This commit finalizes the previous commits which introduced a generic
approach for making all BGP peer and address-family attributes
overrideable by keeping track of the configuration origin in separate
internal structures.
First of all, the test suite was greatly extended to also check the
internal data structures of peer/AF attributes, so that inheritance for
internal values like 'peer->weight' is also being checked in all cases.
This revealed some smaller issues in the implementation, which were also
fixed in this commit. The test suite now fully passes and covers all the
usual situations that should normally occur.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
This commit introduces BGP peer-group overrides for the last set of
peer-level attrs which did not offer that feature yet. The following
attributes have been implemented: description, local-as, password and
update-source.
Each attribute, with the exception of description because it does not
offer any inheritance between peer-groups and peers, is now also setting
a peer-flag instead of just modifying the internal data structures. This
made it possible to also re-use the same implementation for attribute
overrides as already done for peer flags, AF flags and AF attrs.
The `no neighbor <neigh> description` command has been slightly changed
to support negation for no parameters, one parameter or * parameters
(LINE...). This was needed for the test suite to pass and is a small
change without any bigger impact on the CLI.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
This commit implements BGP peer-group overrides for the timer flags,
which control the value of the hold, keepalive, advertisement-interval
and connect connect timers. It was kept separated on purpose as the
whole timer implementation is quite complex and merging this commit
together with with the other flag implementations did not seem right.
Basically three new peer flags were introduced, namely
*PEER_FLAG_ROUTEADV*, *PEER_FLAG_TIMER* and *PEER_FLAG_TIMER_CONNECT*.
The overrides work exactly the same way as they did before, but
introducing these flags made a few conditionals simpler as they no
longer had to compare internal data structures against eachother.
Last but not least, the test suite has been adjusted accordingly to test
the newly implemented flag overrides.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
This commit introduces the current test suite for BGP peer-group
overrides by adding support for custom check handlers (which can check
internal data structures more thoroughly) and by fixing several small
mistakes and issues that slipped through. Also some parts of the code
have been cleaned up to avoid duplicate and/or hard-to-read code.
Additionally a first experimental check for a BGP peer attribute with
values (advertisement-interval <value>) has been added to the test
suite. As this test suite is currently not passing, it has not been
added to the python test caller.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
The current implementation of the overrides for peer address-family
attributes suffered a bug, which caused all peer-specific attributes to
be lost when the peer was added to a peer-group which already had that
specific address-family active.
This commit extends the *peer_group2peer_config_copy_af* function to
respect overridden flags properly. Additionally, the arguments of the
macros *PEER_ATTR_INHERIT* and *PEER_STR_ATTR_INHERIT* have been
reordered to be more consistent and easy to read.
This commit also adds further test cases to the BGP peer attributes test
suite, so that this kind of error is being caught in future commits. The
missing AF-attribute *distribute-list* has also been added to the test
suite.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
The current implementation of peer flags (e.g. shutdown, passive, ...)
only has partial support for overriding flags of a peer-group when the
peer is a member. Often settings might get lost if the user toys around
with the peer-group configuration, which can lead to disaster.
This commit introduces the same override implementation which was
previously integrated to support proper peer flag/attribute override on
the address-family level. The code is very similar and the global
attributes now use their separate state-arrays *flags_invert* and
*flags_override*.
The test suite for BGP peer attributes was extended to also check peer
global attributes, so that the newly introduced changes are covered. An
additional feature was added which allows to test an attribute with an
*interface-peer*, which can be configured by running `neighbor IF-TEST
interface`. This was introduced so that the dynamic runtime inversion of
the `extended-nexthop` flag, which is only enabled by default for
interface peers, can also be tested.
Last but not least, two small changes have been made to the current bgpd
implementation:
- The command `strict-capability-match` can now also be set on a
peer-group, it seems like this command slipped through while
implementing peer-groups in the very past.
- The macro `COND_FLAG` was introduced inside lib/zebra.h, which now
allows to either set or unset a flag based on a condition. The syntax
for using this macro is: `COND_FLAG(flag_variable, flag, condition)`
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
When trying to run make check using automake 1.16.1, we get:
CC isisd/test_fuzz_isis_tlv-test_fuzz_isis_tlv.o
isisd/test_fuzz_isis_tlv.c:1:10: fatal error: test_fuzz_isis_tlv_tests.h: No such file or directory
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
Makefile:1096: recipe for target 'isisd/test_fuzz_isis_tlv-test_fuzz_isis_tlv.o' failed
make[1]: *** [isisd/test_fuzz_isis_tlv-test_fuzz_isis_tlv.o] Error 1
make[1]: Leaving directory '/src/frr-frr-5.0/tests'
Makefile:1220: recipe for target 'check-am' failed
make: *** [check-am] Error 2
From reading the automake docs, it looks like there may be a more
reliable way to express built files in the Makefile.am using BUILT_SOURCES.
Using this method, we seem to build fine now on 1.16.1 and this
has been tested on Ubuntu 18.04, CentOS 7 and Alpine edge (which uses
automake 1.16.1).
Issue: https://github.com/FRRouting/frr/issues/2403
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
I see lots of the same code being copy-pasted and slightly tweaked for
string processing all over the codebase. Time to start aggregating these
pieces into something consistent and correct.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
On Alpine Linux edge, musl does not seem to be RFC 5952 4.2.2
compliant (how to print a single :0: in the IPv6 address). Let's
skip that test, as we get false negatives when running against
that version of musl.
Credit for the idea for the fix and how to fix it is due to
chris@opensourcerouting.org.
Testing done:
make check on alpine linux passes now
Issue: https://github.com/FRRouting/frr/issues/2375
Signed-off-by: Arthur Jones <arthur.jones@riverbed.com>
The bgp data structures:
bgp->vnihash
bgp->vrf_export_rtl
bgp->vrf_import_rtl
bgp->l2vnis
Must always be valid data structures. So remove the tests
that ensure that they are.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This commit improves the previous implementation of the peer attribute
test suite by getting rid of some really ugly macros and replacing them
with sane functions.
Additionally, the macro TEST_ASSERT was changed to TEST_ASSERT_EQ (==
comparison) which now also prints the line where the assertion has been
infringend. This should make it way more clear where a specific issue
has been spotted.
Last but not least, the multicast families for both IPv4 and IPv6 had
been added as they are working without any further changes or special
cases for all currently existing peer attributes. Other AFI/SAFI
references have been removed to keep the code clean.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
This commit fixes all outstanding style/formatting issues as detected by
'git clang-format' or 'checkpath' for the new peer-group override
implementation, which spanned across several commits.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
This commit introduces unit tests for BGP peer attributes and checks all
three involved components, which are:
- CLI Configuration Input: The appropriate commands to configure the
attribute on either a peer or peer-group are being executed the same way
an end user would do it.
- CLI Configuration Output: The output of 'show running-config' is being
checked for presence/absence of expected configuration strings.
- Internal Data Structures: The internal data structures for maintaining
flag/filter states (value + override + invert) are being checked after
each operation to ensure the override has been implemented properly.
All attributes to be tested must be defined within the 'peer_attrs'
structure, which contains all peer attributes as of today and checks
them with both IPv4 Unicast and IPv6 Unicast. More address families are
supposed to be introduced at a later point in time.
Each attribute is being checked in its own 'clean' BGP environment, so
everything gets reset after each attribute to avoid any weird edge
cases. The 'correct' BGP startup and shutdown routine was taken from
'bgp_main.c' to ensure that we are not leaking any memory or acting
different than the real 'bgpd' would do.
Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
Some recent changes in BGP now require that the
peer's nexthop have a valid ifp when we are looking
at:
case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL:
case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL:
This assumption makes sense for this type of Nexthop Attribute.
So for the test let's jimmy up a `fake` enough interface pointer
so that the actual test we can focus on what we are actually
testing.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Add general-purpose DFS traversal code
* Add ability to dump any graph to DOT language
* Add tests for graph datastructure
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Routes that have labels must be sent via a nexthop that also has labels.
This change notes whether any path in a nexthop update from zebra contains
labels. If so, then the nexthop is valid for routes that have labels.
If a nexthop update has no labeled paths, then any labeled routes
referencing the nexthop are marked not valid.
Add a route flag BGP_INFO_ANNC_NH_SELF that means "advertise myself
as nexthop when announcing" so that we can track our notion of the
nexthop without revealing it to peers.
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
This commit checks that the reception of MP_REACH and MP_UNREACH
flowspec is handled correctly.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The following types are nonstandard:
- u_char
- u_short
- u_int
- u_long
- u_int8_t
- u_int16_t
- u_int32_t
Replace them with the C99 standard types:
- uint8_t
- unsigned short
- unsigned int
- unsigned long
- uint8_t
- uint16_t
- uint32_t
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Also modify `struct route_entry` to use nexthop_groups.
Move ALL_NEXTHOPS loop to nexthop_group.h
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
We were improperly mixing constants used to identify AFI/SAFI values
using the IANA and internal representations. Things happened to be
working because the IANA/internal values are the same in some cases
(e.g. AFI_IP and IANA_AFI_IPV4). This commit fixes a few warnings when
running "make check" on FreeBSD 11.1.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
These variables being removed were made obsolete by commit 9cabb64b3. As
of now, the parse_test() function fetches the afi/safi values from
the parsed NLRIs. There's no need to have duplicate information in the
'test_segment' structure anymore.
This fixes several warnings of this kind when running "make check"
on FreeBSD: "implicit conversion from enumeration type 'iana_safi_t'
to different enumeration type 'safi_t'".
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
* Fix rare failure caused when end pointer is at end of buffer memory
and a call to ringbuf_get() is made that reads all of the data in the
buffer; start pointer was advanced past end pointer, causing some
special handling to be skipped
* Fix ringbuf_peek() moving start pointer
* Fix use after free
* Remove extraneous assignment
* Update relevant tests
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Peek functionality for ring buffers and associated tests.
Also:
* Slight optimization to avoid 0-byte memcpy() by changing > to >=
* Add rv checks for some ringbuf_[put|get] calls that were missing them
in the test
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The $Id: lines would allow code kept in cvs to substitute
the file version upon checkout. Since we are not using
cvs there is no need to keep these lines anymore.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Fuzzing hook for BGP packet processing does not map to MT-BGPD. Removing
offending call for now, additional work to fix this in the future.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Changes all synchronization primitives to be dynamically allocated. This
should help catch any subtle errors in pthread lifecycles.
This change also pre-initializes synchronization primitives before
threads begin to run, eliminating a potential race condition that
probably would have caused a segfault on startup on a very fast box.
Also changes mutex and condition variable allocations to use
MTYPE_PTHREAD and updates tests to do the proper initializations.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Allow the higher level protocol to specify if it would
like to receive notifications about it's routes that
it has installed.
I've purposely made it part of zclient_new_notify because
we need to track the routes on a per daemon basis only.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Add write callback.
Add error callback.
Add frrzmq_check_events() function to check for edge triggered things
that may have happened after a zmq_send() call or so.
Update ZMQ tests.
Signed-off-by: ßingen <bingen@voltanet.io>
Fuzzing with tools like afl requires the ability to quickly/easily
call a function to test it's input. In the case of bgp we
need the ability to test bgp's packet handler quickly. This
added program bgpd/test_packet takes a file name as input
that it treats as normal bgp communication between itself
and a peer.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Convert the list_delete(struct list *) function to use
struct list **. This is to allow the list pointer to be nulled.
I keep running into uses of this list_delete function where we
forget to set the returned pointer to NULL and attempt to use
it and then experience a crash, usually after the developer
has long since left the building.
Let's make the api explicit in it setting the list pointer
to null.
Cynical Prediction: This code will expose a attempt
to use the NULL'ed list pointer in some obscure bit
of code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
While vertizes should be strictly ordered on insertion, deletion
will of course encouter equality.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
adds a new all-daemon "debug memstats-at-exit" command. Also saves
memstats to a file in /tmp, useful if a long-running daemon is having
weird issues (e.g. in a user install).
Fixes: #437
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A mismatch between the make rule and the include path causes dependency
tracking to try to build the clippy.c file twice (at the same time),
which results in spurious build failures.
Fixes: #971
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This adds "@tcp" as new choice on the -z option present in zebra and the
protocol daemons. The --enable-tcp-zebra option on configure is no
longer needed, both UNIX and TCP socket support is always available.
Note that @tcp should not be used by default (e.g. in an init script),
and --enable-tcp-zebra should never have been in any distro package
builds, because
**** TCP-ZEBRA IS A SECURITY PROBLEM ****
It allows arbitrary local users to mess with the routing table and
inject bogus data -- and also ZAPI is not designed to be robust against
attacks.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
BUILT_SOURCES doesn't do what the name suggests. What it actually means
is "these files should be built first when doing a 'make' without
explicit target" (or "make all").
It's pretty much almost always wrong to use BUILT_SOURCES, the only
correct use is when a file is needed by an unspecified / large set of
files.
Also remove version.h and route_types.h from dist tarball while we're at
it. configure will create them anyway.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This splits off privs_preinit(), which does the lookups for user and
group IDs. This is so the init code can create state directories while
still running as root.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
- SIGTSTP appropriately suspends the foreground terminal
- SIGINT causes the daemon to exit, regardless of -d
- SIGQUIT causes the daemon to daemonize, regardless of -d
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This reverts commit c14777c6bf.
clang 5 is not widely available enough for people to indent with. This
is particularly problematic when rebasing/adjusting branches.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Without it, tests were passing before commit 9fb47c0, so a case was
missing (the one which that commit fixes).
Signed-off-by: ßingen <bingen@voltanet.io>
Needed these while rewriting LSDB iteration.
NB: this commit fails because of a bug in ospf_lsdb_get_next, which will
SEGV when the LSDB is actually empty. Whooo... (this is fixed in the
following commits.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
pytest.mark.skipif apparently iterates through a class's methods,
applying itself onto the various methods. Now, since we're deriving
from a parent class, the method is actually the same object inherited
from the parent, so the decorator will apply itself on the parent's
testrunning method (test_refout). The result is that any TestRefout
tests after "test_commands.py" will be skipped...
This only became apparent after adding ospf6d/test_lsdb.py; before,
test_commands.py was the last test in the list so it didn't matter...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Add support for naming pthreads. Also, note that we don't have any
records yet if that's the case.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
it's just an alias for a millisecond timer used in exactly nine places
and serves only to complicate
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The FSF's address changed, and we had a mixture of comment styles for
the GPL file header. (The style with * at the beginning won out with
580 to 141 in existing files.)
Note: I've intentionally left intact other "variations" of the copyright
header, e.g. whether it says "Zebra", "Quagga", "FRR", or nothing.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A partially-entered IPv6 address would never return a "partly_match",
meaning some possible completions weren't listed by the matcher.
This specifically breaks autocompleting BGP IPv6 neighbor addresses.
Before:
aegaeon# show ip bg ne 2001:<?>
WORD Neighbor on BGP configured interface
After:
aegaeon# show ip bg ne 2001:<?>
WORD Neighbor on BGP configured interface
X:X::X:X Neighbor to display information about
2001:db8::2
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Pass pointer to pointer instead of assigning by return value. See
previous commit message.
To ensure that the behavior stays functionally correct, any assignments
with the result of a thread_add* function have been transformed to set
the pointer to null before passing it. These can be removed wherever the
pointer is known to already be null.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
The way thread.c is written, a caller who wishes to be able to cancel a
thread or avoid scheduling it twice must keep a reference to the thread.
Typically this is done with a long lived pointer whose value is checked
for null in order to know if the thread is currently scheduled. The
check-and-schedule idiom is so common that several wrapper macros in
thread.h existed solely to provide it.
This patch removes those macros and adds a new parameter to all
thread_add_* functions which is a pointer to the struct thread * to
store the result of a scheduling call. If the value passed is non-null,
the thread will only be scheduled if the value is null. This helps with
consistency.
A Coccinelle spatch has been used to transform code of the form:
if (t == NULL)
t = thread_add_* (...)
to the form
thread_add_* (..., &t)
The THREAD_ON macros have also been transformed to the underlying
thread.c calls.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Label Manager allows to share MPLS label space among different
daemons. Each daemon can request a chunk of consecutive labels and
release it if it doesn't need them anymore. Label Manager stores the
daemon protocol and instance to identify the owner client. It uses them
to perform garbage collection, releasing all label chunks from a client
when it gets disconnected or reconnected.
Additionally, every client can request that the chunk is never garbage
collected. In that case client has the responsibility to release
non-used labels.
Zebra can host the label manager itself (if no -l param is provided) or
connect to an external one using zserv/zclient (providing its address
with -l param).
Client code is in lib/zclient.c, but currently only LDP is using it.
TODO: Allow for custom ranges requests, i.e., specify the start label
besides the chunk.
TODO: Release labels from LDP.
Signed-off-by: Bingen Eguzkitza <bingen@voltanet.io>
The protocols enum serves no purpose other than adding potential for
bugs and making it complicated to add a new protocol... nuke.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Start centralising startup & option parsing into the library.
FRR_DAEMON_INFO is a bit weird, but it will become useful later (e.g.
for killing the ZLOG_* enum, and having the daemon name available)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This commit is a fix from previous commit: Quagga: AFI/SAFI mappings
IANA to/from internal values. It removes the printf that was used for
troubleshooting the afi/safi change, in respect to testing.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Because the bgp_nlri_parse function has been extended with one parameter,
when doing bgp testing against some packets, the correct call to
bgp_nlri_parse must be done.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Test uninstall_element(). The commandline-specified counter allows
isolating memleaks more closely, differentiating one-off vs. repeated
leaks.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The library libzebra that is installed with FRR will
conflict with Quagga. So let's rename it to libfrr.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
To make it possible for testcli to get a clean memory management bill.
(Note: XFREE() is NULL-safe, just like free().)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
[DL: v2: fix missing slash in tests/Makefile.am]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This cuts a large piece of complexity from the parser by making the
sequences between | the same, no matter whether it's <> () or [].
This causes some changes in behaviour:
- [foo|bar] is now accepted
- <foo|[bar]> is now accepted (yes it's stupid)
- {a|b} is now means "at least one of these, in any order"; to allow
zero use [{a|b}] instead.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Conflicts (CLI vs. atol()):
- bgpd/bgp_vty.c
- ospfd/ospf_vty.c
- zebra/zebra_vty.c
NB: pull req #65 (LabNConsulting/working/2.0/afi-safi-vty/c) was
excluded from this merge.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
PRIu64 is "u", we need "x", so PRIx64...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Cc: Donald Sharp <sharpd@cumulusnetworks.com>
[cherry-picked from master eed831e065]
exit 0 exits the entire testrunner... Oops.
Also, "unresolved" breaks too many things, so make this a pass.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
[cherry-picked from master e988dfd35b]
expect redirects both stdout and stderr to its input. This causes
serious problems when libzebra prints log messages to stderr, which are
then asynchronously inserted in the middle of lines of stdout test
output. Ultimately this makes testbgpmpattr fail on FreeBSD.
(The stdio buffering seems to be slightly different on FreeBSD,
triggering the bug.)
Just ignore stderr for expect.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Introduce internal and IANA defintions for AFI/SAFI and mapping
functions and modify code to use these. This refactoring will
facilitate adding support for other AFI/SAFI whose IANA values
won't be suitable for internal data structure definitions (e.g.,
they are not contiguous).
The commit adds some fixes related to afi/safi testing with 'make check
' command.
Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Ticket: CM-11416
Reviewed By: CCR-3594 (mpls branch)
Testing Done: Not tested now, tested earlier on mpls branch
This replaces Quagga -> FRR in most configure.ac settings as well as
a handful of preprocessor macros in the source code.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
exit 0 exits the entire testrunner... Oops.
Also, "unresolved" breaks too many things, so make this a pass.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This was SEGV'ing the test in bgp_master_init() since QOBJ_REG was used
without qobj_init() being called first.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Now that we have keyword argument support in the matcher again, this
needs to be updated because argv[] will be 1:1 user input without
mangling or reordering.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These are expected changes in CLI behaviour. There's still a diff of
unexpected changes that need fixing (or are missing features, e.g.
keyword arguments).
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Tests weren't updated for vtysh-grammar yet...
NB: things still fail since some CLI behaviour changed.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
* bgp_route.h: (bgp_nlri_sanity_check) The bulk of the args are equivalent
to a (struct bgp_nlri), consolidate.
* bgp_route.c: (bgp_nlri_sanity_check) Make this a frontend for all afi/safis.
Including SAFI_MPLS_LABELED_VPN.
(bgp_nlri_sanity_check_ip) Regular IP NLRI sanity check based on the
existing code, and adjusted for (struct bgp_nlri *) arg.
* bgp_attr.c: (bgp_mp_reach_parse) Adjust for passing (struct bgp_nlri *)
to bgp_nlri_sanity_check.
Get rid of special-casing to not sanity check VPN.
(bgp_mp_unreach_parse) Ditto.
* bgp_mplsvpn.c: Use the same VPN parsing code for both the sanity
check and the actual parse.
(bgp_nlri_parse_vpn) renamed to bgp_nlri_parse_vpn_body and made
internal.
(bgp_nlri_parse_vpn_body) Added (bool) argument to control whether it
is sanity checking or whether it should update routing state for each
NLRI. Send a NOTIFY and reset the session, if there's a parsing
error, as bgp_nlri_sanity_check_ip does, and as is required by the
RFC.
(bgp_nlri_parse_vpn) now a wrapper to call _body with update.
(bgp_nlri_sanity_check_vpn) wrapper to call parser without
updating.
* bgp_mplsvpn.h: (bgp_nlri_sanity_check_vpn) export for
bgp_nlri_sanity_check.
* bgp_packet.c: (bgp_update_receive) Adjust for bgp_nlri_sanity_check
argument changes.
* test/bgp_mp_attr_test.c: Extend to also test the NLRI parsing functions,
if the initial MP-attr parsing has succeeded. Fix the NLRI in the
VPN cases. Add further VPN tests.
* tests/bgpd.tests/testbgpmpattr.exp: Add the new test cases.
This commit a joint effort of:
Lou Berger <lberger@labn.net>
Donald Sharp <sharpd@cumulusnetworks.com>
Paul Jakma <paul.jakma@hpe.com> / <paul@jakma.org>
This adds 64-bit random identifiers as "safe pointers" which are also
type-tracked / can have type-specific extension methods.
This will be used by both the CLI (to keep safe references while in
config editing mode) as well as the Cap'n Proto code (to hand out
pointers to the user in a safe way and add per-type handlers)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
This feature adds an L3 & L2 VPN application that makes use of the VPN
and Encap SAFIs. This code is currently used to support IETF NVO3 style
operation. In NVO3 terminology it provides the Network Virtualization
Authority (NVA) and the ability to import/export IP prefixes and MAC
addresses from Network Virtualization Edges (NVEs). The code supports
per-NVE tables.
The NVE-NVA protocol used to communicate routing and Ethernet / Layer 2
(L2) forwarding information between NVAs and NVEs is referred to as the
Remote Forwarder Protocol (RFP). OpenFlow is an example RFP. For
general background on NVO3 and RFP concepts see [1]. For information on
Openflow see [2].
RFPs are integrated with BGP via the RF API contained in the new "rfapi"
BGP sub-directory. Currently, only a simple example RFP is included in
Quagga. Developers may use this example as a starting point to integrate
Quagga with an RFP of their choosing, e.g., OpenFlow. The RFAPI code
also supports the ability import/export of routing information between
VNC and customer edge routers (CEs) operating within a virtual
network. Import/export may take place between BGP views or to the
default zebera VRF.
BGP, with IP VPNs and Tunnel Encapsulation, is used to distribute VPN
information between NVAs. BGP based IP VPN support is defined in
RFC4364, BGP/MPLS IP Virtual Private Networks (VPNs), and RFC4659,
BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN . Use
of both the Encapsulation Subsequent Address Family Identifier (SAFI)
and the Tunnel Encapsulation Attribute, RFC5512, The BGP Encapsulation
Subsequent Address Family Identifier (SAFI) and the BGP Tunnel
Encapsulation Attribute, are supported. MAC address distribution does
not follow any standard BGB encoding, although it was inspired by the
early IETF EVPN concepts.
The feature is conditionally compiled and disabled by default.
Use the --enable-bgp-vnc configure option to enable.
The majority of this code was authored by G. Paul Ziemba
<paulz@labn.net>.
[1] http://tools.ietf.org/html/draft-ietf-nvo3-nve-nva-cp-req
[2] https://www.opennetworking.org/sdn-resources/technical-library
Now includes changes needed to merge with cmaster-next.
This is a rather large mechanical commit that splits up the memory types
defined in lib/memtypes.c and distributes them into *_memory.[ch] files
in the individual daemons.
The zebra change is slightly annoying because there is no nice place to
put the #include "zebra_memory.h" statement.
bgpd, ospf6d, isisd and some tests were reusing MTYPEs defined in the
library for its own use. This is bad practice and would break when the
memtype are made static.
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
[CF: rebased for cmaster-next]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Move over to the new allocation counting added in the previous commit.
(This commit is mostly mechanical.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Vincent JARDIN <vincent.jardin@6wind.com>
lib/zebra.h has FILTER_X #define's. These do not belong there.
Put them in lib/filter.h where they belong.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 0490729cc033a3483fc6b0ed45085ee249cac779)
zebra.h pulls in config.h, which results in fiddling with things like
__FILE_OFFSET_BITS. It must always be included first, in order to set
flags that influence the compiler via <features.h>.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 821df2cf18e5978cc7ab532a8695444380d08270)
This adds reference in & output for the previously added testcli tool,
to check basic CLI parsing/help functions. Unlike "testcommands", this
one doesn't depend on compile-time system details.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit d79668fb440ae2689b54f52c076dbd79a8689135)
This adds some common CLI testtool code as well as a tool that has a
bunch of commands to be poked for their correct processing.
The tool doesn't work correctly from a script at stdin at this point
because the vty code will throw away all buffered when it sees EOF, so
the tail end of the input file is lost.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit db93eec18d8f1e840b32ba2cdf8baf2510f6e1a5)
INCLUDES in configure.ac was not used at all, and INCLUDES in
Makefile.am is supposed to be AM_CPPFLAGS these days.
Reduces warnings spewed during bootstrap/autoreconf.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Greg Troxel <gdt@ir.bbn.com>
Acked-by: Feng Lu <lu.feng@6wind.com>
Acked-by: Paul Jakma <paul@jakma.org>
(cherry picked from commit 237aac56960575f6ad2451ba2796d94bd5ae4b33)
test-stream is generating some compiler warnings
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
(cherry picked from commit 6169559976b33a5bf120c806135c76b1b6d943ee)
While I don't see -Werror being used on tests anytime soon, there's no
reason to keep the warnings in tests unfixed.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit c313895dec3c176584d99f7b8684ddc3f9141d88)
With --disable-ipv6 gone, the IPv6 detection logic in the tests is not
needed anymore either.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Acked-by: Paul Jakma <paul@jakma.org>
(cherry picked from commit 85c63b844df4a295a64f37573e0ba08a7cc63659)
Fix tests/aspathtest.c again, this time by including a NEXT_HOP
attribute (which is out of correct order with AS_PATH, but that doesn't
matter here.) This satisfies bgp_attr_check(), which after 1a211cb
refuses updates without nexthop attribute.
Fixes: 1a211cb ("one more fix for tightening of check for missing well-known attributes")
Cc: Paul Jakma <paul@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 143637198e333f0c822766b38f9d8cfe75c04e21)
Fix tests/aspathtest.c by including an ORIGIN attribute in the
testcases. After 055086f "bgpd: well-known attr check only run for
v4/uni, which could cause a crash," we're now checking for it and tests
are failing due to that.
Note that test #11 ("4b AS4_PATH w/o AS_PATH") is no longer accepted as
OK since the function now checks for the existence of an AS_PATH attr.
Fixes: 055086f ("bgpd: well-known attr check only run for v4/uni"...)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit c68f6d9dbb9f910d3ee82e099655fff7c12ef856)
* Fix (a subset of)? files with non-trivial code that are missing GPL headers.
* A few copyright claims added which I am certain apply, but which I had
missed out on the original commits.
NB: Copyright claims are not exclusive and the addition of any copyright
claim should not be read as implying a lack of any further claims, or
denying the validity of any other claims. All those with claims of
copyright over any portion of Quagga are welcome to submit them, ideally as
patches to update copyright strings in files.
(cherry picked from commit 010ebbbca6396f272cc2d50d147dd922dda68213)
* Remove the old change from '08 to add in PIE arguments at automake level.
Versions of libtool since then know how to deal with -fpie and do the right
thing according to whether its building shared or executable objects.
So just pass '-fpie' as CFLAG and let libtool do its thing.
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-10002
superm-redxp-05# conf t
superm-redxp-05(config)# route-map FOO permit 10
superm-redxp-05(config-route-map)# set community ?
AA:NN Community number in AA:NN format (where AA and NN are <0-65535>) or local-AS|no-advertise|no-export|internet or additive
none No community attribute
superm-redxp-05(config-route-map)# set community 2:2
superm-redxp-05(config-route-map)# set community 2:70000
% Malformed communities attribute
superm-redxp-05(config-route-map)# set community 70000:2
% Malformed communities attribute
superm-redxp-05(config-route-map)#
Tests were not even compiling due to non updated API changes.
Additionally tests were core'ing after compile issue
because the vrf subsystem is being used now and it
needs to be initialized.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>
Ticket: CM-8472
The first as-path is what the original as-path for the test, the second
is what the as-path should look like once all confed SETs and SEQs have
been removed. At the time the test was written quagga did not correctly
remove confed SETs and SEQs but whoever wrote the test didn't notice
this and assumed that the behavior they were seeing was correct so used
that output to populate the second as-path.
Now that we do correctly remove the confed parts these tests fail. So
the fix is to update the second as-path for these two tests so that they
no longer contain any confed SETs/SEQs.
BGP uses a second #define that is equal to MULTIPATH_NUM. There
is no point in having a different #define. Just consolidate.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
During CR for nexthop upstream it was noticed that usage
of prefix2str was not consistent. This fixes this problem
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
