Problem 1:
When route to BSR is having nexthop secondary address,
neighborship is built with primary address,
then pim_neighbor_find() fails, which cause drop of BSM
packet.
Fix 1:
Verify pim neighborship on the BSM received interface.
Problem 2:
Problem 2:
Source IP BSM address is primary address, where
as nexthop also can be primary or secondary address.
Fix 2:
Avoiding the check (nhaddr == src_ip) for PIMV6
Issue: #11957
Signed-off-by: Sarita Patra <saritap@vmware.com>
For incoming no-receiver SSM traffic, there isn't going to be a RP, much
less a RPF. We should install an MFC entry with empty oif regardless,
so we don't get swamped with further notifications.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Whether due to a pimd bug, some expiry, or someone just deleting MFC
entries, when we're in NOCACHE we *know* there's no MFC entry. Add an
install call to make sure pimd's MFC view aligns with the actual kernel
MFC.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This path here is pretty far on top of the list of issues that operators
will run into and have to debug when setting up PIM. Make the log
messages actually tell what's going on. Also escalate some from
`debug mroute detail` to `debug mroute`.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Coverity complains that MLAG_MSG_NONE cannot be reached in
the switch statement. Which is true so let's make it happy.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The files converted in this commit either had some random misspelling or
formatting weirdness that made them escape automated replacement, or
have a particularly "weird" licensing setup (e.g. dual-licensed.)
This also marks a bunch of "public domain" files as SPDX License "NONE".
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Passing a pre-formatted buffer in these places needs a `"%s"` in front
so it doesn't get formatted twice.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Use `getpid()` to initialize the sequence number. This change silences
Coverity Scan warning about truncated use of `time()` which in this case
is not a problem.
Found by Coverity Scan (CID 1519828)
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Topology:
========
Receiver----R1----(ens192)R2(ens224)----R3----R4----Source
--------------------------
R1=LHR
R2=RP
R4=FHR
Problem:
=======
1. Direct connected link between R1 and R3 is down initially.
2. So traffic flow path is R4<->R3<->R2<->R1<->Receiver.
3. Mroutes are properly created on all the nodes.
4. Up the direct connected link between R1 and R3.
5. Traffic flows in both the paths.
R4<->R3<->R2<->R1<->Receiver
R4<->R3<->R1<->Receiver
6. Duplicate traffic received at the receiver.
Root Cause:
==========
Initially when the direct connected link between R1 and R3 is
down, traffic flows via RP(R2). So in RP (S,G) installed with
IIF as ens224 and OIF as ens192 (reference = 2) with mask
PIM_OIF_FLAG_PROTO_STAR and PIM_OIF_FLAG_PROTO_PIM.
Now when the direct link between R1 and R3 is Up, LHR(R1) sends
SGRPT prune. After prune received, RP(R2) will remove OIF ens224
with mask PIM_OIF_FLAG_PROTO_STAR.
Since OIF ens224 is still present with mask PIM_OIF_FLAG_PROTO_PIM,
RP(R2) will not send prune towards R3.
So traffic continues to flow in the path R4<->R3<->R2<->R1<->Receiver.
Fix:
====
When SGRpt prune received, remove OIF irrespective of the OIF is
installed with mask "PIM_OIF_FLAG_PROTO_STAR" or "PIM_OIF_FLAG_PROTO_PIM".
Once OIF is removed, RP sends prune towards R3.
Issue: #11347
Signed-off-by: Sarita Patra <saritap@vmware.com>
Add some safe guards to avoid crashes and alert us about programming
errors in packet build.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Increase the MSDP peer stream buffer size to handle the whole TLV
(maximum is 65KiB due to 16bit field). If the stream is not resized
there will be a crash in the read function attempting to put more than
9192 (`PIM_MSDP_SA_TLV_MAX_SIZE`) bytes.
According to the RFC 3618 Section 12 we should accept the TLV and we
should not reset the peer connection.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
As per RFC 7761, Section 4.9.1
The RPT (or Rendezvous Point Tree) bit is a 1-bit value for use
with PIM Join/Prune messages (see Section 4.9.5.1). If the
WC bit is 1, the RPT bit MUST be 1.
ANVL conformance test case is trying to verify this and is failing.
Issue: #12354
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
As per RFC 7761, Section 4.9.1
The RPT (or Rendezvous Point Tree) bit is a 1-bit value for use
with PIM Join/Prune messages (see Section 4.9.5.1). If the
WC bit is 1, the RPT bit MUST be 1.
ANVL conformance test case is trying to verify this and is failing.
Issue: #12354
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
While doing nexthop lookup, only allow the nexthop
interafce which is PIM enabled.
Issue: #10782
Issue: #11931
Signed-off-by: Sarita Patra <saritap@vmware.com>
Problem:
When "no ip pim" is executed on source connected interface, its
ifp->info is set to NULL. But KAT on this interface is still
running, it wrongly dereferences NULL. This leads to crash.
