From 688901a664eb9653a96f58dca6838b5ea6784d40 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= Date: Wed, 16 May 2018 12:36:52 +0200 Subject: [PATCH] bird2: Add package MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This adds a separate package for the 2.0 branch of Bird, allowing it to co-exist with the bird1 package. The two packages conflict with each other, so they can't be installed at the same time; but in the build system they coexist just fine. Signed-off-by: Toke Høiland-Jørgensen --- bird2/Makefile | 128 +++++++ bird2/files/bird.conf | 332 ++++++++++++++++++ bird2/files/bird.init | 20 ++ ...1-BGP-Fix-extended-next-hop-handling.patch | 29 ++ ...dded-missing-instruction-comparators.patch | 37 ++ ...el-Fix-type-of-route-entry-router-ID.patch | 33 ++ ...el-Add-option-to-randomize-router-ID.patch | 118 +++++++ ...r-initialization-of-random-generator.patch | 30 ++ ...-flag-for-IPv4-routes-with-unreachab.patch | 40 +++ bird2/patches/0007-Fix-build-version.patch | 28 ++ ...rt-for-src-filter-op-to-access-SADR-.patch | 99 ++++++ 11 files changed, 894 insertions(+) create mode 100644 bird2/Makefile create mode 100644 bird2/files/bird.conf create mode 100644 bird2/files/bird.init create mode 100644 bird2/patches/0001-BGP-Fix-extended-next-hop-handling.patch create mode 100644 bird2/patches/0002-Filter-Added-missing-instruction-comparators.patch create mode 100644 bird2/patches/0003-babel-Fix-type-of-route-entry-router-ID.patch create mode 100644 bird2/patches/0004-Babel-Add-option-to-randomize-router-ID.patch create mode 100644 bird2/patches/0005-Better-initialization-of-random-generator.patch create mode 100644 bird2/patches/0006-babel-Set-onlink-flag-for-IPv4-routes-with-unreachab.patch create mode 100644 bird2/patches/0007-Fix-build-version.patch create mode 100644 bird2/patches/0008-Filter-Add-support-for-src-filter-op-to-access-SADR-.patch diff --git a/bird2/Makefile b/bird2/Makefile new file mode 100644 index 0000000..47ca580 --- /dev/null +++ b/bird2/Makefile @@ -0,0 +1,128 @@ +# +# Copyright (C) 2009-2017 OpenWrt.org +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. + +include $(TOPDIR)/rules.mk + +PKG_NAME:=bird2 +PKG_VERSION:=2.0.2 +PKG_RELEASE:=1 + +PKG_SOURCE:=bird-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=ftp://bird.network.cz/pub/bird +PKG_MD5SUM:=035f91d6f568f8ed438a0814235ac4c5c79147cd2acf201322c307732883480f +PKG_BUILD_DEPENDS:=ncurses readline +PKG_MAINTAINER:=Toke Høiland-Jørgensen +PKG_BUILD_DIR:=$(BUILD_DIR)/bird-$(PKG_VERSION) + +PKG_LICENSE:=GPL-2.0 + +include $(INCLUDE_DIR)/package.mk + +define Package/bird2/Default/description +BIRD is an internet routing daemon which manages TCP/IP routing tables +with support of modern routing protocols, easy to use configuration +interface and powerful route filtering language. It is lightweight and +efficient and therefore appropriate for small embedded routers. + +endef + +define Package/bird2 + TITLE:=The BIRD Internet Routing Daemon (v2) + URL:=http://bird.network.cz/ + SECTION:=net + CATEGORY:=Network + SUBMENU:=Routing and Redirection + DEPENDS:=+libpthread + CONFLICTS:=bird1-ipv4 bird1-ipv6 bird4 bird6 +endef + +define Package/bird2c + TITLE:=The BIRD command-line client (v2) + URL:=http://bird.network.cz/ + SECTION:=net + CATEGORY:=Network + SUBMENU:=Routing and Redirection + DEPENDS:=+bird2 +libreadline +libncurses + CONFLICTS:=bird1c-ipv4 bird1c-ipv6 birdc4 birdc6 +endef + +define Package/bird2cl + TITLE:=The BIRD lightweight command-line client (v2) + URL:=http://bird.network.cz/ + SECTION:=net + CATEGORY:=Network + SUBMENU:=Routing and Redirection + DEPENDS:=+bird2 + CONFLICTS:=bird1cl-ipv4 bird1cl-ipv6 birdcl4 birdcl6 +endef + +define Package/bird2/description +$(call