Martin Buck [Wed, 26 May 2021 14:03:51 +0000 (16:03 +0200)]
ospf6d: Fix route map "set tag" command
So far, "set tag" was 99% implemented in ospf6d, but registration of the
hook functions was missing, causing "set tag" actions in route maps to be
ignored in ospf6d.
This commit adds the missing hook registration.
Signed-off-by: Martin Buck <mb-tmp-tvguho.pbz@gromit.dyndns.org>
Igor Ryzhov [Wed, 26 May 2021 08:48:09 +0000 (11:48 +0300)]
ospf6d: fix debug message config write
Fix the following issues:
- if "send" is combined with "recv-hdr", only "send" is shown
- if "recv" is combined with "send-hdr", only "recv" is shown
- if both "send-hdr" and "recv-hdr" are enabled, "; header only" is shown
Igor Ryzhov [Tue, 25 May 2021 18:58:55 +0000 (21:58 +0300)]
ospf6d: fix possible crashes
OSPF6 instance may not exist when processing interface state change.
Do not execute processing steps that require an instance if an area is
not configured for an interface.
Donald Sharp [Mon, 24 May 2021 17:45:29 +0000 (13:45 -0400)]
ospfd: Fix quick interface down up event handling in ospf
When we get this sequence of events:
- zebra receives interface up, sends to ospf
- ospf receives intf up, processes( including neighbor formation and spf )
and sends route to zebra for installation.
- zebra receives route for processing, schedules it too happen in the future
- zebra receives interface down event, sends to ospf
- zebra processes route X and marks it inactive because nexthop
interface is down
- zebra receives interface up event, sends to ospf
- ospf receives both events and processes the change and decides
that nothing has changed so it does not send any route change for X to zebra.
At this point zebra has a route from ospf that is marked as inactive, while
ospf believes that the route should be installed properly.
Modify the code such that on an interface down event, ospf marks the routes
as changed if the ifindex is being used for a nexthop, so that when ospf
is deciding if routes have changed post spf that it can just automatically
send that route down again if it still exists.
Chirag Shah [Sun, 16 May 2021 02:41:43 +0000 (19:41 -0700)]
tools: fix peer-group deletion in frr-reload
All of peers and respective configs are wiped out when
pee-group is removed.
In an attempt to remove peer-group and its associated peers
configs via frr-reload fails if the peer-group is removed first.
To pass the peer-group config removal via frr-reload following
steps are taken:
Find the bgp context to which peer-group belongs.
Find the peer-group associated peer(s) and store them in a list.
Remove the peers config lines from the pending list.
Move the peer-group deletion line to end of the pending list so
any remaining peer-group associated config can be removed successfully.
The above steps take 3 iterations over the pending list and scales
linearly.
Rafael Zalamena [Mon, 24 May 2021 11:30:26 +0000 (08:30 -0300)]
ospf6d: fix address sanitizer crash
Don't `memcpy` a `struct prefix` the memory size varies depending on the
original intended type. In this case the original type was (casted away)
`struct prefix_ipv6` and we tried to copy `struct prefix` which is
bigger.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Christian Hopps [Sun, 23 May 2021 20:26:49 +0000 (20:26 +0000)]
bgpd: fix default for extended-nexthop-capability
The default for extended-nexthop-capability is true for
unnumbered (interface) neighbors, false for other types. Break the inner
grouping out of the outer neighbor-parameters grouping so that we can
refine the default in that uses case.
Trey Aspelund [Fri, 21 May 2021 22:04:15 +0000 (22:04 +0000)]
lib: fix handling of rmap prefix-tree default node
Prior to this commit, updating a prefix-list that is referenced by a
route-map clause will unconditionally delete the root node of that
route-map's prefix-tree (used with route-map optimization).
This is problematic because routes not matching a more specific node
in the tree (i.e. other prefix-list sequences) will not fall-back to
the default node, thus they will not hit any route-map sequences.
This commit ensures that an update to a prefix-list will only delete
the default node while adding the first/only seq to the list.
Example config:
========
ip prefix-list peer475-out-pfxlist seq 45 permit 2.138.0.0/16
ip prefix-list peer475-out-pfxlist seq 50 permit 0.0.0.0/0
!
