David Lamparter [Thu, 8 Apr 2021 11:35:09 +0000 (13:35 +0200)]
lib: correctly exit CLI nodes on file config load
The (legacy) code for reading split configs tries to execute config
commands in parent nodes, but doesn't call the node_exit function when
it goes up to a parent node. This breaks BGP RPKI setup (and extended
syslog, which is in the next commit.)
Doing this correctly is a slight bit involved since the node_exit
callbacks should only be called if the command is actually executed on a
parent node.
David Lamparter [Sat, 10 Apr 2021 19:02:06 +0000 (21:02 +0200)]
lib: fix possible assert() fail in zlog_fd()
If the last message in a batched logging operation isn't printed due to
priority, this skips the code that flushes prepared messages through
writev() and can trigger the assert() at the end of zlog_fd().
Since any logmsg above info priority triggers a buffer flush, running
into this situation requires a log file target configured for info
priority, at least 1 message of info priority buffered, a debug message
buffered after that, and then a buffer flush (explicit or due to buffer
full).
I haven't seen this chain of events happen in the wild, but it needs
fixing anyway.
Donald Sharp [Fri, 13 Nov 2020 17:06:57 +0000 (12:06 -0500)]
zebra: Allow `set src X` to work on startup
If a route-map in zebra has `set src X` and the interface
X is on has not been configured yet, we are rejecting the command
outright. This is a problem on boot up especially( and where I
found this issue ) in that interfaces *can* and *will* be slow
on startup and config can easily be read in *before* the
interface has an ip address.
Let's modify zebra to just warn to the user we may have a problem
and let the chips fall where they may.
Patrick Ruddy [Wed, 3 Oct 2018 17:22:34 +0000 (18:22 +0100)]
ospf6d: decimal area format in interface command
The ospf6 "interface <blah> area <x>" command only allows the area to
be specified in the ipv4 address format, whereas the show run command
always shows it in the format in which the area was created. This causes
the frr-reload script to be unable to remove ospfv3 interfaces when the
area was created in decimal format. The solution is to allow both formats
to be configured as they can be for other area commands.
Richard Wu [Wed, 3 Jun 2020 01:44:16 +0000 (09:44 +0800)]
zebra: Fix zebra crashed in building FPM netlink message when bgp sends aggregation routes to zebra.
Issue:
When BGP sends aggregation routes to zebra, the next hop is black hole.
Then Zebra will try to build the netlink FPM message, but there is no
next hop as it is a black hole route. Then the netlink_route_info_fill
function returns 0. In the result, zebra will crashed in
"assert(data_len)" of zfpm_build_route_updates.
This issue also happen when I create a static black hole route via
staticd.
Fix:
As the netlink message of the blackhole route is legal, it should return
success.
Don Slice [Tue, 22 Sep 2020 13:14:52 +0000 (06:14 -0700)]
bgpd: allow derived router-id update if previously 0x0
Problem found that if a router-id was not defined or derived
initially, the bgp->router_id would be set to 0x0 and used
for determining auto-rd values. When bgp received a subsequent
router-id update from zebra, bgp would not completely process
the update since it was treated as updating an already derived
router-id with a new value, which is not desired. This also
could leave the auto rd/rt inforamation missing or invalid in
some cases. This fix allows updating the derived router-id if
the previous value was 0/0.
Ticket: CM-31441 Signed-off-by: Don Slice <dslice@nvidia.com>
bgpd: Use bgp instance's default keepalive interval if < (holdtime/3)
bgp->default_keepalive was not considered when setting
peer->v_keepalive, causing the effective keepalive interval to
always be (holdtime/3), even when default_keepalive < (holdtime/3).
This ensures that the default_keepalive is used when it's set and
is < (holdtime/3).
Donald Sharp [Fri, 25 Sep 2020 13:45:24 +0000 (09:45 -0400)]
bgpd: Allow bgp static routes to use /32's
If you are including a network statement of a /32
then the current bgp martian checks will match the /32
together.
