![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / bgpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.21 / (download) - annotate - [select for diffs], Tue Apr 9 12:05:07 2024 UTC (8 weeks, 4 days ago) by claudio
Branch: MAIN
CVS Tags: HEAD
Changes since 1.20: +9 -1 lines
Diff to previous 1.20 (colored)
Check that the ASPA tas array fits in an IMSG before sending the ASPA record over to RTR or the RDE. The long term goal is to increase the IMSG size considerably but that requires some additional API changes to the imsg API. OK tb@
Revision 1.20 / (download) - annotate - [select for diffs], Thu Jan 18 09:39:36 2024 UTC (4 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.19: +3 -5 lines
Diff to previous 1.19 (colored)
Fix IMSG_RECONF_ASPA handling. The rde did not expect what the rtr process was sending and hit the error path because of that. Since the encoding as two uint32_t in rtr.c is awkward use the same way that the parent is sending the aspa sets. This uses a local copy so that the included expire filed is forced to 0 (the RDE does not use that field). OK tb@
Revision 1.19 / (download) - annotate - [select for diffs], Thu Jan 4 16:38:18 2024 UTC (5 months ago) by claudio
Branch: MAIN
Changes since 1.18: +31 -31 lines
Diff to previous 1.18 (colored)
Rewrite the imsg handling using the new API functions. OK tb@
Revision 1.18 / (download) - annotate - [select for diffs], Thu Dec 14 13:52:38 2023 UTC (5 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.17: +3 -3 lines
Diff to previous 1.17 (colored)
Mostly straightforward conversion to imsg_get_fd() only the handling of the control socket needs a local variable since imsg_get_fd() can only be called once on an imsg. OK tb@
Revision 1.17 / (download) - annotate - [select for diffs], Tue Nov 7 11:18:35 2023 UTC (7 months ago) by claudio
Branch: MAIN
Changes since 1.16: +7 -7 lines
Diff to previous 1.16 (colored)
Rename struct imsgbuf *ibuf to *imsgbuf in all places. ibuf should be reserved for struct ibuf * values. OK tb@
Revision 1.16 / (download) - annotate - [select for diffs], Wed Aug 16 08:26:35 2023 UTC (9 months, 3 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.15: +8 -78 lines
Diff to previous 1.15 (colored)
Remove per-AFI ASPA handling in bgpd internals With draft-ietf-sidrops-aspa-profile-16 and draft-ietf-sidrops-aspa-verification-15 the AFI dependence of ASPA records was dropped. So remove this complication form the code. This only removes the AFI handling internally in bgpd but still allows the old syntax in aspa-set tables. The optional address family is just ignored and records are merged together. For RTR sessions draft-ietf-sidrops-8210bis has not yet been updated so right now we still handle RTR sessions as specified there. The IPv4 and IPv6 ASPA entries are handled in two trees and merged together into one AFI independent tree. This is the best we can do for now until IETF updates draft-ietf-sidrops-8210bis. OK tb@ job@
Revision 1.12.4.2 / (download) - annotate - [select for diffs], Mon May 15 09:31:14 2023 UTC (12 months, 3 weeks ago) by tb
Branch: OPENBSD_7_3
Changes since 1.12.4.1: +3 -2 lines
Diff to previous 1.12.4.1 (colored) to branchpoint 1.12 (colored) next main 1.13 (colored)
Rename 'invalid' to 'disqualified' in the 'show rib' table. 'invalid' conflicts with the 'in' keyword and the parser is not smart enough to handle this. As a secondary benefit the term 'invalid' is less overloaded. There are various reasons why prefixes are not eligible in the route decision process calling them all 'invalid' is a bit harsh. job@, tb@ and benno@ agree from claudio Properly handle references for nexthops and labels in filterset_copy() Up until recently filterset_copy() was only used in the parent process where none of those references exist but by using filterset_copy() in the RDE to populate per-peer output filters the code needs to handle such references. Without this rules like 'match to any set nexthop X' will cause internal corruption on config reloads and session resets. Bug report from Marko Cupac (marko.cupac (at) mimar.rs) OK tb@ from claudio Pass ASPA objects in reverse since this is what aspa_add_set() expects. OK tb@ from claudio Adjust bgplgd after renaming of the invalid option in bgpctl. This does not change the query string argument. We may do this at a later stage. OK tb@ from claudio This is errata/7.3/002_bgpd.patch.sig
Revision 1.15 / (download) - annotate - [select for diffs], Fri May 5 10:48:16 2023 UTC (13 months ago) by claudio
Branch: MAIN
Changes since 1.14: +3 -2 lines
Diff to previous 1.14 (colored)
Pass ASPA objects in reverse since this is what aspa_add_set() expects. OK tb@
Revision 1.12.4.1 / (download) - annotate - [select for diffs], Mon May 1 05:13:59 2023 UTC (13 months, 1 week ago) by tb
Branch: OPENBSD_7_3
Changes since 1.12: +18 -9 lines
Diff to previous 1.12 (colored)
Rework the way transit provider AID masks are built and sent to the RDE. ASPA provider AS sets can include optional limitations to inet/inet6 these limits are represented in the TAS_AID bit masks (2bits per AS). Introduce a TAS_AID_SIZE() makro that returns the size in bytes of this bit mask (rounded to the next uint32_t). Without this change aspa objects with AID specific elements trigger a fatal error condition when the config is loaded. OK tb@ job@ from claudio Fix missing whitespace in bgpd(8) output from job This is errata/7.3/001_bgpd.patch.sig
