| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Disallow mismatching of ipv4/ipv6 matching in src/dst.
Doesn't make a lot of sense to allow this based on how
IP Headers work. The kernel does not allow it at all
obviously.
Signed-off-by: Stephen Worley <sworley@nvidia.com>
|
| |
|
|
|
|
| |
Fix a memory leak in using some pbr json commands.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |
|
|
|
|
| |
Use the same node for "show debugging" commands in all daemons.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| |
|
|
|
|
| |
Use the same node for "debug" commands in all daemons.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The pnhc->nexthop was a pointer copy. Causing issues
with the ability to move pointers around for the
different pnhc since the pnhc mirrored the nexthop
caches. When we received a vrf change if we shared
pointers it was impossible to know if we had
already updated the code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
| |
PBR needs the ability to allow ephermeal interfaces( bonds,
vrfs, dummy, bridges, etc ) to be destroyed and then
recreated and at the same time keep track of them and
rebuild state as appropriate when we get a change.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The nexthop_group_write_nexthop_simple function outputs the
interface name, because we've stored the ifindex. The problem
is that there are ephermeal interfaces in linux that can be
destroyed/recreated. Allow us to keep that data and do something
a bit smarter to allow show run's and other show commands to continue
to work when the interface is deleted.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when a vrf is deleted than added back in PBR was
not going through and touching up all the data structures
that needed to be massaged to allow it to start working again.
This includes:
a) Search through the nexthop groups to find any nexthop
that references the old nexthop id and set it right again.
b) Search through the nexthop cache for nht and reset
those nexthops to the right vrf as well as re-register
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
| |
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| |
|
|
|
|
|
| |
Matching by dscp may now also be specified by its standard codepoint
(provided it has one), such as `cf0` or `af11`.
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Extend PBR maps to discriminate by Differentiated Services Code Point and / or
Explicit Congestion Notification fields. These fields are used in the IP header
for classifying network traffic.
0 1 2 3 4 5 6 7
+-----+-----+-----+-----+-----+-----+-----+-----+
| DS FIELD, DSCP | ECN FIELD |
+-----+-----+-----+-----+-----+-----+-----+-----+
DSCP: differentiated services codepoint
ECN: Explicit Congestion Notification
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
Signed-off-by: Saurav Kumar Paul <saurav@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When specifying an interface in a pbr-map `set nexthop ..` command
be a bit more lenient about the interface.
a) If the interface does not exist bail on the command
(this is the same)
b) If the interface exists but is in a different vrf
than specified use the vrf it is actually in.
(this is new behavior)
Ticket: CM-30187
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Revise new `show pbr` keys to be consistent with existing
json in other daemons
target->nexthop
id->tableId (where relevant)
isValid->valid
isInstalled->installed
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
|
|
| |
Semantics
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
The new json output for the `show pbr` directives return arrays instead
of associative arrays, which are more meaningful in this context
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
Increased the verbosity of the json keys and flattened the returned
structure by removing superfluous keys.
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
| |
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
| |
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
| |
Signed-off-by: Wesley Coakley <wcoakley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
And again for the name. Why on earth would we centralize this, just so
people can forget to update it?
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
|
| |
Same as before, instead of shoving this into a big central list we can
just put the parent node in cmd_node.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
|
|
|
|
| |
There is really no reason to not put this in the cmd_node.
And while we're add it, rename from pointless ".func" to ".config_write".
[v2: fix forgotten ldpd config_write]
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
|
| |
The only nodes that have this as 0 don't have a "->func" anyway, so the
entire thing is really just pointless.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
| |
... and use named assignments everywhere (so I can change the struct.)
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Separate out the `set *` and `no set *` commands into
different DEFPYs to make the logic of the code easier to
read.
Further, allow non-exlpicit no commands.
So `no set nexthop`, `no set nexthop-group`, and
`no set vrf` will now work without having to specify
anymore data. Before you had to match what was already
there explicitly.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Implement the ability to replace any existing `set *` or
`match` with another one or adding more config without having
to first delete the original config already there.