Problem:
!
router bgp 3235
neighbor 192.168.161.2 remote-as external
neighbor 192.168.161.131 remote-as external
!
address-family ipv4 unicast
network 10.10.3.11/32
network 192.168.161.0/24
no neighbor 192.168.161.2 activate
neighbor 192.168.161.2 route-map BLUE in
exit-address-family
!
eva# show bgp ipv4 uni
BGP table version is 1, local router ID is 10.10.3.11, vrf id 0
Default local pref 100, local AS 3235
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
10.10.3.11/32 0.0.0.0(eva) 0 32768 i
*> 192.168.161.0/24 0.0.0.0(eva) 0 32768 i
Displayed 2 routes and 2 total paths
eva# show bgp import-check-table
Current BGP import check cache:
192.168.161.0 valid [IGP metric 0], #paths 1
if enp39s0
Last update: Fri Sep 25 08:00:42 2020
10.10.3.11 valid [IGP metric 0], #paths 1
if lo
Last update: Fri Sep 25 08:00:42 2020
eva# show bgp ipv4 uni summ
BGP router identifier 10.10.3.11, local AS number 3235 vrf-id 0
BGP table version 1
RIB entries 3, using 576 bytes of memory
Peers 1, using 21 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
janelle(192.168.161.131) 4 60000 69 70 0 0 0 00:03:21 0 1
Total number of neighbors 1
When we are deciding that a nexthop is valid there is not much point in checking
that a static route has a martian nexthop or not, since we self derived it already.
would end up leaving the 4.4.4.4/32 address on the interface under
freebsd.
This all boils down to the fact that the interface is not
considered connected yet we have a destination. If the
destination is the same and we are not connected ignore
it on freebsd.
I am sure there are other fun scenarios that someone
will have to squirrel out.
Nathan Bahr [Mon, 24 Aug 2020 18:52:51 +0000 (13:52 -0500)]
pimd: fix IGMP querier election
Match by exact address rather than by prefix match to
determine if we generated the IGMPP query. Othwerwise
we will be ignoring IGMP queries coming from other
hosts on the same subnet.
Nathan Bahr [Wed, 19 Aug 2020 19:42:07 +0000 (14:42 -0500)]
pimd: fix IGMP source address on transmit
IGMP queries should contain the source address of the IGMP socket
they are being sent from.
Added binding the IGMP sockets to their specific source, otherwise
interfaces with multiple addresses will send multiple queries using
the same source, which is determined by the kernel.
Nathan Bahr [Wed, 19 Aug 2020 19:26:41 +0000 (14:26 -0500)]
pimd: fix IGMP receive handling
IGMP packets received from a source that does not match the subnet
of any configured addresses on the receive interface should be
ignored.
Also, find and use the correct IGMP socket object for the received
IGMP packet.
Chirag Shah [Tue, 11 Aug 2020 21:28:20 +0000 (14:28 -0700)]
zebra: Revert "zebra: probe local inactive neigh"
Reverting probing of neigh entry. There is a timing where
probe and remote macip add request comes at the same time resulting
in neigh to remain in local state event though it should be remote.
In mobility case, the host moves to remote VTEP, first MAC only type-2
route is received which triggers a PROBE of neighs (associated to MAC).
PROBE request can go via network port to remote VTEP.
PROBE request picks up local neigh with MAC entry's outgoing port is
remote VTEP tunnel port.
The PROBE reply and MAC-IP (containing IP) almost comes same time at
DUT.
DUT first processes remote macip and installs neigh as remote.
Followed by receives neigh as REACHABLE which marks neigh as LOCAL.
FRR does have BPF filter which does not allow its own netlink request
to receive. Otherwise frr's request to program neigh as remote can move
neigh from local to remote.
Though ordering can not be guranteed that REACHABLE (PROBE's repsonse)
can come at anytime and move it to LOCAL.
