Problem statement:
Step-1:
pl1 - 10.10.10.10/24 with deny sequence 1
Step-2:
pl1 - 10.10.10.10/24 with permit sequence 2
Step-3:
pl1 - 20.20.20.20/24 with deny sequence 1
Now we end up deleting permit sequence 2,
which might blackhole the traffic.
RCA:
Whenever we have multiple prefix lists,
having same prefix and different subnet range,
delete or replace of prefix list
would result in delete of entry in route-map
prefix table.
Fix:
We will skip deleting prefix list entry
from routemap prefix table, if we have
the multiple prefix lists having same prefix.
Signed-off-by: Samanvitha B Bhargav <bsamanvitha@vmware.com>
Rather than running selected source files through the preprocessor and a
bunch of perl regex'ing to get the list of all DEFUNs, use the data
collected in frr.xref.
This not only eliminates issues we've been having with preprocessor
failures due to nonexistent header files, but is also much faster.
Where extract.pl would take 5s, this now finishes in 0.2s. And since
this is a non-parallelizable build step towards the end of the build
(dependent on a lot of other things being done already), the speedup is
actually noticeable.
Also files containing CLI no longer need to be listed in `vtysh_scan`
since the .xref data covers everything. `#ifndef VTYSH_EXTRACT_PL`
checks are equally obsolete.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When bulk deleting prefix lists on shutdown the code
was calling plist_delete, which removed the item
from the master->str list, and then popping the next
item on the list and just dropping it on the floor.
The pop is not needed.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Recent commit e92508a741 changed
the prefix_master->str to a RB tree. This introduced a condition
whnere on shutdown the prefix list was removed from the master list
and then operated on by passing around a name. Which was then used
to lookup the prefix list again when we operated on the code.
This change to a RB Tree first deleted the item from the RB tree
first thus introducing this crash
Crash:
(gdb) bt
index=0x556c07d59650, pentry=0x556c07d29380) at lib/routemap.c:2397
arg=0x7ffdbf84bc60) at lib/hash.c:267
event=RMAP_EVENT_PLIST_DELETED) at lib/routemap.c:2489
Grab the first item on the list, clean it and then remove it.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The prefix_master->str data structure was a sorted
list of the prefix names. Not that big of a deal
other than insertion and deletion is insanely expensive
when you have a large number of unique prefix-lists.
In my test config file that I discovered this,
I have 587 unique prefix lists spread out acros
~26k lines of prefix-lists. When reading
this config file into FRR the read time goes
from 690 seconds to 650 seconds.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
```
exit1-debian-9(config-route-map)# match ip route-source prefix-list ?
<cr>
PREFIXLIST_NAME IP prefix-list name
p1 p2
```
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
While we do have `show ip prefix-list NAME A.B.C.D/M`, that doesn't
actually run the prefix list matching code. While the result would
hopefully be the same anyway, let's have a way to call the actual prefix
list match code and get a result.
(As an aside, this might be useful for scripting to do a quick "is this
prefix in that prefix list" check.)
Signed-off-by: David Lamparter <equinox@diac24.net>
... the PIM code is kinda misusing prefix lists to match addresses.
Considering the weird semantics of access-lists, I can't fault it.
However, prefix lists aren't great at matching addresses by default,
since they try to match the prefix length too. So, here's an "address
match mode" for prefix lists to get that to work more reasonably.
Fixes: #8492
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A long time ago there was a difference between number-named and string-named
access/prefix-lists. Currently we always treat the name as a string and
there is no need for a separate list for number-named lists.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Before the transition of prefix-lists to northbound, this setting
controlled whether sequence numbers were displayed in the config.
After the transition, sequence numbers are always displayed in the
configuration, and this command only controls the output of the show
commands, which is not very useful. This command is not even shown in
the config anymore.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Back when I put this together in 2015, ISO C11 was still reasonably new
and we couldn't require it just yet. Without ISO C11, there is no
"good" way (only bad hacks) to require a semicolon after a macro that
ends with a function definition. And if you added one anyway, you'd get
"spurious semicolon" warnings on some compilers...
With C11, `_Static_assert()` at the end of a macro will make it so that
the semicolon is properly required, consumed, and not warned about.
Consistently requiring semicolons after "file-level" macros matches
Linux kernel coding style and helps some editors against mis-syntax'ing
these macros.
Signed-off-by: David Lamparter <equinox@diac24.net>
Problem:
Prefix-list with mulitiple rules, an update to
a rule/sequence with different prefix/prefixlen
reset prefix-list next-base pointer to avoid
having stale value.
In some case the old next-bast's reference leads
to an assert in tri (trie_install_fn ) add.
bt:
(object=0x55576a4c8a00, updptr=0x55576a4b97e0) at lib/plist.c:560
(plist=0x55576a4a1770, pentry=0x55576a4c8a00) at lib/plist.c:585
(ple=0x55576a4c8a00) at lib/plist.c:745
(args=0x7fffe04beb50) at lib/filter_nb.c:1181
Solution:
Reset prefix-list next-base pointer whenver a
sequence/rule is updated.
Ticket:CM-33109
Testing Done:
Signed-off-by: Chirag Shah <chirag@nvidia.com>
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Convert over to using the %pFX and %pRN modifiers
to output strings to allow us to consolidate on
one standard for printing prefixes.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Changes:
- Refactor list entry deletion to use a function that properly notifies
route map on deletion (fixes a heap-use-after-free).
- Prefix list entry wild card sets `le` to maximum IP mask value and
`any` is a boolean.
- Fix prefix list trie removal order (in `prefix_list_entry_update_start`).
- Let only the `any` callback change the value of field `any`.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
After the commands started working I noticed that prefix lists were
still not working and displaying incorrect information in
`show ip prefix-list`.
Turns out `any` must be set to `0` when a prefix is set and the prefix
entry **must** be installed in the prefix list head.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Based on the function `prefix_list_entry_add` and
`prefix_list_entry_delete` it was created two functions to replicate
its functionality without the assumption we are always alocating a new
prefix list entry.
Since the prefix list entry is stored in the YANG private data
structures, we want to avoid the allocation/free of memory that is
hold by the schema.
Every time a prefix list entry values change we must call
`prefix_list_entry_update_start` to uninstall the entry from prefix
list internal structures and then call
`prefix_list_entry_update_finish` to put them back.
The variable `installed` in the prefix list entry tracks the
installation status of the internal structure. It is possible that a
user unconfigures or forgets to add a `prefix` value and so we can't
install the entry until then.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Use northbound to write the configuration from now on. While here, fix
how `exact-match` configuration is being created.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Replace sprintf with snprintf where straightforward to do so.
- sprintf's into local scope buffers of known size are replaced with the
equivalent snprintf call
- snprintf's into local scope buffers of known size that use the buffer
size expression now use sizeof(buffer)
- sprintf(buf + strlen(buf), ...) replaced with snprintf() into temp
buffer followed by strlcat
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
And again for the name. Why on earth would we centralize this, just so
people can forget to update it?
Signed-off-by: David Lamparter <equinox@diac24.net>
There is really no reason to not put this in the cmd_node.
And while we're add it, rename from pointless ".func" to ".config_write".
[v2: fix forgotten ldpd config_write]
Signed-off-by: David Lamparter <equinox@diac24.net>
The only nodes that have this as 0 don't have a "->func" anyway, so the
entire thing is really just pointless.
Signed-off-by: David Lamparter <equinox@diac24.net>
* This commit implements the code style suggestions from Polychaeta.
* This commit also introduces a CLI to toggle the optimization and, a hidden
CLI to display the contents of the constructed prefix tree.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
* This commit introduces the building blocks.
A per-route-map prefix tree is introduced.
This tree will consist of the prefixes defined within the prefix-lists
that are added to the match clause of that route-map.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
The correct cast for these is (unsigned char), because "char" could be
signed and thus have some negative value. isalpha & co. expect an int
arg that is positive, i.e. 0-255. So we need to cast to (unsigned char)
when calling any of these.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
When a prefix-list is applied to a BGP neighbor to deny the learning
of specific routes, the hit count is showing 0 for BGP even though
the routes are being filtered correctly due
to the configured prefix-list.
Before fix:
c1# show ip prefix-list nag seq 10
ZEBRA: seq 10 permit any (hit count: 0, refcount: 0)
BGP: seq 10 permit any (hit count: 0, refcount: 0)
c1# show ip prefix-list nag seq 5
ZEBRA: seq 5 deny 1.0.1.0/24 (hit count: 0, refcount: 0)
BGP: seq 5 deny 1.0.1.0/24 (hit count: 0, refcount: 0)
Fix: Increment the prefix-list's hit count whenever a rule match occurs.
After Fix:
c1# show ip prefix-list nag seq 10
ZEBRA: seq 10 permit any (hit count: 0, refcount: 0)
BGP: seq 10 permit any (hit count: 6, refcount: 0)
c1# show ip prefix-list nag seq 5
ZEBRA: seq 5 deny 1.0.1.0/24 (hit count: 0, refcount: 0)
BGP: seq 5 deny 1.0.1.0/24 (hit count: 1, refcount: 0)
Signed-off-by: Visakha Erina visakha.erina@broadcom.com
Various compilers in our CI system were complaining about various
auto-conversions. Let's get these cleaned up a bit more.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
