Commit Graph

1918 Commits

Author SHA1 Message Date
Russ White
b761cb131a
Merge pull request #9864 from ton31337/feature/access_list_autocomplete
lib: Add autocomplete for access-lists
2021-11-11 08:03:33 -05:00
Igor Ryzhov
ce27a13e90 lib: fix vrf deletion when the last interface is deleted
Currently, we automatically delete an inactive VRF when its last
interface is deleted. This code introduces a couple of crashes because
of the following problems:
- vrf_delete is called before calling if_del hook, so daemons may try to
  dereference an ifp->vrf pointer which is freed
- in if_terminate, we continue to use the VRF in the loop condition
  after the last interface is deleted

This check is needed only when the interface is deleted by the user,
because if the interface is deleted by the system, VRF must still exist
in the system. Move the check to appropriate places to fix crashes.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-11-11 14:57:59 +03:00
Igor Ryzhov
accef597df ospfd: remove commands for broken GR helper mode
Issue #9983 explains what is wrong with the GR helper mode.

To unblock the CI that fails almost all the time on the ospf_gr_topo1
test, remove the commands and disable the test. Also add a reminder to
completely remove the helper mode if no one fixes the code in a month.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-11-10 19:17:03 +03:00
rgirada
89f472acb4 ospfd: fixing few coverity issues in ospf_vty.c
Description:
	timerval datastructure is being used without initialization.
	Using these uninitialized parameters can lead unexpected results
	so initializing before using it.

Signed-off-by: Rajesh Girada <rgirada@vmware.com>
2021-11-09 04:35:12 -08:00
Russ White
438205d540
Merge pull request #9777 from rgirada/ospf_nbr
ospfd: Few modifications in "show ip ospf neighbor" o/p.
2021-11-05 15:15:45 -04:00
Donatas Abraitis
c60dec369a lib: Add autocomplete for access-lists
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2021-10-31 20:26:06 +02:00
Igor Ryzhov
a1a8fb4ddd
Merge pull request #9368 from donaldsharp/ospf_ensure_lsa_length
ospfd: Ensure we have some non header lsa data
2021-10-29 13:37:09 +03:00
Donatas Abraitis
1c3f03f79d ospfd: Add autocomplete for area X filter-list prefix
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2021-10-28 14:01:13 +03:00
Russ White
f727c6ae8a
Merge pull request #9837 from idryzhov/cleanup-if-by-name-vrf-all
*: fix usage of if_lookup_by_name_all_vrf
2021-10-27 15:29:39 -04:00
Russ White
a2b52cbeb4
Merge pull request #9854 from opensourcerouting/zapi-call-table
*: convert zclient callbacks to table
2021-10-26 11:33:44 -04:00
rgirada
059fd3a48a ospfd: Adding apropriate ism state in ptop neighbors.
Description:
	In PointToPoint networks, There wont be DR and BDR.
	But by default, All neighbours ism state is shown as
	DR_OTHER.

	Changed the nbr state format to <nbrsate>/- (ex : FULL/-)
	to P2pnetworks.

Signed-off-by: Rajesh Girada <rgirada@vmware.com>
2021-10-26 05:36:20 -07:00
rgirada
eb4ed6e8c7 ospfd: Few modifications in "show ip ospf neighbor" o/p.
Description:
	1. Adding uptime to the 'show ip ospf neighbor' o/p.
	2. Adding uptime and deadtime in string format for json consumption.

Signed-off-by: Rajesh Girada <rgirada@vmware.com>
2021-10-26 05:36:20 -07:00
Mark Stapp
036b746570
Merge pull request #9765 from idryzhov/lib-bool-thread-add
lib: change thread_add_* API
2021-10-22 09:59:54 -04:00
David Lamparter
5a001ddd24
Merge pull request #9855 from donaldsharp/ospf_fini 2021-10-20 19:19:43 +02:00
Igor Ryzhov
ee1455dd98 lib: change thread_add_* API
Do not return pointer to the newly created thread from various thread_add
functions. This should prevent developers from storing a thread pointer
into some variable without letting the lib know that the pointer is
stored. When the lib doesn't know that the pointer is stored, it doesn't
prevent rescheduling and it can lead to hard to find bugs. If someone
wants to store the pointer, they should pass a double pointer as the last
argument.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-10-20 20:07:15 +03:00
Donald Sharp
e15a935c06 ospfd: Close log files before exiting
When doing a normal exit from ospf we should close
the log file as that we are leaving a bunch of
unterminated logging processes by not doing so.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-10-20 08:00:02 -04:00
David Lamparter
a243d1db93 *: convert zclient callbacks to table
This removes a giant `switch { }` block from lib/zclient.c and
harmonizes all zclient callback function types to be the same (some had
a subset of the args, some had a void return, now they all have
ZAPI_CALLBACK_ARGS and int return.)

