| Age | Commit message (Collapse) | Author |
|---|
|
lib: Lower precedence for ASNUM_TKN when using together with IPV4/IPV6_TKN
|
|
opensourcerouting/fix/cpu-wall-warning_vtysh_fixes_for_no_form
lib: Allow unsetting walltime-warning and cpu-warning
|
|
* : include event ptr in event_execute api
|
|
When using together with IPV4/IPV6_TKN, this breaks an existing command like:
```
donatas-pc# clear bgp ipv6 unicast 2a02::1
% Ambiguous command: clear bgp ipv6 unicast 2a02::1
donatas-pc#
```
With this fix:
```
donatas-pc# clear bgp ipv6 unicast 2a02::1
% BGP: Unknown neighbor - "2a02::1"
donatas-pc# clear bgp ipv6 unicast 2.2
% BGP: No IPv6 Unicast peer is configured with AS 2.2
donatas-pc# clear bgp ipv6 unicast 123
% BGP: No IPv6 Unicast peer is configured with AS 123
donatas-pc# clear bgp ipv4 unicast 127.0.0.1
donatas-pc#
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
pbrd: (3/3) add packet mangling actions (src/dst ip-addr/port, dscp, ecn)
|
|
With a negative form we get:
```
Internal CLI error [walltime_warning_str]
Internal CLI error [cputime_warning_str]
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
libs: use XREALLOC in bitfield lib module
|
|
Use FRR mem api instead of raw realloc() in bitfield module.
Signed-off-by: Mark Stapp <mjs@labn.net>
|
|
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
Before now, PBRD used non-zero values to imply that a rule's
match or action field was active. This approach was getting
cumbersome for fields where 0 is a valid active value and
various field-specific magic values had to be used.
This commit changes PBRD to use a flag bit per field to
indicate that the field is active.
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
In the netlink-mediated kernel dataplane, each rule is stored
in either an IPv4-specific database or an IPv6-specific database.
PBRD opportunistically gleans each rule's address family value
from its source or destination IP address match value (if either
exists), or from its nexthop or nexthop-group (if it exists).
The 'family' value is particularly needed for netlink during
incremental rule deletion when none of the above fields remain set.
Before now, this address family has been encoded by occult means
in the (possibly otherwise unset) source/destination IP match
fields in ZAPI and zebra.
This commit documents the reasons for maintaining the 'family'
field in the PBRD rule structure, adds a 'family' field in the
common lib/pbr.h rule structure, and carries it explicitly in ZAPI.
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
DSCP and ECN matching are configured independently. Maintain
these values in independent fields in pbrd, zapi, and zebra.
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
vtysh: remove unused cmd_filter_type
|
|
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
|
After Zebra knows it's capability surrounding v6 with v4 nexthops
have it send this ability up to interested parties.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
This is purely an integer (long long/long), and causes issues for 32-bit systems.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
Signed-off-by: Farid Mihoub <farid.mihoub@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
|
Delay EVPN route addition to synchronize with rib_delete(), which now
uses early route queue.
Signed-off-by: Xiao Liang <shaw.leon@gmail.com>
|
|
lib: Fix elf_py.c for coverity
|
|
Fix a couple of style warnings introduced by recent PR 14050.
Signed-off-by: Mark Stapp <mjs@labn.net>
|
|
pbrd: 2/3 zapi PBR common encode/decode
|
|
Include an event ptr-to-ptr in the event_execute() api
call, like the various schedule api calls. This allows the
execute() api to cancel an existing scheduled task if that
task is being executed inline.
Signed-off-by: Mark Stapp <mjs@labn.net>
|
|
Two changes for debug:
1. Add a field to indicate its vrf for nexthop. When the interface changes
vrf, we can't easily know the vrf of this nexthop according to current log.
2. Add a field to indicate operation type. We can't know whether to add or
remove route according to current log.
Before:
```
zebra_nhg_increment_ref: nhe 0x555623eb82c0 (76[if 6]) 0 => 1
zebra_interface_nhg_reinstall install nhe 75[77.75.1.75 if 6] nh type 3 flags 0x1
Route 77.75.1.0/24(8) queued for processing into sub-queue Early Route Processing
Route 77.75.1.0/24(8) queued for processing into sub-queue Early Route Processing
```
After:
```
zebra_nhg_increment_ref: nhe 0x555623eb82c0 (76[if 6 vrfid 9]) 0 => 1
zebra_interface_nhg_reinstall install nhe 75[77.75.1.75 if 6 vrfid 8] nh type 3 flags 0x1
Route 77.75.1.0/24(8) (add) queued for processing into sub-queue Early Route Processing
Route 77.75.1.0/24(8) (delete) queued for processing into sub-queue Early Route Processing
```
Signed-off-by: anlan_cs <anlan_cs@tom.com>
|
|
David rightly pointed out that having a test for fd > 0 would
technically not be right, but not wrong for this portion of the
code since we know that we would never get a fd = 0 in this section.
In any event let's make coverity happy and move on with our life.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
ospfd: Implement OSPF prefix-suppression as specified in RFC 6860
|
|
Signed-off-by: Acee <aceelindem@gmail.com>
|
|
bgpd, pbrd: use common pbr encoder
zebra: use common pbr decoder
tests: pbr_topo1: check more filter fields
Purpose:
1. Reduce likelihood of zapi format mismatches when adding
PBR fields due to multiple parallel encoder implementations
2. Encourage common PBR structure usage among various daemons
3. Reduce coding errors via explicit per-field enable flags
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
bgpd: Fix coverity for EVPN
|
|
Subset: feature in PBR
New PBR rule fields:
match ip-protocol (was only tcp|udp, now any value in /etc/protocols)
match pcp (0-7)
match vlan (1-4094)
match vlan (tagged|untagged|untagged-or-zero)
Filter flags
Add filter_bm (flags) field internally to indicate which
filter fields should be considered active. Bit definitions
as in lib/pbr.h.
