| Age | Commit message (Collapse) | Author |
|---|
|
* sockunion.c: (sockopt_minttl) Add IPv6 support for min hop count.
The kernel support is Linux kernel 2.6.35 or later.
|
|
* bgp_vty.c: (peer_ebgp_multihop_{un,}set_vty) tail-call cleanup.
({no_,}neighbor_ttl_security) ditto.
* bgpd.c: (peer_ttl_security_hops_set) Peer group checks and TTL set only
need to be done on transition.
* sockunion.c: (sockopt_minttl) remove always-on debug and improve readability.
|
|
* bgpd: Add support for RFC 5082 GTSM, which allows the TTL field to be used
to verify that incoming packets have been sent from neighbours no more
than X IP hops away. In other words, this allows packets that were sent from
further away (i.e. not by the neighbour with known distance, and so possibly
a miscreant) to be filtered out.
* lib/sockunion.{c,h}: (sockopt_minttl) new function, to set a minimum TTL
using the IP_MINTTL socket opt.
* bgpd.h: (BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK) define for command
error for minttl.
(struct peer) add a config variable, to store the configured minttl.
(peer_ttl_security_hops_{set,unset}) configuration handlers
* bgpd.c: (peer_group_get) init gtsm_hops
(peer_ebgp_multihop_{un,}set) check for conflicts with GTSM. Multihop and
GTSM can't both be active for a peer at the same time.
(peer_ttl_security_hops_set) set minttl, taking care to avoid conflicts with
ebgp_multihop.
(bgp_config_write_peer) write out minttl as "neighbor .. ttl-security hops X".
* bgp_vty.c: (bgp_vty_return) message for
BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK
(peer_ebgp_multihop_{un,}set_vty)
* bgp_network.c: (bgp_accept) set minttl on accepted sockets if appropriate.
(bgp_connect) ditto for outbound.
|
|
|
|
* bgp_route.c: ({no_,}ipv6_bgp_network_ttl_cmd) depends on ipv6_bgp_network
which is HAVE_IPV6, so these should be too.
(bgp_route_init) and the installs should be similarly ifdefed
|
|
The following patch was also neccessary to compile.
* command.c: (config_logmsg_cmd) use "%s" format spec
* if.c: (connected_log) ditto
|
|
* bgp_attr.c; (attrhash_key_make) s6_addr is only member of in6_addr
guaranteed to be available - s6_addr32 isn't. Fix to be more portable, and
thus allow compilation on BSD again.
|
|
* ospfd: Refresher logic cleanup broke OSPF opaque, which does its own thing
with regard to refresher logic and which also, in the protocol, requires
implementations to keep state of which OI an LSA is received on (rather
than providing information in the LSA to allow it to be looked up - as
other LSAs requiring such assocation were careful to do).
* ospf_lsa.h: (struct ospf_interface) Add back the pointer to oi, but only
for type-9 now.
* ospf_nsm.c: (ospf_db_summary_add) check the oi actually exists first -
doesn't obviate the need for opaque to ensure oi pointers get cleaned up
when ospf_interfaces disappear.
* ospf_opaque.{c,h}: (ospf_opaque_functab,ospf_opaque_lsa_refresh) Refresher
LSA functions now need to return the LSA to the general refresh logic,
to indicate whether the LSA was refreshed.
|
|
* configure.ac: (AC_ARG_ENABLE({ospf-te,opaque-lsa})) reverse the sense to
--disable
(enable_{opaque_lsa,ospf_te}) treat as enabled unless explicitly disabled.
|
|
* bgp_packet.c: (bgp_write) On BGP write, use TCP_CORK to provide hints to
kernel about TCP buffering. This will cause BGP packets to occur in
bigger chunks (full size MTU), improving performance and getting rid of
one of the problems reported in the UNH BGP conformance test.
|
|
* sockunion.{c,h}: (sockopt_cork) wrapper for TCP_CORK socket option for
those platforms that provide it. For other platforms, it is just a nop.
|
|
* bgpd: Rather than toggling socket in/out of non-block mode, just leave it
in nonblocking mode.
One exception is in bgp_notify which only happens just before close.
|
|
* bgp_community.[ch]: (community_lookup) New helper function to look
up a community list in the hash table.
* bgp_routemap.c: A new community structure was being allocated for
every BGP update which matched a route map which set a community.
