src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-08-21	undo unintentional commits	Peter Hessler

2017-08-21	When 'enforce neighbor-as no' is set, don't do a config-time check for the ↵	Peter Hessler
	neighbor-as, as it is dynamic.
2017-08-12	Add manpage update for new grouping feature '{from,to} {i,e}bgp'	job
	OK phessler@
2017-08-12	allow filter rules to be written that affect ibgp or ebgp neighbors	Peter Hessler
	discussed with henning@ OK claudio@, benno@, job@
2017-08-12	Make not yet implemented pledges more visible in grep output.	Florian Obser
	input benno, deraadt, tedu also standardize on #if 0 since it makes tedu's editor vomit. OK benno, pirofti on a previous version
2017-08-11	softreconfig in and out are on by default for ever and machines now have	Claudio Jeker
	enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
2017-08-10	Fix a comment and line length. Noted by Dennis fondras.	Sebastian Benoit
	ok benno@
2017-08-10	handle extended communities in bgpctl.	Sebastian Benoit
	From Dennis Fondras, thanks! ok phessler@
2017-08-06	Remove comma from last element since that is the terminator.	Claudio Jeker

2017-08-06	add a zeroed out element at the end of the iana_ext_comms array, so	Sebastian Benoit
	that the iteration over it actually stops. ok and feedback from florian@ phessler@ and claudio@
2017-07-26	Update MRT reference in bgpd manpage	job
	ok benno@
2017-07-26	sort;	Jason McIntyre

2017-07-26	Update reference to BGP Shutdown Communication specification	job
	ok benno@
2017-07-24	Unify ROUNDUP macros for parsing route messages.	friehm
	Use the macro from route(8) / ospf6d(8) since it works also with argument 0. OK claudio@
2017-06-27	move a global into local context; from rob pierce	Theo de Raadt

2017-06-26	let admins set an unknown well-known community	Peter Hessler
	from Job Snijders ok phessler@ benno@
2017-06-26	add support for the "graceful shutdown" well-known community as described	Peter Hessler
	in draft-ietf-grow-bgp-gshut from Job Snijders ok phessler@ benno@
2017-06-26	allow setting localpref to 0	Peter Hessler
	from Job Snijders ok phessler@ benno@
2017-05-31	Too vs To. Found by Denis Fondras openbsd (at) ledeuns (dot) net	Claudio Jeker

2017-05-31	Man page bits for ext-community which grew a few more subtypes.	Claudio Jeker
	Based on a diff from Job Snijders
2017-05-31	Oups, that should have not been committed. Revert.	Claudio Jeker

2017-05-31	Rework the way we do extended communities (mainly in the parser) and update	Claudio Jeker
	the IANA table to a somewhat more complete list. This includes BGP Prefix Origin Validation State support via the ext-community ovs keyword. OK henning@ benno@ based on a diff by Job Snijders
2017-05-30	remove extended communities that have the transitive bit set from	Sebastian Benoit
	routes announced to an ebgp peer (ref. rfc4360). While here remove the pratial flag from extended and large communities. ok claudio@
2017-05-29	change section title in bgpd.conf talking about MPLS,	Sebastian Benoit
	add a bit about working with multiple bgpds in rdomains in bgpctl. shouting from claudio@ and help from jmc@
2017-05-29	fix "depend on" when carp interface goes from MASTER into state INIT	Sebastian Benoit
	aka UNKNOWN. ok claudio@ phessler@ and henning helped along too
2017-05-29	After some consideration, revert last commit and don't abuse rde_dump_done.	Claudio Jeker
	IMSG_CTL_SHOW_RIB_PREFIX case is not using rib_dump_r and so should not use rde_dump_done, instead send the IMSG_CTL_END msg and free the ctx directly. This is easier to understand.
2017-05-29	Fix crash in IMSG_CTL_SHOW_RIB_PREFIX handling. The ctx is not added to	Claudio Jeker
	the list in that case so don't try to LIST_REMOVE it. Problem found by benno@
2017-05-29	change bgpd's control socket from /var/run/bgpd.sock to	Sebastian Benoit
	/var/run/bgpd.sock.<rdomain> in both bgpd and bgpctl. makes life easier for admins. ok phessler, claudio, henning, feedback from Job Snijders
2017-05-29	remove the file permission check for bgpd.conf	Peter Hessler
	OK deraadt@, henning@, sthen@, and everyone who has ever been annoyed
2017-05-28	Print when we send or recv an EOR marker.	Claudio Jeker
	Req by and OK benno@
2017-05-28	Introduce log_peer_info() and make log_peer_warn() log at LOG_ERR instead	Claudio Jeker
	of LOG_CRIT (which should only be used for fatal). OK benno@
2017-05-28	Close imsg pipes later in the process. The shutdown code still tires to	Claudio Jeker
	send imsgs and so the SE and RDE crashed because of this late in shutdown. OK benno@ phessler@
2017-05-28	tweak previous;	Jason McIntyre

