Timo Teräs [Fri, 19 Feb 2016 02:19:54 +0000 (18:19 -0800)]
zebra: Fix route deletion on *BSD
Fix for not handling RTM_CHANGE correctly. This patch change it to
delete/add instead. Using RTM_CHANGE on kernels where it works is better,
but is left as an exercise for developer who has access and will to fix it
on *BSD.
Renato Westphal [Wed, 12 Oct 2016 15:39:02 +0000 (12:39 -0300)]
lib/vtysh: fix duplicate installation of some vty commands
This is a followup to commits 735e62 and 0b1442, where we forgot to apply
the same VIEW/ENABLE consolidation logic to vtysh. Also, we can't call
install_default() for the ENABLE node because some of the vty commands
installed by this function were already installed in the VIEW node before.
Donald Sharp [Tue, 11 Oct 2016 12:47:32 +0000 (08:47 -0400)]
bgp: Fix bi->extra->tag if statement
bi->extra->tag is a 3 byte array, the statement
as written will always be true. Modify code
to see if we actually have any data in the
tag and then print the label.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Reviewed-by: Lou Berger <lberger@labn.net>
these files do not belong in the git tree. (They're temporaries during
a ./configure run and normally removed at the end; let's add them to
.gitignore anyway.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
'neighbor x.x.x.x weight' was implemented as a per-peer knob instead of
a per-peer per-afi-safi option. This makes it configurable per-peer
per-afi-safi so that we can do things like soft clear that afi/safi when
weight is modified.
Donald Sharp [Fri, 11 Mar 2016 19:27:13 +0000 (14:27 -0500)]
*: Consolidate all double VIEW_NODE and ENABLE_NODE's
If a command is put into the VIEW_NODE, it is going into the
ENABLE_NODE as well. This is especially true for show commands.
As such if a command is in both consolidate it down to VIEW_NODE.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 11 Mar 2016 19:27:12 +0000 (14:27 -0500)]
lib: Consolidate VIEW_NODE to be ENABLE_NODE as well
If you are in VIEW_NODE, the command should exist in ENABLE_NODE
as well. This is being done to reduce chances of code being
added to one but not the other NODE.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 11 Mar 2016 19:27:11 +0000 (14:27 -0500)]
bgpd, lib: Remove RESTRICTED_NODE from code base
The RESTRICTED_NODE command is not used, introduces code
complexity and provides no additional levels of security.
The only way to get into RESTRICTED_NODE is to add, under
vty configuration the command 'anonymous restricted', and
then telnet to a daemon, provide a password, then type
'enable' and fail to enter the password three times.
Then the user can enter a very limited set of commands to
monitor bgp and only bgp behavior.
This commit removes both the RESTRICTED_NODE usage as well
as the lib/* usage of the code
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This patch improves zebra,ripd,ripngd,ospfd and bgpd so that they can
make use of 32-bit route tags in the case of zebra,ospf,bgp or 16-bit
route-tags in the case of ripd,ripngd.
David Lamparter [Fri, 30 Sep 2016 13:38:03 +0000 (15:38 +0200)]
zebra: use qobj and enable concurrent config edits
This puts all the proper VTY_DECLVAR_CONTEXT calls in place, removing
all vty->index uses in the process. With that, vty_config_lockless can
be enabled in zebra.
[v2: fix ordering screw-up in "interface XXX" command]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
ldpd was keeping track of the vty session's position in config editing
with 3 global static variables. This worked because only one vty could
be in configuration-editing mode before.
Replace with vty->qobj_index infrastructure and enable
vty_config_lockless.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Renato Westphal [Wed, 22 Jun 2016 12:59:28 +0000 (09:59 -0300)]
ldpd: add in-process API for creating/deleting
These functions are currently unused but will be used by the Cap'n Proto
interface. They're not a particular burden to maintain in-tree, so here
they go.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Renato Westphal [Wed, 22 Jun 2016 12:59:28 +0000 (09:59 -0300)]
ldpd: merge/dup/reload void **ref support
Extend configuration duplication-merge mechanism to allow keeping track
of a single specific object. A "void **" pointer is passed in; the
"void *" pointer it points to is updated with the new address of the
object it points to.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Finally, this disables the config editing lock for isisd. It also
enables deprecation warnings for the lib/ and isisd/ to catch accidental
uses of vty->index.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Mon, 26 Sep 2016 16:36:13 +0000 (18:36 +0200)]
isisd: use qobj for vty->index context position
This converts all uses of vty->index over to qobj. With this, isisd now
supports concurrent configuration editing as there are no more unsafe
references held anywhere while in config-edit mode.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Mon, 26 Sep 2016 16:36:49 +0000 (18:36 +0200)]
lib: vty: add infrastructure for qobj ID "index"
As mentioned in previous commits, this prepares to replace the vty's
"void *index" context position with a safe qobj pointer. This will
allow concurrent configuration editing by multiple users, as soon as no
more code (library included) in the daemon uses vty->index anymore.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
David Lamparter [Mon, 26 Sep 2016 15:30:30 +0000 (17:30 +0200)]
lib: add "qobj" object-ID infrastructure
This adds 64-bit random identifiers as "safe pointers" which are also
type-tracked / can have type-specific extension methods.
