commit a4b5665f76d9e907a547c85c9c4a7a656c568b9d
Author: David Lamparter <equinox@diac24.net>
Date: Tue Jun 24 07:14:20 2014 +0200
release: 0.99.23
commit 2c32ee5f04191c6ffae9c19621548bc72b00e3ba
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Jun 24 07:12:01 2014 +0200
doc: update NEWS for 0.99.23 changes
commit 6b0655a25194c7c0331154edaa6124cf783e5e5e
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Wed Jun 4 06:53:35 2014 +0200
*: nuke ^L (page feed)
Quagga sources have inherited a slew of Page Feed (^L, \xC) characters
from ancient history. Among other things, these break patchwork's
XML-RPC API because \xC is not a valid character in XML documents.
Nuke them from high orbit.
Patches can be adapted simply by:
sed -e 's%^L%%' -i filename.patch
(you can type page feeds in some environments with Ctrl-V Ctrl-L)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit fdb913aedb5a9807ad60715e8badb4f25d57acea
Author: David Lamparter <equinox@diac24.net>
Date: Tue Jun 3 18:42:25 2014 +0200
build: Quagga 0.99.23-rc1
this is not a full release version, so neither release notes nor
documentation are updated yet. Also, signing the tag with my private
GPG key instead of the Quagga one.
commit fd6f39a514093973bb0fb39484a0ed9615534c89
Author: Lu Feng <lu.feng@6wind.com>
Date: Wed Feb 19 09:05:05 2014 +0000
isisd: ignore the unrecognized TLVs
When processing LSPDUs, the unrecognized TLVs/sub-TLVs should be
silently ignored.
In parse_tlvs(), ISIS_WARNING is returned once an unrecognized TLV
exists. It breaks the processing in lsp_authentication_check() and
lsp_update_data(). So remove it.
Signed-off-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 404fd2974fb53340be6d570b86f2f6f4c0a100c6
Author: Joachim Nilsson <troglobit@gmail.com>
Date: Wed Aug 21 09:39:33 2013 +0000
ripd: fix "show ip rip status" documentation
The command was mis-named in the documentation as "show ip protocols".
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 7b3b98ae3ecdad20cf5cebd2a6532aee17184d95
Author: Lu Feng <lu.feng@6wind.com>
Date: Mon Apr 14 08:09:29 2014 +0000
ripd & ripngd: avoid the zero interface metric
The interface metric is initialized to 0 in the commit db19c85:
zebra: set metric for directly connected routes via netlink to 0
Ripd and ripngd must be aware of it and avoid increase the
route metric by 0.
Signed-off-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 224e7e515747b74dd6d3610570a64b9726a27722
Author: Timo Teräs <timo.teras@iki.fi>
Date: Thu Apr 24 06:40:33 2014 +0000
lib: remove redundant and incorrect sys/fcntl.h include
POSIX defines <fcntl.h>, <sys/fcntl.h> is the same thing. However,
it should not be used as it's existence can depend on C-library
implementation. E.g. musl gives warning if <sys/fcntl.h> is used.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit d9d4ae5157207b9b8bdb167983519a7ffb860f2c
Author: Stephen Hemminger <stephen@networkplumber.org>
Date: Wed Jan 13 00:32:39 2010 +0000
bgpd: fix crash when allowas-in is done on inactive peer
When allowas-in is changed on a peer that is not up, BGP would crash
trying to do route_refresh. If peer is not up, there is no need
to do notification or send.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8c71e481dae11b7ae3f1ef561a989624b2ae84b6
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Wed Jan 15 06:57:57 2014 +0000
bgpd: efficient NLRI packing for AFs != ipv4-unicast
ISSUE:
Currently, for non-ipv4-unicast address families where prefixes are
encoded in MP_REACH/MP_UNREACH attributes, BGP ends up sending one
prefix per UPDATE message. This is quite inefficient. The patch
addresses the issue.
PATCH:
We introduce a scratch buffer in the peer structure that stores the
MP_REACH/MP_UNREACH attributes for non-ipv4-unicast families. This
enables us to encode multiple prefixes. In the end, the two buffers
are merged to create the UPDATE packet.
Signed-off-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
[DL: removed no longer existing bgp_packet_withdraw prototype]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 2c13299a05e5544a5e79c2a970256a21f488a3fa
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Sat Sep 7 07:07:20 2013 +0000
bgpd: don't compare next-hop to router-id
While announcing a path to a peer, the code currently compares the path's
next-hop with the peer's router-id. This can lead to problems as the router
IDs are unique only within an AS. Suppose AS 1 sends route with next-hop
10.1.1.1. It is possible that the speaker has an established BGP peering
with a router in AS 2 with router ID 10.1.1.1. The route will not be
advertised to that peer in AS 2.
The patch removes this check.
Signed-off-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 66d2ead7df2db9144605c973fcd80b88df33f81b
Author: Sébastien Luttringer <seblu@seblu.net>
Date: Tue May 27 19:55:11 2014 +0200
vtysh: fix build against readline 6.3
readline 6.3 removes some old deprecated funnily-named types. This
updates vtysh to use the new types so it builds again.
Reported-by: Joel Teichroeb <klusark@archlinux.invalid>
References: https://bugs.archlinux.org/task/39495
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8e998b1eb5fea53f2a2eddd9f7f2b8ab004406f3
Author: Michal Sekletar <msekleta@redhat.com>
Date: Fri May 16 14:13:43 2014 +0000
zebra: raise the privileges before calling socket()
Because of recent changes when creating AF_NETLINK socket, kernel will
cache capabilities of the caller and if file descriptor is used or
otherwise handed to another process it will check that current user has
necessary capabilities to use the socket. Hence we need to ensure we
have necessary capabilities when creating the socket and at the time we
use the socket.
See: http://www.spinics.net/lists/netdev/msg280198.html
Signed-off-by: Michal Sekletar <msekleta@redhat.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 000e157c852653288c5a1e6d0dee821c1765d315
Author: Milan Kocian <milon@wq.cz>
Date: Fri Oct 18 07:59:38 2013 +0000
bgpd: Fix condition allowas-in in rsclient code
Currently when you set neighbour's 'allowas-in' option on route server side
you get redistribution of the prefixes from this neighbour's table into all
neighbour's tables which have the same AS number. I think that wanted behaviour
is to allow import prefixes from neighbour's tables with the same AS num
into neighbour which has 'allowas-in' option set.
Signed-off-by: Milan Kocian <milon@wq.cz>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 5d804b439a4138c77f81de30c64f923e2b5c1340
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Thu Sep 12 03:37:07 2013 +0000
bgpd: support TTL-security with iBGP
Traditionally, ttl-security feature has been associated with EBGP
sessions as those identify directly connected external peers. The
GTSM RFC (rfc 5082) does not make any restrictions on type of
peering. In fact, it is beneficial to support ttl-security for both
EBGP and IBGP sessions. Specifically, in data centers, there are
directly connected IBGP peerings that will benefit from the protection
ttl-security provides.
Signed-off-by: Dinesh G Dutt <ddutt@cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
[DL: function refactoring split out into previous 2 patches. changes:
- bgp_set_socket_ttl(): ret type int -> void
- is_ebgp_multihop_configured(): stripped peer == NULL check
- comments/whitespace]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 5f9adb5d26d3af31b00c02084468e9f92b461b01
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon May 19 23:15:02 2014 +0200
bgpd: factor out eBGP multihop check
The check for an eBGP multihop configuration is unwieldy; factor it out
into a separate function.
[DL: originally by Dinesh G Dutt <ddutt@cumulusnetworks.com>,
split off from the next commit]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit ef0b0c3e95a1f30d6f338100c689feef8ad5cd6e
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon May 19 22:52:04 2014 +0200
bgpd: factor out TTL setting
TTL/min TTL are set from both bgp_accept() and bgp_connect(). Factor
them out so the following change to enable iBGP GTSM becomes more
readable.
[DL: originally by Dinesh G Dutt <ddutt@cumulusnetworks.com>,
split off from the next commit]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8da8689d91a6436c17aca5000b1426aaea47e23c
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Wed Sep 11 03:33:55 2013 +0000
bgpd: fix fast external fallover behavior
ISSUES
1. When an interface goes down, the zclient callbacks are invoked
in the following order: (a) address_delete() that removes the
connected address list: ifp->connected, (b) interface_down()
that performs "fast external fallover" operation. The operation
relies on ifp->connected to look for peers that should be brought
down. That's a cyclic dependency.
