bgpd: Fix route install upon multipath nexthop change
In multipath selection, there can be a scenario where the set of route
entries selected as multipath can be the same (i.e., from the same peers)
but one or more of these may have a change to the BGP next hop. In this
case, the route needs to be installed again in zebra even if the best
route entry selected has not changed, otherwise the zebra RIB may have
a different set of next hops (and first hops) than what the routing
protocol selected.
This patch handles this scenario by re-installing the route if any BGP
attribute has changed for any of the multipaths. Not all BGP attributes
are of relevance to the zebra RIB, but this approach follows existing
logic used in the code (e.g., when BGP attributes for the best route
entry has changed).
bgpd: Fix route install upon non-best nexthop change
After BGP path selection, even if the best route entry selected has not
changed, ensure that the route is installed again in zebra if any non-best
but multipath route entry has a nexthop resolution change.
In the absence of this fix, if a non-best multipath route entry had a
nexthop resolution change (such as being resolved over two first hops instead
of one), the route would get reinstalled into zebra only in some situations
(i.e., when the best route entry had its IGP change flag set). If the route
does not get reinstalled by BGP, the corresponding route in the zebra RIB
would not have all the first hops.
build: detect and create AM_SILENT_RULES macro if needed
Older libs have problem with that:
configure.ac:17: warning: macro `AM_SILENT_RULES'
not found in library
...
configure.ac:24: error: possibly undefined macro:
AM_SILENT_RULES Tested-by: NetDEF CI System <cisystem@netdef.org>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com> Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com> Tested-by: NetDEF CI System <cisystem@netdef.org>
This is an implementation of RFC4970 (Router Information) and
RFC5088 (PCE Capabilities announcement)
* ospfd/Makefile.am: Add new file ospf_ri.c and ospf_ri.h
* ospfd/ospf_opaque.c: Add new Router Capabilities code point
* ospfd/ospf_ri.[c,h]: Implementation of RFC4970 & RFC5088
These patches is an implementation of RFC5305 that enable the
support of Traffic Engineering in IS-IS
* isisd/Makefile.am: Add new files isis_te.c and isis_te.h
* isisd/isis_circuit.[c,h]: Add new mpls_te_circuit structure to isis_circuit
structure to handle new Traffic Engineering TLVs
* isisd/isis_lsp.c: Update LSP handler to mux/demux Traffic Engineering TLVs
* isisd/isis_main.c: Add initialisation of ISIS TE
* isisd/isis_pdu.c: Update function process_p2p_hello() to retrieve remote IP
address to populate Traffic Engineering TLV.
* isisd/isis_te.[c,]: Implementation of RFC5305
* isisd/isis_tlv.[c,h]: Update TLV definition and function to handle
Traffic Engineering ones
* isisd/isis_zebra.c: Add new function isis_zebra_link_params() to retrieve
the link parameters of interfaces from ZBus to populate the Traffic Engineering
TLVs
* isisd/isisd.[c,h]: Add Traffic Engineering support with new debug command
NOTE: I am squashing several commits together because they
do not independently compile and we need this ability to
do any type of sane testing on the patches. Since this
series builds together I am doing this. -DBS
This new structure is the basis to get new link parameters for
Traffic Engineering from Zebra/interface layer to OSPFD and ISISD
for the support of Traffic Engineering
* lib/if.[c,h]: link parameters struture and get/set functions
* lib/command.[c,h]: creation of a new link-node
* lib/zclient.[c,h]: modification to the ZBUS message to convey the
link parameters structure
* lib/zebra.h: New ZBUS message
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add support for IEEE 754 format
* lib/stream.[c,h]: Add stream_get{f,d} and stream_put{f,d}) demux and muxers to
safely convert between big-endian IEEE-754 single and double binary
format, as used in IETF RFCs, and C99. Implementation depends on host
using __STDC_IEC_559__, which should be everything we care about. Should
correctly error out otherwise.
* lib/network.[c,h]: Add ntohf and htonf converter
* lib/memtypes.c: Add new memeory type for Traffic Engineering support
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add link parameters support to Zebra
* zebra/interface.c:
- Add new link-params CLI commands
- Add new functions to set/get link parameters for interface
* zebra/redistribute.[c,h]: Add new function to propagate link parameters
to routing daemon (essentially OSPFD and ISISD) for Traffic Engineering.
