proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-05-28 14:21:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
33,261 Commits 4 Branches 191 Tags 125 MiB
ffbff9b515
Commit Graph

2508 Commits

Author SHA1 Message Date
Russ White
a9a89805ec
Merge pull request #14398 from m-varasteh/ospfd-rfc5709 
ospfd: add support for RFC 5709 OSPFv2 HMAC-SHA Cryptographic Authentication
 2023-09-19 10:14:14 -04:00
Mahdi Varasteh
f5011cd5dd [ospfd]: add support for RFC 5709 HMAC-SHA Auth 
This patch includes:
* Implementation of RFC 5709 support in OSPF. Using
openssl library and FRR key-chain,
one can use SHA1, SHA256, SHA384, SHA512 and
keyed-MD5( backward compatibility with RFC 2328) HMAC algs.
* Updating documentation of OSPF
* add topotests for new HMAC algorithms

Signed-off-by: Mahdi Varasteh <varasteh@amnesh.ir>
 2023-09-16 07:38:23 +03:30
Russ White
abaa68f213
Merge pull request #14162 from opensourcerouting/feature/turn_on_nht_resolve_via_default_for_traditional_profile 
zebra: Turn on `nht resolve-via-default` by default for traditional profile
 2023-09-13 05:57:49 -04:00
Russ White
986dfa5e5d
Merge pull request #14348 from opensourcerouting/fpm-rr 
zebra: support route replace semantic in FPM
 2023-09-12 08:45:14 -04:00
Russ White
48d6039e14
Merge pull request #13724 from cscarpitta/feature/isisd-srv6-support 
isisd: Add support for SRv6 uSID (RFC 9352)
 2023-09-12 08:33:42 -04:00
Carmine Scarpitta
69fca0a492 doc: Add documentation for IS-IS SRv6 features 
Add documentation for IS-IS SRv6 functionalities (RFC 9352)

Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
 2023-09-11 22:11:59 +02:00
Jafar Al-Gharaibeh
0cca970790
Merge pull request #14349 from opensourcerouting/fix/update_doc_for_docker 
doc: Reuse $TAG for git checkout when building Docker images
 2023-09-05 23:22:34 -05:00
Donatas Abraitis
b32fd280fe doc: Reuse $TAG for git checkout when building Docker images 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-09-05 08:54:27 +03:00
Rafael Zalamena
2644ff6e59 doc: document new FPM command 
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
 2023-09-04 16:02:26 -03:00
Donatas Abraitis
d64a4ec490 doc: GR restart time, notifcation flag can be changed via BGP dynamic cap 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-08-30 17:18:53 +03:00
Martin Pels
4d96ce1b4d zebra: Make main routing table (RT_TABLE_MAIN) configurable 
Signed-off-by: Martin Pels <mpels@ripe.net>
 2023-08-22 15:29:07 +02:00
Donatas Abraitis
62196fbd19 zebra: Enable nht resolve-via-default by default for traditional profile 
Lots of questions raising regarding unresolved nht, I think it's time to
relax this and make it a default ON.

Here is an example list of issues when `nht resolvia-via-default` solved
the problem:

https://github.com/FRRouting/frr/issues/3241
https://github.com/FRRouting/frr/issues/7420
https://github.com/FRRouting/frr/issues/3474
https://github.com/FRRouting/frr/issues/5023
https://github.com/FRRouting/frr/issues/6504
https://github.com/FRRouting/frr/issues/6680
https://github.com/FRRouting/frr/issues/7049
https://github.com/FRRouting/frr/issues/7862
https://github.com/FRRouting/frr/issues/7999
https://github.com/FRRouting/frr/issues/13215
https://github.com/FRRouting/frr/issues/14098

TL;DR;

The BGP session does not come up if using multihop sessions and/or the peer(nexthop)
is not accessible from the RIB, but only via default route. This is even valid for
iBGP, and not only for eBGP peering. Adding a static /32, /128 route for the peer
would do the trick, but it's a workaround.

If the route has a nexthop marked as invalid, most likely this is due to it can't
be resolved from the current RIB, but only via default route.

For instance, Cisco allows this by default (can't find even a knob to turn it
off or I'm blind).

For eBGP sessions it might be also combined with `disable-ebgp-connected-route-check`.

Some people asked if this could be a default, also for instance MetalLB is adding
this by default for all the configs it generates.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-08-17 21:45:55 +03:00
Jafar Al-Gharaibeh
ea5588c00e
Merge pull request #14189 from donaldsharp/do_not_use_system_calls 
doc: Prohibit usage of `system()` calls in FRR
 2023-08-13 16:02:17 -05:00
Donatas Abraitis
0c7d6dfdf0
Merge pull request #14126 from LabNConsulting/ziemba-pbr-actions-mangling 
pbrd: (3/3) add packet mangling actions (src/dst ip-addr/port, dscp, ecn)
 2023-08-13 16:39:07 +03:00
Donald Sharp
cdf6c5e587 doc: Prohibit usage of system() calls in FRR 
See the documentation update, but system() calls and
it's ilk block the processing of SIGINT and they are
not properly handled as a result leading to shutdown
issues where one or more daemons never stop.

