]> git.proxmox.com Git - mirror_frr.git/log
mirror_frr.git
6 years agolib, pbrd: rm extra space when displaying nexthop
Quentin Young [Tue, 20 Mar 2018 20:43:54 +0000 (16:43 -0400)]
lib, pbrd: rm extra space when displaying nexthop

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agopbrd: fix null pointer deref when showing ifaces
Quentin Young [Tue, 20 Mar 2018 20:19:26 +0000 (16:19 -0400)]
pbrd: fix null pointer deref when showing ifaces

If there are no PBR interfaces configured and we do a 'show run', pbrd
crashes with a NPD when it tries to dereference ifp->info.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agopbrd: Only allow one nexthop group or nexthop at a time
Donald Sharp [Tue, 20 Mar 2018 18:05:44 +0000 (14:05 -0400)]
pbrd: Only allow one nexthop group or nexthop at a time

When we are entering 'set nexthop' and 'set nexthop-group'
ensure that the cli only allows one of these to happen
at a time.

Ticket: CM-20125
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agopbrd: Remove pbr_events
Donald Sharp [Mon, 19 Mar 2018 13:04:17 +0000 (09:04 -0400)]
pbrd: Remove pbr_events

The pbr_events.c file was a mistake in that it overly complicated
the code and made it hard to think about what was happening.

Remove all the events and just do the work where needed.

Additionally rethink the sending of the pbr map to
zebra and only send one notification at a time instead
of having the sending function attempt to figure out
what to do.

Clean up some of the no form of commands to make them
work properly.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
6 years agolib: Add hash and use const a bit more intelligently
Quentin Young [Mon, 19 Mar 2018 13:01:52 +0000 (09:01 -0400)]
lib: Add hash and use const a bit more intelligently

This commit adds code to notify the compiler that we
will not be changing the arguments to nexthop2str
and we expect thre return to be treated the same.

Additionally we add some code to allow nexthops to
be hashed to be used in a hash.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agodoc: bit of cleanup for pbr docs
Quentin Young [Fri, 16 Mar 2018 22:11:45 +0000 (18:11 -0400)]
doc: bit of cleanup for pbr docs

* Indent is 3 spaces
* Use CLI cross-references
* Wrap to 80 columns
* Adjust section capitalization

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoredhat: PBR modifications to allow it to build properly
Donald Sharp [Thu, 15 Mar 2018 16:46:18 +0000 (12:46 -0400)]
redhat: PBR modifications to allow it to build properly

Add to the redhat build the PBR daemon and it's ancillary
files.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agopbrd: Cleanup CI warnings
Donald Sharp [Thu, 15 Mar 2018 15:56:07 +0000 (11:56 -0400)]
pbrd: Cleanup CI warnings

There are a bunch of CI warnings that need to be cleaned up.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agodoc: Add documentation for PBRD
Donald Sharp [Thu, 15 Mar 2018 14:13:58 +0000 (10:13 -0400)]
doc: Add documentation for PBRD

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agopbrd: Add PBR to FRR
Donald Sharp [Tue, 23 Jan 2018 18:11:36 +0000 (13:11 -0500)]
pbrd: Add PBR to FRR

This is an implementation of PBR for FRR.

This implemenation uses a combination of rules and
tables to determine how packets will flow.

PBR introduces a new concept of 'nexthop-groups' to
specify a group of nexthops that will be used for
ecmp.  Nexthop-groups are specified on the cli via:

nexthop-group DONNA
  nexthop 192.168.208.1
  nexthop 192.168.209.1
  nexthop 192.168.210.1
!

PBR sees the nexthop-group and installs these as a default
route with these nexthops starting at table 10000
robot# show pbr nexthop-groups
Nexthop-Group: DONNA Table: 10001 Valid: 1 Installed: 1
Valid: 1  nexthop 192.168.209.1
Valid: 1  nexthop 192.168.210.1
Valid: 1  nexthop 192.168.208.1

I have also introduced the ability to specify a table
in a 'show ip route table XXX' to see the specified tables.

robot# show ip route table 10001
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR,
       > - selected route, * - FIB route

F>* 0.0.0.0/0 [0/0] via 192.168.208.1, enp0s8, 00:14:25
  *                 via 192.168.209.1, enp0s9, 00:14:25
  *                 via 192.168.210.1, enp0s10, 00:14:25

PBR tracks PBR-MAPS via the pbr-map command:

!
pbr-map EVA seq 10
  match src-ip 4.3.4.0/24
  set nexthop-group DONNA
!
pbr-map EVA seq 20
  match dst-ip 4.3.5.0/24
  set nexthop-group DONNA
!

pbr-maps can have 'match src-ip <prefix>' and 'match dst-ip <prefix>'
to affect decisions about incoming packets.  Additionally if you
only have one nexthop to use for a pbr-map you do not need
to setup a nexthop-group and can specify 'set nexthop XXXX'.

To apply the pbr-map to an incoming interface you do this:

interface enp0s10
 pbr-policy EVA
!

