commit 258f3dad6471a680c2c583a300cfd396efe9a037 Author: Paul Jakma Date: Tue Oct 18 14:03:52 2016 +0100 release: Bump version to 1.1.0 commit de58bdb9cdbd88baae7123856462380df365b7ff Author: Paul Jakma Date: Tue Oct 18 14:03:37 2016 +0100 build: remove werror from buildtest.sh for now commit cfb1fae25f8c092e0d17073eaf7bd428ce1cd546 Author: David Lamparter Date: Wed Aug 31 13:31:16 2016 +0200 zebra: stack overrun in IPv6 RA receive code (CVE-2016-1245) The IPv6 RA code also receives ICMPv6 RS and RA messages. Unfortunately, by bad coding practice, the buffer size specified on receiving such messages mixed up 2 constants that in fact have different values. The code itself has: #define RTADV_MSG_SIZE 4096 While BUFSIZ is system-dependent, in my case (x86_64 glibc): /usr/include/_G_config.h:#define _G_BUFSIZ 8192 /usr/include/libio.h:#define _IO_BUFSIZ _G_BUFSIZ /usr/include/stdio.h:# define BUFSIZ _IO_BUFSIZ FreeBSD, OpenBSD, NetBSD and Illumos are not affected, since all of them have BUFSIZ == 1024. As the latter is passed to the kernel on recvmsg(), it's possible to overwrite 4kB of stack -- with ICMPv6 packets that can be globally sent to any of the system's addresses (using fragmentation to get to 8k). (The socket has filters installed limiting this to RS and RA packets, but does not have a filter for source address or TTL.) Issue discovered by trying to test other stuff, which randomly caused the stack to be smaller than 8kB in that code location, which then causes the kernel to report EFAULT (Bad address). Signed-off-by: David Lamparter Reviewed-by: Donald Sharp commit ef9bc88981570ef8ea744f0ab96730d192328a49 Author: Christian Franke Date: Tue Jun 14 20:07:06 2016 +0200 isisd: Fix size of malloc Signed-off-by: Christian Franke Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 985823ff91ed784b9affdb0104f617b2c1732dab Author: Christian Franke Date: Tue Jun 14 20:07:05 2016 +0200 isisd: fix an error that was probably a result of copypasting The code should check for the existance of the correct list prior to accessing it. Signed-off-by: Christian Franke Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 8548973ace90a78035893c3663c18b485425e291 Author: Christian Franke Date: Tue Jun 14 20:07:04 2016 +0200 ospf6d: fix off-by-one on display of spf reasons The loop should only iterate to array_size - 1. Signed-off-by: Christian Franke Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 7fca43f7184f6eb9fbe952f1eecaafcf079502f2 Author: Christian Franke Date: Tue Jun 14 20:07:03 2016 +0200 ospf6d: don't access nexthops out of bounds Given that the && is evaluated lazily from left to right, i < OSPF6_MULTI_PATH_LIMIT should be checked prior to calling ospf6_nexthop_is_set on the array element, not the other way around. Signed-off-by: Christian Franke Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 0d8b32a5ee43ccc4a67dd87ab21a4ab553e3bf44 Author: Christian Franke Date: Tue Jun 14 20:07:00 2016 +0200 bgpd: fix off-by-one in attribute flags handling bgp_attr_flag_invalid can access beyond the last element of attr_flags_values. Fix this by initializing attr_flags_values_max to the correct value. Signed-off-by: Christian Franke Signed-off-by: Christian Franke Acked-by: Donald Sharp commit bb04351973bd369623a0fbed3ef59e7b4fd0bd05 Author: Lou Berger Date: Mon Oct 10 11:56:52 2016 -0400 bgp: restore missing check from original ignore NHT change commit e33545cb9d7a8c7875f18b6d44bf75d320ccedfb Author: Lou Berger Date: Mon Oct 10 09:50:58 2016 -0400 bgp: fix warning in bgp_nht.c commit 68bfb6190e19898adc0e420b6346cf4778705e60 Author: Lou Berger Date: Thu Oct 6 09:59:32 2016 -0400 bgp: ignore NHT when bgpd has never connected zebra commit 743dd42b3f5d4bc5f9a86b91364c67217f42c6d1 Author: Paul Jakma Date: Fri Sep 30 13:55:47 2016 +0100 bgpd: Fix NHT race with Connect leading to test tool issues * The NHT change: "bgpd, zebra: Use next hop tracking for connected routes too" introduces a race where bgp_connect_check can be called on a peer in Connect state before the TCP handshake has completed. If this happens, then the SO_ERROR sockopt to check the state of the socket is undefined or at least does not return a useful result - it returns 0, as with a connected socket. SO_ERROR should only be called on non-block sockets after the socket has been ready for writing. The net result is that bgpd can then incorrectly advance the peer FSM for the socket (also the main 'peer'), to OpenSent. As part of which, any incoming connection from the peer will pass through collision_detect and may be (incorrectly) closed, depending on the RIDs. This race is reliably hit with testing tools which wait to listen for incoming BGP connections from the RUT to know it is in Connect/Active, and which ignore the TCP connection (no SYN|ACK, no RST), and then launch their own connection. The fix is to better integrate the BGP FSM and the NHT update, to ensure connect_check is not called on peers in Connect state. Note: There may be no need at all for NHT to tickle FSM. * bgpd.h: Add NHT_Update FSM event for NHT valid. * bgp_fsm.c: (bgp_fsm_nht_update) There is no need to have a separate switch based FSM with its own event via an exported function. Have NHT raise the NHT_Update even on the peer, instead of calling a side-channel function into a sub-FSM in the FSM. No need to have code for BGP_Start, FSM can call that. Actions for Connect and Active are the same and just lead to ConnectRetry_timer_expired event - so FSM can just call same transition func as that. No need to call bgp_connect_check on Connect, as Connect implies no connection. (FSM) Handle the NHT_Update event, replacing bgp_fsm_nht_update. Idle -> bgp_start, Connect and Active were doing the same as ConnectRetry_timer_expired so replicate those. Rest are No-Ops. * bgp_nht.c: (evaluate_paths) Raise NHT_Update FSM event. Always valid. * bgp_packet.{c,h}: (bgp_connect_check) NHT change now unnecessary, revert. commit af177b245ef3f092ecd0ae75cb75c2d797a7b139 Author: Christian Franke Date: Mon Aug 15 13:36:59 2016 +0200 isisd: warn if there is an MTU issue on circuits Instead of later tripping over an assert, add a proper warning for interfaces whose MTU is too low. Signed-off-by: David Lamparter commit 4c7d7173baa9fe064349f5fe2e0bdcb367475499 Author: David Lamparter Date: Sat Aug 13 01:32:52 2016 +0200 isisd: fold up isis_circuit_is_type_set() see previous commit. Signed-off-by: David Lamparter commit 1187e25191b38a1876fafbfd733a70942ebcb062 Author: David Lamparter Date: Sat Aug 13 01:20:20 2016 +0200 isisd: fix is_type_set Code's "is_type" is "circuit-type" in CLI, "circuit_type" is "network" (type) in CLI, and the function to change is_type is isis_event_circuit_type_change()... *headdesk* Reported-by: Martin Winter Signed-off-by: David Lamparter commit a798abbe65cc2cdce050a1aef85c6d243d44a575 Author: Christian Franke Date: Thu Aug 11 16:08:05 2016 +0200 isisd: fix network-type configuration Reported-by: Martin Winter Signed-off-by: David Lamparter commit 5a1a087baebcc4a996de66c558bac49419034ee0 Author: David Lamparter Date: Thu Aug 11 17:02:50 2016 +0200 isisd: fix isis_circuit_af_set() on fresh circuit A newly-created circuit will be in enabled state but have neither IPv4 nor IPv6 configured. The logic in isis_circuit_af_set assumed that "enabled" is equivalent to "ip || ipv6". This is the only place where this distinction is currently relevant, as the CLI won't allow enabling an interface without enabling either IPv4 or IPv6; and it will also disable a circuit when both are deconfigured. Reported-by: Martin Winter Signed-off-by: David Lamparter commit 515812ddbbb6a41298261688c8ccd0df8e900f17 Author: David Lamparter Date: Thu Aug 11 16:59:08 2016 +0200 isisd: fix isis_circuit_create() Between the awkwardly managed CSM and the tacked-on IPv6 support, the simplified logic to setup a circuit wasn't quite right. Note that the API essentially allows creating a circuit without enabling either IPv4 or IPv6. This wasn't possible before and probably breaks isisd in 'interesting' ways. The CLI won't do this, so it's only an issue when adding on other configuration mechanisms. Reported-by: Martin Winter Signed-off-by: David Lamparter commit f263413f762058d887aa7b2b6c502bd84af3c923 Author: David Lamparter Date: Thu Jul 28 17:23:32 2016 +0200 isisd: drop unused per-type metric values Expense, Error and Delay metrics never quite made it into the real world. Either way isisd does nothing useful with them, so let's drop them from the code. If someone wants to implement them, this patch can still be reverted. Signed-off-by: David Lamparter commit 68845c19e468480dbdf5483f0b60323674a5ec28 Author: Christian Franke Date: Thu Jul 28 17:23:31 2016 +0200 isisd: API: area (L1), domain (L2) passwords Last isisd CLI cleanup for now. This also folds L1 & L2 configs into common functions, reducing CLI function bloat by a bit. (This patch contains changes authored by both Christian Franke and David Lamparter.) Signed-off-by: David Lamparter commit 4570ca47e11602b25e37ab709fa00bdf8c183afb Author: Christian Franke Date: Thu Jul 28 17:23:30 2016 +0200 isisd: API: timers (LSP, SPF) See previous commits... Signed-off-by: David Lamparter commit 304c7dac53e2b1b3dc135ce2ff1aa38df46ec727 Author: Christian Franke Date: Thu Jul 28 17:23:29 2016 +0200 isisd: API: LSP-MTU & area level Yet more CLI functions in isis_vty.c using more nice setters. Signed-off-by: David Lamparter commit b5d2f5f5085147ff9e9d5ace7705c422cbc6afd0 Author: David Lamparter Date: Thu Jul 28 17:23:28 2016 +0200 isisd: API: timers (IIH, CSNP, PSNP) No setters needed since change of fields doesn't require any specific action to make it apply. Just move the CLI defs to isis_vty.c. Signed-off-by: David Lamparter commit f5fbfb26e961d6b4b129f98bc27a3e822620eba3 Author: Christian Franke Date: Thu Jul 28 17:23:27 2016 +0200 isisd: API: circuit password This cleans up circuit password configuration a little bit. (Restructured several times by both Christian Franke and David Lamparter.) Signed-off-by: David Lamparter commit ccd485d17b13f3b6f5669be9b8820d8807468d98 Author: Christian Franke Date: Thu Jul 28 17:23:26 2016 +0200 isisd: API: basic area config Move out basic area configuration (metric type, overload and attachment bits, dynamic hostname extension enable) into isis_vty.c. [v2: moved stuff back here that accidentally was in the previous patch] Signed-off-by: David Lamparter commit 3732cba03049b18fc414c36254cfc11186b2ba53 Author: David Lamparter Date: Fri Jul 29 16:19:40 2016 +0200 isisd: API: basic circuit config Create isis_vty.c and start moving off CLI functions into that. These then call newly-added "nice" API wrappers. Patch contains significant work authored by Christian Franke. [v2: removed stuff that crept in from the next patch] Signed-off-by: David Lamparter commit f5603ccd01131a1905b842e36171d0f5c0424496 Author: Paul Jakma Date: Mon Sep 12 13:53:08 2016 +0100 isisd: cleanup isis_circuit_lookup, errant from TE changes? commit b4e011985232f28d98e4df88c7cb13ee8f95ef46 Author: Evgeny Uskov Date: Wed Jan 13 13:58:00 2016 +0300 bgpd: Fix buffer overflow error in bgp_dump_routes_func Now if the number of entries for some prefix is too large, multiple TABLE_DUMP_V2 records are created. In the previous version in such situation bgpd crashed with SIGABRT. commit 810ab34c56a9b9b8870b961bc96986e6b8550863 Author: Lou Berger Date: Mon Sep 5 12:18:15 2016 -0400 bgp: bgp_nexthop init/free AFI_ETHER related NH tables commit 19e6c193db0c74ed08dbb5cd30dfa8f6a4377af0 Author: Paul Jakma Date: Tue Sep 6 17:23:48 2016 +0100 bgpd: bgp_nexthop_cache not deleted with peers * Fix mild leak, bgp_nexthop_caches were not deleted when their peer was. Not a huge one, but makes valgrinding for other leaks noisier. Credit to Lou Berger for doing the hard work of debugging and pinning down the leak, and supplying an initial fix. That one didn't quite get the refcounting right, it seemed, hence this version. This version also keeps bncs pinned so long as the peer is defined, where Lou's tried to delete whenever the peer went through bgp_stop. That causes lots of zebra traffic if down peers go Active->Connect->Active, etc., so leaving bnc's in place until peer_delete seemed better. * bgp_nht.c: (bgp_unlink_nexthop_by_peer) similar to bgp_unlink_nexthop, but by peer. * bgp_nht.c: (bgp_unlink_nexthop_check) helper to consolidate checking if a bnc should be deleted. (bgp_unlink_nexthop_by_peer) ensure the bnc->nht_info peer reference is removed, and hence allow bncs to be removed by previous. * bgpd.c: (peer_delete) cleanup the peer's bnc. commit c365b534623279049bc4cc0c5d03fdbcd2d466b0 Author: Lou Berger Date: Tue Jul 26 10:58:53 2016 -0400 bgpd: Remove unused and leaking code commit 4b502fdb64db6fcad5359973e3ff7e7c88e93a7d Author: Paul Jakma Date: Wed Jul 27 17:06:32 2016 +0100 tests: Fix testbgpmpattr and make check, broken by BGP NHT. * bgp_mp_attr_test.c: Fix segfault due to uninitialised bgp_nexthop_cache globals in nexthop parsing path, which require bgp_scan_init() to have been