summaryrefslogtreecommitdiff
path: root/bgpd
AgeCommit message (Collapse)Author
2013-01-14bgpd: store "no neighbor activate" for IPv4 unicastChristian Franke
If a neighbor was in a peer group for any AFI/SAFI, bgpd would never write a "no neighbor activate" line for IPv4 unicast, so a valid setup like following could be configured, but not saved: router bgp 64600 bgp router-id 198.51.100.1 network 198.51.100.0/24 neighbor peers peer-group neighbor 2001:db8::2 remote-as 64601 no neighbor 2001:db8::2 activate ! address-family ipv6 network 2001:db8:1::/48 neighbor peers activate neighbor peers soft-reconfiguration inbound neighbor 2001:db8::2 peer-group peers exit-address-family ! Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: avoid heap fragmentation in bgp_clear_route_tableJorge Boncompte [DTI2]
In bgp_clear_route_table, moved cleanup code before the allocation of the work queue items. This returns the memory to the system allocator before allocating new and might therefore help avoiding heap fragmentation. * bgp_route.c: (bgp_clear_route_table) moved code blocks. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Reviewed-by: Leonid Rosenboim <Leonid.Rosenboim@windriver.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: fix for leaked struct bgp_adj_[in|out] on peer shutdownJorge Boncompte [DTI2]
If a peer with soft-reconfiguration configured is cleared, the function bgp_clear_route_table() doesn't free the bgp_adj_in and bgp_adj_out structures of route nodes that for some reason, ej. denied by a filter, don't have routes attached "rn->info == NULL". Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Reviewed-by: Leonid Rosenboim <Leonid.Rosenboim@windriver.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-11-30bgpd: Fixed out-of-date commentAndrew Certain
When going through the code to write the documentation for local-as, I discovered that one of the comments was out-of-date. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-11-30bgpd: add replace-as modifier for BGP neighborAndrew Certain
Added replace-as modifier for BGP neighbors when using local-as. If the replace-as modifier is specified, only the replacement AS as specified by the local-as modifier is prepended to the AS_PATH, not the process's AS. In bgp_attr.c, I decided that if (peer->change_local_as) { /* If replace-as is specified, we only use the change_local_as when advertising routes. */ if( ! CHECK_FLAG (peer->flags, PEER_FLAG_LOCAL_AS_REPLACE_AS) ) { aspath = aspath_add_seq (aspath, peer->local_as); } aspath = aspath_add_seq (aspath, peer->change_local_as); } else { aspath = aspath_add_seq (aspath, peer->local_as); } was clearer than the alternative that didn't duplicate the prepending of the process's AS: /* First, append the process local AS unless we have an alternate local_as * and we're replacing it (as opposed to just prepending it). */ if (! (peer->change_local_as && CHECK_FLAG (peer->flags, PEER_FLAG_LOCAL_AS_REPLACE_AS) ) ) { aspath = aspath_add_seq (aspath, peer->local_as); } if (peer->change_local_as) aspath = aspath_add_seq (aspath, peer->change_local_as); } But I could be convinced otherwise. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-11-01bgpd: CVE-2012-1820, DoS in bgp_capability_orf()Denis Ovsienko
An ORF (code 3) capability TLV is defined to contain exactly one AFI/SAFI block. Function bgp_capability_orf(), which parses ORF capability TLV, uses do-while cycle to call its helper function bgp_capability_orf_entry(), which actually processes the AFI/SAFI data block. The call is made at least once and repeated as long as the input buffer has enough data for the next call. The helper function, bgp_capability_orf_entry(), uses "Number of ORFs" field of the provided AFI/SAFI block to verify, if it fits the input buffer. However, the check is made based on the total length of the ORF TLV regardless of the data already consumed by the previous helper function call(s). This way, the check condition is only valid for the first AFI/SAFI block inside an ORF capability TLV. For the subsequent calls of the helper function, if any are made, the check condition may erroneously tell, that the current "Number of ORFs" field fits the buffer boundary, where in fact it does not. This makes it possible to trigger an assertion by feeding an OPEN message with a specially-crafted malformed ORF capability TLV. This commit fixes the vulnerability by making the implementation follow the spec.
