So this is probably a sensible next step to cleanup log_addr() a bit more.
Teach addr2sa() how to convert the VPN addresses into sockaddrs. The rd
and labelstack still needs to be handled by the caller.
OK?
--
:wq Claudio
Index: util.c
bgpd will get a new process for RTR handling. Because of this it makes
sense to cleanup the startup code a bit and not use flags to indicate
which process to run but instead use the enum bgpd_process.
Additionally change the PFD_PIPE_ROUTE to PFD_PIPE_RDE. The latter is less
confusing since there
This diff changes two things:
- First, it move the kroute update into rde_generate_updates() simplifying
prefix_evaluate a little bit.
- Second, it changes prefix_evaluate to take an additional argument for the
old prefix (to be removed). Instead of doing this outside of
prefix_evaluate() with
On Tue, Dec 29, 2020 at 08:48:28PM +0100, Klemens Nanni wrote:
> Earlier this year `struct pppoe_softc' was annotated with lock comments
> showing no member being protected by KERNEL_LOCK() alone.
>
> After further review of the code paths starting from pppoeintr() I also
> could not find
When bgpd generates an UPDATE to update or withdraw prefixes it does this
from rde_generate_updates() and then decends into up_generate_update().
Now there is up_test_update() that checks if a new prefix is actually OK
to be distributed. It checks things for route reflectors and the common
On Thu, Jan 28, 2021 at 05:19:31PM +0100, Theo Buehler wrote:
> On Thu, Jan 28, 2021 at 04:42:00PM +0100, Claudio Jeker wrote:
> > Initially rpki-client checked the file hash while parsing the file (.roa,
> > .cert or .crl) but since a while rpki-client does the hash check e
On Mon, Feb 01, 2021 at 04:25:47PM +0100, Martin Pieuchot wrote:
> On 08/12/20(Tue) 10:06, Martin Pieuchot wrote:
> > Diff below aims to simplify the API to put a thread on a sleep queue and
> > reduce it to the following:
> >
> > sleep_setup();
> > /* check condition or release lock */
>
proc_parser_gbr(entp, store, ctx, , );
- break;
- default:
- abort();
- }
-
- ibuf_close(, b);
- TAILQ_REMOVE(, entp, entries);
- entity_free(entp);
- }
-
- rc = 0;
-out:
- while (
On Tue, Jan 19, 2021 at 02:22:14PM +0100, Claudio Jeker wrote:
> In iscsid the initiator is kind of a singleton. So lets make use of this
> and remove the initiator argument from all function calls.
>
> This compiles for me but I can't currently test this out.
Updated version
On Tue, Feb 02, 2021 at 02:52:52PM +1000, David Gwynne wrote:
> this is part of a high level discussion about when pf runs against a
> packet. the options are:
>
> 1. pf runs when a packet goes over an interface
> or
> 2. pf runs when a packet enters or leaves the network stack.
>
> for normal
On Mon, Feb 01, 2021 at 04:25:47PM +0100, Martin Pieuchot wrote:
> On 08/12/20(Tue) 10:06, Martin Pieuchot wrote:
> > Diff below aims to simplify the API to put a thread on a sleep queue and
> > reduce it to the following:
> >
> > sleep_setup();
> > /* check condition or release lock */
>
Instead of passing around variables all the way down to entity_write_req()
and repo_lookup() use global variables. Especially for the repository
handling this will become more complex with the introduction of RRDP.
Also shuffle code around a bit so that all entity queue functions are
together.
On Thu, Feb 04, 2021 at 11:45:26AM +0100, Alexander Bluhm wrote:
> Hi,
>
> I would like to analyse tcpbench(1) TCP connections. So I copied
> the nc -D socket debug option.
>
> ok?
Fine with me. OK claudio@
> Index: usr.bin/tcpbench/tcpbench.1
>
On Thu, Feb 04, 2021 at 12:30:17PM +0100, Alexander Bluhm wrote:
> Hi,
>
> I always forget the name of trpt(8). It should be refereced in the
> SO_DEBUG section of getsockopt(2).
>
> ok?
Yes please. Also should we export the tcp_debug buffer via sysctl so that
trpt can run without
On Wed, Feb 03, 2021 at 10:20:47PM +0100, Theo Buehler wrote:
> On Wed, Feb 03, 2021 at 08:08:20PM +0100, Claudio Jeker wrote:
> > This is just shuffling code around and adds a few definitions to extern.h.
