| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 05cf9d03b345393b8d63ffe9345c42debd8362b6.
TL;DR; Handling BGP AddPath capability is not trivial (possible) dynamically.
When the sender is AddPath-capable and sends NLRIs encoded with AddPath ID,
and at the same time the receiver sends AddPath capability "disable-addpath-rx"
(flag update) via dynamic capabilities, both peers are out of sync about the
AddPath state. The receiver thinks already he's not AddPath-capable anymore,
hence it tries to parse NLRIs as non-AddPath, while they are actually encoded
as AddPath.
AddPath capability itself does not provide (in RFC) any mechanism on backward
compatible way to handle NLRIs if they come mixed (AddPath + non-AddPath).
This explains why we have failures in our CI periodically.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some static analyzer issues can be observed in BGP code:
> In file included from ./lib/zebra.h:13,
> from lib/event.c:8:
> ./lib/compiler.h:222:26: note: '#pragma message: Remove `clear thread cpu` command'
> 222 | #define CPP_NOTICE(text) _Pragma(CPP_STR(message text))
> | ^~~~~~~
> lib/event.c:433:1: note: in expansion of macro 'CPP_NOTICE'
> 433 | CPP_NOTICE("Remove `clear thread cpu` command")
> | ^~~~~~~~~~
> bgpd/bgp_vty.c:1592:5: warning: Access to field 'as_pretty' results in a dereference of a null pointer (loaded from variable 'bgp') [core.NullDereference]
> 1592 | bgp->as_pretty);
> | ^~~~~~~~~~~~~~
> bgpd/bgp_vty.c:1599:5: warning: Access to field 'as_pretty' results in a dereference of a null pointer (loaded from variable 'bgp') [core.NullDereference]
> 1599 | bgp->as_pretty);
> | ^~~~~~~~~~~~~~
> bgpd/bgp_vty.c:1612:7: warning: Access to field 'flags' results in a dereference of a null pointer (loaded from variable 'bgp') [core.NullDereference]
> 1612 | IS_BGP_INSTANCE_HIDDEN(bgp)) {
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> ./bgpd/bgpd.h:2906:3: note: expanded from macro 'IS_BGP_INSTANCE_HIDDEN'
> 2906 | (CHECK_FLAG(_bgp->flags, BGP_FLAG_INSTANCE_HIDDEN) && \
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ./lib/zebra.h:274:31: note: expanded from macro 'CHECK_FLAG'
> 274 | #define CHECK_FLAG(V,F) ((V) & (F))
> | ^~~
> bgpd/bgp_vty.c:1614:4: warning: Access to field 'flags' results in a dereference of a null pointer (loaded from variable 'bgp') [core.NullDereference]
> 1614 | UNSET_FLAG(bgp->flags, BGP_FLAG_INSTANCE_HIDDEN);
> | ^ ~~~
> ./lib/zebra.h:276:34: note: expanded from macro 'UNSET_FLAG'
> 276 | #define UNSET_FLAG(V,F) (V) &= ~(F)
> | ~ ^
> 4 warnings generated.
> Static Analysis warning summary compared to base:
Fix those issues by protecting the bgp pointer.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The more the vrf green is referenced in the import bgp command, the more
there are instances created. The below configuration shows that the vrf
green is referenced twice, and two BGP instances of vrf green are
created.
The below configuration:
> router bgp 99
> [..]
> import vrf green
> exit
> router bgp 99 vrf blue
> [..]
> import vrf green
> exit
> router bgp 99 vrf green
> [..]
> exit
>
> r4# show bgp vrfs
> Type Id routerId #PeersCfg #PeersEstb Name
> L3-VNI RouterMAC Interface
> DFLT 0 10.0.3.4 0 0 default
> 0 00:00:00:00:00:00 unknown
> VRF 5 10.0.40.4 0 0 blue
> 0 00:00:00:00:00:00 unknown
> VRF 6 0.0.0.0 0 0 green
> 0 00:00:00:00:00:00 unknown
> VRF 6 10.0.94.4 0 0 green
> 0 00:00:00:00:00:00 unknown
Fix this at import command, by looking at an already present bgp
instance.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running the bgp_evpn_rt5 setup with unified config, memory leak
about a non deleted BGP instance happens.
