13 files changed, 243 insertions, 20 deletions

diff --git a/bgpd/bgp_fsm.c b/bgpd/bgp_fsm.c
index 8b84d696dc..3667dae83d 100644
--- a/bgpd/bgp_fsm.c
+++ b/bgpd/bgp_fsm.c
@@ -1887,7 +1887,7 @@ static const struct {
 		{bgp_fsm_open, OpenConfirm}, /* Receive_OPEN_message         */
 		{bgp_fsm_event_error, Idle}, /* Receive_KEEPALIVE_message    */
 		{bgp_fsm_event_error, Idle}, /* Receive_UPDATE_message       */
-		{bgp_stop_with_error, Idle}, /* Receive_NOTIFICATION_message */
+		{bgp_fsm_event_error, Idle}, /* Receive_NOTIFICATION_message */
 		{bgp_fsm_exeption, Idle},    /* Clearing_Completed           */
 	},
 	{
diff --git a/bgpd/bgp_nht.c b/bgpd/bgp_nht.c
index 0969c8e77e..a50fc7d697 100644
--- a/bgpd/bgp_nht.c
+++ b/bgpd/bgp_nht.c
@@ -421,7 +421,8 @@ void bgp_parse_nexthop_update(int command, vrf_id_t vrf_id)
 			if (peer && !peer->ifp
 			    && CHECK_FLAG(peer->flags,
 					  PEER_FLAG_CAPABILITY_ENHE)
-			    && nhr.prefix.family == AF_INET6) {
+			    && nhr.prefix.family == AF_INET6
+			    && nexthop->type != NEXTHOP_TYPE_BLACKHOLE) {
 				struct interface *ifp;
 
