isisd relies on its YANG module to prevent the same SID index
from being configured multiple times for different prefixes. It's
possible, however, to have different routers assigning the same SID
index for different prefixes. When that happens, we say we have a
Prefix-SID collision, which is ultimately a misconfiguration issue.
The problem with Prefix-SID collisions is that the Prefix-SID that
is processed later overwrites the previous ones. Then, once the
Prefix-SID collision is fixed in the configuration, the overwritten
Prefix-SID isn't reinstalled since it's already marked as installed
and it didn't change. To prevent such inconsistency from happening,
add a safeguard in the SPF code to detect Prefix-SID collisions and
handle them appropriately (i.e. log a warning + ignore the Prefix-SID
Sub-TLV since it's already in use by another prefix). That way,
once the configuration is fixed, no Prefix-SID label entry will be
missing in the LFIB.
Reported-by: Emanuele Di Pascale <emanuele@voltanet.io>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Embed Prefix-SID information inside SPF data structures so that
Prefix-SIDs can be installed together with their associated routes
at the end of the SPF algorithm. This is different from the current
implementation where Prefix-SIDs are parsed and processed separately,
which is vastly suboptimal.
Advantages of the new code:
* No need to parse the LSPDB an additional time to detect and process
SR-related changes;
* Routes are installed with their Prefix-SID labels in the same ZAPI
message. This can prevent packet dropping for a few milliseconds
after each SPF run if there are BGP-labeled routes (e.g. L3VPN) that
recurse on IGP labeled routes;
* Much easier to support Anycast-SIDs, as the SPF code will naturally
figure out the best nexthops and use only them (that can't be done
in any reasonable way if the Prefix-SID Sub-TVLs are processed
separately);
* Less code to maintain and reduced memory footprint;
The "show isis segment-routing prefix-sids" command was removed as
it doesn't make sense anymore now that "show isis route" exists.
Prefix-SIDs are a property of routes, so what was done was to extend
the "show isis route" command with a new "prefix-sid" option that
changes the output table to show the Prefix-SID information associated
to each route.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is preparatory change for the upcoming SR Prefix-SID
refactoring.
Since Prefix-SID information will be stored inside IS-IS routes
(instead of being maintained separately), it will be necessary to
have local routes in order to store local Prefix-SID information.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When both old and new-style TLVs exist for a particular prefix, give
precedence to the new-style TLV (like JUNOS does) when generating
routes from the SPT. This changes the current behavior which is to
generate a route for both TLVs, whereas the first is overwritten by
the second in a non-deterministic order (i.e. either the old-style
or the new-style TLV can "win" depending on how the SPF TENTative
list is arranged).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
TI-LFA is a modern fast-reroute (FRR) solution that leverages Segment
Routing to pre-compute backup nexthops for all destinations in the
network, helping to reduce traffic restoration times whenever a
failure occurs. The backup nexthops are expected to be installed
in the FIB so that they can be activated as soon as a failure
is detected, making sub-50ms recovery possible (assuming an
hierarchical FIB).
TI-LFA is a huge step forward compared to prior IP-FRR solutions,
like classic LFA and Remote LFA, as it guarantees 100% coverage
for all destinations. This is possible thanks to the source routing
capabilities of SR, which allows the backup nexthops to steer traffic
around the failures (using as many SIDs as necessary). In addition
to that, the repair paths always follow the post-convergence SPF
tree, which prevents transient congestions and suboptimal routing
from happening.
Deploying TI-LFA is very simple as it only requires a single
configuration command for each interface that needs to be protected
(both link protection and node protection are available). In addition
to IPv4 and IPv6 routes, SR Prefix-SIDs and Adj-SIDs are also
protected by the backup nexthops computed by the TI-LFA algorithms.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
RFC 7490 says:
"The reverse SPF computes the cost from each remote node to root. This
is achieved by running the normal SPF algorithm but using the link
cost in the direction from the next hop back towards root in place of
the link cost in the direction away from root towards the next hop".
Support for reverse SPF will be necessary later as it's one of the
algorithms used to compute R-LFA/TI-LFA repair paths.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Now that the IS-IS SPF code is more modular, write some unit tests
for it.
This commit includes a new test program called "test_isis_spf" which
can load any test topology (there are 13 different ones available)
and run SPF on any desired node. In the future this same test program
and topologies will also be used to test reverse SPF and TI-LFA.
