In Linux, a network driver can set the interface flags IFF_UP and
IFF_RUNNING although the IFF_LOWER_UP flag is down, which means the
interface is ready but the carrier is down:
> These values contain interface state:
>
> ifinfomsg::if_flags & IFF_UP:
> Interface is admin up
> ifinfomsg::if_flags & IFF_RUNNING:
> Interface is in RFC2863 operational state UP or UNKNOWN. This is for
> backward compatibility, routing daemons, dhcp clients can use this
> flag to determine whether they should use the interface.
> ifinfomsg::if_flags & IFF_LOWER_UP:
> Driver has signaled netif_carrier_on()
However, FRR considers an interface is operational as soon it is up
(IFF_UP) and running (IFF_RUNNING), disregarding the IFF_LOWER_UP flag.
This can lead to a scenario where FRR starts adding routes through an
interface that is technically down at the carrier level, resulting in
kernel errors.
> Jan 02 18:07:18 dut-vm zebra[283731]: [WVJCK-PPMGD][EC 4043309093] netlink-dp (NS 0) error: Network is down, type=RTM_NEWNEXTHOP(104), seq=243, pid=3112881162
> Jan 02 18:07:18 dut-vm zebra[283731]: [X5XE1-RS0SW][EC 4043309074] Failed to install Nexthop (318[if 164]) into the kernel
> Jan 02 18:07:18 dut-vm zebra[283731]: [HSYZM-HV7HF] Extended Error: Carrier for nexthop device is down
> Jan 02 18:07:18 dut-vm zebra[283731]: [WVJCK-PPMGD][EC 4043309093] netlink-dp (NS 0) error: Network is down, type=RTM_NEWNEXTHOP(104), seq=245, pid=3112881162
> Jan 02 18:07:18 dut-vm zebra[283731]: [HSYZM-HV7HF] Extended Error: Nexthop id does not exist
> Jan 02 18:07:18 dut-vm zebra[283731]: [WVJCK-PPMGD][EC 4043309093] netlink-dp (NS 0) error: Invalid argument, type=RTM_NEWROUTE(24), seq=246, pid=3112881162
> Jan 02 18:07:18 dut-vm zebra[283731]: [X5XE1-RS0SW][EC 4043309074] Failed to install Nexthop (320[10.125.0.2 if 164]) into the kernel
> Jan 02 18:07:18 dut-vm zebra[283731]: [VYKYC-709DP] default(0:254):0.0.0.0/0: Route install failed
Consider an interface is operational when it has the IFF_UP, IFF_RUNNING
and IFF_LOWER_UP flags.
Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/networking/operstates.rst?h=v6.7-rc8#n29
Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/net/ipv4/nexthop.c?h=v6.7-rc8#n2886
Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/linux/netdevice.h?h=v6.7-rc8#n4198
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
pimd crashs while unconfigure of rp ka timer as we are trying to access
a yand dnode(suppress timer) which does not exist at the moment.
User just configured rp keepalive timer and not suppress timer,
the yang dnode would not be present. Instead of directly accessing
yang_dnode_get_unit16, first check the yang node exist using
the xpath.
Ticket: #3874971
Testing:
Before:
------
tor-11(config)# no ip pim rp keep-alive-timer 3000
vtysh: error reading from pimd: Success (0)Warning: closing connection to pimd because of an I/O error!
Broadcast message from root@tor-11 (somewhere) (Mon Apr 22 17:29:12 2024):
cumulus-core: Running cl-support for core files "pimd.25467.1713806952.core"
After:
-----
tor-11(config)# no ip pim rp keep-alive-timer 3000
tor-11(config)#
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Signed-off-by: Vijayalaxmi Basavaraj <vbasavaraj@nvidia.com>
There is no support for option 8, as per RFC7854.
Add the 64 bit counter in the peer structure.
Add the missing per peer statistic.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Some wireshark versions can not decode the experimental
bmp stat code. This may also be the case for some collectors.
Add a vty command to be able to disable bmp to sending
those values.
> [no] bmp stat send-experimental
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
There is no support for option 7, as per RFC7854.
Add the 64 bit counter in the peer structure.
Add the 64 bit bmp value write api.
Add the missing per peer statistic.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
If frr.conf has bgp as-path access-list clause without sequence number
then upon performing frr-rleoad, the running config clause with sequence
number will always be deleted and the new ones without sequence will
be re-added.
This could lead to blackholing until the config gets reapplied.
Testing:
frr.conf:
bgp as-path access-list important_internet_bgp_as_numbers permit _16509_
Running config:
bgp as-path access-list important_internet_bgp_as_numbers seq 5 permit
_16509_
!
Before fix
Upon frr-reload it deletes and readd line as without seq
2024-04-26 03:16:45,772 INFO: Executed "no bgp as-path access-list
important_internet_bgp_as_numbers seq 5 permit _16509_"
'bgp as-path access-list important_internet_bgp_as_numbers permit
_16509_\n'
After fix:
no form is not executed and no delta determine between frr.conf
and running-config.
Signed-off-by: Chirag Shah <chirag@nvidia.com>
c-ares has deprecated ares_gethostbyname() in version 1.28.0
Replace it with ares_getaddrinfo().
This fixes a build error on Fedora 40.
Signed-off-by: Andrew Cooks <acooks.at.bda@gmail.com>
This commit include OSPFAPI Server options to:
1. Allow specification of the OSPFAPI server local address.
2. Allow different OSPFAPI server TCP ports to be specified for different
OSPF instances in /etc/services.
Signed-off-by: Acee Lindem <acee@lindem.com>
ietf-key-chain depends on ietf-netconf-acm, and lib/ code sets up the
former, so ietf-netconf-acm needs to be embedded in the libfrr too.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Add the support for adding DX6 behavior into netlink layer of zebra.
