'master' into int-new 2015-11-25 14:24:35 +01:00
Ondrej Zajicek (work)
90f78507f4 Merge branch 'master' into rip-new 2015-11-24 15:21:11 +01:00
Ondrej Zajicek (work)
d44e686e9b Follow-up commit on integrated BIRD
Use net_addr for interface address prefixes, support net_addr in
configuration parser.
2015-11-12 02:03:59 +01:00
Ondrej Zajicek (work)
86b4e17001 Nest: Fixes bug in missing cleanup during table removal
When a table is removed during reconfiguration, a reference was not
cleared in the old configuration, which breaks undo.
2015-11-09 01:01:12 +01:00
Ondrej Zajicek (work)
9b9a7143c4 Conf: Fixes bug in symbol lookup during reconfiguration
Symbol lookup by cf_find_symbol() not only did the lookup but also added
new void symbols allocated from cfg_mem linpool, which gets broken when
lookups are done outside of config parsing, which may lead to crashes
during reconfiguration.

The patch separates lookup-only cf_find_symbol() and config-modifying
cf_get_symbol(), while the later is called only during parsing. Also
new_config and cfg_mem global variables are NULLed outside of parsing.
2015-11-09 00:42:02 +01:00
Ondrej Zajicek (work)
fe9f1a6ded Initial commit on integrated BIRD
New data types net_addr and variants (in lib/net.h) describing
network addresses (prefix/pxlen). Modifications of FIB structures
to handle these data types and changing everything to use these
data types instead of prefix/pxlen pairs where possible.

The commit is WiP, some protocols are not yet updated (BGP, Kernel),
and the code contains some temporary scaffolding.

Comments are welcome.
2015-11-05 12:48:52 +01:00
Ondrej Zajicek (work)
8eb8e546dc Merge branch 'master' into rip-new 2015-10-17 14:44:34 +02:00
Ondrej Zajicek (work)
acb04cfdc5 Minor changes 2015-10-17 14:43:37 +02:00
Ondrej Zajicek (work)
8465dccb06 Major RIP redesign
The new RIP implementation fixes plenty of old bugs and also adds support
for many new features: ECMP support, link state support, BFD support,
configurable split horizon and more. Most options are now per-interface.
2015-10-05 13:18:10 +02:00
Ondrej Zajicek
c7b99a932c Nest: Fixes one of previous commit 2015-07-28 15:08:21 +02:00
Ondrej Zajicek
538264cf1a Static: Support for BFD controlled static routes 2015-07-24 18:02:07 +02:00
Ondrej Zajicek
17661ff934 Nest: Fixes symbols in router id
Thanks to Peter Hudec for noticing the problem.
2015-07-18 19:30:35 +02:00
Ondrej Zajicek
ab4da3423d Direct: Fixes behavior for the same routes on different interfaces
Thanks to Andrew (seti.kr.ua) for the bug report.
2015-07-18 13:05:05 +02:00
Ondrej Zajicek
8d9eef1771 BGP multipath support
Kernel option 'merge paths' allows to merge routes exported to kernel
protocol (currently BGP and static routes) to multipath routes.
2015-06-08 02:24:08 +02:00
Ondrej Zajicek
db027a41d4 Fixes subtle bug in temporary attribute handling
In some cases, export filter accessed attributes of a different route.
2015-06-08 02:24:08 +02:00
Ondrej Zajicek
d217ba5111 Moving of mulipath merging code from OSPF to nest 2015-06-08 02:24:08 +02:00
Ondrej Zajicek
ca34698ca6 Fixes bug in pipe feeding when filtered routes are kept in table 2015-06-08 02:24:08 +02:00
Pavel Tvrdík
ae80a2de95 unsigned [int] -> uint 2015-06-08 02:24:08 +02:00
Pavel Tvrdík
e348ef01b4 unsgined char -> byte 2015-06-08 02:24:08 +02:00
Ondrej Zajicek
9fe1d3ca8a Fixes unnamed protocols from templates 2015-05-22 11:12:48 +02:00
Ondrej Zajicek
d0e23d42de Simplify flushing process
Related to changes from previous patch.
2015-05-17 00:56:34 +02:00
Ondrej Zajicek
86f567e13c Fix minor issue in pipe route propagation
In some circumstances during reconfiguration, routes propagated by pipes
to other tables may hang there even after the primary routes are removed.

There is already a workaround for this issue in the code which removes
these stale routes by flush process when source protocols are shut down.

This patch is a cleaner fix and allows to simplify the flush process
2015-05-16 20:17:59 +02:00
Ondrej Zajicek
9fdf9d29b6 KRT: Add support for plenty of kernel route metrics
Linux kernel route metrics (RTA_METRICS netlink route attribute) are
represented and accessible as new route attributes:

krt_mtu, krt_window, krt_rtt, krt_rttvar, krt_sstresh, krt_cwnd, krt_advmss,
krt_reordering, krt_hoplimit, krt_initcwnd, krt_rto_min, krt_initrwnd,
krt_quickack, krt_lock_mtu, krt_lock_window, krt_lock_rtt, krt_lock_rttvar,
krt_lock_sstresh, krt_lock_cwnd, krt_lock_advmss, krt_lock_reordering,
krt_lock_hoplimit, krt_lock_rto_min, krt_feature_ecn, krt_feature_allfrag
2015-05-12 16:42:22 +02:00
Ondrej Zajicek
315f23a047 Add bitfield route attribute type 2015-05-10 19:44:10 +02:00
Ondrej Zajicek
9aed29e605 BGP: Enhanced route refresh (RFC 7313) support
Also hook feed_done is renamed to feed_end.
2015-03-29 18:29:49 +02:00
Ondrej Filip
a5a5a41e2e Possibility to define unnamed protocols from template added. 2015-03-09 23:59:26 +01:00
Ondrej Zajicek
8bcb5fb1e8 Implement latency tracking, internal event log and watchdog 2015-03-02 09:41:14 +01:00
Ondrej Zajicek
2bbc308321 Store protocol config size inside protocol structure
Make proto_config_new() use this info instead of supplied size.

Thanks to Alexander V. Chernikov for the patch.
2015-02-21 21:08:23 +01:00
Pavel Tvrdík
6264aad16f Minor fixes 2015-02-21 20:11:02 +01:00