When a pbr-map is applied to interfaces it can be installed
into the kernel as a rule:

[sharpd@robot frr1]$ ip rule show
0: from all lookup local
309: from 4.3.4.0/24 iif enp0s10 lookup 10001
319: from all to 4.3.5.0/24 iif enp0s10 lookup 10001
1000: from all lookup [l3mdev-table]
32766: from all lookup main
32767: from all lookup default

[sharpd@robot frr1]$ ip route show table 10001
default proto pbr metric 20
nexthop via 192.168.208.1 dev enp0s8 weight 1
nexthop via 192.168.209.1 dev enp0s9 weight 1
nexthop via 192.168.210.1 dev enp0s10 weight 1

The linux kernel now will use the rules and tables to properly
apply these policies.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoMerge pull request #2029 from cdwertmann/patch-1
Donald Sharp [Fri, 6 Apr 2018 12:22:03 +0000 (08:22 -0400)]
Merge pull request #2029 from cdwertmann/patch-1

add libpython-dev to 16.04 build dependencies

6 years agodebianpkg: add libpython-dev to 17.10 & 18.04 build dependencies
Christoph Dwertmann [Fri, 6 Apr 2018 07:14:55 +0000 (17:14 +1000)]
debianpkg: add libpython-dev to 17.10 & 18.04 build dependencies
Signed-off-by: Christoph Dwertmann <cdwertmann@gmail.com>
6 years agodebianpkg: add libpython-dev to 16.04 build dependencies
Christoph Dwertmann [Thu, 5 Apr 2018 02:17:41 +0000 (12:17 +1000)]
debianpkg: add libpython-dev to 16.04 build dependencies
Signed-off-by: Christoph Dwertmann <cdwertmann@gmail.com>
6 years agoMerge pull request #2028 from qlyoung/cleanup-static-route-consistent-ordering
Russ White [Thu, 5 Apr 2018 00:55:59 +0000 (20:55 -0400)]
Merge pull request #2028 from qlyoung/cleanup-static-route-consistent-ordering

zebra: consistently order static route attributes

6 years agoMerge pull request #2022 from qlyoung/warn-vtysh-u-security
Russ White [Thu, 5 Apr 2018 00:54:31 +0000 (20:54 -0400)]
Merge pull request #2022 from qlyoung/warn-vtysh-u-security

doc: warn users about vtysh / telnet security

6 years agoMerge pull request #2013 from qlyoung/docuser
Russ White [Thu, 5 Apr 2018 00:53:46 +0000 (20:53 -0400)]
Merge pull request #2013 from qlyoung/docuser

doc: add more CLI documentation

6 years agoMerge pull request #2006 from qlyoung/remove-irdp-node
Russ White [Thu, 5 Apr 2018 00:52:45 +0000 (20:52 -0400)]
Merge pull request #2006 from qlyoung/remove-irdp-node

lib: remove IRDP_NODE

6 years agoMerge pull request #2002 from qlyoung/remove-undebug
Russ White [Thu, 5 Apr 2018 00:52:08 +0000 (20:52 -0400)]
Merge pull request #2002 from qlyoung/remove-undebug

bgpd, pim: remove undebug

6 years agoMerge pull request #1998 from qlyoung/fix-vrf-keyword-walkup
Russ White [Thu, 5 Apr 2018 00:51:02 +0000 (20:51 -0400)]
Merge pull request #1998 from qlyoung/fix-vrf-keyword-walkup

lib, vtysh: vrf walkup bugfix

6 years agoMerge pull request #1979 from LabNConsulting/working/master/bgp-nht-labels
Russ White [Thu, 5 Apr 2018 00:45:22 +0000 (20:45 -0400)]
Merge pull request #1979 from LabNConsulting/working/master/bgp-nht-labels

bgpd: nexthop tracking with labels for vrf-vpn leaking

6 years agoMerge pull request #2023 from LabNConsulting/working/master/confdate+release
Martin Winter [Thu, 5 Apr 2018 00:23:37 +0000 (01:23 +0100)]
Merge pull request #2023 from LabNConsulting/working/master/confdate+release

Use new way of avoiding deprecated related warnings in non-dev branches

6 years agoMakefile.am: change verstion type detection, if just numbers = _RELEASE, _DEV otherwise
Lou Berger [Wed, 4 Apr 2018 23:13:58 +0000 (19:13 -0400)]
Makefile.am: change verstion type detection, if just numbers = _RELEASE, _DEV otherwise

Signed-off-by: Lou Berger <lberger@labn.net>
6 years agoMerge pull request #2026 from ajones-rvbd/ajones-issue-2024
Quentin Young [Wed, 4 Apr 2018 19:47:13 +0000 (15:47 -0400)]
Merge pull request #2026 from ajones-rvbd/ajones-issue-2024

alpine packaging: build packages and base image directly from git

6 years agozebra: consistently order static route attributes
Quentin Young [Wed, 4 Apr 2018 19:23:05 +0000 (15:23 -0400)]
zebra: consistently order static route attributes

Everyone else displays them with nexthop-vrf last.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoalpine packaging: build packages and base image directly from git
Arthur Jones [Wed, 4 Apr 2018 02:15:11 +0000 (19:15 -0700)]
alpine packaging: build packages and base image directly from git

Currently, we tar up the git repo before building alpine packages.
This ensures that the packages we're building are exactly what is
checked in.  But, in practice, this restriction causes us to not
be able to build off of git contexts, which is a convenient feature
especially when using docker-compose.