Before, we needed to constantly execute a `no` command for everything
to remove the rule before making changes to it. With this
patch, you can replace configs on individual sequences much
easier.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
We were doing a bunch of gotos in the set vrf configcode.
The code got complex enough that just returning is easier to read.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Properly handle the case where we are sent the same `set vrf`
configs for a pbr map repeatedly. If we are sent the same
config, we return successfully without doing anyting.
If the config is different and its not a [no], then return failure
as we did before since we don't support atomic replace yet.
Before, we would fail anytime even if the config sent was the same
as is already there. This would cause frr-reload to mark as a
failure when it tried to re-apply the same config.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
| |
Implement the [no] version of `pbr table range`. We had the command
but were doing nothing with it.
This just calls the set_table_range API again using the defaults.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
| |
Change the pbr map validity state to indicate yes/no
rather than 1/0 in the `show pbr map` command.
Humans aren't robots, so don't use binary.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
| |
We were using a mix of spaces and tabsin show pbr map vty output.
Tabs can be inconsistent depending on the system settings.
Using spaces is a safer option for more consistent output.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vty output for pbr maps with a nexthop-group was not
consistent with those configured with an individual nexthop.
Fix that so its easier for users to read.
alfred# show pbr map
pbr-map TEST1 valid: 1
Seq: 222 rule: 521
Installed: yes Reason: Valid
SRC Match: 2.2.2.2/32
Nexthop-Group: blue
Installed: yes Tableid: 10000
Seq: 333 rule: 632
Installed: yes Reason: Valid
SRC Match: 3.3.3.3/32
Nexthop-Group: blue
Installed: yes Tableid: 10000
Seq: 444 rule: 743
Installed: yes Reason: Valid
SRC Match: 4.4.4.4/32
Nexthop-Group: blue
Installed: yes Tableid: 10000
Seq: 555 rule: 854
Installed: yes Reason: Valid
SRC Match: 5.5.5.5/32
Nexthop-Group: red
Installed: yes Tableid: 10001
Seq: 666 rule: 965
Installed: yes Reason: Valid
SRC Match: 6.6.6.6/32
nexthop 1.1.1.1
Installed: yes Tableid: 10002
alfred#
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `detail` keyword was doing literally nothing. Changed the
default show to be a bit more user friendly and detail
to give the information you might would need for
debugging.
alfred# show pbr map
pbr-map TEST1 valid: 1
Seq: 222 rule: 521
Installed: yes Reason: Valid
SRC Match: 2.2.2.2/32
Nexthop-Group: blue(10000) Installed: yes
Seq: 333 rule: 632
Installed: yes Reason: Valid
SRC Match: 3.3.3.3/32
Nexthop-Group: blue(10000) Installed: yes
Seq: 444 rule: 743
Installed: yes Reason: Valid
SRC Match: 4.4.4.4/32
Nexthop-Group: blue(10000) Installed: yes
Seq: 555 rule: 854
Installed: yes Reason: Valid
SRC Match: 5.5.5.5/32
Nexthop-Group: red(10001) Installed: yes
Seq: 666 rule: 965
Installed: yes Reason: Valid
SRC Match: 6.6.6.6/32
nexthop 1.1.1.1
Installed: yes Tableid: 10002
alfred# show pbr map detail
pbr-map TEST1 valid: 1
Seq: 222 rule: 521
Installed: 1(1) Reason: Valid
SRC Match: 2.2.2.2/32
Nexthop-Group: blue(10000) Installed: 1(1)
Seq: 333 rule: 632
Installed: 1(2) Reason: Valid
SRC Match: 3.3.3.3/32
Nexthop-Group: blue(10000) Installed: 1(1)
Seq: 444 rule: 743
Installed: 1(3) Reason: Valid
SRC Match: 4.4.4.4/32
Nexthop-Group: blue(10000) Installed: 1(1)
Seq: 555 rule: 854
Installed: 1(4) Reason: Valid
SRC Match: 5.5.5.5/32
Nexthop-Group: red(10001) Installed: 1(1)
Seq: 666 rule: 965
Installed: 1(5) Reason: Valid
SRC Match: 6.6.6.6/32
nexthop 1.1.1.1
Installed: 1(1) Tableid: 10002
alfred#
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
Refactor the pbr_map and pbr_map_sequence vty output
into some functions to make the code a bit easier to read.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
Make the vty match src|dst|mark code a bit more readable
in its conditonal logic.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
We were missing some newlines in handling vty outputs
for the `set nexthop*` commands. Add them in there.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
| |
The vty description for the `set match dst-ip` command was
using "src ip" in its description. Change it to use "dst ip".