Apart from getting rid of the giant switch, this is a minor security
benefit since the function pointers are now in a `const` array, so they
can't be overwritten by e.g. heap overflows for code execution anymore.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2021-10-20 13:28:46 +02:00
Igor Ryzhov
f60a11883c lib: allow to create interfaces in non-existing VRFs
It allows FRR to read the interface config even when the necessary VRFs
are not yet created and interfaces are in "wrong" VRFs. Currently, such
config is rejected.

For VRF-lite backend, we don't care at all about the VRF of the inactive
interface. When the interface is created in the OS and becomes active,
we always use its actual VRF instead of the configured one. So there's
no need to reject the config.

For netns backend, we may have multiple interfaces with the same name in
different VRFs. So we care about the VRF of inactive interfaces. And we
must allow to preconfigure the interface in a VRF even before it is
moved to the corresponding netns. From now on, we allow to create
multiple configs for the same interface name in different VRFs and
the necessary config is applied once the OS interface is moved to the
corresponding netns.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-10-19 15:29:51 +03:00
Donald Sharp
1afa7d5326
Merge pull request #9813 from opensourcerouting/ospf-gr-fixes
ospfd: more GR fixes
2021-10-15 09:21:40 -04:00
Igor Ryzhov
4030e1867b ospfd: don't use if_lookup_by_name_all_vrf
if_lookup_by_name_all_vrf doesn't work correctly with netns VRF backend
as the same index may be used in multiple netns simultaneously.

Use the appropriate VRF when looking for the interface.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-10-15 03:44:42 +03:00
Renato Westphal
512901ae53
Merge pull request #9822 from donaldsharp/ospf_testing
Ospf testing
2021-10-13 23:38:44 -03:00
Igor Ryzhov
bb3cd4189a
Merge pull request #9795 from opensourcerouting/ospf_get_name
ospfd: use ospf_get_name() wherever possible
2021-10-14 01:42:29 +03:00
Donald Sharp
3766c36a20 ospfd: Add converged and role json output for neighbor command
The `show ip ospf neighbor json` command was displaying
state:`Full\/DR`

Where state was both the role and whether or not the neigbhor
was converged.  While from a OSPF perspective this is the state.
This state is a combination of two things.

This creates a problem in testing because we have no guarantee
that a particular ospf router will actually have a particular role
given how loaded our topotest systems are.  So add a bit of json
output to display both the converged status as well as the
role this router is playing on this neighbor/interface.

The above becomes:
state:`Full\/DR`
converged:`Full`
role:`DR`

Tests can now be modified to look for `Full` and allow it to
continue.  Most of the tests do not actually care if this
router is the DR or Backup.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-10-13 12:40:35 -04:00
Renato Westphal
3ebf9d3416 ospfd: fix another DR election issue during graceful restart
Commit 3551ee9e90304 introduced a regression that causes GR to fail
under certain circumstances. In short, while ISM events should
be ignored while acting as a helper for a restarting router, the
DR/BDR fields of the neighbor structure should still be updated
while processing a Hello packet. If that isn't done, it can cause
the helper to elect the wrong DR while exiting from the helper mode,
leading to a situation where there are two DRs for the same network
segment (and a failed GR by consequence). Fix this.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-12 17:33:32 -03:00
Renato Westphal
eedc80c1f5 ospfd: introduce additional opaque capability check in the GR code
Before starting the graceful restart procedures, ospf_gr_prepare()
verifies for each configured OSPF instance whether it has the opaque
capability enabled (a pre-requisite for GR). If not, a warning is
emitted and GR isn't performed on that instance.

This PR introduces an additional opaque capability check that will
return a CLI error when the opaque capability isn't enabled. The
idea is to make it easier for the user to identify when the GR
activation has failed, instead of requiring him or her to check
the logs for errors.

The original opaque capability check from ospf_gr_prepare() was
retaining as it's possible that that function might be called from
other contexts in the future.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-12 17:33:32 -03:00
Renato Westphal
4a0167fee5 ospfd: fix flushing of Grace-LSAs on broadcast interfaces
The ospfd opaque LSA infrastruture has an issue where it can't store
different versions of the same Type-9 LSA for different interfaces.

