Renato Westphal [Wed, 23 May 2018 23:12:29 +0000 (20:12 -0300)]
lib: add a new northbound plugin for Sysrepo
This plugin leverages the northbound API to integrate FRR with Sysrepo,
a YANG-based configuration and operational state data store.
The plugin is linked to the libsysrepo library and communicates with
the sysrepod daemon using GPB (Google Protocol Buffers) over AF_UNIX
sockets. The integration consists mostly of glue code that calls the
appropriate FRR northbound callbacks in response to events triggered
by the sysrepod daemon (e.g. request to change the configuration or to
fetch operational data).
To build the sysrepo plugin, provide the --enable-sysrepo option to the
configure script while building FRR (the libsysrepo library needs to be
installed in the system).
When installed, the sysrepo plugin will be available for all FRR daemons
and can be loaded using the -M (or --module) command line option.
Renato Westphal [Wed, 23 May 2018 23:11:59 +0000 (20:11 -0300)]
lib: add a new northbound plugin for ConfD
This plugin leverages the northbound API to integrate FRR with the ConfD
management agent.
The plugin is linked to the libconfd library and communicates with the
confd daemon using local TCP sockets. The integration consists mostly
of glue code that calls the appropriate FRR northbound callbacks in
response to events triggered by the confd daemon (e.g. request to change
the configuration or to fetch operational data).
By integrating FRR with the libconfd library, FRR can be managed using
all northbound interfaces provided by ConfD, including NETCONF, RESTCONF
and their Web API.
The ConfD CDB API is used to handle configuration changes and the ConfD
Data Provider API is used to provide operational data, process RPCs and
send notifications. Support for configuration management using the ConfD
Data Provider API is not available at this point.
The ConfD optional 'get_object()' and 'get_next_object()' callbacks were
implemented for optimal performance when fetching operational data.
This plugins requires ConfD 6.5 or later since it uses the new leaf-list
API introduced in ConfD 6.5.
To install the plugin, the --enable-confd option should be given to the
configure script, specifying the location where ConfD is installed.
David Lamparter [Wed, 24 Oct 2018 15:31:31 +0000 (17:31 +0200)]
build: add "redistclean" target
This puts a source tree back in the state it was in after unpacking a
dist tarball. Different from distclean in that it doesn't remove files
that are included in the tarball.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Mon, 15 Oct 2018 04:51:30 +0000 (06:51 +0200)]
build: work around automake wtf
For some reason, automake was "randomizing" the order of these few lines
in the generated output Makefile.in.
I have absolutely no clue what's going on, but it's the only thing
preventing me from building reproducible source tarballs (i.e.
bit-exactly identical), so... just slightly "rephrase" this.
Should behave exactly the same as before.
Signed-off-by: David Lamparter <equinox@diac24.net>
Donald Sharp [Wed, 24 Oct 2018 15:34:50 +0000 (11:34 -0400)]
zebra: Notice when a route fails to install on *bsd
When we fail to install a route into bsd, note the case
where we have no viable nexthops installed for it, so
that we can know in zebra if the route is good or not.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
David Lamparter [Tue, 23 Oct 2018 12:06:25 +0000 (14:06 +0200)]
build: carry --with-pkg-extra-version into tarballs
If we use "./configure --with-pkg-extra-version=... && make dist", we
probably want the dist tarball to remember the extra version it was
configured with.
Use --without-pkg-extra-version to kill the tag.
Signed-off-by: David Lamparter <equinox@diac24.net>
Donald Sharp [Mon, 27 Aug 2018 18:36:46 +0000 (14:36 -0400)]
zebra: Move rules_hash to zrouter
Move the rules_hash to the zrouter data structure and provide
the additional bit of work needed to lookup the rule based upon
the namespace id as well. Make the callers of functions not
care about what namespace id we are in.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 27 Aug 2018 14:43:37 +0000 (10:43 -0400)]
zebra: Start breakup of zns into zrouter and zns
The `struct zebra_ns` data structure is being used
for both router information as well as support for
the vrf backend( as appropriate ). This is a confusing
state. Start the movement of `struct zebra_ns` into
2 things `struct zebra_router` and `struct zebra_ns`.
In this new regime `struct zebra_router` is purely
for handling data about the router. It has no knowledge
of the underlying representation of the Data Plane.
`struct zebra_ns` becomes a linux specific bit of code
that allows us to handle the vrf backend and is allowed
to have knowledge about underlying data plane constructs.
When someone implements a *bsd backend the zebra_vrf data
structure will need to be abstracted to take advantage of this
instead of relying on zebra_ns.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Christian Franke [Wed, 24 Oct 2018 05:19:22 +0000 (07:19 +0200)]
isisd: delay lsp regeneration while events are still coming in
When there is a stream of events coming in, where IS-IS learns
about a lot of updates, IS-IS would regenerate its LSPs before
the updates have been processed completely.
This causes suboptimal convergence because the intermediate state
will be flooded. Only after the configured `lsp_gen_interval`, a
new update with the correct and final state will be generated.
Resolve this by holding off LSP generation while there are still
events coming in.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Christian Franke [Wed, 24 Oct 2018 04:27:17 +0000 (06:27 +0200)]
isisd: Combine lsp_l1/l2_refresh
lsp_l1_refresh and lsp_l2_refresh are identical apart from the
hardcoded IS-IS level they are referring to. So merge them and
pass the level as part of the argument.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Christian Franke [Wed, 24 Oct 2018 03:38:53 +0000 (05:38 +0200)]
isisd: Log LSP-update trigger source
For debugging the timing of LSP generation, it is useful to know
which event caused a regeneration to be scheduled. Therefore, add
this information to the debug log.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
bgpd:Fixing the signature of community_free function
community_free, lcommunity_free and ecommunity_free are similar type of functions. Most of the places, these three are called together. The signature of community_free is different from other two functions. Modified the community_free API signature to align with other two functions to avoid any confusion. There is no functionality impact with this and this is just to avoid any confusion.
Testing: manual testing and show commands Signed-off-by: Sri Mohana Singamsetty msingamsetty@vmware.com
bgpd: fill in prefix for flowspec entry when json format is requested
as prefix is opaque for flowspec, and json needs to have a non empty
full of meaning value in prefix, the proposal is to encode the
displayable form of flowspec entry.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Renato Westphal [Fri, 19 Oct 2018 18:55:47 +0000 (15:55 -0300)]
ospfd: fix issue with the "no segment-routing prefix A.B.C.D/M" command
Add a missing check to bail out earlier when SR is not configured. The
same command without the "no" prefix has the same check as it prevents
unexpected things (i.e. crashes) from happening.
Fixes the following segfaults:
ospfd aborted: vtysh -c "configure terminal" -c "router ospf" -c "no segment-routing prefix 1.1.1.1/32"
ospfd aborted: vtysh -c "configure terminal" -c "router ospf" -c "no segment-routing prefix 1.1.1.1/32 index 65535 no-php-flag"
Renato Westphal [Fri, 19 Oct 2018 18:55:22 +0000 (15:55 -0300)]
bgpd: use the vrf_bitmap_*() helper functions when necessary
zclient->redist[afi][type] is a hash table and not an integer since a
while ago when VRF support was introduced. As such, zclient->redist[][]
should never be manipulated directly, the vrf_bitmap_*() helper functions
should be used instead. This fixes a few crashes found by the CLI fuzzer.
Renato Westphal [Fri, 19 Oct 2018 18:55:12 +0000 (15:55 -0300)]
bgpd: fix bug while iterating over VPN table
The routing table data structure can create intermediate route nodes
during its normal operation, so we always need to check if the 'info'
pointer of a route node is NULL or not before dereferencing it.
Renato Westphal [Fri, 19 Oct 2018 18:55:08 +0000 (15:55 -0300)]
bgpd: remove wrong assert
The vnc_direct_del_rn_group_rd() function can be called with the 'afi'
parameter set to AFI_L2VPN on some specific cases. Remove the assert to
fix the crash.
Renato Westphal [Fri, 19 Oct 2018 18:55:03 +0000 (15:55 -0300)]
bgpd: fix NULL pointer dereference bug
Other parts of the rfapi code check if the 'rfg->rfapi_import_table'
pointer is NULL or not before using it. Do the same here to fix a crash
detected by the CLI fuzzer.
Renato Westphal [Fri, 19 Oct 2018 18:54:57 +0000 (15:54 -0300)]
bgpd: add a NULL check to prevent a crash in the rfapi code
The rfapiDeleteRemotePrefixesIt() function checks on several places if
'p' is NULL or not. Introduce an additional NULL check to prevent a
crash from happening.
Renato Westphal [Fri, 19 Oct 2018 18:54:47 +0000 (15:54 -0300)]
bgpd: fix crashes caused by missing input validation
The rfapi code wasn't checking if strtoul() succeeded or not when parsing
the list of labels. Fix the affected commands by not allowing the user
to enter a non-numeric input.
Renato Westphal [Fri, 19 Oct 2018 18:53:55 +0000 (15:53 -0300)]
bgpd: handle NULL pointers in lcommunity_cmp()
Like community_cmp() and ecommunity_cmp(), the lcommunity_cmp() function
also needs to handle NULL pointers for correct operation.
Without this fix, bgpd can crash when entering the following commands:
vtysh -c "configure terminal" -c "ip large-community-list standard WORD deny"
vtysh -c "configure terminal" -c "no ip large-community-list expanded WORD"
Renato Westphal [Fri, 19 Oct 2018 18:53:46 +0000 (15:53 -0300)]
bgpd: fix cleanup of dampening configuration
The bgp_damp_config_clean() function was deallocating some arrays without
resetting the variables that represent their sizes. This was leading to
some crashes because other parts of the code iterate over these arrays
by looking at their corresponding sizes, which could be invalid.
Fixes the following segfaults (which only happen under certain
circumstances):
vtysh -c "configure terminal" -c "router bgp 1" -c "bgp dampening"
vtysh -c "configure terminal" -c "router bgp 1" -c "no bgp dampening"
vtysh -c "configure terminal" -c "router bgp 1" -c "no bgp dampening 45"
vtysh -c "" -c "clear ip bgp dampening"
Renato Westphal [Fri, 19 Oct 2018 18:53:33 +0000 (15:53 -0300)]
bfdd: do not allow multihop peers without a local-address
The BFD code assumes that multihop peers have a local address
configured. When that doesn't happen, the BFD client daemons fail to
decode some BFD ZAPI messages and abort. To fix this, do not accept the
configuration of multhop peers unless a local-address is configured.
Donald Sharp [Sat, 20 Oct 2018 12:59:30 +0000 (08:59 -0400)]
ospfd: Do not allow thread drop
When the ospf->oi_write_q is not empty that means that ospf could
already have a thread scheduled for running. Just dropping
the pointer before resheduling does not stop the one currently
scheduled for running from running. The calling of thread_add_write
checks to see if we are already running and does the right thing here
so it is sufficient to just call thread_add_write.
This issue was tracked down from this stack trace:
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [EC 134217739] interface eth2.1032:172.16.4.110: ospf_check_md5 bad sequence 5333618 (expect 5333649)
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: message repeated 3 times: [ [EC 134217739] interface eth2.1032:172.16.4.110: ospf_check_md5 bad sequence 5333618 (expect 5333649)]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: Assertion `node’ failed in file ospfd/ospf_packet.c, line 666, function ospf_write
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: Backtrace for 8 stack frames:
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 0] /usr/lib/libfrr.so.0(zlog_backtrace+0x3a) [0x7fef3efe9f8a]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 1] /usr/lib/libfrr.so.0(_zlog_assert_failed+0x61) [0x7fef3efea501]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 2] /usr/lib/frr/ospfd(+0x2f15e) [0x562e0c91815e]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 3] /usr/lib/libfrr.so.0(thread_call+0x60) [0x7fef3f00d430]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 4] /usr/lib/libfrr.so.0(frr_run+0xd8) [0x7fef3efe7938]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 5] /usr/lib/frr/ospfd(main+0x153) [0x562e0c901753]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 6] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7fef3d83db45]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: [bt 7] /usr/lib/frr/ospfd(+0x190be) [0x562e0c9020be]
Oct 19 18:04:00 VYOS-R1 ospfd[1811]: Current thread function ospf_write, scheduled from file ospfd/ospf_packet.c, line 881
Oct 19 18:04:00 VYOS-R1 zebra[1771]: [EC 4043309116] Client ‘ospf’ encountered an error and is shutting down.
Oct 19 18:04:00 VYOS-R1 zebra[1771]: client 41 disconnected. 0 ospf routes removed from the rib
We had an assert(node) in ospf_write, which means that the list was empty. So I just
searched until I saw a code path that allowed multiple writes to the ospf_write function.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Wed, 17 Oct 2018 19:27:12 +0000 (15:27 -0400)]
*: Replace hash_cmp function return value to a bool
The ->hash_cmp and linked list ->cmp functions were sometimes
being used interchangeably and this really is not a good
thing. So let's modify the hash_cmp function pointer to return
a boolean and convert everything to use the new syntax.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
David Lamparter [Sat, 6 Oct 2018 21:28:19 +0000 (23:28 +0200)]
build: rewrite readline/curses check
We don't need termcap/tinfo/curses, those are just for libreadline. On
most modern systems, libreadline will pull in the appropriate libs it
needs on its own, so unconditionally adding them adds an extra unneeded
dependency for us.
Still need to try with curses/... for some systems, but only after bare
readline fails.
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Mon, 15 Oct 2018 05:02:47 +0000 (07:02 +0200)]
debianpkg: clean up dependencies
- accept either python2 or python3 packages for everything
- drop texlive-latex-base, texlive-generic-recommended (only needed for
PDF docs)
- python-ipaddr is not a build time requirement, only runtime
Signed-off-by: David Lamparter <equinox@diac24.net>
David Lamparter [Mon, 15 Oct 2018 05:00:42 +0000 (07:00 +0200)]
debianpkg: strip ancient/unused cruft
The SNMP MIB directory is unneeded, --enable-poll has been long gone,
the "build" target is straight up wrong (causing FRR to be built in the
install step) and we haven't needed /proc for configure in ages either.
Signed-off-by: David Lamparter <equinox@diac24.net>
Donald Sharp [Thu, 18 Oct 2018 13:13:18 +0000 (09:13 -0400)]
zebra: Add some missing breadcrumbs
During a debugging session last night I discovered that I was
still having some `fun` figuring out why zebra was not making
a route's nexthop active. After some debugging I figured out
that I was missing some states that we could end up in that
didn't have debug information about what happened in nexthop_active.
Add the missing breadcrumbs for nexthop resolution. In addition
add a bit of code to notice the ebgp state without recursion turned
on and to let the user know about it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
David Lamparter [Thu, 24 Aug 2017 14:09:48 +0000 (16:09 +0200)]
lib: add libunwind support for backtraces
libunwind provides an alternate to backtrace() for printing out the call
stack of a particular location. It doesn't use the frame pointer, it
goes by the DWARF debug info. In most cases the traces have exactly the
same information, but there are some situations where libunwind traces
are better.
(On some platforms, the libc backtrace() also uses the DWARF debug info
[e.g.: ARM backtraces are impossible without it] but this is not the
case everywhere, especially not on BSD libexecinfo.)
Signed-off-by: David Lamparter <equinox@diac24.net>
Philippe Guibert [Thu, 11 Oct 2018 17:04:05 +0000 (19:04 +0200)]
zebra: remove kernel routes that are suppressed
on some cases, kernel routes are not selected, because the kernel
suppressed it without informing the netlink layer that the route has
been suppressed ( for instance, when an interface goes down, the route
never goes back when interface goes up again). This commit intends to
suppress that entry from zebra.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Donald Sharp [Wed, 17 Oct 2018 15:27:30 +0000 (11:27 -0400)]
bgpd: Fix crash when using v4 route w/ v6 nexthop
Recent changes to the nht code in bgp caused us to actually
keep a true count of v6 nexthop paths when using v4 over v6.
This change introduced a race condition on shutdown on who
got to the bnc cache first( the v4 table or not ). Effectively
we were allowing the continued existence of the path->nexthop
pointing to the freed bnc. This was especially true when
we had route leaking. So when we free the bnc make sure
we clean up the path->nexthop variables pointing at it too.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
projects / mirror_frr.git / log