So, here, we build the alpine packages directly from the contents
of the current directory and we install the packages into a base
image to ease downstream consumption.  There is still work to be
done in that area, as we need to package up the daemons, frr user
and all the rest, but that's for later...

Testing-done:

Built directly from the git repo, built from a reference to the
git repo and built using docker-compose, all seemed to work.  Also,
tested by @leleobhz and seems to build fine.

Thanks to Leonardo Amaral (@leleobhz) for reporting the issue and for
the original idea for a fix.

Issue: https://github.com/FRRouting/frr/issues/2024
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
6 years agobgpd: nexthop tracking with labels for vrf-vpn leaking
G. Paul Ziemba [Fri, 23 Mar 2018 23:57:03 +0000 (16:57 -0700)]
bgpd: nexthop tracking with labels for vrf-vpn leaking

Routes that have labels must be sent via a nexthop that also has labels.
This change notes whether any path in a nexthop update from zebra contains
labels. If so, then the nexthop is valid for routes that have labels.

If a nexthop update has no labeled paths, then any labeled routes
referencing the nexthop are marked not valid.

Add a route flag BGP_INFO_ANNC_NH_SELF that means "advertise myself
as nexthop when announcing" so that we can track our notion of the
nexthop without revealing it to peers.

Signed-off-by: G. Paul Ziemba <paulz@labn.net>
6 years agobgpd: simplify bgp instance name printing
G. Paul Ziemba [Wed, 28 Mar 2018 17:11:56 +0000 (10:11 -0700)]
bgpd: simplify bgp instance name printing

Signed-off-by: G. Paul Ziemba <paulz@labn.net>
6 years agolib/prefix.[ch]: add family2str()
G. Paul Ziemba [Wed, 28 Mar 2018 16:56:45 +0000 (09:56 -0700)]
lib/prefix.[ch]: add family2str()

Signed-off-by: G. Paul Ziemba <paulz@labn.net>
6 years agoMerge pull request #1993 from vivek-cumulus/evpn-fixes
Lou Berger [Wed, 4 Apr 2018 15:57:00 +0000 (11:57 -0400)]
Merge pull request #1993 from vivek-cumulus/evpn-fixes

Evpn fixes

6 years agoMerge pull request #2015 from pguibert6WIND/issue_1999
Lou Berger [Wed, 4 Apr 2018 11:22:10 +0000 (07:22 -0400)]
Merge pull request #2015 from pguibert6WIND/issue_1999

bgpd: Flowspec client failed to update `exit-address-family`

6 years agoMerge pull request #1927 from pguibert6WIND/issue_1926
Renato Westphal [Wed, 4 Apr 2018 00:41:12 +0000 (21:41 -0300)]
Merge pull request #1927 from pguibert6WIND/issue_1926

zebra: delete interface that disappeared

6 years agodoc: add note and example on use of VERSION_TYPE_DEV and CONFDATE
Lou Berger [Tue, 3 Apr 2018 18:04:31 +0000 (14:04 -0400)]
doc: add note and example on use of VERSION_TYPE_DEV and CONFDATE

Signed-off-by: Lou Berger <lberger@labn.net>
6 years agodoc: warn users about vtysh / telnet security
Quentin Young [Tue, 3 Apr 2018 17:53:04 +0000 (13:53 -0400)]
doc: warn users about vtysh / telnet security

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years ago*: Only test CONFDATE when VERSION_TYPE_DEV defined
Lou Berger [Tue, 3 Apr 2018 17:47:50 +0000 (13:47 -0400)]
*: Only test CONFDATE when VERSION_TYPE_DEV defined

Signed-off-by: Lou Berger <lberger@labn.net>
6 years agoMakefile.am: add automatic defintion of VERSION_TYPE_(DEV_|RELEASE) CPP type
Lou Berger [Tue, 3 Apr 2018 17:44:06 +0000 (13:44 -0400)]
Makefile.am: add automatic defintion of VERSION_TYPE_(DEV_|RELEASE) CPP type

