Donald Sharp [Thu, 30 May 2019 22:51:00 +0000 (18:51 -0400)]
lib: Allow -N to modify the zapi domain socket
When using -z, allow that to override the zapi domain socket
path. If using -N add the namespace name to the path to
$frr_statedir/<namespace>/zserv.api. If you don't specify
the -N or -z option then it is $frr_statedir/zserv.api
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 3 Jun 2019 19:11:17 +0000 (15:11 -0400)]
zebra: When displaying `show evpn arp-cache vni XX` add local and remote seq
Add the local and remote sequence number to the `show evpn arp-cache vni XX` command.
VNI 1000111 #ARP (IPv4 and IPv6, local and remote) 15
IP Type State MAC Remote VTEP Seq #'s
fe80::202:ff:fe00:15 remote active 00:02:00:00:00:15 6.0.0.31 0/0
fe80::202:ff:fe00:8 local active 00:02:00:00:00:08 0/0
60.1.1.111 local active 00:02:00:00:00:08 0/0
2060:1:1:1::11 local active 00:e0:ec:38:49:a1 0/0
fe80::202:ff:fe00:11 remote active 00:02:00:00:00:11 6.0.0.30 0/0
2060:1:1:1::211 remote active 00:02:00:00:00:11 6.0.0.30 0/0
2060:1:1:1::121 remote active 00:02:00:00:00:0c 6.0.0.29 0/0
60.1.1.211 remote active 00:02:00:00:00:11 6.0.0.30 0/0
fe80::202:ff:fe00:c remote active 00:02:00:00:00:0c 6.0.0.29 0/0
60.1.1.11 local active 00:e0:ec:38:49:a1 0/0
fe80::2e0:ecff:fe38:49a1 local active 00:e0:ec:38:49:a1 0/0
60.1.1.221 remote active 00:02:00:00:00:15 6.0.0.31 0/0
2060:1:1:1::111 local active 00:02:00:00:00:08 0/0
2060:1:1:1::221 remote active 00:02:00:00:00:15 6.0.0.31 0/0
60.1.1.121 remote active 00:02:00:00:00:0c 6.0.0.29 0/0
The seq numbers are at 0/0 because we have had no mobility events.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 3 Jun 2019 14:39:23 +0000 (10:39 -0400)]
pimd: Add `clear ip mroute [vrf NAME] count` command to pim
When debugging a large number of mroutes and data is changing
fast it is sometimes hard to know what has actually changed.
Add a `clear ip mroute count` command that resets the last
data points gathered and allows you to see what has changed
since the last clear.
Output:
donna.cumulusnetworks.com# show ip mroute count
Donald Sharp [Mon, 3 Jun 2019 14:44:23 +0000 (10:44 -0400)]
lib: Cleanup recent commit warn->werror issues in lib/routemap.c
The get_route_map_delete_event function should return a value
even if we never get to that part of the function. Make sure
we know why we are here so it can be fixed appropriately in
the future.
Signed-off-by: Donald Sharp <sharpd@cumulusnetwork.com>
Donald Sharp [Mon, 3 Jun 2019 14:09:22 +0000 (10:09 -0400)]
pimd: Convert strncpy to strlcpy in pim_cmd.c
A couple of places of strncpy snuck in due to my confusion
about if Quentin's earlier change had gotten in. Just some
code in flux. This should fix the issue/warnings in our
CI system.
Donald Sharp [Sat, 1 Jun 2019 01:47:30 +0000 (21:47 -0400)]
tools: On shutdown no need to flush from tools/frr.in script
Zebra already flushes routes on proper shutdown if you are not
using the -K option. If you are using the -K option then you
do not want the tools/frr script to flush routes.
If zebra crashes and we restart then load up will either delete
the routes or leave them depending on the -K option.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Although the RFC states hostname length should be < 255 chars,
FRR allows infinite length technically. However, when you try
to set a hostname > 80 chars, you would immediately notice a crash.
RCA: Crash due to buffer overflow. Large buffer sprintf'd into smaller
buffer. Usage of sprintf function instead of snprintf which is safer.
bgpd: Filtering received EVPN routes based on VNI does not work
Issue1: When "neighbor X.X.X.X route-map RM-VNI-FILTER in" is configured under evpn address-family,
all the received routes are dropped regardless of whether the route has a matching vni or not.
Issue2: Routes with 2 labels are not filtered correctly
Issue3: Interpreting the label based on tunnel type, vxlan was not done correctly.
