embedaddon/mrouted/ChangeLog - view

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / mrouted / ChangeLog
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 23:10:48 2012 UTC (12 years, 4 months ago) by misho
Branches: mrouted, MAIN
CVS tags: v3_9_5, HEAD

mrouted

1: #+TITLE: mrouted | Change Log 2: #+AUTHOR: Steve Deering, Ajit Thyagarajan, Bill Fenner 3: 4: * Release 3.9.5: March 5, 2011 5: ** Changes & New Features 6: - The location of dump files have been moved from /var/tmp to /var/run/mrouted 7: due to the insecure nature of /var/tmp. See more below. 8: 9: - Add -r,--show-routes which sends SIGUSR1 to a running daemon, waits for the 10: file /var/run/mrouted/mrouted.dump to be updated, and then displays the 11: result on stdout. 12: 13: ** Bug Fixes 14: - The linked list implementation used in route.c caused several problems and 15: as a result has been refactored. This fixes several SIGSEGV crashes a couple 16: of memory leaks as well as GitHub issue #7. 17: 18: - Ported from pimd after CVE-2011-0007: Insecure file creation in /var/tmp. 19: "On USR1, pimd will write to /var/tmp/pimd.dump a dump of the multicast route 20: table. Since /var/tmp is writable by any user, a user can create a symlink to any 21: file he wants to destroy with the content of the multicast routing table." 22: 23: * Release 3.9.4: November 19, 2010 24: 25: ** Bug Fixes 26: - ~kern.c:k_del_vif()~ does not work properly in Linux. 27: 28: When some interface (known by mrouted) goes down, mrouted tries to remove 29: related VIF by calling ~stop_vif()~, which in turn calls ~k_del_vif()~. After 30: ~k_del_vif()~ is called, mrouted exits with the following error: 31: 32: setsockopt ~MRT_DEL_VIF~ on vif 3: Invalid argument 33: 34: The reason for this is due to differences in the Linux and *BSD ~MRT_DEL_VIF~ 35: API. The Linux kernel expects to receive a ~struct vifctl~ associated with the 36: VIF to be deleted, *BSD systems on the other hand expect to receive the index 37: of that VIF. 38: 39: Fix contributed by Dan Kruchinin <mailto:dkruchinin@acm.org> 40: 41: * Release 3.9.3: October 11, 2010 42: 43: ** Changes & New Features 44: - Update man page with =--long-options=, missing sections and improve debug help. 45: 46: - Cleanup Makefile for use with BSD PMake as well as GNU Make. 47: 48: ** Bug Fixes 49: 50: - Fix =NULL= pointer dereference in conf file parser. Problem will arise for all 51: interfaces that at one point might not have an address. 52: 53: Reported by Dan Kruchinin <mailto:dkruchinin@acm.org> 54: 55: - Fix problem with running the tunnel directive on OpenVPN, PPTP, L2TP tunnels as 56: well as PPP links. All of which use a 255.255.255.255 netmask on their interfaces. 57: 58: See http://openvpn.net/archive/openvpn-users/2004-04/msg00003.html for original 59: problem report. 60: 61: Fix contributed by Dan Kruchinin <mailto:dkruchinin@acm.org> 62: 63: - ~route.c:accept_probe()~: Fix missing check of ~malloc()~ return value. 64: 65: - ~vif.c:SetTimer()~: Dito. 66: 67: - ~route.c:accept_report()~: Fix potential stack overflow issue. Also added checks 68: to prevent overstepping array boundaries in local ~rt[]~ array when parsing route 69: report messages. 70: 71: * Release 3.9.2: August 16, 2010 72: 73: ** Changes & New Features 74: 75: - Reduce code duplication on platforms carrying ~strlcpy()~ and ~strtonum()~. 76: 77: ** Bug Fixes 78: - Fix file paths for GNU/Linux installations, they too use ~/var/tmp~ rather than 79: ~/usr/tmp~ today. 80: 81: - Code fixes in RSRR code (disabled by default). 82: 83: - Fix possible build error in strtonum.c on platforms not supporting ~LLONG_MIN/MAX~ 84: 85: * Release 3.9.1: April 10, 2010 86: 87: Biggest news in this release is that all OpenBSD patches as of this date are merged. 88: 89: ** Changes & New Featues 90: 91: - Change license to 3-clause BSD on mrinfo, RSRR and mrouted sources, thanks to 92: hard working OpenBSD team! 93: 94: - Support for older yacc versions. 