David Lamparter [Fri, 8 Jul 2022 11:59:10 +0000 (13:59 +0200)]
bgpd: work around GCC/plugin shortcomings
The GCC extended printf format checking plugin runs into some GCC
shortcomings regarding casts on printf function parameters. While this
can be fixed with a small GCC patch, patching GCC is "nontrivial" to say
the least. Luckily, it happens that this is /almost/ not an issue for
the FRR source base.
Since we fix SA "misunderstandings" too, let's just fix places where the
format checking plugin runs into this limitation to keep things working
extra smoothly.
(It's not a huge effort either, these two spots in bgpd are the only
places that trigger the plugin limitation, and it's been "clean" before
that for more than a year if my memory is right.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Wed, 6 Jul 2022 09:26:01 +0000 (11:26 +0200)]
zebra: fix remaining MR RTM_GETROUTE oddities
The IPv6 version needs rtm_src_len and rtm_dst_len filled in due to
strict validation. IPv4 also has this requirement, but zebra is running
in non-strict mode there so the kernel accepts it...
Also the table ID hack is IPv4 only.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Rafael Zalamena [Wed, 6 Jul 2022 10:52:17 +0000 (07:52 -0300)]
bfdd: fix coverity memory overrun
Use the destination for the operator `sizeof()` instead of the source
which could (and is) be bigger than destination.
We are not truncating any data here it just happens that the zebra
interface data structure hardware address can be bigger due to different
types of interface.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
David Lamparter [Wed, 6 Jul 2022 09:23:40 +0000 (11:23 +0200)]
zebra: IIF/OIF are not used in MR RTM_GETROUTE
The multicast routing RTM_GETROUTE command does not use IIF/OIF
attributes, and the IPv6 version will refuse them with an error due to
being new netlink API and thus using strict validation.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Wed, 6 Jul 2022 09:19:05 +0000 (11:19 +0200)]
zebra: correctly ignore multicast nl msgs
zebra does not care about _notifications_ from the kernel regarding
multicast routing; we only use the MR netlink API to request stats from
the kernel by actively sending a RTM_GETROUTE.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Wed, 6 Jul 2022 08:48:56 +0000 (10:48 +0200)]
lib: use assume() for SA fixing, add explainer
Literally 4 minutes after hitting merge on Mark's previous fix for this
I remembered we have an `assume()` macro in compiler.h which seems like
the right tool for this.
(... and if I'm touching it, I might as well add a little text
explaining what's going on here.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
this commit containes 2 testcases that covers
1. Default originate behaviour on restarting the BGP daemon and FRR router
2. Default Originate behaviour on shut no-shutting the interface
lib, vtysh: Add `allow-reserved-ranges` global command
It will be used to allow/deny using IPv4 reserved ranges (Class E) for Zebra
(configuring interface address) or BGP (allow next-hop to be from this range).
Louis Scalbert [Fri, 1 Jul 2022 10:11:03 +0000 (12:11 +0200)]
topostest: bgp_conditional_advertisement cleanup
The bgp_conditional_advertisement topotest runs all the test cases in
the same function. It is not easy to debug it because the pytest
"--pause" argument does not make breaks between test cases.
Dispatch the test-cases into functions to benefit from the "--pause"
feature.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Donald Sharp [Thu, 30 Jun 2022 13:03:12 +0000 (09:03 -0400)]
zebra: Add more cases to proto2zebra for understanding kernel routes
Just some missing ones. Make zebra stop complaining, was getting
some messages from proto2zebra when doing testing, let's clean
that up from happening.
Donald Sharp [Thu, 30 Jun 2022 14:04:26 +0000 (10:04 -0400)]
zebra: Notice to end operator when a failure happens
When reading a multipath route and we detect an encoding
error from the kernel( yeah I don't think so either ),
let's tell the operator what happened to that route.
Louis Scalbert [Fri, 27 May 2022 08:42:53 +0000 (10:42 +0200)]
isisd: fix infinite loop when parsing LSPs
Fixing the crash:
> #0 0x0000560aa80f8e30 in lspdb_const_find (h=<error reading variable: Cannot access memory at address 0x7fff5e95efe8>, item=<error reading variable: Cannot access memory at address 0x7fff5e95efe0>) at ./isisd/isis_lsp.h:64
> #1 0x0000560aa80f8e9d in lspdb_find (h=0x560aaa1ed3b8, item=0x7fff5e95f050) at ./isisd/isis_lsp.h:64
> #2 0x0000560aa80f92f9 in lsp_search (head=0x560aaa1ed3b8, id=0x7fff5e95f200 "") at isisd/isis_lsp.c:100
> #3 0x0000560aa8113d69 in spf_adj_list_parse_tlv (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, id=0x560aad331a78 "", desig_is_id=0x0, pseudo_metric=0, metric=3, oldmetric=false, subtlvs=0x0) at isisd/isis_spf.c:1330
> #4 0x0000560aa811419d in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1429
> #5 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1ff8e0, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #6 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> (...)
