The readtime value is for diagnostic, and doesn't have to be highly
accurate. This also fixes a problem where the readtime was being measured
with system clock, but the peer_uptime() was comparing with bgp_clock.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Measuring the resource usage of threads is moderately expensive
since it requires doing an additional system call everytime a
thread context switches. Make it possible to disable this with
a configuration option.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
bgpd: improve logging of invalid BGP Notifications
Invalid BGP Notification messages should be logged locally, cf.
RFC4271, Sect. 6.4, p 34,
NOTIFICATION Message Error Handling
Current notification for invalid Notification code:
2012/10/10 02:17:54 BGP: message index 10 not found in bgp_notify_msg (max is 8)
2012/10/10 02:17:54 BGP: 192.168.1.1 received NOTIFICATION 10/0 ((no item found)) 0 bytes
the logging should be a bit more clear. The above logging really doesn't
explain much and looks more like a programming error.
[rewrote most of it to get in something I can call a shape -David] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
bgpd: fix error response to invalid BGP version number
BGP4-ANVL 20.1 ANVL tries to open BGP with version 5 and expects correct
notification in response. Quagga sends notification, but with incorrect
information in it.
The data needs to be a 2-byte value, and for now we respond with 0004 for any
peer version other than 4.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Commit 558d1fec11749d3257e improved bgp_attr_dup so it would be possible
for the caller to provide attr_extra, allowing to use the stack instead
of the heap for operations requiring only a short lived attr.
However, this commit introduced a bug where bgp_attr_dup wouldn't copy
attr_extra at all (but provide a reference to the original) if the
caller provided attr_extra.
Cc: Jorge Boncompte [DTI2] <jorge@dti2.net> Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
zebra was not checking afi/safi values. This was leading to crashes where
these values were coming directly from some protocol's on-wire fields.
Safeguarding them in zebra is a good start.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Christian Franke [Mon, 19 Nov 2012 11:17:31 +0000 (11:17 +0000)]
bgpd: store "no neighbor activate" for IPv4 unicast
If a neighbor was in a peer group for any AFI/SAFI, bgpd would never write a
"no neighbor activate" line for IPv4 unicast, so a valid setup like following
could be configured, but not saved:
bgpd: avoid heap fragmentation in bgp_clear_route_table
In bgp_clear_route_table, moved cleanup code before the allocation
of the work queue items. This returns the memory to the system
allocator before allocating new and might therefore help avoiding
heap fragmentation.
* bgp_route.c: (bgp_clear_route_table) moved code blocks.
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Reviewed-by: Leonid Rosenboim <Leonid.Rosenboim@windriver.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
bgpd: fix for leaked struct bgp_adj_[in|out] on peer shutdown
If a peer with soft-reconfiguration configured is cleared, the
function bgp_clear_route_table() doesn't free the bgp_adj_in and bgp_adj_out
structures of route nodes that for some reason, ej. denied by a filter,
don't have routes attached "rn->info == NULL".
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net> Reviewed-by: Leonid Rosenboim <Leonid.Rosenboim@windriver.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 27 Nov 2012 02:21:44 +0000 (03:21 +0100)]
lib: remove ALL_LIST_ELEMENTS dead code branch
ALL_LIST_ELEMENTS is checking node == NULL twice, which is causing a
whole slew of false positives in Coverity. In this particular case,
addressing this in the code is reasonable; being a macro, this appears
all over the place without easy remedy.
Acked-by: Scott Feldman <sfeldma@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
高鹏 [Wed, 21 Nov 2012 10:15:43 +0000 (18:15 +0800)]
zebra: fix netlink NL_PKT_BUF_SIZE
Change default value of variable NL_PKT_BUF_SIZE to 8192UL. Cf.
NLMSG_GOODSIZE definition of linux in include/linux/netlink.h for detail.
Previously, on platforms with a page size greater than 8192, if you had added
too many interfaces, zebra would not have enough buffer space to get the entire
interface list. This resulted in an incomplete interface list.
From: 高鹏 <gpstrive@gmail.com>
[updated to apply after FPM patches] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Doug VanLeuven [Fri, 14 Dec 2012 12:58:30 +0000 (14:58 +0200)]
testzebra: pragma weak: detect systems with weak alias and provide alternative
LLVM clang does not support #pragma weak (bug 3679) on OS X. There are
other systems where the #pragma weak has varying syntax.
Added m4 file from the autoconf archives:
http://www.gnu.org/software/autoconf-archive/ax_sys_weak_alias.html
Fix up zebra/*_null.c files to use #pragma weak alias or stub functions
if not available. It's incomplete in that the different format #pragma
enable easier fixes on need.
Tested on 64bit OS X 10.7, FreeBSD 9.0 amd64 & i386 (32bit) using
gcc & clang. Tested on linux 64bit.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Dinesh G Dutt [Mon, 7 Jan 2013 18:12:52 +0000 (10:12 -0800)]
ospfd: Remove dup MaxAge LSA flood
Stop additional, unnecessary flooding of MaxAge LSAs.
When a MaxAge LSA is installed, if the LSA is prematurely aged or the LSA is
not self-originated, the LSA is flushed. This results in a the LSA being
flooded a second time and in some cases flooded back to the receiver
(unless the receiver is also the advertising router). A MaxAge'd LSA has
already been flooded in ospf_flood() as part of the LSA receive processing
(ospf_ls_upd). A self-originated LSA will be flooded from the originate/refresh
routine. Thus, in the install routine, a MaxAge'd LSA only needs to be added
to the MaxAge LSA list.
