Donald Sharp [Fri, 24 May 2019 12:30:53 +0000 (08:30 -0400)]
bgpd, lib: Remove SO_MARK
The SO_MARK socket option was being used pre vrf to allow for the
separation of the front panel -vs- the management port. This
was facilitated by a ip rule. Since this is undocumented anywhere
in our system( other than old commits see ed40466af80c9d0b88436c637a1d54b28a669b1c ). We should remove this
because this will cause interference with people using rules
and are not aware of this offshoot of functionality.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 24 May 2019 11:53:32 +0000 (07:53 -0400)]
lib: Display to end user the MAX_FDS allowed
Upon startup FRR reads in the MAX_FDS variable from
it's control files via the getrlimit call. We then
setup code to limit the poll data structure size to
that value. The OS also limits our FD's to that value
because that is what is set. Provide a methodology
that a interested end user can figure this data out.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 24 May 2019 12:22:07 +0000 (08:22 -0400)]
lib: 'show thread cpu' help strings referenced a weird option
The 'show thread cpu' command referenced a 'b' option. Which
is not parsed at all in the parse_filter function. As such
I do not know what this was referencing as that it has been
removed. Update the help strings to reflect this reality.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Sat, 11 May 2019 07:50:11 +0000 (03:50 -0400)]
doc, zebra: Remove `keep_kernel_mode` from zebra
This code doees this:
a) Imagine ospf installs a route into zebra. Zebra crashes and
we restart FRR. If we are using the -k option on zebra than
all routes are re-read in, including this OSPF route.
b) Now imagine at the same time that zebra is starting backup
ospf on a different router looses a link to the this route.
c) Since zebra was run with -k this OSPF route is read back
in but never replaced and we now have a route pointing out
an interface to other routers that cannot handle it.
We should never allow users to implement bad options from zebra's
perspective that allow them to put themselves into a clear problem
state and additionally we have *absolutely* no mechanism to ever
fix that broken route without special human interaction.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 10 May 2019 00:06:13 +0000 (20:06 -0400)]
zebra: Add kernel level graceful restart
<Initial Code from Praveen Chaudhary>
Add the a `--graceful_restart X` flag to zebra start that
now creates a timer that pops in X seconds and will go
through and remove all routes that are older than startup.
If graceful_restart is not specified then we will just pop
a timer that cleans everything up immediately.
Signed-off-by: Praveen Chaudhary <pchaudhary@linkedin.com> Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
David Lamparter [Tue, 21 May 2019 02:48:30 +0000 (04:48 +0200)]
lib/table: remove nonsensical const, add pure
Passing the struct route_table *ptr as const doesn't really help; if
anything it semantically would imply that the returned route_node is
const too since constness should propagate (but it doesn't in C.)
The right thing to do here - which actually helps the compiler optimize
the code too - is to tag functions with __attribute__((pure)). The
compiler does this automatically if it has the function body (and the
body of all called functions) available. That should cover most "static
inline" functions in headers, as well as functions in the same file.
However, this doesn't work (at least without LTO) for extern functions.
Hence, add "ext_pure" for this case. (Built-in "extern" to make lines
shorter.)
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Tue, 21 May 2019 01:53:29 +0000 (03:53 +0200)]
lib: add DECLARE_HEAP datastructure
This is an 8-ary heap (cacheline optimized.) It works as a semi-sorted
kind of middle ground between unsorted and sorted datastructures; pop()
always returns the lowest item but ordering is only loosely enforced.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Mon, 20 May 2019 21:41:16 +0000 (23:41 +0200)]
bgpd: use DLIST for adv_fifo
I mistakenly assumed that something called "FIFO" would primarily be
used by removing items from the front. This isn't the case for the
adv_fifo... so use a DLIST there to make sure deletions from the middle
of the queue are fast.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Mon, 20 May 2019 19:04:14 +0000 (21:04 +0200)]
tests: test DECLARE_HASH with good and bad hashfn
The hash table test was previously (intentionally) using a bad hash
function to test the code in the face of hash collisions. Add a test
with a good hash function to see some performance numbers.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Sun, 12 May 2019 10:05:14 +0000 (12:05 +0200)]
lib: add dedicated pop() to DECLARE_SKIPLIST
The skiplist code was previously falling back to the del() code path for
a pop() on a skiplist. This is unneeded complexity, a pop() can be done
more efficiently.
