summaryrefslogtreecommitdiff
path: root/usr.sbin/bgpd/rde.c
AgeCommit message (Collapse)Author
2009-05-11Make bgpctl show network print both AF_INET and AF_INET6 as mentioned in theClaudio Jeker
man page. Problem found by Rod Whitworth. OK sthen@
2009-04-23Rework the way we handle announced networks. Instead of two freak rde_peersClaudio Jeker
use one that is less freaky. Merge bgpctl and config networks into one tree. First step of a larger change in the RDE and this goes now in to allow to move forward.
2009-03-18Correctly check for MRT_TABLE_DUMP_MP and don't send the config to the SE.Claudio Jeker
Make mrt table-mp dumps actually work. Found on the plane from NRT to ZRH. OK henning@
2009-03-13No need for a line break, makes code a bit more compact.Claudio Jeker
2009-03-13Next step in mrt cleanup. Switch buf_write to a smarter version of itself.Claudio Jeker
Doing more the stuff msgbuf_write does and switch the only user -- mrt -- over to use this simpler way of writing out stuff.
2009-03-13Move mrt code over to use the msgbuf way of queuing buffers instead of rollingClaudio Jeker
an own version. More cleanup to come.
2009-03-13More paranoia when parsing empty updates. Make sure they are really empty andClaudio Jeker
don't come with some additional stuff attached to them. OK henning@
2009-01-13Replace NEW_ASPATH/NEW_AGGREGATOR with the naming from RFC4893,Stuart Henderson
AS4_PATH/AS4_AGGREGATOR. No binary change. ok claudio
2008-12-28Add a ugly workaround for the problem where an invalid AS4_PATH is passedClaudio Jeker
over mulitple hops and causes bgpd to close the connection. This is what the RFC requires us to do but the result is a DoS against all OpenBGPD routers when somebody injects such a bad optional transitive attribute because the intermediate routers don't give a damn about it. As a result we now ignore such bad prefixes and don't allow them in the decision process. The handling of optional transitive attributes needs to be rethinked because all of them can be abused in such a way. Idea OK by a few + henning@, tested myself against my crappy regress test suite that needs way more work.
2008-12-12Follow RFC 4271 more closely by sending the correct error back for optionalClaudio Jeker
attributes and use the correct lenght in some other error cases. OK sthen@
2008-06-15Paranoia check. Make sure that the 2 len bytes are actually available.Claudio Jeker
Another easy M hiding in my bgp source forest.
2008-05-02Fix logic when setting the F_RIB_ELIGIBLE flag. A path with a NULL nexthopClaudio Jeker
is localy originated and so is eligible by definition. Noticed and fix tested by Christian, bsd (at) cleondra (dot) ch
2008-02-26Ignore and drop path attributes with a type code of 0 instead of sending anClaudio Jeker
error back. This increases robustness without causing any issues. The RFC does not forbid the use of 0 in the type code but it is not explicitly allowed and the type code list at IANA does not mention 0 at all. OK henning@
2007-11-27Prefixes or actually pathes that would cause a rooting loops should not beClaudio Jeker
dropped when parsed but instead be added to the RIB marked as not eligible. So the decision process does not pick them up as a valid route. Tested and some ideas by Tony Sarendal (tony (at) polarcap (dot) org)
2007-09-16log_fmt_peer() does not use a static buffer so it is necessary to free theClaudio Jeker
string that it returned later. rde_update_log() did not do that. Memory leak found and diff provided by Mike Belopuhov.
2007-06-19Ignore SIGHUP in bgpd's children to allow the use of pkill -1 bgpd forPierre-Yves Ritschard
reloading. ``yeah that is good'' henning@
2007-05-11Various spelling fixes from Stuart Henderson.Claudio Jeker
2007-04-23Make bgpd 4-byte AS compatible. All internal representations of AS numbersClaudio Jeker
are now 4-byte instead of the old 2-byte numbers. The only exception are communities because they can not be switched. The RDE will inflate and deflate the ASPATH and AGGREGATOR attributes on demand and create the NEW_ASPATH and NEW_AGGREGATOR field whenever needed. Both old and new stile sessions are supported and can be mixed. Currently new stile sessions with the 4-byte AS number capability turned on are only enabled if one of the AS numbers involved is a 4-byte one. This is based on an initial diff by Geoff Huston gih (at) apnic (dot) net Cleanup, testing and bug-fixes by myself (via AS 3.10). Currently mrt table dumps are producing incompatible output this will be fixed afterwards -- this diff is already big enough. "get it in if you think it is ready" henning@
2007-04-06Count the updates and withdraws for additional statisic gathering.Claudio Jeker
Discussed with henning@
2007-03-28add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given communityHenning Brauer
mostly from rivo nurges <rix@estpak.ee>, ok claudio
2007-03-16A few more s/2858/4760/ and use RFC <number> everywhere.Claudio Jeker
2007-03-16Update multiprotocol extension code to RFC 4760. This actually removesClaudio Jeker
a few things we actually never realy cared about. OK henning@
2007-03-12When running show commands that are restarted make sure that we eitherClaudio Jeker
have pending imsgs to send or that we reduce the poll timout to 0. This fixes hanging and extrem slow performing bgpctl show rib commands. Found by Jon Morby additional testing by Stuart Henderson. OK henning@
2007-02-22KNFHenning Brauer
2007-01-26Massiv rework of the control imsg flow. Main changes:Claudio Jeker
- dedicated pipe between the SE and the RDE for control messages - restartable RB tree dumps in the RDE - queuing limits both in the SE and RDE The result is a dramatic decrease of memory consumption on operations like bgpctl show rib. Previously all messages where first stored in the RDE then passed to the SE where they got queued in case bgpctl was not fast enough. Now only a small number of messages is generated and passed to the SE and the SE has an additional limit instead of acting like an infinite buffer. Without this the bgpd on bgpd.networx.ch would not survive a single minute. looks good henning@
2007-01-24Lock the nexthop while parsing an update by increasing the reference count.Claudio Jeker
This is needed because the nexthop is not yet linked to the aspath attributes and so a withdraw in the same update imsg could remove this nexthop which in turn causes a use after free error when the prefix is added later on. The order of parsing (attributes, withdraws, prefixes instead of withdraws, attributes, prefixes) was reversed for multiprotocol support. This should fix all strange nexthop crashes seen by various people. Tested and OK henning@
2007-01-04Do not run rde_shutdown() unless bgpd is started with -d.Claudio Jeker
On some of my systems rde_shutdown() takes more than 3min doing nothing more than calling free(3) over and over again.