This behavior led to rapid growth in the memory consumed by bgpd.
Adding the communities to the hash table addresses the memory
growth, but may introduce a problem in modifying or deleting the
'set community' statement in the route map.
|
|
Many show commands do not have support for multiple views and do not
treat different address families uniformly. The following changes add
a number of commands with support for views and rationalized treatment
of IPv4 v IPv6 and unicast v multicast (such as in JUNOS, IOS XR and
more recent versions of IOS).
* bgp_route.c: (bgp_show_community) Inserted a new second argument (the
name of the view) and the code to look up that name in the BGP structure.
The NULL argument in the call to bgp_show (indicating the default view)
was replaced by the specified view. The existing calls to
bgp_show_community had a NULL second argument inserted to make clear
that they refer to the default view.
(top level) Added new functions via the DEFUN and/or ALIAS macros (and
the associated command table entries) to add the commands
show bgp ipv4 (unicast|multicast)
show bgp ipv4 (unicast|multicast) A.B.C.D
show bgp ipv4 (unicast|multicast) A.B.C.D/M
show bgp ipv6 (unicast|multicast)
show bgp ipv6 (unicast|multicast) X:X::X:X
show bgp ipv6 (unicast|multicast) X:X::X:X/M
These show either the full BGP table or the specified route or
prefix for the given address family.
show bgp view WORD (ipv4|ipv6) (unicast|multicast) community
show bgp view WORD (ipv4|ipv6) (unicast|multicast) community \
(AA:NN|local-AS|no-advertise|no-export){1,4}
For the specified view and address family, these show entries
matching any community or the specified communit(y)(ies).
show bgp view WORD (ipv4|ipv6) (unicast|multicast) neighbors \
(A.B.C.D|X:X::X:X) (advertised-routes|received-routes)
For the specified view and address family, show the routes
advertised to or received from the given BGP neighbor.
show bgp [view WORD] ipv4 (unicast|multicast) \
rsclient (A.B.C.D|X:X::X:X)
show bgp [view WORD] ipv4 (unicast|multicast) \
rsclient (A.B.C.D|X:X::X:X) A.B.C.D
show bgp [view WORD] ipv4 (unicast|multicast) \
rsclient (A.B.C.D|X:X::X:X) A.B.C.D/M
show bgp [view WORD] ipv6 (unicast|multicast) \
rsclient (A.B.C.D|X:X::X:X)
show bgp [view WORD] ipv6 (unicast|multicast) \
rsclient (A.B.C.D|X:X::X:X) X:X::X:X
show bgp [view WORD] ipv6 (unicast|multicast) \
rsclient (A.B.C.D|X:X::X:X) X:X::X:X/M
For the specifed (optional) view and address family, show either
the full BGP table or the specified route or prefix for the given
route server client peer.
* bgp_vty.c: (top level) Added new functions via the DEFUN and/or ALIAS
macros (and the associated command table entries) to add the commands
show bgp [view WORD] (ipv4|ipv6) (unicast|multicast) summary
show bgp [view WORD] (ipv4|ipv6) (unicast|multicast) rsclient summary
For the specified (optional) view and address family, display
either the normal summary table for BGP peers, or the route server
client table showing the import and export policies.
|
|
* configure.ac: Bump to 0.99.18
|
|
* BGP error handling generally boils down to "reset session". This was fine
when all BGP speakers pretty much understood all BGP messages. However
the increasing deployment of new attribute types has shown this approach
to cause problems, in particular where a new attribute type is "tunneled"
over some speakers which do not understand it, and then arrives at a speaker
which does but considers it malformed (e.g. corruption along the way, or
because of early implementation bugs/interop issues).
To mitigate this drafts before the IDR (likely to be adopted) propose to
treat errors in partial (i.e. not understood by neighbour), optional
transitive attributes, when received from eBGP peers, as withdrawing only
the NLRIs in the affected UPDATE, rather than causing the entire session
to be reset. See:
http://tools.ietf.org/html/draft-scudder-idr-optional-transitive
* bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length
OR an error" return value with an error code - instead taking
pointer to result structure as arg.
(aspath_parse) adjust to suit previous change, but here NULL really
does mean error in the external interface.
* bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated
value to indicate return result.