When flushing the self-originated Grace-LSAs upon exiting from the GR
mode, the code was looking up the single self-originated Grace-LSA
from the LSDB, setting its age to MaxAge and sending it out on all
interfaces.

The problem is that Grace-LSAs sent on broadcast interfaces have
their own unique "IP interface address" TLV that is used to identify
the restarting router. That way, just reusing the same Grace-LSA for
all interfaces doesn't work.

Fix this by generating a new Grace-LSA with its age manually set
to MaxAge whenever one needs to be flushed. This will allow the "IP
interface address" TLV to be set correctly and make GR work even in
the presence of multiple broadcast interfaces.

In the long term, the opaque LSA infrastructure should be updated
to support Type-9 link-local LSAs correctly so that we don't need to
resort to hacks like this.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-12 17:30:51 -03:00
Russ White
0f96b7e69b
Merge pull request #9763 from ton31337/fix/more_thread_null
More struct thread null
2021-10-12 11:49:46 -04:00
Russ White
effd4c7bdd
Merge pull request #9779 from donaldsharp/gr_repeated
Some GR fixes
2021-10-12 11:00:44 -04:00
Russ White
c5708d0b98
Merge pull request #9781 from opensourcerouting/ospfd-gr-dr-fix
ospfd: preserve DR status across graceful restarts
2021-10-12 10:58:39 -04:00
Renato Westphal
44076f4dc7 ospfd: use ospf_get_name() wherever possible
Small cleanup to reduce code duplication.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-09 20:36:47 -03:00
Russ White
495047b526
Merge pull request #9760 from mobash-rasool/ospfv2-bug-fixes-02
ospfd: ospf nbr in full although mismatch in hello packet contents
2021-10-08 13:55:28 -04:00
Renato Westphal
3e63092b83 ospfd: fix display of plain-text data on "show ... json" commands
Add a 'json' parameter to the 'show_opaque_info' callback definition,
and update all instances of that callback to not display plain-text
data when the user requested JSON data.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-08 10:03:01 -03:00
Renato Westphal
a792fa7b15 ospfd: display detailed information about opaque LSAs in JSON format
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-08 10:03:01 -03:00
Renato Westphal
ab6edbfeef ospfd: preserve DR status across graceful restarts
RFC 3623 says:
 "If the restarting router determines that it was the Designated
 Router on a given segment prior to the restart, it elects
 itself as the Designated Router again.  The restarting router
 knows that it was the Designated Router if, while the
 associated interface is in Waiting state, a Hello packet is
 received from a neighbor listing the router as the Designated
 Router".

Implement that logic when processing Hello messages to ensure DR
interfaces will preserve their DR status across a graceful restart.

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-10-08 09:13:37 -03:00
Donatas Abraitis
30634856b4 ospfd: Do not explicitly set the thread pointer to NULL
FRR should only ever use the appropriate THREAD_ON/THREAD_OFF
semantics.  This is espacially true for the functions we
end up calling the thread for.

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2021-10-08 08:56:42 +03:00
Russ White
b1003f64b2
Merge pull request #9698 from idryzhov/cleanup-loopback-or-vrf
*: cleanup interface loopback/vrf check
2021-10-06 19:01:52 -04:00
Mobashshera Rasool
874a549d51 ospfd: ospf nbr in full although mismatch in hello packet contents
Issue:
===================
OSPF neighbors are not going down even after 10 mins when
having a mismatch in hello and dead interval.
First neighbors are formed and then a mismatch in the interval
is created, it is observed that the neighbor is not going down.

Root Cause Analysis:
====================
The event HelloReceived defined in RFC 2328 was named as PacketReceived
and this event was scheduled whenever LS Update, LS Ack, LS Request,
DD description packet or Hello packet is received.
Although there is a mismatch in the Hello packet contents, the
event PacketReceived gets triggered due to LS Update received and the
dead timer gets reset and hence the neighbor was never going Down and
remains FULL.

Fix:
==================
As per RFC 2328, the HelloReceived needs to be triggered only when
valid OSPF Hello packet is received and not when other OSPF packets
are received. Modified the function name as well.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-10-06 10:04:10 -07:00
rgirada
89eb4727de ospfd: GR helper functionality change in helper exit
Description:
	As per the RFC 3623 section 3.2,
	OSPF nbr shouldn't be deleted even in unsuccessful helper exit.

