![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / bgpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.493 / (download) - annotate - [select for diffs], Sat May 18 11:17:30 2024 UTC (3 weeks ago) by jsg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.492: +1 -6 lines
Diff to previous 1.492 (colored)
remove prototypes with no matching function; ok claudio@
Revision 1.492 / (download) - annotate - [select for diffs], Wed Apr 24 10:41:34 2024 UTC (6 weeks, 3 days ago) by claudio
Branch: MAIN
Changes since 1.491: +1 -2 lines
Diff to previous 1.491 (colored)
Remove 'announce capabilities' as neighbor config stanza. There is no need to have an easy knob to get outdated or crappy implementations to limp along. Instead the various default on capabilities just need to be disabled (e.g. announce as-4byte no). OK tb@
Revision 1.491 / (download) - annotate - [select for diffs], Tue Apr 9 12:09:19 2024 UTC (8 weeks, 4 days ago) by claudio
Branch: MAIN
Changes since 1.490: +2 -1 lines
Diff to previous 1.490 (colored)
Increase RTR PDU limit to 48k and limit number of SPAS to 10'000. PDU larger then 48k will result in a session reset while ASPA records with more than 10'000 entries will be implicitly withdrawn. Also truncate RTR error PDUs to only include 256 bytes of the faulty PDU. It makes no sense to include more to identify the issue. OK tb@
Revision 1.490 / (download) - annotate - [select for diffs], Tue Apr 9 09:03:18 2024 UTC (8 weeks, 4 days ago) by claudio
Branch: MAIN
Changes since 1.489: +4 -1 lines
Diff to previous 1.489 (colored)
Allow operators to enforce the presence of certain capabilities on sessions. For simple capabilities this just adds enforce to the yes/no option of the announce statement. For multi-protocol capabilities and add-path there is an extra keyword. On top of this for add-path the enforcement requires the neighbor to send a matching capability, e.g 'announce add-path recv enforce' requires the other side to send any 'announce add-path send XYZ' capability. This is mainly to enforce as-4byte and extra multi-protocol capabilities. OK denis@ tb@
Revision 1.489 / (download) - annotate - [select for diffs], Fri Mar 22 15:41:34 2024 UTC (2 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.488: +2 -1 lines
Diff to previous 1.488 (colored)
Rework the cease shutdown reason to work in both directions by looking at the ibuf payload passed to log_notification(). Because of this move ibuf_get_string() and the log_notification() call in parse_notification(). OK tb@
Revision 1.488 / (download) - annotate - [select for diffs], Fri Mar 22 07:19:28 2024 UTC (2 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.487: +13 -1 lines
Diff to previous 1.487 (colored)
Rework parse_notification() to use the ibuf API for everything. While there fix the RFC5492 handling of ERR_OPEN_CAPA (the current code has the logic inversed). ERR_OPEN_CAPA is there to signal that a needed capability is missing in our OPEN message. Just add the handling of ERR_OPEN_CAPA to log_notification(). Also rework the handling of the shutdown reason and move the printing into log_notification(). OK tb@
Revision 1.487 / (download) - annotate - [select for diffs], Mon Mar 18 10:49:24 2024 UTC (2 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.486: +2 -2 lines
Diff to previous 1.486 (colored)
Double PEER_DESCR_LEN to 64 characters since 32 is a bit on the short side. OK sthen@, deraadt@, dlg@, tb@
Revision 1.486 / (download) - annotate - [select for diffs], Mon Feb 19 10:15:35 2024 UTC (3 months, 2 weeks ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.485: +3 -2 lines
Diff to previous 1.485 (colored)
IANA assigned error 8 to draft-ietf-idr-sendholdtimer https://www.iana.org/assignments/bgp-parameters/bgp-parameters.xhtml#bgp-parameters-3 OK claudio@
Revision 1.485 / (download) - annotate - [select for diffs], Tue Feb 13 16:35:43 2024 UTC (3 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.484: +2 -4 lines
Diff to previous 1.484 (colored)
Use an C99 anonymous union inside struct bgpd_addr This kills the two far to generic v4 and v6 macros which is a big win. OK tb@
Revision 1.484 / (download) - annotate - [select for diffs], Tue Jan 30 13:50:08 2024 UTC (4 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.483: +5 -6 lines
Diff to previous 1.483 (colored)
Convert he ATTR_ASPATH and ATTR_AS4_PATH handlers in rde_attr_parse() to new ibuf API. Various aspath functions are modified to work better with ibufs. aspath_inflate() now only works with ibufs and is a lot simpler. aspath_verify() does all the checks using the ibuf api and therefor most length checks can be skipped. aspath_asprint() and the new internal aspath_strsize() and aspath_snprint() are totally overhauled -- including some bugs that got squashed. OK tb@
Revision 1.483 / (download) - annotate - [select for diffs], Tue Jan 23 16:13:35 2024 UTC (4 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.482: +7 -9 lines
Diff to previous 1.482 (colored)
Start converting the message parser to use the new ibuf api. Rewrite rde_update_dispatch() to use ibufs. Because of this rde_update_err(), rde_get_mp_nexthop(), nlri_get_prefix() and friends are switched to use ibufs. For rde_attr_parse() a minimal change was done for now. OK tb@
Revision 1.482 / (download) - annotate - [select for diffs], Tue Jan 23 16:08:35 2024 UTC (4 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.481: +4 -4 lines
Diff to previous 1.481 (colored)
Fix tab after space
Revision 1.481 / (download) - annotate - [select for diffs], Thu Jan 11 13:08:39 2024 UTC (4 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.480: +2 -1 lines
Diff to previous 1.480 (colored)
Export the rtr session state as string. OK tb@
Revision 1.480 / (download) - annotate - [select for diffs], Wed Jan 10 13:31:09 2024 UTC (4 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.479: +3 -1 lines
Diff to previous 1.479 (colored)
Implement log_roa() and log_aspa() and use these functions in printconf.c OK tb@
Revision 1.479 / (download) - annotate - [select for diffs], Mon Jan 8 15:08:34 2024 UTC (5 months ago) by claudio
Branch: MAIN
Changes since 1.478: +6 -1 lines
Diff to previous 1.478 (colored)
Define and use struct ctl_kroute_req to encode the arguments of IMSG_CTL_KROUTE instead of doing it by hand. OK tb@
Revision 1.478 / (download) - annotate - [select for diffs], Mon Oct 16 10:25:45 2023 UTC (7 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.477: +3 -1 lines
Diff to previous 1.477 (colored)
Improve IPv6 link-local address handling When a session is established determine the possible interface scope of that session. The scope is only set when the remote address is directly connected. This interface scope is passed to the RDE that uses this information when link-local nexthops are received. Again checking that a link-local nexthop is actually acceptable. OK tb@
Revision 1.477 / (download) - annotate - [select for diffs], Wed Aug 30 08:16:28 2023 UTC (9 months, 1 week ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.476: +5 -3 lines
Diff to previous 1.476 (colored)
Introduce CTL_RES_OPNOTSUPP as possible error response for bgpctl which can be used in -portable for features that are not available in the build. OK tb@
Revision 1.476 / (download) - annotate - [select for diffs], Wed Aug 16 08:26:35 2023 UTC (9 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.475: +1 -4 lines
Diff to previous 1.475 (colored)
Remove per-AFI ASPA handling in bgpd internals With draft-ietf-sidrops-aspa-profile-16 and draft-ietf-sidrops-aspa-verification-15 the AFI dependence of ASPA records was dropped. So remove this complication form the code. This only removes the AFI handling internally in bgpd but still allows the old syntax in aspa-set tables. The optional address family is just ignored and records are merged together. For RTR sessions draft-ietf-sidrops-8210bis has not yet been updated so right now we still handle RTR sessions as specified there. The IPv4 and IPv6 ASPA entries are handled in two trees and merged together into one AFI independent tree. This is the best we can do for now until IETF updates draft-ietf-sidrops-8210bis. OK tb@ job@
Revision 1.465.4.1 / (download) - annotate - [select for diffs], Mon May 1 05:13:58 2023 UTC (13 months, 1 week ago) by tb
Branch: OPENBSD_7_3
Changes since 1.465: +2 -1 lines
Diff to previous 1.465 (colored) next main 1.466 (colored)
Rework the way transit provider AID masks are built and sent to the RDE. ASPA provider AS sets can include optional limitations to inet/inet6 these limits are represented in the TAS_AID bit masks (2bits per AS). Introduce a TAS_AID_SIZE() makro that returns the size in bytes of this bit mask (rounded to the next uint32_t). Without this change aspa objects with AID specific elements trigger a fatal error condition when the config is loaded. OK tb@ job@ from claudio Fix missing whitespace in bgpd(8) output from job This is errata/7.3/001_bgpd.patch.sig
Revision 1.475 / (download) - annotate - [select for diffs], Thu Apr 20 15:44:45 2023 UTC (13 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.474: +2 -1 lines
Diff to previous 1.474 (colored)
Rework the way transit provider AID masks are built and sent to the RDE. ASPA provider AS sets can include optional limitations to inet/inet6 these limits are represented in the TAS_AID bit masks (2bits per AS). Introduce a TAS_AID_SIZE() makro that returns the size in bytes of this bit mask (rounded to the next uint32_t). Without this change aspa objects with AID specific elements trigger a fatal error condition when the config is loaded. OK tb@ job@
Revision 1.474 / (download) - annotate - [select for diffs], Thu Apr 20 12:53:27 2023 UTC (13 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.473: +3 -1 lines
Diff to previous 1.473 (colored)
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
Revision 1.473 / (download) - annotate - [select for diffs], Wed Apr 19 07:12:22 2023 UTC (13 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.472: +5 -2 lines
Diff to previous 1.472 (colored)
Implement code to pass the flowspec config over to the RDE. The parent process tracks which prefixes are added / removed and issues the corresponding imsg calls. Right now the RDE does nothing with the received information. OK tb@
Revision 1.472 / (download) - annotate - [select for diffs], Tue Apr 18 12:11:27 2023 UTC (13 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.471: +30 -3 lines
Diff to previous 1.471 (colored)
Implement the parser bits to process flowspec rules. Heavily inspired by pfctl, in bgpd flowspec rules are written like pf rules (with a few exceptions / extensions). As a result not all flowspec features are available but that is OK. OK tb@
Revision 1.471 / (download) - annotate - [select for diffs], Mon Apr 17 08:02:21 2023 UTC (13 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.470: +29 -12 lines
Diff to previous 1.470 (colored)
Implement a basic API to work with flowspec NLRI. Flowspec is excessivly flexible and large so there is no way to convert the flowspec data into a struct bgpd_addr and it is better to keep it in wireformat and add a few functions to validate and extract information from the NLRI encoding. OK tb@
Revision 1.470 / (download) - annotate - [select for diffs], Mon Apr 3 10:48:00 2023 UTC (14 months ago) by claudio
Branch: MAIN
Changes since 1.469: +58 -10 lines
Diff to previous 1.469 (colored)
Add first step of flowspec support. This adds the bits to establish a connection with SAFI 133. Right now any sent UPDATE with SAFI 133 is simply ignored. At the moment SAFI 134 (flowspec for L3VPN) is unsupported. OK tb@
Revision 1.469 / (download) - annotate - [select for diffs], Wed Mar 29 14:35:38 2023 UTC (14 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.468: +2 -2 lines
Diff to previous 1.468 (colored)
Mark the struct aid name as const char * since it points to static memory.
Revision 1.468 / (download) - annotate - [select for diffs], Tue Mar 28 13:30:31 2023 UTC (14 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.467: +1 -10 lines
Diff to previous 1.467 (colored)
More pt_entry cleanup, move structure definitions to rde_prefix.c and by that make them private. Remove no longer used AID_PTSIZE define. OK tb@
Revision 1.467 / (download) - annotate - [select for diffs], Tue Mar 28 12:15:23 2023 UTC (14 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.466: +2 -1 lines
Diff to previous 1.466 (colored)
Introduce a semaphore to protect intermediate state from different RTR sessions to leak into the RDE via rtr_recalc. Only run rtr_recalc when the last or only RTR session is done with the update. Run a new timer along to ensure that the semaphore is not hold forever. The timeout is currently a very generous 60sec, no RTR cache should be that slow. OK tb@
Revision 1.466 / (download) - annotate - [select for diffs], Tue Mar 28 12:06:15 2023 UTC (14 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.465: +2 -1 lines
Diff to previous 1.465 (colored)
Include the memory size usage of the prefix tree in rde_memstats. OK tb@
Revision 1.465 / (download) - annotate - [select for diffs], Mon Mar 13 16:52:41 2023 UTC (14 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE
Branch point for: OPENBSD_7_3
Changes since 1.464: +11 -9 lines
Diff to previous 1.464 (colored)
Add F_CTL_LEAKED and F_CTL_INELIGIBLE flags for bgpctl to show leaked and ineligible paths. While there rename F_PREF_OTC_LOOP to F_PREF_OTC_LEAK since this indicates that a route leak was detected. OK tb@
Revision 1.464 / (download) - annotate - [select for diffs], Fri Mar 10 07:57:15 2023 UTC (15 months ago) by claudio
Branch: MAIN
Changes since 1.463: +3 -4 lines
Diff to previous 1.463 (colored)
Compile the output filter rules into per peer filter rules. especially on route-servers the output filters are in the hot path so reducing the number of rules to check has a big impact. I have seen a 25% to 30% speedup in my big IXP testbench. The output ruleset is applied and copied for each peer during config reload and when a peer is initially added. OK tb@
Revision 1.463 / (download) - annotate - [select for diffs], Thu Mar 9 17:21:21 2023 UTC (15 months ago) by claudio
Branch: MAIN
Changes since 1.462: +4 -3 lines
Diff to previous 1.462 (colored)
Implement ASPA support in RTR by following draft-ietf-sidrops-8210bis-10. In rtr.c renamed rtr_aspa_merge_set() to rtr_aspa_insert() and move it close to rtr_roa_insert(). In rtr_proto.c most complexity comes from the version negotiation. The ASPA parser is reasonably streight forward. The version negotiation is fragile but that is mostly because of the protocol specification and the fact that RTR cache daemons sometimes fail to send errors. OK tb@
Revision 1.462 / (download) - annotate - [select for diffs], Thu Mar 9 13:12:19 2023 UTC (15 months ago) by claudio
Branch: MAIN
Changes since 1.461: +2 -3 lines
Diff to previous 1.461 (colored)
Major rework of RFC9234 support. My initial interpretation of the RFC was too conservative. Fixes and changes include: - add role output to bgpctl, also adjust the capability output. Note, this changes the JSON output of neighbors a bit. - adjust the config parser to enable the RFC9234 role capability when there is a role set. iBGP and sessions with no role will not announce the role capability. - adjust the role capability announcement to be only on sessions that use either AFI IPv4 or IPv6 and SAFI 1 (AID_INET, AID_INET6). - if there is an OPEN notification indicating that the role capability is bad only disable the capability if it is not enforced. - Adjust capability negotiation, store remote_role on the peer since the neighbors role is no longer needed by the RDE. - inject the OTC attribute on ingress only for AID_INET and AID_INET6. For other AIDs clear the F_ATTR_OTC_LOOP flag. - Adjust the role logic in the RDE and use the peer->role (local role of the system) for all checks. Also remove the check if the role capability was negotiated between peers. - In prefix_eligible() check also if the F_ATTR_OTC_LOOP flag is set. The RFC requires that prefixes must be considered ineligible (and not treat as withdraw as done before) - When generating an UPDATE include the OTC attribute unless the AID is neither AID_INET or AID_INET6. Fixes https://github.com/openbgpd-portable/openbgpd-portable/issues/51 Reported by Pier Carlo Chiodi OK tb@
Revision 1.461 / (download) - annotate - [select for diffs], Thu Feb 9 13:43:23 2023 UTC (15 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.460: +15 -2 lines
Diff to previous 1.460 (colored)
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
Revision 1.460 / (download) - annotate - [select for diffs], Tue Jan 24 14:13:11 2023 UTC (16 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.459: +7 -3 lines
Diff to previous 1.459 (colored)
Implement filter and control message matching for ASAP. This adds avs (ASPA validation state) which can be 'unknown', 'valid' or 'invalid'. It behaves similar to ovs but the ASPA validation state of paths from iBGP sessions is 'unknown' and the role of the ebgp session is important to get the right validation state. OK tb@
Revision 1.459 / (download) - annotate - [select for diffs], Tue Jan 24 11:28:41 2023 UTC (16 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.458: +3 -2 lines
Diff to previous 1.458 (colored)
Implement ASPA validation and reload logic on ASPA set changes. For this use the validation state (vstate) in struct prefix and struct filterstate to store both the ASPA and ROA validity. Introduce helper functions to set and get the various states for struct prefix and make sure struct filterstate is also setup properly. Change the ASPA state in rde_aspath to be AFI/AID and role independent by storing all 4 possible outcomes. Also add a ASPA generation count which is used to update the rde_aspath ASPA state cache on reloads. Rework the rde_aspa.c code to be AFI/AID and role independent. Doing this for roles is trivial but AFI switch goes deep and is so unnecessary. The reload is combined with the ROA reload logic and renamed to RPKI softreload. OK tb@
Revision 1.458 / (download) - annotate - [select for diffs], Tue Jan 17 16:09:01 2023 UTC (16 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.457: +8 -1 lines
Diff to previous 1.457 (colored)
Add the needed logic to load the ASPA table from the rtr process into the RDE. The actual reload logic is missing to keep the diff small. OK tb@
Revision 1.457 / (download) - annotate - [select for diffs], Wed Jan 11 13:53:17 2023 UTC (16 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.456: +7 -1 lines
Diff to previous 1.456 (colored)
Add ASPA validation functions to the RDE. This implements ASPA validation based on the current draft. Implementing this showed various weaknesses in the current ASPA draft which I hope to fix in the near future. Unlike the algorithm specified in the draft our version validates the AS_PATH attribute in a single path doing one or two lookups depending on the sessions BGP role. The code is not yet hooked up into the RDE (see the NOTYET blocks). Missing are reload logic, bgpctl integration and the loading of the merged ASPA set from the rtr process. OK tb@
Revision 1.456 / (download) - annotate - [select for diffs], Wed Jan 4 14:33:30 2023 UTC (17 months ago) by claudio
Branch: MAIN
Changes since 1.455: +14 -4 lines
Diff to previous 1.455 (colored)
Add a per eBGP session role to the config. This somewhat replaces the RFC 9234 open policy role. This is done because ASPA requires the same role to be present to properly validate paths. For iBGP sessions the role is forced to ROLE_NONE. If no role is set on an ebgp session then 'announce policy' is forced to 'no'. Also make sure the the role capability is only added if the role is set. OK tb@
Revision 1.455 / (download) - annotate - [select for diffs], Fri Nov 18 10:17:23 2022 UTC (18 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.454: +19 -2 lines
Diff to previous 1.454 (colored)
Add plumbing for ASPA support. This implements the parser and part of the logic in the rtr process. It does not implement the new RTR messages yet but it is possible to specify an aspa-set in the config. Also the validation code in the RDE is missing so this does not do anything. With this in it will be possible to extend rpki-client to publish an aspa-set as part of the openbgpd config file. OK tb@
Revision 1.454 / (download) - annotate - [select for diffs], Fri Sep 23 15:50:41 2022 UTC (20 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.453: +4 -4 lines
Diff to previous 1.453 (colored)
Don't depend on RTLABEL_LEN but instead define our own ROUTELABEL_LEN. With this bgpd.h no longer depends on net/route.h OK tb@
Revision 1.453 / (download) - annotate - [select for diffs], Wed Sep 21 21:12:03 2022 UTC (20 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.452: +3 -1 lines
Diff to previous 1.452 (colored)
The values for fib_priority are OS dependent. To help portability move the RTP_BGP and similar defines all into kroute.c and export them via kr_default_prio() and kr_check_prio(). OK tb@
Revision 1.452 / (download) - annotate - [select for diffs], Wed Aug 31 15:51:44 2022 UTC (21 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.451: +1 -11 lines
Diff to previous 1.451 (colored)
Remove IMSG_CTL_SHOW_RIB_HASH and struct rde_hashstats which are no longer used. Also cleanup some hash sizes which are also no longer used. OK tb@
Revision 1.451 / (download) - annotate - [select for diffs], Mon Aug 29 18:18:55 2022 UTC (21 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.450: +1 -2 lines
Diff to previous 1.450 (colored)
Instead of a global aspath cache copy the aspath attribute per rde_aspath struct. It uses a bit more memory but improves performance a lot on really big systems because aspath_get() becomes a very hot function. OK tb@
Revision 1.450 / (download) - annotate - [select for diffs], Fri Aug 26 14:10:52 2022 UTC (21 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.449: +2 -1 lines
Diff to previous 1.449 (colored)
Handle IMSG_SESSION_* messages immediatly when received and do not put them on the per peer imsg queue. This is mainly for IMSG_SESSION_DOWN. Delaying the session down can race against IMSG_SESSION_ADD which is handled immediatly and as a result an establised connection may be removed in the RDE because of it. The various graceful restart imsgs need similar treatment for similar reasons. In the end when a session is reset/closed the RDE needs to stop all work and flush the per peer imsg queue. With this only update and route refresh messages are handled via the imsg queue. OK tb@
Revision 1.449 / (download) - annotate - [select for diffs], Wed Aug 10 14:17:01 2022 UTC (21 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.448: +2 -2 lines
Diff to previous 1.448 (colored)
More kroute_nexthop cleanup. Mainly use direct assignment instead of memcpy(). Additionally replace a bzero() with memset() and remove to superfluous bzero calls. OK tb@
Revision 1.448 / (download) - annotate - [select for diffs], Thu Jul 28 13:11:48 2022 UTC (22 months, 1 week ago) by deraadt
Branch: MAIN
Changes since 1.447: +8 -8 lines
Diff to previous 1.447 (colored)
whitespace found during a read-thru; ok claudio
Revision 1.447 / (download) - annotate - [select for diffs], Thu Jul 28 10:41:18 2022 UTC (22 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.446: +6 -7 lines
Diff to previous 1.446 (colored)
Remove F_DOWN, it is no longer used and reshuffle the other flags a bit to group them a bit better. OK tb@
Revision 1.446 / (download) - annotate - [select for diffs], Wed Jul 27 17:23:17 2022 UTC (22 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.445: +2 -3 lines
Diff to previous 1.445 (colored)
There is no need to track both F_BGPD and F_KERNEL anymore. Remove F_KERNEL and replace the checks using the F_BGPD flag. Also do not convert the priority in kr_tofull() instead provide kr_priority() which does this and is used by the bgpctl imsg commands. Also in dispatch_rtmsg_addr() convert to RTP_MINE if the priority is equal to the configured priority. OK tb@
Revision 1.445 / (download) - annotate - [select for diffs], Sat Jul 23 10:24:01 2022 UTC (22 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.444: +2 -2 lines
Diff to previous 1.444 (colored)
Refactor and rename bgpd_filternexthop() to bgpd_oknexthop() Simplify the logic and adjust kroute_match() which makes the code easier to understand. OK tb@
Revision 1.444 / (download) - annotate - [select for diffs], Fri Jul 22 17:26:58 2022 UTC (22 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.443: +3 -4 lines
Diff to previous 1.443 (colored)
Revert previous commit. The RTP_MINE checks on struct kroute_full are not correct because kr_tofull() replaces RTP_MINE with the real priority. Noticed because of incorrect nexthop selection.
