| Age | Commit message (Collapse) | Author |
|---|
|
semicolon-seperated line, so that grep and such can operate easier;
then use tr ';' '\n' to convert it to normal form later. This helps
with scanning vast swathes of routes..
ok benno claudio job
|
|
discussed with henning@
OK claudio@, benno@, job@
|
|
enough memory that it does not make sense to provide these knobs anymore.
They just make the code more complex for no much gain.
OK phessler@, benno@
|
|
From Dennis Fondras, thanks!
ok phessler@
|
|
|
|
that the iteration over it actually stops.
ok and feedback from florian@ phessler@ and claudio@
|
|
in draft-ietf-grow-bgp-gshut
from Job Snijders
ok phessler@ benno@
|
|
the IANA table to a somewhat more complete list. This includes BGP Prefix
Origin Validation State support via the ext-community ovs keyword.
OK henning@ benno@ based on a diff by Job Snijders
|
|
of LOG_CRIT (which should only be used for fatal).
OK benno@
|
|
instead, use the rtable bgpd was started in (route -T <n> exec / rc.d
daemon_rtable) for nexthop verification and as default Adj-RIB-In and
Loc-RIB. This allows multiple bgpds in different rdomains on the same
machine - bgp router virtualization if you like buzzwords.
initial version written under contract more than a year ago, it took us
a while to wrap our brains around the bgpd <-> rdomain interactions -
1) RIBs, 2) nexthop verification and 3) tcp sockets.
ok & input phessler claudio benno
|
|
per control session and peer the generation of imsg in the RDE. This
reduces the memory pressure in the SE substantially and also a bit in
the RDE. Makes the RDE more responsive for bgpctl commands.
Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX
border router with 200+ session. Convergance time got quite a bit better.
OK phessler@
|
|
which is useful in very limited situations.
Angry dragons and grues will hunt for you, if you use it.
OK claudio@ sthen@ benno@
|
|
OK claudio@
|
|
"match in from any set community local-as:neighbor-as"
OK claudio@
|
|
|
|
|
|
there is still a little difference regarding handling of the verbosity
value that will be handled later.
ok claudio@ florian@
|
|
BGP state = Idle, marked down with shutdown reason "goodbye, we are
upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job
Snijders <job@ntt.net>, thank you!
OK benno@
|
|
Joint work with Job Snijders, many thanks!
OK benno@ deraadt@
|
|
OK henning@ benno@
|
|
move daemon-local functions into new logmsg.c, and reduce
the (mostly whitespace) differences so that log.c's can be diffed easily.
ok claudio@, feedback from henning@, deraadt@, reyk@
|
|
session.c
ok mpi@
|
|
filters (AS, peer-as, source-as, transit-as).
Add a use case (block illegal AS numbers) to the bgpd.conf example.
feedback from claudio, sthen, florian,
ok florian@ phessler@
|
|
steps (and uses much of the same code).
In a torture test of ~600k prefix filters and 65k prefixes, convergance
time goes from 35 minutes to 30 seconds.
Many thanks to LONAP for providing a base configuration for torture
testing.
many discussions with claudio@, benno@, sthen@ and the rest of the bgpd crowd
OK sthen@ benno@
|
|
every single AS on the planet: the blackhole
OK benno@, claudio@, sthen@
|
|
applied to a group, also let us disable logging on a sub-member of the
group. Very handy for debugging naughty peers on a router with multiple
peers.
OK benno@
|
|
And rename struct kif's media_type to if_type to avoid confusion with
ifmedia's media type. Same rename in other daemons will follow.
ok claudio henning benno
|
|
This way ASLR and stack cookies are per process.
With input from benno@ and deraadt@
OK benno@
|
|
calls to aid in debugging
henning@ "makes sense to me", sthen@ "yes please", ok phessler@
|
|
This is the next step to better split parsing and merging the config.
OK benno@
|
|
...
allow from AS 1 prefix 192.0.2.0/24
...
Also adjust the IRR ruleset output to include the declared peer AS,
instead of hoping they listed their neighbor IP address!
OK benno@
older version OK: claudio@ henning@
|
|
of the RDE to free the filterlists. Also refactor common code to merge
filterlists into its own function. Makes the code look nicer.
|
|
into a own flag field since these can't be modified via a config reload.
OK henning@ benno@ before lock
|
|
format string, create a temporary message.
OK benno@ doug@ claudio@
|
|
routing table. Need for it in "special" setups pointed out by
Loic Blot (loic.blot _AT_ unix-experience _DOT_ fr) on tech.
OK benno, henning
|
|
filter expansion so that rules are grouped by prefixes last. The RDE will
then be able to optimize the rules into table lookups but that is a later
step. As additional goodies it is now possible to use inet and inet6
on their own and or-longer can be used as a shorthand for prefixlen >= len.
OK henning@ sthen@ florian@
|
|
|
|
This is the first step to make bgpd reload non blocking in the RDE.
It also speeds up the reload time a fair bit in some cases (mainly if
you run with multiple RIBs and have larger filtersets) and it should also
fix a few edge cases on reloads.
Testing done by benno@, florian@ and sthen@ OK henning@ and benno@
|
|
don't need to scale to 64 bits in this universe.
ok claudio@ & florian@
|
|
- on config reload also adjust the cloned neighbors so that they get the
config changes as well.
- clean up sessions that are 1h idle but in state active (instead of down)
- add bits to allow bgpctl to destroy cloned neighbors
Tested by sthen@ some time ago, OK phessler@
|
|
32 chars. Allow bgpd to use these newfangled longer names.
OK sthen@
|
|
like: allow from any nexthop neighbor (to allow only prefixes that use the
routers IP address as nexthop). Lots of testing, input and OK florian@
|
|
OK sthen@ henning@
|
|
OK sthen@, benno@, henning@
|
|
This implements only the "Restarting Client" bits of the RFC -- in other
words bgpd will keep the FIB when the client restarts but it will not do GR
when restarting itself. The capability is still off by default (you need
"announce restart yes" to enable it).
Tested by Anders Berggren. OK sthen@
|
|
In the end this will allow anyone to use MRT table dumps to load prefixes
into a bgpd instance. For example you can download the RIPE dumps and load
full-feeds onto your laptop until the poor thing dies.
OK henning@ sthen@
|
|
OK henning@ sthen@
|
|
Requested and OK deraadt@, OK henning@
|
|
|
|
struct ctl_show_rib since bgpctl does not look at them at all.
|