	1. Made the changes to keep neighbour even after exit.
	2. Restart the dead timer after expiry in helper. Otherwise, Restarter
	   will be in FULL state in helper forever until it receives the 'hello'.

Signed-off-by: Rajesh Girada <rgirada@vmware.com>
2021-10-01 11:59:11 -07:00
Igor Ryzhov
ef322b022f *: cleanup interface loopback/vrf check
There's a helper function to check whether the interface is loopback or
VRF - if_is_loopback_or_vrf. Let's use it whenever we need to check that.

There's no functional change in this commit.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-09-30 12:31:05 +03:00
Yuan Yuan
a1638c7ce5 ospfd: Fix assert related to capability opaque
The capability opaque command can trigger asserts through a rather
round-about mechanism. The command eventually calls
ospf_renegotiate_optional_capabilities, which will call
ospf_flush_self_originated_lsas_now, which has the side effect of
marking the OSPF instance as shutting down. This was causing the
flooding logic to call ospf_write immediately insted of waiting for the
select IO loop every time it was sending a maxage LSA.  This could cause
the list of OSPF interfaces needing to send packets to be drained while
there was a call to ospf_write pending from the IO loop. When the
pending call ran, it would see the empty list of interfaces and assert.

Signed-off-by: Yuan Yuan <yyuanam@amazon.com>
2021-09-29 19:37:33 +00:00
Fredi Raspall
d97e415dd5 ospfd: fix processing of ext prefix in SR
The existing logic was not comparing the prefix of the extended
prefix TLV. As a result, the code was removing all of the prefix
SIDs except the one received on every LSA update.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:33 +02:00
Fredi Raspall
1a41378ecc ospfd: remove duplicate field update
In update_ext_prefix_sid(), the sr_prefix is associated to the
SR node and inherits the adv router ID regardless.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:33 +02:00
Fredi Raspall
152656d8ef ospfd: replace iterator by RO version ..
..since it's used for read-only lookups.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:33 +02:00
Fredi Raspall
d1db7359ad ospfd: fix logic on SR prefix configuration
The logic was broken in some corner cases.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:33 +02:00
Fredi Raspall
6c57d01073 ospfd: validate input SRGB and SRLB
The code was not checking if in these label ranges [a,b], a is
smaller than b, which is assumed in several places, including when
determining the size of the block as b-a+1. As a consequence, the
results of a bad configuration can be unpredictable. Some effects
observed were: 1) segfault 2) de-activation of SR due to label
reservation failure.

The added validation function also checks if the SR blocks are
larger than some minimal size. RFC 8665 mandates that the blocks
be srictly larger than zero. In this patch, the minimum sized is
arbitrarily defined to be 16.

Checking if ranges would fall outside [16,1048575] is omitted
since the vty filtering takes care of that.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:32 +02:00
Fredi Raspall
37a331f8c2 ospfd: fix condition to get label from SRLB
The prior condition was wrong since it ended up allowing for
labels past the end of the SRLB. Variable 'current' should be in
range [0, size-1] for labels not to exceed the SRLB upper boundary.

In addition, emit a warning log when all labels in the SRLB have
been used.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:32 +02:00
Fredi Raspall
4e10b4dfba ospfd: add util func to detect SR range overlap
Replaces several complex if conditions by a lookup to a utility
to determine if two ranges of numbers overlap.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:32 +02:00
Fredi Raspall
daaebd394c ospfd: homogenize reservation of SRGB & SRLB
Homogenize the code dealing with SRGBs and SRLBs by defining the
same set of utility functions for their reservation.

Unify also the logs and don't display function names since the
operations are only performed from the same functions.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:40:32 +02:00
Fredi Raspall
c181efbe14 ospfd: homogenize deletion of SRGB & SRLB
Homogenize the code dealing with SRGBs and SRLBs by defining the
same set of utility functions for the deletion of SR blocks.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:20:59 +02:00
Fredi Raspall
143661c17f ospfd: remove unnecessary assignment
Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:20:59 +02:00
Fredi Raspall
5403ff15db ospfd: remove unused macro
Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:20:59 +02:00
Fredi Raspall
5bd62f051d ospfd: use existing macro on initialization of SR
Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:20:58 +02:00
Fredi Raspall
2110d03e06 ospfd: remove unused enum case for state of SR ..
In addition, make the relationship among several macros more
explicit.

