Commit Graph

5067 Commits

Author SHA1 Message Date
Donald Sharp
70492deafc bgpd: Remove usage of prefix2str and use builtin in bgp_zebra.c
Convert over from prefix2str explicit call and use the builtin
%pFX we have now.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-12 07:33:08 -04:00
Donald Sharp
db1fcc98da bgpd: reduce cut-n-paste of bgp_zebra_announce_default for install
This bit of code was cut-n-pasted all over the place:

               if (!bpa->installed && !bpa->install_in_progress) {
                       bgp_send_pbr_rule_action(bpa, NULL, true);
                       bgp_zebra_announce_default(bgp, nh,
                                                  bpa->afi,
                                                  bpa->table_id, true);
               }

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-12 07:33:08 -04:00
Donald Sharp
ebd1a47c95 bgpd: reduce cut-n-paste code in bgp_pbr.c
Create a function bgp_bpr_bpa_remove that is this cut-n-paste code:

       if (bpa->refcnt == 0) {
               if (bpa->installed && bpa->table_id != 0) {
                       bgp_send_pbr_rule_action(bpa, NULL, false);
                       bgp_zebra_announce_default(bpa->bgp, &(bpa->nh),
                                                  AFI_IP,
                                                  bpa->table_id,
                                                  false);
                       bpa->installed = false;
               }
       }

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-12 07:33:08 -04:00
Donatas Abraitis
03b682be62
Merge pull request #8660 from qlyoung/fix-bgp-conditional-advertisement-deconfig-removing-unrelated-filters
bgpd: fix deconfig of conditional advertisement
2021-05-12 12:57:50 +03:00
Quentin Young
5b083e4e95 bgpd: fix deconfig of conditional advertisement
Deconfiguring conditional advertisement resulted in all other policy
settings on the peer getting removed due to an excessively large memset.

This also created a desync with the northbound config tree, which caused
its own set of problems...

Fix the memset to just remove the conditional advertisement config.

Signed-off-by: Quentin Young <qlyoung@nvidia.com>
2021-05-11 16:58:38 -04:00
Russ White
825f41b486
Merge pull request #8589 from idryzhov/bgp-cli-nb-fixes
bgp cli/nb fixes
2021-05-11 07:58:23 -04:00
Russ White
6099bb989d
Merge pull request #8650 from idryzhov/bgp-fix-redist
bgpd: fix redistribution in vrf
2021-05-11 07:28:42 -04:00
Russ White
41e4b0c0ee
Merge pull request #8406 from adharkar/frr-es_rd
bgpd: Handle EAD/EVI local route updates on VNI RD change
2021-05-11 06:51:41 -04:00
Igor Ryzhov
6cc0114b6e bgpd: deregister bgp instance from zebra when vrf is deleted
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-05-10 01:22:34 +03:00
Rafael Zalamena
34723b2fad
Merge pull request #8639 from idryzhov/isis-new-bfd-lib
isisd: rework BFD integration
2021-05-09 17:10:42 -03:00
Igor Ryzhov
d9083050c8 Revert "bgpd: vrf route leaking, fix vrf redistribute"
This reverts commit 6b2433c63f.
2021-05-09 22:28:36 +03:00
David Lamparter
c93d410837
Merge pull request #8642 from idryzhov/bgp-gr-no-oper
bgpd: don't return error for GR no-op commands
2021-05-09 19:24:10 +02:00
David Lamparter
0f12ac7f12
Merge pull request #8472 from donaldsharp/more_valgrind_stuff
tools: Add some more data to ignore for valgrind
2021-05-09 19:20:47 +02:00
Igor Ryzhov
c97b34cf1a lib: remove old bfd library
This commit also adds missing `bfd_protocol_integration_set_shutdown` to
ospf6d and pimd.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-05-07 12:03:57 +03:00
Igor Ryzhov
895b0d0ad6 bgpd: don't return error for GR no-op commands
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-05-06 21:33:14 +03:00
Quentin Young
556beacf10 bgpd: rework BGP_MAX_PACKET_SIZE & friends
BGP_MAX_PACKET_SIZE no longer represented the absolute maximum BGP
packet size as it did before, instead it was defined as 4096 bytes,
which is the maximum unless extended message capability is negotiated,
in which case the maximum goes to 65k.

