Up to [local] / src / usr.sbin / bgpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.109 / (download) - annotate - [select for diffs], Wed May 22 08:41:14 2024 UTC (2 weeks, 3 days ago) by claudio
Branch: MAIN
CVS Tags: HEAD
Changes since 1.108: +4 -3 lines
Diff to previous 1.108 (colored)
Convert bgpid, remote_bgpid and clusterid to host byte order. Before the RDE used host byte order for remote_bgpid but all the other code used network byte order. The reason for that was that bgpid was initially an IPv4 address but since RFC 6286 in 2011 this is much more relaxed and so it makes more sense to just treat them as numbers and so host byte order. OK tb@
Revision 1.108 / (download) - annotate - [select for diffs], Wed Aug 16 08:26:35 2023 UTC (9 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.107: +1 -2 lines
Diff to previous 1.107 (colored)
Remove per-AFI ASPA handling in bgpd internals With draft-ietf-sidrops-aspa-profile-16 and draft-ietf-sidrops-aspa-verification-15 the AFI dependence of ASPA records was dropped. So remove this complication form the code. This only removes the AFI handling internally in bgpd but still allows the old syntax in aspa-set tables. The optional address family is just ignored and records are merged together. For RTR sessions draft-ietf-sidrops-8210bis has not yet been updated so right now we still handle RTR sessions as specified there. The IPv4 and IPv6 ASPA entries are handled in two trees and merged together into one AFI independent tree. This is the best we can do for now until IETF updates draft-ietf-sidrops-8210bis. OK tb@ job@
Revision 1.107 / (download) - annotate - [select for diffs], Tue Apr 18 12:11:27 2023 UTC (13 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.106: +84 -1 lines
Diff to previous 1.106 (colored)
Implement the parser bits to process flowspec rules. Heavily inspired by pfctl, in bgpd flowspec rules are written like pf rules (with a few exceptions / extensions). As a result not all flowspec features are available but that is OK. OK tb@
Revision 1.106 / (download) - annotate - [select for diffs], Wed Dec 28 21:30:15 2022 UTC (17 months, 1 week ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.105: +2 -2 lines
Diff to previous 1.105 (colored)
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
Revision 1.105 / (download) - annotate - [select for diffs], Fri Nov 18 10:17:23 2022 UTC (18 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.104: +43 -2 lines
Diff to previous 1.104 (colored)
Add plumbing for ASPA support. This implements the parser and part of the logic in the rtr process. It does not implement the new RTR messages yet but it is possible to specify an aspa-set in the config. Also the validation code in the RDE is missing so this does not do anything. With this in it will be possible to extend rpki-client to publish an aspa-set as part of the openbgpd config file. OK tb@
Revision 1.104 / (download) - annotate - [select for diffs], Wed Aug 17 15:15:25 2022 UTC (21 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.103: +3 -3 lines
Diff to previous 1.103 (colored)
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy(). The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
Revision 1.103 / (download) - annotate - [select for diffs], Wed Jul 20 12:43:27 2022 UTC (22 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.102: +14 -8 lines
Diff to previous 1.102 (colored)
Cleanup and fix the network code. - introduce network_free() to properly free a network struct including the possible rtlabel reference. - change expand_networks() and the reload code to not only expand the main network config but also the network configs inside L3VPN sections. - adjust reload logic to properly match any kind of network struct. Up until now rtlabel and priority network statememnts were not correctly reloaded. OK tb@
Revision 1.102 / (download) - annotate - [select for diffs], Sun Jun 5 12:43:13 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.101: +4 -4 lines
Diff to previous 1.101 (colored)
Rework how fib_priority is handled. Instead of passing it around all the time put the fib_priority into the kroute state. It is only needed in send_rtmsg() in the end. Additionally insert F_BGP_INSERTED routes with a special RTP_MINE priority. This makes changing the fib_priority at runtime simpler because there is no need to alter the kroute table anymore. OK tb@ deraadt@
Revision 1.101 / (download) - annotate - [select for diffs], Wed Feb 23 11:20:35 2022 UTC (2 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.100: +1 -25 lines
Diff to previous 1.100 (colored)
Make it possible to bind and connect to non-default ports. This is mainly for testing. Using alternate ports does not work for session using ipsec. OK tb@ deraadt@
Revision 1.100 / (download) - annotate - [select for diffs], Sun Feb 6 09:51:19 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.99: +6 -6 lines
Diff to previous 1.99 (colored)
