| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Currently the prefix length M must be less than Y.
Relax this restriction to allow M to be less than or equal
to Y.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
When zebra is running with debugs turned on there
is a use after free reported by the address sanitizer:
2020/10/16 12:58:02 ZEBRA: rib_delnode: (0:254):4.5.6.16/32: rn 0x60b000026f20, re 0x6080000131a0, removing
2020/10/16 12:58:02 ZEBRA: rib_meta_queue_add: (0:254):4.5.6.16/32: queued rn 0x60b000026f20 into sub-queue 3
=================================================================
==3101430==ERROR: AddressSanitizer: heap-use-after-free on address 0x608000011d28 at pc 0x555555705ab6 bp 0x7fffffffdab0 sp 0x7fffffffdaa8
READ of size 8 at 0x608000011d28 thread T0
#0 0x555555705ab5 in re_list_const_first zebra/rib.h:222
#1 0x555555705b54 in re_list_first zebra/rib.h:222
#2 0x555555711a4f in process_subq_route zebra/zebra_rib.c:2248
#3 0x555555711d2e in process_subq zebra/zebra_rib.c:2286
#4 0x555555711ec7 in meta_queue_process zebra/zebra_rib.c:2320
#5 0x7ffff74701f7 in work_queue_run lib/workqueue.c:291
#6 0x7ffff7450e9c in thread_call lib/thread.c:1581
#7 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
#8 0x55555561a578 in main zebra/main.c:455
#9 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
#10 0x5555555e3429 in _start (/usr/lib/frr/zebra+0x8f429)
0x608000011d28 is located 8 bytes inside of 88-byte region [0x608000011d20,0x608000011d78)
freed by thread T0 here:
#0 0x7ffff768bb6f in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.6+0xa9b6f)
#1 0x7ffff739ccad in qfree lib/memory.c:129
#2 0x555555709ee4 in rib_gc_dest zebra/zebra_rib.c:746
#3 0x55555570ca76 in rib_process zebra/zebra_rib.c:1240
#4 0x555555711a05 in process_subq_route zebra/zebra_rib.c:2245
#5 0x555555711d2e in process_subq zebra/zebra_rib.c:2286
#6 0x555555711ec7 in meta_queue_process zebra/zebra_rib.c:2320
#7 0x7ffff74701f7 in work_queue_run lib/workqueue.c:291
#8 0x7ffff7450e9c in thread_call lib/thread.c:1581
#9 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
#10 0x55555561a578 in main zebra/main.c:455
#11 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
previously allocated by thread T0 here:
#0 0x7ffff768c037 in calloc (/lib/x86_64-linux-gnu/libasan.so.6+0xaa037)
#1 0x7ffff739cb98 in qcalloc lib/memory.c:110
#2 0x555555712ace in zebra_rib_create_dest zebra/zebra_rib.c:2515
#3 0x555555712c6c in rib_link zebra/zebra_rib.c:2576
#4 0x555555712faa in rib_addnode zebra/zebra_rib.c:2607
#5 0x555555715bf0 in rib_add_multipath_nhe zebra/zebra_rib.c:3012
#6 0x555555715f56 in rib_add_multipath zebra/zebra_rib.c:3049
#7 0x55555571788b in rib_add zebra/zebra_rib.c:3327
#8 0x5555555e584a in connected_up zebra/connected.c:254
#9 0x5555555e42ff in connected_announce zebra/connected.c:94
#10 0x5555555e4fd3 in connected_update zebra/connected.c:195
#11 0x5555555e61ad in connected_add_ipv4 zebra/connected.c:340
#12 0x5555555f26f5 in netlink_interface_addr zebra/if_netlink.c:1213
#13 0x55555560f756 in netlink_information_fetch zebra/kernel_netlink.c:350
#14 0x555555612e49 in netlink_parse_info zebra/kernel_netlink.c:941
#15 0x55555560f9f1 in kernel_read zebra/kernel_netlink.c:402
#16 0x7ffff7450e9c in thread_call lib/thread.c:1581
#17 0x7ffff738eaf7 in frr_run lib/libfrr.c:1099
#18 0x55555561a578 in main zebra/main.c:455
#19 0x7ffff7079cc9 in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: heap-use-after-free zebra/rib.h:222 in re_list_const_first
This is happening because we are using the dest pointer after a call into
rib_gc_dest. In process_subq_route, we call rib_process() and if the
dest is deleted dest pointer is now garbage. We must reload the
dest pointer in this case.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Use the appropriate bgp_dest_get_prefix accessor function
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Some more of the bgp_node usage snuck in from big commits in
the past month or so from feature work. Do some work
to put it back to bgp_dest for incoming future work.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Search and destroy places where we used prefix2str
that could be replaced with %pFX or %pBD in bgpd.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
`%pRN` is not appropriate anymore.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
|
|
If you have two nexthop groups named
one
oneone
then the sharp daemon will treat them as the same nexthop
group. This is because we are doign this:
static int sharp_nhg_compare_func(const struct sharp_nhg *a,
const struct sharp_nhg *b)
{
return strncmp(a->name, b->name, strlen(a->name));
}
The strlen should be the size of the array of name.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Skip comparing neighbor-extended-circuit-id in yang output. They
are not consistent.
