![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.sbin / bgpd
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.86 / (download) - annotate - [select for diffs], Wed May 29 10:34:07 2024 UTC (3 days, 23 hours ago) by claudio
Branch: MAIN
CVS Tags: HEAD
Changes since 1.85: +7 -5 lines
Diff to previous 1.85 (colored)
Introduce a ring buffer for log_sockaddr() this way log_addr() can be used more then once in a log message (e.g. log_peer_warnx + log_addr. OK henning@ sthen@
Revision 1.85 / (download) - annotate - [select for diffs], Fri Mar 22 15:41:34 2024 UTC (2 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.84: +17 -1 lines
Diff to previous 1.84 (colored)
Rework the cease shutdown reason to work in both directions by looking at the ibuf payload passed to log_notification(). Because of this move ibuf_get_string() and the log_notification() call in parse_notification(). OK tb@
Revision 1.84 / (download) - annotate - [select for diffs], Fri Mar 22 07:19:28 2024 UTC (2 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.83: +27 -1 lines
Diff to previous 1.83 (colored)
Rework parse_notification() to use the ibuf API for everything. While there fix the RFC5492 handling of ERR_OPEN_CAPA (the current code has the logic inversed). ERR_OPEN_CAPA is there to signal that a needed capability is missing in our OPEN message. Just add the handling of ERR_OPEN_CAPA to log_notification(). Also rework the handling of the shutdown reason and move the printing into log_notification(). OK tb@
Revision 1.83 / (download) - annotate - [select for diffs], Wed Mar 20 09:35:46 2024 UTC (2 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.82: +4 -4 lines
Diff to previous 1.82 (colored)
Cleanup AID handling. - Loops over all valid AID should start with AID_MIN and go up to AID_MAX - 1 e.g. for (i = AID_MIN; i < AID_MAX; i++) If for some reason AID_UNSPEC must be handled make that explicit in the for loop. - aid2afi() now returns an error for AID_UNSPEC since there is no valid AFI SAFI combo for AID_UNSPEC. - Add additional checks for AID_MIN where currently only AID_MAX was checked. This affects imsg for route refresh and graceful restart. - Simplify add-path capability handling. Only the negotiated add_path capa sets the flag for AID_UNSPEC to help code to quickly check if any add-path is active. OK tb@
Revision 1.82 / (download) - annotate - [select for diffs], Thu Feb 22 06:45:22 2024 UTC (3 months, 1 week ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.81: +7 -2 lines
Diff to previous 1.81 (colored)
Workaround for gcc3 - the use of anonymous unions now makes it complain when named initializers use fields within these anonymous unions. Hopefully a short-term bandaid until the appropriate changes are identified and backported to gcc3. ok claudio@
Revision 1.81 / (download) - annotate - [select for diffs], Fri Feb 2 16:14:51 2024 UTC (3 months, 4 weeks ago) by claudio
Branch: MAIN
Changes since 1.80: +7 -3 lines
Diff to previous 1.80 (colored)
aspath_inflate() can be called with an empty ASPATH. In this case ibuf_size(in) is 0 and the ibuf_open() fails because right now 0 sized ibufs are not allowed. Add + 1 to the size calculation as a workaround. OK tb@
Revision 1.80 / (download) - annotate - [select for diffs], Tue Jan 30 13:50:09 2024 UTC (4 months ago) by claudio
Branch: MAIN
Changes since 1.79: +154 -141 lines
Diff to previous 1.79 (colored)
Convert he ATTR_ASPATH and ATTR_AS4_PATH handlers in rde_attr_parse() to new ibuf API. Various aspath functions are modified to work better with ibufs. aspath_inflate() now only works with ibufs and is a lot simpler. aspath_verify() does all the checks using the ibuf api and therefor most length checks can be skipped. aspath_asprint() and the new internal aspath_strsize() and aspath_snprint() are totally overhauled -- including some bugs that got squashed. OK tb@
Revision 1.79 / (download) - annotate - [select for diffs], Tue Jan 23 16:13:35 2024 UTC (4 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.78: +84 -93 lines
Diff to previous 1.78 (colored)
