commit e3f623be8b6556db9d70c2fc5d3c2b152f36dc1d Author: Donald Sharp Date: Wed Mar 9 08:41:59 2016 -0500 release: 1.0.20160309 commit c0cb90c608f7dcb0807e05c70050d2e238d6c4e9 Author: Paul Jakma Date: Tue Mar 8 18:14:50 2016 +0000 Revert "bgpd: Lower BGP's default keepalive/holdtime to 3s/9s" This reverts commit f89b09be92bed03b1e5add55dc14ef92e94c52e1. Martin Winter has reported reliability issues in testing on some platforms. We need a more comprehensive way to deal with defaults and updating them, e.g. profiles of some kind. Defer this change till after next release. commit d849e23b1c6b7278aef2f460723ac17cdc63e1a7 Author: Timo Teräs Date: Thu Feb 18 18:19:54 2016 -0800 zebra: Fix route deletion on *BSD Fix for not handling RTM_CHANGE correctly. This patch change it to delete/add instead. Using RTM_CHANGE on kernels where it works is better, but is left as an exercise for developer who has access and will to fix it on *BSD. [ed note: collaboration with Martin Winter] commit f9f4731245eb9f83d0795acac24183c6cf709288 Author: Paul Jakma Date: Tue Feb 16 11:30:33 2016 +0000 configure: Fix warnings on CentOS and bump the minimum autoconf version * configure.ac: Bump the minimum version to 2.60 as needed by AC_USE_SYSTEM_EXTENSIONS. AC 2.60 is nearly 10 years old, note. Add AC_PROG_RANLIB, for when --disable-shared is used. There are other warnings on, e.g., CentOS 6.7 with 2.63, but they don't go away if the suggestion to add AC_SYSTEM_EXTENSIONS is followed. This warning doesn't occur on Fedora with AC 2.69. Note: autoconf (and other auto*) should only be needed on developer machines building direct from git. Other systems should be using the 'make dist' tarballs, with a ready-made build system, that does not need auto* intalled. commit f8113a2b10a97ba0d5e915b318cebea283d03169 Author: Paul Jakma Date: Tue Feb 16 11:28:35 2016 +0000 doc: older versions of texinfo seem to be sensitive to location of unmacro * bgpd.texi: The unmacro of mprec seems to be disliked by older texinfos. Moving it to after the section fixes it. Even easier, just don't undef the macro. commit e84e4d3d2d6127bfd467d9fc18e09450245f7c41 Author: Paul Jakma Date: Mon Feb 15 14:11:06 2016 +0000 doc: Distribute a modern version of texinfo.tex with the docs * doc/texinfo.tex: Ship a more recent texinfo.tex, from texinfo 6.1, so we don't have to worry about that. E.g., this should allow UTF-8 unicode chars to be used directly in the text. * doc/Makefile.am: Add previous to EXTRA_DIST commit a5efdb60905049e1224a020b78dd9699bdd15b29 Author: Martin Winter Date: Thu Oct 29 22:15:42 2015 -0700 distro/redhat: Update to support CentOS/RHEL/Fedora, upstart/init/systemd * redhat/quagga.spec.in: Update to support CentOS, RHEL and Fedora, and support the various init systems across different versions of these distros, e.g. upstart/init/systemd. Clean up various warnings from rpmlint. Remove configure options that are gone. A few edits and commit message by: Paul Jakma / commit 988e22f8429ce678ba503bddaaf4ec9f9965eb73 Author: Paul Jakma Date: Thu Feb 11 15:25:52 2016 +0000 configure.ac: remove -dev in version * configure.ac: Remove the -dev suffix from the version, some package systems at least do not like non-numeric strings in package versions (e.g., rpm, which I often use in testing Quagga). TODO: Work out some sensible scheme for semi-autogenerating the version perhaps via git describe. The --with-pkg-git-version doesn't affect the tarball name. commit 283d5d7f2fa12c3d33dc17962154665a9993b2c5 Author: Paul Jakma Date: Thu Feb 11 13:54:23 2016 +0000 distro/redhat/rpm: remove with_ipv6, package pimd binary, remove pam stack * redhat/quagga.spec.in: remove with_ipv6, it should just be the norm now. The actual pimd binary wasn't being packaged, fix. Remove deprecated pam.stack support. * redhat/quagga.pam.stack: ancient, nuke. * Makefile.am: ditto commit fca2c24ff21a9d837229bc40e462c6615e368123 Author: Martin Winter Date: Wed Aug 12 17:31:07 2015 -0700 Adding redhat init/service files to start pimd Added missing pimd.init (for RedHat/CentOS <= 6) and pimd.service (for RedHat/CentOS >= 7) Signed-off-by: Martin Winter commit e07068c838142a127da8821afd660f075f7c35f8 Author: Paul Jakma Date: Fri Sep 4 14:25:13 2015 +0100 distro: fix redhat/quagga.spec.in * quagga.spec.in: Add default for with_pimd macro. Remove ancient condtional on quagga_buildreqs. More recent rpmbuild complains about too many levels of recursion in quagga_buildreqs, so use %{expand:..}. Actually use quagga_buildreqs in BuildRequires! groff is needed for build. texi2html --number argument has disappeared, split into 2. Acked-by: Donald Sharp commit a3ee120fcf2b2b205e3e15f544eb4090653e7bff Author: David Lamparter Date: Wed Dec 16 19:38:23 2015 +0100 lib: fix vrf_bitmap leak in zclient_free() zclient_stop(), which is used as antagonist to zclient_init(), needs to undo the vrf_bitmap allocation. Otherwise zclient_init() will leak the allocated memory, for example when zclient_reset() is used. Reported-by: Lou Berger Signed-off-by: David Lamparter commit 370b7e59170acf853ca3357c71dd5ab0d85e763c Author: Lou Berger Date: Thu Feb 4 21:29:49 2016 -0500 bgpd: Fix crash reported by NetDEF CI This patch is part of the previously submitted patch set on VPN and Encap SAFIs. It fixes an issue identified by NetDEF CI. Ensure temp stack structures are initialized Add protection against double frees / post free access to bgp_attr_flush Signed-off-by: Lou Berger commit bf83fa25f1bddec6f09ad879cba5e975a3ae5495 Author: Paul Jakma Date: Tue Feb 9 15:23:03 2016 +0000 lib: Check prefix length from zebra is sensible * zclient.c: prefix length on router-id and interface address add messages not sanity checked. fix. * */*_zebra.c: Prefix length on zebra route read was not checked, and clients use it to write to storage. An evil zebra could overflow client structures by sending overly long prefixlen. Prompted by discussions with: Donald Sharp commit 2db962760426ddb9e266f9a4bc0b274584c819cc Author: Paul Jakma Date: Mon Feb 8 14:46:28 2016 +0000 lib: zclient can overflow (struct interface) hw_addr if zebra is evil * lib/zclient.c: (zebra_interface_if_set_value) The hw_addr_len field is used as trusted input to read off the hw_addr and write to the INTERFACE_HWADDR_MAX sized hw_addr field. The read from the stream is bounds-checked by the stream abstraction, however the write out to the heap can not be. Tighten the supplied length to stream_get used to do the write. Impact: a malicious zebra can overflow the heap of clients using the ZServ IPC. Note that zebra is already fairly trusted within Quagga. Reported-by: Kostya Kortchinsky commit 405e9e19eb6ce62fa4f3f39a1f73990db9e146b7 Author: Paul Jakma Date: Thu Feb 4 17:00:18 2016 +0000 bgpd: Remove the double-pass parsing of NLRIs * bgpd parses NLRIs twice, a first pass "sanity check" and then a second pass that changes actual state. For most AFI/SAFIs this is done by bgp_nlri_sanity_check and bgp_nlri_parse, which are almost identical. As the required action on a syntactic error in an NLRI is to NOTIFY and shut down the session, it should be acceptable to just do a one pass parse. There is no need to atomically handle the NLRIs. * bgp_route.h: (bgp_nlri_sanity_check) Delete * bgp_route.c: (bgp_nlri_parse) Make the prefixlen size check more general and don't hard-code AFI/SAFI details, e.g. use prefix_blen library function. Add error logs consistent with bgp_nlri_sanity_check as much as possible. Add a "defense in depth" type check of the prefixlen against the sizeof the (struct prefix) storage - ala bgp_nlri_parse_vpn. Update standards text from draft RFC4271 to the actual RFC4271 text. Extend the semantic consistency test of IPv6. E.g. it should skip mcast NLRIs for unicast safi as v4 does. * bgp_mplsvpn.{c,h}: Delete bgp_nlri_sanity_check_vpn and make bgp_nlri_parse_vpn_body the bgp_nlri_parse_vpn function again. (bgp_nlri_parse_vpn) Remove the notifies. The sanity checks were responsible for this, but bgp_update_receive handles sending NOTIFY generically for bgp_nlri_parse. * bgp_attr.c: (bgp_mp_reach_parse,bgp_mp_unreach_parse) Delete sanity check. NLRI parsing done after attr parsing by bgp_update_receive. Arising out of discussions on the need for two-pass NLRI parse with: Lou Berger Donald Sharp commit 518a4b7eadcba567f01061e6659d8179380efcdf Author: Paul Jakma Date: Thu Feb 4 13:27:04 2016 +0000 bgpd: Regularise bgp_update_receive, add missing notifies and checks * bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN case was missing the EoR bgp_clear_stale_route call - the only action really needed for EoR. Make this function a lot more regular, using common, AFI/SAFI independent blocks so far as possible. Replace the 4 separate bgp_nlris with an array, indexed by an enum. The distinct blocks that handle calling bgp_nlri_parse for each different AFI/SAFI can now be replaced with a loop. Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally as early as possible. The existing code was not necessarily sending a NOTIFY for NLRI parsing errors, if they arose via bgp_nlri_sanity_check. Send the correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR for the MP ones. EoR can now be handled in one block. The existing code seemed broken for EoR recognition in a number of ways: 1. A v4/unicast EoR should be an empty UPDATE. However, it seemed to be treating an UPDATE with attributes, inc. MP REACH/UNREACH, but no classic NLRIs, as a v4/uni EoR. 2. For other AFI/SAFIs, it was treating UPDATEs with no classic withraw and with a zero-length MP withdraw as EoRs. However, that would mean an UPDATE packet _with_ update NLRIs and a 0-len MP withdraw could be classed as an EoR. This seems to be loose coding leading to ambiguous protocol situations and likely incorrect behaviour, rather than simply being liberal. Be more strict about checking that an UPDATE really is an EoR and definitely is not trying to update any NLRIs. This same loose EoR parsing was noted by Chris Hall previously on list. (bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct parser for the AFI/SAFI. * bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to internal code-point ASAP, adjust switch for that. Leave the wire code point in for defensive coding. (bgp_nlri_parse) rename to bgp_nlri_parse_ip. * tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend. commit 18ab08b71e6b29e67b36df5e2261569d381b1708 Author: Paul Jakma Date: Wed Jan 27 16:37:33 2016 +0000 bgpd: Regularise BGP NLRI sanity checks a bit * bgp_route.h: (bgp_nlri_sanity_check) The bulk of the args are equivalent to a (struct bgp_nlri), consolidate. * bgp_route.c: (bgp_nlri_sanity_check) Make this a frontend for all afi/safis. Including SAFI_MPLS_LABELED_VPN. (bgp_nlri_sanity_check_ip) Regular IP NLRI sanity check based on the existing code, and adjusted for (struct bgp_nlri *) arg. * bgp_attr.c: (bgp_mp_reach_parse) Adjust for passing (struct bgp_nlri *) to bgp_nlri_sanity_check. Get rid of special-casing to not sanity check VPN. (bgp_mp_unreach_parse) Ditto. * bgp_mplsvpn.c: Use the same VPN parsing code for both the sanity check and the actual parse. (bgp_nlri_parse_vpn) renamed to bgp_nlri_parse_vpn_body and made internal. (bgp_nlri_parse_vpn_body) Added (bool) argument to control whether it is sanity checking or whether it should update routing state for each NLRI. Send a NOTIFY and reset the session, if there's a parsing error, as bgp_nlri_sanity_check_ip does, and as is required by the RFC. (bgp_nlri_parse_vpn) now a wrapper to call _body with update. (bgp_nlri_sanity_check_vpn) wrapper to call parser without updating. * bgp_mplsvpn.h: (bgp_nlri_sanity_check_vpn) export for bgp_nlri_sanity_check. * bgp_packet.c: (bgp_update_receive) Adjust for bgp_nlri_sanity_check argument changes. * test/bgp_mp_attr_test.c: Extend to also test the NLRI parsing functions, if the initial MP-attr parsing has succeeded. Fix the NLRI in the VPN cases. Add further VPN tests. * tests/bgpd.tests/testbgpmpattr.exp: Add the new test cases. This commit a joint effort of: Lou Berger Donald Sharp Paul Jakma / commit c49a2747f6a6199dba27c0c413f4de6112fa649e Author: Paul Jakma Date: Fri Feb 5 14:57:17 2016 +0000 bgpd: make bgp_nlri_parse_encap conform with other nlri_parse funcs * bgp_encap.{c,h} (bgp_nlri_parse_encap) afi is already in the NLRI argument. update or withdraw is signalled by attr being non-NULL or NULL. * bgp_packet.c: (update_receive) fixup to match, and also make the attr argument conform with NLRI_ATTR_ARG for correct error handling on optional, transitive, partial, attributes. commit e98dce60cea213a4155a0db60b463e40c67aa77f Author: Donald Sharp Date: Wed Jan 20 07:53:51 2016 -0500 bgpd: Fix Null pointer dereference in bgp_info_mpath_update bgp_info_mpath_update is called with new_best == NULL, this causes the dereference of new_best in order to get at the mpath_cfg. Signed-off-by: Donald Sharp commit ecc1a136e10e0717761b6f436d299938a05a1309 Author: Donald Sharp Date: Wed Dec 9 08:24:47 2015 -0500 bgpd: Modify maxpaths cli's to use MULTIPATH_NUM for range Modify the various maxpath commands to use MULTIPATH_NUM as the upper limit of allowed max paths in BGP. There is no point in allowing a number of maximum paths greater than what Quagga is compiled for. Signed-off-by: Donald Sharp Tested-by: NetDEF CI System commit b2a2fd788f34a4f5d1bbd92a283e47704f05ae8f Author: Donald Sharp Date: Wed Dec 9 08:24:46 2015 -0500 lib: Add CMD_RANGE_STR macro to command.h Allow the auto-generation of a "" string for cli handline. Where X or Y can be a #define. CMD_RANGE_STR(LOW, HIGH) translates to: "<4-99>" Signed-off-by: Donald Sharp commit 91ce87aacfd8718b5a52fb0f4453e9f72d8bdb53 Author: Donald Sharp Date: Wed Dec 9 08:24:45 2015 -0500 zebra, bgpd: Fixup MULTIPATH_NUM usage to not consider 0 The code has spots where MULTIPATH_NUM set to 0 is equal to 64. Now that MULTIPATH_NUM is set from the makefile to never be 0, remove the code that depends on this. Signed-off-by: Donald Sharp commit d18396369ff85517cd4b0b7abe96f6f706710dc7 Author: Donald Sharp Date: Wed Dec 9 08:24:44 2015 -0500 build: Rework how MULTIPATH_NUM is delivered to build Changes made here: 1) MULTIPATH_NUM will never be 0. If user specifies --enable-multipath=0 then this translates to MULTIPATH_NUM being set to 64 inside of the build system. 2) Move MULTIPATH_NUM from a Makefile construct to a config.h construct. 3) Allowed MULTIPATH_NUM to be a number > 99 but < 1000 Signed-off-by: Donald Sharp commit 693da6096a28eef5eadeea699771265987b3ec0c Author: Donald Sharp Date: Wed Dec 16 14:22:11 2015 -0500 ospfd: Remove HAVE_OSPF_TE Remove from ospf the HAVE_OSPF_TE define and just always have ospf traffic engineering. Signed-off-by: Donald Sharp Tested-by: NetDEF CI System commit 36fef5708d074a3ef41f34d324c309c45bae119b Author: Donald Sharp Date: Wed Dec 16 14:22:10 2015 -0500 ospfd: Remove HAVE_OPAQUE_LSA HAVE_OPAQUE_LSA is used by default and you have to actively turn it off except that OPAQUE_LSA is an industry standard and used pretty much everywhere. There is no need to have special #defines for this anymore. Signed-off-by: Donald Sharp commit 2e320423337c628bfeb814ec15fd5f575ebc5eed Author: Donald Sharp Date: Wed Jan 13 10:49:50 2016 -0800 doc, vtysh: Fixup of history handling This fix does two things: 1) If the ${HOME}/.history_quagga file does not exist, create it for history storing. 2) Allow vtysh -c "..." commands to be stored in history file as well Signed-off-by: Donald Sharp commit 9099f9b2a66e86f8a90d7fe18f61bd2bb1bc6744 Author: Paul Jakma Date: Mon Jan 18 10:12:10 2016 +0000 *: use an ifindex_t type, defined in lib/if.h, for ifindex values commit 954c7d6bcd04c2cf037965adda0f9d11afdcd165 Author: Timo Teräs Date: Fri Jan 15 17:36:33 2016 +0200 lib, zebra: unify link layer type and hardware address handling This removes the BSD specific usage of struct sockaddr_dl hardware address. This unifies to use explict hw_addr member for the address, and zebra specific enumeration for the link layer type. Additionally the zapi is updated to never send platform specific structures over the wire, but the ll_type along with hw_addr_len and hw_addr are now sent for all platforms. Based on initial work by Paul Jakma. Signed-off-by: Timo Teräs Signed-off-by: Donald Sharp commit 4d3ae716ce86c28e3979c9ae57c4e717ac5e27e4 Author: Timo Teräs Date: Fri Jan 15 17:36:32 2016 +0200 zebra: remove metric from kernel It simplifies things as we can do atomic replace of route prefix. And it seems there's some race condition somewhere that can result in an incorrect change request leaving prefixes in kernel when they were intended to be replaced/deleted. Signed-off-by: Timo Teräs Acked-by: Donald Sharp commit 325823a5f07d6850318e52f6e66691eca59d24fe Author: Timo Teräs Date: Fri Jan 15 17:36:31 2016 +0200 zebra: support FIB override routes FIB override routes are for routing protocols that establish shortcut routes, or establish point-to-point routes that should not be redistributed. Namely this is useful NHRP daemon to come. Zebra is extended to select two entries from RIB the "best" entry from routing protocols, and the FIB entry to install to kernel. FIB override routes are never selected as best entry, and thus are never adverticed to other routing daemons. The best FIB override, or if it does not exist the otherwise best RIB is selected as FIB entry to be installed. Signed-off-by: Timo Teräs Acked-by: Donald Sharp commit 82a6635ca580ccd3c31551c960ec3de816b6c15d Author: Timo Teräs Date: Fri Jan 15 17:36:30 2016 +0200 zebra: use link scope for interface routes In linux, 'scope' is a hint of distance of the IP. And this is evident from the fact that only lower scope can be used as recursive via lookup result. This changes all interface routes scope to link so kernel will allow regular routes to use it as via. Then we do not need to use the 'onlink' attribute. Signed-off-by: Timo Teräs commit 0abf6796c3d8ae8f5ea8624668424bc1554de25e Author: Timo Teräs Date: Fri Jan 15 17:36:29 2016 +0200 zebra: atomic FIB updates This commit updates the kernel API so that route changes are atomically updated using change/replaces messages instead of first sending a withdraw followed with update. Same for zclient updates, changes are sent as single ADD instead of DELETE + ADD. Signed-off-by: Timo Teräs commit b0d02889624eaafa0984873dcd78c086418bdf13 Author: Donald Sharp Date: Fri Jan 8 07:37:14 2016 -0500 lib, bgpd: Remove 'struct fifo' from lib/zebra.h The 'struct fifo' and it's accompanying #defines do not belong in lib/zebra.h. Move them into their own header. Signed-off-by: Donald Sharp commit 205e6744f2dc2909dd494c9ce8acb82821459f1f Author: Lou Berger Date: Tue Jan 12 13:42:11 2016 -0500 bgpd: remove HAVE_IPV6 conditionals Signed-off-by: Lou Berger Tested-by: NetDEF CI System commit 544ec70f66d0ec081dadde79bec1f25c2241f57f Author: Lou Berger Date: Tue Jan 12 13:42:10 2016 -0500 doc: Add AFI/SAFI show commands to manual Signed-off-by: Lou Berger commit f9b6c3938642090ffa1cae8b7125abff2b1e9fb0 Author: Lou Berger Date: Tue Jan 12 13:42:09 2016 -0500 bgpd: Add back old forms of 'show ' for compatibility Signed-off-by: Lou Berger commit bf1ae6c683a53d7f43c273afb55d52ccc233296b Author: Lou Berger Date: Tue Jan 12 13:42:08 2016 -0500 bgpd: drop machineparse / random "show" improvements Signed-off-by: Lou Berger commit 651b402d32b52ecf7ea1d979bf83b88ff799e134 Author: Lou Berger Date: Tue Jan 12 13:42:07 2016 -0500 bgpd: encap show commands Signed-off-by: Lou Berger commit 35c36863f42e3c3e61a0cae400ffa80905c96d45 Author: Lou Berger Date: Tue Jan 12 13:42:06 2016 -0500 bgpd: VPNv6 show commands Signed-off-by: Lou Berger commit 135ca1502cc54d9ad00b60b3410a0932bfeceb29 Author: Lou Berger Date: Tue Jan 12 13:42:05 2016 -0500 bgpd: cleanup vty bgp_node_afi/safi utils Signed-off-by: Lou Berger commit a3fda886cdd48b6d8c421ebb1401142fa9ee93b0 Author: Lou Berger Date: Tue Jan 12 13:42:04 2016 -0500 bgpd, lib, vtysh: hook up bgp ENCAP CLI node Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 637035710a2f8e1e5944ee714135b7f88ac15ac4 Author: Lou Berger Date: Tue Jan 12 13:42:03 2016 -0500 bgp: Reorg cleanup to align process and bgp instance init/destroy Signed-off-by: Lou Berger commit 298cc2f688dbadf0a447fcd06ae8e20fa5006ce4 Author: Lou Berger Date: Tue Jan 12 13:42:02 2016 -0500 bgpd: encap: add encap SAFI (RFC5512) Adds RFC5512 and Encapsulation Attribute. Signed-off-by: Lou Berger commit c3741789530ee824693fd606356acac2ad695f83 Author: Lou Berger Date: Tue Jan 12 13:42:01 2016 -0500 bgpd: encap: add attribute handling Signed-off-by: Lou Berger Reviewed-by: David Lamparter commit 5a81fc9ae610ff343902ebabc12237d6e40d91cb Author: Lou Berger Date: Tue Jan 12 13:42:00 2016 -0500 bgpd: encap: extend extcommunity handling Add code to print ENCAP communities. Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 050defe816e4bd4cac7b028f69e45cb1974ca96d Author: Lou Berger Date: Tue Jan 12 13:41:59 2016 -0500 bgpd: general MP/SAFI improvements This fixes some minor mixups particularly in MPLS-related SAFIs, as well as doing some stylistic changes & adding comments. Signed-off-by: Lou Berger Reviewed-by: David Lamparter commit d5d5e3e04fc41b9a89b7ce9049fd322bdbde2e4d Author: Lou Berger Date: Tue Jan 12 13:41:58 2016 -0500 bgpd: tests - add null pointer protection to fix bgp test failures Signed-off-by: Lou Berger commit 82dd707988b7481e203cab058c92f0b3041dd558 Author: Lou Berger Date: Tue Jan 12 13:41:57 2016 -0500 bgpd: improve cleanup in bgp_delete() Signed-off-by: Lou Berger commit 13c378d96a57017f5995b2e0df46cfc31123f0e8 Author: Lou Berger Date: Tue Jan 12 13:41:56 2016 -0500 bgpd, lib, vtysh: hook up bgp VPNv6 CLI node Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 9da04bca0e994ec92b9242159bf27d89c6743354 Author: Lou Berger Date: Tue Jan 12 13:41:55 2016 -0500 bgpd: wire up VPNv6 protocol processing There wasn't much missing for VPNv6 to begin with; just a few bits of de- & encoding and a few lists to be updated. Signed-off-by: Lou Berger Signed-off-by: David Lamparter [Editorial note: Signed-off-by may imply an authorship claim, but need not] Edited-by: Paul Jakma / commit a03bd16eedc5077e98716509b8918ed365227e02 Author: Lou Berger Date: Tue Jan 12 13:41:54 2016 -0500 bgpd: handle AS4 and EOI route distinguishers Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit a76d9ca3584c1751a592457c167c1e146648ceb6 Author: Lou Berger Date: Tue Jan 12 13:41:53 2016 -0500 bgpd: make _vpnv4 static handling SAFI-agnostic This changes the existing _vpnv4 functions for MPLS-VPN into SAFI-agnostic functions, renaming them from *_vpnv4 to *_safi. Also adds route-map support while at it. Signed-off-by: Lou Berger Reviewed-by: David Lamparter commit 4d80560a2b064182191371fd7e4304bf829a4d9f Author: Lou Berger Date: Tue Jan 12 13:41:52 2016 -0500 bgpd: kill unused variable in bgp_socket() Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 3e841d3b49bdb475ce793eee5d82e5137dff57d3 Author: Lou Berger Date: Tue Jan 12 13:41:51 2016 -0500 bgpd: add nexthop length to AF macro Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 2daf7f3a8d69213f35b16a04dbe300957481a811 Author: Lou Berger Date: Tue Jan 12 13:41:50 2016 -0500 lib: add SAFI_ENCAP type, safi2str prefix utility Signed-off-by: Lou Berger commit c7f7e49a4f68c92152384582ff70d64609858170 Author: Lou Berger Date: Tue Jan 12 13:41:49 2016 -0500 lib: add facility to log all CLI commands Signed-off-by: Lou Berger commit f9ec4190f1eaf2dba355a9808bca8d7148bc8a55 Author: Lou Berger Date: Tue Jan 12 13:41:48 2016 -0500 lib: add "show commandtree" CLI command Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 9248b61f54955e56212f3ae4c8a7ab704f7ad01c Author: Lou Berger Date: Tue Jan 12 13:41:47 2016 -0500 lib: treat realloc of null pointer as alloc Now use zalloc rather than alloc with null. Fixes issue seen in bgp check tests. Signed-off-by: Lou Berger commit 672900382d47137638086bd8351b2678f589a546 Author: Lou Berger Date: Tue Jan 12 13:41:46 2016 -0500 lib: fix bookkeeping for libreadline malloc()s When libreadline is used, we mistakenly mix in strdup() done in libreadline with Quagga's lib/memory bookkeeping/counting, leading to counter underflows on MTYPE_TMP. Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 40278bd4c51939ccf8ec06ef1f33aedf8f05e86c Author: Lou Berger Date: Tue Jan 12 13:41:45 2016 -0500 zebra: additional redistribute related logging Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit b05c6ca57130f079f8a8a6686d9d4ffa5ff440f0 Author: Lou Berger Date: Tue Jan 12 13:41:44 2016 -0500 zebra: make RTF_LLINFO optional to fix FreeBSD Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit d7be042378eac103634ab62abf4b2a5ca225092d Author: Lou Berger Date: Tue Jan 12 13:41:43 2016 -0500 zebra: wire up "debug zebra packet detail" There was no way to actually set ZEBRA_DEBUG_DETAIL, even though some debug output was conditional to it. Add CLI command. Signed-off-by: Lou Berger Signed-off-by: David Lamparter commit 0490729cc033a3483fc6b0ed45085ee249cac779 Author: Donald Sharp Date: Thu Jan 7 10:03:01 2016 -0500 lib, bgpd, tests: Refactor FILTER_X in zebra.h lib/zebra.h has FILTER_X #define's. These do not belong there. Put them in lib/filter.h where they belong. Signed-off-by: Donald Sharp commit 7748fdc757a2181649dd4956f2767545673ef28d Author: Lou Berger Date: Wed Feb 10 14:24:00 2016 +0000 bgpd: Fix graceful restart capability minsize * bgp_open.c: cap_minsize should be CAPABILITY_CODE_RESTART_LEN for RESTART not 6. commit f3cfc46450cccc5ac035a5a97c5a1a5484205705 Author: Donald Sharp Date: Thu Jan 7 09:33:28 2016 -0500 lib, bgpd: Fixup afi_t to be an enum and cleanup zebra.h This code change does two things: 1) Removes ZEBRA_AFI_XXX #defines since they were redundant information 2) Switches afi_t to an enumerated type so that the compiler can do a bit more compile time checking. Signed-off-by: Donald Sharp commit d5062d218994885710fe02f516f0c06025b4fc9a Author: Paul Jakma Date: Wed Dec 2 16:47:43 2015 +0000 docs: Update bgpd docs, inc. on decision process, and with a section on MED. * bgpd.texi: Document the -l argument. Update the 'BGP decision process' table to reflect what /actually/ is implemented. Add docs on 'compare-routerid' in the bestpath section. Add a section on MED, to highlight the issues it has by default, and to highlight that it is terminally broken for its original purpose in many modern iBGP topologies. Mention the potential workarounds and fixes. * routemap.texi: set an anchor on 'set metric' so bgpd.texi can reference it. commit 6d4742bef722e6fab45fb6eb22ed2c7b7570a2e6 Author: Paul Jakma Date: Wed Nov 25 17:14:37 2015 +0000 bgpd: make bgp_info_cmp and multiple-path decision logic more regular * bgp_route.c: (bgp_info_cmp) This function is supposed to return a preference between the given paths, and does so as binary either or. When mpath was added, the binary return value was left as is and instead an out parameter 'paths_eq' was added to indicate the mpath-equality case. It's a bit odd, as is the resulting logic in the caller. Regularise things again by making the function return a strcmp like trinary return value of -1,0,1. Get rid of the mpath specific arguments, but pass in afi/safi as part of the general context - that plus the (struct bgp *) is enough to access configuration. Update the return values. The mpath check was testing the IGP metric for equality, even though previous to the mpath changes (and consistent with the behaviour of all the other tests bar the end), equality results in continuing through to the next comparison. Just go back to the previous way - each test finds a preference to return, or continues on to let further tests have a go. (bgp_best_selection) Get rid of the (struct bgp_maxpaths_cfg *) arg, we can't add state for every optional feature to the argument list - they have to look it up as needed. Do pass through the very general afi/safi context though (saves several lookups through the route_node). Adjust for the new trinary bgp_info_cmp return value and updated args. Do the mpath clearing/accumulation in one place, in each loop. Call to bgp_info_mpath_update similarly gets updated, as there's no cfg to pass. (bgp_process_{rsclient,main}) match bgp_best_selection changes. * bgp_mpath.c: (bgp_mpath_is_configured_sort) Helper for whether mpath is enabled by peer sort. (bgp_mpath_is_configured) ditto, generally. (bgp_info_mpath_update) caller no longer has the cfg to pass in, look it up. * bgp_mpath.h: Export the above and Match .c changes. Requires commit: "bgpd: bgp_scan shouldn't queue up route_nodes with no routes for processing" Signed-off-by: Donald Sharp commit 91b9e8547a7c5697d5d7481f9476778077024019 Author: Paul Jakma Date: Tue Dec 1 14:32:11 2015 +0000 bgpd: bgp_scan shouldn't queue up route_nodes with no routes for processing * bgp_nexthop.c: (bgp_scan) There is little point queueing an rn with no routing information for processing. * bgp_route.c: (bgp_process) Do nothing on rn's with no routes. Add an assert for now, to try catch any other cases, but prob should be removed. (bgp_best_selection) rn with no routes == finish early. commit 321d4130a615445d0f49f41c909c92d5401fd5ff Author: Paul Jakma Date: Wed Nov 25 17:14:36 2015 +0000 tests: add more AS4 capability tests + little fixes for couple of GR test cases. Reviewed-by: Donald Sharp commit 4078f2eb7a3a94ddb30cfd8b76b054e790aab524 Author: Paul Jakma Date: Wed Nov 25 17:14:35 2015 +0000 bgpd: Check capability falls on right multiple of size, where possible. * bgp_open.c: (cap_modsizes) Table of multiple a capability's data size should fall on, if applicable. (bgp_capability_parse) Check the header lengthcap_modsizes should fall on. Inspiration from Cumulus bgpd-capability-cleanup.patch patch, with a slightly different approach. Acked-by: Donald Sharp commit 68ec424eb8557f86d08fcb7ab3c5366cbf3eca0e Author: Paul Jakma Date: Wed Nov 25 17:14:34 2015 +0000 bgpd: OPEN parse errors should send OPEN_ERR and UNSPECIFIC subcode. CEASE NOTIFICATION for OPEN parsing errors seems, to my reading of RFC4271 §6.2 to be incorrect. * bgp_packet.c: (bgp_open_receive) OPEN/UNACEP_HOLDTIME is not an appropriate error subcode if bgp_open_option_parse returns an error. Set it to "Unspecific". Where a more specific subcode is appropriate, then lower level should send that. * bgp_open.c: (bgp_open_option_parse) Malformed OPENs should result in NOTIFICATION with OPEN error, and OPEN/UNSPECIFIC sub-code - not CEASE. (bgp_capability_{parse,orf_entry}) ditto. * bgpd.h: Add BGP_NOTIFY_OPEN_UNSPECIFIC for 0. Note that IANA lists 0 as reserved in the OPEN error sub-code registry, but RFC4271 page 32 says 0 is the "Unspecific" OPEN error subcode. Have emailed IANA, they says it's a known errate to 4271 under review. Some inspiration from Cumulus' bgpd-capability-cleanup.patch, though v different result. commit cc216b7978b038667626afd3f70dda8f70c46e4e Author: Gautam Kumar Date: Mon Oct 26 13:22:12 2015 -0700 vtysh: When the config file is close to the boundry of size of buffer vtysh hangs. commit a3bc7e9400b214a0f078fdb19596ba54214a1442 Author: Donald Sharp Date: Wed Jan 27 16:54:45 2016 +0000 bgpd: Fix VU#270232, VPNv4 NLRI parser memcpys to stack on unchecked length Address CERT vulnerability report VU#270232, memcpy to stack data structure based on length field from packet data whose length field upper-bound was not properly checked. This likely allows BGP peers that are enabled to send Labeled-VPN SAFI routes to Quagga bgpd to remotely exploit Quagga bgpd. Mitigation: Do not enable Labeled-VPN SAFI with untrusted neighbours. Impact: Labeled-VPN SAFI is not enabled by default. * bgp_mplsvpn.c: (bgp_nlri_parse_vpnv4) The prefixlen is checked for lower-bound, but not for upper-bound against received data length. The packet data is then memcpy'd to the stack based on the prefixlen. Extend the prefixlen check to ensure it is within the bound of the NLRI packet data AND the on-stack prefix structure AND the maximum size for the address family. Reported-by: Kostya Kortchinsky This commit a joint effort between: Lou Berger Donald Sharp Paul Jakma / commit eae18d16fefed42af33e63e096a2889b9c70b9cb Author: Donald Sharp Date: Sat Nov 21 07:55:42 2015 -0500 zebra: Fix solaris build issue The number of parameters to rib_add_ipv4 has been increased. Submitter of original patch failed to modify solaris code path. Signed-off-by: Donald Sharp commit 0d27129ac5fd70b90820e3dde05c085d1a0f63a8 Author: Donald Sharp Date: Thu Nov 19 07:21:30 2015 -0500 zebra: Fix non usage of VRF_DEFAULT A vrf_id was being set to 0 instead of VRF_DEFAULT Signed-off-by: Donald Sharp commit 64e0ac29ddc43bb5b1a2999a8ebedbdff115e3ca Author: Paul Jakma Date: Wed Nov 18 16:00:54 2015 +0000 bgpd: Implicit updates in BGP may require a withdrawal from zebra RIB * J Yu noted a problem with bgpd of routes not having their nexthop updated correctly. Martin Winter pinned this down to the case where a BGP route is updated from one with a valid nexthop to an invalid next-hop, using a test tool. Once the problem occurs, the incorrect route may remain, even after further UPDATEs, so long as the nexthop in the zebra RIB does not match the BGP route's nexthop. Jacqueline Yu then pinned the issue down further to being due to bgpd sending the DELETE for the route to zebra with the new nexthop after a BGP UPDATE updates an existing route, but then is found to be invalid, and zebra not finding the route as it requires a match on all attributes. * bgp_zebra.c: (bgp_zebra_withdraw) When deleting a prefix, we want it gone. Do not send additional matching attributes like the nexthop, which can only cause incorrect non-matches. Acked-by: Donald Sharp commit 76764ddcf53fa4840993c395fdf383a47ad61e8e Author: Donald Sharp Date: Fri Nov 20 09:05:46 2015 -0500 isisd, lib: Fix some more compiler warnings A couple compiler warnings snuck in from the last round of work being looked at. This cleans them up Signed-off-by: Donald Sharp commit 642577340cfb7ad66d021ab2b86d72f7cdde03bc Author: Donald Sharp Date: Fri Nov 20 08:33:30 2015 -0500 zebra: Cleanup RTADV define The RTADV define was not being set correctly or consistently. Make the code consistent with our HAVE_IPV6 define. If the user wants to explicitly turn it off then they should run --disable-rtadv from the configure cli Signed-off-by: Donald Sharp commit 8253b73c3c71d4102c0010f63b59b2829f3b0f90 Author: Christian Franke Date: Thu Nov 12 14:24:28 2015 +0100 isisd: make send_lsp more robust Signed-off-by: Christian Franke Tested-by: NetDEF CI System commit 812f282cc1b2c69c1d75cfbfe7983725ceaa4b15 Author: Christian Franke Date: Tue Nov 10 18:33:16 2015 +0100 isisd: fix misleading wording in log The changed messages are actually located before transmission is attempted. Therefore, the tense is somewhat misleading, especially since transmission may not always succeed. Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 80d6b4e3e6358f52e06e576fcd927d0a009d964e Author: Christian Franke Date: Tue Nov 10 18:33:15 2015 +0100 isisd: handle lsp confusion (ISO/IEC 10589:2002 7.3.16.2) Signed-off-by: Christian Franke Acked-by: Donald Sharp commit e28718a8bffe0353691a2a7b2643bbeb2657fd66 Author: Christian Franke Date: Tue Nov 10 18:33:14 2015 +0100 isisd: fix IPv6 mask application Signed-off-by: Christian Franke Acked-by: Donald Sharp commit cb32a19d143a21f31a13aec83415f27d9daa6a27 Author: Christian Franke Date: Tue Nov 10 18:33:13 2015 +0100 isisd: show interface's ipv6 addreses Signed-off-by: Christian Franke Acked-by: Donald Sharp commit ec87416a1048d547c514b535c15616f9ed932a62 Author: Christian Franke Date: Tue Nov 10 18:33:12 2015 +0100 isisd: provide more detailed log for failed address removal Signed-off-by: Christian Franke Acked-by: Donald Sharp commit acf9865f7fcec6a8d47df6ed7946a5e8ca398918 Author: Christian Franke Date: Thu Nov 12 14:24:22 2015 +0100 isisd: add support to import routes from other protocols Signed-off-by: Christian Franke commit 9dfcca6122c9f4f3642241ff50029d7669af3999 Author: Christian Franke Date: Tue Nov 10 18:32:11 2015 +0100 isisd: fix assertion in LSP refresh timer calculation Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 61010c33fd7bf3d923c5406656c0672f0336b179 Author: Christian Franke Date: Tue Nov 10 18:43:34 2015 +0100 isisd: add a slight delay to lsp_regenerate_schedule isisd implements a holdoff interval and will refrain from regenerating an lsp if the difference between the current time and its last refresh is less than the holdoff interval. Instead, it will schedule a timer to regenerate the lsp after the holdoff interval has passed. This implementation has one disadvantage in the case where there is a succession of calls to lsp_regenerate_schedule. In such a case, the first call will trigger an immediate regeneration of the lsp, while the other calls will only schedule the regeneration timer. This leads to cases where it takes holdoff interval time for information to propagate, just because the information was only available e.g. at the second call of lsp_regenerate_schedule in such a succession of calls. By not immediately regenerating an lsp if the last generation time is sufficiently long ago, but instead scheduling the regeneration with a very small delay, we allow all information from such a succession of calls to be considered. Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 80a8f72654631fe00f787c73515dc7d064251adc Author: Christian Franke Date: Thu Nov 12 14:21:47 2015 +0100 isisd: add a debug mode that traces LSP construction Signed-off-by: Christian Franke commit 749e87a0731ae53cf73af507afb63bab3f8e937f Author: Christian Franke Date: Tue Nov 10 18:21:44 2015 +0100 isisd: purge on correct level Signed-off-by: Christian Franke Acked-by: Donald Sharp commit f1fc1db703c34dbeb9639c4f6ebfb096cdc3fc62 Author: Christian Franke Date: Tue Nov 10 18:43:31 2015 +0100 isisd: allow to adjust lsp-mtu Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 7324ae1f0daa5537dbcfded208707581b2b36335 Author: Christian Franke Date: Tue Nov 10 18:04:48 2015 +0100 isisd: initialize circuit to match area is_type New circuits should be initialized to match the is_type of their area. Also add an additional check to make sure that no IIHs are sent for levels which are not enabled. Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 912aac4f670ffd383b757995914f4d1b5e7596aa Author: Christian Franke Date: Tue Nov 10 18:04:47 2015 +0100 isisd: do remove ipv6 routes from Zebra We can abort isis_zebra_route_del_ipv6 if the route in question has ISIS_ROUTE_FLAG_ZEBRA_SYNCED unset, meaning it's not in the kernel. Aborting the function if the flag is set prevents us from removing any routes. Signed-off-by: Christian Franke Acked-by: Donald Sharp commit f35169ecdb481ca1e176cbb234b5294b2ca901a7 Author: Christian Franke Date: Thu Nov 12 14:09:08 2015 +0100 isisd: don't corrupt memory for long hostnames Signed-off-by: Christian Franke Acked-by: Donald Sharp commit b461630bed1a0ed33c3a38fc485caf826ff05ce9 Author: Christian Franke Date: Tue Nov 10 18:04:45 2015 +0100 isisd: fix a typo in a log message Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 390f16ee4e506f782aa48077cc8318e6fdcf4a5c Author: Christian Franke Date: Tue Nov 10 18:04:44 2015 +0100 isisd: remove superfluous checks after XMALLOC etc. Signed-off-by: Christian Franke commit 77277a140984aa78756cbf363606a324c84113db Author: Christian Franke Date: Tue Nov 10 18:04:43 2015 +0100 isisd: annotate some function arguments with const Signed-off-by: Christian Franke Acked-by: Donald Sharp commit abfd40d68202882696260617729518a6d2c99302 Author: Christian Franke Date: Tue Nov 10 18:04:42 2015 +0100 lib: don't have log functions change errno Signed-off-by: Christian Franke Acked-by: Donald Sharp commit dbe99e0c407bcb383d0be0c0010fefccc5b46866 Author: Alexis Fasquel Date: Mon Nov 16 13:55:16 2015 -0500 bgpd: Update dump to allow Extended Time Format Allow the bgp dump functionality to handle the Extended Time format as specified in RFC 6396. Fixes a segmentation fault with multiple dump rules as well. Signed-off-by: Alexis Fasquel Acked-by: Donald Sharp Signed-off-by: Donald Sharp commit 76fbc64c5d82c6f540cb4a1ac855f9f098fa6c5f Author: Christian Franke Date: Tue Nov 10 18:04:41 2015 +0100 lib: add function to get precise remaining time of timer thread Signed-off-by: Christian Franke Acked-by: Donald Sharp commit 1ca8d40f996c0760a1a8931f54044dd7ca9e3f9c Author: Christian Franke Date: Tue Nov 10 17:45:03 2015 +0100 ripd, isisd: fix warnings that make the build fail These issues have been found by running buildtest.sh using GCC 5.2.0 and Clang 3.7.0 Fixes pointer checks that can never be null Signed-off-by: Christian Franke Tested-by: NetDEF CI System Signed-off-by: Donald Sharp commit c1900e09a7fdd70437f3ba0329868f1eee3f5a1a Author: Donald Sharp Date: Wed Nov 4 13:26:40 2015 -0500 zebra: Fix change of distance on ipv6 route creating duplicate routes If you enter: ipv6 route 2002:44:44:44::44/128 swp1 4 ipv6 route 2002:44:44:44::44/128 swp1 99 You get: host-111# show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv6, I - IS-IS, B - BGP, A - Babel, T - Table, > - selected route, * - FIB route S 2002:44:44:44::44/128 [99/0] is directly connected, swp1 S>* 2002:44:44:44::44/128 [4/0] is directly connected, swp1 This problem is fixed in the ipv4 code path. Copying the same code from the ipv4 into the ipv6 code path fixes the issue. With the fix: host-111(config)# ipv6 route 2002:44:44:44::44/128 swp1 4 host-111(config)# do show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv6, I - IS-IS, B - BGP, A - Babel, T - Table, > - selected route, * - FIB route S>* 2002:44:44:44::44/128 [4/0] is directly connected, swp1 C * fe80::/64 is directly connected, swp1 C>* fe80::/64 is directly connected, eth0 host-111(config)# ipv6 route 2002:44:44:44::44/128 swp1 99 host-111(config)# do show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv6, I - IS-IS, B - BGP, A - Babel, T - Table, > - selected route, * - FIB route S>* 2002:44:44:44::44/128 [99/0] is directly connected, swp1 C * fe80::/64 is directly connected, swp1 C>* fe80::/64 is directly connected, eth0 host-111(config)# Signed-off-by: Donald Sharp commit 949b719eac0c8b51c73f144eb035fab27a16c2a6 Author: Donald Sharp Date: Wed Nov 4 13:26:39 2015 -0500 zebra: Combine static_uninstall_ipv[4|6] into one function Signed-off-by: Donald Sharp commit a979ab70e0ec51f3cf779edae509f3c52be0b0f4 Author: Donald Sharp Date: Wed Nov 4 13:26:38 2015 -0500 zebra: combine static_ipv[4|6]_nexthop_same into one function Combine the static_ipv[4|6]_nexthop_same into static_nexthop_same. Signed-off-by: Donald Sharp commit 9bcdd1a252ba84424eb06e84adf7fb48ae66ce1f Author: Donald Sharp Date: Wed Nov 4 13:26:37 2015 -0500 zebra: Combine static_install_ipv[4|6] Combine the static_install_ipv[4|6] function calls into static_install_route. Signed-off-by: Donald Sharp commit 0d955affd51df42dd5ae24b0d41edd992fb59a78 Author: Donald Sharp Date: Wed Nov 4 13:26:36 2015 -0500 zebra: Remove HAVE_IPV6 from rib.h and zebra_rib.c Signed-off-by: Donald Sharp commit d4c27d656d072fbd81003a71c4f3391c96852c60 Author: Donald Sharp Date: Wed Nov 4 13:26:35 2015 -0500 zebra: Collapse struct static_ipv[4|6] into struct static_route The 'struct static_ipv4' and 'struct static_ipv6' structures are essentially the same. Collapse them into one data structure 'struct static_route'. Signed-off-by: Donald Sharp commit b11f3b54c842117e22e2f5cf1561ea34eee8dfcc Author: Timo Teräs Date: Mon Nov 2 16:50:07 2015 +0200 zebra: implement per-route mtu handling This commits allow overriding MTU using netlink attributes on per-route basis. This is useful for routing protocols that can advertice prefix specific MTUs between routers (e.g. NHRP). Signed-off-by: Timo Teräs commit 7eb6136b2732d4782360f9f376336c6d4f667ff0 Author: Timo Teräs Date: Mon Nov 2 16:50:05 2015 +0200 zebra: make ZEBRA_FLAG_CHANGED internal status This flag is used internally in zebra only. And it makes no sense to expose it over the zclient API, as having it set from client could corrupt the internal state. Signed-off-by: Timo Teräs Acked-by: Donald Sharp commit 929a26a7cf80b2df9981595e6bcfcfc4a970052a Author: Donald Sharp Date: Wed Oct 28 19:59:30 2015 -0400 lib: Memory reporting fails over 2GB The old style mallinfo() function uses an 'int' to report memory usage data to the program. Unfortunately modern architectures can chew through 2gb of memory like a buzz saw hitting some warm butter, especially in the case of a memory leak or memory fragmentation. When a daemon uses more than 2gb of memory, just indicate it's gotten large and we don't know anymore. Pre-change behavior: Robot-1# show memory System allocator statistics: Total heap allocated: 16777216 TiB Holding block headers: 1288 KiB Used small blocks: 0 bytes Used ordinary blocks: 535 MiB Free small blocks: 768 bytes Free ordinary blocks: 16777216 TiB Ordinary blocks: 266107 Small blocks: 24 Holding blocks: 2 Post-change behavior: Robot-1# show memory System allocator statistics: Total heap allocated: 1572 KiB Holding block headers: > 2GB Used small blocks: 0 bytes Used ordinary blocks: 1443 KiB Free small blocks: 32 bytes Free ordinary blocks: 129 KiB Ordinary blocks: 2 Small blocks: 1 Holding blocks: 2 Signed-off-by: Donald Sharp commit 0d7435f2138955b4b8aa9044eefbaff31ec33248 Author: Daniel Walton Date: Thu Oct 22 11:35:20 2015 +0300 bgpd: Add support for timer commands with peer-group syntax The peer-groups parser is missing advertisement-interval and 'timers connect' Signed-off-by: Daniel Walton Reviewed-by: Timo Teräs commit 5a2a1ec18c89daec5de6690a9b0f47c0d11a0f2d Author: Timo Teräs Date: Thu Oct 22 11:35:18 2015 +0300 bgpd: update rtt on soft clear rtt is calculated dynamically by the kernel. Refresh it on soft clear. Fixes: ef757700d0 "bgpd: allow using rtt in route-map's set metric" Signed-off-by: Timo Teräs commit 0edba8b6ad9c83fa0a3cc58765fe9f123f4109ac Author: Timo Teräs Date: Thu Oct 22 11:35:17 2015 +0300 bgpd: check rtt later after the real peer is known OPEN message handler moves the connection from the temporary "struct peer" (used to accept it) to the real "struct peer" based on the configuration. RTT needs to be updated only to the real struct peer, and this patch moves the RTT query to point where realpeer is known. Fixes: ef757700d0 "bgpd: allow using rtt in route-map's set metric" Signed-off-by: Timo Teräs commit 983525e8b560fc44d2214ca3f6d72af809b6ebd9 Author: Timo Teräs Date: Thu Oct 22 11:35:16 2015 +0300 zebra: fix rtadv detection The GLIBC macro tests were just plain wrong. Glibc 2.1 is ancient and the support should be detected via configure.ac test, not macro test. Build with HAVE_RTADV but !RTADV is broke after vrf, so for now, just define RTADV always if HAVE_RTADV is there. Signed-off-by: Timo Teräs commit 6d853c43d9dd315eb42211150b7a4a43bae4cb62 Author: Donald Sharp Date: Wed Oct 21 16:13:51 2015 -0400 pimd: Limit pim hello log messages pimd was outputting allot of data surrounding pim hello packets. In addition the debugging was inconsistent and not all turned on via 'debug pim packet hello'. Signed-off-by: Donald Sharp commit bf99b420a57b7c5bf44c8ab528d0a2e416b66d81 Author: Donald Sharp Date: Wed Oct 21 10:00:47 2015 -0400 bgpd: Fix bgp_btoa to compile bgp_btoa was abandoned at some point in time in the past. This commit gets it to compile and to be added to /usr/bin. At this point in time no work has done for 'correctness' of execution Signed-off-by: Donald Sharp commit c8af680df5beb613fd50c265773a6beb0f1768c9 Author: Daniel Walton Date: Wed Oct 21 06:56:44 2015 -0700 lib: Add zlog_hexdump() for debugging Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp Signed-off-by: Donald Sharp commit 363c903435b154e989f0544d12d4ac8d50174c0b Author: Daniel Walton Date: Wed Oct 21 06:42:54 2015 -0700 bgpd: crash from not NULLing freed pointers Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp There was a crash from not NULLing out peer->hostname but I cleaned up a bunch of other suspect ones as well. commit 92e62e06ba9e03c4603538b3138298b274e3c167 Author: Daniel Walton Date: Wed Oct 21 06:42:53 2015 -0700 ospfd: Lower the default OSPF spf timers to '0 50 5000' Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit f89b09be92bed03b1e5add55dc14ef92e94c52e1 Author: Daniel Walton Date: Wed Oct 21 06:42:52 2015 -0700 bgpd: Lower BGP's default keepalive/holdtime to 3s/9s Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit 8e644534b4d20dde07306700be0503d09d30a16e Author: Daniel Walton Date: Wed Oct 21 06:42:51 2015 -0700 bgpd: Remove BGP_ERROR_START_TIMER, it was no longer used Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit c37b9bccdcc1266f52e50fa3e5a8dc81086c3fe7 Author: Daniel Walton Date: Wed Oct 21 06:42:50 2015 -0700 bgpd: Enable "bgp log-neighbor-changes" by default Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit 57fcfda56ad091a6850e190f5788361bf921699e Author: Daniel Walton Date: Wed Oct 21 06:42:49 2015 -0700 bgpd: Do not allow a timers connect of 0, this can hammer the CPU Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit 3ff77fe62ecdabc01f576de8c4e5d78d16e3e436 Author: Daniel Walton Date: Wed Oct 21 06:42:48 2015 -0700 bgpd: Remove BGP's asorig timer, it is no longer used Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit f822ad4326e8b279e028b8b2ca2282475b5e27de Author: Daniel Walton Date: Wed Oct 21 06:42:47 2015 -0700 bgpd: Lower the default 'timers connect' in BGP to 10 seconds Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp commit e56aab94a615a2b676473fbd09145b444a348029 Author: Paul Jakma Date: Tue Oct 20 16:14:56 2015 +0100 doc: Add 'OSPF Fundamentals' section to OSPF docs * ospf_fundamentals.texi: New section explaining the fundamentals of OSPF for system admins, to help them debug their networks. * {Makefile.am,ospfd.texi}: include and build previous Conflicts: doc/Makefile.am commit ffe794426af2b142ecfed7021d34d8f868857219 Author: Paul Jakma Date: Thu Oct 29 14:24:13 2015 +0000 pimd: Fix size_t zlog_err format string warning * fc1c114aa / "pimd: Fix warning", the size_t arg should have a %zu format. commit 283596fd6d49a5b2861a6923db9a88628ef0eca4 Merge: be62b17 fc1c114 Author: Paul Jakma Date: Wed Oct 28 14:25:06 2015 +0000 Merge 'patch-tracking/4/proposed/netdef-solaris' into accepted commit be62b17c736ea06181f2788e3011066830555610 Author: Michael Zingg Date: Fri Oct 26 11:18:19 2012 +0200 isisd: Fix LSPs not being regenerated after adjacency change In isisd LSP's are not regenerated after a change in adjacency if lsp-gen-interval has expired. I have tested this on Debian 6.0 with zebra and level1 isisd with point to point links. This problem is also listed in Test ISIS-18.3 on the opensourcerouting.org wiki: http://confluence.isc.org/display/osr/ANVL+ISIS+Compliance+Test+Plan http://confluence.isc.org/display/osr/ANVL+ISIS+Results commit 056f3760cd311faf088d6f5fe06498960788c8c7 Author: Lou Berger Date: Wed Apr 10 12:30:04 2013 -0700 bgpd, lib: memory cleanups for valgrind, plus debug changes Description: We use valgrind memcheck quite a bit to spot leaks in our work with bgpd. In order to eliminate false positives, we added code in the exit path to release the remaining allocated memory. Bgpd startup log message now includes pid. Some little tweaks by Paul Jakma : * bgp_mplsvpn.c: (str2prefix_rd) do the cleanup in common code at the end and goto it. commit 5c1791f28e2e831e4e9b92c3c2f7d8ed832cb968 Author: Joakim Tjernlund Date: Fri Apr 25 14:36:16 2014 +0200 ospfd: PointToPoint neighbors are identified by router ID According to RFC 2328, section 10.5 PointToPoint neighbors should be identified by router ID instead of source IP address. Signed-off-by: Joakim Tjernlund commit 13862bfc779f6f63080c8d860f7b919b27f39b9c Author: Paul Jakma Date: Tue Oct 20 13:47:09 2015 +0100 Revert "Fix to take care of ordering between interface and router ospf command." This reverts commit 4bab6806914dbb4b43f376ebf966a034a0ea72cd, as Joakim's version of 'ip ospf area' and the 2 follow-up patches should avoid the issue Vipin reported. Acked-by: Donald Sharp commit 8a667cf7c58a065bcd6371f4ad6f25bfb084181c Author: Paul Jakma Date: Thu Aug 27 16:51:42 2009 +0100 ospfd: Extend 'ip ospf area' to take address argument + rationalise ospf enable * ospfd.c: (general) Clean up the whole running of OSPF on interfaces. (add_ospf_interface) taking (struct interface *) arg is pointless here. (ospf_is_ready) new helper. (ospf_network_run_subnet) Put all the code for choosing whether to enable OSPF on a subnet, and if so which area configuration to use, here. If a subnet should not be enabled, ensure an existing oi is freed. (ospf_network_run_interface) Just call run_subnet for all subnets on an interface. (ospf_network_run) Just call run_interface for all interfaces. (ospf_if_update) Just call run_interface for the given interface. (ospf_network_unset) Just call run_subnet for existing ois. (ospf_update_interface_area) helper: update area on an oi, or create it. (ospf_interface_set) renamed to ospf_interface_area_set for clarity. Ensures OSPF is created, then into if_update. (ospf_interface_unset) renamed to ospf_interface_area_unset and collapses down to simple loop to call run_subnet for all ois. * ospf_interface.h: add a more general OSPF_IF_PARAM_IS_SET, which does the right thing and takes default config into account. * ospf_vty.c: (OSPF_VTY_GET_IF_PARAMS) new macro with common code for handling interface parameter commands - only used for 'ip ospf area' in this commit. (OSPF_VTY_PARAM_UNSET) similar ({no,}ip_ospf_area) Use said macros. * doc/ospfd.texi: add 'ip ospf area' command. Acked-by: Donald Sharp commit 738bce789a393efe2d3f35fd541cf149dd7f9311 Author: Joakim Tjernlund Date: Fri Aug 7 13:48:15 2009 +0200 ospfd: Impl. per interface 'ip ospf area' command Use with interface command: interface ppp0 ip ospf area 0.0.0.0 This will enable OSPF on ppp0 with area 0.0.0.0 Remove with "no ip ospf area" * ospf_vty.c: add "ip ospf area (A.B.C.D|<0-4294967295>)" interface command * ospfd.c: (ospf_interface_{un,}set) new helper function to enable/disable OSPF on a specific interface. (ospf_if_update) 2 possible paths now to deal with interface updates. Acked-by: Donald Sharp commit 7bd7f55d2cbb4ddd2353fe8f2ded4853b3d2676b Author: Joakim Tjernlund Date: Fri Aug 7 13:48:15 2009 +0200 ospfd: split up network interface enable a bit, for per-interface area cmd * ospfd.c: (ospf_network_run_interface) Move out core to .. (add_ospf_interface) .. here (ospf_network_{un,}set) move redistribute update out to.. (update_redistributed) .. here, so it can be re-used in upcoming commit. Acked-by: Donald Sharp commit 774914f4223532256051bd6dd61cac20e8f9649f Author: Donald Sharp Date: Wed Oct 14 08:50:39 2015 -0400 bgpd: fix using of two pointers for struct thread_master * bgp is using both bm->master and master pointers interchangebly for thread manipulation. Since they are the same thing consolidate to one pointer. Signed-off-by: Donald Sharp commit eeef0db2e9260fe76acb328a339025c432eb7c22 Author: Donald Sharp Date: Wed Oct 14 08:50:38 2015 -0400 lib: Fix duplicate variable name in smux.c and vty.c Both smux.c and vty.c have the same: static struct thread_master *master; as global variables for the file. This can and will lead to confusion name the variables something appropriate for the file it is in. Signed-off-by: Donald Sharp commit ee162617ead116ebcda93b145a043231647b3380 Author: Amritha Nambiar Date: Tue Oct 13 22:08:46 2015 -0700 isisd: Drop packet received on multiple interfaces due to the time gap in binding socket to an interface Due to the time window between opening socket and binding it to an interface, the same hello packet is delivered on multiple interfaces, unique socket per circuit is not yet established. When such hellos get processed, they form incorrect adjacencies. So, drop the packet that is received on multiple interfaces because the socket for the circuit is yet to bind to an interface. V2: Fix warning on sign comparison Signed-off-by: Amritha Nambiar commit a6a11765d4206a00b0875988ce352be7cdfa3617 Author: Donald Sharp Date: Fri Oct 2 12:27:27 2015 -0400 pimd: Cleanup interface startup This patch