Currently the transition metric style is redundant because isis will
always read both reachability TLVs regardless of the configured
metric style. Correct this by only considering TLVs matching our
configuration.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
These two debug messages are so verbose to a point they impact
performance when testing RLFA/TI-LFA on large-scale networks. Remove
them since they aren't really useful.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Always call vid2string() whenever necessary instead of trying to be
too clever and call it only once. The original assumption was that
"buf" only needed to be initialized when LFA debugging was enabled,
but we also need that buffer when logging one error message.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Remote LFA (RFC 7490) is an extension to the base LFA mechanism
that uses dynamically determined tunnels to extend the IP-FRR
protection coverage.
RLFA is similar to TI-LFA in that it computes a post-convergence
SPT (with the protected interface pruned from the network topology)
and the P/Q spaces based on that SPT. There are a few differences
however:
* RLFAs can push at most one label, so the P/Q spaces need to
intersect otherwise the destination can't be protected (the
protection coverage is topology dependent).
* isisd needs to interface with ldpd to obtain the labels it needs to
create a tunnel to the PQ node. That interaction needs to be done
asynchronously to prevent blocking the daemon for too long. With
TI-LFA all required labels are already available in the LSPDB.
RLFA and TI-LFA have more similarities than differences though,
and thanks to that both features share a lot of code.
Limitations:
* Only RLFA link protection is implemented. The algorithm used
to find node-protecting RLFAs (RFC 8102) is too CPU intensive and
doesn't always work. Most vendors implement RLFA link protection
only.
* RFC 7490 says it should be a local matter whether the repair path
selection policy favors LFA repairs over RLFA repairs. It might be
desirable, for instance, to prefer RLFAs that satisfy the downstream
condition over LFAs that don't. In this implementation, however,
RLFAs are only computed for destinations that can't be protected
by local LFAs.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The "load-sharing" node is a boolean leaf that has a default
value. As such, it doesn't make sense to either create or delete
it. That node always exists in the configuration tree. Its value
should only be modified. Change the corresponding CLI wrapper
command to reflect that fact.
This commit doesn't introduce any change of behavior as the NB API
maps create/destroy edit operations to modify operations whenever
that makes sense. However it's better to not rely on that behavior
and always use the correct operations in the CLI commands.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When last area address is removed, resign if we were DR.
This fixes an issue where: when the ISIS area address is changed, ISIS fails
to elect a new DR.
Signed-off-by: Karen Schoener <karen@voltanet.io>
Removing the obsolete ldp-sync periodic 'hello' message.
When ldp-sync is configured, IGPs take action if the LDP process goes down.
The IGPs have been updated to use the zapi client close callback to detect
the LDP process going down.
Signed-off-by: Karen Schoener <karen@voltanet.io>
In some extraordinary circumstances an LSP might not have any
TLV. Add a null check to prevent a crash when that happens.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When ldp-sync is configured, IGPs take action if the LDP process goes down.
Currently, IGPs detect the LDP process is down if they do not receive a
periodic 'hello' message from LDP within 1 second.
Intermittently, this heartbeat mechanism causes false topotest failures.
When the failure occurs, LDP is busy receiving messages from zebra for a
few seconds. During this time, LDP does not send the expected periodic
message.
With this change, IGPs detect LDP down via zapi client close message.
Signed-off-by: Karen Schoener <karen@voltanet.io>
Instead of storing the LSP associated to pseudonodes only, store the
LSP associated to all SPF adjacencies instead.
The upcoming LFA work will need to have that piece of information
for all SPF adjacencies in order to know which ones have the overload
bit set or not. Other use cases might arise in the future.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Rename "debug isis ti-lfa" to "debug isis lfa". Having different
debug guards for different kinds of LFA (classic, remote and TI-LFA)
doesn't make sense since all LFA solutions share code to certain
extent.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Those constants are also useful in contexts other than LDP-IGP
Synchronization (e.g. the upcoming LFA work will need them). Move
them to a more general header to reflect that.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Do not attempt to install a TI-LFA backup nexthop if its number of
labels exceeds the locally configured MSD (Maximum Stack Depth). The
idea is to prevent forward-plane installation failures before they
happen. The MSD check should also allow the "show isis fast-reroute
summary" command (not implemented yet) to display the actual
protection coverage provided by TI-LFA, which might not be 100%
if the MSD isn't big enough.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Commit 4c75f7c773 fixed a bug in which the TI-LFA repair paths
weren't preserving the original Prefix-SID of the routes. That
commit, however, didn't update the zebra interface code to account
for backup nexthops that don't have a repair list but do have a
SR label. As a consequence, backup nexthops that didn't have any
repair label were not preserving the original Prefix-SID of the
corresponding routes. Fix this and update the TI-LFA topotest
accordingly.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
vertex->N is an union whose "id" and "ip" fields are only valid
depending on the vertex type (IS adjacency or IP reachability
information). As such, add a vertex type check before consulting
vertex->N.id in order to prevent unexpected behavior from happening.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The "ifp" variable returned by nb_running_get_entry() might be
NULL when using the transactional CLI mode. Make the required
modifications to avoid null pointer dereferences.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Once the remote end of a connected link is shut down (or lose
its address), isisd will remove the corresponding route from its
RIB after SPF runs. A new route for the same destination should
be computed based on the local LSP, and that route by definition
doesn't have any nexthop. The problem is that, when isisd tries
to replace the old route by the new one, it fails because routes
without nexthops can't be installed. That causes the old invalid
route to remain in the RIB when it shouldn't. To fix this problem,
change the zebra interface code to uninstall a route whenever it
can't be installed (because it lacks nexthops) instead of doing
nothing in that case.
This change should fix occasional failures of the test_isis_sr_topo1
topotest.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The `enum zclient_send_status` enum needs to be extended
throughout the code base to use the new states and
to fix up places where we tested against the return
value being non zero.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
On redistribution into isis we were creating a table for
handling the redistributed routes, but never cleaning them
up on shutdown properly. Do so.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When isis is being shutdown the area->spf_timer thread has
special data assigned to that was never being freed.
Free this data.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The route_map_object_t was being used to track what protocol we were
being called against. But each protocol was only ever calling itself.