Signed-off-by: Dinesh G Dutt <ddutt@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Vishal Kumar [Fri, 7 Dec 2012 22:47:58 +0000 (14:47 -0800)]
ospfd: Corrected ospfd Type-4/Type-5 ls update handling
This fix is for Type-4 LS updates handling at a ABR router where
ospf daemon is not distributing Type-4 LS updates with correct LS-Age
after learning about a ASBR router in a ospf network. Because of this
Type-5 LS updates are not learnt in ospf network.
Testing Scenario:
This can be re-produced by restarting the ospfd daemon on DUT
(mentioned in figure below)before the Hello time interval expires
for area 0.0.0.1.
In the above setup when ospfd is restarted (imp:before the Hello interval
at R1 expires) and DUT learns about ASBR router R3 (Type-4) in the
network from R2, but this ls-update is not propagates in area
0.0.0.1. So R1 never comes to know about the ASBR router in the
network, so all the type-5 LS updates coming from R3 are not learnt
by R1. Further if we again restart ospfd daemon it starts working fine.
With the fix given this issue can be resolved.
More Discussion on this is available at:
http://www.gossamer-threads.com/lists/quagga/dev/23892
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Andrew Certain [Tue, 4 Dec 2012 21:36:41 +0000 (13:36 -0800)]
ospfd: Changed TE instance check to remove -Wtype-limits warning
Since LEGAL_TE_INSTANCE_RANGE() was being passed an unsigned int, a warning
was being thrown due to the compare against >= 0. Since this macro was used
only in one place, I removed the macro for an explict compare against a
constant for the MAX.
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Andrew Certain [Tue, 4 Dec 2012 21:33:24 +0000 (13:33 -0800)]
lib: Changes to VTY string-parsing macros to remove warnings
The VTY_GET_INTEGER_RANGE macro was being used also just to check the range
on a variable that wasn't used (for the "no" version of a VTY command), so I
split the macro into two. Also, since the variable is unsigned, if MIN is
zero, you get a warning about comparing an unsigned number against 0, giving
rise to slightly convoluted logic. Note that the previous two patches were
found by the -Wtype-limits and -Wunused-variables warnings. Without the
changes to these macros, these warnings are triggered erroneously, making it
harder to find the real problems.
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Andrew Certain [Tue, 4 Dec 2012 20:54:18 +0000 (12:54 -0800)]
ospfd: Fixed signed/unsigned masking of negative metrics
In the original code, negative metrics would be converted successfully by
atoi() and then converted to an unsigned int that would always compare
successfully against >= 0, leaving a large positive metric in the route map.
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
David Lamparter [Tue, 4 Dec 2012 19:11:41 +0000 (11:11 -0800)]
ospf: fix apiserver enable
The ospf_apiserver_enable flag was being cleared _after_ the "-a"
command-line option set it to 1. Move up the initialisation, so
enabling the OSPF API is actually possible.
Reported-by: Rosario Mattera <rosmattera@gmail.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Leonard Tracy [Tue, 4 Dec 2012 19:02:35 +0000 (11:02 -0800)]
ospf: Fix type-4 network mask to 0 per RFC
The OSPF RFC (2328) states that the network mask field of a type 4
LSA "is not meaningful and must be zero". OSPFD has been setting
the mask as /32. This patch changes OSPFD to set the mask to 0 per
the RFC
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Dinesh Dutt [Tue, 4 Dec 2012 18:46:37 +0000 (10:46 -0800)]
ospf: Convert MAX_AGE LSA list to tree
Store the MaxAge LSA list in a tree instead of a linked list for efficient access.
Walking the list can be quite inefficient in some large systems and under certain tests.
ospfd maintains the list of LSA's that have been MaxAge'd out in a separate
linked list for removal by a remover/walker thread. When a new LSA is to be
installed, the old LSA is ejected and when it is ejected, the MaxAge LSA list
is traversed to ensure that the old LSA is also removed from this list if it
exists on this list.
When a large number (> 5K) MaxAge LSAs are bombarding the system, walking this
list takes a significant time causing timers to fire and actions to be taken
such as expiring neighbors due to expiry of DeadInterval (especially when timer
is really low, <= 12s), creating a spiral of instability.
By making this MaxAge LSA list be a tree, this problem is mitigated.
Signed-off-by: Dinesh Dutt <ddutt@cumulusnetworks.com> Reviewed-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Ayan Banerjee [Mon, 3 Dec 2012 19:17:24 +0000 (11:17 -0800)]
ospf: forward ref. of areas for "max-metric router-lsa administrative" cmd
In the event areas are created at a later point of time with respect
to the playback of the "max-metric router-lsa administrative" command,
those areas do not get into indefinite max-metric mode. This patch is
inteneded to store the configuration and apply it to all future areas
that may be created.
In the process, some other bugs that were there with respect to restart
etc are fixed up.
Tested locally to see that the fix works across multiple
areas and across multiple restarts.