This fix would not suffice the needs of converging LOCAL inactive neighs
to remove from DB. As mobility draft sugges to PROBE local neigh when
MAC moves to remote but it is not working with current framework.
lynne [Wed, 5 Aug 2020 20:54:43 +0000 (16:54 -0400)]
ldpd: ldp-oc withdraw fix
When LDP is configured in Order Control mode and we receive a
label withdraw message, we should only resend label withdraws to
peers that are the NH for that fec being withdrawn. This is a
double commit. Original fix in master is #6864.
bgpd: Do not crash if bgp argument is NULL for bgp_table_stats()
```
(gdb) bt
0 0x00007f45a6f0a781 in raise () from /lib/x86_64-linux-gnu/libc.so.6
1 0x00007f45a6ef455b in abort () from /lib/x86_64-linux-gnu/libc.so.6
2 0x00007f45a7781920 in core_handler (signo=11, siginfo=0x7fffac7b84b0, context=<optimized out>) at lib/sigevent.c:228
3 <signal handler called>
4 0x000055a4133c0f32 in bgp_table_stats (vty=vty@entry=0x55a415acb240, bgp=0x0, afi=AFI_IP, safi=SAFI_UNICAST, json_array=json_array@entry=0x0) at bgpd/bgp_route.c:11412
5 0x000055a4133c13fb in show_ip_bgp_afi_safi_statistics (self=<optimized out>, vty=0x55a415acb240, argc=6, argv=<optimized out>) at bgpd/bgp_route.c:10749
6 0x00007f45a773917d in cmd_execute_command_real (vline=vline@entry=0x55a415ab7e10, vty=vty@entry=0x55a415acb240, cmd=cmd@entry=0x0, filter=FILTER_RELAXED)
at lib/command.c:909
7 0x00007f45a773afdf in cmd_execute_command (vline=vline@entry=0x55a415ab7e10, vty=vty@entry=0x55a415acb240, cmd=0x0, vtysh=vtysh@entry=0) at lib/command.c:968
8 0x00007f45a773b135 in cmd_execute (vty=vty@entry=0x55a415acb240, cmd=cmd@entry=0x55a415ace950 "show ip bgp vrf all statistics", matched=matched@entry=0x0,
vtysh=vtysh@entry=0) at lib/command.c:1122
9 0x00007f45a7794d62 in vty_command (vty=vty@entry=0x55a415acb240, buf=0x55a415ace950 "show ip bgp vrf all statistics") at lib/vty.c:526
10 0x00007f45a7794fb6 in vty_execute (vty=vty@entry=0x55a415acb240) at lib/vty.c:1293
11 0x00007f45a7797804 in vtysh_read (thread=<optimized out>) at lib/vty.c:2126
12 0x00007f45a778f641 in thread_call (thread=thread@entry=0x7fffac7bb040) at lib/thread.c:1550
13 0x00007f45a775b6d8 in frr_run (master=0x55a415542820) at lib/libfrr.c:1098
14 0x000055a4133815d6 in main (argc=10, argv=0x7fffac7bb2a8) at bgpd/bgp_main.c:509
```
"show ip bgp vrf all statistics" should show statistics for all VRFs if "all"
is specified.
David Lamparter [Sun, 19 Jul 2020 09:14:48 +0000 (11:14 +0200)]
lib: fix TLS log buffer on NetBSD
... this didn't work on NetBSD. Like, at all. It returns a positive
error code from posix_fallocate() and then we bang our head against a
brick wall trying to write to the mmap'd buffer.
Richard Wu [Fri, 5 Jun 2020 09:54:57 +0000 (17:54 +0800)]
bgpd: Fix the bug that BGP MRAI does not work.
Issue: bgp_process_writes will be called when the fd is writable.
And it will bgp_generate_updgrp_packets to generate the
update packets no matter MRAI is set or not.
Fix: bgp_generate_updgrp_packets thread will return without sending
any update when MRAI timer is still running.
bgpd: Show the real next-hop address in addition to hostname in `show bgp`
It's hard to cope with cases when next-hop is changed/unchanged or
peers are non-direct.
