#
1.117 |
|
22-Apr-2024 |
claudio |
Move setting of the shutdown reason to session_stop()
Also make sure that something is logged when a session is stopped. Part of a bigger diff which was OK tb@
|
Revision tags: OPENBSD_7_5_BASE
|
#
1.116 |
|
11-Jan-2024 |
claudio |
rename field ibuf to imsgbuf in struct ctl_conn OK tb@
|
#
1.115 |
|
10-Jan-2024 |
claudio |
Update the control.c code to use the new imsg API.
OK tb@
|
#
1.114 |
|
07-Nov-2023 |
claudio |
Rename struct imsgbuf *ibuf to *imsgbuf in all places. ibuf should be reserved for struct ibuf * values. OK tb@
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.113 |
|
28-Sep-2023 |
claudio |
Enforce NUL termination of the neighbor shutdown reason sent from bgpctl before calling strlcpy() with that string. OK tb@ some long time ago
|
#
1.112 |
|
04-Aug-2023 |
claudio |
Instead of forcing a NUL into struct ctl_neighbor descr adjust the peer matching code to only match at maximum sizeof(n->descr) bytes using strncmp(). OK tb@
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.116 |
|
11-Jan-2024 |
claudio |
rename field ibuf to imsgbuf in struct ctl_conn OK tb@
|
#
1.115 |
|
10-Jan-2024 |
claudio |
Update the control.c code to use the new imsg API.
OK tb@
|
#
1.114 |
|
07-Nov-2023 |
claudio |
Rename struct imsgbuf *ibuf to *imsgbuf in all places. ibuf should be reserved for struct ibuf * values. OK tb@
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.113 |
|
28-Sep-2023 |
claudio |
Enforce NUL termination of the neighbor shutdown reason sent from bgpctl before calling strlcpy() with that string. OK tb@ some long time ago
|
#
1.112 |
|
04-Aug-2023 |
claudio |
Instead of forcing a NUL into struct ctl_neighbor descr adjust the peer matching code to only match at maximum sizeof(n->descr) bytes using strncmp(). OK tb@
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.116 |
|
11-Jan-2024 |
claudio |
rename field ibuf to imsgbuf in struct ctl_conn OK tb@
|
#
1.115 |
|
10-Jan-2024 |
claudio |
Update the control.c code to use the new imsg API.
OK tb@
|
#
1.114 |
|
07-Nov-2023 |
claudio |
Rename struct imsgbuf *ibuf to *imsgbuf in all places. ibuf should be reserved for struct ibuf * values. OK tb@
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.113 |
|
28-Sep-2023 |
claudio |
Enforce NUL termination of the neighbor shutdown reason sent from bgpctl before calling strlcpy() with that string. OK tb@ some long time ago
|
#
1.112 |
|
04-Aug-2023 |
claudio |
Instead of forcing a NUL into struct ctl_neighbor descr adjust the peer matching code to only match at maximum sizeof(n->descr) bytes using strncmp(). OK tb@
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.114 |
|
07-Nov-2023 |
claudio |
Rename struct imsgbuf *ibuf to *imsgbuf in all places. ibuf should be reserved for struct ibuf * values. OK tb@
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.113 |
|
28-Sep-2023 |
claudio |
Enforce NUL termination of the neighbor shutdown reason sent from bgpctl before calling strlcpy() with that string. OK tb@ some long time ago
|
#
1.112 |
|
04-Aug-2023 |
claudio |
Instead of forcing a NUL into struct ctl_neighbor descr adjust the peer matching code to only match at maximum sizeof(n->descr) bytes using strncmp(). OK tb@
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.113 |
|
28-Sep-2023 |
claudio |
Enforce NUL termination of the neighbor shutdown reason sent from bgpctl before calling strlcpy() with that string. OK tb@ some long time ago
|
#
1.112 |
|
04-Aug-2023 |
claudio |
Instead of forcing a NUL into struct ctl_neighbor descr adjust the peer matching code to only match at maximum sizeof(n->descr) bytes using strncmp(). OK tb@
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.112 |
|
04-Aug-2023 |
claudio |
Instead of forcing a NUL into struct ctl_neighbor descr adjust the peer matching code to only match at maximum sizeof(n->descr) bytes using strncmp(). OK tb@
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.111 |
|
20-Jul-2023 |
claudio |
Use sizeof(destination) not sizeof(source) in strlcpy() calls. OK tb@
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.110 |
|
20-Apr-2023 |
claudio |
Implement IMSG_CTL_SHOW_FLOWSPEC and IMSG_FLOWSPEC_FLUSH and add bits for IMSG_FLOWSPEC_ADD and IMSG_FLOWSPEC_REMOVE received from bgpctl via SE. OK tb@
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.109 |
|
09-Feb-2023 |
claudio |
Instead of relaying struct peer from the SE to the RDE to fill out 10 stat numbers, just send the peerid and have the RDE response with the stats. The control code will then merge these counters into the real peer struct and send that to bgpctl. This reduces the number of bytes sent around a fair bit. OK tb@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.108 |
|
17-Aug-2022 |
claudio |
Convert bzero() to memset(), bcmp() to memcmp() and bcopy() to memcpy().
