Solution :
The following procedures would be performed :
1. Verify if the pid file for each daemon is present or not. If the file is not present, that means the
daemon is getting instantiated for the first time. So let it go ahead.
If the file is present proceed to point ‘2’.
2. Try fetching the properties of the pid file.
3. If it has RW lock, that means one instance of this the daemon is already running.
So stop moving ahead and do exit() else let it go ahead. Please note all above procedure happen at
the initial state of daemon’s instantiation, much before it starts any session with other
process/allocates resources etc.. and this verification do not have any impact of any
operations done later, if the verification succeeds.
Signed-off-by: bisdhdh sadhub@vmware.com
For OpenFabric operation, we need to be able to install routes via
interfaces without any IPv4 addresses configured. Introduce a flag
ZEBRA_FLAG_ONLINK which upper protocols can set on a route they send
towards zebra, to force the nexthops to be considered onlink.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
fabricd is built using the sources of isisd. To allow differentiation
in the code, -DFABRICD=1 is added to its preprocessor flags.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
The ZEBRA_IPV4_ROUTE_IPV6_NEXTHOP_ADD zapi message has no creators and
no handlers. Let's just remove.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Move the aggregate pointer from the route_node into agg_node
so that people using struct route_node will see a savings
in data size.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add a abstraction for `struct route_node` and `struct route_table`
such that we can have an aggregate route_node and table. This
is because only bgp/rfapi and ripng use the aggregate data pointer
in `struct route_node`. For full route tables other routing
protocols and tables are paying a 8 byte overhead per node.
A full bgp table ends up being ~1.2 million routes in bgp
and zebra. This is not an insiginificant amount of data.
So create the data structures for this replacement, but
do not replace the aggregate pointer yet. This is because
later commits will convert rfapi and ripng over to this
new data, and finally we'll move the aggregate pointer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fix CLANG warning:
Report for if.c | 2 issues
===============================================
< WARNING: else is not generally useful after a break or return
< #390: FILE: /tmp/f1-28557/if.c:390:
Signed-off-by: Thibaut Collet <thibaut.collet@6wind.com>
Problem reported that some bgp and ospf json commands did not return
any json output at all if the bgp/ospf instance did not exist.
Additionally, some bgp and ospf json commands did not return any json
output if the instance existed but no neighbors were defined. This
fix makes these commands more consistent in returning empty braces for
json output and issue a message if not using json output. Additionally,
made the flag "use_json" a bool to make it consistent since previously,
it had been defined as an int, char, u_char, and bool at various places.
Ticket: CM-21040
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
This crash occurs only with netns implementation.
vrf meaning is different regarging its implementation (netns or
vrf-lite)
- With vrf-lite implementation vrf is a property of the interface that
can be changed as the speed or the state (iproute2 command: "ip link
set dev IF_NAME master VRF_NAME"). All interfaces of the system are in
the same netns and so interface name is unique.
- With netns implementation vrf is a characteristic of the interface
that CANNOT be changed: it is the id of the netns where the interface
is located. To change the vrf of an interface (iproute2 command to
move an interface "ip netns exec VRF_NAME1 ip link set dev IF_NAME
netns VRF_NAME2") the interface is deleted from the old vrf and
created in the new vrf.
Interface name is not unique, the same name can be present in the
different netns (typically the lo interface) and search of interface
must be done by the tuple (interface name, netns id).
Current tests on the vrf implementation (vrf-lite or netns) are not
sufficient. In some cases (for example when an interface is moved from
a vrf X to the default vrf and then move back to VRF X) we can have a
corruption message and then a crash of zebra.
To avoid this corruption test on the vrf implementation, needed when an
interface changes, has been rewritten:
- For all interface changes except deletion the if_get_by_name function,
that checks if an interface exists and creates or updates it if
needed, is changed:
* The vrf-lite implementation is unchanged: search of the interface
is based only on the name and update the vrf-id if needed.
* The netns implementation search of the interface is based on the
(name, vrf-id) tuple and interface is created if not found, the
vrf-id is never updated.
- deletion of an interface (reception of a RTM_DELLINK netlink message):
* The vrf-lite implementation is unchanged: the interface
information are cleared and the interface is moved to the default
vrf if it does not belong to (to allow vrf deletion)
* The netns implementation is changed: only the interface
information are cleared and the interface stays in its vrf to
avoid conflict with interface with the same name in the default
vrf.
This implementation reverts (partially or totally):
commit 393ec5424e ("zebra: fix missing node attribute set in ifp")
commit e9e9b1150f ("lib: create interface even if name is the same")
commit 9373219c67 ("zebra: improve logs when replacing interface to an
other netns")
Fixes: b53686c52a ("zebra: delete interface that disappeared")
Signed-off-by: Thibaut Collet <thibaut.collet@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
To correct potential crash with netns implementation of vrf (see next
commit) it is necessary to allow any daemons to know the vrf
implementation whatever the vrf.
With current implementation the daemons do not know the vrf
implementation for the default vrf. For this vrf the returned vrf
implementation is always vrf-lite.
To solve this issue a netns name is set to the default vrf to just test
is presence to know the used implementation.
For zebra a netns name (if needed) is set in the vrf_init function just
before enabling the vrf. So this information is propagated to the other
daemons thanks the zapi message called when the vrf is enable at zebra
layer and override the default configuration (vrf-lite) of the daemon.
Signed-off-by: Thibaut Collet <thibaut.collet@6wind.com>
Sphinx actually does work with a parallel build, if the doctree creation
is a separate step (which the other builds will then just read
unmodified.) This can be done with the "dummy" target.
This also adds "-j6" to sphinx-build and adds a "--disable-doc-html"
switch on ./configure to turn on/off building HTML docs separately.
Also, HTML docs are now installed by "make install" to
/usr/share/doc/frr/html.
Signed-off-by: David Lamparter <equinox@diac24.net>
stdatomic.h does not have aliases for all of the useful gcc
atomic primitives; add them in for that path through
frratomic.h.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
We have the fetch_and_xxx apis, which return the _old_ value;
adding the xxx_and_fetch versions, which return the new value.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
If default VRF is used, with standard naming convention,
memory allocation can be avoided.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Prevent from creating vrf, if the default vrf name is the same as the
vrf to be created.
Also, prevent at startup from creating default vrf with a name already
used in vrf list.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
For the daemons that do not use vrf_init(), the call to the define
will return a default vrf if no other values has been overriden.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The Vrf aliases can be known with a specific hook. That hook will then,
from zebra propagate the information to the relevant zapi clients.
The registration hook function is the same for all daemons.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The get API is used each time the VRF_DEFAULT_NAME macro is used.
The set API is not yet used.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Linux 2.6.0 was released in December of 2003... I'm pretty sure we don't
need this Linux 2.4 support anymore.
Signed-off-by: David Lamparter <equinox@diac24.net>
The ZEBRA_IPV4_ROUTE_[ADD|DELETE] and ZEBRA_IPV6_ROUTE_[ADD|DELETE] functionality
has been deprecated for a year now, let's remove this code from the system.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Memory sizes of the vrf bit-map was insane for a system
with a moderate number of data on it:
Zebra:
VRF bit-map : 601 65536 39391944
Having a full 32bit integer bit space is problematically large,
switch over to a hash to store bit data. We do not need to waste
so much space.
VRF bit-map : 13 8 312
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The master->unused list was unbounded during normal operation.
A full BGP feed on my machine left 11k threads on the unused
list, taking up over 2mb of data. This seemed a bit excessive,
reduce to a limit of 10.
Also fix a crash that this exposed where we assumed that a thread
structure was not deleted.
Future committers can make this configurable? or modify
the value to something better for their system. I am
dubious of the value of this.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This debug should be moved to an error situation since it's a
developmental escape that needs to be fixed.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We are using a enum to drive a switch statement and we have
a default case statement that can never be entered because
we know all the enum states have been covered. Remove it
from the code as that it cannot happen.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
zlog_warn was being used to inform user of impossible situations
or for normal operations. Remove these from the code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The smux.c code has not been able to compile for 2+ years
and no-one has noticed. Additionally net-snmp has marked
smux integration as deprecated for quite some time as well.
Since no-one has noticed and it's been broken and smux integration
is deprecated let's just remove this from the code base.
From looking at the code, it sure looks like SNMP could use
a decent cleanup.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We were storing Poll data for the read and write
memory information in MTYPE_THREAD, so a show run
would not be able to show actual amount of memory
associated with the `struct thread`.
Remove unnecessary NULL checks on malloc.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Modify stream.c to have stream_new call one malloc call
instead of two. Also change stream_resize_orig to
use stream_resize_inplace and to send an error
to the developer to switch over.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Start setup for handling of stream_resize into old
and new functions.
Create a stream_resize_inplace function that takes
a double pointer to allow for a realloc operation
to return the possibly moved pointer.
Add a CONFDATE for removal as well.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Make the wart slightly less bad... also there is still a possible write
after free here. This needs to be fixed again, properly, by some
structure changes.
Signed-off-by: David Lamparter <equinox@diac24.net>
show error all was displaying 0 value for code, whereas real code value
was not displayed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The hash_get function when called and the alloc_func returns
a NULL value, we do not create a backet nor do we insert
anything into the hash. As such backet->data must always
be non-NULL.
Modify the description in hash_get to inform of this.
Additionally indicate that hash_walk and hash_iterate
cannot have a NULL backet->data value.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The CMSG_FIRSTHDR was broken on solaris pre version 9. Version 9
was released in May of 2002 and EOL'ed in 2014. Version 8 EOL'ed
in 2012. Remove special case code for a little used platform
that has not seen the light of day in a very long time.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Used as:
frr_elevate_privs(&my_privs) {
... code ...
}
and handles privilege raise/lower automatically in conjunction with the
C expression block. This makes it impossible to accidentally exit a
function with privileges raised (and then running a whole bunch of other
code with privs.)
Signed-off-by: David Lamparter <equinox@diac24.net>
* Use the correct license header
* Stop headers from including themselves
* Use uniform relative include conventions
* Ensure that sources include what they use
* Turn off clang-format around struct array blocks
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The clippy code does not need to log the error messages
as errors as that it is only run as part of the build
itself and as long as we see the notifications we are good.
So convert zlog_err to zlog_notice so that we do not think
we have any zlog_err's in lib anymore
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Sometimes a error state is detected when we have added
new code to FRR, but not updated all the places that
we should have. Consider this a developmental escape
that needs to be fixed.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add a new error code LIB_ERR_SYSTEM_CALL to the ferr subsystem.
Additionally convert LIB_ERR_VRF_SOCKET to a more generic
LIB_ERR_SOCKET.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When we are logging a commands via the `log commands`
cli, use zlog_notice instead of zlog_err, since that
this is not an actual error situation.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com.
Add code to auto-create the ferr infrastructure as well as add
some initial error handling for vrf.c
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Simplify addition of new messages to the system by allow passage of
arrays of data, instead of one at a time.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Add zlog_* function to log with a reference code
* Add ability to track reference cards for errors to ferr.[ch]
* Assign some reference code ranges
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The definition of the interface commands in vtysh.c were outdated.
Currently, all daemons that call if_cmd_init() will have the "no interface
IFNAME" command and the "[no] description" commands as well, so there's
no need to define exceptions for these commands anymore.
To fix this, make extract.pl parse the if.c file so that vtysh can get the
interface commands from there automatically. Only the "interface IFNAME
[vrf NAME]" must be kept in vtysh.c because it changes the vty node and
thus needs special treatment.
Finally, make pimd and pbrd display interface descriptions on "sh run"
when they are configured.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Only zebra and pimd call vrf_cmd_init(), so these are the only daemons
that should receive VRF commands from vtysh;
* "netns NAME" and "no netns NAME" are available only in zebra, write
custom DEFSHs in vtysh to make it aware of that;
* Remove the "no vrf NAME" definition from vtysh.c and expose the
original command to vtysh by converting the DEFUN_NOSH to a simple
DEFUN. This command doesn't change the vty node so there's no need to
special case it.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
There is no need to check for failure of a ALLOC call
as that any failure to do so will result in a assert
happening. So we can safely remove all of this code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When `bfdd` is enabled - which it is by default - re-route the PTM-BFD
messages to the FRR's internal BFD daemon instead of the external
PTM daemon.
This will help the migration of BFD implementations and avoid
duplicating code.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Implement vty shell integration and allow `bfdd` to be configured
through FRR's vtysh.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
If malloc_usable_size() or malloc_size() are available, we can count
total usage of a particular MTYPE. (Without the functions, we don't
know how much to subtract on free.)
Signed-off-by: David Lamparter <equinox@diac24.net>
When calling route_map_finish, every place that we do we must
first set the deletion event to NULL, or we will create an infinite
loop, if we are using the delayed route-map application code.
As such we might as well just make the route_map_finish code
do this work, as that there is really no viable alternative here
and route_map_finish should only be called on shutdown.
This fixes an infinite loop in zebra on shutdown when there
are route-maps.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Take the source-prefix sub-TLV into consideration when running SPF
and support creation/deletion of dst-src routes as result.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Modify stream_new in this way:
1) ALLOC allocations do not fail, they cause a crash so remove
if tests for it.
2) Modify usage of XCALLOC to XMALLOC and then hand set all the
relevant data in the stream pointer.
With this modification stream allocation of 10000000 streams at
10k bytes each reduced from on average 1.43 seconds to 0.65 seconds.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When we issue this command, we are getting:
robot# show ip route vrf green json
{}
% VRF green not found
robot# show ip route vrf green
% VRF green not found
% VRF green not found
robot#
Fix the command so it only displays one line of output
for json or non-json output.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fix ripd crash of null pointer.
when authenticate a rip packet,
the key pointer or the key string pointer may be null,
the code have to return then.
Signed-off-by: lyq140 <34637052+lyq140@users.noreply.github.com>
The `type` parameter was not being compared with `cmsg_type`, so the
result of this function was always a pointer to the first header
matching the level.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
When we read in a backup file, we should save the original
host.config so that we can put it back to the correct original
location after we read in the backup config.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Allow protocols to specify to zebra that they would like zebra
to use the distance passed down as part of determine sameness for
Route Replace semantics.
This will be used by the static daemon to allow it to have
backup static routes with greater distances.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When I did a show ip route with `json` on a vrf when it didn't exist,
frr would output invalid json.
Signed-off-by: Nathan Van Gheem <nathan@cumulusnetworks.com>
Modify the unlock code for a route_node to return NULL on
pointer freed or to return the node itself again.
We'll need to go through the code and fix this pattern,
but this is a problem for another day. Get this fix in
place and we can make it a low hanging problem to fix.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add some parameter names to functions in table.h to give a
clue as to what we expect people to pass in.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
On old compilers CPP_NOTICE should be a macro evaluating to an empty
statement, instead of being undefined.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
EVPN ND ext community support NA flag R-bit, to have proxy ND.
Set R-bit in EVPN NA if a given router is default gateway or there is a
local
router attached, which can be determine based on local neighbor entry.
Implement BGP ext community attribute to generate and parse R-bit and
pass along zebra to program neigh entry in kernel.
Upon receiving MAC/IP update with community type 0x06 and sub_type 0x08,
pass the R-bit to zebra to program neigh entry.
Set NTF_ROUTER in neigh entry and inform kernel to do proxy NA for EVPN.
Ref:
https://tools.ietf.org/html/draft-ietf-bess-evpn-na-flags-01
Ticket:CM-21712, CM-21711
Reviewed By:
Testing Done:
Configure Local vni enabled L3 Gateway, which would act as router,
checked
show evpn arp-cache vni x ip <ip of svi> on originated and remote VTEPs.
"Router" flag is set.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Add 'const' to prefix args to several zebra route update,
redistribution, and route owner notification apis.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
This function should be called with a known vrf_id. All other cases, the
other API should be called.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Sometimes, the file under /var/run/netns may not be authorised to be
read ( because it is not read permission for frr user, for instance).
so it is good to know what happened.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Some values for icmp type/code can not be encoded like port source or
port destination. This is the case of 0 value that is authorized for
icmp.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The flowspec fragment attribute is taken into account to be pushed in
BGP policy routing entries. Valid values are enumerate list of 1, 2, 4,
or 8 values. no combined value is supported yet.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The packet length can be injected from fs entry with an enumerate list;
the negation of the value is also taken into account.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Those flags can be shared between BGP and Zebra. That is why
those flags are moved to common pbr.h header file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
When in a dev build add a bit of code to track max
depth of a fifo and to allow zebra to report on it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Previous correction (2c2d5cb397) was not enough,
so now it is ensured that the argument shift is not negative nor zero.
Signed-off-by: F. Aragon <paco@voltanet.io>
If your daemon does not need any special privileges
and you are compiling with HAVE_CAPABILIES, the
zprivs->change pointer will end up NULL due
to the way zprivs_caps_init. So as a check
let's add a NULL check for zprivs->change
and set it to a function that will do nothing.
This change prevents a crash if you raise privileges
when your daemon needs no special privileges.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The route_map_walk_update_list callback function
never uses the return code, so just remove it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
route_map_clear_updated is only used by routemap.c,
don't expose it too be used by the outside world.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
route_map_mark_updated has a `int del_later` variable
that is passed in but never used. Just remove it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add the ability to specify the designated log level at startup.
--log-level <emergencies|alerts|critical|errors|warnings|notifications|informational|debugging>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Remove the special case code to use syslog for Cumulus.
They can specify this via startup now instead of having
a special compile flag for this option.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When we are starting a daemon, allow the user to specify:
--log <stdout|syslog|file:file_name>
This can be used on early startup to put the log files
where the end user wants them to show up.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The read in of cli was happening prior to thread
event handling for non-integrated configs. This
is interesting for 2 reasons:
1) Read-in of integrated configs was after thread
event loop startup, so we had a difference of behavior
2) Read-in can cause a series of events that cause
us to attempt to communicate with zebra. The zebra
zapi connection only happens after the thread event
loop has been started. This can cause data that
is being written down to zebra to be lost and
no real way to notice that this has happened and
to recover gracefully.
Modify the code to create a thread event for read
in of client config.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
If we fail to read in the config file and we have
specified a backup of the backup, attempt to
read that information.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When reading the config file add an ability to know
if we have properly read in anything. So that a daemon
can make fallback plans.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When we are iterating through the hash, keep count of how many
we've called and if we have finished calling the hash->size
iterator times, then short-circuit and stop looping over
the entire array.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Unfortunately user CFLAGS causes #define conflicts with #defines in
Python development headers, which causes build failures under certain
platforms when using -Werror.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The current implementation of peer flags (e.g. shutdown, passive, ...)
only has partial support for overriding flags of a peer-group when the
peer is a member. Often settings might get lost if the user toys around
with the peer-group configuration, which can lead to disaster.
This commit introduces the same override implementation which was
previously integrated to support proper peer flag/attribute override on
the address-family level. The code is very similar and the global
attributes now use their separate state-arrays *flags_invert* and
*flags_override*.
The test suite for BGP peer attributes was extended to also check peer
global attributes, so that the newly introduced changes are covered. An
additional feature was added which allows to test an attribute with an
*interface-peer*, which can be configured by running `neighbor IF-TEST
interface`. This was introduced so that the dynamic runtime inversion of
the `extended-nexthop` flag, which is only enabled by default for
interface peers, can also be tested.
Last but not least, two small changes have been made to the current bgpd
implementation:
- The command `strict-capability-match` can now also be set on a
peer-group, it seems like this command slipped through while
implementing peer-groups in the very past.
- The macro `COND_FLAG` was introduced inside lib/zebra.h, which now
allows to either set or unset a flag based on a condition. The syntax
for using this macro is: `COND_FLAG(flag_variable, flag, condition)`
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
* Move configure flag propagations out of user flags
* Use AC_SUBST to transfer flag values to Automake
* Set default AM_CFLAGS and AM_CPPFLAGS in common.am and change child
Makefiles to modify these base variables
* Add flag override to turn off all sanitizers when building clippy
* Remove LSAN suppressions blacklist as it's no longer needed
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
With a new version of clang 6.0, the compiler is detecting more
issues where we may be possibly be truncating the output string.
Fix by increasing the size of the output string to make the compiler
happy.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Sometimes output would be mangled when filtering with include as a
result of the following bugs:
* Filters were applied per each call to vty_out() instead of buffering
until a line break and then applying
* Long output would sometimes be cut due to using the wrong buffer
pointer
Also remove the trailing \n as it should no longer be necessary to
ensure the vty prompt ends up on a new line.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Add function to move all data to the start of a vector by shifting
over contiguous empty slots
* Use this function to remove empty slots leftover after
frrstr_filter_vec
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Fix potential NULL dereference
* Fix use of uninitialized value
* Fix leaking memory by not freeing regex_t
* Fix extra \n when using empty regex filter
* Clean up still-reachable hook memory
* Handle nonexistent pager
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
An optimized version of this has already been implemented within graph.c
that assumes some specialized constraints for that code. It's generally
useful so this change implements a general purpose version of it.
This fixes cmd_make_strvec() that was broken by some code shuffling in
previous commits.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Rewrite pager implementation
* Replace fprintf() with vty_out()
* Modify vty_out() for better vtysh support
* Remove static global outputfile var
* Remove fp argument from many vtysh functions
* Add some docs for stuff along the way
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This patch adds a CLI preprocessor function that activates when `|` is
found in the command. This is the start of adding support for some text
processing utilities intended for inline use. The first one implemented
here is `| include`, which provides grep-like filtering of command
output.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This patch adds a hook point intended to allow subscribers to modify the
raw text of a CLI command before it is passed to the rest of the CLI
pipeline. To give access to the raw text of the command, a new function
for executing CLI has been defined whose only difference from
`cmd_execute_command` is that it accepts the command to execute as a
string rather than as a string vector.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
I see lots of the same code being copy-pasted and slightly tweaked for
string processing all over the codebase. Time to start aggregating these
pieces into something consistent and correct.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Programs that link to libnetsnmp must be compiled using a special set
of flags as specified by the "net-snmp-config --base-cflags" command
(whose output is stored in the SNMP_CFLAGS variable). The problem is
that "net-snmp-config --base-cflags" can output -std=c99 in addition to
other compiler flags in some platforms, and this breaks the build since
FRR souce code makes use of some GNU compiler extensions (e.g. allow
trailing commas in function parameter lists). In order to solve this
problem, append -std=gnu99 after SNMP_CFLAGS in all makefiles where this
variable is used. This way the -std=c99 flag will be overwritten when it's
present. Source files that don't link to libnetsnmp will be compiled using
either -std=gnu99 or -std=gnu11 depending on the compiler availability.
Fixes#1617.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Remove references to ospf source files from linklist.[ch]
* Remove documentation comments from hash.c and linklist.c
* Add comprehensive documentation comments to linklist.h and hash.h
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* list_dup(): duplicates a linked list
* list_sort(): in-place sort of linked list w/ ascending quicksort
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
After PBR or BGP sends back a request for sending a rule/ipset/ipset
entry/iptable delete, there may be issue in deleting it. A notification
is sent back with a new value indicating that the removal failed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Those 3 fields are read and written between zebra and bgpd.
This permits extending the ipset_entry structure.
Combinatories will be possible:
- filtering with one of the src/dst port.
- filtering with one of the range src/ range dst port
usage of src or dst is exclusive in a FS entry.
- filtering a port or a port range based on either src or dst port.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The warning string which appears when the users executes 'no (enable)
password' was moved into command.h and declared as a constant named
'NO_PASSWD_CMD_WARNING'.
This avoids duplicate code and makes it easy to change the warning
message in all places at once.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
When the user executes one of the commands 'no password' or 'no enable
password', a warning message gets shown to inform the user of the
security implications.
While the current implementation works, a warning message gets printed
once for each daemon, which can lead to seeing the same message many
times. This does not affect functionality, but looks like an error to
the user as it can be seen within issue #1432.
This commit only prints the warning message inside lib when vtysh
dispatch is not being used. Additionally, the warning message was copied
into the vtysh command handlers, so that they get printed exactly once.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
The pull request #1545 from @donaldsharp introduced the command 'no
password' to remove an existing terminal connection password.
Additionally, warnings have been added to both 'no password' and 'no
enable password' to make the user aware of any security implications.
It seems that this specific pull request was never merged against master
and got lost. This commit is a cherry-pick of d4961273cb with fixed
conflicts and updated documentation.
Thanks to @donaldsharp and @pogojotz for the original PR.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
For ipv6 host, the next hop is conevrted to ipv6 mapped address.
However, the remote rmac should still be programmed with the ipv4 address.
This is how the entries will look in the kernel for ipv6 hosts routing.
vrf routing table:
ipv6 -> ipv6_mapped remote vtep on l3vni SVI
neigh table:
ipv6_mapped remote vtep -> remote RMAC
bridge fdb:
remote rmac -> ipv4 vtep tunnel
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
VRF static route commands adopt global static config if static config is
placed after a vrf context with no separator, workaround by always
writing static route config before vrf config
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Ensure that when EVPN routes are installed into zebra, the router MAC
is passed per next hop and appropriately handled. This is required for
proper multipath operation.
Ticket: CM-18999
Reviewed By:
Testing Done: Verified failed scenario, other manual tests
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
stream_fifo is used as our standard internal message queue. Message
queues are useful in multithreaded environments. Up until now I have
been doing my own synchronization when using stream_fifo in this way;
this patch gets rid of the need for that boilerplate and decreases the
risk of locking mistakes when working with this datastructure.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
EVPN prefix depends on the EVPN route type.
Currently, in FRR we have a prefix_evpn/evpn_addr which relates to a evpn prefix.
We need to convert this to encompass an union of various EVPN route-types.
This diff handles the necessary code changes to adopt the new struct evpn_addr.
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
Customers have requested the ability to name their devices starting
with a number instead of a letter. This fix changes the check for
hostname to allow either a letter or a number.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Add client proto and instance number in all msg (request and
responses) to/form a label manager. This is required for a
label manager acting as 'proxy' (i.e. relaying messages towards
another label manager) to correctly deliver responses to the
requesting clients.
Signed-off-by: Fredi Raspall <fredi@voltanet.io>
The API for filling in an IPTABLE_ADD and IPTABLE_DELETE message.
Also, the API is handling the notification callback, so as to know if
zebra managed to add or delete the relevant iptable entry.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
With the usage of a 32 bit number as a integer, but storing
non-signed values in it, we have cases where numbers greater
than 2 billion are being read in and stored and used before
lower value numbers, which of course is awful and mean.
Fixes: #2126
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ensure that when EVPN routes are installed into zebra, the router MAC
is passed per next hop and appropriately handled. This is required for
proper multipath operation.
Ticket: CM-18999
Reviewed By:
Testing Done: Verified failed scenario, other manual tests
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
When popping a stream from a stream_fifo, the stream->next pointer is
not NULL'd out. If this same stream is subsequently pushed onto a
stream_fifo (either the same one or a different one), because
stream_fifo's use tail insertion the ->next pointer is not updated and
thus will point to whatever the next stream in the first stream_fifo
was. stream_fifo_free does not check the count of the stream_fifo when
freeing its constituent elements, and instead walks the linked list.
Consequently it will continue walking into the first stream_fifo from
which the last stream was popped, freeing each stream contained there.
This leads to use-after-free errors.
