adding a tests about:
"no bgp as-path access-list" command.
the folloxing "clear bgp *" command leads to the
crash exhibited above.
a sleep had been added to capture the crash befor the end of scenario.
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7f5f05cbb9c0 (LWP 1371086))]
(gdb) bt
context=0x7ffcf2c216c0) at lib/sigevent.c:248
acl_list=0x55c976ec03c0) at bgpd/bgp_aspath.c:1688
dummy=0x7ffcf2c22340, object=0x7ffcf2c21e70) at bgpd/bgp_routemap.c:2401
match_object=0x7ffcf2c21e70, set_object=0x7ffcf2c21e70, pref=0x0)
at lib/routemap.c:2687
attr=0x7ffcf2c220b0, afi=AFI_IP, safi=SAFI_UNICAST, rmap_name=0x0, label=0x0,
num_labels=0, dest=0x55c976ebeaf0) at bgpd/bgp_route.c:1807
addpath_id=0, attr=0x7ffcf2c22450, afi=AFI_IP, safi=SAFI_UNICAST, type=10,
sub_type=0, prd=0x0, label=0x0, num_labels=0, soft_reconfig=0, evpn=0x0)
at bgpd/bgp_route.c:4424
packet=0x7ffcf2c22410) at bgpd/bgp_route.c:6266
packet=0x7ffcf2c22410, mp_withdraw=false) at bgpd/bgp_packet.c:341
peer=0x55c976e89ed0, size=43) at bgpd/bgp_packet.c:2414
at bgpd/bgp_packet.c:3899
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
This test uses the connected ipv4 mapped ipv6 prefix
to resolve the received BGP routes.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: François Dumontet <francois.dumontet@6wind.com>
This test is failing locally for me 100% of the time
since zebra was converted to mgmtd usage. The failed
command is:
torm11# show evpn mac vni 1000 mac 00:00:00:00:00:11 json
{
"00:00:00:00:00:11":{
"type":"auto",
"uptime":"00:02:01",
"localSequence":0,
"remoteSequence":0,
"detectionCount":0,
"isDuplicate":false,
"syncNeighCount":0,
"neighbors":{
"active":[
],
"inactive":[
"45.0.0.11"
]
}
}
}
The test is expecting an esi as a key in the output. Re-arranging
the startup of the tor's before the hosts fixes the issue.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Set static router-id for OSPF, because otherwise it depends on timing of
router-id updates received from zebra and may differ between test runs.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Check that local route leaks are set to "inactive" when the VRF
interface is shutdown and, conversely, that they are set to "active"
when the VRF interface is unshut.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Test functions were duplicated by mistakes. They were identical.
Fixes: 8af61c8a34 ("topotests: test leak from the default vrf")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Following new json decoder for Opaque LSA, this patch adapts the ospfapiclient
test to the new json output.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Current code assumes that notification is always sent in stripped JSON
format and therefore notification xpath starts at the third symbol of
notification data. Assuming JSON is more or less fine, because this
representation is internal to FRR, but the assumption about the xpath is
wrong, because it won't work for not top-level notifications. YANG
allows to define notification as a child for some data node deep into
the tree and in this case notification data contains not only the
notification node itself, but also all its parents.
To fix the issue, parse the notification data and get its xpath from its
schema node.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Remove sleep time in test_bgp_snmp_bgp4v2mib before run_and_expect and
reduce wait intervals for faster test convergence.
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
Signed-off-by: David Schweizer <dschweizer@opensourcerouting.org>
Replace OID string parsing of snmptrap log files based on odd/even line
numbers with regex string search to prevent test failures in cases where
log entries don't match assumed order.
Signed-off-by: David Schweizer <dschweizer@opensourcerouting.org>
cisco routers are not dealing fairly whith unsupported capabilities.
When a cisco router receive an unsupported capabilities it reset the
negociation without notifying the unmatching capability as described in
RFC2842.
Cisco suggest the use of
neighbor x.x.x.x capability fqdn
to avoid the use of fqdn in open message.
this new command is to remove the use of fqdn capability in the
open message with the peer "x.x.x.x".