Signed-off-by: Lou Berger <lberger@labn.net>
6 years agoMerge pull request #1894 from LabNConsulting/working/master/vtysh-not-enabled
Quentin Young [Tue, 3 Apr 2018 15:50:35 +0000 (11:50 -0400)]
Merge pull request #1894 from LabNConsulting/working/master/vtysh-not-enabled

vtysh: add -u/--user flag to run commands without enable

6 years agoMerge pull request #2010 from donaldsharp/ns_fixes
Philippe Guibert [Tue, 3 Apr 2018 15:14:42 +0000 (17:14 +0200)]
Merge pull request #2010 from donaldsharp/ns_fixes

lib: Namespaces should only complain about failure if we have it

6 years agoMerge pull request #2016 from pguibert6WIND/issue_2000
Quentin Young [Tue, 3 Apr 2018 15:14:04 +0000 (11:14 -0400)]
Merge pull request #2016 from pguibert6WIND/issue_2000

bgpd: `logical-router` netns vtysh configuration comparison incorrect

6 years agoMerge pull request #2014 from qlyoung/draft-bz-v4goawayflag-00
Russ White [Tue, 3 Apr 2018 15:13:23 +0000 (11:13 -0400)]
Merge pull request #2014 from qlyoung/draft-bz-v4goawayflag-00

Revert "zebra: implement draft-bz-v4goawayflag-00"

6 years agoMerge pull request #1882 from LabNConsulting/working/master/community-dismiss
Martin Winter [Tue, 3 Apr 2018 14:54:27 +0000 (15:54 +0100)]
Merge pull request #1882 from LabNConsulting/working/master/community-dismiss

workflow.rst: add note that author's shouldn't delete a comment or review

6 years agobgpd: Flowspec client failed to update `exit-address-family`
Philippe Guibert [Tue, 3 Apr 2018 13:11:22 +0000 (15:11 +0200)]
bgpd: Flowspec client failed to update `exit-address-family`

Flowspec client failed to update `exit-address-family`.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agolib: remove IRDP_NODE
Quentin Young [Tue, 3 Apr 2018 14:50:58 +0000 (10:50 -0400)]
lib: remove IRDP_NODE

Unused

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agobgpd: `logical-router` netns vtysh configuration comparison incorrect
Philippe Guibert [Tue, 3 Apr 2018 13:13:07 +0000 (15:13 +0200)]
bgpd: `logical-router` netns vtysh configuration comparison incorrect

`logical-router` netns vtysh configuration comparison incorrect

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agoMerge pull request #2005 from qlyoung/remove-masc-node
Rafael Zalamena [Mon, 2 Apr 2018 20:55:44 +0000 (17:55 -0300)]
Merge pull request #2005 from qlyoung/remove-masc-node

lib: remove MASC_NODE

6 years agoMerge pull request #2003 from qlyoung/remove-service-node
Rafael Zalamena [Mon, 2 Apr 2018 20:53:44 +0000 (17:53 -0300)]
Merge pull request #2003 from qlyoung/remove-service-node

lib: remove SERVICE_NODE

6 years agobgpd, pim: remove undebug
Quentin Young [Fri, 30 Mar 2018 19:52:12 +0000 (15:52 -0400)]
bgpd, pim: remove undebug

This 'undebug' syntax is only used in 5 commands and serves no apparent
purpose.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoRevert "zebra: implement draft-bz-v4goawayflag-00"
Quentin Young [Mon, 2 Apr 2018 19:25:44 +0000 (15:25 -0400)]
Revert "zebra: implement draft-bz-v4goawayflag-00"

This reverts commit 3fec765a8d986664a555c161b814b4bf3332cdf0.

April fools!

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agodoc: add more CLI documentation
Quentin Young [Mon, 2 Apr 2018 18:41:38 +0000 (14:41 -0400)]
doc: add more CLI documentation

* Document modes & nodes
* Document walkup behavior
* Document struct cmd_node
* Add graph of node relationships
* Reorder sections to make more logical sense
* Rewrap sections to 80 lines
* Fix code block indent
* Specify language for code blocks in order to get syntax highlighting

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoMerge pull request #2012 from qlyoung/draft-bz-v4goawayflag-00
Russ White [Sun, 1 Apr 2018 21:21:43 +0000 (17:21 -0400)]
Merge pull request #2012 from qlyoung/draft-bz-v4goawayflag-00

zebra: implement draft-bz-v4goawayflag-00

6 years agozebra: implement draft-bz-v4goawayflag-00
Quentin Young [Sun, 1 Apr 2018 20:37:24 +0000 (16:37 -0400)]
zebra: implement draft-bz-v4goawayflag-00

Adds support for V4 GoAway flag as described in
https://www.ietf.org/id/draft-bz-v4goawayflag-00.txt

This option allows advertising neighbors to indicate to recipients that
they should disable IPv4 on the link.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agolib: Namespaces should only complain about failure if we have it
Donald Sharp [Sat, 31 Mar 2018 19:08:14 +0000 (15:08 -0400)]
lib: Namespaces should only complain about failure if we have it

Do not complain about failure to create a namespace if we
do not have any such thing going on.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agolib: remove MASC_NODE
Quentin Young [Fri, 30 Mar 2018 21:45:41 +0000 (17:45 -0400)]
lib: remove MASC_NODE

Unused

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agolib: remove SERVICE_NODE
Quentin Young [Fri, 30 Mar 2018 20:29:51 +0000 (16:29 -0400)]
lib: remove SERVICE_NODE

Unused

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agolib, vtysh: vrf walkup bugfix
Quentin Young [Fri, 30 Mar 2018 02:13:57 +0000 (22:13 -0400)]
lib, vtysh: vrf walkup bugfix

Static route commands are now installed inside the VRF nodes. This has
quietly broken top-level static routes in certain scenarios due to
walkup logic resolving a static route configuration command inside
VRF_NODE first if the command is issued while in a CLI node lower than
VRF_NODE. To fix this VRF_NODE needs a special exit command, as has been
done for many other nodes with the same issue, to explicitly change the
vrf context to the default VRF so that when walkup resolves against the
VRF node it will configure against the default VRF as desired.