2012-11-01bgpd: flock() dump files (BZ#742)Daniel Kozlowski
flock()ing the BGP dump files helps consumers determine when they're safe to read. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-10-25*: use array_size() helper macroBalaji.G
Use the array_size() helper macro. Replaces several instances of local macros with the same definition. Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-09-26lib/table: add route_table_get_next() and iteratorAvneesh Sachdev
* lib/table.[ch] - Add a function (route_table_get_next()) to get the route_node in a tree that succeeds a given prefix in iteration order. This allows one to reliably walk nodes in a tree while allowing modifications, and is useful for achieving scale and performance. Other approaches are also possible -- the main plus point of this one is that it does not require any state about the walk to be maintained in the table data structures. - Add an iterator for walking the nodes in a tree. This introduces a new structure (route_table_iter_t) and the following main functions. route_table_iter_init() route_table_iter_pause() route_table_iter_next() route_table_iter_cleanup() The iterator normally uses node pointers and the existing route_next() function to walk nodes efficiently. When an iteration is 'paused' with route_table_iter_pause(), it stores the last prefix processed. The next call to route_table_iter_next() transparently invokes route_table_get_next() with the prefix to resume iteration. * bgpd/bgp_table.[ch] Add wrappers for the new table features described above. * tests/table_test.c Add tests for the new table code. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-09-26bgpd: make bgp_table a wrapper around table libraryAvneesh Sachdev
Make the BGP table code a thin wrapper around the table implementation in libzebra. * bgpd/bgp_table.[ch] - Use the ROUTE_NODE_FIELDS macro to embed the fields of a route_node in the bgp_node structure. - Add a route_table field to the bgp_table structure. Initialize the route_table with a delegate, such that the nodes in the table are bgp_node structures. - Add inline wrappers that call route_table functions underneath, and accept/return the correct BGP types. * bgpd/bgp_route.c Change some code to use inline wrappers instead of accessing fields of nodes/tables directly. The latter does not always work because the types of some fields need to be translated now. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-06-25snmp: let handlers accept OID from a lesser prefixVincent Bernat
Most table handlers do not expect to be given an OID whose prefix is outside what they can handle. This is not a problem with the SMUX implementation since it always correct the OID such that the prefix matches. However, this is not the case for the AgentX implementation. A new function, smux_header_table() is used to do this normalization.
2012-06-25agentx: handle SNMP trapsVincent Bernat
smux_trap() signature has been changed to provide appropriate level information to send SNMPv2 notifications. This includes the addition of the enterprise OID to use (from which is derived the SNMP trap OID) and the MIB registry to locate the appropriate function for variable bindings provided by the trap. The SMUX implementation has been updated but ignore the provided enterprise OID. Instead, it still uses the SMUX peer OID to keep compatibility with previous versions of Quagga. The SMUX implementation also ignores the provided MIB registry since it uses smux_get() function to grab the appropriate values. This is not possible with the AgentX implementation since there is no such function provided by NetSNMP.
2012-06-25smux: drop findVar element from trap object structVincent Bernat
This element was not unused.
2012-06-25smux: remove `tick` argument from smux_trap()Vincent Bernat
smux_trap() contains an argument whose use appears to be to set sysUpTime.0/timestamp field in SNMP trap. However, this value is not used in smux_trap(). Moreover, it is expected that this field is the value of sysUpTime.0 when the trap was sent and not any other time related to the trap. To avoid any confusion, we remove this field from the signature of the function.
2012-06-25build: use net-snmp-config to configure NetSNMPVincent Bernat
The correct method to link to NetSNMP is to use net-snmp-config (which is like pkg-config). Explicit link to libcrypto is also dropped (NetSNMP libs are linked to libcrypto, no need to link Quagga to it). Moreover, @SNMP_INCLUDES@ is dropped because useless. Due to a bug in configure.ac, it was properly populated.
2012-06-25build: only define HAVE_SNMPVincent Bernat
NetSNMP is the only SNMP implementation for Quagga. We don't need two different symbols.