> > The goal is to reduce the amount of code in main.c. I constantly get
The uri field in the entity queue struct is never a URI but always a local
path to the file in the repo. Rename the field so I'm less confused.
Compiler agrees with my change.
--
:wq Claudio
? http.c
? http.diff
? obj
Index: extern.h
On Tue, Jan 26, 2021 at 12:33:25PM +0100, Alexander Bluhm wrote:
> On Tue, Jan 26, 2021 at 10:39:30AM +1000, David Gwynne wrote:
> > > But what about dup-to? The packet is duplicated for both directions.
> > > I guess the main use case for dup-to is implementing a monitor port.
> > > There you
On Thu, Jan 28, 2021 at 09:57:33AM +1000, David Gwynne wrote:
> calling if_output with a route to a local IP is confusing, and I'm not
> sure it makes sense anyway.
>
> this treats a an RTF_LOCAL route like an invalid round and drops the
> packet.
>
> ok?
Isn't this a change of behaviour? I
Initially rpki-client checked the file hash while parsing the file (.roa,
.cert or .crl) but since a while rpki-client does the hash check early
during the .mft parsing with mft_check(). After that all files in the
fileandhash attribute are verified and so there is no need to do it again.
All in
On Sat, Jan 30, 2021 at 11:52:15AM +0100, Hiltjo Posthuma wrote:
> On Sat, Jan 30, 2021 at 12:22:04AM +0100, Christian Weisgerber wrote:
> > Hiltjo Posthuma:
> >
> > > > @@ -75,19 +74,8 @@ cookie_load(void)
> > > > if (fp == NULL)
> > > > err(1, "cannot open cookie file
On Wed, Feb 03, 2021 at 09:43:01AM +0100, Martin Pieuchot wrote:
> On 02/02/21(Tue) 10:45, Claudio Jeker wrote:
> > On Mon, Feb 01, 2021 at 04:25:47PM +0100, Martin Pieuchot wrote:
> > > On 08/12/20(Tue) 10:06, Martin Pieuchot wrote:
> > > > Diff below aims to si
On Wed, Feb 03, 2021 at 10:56:38AM +0100, Jan Klemkow wrote:
> On Tue, Jan 05, 2021 at 10:30:33AM +0100, Claudio Jeker wrote:
> > On Tue, Jan 05, 2021 at 10:16:04AM +0100, Jan Klemkow wrote:
> > > On Wed, Dec 23, 2020 at 11:59:13AM +, Stuart Henderson wrote:
> > >
For RRDP support the repository code needs to be cleaned up and adjusted.
Instead of working with host/module store the URI (repo->repo) and the
local path (repo->local). This simplifies the communication between
rpki-client main process and the rsync process a fair bit.
Also introduce mkpath()
On Thu, May 27, 2021 at 06:24:06PM +0200, Claudio Jeker wrote:
> Implement RFC 7313 enhanced route refresh.
>
> While there also change when graceful restart EoR markers are sent.
> In short the graceful restart marker should only be sent initally. After
> that the End of Route
On Tue, Jun 15, 2021 at 06:14:38PM +0200, Claudio Jeker wrote:
> The Adj-RIB-Out should show what is sent to the peer. bgpd did not fully
> do that since it adjusted the ASPATH and the nexthop afterwards when
> building the actual UPDATE.
>
> This diff changes that and moves the
On Thu, May 27, 2021 at 06:29:04PM -0500, Scott Cheloha wrote:
> On Wed, May 19, 2021 at 10:32:55AM -0500, Scott Cheloha wrote:
> > On Wed, May 12, 2021 at 01:15:05PM -0500, Scott Cheloha wrote:
> > >
> > > [...]
