For multicast pimv6 join and traffic, socat is
used, which was not cleaned up post tests executions,
enhanced kill_socat() API to kill socat join and
traffic specific PIDs during teardown module.
Trey Aspelund [Fri, 31 Mar 2023 21:46:21 +0000 (17:46 -0400)]
bgpd: fix ecommunity parsing for AS4
The parser for extended communities was incorrectly disallowing an
operator from configuring "Route Origin" extended communities
(e.g. RD/RT/SoO) with a 4-byte value matching BGP_AS4_MAX (UINT32_MAX)
and allowed the user to overflow UINT32_MAX. This updates the parser to
read the value as a uint64_t so that we can do proper checks on the
upper bounds (> BGP_AS4_MAX || errno).
before:
```
TORC11(config-router-af)# neighbor uplink-1 soo 4294967296:65
TORC11(config-router-af)# do sh run | include soo
neighbor uplink-1 soo 0:65
TORC11(config-router-af)# neighbor uplink-1 soo 4294967295:65
% Malformed SoO extended community
TORC11(config-router-af)#
```
after:
```
TORC11(config-router-af)# neighbor uplink-1 soo 4294967296:65
% Malformed SoO extended community
TORC11(config-router-af)# neighbor uplink-1 soo 4294967295:65
TORC11(config-router-af)# do sh run | include soo
neighbor uplink-1 soo 4294967295:65
TORC11(config-router-af)#
```
Currently the process of the `route-map` configuration for `per-vrf-rip`
is wrong.
There are two problems:
1. `ctx->name` for `if_rmap_ctx` is not initialized in `if_rmap_ctx_create()`.
2. The global `if_rmap_ctx_list` is wrongly used for `per-vrf-rip`.
So, two changes for it:
1. Correctly initializes `ctx->name`.
2. Use specific `if_rmap_ctx` for `per-vrf-rip`, not global one.
Note, this related implementation for `route-map` is only for `ripd`.
Before:
```
anlan(config)# route rip vrf vrf1
anlan(config-router)# route-map aa in lan
anlan(config-router)# do show run
!
router rip
route-map aa in lan
exit
!
```
After:
```
anlan(config)# route rip vrf vrf1
anlan(config-router)# route-map aa in lan
anlan(config-router)# do show run
!
router rip vrf vrf1
route-map aa in lan
exit
!
```
ospf neighbor DR and BDR router-id wrongly displays with interface
ip-address instead of router-id.
It is fixed to display the correct DR & BDR router-id for
JSON and CLI commands.
Commands:
```
show ip ospf vrf <vrf-name> neighbor detail json
show ip ospf vrf <vrf-name> neighbor detail
```
Before Fix:-
```
r1# show ip ospf vrf default neighbor swp1 detail
Neighbor 0.0.0.17, interface address 11.0.0.1
In the area 0.0.0.0 via interface swp1 local interface IP 11.0.0.2
Neighbor priority is 1, State is Full, Role is DR, 6 state changes
Most recent state change statistics:
Progressive change 1d15h05m ago
DR is 11.0.0.1, BDR is 11.0.0.2 ======> DR and BDR shows the intef &
local intf ipaddress
Options 2 *|-|-|-|-|-|E|-
Dead timer due in 35.178s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
r1#
r1# show ip ospf vrf default neighbor swp1 detail json
{
"0.0.0.17":[
{
"ifaceAddress":"11.0.0.1",
"areaId":"0.0.0.0",
"ifaceName":"swp1",
"localIfaceAddress":"11.0.0.2",
"nbrPriority":1,
"nbrState":"Full",
"role":"DR",
"stateChangeCounter":6,
"lastPrgrsvChangeMsec":141141533,
"routerDesignatedId":"11.0.0.1", =============> interface ip
instead of DR rotuer-id
"routerDesignatedBackupId":"11.0.0.2", =======> lo-interface ip
instead of BDR rotuer-id
"optionsCounter":2,
"optionsList":"*|-|-|-|-|-|E|-",
