| Age | Commit message (Collapse) | Author |
|---|
|
Minor bump for libutil.
Previous versions of this diff and man page looked at by various people.
"you should just commit" deraadt
|
|
ibuf, buf_read to ibuf_read, READ_BUF_SIZE to IBUF_READ_SIZE.
ok henning gilles claudio jacekm deraadt
|
|
more readable, and fixes a spacing bug we had in smtpd.8;
|
|
have MPLS information connected to them and the kernel requires the flag now.
OK michele@
|
|
the old RIB and then via softreconfig in and a special softreconfig out loading
the new RIB.
Feature requested and testeded by Elisa Jasinska.
OK henning@
|
|
Only existing tables should keep their fib sync state, new ones should set
the current fib sync flag to the configured one at the end of the config
load. Found the hard way by sthen@, OK sthen@
|
|
|
|
the length of an AS path (matches if the path is longer then the specified
lenght) the second matches when a sequence of the same AS number is longer
then the specified length).
max-as-len is good to protect crappy comercial bgp boxes from other crappy
comercial bgp boxes. max-as-seq was a feature request from SwissIX and maybe
EuroIX to find and filter prepends.
Additinal testing and OK sthen@
|
|
This adds a bit of new config to specify the mapping between an rdomain and
the BGP MPLS VPN instance, example:
rdomain 1 {
descr "CUSTOMER1"
rd 65003:1
import-target rt 65003:3
export-target rt 65003:1
depend on mpe0
network 192.168.224/24
}
The "depend on mpe0" is a but ugly but for now this is the quickest way to
figure out which interface bgp should use to insert the MPLS routes.
A big side-effect of this diff is that networks are now internally
distributed through kroute.c.
This needs some kernel changes that will follow hopefully soon.
OK henning@
|
|
into play. Check the AID and use 32 or 128 based on the address family.
Now bgpctl show rib <IPv6 addr> works like in the IPv4 case.
Bug reported and fix made during yesterday's Swinog BE#85
|
|
extended rde rib syntax).
OK sthen
|
|
those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1".
NOTE: nexthop verification has changed for alternate tables. For now
nexthop will only be verified against the main routing table (id 0).
Because of this "nexthop qualify via bgp" may now compare the nexthops
against bgpd routes from a different RIB.
Tested by sthen@, OK to move on by henning@
|
|
match from any source-as neighbor-as set localpref 1000
OK henning@
|
|
ok eric
|
|
other blocks in this function.
|
|
cleanup loop to parse.y where it belongs.
OK henning@
|
|
|
|
extension) we need to switch between _AS4 and non _AS4 types. The
non _AS4 mrt types are totaly confused by 4-byte AS_PATH attributes since
they expect 2-byte ones (and vice versa).
Problem found and fix tested by Xiaoliang Zhao (xzhao at cernet edu cn).
|
|
The _AS4 types where reversed and the local types are missing even though
I'm not sure if bgpd will ever support them.
|
|
in prefix_destroy() but there is another caller of prefix_unlink() which
missed the rib_remove() resulting in tree corruption and possible crashes.
Doing the remove in prefix_unlink() is better since we do the same with the
prefix and rib & prefix are linked. Fix some comments to match code and
remove double call to pt_empty()/pt_remove().
Found while hacking on something else.
|
|
explicitly.
|
|
kroute_full structure that is AF independent and has all information in
it. Simplifies the communication between processes and reduces the number
of imsg types. This is another step to add FIB support to BGP MPLS VPNs.
|
|
If this happens the imsg may no longer be usable as there may be queued
messages, but this is a) already the case with the code now, and b)
would be the case if recvmsg() fails anyway, so we can document that -1
from imsg_read() invalidates the struct imsgbuf.
discussed with and ok eric
|
|
to be changed before calling nexthop_delete() or the nexthop will not be
correclty removed in the unlikly event when all aspathes move to a different
nexthop while the lookup happens.
sthen@ agrees with the logic.
|
|
struct kroute or kroute6 pack the needed info into a struct bgpd_addr.
No flames comming out of my and sthen@'s bgpd routers.
|
|
static and network inet connected a long time ago. It is time to remove
the old compat code.
|
|
be there. network X set nexthop Y failed because of this.
|
|
the prototype to rde.h
|
|
filter list head. It is only used temporary in reconfigure().
OK henning
|
|
fixed id allocation. Makes code simpler.
OK henning
|
|
way. Use it for now in log_addr() to show VPN routes with a prepended RD.
OK henning
|
|
|
|
we may actually hit the end of the tree (at least in theory).
|
|
work but that's already better then nothing. OK sthen@
|
|
|
|
NEW is now REINIT, ACTIVE is KEEP and DELETE and NONE stay the same.
|
|
|
|
right flags when protecting the IPv6 loopback addr (instead of reassigning
the IPv4 ones) and install the IPv4 loopback blocker as 127/8 and not as
127.0.0.1/8. First two found by Hiroki Sato hrs (at) allbsd org and I found
the 127/8 issue all by myself.
|
|
in these cases, is useless anyway.
Found by and fixing the build with mandoc;
still fine with both old and new groff.
ok jmc@
|
|
|
|
a session. Just print a warning and move on since both side need to
announce a pair to use it. Found and OK sthen@
|
|
ignored. Found and fix tested by Elisa Jasinska.
|
|
no-modify are not supported for MP protocols like IPv6. Add support for
those and while testing find another bug in the same region. Inverse the
check for the return value of memcmp() -- we're interested in equality.
Until now IPv6 was running with an implicit set nexthop self on all iBGP
sessions. Oups. set nexthop stuff is OK when tested henning@ and sthen@
|
|
This will allow AID_VPN_IPv4 to do EoRs as well.
|
|
because of that either the IPv4 or IPv6 local address was not set. Because
of this prefixes were sent out with all zero nexthops.
|
|
|
|
that it is possible to use OpenBGPD as a route-reflector for VPNv4.
Some clean up of the BGP MP code so that multiple protocols are easier
supported. kroute/kernel support not yet done but comming.
OK henning@, reyk@
|
|
conf.listen_addr is actually valid before deref.
|
|
lookahead in the parser
ok henning
|
|
prefixlen that is not a multiple of 8. Found while reading the RFC.
OK henning@
|