(bgp_attr_unintern_sub) cleans up just the members of an attr, but not the
attr itself, for benefit of those who use a stack-local attr.
* bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern
(bgp_attr_unintern) as previous.
(bgp_attr_malformed) helper function to centralise decisions on how to
handle errors in attributes.
(bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed.
(bgp_attr_aspathlimit) Subcode for error specifc to this attr should be
BGP_NOTIFY_UPDATE_OPT_ATTR_ERR.
(bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path.
(bgp_attr_parse) Adjust to deal with the additional error level that
bgp_attr_ parsers can raise, and also similarly return appropriate
error back up to (bgp_update_receive). Try to avoid leaking as4_path.
* bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW
error level from bgp_attr_parse, which should lead to a withdraw, by
making the attribute parameter in call to (bgp_nlri_parse) conditional
on the error, so the update case morphs also into a withdraw.
Use bgp_attr_unintern_sub from above, instead of doing this itself.
Fix error case returns which were not calling bgp_attr_unintern_sub
and probably leaking memory.
* tests/aspath_test.c: Fix to work for null return with bad segments
|
|
* draft-ietf-idr-as-pathlimit doesn't seem to have gone anywhere, and its
author does not think it will make progress in IDR. Remove all support
introduced for it, but leave stubs for the commands to avoid breaking
any configurations.
Basically reverts cecab5e9725792e60a5e4b473e238a14cd85815d.
|
|
|
|
extcom..'
* Extended communities has some kind of resource allocation problem which
causes a double-free if the 'set extcommunity ...' command is used.
Try fix by properly interning extcommunities.
Also, more generally, make unintern functions take a double pointer
so they can NULL out callers references - a usefully defensive programming
pattern for functions which make refs invalid.
Sadly, this patch doesn't fix the problem entirely - crashes still
occur on session clear.
* bgp_ecommunity.h: (ecommunity_{free,unintern}) take double pointer
args.
* bgp_community.h: (community_unintern) ditto
* bgp_attr.h: (bgp_attr_intern) ditto
* bgp_aspath.h: (bgp_aspath.h) ditto
* (general) update all callers of above
* bgp_routemap.c: (route_set_ecommunity_{rt,soo}) intern the new extcom added
to the attr, and unintern any old one.
(route_set_ecommunity_{rt,soo}_compile) intern the extcom to be used
for the route-map set.
(route_set_ecommunity_*_free) unintern to match, instead of free
(route_set_ecommunity_soo) Do as _rt does and don't just leak
any pre-existing community, add to it (is additive right though?)
|
|
* aspath_test.c: Add more test cases. In particular ones to cover the
last invalid-segment problem. Also add ability to specify aspath attribute
headers and test them somewhat.
NB: It's obvious this test has not been run for a year by anyone, despite
2 non-trivial commits to bgpd aspath code.
|
|
Some of the changes made in commit cddb8112b80fa9867156c637d63e6e79eeac67bb
don't work particularly well for other changes that need to be made to
address BGP attribute error handling problems. In particular, returning
a pointer from complex attribute data parsing functions will not suffice
to express the require range of return status conditions.
* bgp_aspath.c: (assegments_parse) Rollback to a more minimal set of
changes to fix the original problem.
(aspath_parse) Slightly needless pushing around of code, and taking
2 parameters to say whether ot use 2 or 4 byte encoding seems unnecessary.
* bgp_attr.c: (bgp_attr_as{,4}path) Rollback, in preparation for BGP
attribute error handling update.
|
|
* bgp_attr.c: (bgp_attr_ext_communities) Certain extended-community attrs
can leave attr->flag indicating ext-community is present, even though no
extended-community object has been attached to the attr structure. Thus a
null-pointer dereference can occur later.
(bgp_attr_community) No bug fixed here, but tidy up flow so it has same
form as previous.
Problem and fix thanks to anonymous reporter.
|
|
* ospf6_route.c ([no_]debug_ospf6_route) Include memory as a debug
option. This allows ospf6 route memory debugging to be enabled or
disabled interactively or from a config file.
|
|
* ospf6_route.c: (ospf6_route_best_next) Allows unlock route, even
when there's no next route. This is consistent with how
ospf6_route_next() behaves.