This commit uses only the PBR_FILTER_PCP bit, but other
fields will be added in future commits. (Fixes bug related
to determining set/not-set state of pcp filter)
Shift vlan filter flags to lib/pbr.h
Changes by:
Josh Werner <joshuawerner@mitre.org>
Eli Baum <ebaum@mitre.org>
G. Paul Ziemba <paulz@labn.net>
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
|
|
Reported Warning:
Compare member by member to check object equality
RCA:
struct evpn_addr contains padding
Authored-by: Kantesh Mundaragi <kmundaragi@vmware.com>
Signed-off-by: Iqra Siddiqui <imujeebsiddi@vmware.com>
|
|
fix double lock bug and cmd resume early bugs
|
|
There's a workaround in the code from a bug from back in 2004, it ends
and re-enters config mode anytime an `exit` is done from a level below
the top-level config node (e.g., from a `router isis` node). We need to
re-enter config mode with or without a lock according to how we actually
entered it to begin with.
fixes #13920
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
The lock/unlocks are being done short-circuit so they are never pending;
however, the handling of the unlock notification was always resuming the command
if pending was set. In all cases pending is set for another command. For example
implicit commit locks then when notified its done unlocks which was clearing the
set-config pending flag and resuming that command incorrectly.
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
Currently, "on-match (next|goto)" only works if already present in a
route-map entry when the route-map is applied to the routes. However, if
the command is added to an existing route-map entry, the route-map is
not reapplied to the routes in order to accommodate the changes. And
service restart is needed. The problem is that setting the command
doesn't signal about the change to the listener (i.e. to a routing
daemon).
With this fix, signal to the listener about addition of "on-match
(next|goto)" to a route-map entry.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
LabNConsulting/aceelindem/ospf-opaque-interface-disable
ospfd: Configurable interface-level 'capability opaque' support
|
|
opensourcerouting/feature/bgpd_show_version_if_description_is_not_defined
bgpd: Show neighbors software version if description is not set
|
|
Before:
```
r1# show ip bgp summary wide
IPv4 Unicast Summary (VRF default):
BGP router identifier 192.168.1.1, local AS number 65001 vrf-id 0
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 725 KiB of memory
Neighbor V AS LocalAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
192.168.1.2 4 65002 65001 8 8 0 0 0 00:00:05 0 0 FRRouting/9.1-dev-MyOwnFRRVersion-gc5fc0beb46
Total number of neighbors 1
r1#
```
After:
```
r1# show ip bgp summary wide
IPv4 Unicast Summary (VRF default):
BGP router identifier 192.168.1.1, local AS number 65001 vrf-id 0
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 725 KiB of memory
Neighbor V AS LocalAS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
192.168.1.2 4 65002 65001 10 10 0 0 0 00:00:08 0 0 FRRouting/9.1-dev-MyOwnFRRVersion-g4be13ec347
Total number of neighbors 1
r1#
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
*: Rearrange vrf_bitmap_X api to reduce memory footprint
|
|
There were a couple of places where it was possible a route-map
was applied( and DENIED ) but the count for the number of times
the application happen was not incremented.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Add support for "[no] ip ospf capbility opaque" at the interface
level with the default being capability opaque enabled. The command
"no ip ospf capability opaque" will disable opaque LSA database
exchange and flooding on the interface. A change in configuration
will result in the interface being flapped to update our options
for neighbors but no attempt will be made to purge existing LSAs
as in dense topologies, these may received by neighbors through
different interfaces.
Topotests are added to test both the configuration and the LSA
opaque flooding suppression.
Signed-off-by: Acee <aceelindem@gmail.com>
|
|
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
We don't need un-run/un-tested placeholder code we may never need.
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
eliminates tons of copy and paste code.
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
bgpd,lib,yang: add colored extended communities support
|
|
When running all daemons with config for most of them, FRR has
sharpd@janelle:~/frr$ vtysh -c "show debug hashtable" | grep "VRF BIT HASH" | wc -l
3570
3570 hashes for bitmaps associated with the vrf. This is a very
large number of hashes. Let's do two things:
a) Reduce the created size of the actually created hashes to 2
instead of 32.
b) Delay generation of the hash *until* a set operation happens.
As that no hash directly implies a unset value if/when checked.
This reduces the number of hashes to 61 in my setup for normal
operation.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
add support of color extended community, conforming to RFC 9012.
This extended community will be added to the existing one, RT,SOO
and Node Target. The configuration will be made through the
route-map service.
find above a configuration example:
router bgp 65001
bgp router-id 192.168.1.1
no bgp ebgp-requires-policy
no bgp network import-check
neighbor 192.168.1.2 remote-as external
neighbor 192.168.1.3 remote-as external
neighbor 192.168.1.4 remote-as external
address-family ipv4 unicast
network 10.10.10.10/24 route-map rmap
exit-address-family
!
route-map rmap permit 10
set extcommunity color 55555 200
exit
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
|
|
Add a new notification zapi message type. A zapi client
that uses opaque messages can register to be notified
when a server for an opaque type is present.
Signed-off-by: Mark Stapp <mjs@labn.net>
|
|
Include the sending zapi client info (proto, instance, and
session id) in each opaque zapi message. Add opaque 'init'
apis for clients who want to encode their opaque data inline,
into the zclient's internal stream buffer. Use these init apis
in the TE/link-state lib code, instead of hand-coding the
zapi opaque header info.
Signed-off-by: Mark Stapp <mjs@labn.net>
|