2. 'ttl-security' configuration handler sets peer->ttl to
MAXTTL (so that BGP packets are sent with TTL=255, as per the
requirement of ttl-security). This, however, is incompatible
with 'fast external fallover' as the fallover operation checks
for (ttl == 1) to determine directly connected peers.
3. The current fallover operation does not work for IPv6 address family.
PATCH
1. The patch removes the dependency on 'ifp->connected' list for fast
fallover. The peer already contains a nexthop structure that reflects
the peering address. The nexthop structure has a pointer to the
interface (ifp) that peering address resolves to. Everytime the TCP
connection succeeds, the ifp is updated. The patch uses this ifp in
the interface_down() callback for a match for the peers that should be
brought down.
2. The evaluation for directly connected peering is enhanced as
'peer->ttl == 1' OR 'peer->gtsm_hops == 1'. Thus a ttl-security
configuration on the peer with one hop is directly connected and
should be brought down under 'fast external fallover'.
3. Because of fix (1), IPv6 address family works automatically.
Signed-off-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 3374bef0412ac11815779f54321cbc4bf96da909
Author: Vipin Kumar <vipin@cumulusnetworks.com>
Date: Thu Jan 9 00:31:22 2014 +0000
bgpd: increase TCP socket buffer size
BGP does not respond fairly in high scale. As the number of BGP peers
and prefixes increase, triggers like interface flaps which lead to BGP
peer flaps, cause blockage in bgp_write.
BGP does handle the cases of TCP socket buffer full by queuing a write
event back, there is no functional issue there as such. Still,
increasing the peer socket buffer size should help reduce event queueing
in BGP.
Signed-off-by: Vipin Kumar <vipin@cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com>
[DL: patch split, this is item 3.]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 48fc05fb7e6ee44db9f73f3194bfd4738b7f9dc1
Author: Vipin Kumar <vipin@cumulusnetworks.com>
Date: Thu Jan 9 00:31:22 2014 +0000
bgpd: fix O_NONBLOCK on outgoing connects
BGP was setting sockets to be non-blocking only for the accepted passive
peers. As a fix, setting the BGP sockets to be non-blocking even for
the active peers.
Signed-off-by: Vipin Kumar <vipin@cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Reviewed-by: Dinesh Dutt <ddutt@cumulusnetworks.com>
[DL: patch split, this is item 1.]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 6aa136f1eaeb0dfc1e39e6c2cd6380a399ef126f
Author: Vitaliy Senchyshyn <vsenchyshyn@toroki.com>
Date: Wed Oct 2 10:40:20 2013 +0000
bgpd: send notify in OpenSent when stopping manually
The issue it fixes is that the notification message is not sent to a
second peer when bgp is stopped manually.
According to BGP RFC4271, section 8.2.2, regarding the FSM transitions,
in OpenSent state:
If a ManualStop event (Event 2) is issued in the OpenSent state, the
local system:
* sends the NOTIFICATION with a Cease,
* sets the ConnectRetryTimer to zero,
* releases all BGP resources,
* drops the TCP connection,
* sets the ConnectRetryCounter to zero, and
* changes its state to Idle.
I've added a check for OpenSent state when the notification is sent from
the functions which are called from the CLI commands which
directly/indirectly stop/restart BGP.
Acked-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit b366b518401e0b0652cd70d297d3fb67b4803db0
Author: Boian Bonev <bbonev@ipacct.com>
Date: Mon Sep 9 16:41:35 2013 +0000
bgpd: display multipath status in "show ip bgp"
The output of "show ip bg" does not show whether and which routes are
installed as multipath routes along the best route:
BGP table version is 0, local router ID is 10.10.100.209
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0/24 10.10.100.1 1 111 0 15169 i
* i 10.10.100.2 1 111 0 15169 i
* i 10.10.100.3 1 111 0 65100 15169 i
This patch adds a new status code that is showing exactly which routes
are used as multipath:
BGP table version is 0, local router ID is 10.10.100.209
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.0.0.0/24 10.10.100.1 1 111 0 15169 i
*=i 10.10.100.2 1 111 0 15169 i
* i 10.10.100.3 1 111 0 65100 15169 i
The inconsistency in the status code legend ("i - internal" vs. "i internal")
inherent from old IOS was fixed. It had to be touched anyways.
Signed-off-by: Boian Bonev <bbonev at ipacct.com>
[DL: rewrap long line, clean whitespace in same chunk]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 689bb66c6a92d238bed1a8b0920438c5a2271966
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Sat Sep 7 07:13:37 2013 +0000
bgpd: track correct originator-id in reflected routes
ISSUE:
Suppose route1 and route2 received from route-reflector-client1 and client2
respectively have identical attributes. The current logic of creating the
adj-rib-out for a peer threads the 'adv' structures for both routes against
the same attribute. This results in 'bgp_update_packet()' to pack those
routes in the same UPDATE message with one attr structure formatted. The
originator-id is thus set according to the first route's received router id.
This is incorrect.
PATCH:
Fix bgp_announce_check() function to set the originator-id in the
advertising attr structure. Also, fix the attribute hash function and
compare function to consider originator-id. Otherwise attributes where all
fields except the originator-id are identical get merged into one memory
location.
Signed-off-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Reviewed-by: Ken Yin <kyin at cumulusnetworks.com>
[DL: whitespace changes dropped]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 2fdd455cfd1f758b7aa2e6c8e3d185098b93908c
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Sat Sep 7 07:02:36 2013 +0000
bgpd: add 'bgp bestpath as-path multipath-relax'
Compute multipath in BGP based on AS_PATH hop count match. If the knob
is turned on, it is not required to have an exact match of AS_PATHs
(provided other multipath conditions are met, of course).
Signed-off-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit d92a2f39b46f1990052d2db046b47edf7bb21ebb
Author: Jorge Boncompte [DTI2] <jorge@dti2.net>
Date: Wed Jul 31 16:36:08 2013 +0000
bgpd: use ATTR_FLAG_BIT() for BGP_ATTR_ values
* bgp_attr.c: this UNSET_FLAG()s are bogus. I did a quick review and
I think that they could not cause any bug anyway.
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit cbf435cb72b937c9e5bfe38905e05de3755b1021
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Apr 28 11:42:20 2014 +0000
ospfd: add debug messages for router lsa-generation
Add log messages to lsa_link_broadcast_set so it becomes more
apparent why a particular broadcast interface was added as
transit or stub interface.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit b4b359a265f1b6272b4eb17c11e9c6ef9817f34b
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Mon Apr 28 10:58:06 2014 +0000
ospfd: For an ABR, ensure the right LSID is MaxAge'd
PROBLEM:
Accurate garbage collection of maxage LSAs. The global OSPF structure has
a maxage_lsa tree - the key to the tree is <ls-id, adv-router> tuple. Suppose
the ABR has multiple areas and has originated some intra-area LSAs. The
key for all those LSAs is the same. The code then ends up in a state where
all but the first LSA do not get cleaned up from the areas' LSDB. A subsequent
event would readvertise those LSAs.
PATCH:
Since the LSA is going to stick around till it actually gets cleaned up by
the maxage_walker, make the LSA pointer as the key. Each distinct LSA that
gets maxage'd then gets added to the tree and will get cleaned up correctly.
Signed-off-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
[CF: Use CHAR_BIT; use uintptr_t; use sizeof(field) instead of sizeof(type)]
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
[DL: this must remain a temporary fix! needs to be redone after 0.99.23]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8afee5c1729e56f74d27ceb1766bea9f943f060c
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Apr 28 08:04:59 2014 +0000
ospfd: clarify indentation and comments in ospf_lsa_maxage_delete
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e387dfd18ded3ddfef4c0a9cb896f73831864579
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Apr 28 08:04:58 2014 +0000
ospfd: fix a reference counting issue introduced by commit 4de8bf0011
Commit 4de8bf0011 added a return statement to a loop iterating over a
route_table. That loop uses route_top/route_next.