Switch from u_intX_t types to stdint.h uintX_t. Mostly mechanical with a few reindents. OK florian@ tb@
Revision 1.99 / (download) - annotate - [select for diffs], Tue Feb 16 08:29:16 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.98: +20 -2 lines
Diff to previous 1.98 (colored)
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
Revision 1.98 / (download) - annotate - [select for diffs], Mon Jan 4 13:42:11 2021 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.97: +43 -16 lines
Diff to previous 1.97 (colored)
Rework roa_cmp() so that the result does not depend on the endianess of the system. While at use memcmp in prefixset_cmp() as well for address checks. OK florian@
Revision 1.97 / (download) - annotate - [select for diffs], Tue Dec 29 15:30:34 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.96: +33 -5 lines
Diff to previous 1.96 (colored)
In preparation for RTR support change the representation of the roa-set in the parent to a simple RB tree based on struct roa. With this overlapping ROAs (same prefix & source-as but different maxlen) are now merged in the RDE when the lookup trie is constructed. OK benno@
Revision 1.96 / (download) - annotate - [select for diffs], Tue Dec 29 09:49:04 2020 UTC (3 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.95: +3 -2 lines
Diff to previous 1.95 (colored)
getifaddrs() can return entries where ifa_addr is NULL. Check for this before accessing anything in ifa_addr. OK florian@
Revision 1.95 / (download) - annotate - [select for diffs], Fri Feb 14 13:54:31 2020 UTC (4 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8,
OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.94: +2 -19 lines
Diff to previous 1.94 (colored)
Rename copy_filterset() to filterset_copy() and move it to rde_filter.c where functions like filterset_move() live. Also initialize the dest TAILQ in filterset_copy() as it is done in filterset_move(). OK benno@ phessler@
Revision 1.94 / (download) - annotate - [select for diffs], Tue Jan 28 15:45:46 2020 UTC (4 years, 4 months ago) by bket
Branch: MAIN
Changes since 1.93: +2 -6 lines
Diff to previous 1.93 (colored)
usr.sbin/bgpd: replace TAILQ concatenation loop with TAILQ_CONCAT OK florian@, benno@
Revision 1.93 / (download) - annotate - [select for diffs], Fri Sep 27 10:26:32 2019 UTC (4 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.92: +1 -3 lines
Diff to previous 1.92 (colored)
Move the code to initialize the cluster-id from merge_config() to parse_config(). The first is not called on startup which results in bgpd using 0.0.0.0 as cluster-id. Found and fix provided by Rivo Nurges (Rivo dot Nurges at smit dot ee) Thanks and OK claudio@
Revision 1.92 / (download) - annotate - [select for diffs], Tue Aug 13 07:39:57 2019 UTC (4 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.91: +1 -4 lines
Diff to previous 1.91 (colored)
When allocating a new peer set the reconf_action to RECONF_REINIT. Also in merge_config() it is no longer needed to reset the reconf_action of the new peers to RECONF_REINIT. merge_config() is not called on startup and so some of the initialisation of new peers did not happen correctly. This fixes the md5 integration test since the md5 initialisation did not happen early enough.
Revision 1.91 / (download) - annotate - [select for diffs], Mon Aug 5 08:46:55 2019 UTC (4 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.90: +5 -9 lines
Diff to previous 1.90 (colored)
Cleanup config reload in the RDE. Use the bgpd_conf struct to store sets and l3vpns instead of temporary globals. Also rework rde_reload_done to free filters and sets earlier. The soft-reconfiguration process no longer needs the previous filters / sets to do its work since there is a full Adj-RIB-Out. OK benno@
Revision 1.90 / (download) - annotate - [select for diffs], Wed May 29 08:48:00 2019 UTC (5 years ago) by claudio
Branch: MAIN
Changes since 1.89: +4 -1 lines
Diff to previous 1.89 (colored)
Rework pfkey handling a bit. The old remove then add way of inserting md5sig hit a race frequently where a session ended up with no key/SPI in the kernel. Since there is no way to do atomic updates of SADB_X_SATYPE_TCPSIGNATURE the code is adding a new one then removing the old one. Also make sure keys are correctly cleared when peers are deconfigured. May not be perfect but a lot better than what was there before. Tested by and OK sthen@
Revision 1.89 / (download) - annotate - [select for diffs], Mon May 27 09:14:32 2019 UTC (5 years ago) by claudio
Branch: MAIN
Changes since 1.88: +14 -10 lines
Diff to previous 1.88 (colored)
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
Revision 1.88 / (download) - annotate - [select for diffs], Wed May 8 12:41:55 2019 UTC (5 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.87: +5 -2 lines
Diff to previous 1.87 (colored)
