isisd: don't validate dict integrity for regular builds
This method is intended to be only used for debugging as per the author
and profiling shows we are spending a lot of cycles on it. Remove it for
regular builds by guarding it with a define.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
David Lamparter [Fri, 11 Aug 2017 16:54:26 +0000 (18:54 +0200)]
lib: fix prefix list trie corruption
The specific code here needs to establish an absolute order of more
specific to less specific possible matches in a prefix list. This is
indirectly checked by an assert on insertion, because the "next best"
entry is required to be consistent even when joining multiple chains
of candidates.
Unfortunately, trie_install_fn() would insert entries too far ahead in
the chain if another entry with higher sequence number was seen. This
breaks the trie and (rightfully) triggers the assertion failure on
insert.
Fixes: #937 Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Sun, 6 Aug 2017 03:14:39 +0000 (05:14 +0200)]
zebra: static: update on ifindex changes
Whenever an interface is created or deleted in the system, we need to
check whether we have static routes referencing that interface by name.
If so, we need to [un]install these routes.
This has the unfortunate side effect of making static routes with
non-existent interfaces disappear from "show ip route", but I think
that's acceptable (and I don't see a "good" fix for that).
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
ßingen [Tue, 1 Aug 2017 09:38:19 +0000 (11:38 +0200)]
ospf: Fix segfault if compiled with DEBUG
If OSPF_LS_REFRESH_TIME is 60, min_delay in ospf_refresher_register_lsa
function (ospf_lsa.c) would be negative, so index (which is unsigned)
would be out of range, causing a segfault.
OpenBSD uses ioctl to fetch interface information on startup and the
SIOCGIFMEDIA command is just too cumbersome to use.
The best way to fix the problem for OpenBSD is probably to stop treating
it differently from the other BSDs for no apparent reason. There should
be nothing preventing us to make OpenBSD use the routing socket to fetch
interface information on startup (we already do it to detect runtime
changes). This is something that should be done in a separate commit
after a careful analysis.
In some scenarios, it's possible to send a Label Withdraw to a neighbor
and not receive a corresponding Label Release right away. This can happen
during reconvergence after a network failure or configuration change.
When this happens, the list of upstream mappings of a given FEC might
not be empty even after sending a Label Withdraw to all neighbors. This
situation holds until all neighbors either send a Label Release or are
torn down (e.g. keepalive timeout).
With that said, we shouldn't check for 'RB_EMPTY(&fn->upstream)'
in lde_kernel_update() because it can prevent ldpd from sending label
mappings in such circumstances. This check was introduced to avoid sending
the same label mapping more than once to the same neighbor, but we need
to remove this optimization for now until we find a better solution (which
probably involves refactoring the whole zebra<->ldpd communication).
While here, add a new debug message in lde_send_labelmapping() which
can aid in troubleshooting label problems in the future.
Renato Westphal [Fri, 30 Jun 2017 15:19:39 +0000 (12:19 -0300)]
ldpd: integrate with the pseudowire manager in zebra
If we receive a notification from zebra indicating that the installation
of a pseudowire has failed (e.g. no reachability), send a PW Status
notification to the remote peer (or a Label Withdraw if the remote peer
doesn't support the PW Status TLV).
Renato Westphal [Thu, 8 Jun 2017 23:29:12 +0000 (20:29 -0300)]
zebra: add new flag to detect nexthop label updates
With the introduction of the pseudowire manager, the NHT tracking code
needs to detect label updates as well.
Create a specific nexthop flag for that. We can't reuse the
RIB_ENTRY_NEXTHOPS_CHANGED flag for this porpose because this flag is
always cleared and reevaluated in rib_process(), setting it outside that
function is a nop.
Renato Westphal [Fri, 30 Jun 2017 15:26:04 +0000 (12:26 -0300)]
zebra: add nexthop tracking for pseudowires
If the remote end of a pseudowire becomes unreachable (no route or an
unlabeled route), then it must be uninstalled. In the same way, when
the remote end becomes reachable, the pseudowire must be installed.