So we had a variable that was only ever being passed in from route_map_apply
that had to be carried against and everyone was testing if that variable
was for their own stack.
Clean up this route_map_object_t from the entire system. We should
speed some stuff up. Yes I know not a bunch but this will add up.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
This is a second iteration of commit 10bdc68f0c. Some recent
commits introduced zlog calls in the northbound callbacks
inadvertently.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
isisd relies on its YANG module to prevent the same SID index
from being configured multiple times for different prefixes. It's
possible, however, to have different routers assigning the same SID
index for different prefixes. When that happens, we say we have a
Prefix-SID collision, which is ultimately a misconfiguration issue.
The problem with Prefix-SID collisions is that the Prefix-SID that
is processed later overwrites the previous ones. Then, once the
Prefix-SID collision is fixed in the configuration, the overwritten
Prefix-SID isn't reinstalled since it's already marked as installed
and it didn't change. To prevent such inconsistency from happening,
add a safeguard in the SPF code to detect Prefix-SID collisions and
handle them appropriately (i.e. log a warning + ignore the Prefix-SID
Sub-TLV since it's already in use by another prefix). That way,
once the configuration is fixed, no Prefix-SID label entry will be
missing in the LFIB.
Reported-by: Emanuele Di Pascale <emanuele@voltanet.io>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The fields in the broadcast/p2p union struct in an isis circuit are
initialized when the circuit goes up, but currently this step is
skipped if the interface is passive. This can create problems if the
circuit type (referred to as network type in the config) changes from
broadcast to point-to-point. We can end up with the p2p neighbor
pointer pointing at some garbage left by the broadcast struct in the
union, which would then cause a segfault the first time we would
dereference it - for example when building the lsp, or computing the
SPF tree.
compressed backtrace of a possible crash:
#0 0x0000555555579a9c in lsp_build at frr/isisd/isis_lsp.c:1114
#1 0x000055555557a516 in lsp_regenerate at frr/isisd/isis_lsp.c:1301
#2 0x000055555557aa25 in lsp_refresh at frr/isisd/isis_lsp.c:1381
#3 0x00007ffff7b2622c in thread_call at frr/lib/thread.c:1549
#4 0x00007ffff7ad6df4 in frr_run at frr/lib/libfrr.c:1098
#5 0x000055555556b67f in main at frr/isisd/isis_main.c:272
isis_lsp.c:
1112 case CIRCUIT_T_P2P: {
1113 struct isis_adjacency *nei = circuit->u.p2p.neighbor;
1114 if (nei && nei->adj_state == ISIS_ADJ_UP
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
There exists a code path where we would allocate memory
then test a variable and then immediately return NULL.
Prevent memory from leaking in this situation.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
valgrind is showing a usage of uninited memory:
==935465== Conditional jump or move depends on uninitialised value(s)
==935465== at 0x159E17: tlvs_area_addresses_to_adj (isis_tlvs.c:4430)
==935465== by 0x15A4BD: isis_tlvs_to_adj (isis_tlvs.c:4568)
==935465== by 0x1377F0: process_p2p_hello (isis_pdu.c:203)
==935465== by 0x1391FD: process_hello (isis_pdu.c:781)
==935465== by 0x13BDBE: isis_handle_pdu (isis_pdu.c:1700)
==935465== by 0x13BECD: isis_receive (isis_pdu.c:1744)
==935465== by 0x49210FF: thread_call (thread.c:1585)
==935465== by 0x48CFACB: frr_run (libfrr.c:1099)
==935465== by 0x1218C9: main (isis_main.c:272)
==935465==
==935465== Conditional jump or move depends on uninitialised value(s)
==935465== at 0x483EEC5: bcmp (vg_replace_strmem.c:1111)
==935465== by 0x15A290: tlvs_ipv4_addresses_to_adj (isis_tlvs.c:4512)
==935465== by 0x15A4EB: isis_tlvs_to_adj (isis_tlvs.c:4570)
==935465== by 0x1377F0: process_p2p_hello (isis_pdu.c:203)
==935465== by 0x1391FD: process_hello (isis_pdu.c:781)
==935465== by 0x13BDBE: isis_handle_pdu (isis_pdu.c:1700)
==935465== by 0x13BECD: isis_receive (isis_pdu.c:1744)
==935465== by 0x49210FF: thread_call (thread.c:1585)
==935465== by 0x48CFACB: frr_run (libfrr.c:1099)
==935465== by 0x1218C9: main (isis_main.c:272)
Effectively we are reallocing memory to hold data. realloc does not
set the new memory to anything. So whatever happens to be in the memory
is what is there. after the realloc happens we are iterating over the
memory just realloced and doing memcmp's to values in it causing these
use of uninitialized memory.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Replace all lib/thread cancel macros, use thread_cancel()
everywhere. Only the THREAD_OFF macro and thread_cancel() api are
supported. Also adjust thread_cancel_async() to NULL caller's pointer (if
present).
Signed-off-by: Mark Stapp <mjs@voltanet.io>
==935465== 40 bytes in 1 blocks are definitely lost in loss record 71 of 546
==935465== at 0x483AB65: calloc (vg_replace_malloc.c:760)
==935465== by 0x48D6611: qcalloc (memory.c:110)
==935465== by 0x48CFE02: list_new (linklist.c:32)
==935465== by 0x15DBF0: isis_new (isisd.c:213)
==935465== by 0x15DAC4: isis_global_instance_create (isisd.c:179)
==935465== by 0x121892: main (isis_main.c:264)
==935465== 64 (40 direct, 24 indirect) bytes in 1 blocks are definitely lost in loss record 101 of 546
==935465== at 0x483AB65: calloc (vg_replace_malloc.c:760)
==935465== by 0x48D6611: qcalloc (memory.c:110)
==935465== by 0x48CFE02: list_new (linklist.c:32)
==935465== by 0x15DBE3: isis_new (isisd.c:212)
==935465== by 0x15DAC4: isis_global_instance_create (isisd.c:179)
==935465== by 0x121892: main (isis_main.c:264)
On isis shutdown we are seeing the above memory leaks. Modify
the code to start cleaning this up.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Add the "n-flag-clear" option to the "segment-routing prefix"
command. The only thing that option does is to clear the node
flag of the Prefix-SID, even if it corresponds to a local loopback
address. No changes are necessary other than that in order to fully
support Anycast-SIDs. isisd already supports multiple routers
advertising the same route with the same Prefix-SID after the recent
refactoring. Clearing the node flag for such anycast routes isn't
strictly required, but failure to do so can lead to problems like
TI-LFA picking the wrong Prefix-SID when calculating repair paths.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When computing backup nexthops for routes that contain a Prefix-SID,
the original Prefix-SID label should be present at the end of
backup label stacks (after the repair labels). This commit fixes
that oversight in the original TI-LFA code. The SPF unit tests and
TI-LFA topotes were also updated accordingly.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Embed Prefix-SID information inside SPF data structures so that
Prefix-SIDs can be installed together with their associated routes
at the end of the SPF algorithm. This is different from the current
implementation where Prefix-SIDs are parsed and processed separately,
which is vastly suboptimal.