As commit 4de8bf0011 failed to add a route_node_unlock before the
return statement, a reference is leaked when this codepath is taken.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 49d7af115177d05bd66d3115cbacd56a7591ec5e
Author: Lu Feng <lu.feng@6wind.com>
Date: Fri Feb 21 08:11:15 2014 +0000
ospfd: check the LS-Ack's recentness instead of only comparing the #seq
ISSUE:
RTA(DR)-----(BackupDR)RTB
RTA advertises a new LSA to RTB, and then flushes the LSA (with setting
the age of the LSA to MaxAge) within 1 second. Then the LSA is deleted
from RTA, while it still exists on RTB with non-MaxAge and can not be
flushed any more.
FIX:
The reason can be explained in below:
a) RTA -- new LSA, #seq=1 --> RTB (RTB will send the delayed Ack in 1s)
b) RTA -- MaxAge LSA, #seq=1 --> RTB (RTB discards it for the MIN_LS_ARRIVAL)
c) RTA <-- Ack for the new LSA, #seq=1 -- RTB (RTA accepts it)
In the step c), ospf_ls_ack() compares the #seq of the entry in the LS-Ack
with that of local MaxAge LSA. The #seq of the two entries are same. So
the Ack is accepted and the LSA is removed from the retransmit-list (while
it should not).
In RFC2328, section 13.7. Receiving link state acknowledgments:
o If the acknowledgment is for the same instance that is <==
contained on the list, remove the item from the list and
examine the next acknowledgment. Otherwise:
where "same instance" does not mean the same #seq. We must call
ospf_lsa_more_recent() to check whether the two instances are same.
Signed-off-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 4b4bda9bb1913579bd54667f62fafe58e2746478
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jul 11 07:56:29 2013 +0000
ospfd: don't allow to set network type on loopback interfaces
OSPFd only allocates some stub information for loopback interfaces.
This causes a crash when the interface state machine is started on
that interface by configuring a different network type.
It doesn't make much sense to configure the network type of a loopback
interface, therefore, just forbid it.
See also bugzilla #670.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 7a9d983e4f961c2103f2cf82a51d5d8321ad0e43
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Jul 10 11:56:18 2013 +0000
ospfd: run DR election prior to LSA regeneration
The results from DR election are used when constructing router-LSAs.
E.g. they are used to determine whether a broadcast interface should
be added with a link type of stub interface or transit interface.
Therefore, we should run DR election prior before regenerating LSAs.
Before commit c363d3861b5384a31465a72ddc3b0f6ff007a95a the DR election
was called synchronously prior to router-LSA regeneration which was run
asynchronously.
This fixes bug #761 on the Quagga bugzilla.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 24c84dbe806084552d7bb14b9f1d00514a048b9d
Author: Ken Williams <kenneth.j.williams@intel.com>
Date: Tue Apr 15 02:23:11 2014 +0000
zebra: Change the mechanism for comparing route ID's.
The current format uses subtraction of two ints. Unfortunately, the
subtraction method does not work for all combinations of numbers.
For example, the with numbers represented by 10.x.x.x and 192.x.x.x,
10.x.x.x - 192.x.x.x will yield a very large positive number indicating
that 10.x.x.x is larger.
Signed-off-by: Ken Williams <kenneth.j.williams@intel.com>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 4becea724ccd87e88f8454622ae227308b5fa3ce
Author: Christian Franke <chris@opensourcerouting.org>
Date: Tue Nov 19 14:11:42 2013 +0000
lib: use heap to manage timers
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 514991c76366c2a9f4c644714ad0722df0eed532
Author: Christian Franke <chris@opensourcerouting.org>
Date: Tue Nov 19 14:11:41 2013 +0000
lib: remove unused thread_master_debug function
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit ba32db1e854ff2b26861a2d4e4193a9f1b3816cd
Author: Christian Franke <chris@opensourcerouting.org>
Date: Tue Nov 19 14:11:40 2013 +0000
tests: Add tests for timers
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 6f2a67031cfb21362fc7ecd3251761799c8ffe27
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Sep 30 12:27:52 2013 +0000
ospfd/ospf_vty.c: use keyword cmd style
Use the new keyword command style for:
- default-information originate
- distance ospf
- redistribute
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit cd40b329a2e4da882bcad0431c048c876bbeafbd
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Sep 30 12:27:51 2013 +0000
lib/command.c: rewrite command matching/parsing
Add support for keyword commands.
Includes new documentation for DEFUN() in lib/command.h, for preexisting
features as well as new keyword specification.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e712d0e3667ffad8109ef8bce3ce01927ee95bb7
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Apr 1 19:34:55 2014 +0200
tests: fix build & disable testcommands
The perils of having tests, the test wasn't tested thoroughly enough...
Fixup various automake problems, and then disable it since it depends on
configure parameters in its current version.
For 0.99.24 we can ship a static copy of vtysh_cmd.c and have it
reenabled.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8f399b0e4fff2344d75ebf709e1ce55f15269db2
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Sep 30 12:27:50 2013 +0000
tests: add a test program for lib/command.c
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 2b00515a9b639fd1e057f3ebf10ded2dde920764
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Sep 30 12:27:49 2013 +0000
bgpd, ospfd, zebra: fix some DEFUN definitions
Fixup some DEFUNS with incorrect command strings or mixed up helpstrings.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f7bf41534e885c7bc077529c591a1bce24a5f1e9
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Oct 22 17:10:21 2013 +0000
zebra: apply syntactic sugar to rib_dump()
strip the explicit __func__ present on all calls and make the prefix
argument a transparent union.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit db19c85679b08668c3dce73a655c21753042cf06
Author: Brett Ciphery <brett.ciphery@windriver.com>
Date: Thu Oct 3 13:48:54 2013 +0000
zebra: set metric for directly connected routes via netlink to 0
a value of 1 is hard coded for the metric field, much like the
ifconfig utility it may have roots in. in order to be in line
with the metric used in the linux kernel itself, we switch this
to 0.
Signed-off-by: Brett Ciphery <brett.ciphery@windriver.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 98a59492d9152df8c93612d2d12f170b5c034189
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Thu Aug 1 08:12:25 2013 +0000
build: remove now-useless --{en, dis}able-tests
commit d771020 "don't build tests unless make check is run" has made the
--{en,dis}able-tests switch completely useless. The differentiation is
now made by running "make check" or not doing so. The only effect of
the switch is an "empty" excursion of make into the tests/ directory.
(well, and it turns "make check" useless from the main directory if
--disable-tests is given, which I don't think makes sense either)
Acked-by: Greg Troxel <gdt@ir.bbn.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8c99b4c11e69e4cf0ac03c551764cccc0a3fe35a
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Thu Aug 1 07:43:36 2013 +0000
build: improve backtrace support/detection
libexecinfo is used to provide backtrace() on *BSD. The API is
compatible with glibc's, so this is a "free" improvement.
To improve configure behaviour, the following configure options are
modified/introduced:
* --enable-gcc-rdynamic now defaults to "on" if the compiler is gcc.
(I sadly wasn't able to find any documentation on the availability of
this option for llvm, even though at least the version I have
installed does support it)
* --enable-backtrace has been added. This behaves as off/auto/on
switch, i.e. giving either {dis,en}able will result in the requested
behaviour (or an error if support wasn't found)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit af514777f4327932a3e84f83d79e941967503e15
Author: Jorge Boncompte [DTI2] <jorge@dti2.net>
Date: Wed Jul 31 16:16:05 2013 +0000
lib: fix possible off-by-one in stream_put_prefix()
The STREAM_WRITEABLE() call only checks if there is space for the
prefix in the stream but does not account for the prefixlen. The
stream_putc() call reduces available space by 1 and we can end
copying one byte too much and with "endp" off by one if we are
near the buffer end.
Instead of moving the stream_putc() call before STREAM_WRITEABLE(),
we check before hand for the required space, and open-code it. This
avoids a function call and verifying again the stream buffer.
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 6d729eeac91578dca29961e0e46f246f33c37f0c
Author: Jorge Boncompte [DTI2] <jorge@dti2.net>
Date: Wed Jul 31 15:01:18 2013 +0000
lib: fix for dynamically grown hashes
Fixes commit 97c84db00c (hash: dynamically grow hash table). The
no_expand field it's not initialized and could make the hashes to
never grow the table index.
Signed-off-by: Jorge Boncompte [DTI2] <jorge@dti2.net>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 4d474fa3297c0d5d632e2c0bff6ccb0edbedaa5d
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Nov 19 15:00:06 2013 +0100
lib: fix backtraces broken by 837d16c...