That introduced at least one bug - last_reset_cause was undersized for
extended messages, and when sending an extended message > 4096 bytes
back to a peer as part of NOTIFY data would trigger a bounds check
assert.

This patch redefines the macro to restore its previous meaning,
introduces a new macro - BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE - to
represent the 4096 byte size, and renames the extended size to
BGP_EXTENDED_MESSAGE_MAX_PACKET_SIZE for consistency. Code locations
that definitely should use the small size have been updated, locations
that semantically always need whatever the max is, no matter what that
is, use BGP_MAX_PACKET_SIZE.

BGP_EXTENDED_MESSAGE_MAX_PACKET_SIZE should only be used as a constant
when storing what the negotiated max size is for use at runtime and to
define BGP_MAX_PACKET_SIZE. Unless there is a future standard that
introduces a third valid size it should not be used for any other
purpose.

Signed-off-by: Quentin Young <qlyoung@nvidia.com>
2021-05-06 11:54:02 -04:00
Donald Sharp
dd82f72543
Merge pull request #8497 from ton31337/feature/bgp_community_alias
bgpd: Create BGP alias names for community/large-community
2021-05-06 06:07:07 -04:00
Donald Sharp
56b99116f2 tools: Add some more data to ignore for valgrind
When running valgrind there are some possible memory leaks.
These memory leaks we have absolutely no control over, mark
them as not worthy of being reported.

Finally move the valgrind suppressions file from bgpd/ to tools/
this is because this suppressions file can be used beyond bgpd

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-05 10:52:51 -04:00
Donatas Abraitis
ed0e57e3f0 bgpd: Create BGP alias names for community/large-community
Show alias name instead of numerical value in `show bgp <prefix>. E.g.:

```
root@exit1-debian-9:~/frr# vtysh -c 'sh run' | grep 'bgp community alias'
bgp community alias 65001:123 community-1
bgp community alias 65001:123:1 lcommunity-1
root@exit1-debian-9:~/frr#
```

```
exit1-debian-9# sh ip bgp 172.16.16.1/32
BGP routing table entry for 172.16.16.1/32, version 21
Paths: (2 available, best #2, table default)
  Advertised to non peer-group peers:
  65030
    192.168.0.2 from home-spine1.donatas.net(192.168.0.2) (172.16.16.1)
      Origin incomplete, metric 0, valid, external, best (Neighbor IP)
      Community: 65001:12 65001:13 community-1 65001:65534
      Large Community: lcommunity-1 65001:123:2
      Last update: Fri Apr 16 12:51:27 2021
exit1-debian-9#
```

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2021-05-05 16:37:00 +03:00
Donald Sharp
60031a55f6 bgpd: Another call path with uninited data
Prevent another call path that uses uninited data in
bgp_pbr.c

This was found through more clang sa runs.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-05 07:48:55 -04:00
Donatas Abraitis
48c2039199
Merge pull request #8564 from rameshabhinay/bgp_tcp_mss
bgpd: Support tcp-mss for bgp neighbors
2021-05-05 13:45:39 +03:00
Patrick Ruddy
4d504309d3
Merge pull request #8459 from taspelund/no_rmac_on_mac_only
bgpd: Fix IP-VRF ext-comm check for MACIP routes
2021-05-05 09:48:11 +01:00
Igor Ryzhov
8acb8bff38
Merge pull request #8625 from c-po/graceful-restart 2021-05-05 09:44:25 +03:00
Igor Ryzhov
731849d4bc
Merge pull request #8551 from donaldsharp/peer_damp_doppleganger 2021-05-05 03:39:40 +03:00
Igor Ryzhov
d236114b13
Merge pull request #8618 from Prerana-GB/lcom
bgpd: BGP large community-list configuration with regex is failing.
2021-05-05 00:46:30 +03:00
Christian Poessinger
5b899e99fe bgpd: changing graceful-restart parameters should not be considered as error
vtysh will return an informational message to the user that changing any
graceful-shutdown related parameter will require a peer reset. This is should
not be treated as an error message (resulting in a return code of 1) but
rather as a simple information to the user.

