Previously each container created all it's decendents before descending into
the children and repeating the process.
Signed-off-by: Christian Hopps <chopps@labn.net>
- initialize the necessary bit when creating if_link_params
- fix CLI description to mark extended as the default mode
- correctly set mode to extended when using the "no" form of the command
- handle the "show_defaults" parameter correctly in cli_show callback
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
When affinity mode is "standard", bit position cannot be greater than
31. Add a "must" statement to the YANG model to validate this, and
remove our custom validation code that does the same.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Change the type of affinity leaf-list in frr-zebra to a leafref with
"require-instance" property set to true. This change tells libyang to
automatically check that affinity-map exists before usage and doesn't
allow it to be deleted if it's referenced. It allows us to remove all
the manual code that is doing the same thing.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Add support of RPKI commands in the VRF configure context.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add a config that specifies per-deamon log file names.
Move the handy generated list of daemon names from vtysh to lib;
edit the gitignore files to match.
Signed-off-by: Mark Stapp <mjs@labn.net>
When creating an initial tree trunk for oper data walk, if the xpath
represents a leaf, the leaf is created with an incorrect empty value.
If it doesn't actually exist in daemon's oper data, its value is not
overwritten later and an empty value is returned in the result.
For example, when requesting
`/frr-interface:lib/interface[name='eth0']/description`, the result is:
```
{
"frr-interface:lib": {
"interface": [
{
"name": "eth0",
"description": ""
}
]
}
}
```
instead of an empty JSON that it should be.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Like in RESTCONF GET request and NETCONF get-data request, make it
possible to request state-only, config-only, or all data.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Currently it's the same as get-tree request for the backend, but it is
going to be expanded in the following commits.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Technically changing a leaf from uint16 to uint32 is a NBC change; however,
increasing this to uint32 should not break anyone in reality.
Signed-off-by: Christian Hopps <chopps@labn.net>
Setting this variable to true makes NB ignore only configuration-related
callbacks. CLI-related callbacks are still loaded and executed, so
rename the variable to make it clearer.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Replace operation removes the current data node configuration and sets
the provided value. As current northbound code works only with one
xpath at a time, the operation only makes sense to clear the config of
a container without deleting it itself. However, the next step is to
allow passing JSON-encoded complex values to northbound operations which
will make replace operation much more useful.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Currently, there's a single operation type which doesn't return error
if the object doesn't exists. To be compatible with NETCONF/RESTCONF,
we should support differentiate between DELETE (fails when object
doesn't exist) and REMOVE (doesn't fail if the object doesn't exist).
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Currently, there's no difference between CREATE and MODIFY operations.
To be compatible with NETCONF/RESTCONF, add new CREATE_EXCL operation
that throws an error if the configuration data already exists.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Currently, nb_operation enum means two different things - edit operation
type (frontend part), and callback type (backend part). These types
overlap, but they are not identical. We need to add more operation
types to support NETCONF/RESTCONF integration, so it's better to have
separate enums to identify different entities.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
The maximum number of file descriptors in an fd set is limited by
FD_SETSIZE. This limitation is important because the libc macros
FD_SET(), FD_CLR() and FD_ISSET() will invoke a sigabort if the size of
the fd set given to them is above FD_SETSIZE.
We ran into such a sigabort with bgpd because snmp can return an fd set
of size higher than FD_SETSIZE when calling snmp_select_info(). An
unfortunate FD_ISSET() call later causes the following abort:
Received signal 6 at 1701115534 (si_addr 0xb94, PC 0x7ff289a16a7c); aborting...