Root Cause:
pim upstream IIF is still pointing towards the source connected
interface which is not pim enabled and Mroute is still present in
the kernel.
Fix:
When “no ip pim” command gets executed on source connected interface,
then loop through all the pnc->nexthop, if any new nexthop found,
then update the upstream IIF accordindly, if not found then update
the upstream IIF as Unknown and uninstall the mroute from kernel.
When “ip pim” command gets executed on source connected interface,
then also loop through all the pnc->nexthop and update the upstream IIF,
install the mroute in kernel.
Issue: #10782
Issue: #11931
Signed-off-by: Sarita Patra <saritap@vmware.com>
Bring error handling up front and delay creating socket so that
we don't think too much about closing the socket in error cases.
Signed-off-by: anlan_cs <vic.lan@pica8.com>
Saw this EC log:
```
PIM: [WX4HZ-FA72S][EC 100663307] pim_rp_find_match_group: BUG We should have found default group information
```
The root cause is group address of "0.0.0.0" is wrongly introduced into
`pim_rp_find_match_group()`. So add a check to avoid it.
Signed-off-by: anlan_cs <vic.lan@pica8.com>
... the prefix length wasn't ignored as expected. Both S and G are
always /32. But expecting "le 32" in prefix-list config is unexpected &
counterintuitive.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
If PIM had received a register packet with the Border Router
bit set, pimd would have crashed. Since I wrote this code
in 2015 and really have pretty much no memory of this and
no-one has ever reported this crash, let's just remove this
code.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
In pim_ecmp_nexthop_search: All paths that lead to this null pointer comparison already dereference the pointer earlier
There may be a null pointer dereference, or else the comparison against null is unnecessary.
Coverity CID-1519749
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
In tib_sg_oil_setup: Value returned from a function is not checked for errors before being used.
If the function returns an error value, the error value may be mistaken for a normal value.
Here, only the nexthop value is being used. So casted the return type to void.
Coverity CID-1519816
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
Rather than running selected source files through the preprocessor and a
bunch of perl regex'ing to get the list of all DEFUNs, use the data
collected in frr.xref.
This not only eliminates issues we've been having with preprocessor
failures due to nonexistent header files, but is also much faster.
Where extract.pl would take 5s, this now finishes in 0.2s. And since
this is a non-parallelizable build step towards the end of the build
(dependent on a lot of other things being done already), the speedup is
actually noticeable.
Also files containing CLI no longer need to be listed in `vtysh_scan`
since the .xref data covers everything. `#ifndef VTYSH_EXTRACT_PL`
checks are equally obsolete.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Problem:
frr(config)# show ip pim rp-info
RP address group/prefix-list OIF I am RP Source Group-Type
109.0.0.3 224.0.0.0/4 ens192 no Static ASM
frr(config)# int ens192
frr(config-if)# no ip pim
frr(config) show ip pim rp-info
RP address group/prefix-list OIF I am RP Source Group-Type
109.0.0.3 224.0.0.0/4 ens192 no Static ASM
rp-info OIF is still having ens192 which is PIM disabled.
Fixing this as part of this PR.
Issue: #12044
Signed-off-by: Sarita Patra <saritap@vmware.com>
Problem:
=======
frr(config)# do show ipv6 pim interface
Interface State Address PIM Nbrs PIM DR FHR IfChannels
ens192 up fe80::250:56ff:feb7:3619 0 local 0 1
Configure ens192 interface link-local address as RP.
frr(config)# ipv6 pim rp fe80::250:56ff:feb7:3619
No Path to RP address specified: fe80::250:56ff:feb7:3619
frr(config)# do show ipv6 pim rp-info
RP address group/prefix-list OIF I am RP Source Group-Type
fe80::250:56ff:feb7:3619 ff00::/8 Unknown yes Static ASM
Fix:
===
RP should not be link-local, multicast and unspecified address.
Signed-off-by: Sarita Patra <saritap@vmware.com>
Added common pim_show_bsm_db_helper to suppport both PIM and
PIMV6.
pim_show_bsm_db is moved to pim_cmd_common.c file.
Signed-off-by: Sarita Patra <saritap@vmware.com>
Added pim_show_group_rp_mappings_info_helper to suppport both PIM and
PIMV6.
pim_show_group_rp_mappings_info() is moved to pim_cmd_common.c file.
Signed-off-by: Sarita Patra <saritap@vmware.com>
Added common API pim_show_bsr_helper to suppport both PIM and
PIMV6.
pim_show_bsr() is moved to pim_cmd_common.c file.
Signed-off-by: Sarita Patra <saritap@vmware.com>
Introduced common api pim_process_unicast_bsm_cmd,
pim_process_no_unicast_bsm_cmd which will process
both "[no] ip pim unicast-bsm" command and "[no] ipv6 pim
unicast-bsm" command.
