Hi, I want to bring this question up again. In our company we use it in production with patches, but I think it would be useful in upstream version too. Short version of the story: bird can try to bind socket when IP-address is absent in the system, it will result in a error and the protocol will remain in down state after that. Suggested change is to allow it to bind non-local addresses. First, lets start with just the flag in the socket interface. I adapted the patch, now system-dependend code is in a separate function sk_set_freebind(), which is defined in sysdep/X/sysio.h, as it was suggested. If this variant is OK, than the next step is to choose wether it would be some configuration option or maybe a compile-time flag. On Thu, Jan 23, 2020 at 11:05 PM Alexander Zubkov <green@qrator.net> wrote:
On Thu, Jan 23, 2020 at 5:21 PM Ondrej Zajicek <santiago@crfreenet.org> wrote:
On Wed, Jan 15, 2020 at 01:57:19AM +0100, Alexander Zubkov wrote:
Hi,
Check the attached patches. The first adds option to sockets to use nonlocal bind (IP_FREEBIND in Linux) and the second adds bgp option to use such sockets ("nonlocal bind yes|no"). Some additional thoughts: - probably the option could be implemented for any protocol, not only for bgp ... - it can be also considered to enable nonlocal bind for all bgp unconditionally, at least I see no obvious problems yet
Hi
Is there a reason for such option? Is there a downside of using it always?
If I remember right, when address is not available during bind, in strict bind mode bird logs en error and puts protocol down. It is inconvenient when one uses VRRP, for example, with migrating address. Or there could be some problems during applying some configuration changes to the interfaces in the system. We use this socket option with VRRP and also we have interfaces without ip addresses configured yet for some reason. I do not know if using it always-on is a good idea or not. We made it always-on in our setup and are just happy with it. But I'm not sure if it does not break something somewhere. It will make at least bird's behaviour different on different systems with the same config and that may be confusing. On the other hand, the extra option to put in config may be unreasonable payment. I also not tested how it will behave if ip address migrates from one interface to the other in the system. If it ties to the interfaces somehow and because of this option does not mention the change, that could be a problem.
One minor nitpick is that sysdep/unix/io.c should not use non-portable syscalls/sockopts directly, they should be defined as functions in sysdep/X/sysio.h (with implementations for Linux and BSD) and such function called from sysdep/unix/io.c code.
Probably you are right, it might be somewhere there if it would end into the vanilla bird.
-- Elen sila lumenn' omentielvo
Ondrej 'Santiago' Zajicek (email: santiago@crfreenet.org) OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net) "To err is human -- to blame it on a computer is even more so."