Revision 1.443 / (download) - annotate - [select for diffs], Fri Jul 22 11:17:48 2022 UTC (22 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.442: +4 -3 lines
Diff to previous 1.442 (colored)
Retire the F_KERNEL flag, it got superseded by route priority and RTP_MINE. Only problem is when route(8) is used to modify/delete a bgpd owned route. Exact behaviour for that is still a bit unclear but F_KERNEL does not help in this case either. In the kr_fib_delete/change remove F_BGPD_INSERTED in that case as a first step. OK tb@
Revision 1.442 / (download) - annotate - [select for diffs], Wed Jul 20 12:43:27 2022 UTC (22 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.441: +4 -3 lines
Diff to previous 1.441 (colored)
Cleanup and fix the network code. - introduce network_free() to properly free a network struct including the possible rtlabel reference. - change expand_networks() and the reload code to not only expand the main network config but also the network configs inside L3VPN sections. - adjust reload logic to properly match any kind of network struct. Up until now rtlabel and priority network statememnts were not correctly reloaded. OK tb@
Revision 1.441 / (download) - annotate - [select for diffs], Mon Jul 11 17:08:21 2022 UTC (22 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.440: +16 -1 lines
Diff to previous 1.440 (colored)
Implement send side of RFC7911 ADD-PATH
This allows to send out more then one path per perfix to a neighbor that
supports add-path receive. OpenBGPD supports a few different modes to
select which paths to send:
- all: send all valid paths (the ones with a * in bgpctl output)
- best: send out only the single best path
- ecmp: send out paths that evaluate the same up and including
the nexthop metric
- as-wide-best: send out paths that evaluete the same up but not including
the nexthop metric
Currently ecmp and as-wide-best are the same. On top of this best, ecmp
and as-wide-best allow to include extra paths (e.g. best plus 2) and
for the multipath modes there is also a maximum (e.g. ecmp plus 2 max 4)
OK tb@
Revision 1.440 / (download) - annotate - [select for diffs], Thu Jul 7 12:16:04 2022 UTC (23 months ago) by claudio
Branch: MAIN
Changes since 1.439: +12 -9 lines
Diff to previous 1.439 (colored)
Introduce a decision metric (dmetric) that classifies the relation of this prefix with respect to its previous one. Currently the plan is to distinguish the best prefix (only one), ecmp prefixes (currently the same as as-wide-multipath), as-wide-multipath prefixes, valid prefixes and invalid prefixes. This information will be used to implement add-path send but also for ecmp support in bgpd. OK tb@
Revision 1.439 / (download) - annotate - [select for diffs], Thu Jun 30 20:33:14 2022 UTC (23 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.438: +2 -1 lines
Diff to previous 1.438 (colored)
Only have one version of send_rtmsg() which uses struct kroute_full(). Code uses struct sockaddr_storage to have enough space for ROUNDUP() in all cases. Makes the code mostly nicer. OK tb@
Revision 1.438 / (download) - annotate - [select for diffs], Mon Jun 27 13:26:51 2022 UTC (23 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.437: +20 -7 lines
Diff to previous 1.437 (colored)
Add support for RFC 9234 - Route Leak Prevention and Detection Using Roles With this it is possible to send a role in the OPEN message and if that was successful the RDE will add the new OTC attribute if necessary. OK tb@
Revision 1.437 / (download) - annotate - [select for diffs], Thu Jun 23 13:09:03 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.436: +3 -10 lines
Diff to previous 1.436 (colored)
Move struct kif from bgpd.h to kroute.c The only user of struct kif was the session engine for the 'depend on' feature. Switch the imsg exchange to a new struct session_dependon and rename the IMSG as well. OK tb@
Revision 1.436 / (download) - annotate - [select for diffs], Thu Jun 23 07:43:37 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.435: +7 -7 lines
Diff to previous 1.435 (colored)
Replace struct kroute_node and kroute6_node with direct versions of struct kroute and kroute6. Rename knexthop_node to knexthop as well. Mostly mechanical but fix at least one log format string to have the correct order of arguments. OK tb@
Revision 1.435 / (download) - annotate - [select for diffs], Wed Jun 22 15:24:58 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.434: +1 -23 lines
Diff to previous 1.434 (colored)
Move struct kroute and kroute6 to kroute.c and out of bgpd.h OK tb@
Revision 1.434 / (download) - annotate - [select for diffs], Wed Jun 22 14:56:12 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.433: +2 -2 lines
Diff to previous 1.433 (colored)
Use struct kroute_full in bgpd_filternexthop() so this code becomes a lot simpler. OK tb@
Revision 1.433 / (download) - annotate - [select for diffs], Wed Jun 22 14:48:51 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.432: +2 -5 lines
Diff to previous 1.432 (colored)
Use struct kroute_full instead of a union of struct kroute & kroute6. struct kroute_full is address family independent and so more portable. Also struct kroute and struct kroute6 will be kroute.c internal soon. OK tb@
Revision 1.432 / (download) - annotate - [select for diffs], Sun Jun 19 10:30:09 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.431: +2 -1 lines
Diff to previous 1.431 (colored)
Implement a applymask() function that works on bgpd_addr structs. Use this function in kroute so that kroute_find and kroute6_find can switch to use struct bgpd_addr as argument. OK tb@
Revision 1.431 / (download) - annotate - [select for diffs], Thu Jun 16 15:33:05 2022 UTC (23 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.430: +1 -3 lines
Diff to previous 1.430 (colored)
Remove prefixlen2mask() uasge outside of util.c. Instead use inet4applymask().
Using inet4applymask() makes the code similar to the IPv6 version.
Also switch kroute{,6}_match() to use a struct bgpd_addr * as argument.
OK tb@
Revision 1.430 / (download) - annotate - [select for diffs], Wed Jun 15 14:09:30 2022 UTC (23 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.429: +17 -6 lines
Diff to previous 1.429 (colored)
Do not use defines from pfkeyv2.h in portable code. Instead define our own algorithm enums for the IPsec code. OK tb@ sthen@
Revision 1.429 / (download) - annotate - [select for diffs], Wed Jun 15 10:10:03 2022 UTC (23 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.428: +3 -3 lines
Diff to previous 1.428 (colored)
Rename F_BGPD_INSERTED to F_BGPD and use F_BGPD_INSERTED as a flag that indicates that the route was successfully added to the FIB. Filter out dynamic routes, like it is already done for ARP and ND routes) and kill F_DYNAMIC. Also remove the protect_lo() bits. Adding dummy kroute entries does no longer prevent bad routes to hit the FIB. Also loopback IPs are checked in a few other places to prevent bad routes to be installed into the FIB. OK tb@
Revision 1.428 / (download) - annotate - [select for diffs], Thu Jun 9 16:45:19 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.427: +5 -7 lines
Diff to previous 1.427 (colored)
Remove the rdomain / rtableid passed to some kroute functions. kr_nexthop_add() and kr_nexthop_delete() only operate on the main table so just pass in the right rdomain id. kr_shutdown() and kr_dispatch_msg() don't really need the rdomain passed. The was done for kif_remove(), since that function needs to remove connected routes from the rdomain table. Connected routes can only exists in the interfaces rdomain so just use kif->k.rdomain. If such routes exist that table exists as well. If the table does not exists there are also no connected routes to track. OK tb@
Revision 1.427 / (download) - annotate - [select for diffs], Tue Jun 7 15:57:47 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.426: +1 -2 lines
Diff to previous 1.426 (colored)
Retire F_RTLABEL it was not used for anything. Also cleanup some redundant if statements. OK tb@
Revision 1.426 / (download) - annotate - [select for diffs], Sun Jun 5 12:43:13 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.425: +12 -12 lines
Diff to previous 1.425 (colored)
Rework how fib_priority is handled. Instead of passing it around all the time put the fib_priority into the kroute state. It is only needed in send_rtmsg() in the end. Additionally insert F_BGP_INSERTED routes with a special RTP_MINE priority. This makes changing the fib_priority at runtime simpler because there is no need to alter the kroute table anymore. OK tb@ deraadt@
Revision 1.425 / (download) - annotate - [select for diffs], Tue May 31 09:45:33 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.424: +4 -1 lines
Diff to previous 1.424 (colored)
Implement a max communities filter match When max-communities X is set on a filterrule the filter will match when more than X communities are present in the path. In other words max-communities 0 means no communities are allowed and max-communities 3 limits it up to 3 communities. There is max-communities, max-ext-communities and max-large-communities for each of the 3 community attributes. These three max checks can be used together. OK tb@ job@
Revision 1.424 / (download) - annotate - [select for diffs], Wed May 25 16:03:34 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.423: +3 -3 lines
Diff to previous 1.423 (colored)
Fix non-transitive extended community handling. First of all the detection logic was totally wrong. Then filter out non-transitive extended communities when received from an ebgp peer. Also cleanup the type handling of ext-communities. Mainly to not have to handle the transitive vs non-transitive versions the type is masked with EXT_COMMUNITY_VALUE before doing the switch case for the various types. With this my test using ext-communities works. OK tb@
Revision 1.423 / (download) - annotate - [select for diffs], Mon May 23 13:40:11 2022 UTC (2 years ago) by deraadt
Branch: MAIN
Changes since 1.422: +2 -2 lines
Diff to previous 1.422 (colored)
whitespaces found when I went checking for something else
Revision 1.422 / (download) - annotate - [select for diffs], Mon Mar 21 10:15:34 2022 UTC (2 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.421: +3 -3 lines
Diff to previous 1.421 (colored)
Rename F_CTL_ACTIVE and F_PREF_ACTIVE to the more correct F_CTL_BEST and F_PREF_BEST. This is used to mark the one best path in bgpctl. When ECMP support is added then more then one path can be active. OK tb@
Revision 1.421 / (download) - annotate - [select for diffs], Thu Mar 3 11:19:41 2022 UTC (2 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.420: +1 -2 lines
Diff to previous 1.420 (colored)
Remove the labelid from struct kroute_full. It was never really used. The label is passed as a string in kroute_full. Ok tb@
Revision 1.420 / (download) - annotate - [select for diffs], Wed Feb 23 11:20:35 2022 UTC (2 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.419: +3 -1 lines
Diff to previous 1.419 (colored)
Make it possible to bind and connect to non-default ports. This is mainly for testing. Using alternate ports does not work for session using ipsec. OK tb@ deraadt@
Revision 1.419 / (download) - annotate - [select for diffs], Sun Feb 6 09:51:19 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.418: +202 -201 lines
Diff to previous 1.418 (colored)
Switch from u_intX_t types to stdint.h uintX_t. Mostly mechanical with a few reindents. OK florian@ tb@
Revision 1.418 / (download) - annotate - [select for diffs], Wed Sep 1 12:39:52 2021 UTC (2 years, 9 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.417: +2 -1 lines
Diff to previous 1.417 (colored)
Implement roa-set data expiry. Every prefix in a roa-set can specify an optional expires timestamp. The rtr process is walking the roa-set every 5min and removes every prefix that is expired. With this stale RPKI data will slowly disapear and not linger around. OK job@
Revision 1.417 / (download) - annotate - [select for diffs], Mon Aug 9 08:15:34 2021 UTC (2 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.416: +4 -2 lines
Diff to previous 1.416 (colored)
Implement reception of multiple paths per BGP session. This is one side of RFC7911 and the send portion will follow. The path-id is extracted from the NLRI encoding an put into struct prefix. To do this the prefix_by_peer() function gets a path-id argument. If a session is not path-id enabled this argument will be always 0. If a session is path-id enabled the value is taken from the NLRI and can be anything, including 0. The value has no meaning in itself. Still to make sure the decision process is able to break a tie the path-id is checked as the last step (this is not part of the RFC but required). OK benno@
Revision 1.416 / (download) - annotate - [select for diffs], Tue Jul 27 07:32:08 2021 UTC (2 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.415: +3 -1 lines
Diff to previous 1.415 (colored)
Add the needed MRT dump defines for RFC8050 support. This will be used to dump add-path enabled systems because the NLRI format changes based on the add-path capability and there is no way to know which format is in use so new message types had to be added. Also extend the ctl_show_rib structure to include the path_id. OK benno@
Revision 1.415 / (download) - annotate - [select for diffs], Thu Jun 17 16:05:26 2021 UTC (2 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.414: +4 -1 lines
Diff to previous 1.414 (colored)
Implement RFC 7313 enhanced route refresh. It is off by default and can be enabled with 'announce enhanced refresh yes' Similar to graceful restart this allows to mark routes as stale, refresh them and the flush out routes that are still stale. Enhanced route refresh uses a begin of rr and a end of rr message to signal the various stages. A future enhancement would be the addition of a timeout in case the EoRR message is not sent in reasonable time. OK denis@ job@
Revision 1.414 / (download) - annotate - [select for diffs], Thu May 27 08:27:48 2021 UTC (3 years ago) by claudio
Branch: MAIN
Changes since 1.413: +30 -4 lines
Diff to previous 1.413 (colored)
bgpd(8) will soon support ADD-PATH (RFC7911) and enhanced route refresh (RFC7313). This is the frist step toward this. It adds the capability parsers for the two no capabilities, extends the capability struct and adds the capability negotiation bits. The route refresh message parser and generator are extended to support the BoRR and EoRR message. Also add the new NOTIFICATION type and subtype for the route refresh message.
Revision 1.413 / (download) - annotate - [select for diffs], Tue Mar 2 09:45:07 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.412: +5 -3 lines
Diff to previous 1.412 (colored)
Introduce 'rde evaluate all' a mode to work around path hiding in IXP route-server environments. By default only the best path is sent to peers and if that path is filtered then the path is hidden for that peer. On route-servers this is sometimes not desried. For this 'rde evaluate all' will cause the evaluation process to fall back to alternate routes and will redistribute the first non-filtered path to the peer. This is very similar to per-peer RIBs but accomplishes the same effect without the massive increase in memory usage. Compared to the default mode this requires more CPU resources but it is probably less than what per-peer RIBs would require. 'rde evaluate all' can be set and reset globally, on groups and on idividual neighbors. It is not limited to route-server configs but route loops are possible if not properly used. OK benno@
Revision 1.412 / (download) - annotate - [select for diffs], Tue Feb 16 08:29:16 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.411: +61 -6 lines
Diff to previous 1.411 (colored)
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
Revision 1.411 / (download) - annotate - [select for diffs], Mon Jan 25 09:15:23 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.410: +4 -2 lines
Diff to previous 1.410 (colored)
RFC6472 discourages the use of AS_SET segements in ASPATH attributes.
The main reason is that AS_SET does not play nice with RPKI ROA.
Introduce a per neighbor and global config option
'reject as-set yes' and 'reject as-set no'
If set to yes received UPDATES with AS_SET segements are rejected.
This is done the same way other ASPATH soft-errors are handled. The UPDATE
is marked invalid and all prefixes are treated as withdraws.
`bgpctl show rib in error` can be used to show prefixes that where denied
and treated as withdraws because of errors.
By default this feature is off.
OK benno@
Revision 1.410 / (download) - annotate - [select for diffs], Mon Jan 18 12:15:36 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.409: +4 -28 lines
Diff to previous 1.409 (colored)
Change struct bgpd_addr VPN encoding. Instead of including two almost equal versions put the RD and lable stack right into struct bgpd_addr. For non-VPN addresses these extra fields are ignored. Since VPN and non-VPN addresses encode the prefix in the same way now some code can be simplified. In most cases a fallthrough or reuse of encoding functions is now possible. It should also reduce the size of struct bgpd_addr a bit. OK denis@
Revision 1.409 / (download) - annotate - [select for diffs], Mon Jan 4 13:40:32 2021 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.408: +2 -2 lines
Diff to previous 1.408 (colored)
Use log_sockaddr() in log_addr() to print a struct bgpd_addr. This way IPv6 scoped addresses will print correctly. OK tb@ florian@
Revision 1.408 / (download) - annotate - [select for diffs], Wed Dec 30 07:29:56 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.407: +21 -1 lines
Diff to previous 1.407 (colored)
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
Revision 1.407 / (download) - annotate - [select for diffs], Tue Dec 29 15:30:34 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.406: +22 -7 lines
Diff to previous 1.406 (colored)
In preparation for RTR support change the representation of the roa-set in the parent to a simple RB tree based on struct roa. With this overlapping ROAs (same prefix & source-as but different maxlen) are now merged in the RDE when the lookup trie is constructed. OK benno@
Revision 1.406 / (download) - annotate - [select for diffs], Wed Dec 23 13:20:47 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.405: +3 -1 lines
Diff to previous 1.405 (colored)
BGP uses KEEPALIVE packets and the HOLD timer to detect stalled sessions. The problem is that this timer only looks at the receive side of the TCP session. If for some reason the send side stalls the system fully depends on the remote BGP peer to reset the session. As seen in an ever growing OutQ and as a result important changes can get stalled and cause routing troubles. This change introduces a SEND HOLD timer. The timer is reset whenever the session engine was able to write data to the TCP socket. If the send hold timer expires bgpd was not able to send any data to that neighbor for at least 90 seconds and therefor the session is forcefully closed with a hold timer expired notification. The send hold timer acts as a last resort to detect faulty peers. On an idle session it can take a long time until this timer triggers but the main goal here is to reset a stuck session at some point which did not happen before. With and OK job@
Revision 1.405 / (download) - annotate - [select for diffs], Thu Nov 5 11:52:59 2020 UTC (3 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.404: +2 -2 lines
Diff to previous 1.404 (colored)
Kill bgpd_process, nothing uses it anymore. Instead pass the process type directly to log init. One less common in bgpd. OK benno@
Revision 1.404 / (download) - annotate - [select for diffs], Thu Nov 5 11:51:13 2020 UTC (3 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.403: +3 -2 lines
Diff to previous 1.403 (colored)
Refactor the filterset handling of nexthops. Instead of depending on bgpd_process and changing the behaviour that way add a new filterset type ACTION_SET_NEXTHOP_REF which is used when the nexthop reference of the union is used. Adjust the RDE to convert ACTION_SET_NEXTHOP to ACTION_SET_NEXTHOP_REF when receiving the filtersets. OK benno@
Revision 1.403 / (download) - annotate - [select for diffs], Sun May 10 13:38:46 2020 UTC (4 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.402: +5 -5 lines
Diff to previous 1.402 (colored)
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]')
to be more generic, then change 'reload' to take take a '[reason]' also,
which will be logged by bgpd.
