frr - frr

	Commit message (Collapse)	Author	Age	Files	Lines
*	pbrd: adjust/remove the rule correctly when dst and/or src removed	Don Slice	2018-04-06	1	-7/+4
\| \| \| \| \| \| \| \| \|	When the last match criteria was removed (dst-ip or src-ip), we were not deleting the rule correctly for ipv6. This fix retains the needed src-ip/dst-ip during the pbr_send_pbr_map process so the appropriate information is available for the rule delete. Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
*	pbrd: Remove pbr_events	Donald Sharp	2018-04-06	1	-56/+12
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The pbr_events.c file was a mistake in that it overly complicated the code and made it hard to think about what was happening. Remove all the events and just do the work where needed. Additionally rethink the sending of the pbr map to zebra and only send one notification at a time instead of having the sending function attempt to figure out what to do. Clean up some of the no form of commands to make them work properly. Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com> Signed-off-by: Don Slice <dslice@cumulusnetworks.com>
*	pbrd: Cleanup CI warnings	Donald Sharp	2018-04-06	1	-8/+3
\| \| \| \| \| \|	There are a bunch of CI warnings that need to be cleaned up. Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
*	pbrd: Add PBR to FRR	Donald Sharp	2018-04-06	1	-0/+579
	This is an implementation of PBR for FRR. This implemenation uses a combination of rules and tables to determine how packets will flow. PBR introduces a new concept of 'nexthop-groups' to specify a group of nexthops that will be used for ecmp. Nexthop-groups are specified on the cli via: nexthop-group DONNA nexthop 192.168.208.1 nexthop 192.168.209.1 nexthop 192.168.210.1 ! PBR sees the nexthop-group and installs these as a default route with these nexthops starting at table 10000 robot# show pbr nexthop-groups Nexthop-Group: DONNA Table: 10001 Valid: 1 Installed: 1 Valid: 1 nexthop 192.168.209.1 Valid: 1 nexthop 192.168.210.1 Valid: 1 nexthop 192.168.208.1 I have also introduced the ability to specify a table in a 'show ip route table XXX' to see the specified tables. robot# show ip route table 10001 Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, P - PIM, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP, F - PBR, > - selected route, * - FIB route F>* 0.0.0.0/0 [0/0] via 192.168.208.1, enp0s8, 00:14:25 * via 192.168.209.1, enp0s9, 00:14:25 * via 192.168.210.1, enp0s10, 00:14:25 PBR tracks PBR-MAPS via the pbr-map command: ! pbr-map EVA seq 10 match src-ip 4.3.4.0/24 set nexthop-group DONNA ! pbr-map EVA seq 20 match dst-ip 4.3.5.0/24 set nexthop-group DONNA ! pbr-maps can have 'match src-ip <prefix>' and 'match dst-ip <prefix>' to affect decisions about incoming packets. Additionally if you only have one nexthop to use for a pbr-map you do not need to setup a nexthop-group and can specify 'set nexthop XXXX'. To apply the pbr-map to an incoming interface you do this: interface enp0s10 pbr-policy EVA ! When a pbr-map is applied to interfaces it can be installed into the kernel as a rule: [sharpd@robot frr1]$ ip rule show 0: from all lookup local 309: from 4.3.4.0/24 iif enp0s10 lookup 10001 319: from all to 4.3.5.0/24 iif enp0s10 lookup 10001 1000: from all lookup [l3mdev-table] 32766: from all lookup main 32767: from all lookup default [sharpd@robot frr1]$ ip route show table 10001 default proto pbr metric 20 nexthop via 192.168.208.1 dev enp0s8 weight 1 nexthop via 192.168.209.1 dev enp0s9 weight 1 nexthop via 192.168.210.1 dev enp0s10 weight 1 The linux kernel now will use the rules and tables to properly apply these policies. Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com> Signed-off-by: Don Slice <dslice@cumulusnetworks.com> Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>