summaryrefslogtreecommitdiff
path: root/bgpd
AgeCommit message (Collapse)Author
2013-02-01bgpd: don't try to reconcile AS4_PATH with NULLDavid Lamparter
bgp_attr_munge_as4_attrs would previously try to reintegrate an AS4_PATH with a NULL AS_PATH, leading to a rather nasty SEGV. Let's go by RFC6793 and treat missing AS_PATH as 0-length AS_PATH, which in turn means discarding the AS4_PATH. [NB: we don't actually stick to the actual rule, which is discarding AS4_PATH if it's longer than AS_PATH; indeed we should probably fix that too] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-16bgpd: conditional default-originate using route-mapChristian Franke
Incorporate a patch by Svetozar Mihailov which implements default-originate route-maps to behave as expected, i.e. allowing the default route to be advertised conditionally, depending on a criterion given by the route-map. I am aware that the performance attributes of the following implementation are far from optimal. However, this affects only code paths belonging to a feature that is broken without this patch, therefore, it seems reasonable to me to have this in the mainline for now. Cc: Svetozar Mihailov <quagga@j.zarhi.com> Reported-by: Sébastien Cramatte <scramatte@gmail.com> Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-16bgpd: uncork/nagle socket when sending BGP NOTIFYLeonid Rosenboim
This pushes out the NOTIFY message before closing a connection. Previously, the TCP_CORK bandwidth optimization code caused NOTIFY messages to disappear prior to when the connection is closed. * bgpd/bgp_packet.c: unset CORK, set NODELAY, and replace writen() by more correct write() Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-16Revert "bgpd: flock() dump files (BZ#742)"David Lamparter
This reverts commit b07458a055493dd37cb955ae90f11ae8bc334d3a. On second thought, the right way to do this is with rename(), not by introducing a lock that can potentially even stall bgpd. Reported-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-15bgpd: uncork after each writeStephen Hemminger
Keep data flowing, uncork after each BGP_WRITE_PACKET_MAX. This makes TCP send data sooner, since thread may not be scheduled again for a a longish time because of new UPDATE's coming in. Signed-off-by: Stephen Hemminger <shemminger@vyatta.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-15bgpd: use recent monotonic time for readtimeStephen Hemminger
The readtime value is for diagnostic, and doesn't have to be highly accurate. This also fixes a problem where the readtime was being measured with system clock, but the peer_uptime() was comparing with bgp_clock. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-15bgpd: mark route nodes scheduled into work queueStephen Hemminger
The flag bit BGP_NODE_PROCESS_SCHEDULED is checked but never set. This causes route node to be scheduled multiple times under load. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-15bgpd: improve logging of invalid BGP NotificationsLeonid Rosenboim
Invalid BGP Notification messages should be logged locally, cf. RFC4271, Sect. 6.4, p 34, NOTIFICATION Message Error Handling Current notification for invalid Notification code: 2012/10/10 02:17:54 BGP: message index 10 not found in bgp_notify_msg (max is 8) 2012/10/10 02:17:54 BGP: 192.168.1.1 received NOTIFICATION 10/0 ((no item found)) 0 bytes the logging should be a bit more clear. The above logging really doesn't explain much and looks more like a programming error. [rewrote most of it to get in something I can call a shape -David] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: fix error response to invalid BGP version numberLeonid Rosenboim
BGP4-ANVL 20.1 ANVL tries to open BGP with version 5 and expects correct notification in response. Quagga sends notification, but with incorrect information in it. The data needs to be a 2-byte value, and for now we respond with 0004 for any peer version other than 4. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: fix a bug in bgp_attr_dupChristian Franke
Commit 558d1fec11749d3257e improved bgp_attr_dup so it would be possible for the caller to provide attr_extra, allowing to use the stack instead of the heap for operations requiring only a short lived attr. However, this commit introduced a bug where bgp_attr_dup wouldn't copy attr_extra at all (but provide a reference to the original) if the caller provided attr_extra. Cc: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: fix a memleak on "set community none"Christian Franke
