| Age | Commit message (Collapse) | Author |
|---|
|
the session engine expects and will allow to send out the config without
calling merge_config first.
OK sthen@
|
|
route evaluation is modified. In both cases the softreconfig code will
now walk the RIB and ensure that everything is in proper sync.
Additionally remove 'route-collector yes|no' from the bgpd config, instead
use 'rde rib Loc-RIB no evaluate' with the benefit that you can alter
the setting now during runtime.
Tested and OK benno@
|
|
from the OPEN message) any other use of AS 0 is forbidden. This makes
templates work again without any extra unwanted config.
OK benno@
|
|
and l3vpns instead of temporary globals. Also rework rde_reload_done to
free filters and sets earlier. The soft-reconfiguration process no longer
needs the previous filters / sets to do its work since there is a full
Adj-RIB-Out.
OK benno@
|
|
ok claudio@
|
|
make it easier to extend the rib definitions later on.
OK benno@
|
|
from the RDE. Make sure that all nexthops don't get removed in the FIB
when a FIB table is removed. This should only happen for the main FIB.
Remove F_RIB_HASNOFIB which is just confusing since there is already
F_RIB_NOFIB and F_RIB_NOFIBSYNC.
OK benno@
|
|
structures are linked does not scale for the Adj-RIB-Out and so inserts
and updates into the Adj-RIB-Out did not scale because of some linear
list traversals in hot paths.
A synthetic test with 4000 peers announcing one prefix each showed that
the initial convergence time dropped from around 1 hout to around 6min.
Note: because the Adj-RIB-Out is now per peer the order in which prefixes
are dumped in 'bgpctl show rib out' changed.
Tested and OK job@, benno@, phessler@
|
|
values and intervals. Mostly the same with the exception that peerself
is now id 1 and the first peer has id 2 -- was 0 and 1 before.
OK kn@, benno@
|
|
No binary change according to clang
|
|
attributes are put into a new data structure when parsing the UPDATE.
The filter code can quickly lookup and modify this data structure.
When creating an UPDATE the data is put back into wire format.
Setups using a lot of communities benefit a lot from this.
Input and OK benno@
|
|
Fixes adding network 0.0.0.0/0 after network inet static.
OK phessler@ benno@
|
|
getpeerbyid() gets a lot quicker at finding the peer when many peers
are configured. In my test case the difference is around 20% runtime.
OK denis@
|
|
Fixes an assertion caught in new_as_set() parsing some arouteserver config.
|
|
OK deraadt@
|
|
the hand-rolled list. This changes the way peers are reloaded since now
both parent and session engine are now merging the lists.
OK denis@
|
|
ones in session.c. Adjust printconfig a bit to only show non default values
and move mrt_mergeconfig into merge_conifg where it kind of belongs.
OK benno@
|
|
'announce inet none' should only clear AFI/SAFI pairs where the AFI is
inet.
OK benno@
|
|
were missed before (e.g. network related objects). This helps to detect
memory leaks.
Start using new_config() and free_config() in all places where bgpd_config
structure are used. This way the struct is properly initialised and cleaned
up. Introduce copy_config() to only copy the values into the other struct
leaving the pointers as they were.
Looks good to benno@
|
|
Switch also default-route to a keyword and remove the old 6.3/6.4 announce
compat code.
Reported by florian@
OK benno@
|
|
and setting. This allows rules like:
ext-community * * # delete any ext-community
ext-community ovs * # delete any ext-community of specified type
ext-community rt 1.2.3.4:*
and
ext-community rt 65001:local-as
ext-community rt local-as:11111
Note: Sometimes the type of the ext-community is underspecified when using
wildchars or expands. So 'ext-community rt *' or 'ext-community soo *' will
match for any of the 3 possible types (2-byte AS, 4-byte AS and IP address).
If local-as/neighbor-as is used as an expand of as-number like
ext-community rt local-as:11111
then bgpd will default to the 4-byte AS type to encode the community.
OK benno@
|
|
|
|
|
|
|
|
need to do casts for printf.
|
|
length to the various functions needing it. Helps portability.
OK benno@
|
|
|
|
portable.
|
|
larger types really is a range reduction...
