Age | Commit message (Collapse) | Author |
|
man page. Problem found by Rod Whitworth. OK sthen@
|
|
use one that is less freaky. Merge bgpctl and config networks into one tree.
First step of a larger change in the RDE and this goes now in to allow to
move forward.
|
|
Make mrt table-mp dumps actually work. Found on the plane from NRT to ZRH.
OK henning@
|
|
|
|
Doing more the stuff msgbuf_write does and switch the only user -- mrt --
over to use this simpler way of writing out stuff.
|
|
an own version. More cleanup to come.
|
|
don't come with some additional stuff attached to them.
OK henning@
|
|
AS4_PATH/AS4_AGGREGATOR. No binary change.
ok claudio
|
|
over mulitple hops and causes bgpd to close the connection. This is what
the RFC requires us to do but the result is a DoS against all OpenBGPD
routers when somebody injects such a bad optional transitive attribute
because the intermediate routers don't give a damn about it.
As a result we now ignore such bad prefixes and don't allow them in the
decision process. The handling of optional transitive attributes needs to
be rethinked because all of them can be abused in such a way.
Idea OK by a few + henning@, tested myself against my crappy regress test
suite that needs way more work.
|
|
attributes and use the correct lenght in some other error cases.
OK sthen@
|
|
Another easy M hiding in my bgp source forest.
|
|
is localy originated and so is eligible by definition.
Noticed and fix tested by Christian, bsd (at) cleondra (dot) ch
|
|
error back. This increases robustness without causing any issues. The RFC
does not forbid the use of 0 in the type code but it is not explicitly
allowed and the type code list at IANA does not mention 0 at all.
OK henning@
|
|
dropped when parsed but instead be added to the RIB marked as not eligible.
So the decision process does not pick them up as a valid route.
Tested and some ideas by Tony Sarendal (tony (at) polarcap (dot) org)
|
|
string that it returned later. rde_update_log() did not do that.
Memory leak found and diff provided by Mike Belopuhov.
|
|
reloading.
``yeah that is good'' henning@
|
|
|
|
are now 4-byte instead of the old 2-byte numbers. The only exception are
communities because they can not be switched. The RDE will inflate and deflate
the ASPATH and AGGREGATOR attributes on demand and create the NEW_ASPATH and
NEW_AGGREGATOR field whenever needed. Both old and new stile sessions are
supported and can be mixed. Currently new stile sessions with the 4-byte AS
number capability turned on are only enabled if one of the AS numbers involved
is a 4-byte one.
This is based on an initial diff by Geoff Huston gih (at) apnic (dot) net
Cleanup, testing and bug-fixes by myself (via AS 3.10).
Currently mrt table dumps are producing incompatible output this will be fixed
afterwards -- this diff is already big enough.
"get it in if you think it is ready" henning@
|
|
Discussed with henning@
|
|
mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
|
|
|
a few things we actually never realy cared about.
OK henning@
|
|
have pending imsgs to send or that we reduce the poll timout to 0. This
fixes hanging and extrem slow performing bgpctl show rib commands.
Found by Jon Morby additional testing by Stuart Henderson. OK henning@
|
|
|
|
- dedicated pipe between the SE and the RDE for control messages
- restartable RB tree dumps in the RDE
- queuing limits both in the SE and RDE
The result is a dramatic decrease of memory consumption on operations like
bgpctl show rib. Previously all messages where first stored in the RDE
then passed to the SE where they got queued in case bgpctl was not fast enough.
Now only a small number of messages is generated and passed to the SE and
the SE has an additional limit instead of acting like an infinite buffer.
Without this the bgpd on bgpd.networx.ch would not survive a single minute.
looks good henning@
|
|
This is needed because the nexthop is not yet linked to the aspath attributes
and so a withdraw in the same update imsg could remove this nexthop which in
turn causes a use after free error when the prefix is added later on.
The order of parsing (attributes, withdraws, prefixes instead of withdraws,
attributes, prefixes) was reversed for multiprotocol support.
This should fix all strange nexthop crashes seen by various people.
Tested and OK henning@
|
|
On some of my systems rde_shutdown() takes more than 3min doing nothing more
than calling free(3) over and over again.
|
|
OK henning@
|
|
|
|
apparently from Jeff Rizzo <riz@NetBSD.org> via "Thomas E. Spanjaard"
<tgen@netphreax.net>, ok claudio
|
|
marker after a bulk transfer, claudio ok
|
|
and adj-rib-out. Additionally it is now possible to limit the output to a
specified peer. OK henning@
|
|
doesn't handle it correctly. found out the hard way by me :(
Note: This is a clear protocol violation by juniper. Nontheless we need
to be interoperate correctly...
|
|
send an "empty" UPDATE message, used as End-of-RIB marker for implementions
understanding this, ignored by anything else.
see draft-ietf-idr-restart-13.txt, ok claudio
|
|
request use one struct ctl_show_rib_request where all the info is encoded.
OK henning@
|
|
can than select which nexthop should be printed. OK henning@
|
|
This will fix problems with set nexthop on outgoing filters. Found by
gluk@ OK henning@
|
|
cleanup diff from deraadt@.
|
|
attribute cache. Instead remove attribute and readd it after beeing changed.
This should fix the "att_diff: equal attributes encountered" error seen by
Tony Sarendal. OK henning@
|
|
the value on the wire. This solves the backward originator-ids seend by
Tony Sarendal. OK henning@
|
|
to show communites in bgpctl output. Only send these messages if it they are
requested to reduce the overhead for simple listings. Looks good henning@
|
|
Make sure that at least the address family and the prefix length are sane.
Reported and fix tested by Pete Vickers.
|
|
both directions. Manpage update follows. OK henning@
|
|
the fly to the remote AS of the current neighbor. This can be used to
simplify rulesets in a dramatic way -- going from a script based nightmare
down to a handfull rules. jajajaja henning@
|
|
the RIB after a reload so you no longer need to clear sessions because you
modified filters. Looks good henning@.
|
|
table run done later as many filter evaluations can be skipped.
From the softreconfig in tree. Looks good henning@
|
|
of path_update(). There are about 10 different ways how to update a path and
some of them are tricky. Looks good henning@
|
|
as soon as F_ORIGINAL come the counters would no longer be correct and in the
end max-prefix would no longer work. Add additinal counters for F_ORIGINAL
prefixes and bump the correct conter depending on the prefix flags.
OK henning@
|
|
the passed aspath needs to be freed in network_add(). OK henning@
|
|
First step is to define two flags F_LOCAL and F_ORIGINAL. These flags
are used to distinguish prefix in the Local-RIB and those in the Adj-
RIB-In. Adapt prefix API and add additional checks so that no Adj-RIB-
In prefixes get mistakenly selected. Currently no F_ORIGINAL prefixes
are created but this may change soon. Looks good Henning.
|