Start converting the message parser to use the new ibuf api. Rewrite rde_update_dispatch() to use ibufs. Because of this rde_update_err(), rde_get_mp_nexthop(), nlri_get_prefix() and friends are switched to use ibufs. For rde_attr_parse() a minimal change was done for now. OK tb@
Revision 1.78 / (download) - annotate - [select for diffs], Wed Jan 10 13:31:09 2024 UTC (4 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.77: +71 -1 lines
Diff to previous 1.77 (colored)
Implement log_roa() and log_aspa() and use these functions in printconf.c OK tb@
Revision 1.77 / (download) - annotate - [select for diffs], Mon Apr 17 08:02:21 2023 UTC (13 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.76: +3 -3 lines
Diff to previous 1.76 (colored)
Implement a basic API to work with flowspec NLRI. Flowspec is excessivly flexible and large so there is no way to convert the flowspec data into a struct bgpd_addr and it is better to keep it in wireformat and add a few functions to validate and extract information from the NLRI encoding. OK tb@
Revision 1.76 / (download) - annotate - [select for diffs], Mon Apr 3 10:48:00 2023 UTC (14 months ago) by claudio
Branch: MAIN
Changes since 1.75: +4 -1 lines
Diff to previous 1.75 (colored)
Add first step of flowspec support. This adds the bits to establish a connection with SAFI 133. Right now any sent UPDATE with SAFI 133 is simply ignored. At the moment SAFI 134 (flowspec for L3VPN) is unsupported. OK tb@
Revision 1.75 / (download) - annotate - [select for diffs], Thu Mar 30 14:47:25 2023 UTC (14 months ago) by claudio
Branch: MAIN
Changes since 1.74: +10 -12 lines
Diff to previous 1.74 (colored)
Refactor extract_prefix() to first do the length checks and only then copy the data out. OK tb@
Revision 1.74 / (download) - annotate - [select for diffs], Wed Jan 4 14:33:30 2023 UTC (16 months, 4 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.73: +7 -7 lines
Diff to previous 1.73 (colored)
Add a per eBGP session role to the config. This somewhat replaces the RFC 9234 open policy role. This is done because ASPA requires the same role to be present to properly validate paths. For iBGP sessions the role is forced to ROLE_NONE. If no role is set on an ebgp session then 'announce policy' is forced to 'no'. Also make sure the the role capability is only added if the role is set. OK tb@
Revision 1.73 / (download) - annotate - [select for diffs], Wed Nov 9 14:23:53 2022 UTC (18 months, 3 weeks ago) by claudio
Branch: MAIN
Changes since 1.72: +6 -2 lines
Diff to previous 1.72 (colored)
Fix nlri parsing of L3VPN prefixes in withdrawals. L3VPN NLRI have different encoding for updates and withdraws. The withdraw carries one dummy MPLS label that needs to be skipped. The code doing that did adjust the lenght but did not skip the the label in the buffer and so the parsed prefix was off by 3 bytes. OK tb@
Revision 1.72 / (download) - annotate - [select for diffs], Mon Nov 7 11:33:24 2022 UTC (18 months, 3 weeks ago) by mbuhl
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)
Fix some spelling errors. OK claudio@
Revision 1.71 / (download) - annotate - [select for diffs], Wed Aug 17 15:15:26 2022 UTC (21 months, 2 weeks ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.70: +8 -8 lines
Diff to previous 1.70 (colored)
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy(). The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
Revision 1.70 / (download) - annotate - [select for diffs], Tue Jul 19 13:03:09 2022 UTC (22 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.69: +5 -2 lines
Diff to previous 1.69 (colored)
Do a minimal check that the passed in option is inside the ASPATH segment. Check both for negative pos and for pos bigger or equal to the segment length With and OK tb@
Revision 1.69 / (download) - annotate - [select for diffs], Tue Jun 28 05:49:05 2022 UTC (23 months ago) by tb
Branch: MAIN
Changes since 1.68: +20 -1 lines
Diff to previous 1.68 (colored)
Unbreak tree: add log_policy() implementation missing from previous commit.
