The fuzzing code that is in the master branch is outdated and unused, so it
is worth to remove it to improve readablity of the code.
All the code related to the fuzzing is in the `fuzz` branch.
Signed-off-by: Jakub Urbańczyk <xthaid@gmail.com>
Add new option to `segment-routing prefix` command to set the
Explcit Null flag in addition to the No-PHP flag. MPLS LFIB configuration
has been also updated to take into account the Explicit Null flag.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
RFC 8665 defines a Segment Routing Local Block for Adjacency SID.
This patch provides the possibility to modify the SRLB as well as
reserved the block range from the Label Manager.
- Introduce new CLI 'segment-routing local-block'
- Add local block to SRDB structure
- Parse / Serialize SRLB in Router Information LSA
- Update OSPF-SR topotest
- Update documentation
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
We can make the Linux kernel send an ARP/NDP request by adding
a neighbour with the 'NUD_INCOMPLETE' state and the 'NTF_USE' flag.
This commit adds new dataplane operation as well as new zapi message
to allow other daemons send ARP/NDP requests.
Signed-off-by: Jakub Urbańczyk <xthaid@gmail.com>
Configuration example:
ip route 9.9.9.9/32 6.6.6.6 color 123
The SR Policy to be chosen is uniquely identified by the policy
endpoint (6.6.6.6) and the SR-TE color (123). Traffic will be
augmented with an MPLS label stack according to the active
candidate path of that particular policy.
Co-authored-by: GalaxyGorilla <sascha@netdef.org>
Signed-off-by: Sebastien Merle <sebastien@netdef.org>
Give the FRR users some examples of gRPC usage in scripts to let them
start experimenting with the new configuration interface provided by
YANG/northbound.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Revert "zebra: support for macvlan interfaces"
This reverts commit bf69e212fd.
Revert "doc: add some documentation about bgp evpn netns support"
This reverts commit 89b97c33d7.
Revert "zebra: dynamically detect vxlan link interfaces in other netns"
This reverts commit de0ebb2540.
Revert "bgpd: sanity check when updating nexthop from bgp to zebra"
This reverts commit ee9633ed87.
Revert "lib, zebra: reuse and adapt ns_list walk functionality"
This reverts commit c4d466c830.
Revert "zebra: local mac entries populated in correct netnamespace"
This reverts commit 4042454891.
Revert "zebra: when parsing local entry against dad, retrieve config"
This reverts commit 3acc394bc5.
Revert "bgpd: evpn nexthop can be changed by default"
This reverts commit a2342a2412.
Revert "zebra: zvni_map_to_vlan() adaptation for all namespaces"
This reverts commit db81d18647.
Revert "zebra: add ns_id attribute to mac structure"
This reverts commit 388d5b438e.
Revert "zebra: bridge layer2 information records ns_id where bridge is"
This reverts commit b5b453a2d6.
Revert "zebra, lib: new API to get absolute netns val from relative netns val"
This reverts commit b6ebab34f6.
Revert "zebra, lib: store relative default ns id in each namespace"
This reverts commit 9d3555e06c.
Revert "zebra, lib: add an internal API to get relative default nsid in other ns"
This reverts commit 97c9e7533b.
Revert "zebra: map vxlan interface to bridge interface with correct ns id"
This reverts commit 7c990878f2.
Revert "zebra: fdb and neighbor table are read for all zns"
This reverts commit f8ed2c5420.
Revert "zebra: zvni_map_to_svi() adaptation for other network namespaces"
This reverts commit 2a9dccb647.
Revert "zebra: display interface slave type"
This reverts commit fc3141393a.
Revert "zebra: zvni_from_svi() adaptation for other network namespaces"
This reverts commit 6fe516bd4b.
Revert "zebra: importation of bgp evpn rt5 from vni with other netns"
This reverts commit 28254125d0.
Revert "lib, zebra: update interface name at netlink creation"
This reverts commit 1f7a68a2ff.
Signed-off-by: Pat Ruddy <pat@voltanet.io>
Document the commands `addpath-tx-all-paths`,
`addpath-tx-bestpath-per-AS` and attempt to provide an useful
explanation.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
This code was deprecated in 5.0 and removed after a year.
It has not been in the code base and we forgot to update the
doc.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The documentation for this command was missing. Add a little
bit of data for people in the future.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* add a vrf sub-command `[no] ipv6 router-id X:X::X:X`.
