**General**
- Add camelcase json keys in addition to pascalcase (Wrong JSON keys will be depracated)
- Fix corruption when route-map delete/add sequence happens (fast re-add)
- Reworked gRPC
- RFC5424 & journald extended syslog target
**bfdd**
- Fix broken FSM in active/passive modes
**bgpd**
- Notification Message Support for BGP Graceful Restart (rfc8538)
- BGP Cease Notification Subcode For BFD
- Send Hold Timer for BGP (own implementation without an additional knob)
- New `set as-path replace` command for BGP route-map
- New `match peer` command for BGP route-map
- New `ead-es-frag evi-limit` command for EVPN
- New `match evpn route-type` command for EVPN route-map to match Type-1/Type-4
- JSON outputs for all RPKI show commands
- Set attributes via route-map for BGP conditional advertisements
- Pass non-transitive extended communities between RS and RS-clients
- Send MED attribute when aggregate prefix is created
- Require librtr >= 0.8.0 for RPKI to fix connection handling (failover)
- Fix aspath memory leak in aggr_suppress_map_test
- Fix crash for `show ip bgp vrf all all neighbors 192.168.0.1 ...`
- Fix crash for `show ip bgp vrf all all`
- Fix memory leak for BGP Community Alias in CLI
- Fix memory leak when setting BGP community at egress
- Fix memory leak when setting BGP large-community at egress
- Fix SR color nexthop processing in BGP
- Fix setting local-preference in route-map using +/-
- Fix crash using Lua and route-map to set attributes via scripts
- Fix crash when issuing various forms of `bgp no-rib`
**isisd**
- JSON output for show summary command
- Fix crash when MTU mismatch occurs
- Fix crash with xfrm interface type
- Fix infinite loop when parsing LSPs
- Fix router capability TLV parsing issues
**vtysh**
- New `show thread timers` command
**ospfd6**
- Add LSA statistics to LSA database
- Add LSA stats to `show area json` output
- Show time left in hello timer for `show ipv6 ospf6 int`
- Permit route deletion without nexthops
- Restart SPF when distance is updated
- Stop refreshing Type-5 from NSSA
- Support keychain for ospf6 authentication
**ospfd**
- New `show ip ospf reachable-routers` command
- Restart SPF when distance is updated
- Use consistent JSON keys for `show ip ospf neighbor` and detail version
**pimd**
- Add additional IGMP stats
- Add IGMP join sent/failed statistics
- Add IGMP total groups and total source groups to statistics
- New `debug igmp trace detail` command
- New `ip pim passive` command
- JSON support added for command `show ip igmp sources`
- Allow the LPM match work properly with prefix lists and normal RP's
- Do not allow 224.0.0.0/24 range in IGMP join
- Fix IGMP packet/query check
- Handle PIM join/prune receive flow for IPv6
- Handle receive of (*,G) register stop with source address as 0
- Handle of exclude mode IGMPv3 report messages for SSM-aware group
- Handle of IGMPv2 report message for SSM-aware group range
- Send immediate join with possible sg rpt prune bit set
- Show group-type under `show ip pim rp-info`
- Show total received messages IGMP stats
**staticd**
- Capture zebra's advertised ECMP limit
- Don't register existing nexthop to Zebra
- Reject route config with too many nexthops
- Track nexthops per-safi
**watchfrr**
- Add some more information to `show watchfrr`
- Send operational state to systemd
**zebra**
- Add ability to know when FRR is not ASIC offloaded
- Add command for setting protodown bit
- Add dplane type for netconf data
- Add ECMP supported to `show zebra`
- Add EVPN status to `show zebra`
- Add if v4/v6 forwarding is turned on/off to `show zebra`
- Add initial zebra tracepoint support
- Add kernel nexthop group support to `show zebra`
- Add knowledge about ra and rfc 5549 to `show zebra`
- Add mpls status to `show zebra`
- Add netlink debug dump for netconf messages
- Add netlink debugs for ip rules
- Add OS and version to `show zebra`
- Add support for end.dt4
- Add to `show zebra` the type of vrf devices being used
- Allow *BSD to specify a receive buffer size
- Allow multiple connected routes to be choosen for kernel routes
- Allow system routes to recurse through themselves
- Don't send RAs w/o link-local v6 or on bridge-ports
- Evpn disable remove l2vni from l3vni list
- Evpn-mh bonds protodown check for set
- Evpn-mh use protodown update reason api
- Fix cleanup of meta queues on vrf disable
- Fix crash in evpn neigh cleanup all
- Fix missing delete vtep during vni transition
- Fix missing vrf change of l2vni on vxlan interface
- Fix rtadv startup when config read in is before interface up
