This command will trigger the OSPF forwarding address suppression in
translated type-5 LSAs, causing a NSSA ABR to use 0.0.0.0 as a forwarding
address instead of copying the address from the type-7 LSA
Example: In a topology like: R1 --- R2(ABR) --- R3(ASBR)
R3 is announcing a type-7 LSA that is translated to type-5 by the R2 ABR.
The forwarding address in the type-5 is by default copied from the type-7
r1# sh ip os da external
AS External Link States
LS age: 6
Options: 0x2 : *|-|-|-|-|-|E|-
LS Flags: 0x6
LS Type: AS-external-LSA
Link State ID: 3.3.3.3 (External Network Number)
Advertising Router: 10.0.25.2
LS Seq Number: 80000001
Checksum: 0xcf99
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 10.0.23.3 <--- address copied from type-7 lsa
External Route Tag: 0
r2# sh ip os database
NSSA-external Link States (Area 0.0.0.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Route
3.3.3.3 10.0.23.3 8 0x80000001 0x431d E2 3.3.3.3/32 [0x0]
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
3.3.3.3 10.0.25.2 0 0x80000001 0xcf99 E2 3.3.3.3/32 [0x0]
r2# conf t
r2(config)# router ospf
r2(config-router)# area 1 nssa suppress-fa
r2(config-router)# exit
r2(config)# exit
r2# sh ip os database
NSSA-external Link States (Area 0.0.0.1 [NSSA])
Link ID ADV Router Age Seq# CkSum Route
3.3.3.3 10.0.23.3 66 0x80000001 0x431d E2 3.3.3.3/32 [0x0]
AS External Link States
Link ID ADV Router Age Seq# CkSum Route
3.3.3.3 10.0.25.2 16 0x80000002 0x0983 E2 3.3.3.3/32 [0x0]
r1# sh ip os da external
OSPF Router with ID (11.11.11.11)
AS External Link States
LS age: 34
Options: 0x2 : *|-|-|-|-|-|E|-
LS Flags: 0x6
LS Type: AS-external-LSA
Link State ID: 3.3.3.3 (External Network Number)
Advertising Router: 10.0.25.2
LS Seq Number: 80000002
Checksum: 0x0983
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0 <--- address set to 0
External Route Tag: 0
r2# conf t
r2(config)# router ospf
r2(config-router)# no area 1 nssa suppress-fa
r2(config-router)# exit
r1# sh ip os da external
OSPF Router with ID (11.11.11.11)
AS External Link States
LS age: 1
Options: 0x2 : *|-|-|-|-|-|E|-
LS Flags: 0x6
LS Type: AS-external-LSA
Link State ID: 3.3.3.3 (External Network Number)
Advertising Router: 10.0.25.2
LS Seq Number: 80000003
Checksum: 0xcb9b
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 0.0.0.0 <--- address set to 0
External Route Tag: 0
r2# conf t
r2(config)# router ospf
r2(config-router)# no area 1 nssa suppress-fa
r2(config-router)# exit
r1# sh ip os da external
OSPF Router with ID (11.11.11.11)
AS External Link States
LS age: 1
Options: 0x2 : *|-|-|-|-|-|E|-
LS Flags: 0x6
LS Type: AS-external-LSA
Link State ID: 3.3.3.3 (External Network Number)
Advertising Router: 10.0.25.2
LS Seq Number: 80000003
Checksum: 0xcb9b
Length: 36
Network Mask: /32
Metric Type: 2 (Larger than any link state path)
TOS: 0
Metric: 20
Forward Address: 10.0.23.3 <--- address copied from type-7 lsa
External Route Tag: 0
Signed-off-by: ckishimo <carles.kishimoto@gmail.com>
Current implementation of commands `show_ip_ospf_instance_database_cmd`
and `show_ip_ospf_instance_database_type_adv_router_cmd` have the
following problems:
- they doesn't have "vrf all" argument, however the processing of this
argument is implemented,
- they incorrectly implement json output for instances - they don't
output anything to the vty and don't release the json object.
To fix the problems, let's do the following:
1. Split `show_ip_ospf_instance_database_cmd` into two aliases to
`show_ip_ospf_database_max_cmd` and `show_ip_ospf_instance_database_max_cmd`.
The code is the same and doesn't need to be duplicated.
2. Split `show_ip_ospf_instance_database_type_adv_router_cmd` into two
separate functions - one regular and one for instances, which now
correctly implements the processing for json output.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Back when I put this together in 2015, ISO C11 was still reasonably new
and we couldn't require it just yet. Without ISO C11, there is no
"good" way (only bad hacks) to require a semicolon after a macro that
ends with a function definition. And if you added one anyway, you'd get
"spurious semicolon" warnings on some compilers...