cleans up some interface startup, removes duplicate debug messages and protects against some always being displayed. Signed-off-by: Donald Sharp commit 4edf1c6aea8fd93e8fdeb2a651bf34bb24329611 Author: Donald Sharp Date: Thu Oct 1 12:40:52 2015 -0400 pimd: Notice when we receive a packet type we can't handle yet There are PIM packet types that have not been implemented yet. Notice when we get one of those and safely do nothing. Signed-off-by: Donald Sharp commit dea43dee04e22d69ed57f4c85498e248a6074435 Author: Donald Sharp Date: Thu Oct 1 12:40:51 2015 -0400 pimd: Add knowledge of different packet types There are several additional packet types that pimd is unaware of Add code to allow pim to understand them in the future. Signed-off-by: Donald Sharp commit f3734dd5fc00886b1d3f497d22295cea591d7685 Author: Donald Sharp Date: Wed Sep 30 10:22:46 2015 -0400 pimd: Cleanup zebra debugs to be protected by debug commands pimd is very chatty without any pim debugs turned on. This commit fixes a bunch of the debugs to be protected by appropriate pim debug statement. Signed-off-by: Donald Sharp commit 0cee0384f6c223f6cf507e980f03f2f3dd65478f Author: Donald Sharp Date: Wed Sep 30 09:10:12 2015 -0400 pimd: Do not display some default values as part of a show run There is no need to display igmp default values for the query-interval and the query-max-response-time-dsec Before change: ! interface swp4 description swp4 -> host-212's swp1 ip igmp ip igmp query-interval 125 ip igmp query-max-response-time-dsec 100 ip pim ssm link-detect ! After change: ! interface br1 ip igmp ip pim ssm link-detect ! Signed-off-by: Donald Sharp commit 6169559976b33a5bf120c806135c76b1b6d943ee Author: Donald Sharp Date: Mon Oct 12 14:33:31 2015 -0400 tests: Fix warnings from test-stream.c test-stream is generating some compiler warnings Signed-off-by: Donald Sharp commit 26a18eb223d26011ac4f1d608f6775ed7ebf8efb Author: Donald Sharp Date: Tue Sep 29 09:25:10 2015 -0400 quagga: Additional centos 6 -enable-werror fixes This commit fixes these warnings: 1) bgpd/bgp_nexthop.c - dereferencing pointer 'X' does break strict-aliasing rules 2) pimd/pim_igmp_join.c - dereferencing pointer 'X' does break strict-aliasing rules 3) ripd/ripd.c - 'ifaddr.prefixlen' may be used uninitialized in this function Signed-off-by: Donald Sharp commit d8aa4beab72cdd2c2d78f9e624fd4b704eec488f Author: Donald Sharp Date: Mon Sep 28 20:10:40 2015 -0400 vtysh: Fix Quagga.conf file read in. There exists a sequence of cli commands that are successfully read in by bgpd.conf, but not by a consolidated Quagga.conf. This issue stems from the fact that the consolidated config file attempts to match the current node + 1 node up the tree, while the individual config file searches for matches all the way up the tree. Quagga.conf read-in relies on vtysh_cmd.c command parsing which puts all nodes at CONFIG_NODE and if a match is found CMD_SUCCESS_DAEMON is returned. This signals to the parser to call the appropriate daemon with the comamnd. bgp as an example has three levels of config node's. If you are reading in a config node at the 3rd level(say address-family ipv6) then transition to another node under bgp it will not work in Quagga.conf because the code only looked up one node and was at CONFIG_BGP when it failed to find a match. Signed-off-by: Donald Sharp Reviewed-by: Daniel Walton commit 7125293d65d73a451ec203c8c1630c236171f5a3 Author: Donald Sharp Date: Thu Sep 24 09:25:19 2015 -0400 lib: zclient.c remove extern struct thread_master * zclient.c depended upon link time inclusion of a extern struct thread_master *master. This is a violation of the namespace of the calling daemon. If a library needs the pointer pass it in and save it for future use. This code change also makes the zclient code consistent with the other lib functions that need to schedule work on your behalf Signed-off-by: Donald Sharp commit fd1c1a133af47ae5533a5ed41b73ff62e7aa1058 Author: Donald Sharp Date: Tue Sep 22 14:32:53 2015 -0400 git: add (generated) cscope files to .gitignore commit 9fb73e8790ab0e433686643bf245ee1f0e238b99 Author: Donald Sharp Date: Tue Sep 22 11:13:12 2015 -0400 vtysh: Allow display of individual daemons configs When executing a 'show run' or 'write terminal' you see the entire integrated config. You have no way of knowing what an individual daemon is going to write until after you do a write of config to disk if you are not using an integrated configuration. This change allows the end-user to do such a thing. Signed-off-by: Donald Sharp commit fc1c114aab24fe47bc6a1976c1c602d507fa4e69 Author: Martin Winter Date: Wed Sep 23 21:13:58 2015 -0700 pimd: Fix warning Fix long unsigned / unsigned mixup Signed-off-by: Martin Winter commit 7904509bdf9ec7fad3ac1aee763ae39e7c308c52 Author: David Lamparter Date: Tue Sep 15 22:09:30 2015 -0700 zebra/if_ioctl_solaris: Make foo static make interface_ioctl_ioctl() and if_get_index() static Signed-off-by: David Lamparter commit 8fa1d027f23115dcb1c38b09c6e46edf5b8f7238 Author: David Lamparter Date: Tue Sep 15 21:55:38 2015 -0700 zebra/rt_socket: Fix warnings Fix warning about unused sin_masklen / sin6_masklen Signed-off-by: David Lamparter commit ebd2687a531a0f9b9449f6fcf7001f53afa99d02 Author: David Lamparter Date: Tue Sep 15 21:40:31 2015 -0700 zebra/rtread_getmsg: fix sign warnings Signed-off-by: David Lamparter commit f90ce64d68cf0ad56ff0370338ec58c883a3448d Author: David Lamparter Date: Tue Sep 15 20:58:29 2015 -0700 isisd/isis_dlpi: Fix warning 'fd' may be used uninitialized. Init to -1 Signed-off-by: David Lamparter commit da1b7eaa0ac5d590818e1cde92a9807a2f0e07f2 Author: David Lamparter Date: Tue Sep 15 20:36:20 2015 -0700 solaris: more warnings fixed Signed-off-by: David Lamparter commit a2b503131b188292ede08df99309bcbef4bd1a52 Author: David Lamparter Date: Tue Sep 15 19:35:41 2015 -0700 solaris: no ROUNDUP Signed-off-by: David Lamparter commit fe56125bbcbc0c503ae6bd0b934a4940c4693b4f Author: Martin Winter Date: Tue Sep 15 19:12:31 2015 -0700 zebra/ioctl_solaris: Fix use of prefix2str in if_prefix_add/delete_ipv6 First argument of prefix2str pointed to ifc->address->prefix, but no prefix exists in address. Should have been ifc->address. Signed-off-by: Martin Winter commit ba6cd587b4114528c8d6af439c4f49c7bb95a92b Author: David Lamparter Date: Tue Sep 15 03:00:59 2015 -0700 isisd/solaris: fix size_t confusions Signed-off-by: David Lamparter commit 5181a0296687a6004dd00c7c0874886c9ff0bf60 Author: David Lamparter Date: Tue Sep 15 03:00:09 2015 -0700 *: fix in_addr initialisers Signed-off-by: David Lamparter commit 6d9362274e8ba2d57ffe17aa735eb941ac3d5fbc Author: David Lamparter Date: Tue Sep 15 02:59:04 2015 -0700 zebra/solaris: fix uninitialised vars Signed-off-by: David Lamparter commit 285ed0c62af4f57902d5deacc621f290fdeec276 Author: David Lamparter Date: Tue Sep 15 02:46:53 2015 -0700 build/solaris: create ioctl_solaris.h Signed-off-by: David Lamparter commit 12bbd62112724483f72c4040a4c4b585aff8eb54 Author: David Lamparter Date: Tue Sep 15 02:26:44 2015 -0700 lib: add getgrouplist() for Solaris Of course Solaris doesn't have getgrouplist()... Signed-off-by: David Lamparter commit d8d5c60ecfab4dd609a07b4baa00d735f59002b9 Author: David Lamparter Date: Tue Sep 15 02:19:46 2015 -0700 build: make libraries self-reliant libospf and libospfclient both need libzebra, so they should link against it. The days of libtool propagating upwards such dependencies are nearing their end... Signed-off-by: David Lamparter commit cbc3f5232af5cacd6f88f2124c864bb91e851cde Author: David Lamparter Date: Tue Sep 15 02:18:23 2015 -0700 pimd: use IPPROTO_IP (not SOL_IP) for IP_PKTINFO Solaris uses the same socket API for IP_PKTINFO as Linux, but doesn't have a SOL_IP define. Signed-off-by: David Lamparter commit a4065069e6bdd0bc7475312530b0e9457f818e0d Author: David Lamparter Date: Tue Sep 15 02:12:23 2015 -0700 ospf6d: fix uninitialized warning in SNMP Signed-off-by: David Lamparter commit ce93c34d51ea30d1ba4f699af5601502bbbbcdf8 Author: David Lamparter Date: Tue Sep 15 02:11:45 2015 -0700 ospfd: fix unused warning in ospf_write Signed-off-by: David Lamparter commit 089e5eb7310683be6806726dbf7b7c94b1b66bfb Author: David Lamparter Date: Tue Sep 15 02:03:36 2015 -0700 build/solaris: drop duplicate __EXTENSION__ define __EXTENSION__ is already defined in config.h by autoconf; drop the duplicate from zebra.h. Signed-off-by: David Lamparter commit 821df2cf18e5978cc7ab532a8695444380d08270 Author: David Lamparter Date: Tue Sep 15 01:53:09 2015 -0700 *: make sure zebra.h is always included first zebra.h pulls in config.h, which results in fiddling with things like __FILE_OFFSET_BITS. It must always be included first, in order to set flags that influence the compiler via . Signed-off-by: David Lamparter commit 67c3d75f5324b610352998c670f5f0cc4ba0ff2a Author: Paul Jakma Date: Sun Jun 21 23:00:13 2015 +0100 HACKING: Change format to MarkDown * HACKING: Converted initially from LaTeX to markdown with: 'pandoc -f latex -t markdown HACKING.tex' Then tweaked by hand to add a header with some suitable variables for the pandoc LaTeX template to make better use of the page space, and to add newpages so the title page is standalone as in the previous version. Also went through and reflowed paragraphs best as I could to make them match the previous document, to make it a little easier to verify nothing had been changed other than the markup, via diff. PDF can be generated with: 'pandoc -o HACKING.pdf HACKING.md' commit 3e71e369452c38c9c16a19d0edd40323e6b31023 Author: Paul Jakma Date: Sun Jun 21 22:38:44 2015 +0100 HACKING: rename to HACKING.md in prep for conversion to MarkDown commit ca8ec20b017393dbe91ff9e5ae2b7ff12872f869 Author: Michael Rossberg Date: Tue Sep 29 14:32:14 2015 +0200 ospf6d: Fix for fast OSPF convergence Fixed use of OSPF_MIN_LS_ARRIVAL, which changed its unit from seconds to milliseconds commit d3ac733b41b69826ac4b5a86b881f33f3d383941 Author: Daniel Walton Date: Mon Aug 24 10:19:10 2015 -0400 bgpd: 'set comm-list delete' stops as soon as it hits a community-list entry with a deny 'set comm-list delete' stops as soon as it hits a community-list entry with a deny Reviewed By: sharpd@cumulusnetworks.com Testing Done: 'set comm-list FOO delete' stops evaluating the community-list as soon as we hit the first "delete" statement. This makes it impossible to use community-lists where you deny some subset of communities to delete and then permit all of the others. This patch changes the behavior so that we no longer exit the community-list at the first delete statement. Here is our baseline, we are receiving multiple communities from 10.1.1.2 for the 10.1.3.0/24 prefix. qct-ly6-04# show ip bgp 10.1.3.0/24 BGP routing table entry for 10.1.3.0/24 Paths: (1 available, best #1, table Default-IP-Routing-Table) Not advertised to any peer Local 10.1.1.2 (metric 20) from 10.1.1.2 (10.1.1.2) Origin IGP, metric 0, localpref 100, valid, internal, best Community: 1:1 1:2 1:3 20:1 20:2 20:3 99:1 Last update: Wed Mar 4 13:50:36 2015 qct-ly6-04# We apply the following FOO route-map inbound to this peer and soft clear the peer ! ip community-list expanded BAD_COMMS permit 99:.* ip community-list expanded BAD_COMMS deny 1:.* ip community-list expanded BAD_COMMS permit 20.* ! route-map FOO permit 10 set comm-list BAD_COMMS delete ! router bgp 10 neighbor 10.1.1.2 route-map FOO in ! qct-ly6-04# clear ip bgp * soft in qct-ly6-04# show ip bgp 10.1.3.0/24 BGP routing table entry for 10.1.3.0/24 Paths: (1 available, best #1, table Default-IP-Routing-Table) Not advertised to any peer Local 10.1.1.2 (metric 20) from 10.1.1.2 (10.1.1.2) Origin IGP, metric 0, localpref 100, valid, internal, best Community: 1:1 1:2 1:3 Last update: Wed Mar 4 13:51:12 2015 qct-ly6-04# qct-ly6-04# We deleted all communities flagged as "permit" by the BAD_COMMS community-list while leaving the ones matched by "deny 1:.*" alone. #endif /* _QUAGGA_BGP_COMMUNITY_H */ 'set comm-list delete' stops as soon as it hits a community-list entry with a deny Ticket: CM-3513 Reviewed By: sharpd@cumulusnetworks.com Testing Done: 'set comm-list FOO delete' stops evaluating the community-list as soon as we hit the first "delete" statement. This makes it impossible to use community-lists where you deny some subset of communities to delete and then permit all of the others. This patch changes the behavior so that we no longer exit the community-list at the first delete statement. Here is our baseline, we are receiving multiple communities from 10.1.1.2 for the 10.1.3.0/24 prefix. qct-ly6-04# show ip bgp 10.1.3.0/24 BGP routing table entry for 10.1.3.0/24 Paths: (1 available, best #1, table Default-IP-Routing-Table) Not advertised to any peer Local 10.1.1.2 (metric 20) from 10.1.1.2 (10.1.1.2) Origin IGP, metric 0, localpref 100, valid, internal, best Community: 1:1 1:2 1:3 20:1 20:2 20:3 99:1 Last update: Wed Mar 4 13:50:36 2015 qct-ly6-04# We apply the following FOO route-map inbound to this peer and soft clear the peer ! ip community-list expanded BAD_COMMS permit 99:.* ip community-list expanded BAD_COMMS deny 1:.* ip community-list expanded BAD_COMMS permit 20.* ! route-map FOO permit 10 set comm-list BAD_COMMS delete ! router bgp 10 neighbor 10.1.1.2 route-map FOO in ! qct-ly6-04# clear ip bgp * soft in qct-ly6-04# show ip bgp 10.1.3.0/24 BGP routing table entry for 10.1.3.0/24 Paths: (1 available, best #1, table Default-IP-Routing-Table) Not advertised to any peer Local 10.1.1.2 (metric 20) from 10.1.1.2 (10.1.1.2) Origin IGP, metric 0, localpref 100, valid, internal, best Community: 1:1 1:2 1:3 Last update: Wed Mar 4 13:51:12 2015 qct-ly6-04# qct-ly6-04# We deleted all communities flagged as "permit" by the BAD_COMMS community-list while leaving the ones matched by "deny 1:.*" alone. commit 1994dc81458d646120659b543ad7ffc023cd8579 Author: Daniel Walton Date: Thu Sep 17 10:15:59 2015 -0400 bgpd: If route-map does not exist DENY for redistribute statements Upon usage of a route-map statement in bgp, if the route-map does not exist it turns into a implicit ALLOW, this causes issues in a wide variety of scenarios. Without this fix: ! router bgp 100 bgp router-id 10.0.2.15 redistribute static route-map FOOEY ! ip route 33.33.33.33/32 eth1 ip route 44.44.44.44/32 eth1 ! Now look at show ip bgp: show ip bgp: Network Next Hop Metric LocPrf Weight Path *> 33.33.33.33/32 0.0.0.0 0 32768 ? *> 44.44.44.44/32 0.0.0.0 0 32768 ? With this fix: show ip bgp: Network Next Hop Metric LocPrf Weight Path Signed-off-by: Daniel Walton Reviewed-by: Donald Sharp Date: Thu Sep 17 19:04:30 2015 -0400 Fixed if_add_update possible null dereference Coverity Scan #1221454 In zebra/interface.c if_data could be null dereferenced without early check. Signed-off-by: Morgan Stewart Reviewed-by: Donald Sharp commit 75daab1784f515104ceef747d134981ecee7b0af Author: Paul Jakma Date: Thu Sep 24 10:26:55 2015 +0100 pimd: Fix compile warning (error with Werror) on BSD * ioctl commands can vary in type between systems, cast to an unsigned long before passing to format command. commit e472b8a5141b91a4bb50f8ff55540cd601321572 Author: Donald Sharp Date: Tue Sep 8 15:19:55 2015 -0400 pimd: Remove stdout zlog changes Quagga start has unnecessary pim messages to stdout. Causing some confusion. Logging is already saving this information in pimd.log Signed-off-by: Donald Sharp commit 44d03fd59eb7c9f83afcfbafbe014c95e0a8f539 Author: Donald Sharp Date: Tue Sep 8 15:02:07 2015 -0400 pimd: Fix leaked fd When caling pim_sock_open if the failure cause happens, however unlikely, don't leak the fd on failure. Signed-off-by: Donald Sharp commit 26b663da7ea8a3efae816d6e7fda293bdc1082f5 Author: Morgan Stewart Date: Wed Sep 16 13:17:54 2015 -0400 zebra: Fix leaked sockets in rtadv.c Coverity Scan #709790 In zebra/rtadv.c: rtadv_make_socket leaks socket for error cases. Added lines to close the socket for each error case or return. Signed-off-by: Morgan Stewart commit 782c882077b5a63213b3d160535d5e8259f6df61 Author: Donald Sharp Date: Mon Sep 14 13:29:37 2015 -0400 zebra: rib->nexthop_num is double incremented While reading linux kernel netlink messages, rib->nexthop_num is incremented in the read loop as well as the underlying nexthop_add() function call. This number should only be incremented in one spot. Removing the increment from the read loop and allowing the underlying code to track this data as it is already. Signed-off-by: Donald Sharp commit 8ccd74c29f5242f312c1e0561497558482c9be65 Author: Hiroshi Yokoi Date: Tue Sep 8 11:52:20 2015 +0900 zebra: fix addr sent in ZEBRA_IPV6_NEXTHOP_LOOKUP I found that zebra doesn't set correct IPv6 address in its result because of using *addr's address. Although I'm using 0.99.22, the latest version has also use "&addr". Shouldn't it use "addr"? Signed-off-by: Hiroshi Yokoi Acked-by: Donald Sharp commit 8965be4baaa1a4c619cbb4a8a10d15a72d80b60d Author: Donald Sharp Date: Fri Sep 4 14:21:23 2015 -0400 vtysh: allow --with-libpam to build with --enable-werror The function vtysh_pam fails the build with --enable-werror enabled because it is a static function not declared as such Signed-off-by: Donald Sharp commit 567a638fc7aee31c9421159140b8e18b83a099b3 Author: Donald Sharp Date: Wed Aug 19 21:22:17 2015 -0400 vtysh: Add missing show thread/work-queues commands 'show thread cpu ..' and 'show work-queues' are missing from vtysh, but are available from telnet. This commit adds these commands to the vtysh interface. Signed-off-by: Donald Sharp commit 04a3aabf58d95d01c4c8168eeff43cf9d9892eee Author: Nicolas Dichtel Date: Thu Sep 3 10:47:43 2015 +0200 vrf: add a runtime check before playing with netns This patch adds a runtime check to determine if netns are available. Some systems like OpenWRT have the system call setns() but don't have the kernel option CONFIG_NET_NS enabled. Reported-by: Christian Franke Signed-off-by: Nicolas Dichtel Tested-by: Christian Franke commit 0bc874b88cf86fca4b18f3672a441ed142fc499d Author: Donald Sharp Date: Wed Jul 29 19:16:13 2015 -0400 build/arm: Arm compilation warning fix The arm cross compiler is issuing warnings for signed/unsigned comparisons for ntohs. ntohs returns a unsigned int, while the counting variables are signed. Fixed to allow -Werror to work properly Signed-off-by: Donald Sharp commit fbc3e97d747862fd47f711c9f15b8166bdf94b18 Author: Donald Sharp Date: Wed Aug 12 14:32:47 2015 -0400 lib: Remove unused 'show memory XXX' functionality The 'show memory XXXX' functionality is not used at all. This removes the unused code Signed-off-by: Donald Sharp commit 4fdb5f401eb277fa54d80e99d241bd9b03895a6a Author: Denil Vira Date: Thu Jul 23 06:52:16 2015 -0700 lib: Fix Free Pointer dereference in lib/filter.c Coverity Scan ID 