bgpd: Set extended flag for NHC attribute when re-encodingNHC attribute length with lots of characteristics could go clearly over 255,
let's use extended length for this attribute, as RFC 4271 defines.
Otherwise we have a truncated attribute.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
tests: add BSR RP daemon-kill failover topotestsCover primary RP loss via holdtime expiry and verify the backup RP
sets iAmRP, matching the scenario reported in #17588.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
tests: extend BSR fallback topotests to verify iAmRPWhen the primary candidate RP withdraws a group, verify the backup
RP is learned on r5 and sees itself as RP on r4 for both address
families.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: refresh i_am_rp after BSR RP mapping updatesWhen BSR failover leaves the local RP address unchanged, re-run
pim_rp_change and i_am_rp checks so the elected router acts as RP.
Fixes #17588
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
lib: test the right bytes in flowspec prefixesA couple of the comparisons used for FLOWSPEC prefix types
used the address of the flowspec data blob rather than the
blob bytes. Test the blob, not the pointers to blobs.
Signed-off-by: Mark Stapp <mjs@cisco.com>
Reported-by: Qifan Zhang <qzhang@paloaltonetworks.com>
bgpd: remove unneeded sort of communities in rmap deleteWhen routemaps delete from a community list, don't need to
re-sort the community list: the delete code preserves the sorted
order.
Signed-off-by: Mark Stapp <mjs@cisco.com>
Reported-by: Qifan Zhang <qzhang@paloaltonetworks.com>
tests: cover boundary list deletion and mixed ACL orderingExtend pim_boundary_acl to verify pimd survives deleting a prefix-list
or access-list while boundary config remains, and that a standard permit
entry before a cisco deny is evaluated in first-match order.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: preserve first-match order in pim_access_list_applyEvaluate cisco and standard access-list entries in a single pass so mixed
ACLs honor first-match semantics for both MSDP and multicast boundary
filtering.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: fix non-extended cisco ACL matching in pim_cisco_matchUse addr/addr_mask for classic cisco entries instead of wtf.mask_mask.
This bug was latent since the ACL helper moved to pim_util.c; the old
access_list_apply fallback masked it until single-pass evaluation.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: drop duplicate rec_type from IGMPv3 report debug logThe record type was already printed in the message prefix, so remove the
redundant type=%d field from the per-record debug line.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: cache boundary list pointers and refresh via hooksStore prefix-list and access-list names on each interface together with
cached pointers. Refresh or clear the pointers from pim_prefix_list_update()
and pim_access_list_update() when lists change or are deleted, consistent
with other pimd plist/ACL usage.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
tests: bgp_soo: stabilise IPv4 path counts on CPE configsIssue in existing topotest:
E AssertionError: IPv4 advertised-routes json brief on cpe1 does
not match expected prefixes/shape
E assert Generated JSON diff error report:
E
E > $->advertisedRoutes->192.168.2.0/24->multiPathCount:
output has element with value '3' but in expected it has value '2'
Rootcause and fix:
The IPv6 BGP peers added to cpe1/cpe2 in 28b3ffef8b3f did not...
pimd: guard NULL rp lookup in pim_bsm_clear upstream refreshWhen BSM state is cleared, refresh each (*,G) upstream against the
current RP mapping. Skip the dereference when pim_rp_find_match_group()
returns NULL and treat it as no RP configured.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: guard NULL rp_all when instating BSM pending RP listpim_instate_pend_list() dereferenced the 224.0.0.0/4 RP without checking
whether pim_rp_find_match_group() succeeded. Treat a failed lookup like
an unconfigured RP and install from the pending BSM list instead.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
pimd: guard NULL rp lookup in pim_rp_del upstream refreshpim_rp_find_match_group() can return NULL during shutdown or when
only prefix-list RPs are configured. Treat a failed lookup like an
unset RP when refreshing (*,G) upstreams after RP deletion.
Fixes FRRouting/frr#6088.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bgpd: refactor bgp_aggregate_{increment,decrement}The two functions share identical guard logic and loop structure; the
only difference is whether they call bgp_add_route_to_aggregate() or
bgp_remove_route_from_aggregate(). Factor the common body into a static
helper bgp_aggregate_adjust_count() controlled by a bool increment
parameter, and reduce bgp_aggregate_increment/decrement to thin wrappers.
Signed-off-by: Enke Chen <enchen@paloaltonet...
tests: fix bgp_soo topotest by separating IPv4/IPv6 address familiesThe bgp_soo topotest was flaky because IPv4 routes were being advertised
over both IPv4 and IPv6 BGP sessions due to the default behavior of
"bgp default ipv4-unicast" which auto-activates IPv4 unicast for all
neighbors.
This caused inconsistent path counts depending on timing:
- Sometimes multiPathCount showed 2 or 3 instead of expected values
- The duplicate paths from IPv6 sessions carrying...
yang: use relative path for remaining route-map when clausesf1ea52bee9 ("yang: use relative path instead of absolute one for
route-map") converted most absolute XPath expressions in route-map
YANG modules to relative paths, but missed 8 occurrences:
- frr-bgp-route-map.yang: rpki-extcommunity (1)
- frr-pim-route-map.yang: multicast match conditions (7)
Using absolute XPath is not optimal for finding the target node.
libyang's lyd_find_xpath() incu...
docker: Add snmptrapd to list of thingies to installsnmptrapd not being installed causes a test to skip.
Let's let the docker ci stuff run this test too.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
bgpd: Add vrf name to more bestpath debugsFound more places where bestpath debugs did not print the bgp vrf
being operated on. Let's make it easier to understand which vrf
is being operated on.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
pimd: fix AutoRP holdtime parsing and minor cleanupUse ntohs for received holdtime and drop a duplicate prefix-list
lookup. Note in pim_socket_leave() that leave failures share the
joins_failed stat counter.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
mgmtd: fix link order for libmgmt_be_nblibmgmt_be_nb.la contains rip_cli.o and ripng_cli.o which reference
symbols from libfrr (if_rmap_init, group_distribute_list_ipv4_cli_show,
etc.). With the current link order, libmgmt_be_nb.la is added after
libfrr.la, so the linker doesn't know to pull in those symbols when
processing libfrr.
Move libmgmt_be_nb.la before libfrr.la in the link order so that its
undefined references are resolv...
Donald Sharp
Donatas Abraitis
Jafar Al-Gharaibeh
Mark Stapp
Enke Chen
harini
Donald Sharp