Ondrej Zajicek
38e835dede
Fix in the last commit
2015-05-13 13:19:26 +02:00
Ondrej Zajicek
9fdf9d29b6
KRT: Add support for plenty of kernel route metrics
...
Linux kernel route metrics (RTA_METRICS netlink route attribute) are
represented and accessible as new route attributes:
krt_mtu, krt_window, krt_rtt, krt_rttvar, krt_sstresh, krt_cwnd, krt_advmss,
krt_reordering, krt_hoplimit, krt_initcwnd, krt_rto_min, krt_initrwnd,
krt_quickack, krt_lock_mtu, krt_lock_window, krt_lock_rtt, krt_lock_rttvar,
krt_lock_sstresh, krt_lock_cwnd, krt_lock_advmss, krt_lock_reordering,
krt_lock_hoplimit, krt_lock_rto_min, krt_feature_ecn, krt_feature_allfrag
2015-05-12 16:42:22 +02:00
Ondrej Zajicek
16a3254c4c
Understand IFF_MULTICAST flag on ifaces in Linux
...
Unfortunately, some interfaces support multicast but do not have
this flag set, so we use it only as a positive hint.
Thanks to Clint Armstrong for noticing the problem.
2015-03-31 23:59:40 +02:00
Ondrej Zajicek
86c3eea0f3
Use AF_UNSPEC for RTM_GETLINK
...
This value is specified in documentation.
2015-02-21 21:19:49 +01:00
Ondrej Zajicek
1123e70740
Implements token bucket filter for rate limiting.
2014-10-02 12:52:50 +02:00
Ondrej Zajicek
8945f73d94
Ensures that msg_controllen includes last padding.
...
Although RFC 3542 allows both cases, Theo de Raadt thinks
he knows better, and msg_controllen without last padding
fails on OpenBSD.
Thanks to Job Snijders for the bugreport.
2014-06-26 13:30:27 +02:00
Ondrej Zajicek
05476c4d04
IPv4/IPv6 integrated socket code.
2014-05-18 11:42:26 +02:00
Ondrej Zajicek
eb5ea6bdd6
Fixes build on some old systems.
2014-03-31 13:21:13 +02:00
Ondrej Zajicek
3216eb03dd
Fixes longstanding issue with interfaces staying in IF_TMP_DOWN.
...
Thanks to Pierluigi Rolando and others for the bugreport.
2014-02-26 12:52:00 +01:00
Ondrej Zajicek
48e5f32db6
Many changes in I/O and OSPF sockets and packet handling.
...
I/O:
- BSD: specify src addr on IP sockets by IP_HDRINCL
- BSD: specify src addr on UDP sockets by IP_SENDSRCADDR
- Linux: specify src addr on IP/UDP sockets by IP_PKTINFO
- IPv6: specify src addr on IP/UDP sockets by IPV6_PKTINFO
- Alternative SKF_BIND flag for binding to IP address
- Allows IP/UDP sockets without tx_hook, on these
sockets a packet is discarded when TX queue is full
- Use consistently SOL_ for socket layer values.
OSPF:
- Packet src addr is always explicitly set
- Support for secondary addresses in BSD
- Dynamic RX/TX buffers
- Fixes some minor buffer overruns
- Interface option 'tx length'
- Names for vlink pseudoifaces (vlinkX)
- Vlinks use separate socket for TX
- Vlinks do not use fixed associated iface
- Fixes TTL for direct unicast packets
- Fixes DONTROUTE for OSPF sockets
- Use ifa->ifname instead of ifa->iface->name
2014-02-06 17:46:01 +01:00
Ondrej Zajicek
283c7dfada
Merge branch 'master' into add-path
2013-11-25 18:42:47 +01:00
Ondrej Zajicek
e237b28a4d
Changes primary addr selection on BSD to respect SIOCGIFADDR ioctl() result.
...
Thanks to Alexander V. Chernikov for the original patch.
2013-11-25 01:21:39 +01:00
Ondrej Zajicek
65194bd1eb
Removes workaround related to import of kernel device routes.
...
Thanks to Benjamin Cama for notification.
2013-11-23 22:48:27 +01:00
Ondrej Zajicek
736e143fa5
Merge branch 'master' into add-path
...