> > >
> > > Paul de Weerd mentioned off-list that the initial expiration for an
> >
On Fri, Mar 12, 2021 at 08:41:59AM +0100, Sebastien Marie wrote:
> Hi,
>
> The following diff is a cleanup to remove two leftover checks, which
> were used when ni_unveil was used with UNVEIL_INSPECT:
>
> it was used by:
> - readlink(2) - removed 2019-08-31
>
> Make readlink require
On Thu, Jun 17, 2021 at 01:40:01PM +, Job Snijders wrote:
> On Thu, Jun 17, 2021 at 03:29:38PM +0200, Claudio Jeker wrote:
> > On Thu, Jun 17, 2021 at 01:25:07PM +, Job Snijders wrote:
> > > On Thu, Jun 17, 2021 at 12:24:16PM +0200, Claudio Jeker wrote:
> > > &
On Thu, Jun 17, 2021 at 01:25:07PM +, Job Snijders wrote:
> On Thu, Jun 17, 2021 at 12:24:16PM +0200, Claudio Jeker wrote:
> > On Mon, Jun 14, 2021 at 05:10:07PM +0200, Claudio Jeker wrote:
> > > On Thu, May 27, 2021 at 06:24:06PM +0200, Claudio Jeker wrote:
> > > &g
On Thu, Jun 17, 2021 at 08:41:39PM -0500, Scott Cheloha wrote:
> On Fri, Jun 11, 2021 at 12:17:02PM -0500, Scott Cheloha wrote:
> > Hi,
> >
> > setitimer(2) has a one hundred million second upper bound for timers.
> > Any timer interval larger than this is considered invalid and we set
> >
Dumb copy paste error. The add-path capability is 4byte per AFI/SAFI
the 2 + is from graceful restart where two extra bytes are at the front of
the AFI/SAFI list.
--
:wq Claudio
Index: session.c
===
RCS file:
Adjust the way nlri get extracted from the MP attrs. Instead of
switch statements with a while loop for each case move the while loop out
and only do the nlri_get_* call in the switch statement. The mpp and mplen
adjustmens and the call to rde_update_update and rde_update_withdraw are
also moved
I changed the way up_generate_attr() calls aspath_deflate() but did not
realize that aspath_deflate() frees the pdata at the end. That free should
no longer happen but for that also the mrt case where aspath_deflate()
needs to be adjusted.
With this both the mrt and as0 integration test pass
In rde_update_dispatch() do the AFI check for IPv4 prefixes before
extracting the prefix. This is similar to what the MP code does and
is also more logical.
OK?
--
:wq Claudio
Index: rde.c
===
RCS file:
The network flush code only operates on peerself (like all the other
network commands). Instead of passing a peer to the tree walker just
default to peerself in network_flush_upcall().
This makes the code more obivous that it operates on peerself.
--
:wq Claudio
Index: rde.c
We have released OpenBGPD 7.1, which will be arriving in the
OpenBGPD directory of your local OpenBSD mirror soon.
This release includes the following changes to the previous release:
* OpenBSD 6.9 errata 009
During bgpd(8) config reloads prefixes of the wrong address family could
On Tue, Jun 15, 2021 at 11:21:03AM +, dz...@disroot.org wrote:
> > "Theo de Raadt" wrote:
> > Have you found anything which implies that unveil persists?
> I haven't found anything which implies that unveil doesn't persist either.
> Do you think that the documentation should keep developers
The Adj-RIB-Out should show what is sent to the peer. bgpd did not fully
do that since it adjusted the ASPATH and the nexthop afterwards when
building the actual UPDATE.
This diff changes that and moves the ASPATH prepend for ebgp sessions and
the selection of the nexthop. Thanks to this the
On Tue, Jun 15, 2021 at 04:33:19PM +, dz...@disroot.org wrote:
> >> And I am not letting someone write to the filesystem. Yet, they can
> >> bypass that easily. `unveil("/", "rx")` gives a false illusion of
> >> security, which can even trip up OpenBSD maintainers (more below).
> >
> > That
On Tue, Jun 15, 2021 at 07:25:30PM +0200, Florian Obser wrote:
> On 2021-06-15 17:39 +01, Stuart Henderson wrote:
> > Can we take a straw poll of readers of this email who are using SNMPv3
> > (if any ;-) -- are you using auth+enc, just auth, or no authentication?
> > I'm thinking that somebody
On Mon, Jun 14, 2021 at 05:10:07PM +0200, Claudio Jeker wrote:
> On Thu, May 27, 2021 at 06:24:06PM +0200, Claudio Jeker wrote:
> > Implement RFC 7313 enhanced route refresh.
