Ruben Kerkhof [Thu, 19 Mar 2020 13:00:20 +0000 (14:00 +0100)]
bgpd: use the right format specifier
Fixes:
/Library/Developer/CommandLineTools/usr/bin/make all-am
CC bgpd/bgp_attr.o
bgpd/bgp_attr.c:2664:5: warning: format specifies type 'unsigned char' but the argument has type 'uint16_t' (aka 'unsigned short') [-Wformat]
length, STREAM_READABLE(peer->curr));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
./lib/log.h:94:50: note: expanded from macro 'flog_err'
zlog_err("[EC %" PRIu32 "] " format, ferr_id, ##__VA_ARGS__)
~~~~~~ ^~~~~~~~~~~
1 warning generated.
Donald Sharp [Thu, 19 Mar 2020 12:24:37 +0000 (08:24 -0400)]
tests: Increase some wait time in tests
The bfd-bgp-cbit-topo3 test is testing bfd timers
with some timers that only wait 4 seconds. The CI
system is failing in various places due to bfd
not converging properly. Upon logging into a
CI system and running tests with intensive disk i/o
I was able to make the tests fail repeatedly in
a couple of different places. Add some additional
time to allow the system to converge on our CI
systems that are running in vm's and may not
always have complete control of cpu's.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
vivek [Wed, 18 Mar 2020 02:59:52 +0000 (19:59 -0700)]
bgpd: Refine multiaccess check for next hop resetting
A BGP update-group is dynamically created to group together a set of peers
such that any BGP updates can be formed just once for the entire group and
only the next hop attribute may need to be modified when the update is sent
out to each peer in the group. The update formation code attempts to
determine as much as possible if the next hop will be set to our own IP
address for every peer in the group. This helps to avoid additional checks
at the point of sending the update (which happens on a per-peer basis) and
also because some other attributes may/could vary depending on whether the
next hop is set to our own IP or not. Resetting the next hop to our own IP
address is the most common behavior for EBGP peerings in the absence of
other user-configured or internal (e.g., for l2vpn/evpn) settings and
peerings on a shared subnet.
The code had a flaw in the multiaccess check to see if there are peers in
the update group which are on a shared subnet as the next hop of the path
being announced - the source peer could itself be in the same update group
and cause the check to give an incorrect result. Modify the check to skip
the source peer so that the check is more accurate.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com> Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com> Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
vivek [Wed, 18 Mar 2020 02:25:13 +0000 (19:25 -0700)]
zebra: Install nexthop's weight for IPv4 routes with IPv6 next hops
Ensure that any weight associated with the next hop is installed for
IPv4 routes with IPv6 next hops too.
Updates: lib, zebra: Allow for installation of a weighted nexthop
bgpd: support for match ip address next-hop address command
this command is missing, compared with 'match ipv6 next-hop' command
available. Adding it by taking into account the backward compatible
effect when supposing that some people have configured acls with name
being an ipv4 address.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Donald Sharp [Mon, 16 Mar 2020 21:23:34 +0000 (17:23 -0400)]
bgpd: Fix certain code paths that reset reason code
The bgp reason code was being reset in bgp_best_selection
by rerunning bgp_path_info_cmp multiple times under certain
receiving patterns of data from peers.
This is the debugs that show this issue:
2020/03/16 19:17:22.523780 BGP: 2001:20:1:1::6 rcvd UPDATE w/ attr: nexthop 20.1.1.6, origin i, metric 600, community 1000:1006, path 20
2020/03/16 19:17:22.523819 BGP: 2001:20:1:1::6 rcvd 20.10.0.6/32 IPv4 unicast
2020/03/16 19:17:22.556168 BGP: 20.1.1.6 rcvd UPDATE w/ attr: nexthop 20.1.1.6, origin i, metric 500, community 1000:1006, path 20
2020/03/16 19:17:22.556209 BGP: 20.1.1.6 rcvd 20.10.0.6/32 IPv4 unicast
2020/03/16 19:17:22.572358 BGP: bgp_process_main_one: p=20.10.0.6/32 afi=IPv4, safi=unicast start
2020/03/16 19:17:22.572408 BGP: 20.10.0.6/32: Comparing path 2001:20:1:1::6 flags 0x410 with path 20.1.1.6 flags 0x410
2020/03/16 19:17:22.572415 BGP: 20.10.0.6/32: path 2001:20:1:1::6 loses to path 20.1.1.6 due to MED 600 > 500
2020/03/16 19:17:22.572422 BGP: 20.10.0.6/32: path 20.1.1.6 is the bestpath from AS 20
2020/03/16 19:17:22.572429 BGP: 20.10.0.6/32: path 20.1.1.6 is the initial bestpath
2020/03/16 19:17:22.572435 BGP: bgp_best_selection: pi 0x5627187c66c0 dmed
2020/03/16 19:17:22.572441 BGP: 20.10.0.6/32: After path selection, newbest is path 20.1.1.6 oldbest was NONE
2020/03/16 19:17:22.572447 BGP: 20.10.0.6/32: path 20.1.1.6 is the bestpath, add to the multipath list
2020/03/16 19:17:22.572453 BGP: 20.10.0.6/32: path 2001:20:1:1::6 has the same nexthop as the bestpath, skip it
2020/03/16 19:17:22.572460 BGP: 20.10.0.6/32: starting mpath update, newbest 20.1.1.6 num candidates 1 old-mpath-count 0 old-cum-bw u0
2020/03/16 19:17:22.572466 BGP: 20.10.0.6/32: comparing candidate 20.1.1.6 with existing mpath NONE
2020/03/16 19:17:22.572473 BGP: 20.10.0.6/32: New mpath count (incl newbest) 1 mpath-change NO all_paths_lb 0 cum_bw u0
Effectively if BGP receives 2 paths it could end up running bgp_path_info_cmp multiple times
and in some situations overwrite the reason selected the first time through.
