When the redistribution is configured in non-default VRF, isisd should
redistribute routes from this VRF instead of default.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
YANG model and CLI commands allow user to configure LDP-sync per area.
But the actual implementation is incorrect - all commands are changing
the config for the whole VRF instead of a single area. This commit fixes
this issue by actually implementing per area configuration.
Fixes#8578.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Now it's possible to filter routes redistributed by another protocol using tag
which comes from zebra daemon.
Example of a possible configuration:
```
!
ipv6 route fd00::/48 blackhole tag 20
ipv6 route fd00::/60 blackhole tag 10
!
interface one
ipv6 router isis COMMON
isis circuit-type level-1
!
interface two
ipv6 router isis COMMON
isis circuit-type level-2-only
!
router isis COMMON
net fd.0000.0000.0000.0001.00
redistribute ipv6 static level-1 route-map static-l1
redistribute ipv6 static level-2 route-map static-l2
topology ipv6-unicast
!
route-map static-l1 permit 10
match tag 10
!
route-map static-l2 permit 10
match tag 20
!
```
Signed-off-by: Emanuele Altomare <emanuele@common-net.org>
Remote LFA (RFC 7490) is an extension to the base LFA mechanism
that uses dynamically determined tunnels to extend the IP-FRR
protection coverage.
RLFA is similar to TI-LFA in that it computes a post-convergence
SPT (with the protected interface pruned from the network topology)
and the P/Q spaces based on that SPT. There are a few differences
however:
* RLFAs can push at most one label, so the P/Q spaces need to
intersect otherwise the destination can't be protected (the
protection coverage is topology dependent).
* isisd needs to interface with ldpd to obtain the labels it needs to
create a tunnel to the PQ node. That interaction needs to be done
asynchronously to prevent blocking the daemon for too long. With
TI-LFA all required labels are already available in the LSPDB.
RLFA and TI-LFA have more similarities than differences though,
and thanks to that both features share a lot of code.
Limitations:
* Only RLFA link protection is implemented. The algorithm used
to find node-protecting RLFAs (RFC 8102) is too CPU intensive and
doesn't always work. Most vendors implement RLFA link protection
only.
* RFC 7490 says it should be a local matter whether the repair path
selection policy favors LFA repairs over RLFA repairs. It might be
desirable, for instance, to prefer RLFAs that satisfy the downstream
condition over LFAs that don't. In this implementation, however,
RLFAs are only computed for destinations that can't be protected
by local LFAs.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Removing the obsolete ldp-sync periodic 'hello' message.
When ldp-sync is configured, IGPs take action if the LDP process goes down.
The IGPs have been updated to use the zapi client close callback to detect
the LDP process going down.
Signed-off-by: Karen Schoener <karen@voltanet.io>
When ldp-sync is configured, IGPs take action if the LDP process goes down.
Currently, IGPs detect the LDP process is down if they do not receive a
periodic 'hello' message from LDP within 1 second.
Intermittently, this heartbeat mechanism causes false topotest failures.
When the failure occurs, LDP is busy receiving messages from zebra for a
few seconds. During this time, LDP does not send the expected periodic
message.
With this change, IGPs detect LDP down via zapi client close message.
Signed-off-by: Karen Schoener <karen@voltanet.io>
Commit 4c75f7c773 fixed a bug in which the TI-LFA repair paths
weren't preserving the original Prefix-SID of the routes. That
commit, however, didn't update the zebra interface code to account
for backup nexthops that don't have a repair list but do have a
SR label. As a consequence, backup nexthops that didn't have any
repair label were not preserving the original Prefix-SID of the
corresponding routes. Fix this and update the TI-LFA topotest
accordingly.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Once the remote end of a connected link is shut down (or lose
its address), isisd will remove the corresponding route from its
RIB after SPF runs. A new route for the same destination should
be computed based on the local LSP, and that route by definition
doesn't have any nexthop. The problem is that, when isisd tries
to replace the old route by the new one, it fails because routes
without nexthops can't be installed. That causes the old invalid
route to remain in the RIB when it shouldn't. To fix this problem,
change the zebra interface code to uninstall a route whenever it
can't be installed (because it lacks nexthops) instead of doing
nothing in that case.
This change should fix occasional failures of the test_isis_sr_topo1
topotest.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The `enum zclient_send_status` enum needs to be extended
throughout the code base to use the new states and
to fix up places where we tested against the return
value being non zero.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Embed Prefix-SID information inside SPF data structures so that
Prefix-SIDs can be installed together with their associated routes
at the end of the SPF algorithm. This is different from the current
implementation where Prefix-SIDs are parsed and processed separately,
which is vastly suboptimal.