It would be better to show the hostname and nexthop IP address (both)
under `show bgp` to quickly identify the source and the real next-hop
of the route.
If `bgp default show-nexthop-hostname` is toggled the output looks like:
```
spine1-debian-9# show bgp
BGP table version is 1, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 65002
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 2a02:4780::/64 fe80::a00:27ff:fe09:f8a3(exit1-debian-9)
0 0 65001 ?
spine1-debian-9# show ip bgp
BGP table version is 5, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 65002
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.255.255.0/24 192.168.0.1(exit1-debian-9)
0 0 65001 ?
```
attempted to use sorted master lists to do faster lookups
by using a RB Tree. Unfortunately the original code
was creating a list->cmp function *but* never using it.
If you look at the commit, it clearly shows that the
function listnode_add is used to insert but when you
look at that function it is a tail push.
Fixes: #6573
Namely now this ordering is preserved:
bgp as-path access-list originate-only permit ^$
bgp as-path access-list originate-only deny .*
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
bgpd: Add command to show only established sessions
```
exit1-debian-9# show bgp summary
IPv4 Unicast Summary:
BGP router identifier 192.168.0.1, local AS number 100 vrf-id 0
BGP table version 8
RIB entries 15, using 2880 bytes of memory
Peers 2, using 43 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
192.168.0.2 4 200 10 6 0 0 0 00:00:35 8 8
2a02:4780::2 4 0 0 1 0 0 0 never Active 0
Total number of neighbors 2
exit1-debian-9# show bgp summary established
IPv4 Unicast Summary:
BGP router identifier 192.168.0.1, local AS number 100 vrf-id 0
BGP table version 8
RIB entries 15, using 2880 bytes of memory
Peers 2, using 43 KiB of memory
Total number of neighbors 2
exit1-debian-9# show bgp summary failed
IPv4 Unicast Summary:
BGP router identifier 192.168.0.1, local AS number 100 vrf-id 0
BGP table version 8
RIB entries 15, using 2880 bytes of memory
Peers 2, using 43 KiB of memory
Neighbor EstdCnt DropCnt ResetTime Reason
2a02:4780::2 0 0 never Waiting for peer OPEN
Rafael Zalamena [Mon, 6 Jul 2020 14:39:27 +0000 (11:39 -0300)]
lib: fix route map description memory leak
Route map entries are not getting a chance to call `description` string
deallocation on shutdown or when the parent entry is destroyed, so lets
add a code to handle this in the `route_map_index_delete` function.
Donald Sharp [Tue, 2 Jun 2020 20:10:48 +0000 (16:10 -0400)]
bgpd: Actually find the sequence number for `bgp extcommunity-list...`
The code in the bgp extcommunity-list function was using
argv_find to get the correct idx. The problem was that
we had already done argv_finds before and idx was non-zero
thus having us always set the seq pointer to what was last
looked up. This causes us to pass in a value to the
underlying function and it would just wisely ignore it
causing a seq number of 0.
We would then write this seq number of 0 and then immediately
reject it on read in again. BOO!
Actually handle argv_find the way it was meant to be.
Ticket:CM-29926 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Martin Winter [Tue, 30 Jun 2020 11:08:57 +0000 (13:08 +0200)]
FRRouting Release 7.4
BGPd
Use sequence numbers for community lists
Fixes to nexthop groups
Add feature to limit outgoing number of routes
Per Neighbor Graceful Restart
Multiple Graceful Restart fixes
Support sub-Type-4 and sub-Type-5 for the VPNv4 SRv6 backend
rfc7606 support: treat certain malformed routes as withdraw
allow origin override for route aggregates
rfc6608 support: Subcodes for BGP Finite State Machine Error
rfc7607 support: Codification of AS 0 Processing
rfc6286 support: Autonomous-System-Wide Unique BGP Identifier for BGP-4
Unequal cost multipath (a.ka. weighted ECMP) with BGP link-bandwidth
Enable rfc8212 by default except datacenter profile
staticd
Add debug support
vtysh
Add copy command to copy config from file into running config
LDPd
adding support for LDP ordered label distribution control
ISISd
IS-IS Segment Routing support
SHARPd
add initial support to add/remove lsps
Zebra
fix broadcast address in IPv4 networks with /31 mask
Add Graceful Restart support for Protocol Daemon restarts
lib
migrate route-maps to use northbound interface
plus countless bug fixes and other improvements
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
Donatas Abraitis [Mon, 22 Jun 2020 13:23:24 +0000 (16:23 +0300)]
bgpd: Do not treat the route as martian for static BGP routes
If we have something like:
```
ip route 1.1.1.0/24 Null0
!
