Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
If you are doing multipath in a VRF and bounce one of the multipaths for
a prefix, bgp is not updating the zebra entry for that prefix with the
new multipaths. We start with:
cel-redxp-10# show bgp vrf RED ipv4 unicast 6.0.0.16/32
BGP routing table entry for 6.0.0.16/32
Paths: (4 available, best #4, table RED)
Advertised to non peer-group peers:
spine-1(swp1) spine-2(swp2) spine-3(swp3) spine-4(swp4)
104 65104 65002
fe80::202:ff:fe00:2d from spine-4(swp4) (6.0.0.12)
(fe80::202:ff:fe00:2d) (used)
Origin incomplete, localpref 100, valid, external, multipath, bestpath-from-AS 104
AddPath ID: RX 0, TX 21
Last update: Tue Aug 1 18:28:33 2017
102 65104 65002
fe80::202:ff:fe00:25 from spine-2(swp2) (6.0.0.10)
(fe80::202:ff:fe00:25) (used)
Origin incomplete, localpref 100, valid, external, multipath, bestpath-from-AS 102
AddPath ID: RX 0, TX 20
Last update: Tue Aug 1 18:28:33 2017
103 65104 65002
fe80::202:ff:fe00:29 from spine-3(swp3) (6.0.0.11)
(fe80::202:ff:fe00:29) (used)
Origin incomplete, localpref 100, valid, external, multipath, bestpath-from-AS 103
AddPath ID: RX 0, TX 17
Last update: Tue Aug 1 18:28:33 2017
101 65104 65002
fe80::202:ff:fe00:21 from spine-1(swp1) (6.0.0.9)
(fe80::202:ff:fe00:21) (used)
Origin incomplete, localpref 100, valid, external, multipath, bestpath-from-AS 101, best
AddPath ID: RX 0, TX 8
Last update: Tue Aug 1 18:28:33 2017
cel-redxp-10#
cel-redxp-10# show ip route vrf RED 6.0.0.16/32
Routing entry for 6.0.0.16/32
Known via "bgp", distance 20, metric 0, vrf RED, best
Last update 00:00:25 ago
* fe80::202:ff:fe00:21, via swp1
* fe80::202:ff:fe00:25, via swp2
* fe80::202:ff:fe00:29, via swp3
* fe80::202:ff:fe00:2d, via swp4
cel-redxp-10#
And then on spine-1 we bounce all peers
spine-1# clear ip bgp *
spine-1#
On the leaf (cel-redxp-10) we remove the route from spine-1
cel-redxp-10# show ip route vrf RED 6.0.0.16/32
Routing entry for 6.0.0.16/32
Known via "bgp", distance 20, metric 0, vrf RED, best
Last update 00:00:01 ago
* fe80::202:ff:fe00:25, via swp2
* fe80::202:ff:fe00:29, via swp3
* fe80::202:ff:fe00:2d, via swp4
cel-redxp-10#
So far so good. The problem is when the session to spine-1 comes back up
bgp will mark the flag from spine-1 as `multipath` but does not update
zebra. We end up in a state where BGP has 4 paths flags as multipath but
only 3 paths are in the RIB.
This reverts commit c14777c6bf.
clang 5 is not widely available enough for people to indent with. This
is particularly problematic when rebasing/adjusting branches.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The label initializer & nhrpd variable are just to shut up GCC 7,
the other two are actual bugs.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
This allows frr-reload.py (or anything else that scripts via vtysh)
to know if the vtysh command worked or hit an error.
Most of the attributes in 'struct attr_extra' allow for
the more interesting cases of using bgp. The extra
overhead of managing it will induce errors as we add
more attributes and the extra memory overhead is
negligible on anything but full bgp feeds.
Additionally this greatly simplifies the code for
the handling of data.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
bgpd: Fix missing label set
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Core EVPN route handling functionality. This includes support for the
following:
- interface with zebra to learn about local VNIs and MACIPs as well as
to install remote VTEPs (per VNI) and remote MACIPs
- create/update/delete EVPN type-2 and type-3 routes
- attribute creation, route selection and install
- route handling per VNI and for the global routing table
- parsing of received EVPN routes and handling by route type
- encoding attributes for EVPN routes and EVPN prefix creation (for
Updates)
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Ensure that the AFI/SAFI is relevant to the FIB before attempting to install
or remove the route from zebra.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Ensure that the check for martian next hop is correct, including for MP
nexthops, if IPv4.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
labeled-unicast routes are installed in the unicast table, to make
troubleshooting easier we need "show bgp ipv4 labeled-unicast x.x.x.x"
to show the x.x.x.x route in the unicast table.