* add command `[no] ipv6 router-id X:X::X:X [vrf NAME]` for backward
compatibility.
* add a vrf sub-command `[no] ip router-id A.B.C.D` and make the old
one without `ip` an alias for it.
* add a command `[no] ip router-id A.B.C.D [vrf NAME]` for backward
comptibility and make the old one without `ip` an alias for it.
* add command `show ip router-id [vrf NAME]` and make
the old one without `ip` an alias for it.
* add command `show ipv6 router-id [vrf NAME]`.
* add ZAPI commands `ZEBRA_ROUTER_ID_V6_ADD`,
`ZEBRA_ROUTER_ID_V6_DELETE` and `ZEBRA_ROUTER_ID_V6_UPDATE`
for deamons to get notified of the IPv6 router-id.
* update zebra documentation.
Signed-off-by: Sebastien Merle <sebastien@netdef.org>
Matching by dscp may now also be specified by its standard codepoint
(provided it has one), such as `cf0` or `af11`.
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
Extend PBR maps to discriminate by Differentiated Services Code Point and / or
Explicit Congestion Notification fields. These fields are used in the IP header
for classifying network traffic.
0 1 2 3 4 5 6 7
+-----+-----+-----+-----+-----+-----+-----+-----+
| DS FIELD, DSCP | ECN FIELD |
+-----+-----+-----+-----+-----+-----+-----+-----+
DSCP: differentiated services codepoint
ECN: Explicit Congestion Notification
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
Signed-off-by: Saurav Kumar Paul <saurav@cumulusnetworks.com>
BFD profiles can now be used on the interface level like this:
interface eth1
ip router isis 1
isis bfd
isis bfd profile default
Here the 'default' profile needs to be specified as usual in the
bfdd configuration.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
The tests work with the default settings of BFD meaning that bfdd is
able to recognize a 'down' link after ~900ms so a route recovery should
be visible in the RIB after 1 second.
In the current state only IPv4 is used (when using IPv6
autoconfiguration) within BFD, even though the recovery also affects
IPv6 routes. This is different to the current state of ospfd/ospf6d in
combination with BFD since both IPv4 and IPv6 sessions are used there.
The following topology is used:
+---------+
| |
eth-rt2 (.1) | RT1 | eth-rt3 (.1)
+----------+ 1.1.1.1 +----------+
| | | |
| +---------+ |
| |
| 10.0.2.0/24 |
| |
| eth-rt1 | (.2)
| 10.0.1.0/24 +----+----+
| | |
| | RT3 |
| | 3.3.3.3 |
| | |
(.2) | eth-rt1 +----+----+
+----+----+ eth-rt4 | (.1)
| | |
| RT2 | |
| 2.2.2.2 | 10.0.4.0/24 |
| | |
+----+----+ |
(.1) | eth-rt5 eth-rt3 | (.2)
| +----+----+
| | |
| | RT4 |
| | 4.4.4.4 |
| | |
| +----+----+
| 10.0.3.0/24 eth-rt5 | (.1)
| |
| |
| 10.0.5.0/24 |
| |
| +---------+ |
| | | |
+----------+ RT5 +----------+
eth-rt2 (.2) | 5.5.5.5 | eth-rt4 (.2)
| |
+---------+
Route recovery is tested on RT1. The focus here lies on the two
different routes to RT5. Link failures are generated by taking
down interfaces via the mininet Python interface on RT2 and RT3.
Hence routes are supposed to be adjusted to use RT3 when a link
failure happens on RT2 or vice versa.
Note that only failure recognition and recovery is "fast". BFD
does not monitor a link becoming available again.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
Segment Routing Local Block (SRLB) is part of RFC8667. This change introduces
the possibility for isisd to advertize SRLB in LSP. Base and Range of SRLB
could be configured through CLI or Yang.
Adjacency-SID are now using this SRLB for label allocation. SRLB could also
be used for SID-Binding (e.g. LDP to SR).
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
A new config option `--disable-version-build-config`
allows you to show short version string by dropping
"configured with:" and all of its build configs
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Distinguish between unicast and broadcast opaque messages
in zebra handler code. Add cli and internal api changes to
have sharpd send unicast opaque messages. Add opaque cli
commands to the sharp user doc.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
Description:
Added json support for the following PIM commands.
