| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
|
| |
Without this, the Debian package build fails because dplane_sample_plugin.so gets compiled but not installed.
Signed-off-by: Martin Buck <mb-tmp-tvguho.pbz@gromit.dyndns.org>
|
| |
|
|
| |
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |
|
|
| |
Signed-off-by: Christian Hopps <chopps@labn.net>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
| |
|
|
|
|
|
| |
The tar.xz dist tarball doesn't exist for new releases.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 5a1130213c9a0c721017cf7922ffc969e96ac94b)
|
| |
|
|
|
|
|
|
| |
Github changed the HTML for their releases tab, making download links a
javascript thing. Which does not jive with uscan... at all...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 3c185cf70c90ba03349b6e7fb14a9986f4c21d4d)
|
| |
|
|
|
|
|
| |
Apparently now the binary filename is after the item...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit f032ce0a66818e572a45c8f34316ded95d4f9701)
|
| |
|
|
|
|
|
|
| |
Already done for existing python scripts in the install, just need to
add new .py files.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 03cef3900334e72b06cb9505e23338f2cfb9b9e5)
|
| |
|
|
|
|
|
| |
This is cargo cult from decades ago.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit 75a7532a11cdf9cbb923c2a1ace5f0252fe4a70d)
|
| |
|
|
|
|
|
| |
The debian/watchfrr.rc file was not install, so we just remove the cruft.
Signed-off-by: Ondřej Surý <ondrej@sury.org>
(cherry picked from commit 5632ff61df74ced015db3a56ef0063e93292244f)
|
| |
|
|
|
|
|
| |
As pointed out by lintian.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit b62f9af6b6716174c1510cc5160b11a40f37d6c0)
|
| |
|
|
|
|
|
| |
- use dh_sphinxdoc to get rid of embedded JS
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit e1e2ea84eed7f1880e1ed3fa2cfa09eaa9d2cdc1)
|
| |
|
|
|
|
|
|
| |
These two build-deps are for compile-time tools and thus need to be
marked :native.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
(cherry picked from commit e9f0af06c90df7a8364534e2b2e5225ece00076f)
|
| |
|
|
|
|
|
|
|
| |
This allows e.g. "sbuild --host=arm64" to build packages for other
architectures on, say, fat amd64 servers. As a side effect, the Debian
build uses a separate builddir, which helps noting issues on that front.
Signed-off-by: David Lamparter <equinox@diac24.net>
(cherry-picked from commit d1312e009b62331d39d0b9e77997b2f42be66f46)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
8.4 Release Overview
- New BGP [command](https://docs.frrouting.org/en/latest/bgp.html#clicmd-neighbor-A.B.C.D-X-X-X-X-WORD-soo-EXTCOMMUNITY) (`neighbor PEER soo`) to configure SoO to prevent routing loops and suboptimal routing on dual-homed sites.
- Command `debug bgp allow-martian` replaced to `bgp allow-martian-nexthop` because previously we allowed using martian next-hops when debug is turned on.
- Implement `BGP Prefix Origin Validation State Extended Community` [rfc8097](https://datatracker.ietf.org/doc/rfc8097/)
- Implement `Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages` [rfc9234](https://datatracker.ietf.org/doc/rfc9234/)
- BMP L3VPN support
- PIMv6 support
- MLD support
- New [command](https://docs.frrouting.org/en/latest/basic.html#clicmd-allow-reserved-ranges) to enable using reserved IPv4 ranges as normal addresses for BGP next-hops, interface addresses, etc.