Rework the TCP md5sig and IKE handling. Move the pfkey socket to the parent process in this process. The refreshing of the keys is done whenever the session state is changes to state IDLE or ACTIVE. This should behave better when reloading configs with auth changes. OK benno@
Revision 1.87 / (download) - annotate - [select for diffs], Sun Mar 31 16:57:38 2019 UTC (5 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.86: +30 -3 lines
Diff to previous 1.86 (colored)
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
Revision 1.86 / (download) - annotate - [select for diffs], Fri Mar 15 09:54:54 2019 UTC (5 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.85: +4 -2 lines
Diff to previous 1.85 (colored)
Set all default values in init_config in parse.y and remove the special ones in session.c. Adjust printconfig a bit to only show non default values and move mrt_mergeconfig into merge_conifg where it kind of belongs. OK benno@
Revision 1.85 / (download) - annotate - [select for diffs], Thu Mar 7 07:42:36 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.84: +39 -34 lines
Diff to previous 1.84 (colored)
Do a better job at cleaning up the config on shutdown. Remove bits that were missed before (e.g. network related objects). This helps to detect memory leaks. Start using new_config() and free_config() in all places where bgpd_config structure are used. This way the struct is properly initialised and cleaned up. Introduce copy_config() to only copy the values into the other struct leaving the pointers as they were. Looks good to benno@
Revision 1.84 / (download) - annotate - [select for diffs], Wed Feb 27 04:31:56 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.83: +2 -2 lines
Diff to previous 1.83 (colored)
Convert the remote and local addresses in struct peer to be bgpd_addrs instead of sockaddr_storage. This again helps protability and simplifies some code. sa2addr now takes an optional pointer to return the port of the sockaddr. OK benno@
Revision 1.83 / (download) - annotate - [select for diffs], Mon Feb 18 09:58:19 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.82: +1 -44 lines
Diff to previous 1.82 (colored)
Move get_mpe_config() to kroute.c so that config.c does not depend on system specific code.
Revision 1.82 / (download) - annotate - [select for diffs], Mon Feb 18 09:43:57 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.81: +10 -9 lines
Diff to previous 1.81 (colored)
Do not depend on the length field of struct sockaddr instead pass the length to the various functions needing it. Helps portability. OK benno@
Revision 1.81 / (download) - annotate - [select for diffs], Tue Feb 12 09:00:21 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.80: +1 -3 lines
Diff to previous 1.80 (colored)
Remove log_debug which is no longer needed
Revision 1.80 / (download) - annotate - [select for diffs], Mon Feb 11 15:44:25 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.79: +33 -18 lines
Diff to previous 1.79 (colored)
The definition of VPNs in bgpd was never super elegant. The 'depend on mpeX' config was a bit redundant. Also to make it more flexible (e.g. having more than one mpeX interface per rdomain the syntax was changed. To make this possible especially the network distribution logic had to be adjusted and cleaned up. This should in general make network statements well defined and conflicts between 'network A.B.C.D/N' and e.g. 'network static' are handled in a well defined way ('network A.B.C.D/N' has preference). With and OK dlg@, OK denis@
Revision 1.79 / (download) - annotate - [select for diffs], Thu Dec 27 20:23:24 2018 UTC (5 years, 5 months ago) by remi
Branch: MAIN
Changes since 1.78: +6 -2 lines
Diff to previous 1.78 (colored)
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown. This helps a lot when one tries to do a config check without -n. Inputs and OK claudio@
Revision 1.78 / (download) - annotate - [select for diffs], Wed Nov 14 17:24:01 2018 UTC (5 years, 6 months ago) by mestre
Branch: MAIN
Changes since 1.77: +2 -1 lines
Diff to previous 1.77 (colored)
Plug memory leak in host()'s error code path OK claudio@
Revision 1.77 / (download) - annotate - [select for diffs], Sat Sep 29 08:11:11 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.76: +33 -29 lines
Diff to previous 1.76 (colored)
Implement origin validation in bgpd. This introduces two new tables, the roa-set for RPKI based origin validation and a origin-set which allows to lookup a source-as / prefix pair. For RPKI a config can be built like this: roa-set { 165.254.255.0/24 source-as 15562 193.0.0.0/21 maxlen 24 source-as 3333 } deny from any ovs invalid match from any ovs valid set community local-as:42 match from any ovs not-found set community local-as:43 Origin sets are similar but only match when the source-as / prefix pair is valid. match from any origin-set ARINDB set community local-as:44 Committing this now so that further work can be done in tree. OK benno@, job@
Revision 1.76 / (download) - annotate - [select for diffs], Fri Sep 21 20:45:50 2018 UTC (5 years, 8 months ago) by kn
