Igor Ryzhov [Thu, 18 Jan 2024 23:40:21 +0000 (01:40 +0200)]
lib: validate affinity-map bit position using the yang model
When affinity mode is "standard", bit position cannot be greater than
31. Add a "must" statement to the YANG model to validate this, and
remove our custom validation code that does the same.
Igor Ryzhov [Thu, 18 Jan 2024 21:27:56 +0000 (23:27 +0200)]
lib: validate affinity-map reference using yang model
Change the type of affinity leaf-list in frr-zebra to a leafref with
"require-instance" property set to true. This change tells libyang to
automatically check that affinity-map exists before usage and doesn't
allow it to be deleted if it's referenced. It allows us to remove all
the manual code that is doing the same thing.
Igor Ryzhov [Sat, 13 Jan 2024 22:41:54 +0000 (00:41 +0200)]
lib: fix oper data leaf creation
When creating an initial tree trunk for oper data walk, if the xpath
represents a leaf, the leaf is created with an incorrect empty value.
If it doesn't actually exist in daemon's oper data, its value is not
overwritten later and an empty value is returned in the result.
For example, when requesting
`/frr-interface:lib/interface[name='eth0']/description`, the result is:
```
{
"frr-interface:lib": {
"interface": [
{
"name": "eth0",
"description": ""
}
]
}
}
```
instead of an empty JSON that it should be.
Christian Hopps [Sat, 13 Jan 2024 14:26:55 +0000 (14:26 +0000)]
doc: mgmtd: update mgmtd conversion doc to be current.
Also change `be_client_xpaths` to `be_client_config_xpaths` referred in the doc
to make much clearer it's use (since there's a separate `be_client_oper_xpaths`.
Igor Ryzhov [Thu, 11 Jan 2024 21:47:48 +0000 (23:47 +0200)]
lib, mgmtd: rename ignore_cbs to ignore_cfg_cbs
Setting this variable to true makes NB ignore only configuration-related
callbacks. CLI-related callbacks are still loaded and executed, so
rename the variable to make it clearer.
Igor Ryzhov [Thu, 11 Jan 2024 18:58:09 +0000 (20:58 +0200)]
mgmtd: don't try to send config to disconnected clients
When determining the interested backend clients for a configuration
change, don't consider disconnected clients. This fixes a crash in
`mgmt_txn_send_be_txn_create` when trying to send data to a non-existing
adapter.
bgpd: Set correct TTL for the dynamic neighbor peers
In an EBGP multihop configuration with dynamic neighbors, the TTL configured is not being updated for the socket.
Issue:
Assume the following topology:
Host (Dynamic peer to spine - 192.168.1.100) - Leaf - Spine (192.168.1.1)
When the host establishes a BGP multihop session to the spine,
the connection uses the MAXTTL value instead of the configured TTL (in this case, 2).
This issue is only observed with dynamic peers.
Logs: look at the TTL is still MAXTTL, instead of “2” configured.
Donald Sharp [Wed, 10 Jan 2024 21:00:33 +0000 (16:00 -0500)]
pimd: Make some not very needed debugs more restrictive
When turning on debug pim trace, there are lots of messages
surrounding the timing of rpf lookup. 99% of the time
no-one cares about these anymore. Let's make them
not seen unless we turn up debugs
Donald Sharp [Wed, 10 Jan 2024 20:58:45 +0000 (15:58 -0500)]
pimd: Receiving a Join or Prune should be under J_P debugs
The Join or Prune messages require you to turn on `trace`
but this is part of Join/Prune processing of the packet
let's use PIM_DEBUG_PIM_J_P instead of TRACE here.
Philippe Guibert [Thu, 19 Sep 2019 07:11:18 +0000 (09:11 +0200)]
bgpd: add hooks for displaying module debug messages
when a plugin is attached, some debugs may be attached to that plugin.