"routerDeadIntervalTimerDueMsec":32272,
"databaseSummaryListCounter":0,
"linkStateRequestListCounter":0,
"linkStateRetransmissionListCounter":0,
"threadInactivityTimer":"on",
"threadLinkStateRequestRetransmission":"on",
"threadLinkStateUpdateRetransmission":"on"
}
]
}
r1#
```
r1# show ip ospf vrf default neighbor swp1 detail
Neighbor 0.0.0.17, interface address 11.0.0.1
In the area 0.0.0.0 via interface swp1 local interface IP 11.0.0.2
Neighbor priority is 1, State is Full, Role is DR, 6 state changes
Most recent state change statistics:
Progressive change 1h18m11s ago
DR is 0.0.0.17, BDR is 0.0.0.12 =======> correct DR and BDR
router-id
Options 2 *|-|-|-|-|-|E|-
Dead timer due in 38.339s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
r1#
r1# show ip ospf vrf default neighbor swp
swp1 swp2 swp3 swp4
r1# show ip ospf vrf default neighbor swp2 detail
Neighbor 0.0.0.13, interface address 11.0.2.2
In the area 0.0.0.0 via interface swp2 local interface IP 11.0.2.1
Neighbor priority is 1, State is Full, Role is DR, 6 state changes
Most recent state change statistics:
Progressive change 12m02s ago
DR is 0.0.0.13, BDR is 0.0.0.12 =======> correct DR and BDR
router-id
Options 2 *|-|-|-|-|-|E|-
Dead timer due in 37.136s
Database Summary List 0
Link State Request List 0
Link State Retransmission List 0
Thread Inactivity Timer on
Thread Database Description Retransmision off
Thread Link State Request Retransmission on
Thread Link State Update Retransmission on
Trey Aspelund [Fri, 31 Mar 2023 22:34:48 +0000 (22:34 +0000)]
bgpd: add comments for 'json detail' show cmd code
The json structure changes used for 'json detail' show commands are not
very straightforward and might require code analysis to understand.
This addscommentary to the flow to explain the change in structure.
Renato Westphal [Wed, 8 Mar 2023 00:13:53 +0000 (21:13 -0300)]
ospfd: add support for NSSA Type-7 address ranges
Implement NSSA address ranges as specified by RFC 3101:
NSSA border routers may be configured with Type-7 address ranges.
Each Type-7 address range is defined as an [address,mask] pair. Many
separate Type-7 networks may fall into a single Type-7 address range,
just as a subnetted network is composed of many separate subnets.
NSSA border routers may aggregate Type-7 routes by advertising a
single Type-5 LSA for each Type-7 address range. The Type-5 LSA
resulting from a Type-7 address range match will be distributed to
all Type-5 capable areas.
Syntax:
area A.B.C.D nssa range A.B.C.D/M [<not-advertise|cost (0-16777215)>]
Example:
router ospf
router-id 1.1.1.1
area 1 nssa
area 1 nssa range 172.16.0.0/16
area 1 nssa range 10.1.0.0/16
!
Since regular area ranges and NSSA ranges have a lot in common,
this commit reuses the existing infrastructure for area ranges as
much as possible to avoid code duplication.
Renato Westphal [Wed, 8 Mar 2023 00:13:53 +0000 (21:13 -0300)]
ospfd: refactor range commands
* Update the "range" helpers to accept an area pointer instead of
an area ID;
* Always call ospf_area_display_format_set() after every "range"
command to ensure consistency.
Renato Westphal [Wed, 8 Mar 2023 00:13:53 +0000 (21:13 -0300)]
ospfd: implement Type-7 default routes for NSSA areas
Add the "default-information-originate" option to the "area X nssa"
command. That option allows the origination of Type-7 default routes
on NSSA ABRs and ASBRs.