Signed-off-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: JR Rivers <jrrivers@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Ayan Banerjee [Mon, 3 Dec 2012 18:48:46 +0000 (10:48 -0800)]
ospf: suppress delete using replacement
After a SPF run, OSPF deletes routes that have changed in terms of any
metric, type, and/or next-hops and re-adds them. Given that the Zebra-RIB
already support replacement semantics, we suppress deletes for routes
that will be added back again.
This has the following advantages. It reduces the number of IPC messages
between OSPF/Zebra. Also, in the current flow, a batch of route deletes
were followed by a batch of adds even for say a metric change.
With the change, routes are sent as "add" when they are modified. Zebra
already implicitly deletes older routes.
Signed-off-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
David Lamparter [Thu, 13 Dec 2012 09:35:45 +0000 (10:35 +0100)]
build: update ICC warning CFLAGS
Intel's icc doesn't accept "-wd <number>" anymore, it's "-wd<number>"
these days. But, anyhow, the warnings disabled in Quagga's configure.ac
don't seem to appear anywhere at all, so let's just remove the option
completely.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Nick Hilliard [Wed, 28 Nov 2012 14:39:56 +0000 (14:39 +0000)]
isisd: fix ipv6 metric endianness
the isis ipv6 reachability metric is transmitted in big endian / network
format, but isis_spf_process_lsp() does not convert this into host endian
format when mucking around with local cost + received metric. This patch
fixes this problem and makes received ipv6 metrics work properly on
little-endian machines.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Christian Franke [Tue, 27 Nov 2012 19:51:59 +0000 (19:51 +0000)]
isisd: fix metrics check for metric-style narrow
When switching to narrow metric style, all configured circuits are
verified to have a valid narrow style metric. Check te_metric instead
of metric_default as the latter is only 8bit wide and may overflow for
wide style metrics.
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 27 Nov 2012 01:10:30 +0000 (01:10 +0000)]
isisd: address Coverity warnings
this fixes a bunch of issues found by Coverity SCAN and flagged as
"high" impact -- although, they're all rather minute issues.
* isisd/isis_adjacency.c: one superfluous check, one possible NULL deref
* isisd/isis_circuit.c: two prefix memory leaks
* isisd/isis_csm.c: one missing break
* isisd/isis_lsp.c: one possible NULL deref
* isisd/isis_pfpacket.c: one error-case fd leak
* isisd/isis_route.c: one isis_route_info memory leak
* isisd/isis_routemap.c: one... fnord
* isisd/isis_tlv.c: one infinite loop
Reported-by: Coverity SCAN Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 27 Nov 2012 01:10:29 +0000 (01:10 +0000)]
isisd: always join all IS-IS multicast groups
The socket is only created once when an interface is brought up, and the
multicast groups were joined according to configuration at that point.
This breaks when later switching an interface to another IS-IS level.
Since, for a separate conformance issue (ANVL ISIS-6.4), we should be
inspecting the destination address anyway, the simplest fix here is to
just join all groups unconditionally. There shouldn't be much traffic
on these anyway, worst case we might be picking up some unrelated
multicast groups due to NIC filter aliasing though...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org> Tested-by: Martin Winter <mwinter@opensourcerouting.org>
Christian Franke [Tue, 27 Nov 2012 01:10:28 +0000 (01:10 +0000)]
isisd: save metric-style narrow
isisd defaults to wide metric style. So if narrow metric style is
configured, a matching setting should be written to the configuration,
allowing a narrow metric-style setting to be saved.
Signed-off-by: Christian Franke <chris@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 27 Nov 2012 01:10:27 +0000 (01:10 +0000)]
isisd: fix spftree_area_del typo causing SEGV
spftree_area_del didn't clear the IPv6 L2 spftree due to a simple typo,
leading to a SEGV on shutdown when the still-armed timer would try to
run an IPv6 L2 SPF calculation with its data free'd already.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 27 Nov 2012 01:10:26 +0000 (01:10 +0000)]
isisd: drop hellos without supported protocol list
isisd should not form adjacencies on receiving an IS-IS Hello without a
list of supported protocols (cf. RFC 1195 s4.4 p32 "Maintaining Router
Adjacencies") Also fixes memleaks in these error cases.
David Lamparter [Tue, 27 Nov 2012 01:10:24 +0000 (01:10 +0000)]
isisd: do not add >63 IP addresses to hello
RFC1195 s4.2 "Multiple IP Addresses per Interface" explicitly forbids us
from adding multiple tuples of IP addresses, putting a hard cutoff at 63
IP addresses.
* isisd/isis_tlv.c: cut off (and return success) at 63 addrs.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org> Tested-by: Martin Winter <mwinter@opensourcerouting.org>
David Lamparter [Tue, 27 Nov 2012 01:34:56 +0000 (01:34 +0000)]
build: include git info
If enabled with --with-pkg-gitversion on ./configure, this will append
git version strings and branch information at the following places:
- overall version number: 0.99.21-g0123456
- login motd and show version: tag information + git id + branches
Sample output:
Hello, this is Quagga (version 0.99.21-g14b49ad-dirty).
Copyright 1996-2005 Kunihiro Ishiguro, et al.
This is a git build of quagga_0_99_21_release-106-g14b49ad-dirty
Associated branch(es):
local:master
[v2]: fix build without gitinfo (add "else" branch)
[v2]: fix for repos without any tags (different git describe output) Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Tue, 13 Nov 2012 22:49:01 +0000 (22:49 +0000)]
zebra: include intf when sending IPv4 nexthop to FPM
* zebra/zebra_fpm_netlink.c
Change the zebra FPM code to include an interface index when
encoding a nexthop even if the protocol only provided a gateway
address (e.g, NEXTHOP_TYPE_IPV4).