> root@ubuntu2204hwe:~/frr/tests/topotests/bgp_evpn_rt5# cat /tmp/topotests/bgp_evpn_rt5.test_bgp_evpn/r1.asan.bgpd.1164105
>
> =================================================================
> ==1164105==ERROR: LeakSanitizer: detected memory leaks
>
> Indirect leak of 12496 byte(s) in 1 object(s) allocated from:
> #0 0x7f358eeb4a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
> #1 0x7f358e877233 in qcalloc lib/memory.c:106
> #2 0x55d06c95680a in bgp_create bgpd/bgpd.c:3405
> #3 0x55d06c95a7b3 in bgp_get bgpd/bgpd.c:3805
> #4 0x55d06c87a9b5 in bgp_get_vty bgpd/bgp_vty.c:603
> #5 0x55d06c68dc71 in bgp_evpn_local_l3vni_add bgpd/bgp_evpn.c:7032
> #6 0x55d06c92989b in bgp_zebra_process_local_l3vni bgpd/bgp_zebra.c:3204
> #7 0x7f358e9e3feb in zclient_read lib/zclient.c:4626
> #8 0x7f358e98082d in event_call lib/event.c:1996
> #9 0x7f358e848931 in frr_run lib/libfrr.c:1232
> #10 0x55d06c60eae1 in main bgpd/bgp_main.c:557
> #11 0x7f358e229d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Actually, a BGP VRF Instance is created in auto mode when creating the
global BGP instance for the L3 VNI. And again, an other BGP VRF instance
is created. Fix this by ensuring that a non existing BGP instance is not
present. If it is present, and with auto mode or in hidden mode, then
override the AS value.
Fixes: f153b9a9b636 ("bgpd: Ignore auto created VRF BGP instances")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| |\
| |
| | |
Bgp connect refactor
|
| | |
| |
| |
| |
| |
| |
| |
| | |
su_local and su_remote in the peer can change based upon
if we are initiating the remote connection or receiving it.
As such we need to treat it as a property of the connection.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |/
|
|
|
|
|
|
|
|
| |
FRR supports dynamic capability which is useful to exchange the capabilities
without tearing down the session. ENHE capability was missed to be included
handling via dynamic capability. Let's add it too.
This was missed and asked in Slack that it would be useful.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
|
|
|
| |
Fixes: ef4a9215b912c885498715614ee01b43dc861c1a ("bgpd: Reuse defined constants for BGP timers")
Fixes: ab3535fbcf37b59ec02332fa021142c5b7d6dd3e ("bgpd: Implement connect retry backoff")
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\
| |
| | |
BMP handling of BGP configuration changes
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
At startup, if bmp loc-rib is enabled, the peer_id of the
loc-rib per peer header message has the route distinguisher set to 0:0.
Actually, the route distinguisher has been updated after the peer up
message is sent, and the information is not refreshed.
Create a hook API to handle route distinguisher config events: pre and
post configuration. Use that hook in BMP module to send peer down, and
peer up events when necessary.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| |\ \
| |/
|/| |
bgpd: show json output changes to optimize various show commands
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Introduced JSON support of "show bgp router" command
VTY:
mlx-3700-19# show bgp router
BGP started gracefully at Tue Nov 14 21:18:34 2023
Graceful restart completed at Tue Nov 14 21:18:37 2023
Number of BGP instances (including default): 1
JSON:
mlx-3700-19# show bgp router json
{
"bgpStartedAt":"Tue Nov 14 21:18:34 2023\n",
"bgpStartedGracefully":"Yes",
"grComplete":"Yes",
"grCompletedAt":"Tue Nov 14 21:18:37 2023\n",
"bgpInMaintenanceMode":"No",
"bgpInstanceCount":1
}
Issue:3624937
Signed-off-by: Pooja Jagadeesh Doijode <pdoijode@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
E.g.:
```
Prefix statistics:
Inbound filtered: 0
AS-PATH loop: 0
Originator loop: 0
Cluster loop: 0
Invalid next-hop: 0
Withdrawn: 0
Attributes discarded: 3
```
JSON:
```
"prefixStats":{
"inboundFiltered":0,
"aspathLoop":0,
"originatorLoop":0,
"clusterLoop":0,
"invalidNextHop":0,
"withdrawn":0,
"attributesDiscarded":3
},
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\ \
| | |
| | | |
BGP Labelpool : Releasing the label in labelpool when VPN session gets removed
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Releasing the vpn label from label pool chunk using bgp_lp_release routine whenever vpn session is removed.
bgp_lp_release will clear corresponding bit in the allocated map of the label pool chunk and increases nfree by 1
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If we do `no neighbor PG enforce-first-as`, it wasn't working because the flag
was inherited incorrectly for the members of the peer-group.
