attempted to use sorted master lists to do faster lookups
by using a RB Tree. Unfortunately the original code
was creating a list->cmp function *but* never using it.
If you look at the commit, it clearly shows that the
function listnode_add is used to insert but when you
look at that function it is a tail push.
Fixes: #6573
Namely now this ordering is preserved:
bgp as-path access-list originate-only permit ^$
bgp as-path access-list originate-only deny .*
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
bgpd: Add command to show only established sessions
```
exit1-debian-9# show bgp summary
IPv4 Unicast Summary:
BGP router identifier 192.168.0.1, local AS number 100 vrf-id 0
BGP table version 8
RIB entries 15, using 2880 bytes of memory
Peers 2, using 43 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
192.168.0.2 4 200 10 6 0 0 0 00:00:35 8 8
2a02:4780::2 4 0 0 1 0 0 0 never Active 0
Total number of neighbors 2
exit1-debian-9# show bgp summary established
IPv4 Unicast Summary:
BGP router identifier 192.168.0.1, local AS number 100 vrf-id 0
BGP table version 8
RIB entries 15, using 2880 bytes of memory
Peers 2, using 43 KiB of memory
Total number of neighbors 2
exit1-debian-9# show bgp summary failed
IPv4 Unicast Summary:
BGP router identifier 192.168.0.1, local AS number 100 vrf-id 0
BGP table version 8
RIB entries 15, using 2880 bytes of memory
Peers 2, using 43 KiB of memory
Neighbor EstdCnt DropCnt ResetTime Reason
2a02:4780::2 0 0 never Waiting for peer OPEN
Rafael Zalamena [Mon, 6 Jul 2020 14:39:27 +0000 (11:39 -0300)]
lib: fix route map description memory leak
Route map entries are not getting a chance to call `description` string
deallocation on shutdown or when the parent entry is destroyed, so lets
add a code to handle this in the `route_map_index_delete` function.
Donald Sharp [Tue, 2 Jun 2020 20:10:48 +0000 (16:10 -0400)]
bgpd: Actually find the sequence number for `bgp extcommunity-list...`
The code in the bgp extcommunity-list function was using
argv_find to get the correct idx. The problem was that
we had already done argv_finds before and idx was non-zero
thus having us always set the seq pointer to what was last
looked up. This causes us to pass in a value to the
underlying function and it would just wisely ignore it
causing a seq number of 0.
We would then write this seq number of 0 and then immediately
reject it on read in again. BOO!
Actually handle argv_find the way it was meant to be.
Ticket:CM-29926 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Martin Winter [Tue, 30 Jun 2020 11:08:57 +0000 (13:08 +0200)]
FRRouting Release 7.4
BGPd
Use sequence numbers for community lists
Fixes to nexthop groups
Add feature to limit outgoing number of routes
Per Neighbor Graceful Restart
Multiple Graceful Restart fixes
Support sub-Type-4 and sub-Type-5 for the VPNv4 SRv6 backend
rfc7606 support: treat certain malformed routes as withdraw
allow origin override for route aggregates
rfc6608 support: Subcodes for BGP Finite State Machine Error
rfc7607 support: Codification of AS 0 Processing
rfc6286 support: Autonomous-System-Wide Unique BGP Identifier for BGP-4
Unequal cost multipath (a.ka. weighted ECMP) with BGP link-bandwidth
Enable rfc8212 by default except datacenter profile
staticd
Add debug support
vtysh
Add copy command to copy config from file into running config
LDPd
adding support for LDP ordered label distribution control
ISISd
IS-IS Segment Routing support
SHARPd
add initial support to add/remove lsps
Zebra
fix broadcast address in IPv4 networks with /31 mask
Add Graceful Restart support for Protocol Daemon restarts
lib
migrate route-maps to use northbound interface
plus countless bug fixes and other improvements
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
Donatas Abraitis [Mon, 22 Jun 2020 13:23:24 +0000 (16:23 +0300)]
bgpd: Do not treat the route as martian for static BGP routes
If we have something like:
```
ip route 1.1.1.0/24 Null0
!
router bgp 100
no bgp ebgp-requires-policy
neighbor 192.168.0.2 remote-as 200
!
address-family ipv4 unicast
network 1.1.1.0/24
redistribute connected
exit-address-family
!
line vty
!
```
1.1.1.0/24 is not advertised due to martian nexthop (0.0.0.0). It starts
working only when we use `redistribute static`.
By checking if it's a BGP static route we able to announce
1.1.1.0/24 with `network 1.1.1.0/24` without redistribute even when
`bgp import-check` is enabled.