Advantages of the new code:
* No need to parse the LSPDB an additional time to detect and process
SR-related changes;
* Routes are installed with their Prefix-SID labels in the same ZAPI
message. This can prevent packet dropping for a few milliseconds
after each SPF run if there are BGP-labeled routes (e.g. L3VPN) that
recurse on IGP labeled routes;
* Much easier to support Anycast-SIDs, as the SPF code will naturally
figure out the best nexthops and use only them (that can't be done
in any reasonable way if the Prefix-SID Sub-TVLs are processed
separately);
* Less code to maintain and reduced memory footprint;
The "show isis segment-routing prefix-sids" command was removed as
it doesn't make sense anymore now that "show isis route" exists.
Prefix-SIDs are a property of routes, so what was done was to extend
the "show isis route" command with a new "prefix-sid" option that
changes the output table to show the Prefix-SID information associated
to each route.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is preparatory change for the upcoming SR Prefix-SID
refactoring.
Since Prefix-SID information will be stored inside IS-IS routes
(instead of being maintained separately), it will be necessary to
have local routes in order to store local Prefix-SID information.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When both old and new-style TLVs exist for a particular prefix, give
precedence to the new-style TLV (like JUNOS does) when generating
routes from the SPT. This changes the current behavior which is to
generate a route for both TLVs, whereas the first is overwritten by
the second in a non-deterministic order (i.e. either the old-style
or the new-style TLV can "win" depending on how the SPF TENTative
list is arranged).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Change thread_cancel to take a ** to an event, NULL-check
before dereferencing, and NULL the caller's pointer. Update
many callers to use the new signature.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
Interface area-tag is not supposed to be modified once defined, but the
necessary check is currently broken, because the circuit is never in
init_circ_list if the area-tag is already configured for the interface.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
TI-LFA is a modern fast-reroute (FRR) solution that leverages Segment
Routing to pre-compute backup nexthops for all destinations in the
network, helping to reduce traffic restoration times whenever a
failure occurs. The backup nexthops are expected to be installed
in the FIB so that they can be activated as soon as a failure
is detected, making sub-50ms recovery possible (assuming an
hierarchical FIB).
TI-LFA is a huge step forward compared to prior IP-FRR solutions,
like classic LFA and Remote LFA, as it guarantees 100% coverage
for all destinations. This is possible thanks to the source routing
capabilities of SR, which allows the backup nexthops to steer traffic
around the failures (using as many SIDs as necessary). In addition
to that, the repair paths always follow the post-convergence SPF
tree, which prevents transient congestions and suboptimal routing
from happening.
Deploying TI-LFA is very simple as it only requires a single
configuration command for each interface that needs to be protected
(both link protection and node protection are available). In addition
to IPv4 and IPv6 routes, SR Prefix-SIDs and Adj-SIDs are also
protected by the backup nexthops computed by the TI-LFA algorithms.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
We have this pattern in the code base:
if (thread)
THREAD_OFF(thread);
If we look at THREAD_OFF we check to see if thread
is non-null too. So we have a double check.
This is unnecessary. Convert to just using THREAD_OFF
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The code in isisd uses `circuit->area->isis` all the time
but we know that circuit now has a valid `circuit->isis` pointer
so let's use that and cleanup the long dereference.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
There are code paths where we were not always setting the
circuit->isis on creation. Fix that up so it will always
happen.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Lookup in C_STATE_NA must be made before the new circuit creation, or it
will be leaked if the isis instance is not found. All other lookups are
unnecessary - we just need to remember the previously used instance.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
* add files to vtysh_scan when building only fabricd
* don't add isisd/fabricd commands when daemon build is disabled
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
An adjacency should be removed when the holdtimer expires, but if the
system is overloaded we may end up doing it late. In the meanwhile vtysh
will display an incorrect value in the show isis neighbor output, due to
an overflow of the unsigned variable used to display the Holdtime, e.g.:
pe1# show isis neighbor
Area test:
System Id Interface L state Holdtime SNPA
Spirent-1 2.201 1 Down 26 2020.2020.2020
Spirent-1 2.203 1 Up 21 2020.2020.2020
Spirent-1 2.204 1 Up 18446744073709551615 2020.2020.2020
Spirent-1 2.207 1 Up 18446744073709551615 2020.2020.2020
Spirent-1 2.208 1 Up 18446744073709551615 2020.2020.2020
Spirent-1 2.209 1 Up 0 2020.2020.2020
Spirent-1 2.210 1 Up 18446744073709551615 2020.2020.2020
pe2 12.200 1 Up 30 2020.2020.2020
Guard against that by printing an "Expiring" message instead.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
There is no need to call isis_adj_state_change_hook once per level
in isis_adj_state_change, we can just do it once at the end.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
suppress route-event logs that are uninformative and add more info to
the ones that matter, i.e. hints on what changed in a route update. The
suppressed logs can be enabled by defining EXTREME_DEBUG to 1, similarly
to what is done elsewhere in isisd (e.g. in isis_spf.c)
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Currently, when the is-type of an area is changed and its circuits resign,
we are not resetting the DIS flag. Consequently, if the area type is reverted
we are not running the DR election and not regenerating the pseudonode LSP.