* zebra/redistribute_null.c: Add new function
zebra_interface_parameters_update()
* zebra/zserv.[c,h]: Add new functions to send link parameters
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add support of new link-params CLI to vtysh
In vtysh_config.c/vtysh_config_parse_line(), it is not possible to continue
to use the ordered version for adding line i.e. config_add_line_uniq() to print
Interface CLI commands as it completely break the new LINK_PARAMS_NODE.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Update Traffic Engineering support for OSPFD
These patches update original code to RFC3630 (OSPF-TE) and add support of
RFC5392 (Inter-AS v2) & RFC7471 (TE metric extensions) and partial support
of RFC6827 (ASON - GMPLS).
* ospfd/ospf_dump.[c,h]: Add new dump functions for Traffic Engineering
* ospfd/ospf_opaque.[c,h]: Add new TLV code points for RFC5392
* ospfd/ospf_packet.c: Update checking of OSPF_OPTION
* ospfd/ospf_vty.[c,h]: Update ospf_str2area_id
* ospfd/ospf_zebra.c: Add new function ospf_interface_link_params() to get
Link Parameters information from the interface to populate Traffic Engineering
metrics
* ospfd/ospfd.[c,h]: Update OSPF_OPTION flags (T -> MT and new DN)
* ospfd/ospf_te.[c,h]: Major modifications to update the code to new
link parameters structure and new RFCs
Timo Teräs [Fri, 15 Jan 2016 15:36:33 +0000 (17:36 +0200)]
lib, zebra: unify link layer type and hardware address handling
This removes the BSD specific usage of struct sockaddr_dl
hardware address. This unifies to use explict hw_addr member for
the address, and zebra specific enumeration for the link layer
type.
Additionally the zapi is updated to never send platform specific
structures over the wire, but the ll_type along with hw_addr_len
and hw_addr are now sent for all platforms.
Based on initial work by Paul Jakma.
Signed-off-by: Timo Teräs <timo.teras@iki.fi> Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
# Please enter the commit message for your changes. Lines starting
# with '#' will be kept; you may remove them yourself if you want to.
# An empty message aborts the commit.
#
# Author: Timo Teräs <timo.teras@iki.fi>
#
# rebase in progress; onto 9c2f85d
# You are currently editing a commit while rebasing branch 'renato' on '9c2f85d'.
#
# Changes to be committed:
# modified: isisd/isis_circuit.c
# modified: lib/if.c
# modified: lib/if.h
# modified: lib/zclient.c
# modified: zebra/interface.c
# modified: zebra/interface.h
# modified: zebra/kernel_socket.c
# modified: zebra/rt_netlink.c
# modified: zebra/rtadv.c
# modified: zebra/zserv.c
#
# Untracked files:
# "\033\033OA\033OB\033"
# 0001-bgpd-fix-build-on-Solaris.patch
# ldpd/
# redhat/ldpd.init
# redhat/ldpd.service
# tags
#
config: Give the option of disabling run as user/group
Leave "user/group" unset when explicitly configuring with
"--disable-user" / "--enable-user=no" and
"--disable-group" / "--enable-group=no"
This allows quagga to skip unsupported system calls such
as setuid() on certain platfroms.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com> Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com> Tested-by: NetDEF CI System <cisystem@netdef.org>
quagga SNMP support depends on netsnmp, that optionally depends on OpenSSL,
which in turn requires zlib. zlib exports the 'zcalloc' symbol, which collides
with a function of the same name in memory.c. This is not a problem when
linking dynamically, since quagga does not use zlib directly. But static
linking fails with the error:
CCLD ospfd
.../output/host/usr/mips64el-buildroot-linux-uclibc/sysroot/usr/lib/libz.a(zutil.o): In function `zcalloc':
zutil.c:(.text+0x48): multiple definition of `zcalloc'
.../output/build/quagga-1.0.20160315/lib/.libs/libzebra.a(memory.o):memory.c:(.text+0x1a0): first defined here
Rename 'zcalloc' to 'zzcalloc' to avoid symbol collision.