The memory regions passed to memcpy() can not overlap so no need for memmove(). OK tb@ deraadt@
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.107 |
|
28-Jul-2022 |
deraadt |
whitespace found during a read-thru; ok claudio
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.106 |
|
04-Feb-2022 |
claudio |
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems. OK dlg@
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.105 |
|
27-Apr-2021 |
claudio |
Add IMSG_CTL_SHOW_RTR to the list of restriced control messages.
|
Revision tags: OPENBSD_6_9_BASE
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.104 |
|
16-Feb-2021 |
claudio |
Add RTR support to OpenBGPD. Add basic support for the protocol. The RTR client runs in a new process where the protocol handling is done and when new data is available all sources are merged into one ROA set which is then loaded into the RDE. The roa-set from the config is also handled by the new RTR engine. Tested by and ok job@
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.103 |
|
30-Dec-2020 |
claudio |
Implement IMSG_CTL_SHOW_SET to get information about roa-set, as-sets and prefix-sets loaded into the RDE. For now only the number of prefixes or asnumbers are shown plus the time since the last change was done to the table. OK benno@
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.102 |
|
11-Dec-2020 |
claudio |
Make the timer code independent of struct peer this way it can be used in other places as well. ok procter@
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.101 |
|
05-Nov-2020 |
claudio |
Refactor the control code to be more like a module. Change control_dispatch_msg() to return the change of control connection count since the return value was not used before. Add control_fill_pfds() to replace the TAILQ_FOREACH loop in session.c. This allows to move the ctl_conns symbol to control.c (from session.h where it caused issues when compiled with -fno-common). OK benno@
|
Revision tags: OPENBSD_6_8_BASE
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.100 |
|
10-May-2020 |
deraadt |
In bgpctl argument parser, re-arrange 'reason' parsing ('nei action [reason]') to be more generic, then change 'reload' to take take a '[reason]' also, which will be logged by bgpd. ok kn claudio
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.99 |
|
12-Aug-2019 |
claudio |
Reset the IdleHoldTime and the session error count when doing a admin command that clears or starts a neighbor. This way an admin reset does what people expect since it makes the session behave like a brand new one. OK job@ deraadt@ sthen@
|
#
1.98 |
|
08-Aug-2019 |
claudio |
Use O_CLOEXEC or SOCK_CLOEXEC on every open or socket call. Even though some sockets are open for a short time it does not hurt and it ensures that there is no file descriptor leak. OK deraadt@ bluhm@
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.97 |
|
27-May-2019 |
claudio |
Switch the peer TAILQ to a RB tree indexed by the peer id. This way getpeerbyid() gets a lot quicker at finding the peer when many peers are configured. In my test case the difference is around 20% runtime. OK denis@
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.96 |
|
31-Mar-2019 |
claudio |
Move the struct peer into bgpd_config and switch it to a TAILQ instead of the hand-rolled list. This changes the way peers are reloaded since now both parent and session engine are now merging the lists. OK denis@
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.95 |
|
12-Feb-2019 |
claudio |
Handle the abnormal case of not having any neighbors defined a bit better when it comes to handling bgpctl show requests. OK phessler@
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.94 |
|
20-Jan-2019 |
claudio |
Support group descriptions in control messages that accept a neighbor description. With this it is possible to show rib a group of peers, to show or signal a group of peers all at once. OK sthen@ benno@
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.93 |
|
27-Dec-2018 |
remi |
Check if a control socket or address is already in use befor using it. If it is used abort startup or let a reload fail. Sockets are now not unlinked anymore on regular shutdown.
