Arthur Jones [Wed, 18 Apr 2018 17:18:00 +0000 (10:18 -0700)]
alpine build docs: Document docker images and alpine packages
https://hub.docker.com/r/ajones17/frr/ contains pre-built docker
images and alpine packages for the master branch of frr. Document
this continuous delivery system on the alpine build page.
Issue: https://github.com/FRRouting/frr/issues/2087 Signed-of-by: Arthur Jones <arthur.jones@riverbed.com>
Donald Sharp [Mon, 9 Apr 2018 19:41:37 +0000 (15:41 -0400)]
pbrd: Allow pbr-policy add/removal to install/remove rules
The pbrm->installed variable was being used only in a couple
of places and it has no real bearing on whether or not
we should install a rule or not. Remove this value.
Ticket: CM-20429 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 6 Apr 2018 15:41:10 +0000 (11:41 -0400)]
pbrd: Fix installation and deletion in some cases
When a nexthop group is modified do not assume that it
is not installed. The creation of the pnhgc is enough
to set the installed to false. If we are reinstalling
it is not needed to set it as not installed.
When a pbrms is being installed/removed check to see if it
is already installed/deleted and do the right thing from
there.
Ticket: CM-20371 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 30 Mar 2018 14:33:25 +0000 (10:33 -0400)]
zebra: Tell rib_process to actually rethink pbr routes.
When I implemented this code change I was only testing against
static routes and with one nexthop. I missed the fact that
we needed to tell rib_process to actually rethink the nexthops.
Ticket: CM-20274 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Quentin Young [Mon, 16 Apr 2018 18:37:30 +0000 (14:37 -0400)]
ospfd: fix stylistic issue
Macro that expands to be wrapped in parentheses was being used as a raw
condition for an if statement, leading to some very weird and confusing
formatting...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Don Slice [Tue, 17 Apr 2018 17:48:30 +0000 (10:48 -0700)]
zebra: fix flaw in fix for import-table crash
Realized (with coverity's help) the fix had a mistake by pasting in
the wrong route entry to unset the selected flag. This fix takes
care of that mistake.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Don Slice [Sun, 15 Apr 2018 19:25:24 +0000 (12:25 -0700)]
zebra: resolve assert when adding ip import-table entry
Problem was due to in certain route replace circumstances,
we would mark the old route_entry as removed to delete it but
would leave the selected flag set. When the rn was pulled off the
work queue for process, we would find both the new re and old re
(being deleted) with the selected flag set and would assert.
In this change, when we decide to delete the old re, we also mark
it as no longer selected.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Philippe Guibert [Sat, 24 Mar 2018 13:58:04 +0000 (14:58 +0100)]
zebra: rename pbr_unique structure to pbr_rule_unique
This renaming of structure permits better identify which structure is
looked up, since policy routing will not only rely on iprule, but also
on some other structures.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Wed, 21 Mar 2018 10:59:02 +0000 (11:59 +0100)]
zebra: adapt zebra_pbr_rule based with pbr_rule
In order to avoid duplicates functions, the zebra_pbr_rule structure
used by zebra to decode the zapi message, and send netlink messages, is
slightly modified. the structure is derived from pbr_rule, but it also
includes sock identifier that is used to send back information to the
daemon that did the request. Also, the ifp pointer is stored in that
structure.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Wed, 21 Mar 2018 10:55:38 +0000 (11:55 +0100)]
lib: enhance pbr_rule structure for zapi encode and for common usage
The pbr_rule structure is derived from zebra_pbr_rule, and is
defined, so that a zclient will be able to encode the zebra_pbr_rule to
send ADD_RULE or DEL_RULE command. Also, the same structure can be used
by other daemons to derive a structure ( this will be the case for
zebra_pbr_rule).
Adding to this, an encoding function is defined, and will be used by
remote daemon to encode that message.
Those definitions are moved in new file pbr.h file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Mon, 12 Mar 2018 08:23:48 +0000 (09:23 +0100)]
zebra: add IPTABLE_ADD and IPTABLE_DEL commands in zapi
Those messages permit a remote daemon to configure an iptable entry. A
structure is defined that maps to an iptable entry. More specifically,
this structure proposes to associate fwmark, and a table ID.