Revision 1.68 / (download) - annotate - [select for diffs], Fri Jun 24 10:36:53 2022 UTC (23 months, 1 week ago) by claudio
Branch: MAIN
Changes since 1.67: +3 -3 lines
Diff to previous 1.67 (colored)
Use IN6_IS_ADDR_MC_NODELOCAL() instead of IN6_IS_ADDR_MC_INTFACELOCAL(). It seems that IN6_IS_ADDR_MC_NODELOCAL() is the official name of this nightmare and therefor more portable. OK tb@
Revision 1.67 / (download) - annotate - [select for diffs], Wed Jun 22 14:49:02 2022 UTC (23 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.66: +5 -3 lines
Diff to previous 1.66 (colored)
Sync KAME hack in log_in6addr() with route/show.c ok claudio
Revision 1.66 / (download) - annotate - [select for diffs], Sun Jun 19 10:30:10 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.65: +17 -1 lines
Diff to previous 1.65 (colored)
Implement a applymask() function that works on bgpd_addr structs. Use this function in kroute so that kroute_find and kroute6_find can switch to use struct bgpd_addr as argument. OK tb@
Revision 1.65 / (download) - annotate - [select for diffs], Fri Jun 17 09:12:06 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.64: +9 -9 lines
Diff to previous 1.64 (colored)
Adapt the KAME hack in sa2addr() to be the same as in route/show.c Also fix the function by moving the memcpy() after the embedded scope has been removed. OK tb@
Revision 1.64 / (download) - annotate - [select for diffs], Thu Jun 16 15:33:05 2022 UTC (23 months, 2 weeks ago) by claudio
Branch: MAIN
Changes since 1.63: +8 -10 lines
Diff to previous 1.63 (colored)
Remove prefixlen2mask() uasge outside of util.c. Instead use inet4applymask().
Using inet4applymask() makes the code similar to the IPv6 version.
Also switch kroute{,6}_match() to use a struct bgpd_addr * as argument.
OK tb@
Revision 1.63 / (download) - annotate - [select for diffs], Wed May 25 16:03:34 2022 UTC (2 years ago) by claudio
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
Fix non-transitive extended community handling. First of all the detection logic was totally wrong. Then filter out non-transitive extended communities when received from an ebgp peer. Also cleanup the type handling of ext-communities. Mainly to not have to handle the transitive vs non-transitive versions the type is masked with EXT_COMMUNITY_VALUE before doing the switch case for the various types. With this my test using ext-communities works. OK tb@
Revision 1.62 / (download) - annotate - [select for diffs], Sun Feb 6 09:51:19 2022 UTC (2 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.61: +80 -80 lines
Diff to previous 1.61 (colored)
Switch from u_intX_t types to stdint.h uintX_t. Mostly mechanical with a few reindents. OK florian@ tb@
Revision 1.61 / (download) - annotate - [select for diffs], Tue Feb 16 08:29:16 2021 UTC (3 years, 3 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0,
OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.60: +33 -1 lines
Diff to previous 1.60 (colored)
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
Revision 1.60 / (download) - annotate - [select for diffs], Mon Jan 25 09:15:24 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.59: +8 -2 lines
Diff to previous 1.59 (colored)
RFC6472 discourages the use of AS_SET segements in ASPATH attributes.
The main reason is that AS_SET does not play nice with RPKI ROA.
Introduce a per neighbor and global config option
'reject as-set yes' and 'reject as-set no'
If set to yes received UPDATES with AS_SET segements are rejected.
This is done the same way other ASPATH soft-errors are handled. The UPDATE
is marked invalid and all prefixes are treated as withdraws.
`bgpctl show rib in error` can be used to show prefixes that where denied
and treated as withdraws because of errors.
By default this feature is off.
OK benno@
Revision 1.59 / (download) - annotate - [select for diffs], Mon Jan 18 12:15:36 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.58: +52 -86 lines
Diff to previous 1.58 (colored)
Change struct bgpd_addr VPN encoding. Instead of including two almost equal versions put the RD and lable stack right into struct bgpd_addr. For non-VPN addresses these extra fields are ignored. Since VPN and non-VPN addresses encode the prefix in the same way now some code can be simplified. In most cases a fallthrough or reuse of encoding functions is now possible. It should also reduce the size of struct bgpd_addr a bit. OK denis@
Revision 1.58 / (download) - annotate - [select for diffs], Tue Jan 5 10:00:28 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.57: +4 -4 lines
Diff to previous 1.57 (colored)
Revert part of the last addr2sa change. When addr is NULL or AID_UNSPEC addr2sa needs to return NULL. Without this connection establishment fails because bind is called with a bad sockaddr.
