bgpd: Fix crash of bgp_bmp.c with a mirror situationThe qitem being used in the bmp mirror code was being
enqueued multiple times across multiple vrf's. This
leads to crashes, modify the code to enqueue a qitem
once per vrf.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
tests: Add a bgp bmp mirror testCode examination of bgp_bmp.c showed a situation where
having multiple mirrors would create a crash situation.
Show that the crash can happen.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
lib: fix NULL deref in frr_signal_timerWhen `SIGEVENT_SCHEDULE_THREAD` is defined, `frr_signal_timer()` was
NULLing `sigm->t` and then immediately dereferencing it on the next line
to fetch the event loop master:
sigm->t = NULL;
event_add_timer(sigm->t->master, ...);
Rework this so that the NULL dereference cannot happen.
Drop the redundant `sigmaster.t = NULL;` in `signal_init()`;
Signed-off-by: Donald Sharp <sharpd@nvi...
ldpd: Allow event_add_read to work properly on initialCurrently ldpd has a couple of spots that do this:
mem = malloc()
event_add_XXX(....., &mem->t_event...)
malloc can/will give you memory that has randomly
set values. When you call event_add_XXX the address
of the pointer is looked at as well as the dereference
if there is something in there, the event system assumes
that an event is already scheduled. This will cause
the initial event_add_...
tests: Test startup of tc with tc_basicThis test script was not testing the read in of
zebra owned tc qdisc values are read in and removed.
Add this. Additionally convert the test to use
run_and_expect instead of sleep.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: Convert RTNLGRP_TC netlink messages to use the dplaneModify the code to use the dplane for all RTNLGRP_TC netlink
messages.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: pass ns_id to zebra_dplane_startup_stageThe zebra_dplane_startup_stage helper only ever needed the namespace
id, not the full struct zebra_ns. Switch its parameter to ns_id_t
directly so callers running in the dataplane pthread can invoke it
without dereferencing a struct zebra_ns owned by the zebra main
thread.
Update all existing callers in if_netlink.c, if_sysctl.c, if_ioctl.c
and kernel_socket.c to pass zns->ns_id.
Signed-off-b...
tests: Add topotests for BGP allowas-in route-mapExtend bgp_as_allow_in test suite with three new test cases covering
route-map based allowas-in filtering functionality.
New tests:
- test_bgp_allowas_in_route_map_p0: Tests selective route acceptance
based on prefix-list matching (subnet and length filtering). Verifies
routes matching both subnet (192.0.2.0/24) and length (ge 31 le 32)
are accepted while others are rejected.
- test_bgp...
bgpd: Add route-map based allowas-in for flexible route filteringExtends allowas-in to support route-map filtering, providing maximum
flexibility for selective AS-path loop prevention based on any BGP
attributes (prefixes, communities, AS-path patterns, etc.).
New Commands:
neighbor <PEER> allowas-in route-map <NAME> [<1-10>|origin]
no neighbor <PEER> allowas-in route-map [<NAME> [<1-10>|origin]]
Configuration Example:
ip prefix-list PL_P2P seq 5 per...
lib: add missing hook_unregister_arg in mgmt_be_client_destroymgmt_be_client_create() registers a hook on nb_notification_tree_send
but mgmt_be_client_destroy() never unregisters it. During shutdown,
the client struct gets freed while the hook still points to it. When
the subscription wheel timer fires after that, it dispatches to
mgmt_be_send_notification() with the freed pointer and crashes.
ZEBRA: Received signal 11 (si_addr 0x108000001d0)
libfrr....
bgpd: Harden Node NLRI descriptor length validationThe Node NLRI decoder reads the Local Node Descriptor TLV length and
passes it directly to the node descriptor parser. The generic TLV
header helper only checks the remaining stream bytes, not the current
NLRI boundary.
When multiple BGP-LS NLRIs share the same stream, a malformed Node NLRI
can make the descriptor parser consume bytes from the next NLRI before
the final length check reports th...
pimd: MLAG: skip pim_register_join on non-DRRootcause and fix:
In mlag+pim, packets are software forwarded because the mroute
is stuck in pimreg state in non-DR node.
Align with RFC:avoid REG_JOIN on the mlag node that lost DR election.
Gate pim_register_join() with pim_upstream_could_register() on the
WRVIFWHOLE connected-source path.
Signed-off-by: harini <hnattamaisub@nvidia.com>
bgpd: Initialize Node MSD only after parsing itparse_node_msd() initializes msd to 255 before it reads any Base
MPLS MSD sub-TLV. The value is only a placeholder that lets the
first MIN() call keep the first advertised value.
That placeholder is fragile because RFC 8491 defines MSD-Value as
the full 0-255 range. If a future change treats msd == 255 as
unset, it can incorrectly discard a valid value advertised by a
peer.
Do not give msd a ...
bgpd: validate SRV6 service sid transposition valuesValidate SRV6 service sid transposition values in incoming
attribute data.
Signed-off-by: Mark Stapp <mjs@cisco.com>
Reported-by: Jiahao Lei <jhaolei@163.com>
pimd: tighten Auto-RP announcement acceptanceWhen local candidate-RP configuration exists, require announcements to come
from the RP address or a configured candidate address; otherwise drop.