This patch makes sure to set the ->next pointer to NULL when doing tail
insertion in stream_fifo_push and when popping a stream from a
stream_fifo.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The addr value will never be null because of the way we do the
cli, but the SA system doesn't understand this. Add an assert
to make it happy.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The grammar sandbox has had the ability to dump individual commands as
DOT graphs, but now that generalized DOT support is present it's trivial
to extend this to entire submodes. This is quite useful for visualizing
the CLI space when debugging CLI errors.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Add general-purpose DFS traversal code
* Add ability to dump any graph to DOT language
* Add tests for graph datastructure
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Thread statistics are collected and stored in a hashtable shared across
threads, but while the hashtable itself is protected by a mutex, the
records themselves were not being updated safely. Change all thread
history collection to use atomic operations.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
For the last six years this source file has been using a type defined in
a header it did not include.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Add general-purpose DFS traversal code
* Add ability to dump any graph to DOT language
* Add tests for graph datastructure
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Zebra is starting to have some run-time capabilites that would be
useful to pass up to the higher level protocols so that they
can act in an appropriate manner when needed.
Send the ecmp value zebra is being run with and whether or not
we believe mpls is enabled in the kernel or not.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The mpls_label2str and mpls_str2label functions should not
be zebra exclusive functions. Move them to lib/mpls.c
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Properly notice when we get if up/down and vrf enable/disable
events and attempt to properly install nexthops as they
come in.
Ticket: CM20489
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Store Nexthop's as the incoming raw data. This will allow
us to separate the act of inputting the cli from the
act of instantiating the cli.
Ticket: CM-20489
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The delete was not properly deleting the nexthop from
the nexthop group and it was not properly setting the
nexthop's pointers to NULL.
Ticket: CM-20261
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Prevent the creation of a v6 LL nexthop that does not include an interface
for proper resolution.
Ticket: CM-20276
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The pbr_rule structure is derived from zebra_pbr_rule, and is
defined, so that a zclient will be able to encode the zebra_pbr_rule to
send ADD_RULE or DEL_RULE command. Also, the same structure can be used
by other daemons to derive a structure ( this will be the case for
zebra_pbr_rule).
Adding to this, an encoding function is defined, and will be used by
remote daemon to encode that message.
Those definitions are moved in new file pbr.h file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Those messages permit a remote daemon to configure an iptable entry. A
structure is defined that maps to an iptable entry. More specifically,
this structure proposes to associate fwmark, and a table ID.
Adding to the configuration, the initialisation of iptables hash list is
done into zebra netnamespace. Also a hook for notifying the sender that
the iptables has been correctly set is done.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Once ipset entries are injected in the kernel, the relevant daemon is
informed with a zebra message sent back.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
ZEBRA IPSET defines are added for creating/deleting ipset contexts.
Ans also create ipset hash sets.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
IPset and IPset entries structures are introduced. Those entries reflect
the ipset structures and ipset hash sets that will be created on the
kernel.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
These asserts verify that the status correlates with the expected result
and fixes a clang-analyze warning.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The PBR and PIM daemons, needed the ability to connect
to zebra. Unfortunately this connection also implied
an ability to redistribute to other valid protocols.
Add a additional hook to the route_types.pl script
to allow us to specify if the client type should
be redistributed at all.
Additionally cleanup the PIM code to not show up
as a protocol under the header for a 'show ip route'
command
Ticket: CM-20568
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This list "table" is created in the case the netns backend for VRF is
used. This contains the mapping between the NSID value read from the
'ip netns list' and the ns id external used to create the VRF
value from vrf context. This mapping is
necessary in order to reserve default 0 value for vrf_default.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Because at startup, remote daemons attempt to create default VRF,
the VRF_ID may be set to unknown. In that case, an event will be
triggered later by zebra to inform remote daemon that the vrf id of that
VRF has changed to valid value. In that case, two instances of default
VRF must not be created. By looking first at vrf name, this avoids
having two instances.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
MPLS label pool backed by allocations from the zebra label manager.
A caller requests a label (e.g., in support of an "auto" label
specification in the CLI) via lp_get(), supplying a unique ID and
a callback function. The callback function is invoked at a later
time with the unique ID and a label value to inform the requestor
of the assigned label.
Requestors may release their labels back to the pool via lp_release().
The label pool is stocked with labels allocated by the zebra label
manager. The interaction with zebra is asynchronous so that bgpd
is not blocked while awaiting a label allocation from zebra.
The label pool implementation allows for bgpd operation before (or
without) zebra, and gracefully handles loss and reconnection of
zebra. Of course, before initial connection with zebra, no labels
are assigned to requestors. If the zebra connection is lost and
regained, callbacks to requestors will invalidate old assignments
and then assign new labels.
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
This commit adds code to notify the compiler that we
will not be changing the arguments to nexthop2str
and we expect thre return to be treated the same.
Additionally we add some code to allow nexthops to
be hashed to be used in a hash.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This is an implementation of PBR for FRR.
This implemenation uses a combination of rules and
tables to determine how packets will flow.
PBR introduces a new concept of 'nexthop-groups' to
specify a group of nexthops that will be used for
ecmp. Nexthop-groups are specified on the cli via:
nexthop-group DONNA
nexthop 192.168.208.1
nexthop 192.168.209.1
nexthop 192.168.210.1
!
PBR sees the nexthop-group and installs these as a default
route with these nexthops starting at table 10000
robot# show pbr nexthop-groups
Nexthop-Group: DONNA Table: 10001 Valid: 1 Installed: 1
Valid: 1 nexthop 192.168.209.1
Valid: 1 nexthop 192.168.210.1
Valid: 1 nexthop 192.168.208.1
I have also introduced the ability to specify a table
in a 'show ip route table XXX' to see the specified tables.
robot# show ip route table 10001
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
F>* 0.0.0.0/0 [0/0] via 192.168.208.1, enp0s8, 00:14:25
* via 192.168.209.1, enp0s9, 00:14:25
* via 192.168.210.1, enp0s10, 00:14:25
PBR tracks PBR-MAPS via the pbr-map command:
!
pbr-map EVA seq 10
match src-ip 4.3.4.0/24
set nexthop-group DONNA
!
pbr-map EVA seq 20
match dst-ip 4.3.5.0/24
set nexthop-group DONNA
!
pbr-maps can have 'match src-ip <prefix>' and 'match dst-ip <prefix>'
to affect decisions about incoming packets. Additionally if you
only have one nexthop to use for a pbr-map you do not need
to setup a nexthop-group and can specify 'set nexthop XXXX'.
To apply the pbr-map to an incoming interface you do this:
interface enp0s10
pbr-policy EVA
!
When a pbr-map is applied to interfaces it can be installed
into the kernel as a rule:
[sharpd@robot frr1]$ ip rule show
0: from all lookup local
309: from 4.3.4.0/24 iif enp0s10 lookup 10001
319: from all to 4.3.5.0/24 iif enp0s10 lookup 10001
1000: from all lookup [l3mdev-table]
32766: from all lookup main
32767: from all lookup default
[sharpd@robot frr1]$ ip route show table 10001
default proto pbr metric 20
nexthop via 192.168.208.1 dev enp0s8 weight 1
nexthop via 192.168.209.1 dev enp0s9 weight 1
nexthop via 192.168.210.1 dev enp0s10 weight 1
The linux kernel now will use the rules and tables to properly
apply these policies.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Routes that have labels must be sent via a nexthop that also has labels.
This change notes whether any path in a nexthop update from zebra contains
labels. If so, then the nexthop is valid for routes that have labels.
If a nexthop update has no labeled paths, then any labeled routes
referencing the nexthop are marked not valid.
Add a route flag BGP_INFO_ANNC_NH_SELF that means "advertise myself
as nexthop when announcing" so that we can track our notion of the
nexthop without revealing it to peers.
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
Do not complain about failure to create a namespace if we
do not have any such thing going on.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Static route commands are now installed inside the VRF nodes. This has
quietly broken top-level static routes in certain scenarios due to
walkup logic resolving a static route configuration command inside
VRF_NODE first if the command is issued while in a CLI node lower than
VRF_NODE. To fix this VRF_NODE needs a special exit command, as has been
done for many other nodes with the same issue, to explicitly change the
vrf context to the default VRF so that when walkup resolves against the
VRF node it will configure against the default VRF as desired.
Of course this is a hack on top of a hack and the CLI walkup
implementation needs to be rewritten.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This work is derived from a work done by China-Telecom.
That initial work can be found in [0].
As the gap between frr and quagga is important, a reworks has been
done in the meantime.
The initial work consists of bringing the following:
- Bringing the client side of flowspec.
- the enhancement of address-family ipv4/ipv6 flowspec
- partial data path handling at reception has been prepared
- the support for ipv4 flowspec or ipv6 flowspec in BGP open messages,
and the internals of BGP has been done.
- the memory contexts necessary for flowspec has been provisioned
In addition to this work, the following has been done:
- the complement of adaptation for FS safi in bgp code
- the code checkstyle has been reworked so as to match frr checkstyle
- the processing of IPv6 FS NLRI is prevented
- the processing of FS NLRI is stopped ( temporary)
[0] https://github.com/chinatelecom-sdn-group/quagga_flowspec/
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: jaydom <chinatelecom-sdn-group@github.com>
prefix structure is used to handle flowspec prefixes. A new AFI is
introduced: AF_FLOWSPEC. A sub structure named flowspec_prefix is
used in prefix to host the flowspec entry.
Reason to introduce that new kind is that prefixlen from prefix
structure is too short to all the flowspec needs, since NLRI can go over
0xff bytes.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
In BGP, doing policy-routing requires to use table identifiers.
Flowspec protocol will need to have that. 1 API from bgp zebra has been
done to get the table chunk.
Internally, onec flowspec is enabled, the BGP engine will try to
connect smoothly to the table manager. If zebra is not connected, it
will try to connect 10 seconds later. If zebra is connected, and it is
success, then a polling mechanism each 60 seconds is put in place. All
the internal mechanism has no impact on the BGP process.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The library changes add 3 new messages to exchange between daemons and
ZEBRA.
- ZEBRA_TABLE_MANAGER_CONNECT,
- ZEBRA_GET_TABLE_CHUNK,
- ZEBRA_RELEASE_TABLE_CHUNK,
the need is that routing tables identifier are shared by various
services. For the current case, policy routing enhancements are planned
to be used in FRR. Poliy routing relies on routing tables identifiers
from kernels. It will be mainly used by the future policy based routing
daemon, but not only. In the flowspec case, the BGP will need also to
inject policy routing information into specific routing tables.
For that, the proposal is made to let zebra give the appropriate range
that is needed for all daemons.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The following types are nonstandard:
- u_char
- u_short
- u_int
- u_long
- u_int8_t
- u_int16_t
- u_int32_t
Replace them with the C99 standard types:
- uint8_t
- unsigned short
- unsigned int
- unsigned long
- uint8_t
- uint16_t
- uint32_t
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Upon a 'ip netns del' event, the associated vrf with netns backend is
looked for, then the internal contexts are first disabled, then
suppressed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
PR #1739 added code to leak routes between (default VRF) VPN safi and unicast RIBs in any VRF. That set of changes included temporary CLI including vpn-policy blocks to specify RD/RT/label/&c. After considerable discussion, we arrived at a consensus CLI shown below.
The code of this PR implements the vpn-specific parts of this syntax:
router bgp <as> [vrf <FOO>]
address-family <afi> unicast
rd (vpn|evpn) export (AS:NN | IP:nn)
label (vpn|evpn) export (0..1048575)
rt (vpn|evpn) (import|export|both) RTLIST...
nexthop vpn (import|export) (A.B.C.D | X:X::X:X)
route-map (vpn|evpn|vrf NAME) (import|export) MAP
[no] import|export [vpn|evpn|evpn8]
[no] import|export vrf NAME
User documentation of the vpn-specific parts of the above syntax is in PR #1937
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
When we are signaling to a client from zebra that a nexthop
has changed, include the labels on the nexthop as well.
Upper level protocols need to know if the labels exist
in order to make intelligent decisions about what to do.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When I use these functions and am programming on linux I
always have to pull up a man page for these two functions
since they exist in *BSD land only.
Modify the name of the size variable to destsize on
pass in to give me the small hint I need to know
what to do.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add code to allow nexthops to be written by people who are
interested in writing their own nexthop line.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Expose to the world the nhgc_find command so that
interested parties can find a stored nexthop group.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add a nexthop-group cli:
nexthop-group NAME
nexthop A
nexthop B
nexthop C
!
This will allow interested parties to hook into the cli for
nexthops. Users can add callback functions for add/delete
of a nexthop group as well as add/delete of each individual
nexthop.
Future work( PBR and static routes ) will take advantage
of this.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Vty commands that link netns context to a vrf is requiring some
privileges. The change consists in retrieving the privileges at the
vrf_cmd_init() called by the relevant daemon. Then use it.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Nobody uses it, but it's got the same definition. Move the parser
function into zclient.c and use it.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Add DEBUG*() macros
This set of macros allows you to write printf-like debugging lines that
automatically check whether a debug is on before printing. This should
eliminate the need for explicit checks in simple cases. For example:
if (SUCH_AND_SUCH_DEBUG_IS_ON) {
zlog_warn(...);
}
Becomes:
DEBUG(warn, such_and_such, ...);
Or, equivalently,
DEBUGE(such_and_such, ...);
The levels passed to DEBUG are expanded into the names of zlog_*
functions, so the same zlog levels are available. There's also a set of
macros that have the level built into them; DEBUGE for errors, DEBUGW
for warnings, etc. Good for brevity.
* Add singular setting macros
Change the 'SET' macros to accept a boolean indicating whether the
provided bits should be set or unset, and map on/off macros to them.
Helps condense code where you already have a boolean condition that
tells you what you want to do as you can avoid writing the branch.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Also modify `struct route_entry` to use nexthop_groups.
Move ALL_NEXTHOPS loop to nexthop_group.h
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Allow the calling daemon to pass down what table-id we
want to use to install the route. Useful for PBR.
The vrf id passed must be the VRF_DEFAULT else this
value is ignored.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The work_queue_free function free'd up the wq pointer but
did not set it too NULL. This of course causes situations
where we may use the work_queue after it is freed. Let's
modify the work_queue to set the pointer for you.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
If a interested party removes one of it's routes let
it know that it has happened as asked for.
Add a ZAPI_ROUTE_REMOVED to the send of the route_notify_owner
Add a ZAPI_ROUTE_REMOVE_FAIL to the send of the route_notify_owner
Add code in sharpd to notice this and to allow it to keep
track of routes removed for that invocation and give timing
results.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The buffer size is currently 4k. Increase x4 times to allow for bigger
messages to be sent over the zapi.
The current size sufficient for most cases, but there are a couple
of cases with installing data to the kernel ip rules where we will
quickly hit this 4k size limit. I forsee flowspec getting close
to this limit as well.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The NS_DEFAULT value returns UNKNOWN in the case the vrf lite backend is
used, whereas this is wrong. This commit fixes the default value.
Also, it fixes the default value in the case NETNS support from system
is not ok, or some error can occur when reading default NS at startup.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The current strategy for fine-grained debugging across FRR is to use
static long int bitfields, in combination with helper macros that are
copy-pasted between daemons, to hold state on what debugging information
should be collected at any given time. This has a couple of problems:
* These bitfields are generally extern'd and accessed everywhere, so
they are not MT-safe or easy to make MT-safe
* Lots of code duplication from copy-pasting the DEBUG_* macros...
* Code duplication because of the "term" vs "conf" debugging concept
This patch aims to remedy that by providing some infrastructure to work
with debugs. The core concept of using bitfields has been retained, but
the number of these for each debug has been reduced to 1. This allows
easy use of lock-free methods for synchronizing access to debugging
info.
The helper macros have also been retained but they are now collected in
one place and perform exclusively atomic operations.
Finally there is a bit of code that allows daemons to register
callbacks, which I used to implement a command that will toggle all
debugging for any daemons that use these facilities.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Add the originating routes type and instance to the nexthop
update message. This is necessary because there exist
scenarios where BGP needs to make a decision about the
originating route type and instance to know if it is
going to be doing a route replace to a route that would
resolve to itself.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The addition of some rmac code snuck in the usage of a
stream_get instead of a STREAM_GET()
We need to be using STREAM_GET()
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Implement support for EVPN symmetric routing for IPv6 routes. The next hop
for EVPN routes is the IP address of the remote VTEP which is only an IPv4
address. This means that for IPv6 symmetric routing, there will be IPv6
destinations with IPv4 next hops. To make this work, the IPv4 next hops are
converted into IPv4-mapped IPv6 addresses.
As part of support, ensure that "L3" route-targets are not announced with
IPv6 link-local addresses so that they won't be installed in the routing
table.
Signed-off-by: Vivek Venkatraman vivek@cumulusnetworks.com
Reviewed-by: Mitesh Kanjariya mitesh@cumulusnetworks.com
Reviewed-by: Donald Sharp sharpd@cumulusnetworks.com
Because socket creation is tightly linked with socket binding for vrf
lite, the proposal is made to extend socket creation APIs and to create
a new API called vrf_bind that applies to vrf lite. The passed interface
name is the interface that will be bound to the socket passed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
That API can be used to wrap the ioctl call with various vrf instances.
This permits transparently doing the ioctl() call without taking into
consideration the vrf backend kind.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This split is introducing logicalrouter.[ch] as the file that contains
the vty commands to configure logical router feature. The split has as
consequence that the backend of logical router is linux_netns.c formerly
called ns.c. The same relationship exists between VRF and its backend
which may be linux_netns.c file.
The split is adapting ns and vrf fiels so as to :
- clarify header
- ensure that the daemon persepctive, the feature VRF or logical router
is called instead of calling directly ns.
- this implies that VRF will call NS apis, as logical router does.
Also, like it is done for default NS and default VRF, the associated VRF
is enabled first, before NETNS is enabled, so that zvrf->zns pointer is
valid when NETNS discovery applies.
Also, other_netns.c file is a stub handler that will be used for non
linux systems. As NETNS feature is only used by Linux, some BSD systems
may want to use the same backend API to benefit from NETNS. This is what
that file has been done.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The vrf_sockunion_socket() wraps sockunion_socket() with vrf_id as
additional parameter. The creation of socket forces the user to
transparently move to new NETNS for doing the operation.
The vrf_getaddr_info() wraps getaddr_info() with vrf_id as additional
parameter. That API relies on the underlying system. Then there may be
need to switch to an other netns in that case too.
Also, the vrf_socket() implementation is simplified.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
For supporting vrf based on namespaces, it is possible that an interface
with the same index is present. This is the case for loopback
interfaces. For that, for each query, if the interface is not found
, matching the vrf identifier, then a new interface is created, when the
backens for VRF is NETNS.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
when the netns backend is selected for VRF, the default VRF is being
assigned a NSID. This avoids the need to handle the case where if the
incoming NSID was 0 for a non default VRF, then a specific handling had
to be done to keep 0 value for default VRF.
In most cases, as the first NETNS to get a NSID will be the default VRF,
most probably the default VRF will be assigned to 0, while the other
ones will have their value incremented. On some cases, where the NSID is
already assigned for NETNS, including default VRF, then the default VRF
value will be the one derived from the NSID of default VRF, thus keeping
consistency between VRF IDs and NETNS IDs.
Default NS is attempted to be created. Actually, some VMs may have the
netns feature, but the NS initialisation fails because that folder is
not present.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Two apis are provided so that the switch from one netns to an other one
is taken care.
Also an other API to know if the VRF has a NETNS backend or a VRF Lite
backend.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The addition of the name of the netns in the vrf message introduces also
a limitation when the size of the netns is bigger than 15 bytes. Then
the netns are ignored by the library.
In addition to this, some sanity checks have been introduced. some
functions to create the netns from a call not coming from the vty is
being added with traces.
Also, the ns vty function is reentrant, if the context is already
created.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Show vrf command displays information on the vrf, if it is related to
vrf kernel or if it is related to netns.
When a vrf from kernel is detected, before creating a new vrf, a check
is done against an already present vrf, and if that vrf is not a vrf
mapped with a netns. If that is that case, then the creation is
rejected.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The zebra netnamespace contexts are initialised, based on the callback
coming from the NS. Reversely, the list of ns is parsed to disable the
ns contexts.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
If vrf backend is netns, then the zebra will create its own
zebra_ns context for each new netns discovered. As consequence,
a routing table, and other contexts will be created for each
new namespace discovered. When it is enabled, a populate process
will be done, consisting in learning new interfaces and routes, and
addresses from other NETNS.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
In addition to have the possibility to create from vty vrf based on a
netns backend, the API will be made accessible from external, especially
for zebra that will handle the netns discovery part. This commit is
externalising following functions:
- netns_pathname
- ns_handler_create
- vrf_handler_create
Also, the VRF initialisation case when under NETNS backend is changed,
since the NS identifier may not be known at the configuration time,but
may be known later, under discovery process.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Upon following calls: interface poll, address poll, route poll, and
ICMPv6 handling, each new Namespace is being parsed. For that, the
socket operations need to switch from one NS to one other, to get the
necessary information.
As of now, there is a crash when dumping interfaces, through show
running-config.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Using the vrf backend kind, the vty command that configured netns
under vty will not be installed if the vrf backend is vrf lite
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
a vty command is added:
in addition to this command ( kept for future usage):
- [no] logical-router-id <ID> netns <NETNSNAME>
a new command is being placed under vrf subnode
- vrf <NAME>
[no] netns <NETNSNAME>
exit
This command permits to map a VRF with a Netnamespace.
The commit only handles the relationship between vrf and ns structures.
It adds 2 attributes to vrf structure:
- one defines the kind of vrf ( mapped under netns or vrf from kernel)
- the other is the opaque pointer to ns
The show running-config is handled by zebra daemon.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The netns backend is chosen by VRF if a runtime flag named vrfwnetns is
selected when running zebra.
In the case the NETNS backend is chosen, in some case the VRFID value is
being assigned the value of the NSID. Within the perimeter of that work,
this is why the vrf_lookup_by_table function is extended with a new
parameter.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The ZEBRA_FLAG_INTERNAL flag is used to signal to zebra that
the route being added, the nexthops for it can be recursively
resolved. This name keeps throwing me off when I read it
so let's rename to something that allows the developer to
understand what is going on.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
In the future we are going to have a rule_notify_owner
so make the distinction between the two types of notification
clearer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The notification of the owner was not properly decoding
the prefix and as such we were not properly reading the
table it was installed into.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This commit is the implementation of weak multicast traceroute.
It consists of IGMP module dealing with mtrace type IGMP messages
and client program mtrace/mtracebis for initiating mtrace queries.
Signed-off-by: Mladen Sablic <mladen.sablic@gmail.com>
Add the ability to pass in an afi to zebra. zebra_vrf keeps
track of the afi/label tuple and then does the right thing
before we call down. AF_MPLS does not care about v4 or v6
it just knows label and what device to use for lookup.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Modify mpls.h to rename MPLS_LABEL_ILLEGAL to be MPLS_LABEL_NONE.
Fix all pre-existing code that used MPLS_LABEL_ILLEGAL.
Modify the zapi vrf label message to use MPLS_LABEL_NONE as the
signal to remove label associated with a vrf.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add the ability to pass the lsp owner type through the zapi
and in addition add a new label type for the sharp protocol
for testing.
Finally modify zebra_mpls.h to not have defaults specified
for the enum. That way when we add a new LSP type the
compile fails and the person doing the addition knows
where he has to touch shit.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Turns out we had 3 different ways to define labels
all of them overlapping with the same meanings.
Consolidate to 1. This one choosen is consistent
naming wise with what the *bsd and linux kernels
use.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
For L3VPN's we need to create a label associated with the specified
vrf to be installed into the kernel to allow a pop and lookup
operation.
The new api is:
zclient_send_vrf_label(struct zclient *zclient, vrf_id_t vrf_id,
mpls_label_t label);
For the specified vrf_id associate the specified label for
a pop and lookup operation for forwarding.
To setup a POP and Forward use MPLS_LABEL_IMPLICIT_NULL
If the same label is passed in we ignore the call.
If the label is different we update entry.
If the label is MPLS_LABEL_NONE we remove
the entry.
This sets up the api. Future commits will have the functionality
to actually install into the kernel.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The nh_resolve_via_default function is an accessor function
for NHT in zebra. Let's move this function to it's proper
place.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Create a zapi_nexthop_update_decode function that both
pim and bgp use to decode the message from zebra.
There probably could be further optimizations but I opted
to keep the code as similiar as is possible between the
originals because they both make some assumptions about
code flow that I do not fully understand yet.
The real goal here is that I want to create a new
user of the nexthop tracking code from a higher level
daemon and I see no need to re-implement this damn
code again for a 3rd time.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* zebra/kernel_socket.c: include "rt.h" to provide the prototypes of
kernel_init() and kernel_terminate();
* lib/prefix.h: remove the deprecation warning whenever ETHER_ADDR_LEN
is used. isisd uses the ETHER_HDR_LEN constant which is defined in
terms of ETHER_ADDR_LEN in the *BSD system headers. So, when building
FRR on *BSD, we were getting several warnings because we were using
ETHER_ADDR_LEN indirectly;
* lib/command_lex.l, lib/defun_lex.l: ignore other harmless warnings;
* lib/spf_backoff.c: cast 'tv->tv_usec' to 'long int' before printing.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
None of these variables can actually be used before being initialized,
but unfortunately some old compilers are not smart enough to detect that.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The PIM_NODE command is only being used to display
default vrf configuration. Move this into the
vrf display and remove PIM_NODE.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Some work on FRR's pthread wrapper.
* Provide a built-in way to synchronize thread startup
* Make utility functions take frr_pthread * instead of its integer ID
* Pass frr_pthread * as pthread start function argument
* Correct some comment styling
* Rename some variables to match naming conventions in the file
* Change parameter ordering in stop function prototype to follow the
convention in the other functions
* Default new frr_pthreads to using a vanilla event loop
For the last point, the original goal when designing the implementation
of pthreads into FRR was to be able to use the thread.c event based
system inside pthreads. This code essentially encapuslates all the
thread.c functionality into an easy to use pthread out of the box.
Creating a new frr_pthread with a null attributes field will cause the
created frr_pthread to run a thread.c event loop. The upshot of this is
that it is now possible to safely run existing functions in a pthread in
roughly 3 lines of code. It also serves as an example / starting point
for others.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Refine the notion of what FRR considers as "configured" VRF. It is no longer
based on user just typing "vrf FOO" but when something is actually configured
against that VRF. Right now, in zebra, the only configuration against a VRF
are static IP routes and EVPN L3 VNI. Whenever a configuration is removed,
check and clear the "configured" flag if there is no other configuration for
this VRF. When user attempts to configure a static route and the VRF doesn't
exist, a VRF is created; the VRF is only active when also defined in the
kernel.
Updates: 8b73ea7bd479030418ca06eef59d0648d913b620
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Ticket: CM-10139, CM-18553
Reviewed By: CCR-7019
Testing Done:
1. Manual testing for L3 VNI and static routes - FRR restart, networking
restart etc.