Christian Hopps [Tue, 28 Mar 2023 17:08:01 +0000 (13:08 -0400)]
mgmtd: remove startup config feature for now
The startup config and how it interacts with explicit commits,
commit databases and implicit commits needs to be worked out
in design first. For now remove the offending code.
Olivier Dugeon [Thu, 30 Mar 2023 15:53:33 +0000 (17:53 +0200)]
isisd: Correction of subnets creation in the TED
Subnets may be incorrectly created in the IS-IS Traffic Engineering Database
(TED). Indeed, to be usable, the subnets advertised by IS-IS peers must be
adjusted to avoid misinterpretation. For example, consider R1 which is
connected to R2 with IP addresses 10.0.0.1/24 (R1) and 10.0.0.2/24 (R2).
R1 and R2 will advertize the prefix 10.0.0.0/24. By leaving the subnet with the
prefix 10.0.0.0/24 in the TED, it is not possible to determine whether
10.0.0.1 is attached to R1 or R2 or whether 10.0.0.3 exists.
So to avoid this, the subnet prefixes are adjusted with the IP addresses of the
local interface. But IS-IS can start to advertise the subnet when not all
adjacencies are up, especially when IPv4 and IPv6 are configured on the same
interface. This results in an uncorrected prefix, e.g. 10.0.0.0/24, remaining
in the TED when it should be removed.
This problem affects some isis-related tests such as the CSPF test.
This patch fixes this bug by removing the uncorrected prefix before adding the
the corrected version.
rbarroetavena [Thu, 23 Mar 2023 19:19:48 +0000 (16:19 -0300)]
bgpd: Trim long neighbor description with no whitespace
Fix for missing neighbor description in "show bgp summary [wide]"
when its length exceeds 20[64] chars and it doesn't contain
withespaces.
Existing behavior remains if description contains whitespaces
before size limit.
Donatas Abraitis [Thu, 30 Mar 2023 13:50:15 +0000 (16:50 +0300)]
tests: Check received routes count for labeled-unicast with addpath
Test failed time to time, let's try this way:
```
$ for x in $(seq 1 20); do cp test_bgp_labeled_unicast_addpath.py test_$x.py; done
$ sudo pytest -s -n 20
```
Ran 10 times using this pattern, no failure :shrug:
Before this change, we checked advertised routes, and at some point `=` was
missing from the output, but advertised correctly. Receiving router gets as
much routes as expected to receive.
I reversed checking received routes, not advertised.
Donald Sharp [Wed, 29 Mar 2023 19:27:09 +0000 (15:27 -0400)]
zebra: Ensure gr events run after Meta Queue has run
BGP signals to zebra that a afi has converged immediately
after it has finished processing all routes for a given
afi/safi. This generates events in zebra in this order
a) Routes received from BGP, placed on early-rib Meta-Q
b) Signal GR for the afi.
Now imagine that zebra reads GR code and immediately
processes routes that are in the actual rib and
removes some routes. This generates a
c) route deletion to the kernel for some number of
routes that may be in the the early-rib Meta-Q
d) Process the Meta-Q, and re-install the routes
This is undesirable behavior in zebra. In that
while we may end up in a correct state, there
will be a blip for some number of routes that
happen to be in the early rib Meta-Q.
Modify the GR code to have it's own processing
entry at the end of the Meta-Q. This will
allow all routes to be processed and ready
for handling by the Graceful Restart code.
Donald Sharp [Tue, 28 Mar 2023 20:33:07 +0000 (16:33 -0400)]
zebra: Allow GR to run per AFI as they are reported
The GR code in FRR used to wait till all AFI's were complete
before cleaning up the routes from the upper level protocol.
This of course can lead to some weird situations where say
ipv4 finishes and then v6 is stuck waiting for a peer to come
up and never finishes. v4 when it finishes signals zebra that
it is done but no action is taken at that moment.
Modify the code to allow the zebra_gr.c code to handle a per
afi removal, instead of doing it all at the end.
