Philippe Guibert [Wed, 17 Feb 2021 10:43:52 +0000 (11:43 +0100)]
zebra: move ipset and ipset_entry to zebra dplane contexts
like it has been done for iptable contexts, a zebra dplane context is
created for each ipset/ipset entry event. The zebra_dplane_ctx job is
then enqueued and processed by separate thread. Like it has been done
for zebra_pbr_iptable context, the ipset and ipset entry contexts are
encapsulated into an union of structures in zebra_dplane_ctx.
There is a specificity in that when storing ipset_entry structure, there
was a backpointer pointer to the ipset structure that is necessary
to get some complementary information before calling the hook. The
proposal is to use an ipset_entry_info structure next to the ipset_entry,
in the zebra_dplane context. That information is used for ipset_entry
processing. The ipset name and the ipset type are the only fields
necessary.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
isisd, yang, doc: combine config cmd for SRGB+SRLB
when changing both ranges at the same time the order of the commands
matters, as we need to make sure that the intermediate state is valid.
This represents a problem when pushing configuration via frr-reload.
To fix this, the global-block command was extended to optionally
allow setting the local-block range as well. The local-block command
is deprecated with a 1-year notice.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Igor Ryzhov [Tue, 9 Mar 2021 20:08:41 +0000 (23:08 +0300)]
bfdd: fix detect timeout
RFC 5880 Section 6.8.4:
In Asynchronous mode, the Detection Time calculated in the local
system is equal to the value of Detect Mult received from the remote
system, multiplied by the agreed transmit interval of the remote
system (the greater of bfd.RequiredMinRxInterval and the last
received Desired Min TX Interval).
Olivier Dugeon [Tue, 9 Mar 2021 10:00:32 +0000 (11:00 +0100)]
ospfd: Correct Segment Routing prefix bugs
This patch solves 2 Segment Routing prefix bugs:
- If Segment Routing is not enabled in the initial configuration, Extended
Prefix Opaque LSA is not flood. This is due to a control flag which is
set only when Segment Routing is enabled at startup and not latter.
- Attempting to modify Segment Routing prefix flag e.g. adding or removing
no-php or explicit-null flag, doesn't work as expected: Corresponding entry
in the MPLS table is not updated, Extended Prefix Opaque LSA carry wrong flag
value, and neighbor set a wrong configuration in the MPLS table for this
Segment Routing prefix.
The first bug is corrected in ospfd/ospf_ext.c:
- Flag setting is moved from ospf_ext_ism_change() to set_ext_prefix() function
The seconf one is corrected in ospfd/ospf_sr.c:
- For self node, previous MPLS entry is removed if needed and flag reset before
setting the new Segment Routing prefix configuration
- For neighbor node, srnext field of sr_prefix structure is always set and not
only for new SR Prefix.
Donald Sharp [Sat, 6 Mar 2021 14:31:45 +0000 (09:31 -0500)]
bgpd: Display RPKI validation state if we have it
When dumping data about prefixes in bgp. Let's dump the
rpki validation state as well:
Output if rpki is turned on:
janelle# show rpki prefix 2003::/19
Prefix Prefix Length Origin-AS
2003:: 19 - 19 3320
janelle# show bgp ipv6 uni 2003::/19
BGP routing table entry for 2003::/19
Paths: (1 available, best #1, table default)
Not advertised to any peer
15096 6939 3320
::ffff:4113:867a from 65.19.134.122 (193.72.216.231)
(fe80::e063:daff:fe79:1dab) (used)
Origin IGP, valid, external, best (First path received), validation-state: valid
Last update: Sat Mar 6 09:20:51 2021
janelle# show rpki prefix 8.8.8.0/24
Prefix Prefix Length Origin-AS
janelle# show bgp ipv4 uni 8.8.8.0/24
BGP routing table entry for 8.8.8.0/24
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
100.99.229.142
15096 6939 15169
65.19.134.122 from 65.19.134.122 (193.72.216.231)
Origin IGP, valid, external, best (First path received), validation-state: not found
Last update: Sat Mar 6 09:21:25 2021
Example output when rpki is not configured:
eva# show bgp ipv4 uni 8.8.8.0/24
BGP routing table entry for 8.8.8.0/24
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
janelle(192.168.161.137)
64539 15096 6939 15169
192.168.161.137(janelle) from janelle(192.168.161.137) (192.168.44.1)
Origin IGP, valid, external, bestpath-from-AS 64539, best (First path received)
Last update: Sat Mar 6 09:33:51 2021
Igor Ryzhov [Thu, 4 Mar 2021 18:17:20 +0000 (21:17 +0300)]
bfdd: fix echo configuration in profile
It's not currently possible to configure echo mode in profile node:
```
(config)# bfd
(config-bfd)# profile test
(config-bfd-profile)# echo-mode
% Echo mode is only available for single hop sessions.