2017-05-28	we're not hardcoded to table 0 any more	Henning Brauer

2017-05-28	so far, bgpd was hardcoded to use rtable 0 for nexthop verification.	Henning Brauer
	instead, use the rtable bgpd was started in (route -T <n> exec / rc.d daemon_rtable) for nexthop verification and as default Adj-RIB-In and Loc-RIB. This allows multiple bgpds in different rdomains on the same machine - bgp router virtualization if you like buzzwords. initial version written under contract more than a year ago, it took us a while to wrap our brains around the bgpd <-> rdomain interactions - 1) RIBs, 2) nexthop verification and 3) tcp sockets. ok & input phessler claudio benno
2017-05-28	Implement an XON/XOFF protocol between the RDE and the SE to throttle	Claudio Jeker
	per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
2017-05-27	Allow an administrator to disable the bgp loop detection algorithm,	Peter Hessler
	which is useful in very limited situations. Angry dragons and grues will hunt for you, if you use it. OK claudio@ sthen@ benno@
2017-05-27	allow only one network <prefix> statement per for the same prefix.	Sebastian Benoit
	ok florian@ phessler@
2017-05-27	bump the size of ctl rib flags	Peter Hessler
	OK claudio@
2017-05-27	this expects 2byte ASN, so use that, instead of an asn that may or may not fit	Peter Hessler
	noticed by and OK claudio@
2017-05-27	Allow OpenBGPD to selectively choose which local ASN to use per-peer.	Peter Hessler
	This is intended to be used for ASN migrations, not for permanent use. You MUST use filters to protect yourself from receiving your own routes. There be dragons and grues. OK claudio@ benno@
2017-05-27	allow us to use 'local-as' in the filter language	Peter Hessler
	"match in from any set community local-as:neighbor-as" OK claudio@
2017-05-27	fix the reference to draft-ymbk-grow-blackholing, to RFC 7999	Peter Hessler

2017-05-26	AS 0 is special and should be considered an error.	Peter Hessler
	Drop the session if it shows during OPEN or CAPA, or mark as invalid if it is part of an Update. required by RFC 7607 man page OK jmc@ OK florian@ benno@ claudio@
2017-05-26	Expand RIB names in groups	Peter Hessler
	Diff from Denis Fondras, many thanks! OK claudio@ phessler@
2017-05-26	Allow nested {} in prefix lists.	Peter Hessler
	Diff from Denis Fondras, many thanks! OK claudio@ phessler@
2017-04-18	use freezero()	Theo de Raadt

2017-03-28	For IPv6 pass prefix not nexthop as network for connected nexthops back to	Claudio Jeker
	the RDE so that the code actually works. Problem found and reported by Pier Carlo Chiodi (pierky at pierky com) OK deraadt@
2017-03-21	From a syslog perspective it does not make sense to log fatal and	Alexander Bluhm
	warn with the same severity. Switch log_warn() to LOG_ERR and keep fatal() at LOG_CRIT. OK reyk@ florian@
2017-03-02	Fix breakage of md5 authentication.	Renato Westphal
	The previous commit (rev 1.47) added a missing htonl in pfkey_send() but didn't add a corresponding ntohl in pfkey_reply(). This patch fixes this. Found the hard way by benno@, who also suggested the rename of spip to spi. OK benno@ claudio@ henning@