Revision 1.14 / (download) - annotate - [select for diffs], Thu Apr 20 15:44:45 2023 UTC (13 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.13: +18 -9 lines
Diff to previous 1.13 (colored)
Rework the way transit provider AID masks are built and sent to the RDE. ASPA provider AS sets can include optional limitations to inet/inet6 these limits are represented in the TAS_AID bit masks (2bits per AS). Introduce a TAS_AID_SIZE() makro that returns the size in bytes of this bit mask (rounded to the next uint32_t). Without this change aspa objects with AID specific elements trigger a fatal error condition when the config is loaded. OK tb@ job@
Revision 1.13 / (download) - annotate - [select for diffs], Tue Mar 28 12:15:23 2023 UTC (14 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.12: +19 -1 lines
Diff to previous 1.12 (colored)
Introduce a semaphore to protect intermediate state from different RTR sessions to leak into the RDE via rtr_recalc. Only run rtr_recalc when the last or only RTR session is done with the update. Run a new timer along to ensure that the semaphore is not hold forever. The timeout is currently a very generous 60sec, no RTR cache should be that slow. OK tb@
Revision 1.12 / (download) - annotate - [select for diffs], Thu Mar 9 17:21:21 2023 UTC (15 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE
Branch point for: OPENBSD_7_3
Changes since 1.11: +70 -66 lines
Diff to previous 1.11 (colored)
Implement ASPA support in RTR by following draft-ietf-sidrops-8210bis-10. In rtr.c renamed rtr_aspa_merge_set() to rtr_aspa_insert() and move it close to rtr_roa_insert(). In rtr_proto.c most complexity comes from the version negotiation. The ASPA parser is reasonably streight forward. The version negotiation is fragile but that is mostly because of the protocol specification and the fact that RTR cache daemons sometimes fail to send errors. OK tb@
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jan 20 09:54:43 2023 UTC (16 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
remove extra tab
Revision 1.10 / (download) - annotate - [select for diffs], Tue Jan 17 16:09:01 2023 UTC (16 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.9: +78 -17 lines
Diff to previous 1.9 (colored)
Add the needed logic to load the ASPA table from the rtr process into the RDE. The actual reload logic is missing to keep the diff small. OK tb@
Revision 1.9 / (download) - annotate - [select for diffs], Fri Nov 18 10:17:23 2022 UTC (18 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.8: +155 -5 lines
Diff to previous 1.8 (colored)
Add plumbing for ASPA support. This implements the parser and part of the logic in the rtr process. It does not implement the new RTR messages yet but it is possible to specify an aspa-set in the config. Also the validation code in the RDE is missing so this does not do anything. With this in it will be possible to extend rpki-client to publish an aspa-set as part of the openbgpd config file. OK tb@
Revision 1.8 / (download) - annotate - [select for diffs], Tue Oct 18 09:30:29 2022 UTC (19 months, 3 weeks ago) by job
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
Fix some spelling errors Thanks Marco D'Itri for spotting them OK claudio@
Revision 1.7 / (download) - annotate - [select for diffs], Wed Aug 31 11:25:36 2022 UTC (21 months, 1 week ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
Make sure that only one roa softreconfig runner is run at any time. If a run takes to long drop the current update and wait for the next update. OK benno@
Revision 1.6 / (download) - annotate - [select for diffs], Wed Aug 17 15:15:26 2022 UTC (21 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy(). The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
Revision 1.5 / (download) - annotate - [select for diffs], Thu Jan 20 18:06:20 2022 UTC (2 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)
Make sure that all poll loops properly restart the poll loop on EINTR. Also either fail hard or restart after other errors. In anycase do not look at pollfds after an error. OK benno@
Revision 1.4 / (download) - annotate - [select for diffs], Wed Sep 1 12:39:52 2021 UTC (2 years, 9 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.3: +44 -2 lines
Diff to previous 1.3 (colored)
Implement roa-set data expiry. Every prefix in a roa-set can specify an optional expires timestamp. The rtr process is walking the roa-set every 5min and removes every prefix that is expired. With this stale RPKI data will slowly disapear and not linger around. OK job@
Revision 1.3 / (download) - annotate - [select for diffs], Tue May 11 12:09:19 2021 UTC (3 years ago) by claudio
Branch: MAIN
Changes since 1.2: +2 -1 lines
Diff to previous 1.2 (colored)
Don't leak fd on error.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Apr 26 07:40:26 2021 UTC (3 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.1: +2 -4 lines
Diff to previous 1.1 (colored)
The time_t now is only set but never used. Noticed by gcc.
Revision 1.1 / (download) - annotate - [select for diffs], Tue Feb 16 08:29:16 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@