Vxlan label has 24 bits, whereas, MPLS label is 20 bits long
Fix1: The handler bgp_update() that services the received route ignored the route's label while deciding whether to filter it or not. As part of the fix, the handler now uses the label info to make the decision about whether to filter the route or not.
Fix2: route_match_vni() now tries to match both the labels within the route, not just the one.
lib: Changes made to dependencies of a r-map do not take effect.
Say, more than one sequence of a route-map uses the same named entity
in its match clause. After that entity is removed from any one of the
route-map sequences, any further changes made to that entity doesn't
dynamically take effect.
A reference counter, that allows the named entity to keep a count of
the route-maps dependent on it, has been introduced to address this issue.
Donald Sharp [Fri, 31 May 2019 12:51:07 +0000 (08:51 -0400)]
lib, zebra: Ensure route encoding has enough space
When you have compiled FRR with a large multipath number
then encoding large ecmp routes between zebra and the
routing daemons. There exists a theoritical size
of multipath that will cause the encoding to be larger
than the ZEBRA_MAX_PACKET_SIZ. In the cases where
we have allocated streams that will encode routes
then let's ensure that whatever size we have will
auto-fit what we say we can send.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
lib: Introducing a 3rd state for route-map match cmd: RMAP_NOOP
Introducing a 3rd state for route_map_apply library function: RMAP_NOOP
Traditionally route map MATCH rule apis were designed to return
a binary response, consisting of either RMAP_MATCH or RMAP_NOMATCH.
(Route-map SET rule apis return RMAP_OKAY or RMAP_ERROR).
Depending on this response, the following statemachine decided the
course of action:
Action: Apply route-map match and return the result (RMAP_MATCH/RMAP_NOMATCH)
State1: Receveived RMAP_MATCH
THEN: If Routemap type is PERMIT, execute other rules if applicable,
otherwise we PERMIT!
Else: If Routemap type is DENY, we DENYMATCH right away
State2: Received RMAP_NOMATCH, continue on to next route-map, otherwise,
return DENYMATCH by default if nothing matched.
With reference to PR 4078 (https://github.com/FRRouting/frr/pull/4078),
we require a 3rd state because of the following situation:
The issue - what if, the rule api needs to abort or ignore a rule?:
"match evpn vni xx" route-map filter can be applied to incoming routes
regardless of whether the tunnel type is vxlan or mpls.
This rule should be N/A for mpls based evpn route, but applicable to only
vxlan based evpn route.
Today, the filter produces either a match or nomatch response regardless of
whether it is mpls/vxlan, resulting in either permitting or denying the
route.. So an mpls evpn route may get filtered out incorrectly.
Eg: "route-map RM1 permit 10 ; match evpn vni 20" or
"route-map RM2 deny 20 ; match vni 20"
With the introduction of the 3rd state, we can abort this rule check safely.
How? The rules api can now return RMAP_NOOP (or another enum) to indicate
that it encountered an invalid check, and needs to abort just that rule,
but continue with other rules.
Question: Do we repurpose an existing enum RMAP_OKAY or RMAP_ERROR
as the 3rd state (or create a new enum like RMAP_NOOP)?
RMAP_OKAY and RMAP_ERROR are used to return the result of set cmd.
We chose to go with RMAP_NOOP (but open to ideas),
as a way to bypass the rmap filter
As a result we have a 3rd state:
State3: Received RMAP_NOOP
Then, proceed to other route-map, otherwise return RMAP_PERMITMATCH by default.
Sarita Patra [Thu, 16 May 2019 16:58:28 +0000 (09:58 -0700)]
pimd: new cli command show ip mroute summary
Introduced a new command "show ip mroute summary"
to display total number of (*, G) and (S, G) mroutes
created and number of mroutes installed in the kernel.
Christian Franke [Wed, 29 May 2019 12:44:07 +0000 (14:44 +0200)]
isisd: Remove unnecessary use of strcpy
`strcpy` is a dangerous function and should not be used. In this
particular place, there is no need for copying strings at all, so let's
just stick to referencing static strings.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Martin Winter [Mon, 18 Feb 2019 15:57:24 +0000 (07:57 -0800)]
snapcraft: Disable libyang CACHE for snap package (Temp workaround)
There seems to be a bug in latest libyang running when running in
a snap container which causes a failure of the cache logic. Disable
CACHE for now as it's not yet needed. Will be re-enabled in a later
release
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
projects / mirror / frr.git / log