Also adding event debug logs for circuit commence/resign.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
1. Added isis with different vrf and it's dependecies.
2. Added new vrf leaf in yang.
3. A minor change for IF_DOWN_FROM_Z passing argrument is
replaced with ifp pointer in api "isis_if_delete_hook()".
4. Minor fix in the isisd spf unit test.
Co-authored-by: Kaushik <kaushik@niralnetworks.com>"
Signed-off-by: harios_niral <hari@niralnetworks.com>
RFC 7490 says:
"The reverse SPF computes the cost from each remote node to root. This
is achieved by running the normal SPF algorithm but using the link
cost in the direction from the next hop back towards root in place of
the link cost in the direction away from root towards the next hop".
Support for reverse SPF will be necessary later as it's one of the
algorithms used to compute R-LFA/TI-LFA repair paths.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Now that the IS-IS SPF code is more modular, write some unit tests
for it.
This commit includes a new test program called "test_isis_spf" which
can load any test topology (there are 13 different ones available)
and run SPF on any desired node. In the future this same test program
and topologies will also be used to test reverse SPF and TI-LFA.
The "test_common.c" file contains helper functions used to parse the
topology descriptions from "test_topologies.c" into LSP databases
that can be used as an input to the SPF code.
This commit also introduces the F_ISIS_UNIT_TEST flag which is used
to prevent the IS-IS code from scheduling any event when running
under the context of an unit test.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The goal of modularizing the SPF code is to make it possible for
isisd to run SPF in the behalf of other nodes in the network, which
is going to be necessary later when implementing the R-LFA/TI-LFA
solutions. On top of that, a modularized SPF opens the door for
much needed unit testing.
Summary of the changes:
* Change the isis_spf_preload_tent() function to use the local LSP
as an input (as per the ISO specification) instead of populating
the TENT based on the list of local interfaces;
* Introduce the "isis_spf_adj" structure to represent an SPF
adjacency. SPF adjacencies are inferred from the LSPDB, different
from normal adjacencies formed using IIH messages;
* Introduce the F_SPFTREE_NO_ROUTES flag to control whether the
SPT should create routes or not;
* Introduce the F_SPFTREE_NO_ADJACENCIES flag to specify whether
IS-IS adjacency information is available or not. When running SPF
in the behalf of other nodes, or under the context of an unit test,
no adjacency information will be present.
* On isis_area_create(), move some code around so that the area's isis
backpointer is set as early as possible.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Introduce the "show isis route" command to display the routes
associated to an SPF tree. Different from the "show ip route" command,
"show isis route" displays the L1 and L2 routes separately (and not
the best routes only).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Bring back some consts that were removed;
* Replace ALL_LIST_ELEMENTS by ALL_LIST_ELEMENTS_RO whenever
possible;
* Fix some CLI return values;
* Remove some unnecessary initializations.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is mostly a cosmetic change to make the code more modular,
more elegant and easier to understand.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Iterating over all IP or IS reachability information from a given
LSP isn't a trivial task. That information is scattered throughout
different TLV types, and which ones need to be used depend on
multiple variables (e.g. the SPF tree address family, MT-ID,
etc). This not to mention that an LSP might consist of multiple
fragments.
Introduce the following two LSP iteration function to facilitate
obtaining IP/IS reachability information from a given LSP:
* isis_lsp_iterate_ip_reach()
* isis_lsp_iterate_is_reach()
These functions will be used extensively by the upcoming TI-LFA
code.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Always fill the buffer provided by the user to prevent unexpected
results and make the function fully reentrant.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
1. Created a structure "isis master".
2. All the changes are related to handle ISIS with different vrf.
3. A new variable added in structure "isis" to store the vrf name.
4. The display commands for isis is changed to support different VRFs.
Signed-off-by: Kaushik <kaushik@niralnetworks.com>
Don't use the same starting time for all SPF trees otherwise the
results won't be accurate (they will accumulate instead of being
computed separately).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This should simplify all code that needs to iterate over all
adjacencies of a given area (iterating over all adjacencies of all
circuits is cumbersome).
While here, repurpose isis_adj_exists() into a lookup function,
making it more generally useful.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The global isis structure can't be created/destroyed using the CLI,
so there's no need to define a QOBJ for it.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Make that function accept an IS-IS area pointer instead of an
area name, making it more in line with the rest of the code base
(*delete() functions shouldn't perform lookups internally).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Some commands were using IS-IS while others were using ISIS. Fix
this inconsistency (prefer the former option for obvious reasons).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This fixes a problem where "show isis summary" could display
inconsistent information about the IPv6 dst-src SPT when
"ipv6-dstsrc" wasn't explicitly configured.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
A recent refactoring changed how isisd parses SR information from
the LSPDB and introduced a regression that prevents Prefix-SIDs to
work over unnumbered interfaces. Fix this.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
DEFPY_YANG will allow the CLI to identify which commands are
YANG-modeled or not before executing them. This is going to be
useful for the upcoming configuration back-off timer work that
needs to commit pending configuration changes before executing a
command that isn't YANG-modeled.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
constants are int-typed, so adding something to an uint8_t yields an
int. Nevermind the fact that varargs calling conventions require
upcasting everything smaller than an int to an int anyways...
Signed-off-by: David Lamparter <equinox@diac24.net>
Remove mid-string line breaks, cf. workflow doc:
.. [#tool_style_conflicts] For example, lines over 80 characters are allowed
for text strings to make it possible to search the code for them: please
see `Linux kernel style (breaking long lines and strings)
<https://www.kernel.org/doc/html/v4.10/process/coding-style.html#breaking-long-lines-and-strings>`_
and `Issue #1794 <https://github.com/FRRouting/frr/issues/1794>`_.
Scripted commit, idempotent to running:
```
python3 tools/stringmangle.py --unwrap `git ls-files | egrep '\.[ch]$'`
```
Signed-off-by: David Lamparter <equinox@diac24.net>
no need to check cicuit->area, as all code paths leading there
had already dereferenced it.