- As usual, lots of bugs and memory leaks were fixed \m/
Changelog
---------
**babeld**
- Ignore Sub-TLV's with mandatory bit set
- Ignore unicast Hello's
**bfdd**
- Add IPv4 BFD Echo support
- Add RTT to BFD IPv4 Echo packet processing
- Allow L3 VRF BFD sessions without UDP leaking
**bgpd**
- Add `mpls bgp forwarding` to ease MPLS-VPN EBGP peering
- Add `bgp allow-martian-nexthop` command (remove `debug bgp allow-martian`)
- Add `neighbor soo` command
- Add `no rpki` command
- Add `show bgp access-list` command to filter routes by access-list
- Implement [rfc8097](https://datatracker.ietf.org/doc/rfc8097/)
- Implement [rfc9234](https://datatracker.ietf.org/doc/rfc9234/)
- Add resolution for L3VPN traffic over GRE interfaces
- Allow setting custom port for BGP unnumbered peers
- Allow statistics gathering to give more data about prefix lengths
- Apply conditional advertisements policy to update-group
- Associate appropriate family for redistributed connected addresses
- Avoid notify race between io and main pthreads
- Call a hook when as-path filter is replaced
- Cleanup memory leaks associated with t_deferral_timer
- Do not check if the whole as-path has target asn when using as-override
- Do not print new line for EVPN CLI outputs if it's a JSON
- Do not show polling_period default value in CLI for RPKI
- Don't advertise conditionally withdrawn routes
- Drop SSH public key for RPKI CLI option
- Fix `show bgp nexthop a.b.c.d`
- Fix for `aggregate-address summary-only matching-med-only`
- Fix inconsistencies with default-originate route-map
- Fix memory leak for `as-override`
- Fix memory leak for `set as-path replace` route-map command
- Fix memory leak for community alias
- Fix memory leak for community stuff
- Fix memory leak in SRv6 locator
- Fix memory leak when an SRv6 sid is removed
- Fix memory leak when setting [l]community at the egress
- Fix route-map update and delete route-map
- Fix `show bgp l2vpn evpn route rd` crash
- Fix the wrong next-hop BGP struct for next-hop validation
- Fixed BMP VPNv4 monitoring are withdrawn instead of updates
- Fixup PBR rule changes that were missed
- Fixup some MAC address token CLI syntax
- Free ecommunity before returning on warning/error
- Free memory for as-path filter if regexp is wrong
- Free memory for BMP listeners when deleting BGP instance
- Generate RPKI CLI config even if no cache servers are configured
- Handle origin validation state extended community via route-map match
- Handle route-refresh requests received before EOR
- Implement retain route-target all behavior
- Improve labelpool performance at scale
- Inconsistencies in snt counters with default-originate
- Prevent memory leak of the listener on shutdown
- Print peer's hostname for BGP (filtering) messages
- Print source VRF name when leaking to another VRF
- Release RCU lock in BGP keepalive pthread
- Reset BGP sessions when changing the port
- Send route updates when modifying access/aspath/prefix lists
- Set TTL for iBGP/eBGP by checking only if generic TTL security applied
- Show cache server preference in `show rpki cache-server` output
- Show extended communities memory consumption
- Show TTL value unconditionally for neighbors
- Start conditional advertisement timer instantly
- Stop conditional advertisements thread when terminating
- Stop LLGR thread when deleting a peer and/or gr flags changed
- Treat as withdraw if we receive as path with as_set / as_confed_set
- When specifying listen address for BGP we shouldn't imply no-fib flag
- Withdraw implicitly old paths from VRFs when import/export list changes
- Ensure that bgp open message stream has enough data to read
- Notify BGP conditional advertisement thread when the peer goes down
**bmp**
- Add an interface source to BMP connect command
- Add L3VPN support
**eigrpd**
- VRF variable name hides a parameter of the same name
**fabricd**
- Turn off excessive logging when peering will not come up
**isisd**
- Ensure rcap is freed in error case
- Fix crash with xfrm interface type
- Fix memory leak on shutdown with prefix lists
- Fix prefix-sid last-hop-behavior
**ldpd**
- Check if the thread is scheduled before calling for remained time
**lib**
- Abstract usage of '%pnhs' so that next-hop groups can use it too
- Add errno details to the sockopt_reuseaddr API
- Add sys_rawio to the capabilities definitions
- Allow downgrade of all caps when none are specified
- Allow using ipv4 (class e) reserved block if enabled
- Check hostname in resolver_resolve
- Cleanup red-herring memleaks in the parent of daemonizing fork
- Ensure ls_msg2edge does not use memory after freeing
- Fix `show route-map name json` command and memory leak
- Fix memory leak in `zclient_send_localsid()`
- Fix skip of every other plist deletion
- Fixup workqueue.c to use the proper thread.h semantics
- Function `crypt` does not need to be declared mid function
- Increase next-hop flags size to 16 bits
- Prevent uninitialized usage of data
- Remove usage of inet_ntop in lib/sockopt.c
- Require at least 2.1.42 version of sysrepo when compiling
- Return 0 as the remaining msec if the thread is not scheduled
- stream_dup memory alloc cannot fail
- Update sysrepo code with the latest API changes
- Use pi4 instead of inet_ntop in sockopt.c
**nhrpd**
- Use frr_weak_random()
- Use nhrp_interface_update_nbma when source VRF was changed
**ospf6d**
- Don't remove the summary route if it is a range
- Ensure that ospf6d does not memcpy beyond the end of the data
- Fix missing cost change
- Permit route delete without next-hops
- Remove ospf6enabled from JSON output
**ospfd**
- Add how many packets the interface has queued to send
- Add router-id support to OSPF API
- Added CLIs to change default timers for lsa refresh and maxage remove delay.