When static linking is used, the order of the libraries is important,
and the libraries using a symbol from another library should be listed
*before* the library providing that symbol (see
http://eli.thegreenplace.net/2013/07/09/library-order-in-static-linking)
for details.
When vtysh is linked statically, the command line contains "-lcurses
-lreadline", which causes a build failure due to unresolved
symbols. This is because readline is using symbols from the curses
library: the order should be the opposite.
This patch fixes that problem by putting the -lreadline at the
beginning of the LIBREADLINE variable calcualted by the configure
script.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il>
David Lamparter [Wed, 31 Aug 2016 11:31:16 +0000 (13:31 +0200)]
zebra: stack overrun in IPv6 RA receive code (CVE ##TBA##)
The IPv6 RA code also receives ICMPv6 RS and RA messages.
Unfortunately, by bad coding practice, the buffer size specified on
receiving such messages mixed up 2 constants that in fact have different
values.
The code itself has:
#define RTADV_MSG_SIZE 4096
While BUFSIZ is system-dependent, in my case (x86_64 glibc):
/usr/include/_G_config.h:#define _G_BUFSIZ 8192
/usr/include/libio.h:#define _IO_BUFSIZ _G_BUFSIZ
/usr/include/stdio.h:# define BUFSIZ _IO_BUFSIZ
As the latter is passed to the kernel on recvmsg(), it's possible to
overwrite 4kB of stack -- with ICMPv6 packets that can be globally sent
to any of the system's addresses (using fragmentation to get to 8k).
(The socket has filters installed limiting this to RS and RA packets,
but does not have a filter for source address or TTL.)
Issue discovered by trying to test other stuff, which randomly caused
the stack to be smaller than 8kB in that code location, which then
causes the kernel to report EFAULT (Bad address).
Ticket: CM-12687 Signed-off-by: David Lamparter <equinox@opensourcerouting.org> Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 6a98e6a916c18bb130430d1dcbd9f23a17ac97bd)
root [Tue, 30 Aug 2016 12:59:08 +0000 (08:59 -0400)]
bgpd: Add fix for multiple set commands with prefer-global
In further testing, found that if there were multiple set commands in
the route-map with one being prefer-global, the removal of the prefer-global
was not recognized and reacted to correctly. This small addition includes
that support
Ticket: CM-11480 Signed-off-by: Don Slice
Reviewed By: Donald Sharp
Testing Done: Manual testing, bgp-min and bgp-smoke completed
Renato Westphal [Wed, 24 Aug 2016 15:11:00 +0000 (12:11 -0300)]
bgpd: fix build on Solaris
* Solaris doesn't have u_int64_t, so use uint64_t instead. C99-style
fixed-width integers should always be preferred to improve portability;
* 's_addr' is a macro on Solaris, so we can't use it as a variable name.
Rename the 's_addr' variable to 'addr' in the
bgp_peer_conf_if_to_su_update_v4() function.
Timo Teräs [Mon, 2 Nov 2015 14:50:07 +0000 (16:50 +0200)]
zebra: implement per-route mtu handling
This commits allow overriding MTU using netlink attributes on
per-route basis. This is useful for routing protocols that can
advertice prefix specific MTUs between routers (e.g. NHRP).
Timo Teräs [Mon, 2 Nov 2015 14:50:05 +0000 (16:50 +0200)]
zebra: make ZEBRA_FLAG_CHANGED internal status
This flag is used internally in zebra only. And it makes no sense
to expose it over the zclient API, as having it set from client
could corrupt the internal state.
Signed-off-by: Timo Teräs <timo.teras@iki.fi> Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 7eb6136b2732d4782360f9f376336c6d4f667ff0)
David Lamparter [Fri, 12 Aug 2016 23:20:20 +0000 (01:20 +0200)]
isisd: fix is_type_set
Code's "is_type" is "circuit-type" in CLI, "circuit_type" is "network"
(type) in CLI, and the function to change is_type is
isis_event_circuit_type_change()... *headdesk*
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 11 Aug 2016 15:02:50 +0000 (17:02 +0200)]
isisd: fix isis_circuit_af_set() on fresh circuit
A newly-created circuit will be in enabled state but have neither IPv4
nor IPv6 configured. The logic in isis_circuit_af_set assumed that
"enabled" is equivalent to "ip || ipv6".
