[Xorp-hackers] Announcing XORP Release Candidate 1.5
Atanu Ghosh
atanu at ICSI.Berkeley.EDU
Wed Jul 9 15:51:57 PDT 2008
On behalf of the entire XORP team, I'm delighted to announce the XORP
1.5 Release Candidate, which is now available from <http://www.xorp.org>.
New features in this release include preliminary firewall
support, VLANs and BGP support for four-octet AS numbers.
In addition, this release contains numerous bug fixes.
Once the release candidate has proven to be stable, the actual 1.5
release will be prepared. This is planned to occur before the end of the
month. In the intervening period we will be fixing minor problems and
updating the documentation.
In general, to test XORP, we run automated regression tests on a daily
basis with various operating systems and compilers. We also run a
number of PCs as XORP routers. We have enabled as many protocols as
feasible on those routers to test protocol interactions (for example a
BGP IPv6 multicast feed being used by PIM-SM). In addition, automated
scripts are run to externally toggle BGP peerings. Finally, we have
automated scripts that interact directly with the xorpsh to change the
configuration settings.
We have put significant effort into testing but obviously we have not
found all the problems. This is where you can help us to make XORP
more stable, by downloading and using it!
As always we'd welcome your comments - xorp-users at xorp.org is the
right place for general discussion, and private feedback to the XORP
core team can be sent to feedback at xorp.org.
- The XORP Team
P.S.
Release notes included below.
------------------------------------------------------------------
XORP RELEASE NOTES
Release 1.5-RC (2008/07/08)
===========================
ALL:
- XORP now builds on DragonFlyBSD-1.10.1, Linux Fedora 7,
Linux Fedora 8, Linux Debian-4.0 (etch), Linux Ubuntu-7.04,
Linux Ubuntu-7.10, NetBSD-4.0, OpenBSD-4.1, and OpenBSD-4.2.
CONFIGURATION:
- Addition of new FEA configuration statements to set the IPv4/IPv6
unicast forwarding table IDs:
fea {
unicast-forwarding4 {
table-id: 254
}
unicast-forwarding6 {
table-id: 254
}
}
If the table ID is not configured, the FEA will use the default
table ID for the system.
Note that not all systems support multiple forwarding tables.
Currently, they exist only on Linux (among all systems supported by
XORP).
- The "DISCARD" network interface flag is printed as appropriate
when displaying the list of interfaces in the CLI.
- Addition of new FEA configuration statement to support
"unreachable" interfaces. Such interfaces are similar to "discard"
interfaces, except that instead of silently throwing away packets,
the system will respond with "ICMP destination unreachable".
interfaces {
interface my_unreachable {
unreachable: true
vif my_unreachable {
}
}
}
The default value for the "unreachable" statement is false.
- Addition of new FEA configuration statement to flag an interface
for "management" purpose. An interface that is flagged as
"management" might be used in the future by some of the protocols
for protocol-specific purpose.
interfaces {
interface fxp0 {
management: true
vif fxp0 {
address 10.10.10.10 {
prefix-length: 24
}
}
}
}
The default value for the "management" statement is false.
- Addition of support to configure VLANs on an interface.
A VLAN is configured by using a "vlan" block that includes
the VLAN ID:
interfaces {
interface fxp0 {
vif fxp0 {
address 10.10.10.10 {
prefix-length: 24
}
}
vif vlan1 {
vlan {
vlan-id: 1
}
address 10.10.20.20 {
prefix-length: 24
}
}
}
}
- Addition of preliminary support to configure firewall rules.
Firewall rules are configured by using numbered entries:
firewall {
rule4 100 {
action: "drop"
protocol: 6 /* TCP */
source {
interface: "fxp0"
vif: "fxp0"
network: 0.0.0.0/0
port-begin: 0
port-end: 65535
}
destination {
network: 10.10.0.0/24
port-begin: 0
port-end: 1024
}
}
}
Note that compiling firewall support on Linux systems require
patching some of the system header files. See ERRATA for details.
