| Age | Commit message (Collapse) | Author |
|---|
|
Also make sure that something is logged when a session is stopped.
Part of a bigger diff which was OK tb@
|
|
While there fix the RFC5492 handling of ERR_OPEN_CAPA (the current code
has the logic inversed). ERR_OPEN_CAPA is there to signal that a needed
capability is missing in our OPEN message. Just add the handling of
ERR_OPEN_CAPA to log_notification().
Also rework the handling of the shutdown reason and move the printing
into log_notification().
OK tb@
|
|
extra data. With this IMSG_UPDATE_ERR can use the new imsg API.
Introduce session_notification_data() for the few cases where there
is no ibuf readily available.
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
OK tb@
|
|
When a session is established determine the possible interface scope of that
session. The scope is only set when the remote address is directly connected.
This interface scope is passed to the RDE that uses this information when
link-local nexthops are received. Again checking that a link-local nexthop
is actually acceptable.
OK tb@
|
|
sessions to leak into the RDE via rtr_recalc. Only run rtr_recalc when
the last or only RTR session is done with the update. Run a new timer
along to ensure that the semaphore is not hold forever. The timeout
is currently a very generous 60sec, no RTR cache should be that slow.
OK tb@
|
|
In rtr.c renamed rtr_aspa_merge_set() to rtr_aspa_insert() and move it
close to rtr_roa_insert().
In rtr_proto.c most complexity comes from the version negotiation. The
ASPA parser is reasonably streight forward. The version negotiation is
fragile but that is mostly because of the protocol specification and the
fact that RTR cache daemons sometimes fail to send errors.
OK tb@
|
|
too conservative. Fixes and changes include:
- add role output to bgpctl, also adjust the capability output.
Note, this changes the JSON output of neighbors a bit.
- adjust the config parser to enable the RFC9234 role capability when
there is a role set. iBGP and sessions with no role will not announce
the role capability.
- adjust the role capability announcement to be only on sessions that
use either AFI IPv4 or IPv6 and SAFI 1 (AID_INET, AID_INET6).
- if there is an OPEN notification indicating that the role capability
is bad only disable the capability if it is not enforced.
- Adjust capability negotiation, store remote_role on the peer since
the neighbors role is no longer needed by the RDE.
- inject the OTC attribute on ingress only for AID_INET and AID_INET6.
For other AIDs clear the F_ATTR_OTC_LOOP flag.
- Adjust the role logic in the RDE and use the peer->role (local role of
the system) for all checks. Also remove the check if the role capability
was negotiated between peers.
- In prefix_eligible() check also if the F_ATTR_OTC_LOOP flag is set.
The RFC requires that prefixes must be considered ineligible (and not
treat as withdraw as done before)
- When generating an UPDATE include the OTC attribute unless the AID is
neither AID_INET or AID_INET6.
Fixes https://github.com/openbgpd-portable/openbgpd-portable/issues/51
Reported by Pier Carlo Chiodi
OK tb@
|
|
stat numbers, just send the peerid and have the RDE response with the
stats. The control code will then merge these counters into the real
peer struct and send that to bgpctl. This reduces the number of bytes
sent around a fair bit.
OK tb@
|
|
OK tb@
|
|
|
|
With this it is possible to send a role in the OPEN message and if that
was successful the RDE will add the new OTC attribute if necessary.
OK tb@
|
|
Instead define our own algorithm enums for the IPsec code.
OK tb@ sthen@
|
|
a few reindents.
OK florian@ tb@
|
|
This works for table-v2 formats and also for the all and update dumps.
For the latter the code needs to inspect the UPDATE message to guess if
add-path is used in that message or not. Add-path can be enabled per
AFI and alters the NLRI encoding without any way to detect.
For table dumps we decided to dump RIB_GENERIC entires the same way as
gobgp and not use the encoding from the RFC. The RFC specifies that
RIB_GENERIC (non-IPv4/v6) entries in a way that is not only different
but also against the normal codeflow. Only gobgp seems to implement
RIB_GENERIC encoding (neither bird nor frr/quagga do) and so it makes
sense to follow their way.
OK benno@
|
|
This allows to send more then 255 bytes of optional parameters. With this
it is possible to send more capabilities. bgpd will switch automatically
to the new extended lenght format if needed but by default the old 1 byte
param length encoding is used to keep compatible with old systems.
OK benno@
|
|
(RFC7313). This is the frist step toward this.
It adds the capability parsers for the two no capabilities, extends the
capability struct and adds the capability negotiation bits.
The route refresh message parser and generator are extended to support
the BoRR and EoRR message. Also add the new NOTIFICATION type and subtype
for the route refresh message.
|
|
The RTR client runs in a new process where the protocol handling is done
and when new data is available all sources are merged into one ROA set
which is then loaded into the RDE. The roa-set from the config is also
handled by the new RTR engine.
Tested by and ok job@
|
|
The problem is that this timer only looks at the receive side of the TCP
session. If for some reason the send side stalls the system fully depends
on the remote BGP peer to reset the session. As seen in an ever growing
OutQ and as a result important changes can get stalled and cause routing
troubles.