This is similar to commit ecc11c93b7eace which fixed the same
problem in the IS-IS SR topotest.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
We support configuration of multiple addresses in the same
subnet on a single interface: make sure that zebra supports
multiple instances of the corresponding connected route.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
|
|
Remove bgp_evpn_route2str and replace calls with prefix2str
Signed-off-by: Pat Ruddy <pat@voltanet.io>
|
|
Signed-off-by: Pat Ruddy <pat@voltanet.io>
|
|
We have 2 different routines to turn an evpn route into a string.
This commit aligns the two to the latest maintained version as a
first step in removing one of them.
Signed-off-by: Pat Ruddy <pat@voltanet.io>
|
|
ospfNbrStateChange is generated when the state of neighbor regresses or
it progresses to a terminal state. When transitioning to or from Full
state on non-broadcast multi-access and broadcast networks the trap
should be sent by the designated router. This last condition was not
taken into account when checking for the conditions of generating the
trap.
Fixes volta/volta-stack#1811
Signed-off-by: Babis Chalios <mail@bchalios.io>
|
|
Interface area-tag is not supposed to be modified once defined, but the
necessary check is currently broken, because the circuit is never in
init_circ_list if the area-tag is already configured for the interface.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
|
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
|
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
TI-LFA is a modern fast-reroute (FRR) solution that leverages Segment
Routing to pre-compute backup nexthops for all destinations in the
network, helping to reduce traffic restoration times whenever a
failure occurs. The backup nexthops are expected to be installed
in the FIB so that they can be activated as soon as a failure
is detected, making sub-50ms recovery possible (assuming an
hierarchical FIB).
TI-LFA is a huge step forward compared to prior IP-FRR solutions,
like classic LFA and Remote LFA, as it guarantees 100% coverage
for all destinations. This is possible thanks to the source routing
capabilities of SR, which allows the backup nexthops to steer traffic
around the failures (using as many SIDs as necessary). In addition
to that, the repair paths always follow the post-convergence SPF
tree, which prevents transient congestions and suboptimal routing
from happening.
Deploying TI-LFA is very simple as it only requires a single
configuration command for each interface that needs to be protected
(both link protection and node protection are available). In addition
to IPv4 and IPv6 routes, SR Prefix-SIDs and Adj-SIDs are also
protected by the backup nexthops computed by the TI-LFA algorithms.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
Add CLI wrapper commands as well...
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
|
|
Fix some SA warnings in ospf GR and ospfclient code.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
|
|
Use to-string functions for GR message codes instead of raw
string array indexing; the values used can come in packets
and are not validated.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
|
|
For TI-LFA, it is necessay to known the Adjacency SID advetise by the nieghbor
routers. However, the current Segment Routing code skip neighbor Adjacency SID
and thus, don't store them into the Segment Routing database.
This PR takes care of neighbor Adjacency SID by allowing to store them in the
Segment Routing database. Corresponding MPLS table entry is only configured if
the advertised Adjacency SID is global i.e. with L-Flag unset.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
|
|
The file .git-blame-ignore-revs was put first into
the system and is what was advertised in multiple
places. Since .ignore-revs was just created and
no announcement was made about the creation, let's
consolidate onto the first one created.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Isolate the mlag_rd_buf_offset variable to the actual used function,
instead of having it a global.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
This reverts commit 00e0d113e5ffcb69304b8d5d83f0357ec416c6c4.
|
|
Put most of the debugs about opaque ZAPI messages under 'detail'
to reduce the noise.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
|
|
1. Suite: evpn_type5_test_topo1 was added to pytest.ini during triaging phase as
there was bug: https://github.com/FRRouting/frr/issues/6867, which is fixed. Enabling
suite to be run in CI.
Signed-off-by: Kuldeep Kashyap <kashyapk@vmware.com>
|
|
If we enter:
int eth0
ip ospf area 0
ip ospf 10 area 0
!
This will crash ospf. Prevent this from happening.
OSPF instances:
a) Cannot be mixed with non-instance
b) Are their own process.
Since in multi-instance world ospf instances are their own process,
when an ospf processes receives an instance command we must remove
our config( if present ) and allow the new config to be active
in the new process. The problem here is that if you have not
done a `router ospf` above the lookup of the ospf pointer will
fail and we will just crash. Put some code in to prevent a crash
in this case.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
This commit fixes the following behavior:
```
nfware(config)# interface enp2s0
nfware(config-if)# ip ospf area 0
nfware(config-if)# no ip ospf area 0
% [ospfd]: command ignored as it targets an instance that is not running
```
We should be able to use the command without configuring the instance.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
|
|
remove all remaining parts related to keep_kernel option
Signed-off-by: Emanuele Bovisio <emanuele.bovisio@eolo.it>
|
|
SIOCGIFMEDIA returns the media state.