Advantages of the new code:
* No need to parse the LSPDB an additional time to detect and process
SR-related changes;
* Routes are installed with their Prefix-SID labels in the same ZAPI
message. This can prevent packet dropping for a few milliseconds
after each SPF run if there are BGP-labeled routes (e.g. L3VPN) that
recurse on IGP labeled routes;
* Much easier to support Anycast-SIDs, as the SPF code will naturally
figure out the best nexthops and use only them (that can't be done
in any reasonable way if the Prefix-SID Sub-TVLs are processed
separately);
* Less code to maintain and reduced memory footprint;
The "show isis segment-routing prefix-sids" command was removed as
it doesn't make sense anymore now that "show isis route" exists.
Prefix-SIDs are a property of routes, so what was done was to extend
the "show isis route" command with a new "prefix-sid" option that
changes the output table to show the Prefix-SID information associated
to each route.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
TI-LFA is a modern fast-reroute (FRR) solution that leverages Segment
Routing to pre-compute backup nexthops for all destinations in the
network, helping to reduce traffic restoration times whenever a
failure occurs. The backup nexthops are expected to be installed
in the FIB so that they can be activated as soon as a failure
is detected, making sub-50ms recovery possible (assuming an
hierarchical FIB).
TI-LFA is a huge step forward compared to prior IP-FRR solutions,
like classic LFA and Remote LFA, as it guarantees 100% coverage
for all destinations. This is possible thanks to the source routing
capabilities of SR, which allows the backup nexthops to steer traffic
around the failures (using as many SIDs as necessary). In addition
to that, the repair paths always follow the post-convergence SPF
tree, which prevents transient congestions and suboptimal routing
from happening.
Deploying TI-LFA is very simple as it only requires a single
configuration command for each interface that needs to be protected
(both link protection and node protection are available). In addition
to IPv4 and IPv6 routes, SR Prefix-SIDs and Adj-SIDs are also
protected by the backup nexthops computed by the TI-LFA algorithms.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
1. Added isis with different vrf and it's dependecies.
2. Added new vrf leaf in yang.
3. A minor change for IF_DOWN_FROM_Z passing argrument is
replaced with ifp pointer in api "isis_if_delete_hook()".
4. Minor fix in the isisd spf unit test.
Co-authored-by: Kaushik <kaushik@niralnetworks.com>"
Signed-off-by: harios_niral <hari@niralnetworks.com>
1. Created a structure "isis master".
2. All the changes are related to handle ISIS with different vrf.
3. A new variable added in structure "isis" to store the vrf name.
4. The display commands for isis is changed to support different VRFs.
Signed-off-by: Kaushik <kaushik@niralnetworks.com>
Initial attempt to connect to the Label Manager used an infinite loop with
a sleep statement which block isisd until Label Manager connection fire up.
This commit changes the way Label Manager connection is established and uses
a `thread_add_timer()` call to re-attempt to establish the connection in case
of failure (zebra or label manager not ready).
New variables are added to the SRDB in order to control the request of SRGB
and SRLB to the Label Manager to start Segment Routing in a safe way.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Segment Routing Local Block (SRLB) is part of RFC8667. This change introduces
the possibility for isisd to advertize SRLB in LSP. Base and Range of SRLB
could be configured through CLI or Yang.
Adjacency-SID are now using this SRLB for label allocation. SRLB could also
be used for SID-Binding (e.g. LDP to SR).
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
* Regroup fonctions to install label for Prefix and Adjacency SID
* Change 'replace_semantics' variable name by 'make_before_break' in
sr_prefix_reinstall() function and adjust comments
* Call directly lsp_regenerate_schedule() from isis_nb_config.c when MSD
is updated
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
* Rename functions following rules: isis_sr_XXX is kept for external functions
and isis_sr prefix remove for static ones
* Rename local_label & remote_label variables by input_label & output_label
* Change parameter order (to follow other functions) in sr_node_srgb_update()
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This change modify the way IS-IS is connected to the Label Manager:
- Add emission of Hello Message prior to the connection as per
modification introduced by PR #5925
- Add 'session_id' as per modification introduced by PR #6224
- Add Doxygen documentation to Label Manager functions
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Update label enforcement due to modification in zapi message:
zapi_nexthop_label becomes zapi_nexthop as per PR #5813
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This is an implementation of the IS-IS SR draft [1] for FRR.