Drop superseded Auto-RP-generated prefix lists when discovery refreshes an RP
with a new group-list name.
Apply source authentication in the announcement prescan before skipping RPs with
grpcnt zero. Parse advertised groups into a temporary sorted ...
pimd: validate multicast group prefixes in Auto-RP messagesReject bogus mask/address combinations early and discard prefix-list builds
when validation fails mid-parse so temporary lists are not leaked.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: cap Auto-RP learned RP entries and groups per RPDefine fixed upper bounds for mapping-agent learned RPs and for how many group
ranges can be advertised per RP in one message.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bgpd: only use srv6_l3service attr if it's presentOnly use the attr->srv6_l3service object for json output
if it's non-NULL.
Signed-off-by: Mark Stapp <mjs@cisco.com>
Reported-by: Jiahao Lei <jhaolei@163.com>
tools: Add bfd commands to support bundle generationThere were no bfd commands being run to gather bfd data on failure.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
doc: add OSPF DSCP control packet marking user documentationAdd the ip ospf dscp (all|low-control) (0-63) interface command to the
OSPF user documentation. This command allows operators to set DSCP
values for OSPF control packets to support QoS prioritization.
Signed-off-by: Don Fedyk <dfedyk@labn.net>
tests: implement topotest for rfc 4222 rec 1This test sets up two nodes and changes the DSCP
then checks the resulting message dscp.
Signed-off-by: Don Fedyk <dfedyk@labn.net>
ospfd: implement rfc 4222 rec 1 classify packet high/low prioImplement RFC 4222 Rec 1: classify OSPF packets into
high-priority (Hellos, LSA Acks) and low-priority classes,
and prioritize high-priority processing to maintain critical
control packet handling during congestion. All control
packet can have a DSCP value set, or explicitly low control
can have a different DSCP value.
Signed-off-by: Don Fedyk <dfedyk@labn.net>
tests: Update BGP-LS expected outputs for MT-ID behaviorUpdate expected JSON outputs in the BGP-LS topotests to reflect MT-ID
fields now included in Node, Link, Prefix, and SRv6 SID NLRI output.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
bgpd: Advertise MT-ID from TED into generated NLRIsLink and Prefix NLRIs generated from the TED do not include MT-ID in
their descriptors, so non-default topology information is lost on
advertisement.
Extend bgp_ls_originate_link(), bgp_ls_withdraw_link(),
bgp_ls_originate_prefix(), and bgp_ls_withdraw_prefix() to copy MT-ID
from TED edge and subnet attributes into the NLRI descriptor when
present and non-zero (RFC 9552 §5.2.2.1, §5.2.3).
Sig...
bgpd: Show SRv6 SID MT-ID in NLRI string formatThe SRv6 SID NLRI string formatter does not include MT-ID in its output
when the MT-ID TLV is present in the descriptor.
Extend format_srv6_sid_desc() to emit the MT-ID tag between the outer
bracket and the SID address when BGP_LS_SRV6_SID_DESC_MT_ID_BIT is set.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
bgpd: Compare SRv6 SID MT-ID when presentSRv6 SID descriptor comparison does not account for MT-ID when the
MT-ID TLV is present in the descriptor, so two descriptors that differ
only in MT-ID are treated as equal.
Add MT-ID comparison to bgp_ls_srv6_sid_descriptor_cmp() guarded by
BGP_LS_SRV6_SID_DESC_MT_ID_BIT presence check.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
bgpd: Add MT-ID attribute handling for TED nodes in BGP-LSNodes received from the TED can carry Multi-Topology IDs, but the
BGP-LS attribute processing code does not handle them.
Extend it to encode, decode, and display MT-ID Attribute TLV 263
(RFC 9552):
- populate MT-ID attribute from TED node MT-IDs when present
- encode MT-ID Attribute TLV during origination
- parse MT-ID Attribute TLV with duplicate and length validation
- expose MT-ID values in...
bgpd: Include MT-ID in Prefix and SRv6 SID NLRI outputAdd MT-ID rendering for Prefix and Link/SRv6-related NLRI output when the
MT-ID TLV is present:
- include multiTopologyId in JSON
- include MT-ID tags in NLRI string formatting
- include MT-ID in VTY NLRI display
This makes MT-ID behavior visible and consistent across display paths.
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
bgpd: Use single MT-ID in Link/Prefix/SRv6 SID descriptorsRFC 9552 allows at most one MT-ID in each Link, Prefix, and SRv6 SID
NLRI descriptor.
Replace descriptor-level MT-ID arrays with a scalar mt_id field and update
encode, decode, compare, and display paths to use the scalar value.
This aligns in-memory representation with the wire format and removes
unnecessary dynamic MT-ID allocation for these descriptors.
Signed-off-by: Carmine Scarpitta <c...
Donatas Abraitis
Donald Sharp
Karthikeya Venkat Muppalla
Rajesh Varatharaj
Carmine Scarpitta
harini
Mark Stapp
Don Fedyk