1. show ip mroute [vrf NAME] count [json]
2. show ip mroute vrf all count [json]
3. show ip mroute [vrf NAME] summary [json]
4. show ip mroute vrf all summary [json]
Signed-off-by: Rajesh Girada <rgirada@vmware.com>
Let the user know its possible to create BFD sessions with profiles
applied to it or apply profile to already created sessions.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Updated documentation for routers with a large route table, which breaks
SNMP/AgentX and in some conditions even crashes FRR. The documentation
proposal amends the SNMP configuration to exclude certain OID's that
are not needed in normal cases.
Format-fixed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Bart Vrancken <bart@abuse.io>
Revise new `show pbr` keys to be consistent with existing
json in other daemons
target->nexthop
id->tableId (where relevant)
isValid->valid
isInstalled->installed
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
a linux configuration gives some explanation on how to set up an evpn
overlay in network namespaces.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Include an IPv6 example for set src
And a note that the IP address has to exist. This is to try and make
people aware to avoid things like issue #4249https://github.com/FRRouting/frr/issues/4249
Signed-off-by: Tim Bray <tim@kooky.org>
Added a new show command "show ip multicast", display the multicast data
packet in and out on interface level.
Signed-off-by: Sarita Patra <saritap@vmware.com>
Issue: no ip msdp mesh-group <word> source command
deleting the mesh group, which might be used by the member.
Solution: no ip msdp mesh-group <word> source command, deletes
the mesh-group source.
Add a new cli command "no ip msdp mesh-group <word>" to delete
the mesh group.
Signed-off-by: Sarita Patra <saritap@vmware.com>
LDP ordered label distribution control only binds a label to
a FEC if it is the egress LSR, or the router received a label
binding for a FEC from the next hop router. In this mode,
an MPLS router will create a label binding for each FEC and
distribute it to its neighbors so long as he has a entry in
the RIB for the destination.
Signed-off-by: Lynne Morrison <lynne@voltanet.io>
Signed-off-by: Karen Schoener <karen@voltanet.io>
this command is missing, compared with 'match ipv6 next-hop' command
available. Adding it by taking into account the backward compatible
effect when supposing that some people have configured acls with name
being an ipv4 address.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Add a bit of debug to show the listener sockets and who created them
to associate with strace output for a developer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When pim receives a register packet, we will apply the
received source to the prefix list. If accepted normal
processing continues. If denied we will send a register
stop message to the source.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Change the overview page's link for slack info to point to
the main FRR homepage section - that's where the self-serve
link/info is.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
This directive was undocumented, but is the way to configure the
next-hop to be left unchanged for ipv6 setups (in ipv4, a route-map with
`set next-hop unchanged` works fine, but this is unavailable for ipv6) .
Signed-off-by: Raphael Bauduin <rb@raphinou.com>
First round of support for exercising the lsp and ftn paths
using sharpd. This supports lsp-only, and binding to
ipv4 prefix. Also use the common lib nexthop-to-zapi
helper api instead of sharpd's open-coded version.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
The commit includes the documentation for the newly introduced
commands to enable/disable the optimization.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
1. show ip pim mlag summary
provides MLAG session information and stats
2. show ip pim mlag upstream
displays the upstream entries synced across the MLAG switches
Signed-off-by: Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
Indicate in the doc clearly that we do not support the dynamic
creation of pbr maps for sub-interfaces when the master has
an interface. Such as in vlans. It must be explicitly added.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Add a 'copy' cli that reads a file into the current running
config. Add an entry about the new cli to the user doc.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
This change list contains the documentation of BGP Greacful Restart
feature and all the commnads to enable/disable the feature
Signed-off-by: Biswajit Sadhu <sadhub@vmware.com>
The FRR community keeps getting asked about what is supported or not.
Try to clarify in an additional spot what is and what is not supported.
Where people interested in using PIM might have a chance at actually
seeing the notification.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The bgp neighbor password command was not documented additionally
the fact that you may need to instruct the kernel to have more
memory available for tcp sockets when using this feature on a large
number of peers.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Provide a more succinct summary of what FRR is, what it does, where it
sits in the network stack. Also remove some outdated comments about
features.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
router-id is buried deep in "show running-config", this new
command makes it easy to retrieve the user configured router-id.