In this example path selection is run and the MED is the reason for the choice.
Then in bgp_best_selection is run again this time clearing new_select
to NULL before calling path selection for the first time. This second
call into path selection resets the reason, since it is only passing in one
path. So save the last reason selected and restore in this case.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
saravanank [Mon, 16 Mar 2020 02:23:38 +0000 (19:23 -0700)]
zebra: Disable rmap update thread before routemap_finish while shutting down zebra
Problem: While zebra going down, rmap update thread is being called as part of
timer event. This make zebra to crash.
RCA: At this time route_map_master_hash is made to 0 by sig int handler.
This is causing Zebrad to crash while executing rmap update thread
Fix: As part of SIGINT handler, before calling routemap_finish,
thread off any routemap update scheduled at that point and make sure that
it wont get scheduled again by making the timeout as 0.
Signed-off-by: Saravanan K <saravanank@vmware.com>
Sarita Patra [Mon, 2 Mar 2020 08:55:22 +0000 (00:55 -0800)]
pimd: fix OIL not removed after IGMP prune
Issue: Client1------LHR-----(int-1)RP(int-2)------client2
Client2 send IGMP join for group G.
Client1 send IGMP join for group G.
verify show ip mroute in RP, will have 2 OIL.
Client2 send IGMP leave.
Verify show ip mroute in RP, will still have 2.
Root cause: When RP receives IGMP join from client2, it creates
a (s,g) channel oil and add the interface int-2 into oil list and
set the flag PIM_OIF_FLAG_PROTO_IGMP to int-2
Client1 send IGMP join, LHR will send a (*,G) join to RP. RP will
add the interface int-1 into the oil list of (s,g) channel_oil and
will set the flag PIM_OIF_FLAG_PROTO_IGMP and PIM_OIF_FLAG_PROTO_PIM
to the int-1 and set PIM_OIF_FLAG_PROTO_PIM to int-2 as well. It is
happening because of the pim_upstream_inherited_olist_decide() and
forward_on() get all the oil and update the flag wrongly.
So now when client 2 sends IGMP prune, RP will not remove the int-2
from oil list since both PIM_OIF_FLAG_PROTO_PIM & PIM_OIF_FLAG_PROTO_IGMP
are set, it just unset the flag PIM_OIF_FLAG_PROTO_IGMP.
Fix: Introduced new flags in if_channel, PIM_IF_FLAG_MASK_PROTO_PIM
& PIM_IF_FLAG_MASK_PROTO_IGMP. If a if_channel is created because of
pim join or pim (s,g,rpt) prune received, then set the flag
PIM_IF_FLAG_MASK_PROTO_PIM. If a if_channel is created becuase of IGMP
join received, then set the flag PIM_IF_FLAG_MASK_PROTO_IGMP.
When an interface needs to be added into the oil list check if
PIM_IF_FLAG_MASK_PROTO_PIM or PIM_IF_FLAG_MASK_PROTO_IGMP is set, then
update oil flag accordingly.
Issue 1: "show ip pim interface traffic" not show prune TX/RX
Rootcause : not added the variable in the json
Fix : add prune TX/RX in show ip pim interface traffic json
Issue 2: "show ip pim rp-info" not shows the key iAmRp when it is false
Rootcause: Only display the key when the value is true.
Fix: add iAmRp as false in show ip pim rp-info json
Issue 3: "show ip pim rp-info" not showing outbound interface if it is empty
Rootcause: Only display when there is any OIL
Fix: When RP is not reachable then, the outbound interface is Unknown
The command "show ip pim rp-info json" not displaying the outbound
interafce if it is unknown
Sarita Patra [Mon, 9 Mar 2020 06:23:16 +0000 (23:23 -0700)]
pimd: add flags in show ip mroute command
S - Sparse Mode
C - indicates there is a member of the group directly connected to the router.
R -set on an (S, G) by the receipt of an (S, G) RP bit prune message.
F -This indicates that this router is a FHR and send register messages to RP to inform RP of this active source
P - OIL list is NULL. That means the router will send a prune.
T - At least one packet received via SPT.