Signed-off-by: Sarita Patra <saritap@vmware.com>
Introduced common api pim_process_bsm_cmd,
pim_process_no_bsm_cmd which will process
both "[no] ip pim bsm" command and "[no] ipv6 pim
bsm" command.
Signed-off-by: Sarita Patra <saritap@vmware.com>
In the current code, if_lookup_by_index()
is called for un-initialized ifindex value.
This issue is introduced after 11098 PR.
Signed-off-by: Sarita Patra <saritap@vmware.com>
RpAddress is showing wrong value in
"show ipv6 pim bsm-database" cli. This is fixed now.
Issue: #12089
Signed-off-by: Sarita Patra <saritap@vmware.com>
There are lib debugs being set but never show up in
`show debug` commands because there was no way to show
that they were being used. Add a bit of infrastructure
to allow this and then use it for `debug route-map`
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Fixed as per rfc7761 section 4.3.1.
"""
Sending Hello Messages
The Address List option advertises all the secondary addresses
associated with the source interface of the router originating the
message. The option MUST be included in all Hello messages if there
are secondary addresses associated with the source interface and MAY
be omitted if no secondary addresses exist.
"""
Issue: #12015
Signed-off-by: Sarita Patra <saritap@vmware.com>
Proof:
eva# conf
eva(config)# no service integrated-vtysh-config
eva(config)# end
eva# wr mem
Note: this version of vtysh never writes vtysh.conf
Building Configuration...
Configuration saved to /etc/frr/zebra.conf
Configuration saved to /etc/frr/ripd.conf
Configuration saved to /etc/frr/ripngd.conf
Configuration saved to /etc/frr/ospfd.conf
Configuration saved to /etc/frr/ospf6d.conf
Configuration saved to /etc/frr/bgpd.conf
Configuration saved to /etc/frr/isisd.conf
Configuration saved to /etc/frr/pimd.conf
Configuration saved to /etc/frr/nhrpd.conf
Configuration saved to /etc/frr/eigrpd.conf
Configuration saved to /etc/frr/babeld.conf
Configuration saved to /etc/frr/sharpd.conf
Configuration saved to /etc/frr/fabricd.conf
Configuration saved to /etc/frr/pbrd.conf
Configuration saved to /etc/frr/staticd.conf
Configuration saved to /etc/frr/bfdd.conf
Configuration saved to /etc/frr/vrrpd.conf
Configuration saved to /etc/frr/pim6d.conf
eva#
Fixes: #12011
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When more than 2 routers are present in LAN and the querier
goes down, the other routers will wait for other querier
present timer to expire to elect a new querier.
This issue will be seen when the router having next lower ip
address expires the other querier present timer first and it
starts sending the query message. Now on the other non-querier
routers it will receive this query and reset its other
querier present timer but the querier is still the old one
and since it is lowest ip, it never gets updated to the newly
elected querier.
Reset the other querier timer only if query is received from
the previously elected querier or a better new querier
This will make sure that non-querier elects the new querier
whose ip address is higher than the old querier
when the old querier goes down via other querier querier
timer expiry
Issue: #12027
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
Implementing mld packets debug to information about packet generation for sending
and about packet handling from a received packet.
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
Changing
IGMP_DEFAULT_ROBUSTNESS_VARIABLE to GM_DEFAULT_ROBUSTNESS_VARIABLE,
IGMP_GENERAL_QUERY_INTERVAL to GM_GENERAL_QUERY_INTERVAL,
IGMP_QUERY_MAX_RESPONSE_TIME_DSEC to GM_QUERY_MAX_RESPONSE_TIME_DSEC and
IGMP_SPECIFIC_QUERY_MAX_RESPONSE_TIME_DSEC to GM_SPECIFIC_QUERY_MAX_RESPONSE_TIME_DSEC
to accomodate both igmp and mld. And moved it to common file.
Signed-off-by: Abhishek N R <abnr@vmware.com>
After restart pim dr address was zero due to which pim (*,G) join
could not get propagated towards RP.
While trying to find primary address ll_highest will be zero initially,
since we have not received address from zebra yet.
So we can get the best address at this point and use it as primary address
whenever ll_highest is zero.
Fixes: #11925
Signed-off-by: Abhishek N R <abnr@vmware.com>
Root Cause:
"clear ipv6 mroute" was not deleting the subscribers of gm_if
structure.
Fix:
The command "clear ipv6 mroute" deletes grp_pends, gsq_pends, sgs,
subscribers, expires of gm_if data structure.
Deleted the common code in gm_ifp_teardown() and called
gm_group_delete().