Package/bird2/Default/description) + +BIRD supports OSPFv2, RIPv2, Babel and BGP protocols for IPv4 and +OSPFv3, RIPng, Babel and BGP protocols for IPv6. + +In BGP, BIRD supports communities, multiprotocol extensions, MD5 +authentication, 32bit AS numbers and could act as a route server or a +route reflector. BIRD also supports multiple RIBs, multiple kernel +routing tables and redistribution between the protocols with a powerful +configuration syntax. + +This is the 2.0 branch of Bird which integrates support for IPv4 and IPv6 +into a single branch, and also adds support for the Babel routing protocol. +endef + +define Package/bird2c/description +$(call Package/bird2/Default/description) + +This is a BIRD command-line client. It is used to send commands to BIRD, +commands can perform simple actions such as enabling/disabling of +protocols, telling BIRD to show various information, telling it to show +a routing table filtered by a filter, or asking BIRD to reconfigure. + +Unless you can't afford dependency on ncurses and readline, you +should install BIRD command-line client together with BIRD. +endef + +define Package/bird2cl/description +$(call Package/bird2/Default/description) + +This is a BIRD lightweight command-line client. It is used to send commands +to BIRD, commands can perform simple actions such as enabling/disabling of +protocols, telling BIRD to show various information, telling it to show +a routing table filtered by a filter, or asking BIRD to reconfigure. +endef + +CONFIGURE_ARGS += --with-linux-headers="$(LINUX_DIR)" + +define Package/bird2/conffiles +/etc/bird.conf +/etc/bird4.conf +/etc/bird6.conf +endef + +define Package/bird2/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/bird $(1)/usr/sbin/ + $(INSTALL_DIR) $(1)/etc + $(INSTALL_DATA) ./files/bird.conf $(1)/etc/ + $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_BIN) ./files/bird.init $(1)/etc/init.d/bird +endef + +define Package/bird2c/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/birdc $(1)/usr/sbin/ +endef + +define Package/bird2cl/install + $(INSTALL_DIR) $(1)/usr/sbin + $(INSTALL_BIN) $(PKG_BUILD_DIR)/birdcl $(1)/usr/sbin/ +endef + +$(eval $(call BuildPackage,bird2)) +$(eval $(call BuildPackage,bird2c)) +$(eval $(call BuildPackage,bird2cl)) diff --git a/bird2/files/bird.conf b/bird2/files/bird.conf new file mode 100644 index 0000000..827918d --- /dev/null +++ b/bird2/files/bird.conf @@ -0,0 +1,332 @@ +/* + * This is an example configuration file for MB-BGP setting + */ + + +log syslog all; +# debug protocols all; + +router id 192.168.1.1; + +ipv4 table master4; +ipv6 table master6; + +ipv4 table mcast4; +ipv6 table mcast6; + +ipv4 table mtab4; +ipv6 table mtab6; + +vpn4 table vpntab4; +vpn6 table vpntab6; + +vpn4 table vpn4mc; +vpn6 table vpn6mc; + +flow4 table flowtab4; +flow6 table flowtab6; + + +protocol device { +} + +protocol kernel kernel4 { + ipv4 { + export all; + }; +} + +protocol kernel kernel6 { + ipv6 { + export all; + }; +} + + +protocol static static4 { + ipv4; + + route 10.10.0.0/24 via 192.168.1.2; + route 10.10.1.0/24 via 192.168.1.2 { bgp_large_community.add((10,20,30)); bgp_large_community.add((10,(20*3),10)); }; +} + +protocol static static6 { + ipv6; + + route 2001:db8:10:10::/64 via 2001:db8:1:1::10; + route 2001:db8:10:11::/64 via 2001:db8:1:1::10; + + route 2001:db8:1:1::/64 via fe80::ec9b:67ff:fe60:fd5d % ve1; +} + +# VPNv4 routes with MPLS labels +protocol static statvpn4 { + vpn4; + + route 10:10 10.20.0.0/24 via 192.168.1.2 mpls 210; + route 10:10 10.20.1.0/24 via 192.168.1.2 mpls 210; + route 10:20 10.20.0.0/24 via 192.168.1.2 mpls 220; + route 10:20 10.20.1.0/24 via 192.168.1.2 mpls 220; +} + +protocol static statvpn6 { + vpn6; + + route 10:10 2001:db8:20:10::/64 via 2001:db8:1:1::10 mpls 200/210; + route 10:10 2001:db8:20:11::/64 via 2001:db8:1:1::10 mpls 200/210; + route 10:20 2001:db8:20:10::/64 via 2001:db8:1:1::10 mpls 200/220; + route 10:20 2001:db8:20:11::/64 via 2001:db8:1:1::10 mpls 200/220; +} + +# RFC 5575 flow specification +protocol static flowstat4 { + flow4; + + route flow4 { + dst 10.0.0.0/8; + proto = 23; + dport > 24 && < 30 || 40..50,60..70,80; + sport > 24 && < 30 || = 40 || 50,60..70,80; + icmp type 80; + icmp code 90; + tcp flags 0x03/0x0f; + length 2048..65535; + dscp = 63; + fragment dont_fragment, is_fragment || !first_fragment; + }; + + route flow4 { + dst 11.0.0.0/8; + proto = 0x12; + sport > 0x5678 && < 0x9abc || 0xdef0 || 0x1234,0x5678,0x9abc..0xdef0; + dport = 50; + tcp flags 0x000/0xf00; + }; + + route flow4 { + dst 12.0.0.0/32; + tcp flags ! 0/0x999; + }; + + route flow4 { + dst 220.0.254.0/24; + tcp flags 0x99/0x999; + }; + + route flow4 { + dst 220.0.254.192/28; + tcp flags ! 0xfff/0xfff; + }; + + route flow4 { + dst 15.0.0.0/8; + tcp flags ! 0x999/0x999; + }; +} + +protocol static flowstat6 { + flow6; + + route flow6 { + dst fec0:1122:3344:5566::1/128; + src 0000:0000:0000:0001:1234:5678:9800:0000/101 offset 63; + next header = 23; + sport 24..30, 42 || 50,60,70..80; + dport = 50; + tcp flags 0x03/0x0f, !0/0xff || 0x33/0x33; + fragment !is_fragment || !first_fragment; + label 0xaaaa/0xaaaa && 0x33/0x33; + }; + + route flow6 { + dst fec0:1122:3344:5566::1/128; + src ::1:1234:5678:9800:0/101 offset 63; + next header = 23; + dport = 50; + sport > 24 && < 30 || = 40 || = 50 || = 60 || >= 70 && <= 80; + tcp flags 0x3/0x3 && 0x0/0xc; + }; +} + + +protocol pipe { + table master4; + peer table mcast4; + import none; + export where source = RTS_OSPF; +} + +protocol pipe { + table master6; + peer table mcast6; + import none; + export where source = RTS_OSPF; +} + +protocol ospf v2 ospf4 { + ipv4 { + import all; +# export where source = RTS_STATIC; + }; + + area 0 { + interface "ve0" { stub; }; + interface "ve1" { hello 5; type ptp; }; + interface "ve2" { hello 5; type bcast; ttl security; }; + interface "ve3" { hello 5; type bcast; ttl security; }; + }; +} + + +protocol ospf v3 ospf6 { + ipv6 { + import all; +# export where source = RTS_STATIC; + }; + + area 0 { + interface "ve0" { stub; }; + interface "ve1" { hello 5; type ptp; }; + interface "ve2" { hello 5; type bcast; }; + }; +} + +protocol bgp { + local 192.168.11.1 as 1000; + neighbor 192.168.11.2 as 2000; +# local 192.168.1.1 as 1000; +# neighbor 192.168.2.1 as 2000; +# multihop; +# rr client; +# strict bind; +# debug all; + + # regular IPv4 unicast (1/1) + ipv4 { + # connects to master4 table by default + import all; + export where source ~ [ RTS_STATIC, RTS_BGP ]; + }; + + # regular IPv6 unicast (2/1) + ipv6 { + # connects to master6 table by default + import all; + export where source ~ [ RTS_STATIC, RTS_BGP ]; +# next hop address 2001:db8:1:1::1; + }; + + # IPv4 multicast topology (1/2) + ipv4 multicast { + # explicit IPv4 table + table mcast4; + import all; + export all; + }; + + # IPv6 multicast topology (2/2) + ipv6 multicast { + # explicit IPv6 table + table mcast6; + import all; + export all; +# next hop address 2001:db8:1:1::1; + }; + + # IPv4 with MPLS labels (1/4) + ipv4 mpls { + # explicit IPv4 table + table mtab4; + import all; + export all; + }; + + # IPv6 with MPLS labels (2/4) + ipv6 mpls { + # explicit IPv6 table + table mtab6; + import all; + export all; + # allows IPv4 next hops (6PE) + # extended next hop; + }; + + # VPNv4 with MPLS labels (1/128) + vpn4 mpls { + # connects to vpntab4 table by default + import all; + export all; + }; + + # VPNv6 with MPLS labels (2/128) + vpn6 mpls { + # connects to vpntab6 table by default + import all; + export all; + }; + + # VPNv4 multicast topology (1/129) + vpn4 multicast { + table vpn4mc; + import all; + export all; + }; + + # VPNv6 multicast topology (2/129) + vpn6 multicast { + table vpn6mc; + import all; + export all; + }; + + # IPv4 Flowspec (1/133) + flow4 { + # connects to flowtab4 table by default + import all; + export all; + }; + + # IPv6 Flowspec (2/133) + flow6 { + # connects to flowtab6 table by default + import all; + export all; + }; +} + +protocol bgp { + local 192.168.1.1 as 1000; + neighbor 192.168.3.1 as 1000; + multihop; + rr client; + + ipv4 { + import all; + export where source ~ [ RTS_STATIC, RTS_BGP ]; + }; + + ipv6 { + import all; + export where source ~ [ RTS_STATIC, RTS_BGP ]; + next hop address 2001:db8:1:1::1; + }; +} + +protocol bgp { + local 2001:db8:1:1::1 as 1000; + neighbor 2001:db8:4:1::1 as 1000; + multihop; + rr client; + + ipv4 { + import all; + export where source ~ [ RTS_STATIC, RTS_BGP ]; + next hop address 192.168.4.1; + }; + + ipv6 { + import all; + export where source ~ [ RTS_STATIC, RTS_BGP ]; + }; +} + diff --git a/bird2/files/bird.init b/bird2/files/bird.init new file mode 100644 index 0000000..18db4af --- /dev/null +++ b/bird2/files/bird.init @@ -0,0 +1,20 @@ +#!/bin/sh /etc/rc.common +# Copyright (C) 2010-2017 OpenWrt.org + +USE_PROCD=1 +START=70 + +BIRD_BIN="/usr/sbin/bird" +BIRD_CONF="/etc/bird.conf" +BIRD_PID_FILE="/var/run/bird.pid" + +start_service() { + mkdir -p /var/run + procd_open_instance + procd_set_param command $BIRD_BIN -c $BIRD_CONF -P $BIRD_PID_FILE + procd_set_param file "$BIRD_CONF" + procd_set_param stdout 1 + procd_set_param stderr 1 + procd_set_param respawn + procd_close_instance +} diff --git a/bird2/patches/0001-BGP-Fix-extended-next-hop-handling.patch b/bird2/patches/0001-BGP-Fix-extended-next-hop-handling.patch new file mode 100644 index 0000000..7f73f66 --- /dev/null +++ b/bird2/patches/0001-BGP-Fix-extended-next-hop-handling.patch @@ -0,0 +1,29 @@ +From f3a8cf050e6181e158dcde2fe885d7bf220eedc3 Mon Sep 17 00:00:00 2001 +From: "Ondrej Zajicek (work)" +Date: Thu, 12 Apr 2018 16:55:56 +0200 +Subject: [PATCH] BGP: Fix extended next hop handling + +For IPv4 with extended next hop, we use MP-BGP format and therefore no +independent NEXT_HOP attribute. + +Thanks to Arvin Gan for the bugreport. +--- + proto/bgp/attrs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/proto/bgp/attrs.c b/proto/bgp/attrs.c +index 0f41f818..9003feb2 100644 +--- a/proto/bgp/attrs.c ++++ b/proto/bgp/attrs.c +@@ -295,7 +295,7 @@ bgp_encode_next_hop(struct bgp_write_state *s, eattr *a, byte *buf, uint size) + * store it and encode it later by AFI-specific hooks. + */ + +- if (s->channel->afi == BGP_AF_IPV4) ++ if ((s->channel->afi == BGP_AF_IPV4) && !s->channel->ext_next_hop) + { + ASSERT(a->u.ptr->length == sizeof(ip_addr)); + +-- +2.17.0 + diff --git a/bird2/patches/0002-Filter-Added-missing-instruction-comparators.patch b/bird2/patches/0002-Filter-Added-missing-instruction-comparators.patch new file mode 100644 index 0000000..3daefb4 --- /dev/null +++ b/bird2/patches/0002-Filter-Added-missing-instruction-comparators.patch @@ -0,0 +1,37 @@ +From 823ad12191e66e243dd088a81c66e4a518563e40 Mon Sep 17 00:00:00 2001 +From: Jan Maria Matejka +Date: Fri, 27 Apr 2018 14:38:41 +0200 +Subject: [PATCH] Filter: Added missing instruction comparators. + +These instructions caused SIGABORTs on reconfiguration. +--- + filter/filter.