 				ifp = if_lookup_by_index(nexthop->ifindex,
diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
index fd1c1ffd7c..e875c41119 100644
--- a/bgpd/bgp_vty.c
+++ b/bgpd/bgp_vty.c
@@ -2691,7 +2691,7 @@ DEFUN (bgp_listen_limit,
        bgp_listen_limit_cmd,
        "bgp listen limit (1-5000)",
        "BGP specific commands\n"
-       "Configure BGP defaults\n"
+       "BGP Dynamic Neighbors listen commands\n"
        "maximum number of BGP Dynamic Neighbors that can be created\n"
        "Configure Dynamic Neighbors listen limit value\n")
 {
@@ -2709,8 +2709,9 @@ DEFUN (bgp_listen_limit,
 DEFUN (no_bgp_listen_limit,
        no_bgp_listen_limit_cmd,
        "no bgp listen limit [(1-5000)]",
+       NO_STR
        "BGP specific commands\n"
-       "Configure BGP defaults\n"
+       "BGP Dynamic Neighbors listen commands\n"
        "unset maximum number of BGP Dynamic Neighbors that can be created\n"
        "Configure Dynamic Neighbors listen limit value to default\n"
        "Configure Dynamic Neighbors listen limit value\n")
@@ -7693,7 +7694,7 @@ DEFUN (show_bgp_vrfs,
 		if (!uj && count == 1) {
 			vty_out(vty,
 				"%4s  %-5s  %-16s  %9s  %10s  %-37s\n",
-				"Type", "Id", "routerId", "#PeersVfg",
+				"Type", "Id", "routerId", "#PeersCfg",
 				"#PeersEstb", "Name");
 			vty_out(vty, "%11s  %-16s  %-21s  %-6s\n", " ",
 				"L3-VNI", "RouterMAC", "Interface");
diff --git a/doc/developer/building-frr-for-centos8.rst b/doc/developer/building-frr-for-centos8.rst
new file mode 100644
index 0000000000..7751482b19
--- /dev/null
+++ b/doc/developer/building-frr-for-centos8.rst
@@ -0,0 +1,156 @@
+CentOS 8
+========
+
+This document describes installation from source. If you want to build an RPM,
+see :ref:`packaging-redhat`.
+
+Install required packages
+-------------------------
+
+Add packages:
+
+::
+
+    sudo dnf install --enablerepo=PowerTools git autoconf pcre-devel \
+      automake libtool make readline-devel texinfo net-snmp-devel pkgconfig \
+      groff pkgconfig json-c-devel pam-devel bison flex python2-pytest \
+      c-ares-devel python2-devel systemd-devel libcap-devel
+
+.. include:: building-libyang.rst
+
+Get FRR, compile it and install it (from Git)
+---------------------------------------------
+
+**This assumes you want to build and install FRR from source and not
+using any packages**
+
+Add frr groups and user
+^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo groupadd -g 92 frr
+    sudo groupadd -r -g 85 frrvty
+    sudo useradd -u 92 -g 92 -M -r -G frrvty -s /sbin/nologin \
+      -c "FRR FRRouting suite" -d /var/run/frr frr
+
+Download Source, configure and compile it
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+(You may prefer different options on configure statement. These are just
+an example.)
+
+::
+
+    git clone https://github.com/frrouting/frr.git frr
+    cd frr
+    ./bootstrap.sh
+    ./configure \
+        --bindir=/usr/bin \
+        --sbindir=/usr/lib/frr \
+        --sysconfdir=/etc/frr \
+        --libdir=/usr/lib/frr \
+        --libexecdir=/usr/lib/frr \
+        --localstatedir=/var/run/frr \
+        --with-moduledir=/usr/lib/frr/modules \
+        --enable-snmp=agentx \
+        --enable-multipath=64 \
+        --enable-user=frr \
+        --enable-group=frr \
+        --enable-vty-group=frrvty \
+	--enable-systemd=yes \
+        --disable-exampledir \
+        --disable-ldpd \
+        --enable-fpm \
+        --with-pkg-git-version \
+        --with-pkg-extra-version=-MyOwnFRRVersion \
+	SPHINXBUILD=/usr/bin/sphinx-build
+    make
+    make check
+    sudo make install
+
+Create empty FRR configuration files
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo mkdir /var/log/frr
+    sudo mkdir /etc/frr
+    sudo touch /etc/frr/zebra.conf
+    sudo touch /etc/frr/bgpd.conf
+    sudo touch /etc/frr/ospfd.conf
+    sudo touch /etc/frr/ospf6d.conf
+    sudo touch /etc/frr/isisd.conf
+    sudo touch /etc/frr/ripd.conf
+    sudo touch /etc/frr/ripngd.conf
+    sudo touch /etc/frr/pimd.conf
+    sudo touch /etc/frr/nhrpd.conf
+    sudo touch /etc/frr/eigrpd.conf
+    sudo touch /etc/frr/babeld.conf
+    sudo chown -R frr:frr /etc/frr/
+    sudo touch /etc/frr/vtysh.conf
+    sudo chown frr:frrvty /etc/frr/vtysh.conf
+    sudo chmod 640 /etc/frr/*.conf
+
+Install daemon config file
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo install -p -m 644 redhat/daemons /etc/frr/
+    sudo chown frr:frr /etc/frr/daemons
+
+Edit /etc/frr/daemons as needed to select the required daemons
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Look for the section with ``watchfrr_enable=...`` and ``zebra=...`` etc.
+Enable the daemons as required by changing the value to ``yes``
+
+Enable IP & IPv6 forwarding
+^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Create a new file ``/etc/sysctl.d/90-routing-sysctl.conf`` with the
+following content:
+
+::
+
+    # Sysctl for routing
+    #
+    # Routing: We need to forward packets
+    net.ipv4.conf.all.forwarding=1
+    net.ipv6.conf.all.forwarding=1
+
+Load the modified sysctl's on the system:
+
+::
+
+    sudo sysctl -p /etc/sysctl.d/90-routing-sysctl.conf
+
+Install frr Service and redhat init files
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo install -p -m 644 redhat/frr.service /usr/lib/systemd/system/frr.service
+    sudo install -p -m 755 redhat/frr.init /usr/lib/frr/frr
+
+Register the systemd files
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo systemctl preset frr.service
+
+Enable required frr at startup
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo systemctl enable frr
+
+Reboot or start FRR manually
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+::
+
+    sudo systemctl start frr
diff --git a/doc/developer/building.rst b/doc/developer/building.rst
index c13fb10ffc..b99667124f 100644
--- a/doc/developer/building.rst
+++ b/doc/developer/building.rst
@@ -10,6 +10,7 @@ Building FRR
    building-frr-for-alpine
    building-frr-for-centos6
    building-frr-for-centos7
+   building-frr-for-centos8
    building-frr-for-debian8
    building-frr-for-debian9
    building-frr-for-fedora
diff --git a/doc/developer/packaging-redhat.rst b/doc/developer/packaging-redhat.rst
index d344046148..d9c4c5bf0c 100644
--- a/doc/developer/packaging-redhat.rst
+++ b/doc/developer/packaging-redhat.rst
@@ -3,7 +3,7 @@
 Packaging Red Hat
 =================
 
