proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-05-27 20:33:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
33,261 Commits 4 Branches 191 Tags 125 MiB
ffbff9b515
Commit Graph

1467 Commits

Author SHA1 Message Date
Russ White
a9a89805ec
Merge pull request #14398 from m-varasteh/ospfd-rfc5709 
ospfd: add support for RFC 5709 OSPFv2 HMAC-SHA Cryptographic Authentication
 2023-09-19 10:14:14 -04:00
Mahdi Varasteh
f5011cd5dd [ospfd]: add support for RFC 5709 HMAC-SHA Auth 
This patch includes:
* Implementation of RFC 5709 support in OSPF. Using
openssl library and FRR key-chain,
one can use SHA1, SHA256, SHA384, SHA512 and
keyed-MD5( backward compatibility with RFC 2328) HMAC algs.
* Updating documentation of OSPF
* add topotests for new HMAC algorithms

Signed-off-by: Mahdi Varasteh <varasteh@amnesh.ir>
 2023-09-16 07:38:23 +03:30
Russ White
abaa68f213
Merge pull request #14162 from opensourcerouting/feature/turn_on_nht_resolve_via_default_for_traditional_profile 
zebra: Turn on `nht resolve-via-default` by default for traditional profile
 2023-09-13 05:57:49 -04:00
Russ White
986dfa5e5d
Merge pull request #14348 from opensourcerouting/fpm-rr 
zebra: support route replace semantic in FPM
 2023-09-12 08:45:14 -04:00
Russ White
48d6039e14
Merge pull request #13724 from cscarpitta/feature/isisd-srv6-support 
isisd: Add support for SRv6 uSID (RFC 9352)
 2023-09-12 08:33:42 -04:00
Carmine Scarpitta
69fca0a492 doc: Add documentation for IS-IS SRv6 features 
Add documentation for IS-IS SRv6 functionalities (RFC 9352)

Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
 2023-09-11 22:11:59 +02:00
Rafael Zalamena
2644ff6e59 doc: document new FPM command 
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
 2023-09-04 16:02:26 -03:00
Donatas Abraitis
d64a4ec490 doc: GR restart time, notifcation flag can be changed via BGP dynamic cap 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-08-30 17:18:53 +03:00
Martin Pels
4d96ce1b4d zebra: Make main routing table (RT_TABLE_MAIN) configurable 
Signed-off-by: Martin Pels <mpels@ripe.net>
 2023-08-22 15:29:07 +02:00
Donatas Abraitis
62196fbd19 zebra: Enable nht resolve-via-default by default for traditional profile 
Lots of questions raising regarding unresolved nht, I think it's time to
relax this and make it a default ON.

Here is an example list of issues when `nht resolvia-via-default` solved
the problem:

https://github.com/FRRouting/frr/issues/3241
https://github.com/FRRouting/frr/issues/7420
https://github.com/FRRouting/frr/issues/3474
https://github.com/FRRouting/frr/issues/5023
https://github.com/FRRouting/frr/issues/6504
https://github.com/FRRouting/frr/issues/6680
https://github.com/FRRouting/frr/issues/7049
https://github.com/FRRouting/frr/issues/7862
https://github.com/FRRouting/frr/issues/7999
https://github.com/FRRouting/frr/issues/13215
https://github.com/FRRouting/frr/issues/14098

TL;DR;

The BGP session does not come up if using multihop sessions and/or the peer(nexthop)
is not accessible from the RIB, but only via default route. This is even valid for
iBGP, and not only for eBGP peering. Adding a static /32, /128 route for the peer
would do the trick, but it's a workaround.

If the route has a nexthop marked as invalid, most likely this is due to it can't
be resolved from the current RIB, but only via default route.

For instance, Cisco allows this by default (can't find even a knob to turn it
off or I'm blind).

For eBGP sessions it might be also combined with `disable-ebgp-connected-route-check`.

