For multicast pimv6 join and traffic, socat is
used, which was not cleaned up post tests executions,
enhanced kill_socat() API to kill socat join and
traffic specific PIDs during teardown module.
Trey Aspelund [Fri, 31 Mar 2023 21:46:21 +0000 (17:46 -0400)]
bgpd: fix ecommunity parsing for AS4
The parser for extended communities was incorrectly disallowing an
operator from configuring "Route Origin" extended communities
(e.g. RD/RT/SoO) with a 4-byte value matching BGP_AS4_MAX (UINT32_MAX)
and allowed the user to overflow UINT32_MAX. This updates the parser to
read the value as a uint64_t so that we can do proper checks on the
upper bounds (> BGP_AS4_MAX || errno).
before:
```
TORC11(config-router-af)# neighbor uplink-1 soo 4294967296:65
TORC11(config-router-af)# do sh run | include soo
neighbor uplink-1 soo 0:65
TORC11(config-router-af)# neighbor uplink-1 soo 4294967295:65
% Malformed SoO extended community
TORC11(config-router-af)#
```
after:
```
TORC11(config-router-af)# neighbor uplink-1 soo 4294967296:65
% Malformed SoO extended community
TORC11(config-router-af)# neighbor uplink-1 soo 4294967295:65
TORC11(config-router-af)# do sh run | include soo
neighbor uplink-1 soo 4294967295:65
TORC11(config-router-af)#
```
Currently the process of the `route-map` configuration for `per-vrf-rip`
is wrong.
There are two problems:
1. `ctx->name` for `if_rmap_ctx` is not initialized in `if_rmap_ctx_create()`.
2. The global `if_rmap_ctx_list` is wrongly used for `per-vrf-rip`.
So, two changes for it:
1. Correctly initializes `ctx->name`.
2. Use specific `if_rmap_ctx` for `per-vrf-rip`, not global one.
Note, this related implementation for `route-map` is only for `ripd`.
Before:
```
anlan(config)# route rip vrf vrf1
anlan(config-router)# route-map aa in lan
anlan(config-router)# do show run
!
router rip
route-map aa in lan
exit
!
```
After:
```
anlan(config)# route rip vrf vrf1
anlan(config-router)# route-map aa in lan
anlan(config-router)# do show run
!
router rip vrf vrf1
route-map aa in lan
exit
!
```
ospf neighbor DR and BDR router-id wrongly displays with interface
ip-address instead of router-id.
It is fixed to display the correct DR & BDR router-id for
JSON and CLI commands.
Commands:
```
show ip ospf vrf <vrf-name> neighbor detail json
show ip ospf vrf <vrf-name> neighbor detail
```
Before Fix:-
```
r1# show ip ospf vrf default neighbor swp1 detail
Neighbor 0.0.0.17, interface address 11.0.0.1
In the area 0.0.0.0 via interface swp1 local interface IP 11.0.0.2
Neighbor priority is 1, State is Full, Role is DR, 6 state changes
Most recent state change statistics:
Progressive change 1d15h05m ago
DR is 11.0.0.1, BDR is 11.0.0.2 ======> DR and BDR shows the intef &
local intf ipaddress
Options 2 *|-|-|-|-|-|E|-
Dead timer due in 35.178s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
r1#
r1# show ip ospf vrf default neighbor swp1 detail json
{
"0.0.0.17":[
{
"ifaceAddress":"11.0.0.1",
"areaId":"0.0.0.0",
"ifaceName":"swp1",
"localIfaceAddress":"11.0.0.2",
"nbrPriority":1,
"nbrState":"Full",
"role":"DR",
"stateChangeCounter":6,
"lastPrgrsvChangeMsec":141141533,
"routerDesignatedId":"11.0.0.1", =============> interface ip
instead of DR rotuer-id
"routerDesignatedBackupId":"11.0.0.2", =======> lo-interface ip
instead of BDR rotuer-id
"optionsCounter":2,
"optionsList":"*|-|-|-|-|-|E|-",
"routerDeadIntervalTimerDueMsec":32272,
"databaseSummaryListCounter":0,
"linkStateRequestListCounter":0,
"linkStateRetransmissionListCounter":0,
"threadInactivityTimer":"on",
"threadLinkStateRequestRetransmission":"on",
"threadLinkStateUpdateRetransmission":"on"
}
]
}
r1#
```
r1# show ip ospf vrf default neighbor swp1 detail
Neighbor 0.0.0.17, interface address 11.0.0.1
In the area 0.0.0.0 via interface swp1 local interface IP 11.0.0.2
Neighbor priority is 1, State is Full, Role is DR, 6 state changes
Most recent state change statistics:
Progressive change 1h18m11s ago
DR is 0.0.0.17, BDR is 0.0.0.12 =======> correct DR and BDR
router-id
Options 2 *|-|-|-|-|-|E|-
Dead timer due in 38.339s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
r1#
r1# show ip ospf vrf default neighbor swp
swp1 swp2 swp3 swp4
r1# show ip ospf vrf default neighbor swp2 detail
Neighbor 0.0.0.13, interface address 11.0.2.2
In the area 0.0.0.0 via interface swp2 local interface IP 11.0.2.1
Neighbor priority is 1, State is Full, Role is DR, 6 state changes
Most recent state change statistics:
Progressive change 12m02s ago
DR is 0.0.0.13, BDR is 0.0.0.12 =======> correct DR and BDR
router-id
Options 2 *|-|-|-|-|-|E|-
Dead timer due in 37.136s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
Trey Aspelund [Fri, 31 Mar 2023 22:34:48 +0000 (22:34 +0000)]
bgpd: add comments for 'json detail' show cmd code
The json structure changes used for 'json detail' show commands are not
very straightforward and might require code analysis to understand.