- Fix use after deletion event in FreeBSD
- Fix v6 route replace failure turned into success
- Get zebra graceful restart working when restarting on *BSD
- Handle FreeBSD routing socket enobufs
- Handle protodown netlink for vxlan device
- Include mpls enabled status in interface output
- Include old reason in evpn-mh bond update
- Keep the interface flags safe on multiple ioctl calls
- Let /32 host route with same ip cross vrf
- Make router advertisement warnings show up once every 6 hours
- Prevent crash if zebra_route_all is used for a route type
- Prevent installation of connected multiple times
- Protodown-up event trigger interface up
- Register nht nexthops with proper safi
- Update advertise-svi-ip macips w/ new mac
- When handling unprocessed messages from kernel print usable string
- New `show ip nht mrib` command
- Handle ENOBUFS errors for FreeBSD
==395247== 8,268 (32 direct, 8,236 indirect) bytes in 1 blocks are definitely lost in loss record 199 of 205
==395247== at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==395247== by 0x492EB8E: qcalloc (in /usr/local/lib/libfrr.so.0.0.0)
==395247== by 0x490BB12: hash_get (in /usr/local/lib/libfrr.so.0.0.0)
==395247== by 0x1FBF63: community_intern (in /usr/lib/frr/bgpd)
==395247== by 0x1FC0C5: community_parse (in /usr/lib/frr/bgpd)
==395247== by 0x1F0B66: bgp_attr_community (in /usr/lib/frr/bgpd)
==395247== by 0x1F4185: bgp_attr_parse (in /usr/lib/frr/bgpd)
==395247== by 0x26BC29: bgp_update_receive (in /usr/lib/frr/bgpd)
==395247== by 0x26E887: bgp_process_packet (in /usr/lib/frr/bgpd)
==395247== by 0x4985380: thread_call (in /usr/local/lib/libfrr.so.0.0.0)
==395247== by 0x491D521: frr_run (in /usr/local/lib/libfrr.so.0.0.0)
==395247== by 0x1EBEE8: main (in /usr/lib/frr/bgpd)
==361630== 24,780 (96 direct, 24,684 indirect) bytes in 3 blocks are definitely lost in loss record 94 of 97
==361630== at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==361630== by 0x492EB8E: qcalloc (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x490BB12: hash_get (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x1FD3CC: bgp_ca_alias_insert (in /usr/lib/frr/bgpd)
==361630== by 0x2CF8E5: bgp_community_alias_magic (in /usr/lib/frr/bgpd)
==361630== by 0x2C980B: bgp_community_alias (in /usr/lib/frr/bgpd)
==361630== by 0x48E3556: cmd_execute_command_real (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x48E384B: cmd_execute_command_strict (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x48E3D41: command_config_read_one_line (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x48E3EBA: config_from_file (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x499065C: vty_read_file (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x4990FF4: vty_read_config (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x491CB95: frr_config_read_in (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x4985380: thread_call (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x491D521: frr_run (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x1EBEE8: main (in /usr/lib/frr/bgpd)
==361630==
==361630== 24,780 (96 direct, 24,684 indirect) bytes in 3 blocks are definitely lost in loss record 95 of 97
==361630== at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==361630== by 0x492EB8E: qcalloc (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x490BB12: hash_get (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x1FD39C: bgp_ca_community_insert (in /usr/lib/frr/bgpd)
==361630== by 0x2CF8F4: bgp_community_alias_magic (in /usr/lib/frr/bgpd)
==361630== by 0x2C980B: bgp_community_alias (in /usr/lib/frr/bgpd)
==361630== by 0x48E3556: cmd_execute_command_real (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x48E384B: cmd_execute_command_strict (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x48E3D41: command_config_read_one_line (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x48E3EBA: config_from_file (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x499065C: vty_read_file (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x4990FF4: vty_read_config (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x491CB95: frr_config_read_in (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x4985380: thread_call (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x491D521: frr_run (in /usr/local/lib/libfrr.so.0.0.0)
==361630== by 0x1EBEE8: main (in /usr/lib/frr/bgpd)
pimd: During prune pending, behave as NOINFO state
Fixed ANVL Conformance PIM-SM 16.3 test case.