Donatas Abraitis [Sun, 15 Mar 2020 12:19:11 +0000 (14:19 +0200)]
bgpd: Add subcodes for BGP Finite State Machine Error
Implement https://tools.ietf.org/html/rfc6608
I used python scapy library to send a notification message in OpenSent state:
```
send(IP(dst="192.168.0.1")/TCP(sport=sp,
dport=179,
seq=rec.ack,
ack=rec.seq + 1,
flags=0x18)/BGPHeader(type=3)/BGPNotification(error_code=4,
error_subcode=0))
```
Logs from FRR:
```
%NOTIFICATION: sent to neighbor 192.168.0.2 5/1 (Neighbor Events Error/Receive Unexpected Message in OpenSent State) 0 bytes
```
saravanank [Mon, 16 Mar 2020 02:36:33 +0000 (19:36 -0700)]
pimd: moving the route_unlock_node outside debug function
Problem: Route node is not de referenced after search when pim debug events are
not enabled when pim_rp_find_match_group is called. So this memory will not get
released when route node is deleted after hitting this path.
RCA: Dereferencing is done inside debug condition.
Fix: Moving outside debug condition
Signed-off-by: Saravanan K <saravanank@vmware.com>
Philippe Guibert [Thu, 12 Mar 2020 13:04:30 +0000 (14:04 +0100)]
bgpd: reset bfd session when bgp comes up
This scenario has been seen against microtik virtual machine with
bfd enabled. When remote microtik bgp reestablishes the bgp session
after a bgp reset, the bgp establishment comes first, then bfd is
initialising.
The second point is true for microtik, but not for frrouting, as the
frrouting, when receiving bfd down messages, is not at init state.
Actually, bfd state is up, and sees the first bfd down packet from
bfd as an issue. Consequently, the BGP session is cleared.
The fix consists in resetting the BFD session, only if bfd status is
considered as up, once BGP comes up.
That permits to align state machines of both local and remote bfd.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Tue, 10 Mar 2020 08:20:09 +0000 (09:20 +0100)]
bgpd: upon reconfiguration or bgp exchange failure, stop bfd.
When bgp is updated with local source, the bgp session is reset; bfd
also must be reset. The bgp_stop() handler handles all kind of
unexpected failures, so the placeholder to deregister from bfd should be
ok, providing that when bgp establishes, a similar function in bgp will
recreate bfd context.
Note that the bfd session is not reset on one specific case, where BFD
down event is the last reset. In that case, we must let BFD to monitor
the link.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Sarita Patra [Mon, 9 Mar 2020 07:00:28 +0000 (00:00 -0700)]
pimd: Don't refresh mroute_creation for kernel-installed mroute
Issue: When any interface is getting added/deleted in the outgoing
interface list, it calls pim_mroute_add() which is updating the
mroute_creation time without checking if the mroute is already
installed in the kernel.
Fix: Check if mroute is already installed, then dont refresh the
mroute_creation timer.
Naveen Naidu [Wed, 11 Mar 2020 18:20:41 +0000 (23:50 +0530)]
zebra/rt_netlink.c: Clean is_selfroute function
The return type of is_selfroute function is changed from int to bool.
Also remove the redundant invoking of the is_selfroute function in the
calling function netlink_route_change_read_unicast
Donald Sharp [Wed, 11 Mar 2020 13:03:17 +0000 (09:03 -0400)]
ldpd: During code inspection we are mixing data sizes
As I understand it ldpd was originally developed as a standalone
daemon for *BSD land. Then ported to FRR. FRR uses ifindex_t
as the base type for the ifindex. Mixing `unsigned short` and
`int` and `unsigned int` is going to lead to fun somewhere
along the way. Especially when we get to run on a system
with ifindex churn( I'm looking at you docker ).
Attempt to convert all of ldpd to think of the ifindex as a
`ifindex_t`.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ruben Kerkhof [Wed, 11 Mar 2020 09:37:37 +0000 (10:37 +0100)]
isisd: fix a bunch of build warnings with GCC 10
GCC 10 thinks we memcpy into a 0-sized array (which we're not).
Use a C99 flexible array member instead.
Fixes:
CC lib/stream.lo
lib/stream.c: In function ‘stream_put_in_addr’:
lib/stream.c:824:2: warning: writing 4 bytes into a region of size 0 [-Wstringop-overflow=]
824 | memcpy(s->data + s->endp, addr, sizeof(uint32_t));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
isisd/isis_tlvs.c: In function ‘auth_validator_hmac_md5’:
isisd/isis_tlvs.c:4279:2: warning: writing 16 bytes into a region of size 0 [-Wstringop-overflow=]
4279 | memcpy(STREAM_DATA(stream) + auth->offset, auth->value, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In function ‘update_auth_hmac_md5’,
inlined from ‘update_auth’ at isisd/isis_tlvs.c:3734:4,
inlined from ‘isis_pack_tlvs’ at isisd/isis_tlvs.c:3897:2:
isisd/isis_tlvs.c:3722:2: warning: writing 16 bytes into a region of size 0 [-Wstringop-overflow=]
3722 | memcpy(STREAM_DATA(s) + auth->offset, digest, 16);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
isisd/isis_tlvs.c:3722:2: warning: writing 16 bytes into a region of size 0 [-Wstringop-overflow=]
projects / mirror / frr.git / log