Revision 1.57 / (download) - annotate - [select for diffs], Tue Jan 5 08:18:52 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.56: +28 -15 lines
Diff to previous 1.56 (colored)
Add AID_VPN_IPv[46] support to addr2sa. It only converts the address part of the VPN address into a sockaddr but it allows to use log_sockaddr for all cases of log_addr now. OK florian@
Revision 1.56 / (download) - annotate - [select for diffs], Mon Jan 4 13:40:32 2021 UTC (3 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.55: +4 -6 lines
Diff to previous 1.55 (colored)
Use log_sockaddr() in log_addr() to print a struct bgpd_addr. This way IPv6 scoped addresses will print correctly. OK tb@ florian@
Revision 1.55 / (download) - annotate - [select for diffs], Wed Oct 21 06:53:54 2020 UTC (3 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
Move tmp16 declaration into the #ifdef __KAME__ block to remove a compiler warning on non __KAME__ systems. OK deraadt@
Revision 1.54 / (download) - annotate - [select for diffs], Sun May 10 13:38:46 2020 UTC (4 years ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.53: +3 -3 lines
Diff to previous 1.53 (colored)
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]')
to be more generic, then change 'reload' to take take a '[reason]' also,
which will be logged by bgpd.
ok kn claudio
Revision 1.53 / (download) - annotate - [select for diffs], Thu Apr 23 16:13:11 2020 UTC (4 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)
Store local-address by address family. This allows to configure both an IPv4 and IPv6 local-address on a group and the neighbors bind to the right local-address. Also implement 'no local-address' to reset a previously set local address back to zero. This should help with IBGP and multihop session config and hopefully reduce repetition in bgpd configs. OK sthen@ benno@
Revision 1.52 / (download) - annotate - [select for diffs], Wed Feb 12 10:33:56 2020 UTC (4 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.51: +20 -1 lines
Diff to previous 1.51 (colored)
Move the code to figure out the alternate IP address (IPv6 addr for IPv4 sessions and vice versa) from the RDE to the SE. The SE is the right place for this since there getsockname(2) fetches the local address and so the alternate one can be fetched there as well. With this the route pledge is no longer needed in the RDE and the pledge is now just "stdio recvfd". OK benno@
Revision 1.51 / (download) - annotate - [select for diffs], Wed Jul 3 03:24:02 2019 UTC (4 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.50: +3 -3 lines
Diff to previous 1.50 (colored)
snprintf/vsnprintf return < 0 on error, rather than -1.
Revision 1.50 / (download) - annotate - [select for diffs], Mon Jun 17 13:35:43 2019 UTC (4 years, 11 months ago) by claudio
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)
Cleanup, remove some unneded spaces add some other where needed. No binary change according to clang
Revision 1.49 / (download) - annotate - [select for diffs], Wed Apr 10 15:21:54 2019 UTC (5 years, 1 month ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.48: +2 -1 lines
Diff to previous 1.48 (colored)
Include endian.h since htobe* or be*toh is used. Helps with protable. OK deraadt@
Revision 1.48 / (download) - annotate - [select for diffs], Wed Feb 27 04:31:56 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.47: +6 -2 lines
Diff to previous 1.47 (colored)
Convert the remote and local addresses in struct peer to be bgpd_addrs instead of sockaddr_storage. This again helps protability and simplifies some code. sa2addr now takes an optional pointer to return the port of the sockaddr. OK benno@
Revision 1.47 / (download) - annotate - [select for diffs], Tue Feb 26 10:49:15 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.46: +3 -3 lines
Diff to previous 1.46 (colored)
Add support for '*', local-as and neighbor-as for ext-community matching
and setting. This allows rules like:
ext-community * * # delete any ext-community
ext-community ovs * # delete any ext-community of specified type
ext-community rt 1.2.3.4:*
and
ext-community rt 65001:local-as
ext-community rt local-as:11111
Note: Sometimes the type of the ext-community is underspecified when using
wildchars or expands. So 'ext-community rt *' or 'ext-community soo *' will
match for any of the 3 possible types (2-byte AS, 4-byte AS and IP address).
If local-as/neighbor-as is used as an expand of as-number like
ext-community rt local-as:11111
then bgpd will default to the 4-byte AS type to encode the community.
