| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
This is not the attribute involved in path selection and by rfc7606 it should
be just ignored.
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\
| |
| | |
bgpd: Check to ensure community attributes exist before freeing them
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Community attributes might have been removed by an inbound route map, so we
should check to ensure they still exist before trying to free them.
This fixes a segfault described in issue #6345.
Signed-off-by: Josh Cox <josh.cox@pureport.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It could be hard to notice when eBGP policy is missing in `show bgp summary`.
This adds more sugar to the output:
Normal:
```
MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
10 0 0 0 00:02:07 6 8
```
When rfc8212 is enabled (default since 7.4) - OUTBOUND:
```
MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
13 0 0 0 00:04:56 6 (Policy)
```
INBOUND:
```
MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
19 0 0 0 00:06:27 (Policy) 2
```
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
It is possible that the if_lookup_by_index() call will return
a NULL value and calling zclient_send_interface_radv_req. Just
test that we have a valid interface pointer.
Found by Coverity
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |\
| |
| | |
bgpd: turn off RAs when numbered peers are deleted
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Problem reported that in many circumstances, RAs created in the
process of bringing up numbered IPv6 peers with extended-nexthop
capability enabled (for ipv4 over ipv6) were not stopped on the
interface when those peers were deleted. Found several circumstances
where this occurred and fix them in this patch.
Ticket: CM-26875
Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Modify the import-check command to require the underlying prefix
to exist in the rib. General consensus is that this is the correct
behavior.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |\ \
| | |
| | | |
bgpd: Show PfxSnt for `show bgp <afi> <safi>` command
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
JSON output was already in, just printing in CLI as well.
```
root@exit1-debian-9:~# vtysh -c 'show bgp ipv4 summary'
IPv4 Unicast Summary:
BGP router identifier 10.10.10.1, local AS number 65001 vrf-id 0
BGP table version 100003
RIB entries 200005, using 37 MiB of memory
Peers 1, using 21 KiB of memory
... MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
... 64 157 0 0 0 00:01:18 0 100003
Total number of neighbors 1
```
JSON:
```
root@exit1-debian-9:~# vtysh -c 'show bgp ipv4 summary json' \ |
> jq '.ipv4Unicast.peers."192.168.0.2".pfxSnt'
100003
```
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| | |/
|/|
| |
| |
| |
| | |
o.O
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
| | |
| |
| |
| |
| |
| |
| | |
These are easy to get subtly wrong, and doing so can cause
nondeterministic failures when racing in parallel builds.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
| |/
|
|
|
|
| |
No need to put $(top_srcdir) everywhere.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
| |
|
|
| |
This reverts commit 776e7cf5ce9cc0a55a48beb432faacf7ce7c97f9.
|
| |\
| |
| | |
bgpd: Show PfxSnt for `show bgp <afi> <safi>` command
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
JSON output was already in, just printing in CLI as well.
```
root@exit1-debian-9:~# vtysh -c 'show bgp ipv4 summary'
IPv4 Unicast Summary:
BGP router identifier 10.10.10.1, local AS number 65001 vrf-id 0
BGP table version 100003
RIB entries 200005, using 37 MiB of memory
Peers 1, using 21 KiB of memory
... MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd PfxSnt
... 64 157 0 0 0 00:01:18 0 100003
Total number of neighbors 1
```
JSON:
```
root@exit1-debian-9:~# vtysh -c 'show bgp ipv4 summary json' \ |
> jq '.ipv4Unicast.peers."192.168.0.2".pfxSnt'
100003
```
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\ \ |
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Fix 1 byte overflow when showing GR info in bgpd
- Use PATH_MAX for path buffers
- Use unsigned specifiers for uint16_t's in zebra pbr
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Take care of some more complicated cases by hand
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Replace sprintf with snprintf where straightforward to do so.
- sprintf's into local scope buffers of known size are replaced with the
equivalent snprintf call
- snprintf's into local scope buffers of known size that use the buffer
size expression now use sizeof(buffer)
- sprintf(buf + strlen(buf), ...) replaced with snprintf() into temp
buffer followed by strlcat
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
|
| |\ \ \
| |_|/
|/| | |
bgpd: When static default route is present in RIB and advertised to p…
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Issue:
Configuring default-originate when static default route is previously
advertised results in withdrawal of the route.
Fix :
Delete the adj-out entry for the previously advertised static
default route without sending explicit withdraw message.
Signed-off-by: kssoman <somanks@gmail.com>
|
| |\ \ \
| | | |
| | | | |
bgpd: handle fs nlri over 240 bytes
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the nlri flowspec above 240 bytes size was not handled.
