donna.cumulusnetworks.com# conf
donna.cumulusnetworks.com(config)# router bgp
donna.cumulusnetworks.com(config-router)# aggregate-address 30.0.5.0 255.255.255.0 summary-only
donna.cumulusnetworks.com(config-router)# do show run
Building configuration...
Don Slice [Tue, 24 Sep 2019 12:02:02 +0000 (05:02 -0700)]
bgpd: stop sending nexthop set by "route-map in" to eBGP peers
Problem reported that when a "neighbor x.x.x.x route-map FOO in"
set a next-hop value, that modified next-hop value was also sent
to eBGP peers. This is incorrect since bgp is expected to set
next-hop to self when sending to eBGP peers unless third party
next-hop on a shared segment is true. This fix modifies the
behavior to stop sending the modified next-hop to eBGP peers
if the route-map was applied inbound on another peer.
Ticket: CM-26025 Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Donald Sharp [Wed, 25 Sep 2019 00:40:08 +0000 (20:40 -0400)]
ospf6d: Prevent use after free
the for (ALL_LSDB...) macro was iterating over lsa,
when lsa had just been freed in these functions.
Remove the macro and make the adjustments saving lsa_next
before the free.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Philippe Guibert [Wed, 25 Sep 2019 06:51:06 +0000 (08:51 +0200)]
zebra: fix memory leak
the if_lookup_by_name_per_ns keeps a lock on the node where the
searched ifp is stored. Then this node can not be freed even if
the ifp is removed from the node. Just add the missing unlock
(as for the if_lookup_by_index_per_ns lookup function)
Fixes: b8af3fbbafc8 ("zebra: fix detection of interface renames") Signed-off-by: Thibaut Collet <thibaut.collet@6wind.com> Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Mark Stapp [Tue, 24 Sep 2019 20:31:12 +0000 (16:31 -0400)]
libs: add yang models for zebra and nexthop
Add a yang model for some of zebra's functionality,
but the model is not integrated into the build at all yet. Also
add a model for nexthop and nexthop-group.
vdhingra [Mon, 19 Aug 2019 07:50:56 +0000 (00:50 -0700)]
bgpd : route agg. with aspath attribute is consuming lot of cycles.
While configuring aggregate route prepare the hash table first,
then prepare the aggregated aspath value just like lcomm,
ecomm and standard community.
vdhingra [Mon, 19 Aug 2019 07:50:15 +0000 (00:50 -0700)]
bgpd : route agg. with ecomm attribute is consuming lot of cycles.
While configuring aggregate route prepare the hash table first,
then prepare the aggregated ecomm value and then do the
unique sort once for ecommunity.
vdhingra [Mon, 19 Aug 2019 07:47:50 +0000 (00:47 -0700)]
bgpd : route agg. with comm attr is consuming lot of cycles.
While configuring aggregate route prepare the hash table
first, then prepare the aggregated standard comm value
and then do the unique sort once for standard community.
vdhingra [Mon, 12 Aug 2019 12:13:14 +0000 (05:13 -0700)]
bgpd : route agg. with lcomm attribute is consuming lot of cycles.
While configuring aggregate route prepare the hash table first,
then prepare the aggregated lcomm value and then do the unique
sort once for large community.
pimd: Mark Default TOS Values for PIM & IGMP Outgoing packets
This will facilitate the Hardware to prefer control packets over
Normal Data packets while queuing, so that during congestion, the
chance of dropping control packet will be minimised.
Signed-off-by: Satheesh Kumar K <sathk@cumulusnetworks.com>
Chirag Shah [Thu, 12 Sep 2019 00:29:04 +0000 (17:29 -0700)]
bgpd: fix advertise-svi-ip upon vni-svi up-down
When a VxLAN interface comes up new vni up event is sent
to bgpd, which triggers bgpd to sync advertise-svi-macip
to zebra. At this point, vni is present but the associated
SVI may not be present.
When SVI comes up, vni add event sent to bgpd (with associated
vrf update). Bgpd already has vni present so
advertise-svi-macip is not synced to Zebra.
To fix,
When advertise-svi-macip flag is synced first time, cache it in
zebra context even though vni associated SVI is not present.
when SVI comes up, interface address add event triggers
new MAC-IP route add to bgpd.
Validated via running a sequence of steps in symmetric
routing topology.
- Enable advertise-svi-macip at l2vni level under bgp default
instance (afi/safi, l2vpn/evpn)
- Flap l2vni associated SVI interface.
- Check the output of 'show bgp l2vpn evpn route' command for
MAC-IP route of the SVI's (MAC and IP address).
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Donald Sharp [Mon, 23 Sep 2019 17:49:11 +0000 (13:49 -0400)]
bgpd: When displaying update group information include coalesce time
Include the coalesce time for the update group `show bgp update-group`
command as well as print out how long the coalesce timer waited
for on the timer pop.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The "abort_if_not_found" parameter of nb_running_get_entry()
should be set to true only when this function is called during the
NB_EV_APPLY phase of a northbound callback. Failure to respect this
can lead to crashes when multiple configuration changes are being
committed at the same time.
The new "event-counters" grouping is almost a 1:1 copy of the same
grouping from the IETF IS-IS module, except for the "lan-dis-changes"
leaf which was skipped (more work needs to be done to support it).
vtysh: add the "show yang operational-data" command
The right way to implement this command in vtysh is the following:
* Send the command to each running FRR daemon;
* Collect the command output from each daemon;
* Parse the text outputs into libyang lyd_node structures. Then merge
all these data trees into a single one. Finally, print the merged
data trees to the standard output (libyang will take care of
combining duplicate nodes as necessary).