Conflicts:
filter/filter.c
nest/proto.c
nest/rt-table.c
proto/bgp/bgp.h
proto/bgp/config.Y
2013-11-23 11:50:34 +01:00
Ondrej Zajicek
f83ce94d5e
Fixes missing unregister of kernel table handling code.
...
And some minor fixes.
Thanks to Sergey Popovich for the patch.
2013-09-26 17:33:00 +02:00
Ondrej Zajicek
c6964c305b
Makes krt.c much more readable.
2013-07-04 18:02:22 +02:00
Ondrej Zajicek
70e212f913
Implements TTL security for OSPF and RIP.
...
Interfaces for OSPF and RIP could be configured to use (and request)
TTL 255 for traffic to direct neighbors.
Thanks to Simon Dickhoven for the original patch for RIPng.
2013-06-25 15:39:44 +02:00
Ondrej Zajicek
ef4a50be10
Better packet priority and traffic class handling.
...
Implements support for IPv6 traffic class, sets higher priority for OSPF
and RIP outgoing packets by default and allows to configure ToS/DS/TClass
IP header field and the local priority of outgoing packets.
2013-06-24 16:37:30 +02:00
Ondrej Zajicek
9810d05562
Fixes problems with routing table scans on some platforms.
...
Negative bit shifts are definitely undefined oprations.
2013-05-28 10:44:44 +02:00
Ondrej Zajicek
094d2bdb79
Implements ADD-PATH extension for BGP.
...
Allows to send and receive multiple routes for one network by one BGP
session. Also contains necessary core changes to support this (routing
tables accepting several routes for one network from one protocol).
It needs some more cleanup before merging to the master branch.
2012-08-14 16:46:43 +02:00
Ondrej Zajicek
c06de722dd
Some minor fixes.
2012-08-06 11:09:13 +02:00
Ondrej Zajicek
47c447c42e
Minor cleanups.
2012-05-11 12:10:21 +02:00
Ondrej Zajicek
95616c8202
Cleanup in sysdep KRT code, part 4.
...
Adding some files that was accidentally removed
(instead of moved) in cleanup part 2.
2012-05-04 16:38:25 +02:00
Ondrej Zajicek
f1aceff59b
Cleanup in sysdep KRT code, part 2.
...
Remove support for historic Linux kernels,
merge krt-iface, krt-set and krt-scan stub headers.
2012-04-30 22:25:24 +02:00
Ondrej Zajicek
396dfa9042
Cleanup in sysdep KRT code, part 1.
...
OS-dependent functions renamed to be more consistent,
prepared to merge krt-set and krt-scan headers.
Name changes:
struct krt_if_params -> struct kif_params
struct krt_if_status -> struct kif_status
struct krt_set/scan_params -> struct krt_params
struct krt_set/scan_status -> struct krt_status
krt_if_params_same -> kif_sys_reconfigure
krt_if_copy_params -> kif_sys_copy_config
krt_set/scan_params_same -> krt_sys_reconfigure
krt_set/scan_copy_params -> krt_sys_copy_config
krt_if_scan -> kif_do_scan
krt_set_notify -> krt_do_notify
krt_scan_fire -> krt_do_scan
krt_if_ -> kif_sys_
krt_scan_ -> krt_sys_
krt_set_ -> krt_sys_
2012-04-30 15:31:32 +02:00
Ondrej Zajicek
3589546af4
Merge commit 'origin/master'
2012-04-24 23:37:01 +02:00
Ondrej Zajicek
334a0ed24d
Fixes missing device attributes when exporting routes to kernel.
...
Thanks to Howden Nick for the bugreport.
2012-04-21 11:00:23 +02:00
Ondrej Filip
f93e6f338e
Small clean up in debug texts
2012-04-19 17:14:16 +02:00
Ondrej Zajicek
c9df01d321
Fixes several minor bugs in kernel syncer.
2012-03-25 19:44:14 +02:00
Ondrej Zajicek
9ba2798c65
Adds krt_metric linux route attribute.
2012-03-23 17:22:13 +01:00
Ondrej Zajicek
732a0a257d
Fixes problems with creating/removing/renaming ifaces on BSD.
2012-01-23 01:26:40 +01:00
root
4b3a8ff8c6
Extend buffer for netlink messages.