Fixes CID 1496314
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
BFD profiles can now be used on the interface level like this:
interface eth1
ip router isis 1
isis bfd
isis bfd profile default
Here the 'default' profile needs to be specified as usual in the
bfdd configuration.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
the code in isis_spf_add2tent was asserting in case the vertex
we were trying to add was already present in the path or tent
trees. This however CAN happen if the user accidentally configures
the system Id of the area to the same value of an estabished
neighbor. Handle this more gracefully by logging and returning,
to prevent crashes.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Unfortunately as the topotests show a fast recovery after failure
detection due to BFD is currently not possible because of the following
issue:
There are multiple scheduling mechanisms within isisd to prevent
overload situations. Regarding our problem these two are important:
* scheduler for regenerating ISIS Link State PDUs scheduler for managing
* consecutive SPF calculations
In fact both schedulers are coupled, the first one triggers the second
one, which again is triggered by isis_adj_state_change (which again is
triggered by a BFD 'down' message). The re-calculation of SPF paths
finally triggers updates in zebra for the RIB.
Both schedulers work as a throttle, e.g. they allow the regeneration of
Link State PDUs or a re-calculation for SPF paths only once within a
certain time interval which is configurable (and by default different!).
This means that a request can go through the first scheduler but might
still be 'stuck' at the second one for a while. Or a request can be
'stuck' at the first scheduler even though the second one is ready. This
also explains the 'random' behaviour one can observe testing since a
'fast' recovery is only possible if both schedulers are ready to process
this request.
Note that the solution in this commit is 'thread safe' in the sense that
both schedulers use the same thread master such that the introduced
flags are only used exactly one time (and one after another) for a
'fast' execution.
Further there are some irritating comments and logs which I partially
removed. They seems to be not valid anymore due to changes in thread
management (or they were never valid in the first place).
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
if we shutdown an interface isisd will delete the adjacencies
on the corresponding circuit, but it will not log the change.
Fix it to make sure that each change is logged. Also specify
the level of the adjacency in the log message, while we are at it.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
1. The socket() call replaced with vrf_socket() in open_packet_socket().
2. One new isisd privileges is added in zebra_capabilities_t [].
Signed-off-by: Kaushik <kaushik@niralnetworks.com>
For Segment Routing, isis_tlvs.c may failed if incorrect or maformed TLVs
are sent to the FRR router. This patch improve detection of such subTLVs error
and skip them, in particular for SRGB, SRLB and MSD subTLVs.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Initial attempt to connect to the Label Manager used an infinite loop with
a sleep statement which block isisd until Label Manager connection fire up.
This commit changes the way Label Manager connection is established and uses
a `thread_add_timer()` call to re-attempt to establish the connection in case
of failure (zebra or label manager not ready).
New variables are added to the SRDB in order to control the request of SRGB
and SRLB to the Label Manager to start Segment Routing in a safe way.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Segment Routing Local Block (SRLB) is part of RFC8667. This change introduces
the possibility for isisd to advertize SRLB in LSP. Base and Range of SRLB
could be configured through CLI or Yang.
Adjacency-SID are now using this SRLB for label allocation. SRLB could also
be used for SID-Binding (e.g. LDP to SR).
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
before the last commit, it was possible under some
circumstances to call isis_circuit_af_set on a circuit
with a NULL area, e.g. if the circuit was deconfigured
due to a validation error. While this should not happen
now, let's add an explicit check to avoid crashing if
a regression is introduced.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
if we are not able to bring a circuit up due to some config
issue, e.g. a low MTU compared to the area lsp-mtu, we should
not remove the configuration, as this will push out of sync
with the YANG state and create more issues down the line.
Instead, keeping the circuit state at C_STATE_CONF should be
sufficient.
For the specific case of the MTU mismatch above, this also means
that when we receive a new IF_UP_FROM_Z when the MTU is changed
we will be able to bring the circuit up as we should.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
there are some paths, e.g. when an established neighbor
sends us hellos with a different IS level, where we go
from adj_state UP to INIT. In such cases we might not
update our SPFs or the circuit state, as the state change
function was only testing for the UP and DOWN cases.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
On some cases (protocol convergence down or daemon exit) we'll have the
interface pointer in the circuit as `NULL`, so don't attempt to access
it.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
we were not correctly checking the MPLS-TE status of the area when
adding an IP address to a circuit, and this was preventing the local
address TLV to be populated after an interfaced flap.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
The northbound configuration callbacks should now print error
messages to the provided buffer (args->errmsg) instead of logging
them directly. This will allow the northbound layer to forward the
error messages to the northbound clients in addition to logging them.
NOTE: many callbacks are returning errors without providing any
error message. This needs to be fixed long term.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
if mpls-te is enabled in the area, on creating a circuit we
must refresh the link params - else interfaces that are enabled
for IS-IS after configuring 'mpls-te on' will not correctly
advertise link parameters.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Now that the "frr-interface" list has a "state" container, move the
IS-IS interface state nodes underneath it using a new augmentation.
Also, update the IS-IS SR topotest to account for this change. Make
use of symlinks where possible to avoid having multiple files with
the same content.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Add a null check to solve the problem (circuit->u.bc.adjdb[level - 1]
is guaranteed to be non-null only on L1/L2 areas).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Regroup fonctions to install label for Prefix and Adjacency SID
* Change 'replace_semantics' variable name by 'make_before_break' in
sr_prefix_reinstall() function and adjust comments
* Call directly lsp_regenerate_schedule() from isis_nb_config.c when MSD
is updated
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
* Rename functions following rules: isis_sr_XXX is kept for external functions
and isis_sr prefix remove for static ones
* Rename local_label & remote_label variables by input_label & output_label
* Change parameter order (to follow other functions) in sr_node_srgb_update()
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
* Rename RB-TREE variable from tree_sr_XXX to srdb_XXX
* Replace parse_flags by an enum and rename it srdb_state which reflects
more the role of this flag: determined the state of SR-Node and SR-Prefix
stored in the SRDB: VALIDATED, NEW, MODIFIED, UNCHANGED
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This change modify the way IS-IS is connected to the Label Manager:
- Add emission of Hello Message prior to the connection as per
modification introduced by PR #5925
- Add 'session_id' as per modification introduced by PR #6224
- Add Doxygen documentation to Label Manager functions
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Update label enforcement due to modification in zapi message:
zapi_nexthop_label becomes zapi_nexthop as per PR #5813
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This is an implementation of the IS-IS SR draft [1] for FRR.