Some people asked if this could be a default, also for instance MetalLB is adding
this by default for all the configs it generates.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-08-17 21:45:55 +03:00
Donatas Abraitis
0c7d6dfdf0
Merge pull request #14126 from LabNConsulting/ziemba-pbr-actions-mangling 
pbrd: (3/3) add packet mangling actions (src/dst ip-addr/port, dscp, ecn)
 2023-08-13 16:39:07 +03:00
Philippe Guibert
63be83eac5 doc: update mpls per interface command 
Update mpls per interface command information.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-08-10 18:13:21 +02:00
G. Paul Ziemba
ba240bcfa3 pbrd: add packet mangling actions (src/dst ip-addr/port, dscp, ecn) 
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
 2023-08-09 12:11:43 -07:00
Francois Dumontet
7ac7cd804b doc: set as-path replace as-path-access-list 
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
 2023-08-09 11:13:38 +02:00
G. Paul Ziemba
09262f1b72 pbrd: add nexthop drop type 
Signed-off-by: G. Paul Ziemba <paulz@labn.net>
 2023-08-08 10:18:15 -07:00
Donald Sharp
6f6b7e1706 doc: Add --v6-with-v4-nexthops documentation 
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
 2023-08-03 08:57:55 -04:00
Farid Mihoub
902a8d1fd3 bgpd: add set extended-comm-list <> delete command 
Signed-off-by: Farid Mihoub <farid.mihoub@6wind.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-07-31 11:52:36 +02:00
Russ White
82d8e7d5fa
Merge pull request #13945 from pguibert6WIND/redistribute_isis_table 
Redistribute isis table
 2023-07-25 10:16:46 -04:00
Mark Stapp
90f1e4e017
Merge pull request #14065 from opensourcerouting/bfd-label-doc 
doc: remove BFD label command references
 2023-07-21 08:59:50 -04:00
Donatas Abraitis
3a58764e3a
Merge pull request #14034 from LabNConsulting/aceelindem/ospf_prefix_suppression 
ospfd: Implement OSPF prefix-suppression as specified in RFC 6860
 2023-07-21 10:14:22 +03:00
Acee
e2eea4fe8e ospfd: Implement OSPF prefix-suppression as specified in RFC 6860 
Signed-off-by: Acee <aceelindem@gmail.com>
 2023-07-20 14:56:43 -04:00
Rafael Zalamena
01ec8c260a doc: remove BFD label command references 
`label` command is already gone and now we are going to remove all label
references.

Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
 2023-07-20 15:49:07 -03:00
Donald Sharp
1b1d256f03
Merge pull request #14026 from LabNConsulting/pbr-add-vlan-filters 
pbrd: 1/3: add vty support for vlan filtering and send to zebra
 2023-07-20 08:01:24 -04:00
G. Paul Ziemba
8b330fe8b7 pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (doc, tests) 
Subset: doc and tests

    doc
	PBR section updated with new fields and some copy-editing

    tests
	pbr_topo1: ensure new vlan fields arrive at zebra

    Changes by:
	Josh Werner <joshuawerner@mitre.org>
	Eli Baum <ebaum@mitre.org>
	G. Paul Ziemba <paulz@labn.net>

Signed-off-by: G. Paul Ziemba <paulz@labn.net>
 2023-07-19 08:15:45 -07:00
Francois Dumontet
832b5c30c0 doc: set as-path exclude as-path-access-list 
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
 2023-07-19 10:58:00 +02:00
Donald Sharp
37940809ad
Merge pull request #14037 from opensourcerouting/feature/enable_software_capability_for_datacenter_profile_by_default 
bgpd: Enable software version capability for datacenter profile
 2023-07-18 09:19:19 -04:00
Donatas Abraitis
30db544508 bgpd: Send software-version capability by default 
Useful to have it for datacenter profile only, disabled for traditional.

If the peer is not established or established, but has no description set,
we will show the FRR version instead, which is kinda handy to have instead of
nothing.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-07-18 09:42:48 +03:00
Zhiyuan Wan
919b8f94b3 ospfd: Support show intra-area network type in 'show ip ospf route' command 
User can now use 'show ip ospf route detail' command to distinguish
intra-area stub network and transit network.
Transit network will be displayed as 'N T prefix ...'.

NOTICE: Json output format has been changed, intra-area transit networks
will have a new attribute 'transit' and value is 'true'.
And 'adv' (means advertise router) change to 'advertisedRouter'.

Example output:

bsp-debianrt-exp1# show ip ospf route detail
Codes: N  - network     T - transitive
       IA - inter-area  E - external route
       D  - destination R - router

============ OSPF network routing table ============
N T  10.0.0.0/24           [32] area: 0.0.0.0
                           via 192.168.124.67, ens192
                           adv 10.0.0.5
N    10.0.30.0/24          [33] area: 0.0.0.0
                           via 192.168.124.67, ens192
                           adv 10.0.0.5
...