Signed-off-by: David Lamparter <equinox@diac24.net>
Sarita Patra [Thu, 16 May 2019 16:55:34 +0000 (09:55 -0700)]
pimd: fix (s,g) expiry.
Fix: When RP receives a (*, G) join and corresponding (s,g)
is present, then check for OIL is not-empty, then only switch
upstream (s, g) state to JOINED.
vishaldhingra [Wed, 8 May 2019 03:31:39 +0000 (20:31 -0700)]
bgpd : no neighbor <> send-community large is not working dynamically
updgrp_hash_key_make() uses the PEER_UPDGRP_AF_FLAGS for the key.
PEER_UPDGRP_AF_FLAGS contains the neigbor flags.
If user do no neighbor <> send community large, then the hash key
does not change and BGP does not send update for large community change.
Added the PEER_FLAG_SEND_LARGE_COMMUNITY in PEER_UPDGRP_AF_FLAGS.
After this the hash key gets changed and update will be processed
with large community.
btarno [Wed, 15 May 2019 17:26:25 +0000 (12:26 -0500)]
doc: clarify mpls label export docs
The current wording can sometimes be misinterpreted to mean that this
command is optional, but for an MPLS-VPN to function a VPN label MUST be
assigned to routes exported from the VPN.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Fri, 17 May 2019 21:38:31 +0000 (21:38 +0000)]
vrrpd: fix coverity warnings
* Suppress false positive on out of bounds access
* Suppress false positive on unchecked str2sockunion
* Remove self assignment
* Initialze struct msghdr to zero
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Ameya Dharkar [Fri, 17 May 2019 19:47:57 +0000 (12:47 -0700)]
Zebra: Enhancements for rtm_table field in FPM netlink message
- Today, rtm_table field takes a vrf_id. It should take table_id
- rtm_table field is a uchar field which can only accomodate table_id less than
256. To support table id greater than 255, if the table_id is greater than 255,
set rtm_table to 0 and add RTA_TABLE attribute with 32 bit value as the
table_id.
Ameya Dharkar [Fri, 17 May 2019 01:38:03 +0000 (18:38 -0700)]
Zebra: Handle VxLAN encap in netlink rtmsg for FPM
- For data plane processing of VxLAN routes, add encap type and L3VNI info to
rtmsg message for FPM.
- Add "RTA_ENCAP_TYPE" attribute for VxLAN encap with value 100.
This value is not currently used for RTA_ENCAP_TYPE for any encap.
- If "RTA_ENCAP_TYPE" is 100, add "RTA_ENCAP" attribute with "RTA_VNI" as a
nested attribute of RTA_ENCAP
Format of RTA_VNI attribute:
Len(2 bytes) type (2 bytes) Value(4 bytes)(VNI)
00 08 : 00 00 : 1000
Donald Sharp [Fri, 17 May 2019 11:29:47 +0000 (07:29 -0400)]
bgpd: Routemap processing was testing for an impossible flag
The flag PEER_FLAG_RSERVER_CLIENT is never set on peer->flags
and as such testing the flag for not being set will never
cause the if statement to be not entered.
Conversely setting update to 0 and then testing if (update && ...
will always cause another if statement to be never called, remove
it as well.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Mon, 22 Apr 2019 18:04:56 +0000 (18:04 +0000)]
vrrpd: gracefully shutdown on SIGTERM / SIGINT
Handle kill signals by gracefully destroying all of our VRRP instances.
If any of them are in Master state, send an advert with 0 priority to
notify Backup routers we are going down.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Fri, 15 Mar 2019 19:54:37 +0000 (19:54 +0000)]
vrrpd: tweak startup criteria for v6 VRRP router
* Remove check for having at least 2 IPv6 addresses on the macvlan
device; this was only taking place in v6, and breaking the ability to
start VRRP on an IPv6 macvlan that was already set to protodown on
* Improve log messaging indicating that we cannot start because we
haven't got any VIPs configured
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Thu, 14 Mar 2019 19:51:32 +0000 (19:51 +0000)]
zebra: don't protodown a NULL interface
We were running into some problems where VRRP is trying to protodown
interfaces that no longer exist. While this is a minor bug in its own
right, this was crashing Zebra because Zebra was not doing a null check
after its ifindex lookup.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Wed, 13 Mar 2019 18:37:48 +0000 (18:37 +0000)]
vrrpd: fix v2 master_down_interval computation
VRRPv2 uses the configured advertisement interval to compute the master
down timer, whereas VRRPv3 uses the one advertised by the master. Fix
computation to use the configured in in v2.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Wed, 13 Mar 2019 17:18:36 +0000 (17:18 +0000)]
vrrpd: include auth fields in v2 packet
Based on looking at other vendors, seems I misinterpreted the RFC - type
0 auth (no authentication) still requires the authentication fields to
be present, just set to all zero.