Donald Sharp [Fri, 24 Mar 2023 19:58:41 +0000 (15:58 -0400)]
zebra: Rearrange zebra_gr zapi functions
The zebra_gr code had 3 functions when effectively only
1 was needed. Cleans up some code weirdness around
multiple switch statements for the same api->cap
as well as consolidating down to only caring about
SAFI_UNICAST, since that is all we care about at the
moment.
Donald Sharp [Tue, 6 Dec 2022 15:23:11 +0000 (10:23 -0500)]
bgpd: Ensure stream received has enough data
BGP_PREFIX_SID_SRV6_L3_SERVICE attributes must not
fully trust the length value specified in the nlri.
Always ensure that the amount of data we need to read
can be fullfilled.
Reported-by: Iggy Frankovic <iggyfran@amazon.com> Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Donald Sharp [Fri, 24 Mar 2023 18:29:26 +0000 (14:29 -0400)]
zebra: GR code could potentially stop running
When GR is running and attempting to clear up a node
if the node that is currently saved and we are coming
back to happens to be deleted during the time zebra
suspends the GR code due to hitting the node limit
then zebra GR code will just completely stop processing
and potentially leave stale nodes around forever.
Let's just remove this hole and process what we can.
Can you imagine trying to debug this after the fact?
If we remove a node then that counts toward the maximum
to process of ZEBRA_MAX_STALE_ROUTE_COUNT. This should
prevent any non-processing with a slightly larger cost
of having to look at a few nodes repeatedly
Donald Sharp [Fri, 24 Mar 2023 18:16:49 +0000 (14:16 -0400)]
zebra: Just set the variable for what is wanted in GR code
The info->do_delete variable was being set to true only when
u.val was 1. The problem with this is that u.val is a union
and the various ways that we can call this event causes
different values to be written to the union value on the thread.
This makes no sense. Just set the variable to what we want it to
be when we need it to be true. Since it was only ever set during
a thread_execute section.
Isabella de Leon [Tue, 28 Mar 2023 23:18:59 +0000 (16:18 -0700)]
isisd: Add PDU drop counter to "show isis summary"
Adding a new drop counters section to "show isis summary".
New output:
Drop counters per PDU type:
P2P IIH: <count>
L2 LSP: <count>
L2 CSNP: <count>
L2 PSNP: <count>
...
Before:
r1# show isis summary
vrf : default
Process Id : 972
System Id : 0000.0000.0001
Up time : 00:00:48 ago
Number of areas : 1
Area TE:
Net: 49.0000.0000.0000.0001.00
TX counters per PDU type:
P2P IIH: 36
L2 LSP: 8
L2 CSNP: 12
L2 PSNP: 11
RX counters per PDU type:
P2P IIH: 37
L2 LSP: 17
L2 CSNP: 12
L2 PSNP: 6
Advertise high metrics: Disabled
...
After:
r1# show isis summary
vrf : default
Process Id : 972
System Id : 0000.0000.0001
Up time : 00:00:19 ago
Number of areas : 1
Area TE:
Net: 49.0000.0000.0000.0001.00
TX counters per PDU type:
P2P IIH: 16
L2 LSP: 2
L2 CSNP: 4
L2 PSNP: 6
LSP RXMT: 0
RX counters per PDU type:
P2P IIH: 16
L2 LSP: 5
L2 CSNP: 4
L2 PSNP: 2
Drop counters per PDU type:
P2P IIH: 2
Advertise high metrics: Disabled
...
Signed-off-by: Isabella de Leon <ideleon@microsoft.com>
Donatas Abraitis [Tue, 28 Mar 2023 13:18:47 +0000 (16:18 +0300)]
bgpd: Do not announce routes immediatelly on filter updates
If we set `bgp route-map delay-timer X`, we should ignore starting to announce
routes immediately, and wait for delay timer to expire (or ignore at all if set
to zero).
projects / mirror / frr.git / log