lynne [Wed, 12 Aug 2020 23:15:24 +0000 (19:15 -0400)]
ldpd: Fix issue when starting up LDP with no configuration.
LDP would mark all routes as learned on a non-ldp interface. Then
when LDP was configured the labels were not updated correctly. This
commit fixes issues 6841 and 6842.
Kuldeep Kashyap [Mon, 17 Aug 2020 04:41:51 +0000 (04:41 +0000)]
tests: Add bgp_vrf_dynamic_route_leak test suite
1. Added test to verify bgp vrf dynamic route leak functionality
2. Total execution time is ~8 mins
3. Added kernel version check, these script would be run for kernel version >= 4.19
Pat Ruddy [Mon, 20 Jul 2020 12:54:04 +0000 (13:54 +0100)]
bgpd: do not clear password if peer is dynamic
When deleting a dynamic peer, unsetting md5 password would cause
it to be unset on the listener allowing unauthenticated connections
from any peer in the range.
Check for dynamic peers in peer delete and avoid this.
Pat Ruddy [Tue, 21 Jul 2020 14:03:41 +0000 (15:03 +0100)]
bgpd: associate listener with the appropriate bgp instance
When setting authentication on a BGP peer in a VRF the listener is
looked up from a global list. However there is no check that the
listener is the one associated with the VRF being configured. This
can result in the wrong listener beiong configured with a password,
leaving the intended listener in an open authentication state.
To simplify this lookup stash a pointer to the bgp instance in
the listener on creating (in the same way as is done for NS-based
VRFS).
1. Topotest for isis-vrf is added for ipv4 and ipv6.
2. Test case for checking isis topology.
3. Test case for checking zebra isis routes.
4. Test case for checking linux vrf routes.
5. 2 new API's written in topotest/lib for checking vrf routes.
harios_niral [Tue, 18 Aug 2020 07:26:51 +0000 (00:26 -0700)]
doc, yang, isisd : Support for different VRF in isisd
1. Added isis with different vrf and it's dependecies.
2. Added new vrf leaf in yang.
3. A minor change for IF_DOWN_FROM_Z passing argrument is
replaced with ifp pointer in api "isis_if_delete_hook()".
4. Minor fix in the isisd spf unit test.
Pat Ruddy [Fri, 26 Jun 2020 16:37:30 +0000 (17:37 +0100)]
bgpd: do not unregister for prefix nexthop updates if nh exists
since the addition of srte_color to the comparison for bgp nexthops
it is possible to have several nexthops per prefix but since zebra
only sores a per prefix registration we should not unregister for
nh notifications for a prefix unti all the nexthops for that prefix
have been deleted. Otherwise we can get into a deadlock situation
where BGP thinks we have registered but we have unregistered from zebra.
Sebastien Merle [Tue, 28 Jan 2020 11:59:57 +0000 (11:59 +0000)]
bgpd: Add support for SR-TE Policies in route-maps
Example configuration:
route-map SET_SR_POLICY permit 10
set sr-te color 1
!
router bgp 1
bgp router-id 1.1.1.1
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source lo
address-family ipv4 unicast
neighbor 2.2.2.2 next-hop-self
neighbor 2.2.2.2 route-map SET_SR_POLICY in
exit-address-family
!
!
Learned BGP routes from 2.2.2.2 are mapped to the SR-TE Policy
which is uniquely determined by the BGP nexthop (2.2.2.2 in this
case) and the SR-TE color in the route-map.
bgpd: convert NHT code to use rb-trees instead of routing tables
Fist, routing tables aren't the most appropriate data structure
to store nexthops and imported routes since we don't need to do
longest prefix matches with that information.
Second, by converting the NHT code to use rb-trees, we can index
the nexthops using additional information, not only the destination
address. This will be useful later to index bgpd's nexthops by
both destination and SR-TE color.
1. MAC ref of a zero ESI was accidentally creating a new ES with zero
ES id.
2. When an ES was deleted and re-added the ES was not being sent to BGP
because of a stale flag that suppressed the update as a dup.
Donald Sharp [Thu, 27 Aug 2020 19:42:16 +0000 (15:42 -0400)]
zebra: When we get a rib deletion event be smarter
When we get a rib deletion event and we already have
that particular route node in the queue to be reprocessed,
just note that someone from kernel land has done us dirty
and allow it to be cleaned up by normal processing
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Thu, 27 Aug 2020 19:00:55 +0000 (15:00 -0400)]
zebra: When shutting down an interface immediately notify about rnh
Imagine a situation where a interface is bouncing up/down.
The interface comes up and daemons like pbr will get a nht
tracking callback for a connected interface up and will install
the routes down to zebra. At this same time the interface can
go down. But since zebra is busy handling route changes ( from pbr )
it has not read the netlink message and can get into a situation
where the route resolves properly and then we attempt to install
it into the kernel( which is rejected ). If the interface
bounces back up fast at this point, the down then up netlink
message will be read and create two route entries off the connected
route node. Zebra will then enqueue both route entries for future processing.
After this processing happens the down/up is collapsed into an up
and nexthop tracking sees no changes and does not inform any upper
level protocol( in this case pbr ) that nexthop tracking has changed.
So pbr still believes the nexthops are good but the routes are not
installed since pbr has taken no action.
Fix this by immediately running rnh when we signal a connected
route entry is scheduled for removal. This should cause
upper level protocols to get a rnh notification for the small
amount of time that the connected route was bouncing around like
a madman.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 24 Aug 2020 19:25:34 +0000 (15:25 -0400)]
pbrd: Convert pnhc->nexthop to it's own data
The pnhc->nexthop was a pointer copy. Causing issues
with the ability to move pointers around for the
different pnhc since the pnhc mirrored the nexthop
caches. When we received a vrf change if we shared
pointers it was impossible to know if we had
already updated the code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Mon, 24 Aug 2020 19:14:44 +0000 (15:14 -0400)]
pbrd: When multiple items share the pnhc do the right thing
We had multiple pnhc cache entries with the same nexthop
pointer. This causes some large amount of confusion.
Fixup the code to handle this situation better.
Ticket: CM-31044 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Thu, 20 Aug 2020 18:42:56 +0000 (14:42 -0400)]
lib: Note old ifindex on shutdown
If we have an interface configured in a daemon on shutdown
store the old ifindex value for retrieval on when it is
possibly recreated.
This is especially important for nexthop groups as that we
had at one point in time the ability to restore the
configuration but it was lost when we started deleting
all deleted interfaces. We need the nexthop group subsystem
to also mark that it has configured an interface.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Thu, 20 Aug 2020 16:55:45 +0000 (12:55 -0400)]
pbrd: Allow interfaces to be deleted then added back in
PBR needs the ability to allow ephermeal interfaces( bonds,
vrfs, dummy, bridges, etc ) to be destroyed and then
recreated and at the same time keep track of them and
rebuild state as appropriate when we get a change.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Thu, 20 Aug 2020 15:56:05 +0000 (11:56 -0400)]
lib: Allow nexthop simple display to take an alternate ifp name
The nexthop_group_write_nexthop_simple function outputs the
interface name, because we've stored the ifindex. The problem
is that there are ephermeal interfaces in linux that can be
destroyed/recreated. Allow us to keep that data and do something
a bit smarter to allow show run's and other show commands to continue
to work when the interface is deleted.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Thu, 20 Aug 2020 14:34:38 +0000 (10:34 -0400)]
pbrd: Properly hook back up when vrf is destroyed than recreated
Currently when a vrf is deleted than added back in PBR was
not going through and touching up all the data structures
that needed to be massaged to allow it to start working again.
This includes:
a) Search through the nexthop groups to find any nexthop
that references the old nexthop id and set it right again.
b) Search through the nexthop cache for nht and reset
those nexthops to the right vrf as well as re-register
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com> Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Jakub Urbańczyk [Thu, 27 Aug 2020 19:41:37 +0000 (21:41 +0200)]
zebra: fix netlink batching
It was wrongly assumed that the kernel is replying in batches when multiple
requests fail. The kernel sends one error message at a time, so we can
simply keep reading data from the socket as long as possible.
GalaxyGorilla [Tue, 25 Aug 2020 14:13:08 +0000 (14:13 +0000)]
ospfd: use a new vertex list for every SPF run
In the context of TI-LFA it is necessary to have multiple
representations of SPFs for so called P and Q spaces. Hence it makes
sense to start with fresh vertex lists, and only delete them when
the SPF calculation is not a 'dry run'.
Donald Sharp [Thu, 27 Aug 2020 01:38:47 +0000 (21:38 -0400)]
zebra: When we fail, actually note the failure
During testing it was noticed that routes were considered
installed by zebra, but the kernel did not have the route.
Upon close debugging of the rib it was noticed that FRR
was turning a dplane_ctx_route_init into a success and
FRR was now in a bad state.
We were receiving a notification from the kernel that the route was deleted and deciding
that we needed to reinstall it. At that point in time when it got into the dplane
handlers to convert it to the dplane pthread, the dplane decided to drop the request
convert it too a success and not do anything.
This code change removes the conversion from this failure to success and
notifies the upper level about it. After this change the default route
to table 10012 is now properly marked as rejected:
root@mlx-2700-07:mgmt:/var/log/frr# vtysh -c "show ip route table 10012"
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric,
> - selected route, * - FIB route, q - queued route, r - rejected route
Renato Westphal [Mon, 24 Aug 2020 18:27:15 +0000 (15:27 -0300)]
isisd: add abiliy to compute the reverse shortest path tree
RFC 7490 says:
"The reverse SPF computes the cost from each remote node to root. This
is achieved by running the normal SPF algorithm but using the link
cost in the direction from the next hop back towards root in place of
the link cost in the direction away from root towards the next hop".
Support for reverse SPF will be necessary later as it's one of the
algorithms used to compute R-LFA/TI-LFA repair paths.
Renato Westphal [Mon, 24 Aug 2020 17:46:36 +0000 (14:46 -0300)]
tests, isisd: add IS-IS SPF unit tests
Now that the IS-IS SPF code is more modular, write some unit tests
for it.
This commit includes a new test program called "test_isis_spf" which
can load any test topology (there are 13 different ones available)
and run SPF on any desired node. In the future this same test program
and topologies will also be used to test reverse SPF and TI-LFA.
The "test_common.c" file contains helper functions used to parse the
topology descriptions from "test_topologies.c" into LSP databases
that can be used as an input to the SPF code.
This commit also introduces the F_ISIS_UNIT_TEST flag which is used
to prevent the IS-IS code from scheduling any event when running
under the context of an unit test.
Renato Westphal [Sun, 23 Aug 2020 03:22:32 +0000 (00:22 -0300)]
isisd: make the SPF code more modular
The goal of modularizing the SPF code is to make it possible for
isisd to run SPF in the behalf of other nodes in the network, which
is going to be necessary later when implementing the R-LFA/TI-LFA
solutions. On top of that, a modularized SPF opens the door for
much needed unit testing.
Summary of the changes:
* Change the isis_spf_preload_tent() function to use the local LSP
as an input (as per the ISO specification) instead of populating
the TENT based on the list of local interfaces;
* Introduce the "isis_spf_adj" structure to represent an SPF
adjacency. SPF adjacencies are inferred from the LSPDB, different
from normal adjacencies formed using IIH messages;
* Introduce the F_SPFTREE_NO_ROUTES flag to control whether the
SPT should create routes or not;
* Introduce the F_SPFTREE_NO_ADJACENCIES flag to specify whether
IS-IS adjacency information is available or not. When running SPF
in the behalf of other nodes, or under the context of an unit test,
no adjacency information will be present.
* On isis_area_create(), move some code around so that the area's isis
backpointer is set as early as possible.
Renato Westphal [Sun, 23 Aug 2020 02:24:06 +0000 (23:24 -0300)]
isisd: introduce command to display IS-IS routes
Introduce the "show isis route" command to display the routes
associated to an SPF tree. Different from the "show ip route" command,
"show isis route" displays the L1 and L2 routes separately (and not
the best routes only).
Renato Westphal [Fri, 21 Aug 2020 00:44:27 +0000 (21:44 -0300)]
isisd: minor cleanup
* Bring back some consts that were removed;
* Replace ALL_LIST_ELEMENTS by ALL_LIST_ELEMENTS_RO whenever
possible;
* Fix some CLI return values;
* Remove some unnecessary initializations.
Renato Westphal [Fri, 21 Aug 2020 00:27:56 +0000 (21:27 -0300)]
isisd: introduce two LSP iteration functions
Iterating over all IP or IS reachability information from a given
LSP isn't a trivial task. That information is scattered throughout
different TLV types, and which ones need to be used depend on
multiple variables (e.g. the SPF tree address family, MT-ID,
etc). This not to mention that an LSP might consist of multiple
fragments.
Introduce the following two LSP iteration function to facilitate
obtaining IP/IS reachability information from a given LSP:
* isis_lsp_iterate_ip_reach()
* isis_lsp_iterate_is_reach()
These functions will be used extensively by the upcoming TI-LFA
code.
Nathan Bahr [Mon, 24 Aug 2020 18:52:51 +0000 (13:52 -0500)]
pimd: fix IGMP querier election
Match by exact address rather than by prefix match to
determine if we generated the IGMPP query. Othwerwise
we will be ignoring IGMP queries coming from other
hosts on the same subnet.
Nathan Bahr [Wed, 19 Aug 2020 19:42:07 +0000 (14:42 -0500)]
pimd: fix IGMP source address on transmit
IGMP queries should contain the source address of the IGMP socket
they are being sent from.
Added binding the IGMP sockets to their specific source, otherwise
interfaces with multiple addresses will send multiple queries using
the same source, which is determined by the kernel.
Nathan Bahr [Wed, 19 Aug 2020 19:26:41 +0000 (14:26 -0500)]
pimd: fix IGMP receive handling
IGMP packets received from a source that does not match the subnet
of any configured addresses on the receive interface should be
ignored.
Also, find and use the correct IGMP socket object for the received
IGMP packet.
projects / mirror_frr.git / log