Branch: MAIN
Changes since 1.75: +28 -51 lines
Diff to previous 1.75 (colored)
sync host*() changes from pfctl This simplifies host() and merges host_v{4,6}() into host_ip() as recently done for pfctl and ntpd. Tested and OK denis, OK deraadt, "go ahead" benno
Revision 1.75 / (download) - annotate - [select for diffs], Fri Sep 21 04:55:27 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.74: +11 -1 lines
Diff to previous 1.74 (colored)
Implement code to parse, print and reload roa-set tables. This is sharing a lot of code with prefixset which makes all a bit easier. A roa-set is defined like this: roa-set "test2" { 1.2.3.0/24 source-as 1, 1.2.8.0/22 maxlen 24 source-as 3 } No support for acting on this data yet. Put it in deraadt@, OK benno@, input and OK denis@
Revision 1.74 / (download) - annotate - [select for diffs], Thu Sep 20 07:46:39 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.73: +50 -6 lines
Diff to previous 1.73 (colored)
Switch prefixset to an RB_TREE instead of a SIMPLEQ. This allows to trigger on duplicates (which are only reported) but is needed as a preparation step for roa-sets. OK benno@ denis@
Revision 1.73 / (download) - annotate - [select for diffs], Sun Sep 9 11:00:51 2018 UTC (5 years, 9 months ago) by benno
Branch: MAIN
Changes since 1.72: +50 -1 lines
Diff to previous 1.72 (colored)
Add network prefix-set <name> syntax to announce networks in a prefix-set. feature discussed with deraadt@ and job@, ok claudio@
Revision 1.72 / (download) - annotate - [select for diffs], Fri Sep 7 05:43:33 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.71: +15 -11 lines
Diff to previous 1.71 (colored)
Implement as-set a fast lookup table to be used instead of long list of AS numbers in source-as, AS and transit-as filterstatements. These table use bsearch to quickly verify if an AS is in the set or not. The filter syntax is not fully set in stone yet. OK denis@ benno@ and previously OK deraadt@
Revision 1.71 / (download) - annotate - [select for diffs], Tue Sep 4 10:48:39 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.70: +2 -3 lines
Diff to previous 1.70 (colored)
Instead of bzero() use an assinment to zero struct in_addr.
Revision 1.70 / (download) - annotate - [select for diffs], Thu Aug 2 12:46:02 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.69: +3 -1 lines
Diff to previous 1.69 (colored)
Make free_prefixsets() accept a NULL pointer. Makes it behave more like all other free functions bgpd has.
Revision 1.69 / (download) - annotate - [select for diffs], Wed Jul 11 21:10:07 2018 UTC (5 years, 10 months ago) by benno
Branch: MAIN
Changes since 1.68: +6 -1 lines
Diff to previous 1.68 (colored)
The routing table bgpd runs in needs to be a routing domain. ok claudio henning
Revision 1.68 / (download) - annotate - [select for diffs], Sat Feb 10 01:24:28 2018 UTC (6 years, 3 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.67: +32 -1 lines
Diff to previous 1.67 (colored)
Add prefix-sets, lists of prefixes which can be used in place of a prefix in a filter rule. Initial idea hashed out with job@ in Toronto. This is WIP, i'm commiting it now so we can work on it in the tree. ok florian@ claudio@
Revision 1.67 / (download) - annotate - [select for diffs], Mon May 29 09:56:33 2017 UTC (7 years ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.66: +5 -3 lines
Diff to previous 1.66 (colored)
change bgpd's control socket from /var/run/bgpd.sock to /var/run/bgpd.sock.<rdomain> in both bgpd and bgpctl. makes life easier for admins. ok phessler, claudio, henning, feedback from Job Snijders
Revision 1.66 / (download) - annotate - [select for diffs], Sun May 28 15:16:33 2017 UTC (7 years ago) by henning
Branch: MAIN
Changes since 1.65: +1 -0 lines
Diff to previous 1.65 (colored)
so far, bgpd was hardcoded to use rtable 0 for nexthop verification. instead, use the rtable bgpd was started in (route -T <n> exec / rc.d daemon_rtable) for nexthop verification and as default Adj-RIB-In and Loc-RIB. This allows multiple bgpds in different rdomains on the same machine - bgp router virtualization if you like buzzwords. initial version written under contract more than a year ago, it took us a while to wrap our brains around the bgpd <-> rdomain interactions - 1) RIBs, 2) nexthop verification and 3) tcp sockets. ok & input phessler claudio benno
Revision 1.65 / (download) - annotate - [select for diffs], Tue Jan 24 04:22:42 2017 UTC (7 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.64: +2 -1 lines
Diff to previous 1.64 (colored)
sync log.c from relayd et al to bgpd. there is still a little difference regarding handling of the verbosity value that will be handled later. ok claudio@ florian@
Revision 1.64 / (download) - annotate - [select for diffs], Tue Jan 17 22:10:55 2017 UTC (7 years, 4 months ago) by krw
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)
Nuke some whitespace that keeps poking me in the eye as I try to steal code.
