Donald Sharp [Tue, 26 Sep 2017 23:46:02 +0000 (19:46 -0400)]
zebra: Fix irdp so it doesn't crash when looked at
irdp is crashing because it assumes that people have
configured it in a certain way. Ensure that this
'way' is honored at least enough so that we don't
crash.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Thu, 21 Sep 2017 20:03:17 +0000 (16:03 -0400)]
ospf6d: fix heap use after free
During the loop we save a pointer to the next route in the table in case
brouter is deleted during the course of the loop iteration. However when
we call ospf6_route_remove this can trigger ospf6_route_remove on other
routes in the table, one of which could be pointed at by said pointer.
Since ospf6_route_next locks the route that it returns, it won't
actually be deleted, instead the refcount will go to 1. In the next loop
iteration, nbrouter becomes brouter, and calling ospf6_route_next on
this one will finally decrement the refcount to 0, resulting in a free,
which causes subsequent reads on brouter to be UAF. Since the route will
have OSPF6_ROUTE_WAS_REMOVED set, provided the memory was not
overwritten before we got there, we'll continue on to the next one so it
is unlikely this will cause a crash in production.
Solution implemented is to check if we've deleted the route and continue
if so.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Christian Franke [Sat, 23 Sep 2017 18:01:43 +0000 (20:01 +0200)]
isisd: ensure fragments get always linked
When we receive or generate new versions of fragments which are
curently pending for age out, we need to ensure that they are correctly
linked to their lsp0.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Christian Franke [Sat, 23 Sep 2017 17:28:48 +0000 (19:28 +0200)]
isisd: always trigger spf run asynchronously
isis_spf_schedule gets called in states where an immediate spf run
will lead to crashes, e.g. from lsp_destroy. Delay the spf execution
until the event calling isis_spf_schedule has run to completion to
avoid this.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Christian Franke [Sat, 23 Sep 2017 17:27:29 +0000 (19:27 +0200)]
isisd: use only one IP of neighbor as nexthop
There is no point in building a multipath route via one neighbor
if there is only one link to the neighbor, but the neighbor has
multiple IPs on that link. So only create one nexthop per link.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Christian Franke [Fri, 22 Sep 2017 20:17:20 +0000 (22:17 +0200)]
isisd: Don't corrupt generated LSPs if information exceeds capacity
Standard IS-IS only supports up to 256 fragments per router. Recognize
when the information we want to advertise exceeds 256 fragments and
print a warning in this case instead of overflowing the fragment counter
and overwriting existing LSP fragments.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
zebra: make rib_add() a simple wrapper for rib_add_multipath()
Both function were very similar, and as we know code duplication is not
good. As an example, in the past couple of weeks some fixes were made
on rib_add() but not on rib_add_multipath(), causing known bugs to still
exist in a different form.
Instead of merging the two functions into one, let's make rib_add()
call rib_add_multipath() with the appropriate parameters. This way we
remove the code duplication but still keep the easy-to-use rib_add()
function for single-path routes.
zebra: fix detection of duplicate kernel routes (ECMP version)
Fixes the following bug:
% ip route add 50.0.0.0/8 nexthop via 10.0.1.2 nexthop via 10.0.2.2
% ip route replace 50.0.0.0/8 nexthop via 10.0.1.3 nexthop via 10.0.2.3
% ip route replace 50.0.0.0/8 nexthop via 10.0.1.4 nexthop via 10.0.2.4
%
% vtysh -c "show ip route"
[snip]
K * 50.0.0.0/8 [0/0] via 10.0.1.4, rt1-eth1, 00:00:00
* via 10.0.2.4, rt1-eth2, 00:00:00
K * 50.0.0.0/8 [0/0] via 10.0.1.3, rt1-eth1, 00:00:10
* via 10.0.2.3, rt1-eth2, 00:00:10
K>* 50.0.0.0/8 [0/0] via 10.0.1.2, rt1-eth1, 00:00:24
* via 10.0.2.2, rt1-eth2, 00:00:24
Commit a3d18ce6 fixed a similar problem for single-path routes.
*: fix segfault when sending more than MULTIPATH_NUM nexthops
This is a fallout from PR #1022 (zapi consolidation). In the early days,
the client daemons would allocate enough memory to send all nexthops
to zebra. Then zebra would add all nexthops to the RIB and respect
MULTIPATH_NUM only when installing the routes in the kernel. Now things
are different and the client daemons can send at most MULTIPATH_NUM
nexthops to zebra, and failure to respect that will result in a buffer
overflow. The MULTIPATH_NUM limit in the new zebra API is a small price
we pay to avoid allocating memory for each route sent to zebra.
Quentin Young [Mon, 18 Sep 2017 16:35:10 +0000 (12:35 -0400)]
vtysh: warn on cli targeting non-running daemon
Presently CLI entered for daemons which are not running is accepted
quietly, which can be confusing for users. This patch warns about it
when possible.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Daniel Walton [Mon, 18 Sep 2017 16:01:21 +0000 (16:01 +0000)]
pimd: Do not complain if re-joining an IGMP group
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
If you cut-n-paste an existing "ip igmp join 233.200.0.0 0.0.0.0"
command under an interface we should not return an error.
Donald Sharp [Fri, 15 Sep 2017 13:49:26 +0000 (09:49 -0400)]
bgpd: Do not put on outgoing stream type 5 route 2 times
With the change to allow bgp_evpn.c to support 2,3 and 5 evpn routes
the output of the route type is being done by bgp_evpn_encode_prefix
instead of the individual route encoder functions.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com.
Donald Sharp [Thu, 14 Sep 2017 14:28:04 +0000 (10:28 -0400)]
pimd: Add new 'debug pim nht rp' command
All the rp debugs were a mish-mash of TRACE or ZEBRA,
but the reality they were all focused on handling NHT
issues associated with the RP's. So let's create
a new debug 'debug pim nht rp' if you are having
issues with RP's.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Wed, 13 Sep 2017 14:39:13 +0000 (10:39 -0400)]
lib, doc: increase maximum cli tokens
When matching user input against a CLI graph, we keep a stack of tokens
matched. Stack size was limited to 64, making the effective number of
tokens that could be entered on a line 64. This is too limiting in some
circumstances, so bump it to 256 (and document it).
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Wed, 13 Sep 2017 13:46:28 +0000 (09:46 -0400)]
ospf6d: Fix crash in prefix-list handling
Commit 427f8e61bb711b51 introduced prefix list callbacks
to handle when a prefix list is changed. Unfortunately
if you have ospf6 running but not configured it crashes.
Modify ospf6d to not crash when we are not properly configured
yet for prefix-lists handling.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Wed, 13 Sep 2017 13:14:46 +0000 (09:14 -0400)]
bgpd: Fix warning introduced by PR #1133
I am merely fixing the compiler warning. I do not
understand what the as value should be for output
to the end user or where it should be retrieved
from.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Daniel Walton [Tue, 12 Sep 2017 18:03:07 +0000 (11:03 -0700)]
zebra: api.vrf_id should be re->vrf_id
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com> Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
This fixes route redistribution for VRFs
Don Slice [Thu, 7 Sep 2017 19:43:27 +0000 (19:43 +0000)]
bgpd: fix show ip bgp vrf <vrf> nexthop
Problem with not finding the correct bgp instance when doing the command
"show ip bgp vrf <vrf> nexthop" resolved by setting up the arg values
correctly. Manual testing fine. bgp-smoke had no new failures.
Ticket: CM-17454 Signed-off-by: Don Slice <dslice@cumulusnetworks.com> Reviewed-by: CCR-6664
projects / mirror / frr.git / log