This separates the init script used for the system (and called in the
systemd unit file) from the script that watchfrr uses to control
daemons. Mixing these two caused the entire thing to become a rather
huge spaghetti mess.
Note that there is a behaviour change in that the new script always
starts zebra regardless of zebra_enable.
Side changes:
- Ubuntu 12.04 removed from backports since it doesn't work anyway
- zebra is always started regardless of zebra_enable. To disable FRR,
the entire init script should be disabled through policy.
- no-watchfrr operation is no longer supported by the scripts in the
Debian packages. (This is intentional.)
Signed-off-by: David Lamparter <equinox@diac24.net>
The northbound infrastructure for operational data was subpar compared
to the infrastructure for configuration data. This commit addresses most
of the existing problems, making it possible to write operational-data
callbacks for more complex YANG models.
Summary of the changes:
* Add support for nested YANG lists.
* Add support for leaf-lists.
* Add support for leafs of type "empty".
* Introduce the "show yang operational-data XPATH" command, and write an
unit test for it. The main purpose of this command is to make it
easier to test the operational-data northbound callbacks.
* Introduce the nb_oper_data_iterate() function, that can be used
to iterate over operational data. Make the CLI and sysrepo use this
function.
* Since ConfD has a very peculiar API, it can't reuse the
nb_oper_data_iterate() like the other northbound clients. In this
case, adapt the existing ConfD callbacks to support the new features
(and make some performance improvements in the process).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
A YANG list that contains both configuration and state data must have
the following callbacks: create(), delete(), get_next(), get_keys()
and lookup_entry().
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Rename yang_snodes_iterate() to yang_snodes_iterate_subtree() and
expose it in the public API.
* Rename yang_module_snodes_iterate() to yang_snodes_iterate_module().
* Rename yang_all_snodes_iterate() to yang_snodes_iterate_all().
* Make it possible to stop the iteration at any time by returning
YANG_ITER_STOP in the iteration callbacks.
* Make the iteration callbacks accept only one user argument and not
two.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
1) Certain echo statements present in the script before/after SSD process
restart are causing the FRR script to hang. This is breaking the frr script
functionality for start/stop/restart. Removed such echo statements.
Tests:
1. Multiple start, stop, restart
2. Multiple restarts/kill of same process.
Signed-off-by: Sri Mohana Singamsetty <msingamsetty@vmware.com>
Need to use /usr/lib/frr/frr script for start/stop/restart of FRR. /usr/sbin/service frr command is not working as expected.
Signed-off-by: Sri Mohana Singamsetty <msingamsetty@vmware.com>
clang-format always indent labels by default and that can't be changed
with any configuration option. Also, indented labels tend to improve
code readability, especially in long functions.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
We weren't cleaning up some files (a whole lot of python foobar) and had
some files in the dist tarball that don't quite belong there.
Signed-off-by: David Lamparter <equinox@diac24.net>
This is no longer neccessary since start-stop-daemon will block until
watchfrr's launch parent has exited.
Signed-off-by: David Lamparter <equinox@diac24.net>
The script simplifies the relatively lengthy procedure.
It should be invoked from the top level source directory, for example:
./tools/build-debian-package.sh
Signed-off-by: Daniil Baturin <daniil@baturin.org>
Please note this is a Proof of Concept and not actually something
that is ready to commit at this point. The file tools/lua.scr
contains some documentation on how we expect it to work currently.
Additionally not all bgp values have been hooked up into the
ability to lua script yet.
There is still significant work to be done here:
1) Add the ability to pass in more data and to adjust the return values
as appropriate.
To set it up:
1) copy tools/lua.scr into /etc/frr (or whereever the config
directory is )
2) Create a route-map match command:
!
router bgp 55
neighbor 10.50.11.116 remote-as external
!
address-family ipv4 unicast
neighbor 10.50.11.116 route-map TEST in
exit-address-family
!
route-map TEST permit 10
match command mooey
!