/lib/x86_64-linux-gnu/libfrr.so.0(zlog_backtrace_sigsafe+0xb3) [0x7ff289d62bba]
/lib/x86_64-linux-gnu/libfrr.so.0(zlog_signal+0x1b4) [0x7ff289d62a1f]
/lib/x86_64-linux-gnu/libfrr.so.0(+0x102860) [0x7ff289da4860]
/lib/x86_64-linux-gnu/libc.so.6(+0x42520) [0x7ff2899c2520]
/lib/x86_64-linux-gnu/libc.so.6(pthread_kill+0x12c) [0x7ff289a16a7c]
/lib/x86_64-linux-gnu/libc.so.6(raise+0x16) [0x7ff2899c2476]
/lib/x86_64-linux-gnu/libc.so.6(abort+0xd3) [0x7ff2899a87f3]
/lib/x86_64-linux-gnu/libc.so.6(+0x896f6) [0x7ff289a096f6]
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x2a) [0x7ff289ab676a]
/lib/x86_64-linux-gnu/libc.so.6(+0x1350c6) [0x7ff289ab50c6]
/lib/x86_64-linux-gnu/libc.so.6(+0x1366ab) [0x7ff289ab66ab]
/lib/x86_64-linux-gnu/libfrrsnmp.so.0(+0x36f5) [0x7ff2897736f5]
/lib/x86_64-linux-gnu/libfrrsnmp.so.0(+0x3c27) [0x7ff289773c27]
/lib/x86_64-linux-gnu/libfrr.so.0(thread_call+0x1c2) [0x7ff289dbe105]
/lib/x86_64-linux-gnu/libfrr.so.0(frr_run+0x257) [0x7ff289d56e69]
/usr/bin/bgpd(main+0x4f4) [0x560965c40488]
/lib/x86_64-linux-gnu/libc.so.6(+0x29d90) [0x7ff2899a9d90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80) [0x7ff2899a9e40]
/usr/bin/bgpd(_start+0x25) [0x560965c3e965]
in thread agentx_timeout scheduled from /build/make-pkg/output/_packages/cp-routing/src/lib/agentx.c:122 agentx_events_update()
Also, the following error is logged by snmp just before the abort:
snmp[err]: Use snmp_sess_select_info2() for processing large file descriptors
snmp uses a custom struct netsnmp_large_fd_set to work above the limit
imposed by FD_SETSIZE. It is noteworthy that, when calling
snmp_select_info() instead of snmp_select_info2(), snmp uses the same
code working with its custom, large structs, and copy/paste the result
to a regular, libc compatible fd_set. So there should be no downside
working with snmp_select_info2() instead of snmp_select_info().
Replace every use of the libc file descriptors sets by snmp's extended
file descriptors sets in agentx to acommodate for the high number of
file descriptors that can come out of snmp. This should prevent the
abort seen above.
Signed-off-by: Edwin Brossette <edwin.brossette@6wind.com>
Add configure.ac tests for libyang functions, if not present supply the
functionality ourselves in yang.[ch]
Signed-off-by: Christian Hopps <chopps@labn.net>
Allow user to specify full YANG compatible XPath 1.0 predicates. This
allows for trimming results of generic queries using functions and other
non-key predicates from XPath 1.0
Signed-off-by: Christian Hopps <chopps@labn.net>
The thread system has been renamed, let's use the proper
terminology now in the show commands. Also realign
output a tiny bit for stuff that was missing.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra_interface_vrf_update_read is orphan. Remove it.
Fixes: b580c52698 ("*: remove ZEBRA_INTERFACE_VRF_UPDATE")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Practically no-one uses this and ioctls are pretty much
wrappered. Further wrappering could make this even better.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The backtrace functionality has been abstracted over
to zlog_backtrace(). Now that every place uses this
move the inclusion for HAVE_GLIBC_BACKTRACE into
the appropriate files instead of having everyone
pay for this costly include.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The only 2 places sendmmsg is used is in zlog_5424.c
and zlog_live.c. Why is the rest of the entire system
paying for this compilation?
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
A memory leak is detected when stopping the sharpd daemon
with a nexthop group configuration that includes nexthops.
The nexthop_hold structure and its attributes are not
freed. Fix it by adding the missing free function.
Fixes: 98cbbaea91 ("lib: Handle if up/down and vrf enable/disable events")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Heard back from libyang folks that this is not something they consider part of
the API and/or are going to guarantee. So we cannot count on it. Expect keys at
any location on the child sibling list.
Signed-off-by: Christian Hopps <chopps@labn.net>
Allow user to leave keys off of a list entry node at the end of the xpath. This
will return all list entries. Previously there was no way to just get the list
entries. One had to leave off the last list entry node which would then return
all list nodes as well as all the siblings at the same level.
Signed-off-by: Christian Hopps <chopps@labn.net>
- yang_get_key_preds
- yang_lyd_new_list
A function like new_list was added recently to libyang,
this is a compat version.
Signed-off-by: Christian Hopps <chopps@labn.net>
There is no function that both sets the nhg id, and sets
the ZAPI_MESSAGE_NHG flag if the nhg id is valid.
Create a ZAPI API to do this, and apply the changes wherever
needed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
- Add a new node `SRV6_ENCAP_NODE` to the CLI graph. This node allows
users to configure encapsulation parameters for SRv6, including the
source address of the outer encapsulating IPv6 header.
- Install a new CLI command `source-address` under the
`SRV6_ENCAP_NODE` node. This command is used to configure the source
address of the outer encapsulating IPv6 header.