Signed-off-by: Avneesh Sachdev <avneesh@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Tue, 13 Nov 2012 22:48:59 +0000 (22:48 +0000)]
zebra: add module to communicate routes to FPM
Enhance zebra to send routes to the (optional) Forwarding Path Manager
component using the interface defined by fpm/fpm.h.
* configure.ac
- Add --enable-fpm flag.
The FPM-related code in zebra is activated only if the build is
configured with '--enable-fpm'.
- Add HAVE_NETLINK automake conditional.
This allows us to conditionally build netlink-dependent C code.
* zebra/{rib.h,zebra_rib.c}
- Add the 'fpm_q_entries' field to the rib_dest_t structure. This
allows dests to be placed on the fpm queue.
- Define a couple new rib_dest_t flags that hold FPM-related
state.
- Invoke the zfpm_trigger_update() function for a route_node
whenever the information to be sent to the FPM changes.
- rib_can_delete_dest(): Return FALSE if we have to update the FPM
about the given dest. This ensures that the dest is not deleted
even if there are no ribs hanging off of it.
* zebra/zebra_fpm.c
This file holds most of the code for interacting with the FPM.
- If quagga was configured with '--enable-fpm', periodically try
to connect to the FPM.
- When the connection comes up, enqueue all relevent dests to the
FPM queue.
- When the FPM socket is readable, dequeue the next rib_dest_t
from the FPM queue, encode it in to a message and send the
message to the FPM.
- When the connection to the FPM goes down, remove all dests from
the FPM queue, and then start trying to connect to the FPM
again.
- Expose the following new operational commands:
show zebra fpm stats
clear zebra fpm stats
* zebra/zebra_fpm_netlink.c
- zfpm_netlink_encode_route(): Function to encode information
about a rib_dest_t in netlink format.
* zebra/zebra_fpm_private.h
Private header file for the zebra FPM module.
* zebra/zebra_fpm.h
Header file exported by zebra FPM module to the rest of zebra.
* zebra/debug.c
Add the 'debug zebra fpm' command.
* zebra/main.c
Initialize the zebra-FPM code on startup.
* zebra/misc_null.c
Add stub for zfpm_trigger_update().
* zebra/Makefile.am
- Include new file zebra_fpm.c in build.
- Include zebra_fpm_netlink.c in build if HAVE_NETLINK is defined.
* vtysh/Makefile.am
Include zebra_fpm.c in list of files that define cli commands.
Signed-off-by: Avneesh Sachdev <avneesh@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Tue, 13 Nov 2012 22:48:58 +0000 (22:48 +0000)]
fpm: Add public header for Forwarding Plane Manager
The Forwarding Plane Manager (FPM) is an optional component that may
be used in scenarios where the router has a forwarding path that is
distinct from the kernel, commonly a hardware-based fast path. It is
responsible for programming forwarding information (such as routes and
nexthops) in the fast path.
In Quagga, the Routing Information Base is maintained in the 'zebra'
infrastructure daemon. Routing protocols communicate their best routes
to zebra, and zebra computes the best route across protocols for each
prefix. This latter information comprises the bulk of the Forwarding
Information Base.
The new header file added by this patch, 'fpm/fpm.h', defines a
point-to-point interface using which zebra can update the FPM about
changes in routes. The communication takes place over a stream
socket. The FPM listens on a well-known TCP port, and zebra initiates
the connection.
All messages sent over the connection start with a short 'FPM header'.
In the case of route add/delete messages, the header is followed by a
netlink message. Zebra should send a complete copy of the forwarding
table(s) to the FPM, including routes that it may have picked up from
the kernel.
The FPM interface uses replace semantics. That is, if a 'route add'
message for a prefix is followed by another 'route add' message, the
information in the second message is complete by itself, and replaces
the information sent in the first message.
If the connection to the FPM goes down for some reason, the client
(zebra) should send the FPM a complete copy of the forwarding table(s)
when it reconnects.
Signed-off-by: Avneesh Sachdev <avneesh@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Tue, 13 Nov 2012 22:48:57 +0000 (22:48 +0000)]
lib: bring in sys/queue.h from FreeBSD tree
Bring in sys/queue.h from the FreeBSD tree as lib/queue.h.
This header implements lists of various flavors using inline
linkages. The imported file corresponds to SVN revision 221843 (url
below) and is available under the terms of the New BSD license
(3-clause).
Avneesh Sachdev [Tue, 13 Nov 2012 22:48:54 +0000 (22:48 +0000)]
zebra: add way to determine VRF/AFI/SAFI of table
Add some code that allows us to determine which VRF and AFI/SAFI a
given RIB table corresponds to.
* zebra/rib.h
Add rib_table_info_t structure, which contains information about
the VRF, AFI and SAFI that a table is for.
* zebra/zebra_rib.c
- Add the vrf_table_create() function, which creates a table and
sets its 'info' pointer to a newly created rib_table_info_t.
The 'info' pointer allows us to go from a route_node or a table
to the associated vrf.
- vrf_alloc(): Use vrf_create_table() to create tables.