This helps a lot when one tries to do a config check without -n.
Inputs and OK claudio@
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.92 |
|
22-Dec-2018 |
claudio |
bgpctl can cause bgpd to do a lot of work (e.g. dumping all of the RIB) but then bgpctl can quickly exit and bgpd still has to do all the work. Instead introduce a terminate imsg to stop such long running commands if bgpctl closes the connection before the run is over. OK benno@, sthen@, deraadt@
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
#
1.91 |
|
28-Nov-2018 |
claudio |
Start reworking community handling. Merge standard communities and large communities into one filter_community struct and allow it that more then one community can be used in filter rules (currently up to 3). Also rework the code handling bgpctl show rib commands. The special IMSG types for the various filters are gone and the code is in general simpler. OK job@, phessler@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.90 |
|
11-Aug-2017 |
claudio |
softreconfig in and out are on by default for ever and machines now have enough memory that it does not make sense to provide these knobs anymore. They just make the code more complex for no much gain. OK phessler@, benno@
|
#
1.89 |
|
10-Aug-2017 |
benno |
handle extended communities in bgpctl. From Dennis Fondras, thanks! ok phessler@
|
#
1.88 |
|
28-May-2017 |
claudio |
Implement an XON/XOFF protocol between the RDE and the SE to throttle per control session and peer the generation of imsg in the RDE. This reduces the memory pressure in the SE substantially and also a bit in the RDE. Makes the RDE more responsive for bgpctl commands. Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX border router with 200+ session. Convergance time got quite a bit better. OK phessler@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.87 |
|
13-Feb-2017 |
phessler |
draft-ietf-idr-shutdown extends to support a message on either of "Administrative Shutdown" or "Administrative Reset"
patch submitted by Job Snijders, thanks!
|
#
1.86 |
|
24-Jan-2017 |
benno |
sync log.c from relayd et al to bgpd.
there is still a little difference regarding handling of the verbosity value that will be handled later.
ok claudio@ florian@
|
#
1.85 |
|
13-Jan-2017 |
phessler |
Add support for draft-ietf-idr-shutdown
BGP state = Idle, marked down with shutdown reason "goodbye, we are upgrading to openbsd 6.1", down for 00:00:17
developed by Peter van Dijk <peter.van.dijk@powerdns.com> and Job Snijders <job@ntt.net>, thank you!
OK benno@
|
#
1.84 |
|
08-Jan-2017 |
krw |
Replace hand-rolled for(;;) traversal of ctl_conns TAILQ with TAILQ_FOREACH().
No intentional functional change.
ok reyk@
|
#
1.83 |
|
14-Oct-2016 |
phessler |
Add support for draft-ietf-idr-large-community
Joint work with Job Snijders, many thanks! OK benno@ deraadt@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.82 |
|
05-Dec-2015 |
benno |
cleanup some log messages with wrong function names etc. ok henning,claudio
|
#
1.81 |
|
05-Dec-2015 |
claudio |
EAGAIN handling for imsg_read. OK henning@ benno@
|
#
1.80 |
|
25-Oct-2015 |
claudio |
Rename imsg_compose_parent and imsg_compose_rde to imsg_ctl_parent and imsg_ctl_rde since these function should only be used by the control code. Also switch ibuf_rde to ibuf_rde_ctl so that the control imsgs don't need to queue behind all the incoming bgp UPDATES. This speeds up 'bgpctl show' from taking minutes to a few seconds. The RDE was doing this since a very long time but it seems the SE was not adjusted. Yikes
|
#
1.79 |
|
24-Oct-2015 |
benno |
"bgpctl sh rib in" and "bgpctl sh rib out" require a neighbor argument to work. send an error if none is given. ok claudio@
|
#
1.78 |
|
17-Oct-2015 |
reyk |
Do no accept fds on the control socket; including the restricted socket.