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/filter/filter.c b/filter/filter.c +index bb3146e7..881ba420 100644 +--- a/filter/filter.c ++++ b/filter/filter.c +@@ -1712,7 +1712,10 @@ i_same(struct f_inst *f1, struct f_inst *f2) + case FI_EA_SET: ONEARG; A2_SAME; break; + + case FI_RETURN: ONEARG; break; ++ case FI_ROA_MAXLEN: ONEARG; break; ++ case FI_ROA_ASN: ONEARG; break; + case FI_IP: ONEARG; break; ++ case FI_IS_V4: ONEARG; break; + case FI_ROUTE_DISTINGUISHER: ONEARG; break; + case FI_CALL: /* Call rewriting trickery to avoid exponential behaviour */ + ONEARG; +@@ -1735,6 +1738,8 @@ i_same(struct f_inst *f1, struct f_inst *f2) + ((struct f_inst_roa_check *) f2)->rtc->name)) + return 0; + break; ++ case FI_FORMAT: ONEARG; break; ++ case FI_ASSERT: ONEARG; break; + default: + bug( "Unknown instruction %d in same (%c)", f1->fi_code, f1->fi_code & 0xff); + } +-- +2.17.0 + diff --git a/bird2/patches/0003-babel-Fix-type-of-route-entry-router-ID.patch b/bird2/patches/0003-babel-Fix-type-of-route-entry-router-ID.patch new file mode 100644 index 0000000..f4ce573 --- /dev/null +++ b/bird2/patches/0003-babel-Fix-type-of-route-entry-router-ID.patch @@ -0,0 +1,33 @@ +From 40e7bd0e39849a03bd3f6f44d6719a5f8b1dd291 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= +Date: Mon, 30 Apr 2018 16:29:20 +0200 +Subject: [PATCH] babel: Fix type of route entry router ID +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The router ID being assigned to routes was a uint, which discards the upper +32 bits. This also has the nice side effect of echoing the wrong router ID +back to other routers. + +Signed-off-by: Toke Høiland-Jørgensen +--- + proto/babel/babel.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/proto/babel/babel.c b/proto/babel/babel.c +index 4fd88042..a8eb5ea8 100644 +--- a/proto/babel/babel.c ++++ b/proto/babel/babel.c +@@ -2140,7 +2140,7 @@ babel_rt_notify(struct proto *P, struct channel *c UNUSED, struct network *net, + uint internal = (new->attrs->src->proto == P); + uint rt_seqno = internal ? new->u.babel.seqno : p->update_seqno; + uint rt_metric = ea_get_int(attrs, EA_BABEL_METRIC, 0); +- uint rt_router_id = internal ? new->u.babel.router_id : p->router_id; ++ u64 rt_router_id = internal ? new->u.babel.router_id : p->router_id; + + if (rt_metric > BABEL_INFINITY) + { +-- +2.17.0 + diff --git a/bird2/patches/0004-Babel-Add-option-to-randomize-router-ID.patch b/bird2/patches/0004-Babel-Add-option-to-randomize-router-ID.patch new file mode 100644 index 0000000..161b73e --- /dev/null +++ b/bird2/patches/0004-Babel-Add-option-to-randomize-router-ID.patch @@ -0,0 +1,118 @@ +From 70fab17837dbb4c5848681e4c6b9b90891891130 Mon Sep 17 00:00:00 2001 +From: "Ondrej Zajicek (work)" +Date: Thu, 3 May 2018 16:55:11 +0200 +Subject: [PATCH 1/2] Babel: Add option to randomize router ID + +When a Babel node restarts, it loses its sequence number, which can cause +its routes to be rejected by peers until the state is cleared out by other +nodes in the network (which can take on the order of minutes). + +There are two ways to fix this: Having stable storage to keep the sequence +number across restarts, or picking a different router ID each time. + +This implements the latter, by introducing a new option that will cause +BIRD to randomize a high 32 bits of router ID every time it starts up. +This avoids the problem at the cost of not having stable router IDs in +the network. + +Thanks to Toke Hoiland-Jorgensen for the patch. +--- + doc/bird.sgml | 10 ++++++++++ + proto/babel/babel.c | 11 +++++++++++ + proto/babel/babel.h | 1 + + proto/babel/config.Y | 3 ++- + 4 files changed, 24 insertions(+), 1 deletion(-) + +diff --git a/doc/bird.sgml b/doc/bird.sgml +index 1191fa03..ae308d4c 100644 +--- a/doc/bird.sgml ++++ b/doc/bird.sgml +@@ -1691,6 +1691,7 @@ supports the following per-interface configuration options: + protocol babel [] { + ipv4 { }; + ipv6 [sadr] { }; ++ randomize router id ; + interface { + type ; + rxcost ; +@@ -1713,6 +1714,15 @@ protocol babel [] { +