Revision 1.63 / (download) - annotate - [select for diffs], Tue Jan 26 18:35:01 2016 UTC (8 years, 4 months ago) by mmcc
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
typos
Revision 1.62 / (download) - annotate - [select for diffs], Tue Dec 1 11:58:31 2015 UTC (8 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.61: +36 -26 lines
Diff to previous 1.61 (colored)
It is not a network hackathon without a bgpd commit. So here we go. Fix rdomain setups that got broken some time ago when I refactored the config loading to exec the rde and se on startup. Works for me and I think I'm the only user.
Revision 1.61 / (download) - annotate - [select for diffs], Thu Jul 16 18:26:04 2015 UTC (8 years, 10 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.60: +159 -68 lines
Diff to previous 1.60 (colored)
Next round of config cleanup. Move various lists into the bgpd_config struct. This is the next step to better split parsing and merging the config. OK benno@
Revision 1.60 / (download) - annotate - [select for diffs], Sat Mar 14 02:43:02 2015 UTC (9 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.59: +2 -5 lines
Diff to previous 1.59 (colored)
Move the command line options (mainly -d and -v) out of struct bgpd_config into a own flag field since these can't be modified via a config reload. OK henning@ benno@ before lock
Revision 1.59 / (download) - annotate - [select for diffs], Sat Mar 14 02:32:35 2015 UTC (9 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.58: +11 -1 lines
Diff to previous 1.58 (colored)
Move the code that adjust FIB priority when changed during a config reload from the parsing function to the merge_config function where it belongs. OK henning@ benno@ before lock
Revision 1.58 / (download) - annotate - [select for diffs], Mon Feb 9 11:37:31 2015 UTC (9 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.57: +3 -2 lines
Diff to previous 1.57 (colored)
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
Revision 1.57 / (download) - annotate - [select for diffs], Wed Nov 13 09:14:48 2013 UTC (10 years, 6 months ago) by florian
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.56: +4 -1 lines
Diff to previous 1.56 (colored)
Knob to set priority with which bgpd inserts routes into the kernel routing table. Need for it in "special" setups pointed out by Loic Blot (loic.blot _AT_ unix-experience _DOT_ fr) on tech. OK benno, henning
Revision 1.56 / (download) - annotate - [select for diffs], Sun Oct 24 17:20:08 2010 UTC (13 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)
spacing and irrelevant glitches which disrupt lint
Revision 1.55 / (download) - annotate - [select for diffs], Thu Sep 2 14:03:21 2010 UTC (13 years, 9 months ago) by sobrado
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
remove trailing spaces and tabs from source code; no binary changes (verified by both sthen@ and me). ok sthen@; "just commit it" claudio@
Revision 1.54 / (download) - annotate - [select for diffs], Sun Jun 27 19:53:34 2010 UTC (13 years, 11 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.53: +4 -3 lines
Diff to previous 1.53 (colored)
Instead of specifying the control sockets on the command line have them in bgpd.conf. This allows to add/modify restricted control sockets on runtime. Feature request by a few people how often forgot to add -r path when restarting bgpd (including myself). NOTE: this removes the -s and -r arguments from bgpd so pay attention when updateing. jajaja sthen@, OK henning@
Revision 1.53 / (download) - annotate - [select for diffs], Mon May 17 15:49:29 2010 UTC (14 years ago) by claudio
Branch: MAIN
Changes since 1.52: +29 -1 lines
Diff to previous 1.52 (colored)
Last bits of MPLS VPN support. Hook kernel routing tables and RIB together. This adds a bit of new config to specify the mapping between an rdomain and the BGP MPLS VPN instance, example: rdomain 1 { descr "CUSTOMER1" rd 65003:1 import-target rt 65003:3 export-target rt 65003:1 depend on mpe0 network 192.168.224/24 } The "depend on mpe0" is a but ugly but for now this is the quickest way to figure out which interface bgp should use to insert the MPLS routes. A big side-effect of this diff is that networks are now internally distributed through kroute.c. This needs some kernel changes that will follow hopefully soon. OK henning@
Revision 1.52 / (download) - annotate - [select for diffs], Tue Dec 1 14:28:05 2009 UTC (14 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.51: +3 -9 lines
Diff to previous 1.51 (colored)
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
Revision 1.51 / (download) - annotate - [select for diffs], Mon Jan 26 23:10:02 2009 UTC (15 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)
Getting the higest IP only works if the compare is done in host byte order. Same bug as in ospfd and ospf6d. *gulp*
Revision 1.50 / (download) - annotate - [select for diffs], Sat Oct 13 16:35:20 2007 UTC (16 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3
Changes since 1.49: +1 -24 lines
Diff to previous 1.49 (colored)
in all these programs using the same pfctl-derived parse.y, re-unify the yylex implementation and the code which interacts with yylex. this also brings the future potential for include support to all of the parsers. in the future please do not silly modifications to one of these files without checking if you are de-unifying the code. checked by developers in all these areas.