This change introduces a SEND HOLD timer. The timer is reset whenever the
session engine was able to write data to the TCP socket. If the send hold
timer expires bgpd was not able to send any data to that neighbor for at
least 90 seconds and therefor the session is forcefully closed with a hold
timer expired notification.
The send hold timer acts as a last resort to detect faulty peers. On an
idle session it can take a long time until this timer triggers but the
main goal here is to reset a stuck session at some point which did not
happen before.
With and OK job@
|
|
in other places as well.
ok procter@
|
|
Change control_dispatch_msg() to return the change of control connection
count since the return value was not used before.
Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c.
This allows to move the ctl_conns symbol to control.c (from session.h
where it caused issues when compiled with -fno-common).
OK benno@
|
|
to be more generic, then change 'reload' to take take a '[reason]' also,
which will be logged by bgpd.
ok kn claudio
|
|
sessions and vice versa) from the RDE to the SE. The SE is the right place
for this since there getsockname(2) fetches the local address and so the
alternate one can be fetched there as well.
With this the route pledge is no longer needed in the RDE and the pledge
is now just "stdio recvfd".
OK benno@
|
|
This is an easy safety switch to not leak full tables to upstreams and
peers. If the limit is hit a Cease notification is sent and the session
is closed.
This implements most of https://tools.ietf.org/html/draft-sa-idr-maxprefix-00
OK job@
|
|
not only sent errors can be reported but also received ones.
OK denis@ deraadt@
|
|
which returns clock_gettime(2) with CLOCK_MONOTONIC. While doing that
introduce last_write for symetry.
OK denis@
|
|
there is no pfkey interface and instead the loading is done via setsockopts.
To make this work correctly there are some additional functions needed when
peers get reconfigured or when new listeners show up.
OK benno@
|
|
the linux shim needs this.
|
|
getpeerbyid() gets a lot quicker at finding the peer when many peers
are configured. In my test case the difference is around 20% runtime.
OK denis@
|
|
as an argument. This way getmonotime() can be called once at the start
of looping over all peers instead of twice during the loop.
Makes a big difference with many peers.
OK florian@ sthen@
|
|
process in this process. The refreshing of the keys is done whenever the
session state is changes to state IDLE or ACTIVE. This should behave better
when reloading configs with auth changes.
OK benno@
|
|
on a peer. Just checking the peer read buffer size is not enough since
the data present could be a partial message and so the SE should sleep
until a new POLLIN event fires. Adjust the logic by adding a rpending
flag that is only set if reading the session buffer was exited early
because MSG_PROCESS_LIMIT was hit.
OK benno@
|
|
the hand-rolled list. This changes the way peers are reloaded since now
both parent and session engine are now merging the lists.
OK denis@
|
|
were missed before (e.g. network related objects). This helps to detect
memory leaks.
Start using new_config() and free_config() in all places where bgpd_config
structure are used. This way the struct is properly initialised and cleaned
up. Introduce copy_config() to only copy the values into the other struct
leaving the pointers as they were.
Looks good to benno@
|
|
instead of sockaddr_storage. This again helps protability and simplifies
some code. sa2addr now takes an optional pointer to return the port of
the sockaddr.
OK benno@
|
|
nicer since it requires less casts.
sigh deraadt@
|
|
system specific code.
|
|
length to the various functions needing it. Helps portability.
OK benno@
|
|
mpeX' config was a bit redundant. Also to make it more flexible (e.g. having
more than one mpeX interface per rdomain the syntax was changed.
To make this possible especially the network distribution logic had to be
adjusted and cleaned up. This should in general make network statements
well defined and conflicts between 'network A.B.C.D/N' and e.g. 'network static'
are handled in a well defined way ('network A.B.C.D/N' has preference).
With and OK dlg@, OK denis@
|
|
description. With this it is possible to show rib a group of peers, to show
or signal a group of peers all at once.
OK sthen@ benno@
|
|
If it is used abort startup or let a reload fail.
Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
|
but then bgpctl can quickly exit and bgpd still has to do all the work.
Instead introduce a terminate imsg to stop such long running commands if
bgpctl closes the connection before the run is over.
OK benno@, sthen@, deraadt@
|
|
walked. rib_dump_r() is now an internal function and instead the code gets
an additional callback for throttling the rib_dump code. This removes a
lot of similar code used to make sure the RDE is not walking to fast and
replaces it with simpler callbacks. The other big change is the removal
of struct rib pointers in other data structures. The rib pointers are not
stable because of a realloc() call happening when extending the array so
instead use the RIB ID as a reference.
Tested and OK denis@ and benno@
|
|
|
|
per control session and peer the generation of imsg in the RDE. This
reduces the memory pressure in the SE substantially and also a bit in
the RDE. Makes the RDE more responsive for bgpctl commands.
Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX
border router with 200+ session. Convergance time got quite a bit better.
OK phessler@
|
|
BGP state = Idle, marked down with shutdown reason "goodbye, we are
upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job
Snijders <job@ntt.net>, thank you!
OK benno@
|
|
imsg_ctl_rde since these function should only be used by the control
code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs
don't need to queue behind all the incoming bgp UPDATES. This speeds
up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing
this since a very long time but it seems the SE was not adjusted. Yikes
|
|
error codes to OPEN messages. make them "known", and show them.
OK benno@, claudio@, sthen@
|