-Tested on CentOS 6, CentOS 7 and Fedora 24.
+Tested on CentOS 6, CentOS 7, CentOS 8 and Fedora 24.
 
 1. On CentOS 6, refer to :ref:`building-centos6` for details on installing
    sufficiently up-to-date package versions to enable building FRR.
@@ -22,13 +22,31 @@ Tested on CentOS 6, CentOS 7 and Fedora 24.
 
       yum install systemd-devel
 
+   .. note::
+
+     For CentOS 8 you need to install ``platform-python-devel`` package
+     to provide ``/usr/bin/pathfix.py``::
+
+       yum install platform-python-devel
+
+   .. warning::
+
+     ``python2-sphinx`` is not shipped for CentOS 8.
+     Development reached the end of life for Python 2.
+     We need to install it using ```pip``::
+
+        pip2 install sphinx
+
    If ``yum`` is not present on your system, use ``dnf`` instead.
 
-3. Checkout FRR::
+   You should enable ``PowerTools`` repo if using CentOS 8 which
+   is disabled by default.
+
+4. Checkout FRR::
 
       git clone https://github.com/frrouting/frr.git frr
 
-4. Run Bootstrap and make distribution tar.gz::
+5. Run Bootstrap and make distribution tar.gz::
 
       cd frr
       ./bootstrap.sh
@@ -40,7 +58,7 @@ Tested on CentOS 6, CentOS 7 and Fedora 24.
       The only ``configure`` option respected when building RPMs is
       ``--with-pkg-extra-version``.
 
-5. Create RPM directory structure and populate with sources::
+6. Create RPM directory structure and populate with sources::
 
      mkdir rpmbuild
      mkdir rpmbuild/SOURCES
@@ -48,7 +66,7 @@ Tested on CentOS 6, CentOS 7 and Fedora 24.
      cp redhat/*.spec rpmbuild/SPECS/
      cp frr*.tar.gz rpmbuild/SOURCES/
 
-6. Edit :file:`rpm/SPECS/frr.spec` with configuration as needed.
+7. Edit :file:`rpm/SPECS/frr.spec` with configuration as needed.
 
    Look at the beginning of the file and adjust the following parameters to
    enable or disable features as required::
@@ -73,7 +91,7 @@ Tested on CentOS 6, CentOS 7 and Fedora 24.
       %{!?with_pimd:          %global  with_pimd          1 }
       %{!?with_rpki:          %global  with_rpki          0 }
 
-7. Build the RPM::
+8. Build the RPM::
 
       rpmbuild --define "_topdir `pwd`/rpmbuild" -ba rpmbuild/SPECS/frr.spec
 
diff --git a/doc/user/bgp.rst b/doc/user/bgp.rst
index 97ce036f52..2d4d0c4945 100644
--- a/doc/user/bgp.rst
+++ b/doc/user/bgp.rst
@@ -1045,6 +1045,15 @@ Configuring Peers
 .. index:: neighbor PEER port PORT
 .. clicmd:: neighbor PEER port PORT
 