837d16c ("*: use array_size() helper macro") accidentally changed one of
the expressions in the backtrace code, which afterwards read:
zlog_backtrace_sigsafe():
if (((size = backtrace(array,array_size(array)) <= 0) ||
which boils down to: (size = backtrace(...) <= 0). The braces were
intended to go: (size = backtrace(...)) <= 0.
All in all, this makes a nice textbook example of the original author
being too clever (trying to save a single line by pulling the assignment
into the condition) and the next person touching the code tripping over
it...
This code occurs another time in zlog_backtrace() where it is actually
correct. Pulling out the assignment nonetheless. Also, new test
program.
Cc: Andrew J. Schorr <ajschorr@alumni.princeton.edu>
Cc: Balaji.G <balajig81@gmail.com>
Cc: Scott Feldman <sfeldma@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c78a46c27f6dfdd42fe0800cebabc1e49cb0a4bf
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Mar 20 10:50:09 2013 +0000
ospf6d: fix refcounting in ospf6_asbr_lsa_remove
When iterating over a list, also the last node should be unlocked again.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit fd5006896fce2816244c1ef4cabc736279548538
Author: Vincent Bernat <bernat@luffy.cx>
Date: Wed Oct 24 14:45:54 2012 +0000
ospf6d: add "auto-cost reference-bandwidth" command
This command allows the user to change to default reference bandwidth
for cost calculations. The default value is 100 Mbps. With a default
bandwidth of 10 MBps, the default cost becomes 10. Those values are
consistent with OSPFv2.
[DL: resolved conflicts in vty command additions & docs]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c19543b223d3b8463c048f346b8044589e0cce39
Author: Vincent Bernat <bernat@luffy.cx>
Date: Wed Oct 24 14:45:53 2012 +0000
ospf6d: compute interface cost from its bandwidth
Previously, the interface cost was a fixed default value that a user
was allowed to change with "ipv6 ospf6 cost XX". As what is done with
OSPFv2, we change this behaviour to compute the default interface cost
from the interface bandwidth.
The user can still force a cost with "ipv6 ospf6 cost XX". He can get
the default value with "no ipv6 ospf6 cost". Moreover, the default
cost value was 1. The cost is now computed from the bandwidth and a
default reference bandwidth of 100 MBps (as for OSPFv2). Since the
default bandwidth for an interface is 10 MBps, the "default" cost
becomes 10 instead of 1.
[DL: resolved conflict in ospf6d/ospf6_interface.c]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 1db65fadf627637621c342b789b9a3604ca5fab5
Author: Ingo Flaschberger <if@xip.at>
Date: Sun Apr 17 18:28:20 2011 +0000
ospf6d: solve segfaults with ospf6d on FreeBSD
Do not send ospf6d hellos on fresh created interfaces without
configuration (ie. no vlan configured). Ospf6d use ip6_mtu, if it's not
initalised, Ospf6d tries to alloc indefinite size of memory.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e708ed69aa0b993527f48b1f31b645c00750927f
Merge: a11e012 424cc3b
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Mar 18 17:04:25 2014 +0100
Merge volatile/cumulus_ospf6d
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 424cc3bd48da0f417c9056c5c2ade697a3386cd4
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Sat Nov 23 16:55:36 2013 +0100
ospf6d: fix interface_down() stopping hellos
interface_down() - which also handles some nonobvious cases like the
last linklocal address disappearing - was previously not cancelling the
hello timer. This had the effect of multiple such threads ending up
scheduled after a quick down-up cycle.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 11b4f01355703d34099d4da145c7d92e32d98636
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon Dec 9 16:48:55 2013 +0100
ospf6d: clear lsa->refresh before clearing LSAs
This fixes a SEGV when we receive a higher-SeqNum copy of a LSA that we
originated ourselves, before a reboot of ospf6d. We create a new
copy of the LSA to resync the SeqNum, but then half an hour later
the old refresh thread ends up trying to refresh the free()'d old LSA.
The SEGV is triggered by this chain:
ospf6_lsdb_maxage_remover
-> thread_execute(ospf6_lsa_refresh)
-> old->refresh = NULL
Which assumes that old->refresh is no longer scheduled to run, as it is
being run right there. But the thread_execute() doesn't know about
old->refresh and therefore didn't remove it.
(Found by ANVL OSPFV3-16.17)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit b13c1d9299d6426f48f074545f3e403e5a9b8a61
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Dec 13 16:11:16 2012 +0100
ospf6d: handle missing link local address more gracefully
ospf6 can't run on an interface without a link local address.
Don't start the state machine when an interface comes up without
such an ip and bring it up later, when a usable link local
address is added.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit d9628728e0924ae13ef6e8f8a67a2c9802745184
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Mar 8 21:47:35 2013 +0100
ospf6d: improve ordered shutdown
Improve the _disable/_enable infrastructure so it gets into
a more usable shape and make 'no router ospf6' actually work.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a11e012e8661629d665e992e765741a5eaa7d017
Author: Remi Gacogne <rgacogne-github@coredump.fr>
Date: Sun Sep 8 13:48:34 2013 +0000
security: Fix some typos and potential NULL-deref
This patch against the git tree fixes minor typos, some of them possibily
leading to NULL-pointer dereference in rare conditions.
Signed-off-by: Remi Gacogne <rgacogne-github@coredump.fr>
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Acked-by: Feng Lu <lu.feng@6wind.com>
commit b52aef18a9f3acc8b24ab5c2631dc574b8e2ec70
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Nov 27 17:06:15 2013 +0000
zebra: log routes w/o gateway in rib_delete_ipv4
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 23f5f7c3dd805b7d6a46d86d23aaa5c71273a84a
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Nov 27 17:06:14 2013 +0000
zebra: match gateway when deleting NEXTHOP_IPV4_IFINDEX routes
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
commit a25a1264a5615a90e9ca9f60ccc1f397ca55bc56
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Nov 27 14:36:05 2013 +0000
ospfd: fixup log message in ospf_zebra_delete
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Feng Lu <lu.feng@6wind.com>
commit 6ee06fa9ed91412cb745668d462031cdbe2642e0
Author: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Date: Sun Jan 12 18:30:13 2014 +0000
bgpd: bgpd-set-v4-nexthop-for-v6-peering.patch
BGP: While advertising v4 prefixes over a v6 session, set the correct v4 nexthop.
ISSUE:
For an IPv6 peer, BGPd sets the local router-id as the next-hop's v4 address.
This is incorrect as the router-id may not be a valid next-hop to be included
in UPDATEs that contain v4 prefixes.
PATCH:
Set the v4 address in the next-hop field based on the interface that the
peering is on (directly connected interface or loopback).
Signed-off-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Acked-by: Feng Lu <lu.feng@6wind.com>
commit 37531a7ec380554b18c004bcae9f5a070385d132
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Dec 13 13:50:28 2012 +0100
ospf6d: clear DR info on interface_down
This fixes an issue where ospf6d would send incorrect hellos and
perform wrong DR election when an interface went down and up
again.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
commit 1579a67f130ca34df9acefac14ebcdfdd8f6600a
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Mar 8 02:35:38 2013 +0100
ospf6d: set cmsg size correctly
On both Linux and FreeBSD, msg_controllen should be set to
CMSG_LEN, not CMSG_SPACE. This avoids sending 4 bytes of
trailing garbage to the kernel.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
commit 7d4aa1d57d54a57aae78e6b12cf4524e2c43a514
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Dec 13 16:10:05 2012 +0100
ospf6d: don't run DR election early on "ipv6 ospf6 priority"
On changing the router priority, DR election should only be run when it
was completed at least once before.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
commit ba960d5ae43e49991ed70fbe9ffa2e4567437a31
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Mon Aug 26 03:40:37 2013 +0000
ospf6d: fix integrated config
With integrated config, the line defining an interface to be p2p is defined
before assigning the interface to an area. When during the interface
transition, there is an attempt to generate a router LSA, the process
crashes. This fix addresses that.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a0edf6740e8203abec1ee3efa344a417c16fec7b
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Mon Aug 26 03:40:23 2013 +0000
ospf6d: add SPF logs, statistics, and display of SPF parameters
Signed-off-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
[DL: adapted to rebase / readded randomly lost line]
[DL: killed timeval_subtract]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 3d35ca482babab4267570143b8327fc894df0ff8
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Mon Aug 26 03:40:16 2013 +0000
ospf6d: add 'log-adjacency-changes [detail]'
Similar to OSPFv2, add support for 'log-adjacency-changes [detail]' to log
changes in adjacency state of ospfv3 neighbors.