When (S,G,rpt) prune is received, we were installing
the mroute immediately with none as OIF.
This leads to dropping the (S,G) traffic during prune
pending time as well.
Also we should not install the mroute if there is no
change in the rpf update.
These 2 things lead to the failure of the test case.
Fixed it by blocking the installation in this scenario.
When prune pending timer pops, it will take care of
installing the mroute with none as OIF.
bgpd: Free ->raw_data from Hard Notification message after we use it
==175785== 0 bytes in 1 blocks are definitely lost in loss record 1 of 88
==175785== at 0x483DD99: calloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==175785== by 0x492EB8E: qcalloc (in /usr/local/lib/libfrr.so.0.0.0)
==175785== by 0x269823: bgp_notify_decapsulate_hard_reset (in /usr/lib/frr/bgpd)
==175785== by 0x26C85D: bgp_notify_receive (in /usr/lib/frr/bgpd)
==175785== by 0x26E94E: bgp_process_packet (in /usr/lib/frr/bgpd)
==175785== by 0x4985349: thread_call (in /usr/local/lib/libfrr.so.0.0.0)
==175785== by 0x491D521: frr_run (in /usr/local/lib/libfrr.so.0.0.0)
==175785== by 0x1EBEE8: main (in /usr/lib/frr/bgpd)
==175785==
Louis Scalbert [Fri, 27 May 2022 08:42:53 +0000 (10:42 +0200)]
isisd: fix infinite loop when parsing LSPs
Fixing the crash:
> #0 0x0000560aa80f8e30 in lspdb_const_find (h=<error reading variable: Cannot access memory at address 0x7fff5e95efe8>, item=<error reading variable: Cannot access memory at address 0x7fff5e95efe0>) at ./isisd/isis_lsp.h:64
> #1 0x0000560aa80f8e9d in lspdb_find (h=0x560aaa1ed3b8, item=0x7fff5e95f050) at ./isisd/isis_lsp.h:64
> #2 0x0000560aa80f92f9 in lsp_search (head=0x560aaa1ed3b8, id=0x7fff5e95f200 "") at isisd/isis_lsp.c:100
> #3 0x0000560aa8113d69 in spf_adj_list_parse_tlv (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, id=0x560aad331a78 "", desig_is_id=0x0, pseudo_metric=0, metric=3, oldmetric=false, subtlvs=0x0) at isisd/isis_spf.c:1330
> #4 0x0000560aa811419d in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1429
> #5 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1ff8e0, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #6 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> (...)