Adding to the configuration, the initialisation of iptables hash list is
done into zebra netnamespace. Also a hook for notifying the sender that
the iptables has been correctly set is done.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Quentin Young [Wed, 11 Apr 2018 19:19:23 +0000 (15:19 -0400)]
babeld: be more explicit about route resize result
Resizing the route array can fail. Although the error condition is
already correctly handled, if we're more explicit about the variables we
expect to be initialized then clang-analyze is happier.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Wed, 11 Apr 2018 17:16:10 +0000 (13:16 -0400)]
bgpd: move attr display into checked block
Here we have a block conditional on the nullity of a pointer, followed
by a dereferennce of the same pointer. Move the deref into the
conditional block.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Quentin Young [Wed, 11 Apr 2018 16:54:42 +0000 (12:54 -0400)]
bgpd: double-check notify data when debugging
clang-analyze complains that data may be null, and since we didn't
explicitly check it (although we did check the overall packet length
minus the header length) it has a point.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Donald Sharp [Fri, 13 Apr 2018 14:02:32 +0000 (10:02 -0400)]
pbrd: Allow PBR to ignore Access List commands
PBR is hooked up to receive access-list commands automatically,
as are all daemons, add the bit of code to allow the PBR
daemon to safely receive the command and ignore it for the
moment.
Ticket: CM-20569 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Donald Sharp [Fri, 13 Apr 2018 13:39:23 +0000 (09:39 -0400)]
lib: Restrict redistribution cli a bit
The PBR and PIM daemons, needed the ability to connect
to zebra. Unfortunately this connection also implied
an ability to redistribute to other valid protocols.
Add a additional hook to the route_types.pl script
to allow us to specify if the client type should
be redistributed at all.
Additionally cleanup the PIM code to not show up
as a protocol under the header for a 'show ip route'
command
Ticket: CM-20568 Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Philippe Guibert [Mon, 26 Mar 2018 10:22:18 +0000 (12:22 +0200)]
zebra: add an indirection table for ns_id
This list "table" is created in the case the netns backend for VRF is
used. This contains the mapping between the NSID value read from the
'ip netns list' and the ns id external used to create the VRF
value from vrf context. This mapping is
necessary in order to reserve default 0 value for vrf_default.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Philippe Guibert [Tue, 20 Mar 2018 09:59:48 +0000 (10:59 +0100)]
lib: a vrf is searched first by its name, than its vrf id
Because at startup, remote daemons attempt to create default VRF,
the VRF_ID may be set to unknown. In that case, an event will be
triggered later by zebra to inform remote daemon that the vrf id of that
VRF has changed to valid value. In that case, two instances of default
VRF must not be created. By looking first at vrf name, this avoids
having two instances.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Chirag Shah [Fri, 13 Apr 2018 00:44:07 +0000 (17:44 -0700)]
ospf6d: router-id change to display msg to restart
When neighbor state transition from LOADING to
FULL state, active full neighbors count incremented.
The full neighbors count is used for router-id change
if any full neighbor exist, displays message to restart
ospf6/frr to activate new router-id.
In the case of P-t-P neighbor type neighbor transition
from EXCHANGE to FULL which missed full neighbors count.
Ticket:CM-20574
Testing Done:
Initially, Bring up zebra assigned router-id in ospf6
with point-to-point link based neighbor.
Configure static router-id where restart of ospf6 message
is displayed.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Mitesh Kanjariya [Mon, 26 Feb 2018 22:10:50 +0000 (14:10 -0800)]
zebra: add EVPN learned neighbors as NUD_NOARP
EVPN owns the remote neigh entries which are programed in the kernel.
This entries should not age out and the only way to delete should be
from EVPN. We should program these entries with NUD_NOARP instead of
NUD_REACHABLE to avoid aging of this macs.
zebra: act on kernel notifications for remote neighbors as well
There can be a race condition between kernel and frr as follows.
Frr sends remote neigh notification.
At the (almost) same time kernel might send a notification saying
neigh is local.
After processing this notifications, the state in frr is local while
state in kernel is remote. This causes kernel and frr to be out of sync.
This problem will be avoided if FRR acts on the kernel notifications for
remote neighbors. When FRR sees a remote neighbor notification for a
neighbor which it thinks is local, FRR will change the neigh state to remote.