isisd: link protection optional fallback in ti-lfa
The current implementation of TI-LFA computes link-protecting
repair paths (even when node protection is enabled) to have repair
paths to all destinations when no node-protecting repair has been
found. This may be desired or not. E.g. the link-protecting paths
may use the protected node and be, therefore, useless if the node
fails. Also, computing link-protecting repairs incurs extra
calculations.
With this patch, when node protection is enabled, link protecting
repair paths are only computed if "link-fallback" is specified in
the configuration, on a per interface and IS-IS level.
David Lamparter [Tue, 16 Mar 2021 10:03:44 +0000 (11:03 +0100)]
lib: rework how we "override" assert()
The previous method, using zassert.h and hoping nothing includes
assert.h (which, on glibc at least, just does "#undef assert" and puts
its own definition in...) was fragile - and actually broke undetected.
Just provide our own assert.h and control overriding by putting it in a
separate directory to add to the include path (or not.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Donald Sharp [Sun, 2 May 2021 11:39:36 +0000 (07:39 -0400)]
lib: Provide some better error handling for operator
When an operator encounters a situation where the number
of FD's open is greater than what we have been configured
to legitimately handle via uname or the `--limit-fds` command
line, abort with a message that they should be able to
debug and figure out what is going on.
Fixes: #8596 Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Donald Sharp [Tue, 27 Apr 2021 11:15:26 +0000 (07:15 -0400)]
zebra: Allow interface up events to read speed
Initially the reading of the speed of an interface happened
upon interface creation and happened until the speed of a link
settled down to a single value. The speed of an interface
can also change as that a new optic can be inserted that
changes the speed, in which case FRR would see a interface
down (optic removal) and then a interface up (optic insertion).
In this case FRR would not treat this as an event that changed
the speed. Let's expand the checking a bit more.
When enabling TI-LFA the forward SPF for neighbors adjacent to the
PLR is computed. Later, when computing the PQ spaces, the reverse
SPF trees for those adjacent neighbors affected by the protected
interface are computed.
When node protection is enabled, TI-LFA link protection is run
immediately afterwards to compute repairs in case no
node-protecting backup path exists. In this second run, the
existing code tries to compute the reverse SPF tree for the same
node, without freeing the SPF tree of the prior run.
This patch fixes this by not computing the reverse SPF again, thus
avoiding a memory leak and an unnecessary SPF run.
Philippe Guibert [Thu, 29 Apr 2021 10:02:47 +0000 (12:02 +0200)]
zebra: at startup, fix links on all namespaces
when zebra has vrf backend mapped to namespaces, the polling
of interfaces leads to fix all linkages of interfaces. This
was not done on non default namespace. do it for other namespaces.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Quentin Young [Mon, 26 Apr 2021 22:59:48 +0000 (18:59 -0400)]
bgpd: avoid allocating very large stack buffer
As pointed out on code review of BGP extended messages, increasing the
maximum BGP message size has the consequence of growing the dynamically
sized stack buffer up to 650K. While unlikely to exceed modern stack
sizes it is still unreasonably large. Remedy this with a heap buffer.
rgirada [Fri, 19 Feb 2021 04:15:40 +0000 (20:15 -0800)]
lib: Routemap is not getting applied upon changing the routemap action
Description:
This looks broken after NB changes in routemap. When routemap
action modified from permit to deny, it is expected to apply
the new action on the filtered routes before the action in the
routemap data structure has been changed. But currently this is
not handled by the corresponding northbound API.
Igor Ryzhov [Wed, 28 Apr 2021 22:59:56 +0000 (01:59 +0300)]
isisd: fix ldp-sync configuration
YANG model and CLI commands allow user to configure LDP-sync per area.
But the actual implementation is incorrect - all commands are changing
the config for the whole VRF instead of a single area. This commit fixes
this issue by actually implementing per area configuration.
Igor Ryzhov [Tue, 27 Apr 2021 22:57:21 +0000 (01:57 +0300)]
isisd: allow arbitrary order of area/interface configuration
Currently we don't allow to configure the interface before the area is
configured. This approach has the following issues:
1. The area config can be deleted even when we have an interface config
relying on it. The code is not ready for that - we'll have a whole
bunch of stale pointers if user does that.
2. The code doesn't correctly process the event of changing the VRF for
an interface. There is no mechanism to ensure that the area exists
in the new VRF so currently the circuit still stays in the old VRF.
This commit allows an arbitrary order of area/interface configuration.
There is no more need to configure the area before configuring the
interface.