Signed-off-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 7cf997226e86d98839f1e7872ca98b023ffea98e
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sun Aug 25 03:03:39 2013 +0000
ospf6d: don't send LSAck on an interface if we've flooded the LSU out that i/f
If we flood an LSA back out the same interface we received it from, don't send
an LSAck out that interface for that LSA. This is as per RFC 2328, section 13.5
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 01879114f73adaf1cd4c9f5e7ae1550b72ff9ca9
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sun Aug 25 03:03:31 2013 +0000
ospf6d: handle Prefix and Router Options bits correctly
Ensure that prefixes with the NU/LA bit set do not get added to the routing
table. Ensure that routers with the V6/R bit set do not get added as transit
routes.
Signed-off-by: Dinesh Dutt <ddutt at cumulusnetworks.com>
[DL: adjust to rebase]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e68a67672ccfabefadac36c66e88af997fb572b2
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sun Aug 25 03:03:23 2013 +0000
ospf6d: add LSA payload to show summary output
Unlike OSPFv2, the LSID of an LSA isn't sufficient to know what the contents
of the LSA are. Its useful for debugging and basic eyeball tests to see the
contents of the LSA in the simple tabular format of "show ipv6 ospf6 database".
This patch adds that output to the command. It replaces the existing fields of
"duration, Chksum and Length" with a single field called Payload which is
dependent on the LSA type. For Inter-Area Prefix, Intra-Area Prefix and
AS-External LSAs, this will be the advertised prefix/prefix length, for Router
LSAs, it is RtrID/IfID etc.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
[DL: rebase fix, line disappeared in ospf6_abr_originate_summary_to_area]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 931b1b8c9a612665391ed43653c970fcb38bbbf0
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sun Aug 25 03:03:15 2013 +0000
ospf6d: increment dbdesc seqnum on SeqNumberMismatch/BadLsReq event
As per RFC 2328, section 10.3, if the neighbor state machine reaches
SeqNumberMismatch state when the NSM is in state Exchange or greater,
"router increments the DD sequence number in the neighbor data structure,
declares itself master (sets the master/slave bit to master), and starts
sending Database Description Packets, with the initialize (I), more (M)
and master (MS) bits set.".
The existing code doesn't increment the DD SeqNum. This patch fixes that.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 7a10a359e9740710c1e39c8be0f761f506795480
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sun Aug 25 03:03:07 2013 +0000
ospf6d: don't change SeqNum on initial DbDesc message
The code was setting the DbDesc seqnum to the current seconds value of time if
this was the initial DbDesc. However, the same code was getting invoked if the
initial DbDesc was retransmitted. Caused ANVL test XX.XX to fail.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 3b220289a4d0da4539d965ca71e9479d68c87b11
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 08:00:44 2013 +0000
ospf6d: handle seqnum wrapping
Signed-off-by: Shrijeet Mukherjee <shm at cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
[DL: mechanical adjust to rebase]
[DL: adjust to removal of timerwheel code]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f41b4a021659dd48d62b1a7aac4b28e3663dbdaa
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 08:00:37 2013 +0000
ospf6d: add overload support
OSPFv3: Support setting/clearing overload bit on router
It is sometimes necessary for a router to gracefully remove itself from
the SPF tree i.e. it cannot act as a transit router. It does this by
setting the overload bit in the router LSA. This patch adds support for
enabling/disabling the overload bit.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
[DL: patch applied with fuzz]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e7ad6b20d7a7c63ed7c640ab9f61c853e77508c5
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:57 2013 +0000
ospf6d: fix linkdown handling
Ensure OSPFv3 handles link down even correctly.
OSPFv3 checks only the administrative status of a link instead of its
operative status. This prevents it up from detecting a real link down
event and reacting appropriately. Only protocol timer timeouts make it
detect a link down eventually. This patch makes it look for the operative
status of a link instead of admin status.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: James Li <jli at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit b81e97a8a7f85ecc7489dc8a7c7b9d403d9c4bc6
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:50 2013 +0000
ospf6d: correct nexthop through directly connected networks
This is implementing this part of RFC 2328:
This is the "first case", see below,
16.1.1. The next hop calculation
...
If there is at least one intervening router in the current
shortest path between the destination and the root, the
destination simply inherits the set of next hops from the
parent. Otherwise, there are two cases. In the first case,
the parent vertex is the root (the calculating router
itself). This means that the destination is either a
directly connected network or directly connected router.
The outgoing interface in this case is simply the OSPF
interface connecting to the destination network/router.
...
The current Quagga code always tries to inherit the nexthop from
a parent vertex, but does not cover the case that the destination
is directly connected to the root vertex. This patch adds support
for that case.
Signed-off-by: James Li <jli at cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 17d003da963d6294e5ab95c690de285eccf0bac0
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:43 2013 +0000
ospf6d: don't suppress empty router LSA
Currently in OSPFv3 implementation, if all the interfaces are down/loopback
or are without any full adjacencies, the router LSA is suppressed. So for
a router with only stub networks, no router LSA is generated. However,
intra-prefix LSAs are generated for the stub networks and these intra-prefix
LSAs will reference the router LSA. So the router LSA really should not be
suppressed. It needs to be generated to be the starting vertex for SPF
w.r.t the stub networks.
Signed-off-by: James Li <jli at cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e39d05384d4563f04edf339bbd67a117dd18e533
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:36 2013 +0000
ospf6d: turn off expensive debugging
OSPF6 has very expensive LSDB and route debug on by default. This needs to be
turned off for scaled performance.
Signed-off-by: James Li <jli at cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>Summary:
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a765eb9383c53c68523a67b36cea92eadf6f3439
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:14 2013 +0000
ospf6d: convert LSDB to use route_node, improve performance
the performance in the presence of a large number of LSAs. I also verified
that the performance improvements stayed in the presence of a large number
of peers (I tested upto 128).
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>Summary:
Reviewed-by: James Li <jli at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit eb82e9ee81792f86548d4937486b5dcbbd411a98
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:07 2013 +0000
ospf6d: fix neighbor state machine (faster lsdb sync, RFC compliance)
The OSPFv3 code doesn't do the following things right as part of an adjacency
bringup:
- Transmit DbDesc frames appropriately to ensure faster state transition to
Loading state
- Transmit LsReq frames when switching to exchange state and on receipt of
an LS update in Loading state
- Requesting LSAs multiple times in LsReq.
It currently uses retransmit timer expiry to send the LsReq and DbDesc frames
which significantly slows down large lsdb syncs.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c5926a92235874574b20e426a3752c1451a90ec7
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:55:00 2013 +0000
ospf6d: add p2p interface support
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Signed-off-by: Ayan Banerjee <ayabaner at gmail.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Reviewed-by: James Li <jli at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit bf986da797e7d2a0aaae313fea626ba433581f03
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:54:50 2013 +0000
ospf6d: fix various bugs in installing and flooding LSAs
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8ae454e779d5620576990f4bf5da3a35f913cc4d
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:54:41 2013 +0000
ospf6d: add more details to show ipv6 ospf6 data
Specifically, it displays the flags, lock and retransmission count fields.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: JR Rivers <jrrivers at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 09df4574b95dbb5880eb2d3c3c3c900687a9a3ef
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:54:31 2013 +0000
ospf6d: enable the commands to support detailed debugging of LSAs.
The code for the commands exists, but it hasn't been defined in the
definition of the command itself. This patch fixes that.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit ac58e143f7278d5faaad7a8672e48328b03cffa5
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:54:24 2013 +0000
ospf6d: remove older version of LSA from neigbor retx list before prematurely aging it.
See comment in code for very detailed issue and fix.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 2449fcd64ae95d5fbfd95d93468fc57003def57d
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:54:17 2013 +0000
ospf6d: reinvoke MaxAge remover thread if not all MaxAge LSAs were flushed.
MaxAge LSAs are being flushed out only on an event, unlike OSPFv2 where they're flushed out
periodically. This causes certain LSAs to hang around forever, never getting flushed out.
This patch makes flushing out MaxAge LSAs periodic, retriggered after a certain period if
not all MaxAge LSAs were flushed out.
Signed-off-by: Dinesh G Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 3810e06eebe14f75c66fb17a88574384573e95fa
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Sat Aug 24 07:54:09 2013 +0000
ospf6d: schedule SPF to run on events rather than directly on each event.