Revision 1.49 / (download) - annotate - [select for diffs], Wed Jan 31 13:04:21 2007 UTC (17 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.48: +6 -6 lines
Diff to previous 1.48 (colored)
Replace another strtol() with strtonum() making the error checking easier to understand. This is modeled after bgpctl's parse_prefix function. OK henning@
Revision 1.48 / (download) - annotate - [select for diffs], Wed Mar 15 11:33:42 2006 UTC (18 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored)
Allow the control socket to be changed on the command line. Useful if you need to run multiple bgpds on a single box to simulate a IX. This helped me massivly debugging error reports. OK henning@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Jan 24 10:03:44 2006 UTC (18 years, 4 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.46: +2 -1 lines
Diff to previous 1.46 (colored)
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
Revision 1.46 / (download) - annotate - [select for diffs], Thu Jul 14 09:24:38 2005 UTC (18 years, 10 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE,
OPENBSD_3_8
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)
free commitz from pascoes kitchen. fix an error message ok henning@
Revision 1.45 / (download) - annotate - [select for diffs], Wed Mar 30 11:23:15 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.44: +70 -12 lines
Diff to previous 1.44 (colored)
bgpd used to open listeners in advance in the parent and the SE picked those it needed, closing all the others. this has some nasty races. so let the parent keep the list of listeners so it knows when it has to open a new one claudio ok, also tested by jason ackley
Revision 1.44 / (download) - annotate - [select for diffs], Mon Mar 28 14:19:56 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.43: +19 -3 lines
Diff to previous 1.43 (colored)
better diagnostics on bind() failure
Revision 1.43 / (download) - annotate - [select for diffs], Sat Mar 26 23:04:34 2005 UTC (19 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)
inet_addr("127.0.0.1") -> htonl(INADDR_LOOPBACK) Use IN_CLASSA_NET instead of hard coded 0xff000000 OK henning@
Revision 1.42 / (download) - annotate - [select for diffs], Wed Mar 23 22:26:34 2005 UTC (19 years, 2 months ago) by claudio
Branch: MAIN
Changes since 1.41: +2 -20 lines
Diff to previous 1.41 (colored)
Move the neighbor checking code from merge_config() to neighbor_consistent() where it belongs. OK henning@
Revision 1.41 / (download) - annotate - [select for diffs], Tue Mar 15 14:40:08 2005 UTC (19 years, 2 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE,
OPENBSD_3_7
Changes since 1.40: +4 -2 lines
Diff to previous 1.40 (colored)
remove listener if bind() fails. no point in having a defunct listener in the list; causes issues with upcoming changes, spotted by Jason Ackley <jason@ackley.net>, claudio ok
Revision 1.40 / (download) - annotate - [select for diffs], Fri Oct 1 15:11:12 2004 UTC (19 years, 8 months ago) by henning
Branch: MAIN
Changes since 1.39: +13 -5 lines
Diff to previous 1.39 (colored)
if we're opening a socket for a default listener because no "listen on" stetements were found in the config file, and one fails with EPROTONOSUPPORT (this is the case for the default ::1 listener on machines without INET6), remove that listener and move on instead of bailing out. ok claudio
Revision 1.39 / (download) - annotate - [select for diffs], Sun Jun 20 17:49:46 2004 UTC (19 years, 11 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE,
OPENBSD_3_6
Changes since 1.38: +49 -1 lines
Diff to previous 1.38 (colored)
implement file descriptor passing in the imsg/msgbuf framework, and use it to let the main process to prepare new listening sockets (socket() and bind()) on behalf of the session engine, which of course cannot bind() to ports < 1024 any more once it dropped privileges. with some help from theo, claudio ok
Revision 1.38 / (download) - annotate - [select for diffs], Sun Jun 6 17:38:10 2004 UTC (20 years ago) by henning
Branch: MAIN
Changes since 1.37: +15 -4 lines
Diff to previous 1.37 (colored)
rework bgpd's handling of listening sockets. instead of one for each supported address familiy, keep a tailq of an arbitary number of them. the new struct listen_addr contains the sockaddr and the fd. this fixes quite some nasty behaviour which was a consequence of the previous model. looks right deraadt@, and discussed with claudio
Revision 1.37 / (download) - annotate - [select for diffs], Fri May 21 15:36:40 2004 UTC (20 years ago) by claudio
Branch: MAIN
Changes since 1.36: +10 -1 lines
Diff to previous 1.36 (colored)
RFC 2796 bgp route reflector support. This is very useful in conjunction with templates. looks good, go for it henning@
Revision 1.36 / (download) - annotate - [select for diffs], Tue May 4 21:22:39 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.35: +1 -3 lines
Diff to previous 1.35 (colored)
remove unused var; henning ok
Revision 1.35 / (download) - annotate - [select for diffs], Tue Apr 27 04:37:53 2004 UTC (20 years, 1 month ago) by deraadt
Branch: MAIN
Changes since 1.34: +3 -2 lines
Diff to previous 1.34 (colored)
do the errno ERANGE dance around a strtol; henning ok
Revision 1.34 / (download) - annotate - [select for diffs], Wed Mar 31 10:26:34 2004 UTC (20 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.33: +1 -6 lines
Diff to previous 1.33 (colored)
it is no longer required to have local-address set with tcp md5sig, so remove the check.
