| Age | Commit message (Collapse) | Author |
|---|
|
4. OK henning@
|
|
version 13.
|
|
are now 4-byte instead of the old 2-byte numbers. The only exception are
communities because they can not be switched. The RDE will inflate and deflate
the ASPATH and AGGREGATOR attributes on demand and create the NEW_ASPATH and
NEW_AGGREGATOR field whenever needed. Both old and new stile sessions are
supported and can be mixed. Currently new stile sessions with the 4-byte AS
number capability turned on are only enabled if one of the AS numbers involved
is a 4-byte one.
This is based on an initial diff by Geoff Huston gih (at) apnic (dot) net
Cleanup, testing and bug-fixes by myself (via AS 3.10).
Currently mrt table dumps are producing incompatible output this will be fixed
afterwards -- this diff is already big enough.
"get it in if you think it is ready" henning@
|
|
IPV6_UNICAST_HOPS which does the same thing and does not fail.
OK henning@ found by Jon Morby
|
|
|
|
|
|
to work on INET6...
non-fatal error, so in pratice this just avoids a misleading error msg
|
|
- dedicated pipe between the SE and the RDE for control messages
- restartable RB tree dumps in the RDE
- queuing limits both in the SE and RDE
The result is a dramatic decrease of memory consumption on operations like
bgpctl show rib. Previously all messages where first stored in the RDE
then passed to the SE where they got queued in case bgpctl was not fast enough.
Now only a small number of messages is generated and passed to the SE and
the SE has an additional limit instead of acting like an infinite buffer.
Without this the bgpd on bgpd.networx.ch would not survive a single minute.
looks good henning@
|
|
|
|
they call it "Generalized TTL Security Mechanism" officially, RFC 3682.
manpage with help from jmc
|
|
state, if known by the driver. this is required to check the full
duplex state without depending on the ifmedia ioctl which can't be
called in the kernel without process context.
ok henning@, brad@
|
|
capability is enabled, not when annoucing the refresh capability is
enabled...
Alex Hunsaker <badalex@gmail.com> ran into that issue
|
|
might be NULL on realloc failure tho. all users check buffer size before
using the buffer, so this is not a problem.
makes error handling much easier. ease the capabilities code big time.
claudio ok
|
|
MSB in the first byte, not the LSB to indicate the peer must not wait
before sending us updates
|
|
to check wether a session was put in IDLE manually by the operator or
by bgpd itself as result of a fatal session error we were looking at the
wrong timer, claudio ok
|
|
draft-ietf-idr-restart. Do not announce actual restart capabilities,
so that this only serves as indicator that we are capable of sending
and receiving the End-of-RIB marker.
leave disabled for now, since the code to actually send the EoR-marker
is currently ifdef'd out (to be fixed soon) and we wanna play safe for
4.0. and juniper doesn't support that capability (which is not a problem
per se) and at the same time has its capability negotiation code completely
fucked up, if a capability is rejected they don't indicate WHICH capability
they reject (which makes that a problem, tho still a small one and we cope).
claudio ok
|
|
no surprise sending route refresh requests didn't work on my i386 routers,
i think I originally hacked & tested this on sparc64
|
|
we used to put all capability attributes into one optional attribute. this
is legal.
I recentlu observed that basically all other implementations use one
optional attribute per capability attribute. this difference might explain
why we - in some cases - saw "unsupoorted capabiliy" notifications from
neighbors without the capability in question in the data part. of course
that makes capability negotiation a little hard...
so switch us to use one optional attribute per capability as well, and
ease the code a bit while there, claudio ok
|
|
max-prefix to be restarted automagically after a given number of minutes
requested by "Sylwester S. Biernacki" <obeer@obeer.com>, manpage help jmc,
ok claudio
|
|
and at the same time there is messages from him in the socket buffer,
because we process the imsgs from the RDE (which tells us max-prefix was
reached) first, and put the session to IDLE, close connection and
deallocate buffers. if we then try to read from the socket and write to the
deallocated buffer we crash, of course. so check wether we have a buffer
before reading.