OK benno@
Revision 1.46 / (download) - annotate - [select for diffs], Thu Feb 21 11:17:22 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.45: +10 -58 lines
Diff to previous 1.45 (colored)
Media and link states are highly OS dependent, to make porting easier export the interface info in a way that does not need OS specific functions to print it. Link state and media are now strings that are set by bgpd. bgpctl can just print them. Move get_linkstate and get_media_descr to kroute.c where all other system specific stuff is. OK sthen@
Revision 1.45 / (download) - annotate - [select for diffs], Mon Feb 18 12:35:08 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.44: +2 -2 lines
Diff to previous 1.44 (colored)
Use (unsigned) long long instead of (u_)int64_t since that drops the need to do casts for printf.
Revision 1.44 / (download) - annotate - [select for diffs], Mon Feb 18 09:43:57 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.43: +7 -8 lines
Diff to previous 1.43 (colored)
Do not depend on the length field of struct sockaddr instead pass the length to the various functions needing it. Helps portability. OK benno@
Revision 1.43 / (download) - annotate - [select for diffs], Fri Feb 15 09:55:21 2019 UTC (5 years, 3 months ago) by claudio
Branch: MAIN
Changes since 1.42: +6 -6 lines
Diff to previous 1.42 (colored)
Use the posix version of betoh64() which is spelled be64toh() this is more portable.
Revision 1.42 / (download) - annotate - [select for diffs], Sun Dec 30 13:53:07 2018 UTC (5 years, 5 months ago) by denis
Branch: MAIN
Changes since 1.41: +105 -4 lines
Diff to previous 1.41 (colored)
add support for IPv6 VPN routes The kernel bits are missing as of now. With input from claudio@ and kn@ OK claudio@
Revision 1.41 / (download) - annotate - [select for diffs], Tue Dec 11 09:02:14 2018 UTC (5 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.40: +1 -105 lines
Diff to previous 1.40 (colored)
Refactor aspath code a bit. Move cached source_as (for origin validation) into struct aspath and pass that struct to aspath_match(). OK denis@
Revision 1.40 / (download) - annotate - [select for diffs], Wed Sep 26 14:38:19 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.39: +4 -4 lines
Diff to previous 1.39 (colored)
Instead of checking that a segement is not of type AS_SET do the check that it is actually AS_SEQUENCE. No functional change those are the only two types bgpd supports here.
Revision 1.39 / (download) - annotate - [select for diffs], Thu Sep 20 11:45:59 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)
Split up as_set into a set_table and an as_set. The first is what does the lookup and will now also be used in roa-set tries. The as_set is glue to add the name and dirty flag. Add an accessor to get the set data so that the imsg sending and printing can be moved into the right places. This is done mainly because roa-sets need similar but slightly different versions and making the code more generic is the best way fixing this. OK benno@
Revision 1.38 / (download) - annotate - [select for diffs], Thu Sep 20 11:06:04 2018 UTC (5 years, 8 months ago) by benno
Branch: MAIN
Changes since 1.37: +3 -3 lines
Diff to previous 1.37 (colored)
whitespace cleanup, ok claudio@
Revision 1.37 / (download) - annotate - [select for diffs], Thu Sep 20 07:41:25 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.36: +5 -5 lines
Diff to previous 1.36 (colored)
Fix the empty aspath segments check. seg_size is never 0, this needs to use seg_len instead. Since seg_len is known early move the check up. Found while hunting for the other bug in aspath_verify.
Revision 1.36 / (download) - annotate - [select for diffs], Thu Sep 20 07:37:06 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.35: +4 -4 lines
Diff to previous 1.35 (colored)
Fix an out of bound read that could crash the RDE because it touched unallocated memory while looking for AS 0. Found by and debugged with Aaron A. Glenn. Thanks a lot.