ok kn claudio
Revision 1.402 / (download) - annotate - [select for diffs], Thu Apr 23 16:13:11 2020 UTC (4 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.401: +3 -2 lines
Diff to previous 1.401 (colored)
Store local-address by address family. This allows to configure both an IPv4 and IPv6 local-address on a group and the neighbors bind to the right local-address. Also implement 'no local-address' to reset a previously set local address back to zero. This should help with IBGP and multihop session config and hopefully reduce repetition in bgpd configs. OK sthen@ benno@
Revision 1.401 / (download) - annotate - [select for diffs], Fri Feb 14 13:54:31 2020 UTC (4 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.400: +5 -7 lines
Diff to previous 1.400 (colored)
Rename copy_filterset() to filterset_copy() and move it to rde_filter.c where functions like filterset_move() live. Also initialize the dest TAILQ in filterset_copy() as it is done in filterset_move(). OK benno@ phessler@
Revision 1.400 / (download) - annotate - [select for diffs], Wed Feb 12 10:33:56 2020 UTC (4 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.399: +3 -2 lines
Diff to previous 1.399 (colored)
Move the code to figure out the alternate IP address (IPv6 addr for IPv4 sessions and vice versa) from the RDE to the SE. The SE is the right place for this since there getsockname(2) fetches the local address and so the alternate one can be fetched there as well. With this the route pledge is no longer needed in the RDE and the pledge is now just "stdio recvfd". OK benno@
Revision 1.399 / (download) - annotate - [select for diffs], Fri Jan 24 05:44:05 2020 UTC (4 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.398: +3 -1 lines
Diff to previous 1.398 (colored)
Implement 'max-prefix NUM out' to limit the number of announced prefixes. This is an easy safety switch to not leak full tables to upstreams and peers. If the limit is hit a Cease notification is sent and the session is closed. This implements most of https://tools.ietf.org/html/draft-sa-idr-maxprefix-00 OK job@
Revision 1.398 / (download) - annotate - [select for diffs], Tue Jan 21 11:10:24 2020 UTC (4 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.397: +8 -4 lines
Diff to previous 1.397 (colored)
Add some additional cease error subcodes as defined by iana. OK denis@ deraadt@
Revision 1.397 / (download) - annotate - [select for diffs], Thu Jan 9 11:55:25 2020 UTC (4 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.396: +2 -2 lines
Diff to previous 1.396 (colored)
Convert the lastchange of a prefix from time(NULL) to getmonotime() which uses CLOCK_MONOTONIC. Convert the control messages to return the relative age of the prefix instead of the absolute age. Adjust the mrt dump code to stil dump the route age in seconds since epoch as defined in the RFC. With this all times in bgpd are now based on CLOCK_MONOTONIC. OK denis@
Revision 1.396 / (download) - annotate - [select for diffs], Thu Jan 9 11:51:18 2020 UTC (4 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.395: +4 -1 lines
Diff to previous 1.395 (colored)
Convert last_updown and last_read from time(3) to use getmonotime() which returns clock_gettime(2) with CLOCK_MONOTONIC. While doing that introduce last_write for symetry. OK denis@
Revision 1.395 / (download) - annotate - [select for diffs], Wed Nov 27 01:21:54 2019 UTC (4 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.394: +2 -3 lines
Diff to previous 1.394 (colored)
struct ctl_show_rib does not need aspath_len since this information is known through the imsg lenght. OK benno@
Revision 1.394 / (download) - annotate - [select for diffs], Tue Oct 1 08:57:47 2019 UTC (4 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.393: +2 -2 lines
Diff to previous 1.393 (colored)
For portable kr_init() returns an fd of -1 which now would end up in an immediate exit of bgpd. Instead pass the fd via pointer arg. OK benno@
Revision 1.393 / (download) - annotate - [select for diffs], Fri Sep 27 10:33:06 2019 UTC (4 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.392: +3 -2 lines
Diff to previous 1.392 (colored)
Implement F_SHORTER in the prefix lookup code for bgpctl. F_SHORTER will match all prefixes that have a shorter prefixlen than the one in the request. It will print all routes which cover the specified prefix. OK job@ sthen@
Revision 1.392 / (download) - annotate - [select for diffs], Wed Aug 7 10:26:41 2019 UTC (4 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.391: +3 -4 lines
Diff to previous 1.391 (colored)
Improve RIB reload behaviour. Especially when the rtable changes or the route evaluation is modified. In both cases the softreconfig code will now walk the RIB and ensure that everything is in proper sync. Additionally remove 'route-collector yes|no' from the bgpd config, instead use 'rde rib Loc-RIB no evaluate' with the benefit that you can alter the setting now during runtime. Tested and OK benno@
Revision 1.391 / (download) - annotate - [select for diffs], Mon Aug 5 08:46:55 2019 UTC (4 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.390: +3 -2 lines
Diff to previous 1.390 (colored)
Cleanup config reload in the RDE. Use the bgpd_conf struct to store sets and l3vpns instead of temporary globals. Also rework rde_reload_done to free filters and sets earlier. The soft-reconfiguration process no longer needs the previous filters / sets to do its work since there is a full Adj-RIB-Out. OK benno@
Revision 1.390 / (download) - annotate - [select for diffs], Tue Jul 23 06:26:44 2019 UTC (4 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.389: +3 -2 lines
Diff to previous 1.389 (colored)
Clean up RIB related kroute code. Introduce a way to flush a FIB table from the RDE. Make sure that all nexthops don't get removed in the FIB when a FIB table is removed. This should only happen for the main FIB. Remove F_RIB_HASNOFIB which is just confusing since there is already F_RIB_NOFIB and F_RIB_NOFIBSYNC. OK benno@
Revision 1.389 / (download) - annotate - [select for diffs], Fri Jul 19 07:40:41 2019 UTC (4 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.388: +4 -3 lines
Diff to previous 1.388 (colored)
When allocating socketpair() increase their send and receive buffers to 4 times the read size. This helps to increase the efficency of poll() since now most of the time the read and write call can operate on full buffers. OK benno@ phessler@
Revision 1.388 / (download) - annotate - [select for diffs], Sat Jun 22 05:36:40 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.387: +7 -1 lines
Diff to previous 1.387 (colored)
Adjust peer id allocation a bit. Use defines for the various special values and intervals. Mostly the same with the exception that peerself is now id 1 and the first peer has id 2 -- was 0 and 1 before. OK kn@, benno@
Revision 1.387 / (download) - annotate - [select for diffs], Mon Jun 17 21:17:04 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.386: +2 -2 lines
Diff to previous 1.386 (colored)
A bit more KNF no binary change
Revision 1.386 / (download) - annotate - [select for diffs], Mon Jun 17 13:35:42 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.385: +2 -2 lines
Diff to previous 1.385 (colored)
Cleanup, remove some unneded spaces add some other where needed. No binary change according to clang
Revision 1.385 / (download) - annotate - [select for diffs], Mon Jun 17 11:02:19 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.384: +29 -32 lines
Diff to previous 1.384 (colored)
Completley rewrite the community matching and handling code. All community attributes are put into a new data structure when parsing the UPDATE. The filter code can quickly lookup and modify this data structure. When creating an UPDATE the data is put back into wire format. Setups using a lot of communities benefit a lot from this. Input and OK benno@
Revision 1.384 / (download) - annotate - [select for diffs], Mon May 27 09:14:32 2019 UTC (5 years ago) by claudio
Branch: MAIN
Changes since 1.383: +2 -2 lines
Diff to previous 1.383 (colored)
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
Revision 1.383 / (download) - annotate - [select for diffs], Thu May 23 14:10:05 2019 UTC (5 years ago) by claudio
Branch: MAIN
Changes since 1.382: +2 -1 lines
Diff to previous 1.382 (colored)
Add F_CTL_NEIGHBORS a flag only used in bgpctl's mrt parsing code. OK sthen@ benno@
Revision 1.382 / (download) - annotate - [select for diffs], Wed May 8 12:41:55 2019 UTC (5 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.381: +2 -1 lines
Diff to previous 1.381 (colored)
Rework the TCP md5sig and IKE handling. Move the pfkey socket to the parent process in this process. The refreshing of the keys is done whenever the session state is changes to state IDLE or ACTIVE. This should behave better when reloading configs with auth changes. OK benno@
Revision 1.381 / (download) - annotate - [select for diffs], Fri May 3 15:25:47 2019 UTC (5 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.380: +5 -5 lines
Diff to previous 1.380 (colored)
Adjust some comments that were misleading. Those flags are used by bgpd but only on the request side of a bgpctl call.
Revision 1.380 / (download) - annotate - [select for diffs], Fri May 3 15:20:29 2019 UTC (5 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.379: +2 -2 lines
Diff to previous 1.379 (colored)
Bump SET_NAME_LEN to 128 since arouteserver produces names that are more than 64 chars long.
Revision 1.379 / (download) - annotate - [select for diffs], Thu Apr 25 12:12:16 2019 UTC (5 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.378: +2 -2 lines
Diff to previous 1.378 (colored)
Extend maximum message size of the shutdown communication to 255 bytes. See also draft-snijders-idr-rfc8203bis-01. OK job@
Revision 1.378 / (download) - annotate - [select for diffs], Sun Mar 31 16:57:38 2019 UTC (5 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.377: +5 -2 lines
Diff to previous 1.377 (colored)
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
Revision 1.377 / (download) - annotate - [select for diffs], Thu Mar 7 07:42:36 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.376: +26 -10 lines
Diff to previous 1.376 (colored)
Do a better job at cleaning up the config on shutdown. Remove bits that were missed before (e.g. network related objects). This helps to detect memory leaks. Start using new_config() and free_config() in all places where bgpd_config structure are used. This way the struct is properly initialised and cleaned up. Introduce copy_config() to only copy the values into the other struct leaving the pointers as they were. Looks good to benno@
Revision 1.376 / (download) - annotate - [select for diffs], Wed Feb 27 04:31:56 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.375: +2 -2 lines
Diff to previous 1.375 (colored)
Convert the remote and local addresses in struct peer to be bgpd_addrs instead of sockaddr_storage. This again helps protability and simplifies some code. sa2addr now takes an optional pointer to return the port of the sockaddr. OK benno@
Revision 1.375 / (download) - annotate - [select for diffs], Tue Feb 26 10:49:15 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.374: +7 -5 lines
Diff to previous 1.374 (colored)
Add support for '*', local-as and neighbor-as for ext-community matching
and setting. This allows rules like:
ext-community * * # delete any ext-community
ext-community ovs * # delete any ext-community of specified type
ext-community rt 1.2.3.4:*
and
ext-community rt 65001:local-as
ext-community rt local-as:11111
Note: Sometimes the type of the ext-community is underspecified when using
wildchars or expands. So 'ext-community rt *' or 'ext-community soo *' will
match for any of the 3 possible types (2-byte AS, 4-byte AS and IP address).
If local-as/neighbor-as is used as an expand of as-number like
ext-community rt local-as:11111
then bgpd will default to the 4-byte AS type to encode the community.
OK benno@
Revision 1.374 / (download) - annotate - [select for diffs], Thu Feb 21 11:17:22 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.373: +15 -8 lines
Diff to previous 1.373 (colored)
Media and link states are highly OS dependent, to make porting easier export the interface info in a way that does not need OS specific functions to print it. Link state and media are now strings that are set by bgpd. bgpctl can just print them. Move get_linkstate and get_media_descr to kroute.c where all other system specific stuff is. OK sthen@
Revision 1.373 / (download) - annotate - [select for diffs], Tue Feb 19 09:13:23 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.372: +24 -24 lines
Diff to previous 1.372 (colored)
Convert some (u_)int64_t to (unsigned) long long. Makes portability a bit nicer since it requires less casts. sigh deraadt@
Revision 1.372 / (download) - annotate - [select for diffs], Mon Feb 18 12:35:08 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.371: +2 -2 lines
Diff to previous 1.371 (colored)
Use (unsigned) long long instead of (u_)int64_t since that drops the need to do casts for printf.
Revision 1.371 / (download) - annotate - [select for diffs], Mon Feb 18 09:58:19 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.370: +2 -1 lines
Diff to previous 1.370 (colored)
Move get_mpe_config() to kroute.c so that config.c does not depend on system specific code.
Revision 1.370 / (download) - annotate - [select for diffs], Mon Feb 18 09:43:57 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.369: +9 -8 lines
Diff to previous 1.369 (colored)
Do not depend on the length field of struct sockaddr instead pass the length to the various functions needing it. Helps portability. OK benno@
Revision 1.369 / (download) - annotate - [select for diffs], Fri Feb 15 11:38:06 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.368: +2 -1 lines
Diff to previous 1.368 (colored)
Move the depend on state calculation from session.c to kroute.c. This helps making the code more portable. OK sthen@
Revision 1.368 / (download) - annotate - [select for diffs], Thu Feb 14 13:13:33 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.367: +2 -3 lines
Diff to previous 1.367 (colored)
mrt_timeout should just return -1 when there is no timeout set instead of some strange maximum. The poll loop in bgpd.c already limits the maximum wait time so there is no need to double it. While there switch to using time_t for the calculation. OK phessler@
Revision 1.367 / (download) - annotate - [select for diffs], Thu Feb 14 10:38:04 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.366: +1 -0 lines
Diff to previous 1.366 (colored)
Revert part of last commit, this stuff is unrelated.
Revision 1.366 / (download) - annotate - [select for diffs], Thu Feb 14 10:34:54 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.365: +1 -2 lines
Diff to previous 1.365 (colored)
Use -1 instead of the less portable INFTIM for the poll timeout. Result is the same.
Revision 1.365 / (download) - annotate - [select for diffs], Mon Feb 11 15:44:25 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.364: +15 -13 lines
Diff to previous 1.364 (colored)
The definition of VPNs in bgpd was never super elegant. The 'depend on
mpeX' config was a bit redundant. Also to make it more flexible (e.g. having
more than one mpeX interface per rdomain the syntax was changed.
To make this possible especially the network distribution logic had to be
adjusted and cleaned up. This should in general make network statements
well defined and conflicts between 'network A.B.C.D/N' and e.g. 'network static'
are handled in a well defined way ('network A.B.C.D/N' has preference).
With and OK dlg@, OK denis@
Revision 1.364 / (download) - annotate - [select for diffs], Mon Feb 4 18:53:10 2019 UTC (5 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.363: +2 -1 lines
Diff to previous 1.363 (colored)
Implement as-override, a feature where the neighbor AS is replaced by the
local AS in AS paths. This is sometimes needed in bigger transport networks
where private AS numbers are used in multiple locations.
The implementation is done using a filterset which modifies the AS path -
somewhat inspired by the set attribute code. Setting as-override yes will add
match from <neighbor> set { as-override }
to the start of the filter rules. Since this is filters the Adj-RIB-In still
holds the original path and so reloads changing the setting just work.
With and OK markus@
Revision 1.363 / (download) - annotate - [select for diffs], Sun Jan 20 23:27:48 2019 UTC (5 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.362: +2 -2 lines
Diff to previous 1.362 (colored)
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
Revision 1.362 / (download) - annotate - [select for diffs], Fri Jan 18 23:30:45 2019 UTC (5 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.361: +2 -4 lines
Diff to previous 1.361 (colored)
Don't store the mpe information in struct ktable but instead pass the ifindex from the RDE over. This will allow to import prefixes to multiple mpe interfaces in one rdomain. OK dlg@
Revision 1.361 / (download) - annotate - [select for diffs], Sun Dec 30 13:53:07 2018 UTC (5 years, 5 months ago) by denis
Branch: MAIN
Changes since 1.360: +21 -4 lines
Diff to previous 1.360 (colored)
add support for IPv6 VPN routes The kernel bits are missing as of now. With input from claudio@ and kn@ OK claudio@
Revision 1.360 / (download) - annotate - [select for diffs], Thu Dec 27 20:23:24 2018 UTC (5 years, 5 months ago) by remi
Branch: MAIN
Changes since 1.359: +1 -2 lines
Diff to previous 1.359 (colored)
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown. This helps a lot when one tries to do a config check without -n. Inputs and OK claudio@
Revision 1.359 / (download) - annotate - [select for diffs], Sat Dec 22 16:12:40 2018 UTC (5 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.358: +2 -1 lines
Diff to previous 1.358 (colored)
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
Revision 1.358 / (download) - annotate - [select for diffs], Wed Dec 19 15:26:42 2018 UTC (5 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.357: +17 -29 lines
Diff to previous 1.357 (colored)
Fold ext-communities into filter_community so that bgpd can match multiple ext-communities at the same time as well. Additionally this fixes parsing some of the ext-community types. Now all communities are handled by one common struct. OK benno@ plus some input from denis@
Revision 1.357 / (download) - annotate - [select for diffs], Tue Dec 11 09:02:14 2018 UTC (5 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.356: +1 -2 lines
Diff to previous 1.356 (colored)
Refactor aspath code a bit. Move cached source_as (for origin validation) into struct aspath and pass that struct to aspath_match(). OK denis@
Revision 1.356 / (download) - annotate - [select for diffs], Thu Dec 6 12:38:00 2018 UTC (5 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.355: +3 -3 lines
Diff to previous 1.355 (colored)
Implement a simple ruleset optimizer. All it does is merge filter rules that only differ in the filter sets. Since this is still rather common it is able to reduce the number of rules by 5% on an autogenerated config. OK job@
Revision 1.355 / (download) - annotate - [select for diffs], Wed Nov 28 08:32:26 2018 UTC (5 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.354: +20 -24 lines
Diff to previous 1.354 (colored)
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
Revision 1.354 / (download) - annotate - [select for diffs], Wed Nov 14 14:03:36 2018 UTC (5 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.353: +2 -7 lines
Diff to previous 1.353 (colored)
Remove an unneeded union wrapping the skipsteps pointer. OK phessler@
Revision 1.353 / (download) - annotate - [select for diffs], Sat Nov 10 11:19:01 2018 UTC (5 years, 6 months ago) by denis
Branch: MAIN
Changes since 1.352: +5 -3 lines
Diff to previous 1.352 (colored)
fix error message when querying a non-existent table OK claudio@
Revision 1.352 / (download) - annotate - [select for diffs], Sun Nov 4 14:34:00 2018 UTC (5 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.351: +2 -2 lines
Diff to previous 1.351 (colored)
Graceful BGP Session Shutdown is a real RFC, add it to the list. OK job@, benno@
Revision 1.351 / (download) - annotate - [select for diffs], Wed Oct 31 14:50:07 2018 UTC (5 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.350: +2 -1 lines
Diff to previous 1.350 (colored)
Remove tail queues which link peer, aspath and prefix together. These lists are no longer needed and make it possible to share rde_aspath between peers & prefixes. Instead of the lists the rde_aspath is now reference counted. With this struct prefix is now the central place where everything is connected to making the RIB a bit easier to handle. With input and OK denis@
Revision 1.350 / (download) - annotate - [select for diffs], Fri Oct 26 16:53:55 2018 UTC (5 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.349: +6 -1 lines
Diff to previous 1.349 (colored)
Track the amount of memory used for sets and tries (aka anything-set) OK deraadt@
Revision 1.349 / (download) - annotate - [select for diffs], Wed Oct 3 11:36:39 2018 UTC (5 years, 8 months ago) by denis
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.348: +4 -1 lines
Diff to previous 1.348 (colored)
add filter option based on origin validation state OK claudio@
Revision 1.348 / (download) - annotate - [select for diffs], Mon Oct 1 23:09:53 2018 UTC (5 years, 8 months ago) by job
Branch: MAIN
Changes since 1.347: +12 -1 lines
Diff to previous 1.347 (colored)
Expose BGP Origin Validation state in bgpctl show commands OK denis@ claudio@
Revision 1.347 / (download) - annotate - [select for diffs], Sat Sep 29 08:11:11 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.346: +45 -11 lines
Diff to previous 1.346 (colored)
Implement origin validation in bgpd. This introduces two new tables, the
roa-set for RPKI based origin validation and a origin-set which allows to
lookup a source-as / prefix pair.
For RPKI a config can be built like this:
roa-set {
165.254.255.0/24 source-as 15562
193.0.0.0/21 maxlen 24 source-as 3333
}
deny from any ovs invalid
match from any ovs valid set community local-as:42
match from any ovs not-found set community local-as:43
Origin sets are similar but only match when the source-as / prefix pair is
valid.
match from any origin-set ARINDB set community local-as:44
Committing this now so that further work can be done in tree.
OK benno@, job@
Revision 1.346 / (download) - annotate - [select for diffs], Sat Sep 29 07:58:06 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.345: +2 -1 lines
Diff to previous 1.345 (colored)
With the introduction of sets the config that is shipped to the RDE got potentially much bigger. In bad cases the SE activated the config way before the RDE which is not ideal. Introduce IMSG_RECONF_DRAIN which acts as a barrier and ensures that both childs got all the config. Only after that the IMSG_RECONF_DONE message is sent activating the config in the childs more or less simultaneous. OK benno@
Revision 1.345 / (download) - annotate - [select for diffs], Wed Sep 26 15:48:01 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.344: +2 -2 lines
Diff to previous 1.344 (colored)
Rename AS_NONE to AS_UNDEF, AS_NONE will be reused for a different purpose soon. OK compiler and grep
Revision 1.344 / (download) - annotate - [select for diffs], Fri Sep 21 04:55:27 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.343: +6 -1 lines
Diff to previous 1.343 (colored)
Implement code to parse, print and reload roa-set tables.
This is sharing a lot of code with prefixset which makes all a bit easier.
A roa-set is defined like this:
roa-set "test2" {
1.2.3.0/24 source-as 1,
1.2.8.0/22 maxlen 24 source-as 3
}
No support for acting on this data yet.