* Pass ->text to functions that now do full string matching
* Remove cases for l2vpn and evpn where they cannot occur
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
- All ipv4 labeled-unicast routes are now installed in the ipv4 unicast
table. This allows us to do things like take routes from an ipv4
unicast peer, allocate a label for them and TX them to a ipv4
labeled-unicast peer. We can do the opposite where we take routes from
a labeled-unicast peer, remove the label and advertise them to an ipv4
unicast peer.
- Multipath over a labeled route and non-labeled route is not allowed.
- You cannot activate a peer for both 'ipv4 unicast' and 'ipv4
labeled-unicast'
- The 'tag' variable was overloaded for zebra's route tag feature as
well as the mpls label. I added a 'mpls_label_t mpls' variable to
avoid this. This is much cleaner but resulted in touching a lot of
code.
Based on suggestions made in the FRR technical meeting, making the
label-index range 2^20-16 for the max label size minus the reserved
labels.
Ticket: CM-16513
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Added the ability to set the label-index value based on criteria other
than the network statement. Manual testing looks good and added to the
ticket.
Ticket: CM-16513
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: CCR-6339
Problem reported with the inability to define "network x❌x::/64 label-index" to
the config. Found that the install_element was pointing to the wrong node.
Ticket: CM-16615
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Problem seen in testing import-check using labeled-unicast address-family. When
transitioning from "no bgp network import-check" to "bgp network import-check",
previously installed networks were not removed. This fix resolves this.
Ticket: CM-16512
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Modify EVPN prefix to use the generic IP address structure. Add support
for EVPN type-2 and type-3 prefix dump. Fix references to modified fields
as needed.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Static encap routes don't have an MPLS label. Also, use %u instead of
%d to print the label.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The FSF's address changed, and we had a mixture of comment styles for
the GPL file header. (The style with * at the beginning won out with
580 to 141 in existing files.)
Note: I've intentionally left intact other "variations" of the copyright
header, e.g. whether it says "Zebra", "Quagga", "FRR", or nothing.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These commands were causing bgpd to crash if a static VPN route was
configured.
While here, fix a bug in bgp_static_add() and bgp_static_delete().
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Pass pointer to pointer instead of assigning by return value. See
previous commit message.
To ensure that the behavior stays functionally correct, any assignments
with the result of a thread_add* function have been transformed to set
the pointer to null before passing it. These can be removed wherever the
pointer is known to already be null.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The way thread.c is written, a caller who wishes to be able to cancel a
thread or avoid scheduling it twice must keep a reference to the thread.
Typically this is done with a long lived pointer whose value is checked
for null in order to know if the thread is currently scheduled. The
check-and-schedule idiom is so common that several wrapper macros in
thread.h existed solely to provide it.
This patch removes those macros and adds a new parameter to all
thread_add_* functions which is a pointer to the struct thread * to
store the result of a scheduling call. If the value passed is non-null,
the thread will only be scheduled if the value is null. This helps with
consistency.
A Coccinelle spatch has been used to transform code of the form:
if (t == NULL)
t = thread_add_* (...)
to the form
thread_add_* (..., &t)
The THREAD_ON macros have also been transformed to the underlying
thread.c calls.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Crash uncovered when workqueue item was pulled with safi set to 7
(SAFI_LABELED_UNICAST) without labled-unicast being configured.
Also fixed minor issue removing aggregate-address command due to bad
index.
Ticket: CM-16169
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
If you specified A.B.C.D, the code would still try to
read A.B.C.D/M and not find it and pass in a NULL pointer
which crashed the code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
The initial implementation was against draft-keyupate-idr-bgp-prefix-sid-02
This updates our label-index implementation up to draft-ietf-idr-bgp-prefix-sid-05
- changed BGP_ATTR_LABEL_INDEX to BGP_ATTR_PREFIX_SID
- since there are multiple TLVs in BGP_ATTR_PREFIX_SID you can no longer
rely on that flag to know if there is a label-index for the path. I
changed bgp_attr_extra_new() to init the label_index to
BGP_INVALID_LABEL_INDEX
- put some placeholder code in for the other two TLVs (IPv6 and
Originator SRGB)
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
- cleaned up the "show bgp ipv4 labeled-unicast x.x.x.x" output
- fixed some json keys to use camelCase
- bgp_attr_label_index() was clearing BGP_ATTR_LABEL_INDEX because it
was comparing mp_update->afi against SAFI_LABELED_UNICAST instead of
mp_update->safi
- added BGP_ATTR_LABEL_INDEX to attr_str
1) Some commands were installed in the wrong node
2) Fix output to show labeled information to correctly display
3) Whitespace issue in route-map command
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Fix a segfault when the "show bgp large-community" command is given
without any optional large communities;
* Fix parsing of optional large communities. Without this fix a
"Large-community malformed" error is shown even for valid large
communities.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Implement BGP Prefix-SID IETF draft to be able to signal a labeled-unicast
prefix with a label index (segment ID). This makes it easier to deploy
global MPLS labels with BGP, even without other aspects of Segment Routing
implemented.
This patch implements the handling of the BGP-Prefix-SID Label Index
attribute. When received from a peer and the index is acceptable, the local
label is picked up from the SRGB and is programmed as the incoming label as
well as advertised to peers. If the index is not acceptable, no local label
is assigned. The outgoing label will always be the one advertised by the
downstream neighbor.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Implement BGP Prefix-SID IETF draft to be able to signal a labeled-unicast
prefix with a label index (segment ID). This makes it easier to deploy
global MPLS labels with BGP, even without other aspects of Segment Routing
implemented.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Implement BGP Prefix-SID IETF draft to be able to signal a labeled-unicast
prefix with a label index (segment ID). This makes it easier to deploy
global MPLS labels with BGP, even without other aspects of Segment Routing
implemented.
This patch implements configuration of the global label block (SRGB) and
configuration of a label-index for a network in BGP.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Implement support for negotiating IPv4 or IPv6 labeled-unicast address
family, exchanging prefixes and installing them in the routing table, as
well as interactions with Zebra for FEC registration. This is the
implementation of RFC 3107.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Implement support for activating the labeled-unicast address family in
BGP and relevant configuration for this address family.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Code inspection showed a bunch more spots where
we were assigning the safi inside of a if statement
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When outputting routes associated with a 'struct bgp'
do not force the safi to bee SAFI_EVPN and cause output
to be hosed.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The original code on shutdown assumed a 'forced' mode
if there was no process_main_queue. This construct
was violated by commit 2e02b9b2d1
due to not fully understanding the shutdown process.
If we are shutting down, don't store work to do later,
just gracefully don't do it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The buffer needs to be set to length 0 if nothing is written into
it, otherwise bgpd will log uninitialized memory, disclosing information
and possibly leading to a crash.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
As the prefix call function for mac handling has prefix_ prepended
before, the change must be propagated to all locations where those
functions are called.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
EVPN code adaptation to replace old mac string internal utility with the
new one available in lib folder.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Transmission and Reception routines have a part of code that is
conditionnally compiled to the usage of HAVE_EVPN. Also, each time a
subfield of prefix evpn is reached, like in configuration also, then a
conditionnaly compilation with HAVE_EVPN is used.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This commit fixes the nexthop display behaviour when an evpn entry is
matched. The commit handles both cases where IPv4 or IPv6 nexthop is
detected.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
In case a manual set of MPLS, ENCAP, or EVPN entry is set, then the
nexthop attribute localted in attr->extra structure must be changed too.
In standard cases, where IPv4 IGP nexthop address is picked up, the same
address ie chosen.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
A new vty command available under evpn address family. This command
takes following format:
(af-evpn)# [no] network <A.B.C.D/M|X:X::X:X/M> rd ASN:nn_or_IP-address:nn ethtag WORD
label WORD esi WORD gwip A.B.C.D routermac WORD
[route-map WORD]
Among new parameters, ethtag stands for the ethernet tag indentifier.
ESI stands for the ethernet segment identifier, and must be entered in
following format: 00:11:22:33:44:55:66:77:88:99.
gwip stands for the gateway IP address contained in RT5 message. A
check is done on that value since if gwip is ipv4, then ip prefix must
be ipv4. The same for ipv6.
RouterMAc is the gateway mac address sent as extended community
attribute.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
L2VPN route prefix are composed of ethtag, mac address and ip address.
vty command "show bgp l2vpn rd <>" show macip prefix in the following
template: [ethtag][macaddress/len][ipaddress/len]
Signed-off-by: Julien Courtat <julien.courtat@6wind.com>
e
This patch introduces show show bgp evpn commands to dump
NLRI entries configured or received on BGP, related to EVPN
New command introduced is the following:
show [ip] bgp l2vpn evpn [all | rd <rd name> ] [overlay]
Like for MPLS, similar set of commands is added for EVPN:
show [ip] bgp l2vpn evpn [all|rd <RDNAME>]
show [ip] bgp l2vpn evpn all neighbor <NEIGHBOR> routes
show [ip] bgp l2vpn evpn all neighbor <NEIGHBOR> advertised-routes
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
For each received routermac extended community, the mac address is
copied into routermac extended community context. For each emission,
a check is done against routermac extended community, if L2VPN is
enabled. If enabled, the extended community is appended.
Signed-off-by: Philippe Gubiert <philippe.guibert@6wind.com>
This field can be either IPv4 or IPv6 address and is filled in in
bgp_static configuration structure.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
As per draft-ietf-idr-tunnel-encaps-02, section 3.2.1, BGP Encap
attribute supports vxlan tunnel type. A new tunnel attribute has been
appended to subtlv list, describing the vxlan network identifier to
be used for the routing information of the BGP update message.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The commit introduces the changes to be done to carry route type 5 EVPN
information in bgp extra attribute information. The commit also handles
the update processing for route type 5 information, including ESI,
gatewayIP and label information.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This patch introduces code to receive a NLRI message with route type
5, as defined in draft-ietf-bess-evpn-prefix-advertisement-02. It
It increases the number of parameters to extract from the NLRI and
to store into bgp extra information structure. Those parameters are
the ESI (ethernet segment identifier), the gateway IP Address (which
acts like nexthop attribute but is contained inside the NLRI itself)
and the ethernet tag identifier ( that acts for the VXLan Identifier)
This patch updates bgp_update() and bgp_withdraw() api, and then does the
necessary adapations for rfapi.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
To handle BGP NLRI EVPN messages, bgp is modified to handle AFI_L2VPN
and SAFI_EVPN values.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This fix addresses these things:
1) Clean up documentation as requested
2) Fix a wrong search for "exact-match"
3) Fix possible crash.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
- route_set_lcommunity would do nothing (and leak memory) if attr->extra
wasn't up yet
- an if() arch in bgp_show_table() was duplicated (with no effect)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(to match surrounding code)
"git diff -w" should be almost empty.
Copyright edited to say FRR, this is not GNU Zebra :)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When bgp_vty_find_and_parse_afi_safi_vrf detects
a invalidly named vrf, it warns the user. There
is no need for the calling function to warn
again.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This bgp_show_type enumerate was duplicated and modified in several
places. The commit takes the enumerate with the biggest enumerate, so
that it can be used by all the functions using this enumerate.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The commit is removed duplicated command show ip bgp ipv4|ipv6 enca|vpn
command that is conflicting between bgp_route.c and
bgp_mplsvpn.c/bgp_encap.c files. The fix is integrating the call to
specific mpls or encap settings from inside bgp_show_route() function.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
1) Make [<view|vrf> WORD] consistent
2) Fix inconsistent help string
3) Fix the show .. vrf all command
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Create bgp_vty_find_and_parse_afi_safi_vrf that
will parse the
`show [ip] bgp [<view|vrf> WORD] [<ipv4|ipv6> [<unicast|multicast|vpn|encap>]]'
part of a command and to return the correct spot we are in the command.
Cleanup 'dampening parameters' part of this command.
Consolidate the creation of the bgp data structure to be a bit cleaner.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The original commit for large communities broke
'show ip bgp' and 'show bgp ipv4 unicast' and
their ilk. This commit fixes this as well
as some vtysh parse errors identified.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
BGP Large Communities are a novel way to signal information between
networks. An example of a Large Community is: "2914:65400:38016". Large
BGP Communities are composed of three 4-byte integers, separated by a
colon. This is easy to remember and accommodates advanced routing
policies in relation to 4-Byte ASNs.
This feature was developed by:
Keyur Patel <keyur@arrcus.com> (Arrcus, Inc.),
Job Snijders <job@ntt.net> (NTT Communications),
David Lamparter <equinox@opensourcerouting.org>
and Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Job Snijders <job@ntt.net>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Use KEEP_OLD_VPN_COMMANDS define to brace some vty commands used by bgp
to configure or show vpnvx contexts using old method, that is to say
using vty keyword vpnv4 or vpnv6 command.
In addition to this, the commit adds two new commands under route-map
with new format:
[no] set ipv4|ipv6 vpn nexthop <IPv4 Address> | <IPv6 Address>
It also add following command in old format:
[no] set vpnv6 nexthop <IPv6 Address>
Note that the commit does not take into account the availability of old
commands that are not available in new format.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com
To remove commands duplicated in bgp_mplsvpn/_encap
Also until vpn/encap specific show pieces are merged into
generic afi/safi show.
Signed-off-by: Lou Berger <lberger@labn.net>
As nexthop attribute for vpnv6 also contains a blank RD and a blank tag,
the IPv6 address length increases from 16 to 24 bytes. The same was
observed for vpnv4 nexthop, but was missing for VPNv6.
The same is done for martian nexthop debugging.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
I modified the 'show ....' command to be one long line.
Upon reflection and porting the large-community code
I have decided that we need to put this back to the way
it was before.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
As nexthop attribute for vpnv6 also contains a blank RD and a blank tag,
the IPv6 address length increases from 16 to 24 bytes. The same was
observed for vpnv4 nexthop, but was missing for VPNv6.
The same is done for martian nexthop debugging.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Add the next commands:
network X:X::X:X/M rd ASN:nn_or_IP-address:nn tag WORD [route-map WORD]
no network X:X::X:X/M rd ASN:nn_or_IP-address:nn tag WORD
Also, fix show running-config for vpnv6 network, as well as modiying
bgp_static_set_safi, and take into account matching afi table.
Signed-off-by: Liu Xiaofeng <xiaofeng.liu@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Introduce internal and IANA defintions for AFI/SAFI and mapping
functions and modify code to use these. This refactoring will
facilitate adding support for other AFI/SAFI whose IANA values
won't be suitable for internal data structure definitions (e.g.,
they are not contiguous).
The commit adds some fixes related to afi/safi testing with 'make check
' command.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Ticket: CM-11416
Reviewed By: CCR-3594 (mpls branch)
Testing Done: Not tested now, tested earlier on mpls branch
Added defines and parse utility functions
Fix vty code that treated vpn&encap as AFIs
and some other related vty printing/handline issues
Note: Includes branch specific changes (due to new parser)
Signed-off-by: Lou Berger <lberger@labn.net>
thread.c fails to build properly on systems that do
not have a CLOCK_MONOTONIC. Therefore there is
no need for bgp to have knowledge of it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This patch enable the support of graceful restart for routes sets with
vpnv4 address family format. In this specific case, data model is
slightly different and some additional processing must be done when
accessing bgp tables and nodes.
The clearing stale algorithm takes into account the specificity where
the 2 node level for MPLS has to be reached.
Signed-off-by: Julien Courtat <julien.courtat@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Modify the 'show ip bgp ...' output to be a bit clearer
on what work it did.
Modify:
root@dell-s6000-02 ~/quagga# vtysh -c "show ip bgp"
BGP table version is 7, local router ID is 6.0.0.9
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 6.0.0.5/32 169.254.0.1 0 0 65101 ?
*> 6.0.0.6/32 169.254.0.17 0 0 65101 ?
*> 6.0.0.7/32 169.254.0.33 0 0 65104 ?
*> 6.0.0.8/32 169.254.0.49 0 0 65104 ?
*> 6.0.0.9/32 0.0.0.0 0 32768 ?
*= 6.0.0.10/32 169.254.0.49 0 65104 65200 ?
*= 169.254.0.33 0 65104 65200 ?
*= 169.254.0.17 0 65101 65200 ?
*> 169.254.0.1 0 65101 65200 ?
Displayed 6 out of 9 total prefixes
To
.....
Displayed 6 routes and 9 total paths
Issue #11
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This contains bgp memory leak fixes as well as cleanups to VRF/namespace
handling and has been run through extended testing in Cumulus' testbed:
Tested-by: Donald Sharp <sharpd@cumulusnetworks.com>
For unicast routes do not change the output of the 'show ip bgp' command.
This will allow people with existing scripts to continue to work.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Additionally:
* Add [ip] to a couple bgp show commands
* Quick refactor of a couple ISIS commands
* Quick refactor of a couple OSPF6 commands
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* show ip bgp vpnv4 all <A.B.C.D|A.B.C.D/M> [json]
* show...vpnv4 <all|rd ...> summary...
