Commit graph

331 commits

Author SHA1 Message Date
Jan Moskyto Matejka
d311368bc5 VPN4 and VPN6 literals
From now on, protocol static accepts VPN4 and VPN6 addressess.
With some concerns about VPN6 Route Distinguishers, I finally chose
to have the same format as for VPN4 (where it is defined by RFC 4364).
2016-12-22 21:38:33 +01:00
Jan Moskyto Matejka
d14f8c3c45 Netlink: MPLS routes in kernel
Anyway, Bird is now capable to insert both MPLS routes and MPLS encap
routes into kernel.

It was (among others) needed to define platform-specific AF_MPLS to 28
as this constant has been assigned in the linux kernel.

No support for BSD now, it may be added in the future.
2016-12-22 21:38:33 +01:00
Jan Moskyto Matejka
33ad6e0188 MPLS: added net_addr_mpls variant of net_addr 2016-12-22 13:35:16 +01:00
Ondrej Zajicek (work)
eeba61ccd5 Minor cleanups 2016-12-13 20:18:11 +01:00
Ondrej Zajicek (work)
ac3ad139f6 BGP: Add support for flowspec (RFC 5575) 2016-12-07 18:29:34 +01:00
Ondrej Zajicek (work)
a7848dd880 Client: No need for birdlib functions 2016-12-07 16:20:38 +01:00
Ondrej Zajicek (work)
77234bbbde Basic flow specification support (RFC 5575)
Add flow4/flow6 network and rt-table type and operations, config grammar
and static protocol support.

Squashed flowspec branch from Pavel Tvrdik.
2016-12-07 15:54:19 +01:00
Jan Moskyto Matejka
ad88b94bca Merge branch 'int-new-rpki-squashed' (early part) into int-new 2016-12-07 15:30:46 +01:00
Ondrej Zajicek (work)
d15b0b0a1b BGP redesign
Integrated and extensible BGP with generalized AFI handling,
support for IPv4+IPv6 AFI and unicast+multicast SAFI.
2016-12-07 14:20:52 +01:00
Jan Moskyto Matejka
af62c0f9f1 LibSSH may be switched off together with RPKI 2016-12-07 14:15:35 +01:00
Pavel Tvrdik
69ae578450 Add `.asn' operator to all ROA prefixes in filters
Example:
  bird> eval (1.2.0.0/16 max 20 as 1234).asn
  1234

Todo: Should be described in user docs
2016-12-07 09:35:24 +01:00
Pavel Tvrdík
65d2a88dd2 RPKI protocol with one cache server per protocol
The RPKI protocol (RFC 6810) using the RTRLib
(http://rpki.realmv6.org/) that is integrated inside
the BIRD's code.

Implemeted transports are:
 - unprotected transport over TCP
 - secure transport over SSHv2

Example configuration of bird.conf:
  ...
  roa4 table r4;
  roa6 table r6;

  protocol rpki {
    debug all;

    # Import both IPv4 and IPv6 ROAs
    roa4 { table r4; };
    roa6 { table r6; };

    # Set cache server (validator) address,
    # overwrite default port 323
    remote "rpki-validator.realmv6.org" port 8282;

    # Overwrite default time intervals
    retry   10;         # Default 600 seconds
    refresh 60;         # Default 3600 seconds
    expire 600;         # Default 7200 seconds
  }

  protocol rpki {
    debug all;

    # Import only IPv4 routes
    roa4 { table r4; };

    # Set cache server address to localhost,
    # use default ports tcp => 323 or ssh => 22
    remote 127.0.0.1;

    # Use SSH transport instead of unprotected transport over TCP
    ssh encryption {
      bird private key "/home/birdgeek/.ssh/id_rsa";
      remote public key "/home/birdgeek/.ssh/known_hosts";
      user "birdgeek";
    };
  }
  ...
2016-12-07 09:35:24 +01:00
Ondrej Zajicek (work)
ed1a908e53 BGP: Fix memory leak in graceful restart code
Prefix and bucket tables are initialized when entering established state
but not explicitly freed when leaving it (that is handled by protocol
restart). With graceful restart, BGP may enter and leave established
state multiple times without hard protocol restart causing memory leak.
2016-11-25 11:51:38 +01:00
Pavel Tvrdik
bb721f0d6d Add lp_strdup function for string duplication on linpool 2016-11-16 12:22:01 +01:00
Pavel Tvrdik
5e3cd0e5b5 Birdtest: Replace BT_SUCCESS and BT_FAILURE with 1 and 0 2016-11-11 17:43:09 +01:00
Ondrej Zajicek (work)
9b0a0ba9e6 Unit Testing for BIRD
- Unit Testing Framework (BirdTest)
 - Integration of BirdTest into the BIRD build system
 - Tests for several BIRD modules