Put it in deraadt@, OK benno@, input and OK denis@
Revision 1.343 / (download) - annotate - [select for diffs], Thu Sep 20 11:45:59 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.342: +20 -11 lines
Diff to previous 1.342 (colored)
Split up as_set into a set_table and an as_set. The first is what does the lookup and will now also be used in roa-set tries. The as_set is glue to add the name and dirty flag. Add an accessor to get the set data so that the imsg sending and printing can be moved into the right places. This is done mainly because roa-sets need similar but slightly different versions and making the code more generic is the best way fixing this. OK benno@
Revision 1.342 / (download) - annotate - [select for diffs], Thu Sep 20 07:46:39 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.341: +7 -5 lines
Diff to previous 1.341 (colored)
Switch prefixset to an RB_TREE instead of a SIMPLEQ. This allows to trigger on duplicates (which are only reported) but is needed as a preparation step for roa-sets. OK benno@ denis@
Revision 1.341 / (download) - annotate - [select for diffs], Tue Sep 18 15:14:07 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.340: +6 -1 lines
Diff to previous 1.340 (colored)
Backend for roa-sets. This combines as_sets and prefix-set tries to do proper ROA checking. There is a new match function trie_roa_check which does a trie traversal and looks for candidates and matches. If prefix is not covered then ROA_UNKNOWN is returned, if prefix is covered by an entry it will return ROA_INVALID unless the source-as / maxlen combo is matching (ROA_VALID). OK and input sthen@
Revision 1.340 / (download) - annotate - [select for diffs], Fri Sep 14 10:22:11 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.339: +5 -4 lines
Diff to previous 1.339 (colored)
Extend as_set to allow for different sized objects to be added. The only requirement is that the first value of the struct is a 32bit ID which is used in the bsearch. This allows to add more than just as numbers to a set. as_set_match now returns a pointer to this data or NULL if not found. OK benno@
Revision 1.339 / (download) - annotate - [select for diffs], Mon Sep 10 11:01:15 2018 UTC (5 years, 8 months ago) by benno
Branch: MAIN
Changes since 1.338: +2 -2 lines
Diff to previous 1.338 (colored)
remove some empty lines from printconf output. ok claudio@
Revision 1.338 / (download) - annotate - [select for diffs], Sun Sep 9 11:00:51 2018 UTC (5 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.337: +5 -1 lines
Diff to previous 1.337 (colored)
Add network prefix-set <name> syntax to announce networks in a prefix-set. feature discussed with deraadt@ and job@, ok claudio@
Revision 1.337 / (download) - annotate - [select for diffs], Sat Sep 8 15:25:27 2018 UTC (5 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.336: +4 -2 lines
Diff to previous 1.336 (colored)
implement or-longer filter op for prefix-sets. Allows one two write rules like deny from any prefix-set mynetworks or-longer ok claudio, feature discussed with job and deraadt
Revision 1.336 / (download) - annotate - [select for diffs], Fri Sep 7 11:50:32 2018 UTC (5 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.335: +1 -3 lines
Diff to previous 1.335 (colored)
remove unused function find_prefixsetitem(), ok claudio@
Revision 1.335 / (download) - annotate - [select for diffs], Fri Sep 7 10:49:22 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.334: +5 -2 lines
Diff to previous 1.334 (colored)
Implement a fast presix-set lookup. This magic trie is able to match a prefix addr/plen to a prefix-set spec addr/plen prefixlen min - max (a prefix including prefixlen range). Every addr/plen pair is a node in the trie and the prefixlen is added as a bitmask to those nodes. For the lookup the any match is OK, there is no need to do longest or best prefix matching. Inspiration for this solution comes from the way bird implements this which was done by Ondrej Zajicek santiago (at) crfreenet.org OK benno@
Revision 1.334 / (download) - annotate - [select for diffs], Fri Sep 7 05:43:33 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.333: +39 -13 lines
Diff to previous 1.333 (colored)
Implement as-set a fast lookup table to be used instead of long list of AS numbers in source-as, AS and transit-as filterstatements. These table use bsearch to quickly verify if an AS is in the set or not. The filter syntax is not fully set in stone yet. OK denis@ benno@ and previously OK deraadt@
Revision 1.333 / (download) - annotate - [select for diffs], Wed Sep 5 09:49:57 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.332: +1 -2 lines
Diff to previous 1.332 (colored)
Change the way as_compare() and aspath_match() handle 'neighbor-as'. Instead of doing the condition before calling aspath_match() just pass the neighbor-as down to as_compare() which then has all needed data for the lookup. While doing this also remove one of the as fields in struct filter_as since the min/max fields can be reused for unary operations. OK denis@ phessler@
Revision 1.332 / (download) - annotate - [select for diffs], Tue Sep 4 12:00:29 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.331: +2 -1 lines
Diff to previous 1.331 (colored)
Introduce inet4applymask() which does the same as inet6applymask() and can be used instead of doing direct fiddling around with struct in_addr. Use it in a few cases where it makes the code more similar between INET and INET6 case. OK denis@
Revision 1.331 / (download) - annotate - [select for diffs], Wed Aug 29 19:47:47 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.330: +4 -2 lines
Diff to previous 1.330 (colored)
Make it possible to filter the RIB for invalid path which resulted in withdrawn prefixes. This way it should be possible to inspect which prefixes have been removed. While there also fix dumping of the Adj-RIB-In when requested to do so. OK sthen@ denis@
Revision 1.330 / (download) - annotate - [select for diffs], Thu Aug 9 21:12:33 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.329: +1 -3 lines
Diff to previous 1.329 (colored)
Improve handling of source-as when an AS_SET is rightmost. In that case use the rightmost AS from the previous AS path segment. As suggested in rfc6472. Also fix a long standing bug of AS 42 >< 4242 matching 43 - 4241 instead of 1-41 and 4243 and upwards. Last but not least pass the filter_as struct to as_compare since that will make it easier to implement as-sets. OK benno@, OK job@ on a previous version
Revision 1.329 / (download) - annotate - [select for diffs], Wed Aug 8 14:29:05 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.328: +1 -7 lines
Diff to previous 1.328 (colored)
Move struct wire_largecommunity to rde_attr.c since it is only used internally
Revision 1.328 / (download) - annotate - [select for diffs], Sun Jul 22 16:52:27 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.327: +5 -1 lines
Diff to previous 1.327 (colored)
Move functions to print link status etc. to util.c so that bgpd can use them as well. OK benno@
Revision 1.327 / (download) - annotate - [select for diffs], Fri Jul 20 14:58:20 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.326: +13 -1 lines
Diff to previous 1.326 (colored)
Move the nlri_get_prefix functions to util.c so that bgpctl can use them too.
Revision 1.326 / (download) - annotate - [select for diffs], Sat Jul 14 12:32:35 2018 UTC (5 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.325: +3 -3 lines
Diff to previous 1.325 (colored)
get rid of two more implicit ktable_get with rdomain 0. should not change anything when run in rdomain 0. ok henning@ phessler@ claudio@
Revision 1.325 / (download) - annotate - [select for diffs], Thu Jul 12 21:45:37 2018 UTC (5 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.324: +2 -1 lines
Diff to previous 1.324 (colored)
store and print the rdomain of the interfaces we see. ok phessler@ henning@
Revision 1.324 / (download) - annotate - [select for diffs], Wed Jul 11 16:34:36 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.323: +11 -1 lines
Diff to previous 1.323 (colored)
On IMSG_CTL_SHOW_RIB_MEM also send back information of some of the hash structures used in the RDE. Makes it fairly obvious that more is needed in that area. OK phessler@ benno@
Revision 1.323 / (download) - annotate - [select for diffs], Wed Jul 11 14:08:46 2018 UTC (5 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.322: +4 -2 lines
Diff to previous 1.322 (colored)
add option "network ... priority number" to announce prefixes from the kernel routing table selected by priority. For example to import all ospfd/ospf6d routes into bgp. tested by remi@ ok remi@ henning@ and maybe a little claudio@
Revision 1.322 / (download) - annotate - [select for diffs], Tue Jul 10 13:06:28 2018 UTC (5 years, 11 months ago) by benno
Branch: MAIN
Changes since 1.321: +5 -4 lines
Diff to previous 1.321 (colored)
__func__ log statements and some whitespace knf ok^H^HHmpf, whatever claudio@
Revision 1.321 / (download) - annotate - [select for diffs], Tue Jul 10 12:40:41 2018 UTC (5 years, 11 months ago) by benno
Branch: MAIN
Changes since 1.320: +2 -2 lines
Diff to previous 1.320 (colored)
You can run multiple copies of bgpd in seperate rdomains. However, the processes will see each others route messages. Some structures are not initialized correctly for that, causing at least useless log messages. This is an attempt to use the default_tableid where its needed. A few hardcoded uses of rtable 0 remain. ok claudio@
Revision 1.320 / (download) - annotate - [select for diffs], Fri Jun 29 11:45:50 2018 UTC (5 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.319: +3 -3 lines
Diff to previous 1.319 (colored)
Prepare the ground for allowing temporary aspath object living on the stack. To do this path_copy() gets a second argument (dst, src) and a new function path_prep() is introduced to initialize an aspath object. The current path_copy() usage is replaced with path_copy(path_get(), asp) which does the same. Additionally some const where added to the *_copy functions to make it more obvious which is the source and target. Also the pftable_ref() and rtlabel_ref() functions return now the id instead of void. OK sthen@
Revision 1.319 / (download) - annotate - [select for diffs], Mon Jun 25 14:28:33 2018 UTC (5 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.318: +14 -12 lines
Diff to previous 1.318 (colored)
Properly start reference counting struct nexthop. This removes the need for some ugly workaround to make sure nexthop objects don't disapear while still being referenced. During initial lookup of a nexthop a extra reference is pulled but even that is now a bit cleaner than before. Tested by job@, dennis@, benno@ OK job@ dennis@
Revision 1.318 / (download) - annotate - [select for diffs], Wed Jun 13 09:33:51 2018 UTC (5 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.317: +6 -8 lines
Diff to previous 1.317 (colored)
Deprecate announce (all|self|none|default-route) The announce keyword was overloaded and confused a lot of operators, time to clean it up and while there incorporate RFC8212 guideline for propagation. - `announce all` is the new default but the default deny filter will make sure that by default nothing is leaked - `announce self` is no more and results in syntax error - `announce none` is now `export none` - `announce default-route` becomes `export default-route` - the filters are switched to a default deny rule both incoming and outgoing You most certainly need to adjust your config! Best is to change the config in advance by using `announce all` explicitly on all neighbors and adding `deny from any` and `deny to any` at the start of your filters and adjust the rest of the filters to still produce the same result. `bgpd -nv -f bgpd.conf ` and `bgpctl show rib out nei foo` are good tools to verify the changes. Lots of discussions with job@, deraadt@, sthen@ OK job@
Revision 1.317 / (download) - annotate - [select for diffs], Sat Feb 10 01:24:28 2018 UTC (6 years, 3 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.316: +37 -3 lines
Diff to previous 1.316 (colored)
Add prefix-sets, lists of prefixes which can be used in place of a prefix in a filter rule. Initial idea hashed out with job@ in Toronto. This is WIP, i'm commiting it now so we can work on it in the tree. ok florian@ claudio@
Revision 1.316 / (download) - annotate - [select for diffs], Thu Feb 8 00:16:18 2018 UTC (6 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.315: +2 -2 lines
Diff to previous 1.315 (colored)
Bump the read sockbuf of the routing socket to 2MB, may help reduce some of the desync cases. OK benno@
Revision 1.315 / (download) - annotate - [select for diffs], Sun Oct 15 20:44:21 2017 UTC (6 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.314: +2 -1 lines
Diff to previous 1.314 (colored)
Add "ssv" variant which turns a rib route output into a single semicolon-seperated line, so that grep and such can operate easier; then use tr ';' '\n' to convert it to normal form later. This helps with scanning vast swathes of routes.. ok benno claudio job
Revision 1.314 / (download) - annotate - [select for diffs], Sat Aug 12 16:47:50 2017 UTC (6 years, 9 months ago) by phessler
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.313: +3 -1 lines
Diff to previous 1.313 (colored)
allow filter rules to be written that affect ibgp or ebgp neighbors discussed with henning@ OK claudio@, benno@, job@
Revision 1.313 / (download) - annotate - [select for diffs], Fri Aug 11 16:02:53 2017 UTC (6 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.312: +1 -3 lines
Diff to previous 1.312 (colored)
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
Revision 1.312 / (download) - annotate - [select for diffs], Thu Aug 10 14:12:34 2017 UTC (6 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.311: +3 -1 lines
Diff to previous 1.311 (colored)
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
Revision 1.311 / (download) - annotate - [select for diffs], Sun Aug 6 13:23:12 2017 UTC (6 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.310: +2 -2 lines
Diff to previous 1.310 (colored)
Remove comma from last element since that is the terminator.
Revision 1.310 / (download) - annotate - [select for diffs], Sun Aug 6 12:28:31 2017 UTC (6 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.309: +3 -1 lines
Diff to previous 1.309 (colored)
add a zeroed out element at the end of the iana_ext_comms array, so that the iteration over it actually stops. ok and feedback from florian@ phessler@ and claudio@
Revision 1.309 / (download) - annotate - [select for diffs], Mon Jun 26 10:05:57 2017 UTC (6 years, 11 months ago) by phessler
Branch: MAIN
Changes since 1.308: +2 -1 lines
Diff to previous 1.308 (colored)
add support for the "graceful shutdown" well-known community as described in draft-ietf-grow-bgp-gshut from Job Snijders ok phessler@ benno@
Revision 1.308 / (download) - annotate - [select for diffs], Wed May 31 10:44:00 2017 UTC (7 years ago) by claudio
Branch: MAIN
Changes since 1.307: +50 -26 lines
Diff to previous 1.307 (colored)
Rework the way we do extended communities (mainly in the parser) and update the IANA table to a somewhat more complete list. This includes BGP Prefix Origin Validation State support via the ext-community ovs keyword. OK henning@ benno@ based on a diff by Job Snijders
Revision 1.307 / (download) - annotate - [select for diffs], Sun May 28 20:14:15 2017 UTC (7 years ago) by claudio
Branch: MAIN
Changes since 1.306: +3 -1 lines
Diff to previous 1.306 (colored)
Introduce log_peer_info() and make log_peer_warn() log at LOG_ERR instead of LOG_CRIT (which should only be used for fatal). OK benno@
Revision 1.306 / (download) - annotate - [select for diffs], Sun May 28 15:16:33 2017 UTC (7 years ago) by henning
Branch: MAIN
Changes since 1.305: +6 -3 lines
Diff to previous 1.305 (colored)
so far, bgpd was hardcoded to use rtable 0 for nexthop verification. instead, use the rtable bgpd was started in (route -T <n> exec / rc.d daemon_rtable) for nexthop verification and as default Adj-RIB-In and Loc-RIB. This allows multiple bgpds in different rdomains on the same machine - bgp router virtualization if you like buzzwords. initial version written under contract more than a year ago, it took us a while to wrap our brains around the bgpd <-> rdomain interactions - 1) RIBs, 2) nexthop verification and 3) tcp sockets. ok & input phessler claudio benno
Revision 1.305 / (download) - annotate - [select for diffs], Sun May 28 12:21:36 2017 UTC (7 years ago) by claudio
Branch: MAIN
Changes since 1.304: +13 -7 lines
Diff to previous 1.304 (colored)
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
Revision 1.304 / (download) - annotate - [select for diffs], Sat May 27 18:12:23 2017 UTC (7 years ago) by phessler
Branch: MAIN
Changes since 1.303: +2 -1 lines
Diff to previous 1.303 (colored)
Allow an administrator to disable the bgp loop detection algorithm, which is useful in very limited situations. Angry dragons and grues will hunt for you, if you use it. OK claudio@ sthen@ benno@
Revision 1.303 / (download) - annotate - [select for diffs], Sat May 27 12:09:27 2017 UTC (7 years ago) by phessler
Branch: MAIN
Changes since 1.302: +2 -2 lines
Diff to previous 1.302 (colored)
bump the size of ctl rib flags OK claudio@
Revision 1.302 / (download) - annotate - [select for diffs], Sat May 27 10:24:44 2017 UTC (7 years ago) by phessler
Branch: MAIN
Changes since 1.301: +3 -2 lines
Diff to previous 1.301 (colored)
allow us to use 'local-as' in the filter language "match in from any set community local-as:neighbor-as" OK claudio@
Revision 1.301 / (download) - annotate - [select for diffs], Sat May 27 09:26:42 2017 UTC (7 years ago) by phessler
Branch: MAIN
Changes since 1.300: +2 -2 lines
Diff to previous 1.300 (colored)
fix the reference to draft-ymbk-grow-blackholing, to RFC 7999
Revision 1.300 / (download) - annotate - [select for diffs], Wed Jan 25 00:11:07 2017 UTC (7 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.299: +2 -2 lines
Diff to previous 1.299 (colored)
Flag the Loc-RIB with F_RIB_LOCAL so we can remove one ugly hack somewhere else
Revision 1.299 / (download) - annotate - [select for diffs], Tue Jan 24 04:22:42 2017 UTC (7 years, 4 months ago) by benno
Branch: MAIN
Changes since 1.298: +1 -21 lines
Diff to previous 1.298 (colored)
sync log.c from relayd et al to bgpd. there is still a little difference regarding handling of the verbosity value that will be handled later. ok claudio@ florian@
Revision 1.298 / (download) - annotate - [select for diffs], Fri Jan 13 18:59:12 2017 UTC (7 years, 4 months ago) by phessler
Branch: MAIN
Changes since 1.297: +5 -1 lines
Diff to previous 1.297 (colored)
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are
upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job
Snijders <job@ntt.net>, thank you!
OK benno@
Revision 1.297 / (download) - annotate - [select for diffs], Fri Oct 14 16:05:35 2016 UTC (7 years, 7 months ago) by phessler
Branch: MAIN
Changes since 1.296: +19 -1 lines
Diff to previous 1.296 (colored)
Add support for draft-ietf-idr-large-community Joint work with Job Snijders, many thanks! OK benno@ deraadt@
Revision 1.296 / (download) - annotate - [select for diffs], Wed Oct 5 07:38:06 2016 UTC (7 years, 8 months ago) by phessler
Branch: MAIN
Changes since 1.295: +5 -1 lines
Diff to previous 1.295 (colored)
Let bgpd announce routes based on a route-label. OK henning@ benno@
Revision 1.295 / (download) - annotate - [select for diffs], Fri Sep 2 14:00:29 2016 UTC (7 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.294: +133 -1 lines
Diff to previous 1.294 (colored)
work on making log.c similar in all daemons: move daemon-local functions into new logmsg.c, and reduce the (mostly whitespace) differences so that log.c's can be diffed easily. ok claudio@, feedback from henning@, deraadt@, reyk@
Revision 1.294 / (download) - annotate - [select for diffs], Mon Jun 6 15:59:10 2016 UTC (8 years ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.293: +21 -11 lines
Diff to previous 1.293 (colored)
Add format attributes to the proper functions and then fix the warning in session.c ok mpi@
Revision 1.293 / (download) - annotate - [select for diffs], Fri Jun 3 17:36:37 2016 UTC (8 years ago) by benno
Branch: MAIN
Changes since 1.292: +6 -3 lines
Diff to previous 1.292 (colored)
Add operators =, !=, - (range), >< (exclsive range) to the as-path filters (AS, peer-as, source-as, transit-as). Add a use case (block illegal AS numbers) to the bgpd.conf example. feedback from claudio, sthen, florian, ok florian@ phessler@
Revision 1.292 / (download) - annotate - [select for diffs], Fri Nov 6 16:23:26 2015 UTC (8 years, 7 months ago) by phessler
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.291: +12 -1 lines
Diff to previous 1.291 (colored)
Radically improve the performance of bgpd filters. Based on PF's skip steps (and uses much of the same code). In a torture test of ~600k prefix filters and 65k prefixes, convergance time goes from 35 minutes to 30 seconds. Many thanks to LONAP for providing a base configuration for torture testing. many discussions with claudio@, benno@, sthen@ and the rest of the bgpd crowd OK sthen@ benno@
Revision 1.291 / (download) - annotate - [select for diffs], Sun Oct 11 19:30:12 2015 UTC (8 years, 7 months ago) by phessler
Branch: MAIN
Changes since 1.290: +2 -1 lines
Diff to previous 1.290 (colored)
standardize a community that has been independently created by nearly every single AS on the planet: the blackhole OK benno@, claudio@, sthen@
Revision 1.290 / (download) - annotate - [select for diffs], Mon Sep 21 09:47:15 2015 UTC (8 years, 8 months ago) by phessler
Branch: MAIN
Changes since 1.289: +2 -1 lines
Diff to previous 1.289 (colored)
Let us log all updates sent from an individual peer. Since this can be applied to a group, also let us disable logging on a sub-member of the group. Very handy for debugging naughty peers on a router with multiple peers. OK benno@
Revision 1.289 / (download) - annotate - [select for diffs], Wed Sep 16 20:25:41 2015 UTC (8 years, 8 months ago) by stsp
Branch: MAIN
Changes since 1.288: +2 -2 lines
Diff to previous 1.288 (colored)
Another ifmedia64 fix, this time for bgpd's ift2ifm(). And rename struct kif's media_type to if_type to avoid confusion with ifmedia's media type. Same rename in other daemons will follow. ok claudio henning benno
Revision 1.288 / (download) - annotate - [select for diffs], Mon Jul 20 16:10:38 2015 UTC (8 years, 10 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.287: +6 -2 lines
Diff to previous 1.287 (colored)
Make bgpd execute the RDE and session engine process instead of just forking. This way ASLR and stack cookies are per process. With input from benno@ and deraadt@ OK benno@
Revision 1.287 / (download) - annotate - [select for diffs], Sat Jul 18 22:52:39 2015 UTC (8 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.286: +2 -2 lines
Diff to previous 1.286 (colored)
give bgpd's fatal() varargs and use it to instrument bgpd fatal() calls to aid in debugging henning@ "makes sense to me", sthen@ "yes please", ok phessler@
Revision 1.286 / (download) - annotate - [select for diffs], Thu Jul 16 18:26:04 2015 UTC (8 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.285: +16 -6 lines
Diff to previous 1.285 (colored)
Next round of config cleanup. Move various lists into the bgpd_config struct. This is the next step to better split parsing and merging the config. OK benno@
Revision 1.285 / (download) - annotate - [select for diffs], Sat Apr 25 15:28:18 2015 UTC (9 years, 1 month ago) by phessler
Branch: MAIN
Changes since 1.284: +2 -1 lines
Diff to previous 1.284 (colored)
allow us to write rules that match directly on the peer AS ... allow from AS 1 prefix 192.0.2.0/24 ... Also adjust the IRR ruleset output to include the declared peer AS, instead of hoping they listed their neighbor IP address! OK benno@ older version OK: claudio@ henning@
Revision 1.284 / (download) - annotate - [select for diffs], Sat Mar 14 03:52:42 2015 UTC (9 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.283: +3 -2 lines
Diff to previous 1.283 (colored)
rename rde_free_filter() to filterlist_free() and start using it outside of the RDE to free the filterlists. Also refactor common code to merge filterlists into its own function. Makes the code look nicer.
