Donald Sharp [Fri, 7 Dec 2018 14:01:59 +0000 (09:01 -0500)]
bgpd: Convert adj_out to a RB tree
The adj_out data structure is a linked list of adjacencies
1 per update group. In a large scale env where we are
not using peer groups, this list lookup starts to become
rather costly. Convert to a better data structure for this.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Rafael Zalamena [Thu, 6 Dec 2018 19:26:10 +0000 (17:26 -0200)]
bgpd: don't show default value in configuration
Don't show the configuration line `rfp full-table-download off` by
default as it is not the default value, instead only show
`rfp full-table-download on` (the non-default value) when it is
configured.
This standardizes this knob to the FRR default behavior.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
We call `modprobe -n` to check if mpls modules are available to be
loaded. We do this as normal user, to only ask for root permissions
if we are actually loading the module.
This breaks if `modprobe` is in `/sbin` and normal users don't have
sbin in path.
So add `/sbin` to the search path to work around this.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
If we mount the tests into the container from the host, we also
mount any `*.pyc` files with them, which will lead to issues
as the mount is done read-only to avoid any changes to the host.
Since the tests are now integrated and we already create a writeable
copy of the FRR tree, just use the tests from the FRR tree to avoid
this issue.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Chirag Shah [Wed, 5 Dec 2018 01:08:47 +0000 (17:08 -0800)]
bgpd: set attribute change flag to evpn imported
EVPN route's attribute changes,
mark attribute change flag to imported unicast route.
A scenario where AS_PATH attribute have changed for an EVPN type-5
route, set attribute change
to imported route.
Ticket:CM-23008
Reviewed By:
Testing Done:
Validated via marking EVPN route with AS_PATH prepand.
At the receiving VTEP, ensure attribute change flag is set to
imported unicast route and bgp update sent to VTEPs subsequent
bgp peers with AS_PATH prepend update.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Donald Sharp [Wed, 5 Dec 2018 20:12:50 +0000 (15:12 -0500)]
zebra: `show ip route A.B.C.D json` would only show last route entry
The `show ip route A.B.C.D json` command was only displaying
the last route entry looked at and we would drop the data
associated with other route entries. This fixes the issue:
robot# show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route
Chirag Shah [Mon, 3 Dec 2018 03:08:22 +0000 (19:08 -0800)]
zebra: dup addr detect clear cmd non-zero return
Clear dup address vni needs to return non-zero value
in case of command is not successful.
Ticket:CM-23122
Testing Done:
run clear command and check upon failure return code is non-zero.
root@TORS1:~# vtysh -c "clear evpn dup-addr vni 1000 ip 45.0.1.26"
% Requested IP's associated MAC 00:01:02:03:04:05 is still in duplicate
% state
root@TORS1:~# echo $?
1
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
In order to support automated builds, the build context needs to be
the repository root.
So adapt our dockerfile and buildscript for this. Also, add files which
should not be included into the build context in .dockerignore to limit
the size of the build context to something sensible.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Lou Berger [Fri, 30 Nov 2018 19:35:25 +0000 (19:35 +0000)]
bgpd: partially revert e23b9ef6d271223d29c7f91a10d98aa6dcd252b3
previous change was to fix rnh module in Zebra for leaked routes
this reverts that fix, so probably reintroduces the problem.
when converting bgp fs entries to bgp pbr entries, the fields of the
flowspec are analysed. In the case src ip or dst ip is set to 0.0.0.0,
that field is ignored, thus preventing from injecting a rule that can
not be injected into the pbr. This can be done by avoiding mentioning
the field in the bitmask structure used to convert data to pbr entries.
PR=61620 Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com> Acked-by: Emmanuel Vize <emmanuel.vize@6wind.com>
Philippe Guibert [Tue, 27 Nov 2018 15:32:45 +0000 (16:32 +0100)]
bgpd: add new draft for redirect ip for flowspec
that new option will overwrite simpson draft. There is a new ecommunity
option whose type is 0x1 and subtype is 0xc. That option is defined
here on iana.org/assignments/bgp-extended-communities page:
- bgp-extended-communities.xhtml#trans-ipv4
It contains the IP address to redirect traffic to. The understanding of
the draft is the following one:
- if that community is only present, then the ip contained inside will
be chosen as nexthop.
- if that community is provided along with simpson extended community,
then only the new redirect ip draft will be used. however, both will be
displayed.
- in other cases, if there is only the simpson extended community, then
the nexthop IP of the NLRI will be chosen.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Don Slice [Wed, 28 Nov 2018 15:57:01 +0000 (15:57 +0000)]
zebra: handle neighbor delete from kernel for ipv4 link-local
Problem reported that kernel neighbor entries could end up in "FAILED"
state when the neighbor entry was deleted. This fix handles the
notification of the event from netlink messages and re-inserts the
deleted entry.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Christian Franke [Wed, 17 Oct 2018 17:35:15 +0000 (19:35 +0200)]
docker: Run container with its own network namespace
For normal operation, there is no need for the container to run
in the host network environment or to have access to the users
X Session.
To accomodate usecases which need this, there is now a `TOPOTEST_OPTIONS`
environment variable to provide additional options to the docker run
command.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Christian Franke [Wed, 17 Oct 2018 16:27:35 +0000 (18:27 +0200)]
Dockerfile: Move to project root and combine RUNs
According to https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#run
`apt-get update` should always be combined with `apt-get install` in
the same `RUN` statement, to avoid installation of outdated packages.
Also, combine some more `RUN`s together as to avoid fewer layers.
Finally, remove some comments which are superflous. Comments shouldn't
describe what is done, especially when it's obvious. They should
explain why something is done.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>