| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
The benefits of this include:
* clean up of the ldpd global namespace;
* improved readability;
* more hints to the compiler/linker to generate more efficient code.
Whenever possible, move global static variables to a smaller scope
(function).
All extern variables are now declared in header files to avoid unnecessary
duplication.
This patch also cleans up the indentation of all function prototypes
and global variables.
|
|
This includes:
* Full compliance to RFC 7552;
* Support for MD5 on LDPov6 sessions;
* Support for pseudowires over IPv6 LSPs (we're probably the world's
first implementation doing this);
* Support for the IPv6 explicit-null label;
* Knob to specify the prefered address-family for TCP transport
connections;
* Knob to use cisco non-compliant format to send and interpret the
Dual-Stack capability TLV.
|
|
Nothing really interesting here.
|
|
|
|
|
|
|
|
If we lose a route and all of its associated labels, then there's no
point on keeping an entry for it in the LIB.
|
|
Whenever we lose a route, unset the local label. If the same route is
learned again later, allocate a new label for it. No need to be economic
with labels, it's not worth the added complexity.
|
|
This allows ldpd to start on a system without any IP address and bind
to the transport-address successfully. Without this patch, we'd need to
monitor the new addresses from the kernel and create the network sockets
only when the transport-address is available in the system.
|
|
Now ldpd can start without a router-id, since it can be set later. Since
a router-id of 0.0.0.0 is invalid, interfaces and targeted-neighbors
will check for a valid router-id in order to be activated.
When the router-id is changed, all the neighborships are reset.
|
|
|
|
When removing a configured pseudowire, we remove the associated tnbr
in ldpe_l2vpn_pw_exit(). So, when a new pseudowire is configured, it
makes sense to create its tnbr in ldpe_l2vpn_pw_init() to keep things
consistent.
|
|
|
|
We drop our privileges in ldpe right after we create the network sockets.
The problem is that we might want to change the transport-address and
reload the config, in which case we need new sockets. To allow that,
always create the network sockets in the parent process and pass them
to ldpe via imsg.
|
|
|
|
|
|
Copying by straight assignment is shorter, easier to read and has a
higher level of abstraction. We'll only avoid it when copying from an
unaligned source (e.g., network buffers).
In addition, copy in_addr structs directly.
|
|
Right now we use three network sockets in ldpd:
* the discovery socket (udp+mcast);
* the extended discovery socket (udp);
* the session socket (tcp).
When we introduce IPv6 support, we'll get three more sockets. In order
to prevent code duplication in the future, add a specialized function
that creates a socket according to the given type (and address-family
later). This also improves readability because it makes it easier to
see the differences between each socket.
|
|
I screwed up everything... trying to fix now.
|
|
IPv6 support is coming and we don't want to pollute the interface.c file
with too many of these helper functions.
Also, rename these functions from if_set_* to sock_set_*.
|
|
|
|
|
|
The F_MAP_PW_ID flag is only set for PW-ID mappings, which means that we
were ignoring all label withdraws and label releases for non PW-ID FECs.
|
|
During the setup of a pseudowire, it might change its parameters
(e.g. control-word) once the negotiation with the remote peer is done.
|
|
|
|
|
|
Immediately return from this function if the given list of mappings
is empty. This way we have more freedom when sending label messages,
not having to care with corner cases.
|
|
In addition to label mappings, wildcard group PW-ID FECs are invalid in
label requests and label abort requests too.
|
|
clear_config() is called when the parser fails (at startup or config
reload). While cleaning up the allocated memory, the parser should not
log anything, after all the daemon's running configuration is untouched.
So, in this case, we se should clear the partial config by hand and
avoid functions like if_del().
|
|
While here, add a comment about ECMP and pseudowires.
|
|
There's no point on keeping in the config something that can not be used,
it just adds unnecessary complexity. Also, it's better to warn the user
that there's something wrong rather than play nice and ignore the problem.
|
|
* Define a new constant for the default pseudowire type;
* On l2vpn_new(), initialize the l2vpn lists with LIST_NEW (cosmetic
because the struct was calloc'ed);
* Add a const qualifier to the second parameter of l2vpn_find();
* Remove l2vpn_if_del() and use just free() instead.
|
|
|
|
|
|
Unlink these structures inside their own delete function rather than from
the outside.
|
|
|
|
|
|
We were using several different names for the same thing in our log
messages: neighbor, neighbor ID, nbr ID and LSR ID.
