This commit adds the capabiity to filter OSPF neighbors using a
prefix-list with rules matching the neighbor's IP source address.
Configuration, filtering, immediate neighbor pruning, topo-tests,
and documentation are included. The command is:
ip ospf neighbor-filter <prefix-list> [A.B.C.D]
Signed-off-by: Acee Lindem <acee@lindem.com>
RFC5492 says:
This document defines a new Error Subcode, Unsupported Capability.
The value of this Subcode is 7. The Data field in the NOTIFICATION
message MUST list the set of capabilities that causes the speaker to
send the message. Each such capability is encoded in the same way as
it would be encoded in the OPEN message.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
When the ISIS instance does not exist, this check causes the default value of the ISIS instance's metric to become narrow.
The following two scenarios present issues:
1) When the ISIS metric configuration under the interface exceeds 63, we are unable to delete the ISIS instance.
2) When the ISIS instance is not created, we are unable to modify an ISIS metric that exceeds 63.
Signed-off-by: zhou-run <166502045+zhou-run@users.noreply.github.com>
Today, with the following bgp instance configured, the
local VRF label is allocated even if it is not used.
> router bgp 65500 vrf vrf1
> address-family ipv4 unicast
> label vpn export allocation-mode per-nexthop
> label vpn export auto
> rd vpn export 444:1
> rt vpn both 52:100
> export vpn
> import vpn
The 'show mpls table' indicates that the 16 label value
is allocated, but never used in the exported prefixes.
> r1# show mpls table
> Inbound Label Type Nexthop Outbound Label
> -----------------------------------------------------
> 16 BGP vrf1 -
> 17 BGP 192.168.255.13 -
> 18 BGP 192.0.2.12 -
> 19 BGP 192.0.2.11 -
Fix this by only allocating new label values when really
used. Consequently, only 3 labels will be allocated instead
of previously 4.
> r1# show mpls table
> Inbound Label Type Nexthop Outbound Label
> -----------------------------------------------------
> 16 BGP 192.168.255.13 -
> 17 BGP 192.0.2.11 -
> 18 BGP 192.0.2.12 -
Fixes: 577be36a41 ("bgpd: add support for l3vpn per-nexthop label")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
SRTE_COLOR is not defined at all as an attribute, it was a mistake from the
beginning.
SRTE_COLOR is extended community, can't see the reason having it as a community,
and a separate attribute.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
RFC-7607 specifically calls out the allowed usage
of AS 0 to signal that the a particular address is
not in use and should be guarded against. Add
the ability to specify this special AS in the rpki
commands.
eva# show rpki as-number 0
RPKI/RTR prefix table
Prefix Prefix Length Origin-AS
2.57.180.0 22 - 24 0
2.58.144.0 22 - 22 0
2.59.116.0 24 - 24 0
4.42.228.0 22 - 22 0
5.57.80.0 22 - 22 0
<snip>
2a13:df87:b400:: 38 - 38 0
2a13:df84:: 32 - 32 0
2630:: 16 - 16 0
Number of IPv4 Prefixes: 1166
Number of IPv6 Prefixes: 617
eva# show rpki prefix 2630::/16 0
Prefix Prefix Length Origin-AS
2630:: 16 - 16 0
eva#
Fixes: #15778
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The debug command was removed in 17e9298e47 ("bgpd: Remove 'debug bgp
allow-martian'")
Cleanup all references to the debug command.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Operational data should not be used on validation stage. Move the usage
to apply stage only.
Fixes#15707.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
If a command is not marked as `YANG`-converted, the current command
batching buffer is flushed before executing the command. We shouldn't
flush the buffer when executing an `exit` command. It should only be
flushed if the next command is not `YANG`-converted, which is checked by
the command itself, not the previous `exit`.
Fixes#15706.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
An extension of commit-8d8f12ba8e5cd11c189b8475b05539fa8415ccb9
Removing ifdef DEV_BUILD in stream_fifo_push as well to make the 'sh
zebra client' display the current I/O fifo along with max fifo items.
TICKET :#3390099
Signed-off-by: Rajasekar Raja <rajasekarr@nvidia.com>
The 'table-direct' redistribute command is available for ipv4 unicast but
not for ipv6 unicast.
Add the command to ipv6 unicast as well.
Fixes: b6367f8460 ("bgpd: add redistribute table-direct support")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
The usage of the `bgp bestpath med missing-as-worst` command
was being accepted and applied during bestpath, but during output
of the routes affected by this it would not give any indication
that this was happening or what med value was being used.
Fixes: #15718
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When trying to connect to a BGP peer that does not respons, the 'show
bgp neighbors' command does not give any indication on the local and
remote addresses used:
> # show bgp neighbors
> BGP neighbor is 192.0.2.150, remote AS 65500, local AS 65500, internal link
> Local Role: undefined
> Remote Role: undefined
> BGP version 4, remote router ID 0.0.0.0, local router ID 192.0.2.1
> BGP state = Connect
> [..]
> Connections established 0; dropped 0
> Last reset 00:00:04, Waiting for peer OPEN (n/a)
> Internal BGP neighbor may be up to 255 hops away.
> BGP Connect Retry Timer in Seconds: 120
> Next connect timer due in 117 seconds
> Read thread: off Write thread: off FD used: 27
The addressing information (address and port) are only available
when TCP session is established, whereas this information is present
at the system level:
> root@ubuntu2204:~# netstat -pan | grep 192.0.2.1
> tcp 0 0 192.0.2.1:179 192.0.2.150:38060 SYN_RECV -
> tcp 0 1 192.0.2.1:46526 192.0.2.150:179 SYN_SENT 488310/bgpd
Add the display for outgoing BGP session, as the information in
the getsockname() API provides information for connected streams.
When getpeername() API does not give any information, use the peer
configuration (destination port is encoded in peer->port).
> # show bgp neighbors
> BGP neighbor is 192.0.2.150, remote AS 65500, local AS 65500, internal link
> Local Role: undefined
> Remote Role: undefined
> BGP version 4, remote router ID 0.0.0.0, local router ID 192.0.2.1
> BGP state = Connect
> [..]
> Connections established 0; dropped 0
> Last reset 00:00:16, Waiting for peer OPEN (n/a)
> Local host: 192.0.2.1, Local port: 46084
> Foreign host: 192.0.2.150, Foreign port: 179
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
When attempting to get the src and destination addresses of a given
connection, the API may return the NULL pointer, but further code
in bgp_zebra_nexthop_set() already does a check about the given
pointer.
Relaxing the error code for all the returned adressing.
Fixes: 1ff9a34058 ("bgpd: bgpd-fsm-fix.patch")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
ospfd/ospf_sr.c: In function ‘show_sr_node.part.5’:
ospfd/ospf_sr.c:2745:32: warning: ‘%u’ directive output may be truncated writing between 1 and 10 bytes into a region of size 2 [-Wformat-truncation=]
snprintf(tmp, sizeof(tmp), "%u", i);
^~
ospfd/ospf_sr.c:2745:31: note: directive argument in the range [0, 2147483646]
snprintf(tmp, sizeof(tmp), "%u", i);
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