What this commit does is to allow vtysh to send the "show yang
operational-data" command to a single daemon only (the last
parameter). It's a quick workaround to allow us to write topotests
using YANG-modeled data until we do the real thing (full vtysh
northbound integration).
isisd, yang: implement read-only list of adjacencies
The new "adjacency-state" grouping is almost a 1:1 copy of the
same grouping from the IETF IS-IS module, except for the "usage"
and "lastuptime" leafs that were skipped (more work needs to be
done to support those).
This command is defined in the lib/northbound_cli.c file, which
is not being parsed by vtysh since most commands from there need
special handling in the context of vtysh. The "debug northbound"
command, however, can be made available to vtysh without problems.
Introduce a new DEFUNSH to do that.
Donald Sharp [Fri, 20 Sep 2019 10:41:02 +0000 (06:41 -0400)]
bgpd: Invalid NH's should send an apropriate reason code
RFC 4271 sec 6.3 p33, In the case of a BGP_NEXTHOP attribute with an
incorrect value, FRR is supposed to send a notification
and include 'Corresponding type, length and value of the NEXT_HOP
attribute in the notification data.
Fixes: #4997 Signed-off-by: Nikos <ntriantafillis@gmail.com> Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
vdhingra [Fri, 23 Aug 2019 12:28:43 +0000 (05:28 -0700)]
Zebra: Rectifying the log messages.
This change addresses the following :
1. Ensures zlog_debug should be under DEBUG macro check
2. Ensures zlog_err and zlog_warn wherever applicable.
3. Removed few posivite logs from fpm handling, whose frequency is high.
lib: add an exception in the northbound for operational data callbacks
During initialization, the northbound detects if any required
callback is missing (fatal error) or if any unneeded callback is
present (warning).
There are three callbacks, however, that should require special
handling: get_next(), get_keys() and lookup_entry().
These callbacks are normally unneeded for configuration lists. But,
if a configuration list is augmented with new state nodes by another
module, then the three callbacks mentioned above become required. In
this case, never log a warning when these callbacks are implemented
when they are not needed, since this depends on context (e.g. some
daemons might augment "frr-interface" while others don't).
Renato Westphal [Tue, 27 Aug 2019 01:31:21 +0000 (22:31 -0300)]
lib: fix ordering issues in the northbound
When a configuration transaction is being performed, the northbound
uses a red-black tree to store the configuration changes that need to
be processed. The problem is that we were sorting the configuration
changes based on their XPaths (and callback priorities). This means
the original order of the changes wasn't being respected, which is
a problem for lists that use the "ordered-by user" statement. To
fix this, add a new "seq" member to the "nb_config_cb" structure
so that we can preserve the order of the configuration changes as
told by libyang.
Since none of the FRR modules use "ordered-by user" lists so far,
no daemon was affected by this problem.
Reported-by: Martin Winter <mwinter@opensourcerouting.org> Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Revert "lib: introduce a read-write lock for northbound configurations"
Adding a lock to protect the global running configuration doesn't
help much since the FRR daemons are not prepared to process
configuration changes in a pthread that is not the main one (a
whole lot of new protections would be necessary to prevent race
conditions).
This means the lock added by commit 83981138 only adds more
complexity for no benefit. Remove it now to simplify the code.
All northbound clients, including the gRPC one, should either run
in the main pthread or use synchronization primitives to process
configuration transactions in the main pthread.
lib: introduce new 'pre_validate' northbound callback
This callback can be used to validate subsections of the
configuration being committed before validating the configuration
changes themselves. It's useful to perform more complex validations
that depend on the relationship between multiple nodes.
Only YANG-level validation (performed by libyang) and the
NB_EV_VALIDATE validation (that can be used to validate individual
configuration changes) proved to be insufficient in some cases.
when a client disconnects, we iterate over the routing table to
remove any label that originated from that client. However we
were erroneously passing the route type to the function, while
it was expecting the lsp type. As a result, for example, killing
ldpd would not remove the ldp labels from the routes.
Kudos to @rwestphal for pointing me to the source of the issue.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Julien Floret [Tue, 6 Aug 2019 09:15:05 +0000 (11:15 +0200)]
zebra: inform upper layer error when reading correct speed interface
speed interface is done 15 seconds after interface creation. during that
time, the vrf or the interface may have disappeared. to protect this,
return an error in case it is not possible to create a vrf socket or it
is not possible to get speed of an interface because of a missing
device.
Signed-off-by: Julien Floret <julien.floret@6wind.com> Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
In preparation to Segment Routing:
- Update the management of Traffic Engineering subTLVs to the new tlvs parser
- Add Router Capability TLV 242 as per RFC 4971 & 7981
- Add Segment Routing subTLVs as per draft-isis-segment-routing-extension-25
Modified files:
- isis_tlvs.h: add new structure to manage TE subTLVs, TLV 242 & SR subTLVs
- isis_tlvs.c: add new functions (pack, copy, free, unpack & print) to process
TE subTLVs, Router Capability TLV and SR subTLVs
- isis_circuit.[c,h] & isis_lsp.[c,h]: update to new subTLVs & TLV processing
- isis_te.[c,h]: remove all old TE structures and managment functions,
and add hook call to set local and remote IP addresses as wellas update TE
parameters
- isis_zebra.[c,h]: add hook call when new interface is up
- isis_mt.[c,h], isis_pdu.c & isis_northbound.c: adjust to new TE subTLVs
- tests/isisd/test_fuzz_isis_tlv_tests.h.gz: adapte fuuz tests to new parser
projects / mirror / frr.git / log