Revision 1.283 / (download) - annotate - [select for diffs], Sat Mar 14 02:43:02 2015 UTC (9 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.282: +3 -2 lines
Diff to previous 1.282 (colored)
Move the command line options (mainly -d and -v) out of struct bgpd_config into a own flag field since these can't be modified via a config reload. OK henning@ benno@ before lock
Revision 1.282 / (download) - annotate - [select for diffs], Mon Nov 3 16:55:59 2014 UTC (9 years, 7 months ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.281: +2 -1 lines
Diff to previous 1.281 (colored)
Convert the logic in yyerror(). Instead of creating a temporary format string, create a temporary message. OK benno@ doug@ claudio@
Revision 1.281 / (download) - annotate - [select for diffs], Wed Nov 13 09:14:48 2013 UTC (10 years, 6 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.280: +12 -8 lines
Diff to previous 1.280 (colored)
Knob to set priority with which bgpd inserts routes into the kernel routing table. Need for it in "special" setups pointed out by Loic Blot (loic.blot _AT_ unix-experience _DOT_ fr) on tech. OK benno, henning
Revision 1.280 / (download) - annotate - [select for diffs], Sat Oct 19 15:04:25 2013 UTC (10 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.279: +4 -9 lines
Diff to previous 1.279 (colored)
Merge the prefix and prefixlen filter bits into one filter. Change the filter expansion so that rules are grouped by prefixes last. The RDE will then be able to optimize the rules into table lookups but that is a later step. As additional goodies it is now possible to use inet and inet6 on their own and or-longer can be used as a shorthand for prefixlen >= len. OK henning@ sthen@ florian@
Revision 1.279 / (download) - annotate - [select for diffs], Fri Sep 27 08:23:10 2013 UTC (10 years, 8 months ago) by sthen
Branch: MAIN
Changes since 1.278: +5 -5 lines
Diff to previous 1.278 (colored)
typo in macro name; no md5 change
Revision 1.278 / (download) - annotate - [select for diffs], Wed Aug 14 20:34:25 2013 UTC (10 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.277: +2 -1 lines
Diff to previous 1.277 (colored)
Rewrite the internals of the RDE reload logic. This is the first step to make bgpd reload non blocking in the RDE. It also speeds up the reload time a fair bit in some cases (mainly if you run with multiple RIBs and have larger filtersets) and it should also fix a few edge cases on reloads. Testing done by benno@, florian@ and sthen@ OK henning@ and benno@
Revision 1.277 / (download) - annotate - [select for diffs], Sat May 11 14:42:28 2013 UTC (11 years, 1 month ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.276: +2 -2 lines
Diff to previous 1.276 (colored)
change mrt rib dump ReopenTimerInterval from time_t to int. Intervalls don't need to scale to 64 bits in this universe. ok claudio@ & florian@
Revision 1.276 / (download) - annotate - [select for diffs], Thu Mar 7 21:26:28 2013 UTC (11 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.275: +5 -4 lines
Diff to previous 1.275 (colored)
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
Revision 1.275 / (download) - annotate - [select for diffs], Wed Jan 9 08:04:25 2013 UTC (11 years, 5 months ago) by phessler
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.274: +2 -2 lines
Diff to previous 1.274 (colored)
Almost exactly 10 years ago, we changed the length of PF table names to 32 chars. Allow bgpd to use these newfangled longer names. OK sthen@
Revision 1.274 / (download) - annotate - [select for diffs], Tue Nov 13 09:47:20 2012 UTC (11 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.273: +9 -1 lines
Diff to previous 1.273 (colored)
Allow filtering based on the NEXTHOP attribute. This allows to build rules like: allow from any nexthop neighbor (to allow only prefixes that use the routers IP address as nexthop). Lots of testing, input and OK florian@
Revision 1.273 / (download) - annotate - [select for diffs], Tue Sep 18 10:10:00 2012 UTC (11 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.272: +2 -1 lines
Diff to previous 1.272 (colored)
Expose the local weight in the ctl_show_rib struct so bgpctl can print it. OK sthen@ henning@
Revision 1.272 / (download) - annotate - [select for diffs], Tue Sep 18 09:45:51 2012 UTC (11 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.271: +2 -1 lines
Diff to previous 1.271 (colored)
Only allow one reload request at a time in bgpd. Needed for further work. OK sthen@, benno@, henning@
Revision 1.271 / (download) - annotate - [select for diffs], Wed Sep 12 05:56:22 2012 UTC (11 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.270: +24 -6 lines
Diff to previous 1.270 (colored)
Better graceful restart support (implementing more then just the EoR record). This implements only the "Restarting Client" bits of the RFC -- in other words bgpd will keep the FIB when the client restarts but it will not do GR when restarting itself. The capability is still off by default (you need "announce restart yes" to enable it). Tested by Anders Berggren. OK sthen@
Revision 1.270 / (download) - annotate - [select for diffs], Sun May 27 18:52:07 2012 UTC (12 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.269: +12 -8 lines
Diff to previous 1.269 (colored)
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
Revision 1.269 / (download) - annotate - [select for diffs], Thu Apr 12 17:31:05 2012 UTC (12 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.268: +2 -2 lines
Diff to previous 1.268 (colored)
The ebgp flags is just a truth value and it is better to not == 1 compares. OK henning@ sthen@
Revision 1.268 / (download) - annotate - [select for diffs], Tue Mar 27 18:22:07 2012 UTC (12 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.267: +2 -1 lines
Diff to previous 1.267 (colored)
Introduce F_CTL_ACTIVE a flag to only show selected pathes. Requested and OK deraadt@, OK henning@
Revision 1.267 / (download) - annotate - [select for diffs], Tue Sep 20 21:19:06 2011 UTC (12 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.266: +5 -1 lines
Diff to previous 1.266 (colored)
Move a few functions into util.c because bgpctl will need them soon.
Revision 1.266 / (download) - annotate - [select for diffs], Mon Sep 19 11:18:11 2011 UTC (12 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.265: +1 -11 lines
Diff to previous 1.265 (colored)
remove an unused ctl struct and remove some unneeded values from struct ctl_show_rib since bgpctl does not look at them at all.
Revision 1.265 / (download) - annotate - [select for diffs], Sun Sep 18 09:31:25 2011 UTC (12 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.264: +77 -26 lines
Diff to previous 1.264 (colored)
Reorder the headerfiles a bit. Move the bgpd specific prototypes out of mrt.h. Now mrt.h includes only protocol specific defines.
Revision 1.264 / (download) - annotate - [select for diffs], Sun May 1 12:56:04 2011 UTC (13 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.263: +3 -1 lines
Diff to previous 1.263 (colored)
On reload the filtersets attached to a network need to be moved to the existing network element. First free the old filterset and then move the new on top of it. This solves the reload issue with changing network statements. OK henning@
Revision 1.263 / (download) - annotate - [select for diffs], Sun Oct 24 17:20:08 2010 UTC (13 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.262: +2 -2 lines
Diff to previous 1.262 (colored)
spacing and irrelevant glitches which disrupt lint
Revision 1.262 / (download) - annotate - [select for diffs], Sun Jun 27 19:53:34 2010 UTC (13 years, 11 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.261: +2 -1 lines
Diff to previous 1.261 (colored)
Instead of specifying the control sockets on the command line have them in bgpd.conf. This allows to add/modify restricted control sockets on runtime. Feature request by a few people how often forgot to add -r path when restarting bgpd (including myself). NOTE: this removes the -s and -r arguments from bgpd so pay attention when updateing. jajaja sthen@, OK henning@
Revision 1.261 / (download) - annotate - [select for diffs], Wed May 19 12:44:14 2010 UTC (14 years ago) by claudio
Branch: MAIN
Changes since 1.260: +2 -1 lines
Diff to previous 1.260 (colored)
Add softreconfig support for peers changing the RIB. Done by first unloading the old RIB and then via softreconfig in and a special softreconfig out loading the new RIB. Feature requested and testeded by Elisa Jasinska. OK henning@
Revision 1.260 / (download) - annotate - [select for diffs], Mon May 17 16:08:20 2010 UTC (14 years ago) by claudio
Branch: MAIN
Changes since 1.259: +15 -3 lines
Diff to previous 1.259 (colored)
Implement two new filters, max-as-len and max-as-seq. The first is limiting the length of an AS path (matches if the path is longer then the specified lenght) the second matches when a sequence of the same AS number is longer then the specified length). max-as-len is good to protect crappy comercial bgp boxes from other crappy comercial bgp boxes. max-as-seq was a feature request from SwissIX and maybe EuroIX to find and filter prepends. Additinal testing and OK sthen@
Revision 1.259 / (download) - annotate - [select for diffs], Mon May 17 15:49:29 2010 UTC (14 years ago) by claudio
Branch: MAIN
Changes since 1.258: +36 -16 lines
Diff to previous 1.258 (colored)
Last bits of MPLS VPN support. Hook kernel routing tables and RIB together.
This adds a bit of new config to specify the mapping between an rdomain and
the BGP MPLS VPN instance, example:
rdomain 1 {
descr "CUSTOMER1"
rd 65003:1
import-target rt 65003:3
export-target rt 65003:1
depend on mpe0
network 192.168.224/24
}
The "depend on mpe0" is a but ugly but for now this is the quickest way to
figure out which interface bgp should use to insert the MPLS routes.
A big side-effect of this diff is that networks are now internally
distributed through kroute.c.
This needs some kernel changes that will follow hopefully soon.
OK henning@
Revision 1.258 / (download) - annotate - [select for diffs], Mon May 3 13:09:38 2010 UTC (14 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.257: +51 -13 lines
Diff to previous 1.257 (colored)
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
Revision 1.257 / (download) - annotate - [select for diffs], Wed Apr 28 13:07:48 2010 UTC (14 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.256: +5 -2 lines
Diff to previous 1.256 (colored)
Allow neighbor-as in AS filter statements like: match from any source-as neighbor-as set localpref 1000 OK henning@
Revision 1.256 / (download) - annotate - [select for diffs], Tue Apr 13 09:09:48 2010 UTC (14 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.255: +13 -19 lines
Diff to previous 1.255 (colored)
Instead of passing AF specific struct kroutes over imsgs use a struct kroute_full structure that is AF independent and has all information in it. Simplifies the communication between processes and reduces the number of imsg types. This is another step to add FIB support to BGP MPLS VPNs.
Revision 1.255 / (download) - annotate - [select for diffs], Tue Apr 6 13:25:08 2010 UTC (14 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.254: +3 -5 lines
Diff to previous 1.254 (colored)
Switch to a more address family independent nexthop imsg. Instead of passing struct kroute or kroute6 pack the needed info into a struct bgpd_addr. No flames comming out of my and sthen@'s bgpd routers.
Revision 1.254 / (download) - annotate - [select for diffs], Mon Mar 29 09:04:43 2010 UTC (14 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.253: +2 -1 lines
Diff to previous 1.253 (colored)
Implement a log_rd() function to print the route destinguisher in a nice way. Use it for now in log_addr() to show VPN routes with a prepended RD. OK henning
Revision 1.253 / (download) - annotate - [select for diffs], Fri Mar 5 15:25:00 2010 UTC (14 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.252: +8 -5 lines
Diff to previous 1.252 (colored)
Allow to filter for ext-community attributes. Currently only perfect matches work but that's already better then nothing. OK sthen@
Revision 1.252 / (download) - annotate - [select for diffs], Wed Jan 13 06:02:37 2010 UTC (14 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.251: +30 -12 lines
Diff to previous 1.251 (colored)
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
Revision 1.251 / (download) - annotate - [select for diffs], Sun Jan 10 00:15:09 2010 UTC (14 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.250: +2 -7 lines
Diff to previous 1.250 (colored)
Switch rib_dump() to use AID instead of AFs. OK henning@
Revision 1.250 / (download) - annotate - [select for diffs], Wed Dec 16 15:40:55 2009 UTC (14 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.249: +47 -1 lines
Diff to previous 1.249 (colored)
Implement "set ext-community [delete] subtype key:value" to set and delete extended communities as specified in RFC 4360. No matching implemented yet and stuff like * and neighbor-as are neither supported but will be soon. Looks good henning & sthen, manpage fixed by jmc
Revision 1.249 / (download) - annotate - [select for diffs], Tue Dec 8 14:03:40 2009 UTC (14 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.248: +45 -48 lines
Diff to previous 1.248 (colored)
Big AID change part two. This changes the mp capability into an array of flags. This makes a lot of code much easier since the comparison is now trivial. Additionally calculate the negotiated capabilities for a session in the SE and pass that and only that to the RDE. This makes the decisions in the RDE a lot easier. OK henning@
Revision 1.248 / (download) - annotate - [select for diffs], Tue Dec 1 14:28:05 2009 UTC (14 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.247: +52 -19 lines
Diff to previous 1.247 (colored)
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
Revision 1.247 / (download) - annotate - [select for diffs], Thu Nov 26 13:40:43 2009 UTC (14 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.246: +4 -2 lines
Diff to previous 1.246 (colored)
support for set origin; based on an initial diff from Sebastian Benoit <benoit-lists at fb12 dot de> who also tested this version claudio ok
Revision 1.246 / (download) - annotate - [select for diffs], Mon Nov 2 20:38:15 2009 UTC (14 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.245: +3 -1 lines
Diff to previous 1.245 (colored)
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
Revision 1.245 / (download) - annotate - [select for diffs], Fri Sep 4 11:50:28 2009 UTC (14 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.244: +2 -1 lines
Diff to previous 1.244 (colored)
Use the address familiy of the neighbor IP to decide which MP type to use. IPv4 session will still default to only announce inet unicast but now IPv6 session will by default use announce inet6 unicast. The defaults can be overridden on groups and in the neighbor itself but this new behaviour is way more sane then the old one. OK henning, sthen
Revision 1.244 / (download) - annotate - [select for diffs], Mon Aug 31 13:03:31 2009 UTC (14 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.243: +1 -3 lines
Diff to previous 1.243 (colored)
Use UINT_MAX instead of ASNUM_MAX and get rid of this mostly useless define.
Revision 1.243 / (download) - annotate - [select for diffs], Thu Jul 23 14:53:18 2009 UTC (14 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.242: +6 -3 lines
Diff to previous 1.242 (colored)
Send the used kroute along with the nexthop information. This allows us to show all necessary information in bgpctl show next. OK henning@
Revision 1.242 / (download) - annotate - [select for diffs], Mon Jul 20 15:03:16 2009 UTC (14 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.241: +4 -2 lines
Diff to previous 1.241 (colored)
Include more info in the bgpctl show nexthop ctl message. Mainly add the gateway used for non-connected routes. This info was missing all the time and often resulted in massive confusion when the nexthop selection choosed a bad nexthop.
Revision 1.241 / (download) - annotate - [select for diffs], Fri Jun 12 16:42:53 2009 UTC (15 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.240: +4 -4 lines
Diff to previous 1.240 (colored)
Move prefixlen2mask and inet6applymask to util.c so that we can kill the copies in bgpctl.
Revision 1.240 / (download) - annotate - [select for diffs], Sun Jun 7 00:30:23 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.239: +2 -1 lines
Diff to previous 1.239 (colored)
First attempt at reload support for RIBs. There is some magic that I do not fully understand but at least no flames are comming out of my test box anymore.
Revision 1.239 / (download) - annotate - [select for diffs], Sat Jun 6 21:35:32 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.238: +29 -29 lines
Diff to previous 1.238 (colored)
Reorder IMSG types to put the "exported" ones further down so they do not change that often anymore.
Revision 1.238 / (download) - annotate - [select for diffs], Sat Jun 6 18:31:42 2009 UTC (15 years ago) by pyr
Branch: MAIN
Changes since 1.237: +2 -2 lines
Diff to previous 1.237 (colored)
Get ready for including imsg.h from a lib, when it comes along.
Revision 1.237 / (download) - annotate - [select for diffs], Sat Jun 6 06:33:15 2009 UTC (15 years ago) by eric
Branch: MAIN
Changes since 1.236: +3 -81 lines
Diff to previous 1.236 (colored)
sync bgpd/bgpctl with the common imsg code, making it lib ready as well. ok claudio@ pyr@
Revision 1.236 / (download) - annotate - [select for diffs], Sat Jun 6 06:04:10 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.235: +2 -1 lines
Diff to previous 1.235 (colored)
Make it possible to select the RIB that a show command should show.
Revision 1.235 / (download) - annotate - [select for diffs], Sat Jun 6 01:10:29 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.234: +3 -1 lines
Diff to previous 1.234 (colored)
Some preliminary filter magic to support multiple RIBs on the filters. It is ugly but does the trick for now. Filters will be rewritten anyway. The rib specifier only makes sense on from rules. e.g. deny rib OMG from any
Revision 1.234 / (download) - annotate - [select for diffs], Fri Jun 5 19:52:32 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.233: +2 -1 lines
Diff to previous 1.233 (colored)
Make it possible to bind peers to a specified RIB. Now only filters and bgpctl are missing to have full support of multiple RIBs.
Revision 1.233 / (download) - annotate - [select for diffs], Thu Jun 4 04:46:42 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.232: +10 -1 lines
Diff to previous 1.232 (colored)
Add "rde rib <name>" to the config and allow the rde to use these other RIBs. Still a bit hackish, reload is missing and printconf as well. Looks good h@
Revision 1.232 / (download) - annotate - [select for diffs], Wed May 27 04:18:21 2009 UTC (15 years ago) by reyk
Branch: MAIN
Changes since 1.231: +2 -1 lines
Diff to previous 1.231 (colored)
add an option to change the "connect-retry" timer which defaults to 120s. this can be used to decrease the failover time in specific carp'ed IBGP setups. ok henning@
Revision 1.231 / (download) - annotate - [select for diffs], Sun May 17 12:25:15 2009 UTC (15 years ago) by claudio
Branch: MAIN
Changes since 1.230: +7 -2 lines
Diff to previous 1.230 (colored)
Rework most of the RDE to allow multiple RIBs. This is mostly preparation work by changing the way the RDE DB is built. struct prefix and struct pt_entry are simplified and extended with a rib_entry where the decision tree is run on. From now on a prefix can only reside on one particular RIB which simplifies the code a bit. Currently there are two fixed ribs (adj-rib-in and the local-rib) which needs to be made more dynamic in upcomming commits. This is work in progress, the RDE seems to work for me and sthen@ (no flames comming out of our testrouters but there is still a lot missing) Move into the tree to simplify developement -- henning@
Revision 1.230 / (download) - annotate - [select for diffs], Tue May 5 20:12:04 2009 UTC (15 years, 1 month ago) by sthen
Branch: MAIN
Changes since 1.229: +3 -3 lines
Diff to previous 1.229 (colored)
fix a couple of comment typos
Revision 1.229 / (download) - annotate - [select for diffs], Thu Apr 23 16:20:39 2009 UTC (15 years, 1 month ago) by sthen
Branch: MAIN
Changes since 1.228: +3 -1 lines
Diff to previous 1.228 (colored)
allow bgpctl and bgpd.conf to contain 32-bit ASN written in ASPLAIN format (RFC5396). ok claudio@ henning@
Revision 1.228 / (download) - annotate - [select for diffs], Thu Mar 26 13:59:30 2009 UTC (15 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.227: +3 -1 lines
Diff to previous 1.227 (colored)
argh, do not reuse the global trans_as flag to be applied to the peer specific or we had to widen the peer specific flags without need. defien PERRFLAG_TRANS_AS instead and use that
Revision 1.227 / (download) - annotate - [select for diffs], Sun Mar 22 22:34:59 2009 UTC (15 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.226: +3 -1 lines
Diff to previous 1.226 (colored)
make transparent-as yes|no settable peer neighbor with the global setting acting as default. per-neighbor requested by arnold nipper @ decix, ok claudio
Revision 1.226 / (download) - annotate - [select for diffs], Wed Mar 18 19:41:41 2009 UTC (15 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.225: +3 -1 lines
Diff to previous 1.225 (colored)
Introduce local_as in the peer config. This allows per peer local AS and simplifies some code because it is possible to get the local AS from the peer struct. Local AS needs more patching to work correctly though. OK henning@
Revision 1.225 / (download) - annotate - [select for diffs], Fri Mar 13 06:25:04 2009 UTC (15 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.224: +2 -2 lines
Diff to previous 1.224 (colored)
Next step in mrt cleanup. Switch buf_write to a smarter version of itself. Doing more the stuff msgbuf_write does and switch the only user -- mrt -- over to use this simpler way of writing out stuff.
Revision 1.224 / (download) - annotate - [select for diffs], Fri Mar 13 04:40:55 2009 UTC (15 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.223: +6 -2 lines
Diff to previous 1.223 (colored)
Sync buffer API with the one from ospfd. The dynamic buffers will make other code much easier to write. OK henning@ some time ago.
Revision 1.223 / (download) - annotate - [select for diffs], Fri Dec 12 23:15:12 2008 UTC (15 years, 5 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.222: +3 -1 lines
Diff to previous 1.222 (colored)
Make bgpd route priority aware and while there sync in the basics to correctly track multipath routes. Code is mostly stolen from similar fixes to ospfd but a bit different as this kroute.c implementation is more complex because of additional task (nexthop verification for example). This change and the similar ospfd change were desperatly needed on larger complex network setups which tended to end up in situation where the kernel had a different oppinion about routing than the daemon. Now the situation should be a lot better. Tested and OK sthen@ gollo@
Revision 1.222 / (download) - annotate - [select for diffs], Wed Jan 23 08:11:32 2008 UTC (16 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.221: +19 -1 lines
Diff to previous 1.221 (colored)
Add defines for extended communities. OK henning@
Revision 1.221 / (download) - annotate - [select for diffs], Sun Dec 23 18:26:13 2007 UTC (16 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.220: +3 -1 lines
Diff to previous 1.220 (colored)
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
Revision 1.220 / (download) - annotate - [select for diffs], Sat Oct 13 16:35:19 2007 UTC (16 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.219: +1 -2 lines
Diff to previous 1.219 (colored)
in all these programs using the same pfctl-derived parse.y, re-unify the yylex implementation and the code which interacts with yylex. this also brings the future potential for include support to all of the parsers. in the future please do not silly modifications to one of these files without checking if you are de-unifying the code. checked by developers in all these areas.