OSPV3 SPF triggers on every SPF-able event instead of using timers the way
OSPFv2 does. This patch makes SPF be triggered/throttled similar to OSPFv2.
It adds a command to quagga identical to the OSPFv2 equivalent to configure
these timers.
Summary:
Signed-off-by: Dinesh Dutt <ddutt at cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma at cumulusnetworks.com>
[DL: removed reference to oa->ts_spf for rebase]
[DL: killed timeval_subtract]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8551e6dadce41fb87a61767af723cb25ae611a04
Author: Dinesh Dutt <ddutt@cumulusnetworks.com>
Date: Tue Oct 22 17:42:18 2013 -0700
ospf6d/ospfd: refactor some common defines
Rearranging common defs and structures for use betweeen OSPFv2 and
OSPFv3. Created a new file called libospf.h under lib directory to
hold defines that are common between OSPFv2 and OSPFv3 code bases.
[DL: split of defines refactor from timer refactor]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a83a1e9c2f035d3152451dcfc97ab13b4ac427b9
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Oct 22 11:35:48 2013 -0700
build: fix tests/prng.h missing from dist
broken by fa713d9... "zebra: rework recursive route resolution", and I
forgot to squash the fix into that.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit fed643f4093abc0ed5e796aab9047768f7036ed6
Author: Vincent Bernat <bernat@luffy.cx>
Date: Tue Oct 23 16:00:42 2012 +0000
zebra: make rib_dump() compatible with IPv6 RIB
[DL: resolved conflicts in zebra_rib.c]
[DL: fix usage with --disable-ipv6]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f3a1732eb3bb41c094ec558d2aeee2766878a91d
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 15:35:41 2013 +0000
zebra: apply route-maps for interface routes
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c3e6b595160cd3aa601ae7e1887e695710cde15d
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 15:35:40 2013 +0000
zebra: fix recursive-routes via ifindex routes
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit e8d3d2991f72613edb76dea244a8c8e4684873dd
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 15:35:39 2013 +0000
zebra: implement NEXTHOP_FLAG_ONLINK
On Linux, the kernel will only allow for a route to be installed when
its gateway is directly attached according the kernel fib.
There are cases when this restriction by the kernel is too strong, in
those cases, we deploy the RTNH_F_ONLINK netlink flag.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 48a53dc71cb422e619859b79d5069e02fcd867d0
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 15:35:38 2013 +0000
zebra: handle blackholes encountered in recursive resolution
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit fa713d9ee5ed30dedd0a290be9aaff780a2896be
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 15:35:37 2013 +0000
zebra: rework recursive route resolution
Change the datastructure for recursive routes. This brings the following
benefits:
By using struct nexthop also to store nexthops obtained by recursive
resolution, we can get rid of quite a bit of code duplication in the fib
management. (rt_netlink, rt_socket, ...)
With the new datastructure we can make use of all available paths when
recursive routes are resolved with multipath routes.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit bfac8dcd2fe7ed099a679b5c8245599c6d0312ed
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:50 2013 +0000
zebra: improve interface shutdown behaviour
Linux removes IPv6 addresses when the interface is set down. Those
addresses need to be readded when the interface is set up again.
Also, an interface should not be reactivated from shutdown by configuring
an ip address.
Finally, remove the three-state logic for the shutdown setting as its
sole current use may be mild confusion.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 02b4805f3914ef6ba0242c6f4dd1b6759ef97bf2
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:49 2013 +0000
zebra: don't change connected state from zebra/interface.c
Try to avoid changing connected state from zebra/interface.c as this
means making assumptions about kernel behaviour which may be or may
become wrong. This state should rather be updated by events from the
kernel.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f7f740fe58fb838fc87e82dc7e1e2d4e5ccf085c
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:48 2013 +0000
zebra: add ZEBRA_IFC_QUEUED to keep track of kernel state
As there are timeframes when we don't get a notification from the kernel
about new addresses. (e.g. while Linux performs IPv6 DAD), we need to
have some information whether an address has been sent to the kernel or
not.
One case where this is relevant would be a user adding an IPv6 address,
but deleting it before DAD has been complete. With the next patch which
removes some (ill assuming) synchronous parts in address setup,
ipv6_address_uninstall would not know whether or not it has to actually
delete the prefix from the kernel. Resolving these windows where we lack
information is what the flag ZEBRA_IFC_QUEUED is intended for.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c7df92de2dc91d0a934cf892e543728cb1a10849
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:47 2013 +0000
zebra: warn if advertising connected with _REAL unset
The implementation in zebra and the zclient protocol allow to communicate
addresses to clients which are not yet in the kernel.
This is usually not done and most clients seem to expect an address to be
configured in the kernel when they receive it. Therefore, it seems
reasonable to issue a warning when advertising an address to the clients
that is not yet in the kernel.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit d7f5dad6d1ab3078fcabc79e15a88873940c074d
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:46 2013 +0000
zebra: consolidate connected_implicit_withdraw
connected_implicit_withdraw is used at two places and followed by exactly
the same code. Move that code into connected_implicit_withdraw and give
that function a more descriptive name.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 676e1a0142ec8b181d4d7ea1038f461bc67c1ee1
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:45 2013 +0000
zebra: clear ZEBRA_IFC_CONFIGURED on "no ipv6 addr"
To match the semantics of IPv4, the ZEBRA_IFC_CONFIGURED flag
should be cleared when an IPv6 connected is uninstalled via
vty.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 9db047fcb1bedcf1a5a1962e49aa70f48f969b96
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:44 2013 +0000
zebra: make if_subnet_delete a bit more strict
Enhance if_subnet_delete so it will complain about improper use.
Also, fix one occurence of improper use where it was called for
IPv6 as well.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 599da95527ec8e09cd3d890dc3addc6f2e791a0c
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Jan 24 14:04:43 2013 +0000
zebra: process information about new addresses (BZ#486)
Because of a change of semantics in the Linux kernel, information
about changes made by zebra itself was not considered for updates.
This change should fix this by accounting for the new semantics.
It is based on a patch by lich posted to the bugzilla #486
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 23cd8fb7133befdb84b3a918f7b2f6147161ac6e
Author: David Lamparter <equinox@diac24.net>
Date: Fri Aug 2 07:27:53 2013 +0000
ospfd: protect vs. VU#229804 (malformed Router-LSA)
VU#229804 reports that, by injecting Router LSAs with the Advertising
Router ID different from the Link State ID, OSPF implementations can be
tricked into retaining and using invalid information.
Quagga is not vulnerable to this because it looks up Router LSAs by
(Router-ID, LS-ID) pair. The relevant code is in ospf_lsa.c l.3140.
Note the double "id" parameter at the end.
Still, we can provide an improvement here by discarding such malformed
LSAs and providing a warning to the administrator. While we cannot
prevent such malformed LSAs from entering the OSPF domain, we can
certainly try to limit their distribution.
cf. http://www.kb.cert.org/vuls/id/229804 for the vulnerability report.
This issue is a specification issue in the OSPF protocol that was
discovered by Dr. Gabi Nakibly.
Reported-by: CERT Coordination Center <cert@cert.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a12afd5e8e57c95505d4d0166af234c7f19e9fe1
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat May 25 14:01:36 2013 +0000
bgpd, zebra: support NEXTHOP_IPV4_IFINDEX in bgp import check
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit bb97e4622ed6f48e2b8e07f1f94edd03162223a1
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat May 25 14:01:35 2013 +0000
bgpd, zebra: Support NEXTHOP_IPV4_IFINDEX in nexthop_lookup api
Since commit ba281d3d040, ospfd uses NEXTHOP_IPV4_IFINDEX
routes. The API between zebra and bgpd which is used to query
nexthops for recursive routes did not support this nexthop
type and therefore, ospf changes (or any other IGP changes
which use NEXTHOP_IPV4_IFINDEX) would never trigger any
recursive route update.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 5b9f51828db732d56053500b1d257797f7f3401b
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat May 25 14:01:34 2013 +0000
zebra: improve display of NEXTHOP_IPV4_IFINDEX in show ip route
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a0f6ce5b41dcfa059074d72c8fc61896d3e996a9
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Apr 11 08:24:30 2013 +0000
bgpd: honor PEER_FLAG_DISABLE_CONNECTED_CHECK on bgp_scan
When neighbor disable-connected-check was used, bgpd would accept routes
with unconnected nexthop as indended, however those routes would be
invalidated on the next bgp_scan run as that function did not know about
disable-connected-check.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 4ff3bcad8e81b643f3247317a3949d7867b36f75
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Mar 20 10:50:07 2013 +0000
isisd, ospf6d: use bug-report information from autoconf
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit a52070899afed55ae44ed6a140ac090cdf07d141
Author: Christian Franke <chris@opensourcerouting.org>
Date: Thu Apr 11 08:24:29 2013 +0000
zebra: don't printf to stdout on ZEBRA_IPV6_NEXTHOP_LOOKUP
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 67e7a2127c05a8c7dfddd7ffc6378edf6b666d55
Author: Christian Franke <chris@opensourcerouting.org>
Date: Mon Mar 4 09:23:30 2013 +0000
vtysh: don't append superflous spaces (BZ#750)
rl_completion_append_character is reset to space every time the completion
function is entered. So we would have to set it to '\0' every time
new_completion() is called. We can make this conditional and avoid using
rl_pending_input.