- The following PIM-SM configuration statements have been deprecated,
because PIM-SM doesn't use Router Alert IP option anymore:
protocols {
pimsm4 {
interface foo {
vif foo {
enable-ip-router-alert-option-check: true
}
}
}
}
protocols {
pimsm6 {
interface foo {
vif foo {
enable-ip-router-alert-option-check: true
}
}
}
}
LIBXORP:
- The local system-independent xorp_random() implemenation is used
instead of the random(3) provided by the system.
- Improved MAC address support (classes Mac and EtherMac).
- More consistent usage of XORP_OK and XORP_ERROR to return error
codes.
LIBXIPC:
- Bug fix in the internal mechanism for obtaining the IPv4 addresses
from the system. After the bug fix, a secondary (alias) IP address
can be specified with the "-i <addr>" command-line option to
the xorp_rtrmgr or xorp_finder binaries.
LIBFEACLIENT:
- No significant changes.
XRL:
- Critical bug fix that can be triggered by malformatted XRLs.
- Addition of support for 64-bit integers: i64 and u64 for
signed and unsigned respectively.
RTRMGR:
- Addition of preliminary mechanism to log events to a file or
to a syslog facility.
- Addition of support to run XORP in background (in daemon mode).
XORPSH:
- Bug fix related to assigning the node ID position in case the
previous (sibling) node was deleted at the same time a new node
was added.
This fixes "Found out-of-order term(s) inside policy ..." error
inside the policy manager.
- The "-c <cmd>" command line option can be used more than once to
run multiple commands.
- Fix a long configuration delay when using xorpsh in
non-interactive mode (e.g., "cat commands.txt | xorpsh").
- Addition of a new "-e" command line option. It can be used to tell
xorpsh to exit immediately if the connection to the Finder fails.
POLICY:
- No significant changes.
FEA/MFEA:
- Major refactoring of the FEA/MFEA internals.
- Critical bug fix that affects recent NetBSD and OpenBSD releases.
- Critical IPv6-related bug fix when adding unicast forwarding
entries to the kernel. This bug was exposed only on *BSD systems
with 64-bit CPU.
- If MFEA is started, it will explicitly enable the multicast
forwarding flags that have been added to recent OpenBSD releases:
net.inet.ip.mforwarding (for OpenBSD-3.9 and later) and
net.inet6.ip6.mforwarding (for OpenBSD-4.0 and later).
RIB:
- No significant changes.
RIP/RIPng:
- Addition of support for "show ripng" xorpsh operational commands.
- Critical RIPng-related bug fix. Previously the RIPng installed
routes had incorrect outgoing interface toward the destination.
- Bug fix related to the TTL for RIPng multicast packets: now it is
set to 255 as specified in the protocol specification (RFC 2080)
instead of 1.
OSPF:
- Bug fix related to OSPFv3 link-local scope LSAs. Previously the
link-local scope LSAs were incorrectly flooded to links other
than the one they belonged to.
- Bug fix related to OSPFv3 Inter-Area-Prefix-LSAs. The check for
the minimum size of an Inter-Area-Prefix-LSA was incorrect so
short prefixes such as the default route would be rejected.
- Added a clear database command.
- In the OSPFv2 configuration "passive" is no longer a bool but a
directive. Previously setting an interface to passive would set
the interface to loopback and announce a host route for the
interface. Using the passive keyword will still set the
interface to loopback but now the network will be announced. If
the previous behaviour of of announcing the host route is
required the host variable can be set to true.
BGP:
- Added support for 4-byte AS numbers, as detailed in RFC 4893.
From 1st Jan 2009 4-byte AS numbers will be allocated by default
by RIPE, so it is desirable that all BGP implementations support
four-byte AS numbers by that time. Currently 4-byte support is
not enabled in XORP by default, but can be enabled using the
"enable-4byte-as-numbers" configuration option.
STATIC_ROUTES:
- Bug fix that prevented the deletion of interface-specific routes
using xorpsh.
MLD/IGMP:
- No significant changes.
PIM-SM:
- No significant changes.
FIB2MRIB:
- No significant changes.
CLI:
- No significant changes.
SNMP:
- No significant changes.
More information about the Xorp-hackers
mailing list