> #65507 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1ff8e0, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65508 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65509 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1ff8e0, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65510 0x0000560aa81141fe in spf_adj_list_parse_lsp (spftree=0x560aaa1f09d0, adj_list=0x560aaa214480, lsp=0x560aaa1f4e50, pseudo_nodeid=0x0, pseudo_metric=0) at isisd/isis_spf.c:1442
> #65511 0x0000560aa8114313 in isis_spf_build_adj_list (spftree=0x560aaa1f09d0, lsp=0x560aaa1f4e50) at isisd/isis_spf.c:1455
> #65512 0x0000560aa8114f09 in isis_run_spf (spftree=0x560aaa1f09d0) at isisd/isis_spf.c:1775
> #65513 0x0000560aa8115057 in isis_run_spf_with_protection (area=0x560aaa1ed3b0, spftree=0x560aaa1f09d0) at isisd/isis_spf.c:1801
> #65514 0x0000560aa8115311 in isis_run_spf_cb (thread=0x7fff5f15e5a0) at isisd/isis_spf.c:1859
> #65515 0x00007f90bac66dcc in thread_call (thread=0x7fff5f15e5a0) at lib/thread.c:2002
> #65516 0x00007f90bac013ee in frr_run (master=0x560aa9f5cb40) at lib/libfrr.c:1196
> #65517 0x0000560aa80e7da2 in main (argc=2, argv=0x7fff5f15e7b8, envp=0x7fff5f15e7d0) at isisd/isis_main.c:273
The fix is similar to the crash fix included in d9884a758c
("isisd: Prepare IS-IS for Link State support"). The fix was:
> diff --git a/isisd/isis_lsp.c b/isisd/isis_lsp.c
> index 94353a5bc8..92d329f035 100644
> --- a/isisd/isis_lsp.c
> +++ b/isisd/isis_lsp.c
> @@ -2166,7 +2178,7 @@ int isis_lsp_iterate_ip_reach(struct isis_lsp *lsp, int family, uint16_t mtid,
> if (lsp->hdr.seqno == 0 || lsp->hdr.rem_lifetime == 0)
> return LSP_ITER_CONTINUE;
>
> - /* Parse main LSP. */
> + /* Parse LSP */
> if (lsp->tlvs) {
> if (!fabricd && !pseudo_lsp && family == AF_INET
> && mtid == ISIS_MT_IPV4_UNICAST) {
> @@ -2236,13 +2248,17 @@ int isis_lsp_iterate_ip_reach(struct isis_lsp *lsp, int family, uint16_t mtid,
> }
> }
>
> - /* Parse LSP fragments. */
> - for (ALL_LIST_ELEMENTS_RO(lsp->lspu.frags, node, frag)) {
> - if (!frag->tlvs)
> - continue;
> + /* Parse LSP fragments if it is not a fragment itself */
> + if (!LSP_FRAGMENT(lsp->hdr.lsp_id))
> + for (ALL_LIST_ELEMENTS_RO(lsp->lspu.frags, node, frag)) {
> + if (!frag->tlvs)
> + continue;
>
> - isis_lsp_iterate_ip_reach(frag, family, mtid, cb, arg);
> - }
> + if (isis_lsp_iterate_ip_reach(frag, family, mtid, cb,
> + arg)
> + == LSP_ITER_STOP)
> + return LSP_ITER_STOP;
> + }
>
> return LSP_ITER_CONTINUE;
> }
Fixes: 7b36d36e0e ("isisd: make the SPF code more modular") Fixes: 5e56a50559 ("isisd: fix infinite loop when parsing LSPs") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
(cherry picked from commit 8c8a5a02fa66523a96142083575e1eb7b0033667)
Donald Sharp [Tue, 28 Jun 2022 14:26:52 +0000 (10:26 -0400)]
lib: Allow downgrade of all caps when none are specified
Staticd when run tells privs.c that it does not need any
priviledges. The lib/privs.c code was not downgrading
any and all permissions it may have been given at startup.
Since we don't need any let's actually tell the system that
FRR does not need the capabilities anymore in the case
where a daemon does not ask for any cap's.
Sarita Patra [Wed, 29 Jun 2022 13:34:19 +0000 (06:34 -0700)]
pimd: Register stop message sent with mask 32
As per RFC 4601 section 4.9.4, For Register-Stops,
the Mask Len field contains full address length * 8
(e.g. 32 for IPv4 native encoding) (e.g. 128 for IPv6),
if the message is sent for a single group
Donald Sharp [Fri, 17 Jun 2022 15:23:31 +0000 (11:23 -0400)]
zebra: Fix rtadv startup when config read in is before interface up
When a interface is configured with this:
int eva
ipv6 nd ra-interval 5
no ipv6 nd suppress-ra
!
And then subsuquently the interface is created and brought up, FRR
would both error on joining the RA multicast address and never
properly work in this state.
Delay the startup of the join and start of the Router Advertisements
until after the ifindex has actually been found.