2. 'vrf' smoke
<DETAILED DESCRIPTION (REPLACE)>
When shutting down, ensure that all VRFs including "configured" ones are
cleaned up properly.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-19069
Reviewed By: CCR-7011
Testing Done: Manual verification of failed scenario
A VRF is active only when the corresponding VRF device is present in the
kernel. However, when the kernel VRF device is removed, the VRF container in
FRR should go away only if there is no user configuration for it. Otherwise,
when the VRF device is created again so that the VRF becomes active, FRR
cannot take the correct actions. Example configuration for the VRF includes
static routes and EVPN L3 VNI.
Note that a VRF is currently considered to be "configured" as soon as the
operator has issued the "vrf <name>" command in FRR. Such a configured VRF
is not deleted upon VRF device removal, it is only made inactive. A VRF that
is "configured" can be deleted only upon operator action and only if the VRF
has been deactivated i.e., the VRF device removed from the kernel. This is
an existing restriction.
To implement this change, the VRF disable and delete actions have been modified.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Mitesh Kanjariya <mkanjariya@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Ticket: CM-18553, CM-18918, CM-10139
Reviewed By: CCR-7022
Testing Done:
1. vrf and pim-vrf automation tests
2. Multiple VRF delete and readd (ifdown, ifup-with-depends)
3. FRR stop, start, restart
4. Networking restart
5. Configuration delete and readd
Some of the above tests run in different sequences (manually).
In EVPN symmetric routing, not all subnets are presents everywhere.
We have multiple scenarios where a host might not get learned locally.
1. GARP miss
2. SVI down/up
3. Silent host
We need a mechanism to resolve such hosts. In order to achieve this,
we will be advertising a subnet route from a box and that box will help
in resolving the ARP to such hosts.
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
1. Added default gw extended community
2. code modification to handle sticky-mac/default-gw-mac as they go together
3. show command support for newly added extended community
4. State in zebra to reflect if a mac/neigh is default gateway
5. show command enhancement to refelect the same in zebra commands
Ticket: CM-17428
Review: CCR-6580
Testing: Manual
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
Abstract the code that sends the zapi message into zebra
for the turn on/off of nexthop tracking for a prefix.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The zclient->redist bitmap for vrf's was being set again
for the zclient_send_dereg_requests function. This should
be a unset on tear down.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
- Remove OSPD_SR route type
- Check that Segment Routing is enable only in default VRF
- Add comment for SRGB in lib/mpls.h
- Update documentation
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Because the VRF_ID is mapped into 32 bit, and because when NETNS will be
the backend of VRF, then the NS identifier must also be encoded as 32
bit.
Also, the NS_UNKNOWN value is changed accordingly to UINT32_MAX.
Also, the NS_UNKNOWN and NS_DEFAULT values are removed from zebra_ns.h
and kept on ns.h header file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The number of vrf bitmap groups is increased so as to avoid consuming
too much memory. This fix is related to a fork memory that occured when
running pimd as daemon.
A check on memory consumed shows that the memory consumed goes from
33480ko to 46888ko with that change. This is less compared to if the
value of the bitmap groups is increased to 16 ( 852776ko).
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This is a preparatory work for configuring vrf/frr over netns
vrf structure is being changed to 32 bit, and the VRF will have the
possibility to have a backend made up of NETNS.
Let's put some history.
Initially the 32 bit was because one wanted to map on vrf_id both the
VRFLITE and the NSID.
Initially, one would have liked to make zebra configure at the same time
both vrf lite and vrf from netns in a flat way. From the show
running perspective, one would have had both kind of vrfs, thatone
would configure on the same way.
however, it leads to inconsistencies in concepts, because it mixes vrf
vrf with vrf, and vrf is not always mapped with netns.
For instance, logical-router could also be used with netns. In that
case, it would not be possible to map vrf with netns.
There was an other reason why 32 bit is proposed. this is because
some systems handle NSID to 32 bits. As vrf lite exists only on
Linux, there are other systems that would like to use an other vrf
backend than vrf lite. The netns backend for vrf will be used for that
too. for instance, for windows or freebsd, some similar
netns concept exists; so it will be easier to reuse netns
backend for vrf, than reusing vrflite backend for vrf.
This commit is here to extend vrf_id to 32 bits. Following commits in a
second step will help in enable a VRF backend.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This is an implementation of draft-ietf-ospf-segment-routing-extensions-24
and RFC7684 for Extended Link & Prefix Opaque LSA.
Look to doc/OSPF_SR.rst for implementation details & known limitations.
New files:
- ospfd/ospf_sr.h: Segment Routing structure definition (SubTLVs + SRDB)
- ospfd/ospf_sr.c: Main functions for Segment Routing support
- ospfd/ospf_ext.h: TLVs and SubTLVs definition for RFC7684
- ospfd/ospf_ext.c: RFC7684 Extended Link / Prefix implementation
- doc/OSPF-SRr.rst: Documentation
Modified Files:
- doc/ospfd.texi: Add new Segment Routing CLI command definition
- lib/command.h: Add new string command for Segment Routing CLI
- lib/mpls.h: Add default value for SRGB
- lib/route_types.txt: Add new OSPF Segment Routing route type
- ospfd/ospf_dump.[c,h]: Add OSPF SR debug
- ospfd/ospf_memory.[c,h]: Add new Segment Routing memory type
- ospfd/ospf_opaque.[c,h]: Add ospf_sr_init() starting function
- ospfd/ospf_ri.c: Add new functions to Set/Get Segment Routing TLVs
Add new ospf_router_info_lsa_upadte() to send Opaque LSA to ospf_sr.c()
- ospfd/ospf_ri.h: Add new Router Information SR SubTLVs
- ospfd/ospf_spf.c: Add new scheduler when running SPF to trigger
update of NHLFE
- ospfd/ospfd.h: Add new thread for Segment Routing scheduler
- ospfd/subdir.am: Add new files
- vtysh/Makefile.am: Add new ospf_sr.c file for vtysh
- zebra/kernel_netlink.c: Add new OSPF_SR route type
- zebra/rt_netlink.[c,h]: Add new OSPF_SR route type
- zebra/zebra_mpls.h: Add new OSPF_SR route type
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
There are some observed instances where we end up trying to cancel a rw
job based on a file descriptor that we don't have a reference on. The
specific cancel function for rw jobs assumes it's called with a file
descriptor that is valid within pollfds and will cause a segmentation
fault by buffer overrun if this is not the case.
Instead log it and move on. Since the fd does not exist this should
patch over the buggy behavior and provide additional information to help
in finding the root cause.
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Modify if_lookup_by_index to accept a VRF_UNKNOWN
as a vrf_id. This will cause it to look in all
vrf's for the interface pointer.
Subsequently all if_XXXX functions that call this function
will also get this behavior.
VRF_UNKNOWN *should* not be used for interface creation
as that this will break some core assumptions.
This work is part of allowing vrf route leaking. Currently
it is possible to create a route in the linux kernel that has
a nexthop across vrf boundaries.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The zapi_ipv4_route, zapi_ipv6_route and zapi_ipv4_route_ipv6_nexthop
functions are deprecated. Add notice of when we can remove the
deprecated code from the system.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The constant to limit # of allowed cli tokens on any one line was
defined in multiple places, all inconsistent with each other. Fix.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Fix rare failure caused when end pointer is at end of buffer memory
and a call to ringbuf_get() is made that reads all of the data in the
buffer; start pointer was advanced past end pointer, causing some
special handling to be skipped
* Fix ringbuf_peek() moving start pointer
* Fix use after free
* Remove extraneous assignment
* Update relevant tests
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Peek functionality for ring buffers and associated tests.
Also:
* Slight optimization to avoid 0-byte memcpy() by changing > to >=
* Add rv checks for some ringbuf_[put|get] calls that were missing them
in the test
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
CLI config for enabling/disabling type-5 routes
router bgp <as> vrf <vrf>
address-family l2vpn evpn
[no] advertise <ipv4|ipv6|both>
loop through all the routes in VRF instance and advertise/withdraw
all ip routes as type-5 routes in default instance.
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
The $Id: lines would allow code kept in cvs to substitute
the file version upon checkout. Since we are not using
cvs there is no need to keep these lines anymore.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
ptm_lib.c had no way to cleanup after itself when an
error was detected. This adds a function to cleanup
context in such a case.
A followup commit will use this new functionality.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Some of the deprecated stream.h macros see such little use that we may
as well just remove them and use the non-deprecated macros.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
When we remove a thread from a pqueue, use the saved
index to go to the correct spot immediately instead of
having to search the whole queue for it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This should be allowed:
robot(config)# ip prefix-list outbound_asp_routes seq 33 permit 1.1.1.0/24 le 24
% Invalid prefix range for 1.1.1.0/24, make sure: len < ge-value <= le-value
This commit fixes the issue:
robot(config)# ip prefix-list outbound_asp_routes seq 33 permit 1.1.1.0/24 le 23
% Invalid prefix range for 1.1.1.0/24, make sure: len < ge-value <= le-value
robot(config)# ip prefix-list outbound_asp_routes seq 33 permit 1.1.1.0/24 le 24
robot(config)# ip prefix-list outbound_asp_routes seq 33 permit 1.1.1.0/24 le 25
robot(config)#
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add a daemon that will allow us to test the zapi
as well as test route install/removal times from
the kernel.
The current commands are:
install route <starting ip address> nexthop <nexthop> (1-1000000)
This command starts installing at <starting ip address>/32
(1-100000) routes that it auto-increments by 1
Installation start time is noted in the log and finish
time is noted as well.
remove routes <starting ip address> (1-1000000)
This command removes routes at <starting ip address>/32
and removes (1-100000) routes created by the install route
command.
This code can be considered experimental and *is not*
something that should be run in a production environment.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Allow the higher level protocol to specify if it would
like to receive notifications about it's routes that
it has installed.
I've purposely made it part of zclient_new_notify because
we need to track the routes on a per daemon basis only.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Provide ZAPI code that can pass to an upper level protocol
what happened to it's route on install.
There are these notifications:
1) ZAPI_ROUTE_FAIL_INSTALL - The route attempted to be
installed did not work.
2) ZAPI_ROUTE_BETTER_ADMIN_WON - A route that was installed
has become un-installed due to another routing protocol
installing a better admin distance
3) ZAPI_ROUTE_INSTALLED - The route specified has been installed
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Define JSON_C_TO_STRING_NOSLASHESCAPE used for
escaping forward slash.
Disply json output for
'show ip ospf route [vrf all] json'
Ticket:CM-18659
Reviewed By:
Testing Done:
Configure multiple non-default VRF, inject external routes
via redistribute to ospf area.
checked show ip ospf route vrf all /json based output.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Add write callback.
Add error callback.
Add frrzmq_check_events() function to check for edge triggered things
that may have happened after a zmq_send() call or so.
Update ZMQ tests.
Signed-off-by: ßingen <bingen@voltanet.io>
The safi encode/decode is using 2 bytes, which
may cause problems on some platforms. Let's assume
that a safi is a uint8_t and work accordingly.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This code modifies zebra to use the STREAM_GET functionality.
This will allow zebra to continue functioning in the case of
bad input data from higher level protocols instead of crashing.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Currently when stream reads fail, for any reason, we assert.
While a *great* debugging tool, Asserting on production code
is not a good thing. So this is the start of a conversion over
to a series of STREAM_GETX functions that do not assert and
allow the developer a way to program this gracefully and still
clean up.
Current code is something like this( taken from redistribute.c
because this is dead simple ):
afi = stream_getc(client->ibuf);
type = stream_getc(client->ibuf);
instance = stream_getw(client->ibuf);
This code has several issues:
1) There is no failure mode for the stream read other than assert.
if afi fails to be read the code stops.
2) stream_getX functions cannot be converted to a failure mode
because it is impossible to tell a failure from good data
with this api.
So this new code will convert to this:
STREAM_GETC(client->ibuf, afi);
STREAM_GETC(client->ibuf, type);
STREAM_GETW(client->ibuf, instance);
....
stream_failure:
return;
We've created a stream_getc2( which does not assert ),
but we need a way to allow clean failure mode handling.
This is done by macro'ing stream_getX2 functions with
the equivalent all uppercase STREAM_GETX functions that
include a goto.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This commit adds support for the RTR protocol to receive ROA
information from a RPKI cache server. That information can than be used
to validate the BGP origin AS of IP prefixes.
Both features are implemented using [rtrlib](http://rtrlib.realmv6.org/).
Signed-off-by: Marcel Röthke <marcel.roethke@haw-hamburg.de>
When we have a v4 or v6 prefix list, only
apply it via a match when the address families
are the same.
Fixes: #1339
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When using a non-integrated config and starting up
of a protocol daemon, we were not properly handling
all possible cases and as such when an user hit
an actual error they were getting (null) listed
for the message string.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This function is only called with non-blocking sockets [1], so there's
no need to worry about setting O_NONBLOCK and unsetting it later if the
given fd was a blocking socket. This saves us 4 syscalls per connect,
which is not much but is something.
Also, remove an outdated comment about the return values of this
function. It returns a 'connect_result' enum now, whose values are
self-explanatory (connect_error, connect_success and connect_in_progress).
This also fixes a coverity scan warning where we weren't checking the
return value of the fcntl() syscall.
[1] bgp_connect() and pim_msdp_sock_connect().
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
These are mostly trivial fixes for leaks in the error path of some functions.
The changes in bgpd/bgp_mpath.c deserves a bit of explanation though. In
the bgp_info_mpath_aggregate_update() function, we were allocating memory
for the lcomm variable but doing nothing with it. Since the code for
communities, extended communities and large communities is pretty much
the same in this function, it's clear that this was a copy and paste
error where most of the ext. community code was copied but not all of
it as it should have been.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Note: I had to remove one assert in clidef.py in order to fix a build
error when using a preprocessor string (FRR_IP_REDIST_STR_ZEBRA) inside
a DEFPY command. This should be revisited later.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
When displaying thread cpu data, display unsigned instead
of signed data when we get really really really large
numbers of invocations.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When free'ing memory associated with the wgraph, also
free memory malloced during the initialization.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
route_node_set is only called by route_node_get
which calls apply_mask. There is no need to do
this again.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
There is no need to generate a hash key *if* the hash_alloc_function
is NULL and the hash is empty.
This changed showed a measurable increase in performance for
table hash lookup for tables that were meant to be empty in
bgp( the distance commands ).
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When free'ing the workqueue if you have items
on the workqueue you should free the memory associated
with it.
Additionally move the work_queue_item_remove function
to allow for static to be awesome
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We expect that the index value passed in for argv_find
should be initially set to 0. This way if the cli
ever changes there is no need to modify the initial
value.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This improves code readability and also future-proofs our codebase
against new changes in the data structure used to store interfaces.
The FOR_ALL_INTERFACES_ADDRESSES macro was also moved to lib/ but
for now only babeld is using it.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
If the p1 and p2 arguments pointed to identical strings ending with
a non-numeric character (e.g. "lo"), this function would return -1
instead of 0 as one would expect. This inconsistency didn't matter
for sorted linked-lists but for red-black trees it's a major source
of problems.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Performance tests showed that, when running on a system with a large
number of interfaces, some daemons would spend a considerable amount
of time in the if_lookup_by_index() function. Introduce a new rb-tree
to solve this problem.
With this change, we need to use the if_set_index() function whenever
we want to change the ifindex of an interface. This is necessary to
ensure that the 'ifaces_by_index' rb-tree is updated accordingly. The
return value of all insert/remove operations in the interface rb-trees
is checked to ensure that an error is logged if a corruption is
detected.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
IFINDEX_DELETED is not necessary anymore as we moved from a global
list of interfaces to a list of interfaces per VRF.
This reverts commit 84361d615.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is an important optimization for users running FRR on systems with
a large number of interfaces (e.g. thousands of tunnels). Red-black
trees scale much better than sorted linked-lists and also store the
elements in an ordered way (contrary to hash tables).
This is a big patch but the interesting bits are all in lib/if.[ch].
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Make use of strnlen() and strlcpy() so we can get rid of these
convoluted if_*_by_name_len() functions.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The compiler cannot guess that rise() will not return here.
One should help.
Warning:
Access to field 'file' results in a dereference of a null pointer
(loaded from variable 'error')
aka error->file while error is NULL.
Signed-off-by: Vincent Jardin <vincent.jardin@6wind.com>
Currenlty, this function is used only by:
- unit test of csv.c (see its main() section)
- ptm_lib.c
In case of ptm, it is safe to return NULL because:
csv_encode_record() -> return NULL
_ptm_lib_encode_header() -> return NULL
the only consumer of the return value is: ptm_lib_init_msg()
that checks the NULL return.
Warning:
Access to field 'field_len' results in a dereference of a null
pointer (loaded from variable 'fld')
Signed-off-by: Vincent Jardin <vincent.jardin@6wind.com>
We should assume match OK only when neither nhl1
and neither nhl2 are NULL.
If both are NULL, it means match NOK.
Clang Warning:
Access to field 'num_labels' results in a dereference of a null
pointer (loaded from variable 'nhl1')
Signed-off-by: Vincent Jardin <vincent.jardin@6wind.com>
Let's assert(NULL) if the datastructure is not set.
The code assumes that the pointer is always non NULL. So, let's enforce
this semantic.
Signed-off-by: Vincent Jardin <vincent.jardin@6wind.com>
list_free is occassionally being used to delete the
list and accidently not deleting all the nodes.
We keep running across this usage pattern. Let's
remove the temptation and only allow list_delete
to handle list deletion.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Convert the list_delete(struct list *) function to use
struct list **. This is to allow the list pointer to be nulled.
I keep running into uses of this list_delete function where we
forget to set the returned pointer to NULL and attempt to use
it and then experience a crash, usually after the developer
has long since left the building.
Let's make the api explicit in it setting the list pointer
to null.
Cynical Prediction: This code will expose a attempt
to use the NULL'ed list pointer in some obscure bit
of code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Current cleanup is for unset values or variables that are not used anymore.
Regarding ospfd/ospf_vty.c: argv_find()
we'll never get it NULL, so get coststr = argv[idx]->arg;
The word Multiplier has been abbreviated to 'Mul' in
the output. This apparently is causing people
angst. Write word out.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
list_delete does not set the list pointer to NULL
Thus when we accidently use it later we happily write
off into lala land instead of crashing imediately
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Somehow F_SETLK was failing for me a couple of days ago, and not being
able to see the errno value was frustrating.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is a fallout from PR #1022 (zapi consolidation). In the early days,
the client daemons would allocate enough memory to send all nexthops
to zebra. Then zebra would add all nexthops to the RIB and respect
MULTIPATH_NUM only when installing the routes in the kernel. Now things
are different and the client daemons can send at most MULTIPATH_NUM
nexthops to zebra, and failure to respect that will result in a buffer
overflow. The MULTIPATH_NUM limit in the new zebra API is a small price
we pay to avoid allocating memory for each route sent to zebra.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
This fixes the following
cel-redxp-10# show debugging
Debugging Information for zebra:
Zebra debugging status:
Debugging Information for bgpd:
BGP debugging status:
Debugging Information for watchfrr:
% Command incomplete.
% Command incomplete.
cel-redxp-10#
This fixes the broken indentation of several foreach loops throughout
the code.
From clang's documentation[1]:
ForEachMacros: A vector of macros that should be interpreted as foreach
loops instead of as function calls.
[1] http://clang.llvm.org/docs/ClangFormatStyleOptions.html
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
VARIABLE tokens must be all uppercase, this allows us to support WORD
tokens that begin with an uppercase letter. The "Null0" keyword is an
example of where this is needed.
The only VARIABLE we had that wasn't already all uppercase was
ASN:nn_or_IP-address:nn
When matching user input against a CLI graph, we keep a stack of tokens
matched. Stack size was limited to 64, making the effective number of
tokens that could be entered on a line 64. This is too limiting in some
circumstances, so bump it to 256 (and document it).
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Tentative thread-safety support for zlog. Functions designed to be
called from signal handlers are not mt-safe.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
There exists situations where it is possible to have duplicate
nexthops passed from a higher level protocol into zebra.
This code notices this duplication of nexthops and marks
the duplicates as DUPLICATE so we don't attempt to install
it into the kernel.
This is important on *BSD as I understand it because passing
duplicate nexthops will cause the route to be rejected.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
1) Some hash key functions where converting pointers
directly to a 32 bit value via downcasting. Pointers
are 64 bit on a majority of our platforms.
2) Some hashes were being created with 256 entries,
downsize the hash creation size to more appropriate
values.
3) Add hash names to hash creation so we can watch
the hash via 'show debugging hashtable'
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
There are 3 different implementations of is_prefix.
Standardize on is_prefix_default and fix it's implementation.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
If the user configures some command that is already in the config we
should return CMD_WARNING instead of CMD_WARNING_CONFIG_FAILED
Create a new function prefix_list_apply_which_prefix which
will return a pointer to the matching prefix that caused
the acceptance/denial.
This change will be used in future commits.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
There are a variety of cli's associated with the
'set metric ...' command. The problem that we
are experiencing is that not all the daemons
support all the varieties of the set metric
and the returned of NULL during the XXX_compile
phase for these unsupported commands is causing
issues. Modify the code base to only return
NULL if we encounter a true parsing issue.
Else we need to keep track if this metric
applies to us or not.
In the case of rip or ripngd if the metric
passed to us is greater than 16 just turn
it internally into a MAX_METRIC.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
vty_frame() can be used to reduce the amount of output produced by "show
running-config" and "write ...". It buffers output in struct vty->frame
(1024 bytes) and outputs it when vty_out is called. If vty_out isn't
called, it can be removed with vty_endframe() later.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
1. Change hostname_get to cmd_hostname_get
2. Change domainname_get to cmd_domainname_get
3. New API to set domainname
3. Provide a CLI command to set domainname
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
This allows running the daemons inside of Linux network namespaces
without messing with an additional mount/fs namespace (or a ton of
options).
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This uses zmq_getsockopt(ZMQ_FD) to create a libfrr read event, which
then wraps zmq_poll and calls an user-specified ZeroMQ read handler.
It's wrapped in a separate library in order to make ZeroMQ support an
installation-time option instead of build-time.
Extended to support per-message and per-fragment callbacks as discussed
with Bingen in PR #566.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This provides an API to pass around extra information for errors, more
than a simple return value can carry. This is particularly used for the
Cap'n Proto interface to be able to report more useful errors.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
blackhole support was horribly broken. cleanup by removing blackhole
stuff from ZEBRA_FLAG_*
introduces support for "prohibit" routes (Linux/netlink only)
also clean up blackhole options on "ip route" vty commands.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
FLAG_BLACKHOLE is used for different things in different places. remove
it from the zclient API, instead indicate blackholes as proper nexthops
inside the message.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Specifically, gcc 4.2.1 on OpenBSD 6.0 warns about these; they're bogus
(gcc 4.2, being rather old, isn't quite as "intelligent" as newer
versions; the newer ones apply more logic and less warnings.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
In certain situations, the CLI matcher would not handle ambiguous
commands properly. If it found an ambiguous result in a lower subgraph,
the ambiguous result would not correctly propagate up to previous frames
in the resolution DFS as ambiguous; instead it would propagate up as a
non-match, which could subsequently be overridden by a partial match.
Example CLI space:
show ip route summary
show ip route supernet-only
show ipv6 route summary
Entering `show ip route su` would result in an ambiguous resolution for
the `show ip route` subgraph but would propagate up to the `show ip`
subgraph as a no-match, allowing `ip` to partial-match `ipv6` and
execute that command.
In this example entering `show ip route summary` would disambiguate the
`show ip` subgraph. So this bug would only appear when entering input
that caused ambiguities in at least two parallel subgraphs.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Add the RMAP_COMPILE_SUCCESS and switch over to using it.
Refactoring allows a removal of a if statement to just
use the switch statement already in place. Additionally
the reworking cleans up memory freeing in a couple of spots.
In one spot we no longer will leak memory too.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Set default hostname in frr to unix hostname.
Provide APIs to get the hostname/domaninanme
Use this APIs where needed
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
If we assign MULTIPATH_NUM to be 256, this causes issues
for us since 256 is bigger than a u_char. So let's make
the api's multipath_num to be a u_int16_t and pass it
around as a word.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Some differences compared to the old API:
* Now the redistributed routes are sent using address-family
independent messages (ZEBRA_REDISTRIBUTE_ROUTE_ADD and
ZEBRA_REDISTRIBUTE_ROUTE_DEL). This allows us to unify the ipv4/ipv6
zclient callbacks in the client daemons and thus remove a lot of
duplicate code;
* Now zebra sends all nexthops of the redistributed routes to the client
daemons, not only the first one. This shouldn't have any noticeable
performance implications and will allow us to remove an ugly exception
we had for ldpd (which needs to know all nexthops of the redistributed
routes). The other client daemons can simply ignore the nexthops if
they want or consult just the first one (e.g. ospfd/ospf6d/ripd/ripngd).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
With prefix_ptr or prefix_ls, there can still be stuff in a struct
prefix that we shouldn't hash.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Also fixes misuse of vector_slot() - that one doesn't check for access
beyond end of vector...
And print node names in grammar sandbox "printall".
Fixes: #543
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Register add/delete hooks with the prefix list code to properly change
ospf6_area's prefix list in/out pointers.
There are 2 other uncached uses of prefix lists in the ASBR route-map
code and the interface code; these should probably be cached too. (To
be fixed another day...)
Fixes: #453
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
if we're using --terminal, the daemon may in some cases exit fast enough
for the parent to see this; this resulted in a confusing/bogus "failed
to start, exited 0" message.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
adds a new all-daemon "debug memstats-at-exit" command. Also saves
memstats to a file in /tmp, useful if a long-running daemon is having
weird issues (e.g. in a user install).
Fixes: #437
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
As noticed in 657cde1, the zapi_ipv[4|6]_route functions are broken in
many ways and that's the reason that many client daemons (e.g. ospfd,
isisd) need to send handcrafted messages to zebra.
The zapi_route() function introduced by Donald solves the problem
by providing a consistent way to send ipv4/ipv6 routes to zebra with
nexthops of any type, in all possible combinations including IPv4 routes
with IPv6 nexthops (for BGP unnumbered routes).
This patch goes a bit further and creates two new address-family
independent ZAPI message types that the client daemons can
use to advertise route information to zebra: ZEBRA_ROUTE_ADD and
ZEBRA_ROUTE_DELETE. The big advantage of having address-family independent
messages is that it allows us to remove a lot of duplicate code in zebra
and in the client daemons.
This patch also introduces the zapi_route_decode() function. It will be
used by zebra to decode route messages sent by the client daemons using
zclient_route_send(), which calls zapi_route_encode().
Later on we'll use this same pair of encode/decode functions to
send/receive redistributed routes from zebra to the client daemons,
taking the idea of removing code duplication to the next level.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This patch introduces the following changes to the zapi_route structure
and associated code:
* Use a fixed-size array to store the nexthops instead of a pointer. This
makes the zapi_route() function much easier to use when we have multiple
nexthops to send. It's also much more efficient to put everything on
the stack rather than allocating an array in the heap every time we
need to send a route to zebra;
* Use the new 'zapi_nexthop' structure. This will allow the client daemons
to send labeled routes without having to allocate memory for the labels
(the 'nexthop' structure was designed to be memory efficient and doesn't
have room for MPLS labels, only a pointer). Also, 'zapi_nexthop' is more
compact and more clean from an API perspective;
* Embed the route prefix inside the zapi_route structure. Since the
route's prefix is sent along with its nexthops and attributes, it makes
sense to pack everything inside the same structure.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
route_node->lock is "const" if --enable-dev-build is used. This is done
to deter people from messing with internals of the route_table...
unfortunately, the inline'd route_[un]lock_node runs into this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Change all callers of IPV4_ADDR_SAME() to pass a pointer to a struct in_addr
Use assignment and comparison instead of memcpy() and memcmp(). Avoids function
calls. Faster.
