bfdd: avoid prefix-list memory allocation in bfd to solve oom issuePrefix-list memory is allocated in all FRR modules even when not needed. Added a mechanism to avoid allocation for modules that do not use prefix lists.
Ticket: #4707868
Signed-off-by: Sougata Barik <sougatab@nvidia.com>
pimd: `pim_inet4_dump` -> `%pI4s`Better late than never, we don't need `pim_inet4_dump` when we have
`printfrr`, replace it with `%pI4s` format strings.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: Use %pI4/%pI6 formatters in BGP-LS NLRI displaybgp_ls_nlri_display() converts addresses with inet_ntop() into a local
string buffer before printing. FRR already supports %pI4/%pI6 in vty_out(),
so the extra conversion path and temporary buffer are unnecessary.
Replace inet_ntop()-based formatting with direct %pI4/%pI6 printing for
router IDs and link interface/neighbor addresses, and drop the unused
ipaddr_str buffer.
This simplifies the ...
bgpd: Skip oversized BGP-LS Node and Link Name TLVsparse_node_name() and parse_link_name() accept a length parameter from
the BGP-LS TLV header and allocate a buffer of that size without bounds
checking. A malicious peer can send TLVs with length fields up to 64KB,
causing per-advertisement memory exhaustion that accumulates across many
updates.
Fix by adding separate constants BGP_LS_MAX_NODE_NAME_LEN and
BGP_LS_MAX_LINK_NAME_LEN (255 bytes e...
bgpd: Fix wrong union member access in bgp_ls_nlri_display()BGP-LS NLRIs carry different data depending on their type (Node, Link,
or Prefix). Internally the data is stored in a C union, where only the
member matching the active NLRI type is valid to read.
bgp_ls_nlri_display() always reads the protocol_id and identifier
fields through the node union member, even when the NLRI is actually
a Link or Prefix. Reading the wrong union member is undefined be...
bgpd: Always print peer-group first for the specific neighborAvoid such a case like below where neighbor X does not have remote-as 1, but
gets the remote-as from peer-group G.
neighbor G peer-group
neighbor G remote-as 2
neighbor X remote-as 1
neighbor X peer-group G
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd: Allow overriding "remote-as" per-neighborSince we have a way to specify "remote-as auto", it makes sense to relax this
behavior to allow overriding remote-as for an arbitrary neighbor too.
E.g. Arista allows this behavior.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd: Fix copy-paste error in SRv6 DT46 SID duplicate install checkSRv6 End.DT46 uses a single shared SID for both the IPv4 (AFI_IP) and
IPv6 (AFI_IP6) address families within a VRF. When zebra notifies bgpd
that a SID has been assigned, bgpd must install it for both AFIs. To
avoid sending zebra a duplicate ROUTE_ADD, the AFI_IP6 code path first
checks whether AFI_IP has already done the install:
1) do both AFIs currently hold the same SID?
2) has AFI_I...
zebra: topotest for last address deletionAdd test that checks kernel routes behaviour on last address deletion.
For IPv4 last address deletion must delete all routes for kernel and FRR.
For IPv6 checks that as expected last address deletion doesn't effect
kernel or FRR routes.
See #13561
Signed-off-by: Kyrylo Yatsenko <hedrok@gmail.com>
zebra: remove kernel route on last address deletionFixes: #13561
Linux kernel deletes IPv4 routes when last interface IPv4 address
is deleted, but intentionally doesn't send RTM_DELROUTE in this case.
IPv6 has no such behaviour: all routes remain intact on last address
deletion.
FRR has function rib_update_handle_kernel_route_down_possibility
that handles setting interface down, but not removal of last address.
To fix the situation:
* Add ...
bgpd,lib,zebra: cast pointers to intptr_t in tracepointsCast pointers in tracepoint arguments to intptr_t explicitly
to keep compilers happy.
Signed-off-by: Mark Stapp <mjs@cisco.com>
bgpd: fix error in evpn_mac_ip_zsend tracepoint definitionprefix.macip_addr.eth_tag used as a pointer, but actually an int.
Signed-off-by: Mark Stapp <mjs@cisco.com>
doc: fix SRv6 route commands (bis)Follow-up fix for something I missed earlier.
