Philippe Guibert [Fri, 26 Mar 2021 09:48:38 +0000 (10:48 +0100)]
bgpd: flowspec redirect vrf uses vrf table instead of allocated table id
Until now, when bgp flowspec entry action was to redirect to a vrf, a
default route was installed in a specific table. that route was a vrf
route leak one. The process can be simplified, as vrf-lite already
has a table identifier. Actually, because policy routing is used to
redirect traffic to a defined table (with ip rule command), use
the table identifier of the VRF.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Igor Ryzhov [Thu, 29 Jul 2021 12:31:34 +0000 (15:31 +0300)]
bgpd: use double-linked list instead of single-linked list in dampening
This code always used double-linked list before this rework in 8.0 that
introduced all these crashes and memory leaks. Using single-linked list
is actually a performance regression, because there are frequent removes
here and single-linked list obviously handles removes much worse.
Igor Ryzhov [Wed, 28 Jul 2021 22:17:50 +0000 (01:17 +0300)]
bgpd: fix incorrect usage of slist in dampening
Current code is a complete misuse of SLIST structure. Instead of just
adding a SLIST_ENTRY to struct bgp_damp_info, it allocates a separate
structure to be a node in the list.
Igor Ryzhov [Thu, 29 Jul 2021 11:42:16 +0000 (14:42 +0300)]
bgpd: fix missing list add in dampening
One more crash in dampening code...
When bgp_damp_withdraw is called, if there's already a BDI structure,
bgp_damp_info_claim is called to re-assign the bdi->config in case it
was changed. The problem is that bgp_damp_info_claim actually removes
the BDI from the reuse list of the old config and never adds it to the
reuse list of the new config. We must do this to prevent the crash
because all the code assumes that BDI is always in some list.
Donald Sharp [Wed, 28 Jul 2021 20:25:54 +0000 (16:25 -0400)]
tests: Set addresses before we use snmpd
The test_simple_snmp.py test starts bgp, zebra and snmpd at the
same time. Then zebra configuration is read in and interface
addresses are applied. If snmp start slower than zebra
the snmp process can properly get it's ip address to bind to
if it is faster than zebra, it will fail. Ensure that the
test has addresses before we start daemons.
batmancn [Mon, 30 Nov 2020 12:04:44 +0000 (20:04 +0800)]
zebra: bugfix of error quit of zebra, due to no nexthop ACTIVE
There exists some rare situations where fpm will attempt
to send a route update with no valid nexthops. In that
case an assert would be hit. This is not good for
trying to keep your routing daemons up and running
when we can safely just recover the situation.
Fixes #7588 Signed-off-by: batmancn <batmanustc@gmail.com>
<fixed commit message, and used zlog_err> Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Donald Sharp [Tue, 27 Jul 2021 13:38:14 +0000 (09:38 -0400)]
tests: Increase timeout for loaded systems
When running this test on a locally loaded system I am seeing the
static route as `queued` still after 1 second. Let's just blanket
increase the timeout to something longer to give a very loaded system
more time to install the route.
Igor Ryzhov [Tue, 27 Jul 2021 13:10:35 +0000 (16:10 +0300)]
ospfd: don't exit when socket is not created
Let's be less radical. There's no reason to stop the whole daemon when
there's a socket creation error in a single VRF. The user can always
restart this single VRF to retry to create a socket.
ospf6d: Type-7 LSA originated with wrong sequence number
RCA: When Type-7 LSA is updated, the LSDB is searched, if the
LSA is present in the LSDB then the LSA is updated with next
sequence number and if not then it is originated with the
INITIAL sequence number.
Here while originating Type-7 LSA Process Level LSDB is searched
for instead of area level LSDB.
Fix: Search in the area level LSDB and not in the process level.
This commit is to correct the order in which the fields are
accessed while verifying it. First the fields should be
verified, and if it is valid then access it.
Donald Sharp [Mon, 26 Jul 2021 15:57:25 +0000 (11:57 -0400)]
tests: Reduce pim join/prune interval to 5 seconds
Tests should have low enough overhead that sending
the join/prune every 5 seconds should be sufficient
also it should allow us to converge faster in case of
dropped packets.
Igor Ryzhov [Fri, 23 Jul 2021 15:38:20 +0000 (18:38 +0300)]
vtysh: don't install "enable" command in user mode
Recent change in d1b287e only fixed the problem for 3-letter words.
We were still displaying error for longer words starting with "ena":
```
nfware> enac
% Command not allowed: enable
nfware> enad
% Command not allowed: enable
nfware> enaena
% Command not allowed: enable
```
If we don't allow "enable" command in user mode, why add it at all?
Currently 'show evpn rmac vni .. mac .. json' includes fields for
localSequence and remoteSequence, which are misleading since they
aren't applicable to a macs in the IP-VRF mac table (RMAC).
This removes the localSequence + remoteSequence fields from the output.
David Lamparter [Wed, 21 Jul 2021 09:04:23 +0000 (11:04 +0200)]
build: fix `AM_LDFLAGS` usage (and gcov)
like the other automake variables, setting `xyz_LDFLAGS` causes
`AM_LDFLAGS` to be ignored for `xyz`. For some reason I had in my mind
that automake doesn't do this for LDFLAGS, but... it does. (Which is
consistent with `_CFLAGS` and co.)
So, all the libraries and modules have been ignoring `AM_LDFLAGS` (which
includes `SAN_FLAGS` too). Set up new `LIB_LDFLAGS` and
`MODULE_LDFLAGS` to handle all of this correctly (and move these bits to
a central location.)
Fixes: #9034 Fixes: 0c4285d77eb ("build: properly split CFLAGS from AC_CFLAGS") Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Igor Ryzhov [Wed, 21 Jul 2021 14:22:14 +0000 (17:22 +0300)]
vtysh: fix exit from zebra-only nodes
When exiting from link-params and pseudowire nodes, we were sending exit
command to all VTYSH_INTERFACE daemons. This led to a desynchronized
state in vtysh and daemons other then zebra. We must send exit command
only to zebra.
Feature Implementation.
========================
This feature will help in advertising the External LSAs with aggregation.
The commands allow us to tune the advertisement with different parameters
as mentioned in the CLI List below.
It can also help in case we do not want to advertise any prefix with the
no-advertise option.
New CLIs added:
===============
summary-address X:X::X:X/M$prefix [tag (1-4294967295)] [{metric (0-16777215) | metric-type (1-2)}]
no summary-address X:X::X:X/M$prefix [tag (1-4294967295)] [{metric (0-16777215) | metric-type (1-2)}]
summary-address X:X::X:X/M$prefix no-advertise
no summary-address X:X::X:X/M$prefix no-advertise
aggregation timer (5-1800)
no aggregation timer (5-1800)
show ipv6 ospf6 summary-address [detail$detail] [json]
debug ospf6 lsa aggregation
projects / mirror / frr.git / log