Signed-off-by: Jorge Boncompte <jbonor@gmail.com>
Convert the work queue implementation to not use the generic linked list
to mantain the item list and use instead a simple queue from queue.h that
does not allocate memory for each node.
Signed-off-by: Jorge Boncompte <jbonor@gmail.com>
The simple queue implementation in OpenBSD and FreeBSD are called diferently,
standardize in the use of the FreeBSD version and map the missing names only
if we compile on OpenBSD.
Signed-off-by: Jorge Boncompte <jbonor@gmail.com>
This allows modules to register their own additional hooks on interface
creation/deletion.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Start creating a counterpart to frr_init and frr_late_init.
Unfortunately, some daemons don't do any exit handling, this doesn't
change that just yet.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Allow registering callbacks with a priority value used to order them
relative to each other. Plus a reverse variant that just flips the
direction on priorities.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The specific code here needs to establish an absolute order of more
specific to less specific possible matches in a prefix list. This is
indirectly checked by an assert on insertion, because the "next best"
entry is required to be consistent even when joining multiple chains
of candidates.
Unfortunately, trie_install_fn() would insert entries too far ahead in
the chain if another entry with higher sequence number was seen. This
breaks the trie and (rightfully) triggers the assertion failure on
insert.
Fixes: #937
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
c9c8d0d ("lib: close stdin/out/err in non-terminal case") overshot its
goal and closes stdin/stdout/stderr even when a daemon is running in
foreground. That means stdout logging & exit memory reporting are both
broken.
Reported-by: Lou Berger <lberger@labn.net>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
ospfd crashes upon configuring multi-instance ospf
i.e 'router ospf x'.
ospfd can return CMD_NOT_MY_INSTANCE which
is not supported in lib/commands
Support two of the error codes
CMD_NOT_MY_INSTANCE and CMD_WARNING_CONFIG_FAILED
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
This bgp-specific command had its positive form defined only in bgpd and
its negative form defined only in lib, which broke the whole rule for
other daemons.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
- couldn't load back written configs because it was trying to parse
"any" as MAC address
- don't need special-casing in filter_match_zebra(), exact is going to
be 0 for AF_ETHERNET anyway
- some vty formatting was slightly different
- is_zero_mac now static to prefix.c
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Previous strategy was to resize the hash table when the length of any
one bucket exceeded a certain size, with some logic for intelligently
stopping resizes when the gains from doing so weren't sufficient. While
this was a good idea that attempted to optimize both space and lookup
time, unfortunately under transient degenerate conditions this led to
some issues with the tables not resizing when they should have,
harming performance. The resizing restriction was lifted, but this had
the result of exacerbating degenerate behavior and caused out of memory
conditions.
This patch changes the hash expansion criterion to be based on the
number of elements in the table. Once the # of elements in the table
exceeds the number of buckets, the table size is doubled. While the
space efficiency of this method decreases relative to the perfectness of
the hash function, at least this strategy puts the table performance
squarely in the hands of the hash function.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
If we receive a notification from zebra indicating that the installation
of a pseudowire has failed (e.g. no reachability), send a PW Status
notification to the remote peer (or a Label Withdraw if the remote peer
doesn't support the PW Status TLV).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Base framework for supporting MPLS pseudowires in FRR.
A consistent zserv interface is provided so that any client daemon
(e.g. ldpd, bgpd) can install/uninstall pseudowires in a standard
way. Static pseudowires can also be implemented by using the same
interface.
When zebra receives a request to install a pseudowire and the installation
in the kernel or hardware fails, a notification is sent back to the
client daemon and a new install attempt is made every 60 seconds (until
it succeeds).
Support for external dataplanes is provided by the use of hooks to
install/uninstall pseudowires.
Signed-off-by: ßingen <bingen@voltanet.io>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
If OSPF_LS_REFRESH_TIME is 60, min_delay in ospf_refresher_register_lsa
function (ospf_lsa.c) would be negative, so index (which is unsigned)
would be out of range, causing a segfault.
Signed-off-by: ßingen <bingen@voltanet.io>
watchfrr doesn't know if there will be -u/-g options on the individual
daemons, so it doesn't know what the appropriate ownership is.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Disable this in the code to make it hard for people to shoot themselves
in the foot. It's only left as a remnant for development use.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
There is no need for special casing of mac addresses,
since the mac address is it's own type integrated
into `struct prefix` now.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
1. Added support to create mac filters
2. Enabled route-map commands for EVPN address family
3. Provision to add mac filters under match clause in route-maps
Ticket: CM-16349
Review: CCR-6190
Unit-test: Manual (logs attached to ticket)
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
The defines:
ONE_DAY_SECOND
ONE_WEEK_SECOND
ONE_YEAR_SECOND
were being defined all over the system, move the
define to a central location.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This adds "@tcp" as new choice on the -z option present in zebra and the
protocol daemons. The --enable-tcp-zebra option on configure is no
longer needed, both UNIX and TCP socket support is always available.
Note that @tcp should not be used by default (e.g. in an init script),
and --enable-tcp-zebra should never have been in any distro package
builds, because
**** TCP-ZEBRA IS A SECURITY PROBLEM ****
It allows arbitrary local users to mess with the routing table and
inject bogus data -- and also ZAPI is not designed to be robust against
attacks.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Behind END_TKN, there is another graph node whose data pointer is
actually struct cmd_element instead of struct cmd_token. Don't try to
interpret that as cmd_token. This causes very interesting crashes when
ASLR decides to give one of the strings of a command definition a lower
32-bit value that is a valid cmd_token_type (e.g. FORK_TKN).
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Multi-Instance OSPF configuration CLI would fail because
first client return error upon seeing qobj_index being 0.
With new marco generate new error code to return from each
instance (vtysh client) and if the command is intended for given
instance, its qobj_index would be nonzero and process the command
and push correct ospf context. Other instance would return the error.
On vtysh end, check all instance return an error log a message to a
file.
Testing Done:
Verfied various MI-OSPF configuration CLI with multi instances.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
From discussion we decided that we should use ETH_ALEN instead
of ETHER_ADDR_LEN. Add ETH_ALEN to prefix.h and make
ETHER_ADDR_LEN generate a warning when used( but still work ).
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Since we were only setting vty->wfd in config_write, vty->fd would
remain 0 and vty_close() wouldn't close vty->wfd.
Clean up the entire fd closing and make it more explicit. We were even
trying to write to stdin...
Reported-by: Jorge Boncompte <jbonor@gmail.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
BUILT_SOURCES doesn't do what the name suggests. What it actually means
is "these files should be built first when doing a 'make' without
explicit target" (or "make all").
It's pretty much almost always wrong to use BUILT_SOURCES, the only
correct use is when a file is needed by an unspecified / large set of
files.
Also remove version.h and route_types.h from dist tarball while we're at
it. configure will create them anyway.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Oops, forgot this path... in the --terminal case, stdio is closed when
the user ends the terminal session, but without terminal it was left
open.
(This caused a ssh session hang in the CentOS6 CI because the file
descriptors were still open, so ssh would keep the session alive...)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Now that the logging hole is plugged, we can just print config-loading
errors to the log. This has 2 hidden advantages:
- vty_read_config calls in SIGHUP don't print errors to /dev/null
- errors are consistently printed to syslog on --enable-cumulus
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
zlog_* doesn't work in startup before we've loaded the real logging
configuration. Add some code to log to stderr for that window of time.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
If the paths for pid or vty don't exist, try creating them. Failure is
ignored (on EEXIST) or prints a non-fatal warning (other errors).
Fixes: #507
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This splits off privs_preinit(), which does the lookups for user and
group IDs. This is so the init code can create state directories while
still running as root.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The OpenBSD's cp(1) command doesn't support the -v option. This will
change in the next releases (starting from v6.2) but this patch fixes
the problem for v6.1 and older releases.
Fixes Issue #875.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
- SIGTSTP appropriately suspends the foreground terminal
- SIGINT causes the daemon to exit, regardless of -d
- SIGQUIT causes the daemon to daemonize, regardless of -d
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Block the parent process until the child has reached the main loop, e.g.
full service is available.
This means it's no longer neccessary to add a "safety sleep" for daemon
cross-dependencies, when using the -d startup option. This doesn't help
if -d isn't used.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Linux -> TCP_CORK is enabled by default
*BSD -> The equivalent is TCP_NOPUSH
As such sockopt_cork is effectively useless
especially since the two places it is used
do it right before TCP writes then disable
it right after the writes are over.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Switch statements are more elegant (and potentially faster... but that's
not the main motivation).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
SAFI values have been a major source of confusion over the last few
years. That's because each SAFI needs to be represented in two different
ways:
* IANA's value used to send/receive packets over the network;
* Internal value used for array indexing.
In the second case, defining reserved values makes no sense because we
don't want to index SAFIs that simply don't exist. The sole purpose of
the internal SAFI values is to remove the gaps we have among the IANA
values, which would represent wasted memory in C arrays. With that said,
remove these reserved SAFIs to avoid further confusion in the future.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
swpX peers all start out with the same sockunion so initially they all
go into the same hash bucket. Once IPv6 ND has worked its magic they
will have different sockunions and will go in different buckets...life
is good.
Until then though, we are in a phase where all swpX peers have the same
socknunion. Once we have HASH_THRESHOLD (10) swpX peers and call
hash_get for a new swpX peer the hash code calls hash_expand(). This
happens because there are more than HASH_THRESHOLD entries in a single
bucket so the logic is "expand the hash to spread things out"...in our
case expanding doesn't spread out the swpX peers because all of their
sockunions are the same.
I looked at having peer_hash_make and peer_hash_same consider the ifname
of the swpX peer but that is a large change that we don't want to make
at the moment. So the fix is to put a cap on how large we are
willing to let the hash table get. By default there is no limit but if
max_size is set we will not allow the hash to expand above that.
Adds an array of descriptive names for each CLI node, plus a runtime
check to make sure folks don't forget to update it.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Commit 8f942af90 introduced a bug while silencing a clang warning. Silence
the warning in a different way to fix our red-black tree implementation.
Fixes#841.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
We should preserve the original indentation to make it easier to keep
these files in sync with the upstream.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The pimregX devices when created by the kernel are put into
the default vrf. When pim gets the callback that the device
exists, check to see if it is a pimregX device and if so
move it into the appropriate vrf.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This reverts commit c14777c6bf.
clang 5 is not widely available enough for people to indent with. This
is particularly problematic when rebasing/adjusting branches.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Before the fix NHT had each path resolving via swp1
cel-redxp-10# show ip route 20.0.11.253
Routing entry for 20.0.11.0/24
Known via "bgp", distance 20, metric 0, best
Last update 00:00:20 ago
* 169.254.0.1, via swp1
* 169.254.0.17, via swp2
cel-redxp-10#
cel-redxp-10# show ip nht
[snip]
20.0.11.253
resolved via bgp
via 169.254.0.1, swp1
via 169.254.0.1, swp1
Client list: pim(fd 19)
After the fix
cel-redxp-10# show ip nht
[snip]
20.0.11.253
resolved via bgp
via 169.254.0.1, swp1
via 169.254.0.17, swp2
Client list: pim(fd 19)
A {foo|bar|baz} graph node will have more than 1/2 incoming links even
if no other references are left to it (which is what the assert was
previously trying to ensure.)
I don't see a good way to "fix" the assert so I'm just removing it.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The label initializer & nhrpd variable are just to shut up GCC 7,
the other two are actual bugs.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
This allows frr-reload.py (or anything else that scripts via vtysh)
to know if the vtysh command worked or hit an error.
Instead of having an ?: expression embedded in every single caller of
vty_out, just expand \n to \r\n in the vty code if neccessary.
(Deprecation warnings will be enabled in the next commits which will do
the search-and-replace over the codebase.)
[This reverts commit 4d5f445 "lib: add vty_outln()"]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Pretty-prints variable autocompletions by breaking them up into multiple
lines, indenting them consistently and respecting the column width of
the terminal.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Implement configuration options for EVPN. The configuration options include
VNI configuration with RD and Import and Export Route Targets. Also, display
the EVPN configuration.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Implement handling of MACs and Neighbors (ARP/ND entries) in zebra:
- MAC and Neighbor database handlers
- Read MACs and Neighbors from the kernel, when needed and create
entries in zebra's MAC and Neighbor databases.
- Handle add/update/delete notifications from the kernel for MACs and
Neighbors and update zebra's database appropriately
- Inform locally learnt MACs and Neighbors to client
- Handle MACIP add/delete from client and install appriporiate entries
into the kernel
- Since Neighbor entries will be installed on an SVI, implement the
needed mappings
NOTE: kernel interface is only implemented for Linux/netlink
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Implement fundamental handling for VNIs and VTEPs:
- Handle EVPN enable/disable by client (advertise-all-vni)
- Create/update/delete VNIs based on VxLAN interface events and inform
client
- Handle VTEP add/delete from client and install into kernel
- New debug command for VxLAN/EVPN
- kernel interface (Linux/netlink only)
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Some platforms don't support 64-bit atomics, missed converting a
floating point pow() to an integral mul when changing SD algo.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Restoring some code that was unintentionally removed when we were
migrating to Quentin's parser.
This shows up as still reachable allocation on exit, which is somewhat
misleading. Note this only affects --enable-dev-build.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
"$(top_srcdir)" is not on the include path, but "$(top_srcdir)/lib" is.
This is relevant when building with a separate build directory.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
hash_cmd_init will overwrite _hashes with a new list, while _hashes
already has been initialised from cmd_init(), thread_master_create(), or
any other function that may have created a hash.
Found while valgrind'ing ospf6d/test_lsdb.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Most read accesses of route_table are actually exact matches where
walking down the tree is wildly inefficient. Use a parallel hash
structure instead.
This significantly speeds up processes that are performance-bound by
table accesses, e.g. BGP withdraw processing. In other locations, the
improvement is not seen as strongly, e.g. when filter processing is the
limiting factor.
[includes fix to ignore prefix host bits in hash comparison]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
route_node->parent and route_node->link shouldn't be touched by user
code since that is a recipe for trouble once we have a hash table in
parallel.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This allows passing struct prefix_{ipv4,ipv6,evpn} * in addition to
struct prefix * without an extra cast (since the union uses the gcc
transparent-union extension present in all compilers that we support.)
Also applies some "const" while we're at it.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Consuming va_args modifies its internal bits, hence the need to copy
it... but the copying wasn't quite right just yet.
Fixes: 4d5f445 ("lib: add vty_outln()")
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
NetBSD can't take the square root of a long double
and we should be fine just using a double here anyway
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adds the ability to name hash tables, and a new cli command that will
show various summary statistics for named hash tables.
Statistics computed are
- load factor
- full load factor (see comments)
- stddev of full load factor
Standard deviation is computed by storing the sum of squares of bucket
lengths. This is somewhat susceptible to overflow. On platforms where a
double is 32 bits, placing 65535 or more elements into a hash table
opens up the potential for overflow, depending on how they are arranged
in buckets (which depends on the hash function). For example, placing
65535 elements into one hash bucket would cause ssq overflow, but
distributing 40000000 elements evenly among 400000 buckets (100 elements
per bucket) would not.
These cases are extremely degenerate, so the vague possibility of
overflow in an informational command is deemed an acceptable tradeoff
for constant time calculation of variance without locks or compromising
efficiency of actual table operations.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adds a function that calculates various statistics on our implementation
of a hash table. These are useful for evaluating performance.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Fix bad format specifier in thread.[ch]
* Move PRINTF_ATTRIBUTE macro to zebra.h
* Use PRINTF_ATTRIBUTE on termtable printers
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Add support for naming pthreads. Also, note that we don't have any
records yet if that's the case.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This patch fixes up show thread commands so that they know about
and operate on all extant thread_masters, since we can now have multiple
running in any given application.
This change also eliminates a heap use after free that appears when
using a single cpu_record shared among multiple threads. Since struct
thread's have pointers to bits of memory that are freed when the global
statistics hash table is freed, later accesses are invalid. By moving
the stats hash to be unique to each thread_master this problem is
sidestepped.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
json-c does not (yet) offer support for unsigned integer types, and
furthermore, the docs state that all integers are stored internally as
64-bit. So there's never a case in which we would want to limit,
implicitly or otherwise, the range of an integer when adding it to a
json object.
Among other things this fixes the display of ASN values greater than
(1/2) * (2^32 - 1)
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The if_update function was taking the interface name as
input and reapplying it, using strncpy to reapply the name.
This has several issues. strncpy should not be used
to copy memory in place. The second issue is that
the interface name is not actually changing when we
update interface to be in the new vrf.
Since every usage of if_update was just reapplying the same
name the interface actually had, just remove that part of
the function and rename it to if_update_to_new_vrf
to represent what it is actually doing.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Issue reported that a configuration commonly used on other routing implementations
fails in frr. If under ospf, "network 172.16.1.1/32 area 0" or under eigrp, "network
172.16.1.1/32" is entered, the appropriate interfaces are not included in the routing
protocol. This was because the code was calling prefix_match, which did not match if
the network statement had a longer mask than the interface being matched. This fix
takes away that restriction by creating a "lib/prefix_match_network_statement" function
which doesn't care about the mask of the interface. Manual testing shows both ospf and
eigrp now can be defined with more specific network statements.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
When vtysh sends 'exit' to a daemon, we set the vty->status to
VTY_CLOSE but never actually close the connection. Lovely.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
log.c provides functionality for associating a constant (typically a
protocol constant) with a string and finding the string given the
constant. However this is highly delicate code that is extremely prone
to stack overflows and off-by-one's due to requiring the developer to
always remember to update the array size constant and to do so correctly
which, as shown by example, is never a good idea.b
The original goal of this code was to try to implement lookups in O(1)
time without a linear search through the message array. Since this code
is used 99% of the time for debugs, it's worth the 5-6 additional cmp's
worst case if it means we avoid explitable bugs due to oversights...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
ospf redefines the standard route map commands which causes ambiguity
issues in the CLI parser, it also uses a signed integer to hold an
unsigned quantity leading to weirdness when specifying metrics larger
than 2,147,483,647
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
indicate which daemon was the source of the message and that it may be a
question of daemon support rather than a malformed argument
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
So the *bsd implementations of RB Tree's for older
platforms use a macro implementation. New platforms
have converted to a function implementation that uses
a different calling parameter list. So when
we attempt to build FRR on older *bsd implementations
the macro's and functions do not interact too well.
As a workaround put the openbsd-tree.h #include
inside of zebra.h at a point before the particular
platforms version is included. Since we use
the same #if guard for the header we should be ok.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Account for the pipe poker in poll() by explicitly returning NULL when
we have no events, timers or file descriptors to work with
* Add a comment explaining exactly what we are doing and why
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Update pollfds copy as well as the original
* Keep array count for copy in thread_master
* Remove last remnants of POLLHUP in .events field
* Remove unused snmpcount (lolwut)
* Improve docs
* Add missing do_thread_cancel() call in thread_cancel_event()
* Change thread_fetch() to always enter poll() to avoid starving i/o
* Remember to free up cancel_req when destroying thread_master
* Fix dereference of null pointer
* Fix dead store to timeval
* Fix missing condition for condition variable :-)
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This patch implements an MT-safe version of thread_cancel() in
thread_cancel_async(). Behavior as follows:
* Cancellation requests are queued into a list
* Cancellation requests made from the same pthread as the thread_master
owner are serviced immediately (thread_cancel())
* Cancellation requests made from a separate pthread are queued and the
call blocks on a condition variable until the owning pthread services
the request, at which point the condition variable is signaled and
execution continues (thread_cancel_async())
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
- All ipv4 labeled-unicast routes are now installed in the ipv4 unicast
table. This allows us to do things like take routes from an ipv4
unicast peer, allocate a label for them and TX them to a ipv4
labeled-unicast peer. We can do the opposite where we take routes from
a labeled-unicast peer, remove the label and advertise them to an ipv4
unicast peer.
- Multipath over a labeled route and non-labeled route is not allowed.
- You cannot activate a peer for both 'ipv4 unicast' and 'ipv4
labeled-unicast'
- The 'tag' variable was overloaded for zebra's route tag feature as
well as the mpls label. I added a 'mpls_label_t mpls' variable to
avoid this. This is much cleaner but resulted in touching a lot of
code.
The xml2cli.pl script was useful years ago when the vty code was very
rudimentary. This is not the case anymore, so convert all ldpd CLI
commands to use DEFUNs directly and get rid of the XML interface.
The benefits are:
* Consistency with the other daemons;
* One less build dependency (the LibXML perl module);
* Easier to add new commands.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
'do' is syntax sugar that allows the user to execute a command under
ENABLE_NODE when in another CLI node. If the user is already in
ENABLE_NODE, use of 'do' was previously disallowed. This patch allows it
because it makes it easier for us to hack around certain instances of
the node synchronization problem with vtysh.
Also included is a fix for one of these problems.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Switch the RB tree implementation completely to the new dlg@'s version
that uses pre-declared functions instead of macros for tree functions.
Original e-mail/diff:
https://marc.info/?l=openbsd-tech&m=147087487111068&w=2
Pros:
* Reduces the amount of code that the usage of those macros generate
* Allows the compiler to do a better compile-time check job
* Might have better i-cache utilization since the tree code is shared
Con:
* dlg@ benchmarks shows it has 'very slightly slower' insertions
* imported RB_* code must adapt the following calls:
RB_INIT(), RB_GENERATE(), RB_ROOT(), RB_EMPTY(), make compare
functions use 'const' (if not already) and maybe others.
Adds "DEFPY()" which invokes an additional layer of preprocessing, so
that we get pre-parsed and named function arguments for the CLI.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Wraps the command parsing code for Python, so we can use it to do fancy
preprocessing and replace extract.pl.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Standard define the default SRGB range from 16000 to 23999. This
commit defines these default values for frr.
Ticket: CM-16737
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: CCR-6347
it's just an alias for a millisecond timer used in exactly nine places
and serves only to complicate
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
If fd_poll() is called with no file descriptors, an incorrect check in
the function prelude causes it to return instantly; for a thread that
wishes to poll but has no file descriptors, this results in busy
waiting. Desired behavior is to block.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Allow routing protocols to call one function to add/delete
routes into zebra. Future commits will start adding
this code to individual routing protocols.
Why are we doing this? Well the zapi_ipv[4|6]_route functions
are fundamentally broken in their ability to pass down anything
but NEXTHOP_TYPE_IFINDEX or NEXTHOP_TYPE_IPV[4|6] and we need
the ability to pass down a bit more information.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
pim controls the vrf table creation for due to the way that
pim must interact with the kernel. In order to match the
table_id for unicast <-> multicast( not necessary but a
real nice to have ) we need to pass up from zebra the
table_id associated with the vrf.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
a bunch of pollfds can cause a stack overflow when using a stack
allocated buffer...silly me...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
When scheduling a task onto a thread master owned by another pthread, we
need to lock the thread master's mutex. However, if the pthread which
owns that thread master is in poll(), we could be stuck waiting for a
very long time. To solve this, we copy all data poll() needs and unlock
during poll(). To break the target pthread out of poll(), thread_master
has gained a pipe whose reading end is passed into poll(). After an event
that requires immediate action by the target pthread, a byte is written
into the pipe in order to wake it up.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
[DL: split off from select() removal]
poll() is present on every supported platform and does not have an upper
limit on file descriptors.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
[DL: split off from AWAKEN() change]
Modify EVPN prefix to use the generic IP address structure. Add support
for EVPN type-2 and type-3 prefix dump. Fix references to modified fields
as needed.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Define an IP address structure which is a union of an IPv4 and IPv6
address. This is for subsequent use in EVPN.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Added APIs to:
a) pre-assign 0th bit in the bitfield
b) free 0th bit in the bitfield
c) free the allocated bitfield data
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
incorrect array sizes causing out of bounds read and potentially
incorrect capability settings
introduced in 1b322039
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Allow some more flexibility in case callers wish to manage their own
thread pointers and don't require or don't want the thread to keep a
back reference to its holding pointer.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
I keep getting people asking me about what to do
when this error is generated when they are programming
new cli. Maybe this is a bit better bread-crumb?
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We only needed to add/change the vrf callbacks when we initialize
the vrf subsystem. As such it is not necessary to handle the callbacks
in any other way than through the init function.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
vrf_iflist_create -> By the time this is called in enable, the vrf's iflist
is already created. Additionally this code should be a properly of the vrf
to init/destroy not someone else.
vrf_iflist_terminate -> This function should be a property of vrf deletion
and does not need to be exposed.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Segregate the vrf enable/disable functionality from other vrf
code. This is to ensure that people are not actually using
the functions when they should not be. Also document the
why of it properly in the new vrf_int.h header.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The FSF's address changed, and we had a mixture of comment styles for
the GPL file header. (The style with * at the beginning won out with
580 to 141 in existing files.)
Note: I've intentionally left intact other "variations" of the copyright
header, e.g. whether it says "Zebra", "Quagga", "FRR", or nothing.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A partially-entered IPv6 address would never return a "partly_match",
meaning some possible completions weren't listed by the matcher.
This specifically breaks autocompleting BGP IPv6 neighbor addresses.
Before:
aegaeon# show ip bg ne 2001:<?>
WORD Neighbor on BGP configured interface
After:
aegaeon# show ip bg ne 2001:<?>
WORD Neighbor on BGP configured interface
X:X::X:X Neighbor to display information about
2001:db8::2
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This asks the connected daemons for their variable completions through a
hidden CLI command.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Shows known values in the appropriate naming domain when the user hits
<?> or <Tab>. This patch only works in the telnet CLI, the next patch
adds vtysh support.
Included completions:
- interface names
- route-map names
- prefix-list names
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Fills token->varname based on context. WORD tokens use the WORD - if it
isn't actually "WORD". Other than that, a preceding constant token is
used as name.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Put core CLI graph stuff in lib/command_graph.[ch] and consistently
prefix all function names with "cmd_".
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
struct cmd_token now has a "varname" field which is derived from the
DEFUN's string definition. It can be manually specified with "$name"
after some token, e.g. "foo WORD$var". A later commit adds code to
automatically fill the value if nothing is specified.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Passing stack value to thread_add_* causes thread->ref to become an
invalid pointer when the value goes out of scope
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This is a direct copy of:
https://github.com/boutier/quagga-merge
From the branch babel-merge
I copied the babeld directory into FRR and then fixed up everything to
compile.
Babeld at this point in time when run will more than likely crash and burn
in it's interfactions with zebra.
I might have messed up the cli, which will need to be looked at
extract.pl.in and vtysh.c need to be fixed up. Additionally we probably
need to work on DEFUN_NOSH conversion in babeld as well
This code comes from:
Matthieu Boutier <boutier@irif.fr>
Juliusz Chroboczek <jch@irif.fr>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The CLI changes now make it impossible for numbers
outside the range specified in the cli to make it to
this code. No need to check for it again.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We have several pieces of code like this in FRR:
for (afi = AFI_IP; afi < AFI_MAX; afi++)
for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
bgp_distance_table[afi][safi] = bgp_table_init (afi, safi);
We were creating a lot of useless garbage in the code because of this
gap. Fix this.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
To avoid blocking zebra when it's acting as a proxy for an external
label manager.