* lib/memtypes.c
Add memory type for rib_table_info_t.
Signed-off-by: Avneesh Sachdev <avneesh@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Tue, 13 Nov 2012 22:48:53 +0000 (22:48 +0000)]
zebra: add structure to hold per-prefix state in RIB
Add the rib_dest_t structure to hold per-prefix state in the routing
information base. This gives us an appropriate place to maintain the
queueing state of a route_node. Queuing state was previously being
stored on the first rib in the list of ribs hanging off the
route_node.
* zebra/rib.h
- Add new structure rib_dest_t.
- Remove the rn_status field from 'struct rib', it is no longer
required.
- Add macros (RNODE_FOREACH_RIB, RNODE_FOREACH_RIB_SAFE) for
walking all 'struct ribs' corresponding to a route_node. These
hide the fact that there is an intermediate rib_dest_t
structure.
- Add a few utility inlines to go between a rib_dest_t and
associated structures.
* zebra/zebra_rib.c
- rib_link()/rib_unlink()
Tweak for new behavior, where the 'info' pointer of a route_node
points to a rib_dest_t. The list of ribs for a prefix now hangs
off of the dest.
Change the way we ref count route_nodes. We now hold a single
ref count on a route_node if there is a corresponding
rib_dest_t.
- Maintain the queuing state of a route_node on the flags field of
the rib_dest_t.
- Add the rib_gc_dest() function, which deletes a rib_dest_t if it
is no longer required. A rib_dest_t can be deleted iff there are
no struct ribs hanging off of it.
- Call rib_gc_dest() any time we unlink a rib from the
rib_dest_t. Currently we only need to call it once, just before
we return from rib_process().
Andrew Certain [Wed, 7 Nov 2012 23:50:07 +0000 (23:50 +0000)]
bgpd: add replace-as modifier for BGP neighbor
Added replace-as modifier for BGP neighbors when using
local-as. If the replace-as modifier is specified, only the
replacement AS as specified by the local-as modifier is
prepended to the AS_PATH, not the process's AS.
In bgp_attr.c, I decided that
if (peer->change_local_as) {
/* If replace-as is specified, we only use the change_local_as when
advertising routes. */
if( ! CHECK_FLAG (peer->flags, PEER_FLAG_LOCAL_AS_REPLACE_AS) ) {
aspath = aspath_add_seq (aspath, peer->local_as);
}
aspath = aspath_add_seq (aspath, peer->change_local_as);
} else {
aspath = aspath_add_seq (aspath, peer->local_as);
}
was clearer than the alternative that didn't duplicate the prepending of the
process's AS:
/* First, append the process local AS unless we have an alternate local_as
* and we're replacing it (as opposed to just prepending it). */
if (! (peer->change_local_as
&& CHECK_FLAG (peer->flags, PEER_FLAG_LOCAL_AS_REPLACE_AS) ) ) {
aspath = aspath_add_seq (aspath, peer->local_as);
}
if (peer->change_local_as)
aspath = aspath_add_seq (aspath, peer->change_local_as);
}
But I could be convinced otherwise.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Doug VanLeuven [Wed, 10 Oct 2012 23:12:32 +0000 (16:12 -0700)]
build: check actually-used BSD link state fields
ifi_link_state missing in OS X. There could be other *BSD's that haven't
implemented it and possibly affects older implementations.
The existing HAVE_BSD_LINK_DETECT configure.ac check is only confirming
the link state detection using ifmediareq.ifm_status found in
<net/if_media.h>. This is the link state detection used in
zebra/ioctl.c. Later, *BSD redefined struct if_data in <net/if.h> and
included link state detection. This is the method used in
zebra/kernel_socket.c
Additional test defined in config.ac to test for member struct
if_data.ifi_link_state defined in <net/if.h> separate from test for
<net/if_media.h> ifmediareq.ifm_status
Fixed #ifdef's in zebra/kernel_socket.c to use the new #define
No impact on older function calls in zebra/ioctl.c
Tested on 64bit OS X 10.7, FreeBSD 9.0 amd64 & i386 (32bit)
using gcc & clang. Tested on linux 64bit.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Doug VanLeuven [Wed, 10 Oct 2012 23:11:36 +0000 (16:11 -0700)]
zebra: kernel_socket: fix overflow in RTA_ADDR & RTA_ATTR
In zebra/kernel_socket.c, copying sockaddr from *_msghdr:
There are really 2 different lengths that need to be determined.
1) the length required to point to the next sockaddr in the mesg
buffer which might include any required padding and
2) the actual length of the sockaddr data that needs to be copied
into the destination field.
They may or may not be the same value.
Sizeof sockaddr_in6 is 28, which to pad for alignment purposes on 32
bit systems with a long of 4 bytes is evenly divided and requires
no padding. On 64 bit systems, with a long of 8 it is padded with 4
extra bytes.So the current RTA_* macros are copying 32 bytes into a 28
byte field on 64 bitsystems, where the field overflow did not occur
on the 32 bit systems.
Since using sa_len required the use of an #ifdef which couldn't be used
directly inside a #define, it made sense to move the copy into the
function to allow typdef checking throughout and eliminate the hack
to suppress compiler warnings.
Fixed declaration of cp in ifm_read after compiler noticed type mismatch.