2006-12-12Kill peer_remove(). This function is only used once so inline it there.Claudio Jeker
OK henning@
2006-12-08no need for KAME_SCOPEID; just check __KAME__.Jun-ichiro itojun Hagino
2006-11-10char -> u_char in a few placesHenning Brauer
apparently from Jeff Rizzo <riz@NetBSD.org> via "Thomas E. Spanjaard" <tgen@netphreax.net>, ok claudio
2006-09-19when the neighbor announced the restart capability, send the end-of-ribHenning Brauer
marker after a bulk transfer, claudio ok
2006-08-23Extend show rib interface code so that it is possible to show the adj-rib-inClaudio Jeker
and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
2006-08-22do not send the empty UPDATE message as End-of-RIB marker yet, JuniperHenning Brauer
doesn't handle it correctly. found out the hard way by me :( Note: This is a clear protocol violation by juniper. Nontheless we need to be interoperate correctly...
2006-08-14after a bulk transfer (initial or caused by route refresh request),Henning Brauer
send an "empty" UPDATE message, used as End-of-RIB marker for implementions understanding this, ignored by anything else. see draft-ietf-idr-restart-13.txt, ok claudio
2006-06-15Instead of passing three different kinds of arguments in show rib controlClaudio Jeker
request use one struct ctl_show_rib_request where all the info is encoded. OK henning@
2006-06-14Send bot nexthops (exit and true) in the bgpctl show rib cases. bgpctlClaudio Jeker
can than select which nexthop should be printed. OK henning@
2006-05-28Preload and pin nexthop used in filtersets so the are validiated when used.Claudio Jeker
This will fix problems with set nexthop on outgoing filters. Found by gluk@ OK henning@
2006-04-21attr_init() should use attrhashsize and not pathhashsize. Found via a lintClaudio Jeker
cleanup diff from deraadt@.
2006-04-12It is no longer allowed to change attributes in place. This corrupts theClaudio Jeker
attribute cache. Instead remove attribute and readd it after beeing changed. This should fix the "att_diff: equal attributes encountered" error seen by Tony Sarendal. OK henning@
2006-04-05remote_bgpid is stored in host byte order so a htonl() is needed when puttingClaudio Jeker
the value on the wire. This solves the backward originator-ids seend by Tony Sarendal. OK henning@
2006-03-22Add a new SHOW imsg to send optional attributes to bgpctl. This can be usedClaudio Jeker
to show communites in bgpctl output. Only send these messages if it they are requested to reduce the overhead for simple listings. Looks good henning@
2006-03-13Fix for PR 5052. Be more careful about the announced networks we accept.Claudio Jeker
Make sure that at least the address family and the prefix length are sane. Reported and fix tested by Pete Vickers.
2006-02-10Make it possible to turn suftreconfig in/out on or off. Default is on forClaudio Jeker
both directions. Manpage update follows. OK henning@
2006-02-02Implement new special community "neighbor-as". neighbor-as is expanded onClaudio Jeker
the fly to the remote AS of the current neighbor. This can be used to simplify rulesets in a dramatic way -- going from a script based nightmare down to a handfull rules. jajajaja henning@
2006-01-24Last bits for softreconfig in support. Now bgpd will automaticaly rei-filterClaudio Jeker
the RIB after a reload so you no longer need to clear sessions because you modified filters. Looks good henning@.
2006-01-24Check if filter changed on a per peer basis. This should speed up theClaudio Jeker
table run done later as many filter evaluations can be skipped. From the softreconfig in tree. Looks good henning@
2006-01-24Finally start using the Adj-RIB-In. The most complex part is the modificationClaudio Jeker
of path_update(). There are about 10 different ways how to update a path and some of them are tricky. Looks good henning@
2006-01-20Proactively fix prefix counters. Currently only F_LOCAL prefixes exist butClaudio Jeker
as soon as F_ORIGINAL come the counters would no longer be correct and in the end max-prefix would no longer work. Add additinal counters for F_ORIGINAL prefixes and bump the correct conter depending on the prefix flags. OK henning@
2006-01-20Don't leak a aspath in network_add(). path_update() copies the aspath soClaudio Jeker
the passed aspath needs to be freed in network_add(). OK henning@
2006-01-14Small step in supporting the Adj-RIB-In additionaly to the Local-RIB.Claudio Jeker
First step is to define two flags F_LOCAL and F_ORIGINAL. These flags are used to distinguish prefix in the Local-RIB and those in the Adj- RIB-In. Adapt prefix API and add additional checks so that no Adj-RIB- In prefixes get mistakenly selected. Currently no F_ORIGINAL prefixes are created but this may change soon. Looks good Henning.