Donald Sharp [Wed, 23 May 2018 12:25:51 +0000 (08:25 -0400)]
zebra: Ignore most netlink notifications from ourselves
The BPF filter was an exclusion list of netlink messages
we did not want to receive from our self. The problem
with this is that the exclusion list was and will be
ever growing. So switch the test around to an inclusion
list since it is shorter and not growing. Right
now this is RTM_NEWADDR and RTM_DELADDR.
Change some of the debug messages to error messages
so that when something slips through and it is unexpected
during development we will see the problem.
Also try to improve the documentation about what
the filter is doing and leave some breadcrumbs for
future developers to know where to change code
when new functionality is added.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Tue, 22 May 2018 14:54:20 +0000 (10:54 -0400)]
bgpd: Ensure virt->vrfs is valid
Move the list_delete_and_null of the virt->vrfs code to
the actual deletion function to ensure proper lifecycle.
This assumption allows us to know that irt->vrfs is always
true so remove the NULL check on it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Tue, 22 May 2018 14:50:53 +0000 (10:50 -0400)]
bgpd: Free vni list on actual deletion
The irt->vnis list was being freed on going down,
but actually delete it from the deletion function. Then
we can know that the irt->vnis is a valid list anywhere
we have a irt pointer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Wed, 16 May 2018 21:07:54 +0000 (21:07 +0000)]
*: remove -r from daemons except zebra
This option is only implemented by 4 daemons:
- BGPD
- RIPD
- RIPNGD
- Zebra
Manpages and documentation say that the option causes routes to not be
uninstalled from zebra when the daemon terminates. This is true for RIPD
and RIPNGD. This is not true for BGPD; in that daemon it only prevents
transmission of Cease / Peer Unconfig NOTIFICATION messages to peers.
Moreover, when any daemon disconnects from Zebra, all of its routes are
uninstalled from Zebra and the kernel regardless of this option,
rendering the option largely vestigial.
It is still useful in Zebra, where it prevents all routes from being
uninstalled when Zebra shuts down, so it is left there.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Fri, 18 May 2018 19:41:46 +0000 (15:41 -0400)]
zebra: Allow runtime determination of v6 RR semantics
The linux kernel is getting the same Route Replace semantics
for v6 that v4 uses. Allow the end-user to know if their
kernel has this ability and if so to specify it so zebra
can take advantage of this.
Why not do auto-detection? Because you would have to write
code in zebra to add a route then add the same route again
with different nexthops to see if which semantics it is using.
It sure is easier to just add a cli that allows the user to
do it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Fri, 18 May 2018 19:10:31 +0000 (19:10 +0000)]
doc: fix distclean
Apparently Automake has some undocumented logic somewhere that makes it
so any Makefile generated from an Automake Makefile.am is removed from
its secret list of things to delete that it deletes when performing a
recursive distclean before actually performing the recursive distclean
and since the secret list is automatically generated from the list of
things that Autoconf should generate in configure.ac we can't remove the
Makefile from that list or it will break Automake's list of things to
automatically generate that it generates from Autoconf's list of things
to automatically generate.
Thus, to prevent Automake from deleting Makefiles and then immediately
trying to use the Makefiles it just deleted to delete said Makefiles, we
must remove ourselves from the secret list, which is accomplished by
changing the file extension to '.am' instead of '.in'.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Thu, 17 May 2018 22:46:14 +0000 (18:46 -0400)]
zebra: memset buf to prevent uninited writes into kernel
Setup the buf used for extra data passed into kernel such
that we are cleaning it out before writing data to it,
so we can avoid writing uninited data.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Chirag Shah [Tue, 1 May 2018 23:34:31 +0000 (16:34 -0700)]
ospf6d: Fix ECMP for asbr external routes
Use brouter table to fetch nexthops for
asbr prefix (external) routes.
Change adv. router of the router's path once
the DB/FIB is updated with effective nexthops.
Cleanup of nexthop update when route's adv
router changes cost.
Ticket:CM-16139
Testing Done:
Tested ASBR external routes in CLOS topology with
multiple paths asbr originator at tor to spine.
Validated external route's nexthop within
area and inter area.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Donald Sharp [Wed, 16 May 2018 23:24:22 +0000 (19:24 -0400)]
zebra: Convert zrmac->host_list list to a RB Tree
The host_list when we attempt to use it at scale, ends
up spending a non-trivial amount of time finding and
sorting entries for the host list. Convert to a rb tree.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Thu, 10 May 2018 17:51:08 +0000 (13:51 -0400)]
doc: add "Getting Started" section
While we have docs on various pieces of the build system we don't have
any docs on how to actually get FRR running once it's installed, nor do
we have comprehensive documentation on the basic procedure for building
from source. This patch remedies both of those.
