bgpd: vpn route-map config should be kept, except if vrf list is on
When executing vpn route-map config for importation, the running-config
records vrf import route-map instead. Actually, this is a problem when
restarting configuring when using vpn route-map. The choice is done to
move to vrf format, when at least one import list is created for vrfs.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Ameya Dharkar [Tue, 9 Oct 2018 18:56:46 +0000 (11:56 -0700)]
bgpd: Incorrect sent prefix count for a split subgroup
When a subgroup splits to form a new subgroup because of policy changes
for a peer, new subgroup copies adj out(state about advertised routes)
from the parent subgroup. At the same time, it should also copy
scount(advertised prefix count) to the new subgroup for the count to be
in sync with the adj_out for the subgroup.
Tore Anderson [Thu, 4 Oct 2018 11:32:20 +0000 (13:32 +0200)]
doc: correct route map match for prefix lists
This corrects the route map documentation to add the missing "prefix-list"
keyword, which is necessary when matching against a prefix list (as opposed to
an access list).
Additionally, change hyphens for underscores in the variables the user is
supposed to substitute in those commands, to prevent any confusion with the
"prefix-list" keyword itself, and also to make it more consistent with the
other documented commands (which are already using underscores).
Signed-off-by: Tore Anderson <tore@redpill-linpro.com>
bgpd: remove ip prefix from as-path, <large,ext>community-list
The existing commands "ip as-path", "ip community list", "ip extcommunity
list" & "ip largecommunity list" is used to configure both for ipv4 and
ipv6. So the prefix "ip" is removed from these commands.
All the configuration, show related configuration, show running config
& boot up with write memory is also verified with the provided fix.
Quentin Young [Thu, 4 Oct 2018 18:10:09 +0000 (18:10 +0000)]
bgpd: complete description code for communities
When this description code was added, it was all dead code since none of
the bools that checked if the communities were present were ever changed
from 0.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Wed, 3 Oct 2018 16:27:57 +0000 (12:27 -0400)]
lib: Include compiler.h as early as is possible in the build
The compiler.h header provides us with some useful macro's
that we are using in the system. We do not know exactly
where the CPP_NOTICE and CPP_WARN macros are used but
they can move around. Place this header early in the
build then.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Don Slice [Tue, 25 Sep 2018 13:22:22 +0000 (06:22 -0700)]
bgpd: allow nht registration on ipv6 link-local addresses
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Testing Done: bgp-smoke completed with no new failures
While testing 5549 support using global addresses, discovered that
ipv6 nexthop tracking thru a route-reflector didn't work. Since
the next-hop used for remote nexthops resolves to the link-local
of the route-reflector, we need to track it in order to react to
interface down events. Also tripped over a crash in certain cases
which is also resolved in this fix.
Quentin Young [Mon, 17 Sep 2018 19:18:47 +0000 (19:18 +0000)]
doc: clarify documentation on BGP multiple AS
Documentation on how to use multiple autonomous systems was inaccurate
and a bit scattered. Clarify usage of VRFs with multiple autonomous
systems, how to configure them, and their distinction from views. Also
moves a block on L3VPN VRFs out of the 'Basic Concepts' section.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The condition in the do/while is always false because 'return_nsid' cannot
reach the end of the loop with 'return_nsid' having a different value than
NS_UNKNOWN. Because of that, the condition can be replaced with 0 (false).
Also, the loop can be removed because the two assignments made at the end
of the loop before the condition check are not used (detected via Clang,
afterwards).
David Lamparter [Thu, 27 Sep 2018 02:18:48 +0000 (04:18 +0200)]
watchfrr, lib: cleanup & delay detaching
This cleans up watchfrr to be more "normal" like the other daemons in
terms of what it does in main(), i.e. using the full frr_*() call set.
Also, this changes the startup behaviour on watchfrr to stay attached on
the daemon's parent process until startup is really complete. This
should allow removing the "watchfrr.started" hack at some point.
Signed-off-by: David Lamparter <equinox@diac24.net>
Daniil Baturin [Mon, 1 Oct 2018 18:38:44 +0000 (20:38 +0200)]
tools: add a script for building a Debian package in one step.
The script simplifies the relatively lengthy procedure.
It should be invoked from the top level source directory, for example:
./tools/build-debian-package.sh
Donald Sharp [Tue, 11 Sep 2018 12:13:42 +0000 (08:13 -0400)]
bgpd: Try to notice when configuration changes during startup
During peer startup there exists the possibility that both
locally and remote peers try to start communication at the
same time. In addition it is possible for local configuration
to change at the same time this is going on. When this happens
try to notice that the remote peer may be in opensent or openconfirm
and if so we need to restart the connection from both sides.
Additionally try to write a bit of extra code in peer_xfer_conn
to notice when this happens and to emit a error message to
the end user about this happening so that it can be cleaned up.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Coverity points a copy-paste error in the Red-Black tree implementation. The
RB tree code is based on the OpenBSD implementation, so at first glance, it
is a strong point for thinking twice before touching anything.
Details:
The code is an augmented RB tree implementation [1], which adds to RB trees
the possibility of using a callback on every node update for updating per-node
associated metainformation. The bug is clear once checking other places where
the callback is called.
Impact:
- FRR: no impact, because the "augmented" capability is not being used.
- OpenBSD [2]: it seems there is no impact, at least in the 'src' repository.
Additional observations:
- If the "augmented" capability is not used, the code could run faster (at
every operation on a node the callback is checked for not being NULL). May
be branch prediction could be enough for those extra operations being
negligible on most processors in use.
Christian Franke [Fri, 28 Sep 2018 17:32:38 +0000 (19:32 +0200)]
doc: Use `mv -f` in Makefile
Sphinx always runs, even in the `make install` stage. When `make install`
is run as root and then another `make` is run by a nonprivileged user,
some versions of `mv` prompt like this:
Don Slice [Fri, 28 Sep 2018 15:55:39 +0000 (15:55 +0000)]
bgpd: solve issue entering aggregate twice
Problem reported that frr-relaod.py was not installing an aggregate
properly. Problem was actually that frr-reload.py does the command
twice, and the second time the aggregate command was entered, it would
appear in the config but the aggregate was removed from the bgp table
and not advertised to peers. Solved by noticing when an aggregate
was marked for deletion (info_invalid) and allowing the re-entry if
the old one was being removed.
Ticket: CM-22509 Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Don Slice [Thu, 27 Sep 2018 16:51:59 +0000 (16:51 +0000)]
bgpd: enable aggregation in evpn
Problem encountered where using the aggregate-address command in an
evpn environment did not work properly. Depending on the order of
actions, the aggregate may not be created or removed when either the
commands were issued or routes come and go.
Ticket: CM-20585 Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Donald Sharp [Tue, 7 Nov 2017 14:14:32 +0000 (09:14 -0500)]
bgpd: Add lua match command
Please note this is a Proof of Concept and not actually something
that is ready to commit at this point. The file tools/lua.scr
contains some documentation on how we expect it to work currently.
Additionally not all bgp values have been hooked up into the
ability to lua script yet.
There is still significant work to be done here:
1) Add the ability to pass in more data and to adjust the return values
as appropriate.
To set it up:
1) copy tools/lua.scr into /etc/frr (or whereever the config
directory is )
2) Create a route-map match command:
!
router bgp 55
neighbor 10.50.11.116 remote-as external
!
address-family ipv4 unicast
neighbor 10.50.11.116 route-map TEST in
exit-address-family
!
route-map TEST permit 10
match command mooey
!
3) In the lua.scr file make sure that you have a function
named 'mooey' ( as the above example does ):
projects / matthieu / frr.git / log