bgpd: changes for crash seen in BGP on "no rt vpn" bug Id 2667
There is a default BGP VPN and BGP VRF instance in L3VPN configuration.
The routes are imported and exported between BGP VPN and BGP VRF.
Suppose there is one route in BGP VRF and exported to BGP VPN.
In BGP VPN there is bgp_info struct with bgp_info_extra struct has parent pointer pointing to the bgp_info of BGP VRF.
We take the lock for bgp_node and bgp_info of BGP VRF in the context of BGP VPN.
bgp_info has a back pointer to bgp_node via net.
Now when we have done "no rd vpn" in BGP VRF then in bgp_info_extra_free we have to free the parent resources.
In this context only unlocking is required. It should not set the BGP VRF (bgp_info->net) to NULL.
Chirag Shah [Sat, 21 Jul 2018 18:08:51 +0000 (11:08 -0700)]
bgpd: Add evpn prefix to debug bgp updates prefix
Adding EVPN prefix of Type 2, 3 and 5 routes to bgp updates
prefix filters.
Ticket:CM-14476
Testing Done:
Configure multiple evpn options under 'debug bgp updates prefix'.
Below is the running-config output.
MAC-IP route with just MAC:
debug bgp updates prefix l2vpn evpn type macip mac
00:02:00:0a:0a:0a
MAC-IP route with MAC and IP:
debug bgp updates prefix l2vpn evpn type macip mac
00:02:00:00:00:0c ip 45.0.1.9
MAC-IP route with just MAC and IPv6:
debug bgp updates prefix l2vpn evpn type
macip mac 00:02:00:00:00:0a ip 2001:fee1:0:1::8
Type-3:
debug bgp updates prefix l2vpn evpn type multicast ip 27.0.1.19
Type-5:
debug bgp updates prefix l2vpn evpn type prefix
ip 2060:1:1:1::/64
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Stephen Worley [Mon, 23 Jul 2018 22:33:53 +0000 (18:33 -0400)]
zebra: Add check for nexthop loop to prevent hanging
Bad nexthop messages from netlink were causing zebra
to hang here. Added a check to verify the length
of the nexthop so it doesn't keep trying to read.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Christian Franke [Tue, 17 Jul 2018 19:14:54 +0000 (15:14 -0400)]
isisd: don't crash when isis_sock_init fails
When isis_sock_init fails in isis_circuit_up, isis_circuit_down would
be called to cancel timers which were scheduled. However
isis_circuit_down would immediately return, since the state had not been
changed to 'UP' yet.
Fix this by having isis_circuit_down always cancel all the timers.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Philippe Guibert [Wed, 18 Jul 2018 15:58:45 +0000 (17:58 +0200)]
zebra: sometimes, it is not possible to assign a NSID to a vrf
This test case happens in scenarios with mininet, where external netns
may be impossible for the local instance to be modified. The error is
ignored and the netns parsed is ignored too.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Ticket:CM-21712, CM-21711
Reviewed By:
Testing Done:
Configure Local vni enabled L3 Gateway, which would act as router,
checked
show evpn arp-cache vni x ip <ip of svi> on originated and remote VTEPs.
"Router" flag is set.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
doc: Update rpki.rst for how-to enable rpki module
It has not been properly documented yet how to enable the RPKI module with BGP when having installed FRR with RPKI support. This PR seeks to add a section to the user documentation about this. So users will not have to resolve to searching the internet and looking through the FROG mailing list threads for answers.
It was reported that "show ipv6 route vrf <vrfname>", "show ipv6 route
vrf <vrfname> ::/0 " or "show ipv6 route vrf <vrfname> json" all
displayed that the nexthop was in the default vrf. This was because
the kernel netlink messages would supply the RTA_OIF of the loopback
interface for the kernel-created default route for the vrf, where ipv4
did not supply any RTA_OIF. This fix suppresses the display if the
nexthop and route entry are in different vrfs and the nexthop is
NEXTHOP_TYPE_BLACKHOLE.
Ticket: CM-21722 Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Donald Sharp [Fri, 29 Jun 2018 13:49:08 +0000 (09:49 -0400)]
zebra: Remove need for ACK for netlink messages
Kernel requests via netlink are synchronous.
Therefore we do not need to specify a need for a ACK and
we can make the netlink_cmd NONBLOCKING
1) If the netlink message is going to cause an error
we will still get one. Since results from the kernel
are synchronous we will get the error message on the
netlink_cmd socket and handle it
2) If the netlink message is going to send more than
one packet we will still get them all. Since the results
from the kernel are synchronous we will receive all data.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Mark Stapp [Thu, 12 Jul 2018 13:51:52 +0000 (09:51 -0400)]
tests: align with srcdest lib changes, remove bgp binary
Align the srcdest table test with recent api changes that use
'const' more strictly. Remove test_bgp_table binary - looks
as if it was committed by mistake.
Quentin Young [Tue, 10 Jul 2018 19:38:11 +0000 (19:38 +0000)]
doc: cleanup maintainer release document
* Sphinx numbered lists use 1. not 1)
* Indents are three spaces
* Blocks under lists should be indented along with the rest of the list
content
* Sphinx converts :: to : when used as a code block marker
* Apply some preformatted markup to things that should be preformatted
* Remove trailing whitespace
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
zebra: mpls entry interface lookup adaptation for vrf backend
The search algorithm for interface based on ifindex only is adapted to
vrf netns based too. Only the default netns will be used to search the
interface index.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: pbr rule lookup index adaptation for vrf netns
the interface lookup based on ifindex in the case the target vrf is
unknown is using the generic vrf api. Like that, in the case of vrf
based netns, the search across different netns other than the default
one are not searched.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
zebra: upon RTM_NEWROUTE/DELROUTE, find appropriate interface
The interface lookup algorithm is different according to if we are on
netns vrf or not. If we are on the former case, then we only have to
parse the interfaces of the netns, while if we are on the other case, we
have to parse all the interfaces of all the vrfs ( since index is not
overlapping in the latter case).
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
SVI interface ip/hw address is advertised by the GW VTEP (say TORC11) with
the default-GW community. And the rxing VTEP (say TORC21) installs the GW
MAC as a dynamic FDB entry. The problem with this is a rogue packet from a
server with the GW MAC as source can cause a station move resulting in
TORC21 hijacking the GW MAC address and blackholing all inter rack traffic.
Fix is to make the GW MAC "sticky" pinning it to the GW VTEP (TORC11). This
commit does it by installing the FDB entry as static if the MACIP route is
received with the default-GW community (mimics handling of
mac-mobility-with-sticky community)
Sample output with from TORC12 with TORC11 setup as gateway -
root@TORC21:~# net show evpn mac vni 1004 mac 00:00:5e:00:01:01
MAC: 00:00:5e:00:01:01
Remote VTEP: 36.0.0.11 Remote-gateway Mac
Neighbors:
45.0.4.1
fe80::200:5eff:fe00:101
2001:fee1:0:4::1
root@TORC21:~# bridge fdb show |grep 00:00:5e:00:01:01|grep 1004
00:00:5e:00:01:01 dev vx-1004 vlan 1004 master bridge static
00:00:5e:00:01:01 dev vx-1004 dst 36.0.0.11 self static
root@TORC21:~#
projects / mirror / frr.git / log