Example:
# configure terminal
(config)# router-id 1.2.3.4
(config)# end
# show router-id
router-id 1.2.3.4
# configure terminal
(config)# no router-id 1.2.3.4
(config)# end
# show router-id
#
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Allow 'ip igmp join' to join group for any source if no source is
specified.
Disallow joining source "0.0.0.0" as it is used to define an
any-source multicast group.
Signed-off-by: Liam McBirnie <liam.mcbirnie@boeing.com>
doc/user/bgp.rst:420: WARNING: Title underline too short.
Reject routes with AS_SET or AS_CONFED_SET types
-------------------------------
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
Add support for labelled nexthops in nexthop-group
vtysh configuration. Also update the PBR doc where
the cli is described.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
Problem reported by testing facility that our sending of Router
Advertisements more frequently than once very three seconds is not
compliant with rfc4861. Added a knob to turn off fast retransmits
in order to meet the requirement of the RFC.
Ticket: CM-27063
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
`set vrf NAME` allows the pbr map to point to an arbitrary vrf table.
`set vrf unchanged` will use the interface's vrf for table lookup.
Further, add functionality for pbr to respond to interface events
such as interface vrf changes & interface creation/deletion.
Ex)
ubuntu_nh# show pbr map
pbr-map TEST valid: 1
Seq: 1 rule: 300 Installed: 3(1) Reason: Valid
SRC Match: 3.3.3.3/32
VRF Unchanged (use interface vrf)
pbr-map TEST2 valid: 1
Seq: 2 rule: 301 Installed: 3(2) Reason: Valid
SRC Match: 4.4.4.4/32
VRF Lookup: vrf-red
root@ubuntu_nh:/home# ip rule show
0: from all lookup local
300: from 3.3.3.3 iif dummy2 lookup main
300: from 3.3.3.3 iif dummyVRF lookup 1111
301: from 4.4.4.4 iif dummy1 lookup 1111
301: from 4.4.4.4 iif dummy3 lookup 1111
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com-
Add some doc information for the new nexthop group commands. Also
had to add some for ones that were missing, which we are adding
additional commands to.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
getrusage, in a heavily stressed system, can account for
signficant running time due to process switching to the kernel.
Allow the end-operator to specify `--disable-cpu-time` to
avoid this call. Additionally we cause `show thread cpu` to
not show up if this is selected.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
this table identifier can be used for policy routing. incoming entries
are locally exported to that local table identifier.
note that so that the user applies the new table identifier to all
entries, the user should flush local tables first.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
FRR supports the ability to turn off the negotation of bgp capabilities.
Provide a few bread crumbs to the operator that it might not be as
useful as they would hope.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Current autocompletion works only for simple "vrf NAME" case.
This commit expands it also for the following cases:
- "nexthop-vrf NAME" in staticd
- usage of $varname in many daemons
All daemons are updated to use single varname "$vrf_name".
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Update the user docs to have information about the `show bgp update-group..
group of commands.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Modification of the documentation for the `ip pim sm` command in order to avoid the understanding of an incompatibility with IGMP on the interface.
Signed-off-by: Alexis Royer <alexis.royer@gmail.com>
Allow bgp to store and pass through a different distance than
normal for installing into the rib.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The FRR documentation had no discussion about how Administrative
Distance is used. Update the documentation to reflect the reality
on the ground.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
In a data center, having 32-128 peers is not uncommon. In such a situation, to find a
peer that has failed and why is several commands. This hinders both the automatability of
failure detection and the ease/speed with which the reason can be found. To simplify this
process of catching a failure and its cause quicker, this patch does the following:
1. Created a new function, bgp_show_failed_summary to display the
failed summary output for JSON and vty
2. Created a new function to display the reset code/subcode. This is now used in the
failed summary code and in the show neighbors code
3. Added a new variable failedPeers in all the JSON outputs, including the vanilla
"show bgp summary" family. This lists the failed session count.
4. Display peer, dropped count, estd count, uptime and the reason for failure as the
output of "show bgp summary failed" family of commands
5. Added three resset codes for the case where we're waiting for NHT, waiting for peer
IPv6 addr, waiting for VRF to init.
This also counts the case where only one peer has advertised an AFI/SAFI.
The new command has the optional keyword "failed" added to the classical summary command.
The changes affect only one existing output, that of "show [ip] bgp neighbors <nbr>". As
we track the lack of NHT resolution for a peer or the lack of knowing a peer IPv6 addr,
the output of that command will show a "waiting for NHT" etc. as the last reset reason.