Donald Sharp [Sat, 18 Jun 2022 18:37:14 +0000 (14:37 -0400)]
isisd: Fix crash with xfrm interface type
When creating a xfrm interface FRR is crashing when configured
with isis. This is because the weird pattern of not allocating
list's until needed and then allowing the crash when we have
a usage pattern that was not expected. Just always allocate
the different lists that a circuit needs.
Donald Sharp [Fri, 17 Jun 2022 19:40:36 +0000 (15:40 -0400)]
tests: Increase time for zebra_seg6local to look for sharp routes
I have a test failure:
r1.vtysh_cmd(
"sharp install seg6local-routes {} nexthop-seg6local dum0 {} 1".format(
dest, context
)
)
test_func = partial(
check,
r1,
dest,
manifest["out"],
)
success, result = topotest.run_and_expect(test_func, None, count=5, wait=1)
> assert result is None, "Failed"
E AssertionError: Failed
E assert Generated JSON diff error report:
E
E > $: d2 has the following element at index 0 which is not present in d1:
E
E {
E "prefix": "1::1/128",
E "protocol": "sharp",
E "selected": true,...
E
The test output for 1::1/128:
{
"1::1/128":[
{
"prefix":"1::1/128",
"prefixLen":128,
"protocol":"sharp",
"vrfId":0,
"vrfName":"default",
"selected":true,
"destSelected":true,
"distance":150,
"metric":0,
"queued":true,
"table":254,
"internalStatus":8,
Notice that it is still queued after 5 seconds. Under extremely heavy system load
this is not long enough for convergence. Also the zebra.log shows thread starvation
as well as long running tasks
2022/06/17 15:30:02 ZEBRA: [PHJDC-499N2][EC 100663314] STARVATION: task dplane_incoming_request (55b3ce0fea8b) ran for 6369ms (cpu time 0ms)
2022/06/17 15:30:02 ZEBRA: [T83RR-8SM5G] zebra 8.4-dev starting: vty@2601
2022/06/17 15:30:02 ZEBRA: [YZRX4-ZXG0C][EC 100663315] Thread Starvation: {(thread *)0x55b3ce6c15b0 arg=0x0 timer r=-6.375 rib_sweep_route() &zrouter.sweeper from zebra/main.c:447} was scheduled to pop greater than 4s ago
Increasing the time to 25 seconds to give it a chance.
Sarita Patra [Fri, 24 Jun 2022 10:04:37 +0000 (03:04 -0700)]
pimd: fix invalid memory access join_timer_stop
Issue:
==16837== Invalid read of size 8
==16837== at 0x17971C: pim_neighbor_find (pim_neighbor.c:431)
==16837== by 0x186439: join_timer_stop (pim_upstream.c:348)
==16837== by 0x186794: pim_upstream_del (pim_upstream.c:231)
==16837== by 0x189A66: pim_upstream_terminate (pim_upstream.c:1951)
==16837== by 0x17111B: pim_instance_terminate (pim_instance.c:54)
==16837== by 0x17111B: pim_vrf_delete (pim_instance.c:172)
==16837== by 0x4F1D6C8: vrf_delete (vrf.c:264)
==16837== by 0x19006F: pim_terminate (pimd.c:160)
==16837== by 0x1B2E4D: pim_sigterm (pim_signals.c:51)
==16837== by 0x4F08FA2: frr_sigevent_process (sigevent.c:130)
==16837== by 0x4F1A2CC: thread_fetch (thread.c:1771)
==16837== by 0x4ED4F92: frr_run (libfrr.c:1197)
==16837== by 0x15D81A: main (pim_main.c:176)
Root Cause:
In the pim_terminate flow, the interface is deleted
before the pim_interface clean up. Because of this,
the pim_interface is having garbage value.
Fix:
Release the pim interface memory and then delete the
interface.
pimd: Querier to non-querier transition to be ignored
Fixing IGMPv2 ANVL Conformance issue 3.10
As per RFC 2236 section 3, when the leave message is received at a querier,
it starts sending Query messages for "last Member Query Interval*query count"
During this time there should not be any querier to non-querier
transition and the same router needs to send the remaning queries.
Currently the code is handling this scenario only when leave is receive
for a group and the query is received for the same group.
But we need to handle it irrespective of group since the querier
election is based on interface and not group.
