Donatas Abraitis [Tue, 30 Jan 2024 13:44:38 +0000 (15:44 +0200)]
bgpd: Reinstall aggregated routes if using route-maps and it was changed
Without this change when we change the route-map, we never reinstall the route
if the route-map has changed.
We checked only some attributes like aspath, communities, large-communities,
extended-communities, but ignoring the rest of attributes.
With this change, let's check if the route-map has changed.
bgp_route_map_process_update() is triggered on route-map change, and we set
`changed` to true, which treats aggregated route as not the same as it was before.
The previous commit has added a routing leak update when a nexthop
update is received from zebra. It indirectly calls
bgp_find_or_add_nexthop() in which a static route triggers a nexthop
cache entry registration that triggers a nexthop update from zebra.
Do not register again the nexthop cache entry if the BGP_STATIC_ROUTE is
already set.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Fri, 29 Apr 2022 12:26:04 +0000 (14:26 +0200)]
bgpd: fix VRF leaking with 'network import-check' (3/4)
If 'bgp network import-check' is defined on the source BGP session,
prefixes that are defined with the network command cannot be leaked to
the other VRFs BGP table even if they are present in the origin VRF RIB
if the 'rt import' statement is defined after the 'network <prefix>'
ones.
When a prefix nexthop is updated, update the prefix route leaking. The
current state of nexthop validation is now stored in the attributes of
the bgp path info. Attributes are compared with the previous ones at
route leaking update so that a nexthop validation change now triggers
the update of destination VRF BGP table.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Thu, 28 Apr 2022 16:32:20 +0000 (18:32 +0200)]
bgpd: fix VRF leaking with 'network import-check' (1/4)
If 'bgp network import-check' is defined on the source BGP session,
prefixes that are defined with the network command cannot be leaked to
the other VRFs BGP table even if they are present in the origin VRF RIB.
Always validate the nexthop of BGP static routes (i.e. defined with the
network statement) if 'network import-check' is defined on the source
BGP session and the prefix is present in source RIB.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Igor Ryzhov [Wed, 24 Jan 2024 03:11:07 +0000 (05:11 +0200)]
zebra, build: disable irdp by default
IRDP client (rdisc) was deleted from iputils more than 2 years ago. It's
time to drop IRDP, but first let's stop building and including it in the
packages by default to see if anyone will be complaining.
Igor Ryzhov [Sun, 28 Jan 2024 21:23:57 +0000 (23:23 +0200)]
lib, mgmtd, zebra: cleanup of zebra conversion to mgmtd
- use `apply_finish` callback when possible to avoid multiple applies per commit
- move table range working to the CLI handler
- remove unnecessary conditional compilation
- remove unnecessary boolean conversion
Igor Ryzhov [Sat, 27 Jan 2024 04:20:22 +0000 (06:20 +0200)]
build: remove mgmtd exception from xref2vtysh
We may actually need to send CLI commands to mgmtd and another daemon at
the same time, for example, if this daemon is not mgmtd-converted. The
only daemon this exception protects is staticd. But we don't actually
need any configuration commands in staticd, so just remove the exception
and don't install unnecessary commands to staticd.
Igor Ryzhov [Wed, 24 Jan 2024 20:26:47 +0000 (22:26 +0200)]
lib: fix yang_dnode_dup
When duplicating nodes, we should always keep flags, especially the
LYD_NEW flag that indicates not validated data. This allows to select a
new choice's case without the need to explicitly remove the existing one.
Igor Ryzhov [Sat, 27 Jan 2024 11:11:08 +0000 (13:11 +0200)]
zebra: make vrf netns commands do nothing
These commands don't really provide any functionality. VRF is associated
with netns automatically based on its name, and it's not possible to
associate VRF and netns with different names with these commands:
- When trying to assosiate a VRF with an already existing netns with a
different name:
`NS /run/netns/test is already configured with VRF 1(test)`
- When trying to assiciate a VRF with a non-existing netns, so they
become linked once the netns is created:
`Invalid pathname for /run/netns/test: No such file or directory`
- When doing "no netns" to unlink the netns and link it back to the same
VRF:
`VRF 1 is already configured with VRF test`
- When doing "no netns" to unlink the netns and link it to another VRF:
`Can not associate NS 4294967295 with NETNS /run/netns/test`
As shown above, not a single usecase is working. We can't remove them
completely to preserve backwards-compatibility, so just make them empty.