 Based on squashed Pavel Tvrdik's int-test branch, updated for
 current int-new branch.
2016-11-09 16:36:34 +01:00
Ondrej Zajicek (work)
8860e991f6 Merge branch 'master' into int-new 2016-11-08 19:27:58 +01:00
Ondrej Zajicek (work)
c8cafc8ebb Minor code cleanups 2016-11-08 17:46:29 +01:00
Ondrej Zajicek (work)
cc5b93f72d Merge tag 'v1.6.2' into int-new 2016-11-08 17:04:29 +01:00
Ondrej Zajicek (work)
920a86e849 Add missing extern 2016-11-03 09:53:53 +01:00
Ondrej Zajicek (work)
390601f038 RIP: Use message authentication interface
Based on former commit from Pavel Tvrdik
2016-11-02 17:53:22 +01:00
Ondrej Zajicek (work)
de2a27e255 Add generic message authentication interface
Add generic interface for generating and verifying MACs (message
authentication codes). Replace multiple HMAC implementation with
a generic one.
2016-11-02 16:23:53 +01:00
Jan Moskyto Matejka
3e236955c9 Build: switch on -Wextra, get rid of most of the warnings
There are several unresolved -Wmissing-field-initializers on older
versions of GCC than 5.1, all of them false positive.
2016-11-01 14:52:54 +01:00
Ondrej Zajicek (work)
17fe57d8dc Log: Fix broken syslog name
BIRD passed string from configuration to openlog(), which kept it
internally. After reconfiguration the old string was freed, therefore
openlog had invalid copy.

Thanks to Chris Caputo for the original patch.
2016-11-01 11:37:49 +01:00
Pavel Tvrdik
d107ef78df Whitespace fixes 2016-08-16 13:02:32 +02:00
Ondrej Zajicek (work)
08b3a24da5 IO: Minor changes in socket AF handing
AF can be specified implicitly by saddr or daddr, flags SKF_V4ONLY and
SKF_V6ONLY are to be removed.
2016-05-17 15:21:49 +02:00
Jan Moskyto Matejka
5af7b59660 Merge branch 'int-new' of gitlab.labs.nic.cz:labs/bird into int-new 2016-05-13 13:48:04 +02:00
Jan Moskyto Matejka
d39d41fbda Hash: Fix of previous commit 2016-05-13 13:46:46 +02:00
Ondrej Zajicek (work)
b66a9e2f33 Merge branch 'master' into int-new 2016-05-12 21:49:52 +02:00
Ondrej Zajicek (work)
659f80f262 Make int-new compilable again 2016-05-12 21:47:29 +02:00
Ondrej Zajicek (work)
776d6b2c05 Merge remote-tracking branch 'origin/int-new' into int-new 2016-05-12 18:11:12 +02:00
Ondrej Zajicek (work)
af678af0d5 Merge remote-tracking branch 'origin/master' into int-new 2016-05-12 18:03:23 +02:00
Jan Moskyto Matejka
54ac0becee Hash: fixed rta hashing wrt. structure padding 2016-05-12 16:16:25 +02:00
Ondrej Zajicek (work)
286e2011d2 Miscellaneous minor fixes 2016-05-12 16:04:47 +02:00
Pavel Tvrdik
8e433d6a52 Prog Doc: Complete several missing parameters 2016-05-12 15:49:44 +02:00
Jan Moskyto Matejka
0c6dfe5236 Merge branch 'int-new' into int-new-merged 2016-05-10 14:30:49 +02:00
Jan Moskyto Matejka
7152e5efbb Build system reworked to one global Makefile with includes and no nesting
Also removed the lib-dir merging with sysdep. Updated #include's
accordingly.

Fixed make doc on recent Debian together with moving generated doc into
objdir.