This is the only place where this distinction is currently relevant, as
the CLI won't allow enabling an interface without enabling either IPv4
or IPv6; and it will also disable a circuit when both are deconfigured.
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 11 Aug 2016 14:59:08 +0000 (16:59 +0200)]
isisd: fix isis_circuit_create()
Between the awkwardly managed CSM and the tacked-on IPv6 support, the
simplified logic to setup a circuit wasn't quite right.
Note that the API essentially allows creating a circuit without enabling
either IPv4 or IPv6. This wasn't possible before and probably breaks
isisd in 'interesting' ways. The CLI won't do this, so it's only an
issue when adding on other configuration mechanisms.
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
vivek [Thu, 18 Aug 2016 22:02:49 +0000 (15:02 -0700)]
bgpd: Upon interface up (update) only kick-off non-Established peers
Any interface flags/parameter change (e.g., MTU, PROMISC flag change) is
notified by zebra to clients as an "up" event. BGP literally treats this
as the interface coming up and kicks all neighbors on that interface (i.e.,
directly connected peers). When doing so for IPv4 peers on the interface
(numbered or unnumbered /30-/31) or IPv6 numbered peers, peers that may
already be Established are also flapped; when doing so for IPv6 unnumbered
peers (classic 'neighbor swpX interface' scenario with no configured IP
address on interface), only peers not in Established state are processed.
This patch fixes the code to ensure that in all cases, only non-Established
peers are kicked.
Use with interface command:
interface ppp0
ip ospf area 0.0.0.0
This will enable OSPF on ppp0 with area 0.0.0.0
Remove with "no ip ospf area"
* ospf_vty.c: add "ip ospf area (A.B.C.D|<0-4294967295>)" interface command
* ospfd.c: (ospf_interface_{un,}set) new helper function to enable/disable
OSPF on a specific interface.
(ospf_if_update) 2 possible paths now to deal with interface updates.
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[DL: this restores the tree to deccaf9...]
Donald Sharp [Wed, 16 Dec 2015 19:22:11 +0000 (14:22 -0500)]
ospfd: Remove HAVE_OSPF_TE
Remove from ospf the HAVE_OSPF_TE define and just always have
ospf traffic engineering.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Tested-by: NetDEF CI System <cisystem@netdef.org>
(cherry picked from commit 693da6096a28eef5eadeea699771265987b3ec0c)
Donald Sharp [Wed, 16 Dec 2015 19:22:10 +0000 (14:22 -0500)]
ospfd: Remove HAVE_OPAQUE_LSA
HAVE_OPAQUE_LSA is used by default and you have to actively turn it off
except that OPAQUE_LSA is an industry standard and used pretty much
everywhere. There is no need to have special #defines for this anymore.
David Lamparter [Thu, 11 Aug 2016 15:28:58 +0000 (17:28 +0200)]
bgpd: only try to identify VRF on Linux
Only Linux has SO_BINDTODEVICE, but that's not a problem since the whole
VRF use case in that instance is currently Linux-specific. Other OS's
VRF implementations will need different code.
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Fri, 12 Aug 2016 23:20:20 +0000 (01:20 +0200)]
isisd: fix is_type_set
Code's "is_type" is "circuit-type" in CLI, "circuit_type" is "network"
(type) in CLI, and the function to change is_type is
isis_event_circuit_type_change()... *headdesk*
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 11 Aug 2016 15:02:50 +0000 (17:02 +0200)]
isisd: fix isis_circuit_af_set() on fresh circuit
A newly-created circuit will be in enabled state but have neither IPv4
nor IPv6 configured. The logic in isis_circuit_af_set assumed that
"enabled" is equivalent to "ip || ipv6".
This is the only place where this distinction is currently relevant, as
the CLI won't allow enabling an interface without enabling either IPv4
or IPv6; and it will also disable a circuit when both are deconfigured.