95: 96: ** Bug Fixes 97: 98: - OpenBSD, all patches from their CVS repository have been merged. Things like 99: missing free for malloc, missing checks for malloc return value, restart syscalls 100: after signal (=EINTR=). As well as a heap of neat code cleanup and modernization. 101: 102: * Release 3.9.0: January 23, 2010 103: 104: ** Changes & New Features 105: 106: - Debian, build fixes for GNU/Linux. 107: 108: - FreeBSD ports collection, major API cleanups. 109: 110: - Buildroot, some minor cleanups of old deprecated APIs 111: 112: - Philippe Troin <mailto:phil@fifi.org>, added more compiler warnings and fixed the 113: problems uncovered by that. 114: 115: * 3.9-beta3: April 26, 1999 116: 117: ** Changes & New Features 118: 119: - A ~blaster~ keyword for mrouted.conf, to turn on handling of routers (mostly 120: ciscos) which overwhelm the socket buffers by blasting the whole routing table at 121: once. 122: 123: - A ~notransit~ keyword; routes learned on a ~notransit~ vif will not be 124: readvertised onto another ~notransit~ vif. 125: 126: - The 500 kbps default rate limit on tunnels has been removed. 127: 128: - An ICMP listener which logs ICMP errors which appear to be in response to 129: tunnel packets that we sent. 130: 131: - A tunnel traffic encapsulator, which encapsulates control traffic inside the 132: tunnel instead of unicasting it ~beside~ the tunnel. This is turned off by 133: default; use ~beside off~ to turn it on. 134: 135: - A ~force_leaf~ flag to ignore any potential neighbors on a given interface. 136: 137: ** Bug Fixes 138: 139: - There was a bug handling routing updates which caused random black holes. 140: 141: - There was a race condition in the timer handlers causing free'd memory 142: to sometimes get touched. 143: 144: - ~allow_nonpruners~ wasn't allowed in the configuration file (and almost 145: nobody noticed! - probably a good sign) 146: 147: - When a prune times out and the source has been active "recently", mrouted now 148: waits for further traffic instead of triggering a new prune. 149: 150: - mrouted now ignores unreachable routes when making a routing decision 151: (previously it would blackhole, now it can find a less-specific) 152: 153: * 3.9-beta2: June 11, 1997 154: 155: There is no need to upgrade to 3.9-beta2 if you are not experiencing one of the 156: following bugs. 157: 158: ** Bug Fixes 159: 160: - There was a bug in 3.9-beta1's raw socket buffer processing that 161: would cause an immediate lockup on startup on some systems. 162: 163: - RSRR would not clear out the group membership information if 164: further notification of changes to this route entry was not possible. 165: 166: * 3.9-beta1: June 6, 1997 167: 168: ** Changes & New Features 169: 170: - Longer prune lifetimes (2 hours) by default. Prune lifetimes may be configured 171: per-vif, with the ~prune_lifetime N~ mrouted.conf configuration file entry 172: (where N is in seconds). This helps to work around the black holes caused on 173: restart when you have a Cisco upstream which does not handle genid's; if this is 174: your situation the recommended value is 300. 175: 176: - mrouted's behavior of flooding new routes by default at startup in order to speed 177: healing of paths during startup can be turned off per-vif or globally with the 178: ~noflood~ configuration option. Turning this option off means you are likely to 179: experience black holes for a minute or two when you restart a router. The 180: default is to flood for a minute or two until mrouted is able to learn 181: subordinate relationships. 182: 183: - mrouted now retransmits prunes by default on point-to-point links. The 184: mrouted.conf command ~rexmit_prunes [on|off]~ can be used to enable or disable 185: this feature on a per-vif basis. Prune retransmission helps on lossy links, and 186: also helps when a router has forgotten about a prune (e.g. if it is out of memory 187: and needs to shed state, or due to a bug). 