*BSD has some special struggles associated with the graceful
restart code in zebra. Add a bit of documentation to outline
this problem and how it is solved.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
When a end operator is doing cross vrf imports in bgp:
router bgp 3239 vrf FOO
address-family ipv4 uni
import vrf BAR
!
and zebra has this configuration:
vrf FOO
ip protocol bgp route-map EVA
!
The current code in zebra_nhg.c was looking up the vrf of the
nexthop and attempting to apply the ip protocol route-map.
For most people the nexthop vrf and the re vrf are one and the
same so they never see a problem.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 45dafca86c)
Recent commit:
abc246e193
Has broken `make check` with recently new compilers:
/usr/bin/ld: staticd/libstatic.a(static_nb_config.o): warning: relocation against `zebra_ecmp_count' in read-only section `.text'
CCLD tests/bgpd/test_peer_attr
CCLD tests/bgpd/test_packet
/usr/bin/ld: staticd/libstatic.a(static_zebra.o): in function `static_zebra_capabilities':
/home/sharpd/frr5/staticd/static_zebra.c:208: undefined reference to `zebra_ecmp_count'
/usr/bin/ld: staticd/libstatic.a(static_zebra.o): in function `static_zebra_route_add':
/home/sharpd/frr5/staticd/static_zebra.c:418: undefined reference to `zebra_ecmp_count'
/usr/bin/ld: staticd/libstatic.a(static_nb_config.o): in function `static_nexthop_create':
/home/sharpd/frr5/staticd/static_nb_config.c:174: undefined reference to `zebra_ecmp_count'
/usr/bin/ld: /home/sharpd/frr5/staticd/static_nb_config.c:175: undefined reference to `zebra_ecmp_count'
/usr/bin/ld: warning: creating DT_TEXTREL in a PIE
collect2: error: ld returned 1 exit status
make: *** [Makefile:8679: tests/lib/test_grpc] Error 1
make: *** Waiting for unfinished jobs....
Essentially the newly introduced variable zebra_ecmp_count is not available in the
libstatic.a compiled and make check has code that compiles against it.
The fix is to just move the variable to the library.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 7c1e76aa8d)
End operator is reporting that they are receiving buffer overruns
when attempting to read from the kernel receive socket. It is
possible to adjust this size to more modern levels especially
for when the system is under load. Modify the code base
so that *BSD operators can use the zebra `-s XXX` option
to specify a read buffer.
Additionally setup the default receive buffer size on *BSD
to be 128k instead of the 8k so that FRR does not run into
this issue again.
Fixes: #10666
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 9fb83b5506)
Description:
NULL pointer wrongly passed instead of 'ei' pointer to
ospf_external_lsa_originate() API in opaque capability enable/disable
which always make it to fail in origination.
Corrected it by passing actual ei pointer.
Signed-off-by: Rajesh Girada <rgirada@vmware.com>
(cherry picked from commit c16241898a)
Before this patch, if the first server crashed or was terminated, RPKI
connection keeps _active_ forever.
With this patch, if we catch connection problem (FATAL), we reset RPKI, to
switch to another available RTR-Server by using configured preference.
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
(cherry picked from commit 38775a3c5f)
Intentionally up convert uint8_t and uint32_t values
to a uint64_t before doing math to make Coverity happy.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit c960cb28f7)
If time ( a uint64_t ) is large enough doing division
and subtraction can still lead to situations where
the resulting number is greater than a uint32_t.
Just use uint32_t as an intermediate storage spot.
This is unlikely to every occur in a time frame
I could possibly care about but makes Coverity happy.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 46da676a62)
assert when if_lookup_address is passed with
a family that is not AF_INET or AF_INET6 as
that we are dead in the water and this is a
dev escape
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 4d7aae38ab)
224.0.0.0/24 cannot be used by igmp since this is reserved
for routing protocols and other low-level topology discovery or
maintenance protocols.
Fixes: #10614
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
(cherry picked from commit fcfd479d99)
Restrict the number of nexthops for a route to the compiled-in
limit. Be careful with the zapi route struct's array of nexthops
too.
Signed-off-by: Mark Stapp <mstapp@nvidia.com>
(cherry picked from commit 1f7ab1a2cc)
When rip is configured to work on secondary addresses
on an interface, rip was not properly sending out
the packets on secondary addresses because the source of the
packet was never properly being setup and rip would
send the packet out multiple times for the primary address
not once for each address on the interface that is setup to work.
tcpdump + rip debugs output with fix:
2022/02/15 19:59:50 RIP: [ZG173-BHW0K] turn on virbr0
2022/02/15 19:59:51 RIP: [PYB7S-80D89] multicast join at virbr0
2022/02/15 19:59:51 RIP: [GZR24-FCQGG] multicast request on virbr0
2022/02/15 19:59:51 RIP: [JTNCV-XD8S1] rip_send_packet 192.168.122.1 > 224.0.0.9 (virbr0)
2022/02/15 19:59:51 RIP: [VEJY5-67P5X] SEND to 224.0.0.9520
2022/02/15 19:59:51 RIP: [JTNCV-XD8S1] rip_send_packet 73.3.3.8 > 224.0.0.9 (virbr0)
2022/02/15 19:59:51 RIP: [VEJY5-67P5X] SEND to 224.0.0.9520
19:59:51.831128 IP 192.168.122.1.route > rip2-routers.mcast.net.route: RIPv2, Request, length: 24
19:59:51.831161 IP c-73-3-3-8.hsd1.mo.comcast.net.route > rip2-routers.mcast.net.route: RIPv2, Request, length: 24
Fixes: #10588
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 114918bd0b)
Add a counter to the number of times a thread is starved from
a timer event and add the output to `show thread cpu`
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 1dd08c2243)
Conversion of bgp error codes returned for cli input into
an enum and then properly handling all the error cases
in bgp_vty_return.
Because not all error codes returned were properly handled
in this function there existed configuration examples that
were accepted on the cli without an error message but not
saved.
Fixes: #10589
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 4b7e23e9f2)
BGP_ERR_PEER_GROUP_MEMBER and BGP_ERR_PEER_GROUP_PEER_TYPE_DIFFERENT
both are not handled by bgp_vty_return, but both can be handled by
this function as that there is nothing special going on here.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 6dcea6fe05)
confederations are checking to see that the bgp pointer
is non-null. But it's impossible to have a null pointer
in the cli and in all paths we have already deref'ed the bgp
pointer. Let's remove that error code as that it is impossible
to happen.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit 8b4a0b6631)
Add a 15 minute warning to the logging system when
bgp policy is not setup properly. Operators keep asking
about the missing policy( on upgrade typically ). Let's
try to give them a bit more of a hint when something is
going wrong as that they are clearly missing the other
various places FRR tells them about it.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
(cherry picked from commit b17826b715)
There are singline-line commands inside `router bgp` that start with
`vnc ` or `bmp `. Those commands are currently treated as node-entering
commands. We need to specify such commands more precisely.
Fixes#10548.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
(cherry picked from commit 57692f125e)
bgp_attr_default_set creates a new empty aspath. If family error happens,
this aspath is not freed. Move attr initialization after we checked the
family.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
(cherry picked from commit 606c3f9fb2)
aspth_empty a couple of lines earlier creates an aspath and it must be
freed.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
(cherry picked from commit afb254d792)