- Install a new CLI command `no source-address` under the
`SRV6_ENCAP_NODE` node. This command is used to unset the
source address of the outer encapsulating IPv6 header and restore the
default source address.
Examples:
```
router# segment-routing
router(sr)# srv6
router(srv6)# encapsulation
router(srv6-encap)# source-address fc00:0:1::1
```
```
router# segment-routing
router(sr)# srv6
router(srv6)# encapsulation
router(srv6-encap)# no source-address
```
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add ability for the connected routes to know
if they are a prefix route or not.
sharpd@eva:/work/home/sharpd/frr1$ ip addr show dev dummy1
13: dummy1: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether aa:93:ce:ce:3f:62 brd ff:ff:ff:ff:ff:ff
inet 192.168.55.1/24 scope global noprefixroute dummy1
valid_lft forever preferred_lft forever
inet 192.168.56.1/24 scope global dummy1
valid_lft forever preferred_lft forever
inet6 fe80::a893:ceff:fece:3f62/64 scope link
valid_lft forever preferred_lft forever
sharpd@eva:/work/home/sharpd/frr1$ sudo vtysh -c "show int dummy1"
Interface dummy1 is up, line protocol is up
Link ups: 0 last: (never)
Link downs: 0 last: (never)
vrf: default
index 13 metric 0 mtu 1500 speed 0 txqlen 1000
flags: <UP,BROADCAST,RUNNING,NOARP>
Type: Ethernet
HWaddr: aa:93:ce:ce:3f:62
inet 192.168.55.1/24 noprefixroute
inet 192.168.56.1/24
inet6 fe80::a893:ceff:fece:3f62/64
Interface Type Other
Interface Slave Type None
protodown: off
sharpd@eva:/work/home/sharpd/frr1$ sudo vtysh -c "show ip route"
Codes: K - kernel route, C - connected, L - local, S - static,
R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR, f - OpenFabric, t - Table-Direct,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
K>* 0.0.0.0/0 [0/100] via 192.168.119.1, enp13s0, 00:00:08
K>* 169.254.0.0/16 [0/1000] is directly connected, virbr2 linkdown, 00:00:08
L>* 192.168.44.1/32 is directly connected, dummy2, 00:00:08
L>* 192.168.55.1/32 is directly connected, dummy1, 00:00:08
C>* 192.168.56.0/24 is directly connected, dummy1, 00:00:08
L>* 192.168.56.1/32 is directly connected, dummy1, 00:00:08
L>* 192.168.119.205/32 is directly connected, enp13s0, 00:00:08
sharpd@eva:/work/home/sharpd/frr1$ ip route show
default via 192.168.119.1 dev enp13s0 proto dhcp metric 100
169.254.0.0/16 dev virbr2 scope link metric 1000 linkdown
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
192.168.45.0/24 dev virbr2 proto kernel scope link src 192.168.45.1 linkdown
192.168.56.0/24 dev dummy1 proto kernel scope link src 192.168.56.1
192.168.119.0/24 dev enp13s0 proto kernel scope link src 192.168.119.205 metric 100
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
sharpd@eva:/work/home/sharpd/frr1$ ip route show table 255
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
local 172.17.0.1 dev docker0 proto kernel scope host src 172.17.0.1
broadcast 172.17.255.255 dev docker0 proto kernel scope link src 172.17.0.1 linkdown
local 192.168.44.1 dev dummy2 proto kernel scope host src 192.168.44.1
broadcast 192.168.44.255 dev dummy2 proto kernel scope link src 192.168.44.1
local 192.168.45.1 dev virbr2 proto kernel scope host src 192.168.45.1
broadcast 192.168.45.255 dev virbr2 proto kernel scope link src 192.168.45.1 linkdown
local 192.168.55.1 dev dummy1 proto kernel scope host src 192.168.55.1
broadcast 192.168.55.255 dev dummy1 proto kernel scope link src 192.168.55.1
local 192.168.56.1 dev dummy1 proto kernel scope host src 192.168.56.1
broadcast 192.168.56.255 dev dummy1 proto kernel scope link src 192.168.56.1
local 192.168.119.205 dev enp13s0 proto kernel scope host src 192.168.119.205
broadcast 192.168.119.255 dev enp13s0 proto kernel scope link src 192.168.119.205
local 192.168.122.1 dev virbr0 proto kernel scope host src 192.168.122.1
broadcast 192.168.122.255 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
Fixes: #14952
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
No need to declare 'nexthop_group_nexthop_num_no_recurse()' as external.