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 11 Aug 2016 14:59:08 +0000 (16:59 +0200)]
isisd: fix isis_circuit_create()
Between the awkwardly managed CSM and the tacked-on IPv6 support, the
simplified logic to setup a circuit wasn't quite right.
Note that the API essentially allows creating a circuit without enabling
either IPv4 or IPv6. This wasn't possible before and probably breaks
isisd in 'interesting' ways. The CLI won't do this, so it's only an
issue when adding on other configuration mechanisms.
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Christian Franke [Tue, 10 Nov 2015 17:04:42 +0000 (18:04 +0100)]
lib: don't have log functions change errno
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit abfd40d68202882696260617729518a6d2c99302)
Donald Sharp [Mon, 15 Aug 2016 16:04:30 +0000 (12:04 -0400)]
zebra: Fix usage of accidental NULL pointer
NS_DEFAULT is #defined to 0, We are passing it
in to a function that is taking 'struct zebra_ns *'
which is translating into a NULL pointer. Which
in some situations will cause a crash.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Daniel Walton <dwalton@cumulusnetworks.com>
Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Donald Sharp [Mon, 15 Aug 2016 16:04:30 +0000 (12:04 -0400)]
zebra: Fix usage of accidental NULL pointer
NS_DEFAULT is #defined to 0, We are passing it
in to a function that is taking 'struct zebra_ns *'
which is translating into a NULL pointer. Which
in some situations will cause a crash.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Daniel Walton <dwalton@cumulusnetworks.com>
Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
The recommended, and in many ways the only supported, model for
the configuration file of quagga is to use a single Quagga.conf
configuration file. However, we weren't shipping with this model,
which led to some confusion amongst users. This patch fixes this
by removing all individual daemon configuration files and replacing
it with the single Quagga.conf file.
Sid Khot [Sat, 13 Aug 2016 00:09:27 +0000 (17:09 -0700)]
bgpd: Reverting fix for CM-5040: BGP and OSPF should accept "router-id use-loopback"
ospfd: Reverting fix for CM-5040: BGP and OSPF should accept "router-id use-loopback"
Renato Westphal [Thu, 4 Aug 2016 13:07:32 +0000 (10:07 -0300)]
zebra: create an abstraction layer for netlink_neigh_update()
We shouldn't have platform-agnostic code (e.g. zebra/interface.c)
calling platform-specific functions (e.g. netlink_neigh_update).
This commit introduces the kernel_neigh_update() function, which then
has to be implemented by all supported platforms. Currently only Linux
implements this function, which is only used by the RTADV code.
Renato Westphal [Thu, 4 Aug 2016 13:07:30 +0000 (10:07 -0300)]
pimd: add a workaround for *BSD
VIFF_USE_IFINDEX is not available on BSDs and other UNIX systems. In
order to build pimd on these platforms, use 'vifc_lcl_addr' instead of
'vifc_lcl_ifindex' to specify the interfaces we want to enable forwarding
of multicast traffic. In the case of unnumbered interfaces, print an
error and return.
Renato Westphal [Thu, 4 Aug 2016 13:07:26 +0000 (10:07 -0300)]
lib: fix setting of IPv4 multicast sockopts on OpenBSD
OpenBSD doesn't support the "ifindex hack" derived from RFC 1724 which
allows an ifindex to be encoded in the imr_interface field (in_addr)
of the ip_mreq structure. OpenBSD also doesn't support the RFC3678
Protocol-Independent socket API extensions, which allows an interface
to be specified by its ifindex. With that said, in OpenBSD we still need
to specify an interface by its IP address. This patch adds an exception
in the multicast sockopt functions to handle this case.
Renato Westphal [Thu, 4 Aug 2016 13:07:25 +0000 (10:07 -0300)]
ospf6d: fix sendmsg on OpenBSD
When sending ancillary data on OpenBSD, we need to tell the compiler
that the ancillary data buffer should be aligned on the stack to the
minimum alignment of the first ancillary data object that will be sent.
Additionally, HAVE_SIN6_SCOPE_ID is not defined anywhere, check for
HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID instead.
projects / mirror / frr.git / log