23056. access is accessed after free in access_list_delete Signed-off-by: Denil Vira commit a9d4cb33faa6af622240190a80f41c4672374925 Author: Donald Sharp Date: Thu Sep 17 10:54:25 2015 -0400 lib/zclient: Consolidate error reporting for zclient_read_header All functions that call zclient_read_header immediately turn around and check to ensure that the version and marker fields are correct Move this code into zclient_read_header Signed-off-by: Donald Sharp commit f733280419f18b1a0e3b06ec3681781689d57053 Author: Donald Sharp Date: Fri Jul 17 22:36:57 2015 -0400 lib/command: Fix optional arguments with description interactions If you have a cli like this: "neighbor WORD interface {v6only}" When in the cli you hit ? after entering v6only you get this: tor-11(config-router)# neighbor swp1 interface v6only % There is no matched command. tor-11(config-router)# neighbor swp1 interface v6only With this fix we now see: tor-22(config-router)# neighbor swp1 interface v6only tor-22(config-router)# neighbor swp1 interface v6only This behavior is now consistent with non-optional last arguments. Signed-off-by: Donald Sharp commit e675678789b11d175a08a9e0be73917aa8f23a15 Author: Donald Sharp Date: Thu Jul 16 21:18:34 2015 -0400 build: Enable vtysh and pimd as part of default build The default build needs vtysh and pimd as a default build so that when a change is made we can catch build issues before they become a problem. Signed-off-by: Donald Sharp commit b3eeabee657df14509ce50d5f64262b672e87d62 Author: Donald Sharp Date: Wed Sep 16 13:17:56 2015 -0400 bgpd: Fix 'struct peer' memory leaks peer_delete has been written to handle the peer->group pointer and to remove the peer from the peer group if it exists upon deletion being called. Shutdown/deletion Code was intentionally setting the peer-group to NULL prior to calling peer_delete. This leaked the memory associated with the peer->group because of refcnt accounting. Signed-off-by: Donald Sharp commit 104576dcafe356985326b2950bfc50962702b4fb Author: Donald Sharp Date: Wed Sep 16 13:17:55 2015 -0400 bgpd: Add some peer_lock/unlock debug code Finding memory leaks associated with the peer data structure is incredibly hard, add some code to allow you to find this leaked code when needed. Signed-off-by: Donald Sharp commit 58a83f2f5dc24da3194bfa8255499029315e8649 Author: Donald Sharp Date: Fri Sep 11 10:11:42 2015 -0400 bgpd: Warn user that bgp is setting maximum-paths larger than MULTIPATH_NUM In cases where a distribution has compiled zebra with a MULTIPATH_NUM that is less than what the user is setting the maximum-paths in bgp, warn them that some of the nexthops will not make it into zebra and by extension the kernel for routing. The command is still accepted. dell-s6000-02(config)# router bgp 100 dell-s6000-02(config-router)# maximum-paths 3 % Warning: maximum-paths set to 3 is greater than 2 that zebra is compiled to support dell-s6000-02(config-router)# maximum-paths ibgp 44 % Warning: maximum-paths set to 44 is greater than 2 that zebra is compiled to support dell-s6000-02(config-router)# Signed-off-by: Donald Sharp commit 79969960aae4adbae1eac6caebc289fe09ddc1d6 Author: Donald Sharp Date: Wed Aug 19 21:27:24 2015 -0400 bgpd: Fix small memory leak in str2prefix_rd str2prefix_rd has a memory leak. This commit fixes that issue Signed-off-by: Donald Sharp commit a752c3be8c2436941311788f2e7b644a2af0fd65 Author: Donald Sharp Date: Tue Aug 18 08:48:53 2015 -0400 bgpd: Remove unnecessary stream_dup calls BGP packet handling creates a stream to handle data for an outgoing packet. In some cases the code would create a new stream, add data, then duplicate the stream and then free the original stream. This change removes the unnecessary duplication, which entails a malloc and memcpy. Signed-off-by: Donald Sharp commit e2a9258c16bce1b3797efb9be354d20d68236194 Author: Denil Vira Date: Tue Aug 11 13:34:59 2015 -0700 bgpd: Fix memory leak in bgpd/bgp_route.c In function bgp_aggregate_add, variables 'aspath' and 'community' are malloced but not guaranteed to be freed before the function returns. Signed-off-by: Denil Vira commit 57cd5e7a2623258e1a095d63e0faaad2cddf61e8 Author: Denil Vira Date: Mon Aug 10 12:46:14 2015 -0700 bgpd: Variable reuse in bgpd/bgpd.c In bgp_delete(), variables 'node' and 'next' are overwritten in the nested for loop. Signed-off-by: Denil Vira Acked-by: Donald Sharp commit 7053d8176ce502aabe39bf167f01354654bde5df Author: Denil Vira Date: Thu Jul 23 06:52:18 2015 -0700 bgpd: Fix useless call in bgpd/bgp_mplsvpn.c Coverity scan ID : 1302528. Calling "decode_label(pnt)" is only useful for its return value, which is ignored. Removed the call. Signed-off-by: Denil Vira commit 3921cc54445417aa1ca22668063701a626e93098 Author: Balaji Date: Sat May 16 23:12:17 2015 +0530 bgpd: Addition of "show ip bgp dampening" command tree This patch addresses David's comments and contains: 1.Addition of show ip bgp dampening command tree 2.Addition of show ip bgp dampening parameters to display BGP dampening parameters. Signed-off-by: Balaji.G commit 2820a01eed1c616d490ddbfd17793c19597459d1 Author: Timo Teräs Date: Wed Jun 24 15:27:21 2015 +0300 bgpd: Make bgp_info_cmp robust to paths that do not have su_remote info My original su_remote == NULL check is not correct. It seems that * bgp_route.c: (bgp_info_cmp) Some bgp_info is compared with su_remote=NULL and it's supposed to be perfectly legal. E.g. configured subnet announces ("network a.b.c.d/n"). Ensure bgp_info_cmp is robust if such a path gets as far as the neighbour address comparison step. commit 782fb0770080d0e2970fc63af8645e82543aa4d0 Author: Paul Jakma Date: Tue Sep 15 16:17:22 2015 +0100 bgpd: Compile fix for clearing-completion FSM fix, using workqueue helper. commit 13c2a3db503fde67f647fa58fd4e1077517ebb5c Author: Paul Jakma Date: Tue Sep 15 16:16:42 2015 +0100 lib/workqueue: Add trivial work_queue_is_scheduled helper commit e8441a81f6c9f73bc8a25669003abffb40066703 Author: Paul Jakma Date: Tue Sep 15 16:15:27 2015 +0100 build/lib: Check for and include stdbool.h by default * stdbool.h should be widely supported by now, and the 'bool' type makes more semantic sense than an integer type for boolean values. commit 7ef4221c3f85121edb68a6a54ebd6bb167408e47 Author: Donald Sharp Date: Mon Mar 30 06:32:52 2015 -0700 bgpd: Fix race in clearing completion When a peer that is Established goes down, it is moved into the Clearing state to facilitate clearing of the routes received from the peer - remove from the RIB, reselect best path, update/delete from Zebra and to other peers etc. At the end of this, a Clearing_Completed event is generated to the FSM which will allow the peer to move out of Clearing to Idle. The issue in the code is that there is a possibility of multiple Clearing Completed events being generated for a peer, one per AFI/SAFI. Upon the first such event, the peer would move to Idle. If other events happened (e.g., new connection got established) before the last Clearing_Completed event is received, bad things can happen. Fix to ensure only one Clearing_Completed event is generated. Signed-off-by: Vivek Venkataraman commit 234e5c8d5a35339fb319affb952581bf5abb48a7 Author: Dinesh G Dutt Date: Sun Feb 1 00:56:12 2015 -0800 bgpd: Only use routes from Established peers for best path selection Ensure that routes from a peer are not considered for best path comparison if the peer is not in an Established state. There can be a window between a peer being deleted and the background thread that actually clears the routes (marks them as "removed") runs during which best path may run. If this path selection compared two prefixes all the way down to peer IP addresses and one of these two peers had just been deleted, that peer would not have its sockunion structures, especially su_remote, resulting in a BGPD exception. Signed-off-by: Vivek Venkatraman commit bd4b7f1559ab5cb52bbe9dc2db9e50a032ccdbb7 Author: vivek Date: Tue Sep 30 15:54:45 2014 -0700 bgpd: Ignore stale entry candidates during bestpath selection. During best path selection, if one of the candidates is a stale entry, do not perform the neighbor address comparison as that information is invalid for the stale entry. Attempting to perform the comparison results in a bgpd exception. Signed-off-by: Vivek Venkataraman Reviewed-by: Dinesh G Dutt commit b6404390a713144252b62f49a328315d1952c6d8 Author: Fernando Soto Date: Mon May 11 20:52:00 2015 +0000 ospfd: trap on state change seems to send incorrect value for ospfNbrState The ospfNbrState in the ospf trap sent from ospfd shows an incorrect state. For example, when the connection goes down, the ospfNbrState in the trap is sent as '8' (full). When the connection is reestablished, the state is sent as '7' (loading). The reason seems to be that the trap is sent from nsm_notice_state_change() before the state is actually updated by calling nsm_change_state(). After applying the attached patch, the traps are sent with nbrState '1' when the connection goes down and '8' when it goes back up. Bugzilla #833 https://bugzilla.quagga.net/show_bug.cgi?id=833 commit b075e8728f650b0850e20fdf8dde467440a24b28 Author: Vystoropskyi, Sergii Date: Sun Aug 16 13:25:36 2015 +0000 ospfd: Fix for 'no' + 'debug command' does not disable 'debug command' "no debug ospf packet all detail" does not cancel "debug ospf packet all detail" due to the code inconsistency in setting/unsetting debug flags. * ospf_dump.c: added missing flags. Acked-by: Donald Sharp commit 2ef762ed9b88e5745012c5829f8f526c95443ddf Author: Michael Rossberg Date: Mon Jul 27 07:56:25 2015 +0200 ospfd: Fast OSPF convergence When considering small networks that have extreme requirements on availability and thus convergence delay, the timers given in the OSPF RFC seem a little “conservative”, i.e., the delay between accepted LSAs and the rate at which LSAs are sent. Cisco introduced two commands 'timers throttle lsa all’ and 'timers lsa arrival’, which allow operators to tune these parameters. I have been writing a patch to also support 'timers lsa arrival’ fully and ‘timers throttle lsa all’ (without the throttling part) also in quagga. commit c920e510d09c6c4ab63a3da5375009442a950f82 Author: Paul Jakma Date: Tue Sep 8 15:31:45 2015 +0100 ospfd: Fix bug in 94266fa822ba, nbr_self rebuild didn't add valid nbr_self * 94266fa822ba "ospfd: Self nbrs needs to be rebuilt when router ID changes." deleted the nbr_self, and added it back, but ospf_nbr_add_self doesn't actually create the nbr_self - it assumes it's already there. Leading to use after free and crashes after a router-id change. * ospfd/ospf_neighbor.{c,h}: (ospf_nbr_self_reset) Little helper to reset the nbr_self correctly. * ospf_interface.c: (ospf_if_cleanup) moved code to ospf_nbr_self_reset * ospfd.c: (ospf_router_id_update) Use ospf_nbr_self_reset instead of doing the reset badly, fixing 94266fa822ba. commit 794c4735f81289d9fc603b5fd5e4a5d39dbb5ca5 Author: Nicolas Dichtel Date: Wed Sep 16 09:42:36 2015 +0200 bgpd/pimd: fix zAPI parsing Commit c99f3481a598 has changed the API. Now, the vrfid has been added in the header, thus we must read it before parsing the rest of the message. To ease code maintenance, let's add a new function to read a zAPI header. Fixes: c99f3481a598 ("*: add VRF ID in the API message header") Reported-by: Martin Winter Signed-off-by: Nicolas Dichtel Acked-by: Donald Sharp Tested-by: Martin Winter commit a29c8a23a35b3f94c6aea5b3b7578b5dbf81ad71 Author: Paul Jakma Date: Mon Sep 21 10:26:02 2015 +0100 Revert "ospfd: Use route_node_lookup() instaed of route_node_get()" This reverts commit c9b07581e0df8867499e97e08b382b6d3cc9c4c4. See: http://patchwork.quagga.net/patch/410/ commit 52c0bc739b1184621525e64720b944268d6b0eeb Author: Paul Jakma Date: Thu Aug 20 21:30:17 2015 +0100 build: Remove the old PIC/PIE patch, let libtool sort it out * Remove the old change from '08 to add in PIE arguments at automake level. Versions of libtool since then know how to deal with -fpie and do the right thing according to whether its building shared or executable objects. So just pass '-fpie' as CFLAG and let libtool do its thing. commit c8ee940cc695cbcf9c0156ee6f72730f1fff9814 Author: Amritha Nambiar Date: Mon Aug 24 16:40:14 2015 -0700 isisd: Attached-bit in LSP header Set/reset attached-bit in LSP header: This patch provides support for set/reset attached_bit in the LSP header. In IS-IS networks, routing inter-area traffic from L1 areas is accomplished by sending the traffic to the nearest L1/L2 router. A L1/L2 router identifies itself by setting an attach-bit (ATT-bit) in its (LSP). The ATT-bit in LSP can be changed using the set-attached-bit or no-set-attached-bit commands (similar to ‘set-overload-bit’ and 'no set-overload-bit’) using telnet terminal in router configuration mode. Steps: enable configure terminal router isis set-attached-bit V2: Removed looping through area list as this well set the bit for all areas in the list. This implementation now looks exactly like the current overload bit implementation. Signed-off-by: Amritha Nambiar commit 06cc655c0345d610eb946bd41968caa03dc118ed Author: Amritha Nambiar Date: Thu Jul 2 15:42:58 2015 -0700 isisd: Add new adjacency to LSP neighbor list isis_pdu.c : New adjacency did not always get added to LSP neighbor list. The adjacencies that were created once minimum time allowed before LSP retransmission had surpassed, instantly got their LSP regenerated, but the adjacency circuit type was not set to IIH PDU circuit type before the LSP was regenerated , hence didn't pass the check for adjacency circuit type in lsp_build(), and the adjacency was not added to neighbor list. When a new adjacency is up, to build LSP with neighbor entry corresponding to the adjacency, set adjacency circuit type to circuit type from hello PDU header before new LSP is regenerated/built. This will result in the new adjacency entry getting added to the LSP neighbor list TLV. Signed-off-by: Amritha Nambiar commit 22e0224d4148e0e4fd5952020fd6ae74efd1bf93 Author: Donald Sharp Date: Fri Aug 21 19:35:27 2015 -0400 pimd: Create ability to modify hell and hold timers per interface Create new per interface command: 'ip pim hello <1-180> {<1-180>}' The first number is the Hello Timer for this interface The second number is the Hold Timer to pass to neighbors on this interface. The second number is optional. Signed-off-by: Donald Sharp commit d2c6da209cec42c05941eff52d88f0ed7eabad48 Author: Donald Sharp Date: Thu Jul 2 09:53:59 2015 -0400 pimd: Change ioctl call failure from vty_out to zlog_warn The command 'show ip multicast' when run, iterates over all interfaces on the router, if you do not have pim configured on that interface it would generate an error message: Interface Address ifi Vif PktsIn PktsOut BytesIn BytesOut br1 20.0.15.1 7 7 0 0 0 0 swp1 169.254.0.10 3 3 0 0 0 0 swp2 169.254.0.26 4 4 0 0 0 0 ioctl(SIOCGETVIFCNT=35296) failure for interface swp3 vif_index=-1: errno=22: Invalid argument ioctl(SIOCGETVIFCNT=35296) failure for interface swp4 vif_index=-1: errno=22: Invalid argument This fixes the issue to display this instead: Interface Address ifi Vif PktsIn PktsOut BytesIn BytesOut br1 20.0.15.1 7 7 0 0 0 0 swp1 169.254.0.10 3 3 0 0 0 0 swp2 169.254.0.26 4 4 0 0 0 0 swp3 0.0.0.0 5 -1 0 0 0 0 swp4 0.0.0.0 6 -1 0 0 0 0 Signed-off-by: Donald Sharp commit a031c4dd72514232296e9a570c3d701f5f33ad63 Author: Donald Sharp Date: Thu Jul 2 13:22:49 2015 -0400 pimd: Ensure new generation_id is different from previous The RFC states that an interfaces generation_id must be changed if it experiences an if down. From 4.3.1: The GenID option contains a randomly generated 32-bit value that is regenerated each time PIM forwarding is started or restarted on the interface, including when the router itself restarts. Since we are only grabbing a new generation_id without comparing it to the previous generation_id, it is possible that random can generate the exact same number. Signed-off-by: Donald Sharp commit 73de55a53c78d572f63d45115681567a4c0cef65 Author: Donald Sharp Date: Tue Jun 16 13:19:56 2015 -0700 pimd: Stop DR election on every hello The DR election is occurring on every hello received. This is because the hello receive packet returns a 0 for any successfully received packet. PIMD then looked at the 0 returned and did a DR election. Code was inspected for the cases where DR should happen: (A) Interface ip address change (B) DR priority in hello packet changes (C) Received a new neighbor on an interface (D) Neighbor timer pops. Each of these initiate a DR election in the code currently. Testing was initiated on a pim network: tor-11# show ip pim designated-router NonPri: Number of neighbors missing DR Priority hello option Interface Address DR Uptime Elections Changes NonPri br1 20.0.15.1 20.0.15.1 00:08:16 1 1 0 swp1 169.254.0.10 169.254.0.10 00:08:16 2 1 0 swp2 169.254.0.26 169.254.0.26 00:08:16 2 1 0 tor-11# As you can see Elections == 2. This is because pimd performs an election on (A) and (C) above. I see no need to modify (A) to check if we have any knowledge of the interface before this call. Signed-off-by: Donald Sharp commit 76240f11e640824438605012a8e44c968bc9e5b0 Author: Donald Sharp Date: Thu Jun 18 17:01:34 2015 -0700 pimd: Fix first DR Election The function pim_neighbor_new caused the dr election before the addition of the neighbor to the pim_ifp->pim_neighbor_list, in pim_neighbor_add, which is needed to properly elect the correct DR. Move the dr_election and hello trigger till after the addition to the list. Signed-off-by: Donald Sharp commit 6ae80e0d80531f602c3cb0e535c4e12bd2181b40 Author: Donald Sharp Date: Thu Jun 18 18:14:20 2015 -0700 pimd: Add ability to set DR Priority for an interface From RFC 4601, Section 4.3.1: The DR_Priority Option allows a network administrator to give preference to a particular router in the DR election process by giving it a numerically larger DR Priority. The DR_Priority Option SHOULD be included in every Hello message, even if no DR Priority is explicitly configured on that interface. This is necessary because priority-based DR election is only enabled when all neighbors on an interface advertise that they are capable of using the DR_Priority Option. The default priority is 1. This modification allows the setting of the DR Priority on a per interface basis. Signed-off-by: Donald Sharp commit 030674d7f9b2a25d4d337459ef32287de8f9879d Author: Jafar Al-Gharaibeh Date: Thu Jun 11 18:29:02 2015 -0500 pimd: add support for configuring multicast static routes Hi, This patch adds the ability to configure multicast static routes directly into pimd. Two source files are introduced to implement the new feature in addition to changes to existing files. Here is how it can be