OK gilles@ eric@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.77 |
|
26-Apr-2015 |
benno |
mlarkin asks "bgpctl checks the length of the control socket path to make sure it fits. When browsing around last night I saw that bgpd does not. Any reason it shouldn't? Please commit"
Add a check in parse.y to check this when reading the configuration. ok phessler@ henning@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.76 |
|
09-Feb-2015 |
claudio |
Kill session_socket_blockmode() and replace it with SOCK_CLOEXEC or SOCK_NONBLOCK and accept4(). OK henning@ tested & OK benno@
|
Revision tags: OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.75 |
|
13-Nov-2013 |
benno |
from claudio "Let msgbuf_write return -1 with errno EAGAIN. The users then must check if this was the case and readd the event or poll again. The current handling in the imsg code is wrong for sure."
ok gilles, benno
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.74 |
|
11-Mar-2013 |
deraadt |
handle ECONNABORTED errors from accept(). In many code blocks they can be ignored silently and without aborting, much like EINTR and EWOULDBLOCK are. ok's from various maintainers of these directories...
|
#
1.73 |
|
07-Mar-2013 |
claudio |
Implements a few missing bits for better templates support: - on config reload also adjust the cloned neighbors so that they get the config changes as well. - clean up sessions that are 1h idle but in state active (instead of down) - add bits to allow bgpctl to destroy cloned neighbors Tested by sthen@ some time ago, OK phessler@
|
Revision tags: OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.72 |
|
27-May-2012 |
claudio |
Extend the network code to allow attributes to be passed in with prefixes. In the end this will allow anyone to use MRT table dumps to load prefixes into a bgpd instance. For example you can download the RIPE dumps and load full-feeds onto your laptop until the poor thing dies. OK henning@ sthen@
|
#
1.71 |
|
12-Apr-2012 |
claudio |
accept() pacing for bgpd based on similar work done on other daemons. OK henning@ sthen@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.70 |
|
29-Oct-2010 |
henning |
malloc -> calloc for ctl_conn pt out by cppcheck/jasper, ok sthen claudio
|
Revision tags: OPENBSD_4_8_BASE
|
#
1.69 |
|
03-May-2010 |
claudio |
Make it possible to load multiple routing tables at the same time and use those for alternate RIBs. This allows to use "rde rib TESTIT rtable 1". NOTE: nexthop verification has changed for alternate tables. For now nexthop will only be verified against the main routing table (id 0). Because of this "nexthop qualify via bgp" may now compare the nexthops against bgpd routes from a different RIB. Tested by sthen@, OK to move on by henning@
|
Revision tags: OPENBSD_4_7_BASE
|
#
1.68 |
|
13-Jan-2010 |
claudio |
Add support for BGP MPLS VPN aka RFC 4364. This is only the RDE part so that it is possible to use OpenBGPD as a route-reflector for VPNv4. Some clean up of the BGP MP code so that multiple protocols are easier supported. kroute/kernel support not yet done but comming. OK henning@, reyk@
|
#
1.67 |
|
08-Dec-2009 |
jsg |
porcesses -> processes
|
#
1.66 |
|
03-Dec-2009 |
claudio |
A bgpctl nei XY clear should not restart neighbors that are administrativly down. So after a bgpctl reload clearing a neighbor will bring that neighbor into the configured state (in this case down). OK henning@
|
#
1.65 |
|
02-Dec-2009 |
mk |
log_warn() consistency.