The main reason for this change is not to spend a lot of time trying to
figure out how to convert them to northbound.
Igor Ryzhov [Sat, 20 Jan 2024 01:43:18 +0000 (03:43 +0200)]
lib: fix conversion of yang decimal64 to double
Current denominators are not integers and some of them lose precision
because of that, for example, 1e-6 is actually stored as
9.9999999999999995e-07 and 1-e12 is stored as 9.9999999999999998e-13.
When multiplying by such denominators, we receive incorrect values.
Changing denominators to integers and using division instead of
multiplication improves precision and solves the problem.
Igor Ryzhov [Fri, 19 Jan 2024 11:06:53 +0000 (13:06 +0200)]
zebra: convert interface link-params command to NB
Make link-params a presence container and activate it when entering the
node. The "enable" command is not necessary anymore but kept hidden for
backwards compatibility.
Igor Ryzhov [Wed, 17 Jan 2024 12:28:13 +0000 (14:28 +0200)]
zebra: convert inteface multicast command to NB
Introduce new "[no] multicast <enable|disable>" command to be able to
remove the configuration. Current "[no] multicast" command cannot be
removed. Current command is hidden but still works for backwards
compatibility.
Igor Ryzhov [Sat, 27 Jan 2024 23:18:10 +0000 (01:18 +0200)]
mgmtd: fix get-data transaction hangup
When no data requests were sent to the backends, return immediately,
instead of waiting for a timeout. This can happen if backends providing
the requested data are not connected to mgmtd.
David Lamparter [Thu, 25 Jan 2024 19:29:14 +0000 (20:29 +0100)]
build: homologize path handling
Use consistent `e_somepath` names for expanded versions of `somepath`.
Also remove all paths from `config.h` and put them into
`lib/config_paths.h` - this is to make more obvious when someone is
doing something probably not quite properly structured.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 25 Jan 2024 18:59:22 +0000 (19:59 +0100)]
lib, mgmtd: fix commit history location
Both of these belong in `/var/lib`, not `/var/run`.
Rather hilariously, the history read in
`mgmt_history_read_cmt_record_index` was always failing, because it was
doing a `file_exists(MGMTD_COMMIT_FILE_PATH)` check. Which is the wrong
macro - it's `.../commit-%s.json`, including the unprocessed `%s`, which
would never exist.
I guess noone ever tried if this actually works. Cool.
On the plus side, this means I don't have to implement legacy
compatibility for this, since it never worked to begin with.
(SQLite3 DB location is also changed in this commit since it also uses
`DAEMON_DB_DIR`.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 25 Jan 2024 18:37:26 +0000 (19:37 +0100)]
ospf6d: fix GR & auth seqno state location
Unfortunately, `ospf6d` is much worse than `ospfd` and `isisd` regarding
its state saving, due to the existence of the auth trailer code.
Again, this belongs in `/var/lib`, not `/var/run`.
Merge both state files into one, and add reconciliation code for the
auth seqno.
I'm gonna save my comment on the fact that `ospf6_auth_seqno_nvm_delete`
is not in fact used anywhere. Which is now a warning because it's
`static`. Well. It probably should be used somewhere, so leave it in.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Thu, 25 Jan 2024 17:09:17 +0000 (18:09 +0100)]
lib: create `frr_daemon_state_{load,save}`
These functions load daemon-specific persistent state from
`/var/lib/frr` and supersede open-coded variants of similar calls in
ospfd, ospf6d and isisd to save GR state and/or sequence numbers.
Unlike the open-coded variants, the save call correctly `fsync()`s the
saved data to ensure disk contents are consistent.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Wed, 24 Jan 2024 18:32:10 +0000 (19:32 +0100)]
build: untangle sysconfdir & localstatedir
`--sysconfdir` should be `/etc` and `--localstatedir` should be `/var`.
The package-specific subdirectory should be added by configure, not
given by the user, to match established behavior by other packages.
Note that `--bindir`, `--sbindir`, `--libdir` and `--libexecdir` have
different established/expected behavior due to distro specific
multi-arch support. That's why these are left unchanged.
The reason this is getting fixed now is that we need to use
`--localstatedir` for its actual value to put things in `/var/lib`. As
it is now, being overloaded for `/run`, the configured `/var` path
becomes inaccessible.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
projects / mirror / frr.git / log