* Fix placement of AF+SAFI specifiers for BGP clear commands
* Add more [ip]'s for bgp commands
* clean up some doc strings
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The "Weight" column is off:
BGP table version is 0, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, =
multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.1.1.2/32 9.9.9.2 0 32768 ?
*> 4.1.1.4/32 9.9.9.2 0 32768 ?
Displayed 2 out of 2 total prefixes
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 65c7395b07e8c592c847d4a1e22fc89ddf448341)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
It seems these two were at some point copied in from rsync; replace with
more recent versions that will hopefully become available in glibc as
well.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* bgpd parses NLRIs twice, a first pass "sanity check" and then a second pass
that changes actual state. For most AFI/SAFIs this is done by
bgp_nlri_sanity_check and bgp_nlri_parse, which are almost identical.
As the required action on a syntactic error in an NLRI is to NOTIFY and
shut down the session, it should be acceptable to just do a one pass
parse. There is no need to atomically handle the NLRIs.
* bgp_route.h: (bgp_nlri_sanity_check) Delete
* bgp_route.c: (bgp_nlri_parse) Make the prefixlen size check more general
and don't hard-code AFI/SAFI details, e.g. use prefix_blen library function.
Add error logs consistent with bgp_nlri_sanity_check as much as possible.
Add a "defense in depth" type check of the prefixlen against the sizeof
the (struct prefix) storage - ala bgp_nlri_parse_vpn.
Update standards text from draft RFC4271 to the actual RFC4271 text.
Extend the semantic consistency test of IPv6. E.g. it should skip mcast
NLRIs for unicast safi as v4 does.
* bgp_mplsvpn.{c,h}: Delete bgp_nlri_sanity_check_vpn and make
bgp_nlri_parse_vpn_body the bgp_nlri_parse_vpn function again.
(bgp_nlri_parse_vpn) Remove the notifies. The sanity checks were
responsible for this, but bgp_update_receive handles sending NOTIFY
generically for bgp_nlri_parse.
* bgp_attr.c: (bgp_mp_reach_parse,bgp_mp_unreach_parse) Delete sanity check.
NLRI parsing done after attr parsing by bgp_update_receive.
Arising out of discussions on the need for two-pass NLRI parse with:
Lou Berger <lberger@labn.net>
Donald Sharp <sharpd@cumulusnetworks.com>
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
* bgp_route.h: (bgp_nlri_sanity_check) The bulk of the args are equivalent
to a (struct bgp_nlri), consolidate.
* bgp_route.c: (bgp_nlri_sanity_check) Make this a frontend for all afi/safis.
Including SAFI_MPLS_LABELED_VPN.
(bgp_nlri_sanity_check_ip) Regular IP NLRI sanity check based on the
existing code, and adjusted for (struct bgp_nlri *) arg.
* bgp_attr.c: (bgp_mp_reach_parse) Adjust for passing (struct bgp_nlri *)
to bgp_nlri_sanity_check.
Get rid of special-casing to not sanity check VPN.
(bgp_mp_unreach_parse) Ditto.
* bgp_mplsvpn.c: Use the same VPN parsing code for both the sanity
check and the actual parse.
(bgp_nlri_parse_vpn) renamed to bgp_nlri_parse_vpn_body and made
internal.
(bgp_nlri_parse_vpn_body) Added (bool) argument to control whether it
is sanity checking or whether it should update routing state for each
NLRI. Send a NOTIFY and reset the session, if there's a parsing
error, as bgp_nlri_sanity_check_ip does, and as is required by the
RFC.
(bgp_nlri_parse_vpn) now a wrapper to call _body with update.
(bgp_nlri_sanity_check_vpn) wrapper to call parser without
updating.
* bgp_mplsvpn.h: (bgp_nlri_sanity_check_vpn) export for
bgp_nlri_sanity_check.
* bgp_packet.c: (bgp_update_receive) Adjust for bgp_nlri_sanity_check
argument changes.
* test/bgp_mp_attr_test.c: Extend to also test the NLRI parsing functions,
if the initial MP-attr parsing has succeeded. Fix the NLRI in the
VPN cases. Add further VPN tests.
* tests/bgpd.tests/testbgpmpattr.exp: Add the new test cases.
This commit a joint effort of:
Lou Berger <lberger@labn.net>
Donald Sharp <sharpd@cumulusnetworks.com>
Paul Jakma <paul.jakma@hpe.com> / <paul@jakma.org>
Until today the admin distance cannot be configured for any IPv6
routing protocol. This patch implements it for bgp.