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: store "no neighbor activate" for IPv4 unicastChristian Franke
If a neighbor was in a peer group for any AFI/SAFI, bgpd would never write a "no neighbor activate" line for IPv4 unicast, so a valid setup like following could be configured, but not saved: router bgp 64600 bgp router-id 198.51.100.1 network 198.51.100.0/24 neighbor peers peer-group neighbor 2001:db8::2 remote-as 64601 no neighbor 2001:db8::2 activate ! address-family ipv6 network 2001:db8:1::/48 neighbor peers activate neighbor peers soft-reconfiguration inbound neighbor 2001:db8::2 peer-group peers exit-address-family ! Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: avoid heap fragmentation in bgp_clear_route_tableJorge Boncompte [DTI2]
In bgp_clear_route_table, moved cleanup code before the allocation of the work queue items. This returns the memory to the system allocator before allocating new and might therefore help avoiding heap fragmentation. * bgp_route.c: (bgp_clear_route_table) moved code blocks. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Reviewed-by: Leonid Rosenboim <Leonid.Rosenboim@windriver.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2013-01-14bgpd: fix for leaked struct bgp_adj_[in|out] on peer shutdownJorge Boncompte [DTI2]
If a peer with soft-reconfiguration configured is cleared, the function bgp_clear_route_table() doesn't free the bgp_adj_in and bgp_adj_out structures of route nodes that for some reason, ej. denied by a filter, don't have routes attached "rn->info == NULL". Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Reviewed-by: Leonid Rosenboim <Leonid.Rosenboim@windriver.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-11-30bgpd: Fixed out-of-date commentAndrew Certain
When going through the code to write the documentation for local-as, I discovered that one of the comments was out-of-date. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-11-30bgpd: add replace-as modifier for BGP neighborAndrew Certain
Added replace-as modifier for BGP neighbors when using local-as. If the replace-as modifier is specified, only the replacement AS as specified by the local-as modifier is prepended to the AS_PATH, not the process's AS. In bgp_attr.c, I decided that if (peer->change_local_as) { /* If replace-as is specified, we only use the change_local_as when advertising routes. */ if( ! CHECK_FLAG (peer->flags, PEER_FLAG_LOCAL_AS_REPLACE_AS) ) { aspath = aspath_add_seq (aspath, peer->local_as); } aspath = aspath_add_seq (aspath, peer->change_local_as); } else { aspath = aspath_add_seq (aspath, peer->local_as); } was clearer than the alternative that didn't duplicate the prepending of the process's AS: /* First, append the process local AS unless we have an alternate local_as * and we're replacing it (as opposed to just prepending it). */ if (! (peer->change_local_as && CHECK_FLAG (peer->flags, PEER_FLAG_LOCAL_AS_REPLACE_AS) ) ) { aspath = aspath_add_seq (aspath, peer->local_as); } if (peer->change_local_as) aspath = aspath_add_seq (aspath, peer->change_local_as); } But I could be convinced otherwise. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-11-01bgpd: CVE-2012-1820, DoS in bgp_capability_orf()Denis Ovsienko
An ORF (code 3) capability TLV is defined to contain exactly one AFI/SAFI block. Function bgp_capability_orf(), which parses ORF capability TLV, uses do-while cycle to call its helper function bgp_capability_orf_entry(), which actually processes the AFI/SAFI data block. The call is made at least once and repeated as long as the input buffer has enough data for the next call. The helper function, bgp_capability_orf_entry(), uses "Number of ORFs" field of the provided AFI/SAFI block to verify, if it fits the input buffer. However, the check is made based on the total length of the ORF TLV regardless of the data already consumed by the previous helper function call(s). This way, the check condition is only valid for the first AFI/SAFI block inside an ORF capability TLV. For the subsequent calls of the helper function, if any are made, the check condition may erroneously tell, that the current "Number of ORFs" field fits the buffer boundary, where in fact it does not. This makes it possible to trigger an assertion by feeding an OPEN message with a specially-crafted malformed ORF capability TLV. This commit fixes the vulnerability by making the implementation follow the spec.