- Adding per neighbor JSON details to gr helper detail command
- Crash when router acts as gr helper upon a topo change
- Fix `show ip ospf neighbour <nbrid>` command
- Increase packets sent at one time in ospf_write
- Refactor fifo_flush for the interface
- Remove deprecated command `graceful-restart helper-only`
- When a neighbor goes down clear the oi->obuf if we can
- Catch and report too small LSAs
- Remove assert on zero length LSA - which is permitted by spec
- Fix bug where acks were not be generated to incoming P2P/P2MP neighbors
**pathd**
- `no mpls-te on` command was not working
- Add a zebra stop handler
- Change the vty output, when no ted is enabled on pathd
- Ensure the path is free'd after we no longer need it
- Nai adjacency fix query type f for IPv5
pim6d
- (*,g) mroutes not learnt after pim6d daemon restart
- Lots of CLI changes regarding MLD
- Lots of CLI changes regarding PIMv6
- Clear interface stats on interface shutdown
- Disable pim6d compilation by default
- Don't enable MLD on pimreg interface
- Fix the code for MLD in the show pim state command
- mroute stuck in register state, multicast traffic getting drops
- Register message getting dropped in the source node, mroute stuck in regj
- Send register msg with IPv6 global address
- Update last_member_query_interval and last_member_query_count
- Use ttable for displaying show commands
- Deleting the memory malloced for JSON
- Adding JSON support for show ipv6 next-hop
- Send register msg via register socket
- Change the show running commands based on the address family
- Set rp to true if the address matches, ignore prefix-length
**pimd**
- Allow v6 to do non-integrated configuration
- Assign a vty port value for v6
- Cleanup rpf lookup debug to help us figure out what is going on
- Correct the order of show JSON for interface traffic
- During prune pending, behave as noinfo state
- Fix invalid memory access join_timer_stop
- Fix memleak in bfd profile
- Fix PIM interface deletion flow
- Fix static mroute to also take into account the input interface
- Fix the setting of oif_flags in channel oil
- Fix unaligned accesses
- Handle receive of (*,g) register stop with src addr as 0
- Igmp querier election is not correct in lan scenario
- JSON support for next-hop
- Let the end operator know the ifindex as well in the failure case
- Limit PIM's ECMP to what zebra tells us is the multipath
- Querier to non-querier transition to be ignored
- Register stop message sent with mask 32
- Show interface traffic even if the interface is currently `down`
- Update mroute iif based on next-hop received from zebra
- VRF may be null from pim_cmd_lookup_vrf
**ripd**
- Use a sequence number instead of a time
**sharpd**
- Fix memory leak in release-locator-chunk
- Fix memory leak in release-locator-chunk
- Fix memory leaks related to SRv6 next-hops
**staticd**
- When changing the underlying nh ensure it is reinstalled
**tools**
- Add missing bfdd to logrotate config
- Add pim6d to tools so that pim6d will work properly
- Fix boot config load in watchfrr
- Stop zebra daemon last
**vtysh**
- Account validity should be verified when authenticating users with pam
- Add autocomplete for VRFs when using with `router bgp`
- Handle SIGTSTP (c-z) without exiting the vty shell
- Ignore `end` when parsing frr.conf
- Properly handle `[no] service cputime-stats` in config
- Properly handle `service cputime-warning xx` in the config
- Add `allow-reserved-ranges` global command
**watchfrr**
- Check that the operational timeout specified is good
**zebrad**
- Fixing log flooding when disabling MLAG leaf configuration
- Add a `mpls enable` interface node command
- Add a configurable knob `zebra nexthop-group keep (1-3600)`
- Add a timer to next-hop group deletion
- Add ability for netconf dplane to handle global values
- Add interface sysctl ignore on linkdown status
- Add more cases to proto2zebra for understanding kernel routes
- Add some more data to rtadv socket failures
- Add support for maintaining local neigh entries
- Add tc handlers in the script code
- Add tc netlink and dplane ops
- Allow kernel routes to stick around better on interface state changes
- Attempt to make ioctl.c have a bit more useful log messages
- Avoid buffer overflow using netlink_parse_rtattr_nested()
- Cleanup the memory from the hash for MPLS stuff
- Create a zebra_rib_route_entry_new function and use it
- Debug decode rta_expires and rta_mfc_stats
- Delete the malloced memory under `show zebra`
- Don't install connected routes multiple times into frr
- Expand PBR rule action for data-plane programming
- Explicitly call out the correct queue name