+.. index:: [no] neighbor PEER password PASSWORD
+.. clicmd:: [no] neighbor PEER password PASSWORD
+
+   Set a MD5 password to be used with the tcp socket that is being used
+   to connect to the remote peer.  Please note if you are using this
+   command with a large number of peers on linux you should consider
+   modifying the `net.core.optmem_max` sysctl to a larger value to
+   avoid out of memory errors from the linux kernel.
+
 .. index:: neighbor PEER send-community
 .. clicmd:: neighbor PEER send-community
 
diff --git a/redhat/frr.spec.in b/redhat/frr.spec.in
index 1a374ba26b..be3b83bf80 100644
--- a/redhat/frr.spec.in
+++ b/redhat/frr.spec.in
@@ -169,9 +169,15 @@ BuildRequires:  libyang-devel >= 0.16.74
 BuildRequires:  python27-devel
 BuildRequires:  python27-sphinx
 %else
+%if 0%{?rhel} && 0%{?rhel} > 7
+BuildRequires:  python2-devel
+#platform-python-devel is needed for /usr/bin/pathfix.py
+BuildRequires:  platform-python-devel
+%else
 BuildRequires:  python-devel >= 2.7
 BuildRequires:  python-sphinx
 %endif
+%endif
 Requires:       initscripts
 %if %{with_pam}
 BuildRequires:  pam-devel
@@ -217,8 +223,13 @@ Contributed/3rd party tools which may be of use with frr.
 
 %package pythontools
 Summary: python tools for frr
+%if 0%{?rhel} && 0%{?rhel} > 7
+BuildRequires: python2
+Requires: python2-ipaddress
+%else
 BuildRequires: python
 Requires: python-ipaddress
+%endif
 Group: System Environment/Daemons
 
 %description pythontools
@@ -397,6 +408,11 @@ install -m644 %{zeb_rh_src}/frr.pam %{buildroot}%{_sysconfdir}/pam.d/frr
 install -m644 %{zeb_rh_src}/frr.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/frr
 install -d -m750 %{buildroot}%{rundir}
 
+%if 0%{?rhel} && 0%{?rhel} > 7
+# avoid `ERROR: ambiguous python shebang in` errors
+pathfix.py -pni "%{__python2} %{py2_shbang_opts}" %{buildroot}/usr/lib/frr/*.py
+%py_byte_compile %{__python2} %{buildroot}/usr/lib/frr/*.py
+%endif
 
 %pre
 # add vty_group
@@ -682,7 +698,10 @@ fi
 
 
 %changelog
-* Sun May 28 2018 Rafael Zalamena <rzalamena@opensourcerouting.org> - %{version}
+* Fri Dec 27 2019 Donatas Abraitis <donatas.abraitis@gmail.com>
+- Add CentOS 8 support
+
+* Mon May 28 2018 Rafael Zalamena <rzalamena@opensourcerouting.org> - %{version}
 - Add BFDd support
 
 * Sun May 20 2018 Martin Winter <mwinter@opensourcerouting.org>
diff --git a/ripd/rip_zebra.c b/ripd/rip_zebra.c
index 90ee667f05..e07d218860 100644
--- a/ripd/rip_zebra.c
+++ b/ripd/rip_zebra.c
@@ -151,8 +151,8 @@ static int rip_zebra_read_route(ZAPI_CALLBACK_ARGS)
 
 void rip_redistribute_conf_update(struct rip *rip, int type)
 {
-	zclient_redistribute(ZEBRA_REDISTRIBUTE_ADD, zclient, AFI_IP, type,
-			     0, rip->vrf->vrf_id);
+	zebra_redistribute_send(ZEBRA_REDISTRIBUTE_ADD, zclient, AFI_IP,
+				type, 0, rip->vrf->vrf_id);
 }
 
 void rip_redistribute_conf_delete(struct rip *rip, int type)
diff --git a/ripngd/ripng_zebra.c b/ripngd/ripng_zebra.c
index fa61d69caa..f9bd56d1df 100644
--- a/ripngd/ripng_zebra.c
+++ b/ripngd/ripng_zebra.c
@@ -152,8 +152,8 @@ static int ripng_zebra_read_route(ZAPI_CALLBACK_ARGS)
 
 void ripng_redistribute_conf_update(struct ripng *ripng, int type)
 {
-	zclient_redistribute(ZEBRA_REDISTRIBUTE_ADD, zclient, AFI_IP6, type, 0,
-			     ripng->vrf->vrf_id);
+	zebra_redistribute_send(ZEBRA_REDISTRIBUTE_ADD, zclient, AFI_IP6,
+				type, 0, ripng->vrf->vrf_id);
 }
 