See aa530b627d as an example
of system call usage removed from the system.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2023-08-11 13:28:54 -04:00
Philippe Guibert
63be83eac5 doc: update mpls per interface command 
Update mpls per interface command information.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-08-10 18:13:21 +02:00
G. Paul Ziemba
ba240bcfa3 pbrd: add packet mangling actions (src/dst ip-addr/port, dscp, ecn) 
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
 2023-08-09 12:11:43 -07:00
Francois Dumontet
7ac7cd804b doc: set as-path replace as-path-access-list 
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
 2023-08-09 11:13:38 +02:00
G. Paul Ziemba
09262f1b72 pbrd: add nexthop drop type 
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
 2023-08-08 10:18:15 -07:00
Donald Sharp
6f6b7e1706 doc: Add --v6-with-v4-nexthops documentation 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2023-08-03 08:57:55 -04:00
Farid Mihoub
902a8d1fd3 bgpd: add set extended-comm-list <> delete command 
Signed-off-by: Farid Mihoub <farid.mihoub@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-07-31 11:52:36 +02:00
Russ White
82d8e7d5fa
Merge pull request #13945 from pguibert6WIND/redistribute_isis_table 
Redistribute isis table
 2023-07-25 10:16:46 -04:00
Mark Stapp
90f1e4e017
Merge pull request #14065 from opensourcerouting/bfd-label-doc 
doc: remove BFD label command references
 2023-07-21 08:59:50 -04:00
Donatas Abraitis
3a58764e3a
Merge pull request #14034 from LabNConsulting/aceelindem/ospf_prefix_suppression 
ospfd: Implement OSPF prefix-suppression as specified in RFC 6860
 2023-07-21 10:14:22 +03:00
Acee
e2eea4fe8e ospfd: Implement OSPF prefix-suppression as specified in RFC 6860 
Signed-off-by: Acee <aceelindem@gmail.com>
 2023-07-20 14:56:43 -04:00
Rafael Zalamena
01ec8c260a doc: remove BFD label command references 
`label` command is already gone and now we are going to remove all label
references.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
 2023-07-20 15:49:07 -03:00
Donald Sharp
1b1d256f03
Merge pull request #14026 from LabNConsulting/pbr-add-vlan-filters 
pbrd: 1/3: add vty support for vlan filtering and send to zebra
 2023-07-20 08:01:24 -04:00
G. Paul Ziemba
8b330fe8b7 pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (doc, tests) 
Subset: doc and tests

    doc
	PBR section updated with new fields and some copy-editing

    tests
	pbr_topo1: ensure new vlan fields arrive at zebra

    Changes by:
	Josh Werner <joshuawerner@mitre.org>
	Eli Baum <ebaum@mitre.org>
	G. Paul Ziemba <paulz@labn.net>

Signed-off-by: G. Paul Ziemba <paulz@labn.net>
 2023-07-19 08:15:45 -07:00
Francois Dumontet
832b5c30c0 doc: set as-path exclude as-path-access-list 
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
 2023-07-19 10:58:00 +02:00
Donald Sharp
37940809ad
Merge pull request #14037 from opensourcerouting/feature/enable_software_capability_for_datacenter_profile_by_default 
bgpd: Enable software version capability for datacenter profile
 2023-07-18 09:19:19 -04:00
Donatas Abraitis
30db544508 bgpd: Send software-version capability by default 
Useful to have it for datacenter profile only, disabled for traditional.

If the peer is not established or established, but has no description set,
we will show the FRR version instead, which is kinda handy to have instead of
nothing.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-07-18 09:42:48 +03:00
Zhiyuan Wan
919b8f94b3 ospfd: Support show intra-area network type in 'show ip ospf route' command 
User can now use 'show ip ospf route detail' command to distinguish
intra-area stub network and transit network.
Transit network will be displayed as 'N T prefix ...'.

NOTICE: Json output format has been changed, intra-area transit networks
will have a new attribute 'transit' and value is 'true'.
And 'adv' (means advertise router) change to 'advertisedRouter'.

Example output:

bsp-debianrt-exp1# show ip ospf route detail
Codes: N  - network     T - transitive
       IA - inter-area  E - external route
       D  - destination R - router

============ OSPF network routing table ============
N T  10.0.0.0/24           [32] area: 0.0.0.0
                           via 192.168.124.67, ens192
                           adv 10.0.0.5
N    10.0.30.0/24          [33] area: 0.0.0.0
                           via 192.168.124.67, ens192
                           adv 10.0.0.5
...

