| Age | Commit message (Collapse) | Author |
|---|
|
|
|
sessions can be configured to modify the carp demotion counter for a
given interface group (usually, "carp", which has all carp interfaces)
when the session is not established. once the session is established for
60 seconds, the demotion is cleared.
this, used correctly, can prevent a bgpd-box which lost all sessions (and
thus has no routes) to be carp master, while the backup has sessions.
thought through and partially hacked on a drive from calgary to vancouver
with ryan, ok claudio
|
|
the reload was successful or not. OK henning@
|
|
ideas that will never be included and always set to 0. Kill it.
|
|
when calculating the nexthop. Now only non BGP routes and not the default
route are used unless forced with the new config options
nexthop qualify via bgp
nexthop qualify via default
This change is required for complex setups e.g. where an additional IGP is
running. OK henning@
|
|
|
|
need to run multiple bgpds on a single box to simulate a IX. This helped
me massivly debugging error reports. OK henning@
|
|
side-effects. Revert last changes and make bgpctl reload work again.
|
|
|
|
nameley the show ones. needed for looking glass style applications,
monitoring etc. claudio ok
|
|
|
|
fd handling. Do not access poll fd in case of an error or timeout.
With and OK dlg@
|
|
(e.g. EINTR) poll() will not update the pfd array (copyout) and so the old
revents are used and results in a blocking parent process. OK dlg@
|
|
|
|
The default filter_sets are converted into match filter rules that get
evaluated first. Simplifies code massively -- mainly the config reload
part -- and makes softreconfig out a piece of cake. "get it in" henning@
|
|
|
|
|
|
network and neighbor statements and the routes are labeled accordingly.
While doing that fix some mem-leaks by introducing filterset_free() and
remove the free on send option of send_filterset().
This took a bit longer because we need to carefully track the rtlabel id
refcnts or bad things may happen on reloads.
henning@ looks fine
|
|
connected|static" so that it is possible to distinguish between IPv4 and IPv6
addresses. "network connected|static" is considered deprecated but will be
supported as an alias for "network inet connected|static" for some time (one
release) to simplify upgrades. This also solve a nasty crash when using
"network connected". OK henning@
|
|
|
|
up more. OK henning@
|
|
|
|
directly connected respectively all static routes. The list is auto-
matically adjusted as soon as a route changes.
OK henning@
|
|
those it needed, closing all the others. this has some nasty races.
so let the parent keep the list of listeners so it knows when it has
to open a new one
claudio ok, also tested by jason ackley
|
|
|
|
ok claudio henning
|
|
sets, otherwise local netyworks get withdrawn after config reload;
misbehaviour noticed by peter.galbavy@knowtion.net, claudio ok
|
|
pt out by Alexander v Gernler
|
|
it is possible to specify multiple communities. This is also the first step
to better bgpd filters. OK henning@
|
|
with this, if a neighbor is configured as dependent on carp0 for example,
the neighbor will remain in state IDLE as long as carp0 is not master.
once carp0 becomes master the session(s) depending on it immediately
go to CONNECT (or ACTIVE, if they're configured passive), reducing failover
time. claudio ok, with some input from ryan as well
|
|
on which child went away.
|
|
-kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid
-extend the original imsg_compose/_create API to take pid & fd too
-make imsg_compose do imsg_create + imsg_add + imsg_close instead of
duplicating the code
-adjust all callers to the new API
ok claudio
|
|
micskye some time ago
|
|
then call work(). ok henning@
|
|
claudio ok
|
|
save 1k per peer. OK henning@
|
|
|
|
needed as the fd is closed while beeing passed. looks good henning@
|
|
|
|
we should close
|
|
the file descriptors in RDE and parent process, not needed or used there
|
|
dumping is done. Acctually mrt dumps were broken because of the fd passing.
The nice side effect is a much cleaner code, especially in the parent process.
OK henning@
|
|
more than once
|
|
it to let the main process to prepare new listening sockets (socket() and
bind()) on behalf of the session engine, which of course cannot bind() to
ports < 1024 any more once it dropped privileges. with some help from theo,
claudio ok
|
|
supported address familiy, keep a tailq of an arbitary number of them.
the new struct listen_addr contains the sockaddr and the fd.
this fixes quite some nasty behaviour which was a consequence of the previous
model.
looks right deraadt@, and discussed with claudio
|
|
blackhole routes or to make network announcements dependent on a external
state (e.g. for carp setups) OK henning@
|
|
intended for building realtime BGP blacklists (e.g. with spamd);
ok claudio & henning
|
|
|
|
|
|
|