This should fix VRRPv2 interop with other vendors.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Tue, 12 Mar 2019 17:31:39 +0000 (17:31 +0000)]
vrrpd: allow centisecond precision for vrrpv2
The RFC is not clear about how precise the skew time calculation should
be in VRRPv2. The advertisement interval is given in seconds, and the
field in the advertisement packet only supports non-fractional seconds,
so I was following this for calculating skew time as well. However the
skew time formula in vrrpv2 always yields a fractional amount of seconds
in the range (0-1), which right now means we always truncate to 0
seconds. I doubt this is what the RFC wanted so I'm allowing centisecond
precision for skew time.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Fri, 8 Mar 2019 18:52:56 +0000 (18:52 +0000)]
vrrpd: display primary address in json output
And also, fill in the non-json output with a :: for the v6 primary since
we're letting the operating system select which one it wants to use and
we don't actually know what our primary address is. Another thing to
revisit in the future...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Fri, 8 Mar 2019 18:35:04 +0000 (18:35 +0000)]
Revert "Revert "vrrpd: protodown mvlans when shutting down""
Now that the requirement of knowing our VRRP IPv6 primary address in
advance is lifted, it's no problem for us that the macvlans could be
down when we get them. We can handle this in both the v4 and v6 case
now, so we don't need to behave as if they should always be left up.
Quentin Young [Fri, 8 Mar 2019 18:30:03 +0000 (18:30 +0000)]
vrrpd: allow OS to choose VRRP IPv6 src address
Under IPv6, Linux will look at our destination address and select the
source address with the smallest scope that covers the destination. For
the VRRP multicast address ff02::12, Linux will always select a link
local address.
We can take advantage of this behavior to avoid a subtle and complicated
class of bugs caused by Zebra's semantics around inoperative interfaces.
As far as Zebra is concerned, an inoperative interface has no addresses
assigned to it. This is a real bummer for VRRP because it's quite
possible that the IPv6 VRRP macvlan device is down when we attach to it,
and we would really like to be able to know in advance which address we
will be transmitting IPv6 advertisements from without having to bring an
interface up to convince Zebra to tell us its address list.
In the future, though, it would be better to be explicit about selecting
the link local we want. This will require adding the ability to Zebra to
read and send us address information for inoperative interfaces.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Wed, 6 Mar 2019 18:34:34 +0000 (18:34 +0000)]
vrrpd: disallow setting priority = 255
Assuming we fix our automatic detection method in the future, we won't
be able to revert this back to disallowing 255 without breaking user
configs. Let's just disallow it now, there's no functional difference
still.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Tue, 5 Mar 2019 20:33:27 +0000 (20:33 +0000)]
vrrpd: fix broken reads when reinitializing
When a VRRP router was shut down - either due to an administrative
event, or its interface getting deleted, or some other reason - it was
forgetting to cancel its read task. When it was started again, the read
task was still around, and so it wasn't getting scheduled again with the
new socket fd's. This caused our socket to queue ingress packets but
never read them, resulting in the restarted router always electing
itself to Master (since it wasn't listening to any other advertisements,
even though the kernel was delivering them).
The t_write cancellation call doesn't matter here, but I'm putting it in
there because it doesn't hurt and this way I won't forget about it if it
becomes necessary in the future.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Mon, 4 Mar 2019 20:15:25 +0000 (20:15 +0000)]
vrrpd: delay sending advert/garp/una for ifup pt 2
Pt 2: When transitioning directly into Master (because we are the
address owner), wait until Zebra sets the macvlan device to protodown
off before transmitting advertisements, gratuitous ARPs, or Unsolicited
Neighbor Advertisements.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
projects / mirror_frr.git / log