Tested on 64bit OS X 10.7, FreeBSD 9.0 amd64 & i386 (32bit)
using gcc & clang
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Doug VanLeuven [Wed, 10 Oct 2012 22:10:14 +0000 (22:10 +0000)]
zebra: kernel_socket: fix 64bit MacOS X alignment
In OS X 10.7 zebra crashed on invalid execution address.
sockaddr padding in *_msghdr is observed to be 4 bytes in 64bit OS X.
The ROUNDUP macro assumed alignment on sizeof(long) which
allocates 8 bytes on 64bit systems, 4 bytes on 32bit systems
which is true for BSD generally.
Test for Apple and use sizeof(int) which allocates 4 bytes on 32 & 64bit
systems.
Tested on 64bit OS X 10.7, FreeBSD 9.0 amd64 & i386 (32bit)
using gcc & clang
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
An ORF (code 3) capability TLV is defined to contain exactly one
AFI/SAFI block. Function bgp_capability_orf(), which parses ORF
capability TLV, uses do-while cycle to call its helper function
bgp_capability_orf_entry(), which actually processes the AFI/SAFI data
block. The call is made at least once and repeated as long as the input
buffer has enough data for the next call.
The helper function, bgp_capability_orf_entry(), uses "Number of ORFs"
field of the provided AFI/SAFI block to verify, if it fits the input
buffer. However, the check is made based on the total length of the ORF
TLV regardless of the data already consumed by the previous helper
function call(s). This way, the check condition is only valid for the
first AFI/SAFI block inside an ORF capability TLV.
For the subsequent calls of the helper function, if any are made, the
check condition may erroneously tell, that the current "Number of ORFs"
field fits the buffer boundary, where in fact it does not. This makes it
possible to trigger an assertion by feeding an OPEN message with a
specially-crafted malformed ORF capability TLV.
This commit fixes the vulnerability by making the implementation follow
the spec.
Avneesh Sachdev [Thu, 4 Oct 2012 16:21:34 +0000 (16:21 +0000)]
build: reorder libraries to address linker error
The linker on some systems (for example, Ubuntu 12.04 LTS x86_64)
appears to be sensitive to the order in which libraries are
specified. On these systems, if a library 'A' depends on a library
'B', it has to be specified before 'B' when linking an executable.
* zebra/Makefile.am: Make sure LIBCAP comes after libzebra.
* tests/Makefile.am: Ensure libm comes after libbgp.
Signed-off-by: Avneesh Sachdev <avneesh@opensourcerouting.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 8 May 2012 11:15:45 +0000 (13:15 +0200)]
isisd: don't process invalid prefixes from TLVs
it's possible to feed invalid prefixes (1.2.3.4/40 or dead::beef/200) on
IS-IS. if this is not checked, it will later cause an assert in
processing. let's simply abort processing the TLV if the prefix is
invalid.
* isisd/isis_tlv.c: check prefix lengths for validity
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Tue, 8 May 2012 04:27:04 +0000 (06:27 +0200)]
isisd: pull up invalid prefix assert()
processing invalid prefixes causes isisd to assert() or otherwise
misbehave in ip_masklen/apply_mask. pull up the assert() to indicate
better there's broken data in isisd's LSDB.
* isisd/isis_spf.c: assert() prefix lengths
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Sun, 6 May 2012 07:03:07 +0000 (00:03 -0700)]
isisd: fix null pointer dereference in send_lsp()
* isisd/isis_pdu.c: (send_lsp) Handle case where there are no LSPs
on the LSP transmission queue. This can happen if, for instance,
the queue is cleared because of protocol events before the
send_lsp thread gets a chance to run.
Avneesh Sachdev [Sun, 6 May 2012 06:50:30 +0000 (23:50 -0700)]
isisd: tighten checks on ISIS pdu length
* isisd/isis_pdu.c: Fix problem where isisd would crash if it
received a LAN IIH with the 'pdu length' field set to zero.
Similar problems can occur in parsing other ISIS PDUs as well --
check that the PDU length in an ISIS hello, LSP or SNP packet is
at least as big as the size of the respective fixed header.
Avneesh Sachdev [Sun, 6 May 2012 00:42:43 +0000 (17:42 -0700)]
lib: improve sanity checks in stream_set_endp()
* lib/stream.c: (stream_set_endp) Add checks to make sure that the
supplied 'endp' is within the 'size' of the stream, and that the
current read pointer 'getp' is not beyond the specified 'endp'.
JR Rivers [Mon, 24 Sep 2012 17:26:53 +0000 (17:26 +0000)]
ospfd: respect max-metric over configured cost for summary LSAs
ISSUE
When max-metric router-lsa administrative is invoked on an ABR created with...
area <area> range <addr/mask>
the summary LSAs are sent out with 65535 (max-metric) added to the normal cost.
When max-metric router-lsa administrative is invoked on an ABR created with...
area <area> range <addr/mask> cost <cost>
the summary LSAs are sent out with <cost> (the max-metric is ignored). This
second behavior effectively incapacitates the max-metric function.
PATCH
This patch evaluates the state of the router and if it's isolated as a stub
router (rfc3137) via `max-metric router-lsa`, we unconditionally uses the
value of 0xff0000 when advertising summary LSAs.