Standardize to always use "lsr-id" to refer to a neighbor.
Also:
* Use log_warnx() instead of log_warn() when appropriate;
* Use fatal(x) instead of err(x) when appropriate;
* Fix some inconsistent log messages.
|
|
With the advent of IPv6 support, a single neighbor can have two different
transport-addresses: one for ipv4 and one for ipv6. In order to define
neighbor-specific parameters in an indistinguishable way, define them
by lsr-id. This way we can switch between LDPov4 and LDPov6 and keep
the same configuration.
|
|
The logic of the previous code was to accept all TCP connection requests
(destined to port 646) and create a tcp_conn structure for each them. Once
the first packet of a connection was received, we would analyze the
LDP Initialization message and identify its origin by looking at the
LSR-ID field.
When parsing a received TCP packet, we would need to distinguish between
two cases: tcp packet from an LDP neighbor and tcp packet from a newborn
connection (not associated with any neighbor yet). For this reason,
the session_read() function was quite complicated.
Also, we were not keeping track of the allocated tcp_conn structures. So,
we were subject to memory leaks and even DOS attacks.
With this patch, we also accept all TCP connection requests, but with two
major differences:
* We identify the neighbor by the source address of the SYN
packet. This is possible because we don't support label spaces, so
the transport-address by itself is enough to identify a neighbor,
we don't need to wait for the Initialization message;
* If there's no matching adjacency for this neighbor, then we start a
timer of 5 seconds. If we receive a Hello packet from this neighbor
within this interval, then we stop this timer and move on in
the Initialization state machine. Otherwise, we send a No Hello
Notification message and close the socket. We try to avoid sending
the No Hello notification as much as possible because it triggers the
backoff exponential in the remote peer, which considerably slow down
the session establishment process.
In summary, this new approach allows for a simpler code and fixes the
memory leak problem mentioned before.
|
|
Rename a few more things to improve readability.
* s/F_PW_CONTROLWORD_CONF/F_PW_CWORD_CONF/ (shorter)
* s/F_PW_CONTROLWORD/F_PW_CWORD/ (shorter)
* s/LDPD_FLAG_*/F_LDPD_*/ (consistency)
* s/lde_nbr_address/lde_addr/ (shorter)
* s/ldp_discovery_socket/ldp_disc_socket/ (shorter)
* s/ldp_ediscovery_socket/ldp_edisc_socket/ (shorter)
* s/ldp_sendboth/main_imsg_compose_both/ (consistency)
* s/cons/total/ (makes more sense)
* s/kaddr/ka/ (consistency with remaining code)
* Always use 'ln' for lde_nbrs (consistency)
|
|
In ldpd we have the map structure, which is used to represent a label message,
and the fec structure, used to store FECs in the LIB.
As of now, ldpd supports two type of FECs:
* IPv4 prefix (FEC_TYPE_IPV4);
* PWID (FEC_TYPE_PWID).
For the label messages, the following contants were being used:
* FEC_WILDCARD;
* FEC_PREFIX (IPv4 or IPv6);
* FEC_PWID.
Since these contants have similar names to the previous ones, rename
them to:
* MAP_TYPE_WILDCARD;
* MAP_TYPE_PREFIX;
* MAP_TYPE_PWID.
|
|
|
|
* Fix check of the packet's size and the "PDU Length" field;
* Add check for the "Message Length" field;
* Check for invalid labelspace earlier.
* Use if_lookup() on disc_recv_iface() to reduce one level of identation;
Additionally, add the following safeguards:
* Check for unicast link hellos;
* Check for multicast targeted hellos;
* Validate packet's source address;
* Validate received transport-address.
Put the ancillary function bad_ip_addr() into a new file, util.c, which
will be used later for several other things.
|
|
This was preventing us from triggering the backoff exponential timer
after receiving a 'No Hello' notification.
|
|
Add more safeguards against malformed packets and fix existing ones. Also,
rename a few variables and constants to match their real meaning. For
example, rename gen_msg_tlv() to gen_msg_hdr() because this function
generates an LDP header, not a TLV.
Finally, clean-up all the send_* functions so they all follow the same
pattern.
|
|
|
|
Do not start the exponential backoff timer when playing the passive role
of the session establishment process.
RFC 5036 - Section 2.5.3 says:
"The specific session establishment action that must be
delayed is the attempt to open the session transport connection by
the LSR playing the active role".
|