SIOCGIFDATA returns interface data which includes the link state.
While the status of the former is usually indicitive of the latter,
this is not always the case.
Ifact some recent net80211 changes in at least NetBSD and OpenBSD
have MONITOR media set to active but the link status set to DOWN.
All interfaces will return link state with SIOCGIFDATA, unlike
SIOCGIFMEDIA. However not all BSD's support SIOCGIFDATA - it has
recently been accepted into FreeBSD-13.
However, all BSD's do report the same structure in ifa_data for
AF_LINK addresses from getifaddrs(3) so the information has always
been available.
Signed-off-by: Roy Marples <roy@marples.name>
|
|
chownfrr applies correct owner and group
Signed-off-by: Emanuele Bovisio <emanuele.bovisio@eolo.it>
|
|
1. Adding test to verify well known communities: no-export, local-AS, internet
2. Exection time is 90 sec
Signed-off-by: Kuldeep Kashyap <kashyapk@vmware.com>
|
|
Use consolidate api in bgp_get and bgp northbound
create callback.
Signed-off-by: Chirag Shah <chirag@nvidia.com>
|
|
In bgp global commands northbound local-as modify callback
check for backend db for checking existing bgp instance.
In an instance where no router bgp with old ASN cleaned up
followed by new bgp instance with new AS is created,
the nb_running_get_entry in validation phase returns stale
bgp reference, which leads to rejection of the router bgp command.
Uncovered via:
toptotest evpn_type5_test_topo1/test_evpn_type5_topo1.py
test_bgp_attributes_for_evpn_address_family_p1
Signed-off-by: Chirag Shah <chirag@nvidia.com>
|
|
Avoid similar name function as bgp_crate()
Signed-off-by: Chirag Shah <chirag@nvidia.com>
|
|
bgp_show_neighbor_route() was rewriting safi from LU to uni
before checking if the peer was enabled for LU. This resulted
in the peer's address-family check looking for unicast, which
would always fail for LU peers since unicast + LU are
mutually-exclusive AFIs.
This moves this safi reassignment after the peer AFI check,
ensuring that the peer's address-family check looks for LU
while the call to bgp_show() still uses uni.
-- highlights from manual testing
config:
router bgp 2
neighbor 1.1.1.1 remote-as external
neighbor 1.1.1.1 disable-connected-check
neighbor 1.1.1.1 update-source 2.2.2.2
!
address-family ipv4 unicast
no neighbor 1.1.1.1 activate
exit-address-family
!
address-family ipv4 labeled-unicast
neighbor 1.1.1.1 activate
exit-address-family
before:
spine01# show bgp ipv4 unicast neighbors 1.1.1.1 routes
% No such neighbor or address family
spine01# show bgp ipv4 labeled-unicast neighbors 1.1.1.1 routes
% No such neighbor or address family
after:
spine01# show bgp ipv4 unicast neighbors 1.1.1.1 routes
% No such neighbor or address family
spine01# show bgp ipv4 label neighbors 1.1.1.1 routes
BGP table version is 1, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 11.11.11.11/32 1.1.1.1 0 0 1 i
Displayed 1 routes and 1 total paths
Signed-off-by: Trey Aspelund <taspelund@cumulusnetworks.com>
|
|
nhrp: Configure vici socket path using
configure --with-vici-socket=/var/run/charon.vici
If not specified default to /var/run/charon.vici
Signed-off-by: Zoran Peričić <zpericic@netst.org>
|
|
if (pcout > (pcount * peer->max_threshold[afi][safi] / 100 ))
is always true. So the very first route received will always
trigger the warning. We actually want the warning to happen
when we hit the threshold.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
We have this pattern in the code base:
if (thread)
THREAD_OFF(thread);
If we look at THREAD_OFF we check to see if thread
is non-null too. So we have a double check.
This is unnecessary. Convert to just using THREAD_OFF
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
Instead of closing the socket, just note the failure and
continue on. If we actually failed here so many other
things would not be working at all, that actually
closing the fd won't matter.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
We are calling str2prefix_ipv6 for a default route. Since
we know this will always succeed we can safely tell the compiler
that we are ok ignoring the return code.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
The code pattern:
for (ALL_LSDB(lsdb, lsa)) {
remove_lsa(lsa)
}
has a use after free in ALL_LSDB, since we ask for the next pointer,
after it has been freed.
Modify the code such that we grab the next pointer before we can
possibly free it.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
|
The normal ospf6_lsa_lock call should return the pointer
to the lock data structure we are holding. This is the
normal pattern for locking a data structure in FRR.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
|
In zebra_evpn_es_evi_show_vni the zevpn pointer if passed into
zebra_evpn_es_evi_show_one_evi will crash if it is null and
we have code that checks that it is non null and then immediately
calls the function. Add a return to prevent a crash.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
|
No need to check for n->mac existence as that all paths
leading to this code have n->mac already derefed.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
|