Fixes: 322462920e2a2c8b73191c6eb5157d64cf4a593e ("bgpd: Enable enforce-first-as by default")
Closes: https://github.com/FRRouting/frr/issues/17702
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\ \ \
| | | |
| | | | |
bgpd: fix memory leak when reconfiguring a route distinguisher
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A memory leak happens when reconfiguring an already configured route
distinguisher on an L3VPN BGP instance. Fix this by freeing the previous
route distinguisher.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| |\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
opensourcerouting/fix/reduce_default_connect_timer
bgpd: Connect retry timer backoff
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Anytime BGP gets a L3 VNI ADD/DEL from zebra,
- Walking the entire global routing table per L3VNI is very expensive.
- The next read (say of another VNI ADD/DEL) from the socket does
not proceed unless this walk is complete.
So for triggers where a bulk of L3VNI's are flapped, this results in
huge output buffer FIFO growth spiking up the memory in zebra since bgp
is slow/busy processing the first message.
To avoid this, idea is to hookup the BGP-VRF off the struct bgp_master
and maintain a struct bgp FIFO list which is processed later on, where
we walk a chunk of BGP-VRFs and do the remote route install/uninstall.
Ticket :#3864372
Signed-off-by: Rajasekar Raja <rajasekarr@nvidia.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The below command is not successfull on an existing as dot peer
> no neighbor 10.0.0.2 remote-as 1.1
> % Create the peer-group or interface first
Handle the case where the remote-as argument can be an ASNUM.
Fixes: 8079a4138d61 ("lib, bgp: add initial support for asdot format")
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
if (BGP_IS_VALID_STATE_FOR_NOTIF(peer->connection->status))
peer_notify_config_change(peer->connection);
else
bgp_session_reset_safe(peer, &nnode);
Let's add a bool return to peer_notify_config_change of whether or
not it should call the peer session reset. This simplifies
the code a bunch.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We have about a bajillion tests of if we can
notify the peer and then we send a config change
notification. Let's just make a function that
does this.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| | |
| |
| |
| |
| |
| | |
Convert this function to being connection based.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Deprecate gracefulRestartCapability which is inconsistent with an existing
format if advertised and received are printed.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Slipped somehow that peer-groups with GR is just completely broken, but it was
working before.
Strikes again, that we MUST have more and more topotests.
Fixes: 15403f521a12b668e87ef8961c78e0ed97c6ff92 ("bgpd: Streamline GR config, act on change immediately")
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
https://datatracker.ietf.org/doc/html/rfc8097 defines ROV extended community,
but https://datatracker.ietf.org/doc/draft-ietf-sidrops-avoid-rpki-state-in-bgp
is against sending it by default even for iBGP peers.
Let's do this practice and reverse it.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |/
|
|
| |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |
|
|
| |
Signed-off-by: hanyu.zly <hanyu.zly@alibaba-inc.com>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Introduce a command to stop bgpd from enabling IPv6 router advertisement
messages sending on interfaces.
Signed-off-by: Mikhail Sokolovskiy <sokolmish@gmail.com>
|
| |\ \
| | |
| | |
| | |
| | | |
opensourcerouting/fix/drop_bgp_network_import_check_exact_cmd
bgpd: Drop deprecated `bgp network import-check exact` command
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |/ /
| |
| |
| |
| |
| |
| | |
This command did not allow the operator to display neighbor information
related to graceful-restart when used inside of a vrf.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |/
|
|
|
|
|
|
|
| |
Recent commit 4d0e7a49cf8d4311a485281fa50bbff6ee8ca6cc
brought in changes that moved a check for ret up
in the code, caused some code to be left around
and be effectively dead since it would never be called.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |\
| |
| | |
Refreshement of BGP multi ASNs
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1. bgp coredump is observed when we delete default bgp instance
when we have multi-vrf; and route-leaking is enabled between
default, non-default vrfs.
Removing default router bgp when routes leaked between non-default vrfs.
- Routes are leaked from VRF-A to VRF-B
- VPN table is created with auto RD/RT in default instance.
- Default instance is deleted, we try to unimport the routes from all VRFs
- non-default VRF schedules a work-queue to process deleted routes.
- Meanwhile default bgp instance clears VPN tables and free the route
entries as well, which are still referenced by non-default VRFs which
have imported routes.
- When work queue process starts to delete imported route in VRF-A it cores
as it accesses freed memory.
- Whenever we delete bgp in default vrf, we skip deleting routes in the vpn
table, import and export lists.
- The default hidden bgp instance will not be listed in any of the show
commands.
- Whenever we create new default instance, handle it with AS number change
i.e. old hidden default bgp's AS number is updated and also changing
local_as for all peers.