2012-06-25build: allow configure and build in a separate directoryVincent Bernat
Some .h files in lib/ are autogenerated. The search path should include the build directory and the source directory. They usually match but sometimes, they may be different. For example: $ mkdir build $ cd build $ ../configure $ make
2012-06-21bgpd: Partially revert f018db8, fixes BZ#730Jorge Boncompte [DTI2]
The change from bgp_node_get() to bgp_node_lookup() broke aggregation. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Tested-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-06-21bgpd: Fix for commit 6a4677b7, fixes BZ#729Jorge Boncompte [DTI2]
The timers are rearmed after events processing. After 6a4677b7 we do not generate events that can rearm the holdtime timer. Fix it's to call bgp_timer_set() directly as it's done from bgp_event(). Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Tested-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-06-14bgpd: Add "no listen" socket option for the BGP master configurationPaul Jakma
* bgpd.h: add a BGP_OPT_NO_LISTEN option for the master BGP configuration, to prevent any listen socket being created automatically. Allows code to be used outside of BGP daemon settings. * bgpd.c: (bgp_get) honour above the flag, suppress auto-creation of listen socket on first BGP instance if set. (bgp_option_set) whitelist BGP_OPT_NO_LISTEN
2012-06-13Revert "bgpd: Make socket init separate, so unit tests work again."Paul Jakma
This reverts commit 7621f336e2f346edee43227f0b1ef93fe769720b. See bug #727
2012-05-22micro-op bgp_node_[get|lookup]() and route_node_[get|lookup]()Jorge Boncompte [DTI2]
Reduce indirection for values that doesn't change in the loop. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> [adjusted after dropping previous patch] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_aggregate_[increment|decrement]()Jorge Boncompte [DTI2]
If there were no aggregates configured this functions were allocating and freeing a struct bgp_node for every call, and it's called for every prefix received. * bgp_route.c: Bail out early if the there are no aggregates configured. Change from bgp_node_get() to bgp_node_lookup() that does not allocate a new struct bgp_node if not found. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_update_main() in the soft_reconfig caseJorge Boncompte [DTI2]
Avoids 3 checks per call. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize holdtime timer cancellingJorge Boncompte [DTI2]
* bgp_packet.c: (bgp_update_receive) for every update received we queue an event just to cancel the holdtime timer, done in bgp_fsm_update(). Instead cancel the timer directly an avoid a scheduling pass. This incidently fixes another problem found on a slow box, where thousands of events threads were queued, and run, but never freed, because they are moved to the unused list that grows without bounds. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: Remove useless initializationJorge Boncompte [DTI2]
It's initialized below Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: reduce struct attr_extra allocations/freeingJorge Boncompte [DTI2]
Try to use on stack structs for temporary uses. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: use on stack struct attr_extra in bgp_update_receive()Jorge Boncompte [DTI2]
Reduce memory heap fragmentation and pressure on the memory allocator. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: fix struct attr_extra leak in bgp_default_originate()Jorge Boncompte [DTI2]
The call to bgp_attr_default_set() above creates the attr_extra struct, but the attr.extra = NULL initialization was leaking it. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: use on stack struct attr_extra in bgp_attr_unintern()Jorge Boncompte [DTI2]
Reduce memory heap fragmentation and pressure on the memory allocator. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: cleanup bgp_attr_unintern()Jorge Boncompte [DTI2]
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: use on stack struct attr_extra on bgp_attr_aggregate_intern()Jorge Boncompte [DTI2]
Reduce memory heap fragmentation and pressure on the memory allocator. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: reduce attrhash_make_key() indirectionsJorge Boncompte [DTI2]
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: remove some useless initializationsJorge Boncompte [DTI2]
* bgp_attr.c: (bgp_attr_default_intern) bgp_attr_default_set() already initializes the memory. Fixes a struct attr_extra leak. * bgp_route.c: Remove useless on stack struct initializations. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_info_cmp()Jorge Boncompte [DTI2]
* bgp_route.c: (bgp_info_cmp) Reduce indirections, precalculate some values that are used several times, reduce conditionals. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize loops on [e]community_hash_make()Jorge Boncompte [DTI2]
This change reduces loop count. Less jumps. * bgp_community.c: One loop per community. * bgp_ecommunity.c: One loop per ecommunity. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: remove calls to peer_sort() from fast-pathJorge Boncompte [DTI2]
peer_sort() it's called so much as to be annoying. In the assumption that the 'sort' of the peer doesn't change during an established session, I have changed all calls to peer_sort() in the 'fast-path' to only check the 'sort'. All the calls from the vty and such still recalculate the sort and store it in the peer. There's a lot of other calls to peer_sort() that could be changed but some maube tricky, someone more knowledgeable may try to reduce them. This hits peer_sort() from 5th out of the stadium^H^H list on a full internet table loading profiling session. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: debug buffers cleanup and optimizationJorge Boncompte [DTI2]
