1. 06 Sep, 2017 1 commit
    • Ondřej Zajíček's avatar
      Basic VRF support · 943478b0
      Ondřej Zajíček authored
      Add basic VRF (virtual routing and forwarding) support. Protocols can be
      associated with VRFs, such protocols will be restricted to interfaces
      assigned to the VRF (as reported by Linux kernel) and will use sockets
      bound to the VRF. E.g., different multihop BGP instances can use diffent
      kernel routing tables to handle BGP TCP connections.
      
      The VRF support is preliminary, currently there are several limitations:
      
      - Recent Linux kernels (4.11) do not handle correctly sockets bound
      to interaces that are part of VRF, so most protocols other than multihop
      BGP do not work. This will be fixed by future kernel versions.
      
      - Neighbor cache ignores VRFs. Breaks config with the same prefix on
      local interfaces in different VRFs. Not much problem as single hop
      protocols do not work anyways.
      
      - Olock code ignores VRFs. Breaks config with multiple BGP peers with the
      same IP address in different VRFs.
      
      - Incoming BGP connections are not dispatched according to VRFs.
      Breaks config with multiple BGP peers with the same IP address in
      different VRFs. Perhaps we would need some kernel API to read VRF of
      incoming connection? Or probably use multiple listening sockets in
      int-new branch.
      
      - We should handle master VRF interface up/down events and perhaps
      disable associated protocols when VRF goes down. Or at least disable
      associated interfaces.
      
      - Also we should check if the master iface is really VRF iface and
      not some other kind of master iface.
      
      - BFD session request dispatch should be aware of VRFs.
      
      - Perhaps kernel protocol should read default kernel table ID from VRF
      iface so it is not necessary to configure it.
      
      - Perhaps we should have per-VRF default table.
      943478b0
  2. 05 Sep, 2017 1 commit
    • Ondřej Zajíček's avatar
      KRT: Fix IPv6 ECMP handling with Linux 4.11+ · 98bb80a2
      Ondřej Zajíček authored
      Starting from Linux 4.11, IPv6 ECMP routes are now notified using
      RTA_MULTIPATH, like IPv4 ones. The patch adds support for RTA_MULTIPATH
      parsing for IPv6 routes. This also enables to parse ECMP alien routes
      correctly.
      
      Thanks to Vincent Bernat for the original patch.
      98bb80a2
  3. 16 May, 2017 1 commit
    • Ondřej Zajíček's avatar
      Some more autoconf cleanups · c253ec3a
      Ondřej Zajíček authored
      Replace integer type width detection with C99 fixed-width types.
      Also remove some unused or obsolete code.
      
      Thanks to Ruben Kerkhof for the patchset.
      c253ec3a
  4. 20 Dec, 2016 1 commit
  5. 08 Nov, 2016 1 commit
  6. 01 Nov, 2016 1 commit
  7. 29 Sep, 2016 1 commit
  8. 19 Sep, 2016 1 commit
    • Ondřej Zajíček's avatar
      KRT: Add krt_scope attribute · 6e75d0d2
      Ondřej Zajíček authored
      Add a new route attribute, krt_scope, to expose the Linux kernel route
      scope. Constants from /etc/iproute2/rt_scopes (prefixed by "ips_") are
      expected to be used with the attribute. Both import and export are
      supported.
      
      Also, the patch fixes device route export to the kernel, by setting link
      scope automatically.
      6e75d0d2
  9. 15 Sep, 2016 1 commit
    • Ondřej Zajíček's avatar
      KRT: Add kernel metric protocol option · 4adcb9df
      Ondřej Zajíček authored
      Kernel routes with different metrics do not clash with each other,
      therefore using dedicated metric value is a reliable way to avoid
      overwriting routes from other sources (e.g. kernel device routes).
      
      Although kernel route metric could already be set as a route attribute by
      filters, that is not consistent with the way how Linux kernel handles
      route metric - not just a route attribute, but a part of a route key.
      4adcb9df
  10. 14 Sep, 2016 1 commit
    • Ondřej Zajíček's avatar
      KRT: Support for IPv6 ECMP · 2feaa693
      Ondřej Zajíček authored
      Linux represents IPv6 ECMP routes as a sequence of unipath routes with
      the same prefix. We have to translate between our representation (one
      route with multipath next hop) and the Linux representation in both
      directions.
      
      Proper learning of alien IPv6 ECMP routes still not supported.
      
      Thanks to Mikhail Sennikovskii for the original patch.
      2feaa693
  11. 30 Aug, 2016 1 commit
  12. 20 Jul, 2016 2 commits
  13. 10 May, 2016 1 commit
  14. 13 Apr, 2016 1 commit
    • Ondřej Zajíček's avatar
      BSD: Add the IPsec SA/SP database entries control · a7baa098
      Ondřej Zajíček authored
      Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database
      at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are
      handled automatically on both Linux and FreeBSD.
      