Of course this is a hack on top of a hack and the CLI walkup
implementation needs to be rewritten.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoMerge pull request #1984 from donaldsharp/conf_date_master
Russ White [Fri, 30 Mar 2018 16:35:53 +0000 (12:35 -0400)]
Merge pull request #1984 from donaldsharp/conf_date_master

lib: Remove backwards compatiblity at 1 year

6 years agodoc: add note on use of scripts to enable immediate removale deprecated APIs/macros
Lou Berger [Thu, 29 Mar 2018 22:50:30 +0000 (18:50 -0400)]
doc: add note on use of scripts to enable immediate removale deprecated APIs/macros

Signed-off-by: Lou Berger <lberger@labn.net>
6 years agoMerge pull request #1921 from donaldsharp/pim_stuff
Lou Berger [Fri, 30 Mar 2018 16:03:33 +0000 (12:03 -0400)]
Merge pull request #1921 from donaldsharp/pim_stuff

Pim stuff

6 years agoMerge pull request #1997 from qlyoung/fix-doc-nits-03-30
Russ White [Fri, 30 Mar 2018 15:13:02 +0000 (11:13 -0400)]
Merge pull request #1997 from qlyoung/fix-doc-nits-03-30

doc: cleanup documentation nits

6 years agodoc: cleanup documentation nits
Quentin Young [Fri, 30 Mar 2018 15:09:15 +0000 (11:09 -0400)]
doc: cleanup documentation nits

* Ubuntu 18.04 build doc was not included in its toctree
* Duplicate definition of the same CLI command removed

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoMerge pull request #1966 from donaldsharp/vrf_late_to_the_party
Russ White [Fri, 30 Mar 2018 14:51:38 +0000 (10:51 -0400)]
Merge pull request #1966 from donaldsharp/vrf_late_to_the_party

zebra: Set table id *before* we enable the vrf

6 years agoMerge pull request #1978 from qlyoung/fix-debug-all-vtysh-node
Russ White [Fri, 30 Mar 2018 14:44:14 +0000 (10:44 -0400)]
Merge pull request #1978 from qlyoung/fix-debug-all-vtysh-node

vtysh: fix node install of `[no] debug all`

6 years agoMerge pull request #1980 from donaldsharp/tools_frr
Russ White [Fri, 30 Mar 2018 14:36:34 +0000 (10:36 -0400)]
Merge pull request #1980 from donaldsharp/tools_frr

tools: Cleanup shutdown

6 years agoMerge pull request #1987 from donaldsharp/zserv_read_fix
Russ White [Fri, 30 Mar 2018 13:37:51 +0000 (09:37 -0400)]
Merge pull request #1987 from donaldsharp/zserv_read_fix

two zebra changes

6 years agoMerge pull request #1990 from donaldsharp/bgp_v6_ifindex
Russ White [Fri, 30 Mar 2018 13:25:52 +0000 (09:25 -0400)]
Merge pull request #1990 from donaldsharp/bgp_v6_ifindex

bgpd: Only supply ifindex for a v6 nexthop if LL

6 years agoMerge pull request #1991 from chiragshah6/ospfv3_dev
Russ White [Fri, 30 Mar 2018 13:23:42 +0000 (09:23 -0400)]
Merge pull request #1991 from chiragshah6/ospfv3_dev

ospf6d: fix loop in ABRs

6 years agoMerge pull request #1817 from pguibert6WIND/flowspec_client
Vincent JARDIN [Fri, 30 Mar 2018 13:13:36 +0000 (15:13 +0200)]
Merge pull request #1817 from pguibert6WIND/flowspec_client

Flowspec client

6 years agoMerge pull request #1992 from qlyoung/change-alpine-build-doc-title
Russ White [Fri, 30 Mar 2018 12:51:44 +0000 (08:51 -0400)]
Merge pull request #1992 from qlyoung/change-alpine-build-doc-title

doc: change title of Alpine build doc

6 years agoMerge pull request #1955 from qlyoung/stylechecker
Olivier Dugeon [Fri, 30 Mar 2018 12:21:22 +0000 (13:21 +0100)]
Merge pull request #1955 from qlyoung/stylechecker

tools: do not check for kernel macros

6 years agoMerge pull request #1961 from qlyoung/docuser
Lou Berger [Fri, 30 Mar 2018 12:10:50 +0000 (08:10 -0400)]
Merge pull request #1961 from qlyoung/docuser

doc: tweak html body width

6 years agoMerge pull request #1959 from donaldsharp/route_map_doc
Lou Berger [Fri, 30 Mar 2018 12:10:06 +0000 (08:10 -0400)]
Merge pull request #1959 from donaldsharp/route_map_doc