called. Fixes issue introduced with: 'bgpd, zebra: Use next hop tracking for connected routes too' commit 789dfc9fe07e23e6c73a299ecbbcbb6d3d411391 Author: Paul Jakma Date: Tue Sep 6 11:20:27 2016 +0100 bgpd: Fix crash in 'show ip bgp nexthop' * bgp_nexthop.c: (show_ip_bgp_nexthop_table) the AFIs are sparse, and start from 1, check there's a table before derefing so as not to crash. commit d9ab53ab40dcba66f34ca75695dc930e6093f789 Author: Dinesh Dutt Date: Tue May 19 17:47:21 2015 -0700 bgpd, zebra: Use next hop tracking for connected routes too Allow next hop tracking to work with connected routes And cleanup obsolete code in bgp_scan and bgp_import. Signed-off-by: Dinesh Dutt Signed-off-by: Donald Sharp Edits: Paul Jakma Rebase re-ordering conflicts with NHT route-map, potential errors. commit 5bcd754ff8d7947978acb44e77dcab323973fb1e Author: Daniel Walton Date: Tue May 19 17:58:10 2015 -0700 bgpd: crash if attributes alone consume > 4096 bytes This patch fixes a crash if attributes on a patch consume more than 4096 bytes. Signed-off-by: Daniel Walton commit 6c6c1bf0fc66713cb0b3448a4323042f44016502 Author: Daniel Walton Date: Mon Nov 9 20:21:56 2015 -0500 bgpd: Improve peer scaling Reduce the amount of time it takes to bring up a large number of peers. This is accomplished by removing jitter and reducing the number of seconds to wait before connecting to a peer. Signed-off-by: Daniel Walton Edited-by: Paul Jakma for rebase conflicts, and to add jitter on connect timer back in. Can be removed in an update. commit e25a9741fb1ba52a69833687caa01f13cd4d1320 Author: Daniel Walton Date: Mon Nov 9 20:21:50 2015 -0500 bgpd: don't count a route with an unreachable nexthop in PfxRcd When a route is received from a peer that we cannot reach do not count that route as a received route. Signed-off-by: Daniel Walton commit cb9ed1d867f6ac9e0bad85c47aabeb10b94be2e5 Author: Donald Sharp Date: Thu Jan 14 09:19:29 2016 -0500 ospf6d: Fix double increment of Sequence Number When OSPF6 is creating the header for the ROUTER LSA type if the packet being sent has interface information to add to the data, the Sequence Number is at least double incremented. This commit may cause issues with ANVL 16.10. [note: folded in: "ospf6d: Fix Some ANVL test cases 16.6 and partial 16.10" -- Paul Jakma] Signed-off-by: Donald Sharp commit 4f84737dee1e84b7219f66e983812abd8a6ca1d3 Author: Donald Sharp Date: Tue Dec 22 15:24:25 2015 -0500 zebra: Fix some warnings found during compile. This commit fixes some warnings found in Martin's Testbed that compiles sun solaris and freebsd images. Signed-off-by: Donald Sharp commit afc9cf97363c0b7ec6c253731a75ac83e70ea190 Author: Vipin Kumar Date: Tue May 19 18:03:50 2015 -0700 osfd: Make OSPF compliant to the last sentence of this section in RFC 2328 9.5 Sending Hello packets Hello packets are sent out each functioning router interface. They are used to discover and maintain neighbor relationships.[6] On broadcast and NBMA networks, Hello Packets are also used to elect the Designated Router and Backup Designated Router. The format of an Hello packet is detailed in Section A.3.2. The Hello Packet contains the router's Router Priority (used in choosing the Designated Router), and the interval between Hello Packets sent out the interface (HelloInterval). The Hello Packet also indicates how often a neighbor must be heard from to remain active (RouterDeadInterval). Both HelloInterval and RouterDeadInterval must be the same for all routers attached to a common network. The Hello packet also contains the IP address mask of the attached network (Network Mask). On unnumbered point-to-point networks and on virtual links this field should be set to 0.0.0.0. Signed-off-by: Vipin Kumar Reviewed-by: Vivek Venkatraman Reviewed-by: Dinesh G Dutt commit fc2cee2bed4ebf664ba0afa1678027365f3923f7 Author: Daniel Walton Date: Tue May 19 18:03:44 2015 -0700 zebra: Fix incorrectly flagged nexthop A valid BGP nexthop is sometimes flagged as invalid, this patch fixes that issue. Signed-off-by: Daniel Walton Edited-by: Paul Jakma , also add the check for NEXTHOP_FLAG_ACTIVE which was added in a separate, route-map related commit (6baeed5 lib, zebra: Add route-map support for Next Hop Tracking) commit c69698704806a9ac5035521b1820057097919227 Author: Daniel Walton Date: Tue May 19 18:03:43 2015 -0700 bgpd: Correct a few fuzz failures in BGP Testing revealed some issues with handling data input. This patch fixes those issues. Signed-off-by: Daniel Walton commit cb37de4c6863c772b654a851c9fe3eeb1f677692 Author: Vipin Kumar Date: Tue May 19 18:03:40 2015 -0700 ospf6d: Fix loss of hello's on interface SYMPTOM: With quagga running on Linux, 'ifdown ' followed by 'ifup can cause OSPFv3 to not receive Hello packets on the interface. ISSUE: Operating System's interface IPv6 readiness may not be guaranteed at the time of interface-up event. Thats because the ipv6 components in an OS may also be listening to the same interface-up event that (in this case) is relayed to OSPFv3. In this failure case, setsockopt with option IPV6_JOIN_GROUP on the interface returned EINVAL. Error logs - OSPF6: Zebra Interface state change: swp1 index 3 flags 11043 metric 1 mtu 1500 OSPF6: Interface Event swp1: [InterfaceUp] OSPF6: Network: setsockopt (20) on ifindex 3 failed: Invalid argument FIX: To take care of this possible race condition, any address-family related setting should be retried. Given it's a rare condition and window of this race should be short, the patch adds a limited retry mechanism for the IPV6 membership setting on the socket. Signed-off-by: Vipin Kumar Reviewed-by: Dinesh Dutt Satish Ashok commit 2153090340f059eb787d72ba973ea55e150e9dec Author: Daniel Walton Date: Tue May 19 18:03:38 2015 -0700 bgpd: Fix BGP_INFO_ATTR_CHANGED being cleared incorrectly back to back route refreshes can set BGP_INFO_ATTR_CHANGED on the first route refresh but then clear it on the second Signed-off-by: Daniel Walton commit 4c7efde6db75229069be72b34a93f279fe57d23b Author: Donald Sharp Date: Mon Nov 16 18:19:18 2015 -0500 zebra: Add check to notice when an interface is unnumbered If an interface is not a loopback and it's prefixlen == 32 assume that it is unnumbered. Signed-off-by: Donald Sharp commit 988a50c54dbd20290c085a36d4c2893f3d515803 Author: Daniel Walton Date: Tue May 19 17:58:11 2015 -0700 bgpd, lib: Clarify the different permutations of soft clearing a peer Cleanup vtysh output for the soft clearing of a bgp peer so that it is clearer what is going to happen. Signed-off-by: Daniel Walton commit 9e518dd52b1fbf7d395a6bb49a101d632ced5e5b Author: Daniel Walton Date: Tue May 19 17:47:26 2015 -0700 bgpd: Alow gracefull shutdown of peers Send CEASE NOTIFICATIONS to all peers on "no router bgp" Signed-off-by: Daniel Walton commit 9ae8552c7341071ffac34aec9902fa3dd7dc8fdf Author: Dinesh Dutt Date: Tue May 19 17:47:22 2015 -0700 zebra: Gather and display detailed info about clients of Zebra The display of zebra client info is rather paltry: just the name and the FD. For troubleshooting and general helpfulness, its useful to gather more info about each client and display that. This patch does just that. Signed-off-by: Dinesh Dutt commit c7f25b90902d4be39132b1174440746b571220ce Author: Daniel Walton Date: Tue May 19 17:47:22 2015 -0700 bgpd, ospfd, ospf6d, ripd, ripngd, zebra: 'set metric -12' is broken in the parser Signed-off-by: Daniel Walton commit f2eb9caac6425473af8d6d15534439fe715f7426 Author: Daniel Walton Date: Tue May 19 17:47:21 2015 -0700 bgpd: atomic-aggregate is lost when we aggregate another aggregate that has atomic-aggregate This patch ensures that we don't accidently loose the atomic-aggregate when we aggregate another aggregate that also has atomic-aggregates. Signed-off-by: Daniel Walton commit 96d1060a704d88e04fcd446cce078a6131c3f6db Author: Paul Jakma Date: Fri Jul 1 14:23:45 2016 +0100 *: Widen width of Zserv routing tag field. * lib/zebra.h: Introduce a route_tag_t type for route tags generally, and make it 4 bytes wide - so it can directly hold things like an ASN, or the OSPF ASE-LSA tag. * zebra/rib.h: Use route_tag_t instead of u_short. * *: Update 'u_short (*)?(tag|tmp)' to use route_tag_t instead of u_short. Update stream_{get,put} to l instead of w. * ospf_zebra.c: (ospf_zebra_add) test OSPF tag within range of ROUTE_TAG_MAX. commit 3b4fb574b414e7b7776b581688f189f2fc736a38 Author: Piotr Chytła Date: Tue Dec 1 10:16:02 2015 -0500 ripd, ripngd: add support for route tags [Forward ported by Cumulus] Documentation ------------- All ipv4 and ipv6 static route commands now have a "tag" option which allows the user to set a tag between 1 and 65535. quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag ? <1-65535> Tag value quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag 40 quagga(config)# quagga# show ip route 1.1.1.1/32 Routing entry for 1.1.1.1/32 Known via "static", distance 1, metric 0, tag 40, best * 10.1.1.1, via swp1 quagga# The route-map parser supports matching on tags and setting tags ! route-map MATCH_TAG_18 permit 10 match tag 18 ! ! route-map SET_TAG_22 permit 10 set tag 22 ! BGP and OSPF support: - matching on tags when redistribing routes from the RIB into BGP/OSPF. - setting tags when redistribing routes from the RIB into BGP/OSPF. BGP also supports setting a tag via a table-map, when installing BGP routes into the RIB. Signed-off-by: Daniel Walton Signed-off-by: Piotr Chytla Signed-off-by: Donald Sharp commit fb214471c88616d67ece3734128ef04ed4a8ed86 Author: Piotr Chytła Date: Tue Dec 1 13:47:06 2015 -0500 zebra: add support for route tags [Forward ported by Cumulus] Documentation ------------- All ipv4 and ipv6 static route commands now have a "tag" option which allows the user to set a tag between 1 and 65535. quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag ? <1-65535> Tag value quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag 40 quagga(config)# quagga# show ip route 1.1.1.1/32 Routing entry for 1.1.1.1/32 Known via "static", distance 1, metric 0, tag 40, best * 10.1.1.1, via swp1 quagga# The route-map parser supports matching on tags and setting tags ! route-map MATCH_TAG_18 permit 10 match tag 18 ! ! route-map SET_TAG_22 permit 10 set tag 22 ! BGP and OSPF support: - matching on tags when redistribing routes from the RIB into BGP/OSPF. - setting tags when redistribing routes from the RIB into BGP/OSPF. BGP also supports setting a tag via a table-map, when installing BGP routes into the RIB. Signed-off-by: Daniel Walton Signed-off-by: Piotr Chytla Signed-off-by: Donald Sharp commit 605aa331d814b0977dd8435168dca5b2b7928996 Author: Piotr Chytła Date: Tue Dec 1 10:03:54 2015 -0500 bgpd, vtysh: Add support for route tags [Forward ported by Cumulus] Documentation ------------- All ipv4 and ipv6 static route commands now have a "tag" option which allows the user to set a tag between 1 and 65535. quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag ? <1-65535> Tag value quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag 40 quagga(config)# quagga# show ip route 1.1.1.1/32 Routing entry for 1.1.1.1/32 Known via "static", distance 1, metric 0, tag 40, best * 10.1.1.1, via swp1 quagga# The route-map parser supports matching on tags and setting tags ! route-map MATCH_TAG_18 permit 10 match tag 18 ! ! route-map SET_TAG_22 permit 10 set tag 22 ! BGP and OSPF support: - matching on tags when redistribing routes from the RIB into BGP/OSPF. - setting tags when redistribing routes from the RIB into BGP/OSPF. BGP also supports setting a tag via a table-map, when installing BGP routes into the RIB. Signed-off-by: Daniel Walton Signed-off-by: Piotr Chytla Signed-off-by: Donald Sharp Edits by: Paul Jakma Date: Tue Dec 1 10:10:41 2015 -0500 ospfd, vtysh: Add support for Route tags [Forward ported by Cumulus] Credit ------ A huge amount of credit for this patch goes to Piotr Chytla for their 'route tags support' patch that was submitted to quagga-dev in June 2007. Documentation ------------- All ipv4 and ipv6 static route commands now have a "tag" option which allows the user to set a tag between 1 and 65535. quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag ? <1-65535> Tag value quagga(config)# ip route 1.1.1.1/32 10.1.1.1 tag 40 quagga(config)# quagga# show ip route 1.1.1.1/32 Routing entry for 1.1.1.1/32 Known via "static", distance 1, metric 0, tag 40, best * 10.1.1.1, via swp1 quagga# The route-map parser supports matching on tags and setting tags ! route-map MATCH_TAG_18 permit 10 match tag 18 ! ! route-map SET_TAG_22 permit 10 set tag 22 ! BGP and OSPF support: - matching on tags when redistribing routes from the RIB into BGP/OSPF. - setting tags when redistribing routes from the RIB into BGP/OSPF. Signed-off-by: Daniel Walton Signed-off-by: Piotr Chytla Signed-off-by: Donald Sharp commit eefddcc78abcc91d1d88633a3c6d5a438fe58790 Author: Piotr Chytła Date: Tue Dec 1 09:48:02 2015 -0500 bgpd, lib, ospfd, zebra: Add ability to read/write tag value Modify zebra to pass the tag value to and from the various