Revision 1.35 / (download) - annotate - [select for diffs], Fri Sep 14 10:22:11 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)
Extend as_set to allow for different sized objects to be added. The only requirement is that the first value of the struct is a 32bit ID which is used in the bsearch. This allows to add more than just as numbers to a set. as_set_match now returns a pointer to this data or NULL if not found. OK benno@
Revision 1.34 / (download) - annotate - [select for diffs], Fri Sep 7 05:43:33 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.33: +6 -2 lines
Diff to previous 1.33 (colored)
Implement as-set a fast lookup table to be used instead of long list of AS numbers in source-as, AS and transit-as filterstatements. These table use bsearch to quickly verify if an AS is in the set or not. The filter syntax is not fully set in stone yet. OK denis@ benno@ and previously OK deraadt@
Revision 1.33 / (download) - annotate - [select for diffs], Wed Sep 5 09:49:57 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.32: +32 -14 lines
Diff to previous 1.32 (colored)
Change the way as_compare() and aspath_match() handle 'neighbor-as'. Instead of doing the condition before calling aspath_match() just pass the neighbor-as down to as_compare() which then has all needed data for the lookup. While doing this also remove one of the as fields in struct filter_as since the min/max fields can be reused for unary operations. OK denis@ phessler@
Revision 1.32 / (download) - annotate - [select for diffs], Tue Sep 4 12:00:29 2018 UTC (5 years, 8 months ago) by claudio
Branch: MAIN
Changes since 1.31: +10 -1 lines
Diff to previous 1.31 (colored)
Introduce inet4applymask() which does the same as inet6applymask() and can be used instead of doing direct fiddling around with struct in_addr. Use it in a few cases where it makes the code more similar between INET and INET6 case. OK denis@
Revision 1.31 / (download) - annotate - [select for diffs], Wed Aug 29 11:43:15 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)
When checking for AS 0 make sure the full ASPATH is validated and don't return on the first 0. The other AS_ERR_SOFT cases do the same and ensure that an ASPATH with an AS_ERR_SOFT is still valid enough for subsequent manipulation or inspection. OK benno@
Revision 1.30 / (download) - annotate - [select for diffs], Fri Aug 10 11:13:01 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.29: +10 -10 lines
Diff to previous 1.29 (colored)
Make the AS_SET handling for source-as even simpler. It is enough to only
extract the rightmost AS of a segment if the segment is not an AS_SET.
Then if we hit the final segment as will contain the last aggregator AS.
This fixes a possible issue with a path like 1 2 3 { 4 5 } { 6 7 } which
should match for source-as 3.
OK benno@
Revision 1.29 / (download) - annotate - [select for diffs], Thu Aug 9 21:12:33 2018 UTC (5 years, 9 months ago) by claudio
Branch: MAIN
Changes since 1.28: +37 -30 lines
Diff to previous 1.28 (colored)
Improve handling of source-as when an AS_SET is rightmost. In that case use the rightmost AS from the previous AS path segment. As suggested in rfc6472. Also fix a long standing bug of AS 42 >< 4242 matching 43 - 4241 instead of 1-41 and 4243 and upwards. Last but not least pass the filter_as struct to as_compare since that will make it easier to implement as-sets. OK benno@, OK job@ on a previous version
Revision 1.28 / (download) - annotate - [select for diffs], Sun Jul 22 16:52:27 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.27: +74 -1 lines
Diff to previous 1.27 (colored)
Move functions to print link status etc. to util.c so that bgpd can use them as well. OK benno@
Revision 1.27 / (download) - annotate - [select for diffs], Fri Jul 20 14:58:20 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.26: +143 -1 lines
Diff to previous 1.26 (colored)
Move the nlri_get_prefix functions to util.c so that bgpctl can use them too.
Revision 1.26 / (download) - annotate - [select for diffs], Fri Jul 13 08:18:11 2018 UTC (5 years, 10 months ago) by claudio
Branch: MAIN
Changes since 1.25: +107 -1 lines
Diff to previous 1.25 (colored)
Move aspath_verify() and aspath_inflate() into util.c so bgpctl can use them. With this it gets a bit easier to parse MRT update messages in bgpctl. OK benno@ phessler@
Revision 1.25 / (download) - annotate - [select for diffs], Wed May 31 10:44:00 2017 UTC (7 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.24: +13 -21 lines
Diff to previous 1.24 (colored)
Rework the way we do extended communities (mainly in the parser) and update the IANA table to a somewhat more complete list. This includes BGP Prefix Origin Validation State support via the ext-community ovs keyword. OK henning@ benno@ based on a diff by Job Snijders
Revision 1.24 / (download) - annotate - [select for diffs], Tue Jan 24 04:22:42 2017 UTC (7 years, 4 months ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.23: +2 -1 lines
Diff to previous 1.23 (colored)
sync log.c from relayd et al to bgpd. there is still a little difference regarding handling of the verbosity value that will be handled later. ok claudio@ florian@
Revision 1.23 / (download) - annotate - [select for diffs], Mon Jan 23 23:30:43 2017 UTC (7 years, 4 months ago) by claudio
Branch: MAIN
Changes since 1.22: +8 -6 lines
Diff to previous 1.22 (colored)
Make util.c fatal() free by allowing undefined behaviour in prefix_compare. If you pass in crap then you will not get gold back.