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:20:58 +02:00
Fredi Raspall
6f609c4980 ospfd: fix display of debug flags
* Some of the debug flags were not shown in show debugging.
* The check for TI-LFA debug was made against the wrong variable.
* Some of the debugs were not cleared with 'no debug ospf'

Signed-off-by: Fredi Raspall <fredi@voltanet.io>
2021-09-28 10:20:58 +02:00
Renato Westphal
859bce816b ospfd: rename the "graceful-restart helper-only" command
Considering that both the GR helper mode and restarting mode can be
enabled at the same time, the "graceful-restart helper-only" command
can be a bit misleading since it implies that only the helper mode
is enabled. Rename the command to "graceful-restart helper enable"
to clarify what the command does.

Start a deprecation cycle of one year before removing the original
command

Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
2021-09-21 17:42:03 -03:00
Donald Sharp
07a62e585d ospfd: Add some small doc to what each one is for future people
min lsa packet sizes are not always directly corresponding
to the actual LSA.  Add a bit of comments so it's easier
for future people to figure out.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-09-14 13:13:32 -04:00
Donald Sharp
cf680c38a9 ospfd: Ensure we have some non header lsa data
In some cases FRR is receiving a lsa data packet
with a length set to the length of the header only.
If we are expecting data from a peer in the form
of lsa data.  Let's enforce it.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-09-14 13:07:06 -04:00
Russ White
d79b88c5a1
Merge pull request #9578 from donaldsharp/SLASH_ESCAPE
Slash escape
2021-09-08 20:11:07 -04:00
Russ White
2ca7780ab5
Merge pull request #9533 from mobash-rasool/ospfv3-bug-fixes
ospfd: ASBR Summary LSA is not originated when process is reset
2021-09-07 10:59:33 -04:00
Russ White
12b5b2f9ff
Merge pull request #9551 from mobash-rasool/ospfv2-bug-fixes-04
ospfd: GR Conformance fix in Hello packet DR election
2021-09-07 10:47:09 -04:00
Russ White
91aaac3ac2
Merge pull request #9552 from mobash-rasool/ospfv2-bug-fixes-03
ospfd: ANVL Test case 25.22, 25.23 and 28.11 fixes
2021-09-07 10:46:33 -04:00
Donald Sharp
19d37e54a0 ospfd: Don't allocate json memory unless we have json output
Several functions in ospf_vty.c were allocating json memory
irrelevant if it was needed or not and then at the end of the loop
free'ing it if it was not used.  Clean up the access pattern.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-09-07 10:10:50 -04:00
Donald Sharp
e77564ccd4 ospfd: Fix usage of JSON_C_TO_STRING_NOSLASHESCAPE
The usage of json_object_to_json_string_ext is meant for
generation of output string and returns a `char *` pointer
to the `formatted` output.  Just calling it does nothing
and it's expensive to boot.

Modify the code in ospfd to just output with the NOSLASHESCAPE
when outputting.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-09-07 09:36:39 -04:00
Donald Sharp
3702e8577f
Merge pull request #9563 from opensourcerouting/build-strict-prototypes
build: `-Wstrict-prototypes` (+ BSD `sed`)
2021-09-06 12:28:33 -04:00
Igor Ryzhov
038307d88d
Merge pull request #9549 from mobash-rasool/ospfv2-bug-fixes-02
ospfd: Memory Leak seen at show_ip_ospf_neighbor_all_common.
2021-09-03 17:28:59 +03:00
Donald Sharp
3513c6b146
Merge pull request #9077 from idryzhov/ospf-memory-alloc
ospfd: remove unnecessary memory allocation
2021-09-03 10:14:44 -04:00
Mobashshera Rasool
3cb62bb387 ospfd: RFC conformance test case 25.23 issue fix
Problem Statement :
===================
LSA with InitialSequenceNumber is not originated
after MaxSequenceNumber.

ANVL Test case 25.33 states:
============================
As soon as this flooding of a LSA with LS sequence number
MaxSequenceNumber has been acknowledged by all adjacent neighbors,
a new instance can be originated with sequence number of InitialSequenceNumber.

RCA :
=====
DUT did not originated LSA with INITIAL_SEQUENCE number even
after receiving ACK for max sequence LSA.
Code is not present to handle this situation in the lsa ack flow.

Fix :
=====
Add code to originate LSA with initial sequence number in the
LSA ack flow in case of wrap around sequence number.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-09-03 06:44:56 -07:00
Mobashshera Rasool
44d1115ad6 ospfd: ANVL Test case 25.22, 25.23 and 28.11 fixes
ANVL Test case 28.11
If the database copy has LS age equal to MaxAge and LS sequence number
equal to MaxSequenceNumber, simply discard the received LSA
without acknowledging it.