The following features are supported:
* IPv4 and IPv6 Prefix-SIDs;
* IPv4 and IPv6 Adj-SIDs and LAN-Adj-SIDs;
* Index and absolute labels;
* The no-php and explicit-null Prefix-SID flags;
* Full integration with the Label Manager.
Known limitations:
* No support for Anycast-SIDs;
* No support for the SID/Label Binding TLV (required for LDP interop).
* No support for persistent Adj-SIDs;
* No support for multiple SRGBs.
[1] draft-ietf-isis-segment-routing-extensions-25
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
In the name of consistency, these commands are very similar to the
ospfd SR configuration commands.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Most definitions were borrowed from the IETF IS-IS SR YANG module,
with a few adaptations. Of particular notice are the following:
* No support for the configuration of multiple SRGBs.
* No distinction between local and connected Prefix-SIDs, both are
configured the same way.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
isisd implements an optimization that allows multiple routes to
share the same nexthop (using a refcount) in order to save memory.
Now that SR support is coming, however, it will be necessary to
embed additional SR-related information inside the isis_nexthop
structure. But this can only be done if the nexthops aren't shared
among routes anymore.
Removing this memory optimization should have minimal impact since
the isis_nexthop structure is really small. On large networks with
thousands of routes, the memory saving would be in the order of a
few kilobytes. Not something we should be concerned about nowadays.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The new log_uptime() function logs an UNIX timestamp to a buffer
provided by the user. It's very flexibile and can be used in a
variety of contexts, different from vty_out_timestr() which is too
tied to the VTY code.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The 'isis_adj_ip_enabled_hook' hook will be called whenever
an adjacency goes from zero to one or more IPv4 or IPv6
addresses. Conversely, the 'isis_adj_ip_disabled_hook' hook will
be called whenever an adjacency goes from one or more IPv4/IPv6
addresses to no addresses at all.
These hooks will be used by the upcoming SR code to add/delete
Adj-SIDs depending on the IP addresses present in the remote
adjacencies.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
These are easy to get subtly wrong, and doing so can cause
nondeterministic failures when racing in parallel builds.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Since this command is modeled using YANG, it's already displayed
as part of the call to nb_cli_show_dnode_cmds(). Calling the
'isis_circuit_config_write' hook was only making that command
to be displayed twice.
The aforementioned hook is still necessary for fabricd, which wasn't
converted to the new northbound model yet.
Fixes#6281.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Having a fixed set of parameters for each northbound callback isn't a
good idea since it makes it difficult to add new parameters whenever
that becomes necessary, as several hundreds or thousands of existing
callbacks need to be updated accordingly.
To remediate this issue, this commit changes the signature of all
northbound callbacks to have a single parameter: a pointer to a
'nb_cb_x_args' structure (where x is different for each type
of callback). These structures encapsulate all real parameters
(both input and output) the callbacks need to have access to. And
adding a new parameter to a given callback is as simple as adding
a new field to the corresponding 'nb_cb_x_args' structure, without
needing to update any instance of that callback in any daemon.
This commit includes a .cocci semantic patch that can be used to
update old code to the new format automatically.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Replace sprintf with snprintf where straightforward to do so.
- sprintf's into local scope buffers of known size are replaced with the
equivalent snprintf call
- snprintf's into local scope buffers of known size that use the buffer
size expression now use sizeof(buffer)
- sprintf(buf + strlen(buf), ...) replaced with snprintf() into temp
buffer followed by strlcat
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
When we call isis_adj_state_change with ISIS_ADJ_DOWN
we free the pointer, but we were still using the pointer
after it was freed. Cleanup the api to prevent this.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Replace all `random()` calls with a function called `frr_weak_random()`
and make it clear that it is only supposed to be used for weak random
applications.
Use the annotation described by the Coverity Scan documentation to
ignore `random()` call warnings.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
And again for the name. Why on earth would we centralize this, just so
people can forget to update it?
Signed-off-by: David Lamparter <equinox@diac24.net>
Same as before, instead of shoving this into a big central list we can
just put the parent node in cmd_node.
Signed-off-by: David Lamparter <equinox@diac24.net>
There is really no reason to not put this in the cmd_node.
And while we're add it, rename from pointless ".func" to ".config_write".
[v2: fix forgotten ldpd config_write]
Signed-off-by: David Lamparter <equinox@diac24.net>
The only nodes that have this as 0 don't have a "->func" anyway, so the
entire thing is really just pointless.
Signed-off-by: David Lamparter <equinox@diac24.net>
for some reason, when issuing a 'no metric-style' command we were
setting the metric-style to narrow, even though the default is
actually wide. Use NULL to avoid similar problems in the future.
Likewise, the 'no is-type' command was still trying to implement
the old logic of applying a different default for the first area.
In practice this had no effect because the value would now be the
same in both cases, but it's better to remove useless code anyway.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Yang constraints enforced by the northbound callbacks require that
the maximum lifetime be >= than (refresh interval + 300). When we are
moving from one config to another through frr-reload.py, we issue
a number of vtysh -c commands ('no lsp-refresh-interval level-1 500',
'no max-lsp-lifetime level-1 1000'), which reset these parameters to their
default values, respectively 900 and 1200. Depending on the actual
values in the current config, the order in which these commands are sent
might be the wrong one, in that we hit an invalid intermediate state and
make vtysh (and by extension frr-reload.py) return an error.
As a workaround, let's add a one-liner command that sets all these
inter-related parameters in one go, and make isisd display them as a
single line too, so that the diff will be computed as a single command.
The old individual commands are kept to ensure backwards compatibility.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
once again, for both hello-multiplier and hello-interval
the order in which the number and level were shown in the
cli_show methods was inverted compared to the vtysh command,
which created issues with frr-reload.py.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Line break at the end of the message is implicit for zlog_* and flog_*,
don't put it in the string. Mid-message line breaks are currently
unsupported. (LF is "end of message" in syslog.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Some logging systems are, er, "allergic" to tabs in log messages.
