summaryrefslogtreecommitdiffstats
path: root/pbrd (follow)
Commit message (Collapse)AuthorAgeFilesLines
* pbrd: fix vrf_unchanged which may depend on other seqsWesley Coakley2024-12-091-0/+8
| | | | | Ticket: 2740911 Signed-off-by: Wesley Coakley <wcoakley@nvidia.com>
* lib: common debug status outputIgor Ryzhov2024-08-273-39/+0
| | | | | | | Implement common code for debug status output and remove daemon-specific code that is duplicated everywhere. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
* lib: common debug config outputIgor Ryzhov2024-08-273-25/+5
| | | | | | | Implement common code for debug config output and remove daemon-specific code that is duplicated everywhere. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
* lib: rework debug initIgor Ryzhov2024-08-272-22/+13
| | | | | | | | | | The debug library allows to register a `debug_set_all` callback which should enable all debugs in a daemon. This callback is implemented exactly the same in each daemon. Instead of duplicating the code, rework the lib to allow registration of each debug type, and implement the common code only once in the lib. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
* pbrd: Call vrf_terminate on shutdownDonald Sharp2024-08-131-0/+2
| | | | | | Free up vrf memory on shutdown. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: create a single registry of daemons' default port valuesMark Stapp2024-02-011-2/+0
| | | | | | | | Create a single registry of default port values that daemons are using. Most of these are vty ports, but there are some others for features like ospfapi and zebra FPM. Signed-off-by: Mark Stapp <mjs@labn.net>
* *: fix `frr_daemon_info` indentationDavid Lamparter2024-01-271-8/+10
| | | | | | | | | | clang-format doesn't understand FRR_DAEMON_INFO is a long macro where laying out items semantically makes sense. (Also use only one `FRR_DAEMON_INFO(` in isisd so editors don't get confused with the mismatching `( ( )`. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* pbrd: Fix PBR handling for last rule deletionRajesh Varatharaj2024-01-231-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Issue: Previously, the PBR common was updated for every rule update or deletion example: let say we have three rule 11, 12, 13 and if we are removing rule 12. in the current code we are making the entire map "valid" to false. pbr-map MAP1 seq 11 match src-ip 90.1.1.2/32 set nexthop 20.1.1.2 swp1 pbr-map MAP1 seq 12 match src-ip 90.1.1.3/32 set nexthop 20.1.1.2 swp1 pbr-map MAP1 seq 13 match src-ip 90.1.1.4/32 set nexthop 20.1.1.2 swp1 no pbr-map MAP1 seq 12 ==> turns whole map valid to false. r1(config)# end r1# show pbr map pbr-map MAP1 valid: no Seq: 11 rule: 310 Installed: yes Reason: Valid SRC IP Match: 90.1.1.2/32 nexthop 20.1.1.2 swp1 Installed: yes Tableid: 10002 Seq: 13 rule: 312 Installed: yes Reason: Valid SRC IP Match: 90.1.1.4/32 nexthop 20.1.1.2 swp1 Installed: yes Tableid: 10004 Fix: Now, the PBR common will only be updated when the last rule is being deleted. This change ensures that we only send a delete request to Zebra once, and only set the valid and installed flags to false when the last rule is deleted. This optimizes the handling of PBR rules and reduces unnecessary interactions with Zebra Testing: UT in MR notes Ticket: # Signed-off-by: Rajesh Varatharaj <rvaratharaj@nvidia.com>
* pbrd: fix map seq installed flag in jsonChirag Shah2023-12-051-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Ticket:#3638598 Testing: Post fix: tor-2# show pbr map json [ { "name":"global-vrf-PBR-map", "valid":true, "policies":[ { "id":1, "sequenceNumber":10, "ruleNumber":309, "vrfUnchanged":false, "installed":true, <<<< now display correct value "installedReason":"Valid", "vrfName":"sym_1", "matchSrc":"10.1.200.0\/24", "matchDst":"10.6.200.0\/24" } ] } Signed-off-by: Chirag Shah <chirag@nvidia.com>
* pbrd: replace `receive_notify` with requestDavid Lamparter2023-11-231-3/+3