Igor Ryzhov [Tue, 27 Apr 2021 12:06:37 +0000 (15:06 +0300)]
isisd: update link params after circuit is up
Call from isis_circuit_create works only if we enable isis on an already
existing interface. If we configure isis on a pseudo interface and then
actually create it - this call doesn't work.
Igor Ryzhov [Tue, 27 Apr 2021 14:28:44 +0000 (17:28 +0300)]
isisd: fix incorrect snmp-id gen/free
Necessary structures for snmp-id generation are currently stored in
`struct isis`. When we generate the new circuit ID, we always use the
instance from the default VRF. When we free the circuit ID, we use the
instance from the circuit VRF. This causes the following problems:
1. If there is no instance in the default VRF, this code doesn't work.
2. When circuit in non-default VRF is deleted, the ID is not actually
freed.
This is fixed by using global structures instead. The code itself is
moved to isis_snmp.c and linked to the main code using hooks. We should
not call SNMP-related code when the SNMP module is not loaded at all.
More than that, we don't allow to activate the circuit if we failed to
generate the SNMP ID. Even if SNMP support is completely disabled! This
check is removed.
Quentin Young [Wed, 23 Sep 2020 19:31:52 +0000 (15:31 -0400)]
bgpd, zebra: encode ip addr len as uint16
This is always a 16 bit unsigned value.
- signed int is the wrong type to use
- encoding a signed int as a uint32 is bad practice
- decoding a signed int encoded as a uint32 into a uint16 is bad
practice
Igor Ryzhov [Tue, 27 Apr 2021 23:52:58 +0000 (02:52 +0300)]
tests: fix topotest polling log
The current log prints maximum wait time which is not actually correct,
because it doesn't include the command execution time. We usually have
"failed after X seconds" log with X being far longer than this maximum.
Igor Ryzhov [Fri, 23 Apr 2021 18:36:12 +0000 (21:36 +0300)]
bgpd: fix bgp_get_vty return values
There are multiple problems:
- commit ef7c53e2 introduced a new return value 2 which broke things,
because a lot of code treats non-zero return as an error,
- there is an incorrect error returned when AS number mismatches.
Fredi Raspall [Thu, 18 Feb 2021 22:45:08 +0000 (23:45 +0100)]
ldpd: defer register for info until configured
Instead of registering to receive default-VRF information and routes
when first connected to zebra, defer the registration until some ldp
configuration is entered.
This avoids redistributing IPv4/IPv6 routes to ldpd when not needed.
Signed-off-by: Fredi Raspall <fredi@voltanet.io> Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Donald Sharp [Sat, 24 Apr 2021 03:50:31 +0000 (23:50 -0400)]
bgpd: Prevent race condition loss of config
If we have a situation where BGP is partially reading in a config
file for a neighbor, *and* the neighbor is coming up *and* we
have a doppelganger. There exists a race condition when we transfer
the config from the doppelganger to the config peer that we will
overwrite later config because we are copying the config data
from the doppelganger peer( which was captured at the start of initiation
of the peering ).
From what I can tell the peer->af_flags variable is to hold configuration
flags for the local peer. The doppelganger should never overwrite this.
Igor Ryzhov [Fri, 23 Apr 2021 22:32:53 +0000 (01:32 +0300)]
tests: fix bfd-bgp-cbit-topo3 test
This test is completely incorrect on test_bfd_loss_intermediate step.
It shuts down the interface and then "waiting" for the BGP session to
fail. But instead of the actual wait it compares the output of "show bfd
peers" with the "up" state. As it does this comparison right after the
interface shutdown, the BFD session has not yet failed and the comparison
is always successful except very rare cases when the command takes a lot
of time to execute (due to the heavy load on CI system I suppose).
David Lamparter [Fri, 23 Apr 2021 13:17:07 +0000 (15:17 +0200)]
ldpd: set `frr_is_after_fork` in lde/ldpe
These subprocesses don't use frr_config_fork(), so frr_is_after_fork is
never set. While the frr_pthread stuff isn't currently used there, set
the flag anyway to avoid future headaches.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Donald Sharp [Thu, 22 Apr 2021 19:04:15 +0000 (15:04 -0400)]
isisd: Remove warnings and add some data to debugs for isis_csm.c
When running isis and not running isis on all interfaces results
in a bunch of warn messages to the log about circuit state
changes. These warn messages also didn't bother to inform
the end user what interface was causing the fun. Since
the end operator cannot do anything with these warn messages
and nor should they in the vast array of normal operations
modify the code to use event debugging and turn the warns
to debugs.
Additionally add some information to clue the operator
in on to what actual interface we are talking about.
projects / mirror / frr.git / log