Besides:
Fix get chunk reconnection. Socket was still being destroyed on failure,
so next attempt would never work.
Filter out unwanted messages in lm sync sock.
Until LDE client sends ZEBRA_LABEL_MANAGER_CONNECT message, zserv
doesn't know which kind of client it is, so it might enqueue unwanted
messages like interface add, interface up, etc. Changes in this commit
discard those messages in the client side in case they arrive before the
expected response.
Change function name for zclient_connect in label manager to avoid
confusion with zclient one.
Signed-off-by: ßingen <bingen@voltanet.io>
Pass pointer to pointer instead of assigning by return value. See
previous commit message.
To ensure that the behavior stays functionally correct, any assignments
with the result of a thread_add* function have been transformed to set
the pointer to null before passing it. These can be removed wherever the
pointer is known to already be null.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
When scheduling a thread, the scheduling function returns a pointer to
the struct thread that was placed on one of the scheduling queues in the
associated thread master. This pointer is used to check whether or not
the thread is scheduled, and is passed to thread_cancel() should the
daemon need to cancel that particular task.
The thread_fetch() function is called to retrieve the next thread to
execute. However, when it returns, the aforementioned pointer is not
updated. As a result, in order for the above use cases to work, every
thread handler function must set the associated pointer to NULL. This is
bug prone, and moreover, not thread safe.
This patch changes the thread scheduling functions to return void. If
the caller needs a reference to the scheduled thread, it must pass in a
pointer to store the pointer to the thread struct in. Subsequent calls
to thread_cancel(), thread_cancel_event() or thread_fetch() will result
in that pointer being nulled before return. These operations occur
within the thread_master critical sections.
Overall this should avoid bugs introduced by thread handler funcs
forgetting to null the associated pointer, double-scheduling caused by
overwriting pointers to currently scheduled threads without performing a
nullity check, and the introduction of true kernel threads causing race
conditions within the userspace threading world.
Also removes the return value for thread_execute since it always returns
null...
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The way thread.c is written, a caller who wishes to be able to cancel a
thread or avoid scheduling it twice must keep a reference to the thread.
Typically this is done with a long lived pointer whose value is checked
for null in order to know if the thread is currently scheduled. The
check-and-schedule idiom is so common that several wrapper macros in
thread.h existed solely to provide it.
This patch removes those macros and adds a new parameter to all
thread_add_* functions which is a pointer to the struct thread * to
store the result of a scheduling call. If the value passed is non-null,
the thread will only be scheduled if the value is null. This helps with
consistency.
A Coccinelle spatch has been used to transform code of the form:
if (t == NULL)
t = thread_add_* (...)
to the form
thread_add_* (..., &t)
The THREAD_ON macros have also been transformed to the underlying
thread.c calls.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Cyclic graphs ftw
Also remove graph pretty printer from permutations.c 'cause it's not
really needed anymore
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Cyclic graphs ftw
Also remove graph pretty printer from permutations.c 'cause it's not
really needed anymore
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Rename HAVE_POLL to HAVE_POLL_CALL, when compiling with
snmp and poll enabled this was causing issues.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This change adds three fields to thread_master and associated code to
use them. The fields are:
* long selectpoll_timeout
This is a millisecond value that, if nonzero, will override the
internally calculated timeout for select()/poll(). -1 indicates
nonblocking while a positive value indicates the desired timeout in
milliseconds.
* bool spin
This indicates whether a call to thread_fetch() should result in a loop
until work is available. By default this is set to true, in order to
keep the default behavior. In this case a return value of NULL indicates
that a fatal signal was received in select() or poll(). If it is set to
false, thread_fetch() will return immediately. NULL is then an
acceptable return value if there is no work to be done.
* bool handle_signals
This indicates whether or not the pthread that owns the thread master
is responsible for handling signals (since this is an MT-unsafe
operation, it is best to have just the root thread do it). It is set to
true by default. Non-root pthreads should set this to false.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adds infrastructure for keeping track of pthreads.
The general idea is to maintain a daemon-wide table of all pthreads,
running or not. A pthread is associated with its own thread master that
can be used with existing thread.c code, which provides user-space
timers, an event loop, non-blocking I/O callbacks and other facilities.
Each frr_pthread has a unique identifier that can be used to fetch it
from the table. This is to allow naming threads using a macro, for
example:
#define WRITE_THREAD 0
#define READ_THREAD 1
#define WORK_THREAD 2
The idea here is to be relatively flexible with regard to how daemons
manage their collection of pthreads; the implementation could get away
with just some #define'd constants, or keep a dynamically allocated data
structure that provides organization, searching, prioritizing, etc.
Overall this interface should provide a way to maintain the familiar
thread.c userspace threading model while progressively introducing
pthreads.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Fixes a few insufficient critical sections. Adds back locking for
thread_cancel(), since while thread_cancel() is only safe to call from
the pthread which owns the thread master due to races involving
thread_fetch() modifying thread master's ready queue, we still need
mutual exclusion here for all of the other public thread.c functions to
maintain their MT-safety.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This change introduces synchronization mechanisms to thread.c in order
to allow safe concurrent use.
Thread.c should now be threadstafe with respect to:
* struct thread
* struct thread_master
Calls into thread.c for operations upon data of this type should not
require external synchronization.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Remove the UNDEFINED_NODE as that it's implementation breaks
our ability in BGP to figure out where we are by allowing
default: in the switch statement.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Implement BGP Prefix-SID IETF draft to be able to signal a labeled-unicast
prefix with a label index (segment ID). This makes it easier to deploy
global MPLS labels with BGP, even without other aspects of Segment Routing
implemented.
This patch implements the handling of the BGP-Prefix-SID Label Index
attribute. When received from a peer and the index is acceptable, the local
label is picked up from the SRGB and is programmed as the incoming label as
well as advertised to peers. If the index is not acceptable, no local label
is assigned. The outgoing label will always be the one advertised by the
downstream neighbor.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Implement support for negotiating IPv4 or IPv6 labeled-unicast address
family, exchanging prefixes and installing them in the routing table, as
well as interactions with Zebra for FEC registration. This is the
implementation of RFC 3107.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Implement support for activating the labeled-unicast address family in
BGP and relevant configuration for this address family.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Internal and IANA definitions for labeled-unicast SAFI. Note that this SAFI
is specific to BGP and maps to the corresponding unicast SAFI in Zebra.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Support install of labeled-unicast routes by a client. This would be
BGP, in order to install routes corresponding to AFI/SAFI 1/4 (IPv4)
or 2/4 (IPv6). Convert labeled-unicast routes into label forwarding
entries (i.e., transit LSPs) when there is a static label binding.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Implement interface that allows a client to register a FEC for obtaining
a label binding (in-label). Update client whenever the label binding is
updated and cleanup when client goes away.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Preface with line identifying which daemon it applies to.
[Also fixes a missed "plugin" -> "module" replace.]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
lib -> Add a bit of documentation about what units we are in.
zebra -> Fix failure case to be a bit better.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This is a prepatory commit for future improvements.
Add a change to the zapi to pass the interface speed up.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
On BSD systems, the getgrouplist() function returns 0 if successful and
-1 on error.
Linux in the other hand returns *ngroups (the number of groups of which
user is a member) on success and -1 on error.
Given this difference, the most portable way to use getgrouplist()
is use its return value only for checking if it succeeded or not.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The fact that I originally wrote this in Linux Kernel style and then
reindented it to GNU makes me want to gouge my eyes out every time I
look at it. Restore original indentation.
[This patch is whitespace-only.]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
the original version of this code already used _Atomic and atomic_*().
Restore this functionality for future multithreading.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Just adding -pthread to gcc options changes libc's behaviour, e.g.
making malloc() use proper locking. This means a SEGV inside malloc()
(e.g. because malloc bookkeeping structures have been damaged by writing
to a broken pointer) can lead to a lockup by the following chain:
- random_function()
- malloc()
--- SEGV
- core_handler()
- zlog_backtrace_sigsafe()
- backtrace()
- malloc()
This will hang forever waiting for the malloc() lock to be released.
Another failure mode is dynamic linking with lazy binding (-z lazy,
default). Since backtrace() is seldomly used, this means the call to
backtrace() in the core handler can in fact result in the dynamic linker
trying to resolve the "backtrace" symbol, which can also deadlock.
Add several safeguards to prevent any of this from happening.
(Unfortunately, these are not theoretical issues - I found them by
running into them headfirst.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This is very useful to check whether a command disappeared from a
specific daemon (by comparing against an earlier output of
"grammar find-ambiguous printall nodescan")
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The vtysh preprocessing stuff doesn't like the first argument to
install_element() being something other than a _NODE constant, and the
comment hack wasn't cutting it... just expand this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These have copies in vtysh that do the node-switch locally and are
listed in extract.pl's ignore list. The ignore list however is
redundant since DEFUN_NOSH does the same thing...
ldpd is a bit hacky, but Renato is reworking this anyway.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Only the parent process should handle the SIGHUP signal, but we need
to make sure that this signal is ignored in the child processes so a
command like "killall -SIGHUP ldpd" won't kill ldpd.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This adds a "-M" option to each daemon, to load dynamic modules at
startup. Modules are by default located in /usr/lib/frr/modules (lib64
if appropriate). Unloading or loading at runtime is not supported at
this point to keep things simple.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Label Manager allows to share MPLS label space among different
daemons. Each daemon can request a chunk of consecutive labels and
release it if it doesn't need them anymore. Label Manager stores the
daemon protocol and instance to identify the owner client. It uses them
to perform garbage collection, releasing all label chunks from a client
when it gets disconnected or reconnected.
Additionally, every client can request that the chunk is never garbage
collected. In that case client has the responsibility to release
non-used labels.
Zebra can host the label manager itself (if no -l param is provided) or
connect to an external one using zserv/zclient (providing its address
with -l param).
Client code is in lib/zclient.c, but currently only LDP is using it.
TODO: Allow for custom ranges requests, i.e., specify the start label
besides the chunk.
TODO: Release labels from LDP.
Signed-off-by: Bingen Eguzkitza <bingen@voltanet.io>
The following changes do not apply on master because the code has
changed:
- "vtysh: fix completion"
reverts commit 09e61a383f.
- "Revert "lib: Fix tab completions memleak, memory stats corruption""
reverts commit 4dcee34bd6.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This reverts commit 039dc61292.
The patch actually made the situation worse since the return value from
cmd_complete_command_real() was now inconsistently allocated from
different memory stat pools.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Please Note, I will be redoing this commit message with
more information.
Additionally I will rework the lib/* changes into their
own commits.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(Note: the allow_delete thing is called "zebra" on the commandline
because that's the clearest context there, while it is called "FRR" in
the CLI because that's considerably less confusing in a vtysh env.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
... no need to have struct zlog generally-exposed.
A few files get to include log_int.h because they use zlog/vzlog.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The protocols enum serves no purpose other than adding potential for
bugs and making it complicated to add a new protocol... nuke.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Contains the fetch-and-run-thread logic, and vty startup (which is the
last thing happening before entering the main loop).
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Centralise read_config/daemonize/dryrun/pidfile/vty_serv into libfrr.
This also makes multi-instance pid/config handling available as part of
the library. It's only wired up in ospfd, but the code is in lib/.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Start centralising startup & option parsing into the library.
FRR_DAEMON_INFO is a bit weird, but it will become useful later (e.g.
for killing the ZLOG_* enum, and having the daemon name available)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This provides DMVPN support and integrates to strongSwan. Please read
README.nhrpd and README.kernel for more details.
[DL: cherry-picked from dafa05e65fe4b3b3ed5525443f554215ba14f42c]
[DL: merge partially resolved, this commit will not build.]
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Since `afi_t` and `struct vty` are used in plist.h, the appropriate
headers for them should be included.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This define is used only to guard macros in lib/linklist.h which
themselves are not used anywhere in the codebase and have been marked
deprecated since anno domini 2005
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This define is used only to guard macros in lib/linklist.h which
themselves are not used anywhere in the codebase and have been marked
deprecated since anno domini 2005
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
If an EVPN entry is detected, and type is not route type 5, displays the
Ethernet MAC configured, as it was before evpn is introduced.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
In the case, evpn prefix is requested to be transformed into string, and
if the evpn prefix is not an evpn route type 5 entry, then the prefix is
returning an initialised string that mentions the vpn prefix is unknown.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This commit simplified the string to mac conversion, since it uses
sscanf, instead of depicting each incoming character one by one, and
doing self analysis. Also,this commit changes the internal usage of the
mac address representation in mac handling function.
Signed-off-by: Lou Berger <lberger@labn.net>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The introduction of AFI_L2VPN prefix makes usage of AFI_ETHER deprecated
and is of no usage currently. The latter define is linked to AFI_L2VPN.
For that, the prefix enumerate has the AFI_ETHER value removed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The case where no buffer is passed to the str2mac function is handled.
In that case, a buffer is allocated. Then the check against the buffer
length is not done.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
As mac-address structure is to be used as a prefix field, two new
functions permit handling mac address in order to convert it. either
from string to internal value, or the reverse operation.
Internal representation of a mac address is a 6 byte char value standing
for the 6 byte value the mac address has.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Because the prefix structure may include or not evpn sub structure, then
HAVE_EVPN compilation define is also used in prefix.c, because it
references the sub field evpn of prefix structure.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This commit is also taking into account changes related to srcdes
feature introduction in zebra folder.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Ticket: CM-12262
Reviewed By: CCR-5065
Testing Done: Manual
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
'packed' keyword had no effect on packing the afi_ethernet structure.
The attribute keyword has been eppended in order to take into account
the packed feature.
Signed-off-by: Julien Courtat <julien.courtat@6wind.com>
The requirement from draft-ietf-bess-evpn-prefix-advertisement-03
mentions that the Eth-Tag ID, IP Prefix Length and IP Prefix will be
part of the route key used by BGP. The ip prefix length is then appended
to the evpn_addr. In addition to this, the ethernet tag ID is reused.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Extend the prefix data structure to allow for basic support for EVPN type-3
and type-2 routes.
Note: This may be revised in future.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-11937
Reviewed By: CCR-5001
Testing Done: None
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
To support EVPN, a new AFI and SAFI value are defined here.
For internal processing, two other values are used. Those values will
be used to reach RIB entries by using internal afi and safi values
as indexes. This commit is using naming convention for using EVPN.
External value exchanged in BGP packets is called of with
IANA_ presence in macro, while internal value will not have _IANA_
presence.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Merge the parsed graph into the existing one as a separate step. This
makes it possible to merge identical subgraphs, which is used e.g. in
bgpd for <A.B.C.D|X:X::X:X|WORD> neighbor names.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Like config_write(), this should use rename(), even though atomicity is
not a real issue here.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
sync() has a HUGE impact on systems that perform actual I/O, i.e. real
servers...
Also, we were leaking a fd on each config write ever since
c5e69a0 "lib/vty: add separate output fd support to VTYs"
(by myself :( ...)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
sync() has a HUGE impact on systems that perform actual I/O, i.e. real
servers...
Also, we were leaking a fd on each config write ever since
c5e69a0 "lib/vty: add separate output fd support to VTYs"
(by myself :( ...)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The library libzebra that is installed with FRR will
conflict with Quagga. So let's rename it to libfrr.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The code was making the correct assumption
that the v4 and v6 addresses start in the
same spot in memory and since we were looking
at a v6 prefix it would just work. This
causes distress in SA systems, so let's just
make it happy.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
It is possible if the hostname is > 32
characters that we would just overrun the
client_name data structure. Truncate
the hostname string to 31 characters (to allow for NULL)
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
was_stdio was never set up with a 'correct'
initial value, leading to cases where
we would choose what to do based upon
what was in the stack.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
In the case where we are using select as
the operator *and* we call
funcname_thread_add_read_write *and* the
fd is already set, we would overwrite
the read/write direction to always be READ.
Clearly this was a bad idea.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The cli could be reduced for v4 and v6 code
paths into 1 function. Additionally the v6
code path had a SA issue found where it
"theoratically" could have caused a null
de-reference. This issue has been removed
as well.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We were checking for non-null of 'struct stream *s'
after we did a stream_getl, which would have crashed
the program.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This patch introduces several new configuration commands to ldpd. These
commands should allow the operator to define advanced filtering policies
for things like label advertisement, label allocation, etc.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
prefix_list_delete wasn't releasing chained trie entries, only the main
one. Just call the proper trie_del.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Since the at_close call for the stdio vty might exit() the process, move
it to the end of the function, after freeing all memory.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
To make it possible for testcli to get a clean memory management bill.
(Note: XFREE() is NULL-safe, just like free().)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
command_lex.l was allocating as MTYPE_TMP, while command_parse.y would
just call free(). Make both use MTYPE_LEX.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Move the data structure used to have knowledge about
the zapi message types to zclient.h where it belongs.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
These error codes have ended up only being used
for socket type interfaces to the kernel(*bsd),
yet we were exposing the #defines to the entirety
of the project.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
IPv6 srcdest routes need to be keyed by both destination and source
prefix. Since the lookup order is destination first, the simplest thing
to do here is to add a second route_table to destination entries, which
then contain source entries. Sadly, the result is somewhat confusing
since a route_node might now be either a source node or a destination
node.
There are helper functions to get source and destination prefix from a
given route node (which can be either a destination or a source route).
The following bits have been added by Christian Franke
<chris@opensourcerouting.org>:
- make srcdest routing table reusable by moving it into lib
- make the srcdest routing table structure more opaque
- implement a srcdest routing table iterator
- fix a refcounting issue in src_node_lookup
- match route_node_lookup behavior with srcdest_rnode_lookup
- add accessor for the route_node table and table_info
- add string formatter srcdest_rnode2str
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
[v3: adapted for cmaster-next as of 2016-12-05]
The sourcedest code needs to get the route_node even if its info pointer
is NULL (which occurs when there are srcdest routes, but no general
destination route.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This introduces ZAPI_MESSAGE_SRCPFX, and if set adds a source prefix
field to ZAPI IPv6 route messages sent from daemons to zebra. The
function calls all have a new prefix_ipv6 * argument specifying the
source, or NULL. All daemons currently supply NULL.
Zebra support for processing the field was added in the previous patch,
however, zebra does not do anything useful with the value yet.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Check and read the IPv6 source prefix on ZAPI messages, and pass it down
to the RIB functions (which do nothing with it yet.) Since the RIB
functions now all have a new extra argument, this also updates the
kernel route read functions to supply NULL.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
vector_remove would corrupt the data in the following sequence:
1. assume vector v = [a, b], active = 2
2. vector_unset(v, 0) => v = [NULL, b], active = 2
3. vector_remove(v, 1)
vector_remove calls vector_unset(v, 1), vector_unset notices index #0 is
also NULL and thus sets active to 0.
The equality test in vector_remove() now fails, leading it to decrement
v->active *again*, leading to an underflow that will likely crash the
daemon (and might even be exploitable).
This call sequence does not happen in existing code since vector_unset()
is not used on graph from/to lists. Nonetheless this is a buried land
mine in the code at best.
Rewrite the function - while we're at it, there's no reason to move the
entire array around, just fill the hole with the last element.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Cc: Quentin Young <qlyoung@cumulusnetworks.com>
We don't need to copy the from/to arrays, we can just iterate backwards.
NB: this makes graph_remove_edge delete only one edge (which is more
consistent with graph_add_edge allowing parallel edges).
Iterating graph->nodes backwards also makes graph_delete_graph faster
since that also iterates backwards.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Iterating over an array while deleting items needs to consider
interactions between the iteration position and deletion. The previous
code completely ignored that problem, leading to memleaks (graph_delete
skipping half of the nodes) and dangling pointers (if parallel edges
exist in graph_remove_edge).
Iterating backwards is safe and reduces "move to fill hole" overhead in
deletion.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Cc: Quentin Young <qlyoung@cumulusnetworks.com>
command.c had:
DEFINE_MTYPE_STATIC(LIB, CMD_TOKENS, "Command desc")
while command_match.c had:
DEFINE_MTYPE_STATIC(LIB, CMD_TOKENS, "Command Tokens")
... which means that there are 2 distinct MTYPE_CMD_TOKENS.
(The description text being different does not matter, even with the
same text it'd be 2 distinct types.)
command_match.c allocates token->arg in command_match_r() while
command.c frees it in del_cmd_token(). Therefore with each command
being executed, the allocation count goes up on one, down on the other.
=> clean up parser allocation counting. Also, use separate MTYPEs for
the different fields in struct cmd_token.
Fixes: #108 / ee9216cf ("lib, ripngd: clean up merge leftovers")
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Cc: Quentin Young <qlyoung@cumulusnetworks.com>
Should be in system headers, but not specified by any standard.
Not currently used anywhere yet.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Also adds "grammar access <node>" to test/dump an existing command node
(e.g. BGP_NODE).
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Writing a .dot graphviz file is very useful to get a graphical
representation of the command graph.
This code is intended solely for testing & development, it uses some
fixed-size array and may unexpectedly crash.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
flex+bison have nice capabilities to track the location that is
currently being processed; let's enable these and get better warnings
for broken CLI specs.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This cuts a large piece of complexity from the parser by making the
sequences between | the same, no matter whether it's <> () or [].
This causes some changes in behaviour:
- [foo|bar] is now accepted
- <foo|[bar]> is now accepted (yes it's stupid)
- {a|b} is now means "at least one of these, in any order"; to allow
zero use [{a|b}] instead.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
There's no need to malloc() these, we can just keep them on the stack.
The entire struct will get copied around, but replacing a 2-pointer copy
with a 1-pointer copy + malloc + free overhead is not quite efficient.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This associates pairs of FORK and JOIN tokens, so the merge function can
identify where a subgraph begins and ends.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Mr. T was abducted by the parser and held hostage for ransom.
Murdock was called, flew in and replaced him with a Tab character.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Since time is no longer cached, if we schedule something with zero
timeout, it will automatically be negative by the time we reach the
event loop.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
monotime_since() does exactly the same thing.
... and timeval_elapsed is now private to lib/thread.c
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This adds monotime() to retrieve monotonic clock time, as well as
monotime_since() and monotime_until() for relative monotonic time.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Completions are checked for token and docstring equality before
deduplicating. Put an ifdef guard around checking docstrings because
many of them are inconsistent and may confuse users in a release build.
It is a good idea to enable VTYSH_DEBUG when adding new CLI in the
future to help check docstrings.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
BGP Large Communities are a novel way to signal information between
networks. An example of a Large Community is: "2914:65400:38016". Large
BGP Communities are composed of three 4-byte integers, separated by a
colon. This is easy to remember and accommodates advanced routing
policies in relation to 4-Byte ASNs.
This feature was developed by:
Keyur Patel <keyur@arrcus.com> (Arrcus, Inc.),
Job Snijders <job@ntt.net> (NTT Communications),
David Lamparter <equinox@opensourcerouting.org>
and Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Job Snijders <job@ntt.net>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fixes a couple off-by-ones introduced in previous commit.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
[cherry-picked from master d1e4a518e6]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The json_object_object_get_ex function is not fully available
across all versions of json. Write a wrapper to allow
it to work.
Ticket: CM-13872
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fix the display of 'show thread cpu' to keep track
of the number of active threads and to display that
information.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
lib: Fix thread_execute_crash
This commit does these things:
1) Make thread_add_unuse own the setting of THREAD_UNUSED.
2) Move thread->hist finding to to thread_get.
We are storing the thread->hist even when the thread
is on the unused. This means that we check to see
if the funcname or func have changed and we get new
history. Else we've probably just retrieved the last
unused which has the same func/funcanme. This is
a common practice to do THREAD_OFF/THREAD_ON in
quick succession.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com.
Fully decode mcast messages from the kernel. We are not
doing anything with this at the moment, but that will
change.
Additionally convert over to using lookup for
displaying the route type.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We need the ability to store the (s,g) in a struct prefix.
This will allow us to consolidate some duplicated code in
pimd as well as set us up to switch from a link list to a
table to store (s,g) state.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Conflicts (CLI vs. atol()):
- bgpd/bgp_vty.c
- ospfd/ospf_vty.c
- zebra/zebra_vty.c
NB: pull req #65 (LabNConsulting/working/2.0/afi-safi-vty/c) was
excluded from this merge.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This removes the automatic resizing of the vty input buffer and places a
hard size cap of 4096 bytes. It also fixes a potentially unsafe strcpy.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
[cherry-picked from master 2af38873d8]
Introduce internal and IANA defintions for AFI/SAFI and mapping
functions and modify code to use these. This refactoring will
facilitate adding support for other AFI/SAFI whose IANA values
won't be suitable for internal data structure definitions (e.g.,
they are not contiguous).
The commit adds some fixes related to afi/safi testing with 'make check
' command.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Ticket: CM-11416
Reviewed By: CCR-3594 (mpls branch)
Testing Done: Not tested now, tested earlier on mpls branch
This removes the automatic resizing of the vty input buffer and places a
hard size cap of 4096 bytes. It also fixes a potentially unsafe strcpy.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
VRF_UNKNOWN = MAX_INT16_T
The vrf macros to determine where in the bitmap something belongs
assume that the valid values of a vrf are 0 - (MAX_INT16 - 1)
so when they attempt to determine where to look in the bitmap
for VRF_DEFAULT, we can get invalid reads of memory.
This happens because bgp can create vrf's with VRF_UNKNOWN
when we get configuration for a vrf before we've been actually
created in zebra.
Ticket: CM-14090
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* lib/if.h: Remove LP_TE as Link Parameters is set if different from 0
See IS_LINK_PARAMS_SET macro and use LP_TE_METRIC to determine if TE metric
is set or not
* lib/if.c: replace LP_TE by LP_TE_METRIC in default LP status
* zebra/interface.c: replace LP_TE by LP_TE_METRIC and check if TE metric
is equal to standard metric or not
* ospfd/ospf_te.c: replace LP_TE by LP_TE_METRIC
* isisd/isis_te.c: replace LP_TE by LP_TE_METRIC
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This patch enable the support of graceful restart for routes sets with
vpnv4 address family format. In this specific case, data model is
slightly different and some additional processing must be done when
accessing bgp tables and nodes.
The clearing stale algorithm takes into account the specificity where
the 2 node level for MPLS has to be reached.
Signed-off-by: Julien Courtat <julien.courtat@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Because SAFI_RESERVED_3 value is no more used, the SAFI_MPLS value is
lowered to that value.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Update the ZEBRA_HEADER_MARKER to 254. This will differentiate
ourselves from Quagga. Zebra should not listen to people not
properly using the right programs now.
Update the ZAPI version number to 4.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Commit 43cc09d has been shown to cause several issues with clients
connecting.
Partial revert, since I wanted to keep the debug logs added
for that commit, as well remove the piece of code that
stops attempting to connect to zebra. If we've failed
a bunch of times, there is nothing wrong with continuing
to do so once every 60 seconds. I've debug guarded
the connect failure for those people running bgp
without zebra.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
- "redist foo" parsing modified to check for foo==vnc and foo==vnc-direct
instead of just leading 'v' character
- string designating ZEBRA_ROUTE_VNC_DIRECT changed from "vpn" to "vnc-direct"
- route_types.pl parser recognizes 7th field to restrict availability
of a route type in the redist command to specific daemons
- restrict "vnc-direct" to bgpd only (doesn't make sense elsewhere)
- vnc documentation updated to match
Signed-off-by: Lou Berger <lberger@labn.net>
The json_object_object_get_ex function is not fully available
across all versions of json. Write a wrapper to allow
it to work.