Revision 1.22 / (download) - annotate - [select for diffs], Fri Jan 13 18:59:12 2017 UTC (7 years, 4 months ago) by phessler
Branch: MAIN
Changes since 1.21: +11 -1 lines
Diff to previous 1.21 (colored)
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are
upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job
Snijders <job@ntt.net>, thank you!
OK benno@
Revision 1.21 / (download) - annotate - [select for diffs], Fri Jun 3 17:36:37 2016 UTC (8 years ago) by benno
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.20: +33 -18 lines
Diff to previous 1.20 (colored)
Add operators =, !=, - (range), >< (exclsive range) to the as-path filters (AS, peer-as, source-as, transit-as). Add a use case (block illegal AS numbers) to the bgpd.conf example. feedback from claudio, sthen, florian, ok florian@ phessler@
Revision 1.20 / (download) - annotate - [select for diffs], Sat Oct 24 08:00:42 2015 UTC (8 years, 7 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.19: +2 -4 lines
Diff to previous 1.19 (colored)
seg_type is only set but never used. So remove it. Someone reported this long time ago.
Revision 1.19 / (download) - annotate - [select for diffs], Tue Nov 11 08:02:09 2014 UTC (9 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.18: +4 -26 lines
Diff to previous 1.18 (colored)
Adjust aspath_strlen() since the output format changed to ASPLAIN. This should return the proper length again. OK phessler, benno
Revision 1.18 / (download) - annotate - [select for diffs], Tue Nov 11 07:15:33 2014 UTC (9 years, 6 months ago) by phessler
Branch: MAIN
Changes since 1.17: +5 -10 lines
Diff to previous 1.17 (colored)
The default output format for 32bit AS numbers has moved from AS_DOT+ to ASPLAIN. Of course, you can still input AS numbers in either format. OK henning@, claudio@, benno@, sthen@
Revision 1.17 / (download) - annotate - [select for diffs], Wed Oct 30 17:28:33 2013 UTC (10 years, 7 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6,
OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.16: +4 -4 lines
Diff to previous 1.16 (colored)
use more careful format strings to deal with various forms of AS#'s ok claudio benno
Revision 1.16 / (download) - annotate - [select for diffs], Sat Oct 19 15:04:26 2013 UTC (10 years, 7 months ago) by claudio
Branch: MAIN
Changes since 1.15: +5 -1 lines
Diff to previous 1.15 (colored)
Merge the prefix and prefixlen filter bits into one filter. Change the filter expansion so that rules are grouped by prefixes last. The RDE will then be able to optimize the rules into table lookups but that is a later step. As additional goodies it is now possible to use inet and inet6 on their own and or-longer can be used as a shorthand for prefixlen >= len. OK henning@ sthen@ florian@
Revision 1.15 / (download) - annotate - [select for diffs], Fri Sep 27 08:23:11 2013 UTC (10 years, 8 months ago) by sthen
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)
typo in macro name; no md5 change
Revision 1.14 / (download) - annotate - [select for diffs], Tue Sep 20 21:19:07 2011 UTC (12 years, 8 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3,
OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.13: +122 -1 lines
Diff to previous 1.13 (colored)
Move a few functions into util.c because bgpctl will need them soon.