      Based on patches from Pavel Tvrdik.
      a7baa098
  15. 06 Apr, 2016 1 commit
    • Ondřej Zajíček's avatar
      KRT: Fix route learn scan when route changed · e86cfd41
      Ondřej Zajíček authored
      When a kernel route changed, function krt_learn_scan() noticed that and
      replaced the route in internal kernel FIB, but after that, function
      krt_learn_prune() failed to propagate the new route to the nest, because
      it confused the new route with the (removed) old best route and decided
      that the best route did not changed.
      
      Wow, the original code (and the bug) is almost 17 years old.
      e86cfd41
  16. 24 Nov, 2015 1 commit
    • Jan Moskyto Matejka's avatar
      Netlink: attribute validation before parsing · ad276157
      Jan Moskyto Matejka authored
      Wanted netlink attributes are defined in a table, specifying
      their size and neediness. Removing the long conditions that did the
      validation before.
      
      Also parsing IPv4 and IPv6 versions regardless on the IPV6 macro.
      ad276157
  17. 23 Nov, 2015 1 commit
    • Ondřej Zajíček's avatar
      Nest: Fix bug in device proto · 1e4891e4
      Ondřej Zajíček authored
      If an interface address notification is received during device protocol
      shutdown/restart, BIRD crashed.
      
      Thanks to Wei Huang for the bugreport.
      1e4891e4
  18. 11 Nov, 2015 2 commits
  19. 17 Oct, 2015 1 commit
  20. 28 Jul, 2015 1 commit
  21. 08 Jun, 2015 2 commits
  22. 13 May, 2015 1 commit
  23. 12 May, 2015 1 commit
    • Ondřej Zajíček's avatar
      KRT: Add support for plenty of kernel route metrics · 9fdf9d29
      Ondřej Zajíček authored
      Linux kernel route metrics (RTA_METRICS netlink route attribute) are
      represented and accessible as new route attributes:
      
      krt_mtu, krt_window, krt_rtt, krt_rttvar, krt_sstresh, krt_cwnd, krt_advmss,
      krt_reordering, krt_hoplimit, krt_initcwnd, krt_rto_min, krt_initrwnd,
      krt_quickack, krt_lock_mtu, krt_lock_window, krt_lock_rtt, krt_lock_rttvar,
      krt_lock_sstresh, krt_lock_cwnd, krt_lock_advmss, krt_lock_reordering,
      krt_lock_hoplimit, krt_lock_rto_min, krt_feature_ecn, krt_feature_allfrag
      9fdf9d29
  24. 31 Mar, 2015 1 commit
  25. 21 Feb, 2015 1 commit
  26. 02 Oct, 2014 1 commit
  27. 26 Jun, 2014 1 commit
  28. 18 May, 2014 1 commit
  29. 31 Mar, 2014 1 commit
  30. 26 Feb, 2014 1 commit
  31. 06 Feb, 2014 1 commit
    • Ondřej Zajíček's avatar
      Many changes in I/O and OSPF sockets and packet handling. · 48e5f32d
      Ondřej Zajíček authored
      I/O:
       - BSD: specify src addr on IP sockets by IP_HDRINCL
       - BSD: specify src addr on UDP sockets by IP_SENDSRCADDR
       - Linux: specify src addr on IP/UDP sockets by IP_PKTINFO
       - IPv6: specify src addr on IP/UDP sockets by IPV6_PKTINFO
       - Alternative SKF_BIND flag for binding to IP address
       - Allows IP/UDP sockets without tx_hook, on these
         sockets a packet is discarded when TX queue is full
       - Use consistently SOL_ for socket layer values.
      
      OSPF:
       - Packet src addr is always explicitly set
       - Support for secondary addresses in BSD
       - Dynamic RX/TX buffers
       - Fixes some minor buffer overruns
       - Interface option 'tx length'
       - Names for vlink pseudoifaces (vlinkX)
       - Vlinks use separate socket for TX
       - Vlinks do not use fixed associated iface
       - Fixes TTL for direct unicast packets
       - Fixes DONTROUTE for OSPF sockets
       - Use ifa->ifname instead of ifa->iface->name
      48e5f32d
  32. 25 Nov, 2013 1 commit
  33. 23 Nov, 2013 1 commit
  34. 26 Sep, 2013 1 commit
  35. 04 Jul, 2013 1 commit
  36. 25 Jun, 2013 1 commit
  37. 24 Jun, 2013 1 commit