ANVL Test Case 25.22
When an attempt is made to increment the sequence number past the maximum
value of N - 1 (0x7fffffff; also referred to as MaxSequenceNumber),
the current instance of the LSA must first be flushed from the routing domain.

ANVL Test Case 25.23
As soon as this flooding of a LSA with LS sequence number MaxSequenceNumber
has been acknowledged by all adjacent neighbors, a new instance can be
originated with sequence number of InitialSequenceNumber.

RCA:
When IXIA sent LS Seq num as MAX and LS Age as (MAX - 3),
DUT dropped the packet instead of sending ACK.
In function ospf_ls_upd, at Line 2106 the code is there to drop the LSA.
Hence its failing.

Fix:
LSAs ACK must be sent when received LSA is having max sequence number
but not max-aged.
Considering  /* CVE-2017-3224 */ issue, have corrected the existing
code to prevent attacker from sending LSAs with max sequence number
and higher checksum and blocking the flooding of the Max-sequence numbered LSAs.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-09-03 06:44:39 -07:00
Mobashshera Rasool
d51715bb44 ospfd: GR Conformance fix for Hello packet DR election
Problem Statement:
===================
DUT selecting itself as DR when RR goes for reload.
Test Case 7.2

DUT (GR Helper) receives the Hello packet from the OSPF GR RESTARTER
(ANVL here) with DR and BDR set to 0.0.0.0 and DUT in its hello
neighbor list. DUT triggers the DR and BDR election although it is
in the Helper mode for that neighbor.

Root Cause Analysis:
====================
When hello packet is received with self router ID in the neighbor list,
there is no check in the code to handle this scenario. Hence the DR/BDR
election happens and it changes the DR although it is helper.

Fix:
===================
As per RFC 3623 Section 3.  Operation of Helper Neighbor, below point,
we need to maintain the DR relationship.
Also, if X was the Designated Router on network segment S when the
helping relationship began, Y maintains X as the Designated Router
until the helping relationship is terminated.

Adding the check when DUT is under neighbor helper mode, we need to avoid
ISM state change when hello packet is received with DR/BDR set to 0.0.0.0.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-09-03 06:40:14 -07:00
Mobashshera Rasool
6f3e19b736 ospfd: Memory Leak seen at show_ip_ospf_neighbor_all_common.
Problem Statement:
==================
Memory Leak seen at  show_ip_ospf_neighbor_all_common (ospf_vty.c:4635)

RCA:
=================
In function show_ip_ospf_neighbor_all_common, one child json object is not
 added to the parent child object when there is no nbma neighbor. Hence
 the memory leak.

Fix:
=================
Add the child object to the parent json object.

Fixes: #9548

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-09-03 04:06:15 -07:00
David Lamparter
9fb83ab17d *: fix for -Wstrict-prototypes
Just some "void" missing between empty braces.

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2021-09-02 13:00:35 +02:00
Mobashshera Rasool
8fb693a4cd ospfd: Summary LSA is not originated when process is reset
Problem Statement:
==================
Summary LSA is not originated when router-id is modified or process is reset

Root Cause Analysis:
====================
When router-id is modified or process is cleared, all the external LSAs are
 flushed then LSA is re-originated using ospf_external_lsa_rid_change
When the LSAs are flushed, the aggregate flags are not reset.

Fix:
===============
Reset the aggregation flag when the LSAs
 are flushed.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-09-01 23:39:00 -07:00
Renato Westphal
cbf4f6f144
Merge pull request #9525 from idryzhov/ospfd-crash
ospfd: correctly cleanup spf data
2021-08-31 17:54:25 -03:00
Igor Ryzhov
57e4c21583 ospfd: correctly cleanup spf data
ospf_spf_cleanup frees the data so we need to reset the stale pointers.

Fixes #9523.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-08-31 13:41:40 +03:00
Mobashshera Rasool
2c1f2d2ad9 ospfd: add dead-interval 40 if configured in show running
Problem Statement:
==================
When hello-interval is configured as 5, automatically dead interval becomes
4 times of hello i.e 20 seconds. But user wants the dead interval as
40 seconds and hello as 5 seconds. Therefore user configures it.
Now "ip ospf dead-interval 40" is not shown in "show running-config"
Therefore when user restarts the daemon, the dead interval goes back to
20 seconds and the neighbors are down.

Fix:
==================
If user configures dead-interval as 40, show it in show running config.