 void ripng_redistribute_conf_delete(struct ripng *ripng, int type)
diff --git a/zebra/zebra_errors.c b/zebra/zebra_errors.c
index 5a0905d591..ef792d14c2 100644
--- a/zebra/zebra_errors.c
+++ b/zebra/zebra_errors.c
@@ -316,6 +316,12 @@ static struct log_ref ferr_zebra_err[] = {
 		.description = "Zebra attempted to look up a interface for a particular vrf_id and interface index, but didn't find anything.",
 		.suggestion = "If you entered a command to trigger this error, make sure you entered the arguments correctly. Check your config file for any potential errors. If these look correct, seek help.",
 	},
+	{
+		.code = EC_ZEBRA_NS_NO_DEFAULT,
+		.title = "Zebra NameSpace failed to find Default",
+		.description = "Zebra NameSpace subsystem failed to find a Default namespace during initialization.",
+		.suggestion = "Open an Issue with all relevant log files and restart FRR",
+	},
 	/* Warnings */
 	{
 		.code = EC_ZEBRAING_LM_PROTO_MISMATCH,
diff --git a/zebra/zebra_errors.h b/zebra/zebra_errors.h
index f9ccc2db28..4625a03ae6 100644
--- a/zebra/zebra_errors.h
+++ b/zebra/zebra_errors.h
@@ -76,6 +76,7 @@ enum zebra_log_refs {
 	EC_ZEBRA_NHG_SYNC,
 	EC_ZEBRA_NHG_FIB_UPDATE,
 	EC_ZEBRA_IF_LOOKUP_FAILED,
+	EC_ZEBRA_NS_NO_DEFAULT,
 	/* warnings */
 	EC_ZEBRA_NS_NOTIFY_READ,
 	EC_ZEBRAING_LM_PROTO_MISMATCH,
diff --git a/zebra/zebra_ns.c b/zebra/zebra_ns.c
index 37f53bf911..3287176ef5 100644
--- a/zebra/zebra_ns.c
+++ b/zebra/zebra_ns.c
@@ -37,6 +37,7 @@
 #include "zebra_pbr.h"
 #include "rib.h"
 #include "table_manager.h"
+#include "zebra_errors.h"
 
 extern struct zebra_privs_t zserv_privs;
 
@@ -64,6 +65,9 @@ static int zebra_ns_new(struct ns *ns)
 {
 	struct zebra_ns *zns;
 
+	if (!ns)
+		return -1;
+
 	if (IS_ZEBRA_DEBUG_EVENT)
 		zlog_info("ZNS %s with id %u (created)", ns->name, ns->ns_id);
 
@@ -86,7 +90,7 @@ static int zebra_ns_delete(struct ns *ns)
 		zlog_info("ZNS %s with id %u (deleted)", ns->name, ns->ns_id);
 	if (!zns)
 		return 0;
-	XFREE(MTYPE_ZEBRA_NS, zns);
+	XFREE(MTYPE_ZEBRA_NS, ns->info);
 	return 0;
 }
 
@@ -175,19 +179,26 @@ int zebra_ns_final_shutdown(struct ns *ns)
 
 int zebra_ns_init(const char *optional_default_name)
 {
+	struct ns *default_ns;
 	ns_id_t ns_id;
 	ns_id_t ns_id_external;
 
-	dzns = zebra_ns_alloc();
-
 	frr_with_privs(&zserv_privs) {
 		ns_id = zebra_ns_id_get_default();
 	}
 	ns_id_external = ns_map_nsid_with_external(ns_id, true);
 	ns_init_management(ns_id_external, ns_id);
 
+	default_ns = ns_lookup(ns_get_default_id());
+	if (!default_ns) {
+		flog_err(EC_ZEBRA_NS_NO_DEFAULT,
+			 "%s: failed to find default ns", __func__);
+		exit(EXIT_FAILURE); /* This is non-recoverable */
+	}
+
 	/* Do any needed per-NS data structure allocation. */
-	dzns->if_table = route_table_init();
+	zebra_ns_new(default_ns);
+	dzns = default_ns->info;
 
 	/* Register zebra VRF callbacks, create and activate default VRF. */
 	zebra_vrf_init();