Mark Stapp [Fri, 17 Jun 2022 15:47:55 +0000 (11:47 -0400)]
ospf6: permit route delete without nexthops
It's possible for ospf6 to decide to delete a route after it's
removed all of the route's nexthops. It's ok to delete a prefix
alone - be a little more forgiving when preparing a route delete.
Christian Hopps [Fri, 17 Jun 2022 06:04:51 +0000 (02:04 -0400)]
lib: cleanup red-herring memleaks in parent of daemonizing fork
- The parent of the daemonizing fork reports memleaks for the early
northbound allocations (libyang). If these were real memleaks these
would show up in the child as well; however, ignoring all memleaks in
the parent of the fork is too hard a sale. Instead, spend some CPU
cycles cleaning up the allocations in the parent after the fork and
immeidatley prior to exiting the parent after the daemonizing fork.
bgpd: Fix memory leak when setting [l]community at egress
```
==2209758== 7,791,480 (399,840 direct, 7,391,640 indirect) bytes in 9,996 blocks are definitely lost in loss record 102 of 103
==2209758== at 0x4C33B25: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2209758== by 0x4EE264F: qcalloc (memory.c:116)
==2209758== by 0x22E62A: lcommunity_new (bgp_lcommunity.c:42)
==2209758== by 0x22E62A: lcommunity_dup (bgp_lcommunity.c:155)
==2209758== by 0x26F28F: route_set_lcommunity (bgp_routemap.c:2382)
==2209758== by 0x4EFF7EF: route_map_apply_ext (routemap.c:2663)
==2209758== by 0x250B3D: subgroup_announce_check (bgp_route.c:2202)
==2209758== by 0x27A195: subgroup_announce_table (bgp_updgrp_adv.c:690)
==2209758== by 0x27A509: subgroup_coalesce_timer (bgp_updgrp_adv.c:332)
==2209758== by 0x4F1C3FC: thread_call (thread.c:2002)
==2209758== by 0x4ED6D67: frr_run (libfrr.c:1196)
==2209758== by 0x1E921B: main (bgp_main.c:519)
```
To reproduce it's enough to have something like applied at egress:
On the other side doing:
```
spine1-debian-11# sharp install routes 100.100.100.1 nexthop 192.168.10.65 30
spine1-debian-11# sharp remove routes 100.100.100.1 30
spine1-debian-11# sharp install routes 100.100.100.1 nexthop 192.168.10.65 30
```
Before:
```
Large Community : 66 40 2816 66 2816
Large Community value : 66 variable 29728 66 29728
Large Community : 96 40 4096 96 4096
Large Community value : 96 variable 52048 96 52048
```
After:
```
Large Community : 28 40 1152 29 1192
Large Community value : 28 variable 1456 29 2200
Large Community : 28 40 1152 29 1192
Large Community value : 28 variable 1456 29 2200
```
bgpd: Withdraw implicitly old paths from VRFs when import/export list changes
If we overwrite import/export RT list via route-maps or even flush by using
`set extcommunity none`, then we must withdraw old paths from VRFs to avoid
stale paths.
lib: Update sysrepo code with the latest API changes
* sr_event_notif_send -> sr_notif_send
* sr_process_events -> sr_subscription_process_events
* sr_oper_get_items_subscribe -> sr_oper_get_subscribe
* Removed SR_SUBSCR_CTX_REUSE flag from the code at all
Donald Sharp [Wed, 8 Jun 2022 13:01:31 +0000 (09:01 -0400)]
babeld: Ignore sub-tlv's with mandatory bit set
RFC 8966 4.4
If the mandatory bit is set, then the
whole enclosing TLV MUST be silently ignored (except for updating the
parser state by a Router-Id, Next Hop, or Update TLV, as described in
the next section).
Donald Sharp [Wed, 8 Jun 2022 12:41:05 +0000 (08:41 -0400)]
babeld: Update to ignore unicast hellos
RFC 8966 requires a bit of work to make FRR forward compabitble with
it for the moment.
tl;dr -> Flags of hellos should be 0 except the main bit and
The Unicast Hello bit if set should cause the packet to be ignored.