This patch includes update to the documentation too.
Signed-off-by: Dinesh G Dutt <5016467+ddutt@users.noreply.github.com>
This implements BMP. There's no fine-grained history here, the non-BMP
preparations are already split out from here so all that remains is BMP
proper.
Signed-off-by: David Lamparter <equinox@diac24.net>
Problem reported that "clear bgp *" only cleared ipv6 peers.
Changed the logic to clear all afi/safis of all peers in
that case. Also improved the operation of clearing
individual afi/safi using soft/in/out to do the right thing.
Ticket: CM-25887
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Add notes to several docs about the limits to FRR's current
MPLS-TE support, which is limited to some routing protocol
LSA/TLV support. It wasn't very clear that FRR does not offer
a complete TE/RSVP-TE solution at this time.
Also removed some stale info about configure script options.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
Add a warning to the user documentation about v6 ecmp route
deletion and what version of the linux kernel that you should
be using.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The documentation says "match aspath" to match an AS path in a
route-map while the directive is "match as-path".
Signed-off-by: Vincent Bernat <vincent@bernat.ch>
The v2 and v3 ospf documentation was suggesting
that the user should use a deprecated command.
Fixes: #4734
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
the documentation of zebra is appended with that command.
PR=61261
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Acked-by: Thibaut Collet <thibaut.collet@6wind.com>
After ~4 months of deprecation period [1], drop support for older
libyang versions that don't support embedded extensions.
In addition to support for embedded extensions, libyang 0.16-r3
contains several bug fixes and performance improvements compared
to libyang-0.16-r1. It was about time to update.
Fixes:
* Issue #3273
* Issue #3971
[1] See commit 68626e08.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Add a not under the log-filter command to indicate
that, while filtering reduces load on the system by
large margins, there may still be a small performance
hit from filtering those.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Fix details :
Added a utility cli to generate a igmp query on an interface.
This won't impact the existing query generation based on the
general query interval.
Signed-off-by: Rajesh Girada <rgirada@vmware.com>
This will allow the end-user to clear the counters associated
with the route-map. Subsuquent `show route-map ..` commands
will display counters since the last clear.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add some user documentation for applying/deleting/showing
log filters with the new commands.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
FRR has a provision to give exact-match in match clause for
standard community, but this option is missing for lcommunity.
Part 3 : show related changes for match clause
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
FRR has a provision to give exact-match in match clause for
standard community, but this option is missing for lcommunity.
Part 2 : CLI related changes for match clause
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
The `bgp multiple-instance` command has been removed but
we did not properly update the documentation. Let's do so.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
FRR has no option for the as-set for aggregate route
under IPV6 address family. Added the command to
configure the as-set option for IPV6.
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
The -N <namespace> option is now used to control the location
of various control files and sockets. Update the documentation
to reflect this.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Simple documentation update for the new `clear ip mroute [vrf NAME] count`
command to the FRRouting documentation.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Introduce new cli commands ip igmp last-member-query-count <1-7>
ip igmp last-member-query-interval <1-255> deciseconds.
Display the config in show running config and show ip igmp interface
Signed-off-by: Sarita Patra <saritap@vmware.com>
Introduced a new command "show ip mroute summary"
to display total number of (*, G) and (S, G) mroutes
created and number of mroutes installed in the kernel.
Signed-off-by: Sarita Patra <saritap@vmware.com>
The `bgp bestpath prefix-validate disallow-invalid` command referenced in
the rpki documentation does not actually exist, remove the erroneous docs
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Place in the code the ability for end operators to know how
to modify MAX_FDS so that they can run large scale operations.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This code doees this:
a) Imagine ospf installs a route into zebra. Zebra crashes and
we restart FRR. If we are using the -k option on zebra than
all routes are re-read in, including this OSPF route.
b) Now imagine at the same time that zebra is starting backup
ospf on a different router looses a link to the this route.
c) Since zebra was run with -k this OSPF route is read back
in but never replaced and we now have a route pointing out
an interface to other routers that cannot handle it.
We should never allow users to implement bad options from zebra's
perspective that allow them to put themselves into a clear problem
state and additionally we have *absolutely* no mechanism to ever
fix that broken route without special human interaction.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
<Initial Code from Praveen Chaudhary>
Add the a `--graceful_restart X` flag to zebra start that
now creates a timer that pops in X seconds and will go
through and remove all routes that are older than startup.