(RFC5424: "The syslog application SHOULD avoid octet values below 32")
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
User is reporting:
2020/03/21 03:12:36 ISIS: isis_send_pdu_bcast: sock_buff size 8192 is less than output pdu size 9014 on circuit em0
2020/03/21 03:12:36 ISIS: [EC 67108865] ISIS-Adj (1): Send L2 IIH on em0 failed
MTU's can frequently hit 9k in size, we have buffer limits
that prevent this from being fully used and creating errors.
Modify the code to allow for up to 16k mtu
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
the vtysh command to set the isis metric on an interface
is 'isis metric level-1 X', but when showing the running
config we were displaying it as 'isis metric X level-1'.
This would confuse frr-reload.py when attempting to apply
a config file populated with the correct command; on the
other hand, using the show command format would return an
error when running vtysh -C on the file.
Fix this by making the show command return the same format
as the vtysh setting command.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Add a common api that formats a time interval into a string
with different output for short and longer intervals. We do
this in several places, for cli/ui output.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
when zebra detects that an interface is gone, notify the circuit but do
not disable it - the interface is still configured until it isn't.
Without this fix, removing the interface in the kernel and then removing
the circuit from the configuration would cause an assertion in isis_csm.c:78
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
The vrrpd one conflicts with the standalone vrrpd package; also we're
installing daemons to /usr/lib/frr on some systems so they're not on
PATH.
Signed-off-by: David Lamparter <equinox@diac24.net>
Currently isisd has this strange (legacy) behavior where the
first area is created by default with level-1-2, while every
other subsequent area uses the default defined in the yang model,
which is level-1. This is a source of confusion when trying to
configure the daemon programatically, either with frr-reload
or using the transactional cli. Given how rare having multiple
IS-IS instances is anyway, the easiest solution is to remove
this behavior and default to level-1-2 for every area.
Note that this does not affect fabricd, which continues using
exclusively level-2-only areas.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
When you call into lsp_update with confusion, the lsp is purged
and we do not do anything with the created tlv's from parsing
the incoming data. To prevent the tlv's from being leaked
note confusion and delete the unneeded data.
Fixes: #5496
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
when deleting an isis interface config with 'no [ip|ipv6] router isis'
we are destroying the isis yang container for that interface, but the
actual circuit struct is kept, and so are the flgs determining whether
that circuit is configured for ipv4 and/or ipv6. This caused issues
when removing and re-adding configuration, as the area counters for
ip circuits were not correctly updated and the topology was never
populated.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Use a per-nexthop flag to indicate the presence of labels; add
some utility zapi encode/decode apis for nexthops; use the zapi
apis more consistently.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
Rearrange the isisd northbound callbacks as following:
* isis_nb.h: prototypes of all northbound callbacks.
* isis_nb.c: definition of all northbound callbacks and their
associated YANG data paths.
* isis_nb_config.c: implementation of YANG configuration nodes.
* isis_nb_state.c: implementation of YANG state nodes.
* isis_nb_notifications.c: implementation of YANG notifications.
This should help to keep to code more organized and easier to
maintain.
No behavior changes intended.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Scenarios where this code change is required:
1. BFD is un-configured from BGP at remote end.
Neighbour BFD sends ADMIN_DOWN state, but BFD on local side will send
DOWN to BGP, resulting in BGP session DOWN.
Removing BFD session administratively shouldn't bring DOWN BGP session
at local or remote.
2. BFD is un-configured from BGP or shutdown locally.
BFD will send state DOWN to BGP resulting in BGP session DOWN.
(This is akin to saying do not use BFD for BGP)
Removing BFD session administratively shouldn't bring DOWN BGP session at
local or remote.
Signed-off-by: Sayed Mohd Saquib sayed.saquib@broadcom.com
Traffic Engineering parameters are correctly advertised in LSP when
'mpls-te on' CLI command is present in the startup config file.
However, if IS-IS is started without TE enable at startup and
'mpls-te on' command is issued after, TE link parameters are never
announced. The patch correct this issue.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
RFC 5303 states:
If the system ID and Extended Local Circuit ID of the neighboring
system are known (in adjacency three-way state Initializing or
Up), the neighbor's system ID SHALL be reported in the Neighbor
System ID field, and the neighbor's Extended Local Circuit ID
SHALL be reported in the Neighbor Extended Local Circuit ID field.
There is nothing written about only setting the Extended circuit ID of the
adjacency only when we bring the three-way adjacency up.
In fact, we should always update it, to avoid the problem described in #4783.
Fixes: #4783
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
No need to check for circuit being null, we have
already de-refed it in every code path and
would have crashed before this point if it was.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The "abort_if_not_found" parameter of nb_running_get_entry()
should be set to true only when this function is called during the
NB_EV_APPLY phase of a northbound callback. Failure to respect this
can lead to crashes when multiple configuration changes are being
committed at the same time.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The new "event-counters" grouping is almost a 1:1 copy of the same
grouping from the IETF IS-IS module, except for the "lan-dis-changes"
leaf which was skipped (more work needs to be done to support it).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The new "adjacency-state" grouping is almost a 1:1 copy of the
same grouping from the IETF IS-IS module, except for the "usage"
and "lastuptime" leafs that were skipped (more work needs to be
done to support those).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
For all the places we have a zclient->interface_up convert
them to use the interface ifp_up callback instead.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Switch the zclient->interface_add functionality to have everyone
use the interface create callback in lib/if.c
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Start the conversion to allow zapi interface callbacks to be
controlled like vrf creation/destruction/change callbacks.
This will allow us to consolidate control into the interface.c
instead of having each daemon read the stream and react accordingly.
This will hopefully reduce a bunch of cut-n-paste stuff
Create 4 new callback functions that will be controlled by
lib/if.c
create -> A upper level protocol receives an interface creation event
The ifp is brand spanking newly created in the system.
up -> A upper level protocol receives a interface up event
This means the interface is up and ready to go.
down -> A upper level protocol receives a interface down
destroy -> A upper level protocol receives a destroy event
This means to delete the pointers associated with it.