This will be used by both the CLI (to keep safe references while in
config editing mode) as well as the Cap'n Proto code (to hand out
pointers to the user in a safe way and add per-type handlers)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Lou Berger [Sat, 7 May 2016 18:18:56 +0000 (14:18 -0400)]
bgpd: add L3/L2VPN Virtual Network Control feature
This feature adds an L3 & L2 VPN application that makes use of the VPN
and Encap SAFIs. This code is currently used to support IETF NVO3 style
operation. In NVO3 terminology it provides the Network Virtualization
Authority (NVA) and the ability to import/export IP prefixes and MAC
addresses from Network Virtualization Edges (NVEs). The code supports
per-NVE tables.
The NVE-NVA protocol used to communicate routing and Ethernet / Layer 2
(L2) forwarding information between NVAs and NVEs is referred to as the
Remote Forwarder Protocol (RFP). OpenFlow is an example RFP. For
general background on NVO3 and RFP concepts see [1]. For information on
Openflow see [2].
RFPs are integrated with BGP via the RF API contained in the new "rfapi"
BGP sub-directory. Currently, only a simple example RFP is included in
Quagga. Developers may use this example as a starting point to integrate
Quagga with an RFP of their choosing, e.g., OpenFlow. The RFAPI code
also supports the ability import/export of routing information between
VNC and customer edge routers (CEs) operating within a virtual
network. Import/export may take place between BGP views or to the
default zebera VRF.
BGP, with IP VPNs and Tunnel Encapsulation, is used to distribute VPN
information between NVAs. BGP based IP VPN support is defined in
RFC4364, BGP/MPLS IP Virtual Private Networks (VPNs), and RFC4659,
BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN . Use
of both the Encapsulation Subsequent Address Family Identifier (SAFI)
and the Tunnel Encapsulation Attribute, RFC5512, The BGP Encapsulation
Subsequent Address Family Identifier (SAFI) and the BGP Tunnel
Encapsulation Attribute, are supported. MAC address distribution does
not follow any standard BGB encoding, although it was inspired by the
early IETF EVPN concepts.
The feature is conditionally compiled and disabled by default.
Use the --enable-bgp-vnc configure option to enable.
The majority of this code was authored by G. Paul Ziemba
<paulz@labn.net>.
Timo Teräs [Fri, 15 Jan 2016 15:36:31 +0000 (17:36 +0200)]
zebra: support FIB override routes
FIB override routes are for routing protocols that establish
shortcut routes, or establish point-to-point routes that should
not be redistributed. Namely this is useful NHRP daemon to come.
Zebra is extended to select two entries from RIB the "best" entry
from routing protocols, and the FIB entry to install to kernel.
FIB override routes are never selected as best entry, and thus
are never adverticed to other routing daemons. The best FIB
override, or if it does not exist the otherwise best RIB is
selected as FIB entry to be installed.
Signed-off-by: Timo Teräs <timo.teras@iki.fi> Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[CF: Massage to fit cumulus tree] Signed-off-by: Christian Franke <chris@opensourcerouting.org>
ldpd: always advertise labels upon receiving a redistributed route
Whenever a routing daemon advertises a new version of a route to zebra,
zebra removes the old version of this route (implicit withdraw) and then
create a new 'rib' structure for the new version of the route.
In this process, the previously received label(s) from ldpd are lost. This
is because upon receiving a ZEBRA_MPLS_LABELS_ADD message, zebra only
adds a label to a nexthop of an existing route. And routes are volatile,
they can be removed while being updated.
