bgpd: Make sure network/aggregate-address commands lay down under labeled safi
unicast and labeled-unicast share the same table, but configuration should
be visible for both independently. Without this fix it confuses a bit
because when you enter `network 10.0.0.0/24` under labeled-unicast it's
written in unicast family block.
Donatas Abraitis [Mon, 25 May 2020 14:22:37 +0000 (17:22 +0300)]
bgpd: Use IPv6 LL address as nexthop if global was set to ::/LL
This happens between Bird and FRR. Maybe others as well, dunno.
Bird sends ::(fe80::1588) and we have a nexthop as :: which is inaccessible:
```
BGP routing table entry for fdff:b87d:f5b0::/48
Paths: (1 available, no best path)
Not advertised to any peer 4242421588424242254742424226014242423605
:: (inaccessible) from fe80::1588 (172.20.16.140)
(fe80::1588) (used)
Origin IGP, invalid, external
Last update: Mon May 25 14:27:02 2020
```
bgpd: Set a proper SAFI for labaled-unicast when looking for scount
The problem is that peer_af_array returns NULL when SAFI is changed to
unicast. We use unicast table, but peer is created and activated under
labeled-unicast, hence we should lookup with a proper SAFI id.
Without this patch peer_af_find() returns NULL and we can't show
PfxSnt in `show bgp summary`.
Donald Sharp [Thu, 7 May 2020 14:03:31 +0000 (10:03 -0400)]
bgpd: `bgp bestpath bandwidth` should not be a legal command
The `bgp bestpath bandwidth` command should not be a legal
command. Pull out the `no` form to allow this. Allow
`no bgp bestpath bandwidth` to work as we would expect.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 11 May 2020 12:45:11 +0000 (08:45 -0400)]
bgpd: really remove the `no ip as-path...` command
We had already removed the `ip as-path..` command
to have `bgp as-path` but for some reason a `no ip as-path..`
command ALIAS was still around. Kill with extreme prejudice.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Olivier Dugeon [Mon, 4 May 2020 16:26:21 +0000 (18:26 +0200)]
isisd: IS-IS-SR preparation for master 4/5
* Regroup fonctions to install label for Prefix and Adjacency SID
* Change 'replace_semantics' variable name by 'make_before_break' in
sr_prefix_reinstall() function and adjust comments
* Call directly lsp_regenerate_schedule() from isis_nb_config.c when MSD
is updated
Olivier Dugeon [Sun, 3 May 2020 18:01:20 +0000 (20:01 +0200)]
isisd: IS-IS-SR preparation for master 2/5
* Rename functions following rules: isis_sr_XXX is kept for external functions
and isis_sr prefix remove for static ones
* Rename local_label & remote_label variables by input_label & output_label
* Change parameter order (to follow other functions) in sr_node_srgb_update()
* Rename RB-TREE variable from tree_sr_XXX to srdb_XXX
* Replace parse_flags by an enum and rename it srdb_state which reflects
more the role of this flag: determined the state of SR-Node and SR-Prefix
stored in the SRDB: VALIDATED, NEW, MODIFIED, UNCHANGED
David Lamparter [Mon, 11 May 2020 19:37:08 +0000 (21:37 +0200)]
build: use configfile mode in init script
This only applies for split-config; the init script would create an
empty config file with default permissions.
Reported-by: Robert Scheck <robert@fedoraproject.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 5c9063771195bb51a8cc1c64f9924e53a0602817)
Donald Sharp [Wed, 6 May 2020 14:13:48 +0000 (10:13 -0400)]
zebra: Loosen ONLINK restrictions a tiny bit
Loosen the ONLINK restrictions such that when an upper
level protocol sends us a nexthop with an ONLINK attribute
just ensure that interface is up and usable. ONLINK effectively
means we know what we are doing to the kernel.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Josh Cox [Tue, 5 May 2020 17:09:14 +0000 (13:09 -0400)]
bgpd: Check to ensure community attributes exist before freeing them
Community attributes might have been removed by an inbound route map, so we
should check to ensure they still exist before trying to free them.
This fixes a segfault described in issue #6345.