For that, add one hook that is interacting with vty: a boolean indicates
what the usage is for: either for impacting the 'show running-config',
or for impacting the 'show debugging' command.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com> Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Tue, 19 Dec 2023 15:06:28 +0000 (16:06 +0100)]
bgpd: fix crash when re-adding a rpki server
Fix a crash when re-adding a rpki server:
> r2# sh run bgpd
> [...]
> rpki
> rpki retry_interval 5
> rpki cache 192.0.2.1 15432 preference 1
> exit
> [...]
> r2# conf t
> r2(config)# rpki
> r2(config-rpki)# no rpki cache 192.0.2.1 15432 preference 1
> r2(config-rpki)# do show rpki cache-connection
> Cannot find a connected group.
> r2(config-rpki)# rpki cache 192.0.2.1 15432 preference 1
> r2(config-rpki)# do show rpki cache-connection
> vtysh: error reading from bgpd: Resource temporarily unavailable (11)Warning: closing connection to bgpd because of an I/O error!
> #0 raise (sig=<optimized out>) at ../sysdeps/unix/sysv/linux/raise.c:50
> #1 0x00007f3fd2d16e57 in core_handler (signo=11, siginfo=0x7ffffd5931b0, context=0x7ffffd593080) at lib/sigevent.c:246
> #2 <signal handler called>
> #3 0x00007f3fd26926b4 in tommy_list_head (list=0x2e322e302e323931) at /home/lscalber/git/rtrlib/./third-party/tommyds/tommylist.h:125
> #4 0x00007f3fd2693812 in rtr_mgr_get_first_group (config=0x55fbf31d7f00) at /home/lscalber/git/rtrlib/rtrlib/rtr_mgr.c:409
> #5 0x00007f3fd2ebef59 in get_connected_group () at bgpd/bgp_rpki.c:718
> #6 0x00007f3fd2ec0b39 in show_rpki_cache_connection_magic (self=0x7f3fd2ec69c0 <show_rpki_cache_connection_cmd>, vty=0x55fbf31f9ef0, argc=3, argv=0x55fbf31f99d0, uj=0x0)
> # at bgpd/bgp_rpki.c:1575
> #7 0x00007f3fd2ebd4da in show_rpki_cache_connection (self=0x7f3fd2ec69c0 <show_rpki_cache_connection_cmd>, vty=0x55fbf31f9ef0, argc=3, argv=0x55fbf31f99d0) at ./bgpd/bgp_rpki_clippy.c:648
> #8 0x00007f3fd2c8a142 in cmd_execute_command_real (vline=0x55fbf31f9990, vty=0x55fbf31f9ef0, cmd=0x0, up_level=0) at lib/command.c:978
> #9 0x00007f3fd2c8a25c in cmd_execute_command (vline=0x55fbf31e5260, vty=0x55fbf31f9ef0, cmd=0x0, vtysh=0) at lib/command.c:1028
> #10 0x00007f3fd2c8a7f1 in cmd_execute (vty=0x55fbf31f9ef0, cmd=0x55fbf3200680 "do show rpki cache-connection ", matched=0x0, vtysh=0) at lib/command.c:1203
> #11 0x00007f3fd2d36548 in vty_command (vty=0x55fbf31f9ef0, buf=0x55fbf3200680 "do show rpki cache-connection ") at lib/vty.c:594
> #12 0x00007f3fd2d382e1 in vty_execute (vty=0x55fbf31f9ef0) at lib/vty.c:1357
> #13 0x00007f3fd2d3a519 in vtysh_read (thread=0x7ffffd5963c0) at lib/vty.c:2365
> #14 0x00007f3fd2d2faf6 in event_call (thread=0x7ffffd5963c0) at lib/event.c:1974
> #15 0x00007f3fd2cc238e in frr_run (master=0x55fbf2a0cd60) at lib/libfrr.c:1214
> #16 0x000055fbf073de40 in main (argc=9, argv=0x7ffffd596618) at bgpd/bgp_main.c:510
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Thu, 21 Dec 2023 10:41:53 +0000 (11:41 +0100)]
bgpd: fix rpki compilation without rtrlib ssh
Fix RPKI module compilation when rtrlib is compiled without SSH support,
ie. with cmake option:
> -D RTRLIB_TRANSPORT_SSH=No
> bgpd/bgp_rpki.c: In function ‘config_write’:
> bgpd/bgp_rpki.c:1062:3: error: enumeration value ‘SSH’ not handled in switch [-Werror=switch-enum]
> 1062 | switch (cache->type) {
> | ^~~~~~
> bgpd/bgp_rpki.c: In function ‘show_rpki_cache_connection_magic’:
> bgpd/bgp_rpki.c:1598:3: error: enumeration value ‘SSH’ not handled in switch [-Werror=switch-enum]
> 1598 | switch (cache->type) {
> | ^~~~~~
> cc1: all warnings being treated as errors
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Fri, 15 Dec 2023 16:26:41 +0000 (17:26 +0100)]
bgpd: fix show rpki json void output
"show rpki XX json" should not return a void output because json.loads()
considers it to be an incorrect JSON.