To workaround this issue, this patch makes ldpd always advertise the
appropriate labels whenever it receives a redistributed route, even
if it was already received before (an older version). This way, when
ldpd receives the updated version of a route, it will readvertise the
appropriate label(s) and zebra will reinstall them.
Commit 5048fe changed the way zebra behave when a route is updated. Now,
whenever a route is changed, zebra advertises its new version without
withdrawing the old one. This patch adapts ldpd to understand this new
behavior. After processing a ZEBRA_REDISTRIBUTE_IPV[46]_ADD message,
we need to check for nexthops that were removed and, for each of them
(if any), withdraw the associated labels from zebra.
David Lamparter [Wed, 16 Dec 2015 18:38:23 +0000 (19:38 +0100)]
lib: fix vrf_bitmap leak in zclient_free()
zclient_stop(), which is used as antagonist to zclient_init(), needs to
undo the vrf_bitmap allocation. Otherwise zclient_init() will leak the
allocated memory, for example when zclient_reset() is used.
Reported-by: Lou Berger <lberger@labn.net> Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Daniel Walton [Tue, 27 Sep 2016 15:56:36 +0000 (15:56 +0000)]
tools: quagga-reload should raise Exception instead of exiting
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com> Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
NCLU imports quagga-reload.py and uses its Config class to parse
Quagga.conf. The Config class will call 'vtysh -m -f Quagga.conf" and
if that exited with an error Config would call sys.exit(1) which in my
cases causes the NCLU daemon to exit which is bad. The fix is to have
the Config class raise an exception instead of exiting, then NCLU can
catch the exception, log it and move on.
Daniel Walton [Tue, 27 Sep 2016 15:57:56 +0000 (15:57 +0000)]
zebra: "ip import-table" display is hosed
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com> Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Ticket: CM-13020
Now that we have evpn we have the following AFIs
/* Address family numbers from RFC1700. */
typedef enum {
AFI_IP = 1,
AFI_IP6 = 2,
AFI_ETHER = 3, /* RFC 1700 has "6" for 802.* */
AFI_MAX = 4
} afi_t;
The import-table code was treating the afi as a flag which was fine
before when the only choices were 1 and 2 but now that we have #3 that
doesn't work. The fix is to change zebra_import_table_used to a
[AFI_MAX][ZEBRA_KERNEL_TABLE_MAX] array to track if import-table is
enabled.
Daniel Walton [Tue, 27 Sep 2016 15:56:36 +0000 (15:56 +0000)]
tools: quagga-reload should raise Exception instead of exiting
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com> Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
NCLU imports quagga-reload.py and uses its Config class to parse
Quagga.conf. The Config class will call 'vtysh -m -f Quagga.conf" and
if that exited with an error Config would call sys.exit(1) which in my
cases causes the NCLU daemon to exit which is bad. The fix is to have
the Config class raise an exception instead of exiting, then NCLU can
catch the exception, log it and move on.
distribute.c doesn't allow to manage both v4 and v6 distribute lists. This
patch fix this problem by having 4 DISTRIBUTE* values in the enumeration instead
of two. The code in all daemons using distribute.c is adapted.
Paul Jakma [Tue, 9 Feb 2016 15:23:03 +0000 (15:23 +0000)]
lib: Check prefix length from zebra is sensible
* zclient.c: prefix length on router-id and interface address add
messages not sanity checked. fix.
* */*_zebra.c: Prefix length on zebra route read was not checked, and
clients use it to write to storage. An evil zebra could overflow
client structures by sending overly long prefixlen.
Avneesh Sachdev [Fri, 11 Mar 2016 20:21:26 +0000 (12:21 -0800)]
zebra: add developer test functions for FPM code
Add test functions for the zebra code that interfaces with the
Forwarding Plane Manager. These functions can be invoked in a
development build via the recently-added 'invoke' command.
For example:
# invoke zebra function zfpm_dt_benchmark_protobuf_encode 100000
Changes:
* zebra/zebra_fpm_dt.c
Add the following functions. Each function encodes or decodes a
route in a particular FPM format a specified number of times.
Avneesh Sachdev [Fri, 11 Mar 2016 20:21:24 +0000 (12:21 -0800)]
build: support for "development build"
* configure.ac
Add the --enable-dev-build flag. It controls the DEV_BUILD
define for autoconf and automake, which can be used to
conditionally build in code that is only intended for development..
Modify configure.ac to disable portability warnings for automake --
our automake code (in particular common.am) uses some constructs
specific to gmake.
projects / mirror_frr.git / log