With C11, `_Static_assert()` at the end of a macro will make it so that
the semicolon is properly required, consumed, and not warned about.
Consistently requiring semicolons after "file-level" macros matches
Linux kernel coding style and helps some editors against mis-syntax'ing
these macros.
Signed-off-by: David Lamparter <equinox@diac24.net>
The point of the `-std=gnu99` was to override a `-std=c99` that may be
coming in from net-snmp. However, we want C11, not C99.
Signed-off-by: David Lamparter <equinox@diac24.net>
This patch solves 2 Segment Routing prefix bugs:
- If Segment Routing is not enabled in the initial configuration, Extended
Prefix Opaque LSA is not flood. This is due to a control flag which is
set only when Segment Routing is enabled at startup and not latter.
- Attempting to modify Segment Routing prefix flag e.g. adding or removing
no-php or explicit-null flag, doesn't work as expected: Corresponding entry
in the MPLS table is not updated, Extended Prefix Opaque LSA carry wrong flag
value, and neighbor set a wrong configuration in the MPLS table for this
Segment Routing prefix.
The first bug is corrected in ospfd/ospf_ext.c:
- Flag setting is moved from ospf_ext_ism_change() to set_ext_prefix() function
The seconf one is corrected in ospfd/ospf_sr.c:
- For self node, previous MPLS entry is removed if needed and flag reset before
setting the new Segment Routing prefix configuration
- For neighbor node, srnext field of sr_prefix structure is always set and not
only for new SR Prefix.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Store instance index at startup and use it when processing vty commands.
The instance itself may be created and deleted by the user in runtime
using `[no] router ospf X` command.
Fixes#7908
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Neither tabs nor newlines are acceptable in syslog messages. They also
break line-based parsing of file logs.
Signed-off-by: David Lamparter <equinox@diac24.net>
Replaces some hard-coded function names with __func__,
adds some additional references to neighbor/interface,
and cleans up some debug strings to be more readable.
Signed-off-by: Trey Aspelund <taspelund@nvidia.com>
Issue #7926 hilight a race condition in Segment Routing processing.
The problem occurs when Router Information Opaque LSA is received late, in
particular after SPF run and after ospf_sr_nhlfe_update() was called. This
scenario is unfrequent and takes place due to a slow DR election.
In this particular case, SR Prefix are handle but not fully fill. In fact,
SRGB for the nexthop is not yet received and thus, output label could not
be computed.
When Router Information Opaque LSA is received and processed, if the
corresponding SR node is a direct neighbor of the self node, update_out_nhlfe()
is called against all SR nodes to adjust SR prefix if the next hop is the new
SR node. The function wrongly computes output label and configure a bad MPLS
LFIB entries.
Another way to hilight the problem is to change through CLI the SRGB of a node
and look to MPLS LFIB of direct neighbor, in particular those who announce
EXPLICIT NULL Prefix SID.
This patch correct the update_out_nhlfe() function by calling the appropriate
function (sr_prefix_out_label() instead of index2label()) to compute the output
label.
Some log debugs were adjusted and unused prefix route table was removed too.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Currently if the sysctl net.ipv4.raw_l3mdev_accept is 1, packets
destined to a specific vrf also end up being delivered to the default
vrf. We will see logs like this in ospf:
2021/02/10 21:17:05.245727 OSPF: ospf_recv_packet: fd 20(default) on interface 1265(swp1s1.26)
2021/02/10 21:17:05.245740 OSPF: Hello received from [9.9.36.12] via [swp1s1.26:200.254.26.13]
2021/02/10 21:17:05.245741 OSPF: src [200.254.26.14],
2021/02/10 21:17:05.245743 OSPF: dst [224.0.0.5]
2021/02/10 21:17:05.245769 OSPF: ospf_recv_packet: fd 45(vrf1036) on interface 1265(swp1s1.26)
2021/02/10 21:17:05.245774 OSPF: Hello received from [9.9.36.12] via [swp1s1.26:200.254.26.13]
2021/02/10 21:17:05.245775 OSPF: src [200.254.26.14],
2021/02/10 21:17:05.245777 OSPF: dst [224.0.0.5]
This really really makes ospf unhappy in the vrf we are running in.