> >>> json.loads("")
> Traceback (most recent call last):
> File "<stdin>", line 1, in <module>
> File "/usr/lib/python3.9/json/__init__.py", line 346, in loads
> return _default_decoder.decode(s)
> File "/usr/lib/python3.9/json/decoder.py", line 337, in decode
> obj, end = self.raw_decode(s, idx=_w(s, 0).end())
> File "/usr/lib/python3.9/json/decoder.py", line 355, in raw_decode
> raise JSONDecodeError("Expecting value", s, err.value) from None
> json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
> >>> json.loads("{}")
> {}
Return "{}" instead in such a case.
Link: https://github.com/FRRouting/frr/pull/15034 Fixes: dff41cc8a9 ("bgpd: Add JSON output for `show rpki prefix` and other show commands") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Igor Ryzhov [Mon, 9 Oct 2023 00:21:16 +0000 (03:21 +0300)]
mgmt, lib: implement REPLACE operation
Replace operation removes the current data node configuration and sets
the provided value. As current northbound code works only with one
xpath at a time, the operation only makes sense to clear the config of
a container without deleting it itself. However, the next step is to
allow passing JSON-encoded complex values to northbound operations which
will make replace operation much more useful.
Igor Ryzhov [Fri, 6 Oct 2023 12:01:16 +0000 (15:01 +0300)]
mgmt, lib: differentiate DELETE and REMOVE operations
Currently, there's a single operation type which doesn't return error
if the object doesn't exists. To be compatible with NETCONF/RESTCONF,
we should support differentiate between DELETE (fails when object
doesn't exist) and REMOVE (doesn't fail if the object doesn't exist).
Igor Ryzhov [Thu, 5 Oct 2023 23:58:58 +0000 (02:58 +0300)]
mgmtd, lib: implement CREATE_EXCL operation
Currently, there's no difference between CREATE and MODIFY operations.
To be compatible with NETCONF/RESTCONF, add new CREATE_EXCL operation
that throws an error if the configuration data already exists.
Igor Ryzhov [Thu, 5 Oct 2023 21:13:16 +0000 (00:13 +0300)]
lib: split nb_operation into two types
Currently, nb_operation enum means two different things - edit operation
type (frontend part), and callback type (backend part). These types
overlap, but they are not identical. We need to add more operation
types to support NETCONF/RESTCONF integration, so it's better to have
separate enums to identify different entities.
Extended communities which are non-transitive across an AS boundary MAY be
advertised over an EBGP-OAD session if allowed by explicit policy configuration.
If allowed, all the members of the OAD SHOULD be configured to use the same
criteria.
For example, the Origin Validation State Extended Community, defined as
non-transitive in [RFC8097], can be advertised to peers in the same OAD.
Donald Sharp [Wed, 10 Jan 2024 20:36:47 +0000 (15:36 -0500)]
pimd: Send up to 10 NULL registers on vxlan startup
When doing pim vxlan multicast bum handling, setup
the register to send up to 10 null registers on
immediate startup. If the null register packet
gets dropped this delays the formation of the
S,G tree from the RP towards the FHR.