Route map doc

6 years agobgpd: Flowspec display handlers uses snprintf
Philippe Guibert [Wed, 28 Mar 2018 12:35:56 +0000 (14:35 +0200)]
bgpd: Flowspec display handlers uses snprintf

snprintf routine is used widely, when the handler routine in charge of
displaying the output is called.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: mp_unreach_nlri fs sent with no nexthop
Philippe Guibert [Wed, 14 Mar 2018 09:33:40 +0000 (10:33 +0100)]
bgpd: mp_unreach_nlri fs sent with no nexthop

FS UNREACH message with 0 NLRI inside is sent after each peer
establishment. FS can send NLRI messages with no nexthop.
The commit fixes a message that is triggered by mistake
if FS was about to be sent, then that message is not output.
Also it fixes a typo.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: enhance show bgp ipv4 flowspec <IP>
Philippe Guibert [Thu, 15 Mar 2018 12:32:04 +0000 (13:32 +0100)]
bgpd: enhance show bgp ipv4 flowspec <IP>

This command gives detail about a FS entry which contains an IP that
matches one of the rules of the FS entry. The output is the same output
as when one does show bgp ipv4 flowspec detail

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: support for json in show bgp ipv4 flowspec commands
Philippe Guibert [Wed, 7 Mar 2018 17:54:09 +0000 (18:54 +0100)]
bgpd: support for json in show bgp ipv4 flowspec commands

The json format is returd when requested from the two commands:
- show bgp ipv4 flowspec
- show bgp ipv4 flowspec detail

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agovtysh: add flowspec address family cmd support
Philippe Guibert [Wed, 7 Mar 2018 09:02:45 +0000 (10:02 +0100)]
vtysh: add flowspec address family cmd support

add flowspec v4 and flowspec v6 address family support for BGP.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agotests: add flowspec test with BGP MP_REACH/UNREACH
Philippe Guibert [Tue, 6 Mar 2018 13:25:48 +0000 (14:25 +0100)]
tests: add flowspec test with BGP MP_REACH/UNREACH

This commit checks that the reception of MP_REACH and MP_UNREACH
flowspec is handled correctly.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: introduce [no] debug bgp flowspec
Philippe Guibert [Tue, 20 Feb 2018 09:58:42 +0000 (10:58 +0100)]
bgpd: introduce [no] debug bgp flowspec

It is possible to enhance debug bgp flowspec feature by using vty
command. This command, if enabled, will dump the match/set couple of
information received on NLRI.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: support for show bgp ipv4 flowspec
Philippe Guibert [Mon, 19 Feb 2018 16:17:41 +0000 (17:17 +0100)]
bgpd: support for show bgp ipv4 flowspec

The show bgp ipv4 flowspec routine is made available, displays the
flowspec rules contained in the BGP FIB database, as well as the actions
to be done on those rules. Two routines are available:
show bgp ipv4 flowspec
show bgp ipv4 flowspec detail

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: ecommunity show bgp ipv4 flowspec
Philippe Guibert [Mon, 15 Jan 2018 18:17:02 +0000 (19:17 +0100)]
bgpd: ecommunity show bgp ipv4 flowspec

ecommunity library is modified to return the flowspec ecommunities in
display format.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: use bgp flowspec API to validate and receive NLRI
Philippe Guibert [Thu, 1 Mar 2018 15:07:38 +0000 (16:07 +0100)]
bgpd: use bgp flowspec API to validate and receive NLRI

The changes introduce validation of NLRI FS entries at incoming, before
being pushed in FIB. Note that the so called validation only checks for
validity of the incoming flowspec nlri format, and not the validation as
per RFC5575.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: add flowspec utilities to decode, convert fs nlri
Philippe Guibert [Wed, 14 Feb 2018 10:13:50 +0000 (11:13 +0100)]
bgpd: add flowspec utilities to decode, convert fs nlri

The FS nlri is depicted so as to be able to be in readable format,
either by human, or by some other ( remote daemon ?).
This work is a derived work from [0]. Initially done for validation
only, this work is extended.
The FS NLRI is able to decode addresses, numbers ( protocols, ports,
tcp values) combined ( or not) with operators. This makes possible
to have a NLRI entry for a set of ports, and/or for an other set of
value of port.
This implementation mainly brings the API visible. The API should be
consistent across the various usages.