Disabling `bgp import-check` works as well, but it's enabled by default
since 7.4.
Mark Stapp [Thu, 11 Jun 2020 15:16:02 +0000 (11:16 -0400)]
*: have daemons call frr_fini() at termination
Fix a number of library and daemon issues so that daemons can
call frr_fini() during normal termination. Without this,
temporary logging files are left behind in /var/tmp/frr/.
bgpd: Make sure network/aggregate-address commands lay down under labeled safi
unicast and labeled-unicast share the same table, but configuration should
be visible for both independently. Without this fix it confuses a bit
because when you enter `network 10.0.0.0/24` under labeled-unicast it's
written in unicast family block.
Donatas Abraitis [Mon, 25 May 2020 14:22:37 +0000 (17:22 +0300)]
bgpd: Use IPv6 LL address as nexthop if global was set to ::/LL
This happens between Bird and FRR. Maybe others as well, dunno.
Bird sends ::(fe80::1588) and we have a nexthop as :: which is inaccessible:
```
BGP routing table entry for fdff:b87d:f5b0::/48
Paths: (1 available, no best path)
Not advertised to any peer 4242421588424242254742424226014242423605
:: (inaccessible) from fe80::1588 (172.20.16.140)
(fe80::1588) (used)
Origin IGP, invalid, external
Last update: Mon May 25 14:27:02 2020
```
bgpd: Set a proper SAFI for labaled-unicast when looking for scount
The problem is that peer_af_array returns NULL when SAFI is changed to
unicast. We use unicast table, but peer is created and activated under
labeled-unicast, hence we should lookup with a proper SAFI id.
Without this patch peer_af_find() returns NULL and we can't show
PfxSnt in `show bgp summary`.
Donald Sharp [Thu, 7 May 2020 14:03:31 +0000 (10:03 -0400)]
bgpd: `bgp bestpath bandwidth` should not be a legal command
The `bgp bestpath bandwidth` command should not be a legal
command. Pull out the `no` form to allow this. Allow
`no bgp bestpath bandwidth` to work as we would expect.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 11 May 2020 12:45:11 +0000 (08:45 -0400)]
bgpd: really remove the `no ip as-path...` command
We had already removed the `ip as-path..` command
to have `bgp as-path` but for some reason a `no ip as-path..`
command ALIAS was still around. Kill with extreme prejudice.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Olivier Dugeon [Mon, 4 May 2020 16:26:21 +0000 (18:26 +0200)]
isisd: IS-IS-SR preparation for master 4/5
* Regroup fonctions to install label for Prefix and Adjacency SID
* Change 'replace_semantics' variable name by 'make_before_break' in
sr_prefix_reinstall() function and adjust comments
* Call directly lsp_regenerate_schedule() from isis_nb_config.c when MSD
is updated
Olivier Dugeon [Sun, 3 May 2020 18:01:20 +0000 (20:01 +0200)]
isisd: IS-IS-SR preparation for master 2/5
* Rename functions following rules: isis_sr_XXX is kept for external functions
and isis_sr prefix remove for static ones
* Rename local_label & remote_label variables by input_label & output_label
* Change parameter order (to follow other functions) in sr_node_srgb_update()
* Rename RB-TREE variable from tree_sr_XXX to srdb_XXX
* Replace parse_flags by an enum and rename it srdb_state which reflects
more the role of this flag: determined the state of SR-Node and SR-Prefix
stored in the SRDB: VALIDATED, NEW, MODIFIED, UNCHANGED
David Lamparter [Mon, 11 May 2020 19:37:08 +0000 (21:37 +0200)]
build: use configfile mode in init script
This only applies for split-config; the init script would create an
empty config file with default permissions.
Reported-by: Robert Scheck <robert@fedoraproject.org> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 5c9063771195bb51a8cc1c64f9924e53a0602817)
Donald Sharp [Wed, 6 May 2020 14:13:48 +0000 (10:13 -0400)]
zebra: Loosen ONLINK restrictions a tiny bit
Loosen the ONLINK restrictions such that when an upper
level protocol sends us a nexthop with an ONLINK attribute
just ensure that interface is up and usable. ONLINK effectively
means we know what we are doing to the kernel.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Josh Cox [Tue, 5 May 2020 17:09:14 +0000 (13:09 -0400)]
bgpd: Check to ensure community attributes exist before freeing them
Community attributes might have been removed by an inbound route map, so we
should check to ensure they still exist before trying to free them.