protocols. [forward ported by Cumulus] Signed-off-by: Daniel Walton Signed-off-by: Piotr Chytla Signed-off-by: Donald Sharp Edits: Paul Jakma rebase conflicts in bgp_zebra.c commit de24f82d0ea7eadd0db7d5c0d340a0579312237c Author: Piotr Chytła Date: Thu Jun 28 00:09:28 2007 +0200 zebra: Add internal support for route tags Add internal support for a route tag to be applied to routes. At this point in time, tags are not being used. [forward ported by Cumulus] Signed-off-by: Daniel Walton Signed-off-by: Piotr Chytła Signed-off-by: Donald Sharp Edited-by: Paul Jakma - rebase conflicts commit 147a812ed15e171d1db882ac96f0f15723bf8b8f Author: Donald Sharp Date: Thu May 21 16:06:21 2015 -0700 vtysh: service integrated-vtysh-config not being written to file The vtysh commands: service integrated-vtysh-config hostname XXXX were not being written to the /etc/quagga/Quagga.conf file with a wr mem when service integrated-vtysh-config was issued. This patch fixes this issue Signed-off-by: Donald Sharp commit 768d9098a526841d22a8f0b740a919bd6eccee47 Author: Dinesh Dutt Date: Tue May 19 18:04:13 2015 -0700 zebra: Suppress displaying default config as part of running config Quagga doesn't display default config as part of the running config, only what is different from the default. However, in the case of rtadv, every link displays the default "ipv6 nd suppress-ra" as part of running config. This patch fixes that. Signed-off-by: Dinesh Dutt commit d8c5f27777051b3ea32f8b5979ecd9bb7b9475b9 Author: Donald Sharp Date: Wed Mar 16 08:10:56 2016 -0400 bgpd: flag paths for multipath if we RX link-local and global nexthops Paths with global and link-local nexthops should be considered for multipath Signed-off-by: Daniel Walton commit 743219e9abe79e8a3828fc00de679098061960bb Author: Daniel Walton Date: Tue May 19 18:03:57 2015 -0700 ospfd: "show ip ospf neighbor" header spacing The column headers for displaying OSPF neighbors are not aligned, this patch addresses this issue Signed-off-by: Daniel Walton commit fa2e78677bde6926dc7cfa29e14925eb6d8e87b3 Author: Vivek Venkatraman Date: Tue May 19 18:03:54 2015 -0700 bgpd: Make source interface selection in BGP for nexthop determination more robust Ensure that if 'update-source ' is specified, that interface is chosen as the source for the local nexthops. Otherwise, do a complete match on the local IP address of the connection to determine the source interface for the local nexthops; this will handle scenarios where there is an overlap of subnets between interfaces (e.g., loopback and another interface). Signed-off-by: Vivek Venkatraman commit 7d39125ea4d54624a4865dd272df5041ccac655e Author: Vipin Kumar Date: Tue May 19 18:03:53 2015 -0700 ospf6d: Adding the initialization check in ospfv3_clean() This is to avoid a crash triggered by process termination when ospf6d daemon is running and 'router ospf6' config has not been done yet. Signed-off-by: Vipin Kumar Reviewed-by: Daniel Walton commit 8c075ef01d64cba7dd52bdc642ccee22a8538b62 Author: Vipin Kumar Date: Tue May 19 18:03:53 2015 -0700 ospf6d: Fixing a couple of issues with ospf6_route_remove () routine. When a route_node has multiple ospf6_routes under it (common subnet case), then the current implementation has an issue in adjusting the route_node->info on a ospf6_route_remove() call. The main reason is that it ends up using exact match to determine if the next ospf6_route belongs to the same route_node or not. Fixing that part to use rnode (the existing back-pointer to the route_node) from the ospf6_route to determine that. Also fixing some of the walks to turn them safe so that the route deletion is fine. Signed-off-by: Vipin Kumar Reviewed-by: Vivek Venkatraman commit f1b9611821bb73b6bc664afa263cdaa851e09d34 Author: Vipin Kumar Date: Tue May 19 18:03:51 2015 -0700 ospf6d: LA (local-address) bit related inter-op fix. As per the RFC, when the NU bit is set, prefix should be ignored. However, the code is currently ignoring prefix with LA bit too. Fixing that part. In future, we should also set LA bit for the loopback addresses. Not doing this part right away, as quagga wont be backward compatible with its own previous releases. Maybe after a release or so, we should start setting LA bit too. Signed-off-by: Vipin Kumar Reviewed-by: Daniel Walton commit f687b62b14dd4e79528e9ba607da1ebdc44cf28d Author: Dinesh Dutt Date: Tue May 19 18:03:50 2015 -0700 ospfd: Don't wait for state change to Exchange to start LSReq ANVL test 17.5. The current implementation wouldn't start sending LSReq unti the DB Desc packets have all been received (no M bit). This caused the test choke up. RFC 2328 allows for sending LSReq on receiving the first DbDesc packet as long as the nbr state is Exchange. This patch fixes that. Signed-off-by: Dinesh Dutt Edited-by: Paul Jakma to start the sending of LsReq from the nsm_negotiation_done FSM transition function for ExStart->Exchange, rather than tacking the call to ospf_ls_req_send to the bottom of the DD desc processing function. commit 24521e24c739b130c247e864d22b734daa4281d1 Author: Daniel Walton Date: Tue May 19 18:03:48 2015 -0700 ospfd: Fix no ip ospf hello-interval OSPF silently ignores 'no ip ospf hello-interval X' and 'no ip ospf hello-interval X' Signed-off-by: Daniel Walton Reviewed-by: Dinesh G Dutt commit 45af55a70379da6e1534185ffa20238aa6026d52 Author: Vipin Kumar Date: Tue May 19 18:03:43 2015 -0700 ospfd: Make destination of p2p to multicast for LS-ACKS ISSUE: LSAcks (for directed acks) are being sent to neighbor's unicast address. RFC 2328 says: "The IP destination address for the packet is selected as follows. On physical point-to-point networks, the IP destination is always set to the address AllSPFRouters" Fix is to unconditionally set the destination address for LSAcks over point-to-point links as AllSPFRouters. Quagga OSPF already has similar change for OSPF DBD, LSUpdate and LSrequest packets. Signed-off-by: Vipin Kumar Reviewed-by: Daniel Walton Reviewed-by: Dinesh G Dutt commit e2a0ebf26c640822c3488e6f371a043a91fdcc1b Author: Daniel Walton Date: Tue May 19 18:03:43 2015 -0700 bgpd: Display BGP paths with unreachable nexthops as invalid If a BGP path has an unreachable nexthop display that path as invalid Signed-off-by: Daniel Walton commit 69424be09ccf7233b184b89bb7bd6e98f72d252b Author: Daniel Walton Date: Tue May 19 18:03:41 2015 -0700 ospf6d: We should accept long form of "no redistribute" When turning off redistribution in ospf6, allow the user to specify the full form of the command entered. Signed-off-by: Daniel Walton commit f972dec83308986082b04711c8915e13c0a5e1c1 Author: Vipin Kumar Date: Tue May 19 18:03:41 2015 -0700 ospf6d: Add the missing ospf6 running check in show cmds SYMPTOM: If some of the ospfv3 commands like 'show ipv6 ospf6 route' are executed with ospf6d daemon running but before having any ospfv3 configuration, then ospf6d crash is seen. ISSUE: There are a few show commands, which are (unlike others) not checking if ospf6 instance is initialized already. FIX: Add the missing checks, by using OSPF6_CMD_CHECK_RUNNING() in the commands where its needed and not yet used. Signed-off-by: Vipin Kumar Reviewed-by: Pradosh Mohapatra Dinesh Dutt commit e87f8083ff677b569048ce7560169b64daee0c57 Author: Vipin Kumar Date: Tue May 19 18:03:40 2015 -0700 ospf6d: Support for 'clear ipv6 ospf6 interface [ifname] Clear interface commands for ospfv3. Allow the user to clear all peers out the specified interface. Signed-off-by: Vipin Kumar commit e509af86e3579944b7cde942ca3ee3427db1936a Author: Vipin Kumar Date: Tue May 19 18:03:40 2015 -0700 opsf6d: Update router-LSA when nbr's interface-ID changes This is a fix to make sure router-LSA is updated when neighbor's interface ID change is received in hello packet. Signed-off-by: Vipin Kumar commit a90dc8752723ef6bad6fc5a7d5180ab313b0317c Author: Vipin Kumar Date: Tue May 19 17:58:13 2015 -0700 ospfd: Support for 'clear ip ospf interface [IFNAME]' Allow the user to enter the 'clear ip ospf interface [IFNAME]' command this resets the connection between ospf and any peers out the specified interface. Signed-off-by: Vipin Kumar commit 59fe0eecd3498f28ec1b1cdb2de5dcc7c507f83f Author: Daniel Walton Date: Tue May 19 17:58:11 2015 -0700 bgpd: Add [bestpath|multipath] option to 'show ip bgp x.x.x.x' When showing a prefix in bgp allow user to specify output based upon the bestpath chosen, multipath information of all information about a prefix(the default) Signed-off-by: Daniel Walton commit 325fcfb6d83c9add415e24e786035b67b00fd719 Author: Daniel Walton Date: Tue May 19 17:58:10 2015 -0700 bgpd: Add clear command to force a bestpath recalculation and re-advertisement of a prefix Add these commands to bgp: clear ip bgp prefix A.B.C.D/M clear bgp ipv6 (unicast|multicast) prefix X:X::X:X/M These two commands forces a bestpath calculation to happen again if necessary to re-advertise the prefix. Signed-off-by: Daniel Walton commit 76a7280ddebd94b20c545e93d9773e7ad4db91de Author: Daniel Walton Date: Tue May 19 17:47:24 2015 -0700 bgpd: Fix aggregation issues found via ANVL There were various failures in ANVL's aggregation tests, this patch fixes those issues found Signed-off-by: Daniel Walton commit 78243040fc60babf83ef02572ad7966ebd20192e Author: Daniel Walton Date: Tue May 19 17:47:23 2015 -0700 bgpd: iBGP multipath is broken if 'bgp deterministic-med' is enabled. AS_PATH comparison is broken if CONFED_AS_SEQ are present. This patch fixes this issue Signed-off-by: Daniel Walton commit d0aa6e8b222f44949b0a190d8ff70d90333b775c Author: Daniel Walton Date: Fri Jun 17 14:45:42 2016 +0100 bgpd: Make aspath_highest 4-byte compatible for private AS * bgp_aspath.h: Add BGP_AS_IS_PRIVATE macro. * bgp_aspath.c: (aspath_highest) use said macro to also ensure 4-byte private AS range is ignored in calculating highest public ASN. (aspath_private_as_check) consolidate to use said macro. Note: Extracted from 'bgpd: Add replace-as option to remove-private-as' by paul@jakma.org. commit 5552da8f9abd786fb76019135277003f489626d6 Author: Paul Jakma Date: Fri Jun 17 11:36:59 2016 +0100 bgpd: Fix use after free in aspath_prepend with confeds * bgp_aspath.c: (aspath_prepend) aspath_delete_confed_seq may result in as2 being updated, and seg2 becoming invalid. E.g. if the first segment of of as2 is confeds. However, code there after unconditionally reads from seg2. Reset seg2, and re-do the empty check on it. Caught by valgrinding tools/aspathtest. commit dcc21851aa5f284bf57ccb2b662f4ff5b5a44321 Author: Vipin Kumar Date: Tue May 19 17:47:20 2015 -0700 bgpd: Make the private AS number check 4 byte compatible. Signed-off-by: Vipin Kumar Reviewed-by: Dinesh Dutt Reviewed-by: Daniel Walton commit c0a4cc74ef6994f9b4e4c1351d67a55a684faf38 Author: Daniel Walton Date: Mon Nov 9 20:22:00 2015 -0500 bgpd: Make "no redistribute" always remove the redistribute statement Signed-off-by: Daniel Walton commit 62f936e7960a7c08f4ae42ad43726d8d6e8e949d Author: Daniel Walton Date: Mon Nov 9 20:21:59 2015 -0500 ospf6d, ripd, vtysh: Fix "no set metric" for ospf6 and RIP Allow the user to actually turn off the set metric command in ospf6d and rip. Signed-off-by: Daniel Walton commit 92992c69afd0095b183a3b905598d194115b27a7 Author: James Li Date: Mon Nov 9 20:21:57 2015 -0500 zebra: Dissallow outside programs to delete Quagga routes Do not allow a program outside Quagga to delete a Quagga route from the kernel. To delete a Quagga route, do it inside Quagga. Signed-off-by: James Li commit 083e5e2d7bc8098b92572792ab807da381db95ea Author: Dinesh Dutt Date: Mon Nov 9 20:21:54 2015 -0500 bgpd, doc: Allow route-map policy modifications to also affect route reflectors. By default, attribute modification via route-map policy out is ignored on reflected routes. This patch provides an option to allow this modification to occur. Once enabled, it affects all reflected routes. Signed-off-by: Dinesh G Dutt commit 5cf768a3f53029ecc482367a1ceaf7578237b06a Author: Dinesh Dutt Date: Mon Nov 9 20:21:53 2015 -0500 bgpd: Support matching on local preference in route-map This patch adds support for matching on local preference in BGP route-map. Signed-off-by: Dinesh Dutt commit af309fa58f41457eed226d6650d0b780c053c4d8 Author: Pradosh Mohapatra Date: Mon Nov 9 20:21:47 2015 -0500 bgpd: Show more meaningful outq value in 'show ip bgp summary' output. 