Signed-off-by: Zhiyuan Wan <h@iloli.bid>
 2023-07-18 14:20:05 +08:00
Zhiyuan Wan
0ce2d1aaa1 ospfd: Support show advertise router in 'show ip ospf route' command 
Users can now use 'show ip ospf route [detail]' command to show the
originator of each OSPF route item.

Signed-off-by: Zhiyuan Wan <h@iloli.bid>
 2023-07-18 14:20:05 +08:00
Donatas Abraitis
58ac0f408f doc: Add RFC 5396 to the supported BGP RFC list 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-07-14 10:29:45 +03:00
Philippe Guibert
2150647069 isisd: add redistribute table identifier in nb configuration 
The yang model does not handle the table identifier in IS-IS.
For each redistributed each address family, a new list of
table elements is added to store the table identifier to
redistribute, and also the optional metric and route-map values
for each table identifier.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-07-12 14:06:00 +02:00
Russ White
6e89a5db22
Merge pull request #13691 from LabNConsulting/aceelindem/ospf-opaque-interface-disable 
ospfd: Configurable interface-level 'capability opaque' support
 2023-07-11 11:47:32 -04:00
Philippe Guibert
a3f0a1f5ed bgpd: add 'set as-path replace' with a configured ASN 
There is no route-map set action to replace any ASN,
or a part of an ASN, with a configured ASN.

The current commit adds a new command to use a configured
ASN as replacement, instead of using the local as number.

> set as-path replace any 65500

Update the 'bgp_set_aspath_replace' test.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-06-28 21:21:55 +02:00
Acee
e72549c8f6 ospfd: Configurable interface-level 'capability opaque' support 
Add support for "[no] ip ospf capbility opaque" at the interface
    level with the default being capability opaque enabled. The command
    "no ip ospf capability opaque" will disable opaque LSA database
    exchange and flooding on the interface. A change in configuration
    will result in the interface being flapped to update our options
    for neighbors but no attempt will be made to purge existing LSAs
    as in dense topologies, these may received by neighbors through
    different interfaces.

    Topotests are added to test both the configuration and the LSA
    opaque flooding suppression.

Signed-off-by: Acee <aceelindem@gmail.com>
 2023-06-28 13:03:48 -04:00
Russ White
4a7d9469f2
Merge pull request #13826 from opensourcerouting/fix/ripng_match_ipv6_acls 
ripng: match ipv6 address [prefix-list] CMDs
 2023-06-27 11:31:23 -04:00
Donatas Abraitis
4199f032e5
Merge pull request #13722 from fdumontet6WIND/color_extcomm 
bgpd,lib,yang: add colored extended communities support
 2023-06-27 13:03:22 +03:00
Francois Dumontet
fc44787211 doc: extcommunity color 
Signed-off-by: Francois Dumontet <francois.dumontet@6wind.com>
 2023-06-26 14:27:27 +02:00
Donatas Abraitis
bfbe4e629d doc: Add documentation for route-maps for ripng 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-06-22 00:14:02 +03:00
Russ White
be4cfbd2b8
Merge pull request #13790 from pguibert6WIND/set_aspath_exclude 
bgpd: add 'set as-path exclude all' command
 2023-06-21 08:48:21 -04:00
Russ White
4d9fb376c8
Merge pull request #13728 from opensourcerouting/fix/addpath_drop_non_best_addpaths 
bgpd: Implement neighbor X addpath-tx-best-selected command
 2023-06-20 09:20:36 -04:00
Russ White
68da3eab07
Merge pull request #13524 from pguibert6WIND/mpls_vpn_lsr_redistribute 
MPLS vpn LSR redistribute
 2023-06-20 09:13:33 -04:00
Russ White
56a10caa03
Merge pull request #12971 from taspelund/trey/mac_vrf_soo_upstream 
bgpd: Add MAC-VRF Site-of-Origin support
 2023-06-20 09:08:28 -04:00
Philippe Guibert
92550adfc7 bgpd: add 'set as-path exclude all' command 
It is not possible to flush all the incoming as-path list
from a given BGP update.