Moved Makefile.in into root dir

Retired all.o and birdlib.a
Linking the final binaries directly from all the .o files.
2016-05-10 14:07:34 +02:00
Ondrej Zajicek (work)
937e75d8f1 Add the Babel routing protocol (RFC 6126)
This patch implements the IPv6 subset of the Babel routing protocol.
Based on the patch from Toke Hoiland-Jorgensen, with some heavy
modifications and bugfixes.

Thanks to Toke Hoiland-Jorgensen for the original patch.
2016-04-28 18:01:40 +02:00
Ondrej Zajicek (work)
a7baa09862 BSD: Add the IPsec SA/SP database entries control
Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database
at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are
handled automatically on both Linux and FreeBSD.

Based on patches from Pavel Tvrdik.
2016-04-13 14:37:09 +02:00
Jan Moskyto Matejka
7a7ac65682 Merge branch 'master' into int-new-channels 2016-04-08 12:28:33 +02:00
Ondrej Zajicek (work)
f2ae2badff Main: Add local option
Add option that changes default paths for config file and control socket
to the current working directory.
2016-04-07 12:39:49 +02:00
Ondrej Zajicek (work)
9e7b3ebdf9 IO: Replace RX priority heuristic with explicit mark
In BIRD, RX has lower priority than TX with the exception of RX from
control socket. The patch replaces heuristic based on socket type with
explicit mark and uses it for both control socket and BGP session waiting
to be established.

This should avoid an issue when during heavy load, outgoing connection
could connect (TX event), send open, but then failed to receive OPEN /
establish in time, not sending notifications between and therefore
got hold timer expired error from the neighbor immediately after it
finally established the connection.
2016-04-06 11:49:34 +02:00
Jan Moskyto Matejka
54bb032d21 Birdlib: Modify lists to avoid problems with pointer aliasing rules
The old linked list implementation used some wild typecasts and required
GCC option -fno-strict-aliasing to work properly. This patch fixes that.
However, we still keep the option due to other potential problems.

(Commited by Ondrej Santiago Zajicek)
2016-03-23 02:21:42 +01:00
Ondrej Zajicek (work)
665b8e5283 Birdlib: Do cleanups after remove/free
To avoid byzantine behavior in case of some errors, linked lists are
cleared after rem_node() and resource headers are cleared after rfree().
2016-03-23 02:21:42 +01:00
Jan Moskyto Matejka
a815d62d59 Hash: typecast error fix 2016-02-19 16:33:07 +01:00
Jan Moskyto Matejka
9a74622ca1 Updated RTA hashes to 32-bit values.
... and reworked the hashes a bit. Also added mem_hash function
which just computes a hash of given memory block.
2016-02-10 13:26:07 +01:00
Ondrej Zajicek (work)
f4a60a9bc4 Channels - explicit links between protocols and tables
The patch adds support for channels, structures connecting protocols and
tables and handling most interactions between them. The documentation is
missing yet.
2016-02-01 10:28:50 +01:00
Pavel Tvrdík
f9d729ab68 NET ROAx: add max_pxlen, fix format 2016-01-14 14:31:55 +01:00
Jan Moskyto Matejka
9a883adf95 Net address format: Do not print the -4 or -6 suffix in %I4 and %I6 2016-01-13 13:21:25 +01:00
Pavel Tvrdík
a820ae1074 NET ROAx more small changes
- Remove `u8 src` from net_add_roaX
- Add `u8 max_pxlen` to net_add_roaX
- Add some missing macro and functions for ROA
- Remove ASN from hash function for ROA