Issue: #11724
Signed-off-by: Sarita Patra <saritap@vmware.com>
Changed PIM_DEBUG_IGMP_TRACE to PIM_DEBUG_GM_TRACE and
PIM_DEBUG_IGMP_TRACE_DETAIL to PIM_DEBUG_GM_TRACE_DETAIL.
Hence, these macros can be used for both v6 and v4.
Issue: #11895
Co-authored-by: Sai Gomathi N <nsaigomathi@vmware.com>
Signed-off-by: Abhishek N R <abnr@vmware.com>
Changing
PIM_DO_DEBUG_IGMP_EVENTS to PIM_DO_DEBUG_GM_EVENTS
PIM_DO_DEBUG_IGMP_PACKETS to PIM_DO_DEBUG_GM_PACKETS
PIM_DO_DEBUG_IGMP_TRACE to PIM_DO_DEBUG_GM_TRACE
PIM_DO_DEBUG_IGMP_TRACE_DETAIL to PIM_DO_DEBUG_GM_TRACE_DETAIL
PIM_DONT_DEBUG_IGMP_EVENTS to PIM_DONT_DEBUG_GM_EVENTS
PIM_DONT_DEBUG_IGMP_PACKETS to PIM_DONT_DEBUG_GM_PACKETS
PIM_DONT_DEBUG_IGMP_TRACE to PIM_DONT_DEBUG_GM_TRACE
PIM_DONT_DEBUG_IGMP_TRACE_DETAIL to PIM_DONT_DEBUG_GM_TRACE_DETAIL
PIM_MASK_IGMP_EVENTS to PIM_MASK_GM_EVENTS
PIM_MASK_IGMP_PACKETS to PIM_MASK_GM_PACKETS
PIM_MASK_IGMP_TRACE to PIM_MASK_GM_TRACE
PIM_MASK_IGMP_TRACE_DETAIL to PIM_MASK_GM_TRACE_DETAIL
to be used for both IGMP and MLD debugs.
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
Added Robustness value, Query interval, Query response timer
and Last member query interval field in json output.
Issue: #11891
Signed-off-by: Abhishek N R <abnr@vmware.com>
Changing the macros to common so that it can be used for pimv6 debugs as well
to be used for both IGMP and MLD debugs.
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
Changing the macros to common so that it can be used for pimv6 debugs as well
to be used for both IGMP and MLD debugs.
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
When there is update in the configuration of last_member_query_interval
and last_member_query_count, call gm_ifp_update().
This will update cur_query_intv_trig and cur_lmqc of gm_ifp structure.
Issue: #11901
Signed-off-by: Sarita Patra <saritap@vmware.com>
show ip pim state should show IGMP Report while
show ipv6 pim state should show MLD Report.
Output After Fix:
frr# do sh ip pim state
Codes: J -> Pim Join, I -> IGMP Report, S -> Source, * -> Inherited from (*,G), V -> VxLAN, M -> Muted
Active Source Group RPT IIF OIL
frr# do sh ipv6 pim state
Codes: J -> Pim Join, I -> MLD Report, S -> Source, * -> Inherited from (*,G), V -> VxLAN, M -> Muted
Active Source Group RPT IIF OIL
frr#
Issue: #11249
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
Modifying igmp_group_count of struct pim_instance
to gm_group_count which is to be used for both IGMP and MLD.
Signed-off-by: Sai Gomathi N <nsaigomathi@vmware.com>
When calling time(NULL), FRR is intentionally throwing
away the upper 32 bits of value returned. Let's explicitly
call it out so that coverity understands this is intentional
and ok.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
IPv4 and IPv6 behaves a little bit differently with the socket
options.
IPPROTO_RAW socket option is only for IPv4.
Therefore the register packet was not properly getting encapculated
for PIMv6 and was working fine for PIMv4.
So have used IPPROTO_PIM for PIMv6.
Fixes: #11846
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
The socket created for pimv6 was created using AF_INET for PIMV6
too.
Since the api pim_reg_sock is common to both PIMv4 and PIMv6,
need to use PIM_AF instead of AF_INET.
Fixes: #11815
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
The call into pim_cmd_lookup_vrf may be NULL
and dereferencing it before ensuring that the
vrf pointer is non-NULL is a good way to crash.
A crash can be initiated in pim:
eva# show ip msdp vrf NOEXIST mesh-group
vtysh: error reading from pimd: Permission denied (13)Warning: closing connection to pimd because of an I/O error!
eva# 2022/08/15 11:47:38 [PHJDC-499N2][EC 100663314] STARVATION: task vtysh_rl_read (560b77f76de6) ran for 16777ms (cpu time 0ms)
eva#
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When calling pim_upstream_add, the lookup for upstream
or the creation of the upstream cannot fail. As such
up is never NULL.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
in pim_ifchannel.c there exists several spots where
the ch->upstream is assumed to be NULL. This is not
possible.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