David Lamparter [Mon, 4 May 2020 15:30:24 +0000 (17:30 +0200)]
tools: frr-llvm-cg
This dumps call graph data from LLVM bitcode files into a JSON file.
Specifically for FRR, it understands thread_add_*(), hook_*() and
install_element() so it can provide extra information in these cases.
As a general feature, it tries to track down function pointers as far as
easily feasible.
Signed-off-by: David Lamparter <equinox@diac24.net>
Stephen Worley [Fri, 1 May 2020 16:34:43 +0000 (12:34 -0400)]
zebra: force off kernel NHG install with netns VRFs
Force off kernel NHG install with netns-based VRFs for
now. There is not really a good solution for allowing
kernel nexthop groups in namespaced based vrfs.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Donald Sharp [Thu, 30 Apr 2020 15:16:28 +0000 (11:16 -0400)]
bgpd: Ensure that we have a ifp pointer
It is possible that the if_lookup_by_index() call will return
a NULL value and calling zclient_send_interface_radv_req. Just
test that we have a valid interface pointer.
Found by Coverity
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This change modify the way IS-IS is connected to the Label Manager:
- Add emission of Hello Message prior to the connection as per
modification introduced by PR #5925
- Add 'session_id' as per modification introduced by PR #6224
- Add Doxygen documentation to Label Manager functions
Each router has both an IPv4 and an IPv6 loopback address, each of
which has a corresponding Prefix-SID configured.
Basic SR functionality is tested. First, the topotest ensures that
all expected Prefix-SIDs and Adj-SIDs are flooded and installed
correctly in all routers of the network. Later, network failures
are simulated and configuration changes are performed in several
different routers. The topotest then checks if IS-IS has converged
as expected in the network according to the network failures and
configuration changes that happened.
The topotest comprises 11 different steps, each with four individual
tests (for a total of 44 tests). A summary of what each step does
is provided below:
---
STEP 1:
-Initial network convergence
---
Step 2:
Action(s):
-Disable IS-IS on the eth-rt5 interface on rt4
Expected changes:
-rt4 should uninstall the Adj-SIDs pointing to rt5
-rt5 should uninstall the Adj-SIDs pointing to rt4
-rt2 should reinstall rt5's Prefix-SIDs (2 nexthops deleted)
-rt3 should reinstall rt4's Prefix-SIDs (2 nexthops deleted)
-rt4 should reinstall rt3's Prefix-SIDs (1 nexthop deleted)
-rt4 should reinstall rt5's Prefix-SIDs (1 nexthop changed)
-rt5 should reinstall rt2's Prefix-SIDs (1 nexthop deleted)
-rt5 should reinstall rt4's Prefix-SIDs (1 nexthop changed)
---
Step 3:
Action(s):
-Shut down the eth-rt4 interface on rt6
-Shut down the eth-rt5 interface on rt6
Expected changes:
-All routers should uninstall rt6's Prefix-SIDs
-rt4 and rt5 should uninstall the Adj-SIDs pointing to rt6
-rt4 should reconverge rt5's Prefix-SIDs through rt2 using ECMP
-rt5 should reconverge rt4's Prefix-SIDs through rt3 using ECMP
-rt6 should uninstall all its IS-IS routes, Prefix-SIDs and Adj-SIDs
---
Step 4:
Action(s):
-Bring up the eth-rt4 interface on rt6
-Bring up the eth-rt5 interface on rt6
-Change rt6's SRGB
Expected changes:
-All routers should install rt6's Prefix-SIDs
-rt4 and rt5 should install Adj-SIDs for rt6
-rt4 should reconverge rt5's Prefix-SIDs through rt6 using the new SRGB
-rt5 should reconverge rt4's Prefix-SIDs through rt6 using the new SRGB
-rt6 should reinstall all IS-IS routes and Prefix-SIDs from the network,
and Adj-SIDs for rt4 and rt5
---
Step 5:
Action(s):
-Disable SR on rt6
Expected changes:
-All routers should uninstall rt6's Prefix-SIDs