Signed-off-by: Zhiyuan Wan <h@iloli.bid>
 2023-07-18 14:20:05 +08:00
Zhiyuan Wan
0ce2d1aaa1 ospfd: Support show advertise router in 'show ip ospf route' command 
Users can now use 'show ip ospf route [detail]' command to show the
originator of each OSPF route item.

Signed-off-by: Zhiyuan Wan <h@iloli.bid>
 2023-07-18 14:20:05 +08:00
Donatas Abraitis
58ac0f408f doc: Add RFC 5396 to the supported BGP RFC list 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-07-14 10:29:45 +03:00
Philippe Guibert
2150647069 isisd: add redistribute table identifier in nb configuration 
The yang model does not handle the table identifier in IS-IS.
For each redistributed each address family, a new list of
table elements is added to store the table identifier to
redistribute, and also the optional metric and route-map values
for each table identifier.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-07-12 14:06:00 +02:00
Donald Sharp
6934a1d31d
Merge pull request #13968 from zhengxiang311019/patch-1 
doc: fix the error path.
 2023-07-11 12:25:40 -04:00
Russ White
6e89a5db22
Merge pull request #13691 from LabNConsulting/aceelindem/ospf-opaque-interface-disable 
ospfd: Configurable interface-level 'capability opaque' support
 2023-07-11 11:47:32 -04:00
xzheng
c46a231a8d doc: fix the error path 
fix the error path.

Signed-off-by: xzheng <zhengxiang311019@163.com>
 2023-07-11 09:45:35 +08:00
Christian Hopps
055f4997b4 doc: document sqlite3 depend and add to docker build 
Signed-off-by: Christian Hopps <chopps@labn.net>
 2023-07-06 18:08:15 -04:00
Donatas Abraitis
3b02d99f33
Merge pull request #13836 from pguibert6WIND/set_aspath_replace_with_configured_asn 
bgpd: add 'set as-path replace' with a configured ASN
 2023-06-30 12:39:55 +03:00
Rodney W. Grimes
a41eee6927 doc: Add Ubuntu 22.04 to list of builds 
Add Ubuntu 22.04 build instructions to list.
Sort list into alphabetic order.

Signed-off-by: Rodney W. Grimes <rgrimes@FreeBSD.org>
 2023-06-29 09:46:27 +00:00
Philippe Guibert
a3f0a1f5ed bgpd: add 'set as-path replace' with a configured ASN 
There is no route-map set action to replace any ASN,
or a part of an ASN, with a configured ASN.

The current commit adds a new command to use a configured
ASN as replacement, instead of using the local as number.

> set as-path replace any 65500

Update the 'bgp_set_aspath_replace' test.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-06-28 21:21:55 +02:00
Acee
e72549c8f6 ospfd: Configurable interface-level 'capability opaque' support 
Add support for "[no] ip ospf capbility opaque" at the interface
    level with the default being capability opaque enabled. The command
    "no ip ospf capability opaque" will disable opaque LSA database
    exchange and flooding on the interface. A change in configuration
    will result in the interface being flapped to update our options
    for neighbors but no attempt will be made to purge existing LSAs
    as in dense topologies, these may received by neighbors through
    different interfaces.

    Topotests are added to test both the configuration and the LSA
    opaque flooding suppression.

Signed-off-by: Acee <aceelindem@gmail.com>
 2023-06-28 13:03:48 -04:00
Russ White
4a7d9469f2
Merge pull request #13826 from opensourcerouting/fix/ripng_match_ipv6_acls 
ripng: match ipv6 address [prefix-list] CMDs
 2023-06-27 11:31:23 -04:00
Donatas Abraitis
4199f032e5
Merge pull request #13722 from fdumontet6WIND/color_extcomm 
bgpd,lib,yang: add colored extended communities support
 2023-06-27 13:03:22 +03:00
anlan_cs
4e8737b269 doc: Fix one syntax error for code block 
The code block doesn't work due to special thing in front of it.
So, just make it work.

Signed-off-by: anlan_cs <vic.lan@pica8.com>
 2023-06-27 13:51:40 +08:00
Francois Dumontet
fc44787211 doc: extcommunity color 
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
 2023-06-26 14:27:27 +02:00
Jafar Al-Gharaibeh
0951530abc
Merge pull request #13823 from LabNConsulting/aceelindem/workflow-coverity-typo 
doc: Fix typo in previous Coverity workflow doc commit.
 2023-06-22 13:32:09 -05:00
Donatas Abraitis
bfbe4e629d doc: Add documentation for route-maps for ripng 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-06-22 00:14:02 +03:00
Russ White
be4cfbd2b8
Merge pull request #13790 from pguibert6WIND/set_aspath_exclude 
bgpd: add 'set as-path exclude all' command
 2023-06-21 08:48:21 -04:00