Description:
Change is intended for fixing the issue related to
clearing of stale leaked routes:
- Whenever BGP goes down,
after bringing down tcp connection and renegotiating capabilities,
once we reestablish connection,
we are not handling clear of VRF leaked route in the bgp_clear_stale_route.
- While bgp is clearing stale routes,
we need to handle withdraw of routes for VRF route-leaking.
Donald Sharp [Fri, 7 Jan 2022 14:15:19 +0000 (09:15 -0500)]
tests: Ensure packets have a chance to arrive in test_multicast_pim_sm_topo4.py
The test is doing this:
a) gather interface data about packets sent
b) shut interface
c) no shut interface
d) gather interface data about packets sent
e) compare a to d and fail if packets sent/received has not incremented
The problem is, of course, that under heavy system load insufficient time
might not have passed for packets to be sent between c and d. Add up to
35 seconds of looking for packet data being incremented else heavily
loaded systems may never show that data is being sent.
bgpd: Increase maximum supress threshold for dampening to 50,000
rfc7196 recommends:
In addition, BGP implementations have an internal constant, which we
will call the 'maximum penalty', and the current computed penalty may
not exceed it.
Router Maximum Penalty: The internal constant for the maximum
penalty value MUST be raised to at least 50,000.
bgpd: Adjust symbolic names for cease notifications according to rfc4486
The following subcodes are defined for the Cease NOTIFICATION
message:
Subcode Symbolic Name
1 Maximum Number of Prefixes Reached
2 Administrative Shutdown
3 Peer De-configured
4 Administrative Reset
5 Connection Rejected
6 Other Configuration Change
7 Connection Collision Resolution
8 Out of Resources
Stephen Worley [Tue, 4 Jan 2022 18:14:51 +0000 (13:14 -0500)]
docker: update alpine build enable set own version
Add ability to set your own env for the version of the docker
container alpine image. This is useful for applications like GNS3
who pin a specific version to look for when they boot up. When you build
locally to test your code you can just set the version to 0 so you don't
have to update configs/scripts looking for a specific image version.
Also fix a shebang in docker start for alpine.
Signed-off-by: Stephen Worley <sworley@nvidia.com>
% ./gobgp global rib add -a ipv6 2001:db8:4::/64
% ./gobgp global rib add -a ipv6 2001:db8:5::/64 community 65535:7
% ./gobgp global rib add -a ipv4 100.100.100.100/32
% ./gobgp global rib add -a ipv4 100.100.100.200/32 community 65535:7
```
1. When killing GoBGPD, graceful restart timer starts in FRR helper router;
2. When GR timer expires in helper router:
a) LLGR_STALE community is attached to routes to be retained;
b) Clear stale routes that have NO_LLGR community attached;
c) Start LLGR timer per AFI/SAFI;
d) Recompute bestpath and reannounce routes to peers;
d) When LLGR timer expires, clear all routes on particular AFI/SAFI.
* Presenting the configuration parameters enable-timestamps,
max-rtt-penalty, rtt-min, and rtt-max.
* Using #defines for the default configuration values instead of magic
numbers.
* rtt-max and rtt-min are entered and presented in milliseconds, but
stored and internally used in microseconds.
Signed-off-by: Adriano Marto Reis <adrianomarto@gmail.com>
Rafael Zalamena [Mon, 13 Dec 2021 20:21:56 +0000 (17:21 -0300)]
bgpd: fix aggregate route AS Path attribute
Always free the locally allocated attribute not the one we are using for
return. This fixes a memory leak and a crash when AS Path is set with
route-map.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Donald Sharp [Fri, 16 Apr 2021 15:34:30 +0000 (11:34 -0400)]
bgpd, tests: Add code to handle failed installations
Currently the Wait for Install code ( bgp_suppress_fib ) does
not properly handle two states from zebra: ROUTE_INSTALL_FAILED
and BETTER_ADMIN_DISTANCE_WON. Pre this change the WFI code
would just never notify our peers about a route install failure
but more is needed. In the ROUTE_INSTALL_FAILED and the
BETTER_ADMIN_DISTANCE_WON we need to notify our peers with
a withdrawal about the route, else we will continue to
draw traffic to us when we cannot legally do so.
Why is this needed? In either case imagine that we've already
received a bgp route, installed it and sent to our peers.
In the Better admin distance won case, say a static route is installed
at this point in time we must stop advertising the route through
us since we are not installed. As such a withdrawal must be sent.
In the ROUTE_INSTALL_FAILED case, the code was not properly handling
the situation where we have Route A, it was successfully installed
and then we received a update to Route A that was attempted to be
installed but failed. In this case we also need to send a withdrawal
Finally update the bgp_suppress_fib topotest to test both of these
situations.
Jonas Gorski [Wed, 15 Dec 2021 09:33:33 +0000 (10:33 +0100)]
tools: fix backing up previous logs in generate_support_bundle.py
subprocess.check_call needs to be called with shell=True, else it will
interpret the string as a single path to execute instead of a command
with arguments:
Fixes the following error:
$ /usr/lib/frr/generate_support_bundle.py
Making backup of /var/log/frr/bgp_support_bundle.log
Traceback (most recent call last):
File "/usr/lib/frr/generate_support_bundle.py", line 89, in <module>
main()
File "/usr/lib/frr/generate_support_bundle.py", line 80, in main
stdout=open_with_backup(ofn),
File "/usr/lib/frr/generate_support_bundle.py", line 32, in open_with_backup
subprocess.check_call("mv {0} {0}.prev".format(path))
File "/usr/lib/python3.8/subprocess.py", line 359, in check_call
retcode = call(*popenargs, **kwargs)
File "/usr/lib/python3.8/subprocess.py", line 340, in call
with Popen(*popenargs, **kwargs) as p:
File "/usr/lib/python3.8/subprocess.py", line 858, in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
File "/usr/lib/python3.8/subprocess.py", line 1704, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'mv /var/log/frr/bgp_support_bundle.log /var/log/frr/bgp_support_bundle.log.prev'
Fixes: 5417cc2de ("tests: collect support bundle data in parallel, fix bugs") Signed-off-by: Jonas Gorski <jonas.gorski@bisdn.de>
David Lamparter [Thu, 11 Nov 2021 16:22:59 +0000 (17:22 +0100)]
lib: shuffle around command line options
New `FRR_NO_SPLIT_CONFIG` flag for newly added daemons where we're just
rolling without split config and always expect configs to be loaded via
vtysh/integrated config.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Igor Ryzhov [Tue, 14 Dec 2021 13:28:08 +0000 (16:28 +0300)]
isisd: fix use after free
Pointers to the adjacency must be cleared only when the adjacency is
deleted. Otherwise, when the ISIS router is deleted later, the adjacency
is not deleted and a crash happens because of UAF.
projects / matthieu / frr.git / log