If graceful_restart is not specified then we will just pop
a timer that cleans everything up immediately.
Signed-off-by: Praveen Chaudhary <pchaudhary@linkedin.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The current wording can sometimes be misinterpreted to mean that this
command is optional, but for an MPLS-VPN to function a VPN label MUST be
assigned to routes exported from the VPN.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
this command is used when user wants to use the cbit value.
more information in the documentation.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
in ospf6d, the 'router-id' command must be prefixed with 'ospf6'.
Update the docs to reflect this.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
now that bfd show commands have changed, update documentation so as to
reflect how to use vrf keyword in the show bfd commands.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Noticed that a couple of the `show zebra ...` commands are missing
from the zebra documentation that I use a bunch. Let's add them
in.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This command is broken and has been broken since the introduction
of vrf's. Since no-one has complained it is safe to assume that
there is no call for this specialized linux command. Remove
from the system with extreme prejudice.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The PIM-EVPN doc was not rendering very well on the
website. So Update documentation to allow it to render
better.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Reflow to 80 columns
* Improve markup
* Add --apiserver option to example ospfd invocations
* Add note on requirement of this option to use api server
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
watchfrr_enable is ignored, watchfrr_options is unneeded and the
valgrind options have been replaced with daemon_wrap/all_wrap.
Signed-off-by: David Lamparter <equinox@diac24.net>
When you are using the install/remove routes command, the
output goes to a log file. This command allows for ease
of dump of timing information from the vty or vtysh.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Starting with libyang 0.16.74, we can load internally embedded yang
extensions instead of going through the file system/dlopen. Detect
support for this at build time and use if available.
NB: the fallback mechanism will go away in a short while.
Signed-off-by: David Lamparter <equinox@diac24.net>
This doc is .. include::'d in snmp.rst and needs to be ignored as part
of the main toctree build. This patch squashes a Sphinx build warning.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Router Information needs to specify the area ID when flooding scope is set to
AREA. However, this authorize only one AREA. Thus, Area Border Router (ABR) are
unable to flood Router Information Opaque LSA in all areas they are belongs to.
The path implies that the area ID is no more necessary for the command
'router-info area'. It remains suported for compatibility, but mark as
deprecated. Documentation has been updated accordingly.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
The --with-yangmodelsdir and --with-libyang-pluginsdir build-time options
pertain to FRR so they shouldn't be placed along with the libyang build
instructions. Move these instructions to where they belong to avoid
confusion.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This plugin leverages the northbound API to integrate FRR with Sysrepo,
a YANG-based configuration and operational state data store.
The plugin is linked to the libsysrepo library and communicates with
the sysrepod daemon using GPB (Google Protocol Buffers) over AF_UNIX
sockets. The integration consists mostly of glue code that calls the
appropriate FRR northbound callbacks in response to events triggered
by the sysrepod daemon (e.g. request to change the configuration or to
fetch operational data).
To build the sysrepo plugin, provide the --enable-sysrepo option to the
configure script while building FRR (the libsysrepo library needs to be
installed in the system).
When installed, the sysrepo plugin will be available for all FRR daemons
and can be loaded using the -M (or --module) command line option.
Example: bgpd -M sysrepo.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This plugin leverages the northbound API to integrate FRR with the ConfD
management agent.
The plugin is linked to the libconfd library and communicates with the
confd daemon using local TCP sockets. The integration consists mostly
of glue code that calls the appropriate FRR northbound callbacks in
response to events triggered by the confd daemon (e.g. request to change
the configuration or to fetch operational data).
By integrating FRR with the libconfd library, FRR can be managed using
all northbound interfaces provided by ConfD, including NETCONF, RESTCONF
and their Web API.
The ConfD CDB API is used to handle configuration changes and the ConfD
Data Provider API is used to provide operational data, process RPCs and
send notifications. Support for configuration management using the ConfD
Data Provider API is not available at this point.
The ConfD optional 'get_object()' and 'get_next_object()' callbacks were
implemented for optimal performance when fetching operational data.
This plugins requires ConfD 6.5 or later since it uses the new leaf-list
API introduced in ConfD 6.5.
To install the plugin, the --enable-confd option should be given to the
configure script, specifying the location where ConfD is installed.