This fixes a segfault described in issue #6345.
David Lamparter [Mon, 4 May 2020 15:30:24 +0000 (17:30 +0200)]
tools: frr-llvm-cg
This dumps call graph data from LLVM bitcode files into a JSON file.
Specifically for FRR, it understands thread_add_*(), hook_*() and
install_element() so it can provide extra information in these cases.
As a general feature, it tries to track down function pointers as far as
easily feasible.
Signed-off-by: David Lamparter <equinox@diac24.net>
Stephen Worley [Fri, 1 May 2020 16:34:43 +0000 (12:34 -0400)]
zebra: force off kernel NHG install with netns VRFs
Force off kernel NHG install with netns-based VRFs for
now. There is not really a good solution for allowing
kernel nexthop groups in namespaced based vrfs.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Donald Sharp [Thu, 30 Apr 2020 15:16:28 +0000 (11:16 -0400)]
bgpd: Ensure that we have a ifp pointer
It is possible that the if_lookup_by_index() call will return
a NULL value and calling zclient_send_interface_radv_req. Just
test that we have a valid interface pointer.
Found by Coverity
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This change modify the way IS-IS is connected to the Label Manager:
- Add emission of Hello Message prior to the connection as per
modification introduced by PR #5925
- Add 'session_id' as per modification introduced by PR #6224
- Add Doxygen documentation to Label Manager functions
Each router has both an IPv4 and an IPv6 loopback address, each of
which has a corresponding Prefix-SID configured.
Basic SR functionality is tested. First, the topotest ensures that
all expected Prefix-SIDs and Adj-SIDs are flooded and installed
correctly in all routers of the network. Later, network failures
are simulated and configuration changes are performed in several
different routers. The topotest then checks if IS-IS has converged
as expected in the network according to the network failures and
configuration changes that happened.
The topotest comprises 11 different steps, each with four individual
tests (for a total of 44 tests). A summary of what each step does
is provided below:
---
STEP 1:
-Initial network convergence
---
Step 2:
Action(s):
-Disable IS-IS on the eth-rt5 interface on rt4
Expected changes:
-rt4 should uninstall the Adj-SIDs pointing to rt5
-rt5 should uninstall the Adj-SIDs pointing to rt4
-rt2 should reinstall rt5's Prefix-SIDs (2 nexthops deleted)
-rt3 should reinstall rt4's Prefix-SIDs (2 nexthops deleted)
-rt4 should reinstall rt3's Prefix-SIDs (1 nexthop deleted)
-rt4 should reinstall rt5's Prefix-SIDs (1 nexthop changed)
-rt5 should reinstall rt2's Prefix-SIDs (1 nexthop deleted)
-rt5 should reinstall rt4's Prefix-SIDs (1 nexthop changed)
---
Step 3:
Action(s):
-Shut down the eth-rt4 interface on rt6
-Shut down the eth-rt5 interface on rt6
Expected changes:
-All routers should uninstall rt6's Prefix-SIDs
-rt4 and rt5 should uninstall the Adj-SIDs pointing to rt6
-rt4 should reconverge rt5's Prefix-SIDs through rt2 using ECMP
-rt5 should reconverge rt4's Prefix-SIDs through rt3 using ECMP
-rt6 should uninstall all its IS-IS routes, Prefix-SIDs and Adj-SIDs
---
Step 4:
Action(s):
-Bring up the eth-rt4 interface on rt6
-Bring up the eth-rt5 interface on rt6
-Change rt6's SRGB
Expected changes:
-All routers should install rt6's Prefix-SIDs
-rt4 and rt5 should install Adj-SIDs for rt6
-rt4 should reconverge rt5's Prefix-SIDs through rt6 using the new SRGB
-rt5 should reconverge rt4's Prefix-SIDs through rt6 using the new SRGB
-rt6 should reinstall all IS-IS routes and Prefix-SIDs from the network,
and Adj-SIDs for rt4 and rt5
---
Step 5:
Action(s):
-Disable SR on rt6
Expected changes:
-All routers should uninstall rt6's Prefix-SIDs
-rt4 should uninstall rt5's Prefix-SIDs since the nexthop router hasn't
SR enabled anymore
-rt5 should uninstall rt4's Prefix-SIDs since the nexthop router hasn't
SR enabled anymore
-rt6 should uninstall all Prefix-SIDs from the network, and the Adj-SIDs
for rt4 and rt5
---
Step 6:
Action(s):
-Enable SR on rt6
Expected changes:
-All routers should install rt6's Prefix-SIDs
-rt4 should install rt5's Prefix-SIDs through rt6