crash seen and fix tested by "Sylwester S. Biernacki" <obeer@obeer.com>
|
|
|
|
|
|
peers added at runtime
|
|
sessions can be configured to modify the carp demotion counter for a
given interface group (usually, "carp", which has all carp interfaces)
when the session is not established. once the session is established for
60 seconds, the demotion is cleared.
this, used correctly, can prevent a bgpd-box which lost all sessions (and
thus has no routes) to be carp master, while the backup has sessions.
thought through and partially hacked on a drive from calgary to vancouver
with ryan, ok claudio
|
|
(set v4 TTL/v6 hoplimit, v4 TOS), do not look at remote sockaddr's af,
since that is not set at the first connection attempt yet. instead, use
the configured remote address' af.
problem spotted & my fix tested by Leen Besselink <leen@consolejunkie.net>
|
|
detect them looking at their name, beginning with carp.
these days, we can just check for the iftype to be IFT_CARP.
wanted to do this for some time and kept forgetting. from the airplane over two
weeks ago, forgotten in a secondary tree again...
|
|
the reload was successful or not. OK henning@
|
|
control_accept should also return a unsigned int. Remove old prototype.
|
|
announced route refresh capabilities
|
|
to show communites in bgpctl output. Only send these messages if it they are
requested to reduce the overhead for simple listings. Looks good henning@
|
|
need to run multiple bgpds on a single box to simulate a IX. This helped
me massivly debugging error reports. OK henning@
|
|
structures
|
|
|
|
nameley the show ones. needed for looking glass style applications,
monitoring etc. claudio ok
|
|
|
|
|
|
equal to the size of the rest of the message and not only enforcing that
no overflow happens. Found via regress test. OK henning@
|
|
The default filter_sets are converted into match filter rules that get
evaluated first. Simplifies code massively -- mainly the config reload
part -- and makes softreconfig out a piece of cake. "get it in" henning@
|
|
started on bgpd startup but stays in IDLE. requested by claudio
|
|
we intend to reconnect. fallout from fast reconnect. misbehaviour noticed
by claudio
|
|
|
|
when a peer drops to IDLE, we have to force him in IDLE for some time to
prevent fast flapping. however, the forced idle time is annoying when the
connection could be re-established immediately, i. e. bgpctl nei $peer clear
or similar.
implement an error counter per peer, increased every time we receive a
notification. when we are in state IDLE and get a connection from the peer
in question, check if the error counter is 1 or smaller. if so, change state
to active and accept the connection, otherwise keep the current behaviour
and reject the connection.
the error counter gets scaled back by the IdleHoldResetTimer that scales the
IdleHoldTime back as well
|
|
when a new peer in initialized, the configured capailities are copied.
this copy is modified as part of the capabilities negotiation.
now if teh session drops we want to re-negotiate capabilities at the next
establishment, last not least because the configured capabilities might
have changed in between (that's how I stumbled over it, added v6 shitz)
so copy the configured capabilities over every time a session goes to
IDLE state, unless the reason is EVNT_RCVD_OPEN, because then we're in
capabilities negotiation.
|
|
all cases, since session_connect can in turn cause events that cause
state changes in the FSM that reset the ConnectRetryTimer.
debugged with Leen Besselink <leen@consolejunkie.net> who was seeing
errnously running ConnectRetryTimers in a case with localhost connections
|
|
ok claudio@, king bula sez ok
|
|
some fatal()s to fatalx(). All done by dlg@. OK henning@
|
|
|
|
zero prefixlen case (32 bit shift on 32 bit val -> undefined result)
spotted by Moritz Grimm and otto
|
|
as for other errors. Save the errno and only print a message if the errno
changed. So the log is not filled with "socket error: Connection refused"
when the peer is not yet listening on that address. OK henning@
|
|
want the session to be restarted automagically in that case.
|