188: 189: - The new ~passive~ mode causes mrouted to not actively send probes looking for 190: neighbors. This allows a dialup link to become quiescent if there is no DVMRP 191: neighbor on the other end. Configuring ~passive~ on both ends of a link will 192: cause it to never come up. 193: 194: - mrouted defaults to not peering with DVMRP routers that do not prune. Use the 195: ~allow_nonpruners~ mrouted.conf option on a vif on which you want to allow such 196: peerings. 197: 198: - mrouted now allows route filtering using ~allow~ and ~deny~ in ~mrouted.conf~. 199: - Only ~accept~ or ~deny~ is allowed, no combinations. 200: 201: - Add ~bidir~ to apply the filter to output too, otherwise it's input only. 202: 203: - Expected usage: 204: - Providers filter routes that customers send them 205: - Martian removal 206: - Topology modification (e.g. don't let the existence of private tunnel foo out 207: into the world). 208: 209: - Syntax: 210: - accept 13/8 :: All routes matching 13/8 (e.g. 13.2.116/22) 211: - accept 13/8 exact :: If you want to accept exactly 13/8 212: - deny 10/8 64/2 130/8 exact 172/8 exact :: Common MBone martians 213: 214: - mrouted now malloc's the buffer it uses for ~SIOCGIFCONF~, to allow 215: for more interfaces. Thanks to Danny Mitzel 216: 217: - mrouted now ignores multiple entries for a single interface name (temporary hack 218: until mrouted understands interface aliases) 219: 220: - mrouted's ~-d~ flag has been modified to accept the names of the systems which 221: you would like to debug: packet, prunes, routes, peers, cache, timeout, 222: interface, membership, traceroute, igmp 223: 224: - mrouted now times neighbors out fater, and fully detects and ignores routes from 225: one-way peerings. 226: 227: - mrouted's route processing has been sped up, especially at startup. 228: 229: - mrouted uses the biggest ~SO_RCVBUF~ the operating system allows (up to 256 kb) 230: 231: - mrouted uses TOS =0xC0= ("Internet Control") for DVMRP messages. 232: 233: ** Known Bugs 234: 235: - The startup message doesn't print properly if you have too many interfaces. 236: 237: ** Bug Fixes 238: 239: - mrouted did not properly keep track of subordinates, and would not time out 240: subordinateness. This caused 2 major problems: 241: 242: 1. pruning did not happen when there were equal-cost paths to the same 243: multi-access link 244: 2. subordinateness which did not get cancelled by a non-poisoned route (e.g. in 245: the face of route filtering) did not time out, causing traffic to continue to 246: flow. 247: 248: - mrouted's IGMPv2 processing when it is not the querier now conforms to 249: draft-ietf-idmr-igmp-v2-06.txt Thanks to Lorenzo VICISANO 250: <mailto:L.Vicisano@cs.ucl.ac.uk> for finding a problem. 251: 252: - mrouted is much more careful about forgetting prunes; 3.8 would forget prunes 253: whenever any route change ocurred. 254: 255: * Release 3.8: November 29, 1995 256: 257: ** Bug Fixes 258: 259: - mrouted would fail to forget prunes when a neighbor went away, thus potentially 260: sending traffic down a tunnel after the tunnel endpoint has gone down. This was 261: due to some research code making it into the "emergency" 3.7 release, sigh. 262: 263: - mrouted could send prunes with negative lifetimes. This causes slightly higher 264: prune traffic but shouldn't be any major problem. 265: 266: * Release 3.7: November 28, 1995 267: 268: ** Changes & New Features 269: 270: - The configuration file can accept a hostname as the other end of a tunnel. There 271: must be a single name=>ip mapping for the given name, however, or mrouted will 272: fail to start up. 273: 274: - mrinfo now sends requests to all interfaces of a multihomed host. 275: 276: - mtrace's passive mode has been implemented. 277: 278: - The first screen of mtrace statistics is shorter and more likely 279: to fit on one screen. 