From b1a597e0c3821c791a41278454e74261cf1b95fb Mon Sep 17 00:00:00 2001 From: Ondrej Zajicek Date: Tue, 31 Mar 2009 12:55:57 +0200 Subject: Reimplementation of prefix sets. Prefix sets were broken beyond any repair and have to be reimplemented. They are reimplemented using a trie with bitmasks in nodes. There is also change in the interpretation of minus prefix pattern, but the old interpretation was already inconsistent with the documentation and broken. There is also some bugfixes in filter code related to set variables. --- doc/bird.sgml | 33 +++++++++++++++++++++++++++------ 1 file changed, 27 insertions(+), 6 deletions(-) (limited to 'doc') diff --git a/doc/bird.sgml b/doc/bird.sgml index a7cda82..2114151 100644 --- a/doc/bird.sgml +++ b/doc/bird.sgml @@ -508,12 +508,33 @@ incompatible with each other (that is to prevent you from shooting in the foot). Filters recognize four types of sets. Sets are similar to strings: you can pass them around but you can't modify them. Literals of type set int look like [ 1, 2, 5..7 ]. As you can see, both simple values and ranges are permitted in - sets. Sets of prefixes are special: you can specify which prefix lengths should match them by - using [ 1.0.0.0/8+, 2.0.0.0/8-, 3.0.0.0/8{5,6} ]. 3.0.0.0/8{5,6} matches - prefixes address/num+ is a shorthand for address/{0,, - address/ is a shorthand for address/{0,. For example, - 1.2.0.0/16 ˜ [ 1.0.0.0/8{ 15 , 17 } ] is true, but - 1.0.0.0/8 ˜ [ 1.0.0.0/8- ] is false. + sets. + + Sets of prefixes are special: their literals does not allow ranges, but allows + prefix patterns that are written as ipaddress/pxlen{low,high}. + Prefix ip1/len1 matches prefix pattern ip2/len2{l, h} iff + the first min(len1, len2) bits of and len1 ≤ ip1 ≤ len2. + A valid prefix pattern has to satisfy is not constrained by address/ is a shorthand for + address/ (where maxlen is 32 for IPv4 and 128 for IPv6), + that means prefix address/ and all its subprefixes. address/ + is a shorthand for address/, that means prefix address/ + and all its superprefixes (prefixes that contain it). + + For example, [ 1.0.0.0/8, 2.0.0.0/8+, 3.0.0.0/8-, 4.0.0.0/8{16,24} ] matches + prefix 1.0.0.0/8, all subprefixes of 2.0.0.0/8, all superprefixes of 3.0.0.0/8 and prefixes + [ 0.0.0.0/0{20,24} ] matches all prefixes (regardless of + IP address) whose prefix length is 20 to 24, [ 1.2.3.4/32- ] matches any prefix that contains IP address + 1.2.3.4. 1.2.0.0/16 ˜ [ 1.0.0.0/8{ 15 , 17 } ] is true, + but 1.0.0.0/16 ˜ [ 1.0.0.0/8- ] is false. + + Cisco-style patterns like 10.0.0.0/8 ge 16 le 24 can be expressed + in Bird as 10.0.0.0/8{16,24}, 192.168.0.0/16 le 24 as + 192.168.0.0/16{16,24} and 192.168.0.0/16 ge 24 as + 192.168.0.0/16{24,32}.