Link: https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/116189-problemsolution-technology-00.pdf
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
Currently, staticd configuration is tightly coupled with VRF existence.
Because of that, it has to use a hack in NB infrastructure to create a
VRF configuration when at least one static route is configured for this
VRF. This hack is incompatible with mgmtd, because mgmtd doesn't execute
configuration callbacks. Because of that, the configuration may become
out of sync between mgmtd and staticd. There are two main cases:
1. Create static route in a VRF. The VRF data node will be created
automatically in staticd by the NB hack, but not in mgmtd.
2. Delete VRF which has some static routes configured. The static route
configuration will be deleted from staticd by the NB hack, but not
from mgmtd.
To fix the problem, decouple configuration of static routes from VRF
configuration. Now it is possible to configure static routes even if the
VRF doesn't exist yet. Once the VRF is created, staticd applies all the
preconfigured routes.
This change also fixes the problem with static routes being preserved in
the system when staticd "control-plane-protocol" container is deleted
but the VRF is still configured.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Add tests in bgp_vrf_route_leak_basic topotest to check that route
leaking from the default VRF results in an operational route.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add a test in bgp_vrf_route_leak_basic topotest to check that route
leaking from a non existing VRF results in an inactive route.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Update bgp_vrf_route_leak_basic to set up the VRF interfaces. Otherwise
the routes to the VRF interface are inactives.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Previously, routes leaked from one VRF to another VRF were associated
with the original nexthop interface.
Due to this change, the `bgp_srv6l3vpn_route_leak` topotest always fails
because it still expects the nexthop interface.
This commit fixes the expected interface name in the
`bgp_srv6l3vpn_route_leak` topotest.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Leaked connected routes have now the following nexthop interfaces:
- lo for routes imported from the default VRF
- or the VRF interface for routes imported from the other VRFs.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
We shouldn't pass "lo" as an interface to create_interface_in_kernel.
It always exists, and this function flushes all configured IP addresses
from it.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
This needs to be used for persistent state, which currently is misplaced
into `/var/run` / `/run` where it gets deleted across reboots.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A large set of routers are connected to the same switch. Each router
shares a single network. All shared networks must be reachable from all
routers.
Signed-off-by: "Adriano Marto Reis" <adrianomarto@gmail.com>
The name of the `test_zebra_seg6local_routes` test is wrong. The goal
of this test is to verify seg6 routes (not seg6local routes).
Let's put the correct name.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Per the RFC6860, check OSPFv2 using point-to-multipoint
over Ethernet.
Enable the behavior of the RFC6860 using:
ip ospf prefix-suppress A.B.C.D
See:
https://www.rfc-editor.org/rfc/rfc6860#section-2.3.2.2
Note that nexthops are not required to assess the checks.
Signed-off-by: Vincent Jardin <vjardin@free.fr>
Getting this error:
2024-01-17 19:05:20,688 WARNING: torm11: Router(torm11): proc failed: rc 255 pid 2436134
args: /usr/bin/nsenter --mount=/proc/2435168/ns/mnt --net=/proc/2435168/ns/net --uts=/proc/2435168/ns/uts -F /bin/bash -c /sbin/bridge vlan add vid 1000 dev bridge
stdout: RTNETLINK answers: Operation not supported
stderr: *empty*
As I understand it the correct thing to do here is pass in:
bridge vlan add vid 1000 dev bridge self
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When received malformed AS4 capability, it should return -1 (notification send),
and the received flag SHOULD NOT be set.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
mgmtd has to know if netns is used as the vrf backend to correctly
process interface names in northbound.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
RPKI FRR module should not send any RPKI error packet during the tests.
Exit rtrd when receiving error packet. Skip tests with errors if rtrd
has stopped.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
If at least one of the candidate routes was received via EBGP, remove from
consideration all routes that were received via EBGP-OAD and IBGP.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Tests can fail, let's be proactive and gather up a support
bundle when they fail. It will help diagnose the problem
to some extent.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The OSPF TE topotest is using switches to interconnect router. During the test,
interfaces are shutdown on some routers to simulate link failure and check that
the TED is correctly updated. However, the switche between router avoid the
detection by the neighbor router that the interface is down i.e. the interface
line remains up as it is conneted to the switch and not to the router.