Example: ./configure --enable-confd=/root/confd-6.6
When installed, the confd plugin will be available for all FRR daemons
and can be loaded using the -M (or --module) command line option.
Example: zebra -M confd.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
For some reason, automake was "randomizing" the order of these few lines
in the generated output Makefile.in.
I have absolutely no clue what's going on, but it's the only thing
preventing me from building reproducible source tarballs (i.e.
bit-exactly identical), so... just slightly "rephrase" this.
Should behave exactly the same as before.
Signed-off-by: David Lamparter <equinox@diac24.net>
Some draft ietf are not handle by :rfc: keyword. A workaround is
proposed, like it has been done for flowspec.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This corrects the route map documentation to add the missing "prefix-list"
keyword, which is necessary when matching against a prefix list (as opposed to
an access list).
Additionally, change hyphens for underscores in the variables the user is
supposed to substitute in those commands, to prevent any confusion with the
"prefix-list" keyword itself, and also to make it more consistent with the
other documented commands (which are already using underscores).
Signed-off-by: Tore Anderson <tore@redpill-linpro.com>
Documentation on how to use multiple autonomous systems was inaccurate
and a bit scattered. Clarify usage of VRFs with multiple autonomous
systems, how to configure them, and their distinction from views. Also
moves a block on L3VPN VRFs out of the 'Basic Concepts' section.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Implement RFC 6232, optionally allowing to flood isisd's NET and
hostname in purges it originates.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
The sphinx 'text' writer apparently doesn't support these, and the
'dummy' writer is only available on recent versions, and all of this
makes the build a bit annoying...
Signed-off-by: David Lamparter <equinox@diac24.net>
Sphinx actually does work with a parallel build, if the doctree creation
is a separate step (which the other builds will then just read
unmodified.) This can be done with the "dummy" target.
This also adds "-j6" to sphinx-build and adds a "--disable-doc-html"
switch on ./configure to turn on/off building HTML docs separately.
Also, HTML docs are now installed by "make install" to
/usr/share/doc/frr/html.
Signed-off-by: David Lamparter <equinox@diac24.net>
It is possible to dynamically change default VRF name, if vrf backend is
a netns backend. By creating a link to the default netns in
/var/run/netns folder, then the file name will be used to name the
default VRF. If no backend netns is chosen, it is explained that it is
still possible to statically configure the default vrf name to new
define.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Coded as part of #2684 and most code written while participating at
BornHack@2018.
bgp.rst: Explain what the communities does and a summarized edition of
the communities purpose.
Signed-off-by: Christoffer <netravnen@gmail.com>
The smux.c code has not been able to compile for 2+ years
and no-one has noticed. Additionally net-snmp has marked
smux integration as deprecated for quite some time as well.
Since no-one has noticed and it's been broken and smux integration
is deprecated let's just remove this from the code base.
From looking at the code, it sure looks like SNMP could use
a decent cleanup.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Improvements:
* Show command line as code, to avoid confusion about single dash (`-`)
and double dash;
* Tell the user where the BGP BFD commands can be found;
* Document OSPF/OSPF6/PIM BFD commands;
* Document JSON commands;
* Tell about session counters;
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Options must be documented before they can be cross-referenced, and the
scope for configure options is not present in rpki.rst. Remove the
option role tag from the `-M` option to remove the build warning.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Remove the ip route specific sections from zebra documenation and
create a specific one for the new staticd.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The parameter was missing in that vty command. Then it is being added.
Also some documentation is refreshed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
It has not been properly documented yet how to enable the RPKI module with BGP when having installed FRR with RPKI support. This PR seeks to add a section to the user documentation about this. So users will not have to resolve to searching the internet and looking through the FROG mailing list threads for answers.
This commit gathers some basic information on how to configure and setup
Ldp, as well as depict some main principles for that protocol.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Add some information to inform the user that one can either display ipv4
or ipv6 routing table, with the above commands.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Currently, make check runs the unit tests and reports pass/fail,
but we have no way to guage how much of the code is covered by
these tests. gcov provides those statistics on a per source
file basis, but requires special CFLAGS and LDFLAGS. Here, we
add the --enable-gcov configure option to setup those options
correctly. We also add a make target called check-coverage,
which runs the unit tests, runs gcov and uploads the data to
the codecov.io cloud service for display.