I am approaching the problem by just dropping the packet if read in the
default vrf because of:
commit 0556fc33c7
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Fri Feb 1 11:54:59 2019 -0500
lib: Allow bgp to always create a listen socket for the vrf
Effectively if we have `router ospf vrf BLUE` but no ospf running
in the default vrf, we will not have a listener and that would
require a fundamental change in our approach to handle the ospf->fd
at a global level. I think this is less than ideal at the moment
but it will get us moving again and allow FRR to work with
a bunch of vrf's and ospf neighbors.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Valgrind reports:
469901-==469901==
469901-==469901== Conditional jump or move depends on uninitialised value(s)
469901:==469901== at 0x3A090D: bgp_bfd_dest_update (bgp_bfd.c:416)
469901-==469901== by 0x497469E: zclient_read (zclient.c:3701)
469901-==469901== by 0x4955AEC: thread_call (thread.c:1684)
469901-==469901== by 0x48FF64E: frr_run (libfrr.c:1126)
469901-==469901== by 0x213AB3: main (bgp_main.c:540)
469901-==469901== Uninitialised value was created by a stack allocation
469901:==469901== at 0x3A0725: bgp_bfd_dest_update (bgp_bfd.c:376)
469901-==469901==
469901-==469901== Conditional jump or move depends on uninitialised value(s)
469901:==469901== at 0x3A093C: bgp_bfd_dest_update (bgp_bfd.c:421)
469901-==469901== by 0x497469E: zclient_read (zclient.c:3701)
469901-==469901== by 0x4955AEC: thread_call (thread.c:1684)
469901-==469901== by 0x48FF64E: frr_run (libfrr.c:1126)
469901-==469901== by 0x213AB3: main (bgp_main.c:540)
469901-==469901== Uninitialised value was created by a stack allocation
469901:==469901== at 0x3A0725: bgp_bfd_dest_update (bgp_bfd.c:376)
On looking at bgp_bfd_dest_update the function call into bfd_get_peer_info
when it fails to lookup the ifindex ifp pointer just returns leaving
the dest and src prefix pointers pointing to whatever was passed in.
Let's do two things:
a) The src pointer was sometimes assumed to be passed in and sometimes not.
Forget that. Make it always be passed in
b) memset the src and dst pointers to be all zeros. Then when we look
at either of the pointers we are not making decisions based upon random
data in the pointers.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Valgrind reports:
2174600-==2174600==
2174600-==2174600== Syscall param write(buf) points to uninitialised byte(s)
2174600:==2174600== at 0x49C7FB3: write (write.c:26)
2174600-==2174600== by 0x48A4EA0: buffer_write (buffer.c:475)
2174600-==2174600== by 0x4915AD9: zclient_send_message (zclient.c:298)
2174600-==2174600== by 0x12DB97: ospf_ldp_sync_state_req_msg (ospf_ldp_sync.c:114)
2174600-==2174600== by 0x12E4F0: ospf_ldp_sync_if_start (ospf_ldp_sync.c:160)
2174600-==2174600== by 0x12E4F0: ospf_ldp_sync_ism_change (ospf_ldp_sync.c:339)
2174600-==2174600== by 0x12E4F0: ospf_ldp_sync_ism_change (ospf_ldp_sync.c:332)
2174600-==2174600== by 0x12C6A2: hook_call_ospf_ism_change (ospf_ism.c:46)
2174600-==2174600== by 0x12C6A2: ism_change_state (ospf_ism.c:540)
2174600-==2174600== by 0x12C6A2: ospf_ism_event (ospf_ism.c:600)
2174600-==2174600== by 0x4904846: thread_call (thread.c:1681)
When we send the request structure we are sending the whole thing and the
interface name string has junk at the end. Not a big deal, but cleans
up valgrind going wumple on us.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The calling function of ospf_nbr_nbma_lookup_next calls
this function and then immediately returns when it
gets the NULL. Just cleanup a bit more code.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The #if 0 code in ospfd, has not been compiled since at least
2012. If we are at least 9 years old at this point with no effort
to use or save, we should just get rid of it.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Use a pre-built backup path from the post-convergence SPF tree to
make the overall calculation deterministic. This is also a
requirement for non-adjacent P/Q spaces since it's way easier
to organize multiple P and Q spaces using a 'fixed' backup path.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
When P and Q spaces are adjacent then it makes sense to use adjacency SIDs to
from the P node to the Q node. There are some other corner cases where this
makes also sense like when a P/Q node adjacent to root node.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
A reverse SPF is important in the context of TI-LFA, e.g. for
computing so called Q spaces. In case the weights of the links are
symmetric there is no difference to the 'normal' SPF and hence this
patch is really just needed for the case with asymmetric link
weights.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