| | | | | | | Send `ZEBRA_ROUTE_NOTIFY_REQUEST` rather than relying on the options field in zclient startup. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* Merge pull request #14850 from donaldsharp/IFNAMSIZ_GET_YOUR_SHIT_TOGETHERDonatas Abraitis2023-11-222-2/+2
|\ | | | | *: Let's use the native IFNAMSIZ instead of INTERFACE_NAMSIZ
| * *: Let's use the native IFNAMSIZ instead of INTERFACE_NAMSIZDonald Sharp2023-11-212-2/+2
| | | | | | | | | | | | | | | | INTERFACE_NAMSIZ is just a redefine of IFNAMSIZ and IFNAMSIZ is the standard for interface name length on all platforms that FRR currently compiles on. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* | pbrd: use `zclient->nexthop_update`David Lamparter2023-11-201-19/+11
|/ | | | | | Have the library decode the nexthop. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* pbrd: Cleanup zclient on shutdownDonald Sharp2023-11-133-0/+13
| | | | | | | For some reason pbrd had no shutdown code for zclient. Now it does. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* lib: convert if_zapi_callbacks into actual hooksDavid Lamparter2023-11-031-2/+4
| | | | | | | | | ...so that multiple functions can be subscribed. The create/destroy hooks are renamed to real/unreal because that's what they *actually* signal. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
* pbrd: fix show pbr map detail jsonSindhu Parvathi Gopinathan2023-10-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'detail' and 'josn' keyword is given as an optional parameter for cli arguments. Hence 'detail' keyword was consider as a pbr 'name' for "show pbr map detail json" command. Before Fix: ``` cumulus# cumulus# show pbr map detail json [ ] cumulus# ``` After Fix: ``` cumulus# show pbr map detail json [ { "name":"MAP1", "valid":false, "policies":[ { "id":1, "sequenceNumber":10, "ruleNumber":309, "vrfUnchanged":false, "installed":false, "installedReason":"Invalid Src or Dst", "vrfName":"default" } ] } ] cumulus# ``` Ticket:#3638600 Issue:3638600 Testing: UT done Signed-off-by: Sindhu Parvathi Gopinathan's <sgopinathan@nvidia.com>
* build: add -Wimplicit-fallthroughIgor Ryzhov2023-10-121-1/+2
| | | | | | | | | | Also: - replace all /* fallthrough */ comments with portable fallthrough; pseudo keyword to accomodate both gcc and clang - add missing break; statements as required by older versions of gcc - cleanup some code to remove unnecessary fallthrough Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
* Revert "lib: register bgp link-state afi/safi"Donald Sharp2023-10-101-10/+0
| | | | This reverts commit 1642a68d60cfade4b2fce72aaef58dea700c65c3.
* *: remove ZEBRA_INTERFACE_VRF_UPDATEanlan_cs2023-10-071-24/+0
| | | | | | | | | | | | | | | | | | | | | | | | Currently when one interface changes its VRF, zebra will send these messages to all daemons in *order*: 1) `ZEBRA_INTERFACE_DELETE` ( notify them delete from old VRF ) 2) `ZEBRA_INTERFACE_VRF_UPDATE` ( notify them move from old to new VRF ) 3) `ZEBRA_INTERFACE_ADD` ( notify them added into new VRF ) When daemons deal with `VRF_UPDATE`, they use `zebra_interface_vrf_update_read()->if_lookup_by_name()` to check the interface exist or not in old VRF. This check will always return *NULL* because `DELETE` ( deleted from old VRF ) is already done, so can't find this interface in old VRF. Send `VRF_UPDATE` is redundant and unuseful. `DELETE` and `ADD` are enough, they will deal with RB tree, so don't send this `VRF_UPDATE` message when vrf changes. Since all daemons have good mechanism to deal with changing vrf, and don't use this `VRF_UPDATE` mechanism. So, it is safe to completely remove all the code with `VRF_UPDATE`. Signed-off-by: anlan_cs <anlan_cs@tom.com>
* lib: register bgp link-state afi/safiLouis Scalbert2023-09-181-0/+10
| | | | | | | Register BGP Link-State AFI/SAFI values from RFC7752. Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com> Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