Ticket: CM-13872
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
With the change to have thread_get fill inthe ->hist
pointer, thread_execute was missed and it
needs to fill in the .hist pointer for the
dummy thread created.
I'm not really sure why we need to call a
thread_execute on a function. When we
could, you know, just call the bloody
thing.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fix the display of 'show thread cpu' to keep track
of the number of active threads and to display that
information.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This commit does these things:
1) Make thread_add_unuse own the setting of THREAD_UNUSED.
2) Move thread->hist finding to to thread_get.
We are storing the thread->hist even when the thread
is on the unused. This means that we check to see
if the funcname or func have changed and we get new
history. Else we've probably just retrieved the last
unused which has the same func/funcanme. This is
a common practice to do THREAD_OFF/THREAD_ON in
quick succession.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com.
Fully decode mcast messages from the kernel. We are not
doing anything with this at the moment, but that will
change.
Additionally convert over to using lookup for
displaying the route type.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fix the struct prefix to be an actual struct prefix_sg.
This cleans up a bunch of code to make it look nicer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We need the ability to store the (s,g) in a struct prefix.
This will allow us to consolidate some duplicated code in
pimd as well as set us up to switch from a link list to a
table to store (s,g) state.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
All of the autogenerated macros in lib/route_types.pl are now called
FRR_* instead of QUAGGA_*.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Several places have paths and names that can change hardcoded, e.g. the
package name and the /var/run path. This fixes a few of them, there's
still some to do.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This replaces Quagga -> FRR in most configure.ac settings as well as
a handful of preprocessor macros in the source code.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This removes an artificial restriction for the first token in a
command's graph to be a WORD_TKN. The intention seems to be to prohibit
empty paths through a command, and to restrict "explosion" of choices in
the root node.
The better approach to the former is to check for an empty path after
the definition is parsed. The latter will happen anyway, by duplication
of the command, which just makes it worse...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
There seems to be no reason why numbers don't work as plain word tokens;
this is useful to have "number choices" or constants, e.g. <128|192|256>
for bit encryption lengths.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
bgp_master_init is called first thing in main(), so we need to wedge a
qobj_init() call in there... this needs some improvement...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This shuffles the code blocks in command_parser.y to match file output
order, then adjusts things to make the include handling less messy.
(also dropped unused DECIMAL_STRLEN_MAX define.)
This should hopefully fix the build on NetBSD 6.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
If <Tab> processing finds that there is only 1 candidate, but that
candidate is not a WORD_TKN that we can tab-complete on, the status
would remain at CMD_COMPLETE_FULL_MATCH, but the resulting list of
possible completions is empty.
This then SEGVs in lib/vty.c where it tries to access the first element
of the list, assuming FULL_MATCH always has 1 element there...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Cc: Quentin Young <qlyoung@cumulusnetworks.com>
There exists a possibility that when we cleanup
for shutdown that we may attempt to access
them again.
Found via valgrind, stopped showing up in there.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This re-adds "{foo WORD|bar WORD}" keyword-argument support to the CLI
parser. Note that token graphs may now contain loops for this purpose;
therefore the matching functions retain a history of already-matched
tokens. Each token can thus only be consumed once.
And then LINE... gets its special treatment with allowrepeat.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Commit 43cc09d has been shown to cause several issues with clients
connecting.
Partial revert, since I wanted to keep the debug logs added
for that commit, as well remove the piece of code that
stops attempting to connect to zebra. If we've failed
a bunch of times, there is nothing wrong with continuing
to do so once every 60 seconds. I've debug guarded
the connect failure for those people running bgp
without zebra.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
reserve qobj ID 0 for a NULL pointer. (No change is needed for lookups
since looking up 0 will simply fail and return NULL.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
If we fail to set any socket's buffer size, try again with a smaller value
and keep going until it succeeds. This is better than just giving up or,
even worse, abort the creation of a socket (ospf6d and ripd).
Fix broken ospf6d on FreeBSD.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These now generate warnings which will break the build with -Werror.
Note this may have enabled commands that should be disabled, or the
other way around...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This contains bgp memory leak fixes as well as cleanups to VRF/namespace
handling and has been run through extended testing in Cumulus' testbed:
Tested-by: Donald Sharp <sharpd@cumulusnetworks.com>
When link-params is configured it auto starts displaying
6000-02# conf t
dell-s6000-02(config)# int swp1
dell-s6000-02(config-if)# link-params
dell-s6000-02(config-link-params)# admin-grp 0x12345678
dell-s6000-02(config-link-params)# end
dell-s6000-02# show run
interface swp1
link-params
enable
metric 0 <----Remove the bw lines
max-bw 1.25e+06
max-rsv-bw 1.25e+06
unrsv-bw 0 1.25e+06
unrsv-bw 1 1.25e+06
unrsv-bw 2 1.25e+06
unrsv-bw 3 1.25e+06
unrsv-bw 4 1.25e+06
unrsv-bw 5 1.25e+06
unrsv-bw 6 1.25e+06
unrsv-bw 7 1.25e+06
admin-grp 305419896
exit-link-params
!
I'd like to reduce this to:
interface enp0s3
ip igmp
ip pim sm
link-params
enable
admin-grp 0x12345678 <----- Fix this to be what we entered
exit-link-params
!
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* If a token matches exactly at the end of input, it still
shows up in completions, e.g.
ex# clear<?>
clear Reset functions
ex(config)# ip route 1.2.3.4<?>
A.B.C.D IP destination prefix
A.B.C.D/M IP destination prefix (e.g. 10.0.0.0/8)
* If a token in mid-line exactly matches one token and
partially matches on one or more additional tokens,
the command tree(s) under the partially matching tokens
will be ignored in favor of the exact match when compiling
completions for the full line, e.g.
ex(config)# ip <?>
will only show completions for commands under 'ip' and not
those under 'ipv6', which the input partially matches.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
struct cmd_element items are static global variables, they are never
allocated, copied or freed.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This removes remaining global variables from the lexer, pushing the
lexer state into struct parser_ctx too. At the same time, "cmd_yy" is
used as prefix for all parser & lexer routines.
The result is that (a) there is no collision anymore if a program uses
flex/bison and links libzebra, and (b) the parser is fully encapsulated
and could be called in parallel from multiple threads.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This encapsulates all parser state into a new "struct parser_ctx", which
is allocated on stack and passed around as pointer. The parser no
longer has any global variables with this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The function prototype for command_parse_format() is better left in
command.h, so that the bison-generated header file doesn't need to be
included for that.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
WORD tokens (which are also used for "LINE..." input) should really
accept all characters.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These are not externally referenced anymore; this reduces the symbol
count of libzebra by quite a bit.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This moves all install_element calls into the file where the DEFUNs are
located. This fixes several small related bugs:
- ospf6d wasn't installing a "no interface FOO" command
- zebra had a useless copy of "interface FOO"
- pimd's copy of "interface FOO" was not setting qobj_index, which means
"description LINE" commands would fail with an error
The next commit will do the actual act of making "foo_cmd" static.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Since other parts (e.g. ldpd) use the ISC license, and the ISC license
is just a simplified form of the MIT license, just move things over and
reduce the number of different licenses we have in use here.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Additionally:
* Add [ip] to a couple bgp show commands
* Quick refactor of a couple ISIS commands
* Quick refactor of a couple OSPF6 commands
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
WORD tokens (which are also used for "LINE..." input) should really
accept all characters.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
%empty was added in bison 2.7.1, which seems to not be available on some
of the BSDs by default.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Headers using struct cmd_token should directly include command.h so the
struct is actually defined.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
There's no need to duplicate the 'vrf_id' and 'name' fields from the 'vrf'
structure into the 'zebra_vrf' structure. Instead of that, add a back
pointer in 'zebra_vrf' that should point to the associated 'vrf' structure.
Additionally, modify the vrf callbacks to pass the whole vrf structure
as a parameter. This allow us to make further simplifications in the code.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Also, for some reason we had two functions to search a VRF by its name:
zebra_vrf_lookup_by_name() and zebra_vrf_list_lookup_by_name(). The first
one would loop through vrf_table and the other one through vrf_list. This
is not necessary anymore, so remove zebra_vrf_lookup_by_name() and rename
zebra_vrf_list_lookup_by_name() to zebra_vrf_lookup_by_name().
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Since we're already using a red-black tree to store VRFs sorted by their
vrf_id's, create a new tree to store VRFs sorted by their names.
The biggest advantage of doing this is that we reduce the time complexity
of vrf_list_lookup_by_name() from O(n) to O(log n).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Since VRFs can be searched by vrf_id or name, make this explicit in the
helper functions.
s/vrf_lookup/vrf_lookup_by_id/
s/zebra_vrf_lookup/zebra_vrf_lookup_by_id/
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
We definitely need to stop abusing the route table data structure when
it's not necessary. Convert the namespace code to use red-black trees
instead. This greatly improves code readability.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
If we configure a VRF that doesn't match any device in the kernel, we'll
fall in the first case of the vrf_get() function. In this function,
a vrf structure is callocated and it's vrf_id is never set explicitly,
which means it's set to zero (the vrf-id of the default VRF). When this
happens, commands like "router-id A.B.C.D vrf ..." will act on the
default VRF and not on the pre-provisioned VRF. To fix this, always
set the vrf_id of pre-provisioned VRFs to VRF_UNKNOWN.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* move netlink code from zebra_nc.c to kernel_netlink.c;
* move vrf CLI commands from if.c/interface.c to vrf.c/zebra_vrf.c;
* move declaration of the 'ns' structure to a header file.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Getting FULL_MATCH with matched[0] == NULL in tests/testcli. Catch and
print error for now.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
lib/str.[ch] was removed in cleaning up autoconf deadweight.
best place for strmatch seems to be a #define in zebra.h
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
We can't use if_lookup_prefix() in rip_update_process() because this
function uses prefix_cmp() internally to try matching an interface
address to a static neighbor's address.
Since prefix_cmp() tries to match exact prefixes, if_lookup_prefix()
was always returning NULL.
What we really need here is to use prefix_match(), which checks if
one prefix includes the other (e.g. one /24 interface including a /32
static neighbor's address). The fix then is to replace the call to
if_lookup_prefix() and use if_lookup_address() instead, which uses
prefix_match() internally.
Fixes IxANVL RIP test 17.1
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
vtysh's extract.pl script doesn't cope with install_element(var, ) where
"var" is not one of the FOO_NODE constants. Also, the future defun_lex
tool doesn't deal well with preprocessor expansions in the same regard.
This tries simplifying out some of these. lib/distribute.c needs
further thinking.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These files were submitted by Cumulus but did
not properly setup the licensing of them.
This fixes that issue.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When a user erroneously defines two commands which can
match the same input and at least one of the tokens defined
last in the command is a selector or option, the matcher
does not detect an ambiguous match and matches the command
installed first (leftmost in the graph).
Fix is to do a full walkthrough of the follow set when
matching the final token in a command to check that there
is exactly one possible match, and to throw an ambiguity
error otherwise.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
It seems these two were at some point copied in from rsync; replace with
more recent versions that will hopefully become available in glibc as
well.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Since we have autoconf results from a wide swath of target platforms, we
can go remove checks that have the same result on all systems.
This also removes several "fallback" implementations of functions that,
at some point in the history, weren't available on all target platforms.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Fix a few memory issues:
* Not freeing tab-completions upon input match failure
* Invalid write when null-terminating tab-completions
* Not freeing argv[] itself in additinon to elements
* Use XFREE() instead of free() as appropriate
* Not freeing final token of an [option] during parsing
Make a few minor changes to CLI internals:
* Improve documentation on matching & completion functions
* Only make one copy of cmd_token's when building argv,
instead of three
* Don't make a copy of the matching cmd_element
Make one major(ish) change to CLI internals:
* Change all pointers to struct cmd_element to const
Code outside of the core CLI units should never have an
occasion to modify the internal state of the command system.
Doing so could easily amount to having a CLI interface that
changes during runtime, and could conceivably lead to security
issues. Explicitly disallowing this removes any chance of
confusion.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Each token now knows whether it is part of a hidden
or deprecated command. Command completion logic hides
such tokens when generating completions. Command
matching logic works as before and will still match on
hidden and deprecated commands.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This silences the following warning from watchquagga:
"Can't save to configuration file, using vtysh."
which otherwise appears when doing a "write file" in vtysh when no
integrated-config is in use.
Also make "show memory" available in watchquagga.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This new command - available for internal use by vtysh and explicit
usage by users - calls "vtysh -w" from watchquagga. This ensures vtysh
is run with privileges to actually write the integrated-config file.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
watchquagga logs as "NONE", which will also become visible in vtysh for
error messages. Add "WATCHQUAGGA" log target.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Even if we're running without user switch, we should still try to honor
the VTY group. This applies both to watchquagga (which always runs as
root) as well as "no-userswitch" configurations for other daemons.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
watchquagga is already leaking an open file descriptor on its pid file
on fork+exec() invocations; next up is adding vtysh support with even
more fds. Mark things CLOEXEC before going there.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
- Do not allow tab-completion on anything except words
- Rewrite cmd_make_strvec to use strsep
- Remove a few trailing whitespaces
- Remove cmd_complete_command_lib
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
When shutting down a daemon that uses an update
timer to handle route map processing, there
exists a race condition where if you change
a route map and then immediately shutdown
quagga before the update timer for the routemap
runs, you will be placed in a infinite loop.
This condition happens because this commit introduces
route map memory free'ing but never tests to see
if the to_be_processed flag has happened or not
before deleting:
commit 289d25016b
Author: Lou Berger <lberger@labn.net>
Date: Wed Apr 10 12:30:04 2013 -0700
bgpd, lib: memory cleanups for valgrind, plus debug changes
Modify route_map_finish to explicitly turn off the to_be_processed
field. As that we know we are going away if route_map_finish is
called.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
When compiling json on systems with json/json.h
that don't have json_object_new_int64, just
use json_object_new_int instead and accept
we might truncate data.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Ticket: CM-13239
* command.h: (struct cmd_node) Add a hash, so duplicate installs of
a cmd_element to a command node can be detected. To help catch
strays from the VIEW/ENABLE node consolidation particularly
(installs to VIEW automatically install to ENABLE too now).
* command.c: (cmd_hash_{key,cmp}) helpers for the hash - just directly
on the pointer value is sufficient to catch the main problem.
(install_node) setup the hash for the command node.
(install_element) check for duplicate installs.
The assert on the cmd_parse_format seems misplaced.
(install_default_basic) separate the basic, VIEW, node default commands
to here.
(cmd_init) get rid of dupes, given consolidation.
(cmd_terminate) clean up the node command hash.
Not done: The (struct cmd_node)'s vector could be replaced with the
cmd hash, however much of the command parser depends heavily on the
vector and it's a lot of work to change. A vector_lookup_value could
also work, particularly if vector could be backed by a hash.
The duplicate check could be disabled in releases - but useful in
development. It's a little extra overhead at startup. The command
initialisation overhead is already something that bites in
micro-benchmarks - makes it easy for other implementations to show
how much faster they are with benchmarks where other load is low
enough that startup time is a factor.
Some new routemap hash data structures were not being
properly cleaned up. Add the hash_free code in.
This code does not fix the variety of daemons that
don't actually call route_map_finish.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Consolidate the routemap initialization into one
function.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Description:
We use valgrind memcheck quite a bit to spot leaks in
our work with bgpd. In order to eliminate false positives,
we added code in the exit path to release the remaining
allocated memory.
Bgpd startup log message now includes pid.
Some little tweaks by Paul Jakma <paul.jakma@hpe.com>:
* bgp_mplsvpn.c: (str2prefix_rd) do the cleanup in common code at the end
and goto it.
[DL: dropped several chunks from original commit which are obsolete by
now on this tree.]
Change redist_check_instance() to return a pointer instead of returning 1
on success. This way this function can be reused in redist_del_instance()
instead of duplicating the same logic there.
Also, remove unnecessary call to redist_check_instance() in
zebra_redistribute_delete().
While here, remove unnecessary cast from void* in redist_add_instance().
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The ZEBRA_ROUTE_ALL route type can be used by a client to request
all routes from zebra. The main motivation for introducing this is
to allow ldpd to get routes from all OSPF instances, not only from
the default one. Without ZEBRA_ROUTE_ALL, ldpd would need to send a
ZEBRA_REDISTRIBUTE_ADD message for each possible OSPF instance (65k),
which doesn't scale very well.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This is a followup to commits 735e62 and 0b1442, where we forgot to apply
the same VIEW/ENABLE consolidation logic to vtysh. Also, we can't call
install_default() for the ENABLE node because some of the vty commands
installed by this function were already installed in the VIEW node before.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
If a command is put into the VIEW_NODE, it is going into the
ENABLE_NODE as well. This is especially true for show commands.
As such if a command is in both consolidate it down to VIEW_NODE.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
If you are in VIEW_NODE, the command should exist in ENABLE_NODE
as well. This is being done to reduce chances of code being
added to one but not the other NODE.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The RESTRICTED_NODE command is not used, introduces code
complexity and provides no additional levels of security.
The only way to get into RESTRICTED_NODE is to add, under
vty configuration the command 'anonymous restricted', and
then telnet to a daemon, provide a password, then type
'enable' and fail to enter the password three times.
Then the user can enter a very limited set of commands to
monitor bgp and only bgp behavior.
This commit removes both the RESTRICTED_NODE usage as well
as the lib/* usage of the code
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This patch improves zebra,ripd,ripngd,ospfd and bgpd so that they can
make use of 32-bit route tags in the case of zebra,ospf,bgp or 16-bit
route-tags in the case of ripd,ripngd.
It is based on the following patch:
commit d25764028829a3a30cdbabe85f32408a63cccadf
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Fri Jul 1 14:23:45 2016 +0100
*: Widen width of Zserv routing tag field.
But also contains the changes which make this actually useful for all
the daemons.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Since not all duplicate commands can be caught during graph
construction, do a linear search over all commands before
installing.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Finally, this disables the config editing lock for isisd. It also
enables deprecation warnings for the lib/ and isisd/ to catch accidental
uses of vty->index.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The keychain code is the only user of vty->index_sub; this is also
replaced with a qobj safe-pointer.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Prepares the library CLI functions for concurrent config access. Note
the vty->index pointer is still kept functional for the daemons to use.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
As mentioned in previous commits, this prepares to replace the vty's
"void *index" context position with a safe qobj pointer. This will
allow concurrent configuration editing by multiple users, as soon as no
more code (library included) in the daemon uses vty->index anymore.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This places the appropriate calls so library objects can be used with
qobj "pointers", especially in the CLI.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This adds 64-bit random identifiers as "safe pointers" which are also
type-tracked / can have type-specific extension methods.
This will be used by both the CLI (to keep safe references while in
config editing mode) as well as the Cap'n Proto code (to hand out
pointers to the user in a safe way and add per-type handlers)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When a command is complete and <cr> appears in tab- or
?-completions, make sure it appears first
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adds a missing check that resulted in partial token
matches being accepted as exact matches when calculating
input completions.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Range matching function was returning 0 instead of no_match
on failed match, causing all input to match ranges.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This feature adds an L3 & L2 VPN application that makes use of the VPN
and Encap SAFIs. This code is currently used to support IETF NVO3 style
operation. In NVO3 terminology it provides the Network Virtualization
Authority (NVA) and the ability to import/export IP prefixes and MAC
addresses from Network Virtualization Edges (NVEs). The code supports
per-NVE tables.
The NVE-NVA protocol used to communicate routing and Ethernet / Layer 2
(L2) forwarding information between NVAs and NVEs is referred to as the
Remote Forwarder Protocol (RFP). OpenFlow is an example RFP. For
general background on NVO3 and RFP concepts see [1]. For information on
Openflow see [2].
RFPs are integrated with BGP via the RF API contained in the new "rfapi"
BGP sub-directory. Currently, only a simple example RFP is included in
Quagga. Developers may use this example as a starting point to integrate
Quagga with an RFP of their choosing, e.g., OpenFlow. The RFAPI code
also supports the ability import/export of routing information between
VNC and customer edge routers (CEs) operating within a virtual
network. Import/export may take place between BGP views or to the
default zebera VRF.
BGP, with IP VPNs and Tunnel Encapsulation, is used to distribute VPN
information between NVAs. BGP based IP VPN support is defined in
RFC4364, BGP/MPLS IP Virtual Private Networks (VPNs), and RFC4659,
BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN . Use
of both the Encapsulation Subsequent Address Family Identifier (SAFI)
and the Tunnel Encapsulation Attribute, RFC5512, The BGP Encapsulation
Subsequent Address Family Identifier (SAFI) and the BGP Tunnel
Encapsulation Attribute, are supported. MAC address distribution does
not follow any standard BGB encoding, although it was inspired by the
early IETF EVPN concepts.
The feature is conditionally compiled and disabled by default.
Use the --enable-bgp-vnc configure option to enable.
The majority of this code was authored by G. Paul Ziemba
<paulz@labn.net>.
[1] http://tools.ietf.org/html/draft-ietf-nvo3-nve-nva-cp-req
[2] https://www.opennetworking.org/sdn-resources/technical-library
Now includes changes needed to merge with cmaster-next.
When the user tab- or ?-completes when the character prior to
the position of the cursor is a space, completion logic is
passed null. Explicitly handle this case instead of using
partly_match, which has special logic associated with it to
allow abbreviating certain tokens.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
FIB override routes are for routing protocols that establish
shortcut routes, or establish point-to-point routes that should
not be redistributed. Namely this is useful NHRP daemon to come.
Zebra is extended to select two entries from RIB the "best" entry
from routing protocols, and the FIB entry to install to kernel.
FIB override routes are never selected as best entry, and thus
are never adverticed to other routing daemons. The best FIB
override, or if it does not exist the otherwise best RIB is
selected as FIB entry to be installed.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[CF: Massage to fit cumulus tree]
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
When compiling with the json library instead of the json-c
library allow it to switch back to the old way of printing.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
zclient_stop(), which is used as antagonist to zclient_init(), needs to
undo the vrf_bitmap allocation. Otherwise zclient_init() will leak the
allocated memory, for example when zclient_reset() is used.
Reported-by: Lou Berger <lberger@labn.net>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When displaying thread time for long running/busy
protocols, the space allocated may not be sufficient.
Allow the runtime to take a bit more space.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
distribute.c doesn't allow to manage both v4 and v6 distribute lists. This
patch fix this problem by having 4 DISTRIBUTE* values in the enumeration instead
of two. The code in all daemons using distribute.c is adapted.
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Sam Tannous <stannous@cumulusnetworks.com>
Ticket:
N.B.: some of these are de-facto ALIAS resurrections
that are necessary due to some parser limitations; these
are marked with ALIAS_FIXME so I can go back and add
capability to the parser to handle these special cases.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* zclient.c: prefix length on router-id and interface address add
messages not sanity checked. fix.
* */*_zebra.c: Prefix length on zebra route read was not checked, and
clients use it to write to storage. An evil zebra could overflow
client structures by sending overly long prefixlen.
Prompted by discussions with:
Donald Sharp <sharpd@cumulusnetworks.com>
Linux/glibc sys/param.h has definitions of MIN/MAX that result in
multiple evaluations of its parameters. Force local definitions.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
On OpenIndiana/Solaris the build fails with "unsupported multicast API".
It's only in the IPv4 part where setsockopt IP_MULTICAST_IF needs a
local address and not the index (IPv6 wants the index).
The following code walks the list of interfaces until it finds the matching
index and uses the interface's local address for the setsockopt call.
I don't know if it works on Solaris < 10 (I guess yes, but I don't have
any machine to verify it).
[NB: this breaks unnumbered setups that use the same IPv4 address on
multiple interfaces. -- equinox@opensourcerouting.org]
Reported-by: Brian Utterback <brian.utterback@oracle.com>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Patchwork #762
ICC thinks we're storing a pointer and might be losing bits at the top:
error #810: conversion from "void *" to "route_map_event_t={enum
<unnamed>}" may lose significant bits
Build is warning-free on ICC 14.0.3 (for Linux x86_64) with this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
FIB override routes are for routing protocols that establish
shortcut routes, or establish point-to-point routes that should
not be redistributed. Namely this is useful NHRP daemon to come.
Zebra is extended to select two entries from RIB the "best" entry
from routing protocols, and the FIB entry to install to kernel.
FIB override routes are never selected as best entry, and thus
are never adverticed to other routing daemons. The best FIB
override, or if it does not exist the otherwise best RIB is
selected as FIB entry to be installed.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[CF: Massage to fit cumulus tree]
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Replace all HAVE_MPLS #ifdef's by a run-time check if MPLS is supported
by the kernel or not. This way we don't need to create multiple packages
for each OS distribution.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Since recently zebra uses only the ZEBRA_REDISTRIBUTE_* messages
to advertise redistributed routes to its clientes. Now the old
ZEBRA_IPV*_ROUTE_* messages are only used for client->zebra communication.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This patch installs labeled static routes in the FIB. The routes are installed
using the RTA_ENCAP (and RTA_ENCAP_TYPE) nested attributes.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-6040
Reviewed By: CCR-3091
Testing Done: Tested in SE-1, brief manual testing now
Install the statically configured LSPs into the FIB (kernel). This is done
using the new attributes and definitions for MPLS in the kernel -
RTA_VIA, RTA_NEWDST and AF_MPLS.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-4804
Reviewed By: CCR-3088
Testing Done: Manual in SE-1
Add support for statically configuring MPLS transit LSPs. This allows the
configuration of ILM to one or more NHLFE, as defined in RFC 3031. The
currently supported nexthop types are IPv4 or IPv6.
The two label operations supported are swap and PHP; the latter is configured
by specifying the out-label as "implicit-null". Note that the operation is
against the label, so it should be the same for all NHLFEs.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-4804, ...
Reviewed By: CCR-3085
Testing Done: In combination with other patches
Shotgun commit:
* Remove shim sources from Makefile.am
* Move new types to command.c / command.h
* Rewrite command.c / command.h
* Refactor shim types to real types in matcher
and parser
* Initial refactor pass on vty.c
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This is useful for DSO modules in order to get support for unloading
them dynamically. It also runs on exit, which doesn't matter much.
At some future point, the code could be extended to check that
allocation counts are 0 on unloading a module.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This adapts the dump-at-exit handler and removes the old leftover code.
(Note the text in log_memtype_stderr was actually incorrect as the only
caller in bgpd cleans up configuration before calling it, i.e. any
remaining allocations are missing-cleanup bugs.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
This is a rather large mechanical commit that splits up the memory types
defined in lib/memtypes.c and distributes them into *_memory.[ch] files
in the individual daemons.
The zebra change is slightly annoying because there is no nice place to
put the #include "zebra_memory.h" statement.
bgpd, ospf6d, isisd and some tests were reusing MTYPEs defined in the
library for its own use. This is bad practice and would break when the
memtype are made static.
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[CF: rebased for cmaster-next]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Move over to the new allocation counting added in the previous commit.