Revision 1.33 / (download) - annotate - [select for diffs], Wed Mar 17 17:49:53 2004 UTC (20 years, 2 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE,
OPENBSD_3_5
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)
consistency
Revision 1.32 / (download) - annotate - [select for diffs], Tue Mar 16 18:35:30 2004 UTC (20 years, 2 months ago) by henning
Branch: MAIN
Changes since 1.31: +9 -3 lines
Diff to previous 1.31 (colored)
tcp md5sig requires that local-address is specified as well for now, so enforce it.
Revision 1.31 / (download) - annotate - [select for diffs], Wed Mar 3 10:13:48 2004 UTC (20 years, 3 months ago) by henning
Branch: MAIN
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored)
missing freeaddrinfo() From: Patrick Latifi <pat@eyeo.org> Patrick is doing an _excellent_ job in finding all these little omissions, thank you very very much!
Revision 1.30 / (download) - annotate - [select for diffs], Tue Mar 2 19:45:04 2004 UTC (20 years, 3 months ago) by henning
Branch: MAIN
Changes since 1.29: +88 -1 lines
Diff to previous 1.29 (colored)
flesh out the address and prefix parsing, include v6 code, but reject v6 upwards, claudio ok
Revision 1.29 / (download) - annotate - [select for diffs], Thu Feb 26 14:00:33 2004 UTC (20 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.28: +4 -1 lines
Diff to previous 1.28 (colored)
Implement "enforce neighbor-as yes|no" which is by default on for ebgp neighbors. While doing that check also that the nexthop is valid (not class D or E and not in 127/8 range). Kill some TODO and XXX and rename the british neighbour to neighbor as used everywhere else. OK henning@
Revision 1.28 / (download) - annotate - [select for diffs], Tue Feb 10 23:10:23 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.27: +25 -1 lines
Diff to previous 1.27 (colored)
enforce config file secrecy (correct owner, no rights for group/world) help and ok theo
Revision 1.27 / (download) - annotate - [select for diffs], Tue Feb 3 22:28:05 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.26: +1 -13 lines
Diff to previous 1.26 (colored)
replace the previous hack for the internal peer id allocator (which just used the peer's ip address as u_int32_t) by a real id allocator that tries to keep locality high. claudio ok
Revision 1.26 / (download) - annotate - [select for diffs], Sun Feb 1 19:46:05 2004 UTC (20 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.25: +4 -1 lines
Diff to previous 1.25 (colored)
Set sane default announce types according to the peer type. For IBGP use announce all and for EBGP use announce self. OK henning@
Revision 1.25 / (download) - annotate - [select for diffs], Fri Jan 30 23:24:04 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.24: +4 -1 lines
Diff to previous 1.24 (colored)
in the parse_config() -> merge_config() chain, you shall not null conf->opts that holds some of the command line opts. repairs -n.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Jan 28 17:24:38 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.23: +1 -6 lines
Diff to previous 1.23 (colored)
don't pfkey_setkey() from here, claudio markus ok
Revision 1.23 / (download) - annotate - [select for diffs], Wed Jan 28 11:03:32 2004 UTC (20 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.22: +5 -5 lines
Diff to previous 1.22 (colored)
pfkey_setkey: sockaddr -> bgpd_addr; ok claudio
Revision 1.22 / (download) - annotate - [select for diffs], Tue Jan 27 16:49:53 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)
use a struct bgpd_addr instead of sockaddr_in for peer_config->local_addr and ->remote_addr for easier multiprotocol support ok claudio@
Revision 1.21 / (download) - annotate - [select for diffs], Tue Jan 27 14:09:36 2004 UTC (20 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
use SADB_GETSPI/UPDATE for setting tcpmd5 keys; ok henning
Revision 1.20 / (download) - annotate - [select for diffs], Mon Jan 26 14:42:47 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.19: +6 -1 lines
Diff to previous 1.19 (colored)
first cut at tcpmd5 setup seupport from within bgpd. works so far. with help from hshoexer@ and markus@ ok claudio@ hshoexer@ markus@
Revision 1.19 / (download) - annotate - [select for diffs], Sat Jan 24 17:38:30 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.18: +8 -29 lines
Diff to previous 1.18 (colored)
we can use memcpy for the whole thing in merge_config now instead of copying each and every thing on its own yes, there was a reason to do it this way once, but it vanished ok claudio@
Revision 1.18 / (download) - annotate - [select for diffs], Thu Jan 22 20:34:55 2004 UTC (20 years, 4 months ago) by henning
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages. ok claudio@
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jan 7 01:15:54 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.16: +5 -24 lines
Diff to previous 1.16 (colored)