'outq' field in 'show ip bgp sum' displays the number of formatted packets to a peer. Since the route announcement follows an input-buffered pattern (i.e. adj-rib-out is a separate queue of routes per peer and packets are formatted from the routes at the time of TCP write), the outq field doesn't show any interesting data worth watching. The patch is to display the adj-rib-out queue depth instead. signed-off-by: pmohapat@cumulusnetworks.com reviewed-by: dwalton@cumulusnetworks.com commit a4f40293db1055387d5b901fe0dbb556226b2024 Author: vivek Date: Mon Nov 9 20:21:46 2015 -0500 vtysh: Make ipv6 unicast/multicast address-family work In the absence of this patch, attempting to type "address-family ipv6 unicast" would result in an "Ambiguous command" error and in the case of "address-family ipv6 multicast", the command would silently fail, without the prompt dropping into the address-family mode. The cause is how the parse tree is constructed for ipv6 address family. There was an error in extract.pl.in script and in vtysh.c files which assumed that there was only address family ipv6 command, without unicast or multicast and so the command was failing. Signed-off-by: vivek commit 0f2f7a3fa5d55e682d0739d586da021cbd43bc3c Author: Paul Jakma Date: Thu Jun 16 15:40:02 2016 +0100 *: Fix duplicate commands from view/enable node consolidation commit 94627e670d661f95217521ef0bfba141e5e37e68 Author: Pradosh Mohapatra Date: Mon Nov 9 20:21:45 2015 -0500 bgpd: Add a null check in bgp_address_del() function when connected addresses are removed. When you flap an interface repeatedly, you can get into situations where the code has not quite finished cleaning up before the next event happens. Gracefully prevent a NULL dereference. Signed-off-by: Pradosh Mohapatra commit 60cc95921ae663de325ca3e76e8c05d8224986ab Author: Pradosh Mohapatra Date: Mon Nov 9 20:21:41 2015 -0500 bgpd, doc, lib, zebra: nexthop-tracking in zebra 0. Introduction This is the design specification for next hop tracking feature in Quagga. 1. Background Recursive routes are of the form: p/m --> n [Ex: 1.1.0.0/16 --> 2.2.2.2] where 'n' itself is resolved through another route as follows: p2/m --> h, interface [Ex: 2.2.2.0/24 --> 3.3.3.3, eth0] Usually, BGP routes are recursive in nature and BGP nexthops get resolved through an IGP route. IGP usually adds its routes pointing to an interface (these are called non-recursive routes). When BGP receives a recursive route from a peer, it needs to validate the nexthop. The path is marked valid or invalid based on the reachability status of the nexthop. Nexthop validation is also important for BGP decision process as the metric to reach the nexthop is a parameter to best path selection process. As it goes with routing, this is a dynamic process. Route to the nexthop can change. The nexthop can become unreachable or reachable. In the current BGP implementation, the nexthop validation is done periodically in the scanner run. The default scanner run interval is one minute. Every minute, the scanner task walks the entire BGP table. It checks the validity of each nexthop with Zebra (the routing table manager) through a request and response message exchange between BGP and Zebra process. BGP process is blocked for that duration. The mechanism has two major drawbacks: (1) The scanner task runs to completion. That can potentially starve the other tasks for long periods of time, based on the BGP table size and number of nexthops. (2) Convergence around routing changes that affect the nexthops can be long (around a minute with the default intervals). The interval can be shortened to achieve faster reaction time, but it makes the first problem worse, with the scanner task consuming most of the CPU resources. "Next hop tracking" feature makes this process event-driven. It eliminates periodic nexthop validation and introduces an asynchronous communication path between BGP and Zebra for route change notifications that can then be acted upon. 2. Goal Stating the obvious, the main goal is to remove the two limitations we discussed in the previous section. The goals, in a constructive tone, are the following: - fairness: the scanner run should not consume an unjustly high amount of CPU time. This should give an overall good performance and response time to other events (route changes, session events, IO/user interface). - convergence: BGP must react to nexthop changes instantly and provide sub-second convergence. This may involve diverting the routes from one nexthop to another. 3. Overview of the changes The changes are in both BGP and Zebra modules. The short summary is the following: - Zebra implements a registration mechanism by which clients can register for next hop notification. Consequently, it maintains a separate table, per (VRF, AF) pair, of next hops and interested client-list per next hop. - When the main routing table changes in Zebra, it evaluates the next hop table: for each next hop, it checks if the route table modifications have changed its state. If so, it notifies the interested clients. - BGP is one such client. It registers the next hops corresponding to all of its received routes/paths. It also threads the paths against each nexthop structure. - When BGP receives a next hop notification from Zebra, it walks the corresponding path list. It makes them valid or invalid depending on the next hop notification. It then re-computes best path for the corresponding destination. This may result in re-announcing those destinations to peers. 4. Design 4.1. Modules The core design introduces an "nht" (next hop tracking) module in BGP and "rnh" (recursive nexthop) module in Zebra. The "nht" module provides the following APIs: bgp_find_or_add_nexthop() : find or add a nexthop in BGP nexthop table bgp_find_nexthop() : find a nexthop in BGP nexthop table bgp_parse_nexthop_update() : parse a nexthop update message coming from zebra The "rnh" module provides the following APIs: zebra_add_rnh() : add a recursive nexthop zebra_delete_rnh() : delete a recursive nexthop zebra_lookup_rnh() : lookup a recursive nexthop zebra_add_rnh_client() : register a client for nexthop notifications against a recursive nexthop zebra_remove_rnh_client(): remove the client registration for a recursive nexthop zebra_evaluate_rnh_table(): (re)evaluate the recursive nexthop table (most probably because the main routing table has changed). zebra_cleanup_rnh_client(): Cleanup a client from the "rnh" module data structures (most probably because the client is going away). 4.2. Control flow The next hop registration control flow is the following: <==== BGP Process ====>|<==== Zebra Process ====> | receive module nht module | zserv module rnh module ---------------------------------------------------------------------- | | | bgp_update_ | | | main() | bgp_find_or_add_ | | | nexthop() | | | | | | | zserv_nexthop_ | | | register() | | | | zebra_add_rnh() | | | The next hop notification control flow is the following: <==== Zebra Process ====>|<==== BGP Process ====> | rib module rnh module | zebra module nht module ---------------------------------------------------------------------- | | | meta_queue_ | | | process() | zebra_evaluate_ | | | rnh_table() | | | | | | | bgp_read_nexthop_ | | | update() | | | | bgp_parse_ | | | nexthop_update() | | | 4.3. zclient message format ZEBRA_NEXTHOP_REGISTER and ZEBRA_NEXTHOP_UNREGISTER messages are encoded in the following way: /* * 0 1 2 3 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | AF | prefix len | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . Nexthop prefix . * . . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . . * . . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | AF | prefix len | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . Nexthop prefix . * . . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ ZEBRA_NEXTHOP_UPDATE message is encoded as follows: /* * 0 1 2 3 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | AF | prefix len | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . Nexthop prefix getting resolved . * . . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | metric | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | #nexthops | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | nexthop type | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . resolving Nexthop details . * . . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * | nexthop type | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * . resolving Nexthop details . * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ 4.4. BGP data structure Legend: /\ struct bgp_node: a BGP destination/route/prefix \/ [ ] struct bgp_info: a BGP path (e.g. route received from a peer) _ (_) struct bgp_nexthop_cache: a BGP nexthop /\ NULL \/--+ ^ | : +--[ ]--[ ]--[ ]--> NULL /\ : \/--+ : | : +--[ ]--[ ]--> NULL : _ : (_)............. 4.5. Zebra data structure rnh table: O / \ O O / \ O O struct rnh { u_char flags; struct rib *state; struct list *client_list; struct route_node *node; }; 5. User interface changes quagga# show ip nht 3.3.3.3 resolved via kernel via 11.0.0.6, swp1 Client list: bgp(fd 12) 11.0.0.10 resolved via connected is directly connected, swp2 Client list: bgp(fd 12) 11.0.0.18 resolved via connected is directly connected, swp4 Client list: bgp(fd 12) 11.11.11.11 resolved via kernel via 10.0.1.2, eth0 Client list: bgp(fd 12) quagga# show ip bgp nexthop Current BGP nexthop cache: 3.3.3.3 valid [IGP metric 0], #paths 3 Last update: Wed Oct 16 04:43:49 2013 11.0.0.10 valid [IGP metric 1], #paths 1 Last update: Wed Oct 16 04:43:51 2013 11.0.0.18 valid [IGP metric 1], #paths 2 Last update: Wed Oct 16 04:43:47 2013 11.11.11.11 valid [IGP metric 0], #paths 1 Last update: Wed Oct 16 04:43:47 2013 quagga# show ipv6 nht quagga# show ip bgp nexthop detail quagga# debug bgp nht quagga# debug zebra nht 6. Sample test cases r2----r3 / \ / r1----r4 - Verify that a change in IGP cost triggers NHT + shutdown the r1-r4 and r2-r4 links + no shut the r1-r4 and r2-r4 links and wait for OSPF to come back up + We should be back to the original nexthop via r4 now - Verify that a NH becoming unreachable triggers NHT + Shutdown all links to r4 - Verify that a NH becoming reachable triggers NHT + no shut all links to r4 7. Future work - route-policy for next hop validation (e.g. ignore default route) - damping for rapid next hop changes - prioritized handling of nexthop changes ((un)reachability vs. metric changes) - handling recursion loop, e.g. 11.11.11.11/32 -> 12.12.12.12 12.12.12.12/32 -> 11.11.11.11 11.0.0.0/8 -> - better statistics Addresses upstream comments. "show ip bgp nexthop detail" couldn't display multiple NHs due to a bug. Fix that. Fix reference counts for the nexthop cache entries Signed-off-by: Pradosh Mohapatra Signed-off-by: Daniel Walton Signed-off-by: Dinesh Dutt Signed-off-by: Donald Sharp Signed-off-by: Vivek Venkatraman Fix reference counts for the nexthop cache entries. Signed-off-by: Vivek Venkatraman Edited-by: Paul Jakma - Fix nexthop_ipv6_add defs in rib.h not having been modified with rib_ prefix. - Remove rib_lookup_and_pushup, appears not to be used except for !HAVE_NETLINK && HAVE_STRUCT_IFALIASREQ case of ioctl.c::if_set_prefix, so it's not being used at all on platform with most testing of RIB. commit 4feb0d02c029e2e4f229f6283f579b8673b0ac11 Author: Dinesh Dutt Date: Mon Nov 9 20:14:55 2015 -0500 bgpd: IPv6 Multipath broken with nexthop global address IPv6 multipath is broken in BGP if nexthop contains only global address. IPv6 always uses both nextop IPv6 address and ifIndex in sending routes down to zebra. In cases where only the global IPv6 address is present in the nexthop information, the existing code doesn't set the ifIndex. An example of such a case is when a route-map isused with "set ipv6 next-hop" and only global address is specified. This code causes the ifIndex to be determined and set thereby fixing the multipath programming. Signed-off-by: Dinesh G Dutt Reviewed-by: Shrijeet Mukherjee commit b8d1f713ba6bc91138debe9f895621b8f91a43c7 Author: Ayan Banerjee Date: Mon Nov 9 20:14:54 2015 -0500 bgpd: Enable support for BGP IPV6 multipath. This commit adds these two commands: maximum-paths <1-MULTIPATH_NUM> maximum-paths ibgp <1-MULTIPATH_NUM> under address-family ipv6 mode. In addition adding the ability to pass multiple paths down into zebra from bgp. Signed-off-by: Ayan Banerjee Signed-off-by: Dinesh G Dutt Reviewed-by: Scott Feldman commit 34c5d89fed6e8e91ae3cde478f1f4816d69bf09e Author: Ayan Banerjee Date: Mon Nov 9 20:14:53 2015 -0500 zebra: ipv6 multipath support This patch enables support for multipath for IPV6. The nexthop information from the protocols have ifindices and nexthop addresses in two different structures. This patch combines them to ensure that the correct APIs can be called. Also, given that IPV6 Linux implementation does not support the rta_XXX APIs for multipath, the communication with the kernel is in terms of a single nh/ifindex pair. Signed-off-by: Ayan Banerjee Signed-off-by: Dinesh Dutt Signed-off-by: Donald Sharp commit 6f235418ad911040c5a6252d11b05cef5984fd8e Author: Paul Jakma Date: Tue Apr 5 13:21:20 2016 +0100 zebra: *addattr should use size_t len args, quell signed v unsigned warning commit c7c5b02480a506c6d687bf0d3a0c2a7d3e7cfbf6 Author: Paul Jakma Date: Mon Apr 4 15:19:37 2016 +0100 vtysh: auto-generated vtysh_cmd.c file should depend on its creator commit 3b847ef4e81c6f1a5d4994680d530045765fd053 Author: Paul Jakma Date: Fri Apr 22 12:48:49 2016 +0100 bgpd: Squash spurious "unknown afi" log messages * bgp_packet.c: (bgp_update_receive) doesn't differentiate between NLRIs that are 0 AFI/SAFI cause they weren't set, and those because a peer sent a bogus AFI/SAFI, before sending sending what may be a misleading, spurious log message. Check the .nlri pointer is set and avoid this. Incorporating a suggestion from: G. Paul Ziemba commit 7f39242bf44c85bb651506214666b3ebdd78b928 Author: Paul Jakma Date: Wed Aug 24 15:53:36 2016 +0100 *: Remove C99ism, CI system runs builds with CFLAGS and compilers that barf commit 23cd586eac3cde789e02c13a1236a4fe33dfc5d9 Author: Paul Jakma Date: Wed Apr 6 14:03:33 2016 +0100 zebra: Update news with the status of link-detect and the global default commit 8f4269ddff1becca94687252b9571b096cb45b43 Author: Paul Jakma Date: Fri Sep 18 11:50:33 2015 +0100 zebra: Add command to configure default for link-state, and make it sticky * Provide a way for the user to specify their own preference for the default behaviour of link-detect, independent of the compiled in default. Add a global "default link-detect (on|off)" command to zebra, to set the default policy for link-detect accordingly. The command is "sticky" - when set it will stay set and always be written out, regardless of how it compares to the baked-in, compile-time default. The per-interface "link-detect" command is similarly made sticky. * zebra/interface.h: (zebra_if_linkdetect;) enum for link-detect configured state. (struct zebra_if_defaults) Global link-detect default (struct zebra_if) Add field for per-iface link-detect default. * lib/if.c: (if_create_vrf) Remove the default flag setting on if-create here, it's a zebra flag so do it in zebra's if_zebra_new_hook * zebra/interface.c: Add static storage for global defaults. (if_zebra_new_hook) Set the link-detect flag on new ifaces according to the baked in default or else the configured global default. (config_write_zebra_if_defaults,default_linkdetect_cmd) global link-detect command and config write out machinery. (linkdetect_cmd) Set the configuration state rather than the flag. The new hook will then set the interface flag when the if comes up. (if_config_write) Write config according to configured state, not the low-level flag. (zebra_if_init) add new commands. commit a6d400c9158b10207cde40a428ebf2c27f105c0a Author: Dinesh G Dutt Date: Fri Sep 18 08:32:56 2015 -0400 zebra: Set link-detect on by default Signed-off-by: Roopa Prabhu Reviewed-by: Dinesh G Dutt Reviewed-by: Scott Feldman Edited by Christian Franke: Fix OSPF Virtual Links Edited by Donald Sharp: Add NEWS notification Signed-off-by: Christian Franke Acked-By: paul@jakma.org commit 3bccb4f3df0530bb4d8961b0867ea04c1bca065f Author: Avneesh Sachdev Date: Fri Mar 11 12:21:26 2016 -0800 zebra: add developer test functions for FPM code Add test functions for the zebra code that interfaces with the Forwarding Plane Manager. These functions can be invoked in a development build via the recently-added 'invoke' command. For example: # invoke zebra function zfpm_dt_benchmark_protobuf_encode 100000 Changes: * zebra/zebra_fpm_dt.c Add the following functions. Each function encodes or decodes a route in a particular FPM format a specified number of times. - zfpm_dt_benchmark_netlink_encode() - zfpm_dt_benchmark_protobuf_encode() - zfpm_dt_benchmark_protobuf_decode() * zebra/Makefile.am Compile zebra_fpm_dt when building a development build. Signed-off-by: Avneesh Sachdev commit 7e4025cb65f79d584911042d3e19eee787b9115b Author: Avneesh Sachdev Date: Fri Mar 11 12:21:24 2016 -0800 build: support for "development build" * configure.ac Add the --enable-dev-build flag. It controls the DEV_BUILD define for autoconf and automake, which can be used to conditionally build in code that is only intended for development.. Signed-off-by: Avneesh Sachdev commit 6112d11a978af54f87ac55daa9e965d949cb0041 Author: Avneesh Sachdev Date: Mon Apr 4 10:54:59 2016 -0700 doc: add blurb on use of protobuf with FPM Add text about using protobuf as an alternative format for the FPM interface. Signed-off-by: Avneesh Sachdev commit 5779fda137803a4b1e534f6ba70781681baf3fda Author: Avneesh Sachdev Date: Mon Apr 4 10:54:58 2016 -0700 zebra: optionally use protobuf with FPM Change zebra so that it can optionally use protobuf serialization when communicating with a Forwarding Plane Manager component. * zebra/main.c Add the --fpm-format/-F command line option. This allows the user to control the format (protbuf|netlink) that is used to communicate with the FPM. * zebra/zebra_fpm.c - zebra_init_msg_format(), This new function is invoked on process startup to determine the FPM format that should be used. - zfpm_init() Change to accept any 'FPM message format' specified by the user (via the new command line flag). - zebra_encode_route() Tweak to use the selected FPM format. * zebra_fpm_protobuf.c New code to build protobuf messages to be sent to the FPM. * zebra/Makefile.am - Include common.am - Build new file zebra_fpm_protobuf.c when protobuf is available. - Link with the fpm_pb library. Signed-off-by: Avneesh Sachdev commit b8ae330cd3c65808044d344b24f0917b312c4fb9 Author: Avneesh Sachdev Date: Thu Jul 14 09:59:30 2016 -0700 Use only the ISC license for .proto files. Simplify licensing for protobuf files based on discussion on the quagga-dev mailing list. Previously, users could choose between the GPL and the ISC license. Signed-off-by: Avneesh Sachdev Signed-off-by: Avneesh Sachdev commit ef20ef7de9fe52931e7a5ce07b8228e87f7f52b6 Author: Avneesh Sachdev Date: Mon Apr 4 10:54:57 2016 -0700 fpm: Add protobuf support for FPM. Code that allows a client to convey routes to a Forwarding Plane Manager component using protobuf instead of netlink.. * fpm/fpm.proto Protobuf definitions pertaining to the Forwarding Plane Manager. In particular, this file defines the AddRoute and DeleteRoute messages. * fpm/fpm.h Tweak FPM message header definition to also allow messages to be encoded in protobuf format. * fpm/{fpm_pb.h,.gitignore,.Makefile.am} Add the fpm_pb library, which contains code for interfacing with the FPM using protobuf. * configure.ac Generate fpm/Makefile. * Makefile.am Add fpm subdirectory to build. * common.am Add flags to be used by clients of the fpm_pb library. Signed-off-by: Avneesh Sachdev commit b2624487659d8148ca253147fd7e63560a439c8b Author: Avneesh Sachdev Date: Mon Apr 4 10:54:56 2016 -0700 build: turn off automake portability warnings Modify configure.ac to disable portability warnings for automake -- our automake code (in particular common.am) uses some constructs specific to gmake. Signed-off-by: Avneesh Sachdev commit 07e5b645059167a37ccf1079a125114339c0df9e Author: Avneesh Sachdev Date: Mon Apr 4 10:54:55 2016 -0700 qpb: Add support for protobuf. Infrastructure that allows protocol buffers to be used in Quagga. The changes below comprise of: - Build hooks - Protobuf definitions for common types. - Library routines for working with protobuf, including functions that help translate between common quagga types and their protobuf equivalents. Changes: * qpb/{Makefile.am,README.txt,qpb.h,.gitignore} Add the qpb library, which provides shared code and definitions for using protocol buffers in quagga code. * qpb/qpb.proto Protobuf definitions that can be shared by all of quagga. * qpb/linear_allocator.h An allocator that allocates memory by walking down towards the end of a buffer. This is used to cheaply allocate/deallocate memory on the stack for protobuf operations. * qpb/qpb_allocator.[ch] Thin layer that allows a linear allocator to be used with the protobuf-c library. * common.am This is an automake fragment that is intended to be shared by Makefile.am files in the tree. It currently includes definitions related to protobuf. * configure.ac - Add logic to optionally build protobuf code. By default, protobuf support is enabled if the protobuf C compiler (protoc-c) is available, and the associated header files/library can be found. The user can choose to override this behavior via the new --disable-protobuf/--enable-protobuf flags. - Include the quagga protobuf library (qpb) in the build. * .gitignore Ignore source code generated by protobuf compiler. * Makefile.am Add 'qpb' to the list of subdirectories. Signed-off-by: Avneesh Sachdev Edited: Paul Jakma : Change the sense of the configure enable option to require explicit specifying, as an experimental feature. commit cbd976b54d51fea2f3d532e8d5aac66d6294acc2 Author: Paul Jakma Date: Fri Feb 26 10:34:01 2016 +0000 HACKING: Document how to add standard copyright claims to files * (REQUIRED READING) Copyright claims may be documented in the standard way, with a "Copyright ..." line near the beginning of the file. Incorporating suggestions and refinements from: Lou Berger commit 57439bf2dd0e2aa9c5a4c95919503dae1e360a19 Author: Paul Jakma Date: Fri Feb 5 14:46:58 2016 +0000 HACKING: New code _MUST_ use a bounded-buffer in handling untrusted data. * Guidelines: New code must use a bounded-buffer abstraction that provides at least some level of sanity checks on accesses. Direct pointer twiddling based on untrustable buffers is not generally acceptable in new code in Quagga. Tested-by: NetDEF CI System commit d1aa80f04d12c096b10ba0862edbe6c30b5f7ebb Author: Paul Jakma Date: Tue Jan 26 14:00:12 2016 +0000 HACKING: Note that "Signed-off-by" not used for authorship/rights info * "Signed-off-by" is overloaded, and possibly not even well understood. As per the text, it should not be used to indicate authorship or other rights information, within Quagga. commit d3cf6c689a64ab83ba574e7df2472129603f1875 Author: Paul Jakma Date: Tue Jan 26 14:00:11 2016 +0000 HACKING: Add required reading section & commit should give full rights details * HACKING.tex: (COMMIT MESSAGES) It's pretty critical that commit messages give all the detail required to figure out what authorship/copyright claims might come into play. (REQUIRED READING) Add a section on what people are implicitly agreeing to when they contribute. It's fairly obvious, common sense stuff. Spell it out though. Note that COMMIT MESSAGES are also required reading. (Cover page) Draw attention to REQUIRED READING. A previous version was: Acked-by: Vincent Jardin commit 2f6aa36e8d72d712738fad2c53ab95f7fcbefc61 Author: Paul Jakma Date: Tue Jan 26 14:00:10 2016 +0000 HACKING: Fix internal section links Seems when pandoc converts tex to markdown it doesn't output internal reference links in a format it recognises itself. Fix. commit 3affb6c04881f99aafbbb12de76bdde1dbea0408 Author: Paul Jakma Date: Tue Jan 26 14:34:41 2016 +0000 HACKING: Update HACKING with anything relevant from pending and prune * HACKING.md: Add USEFUL URLs section, add link to patchwork * HACKING.pending: Prune out stuff moved to HACKING or well out of date or unreachable. Tested-by: NetDEF CI System commit f458d88e57e982e8f00a3d2db35a2c6e0bb331fa Author: David Lamparter Date: Tue May 24 18:58:09 2016 +0200 bgpd: ditch unused bgp_node_*() functions Signed-off-by: David Lamparter Tested-by: NetDEF CI System commit 584083d50511e19b228cce1e4a1cbcb28fae6b49 Author: David Lamparter Date: Tue May 24 18:58:08 2016 +0200 bgpd: divorce router-id logic from CLI & zebra Logic for determining the router-id was spread out over bgp_zebra.c and bgp_vty.c. Move to bgpd/bgpd.c and have these two call more properly encapsulated functions. Signed-off-by: David Lamparter commit dfb9bd7aaadc2f5abb9bc9aecbd73b9d8b3a788c Author: David Lamparter Date: Tue May 24 18:58:07 2016 +0200 bgpd: minor header/API clean up Adds "const" on: - peer_update_source_addr_set() - peer_description_set() Adds parameter names on: - bgp_timers_set() (really confusing, this one, with 2 unexplained args of same type) Adds new setter: - peer_afc_set(), calling peer_activate/peer_deactivate. (intended for API consumers, matches peer->afc) Signed-off-by: David Lamparter commit 4afa3ddd17464ecce91b6ed9df27b1231fb3e939 Author: Philippe Guibert Date: Tue May 24 16:52:02 2016 +0200 bgpd: Add new configuration cli for graceful restart. There is support to configure graceful restart timer. This is the time to wait to delete stale routes before a BGP open message is received. bgp graceful-restart restart-time <1-3600> no bgp graceful-restart [<1-255>] * bgpd/bgp_vty.c * Define command strings for above CLI * bgpd/bgpd.c * bgp_config_write(): Output graceful restart-time configuration Signed-off-by: Philippe Guibert Tested-by: NetDEF CI System commit d83b8d6d73021815a87e000c50863a105af80226 Author: Lou Berger Date: Tue May 17 07:10:41 2016 -0400 lib: add AF_ETHERNET/AFI_ETHER commit ee5fbe26f2b7561457a1d0c8b5ce72b512638cb0 Author: Lou Berger Date: Tue May 17 07:10:38 2016 -0400 lib: dump memory stats on core commit b8cb7c3fd44cfd0781a5e80a369ecb19eee9a4a7 Author: Lou Berger Date: Tue May 17 07:10:33 2016 -0400 lib: fix memory leak in zprivs_caps_init commit 93b493a2b010df4f67c7173c0928c8f86d9e1aa2 Author: Igor Ryzhov Date: Wed May 11 15:26:39 2016 +0300 bgpd: fix wrong help strings of "match peer" and "no match peer" commands Signed-off-by: Igor Ryzhov Tested-by: NetDEF CI System commit 49c370b74df11832239408f68119bd0a0a19a6e8 Author: Colin Petrie Date: Wed May 11 11:56:58 2016 +0200 bgpd: fix MRT table dumps for locally-originated routes I've been working on a small patch to correct an issue in the BGP MRT table dump code. It's a quick'n'easy fix initially, and I'd appreciate any feedback on making it better :) Issue: When the BGP table dump code runs, it generates the peer_index_table. This walks the list of peers, and dumps out their IP, ASN, address family, etc. It also sets the peer index number in the peer struct. Then the code walks the RIB, and for each prefix, writes out RIB entries, that refer to the peer index number. However, when it finds prefixes that are locally originated, the associated peer is the 'self' peer, which wasn't in the list of peers, never gets an index number assigned, but because it is calloc'd, the index number is set to 0. End result: locally-originated routes are associated with whichever peer happens to be first in the list of remote peers in the index table :) Example (from one of our route collectors) - these are two of our originated prefixes (bgpdump output): TABLE_DUMP2|1457568002|B|12.0.1.63|7018|84.205.80.0/24||IGP|193.0.4.28|0|0||NAG|64512 10.255.255.255| TABLE_DUMP2|1457568006|B|12.0.1.63|7018|2001:7fb:ff00::/48||IGP|::|0|0||NAG|| The prefixes are announced by us (note it has an empty AS PATH (the field after the prefix)) but also looks like it was received from AS7018 (12.0.1.63). In fact, the AS7018 peer just happens to be the first peer in the index table. Fix: The simplest fix (which is also the method adopted by both OpenBGPd and the BIRD mrtdump branch) is to create an empty placeholder 'peer' at the start of the peer index table, for all the routes which are locally originated to refer to. I've attached a patch for this. Here's a resulting bgpdump output after the patch: TABLE_DUMP2|1458828539|B|0.0.0.0|0|93.175.150.0/24||IGP|0.0.0.0|0|0||NAG|| Now it is more obvious that the prefix is locally originated. There are more complicated potential ways of fixing it 1) skip the local routes when dumping the RIB. This leads to questions about what an MRT table dump *should* contain :) 2) include the 'self' peer in the list of peers used to generate the index table. etc etc. But I'm quite happy with my 'create a fake peer, and associate local routes with it' method :) Your thoughts and feedback are welcome! Regards, Colin Petrie Systems Engineer RIPE NCC RIS Project Tested-by: NetDEF CI System commit 06de82eaeb11a1c84798cc222af77cdb07af2e4e Author: Jafar Al-Gharaibeh Date: Mon May 9 15:18:56 2016 -0500 pimd: send pim prune via correct interface when rpf upstream interface for a source changes When the rpf upstream interface for a joined source changes, a prune was being sent out the new rpf upstream interface that was intended for the old upstream router. The prune should be sent out the old rpf upstream interface so that the old route for the multicast source is pruned. Reviewed-by: Jafar Al-Gharaibeh Signed-off-by: Taylor Bouvin Tested-by: NetDEF CI System commit 220355df533f9c127c32de296513fae180c1568d Author: Andrej Ota Date: Mon May 9 20:49:01 2016 +0200 bgpd: fix BGP IPv6 route map error BGP refactoring in commit f3cfc46450cccc5ac035a5a97c5a1a5484205705 introduced an error which broke route map processing for IPv6 where AFI_IP was used instead of AFI_IP6. This patch fixes the typo. Signed-off-by: Andrej Ota Tested-by: NetDEF CI System commit 0ffd69a9bf58ab2e0105336f10753293230a4360 Author: Paul Jakma Date: Wed Aug 3 15:22:39 2016 +0100 doc: Add isisd.texi to quagga_TEXINFOS so it gets in dist tarball commit 3676cb0c029c8f8f06ab703dd441c1e23e5ef333 Author: Paul Jakma Date: Fri Jul 29 13:39:37 2016 +0100 *: Remove some for statement declarations We generally require C99. Some compilers, e.g. gcc, barf on 'for' statement declared variables, if std={gnu,c}99 or higher is not given - even while seemingly accepting other C99 constructs. As it's trivial, remove these. commit 481986950290323e2f5d1e774a666d4b7ed510d6 Author: Olivier Dugeon Date: Tue Apr 19 19:21:17 2016 +0200 ospfd: Add support Router Capabilities support to OSPF This is an implementation of RFC4970 (Router Information) and RFC5088 (PCE Capabilities announcement) * ospfd/Makefile.am: Add new file ospf_ri.c and ospf_ri.h * ospfd/ospf_opaque.c: Add new Router Capabilities code point * ospfd/ospf_ri.[c,h]: Implementation of RFC4970 & RFC5088 Signed-off-by: Olivier Dugeon commit ec04b9faf9ec55ccf7d5bb16cf17a85051fc8270 Author: Olivier Dugeon Date: Tue Apr 19 19:18:18 2016 +0200 doc: Update documentation for Traffic Engineering Signed-off-by: Olivier Dugeon commit 4f593574c41deb598cbbefde5c6d938799e81d5a Author: Olivier Dugeon Date: Tue Apr 19 19:03:05 2016 +0200 isisd: Add support of Traffic Engineering These patches is an implementation of RFC5305 that enable the support of Traffic Engineering in IS-IS * isisd/Makefile.am: Add new files isis_te.c and isis_te.h * isisd/isis_circuit.[c,h]: Add new mpls_te_circuit structure to isis_circuit structure to handle new Traffic Engineering TLVs * isisd/isis_lsp.c: Update LSP handler to mux/demux Traffic Engineering TLVs * isisd/isis_main.c: Add initialisation of ISIS TE * isisd/isis_pdu.c: Update function process_p2p_hello() to retrieve remote IP address to populate Traffic Engineering TLV. * isisd/isis_te.[c,]: Implementation of RFC5305 * isisd/isis_tlv.[c,h]: Update TLV definition and function to handle Traffic Engineering ones * isisd/isis_zebra.c: Add new function isis_zebra_link_params() to retrieve the link parameters of interfaces from ZBus to populate the Traffic Engineering TLVs * isisd/isisd.[c,h]: Add Traffic Engineering support with new debug command Signed-off-by: Olivier Dugeon commit 29a1401706a762541b366c7844507efe2bc1345d Author: Olivier Dugeon Date: Tue Apr 19 18:42:40 2016 +0200 ospfd: Update Traffic Engineering support These patches update original code to RFC3630 (OSPF-TE) and add support of RFC5392 (Inter-AS v2) & RFC7471 (TE metric extensions) and partial support of RFC6827 (ASON - GMPLS). * ospfd/ospf_dump.[c,h]: Add new dump functions for Traffic Engineering * ospfd/ospf_opaque.[c,h]: Add new TLV code points for RFC5392 * ospfd/ospf_packet.c: Update checking of OSPF_OPTION * ospfd/ospf_vty.[c,h]: Update ospf_str2area_id * ospfd/ospf_zebra.c: Add new function ospf_interface_link_params() to get Link Parameters information from the interface to populate Traffic Engineering metrics * ospfd/ospfd.[c,h]: Update OSPF_OPTION flags (T -> MT and new DN) * ospfd/ospf_te.[c,h]: Major modifications to update the code to new link parameters structure and new RFCs Signed-off-by: Olivier Dugeon commit ac10d30c03091eace3c0405aa8ccb7d3c09e7bd2 Author: Olivier Dugeon Date: Tue Apr 19 18:33:42 2016 +0200 vtysh: Add support of new link-params CLI In vtysh_config.c/vtysh_config_parse_line(), it is not possible to continue to use the ordered version for adding line i.e. config_add_line_uniq() to print Interface CLI commands as it completely break the new LINK_PARAMS_NODE. Signed-off-by: Olivier Dugeon commit 15773a87ce652da5b02ca14dc0088408899ea007 Author: Olivier Dugeon Date: Tue Apr 19 18:29:55 2016 +0200 zebra: Add link parameters support to Zebra * zebra/interface.c: - Add new link-params CLI commands - Add new functions to set/get link parameters for interface * zebra/redistribute.[c,h]: Add new function to propagate link parameters to routing daemon (essentially OSPFD and ISISD) for Traffic Engineering. * zebra/redistribute_null.c: Add new function zebra_interface_parameters_update() * zebra/zserv.[c,h]: Add new functions to send link parameters Signed-off-by: Olivier Dugeon commit ae51c9d510fb7d9cc41ead8803af916c1f4b34ca Author: Olivier Dugeon Date: Tue Apr 19 16:21:46 2016 +0200 lib: Add new if_link_params structure This new structure is the basis to get new link parameters for Traffic Engineering from Zebra/interface layer to OSPFD and ISISD for the support of Traffic Engineering * lib/if.[c,h]: link parameters struture and get/set functions * lib/command.[c,h]: creation of a new link-node * lib/zclient.[c,h]: modification to the ZBUS message to convey the link parameters structure * lib/zebra.h: New ZBUS message * lib/memtypes.c: Add new memory type for Traffic Engineering support Signed-off-by: Olivier Dugeon commit 7e49a4f99273858887806c6251d958e1e664bedf Author: Paul Jakma Date: Tue Aug 2 13:36:03 2016 +0100 build: Test for features.h and move include to lib/zebra.h * configure.ac: Check for features.h, which is needed to get Clang to define __STDC_IEC_559__. * lib/{stream.c,zebra.h}: move the features.h include to zebra.h, so lib/network.c also gets it. commit a3b161bb72d7fdb58e79afd0f706849601f77fe2 Author: Paul Jakma Date: Mon Aug 1 15:13:58 2016 +0100 lib: IEC559 tests are fragile, reduce to warning rather than error. * {network,stream}.c: Weaken the compile time tests for IEEE754 / IEC-559 binary floating point format from an error to a warning when not detected. I can't think of any platforms that are not IEEE-754 format, and as the testing for the defines appears to be fragile (often not set) the error just gives false positives. Even the warnings may be too much. Those should probably be moved to some configure test. Will do for now though, to fix compilation on CentOS and some BSDs. commit 4359501e1a427159c9b49f3041889837aaaf2eb3 Author: Paul Jakma Date: Tue May 19 18:50:49 2015 +0100 lib: consolidate ntohf/htonf from ospfd/isisd TE to lib/network * lib/network.{c,h}: Consolidate the ntohf/htonf functions used in ospfd TE to here, using the value-passing variant that fits with existing ntoh/hton functions. * ospfd/ospf_opaque.c: Remove its variants. * ospfd/ospf_te.c: Update to use the consolidated, by-value variant. commit d41e7b975b901f109608471b77c46718c1fb5b45 Author: Paul Jakma Date: Tue May 19 15:38:43 2015 +0100 lib/stream: add float/double <-> IEEE-754 single/double mux/demuxers * stream.{c,h}: Add stream_get{f,d} and stream_put{f,d}) demux and muxers to safely convert between big-endian IEEE-754 single and double binary format, as used in IETF RFCs, and C99. Implementation depends on host using __STDC_IEC_559__, which should be everything we care about. Should correctly error out otherwise. Thanks to Aidan Delaney and Olivier Dugeon for pointing out the __STDC_IEC_559__ macro. Update: GCC does not per se set __STDC_IEC_559__, so also test for __GCC_IEC_559 >= 1. commit 581ecbfe91d23791c116a8e3790208a17c1a5983 Author: Christian Franke Date: Tue May 3 19:59:43 2016 +0200 zebra: count iface up/down events and keep last time of their occurrence It is quite useful to be able to assert whether specific interfaces have flapped or also to verify that specific interfaces have not flapped. By having counters for those events and storing the last time of their occurrence, this is made possible. Signed-off-by: Christian Franke Tested-by: NetDEF CI System commit 00667cea1fbd088900f7909f2044da2a7e26270d Author: Christian Franke Date: Tue May 3 19:59:42 2016 +0200 lib: add event_counter Signed-off-by: Christian Franke commit 880e31ca2d8a8a8fcbc28bfeac9bd13fc76dd2c1 Author: Christian Franke Date: Tue May 3 19:59:40 2016 +0200 lib: use constant to replace magic value for length of quagga_timestamp Signed-off-by: Christian Franke commit 2ab67a7591d7693bb726dd82795017c8c3f52d99 Author: Pawel Wieczorkiewicz Date: Fri Apr 1 12:54:38 2016 +0200 build: detect and create AM_SILENT_RULES macro if needed Older libs have problem with that: configure.ac:17: warning: macro `AM_SILENT_RULES' not found in library ... configure.ac:24: error: possibly undefined macro: AM_SILENT_RULES Tested-by: NetDEF CI System commit 811577eaede8b6a7ea6ba3731c82eed1c4d07500 Author: Donald Sharp Date: Thu Mar 10 20:16:48 2016 -0500 lib: Remove unnecessary parentheses The freebsd compiler complains that there is an extra set of ()'s around the if statement. Signed-off-by: Donald Sharp commit 985c3556921fa669f86fe5e62130fbeb93d94ca9 Author: Donald Sharp Date: Thu Mar 10 20:16:47 2016 -0500 bgpd: Fix code path that leads to uninitialized variables subtype and sublength are not initialized and if on Line 1877 BGP_ATTR_ENCAP != type we will not set subtype and sublength, but these variables are used immediately below that if statement. This issue was discovered via the freebsd compiler. Signed-off-by: Donald Sharp commit 54406ac4c6883725f8a337bdc4f15fb015926b0f Author: Donald Sharp Date: Fri Mar 4 15:28:57 2016 -0500 lib: Refactor thread_process_fd thread_process_fd is looping over the read and write fd's separately. There is no need to do this individually. loop over both the read and write fdset's at the same time. This will improve select processing performance, especially for large data sets. Signed-off-by: Donald Sharp commit 1ad00b07a10eb8b3f5c94348488735fb08f28717 Author: Donald Sharp Date: Wed Jul 13 11:02:38 2016 -0400 lib: Fix regression in thread.c * Fix regression introduced with merging of 'lib: Refactor read/write functionality' commit e0b8324deb490c52834775d2b805cbb57e003ce0 Author: Donald Sharp Date: Fri Mar 4 15:28:56 2016 -0500 lib: Refactor read/write