bgpd: fix md5 password unset on dynamic nbrWhen a password is applied on peer-group associated to
dynamic neighbor listen range.
1) Per peer (/32) MD5 entry is set on the listen socket for
each group member
/* Attempt to install password on socket. */
if (!BGP_CONNECTION_SU_UNSPEC(member->connection) &&
bgp_md5_set(member->connection) < 0)
ret = BGP_ERR_TCPSIG_FAILED;
2) Per dynamic listen range prefix (/24)...
zebra: add state column to 'show evpn es' command outputThe 'show evpn es' command was not displaying the operational state
of local ES (Ethernet Segment) bonds. When a bond_slave transitioned
from ACTIVE to BACKUP state (due to partner going down), users had no
way to determine the ES state from the summary output. They had to run
'show evpn es detail' to see this information.
This made troubleshooting difficult as users could not quickly identify...
zebra: Add 'no encapsulation' under segment-routing/srv6Add missing command 'no encapsulation'.
Add small static helper function `unset_srv6_encapsulation` to be used
in 'no srv6', 'no encapsulation' and 'no source-address'.
Signed-off-by: Kyrylo Yatsenko <hedrok@gmail.com>
tests: Verify SRv6 encap source address resets when 'no encapsulation' is runAdd a test cases to verify the SRv6 encapsulation source address is
reset to its default value after running the 'no encapsulation' command
under segment-routing/srv6.
Signed-off-by: Kyrylo Yatsenko <hedrok@gmail.com>
ospf6d: Fix stack buffer overflow in Link-LSA originationWhen an interface has a large number of connected IPv6 prefixes,
ospf6_link_lsa_originate() and
iospf6_intra_prefix_lsa_originate_transit() crashes with a stack
buffer overflow while attempting to include all prefixes in a
single Link-LSA.
Function used a fixed 4096-byte stack buffer that was not bounds-
checked before writing prefix information, causing stack corruption
when prefix count exce...
tests: Also test PIM VRF interface removal in pim_igmp_vrf topotestCheck whether removing PIM interfaces has the desired effect.
Signed-off-by: Martin Buck <mb-tmp-tvguho.pbz@gromit.dyndns.org>
Merge pull request #20647 from LabNConsulting/chopps/improve-op-state-change-notifyFixes for op-state change notifications being sent to backend clients (daemons)
tests: add test for update-groups JSON timer fieldsAdd test to verify that 'show bgp update-groups json' command returns
the new grpCreateTimeStr and subGrpCreateTimeStr fields in
dd:hh:mm:ss format.
Signed-off-by: Soumya Roy <souroy@nvidia.com>
lib,bgpd: Adding JSON str for time in dd:hh:mm:ss formatIssue:
We don't have uptime JSON output in 'dd:hh:mm:ss' format for few of the
vtysh show bgp commands.
Fix:
- commom api is implemented to calculate the uptimes and convert it
into dd:hh:mm:ss display format.
- added a JOSN attribute for dd:hh:mm:ss format.
- common api is replaced for bfd last update time convertion.
Testing:
subGrpCreateTimeStr":"0:01:39:41",
Commands supported:
...
bgpd: Missing large community value in commAttriSentToNbr JSONThe operational value of send-community large is not being populated in JSON
by FRR.
This fix accommodates the large string in commAttriSentToNbr if large
send-community is present.
Before FIX:
$ sudo -S vtysh -c "show bgp vrf default neighbors 150.1.2.20 json" |
grep 'commAttriSentToNbr'
"commAttriSentToNbr":"extendedAndStandard",
AFTER FIX:
$ sudo -S vtysh -c "show bgp vrf de...
tests: add test for commAttriSentToNbr JSON fieldAdd test to verify that the commAttriSentToNbr field in
'show bgp neighbors json' output correctly includes large
community when send-community large is enabled.
Signed-off-by: Soumya Roy <souroy@nvidia.com>
bfdd: early return on socket allocation failureReturn early if vrf_socket() fails. This prevents redundant error logs
caused by subsequent attempts to set options or bind to an invalid (-1)
socket descriptor.
Signed-off-by: Ethan Milon <ethan.milon@6wind.com>
bgpd: Replace 3 with BGP_ALLOWAS_IN_DEFAULT constantWe were setting a default value to 3 if "origin" or an arbitraty (1-10) number
is omitted.
It was a bit confusing to read in neighbor_allowas_in_cmd because we expected
idx for a value also be on the third position.
Let's improve the readability.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd: use BGP_PATH_INFO_NUM_LABELS macro in bgp_evpn_path_info_get_l3vniCommit a932abc105b5 ("bgpd: do not crash when labels are empty")
attempted to fix a crash by adding a NULL check on the return value
of bgp_evpn_path_info_labels_get_l3vni(). However, this still accesses
pi->extra->labels->label without first verifying that pi->extra->labels
is non-NULL, which can lead to a crash.
Use the BGP_PATH_INFO_NUM_LABELS() macro as a guard instead, which
properly vali...
lib: Utility function to convert monotime to epochAdded a utility function to convert time_t to epoch.
Issue:3624937
Signed-off-by: Pooja Jagadeesh Doijode <pdoijode@nvidia.com>
tests: add test for show bgp router json new fieldsAdd test to verify that 'show bgp router json' command returns
the new fields: bgpGShutEnabled, bgpWaitForFibSet, bgpInputQueueLimit,
bgpOutputQueueLimit, bgpUpdateDelayTime, bgpEstablishWaitTime.
Signed-off-by: Soumya Roy <souroy@nvidia.com>
bgpd: improve show bgp router output descriptions and timer infoUse descriptive text for non-JSON output: 'BGP Graceful Shutdown'
instead of 'GSHUT', 'suppress FIB pending' with spaces. Rename
bgpRMapDelayTimer to bgpRmapDelayTimer and add remaining time
display for route-map delay timer when active.
Signed-off-by: Soumya Roy <souroy@nvidia.com>
bgpd: Fix double-free crash in peer_delete() during doppelganger peer transferIn peer_xfer_conn(), the hostname, domainname, and soft_version pointers
were transferred between peers using simple pointer assignment, which
caused both peers to reference the same memory. If the transfer didn't
complete cleanly or there was a race condition during peer state
transitions, when both peers were eventually deleted, the same memory
was freed twice, causing a crash.
Fix this by u...
mgmtd: fix and improve the diagnostic show backend registry command- Adapt the command to the new notify selectors.
- Also trying to use this show command in an actual test exposed it's less than
optimal design. Change the output format to be grep-able.
Signed-off-by: Christian Hopps <chopps@labn.net>
Donatas Abraitis
Chirag Shah
Shashanka KS
Kyrylo Yatsenko
Ravi Minnikanti
Martin Buck
Soumya Roy
Deepak Singhal
Ethan Milon
Y Bharath
Nick Bouliane
Rajesh Varatharaj
Christian Hopps