2012-01-09 16:57:45 +01:00
Ondrej Zajicek
a7f23f581f
Implements protocol templates.
...
Based on the patch from Alexander V. Chernikov.
Extended to support almost all protocols.
Uses 'protocol bgp NAME from TEMPLATE { ... }' syntax.
2011-11-07 00:31:23 +01:00
Ondrej Zajicek
32f95476a8
Signal problems with route installation to kernel tables.
2011-10-06 22:48:49 +02:00
Ondrej Zajicek
b1b1943360
The generalized TTL security mechanism (RFC 5082) support.
...
Thanks to Alexander V. Chernikov for the patch.
2011-08-16 23:13:05 +02:00
root
aca0e79faa
Handles missing macro.
2011-07-29 14:52:28 +02:00
Ondrej Zajicek
e8b89a6104
Update and document the privilege restriction.
2011-05-15 16:29:44 +02:00
Ondrej Zajicek
1bc2695744
Allows run with restricted privileges.
...
Adds option -u and -g to specify user and group.
When different user (than root) is specified,
linux capabilities CAP_NET_* are kept.
2011-05-10 02:42:17 +02:00
Ondrej Zajicek
71ca77169d
Adds support for several Linux kernel route attributes.
2011-04-13 12:32:27 +02:00
Ondrej Zajicek
83696b3913
Hide 6to4 route warnings.
2011-03-29 02:44:39 +02:00
Ondrej Zajicek
52a43ae3b7
Minor changes in addresses.
...
Mainly changes IA_UNNUMBERED to IA_PEER and adds IA_HOST. Also do not
show broadcast addr in show interfaces. Nobody cares for that.
2011-03-28 22:46:18 +02:00
Ondrej Zajicek
32b4972834
Multipath support for linux kernel protocol.
2010-12-07 23:36:11 +01:00
Ondrej Zajicek
01427d3f2b
Remove some runaway debug messages and typos.
2010-11-19 18:03:27 +01:00
Ondrej Zajicek
f25cb0ef9f
Implements link state detection.
...
Also changes some symbol names (IFF_ADMIN_DOWN -> IFF_SHUTDOWN,
IFF_LINK_UP -> IFF_ADMIN_UP).
2010-11-11 10:03:02 +01:00
Ondrej Zajicek
cfe34a316e
Implements hostcache and recursive next hops.
...
Hostcache is a structure for monitoring changes in a routing table that
is used for routes with dynamic/recursive next hops. This is needed for
proper iBGP next hop handling.
2010-07-05 17:50:19 +02:00
Ondrej Zajicek
691057f033
Support loopback/dummy addresses.
2010-05-26 16:09:22 +02:00
Ondrej Zajicek
87a9abeac9
Fixes interface scan on Linux 2.4.x in IPv6 mode.
2010-05-21 15:17:49 +02:00
Ondrej Zajicek
ba32170657
Better support for /31 networks.
2010-04-28 00:39:57 +02:00
Ondrej Filip
6bc414d619
It seems that prefixes /31 and /127 are valid and used in this strange world.
2010-04-19 16:10:20 +02:00
Ondrej Zajicek
646b24d932
Minor changes.
2010-04-08 17:45:50 +02:00
Ondrej Zajicek
c429d4a4ba
Restrict export of device routes to the kernel protocol.
...
In usual configuration, such export is already restricted
with the aid of the direct protocol but there are some
races that can circumvent it. This makes it harder to
break kernel device routes. Also adds an option to
disable this restriction.
2010-04-04 15:41:31 +02:00
Ondrej Zajicek
e7b09e4ab9
Use SO_BINDTODEVICE also in Linux/IPv6.
2010-04-02 16:11:46 +02:00
Ondrej Zajicek
bed417288e
Minor fixes to previous patches.
2010-04-02 11:31:20 +02:00
Ondrej Zajicek
0aad2b9292
Temporary OSPF commit - sockets.
2010-03-14 16:36:59 +01:00
Ondrej Zajicek
54305181f6
Merge branch 'new' into socket2
2010-03-11 18:55:59 +01:00
Ondrej Zajicek
ff2857b03d
Many changes in (mainly) kernel syncers.
...