don't try to be smart after config reloads and try to detect wether a session needs a reinit for the new conf to kick in. the logic is condemned to fail, and implicitly taking sessions down is BAD. after discussion with mickey@, ok claudio@
Revision 1.16 / (download) - annotate - [select for diffs], Tue Jan 6 03:43:50 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)
2004
Revision 1.15 / (download) - annotate - [select for diffs], Sat Jan 3 20:37:34 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.14: +4 -3 lines
Diff to previous 1.14 (colored)
move some session specific stuff to session.h and make the few files that need it include that
Revision 1.14 / (download) - annotate - [select for diffs], Sat Jan 3 20:22:07 2004 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.13: +5 -12 lines
Diff to previous 1.13 (colored)
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
Revision 1.13 / (download) - annotate - [select for diffs], Fri Jan 2 22:47:33 2004 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)
whitespace
Revision 1.12 / (download) - annotate - [select for diffs], Tue Dec 30 13:03:27 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
typos from david
Revision 1.11 / (download) - annotate - [select for diffs], Sat Dec 27 18:43:36 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
style
Revision 1.10 / (download) - annotate - [select for diffs], Sat Dec 27 14:58:22 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.9: +9 -1 lines
Diff to previous 1.9 (colored)
move the fib couple/decouple to the config merge where it belongs
Revision 1.9 / (download) - annotate - [select for diffs], Fri Dec 26 20:52:14 2003 UTC (20 years, 5 months ago) by jakob
Branch: MAIN
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)
add option 'log updates' to log updates. ok henning@
Revision 1.8 / (download) - annotate - [select for diffs], Fri Dec 26 18:07:32 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
when this project started and i added the fatal() function, I made it take the error number as parameter instead of accessing errno, because in one place the error number was not in errno but fetched from a socket. now, of course it makes much more sense to just set errno to the error number just fecthed in this one place instead of having hundreds of fatal() calls all transfer the errno round and round and round... fix this, and also provide a fatalx, which does not care for errno and doesn't invoke strerror. oh, btw, in the place where we fetch the err # from the socket, we don't call fatal anymore anyway...
Revision 1.7 / (download) - annotate - [select for diffs], Thu Dec 25 17:35:53 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.6: +1 -2 lines
Diff to previous 1.6 (colored)
free where it was allocated; much easier to verify
Revision 1.6 / (download) - annotate - [select for diffs], Thu Dec 25 17:27:36 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.5: +7 -2 lines
Diff to previous 1.5 (colored)
don't leak memory THAT obvious on reconfigure
Revision 1.5 / (download) - annotate - [select for diffs], Wed Dec 24 23:48:06 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
syscalls return -1 on err so test for == -1 instead of the < 0 found in very few places, requested by theo
Revision 1.4 / (download) - annotate - [select for diffs], Wed Dec 24 13:49:21 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
add option to not touch the kernel routing table
Revision 1.3 / (download) - annotate - [select for diffs], Tue Dec 23 01:06:21 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.2: +5 -1 lines
Diff to previous 1.2 (colored)
allow the listening address to be specified, default to INADDR_ANY should make jose@ happy
Revision 1.2 / (download) - annotate - [select for diffs], Fri Dec 19 14:23:28 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
Changes since 1.1: +5 -3 lines
Diff to previous 1.1 (colored)
for our internal peer ID just use the peer's IP address for now. this collides with multiviews (which we don't have yet) and will have to be changed then, but allows us to progress much faster now. ok claudio@
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 17 11:46:54 2003 UTC (20 years, 5 months ago) by henning
Branch: MAIN
welcome, bgpd started by me some time ago with moral support from theo, the proceeded up to the point where the session engine worked correctly. claudio jeker joined then and did a lot of work in the RDE. it is not particulary usefull as application right now as parts are still missing but is imported to enable more people to work on it. status: BGP sessions get established fine, OPEN messages and then KEEPALIVEs exchanged etc. session FSM works fine; NOTIFICATIONs are handled fine, and all connection drops etc I provoked get handled fine. Incoming UPDATE messgages are parsed well and the data entered to the RIB, the decision process is not yet there, neither is outgoing UPDATEs or sync to the kernel routing table. not connected to the builds yet.