Just the first change pushes bgp_update_receive() from 6th to ~14th on a full internet table load profiling session. * bgp_debug.c: (bgp_update_receive) The attrstr initialization is expensive, moved under the debug conditional where it is used and just initialize the first char to NULL. (bgp_update_default_send) Initialize attrstr needed for bgp_dump_attr(). Moved some buffers used for printing IP[4|6] addresses under the debug conditionals that use them and reduced its size. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_nexthop_self()Jorge Boncompte [DTI2]
This function scores 2nd, profiling a full internet table load. It's called for every prefix received. Instead of looping in the interface lists comparing addresses use a hash to mantain them. * bgpd.c: Init the own address hash. * bgp_nexthop.c: Introduce methods to maintain an own address hash. (bgp_connected_add) add addresses to the hash. (bgp_connected_delete) delete addresses from the hash. (bgp_nexthop_self) lookup addresses in the hash. Removed the unused afi_t parameter. * bgp_route.c: (bgp_update_main) Micro-optimization, rearranged condition to not lookup the hash for bogus nexthops (0.0.0.0 or a class D/E address) Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize aspath string representation and assegments handlingJorge Boncompte [DTI2]
* bgp_aspath.h: Add str_len to struct aspath. * bgp_aspath.c: Save the aspath string representation length and use it instead of strlen(). (aspath_make_str_count) assign the string buffer directly for consistency with the string length and change the return type to void. (aspath_dup) use str_len and copy the string instead of calling aspath_make_str_count(). (assegment_data_new) change from XCALLOC to XMALLOC. All users initialize the memory before use. (assegment_data_free) unused, removed. (aspath_intern) check that there's always a ->str pointer. (aspath_hash_alloc) reuse assegments and string representation instead of copying them. (aspath_parse) now aspath_hash_alloc does not dupes memory, free the temporary structures only if the aspath it is in the hash. (aspath_cmp_left) remove useless NULL initialization. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-21bgpd: fix crash with vpnv4 soft-reconfigurationJorge Boncompte [DTI2]
bgp_afi_node_get() expects a non-NULL prd for a SAFI_MPLS_VPN prefix. * bgp_route.c: pass down the struct prefix_rd from bgp_soft_reconfig_in() and bgp_soft_reconfig_rsclient(). Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-02bgpd: cleanup, use correct buffer sizes for sockunion2str()Jorge Boncompte [DTI2]
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-05-02bgpd: Fix memory leak of some "show ip bgp neighbor" commandsJorge Boncompte [DTI2]
sockunion_str2su() use is prone to memory leaks. Remove it's use all over the code. At least these commands leaked a sockunion union: - show ip bgp vpnv4 ... routes - show ip bgp ... received prefix-filter Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-05-02bgpd: Fix memory leak with 'set ip next-hop peer-address'Jorge Boncompte [DTI2]
A route-map with the mentioned statement causes a memory leak for every prefix that matches. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-05-02bgpd: fix for route-maps with "match peer local" statementsJorge Boncompte [DTI2]
A route-map with a 'match peer local' statement it's shown like 'match peer (null)' on config output... ... and it's unparsable on daemon startup. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@diac24.net>
2012-05-02bgpd, zebra: Fix format for some metric outputsJorge Boncompte [DTI2]
Metrics are unsigned values. * bgpd/bgp_{debug,route,vty}.c, * zebra/zebra_vty.c: replace %d with %u for metrics & distances Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> [reworded commit message] Signed-off-by: David Lamparter <equinox@diac24.net>
2012-05-02bgpd: Fix regression in args consolidation, total should be inited from argsPaul Jakma
* bgp_attr.c: (bgp_attr_unknown) total should be initialised from the args.
2012-05-02bgpd: Make socket init separate, so unit tests work again.Paul Jakma
* Separate out BGP socket initialisation from bgp_get, and make it an explicit function. Allows unit tests to work again and probably also benefits dry-run. * bgpd.c: (bgp_get) move socket init out... (bgp_socket_init) to here * bgp_main.c: and call it after dry-run. * bgpd.h: (bgp_socket_init) add prototype
2012-04-28bgpd: fix up multipath merge breakageDavid Lamparter
the BGP multipath code was developed against a pre-f6f434b Quagga where bgp_attr_unintern and ecommunity_free took single-star pointers. They now take double-star pointers. * bgpd/bgp_mpath.c: fix up bgp_attr_unintern & ecommunity_free calls. Signed-off-by: David Lamparter <equinox@diac24.net>
2012-04-16bgpd: Fix crash when disabling dampening (BZ#687)Jorge Boncompte [DTI2]
Vladimir Podobaev reported that the following commands crashed the daemon. router bgp 123 bgp dampening no bgp dampening 1 2 3 4 no bgp dampening The problem was that bgp_damp_info_clean() tried to dereference the already freed reuse_list array in the second call to "no bgp dampening". Fixed by checking in bgp_damp_disable() that the dampening it's enabled before doing the cleanup. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>