Almost any cast to (unsigned) is a bug.
ok millert tb benno
|
|
ignore the error and move on. This helps regress tests.
|
|
mpeX' config was a bit redundant. Also to make it more flexible (e.g. having
more than one mpeX interface per rdomain the syntax was changed.
To make this possible especially the network distribution logic had to be
adjusted and cleaned up. This should in general make network statements
well defined and conflicts between 'network A.B.C.D/N' and e.g. 'network static'
are handled in a well defined way ('network A.B.C.D/N' has preference).
With and OK dlg@, OK denis@
|
|
local AS in AS paths. This is sometimes needed in bigger transport networks
where private AS numbers are used in multiple locations.
The implementation is done using a filterset which modifies the AS path -
somewhat inspired by the set attribute code. Setting as-override yes will add
match from <neighbor> set { as-override }
to the start of the filter rules. Since this is filters the Adj-RIB-In still
holds the original path and so reloads changing the setting just work.
With and OK markus@
|
|
The kernel bits are missing as of now. With input from claudio@ and kn@
OK claudio@
|
|
OK claudio@
|
|
multiple ext-communities at the same time as well. Additionally this fixes
parsing some of the ext-community types. Now all communities are handled
by one common struct.
OK benno@ plus some input from denis@
|
|
only differ in the filter sets. Since this is still rather common it is able
to reduce the number of rules by 5% on an autogenerated config.
OK job@
|
|
communities into one filter_community struct and allow it that more then
one community can be used in filter rules (currently up to 3).
Also rework the code handling bgpctl show rib commands. The special IMSG
types for the various filters are gone and the code is in general simpler.
OK job@, phessler@
|
|
is not found. Fixes crash reported by Tom Smyth.
|
|
(and other lexers too)
This commit rectifies earlier change:
in the lex... even inside quotes, a \ followed by space or tab should
expand to space or tab, and a \ followed by newline should be ignored
(as a line continuation). compatible with the needs of hoststated
(which has the most strict quoted string requirements), and ifstated
(where one commonly does line continuations in strings).
OK deraadt@, OK millert@
|
|
roa-set for RPKI based origin validation and a origin-set which allows to
lookup a source-as / prefix pair.
For RPKI a config can be built like this:
roa-set {
165.254.255.0/24 source-as 15562
193.0.0.0/21 maxlen 24 source-as 3333
}
deny from any ovs invalid
match from any ovs valid set community local-as:42
match from any ovs not-found set community local-as:43
Origin sets are similar but only match when the source-as / prefix pair is
valid.
match from any origin-set ARINDB set community local-as:44
Committing this now so that further work can be done in tree.
OK benno@, job@
|
|
ok claudio@
|
|
AS 0 and adjust yyerror message to print the right number.
With input and OK denis@
|
|
OK denis@
|
|
is now also used by roa-set. Also set the prefix operation for roa-set
items to OP_NONE since that what it actually needs to be.
|
|
This is sharing a lot of code with prefixset which makes all a bit easier.
A roa-set is defined like this:
roa-set "test2" {
1.2.3.0/24 source-as 1,
1.2.8.0/22 maxlen 24 source-as 3
}
No support for acting on this data yet.
Put it in deraadt@, OK benno@, input and OK denis@
|
|
the lookup and will now also be used in roa-set tries. The as_set is glue
to add the name and dirty flag. Add an accessor to get the set data so
that the imsg sending and printing can be moved into the right places.
This is done mainly because roa-sets need similar but slightly different
versions and making the code more generic is the best way fixing this.
OK benno@
|
|
on duplicates (which are only reported) but is needed as a preparation step
for roa-sets.
OK benno@ denis@
|
|
requirement is that the first value of the struct is a 32bit ID which is
used in the bsearch. This allows to add more than just as numbers to a
set. as_set_match now returns a pointer to this data or NULL if not found.
OK benno@
|
|
Makes all a bit nicer and as an added bonus fixes a memory leak.
OK phessler@
|
|
In the end this is just another way to specify a prefixlen range
and kind of an or-longer case with an upper limit.
So these two prefix statements are equivalent:
prefix 10.0.0.0/8 prefixlen 8 - 24
prefix 10.0.0.0/8 maxlen 24
While there also make 'prefixlen = 17' a OP_RANGE and because of that also
usable in prefix-set tables. Finally adjust printconf.c for those to
changes to print them nicely.
OK phessler@
|