Signed-off-by: Maitane Zotes <maz@open.ch>
Signed-off-by: Roman Hoog Antink <rha@open.ch>
This patch is part of the previously submitted patch set on VPN and
Encap SAFIs. It fixes an issue identified by NetDEF CI.
Ensure temp stack structures are initialized Add protection against
double frees / post free access to bgp_attr_flush
Signed-off-by: Lou Berger <lberger@labn.net>
Ticket: CM-13053
Reviewed By: dslice@cumulusnetworks.com
'neighbor x.x.x.x weight' was implemented as a per-peer knob instead of
a per-peer per-afi-safi option. This makes it configurable per-peer
per-afi-safi so that we can do things like soft clear that afi/safi when
weight is modified.
When running 'show bgp ipv4 uni summ' (or any variation thereof)
If you have a large # of routes, the json package starts taking
up a tremendous amount of memory and processing power.
Modify the code to output the json as we go instead of gathering
it all up and outputting at the end.
Ticket: CM-13060
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
If a command is put into the VIEW_NODE, it is going into the
ENABLE_NODE as well. This is especially true for show commands.
As such if a command is in both consolidate it down to VIEW_NODE.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The RESTRICTED_NODE command is not used, introduces code
complexity and provides no additional levels of security.
The only way to get into RESTRICTED_NODE is to add, under
vty configuration the command 'anonymous restricted', and
then telnet to a daemon, provide a password, then type
'enable' and fail to enter the password three times.
Then the user can enter a very limited set of commands to
monitor bgp and only bgp behavior.
This commit removes both the RESTRICTED_NODE usage as well
as the lib/* usage of the code
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This patch improves zebra,ripd,ripngd,ospfd and bgpd so that they can
make use of 32-bit route tags in the case of zebra,ospf,bgp or 16-bit
route-tags in the case of ripd,ripngd.
It is based on the following patch:
commit d25764028829a3a30cdbabe85f32408a63cccadf
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Fri Jul 1 14:23:45 2016 +0100
*: Widen width of Zserv routing tag field.
But also contains the changes which make this actually useful for all
the daemons.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
This feature adds an L3 & L2 VPN application that makes use of the VPN
and Encap SAFIs. This code is currently used to support IETF NVO3 style
operation. In NVO3 terminology it provides the Network Virtualization
Authority (NVA) and the ability to import/export IP prefixes and MAC
addresses from Network Virtualization Edges (NVEs). The code supports
per-NVE tables.
The NVE-NVA protocol used to communicate routing and Ethernet / Layer 2
(L2) forwarding information between NVAs and NVEs is referred to as the
Remote Forwarder Protocol (RFP). OpenFlow is an example RFP. For
general background on NVO3 and RFP concepts see [1]. For information on
Openflow see [2].
RFPs are integrated with BGP via the RF API contained in the new "rfapi"
BGP sub-directory. Currently, only a simple example RFP is included in
Quagga. Developers may use this example as a starting point to integrate
Quagga with an RFP of their choosing, e.g., OpenFlow. The RFAPI code
also supports the ability import/export of routing information between
VNC and customer edge routers (CEs) operating within a virtual
network. Import/export may take place between BGP views or to the
default zebera VRF.
BGP, with IP VPNs and Tunnel Encapsulation, is used to distribute VPN
information between NVAs. BGP based IP VPN support is defined in
RFC4364, BGP/MPLS IP Virtual Private Networks (VPNs), and RFC4659,
BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN . Use
of both the Encapsulation Subsequent Address Family Identifier (SAFI)
and the Tunnel Encapsulation Attribute, RFC5512, The BGP Encapsulation
Subsequent Address Family Identifier (SAFI) and the BGP Tunnel
Encapsulation Attribute, are supported. MAC address distribution does
not follow any standard BGB encoding, although it was inspired by the
early IETF EVPN concepts.
The feature is conditionally compiled and disabled by default.
Use the --enable-bgp-vnc configure option to enable.
The majority of this code was authored by G. Paul Ziemba
<paulz@labn.net>.
[1] http://tools.ietf.org/html/draft-ietf-nvo3-nve-nva-cp-req
[2] https://www.opennetworking.org/sdn-resources/technical-library
Now includes changes needed to merge with cmaster-next.