- Fix bond down for EVPN-MH
- Fix bug in netconf handling where dplane would drop the change
- Fix crash in shutdown w/ pw thread still running
- Fix ctab calculation typo in tc netlink
- Fix FPM crash
- Fix lost memory on lsp free
- Fix memory leak in srv6 locator delete
- Fix memory leaks and use after frees in nhg's on shutdown
- Fix missing tenant VRF change notification
- Fix missing VNI transition
- Fix remaining mr rtm_getroute oddities
- Fix rtadv startup when config read in is before interface up
- Free neighbor state before the exit to avoid memleaks
- Handle freebsd routing socket enobufs
- Iif/oif are not used in mr rtm_getroute
- Infrastructure for the new dataplane plugin
- Initialize hw via DPDK
- Introduce early route processing on the metaq
- Mc_forwarding was being sent but not retrieved across dataplane
- Notice when an interface is turned on w/ mpls and enable mpls subsystem
- On Linux let interface data come in through netlink messaging
- Pass AFI received for netconf updates
- Pass PBR expanded actions to the dataplane
- Pbr DPDK programming
- Reconfiguring netns for VRF is not a failure
- Rtnetlink: flow attr per gateway attr in multipath updates
- Setup the zebra interface to the DPDK port map table
- System routes should be processed the same time as the kernel
- Use default ns directly in tc dplane
- When deleting next-hop group entries ensure the thread is off
- When saving nhg for later stop processing
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |
|
|
| |
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
|
| |\
| |
| | |
packaging: Reuse frr.logrotate for Debian and Redhat builds
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
It will be easier to maintain a single file instead of two separate.
Also, fixes the issue when the file (/var/log/frr/frr.log) is not created
after logrotate.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/FRRouting/frr/pull/11465 enabled account verification,
but the pam config declares rootok as sufficient in authentication only
and not in account verification, what causes warning in the log:
vtysh[3747]: pam_warn(frr:account): function=[pam_sm_acct_mgmt]
flags=0 service=[frr] terminal=[<unknown>] user=[root]
ruser=[<unknown>] rhost=[<unknown>]
Signed-off-by: Marius Tomaschewski <mt@suse.com>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
FRR only needs lua library (package libluaX.Y-dev) to be compiled and
linked, but its `configure` script makes use of lua interpreter to
perform its checks. Therefore, `luaX.Y` package is a requisite
build-dependency for debian packaging.
This commit adds the debian package with the lua interpreter to the
build dependencies.
Signed-off-by: Eugene Crosser <crosser@average.org>
|
| |
|
|
| |
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |
|
|
| |
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |
|
|
| |
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
|
| |
|
|
|
|
|
| |
egrep is deprecated, please see
https://git.savannah.gnu.org/cgit/grep.git/commit/?id=a9515624709865d480e3142fd959bccd1c9372d1
Signed-off-by: Andreas Hasenack <andreas.hasenack@canonical.com>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: Christian Hopps <chopps@labn.net>
|
| |\
| |
| | |
debian, redhat: update changelog for new release
|
| | |
| |
| |
| | |
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |/
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\
| |
| | |
packaging: A couple of fixes for /var/log/frr
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When we do "log file /var/log/frr/something", permissions are set to
0640 (frr:frr), but when the logrotate kicks in, we have 0640 (frr:frrvty).
I believe, we should have a consistent permissions.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
At the moment we set /var/log/frr permissions to 0750 (frr:frr), but the log
file is 0640 (root:adm) (unless logrotated) and that doesn't allow adm group
to even open the directory.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\ \
| | |
| | | |
Speell more
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| | |/
| |
| |
| | |
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |/
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: Ville Skyttä <ville.skytta@upcloud.com>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |
|
|
| |
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |
|
|
|
|
|
| |
Make the script available as a part of the FRR package install for
ease of use.
Signed-off-by: Anuradha Karuppiah <anuradhak@nvidia.com>
|
| |
|
|
| |
Signed-off-by: Quentin Young <qlyoung@nvidia.com>
|
| |\ |
|