-rt5 should install rt4's Prefix-SIDs through rt6
-rt6 should install all Prefix-SIDs from the network, and Adj-SIDs for
rt4 and rt5
---
Step 7:
Action(s):
-Delete rt1's Prefix-SIDs
Expected changes:
-All routers should uninstall rt1's Prefix-SIDs
---
Step 8:
Action(s):
-Re-add rt1's Prefix-SIDs
Expected changes:
-All routers should install rt1's Prefix-SIDs
---
Step 9:
Action(s):
-Change rt1's Prefix-SIDs to use the no-php option
-Change rt6's Prefix-SIDs to stop using the explicit-null option
Expected changes:
-rt2 and rt3 should reinstall rt1's Prefix-SIDs accordingly
-rt4 and rt5 should reinstall rt6's Prefix-SIDs accordingly
---
Step 10:
Action(s):
-Remove the IPv4 address from rt4's eth-rt2-1 interface
Expected changes:
-rt2 should uninstall the IPv4 Adj-SIDs attached to the eth-rt4-1
interface
-rt2 should reinstall all IPv4 Prefix-SIDs whose nexthop router is rt4
(ECMP shouldn't be used anymore)
-rt4 should reinstall all IPv4 Prefix-SIDs whose nexthop router is rt2
(ECMP shouldn't be used anymore)
---
Step 11:
Action(s):
-Restore the original network setup
Expected changes:
-All routes, Prefix-SIDs and Adj-SIDs should be the same as they were
after the initial network convergence (step 1)
Renato Westphal [Sun, 4 Aug 2019 01:02:37 +0000 (22:02 -0300)]
isisd: add support for segment routing
This is an implementation of the IS-IS SR draft [1] for FRR.
The following features are supported:
* IPv4 and IPv6 Prefix-SIDs;
* IPv4 and IPv6 Adj-SIDs and LAN-Adj-SIDs;
* Index and absolute labels;
* The no-php and explicit-null Prefix-SID flags;
* Full integration with the Label Manager.
Known limitations:
* No support for Anycast-SIDs;
* No support for the SID/Label Binding TLV (required for LDP interop).
* No support for persistent Adj-SIDs;
* No support for multiple SRGBs.
Renato Westphal [Wed, 7 Aug 2019 16:35:07 +0000 (13:35 -0300)]
isisd: add segment-routing YANG nodes and skeleton callbacks
Most definitions were borrowed from the IETF IS-IS SR YANG module,
with a few adaptations. Of particular notice are the following:
* No support for the configuration of multiple SRGBs.
* No distinction between local and connected Prefix-SIDs, both are
configured the same way.
isisd: remove refcount from the isis_nexthop structure
isisd implements an optimization that allows multiple routes to
share the same nexthop (using a refcount) in order to save memory.
Now that SR support is coming, however, it will be necessary to
embed additional SR-related information inside the isis_nexthop
structure. But this can only be done if the nexthops aren't shared
among routes anymore.
Removing this memory optimization should have minimal impact since
the isis_nexthop structure is really small. On large networks with
thousands of routes, the memory saving would be in the order of a
few kilobytes. Not something we should be concerned about nowadays.
Renato Westphal [Sat, 10 Aug 2019 20:57:43 +0000 (17:57 -0300)]
isisd: split vty_out_timestr() into two helper functions
The new log_uptime() function logs an UNIX timestamp to a buffer
provided by the user. It's very flexibile and can be used in a
variety of contexts, different from vty_out_timestr() which is too
tied to the VTY code.
Renato Westphal [Wed, 7 Aug 2019 22:54:00 +0000 (19:54 -0300)]
isisd: introduce new adjacency hooks
The 'isis_adj_ip_enabled_hook' hook will be called whenever
an adjacency goes from zero to one or more IPv4 or IPv6
addresses. Conversely, the 'isis_adj_ip_disabled_hook' hook will
be called whenever an adjacency goes from one or more IPv4/IPv6
addresses to no addresses at all.
These hooks will be used by the upcoming SR code to add/delete
Adj-SIDs depending on the IP addresses present in the remote
adjacencies.
The netlink_vrf_change() function is called both when a VRF device
is created in the Linux kernel and when it is activated. This
commit changes this function to perform the VRF misconfiguration
detection only when the VRF device is created, as doing the check
twice would cause a false positive followed by a hard failure (not
to mention the double check is unnecessary since the VRF table ID
can't change once the device is created).
projects / mirror / frr.git / log