Edwin Brossette [Fri, 8 Dec 2023 15:02:11 +0000 (16:02 +0100)]
lib: use snmp's large fd sets for agentx
The maximum number of file descriptors in an fd set is limited by
FD_SETSIZE. This limitation is important because the libc macros
FD_SET(), FD_CLR() and FD_ISSET() will invoke a sigabort if the size of
the fd set given to them is above FD_SETSIZE.
We ran into such a sigabort with bgpd because snmp can return an fd set
of size higher than FD_SETSIZE when calling snmp_select_info(). An
unfortunate FD_ISSET() call later causes the following abort:
Received signal 6 at 1701115534 (si_addr 0xb94, PC 0x7ff289a16a7c); aborting...
/lib/x86_64-linux-gnu/libfrr.so.0(zlog_backtrace_sigsafe+0xb3) [0x7ff289d62bba]
/lib/x86_64-linux-gnu/libfrr.so.0(zlog_signal+0x1b4) [0x7ff289d62a1f]
/lib/x86_64-linux-gnu/libfrr.so.0(+0x102860) [0x7ff289da4860]
/lib/x86_64-linux-gnu/libc.so.6(+0x42520) [0x7ff2899c2520]
/lib/x86_64-linux-gnu/libc.so.6(pthread_kill+0x12c) [0x7ff289a16a7c]
/lib/x86_64-linux-gnu/libc.so.6(raise+0x16) [0x7ff2899c2476]
/lib/x86_64-linux-gnu/libc.so.6(abort+0xd3) [0x7ff2899a87f3]
/lib/x86_64-linux-gnu/libc.so.6(+0x896f6) [0x7ff289a096f6]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x2a) [0x7ff289ab676a]
/lib/x86_64-linux-gnu/libc.so.6(+0x1350c6) [0x7ff289ab50c6]
/lib/x86_64-linux-gnu/libc.so.6(+0x1366ab) [0x7ff289ab66ab]
/lib/x86_64-linux-gnu/libfrrsnmp.so.0(+0x36f5) [0x7ff2897736f5]
/lib/x86_64-linux-gnu/libfrrsnmp.so.0(+0x3c27) [0x7ff289773c27]
/lib/x86_64-linux-gnu/libfrr.so.0(thread_call+0x1c2) [0x7ff289dbe105]
/lib/x86_64-linux-gnu/libfrr.so.0(frr_run+0x257) [0x7ff289d56e69]
/usr/bin/bgpd(main+0x4f4) [0x560965c40488]
/lib/x86_64-linux-gnu/libc.so.6(+0x29d90) [0x7ff2899a9d90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80) [0x7ff2899a9e40]
/usr/bin/bgpd(_start+0x25) [0x560965c3e965]
in thread agentx_timeout scheduled from /build/make-pkg/output/_packages/cp-routing/src/lib/agentx.c:122 agentx_events_update()
Also, the following error is logged by snmp just before the abort:
snmp[err]: Use snmp_sess_select_info2() for processing large file descriptors
snmp uses a custom struct netsnmp_large_fd_set to work above the limit
imposed by FD_SETSIZE. It is noteworthy that, when calling
snmp_select_info() instead of snmp_select_info2(), snmp uses the same
code working with its custom, large structs, and copy/paste the result
to a regular, libc compatible fd_set. So there should be no downside
working with snmp_select_info2() instead of snmp_select_info().
Replace every use of the libc file descriptors sets by snmp's extended
file descriptors sets in agentx to acommodate for the high number of
file descriptors that can come out of snmp. This should prevent the
abort seen above.
Donald Sharp [Fri, 5 Jan 2024 18:24:59 +0000 (13:24 -0500)]
zebra: SA incorrectly believes a NULL pointer
SA has decided that old_re could be a NULL pointer
even though the zebra_redistribute_check function
checks for NULL and returns false that would
not allow a NULL pointer deref.
projects / mirror / frr.git / log