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Also don't silently fail when we attempt to atomically change
a match MARK to a new one.
We would overwrite the frist one but never actually install it.
Change it to explicitly fail if a config is already present for
now.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently pbrd does not support the abilitity to make atomic
changes to a config.
ex)
`match src-ip 1.1.1.1/32`
`match src-ip 1.1.1.0/24`
We would overwrite the first one but never actually install it.
In the `set nexthop commands` we explicitly fail if there is
already a `set nexthop` config present. This patch extends the
match src/dest-ip configs to do the same.
In the future we should make all these commands atomic but for
now its better to not fail silently at the very least.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`set vrf NAME` allows the pbr map to point to an arbitrary vrf table.
`set vrf unchanged` will use the interface's vrf for table lookup.
Further, add functionality for pbr to respond to interface events
such as interface vrf changes & interface creation/deletion.
Ex)
ubuntu_nh# show pbr map
pbr-map TEST valid: 1
Seq: 1 rule: 300 Installed: 3(1) Reason: Valid
SRC Match: 3.3.3.3/32
VRF Unchanged (use interface vrf)
pbr-map TEST2 valid: 1
Seq: 2 rule: 301 Installed: 3(2) Reason: Valid
SRC Match: 4.4.4.4/32
VRF Lookup: vrf-red
root@ubuntu_nh:/home# ip rule show
0: from all lookup local
300: from 3.3.3.3 iif dummy2 lookup main
300: from 3.3.3.3 iif dummyVRF lookup 1111
301: from 4.4.4.4 iif dummy1 lookup 1111
301: from 4.4.4.4 iif dummy3 lookup 1111
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com-
|
| |
|
|
|
|
| |
Have the prefix_free code take a double pointer to free the data.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Don't bother tracking ipv6 link locals to determine if a map
should be installed. Every interface has a route of `fe80::/64`
so its just going to return the arbitrarily first one it finds
when it resolves it and hands it back to us.
Instead, just track the interface we specify along with it.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Current autocompletion works only for simple "vrf NAME" case.
This commit expands it also for the following cases:
- "nexthop-vrf NAME" in staticd
- usage of $varname in many daemons
All daemons are updated to use single varname "$vrf_name".
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Adds support to specify marks in pbr-map match clause.
Marks should be provided as decimal (unsigned int).
Currently supported on Linux only. Attempting to configure
marks on other platform will result in:
"pbr marks are not supported on this platform"
Signed-off-by: Marcin Matlag <marcin.matlag@gmail.com>
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Add a file that exposes functions which modify nexthop groups.
Nexthop groups are techincally immutable but there are a
few special cases where we need direct access to add/remove
nexthops after the group has been made. This file provides a
way to expose those functions in a way that makes it clear
this is a private/hidden api.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
| |
Allow the end user to auto-complete the pbr-map name.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
| |
Add some auto-completion for the nexthop-group command
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |\
| |
| | |
pbrd: add support for interface nexthops
|
| | |
| |
| |
| |
| |
| |
| | |
When displaying the running configuration, we should use a single
space to indent commands when necessary (and not two spaces).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
