| Age | Commit message (Collapse) | Author |
|---|
|
Since recently the child processes call exec() after fork(), so they
should stop using _exit(2) and use exit(3) instead when shutting down.
Ok claudio@
|
|
this all logging is going via stderr to /dev/null which is not helpful.
OK deraadt@ phessler@
|
|
Instead bring the session down and wait for admin help.
OK henning@, benno@, phessler@
|
|
ok renato@ deraadt@
|
|
session.c
ok mpi@
|
|
pledging "unix".
Move control_listen up to the main process which already has
pledge("unix"). accept(2) was already allowed.
(Technically no longer necessary since listen(2) is now allowed, too,
but this moves it to the right place.)
OK claudio@, deraadt@
|
|
normal shutdown of sessions and exit. no need for fatal().
ok henning@ phessler@ florian@ happy deraadt@
|
|
imsg_ctl_rde since these function should only be used by the control
code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs
don't need to queue behind all the incoming bgp UPDATES. This speeds
up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing
this since a very long time but it seems the SE was not adjusted. Yikes
|
|
|
|
|
|
way the process moves fd's.
|
|
ok benno
|
|
OK florian@ benno@ sthen@ deraadt@
|
|
This way ASLR and stack cookies are per process.
With input from benno@ and deraadt@
OK benno@
|
|
SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
|
|
|
ok millert@
|
|
ok henning benno
|
|
the graceful restart capability. The bug is triggered when a router does not
reconnect before the graceful restart timeout fires.
This removes the checks for the CAPA_GR_FORWARD flag in the timeout and
IMSG_SESSION_RESTARTED handler.
CAPA_GR_RESTARTING is indicating that bgpd is currently doing a graceful
restart for this neighbor and therefore the SE must issue a flush of stale
routes in some way.
CAPA_GR_FORWARD on the other hand is only indicating that the neighbor
actually preserved the forwarding state which is too strict for the timeout
handler.
Tested by sthen@, florian@ and benno@
|
|
"Let msgbuf_write return -1 with errno EAGAIN. The users then must
check if this was the case and readd the event or poll again. The
current handling in the imsg code is wrong for sure."
ok gilles, benno
|
|
a IMSG_SESSION_ADD message to the RDE when a peer comes up or when a reload
happens. The IMSG_SESSION_ADD has the full current config of the peer and
so the RDE should end up with correct values. This affects mostly maxprefix
and the RIB settings. OK henning@
|
|
the session engine to actually stop logging.
Found the hard way by benno@.
with & ok benno@
input & ok claudio@
|
|
ttl on outgoing packets so peer sessions can come up correctly if both sides
use ttl-security, but the kernel side is not yet implemented so incoming
packets aren't verified (note added to manual for this). ok henning@
|
|
|
|
ignored silently and without aborting, much like EINTR and EWOULDBLOCK are.
ok's from various maintainers of these directories...
|
|
- on config reload also adjust the cloned neighbors so that they get the
config changes as well.
- clean up sessions that are 1h idle but in state active (instead of down)
- add bits to allow bgpctl to destroy cloned neighbors
Tested by sthen@ some time ago, OK phessler@
|
|
particular capability is bad, log the fact and ignore it. This may give us
a chance to bring up session that have e.g. unexpected AFI,SAFI pairs in them.
Also make the error messages more user friendly.
OK henning@, sthen@
|
|
OK sthen@, benno@, henning@
|
|
This implements only the "Restarting Client" bits of the RFC -- in other
words bgpd will keep the FIB when the client restarts but it will not do GR
when restarting itself. The capability is still off by default (you need
"announce restart yes" to enable it).
Tested by Anders Berggren. OK sthen@
|
|
running away if the setsockopt call fails, as may happen if a peer bounces
at the wrong time.
OK claudio@ after tweaks to an earlier version which was OK phessler@.
|
|
The read buffer was only processed when new data came in. So on quiet
sessions it could take minutes until the read buffer was processed at the
end of a load. Nobody realized this in the last 7.5 years.
Tested by sthen@ OK henning@
|
|
OK henning@ sthen@
|
|
|
|
days. screaming bob ok claudio
|
|
case carp(4) interfaces anymore. LINK_STATE_IS_UP() almost always does
the right job.
OK deraadt@ henning@
This needs a -current kernel or link state may be not reported correctly.
|
|
checking errs > 0 is not going to work... also make errs signed in 2 cases
triggered by Milosz Jakubowski <milosz.jakubowski at gmail.com> pointing out
a few cases, diff written from scratch to cover all of them. unsigned errs
noticed by sthen. ok claudio sthen
|
|
for NOFILE in the session engine.
OK henning, sthen@
|
|
time to consume broadcasted messages or the socket gets full and own
messages that are needed are lost. This fixes an infinit loop in
pfkey_reply that happens when bgpd tcp md5sum is used on a system that
also runs a larger IPsec setup.
OK henning, lot of patience, debuging and testing by Thomas Boernert
|
|
help to figure out the cause of flapping session faster.
OK henning@ sthen@
|
|
by using calloc(). This fixes an issue where the RDE would start up
as route-collector because uninitialized memory made the RDE switch
to that mode.
OK henning@, sthen@, phessler@
|
|
should help identifying FSM errors since the state is know known.
OK henning@ sthen@
|
|
(verified by both sthen@ and me).
ok sthen@; "just commit it" claudio@
|
|
in bgpd.conf. This allows to add/modify restricted control sockets on runtime.
Feature request by a few people how often forgot to add -r path when restarting
bgpd (including myself).
NOTE: this removes the -s and -r arguments from bgpd so pay attention when
updateing.
jajaja sthen@, OK henning@
|
|
ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE.
ok henning gilles claudio jacekm deraadt
|
|
those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1".
NOTE: nexthop verification has changed for alternate tables. For now
nexthop will only be verified against the main routing table (id 0).
Because of this "nexthop qualify via bgp" may now compare the nexthops
against bgpd routes from a different RIB.
Tested by sthen@, OK to move on by henning@
|
|
explicitly.
|
|
kroute_full structure that is AF independent and has all information in
it. Simplifies the communication between processes and reduces the number
of imsg types. This is another step to add FIB support to BGP MPLS VPNs.
|
|
a session. Just print a warning and move on since both side need to
announce a pair to use it. Found and OK sthen@
|
|
the SE. This got more important since we use the reload all the time now.
Found out the hard way and fix tested by Laurent CARON
|
|
a config reload as first step in bootup. This allows childs to start with
an empty config and a lot of special cleanup code can bite the dust.
Testing by myself and sthen@ with a few configs (more testing welcome).
Seems like a good idea henning@ & sthen@
|