3) In the lua.scr file make sure that you have a function
named 'mooey' ( as the above example does ):
function mooey ()
zlog_debug(string.format("Family: %d: %s %d ifindex: %d aspath: %s localpref: %d",
prefix.family, prefix.route,
nexthop.metric, nexthop.ifindex, nexthop.aspath, nexthop.localpref))
nexthop.metric = 33
nexthop.localpref = 13
return 3
end
This example script modifies the metric and localpref currently. I've also provided
a zlog_debug function in lua to allow some simple debugging.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fixed using XCALLOC(MTYPE_TMP, ...) instead of calloc(...) because of the
error handling (XCALLOC checks + log + abort through memory_oom())
Signed-off-by: F. Aragon <paco@voltanet.io>
config.h (or, transitively, zebra.h) must be the first include file
listed for autoconf things like _GNU_SOURCE and _POSIX_C_SOURCE to work
correctly.
Signed-off-by: David Lamparter <equinox@diac24.net>
Problem reported that when a peer-group was added in certain
configurations, it would be rejected because of the order of the
commands put in by nclu. Issued turned out to be how frr-reload.py
was handling the sub-sub-context of the vni under the address-family
and subsequently how it handled the following exit-vni.
Ticket: CM-21996
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Add BFD daemon to the build process and packaging instructions.
Currently the bfdd daemon does nothing, this is just to document how the
daemon insertion step occured.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
checkpatch cuts from the diff between the outputs of pre-patch and
post-patch runs of `checkpatch.pl`, but fixed-length greps sometimes
don't cut correctly.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Only frr-reload.py pulls in a python depenedency for frr, we can
reduce the size of the base frr package by a lot if we separate
out frr-pythontools. When we do this, we get a somewhat cryptic
error message when frr-reload.py is missing on frr reload.
Here, we pull the error message from frr-reload script, which is
much clearer.
Testing done:
frr reload both with and without the frr-reload.py script, see
the frr-reload message when missing and it runs frr-reload.py when
not missing.
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
Add code to allow FRR to properly build and handle the staticd
for some of the more common packaging.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Move configure flag propagations out of user flags
* Use AC_SUBST to transfer flag values to Automake
* Set default AM_CFLAGS and AM_CPPFLAGS in common.am and change child
Makefiles to modify these base variables
* Add flag override to turn off all sanitizers when building clippy
* Remove LSAN suppressions blacklist as it's no longer needed
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The re-use of RTPROT_STATIC has caused too many collisions
where other legitimate route sources are causing us to
believe we are the originator of the route. Modify
the code so that if another protocol inserts RTPROT_STATIC
we will assume it's a Kernel Route.
Fixes: #2293
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We have run across a few cases where the startup timeout is
ocurring on heavily loaded systems. This is especially true
in simulation environments where the hypervisor load is
extremely high.
Modify the code base to give ourselves more time to startup.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The sharp and pbr protocols needed a bit more handling
to be 'right' from a start/stop perspective.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Currently, we just package the frr daemons, but we don't run
them. This is fine for basic tests, but it is inconvenient to
orchestrate the daemons from downstream test environments.
Here, we follow the redhat and debianpkg formats more closely,
putting the daemons in /usr/lib/frr and including the frr user
and groups in the package. We also include a docker specific
startup script and a sysvinit link in /etc/init.d/frr for
openrc based alpine installs.
Testing done:
Built packages, built base images, everything seems to work fine.
Uninstalled the package, all the daemons stopped.
Issue: https://github.com/FRRouting/frr/issues/2030
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
This is an implementation of PBR for FRR.
This implemenation uses a combination of rules and
tables to determine how packets will flow.
PBR introduces a new concept of 'nexthop-groups' to
specify a group of nexthops that will be used for
ecmp. Nexthop-groups are specified on the cli via:
nexthop-group DONNA
nexthop 192.168.208.1
nexthop 192.168.209.1
nexthop 192.168.210.1
!