router bgp 100
no bgp ebgp-requires-policy
neighbor 192.168.0.2 remote-as 200
!
address-family ipv4 unicast
network 1.1.1.0/24
redistribute connected
exit-address-family
!
line vty
!
```
1.1.1.0/24 is not advertised due to martian nexthop (0.0.0.0). It starts
working only when we use `redistribute static`.
By checking if it's a BGP static route we able to announce
1.1.1.0/24 with `network 1.1.1.0/24` without redistribute even when
`bgp import-check` is enabled.
Disabling `bgp import-check` works as well, but it's enabled by default
since 7.4.
Mark Stapp [Thu, 11 Jun 2020 15:16:02 +0000 (11:16 -0400)]
*: have daemons call frr_fini() at termination
Fix a number of library and daemon issues so that daemons can
call frr_fini() during normal termination. Without this,
temporary logging files are left behind in /var/tmp/frr/.
bgpd: Make sure network/aggregate-address commands lay down under labeled safi
unicast and labeled-unicast share the same table, but configuration should
be visible for both independently. Without this fix it confuses a bit
because when you enter `network 10.0.0.0/24` under labeled-unicast it's
written in unicast family block.
Donatas Abraitis [Mon, 25 May 2020 14:22:37 +0000 (17:22 +0300)]
bgpd: Use IPv6 LL address as nexthop if global was set to ::/LL
This happens between Bird and FRR. Maybe others as well, dunno.
Bird sends ::(fe80::1588) and we have a nexthop as :: which is inaccessible:
```
BGP routing table entry for fdff:b87d:f5b0::/48
Paths: (1 available, no best path)
Not advertised to any peer 4242421588424242254742424226014242423605
:: (inaccessible) from fe80::1588 (172.20.16.140)
(fe80::1588) (used)
Origin IGP, invalid, external
Last update: Mon May 25 14:27:02 2020
```
bgpd: Set a proper SAFI for labaled-unicast when looking for scount
The problem is that peer_af_array returns NULL when SAFI is changed to
unicast. We use unicast table, but peer is created and activated under
labeled-unicast, hence we should lookup with a proper SAFI id.
Without this patch peer_af_find() returns NULL and we can't show
PfxSnt in `show bgp summary`.
Donald Sharp [Thu, 7 May 2020 14:03:31 +0000 (10:03 -0400)]
bgpd: `bgp bestpath bandwidth` should not be a legal command
The `bgp bestpath bandwidth` command should not be a legal
command. Pull out the `no` form to allow this. Allow
`no bgp bestpath bandwidth` to work as we would expect.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 11 May 2020 12:45:11 +0000 (08:45 -0400)]
bgpd: really remove the `no ip as-path...` command
We had already removed the `ip as-path..` command
to have `bgp as-path` but for some reason a `no ip as-path..`
command ALIAS was still around. Kill with extreme prejudice.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Olivier Dugeon [Mon, 4 May 2020 16:26:21 +0000 (18:26 +0200)]
isisd: IS-IS-SR preparation for master 4/5
* Regroup fonctions to install label for Prefix and Adjacency SID
* Change 'replace_semantics' variable name by 'make_before_break' in
sr_prefix_reinstall() function and adjust comments
* Call directly lsp_regenerate_schedule() from isis_nb_config.c when MSD
is updated
projects / mirror / frr.git / log