An example uses `ens3`, while others use `sr0`. Keep it consistent
and use `sr0` everywhere. Also fix the output of an example showing
`ens3` although `sr0` was configured.
Fixes: 62465b9 ("doc: Add SRv6 encapsulation behavior configuration to staticd doc")
Signed-off-by: Justin Iurman <justin.iurman@6wind.com>
pimd: use upstream-owned pim pointer in register and upstream timersMultiple upstream control paths fetched the PIM instance through
up->channel_oil->pim even though upstream already owns a stable
up->pim pointer.
In teardown/re-eval edge flows, channel_oil can be detached before
these paths execute. Dereferencing channel_oil only to access pim adds
an avoidable null/stale pointer risk.
Switch these call sites to up->pim:
- pim_register_join()
- pim_upstream_...
pimd: use upstream-owned pim pointer in MSDP update pathsSeveral MSDP helper paths fetched the PIM instance through
up->channel_oil->pim even though they only require the upstream's
instance context.
In teardown/re-evaluation edge flows, channel_oil can be detached before
these paths run (for example while IGMP prune side effects and upstream
cleanup overlap). Dereferencing up->channel_oil only to access pim then
creates an avoidable null/stale poin...
pimd: avoid JP build deref through channel OILpim_msg_build_jp_groups() fetched the pim instance via
source->up->channel_oil->pim for (*,G) entries. That creates an
unnecessary dependency on channel_oil lifetime while building JP
messages.
In teardown/re-evaluation edge flows, channel_oil may already be
detached before JP aggregation/encoding finishes, making this path
vulnerable to null/stale dereference.
Use source->up->pim directly in...
pimd: guard RP RPF-failure mroute delete on detached OILpim_upstream_update() unconditionally called pim_mroute_del()
when pim_rpf_update() returned PIM_RPF_FAILURE. In teardown/re-eval
edge cases, overlapping prune/delete side effects can detach
up->channel_oil before this path executes.
Control flow can reach this from IGMP prune-driven cleanup where
ifchannel/upstream teardown races with RP re-evaluation. If
up->channel_oil is already NULL, call...
pimd: avoid null deref in upstream delete debug pathThe upstream delete trace log read up->channel_oil->oil_ref_count
unconditionally. In teardown edge cases, channel_oil may already be
detached before this debug statement executes, turning diagnostic
logging into a potential null dereference.
Control flow for the crash case is:
igmp_source_forward_stop() -> tib_sg_gm_prune() ->
pim_ifchannel_local_membership_del() -> delete_on_noinfo() ->
pim_...
pimd: guard channel OIL detach against stale pointersIGMP prune and ifchannel teardown paths can delete the same (S,G)
channel OIL before upstream teardown reaches
pim_channel_oil_upstream_deref(). When that happens, upstream delete
can pass a stale OIL pointer into RB removal, which crashes in
typed_rb_remove() during igmp_source_timer-driven cleanup.
This can happen via prune side effects in the same event flow:
igmp_source_forward_stop() -> t...
doc: fix SRv6 route commandsMove text out of code block, use H_Encaps and H_Encaps_Red in vtysh
commands (instead of H.Encaps and H.Encaps.Red), refresh output.
Fixes: 62465b9dcc82 ("doc: Add SRv6 encapsulation behavior configuration to staticd doc")
Signed-off-by: Justin Iurman <justin.iurman@6wind.com>
Merge pull request #21409 from opensourcerouting/fix/drop_deprecated_branch_deletion_for_mergifytools: Upgrade configuration to current format for Mergify
Merge pull request #21399 from opensourcerouting/fix/bgp_send_notification_if_orf_length_too_bigbgpd: Do not allow triggering route-refresh path with a malformed ORF length
Merge pull request #21394 from opensourcerouting/fix/bgp_do_not_allocate_stream_if_rr_cap_not_receivedbgpd: Do not allocate stream if route-refresh capability is not received
tools: Upgrade configuration to current format for MergifyDrop deprecated (soon) fields for Mergifyio.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Rafael Zalamena
Sougata Barik
David Lamparter
Carmine Scarpitta
Kyrylo Yatsenko
Mark Stapp
Y Bharath
Justin Iurman
Jafar Al-Gharaibeh