[0] https://github.com/chinatelecom-sdn-group/quagga_flowspec/

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: jaydom <chinatelecom-sdn-group@github.com>
6 years agobgpd: disable aggregation for flowspec entries
Philippe Guibert [Thu, 1 Mar 2018 14:24:39 +0000 (15:24 +0100)]
bgpd: disable aggregation for flowspec entries

Flowspec entries do not need aggregation feature.
Actually, all flowspec entries are unique.
So, some check is done against aggregate functionalities in the code.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: add flowspec feature
jaydom [Mon, 23 Jan 2017 02:45:30 +0000 (10:45 +0800)]
bgpd: add flowspec feature

This work is derived from a work done by China-Telecom.
That initial work can be found in [0].
As the gap between frr and quagga is important, a reworks has been
done in the meantime.
The initial work consists of bringing the following:
- Bringing the client side of flowspec.
- the enhancement of address-family ipv4/ipv6 flowspec
- partial data path handling at reception has been prepared
- the support for ipv4 flowspec or ipv6 flowspec in BGP open messages,
  and the internals of BGP has been done.
- the memory contexts necessary for flowspec has been provisioned

In addition to this work, the following has been done:
- the complement of adaptation for FS safi in bgp code
- the code checkstyle has been reworked so as to match frr checkstyle
- the processing of IPv6 FS NLRI is prevented
- the processing of FS NLRI is stopped ( temporary)

[0] https://github.com/chinatelecom-sdn-group/quagga_flowspec/

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: jaydom <chinatelecom-sdn-group@github.com>
6 years agolib: prefix support for flowspec
Philippe Guibert [Wed, 10 Jan 2018 18:13:27 +0000 (19:13 +0100)]
lib: prefix support for flowspec

prefix structure is used to handle flowspec prefixes. A new AFI is
introduced: AF_FLOWSPEC. A sub structure named flowspec_prefix is
used in prefix to host the flowspec entry.
Reason to introduce that new kind is that prefixlen from prefix
structure is too short to all the flowspec needs, since NLRI can go over
0xff bytes.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agobgpd: Fix use of ROUTE_IMPORTED for EVPN
vivek [Fri, 30 Mar 2018 00:24:00 +0000 (00:24 +0000)]
bgpd: Fix use of ROUTE_IMPORTED for EVPN

Ensure that only EVPN routes are flagged as such when installing into or
withdrawing from zebra, the earlier check broke L3VPN or VRF route-leaked
routes. Also, fix an incorrect check related to imported routes in path
selection.

Updates: bgpd: Use BGP_ROUTE_IMPORTED for EVPN [vivek]
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
6 years agobgpd: Cleanup linkage between L2 VNIs and L3 VNI
vivek [Fri, 30 Mar 2018 00:13:58 +0000 (00:13 +0000)]
bgpd: Cleanup linkage between L2 VNIs and L3 VNI

When an L3 VNI is deleted, cleanup linkage to it from associated
L2 VNIs.

Updates: bgpd: keep a backpointer to vrf instance in struct bgpevpn
         [Mitesh Kanjariya]
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
6 years agotools: add fixup-deprecated.py script to replace deprecated quagga/frr mactors/types...
Lou Berger [Thu, 29 Mar 2018 21:01:33 +0000 (17:01 -0400)]
tools: add fixup-deprecated.py script to replace deprecated quagga/frr mactors/types/etc.

       Initial deprecated macros are:
   #define VNL
   #define VTYNL
   #define VTY_NEWLINE
   #define VTY_GET_INTEGER(desc, v, str)
   #define VTY_GET_INTEGER_RANGE(desc, v, str, min, max)
   #define VTY_GET_ULONG(desc, v, str)
   #define VTY_GET_ULL(desc, v, str)
   #define VTY_GET_IPV4_ADDRESS(desc, v, str)
   #define VTY_GET_IPV4_PREFIX(desc, v, str)
   #define vty_outln(vty, str, ...)

Signed-off-by: Lou Berger <lberger@labn.net>
6 years agodoc: change title of Alpine build doc
Quentin Young [Thu, 29 Mar 2018 18:29:08 +0000 (14:29 -0400)]
doc: change title of Alpine build doc

Match the rest of them.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
6 years agoospf6d: fix loop in ABRs
Chirag Shah [Tue, 27 Mar 2018 22:28:14 +0000 (15:28 -0700)]
ospf6d: fix loop in ABRs

When two routers from same area connected to backbone,
intra route advertised from area x should take precedence
within area x. The same route would be injected as summary
lsa to area 0/y. The same LSA via second abr injected back to
area x and since area 0 is lower than area x its route take
precedence.
Move the area check below path type and cost as both are crucial
to determine best route.

Ticket:CM-19627
Testing Done:
Initial route generated via area 1 as Intra-Prefix LSA (2009).
R1 and R2 both re advertised Inter Area Prefix LSA
(Summary LSA 2003) to area 1.
With the change area 1 Intra route precedence is preserved.
The address of H1 from Right is reachable via ping.

     area 1 |  area 0
            R1
          /   \
         /     \
        /       \
  H1 --Left     Right
        \       /
         \     /
          \   /
            R2
     area 1 |  area 0

Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
6 years agoMerge pull request #1985 from sfionov/fpm_pb_optional_scalar
Donald Sharp [Thu, 29 Mar 2018 17:07:55 +0000 (13:07 -0400)]
Merge pull request #1985 from sfionov/fpm_pb_optional_scalar

zebra: Set "has" flags on optional scalar fields of FPM protobuf messages

6 years agozebra: Set "has" flags on optional scalar fields of FPM protobuf messages
Sergey Fionov [Wed, 28 Mar 2018 22:51:31 +0000 (01:51 +0300)]
zebra: Set "has" flags on optional scalar fields of FPM protobuf messages

Otherwise, these fields are not serialized.