2012-11-01bgpd: flock() dump files (BZ#742)Daniel Kozlowski
flock()ing the BGP dump files helps consumers determine when they're safe to read. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-10-25*: use array_size() helper macroBalaji.G
Use the array_size() helper macro. Replaces several instances of local macros with the same definition. Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-09-26lib/table: add route_table_get_next() and iteratorAvneesh Sachdev
* lib/table.[ch] - Add a function (route_table_get_next()) to get the route_node in a tree that succeeds a given prefix in iteration order. This allows one to reliably walk nodes in a tree while allowing modifications, and is useful for achieving scale and performance. Other approaches are also possible -- the main plus point of this one is that it does not require any state about the walk to be maintained in the table data structures. - Add an iterator for walking the nodes in a tree. This introduces a new structure (route_table_iter_t) and the following main functions. route_table_iter_init() route_table_iter_pause() route_table_iter_next() route_table_iter_cleanup() The iterator normally uses node pointers and the existing route_next() function to walk nodes efficiently. When an iteration is 'paused' with route_table_iter_pause(), it stores the last prefix processed. The next call to route_table_iter_next() transparently invokes route_table_get_next() with the prefix to resume iteration. * bgpd/bgp_table.[ch] Add wrappers for the new table features described above. * tests/table_test.c Add tests for the new table code. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-09-26bgpd: make bgp_table a wrapper around table libraryAvneesh Sachdev
Make the BGP table code a thin wrapper around the table implementation in libzebra. * bgpd/bgp_table.[ch] - Use the ROUTE_NODE_FIELDS macro to embed the fields of a route_node in the bgp_node structure. - Add a route_table field to the bgp_table structure. Initialize the route_table with a delegate, such that the nodes in the table are bgp_node structures. - Add inline wrappers that call route_table functions underneath, and accept/return the correct BGP types. * bgpd/bgp_route.c Change some code to use inline wrappers instead of accessing fields of nodes/tables directly. The latter does not always work because the types of some fields need to be translated now. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-06-25snmp: let handlers accept OID from a lesser prefixVincent Bernat
Most table handlers do not expect to be given an OID whose prefix is outside what they can handle. This is not a problem with the SMUX implementation since it always correct the OID such that the prefix matches. However, this is not the case for the AgentX implementation. A new function, smux_header_table() is used to do this normalization.
2012-06-25agentx: handle SNMP trapsVincent Bernat
smux_trap() signature has been changed to provide appropriate level information to send SNMPv2 notifications. This includes the addition of the enterprise OID to use (from which is derived the SNMP trap OID) and the MIB registry to locate the appropriate function for variable bindings provided by the trap. The SMUX implementation has been updated but ignore the provided enterprise OID. Instead, it still uses the SMUX peer OID to keep compatibility with previous versions of Quagga. The SMUX implementation also ignores the provided MIB registry since it uses smux_get() function to grab the appropriate values. This is not possible with the AgentX implementation since there is no such function provided by NetSNMP.
2012-06-25smux: drop findVar element from trap object structVincent Bernat
This element was not unused.
2012-06-25smux: remove `tick` argument from smux_trap()Vincent Bernat
smux_trap() contains an argument whose use appears to be to set sysUpTime.0/timestamp field in SNMP trap. However, this value is not used in smux_trap(). Moreover, it is expected that this field is the value of sysUpTime.0 when the trap was sent and not any other time related to the trap. To avoid any confusion, we remove this field from the signature of the function.
2012-06-25build: use net-snmp-config to configure NetSNMPVincent Bernat
The correct method to link to NetSNMP is to use net-snmp-config (which is like pkg-config). Explicit link to libcrypto is also dropped (NetSNMP libs are linked to libcrypto, no need to link Quagga to it). Moreover, @SNMP_INCLUDES@ is dropped because useless. Due to a bug in configure.ac, it was properly populated.
2012-06-25build: only define HAVE_SNMPVincent Bernat
NetSNMP is the only SNMP implementation for Quagga. We don't need two different symbols.
2012-06-25build: allow configure and build in a separate directoryVincent Bernat
Some .h files in lib/ are autogenerated. The search path should include the build directory and the source directory. They usually match but sometimes, they may be different. For example: $ mkdir build $ cd build $ ../configure $ make
2012-06-21bgpd: Partially revert f018db8, fixes BZ#730Jorge Boncompte [DTI2]
The change from bgp_node_get() to bgp_node_lookup() broke aggregation. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Tested-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-06-21bgpd: Fix for commit 6a4677b7, fixes BZ#729Jorge Boncompte [DTI2]
The timers are rearmed after events processing. After 6a4677b7 we do not generate events that can rearm the holdtime timer. Fix it's to call bgp_timer_set() directly as it's done from bgp_event(). Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Tested-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-06-14bgpd: Add "no listen" socket option for the BGP master configurationPaul Jakma
