Philippe Guibert [Fri, 20 Dec 2019 16:51:37 +0000 (17:51 +0100)]
lib, zebra: reuse and adapt ns_list walk functionality
the walk routine is used by vxlan service to identify some contexts in
each specific network namespace, when vrf netns backend is used. that
walk mechanism is extended with some additional paramters to the walk
routine.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Fri, 25 Oct 2019 12:25:00 +0000 (14:25 +0200)]
zebra: when parsing local entry against dad, retrieve config
when duplicate address detection is observed, some incrementation,
some timing mechanisms need to be done. For that the main evpn
configuration is retrieved. Until now, the VRF that was storing the dad
config parameters was the same VRF that hosted the VXLAN interface. With
netns backend, this is not true, as the VXLAN interface is in the
same VRF as the bridge interface. The modification takes same definition
as in BGP, that is to say that there is a single bgp evpn instance, and
this is that instance that will give the correct config settings.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Fri, 11 Oct 2019 12:11:13 +0000 (14:11 +0200)]
bgpd: evpn nexthop can be changed by default
There can be cases where evpn traffic is not meshed across various
endpoints, but sent to a central pe. For this situation, remove the
nexthop unchanged default behaviour for bgp evpn. Also add route
reflector commands to bgp evpn node.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: zvni_map_to_vlan() adaptation for all namespaces
this change is needed when a MAC/IP entry is learned by zebra, and the
entry happens to be in a different namespace. So that the entry be
active, the correct vni match has to be found.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this information is necessary for local information, because the
interface associated to the mac address is stored with its ifindex, and
the ifindex may not be enough to get to the right interface when it
comes with multiple network namespaces.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: bridge layer2 information records ns_id where bridge is
when working with vrf netns backend, two bridges interfaces may have the
same bridge interface index, but not the same namespace. because in vrf
netns backend mode, a bridge slave always belong to the same network
namespace, then a check with the namespace id and the ns id of the
bridge interface permits to resolve correctly the interface pointer.
The problem could occur if a same index of two bridge interfaces can be
found on two different namespaces.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra, lib: new API to get absolute netns val from relative netns val
when receiving a netlink API for an interface in a namespace, this
interface may come with LINK_NSID value, which means that the interface
has its link in an other namespace. Unfortunately, the link_nsid value
is self to that namespace, and there is a need to know what is its
associated nsid value from the default namespace point of view.
The information collected previously on each namespace, can then be
compared with that value to check if the link belongs to the default
namespace or not.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra, lib: store relative default ns id in each namespace
to be able to retrieve the network namespace identifier for each
namespace, the ns id is stored in each ns context. For default
namespace, the netns id is the same as that value.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra, lib: add an internal API to get relative default nsid in other ns
as remind, the netns identifiers are local to a namespace. that is to
say that for instance, a vrf <vrfx> will have a netns id value in one
netns, and have an other netns id value in one other netns.
There is a need for zebra daemon to collect some cross information, like
the LINK_NETNSID information from interfaces having link layer in an
other network namespace. For that, it is needed to have a global
overview instead of a relative overview per namespace.
The first brick of this change is an API that sticks to netlink API,
that uses NETNSA_TARGET_NSID. from a given vrf vrfX, and a new vrf
created vrfY, the API returns the value of nsID from vrfX, inside the
new vrf vrfY.
The brick also gets the ns id value of default namespace in each other
namespace. An additional value in ns.h is offered, that permits to
retrieve the default namespace context.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: map vxlan interface to bridge interface with correct ns id
an incoming bridge index has been found, that is linked with vxlan
interface, and the search for that bridge interface is done. In
vrf-lite, the search is done across the same default namespace, because
bridge and vxlan may not be in the same vrf. But this behaviour is wrong
when using vrf netns backend, as the bridge and the vxlan have to be in
the same vrf ( hence in the same network namespace). To comply with
that, use the netnamespace of the vxlan interface. Like that, the
appropriate nsid is passed as parameter, and consequently, the search is
correct, and the mac address passed to BGP will be ok too.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Thu, 26 Sep 2019 16:49:59 +0000 (18:49 +0200)]
zebra: importation of bgp evpn rt5 from vni with other netns
With vrf-lite mechanisms, it is possible to create layer 3 vnis by
creating a bridge interface in default vr, by creating a vxlan interface
that is attached to that bridge interface, then by moving the vxlan
interface to the wished vrf.
With vrf-netns mechanism, it is slightly different since bridged
interfaces can not be separated in different network namespaces. To make
it work, the setup consists in :
- creating a vxlan interface on default vrf.