* ospf6_intra.c: (ospf6_intra_prefix_lsa_remove) Make sure the last
route considered is always unlocked. This is needed when the for
loop terminates because ospf6_route_is_prefix() returns zero.
|
|
A clean exit makes it easier to use memory debuggers.
* ospf6_asbr.c: (ospf6_asbr_terminate) Add a function to do route map
cleanup.
* ospf6_lsa.c: (ospf6_lsa_terminate) Add a function to cleanup the lsa
handler vector.
* ospf6_main.c: (ospf6_exit) Add an function that causes ospf6d to
gracefully exit.
* ospf6_message.c: (ospf6_message_terminate) Add a function that frees
the send and receive buffers.
* ospf6_top.c: (ospf6_delete) Enable the ospf6_delete() function.
Disable ospf6 before freeing everything.
|
|
* ospf6_area.c: (ospf6_area_delete) Get rid of unused code that refers
to a nonexistent function and structure member.
|
|
* ospf6_area.c: Call ospf6_spf_table_finish() before deleting the spf
table. This ensures that the associated ospf6_vertex structures
are also freed.
* ospf6_spf.c: Only allocate a priority queue when a spf calculation
is actually performed. Also defer calling ospf6_spf_table_finish().
|
|
* log.c: (closezlog) Also free the dynamically allocated filename when
a log is closed.
|
|
if.c: (if_terminate) This adds a cleanup function that can be called
when a daemon exits, similar to vty_terminate().
|
|
* bgp_attr.c: I observed while doing some debugging that even for simple
tests there was a lot of hash collisions for BGP attributes. Switch to
using Jhash rather than additive hashing. Probably overkill, but the
function is fast and available.
({attrhash,cluster,transit}_hask_key_make) convert to Jenkins hash,
instead of additive hash.
|
|
* hash.{h,c}: (string_hash_make) Hash optimised for strings, current
implementation using Bernstein hash, which offers a good compromise
between distribution and performance.
* distribute.c: (distribute_hash_make) use previous instead of additive
string hash.
* if_rmap.c: (if_rmap_hash_make) ditto
|
|
If the radix tree creates an extra interior node in bgp_node_get(),
it locks the interior node even though this node is not returned to
the caller, so it may never be unlocked. The lock prevents this node
from being deleted.
* bgpd/bgp_table.c: (bgp_node_get) Remove lock on interior node which
prevents proper node deletion
|
|
* bgp_route.c: (route_vty_out*) The local prefix, metric and weight values
are all stored as uint32_t. Change the format to %u so that large values
are not displayed as negative integers.
|
|
* bgp_route.c: (bgp_static_update_rsclient) BGP sometimes crashes when
removing route server client because of use after free.
The code to update rsclient created a local static copy of bgp attributes
but neglected to handle the extra information pointer. The extra
information was getting freed by bgp_attr_unintern() and reused later when
the copy was passed to bgp_attr_intern().
The fix is to use the attr_dup function to create a copy of the extra
information, then clean it up.
|
|
* bgp_route.c: (bgp_aggregate_set) make sure to unlock BGP node if failure
|
|
* bgpd: (bgp_aggregate_{set,unset,delete}) This fixes locking and other
issues with aggregate set/unset command
|
|
* bgpd: (bgp_damp_parameter_set) The BGP reuse_index is not initialized
properly. This would cause sporadic crash when disabling dampening. Use
XCALLOC correctly and the right size array is initialized and no memset is
needed.
|
|
* bgpd: Connected table locks were being locked but not unlocked, such that
eventually a lock would exceed 2^31 and become negative, thus triggering
an assert later on.
* bgp_main.c: (bgp_exit) delete connected elements along with ifp's.
* bgp_nexthop.c: (bgp_nexthop_lookup{,_ipv6}) add missing unlocks
(bgp_multiaccess_check_v4) ditto
(bgp_connected_{add,delete}) Use a distinct memtype for bgp_connected_ref.
(bgp_scan_finish) reset the nexthop cache to clean it up when bgpd exits
* bgp_route.c: fix missing bgp_node unlocks
* lib/memtype.c: (memory_list_bgp) add MTYPE_BGP_CONN
* testing: has been tested for almost 2 months now.
|
|
* lib/memory.c: (zrealloc) If is called with NULL pointer then it should
increment allocations because it behaves the same as zmalloc.