This patch update the tested topology by removing the switch and connect
directly the router excepted the inter AS link on R3. Interface are also
renamed accordingly.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
The test_ospf_suppres_fa.py script is using straight
up sleeps before testing that the next step worked properly.
On a unloaded test system this will work 100% of the time
on a loaded test system this will have random failures.
Convert the test to use run_and_expect and give each
section of the test 30 seconds to get to the next state
appropriately instead of 10.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Add a new topotest `srv6_encap_src_addr` which verifies that the
`source-address` command works properly.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Convert bgp_prefix_sid2 to exabgp 4
Do not advertise prefixes to exabgp to avoid an issue where exabgp
resets the bgp session with the following notification:
> invalid ipv6 mpls-vpn next-hop length 48 expected 24 or 40
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Create reate exabgp cli fifo even it is not used in topotests to avoid
this error message:
> 16:21:42 | 2290205 | cli | could not find the named pipes (exabgp.in and exabgp.out) required for the cli
> 16:21:42 | 2290205 | cli | we scanned the following folders (the number is your PID):
> 16:21:42 | 2290205 | cli control | - /run/exabgp/
> 16:21:42 | 2290205 | cli control | - /run/0/
> 16:21:42 | 2290205 | cli control | - /run/
> 16:21:42 | 2290205 | cli control | - /var/run/exabgp/
> 16:21:42 | 2290205 | cli control | - /var/run/0/
> 16:21:42 | 2290205 | cli control | - /var/run/
> 16:21:42 | 2290205 | cli control | - /usr/local/run/exabgp/
> 16:21:42 | 2290205 | cli control | - /usr/local/run/0/
> 16:21:42 | 2290205 | cli control | - /usr/local/run/
> 16:21:42 | 2290205 | cli control | - /usr/local/var/run/exabgp/
> 16:21:42 | 2290205 | cli control | - /usr/local/var/run/0/
> 16:21:42 | 2290205 | cli control | - /usr/local/var/run/
> 16:21:42 | 2290205 | cli control | please make them in one of the folder with the following commands:
> 16:21:42 | 2290205 | cli control | > mkfifo //run/exabgp.{in,out}
> 16:21:42 | 2290205 | cli control | > chmod 600 //run/exabgp.{in,out}
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Log exabgp by default in /tmp/topotests/<testname>/<peername>/exabgp.log
Level is INFO.
Note that in case the configuration syntax is invalid, exabgp does not
log into the file and exits at startup. You can check a configuration
syntax by running:
> exabgp <exabgp.cfg>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Require exabgp >= 4.2.11 to allow to newer version to run exabgp
topotests. Next commits will adapt the exabgp topotests when needed.
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
The vrf name was not being displayed in this output.
New output:
eva# show bgp vrf all ipv4 uni summ
BGP router identifier 0.0.0.0, local AS number 99 VRF RED vrf-id 14
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
192.168.119.1 4 0 0 0 0 0 0 never Active 0 N/A
Total number of neighbors 1
BGP router identifier 0.0.0.0, local AS number 99 VRF GREEN vrf-id 15
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
192.168.119.1 4 0 0 0 0 0 0 never Active 0 N/A
Total number of neighbors 1
BGP router identifier 192.168.122.1, local AS number 99 VRF default vrf-id 0
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
192.168.119.1 4 0 0 0 0 0 0 never Active 0 N/A
Total number of neighbors 1
BGP router identifier 0.0.0.0, local AS number 99 VRF GrEEn vrf-id -1
BGP table version 0
RIB entries 0, using 0 bytes of memory
Peers 1, using 20 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt Desc
192.168.119.1 4 0 0 0 0 0 0 never Idle 0 N/A
Total number of neighbors 1
eva#
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Don't use 'interface WORD area A.B.C.D' for enabling OSPFv3 areas on
interfaces and instead use the standardized 'ipv6 ospf6 area A.B.C.D'.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