`OK' claudio
|
#
1.64 |
|
01-Dec-2009 |
claudio |
Use an artificial address family id in struct bgpd_addr and almost everywhere else. Adds conversion functions to map AFI/SAFI and the Unix AF_ values from and into AID used in bgpd. This is needed to support things like MPLS VPN and other upcomming changes that need to play a lot with AFI/SAFI pairs. Mostly mechanical change, henning@ has no particular issues with this. Must go in so that I can continue working.
|
#
1.63 |
|
02-Nov-2009 |
claudio |
Implement IMSG_CTL_LOG_VERBOSE similar to ospfd. Even though bgpd has almost no log_debug() it makes more sense to make all routing daemons behave the same.
|
#
1.62 |
|
02-Sep-2009 |
claudio |
Implement all of RFC 4486 BGP Cease Notification Message Subcodes. The other side should now see why a session was dropped. e.g: bgpd: ... received notification: Cease, administratively down OK henning
|
Revision tags: OPENBSD_4_6_BASE
|
#
1.61 |
|
05-May-2009 |
sthen |
check that an IMSG_CTL_SHOW_RIB_PREFIX request has a valid address family before passing it to the RDE.
ok henning@ claudio@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.60 |
|
11-May-2008 |
henning |
allow IMSG_CONTROL_SHOW_TIMER on restricted sockets
|
#
1.59 |
|
08-May-2008 |
henning |
make sure we always send back something on IMSG_CTL_SHOW_NEIGHBOR namely, the "no such neighbor" case was missing. problem spotted by martin,ok claudio
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.58 |
|
31-Jan-2008 |
henning |
do not leak confd on malloc failure in control_accept() found by Igor Zinovik <zinovik@cs.karelia.ru>
|
#
1.57 |
|
23-Dec-2007 |
henning |
send timers for bgpctlshow neighbor foo timer in seperate messages after the peer data. makes bgpctl display code independent from timer implementation internals. only running timers are displayed now, stopped ones are skipped.
|
#
1.56 |
|
20-Dec-2007 |
henning |
rework timers. stop changing tienmr values directly, always use new timer_(get/set/stop/running) functions. preparation for more to come :) ok claudio
|
Revision tags: OPENBSD_4_2_BASE
|
#
1.55 |
|
28-Mar-2007 |
henning |
add IMSG_CTL_SHOW_RIB_COMMUNITY, rib by given community mostly from rivo nurges <rix@estpak.ee>, ok claudio
|
#
1.54 |
|
19-Mar-2007 |
henning |
when our red/recv/recvmsg in imsg_read gives EINTR or EAGAIN, do not signal "connection closed" upstream. spotted by Valentin Kozamernik <tin@komna.com>
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE
|
#
1.53 |
|
23-Aug-2006 |
claudio |
Extend show rib interface code so that it is possible to show the adj-rib-in and adj-rib-out. Additionally it is now possible to limit the output to a specified peer. OK henning@
|
#
1.52 |
|
27-May-2006 |
claudio |
Pass a IMSG_CTL_RESULT messgae back to bgpctl on reloads to indicate if the reload was successful or not. OK henning@
|
#
1.51 |
|
27-May-2006 |
claudio |
Cleanup with lint. Make the poll fd indexes unsigned and because of that control_accept should also return a unsigned int. Remove old prototype.
|
#
1.50 |
|
23-May-2006 |
henning |
allow bgpd to request a route refresh from a neighbor if that neighbor announced route refresh capabilities
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.49 |
|
24-Jan-2006 |
henning |
introduce "bgpctl show summary terse", shows summary in an easy to parse format, intended for monitoring puposes. claudio ok
|
#
1.48 |
|
24-Jan-2006 |
henning |
zap now unused var
|
#
1.47 |
|
24-Jan-2006 |
henning |
introduce a second control socket, which is restricted to certain messages, nameley the show ones. needed for looking glass style applications, monitoring etc. claudio ok
|
#
1.46 |
|
03-Jan-2006 |
claudio |
Track some (memory) statistics in the RDE. Accessible via bgpctl.