Signed-off-by: Sergey Fionov <fionov@gmail.com>
6 years agoMerge pull request #1824 from pguibert6WIND/table_manager
Donald Sharp [Thu, 29 Mar 2018 16:09:15 +0000 (12:09 -0400)]
Merge pull request #1824 from pguibert6WIND/table_manager

Table manager for zebra

6 years agobgpd: Only supply ifindex for a v6 nexthop if LL
Donald Sharp [Thu, 29 Mar 2018 15:43:49 +0000 (11:43 -0400)]
bgpd: Only supply ifindex for a v6 nexthop if LL

BGP is calculating a v6 routes nexthop as the nexthop address
+ an ifindex.  The ifindex calculated comes from where we received
the route from as that we have to do this for LL addresses.

But a v6 address that is not a LL we do not need to provide
to zebra for nexthop resolution because a global address
by default can be looked up and resolved appropriately.

Modify the code so that we must have an ifindex for a v6 nexthop
if the address is LL, else don't pass the ifindex down to zebra.

Fixes: #1986
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agozebra: Add table and nexthop vrf information to netlink debug
Donald Sharp [Thu, 29 Mar 2018 12:58:45 +0000 (08:58 -0400)]
zebra: Add table and nexthop vrf information to netlink debug

Add some additional debug information to the netlink debug
messages so we can see the table we are installing to as
well as the nexthop's vrf.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agozebra: Subtract header length in the right spot
Donald Sharp [Thu, 29 Mar 2018 12:52:39 +0000 (08:52 -0400)]
zebra: Subtract header length in the right spot

The header length needs to be subtracted from the handling
side of the zapi in zebra.  This is because we refigure the
header data structure.  The receive side doesn't care
about the total header length so no need to subtract there.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
6 years agobgpd: add API to allocate a range of table identifiers
Philippe Guibert [Mon, 5 Mar 2018 17:09:57 +0000 (18:09 +0100)]
bgpd: add API to allocate a range of table identifiers

In BGP, doing policy-routing  requires to use table identifiers.
Flowspec protocol will need to have that. 1 API from bgp zebra has been
done to get the table chunk.
Internally, onec flowspec is enabled, the BGP engine will try to
connect smoothly to the table manager. If zebra is not connected, it
will try to connect 10 seconds later. If zebra is connected, and it is
success, then a polling mechanism each 60 seconds is put in place. All
the internal mechanism has no impact on the BGP process.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agozebra: add the handling of table ids from remote daemons
Philippe Guibert [Mon, 5 Mar 2018 17:07:23 +0000 (18:07 +0100)]
zebra: add the handling of table ids from remote daemons

This commit is connecting the table manager with remote daemons by
handling the queries.
As the function is similar in many points with label allocator, a
function has been renamed.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agozebra: add table manager files
Philippe Guibert [Mon, 5 Mar 2018 17:03:38 +0000 (18:03 +0100)]
zebra: add table manager files

The range is given from table manager from zebra daemon.
There are 2 ranges available for table identifier:
- [1;252] and [256;0xffffffff]
If the wished size enters in the first range, then the start and end
range of table identifier is given within the first range.
Otherwise, the second range is given, and an appropriate range is given.

Note that for now, the case of the VRF table identifier used is not
taken into account. Meaning that there may be overlapping. There are two
cases to handle:
- case a vrf lite is allocated after the zebra and various other daemons
  started.
- case a vrf lite is initialised and the daemons then start

The second case is easy to handle. For the former case, I am not so
sure.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agolib: add framework for allocating routing table identifier IDs
Philippe Guibert [Mon, 5 Mar 2018 16:57:29 +0000 (17:57 +0100)]
lib: add framework for allocating routing table identifier IDs

The library changes add 3 new messages to exchange between daemons and
ZEBRA.
- ZEBRA_TABLE_MANAGER_CONNECT,
- ZEBRA_GET_TABLE_CHUNK,
- ZEBRA_RELEASE_TABLE_CHUNK,
the need is that routing tables identifier are shared by various
services. For the current case, policy routing enhancements are planned
to be used in FRR. Poliy routing relies on routing tables identifiers
from kernels. It will be mainly used by the future policy based routing
daemon, but not only. In the flowspec case, the BGP will need also to
inject policy routing information into specific routing tables.
For that, the proposal is made to let zebra give the appropriate range
that is needed for all daemons.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
6 years agolib: Remove backwards compatiblity at 1 year
Donald Sharp [Wed, 28 Mar 2018 20:18:16 +0000 (16:18 -0400)]
lib: Remove backwards compatiblity at 1 year

These macro's have existed for 1 year now and can be removed.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>