| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
pbrd: implement sparse table lookup for nhg cache
|
| | |
| |
| |
| |
| |
| |
| |
| | |
When handling the addition of a nhg which would saturate the range of
tables PBR is configured to install into, handle this *before* a
possible call to pbr_nhgc_alloc during hash query
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Represent installed ("allocated") NHG tables with a hash keyed by table
ID. Replaces a pre-allocated array of booleans that implemented this
functionality before.
+ PBR table range > 65535 is fixed (was OOB access before :))
+ Pre-compute next available ID to save time when only checking
if all tables are allocated
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| |/
|
|
|
|
|
|
|
| |
CID 1500586
There was an attempt to fix it in 920bb6f7 but the commit didn't
actually fix the warning.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| |
|
|
| |
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
| |
|
|
|
|
|
|
|
|
| |
Most of these are many, many years out of date. All of them vary
randomly in quality. They show up by default in packages where they
aren't really useful now that we use integrated config. Remove them.
The useful ones have been moved to the docs.
Signed-off-by: Quentin Young <qlyoung@nvidia.com>
|
| |
|
|
|
|
| |
... again ...
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
| |
Again, see previous commits.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Back when I put this together in 2015, ISO C11 was still reasonably new
and we couldn't require it just yet. Without ISO C11, there is no
"good" way (only bad hacks) to require a semicolon after a macro that
ends with a function definition. And if you added one anyway, you'd get
"spurious semicolon" warnings on some compilers...
With C11, `_Static_assert()` at the end of a macro will make it so that
the semicolon is properly required, consumed, and not warned about.
Consistently requiring semicolons after "file-level" macros matches
Linux kernel coding style and helps some editors against mis-syntax'ing
these macros.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
|
| |
Neither tabs nor newlines are acceptable in syslog messages. They also
break line-based parsing of file logs.
Signed-off-by: David Lamparter <equinox@diac24.net>
|
| |
|
|
|
|
| |
Remove extraneous break. Not needed after goto.
Signed-off-by: Stephen Worley <sworley@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Only handle an interface update in the nexthop tracking code
if the nexthop in question was set with an interface to point
out of. If the nexthop is GW only, the interface update could
be unrelated but have overlapping address space. Let that be
handled elsewhere.
Ex)
```
5.5.5.0/30 dev dummyDoof proto kernel scope link src 5.5.5.1
5.5.5.0/24 dev goofDummy proto kernel scope link src 5.5.5.1
[root@alfred frr-2]# ip ro show table 10000
default via 5.5.5.2 dev dummyDoof proto pbr metric 20
[root@alfred frr-2]# ip link set goofDummy down
[root@alfred frr-2]# ip ro show table 10000
[root@alfred frr-2]# ip link set goofDummy up
[root@alfred frr-2]# ip ro show table 10000
```
Signed-off-by: Stephen Worley <sworley@nvidia.com>
|
| |
|
|
|
|
|
|
| |
I am not even sure what the goal of this code was in any
way shape fashion or form. But since it's pbr_nht.c
I as the original author should know... But I don't.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |
|
|
|
|
|
|
| |
the pnhi data structure can receive either a interface or a
nhr data structure. Ensure that we don't crash.
CID -> 1500586
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |\
| |
| | |
pbrd: pbr ipv4/ipv6 match fixes
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Disallow mismatching of ipv4/ipv6 matching in src/dst.
Doesn't make a lot of sense to allow this based on how
IP Headers work. The kernel does not allow it at all
obviously.
Signed-off-by: Stephen Worley <sworley@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| | |
PR 7724 triggered a minor style warning (at least in the CI
context). Clean that up.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an interface goes up/down we need to pay attention to this
in PBR. In the past we were relying *only* on the nht events
but this is not sufficient for cases where an interface is flapping
up and down. If this is happening it could be happening fast enough
that zebra is not sending nht events because they are consolidated
into a single event from it's perspective and that is the right thing
to do. This commit will allow us to back out commit:
0aaa722883245c2109d9856ca0656749860fc579
As that commit introduced extra processing in zebra that is actually
causing issues in other places. The problem that commit was trying
to solve should have always been handled in pbrd instead of making
zebra do work that is unnatural to it's actual flow.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |
|
|
|
|
|
|
|
| |
The `enum zclient_send_status` enum needs to be extended
throughout the code base to use the new states and
to fix up places where we tested against the return
value being non zero.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue:
The bgp routes learnt from peers which are not installed in kernel are
advertised to peers. This can cause routers to send traffic to these
destinations only to get dropped. The fix is to provide a configurable
option "bgp suppress-fib-pending". When the option is enabled, bgp will
advertise routes only if it these are successfully installed in kernel.
Fix (Part1) :
* Added message ZEBRA_ROUTE_NOTIFY_REQUEST used by client to request
FIB install status for routes
* Added AFI/SAFI to ZAPI messages
* Modified the functions zapi_route_notify_decode(), zsend_route_notify_owner()
and route_notify_internal() to include AFI, SAFI as parameters
Signed-off-by: kssoman <somanks@gmail.com>
|
| |
|
|
|
|
| |
Fix a memory leak in using some pbr json commands.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |\
| |
| | |
pbrd: Fix memory leak
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
On shutdown pbr was leaking the ifp->info ( struct pbr_interface *)
pointer.
Add some code to notice we are being shutdown and cleanup the memory
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |/
|
|
|
|
| |
Convert over to using %pI4 for the last inet_ntoa
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |
|
|
| |
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
|
| |\
| |
| | |
fix debug commands node inconsistencies
|
| | |
| |
| |
| |
| |
| | |
Use the same node for "show debugging" commands in all daemons.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| | |
| |
| |
| |
| |
| | |
Use the same node for "debug" commands in all daemons.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| |/
|
|
|
|
|
| |
Some daemons were actually missing from the static definitions: nhrpd,
babeld, eigrpd and bfdd.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
| |
|
|
|
|
|
| |
This should never happen; no need to debug guard it and it's not a
warning, if this isn't working then NHT is not working at all.
Signed-off-by: Quentin Young <qlyoung@nvidia.com>
|
| |
|
|
|
|
|
|
| |
Use a bool as the return val for pbr_send_pbr_map() to make
the code a bit more readable. Dont expect there to be need
for values other than true or false anyway.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
| |
Properly cleanup the pbr interface data if nothing actually
gets sent to zebra, since we will never get the callback
notification from zapi to issue final deletion.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
| |
Add a return val so caller can know if something was actually sent to
zebra here. Some things need to be cleanued up by the caller
if we arent getting a callback from zapi.
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
|
| |\
| |
| | |
Pbr flapping
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If we are experiencing an interface that is bouncing
very fast and the last operation that we experienced
was a ifdown we will send rule deletions associated
with that interface. If we have not received notification
that hte rule was removed *but* we immiedately get another
ifup notification when we go to install the rule we
are deciding that it's not ready to send down again,
as that we still think it is installed.
Force the rule installation when we have a interface up
event.
Ticket: CM-31042
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When installing rules pass by the interface name across
zapi.
This is being changed because we have a situation where
if you quickly create/destroy ephermeal interfaces under
linux the upper level protocol may be trying to add
a rule for a interface that does not quite exist
at the moment. Since ip rules actually want the
interface name ( to handle just this sort of situation )
convert over to passing the interface name and storing
it and using it in zebra.
Ticket: CM-31042
Signed-off-by: Stephen Worley <sworley@nvidia.com>
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Whenever libyang loads a module that contains a leafref, it will
also implicitly load the module of the referring node if it's
not loaded already. That makes sense as otherwise it wouldn't be
possible to validate the leafref value correctly.
The problem is that loading a module implicitly violates the
assumption of the northbound layer that all loaded modules
are implemented (i.e. they have a northbound node associated
to each schema node). This means that loading a module that
isn't implemented can lead to crashes as the "priv" pointer
of schema nodes is no longer guaranteed to be valid. To fix this
problem, add a few null checks to ignore data nodes associated
to non-implemented modules.
The side effect of this change is harmless. If a daemon receives
configuration it doesn't support (e.g. BFD peers on staticd),
that configuration will be stored but otherwise ignored. This can
only happen when using a northbound client like gRPC, as the CLI
will never send to a daemon a command it doesn't support. This
minor problem should go away in the long run as FRR migrates to
a centralized management model, at which point the YANG-modeled
configuration of all daemons will be maintained in a single place.
Finally, update some daemons to stop implementing YANG modules
they don't need to (i.e. revert 1b741a01c and a74b47f5).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
PR #6376 introduced a VRF leafref in the frr-interface YANG module.
That change exposed a bug in the northbound layer that is causing
pbrd to crash under certain circumstances. Even though pbrd wasn't
converted to the new northbound model yet, make it implement the
frr-vrf module in order to work around this problem. This is a
temporary fix until a better solution is available.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
| |\
| |
| | |
pbrd: fix SA warnings in nhg map
|
| | |
| |
| |
| |
| |
| | |
Fix SA warnings in nhg map functions.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
|
| | |
| |
| |
| | |
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| |/
|
|
|
|
|
| |
Given a received nexthop update, only send down an update to the
relevant nexthop group. Avoid sending down superfluous updates
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The pnhc->nexthop was a pointer copy. Causing issues
with the ability to move pointers around for the
different pnhc since the pnhc mirrored the nexthop
caches. When we received a vrf change if we shared
pointers it was impossible to know if we had
already updated the code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
| |
We had multiple pnhc cache entries with the same nexthop
pointer. This causes some large amount of confusion.
Fixup the code to handle this situation better.
Ticket: CM-31044
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
| |
PBR needs the ability to allow ephermeal interfaces( bonds,
vrfs, dummy, bridges, etc ) to be destroyed and then
recreated and at the same time keep track of them and
rebuild state as appropriate when we get a change.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The nexthop_group_write_nexthop_simple function outputs the
interface name, because we've stored the ifindex. The problem
is that there are ephermeal interfaces in linux that can be
destroyed/recreated. Allow us to keep that data and do something
a bit smarter to allow show run's and other show commands to continue
to work when the interface is deleted.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently when a vrf is deleted than added back in PBR was
not going through and touching up all the data structures
that needed to be massaged to allow it to start working again.
This includes:
a) Search through the nexthop groups to find any nexthop
that references the old nexthop id and set it right again.
b) Search through the nexthop cache for nht and reset
those nexthops to the right vrf as well as re-register
Signed-off-by: Stephen Worley <sworley@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
| |\
| |
| | |
DSCP / ECN-based PBR Matching
|
| | |
| |
| |
| | |
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Matching by dscp may now also be specified by its standard codepoint
(provided it has one), such as `cf0` or `af11`.
Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
|