> #65507 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1ff8e0, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65508 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65509 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1ff8e0, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65510 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65511 0x0000560aa8114313 in isis_spf_build_adj_list (spftree=0x560aaa1f09d0, lsp=0x560aaa1f4e50) at isisd/isis_spf.c:1455
> #65512 0x0000560aa8114f09 in isis_run_spf (spftree=0x560aaa1f09d0) at isisd/isis_spf.c:1775
> #65513 0x0000560aa8115057 in isis_run_spf_with_protection (area=0x560aaa1ed3b0, spftree=0x560aaa1f09d0) at isisd/isis_spf.c:1801
> #65514 0x0000560aa8115311 in isis_run_spf_cb (thread=0x7fff5f15e5a0) at isisd/isis_spf.c:1859
> #65515 0x00007f90bac66dcc in thread_call (thread=0x7fff5f15e5a0) at lib/thread.c:2002
> #65516 0x00007f90bac013ee in frr_run (master=0x560aa9f5cb40) at lib/libfrr.c:1196
> #65517 0x0000560aa80e7da2 in main (argc=2, argv=0x7fff5f15e7b8, envp=0x7fff5f15e7d0) at isisd/isis_main.c:273
The fix is similar to the crash fix included in d9884a758c
("isisd: Prepare IS-IS for Link State support"). The fix was:
> diff --git a/isisd/isis_lsp.c b/isisd/isis_lsp.c
> index 94353a5bc8..92d329f035 100644
> --- a/isisd/isis_lsp.c
> +++ b/isisd/isis_lsp.c
> @@ -2166,7 +2178,7 @@ int isis_lsp_iterate_ip_reach(struct isis_lsp *lsp, int family, uint16_t mtid,
> if (lsp->hdr.seqno == 0 || lsp->hdr.rem_lifetime == 0)
> return LSP_ITER_CONTINUE;
>
> - /* Parse main LSP. */
> + /* Parse LSP */
> if (lsp->tlvs) {
> if (!fabricd && !pseudo_lsp && family == AF_INET
> && mtid == ISIS_MT_IPV4_UNICAST) {
> @@ -2236,13 +2248,17 @@ int isis_lsp_iterate_ip_reach(struct isis_lsp *lsp, int family, uint16_t mtid,
> }
> }
>
> - /* Parse LSP fragments. */
> - for (ALL_LIST_ELEMENTS_RO(lsp->lspu.frags, node, frag)) {
> - if (!frag->tlvs)
> - continue;
> + /* Parse LSP fragments if it is not a fragment itself */
> + if (!LSP_FRAGMENT(lsp->hdr.lsp_id))
> + for (ALL_LIST_ELEMENTS_RO(lsp->lspu.frags, node, frag)) {
> + if (!frag->tlvs)
> + continue;
>
> - isis_lsp_iterate_ip_reach(frag, family, mtid, cb, arg);
> - }
> + if (isis_lsp_iterate_ip_reach(frag, family, mtid, cb,
> + arg)
> + == LSP_ITER_STOP)
> + return LSP_ITER_STOP;
> + }
>
> return LSP_ITER_CONTINUE;
> }
Fixes: 7b36d36e0e ("isisd: make the SPF code more modular") Fixes: 5e56a50559 ("isisd: fix infinite loop when parsing LSPs") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Donald Sharp [Thu, 30 Jun 2022 12:03:02 +0000 (08:03 -0400)]
zebra: Realign SOL_NETLINK to warn when FRR does not have it
There exists a possibility that an end operator has choosen
to compile FRR on an extremely old KERNEL that does not support
the SOL_NETLINK sockopt call. If so let's note it for them
instead of stuff silently not working.
Donald Sharp [Thu, 30 Jun 2022 11:50:04 +0000 (07:50 -0400)]
zebra: Correct implication of SOL_NETLINK NETLINK_ADD_MEMBERSHIP usage
The usage of SOL_NETLINK for adding memberships of interest is
1 group per call. The netink_socket function implied that
the call could be a bitfield of values. This is not correct
at all. This will trip someone else up in the future when
a new value is needed. Let's get it right `now` before
it becomes a problem.
Let's also add a bit of extra code to give operator a better
understanding of what went wrong when a kernel does not
support the option.
Finally as a point of future reference should FRR just switch
over to a loop to add the required loops instead of having
this bastardized approach of some going in one way and some
going in another way?
nsaigomathi [Fri, 6 Aug 2021 07:47:52 +0000 (00:47 -0700)]
pimd: json support for nexthop
Problems Identified:
show ip pim nexthop cli didn't have json extension and
show ip pim vrf all upstream have improper json format
Description:
show ip pim nexthop command shows the nexthops that are being used.
Added json support for the command.
show ip pim vrf all upstream displays upstream information for all vrfs about a S,G mroute.
Formatted the json structure for this command.
Implementing the TBD of watermark-warn CLI for IPv6 MLD
This command can be use to warn the user
when more than the desired limit of groups gets configured.
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
projects / matthieu / frr.git / log