functionality Both the read and write functions used the same code slightly modified for reading and writing. Combine this code together. Signed-off-by: Donald Sharp Edited-by: Paul Jakma to retain the external library symbols, for ease of merging. commit 19be18a929c3afa343ac5435dba25f522e294d9b Author: Donald Sharp Date: Fri Mar 4 15:28:55 2016 -0500 lib: Abstract fd set operations Abstract FD set operations so that we can eventually choose what type of select/poll operation that we want to use. Signed-off-by: Donald Sharp commit 6bcee414a487024e7865fb29d4e583870406d914 Author: David Lamparter Date: Sat Mar 12 19:58:09 2016 +0100 lib: fix MIN/MAX macros to not double-eval cf. https://gcc.gnu.org/onlinedocs/gcc/Typeof.html (Works on all compilers on Quagga's compiler support list in doc/overview.texi) Signed-off-by: David Lamparter Tested-by: NetDEF CI System Acked-by: Donald Sharp commit 921936652359fe72728eb196aa9107310f02a4d4 Author: Paul Jakma Date: Thu Jun 16 15:53:26 2016 +0100 lib: keep hash of node's commands to detect duplicate installs * command.h: (struct cmd_node) Add a hash, so duplicate installs of a cmd_element to a command node can be detected. To help catch strays from the VIEW/ENABLE node consolidation particularly (installs to VIEW automatically install to ENABLE too now). * command.c: (cmd_hash_{key,cmp}) helpers for the hash - just directly on the pointer value is sufficient to catch the main problem. (install_node) setup the hash for the command node. (install_element) check for duplicate installs. The assert on the cmd_parse_format seems misplaced. (install_default_basic) separate the basic, VIEW, node default commands to here. (cmd_init) get rid of dupes, given consolidation. (cmd_terminate) clean up the node command hash. Not done: The (struct cmd_node)'s vector could be replaced with the cmd hash, however much of the command parser depends heavily on the vector and it's a lot of work to change. A vector_lookup_value could also work, particularly if vector could be backed by a hash. The duplicate check could be disabled in releases - but useful in development. It's a little extra overhead at startup. The command initialisation overhead is already something that bites in micro-benchmarks - makes it easy for other implementations to show how much faster they are with benchmarks where other load is low enough that startup time is a factor. commit 41de629c1fe88f9ea95d0400af6896f3c84a0dff Author: Christian Franke Date: Tue May 3 19:59:41 2016 +0200 lib: add api method to read current config path Signed-off-by: Christian Franke commit 68b45cc592d5d61e748e8d99ec9f84e63aa73213 Author: Donald Sharp Date: Fri Mar 11 14:27:13 2016 -0500 *: Consolidate all double VIEW_NODE and ENABLE_NODE's If a command is put into the VIEW_NODE, it is going into the ENABLE_NODE as well. This is especially true for show commands. As such if a command is in both consolidate it down to VIEW_NODE. Signed-off-by: Donald Sharp commit b9ac2f320922542e0320ceeced4aa7264564e98a Author: Donald Sharp Date: Fri Mar 11 14:27:12 2016 -0500 lib: Consolidate VIEW_NODE to be ENABLE_NODE as well If you are in VIEW_NODE, the command should exist in ENABLE_NODE as well. This is being done to reduce chances of code being added to one but not the other NODE. Signed-off-by: Donald Sharp commit 4ab273bb60606ed681bee1be6fb2c8bb31dc26a7 Author: Denil Vira Date: Fri Mar 4 15:28:54 2016 -0500 lib: Replace lists with arrays to store read and write threads With arrays, a thread corresponding to given fd is looked up in constant time versus the linear time taken for list traversals. Signed-off-by: Denil Vira Signed-off-by: Donald Sharp commit 0744040564ece3f4b9fe39fcf857e466a5f68a72 Author: Donald Sharp Date: Thu Feb 25 07:39:45 2016 -0500 vtysh: Add ability to only look at one processes work queue When examining performance information it is nice to not have to look at daemons who you are not interested in. Signed-off-by: Donald Sharp Reviewed-by: Don Slice Tested-by: NetDEF CI System commit 23757db11c5378521b7948847e17691f4fc35e0a Author: David Lamparter Date: Wed Feb 24 06:26:02 2016 +0100 *: get rid of "MTYPE 0" A few places are using 0 in place of the MTYPE_* argument. The following rewrite of the alloc tracking won't deal with that, so let's use MTYPE_TMP instead. Signed-off-by: David Lamparter Acked-by: Donald Sharp commit 7bd31774cf2c1cfaf74bca87f57f698e20a07e65 Author: kitty Date: Thu Feb 18 21:33:40 2016 -0800 ospfd: fix non-zero metric when describing loopback addresses Fixes Quagga Bugzilla #842 Change-Id: Iff33d70089d1393bf3e9c757d9e9faf134699121 Signed-off-by: kitty Tested-by: NetDEF CI System Acked-by: Donald Sharp commit 47dd9af50d7fcf3ea25ebb8c8c4e9c4726a072f6 Author: David Lamparter Date: Tue Feb 16 19:50:16 2016 +0100 build/pimd: remove special shell scripts Signed-off-by: David Lamparter Tested-by: NetDEF CI System commit 8b3ab1f1c8172ff7c77b382b6636c8e8314d7ebc Author: David Lamparter Date: Tue Feb 16 19:50:15 2016 +0100 isisd: fix assert warning icc (the Intel C Compiler) "knows" that assert() can be disabled by setting specific optimisation flags, and therefore emits a warning about missing a return value after an "always-error" assert. Workaround by returning a value - this probably needs discussion and a better fix (for all places where the code needs to abort due to internal errors). Signed-off-by: David Lamparter commit d869dbd03b4d75d512552d07ed8fbe0807272a9c Author: Udaya Shankara KS Date: Thu Feb 11 21:42:29 2016 +0530 zebra: Enable fpm module to connect to remote fpm server FPM aims to provide cross platform mechanism to support the scenario where the router has forwarding path distinct fromt the kernel.Commonly Hardware based fast path.Hence it is non-configurable paramter.This limits us to use funcationality to update FIB information to remote hosts, like SDN controller. This implementation provides the CLI to configure remote hosts and port information of remote fpm controller.Otherwise default fpm server will be localhost and default fpm port will be well know port 2620. * zebra_fpm.c: added fpm_server paramter to zfpm_global_t handler. Implemented CLI for configuring the fpm server and no fpm command to revert back to default configuration. * zserv.c: Install zebra node to write fpm configuration info on console/config file. Further documentation supplied: ------------------------------- ZEBRA : CLI CONFIGURATION FOR FPM MODULE ======================================================== 1. INTRODUCTION ================================ 1.1 scope This memo discusses the configuration option for zebra to update FIB information to local and remote modules. This will also helps to address the issue associated with CORD project. https://jira.onosproject.org/browse/CORD-411 2. REFERENCE ================================ Quagga version 99.24+ ( main branch committed on 29-sep-2015) 3. PROBLEM DESCRIPTION ================================ Once FPM is enabled, Quagga periodically tries to initiate fpm connection to localhost:2620. These values are non configurable in existing implementation. There is no CLI available to configure "host:port". hence limits us to use it for hardware based fast path modules only. 4. PROPOSED CHANGES ================================ Following changes are done to the quagga code a) Added new CLI to configure "host address : port". The CLI format $ fpm connection ip port and no fpm command to revert back to default $ no fpm connection ip port b) Allowed values are ipv4 address and tcp port range <1-65535> c) FPM initialization code has been enhanced to pick the "host address : port" values from zebra.conf. if not found then default values as localhost:2620 will be used. and updated the information on to config file on write config command 5. FILES MODIFIED ================================ 1) fpm/fpm.h : a) Added MACRO to represent network order loopback ip 2) zebra/zebra_fpm.h : a) introduced fpm_server variable in zfpm_glob_t handler to hold the remote fpm server address b) Hooked 'fpm_remote_ip_cmd' and 'no_fpm_remote_ip_cmd' at CONFIG node to configure remote fpm detail and to revert back to default respectively 3) zebra/zserv.c : a) Hooked 'config_write_fpm' callback function, at ZEBRA_NODE to display the fpm connection details on console on entering command $ show running_config and to write to configuration file on entering command $ write config 6. TESTING DETAILS ================================ 6.1. default behavior In default configuration FPM will attempt to connect to localhost:2620 6.2. update fpm info a) Using CLI command user can configure fpm host:port details and can be able to write to config file(zebra.conf) using write config command. this parameters has no dependency/impact on other parameters of config file b) show running-config/write config will display the fpm information if configured. and will not display any information related to fpm for default configuration c) these configured information will be stored to config file. only on write config command. 6.3 loading from config file a) zebra attempts to connect to fpm server if fpm parameter found in config file.else connects to default parameters. b) if fpm connection drops, fpm will periodically attempts to connect to remote server. c) if fpm connections already established. then newly configured fpm parameters will not disconnect the existing connection. new connection to the different fpm server will happen only after existing connection closes by either of the end. commit 9da9a61e2f8afb61aa31c17fb810169290bf96ee Author: Donald Sharp Date: Tue Feb 2 21:11:40 2016 -0500 config: Remove unused library check configure.ac is looking for the setproctitle library, which while it might be useful, we never call setproctitle or any other function that the library might expose. Signed-off-by: Donald Sharp Tested-by: NetDEF CI System commit 071cfcd2e315499f0a4fa8c23779468eacc20033 Author: Donald Sharp Date: Tue Feb 2 21:02:42 2016 -0500 bgpd: Removed unused variable from 'struct attr_extra' The mp_nexthop_local_in variable is never used. Remove it from the code base. Signed-off-by: Donald Sharp Tested-by: NetDEF CI System commit 9514fee4b37a9043738aa16ca8684993a1b572ad Author: Donald Sharp Date: Tue Jan 26 11:44:14 2016 -0500 bgpd, ripngd, zebra: Remove duplicate PSIZE define The PSIZE macro is defined the same in multiple places. Remove the duplicates. Signed-off-by: Donald Sharp Tested-by: NetDEF CI System commit 3c964045459f66921f8a3dc33fe4c028e6b0b141 Author: Donald Sharp Date: Mon Jan 25 23:38:53 2016 -0500 bgpd: Fix 'show bgp ipv4 vpnv4 statistics' cli. When attempting to use the 'show bgp ipv4 vpnv4 statistics' cli, the safi choosen is BGP_MPLS_LABELED_VPN which is #defined to 128. The afi/safi combination is fed to bgp->rib, which limits the size of the safi to BGP_SAFI_MAX which is #defined to 5. The correct value to use is BGP_MPLS_VPN The bgp code differentiates between the actual safi value for BGP_MPLS_LABELED_VPN used defined by RFC 4364, to a internal SAFI value used to limit array size. Signed-off-by: Donald Sharp Tested-by: NetDEF CI System commit 687bea20fa61d8fc7cf48c0b227f16d0b324778c Author: Donald Sharp Date: Mon Jan 25 14:56:26 2016 -0500 lib: Allow zclient do-over of connect on initial attempt When a protocol is attempting to connect to the zebra daemon through it's socket. If the inital attempt fails, give it a few more attempts before giving up and leaving the daemon in a bizarre state. This problem was found by Ashley Penney, and Ashley was of immense help in debugging and testing the fix for this issue. Signed-off-by: Donald Sharp Tested-by: Ashley Penney Tested-by: NetDEF CI System commit 9145f0e4cf776bd3156620da6c8a772fee4d4383 Author: Balaji Date: Wed Jan 20 22:59:27 2016 +0530 bgpd: Addition of bgp dampening configuration commands under IPv4/multicast Signed-off-by: Balaji Gurudoss Tested-by: NetDEF CI System commit 9c52caeaf40e32701ff79a721f0fee52cfcbd77c Author: Balaji Date: Wed Jan 20 22:59:26 2016 +0530 bgpd: Addition of dampening show commands under v4 unicast/multicast tree Patch contains addition of show ip bgp ipv4 (unicast| multicast) dampening tree. Signed-off-by: Balaji Gurudoss commit df2ef24fb73c83a6e733be9eb8cac3e0df8467f8 Author: Matthieu Boutier Date: Wed Sep 10 16:50:45 2014 +0200 lib: Make distribute.c accepts both v4 and v6. distribute.c doesn't allow to manage both v4 and v6 distribute lists. This patch fix this problem by having 4 DISTRIBUTE* values in the enumeration instead of two. The code in all daemons using distribute.c is adapted. commit 543e791be9257e60d4d02abd0cdac7337a31636a Author: Matthieu Boutier Date: Wed Sep 10 16:50:44 2014 +0200 ripngd: code simplification for redistribution. Use loops and variables instead of doing each cases by hand. Use boolean instead of having 2 almost identical functions. commit fafa899b4e84c7b9fd07b076517744d9351aaa6b Author: Matthieu Boutier Date: Wed Sep 10 16:50:43 2014 +0200 ripd: code simplification for redistribution. Use loops and variables