The following features are supported:
* IPv4 and IPv6 Prefix-SIDs;
* IPv4 and IPv6 Adj-SIDs and LAN-Adj-SIDs;
* Index and absolute labels;
* The no-php and explicit-null Prefix-SID flags;
* Full integration with the Label Manager.
Known limitations:
* No support for Anycast-SIDs;
* No support for the SID/Label Binding TLV (required for LDP interop).
* No support for persistent Adj-SIDs;
* No support for multiple SRGBs.
[1] draft-ietf-isis-segment-routing-extensions-25
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Use a per-nexthop flag to indicate the presence of labels; add
some utility zapi encode/decode apis for nexthops; use the zapi
apis more consistently.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
For all the places we have a zclient->interface_up convert
them to use the interface ifp_up callback instead.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Switch the zclient->interface_add functionality to have everyone
use the interface create callback in lib/if.c
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
In preparation to Segment Routing:
- Update the management of Traffic Engineering subTLVs to the new tlvs parser
- Add Router Capability TLV 242 as per RFC 4971 & 7981
- Add Segment Routing subTLVs as per draft-isis-segment-routing-extension-25
Modified files:
- isis_tlvs.h: add new structure to manage TE subTLVs, TLV 242 & SR subTLVs
- isis_tlvs.c: add new functions (pack, copy, free, unpack & print) to process
TE subTLVs, Router Capability TLV and SR subTLVs
- isis_circuit.[c,h] & isis_lsp.[c,h]: update to new subTLVs & TLV processing
- isis_te.[c,h]: remove all old TE structures and managment functions,
and add hook call to set local and remote IP addresses as wellas update TE
parameters
- isis_zebra.[c,h]: add hook call when new interface is up
- isis_mt.[c,h], isis_pdu.c & isis_northbound.c: adjust to new TE subTLVs
- tests/isisd/test_fuzz_isis_tlv_tests.h.gz: adapte fuuz tests to new parser
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
For better modularity, isis_zebra.c should only contain code used
to communicate with zebra. The management of route flags belongs
to isis_route.c.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This unification allows us to write code that works for both IPv4 and
IPv6, reducing duplication.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This macro:
- Marks ZAPI callbacks for readability
- Standardizes argument names
- Makes it simple to add ZAPI arguments in the future
- Ensures proper types
- Looks better
- Shortens function declarations
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Historically, isisd has been carrying around its own red-black tree to
manage its LSP DB in. This replaces that with the newly-added
DECLARE_RBTREE_*. This allows completely removing the dict_* code.
Signed-off-by: David Lamparter <equinox@diac24.net>
Solve issue #4032
- Change MPLS-TE from global to per Area
- Add new mpls_te_area structure to area in replacement of global variable
isisMPLS_TE
- Move mpls-te from global to instance in frr-isisd.yang
- Change code in isis_te.c, isis_northbound.c, isis_cli.c, isis_pdu.c,
isis_lsp.c and isis_zebra.c accordingly
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
- Change MPLS-TE from global to per Area
- Add new mpls_te_area structure to area in replacement of global variable
isisMPLS_TE
- Move mpls-te frmo global to instance in frr-isisd.yang
- Change code in isis_te.c, isis_northbound.c, isis_cli.c, isis_pdu.c,
isis_lsp.c and isis_zebra.c accordingly
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
The rib process of handling routes has been unified a bit more
and as a result v6 LL routes are now showing up as a result
of a `redistribute connected`. Doing anything with these
routes is a policy decision that should be enforced by the
individual routing daemons not by zebra. As such add a bit
of code to isisd, ripngd and opsf6d to handle them. The bgp daemon
already handles this situation.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The onlink attribute was being passed from upper level protocols
as an attribute of the route *not* the individual nexthop. When
we pass this data to the kernel, we treat the onlink as a attribute
of the nexthop. This commit modifies the code base to allow
us to pass the ONLINK attribute as an attribute of the nexthop.
This commit also fixes static routes that have multiple nexthops
some onlink and some not.
ip route 4.5.6.7/32 192.168.41.1 eveth1 onlink
ip route 4.5.6.7/32 192.168.42.2
S>* 4.5.6.7/32 [1/0] via 192.168.41.1, eveth1 onlink, 00:03:04
* via 192.168.42.2, eveth2, 00:03:04
sharpd@robot ~/frr2> sudo ip netns exec EVA ip route show
4.5.6.7 proto 196 metric 20
nexthop via 192.168.41.1 dev eveth1 weight 1 onlink
nexthop via 192.168.42.2 dev eveth2 weight 1
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