Add the necessary test in sharpd.
> ubuntu2204# sharp install seg6local-routes 1:1::1:2 nexthop-seg6local loop1 End_DX6 4:4::4:6 1
> ubuntu2204# do show ipv6 route
> [..]
> D>* 1:1::1:2/128 [150/0] is directly connected, loop1, seg6local End.DX6 nh6 4:4::4:6, weight 1, 00:00:03
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
interface_up also handles changes to the interface type, i.e. broadcast
to ptp to ptmp. Connected routes for these are different and must be
readvertised, which is done in ospf6_interface_recalculate_cost() - but
only if the cost changed. Use the force variant here.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The code emitting connected routes was checking against the interface
state (which can also be lo/ptp/ptmp) rather than the interface type.
This was causing wrong IA prefixes for connected routes getting put up
out if the interface was down intermittently.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
clang-format doesn't understand `DEFUN` and formats it rather ugly.
Standard approach was to skip these in clang-format, which hasn't
happened here sadly.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
use the new recommendation from cmake:
--install-prefix <directory>
New in version 3.21.
Specify the installation directory, used by the
CMAKE_INSTALL_PREFIX variable. Must be an
absolute path.
reminder: the default path is /usr/local instead of /usr
Signed-off-by: Vincent Jardin <vjardin@free.fr>
use the new recommendation from cmake:
--install-prefix <directory>
New in version 3.21.
Specify the installation directory, used by the
CMAKE_INSTALL_PREFIX variable. Must be an
absolute path.
reminder: the default path is /usr/local instead of /usr
Signed-off-by: Vincent Jardin <vjardin@free.fr>
use the new recommendation from cmake:
--install-prefix <directory>
New in version 3.21.
Specify the installation directory, used by the
CMAKE_INSTALL_PREFIX variable. Must be an
absolute path.
reminder: the default path is /usr/local instead of /usr
Signed-off-by: Vincent Jardin <vjardin@free.fr>
no form of 'ip pm msdp peer <> source <>' does not
accept source argument. Stip the 'source <>' part from
config line being deleted via frr-reload.
Ticket: #3874971
Testing:
Config:
vrf blue
ip msdp peer 1.1.1.1 source 1.1.1.1
frr-reload failure log:
2024-04-23 02:08:32,501 INFO: Failed to execute vrf blue no ip
msdp peer 1.1.1.1 source 1.1.1.1 exit
2024-04-23 02:08:32,501 ERROR: "vrf blue -- no ip msdp peer 1.1.1.1
source 1.1.1.1 -- exit" we failed to remove this command
2024-04-23 02:08:32,501 ERROR: % Unknown command: no ip msdp peer
1.1.1.1 source 1.1.1.1
Signed-off-by: Chirag Shah <chirag@nvidia.com>
When no ip pim is performed subsequent pim related
configs under the interface also implicitly deleted.
The previous fix was attempting to remove from the same
list which was being integrated.
First collect the lines to remove in separate list
then at the end remove from the original lines_to_del.
commit 623af04e1c does not work properly if tries to delete
an entry from existing list which is being walked on.
Ticket: #3869779
Testing done:
frr.conf:
no interface config
running-config:
--------------
interface swp1
ip pim
ip pim active-active
ip pim allow-rp rp-list sample
ip pim bfd
ip pim use-source 1.1.1.1
ip multicast boundary oil test
exit
frr-reload log pointing only no ip pim config
is removed under interface:
2024-04-18 18:44:37,202 INFO: "frr defaults datacenter" cannot be removed
2024-04-18 18:44:37,202 INFO: "service integrated-vtysh-config" cannot be removed
2024-04-18 18:44:37,504 INFO: Executed "interface swp1 no ip pim exit"
2024-04-18 18:44:37,505 INFO: /var/run/frr/reload-YHS51E.txt content
Signed-off-by: Chirag Shah <chirag@nvidia.com>
ospfv3 shows this unconditionally, and ospfv2 does not show `ip ospf network ...` if the type of the interface matches the specified network.
Fixes: https://github.com/FRRouting/frr/issues/15817
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
When usid is not used, the isis_srv6_topo1 test does not work.
The SID prefix allocated by isis is different when the usid
flags is set or not. When the flags is not transmitted to isis,
the SID allocated is supposed to be a 128 bit mask length SID,
which is not what the isis_srv6_topo1 test is supposed to obtain.
Fix this by exchanging the flags locator value in the zclient api.
Fixes: 9b7491e1fc ("lib: Add support for flags to the SRv6 locator")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
When testing SNMP service on FRR, the following error message may
appear on some distros.
> # snmpwalk -v2c -c public .1.3.6 1.1.1.1 <OID>
> Bad operator (INTEGER): At line 73 in /usr/share/snmp/mibs/ietf/SNMPv2-PDU
> [..then result ..]
>
The error message is due to the /etc/snmp/snmp.conf file. By default, this
file is used by both snmp server and client side. The net-snmp MIB parsing
routing loads MIBS, to bind oids with the naming scheme used by the MIBS.
> # cat /etc/frr/snmp.conf
> [snmp]
> mibs +ALL
>
A potential fix would consist in modifying the SNMPv2-PDU.mib file: the
problem is known on ubuntu distros, as the snmp-mibs-downloader package
has not updated the SNMPv2-PDU.mib file.
The choice is done to not modify the original distro where the test is run
on. Fix the topotests by ignoring the 'SNMPv2-PDU line 73" error message, and
keep the other error messages that may happen, for instance, when an
unknown oid name value is requested.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