- BSD kernel syncer is now self-conscious and can learn alien routes
- important bugfix in BSD kernel syncer (crash after protocol restart)
- many minor changes and bugfixes in kernel syncers and neighbor cache
- direct protocol does not generate host and link local routes
- min_scope check is removed, all routes have SCOPE_UNIVERSE by default
- also fixes some remaining compiler warnings
2010-02-26 10:55:58 +01:00
Ondrej Zajicek
e81b440f68
Fix configure to enable warnings and fix most of them.
2010-02-21 14:34:53 +01:00
Ondrej Zajicek
353729f513
Temporary OSPF commit - socket changes.
2010-02-11 10:23:35 +01:00
Ondrej Zajicek
3f22fa9e74
Merge branch 'dev' into ospf3
2009-11-09 22:54:39 +01:00
Ondrej Zajicek
9d4d38d1a5
Fixes some problems related to link-local routes in KRT interface.
2009-10-28 22:39:24 +01:00
Ondrej Zajicek
bff74c7aa3
Allows importing 'onlink' routes.
2009-10-20 19:04:28 +02:00
Ondrej Zajicek
aa7088fe26
Fixes one previous commit.
2009-09-30 16:34:47 +02:00
Ondrej Zajicek
2d507e64b7
Do not allow gateway routes with NULL iface.
2009-09-24 19:08:14 +02:00
Ondrej Zajicek
be86240662
Temporary OSPFv3 development commit.
...
Finally, it is working.
2009-09-08 13:45:02 +02:00
Ondrej Zajicek
f9c799a00e
Temporary OSPFv3 development commit (changing multicast support).
2009-09-04 11:06:51 +02:00
Ondrej Zajicek
b49e6f5a65
Temporary OSPFv3 development commit
2009-08-25 16:42:14 +02:00
Ondrej Zajicek
86975e584e
Allow more kernel routing tables in IPv6.
2009-08-21 09:43:31 +02:00
Ondrej Zajicek
51f4469f03
Fixes problems with rewriting of kernel device routes.
2009-05-29 17:36:37 +02:00
Ondrej Zajicek
6c84554b67
Merge branch 'master' into dev
2009-05-21 09:26:59 +02:00
Ondrej Zajicek
19e10907c1
Fixes communication on netlink sockets
...
Independent sessions on netlink sockets mixed state
in some common variables.
2009-05-08 14:37:06 +02:00
Ondrej Filip
2b70f0742e
Linux specific TCP-MD5 handling moved to sysdep/linux/sysio.h
...
FreeBSD coded added. BSD cannot set BGP passwords itself.
This has to be done by external command.
2009-05-04 18:17:46 +02:00
Ondrej Zajicek
e366625c0e
Fixes mixed-up messages on netlink socket
...
Under specific circumstances there might be two mixed-up
netlink sessions (one for scan, the other for route change
request). This patch separates netlink scans and requests
to two fds (and seq counters).
This should fix http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428865
2009-04-17 18:43:11 +02:00
Ondrej Zajicek
cb53039271
Rate limit for most abundant log messages
2009-02-26 14:23:54 +01:00
Ondrej Zajicek
11ec0f1a51
Fixes compilation on older systems.
...
Older kernel headers (the ones in Debian Sarge) does not
have __kernel_sockaddr_storage .
2009-01-16 12:49:51 +01:00
Ondrej Zajicek
6c8102e3a8
Ignore messages related to wireless extensions.
2008-11-04 14:51:45 +01:00
Ondrej Zajicek
a98fbf0f12
Merge branch 'dev' into out
2008-10-27 00:20:22 +01:00
Ondrej Zajicek
4c94a6c7e7
Do not repeat 'Invalid broadcast address' error message.
...
'Invalid broadcast address' error is reported only once for
an interface and not during every interface scan.
2008-10-26 23:23:09 +01:00
Ondrej Zajicek
d7f3b30649
Ignore unknown netlink events.
...
Bird sometimes reported 'bird: nl_parse_link: Malformed message received'.
The cause is that bird asynchronously received netlink packet from
wireless driver about some wireless event on its link layer. In that
case bird shouldn't complain.
2008-10-26 23:20:50 +01:00
Ondrej Zajicek
1567edea8d
Bugfix for routing table breaking bug.
...