ßingen [Mon, 15 May 2017 15:09:28 +0000 (17:09 +0200)]
zebra: add pseudowire manager
Base framework for supporting MPLS pseudowires in FRR.
A consistent zserv interface is provided so that any client daemon
(e.g. ldpd, bgpd) can install/uninstall pseudowires in a standard
way. Static pseudowires can also be implemented by using the same
interface.
When zebra receives a request to install a pseudowire and the installation
in the kernel or hardware fails, a notification is sent back to the
client daemon and a new install attempt is made every 60 seconds (until
it succeeds).
Support for external dataplanes is provided by the use of hooks to
install/uninstall pseudowires.
We were assuming that a neighbor can be deleted only when all of its
adjacencies are dead. This is not the case for dual-stack neighbors. If
the transport-preference is IPv4 and all adjacencies are IPv6 (or
vice-versa), then it should be deleted and everything cleaned-up
accordingly.
Bug exposed by the new RB tree implementation on master, but the fix
also applies to stable/3.0.
Quentin Young [Tue, 20 Jun 2017 23:56:50 +0000 (23:56 +0000)]
*: simplify log message lookup
log.c provides functionality for associating a constant (typically a
protocol constant) with a string and finding the string given the
constant. However this is highly delicate code that is extremely prone
to stack overflows and off-by-one's due to requiring the developer to
always remember to update the array size constant and to do so correctly
which, as shown by example, is never a good idea.b
The original goal of this code was to try to implement lookups in O(1)
time without a linear search through the message array. Since this code
is used 99% of the time for debugs, it's worth the 5-6 additional cmp's
worst case if it means we avoid explitable bugs due to oversights...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Renato Westphal [Tue, 13 Jun 2017 13:32:24 +0000 (10:32 -0300)]
ldpd: fix issues with dual-stack adjacencies
Handling configuration changes from single-stack mode to dual-stack mode
(and vice-versa) is tricky. This patch attempts to solve all issues that
might happen on such circumstances.
Chirag Shah [Mon, 12 Jun 2017 16:53:21 +0000 (09:53 -0700)]
ospfd: ospf bandwidth handling
if bandwidth is not set from Zebra use speed as bandwidth
for ospf route.
Testing Done:
Verfied over bond which has aggregated speed of all member interfaces,
cost is reflected in ospf route and ip route.
Manually changed interface bandwidth which replaces speed as bw, instead
uses cli entered value as bw, verifid output of ospf route and ip route.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Renato Westphal [Wed, 7 Jun 2017 00:24:02 +0000 (21:24 -0300)]
ldpd: remove pledge calls
In OpenBSD pledge is a mitigation mechanism used to restrict the syscalls
a program can use, enforcing its correct behavior.
In this port of OpenBSD's ldpd(8), it's hard to run under the same
tight pledge promises because of libfrr and additional components we
introduced, like a zclient in lde. Since ldpd is already privsep'ed,
removing the pledge calls shouldn't be a big compromise security-wise.
Martin Winter [Mon, 22 May 2017 11:07:22 +0000 (04:07 -0700)]
redhat: Disallow reload function for unsupported systems
Before the change, a reload triggered a restart if the python reload script wasn't installed or for non-integrated configs
With this change, the reload is rejected with an error in this case (and suggests the installation of the python script package)
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
redhat: use %initsystem check that works when chrooted
`systemctl' returns different, non-useful output while in a chroot.
Switch to checking if /sbin/init is a symlink to the systemd binary.
With this change the build works in a mock chroot.
Martin Winter [Thu, 20 Apr 2017 01:12:10 +0000 (18:12 -0700)]
redhat: Fix BuildRequires for FRR/2.0 and duplicate /etc/frr/daemons
- add make & gcc
- remove autoconf and automake (not needed to build from src.rpm)
- fix texi2html version detection for case when no texi2html is installed (broke yum-builddep)
- fix duplicate listing of /etc/frr/daemons
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
projects / mirror / frr.git / log