This code path is most relevant when there are multiple completion
matches with the same prefix, e.g. in router bgp context: "neighbor 1.2.3.4
pa"<ssive|ssword> would have been completed to "neighbor 1.2.3.4 pass "
instead of "neighbor 1.2.3.4 pass".
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8ff202e2d3fa7ebbd6728fdd230f3ad1a20578cd
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Wed Jul 31 14:39:41 2013 +0200
bgpd: write NOTIFY non-blockingly
switching the socket to blocking may well block the entire bgpd process
for some time if our peer is overloaded (which may well be the original
reason for the NOTIFY)
The error handling is slightly different from the previous ML discussion
on this; buffer exhaustion isn't technically a fatal TCP error, and we
should probably proceed with FSM actions according to a sent NOTIFY
(adjusting timers) even if we didn't manage to get the NOTIFY onto the
wire.
Acked-by: Leonid Rosenboim <lrosenbo@wrs.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 9e47abd862f71847a85f330435c7b3a9b1f76099
Author: Rakesh Garimella <rakesh.garimella@sophos.com>
Date: Mon Mar 11 12:38:31 2013 +0000
bgpd: prevent double address delete on shutdown
bgp_interface_down() and bgp_exit() both proceed to delete the address
from bgpd's interface representation, so the second call gets a NULL
result from the hash lookup and subsequently crashes.
Signed-off-by: Rakesh Garimella <rakesh.garimella@sophos.com>
[reformatted]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 397b5bded5654a31b4bd3b904f091fd3859aecf7
Author: Leonid Rosenboim <lrosenbo@wrs.com>
Date: Tue Jul 30 20:14:25 2013 +0200
bgpd: stricter packet handling in OpenSent
Keepalives and updates are not expected in OpenSent, prior to receiving
the peer's open message. Terminate the session with the proper
notification.
From: Leonid Rosenboim <lrosenbo@wrs.com>
[split off FSM changes, some reordering & cleanup. read handling needs
to be separately addressed]
Signed-off-by: David Lamparter <equinox@diac24.net>
commit c423d413e464913ee88c1ee700e2c4037e6bdb24
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Jul 30 15:36:26 2013 +0200
lib: unconditionally include stddef.h
I've used offsetof() in the previous commit to paper over the security
problems in ospf_api.c. This blows the build on FreeBSD 7.0, missing
offsetof(). Let's add that to zebra's generally used includes.
stddef.h (and offsetof) is defined in C89 section 4.1.5 (and not
deprecated/removed by any later standard). If this causes problems, the
bug report should go against the host OS/compiler...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c51443f4aa6b7f0b0d6ad5409ad7d4b215092443
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon Jul 8 23:05:28 2013 +0200
ospfd: CVE-2013-2236, stack overrun in apiserver
the OSPF API-server (exporting the LSDB and allowing announcement of
Opaque-LSAs) writes past the end of fixed on-stack buffers. This leads
to an exploitable stack overflow.
For this condition to occur, the following two conditions must be true:
- Quagga is configured with --enable-opaque-lsa
- ospfd is started with the "-a" command line option
If either of these does not hold, the relevant code is not executed and
the issue does not get triggered.
Since the issue occurs on receiving large LSAs (larger than 1488 bytes),
it is possible for this to happen during normal operation of a network.
In particular, if there is an OSPF router with a large number of
interfaces, the Router-LSA of that router may exceed 1488 bytes and
trigger this, leading to an ospfd crash.
For an attacker to exploit this, s/he must be able to inject valid LSAs
into the OSPF domain. Any best-practice protection measure (using
crypto authentication, restricting OSPF to internal interfaces, packet
filtering protocol 89, etc.) will prevent exploitation. On top of that,
remote (not on an OSPF-speaking network segment) attackers will have
difficulties bringing up the adjacency needed to inject a LSA.
This patch only performs minimal changes to remove the possibility of a
stack overrun. The OSPF API in general is quite ugly and needs a
rewrite.
Reported-by: Ricky Charlet <ricky.charlet@hp.com>
Cc: Florian Weimer <fweimer@redhat.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 78116ab6e1524815910658898620776ae5fd4d18
Author: Greg Troxel <gdt@ir.bbn.com>
Date: Mon Jul 15 10:15:49 2013 -0400
doc: Modernize INSTALL.quagga.txt.
Note that list of prereq versions is out of date.
Add DejaGnu for testing.
Change references to CVS to git.
Signed-off-by: Greg Troxel <gdt@ir.bbn.com>
commit d77102025a30eef274e8d343bfec75f87899a417
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 18:30:57 2013 +0200
tests: don't build tests unless make check is run
Use check_PROGRAMS instead of noinst_PROGRAMS in tests/Makefile.am
to build the tests only when make check is actually run.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
commit 1bf0ca9a07358ff13b1390f4462669e9ea4915dc
Author: Christian Franke <chris@opensourcerouting.org>
Date: Fri Jul 5 18:30:56 2013 +0200
tests: fix Makefile.am so it works with BSD make
The export statement is specific to GNU make and breaks the build
with BSD make. I couldn't observe any difference in behaviour
between having the export present and absent, therefore, just remove it.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
commit 4c14b7f684510592f2eb46fd84859d8bca57def9
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Feb 20 10:00:54 2013 +0000
ospfd: fix flooding procedure
An ospf router should accept a new maxage LSA into its lsdb if it has any
neighbors in state Exchange or Loading. ospfd would however only account
for neighbors on the same interface which does not seem to be a valid
optimization.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Signed-off-by: David Lamparter <equinox@diac24.net>
commit 4de8bf001189d40e086764fd804e59657d2e21e6
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Feb 20 10:00:52 2013 +0000
ospfd: make ospf_maxage_lsa_remover actually yield
ospf_maxage_lsa_remover whould check whether to yield,
but run on anyway.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Signed-off-by: David Lamparter <equinox@diac24.net>
commit 77ef01392f82c27a9892840c61a5e7391fd82415
Author: Dinesh G Dutt <ddutt@cumulusnetworks.com>
Date: Fri Apr 12 01:37:15 2013 +0000
doc: update TODO for ospf6d work & bgp multipath
This is work in progress at Cumulus Networks.
commit c69905b673812ce6ec2a12960727a27b9b8d6426
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Thu Jan 24 01:39:14 2013 +0100
tests: DejaGNU libzebra
Wrap the few libzebra test programs we have up for DejaGNU.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 5bb7e4d12b3a3015208fad5ee0f3c055b704c8c4
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Feb 26 17:53:30 2013 +0100
tests: DejaGNU bgpd
this just wraps the existing test programs in expect wrappers that make
their results usable to DejaGNU.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f281ab9752393fcc7cbb54c50edb66f25c2a31fb
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Tue Feb 26 16:21:20 2013 +0100
tests: add DejaGNU framework
DejaGNU seems to be the 'standard' GNU test framework (which by itself
doesn't say much), but it seems relatively usable and the "remote
system" capabilities might come in handy for virtualisation-based tests
for kernel interactions or something.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f2b53dac4c72811c06779c596c6162b994eb427a
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Mar 20 15:28:46 2013 +0000
ospfd: restore nexthop IP for p2p interfaces
commit c81ee5c... "ospfd: Optimize and improve SPF nexthop calculation"
subtly changed semantics of routes calculated over pointopoint links by
removing the nexthop IP address and instead using an ifindex route.