-rt4 should uninstall rt5's Prefix-SIDs since the nexthop router hasn't
SR enabled anymore
-rt5 should uninstall rt4's Prefix-SIDs since the nexthop router hasn't
SR enabled anymore
-rt6 should uninstall all Prefix-SIDs from the network, and the Adj-SIDs
for rt4 and rt5
---
Step 6:
Action(s):
-Enable SR on rt6
Expected changes:
-All routers should install rt6's Prefix-SIDs
-rt4 should install rt5's Prefix-SIDs through rt6
-rt5 should install rt4's Prefix-SIDs through rt6
-rt6 should install all Prefix-SIDs from the network, and Adj-SIDs for
rt4 and rt5
---
Step 7:
Action(s):
-Delete rt1's Prefix-SIDs
Expected changes:
-All routers should uninstall rt1's Prefix-SIDs
---
Step 8:
Action(s):
-Re-add rt1's Prefix-SIDs
Expected changes:
-All routers should install rt1's Prefix-SIDs
---
Step 9:
Action(s):
-Change rt1's Prefix-SIDs to use the no-php option
-Change rt6's Prefix-SIDs to stop using the explicit-null option
Expected changes:
-rt2 and rt3 should reinstall rt1's Prefix-SIDs accordingly
-rt4 and rt5 should reinstall rt6's Prefix-SIDs accordingly
---
Step 10:
Action(s):
-Remove the IPv4 address from rt4's eth-rt2-1 interface
Expected changes:
-rt2 should uninstall the IPv4 Adj-SIDs attached to the eth-rt4-1
interface
-rt2 should reinstall all IPv4 Prefix-SIDs whose nexthop router is rt4
(ECMP shouldn't be used anymore)
-rt4 should reinstall all IPv4 Prefix-SIDs whose nexthop router is rt2
(ECMP shouldn't be used anymore)
---
Step 11:
Action(s):
-Restore the original network setup
Expected changes:
-All routes, Prefix-SIDs and Adj-SIDs should be the same as they were
after the initial network convergence (step 1)
Renato Westphal [Sun, 4 Aug 2019 01:02:37 +0000 (22:02 -0300)]
isisd: add support for segment routing
This is an implementation of the IS-IS SR draft [1] for FRR.
The following features are supported:
* IPv4 and IPv6 Prefix-SIDs;
* IPv4 and IPv6 Adj-SIDs and LAN-Adj-SIDs;
* Index and absolute labels;
* The no-php and explicit-null Prefix-SID flags;
* Full integration with the Label Manager.
Known limitations:
* No support for Anycast-SIDs;
* No support for the SID/Label Binding TLV (required for LDP interop).
* No support for persistent Adj-SIDs;
* No support for multiple SRGBs.
Renato Westphal [Wed, 7 Aug 2019 16:35:07 +0000 (13:35 -0300)]
isisd: add segment-routing YANG nodes and skeleton callbacks
Most definitions were borrowed from the IETF IS-IS SR YANG module,
with a few adaptations. Of particular notice are the following:
* No support for the configuration of multiple SRGBs.
* No distinction between local and connected Prefix-SIDs, both are
configured the same way.
isisd: remove refcount from the isis_nexthop structure
isisd implements an optimization that allows multiple routes to
share the same nexthop (using a refcount) in order to save memory.
Now that SR support is coming, however, it will be necessary to
embed additional SR-related information inside the isis_nexthop
structure. But this can only be done if the nexthops aren't shared
among routes anymore.
Removing this memory optimization should have minimal impact since
the isis_nexthop structure is really small. On large networks with
thousands of routes, the memory saving would be in the order of a
few kilobytes. Not something we should be concerned about nowadays.
Renato Westphal [Sat, 10 Aug 2019 20:57:43 +0000 (17:57 -0300)]
isisd: split vty_out_timestr() into two helper functions
The new log_uptime() function logs an UNIX timestamp to a buffer
provided by the user. It's very flexibile and can be used in a
variety of contexts, different from vty_out_timestr() which is too
tied to the VTY code.