(zfree) is called with NULL pointer, it does nothing therefore allocation
count should not change.
|
|
|
|
|
|
Older versions of Quagga/Zebra would output a value in MRT table
dump files for "uptime" aka "ORIGINATED" that was a WALL clock
value. Given that uptime is now internally a bgp_clock MONOTONIC
value, the output in the MRT files is showing up as monotonic.
Note: time of MRT dump is still recorded correctly as a
time() based value, so we haven't lost that value.
Proposal is to correct the uptime output on the vty and in the
MRT files to again display something more akin to WALL time.
* bgp_dump.c: (bgp_dump_routes_func) add conditional correction
* bgp_route.c: (route_vty_out_detail) make correction conditional, move
variable declaration to beginning of the function
|
|
Doesn't ripng needs same fix as ripd.
|
|
...A nasty bug, if you forgot to disable debugging, stored the config
and reboot your machine - if you really depend on ripd, then the machine
will not fully come back on the network, because ripd fails.
|
|
* bgpd/bgp_debug.c: fix VTY strings for BGP debug commands to match
correct syntax
|
|
* bgp_packet.c: (bgp_notify_receive) justify the difference between
BGP_NOTIFY_OPEN_UNSUP_PARAM and BGP_NOTIFY_OPEN_UNSUP_CAPBL cases, as
it is explained in RFC5492, page 3, paragraph 1.
"Unsupported Capability" error does not mean, that the peer doesn't
support capabilities advertisement -- quite the opposite (if the peer
would not support capabilities advertisement, the code would be
"Unsupported Optional Parameter"). Thus there is no reason to mark
the peer as one non-supporting capabilities advertisement.
Example: suppose the peer is in fact IPv6-only, but we didn't configure
anything address-family specific for it. Then, the peer would refuse
the session with "Unsupported Capability" code. If we internally set
the peer as non-supporting capabilities advertisement after that, we
will not be able to establish the session with it ever, even with a
fixed configuration -- IPv6-only BGP session cannot be established
without capabilities.
In practice an edge case would be seen as the same IPv6 peer working
with its "neighbor" block read from bgpd.conf, but not working, when
slowly input in "conf t" mode.
|
|
* ospf6_spf.c: Don't replace a node with another node with a lower
number of hops, instead get them from the queue in the correct
order. (Actually, the replacement crashed the ospf6d daemon
rather than worked.)
|
|
* ospf_lsa.h: (struct ospf_lsa) remove oi pointer
* ospf_lsa.c: (ospf_network_lsa_refresh) instead of keeping a pointer, just
lookup the oi when it's needed. This decouples network LSA from oi lifetime
and avoids having to invalidate pointers in LSAs when an oi changes,
simplifying the code.
|
|
* ospf_lsa.c: (various) unregister LSAs from refresher before flushing.
|
|
2006-05-30 Paul Jakma <paul.jakma@sun.com>
* (general) Fix confusion around MaxAge-ing and problem with
high-latency networks. Analysis and suggested fixes by
Phillip Spagnolo, in [quagga-dev 4132], on which this commit
expands slightly.
* ospf_flood.{c,h}: (ospf_lsa_flush) new function.
Scope-general form of existing flush functions, essentially
the dormant ospf_maxage_flood() but without the ambiguity of
whether it is responsible for flooding.
* ospf_lsa.c: (ospf_lsa_maxage) Role minimised to simply setup
LSA on the Maxage list and schedule removal - no more.
ospf_lsa_flush* being the primary way to kick-off flushes
of LSAs.
Don't hardcode the remover-timer value, which was too
short for very high-latency networks.
(ospf_maxage_lsa_remover) Just do what needs to be done to
remove maxage LSAs from the maxage list, remove the call
to ospf_flood_through().
Don't hardcode remove-timer value.
(ospf_lsa_{install,flush_schedule}) ospf_lsa_flush is the correct
entrypoint to flushing maxaged LSAs.
(lsa_header_set) Use a define for the initial age, useful for
testing.
* ospf_opaque.c: (ospf_opaque_lsa_refresh) ditto.
(ospf_opaque_lsa_flush_schedule) ditto.
* ospfd.h: ({struct ospf,ospf_new}) Add maxage_delay parameter,
interval to wait before running the maxage_remover. Supply a
suitable default.
Add a define for OSPF_LSA_INITIAL_AGE, see lsa_header_set().
|