The "test_common.c" file contains helper functions used to parse the
topology descriptions from "test_topologies.c" into LSP databases
that can be used as an input to the SPF code.
This commit also introduces the F_ISIS_UNIT_TEST flag which is used
to prevent the IS-IS code from scheduling any event when running
under the context of an unit test.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The goal of modularizing the SPF code is to make it possible for
isisd to run SPF in the behalf of other nodes in the network, which
is going to be necessary later when implementing the R-LFA/TI-LFA
solutions. On top of that, a modularized SPF opens the door for
much needed unit testing.
Summary of the changes:
* Change the isis_spf_preload_tent() function to use the local LSP
as an input (as per the ISO specification) instead of populating
the TENT based on the list of local interfaces;
* Introduce the "isis_spf_adj" structure to represent an SPF
adjacency. SPF adjacencies are inferred from the LSPDB, different
from normal adjacencies formed using IIH messages;
* Introduce the F_SPFTREE_NO_ROUTES flag to control whether the
SPT should create routes or not;
* Introduce the F_SPFTREE_NO_ADJACENCIES flag to specify whether
IS-IS adjacency information is available or not. When running SPF
in the behalf of other nodes, or under the context of an unit test,
no adjacency information will be present.
* On isis_area_create(), move some code around so that the area's isis
backpointer is set as early as possible.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Introduce the "show isis route" command to display the routes
associated to an SPF tree. Different from the "show ip route" command,
"show isis route" displays the L1 and L2 routes separately (and not
the best routes only).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Bring back some consts that were removed;
* Replace ALL_LIST_ELEMENTS by ALL_LIST_ELEMENTS_RO whenever
possible;
* Fix some CLI return values;
* Remove some unnecessary initializations.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is mostly a cosmetic change to make the code more modular,
more elegant and easier to understand.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Always fill the buffer provided by the user to prevent unexpected
results and make the function fully reentrant.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
1. Created a structure "isis master".
2. All the changes are related to handle ISIS with different vrf.
3. A new variable added in structure "isis" to store the vrf name.
4. The display commands for isis is changed to support different VRFs.
Signed-off-by: Kaushik <kaushik@niralnetworks.com>
Don't use the same starting time for all SPF trees otherwise the
results won't be accurate (they will accumulate instead of being
computed separately).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Remove mid-string line breaks, cf. workflow doc:
.. [#tool_style_conflicts] For example, lines over 80 characters are allowed
for text strings to make it possible to search the code for them: please
see `Linux kernel style (breaking long lines and strings)
<https://www.kernel.org/doc/html/v4.10/process/coding-style.html#breaking-long-lines-and-strings>`_
and `Issue #1794 <https://github.com/FRRouting/frr/issues/1794>`_.
Scripted commit, idempotent to running:
```
python3 tools/stringmangle.py --unwrap `git ls-files | egrep '\.[ch]$'`
```
Signed-off-by: David Lamparter <equinox@diac24.net>
the code in isis_spf_add2tent was asserting in case the vertex
we were trying to add was already present in the path or tent
trees. This however CAN happen if the user accidentally configures
the system Id of the area to the same value of an estabished
neighbor. Handle this more gracefully by logging and returning,
to prevent crashes.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Unfortunately as the topotests show a fast recovery after failure
detection due to BFD is currently not possible because of the following
issue:
There are multiple scheduling mechanisms within isisd to prevent
overload situations. Regarding our problem these two are important:
* scheduler for regenerating ISIS Link State PDUs scheduler for managing
* consecutive SPF calculations
In fact both schedulers are coupled, the first one triggers the second
one, which again is triggered by isis_adj_state_change (which again is
triggered by a BFD 'down' message). The re-calculation of SPF paths
finally triggers updates in zebra for the RIB.
Both schedulers work as a throttle, e.g. they allow the regeneration of
Link State PDUs or a re-calculation for SPF paths only once within a
certain time interval which is configurable (and by default different!).
This means that a request can go through the first scheduler but might
still be 'stuck' at the second one for a while. Or a request can be
'stuck' at the first scheduler even though the second one is ready. This
also explains the 'random' behaviour one can observe testing since a
'fast' recovery is only possible if both schedulers are ready to process
this request.