Here is a patch fixing a bug that causes breakage of a local routing
table during shutdown of Bird. The problem was caused by shutdown
of 'device' protocol before shutdown of 'kernel' protocol. When
'device' protocol went down, the route (with local network prefix)
From different protocol (BGP or OSPF) became preferred and installed
to the kernel routing table. Such routes were broken (like
192.168.1.0/24 via 192.168.1.2). I think it is also the cause
of problem reported by Martin Kraus.
The patch disables updating of kernel routing table during shutdown of
Bird. I am not sure whether this is the best way to fix it, I would
prefer to forbid 'kernel' protocol to overwrite routes with
'proto kernel'.
The patch also fixes a problem that during shutdown sometimes routes
created by Bird remained in the kernel routing table.
2008-10-26 23:09:46 +01:00
Ondrej Zajicek
d51aa28190
Implementation of MD5 authentication of BGP sessions.
2008-10-26 22:42:39 +01:00
Martin Mares
057021df0d
Fix behavior of ipa_opposite().
...
It was giving wrong results on /30 networks.
2008-08-25 11:19:49 +00:00
Martin Mares
9831e5916f
Staticized lots of local functions.
2004-06-05 09:58:23 +00:00
Martin Mares
6578a60493
Marked unused parameters in sysdep code as such.
2004-06-05 09:11:07 +00:00
Martin Mares
abf06173a3
Current Linux kernels don't remember rtm_protocol for IPv6 routes and supply RTPROT_BOOT instead.
...
Work around that.
2003-02-22 23:06:32 +00:00
Martin Mares
8001948b43
Report link-scope addresses as well.
2003-02-22 22:38:15 +00:00
Martin Mares
5fc7c5c513
Don't loop forever when trying to skip an out-sequence netlink reply.
2001-08-03 08:44:51 +00:00
Martin Mares
2836ce3951
Check broadcast address sanity before believing it.
2000-06-21 09:58:09 +00:00
Martin Mares
ca00d4a13a
Fix numbering of routing tables in IPv6 version.
2000-06-18 19:49:32 +00:00
Martin Mares
df49d4e14b
Removed lots of trailing newlines in log messages.
...
Please note that the only calls which don't add newlines automatically
(i.e., don't print a full line of output) are debug() and DBG().
2000-06-04 19:56:06 +00:00
Martin Mares
4a91150175
Updated for new scope handling.
...
Also, provide proper address scopes in struct ifa.
2000-06-01 12:58:41 +00:00
Martin Mares
0e5aa966cc
Multicast problems should be gone, although the fix is Linux only and we'll
...
need to figure out something better when working on new ports.
2000-05-11 16:30:56 +00:00
Martin Mares
109c2f6cf3
If a broadcast address is missing, go fake one.
2000-05-11 12:30:06 +00:00
Martin Mares
b6c9d8eb2e
Removed the `async' switch which was used for debugging only anyway.
...
Don't moan when netlink reports lost packets.
2000-05-08 12:05:55 +00:00
Martin Mares
94e935d8a2
Incoming buffer must be at least 8KB long.
2000-05-08 11:02:53 +00:00
Martin Mares
84f0700205
IPv6 support compiles on both glibc 2.0 and 2.1.
2000-05-06 21:46:09 +00:00
Martin Mares
9a220cabbc
#ifdef out lots of debugging information.
...
The long resource/routing table dump printed upon startup is gone now
and if you wish to see it, just send bird SIGUSR1 or use the `debug'
commands.
2000-05-04 20:52:28 +00:00
Martin Mares
93a786cb03
Removed a lot of unused variables.
...
Please try compiling your code with --enable-warnings to see them. (The
unused parameter warnings are usually bogus, the unused variable ones
are very useful, but gcc is unable to control them separately.)
2000-05-04 20:30:36 +00:00
Martin Mares
f380aa60fa
IPv6 compiles with glibc 2.1.
2000-04-20 23:05:41 +00:00
Martin Mares
221135d6bf
Include "lib/string.h" instead of <string.h>. It should give us bzero()
...
and other non-portable functions on all systems.
2000-03-31 23:30:21 +00:00
Martin Mares
832fa033b7
Cleaned up debugging in kernel syncer. Netlink has still LOCAL_DEBUG
...
turned on, but after some testing I'll gag it.
2000-03-12 21:54:39 +00:00