280: 281: ** Bug Fixes 282: 283: - mrouted now ignores route reports that include bogus netmasks. 284: There was a bug in 3.5 that would mangle default routes into 285: tens of bogus routes; this should prevent that bug from killing 286: the MBONE. 287: 288: This solution can cause route flaps and black holes until the 289: 3.5's are gone or all of the 3.5's neighbors are 3.7 . 290: 291: - mrouted now ignores duplicate routes. Ciscos and the above 3.5 292: bug could cause two copies of the same route to appear in a single 293: routing update; mrouted would insert two copies of the same route 294: into its routing table and wreak all sorts of havoc. 295: 296: - mrouted now sends a group-specific query for both retransmissions 297: of a g-s query; previous versions sent a general query the second 298: time. 299: 300: - mrouted now loops back multicasted mtrace responses and 301: group-specific membership queries 302: 303: - mrouted now performs deterministic tiebreaking between two 304: neighbors on the same vif. 305: 306: - mrouted now only does duplicate suppression on traceroute requests, 307: not all traceroute packets, so that a loop can be nicely detected 308: via a duplicate router instead of just a timeout. 309: 310: - the buffer size that mrouted uses has been increased to allow 311: more than 16 hops in mtrace messages. 312: 313: - mtrace's hop-by-hop termination is now more likely to be correct. 314: 315: - mrinfo now waits for the responses to its retransmitted queries. 316: 317: * Release 3.6: June 26, 1995 318: 319: ** Bug Fixes 320: 321: - mrouted would dump core when attempting to report no routes (i.e. upon 322: startup, if you have no enabled phyint's) 323: 324: - mrouted would dump core if requested to traceroute a source for which it 325: had no route 326: 327: - neighbor flags were not always properly updated on probe or report 328: 329: - mrouted would sometimes reply to a multicast traceroute on a disabled 330: phyint; now it uses the first configured phyint to reply to traceroutes. 331: 332: - host routes (i.e. netmask =0xffffffff=) works now; it was discarding 333: IGMP from the host because it was coming from the "broadcast address" 334: of the subnet. 335: 336: - ~send_igmp()~ now treats the failure to send an mtrace or a neighbor 337: reply as informational, as opposed to warning. 338: 339: - mrouted would go into an infinite loop trying to respond to a traceroute 340: for a source with a netmask of =0xffffffff=. 341: 342: - ~vifs_with_neighbors~ was not being reset if the mrouted was restarted 343: with =SIGHUP=. 344: 345: - the default route was not being properly advertised to neighbors (although 346: it was accepted if it was advertised to it) 347: 348: - ANSI-fication for those who it helps, still-K&R-ish for those it doesn't. 349: 350: - mtrace now attempts to trace three hops past a non-responding router, 351: in the hopes that it does support traceroute but just couldn't respond 352: (i.e. unicast didn't work and it can't source multicast because all its 353: phyints are disabled). 354: 355: - mrinfo now times out even on a multicast router. 356: 357: * Release 3.5: May 8, 1995 358: 359: ** Changes & New Features 360: 361: - The kernel and mrouted make sure that each is the correct version, to 362: prevent problems with mismatched kernel/mrouted versions. A too-old 363: mrouted will die with the error: 364: 365: can't enable DVMRP routing in kernel: Option not supported by protocol 366: 367: - mrouted can accept and propogate a default route (essential for 368: heirarchical multicast routing) 369: 370: - Kernel route cache keeps source-specific routes instead of subnet routes, 371: eliminating hashing and longest-match problems. 