Thanks to Ondrej Santiago Zajicek
2016-01-12 11:41:10 +01:00
Pavel Tvrdík
93e807292c ROA change printf 'ASN: xxx' to 'ASxxx' 2016-01-12 11:40:50 +01:00
Jan Moskyto Matejka
6ffa8f5393 Hidden AF_INET* inside sysdep/ 2016-01-11 09:29:51 +01:00
Pavel Tvrdík
de9b87f558 Add NET ROA4/6 structures 2016-01-07 18:21:31 +01:00
Ondrej Zajicek (work)
e691d16a63 Explicit ip4_addr / ip6_addr printf support 2015-12-29 17:12:47 +01:00
Ondrej Zajicek (work)
74c838a870 Move ID allocator to a separate file and use it also in OSPF 2015-12-29 15:42:12 +01:00
Ondrej Zajicek (work)
04632fd77f Follow-up work on integration 2015-12-24 15:56:04 +01:00
Jan Moskyto Matejka
70b90dde23 Better fix of missing AF_INET6? definition in lib/socket.h
Moved the code to sysdep.
2015-12-22 09:45:09 +01:00
Jan Moskyto Matejka
67aa88336a BSD wants to include sys/socket.h in lib/socket.h (AF_INET6? definitions) 2015-12-21 18:23:08 +01:00
Ondrej Zajicek (work)
0bf95f99e6 Follow-up work on integration
Contains some patches from Jan Moskyto Matejka
2015-12-21 17:17:21 +01:00
Ondrej Zajicek (work)
23c212e7f1 Follow-up work on integration 2015-12-21 03:33:18 +01:00
Jan Moskyto Matejka
7fd4143ead Integrated address print lengths
Minor changes by Ondrej Santiago Zajicek
2015-12-20 13:47:39 +01:00
Jan Moskyto Matejka
aedd3a6bab Implemented missing prefix manipulation functions 2015-12-20 12:53:40 +01:00
Jan Moskyto Matejka
5e173e9f63 Stop perusing f_prefix for non-prefix-set uses
Multiple changes by Ondrej Santiago Zajicek
2015-12-19 23:49:47 +01:00
Jan Moskyto Matejka
d7661fbe9d Removed BITS_PER_IP_ADDRESS, MAX_PREFIX_LENGTH, BIRD_AF
Explicit setting of AF_INET(6|) in IP socket creation. BFD set to listen
on v6, without setting the V6ONLY flag to catch both v4 and v6 traffic.

Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-19 15:57:09 +01:00
Jan Moskyto Matejka
9b136840d9 Netlink and BSD: Integrating IPv4 and IPv6
Squashing and minor changes by Ondrej Santiago Zajicek
2015-12-18 20:03:47 +01:00
Ondrej Zajicek (work)
04ae8ddaa1 Merge branch 'master' into int-new 2015-11-25 14:24:35 +01:00
Pavel Tvrdík
33b4f40acc MD5: Mormalize naming style 2015-11-24 16:01:48 +01:00
Ondrej Zajicek (work)
90f78507f4 Merge branch 'master' into rip-new 2015-11-24 15:21:11 +01:00
Ondrej Zajicek (work)
e422ca0f29 Some consts for function arguments
Patch from Pavel Tvrdik
2015-11-24 13:52:26 +01:00
Ondrej Zajicek (work)
5126380bea Minor changes to SHA hash functions 2015-11-24 13:47:28 +01:00
Pavel Tvrdík
f312a837e9 Add SHA-384/512 and HMAC-SHA-384/512 crypto hash 2015-11-13 19:34:12 +01:00
Pavel Tvrdík
4035e0e79c Add SHA-224/256 and HMAC-SHA-224/256 crypto hash 2015-11-13 19:34:02 +01:00
Pavel Tvrdík
5d0c36f1da Add SHA1 and SHA1-HMAC crypto hash 2015-11-13 19:33:48 +01:00
Pavel Tvrdík
75ff08022e Add get_u64() and put_u64() into lib/unaligned.h 2015-11-13 19:31:19 +01:00
Ondrej Zajicek (work)
d44e686e9b Follow-up commit on integrated BIRD
Use net_addr for interface address prefixes, support net_addr in
configuration parser.
2015-11-12 02:03:59 +01:00
Ondrej Zajicek (work)
fe9f1a6ded Initial commit on integrated BIRD
New data types net_addr and variants (in lib/net.h) describing
network addresses (prefix/pxlen). Modifications of FIB structures
to handle these data types and changing everything to use these
data types instead of prefix/pxlen pairs where possible.

The commit is WiP, some protocols are not yet updated (BGP, Kernel),
and the code contains some temporary scaffolding.

Comments are welcome.
2015-11-05 12:48:52 +01:00
Ondrej Zajicek (work)
8465dccb06 Major RIP redesign
The new RIP implementation fixes plenty of old bugs and also adds support
for many new features: ECMP support, link state support, BFD support,
configurable split horizon and more. Most options are now per-interface.
2015-10-05 13:18:10 +02:00
Ondrej Zajicek
8d9eef1771 BGP multipath support
Kernel option 'merge paths' allows to merge routes exported to kernel
protocol (currently BGP and static routes) to multipath routes.
2015-06-08 02:24:08 +02:00
Pavel Tvrdík
ae80a2de95 unsigned [int] -> uint 2015-06-08 02:24:08 +02:00
Pavel Tvrdík
e348ef01b4 unsgined char -> byte 2015-06-08 02:24:08 +02:00
Ondrej Zajicek
77edab6409 OSPF: Redesign LSA checksumming
New LSA checksumming code separates generic Fletcher-16 and OSPF-specific
code and avoids back and forth endianity conversions, making it much more
readable and also several times faster.
2015-05-01 14:40:56 +02:00
Ondrej Zajicek
8bcb5fb1e8 Implement latency tracking, internal event log and watchdog 2015-03-02 09:41:14 +01:00
Ondrej Zajicek
4e63974471 Add minor comment 2015-02-24 16:19:14 +01:00
Ondrej Zajicek
9c89560e6c Use IP_PORTRANGE_HIGH for BFD where available 2015-02-22 20:14:14 +01:00
Pavel Tvrdík
6264aad16f Minor fixes 2015-02-21 20:11:02 +01:00
Pavel Tvrdik
85a3639d99 Better Clang compatibility 2015-02-21 20:07:17 +01:00
Pavel Tvrdik
e598853e68 Add const to a param msg at functions log_msg, log_rl, die, bug and debug 2015-02-21 19:32:57 +01:00
Ondrej Zajicek
6f8bbaa10b Fininshing integrated OSPF. 2014-11-03 10:42:55 +01:00
Ondrej Zajicek
88a183c6c9 Integrated IP functions. 2014-10-24 11:11:43 +02:00
Ondrej Zajicek
78342404ff Merge remote-tracking branch 'origin/master' into soft-int 2014-10-14 17:23:34 +02:00
Ondrej Zajicek
1123e70740 Implements token bucket filter for rate limiting. 2014-10-02 12:52:50 +02:00
Ondrej Zajicek
20e8d040b0 Fixes integer overflow in show memory command.
Thanks to Job Snijders for the bugreport.
2014-06-30 11:55:22 +02:00
Ondrej Zajicek
70945cb645 Temporary integrated OSPF commit. 2014-06-26 11:58:57 +02:00
Ondrej Zajicek
05476c4d04 IPv4/IPv6 integrated socket code. 2014-05-18 11:42:26 +02:00
Ondrej Filip
7c4a800725 Fixed bug in unused function. 2014-04-14 12:28:30 +02:00
Ondrej Zajicek
0c791f873a BGP graceful restart support.
Also significant core protocol state changes needed for that,
global graceful restart recovery state and kernel proto support
for recovery.
2014-03-20 14:07:12 +01:00
Ondrej Zajicek
5c200e0a4d Merge branch 'add-path' 2014-02-06 20:15:05 +01:00
Ondrej Zajicek
48e5f32db6 Many changes in I/O and OSPF sockets and packet handling.
I/O:
 - BSD: specify src addr on IP sockets by IP_HDRINCL
 - BSD: specify src addr on UDP sockets by IP_SENDSRCADDR
 - Linux: specify src addr on IP/UDP sockets by IP_PKTINFO
 - IPv6: specify src addr on IP/UDP sockets by IPV6_PKTINFO
 - Alternative SKF_BIND flag for binding to IP address
 - Allows IP/UDP sockets without tx_hook, on these
   sockets a packet is discarded when TX queue is full
 - Use consistently SOL_ for socket layer values.

OSPF:
 - Packet src addr is always explicitly set
 - Support for secondary addresses in BSD
 - Dynamic RX/TX buffers
 - Fixes some minor buffer overruns
 - Interface option 'tx length'
 - Names for vlink pseudoifaces (vlinkX)
 - Vlinks use separate socket for TX
 - Vlinks do not use fixed associated iface
 - Fixes TTL for direct unicast packets
 - Fixes DONTROUTE for OSPF sockets
 - Use ifa->ifname instead of ifa->iface->name
2014-02-06 17:46:01 +01:00
Ondrej Zajicek
e7d2ac4401 Finishes add-path.
Fixes some bugs and uses generic hash implementation.
2013-12-01 13:49:42 +01:00
Ondrej Zajicek
736e143fa5 Merge branch 'master' into add-path
Conflicts:

	filter/filter.c
	nest/proto.c
	nest/rt-table.c
	proto/bgp/bgp.h
	proto/bgp/config.Y
2013-11-23 11:50:34 +01:00