With the command using STR_SHARP, the sharp daemon is not allowed
to use it's own routes for label modification. Switching over
to STR_ZEBRA allows the sharp daemon to modify labels on any
route in the system, since there are no `ROUTE_ZEBRA` types.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Issue: no ip msdp mesh-group <word> source command
deleting the mesh group, which might be used by the member.
Solution: no ip msdp mesh-group <word> source command, deletes
the mesh-group source.
Add a new cli command "no ip msdp mesh-group <word>" to delete
the mesh group.
Signed-off-by: Sarita Patra <saritap@vmware.com>
In some places we log the interface but not the vfr the
interface is in. In others we only output the vrf id, which
can be difficult for human to read. This commit makes zebra
debugs more vrf aware.
Signed-off-by: Jakub Urbańczyk <xthaid@gmail.com>
Problem Description:
=====================
+--+ +--+
|R1|-(192.201.202.1)----iBGP----(192.201.202.2)-|R2|
+--+ +--+
Routes on R2:
=============
S>* 202.202.202.202/32 [1/0] via 192.201.78.1, ens256, 00:40:48
Where, the next-hop network, 192.201.78.0/24, is a directly connected network address.
C>* 192.201.78.0/24 is directly connected, ens256, 00:40:48
Configurations on R1:
=====================
!
router bgp 201
bgp router-id 192.168.0.1
neighbor 192.201.202.2 remote-as 201
!
Configurations on R2:
=====================
!
ip route 202.202.202.202/32 192.201.78.1
!
router bgp 201
bgp router-id 192.168.0.2
neighbor 192.201.202.1 remote-as 201
!
address-family ipv4 unicast
redistribute static
exit-address-family
!
Step-1:
=======
R1 receives the route 202.202.202.202/32 from R2.
R1 installs the route in its BGP RIB.
Step-2:
=======
On R1, a connected interface address is added.
The address is the same as the next-hop of the BGP route received from R2 (192.201.78.1).
Point of Failure:
=================
R1 resolves the BGP route even though the route's next-hop is its own connected address.
Even though this appears to be a misconfiguration it would still be better to safeguard the code against it.
Fix:
====
When BGP receives a connected route from Zebra, it processes the
routes for the next-hop update.
While doing so, BGP must ignore routes whose next-hop address matches
the address of the connected route for which Zebra sent the next-hop update
message.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
Issue:
For consecutive messages such as
MAC1 -> VTEP1 add
MAC1 -> VTEP2 add
MAC1 -> VTEP1 add
Final state, i.e. (MAC1 -> VTEP1 add) should be sent via FPM.
But, with current code, FPM will send (MAC1 -> VTEP2 add)
RCA:
When FPM receives (MAC1, VTEP1), it stores it in the FPM processing queue and
hash table.
When FPM receives (MAC1, VTEP2), this entry is stored as another node as hash
table key is (mac, vtep and vni)
IF FPM again receives (MAC1, VTEP1), we fetch this node in the hash table
which is already enqueued.
When the FPM queue is processed, we will send FPM message for (MAC1, VTEP1)
first and then for (MAC1, VTEP2)
This sequencing issue happened because the key of the table is (MAC, VTEP, VNI)
Fix:
Change the key of the hash table to (MAC, VNI)
So, every time we receive a new update for (MAC1, VNI1), we will find a node in
the processing queue corresponding to MAC1 if present.
We will update this same node for every operation related to (MAC1, VNI1)
Thus, at the time when FPM processes this node, it will have latest MAC1 info.
Signed-off-by: Ameya Dharkar <adharkar@vmware.com>
On startup of zebra, read in all ipv4/ipv6 rules from
the kernel and remove any with the zebra proto.
If there are any, this means we failed to remove them
on shutdown due to a crash or something. Without this,
users have to manually remove them with iproute2 or some
such and its really annoying.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
According to the RFC 5880 the transmission time should be mandated by
the slowest system.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Lets avoid garbage data on packets by zeroing the packet before setting
the fields/flags.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Processing loop uncovered when there are multiple ABRs also
acting as ASBRs into the same area in ospf6. The problem
was that when looking thru the list of Inter-area router
entries, if the current entry being processed matched, it
still merged next-hops and re-initiated the process. In
this fix, if the route/path matches and the next-hops also
match, there is no need to re-initiate the examine process.
Ticket: CM-28900
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Separate out the `set *` and `no set *` commands into
different DEFPYs to make the logic of the code easier to
read.
Further, allow non-exlpicit no commands.
So `no set nexthop`, `no set nexthop-group`, and
`no set vrf` will now work without having to specify
anymore data. Before you had to match what was already
there explicitly.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Implement the ability to replace any existing `set *` or
`match` with another one or adding more config without having
to first delete the original config already there.
Before, we needed to constantly execute a `no` command for everything
to remove the rule before making changes to it. With this
patch, you can replace configs on individual sequences much
easier.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Properly free the string pointed to by `pbrms->nhgrp_name`
when we are removiing the config for a nexthop group
on a pbr map sequence.