* pbrd: Free Memory in pbr_map_deleteKeelan102023-09-051-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit frees dynamically allocated memory associated with `pbrms->nhgrp_name` and `pbrms->dst` which were causing memory leaks. The ASan leak log for reference: ``` ================================================================= ==107458==ERROR: LeakSanitizer: detected memory leaks Direct leak of 56 byte(s) in 1 object(s) allocated from: #0 0x7f87d644ca37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154 #1 0x7f87d5feaa37 in qcalloc ../lib/memory.c:105 #2 0x7f87d6054ffd in prefix_new ../lib/prefix.c:1180 #3 0x55722f3c2885 in pbr_map_match_dst_magic ../pbrd/pbr_vty.c:302 #4 0x55722f3b5c24 in pbr_map_match_dst pbrd/pbr_vty_clippy.c:228 #5 0x7f87d5f32d61 in cmd_execute_command_real ../lib/command.c:993 #6 0x7f87d5f330ee in cmd_execute_command ../lib/command.c:1052 #7 0x7f87d5f33dc0 in cmd_execute ../lib/command.c:1218 #8 0x7f87d60e4177 in vty_command ../lib/vty.c:591 #9 0x7f87d60e905c in vty_execute ../lib/vty.c:1354 #10 0x7f87d60ef45a in vtysh_read ../lib/vty.c:2362 #11 0x7f87d60d42d4 in event_call ../lib/event.c:1979 #12 0x7f87d5fbe828 in frr_run ../lib/libfrr.c:1213 #13 0x55722f3ac795 in main ../pbrd/pbr_main.c:168 #14 0x7f87d5b82d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 Direct leak of 2 byte(s) in 1 object(s) allocated from: #0 0x7f87d63f39a7 in __interceptor_strdup ../../../../src/libsanitizer/asan/asan_interceptors.cpp:454 #1 0x7f87d5feaafc in qstrdup ../lib/memory.c:117 #2 0x55722f3da139 in pbr_nht_set_seq_nhg ../pbrd/pbr_nht.c:551 #3 0x55722f3c693f in pbr_map_nexthop_group_magic ../pbrd/pbr_vty.c:1140 #4 0x55722f3bdaae in pbr_map_nexthop_group pbrd/pbr_vty_clippy.c:1284 #5 0x7f87d5f32d61 in cmd_execute_command_real ../lib/command.c:993 #6 0x7f87d5f330ee in cmd_execute_command ../lib/command.c:1052 #7 0x7f87d5f33dc0 in cmd_execute ../lib/command.c:1218 #8 0x7f87d60e4177 in vty_command ../lib/vty.c:591 #9 0x7f87d60e905c in vty_execute ../lib/vty.c:1354 #10 0x7f87d60ef45a in vtysh_read ../lib/vty.c:2362 #11 0x7f87d60d42d4 in event_call ../lib/event.c:1979 #12 0x7f87d5fbe828 in frr_run ../lib/libfrr.c:1213 #13 0x55722f3ac795 in main ../pbrd/pbr_main.c:168 #14 0x7f87d5b82d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 SUMMARY: AddressSanitizer: 58 byte(s) leaked in 2 allocation(s). ``` Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
* Merge pull request #14252 from ↵Russ White2023-08-291-14/+16
|\ | | | | | | | | LabNConsulting/ziemba-pbr-bugfix-match-dscp-numeric pbrd: fix dscp field value computation
| * pbrd: fix dscp field value computationG. Paul Ziemba2023-08-211-14/+16
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | Merge pull request #14217 from LabNConsulting/ziemba-pbr-action-dropRuss White2023-08-221-0/+5
|\ \ | |/ |/| pbrd: add advisory flag PBR_ACTION_DROP
| * pbrd: add advisory flag PBR_ACTION_DROPG. Paul Ziemba2023-08-161-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | PBR configuration may specify "set nexthop blackhole" which, for linux dataplanes, is implemented as a table with a blackhole route. Other dataplanes might implement this action as an explicit packet-filtering "drop" action instead of a route. This new flag PBR_ACTION_DROP is now set when a rule has "set nexthop blackhole" as an aid to other dataplanes. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | Merge pull request #14226 from Keelan10/fix-pbrd-leakDonatas Abraitis2023-08-203-1/+4
|\ \ | | | | | | pbrd: Correct Handling of Sequence Deletion
| * | pbrd: Correct Handling of Sequence DeletionKeelan102023-08-203-1/+4
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit ensures that sequence data and associated structures are correctly deleted to prevent memory leaks The ASan leak log for reference: ``` Direct leak of 432 byte(s) in 1 object(s) allocated from: #0 0x7f911ebaba37 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154 #1 0x7f911e749a4e in qcalloc ../lib/memory.c:105 #2 0x564fd444b2d3 in pbrms_get ../pbrd/pbr_map.c:527 #3 0x564fd443a82d in pbr_map ../pbrd/pbr_vty.c:90 #4 0x7f911e691d61 in cmd_execute_command_real ../lib/command.c:993 #5 0x7f911e6920ee in cmd_execute_command ../lib/command.c:1052 #6 0x7f911e692dc0 in cmd_execute ../lib/command.c:1218 #7 0x7f911e843197 in vty_command ../lib/vty.c:591 #8 0x7f911e84807c in vty_execute ../lib/vty.c:1354 #9 0x7f911e84e47a in vtysh_read ../lib/vty.c:2362 #10 0x7f911e8332f4 in event_call ../lib/event.c:1979 #11 0x7f911e71d828 in frr_run ../lib/libfrr.c:1213 #12 0x564fd4425795 in main ../pbrd/pbr_main.c:168 #13 0x7f911e2e1d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58 ``` Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