372: (allows classless routing, longest-match and default routing) 373: 374: - Cached kernel routes only get deleted if no traffic is flowing, to 375: facilitate multicast traceroute 376: 377: - mrouted has a new configuration file parser, which provides better error 378: messages than before, and allows named boundaries (see man page) 379: 380: - added ~netmask~ to phyint configuration, at the suggestion of 381: Anders Klemets 382: 383: - System V and FreeBSD compatibility from John Brezak <mailto:brezak@ch.hp.com> 384: 385: - phyint's can have additional subnets configured, for people with multiple 386: subnets on one physical network. mrouted.conf syntax is altnet 1.2.3.0, 387: or altnet 1.2.3.0/24 if you need to specify a different netmask. There 388: can be as many altnet statements as you need. 389: 390: - both mrouted and the kernel now support classless addresses. 391: 392: - the kernel supports PIM assert processing by notifying the router 393: when a packet arrives on the wrong interface 394: 395: - the kernel keeps additional counters, and mrouted can be compiled to 396: support SNMP and the Multicast MIB 397: 398: - the packet classifier in the kernel now uses the following udp port 399: ranges. A future release of a session directory will allocate ports in 400: these ranges: 401: 402: - ~[0, 16384)~: lowest priority, unclassified 403: 404: - ~[16384, 32768)~: highest priority, i.e. audio 405: 406: - ~[32768, 49152)~: medium priority, i.e. whiteboard 407: 408: - ~[49152, 65536)~: low priority, i.e. video 409: 410: - the configuration code has been modified to default tunnels' ~rate_limit~ 411: parameters to 500kbps. This is easily modified with a ~rate_limit~ keyword 412: in mrouted.conf, but should be a good default for the MBONE in general. 413: 414: - The tunnel sending code now caches a route for ~ip_output()~, this should 415: help performance on machines with lots of tunnels. 416: 417: - Dispatching for de-capsulating packets is now via protosw[], making 418: reception of other raw protocols more efficient 419: 420: - Neighbor capabilities are discovered via a bitmask as opposed to 421: version number. 422: 423: - Multicast traceroute code improved 424: 425: - mrouted can be compiled with Routing Support for Resource Reservation 426: (RSRR), required for RSVP. 427: 428: ** Bug Fixes 429: 430: - The IGMPv2 query timeout field was interpreted as being in units of 200ms 431: as opposed to 100ms, thus the maximum timeout was set to twice the 432: expected value. This is not fatal, as mrouted always queries twice in the 433: expectation that a packet could get loss, but it does make it less robust 434: in the face of packet loss. 435: 436: - IGMP could report membership in local-only groups (i.e. 224.0.0.X) 437: 438: - IGMP could get confused by hearing its own new membership reports, thus 439: a router would never perform fast leave. 440: 441: - IGMP could reset timers for the wrong interface. 442: 443: - mrouted put a bogus value in the maximum timeout field of IGMPv2 query 444: packets. 445: 446: - Non-querier mrouters would respond to IGMP leave messages 447: 448: - mrouted was not performing fast leave properly 449: 450: - If the last member goes away on a transit network, the upstream router 451: would stop forwarding even if there are downstream members. 452: 453: - Kernel hash function improved 454: 455: - Eliminated possibility of ~panic()~: timeout in cache maintenance 456: 457: - Reordered resource allocation when sending upcall to handle failure properly 458: 459: - some endian-ness bugs squashed in mrouted, probably more to go. 460: 461: - Multicast traceroute could send a reply on a disabled interface. 462: 463: ** Included Files 464: 465: | README-3.8.mrouted | this file | 466: | mrouted/* | version 3.8 of mrouted, mrinfo, map-mbone and mtrace. | 467: | ifconfig/* | Changes to ifconfig to show multicast interfaces | 468: | netstat/* | Diffs to netstat | 469: | ping/* | sources for ping which support multicasting | 470: | mtest/* | utility for testing multicast group membership | 471: 472: # Local Variables: 473: # mode: org 474: # End: