Donatas Abraitis [Thu, 22 Dec 2022 15:55:40 +0000 (17:55 +0200)]
tools: Ignore agentx command for frr-reload.py
agentx can't be disabled once enabled, so we should ignore it for frr-reload.py.
```
$ /usr/lib/frr/frr-reload.py --reload /etc/frr/bgpd.conf --bindir /usr/local/bin
"no agentx" we failed to remove this command
SNMP AgentX support cannot be disabled once enabled
```
Donald Sharp [Thu, 22 Dec 2022 00:26:58 +0000 (19:26 -0500)]
bgpd: bgp_connected_add memory was being leaked in some cases
On shutdown, bgp calls an unlock for the bnc connected table,
via the bgp_connected_cleanup function. This function is
only ever called on shutdown, so we know that bgp is going
away. The refcount for the connected data can be more than
1. Let's not worry about the refcount on shutdown and
just delete the nodes instead of leaving them around.
Donald Sharp [Wed, 21 Dec 2022 17:11:56 +0000 (12:11 -0500)]
bgpd: static routes are leaked on shutdown
Shutdown of bgp results in both the bgp_path_info,
bgp_dest and bgp_table's not being freed because
the bgp_path_info remains locked.
Effectively static routes are scheduled for deletion but bgp_process
skips the work because the work queue sees that the bgp router
is marked for deletion. Effectively not doing any work and leaving
data on the floor.
Modify the code when attempting to put into the work queue to
notice and not do so but just unlock the path info.
This is effectively the same as what goes on for normal peering
as that it checks for shutdown and just calls bgp_path_info_free
too.
Donald Sharp [Wed, 21 Dec 2022 13:04:34 +0000 (08:04 -0500)]
vtysh: Remove double retrieve of env VTYSH_HISTFILE
The code is double checking the VTYSH_HISTFILE env variable,
additionally clang-15 when running SA over it doesn't fully
understand the code pattern. Reduce the double check to
one check to reduce program run-time (ha!) and make SA happy.
debian, redhat: updating changelog for new release
8.4 Release Overview
- New BGP [command](https://docs.frrouting.org/en/latest/bgp.html#clicmd-neighbor-A.B.C.D-X-X-X-X-WORD-soo-EXTCOMMUNITY) (`neighbor PEER soo`) to configure SoO to prevent routing loops and suboptimal routing on dual-homed sites.
- Command `debug bgp allow-martian` replaced to `bgp allow-martian-nexthop` because previously we allowed using martian next-hops when debug is turned on.
- Implement `BGP Prefix Origin Validation State Extended Community` [rfc8097](https://datatracker.ietf.org/doc/rfc8097/)
- Implement `Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages` [rfc9234](https://datatracker.ietf.org/doc/rfc9234/)
- BMP L3VPN support
- PIMv6 support
- MLD support
- New [command](https://docs.frrouting.org/en/latest/basic.html#clicmd-allow-reserved-ranges) to enable using reserved IPv4 ranges as normal addresses for BGP next-hops, interface addresses, etc.
- As usual, lots of bugs and memory leaks were fixed \m/
Changelog
---------
**babeld**
- Ignore Sub-TLV's with mandatory bit set
- Ignore unicast Hello's
**bfdd**
- Add IPv4 BFD Echo support
- Add RTT to BFD IPv4 Echo packet processing
- Allow L3 VRF BFD sessions without UDP leaking
**bgpd**
- Add `mpls bgp forwarding` to ease MPLS-VPN EBGP peering
- Add `bgp allow-martian-nexthop` command (remove `debug bgp allow-martian`)
- Add `neighbor soo` command
- Add `no rpki` command
- Add `show bgp access-list` command to filter routes by access-list
- Implement [rfc8097](https://datatracker.ietf.org/doc/rfc8097/)
- Implement [rfc9234](https://datatracker.ietf.org/doc/rfc9234/)
- Add resolution for L3VPN traffic over GRE interfaces
- Allow setting custom port for BGP unnumbered peers
- Allow statistics gathering to give more data about prefix lengths
- Apply conditional advertisements policy to update-group
- Associate appropriate family for redistributed connected addresses
- Avoid notify race between io and main pthreads
- Call a hook when as-path filter is replaced
- Cleanup memory leaks associated with t_deferral_timer
- Do not check if the whole as-path has target asn when using as-override
- Do not print new line for EVPN CLI outputs if it's a JSON
- Do not show polling_period default value in CLI for RPKI
- Don't advertise conditionally withdrawn routes
- Drop SSH public key for RPKI CLI option
- Fix `show bgp nexthop a.b.c.d`
- Fix for `aggregate-address summary-only matching-med-only`
- Fix inconsistencies with default-originate route-map
- Fix memory leak for `as-override`
- Fix memory leak for `set as-path replace` route-map command
- Fix memory leak for community alias
- Fix memory leak for community stuff
- Fix memory leak in SRv6 locator
- Fix memory leak when an SRv6 sid is removed
- Fix memory leak when setting [l]community at the egress
- Fix route-map update and delete route-map
- Fix `show bgp l2vpn evpn route rd` crash
- Fix the wrong next-hop BGP struct for next-hop validation
- Fixed BMP VPNv4 monitoring are withdrawn instead of updates
- Fixup PBR rule changes that were missed
- Fixup some MAC address token CLI syntax
- Free ecommunity before returning on warning/error
- Free memory for as-path filter if regexp is wrong
- Free memory for BMP listeners when deleting BGP instance
- Generate RPKI CLI config even if no cache servers are configured
- Handle origin validation state extended community via route-map match
- Handle route-refresh requests received before EOR
- Implement retain route-target all behavior
- Improve labelpool performance at scale
- Inconsistencies in snt counters with default-originate
- Prevent memory leak of the listener on shutdown
- Print peer's hostname for BGP (filtering) messages
- Print source VRF name when leaking to another VRF
- Release RCU lock in BGP keepalive pthread
- Reset BGP sessions when changing the port
- Send route updates when modifying access/aspath/prefix lists
- Set TTL for iBGP/eBGP by checking only if generic TTL security applied
- Show cache server preference in `show rpki cache-server` output
- Show extended communities memory consumption
- Show TTL value unconditionally for neighbors
- Start conditional advertisement timer instantly
- Stop conditional advertisements thread when terminating
- Stop LLGR thread when deleting a peer and/or gr flags changed
- Treat as withdraw if we receive as path with as_set / as_confed_set
- When specifying listen address for BGP we shouldn't imply no-fib flag
- Withdraw implicitly old paths from VRFs when import/export list changes
- Ensure that bgp open message stream has enough data to read
- Notify BGP conditional advertisement thread when the peer goes down
**bmp**
- Add an interface source to BMP connect command
- Add L3VPN support
**eigrpd**
- VRF variable name hides a parameter of the same name
**fabricd**
- Turn off excessive logging when peering will not come up
**isisd**
- Ensure rcap is freed in error case
- Fix crash with xfrm interface type
- Fix memory leak on shutdown with prefix lists
- Fix prefix-sid last-hop-behavior
**ldpd**
- Check if the thread is scheduled before calling for remained time
**lib**
- Abstract usage of '%pnhs' so that next-hop groups can use it too
- Add errno details to the sockopt_reuseaddr API
- Add sys_rawio to the capabilities definitions
- Allow downgrade of all caps when none are specified
- Allow using ipv4 (class e) reserved block if enabled
- Check hostname in resolver_resolve
- Cleanup red-herring memleaks in the parent of daemonizing fork
- Ensure ls_msg2edge does not use memory after freeing
- Fix `show route-map name json` command and memory leak
- Fix memory leak in `zclient_send_localsid()`
- Fix skip of every other plist deletion
- Fixup workqueue.c to use the proper thread.h semantics
- Function `crypt` does not need to be declared mid function
- Increase next-hop flags size to 16 bits
- Prevent uninitialized usage of data
- Remove usage of inet_ntop in lib/sockopt.c
- Require at least 2.1.42 version of sysrepo when compiling
- Return 0 as the remaining msec if the thread is not scheduled
- stream_dup memory alloc cannot fail
- Update sysrepo code with the latest API changes
- Use pi4 instead of inet_ntop in sockopt.c
**nhrpd**
- Use frr_weak_random()
- Use nhrp_interface_update_nbma when source VRF was changed
**ospf6d**
- Don't remove the summary route if it is a range
- Ensure that ospf6d does not memcpy beyond the end of the data
- Fix missing cost change
- Permit route delete without next-hops
- Remove ospf6enabled from JSON output
**ospfd**
- Add how many packets the interface has queued to send
- Add router-id support to OSPF API
- Added CLIs to change default timers for lsa refresh and maxage remove delay.
- Adding per neighbor JSON details to gr helper detail command
- Crash when router acts as gr helper upon a topo change
- Fix `show ip ospf neighbour <nbrid>` command
- Increase packets sent at one time in ospf_write
- Refactor fifo_flush for the interface
- Remove deprecated command `graceful-restart helper-only`
- When a neighbor goes down clear the oi->obuf if we can
- Catch and report too small LSAs
- Remove assert on zero length LSA - which is permitted by spec
- Fix bug where acks were not be generated to incoming P2P/P2MP neighbors
**pathd**
- `no mpls-te on` command was not working
- Add a zebra stop handler
- Change the vty output, when no ted is enabled on pathd
- Ensure the path is free'd after we no longer need it
- Nai adjacency fix query type f for IPv5
pim6d
- (*,g) mroutes not learnt after pim6d daemon restart
- Lots of CLI changes regarding MLD
- Lots of CLI changes regarding PIMv6
- Clear interface stats on interface shutdown
- Disable pim6d compilation by default
- Don't enable MLD on pimreg interface
- Fix the code for MLD in the show pim state command
- mroute stuck in register state, multicast traffic getting drops
- Register message getting dropped in the source node, mroute stuck in regj
- Send register msg with IPv6 global address
- Update last_member_query_interval and last_member_query_count
- Use ttable for displaying show commands
- Deleting the memory malloced for JSON
- Adding JSON support for show ipv6 next-hop
- Send register msg via register socket
- Change the show running commands based on the address family
- Set rp to true if the address matches, ignore prefix-length
**pimd**
- Allow v6 to do non-integrated configuration
- Assign a vty port value for v6
- Cleanup rpf lookup debug to help us figure out what is going on
- Correct the order of show JSON for interface traffic
- During prune pending, behave as noinfo state
- Fix invalid memory access join_timer_stop
- Fix memleak in bfd profile
- Fix PIM interface deletion flow
- Fix static mroute to also take into account the input interface
- Fix the setting of oif_flags in channel oil
- Fix unaligned accesses
- Handle receive of (*,g) register stop with src addr as 0
- Igmp querier election is not correct in lan scenario
- JSON support for next-hop
- Let the end operator know the ifindex as well in the failure case
- Limit PIM's ECMP to what zebra tells us is the multipath
- Querier to non-querier transition to be ignored
- Register stop message sent with mask 32
- Show interface traffic even if the interface is currently `down`
- Update mroute iif based on next-hop received from zebra
- VRF may be null from pim_cmd_lookup_vrf
**ripd**
- Use a sequence number instead of a time
**sharpd**
- Fix memory leak in release-locator-chunk
- Fix memory leak in release-locator-chunk
- Fix memory leaks related to SRv6 next-hops
**staticd**
- When changing the underlying nh ensure it is reinstalled
**tools**
- Add missing bfdd to logrotate config
- Add pim6d to tools so that pim6d will work properly
- Fix boot config load in watchfrr
- Stop zebra daemon last
**vtysh**
- Account validity should be verified when authenticating users with pam
- Add autocomplete for VRFs when using with `router bgp`
- Handle SIGTSTP (c-z) without exiting the vty shell
- Ignore `end` when parsing frr.conf
- Properly handle `[no] service cputime-stats` in config
- Properly handle `service cputime-warning xx` in the config
- Add `allow-reserved-ranges` global command
**watchfrr**
- Check that the operational timeout specified is good
**zebrad**
- Fixing log flooding when disabling MLAG leaf configuration
- Add a `mpls enable` interface node command
- Add a configurable knob `zebra nexthop-group keep (1-3600)`
- Add a timer to next-hop group deletion
- Add ability for netconf dplane to handle global values
- Add interface sysctl ignore on linkdown status
- Add more cases to proto2zebra for understanding kernel routes
- Add some more data to rtadv socket failures
- Add support for maintaining local neigh entries
- Add tc handlers in the script code
- Add tc netlink and dplane ops
- Allow kernel routes to stick around better on interface state changes
- Attempt to make ioctl.c have a bit more useful log messages
- Avoid buffer overflow using netlink_parse_rtattr_nested()
- Cleanup the memory from the hash for MPLS stuff
- Create a zebra_rib_route_entry_new function and use it
- Debug decode rta_expires and rta_mfc_stats
- Delete the malloced memory under `show zebra`
- Don't install connected routes multiple times into frr
- Expand PBR rule action for data-plane programming
- Explicitly call out the correct queue name
- Fix bond down for EVPN-MH
- Fix bug in netconf handling where dplane would drop the change
- Fix crash in shutdown w/ pw thread still running
- Fix ctab calculation typo in tc netlink
- Fix FPM crash
- Fix lost memory on lsp free
- Fix memory leak in srv6 locator delete
- Fix memory leaks and use after frees in nhg's on shutdown
- Fix missing tenant VRF change notification
- Fix missing VNI transition
- Fix remaining mr rtm_getroute oddities
- Fix rtadv startup when config read in is before interface up
- Free neighbor state before the exit to avoid memleaks
- Handle freebsd routing socket enobufs
- Iif/oif are not used in mr rtm_getroute
- Infrastructure for the new dataplane plugin
- Initialize hw via DPDK
- Introduce early route processing on the metaq
- Mc_forwarding was being sent but not retrieved across dataplane
- Notice when an interface is turned on w/ mpls and enable mpls subsystem
- On Linux let interface data come in through netlink messaging
- Pass AFI received for netconf updates
- Pass PBR expanded actions to the dataplane
- Pbr DPDK programming
- Reconfiguring netns for VRF is not a failure
- Rtnetlink: flow attr per gateway attr in multipath updates
- Setup the zebra interface to the DPDK port map table
- System routes should be processed the same time as the kernel
- Use default ns directly in tc dplane
- When deleting next-hop group entries ensure the thread is off
- When saving nhg for later stop processing
Donald Sharp [Mon, 19 Dec 2022 15:51:58 +0000 (10:51 -0500)]
ospfd: Fix some json mem leaks and some issues
a) if show_function happened to be NULL we would leak json memory
b) json_lsa_type was being allocated but only used in the default case, leaking memory
c) json output would sometimes produce text output and that is incorrect
Donatas Abraitis [Tue, 20 Dec 2022 11:01:52 +0000 (13:01 +0200)]
bgpd: Adopt `show bgp detail-routes` command for L3VPN outputs as well
```
unet> sh pe2 vtysh -c 'sh ip bgp ipv4 vpn detail-routes'
BGP table version is 4, local router ID is 10.10.10.20, vrf id 0
Default local pref 100, local AS 65001
Route Distinguisher: 192.168.2.2:2
BGP routing table entry for 192.168.2.2:2:10.0.0.0/24, version 1
not allocated
Paths: (1 available, best #1)
Not advertised to any peer
65000
192.168.2.1 from 0.0.0.0 (10.10.10.20) vrf RED(4) announce-nh-self
Origin incomplete, metric 0, localpref 50, valid, sourced, local, best (First path received)
Extended Community: RT:192.168.2.2:2
Originator: 10.10.10.20
Remote label: 2222
Last update: Tue Dec 20 13:01:20 2022
BGP routing table entry for 192.168.2.2:2:172.16.255.1/32, version 2
not allocated
Paths: (1 available, best #1)
Not advertised to any peer
65000
192.168.2.1 from 0.0.0.0 (10.10.10.20) vrf RED(4) announce-nh-self
Origin incomplete, localpref 50, valid, sourced, local, best (First path received)
Extended Community: RT:192.168.2.2:2
Originator: 10.10.10.20
Remote label: 2222
Last update: Tue Dec 20 13:01:20 2022
BGP routing table entry for 192.168.2.2:2:192.168.1.0/24, version 3
not allocated
Paths: (1 available, best #1)
Not advertised to any peer
65000
192.168.2.1 from 0.0.0.0 (10.10.10.20) vrf RED(4) announce-nh-self
Origin incomplete, localpref 50, valid, sourced, local, best (First path received)
Extended Community: RT:192.168.2.2:2
Originator: 10.10.10.20
Remote label: 2222
Last update: Tue Dec 20 13:01:20 2022
BGP routing table entry for 192.168.2.2:2:192.168.2.0/24, version 4
not allocated
Paths: (1 available, best #1)
Not advertised to any peer
65000
192.168.2.1 from 0.0.0.0 (10.10.10.20) vrf RED(4) announce-nh-self
Origin incomplete, metric 0, localpref 50, valid, sourced, local, best (First path received)
Extended Community: RT:192.168.2.2:2
Originator: 10.10.10.20
Remote label: 2222
Last update: Tue Dec 20 13:01:20 2022
Ryoga Saito [Thu, 8 Dec 2022 07:01:59 +0000 (16:01 +0900)]
bgpd: Fix handling of SRv6 local routes
Current bgpd can't annouce SRv6 locally-generated routes to Zebra
correctly because MPLS label of locally-generated routes is not valid
but sid_info->transposition_len is set to non-zero value. This commit
fixes such kind of issues.
Donatas Abraitis [Tue, 20 Dec 2022 10:15:32 +0000 (12:15 +0200)]
doc: Add new command `show bgp detail-routes`
```
donatas-pc# show bgp all detail-routes
For address family: IPv4 Unicast
BGP table version is 11, local router ID is 192.168.10.17, vrf id 0
Default local pref 100, local AS 65002
BGP routing table entry for 10.0.2.0/24, version 1
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
192.168.10.124
65001
192.168.10.124 from 192.168.10.124 (200.200.200.202)
Origin incomplete, metric 0, valid, external, otc 65001, best (First path received)
Last update: Tue Dec 20 12:11:52 2022
BGP routing table entry for 10.10.100.0/24, version 2
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
192.168.10.124
65001
192.168.10.124 from 192.168.10.124 (200.200.200.202)
Origin IGP, metric 0, valid, external, otc 65001, best (First path received)
Last update: Tue Dec 20 12:11:52 2022
BGP routing table entry for 172.16.31.1/32, version 3
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
192.168.10.124
65001
192.168.10.124 from 192.168.10.124 (200.200.200.202)
Origin incomplete, metric 0, valid, external, otc 65001, best (First path received)
Last update: Tue Dec 20 12:11:52 2022
```
Donatas Abraitis [Tue, 13 Dec 2022 20:30:15 +0000 (22:30 +0200)]
bgpd: Show the real prefix for `show bgp detail`
Absolutely not possible to read the output and even distinguish the prefix
we are looking for.
Before:
```
donatas-pc# show ip bgp detail
BGP table version is 12, local router ID is 192.168.10.17, vrf id 0
Default local pref 100, local AS 65002
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
65001
2a02:4780:abc::2 from 2a02:4780:abc::2 (200.200.200.202)
(fe80::a00:27ff:fe5e:d19e) (used)
Origin incomplete, metric 0, valid, external, multipath
Last update: Tue Dec 13 22:53:16 2022
65001
192.168.10.124 from 192.168.10.124 (200.200.200.202)
Origin incomplete, metric 0, valid, external, otc 65001, multipath, best (Neighbor IP)
Last update: Tue Dec 13 22:53:16 2022
65001
2a02:4780:abc::2 from 2a02:4780:abc::2 (200.200.200.202)
(fe80::a00:27ff:fe5e:d19e) (used)
Origin IGP, metric 0, valid, external, multipath
Last update: Tue Dec 13 22:53:16 2022
65001
192.168.10.124 from 192.168.10.124 (200.200.200.202)
Origin IGP, metric 0, valid, external, otc 65001, multipath, best (Neighbor IP)
Last update: Tue Dec 13 22:53:16 2022
```
After:
```
donatas-pc# show ip bgp detail
BGP table version is 12, local router ID is 192.168.10.17, vrf id 0
Default local pref 100, local AS 65002
BGP routing table entry for 10.0.2.0/24, version 1
Paths: (2 available, best #2, table default)
Advertised to non peer-group peers:
2a02:4780:abc::2
65001
2a02:4780:abc::2 from 2a02:4780:abc::2 (200.200.200.202)
(fe80::a00:27ff:fe5e:d19e) (used)
Origin incomplete, metric 0, valid, external, multipath
Last update: Tue Dec 13 22:47:16 2022
BGP routing table entry for 10.0.2.0/24, version 1
Paths: (2 available, best #2, table default)
Advertised to non peer-group peers:
2a02:4780:abc::2
65001
192.168.10.124 from 192.168.10.124 (200.200.200.202)
Origin incomplete, metric 0, valid, external, otc 65001, multipath, best (Neighbor IP)
Last update: Tue Dec 13 22:47:16 2022
BGP routing table entry for 10.10.100.0/24, version 2
Paths: (2 available, best #2, table default)
Advertised to non peer-group peers:
2a02:4780:abc::2
65001
2a02:4780:abc::2 from 2a02:4780:abc::2 (200.200.200.202)
(fe80::a00:27ff:fe5e:d19e) (used)
Origin IGP, metric 0, valid, external, multipath
Last update: Tue Dec 13 22:47:16 2022
```
Manoj Naragund [Mon, 19 Dec 2022 12:07:22 +0000 (04:07 -0800)]
ospf6d: Fixing memory leak in ospf6_lsa_create_headeronly for both master and slave.
Problem Statement:
=================
Memory leak backtraces
2022-11-23 01:51:10,525 - ERROR: ==842== 1,100 (1,000 direct, 100 indirect) bytes in 5 blocks are definitely lost in loss record 29 of 31
2022-11-23 01:51:10,525 - ERROR: ==842== at 0x4C31FAC: calloc (vg_replace_malloc.c:762)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x4E8A1BF: qcalloc (memory.c:111)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13555A: ospf6_lsa_alloc (ospf6_lsa.c:723)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x1355F3: ospf6_lsa_create_headeronly (ospf6_lsa.c:756)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x135702: ospf6_lsa_copy (ospf6_lsa.c:790)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13B64B: ospf6_dbdesc_recv_slave (ospf6_message.c:976)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13B64B: ospf6_dbdesc_recv (ospf6_message.c:1038)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13B64B: ospf6_read_helper (ospf6_message.c:1838)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13B64B: ospf6_receive (ospf6_message.c:1875)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x4EB741B: thread_call (thread.c:1692)
2022-11-23 01:51:10,526 - ERROR: ==842== by 0x4E85B17: frr_run (libfrr.c:1068)
2022-11-23 01:51:10,526 - ERROR: ==842== by 0x119585: main (ospf6_main.c:228)
2022-11-23 01:51:10,526 - ERROR: ==842==
2022-11-23 01:51:10,524 - ERROR: Found memory leak in module ospf6d
2022-11-23 01:51:10,525 - ERROR: ==842== 220 (200 direct, 20 indirect) bytes in 1 blocks are definitely lost in loss record 21 of 31
2022-11-23 01:51:10,525 - ERROR: ==842== at 0x4C31FAC: calloc (vg_replace_malloc.c:762)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x4E8A1BF: qcalloc (memory.c:111)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13555A: ospf6_lsa_alloc (ospf6_lsa.c:723)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x1355F3: ospf6_lsa_create_headeronly (ospf6_lsa.c:756)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x135702: ospf6_lsa_copy (ospf6_lsa.c:790)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13BBCE: ospf6_dbdesc_recv_master (ospf6_message.c:760)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13BBCE: ospf6_dbdesc_recv (ospf6_message.c:1036)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13BBCE: ospf6_read_helper (ospf6_message.c:1838)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x13BBCE: ospf6_receive (ospf6_message.c:1875)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x4EB741B: thread_call (thread.c:1692)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x4E85B17: frr_run (libfrr.c:1068)
2022-11-23 01:51:10,525 - ERROR: ==842== by 0x119585: main (ospf6_main.c:228)
2022-11-23 01:51:10,525 - ERROR: ==842==
RCA:
====
These memory leaks are beacuse of last lsa in neighbour's request_list is not
getting freed beacuse of lsa lock. The last request has an addtional lock which
is added as a part of ospf6_make_lsreq, this lock needs to be removed
in order for the lsa to get freed.
Fix:
====
Check and remove the lock on the last request in all the functions.
Manoj Naragund [Mon, 19 Dec 2022 11:52:59 +0000 (03:52 -0800)]
ospf6d: Fixing memory leak in ospf6_summary_add_aggr_route_and_blackhole.
Problem Statement:
=================
Memory leak in ospf6d.
2022-11-15 02:15:11,569 - ERROR: ==30108== 440 (280 direct, 160 indirect) bytes in 1 blocks are definitely lost in loss record 15 of 17
2022-11-15 02:15:11,569 - ERROR: ==30108== at 0x4C31FAC: calloc (vg_replace_malloc.c:762)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x4E8A1BF: qcalloc (memory.c:111)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x14337A: ospf6_route_create (ospf6_route.c:462)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x11EE27: ospf6_summary_add_aggr_route_and_blackhole (ospf6_asbr.c:2779)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x11EEDA: ospf6_originate_new_aggr_lsa (ospf6_asbr.c:2816)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x120053: ospf6_handle_external_lsa_origination (ospf6_asbr.c:3659)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x12041E: ospf6_asbr_redistribute_add (ospf6_asbr.c:1547)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x14F3CC: ospf6_zebra_read_route (ospf6_zebra.c:253)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x4EC9B73: zclient_read (zclient.c:2727)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x4EB741B: thread_call (thread.c:1692)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x4E85B17: frr_run (libfrr.c:1068)
2022-11-15 02:15:11,569 - ERROR: ==30108== by 0x119585: main (ospf6_main.c:228)
2022-11-15 02:15:11,569 - ERROR: ==30108==
RCA:
====
blackhole route was not freed before adding a new one.
Fix:
====
Added a check before allocating new route, to free the old one. Also,
added ospf6_asbr_summary_config_delete in ospf6_delet before freeing
the aggregate route.
Donald Sharp [Sat, 17 Dec 2022 19:09:29 +0000 (14:09 -0500)]
zebra: Ensure memory is not freed that dplane depends on in shutdown
Zebra has a shutdown setup where it asks the dplane to shutdown but can
still be processing data. This is especially true if something the dplane
is listening on receives data that will be processed by the main dplane thread
from netlink. When zebra_finalize is called it is possible that a bit
of data comes in before the zebra_dplane_shutdown() function is called
and the memory freed in ns_walk_func() causes the main dplane event
to crash when it cannot find the ns data anymore.
Reverse the order, stop the zebra dplane pthread and then free the
memory associated with the namespaces.
anlan_cs [Sat, 17 Dec 2022 08:25:56 +0000 (16:25 +0800)]
zebra: fix wrong gateway for fpm debug
The wrong parameter is passed in `inet_ntop()` of `zfpm_log_route_info()` in
old fpm module, so the display of gateway is always wrong. Just remove
that extra ampersand.
Additionally, use "none" as gateway value for the case of no gateway.
ospfd: json support for show ip ospf border-routers
show ip ospf border-routers json support added.
commands:
- show ip ospf vrf default border-routers json
- show ip ospf vrf all border-routers json
- show ip ospf border-routers json
Changes:
JSON support added for below commands,
- show ip nht route-map vrf all json
- show ip nht route-map vrf <name> json
- show ipv6 nht route-map vrf all json
- show ipv6 nht route-map vrf <name> json
- show ipv6 nht route-map json
- show ip nht route-map json
Louis Scalbert [Fri, 6 May 2022 18:03:55 +0000 (20:03 +0200)]
bgpd: resend routes deleted by kernel after interface addresses deletion
When the last IPv4 address of an interface is deleted, Linux removes all
routes includes BGP ones using this interface without any Netlink
advertisement. bgpd keeps them in RIB as valid (e.g. installed in FIB).
The previous patch invalidates the associated nexthop groups in zebra
but bgpd is not notified of the event.
> 2022/05/09 17:37:52.925 ZEBRA: [TQKA8-0276P] Not Notifying Owner: connected about prefix 29.0.0.0/24(40) 3 vrf: 7
Look for the bgp_path_info that are unsynchronized with the kernel and
flag them for refresh in their attributes. A VPN route leaking update is
calles and the refresh flag triggers a route refresh to zebra and then a
kernel FIB installation.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Wed, 6 Jul 2022 13:37:44 +0000 (15:37 +0200)]
zebra: delete kernel routes using an interface with no more IPv4 address
When the last IPv4 address of an interface is deleted, Linux removes
all routes using this interface without any Netlink advertisement.
Routes that have a IPv4 nexthop are correctly removed from the FRR RIB.
However, routes that only have an interface with no more IPv4 addresses
as a nexthop remains in the FRR RIB.
In this situation, among the routes that this particular interface
nexthop:
- remove from the zebra kernel routes
- reinstall the routes that have been added from FRR. It is useful when
the nexthop is for example a VRF interface.
Add related test cases in the zebra_netlink topotest.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Fri, 29 Apr 2022 17:41:57 +0000 (19:41 +0200)]
bgpd: move mp_nexthop_prefer_global boolean attribute to nh_flag
Previous commits have introduced a new 8 bits nh_flag in the attr
struct that has increased the memory footprint.
Move the mp_nexthop_prefer_global boolean in the attr structure that
takes 8 bits to the new nh_flag in order to go back to the previous
memory utilization.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
> VRF r1-cust4:
> B 5.1.0.0/24 [20/98] via 99.0.0.1 (vrf r1-cust1) inactive, weight 1, 00:00:08
> B>* 99.0.0.1/32 [20/0] via 192.168.1.2, r1-eth4 (vrf r1-cust1), weight 1, 00:00:08
When announcing the routes to zebra, use the peer of the ultimate bgp
path info instead of the one of the first parent path info to determine
whether the route is recursive.
The result is:
> VRF r1-cust4:
> B> 5.1.0.0/24 [20/98] via 99.0.0.1 (vrf r1-cust1) (recursive), weight 1, 00:00:02
> * via 192.168.1.2, r1-eth4 (vrf r1-cust1), weight 1, 00:00:02
> B>* 99.0.0.1/32 [20/0] via 192.168.1.2, r1-eth4 (vrf r1-cust1), weight 1, 00:00:02
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Tue, 26 Apr 2022 14:57:45 +0000 (16:57 +0200)]
bgpd: update route leaking when a VRF loopback is received
At bgpd startup, VRF instances are sent from zebra before the
interfaces. When importing a l3vpn prefix from another local VRF
instance, the interfaces are not known yet. The prefix nexthop interface
cannot be set to the loopback or the VRF interface, which causes setting
invalid routes in zebra.
Update route leaking when the loopback or a VRF interface is received
from zebra.
At a VRF interface deletion, zebra voluntarily sends a
ZEBRA_INTERFACE_ADD message to move it to VRF_DEFAULT. Do not update if
such a message is received. VRF destruction will destroy all the related
routes without adding codes.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Wed, 11 May 2022 15:41:36 +0000 (17:41 +0200)]
topotests: update ospf_multi_vrf_bgp_route_leak
Leaked connected routes have now the following nexthop interfaces:
- lo for routes imported from the default VRF
- or the VRF interface for routes imported from the other VRFs.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Mon, 25 Apr 2022 13:14:49 +0000 (15:14 +0200)]
bgpd: fix invalid nexthop interface on leaked routes
There is two cases where the nexthop interface is incorrect:
- Case 1: leaked routes from prefixes stated in 'network <prefix>' are
inactive because they have no nexthop IP address or interface.
- Case 2: leaked routes from 'redistribute connected' contains the
original nexthop interface.
Extract from the routing table:
> VRF r1-cust1:
> S>* 192.0.0.0/24 [1/0] via 192.168.1.2, r1-eth4, weight 1, 00:47:53
> C>* 192.168.1.0/24 is directly connected, r1-eth4, 00:44:15
> S>* 29.0.0.0/24 [1/0] is directly connected, r1-cust5 (vrf r1-cust5), weight 1, 00:00:30
>
> VRF r1-cust4:
> B 10.2.3.4/32 [20/0] is directly connected, unknown (vrf r1-cust1) inactive, weight 1, 00:00:02
> C>* 29.0.0.0/24 is directly connected, r1-cust5, 00:27:40
> B 192.0.0.0/24 [20/0] is directly connected, unknown (vrf r1-cust1) inactive, weight 1, 00:03:40
> B>* 192.168.1.0/24 [20/0] is directly connected, r1-eth4 (vrf r1-cust1), weight 1, 00:00:02
The nexthop interface is r1-eth4. It causes issue to traffic leaving
r1-cust4. The following ping to r1-eth4 local address 192.168.1.1 from
r1-cust5 local add does
not respond.
> # tcpdump -lnni r1-cust1 'icmp' &
> # ip vrf exec r1-cust4 ping -c1 192.168.1.1 -I 29.0.0.1
> PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
PING 192.168.1.1 (192.168.1.1) from 29.0.0.1 : 56(84) bytes of data.
18:49:20.635638 IP 29.0.0.1 > 192.168.1.1: ICMP echo request, id 15897, seq 1, length 64
18:49:27.113827 IP 29.0.0.1 > 29.0.0.1: ICMP host 192.168.1.1 unreachable, length 92
Fix description:
When leaking prefix from other VRFs, if the nexthop IP address is not
set in the bgp path info attribures, reset nh_ifindex to the index of
master interface of the incoming BGP instance.
The previous commit has added a routing leak update when a nexthop
update is received from zebra. It indirectly calls
bgp_find_or_add_nexthop() in which a static route triggers a nexthop
cache entry registration that triggers a nexthop update from zebra.
Do not register again the nexthop cache entry if the BGP_STATIC_ROUTE is
already set.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Louis Scalbert [Fri, 29 Apr 2022 12:26:04 +0000 (14:26 +0200)]
bgpd: fix prefix VRF leaking with 'network import-check' (4/5)
If 'network import-check' is defined on the source BGP session, prefixes
that are stated in the network command cannot be leaked to the other
VRFs BGP table even if they are present in the origin VRF RIB if the
'rt import' statement is defined after the 'network <prefix>' ones.
When a prefix nexthop is updated, update the prefix route leaking. The
current state of nexthop validation is now stored in the attributes of
the bgp path info. Attributes are compared with the previous ones at
route leaking update so that a nexthop validation change now triggers
the update of destination VRF BGP table.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
projects / mirror_frr.git / log