Additionally FRR needs to ignore Hello packets with the interval field
set to 0.
Donald Sharp [Wed, 8 Jun 2022 20:51:48 +0000 (16:51 -0400)]
pimd: Fix pim_channel_oil_empty tests
The pim_channel_oil_empty() function was setting
the pimreg if it ever existed for NULL comparison
but of course the pimreg device is never pulled back
out again when it was needed to be when the pimreg
is not present.
Donald Sharp [Thu, 9 Jun 2022 14:29:04 +0000 (10:29 -0400)]
pimd: Show interface traffic even if interface is currently `down`
the `show ip pim interface [x] traffic` command was deciding
to skip display of interfaces if they happened to be down at
that moment. This of course does not make a bunch of sense
to limit the output for a interface that may have sent data
in the past.
This fixes this test crash:
rnode = <lib.topogen.TopoRouter object at 0x7fc755be3880>, dut = 'c1', input_dict = {'c1': {'c1-l1-eth2': ['helloTx', 'helloRx']}}, output_dict = {'c1': {}}
Donald Sharp [Wed, 8 Jun 2022 15:33:32 +0000 (11:33 -0400)]
pimd: pim_addr_cmp returns 0 for same not -1 or 1
The test for setting pimDesignatedRouterLocal was comparing
the result of pim_addr_cmp to non zero to say that the
pim_dr_addr and primary_address are the same. This is
not correct in that pim_addr_cmp returns 0 for being the
same, so the correct test is !pim_addr_cmp
pimd: Handle receive of (*,G) register stop with src addr as 0
PIM conformance test case 11.12 sends a register stop msg with
source address as 0. This should trigger a register stop for
all the upstreams. It is not happening as such because we are not
considering 0.0.0.0 source address for starg_handling.
Christian Hopps [Sat, 8 Jan 2022 21:57:10 +0000 (16:57 -0500)]
ospfd: api: fix recovery of LSA after restart of api client
Prior to this fix, restarting the client just failed b/c the code tried to
"refresh" the existing LSA being added, except that code checked for meta-data
to exist, which was deleted when the client disconnected previously (or had
never connected and the LSA state was picked up from the network).
Christian Hopps [Wed, 1 Jun 2022 19:25:35 +0000 (15:25 -0400)]
ospfd: api: add reachable router notifications
Reachable router information is used by OSPF opaque clients in order
to determine if the router advertising the opaque LSA data is
reachable (i.e., 2-way conectivity check).
Christian Hopps [Sat, 15 Jan 2022 11:13:43 +0000 (06:13 -0500)]
ospfd: add all_rtrs route table when opaque enabled
The reachable router table is used by OSPF opaque clients in order to
determine if the router advertising the opaque LSA data is
reachable (i.e., 2-way conectivity check).
isisd: replace ipv4-unicast with standard in config and oper contexts
Only the multi-topology command can use 'ipv4-unicast' keyword to
configure standard topology.
The remaining code: dump from show commands, and yang definition,
uses 'standard' keyword instead.
The test have not been modified. The change would consists in
modifying test_fuzz_isis_tlv_tests.h.gz:
- replacing ipv4-unicast occurences with standard
\x69\x70\x76\x34\x2d\x75\x6e\x69\x63\x61\x73\x74
with
\x73\x74\x61\x6e\x64\x61\x72\x64
- align the buffer length by removing 4 bytes per occurence
Instead, a specific isis_mtid2str_fake() routing has been
put in place in isis_tlvs.c file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
David Lamparter [Wed, 1 Jun 2022 15:10:11 +0000 (17:10 +0200)]
ospf6d: fix rx/tx buffer sizes
OSPFv3 packets can be fragmented and up to 64k long, regardless of
interface MTU. Trying to size these buffers to MTU is just plain wrong.
To not make this a super intrusive change during the 8.3 release freeze,
just code this into ospf6_iobuf_size().
Since the buffer is now always 64k, don't waste time zeroing the entire
thing in receive; instead just zero kind of a "sled" of 128 bytes after
the buffer as a security precaution.
Fixes: #11298 Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
projects / mirror / frr.git / log