This is no longer neccessary since start-stop-daemon will block until
watchfrr's launch parent has exited.
Signed-off-by: David Lamparter <equinox@diac24.net>
The script simplifies the relatively lengthy procedure.
It should be invoked from the top level source directory, for example:
./tools/build-debian-package.sh
Signed-off-by: Daniil Baturin <daniil@baturin.org>
Please note this is a Proof of Concept and not actually something
that is ready to commit at this point. The file tools/lua.scr
contains some documentation on how we expect it to work currently.
Additionally not all bgp values have been hooked up into the
ability to lua script yet.
There is still significant work to be done here:
1) Add the ability to pass in more data and to adjust the return values
as appropriate.
To set it up:
1) copy tools/lua.scr into /etc/frr (or whereever the config
directory is )
2) Create a route-map match command:
!
router bgp 55
neighbor 10.50.11.116 remote-as external
!
address-family ipv4 unicast
neighbor 10.50.11.116 route-map TEST in
exit-address-family
!
route-map TEST permit 10
match command mooey
!
3) In the lua.scr file make sure that you have a function
named 'mooey' ( as the above example does ):
function mooey ()
zlog_debug(string.format("Family: %d: %s %d ifindex: %d aspath: %s localpref: %d",
prefix.family, prefix.route,
nexthop.metric, nexthop.ifindex, nexthop.aspath, nexthop.localpref))
nexthop.metric = 33
nexthop.localpref = 13
return 3
end
This example script modifies the metric and localpref currently. I've also provided
a zlog_debug function in lua to allow some simple debugging.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fixed using XCALLOC(MTYPE_TMP, ...) instead of calloc(...) because of the
error handling (XCALLOC checks + log + abort through memory_oom())
Signed-off-by: F. Aragon <paco@voltanet.io>
config.h (or, transitively, zebra.h) must be the first include file
listed for autoconf things like _GNU_SOURCE and _POSIX_C_SOURCE to work
correctly.
Signed-off-by: David Lamparter <equinox@diac24.net>
Problem reported that when a peer-group was added in certain
configurations, it would be rejected because of the order of the
commands put in by nclu. Issued turned out to be how frr-reload.py
was handling the sub-sub-context of the vni under the address-family
and subsequently how it handled the following exit-vni.
Ticket: CM-21996
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Add BFD daemon to the build process and packaging instructions.
Currently the bfdd daemon does nothing, this is just to document how the
daemon insertion step occured.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
checkpatch cuts from the diff between the outputs of pre-patch and
post-patch runs of `checkpatch.pl`, but fixed-length greps sometimes
don't cut correctly.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Only frr-reload.py pulls in a python depenedency for frr, we can
reduce the size of the base frr package by a lot if we separate
out frr-pythontools. When we do this, we get a somewhat cryptic
error message when frr-reload.py is missing on frr reload.
Here, we pull the error message from frr-reload script, which is
much clearer.
Testing done:
frr reload both with and without the frr-reload.py script, see
the frr-reload message when missing and it runs frr-reload.py when
not missing.
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
Add code to allow FRR to properly build and handle the staticd
for some of the more common packaging.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Move configure flag propagations out of user flags
* Use AC_SUBST to transfer flag values to Automake
* Set default AM_CFLAGS and AM_CPPFLAGS in common.am and change child
Makefiles to modify these base variables
* Add flag override to turn off all sanitizers when building clippy
* Remove LSAN suppressions blacklist as it's no longer needed
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The re-use of RTPROT_STATIC has caused too many collisions
where other legitimate route sources are causing us to
believe we are the originator of the route. Modify
the code so that if another protocol inserts RTPROT_STATIC
we will assume it's a Kernel Route.
Fixes: #2293
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We have run across a few cases where the startup timeout is
ocurring on heavily loaded systems. This is especially true
in simulation environments where the hypervisor load is
extremely high.
Modify the code base to give ourselves more time to startup.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The sharp and pbr protocols needed a bit more handling
to be 'right' from a start/stop perspective.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Currently, we just package the frr daemons, but we don't run
them. This is fine for basic tests, but it is inconvenient to
orchestrate the daemons from downstream test environments.
Here, we follow the redhat and debianpkg formats more closely,
putting the daemons in /usr/lib/frr and including the frr user
and groups in the package. We also include a docker specific
startup script and a sysvinit link in /etc/init.d/frr for
openrc based alpine installs.
Testing done:
Built packages, built base images, everything seems to work fine.
Uninstalled the package, all the daemons stopped.
Issue: https://github.com/FRRouting/frr/issues/2030
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
This is an implementation of PBR for FRR.
This implemenation uses a combination of rules and
tables to determine how packets will flow.
PBR introduces a new concept of 'nexthop-groups' to
specify a group of nexthops that will be used for
ecmp. Nexthop-groups are specified on the cli via:
nexthop-group DONNA
nexthop 192.168.208.1
nexthop 192.168.209.1
nexthop 192.168.210.1
!