Fixes: #9401

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-08-30 23:02:39 -07:00
David Lamparter
8268be3d16
Merge pull request #9496 from idryzhov/vrf-cmd-init-unused-arg
lib: remove unused argument from vrf_cmd_init
2021-08-27 10:39:45 +02:00
Christian Hopps
d448e2c5f9
Merge pull request #9331 from idryzhov/explicit-exit
*: explicitly print "exit" at the end of every node config
2021-08-26 11:57:33 -04:00
Igor Ryzhov
cfc369c43a lib: remove unused argument from vrf_cmd_init
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-08-26 12:01:22 +03:00
Donatas Abraitis
d10bda270e *: Drop break after using frr_help_exit() in switch/case
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2021-08-25 10:49:05 +03:00
Russ White
701bb4c692
Merge pull request #9310 from mobash-rasool/ospfv2-bug-fixes-02
ospfd: NSSA area should not exchange Type-4 LSAs in DD
2021-08-24 09:40:59 -04:00
Igor Ryzhov
07679ad98a *: explicitly print "exit" at the end of every node config
There is a possibility that the same line can be matched as a command in
some node and its parent node. In this case, when reading the config,
this line is always executed as a command of the child node.

For example, with the following config:
```
router ospf
 network 193.168.0.0/16 area 0
!
mpls ldp
 discovery hello interval 111
!
```
Line `mpls ldp` is processed as command `mpls ldp-sync` inside the
`router ospf` node. This leads to a complete loss of `mpls ldp` node
configuration.

To eliminate this issue and all possible similar issues, let's print an
explicit "exit" at the end of every node config.

This commit also changes indentation for a couple of existing exit
commands so that all existing commands are on the same level as their
corresponding node-entering commands.

Fixes #9206.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-08-23 22:08:20 +03:00
Igor Ryzhov
2f2372ce9e
Merge pull request #9408 from mobash-rasool/ospfv2-bug-fixes-03
ospfd: Summarised External LSA is not flushed in one scenario
2021-08-18 10:18:32 +03:00
Mobashshera Rasool
d2e8400570 ospfd: Summarised External LSA is not flushed in one scenario
Fix CI Failure test_ospf_type5_summary_tc45_p0

Problem Statement:
==================
Summarised LSA is not flushed in OSPFv2 in below scenario:
1. Configure summary-address in ospfv2
2. redistribute static and connected.
3. Check the LSAs are received on neighbor.
4. Now remove all OSPFv2 configs, so neighbor will still have the summarised LSA.
5. Configure router ospf with redistribute static and connected.
6. Check the DB, summarised LSA is present although the configuration is not present.
7. Now configure the summary-address and remove the configuration after sometime.
8. The summarised LSA will be still present.

RCA:
==================
When self originated LSA is received from the neighbor and that
LSA is summarised one, the LSA is refreshed but a flag is not set
due to which it was not able to remove it later.

Fix:
==================
Set the originated flag when refreshing summarised LSA.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-08-17 02:15:42 -07:00
Igor Ryzhov
5bd78355d1 ospfd: fix initialization when vrf doesn't exist yet
There are a couple of things that are not initialized if the OSPF router
is created in a non-existent VRF:
- ospf_lsa_maxage_walker
- ospf_lsa_refresh_walker
- ospf_opaque_type11_lsa_init

Rearrange some code to always initialize them and make it easier to find
similar problems in the future.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-08-12 15:49:54 +03:00
Mobashshera Rasool
e474c14373 ospfd: ospf redistribute originating LSA internal connected routes
When OSPF is disabled on interface and enabled again, the IP which is
not matching the prefix-list is getting originated as External LSA.

Fixes: #9362

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-08-10 09:41:14 -07:00
Russ White
ec179bcbba
Merge pull request #9300 from donaldsharp/ospf_header
ospfd: Cleanup ospf_interface.h to work with our standards
2021-08-10 09:50:50 -04:00
Donald Sharp
e8ed9d1548 ospfd: Cleanup ospf_interface.h to work with our standards
When declaring functions we must name the variables as part
of our standard.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2021-08-06 10:46:48 -04:00
Mobashshera Rasool
d125213c8a ospfd: NSSA area should not exchange Type-4 LSAs in DD
Problem Statement:
==================
OSPF Peer gets stuck in EXSTART with ARISTA Device.

