Igor Ryzhov [Thu, 29 Jul 2021 11:42:16 +0000 (14:42 +0300)]
bgpd: fix missing list add in dampening
One more crash in dampening code...
When bgp_damp_withdraw is called, if there's already a BDI structure,
bgp_damp_info_claim is called to re-assign the bdi->config in case it
was changed. The problem is that bgp_damp_info_claim actually removes
the BDI from the reuse list of the old config and never adds it to the
reuse list of the new config. We must do this to prevent the crash
because all the code assumes that BDI is always in some list.
Donald Sharp [Wed, 28 Jul 2021 20:25:54 +0000 (16:25 -0400)]
tests: Set addresses before we use snmpd
The test_simple_snmp.py test starts bgp, zebra and snmpd at the
same time. Then zebra configuration is read in and interface
addresses are applied. If snmp start slower than zebra
the snmp process can properly get it's ip address to bind to
if it is faster than zebra, it will fail. Ensure that the
test has addresses before we start daemons.
Igor Ryzhov [Tue, 27 Jul 2021 13:10:35 +0000 (16:10 +0300)]
ospfd: don't exit when socket is not created
Let's be less radical. There's no reason to stop the whole daemon when
there's a socket creation error in a single VRF. The user can always
restart this single VRF to retry to create a socket.
ospf6d: Type-7 LSA originated with wrong sequence number
RCA: When Type-7 LSA is updated, the LSDB is searched, if the
LSA is present in the LSDB then the LSA is updated with next
sequence number and if not then it is originated with the
INITIAL sequence number.
Here while originating Type-7 LSA Process Level LSDB is searched
for instead of area level LSDB.
Fix: Search in the area level LSDB and not in the process level.
This commit is to correct the order in which the fields are
accessed while verifying it. First the fields should be
verified, and if it is valid then access it.
Donald Sharp [Mon, 26 Jul 2021 15:57:25 +0000 (11:57 -0400)]
tests: Reduce pim join/prune interval to 5 seconds
Tests should have low enough overhead that sending
the join/prune every 5 seconds should be sufficient
also it should allow us to converge faster in case of
dropped packets.
Igor Ryzhov [Fri, 23 Jul 2021 15:38:20 +0000 (18:38 +0300)]
vtysh: don't install "enable" command in user mode
Recent change in d1b287e only fixed the problem for 3-letter words.
We were still displaying error for longer words starting with "ena":
```
nfware> enac
% Command not allowed: enable
nfware> enad
% Command not allowed: enable
nfware> enaena
% Command not allowed: enable
```
If we don't allow "enable" command in user mode, why add it at all?
Currently 'show evpn rmac vni .. mac .. json' includes fields for
localSequence and remoteSequence, which are misleading since they
aren't applicable to a macs in the IP-VRF mac table (RMAC).
This removes the localSequence + remoteSequence fields from the output.
David Lamparter [Wed, 21 Jul 2021 09:04:23 +0000 (11:04 +0200)]
build: fix `AM_LDFLAGS` usage (and gcov)
like the other automake variables, setting `xyz_LDFLAGS` causes
`AM_LDFLAGS` to be ignored for `xyz`. For some reason I had in my mind
that automake doesn't do this for LDFLAGS, but... it does. (Which is
consistent with `_CFLAGS` and co.)
So, all the libraries and modules have been ignoring `AM_LDFLAGS` (which
includes `SAN_FLAGS` too). Set up new `LIB_LDFLAGS` and
`MODULE_LDFLAGS` to handle all of this correctly (and move these bits to
a central location.)
Fixes: #9034 Fixes: 0c4285d77eb ("build: properly split CFLAGS from AC_CFLAGS") Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Igor Ryzhov [Wed, 21 Jul 2021 14:22:14 +0000 (17:22 +0300)]
vtysh: fix exit from zebra-only nodes
When exiting from link-params and pseudowire nodes, we were sending exit
command to all VTYSH_INTERFACE daemons. This led to a desynchronized
state in vtysh and daemons other then zebra. We must send exit command
only to zebra.
Rafael Zalamena [Tue, 20 Jul 2021 12:43:03 +0000 (09:43 -0300)]
ospf6d: always generate default route for stubs
In RFC 2328 OSPF Version 2, Section 12.4.3.1 "Originating summary-LSAs
into stub areas" mentions that the stub areas should not import external
routes and instead should generate a 'default summary-LSA' set to
default destination.
> In a stub area, instead of importing external routes
> each area border router originates a "default summary-
> LSA" into the area. The Link State ID for the default
> summary-LSA is set to DefaultDestination, and the metric
> set to the (per-area) configurable parameter
> StubDefaultCost. Note that StubDefaultCost need not be
> configured identically in all of the stub area's area
> border routers.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
ospfd: ospfd crash while giving 'clear ip ospf neighbor'
Description:
Ospf process crashes upon giving 'clear ip ospf neighbor' with
self routerId. It is asserting if it is a self neighbor in ospf
neighbour kill event processing.
Added a check to validate the provided router-id is self
router-id.
zebra: trigger remove all access vlans for access port
When port was removed from last access vlan, the linux kernel
won't send any vlan info in the netlink message, it might affact
the evpn mh not withdraw EAD-EVI routes.
David Lamparter [Mon, 28 Jun 2021 14:29:56 +0000 (16:29 +0200)]
ospf6d: don't create Adv-ID:0.0.0.0 LSAs at start
When ospf6d comes up, it gets interface and address state before it
decides on its router ID. This results in a bunch of LSAs with
advertising router ID 0.0.0.0 in the LSDB. Not quite right.
There's a whole bunch of paths leading to this, so just drop the LSA in
ospf6_lsa_originate. The router-ID change causes everything to be
readvertised anyway (... but the delete doesn't catch the 0.0.0.0 stuff
because the router-ID is now different.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Donald Sharp [Mon, 19 Jul 2021 23:52:43 +0000 (19:52 -0400)]
zebra: Do not allow redistribution for non-vrf tables
Current code was allowing redistribution of kernel routes from
the non-default non vrf tables once FRR was already up and running.
In the case where we add `redistribute kernel` in an upper level
protocol we never consider the non-default vrf or non-vrf tables
so it is never accepted.
In the case where a kernel route is added after `redistribute kernel`
is already in place we were never looking at the fact that the
route was in a non-default non-vrf table. This code fixes
that issue.
Fixes: #9073 Signed-off-by: Donald Sharp <sharpd@nvidia.com>
IGMPv3 packets with invalid TOS should be dropped.
Test Case ID: 4.10
TEST_DESCRIPTION
Every IGMP message described in this document is sent with
IP Precedence of Internetwork Control (e.g., Type of Service
0xc0)
(Tests that IGMPv3 Membership Query Message conforms to
above statement)
TEST_REFERENCE
NEGATIVE: RFC 3376, IGMP Version 3, s4 p7 Message Formats
Issue: #9071
IGMPv3 packets with invalid TTL should be dropped.
Test Case ID: 4.10
TEST_DESCRIPTION
Every IGMP message described in this document is sent with an IP
Time-to-Live of 1 (Tests that IGMPv3 Membership Report Message
conforms to above statement)
TEST_REFERENCE
NEGATIVE: RFC 3376, IGMP Version 3, s4 p7 Message Formats
Issue: #9070
projects / mirror / frr.git / log