PBR sees the nexthop-group and installs these as a default
route with these nexthops starting at table 10000
robot# show pbr nexthop-groups
Nexthop-Group: DONNA Table: 10001 Valid: 1 Installed: 1
Valid: 1 nexthop 192.168.209.1
Valid: 1 nexthop 192.168.210.1
Valid: 1 nexthop 192.168.208.1
I have also introduced the ability to specify a table
in a 'show ip route table XXX' to see the specified tables.
robot# show ip route table 10001
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
F>* 0.0.0.0/0 [0/0] via 192.168.208.1, enp0s8, 00:14:25
* via 192.168.209.1, enp0s9, 00:14:25
* via 192.168.210.1, enp0s10, 00:14:25
PBR tracks PBR-MAPS via the pbr-map command:
!
pbr-map EVA seq 10
match src-ip 4.3.4.0/24
set nexthop-group DONNA
!
pbr-map EVA seq 20
match dst-ip 4.3.5.0/24
set nexthop-group DONNA
!
pbr-maps can have 'match src-ip <prefix>' and 'match dst-ip <prefix>'
to affect decisions about incoming packets. Additionally if you
only have one nexthop to use for a pbr-map you do not need
to setup a nexthop-group and can specify 'set nexthop XXXX'.
To apply the pbr-map to an incoming interface you do this:
interface enp0s10
pbr-policy EVA
!
When a pbr-map is applied to interfaces it can be installed
into the kernel as a rule:
[sharpd@robot frr1]$ ip rule show
0: from all lookup local
309: from 4.3.4.0/24 iif enp0s10 lookup 10001
319: from all to 4.3.5.0/24 iif enp0s10 lookup 10001
1000: from all lookup [l3mdev-table]
32766: from all lookup main
32767: from all lookup default
[sharpd@robot frr1]$ ip route show table 10001
default proto pbr metric 20
nexthop via 192.168.208.1 dev enp0s8 weight 1
nexthop via 192.168.209.1 dev enp0s9 weight 1
nexthop via 192.168.210.1 dev enp0s10 weight 1
The linux kernel now will use the rules and tables to properly
apply these policies.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The shutdown code was sometimes taking 1 minute to run because
the ssd program was misbehaving after a make install.
This commit just removes the usage of ssd for shutdown
since we already have a pid file and we know that the
frr script cleans up the pid file as well.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Checkpatch.pl now checks for nonstandard integral types
* Add shell script to replace all nonstandard types with their standard
counterparts in C source files
* Document usage of types, mention conversion script
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Building FRR with AddressSanitizer is kind of annoying since
libpython3.5 leaks memory, clippy links libpython3.5 and clippy runs as
part of the build process. LeakSanitizer has a way to suppress leaks at
runtime by setting the LSAN_OPTIONS environment variable to contain a
file path to a suppression list:
LSAN_OPTIONS=suppressions=path/to/suppr.txt
This commit provides the file. Setting this environment variable to
LSAN_OPTIONS=suppressions=../tools/lsan-suppressions.txt
before building should allow a clean build with ASAN enabled. The
relative path is there because LeakSanitizer looks at paths relative to
the binary it is sanitizing; clippy is in lib/ so the path is set
relative to lib/.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* 2 for errors
* 1 for warnings
* 0 for clean
* Suppress all report text for a clean result
* Remove check for const structs from perl script
* Remove grep suppression for that check from shell script
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Unlike Linux we do require the GPL file header
* When checking for spaces between function names and parentheses,
ignore all-uppercase function names as these are likely to be macros,
and function-like macros may have that space
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Because checkpatch result is applied to original and new file, the
analysis also parses what may be wrong with the original file.
Whereas the script should limit to analyse only what is wrong on new
file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
* Send reports to stderr; this allows you to get just the end result by
redirecting stderr
* Don't attempt to copy nonexistent files
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Since the tool is entirely diff based, it was having some issues diffing
things that didn't exist.
Also made it a bit smarter about ignoring kernel-specific style nits we
don't really care about.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adds ability to still work even when the user's base FRR directory is
not clean by caching index, working directory and deletion state in
various locations then restoring after done.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The default timeout of 10 seconds is too quick of a timeout
given some long running cli commands. Modify watchfrr
to have a 90s timeout value instead.
Signed-off-by: Brian Rak <brianrak@gameservers.com>
Add a daemon that will allow us to test the zapi
as well as test route install/removal times from
the kernel.
The current commands are:
install route <starting ip address> nexthop <nexthop> (1-1000000)
This command starts installing at <starting ip address>/32
(1-100000) routes that it auto-increments by 1
Installation start time is noted in the log and finish
time is noted as well.
remove routes <starting ip address> (1-1000000)
This command removes routes at <starting ip address>/32
and removes (1-100000) routes created by the install route
command.