Add a route-map set command to remove all as-paths
from a given AS path. Add the necessary tests.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-06-19 18:04:44 +02:00
Philippe Guibert
346607c7d3 doc: add 'mpls bgp l3vpn-multi-domain-switching' 
The 'mpls bgp l3vpn-multi-domain-switching' per-interface
command is documented.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
 2023-06-16 10:55:17 +02:00
Quentin Young
cb827d9f55
Merge pull request #13650 from opensourcerouting/feature/bgpd_default_originate_route_map_timer 
bgpd: Add an ability to control default-originate route-map timer
 2023-06-08 12:05:35 -04:00
Donatas Abraitis
db731ec639 doc: Add neighbor addpath-tx-best-selected command 
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-06-07 22:19:40 +03:00
Donatas Abraitis
efce200d93 doc: Document RFC8212 under Displaying BGP Information section 
Looks like people don't find what does it mean (Policy) at first shot, let's
try giving more hints here.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-06-06 15:28:19 +03:00
Donatas Abraitis
d49700dd2f bgpd: Add an ability to control default-originate route-map timer 
By default it's 5 seconds. That means, every 5 second it iterates over the
whole BGP table and checks if a route-map is kicked in (if route-map is defined).

Having a full feed with many of neighbors, this is a huge CPU-killer, and takes
a lot of time.

Thread statistics for bgpd:

Showing statistics for pthread default
--------------------------------------
                               CPU (user+system): Real (wall-clock):
Active   Runtime(ms)   Invoked Avg uSec Max uSecs Avg uSec Max uSecs  CPU_Warn Wall_Warn Starv_Warn Type   Thread
    0          0.487        10       48        84       49        85         0         0          0    T    (bgp_connect_timer)
    0          0.000         1        0         0        1         1         0         0          0    T    bgp_startup_timer_expire
    2          3.991       276       14      1032       14      1031         0         0          0  R      zclient_read
    0          0.010         4        2         6        3         6         0         0          0     E   _bfd_sess_send
    0          0.057        11        5        26        6        26         0         0          0   W     vtysh_write
    0         65.054       136      478     28907      484     28914         0         0          0     E   bgp_event
    0      11233.040        24   468043   2772209  1341293   7781145         0         3          0    T    subgroup_coalesce_timer
    2          3.649        33      110       394      111       395         0         0          0  R      bgp_accept
    0        468.837         5    93767    178929    93799    178960         0         0          0    T    (bgp_graceful_stale_timer_expire)
    0          0.462         9       51        77       51        78         0         0          0    T    (bgp_start_timer)
    1        415.825     14200       29       414       29       415         0         0          0  R      vtysh_accept
    0          0.052         3       17        47       18        49         0         0          1    T    bgp_config_finish
    0          0.011         1       11        11       12        12         0         0          0     E   frr_config_read_in
    0          0.022         4        5         8        6         9         0         0          0     E   bgp_nht_ifp_initial
    0          0.121        44        2        64        3        65         0         0          0    T    (bgp_routeadv_timer)
    0      34194.454         3 11398151  21874014 27937411  52641827         2         0          1    T    bgp_route_map_update_timer
    0      13246.820         8  1655852   3065476  4589606   8454782         0         4          1    T    bgp_announce_route_timer_expired
    0          0.035         2       17        26       18        27         0         0          0     E   zclient_connect
    0     279624.026    318778      877    571779     2808   1639624         0         0          5    T    work_queue_run
    0          0.097        32        3        21        3        23         0         0          0  RW     bgp_connect_check
    2       6005.738     43560      137    680012      138    680446         0         0          0  R      vtysh_read
    0       1605.840   1116298        1      1331        2     10152         0         0        133    T    (bgp_generate_updgrp_packets)
    0       1073.162        17    63127    222065    63175    222087         0         0          0     E   bgp_packet_process_error
    1   16744058.262     10691  1566182   1807248  1566900   1808301         0         0          5    T    update_group_refresh_default_originate_route_map
    0          0.000        11        0         0        0         1         0         0          0    T    update_subgroup_merge_check_thread_cb
    0      94544.034   1898726       49    225054       69    225156         0         0          0     E   bgp_process_packet

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
 2023-05-31 22:58:30 +03:00
Trey Aspelund
9b55b559db doc: add docs for EVPN MAC-VRF Site-of-Origin 
Adds user documentation for the new EVPN MAC-VRF Site-of-Origin feature.

Signed-off-by: Trey Aspelund <taspelund@nvidia.com>
 2023-05-30 15:20:35 +00:00
Russ White
575a0c5e3c
Merge pull request #13555 from LabNConsulting/aceelindem/ospf-p2mp-delayed-reflooding-config 
ospfd: OSPF P2MP Delayed Reflooding configuration
 2023-05-23 11:41:35 -04:00