This fixes GitHub issue https://github.com/FRRouting/frr/issues/8403

$ vtysh -c configure -c 'router bgp 100' -c 'bgp graceful-restart'
Graceful restart configuration changed, reset all peers to take effect
$ echo $?
0

Signed-off-by: Christian Poessinger <christian@poessinger.com>
2021-05-04 23:32:41 +02:00
Donald Sharp
39d8dd2d17 bgpd: Consolidate dampening show run output with the rest of that code
For whatever reason the dampening show run code was outside the normal
loop of code that handles the afi/safi portion.  consolidate it into
the rest of the normal code.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-04 16:25:58 -04:00
Donald Sharp
dcc862322c bgpd: No need to check if we are a dynamic peer or not
bgp_config_write_peer_af already checks to see if we are
a dynamic peer.  No need to do so right before we call it.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-04 16:25:58 -04:00
Donald Sharp
783492c7cd bgpd: Do not output peer doppleganger dampened output
When we are cycling through all peers and looking for
dampening data to dump, do not consider non-configed
peers( dopplegangers ).

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-04 16:25:58 -04:00
prerana
a9f42ac2e3 bgpd: BGP large community-list configuration with regex is failing.
frr(config)# bgp large-community-list expanded com1 permit .*
% Malformed community-list value

The check to validate large-community against UINT_MAX is added for
both standard and expanded community. But however it needs to be
validated only for standard community.

Signed-off-by: Prerana-GB <prerana@vmware.com>
2021-05-04 06:24:22 -07:00
Igor Ryzhov
10839180a9
Merge pull request #8621 from donaldsharp/bgp_pbr_clang_sa
bgpd: Prevent test against uninited data
2021-05-04 14:06:51 +03:00
Abhinay Ramesh
4ab467017e bgpd: Support tcp-mss for bgp neighbors
Problem Statement:
=================
In scale setup BGP sessions start flapping.

RCA:
====
In virtualized environment there are multiple places where
MTU need to be set. If there are some places were MTU is not set
properly then there is chances that BGP packets get fragmented,
in scale setup this will lead to BGP session flap.

Fix:
====
A new tcp option is provided as part of this implementation,
which can be configured per neighbor and helps to set the TCP
max segment size. User need to derive the path MTU between the BGP
neighbors and set that value as part of tcp-mss setting.

1. CLI Configuration:
	[no] neighbor <A.B.C.D|X:X::X:X|WORD> tcp-mss (1-65535)

2. Running config
    frr# show running-config
    router bgp 100
     neighbor 198.51.100.2 tcp-mss 150       => new entry
     neighbor 2001:DB8::2 tcp-mss 400        => new entry

3. Show command
    frr# show bgp neighbors 198.51.100.2
    BGP neighbor is 198.51.100.2, remote AS 100, local AS 100, internal link
    Hostname: frr
      Configured tcp-mss is 150, synced tcp-mss is 138     => new display

4. Show command json output

    frr# show bgp neighbors 2001:DB8::2 json
    {
      "2001:DB8::2":{
        "remoteAs":100,
        "bgpTimerKeepAliveIntervalMsecs":60000,
        "bgpTcpMssConfigured":400,                               => new entry
        "bgpTcpMssSynced":388,                                  => new entry

Risk:
=====
Low - This is a config driven feature and it sets the max segment
size for the TCP session between BGP peers.

Tests Executed:
===============
Have done manual testing with three router topology.
1. Executed basic config and un config scenarios
2. Verified if the config is updated in running config
   during config and no config operation
3. Verified the show command output in both CLI format and
   JSON format.
4. Verified if TCP SYN messages carry the max segment size
   in their initial packets.
5. Verified the behaviour during clear bgp session.
6. done packet capture to see if the new segment size
   takes effect.

Signed-off-by: Abhinay Ramesh <rabhinay@vmware.com>
2021-05-04 06:21:24 +00:00
Donatas Abraitis
98d742c6f7
Merge pull request #8606 from donaldsharp/peer_cleanups
Peer cleanups
2021-05-04 08:47:26 +03:00
Donald Sharp
645a1f1d5f bgpd: Prevent test against uninited data
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-03 21:03:31 -04:00
Mark Stapp
f71e1ff6a9
Merge pull request #8545 from opensourcerouting/assert-our-own
*: make our own assert() actually work
2021-05-03 11:17:36 -04:00
Donald Sharp
7a75470fe1 bgpd: Delay setting peer data until after decision to allow open
Delay setting local data about a remote peer until after BGP
has decided to allow an open connection to proceed.

