- vpn_leak_to_vpn_active(): check instance type
- vpn_leak_prechange(): qualify with test for active
- vpn_leak_postchange(): remove duplicated call to
vpn_leak_from_vrf_update_all()
- bgp_vty.c: Avoid null-pointer dereference for command "no rt vpn import"
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
PR #1739 added code to leak routes between (default VRF) VPN safi and unicast RIBs in any VRF. That set of changes included temporary CLI including vpn-policy blocks to specify RD/RT/label/&c. After considerable discussion, we arrived at a consensus CLI shown below.
The code of this PR implements the vpn-specific parts of this syntax:
router bgp <as> [vrf <FOO>]
address-family <afi> unicast
rd (vpn|evpn) export (AS:NN | IP:nn)
label (vpn|evpn) export (0..1048575)
rt (vpn|evpn) (import|export|both) RTLIST...
nexthop vpn (import|export) (A.B.C.D | X:X::X:X)
route-map (vpn|evpn|vrf NAME) (import|export) MAP
[no] import|export [vpn|evpn|evpn8]
[no] import|export vrf NAME
User documentation of the vpn-specific parts of the above syntax is in PR #1937
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
- add "debug bgp vpn label" CLI
- improved debug messages for "debug bgp bestpath"
- send vrf label to zebra after zebra informs bgpd of vrf_id
- withdraw vrf_label from zebra if zebra informs bgpd that vrf_id is disabled
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
This commit fixes the handling of incoming parameters passed in
following vty functions:
clear ip bgp ipv6 [safi] prefix []
clear ip bgp [vrf ] ipv6 [safi] prefix []
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
This worked for unnumbered peers but not for numbered peers. This is
before the fix:
router bgp 100
coalesce-time 1000
neighbor FOO peer-group
neighbor FOO remote-as external
neighbor swp1 interface peer-group FOO
neighbor 1.1.1.1 peer-group FOO
!
line vty
exec-timeout 0 0
!
end
cel-redxp-10# wr
Note: this version of vtysh never writes vtysh.conf
Building Configuration...
Integrated configuration saved to /etc/frr/frr.conf
[OK]
cel-redxp-10# conf t
cel-redxp-10(config)# router bgp
cel-redxp-10(config-router)# no neighbor swp1 interface peer-group FOO
cel-redxp-10(config-router)# no neighbor 1.1.1.1 peer-group FOO
cel-redxp-10(config-router)# do show run
Building configuration...
Current configuration:
!
frr version 4.1-dev
frr defaults datacenter
hostname cel-redxp-10
!
service integrated-vtysh-config
!
password cn321
!
log syslog
!
router bgp 100
coalesce-time 1000
neighbor FOO peer-group
neighbor FOO remote-as external
neighbor 1.1.1.1 remote-as external
!
address-family ipv4 unicast
no neighbor 1.1.1.1 activate
exit-address-family
!
line vty
exec-timeout 0 0
!
end
cel-redxp-10(config-router)#
After the fix "no neighbor 1.1.1.1 peer-group FOO" removes the 1.1.1.1
neighbor.
We need a better error message. "Multiple BGP processes are configured"
doesnt makes sense anymore as with l3vni,
we could have multiple auto configured bgp instances.
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
We've run across an issue where the local connected
ip address is not being removed in some error condition.
During trackdown it was noticed that we cannot look
at this table for views/vrf's. While we don't have the
bug tracked down yet this will help us figure it out.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Problem reported with output of the command "show bgp vrf all
neighbor x.x.x.x" not limiting the output to that peer in any vrf.
This fix corrects the logic to display by neighbor
(ipv4/ipv6/interface) in any vrf.
Ticket: CM-17377
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
The bestpath multipath-relax setting was added to the output of
"show ip bgp neighbor json" several months ago but this is not
the correct place to display that information and this fix removes
it from there. The multipath-relax setting was also added
to the output of "show ip bgp sum json" which is fine.
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Adds ability to specify that peers should be administratively shutdown
when first configured.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Remove the ability to attempt to configure a couple of options on
directly connected neighbors that don't make sense for them, as well as
the soft error handling code.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
If we have configured neighbor 1.1.1.1 for an afi/safi but they have not
activated that afi/safi with us then display "NoNeg" in the state column
of the summary output. This is to make troubleshooting afi/safi
easier.
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
The bgpTimerUp value was incorrectly named, add
a correct name bgpTimerUpMsec and add some
code to allow for deprecation.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
For some reason bgp is calculating the peer uptime
in miliseconds incorrectly. Additionally we have
the peer_uptime function call that should be doing this!
But since we've choosen different names for the json output
we cannot fix it at this point.
uptime contains the number of seconds of uptime here. Just
multiply by 1k and display that( as peer_uptime does )
Fixes: #1585
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Was using 0 as a sentinel value, so user couldn't configure 0 as the
value of the coalesce timer.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
BGP VRF can be created/deleted either via config or via l3vni add/del.
We need to handle various sequences.
1. If user config is presented, an l3vni del should not delete the vrf instance
2. do not write bgp config in show running for auto created vrf
2. If l3vni present, disallow the cli for deleting bgp vrf instance
3. If l3vni is added and vrf config is present set the flags properly
4. if bgp vrf is configured unset the AUTO flag
Ticket: CM-18630
Review: CCR-6906
Testing: Manual
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
Since coalesce time is now heuristically adjusted based on peer count,
we need to separate out specific configuration by the user from the
current value. Behavior established is to not adjust if the user has a
value set.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
bgpd supports setting a write-quanta that serves as a hint on how many
packets to write per I/O cycle. Now that input is buffered, it makes
sense to add the equivalent parameter for how many packets are processed
per cycle. This is *not* how many packets are read off the wire per I/O
cycle; rather it is how many packets are processed from the input buffer
in a given cycle after having been read off the wire and sanitized.
Since these values must be used from multiple threads, they have also
been made atomic.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Move and modify all network input related code to bgp_io.c
* Add a real input buffer to `struct peer`
* Move connection initialization to its own thread.c task instead of
piggybacking off of bgp_read()
* Tons of little fixups
Primary changes are in bgp_packet.[ch], bgp_io.[ch], bgp_fsm.[ch].
Changes made elsewhere are almost exclusively refactoring peer->ibuf to
peer->curr since peer->ibuf is now the true FIFO packet input buffer
while peer->curr represents the packet currently being processed by the
main pthread.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Remove t_write
* Remove t_keepalive
These have been replaced by pthreads and are no longer needed. Since
some code looks at these values to determine if the threads are
scheduled, also add a new bitfield to store the same information.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Building a communities json object every time is
both expensive and memory wasteful. Modify
code to only build the json object when needed.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fixes a bug whereby all peer-groups would be shown even when a
particular peer-group was specified for display.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Problem reported that we weren't adjusting the keepalive timer
correctly when we negotiated a lower hold time learned from a
peer. While working on this, found we didn't do inheritance
correctly at all. This fix solves the first problem and also
ensures that the timers are configured correctly based on this
priority order - peer defined > peer-group defined > global config.
This fix also displays the timers as "configured" regardless of
which of the three locations above is used.
Ticket: CM-18408
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
Reviewed-by: CCR-6807
Testing-performed: Manual testing successful, fix tested by
submitter, bgp-smoke completed successfully
When retrieving information about neighbors or summary in json
add some information about what bestPath particulars we have for
this bgp session.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
VARIABLE tokens must be all uppercase, this allows us to support WORD
tokens that begin with an uppercase letter. The "Null0" keyword is an
example of where this is needed.
The only VARIABLE we had that wasn't already all uppercase was
ASN:nn_or_IP-address:nn
1) Add hash names to all hash_create calls
2) Fix community_hash, ecommunity_hash and lcommunity_hash key
creation
3) Fix output of community and lcommunity iterators( why would
we want to see the memory location of the backet? ).
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Some of this was so egregiously stupid, I couldn't look at it without
gouging my eyes out...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
afi_header_vty_out() is easily replaced with vty_frame(), which means we
can drop a whole batch of "int *write" args as well as the entirety of
bgp_config_write_family_header().
=> AFI/SAFI config writing is now a lot simpler.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The bgp clear help string was misordered.
New output:
robot.cumulusnetworks.com# clear bgp
(1-4294967295) Clear peers with the AS number
* Clear all peers
A.B.C.D BGP neighbor address to clear
WORD BGP neighbor on interface to clear
X:X::X:X BGP IPv6 neighbor to clear
external Clear all external peers
ipv4 Address Family
ipv6 Address Family
peer-group Clear all members of peer-group
prefix Clear bestpath and re-advertise
view BGP view
vrf BGP VRF
Fixes: #1005
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
When the MAC changes for a local neighbor, ensure that the neighbor data
structure as well as the link between the neighbor and MAC data structures
is updated correctly.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-17565
Reviewed By: CCR-6605
Testing Done: Manual, evpn-smoke
1. Added support to create mac filters
2. Enabled route-map commands for EVPN address family
3. Provision to add mac filters under match clause in route-maps
Ticket: CM-16349
Review: CCR-6190
Unit-test: Manual (logs attached to ticket)
Signed-off-by: Mitesh Kanjariya <mitesh@cumulusnetworks.com>
SAFI values have been a major source of confusion over the last few
years. That's because each SAFI needs to be represented in two different
ways:
* IANA's value used to send/receive packets over the network;
* Internal value used for array indexing.
In the second case, defining reserved values makes no sense because we
don't want to index SAFIs that simply don't exist. The sole purpose of
the internal SAFI values is to remove the gaps we have among the IANA
values, which would represent wasted memory in C arrays. With that said,
remove these reserved SAFIs to avoid further confusion in the future.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This reverts commit c14777c6bf.
clang 5 is not widely available enough for people to indent with. This
is particularly problematic when rebasing/adjusting branches.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