- move the vxlan interface to the wished vrf ( with an other netns)
- create a bridge interface in the wished vrf
- attach the vxlan interface to that bridged interface
from that point, if BGP is enabled to advertise vnis in default vrf,
then vxlan interfaces are discovered appropriately in other vrfs,
provided that the link interface still resides in the vrf where l2vpn is
advertised.
to import ipv4 entries from a separate vrf, into the l2vpn, the
configuration of vni in the dedicated vrf + the advertisement of ipv4
entries in bgp vrf will import the entries in the bgp l2vpn.
the modification consists in parsing the vxlan interfaces in all network
namespaces, where the link resides in the same network namespace as the
bgp core instance where bgp l2vpn is enabled.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Tue, 24 Sep 2019 08:44:58 +0000 (10:44 +0200)]
zebra: across network namespace, vxlan remembers the link information
the link information of vxlan interface is populated in layer 2
information, as well as in layer 2 vxlan information. This information
will be used later to collect vnis that are in other network namespaces,
but where bgp evpn is enabled on main network namespaces, and those vnis
have the link information in that namespace.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Donald Sharp [Thu, 14 May 2020 18:07:23 +0000 (14:07 -0400)]
tools: Only load instances or daemon
Original start/stop of FRR prior to David's rewrite in
PR 3507, when configuring multi-instance would
only start multi-instance (-1 -2 -3 -4...) or
just the daemon, not both. If you happened
to start a ospfd instance of 1 then both
the default and instance 1 would react to cli.
Do not allow this, put it back to original behavior
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Olivier Dugeon [Mon, 4 May 2020 16:26:21 +0000 (18:26 +0200)]
isisd: IS-IS-SR preparation for master 4/5
* Regroup fonctions to install label for Prefix and Adjacency SID
* Change 'replace_semantics' variable name by 'make_before_break' in
sr_prefix_reinstall() function and adjust comments
* Call directly lsp_regenerate_schedule() from isis_nb_config.c when MSD
is updated
Olivier Dugeon [Sun, 3 May 2020 18:01:20 +0000 (20:01 +0200)]
isisd: IS-IS-SR preparation for master 2/5
* Rename functions following rules: isis_sr_XXX is kept for external functions
and isis_sr prefix remove for static ones
* Rename local_label & remote_label variables by input_label & output_label
* Change parameter order (to follow other functions) in sr_node_srgb_update()
* Rename RB-TREE variable from tree_sr_XXX to srdb_XXX
* Replace parse_flags by an enum and rename it srdb_state which reflects
more the role of this flag: determined the state of SR-Node and SR-Prefix
stored in the SRDB: VALIDATED, NEW, MODIFIED, UNCHANGED
Tim Bray [Tue, 12 May 2020 10:41:13 +0000 (11:41 +0100)]
doc: Improve Zebra set src documentation. (IPv6)
Include an IPv6 example for set src
And a note that the IP address has to exist. This is to try and make
people aware to avoid things like issue #4249
https://github.com/FRRouting/frr/issues/4249
Chirag Shah [Fri, 28 Feb 2020 02:38:24 +0000 (18:38 -0800)]
zebra: northbound changes for the rib model
This commit implements:
RIB operational list create/destroy.
Walk over RIB tables using keys.
The first RIB table will be IPV4/unicast (table-id 254)
will be fetched.
Create a new api to fetch RIB table based on
afi-safi and table id as the keys.
remove mandatory true statement from the leaf which
is part of the list key.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
lynne [Thu, 7 May 2020 16:31:40 +0000 (12:31 -0400)]
ldpd and Zebra: Expand existing debug commands.
L2VPN PW are very hard to determine why they do not come up. The following
fixes expand the existing show commands in ldp and zebra to display a
reason why the PW is in the DOWN state and also display the labeled nexthop
route selected to reach the PW peer. By adding this information it will
provide the user some guidance on how to debug the PW issue. Also fixed an
assert if labels were changed for a PW that is between directly connected
peers.
Donald Sharp [Mon, 11 May 2020 12:45:11 +0000 (08:45 -0400)]
bgpd: really remove the `no ip as-path...` command
We had already removed the `ip as-path..` command
to have `bgp as-path` but for some reason a `no ip as-path..`
command ALIAS was still around. Kill with extreme prejudice.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Wed, 6 May 2020 23:36:19 +0000 (19:36 -0400)]
lib: convert GRPC plugin to async
Synchronous GRPC services are called from arbitrary threads. This makes
access to anything outside the GRPC module unsafe. We need to convert
the plugin to use the async model that allows us to control our own
threads.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Thu, 7 May 2020 14:03:31 +0000 (10:03 -0400)]
bgpd: `bgp bestpath bandwidth` should not be a legal command
The `bgp bestpath bandwidth` command should not be a legal
command. Pull out the `no` form to allow this. Allow
`no bgp bestpath bandwidth` to work as we would expect.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Wed, 6 May 2020 14:13:48 +0000 (10:13 -0400)]
zebra: Loosen ONLINK restrictions a tiny bit
Loosen the ONLINK restrictions such that when an upper
level protocol sends us a nexthop with an ONLINK attribute
just ensure that interface is up and usable. ONLINK effectively
means we know what we are doing to the kernel.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
projects / matthieu / frr.git / log