Also updated the services list in the docs and removed the SERVICES file
from the project root.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Pascal Mathis [Tue, 15 May 2018 17:22:25 +0000 (19:22 +0200)]
bgpd: Improve route-map matching for INET(6) AF
While the current implementation does pay attention to the AF
(inet/inet6) when comparing the IPv4/v6 address against an address-list
/ prefix-list inside a route-map, the AF check is being done rather
late, which leads to CPU cycles being wasted due to unnecessary list
lookups / address matching.
This commit checks the address family of a prefix right inside the
`route_match_ip(v6)_` functions before looking up any address- and/or
prefix-list, which should improve performance.
Pascal Mathis [Mon, 14 May 2018 20:52:31 +0000 (22:52 +0200)]
bgpd: Respect AFI/SAFI when hard-clearing a peer
The current implementation does not respect the AFI+SAFI combination of
a peer when executing a non-soft (hard) clear. An example would be the
command `clear bgp ipv4 unicast *`, which will clear all BGP peers, even
those that do not have IPv4-Unicast activated.
This commit fixes that behavior by applying the same rules to both soft
and hard clear commands, so that peers without a matching AFI+SAFI
combination will be no longer modified.
Additionally, this commit adds warning messages to all `clear bgp
[<afi>] [<safi>] <target>` commands when no matching peers with the given
AFI+SAFI combination could be found.
Both existing and new warning messages have been extended to also
mention the AFI+SAFI combination that is missing, which is more helpful
to the user than a generic expression 'No peer configured'.
Pascal Mathis [Sun, 13 May 2018 00:29:40 +0000 (02:29 +0200)]
bgpd: Improve JSON support for large communities
The current implementation of building JSON output is greatly different
for large communities compared to standard communities. This is mainly
noticeable by the missing 'list' attribute, which usually offers an
array of all communities present on a BGP route.
This commit adds the missing functionality of properly returning a
'list' attribute in JSON output and also tries a similar approach like
the standard communities are using to implement this feature.
Additionally, the 'format' specifier has been completely removed from
large communities string/JSON rendering, as the official RFC8092 specifies that
there is only one canonical representation:
> The canonical representation of BGP Large Communities is three
> separate unsigned integers in decimal notation in the following
> order: Global Administrator, Local Data 1, Local Data 2. Numbers
> MUST NOT contain leading zeros; a zero value MUST be represented with
> a single zero. Each number is separated from the next by a single
> colon. For example: 64496:4294967295:2, 64496:0:0.
As the 'format' specifier has not been used/checked and only one
canonical representation exists per today, there was no reason to keep
the 'format' parameter in the function signature.
Last but not least, the struct attribute 'community_entry.config' is no
longer being used for large communities and instead 'lcommunity_str' is
being called to maintain a similar approach to standard communities.
As a side effect, this also fixed a memory leak inside 'community_entry_free'
which did not free the allocated memory for the 'config' attribute when
dealing with a large community.
Pascal Mathis [Sun, 13 May 2018 17:11:43 +0000 (19:11 +0200)]
lib: Moved no-password warnings into header file
The warning string which appears when the users executes 'no (enable)
password' was moved into command.h and declared as a constant named
'NO_PASSWD_CMD_WARNING'.
This avoids duplicate code and makes it easy to change the warning
message in all places at once.
Rodny Molina [Fri, 11 May 2018 05:15:48 +0000 (22:15 -0700)]
vtysh: Extending vtysh to allow question-mark cmds
Currently, "vtysh -c" interface does not provide a logic to parse
commands ending with '?' character. In consequence, the following behavior
is observed:
$ vtysh -c "show bgp ?"
% Unknown command.
With these changes, i'm extending FRR's parser to be able to handle
these commands, which allow a more friendly interaction with users
that rely on "vtysh -c" interface. The typical use-case here is for
scenarios in which the final users relie on external/their-own CLI and
require a friendly interface to FRR's vtysh cli.
$ vtysh -c "show bgp ?"
<cr>
A.B.C.D Network in the BGP routing table to
display
A.B.C.D/M IPv4 prefix
X:X::X:X Network in the BGP routing table to display
X:X::X:X/M IPv6 prefix
attribute-info List all bgp attribute information
cidr-only Display only routes with non-natural netmasks
community Display routes matching the communities
community-info List all bgp community information
...
Pascal Mathis [Sat, 12 May 2018 18:19:49 +0000 (20:19 +0200)]
lib: Improved warnings for 'no (enable) password'
When the user executes one of the commands 'no password' or 'no enable
password', a warning message gets shown to inform the user of the
security implications.
While the current implementation works, a warning message gets printed
once for each daemon, which can lead to seeing the same message many
times. This does not affect functionality, but looks like an error to
the user as it can be seen within issue #1432.
This commit only prints the warning message inside lib when vtysh
dispatch is not being used. Additionally, the warning message was copied
into the vtysh command handlers, so that they get printed exactly once.
projects / mirror / frr.git / log