* bgpd.h: add a BGP_OPT_NO_LISTEN option for the master BGP configuration, to prevent any listen socket being created automatically. Allows code to be used outside of BGP daemon settings. * bgpd.c: (bgp_get) honour above the flag, suppress auto-creation of listen socket on first BGP instance if set. (bgp_option_set) whitelist BGP_OPT_NO_LISTEN
2012-06-13Revert "bgpd: Make socket init separate, so unit tests work again."Paul Jakma
This reverts commit 7621f336e2f346edee43227f0b1ef93fe769720b. See bug #727
2012-05-22micro-op bgp_node_[get|lookup]() and route_node_[get|lookup]()Jorge Boncompte [DTI2]
Reduce indirection for values that doesn't change in the loop. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> [adjusted after dropping previous patch] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_aggregate_[increment|decrement]()Jorge Boncompte [DTI2]
If there were no aggregates configured this functions were allocating and freeing a struct bgp_node for every call, and it's called for every prefix received. * bgp_route.c: Bail out early if the there are no aggregates configured. Change from bgp_node_get() to bgp_node_lookup() that does not allocate a new struct bgp_node if not found. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_update_main() in the soft_reconfig caseJorge Boncompte [DTI2]
Avoids 3 checks per call. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize holdtime timer cancellingJorge Boncompte [DTI2]
* bgp_packet.c: (bgp_update_receive) for every update received we queue an event just to cancel the holdtime timer, done in bgp_fsm_update(). Instead cancel the timer directly an avoid a scheduling pass. This incidently fixes another problem found on a slow box, where thousands of events threads were queued, and run, but never freed, because they are moved to the unused list that grows without bounds. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: Remove useless initializationJorge Boncompte [DTI2]
It's initialized below Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: reduce struct attr_extra allocations/freeingJorge Boncompte [DTI2]
Try to use on stack structs for temporary uses. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: use on stack struct attr_extra in bgp_update_receive()Jorge Boncompte [DTI2]
Reduce memory heap fragmentation and pressure on the memory allocator. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: fix struct attr_extra leak in bgp_default_originate()Jorge Boncompte [DTI2]
The call to bgp_attr_default_set() above creates the attr_extra struct, but the attr.extra = NULL initialization was leaking it. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: use on stack struct attr_extra in bgp_attr_unintern()Jorge Boncompte [DTI2]
Reduce memory heap fragmentation and pressure on the memory allocator. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: cleanup bgp_attr_unintern()Jorge Boncompte [DTI2]
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: use on stack struct attr_extra on bgp_attr_aggregate_intern()Jorge Boncompte [DTI2]
Reduce memory heap fragmentation and pressure on the memory allocator. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: reduce attrhash_make_key() indirectionsJorge Boncompte [DTI2]
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: remove some useless initializationsJorge Boncompte [DTI2]
* bgp_attr.c: (bgp_attr_default_intern) bgp_attr_default_set() already initializes the memory. Fixes a struct attr_extra leak. * bgp_route.c: Remove useless on stack struct initializations. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_info_cmp()Jorge Boncompte [DTI2]
* bgp_route.c: (bgp_info_cmp) Reduce indirections, precalculate some values that are used several times, reduce conditionals. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize loops on [e]community_hash_make()Jorge Boncompte [DTI2]
This change reduces loop count. Less jumps. * bgp_community.c: One loop per community. * bgp_ecommunity.c: One loop per ecommunity. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: remove calls to peer_sort() from fast-pathJorge Boncompte [DTI2]
peer_sort() it's called so much as to be annoying. In the assumption that the 'sort' of the peer doesn't change during an established session, I have changed all calls to peer_sort() in the 'fast-path' to only check the 'sort'. All the calls from the vty and such still recalculate the sort and store it in the peer. There's a lot of other calls to peer_sort() that could be changed but some maube tricky, someone more knowledgeable may try to reduce them. This hits peer_sort() from 5th out of the stadium^H^H list on a full internet table loading profiling session. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: debug buffers cleanup and optimizationJorge Boncompte [DTI2]
Just the first change pushes bgp_update_receive() from 6th to ~14th on a full internet table load profiling session. * bgp_debug.c: (bgp_update_receive) The attrstr initialization is expensive, moved under the debug conditional where it is used and just initialize the first char to NULL. (bgp_update_default_send) Initialize attrstr needed for bgp_dump_attr(). Moved some buffers used for printing IP[4|6] addresses under the debug conditionals that use them and reduced its size. Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2012-05-22bgpd: optimize bgp_nexthop_self()Jorge Boncompte [DTI2]
This function scores 2nd, profiling a full internet table load. It's called for every prefix received. Instead of looping in the interface lists comparing addresses use a hash to mantain them. * bgpd.c: Init the own address hash. * bgp_nexthop.c: Introduce methods to maintain an own address hash. (bgp_connected_add) add addresses to the hash. (bgp_connected_delete) delete addresses from the hash. (bgp_nexthop_self) lookup addresses in the hash. Removed the unused afi_t parameter. * bgp_route.c: (bgp_update_main) Micro-optimization, rearranged condition to not lookup the hash for bogus nexthops (0.0.0.0 or a class D/E address) Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>