PBR sees the nexthop-group and installs these as a default
route with these nexthops starting at table 10000
robot# show pbr nexthop-groups
Nexthop-Group: DONNA Table: 10001 Valid: 1 Installed: 1
Valid: 1 nexthop 192.168.209.1
Valid: 1 nexthop 192.168.210.1
Valid: 1 nexthop 192.168.208.1
I have also introduced the ability to specify a table
in a 'show ip route table XXX' to see the specified tables.
robot# show ip route table 10001
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
F>* 0.0.0.0/0 [0/0] via 192.168.208.1, enp0s8, 00:14:25
* via 192.168.209.1, enp0s9, 00:14:25
* via 192.168.210.1, enp0s10, 00:14:25
PBR tracks PBR-MAPS via the pbr-map command:
!
pbr-map EVA seq 10
match src-ip 4.3.4.0/24
set nexthop-group DONNA
!
pbr-map EVA seq 20
match dst-ip 4.3.5.0/24
set nexthop-group DONNA
!
pbr-maps can have 'match src-ip <prefix>' and 'match dst-ip <prefix>'
to affect decisions about incoming packets. Additionally if you
only have one nexthop to use for a pbr-map you do not need
to setup a nexthop-group and can specify 'set nexthop XXXX'.
To apply the pbr-map to an incoming interface you do this:
interface enp0s10
pbr-policy EVA
!
When a pbr-map is applied to interfaces it can be installed
into the kernel as a rule:
[sharpd@robot frr1]$ ip rule show
0: from all lookup local
309: from 4.3.4.0/24 iif enp0s10 lookup 10001
319: from all to 4.3.5.0/24 iif enp0s10 lookup 10001
1000: from all lookup [l3mdev-table]
32766: from all lookup main
32767: from all lookup default
[sharpd@robot frr1]$ ip route show table 10001
default proto pbr metric 20
nexthop via 192.168.208.1 dev enp0s8 weight 1
nexthop via 192.168.209.1 dev enp0s9 weight 1
nexthop via 192.168.210.1 dev enp0s10 weight 1
The linux kernel now will use the rules and tables to properly
apply these policies.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The shutdown code was sometimes taking 1 minute to run because
the ssd program was misbehaving after a make install.
This commit just removes the usage of ssd for shutdown
since we already have a pid file and we know that the
frr script cleans up the pid file as well.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Checkpatch.pl now checks for nonstandard integral types
* Add shell script to replace all nonstandard types with their standard
counterparts in C source files
* Document usage of types, mention conversion script
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Building FRR with AddressSanitizer is kind of annoying since
libpython3.5 leaks memory, clippy links libpython3.5 and clippy runs as
part of the build process. LeakSanitizer has a way to suppress leaks at
runtime by setting the LSAN_OPTIONS environment variable to contain a
file path to a suppression list:
LSAN_OPTIONS=suppressions=path/to/suppr.txt
This commit provides the file. Setting this environment variable to
LSAN_OPTIONS=suppressions=../tools/lsan-suppressions.txt
before building should allow a clean build with ASAN enabled. The
relative path is there because LeakSanitizer looks at paths relative to
the binary it is sanitizing; clippy is in lib/ so the path is set
relative to lib/.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* 2 for errors
* 1 for warnings
* 0 for clean
* Suppress all report text for a clean result
* Remove check for const structs from perl script
* Remove grep suppression for that check from shell script
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Unlike Linux we do require the GPL file header
* When checking for spaces between function names and parentheses,
ignore all-uppercase function names as these are likely to be macros,
and function-like macros may have that space
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Because checkpatch result is applied to original and new file, the
analysis also parses what may be wrong with the original file.
Whereas the script should limit to analyse only what is wrong on new
file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
* Send reports to stderr; this allows you to get just the end result by
redirecting stderr
* Don't attempt to copy nonexistent files
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Since the tool is entirely diff based, it was having some issues diffing
things that didn't exist.
Also made it a bit smarter about ignoring kernel-specific style nits we
don't really care about.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adds ability to still work even when the user's base FRR directory is
not clean by caching index, working directory and deletion state in
various locations then restoring after done.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