Finally, we include a Dockerfile-coverage which creates a
container image in alpine linux to run the tests. To create
the image:
$ docker build \
--build-arg commit=`git rev-parse HEAD` \
--build-arg token=<upload token from codecov.io> \
-t frr-gcov:latest \
-f docker/alpine/Dockerfile-coverage .
and to create and upload the report:
$ docker run -it --rm frr-gcov:latest
Testing done:
Created and uploaded a report from my fork using alpine linux 3.7.
Non-coverage alpine 3.7 build still works.
Issue: https://github.com/FRRouting/frr/issues/2442
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
* Fix broken citations
* Remove trailing whitespace
* Rewrap to 80 lines
* Tweak capitalization of section headers
* Clean up a few indented blocks
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Older versions of Sphinx don't support toctree captions, so we can't use
them yet unfortunately.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Update the list of protocol daemons from 5 to the current 13
* Rewrap and clean up formatting for lots of miscellaneous code blocks
* Improve English in various spots
* Update architecture description and diagram
* Remove duplicate information on reporting bugs
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This doc needed (and still needs) a lot of love.
* Reorganize doc into logical sections
* Clean up lots of grammatical mistakes and misspellings
* Clean up lots of bad formatting
* Remove non-existent configuration options and commands
* Mark deprecated configuration options as deprecated
* Fix all cross-references to follow a standard format
* Fix capitalization on section and subsection titles
* Fix section and subsection level underlines
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
PIM documantation was missing commands relevant to PIM protocol
that were documented in COMMANDS file of pimd directory.
Signed-off-by: Mladen Sablic <mladen.sablic@gmail.com>
Note that these commands:
bgp config-type cisco
no bgp multiple-instance
are now deprecated and will be removed in a future version of FRR.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Keeping the config intact might be misunderstood. I say that even if VRF
netns is automatically discovered, it is possible for administrator to
save the netns information in the config file, to bring more clarity (
hence the config commands available).
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
To avoid some confusions, it is precised in the documentation that
the configuration not done from zebra will not be injected in the
configuration context. As consequence, the config file will not be
impacted by underlying network context. But also, this will not be
possible for *Zebra* to attempt to modify outside networking objects.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This commit brings some information about BGP VRF case with peering
using multiple VRF instances.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Apparently Automake has some undocumented logic somewhere that makes it
so any Makefile generated from an Automake Makefile.am is removed from
its secret list of things to delete that it deletes when performing a
recursive distclean before actually performing the recursive distclean
and since the secret list is automatically generated from the list of
things that Autoconf should generate in configure.ac we can't remove the
Makefile from that list or it will break Automake's list of things to
automatically generate that it generates from Autoconf's list of things
to automatically generate.
Thus, to prevent Automake from deleting Makefiles and then immediately
trying to use the Makefiles it just deleted to delete said Makefiles, we
must remove ourselves from the secret list, which is accomplished by
changing the file extension to '.am' instead of '.in'.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Add the documentation for match source-instance.
I also noticed that 'match source-protocol' was missing
add that in too.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Kernel 2.2 was released in 1999, I'm pretty sure everybody has it by
now. Plus these links don't even exist anymore.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
While we have docs on various pieces of the build system we don't have
any docs on how to actually get FRR running once it's installed, nor do
we have comprehensive documentation on the basic procedure for building
from source. This patch remedies both of those.
Also updated the services list in the docs and removed the SERVICES file
from the project root.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The pull request #1545 from @donaldsharp introduced the command 'no
password' to remove an existing terminal connection password.
Additionally, warnings have been added to both 'no password' and 'no
enable password' to make the user aware of any security implications.
It seems that this specific pull request was never merged against master
and got lost. This commit is a cherry-pick of d4961273cb with fixed
conflicts and updated documentation.
Thanks to @donaldsharp and @pogojotz for the original PR.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
As there are subtle differences between VRF-lite and VRF-netns,
some information is given to the operator on what can be/ can not be
done.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Explain the --enable-ecmp=X configure option as well as
modify the zebra user doc to explain the -e X option.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Documentation was not fully using Automake / Autoconf and therefore needs
modifications to support black magic VPATH builds.
* Convert Makefile's to Autoconf-controlled Makefile.in's
* Tweak loading of pygments lexer to handle runtime paths
* Update .gitignore's as necessary
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