Modifying local peer data structures based upon what is
received from a peer should not be done until after BGP
has decided that the open is allowed to proceed.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-02 07:31:54 -04:00
Donald Sharp
f88221f3b4 bgpd: Cleanup bgp_collision_detect indentation
The bgp_collision_detect function is heavily indented.
Perform some cleanup to make it easier to read.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-02 07:31:45 -04:00
Donald Sharp
c3c6dbf80a bgpd: listener thread pointer is already NULL
FRR in thread.c clears the passed in double pointer when
we pull it off the ready queue and pass it back to
the calling function via thread_fetch().

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-05-02 07:31:30 -04:00
Rafael Zalamena
c962ab93a8
Merge pull request #8570 from qlyoung/revert-ringbuf-readv
Revert "bgpd: improve socket read performance"
2021-04-29 18:32:52 -03:00
Rafael Zalamena
5418880923
Merge pull request #7165 from qlyoung/fix-zapi-codec-badness
Fix zapi codec badness
2021-04-29 13:50:16 -03:00
Quentin Young
338f4a78cc bgpd: avoid allocating very large stack buffer
As pointed out on code review of BGP extended messages, increasing the
maximum BGP message size has the consequence of growing the dynamically
sized stack buffer up to 650K. While unlikely to exceed modern stack
sizes it is still unreasonably large. Remedy this with a heap buffer.

Signed-off-by: Quentin Young <qlyoung@nvidia.com>
2021-04-29 12:12:32 -04:00
Quentin Young
fe2e3bae6a Revert "bgpd: improve socket read performance"
This reverts commit 97a16e6481.
2021-04-29 12:12:32 -04:00
Igor Ryzhov
d3e3677096 bgpd: forbid modification of bgp instance type
If a user issues the following commands:
```
router bgp 65000 vrf red
router bgp 65000 view red
```
bgpd ends up having NB config inconsistent with actual data.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-04-29 16:50:29 +03:00
Igor Ryzhov
debb7b1931 bgpd: simplify bgp_global_local_as_modify code
No need for complicated code to check instance existence.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-04-29 16:50:29 +03:00
Igor Ryzhov
0d6d0208a5 bgpd: fix crash when as/type mismatches in config
When we're trying to create the config for already existing router and
the AS number or instance type mismatches, we're returning the
inconsistency error and don't set the NB entry.

Any subsequent command that configures this router will crash because
every command relies on the existence of the NB entry.

Let's store the entry even when there's a mismatch to prevent the crash.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-04-29 16:50:29 +03:00
Quentin Young
bbad027684 lib, bgpd, zebra: RA interval is unsigned
Use unsigned value for all RA requests to Zebra

- encoding signed int as unsigned is bad practice
- RA interval is never, and should never be, negative

Signed-off-by: Quentin Young <qlyoung@nvidia.com>
2021-04-28 11:43:50 -04:00
Quentin Young
0ffd0fb536 bgpd, zebra: encode ip addr len as uint16
This is always a 16 bit unsigned value.

- signed int is the wrong type to use
- encoding a signed int as a uint32 is bad practice
- decoding a signed int encoded as a uint32 into a uint16 is bad
  practice

Signed-off-by: Quentin Young <qlyoung@nvidia.com>
2021-04-28 11:43:45 -04:00
Donatas Abraitis
a1fc0cb01e
Merge pull request #8471 from idryzhov/cleanup-num-named-lists
*: cleanup number-named access-lists and prefix-lists
2021-04-28 08:33:24 +03:00
Ameya Dharkar
d60f63f087 bgpd: Handle EAD/EVI local route updates on VNI RD change
When VNI RD changes, EAD/EVI routes with old RD should be withdrawn from
the global routing table and EAD/EVI routes in the VNI should be
advertised with the new RD.

Signed-off-by: Ameya Dharkar <adharkar@vmware.com>
2021-04-27 16:35:24 -07:00
Igor Ryzhov
d09328e599 bgpd: fix bgp_get_vty return values
There are multiple problems:
- commit ef7c53e2 introduced a new return value 2 which broke things,
  because a lot of code treats non-zero return as an error,
- there is an incorrect error returned when AS number mismatches.

This commit fixes both.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-04-26 23:16:51 +03:00