Root Cause:
=================
First peer is form with Arista device in normal area and then
the area type is changed to NSSA. Due to this Type-4 and Type-5
LSAs advertised by Arista router is still present in
the OSPF DB. While DD exchange the Type-5 LSAs are omitted but
the Type-4 LSAs are not omitted due to which Arista device gets
stuck in EXSTART and it keeps moving between EXCHANGE And EXSTART.

Fix:
=================
When the area is NSSA, we should not send Type-4 LSAs in DD
exchange packet.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2021-08-06 05:15:10 -07:00
anlan_cs
46a8c34324 ospfd: fix coverity warning of one field initialization
Add the initialization of prefixlen field in struct prefix.

Signed-off-by: anlan_cs <anlan_cs@tom.com>
2021-08-04 21:20:20 -04:00
Donald Sharp
761704b370
Merge pull request #9092 from rgirada/rmap
ospfd: OSPF hello packets not sent with configured hello timer
2021-08-03 21:18:21 -04:00
Russ White
f61a950acf
Merge pull request #9239 from idryzhov/ospf-passive-fix
ospfd: fix "no ip ospf passive" command
2021-08-03 09:21:14 -04:00
Igor Ryzhov
82f0277b35 ospfd: fix "no ip ospf passive" command
This command is currently always treated as an "unset" command, assuming
that active is the default type of the interface. In reality, the default
type of the interface can be changed using "passive-interface default"
command. Both "no" and regular commands can be "set" commands, depending
on the default value. They are treated as an "unset" when there's already
a config of the opposite type.

All this logic is in ospf_passive_interface_update.

Fixes #9240.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-07-30 15:08:08 +03:00
Igor Ryzhov
9da01b0b7b *: cleanup interface node installation
The only difference in daemons' interface node definition is the config
write function. No need to define the node in every daemon, just pass
the callback as an argument to a library function and define the node
there.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-07-29 21:35:25 +03:00
Donald Sharp
5b1c5bf2d8
Merge pull request #9189 from idryzhov/ospf-dont-exit
ospfd: don't exit when socket is not created
2021-07-28 10:05:58 -04:00
Christian Hopps
1b8049c79f ospfd: remove gratuitous non-ascii quotation marks
Signed-off-by: Christian Hopps <chopps@labn.net>
2021-07-27 17:13:39 +00:00
Igor Ryzhov
95d7a42a1a ospfd: don't exit when socket is not created
Let's be less radical. There's no reason to stop the whole daemon when
there's a socket creation error in a single VRF. The user can always
restart this single VRF to retry to create a socket.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-07-27 16:10:35 +03:00
rgirada
be418160a7 ospfd: OSPF hello packets not sent with configured hello timer
Description :
	ospf hello timer is not getting refelcted upon
	changing the hello interval.

Signed-off-by: Rajesh Girada <rgirada@vmware.com>
2021-07-22 10:22:07 -07:00
David Lamparter
63116a7008 build: fix AM_LDFLAGS usage (and gcov)
like the other automake variables, setting `xyz_LDFLAGS` causes
`AM_LDFLAGS` to be ignored for `xyz`.  For some reason I had in my mind
that automake doesn't do this for LDFLAGS, but... it does.  (Which is
consistent with `_CFLAGS` and co.)

So, all the libraries and modules have been ignoring `AM_LDFLAGS` (which
includes `SAN_FLAGS` too).  Set up new `LIB_LDFLAGS` and
`MODULE_LDFLAGS` to handle all of this correctly (and move these bits to
a central location.)

Fixes: #9034
Fixes: 0c4285d77e ("build: properly split CFLAGS from AC_CFLAGS")
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
2021-07-21 17:10:08 +02:00
Igor Ryzhov
dcaed63d2f ospfd: remove unnecessary memory allocation
ospf_distribute_list_update currently passes two arguments to
ospf_distribute_list_update_timer - pointer to the ospf structure and
protocol type. The protocol type is only used for logging and is not
even correct because if multiple changes happen during one
ospf->min_ls_interval, then only the type of the first change is logged.

It is better to completely remove the protocol type argument to have a
correct log and eliminate the need for memory allocation.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2021-07-21 13:49:52 +03:00
rgirada
c88ad8ec5b ospfd: ospfd crash while giving 'clear ip ospf neighbor'
Description:
	Ospf process crashes upon giving 'clear ip ospf neighbor' with
        self routerId. It is asserting if it is a self neighbor in ospf
        neighbour kill event processing.
	Added a check to validate the provided router-id is self
        router-id.

Signed-off-by: Rajesh Girada <rgirada@vmware.com>
2021-07-20 04:39:05 -07:00