> >
> > While there also change when graceful restart EoR markers are sent.
> > In short
To not recreate the issue of missing another check in one of the
up_generate_updates() call points factor out the common code into
rde_skip_peer().
I hope this way a similar f-up can be avoided
--
:wq Claudio
? obj
Index: rde.c
===
So on Alpine Linux the libressl version is older then the fix to
ASN1_time_parse (rev 1.16 of lib/libcrypto/asn1/a_time_tm.c).
Because of this the expire times shown in the CSV and JSON output are all
over the place.
Lets add explicit memset before calling ASN1_time_parse() to make this
work even
On Tue, May 04, 2021 at 09:55:32AM +0200, Claudio Jeker wrote:
> Noticed by the arouteserver author Pier Carlo Chiodi the new rde evaluate
> all feature has a bug when a 2nd best route is withdrawn. In that case
> that route got not withdrawn from the adj-rib-out.
>
&
Modern gcc warns about these variables being not initalized.
main.c: In function 'main':
main.c:1064:11: warning: 'rrdppid' may be used uninitialized in this function
[-Wmaybe-uninitialized]
else if (pid == rrdppid)
^
rrdp_delta.c: In function 'start_publish_withdraw_elem':
I think it is a good idea to limit the number of concurrent connects in
bgpd. I used 32 as the limit since that is way enough for the number of
RTR sessions people will configure.
If the limit is hit the request will be dropped and the rtr process will
retry the connect after the retry timeout.
On Thu, May 13, 2021 at 02:40:31PM +, Visa Hankala wrote:
> It looks that re_rxeof() might leak mbufs in two cases. The first case
> happens if the controller returns an incomplete frame when frames are
> expected to be non-fragmented. Note that in this instance the fragment
> list sc->rl_head
Our four-byte AS support dates back to the days of the original draft.
Since then a new RFC 6793 got released that adjusted the error handling a
bit. RFC 6793 just treats any error on AS4_PATH attribute with attribute
drop with the hope that the AS_PATH is better.
The reason is a bit
When I adjusted the capability negotiation to check both sides for
presence I made the graceful restart capability lose all AFI/SAFI
elements for the peer capabilities.
This can be viewed with bgpctl show nei: e.g
Description: beznau-1
BGP version 4, remote router-id 192.168.0.252
BGP state
bgpd(8) will soon support ADD-PATH (RFC7911) and enhanced route refresh
(RFC7313). This is the frist step toward this.
It add the capability parsers, extends the capability struct and adds the
capability negotiation bits. The route refresh parser and generator are
extended to support the BoRR and
Currently our rsync does not follow the exit codes from rsync. Also the
error handling is complex because ERR() and ERRX() are not terminating the
process.
This diff tries to start cleaning up the mess a bit. Introduce some exit
codes to use and apply them in places where it is obvious.
The
On Mon, May 03, 2021 at 05:37:36PM +0200, Claudio Jeker wrote:
> The RTR session was opened with a blocking connect() call. This is rather
> bad if the RTR peer does not exist since then bgpd will block until the
> connect timed out. This diff makes the connect() call non
So yesterday I committed a change to simplify file handling. This removed
the O_NONBLOCK flag from openat() but today I realized that this was a bit
premature. The code at that point does not know if the file is actually a
regular file and so if you put a fifo in place of a regular file it will
On Wed, May 05, 2021 at 11:34:17PM +0200, Sebastian Benoit wrote:
> Claudio Jeker(cje...@diehard.n-r-g.com) on 2021.05.05 17:53:20 +0200:
> > The rsync uploader (what is the generator in rsync) can be simplified and
> > cleaned up a fair bit.
> >
> > There is some c
As noticed by benno@ the blk.blks buffer is leaked in some cases.
Fix those and cleanup up the pre_* functions a bit more.
I increased the diff context a bit to make the diff easier to read.
--
:wq Claudio
Index: uploader.c
===
RCS
Noticed while looking at the same version in rsync. free() may clobber
errno so better save the value before calling free().
Also update the comment, remove all those arguments I removed :)
--
:wq Claudio
Index: mkdir.c
===
RCS
On Mon, May 17, 2021 at 05:11:41PM +0200, Peter J. Philipp wrote:
> Hi,
>
> I found myself wanting this, this morning. I made a patch but then I put it
> in the wrong spot, and noticed it needed rewriting of SERVER in parse.y.