Signed-off-by: JR Rivers <jrrivers@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
JR Rivers [Mon, 24 Sep 2012 17:26:50 +0000 (17:26 +0000)]
ospfd: ABR algorithm not propagating MAXAGE LSAs into area
When a range (or sub-range) is deleted, the area is notified by propagating a
MAXAGE LSA. This LSA stays in the database for a while to both insure
propagation as well as in the off chance that it's useful in the near future.
Unfortunately, the ABR algorithm was treating these MAXAGE LSAs as unchanged and
not propagating them within the areas.
Signed-off-by: JR Rivers <jrrivers@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com> Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
JR Rivers [Mon, 24 Sep 2012 17:26:46 +0000 (17:26 +0000)]
ospfd: blackhole route removal for area range
ISSUE
When an area range is created in which there the sub-area has routes that are
smaller than the range, an ABR creates a blackhole route to cover the range.
When the range is removed, the blackhole route is not removed.
--A----B----C---
B is an ABR with A in area 1 and C in area 0. If A advertises `10.2.0.0/30` and
`10.2.0.4/30` and B is configured with `area 0.0.0.1 range 10.2.0.0/29` a
blackhole is created on B (`blackhole 10.2.0.0/29 proto zebra`). When the
area/range is removed via the command line, the blackhole remains in existence
even though the "range" route is removed from area 0 and the individual routes
are propagated.
PATCH
The reason for this behavior is that, prior to this patch, the range is deleted
from the area's list, so when ospf_abr_manage_discard_routes() gets called,
there is nothing to clean up. The patch removes the discard route as part of
the processing of the command line (ospf_area_range_unset()).
Signed-off-by: JR Rivers <jrrivers@cumulusnetworks.com> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
JR Rivers [Thu, 13 Sep 2012 17:17:36 +0000 (17:17 +0000)]
lib: improve fletcher checksum validation
OVERVIEW
The checksum used in OSPF (rfc2328) is specified in rc905 annex B. There is an
sample implementation in rfc1008 which forms the basis of the quagga
implementation. This algorithm works perfectly when generating a checksum;
however, validation is a bit problematic.
The following LSA (generated by a non-quagga implementation) is received by
quagga and marked with an invalid checksum; however, it passes both the rfc905
and rfc1008 validation checks.
LS Type: Summary-LSA (IP network)
LS Age: 3600 seconds
Do Not Age: False
Options: 0x02 (E)
Link-State Advertisement Type: Summary-LSA (IP network) (3)
Link State ID: 9.0.53.64
Advertising Router: 10.121.233.29 (10.121.233.29)
LS Sequence Number: 0x80000003
LS Checksum: 0x008a
Length: 28
Netmask: 255.255.255.224
Metric: 14000
You'll note that one byte of the checksum is 0x00; quagga would calculate the
checksum as 0xff8a.
It can be argued that the sourcing implementation generates an incorrect
checksum; however, rfc905 indicates that, for 1's complement arithmetic, the
value 255 shall be regarded as 0, thus either values are valid.
EXPLANATION
The quagga ospfd and ospf6d implementations operate by copying the PDU's
existing checksum in a holding variable, calculating the checksum, and comparing
the resulting checksum to the original. As a note, this implementation has the
side effect of modifying the contents of the PDU.
Evaluation of both rfc905 and rfc1008 shows that checksum validation should
involve calculating the sum over the PDU and checking that both resulting C0 and
C1 values are zero. This behavior is enacted in the rfc1008 implementation by
calling encodecc with k = 0 (checksum offset); however, this functionality had
been omitted from the quagga implementation.
PATCH
This patch adds the ability to call the quagga's fletcher_checksum() with a
checksum offset value of 0xffff (aka FLETCHER_CHECKSUM_VALIDATE) which returns
the sum over the buffer (a value of 0 indicates a valid checksum). This is
similar to the mechanism in rfc1008 when called with k = 0. The patch also
introduces ospf_lsa_checksum_valid().
ospf6d had it's own implementation of the fletcher checksum in
ospf6_lsa_checksum(); it's the same algorithm as in fletcher_checksum(). This
patch removes the local implementation in favor of the library's as well as creates
and uses ospf6_lsa_checksum_valid().
quagga's ISIS implementation suffers from the same problem; however, I do not
have the facilities to validate a fix to ISIS, thus this change has been left to
the ISIS maintainers. The function iso_csum_verify() should be reduced to
running the fletcher checksum over the buffer using an offset of 0.
Signed-off-by: JR Rivers <jrrivers@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com> Reviewed-by: Ayan Banerjee <ayan@cumulusnetworks.com> Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Make static routes respect non-default routing tables.
BEFORE PATCH
------------
! in zebra.conf
table 1
! add static route
vtysh> ip route 10.0.0.0/30 eth0
cumulus@net-top0:~$ ip route
default via 192.168.0.2 dev eth0
10.0.0.0/30 dev eth0 proto zebra
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.15
! nothing in table 1
cumulus@net-top0:~$ ip route show table 1
AFTER PATCH
-----------
! in zebra.conf
table 1
! add static route
vtysh> ip route 10.0.0.0/30 eth0
cumulus@net-top0:~$ ip route
default via 192.168.0.2 dev eth0
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.15
! static route in table 1
cumulus@net-top0:~$ ip route show table 1
10.0.0.0/30 dev eth0 proto zebra
Signed-off-by: Nolan Leake <nolan@cumulusnetworks.com> Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The commit reverted an earlier change which was fixed a bug that caused
black-holes to remote destinations with multiple paths, that could occur
during convergence. Overall, the previous code is more correct.