(This commit is mostly mechanical.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
This rewrites Quagga's memory per-type allocation counting, without
using a fixed global list of types. Instead, source files can declare
memory types which get handled through constructor functions called by
the dynamic linker during startup.
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[DL: v3: forgot "nonnull" attribute on XFREE]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The following commit will recreate memory.[ch].
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ability to remove directed edge between two nodes.
Also ensures that adjacency vectors have no null entries.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The regular expression for finding DEFUN/ALIAS in
extract.pl looks for "DEFUN (" or "ALIAS (" if
the *.c file does not have this then it will just
silently ignore the cli.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The 'struct fifo' and it's accompanying #defines do not
belong in lib/zebra.h. Move them into their own header.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit b0d02889624eaafa0984873dcd78c086418bdf13)
Zebra api that was never used.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 33361d3992c8bff66247b76e5adaf4b0de8217df)
ZEBRA_IPV4_NEXTHOP_LOOKUP and ZEBRA_IPV6_NEXTHOP_LOOKUP
were never used by any protocol. Remove dead code
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 22cd6214bf44863bfb5a34b40ab4abba3c5c4574)
The #define nature of zebra message types makes
it stupidly difficult to add /remove message
types. Switch to enum
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 0d63e3c7df981f5b50f27789672f30987911a8cd)
Selectors may be nested inside options [<like|so>].
Removed the ability to make multipart options [like|so].
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
A crash occurred if a prefix was defined in a prefix-list that
contained bits in the prefix but a /0 mask. Resolving that crash
and improving usability by applying the mask to the supplied prefix
and notifying the user if the prefix was modified.
Ticket: CM-12744
Signed-off-by: Don Slice
Reviewed_By:
Testing Done: Manual testing attached to the ticket, bgp-min, bgp-smoke
ospf-min, and ospf-smoke all completed before commit
This patch adds a runtime check to determine if netns are available. Some
systems like OpenWRT have the system call setns() but don't have the kernel
option CONFIG_NET_NS enabled.
Reported-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Tested-by: Christian Franke <chris@opensourcerouting.org>
(cherry picked from commit 04a3aabf58d95d01c4c8168eeff43cf9d9892eee)
We realize VRFs with linux netns by default. The main job is
to associate a VRF with a netns. Currently this is done by
the configuration:
[no] vrf N netns <netns-name>
This command is also available in vtysh and goes to only
zebra, because presently only zebra supports multiple VRF.
A file descriptor is added to "struct vrf". This is for the
associated netns file. Once the command "vrf N netns NAME"
is executed, the specified file is opened and the file
descriptor is stored in the VRF N. In this way the
association is formed.
In vrf_socket(), we first switch to the specified VRF by
using the stored file descriptor, and then can allocate
a socket which is working in the associated netns.
Signed-off-by: Feng Lu <lu.feng@6wind.com>
Reviewed-by: Alain Ritoux <alain.ritoux@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
(cherry picked from commit 55cfa2f190620f7c711944637659bc208970324d)
Create the ns.c files from the original vrf.c code
to allow us to create the 'logical-router' command
to work within namespaces.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
During one of our build processes we are getting
a refix directory in some places. Remove these
from files that git considers
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 844cbf5d6cdfc6961e99e1c9ed35b826f3aa7562)
Comparing the wrong nodes led to duplication during
graph construction, fixed. Also update graph pretty
print to use new graph struct.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
NOTE: I am squashing several commits together because they
do not independently compile and we need this ability to
do any type of sane testing on the patches. Since this
series builds together I am doing this. -DBS
This new structure is the basis to get new link parameters for
Traffic Engineering from Zebra/interface layer to OSPFD and ISISD
for the support of Traffic Engineering
* lib/if.[c,h]: link parameters struture and get/set functions
* lib/command.[c,h]: creation of a new link-node
* lib/zclient.[c,h]: modification to the ZBUS message to convey the
link parameters structure
* lib/zebra.h: New ZBUS message
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add support for IEEE 754 format
* lib/stream.[c,h]: Add stream_get{f,d} and stream_put{f,d}) demux and muxers to
safely convert between big-endian IEEE-754 single and double binary
format, as used in IETF RFCs, and C99. Implementation depends on host
using __STDC_IEC_559__, which should be everything we care about. Should
correctly error out otherwise.
* lib/network.[c,h]: Add ntohf and htonf converter
* lib/memtypes.c: Add new memeory type for Traffic Engineering support
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add link parameters support to Zebra
* zebra/interface.c:
- Add new link-params CLI commands
- Add new functions to set/get link parameters for interface
* zebra/redistribute.[c,h]: Add new function to propagate link parameters
to routing daemon (essentially OSPFD and ISISD) for Traffic Engineering.
* zebra/redistribute_null.c: Add new function
zebra_interface_parameters_update()
* zebra/zserv.[c,h]: Add new functions to send link parameters
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add support of new link-params CLI to vtysh
In vtysh_config.c/vtysh_config_parse_line(), it is not possible to continue
to use the ordered version for adding line i.e. config_add_line_uniq() to print
Interface CLI commands as it completely break the new LINK_PARAMS_NODE.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Update Traffic Engineering support for OSPFD
These patches update original code to RFC3630 (OSPF-TE) and add support of
RFC5392 (Inter-AS v2) & RFC7471 (TE metric extensions) and partial support
of RFC6827 (ASON - GMPLS).
* ospfd/ospf_dump.[c,h]: Add new dump functions for Traffic Engineering
* ospfd/ospf_opaque.[c,h]: Add new TLV code points for RFC5392
* ospfd/ospf_packet.c: Update checking of OSPF_OPTION
* ospfd/ospf_vty.[c,h]: Update ospf_str2area_id
* ospfd/ospf_zebra.c: Add new function ospf_interface_link_params() to get
Link Parameters information from the interface to populate Traffic Engineering
metrics
* ospfd/ospfd.[c,h]: Update OSPF_OPTION flags (T -> MT and new DN)
* ospfd/ospf_te.[c,h]: Major modifications to update the code to new
link parameters structure and new RFCs
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
tmp
This removes the BSD specific usage of struct sockaddr_dl
hardware address. This unifies to use explict hw_addr member for
the address, and zebra specific enumeration for the link layer
type.
Additionally the zapi is updated to never send platform specific
structures over the wire, but the ll_type along with hw_addr_len
and hw_addr are now sent for all platforms.
Based on initial work by Paul Jakma.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
# Please enter the commit message for your changes. Lines starting
# with '#' will be kept; you may remove them yourself if you want to.
# An empty message aborts the commit.
#
# Author: Timo Teräs <timo.teras@iki.fi>
#
# rebase in progress; onto 9c2f85d
# You are currently editing a commit while rebasing branch 'renato' on '9c2f85d'.
#
# Changes to be committed:
# modified: isisd/isis_circuit.c
# modified: lib/if.c
# modified: lib/if.h
# modified: lib/zclient.c
# modified: zebra/interface.c
# modified: zebra/interface.h
# modified: zebra/kernel_socket.c
# modified: zebra/rt_netlink.c
# modified: zebra/rtadv.c
# modified: zebra/zserv.c
#
# Untracked files:
# "\033\033OA\033OB\033"
# 0001-bgpd-fix-build-on-Solaris.patch
# ldpd/
# redhat/ldpd.init
# redhat/ldpd.service
# tags
#
quagga SNMP support depends on netsnmp, that optionally depends on OpenSSL,
which in turn requires zlib. zlib exports the 'zcalloc' symbol, which collides
with a function of the same name in memory.c. This is not a problem when
linking dynamically, since quagga does not use zlib directly. But static
linking fails with the error:
CCLD ospfd
.../output/host/usr/mips64el-buildroot-linux-uclibc/sysroot/usr/lib/libz.a(zutil.o): In function `zcalloc':
zutil.c:(.text+0x48): multiple definition of `zcalloc'
.../output/build/quagga-1.0.20160315/lib/.libs/libzebra.a(memory.o):memory.c:(.text+0x1a0): first defined here
Rename 'zcalloc' to 'zzcalloc' to avoid symbol collision.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Use the 'enum nexthop_types_t' instead of
the zebra.h #defines. And remove code from
zebra.h that does not belong there.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
This commits allow overriding MTU using netlink attributes on
per-route basis. This is useful for routing protocols that can
advertice prefix specific MTUs between routers (e.g. NHRP).
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
(cherry picked from commit b11f3b54c842117e22e2f5cf1561ea34eee8dfcc)
This flag is used internally in zebra only. And it makes no sense
to expose it over the zclient API, as having it set from client
could corrupt the internal state.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 7eb6136b2732d4782360f9f376336c6d4f667ff0)
lib/zebra.h has FILTER_X #define's. These do not belong there.
Put them in lib/filter.h where they belong.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 0490729cc033a3483fc6b0ed45085ee249cac779)
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit abfd40d68202882696260617729518a6d2c99302)
Fix incorrect assumption that the set of first tokens
of all commands are perfectly unambiguous
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
- cmd_make_strvec returns null pointer if str
begins with a '#'
- disallow options nested options
- NULL out state variable in parser
- flip backwards comparison
- fix memory leak in lexer
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Gnu-style code, add copyright headers, cleanup some
random style issues, shuffle around code into
relevant units, add docs.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
OpenBSD doesn't support the "ifindex hack" derived from RFC 1724 which
allows an ifindex to be encoded in the imr_interface field (in_addr)
of the ip_mreq structure. OpenBSD also doesn't support the RFC3678
Protocol-Independent socket API extensions, which allows an interface
to be specified by its ifindex. With that said, in OpenBSD we still need
to specify an interface by its IP address. This patch adds an exception
in the multicast sockopt functions to handle this case.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Disambiguation logic now compares full paths
instead of defaulting to an ambiguous match
if the heads cannot be disambiguated
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Makes ranges where both endpoints are negative
somewhat more readable. Also validate ranges.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The VTY_GET_INTEGER_RANGE macro is failing on arm
with a warning->error issue where we are passing in
a unsigned MAXINT to this macro and it is complaining
that the comparison of (TMPL) > MAXINT is always going
to be false because of data structure size.
I've changed the tmp variable to a unsigned long long
which alleviates this issue.
Ticket: CM-12187
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Completions now include nodes that the input
partially matches as well as the children of
nodes those that the input exactly matches.
Also some minor cleanup and bugfixes.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Variables now allow strings beginning with numbers
to match, ranges and numbers are now long long to
fix OOB parses resulting in integer wraparounds.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
When building argv for matched command, only the
last node was being copied to argv; the rest were
added by reference. Additionally the regex for
certain tokens was too restrictive and disallowed
characters allowed by the old parser; these have
been reinstated.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Various memory leaks have been fixed and the quagga
memory macros are in use. Also consolidated the argv
and matching code into one graph traversal.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The 'show commandtree' command was added to the CONFIG_NODE.
We have a basic assumption that CONFIG_NODE commands actually
change state. 'show commandtree' doesn't meet this requirement.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
A few places are using 0 in place of the MTYPE_* argument. The
following rewrite of the alloc tracking won't deal with that, so let's
use MTYPE_TMP instead.
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[DL: v2: fix XFREE(0, foo) calls too]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
- list_add_node_next was in fact unused
- list_add_node_prev performs a subset of listnode_add_before and
its only use in isisd replaced with that.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
AgentX fd/timeout handling is rather hackishly monkeyed into thread.c.
Replace with code that uses plain thread_* functions.
NB: Net-SNMP's API rivals Quagga's in terms of age and absence of
documentation. netsnmp_check_outstanding_agent_requests() in particular
seems to be unused and is therefore untested.
The most useful documentation on this is actually the blog post Vincent
Bernat wrote when he originally integrated this into lldpd and Quagga:
https://vincent.bernat.im/en/blog/2012-snmp-event-loop.html
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Another zoo extension, this adds a timer scheduling function that takes
a struct timeval argument (which is actually what the wrappers boil down
to, yet it's not exposed...)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This utility function, to join the zoo that the Quagga linked-list
implementation has accumulated, does an insert-before while returning
the newly allocated node.
It is similar to:
- listnode_add_after(), but
- complementary direction
- returns allocated node
- list_add_node_prev(), but
- supports before == NULL
- returns allocated node
In general, the entire linked-list implementation is in bad shape, and
while it needs a cleanup / rewrite / replacement, this would both cause
significant conflicts and block other cleanups...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
QUAGGA_CLK_REALTIME and QUAGGA_CLK_REALTIME_STABILISED aren't used
anywhere in the code. Remove. The enum is kept to avoid having to
change the calls everywhere.
Same applies to the workaround code for systems that don't have a
monotonic clock. None of the systems Quagga works on fall into that
category; Linux, BSD and Solaris all do clock_gettime, for OSX we have
mach_absolute_time() - that covers everything.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
ospf->lsa_refresher_started is only used in relative timing to itself;
replace with monotonic clock which is appropriate for this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Fixed a variety of failure cases and wrote a nice
doc string. Reverted add_node doc string to correct
explanation of procedure.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Queries may be run against DFA's to find matching
cmd_element, and argument lists may be constructed.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This reverts commit d4dc41b6a2.
The rewritten parser fails to recognise "1.2." as partial input for an
IPv4 address, which causes "make check" to fail.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
- HAVE_POLL is overloaded by net-snmp
- missing includes
- ospf6_snmp converted to vrf_iflist()
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When braces (optional parameters) are used in the quagga parser, there
was a small leak on every iteration. Since this construct is primarily
used in the configuation process rather than show commands, it was not
readily apparent. With the addition of the "show ip bgp {json}" form of
the commands, each time one was run, memory was leaked.
Ticket: CM-11435
Signed-off-by: Don Slice
Reviewed By: Donald Sharp
Testing Done: Manual testing, bgp-min and bgp-smoke successful
Modify the banner motd file X command to do these things
differently:
1) Only allow the file <X> to be in SYSCONFDIR
2) Only allow the user to use a file that exists.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com>
Introduce new node type, END_GN, and remove
is_leaf flags. Reorganize command_match.c & remove
internal functions from command_match.h. Start
rewriting command.h in command_new.h with changes
for new backend.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Simplify ipv4 prefix and address matcher / validator to use standard
Linux networking functions instead of a state machine.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Simplify ipv6 prefix matcher / validator to use standard Linux
networking functions instead of a state machine.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Added a default log file named /var/log/quagga/Quagga.log to every daemon
to capture log entries if no log file is defined. This also allows the
capture of logged information prior to reading each daemon's config file.
If a log file is defined manually, it will override this default file name.
Ticket: CM-10987
Signed-off-by: Don Slice
Reviewed By: Donald Sharp
Testing Done: Manual testing
Resolved several memory leaks caused by ifdown/ifup the vrf device or
a swp port. For bgp/zebra/ospf/ospf6, bouncing the vrf device would cause
a linked list, Interface, and route-table to get leaked. For ospf6,
bouncing the swp device also caused leaks of Connected and Prefix entries.
Ticket: CM-10841
Signed-off-by: Don Slice
Reviewed-By: Donald Sharp
Testing Done: Manual testing, bgp and ospf mins passed, smokes had fewer failures than base
Prior to this change, interface bandwidth could not be defined above 10G. With
the use of higher speed interfaces, the ability to effectively define the path
links was highly impacted. Additionally, the default auto-cost reference-bandwidth
for ospf and ospfv3 was set to 100M, which relects a much earlier time. Changed both
the range of interface bandwidth definitions and reference bandwidths to be up to
100G. Set the default interface bandwidth (if not defined) to 10G to make the ratio
continue to cause a cost of 10 as before. Manual testing as well as ospf-min and
ospf-smoke passed successfully.
Ticket: CM-10756
Signed-of-by: Don Slice
Reviewed-by: Donald Sharp
Two Fixes:
1) When a fd has both read and write as a .events.
(POLLHUP | POLLIN | POLLOUT) and a
thread_cancel_read_write call is executed
from a protocol, the code was blindly removing
the fd from consideration at all.
2) POLLNVAL was being evaluated before POLLIN|POLLOUT
were being evaluated. While I didn't see a case
of POLLNVAL being included with other .revent flags
I decided to move the POLLNVAL and POLLHUP handling
to the same section of code.
Additionally the function thread_cancel_read_write
was poorly named and let me to poorly implement
the poll version of it. I've renamed the function
thread_cancel_read_or_write in an attempt to
make this problem moot in the future.
Ticket: CM-11027
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit f6da66a913)
zebra.h pulls in config.h, which results in fiddling with things like
__FILE_OFFSET_BITS. It must always be included first, in order to set
flags that influence the compiler via <features.h>.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 821df2cf18e5978cc7ab532a8695444380d08270)
All functions that call zclient_read_header immediately turn around
and check to ensure that the version and marker fields are correct
Move this code into zclient_read_header
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit a9d4cb33faa6af622240190a80f41c4672374925)
Returning the buffer allows using it in the logging functions
in easier way. This also makes the API consistent with sockunion.
Add also PREFIX_STRLEN to be the generic buffer length required
for any prefix string representation.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 41eb9a4305fbcb206c900a18af7df7115d857d60)
Avoids a dynamic allocation which is usually freed immediate afterwards.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A VTY's input can be closed without the output becoming unavailable.
This happens both on stdio when stdin ends, as well as over TCP when an
unidirectional input shutdown() happens.
In such a case, resetting the output buffer is not appropriate since
there might still be data to be successfully written.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This is intended to be used for either "exit on close", "fork on close"
or "reopen vty on close" functionality for the stdio vty. Which of
these options to take depends on the context, the use case right now is
test programs exiting on EOF.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 464ccf36b4aa1b942cad413ea30267b4bf9e6315)
The interactive CLI actually works just fine, if we just put the
terminal in raw mode to get keystrokes as they come.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit ba53a8fdecef07577dcc4109e5c82bb124d49c58)
this introduces a new public/API function to the vty code for opening a
VTY on stdin/stdout. Intended for unrestricted use by the individual
daemons, i.e. "offical API".
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
to be used with stdin/stdout terminals, this adds support for writing to
a different FD than we're reading from. Also fixes error messages from
config load being written to stdin.
[v2: fixed config write]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 4715a53b4d390e72a06c864a6a505971841e3dc9)
assert(0) is not guaranteed to not return since assert() in general can
be optimised out when building without debug / with optimisation. This
breaks the build in clang, which warns/errors about the missing return.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit f1fc327c7eb00634d2c2b08c2a6f6e44a626ef04)
In "lib/cli: reduce strcmp in CLI hot paths", I failed to notice that
CMD_VARIABLE as a boolean test covers a superset of the other types of
variables. Thus, the patch broke processing of IP/IPv6/Integer range
parameters in the CLI.
Fix by some reordering and introducing TERMINAL_RECORD macro (which
marks whether a given terminal type is a parameter) to be used in places
where the check is really for all kinds of variables.
Reported-by: Timo Teräs <timo.teras@iki.fi>
Tested-by: Martin Winter <mwinter@netdef.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Er, no idea how anyone could ever have thought that it would be a good
idea to have a zillion of strcmp() calls in the CLI's active paths, just
to compare against things like "A.B.C.D".
Reduces 40k prefix list load time from 1.65s to 1.23s (1.34:1).
Acked-by: Paul Jakma <paul@jakma.org>
[v2: killed CMDS_* macros]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 10bac80195cf5a781da6e4415e6580fd7080f734)
Add const to read-only api calls.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 81b139bdd530adda045d22a4daf0054b89703dab)
We're only supporting GCC, Clang and ICC; but there's no reason to use
nonstandard C constructs if they don't actually provide any benefit.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 71f55f38cb3dd804176e7f382f52b75ddcd437de)
The global variable is missing its const, but the accessor function has
a meaningless extra const in exchange...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
There were some (inconsequential) warnings about uninitialised use of
variables. Also, in one case, sub-structs were mixed in initialisation,
which doesn't quite work as intended.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Some places, particularly headers, were spewing warnings since they
don't include neccessary other headers to get struct/enum definitions.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 388f8857eb81ef75014060976776523a58a99389)
When libreadline is used, we mistakenly mix in strdup() done in
libreadline with Quagga's lib/memory bookkeeping/counting, leading to
counter underflows on MTYPE_TMP.
Signed-off-by: Lou Berger <lberger@labn.net>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 672900382d47137638086bd8351b2678f589a546)
Conflicts:
lib/command.c
This code change does two things:
1) Removes ZEBRA_AFI_XXX #defines since they were redundant information
2) Switches afi_t to an enumerated type so that the compiler
can do a bit more compile time checking.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit f3cfc46450cccc5ac035a5a97c5a1a5484205705)
Conflicts:
bgpd/bgp_open.c
bgpd/bgp_open.h
bgpd/bgp_routemap.c
On higher warning levels, compilers expect %p printf arguments to be
void *. Since format string / argument warnings can be useful
otherwise, let's get rid of this noise by sprinkling casts to void *
over printf calls.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* linklist.{c,h}: (listnode_move_to_tail) new unction to move a
listnode to tail of list.
* ospf_packet.c: (ospf_write) remove debug that seemed to be mostly covered
by existing debug.
Use listnode_move_to_tail to just move the list node to the end of the
tail, rather than freeing the one to hand and allocing a new one.
Quagga was using a mix of srand/rand and srandom/random.
Consolidate to use srandom/random which are the POSIX
versions of random number generators
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
now that we know what thread we're currently executing, let's add that
information to SEGV / assert backtraces.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 615f9f18fc025757a255f936748fc1e86e922783)
the library's thread scheduling functions keep track of the thread
function's name, so far so good. However, copying the compiler-provided
constant into a buffer inside the thread structure is plain useless.
Also, strip_funcname() was trying to support something that never
happens.
Instead, let's use some bytes here to track where threads are scheduled
from. Another commit will print that information on crashes.
Ripping out useless stuff: -64 bytes in the thread structure
Re-add as const ptr: +8 bytes
Extra debug info: +12 bytes
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 3493b7731b750cbc62f00be94b624a08ccccf0b2)
Record the ./configure arguments used and make them user-visible.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Paul Jakma <paul@jakma.org>
INCLUDES in configure.ac was not used at all, and INCLUDES in
Makefile.am is supposed to be AM_CPPFLAGS these days.
Reduces warnings spewed during bootstrap/autoreconf.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Greg Troxel <gdt@ir.bbn.com>
Acked-by: Feng Lu <lu.feng@6wind.com>
Acked-by: Paul Jakma <paul@jakma.org>
(cherry picked from commit 237aac56960575f6ad2451ba2796d94bd5ae4b33)
All ZAPI commands pass the zclient around not
the individual stream we need. Switch code
over to follow conventions.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We were reading a u_int16_t for vrf_id_t. While technically
the same thing, I'd like to make sure we think about vrf_id_t's
as vrf_id_t's.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fix lots of warnings. Some const and type-pun breaks strict-aliasing
warnings left but much reduced.
* bgp_advertise.h: (struct bgp_advertise_fifo) is functionally identical to
(struct fifo), so just use that. Makes it clearer the beginning of
(struct bgp_advertise) is compatible with with (struct fifo), which seems
to be enough for gcc.
Add a BGP_ADV_FIFO_HEAD macro to contain the right cast to try shut up
type-punning breaks strict aliasing warnings.
* bgp_packet.c: Use BGP_ADV_FIFO_HEAD.
(bgp_route_refresh_receive) fix an interesting logic error in
(!ok || (ret != BLAH)) where ret is only well-defined if ok.
* bgp_vty.c: Peer commands should use bgp_vty_return to set their return.
* jhash.{c,h}: Can take const on * args without adding issues & fix warnings.
* libospf.h: LSA sequence numbers use the unsigned range of values, and
constants need to be set to unsigned, or it causes warnings in ospf6d.
* md5.h: signedness of caddr_t is implementation specific, change to an
explicit (uint_8 *), fix sign/unsigned comparison warnings.
* vty.c: (vty_log_fixed) const on level is well-intentioned, but not going
to fly given iov_base.
* workqueue.c: ALL_LIST_ELEMENTS_RO tests for null pointer, which is always
true for address of static variable. Correct but pointless warning in
this case, but use a 2nd pointer to shut it up.
* ospf6_route.h: Add a comment about the use of (struct prefix) to stuff 2
different 32 bit IDs into in (struct ospf6_route), and the resulting
type-pun strict-alias breakage warnings this causes. Need to use 2
different fields to fix that warning?
general:
* remove unused variables, other than a few cases where they serve a
sufficiently useful documentary purpose (e.g. for code that needs
fixing), or they're required dummies. In those cases, try mark them as
unused.
* Remove dead code that can't be reached.
* Quite a few 'no ...' forms of vty commands take arguments, but do not
check the argument matches the command being negated. E.g., should
'distance X <prefix>' succeed if previously 'distance Y <prefix>' was set?
Or should it be required that the distance match the previously configured
distance for the prefix?
Ultimately, probably better to be strict about this. However, changing
from slack to strict might expose problems in command aliases and tools.
* Fix uninitialised use of variables.
* Fix sign/unsigned comparison warnings by making signedness of types consistent.
* Mark functions as static where their use is restricted to the same compilation
unit.
* Add required headers
* Move constants defined in headers into code.
* remove dead, unused functions that have no debug purpose.
(cherry picked from commit 7aa9dcef80b2ce50ecaa77653d87c8b84e009c49)
Conflicts:
bgpd/bgp_advertise.h
bgpd/bgp_mplsvpn.c
bgpd/bgp_nexthop.c
bgpd/bgp_packet.c
bgpd/bgp_route.c
bgpd/bgp_routemap.c
bgpd/bgp_vty.c
lib/command.c
lib/if.c
lib/jhash.c
lib/workqueue.c
ospf6d/ospf6_lsa.c
ospf6d/ospf6_neighbor.h
ospf6d/ospf6_spf.c
ospf6d/ospf6_top.c
ospfd/ospf_api.c
zebra/router-id.c
zebra/rt_netlink.c
zebra/rt_netlink.h
__EXTENSION__ is already defined in config.h by autoconf; drop the
duplicate from zebra.h.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 089e5eb7310683be6806726dbf7b7c94b1b66bfb)
* stdbool.h should be widely supported by now, and the 'bool' type makes
more semantic sense than an integer type for boolean values.
(cherry picked from commit e8441a81f6c9f73bc8a25669003abffb40066703)
Because operator "!" has higher priority than "&&",
So we put the "&&" expression in "()" to check both getp and endp.
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 1ed8ce47b922b71f3b3cdd661e647bbe7ed2eca7)
It's mostly used for logging, and the return value is never
checked, so try to make it valid.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 53009d387a633997b16d32224b50451b5c81b61a)
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 3293bc280f15d8e3c04e0bf9b0a8d54d342a87a9)
Upcoming nhrp code will use this, and it can be used to remove
the sockunion2ip(X) macro.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 483abc037b0ac4b3ed168c4810bb14ea338fa80c)
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 6b2672f3c9493aef3495192e113f95a7db4b65bc)
batch-fix all warnings that come up when enabling AgentX SNMP support.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit dfee58f1d41a2e36c7f5f38a3ef5712224131824)
While splitting up the CLI input macro is a bit annoying, this seems to
be the least annoying way to get rid of the "< 0" comparison warning for
unsigned long.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 81a4e85442e2011a47bbb25e8301dc40ec4ed9b6)
Some places had extra semicolons where none belong. Remove them.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit b7d5021bfa161f797cbfb1e92bf5b94327fb1b71)
LISTNODE_DETACH doesn't clear out the node, and LISTNODE_ATTACH doesn't
set ->next (since it assumes a fresh/zeroed listnode). As a result, the
new listnode_move_to_tail() created a nice circular list, in turn
crashing ospfd in ospf_write() later.