This code can be considered experimental and *is not*
something that should be run in a production environment.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Testing done: built and installed for all ubuntu targets
Socket-based services such as syslog need not be specified as
dependencies in service files, and doing so may slow down boot by
reducing parallelism. All known supported systemd-based platforms
have syslog as a socket-based service.
Clears the following lintian warnings:
W: frr: systemd-service-file-refers-to-obsolete-target lib/systemd/system/frr.service syslog.target
Signed-off-by: Silas McCroskey <smccroskey@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
There are several lines that we cannot do a "no" on
- frr version
- frr defaults
- password
- line vty
frr-reload should ignore these if asked to do a "no" on them
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
The "3.0", etc in the comments were referring to Cumulus Linux 3.0 which
was confusing now that FRR has a 3.0
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
We had multiple places checking for
if ctx_keys[0].startswith('router bgp') and line
Combine these into a single check
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Without this fix frr-reload would do a del/add even if the only
difference were bogus whitespaces.
root@cel-redxp-10[nclu]# /usr/lib/frr/frr-reload.py --test
/etc/frr/frr.conf
Lines To Delete
===============
router bgp 100
no bgp router-id 1.1.1.1
Lines To Add
============
router bgp 100
bgp router-id 1.1.1.1
root@cel-redxp-10[nclu]#
These are mostly trivial fixes for leaks in the error path of some functions.
The changes in bgpd/bgp_mpath.c deserves a bit of explanation though. In
the bgp_info_mpath_aggregate_update() function, we were allocating memory
for the lcomm variable but doing nothing with it. Since the code for
communities, extended communities and large communities is pretty much
the same in this function, it's clear that this was a copy and paste
error where most of the ext. community code was copied but not all of
it as it should have been.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This commit does two things:
1) Flush by proto number not string
This is useful because not all systems might have the proto
values installed, or a version of iproute2 that they might
be installed with.
2) Flush missing routes that might have been installed( eigrp
and nhrp )
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This fixes the broken indentation of several foreach loops throughout
the code.
From clang's documentation[1]:
ForEachMacros: A vector of macros that should be interpreted as foreach
loops instead of as function calls.
[1] http://clang.llvm.org/docs/ClangFormatStyleOptions.html
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When starting up FRR with tools/frr, ensure that the
daemon specified that we are about to start actually exists.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Today if we hit an error while apply the contents of file FOO that error
does not bubble up to a non-zero exit.
Switch to using syslog as the default logging mechanism, rather than
the log file mechanism.
Send SIGHUP to syslog (any process with syslog in the name) if they have
files open in /var/log/frr/* (for debian, using lsof). For redhat, add
sending HUP to any of the pids in /var/run/*syslog*pid, for /var/log/frr/frr.log
Updated logrotate.d/frr to handle all the new daemons for debian; redhat
already had them.
Continue to send SIGUSR1 to all running frr daemons even when syslog is
in use, in case logging has been switched from file to syslog or vice versa.
For debian, accumulate all the PIDs and use a single kill command.
Add /etc/rsyslogd.d/45-frr.conf to have all frr daemons (and tag
frr) logs go to /var/log/frr/frr.log. If other syslog daemons are
used, logs will go to default log file.
Signed-off-by: Dave Olson <olson@cumulusnetworks.com>
This reverts commit c14777c6bf.
clang 5 is not widely available enough for people to indent with. This
is particularly problematic when rebasing/adjusting branches.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The xml2cli.pl script was useful years ago when the vty code was very
rudimentary. This is not the case anymore, so convert all ldpd CLI
commands to use DEFUNs directly and get rid of the XML interface.
The benefits are:
* Consistency with the other daemons;
* One less build dependency (the LibXML perl module);
* Easier to add new commands.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
For NHRP, EIGRP and LDP( This is for consistency as opposed to correctness )
assign some new values to routes to be installed into the kernel
so we can know who owns them later.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
When an entire address-family section is removed from under BGP, we
cannot just issue 'no address-family foo bar' as address-family line
doesn't support 'no'. We have to delete the individual lines under the
address-family.
The FSF's address changed, and we had a mixture of comment styles for
the GPL file header. (The style with * at the beginning won out with
580 to 141 in existing files.)
Note: I've intentionally left intact other "variations" of the copyright
header, e.g. whether it says "Zebra", "Quagga", "FRR", or nothing.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Put core CLI graph stuff in lib/command_graph.[ch] and consistently
prefix all function names with "cmd_".
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Cyclic graphs ftw
Also remove graph pretty printer from permutations.c 'cause it's not
really needed anymore
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Cyclic graphs ftw
Also remove graph pretty printer from permutations.c 'cause it's not
really needed anymore
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The debian.conf file is to specific of a name towards
debian distributions. Rename to be daemons.conf
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
As discussed on the mailing list, the cumulus directory should
be going away. This commit moves the ssd from cumulus to tools
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Moving cumulus/etc/rt_protos.d/frr.conf to tools/etc/rt_protos.d/frr.conf
Requested in Review.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