> Later in the day I found myself looking into this, and a better
RFC5492 is fairly explicit when a capability should be enabled on a
session:
A BGP speaker that supports a particular capability may use this
capability with its peer after the speaker determines (as described
above) that the peer supports this capability. Simply put, a given
On Wed, May 12, 2021 at 10:03:13AM -0400, Ashton Fagg wrote:
> joshua stein writes:
>
> > I'm glad I could inspire you to repost the work I already did years
> > ago.
>
> I'm not sure if you're being sarcastic.
>
> > But either way, if a driver is causing a panic because it responds
> >
On Thu, May 20, 2021 at 09:37:38AM +0200, Martin Pieuchot wrote:
> On 20/05/21(Thu) 03:23, Alexandr Nedvedicky wrote:
> > Hrvoje gave a try to experimental diff, which trades rw-locks in pf(4)
> > for mutexes [1]. Hrvoje soon discovered machine panics, when doing 'pfctl
> > -ss'
> > The callstack
On Tue, May 18, 2021 at 02:06:15PM +0200, Claudio Jeker wrote:
> When I adjusted the capability negotiation to check both sides for
> presence I made the graceful restart capability lose all AFI/SAFI
> elements for the peer capabilities.
>
> This can be viewed with bgpct
On Tue, May 18, 2021 at 05:35:01PM +0200, Claudio Jeker wrote:
> bgpd(8) will soon support ADD-PATH (RFC7911) and enhanced route refresh
> (RFC7313). This is the frist step toward this.
> It add the capability parsers, extends the capability struct and adds the
> capability nego
On Tue, May 18, 2021 at 12:48:06PM +0200, Claudio Jeker wrote:
> Our four-byte AS support dates back to the days of the original draft.
> Since then a new RFC 6793 got released that adjusted the error handling a
> bit. RFC 6793 just treats any error on AS4_PATH attribute with attribu
On Wed, Jun 02, 2021 at 08:24:53AM -0400, Dave Voutila wrote:
>
> Martin Vahlensieck writes:
>
> > Index: parse.y
> > ===
> > retrieving revision 1.56
> > diff -u -p -r1.56 parse.y
> > --- parse.y 23 Sep 2020 19:18:18 -
On Sun, May 23, 2021 at 10:25:38PM -0400, Dave Voutila wrote:
> The following diff adds in virtio 1.1's VIRTIO_NET_F_MTU feature support
> to vmd(8)'s virtio networking device. This allows for communicating an MTU
> to the guest driver and then enforcing it in the emulated device.
>
> When the
Implement RFC 7313 enhanced route refresh.
While there also change when graceful restart EoR markers are sent.
In short the graceful restart marker should only be sent initally. After
that the End of Route Refresh message should be sent instead.
Because of this track if an EoR marker was received
Just rename and move some functions used to get per-peer settings to the
hopefully better names peer_has_as4byte() and peer_accept_no_as_set().
--
:wq Claudio
Index: rde.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde.c,v
retrieving
On Fri, May 28, 2021 at 08:15:20AM +0200, Mark Kettenis wrote:
> > Date: Thu, 27 May 2021 18:29:04 -0500
> > From: Scott Cheloha
>
> Sorry, but does is one of those areas where I'm not very aware how the
> interfaces are used by applications. So my default position is:
> "don't change it".
We have released OpenBGPD 7.0, which will be arriving in the
OpenBGPD directory of your local OpenBSD mirror soon.
This release includes the following changes to the previous release:
* Stop processing queued UPDATES when the max-prefix limit was reached.
* Improve negotiation for route
On Tue, Jun 22, 2021 at 08:19:22PM +0200, Claudio Jeker wrote:
> I changed the way up_generate_attr() calls aspath_deflate() but did not
> realize that aspath_deflate() frees the pdata at the end. That free should
> no longer happen but for that also the mrt case where aspath_deflate(
Hit this today while doing some tests. symlink_read() needs to use just
the filename and not the full path because fts_read(3) does chdir
internally.
Without this I got:
openrsync: error: ./obj/openrsync.1: readlink: No such file or directory
openrsync: error: symlink_read
openrsync: error:
On Wed, Jun 30, 2021 at 05:47:16PM +0200, Claudio Jeker wrote:
> Thge compare-dest option of rsync is something I would like to use in
> rpki-client. This implements just that and I think after that adding
> copy-dest and link-dest options should be somewhat easy to add as well.
> Li
On Fri, Jul 02, 2021 at 01:09:05PM +0200, Martin Pieuchot wrote:
> On 01/07/21(Thu) 13:53, Anindya Mukherjee wrote:
> > Hi,
> >
> > I noticed that if I leave the system running for more than about a month,
> > some
> > of the counters in the uvm view of systat(1) overflow and become negative.
>
Claudio Jeker
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR
On Sun, Jun 27, 2021 at 05:28:09PM +0200, Mark Kettenis wrote:
> > Date: Sun, 27 Jun 2021 13:36:03 +
> > From: Klemens Nanni
> >
> > On Sat, Jun 12, 2021 at 11:54:58PM -0700, Greg Steuck wrote:
> > > I started with a failing test for Haskell network package on 6.9-current
> > > amd64
> > >
I'll have a look at this. I do agree that the code should be improved
overall.
> Philip Guenther
>
> On Fri, Jul 2, 2021 at 4:46 AM Claudio Jeker
> wrote:
>
> > Hit this today while doing some tests. symlink_read() needs to use just
> > the filename and not the full path
This diff moves the rib_entry pointer re into the union to safe some
space. For add-path I need to add a few more u_int32_t and that would
blow the size of struct prefix from 128 to 132 bytes. malloc would round
that up to 256bytes and that is bad for the struct that is allocted in
millions in
On Sat, Jun 26, 2021 at 07:07:42AM +0200, Sebastien Marie wrote:
> Hi,
>
> The following diff removes LOCKLEAF from NDINIT. The code doesn't
> doesn't need it: the returned vnode is released immediately. The
> string path is built from the namei() call using REALPATH, during
> directories
The bgpctl show neighbor output is a bit missleading for capabilities.
It currently shows the capabilities sent by the neighbor and not the ones
that then got selected for the session. This matters especially for the
multiprotocol capability.
I added the negotiated capability in the output (which
Like for rsync repos files in the RRDP repos should be delayed until after
the validation finished. As with anything RPKI related there is little
trust in the repositories and their abilities to not botch an update.
One thing I'm not sure is what should happen if a file is supposed to be
removed
We have released OpenBGPD 6.9p0, which will be arriving in the
OpenBGPD directory of your local OpenBSD mirror soon.
This is the first stable release for the 6.9 version. It includes
the following changes:
* Introduced bgpd(8) 'rde evaluate all' to reduce path hiding in
IXP
On Fri, Apr 30, 2021 at 10:58:25PM -0600, Theo de Raadt wrote:
> Sebastian Benoit wrote:
>
> > Claudio Jeker(cje...@diehard.n-r-g.com) on 2021.04.29 15:34:15 +0200:
> > > Like for rsync repos files in the RRDP repos should be delayed until after
> > > the validat
On Sat, May 01, 2021 at 12:14:22AM +0200, Sebastian Benoit wrote:
> Claudio Jeker(cje...@diehard.n-r-g.com) on 2021.04.29 15:34:15 +0200:
> > Like for rsync repos files in the RRDP repos should be delayed until after
> > the validation finished. As with anything RPKI related
On Tue, Apr 27, 2021 at 04:34:18PM -0400, Dave Voutila wrote:
>
> Stuart Henderson writes:
>
> > On 2021/04/27 10:40, Vincent Lee wrote:
> >>
> >> Hi all,
> >>
> >> Consider the following situation. A reverse proxy which performs TLS
> >> termination is deployed in front of httpd, which listens
There are various time fields in the JSON output.
last_read, last_write, last_updown on sessions, last_update for rib
entries and last_change for sets. Currently the value is the fmt_timeframe
string (which looks something like 7w3d12h) and is hard to parse for
machines. Include an additional _sec
On Tue, Apr 27, 2021 at 06:42:07PM -0400, Ashton Fagg wrote:
> Hi all,
>
> Attached is a diff which update iscsictl.8 to reflect the recent change in
> behavior of
> iscsictl's reload command.