This addscommentary to the flow to explain the change in structure.
Renato Westphal [Wed, 8 Mar 2023 00:13:53 +0000 (21:13 -0300)]
ospfd: add support for NSSA Type-7 address ranges
Implement NSSA address ranges as specified by RFC 3101:
NSSA border routers may be configured with Type-7 address ranges.
Each Type-7 address range is defined as an [address,mask] pair. Many
separate Type-7 networks may fall into a single Type-7 address range,
just as a subnetted network is composed of many separate subnets.
NSSA border routers may aggregate Type-7 routes by advertising a
single Type-5 LSA for each Type-7 address range. The Type-5 LSA
resulting from a Type-7 address range match will be distributed to
all Type-5 capable areas.
Syntax:
area A.B.C.D nssa range A.B.C.D/M [<not-advertise|cost (0-16777215)>]
Example:
router ospf
router-id 1.1.1.1
area 1 nssa
area 1 nssa range 172.16.0.0/16
area 1 nssa range 10.1.0.0/16
!
Since regular area ranges and NSSA ranges have a lot in common,
this commit reuses the existing infrastructure for area ranges as
much as possible to avoid code duplication.
Renato Westphal [Wed, 8 Mar 2023 00:13:53 +0000 (21:13 -0300)]
ospfd: refactor range commands
* Update the "range" helpers to accept an area pointer instead of
an area ID;
* Always call ospf_area_display_format_set() after every "range"
command to ensure consistency.
Renato Westphal [Wed, 8 Mar 2023 00:13:53 +0000 (21:13 -0300)]
ospfd: implement Type-7 default routes for NSSA areas
Add the "default-information-originate" option to the "area X nssa"
command. That option allows the origination of Type-7 default routes
on NSSA ABRs and ASBRs.
Christian Hopps [Tue, 28 Mar 2023 17:08:01 +0000 (13:08 -0400)]
mgmtd: remove startup config feature for now
The startup config and how it interacts with explicit commits,
commit databases and implicit commits needs to be worked out
in design first. For now remove the offending code.
Olivier Dugeon [Thu, 30 Mar 2023 15:53:33 +0000 (17:53 +0200)]
isisd: Correction of subnets creation in the TED
Subnets may be incorrectly created in the IS-IS Traffic Engineering Database
(TED). Indeed, to be usable, the subnets advertised by IS-IS peers must be
adjusted to avoid misinterpretation. For example, consider R1 which is
connected to R2 with IP addresses 10.0.0.1/24 (R1) and 10.0.0.2/24 (R2).
R1 and R2 will advertize the prefix 10.0.0.0/24. By leaving the subnet with the
prefix 10.0.0.0/24 in the TED, it is not possible to determine whether
10.0.0.1 is attached to R1 or R2 or whether 10.0.0.3 exists.
So to avoid this, the subnet prefixes are adjusted with the IP addresses of the
local interface. But IS-IS can start to advertise the subnet when not all
adjacencies are up, especially when IPv4 and IPv6 are configured on the same
interface. This results in an uncorrected prefix, e.g. 10.0.0.0/24, remaining
in the TED when it should be removed.
This problem affects some isis-related tests such as the CSPF test.
This patch fixes this bug by removing the uncorrected prefix before adding the
the corrected version.
rbarroetavena [Thu, 23 Mar 2023 19:19:48 +0000 (16:19 -0300)]
bgpd: Trim long neighbor description with no whitespace
Fix for missing neighbor description in "show bgp summary [wide]"
when its length exceeds 20[64] chars and it doesn't contain
withespaces.