Reported-by: Martin Winter <mwinter@netdef.org>
Fixes: 6d83113 ("ospfd: Tweak previous iface RR write patch to avoid free/malloc & redundant log")
Cc: Paul Jakma <paul@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Greg Troxel <gdt@ir.bbn.com>
Acked-by: Dinesh Dutt <ddutt@cumulusnetworks.com>
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
(cherry picked from commit 1c6db0d2da34044ddfb42665fda8a3387ecc451d)
The one place this was being used in BGP is now gone,
can remove deprecated interface.
Acked-by: Feng Lu <lu.feng@6wind.com>
(cherry picked from commit 3790eb0d3f0bbb24b9c6be97f547cec144ee05d1)
* lib/sigevent.c: (program_counter) extend to support more platforms. Joint
effort with Paul Jakma.
(cherry picked from commit b166ea2dda9f04a8b75e0bf5adb7064580695f22)
* Fix (a subset of)? files with non-trivial code that are missing GPL headers.
* A few copyright claims added which I am certain apply, but which I had
missed out on the original commits.
NB: Copyright claims are not exclusive and the addition of any copyright
claim should not be read as implying a lack of any further claims, or
denying the validity of any other claims. All those with claims of
copyright over any portion of Quagga are welcome to submit them, ideally as
patches to update copyright strings in files.
(cherry picked from commit 010ebbbca6396f272cc2d50d147dd922dda68213)
Commit c99f3481a598 has changed the API. Now, the vrfid has been added in
the header, thus we must read it before parsing the rest of the message.
To ease code maintenance, let's add a new function to read a zAPI header.
Fixes: c99f3481a598 ("*: add VRF ID in the API message header")
Reported-by: Martin Winter <mwinter@opensourcerouting.org>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
Tested-by: Martin Winter <mwinter@opensourcerouting.org>
Hi,
This patch adds the ability to configure multicast static routes
directly into pimd. Two source files are introduced to implement the new
feature in addition to changes to existing files.
Here is how it can be used the CLI:
interface <incoming interface>
ip mroute <outgoing interface> <group addr> #
for asm
or ip mroute <outgoing interface> <group addr> <source> # for ssm
Please let me know if you have any questions or concerns,
Regards,
Jafar
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
Welcome pimd to the Quagga daemon zoo!
This is a merge of commit 77ae369 ("pimd: Log ifindex found for an
interface when zebra lib reports a new connected address."), with
the intermediate "reconnect" changes removed (c9adf00...d274381).
d274381 is replaced with b162ab7, which includes some changes. In
addition, 4 reconnect-related changes and 1 cosmetic one have been
bumped out.
The rebase command used to produce the branch that is merged here is:
git rebase --onto b162ab7 c9adf00 77ae369
Note that 3 patches had their author rewritten from
"Anonymous SR#108542 <>" (which is not a valid git author ID)
to: "Savannah SR#108542 <nbahr@atcorp.com>" (which is the e-mail address
listed in the associated Savannah ticket)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
depending on feedback from actually having these commands in a released
version, we may want to adjust them. Thus, mark them as experimental so
users are aware of this.
Cc: Everton Marques <everton.marques@gmail.com>
Cc: Balaji G <balajig81@gmail.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This adds a new zapi call "ZEBRA_IPV4_NEXTHOP_LOOKUP_MRIB" performing a
Multicast RPF lookup for a given source. Details of the lookup
behaviour are left to the zebra side of things.
Note: this is non-reactive, as in, only delivers a snapshot of the state
at a particular point in time. There's no push notification of changes
happening to the RIB.
This combines the following 3 original patches:
- zebra: add zsend_ipv4_nexthop_lookup_mrib()
- zserv: Query mrib (SAFI_MULTICAST).
- zebra: Cleanups to zebra_rib.
Cc: Everton Marques <everton.marques@gmail.com>
Cc: Balaji G <balajig81@gmail.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Quick create/delete actions on a route-map can result in the same route-map
entity having multiple entries created for it — because BGP hasn't run the
update processing to complete prior delete action. The route-map is present
in both a hash table as well as a linked list and the order in each is
different. This can lead to problems when the BGP route-map update processing
runs and finds the same route-map entity present for deletion multiple times.
For example, while processing instance-2 of rmap-A, the code may end up
freeing the hash bucket corresponding to instance-1 of rmap-A.
The fix works by ensuring the list is ordered the same way as the hash
buckets.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Ticket: CM-10023
Reviewed By: CCR-4747
Testing Done: manual, bgp-smoke
There exists a code path where fld would
be used uninitialized.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Three different changes:
a) in nexthop.c we have an actual bug, we've rearranged
the enumerated types and the list of enums has changed, we
were displaying the wrong nexthop information.
b) Remove some dead code from sockunion.h
c) '\0' evaluates to 0 which is NULL. vector_set takes
a pointer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharp@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
If a routing protocol does not have a vrf
configed and the vrf happens to be down
a 'no vrf X' line will cause the system
to crash.
This fixes the issue, I do believe though
that we need to revisit the issue and re-think
start/stop/config/unconfig of vrf's a bit more.
Ticket: CM-10952
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Dinesh Dutt <ddutt@cumulusnetworks.com>
This change extends the earlier change which added the ability in BGP to
trigger IPv6 Router Advertisements when an unnumbered neighbor is configured.
In addition to triggering the RAs, the advertisement interval is also set to
10 seconds. This is needed to handle the scenario where the peer may start
later.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-10896
Reviewed By: CCR-4693
Testing Done: Manual, bgp-min, bgp-smoke
When looking up the connected route, the delete was
causing crashes in OSPF due to the oi having copies
of the freshly deleted connected interface. Fix
code to first lookup the connected route and use that
instead of just deleting it.
Valgrind Findings:
==24112== Invalid read of size 1
==24112== at 0x4E8283F: ospf_intra_add_stub (ospf_route.c:614)
==24112== by 0x4E80B15: ospf_spf_process_stubs (ospf_spf.c:1064)
==24112== by 0x4E80F74: ospf_spf_calculate (ospf_spf.c:1269)
==24112== by 0x4E811C9: ospf_spf_calculate_timer (ospf_spf.c:1339)
==24112== by 0x5126230: thread_call (thread.c:1577)
==24112== by 0x401E00: main (ospf_main.c:377)
==24112== Address 0x7f56a09 is 9 bytes inside a block of size 40 free'd
==24112== at 0x4C29E90: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24112== by 0x51290B3: zfree (memory.c:132)
==24112== by 0x51287F0: connected_free (if.c:987)
==24112== by 0x514406A: zebra_interface_address_read (zclient.c:1146)
==24112== by 0x4E5A81C: ospf_interface_address_add (ospf_zebra.c:262)
==24112== by 0x5144838: zclient_read (zclient.c:1397)
==24112== by 0x5126230: thread_call (thread.c:1577)
==24112== by 0x401E00: main (ospf_main.c:377)
Ticket: CM-10890
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
The connected_lookup_address function should really
be a connected_lookup_prefix function. Refactor
the code to use it.
Ticket: CM-10890
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-10849
We were incorrectly listing protocols that supported ipv6 for "ip
protocol" instead of listing the protocols that supported ipv4.
With the fix
superm-redxp-05(config)# ip protocol ?
any Any of the above protocols
bgp Border Gateway Protocol (BGP)
connected Connected routes (directly attached subnet or host)
isis Intermediate System to Intermediate System (IS-IS)
kernel Kernel routes (not installed via the zebra RIB)
ospf Open Shortest Path First (OSPFv2)
rip Routing Information Protocol (RIP)
static Statically configured routes
table Non-main Kernel Routing Table
superm-redxp-05(config)#
superm-redxp-05(config)#
superm-redxp-05(config)# ipv6 protocol ?
any Any of the above protocols
bgp Border Gateway Protocol (BGP)
connected Connected routes (directly attached subnet or host)
isis Intermediate System to Intermediate System (IS-IS)
kernel Kernel routes (not installed via the zebra RIB)
ospf6 Open Shortest Path First (IPv6) (OSPFv3)
ripng Routing Information Protocol next-generation (IPv6) (RIPng)
static Statically configured routes
table Non-main Kernel Routing Table
superm-redxp-05(config)#
superm-redxp-05(config)#
IPv4 addresses can be learnt from the kernel even when the interface is down.
Quagga notifis clients of addresses upon learning of them (initial read or
upon NEWADDR) as well as when the interface comes up. The problem is that
while zebra code itself has checks to ensure duplicate addresses aren't added
to an interface, that is not true for the clients.
This patch checks for duplicates when the client receives the address add.
Upon this, the patch does a delete and add as done in zebra - because there
is a possibility that some other parameter could have changed. The fix also
takes care of the extra memory allocation for 'connected' in clients.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com>
Ticket: CM-10745
Reviewed By: CCR-4660
Testing Done: Manual, bgp-min
CM-10680
Issue: When BGP daemon is stopped, all the BGP BFD sessions are not getting deleted from PTM.
Root cause: BGP daemon stop causes BFD de-register message to be sent for every peer on which BFD is enabled. But, all the de-register messages from bgpd to zebra are not processed before the socket close. This results in some stale BGP BFD sessions.
Fix: Support for client de-register message has been added in PTM/BFD. Changes in Quagga to support BFD client de-registrations:
− The BFD clients de-registration is sent directly from zebra daemon when zebra client (bgpd, ospfd and ospf6d) socket close is detected.
− Introduced a BFD flag for the zebra clients to prevent BFD de-registration messages from being sent to zebra daemon when the client is shutting down. This reduces the BFD messaging.
CM-10540
Issue: Invalid ptm status “fail” instead of “n/a” being displayed for VRF interfaces.
Root cause: ptm status is not being initialized to “unknown” status when VRF interface is added or changed. The uninitialized value is ‘0’ which is the value for “fail”
Fix: Initialized the ptm status to the correct value.
Signed-off-by: Radhika Mahankali <radhika@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Kanna Rajagopal <kanna@cumulusnetworks.com>
Ticket: CM-10680, CM-10540
Reviewed By: CCR-4653
Testing Done: PTM smoke, BGP smoke and ptmd_test.py:TestMultipleAddrsIntfOspfBgp
The check for the fact a vrf was enabled
was immediately after we disabled it in vrf_disable()
Ticket: CM-10139
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
When doing a 'show run' display vrf information
first to allow later commands to just
work correctly for vrf cli read in.
Ticket: CM-10139
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
"Vrf found: %p" was not protected by a debug
check and as such we were seeing allot of
extraneous output.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
vrf_get has these possible lookup/creation ways of being called.
name = NULL, vrf_id = VRF_UNKNOWN
Nothing to do here.
name = NULL, vrf_id != VRF_UNKNOWN
Look up the vrf_id in the table. Return that created vrf.
If not found create a struct vrf to hold it properly.
name = <something>, vrf_id = VRF_UNKNOWN
Look up the name in the vrf list, if found return that vrf.
If not found create the vrf and zvrf
name = <something>, vrf_id != VRF_UNKNOWN
Look up the name in the vrf list, if found check to see
if the vrf->vrf_id is VRF_UNKNOWN, if so match up and return
If not found, create the vrf and table entry and return
Ticket: CM-10139
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Instead of turning on IPv6 RA on every interface as soon as it has an IPv6
address, only enable it upon configuration of BGP neighbor. When the BGP
neighbor is deleted, signal that RAs can be turned off.
To support this, introduce new message interaction between BGP and Zebra.
Also, take appropriate actions in BGP upon interface add/del since the
unnumbered neighbor could exist prior to interface creation etc.
Only unnumbered IPv6 neighbors require RA, the /30 or /31 based neighbors
don't. However, to keep the interaction simple and not have to deal with
too many dynamic conditions (e.g., address deletes or neighbor change to/from
'v6only'), RAs on the interface are triggered upon any unnumbered neighbor
configuration.
BGP-triggered RAs will cause RAs to be initiated on the interface; however,
if BGP asks that RAs be stopped (upon delete of unnumbered neighbor), RAs
will continue to be exchanged if the operator has explicitly enabled.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-10640
Reviewed By: CCR-4589
Testing Done: Various manual and automated (refer to defect)
The VRF_GET_ID macro should respect the VRF_UNKNOWN
as a notice that the vrf is not active.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
We want the ability to start up quagga in a varied set of
environments. This needs to be done in SysV and systemd
startups. As such refactor the code to allow us to
allow end users to easily switch between the two
sysV:
edit the /etc/quagga/daemons file
service quagga [start|stop|reload|restart]
Systemd:
edit the /etc/quagga/daemons file
systemctl [start|stop|reload|restart] quagga
Ticket: CM-10634
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
BFD debugs were being output without any
debug protection. Modify the code
to not output unless debugging is
turned on.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Radhika Mahankali <radhika@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
CM-10435
Issue: IBGP BFD sessions are created as multi-hop even though peer is single-hop away. This is causing an interop issue with ICOS.
Root Cause: By design all IBGP peers are registered with BFD as multi-hop.
Fix:
• Changed the default behavior of always treating IBGP BFD sessions as mult-hop. shared_network variable is used to determine whether the IBGP peer is single hop or multi-hop away. The logic for determining whether EBGP peer is single hop or multi-hop has not been changed.
• Since the default behavior has been changed, it will cause interop issues between 2.5 and 3.0 IBGP BFD sessions. A new hidden command “bfd multihop/singlehop” has been introduced to overcome the interop issues.
dell-s6000-10(config-router)# neighbor 30.0.2.6 bfd
<2-255> Detect Multiplier
<cr>
dell-s6000-10(config-router)# neighbor 30.0.2.6 bfd multihop
dell-s6000-10(config-router)# no neighbor 30.0.2.6 bfd multihop
dell-s6000-10(config-router)#
dell-s6000-10(config-router)# neighbor 30.0.2.6 bfd multihop
dell-s6000-10(config-router)# do show running-config
!
router bgp 100
neighbor igroup peer-group
neighbor igroup bfd 5 500 500
neighbor igroup bfd multihop
neighbor 30.0.2.2 remote-as 100
neighbor 30.0.2.2 peer-group igroup
neighbor 3101🔤bcad::2 remote-as 100
neighbor 3101🔤bcad::2 peer-group igroup
neighbor 30.0.2.6 remote-as 200
neighbor 30.0.2.6 bfd multihop
neighbor 3102🔤bcad::6 remote-as 200
neighbor 3102🔤bcad::6 bfd
neighbor 3102🔤bcad::6 ebgp-multihop 255
!
CM-10260
Issue: “Unable to connect to socket” message keeps getting logged when ptmd process doesn’t exist.
Root Cause: BFD clients (bgpd, ospfd and ospf6d) during initialization try to register with BFD/PTM by default. This results in continuous logging If PTM does not exist since there is no max on number of retries.
Fix:
• Stop the retries to connect to PTM after max reconnect timer of 5 mins is reached.
• Added zebra debug event wrapper to message logging to prevent it from showing by default.
CM-4541
Issue: Addition of a new command "ptm-enable" or "no ptm-enable" per interface to enable/disable PTM link status checks for an interface.
Fix: Currently there is only one ptm-enable global command that enables/disables PTM status updates for all interfaces. This new command will give the handle to individually stop interface from reacting on the PTM status updates.
• by default interface uses the ptm-enable global configuration
• "no ptm-enable" on an interface will disable PTM status updates from taking affect for that interface. This can bring the interface up if it was brought down due to PTM status update.
• "ptm-enable" on an interface will cause the interface to fallback to the global ptm-enable configuration value and will bring the interface up or down based on the last stored PTM status update if global ptm is enabled.
Ticket: CM-10435, CM-10260 and CM-4541
Signed-off-by: Radhika Mahankali
Reviewed-by: Donald Sharp, Kanna Rajagopal
Changed vrf_get to only create a route-node if the kernel has enabled the vrf,
supplying a table-id. If the quagga configuration contains vrfs that have not
yet been enabled by the kernel, the vrf is created with a vrf_id of VRF_UNKNOWN.
These vrfs are added to the vrf_list so they contain a zvrf and configuration,
but the route-node is not created until the kernel has signalled that the vrf
has been defined and enabled.
Ticket: CM-10481
Signed-off-by: Don Slice
Reviewed-by: Donald Sharp
Protocols receive zclient vrf creation events from zebra.
This data was being handed to the protocol to decode and
then to hand back to zclient to create the vrf to then
handle appropriately. This is a bad idea.
Modify the code such that when zclient.c receives a vrf
event from zebra that it decodes the data and just creates
the vrf. Individual protocols just need to handle the
appropriate vrf events.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
The struct zebra_ns was littered throughout the code
base in a half-hazard fashion. Gather up the references
and isolate the code a bit better.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
The vrf_add_update function does not need to exist.
Move it's constituent parts into the appropriate
vrf_create/vrf_enable functionality as well as
move the zebra_vrf_add_update() function call
into zebra_vrf_enable()
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
vrf_delete_update really belongs in vrf.c broken up
into it's appropriate places.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-10002
superm-redxp-05# conf t
superm-redxp-05(config)# route-map FOO permit 10
superm-redxp-05(config-route-map)# set community ?
AA:NN Community number in AA:NN format (where AA and NN are <0-65535>) or local-AS|no-advertise|no-export|internet or additive
none No community attribute
superm-redxp-05(config-route-map)# set community 2:2
superm-redxp-05(config-route-map)# set community 2:70000
% Malformed communities attribute
superm-redxp-05(config-route-map)# set community 70000:2
% Malformed communities attribute
superm-redxp-05(config-route-map)#
Create the idea of a VRF_UNKNOWN, this is for a vrf where we don't
yet have the vrf_id for it yet.
Refactor the vrf_create code out of existence. We had two code
paths vrf_create and vrf_get. We should use vrf_get to create
the new vrf since XXX_get() creates the data structures now.
Signed-off-by: Donald Sharp
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
vrf_create does not need the string length of the vrf.
Remove it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
When attempting to switch runtime permissions over to
the correct group specified for the vty group, if the
user specified to run as does not have that vty group
then do warn about the issue and stop running
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reported-by: Thomas Martin <tmartincpp@gmail.com>
It may be requred for quagga process to belong to additional
groups. E.g. nhrp module will need to talk to strongSwan using
vici and may require additional permissions. Initialize groups
from the system group database.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
From what I can tell, CAP_NET_BROADCAST has never been required for any
functionality in the Linux kernel, so we do not really need it.
However, it causes breakage in contexts where Quagga is started with a
limited set of capabilities, e.g. in Docker, because these may not
include CAP_NET_BROADCAST and in the case of Docker do not even support
adding CAP_NET_BROADCAST.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When using POSIX capabilities on SunOS the capabilities are too
restricitve resulting in quagga processes not being able to read their
own config files. Credit goes to Oracle where this patch was originally
authored and included in OpenSolaris.
lib/privs.c: Include additional capabilities, better checking of
missing capabilities.
Fixes: #820
Acked-by: Greg Troxel <gdt@ir.bbn.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The file if.c has a iflist that had the list of interfaces
in the default vrf. Remove this variable and replace
with a vrf_iflist lookup on the default vrf where it
was used.
Additionally, modify ptm code to iterate over all vrf's
when enabling ptm.
Ticket: CM-10338
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Radhika Mahankali <radhika@cumulusnetworks.com>
ZEBRA_VRF_ACTIVE is a poor name for when a vrf is
actually active. Rename VRF_ACTIVE.
Ticket: CM-10338
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Radhika Mahankali <radhika@cumulusnetworks.com>
We had two functions XXX_name and XXX_name_len
that both did the same thing. Remove the
XXX_rename_len functions.
Ticket: CM-10338
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Radhika Mahankali <radhika@cumulusnetworks.com>
When we encounter a problem loading a config file
quantify to the end user what has gone wrong,
with a combination of err output as well as
return codes.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Dave Olson <olson@cumulusnetworks.com>
In function vrf_get(), an early call to vrf_get_by_name() may end up
creating the Zebra VRF structure prior to the VRF id being set,
resulting in various other misbehavior. Fix this with appropriate
changes.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Ticket: CM-10258
Reviewed By: CCR-4418
Testing Done: Manual
When you startup zebra and apply a prefix list command, and then at a
later point in time start up additional daemons and then attempt to
apply the integrated-config, the prefix-list command will stop
processing after zebra.
This is because when zebra attempted to process the command, it would
notice that it already had that cli handled and print a vty warning and
then it would return CMD_WARNING. This caused the loop over all the
commands to stop and as such the command would not be sent to all the
individual daemons.
This behavior is exactly the same as it is in the 2.5.X( hell it's
upstream behavior to! ). Modify the plist command to return CMD_SUCCESS
in this case.
Ticket: CM-10248
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
This commit fixes two issues:
1) The creation of a new vrf from the cli was not calling the vrf_create hook.
This is fixed.
2) The zebra_vrf_delete callback was deleting interface information that
belonged to vrf not zvrf. Remove the code as that it was not it's job
to do so.
Ticket: CM-10100
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
The vrf name comparison function was the same as the interface
comparison function. Combine the forces for the goodness of
mankind.
Ticket: CM-10184
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
* lib/zclient.c: (zebra_interface_if_set_value) The hw_addr_len field
is used as trusted input to read off the hw_addr and write to the
INTERFACE_HWADDR_MAX sized hw_addr field. The read from the stream is
bounds-checked by the stream abstraction, however the write out to the
heap can not be.
Tighten the supplied length to stream_get used to do the write.
Impact: a malicious zebra can overflow the heap of clients using the ZServ
IPC. Note that zebra is already fairly trusted within Quagga.
Reported-by: Kostya Kortchinsky <kostyak@google.com>
poll returns the number of revents that we need to handle
in the array. revent is a bit field of events that need
to be handled. thread.c was treating each sub item in the
bitfield as a separate item to handle.
As such the loop over the pollfds would quit early
sometimes.
Ticket: CM-10077
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
The pollfds was being resized if the # of fds grew to
be more than the original array size. Just size it
once.
Ticket: CM-10077
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
bfd was receiving a callback with an interface name string
but was ignoring the passed in vrf to find the ifp pointer.
This commit fixes that code path in bfd.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Radhika Mahankali <radhika@cumulusnetworks.com>
There are cases where we get an interface name but do not have a
corresponding vrf. We care about getting an interface pointer
so just provide a function that searches all vrf's for the ifp.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Radhicak Mahankali <radhika@cumulusnetworks.com>
Reviewed-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-9898
The 'redistribute neighbor' feature is the primary use case for
importing table routes. We need the redistribute neighbor routes to
have a lower admin distance than eBGP so that the local table routes are
preferred (if the host is dual homed we could also learn about it via eBGP).
Updates to routemaps and delete of the routemap were not working properly
for VRFs. This was because while routemaps are global, the routemap update
processing timer and the processing were at the per-instance level. This
approach was unable to handle processing for multiple instances as the
routemap has no tracking of which instances are still pending processing.
This lead to the processing happening correctly only for the first instance
- which could be the default instance or some other instance. It could also
result in reference to freed memory for an instance.
The fix done is to make the update/delete processing also global and not per
instance. This means that the route-map delay timer will be global and a global
thread will handle the change (or delete) for all instances instead of spawning
a separate thread for each instance. To support this, a global BGP command
"bgp route-map delay-timer <value>" has been implemented. The existing command
per-instance is not deleted but will update the global timer.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-6970, CM-9918
Reviewed By: CCR-4320
Testing Done: Manual, bgpsmoke
Restrict interfaces on which IPv6 Router Advertisements are allowed. The list
excludes loopback interfaces including the VRF device interface; specific to
Cumulus, it also includes "switch0" and "ethX" interfaces.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Ticket: CM-9849
Reviewed By: CCR-4334
Testing Done: Manual
All daemons changed to flag an interface that has been moved to a vrf as DELETED instead of INTERNAL.
When they were flagged as IFINDEX_INTERNAL, ospf, rip, and isis would re-install them in the default
assuming that they were being "pre-defined" before the kernel definitions.
Ticket: CM-9265
Signed-off-by: Don Slice
Reviewed-by: Donald Sharp
During some tests of the release I noticed that we
have some issues with it properly building due
to missing information in the Makefile.am files
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
cf. https://gcc.gnu.org/onlinedocs/gcc/Typeof.html
(Works on all compilers on Quagga's compiler support list in
doc/overview.texi)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
With this sequence of commands in a conf file:
router bgp X
address-family ipv4
exit
address-family ipv6
exit
When the bgp AS # is currently configured as !X and the
'vtysh -b -f <conf file above>' command run, vtysh will
crash with an assert.
This commit fixes that issue.
Ticket: CM-9852
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Ticket: CM-7615, CM-7773
Reviewed By: CCR-3610, CCR-3708
Testing Done: Unit, BGP Smoke and OSPF Smoke
Changes (70790261926b17200c8c9377c4576cd3b486fcef) ported from 2.5
Issue (related to CM-7615): 1. CM-7615: There is mismatch in the client name between ptm display of client BFD sessions and the zebra logs. For example, if bgpd added BFD session, zebra logs will show the client as “bgp” but the ptm display will show it as “quagga”
2. Bigger problem is when 2 clients (for example OSPF and BGP) from Quagga register for same BFD session and only one client de-registers the BFD session. This results in BFD session deletion from PTM even though other client still has the BFD registration.
Root Cause: Even though BGP, OSPF and OSPF6 are 3 different clients from Quagga that are trying to register/deregister BFD sessions with PTM, all 3 are represented as one client “quagga” from zebra. This makes it hard for PTM/BFD to distinguish between all three when BFD peer registration/deregistration happens from the clients.
Fix: Send the actual client name bgp, ospf or ospf6 from zebra with BFD reg/dereg messages instead of one unified client name “quagga”
CM-7773: BFD sessions are not getting cleaned from PTM even though no BGP peering exists in Quagga.
Root Cause: PTM cleans up stale BFD sessions from a client when it finds a change in seq id advertised by the client. But, if PTM never detects a change in the seq id then the stale BFD sessions never get cleaned up. The test restarts the quagga without saving the configuration, which results in no BGP peering. No BGP peers are registered with PTM after restart and PTM does not detect a client seq id change resulting in stale BFD sessions.
Fix: New client registration message was added in PTM. Every client that is interested in BFD monitoring will register with PTM with the client seq id. Client will register with a different seq id (typically pid) every time it restarts. This will help in detecting the change in seq id and cleanup of stale BFD sessions for a client.
Code Changes: To support the new client registration message following changes have been made
- Added support for client registration messaging in zebra for sending messages to PTM.
- Added support for client registration messaging between zebra and clients (BGP, OSPF and OSPF6) in BFD library.
- Expanded the reg/de reg peer messaging between zebra and clients to support client specific seq id to distinguish between multiple clients registering for BFD peer rather than one “quagga” client.
- Changes in bgpd, ospfd and ospf6d to send client registrations at the time of daemon initialization and on receiving BFD peer replay message.
If neither a Quagga.conf or <protocol>.conf exist, then
still start the daemon. Assume that configuration is coming
shortly
Ticket: CM-9714
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by:
