summaryrefslogtreecommitdiffstats
path: root/pbrd (follow)
Commit message (Collapse)AuthorAgeFilesLines
* pbrd: fix map seq installed flag in jsonChirag Shah2023-12-051-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Ticket:#3638598 Testing: Post fix: tor-2# show pbr map json [ { "name":"global-vrf-PBR-map", "valid":true, "policies":[ { "id":1, "sequenceNumber":10, "ruleNumber":309, "vrfUnchanged":false, "installed":true, <<<< now display correct value "installedReason":"Valid", "vrfName":"sym_1", "matchSrc":"10.1.200.0\/24", "matchDst":"10.6.200.0\/24" } ] } Signed-off-by: Chirag Shah <chirag@nvidia.com>
* pbrd: replace `receive_notify` with requestDavid Lamparter2023-11-231-3/+3
| | | | | | | Send `ZEBRA_ROUTE_NOTIFY_REQUEST` rather than relying on the options field in zclient startup. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* Merge pull request #14850 from donaldsharp/IFNAMSIZ_GET_YOUR_SHIT_TOGETHERDonatas Abraitis2023-11-222-2/+2
|\ | | | | *: Let's use the native IFNAMSIZ instead of INTERFACE_NAMSIZ
| * *: Let's use the native IFNAMSIZ instead of INTERFACE_NAMSIZDonald Sharp2023-11-212-2/+2
| | | | | | | | | | | | | | | | INTERFACE_NAMSIZ is just a redefine of IFNAMSIZ and IFNAMSIZ is the standard for interface name length on all platforms that FRR currently compiles on. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* | pbrd: use `zclient->nexthop_update`David Lamparter2023-11-201-19/+11
|/ | | | | | Have the library decode the nexthop. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* pbrd: Cleanup zclient on shutdownDonald Sharp2023-11-133-0/+13
| | | | | | | For some reason pbrd had no shutdown code for zclient. Now it does. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* lib: convert if_zapi_callbacks into actual hooksDavid Lamparter2023-11-031-2/+4
| | | | | | | | | ...so that multiple functions can be subscribed. The create/destroy hooks are renamed to real/unreal because that's what they *actually* signal. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* pbrd: fix show pbr map detail jsonSindhu Parvathi Gopinathan2023-10-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'detail' and 'josn' keyword is given as an optional parameter for cli arguments. Hence 'detail' keyword was consider as a pbr 'name' for "show pbr map detail json" command. Before Fix: ``` cumulus# cumulus# show pbr map detail json [ ] cumulus# ``` After Fix: ``` cumulus# show pbr map detail json [ { "name":"MAP1", "valid":false, "policies":[ { "id":1, "sequenceNumber":10, "ruleNumber":309, "vrfUnchanged":false, "installed":false, "installedReason":"Invalid Src or Dst", "vrfName":"default" } ] } ] cumulus# ``` Ticket:#3638600 Issue:3638600 Testing: UT done Signed-off-by: Sindhu Parvathi Gopinathan's <sgopinathan@nvidia.com>
* build: add -Wimplicit-fallthroughIgor Ryzhov2023-10-121-1/+2
| | | | | | | | | | Also: - replace all /* fallthrough */ comments with portable fallthrough; pseudo keyword to accomodate both gcc and clang - add missing break; statements as required by older versions of gcc - cleanup some code to remove unnecessary fallthrough Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
* Revert "lib: register bgp link-state afi/safi"Donald Sharp2023-10-101-10/+0
| | | | This reverts commit 1642a68d60cfade4b2fce72aaef58dea700c65c3.
* *: remove ZEBRA_INTERFACE_VRF_UPDATEanlan_cs2023-10-071-24/+0
| | | | | | | | | | | | | | | | | | | | | | | | Currently when one interface changes its VRF, zebra will send these messages to all daemons in *order*: 1) `ZEBRA_INTERFACE_DELETE` ( notify them delete from old VRF ) 2) `ZEBRA_INTERFACE_VRF_UPDATE` ( notify them move from old to new VRF ) 3) `ZEBRA_INTERFACE_ADD` ( notify them added into new VRF ) When daemons deal with `VRF_UPDATE`, they use `zebra_interface_vrf_update_read()->if_lookup_by_name()` to check the interface exist or not in old VRF. This check will always return *NULL* because `DELETE` ( deleted from old VRF ) is already done, so can't find this interface in old VRF. Send `VRF_UPDATE` is redundant and unuseful. `DELETE` and `ADD` are enough, they will deal with RB tree, so don't send this `VRF_UPDATE` message when vrf changes. Since all daemons have good mechanism to deal with changing vrf, and don't use this `VRF_UPDATE` mechanism. So, it is safe to completely remove all the code with `VRF_UPDATE`. Signed-off-by: anlan_cs <anlan_cs@tom.com>
* lib: register bgp link-state afi/safiLouis Scalbert2023-09-181-0/+10
| | | | | | | Register BGP Link-State AFI/SAFI values from RFC7752. Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com> Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
* pbrd: Free Memory in pbr_map_deleteKeelan102023-09-051-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit frees dynamically allocated memory associated with `pbrms->nhgrp_name` and `pbrms->dst` which were causing memory leaks. The ASan leak log for reference: ``` ================================================================= ==107458==ERROR: LeakSanitizer: detected memory leaks Direct leak of 56 byte(s) in 1 object(s) allocated from: #0 0x7f87d644ca37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154 #1 0x7f87d5feaa37 in qcalloc ../lib/memory.c:105 #2 0x7f87d6054ffd in prefix_new ../lib/prefix.c:1180 #3 0x55722f3c2885 in pbr_map_match_dst_magic ../pbrd/pbr_vty.c:302 #4 0x55722f3b5c24 in pbr_map_match_dst pbrd/pbr_vty_clippy.c:228 #5 0x7f87d5f32d61 in cmd_execute_command_real ../lib/command.c:993 #6 0x7f87d5f330ee in cmd_execute_command ../lib/command.c:1052 #7 0x7f87d5f33dc0 in cmd_execute ../lib/command.c:1218 #8 0x7f87d60e4177 in vty_command ../lib/vty.c:591 #9 0x7f87d60e905c in vty_execute ../lib/vty.c:1354 #10 0x7f87d60ef45a in vtysh_read ../lib/vty.c:2362 #11 0x7f87d60d42d4 in event_call ../lib/event.c:1979 #12 0x7f87d5fbe828 in frr_run ../lib/libfrr.c:1213 #13 0x55722f3ac795 in main ../pbrd/pbr_main.c:168 #14 0x7f87d5b82d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 Direct leak of 2 byte(s) in 1 object(s) allocated from: #0 0x7f87d63f39a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454 #1 0x7f87d5feaafc in qstrdup ../lib/memory.c:117 #2 0x55722f3da139 in pbr_nht_set_seq_nhg ../pbrd/pbr_nht.c:551 #3 0x55722f3c693f in pbr_map_nexthop_group_magic ../pbrd/pbr_vty.c:1140 #4 0x55722f3bdaae in pbr_map_nexthop_group pbrd/pbr_vty_clippy.c:1284 #5 0x7f87d5f32d61 in cmd_execute_command_real ../lib/command.c:993 #6 0x7f87d5f330ee in cmd_execute_command ../lib/command.c:1052 #7 0x7f87d5f33dc0 in cmd_execute ../lib/command.c:1218 #8 0x7f87d60e4177 in vty_command ../lib/vty.c:591 #9 0x7f87d60e905c in vty_execute ../lib/vty.c:1354 #10 0x7f87d60ef45a in vtysh_read ../lib/vty.c:2362 #11 0x7f87d60d42d4 in event_call ../lib/event.c:1979 #12 0x7f87d5fbe828 in frr_run ../lib/libfrr.c:1213 #13 0x55722f3ac795 in main ../pbrd/pbr_main.c:168 #14 0x7f87d5b82d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: 58 byte(s) leaked in 2 allocation(s). ``` Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
* Merge pull request #14252 from ↵Russ White2023-08-291-14/+16
|\ | | | | | | | | LabNConsulting/ziemba-pbr-bugfix-match-dscp-numeric pbrd: fix dscp field value computation
| * pbrd: fix dscp field value computationG. Paul Ziemba2023-08-211-14/+16
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | Merge pull request #14217 from LabNConsulting/ziemba-pbr-action-dropRuss White2023-08-221-0/+5
|\ \ | |/ |/| pbrd: add advisory flag PBR_ACTION_DROP
| * pbrd: add advisory flag PBR_ACTION_DROPG. Paul Ziemba2023-08-161-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | PBR configuration may specify "set nexthop blackhole" which, for linux dataplanes, is implemented as a table with a blackhole route. Other dataplanes might implement this action as an explicit packet-filtering "drop" action instead of a route. This new flag PBR_ACTION_DROP is now set when a rule has "set nexthop blackhole" as an aid to other dataplanes. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | Merge pull request #14226 from Keelan10/fix-pbrd-leakDonatas Abraitis2023-08-203-1/+4
|\ \ | | | | | | pbrd: Correct Handling of Sequence Deletion
| * | pbrd: Correct Handling of Sequence DeletionKeelan102023-08-203-1/+4
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit ensures that sequence data and associated structures are correctly deleted to prevent memory leaks The ASan leak log for reference: ``` Direct leak of 432 byte(s) in 1 object(s) allocated from: #0 0x7f911ebaba37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154 #1 0x7f911e749a4e in qcalloc ../lib/memory.c:105 #2 0x564fd444b2d3 in pbrms_get ../pbrd/pbr_map.c:527 #3 0x564fd443a82d in pbr_map ../pbrd/pbr_vty.c:90 #4 0x7f911e691d61 in cmd_execute_command_real ../lib/command.c:993 #5 0x7f911e6920ee in cmd_execute_command ../lib/command.c:1052 #6 0x7f911e692dc0 in cmd_execute ../lib/command.c:1218 #7 0x7f911e843197 in vty_command ../lib/vty.c:591 #8 0x7f911e84807c in vty_execute ../lib/vty.c:1354 #9 0x7f911e84e47a in vtysh_read ../lib/vty.c:2362 #10 0x7f911e8332f4 in event_call ../lib/event.c:1979 #11 0x7f911e71d828 in frr_run ../lib/libfrr.c:1213 #12 0x564fd4425795 in main ../pbrd/pbr_main.c:168 #13 0x7f911e2e1d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 ``` Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
* | pbrd: address 230815 coverity: pbr_vty.c vrf_nameG. Paul Ziemba2023-08-181-0/+1
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: address 230815 coverity: pbr_vty.c pbrmsG. Paul Ziemba2023-08-181-0/+12
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: address 230815 coverity: pbr_vty.c pend/strtoulG. Paul Ziemba2023-08-181-8/+8
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: address 230815 coverity: r.action.flags reorderingG. Paul Ziemba2023-08-181-7/+2
|/ | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add packet mangling actions (src/dst ip-addr/port, dscp, ecn)G. Paul Ziemba2023-08-094-5/+330
| | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: use flags to indicate active fieldsG. Paul Ziemba2023-08-095-343/+602
| | | | | | | | | | | | Before now, PBRD used non-zero values to imply that a rule's match or action field was active. This approach was getting cumbersome for fields where 0 is a valid active value and various field-specific magic values had to be used. This commit changes PBRD to use a flag bit per field to indicate that the field is active. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add explicit 'family' field for rulesG. Paul Ziemba2023-08-081-4/+10
| | | | | | | | | | | | | | | | | | | | | In the netlink-mediated kernel dataplane, each rule is stored in either an IPv4-specific database or an IPv6-specific database. PBRD opportunistically gleans each rule's address family value from its source or destination IP address match value (if either exists), or from its nexthop or nexthop-group (if it exists). The 'family' value is particularly needed for netlink during incremental rule deletion when none of the above fields remain set. Before now, this address family has been encoded by occult means in the (possibly otherwise unset) source/destination IP match fields in ZAPI and zebra. This commit documents the reasons for maintaining the 'family' field in the PBRD rule structure, adds a 'family' field in the common lib/pbr.h rule structure, and carries it explicitly in ZAPI. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: PBR_FILTER_DSFIELD -> {PBR_FILTER_DSCP,PBR_FILTER_ECN}G. Paul Ziemba2023-08-081-0/+4
| | | | | | | DSCP and ECN matching are configured independently. Maintain these values in independent fields in pbrd, zapi, and zebra. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add nexthop drop typeG. Paul Ziemba2023-08-081-22/+35
| | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: pbr_vty.c organize/styleG. Paul Ziemba2023-08-071-193/+276
| | | | | | | No functional changes: just arrange CLI handlers into logical order and standardize DEFPY formatting. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* lib,pbrd: clean up style issuesMark Stapp2023-07-251-4/+4
| | | | | | Fix a couple of style warnings introduced by recent PR 14050. Signed-off-by: Mark Stapp <mjs@labn.net>
* Merge pull request #14050 from LabNConsulting/ziemba-pbr-zapi-commonRuss White2023-07-251-59/+100
|\ | | | | pbrd: 2/3 zapi PBR common encode/decode
| * lib: zapi PBR common encode/decodeG. Paul Ziemba2023-07-201-59/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | bgpd, pbrd: use common pbr encoder zebra: use common pbr decoder tests: pbr_topo1: check more filter fields Purpose: 1. Reduce likelihood of zapi format mismatches when adding PBR fields due to multiple parallel encoder implementations 2. Encourage common PBR structure usage among various daemons 3. Reduce coding errors via explicit per-field enable flags Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: fix coverity issueG. Paul Ziemba2023-07-211-1/+2
|/ | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (zapi)G. Paul Ziemba2023-07-191-6/+22
| | | | | | | | | | | | | | Subset: ZAPI changes to send the new data Also adds filter_bm field; currently for PBR_FILTER_PCP, but in the future to be used for all of the filter fields. Changes by: Josh Werner <joshuawerner@mitre.org> Eli Baum <ebaum@mitre.org> G. Paul Ziemba <paulz@labn.net> Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (pbr feature)G. Paul Ziemba2023-07-193-30/+195
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Subset: feature in PBR New PBR rule fields: match ip-protocol (was only tcp|udp, now any value in /etc/protocols) match pcp (0-7) match vlan (1-4094) match vlan (tagged|untagged|untagged-or-zero) Filter flags Add filter_bm (flags) field internally to indicate which filter fields should be considered active. Bit definitions as in lib/pbr.h. This commit uses only the PBR_FILTER_PCP bit, but other fields will be added in future commits. (Fixes bug related to determining set/not-set state of pcp filter) Shift vlan filter flags to lib/pbr.h Changes by: Josh Werner <joshuawerner@mitre.org> Eli Baum <ebaum@mitre.org> G. Paul Ziemba <paulz@labn.net> Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: fix crash with match commandanlan_cs2023-06-281-0/+5
| | | | | | | | | | | | Crash with empty `ip-protocol`: ``` anlan(config-pbr-map)# match ip-protocol vtysh: error reading from pbrd: Resource temporarily unavailable (11)Warning: closing connection to pbrd because of an I/O error! ``` So, give warning for empty `ip-protocol`. Signed-off-by: anlan_cs <vic.lan@pica8.com>
* pbrd, zebra: fix zapi and netlink rule encodingMark Stapp2023-06-121-6/+15
| | | | | | | | | | In pbrd, don't encode a rule without a table. There are cases where the zapi encoding was incorrect because the 4-octet table id was missing. In zebra, mask off the ECN bits in the TOS byte when encoding an iprule to match netlink's expectation. Signed-off-by: Mark Stapp <mjs@labn.net>
* *: Convert event.h to frrevent.hDonald Sharp2023-03-243-3/+3
| | | | | | | We should probably prevent any type of namespace collision with something else. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Convert `struct event_master` to `struct event_loop`Donald Sharp2023-03-242-2/+2
| | | | | | Let's find a better name for it. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Convert struct thread_master to struct event_master and it's ilkDonald Sharp2023-03-242-2/+2
| | | | | | | Convert the `struct thread_master` to `struct event_master` across the code base. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Rename thread.[ch] to event.[ch]Donald Sharp2023-03-243-3/+3
| | | | | | | | | | | This is a first in a series of commits, whose goal is to rename the thread system in FRR to an event system. There is a continual problem where people are confusing `struct thread` with a true pthread. In reality, our entire thread.c is an event system. In this commit rename the thread.[ch] files to event.[ch]. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* pbrd:fix mismatching in match src-dstChirag Shah2023-03-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | upstream commit 67765a232d has incorect address family check which prevent from deleting src/dst config under pbr rule. Ticket:#3405024 Issue:3405024 Testing Done: Config: pbr-map map6 seq 1 match src-ip 2000::200:100:100:0/96 match dst-ip 2000::100:100:100:0/96 set nexthop-group group3 Before: torc-12(config)# pbr-map map6 seq 1 torc-12(config-pbr-map)# no match src-ip 2000::200:100:100:0/96 Cannot mismatch families within match src/dst After: torc-12(config)# pbr-map map6 seq 1 torc-12(config-pbr-map)# no match src-ip 2000::200:100:100:0/96 torc-12(config-pbr-map)# Signed-off-by: Chirag Shah <chirag@nvidia.com>
* *: auto-convert to SPDX License IDsDavid Lamparter2023-02-0915-210/+15
| | | | | | Done with a combination of regex'ing and banging my head against a wall. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* pbrd: fix large tableids displayed as negativeWesley Coakley2023-02-081-4/+4
| | | | | Ticket: 2699411 Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
* pbrd: Add missing enum's to switch statementDonald Sharp2023-01-311-1/+2
| | | | Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Add ability for daemons to notice resilience changesDonald Sharp2022-11-043-3/+7
| | | | | | | | | This patch just introduces the callback mechanism for the resilient nexthop changes so that upper level daemons can take advantage of the change. This does nothing at this point but just call some code. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* build, vtysh: extract vtysh commands from .xrefDavid Lamparter2022-10-263-8/+0
| | | | | | | | | | | | | | | | | | | Rather than running selected source files through the preprocessor and a bunch of perl regex'ing to get the list of all DEFUNs, use the data collected in frr.xref. This not only eliminates issues we've been having with preprocessor failures due to nonexistent header files, but is also much faster. Where extract.pl would take 5s, this now finishes in 0.2s. And since this is a non-parallelizable build step towards the end of the build (dependent on a lot of other things being done already), the speedup is actually noticeable. Also files containing CLI no longer need to be listed in `vtysh_scan` since the .xref data covers everything. `#ifndef VTYSH_EXTRACT_PL` checks are equally obsolete. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* *: Create and use infrastructure to show debugs in libDonald Sharp2022-10-071-0/+2
| | | | | | | | | There are lib debugs being set but never show up in `show debug` commands because there was no way to show that they were being used. Add a bit of infrastructure to allow this and then use it for `debug route-map` Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* pbrd: VTY_GET_CONTEXT can failDonald Sharp2022-08-151-0/+54
| | | | | | | | Although VTY_GET_CONTEXT can return a failed value, it will never happen in pbrd because of how context work. In any event add some code to make coverity happy Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* zebra: expand pbr rule action for dataplane programmingAnuradha Karuppiah2022-06-271-2/+6
| | | | | | | | PBR rules are installed as match, action rules in most dataplanes. This requires the action to be resolved via a GW. And the GW to be subsequently resolved to {SMAC, DMAC}. Signed-off-by: Anuradha Karuppiah <anuradhak@nvidia.com>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 10:51:10 +0100