>
> Thanks,
>
> Ash
>
> diff --git a/usr.sbin/iscsictl/iscsictl.8 b/usr.sbin/iscsictl/iscsictl.8
>
At the moment bgpd will fall back to IPv4 unicast if there was no match in
the multiprotocol capabilities between local and remote peer.
This is not correct, if the router expects a certain AFI/SAFI for the
session then it should not fall back to IPv4 unicast.
An example is when bgpd uses IPv6
On Wed, Apr 28, 2021 at 02:56:27PM +0200, Alexandr Nedvedicky wrote:
> Hello,
>
> On Wed, Apr 28, 2021 at 02:25:26AM +0200, Alexander Bluhm wrote:
> > On Wed, Apr 28, 2021 at 03:19:47AM +0300, Vitaliy Makkoveev wrote:
> > > The code not only breaks loop but also cleans the queue. Should this be
>
On Wed, Apr 28, 2021 at 08:18:47AM -0400, Dave Voutila wrote:
>
> Claudio Jeker writes:
>
> > Another thing to consider is that X-Forwarded headers should only be
> > accepted from trusted sources. I don't think this particular usage of
> > X-Forwarded-Proto
The peer flags (mainly rde evaluate all but also transparent-as) and the
export options (none, default) are not properly handled on a config
reload. In both cases a full session restart is needed after the config
reload (with a bit of extra wait time to ensure that the peer config is
actually up
Normalize some code.
--
:wq Claudio
Index: receiver.c
===
RCS file: /cvs/src/usr.bin/rsync/receiver.c,v
retrieving revision 1.25
diff -u -p -r1.25 receiver.c
--- receiver.c 24 Nov 2020 16:54:44 - 1.25
+++ receiver.c 5
On Sat, May 01, 2021 at 08:19:19AM +0200, Anton Lindqvist wrote:
> Hi,
> In August 2019 I tried to unlock lseek(2) which failed since the vnode
> lock could not be acquired without holding the kernel lock back then,
> found the hard way. claudio@ recently[1] make it possible to acquire a
> vnode
The rsync uploader (what is the generator in rsync) can be simplified and
cleaned up a fair bit.
There is some confusion of non-blocking IO on regular files and the idea
to poll() between openat() and fstat(). This is all not needed and
therefor a lot of the code handling files can be moved into
I like rsync -v but hell it is noisy with openrsync.
Just shut up about all the files that have not changed unless you go -vv.
--
:wq Claudio
Index: downloader.c
===
RCS file: /cvs/src/usr.bin/rsync/downloader.c,v
retrieving
The RTR session was opened with a blocking connect() call. This is rather
bad if the RTR peer does not exist since then bgpd will block until the
connect timed out. This diff makes the connect() call non-blocking.
With this connecting to non-existing RTR servers no longer blocks the main
process.
Noticed by the arouteserver author Pier Carlo Chiodi the new rde evaluate
all feature has a bug when a 2nd best route is withdrawn. In that case
that route got not withdrawn from the adj-rib-out.
The problem is in up_generate_updates() and the fact that 'rde evaluate
all' calls
On Wed, Apr 28, 2021 at 09:55:16AM -0400, Dave Voutila wrote:
>
> Claudio Jeker writes:
>
> > On Wed, Apr 28, 2021 at 08:18:47AM -0400, Dave Voutila wrote:
> >>
> >> Claudio Jeker writes:
> >>
> >> > Another thing to consider is that X
The RTR connect code calls addr2sa() as an argument to connect() but also
uses the len argument in both calls. It seems in some cases this is
optimised the wrong way. I think it is better to write this code using two
steps like it is done in other places.
OK?
--
:wq Claudio
Index: bgpd.c
On Fri, Apr 30, 2021 at 10:03:49PM -0500, Scott Cheloha wrote:
> > On Apr 28, 2021, at 03:47, Claudio Jeker wrote:
> >
> > There are various time fields in the JSON output.
> > last_read, last_write, last_updown on sessions, last_update for rib
> > entries and l
Split the repository code into two parts:
- fetch of the trust anchors (the certs referenced by TAL files)
- fetch of the MFT files of a repository
While the two things kind of look similar there are some differences.
- TA files are loaded via rsync or https URI (only one file needs to be
1201 - 1300 of 2249 matches
Mail list logo