route-map peer475-out permit 5
match ip address prefix-list peer475-out-pfxlist
Before:
========
ub20# do show route-map peer475-out prefix-table
ZEBRA:
IPv4 Prefix Route-map Index List
_______________ ____________________
0.0.0.0/0 (2)
(P)
peer475-out seq 5
2.138.0.0/16 (2)
(P) 0.0.0.0/0
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
BGP:
IPv4 Prefix Route-map Index List
_______________ ____________________
0.0.0.0/0 (2)
(P)
peer475-out seq 5
2.138.0.0/16 (2)
(P) 0.0.0.0/0
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
ub20# conf t
ub20(config)# ip prefix-list peer475-out-pfxlist seq 45 permit 2.138.0.0/16 le 32
ub20(config)# do show route-map peer475-out prefix-table
ZEBRA:
IPv4 Prefix Route-map Index List
_______________ ____________________
2.138.0.0/16 (2)
(P)
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
BGP:
IPv4 Prefix Route-map Index List
_______________ ____________________
2.138.0.0/16 (2)
(P)
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
ub20(config)#
After:
========
ub20(config)# do show route-map peer475-out prefix-table
ZEBRA:
IPv4 Prefix Route-map Index List
_______________ ____________________
0.0.0.0/0 (2)
(P)
peer475-out seq 5
2.138.0.0/16 (2)
(P) 0.0.0.0/0
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
BGP:
IPv4 Prefix Route-map Index List
_______________ ____________________
0.0.0.0/0 (2)
(P)
peer475-out seq 5
2.138.0.0/16 (2)
(P) 0.0.0.0/0
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
ub20(config)# ip prefix-list peer475-out-pfxlist seq 45 permit 2.138.0.0/16 le 32
ub20(config)# do show route-map peer475-out prefix-table
ZEBRA:
IPv4 Prefix Route-map Index List
_______________ ____________________
0.0.0.0/0 (2)
(P)
peer475-out seq 5
2.138.0.0/16 (2)
(P) 0.0.0.0/0
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
BGP:
IPv4 Prefix Route-map Index List
_______________ ____________________
0.0.0.0/0 (2)
(P)
peer475-out seq 5
2.138.0.0/16 (2)
(P) 0.0.0.0/0
peer475-out seq 5
IPv6 Prefix Route-map Index List
_______________ ____________________
Don Slice [Wed, 19 May 2021 18:23:28 +0000 (14:23 -0400)]
ospfd: "ip ospf area" command can select wrong process
Found that in some circumstances, when the "ip ospf area"
command was entered for the default vrf, the wrong ospf
process would be used to check for the presence of a
"network" statement, causing the "ip ospf area" command to
be rejected. This was due to the command using the ospf
instance lookup to find the right ospf process, which can
be in error depending on when the processes were created.
Christian Hopps [Thu, 20 May 2021 06:49:32 +0000 (06:49 +0000)]
lib: fix northbound merge code (libyang)
lyd_merge_tree replaces dest siblings with source siblings, not what we
want. Instead lyd_merge_siblings to keep both. Instead lyd_merge_siblings
to keep both.
Donald Sharp [Fri, 14 May 2021 13:46:36 +0000 (09:46 -0400)]
pimd: Fix rare crash situation
When running pim on an interface and that interface has
state and we move that interface into a different vrf
there exists a call path where we have not created the pimreg
device yet. Prevent a crash in this rare situation.
Ticket: #2552763 Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When browsing or parsing OSPF LSA TLVs, we need to use the LSA length which is
part of the LSA header. This length, encoded in 16 bits, must be first
converted to host byte order with ntohs() function. However, Coverity Scan
considers that ntohs() function return TAINTED data. Thus, when the length is
used to control for() loop, Coverity Scan marks this part of the code as defect
with "Untrusted Loop Bound" due to the usage of Tainted variable. Similar
problems occur when browsing sub-TLV where length is extracted with ntohs().
To overcome this limitation, a size attribute has been added to the ospf_lsa
structure. The size is set when lsa->data buffer is allocated. In addition,
when an OSPF packet is received, the size of the payload is controlled before
contains is processed. For OSPF LSA, this allow a secure buffer allocation.
Thus, new size attribute contains the exact buffer allocation allowing a
strict control during TLV browsing.
This patch adds extra control to bound for() loop during TLV browsing to
avoid potential problem as suggested by Coverity Scan. Controls are based
on new size attribute of the ospf_lsa structure to avoid any ambiguity.
Fredi Raspall [Sun, 2 May 2021 15:13:11 +0000 (17:13 +0200)]
isisd: clear the N-flag in ext. reachability TLVs
If the n-flag-clear option is set in the configuration of a prefix
segment, clear the flag in the extended ip reachability TLVs.
RFCs 7794 and 8667 are not too strict on the setting / clearing the
N-flag in prefix SIDs. However, if there exists a cmd line option
to clear it, it should be cleared in the TLVs announced, as other
vendors do.
Igor Ryzhov [Fri, 7 May 2021 14:05:40 +0000 (17:05 +0300)]
ospf6d: always free redistribute config
When the ospf6 instance in unknown VRF is deleted, the redistribution
config is not freed, because it is not registered in zebra. We should
always free the config regardless of zebra registration status.
Igor Ryzhov [Mon, 17 May 2021 22:24:22 +0000 (01:24 +0300)]
ospf6d: fix "default-information originate" in non-existing vrf
If the default route redistribution is configured in OSPF6 router before
the VRF is created, then this is not currently registered in zebra after
the VRF creation.
projects / mirror / frr.git / log