Found via memleak:
==3152214== 4 bytes in 1 blocks are definitely lost in loss record 308 of 8,814
==3152214== at 0x483980B: malloc (vg_replace_malloc.c:309)
==3152214== by 0x4DC9F7E: strdup (in /usr/lib64/libc-2.30.so)
==3152214== by 0x48E373E: qstrdup (memory.c:122)
==3152214== by 0x408FE7: pbr_map_nexthop_group_magic (pbr_vty.c:264)
==3152214== by 0x408E04: pbr_map_nexthop_group (pbr_vty_clippy.c:347)
==3152214== by 0x48ACF72: cmd_execute_command_real (command.c:1073)
==3152214== by 0x48ACB3B: cmd_execute_command (command.c:1133)
==3152214== by 0x48AD063: cmd_execute (command.c:1288)
==3152214== by 0x493D8EE: vty_command (vty.c:526)
==3152214== by 0x493D397: vty_execute (vty.c:1293)
==3152214== by 0x493C4EC: vtysh_read (vty.c:2126)
==3152214== by 0x49319DC: thread_call (thread.c:1548)
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Actually delete the allocated pbr_nhg_cache object we just
released.
Found via memory leak:
==3078405== 136 bytes in 1 blocks are definitely lost in loss record 8,282 of 8,802
==3078405== at 0x483BB1A: calloc (vg_replace_malloc.c:762)
==3078405== by 0x48E35E8: qcalloc (memory.c:110)
==3078405== by 0x40EBA7: pbr_nhgc_alloc (pbr_nht.c:194)
==3078405== by 0x48CC0EB: hash_get (hash.c:148)
==3078405== by 0x40F825: pbr_nht_add_individual_nexthop (pbr_nht.c:534)
==3078405== by 0x409853: pbr_map_nexthop_magic (pbr_vty.c:400)
==3078405== by 0x4093F1: pbr_map_nexthop (pbr_vty_clippy.c:417)
==3078405== by 0x48ACF72: cmd_execute_command_real (command.c:1073)
==3078405== by 0x48ACB3B: cmd_execute_command (command.c:1133)
==3078405== by 0x48AD063: cmd_execute (command.c:1288)
==3078405== by 0x493D8EE: vty_command (vty.c:526)
==3078405== by 0x493D397: vty_execute (vty.c:1293)
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Add some more debug info for the sequence number we are
sending to zebra in pbr_send_pbr_map().
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Define some explicit rule replace code paths into the dataplane
code and improve the handling around it/releasing the the old
rule from the hash table.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
1. Added 2 new test cases to bgp-basic-functionality-topo1
2. Enhanced 2 tests to run for both static routes and network advvertise command
Signed-off-by: Kuldeep Kashyap <kashyapk@vmware.com>
1. Added 5 test cases to verify BGP AS-allow-in behavior in FRR
2. Enhanced framework to support BGP AS-allow-in config(lib/bgp.py)
3. Added API in bgp.py to verify BGP RIB table(lib/bgp.py)
Signed-off-by: Kuldeep Kashyap <kashyapk@vmware.com>
JSON output for igmp group display is modified as follows for better python handling.
1. Under each interface make array of group as an object
2. Include source and group inside each group object
These improvements are required for the set of topotest cases which will be upstreamed shortly.
Signed-off-by: Saravanan K <saravanank@vmware.com>
This CLI will allow user to configure a igmp group limit which will generate
a watermark warning when reached.
Though watermark may not make sense without setting a limit, this
implementation shall serve as a base to implementing limit in future and helps
tracking a particular scale currently.
Testing:
=======
ip igmp watermark-warn <10-60000>
on reaching the configured number of group, pim will issue warning
2019/09/18 18:30:55 PIM: SCALE ALERT: igmp group count reached watermak limit: 210(vrf: default)
Also added group count and watermark limit configured on cli - show ip igmp groups [json]
<snip>
Sw3# sh ip igmp groups json
{
"Total Groups":221, <=====
"Watermark limit":210, <=========
"ens224":{
"name":"ens224",
"state":"up",
"address":"40.0.0.1",
"index":6,
"flagMulticast":true,
"flagBroadcast":true,
"lanDelayEnabled":true,
"groups":[
{
"source":"40.0.0.1",
"group":"225.1.1.122",
"timer":"00:03:56",
"sourcesCount":1,
"version":2,
"uptime":"00:00:24"
<\snip>
<snip>
Sw3(config)# do sh ip igmp group
Total IGMP groups: 221
Watermark warn limit(Set) : 210
Interface Address Group Mode Timer Srcs V Uptime
ens224 40.0.0.1 225.1.1.122 ---- 00:04:06 1 2 00:13:22
ens224 40.0.0.1 225.1.1.144 ---- 00:04:02 1 2 00:13:22
ens224 40.0.0.1 225.1.1.57 ---- 00:04:01 1 2 00:13:22
ens224 40.0.0.1 225.1.1.210 ---- 00:04:06 1 2 00:13:22
<\snip>
Signed-off-by: Saravanan K <saravanank@vmware.com>
Ensure that upon a link-bandwidth change - for e.g., due to change in
the number of multipaths - EVPN type-5 route injection is triggered.
In the absence of this, the proper link-bandwidth is not updated in
EVPN type-5 routes originated by the router.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
If we're building with a separate build directory, these two build
targets can fail in case their output directory hasn't been created by
some other target that may or may not have run earlier.
Signed-off-by: David Lamparter <equinox@diac24.net>
Add some basic tests to show that network and passive-interface
commands work with interface names in rip and ripngd.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Temporarily change the interface types in rip and ripng to
strings to allow us to work, since the yang uplift to 1.0
is proving difficult.
Signed-off-by: Donald Sharp sharpd@cumulusnetworks.com>