Renato Westphal [Wed, 7 Aug 2019 22:54:00 +0000 (19:54 -0300)]
isisd: introduce new adjacency hooks
The 'isis_adj_ip_enabled_hook' hook will be called whenever
an adjacency goes from zero to one or more IPv4 or IPv6
addresses. Conversely, the 'isis_adj_ip_disabled_hook' hook will
be called whenever an adjacency goes from one or more IPv4/IPv6
addresses to no addresses at all.
These hooks will be used by the upcoming SR code to add/delete
Adj-SIDs depending on the IP addresses present in the remote
adjacencies.
The netlink_vrf_change() function is called both when a VRF device
is created in the Linux kernel and when it is activated. This
commit changes this function to perform the VRF misconfiguration
detection only when the VRF device is created, as doing the check
twice would cause a false positive followed by a hard failure (not
to mention the double check is unnecessary since the VRF table ID
can't change once the device is created).
lib: update the CLI xpath index when exiting from the VRF node
All custom "exit-*" commands that exit from a YANG-modeled
CLI node need to use cmd_exit() to ensure the CLI xpath index
(vty->xpath_index) will be updated accordingly.
Changes to ACL rules were not applied to LDP. This fix allows
LDP to be notified when a rule in an ACL filter is modified by
the user. The filter is properly applied to the LDP session.
The filter may cause a LDP session to go down/up or to remove/add
labels being advertised/received from a neighbor.
Pat Ruddy [Wed, 29 Apr 2020 11:22:14 +0000 (12:22 +0100)]
zebra: fix json for show evpn arp-cache vni vtep
The function zebra_vxlan_print_neigh_vni_vtep does not create
a json object when json has been requested from the CLI and as a
result it prints out the information in normal CLI format.
Fix is to allocate the json object when required.
Don Slice [Tue, 28 Apr 2020 11:54:14 +0000 (11:54 +0000)]
zebra: add ability to set retransmit timer for IPv6 RAs
Reported by testing agency that rfc 4861 section 6.2.1 states
that all implementations must have a configuration knob to change
the setting of the advertised retransmit timer sent in RA packets.
This fix adds that capability.
Ticket: CM-29199 Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Intermittently, there is a 30 second delay for a LDP pseudowire to become
operational.
One way to reproduce the issue is: Once PW is up, shutdown link to trigger
a change to the pseudowire's next hop, and then restore link to cause
pseudowire to return to original NH.
Problem Descripton:
The Zebra PW manager installs pseudowires in the data plane when the
following two conditions are met:
1. Pseudowire is labeled via LDP mapping messages
2. A labeled NH route exists to reach the remote pseudowire endpoint
The Zebra PW manager registers a NHT callback when a pseudowire is enabled.
This allows the Zebra PW manager to install or reinstall the pseudowire.
The Zebra PW manager deregisters for the NHT callback when the pseudowire is
disabled. When LDP learns the remote-pseudowire status is 'not forwarding',
LDP notifies Zebra that the pseudowire is disabled.
This creates a race condition where a new labeled NH can be resolved after the
Zebra PW manager deregistered for the NHT callback.
For static pseudowires, it makes sense for Zebra PW manager to deregister for
NHT callbacks for disabled pseudowires. Static pseudowires become disabled
via CLI configuration commands.
For LDP pseudowires, the Zebra PW manager should not deregister for NHT
callbacks for disabled pseudowires.
Overview of changes:
1. Zebra PW manager should not deregister for NHT callbacks when an LDP
pseudowire is disabled.
Zebra PW manager will register for NHT callbacks when the LDP pseudowire
is first enabled.
Zebra PW manager will deregister for NHT callbacks when the LDP
pseudowire is deleted.
2. Remove the 30 second timer that was added in PR4122.
PR4122 tried to fix this race condition with a timer.
Once we eliminate the race condition (by keeping the Zebra PW manager
registered for NHT callbacks), this timer can be removed.
3. Zebra PW manager handling of static pseudowires will remain as-is.
Zebra PW manager will register for NHT callbacks when the static
pseudowire is enabled.
Zebra PW manager will deregister for NHT callbacks when the static
pseudowire is disabled.
projects / matthieu / frr.git / log