Revision 1.219 / (download) - annotate - [select for diffs], Tue Sep 11 17:07:59 2007 UTC (16 years, 9 months ago) by henning
Branch: MAIN
Changes since 1.218: +2 -2 lines
Diff to previous 1.218 (colored)
baudrate u_long -> u_int64_t
Revision 1.218 / (download) - annotate - [select for diffs], Mon May 28 17:26:33 2007 UTC (17 years ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.217: +2 -1 lines
Diff to previous 1.217 (colored)
allow matching on communities using 0 in the AS part, that is in use. that unfortunately means we cannot use 0 for "unset". ok claudio
Revision 1.217 / (download) - annotate - [select for diffs], Tue May 15 14:35:30 2007 UTC (17 years ago) by claudio
Branch: MAIN
Changes since 1.216: +3 -3 lines
Diff to previous 1.216 (colored)
Graceful restart is no longer a draft so point it to the right RFC 4724. Additionally our as4byte support is based on draft-ietf-idr-as4bytes-13.
Revision 1.216 / (download) - annotate - [select for diffs], Mon Apr 23 13:04:24 2007 UTC (17 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.215: +12 -5 lines
Diff to previous 1.215 (colored)
Make bgpd 4-byte AS compatible. All internal representations of AS numbers are now 4-byte instead of the old 2-byte numbers. The only exception are communities because they can not be switched. The RDE will inflate and deflate the ASPATH and AGGREGATOR attributes on demand and create the NEW_ASPATH and NEW_AGGREGATOR field whenever needed. Both old and new stile sessions are supported and can be mixed. Currently new stile sessions with the 4-byte AS number capability turned on are only enabled if one of the AS numbers involved is a 4-byte one. This is based on an initial diff by Geoff Huston gih (at) apnic (dot) net Cleanup, testing and bug-fixes by myself (via AS 3.10). Currently mrt table dumps are producing incompatible output this will be fixed afterwards -- this diff is already big enough. "get it in if you think it is ready" henning@
Revision 1.215 / (download) - annotate - [select for diffs], Wed Mar 28 12:33:32 2007 UTC (17 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.214: +8 -6 lines
Diff to previous 1.214 (colored)
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
Revision 1.214 / (download) - annotate - [select for diffs], Fri Mar 16 14:06:57 2007 UTC (17 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.213: +5 -5 lines
Diff to previous 1.213 (colored)
A few more s/2858/4760/ and use RFC <number> everywhere.
Revision 1.213 / (download) - annotate - [select for diffs], Fri Mar 16 13:52:30 2007 UTC (17 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.212: +2 -3 lines
Diff to previous 1.212 (colored)
Update multiprotocol extension code to RFC 4760. This actually removes a few things we actually never realy cared about. OK henning@
Revision 1.212 / (download) - annotate - [select for diffs], Tue Mar 6 16:52:48 2007 UTC (17 years, 3 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.211: +2 -1 lines
Diff to previous 1.211 (colored)
allow filtering on peer-as (leftmost AS in path), ok claudio
Revision 1.211 / (download) - annotate - [select for diffs], Fri Jan 26 17:40:49 2007 UTC (17 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.210: +13 -2 lines
Diff to previous 1.210 (colored)
Massiv rework of the control imsg flow. Main changes: - dedicated pipe between the SE and the RDE for control messages - restartable RB tree dumps in the RDE - queuing limits both in the SE and RDE The result is a dramatic decrease of memory consumption on operations like bgpctl show rib. Previously all messages where first stored in the RDE then passed to the SE where they got queued in case bgpctl was not fast enough. Now only a small number of messages is generated and passed to the SE and the SE has an additional limit instead of acting like an infinite buffer. Without this the bgpd on bgpd.networx.ch would not survive a single minute. looks good henning@
Revision 1.210 / (download) - annotate - [select for diffs], Tue Dec 5 12:08:13 2006 UTC (17 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.209: +2 -1 lines
Diff to previous 1.209 (colored)
implement the ttl security hack. since the pc slaves fear the word hack, they call it "Generalized TTL Security Mechanism" officially, RFC 3682. manpage with help from jmc
Revision 1.209 / (download) - annotate - [select for diffs], Tue Nov 28 16:39:34 2006 UTC (17 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.208: +3 -2 lines
Diff to previous 1.208 (colored)
allow bgpd to work on alternate routing tables, claudio ok, jmc manpage help
Revision 1.208 / (download) - annotate - [select for diffs], Sun Aug 27 16:11:04 2006 UTC (17 years, 9 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.207: +2 -1 lines
Diff to previous 1.207 (colored)
add code to announce the restart capability according to draft-ietf-idr-restart. Do not announce actual restart capabilities, so that this only serves as indicator that we are capable of sending and receiving the End-of-RIB marker. leave disabled for now, since the code to actually send the EoR-marker is currently ifdef'd out (to be fixed soon) and we wanna play safe for 4.0. and juniper doesn't support that capability (which is not a problem per se) and at the same time has its capability negotiation code completely fucked up, if a capability is rejected they don't indicate WHICH capability they reject (which makes that a problem, tho still a small one and we cope). claudio ok
Revision 1.207 / (download) - annotate - [select for diffs], Sun Aug 27 13:40:21 2006 UTC (17 years, 9 months ago) by henning
Branch: MAIN
Changes since 1.206: +2 -1 lines
Diff to previous 1.206 (colored)
add buf_grow() to grow an existing buffer (realloc), claudio ok
Revision 1.206 / (download) - annotate - [select for diffs], Wed Aug 23 08:13:04 2006 UTC (17 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.205: +5 -1 lines
Diff to previous 1.205 (colored)
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
Revision 1.205 / (download) - annotate - [select for diffs], Fri Aug 4 12:01:48 2006 UTC (17 years, 10 months ago) by henning
Branch: MAIN
Changes since 1.204: +2 -1 lines
Diff to previous 1.204 (colored)
add "restart" to max-prefix, allows sessions suspended due to reaching max-prefix to be restarted automagically after a given number of minutes requested by "Sylwester S. Biernacki" <obeer@obeer.com>, manpage help jmc, ok claudio
Revision 1.204 / (download) - annotate - [select for diffs], Sat Jun 17 14:06:09 2006 UTC (17 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.203: +10 -2 lines
Diff to previous 1.203 (colored)
implement carp demotion control for bgpd. sessions can be configured to modify the carp demotion counter for a given interface group (usually, "carp", which has all carp interfaces) when the session is not established. once the session is established for 60 seconds, the demotion is cleared. this, used correctly, can prevent a bgpd-box which lost all sessions (and thus has no routes) to be carp master, while the backup has sessions. thought through and partially hacked on a drive from calgary to vancouver with ryan, ok claudio
Revision 1.203 / (download) - annotate - [select for diffs], Thu Jun 15 10:04:40 2006 UTC (17 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.202: +10 -1 lines
Diff to previous 1.202 (colored)
Instead of passing three different kinds of arguments in show rib control request use one struct ctl_show_rib_request where all the info is encoded. OK henning@
Revision 1.202 / (download) - annotate - [select for diffs], Wed Jun 14 17:08:56 2006 UTC (17 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.201: +3 -2 lines
Diff to previous 1.201 (colored)
Send bot nexthops (exit and true) in the bgpctl show rib cases. bgpctl can than select which nexthop should be printed. OK henning@
Revision 1.201 / (download) - annotate - [select for diffs], Sat May 27 21:24:36 2006 UTC (18 years ago) by claudio
Branch: MAIN
Changes since 1.200: +3 -2 lines
Diff to previous 1.200 (colored)
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
Revision 1.200 / (download) - annotate - [select for diffs], Tue May 23 12:11:38 2006 UTC (18 years ago) by henning
Branch: MAIN
Changes since 1.199: +4 -2 lines
Diff to previous 1.199 (colored)
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
Revision 1.199 / (download) - annotate - [select for diffs], Wed Apr 26 17:13:14 2006 UTC (18 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.198: +2 -22 lines
Diff to previous 1.198 (colored)
Remove filterset_names from bgpd.h and replace it with a function because the table was already out of sync now. OK henning@
Revision 1.198 / (download) - annotate - [select for diffs], Tue Apr 25 08:44:08 2006 UTC (18 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.197: +3 -3 lines
Diff to previous 1.197 (colored)
Mark fatal and fatalx as __dead from deraadt@
Revision 1.197 / (download) - annotate - [select for diffs], Fri Apr 21 08:51:46 2006 UTC (18 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.196: +1 -3 lines
Diff to previous 1.196 (colored)
msgbuf_writebound() and msgbuf_bounded() are leftovers from some ancient mrt dump code. These functions are no longer used since we switched to filedescriptor passing. From deraadt@
Revision 1.196 / (download) - annotate - [select for diffs], Tue Apr 4 12:03:26 2006 UTC (18 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.195: +2 -1 lines
Diff to previous 1.195 (colored)
add "set nexthop self", force nexthop to be set to own address even with IBGP requested & tested Falk Brockerhoff <fb@smartterra.de>, and tony sarendal tested this too. claudio ok
Revision 1.195 / (download) - annotate - [select for diffs], Wed Mar 22 13:30:35 2006 UTC (18 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.194: +5 -2 lines
Diff to previous 1.194 (colored)
Change the way bgpd selects nexthops. Up until now every route was considered when calculating the nexthop. Now only non BGP routes and not the default route are used unless forced with the new config options nexthop qualify via bgp nexthop qualify via default This change is required for complex setups e.g. where an additional IGP is running. OK henning@
Revision 1.194 / (download) - annotate - [select for diffs], Wed Mar 22 10:18:49 2006 UTC (18 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.193: +6 -1 lines
Diff to previous 1.193 (colored)
Add a new SHOW imsg to send optional attributes to bgpctl. This can be used to show communites in bgpctl output. Only send these messages if it they are requested to reduce the overhead for simple listings. Looks good henning@
Revision 1.193 / (download) - annotate - [select for diffs], Wed Mar 15 11:33:42 2006 UTC (18 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.192: +2 -1 lines
Diff to previous 1.192 (colored)
Allow the control socket to be changed on the command line. Useful if you need to run multiple bgpds on a single box to simulate a IX. This helped me massivly debugging error reports. OK henning@
Revision 1.192 / (download) - annotate - [select for diffs], Fri Feb 10 14:34:40 2006 UTC (18 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.191: +3 -1 lines
Diff to previous 1.191 (colored)
Make it possible to turn suftreconfig in/out on or off. Default is on for both directions. Manpage update follows. OK henning@
Revision 1.191 / (download) - annotate - [select for diffs], Thu Feb 9 21:05:09 2006 UTC (18 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.190: +3 -1 lines
Diff to previous 1.190 (colored)
Implement "set community delete 65001:*" and friends. This will remove communities from the path attributes. Useful to make sure that the ones you set later are set by a (evil) peer. OK henning@
Revision 1.190 / (download) - annotate - [select for diffs], Thu Feb 2 14:06:05 2006 UTC (18 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.189: +2 -1 lines
Diff to previous 1.189 (colored)
Implement new special community "neighbor-as". neighbor-as is expanded on the fly to the remote AS of the current neighbor. This can be used to simplify rulesets in a dramatic way -- going from a script based nightmare down to a handfull rules. jajajaja henning@
Revision 1.189 / (download) - annotate - [select for diffs], Tue Jan 24 15:28:02 2006 UTC (18 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.188: +2 -1 lines
Diff to previous 1.188 (colored)
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
Revision 1.188 / (download) - annotate - [select for diffs], Tue Jan 24 10:03:44 2006 UTC (18 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.187: +5 -4 lines
Diff to previous 1.187 (colored)
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
Revision 1.187 / (download) - annotate - [select for diffs], Fri Jan 20 16:40:17 2006 UTC (18 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.186: +4 -3 lines
Diff to previous 1.186 (colored)
Proactively fix prefix counters. Currently only F_LOCAL prefixes exist but as soon as F_ORIGINAL come the counters would no longer be correct and in the end max-prefix would no longer work. Add additinal counters for F_ORIGINAL prefixes and bump the correct conter depending on the prefix flags. OK henning@
Revision 1.186 / (download) - annotate - [select for diffs], Thu Jan 5 17:33:39 2006 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.185: +1 -2 lines
Diff to previous 1.185 (colored)
Kill ENSURE(), remove ensure.h, say bye bye to fatal_ensure() and one hip hip hooray from Henning.
Revision 1.185 / (download) - annotate - [select for diffs], Thu Jan 5 16:00:07 2006 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.184: +2 -1 lines
Diff to previous 1.184 (colored)
Cache optional BGP attributes (mostly communities) and use a simple pointer plus a ref counter to link the attributes to the path object. Saves +/- 10M on 11 full feeds. Looks good Henning
Revision 1.184 / (download) - annotate - [select for diffs], Wed Jan 4 12:45:53 2006 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.183: +2 -1 lines
Diff to previous 1.183 (colored)
Correctly count the number of allocated BGP attributes. Needs a own counter.
Revision 1.183 / (download) - annotate - [select for diffs], Tue Jan 3 22:49:17 2006 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.182: +15 -1 lines
Diff to previous 1.182 (colored)
Track some (memory) statistics in the RDE. Accessible via bgpctl.
Revision 1.182 / (download) - annotate - [select for diffs], Tue Jan 3 22:19:59 2006 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.181: +8 -3 lines
Diff to previous 1.181 (colored)
Move functions shared with bgpctl into new file util.c. Simplifies the link between bgpctl and bgpd mostly because of rde_attr.c.
Revision 1.181 / (download) - annotate - [select for diffs], Wed Nov 2 15:34:43 2005 UTC (18 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.180: +6 -6 lines
Diff to previous 1.180 (colored)
Mark some additional function arguments as const.
Revision 1.180 / (download) - annotate - [select for diffs], Tue Nov 1 10:58:29 2005 UTC (18 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.179: +2 -5 lines
Diff to previous 1.179 (colored)
Switch from the per peer filter set list to a filter-only solution. The default filter_sets are converted into match filter rules that get evaluated first. Simplifies code massively -- mainly the config reload part -- and makes softreconfig out a piece of cake. "get it in" henning@
Revision 1.179 / (download) - annotate - [select for diffs], Wed Oct 19 12:32:16 2005 UTC (18 years, 7 months ago) by henning
Branch: MAIN
Changes since 1.178: +8 -2 lines
Diff to previous 1.178 (colored)
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
Revision 1.178 / (download) - annotate - [select for diffs], Wed Oct 19 10:42:06 2005 UTC (18 years, 7 months ago) by henning
Branch: MAIN
Changes since 1.177: +2 -1 lines
Diff to previous 1.177 (colored)
new keyword "down" in neighbor spec, when givenm, the session is not started on bgpd startup but stays in IDLE. requested by claudio
Revision 1.177 / (download) - annotate - [select for diffs], Tue Sep 20 13:31:53 2005 UTC (18 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.176: +2 -1 lines
Diff to previous 1.176 (colored)
let "bgpctl network show" print v6 addresses correctly
Revision 1.176 / (download) - annotate - [select for diffs], Tue Aug 9 20:27:25 2005 UTC (18 years, 10 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.175: +2 -1 lines
Diff to previous 1.175 (colored)
Introduce new route decision tunable "rde med compare (always|strict)". If set to always the med will also be compared between different AS. The default is strict which is the way the RFC specifies it. OK henning@
Revision 1.175 / (download) - annotate - [select for diffs], Mon Jul 4 09:37:24 2005 UTC (18 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.174: +23 -3 lines
Diff to previous 1.174 (colored)
New function filterset_cmp() used two compare two struct filter_set for equality. This function is a bit more complicated than a memcmp() because there are types that need to be considered equal e.g. ACTION_SET_MED and ACTION_SET_RELATIVE_MED. Also ACTION_SET_COMMUNITY and ACTION_SET_NEXTHOP need some special care. OK henning@
Revision 1.174 / (download) - annotate - [select for diffs], Fri Jul 1 13:38:14 2005 UTC (18 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.173: +3 -3 lines
Diff to previous 1.173 (colored)
Switch filter_sets form SIMPLEQ to TAILQ, needed for upcomming stuff.
Revision 1.173 / (download) - annotate - [select for diffs], Fri Jul 1 09:19:24 2005 UTC (18 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.172: +7 -1 lines
Diff to previous 1.172 (colored)
Make the pftable filter set use the name2id "cache" like the route labels. This saves 14 bytes per aspath. OK henning@
Revision 1.172 / (download) - annotate - [select for diffs], Wed Jun 29 09:43:25 2005 UTC (18 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.171: +10 -2 lines
Diff to previous 1.171 (colored)
rtlabel support via filter sets. Just use "set rtlabel foobar" in filters network and neighbor statements and the routes are labeled accordingly. While doing that fix some mem-leaks by introducing filterset_free() and remove the free on send option of send_filterset(). This took a bit longer because we need to carefully track the rtlabel id refcnts or bad things may happen on reloads. henning@ looks fine
Revision 1.171 / (download) - annotate - [select for diffs], Tue Jun 28 12:12:34 2005 UTC (18 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.170: +3 -3 lines
Diff to previous 1.170 (colored)
Try to fit 0x200 into an u_int8_t is not so clever. Pass the flags as u_int16_t so that "bgpctl show rib 4/8 all" works again.