2. A default instance is created with ASN of the vrf with the import
statement.
This may not be the ASN desired for the default table
- First problem with current behavior.
Define two vrfs with different ASNs and then add import between.
starting without any bgp config (no default instance)
A default instance is created with ASN of the vrf with the import
statement.
This may not be the ASN desired for the default table
- Second related problem. Start with a default instance and a vrf in a
different ASN. Do an import statement in the vrf for a bgp vrf instance
not yet defined and it auto-creates that bgp/vrf instance and it inherits
the ASN of the importing vrf
- Handle bgp instances with different ASNs and handle ASN for auto created
BGP instance
Signed-off-by: Kantesh Mundaragi <kmundaragi@vmware.com>
|
| |\ \
| |/
|/| |
bgpd: Implement BGP dual-as feature
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is helpful for migrations, etc.
The neighbor is configured with:
```
router bgp 65000
neighbor X local-as 65001 no-prepend replace-as dual-as
```
Neighbor X can use either 65000, or 65001 to peer with.
Closes: https://github.com/FRRouting/frr/issues/13928
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\ \
| |/
|/|
| |
| | |
opensourcerouting/fix/default_originate_not_needed_if_not_enabled
bgpd: Do not scan update-groups if default-originate timer is set to 0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the neighbor is not configured with `neighbor X default-originate route-map ...`,
then this timer is useless.
Change the logic to be it disabled by default, but enabled automatically once the
route-map is configured for default-originate command.
Automatically assigned timer value is as before, 5 seconds.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| | |
| |
| |
| | |
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |\ \
| | |
| | | |
bgpd: Some peer-groups related changes/fixes
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
```
ton# sh ip bgp peer-group
BGP peer-group pg-a
Peer-group type is auto
Configured address-families: IPv4 Unicast;
BGP peer-group pg-e, remote AS 0
Peer-group type is external
Configured address-families: IPv4 Unicast;
BGP peer-group pg-i, remote AS 65001
Peer-group type is internal
Configured address-families: IPv4 Unicast;
ton#
```
`auto` should be handled accordingly.
Fixes: 0dfe25697f5299326046fcfb66f2c6beca7c423c ("bgpd: Implement neighbor X remote-as auto")
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| | |/
| |
| |
| |
| |
| | |
Inherit solo flag for peer-group members also.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, when SRv6 is enabled in BGP, BGP requests a locator chunk
from Zebra. Zebra assigns a locator chunk to BGP, and then BGP can
allocate SIDs from the locator chunk.
Recently, the implementation of SRv6 in Zebra has been improved, and a
new API has been introduced for obtaining/releasing the SIDs.
Now, the daemons no longer need to request a chunk.
Instead, the daemons interact with Zebra to obtain information about the
locator and subsequently to allocate/release the SIDs.
This commit extends BGP to use the new SRv6 API. In particular, it
removes the chunk throughout the BGP code and modifies BGP to
request/save/advertise the locator instead of the chunk.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
|
| |\
| |
| | |
bgpd: Free up non-freed json memory on function return
|
| | |
| |
| |
| |
| |
| |
| |
| | |
json_peers is allocated in the above if statement block
for json but is not freed in this code path. Noticed
by running Address Sanitizer.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
instances
```
==1145965==ERROR: AddressSanitizer: heap-use-after-free on address 0x6030007159c0 at pc 0x55ade8d962d1 bp 0x7ffec4ce74c0 sp 0x7ffec4ce74b0
READ of size 8 at 0x6030007159c0 thread T0
0 0x55ade8d962d0 in no_router_bgp bgpd/bgp_vty.c:1701
1 0x7efe5aed19ed in cmd_execute_command_real lib/command.c:1002
2 0x7efe5aed1da3 in cmd_execute_command lib/command.c:1061
3 0x7efe5aed2303 in cmd_execute lib/command.c:1227
4 0x7efe5af6c023 in vty_command lib/vty.c:616
5 0x7efe5af6d2d2 in vty_execute lib/vty.c:1379
6 0x7efe5af77df2 in vtysh_read lib/vty.c:2374
7 0x7efe5af64c9b in event_call lib/event.c:1996
8 0x7efe5af03887 in frr_run lib/libfrr.c:1232
9 0x55ade8cd9850 in main bgpd/bgp_main.c:555
10 0x7efe5aa29d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
11 0x7efe5aa29e3f in __libc_start_main_impl ../csu/libc-start.c:392
12 0x55ade8cdc314 in _start (/usr/lib/frr/bgpd+0x16f314)
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