* | pbrd: address 230815 coverity: pbr_vty.c vrf_nameG. Paul Ziemba2023-08-181-0/+1
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: address 230815 coverity: pbr_vty.c pbrmsG. Paul Ziemba2023-08-181-0/+12
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: address 230815 coverity: pbr_vty.c pend/strtoulG. Paul Ziemba2023-08-181-8/+8
| | | | | | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: address 230815 coverity: r.action.flags reorderingG. Paul Ziemba2023-08-181-7/+2
|/ | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add packet mangling actions (src/dst ip-addr/port, dscp, ecn)G. Paul Ziemba2023-08-094-5/+330
| | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: use flags to indicate active fieldsG. Paul Ziemba2023-08-095-343/+602
| | | | | | | | | | | | Before now, PBRD used non-zero values to imply that a rule's match or action field was active. This approach was getting cumbersome for fields where 0 is a valid active value and various field-specific magic values had to be used. This commit changes PBRD to use a flag bit per field to indicate that the field is active. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add explicit 'family' field for rulesG. Paul Ziemba2023-08-081-4/+10
| | | | | | | | | | | | | | | | | | | | | In the netlink-mediated kernel dataplane, each rule is stored in either an IPv4-specific database or an IPv6-specific database. PBRD opportunistically gleans each rule's address family value from its source or destination IP address match value (if either exists), or from its nexthop or nexthop-group (if it exists). The 'family' value is particularly needed for netlink during incremental rule deletion when none of the above fields remain set. Before now, this address family has been encoded by occult means in the (possibly otherwise unset) source/destination IP match fields in ZAPI and zebra. This commit documents the reasons for maintaining the 'family' field in the PBRD rule structure, adds a 'family' field in the common lib/pbr.h rule structure, and carries it explicitly in ZAPI. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: PBR_FILTER_DSFIELD -> {PBR_FILTER_DSCP,PBR_FILTER_ECN}G. Paul Ziemba2023-08-081-0/+4
| | | | | | | DSCP and ECN matching are configured independently. Maintain these values in independent fields in pbrd, zapi, and zebra. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add nexthop drop typeG. Paul Ziemba2023-08-081-22/+35
| | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: pbr_vty.c organize/styleG. Paul Ziemba2023-08-071-193/+276
| | | | | | | No functional changes: just arrange CLI handlers into logical order and standardize DEFPY formatting. Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* lib,pbrd: clean up style issuesMark Stapp2023-07-251-4/+4
| | | | | | Fix a couple of style warnings introduced by recent PR 14050. Signed-off-by: Mark Stapp <mjs@labn.net>
* Merge pull request #14050 from LabNConsulting/ziemba-pbr-zapi-commonRuss White2023-07-251-59/+100
|\ | | | | pbrd: 2/3 zapi PBR common encode/decode
| * lib: zapi PBR common encode/decodeG. Paul Ziemba2023-07-201-59/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | bgpd, pbrd: use common pbr encoder zebra: use common pbr decoder tests: pbr_topo1: check more filter fields Purpose: 1. Reduce likelihood of zapi format mismatches when adding PBR fields due to multiple parallel encoder implementations 2. Encourage common PBR structure usage among various daemons 3. Reduce coding errors via explicit per-field enable flags Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* | pbrd: fix coverity issueG. Paul Ziemba2023-07-211-1/+2
