The exact-match and the any options are missing for the extended
communities. Add missing options that are present on the match
operations for communities and large-communities.
> route-map rmap permit 1
> match extcommunity 1
> exit
> !
> route-map rmap permit 2
> match extcommunity 2 any
> exit
> !
> route-map rmap permit 3
> match extcommunity 3 exact-match
> exit
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Add a mechanism in route-map to filter out route-map which have a list
of extended communities greater than the given number.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
ldpd has this crash:
(gdb) bt
0 __pthread_kill_implementation (no_tid=0, signo=11, threadid=140329211443648) at ./nptl/pthread_kill.c:44
1 __pthread_kill_internal (signo=11, threadid=140329211443648) at ./nptl/pthread_kill.c:78
2 __GI___pthread_kill (threadid=140329211443648, signo=signo@entry=11) at ./nptl/pthread_kill.c:89
3 0x00007fa0f0642476 in __GI_raise (sig=11) at ../sysdeps/posix/raise.c:26
4 0x00007fa0f0b51944 in core_handler (signo=11, siginfo=0x7fff562810b0, context=0x7fff56280f80) at lib/sigevent.c:268
5 <signal handler called>
6 0x00007fa0f0b9534d in lm_get_label_chunk (zclient=0x0, keep=0 '\000', base=0, chunk_size=64, start=0x7fff56281bdc, end=0x7fff56281be0) at lib/zclient.c:3667
7 0x0000564e0d1c011e in lde_get_label_chunk () at ldpd/lde.c:2211
8 0x0000564e0d1c05f8 in lde_get_next_label () at ldpd/lde.c:2318
9 0x0000564e0d1bcb29 in lde_update_label (fn=0x564e16653050) at ldpd/lde.c:783
10 0x0000564e0d1c1fbe in lde_kernel_update (fec=0x7fff56281cb0) at ldpd/lde_lib.c:422
11 0x0000564e0d1b96c0 in l2vpn_pw_init (pw=0x564e165d1fa0) at ldpd/l2vpn.c:242
12 0x0000564e0d1b2d32 in merge_l2vpn (xconf=0x564e166424f0, l2vpn=0x564e166160a0, xl=0x564e165eabb0) at ldpd/ldpd.c:1883
13 0x0000564e0d1b28ea in merge_l2vpns (conf=0x564e166424f0, xconf=0x564e16653650) at ldpd/ldpd.c:1813
14 0x0000564e0d1b1244 in merge_config (conf=0x564e166424f0, xconf=0x564e16653650) at ldpd/ldpd.c:1321
15 0x0000564e0d1bc485 in lde_dispatch_parent (thread=0x7fff56282060) at ldpd/lde.c:611
16 0x00007fa0f0b6cebc in event_call (thread=0x7fff56282060) at lib/event.c:2019
17 0x0000564e0d1baee7 in lde () at ldpd/lde.c:155
18 0x0000564e0d1ae4b8 in main (argc=0, argv=0x7fff56282298) at ldpd/ldpd.c:312
(gdb)
Since it is possible to be asking for label data before the zclient has
been connected, let's just return -1 in the case where zclient is not
initialized yet either, since this is effectively the same thing as
the sock being < 0.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The capacity of the xpath string was not guaranteed to be sufficient to hold all
the key predicates and so would truncate. Calculate the required space and
guarantee that it is available.
Signed-off-by: Christian Hopps <chopps@labn.net>
The uA behavior is associated with an interface and the IP address of
the nexthop. However, the current SID context data structure only
includes the IP address. It lacks the interface.
This commit extends the SID context data structure by adding the
ifindex. This extension allows daemons to allocate uA SIDs with
the required interface and IP address.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Introduce ZEBRA_IF_DUMMY interface flag to identify Linux dummy interfaces [0].
These interfaces behave similarly to loopback interfaces and can be
specially handled by daemons.
[0]: https://github.com/torvalds/linux/blob/master/drivers/net/dummy.c
Signed-off-by: Gabriel Goller <g.goller@proxmox.com>
This also fixes a bug with specific (position specified) queries on keyless
lists. If the `get_next` callback is using the parent entry it will probably
crash as the code is passing the list_entry as both parent and child in the
specific lookup case.
There may currently be no code that uses the parent entry if the child entry is
non-NULL, though.
Signed-off-by: Christian Hopps <chopps@labn.net>
Previously the code was only calling the child destroy callbacks if the target
deleted node was a non-presence container. We now add a flag to the callback
structure to instruct northbound to perform the rescursive delete for code that
wishes for this to happen.
- Fix wrong relative path lookup in keychain destroy callback
Signed-off-by: Christian Hopps <chopps@labn.net>
Some codepoints can not be read by interoperating with CISCO.