instead of doing each cases by hand. Use boolean instead of having 2 almost identical functions. commit 2074d6752d1dafcd6511677e2bdc9bbe0b73c388 Author: Matthieu Boutier Date: Wed Sep 10 16:50:42 2014 +0200 lib: simplify distribute.c's code. Use loops and variables instead of doing each cases by hand. Use static functions instead of rewriting code. commit a3936d04942795bb92f04fefd25957c327e31c20 Author: Boian Bonev Date: Wed Jun 25 20:26:44 2014 +0300 bgpd: add aspath_aggregate_mpath that preserves path length Issue - when two aspaths are aggregated the result will be with different length if the two paths do not share common prefix. E.g.: aggregation of 100 101 400 500 and 200 201 400 500 currently will result in {100,101,200,201,400,500} which is of much shorter length and is not ok to be readvertised becase may create shortest path on the internet and cause infinite flapping. aspath_aggregate_mpath will construct the followin path for the above example: {100,200} {101,201} 400 500 Signed-off-by: Boian Bonev patchwork #994: http://patchwork.quagga.net/patch/994/ commit 6184c39e27d4b6f3721b8c4dc3df1b968e09606a Author: Roman Hoog Antink Date: Mon Mar 17 14:01:42 2014 +0100 bgpd: implement admin distance Until today the admin distance cannot be configured for any IPv6 routing protocol. This patch implements it for bgp. Signed-off-by: Maitane Zotes patchwork #993: http://patchwork.quagga.net/patch/993/ commit d8f7f86a64842fcc6200c2fa4f560b9aa7a279bb Author: Roman Hoog Antink Date: Wed Mar 5 09:13:43 2014 +0100 ospf6d: implement admin distance Until today the admin distance cannot be configured for any IPv6 routing protocol. This patch implements it for ospf6. Signed-off-by: Maitane Zotes commit a0a661f982c4a9726573faf28817d77d3e7cdad5 Author: boris yakubov Date: Fri Apr 26 14:38:34 2013 -0400 isisd: Segmentation fault on isis daemon fixes I have a fix for 2 segmentation fault scenarios on the isis daemon: 1. When running a command "isis passive" on an interface in the following context: "end" "configure terminal " "interface dummy0" "isis passive" The trace back collected: isis_adjacency.c:521 family=2, root_sysid=0x20aee6d0 "", parent=0x20af4d68) at isis_spf.c:999 sysid=0x20aee6d0 "") at isis_spf.c:1217 isis_spf.c:1372 isis_lsp.c:416 isis_lsp.c:1660 isis_main.c:368 The fix location: file name: isisd/isis_adjacency.c routine name: isis_adj_build_up_list 2. When deleting the existing isis router instance: "end" "configure terminal " "no router isis DEAD" The fix location: isisd/isis_events.c, routine circuit_resign_level isisd/isis_lsp.c, routine lsp_destroy isisd/isis_route.c, isis_route_validate The trace back collection: "DEAD") at isisd.c:252 argc=1, argv=0xbfc39054) at isisd.c:1520 vty=0x20d6f528, cmd=0x0) at command.c:2121 cmd=0x0, vtysh=0) at command.c:2155 isis DEAD") at vty.c:433 isis_main.c:368 and "DEAD") at isisd.c:260 argc=1, argv=0xbfd6cf54) at isisd.c:1520 vty=0x208cb528, cmd=0x0) at command.c:2121 cmd=0x0, vtysh=0) at command.c:2155 isis DEAD") at vty.c:433 isis_main.c:368 The patch is included. patchwork #833: http://patchwork.quagga.net/patch/833/ commit a343cf8d74920752ba0e35142e23a3ca56620755 Author: Christian Franke Date: Mon Jan 14 23:41:57 2013 +0100 lib: update Solaris multicast API (BZ#725) On OpenIndiana/Solaris the build fails with "unsupported multicast API". It's only in the IPv4 part where setsockopt IP_MULTICAST_IF needs a local address and not the index (IPv6 wants the index). The following code walks the list of interfaces until it finds the matching index and uses the interface's local address for the setsockopt call. I don't know if it works on Solaris < 10 (I guess yes, but I don't have any machine to verify it). [NB: this breaks unnumbered setups that use the same IPv4 address on multiple interfaces. -- equinox@opensourcerouting.org] Reported-by: Brian Utterback Signed-off-by: Christian Franke Patchwork #762 commit d319a3abbf6e6c310b6b6a6891ebe1957592f9a9 Author: Paul Jakma Date: Wed May 25 14:47:00 2016 +0100 ripd: split-horizon default differed between rip_interface_new and _reset * rip_interface.c: Default for split_horizon_default differed between rip_interface_new and rip_interface_reset, causing at least some issues after interface events. See patchwork #604. Fix, and consolidate code. (rip_interface_{reset,clean}) rename these to 'interface', as that's more appropriate. Spin the ri specific bodies of these functions out to rip_interface_{reset,clean} helpers. Factor out the overlaps, so rip_interface_reset uses rip_interface_clean. (rip_interface_new) just use rip_interface_reset. * ripd.h: Update for (rip_interface_{reset,clean}) Reported by xufeng zhang, with a suggested fix on which this commit expands. See patchwork #604. This commit addresses only the split-horizon discrepency, issue #2. The other issue they reported, #1, is not addressed, though suggested fix seems inappropriate. Cc: xufeng.zhang@windriver.com commit 86b2a0a12ace817e64e8e4a719b1ba9a8e6af253 Author: Lou Berger Date: Tue May 17 12:19:51 2016 -0400 lib: change command logging to be off by default * lib/vty.c: add 'log_command' to enable logging of vty commands executed. Default command logging to off. commit f53585d59b62b12d68282154af346796b75c7f2f Author: Lou Berger Date: Tue May 17 07:10:36 2016 -0400 bgp: add "debug bgp allow-martians" next hops and related code/commands commit ac6ff4643645315db648604771926218aa4ead2d Author: Lou Berger Date: Tue May 17 07:10:37 2016 -0400 bgpd: Add flag to not change e{u,g}id on startup and run as unprivileged user * bgp_main.c: add -S / --skip_runas flag to not change effective user/group on start up. Enables bgpd to be run by unprivileged user. commit 5f678889843fb9bc3f07d05eebc2f8fb35584a91 Author: Igor Ryzhov Date: Fri Apr 22 17:38:24 2016 +0300 zebra: add missing vty commands Signed-off-by: Igor Ryzhov Tested-by: NetDEF CI System commit aef4650851cf0f74d944466d50e26bb8f8635c3d Author: Stas Nichiporovich Date: Tue Apr 26 08:14:36 2016 +0000 zebra: fix crash caused by using route-map with "set src" Signed-off-by: Stas Nichiporovich Tested-by: NetDEF CI System commit bb01bdd740339b0c07d8ed0786811801b2a79192 Author: Jafar Al-Gharaibeh Date: Thu Apr 21 16:22:33 2016 -0500 ospfd: fix - correct neighbor index on changing/p2p/virtual links ospfd keeps a list of neighbor routers for each configured interface. This list is indexed using the neighbor router id in case of point-to-point and virtual link types, otherwise the list is indexed using the neighbor's source IP (RFC 2328, page 96). The router adds itself as a "pseudo" neighbor on each link, and also keeps a pointer called (nbr_self) to the neighbor structure. This takes place when the interface is first configured. Currently ospfd adds this pseudo neighbor before the link parameters are fully configure, including whether the link type is point-to-point or virtual link. This causes the pseudo neighbor to be always indexed using the source IP address regardless of th link type. For point-to-point and virtual links, this causes the lookup for the pseudo neighbor to always fail because the lookup is done using the router id whereas the neighbor was added using its source IP address. This becomes really problematic if there is a state change that requires a rebuild of nbr_self, changing the router id for example. When resetting nbr_self, the router first tries to remove the pseudo neighbor form its neighbor list on each link by looking it up and resetting any references to it before freeing the neighbor structure. since the lookup fails to retrieve any references in the case of point-to-point and virtual links the neighbor structure is freed leaving dangling references to it. Any access to the neighbor list after that is bound to stumble over this dangling pointer causing ospfd to crash. Signed-off-by: Jafar Al-Gharaibeh Tested-by: NetDEF CI System commit e6ec2d6d18dadb119b93284ef2f5f5b5440d6f66 Author: Donald Sharp Date: Fri Apr 8 19:30:51 2016 -0400 lib: Fix priviledge modification for vty group specified When attempting to switch runtime permissions over to the correct group specified for the vty group, if the user specified to run as does not have that vty group then do warn about the issue and stop running Signed-off-by: Donald Sharp Reported-by: Thomas Martin Tested-by: NetDEF CI System commit 190591f0fe3388c746ea48f69a439f4bd0b49834 Author: Jafar Al-Gharaibeh Date: Thu Apr 21 17:40:12 2016 -0500 zserv: [pimd] fix - avoid dereferencing a NULL pointer Signed-off-by: Jafar Al-Gharaibeh Tested-by: NetDEF CI System commit 80f61a9979079ed16b9eff50ba65ad8bf1b15fb6 Author: Jonathan Hart Date: Tue Apr 19 22:13:49 2016 -0700 pimd: Fix hang when doing nexthop lookup from zebra I was running in to a bug when pimd would hang in some cases when it had to do a nexthop lookup from zebra, such as when a PIM JOIN was received. This issue could be easily reproduced by running 'show ip rib ' from the pimd vty which forces a nexthop lookup. The issue is in zclient_read_nexthop, the zclient_read_header function reads the message content into the stream, but then after that the zclient_read_nexthop function tries to read the message content again from the socket, but there are no bytes so it hangs waiting for input. The solution is to not try to read the message content the second time. Acked-by: Jafar Al-Gharaibeh Tested-by: NetDEF CI System commit 7e73eb740f3c52a5b7c0ae9c2cd33b486d885552 Author: Timo Teräs Date: Sat Apr 9 17:22:32 2016 +0300 zebra: handle multihop nexthop changes properly The rib entries are normally added and deleted when they are changed. However, they are modified in placae when the nexthop reachability changes. This fixes to: - properly detect nexthop changes from nexthop_active_update() calls from rib_process() - rib_update_kernel() to not reset FIB flags when a RIB entry is being modifed (old and new RIB are same) - improves the "show ip route " output to display both ACTIVE and FIB flags for each nexthop Fixes: 325823a5 "zebra: support FIB override routes" Signed-off-by: Timo Teräs Reported-By: Igor Ryzhov Tested-by: NetDEF CI System commit 7e7a101dde5969f62074801d84bb4cc75e50f548 Author: Donald Sharp Date: Fri Apr 8 22:03:22 2016 -0400 ripd: Fix Null pointer dereference The rip_output_process function dereferenced a NULL pointer. Core file examination showed that tmp_rinfo was NULL on line 2435. Looking at the last diff associated with this commit, it was obvious that a formating mistake had been made in the loop over the route nodes list of possible paths. Signed-off-by: Donald Sharp Reported-by: Sebastian Kricner Tested-by: NetDEF CI System commit e7207098c0fa88af6899c1b1483e3ddb19f5336a Author: Christian Franke Date: Sun Apr 3 12:46:28 2016 -0300 isisd: ignore unknown interfaces when adjusting IS-IS mtu For example during startup of isisd, the MTU of interfaces is not known, since this information will only be available once the interfaces have been learned from zebra. It makes no sense to include the MTU 0 that is stored for interfaces in this state in the consideration whether a new lsp-mtu for an area is valid, so skip interfaces which are in this state. Signed-off-by: Christian Franke commit 84a4da039fa620942b6c3a9ff21b7502803f53be Author: Christian Franke Date: Sun Apr 3 12:46:27 2016 -0300 isisd: make sure that all interface addresses are advertised If the following configuration commands are run interactively in succession, the ipv6 addresses of this interface won't be advertised in the router's LSP immediately: # interface eth0 # ip router isis test # ipv6 router isis test This is because the ipv6 router command won't trigger a state change for the interface and therefore, it won't trigger a regeneration of the LSPs. The same thing happens if IPv4 is enabled after IPv6, or for the cases where IPv4 is disabled and IPv6 stays enabled or vice-versa. Fix this by explicitly calling lsp_regenerate_schedule for the cases where it won't be called implicitly. Signed-off-by: Christian Franke commit 8ed8d0b5d1596ec9a6cce5ca45eb1cb1dff94978 Author: Christian Franke Date: Sun Apr 3 12:46:26 2016 -0300 isisd: fix a crash due to an lsp-mtu issue isisd crashed on startup if it was enabled for an interface with a too small MTU. To fix this, we treat this case as an invalid configuration and disable isis on that interface if that case happens, since it is a configuration error. Signed-off-by: Christian Franke commit 106e38e4d42ecd94c083907872d514e8c67036f6 Author: Christian Franke Date: Sun Apr 3 12:46:25 2016 -0300 isisd: work around route table asserts for deleting node with info The route table code in lib/table.c triggers an assertion when a route node with rn->info != NULL reaches refcount 0, probably to avoid memleaks. In this particular case, this is not an issue, since the info will be freed by the destructor. However, since removing this assertion probably requires more discussion, just make sure that rn->info gets freed and unset before its refcount is decremented to zero. Signed-off-by: Christian Franke