Pascal Mathis [Tue, 12 Jun 2018 15:09:49 +0000 (17:09 +0200)]
bgpd: Fix AF-attribute overrides when binding peer
The current implementation of the overrides for peer address-family
attributes suffered a bug, which caused all peer-specific attributes to
be lost when the peer was added to a peer-group which already had that
specific address-family active.
This commit extends the *peer_group2peer_config_copy_af* function to
respect overridden flags properly. Additionally, the arguments of the
macros *PEER_ATTR_INHERIT* and *PEER_STR_ATTR_INHERIT* have been
reordered to be more consistent and easy to read.
This commit also adds further test cases to the BGP peer attributes test
suite, so that this kind of error is being caught in future commits. The
missing AF-attribute *distribute-list* has also been added to the test
suite.
Pascal Mathis [Mon, 11 Jun 2018 17:49:20 +0000 (19:49 +0200)]
bgpd: Implement group-overrides for peer flags
The current implementation of peer flags (e.g. shutdown, passive, ...)
only has partial support for overriding flags of a peer-group when the
peer is a member. Often settings might get lost if the user toys around
with the peer-group configuration, which can lead to disaster.
This commit introduces the same override implementation which was
previously integrated to support proper peer flag/attribute override on
the address-family level. The code is very similar and the global
attributes now use their separate state-arrays *flags_invert* and
*flags_override*.
The test suite for BGP peer attributes was extended to also check peer
global attributes, so that the newly introduced changes are covered. An
additional feature was added which allows to test an attribute with an
*interface-peer*, which can be configured by running `neighbor IF-TEST
interface`. This was introduced so that the dynamic runtime inversion of
the `extended-nexthop` flag, which is only enabled by default for
interface peers, can also be tested.
Last but not least, two small changes have been made to the current bgpd
implementation:
- The command `strict-capability-match` can now also be set on a
peer-group, it seems like this command slipped through while
implementing peer-groups in the very past.
- The macro `COND_FLAG` was introduced inside lib/zebra.h, which now
allows to either set or unset a flag based on a condition. The syntax
for using this macro is: `COND_FLAG(flag_variable, flag, condition)`
Chirag Shah [Wed, 13 Jun 2018 05:13:05 +0000 (22:13 -0700)]
bgpd: Fix bgpd crash in evpn vni route-map
When evpn configured wiht route-map with vni which is not
configured. Upon receiving evpn routes (i.e Type-2, Type-3),
route-map match will be triggered. Since there is no l2vni
exists in db, some of the member fields in bgp_info (i.e.
dummy_info_extra) are passed uninitialized to evpn filter match cb.
This results in inaccessible memory causes crash.
Fix is to memset the bgp_info prior to passing to evpn filter cb.
In evpn vni filter cb, ensure to have NULL check for member filed
of the bgp_info.
memset bgp_info at few places where it is passed to route_match.
Ticket:CM-21335
Reviewed By:
Testing Done:
Configure route-map with not configured l2vni
Simulate to learn l2vpn type-2, 3 route
Restart frr.service with below config
address-family l2vpn evpn
neighbor fear route-map EVPN_VNI out
route-map EVPN_VNI deny 10
match evpn vni 140010
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Quentin Young [Fri, 8 Jun 2018 16:39:31 +0000 (16:39 +0000)]
*: disable all sanitizers for clippy build
* Move configure flag propagations out of user flags
* Use AC_SUBST to transfer flag values to Automake
* Set default AM_CFLAGS and AM_CPPFLAGS in common.am and change child
Makefiles to modify these base variables
* Add flag override to turn off all sanitizers when building clippy
* Remove LSAN suppressions blacklist as it's no longer needed
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Wed, 6 Jun 2018 21:53:09 +0000 (21:53 +0000)]
doc: clean up introductory user docs
* Update the list of protocol daemons from 5 to the current 13
* Rewrap and clean up formatting for lots of miscellaneous code blocks
* Improve English in various spots
* Update architecture description and diagram
* Remove duplicate information on reporting bugs
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Thu, 7 Jun 2018 23:51:13 +0000 (19:51 -0400)]
bgpd, lib, ospf6d, vtysh: fix possible snprintf possible truncation
With a new version of clang 6.0, the compiler is detecting more
issues where we may be possibly be truncating the output string.
Fix by increasing the size of the output string to make the compiler
happy.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Thu, 7 Jun 2018 22:35:52 +0000 (22:35 +0000)]
doc: massive cleanup of bgp.rst
This doc needed (and still needs) a lot of love.
* Reorganize doc into logical sections
* Clean up lots of grammatical mistakes and misspellings
* Clean up lots of bad formatting
* Remove non-existent configuration options and commands
* Mark deprecated configuration options as deprecated
* Fix all cross-references to follow a standard format
* Fix capitalization on section and subsection titles
* Fix section and subsection level underlines
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Thu, 7 Jun 2018 21:10:38 +0000 (17:10 -0400)]
bgpd: Actually display labeled unicast routes received
The labeled unicast and unicast tables have been combined
into the unicast table. Additionally we have a restriction
where if you configure labeled unicast you cannot configure
unicast. This created a bug with 'show bgp ipv4 labeled-unicast summ'
command where we were displaying NoNeg, because v4 has been intentionally
turned off.
Modify the code so that when we are looking up if we have negotiated
a capapbility we use the correct one, while still using the appropriate
table for prefix count.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Renato Westphal [Thu, 7 Jun 2018 18:45:33 +0000 (15:45 -0300)]
zebra: remove unnecessary preprocessor check
The IFLA_INFO_SLAVE_KIND constant is always defined now that we imported
our own copies of the Linux kernel headers. Remove the preprocessor
checks since they aren't necessary anymore.
Quentin Young [Wed, 6 Jun 2018 19:09:44 +0000 (19:09 +0000)]
lib: fix output mangling with | include
Sometimes output would be mangled when filtering with include as a
result of the following bugs:
* Filters were applied per each call to vty_out() instead of buffering
until a line break and then applying
* Long output would sometimes be cut due to using the wrong buffer
pointer
Also remove the trailing \n as it should no longer be necessary to
ensure the vty prompt ends up on a new line.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Wed, 6 Jun 2018 17:33:19 +0000 (13:33 -0400)]
bgpd: Collapse bgp_aggregate_add into bgp_aggregate_route
These two functions are functionally the same, except
bgp_aggregate_route is meant to handle the addition and
deletion of routes, while aggregate_add is meant for all of them.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Wed, 6 Jun 2018 17:13:00 +0000 (13:13 -0400)]
bgpd: Allow bgp to know when to actually add/delete agg route
The aggregated route was being sent in updates to peers every
time a route changed that we were aggregating. Modify
the code such that we only send aggregated route updates
if we actually have something different to tell the peer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
projects / matthieu / frr.git / log