|/ | | | Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (zapi)G. Paul Ziemba2023-07-191-6/+22
| | | | | | | | | | | | | | Subset: ZAPI changes to send the new data Also adds filter_bm field; currently for PBR_FILTER_PCP, but in the future to be used for all of the filter fields. Changes by: Josh Werner <joshuawerner@mitre.org> Eli Baum <ebaum@mitre.org> G. Paul Ziemba <paulz@labn.net> Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: add vlan filters pcp/vlan-id/vlan-flags; ip-protocol any (pbr feature)G. Paul Ziemba2023-07-193-30/+195
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Subset: feature in PBR New PBR rule fields: match ip-protocol (was only tcp|udp, now any value in /etc/protocols) match pcp (0-7) match vlan (1-4094) match vlan (tagged|untagged|untagged-or-zero) Filter flags Add filter_bm (flags) field internally to indicate which filter fields should be considered active. Bit definitions as in lib/pbr.h. This commit uses only the PBR_FILTER_PCP bit, but other fields will be added in future commits. (Fixes bug related to determining set/not-set state of pcp filter) Shift vlan filter flags to lib/pbr.h Changes by: Josh Werner <joshuawerner@mitre.org> Eli Baum <ebaum@mitre.org> G. Paul Ziemba <paulz@labn.net> Signed-off-by: G. Paul Ziemba <paulz@labn.net>
* pbrd: fix crash with match commandanlan_cs2023-06-281-0/+5
| | | | | | | | | | | | Crash with empty `ip-protocol`: ``` anlan(config-pbr-map)# match ip-protocol vtysh: error reading from pbrd: Resource temporarily unavailable (11)Warning: closing connection to pbrd because of an I/O error! ``` So, give warning for empty `ip-protocol`. Signed-off-by: anlan_cs <vic.lan@pica8.com>
* pbrd, zebra: fix zapi and netlink rule encodingMark Stapp2023-06-121-6/+15
| | | | | | | | | | In pbrd, don't encode a rule without a table. There are cases where the zapi encoding was incorrect because the 4-octet table id was missing. In zebra, mask off the ECN bits in the TOS byte when encoding an iprule to match netlink's expectation. Signed-off-by: Mark Stapp <mjs@labn.net>
* *: Convert event.h to frrevent.hDonald Sharp2023-03-243-3/+3
| | | | | | | We should probably prevent any type of namespace collision with something else. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Convert `struct event_master` to `struct event_loop`Donald Sharp2023-03-242-2/+2
| | | | | | Let's find a better name for it. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Convert struct thread_master to struct event_master and it's ilkDonald Sharp2023-03-242-2/+2
| | | | | | | Convert the `struct thread_master` to `struct event_master` across the code base. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* *: Rename thread.[ch] to event.[ch]Donald Sharp2023-03-243-3/+3
| | | | | | | | | | | This is a first in a series of commits, whose goal is to rename the thread system in FRR to an event system. There is a continual problem where people are confusing `struct thread` with a true pthread. In reality, our entire thread.c is an event system. In this commit rename the thread.[ch] files to event.[ch]. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
* pbrd:fix mismatching in match src-dstChirag Shah2023-03-181-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | upstream commit 67765a232d has incorect address family check which prevent from deleting src/dst config under pbr rule. Ticket:#3405024 Issue:3405024 Testing Done: Config: pbr-map map6 seq 1 match src-ip 2000::200:100:100:0/96 match dst-ip 2000::100:100:100:0/96 set nexthop-group group3 Before: torc-12(config)# pbr-map map6 seq 1 torc-12(config-pbr-map)# no match src-ip 2000::200:100:100:0/96 Cannot mismatch families within match src/dst After: torc-12(config)# pbr-map map6 seq 1 torc-12(config-pbr-map)# no match src-ip 2000::200:100:100:0/96 torc-12(config-pbr-map)# Signed-off-by: Chirag Shah <chirag@nvidia.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-29 22:32:36 +0100