Over 240 bytes, the length is 2 bytes length, and a calculation must be
done to obtain the real length. This commit handles it appropriately.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| |\ \ \ \
| | | | |
| | | | | |
bgpd: Enforce self-next-hop check in next-hop update.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Problem Description:
=====================
+--+ +--+
|R1|-(192.201.202.1)----iBGP----(192.201.202.2)-|R2|
+--+ +--+
Routes on R2:
=============
S>* 202.202.202.202/32 [1/0] via 192.201.78.1, ens256, 00:40:48
Where, the next-hop network, 192.201.78.0/24, is a directly connected network address.
C>* 192.201.78.0/24 is directly connected, ens256, 00:40:48
Configurations on R1:
=====================
!
router bgp 201
bgp router-id 192.168.0.1
neighbor 192.201.202.2 remote-as 201
!
Configurations on R2:
=====================
!
ip route 202.202.202.202/32 192.201.78.1
!
router bgp 201
bgp router-id 192.168.0.2
neighbor 192.201.202.1 remote-as 201
!
address-family ipv4 unicast
redistribute static
exit-address-family
!
Step-1:
=======
R1 receives the route 202.202.202.202/32 from R2.
R1 installs the route in its BGP RIB.
Step-2:
=======
On R1, a connected interface address is added.
The address is the same as the next-hop of the BGP route received from R2 (192.201.78.1).
Point of Failure:
=================
R1 resolves the BGP route even though the route's next-hop is its own connected address.
Even though this appears to be a misconfiguration it would still be better to safeguard the code against it.
Fix:
====
When BGP receives a connected route from Zebra, it processes the
routes for the next-hop update.
While doing so, BGP must ignore routes whose next-hop address matches
the address of the connected route for which Zebra sent the next-hop update
message.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
bgpd: Do not discard an UPDATE if the global nexthop is set to ::
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When we receive an UPDATE with MP_NEXTHOP len as 32 bytes, we shouldn't
check if the global (1st) nexthop is unspecified.
Peering between bird and FRRouting we receive from Bird something like:
```
rcvd UPDATE w/ attr: , origin i, mp_nexthop ::(fe80::a00:27ff:fe09:f8a3)
```
The link-local (2nd) nexthop is valid and validated later in the code.
Before it was marked:
```
IPv6 unicast -- DENIED due to: martian or self next-hop;
```
After it's a valid prefix:
```
spine1-debian-9# show bgp
BGP table version is 0, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 65002
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
2a02:4780::/64 fe80::a00:27ff:fe09:f8a3
0 65001 i
Displayed 1 routes and 1 total paths
```
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
*: make coverity scan ignore random() calls
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Replace all `random()` calls with a function called `frr_weak_random()`
and make it clear that it is only supposed to be used for weak random
applications.
Use the annotation described by the Coverity Scan documentation to
ignore `random()` call warnings.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Just remove MACROS and use true/false.
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | |
| | | | |
| | | | | |
ton31337/feature/rfc8212_enabled_traditional_profile
bgpd: Enable rfc8212 by default except datacenter profile
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Some competitive vendors like Cisco, Bird, OpenBGPD,
Nokia already have this by default enabled.
The list is here: https://github.com/bgp/RFC8212
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
bgpd: Add a sanitify check for bgp_nexthop_cache against NULL
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In real world sometimes happens that bgp_nexthop_cache is NULL. Avoid
segfaulting when using `show [ip] bgp ...` CLI commands.
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Merge nb_converions branch to master
|
| | |/ / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
*: clean up the mess that is CLI command nodes
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Rather than doing a f*gly hack for the RPKI code, let's do an on-exit
hook in cmd_node. Also allows replacing some special-casing in the vty
code.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
And again for the name. Why on earth would we centralize this, just so
people can forget to update it?
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Same as before, instead of shoving this into a big central list we can
just put the parent node in cmd_node.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
There is really no reason to not put this in the cmd_node.
And while we're add it, rename from pointless ".func" to ".config_write".
[v2: fix forgotten ldpd config_write]
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The only nodes that have this as 0 don't have a "->func" anyway, so the
entire thing is really just pointless.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
... and use named assignments everywhere (so I can change the struct.)
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
bgpd, lib: Use bool instead of uint8_t for community/prefix-list "any"
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
That's only 0/1, useful to use just a bool for that.
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
bgpd: Allow 'show bgp l2vpn evpn route type' to use RT number in addition to existing keywords
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This adds numeric keywords to 'show bgp l2vpn evpn route type'.
Signed-off-by: Trey Aspelund <taspelund@cumulusnetworks.com>
|
