1. 07 Dec, 2016 3 commits
    • Pavel Tvrdik's avatar
      Check table type at `show route for ...' · f6e8e141
      Pavel Tvrdik authored
      f6e8e141
    • Pavel Tvrdík's avatar
      RPKI protocol with one cache server per protocol · 65d2a88d
      Pavel Tvrdík authored
      The RPKI protocol (RFC 6810) using the RTRLib
      (http://rpki.realmv6.org/) that is integrated inside
      the BIRD's code.
      
      Implemeted transports are:
       - unprotected transport over TCP
       - secure transport over SSHv2
      
      Example configuration of bird.conf:
        ...
        roa4 table r4;
        roa6 table r6;
      
        protocol rpki {
          debug all;
      
          # Import both IPv4 and IPv6 ROAs
          roa4 { table r4; };
          roa6 { table r6; };
      
          # Set cache server (validator) address,
          # overwrite default port 323
          remote "rpki-validator.realmv6.org" port 8282;
      
          # Overwrite default time intervals
          retry   10;         # Default 600 seconds
          refresh 60;         # Default 3600 seconds
          expire 600;         # Default 7200 seconds
        }
      
        protocol rpki {
          debug all;
      
          # Import only IPv4 routes
          roa4 { table r4; };
      
          # Set cache server address to localhost,
          # use default ports tcp => 323 or ssh => 22
          remote 127.0.0.1;
      
          # Use SSH transport instead of unprotected transport over TCP
          ssh encryption {
            bird private key "/home/birdgeek/.ssh/id_rsa";
            remote public key "/home/birdgeek/.ssh/known_hosts";
            user "birdgeek";
          };
        }
        ...
      65d2a88d
    • Pavel Tvrdik's avatar
      Client: Includes stdlib.h for malloc() · 2706747f
      Pavel Tvrdik authored
      2706747f
  2. 08 Jun, 2016 1 commit
  3. 24 May, 2016 1 commit
  4. 17 May, 2016 3 commits
  5. 13 May, 2016 2 commits
  6. 12 May, 2016 9 commits
  7. 10 May, 2016 5 commits
  8. 03 May, 2016 1 commit
    • Pavel Tvrdik's avatar
      Initialize variable ifr in sk_setup() · f7a99acb
      Pavel Tvrdik authored
      ==00:00:00:02.831 2468== Syscall param socketcall.setsockopt(optval) points to uninitialised byte(s)
      ==00:00:00:02.831 2468==    at 0x513BDEA: setsockopt (in /usr/lib/libc-2.23.so)
      ==00:00:00:02.831 2468==    by 0x45C7AF: sk_setup (io.c:1216)
      ==00:00:00:02.831 2468==    by 0x45CDFF: sk_open (io.c:1417)
      ==00:00:00:02.831 2468==    by 0x44B562: rip_open_socket (packets.c:740)
      ==00:00:00:02.831 2468==    by 0x4481A7: rip_iface_locked (rip.c:616)
      ==00:00:00:02.831 2468==    by 0x4133E4: olock_run_event (locks.c:177)
      ==00:00:00:02.831 2468==    by 0x45A6DE: ev_run (event.c:85)
      ==00:00:00:02.831 2468==    by 0x45A7AD: ev_run_list (event.c:142)
      ==00:00:00:02.831 2468==    by 0x45E0FC: io_loop (io.c:2066)
      ==00:00:00:02.831 2468==    by 0x463B56: main (main.c:845)
      ==00:00:00:02.831 2468==  Address 0xffefffd24 is on thread 1's stack
      ==00:00:00:02.831 2468==  in frame #1, created by sk_setup (io.c:1188)
      ==00:00:00:02.831 2468==  Uninitialised value was created by a stack allocation
      ==00:00:00:02.831 2468==    at 0x45C6BB: sk_setup (io.c:1188)
      f7a99acb
  9. 29 Apr, 2016 2 commits
  10. 28 Apr, 2016 1 commit
    • Ondřej Zajíček's avatar
      Add the Babel routing protocol (RFC 6126) · 937e75d8
      Ondřej Zajíček authored
      This patch implements the IPv6 subset of the Babel routing protocol.
      Based on the patch from Toke Hoiland-Jorgensen, with some heavy
      modifications and bugfixes.
      
      Thanks to Toke Hoiland-Jorgensen for the original patch.
      937e75d8
  11. 13 Apr, 2016 1 commit
    • Ondřej Zajíček's avatar
      BSD: Add the IPsec SA/SP database entries control · a7baa098
      Ondřej Zajíček authored
      Add code for manipulation with TCP-MD5 keys in the IPsec SA/SP database
      at FreeBSD systems. Now, BGP MD5 authentication (RFC 2385) keys are
      handled automatically on both Linux and FreeBSD.
      
      Based on patches from Pavel Tvrdik.
      a7baa098
  12. 11 Apr, 2016 1 commit
  13. 08 Apr, 2016 3 commits
  14. 07 Apr, 2016 4 commits
  15. 06 Apr, 2016 3 commits
    • Ondřej Zajíček's avatar
      IO: Avoid multiple event cycles in one loop cycle. · bd22d7f4
      Ondřej Zajíček authored
      Event cycle may took too much time and trigger next timer events, so
      avoid cycling between timer and event cycles inside the loop cycle.
      bd22d7f4
    • Ondřej Zajíček's avatar
      IO: Replace RX priority heuristic with explicit mark · 9e7b3ebd
      Ondřej Zajíček authored
      In BIRD, RX has lower priority than TX with the exception of RX from
      control socket. The patch replaces heuristic based on socket type with
      explicit mark and uses it for both control socket and BGP session waiting
      to be established.
      
      This should avoid an issue when during heavy load, outgoing connection
      could connect (TX event), send open, but then failed to receive OPEN /
      establish in time, not sending notifications between and therefore
      got hold timer expired error from the neighbor immediately after it
      finally established the connection.
      9e7b3ebd
    • Ondřej Zajíček's avatar
      KRT: Fix route learn scan when route changed · e86cfd41
      Ondřej Zajíček authored
      When a kernel route changed, function krt_learn_scan() noticed that and
      replaced the route in internal kernel FIB, but after that, function
      krt_learn_prune() failed to propagate the new route to the nest, because
      it confused the new route with the (removed) old best route and decided
      that the best route did not changed.
      
      Wow, the original code (and the bug) is almost 17 years old.
      e86cfd41