At this point this is just boilerplate setup for future commits.
There is no new functionality.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Adding a lock to protect the global running configuration doesn't
help much since the FRR daemons are not prepared to process
configuration changes in a pthread that is not the main one (a
whole lot of new protections would be necessary to prevent race
conditions).
This means the lock added by commit 83981138 only adds more
complexity for no benefit. Remove it now to simplify the code.
All northbound clients, including the gRPC one, should either run
in the main pthread or use synchronization primitives to process
configuration transactions in the main pthread.
This reverts commit 83981138fe.
In preparation to Segment Routing:
- Update the management of Traffic Engineering subTLVs to the new tlvs parser
- Add Router Capability TLV 242 as per RFC 4971 & 7981
- Add Segment Routing subTLVs as per draft-isis-segment-routing-extension-25
Modified files:
- isis_tlvs.h: add new structure to manage TE subTLVs, TLV 242 & SR subTLVs
- isis_tlvs.c: add new functions (pack, copy, free, unpack & print) to process
TE subTLVs, Router Capability TLV and SR subTLVs
- isis_circuit.[c,h] & isis_lsp.[c,h]: update to new subTLVs & TLV processing
- isis_te.[c,h]: remove all old TE structures and managment functions,
and add hook call to set local and remote IP addresses as wellas update TE
parameters
- isis_zebra.[c,h]: add hook call when new interface is up
- isis_mt.[c,h], isis_pdu.c & isis_northbound.c: adjust to new TE subTLVs
- tests/isisd/test_fuzz_isis_tlv_tests.h.gz: adapte fuuz tests to new parser
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
The original check would always evaluate to false since
ISIS_PREFIX_SID_VALUE and ISIS_PREFIX_SID_LOCAL have different
values. Use !! to normalize the return value of the individual
checks to either 0 or 1, making the code do what was intended
(ensure the V/L flags are both 0 or 1).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This hook will be called whenever a route is added, updated or
deleted. It will be used, for instance, by the SR code to keep
Prefix-SIDs in sync with their associated routes.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
For better modularity, isis_zebra.c should only contain code used
to communicate with zebra. The management of route flags belongs
to isis_route.c.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
circuit deletion was being enforced by sending a fake IF_DOWN_FROM_Z
event for the circuit interface. This created a problem when the
circuit was enabled again, since isisd internal state machine was
expecting to see an IF_UP_FROM_Z that never came, as the interface
had not actually gone down.
As a consequence, disabling + re-enabling isis on an interface or
area would leave interfaces in a CONFIG state, and adjacencies were
not restored. Fix this by following the state machine and simply
disabling circuits rather than attempting to delete them forcefully.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
as part of the 'ip router isis TAG' command we were not validating
the MTU of the interface against the minimum LSP MTU of the area.
This could cause an assertion when the circuit is created in the
APPLY phase.
Fixes issue #4825
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Make isisd create BFD sessions over IPv6 when IS-IS is configured
for IPv6 operation only.
When IS-IS is enabled for both IPv4 and IPv6 on a given interface,
prefer creating a BFD session over IPv6 to avoid having two BFD
sessions protecting the same IS-IS adjacency.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This unification allows us to write code that works for both IPv4 and
IPv6, reducing duplication.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
These null checks don't make sense because a) these two functions
are never called with a NULL IP address and b) the same pointers are
dereferenced later without any protection. Remove these NULL checks
to make the code less confusing.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
These fields were introduced by commit e38e0df01a, but they were
never put to any use. Remove them.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
We need to indent this command using one leading whitespace otherwise
vtysh will have problems to display it appropriately.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The correct cast for these is (unsigned char), because "char" could be
signed and thus have some negative value. isalpha & co. expect an int
arg that is positive, i.e. 0-255. So we need to cast to (unsigned char)
when calling any of these.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Introducing a 3rd state for route_map_apply library function: RMAP_NOOP
Traditionally route map MATCH rule apis were designed to return
a binary response, consisting of either RMAP_MATCH or RMAP_NOMATCH.
(Route-map SET rule apis return RMAP_OKAY or RMAP_ERROR).
Depending on this response, the following statemachine decided the
course of action:
State1:
If match cmd returns RMAP_MATCH then, keep existing behaviour.
If routemap type is PERMIT, execute set cmds or call cmds if applicable,
otherwise PERMIT!
Else If routemap type is DENY, we DENYMATCH right away
State2:
If match cmd returns RMAP_NOMATCH, continue on to next route-map. If there
are no other rules or if all the rules return RMAP_NOMATCH, return DENYMATCH
We require a 3rd state because of the following situation:
The issue - what if, the rule api needs to abort or ignore a rule?:
"match evpn vni xx" route-map filter can be applied to incoming routes
regardless of whether the tunnel type is vxlan or mpls.
This rule should be N/A for mpls based evpn route, but applicable to only
vxlan based evpn route.
Also, this rule should be applicable for routes with VNI label only, and
not for routes without labels. For example, type 3 and type 4 EVPN routes
do not have labels, so, this match cmd should let them through.
Today, the filter produces either a match or nomatch response regardless of
whether it is mpls/vxlan, resulting in either permitting or denying the
route.. So an mpls evpn route may get filtered out incorrectly.
Eg: "route-map RM1 permit 10 ; match evpn vni 20" or
"route-map RM2 deny 20 ; match vni 20"
With the introduction of the 3rd state, we can abort this rule check safely.
How? The rules api can now return RMAP_NOOP to indicate
that it encountered an invalid check, and needs to abort just that rule,
but continue with other rules.
As a result we have a 3rd state:
State3:
If match cmd returned RMAP_NOOP
Then, proceed to other route-map, otherwise if there are no more
rules or if all the rules return RMAP_NOOP, then, return RMAP_PERMITMATCH.
Signed-off-by: Lakshman Krishnamoorthy <lkrishnamoor@vmware.com>
* Remove sanity checks that are already done by northbound;
* Show error message on circuit absence;
* Use a better idiom for the configuration display code;
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Specify the ISIS BFD command in the YANG model and implement the
northbound callbacks.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