|
#
1.45 |
|
19-Oct-2005 |
henning |
for "bgpctl neighbor foo up/down/clear", make bgpctl not exit after sending the request, but wait for the new IMSG_CTL_RESULT message, which contains a status code to indicate wether the request was processed successfully or wether an error occured and if so what kind of error. no more "IMSG_CTL_NEIGHBOR_ with unknown neighbor foobaz" in the log when you mistyped foobar - no bgpctl itself complains claudio ok
|
#
1.44 |
|
19-Oct-2005 |
henning |
on "bgpctl neighbor foo clear", we used to send a STOP event immediately followed by a START event. Instead of sending START immediately, start the IdleHoldTimer with a very low value (5 seconds) so that we restart the session these seconds later. some other implementations deal poorly with our previously superfast reconnects, namely, that commercial one from san jose, claudio ok
|
Revision tags: OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.43 |
|
11-Mar-2005 |
deraadt |
move umask() song and dance closer around the bind, being more careful about errors; ok claudio
|
#
1.42 |
|
25-Feb-2005 |
claudio |
unlink() control socket in error path. Spotted by Theo.
|
#
1.41 |
|
23-Dec-2004 |
henning |
allo the "bgpctl show neighbor " commands to take the neighbor descr too, claudio ok
|
#
1.40 |
|
23-Dec-2004 |
henning |
allow "bgpctl neighbor" to take the peer's descr as argument as well as its address so "bgpctl neighbor upstream1 clear" now works and you don't have to remember IPs claudio ok
|
#
1.39 |
|
23-Nov-2004 |
claudio |
Switch from a single filter_set to a linked list of sets. With this change it is possible to specify multiple communities. This is also the first step to better bgpd filters. OK henning@
|
#
1.38 |
|
16-Sep-2004 |
henning |
imsg API cleanup: -kill imsg_compose_pid, imsg_compose_fdpass and imsg_create_pid -extend the original imsg_compose/_create API to take pid & fd too -make imsg_compose do imsg_create + imsg_add + imsg_close instead of duplicating the code -adjust all callers to the new API ok claudio
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.37 |
|
24-Aug-2004 |
claudio |
missing space in log message.
|
#
1.36 |
|
20-Aug-2004 |
henning |
add IMSG_CTL_NEIGHBOR_CLEAR, takes a session down and restarts it, claudio ok
|
#
1.35 |
|
20-Aug-2004 |
henning |
merge IMSG_CTL_NEIGHBOR_UP and _DOWN handling, kills some duplicate code, claudio ok
|
#
1.34 |
|
06-Aug-2004 |
claudio |
Forward IMSG_CTL_SHOW_NEIGHBOR messages to the rde so that we can report the current and max prefix count back to bgpctl. OK henning@
|
#
1.33 |
|
20-Jun-2004 |
henning |
at least somewhat consistently name the TAILQ_ENTRYs... this confused me more than once
|
#
1.32 |
|
09-Jun-2004 |
henning |
move to a dynamically allocated struct pollfd array. we used a ststic one with OPEN_MAX entries, which is a rather arbitary limit as OPEN_MAX is _not_ the max # of open fds we can have, but just a default for that setting. in the same move we have to allocate the peer_l array, basically there for pfd-index to peer pointers to prevent peer list scans all time, dynamiccaly to. we overallocate a little and use that reserve until we have to realloc again later to prevent reallocs for every single control connection or a single flapping peer. help & ok claudio
|
#
1.31 |
|
21-May-2004 |
claudio |
Add support for dynamic announcements. Usefule to annouce temporary blackhole routes or to make network announcements dependent on a external state (e.g. for carp setups) OK henning@
|
#
1.30 |
|
08-May-2004 |
henning |
remove unused argument to control_dispatch_msg(), lint
|
#
1.29 |
|
29-Apr-2004 |
deraadt |
sock -> fd; ok henning
|
#
1.28 |
|
25-Apr-2004 |
henning |
missing return; noticed by Joris Vink <amni@pandora.be> but I fixed in another way
|
#
1.27 |
|
16-Apr-2004 |
henning |
use getpeerbyaddr() instead of using the v4 part of the af independent struct manually
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.26 |
|
17-Mar-2004 |
henning |
remove getpeereid() call so that those who have write access to the socket (root:wheel 0640) can send queries, claudio ok
|
#
1.25 |
|
02-Mar-2004 |
claudio |
Framework for rib lookups by prefix. OK henning@
|
#
1.24 |
|
29-Feb-2004 |
henning |
plug memory leak: when a control connection is closed we need to clear its write buffers, noticed by claudio
|
#
1.23 |
|
29-Feb-2004 |
henning |
of course the control socket needs to be nonblocking as well, i could have sworn it was... noticed by & fixed with claudio
|
#
1.22 |
|
26-Feb-2004 |
claudio |
show rib infrastructure. At least full dumps and per as dumps. Per prefix dump need some more work. OK henning@
|
#
1.21 |
|
02-Feb-2004 |
henning |
close socket on error in control_init From: Patrick Latifi <pat@eyeo.org>
|
#
1.20 |
|
22-Jan-2004 |
henning |
use log_warnx and log_info. reclassify a few messages in the process and fix a few messages.