Note that the solution in this commit is 'thread safe' in the sense that
both schedulers use the same thread master such that the introduced
flags are only used exactly one time (and one after another) for a
'fast' execution.
Further there are some irritating comments and logs which I partially
removed. They seems to be not valid anymore due to changes in thread
management (or they were never valid in the first place).
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
This is an implementation of the IS-IS SR draft [1] for FRR.
The following features are supported:
* IPv4 and IPv6 Prefix-SIDs;
* IPv4 and IPv6 Adj-SIDs and LAN-Adj-SIDs;
* Index and absolute labels;
* The no-php and explicit-null Prefix-SID flags;
* Full integration with the Label Manager.
Known limitations:
* No support for Anycast-SIDs;
* No support for the SID/Label Binding TLV (required for LDP interop).
* No support for persistent Adj-SIDs;
* No support for multiple SRGBs.
[1] draft-ietf-isis-segment-routing-extensions-25
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Historically, isisd has been carrying around its own red-black tree to
manage its LSP DB in. This replaces that with the newly-added
DECLARE_RBTREE_*. This allows completely removing the dict_* code.
Signed-off-by: David Lamparter <equinox@diac24.net>
For debugging the scheduling of SPF, it is useful to see from
where an SPF run is scheduled. So add this information to the
log.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
rawlspid_print(), which uses a fixed-width 8-byte input, has been replaced with
a call to isis_format_id(), allowing giving the input size.
Signed-off-by: F. Aragon <paco@voltanet.io>
The OpenFabric draft prescribes that any IS-IS PDUs not needed for
OpenFabric operation MUST be ignored. So this commit makes fabricd
ignore any LAN IIHs and any L1 LSPs.
Also the draft specifies that any reachabilities given as narrow-metric
TLVs SHALL be ignored, so adhere to that too.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Add a command `debug openfabric flooding` to allow verification of
correct operation of the OpenFabric flooding optimization algorithm.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
OpenFabric requires knowledge of the first two hops on each path
calculated by spf to implement its flooding optimization. Extend the
hopcount-spf to build such a datastructure.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
By moving the spf datastructures to a header, fabricd can access the
results of the spf run for flooding optimization or fabric locality
calculation.
While this was deemed a sensible choice in this case, when compared with
the option of adding a lot of OpenFabric specific code to isis_spf.c,
the datastructures should still not be accessed randomly all over the
code base. To make this more clear, the new header was called
isis_spf_private.h (Think of a friend class)
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
OpenFabric uses an spf with the metric for all links set to one,
both for flooding optimization and for fabric locality detection.
So extend isisd's spf code to allow running it with such a metric
and have it run whenever normal spf runs.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Remove isis_vty.c and create three new files isis_vty_common.c,
isis_vty_fabricd.c and isis_vty_isisd.c which are built into both
daemons, only fabricd and only isisd, respectively.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
fabricd is built using the sources of isisd. To allow differentiation
in the code, -DFABRICD=1 is added to its preprocessor flags.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
There is no need to check for failure of a ALLOC call
as that any failure to do so will result in a assert
happening. So we can safely remove all of this code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Take the source-prefix sub-TLV into consideration when running SPF
and support creation/deletion of dst-src routes as result.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Instead of using the address family to determine which spftree structure
should be used, specify it explicitly. With the advent of ipv6 dst-src
routing, the tree cannot be uniquely determined from the family.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Have an array of spftrees instead of a separate spftree and an
spftree6 for which all the code gets duplicated.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
As isisd's route_tables are directly related to spf trees, move
the route tables into the spftree instead of maintaining them
alongside of the spftrees.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
This correction fixes three bugs detected by Clang scan:
Bug Group: Logic error
Bug Type: Dereference of null pointer
File: bgpd/bgp_evpn.c
Function: bgp_evpn_unconfigure_import_rt_for_vrf
Line: 4246
File: isisd/isis_spf.c
Function: isis_print_paths
Line: 69 (two bugs of same type in one line)
Signed-off-by: F. Aragon <paco@voltanet.io>
The following types are nonstandard:
- u_char
- u_short
- u_int
- u_long
- u_int8_t
- u_int16_t
- u_int32_t
Replace them with the C99 standard types:
- uint8_t
- unsigned short
- unsigned int
- unsigned long
- uint8_t
- uint16_t
- uint32_t
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