Revision 1.170 / (download) - annotate - [select for diffs], Sat Jun 25 19:24:37 2005 UTC (18 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.169: +7 -1 lines
Diff to previous 1.169 (colored)
name2id prototypes
Revision 1.169 / (download) - annotate - [select for diffs], Fri Jun 24 14:01:52 2005 UTC (18 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.168: +3 -2 lines
Diff to previous 1.168 (colored)
Do not automaticaly announce routes that have RTF_DYNAMIC set. These routes are e.g. created by the PMTU code and are removed after some time. OK henning@
Revision 1.168 / (download) - annotate - [select for diffs], Mon Jun 13 21:16:18 2005 UTC (19 years ago) by henning
Branch: MAIN
Changes since 1.167: +18 -5 lines
Diff to previous 1.167 (colored)
route label support, kroute part and ID allocator as well as the internal interface changes. support in the filter language and rde to come. claudio ok
Revision 1.167 / (download) - annotate - [select for diffs], Thu Jun 9 15:32:03 2005 UTC (19 years ago) by claudio
Branch: MAIN
Changes since 1.166: +5 -1 lines
Diff to previous 1.166 (colored)
Change the "network connected|static" statements to "network inet|inet6 connected|static" so that it is possible to distinguish between IPv4 and IPv6 addresses. "network connected|static" is considered deprecated but will be supported as an alias for "network inet connected|static" for some time (one release) to simplify upgrades. This also solve a nasty crash when using "network connected". OK henning@
Revision 1.166 / (download) - annotate - [select for diffs], Fri May 27 17:52:11 2005 UTC (19 years ago) by claudio
Branch: MAIN
Changes since 1.165: +8 -2 lines
Diff to previous 1.165 (colored)
kroute6 support, at least partially. Get it in so that Henning can clean it up more. OK henning@
Revision 1.165 / (download) - annotate - [select for diffs], Thu Apr 28 13:54:45 2005 UTC (19 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.164: +8 -3 lines
Diff to previous 1.164 (colored)
Support for "network connected" and "network static" -- announce all directly connected respectively all static routes. The list is auto- matically adjusted as soon as a route changes. OK henning@
Revision 1.164 / (download) - annotate - [select for diffs], Tue Apr 26 15:18:22 2005 UTC (19 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.163: +2 -2 lines
Diff to previous 1.163 (colored)
unify shared code a bit again to make future syncs easier From: Alexander von Gernler <grunk@pestilenz.org>
Revision 1.163 / (download) - annotate - [select for diffs], Tue Apr 12 14:32:00 2005 UTC (19 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.162: +3 -1 lines
Diff to previous 1.162 (colored)
Introduce a per prefix weight. The weight is used to tip prefixes with equal long AS pathes in one or the other direction. It weights a prefix at a very late stage in the decision process. This is a nice bgpd feature to traffic engineer networks where most AS pathes are equally long. OK henning@
Revision 1.162 / (download) - annotate - [select for diffs], Mon Mar 28 15:16:46 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.161: +1 -3 lines
Diff to previous 1.161 (colored)
ewps, this was not supposed to creep in
Revision 1.161 / (download) - annotate - [select for diffs], Mon Mar 28 15:03:33 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.160: +3 -1 lines
Diff to previous 1.160 (colored)
free rules_l if the initial config file parse fails
Revision 1.160 / (download) - annotate - [select for diffs], Wed Mar 23 10:46:26 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.159: +2 -2 lines
Diff to previous 1.159 (colored)
ssize_t -> size_t, from ntpd, there from Alexander von Gernler
Revision 1.159 / (download) - annotate - [select for diffs], Tue Mar 15 10:18:39 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.158: +2 -1 lines
Diff to previous 1.158 (colored)
grow the receive buffer on the routing socket, pointed out by markus, ok markus claudio
Revision 1.158 / (download) - annotate - [select for diffs], Mon Mar 14 17:32:04 2005 UTC (19 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.157: +4 -1 lines
Diff to previous 1.157 (colored)
Allow to modify the metrics in a relative way by prepending the number with a '+' or '-'. e.g. set localpref +20. This is another gem from the FOSDEM lying around on my HD gathering dust. OK henning@
Revision 1.157 / (download) - annotate - [select for diffs], Mon Mar 14 12:25:50 2005 UTC (19 years, 3 months ago) by henning
Branch: MAIN
Changes since 1.156: +2 -1 lines
Diff to previous 1.156 (colored)
send a kif structure describing the interface a route relies on along with the "show nexthop" messages, claudio ok
Revision 1.156 / (download) - annotate - [select for diffs], Fri Mar 11 12:54:19 2005 UTC (19 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.155: +3 -1 lines
Diff to previous 1.155 (colored)
Finally commit the transparent-as and nexthop no-modify stuff I wrote on the way to FOSDEM. With transparent-as set to ye bgpd will not prepend his own AS for sent updates. NB the neighbor needs to set "enforce neighbor-as no" or it will not like the received AS paths. With set nexthop no-modify bgpd will change the nexthop as done normaly. OK henning@ man page update with help of jmc@
Revision 1.155 / (download) - annotate - [select for diffs], Tue Feb 1 21:36:01 2005 UTC (19 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.154: +7 -7 lines
Diff to previous 1.154 (colored)
switch the buffer size describing vars from ssize_t to size_t and adjust the API appropriately. avoid singled-compare warnings by rewriting two expressions. ok claudio
Revision 1.154 / (download) - annotate - [select for diffs], Thu Dec 23 17:26:51 2004 UTC (19 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.153: +6 -1 lines
Diff to previous 1.153 (colored)
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
Revision 1.153 / (download) - annotate - [select for diffs], Thu Dec 23 15:39:22 2004 UTC (19 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.152: +9 -9 lines
Diff to previous 1.152 (colored)
even more excellent alignment, with mickey
Revision 1.152 / (download) - annotate - [select for diffs], Thu Dec 23 15:08:43 2004 UTC (19 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.151: +51 -51 lines
Diff to previous 1.151 (colored)
sort structs for most optimal alignment, help mickey, claudio ok
Revision 1.151 / (download) - annotate - [select for diffs], Tue Nov 23 13:07:01 2004 UTC (19 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.150: +34 -30 lines
Diff to previous 1.150 (colored)
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
Revision 1.150 / (download) - annotate - [select for diffs], Fri Nov 19 14:43:56 2004 UTC (19 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.149: +3 -3 lines
Diff to previous 1.149 (colored)
For consistency reasons rename struct as_filter to struct filter_as. OK henning@
Revision 1.149 / (download) - annotate - [select for diffs], Thu Nov 18 17:17:56 2004 UTC (19 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.148: +3 -1 lines
Diff to previous 1.148 (colored)
embed two struct capabilities, one for the capas announced by the peer and one for the capas we announced him, into the session_up imsg to the RDE after brainstorming with claudio
Revision 1.148 / (download) - annotate - [select for diffs], Thu Nov 18 17:07:38 2004 UTC (19 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.147: +9 -2 lines
Diff to previous 1.147 (colored)
add an instance of struct capabilities to peer_conf, and inherit peer->capa.ann from this
Revision 1.147 / (download) - annotate - [select for diffs], Thu Nov 18 15:40:58 2004 UTC (19 years, 6 months ago) by henning
Branch: MAIN
Changes since 1.146: +5 -4 lines
Diff to previous 1.146 (colored)
Subsequent Address Family Indicators (SAFI) in hex and add SAFI_NONE
Revision 1.146 / (download) - annotate - [select for diffs], Thu Nov 11 10:35:15 2004 UTC (19 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.145: +3 -1 lines
Diff to previous 1.145 (colored)
New config statement "rde route-age [evaluate|ignore]". If set to evaluate the best path selection will not only be based on the path attributes but also on the age of the prefix. This is an extension to the RFC. The default is ignore but previously it was implicitly set to evaluate. OK henning@ man page OK jaredy@ jmc@
Revision 1.145 / (download) - annotate - [select for diffs], Tue Oct 19 12:02:50 2004 UTC (19 years, 7 months ago) by henning
Branch: MAIN
Changes since 1.144: +5 -3 lines
Diff to previous 1.144 (colored)
allow neighbor definitions to depend on interface state. with this, if a neighbor is configured as dependent on carp0 for example, the neighbor will remain in state IDLE as long as carp0 is not master. once carp0 becomes master the session(s) depending on it immediately go to CONNECT (or ACTIVE, if they're configured passive), reducing failover time. claudio ok, with some input from ryan as well
Revision 1.144 / (download) - annotate - [select for diffs], Tue Sep 28 12:09:31 2004 UTC (19 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.143: +9 -6 lines
Diff to previous 1.143 (colored)
Add prepend-neighbor feature. Prepend the remote-as n times similar to prepend-self. Only for incomming UPDATEs. OK henning@
Revision 1.143 / (download) - annotate - [select for diffs], Thu Sep 16 17:58:13 2004 UTC (19 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.142: +3 -3 lines
Diff to previous 1.142 (colored)
imsg type is really an enum imsg_type and not an int
Revision 1.142 / (download) - annotate - [select for diffs], Thu Sep 16 17:36:29 2004 UTC (19 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.141: +5 -6 lines
Diff to previous 1.141 (colored)
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
Revision 1.141 / (download) - annotate - [select for diffs], Fri Aug 20 15:49:02 2004 UTC (19 years, 9 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.140: +2 -1 lines
Diff to previous 1.140 (colored)
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
Revision 1.140 / (download) - annotate - [select for diffs], Tue Aug 10 13:02:07 2004 UTC (19 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.139: +9 -11 lines
Diff to previous 1.139 (colored)
switch nexthop in struct filter_set form struct in_addr to struct bgpd_addr OK henning@
Revision 1.139 / (download) - annotate - [select for diffs], Fri Aug 6 12:04:08 2004 UTC (19 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.138: +2 -1 lines
Diff to previous 1.138 (colored)
Monster diff to get one step closer to IPv6 support. Cleanup path attribute handling. First of all kill struct attr_flags, all those infos are now in struct rde_aspath. Second move attribute parser functions into rde.c, rde_attr.c is shared between bgpd and bgpctl. Third reimplementation of the nexthop handling. Make it IPv6 ready and fix some major bug relating to "set nexthop". henning@ OK if it breaks nothing
Revision 1.138 / (download) - annotate - [select for diffs], Thu Aug 5 15:58:21 2004 UTC (19 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.137: +1 -3 lines
Diff to previous 1.137 (colored)
rename and move prefix_equal() to prefix_compare() which returns -1, 0, 1 similar to memcmp() and all other compare functions in bgpd. OK henning@
Revision 1.137 / (download) - annotate - [select for diffs], Fri Jul 30 14:44:30 2004 UTC (19 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.136: +2 -1 lines
Diff to previous 1.136 (colored)
Add new announce type "default-route" which will only announce the default route to the specified neighbor. Idea and OK henning@
Revision 1.136 / (download) - annotate - [select for diffs], Tue Jul 27 15:26:45 2004 UTC (19 years, 10 months ago) by henning
Branch: MAIN
Changes since 1.135: +22 -16 lines
Diff to previous 1.135 (colored)
do not define the prefix, prefixlen and community structs used for the filters from within struct filter_match but explicit; no functional change
Revision 1.135 / (download) - annotate - [select for diffs], Mon Jul 5 16:54:53 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.134: +49 -45 lines
Diff to previous 1.134 (colored)
implement "set nexthop blackhole" and "set nexthop reject" blackhole/reject routes will be entered to the kernel for matching ones. this is intended to be used with the Cymru Bogon Route Server Project (http://www.cymru.com/BGP/bogon-rs.html) and similar services, claudio ok
Revision 1.134 / (download) - annotate - [select for diffs], Mon Jul 5 02:13:44 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.133: +2 -2 lines
Diff to previous 1.133 (colored)
fix a few KNF fallouts
Revision 1.133 / (download) - annotate - [select for diffs], Sat Jul 3 17:19:59 2004 UTC (19 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.132: +5 -4 lines
Diff to previous 1.132 (colored)
Switch mrt dumping to fd passing. This gives some speed up when extensive dumping is done. Acctually mrt dumps were broken because of the fd passing. The nice side effect is a much cleaner code, especially in the parent process. OK henning@
Revision 1.132 / (download) - annotate - [select for diffs], Fri Jun 25 20:08:46 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.131: +16 -14 lines
Diff to previous 1.131 (colored)
provide mask2prefixlen6() and prefixlen2mask6()
Revision 1.131 / (download) - annotate - [select for diffs], Wed Jun 23 00:11:27 2004 UTC (19 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.130: +2 -1 lines
Diff to previous 1.130 (colored)
Support rfc 3765 which adds a new well known community NOPEER. OK henning@
Revision 1.130 / (download) - annotate - [select for diffs], Tue Jun 22 20:28:58 2004 UTC (19 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.129: +16 -11 lines
Diff to previous 1.129 (colored)
Make the RDE IPv6 ready missing is the message handling. The internal prefix tree changed form a hash table to a per AF RB tree. OK henning@ some ideas are from Brent Graveland.
Revision 1.129 / (download) - annotate - [select for diffs], Tue Jun 22 07:22:31 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.128: +13 -2 lines
Diff to previous 1.128 (colored)
introduce kroute6, which will be used to build a seperate v6 table (smashing them into the v4 table would raise the memory requirements far too much), and make kroute_nexthop (where we are not under such memory pressure, you don't have a hundred thousand nexthops) v4/v6. change existing callers to use the v4 part, claudio ok
Revision 1.128 / (download) - annotate - [select for diffs], Sun Jun 20 18:35:12 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.127: +4 -4 lines
Diff to previous 1.127 (colored)
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
Revision 1.127 / (download) - annotate - [select for diffs], Sun Jun 20 17:49:46 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
Changes since 1.126: +15 -5 lines
Diff to previous 1.126 (colored)
implement file descriptor passing in the imsg/msgbuf framework, and use it to let the main process to prepare new listening sockets (socket() and bind()) on behalf of the session engine, which of course cannot bind() to ports < 1024 any more once it dropped privileges. with some help from theo, claudio ok
Revision 1.126 / (download) - annotate - [select for diffs], Sun Jun 6 17:38:10 2004 UTC (20 years ago) by henning
Branch: MAIN
Changes since 1.125: +23 -11 lines
Diff to previous 1.125 (colored)
rework bgpd's handling of listening sockets. instead of one for each supported address familiy, keep a tailq of an arbitary number of them. the new struct listen_addr contains the sockaddr and the fd. this fixes quite some nasty behaviour which was a consequence of the previous model. looks right deraadt@, and discussed with claudio
Revision 1.125 / (download) - annotate - [select for diffs], Fri May 21 15:36:40 2004 UTC (20 years ago) by claudio
Branch: MAIN
Changes since 1.124: +4 -1 lines
Diff to previous 1.124 (colored)
RFC 2796 bgp route reflector support. This is very useful in conjunction with templates. looks good, go for it henning@
Revision 1.124 / (download) - annotate - [select for diffs], Fri May 21 11:48:56 2004 UTC (20 years ago) by claudio
Branch: MAIN
Changes since 1.123: +5 -2 lines
Diff to previous 1.123 (colored)
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
Revision 1.123 / (download) - annotate - [select for diffs], Mon May 17 12:39:32 2004 UTC (20 years ago) by djm
Branch: MAIN
Changes since 1.122: +6 -1 lines
Diff to previous 1.122 (colored)
extend filter language to allow basic setting of COMMUNITIES attribute. ok claudio@
Revision 1.122 / (download) - annotate - [select for diffs], Fri May 7 10:06:15 2004 UTC (20 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.121: +21 -1 lines
Diff to previous 1.121 (colored)
add a filter option to dump prefixes learned in UPDATEs into a PF table, intended for building realtime BGP blacklists (e.g. with spamd); ok claudio & henning
Revision 1.121 / (download) - annotate - [select for diffs], Thu May 6 14:41:47 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.120: +2 -1 lines
Diff to previous 1.120 (colored)
we need a seperate field for the md5 key len, can't use strlen, noticed by markus some time ago
Revision 1.120 / (download) - annotate - [select for diffs], Thu May 6 11:57:55 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.119: +3 -2 lines
Diff to previous 1.119 (colored)
scale socket buffer sizes (and thus window size) up to up to 64k, but only of tcp md5sig or ipsec is in use. excellent idea by ryan some time ago, claudio and theo agree
Revision 1.119 / (download) - annotate - [select for diffs], Thu Apr 29 19:56:04 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.118: +3 -3 lines
Diff to previous 1.118 (colored)
sock -> fd; ok henning
Revision 1.118 / (download) - annotate - [select for diffs], Wed Apr 28 04:34:46 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.117: +3 -2 lines
Diff to previous 1.117 (colored)
allow ah/esp spec with IKE, markus ok
Revision 1.117 / (download) - annotate - [select for diffs], Wed Apr 28 02:57:27 2004 UTC (20 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.116: +3 -1 lines
Diff to previous 1.116 (colored)
Enable route refresh in the RDE. Now peer can request route refreshes. OK henning@
Revision 1.116 / (download) - annotate - [select for diffs], Wed Apr 28 01:08:38 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.115: +2 -2 lines
Diff to previous 1.115 (colored)
spacing
Revision 1.115 / (download) - annotate - [select for diffs], Wed Apr 28 00:38:39 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.114: +5 -5 lines
Diff to previous 1.114 (colored)
prefix the auth related defines by AUTH_, we had a name clash, markus ok
Revision 1.114 / (download) - annotate - [select for diffs], Tue Apr 27 22:42:13 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.113: +4 -4 lines
Diff to previous 1.113 (colored)
rename the ipsec struct to auth, move all tcpmd5 related fields in there, and add a generic "method" field that expresses what method (none/md5sig/ipsec manual/ipsec ike) is in use markus ok
Revision 1.113 / (download) - annotate - [select for diffs], Tue Apr 27 22:06:54 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.112: +23 -15 lines
Diff to previous 1.112 (colored)
parser parts for ipsec ike, markus ok
Revision 1.112 / (download) - annotate - [select for diffs], Tue Apr 27 03:53:42 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.111: +8 -2 lines
Diff to previous 1.111 (colored)
initial route refresh support per RFC2918 process incoming route refresh request and notify the RDE not advertised via capabilities yet, claudio ok
Revision 1.111 / (download) - annotate - [select for diffs], Mon Apr 26 04:13:59 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.110: +5 -1 lines
Diff to previous 1.110 (colored)
need keylen too, markus
Revision 1.110 / (download) - annotate - [select for diffs], Mon Apr 26 01:59:26 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.109: +18 -1 lines
Diff to previous 1.109 (colored)
structs for ipsec, with markus
Revision 1.109 / (download) - annotate - [select for diffs], Sun Apr 25 07:16:24 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.108: +5 -1 lines
Diff to previous 1.108 (colored)
add "neighbor cloning", allowing you to specify a prefix and prefixlength instead of the neighbor's IP address. WHen a connection comes in matching that mask we clone the neighbor spec. IPv6 match code by itojun, rde feeding by claudio, ok claudio
Revision 1.108 / (download) - annotate - [select for diffs], Sat Apr 24 19:36:19 2004 UTC (20 years, 1 month ago) by henning
Branch: MAIN
Changes since 1.107: +2 -1 lines
Diff to previous 1.107 (colored)
some rather boring windows talk at cansecwest made me hack initial support for IPv6 transport parts based on a diff from Brent Graveland ok itojun@ claudio@
Revision 1.107 / (download) - annotate - [select for diffs], Sat Apr 10 17:27:28 2004 UTC (20 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.106: +10 -1 lines
Diff to previous 1.106 (colored)
move the API_* and SAFI_* defines to where they belong
Revision 1.106 / (download) - annotate - [select for diffs], Thu Mar 11 17:12:51 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.105: +13 -1 lines
Diff to previous 1.105 (colored)
Add basic support for communities. Currently it is only possible to filter on communities, e.g match from any community 24640:* set localpref 666 OK henning@
Revision 1.105 / (download) - annotate - [select for diffs], Wed Mar 10 11:38:32 2004 UTC (20 years, 3 months ago) by henning
Branch: MAIN
Changes since 1.104: +2 -1 lines
Diff to previous 1.104 (colored)
implement framework to announce capabilities in the open messages we send. this includes handling "unsupported optional parameter" notifications from the peer and retrying without capability announcement. claudio ok
Revision 1.104 / (download) - annotate - [select for diffs], Tue Mar 2 19:45:04 2004 UTC (20 years, 3 months ago) by henning
Branch: MAIN
Changes since 1.103: +3 -2 lines
Diff to previous 1.103 (colored)
flesh out the address and prefix parsing, include v6 code, but reject v6 upwards, claudio ok
Revision 1.103 / (download) - annotate - [select for diffs], Tue Mar 2 19:29:01 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.102: +2 -1 lines
Diff to previous 1.102 (colored)
Framework for rib lookups by prefix. OK henning@
Revision 1.102 / (download) - annotate - [select for diffs], Mon Mar 1 16:02:01 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.101: +2 -1 lines
Diff to previous 1.101 (colored)
Make it possible to diable the decision process. This is a feature only useful for route-collectors. OK henning@
Revision 1.101 / (download) - annotate - [select for diffs], Thu Feb 26 16:16:41 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.100: +46 -13 lines
Diff to previous 1.100 (colored)
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
Revision 1.100 / (download) - annotate - [select for diffs], Thu Feb 26 14:00:33 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.99: +8 -1 lines
Diff to previous 1.99 (colored)
Implement "enforce neighbor-as yes|no" which is by default on for ebgp neighbors. While doing that check also that the nexthop is valid (not class D or E and not in 127/8 range). Kill some TODO and XXX and rename the british neighbour to neighbor as used everywhere else. OK henning@
Revision 1.99 / (download) - annotate - [select for diffs], Thu Feb 26 09:53:58 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.98: +2 -1 lines
Diff to previous 1.98 (colored)
Add per netwok definition filter sets. So you can now use network 10.0.0.0/8 set localpref 100 OK henning@
Revision 1.98 / (download) - annotate - [select for diffs], Tue Feb 24 15:43:03 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.97: +13 -10 lines
Diff to previous 1.97 (colored)
Enhance filters. prefixlen knows now 8-24 and 8><24. It is possible to use prefix 10.0.0.0/8 prefixlen >= 8 and set localpref 100 can be set on a per neighbor basis. OK henning@
Revision 1.97 / (download) - annotate - [select for diffs], Mon Feb 16 17:24:04 2004 UTC (20 years, 3 months ago) by henning
Branch: MAIN
Changes since 1.96: +2 -1 lines
Diff to previous 1.96 (colored)
add scope_id for v6 to struct bgpd_addr ok itojun, grumbling ok claudio
Revision 1.96 / (download) - annotate - [select for diffs], Mon Feb 16 14:26:29 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.95: +5 -1 lines
Diff to previous 1.95 (colored)
Extend imsg API so that messages can be composed on the fly. In the RDE it happens often, that imsg consists of multiple objects. OK henning@
Revision 1.95 / (download) - annotate - [select for diffs], Mon Feb 16 12:53:15 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.94: +22 -2 lines
Diff to previous 1.94 (colored)
Make the path attribute handling more RFC conformant. Also move the parser to rde_attr.c where it belongs. Still missing: better aspath loop detection (should be done afterwards) and some basic error checking for optional attributes. OK henning@
Revision 1.94 / (download) - annotate - [select for diffs], Tue Feb 10 23:10:23 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.93: +4 -1 lines
Diff to previous 1.93 (colored)
enforce config file secrecy (correct owner, no rights for group/world) help and ok theo
Revision 1.93 / (download) - annotate - [select for diffs], Mon Feb 9 01:46:34 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)
make max_prefix an u_int32_t instead of an u_long and change its meaning as in 0 means no limit insytead of setting it to ULONG_MAX for no limit
Revision 1.92 / (download) - annotate - [select for diffs], Sat Feb 7 11:42:30 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.91: +2 -1 lines
Diff to previous 1.91 (colored)
send filter rules to the RDE on reloads, help & ok claudio
Revision 1.91 / (download) - annotate - [select for diffs], Fri Feb 6 20:18:18 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.90: +85 -0 lines
Diff to previous 1.90 (colored)
initial cut at the filtering language. structs etc to describe a rule, filter rule list management parser groks filter defs now. claudio ok, discussion & help also jakob theo
Revision 1.90 / (download) - annotate - [select for diffs], Thu Feb 5 14:29:09 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.89: +2 -1 lines
Diff to previous 1.89 (colored)
introduce group IDs. will be needed for filtering (or rather, ease things there) just assign them from the neighbor ID pool - fortunately, that is rather simple, we just have to make sure that all members of the group and (later) all filter rules pointing to the group agree on the ID, but it does not need to stay the same across config reloads. ok claudio@
Revision 1.89 / (download) - annotate - [select for diffs], Sun Feb 1 19:46:05 2004 UTC (20 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.88: +2 -1 lines
Diff to previous 1.88 (colored)
Set sane default announce types according to the peer type. For IBGP use announce all and for EBGP use announce self. OK henning@
Revision 1.88 / (download) - annotate - [select for diffs], Wed Jan 28 23:31:28 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.87: +3 -3 lines
Diff to previous 1.87 (colored)
implement tcp md5sig password so that the key can be given in ascii, what unfortunately limits the key space (cisco/juniper compat...) we keep the ability to specify the key in hex whithout these limits. help & ok markus
Revision 1.87 / (download) - annotate - [select for diffs], Wed Jan 28 17:27:55 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.86: +1 -4 lines
Diff to previous 1.86 (colored)
-struct peer_auth to store the SPIs, linked into struct peer -add pfkey_auth_establish(), which sets up flows for both directions and stores the SPIs in above struct -add (yet dummy) pfkey_auth_remove() with markus, ok claudio markus
Revision 1.86 / (download) - annotate - [select for diffs], Wed Jan 28 11:03:32 2004 UTC (20 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)
pfkey_setkey: sockaddr -> bgpd_addr; ok claudio
Revision 1.85 / (download) - annotate - [select for diffs], Tue Jan 27 22:18:28 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.84: +1 -2 lines
Diff to previous 1.84 (colored)
log_ntoa is herewith condemned to death by claudio and yours truly
Revision 1.84 / (download) - annotate - [select for diffs], Tue Jan 27 21:56:21 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.83: +3 -3 lines
Diff to previous 1.83 (colored)
move strict kroute from in_addr_t for nexthop and prefix to struct in_addr ok claudio
Revision 1.83 / (download) - annotate - [select for diffs], Tue Jan 27 21:23:39 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.82: +3 -3 lines
Diff to previous 1.82 (colored)
constify log_addr and log_ntoa's returns, reminded by claudio
Revision 1.82 / (download) - annotate - [select for diffs], Tue Jan 27 16:49:53 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.81: +4 -4 lines
Diff to previous 1.81 (colored)
use a struct bgpd_addr instead of sockaddr_in for peer_config->local_addr and ->remote_addr for easier multiprotocol support ok claudio@
Revision 1.81 / (download) - annotate - [select for diffs], Tue Jan 27 14:09:36 2004 UTC (20 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored)
use SADB_GETSPI/UPDATE for setting tcpmd5 keys; ok henning
Revision 1.80 / (download) - annotate - [select for diffs], Mon Jan 26 14:42:47 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.79: +6 -1 lines
Diff to previous 1.79 (colored)
first cut at tcpmd5 setup seupport from within bgpd. works so far. with help from hshoexer@ and markus@ ok claudio@ hshoexer@ markus@
Revision 1.79 / (download) - annotate - [select for diffs], Fri Jan 23 21:17:51 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.78: +2 -1 lines
Diff to previous 1.78 (colored)
provide log_addr, which takes a struct bgpd_addr intended to replace log_ntoa in most cases becaus that is IPv4 only by design
Revision 1.78 / (download) - annotate - [select for diffs], Thu Jan 22 21:08:59 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.77: +2 -3 lines
Diff to previous 1.77 (colored)
provide a log_debug and use it in rde.c. with this, logit() can be a private function. we don't need to include syslog.h in bgpd.h any more; log.c and parse.y who need it include it directly now.