Revision 1.13 / (download) - annotate - [select for diffs], Thu Nov 18 12:18:31 2010 UTC (13 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0,
OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.12: +41 -15 lines
Diff to previous 1.12 (colored)
Accept but ignore (treat as withdraw) updates with AS_CONFED_* path segments. Bgpd does not support confederations but it is too extreme to close a session because a path contained such elements. OK henning@, sthen@
Revision 1.12 / (download) - annotate - [select for diffs], Sun Oct 24 17:19:35 2010 UTC (13 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)
the subtype should be printed unsigned; ok claudio
Revision 1.11 / (download) - annotate - [select for diffs], Mon Mar 29 09:04:43 2010 UTC (14 years, 2 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.10: +39 -4 lines
Diff to previous 1.10 (colored)
Implement a log_rd() function to print the route destinguisher in a nice way. Use it for now in log_addr() to show VPN routes with a prepended RD. OK henning
Revision 1.10 / (download) - annotate - [select for diffs], Wed Jan 13 06:02:37 2010 UTC (14 years, 4 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.9: +14 -4 lines
Diff to previous 1.9 (colored)
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
Revision 1.9 / (download) - annotate - [select for diffs], Wed Dec 16 15:40:55 2009 UTC (14 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.8: +27 -1 lines
Diff to previous 1.8 (colored)
Implement "set ext-community [delete] subtype key:value" to set and delete extended communities as specified in RFC 4360. No matching implemented yet and stuff like * and neighbor-as are neither supported but will be soon. Looks good henning & sthen, manpage fixed by jmc
Revision 1.8 / (download) - annotate - [select for diffs], Tue Dec 8 14:03:40 2009 UTC (14 years, 5 months ago) by claudio
Branch: MAIN
Changes since 1.7: +9 -1 lines
Diff to previous 1.7 (colored)
Big AID change part two. This changes the mp capability into an array of flags. This makes a lot of code much easier since the comparison is now trivial. Additionally calculate the negotiated capabilities for a session in the SE and pass that and only that to the RDE. This makes the decisions in the RDE a lot easier. OK henning@
Revision 1.7 / (download) - annotate - [select for diffs], Tue Dec 1 14:28:05 2009 UTC (14 years, 6 months ago) by claudio
Branch: MAIN
Changes since 1.6: +106 -2 lines
Diff to previous 1.6 (colored)
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Jun 12 16:42:53 2009 UTC (14 years, 11 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.5: +27 -1 lines
Diff to previous 1.5 (colored)
Move prefixlen2mask and inet6applymask to util.c so that we can kill the copies in bgpctl.
Revision 1.5 / (download) - annotate - [select for diffs], Thu Nov 6 21:16:27 2008 UTC (15 years, 6 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_5_BASE,
OPENBSD_4_5
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)
Mixed up characters found by Gleydson Soares.
Revision 1.4 / (download) - annotate - [select for diffs], Mon Mar 17 20:40:04 2008 UTC (16 years, 2 months ago) by henning
Branch: MAIN
CVS Tags: OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.3: +3 -2 lines
Diff to previous 1.3 (colored)
two small bugs in printing funcs: log_as < vs <= confusion, AS 65535 printed like 4 byte AS 0.65535 aspath_strlen: omitted stripping high 16 bits of 32bit AS after dealing with the upper half From: Matthew Dempsky <matthew@dempsky.org>
Revision 1.3 / (download) - annotate - [select for diffs], Fri May 11 11:27:59 2007 UTC (17 years ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
Various spelling fixes from Stuart Henderson.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Apr 23 13:04:24 2007 UTC (17 years, 1 month ago) by claudio
Branch: MAIN
Changes since 1.1: +43 -13 lines
Diff to previous 1.1 (colored)
Make bgpd 4-byte AS compatible. All internal representations of AS numbers are now 4-byte instead of the old 2-byte numbers. The only exception are communities because they can not be switched. The RDE will inflate and deflate the ASPATH and AGGREGATOR attributes on demand and create the NEW_ASPATH and NEW_AGGREGATOR field whenever needed. Both old and new stile sessions are supported and can be mixed. Currently new stile sessions with the 4-byte AS number capability turned on are only enabled if one of the AS numbers involved is a 4-byte one. This is based on an initial diff by Geoff Huston gih (at) apnic (dot) net Cleanup, testing and bug-fixes by myself (via AS 3.10). Currently mrt table dumps are producing incompatible output this will be fixed afterwards -- this diff is already big enough. "get it in if you think it is ready" henning@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Jan 3 22:19:59 2006 UTC (18 years, 5 months ago) by claudio
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1,
OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9
Move functions shared with bgpctl into new file util.c. Simplifies the link between bgpctl and bgpd mostly because of rde_attr.c.