Stephen Worley [Mon, 23 Jul 2018 22:33:53 +0000 (18:33 -0400)]
zebra: Add check for nexthop loop to prevent hanging
Bad nexthop messages from netlink were causing zebra
to hang here. Added a check to verify the length
of the nexthop so it doesn't keep trying to read.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Christian Franke [Tue, 17 Jul 2018 19:14:54 +0000 (15:14 -0400)]
isisd: don't crash when isis_sock_init fails
When isis_sock_init fails in isis_circuit_up, isis_circuit_down would
be called to cancel timers which were scheduled. However
isis_circuit_down would immediately return, since the state had not been
changed to 'UP' yet.
Fix this by having isis_circuit_down always cancel all the timers.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Philippe Guibert [Wed, 18 Jul 2018 15:58:45 +0000 (17:58 +0200)]
zebra: sometimes, it is not possible to assign a NSID to a vrf
This test case happens in scenarios with mininet, where external netns
may be impossible for the local instance to be modified. The error is
ignored and the netns parsed is ignored too.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
doc: Update rpki.rst for how-to enable rpki module
It has not been properly documented yet how to enable the RPKI module with BGP when having installed FRR with RPKI support. This PR seeks to add a section to the user documentation about this. So users will not have to resolve to searching the internet and looking through the FROG mailing list threads for answers.
It was reported that "show ipv6 route vrf <vrfname>", "show ipv6 route
vrf <vrfname> ::/0 " or "show ipv6 route vrf <vrfname> json" all
displayed that the nexthop was in the default vrf. This was because
the kernel netlink messages would supply the RTA_OIF of the loopback
interface for the kernel-created default route for the vrf, where ipv4
did not supply any RTA_OIF. This fix suppresses the display if the
nexthop and route entry are in different vrfs and the nexthop is
NEXTHOP_TYPE_BLACKHOLE.
Ticket: CM-21722 Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Donald Sharp [Fri, 29 Jun 2018 13:49:08 +0000 (09:49 -0400)]
zebra: Remove need for ACK for netlink messages
Kernel requests via netlink are synchronous.
Therefore we do not need to specify a need for a ACK and
we can make the netlink_cmd NONBLOCKING
1) If the netlink message is going to cause an error
we will still get one. Since results from the kernel
are synchronous we will get the error message on the
netlink_cmd socket and handle it
2) If the netlink message is going to send more than
one packet we will still get them all. Since the results
from the kernel are synchronous we will receive all data.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Mark Stapp [Thu, 12 Jul 2018 13:51:52 +0000 (09:51 -0400)]
tests: align with srcdest lib changes, remove bgp binary
Align the srcdest table test with recent api changes that use
'const' more strictly. Remove test_bgp_table binary - looks
as if it was committed by mistake.
Quentin Young [Tue, 10 Jul 2018 19:38:11 +0000 (19:38 +0000)]
doc: cleanup maintainer release document
* Sphinx numbered lists use 1. not 1)
* Indents are three spaces
* Blocks under lists should be indented along with the rest of the list
content
* Sphinx converts :: to : when used as a code block marker
* Apply some preformatted markup to things that should be preformatted
* Remove trailing whitespace
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
zebra: mpls entry interface lookup adaptation for vrf backend
The search algorithm for interface based on ifindex only is adapted to
vrf netns based too. Only the default netns will be used to search the
interface index.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: pbr rule lookup index adaptation for vrf netns
the interface lookup based on ifindex in the case the target vrf is
unknown is using the generic vrf api. Like that, in the case of vrf
based netns, the search across different netns other than the default
one are not searched.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: upon RTM_NEWROUTE/DELROUTE, find appropriate interface
The interface lookup algorithm is different according to if we are on
netns vrf or not. If we are on the former case, then we only have to
parse the interfaces of the netns, while if we are on the other case, we
have to parse all the interfaces of all the vrfs ( since index is not
overlapping in the latter case).
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
SVI interface ip/hw address is advertised by the GW VTEP (say TORC11) with
the default-GW community. And the rxing VTEP (say TORC21) installs the GW
MAC as a dynamic FDB entry. The problem with this is a rogue packet from a
server with the GW MAC as source can cause a station move resulting in
TORC21 hijacking the GW MAC address and blackholing all inter rack traffic.
Fix is to make the GW MAC "sticky" pinning it to the GW VTEP (TORC11). This
commit does it by installing the FDB entry as static if the MACIP route is
received with the default-GW community (mimics handling of
mac-mobility-with-sticky community)
Sample output with from TORC12 with TORC11 setup as gateway -
root@TORC21:~# net show evpn mac vni 1004 mac 00:00:5e:00:01:01
MAC: 00:00:5e:00:01:01
Remote VTEP: 36.0.0.11 Remote-gateway Mac
Neighbors:
45.0.4.1
fe80::200:5eff:fe00:101
2001:fee1:0:4::1
root@TORC21:~# bridge fdb show |grep 00:00:5e:00:01:01|grep 1004
00:00:5e:00:01:01 dev vx-1004 vlan 1004 master bridge static
00:00:5e:00:01:01 dev vx-1004 dst 36.0.0.11 self static
root@TORC21:~#
This commit removes various parts of the bgpd implementation code which
are unused/useless, e.g. unused functions, unused variable
initializations, unused structs, ...
Donald Sharp [Sat, 7 Jul 2018 13:52:28 +0000 (09:52 -0400)]
pimd: Remove duplicate parameter to functions
Both pim_ecmp_nexthop_lookup and pim_ecmp_fib_lookup_if_vif_index
pass the address in 2 times. Make function calls consistent
and just pass in the src once.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Sat, 7 Jul 2018 12:43:27 +0000 (08:43 -0400)]
pimd: Refactor function to use pim_ecmp_nexthop_lookup
The pim_ecmp_fib_looikup_if_vif_index does practically
the same work as pim_ecmp_nexthop_lookup, refactor to
use that function so that we do not have more code
that must parse the results from zclient_lookup_nexthop.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 6 Jul 2018 13:03:23 +0000 (09:03 -0400)]
pimd: Figure neighbors -vs- paths when doing RPF
When we are looking up a RPF with a ecmp path, there
are situations where we are failing to find a path change
because we were not considering the actual number of neighbors
we have available to us at the start of the loop.
Example:
Suppose 2 way ecmp with a neighbor on each path. We have
multiple upstreams that are strewn across both paths.
If we loose a pim neighbor on one of the paths we would
initiate a rescan of the upstreams. If the neighbor
we lost happened to be the last ecmp path we rescanned
we would not successfully find a new path and leave
the upstream stranded.
This code change looks at the number of available neighbors
that we have -vs- the number of paths we have and chooses
the smaller of the two for figuring out what to do.
There probably exist other failure scenarios as well that
I am missing here and quite frankly the current code muddies
the water between a RPF lookup failure -vs- a RPF lookup succeeded
and there are no paths. Further work is needed here imo.
Additionally this idea of a pim_ecmp_nexthop_lookup and
pim_ecmp_nexthop_search is bogus. They are the same function and
should be merged at some point in time.
Ticket: CM-21599 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The current behavior of the `bgp default shutdown` command is to set the
state of all newly configured peers to shutdown. This leads to a problem
when restarting bgpd, because all peers will then be seen as newly
configured, which leads to all peers being set to shutdown after each
restart.
This behavior is undesired and not common when comparing the
implementation against other vendors. This commit moves the `bgp default
shutdown` configuration underneath the peer-group and peer
configuration, to ensure that existing peers will not be set to shutdown
after a daemon restart.
projects / mirror / frr.git / log