Jerry/bird
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
3937 commits 6 branches 1 tag 7.1 MiB
Commit graph

27 commits

Author SHA1 Message Date
Maria Matejka 605ff0a0eb RPKI: wait for retry_time if we get error immediately after connected 2022-10-03 17:09:02 +02:00
Maria Matejka 652be92a21 Merge remote-tracking branch 'origin/master' into haugesund-to-2.0 2022-05-30 15:20:21 +02:00
Ondrej Zajicek 7bb06b34a1 RPKI: Display cache server port on show protocol 
Thanks to Luiz Amaral for the idea.
 2022-05-21 16:03:08 +02:00
Maria Matejka 4a23ede2b0 Protocols have their own explicit init routines 2022-04-06 18:14:08 +02:00
Maria Matejka 5cff1d5f02 Route: moved rte_src pointer from rta to rte 
It is an auxiliary key in the routing table, not a route attribute.
 2021-10-13 19:09:04 +02:00
Maria Matejka eb937358c0 Preference moved to RTA and set explicitly in protocols 2021-10-13 19:09:04 +02:00
Ondrej Zajicek (work) 47d92d8f9d Nest: Clean up main channel handling 
Remove assumption that main channel is the only channel.
 2021-09-10 17:32:05 +02:00
Ondrej Zajicek (work) f761be6b30 Nest: Clean up main channel handling 
Remove assumption that main channel is the only channel.
 2021-06-17 16:56:51 +02:00
Ondrej Zajicek (work) 17663b6a7c RPKI: Remove port (and SSH username) from 'Cache server' output line 
It was mixed-up if hostname is IPv6 address, and reporting separate
values (like port) on separate lines fits better into key-value style
of 'show protocols all' output. Also, the patch simplifies transport
identification formatting (although it is unused now).

Thanks to Alarig Le Lay for the suggestion.
 2021-01-07 06:04:31 +01:00
Ondrej Zajicek (work) fc1e3211b1 RPKI: Add 'ignore max length' option 
Add 'ignore max length' option to RPKI protocol, which ignores received
max length in ROA records and instead uses max value (32 or 128). This
may be useful for implementing loose RPKI check for blackholes.
 2020-10-11 01:00:54 +02:00
Kazuki Yamaguchi 19f8f17320 RPKI: Fix unnecessary reconnection on reconfiguration 
Compare the new timing parameters with the old configuration, not with
the temporary state of the current connection.

The timing values in struct rpki_cache is updated by a version 1 End Of
Data PDU, unless this behavior is suppressed by the configuration
explicitly by the "keep" keyword. Consequently, every reconfiguration
of BIRD triggers a reconnection even if it is not necessary.
 2020-06-03 15:05:35 +02:00
Maria Matejka 027a3e66f7 RPKI: Allow build without libSSH 2020-02-04 10:15:35 +01:00
Ondrej Zajicek (work) 15b0a92294 RPKI: Fix reconfiguration when ssh parameters are undefined 2019-07-23 01:52:18 +02:00
Jan Maria Matejka ee7e2ffd26 Protocol: Introducing an enum protocol_class 
This supersedes the EAP_* constants.
 2018-05-29 12:35:06 +02:00
Ondrej Zajicek (work) 72163bd5f3 Nest: Allow modification of channels inherited from templates 
Multiple definitions of same channels are forbidden, but inherited
channel can be redefined. In such case channel options are merged.
 2018-01-09 18:42:22 +01:00
Ondrej Zajicek (work) a6f79ca57f Timers: Revert temporary names and remove old timer.h 2017-12-07 13:54:59 +01:00
Ondrej Zajicek (work) ee528fbd5d Timers: Add typecast to unit-converting macros 2017-12-07 13:53:42 +01:00
Ondrej Zajicek (work) d59c1a2958 RPKI: Update to new timers 2017-12-07 13:52:21 +01:00
Ondrej Zajicek (work) d3fa9e84e9 Timers: Show sub-second times in some protocol outputs 2017-12-07 13:49:27 +01:00
Ondrej Zajicek (work) 025525266f Timers: Replace old timers with microsecond timers 
The old timer interface is still kept, but implemented by new timers. The
plan is to switch from the old inteface to the new interface, then clean
it up.
 2017-12-07 13:49:27 +01:00
Ondrej Zajicek (work) 4278abfe27 Check validity of dest w.r.t. net_type 
Allow to define static roa/flow routes without dest.
 2017-04-18 13:56:40 +02:00
Jan Moskyto Matejka c609d03986 Merge branch 'int-new' into nexthop-merged 2017-02-22 11:58:04 +01:00
Ondrej Zajicek (work) 62e64905b7 Several minor fixes 2017-02-20 02:26:45 +01:00
Jan Moskyto Matejka 5b208e296f Removing (struct rta)->cast. Never used. 2016-12-22 13:09:59 +01:00
Ondrej Zajicek (work) eeba61ccd5 Minor cleanups 2016-12-13 20:18:11 +01:00
Jan Moskyto Matejka af62c0f9f1 LibSSH may be switched off together with RPKI 2016-12-07 14:15:35 +01:00
Pavel Tvrdík 65d2a88dd2 RPKI protocol with one cache server per protocol 
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...
 2016-12-07 09:35:24 +01:00