Revision 1.77 / (download) - annotate - [select for diffs], Thu Jan 22 20:59:16 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.76: +3 -1 lines
Diff to previous 1.76 (colored)
make log_peer_* take a struct peer_config instead of the session engine specific struct peer, and move their prototypes to bgpd.h to make it available to whole bgpd ok claudio@
Revision 1.76 / (download) - annotate - [select for diffs], Thu Jan 22 19:13:56 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.75: +3 -1 lines
Diff to previous 1.75 (colored)
provide log_warnx() and log_info()
Revision 1.75 / (download) - annotate - [select for diffs], Thu Jan 22 03:18:03 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
Revision 1.74 / (download) - annotate - [select for diffs], Thu Jan 22 03:07:51 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.73: +2 -1 lines
Diff to previous 1.73 (colored)
an RTM_IFINFO message can mean a lot. it does not necessarily mean that the status of the interface in terms of our nexthop validation changed; it might be something like a speed change that we don't care about. save the decided state for nexthop verificartion in struct kif, and only walk through the attached (connected) routes & report upwards if the state actually changed.
Revision 1.73 / (download) - annotate - [select for diffs], Sun Jan 18 19:15:00 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.72: +3 -1 lines
Diff to previous 1.72 (colored)
track interface type and baudrate as well ok claudio@
Revision 1.72 / (download) - annotate - [select for diffs], Sat Jan 17 21:06:55 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
keep track of interface link state and invalidate connected routes depending on the interface in question if it has no link now, if you pull the network cable all nexthops beeing in a connected network on this interface get invalidated nicely. ok claudio@
Revision 1.71 / (download) - annotate - [select for diffs], Sat Jan 17 19:35:36 2004 UTC (20 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.70: +14 -1 lines
Diff to previous 1.70 (colored)
Make it possible to announce own networks. In the RDE these prefixes are attached to a pseudo peer and inserted like all other prefixes into the RIB. OK henning@
Revision 1.70 / (download) - annotate - [select for diffs], Sat Jan 17 18:27:19 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.69: +4 -1 lines
Diff to previous 1.69 (colored)
keep & track interface names as well, not only indices
Revision 1.69 / (download) - annotate - [select for diffs], Sat Jan 17 18:05:46 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.68: +8 -2 lines
Diff to previous 1.68 (colored)
allow the interfaces as bgpd sees 'em to be queried via imsgs
Revision 1.68 / (download) - annotate - [select for diffs], Tue Jan 13 13:45:49 2004 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.67: +9 -1 lines
Diff to previous 1.67 (colored)
Implement a max-prefix and a announce none | self | all neighbor statement. The first limits the number of sent prefixes per peer the latter controls which prefix we do annouce to the neighbor. Another looks good from henning@
Revision 1.67 / (download) - annotate - [select for diffs], Tue Jan 13 13:34:56 2004 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.66: +3 -2 lines
Diff to previous 1.66 (colored)
Better update error handling. Ensure that the session goes down and ignore all queued updates after an error. Looks good henning@
Revision 1.66 / (download) - annotate - [select for diffs], Sun Jan 11 22:01:13 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.65: +9 -3 lines
Diff to previous 1.65 (colored)
use bgpd_addr in the nexthop tree; change nexthop_add/_remove accordingly ok claudio@
Revision 1.65 / (download) - annotate - [select for diffs], Sun Jan 11 20:13:00 2004 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.64: +7 -1 lines
Diff to previous 1.64 (colored)
Add to the IMSG_SESSION_UP message the local and remote address of the peer session. This is needed to set the correct nexthop address in outgoing bgp UPDATES. OK henning@
Revision 1.64 / (download) - annotate - [select for diffs], Sun Jan 11 19:42:27 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.63: +2 -1 lines
Diff to previous 1.63 (colored)
when sending the nexthop status message, include the kroute that makes that nexthop reachable. needed in the RDE for calculating the to-be-announced nexthop. ok claudio@
Revision 1.63 / (download) - annotate - [select for diffs], Sun Jan 11 19:14:43 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.62: +5 -5 lines
Diff to previous 1.62 (colored)
use struct bgpd_addr for nexthop and gateway in struct kroute_nexthop (and thus the nexthop messages between parent and RDE) ok claudio@
Revision 1.62 / (download) - annotate - [select for diffs], Sun Jan 11 02:35:14 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.61: +8 -2 lines
Diff to previous 1.61 (colored)
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
Revision 1.61 / (download) - annotate - [select for diffs], Fri Jan 9 19:08:50 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.60: +4 -3 lines
Diff to previous 1.60 (colored)
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address ok claudio@
Revision 1.60 / (download) - annotate - [select for diffs], Fri Jan 9 14:10:06 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.59: +7 -6 lines
Diff to previous 1.59 (colored)
flag kernel routes whch are not conencted routes as static routes. that's what they are, and it makes matching on them easier.
Revision 1.59 / (download) - annotate - [select for diffs], Fri Jan 9 13:47:07 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.58: +17 -2 lines
Diff to previous 1.58 (colored)
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket. ok claudio@
Revision 1.58 / (download) - annotate - [select for diffs], Thu Jan 8 16:17:12 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.57: +10 -10 lines
Diff to previous 1.57 (colored)
rename a few functions to further clarify things
Revision 1.57 / (download) - annotate - [select for diffs], Tue Jan 6 23:14:58 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.56: +4 -2 lines
Diff to previous 1.56 (colored)
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal. ok claudio@
Revision 1.56 / (download) - annotate - [select for diffs], Tue Jan 6 20:41:55 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.55: +3 -1 lines
Diff to previous 1.55 (colored)
allow holdtime and holdtime min to be configuered per peer ok claudio@
Revision 1.55 / (download) - annotate - [select for diffs], Tue Jan 6 03:43:50 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
2004
Revision 1.54 / (download) - annotate - [select for diffs], Mon Jan 5 22:57:59 2004 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.53: +6 -39 lines
Diff to previous 1.53 (colored)
Big overhaul of the mrt code. Dumping of incomming bgp messages is now possible and dumping the (not yet) filtered updates works too. Per neighbor dumps are still missing. OK henning@
Revision 1.53 / (download) - annotate - [select for diffs], Mon Jan 5 16:21:14 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.52: +4 -2 lines
Diff to previous 1.52 (colored)
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
Revision 1.52 / (download) - annotate - [select for diffs], Sun Jan 4 19:39:46 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.51: +3 -2 lines
Diff to previous 1.51 (colored)
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
Revision 1.51 / (download) - annotate - [select for diffs], Sun Jan 4 18:51:23 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.50: +11 -1 lines
Diff to previous 1.50 (colored)
allow "show neighbor" to be limited to one specific neighbor
Revision 1.50 / (download) - annotate - [select for diffs], Sat Jan 3 20:37:34 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.49: +1 -71 lines
Diff to previous 1.49 (colored)
move some session specific stuff to session.h and make the few files that need it include that
Revision 1.49 / (download) - annotate - [select for diffs], Sat Jan 3 20:22:07 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.48: +8 -6 lines
Diff to previous 1.48 (colored)
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
Revision 1.48 / (download) - annotate - [select for diffs], Sat Jan 3 13:54:27 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.47: +3 -2 lines
Diff to previous 1.47 (colored)
send an imsg as list end indicator
Revision 1.47 / (download) - annotate - [select for diffs], Fri Jan 2 02:27:57 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.46: +3 -1 lines
Diff to previous 1.46 (colored)
move the socket name #define to bgpd.h and get rid of bgpdctl*
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jan 1 23:46:47 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.45: +14 -2 lines
Diff to previous 1.45 (colored)
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
Revision 1.45 / (download) - annotate - [select for diffs], Thu Jan 1 23:09:08 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.44: +2 -1 lines
Diff to previous 1.44 (colored)
now that imsg_get uses bigger buffers, one read call can put more than one imsg into the buffer. since imsg_get by definition only returns one imsg we missed the next imsg(s) until the next poll event on the socket in question, building up a queue on that socket. didn't show up as a problem yet... factor out imsg_read, which reads into the buffer. imsg_get now entirely operates on the buffers and does not read(2) itself. make all callers cope by calling imsg_read on poll events and calling imsg_get in a loop until all imsgs are processed.
Revision 1.44 / (download) - annotate - [select for diffs], Sun Dec 28 14:34:30 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.43: +4 -14 lines
Diff to previous 1.43 (colored)
redo the imsg readers to use bigger buffers and less read(2)s. should increase performance even further. gets rif od struct imsg_readbuf; rename peer_read_buf to read_buf as that is more appropriate now.
Revision 1.43 / (download) - annotate - [select for diffs], Sat Dec 27 14:24:42 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.42: +7 -7 lines
Diff to previous 1.42 (colored)
keep a copy of the fd locally instead of passing it around all time
Revision 1.42 / (download) - annotate - [select for diffs], Sat Dec 27 01:30:00 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.41: +3 -1 lines
Diff to previous 1.41 (colored)
provide kroute_fib_couple and _decouple, pumping all bgp routes from the internal view to the kernel routing table respectively removing them all from the kernel routing table kroute_shutdown is now a simple wrapper to kroute_fib_decouple
Revision 1.41 / (download) - annotate - [select for diffs], Sat Dec 27 00:53:51 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
implement "no fib-update" much cooler
Revision 1.40 / (download) - annotate - [select for diffs], Fri Dec 26 20:52:14 2003 UTC (20 years, 5 months ago) by jakob
Branch: MAIN
Changes since 1.39: +4 -1 lines
Diff to previous 1.39 (colored)
add option 'log updates' to log updates. ok henning@
Revision 1.39 / (download) - annotate - [select for diffs], Fri Dec 26 20:06:01 2003 UTC (20 years, 5 months ago) by jakob
Branch: MAIN
Changes since 1.38: +6 -6 lines
Diff to previous 1.38 (colored)
constify; ok henning@
Revision 1.38 / (download) - annotate - [select for diffs], Fri Dec 26 18:07:32 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.37: +3 -2 lines
Diff to previous 1.37 (colored)
when this project started and i added the fatal() function, I made it take the error number as parameter instead of accessing errno, because in one place the error number was not in errno but fetched from a socket. now, of course it makes much more sense to just set errno to the error number just fecthed in this one place instead of having hundreds of fatal() calls all transfer the errno round and round and round... fix this, and also provide a fatalx, which does not care for errno and doesn't invoke strerror. oh, btw, in the place where we fetch the err # from the socket, we don't call fatal anymore anyway...
Revision 1.37 / (download) - annotate - [select for diffs], Fri Dec 26 17:47:04 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.36: +3 -3 lines
Diff to previous 1.36 (colored)
by making kroute_dispatch_msg() and kroute_nexthop_add() return int instead of void they can now report errors upstream and do not need to panic any more. so do that and handle the errors in bgpd.c in the vein that we at least can clean up before exit. there are no direct fatal() call in kroute.c now any more, nor any in bgpd.c after forking.
Revision 1.36 / (download) - annotate - [select for diffs], Fri Dec 26 16:48:07 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.35: +2 -1 lines
Diff to previous 1.35 (colored)
provide a real log_err
Revision 1.35 / (download) - annotate - [select for diffs], Fri Dec 26 16:37:04 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.34: +3 -3 lines
Diff to previous 1.34 (colored)
log_err -> log_peer_err log_errx -> log_peer_errx because that is what they really are, peer specific.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Dec 26 14:38:58 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
log nexthop status changes
Revision 1.33 / (download) - annotate - [select for diffs], Fri Dec 26 14:27:58 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.32: +2 -1 lines
Diff to previous 1.32 (colored)
+ log_ntoa, a simple helper funtion that doesn't require a struct in_addr...
Revision 1.32 / (download) - annotate - [select for diffs], Fri Dec 26 14:26:02 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.31: +1 -3 lines
Diff to previous 1.31 (colored)
remove he pathetic log_kroute() not used anywhere anyway
Revision 1.31 / (download) - annotate - [select for diffs], Fri Dec 26 00:49:52 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored)
handle IMSG_NEXTHOP_DELETE as well
Revision 1.30 / (download) - annotate - [select for diffs], Fri Dec 26 00:27:23 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
kroute_nexthop_check -> kroute_nexthop_add kroute_validate_nexthop -> kroute_nexthop_insert
Revision 1.29 / (download) - annotate - [select for diffs], Fri Dec 26 00:23:48 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.28: +1 -2 lines
Diff to previous 1.28 (colored)
kroute_validate_nexthop is a private function
Revision 1.28 / (download) - annotate - [select for diffs], Fri Dec 26 00:14:04 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.27: +4 -1 lines
Diff to previous 1.27 (colored)
finally marry rde and kroute parts of the nexthop verification: handle IMSG_NEXTHOP_ADD and send IMSG_NEXTHOP_UPDATE when appropriate
Revision 1.27 / (download) - annotate - [select for diffs], Thu Dec 25 23:22:13 2003 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.26: +5 -2 lines
Diff to previous 1.26 (colored)
RDE part of the nexthop verification puzzle. The RDE just tracks the nexthop IPs and reacts on nexthop messages from the parent. ok henning@
Revision 1.26 / (download) - annotate - [select for diffs], Thu Dec 25 23:15:58 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.25: +10 -1 lines
Diff to previous 1.25 (colored)
bring us closer to a complete nexthop verification that does NOT need periodic scans: -keep a tree of nexthops with valid/invalid flags -provide kroute_match, which takes an IP address and gives the kernel route for that -find the kernel route for a given nexthop with that -keep a marker on the kernel route that a nexthop depends on it -on removal of the kernel route, re-evaluate the affected nexthops for validity. ok claudio@
Revision 1.25 / (download) - annotate - [select for diffs], Thu Dec 25 17:07:24 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.24: +12 -10 lines
Diff to previous 1.24 (colored)
track routing table changes that are _not_ caused by bgpd itself ok claudio@
Revision 1.24 / (download) - annotate - [select for diffs], Thu Dec 25 14:28:49 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.23: +2 -1 lines
Diff to previous 1.23 (colored)
implement "passive": do not attempt to open a tcp connection to the neighbor system
Revision 1.23 / (download) - annotate - [select for diffs], Thu Dec 25 02:24:26 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.22: +1 -2 lines
Diff to previous 1.22 (colored)
kill IMSG_KROUTE_ADD as well. just send KROUTE_CHANGE requests.
Revision 1.22 / (download) - annotate - [select for diffs], Thu Dec 25 02:09:19 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
it actually makes more sense to call the merged function kroute_change
Revision 1.21 / (download) - annotate - [select for diffs], Thu Dec 25 02:04:46 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.20: +1 -2 lines
Diff to previous 1.20 (colored)
kroute_change is obsolete, long live kroute_add
Revision 1.20 / (download) - annotate - [select for diffs], Wed Dec 24 23:14:23 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.19: +5 -7 lines
Diff to previous 1.19 (colored)
following up on a discussion with theo, read(2) as much as possible at once and process the bgp messages after each other out of that big buffer. gives a nice speedup, easier code and earlier connection close detection.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Dec 24 20:09:57 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.18: +2 -4 lines
Diff to previous 1.18 (colored)
now that the main process can cleanup without RDE's help, we do not need the somewhat fragile IMSG_SHUTDOWN_* stuff any more. speeds shutdown up enourmously. ok claudio@
Revision 1.18 / (download) - annotate - [select for diffs], Wed Dec 24 19:59:24 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)
now that we keep track of the routes we added to the kernel we can remove them easily on shutdown without the RDE's help
Revision 1.17 / (download) - annotate - [select for diffs], Wed Dec 24 19:21:20 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.16: +2 -1 lines
Diff to previous 1.16 (colored)
add log_kroute()
Revision 1.16 / (download) - annotate - [select for diffs], Wed Dec 24 13:49:21 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.15: +4 -1 lines
Diff to previous 1.15 (colored)
add option to not touch the kernel routing table
Revision 1.15 / (download) - annotate - [select for diffs], Tue Dec 23 18:28:05 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.14: +4 -2 lines
Diff to previous 1.14 (colored)
send shutdown requests to the child processes and wait for a ackmessage from them when shutting down. the rde needs the main process to clean up the routing table on exit so the parent process needs to be in service until the RDE is done. ok claudio@
Revision 1.14 / (download) - annotate - [select for diffs], Tue Dec 23 01:06:21 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.13: +2 -1 lines
Diff to previous 1.13 (colored)
allow the listening address to be specified, default to INADDR_ANY should make jose@ happy
Revision 1.13 / (download) - annotate - [select for diffs], Mon Dec 22 15:22:13 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.12: +17 -2 lines
Diff to previous 1.12 (colored)
o add low-level functions for adding/chaining/removing kernel routes o define new imsg types for this o process these imsgs in the parent process now "only" debugging and the rde sending these messages is missing. ok claudio@
Revision 1.12 / (download) - annotate - [select for diffs], Mon Dec 22 15:07:05 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)
add a configtest mode
Revision 1.11 / (download) - annotate - [select for diffs], Sun Dec 21 23:28:39 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
rename get_imsg() to imsg_get(); that's more consistent
Revision 1.10 / (download) - annotate - [select for diffs], Sun Dec 21 23:26:37 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.9: +11 -5 lines
Diff to previous 1.9 (colored)
wrap read & write buffers for imsgs into a struct. finally gives us read buffers per pipe instead of per process, eleminating a possible race. also gets us a real imsg_init() that does all the boring init work
Revision 1.9 / (download) - annotate - [select for diffs], Sun Dec 21 22:16:53 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.8: +24 -22 lines
Diff to previous 1.8 (colored)
overhaul the write buffering code. introduce msgbuf API and bundle all info needed for the write buffers in a struct msgbuf. also switch to a write queue per handled connection (each bgp session, each pipe) instead of one big one. fixes some subtle problems and is overall nicer. ok claudio@
Revision 1.8 / (download) - annotate - [select for diffs], Sun Dec 21 18:21:24 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.7: +1 -2 lines
Diff to previous 1.7 (colored)
queued_reads in struct peer was not ever used exept for an initialization to 0
Revision 1.7 / (download) - annotate - [select for diffs], Sun Dec 21 16:11:33 2003 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
yet more from the castathon; most aspath functions where accessing non- aligned memory (u_int16_t) therefor crashed the RDE on my sparc64. All buffer specific functions use now void * instead of u_char * so most cast are now history. Tested on sparc64 and i386. OK henning@
Revision 1.6 / (download) - annotate - [select for diffs], Sat Dec 20 21:19:40 2003 UTC (20 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
more cast cleanup imsg_compose takes now a void * argument. OK henning@
Revision 1.5 / (download) - annotate - [select for diffs], Sat Dec 20 21:14:55 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
let buf_add take void *data instead of u_char *data and save a zillion evil casts
Revision 1.4 / (download) - annotate - [select for diffs], Sat Dec 20 20:25:20 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)
make imsg.data void *, theo
Revision 1.3 / (download) - annotate - [select for diffs], Sat Dec 20 18:32:22 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.2: +7 -1 lines
Diff to previous 1.2 (colored)
keep track which process we are so fatal() can log in which proc the condition happened. fatal()s from subsystems used by all 3 processes like the imsg subsystem were hard to track down without knowing in which process the condition happened.
Revision 1.2 / (download) - annotate - [select for diffs], Sat Dec 20 14:33:09 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.1: +9 -9 lines
Diff to previous 1.1 (colored)
read(2)/write(2) return ssize_t, not size_t
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 17 11:46:54 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
welcome, bgpd started by me some time ago with moral support from theo, the proceeded up to the point where the session engine worked correctly. claudio jeker joined then and did a lot of work in the RDE. it is not particulary usefull as application right now as parts are still missing but is imported to enable more people to work on it. status: BGP sessions get established fine, OPEN messages and then KEEPALIVEs exchanged etc. session FSM works fine; NOTIFICATIONs are handled fine, and all connection drops etc I provoked get handled fine. Incoming UPDATE messgages are parsed well and the data entered to the RIB, the decision process is not yet there, neither is outgoing UPDATEs or sync to the kernel routing table. not connected to the builds yet.