ok claudio@
|
#
1.19 |
|
22-Jan-2004 |
henning |
s/log_err/log_warn/ it is like warn(3), nor err(3). so use a less confusing name.
|
#
1.18 |
|
20-Jan-2004 |
henning |
fix error logging on connection attempts from !root user
|
#
1.17 |
|
17-Jan-2004 |
henning |
allow the interfaces as bgpd sees 'em to be queried via imsgs
|
#
1.16 |
|
11-Jan-2004 |
henning |
new message IMSG_CTL_SHOW_NEXTHOP: request/send lost of BGP nexthops and the result of their validity check
|
#
1.15 |
|
09-Jan-2004 |
henning |
for IMSG_CTL_KROUTEs allow matching based on flags, add IMGS_CTL_KROUTE_ADDR to match the route for a given address
ok claudio@
|
#
1.14 |
|
09-Jan-2004 |
henning |
get us a stateful imsg relaying framework, and the first receiver, IMSG_CTL_KROUTE, to have the kroute structs forming the fib sent to a control socket.
ok claudio@
|
#
1.13 |
|
09-Jan-2004 |
henning |
you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) you must not try to read(2) without checking (pfd->revents & POLLIN) [...] you must not try to read(2) without checking (pfd->revents & POLLIN)
|
#
1.12 |
|
06-Jan-2004 |
henning |
two new imsg types, IMSG_CTL_NEIGHBOR_UP and _DOWN, on their receival on the control socket the given neighbor session is sent a START / STOP signal.
ok claudio@
|
#
1.11 |
|
06-Jan-2004 |
henning |
2004
|
#
1.10 |
|
05-Jan-2004 |
henning |
allow fib couple/decouple based on an imsg received on the control socket by the SE and passed on to the main process
|
#
1.9 |
|
04-Jan-2004 |
henning |
-new imsg CTL_RELOAD -upong receival in the SE forward to parent -make sending messages from SE to parent work for that (was not required before) -parent reacts to that just like a SIGHUP, reread config file
|
#
1.8 |
|
04-Jan-2004 |
henning |
allow "show neighbor" to be limited to one specific neighbor
|
#
1.7 |
|
03-Jan-2004 |
henning |
decouple the peer list from bgpd_config. so many parts of bgpd are not at all interested in the session specific peer structs... allows for some further cleaning
|
#
1.6 |
|
03-Jan-2004 |
henning |
change imsg_read semantics so that the number of bytes read is returned. that means that the callers can (and must) coope with closed connections themselves, what is exactly the desired behaviour.
|
#
1.5 |
|
03-Jan-2004 |
henning |
send an imsg as list end indicator
|
#
1.4 |
|
03-Jan-2004 |
henning |
fix umask, noticed by theo
|
#
1.3 |
|
02-Jan-2004 |
henning |
umask setting and unlink before bind() the unix socket, chmod and umask restore afterwards help & ok theo
|
#
1.2 |
|
02-Jan-2004 |
henning |
move the socket name #define to bgpd.h and get rid of bgpdctl*
|
#
1.1 |
|
01-Jan-2004 |
henning |
listen on a AF_LOCAL socket for imsgs too. only implemented type yet is IMSG_CTL_SHOW_NEIGHBOR which sends back the struct peer for all neighbors. will be used by bgpdctl
|