(config-bfd-profile)# echo-interval 20
% Echo mode is only available for single hop sessions.
```
Philippe Guibert [Tue, 16 Feb 2021 14:29:29 +0000 (15:29 +0100)]
zebra: move iptable handling in zebra_dplane
The iptable processing was not handled in remote dataplane, and was
directly processed by the thread in charge of zapi calls. Now that call
can be handled in the zebra_dplane separate thread. once a
zebra_dplane_ctx is allocated for iptable handling, the hook call is
performed later. Subsequently, a return code may be triggered to zclient
interface if any problem occurs when calling the hook call.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Christian Hopps [Sun, 28 Feb 2021 16:49:40 +0000 (11:49 -0500)]
pimd: correctly get interface name for error message
This was found while doing libyang2 work (causes assert); however, it is
also incorrect for libyang1 (empty canonical value for incorrectly
referenced interface vs interface-name node).
While here, fix 2 other incorrect uses of "." on a container node.
Trey Aspelund [Thu, 4 Mar 2021 02:05:56 +0000 (02:05 +0000)]
bgpd: fix bgp statistics for l2vpn evpn
'show bgp l2vpn evpn statistics' was returning 0 for all stats
because bgp_table_stats_walker bailed out if afi != AFI_IP or AFI_IP6.
Add case condition to catch AFI_L2VPN.
Igor Ryzhov [Wed, 3 Mar 2021 21:13:44 +0000 (00:13 +0300)]
doc: fix link for python2 get-pip.py
Script by the current link doesn't work with Python 2 anymore:
```
ERROR: This script does not work on Python 2.7 The minimum supported Python version is 3.6.
Please use https://bootstrap.pypa.io/2.7/get-pip.py instead.
```
Igor Ryzhov [Wed, 3 Mar 2021 20:10:19 +0000 (23:10 +0300)]
bfdd: forbid creation of the same peer with and without interface name
Currently it is possible to configure the same peer with and without
interface name:
```
bfd
peer 1.1.1.1
!
peer 1.1.1.1 interface enp0s3
!
```
There are multiple problems with that:
1. Both nodes actually control the same BFD session. So the config is
either duplicated or, even worse, different - and there is no way to
say which one actually works.
2. When the user deletes both nodes, the session is not actually freed,
because its refcount is always greater than 1.
Such configuration must be forbidden. User should either have single
node with wildcard name or multiple nodes with actual names.
lynne [Tue, 2 Mar 2021 21:40:56 +0000 (16:40 -0500)]
ospf6d: Don't advertise AS-External LSAs into stub area
If area is a normal area and has adjacencies up and then the user changes
the area to a stub area, the code was leaving existing AS-External LSAs in
the database and was sending AS-External LSAs into the stub area causing
the adjacency to stay in Ex-Start. With this change we now cleanup the
AS-External LSAs that existed when area was not a stub and do not advertise
AS-External LSAs into the stub area.
ospf6 keeps a flag to remember whether the cost for an interface
was manually added via config or computed automatically, but if
the configured value matches the auto-computed one we were not
setting this flag, meaning that the config would not show up in
the config.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Donald Sharp [Sun, 28 Feb 2021 04:02:53 +0000 (23:02 -0500)]
tests: Remove sleep(60) and look for convergence
Sleeping when convergence is not guaranteed in 60 seconds
and then testing the rib to see if it has the data is
not a great way to have a test complete all the time.
Modify the code so that we check for convergence
and if we have converged then look in the rib.
projects / matthieu / frr.git / log