Avneesh Sachdev [Fri, 17 Aug 2012 15:19:50 +0000 (08:19 -0700)]
lib/table: add route_table_get_next() and iterator
* lib/table.[ch]
- Add a function (route_table_get_next()) to get the route_node in
a tree that succeeds a given prefix in iteration order.
This allows one to reliably walk nodes in a tree while allowing
modifications, and is useful for achieving scale and
performance. Other approaches are also possible -- the main plus
point of this one is that it does not require any state about
the walk to be maintained in the table data structures.
- Add an iterator for walking the nodes in a tree. This introduces
a new structure (route_table_iter_t) and the following main
functions.
The iterator normally uses node pointers and the existing
route_next() function to walk nodes efficiently. When an
iteration is 'paused' with route_table_iter_pause(), it stores
the last prefix processed. The next call to
route_table_iter_next() transparently invokes
route_table_get_next() with the prefix to resume iteration.
* bgpd/bgp_table.[ch]
Add wrappers for the new table features described above.
* tests/table_test.c
Add tests for the new table code.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Fri, 17 Aug 2012 15:19:49 +0000 (08:19 -0700)]
bgpd: make bgp_table a wrapper around table library
Make the BGP table code a thin wrapper around the table implementation
in libzebra.
* bgpd/bgp_table.[ch]
- Use the ROUTE_NODE_FIELDS macro to embed the fields of a
route_node in the bgp_node structure.
- Add a route_table field to the bgp_table structure.
Initialize the route_table with a delegate, such that the nodes
in the table are bgp_node structures.
- Add inline wrappers that call route_table functions underneath,
and accept/return the correct BGP types.
* bgpd/bgp_route.c
Change some code to use inline wrappers instead of accessing
fields of nodes/tables directly. The latter does not always work
because the types of some fields need to be translated now.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Avneesh Sachdev [Fri, 17 Aug 2012 15:19:48 +0000 (08:19 -0700)]
lib: prepare table code for reuse by bgp_table
* lib/table.[ch]
- Add a macro (ROUTE_NODE_FIELDS) that expands to all the fields
of a route_node structure.
- Add the route_table_delegate_t structure, a function vector
which allows clients to customize the behavior of one or more
tables.
The delegate currently contains the 'create_node' and
'destroy_node' functions, and hence enables a table to use an
alternative node structure. The alternative node is expected to
embed the fields of a route_node using ROUTE_NODE_FIELDS.
- Add route_table_init_with_delegate() to create a new table with
a given delegate.
- Make route_table_init() a thin wrapper around
route_table_init_with_delegate(). The delegate it passes in
simply creates/destroys route_node structures as before.
- Add a user data pointer (info) to the route_table
structure. This can be used by a client to keep per-table state.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The patch in bug 330 did two things. It add a return value
whether ospf_nexthop_calculation() failed or not and also
moved the return stmt for 16.1.1 para 5 so now SPF
will fallback to the intervening router when no back links are found
by 16.1.1 para 5. This is wrong and can potentially create black holes
or routing loops according to Dave Katz and Acee Lindem at ospf@ietf.org
Even if the current code could be proved to be harmless in all cases,
it adds substantial extra processing and memory allocations.
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
OSPF really needs to specify interface in its routes. Otherwise
ospf may change the wrong route.
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
[fixed up some whitespace errors, split patch in two] Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Actually implement the IPV4_IFINDEX nexthop type that has been drifting
around as a definition forever (without any warning about it being a
placeholder).
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
ospfd: Optimize and improve SPF nexthop calculation
Maintain router LSA positions in OSPF interface.
Find the OSPF interface in nexthop_calculation using
the position in the router LSA. This is possible because
the only time nexthop_calculation needs to look up interfaces
is when dealing with its own Router LSA.
This has the following advantages:
- Multiple PtP interfaces with the same IP address between two routers.
- Use Unnumbered PtP on just one end of the link.
- Faster OI lookup for the OSPF interface and only
done once for PtoP links.
*ospf_interface.h: (struct ospf_interface) Add storage for
storing router LSA position.
*ospf_interface.c: (ospf_if_lookup_by_lsa_pos)
lookup OSPF I/F in an area using LSA position.
*ospf_lsa.c: (router_lsa_link_set) record Router LSA position.
*ospf_spf.c: (ospf_spf_next) Count and pass along lsa position.
(ospf_nexthop_calculation) Add lsa position argument.
call ospf_if_lookup_by_lsa_pos() for OSFP interface handle.
Clean up and remove all calls ospf_if_is_configured() the
rest. Adjust a few debug logs.
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Mon, 23 Jul 2012 16:17:57 +0000 (18:17 +0200)]
ospfd: avoid exhausting memory with OSPF vertices (BZ#476)
This was found in scale testing at OSR; ospfd is adding the same link
over and over again to the SPF tree. This fix prevents the resulting
memory corruption from happening and adds a debug message to track
occurence of this issue and/or confirm a proper fix.
(This version was improved by Scott Feldman over the earlier RFC.)
* ospfd/ospf_spf.c: (ospf_spf_add_parent) loop over existing vertices
and refuse to add duplicates.
Tested-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
projects / matthieu / frr.git / log