This breaks calculation of AS-Ext routes with a forwarding address since
in ospf_ase_complete_direct_routes() this will be hit:
if (op->nexthop.s_addr == 0)
op->nexthop.s_addr = nexthop.s_addr;
thus turning the route unusable by having an invalid nexthop.
Fix by restoring the nexthop IP on routes over PtP links. This also
allows running multi-access (Ethernet) interfaces in PtP mode again.
This bug is a regression against 0.99.21 and only present in 0.99.22.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
[patch description and code comments rewritten]
Acked-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
Acked-by: James Li <jli@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 677bcbbf153fe73e57cb44f668977cbd26661fd4
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Feb 27 13:47:23 2013 +0000
lib/vty: register vtysh socket in server socket vector (BZ#754)
Register the vtysh socket in Vvty_serv_thread so it will be
correctly closed on vty_reset instead of being leaked.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit b68da446e977f8069fb72bce73402e2234ffc1d9
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Thu Feb 28 22:17:00 2013 +0100
ripd: correctly redistribute ifindex routes (BZ#664)
ripd had a check to restrict metric 0 to only directly connected routes.
This check was implemented by checking against Connected as route type.
This is, however, incorrect -- all routes that directly use an interface
without a nexthop should be treated as directly connected and passed off
with metric 0.
ripngd does not posess such a check and was not touched.
Reported-by: Sean Fulton <sean@gcnpublishing.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 8df55970b64984e5071afd510caad5e778569bc1
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Fri Mar 1 12:03:58 2013 +0100
build: reference libcap from libzebra (BZ#393,626)
While the actual build failures have been fixed independently by
d1d3ac9 "build: reorder libraries to address linker error", libzebra
still does not reference libcap. This will lead to more build failures
if someone else tries to use libzebra and doesn't add libcap.
Let's just add libcap here and be done with it.
I've not added libcap to the _DEPENDENCIES variable above since libcap
is a system library. Actually, the whole _DEPENDENCIES thing is rather
fishy; automake automatically sets _DEPENDENCIES from _LIBADD. For the
sake of not breaking stuff that works (especially since most autotools
stuff is arcane magic), I'm leaving it alone...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 58952492d2eedd4b7974274a578a1fa9707125bb
Author: Christian Franke <chris@opensourcerouting.org>
Date: Wed Feb 20 10:00:53 2013 +0000
ospfd: fix LSA initialization for build without opaque LSA
If configured without opaque LSA support, the old code would incorrectly
associate type 5 LSAs with an area.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit c095185c26f72bff14238ca1209ef6b2d7a8b935
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Sat Feb 23 22:17:21 2013 +0100
tests: make --disable-bgpd kill bgpd tests too
bgpd tests don't compile or run with --disable-bgpd, let's catch this in
the Makefile.
Reported-by: Joachim Nilsson <troglobit@gmail.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 4a014580ff85428aa41b28503554b2ce982805be
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Wed Feb 27 11:24:24 2013 +0100
build: fix minimal mixup in gitinfo suffix
the original version of this had issues with tagless repositories; to
fix that I removed the "-g" part from one of the regexes. I then failed
to add those 2 characters back, leading to version numbers like
"0.99.220123456" instead of "0.99.22-ga123456". Let's put the "-g"
back...
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit b58c90807c9d0bfa9601704c7490a16070906004
Author: Timo Teräs <timo.teras@iki.fi>
Date: Fri Mar 22 08:54:44 2013 +0000
doc: fix makeinfo errors and one warning
commit 4afa50b added few lines that are syntactically incorrect
with leading plus sign.
Cc: Denis Ovsienko <infrastation@yandex.ru>
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 24c6bb86f4d21c74149bc0a7e50f9b95da0b6fd3
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Fri Mar 29 19:40:39 2013 +0100
doc: add OSPFv3 homenet to TODO
The homenet OSPFv3 extensions are not only relevant TODO items, but also
suitable for GSoC students.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 3d1e5791c53bf67ebd8ce45322779856974c687f
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Fri Mar 29 19:31:55 2013 +0100
doc: update TODO
the TODO was last touched in 2006. This is a first pass at cleaning it
up, motivated primarily by the need for an up-to-date idea list for the
Google Summer of Code 2013.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f05a5595e6b4805bc1a6bd86fe7076c5ffbb7f00
Author: Greg Troxel <gdt@ir.bbn.com>
Date: Sun Mar 3 11:38:17 2013 -0500
build: Update supported versions.
INSTALL.quagga.tex:
Given the statement that it's viewed as a bug if quagga doesn't
build on OS versions on the list, prune the list to the set for
which there would be near-universal agreement that it's a bug.
Clarify that the response to a system on the list not building might
be dropping it from the list. (Time marches on, and these lists are
not necessarily maintained. As an example, the comment saying
FreeBSD4 support was iffy is now 6 years old.)
Delete old discussion of ancient texinfo.
Delete discussion of NetBSD versions before 4 (as no longer relevant).
commit 97c84db00c01b808337bedf69f696a1517e3d8c0
Author: Stephen Hemminger <shemminger@vyatta.com>
Date: Fri Jan 11 18:25:26 2013 +0000
hash: dynamically grow hash table
Dynamically grow the hash table index if the chains get too long.
If expansion doesn't help keep chain length short, then stop expanding,
to avoid bad behavior if there is a poor hash function.
Not a new idea, based on concepts in uthash.
Depends on my previous patch to restrict hash to power of 2.
Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
[profiling results: sum of cycles spent in hash_get/jhash with RIPE RIS
test data (single simple BGP peer) improved to 69% of previously spent]
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 90645f5598ca8b25cd2692f2ac0d2778a3fd2755
Author: Stephen Hemminger <shemminger@vyatta.com>
Date: Fri Jan 4 22:29:21 2013 +0000
hash: force size to be a power of 2
By forcing the hash table size to be a power of 2, a potentially
expensive divide can be replaced by a mask operation. Almost all
usage of the hash table was using default size of 1024. Only places
with different size was thread library (1011) and bgp aspath.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 44a86a0278c1678fd4b8dfa56c4f5f2feb6df3ad
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Fri Jan 25 09:14:52 2013 +0100
guile: remove
commit fa75585d3cac97616de4ea7c6805d91f709456eb
Author: Matti-Oskari Leppänen <mongrelx@gmail.com>
Date: Fri Feb 15 10:12:55 2013 +0000
build: update quagga.spec.in
both Quagga and RPM have moved a bit since this was last touched.
Should now work again on CentOS 5 and 6.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 844ee10416c42debbfbc4d470eb2fe328e060977
Author: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
Date: Sat Feb 23 19:38:37 2013 +0100
vtysh: fix false lib path matching in extract.pl.in
The if ($file =~ /lib/) path matching logic is supposed to
match Quagga's lib directory only but will match all path
having lib in it such as /var/lib/jenkins/quagga/...
Fix by matching both lib and file: lib/keychain.c etc.
Signed-off-by: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit 0e4303d3173ecc264b3ec39a863174670bbe2900
Author: Roman Hoog Antink <rha@open.ch>
Date: Fri Jan 18 13:52:03 2013 +0100
bgpd: fix lost passwords of grouped neighbors
This patch resolves the significance of order of group and password
statements.
It prevents passwords from being lost in cases where all
three conditions apply:
1. the peer is member of a group with or without group password
2. the peer has an individual password set
3. the peer is added to a group within an address-family ipv6
section
In addition this patch prevents the same issue in cases, where an IPv4
peer's password is set first and the peer is added to a group
afterwards.
Adding a peer to a group cancels his individual password. Without ipv6
this is not a problem, because choosing the right order of config
statements will do (set password only after adding peer to group).
When adding the peer to a group within the address-family
section, his password is definitely lost. The same workaround (ie.
setting the password after the address-family section) can not be used,
because "show run" will print the configuration statements in the wrong
order.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
commit f1ef81b2476ea533ac3d2129aa0e89653c427323
Author: Ulrich Weber <ulrich.weber@Sophos.com>
Date: Tue Jan 22 10:39:18 2013 +0000
zebra: use SO_RCVBUFFORCE for netlink socket
so net.core.rmem_max must not be adjusted. Requires
linux kernel >= 2.6.14, falls back to SO_RCVBUF on error
Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>