Fixes: 98cda54a95 ("zebra: Add recursive functionality to NHE's")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
When stopping a VRF, the linked list entries must be
removed too.
Fixes: 98cbbaea91 ("lib: Handle if up/down and vrf enable/disable events")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The nexthop_group_active_nexthop_num_no_recurse() function is no more
used. Let us remove the function call.
Fixes: 148813c22a ("zebra: zebra_nhg check each nexthop for active, not just number")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Implement proper memory cleanup for SRv6 functions and locator chunks to prevent potential memory leaks.
The list callback deletion functions have been set.
The ASan leak log for reference:
```
***********************************************************************************
Address Sanitizer Error detected in bgp_srv6l3vpn_to_bgp_vrf.test_bgp_srv6l3vpn_to_bgp_vrf/r2.asan.bgpd.4180
=================================================================
==4180==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 544 byte(s) in 2 object(s) allocated from:
#0 0x7f8d176a0d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
#1 0x7f8d1709f238 in qcalloc lib/memory.c:105
#2 0x55d5dba6ee75 in sid_register bgpd/bgp_mplsvpn.c:591
#3 0x55d5dba6ee75 in alloc_new_sid bgpd/bgp_mplsvpn.c:712
#4 0x55d5dba6f3ce in ensure_vrf_tovpn_sid_per_af bgpd/bgp_mplsvpn.c:758
#5 0x55d5dba6fb94 in ensure_vrf_tovpn_sid bgpd/bgp_mplsvpn.c:849
#6 0x55d5dba7f975 in vpn_leak_postchange bgpd/bgp_mplsvpn.h:299
#7 0x55d5dba7f975 in vpn_leak_postchange_all bgpd/bgp_mplsvpn.c:3704
#8 0x55d5dbbb6c66 in bgp_zebra_process_srv6_locator_chunk bgpd/bgp_zebra.c:3164
#9 0x7f8d1716f08a in zclient_read lib/zclient.c:4459
#10 0x7f8d1713f034 in event_call lib/event.c:1974
#11 0x7f8d1708242b in frr_run lib/libfrr.c:1214
#12 0x55d5db99d19d in main bgpd/bgp_main.c:510
#13 0x7f8d160c5c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
Direct leak of 296 byte(s) in 1 object(s) allocated from:
#0 0x7f8d176a0d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
#1 0x7f8d1709f238 in qcalloc lib/memory.c:105
#2 0x7f8d170b1d5f in srv6_locator_chunk_alloc lib/srv6.c:135
#3 0x55d5dbbb6a19 in bgp_zebra_process_srv6_locator_chunk bgpd/bgp_zebra.c:3144
#4 0x7f8d1716f08a in zclient_read lib/zclient.c:4459
#5 0x7f8d1713f034 in event_call lib/event.c:1974
#6 0x7f8d1708242b in frr_run lib/libfrr.c:1214
#7 0x55d5db99d19d in main bgpd/bgp_main.c:510
#8 0x7f8d160c5c86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86)
***********************************************************************************
```
Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
Move the command from 'lib' to 'vtysh' so we can properly format the
JSON output in a correct manner.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Avoids calling VRF/interface/... handlers in library code more than
once. It's kinda surprising that this hasn't been blowing up already
for the VNC code, luckily these handlers are (mostly?) idempotent.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
... and use it instead of fiddling with the `.synchronous` field.
(Make it const while at it.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Replace `struct list *` with `DLIST(if_connected, ...)`.
NB: while converting this, I found multiple places using connected
prefixes assuming they were IPv4 without checking:
- vrrpd/vrrp.c: vrrp_socket()
- zebra/irdp_interface.c: irdp_get_prefix(), irdp_if_start(),
irdp_advert_off()
(these fixes are really hard to split off into separate commits as that
would require going back and reapplying the change but with the old list
handling)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Without this if we enter something like `debug bgp updates in x.x.x.x prefix-list y`,
prefix-list can't be lookup up, because when we read the config, debug does not know
anything about this prefix-list.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
INTERFACE_NAMSIZ is just a redefine of IFNAMSIZ and IFNAMSIZ
is the standard for interface name length on all platforms
that FRR currently compiles on.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Don't skip NB callbacks loading when ignore_cbs is set for a YANG
module. It allows us to use cli_show, cli_show_end and cli_cmp callbacks
in mgmtd and output configuration directly from it instead of backend
daemons.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
In the master branch a new MTYPE_SCRIPT_RES was created for
frrscript_get_results, lua_to decoders should use that
Signed-off-by: Donald Lee <dlqs@gmx.com>