Existing behavior remains if description contains whitespaces
before size limit.
Donatas Abraitis [Thu, 30 Mar 2023 13:50:15 +0000 (16:50 +0300)]
tests: Check received routes count for labeled-unicast with addpath
Test failed time to time, let's try this way:
```
$ for x in $(seq 1 20); do cp test_bgp_labeled_unicast_addpath.py test_$x.py; done
$ sudo pytest -s -n 20
```
Ran 10 times using this pattern, no failure :shrug:
Before this change, we checked advertised routes, and at some point `=` was
missing from the output, but advertised correctly. Receiving router gets as
much routes as expected to receive.
I reversed checking received routes, not advertised.
Memory leaks are observed in the cleanup code. When “no router bgp" is executed,
cleanup in that flow for aggregate-address command is not taken care.
fixes the below leak:
--
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444:Direct leak of 152 byte(s) in 1 object(s) allocated from:
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #0 0x7f163e911037 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #1 0x7f163e4b9259 in qcalloc lib/memory.c:105
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #2 0x562bf42ebbd5 in bgp_aggregate_new bgpd/bgp_route.c:7239
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #3 0x562bf42f14e8 in bgp_aggregate_set bgpd/bgp_route.c:8421
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #4 0x562bf42f1e55 in aggregate_addressv6_magic bgpd/bgp_route.c:8592
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #5 0x562bf42be3f5 in aggregate_addressv6 bgpd/bgp_route_clippy.c:341
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #6 0x7f163e3f1e1b in cmd_execute_command_real lib/command.c:988
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #7 0x7f163e3f219c in cmd_execute_command lib/command.c:1048
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #8 0x7f163e3f2df4 in cmd_execute lib/command.c:1215
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #9 0x7f163e5a2d73 in vty_command lib/vty.c:544
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #10 0x7f163e5a79c8 in vty_execute lib/vty.c:1307
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #11 0x7f163e5ad299 in vtysh_read lib/vty.c:2216
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #12 0x7f163e593f16 in event_call lib/event.c:1995
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #13 0x7f163e47c839 in frr_run lib/libfrr.c:1185
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #14 0x562bf414e58d in main bgpd/bgp_main.c:505
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #15 0x7f163de66d09 in __libc_start_main ../csu/libc-start.c:308
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444:Direct leak of 152 byte(s) in 1 object(s) allocated from:
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #0 0x7f163e911037 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #1 0x7f163e4b9259 in qcalloc lib/memory.c:105
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #2 0x562bf42ebbd5 in bgp_aggregate_new bgpd/bgp_route.c:7239
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #3 0x562bf42f14e8 in bgp_aggregate_set bgpd/bgp_route.c:8421
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #4 0x562bf42f1cde in aggregate_addressv4_magic bgpd/bgp_route.c:8543
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #5 0x562bf42bd258 in aggregate_addressv4 bgpd/bgp_route_clippy.c:255
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #6 0x7f163e3f1e1b in cmd_execute_command_real lib/command.c:988
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #7 0x7f163e3f219c in cmd_execute_command lib/command.c:1048
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #8 0x7f163e3f2df4 in cmd_execute lib/command.c:1215
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #9 0x7f163e5a2d73 in vty_command lib/vty.c:544
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #10 0x7f163e5a79c8 in vty_execute lib/vty.c:1307
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #11 0x7f163e5ad299 in vtysh_read lib/vty.c:2216
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #12 0x7f163e593f16 in event_call lib/event.c:1995
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #13 0x7f163e47c839 in frr_run lib/libfrr.c:1185
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #14 0x562bf414e58d in main bgpd/bgp_main.c:505
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444- #15 0x7f163de66d09 in __libc_start_main ../csu/libc-start.c:308
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-
./bgp_local_asn_dot.test_bgp_local_asn_dot_agg/r3.bgpd.asan.3410444-SUMMARY: AddressSanitizer: 304 byte(s) leaked in 2 allocation(s).
Signed-off-by: Samanvitha B Bhargav <bsamanvitha@vmware.com>
Donald Sharp [Tue, 6 Dec 2022 15:23:11 +0000 (10:23 -0500)]
bgpd: Ensure stream received has enough data
BGP_PREFIX_SID_SRV6_L3_SERVICE attributes must not
fully trust the length value specified in the nlri.
Always ensure that the amount of data we need to read
can be fullfilled.
Reported-by: Iggy Frankovic <iggyfran@amazon.com> Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Isabella de Leon [Tue, 28 Mar 2023 23:18:59 +0000 (16:18 -0700)]
isisd: Add PDU drop counter to "show isis summary"
Adding a new drop counters section to "show isis summary".
New output:
Drop counters per PDU type:
P2P IIH: <count>
L2 LSP: <count>
L2 CSNP: <count>
L2 PSNP: <count>
...
Before:
r1# show isis summary
vrf : default
Process Id : 972
System Id : 0000.0000.0001
Up time : 00:00:48 ago
Number of areas : 1
Area TE:
Net: 49.0000.0000.0000.0001.00
TX counters per PDU type:
P2P IIH: 36
L2 LSP: 8
L2 CSNP: 12
L2 PSNP: 11
RX counters per PDU type:
P2P IIH: 37
L2 LSP: 17
L2 CSNP: 12
L2 PSNP: 6
Advertise high metrics: Disabled
...
After:
r1# show isis summary
vrf : default
Process Id : 972
System Id : 0000.0000.0001
Up time : 00:00:19 ago
Number of areas : 1
Area TE:
Net: 49.0000.0000.0000.0001.00
TX counters per PDU type:
P2P IIH: 16
L2 LSP: 2
L2 CSNP: 4
L2 PSNP: 6
LSP RXMT: 0
RX counters per PDU type:
P2P IIH: 16
L2 LSP: 5
L2 CSNP: 4
L2 PSNP: 2
Drop counters per PDU type:
P2P IIH: 2
Advertise high metrics: Disabled
...
Signed-off-by: Isabella de Leon <ideleon@microsoft.com>
Donatas Abraitis [Tue, 28 Mar 2023 13:18:47 +0000 (16:18 +0300)]
bgpd: Do not announce routes immediatelly on filter updates
If we set `bgp route-map delay-timer X`, we should ignore starting to announce
routes immediately, and wait for delay timer to expire (or ignore at all if set
to zero).
Quentin Young [Tue, 14 Sep 2021 17:14:25 +0000 (13:14 -0400)]
vtysh: fork() on boot
When using -b flag to apply config to all running daemons, fork a copy
of vtysh for each daemon we need to configure instead of doing them one
at a time. This is about N times faster when you have N daemons.
Signed-off-by: Quentin Young <qlyoung@nvidia.com>
mergeme
ospfd: Fix for vitual-link crash in signal handler
Whenever OSPF virtual-link is created, a virtual interface is
associated with it. Name of the virtual interface is derived by
combining "VLINK" string with the value of vlink_count, which is a global
variable.
Problem:
Consider a scenario where 2 virtual links A and B are created in OSPF with
virtual interfaces VLINK0 and VLINK1 respectively. When virtual-link A is unconfigured
and reconfigured, new interface name derived for it will be VLINK1, which is already
associated with virtual-link B. Due to this, both virtual-links A and B will
point to the same interface, VLINK1.
During FRR restart when signal handler is called, OSPF goes through all the virtual
links and deletes the interface(oi) associated with it. During the deletion of interface
for virtual-link B,it accesses the interface which was deleted already(which was deleted
during deletion of virual-link A) and whose fields were set to NULL. This
leads to OSPF crash.
Fixed it by not decrementing vlink_count during unconfig/deletion for virtual-link.
Donald Sharp [Mon, 27 Mar 2023 12:09:42 +0000 (08:09 -0400)]
mgmtd: Remove unnecessary asserts
event_add_XXXX functions have no failure path where
if you pass in a double event pointer that it could
return without setting the pointer. As such these
asserts make no sense and are unnecessary
Donald Sharp [Mon, 27 Mar 2023 12:08:36 +0000 (08:08 -0400)]
lib: Remove unneeded asserts in mgmt code
event_add_XXXX functions have no failure path where
if you pass in a double event pointer that it could
return without setting the pointer. As such these
asserts make no sense and are unnecessary
David Lamparter [Sat, 25 Mar 2023 03:34:35 +0000 (12:34 +0900)]
lib/clippy: bail out on newline inside string
While C compilers will generally process strings across lines, we really
don't want that. I rather treat this as the indication of the typo it
probably is warn about it than support this odd C edge case.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Donatas Abraitis [Thu, 23 Mar 2023 18:55:14 +0000 (20:55 +0200)]
tools: Set correct directory of vtysh for frr-reload.py
Before it was setting SDIR, which is /usr/lib/frr, but the vtysh binary is put
under bindir (which is /usr/local by default). And running `/usr/lib/frr/frr reload`
failed.
projects / matthieu / frr.git / log