This is because PSP/USP flavor are used by default, and the display of
the isis output has to be adapted.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Changes allow ipv4 class E addresses and prefixes in the 240.0.0.0/4
range to be configured on interfaces, imported from the kernel routing
table and redistributed as connected routes in zebra by default.
Changes also fix routes with class E prefixes in kernel routing table
getting rejected by zebra during early daemon startup.
Drivin this change in default behavior are cloud providers (with
customers still using obsolete ipv4 protocol, i.e. Azure, AWS) running
out of ip space and abusing class E for addressing instances (announced
via BGP) over tunneling connections back to customers on premise
infrastructure.
Signed-off-by: David Schweizer <dschweizer@opensourcerouting.org>
Make it consistent and call it `event` when formatting something to
display. Much less confusing for some user seeing it too, since threads
aren't involved.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Refactor the "timer getting executed too late" warning:
- warning threshold is now adjustable
- check is performed when event actually executes, rather than when it's
thrown on ready list
- ignore_late_timer replaced with threshold = 0
- system load averages printed in log message
- warning ratelimited to once per 10s rather than once per poll()
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The `show ipv6 route json` command displays the IPv6 routing table in
JSON format, including SRv6 SIDs. For each SRv6 SID, it provides
behavior and SID attributes. However, it does not include the SID
structure.
This commit adds the SID structure to the SRv6 SID JSON output.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Blocking all signals on non-main threads is not the way to go, at least
the handlers for SIGSEGV, SIGBUS, SIGILL, SIGABRT and SIGFPE need to run
so we get backtraces. Otherwise the process just exits.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The seg6local route dumped by 'show ipv6 route' makes think that the USP
flavor is supported, whereas it is not the case. This information is a
context information, and for End, the context information should be
empty.
> # show ipv6 route
> [..]
> I>* fc00:0:4::/128 [115/0] is directly connected, sr0, seg6local End USP, weight 1, 00:49:01
Fix this by suppressing the USP information from the output.
Fixes: e496b42030 ("bgpd: prefix-sid srv6 l3vpn service tlv")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
When called without caps/privs, just return from "change_caps"
instead of exiting - it's possible that a process may not need
privs, but a lib (for example) may use the api.
Signed-off-by: Mark Stapp <mjs@cisco.com>
We were hashing 4 bytes of the address. Even for IPv6 addresses.
Oops.
The reason this was done was to try to make it faster, but made a
complex maze out of everything. Time for a refactor.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When reading in a nexthop from ZAPI, only set the fields that actually
have meaning. While it shouldn't happen to begin with, we can otherwise
carry padding garbage into the unused leftover union bytes.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Freeing any item here means freeing someone's `event->hist`, leaving a
dangling pointer there. Which will immediately be written to because
we're executing in a CLI function under the `vty_read` event, whose
`event->hist` is then updated.
Deallocating `event->hist` anywhere other than shutting down the whole
event loop is a bad idea to begin with, just zero out the stats instead.
Fixes: FRRouting/frr#16419
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When a daemon wants to know about its routes, make it possible to have
that work for dst-src routes.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The staticd YANG conversion completely f*cked up dst-src routes.
Stupidly enough, the correct thing is much simpler as seen by the amount
of deletes in this commit.
This does, unfortunately, involve a rather annoying YANG edge case with
what should reasonably be an optional leaf as part of a list key, which
is not possible. It uses `::/0` as unconditional filler instead, since
that is semantically correct.
The `test_yang_mgmt` topotest needed to be adjusted after this to add
`src-prefix='::/0'`.
Fixes: 88fa5104a0 ("staticd : Configuration northbound implementation")
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Document where relevant about the instance overload to table ID so users
know what to expect.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Implement the necessary data structures and code changes to support sending
table-direct routes to protocols running in different VRFs.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
sbfd will use bfdname for key hash, We introduced a bfd-name for every sbfd session, normal BFD sessions can leave it as NULL.
A unique bfd-name can be used to identify a sbfd session quickly. This is quite useful in our Srv6 deployment for path protection case.
For example, if use the sbfd session to protect the SRv6 path A-B-D, we would assign the name 'path-a-b-d' or 'a-b-d' to the session.
Signed-off-by: wumu.zsl <wumu.zsl@alibaba-inc.com>
The code doesn't push more than one group (currently) so wouldn't hit the
bug yet, nice catch by coverity.
Signed-off-by: Christian Hopps <chopps@labn.net>
The previous use of `lyd_new_path()` returns the first node created, rather
than the xpath target node. The code is lucky in the sense that it is
normally only creating a single node rather than a branch. Fix this to
use `lyd_new_path2()` which returns the target node to actually implement
the semantics expected by callers of `dnode_create()` (i.e., returning the
newly created target node).
Signed-off-by: Christian Hopps <chopps@labn.net>