used the CLI: interface ip mroute # for asm or ip mroute # for ssm Please let me know if you have any questions or concerns, Regards, Jafar Acked-by: Donald Sharp commit 6064613154b6302606547735f0c466910a6443ea Author: Paul Jakma Date: Tue Aug 4 17:37:16 2015 +0100 vtysh: adjust bad_cli_stomps in extract.pl.in to reflect fixes & fix build commit c9b07581e0df8867499e97e08b382b6d3cc9c4c4 Author: Joakim Tjernlund Date: Mon Mar 8 13:58:11 2010 +0100 ospfd: Use route_node_lookup() instaed of route_node_get() Signed-off-by: Joakim Tjernlund commit 8b84c2762ccd2d47a115824ee083d33e697a7741 Author: Donald Sharp Date: Sat May 30 18:57:54 2015 -0400 Removal of 'show ip mroute' The 'show ip mroute' in zebra_vty.c collided with the 'show ip mroute' command in pim_cmd.c. The 'show ip rpf' command is functionally equivalent to the zebra_vty.c 'show ip mroute'. Therefore remove the 'show ip mroute' command in zebra_vty.c. Signed-off-by: Donald Sharp commit 8c56b44de0fa8100b6f0b367dbc604d41b94025f Author: Kaloyan Kovachev Date: Mon Jun 15 17:08:48 2015 +0300 Fix _netlink_route_debug message commit 9487b4fcfc0754109e49240214e283fd58756843 Author: Donald Sharp Date: Sat May 23 18:16:50 2015 -0700 watchquagga.c does not compile without warnings Signed-off-by: Donald Sharp commit cd557c3d766a7233490b8cf7325219ffa1398ef2 Author: Donald Sharp Date: Wed May 27 17:40:46 2015 -0700 pim: 'show debugging' collision The 'show debugging' cli as setup by pim collided with 'show debugging isis'. Fix that and clean up cli help commands to actually display correctly. Signed-off-by: Donald Sharp commit 08d95905acd0cbb810831429b638ac2d1604ca37 Author: Donald Sharp Date: Wed May 27 17:57:31 2015 -0700 Fixup of redhat control files to properly start pimd commit 4de398e3b676bcf041984e285dba12f229215419 Author: Joakim Tjernlund Date: Mon Mar 8 13:58:14 2010 +0100 ospfd: ospf_nbr_nbma_set()/ospf_snmp_vl_add() add unlock Signed-off-by: Joakim Tjernlund Acked-by: Feng Lu commit 4eaecdc403461fe59026e1ce3a217526d75eca25 Author: Joakim Tjernlund Date: Mon Mar 8 13:58:13 2010 +0100 ospfd: ospf_ls_upd_send() add missing unlock. Signed-off-by: Joakim Tjernlund Acked-by: Feng Lu commit fc363cd8a02ad1ac8a6ca57013fd8c531d45926a Author: Joakim Tjernlund Date: Mon Mar 8 13:58:12 2010 +0100 ospfd: ospf_ase.c, external_lsa locking fixes. Signed-off-by: Joakim Tjernlund Acked-by: Feng Lu commit d5643f5a477e099a3dcae4a707ccb5ca66bfee66 Author: Joakim Tjernlund Date: Mon Mar 8 13:58:10 2010 +0100 ospfd: Move route_unlock_node() in ospf_ase_incremental_update() Signed-off-by: Joakim Tjernlund Acked-by: Feng Lu commit fbb6c8650344fe72d39f538c681659e8b76a39d0 Author: Joakim Tjernlund Date: Mon Mar 8 13:58:09 2010 +0100 ospfd: add missing unlock for ospf_interface_address_delete() Signed-off-by: Joakim Tjernlund Acked-by: Feng Lu commit 94266fa822baf9b9c9e10ac03ccec8ccf3ce0c98 Author: Joakim Tjernlund Date: Thu Nov 19 15:27:30 2009 +0100 ospfd: Self nbrs needs to be rebuilt when router ID changes. Some self nbrs are identified by router_id, these needs to be rebuilt instead of just resetting router ID. Possibly one could optimize for !(virtual | ptop) links by doing oi->nbr_self->router_id = router_id instead. Router ID will change once after startup config has been read and zebra reports router ID, unless router ID has been configured in ospf. commit 7f56743f7d4b3dcdae329de2de2aba820368c3d9 Author: Donald Sharp Date: Fri Jun 12 17:47:26 2015 -0700 pimd assert when no route to source from a new igmp join When pim_upstream_new is called the code looks up the nexthop. If there is no route to the source, the code silently ignored the error returned. When the nexthop lookup fails don't create the 'struct pim_stream *' to return. Signed-off-by: Donald Sharp commit b1891fb9705b6085f81269dec0795f2065442047 Author: Donald Sharp Date: Tue Jun 9 20:22:42 2015 -0400 Add code to extract.pl.in to prevent further cli function overwrites Currently extract.pl.in is used to build the vtysh cli. When two different cli's collide with the same command name, the original cli is never called, because it is dropped. This code notes the silent drop and tracks the number of drops. If they change then the code will fail the build. The current number of drops was figured out by running extract.pl and counting up the drops then adding code to compare the numbers returned. If you have added to the problem, the solution is to fix your cli command to not stomp on someone else's command. If you have removed a stomp, safely modify extract.pl.in as part of your commit. Signed-off-by: Donald Sharp Acked-by: Vincent Jardin commit 1934e7895ded8d9d7a76ab3f482c381bf5f6725c Author: Donald Sharp Date: Fri Jun 5 12:15:44 2015 -0700 pim_mroute.h has a different version of code than linux/mroute.h provides linux/mroutes.h and pim_mroute.h both have copies of the same structures. This is causing failures in setsockopt(..., MRT_ADD_MFC,...) because of data structure incompatibilities between the kernel and what pim_mroute.h was providing. Modify the code to check for mroute.h and include it if necessary. I did not modify the non linux/mroute.h path because I do not have other systems to test on easily. Signed-off-by: Donald Sharp commit f31bab4fbf367a4417784ba9873e524d42242036 Author: Donald Sharp Date: Fri Jun 19 19:26:19 2015 -0400 Quagga: Fix code to use srandom/random Quagga was using a mix of srand/rand and srandom/random. Consolidate to use srandom/random which are the POSIX versions of random number generators Signed-off-by: Donald Sharp commit 771626860adfc30c00f70d993ccb8f4d7c0c0c63 Author: Donald Sharp Date: Fri Jun 19 19:26:18 2015 -0400 PIMD: Fix code to use srandom/random pimd rolled it's own solution to random #'s, that was not terribly random. Rely on the underlying system to generate random #'s for us Signed-off-by: Donald Sharp commit 1ed8ce47b922b71f3b3cdd661e647bbe7ed2eca7 Author: Wenjian Ma Date: Fri Jun 19 10:53:26 2015 +0800 lib, stream: fix stream sanity checks Because operator "!" has higher priority than "&&", So we put the "&&" expression in "()" to check both getp and endp. Acked-by: Donald Sharp commit 84c3840c7157438b5cb2e324d184ca08ac07fb41 Author: Paul Jakma Date: Tue May 26 15:19:38 2015 +0100 bgpd: peer_uptime overflows after 1 year * bgpd.c: (peer_uptime) Wraps after 1 year, and doesn't indicate years. Fix. Assume a year is 365 days, for an easy life. Fixes: Bug #836 Reported-by: Rolf Hanßen Acked-by: Donald Sharp commit 55cfa2f190620f7c711944637659bc208970324d Author: Feng Lu Date: Thu Jul 3 18:24:34 2014 +0800 lib, vtysh: support multiple VRFs by using linux netns We realize VRFs with linux netns by default. The main job is to associate a VRF with a netns. Currently this is done by the configuration: [no] vrf N netns This command is also available in vtysh and goes to only zebra, because presently only zebra supports multiple VRF. A file descriptor is added to "struct vrf". This is for the associated netns file. Once the command "vrf N netns NAME" is executed, the specified file is opened and the file descriptor is stored in the VRF N. In this way the association is formed. In vrf_socket(), we first switch to the specified VRF by using the stored file descriptor, and then can allocate a socket which is working in the associated netns. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel commit c99f3481a598e9cadd1de96714f6b5df9ad85c4a Author: Feng Lu Date: Thu Oct 16 09:52:36 2014 +0800 *: add VRF ID in the API message header The API messages are used by zebra to exchange the interfaces, addresses, routes and router-id information with its clients. To distinguish which VRF the information belongs to, a new field "VRF ID" is added in the message header. And hence the message version is increased to 3. * The new field "VRF ID" in the message header: Length (2 bytes) Marker (1 byte) Version (1 byte) VRF ID (2 bytes, newly added) Command (2 bytes) - Client side: - zclient_create_header() adds the VRF ID in the message header. - zclient_read() extracts and validates the VRF ID from the header, and passes the VRF ID to the callback functions registered to the API messages. - All relative functions are appended with a new parameter "vrf_id", including all the callback functions. - "vrf_id" is also added to "struct zapi_ipv4" and "struct zapi_ipv6". Clients need to correctly set the VRF ID when using the API functions zapi_ipv4_route() and zapi_ipv6_route(). - Till now all messages sent from a client have the default VRF ID "0" in the header. - The HELLO message is special, which is used as the heart-beat of a client, and has no relation with VRF. The VRF ID in the HELLO message header will always be 0 and ignored by zebra. - Zebra side: - zserv_create_header() adds the VRF ID in the message header. - zebra_client_read() extracts and validates the VRF ID from the header, and passes the VRF ID to the functions which process the received messages. - All relative functions are appended with a new parameter "vrf_id". * Suppress the messages in a VRF which a client does not care: Some clients may not care about the information in the VRF X, and zebra should not send the messages in the VRF X to those clients. Extra flags are used to indicate which VRF is registered by a client, and a new message ZEBRA_VRF_UNREGISTER is introduced to let a client can unregister a VRF when it does not need any information in that VRF. A client sends any message other than ZEBRA_VRF_UNREGISTER in a VRF will automatically register to that VRF. - lib/vrf: A new utility "VRF bit-map" is provided to manage the flags for VRFs, one bit per VRF ID. - Use vrf_bitmap_init()/vrf_bitmap_free() to initialize/free a bit-map; - Use vrf_bitmap_set()/vrf_bitmap_unset() to set/unset a flag in the given bit-map, corresponding to the given VRF ID; - Use vrf_bitmap_check() to test whether the flag, in the given bit-map and for the given VRF ID, is set. - Client side: - In "struct zclient", the following flags are changed from "u_char" to "vrf_bitmap_t": redist[ZEBRA_ROUTE_MAX] default_information These flags are extended for each VRF, and controlled by the clients themselves (or with the help of zclient_redistribute() and zclient_redistribute_default()). - Zebra side: - In "struct zserv", the following flags are changed from "u_char" to "vrf_bitmap_t": redist[ZEBRA_ROUTE_MAX] redist_default ifinfo ridinfo These flags are extended for each VRF, as the VRF registration flags. They are maintained on receiving a ZEBRA_XXX_ADD or ZEBRA_XXX_DELETE message. When sending an interface/address/route/router-id message in a VRF to a client, if the corresponding VRF registration flag is not set, this message will not be dropped by zebra. - A new function zread_vrf_unregister() is introduced to process the new command ZEBRA_VRF_UNREGISTER. All the VRF registration flags are cleared for the requested VRF. Those clients, who support only the default VRF, will never receive a message in a non-default VRF, thanks to the filter in zebra. * New callback for the event of successful connection to zebra: - zclient_start() is splitted, keeping only the code of connecting to zebra. - Now zclient_init()=>zclient_connect()=>zclient_start() operations are purely dealing with the connection to zbera. - Once zebra is successfully connected, at the end of zclient_start(), a new callback is used to inform the client about connection. - Till now, in the callback of connect-to-zebra event, all clients send messages to zebra to request the router-id/interface/routes information in the default VRF. Of corse in future the client can do anything it wants in this callback. For example, it may send requests for both default VRF and some non-default VRFs. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Donald Sharp commit 758fb8f99a7bfac3d31c419fd1a5694fc5f33f6a Author: Feng Lu Date: Thu Jul 3 18:23:09 2014 +0800 zebra, lib/memtypes.c: the netlink sockets work per VRF This patch lets the netlink sockets work per VRF. * The definition of "struct nlsock" is moved into zebra/rib.h. * The previous global variables "netlink" and "netlink_cmd" now become the members of "struct zebra_vrf", and are initialized in zebra_vrf_alloc(). * All relative functions now work for a specific VRF, by adding a new parameter which specifies the working VRF, except those functions in which the VRF ID can be obtained from the interface. * kernel_init(), interface_list() and route_read() are now also working per VRF, and moved from main() to zebra_vrf_enable(). * A new function kernel_terminate() is added to release the netlink sockets. It is called from zebra_vrf_disable(). * Correct VRF ID, instead of the previous VRF_DEFAULT, are now passed to the functions of processing interfaces or route entries. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Donald Sharp commit d6cf5134c05a7890738411852d9357ee5bb322f3 Author: David Lamparter Date: Tue Jun 2 08:31:38 2015 +0200 zebra: fix VRF code for *BSD There seems to be no rtm_table in struct rt_msghdr, at least on the systems I have access to... Signed-off-by: David Lamparter commit 49f76097fc191761db8482aa3bf6e6322c52c647 Author: Feng Lu Date: Fri May 22 11:40:10 2015 +0200 zebra: maintain RTADV per VRF This moves the global variable "rtadv" into the "struct zebra_vrf", so that RTADV feature can work per VRF. * rtadv.c/rtadv.h: Add a proper parameter to the functions so that the entity of the "struct zebra_vrf" and interfaces can be obtained from the specified VRF. The old rtadv_init() is splitted into: - rtadv_cmd_init(): it installs the RTADV commands; is called from main(); - new rtadv_init(): it creates the socket; is called from zebra_vrf_enable(). rtadv_terminate() is added to stop the threads, close the socket and clear the counters. It is called from zebra_vrf_disable(). rtadv_make_socket() now calls vrf_socket() to create a socket in the VRF. * interface.h and rib.h: define the macro RTADV. * main.c: according changes, refer to rtadv.c. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 267ceb2ce3adf4ce1357deb7ce48f151d6c58b92 Author: Feng Lu Date: Fri May 22 11:40:09 2015 +0200 zebra: add hooks upon enabling / disabling a VRF zebra_vrf_enable() is the callback for VRF_ENABLE_HOOK. It presently needs do nothing. zebra_vrf_disable() is the callback for VRF_DISABLE_HOOK. It presently withdraws routes, shuts down interfaces, and clears the router-id candidates in that VRF. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit fb2bfc1ba2416c1561bc9bfb30dfb5adf3e65616 Author: Feng Lu Date: Fri May 22 11:40:08 2015 +0200 lib/vrf: enable / disable a VRF A new API vrf_is_enabled() is defined to check whether a VRF is ready to use, that is, to allocate resources in that VRF. Currently there's only one type of resource: socket. Two new hooks VRF_ENABLE_HOOK/VRF_DISABLE_HOOK are introduced to tell the user when a VRF gets ready or to be unavailable. The VRF_ENABLE_HOOK callback is called in the new function vrf_enable(), which is used to let the VRF be ready to use. Till now, only the default VRF can be enabled, and we need do nothing to enable the default, except calling the hook. The VRF_DISABLE_HOOK callback is called in the new function vrf_disable(), which is used to let the VRF be unusable. Till now, it is called only when the VRF is to be deleted. A new utility vrf_socket() is defined to provide a socket in a given VRF to the user. Till now before introducing a way of VRF realization, only the default VRF is enabled since its birth, and vrf_socket() creates socket for only the default VRF. This patch defines the framework of the VRF APIs. The way they serve the users is: - vrf_is_enabled() is used to tell the user whether a VRF is usable; - users are informed by the VRF_ENABLE_HOOK that a VRF gets usable; they can allocate resources after that; - users are informed by the VRF_DISABLE_HOOK that a VRF is to be unavailable, and they must release the resources instantly; - vrf_socket() is used to provide a socket in a given VRF. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit ac19a449261bf69e83827f4bb0c6e5526277b41b Author: Feng Lu Date: Fri May 22 11:40:07 2015 +0200 zebra: maintain the router-id per VRF A router may need different identifier among the VRFs. So move the maintenance of router-id per VRF. * rib.h: Move the previous global variables in router-id.c into the "struct zebra_vrf": - struct list _rid_all_sorted_list/*rid_all_sorted_list - struct list _rid_lo_sorted_list/*rid_lo_sorted_list - struct prefix rid_user_assigned * router-id.c/router-id.h: A new parameter "vrf_id" is added to all the router-id APIs. Their operations are done only within the specified VRF. A new command "router-id A.B.C.D vrf N" is added to allow manual router-id for any VRF. The old router_id_init() function is splitted into two: - router_id_cmd_init(): it only installs the commands - router_id_init(): this new one initializes the variables for a specified VRF * zebra_rib.c: Add new functions zebra_vrf_get/lookup() called from router-id.c. * main.c: Replace router_id_init() with router_id_cmd_init() and call the new router_id_init() in zebra_vrf_new(). Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 7aaf4ea990398335bd40b56cc9586ab6a7178a4f Author: Feng Lu Date: Fri May 22 11:40:06 2015 +0200 zebra: configure static routes in any VRF Introduce new commands to configure static routes in any VRF, by appending the old static route commands with a new parameter "vrf N". A new parameter "const char *vrf_id_str" is added to the functions zebra_static_ipv4() and static_ipv6_func() to get the configured VRF ID. A new member "vrf_id" is added to the "struct static_ipv4" and "struct static_ipv6", indicating which VRF this static route is configured in. But till now, no interface can exist in any non-default VRF. So these static routes in non-default VRFs are kept inactive. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 8970f74ec77f93eb862ab8803d9d7c76c7128940 Author: Feng Lu Date: Fri May 22 11:40:05 2015 +0200 zebra: lookup the address in all VRFs when set the route-map rule "set src" When configuring the route-map rule "set src A.B.C.D", it checked whether the source address exists on some interface. Now it checks the source address throughout all VRFs. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 1885d0a5274cd78e46ad6c22171a5240a2f27f64 Author: Feng Lu Date: Fri May 22 11:40:04 2015 +0200 zebra: let the route-map rule "match interface" work for VRFs Introduce a new "struct nexthop_vrfid" to specify a nexthop together with the VRF ID it belongs to. Thus in route_match_interface(), we can lookup the interface from the correct VRF. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 4364ee5b6f65008fe19225f05e489ad8257a7df8 Author: Feng Lu Date: Fri May 22 11:40:03 2015 +0200 zebra: show routes in a specified VRF or all VRFs The present "show ip[v6] [m]route [xxx]" and "show ip rpf [xxx]" commands now show routes only in the default VRF. A new option is introduced to show routes in a specified VRF: show ip[v6] [m]route [xxx] vrf N show ip rpf [xxx] vrf N and a new option is used to show routes through all VRFs: show ip[v6] [m]route [xxx] vrf all show ip rpf [xxx] vrf all Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN [DL: conflicts resolved] Signed-off-by: David Lamparter commit 0d0686f98e64017415071e590bde262f0ab5a4c9 Author: Feng Lu Date: Fri May 22 11:40:02 2015 +0200 zebra: let FIB stand for its respective VRF A new member "vrf_id" is added to "struct rib", reflecting the VRF which it belongs to. A new parameter "vrf_id" is added to the relative functions where need, except those: - which already have the parameter "vrf_id"; or - which have a parameter in type of "struct rib"; or - which have a parameter in type of "struct interface". All incoming routes are set to default VRF. In fact, all routes in FIB are kept in default VRF. And the logic is not changed. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN [DL: conflicts fixed + compile warning fix] Signed-off-by: David Lamparter commit a2854770ff839553c9444193e84a1593645fa848 Author: Feng Lu Date: Fri May 22 11:40:01 2015 +0200 zebra: show interfaces in a specified VRF or all VRFs The following commands only show interfaces in the default VRF: show interface show interface IFNAME show interface description New options are introduced to show interfaces in a specified VRF: show interface vrf N show interface IFNAME vrf N show interface description vrf N or all VRFs: show interface vrf all show interface IFNAME vrf all show interface description vrf all Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 471ea39ce54537194ff2f22420589ddec5ef5ada Author: Feng Lu Date: Fri May 22 11:40:00 2015 +0200 lib, zebra, vtysh: configure an interface in non-default VRF Introduce a new command "interface IFNAME vrf N" to configure an interface in the non-default VRF. Till now, only zebra uses this command. Other daemons will install the command when they support multiple VRFs. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 5a5702fac5458d63d7a099c4db7ac387afefd2de Author: Feng Lu Date: Fri May 22 11:39:59 2015 +0200 lib: move the interface list into "struct vrf" An interface belongs to a specific VRF. So move the interface list into the "struct vrf". * vrf.c/vrf.h: - add a new member "struct list *iflist" to the the "struct vrf"; - call if_init() in vrf_new(); - call if_terminate() in vrf_delete(); - add utilities to access the interface list and VRF ID in the specified VRF. * if.c/if.h: - the global "iflist" now only exists for the default VRF; - the global "if_master" is initialized on the definition; - in if_create(), the interface is added into the list in the specified VRF; if the VRF does not exist, create one; - add parameters to if_init()/if_terminate() so that the interface list in the VRF can be initialized/destroyed; - in if_dump_all() scan the interfaces in all the VRFs; - add a command "show address vrf N" to show addresses in a specified VRF; - add a command "show address vrf all" to show addresses in all VRFs; - new APIs ifxxx_vrf() are added to access an interface in a specified VRF. The old interface APIs (the global variable "iflist" and the API functions) are not changed to keep the backward compatibility. The new APIs are used in the daemons which support multiple VRFs (till now only zebra). Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 126215c1238eb42cc92d23aefbe1fac3b204438f Author: Feng Lu Date: Fri May 22 11:39:58 2015 +0200 *: call if_init()/if_terminate() from vrf_init()/vrf_terminate() Later, an interface will belong to a specific VRF, and the interface initialization will be a part of the VRF initialization. So now call if_init() from vrf_init(), and if_terminate() from vrf_terminate(). Daemons have the according changes: - if if_init() was called or "iflist" was initialized, now call vrf_init() instead; - if if_terminate() was called or "iflist" was destroyed, now call vrf_terminate() instead. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 2fc97f6335dd5d7df2c285b363c6ef56bb98dcf8 Author: Feng Lu Date: Fri May 22 11:39:57 2015 +0200 lib, zebra: add "vrf_id" into the "struct interface" Later, an interface will belong to a specific VRF. Now we add a property "vrf_id" to the "struct interface", and keep it as the default value 0. This property is shown when displaying interfaces information. It is also added in some logs. This is just the preparation to move the interace list into the "struct vrf". The main logic is not changed. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 41f44a23e86a65a5cad7e5e8cafd7e935f153232 Author: Feng Lu Date: Fri May 22 11:39:56 2015 +0200 lib, zebra: move "struct vrf" to be a lib module Previously "struct vrf" is defined locally in zebra. Now it is moved to be a lib module. This is the first step to support multi-VRF in quagga. The implementation is splitted into small patches for the purpose of easy review. * lib: "struct vrf" with basic members is defined in vrf.c. The member "void *info" is for user data. Some basic functions are defined in vrf.c for adding/deleting/ looking up a VRF, scanning the VRF table and initializing the VRF module. The type "vrf_id_t" is defined specificly for VRF ID. * zebra: The previous "struct vrf" is re-defined as "struct zebra_vrf"; and previous "vrf" variables are renamed to "zvrf". The previous "struct vrf" related functions are removed from zbera_rib.c. New functions are defined to maintain the new "struct zebra_vrf". The names vrf_xxx are reserved for the functions in VRF module. So: - the previous vrf_table() are renamed to zebra_vrf_table(); - the previous vrf_static_table() are renamed to zebra_vrf_static_table(). The main logic is not changed. BTW: Add a statement to zebra_snmp.c telling that the SNMP is running only for the MIBs in the default VRF. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit 395828eea809e8b2b8c5824d3639cefedd7aa9f0 Author: Feng Lu Date: Fri May 22 11:39:55 2015 +0200 ospf6d, bgpd: avoid calling if_nametoindex As the comments in if.h, it is better to call ifname2ifindex() instead of if_nametoindex(). And ifname2ifindex() can work for VRF by appending a parameter while if_nametoindex() can not. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent JARDIN Signed-off-by: David Lamparter commit be6335d682c5ee1b6930345193eda875705fbab2 Author: Timo Teräs Date: Sat May 23 11:08:41 2015 +0300 zebra: use prefix2str for logging where possible This makes code more robust, consice and readable. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 53a5c39c705f917567d5b1764f1fe12ad5c5e577 Author: Timo Teräs Date: Sat May 23 11:08:40 2015 +0300 zebra/vty: use prefix2str and unify show ip/ipv6 route code Use prefix2str where possible. As now ip/ipv6 are practically identical, they are merged removing unneeded code duplication. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 41eb9a4305fbcb206c900a18af7df7115d857d60 Author: Timo Teräs Date: Sat May 23 11:08:39 2015 +0300 lib: make prefix2str simpler to use, and use it in zclient Returning the buffer allows using it in the logging functions in easier way. This also makes the API consistent with sockunion. Add also PREFIX_STRLEN to be the generic buffer length required for any prefix string representation. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 53009d387a633997b16d32224b50451b5c81b61a Author: Timo Teräs Date: Sat May 23 11:08:38 2015 +0300 lib: make sockunion2str safer to use It's mostly used for logging, and the return value is never checked, so try to make it valid. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 3293bc280f15d8e3c04e0bf9b0a8d54d342a87a9 Author: Timo Teräs Date: Fri May 22 13:41:01 2015 +0300 route table: constify some APIs Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit f85592e05ae6463727433893e61afd1081fcf7e0 Author: Timo Teräs Date: Fri May 22 13:41:00 2015 +0300 zebra: simplify redistribution code Merge the conditionals as one to avoid code duplication. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 483abc037b0ac4b3ed168c4810bb14ea338fa80c Author: Timo Teräs Date: Fri May 22 13:40:59 2015 +0300 sockunion: add accessors for sockunion address Upcoming nhrp code will use this, and it can be used to remove the sockunion2ip(X) macro. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit c1c69e43cda64122b599746df4d1c6c5d8b52e37 Author: Timo Teräs Date: Fri May 22 13:40:57 2015 +0300 lib: allow caller to provide prefix storage in sockunion2hostprefix Avoids a dynamic allocation which is usually freed immediate afterwards. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 80c9354835bb924983d12b0efad957e78f219287 Author: Timo Teräs Date: Fri May 22 13:40:56 2015 +0300 privs: fix privilege dropping to use system defined groups It may be requred for quagga process to belong to additional groups. E.g. nhrp module will need to talk to strongSwan using vici and may require additional permissions. Initialize groups from the system group database. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit d79668fb440ae2689b54f52c076dbd79a8689135 Author: David Lamparter Date: Thu May 14 14:47:05 2015 +0200 tests: add testcli reference in/out & do DejaGNU This adds reference in & output for the previously added testcli tool, to check basic CLI parsing/help functions. Unlike "testcommands", this one doesn't depend on compile-time system details. Signed-off-by: David Lamparter commit db93eec18d8f1e840b32ba2cdf8baf2510f6e1a5 Author: David Lamparter Date: Tue May 5 11:04:59 2015 +0200 tests: add CLI dummy command-exec tool This adds some common CLI testtool code as well as a tool that has a bunch of commands to be poked for their correct processing. The tool doesn't work correctly from a script at stdin at this point because the vty code will throw away all buffered when it sees EOF, so the tail end of the input file is lost. Signed-off-by: David Lamparter commit 05a69d2f3833c285b399558ba7ab4a57f194a88d Author: David Lamparter Date: Wed May 27 22:15:37 2015 +0200 Revert "lib: wrong #define used for IPV6_MINHOPCOUNT" This reverts commit 54b88cac24f335414caa875b390d2d78ff4bf9e0. Unfortunately, this breaks the build on systems where linux/in6.h and netinet/in.h can't both be included, such as Ubuntu 14.04 and Debian Jessie. Signed-off-by: David Lamparter commit 72855b16b72e9ad2c7eb0c0bfd8f5985f779608f Author: Feng Lu Date: Fri May 22 11:39:54 2015 +0200 ripngd: allow to enable/disable the ECMP feature Introduce a new command "[no] allow-ecmp" to enable/disable the ECMP feature in RIPng. By default, ECMP is not allowed. Once ECMP is disabled, only one route entry can exist in the list. * ripng_zebra.c: adjust a debugging information, which shows the number of nexthops according to whether ECMP is enabled. * ripngd.c: ripng_ecmp_add() will reject the new route if ECMP is not allowed and some entry already exists. A new configurable command "allow-ecmp" is added to control whether ECMP is allowed. When ECMP is disabled, ripng_ecmp_disable() is called to remove the multiple nexthops. * ripngd.h: Add a new member "ecmp" to "struct ripng", indicating whether ECMP is allowed or not. Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent Jardin Signed-off-by: David Lamparter commit e97c31aafc013b8b9a0e61cb79ee97a5f1e419bf Author: Feng Lu Date: Fri May 22 11:39:53 2015 +0200 ripngd: add ECMP support * Each node in the routing table is changed into a list, holding the multiple equal-cost paths. * If one of the multiple entries gets less-preferred (greater metric or greater distance), it will be directly deleted instead of starting a garbage-collection timer for it. The garbage-collection timer is started only when the last entry in the list gets INFINITY. * Some new functions are used to maintain the ECMP list. And hence ripng_route_process(), ripng_redistribute_add() and ripng_timeout() are significantly simplified. * ripng_zebra_ipv6_add() and ripng_zebra_ipv6_delete() now can share the common code. The common part is moved to ripng_zebra_ipv6_send(). Signed-off-by: Feng Lu Reviewed-by: Alain Ritoux Signed-off-by: Nicolas Dichtel Acked-by: Vincent Jardin Signed-off-by: David Lamparter commit 54b88cac24f335414caa875b390d2d78ff4bf9e0 Author: Donald Sharp Date: Wed May 13 20:34:46 2015 -0400 lib: wrong #define used for IPV6_MINHOPCOUNT The #define IPV6_MINHOPCNT define is never defined on any unix platform. >From what I can tell the original implementation on the linux platform was IPV6_MINHOPCNT, when it got accepted into the mainstream kernel it was transformed into IPV6_MINHOPCOUNT. Since we test for the define before attempting to use the code it was silently doing nothing for a long time. Signed-off-by: David Lamparter commit a5d589dfbf2c563868d944376155cd4a5998722f Author: Christian Franke Date: Wed May 13 13:59:18 2015 +0200 lib/privs: Don't use CAP_NET_BROADCAST From what I can tell, CAP_NET_BROADCAST has never been required for any functionality in the Linux kernel, so we do not really need it. However, it causes breakage in contexts where Quagga is started with a limited set of capabilities, e.g. in Docker, because these may not include CAP_NET_BROADCAST and in the case of Docker do not even support adding CAP_NET_BROADCAST. Signed-off-by: David Lamparter commit 3065777ece6d14c6acd04f8b2b693a15c9f2f37c Author: Christian Franke Date: Wed May 13 13:59:17 2015 +0200 lib/privs: display more info if cap_set_proc fails. Signed-off-by: David Lamparter commit 19ed526eab33728723e25f2727f60f41d3533503 Author: David Lamparter Date: Wed May 20 19:06:12 2015 +0200 isisd: always print adj->sysid (clang 3.6 warning) As any new compiler version, clang 3.6 has new warnings, one of these being that it now warns for testing whether the address of an array will be true. Of course there is no point in this check for the sysid, so let's always just print the sysid. Signed-off-by: David Lamparter commit 90d313578f035110422799ca2e188d745ceb3733 Author: David Lamparter Date: Thu May 14 14:24:06 2015 +0200 lib/vty: don't clear output buffer on input EOF A VTY's input can be closed without the output becoming unavailable. This happens both on stdio when stdin ends, as well as over TCP when an unidirectional input shutdown() happens. In such a case, resetting the output buffer is not appropriate since there might still be data to be successfully written. Signed-off-by: David Lamparter commit 464ccf36b4aa1b942cad413ea30267b4bf9e6315 Author: David Lamparter Date: Tue May 12 21:56:18 2015 +0200 lib/vty: add vty_stdio at-close hook This is intended to be used for either "exit on close", "fork on close" or "reopen vty on close" functionality for the stdio vty. Which of these options to take depends on the context, the use case right now is test programs exiting on EOF. Signed-off-by: David Lamparter commit ba53a8fdecef07577dcc4109e5c82bb124d49c58 Author: David Lamparter Date: Tue May 5 11:04:46 2015 +0200 lib/vty: put stdin in raw mode for vty The interactive CLI actually works just fine, if we just put the terminal in raw mode to get keystrokes as they come. Signed-off-by: David Lamparter commit ba5dc5ebb4dba56cb3a64acc21e71aa34df375d9 Author: David Lamparter Date: Thu May 30 16:33:45 2013 +0200 lib/vty: add vty_stdio() this introduces a new public/API function to the vty code for opening a VTY on stdin/stdout. Intended for unrestricted use by the individual daemons, i.e. "offical API". Signed-off-by: David Lamparter commit 4715a53b4d390e72a06c864a6a505971841e3dc9 Author: David Lamparter Date: Thu May 30 16:31:49 2013 +0200 lib/vty: add separate output fd support to VTYs to be used with stdin/stdout terminals, this adds support for writing to a different FD than we're reading from. Also fixes error messages from config load being written to stdin. [v2: fixed config write] Signed-off-by: David Lamparter commit ee53c8b9f7979c79beada960746ca35046016a45 Author: David Lamparter Date: Sat May 23 05:45:59 2015 +0200 vtysh: fix the fix for babeld removal... (5460bae) Commit 5460bae ("*: fix 'babeld: Remove babeld from Quagga' (336724d)") unfortunately removed the BABEL_NODE from vtysh, which now no longer starts. Fix by restoring the node (even though it won't be accessible). Reported-by: Nicolas Dichtel Fixes: 5460bae ("*: fix 'babeld: Remove babeld from Quagga' (336724d)") Signed-off-by: David Lamparter commit ec38711852abdcaa0e7001e6a1e957052a0e723d Author: David Lamparter Date: Wed May 20 22:34:56 2015 +0200 lib: fix "sockunion: add hash function" for BSD (9196caf) The sockunion_hash() function uses s6_addr32, which is not defined on BSD systems. (It only works on glibc because we set _GNU_SOURCE) ripngd/ripng_nexthop.h already contains a workaround for this. Bump workaround to prefix.h so it's available everywhere. Reported-by: NetDEF CI System Fixes: 9196caf ("sockunion: add hash function") Cc: Timo Teräs Signed-off-by: David Lamparter commit 9196caf16e30e938f4bc3c05d96f55195af7caff Author: Timo Teräs Date: Wed Apr 29 09:43:05 2015 +0300 sockunion: add hash function Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit ef757700d0fd51dc0b46df9d3631208919f9b779 Author: Timo Teräs Date: Wed Apr 29 09:43:04 2015 +0300 bgpd: allow using rtt in route-map's set metric Useful when the BGP neighbors are over tunnels that have large differences in geographic distances and RTTs. Especially useful for DMVPN setups to allow preferring closes hub. The parameter is added as new alias command as otherwise it seems the command parser is not able to match it properly (it seems merging is done for the various 'set metric' route-map objects in different routing engines). For same reason also they are listed as three separate options: optional +/- seems not possibly easily. Related research papers: http://www.pps.univ-paris-diderot.fr/~jch/research/delay-based.pdf http://arxiv.org/pdf/1309.0632.pdf Paper on similar extension to Babel: http://www.pps.univ-paris-diderot.fr/~jch/research/rapport-jonglez-2013.pdf Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 6b2672f3c9493aef3495192e113f95a7db4b65bc Author: Timo Teräs Date: Wed Apr 29 09:43:03 2015 +0300 sockopt: add support for querying tcp round-trip-time Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 38f22ab07c8e1f0f12e23c2e2d0a3e1f71bef695 Author: Timo Teräs Date: Wed Apr 29 09:43:02 2015 +0300 bgpd: refactor route-map objects modifying integer values Use common code to parse, validate and adjust the route-map objects that contain a simple integer value. This also allows compiling the add/sub format metric object. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 5460baef7f0014f2d0c3459aa9c4180da19d6850 Author: David Lamparter Date: Tue May 19 00:35:04 2015 +0200 *: fix "babeld: Remove babeld from Quagga" (336724d) This removes some more bits of babeld, particularly from: - buildtest.sh - redhat/ build files - vtysh integration (which actively broke the build) The memtype and zclient/route type are kept in place since these don't break anything and -theoretically- make it possible to build babeld with some Quagga integration externally. (Keeping vtysh integration is unfortunately not as easy.) Reported-by: Donald Sharp Fixes: 336724d ("babeld: Remove babeld from Quagga") Acked-by: Donald Sharp Acked-by: Paul Jakma Signed-off-by: David Lamparter commit 336724d628be71022f80cfe3dfb34274ad95ec14 Author: Paul Jakma Date: Mon May 11 15:13:31 2015 +0100 babeld: Remove babeld from Quagga This commit removes babeld from Quagga because the Quagga project is unable to meet the wishes of the babeld authors. commit 219cdc95d93eda93240d472814ef4aa8bd36b039 Author: Paul Jakma Date: Fri Jan 23 16:43:49 2015 +0000 ospfd: Remove another odd flooding hack in opaque LSA code * ospf_opaque.c: (ospf_opaque_adjust_lsreq) Odd hack to general OSPF database exchange but made to act only on opaque LSAs. It's either covering up bugs in the flooding code or its wrong. If it's covering up bugs, those would affect all LSAs and should be fixed at a lower layer in ospfd, indeed perhaps those bugs are long fixed anyway (?). Alternatively, it's just plain wrong. Nuke. (ospf_opaque_exclude_lsa_from_lsreq) helper to above, nuke. * ospf_packet.c: Nuke call to ospf_opaque_adjust_lsreq. Tested-by: olivier.dugeon@orange.com commit f1fc327c7eb00634d2c2b08c2a6f6e44a626ef04 Author: David Lamparter Date: Wed May 13 12:44:50 2015 +0200 lib: assert(0) still needs a return assert(0) is not guaranteed to not return since assert() in general can be optimised out when building without debug / with optimisation. This breaks the build in clang, which warns/errors about the missing return. Signed-off-by: David Lamparter commit 1416293f9d8f09cb792ce0ff9b734bff71697909 Author: David Lamparter Date: Tue May 12 17:18:04 2015 +0200 lib: fix "reduce strcmp in CLI" fallout (10bac801) In "lib/cli: reduce strcmp in CLI hot paths", I failed to notice that CMD_VARIABLE as a boolean test covers a superset of the other types of variables. Thus, the patch broke processing of IP/IPv6/Integer range parameters in the CLI. Fix by some reordering and introducing TERMINAL_RECORD macro (which marks whether a given terminal type is a parameter) to be used in places where the check is really for all kinds of variables. Reported-by: Timo Teräs Tested-by: Martin Winter Signed-off-by: David Lamparter commit c9c06d0d8cbc766374c43328e91b7a87f93e9c62 Author: David Lamparter Date: Mon Apr 13 10:21:35 2015 +0200 lib: straighten out ORF prefix list support BGP ORF prefix lists are in a separate namespace; this was previously hooked up with a special-purpose AFI value. This is a little kludgy for extension, hence this splits it off. Signed-off-by: David Lamparter Acked-by: Paul Jakma commit e66cbd10d52a79fd61acab9d615683eebdbf1df5 Author: David Lamparter Date: Mon Apr 13 10:21:34 2015 +0200 lib: hide internal prefix list structures These are about to be touched and there's no point in other code touching into prefix list's internas. Add some isolation. Signed-off-by: David Lamparter commit 4584c239201037648abf1a6615186f9cdeb86b23 Author: David Lamparter Date: Mon Apr 13 09:50:00 2015 +0200 bgpd: speed up "no-hit" withdraws for routeservers This accelerates handling of incoming Withdraw messages for routes that don't exist in the table to begin with. Cisco IOS 12.4(24)T4 has a bug in this regard - it sends withdraws instead of doing nothing for prefixes that are filtered. Pulling up the adj_in removal in Quagga should have no ill effect, but we can avoid the costly iteration over all rsclients if there was no adj_in entry. Performance impact of this change on routeserver with 3 buggy peers, startup/sync time: before patch: 143.12 seconds (user cpu) after patch: 7.01 seconds (user cpu) Many thanks to Nick Hilliard & INEX for providing real-world test data! Signed-off-by: David Lamparter Acked-by: Paul Jakma commit e30677a5537f67e37938954cf7347e9a9c0b922d Author: Paul Jakma Date: Tue Jan 20 15:45:36 2015 +0000 ospfd: Remove the blocking of opaque LSAs origination & flooding 'optimisation' * Opaque support contains some kind of hack/optimisation to origination/flooding to suppress some origins/floods until an opaque LS Acks are received. Previous versions of the code have already been shown to have bugs in them (see e16fd8a5, e.g.). It seems over-complex and fragile, plus its conceptually the wrong place to try implement flooding hacks that, AFAICT, do not depend particularly on the semantics of opaque LSA. Nuke. Tested-by: Olivier Dugeon commit e1bcd4741c24ff990a9413ead9a9e37b80153046 Author: Paul Jakma Date: Fri Sep 19 16:41:10 2014 +0100 ospfd: Make ospf_passive_interface_update calls friendly to static analysis * ospf_vty.c: ({no_}ospf_passive_interface_addr_cmd) To a static analyser, the call to ospf_passive_interface_update can look like uninitialised memory in addr might be read from. It won't be, as ospf_passive_interface_update only reads addr if params != IF_DEF_PARAMS, but not clear. Split up the helper into the two cases to make it clear. commit 10bac80195cf5a781da6e4415e6580fd7080f734 Author: David Lamparter Date: Tue May 5 11:10:20 2015 +0200 lib/cli: reduce strcmp in CLI hot paths Er, no idea how anyone could ever have thought that it would be a good idea to have a zillion of strcmp() calls in the CLI's active paths, just to compare against things like "A.B.C.D". Reduces 40k prefix list load time from 1.65s to 1.23s (1.34:1). Acked-by: Paul Jakma [v2: killed CMDS_* macros] Signed-off-by: David Lamparter commit 81b139bdd530adda045d22a4daf0054b89703dab Author: Timo Teräs Date: Wed Apr 29 09:43:01 2015 +0300 lib: constify sockunion api Add const to read-only api calls. Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit b40e178af12570467f0116d6b1684cb1b961e407 Author: Timo Teräs Date: Wed Apr 29 09:43:00 2015 +0300 zebra: fix rtadv check for non-glibc linux Default RTADV enabled for non-glibc linux (fixes check for musl libc). Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit e38545bb2cd155306fd78223e0c579117fcfae90 Author: Timo Teräs Date: Wed Apr 29 09:42:59 2015 +0300 zebra: fix build with rtadv disabled Otherwise we get warning on rtadv_init() prototype not being defined when compiling rtadv.c (as dummy stub is provided always). Signed-off-by: Timo Teräs Signed-off-by: David Lamparter commit 491417ac6383e2ea557951b24eb7bd3fffb69394 Author: Amritha Nambiar Date: Thu Apr 23 15:36:55 2015 -0700 isisd: fix crash on processing own p2p hello isis_pdu.c : isisd crashes if router's own p2p hello packets get processed thereby creating an adjacecncy with itself. Asserts at isis_find_vertex. So discard own p2p IIH PDU and avoid creating adjacency with self. This would also fix duplicate systemID on an interface. These checks already exists for IS-IS LAN Level 1/2 Hello PDU in process_lan_hello, but not for point-to-point IIH PDUs. Signed-off-by: Amritha Nambiar Signed-off-by: David Lamparter commit 4da670b7a9aacf552aa11c4d4f6d994b312ada89 Author: Paul Jakma Date: Mon Oct 27 15:14:06 2014 +0000 HACKING: Use space char for indentation. * HACKING.tex: Whitespace/indent section is probably out of date. Rephrase. Remove the editor recommendations, as I don't know what would be correct. Acked-by: Vincent Jardin commit f0996123fe12a0b5ea66b00475066474f48c84a0 Author: Paul Jakma Date: Mon Oct 27 15:09:38 2014 +0000 HACKING: Fix spelling mistakes Acked-by: Vincent Jardin commit 5bcbc3f58870bd28ab1deadfff75bf59d62db021 Author: Paul Jakma Date: Wed Oct 29 10:33:17 2014 +0000 gdb: Add a directory of files with gdb macros * gdb/: Directory to contain files with GDB macros. Organised by topic into separate files. * gdb/lib.txt: General OS API and Quagga lib macros: (def_ntohs) convert big-endian short to host order. (def_ntohl) convert big-endian long to host order. (walk_route_table_next) Walk to next route_node in a table, according to given top and current node arguments. (walk_route_table) walk the given route table dumping non-null info pointers, from the given root node. (dump_timeval) timeval to human readable output (dump_s_addr) Print IP address of given pointer to a (struct in_addr).s_addr (dump_s6_addr) Ditto for IPv6. (dump_prefix4) Dump a Quagga (struct prefix_ipv4 *) (dump_prefix6) Dump (struct prefix_ipv6 *) (dump_prefix) Dump a (struct prefix *). (rn_next_{down,up}) left-down and up-and-right walks of a route_table from a given route_node. * gdb/ospfd.txt: ospfd specific gdb macros, depends on gdb/lib.txt (dump_ospf_lsa_flags) LSA flags to text. (dump_ospf_lsa_data) dump the data of a (struct lsa_header *) argument. (dump_ospf_lsa) Dump the details of a (struct ospf_lsa *) (walk_ospf_lsdb) Go through an LSDB, rooted at the given (struct route_node *), and dump LSA details. (ospf_backbone_lsdb_top) Get the LSDB top pointer for the given LSA type. commit dc684eb9976f8a1170312be42d142effce26b568 Merge: 06bd420 e691c3b Author: David Lamparter Date: Thu Apr 23 13:31:17 2015 +0200 Merge branch 'volatile/fix_warnings' Thanks to Donald Sharp and Greg Troxel for providing feedback! Signed-off-by: David Lamparter commit e691c3bb972c0baf610d9e210ce20ea6546e1de0 Author: David Lamparter Date: Tue Apr 21 10:46:13 2015 +0200 *: assorted warning fixes A few warnings slipped through the cracks... Signed-off-by: David Lamparter commit 193e78f2460a537695e34368a29fc5cd02e4e1f5 Author: David Lamparter Date: Tue Apr 21 10:42:30 2015 +0200 zebra: fix NetBSD interface stats printf "format '%qu' expects type 'long long unsigned int', but argument 3 has type '__uint64_t'" Move to %llu, which is more standard. Signed-off-by: David Lamparter commit 6ed810d986df5d843c89166fee6b73a71222b7bd Author: David Lamparter Date: Tue Apr 21 10:13:07 2015 +0200 *: fix more initialisers (for BSD) FreeBSD and NetBSD spew a few more warnings about variable initialisers. Found with OSR's/NetDEF's fancy new CI system. Signed-off-by: David Lamparter commit c313895dec3c176584d99f7b8684ddc3f9141d88 Author: David Lamparter Date: Tue Apr 21 10:02:23 2015 +0200 tests: fix warnings While I don't see -Werror being used on tests anytime soon, there's no reason to keep the warnings in tests unfixed. Signed-off-by: David Lamparter commit 4b6c33282973c9e1545a519f2a51bda3cf42ae21 Author: David Lamparter Date: Tue Apr 21 09:47:57 2015 +0200 zebra: silence zebra_serv_un unused warning zebra_serv_un() is unused if --enable-tcp-zebra is given. Signed-off-by: David Lamparter commit 940b19911209d8ad2ea326c4a46e0fb044568edc Author: David Lamparter Date: Tue Apr 21 09:45:06 2015 +0200 pimd: fix out of tree build pimd/Makefile.am was missing srcdir/lib from its include paths, breaking out-of-tree build regarding route_types.h Signed-off-by: David Lamparter commit c0bedebfe9ca1a1ded02f1f481762dd41defa63e Author: David Lamparter Date: Tue Mar 3 10:00:43 2015 +0100 build: add --enable-werror This allows enabling -Werror in a consistent way. Note that this is different from just specifiying it in CFLAGS, since that would either break configure tests (if done on ./configure), or would override configure's CFLAGS (if done on make). Using --enable-werror instead provides a new WERROR variable that is additionally used during make with a consistent set of warning flags. The tests/ directory is exempt. (Rationale being, better to have more tests than pedantically complain about them.) Signed-off-by: David Lamparter commit 3a7e83c2387885075c9ecf1912dd6c9399c6947a Author: David Lamparter Date: Tue Mar 3 09:55:51 2015 +0100 build: determine CFLAGS more intelligently Instead of hardcoding some compiler detection, this just checks which CFLAGS actually work with the compiler specified by the user. Signed-off-by: David Lamparter commit 53780e30c90ae393467afaf3ccff9e3791df5133 Author: David Lamparter Date: Tue Mar 3 09:07:09 2015 +0100 bgpd: drop unused static variable Signed-off-by: David Lamparter commit d689d1a0c69726330d69b2dd412fdb8dcb23394b Author: David Lamparter Date: Tue Mar 3 13:54:30 2015 +0100 bgpd: fix SNMP write support This code - dating back to the initial import in 2002 - probably never worked. Calling asn_parse_int seems to always have been wrong, and in the meantime, there no longer is a "struct variable *" argument for write_method. If anyone tried to use it, it'd probably have crashed. (I didn't try.) Fix this up so it actually works. It's the only place in Quagga where a SNMP write is actually supported, so it's an odd one out anyway, but heh. Signed-off-by: David Lamparter commit dfee58f1d41a2e36c7f5f38a3ef5712224131824 Author: David Lamparter Date: Wed Mar 4 06:44:57 2015 +0100 snmp: fix warnings batch-fix all warnings that come up when enabling AgentX SNMP support. Signed-off-by: David Lamparter commit 6769f43de9d595b935f2ebf1cae1428e1d1a3a5f Author: David Lamparter Date: Wed Mar 4 07:18:24 2015 +0100 vtysh: drop unused variables & RETSIGTYPE Drop unused return values in vtysh. Also gets rid of the rather funny prototyping of signal setup in vtysh - which as a side effect makes it not need AC_TYPE_SIGNAL in configure.ac anymore. It wasn't used sensibly to begin with... Signed-off-by: David Lamparter commit a9eb9063071437f5cde3b78adf273b428c49d378 Author: David Lamparter Date: Wed Mar 4 07:07:01 2015 +0100 vtysh: fix function prototypes This makes a whole bunch of vtysh functions static, fixes prototypes for a few more, and masks user_free() and user_write_config() (both unused.) Signed-off-by: David Lamparter commit a91a3bac14976c04bf22b20c7e4bada787ec79b1 Author: David Lamparter Date: Tue Mar 3 09:06:51 2015 +0100 vtysh: don't use '\0' as NULL for some reason, the vty code was using '\0' in place of NULL. Signed-off-by: David Lamparter commit 3cf4053a9e832408fad33a8246ecbd189f23a956 Author: David Lamparter Date: Sun Apr 19 14:54:03 2015 +0200 ospf6d: fix pointer arithmetic warning caddr_t was signed; this buffer size comparison is better done in unsigned. Signed-off-by: David Lamparter commit 72c69d434840598a158747ba9f69dad536f96cea Author: David Lamparter Date: Tue Mar 3 09:08:20 2015 +0100 ospf6d: oi->cost is uint32, not short Signed-off-by: David Lamparter commit 0de0138a9146074f268245193e45c9376d998722 Author: David Lamparter Date: Tue Mar 3 10:30:27 2015 +0100 ospf6d: use existing union, avoid strict-aliasing There are preexisting fields u.lp.id and u.lp.adv_router in struct prefix that do the same thing as these type-punning pointer derefs. Use these and shut up the strict-aliasing warnings. Signed-off-by: David Lamparter commit 33b9663a89b5ec319986de0673764d2a18ec8725 Author: David Lamparter Date: Tue Mar 3 08:57:25 2015 +0100 watchquagga: break excessively long help string watchquagga's command line help string exceeds the ISO C maximum string length (4095 characters). Just break it in two. Signed-off-by: David Lamparter commit 71f55f38cb3dd804176e7f382f52b75ddcd437de Author: David Lamparter Date: Tue Mar 3 09:08:05 2015 +0100 lib, vtysh: reduce unneccessary C extension usage We're only supporting GCC, Clang and ICC; but there's no reason to use nonstandard C constructs if they don't actually provide any benefit. Signed-off-by: David Lamparter commit fd8f6ebb4c6b9e5364b98d2b5fd345d1dcc08824 Author: David Lamparter Date: Tue Mar 3 08:57:02 2015 +0100 lib: use const consistently for zserv path The global variable is missing its const, but the accessor function has a meaningless extra const in exchange... Signed-off-by: David Lamparter commit 81a4e85442e2011a47bbb25e8301dc40ec4ed9b6 Author: David Lamparter Date: Tue Mar 3 08:56:48 2015 +0100 lib: silence type range warning in macro While splitting up the CLI input macro is a bit annoying, this seems to be the least annoying way to get rid of the "< 0" comparison warning for unsigned long. Signed-off-by: David Lamparter commit c7879ea62fb38999a86ca9cbabbdeca18785e135 Author: David Lamparter Date: Wed Mar 4 06:37:20 2015 +0100 pimd: cast ioctl values when printing them ioctl values might be int or long, cast them to unsigned long for consistent printing. (They're long on FreeBSD, but were printed with %d.) Signed-off-by: David Lamparter commit a2c7f4bd869bd232eb12896ff65a510d6716d2b9 Author: David Lamparter Date: Tue Mar 3 21:03:52 2015 +0100 pimd: cast to sockaddr_in to sockaddr While glibc seems to have something in the system headers that prevents this from triggering a warning, FreeBSD doesn't. Fix the warning. Signed-off-by: David Lamparter commit e070452d981f58d60d79d7b4b38c93fb034c49b3 Author: David Lamparter Date: Tue Mar 3 10:41:21 2015 +0100 pimd: mask unused zclient_broken() this function is used by the currently not present zclient reconnect code. It'll be unmasked again when that code hits master. Signed-off-by: David Lamparter commit a3466abd93f83424f9f83e56282e42188e1f94ce Author: David Lamparter Date: Tue Mar 3 09:14:46 2015 +0100 zebra: clean up misc_null pragmas The no-op alternatives provided in misc_null trigger a few warnings since they provide functions / use pragmas without prototypes. Signed-off-by: David Lamparter commit 3e9e2c9fb66895df42159b98a3743e25399760df Author: David Lamparter Date: Fri Apr 10 09:14:58 2015 +0200 zebra: static int inline -> static inline int The BSD socket kernel interface had some weird ordering of function attribute keywords. ("static int inline foobar()") Signed-off-by: David Lamparter commit 7e92322cfcc6c062acae3b550f90d36fe40763f1 Author: David Lamparter Date: Tue Mar 3 21:04:20 2015 +0100 zebra: use SA_SIZE for RT_ROUNDUP on FreeBSD FreeBSD provides SA_SIZE (and none of the other options to infer padded size of a struct sockaddr). Just define SAROUNDUP to SA_SIZE if it is available. This also drops a superfluous-looking extra macro branch which would require ROUNDUP. It seemed redundant to my eyes, but I have no idea what odd things might have triggered addition of this in the first place... Signed-off-by: David Lamparter commit 48ab06b43040bb27d267bb165eedf9e496eb865b Author: David Lamparter Date: Wed Mar 4 07:05:39 2015 +0100 zebra: use prototypes/includes in rt_netlink Signed-off-by: David Lamparter commit 872b0dc0537b62503d98bafd3075553795c847cb Author: David Lamparter Date: Tue Mar 3 08:57:49 2015 +0100 zebra: remove unused netlink_route()/kernel_rtm_ipv6() kernel_delete_ipv6_old(), removed in 51bdeba a little while ago, was the last user of netlink_route() and kernel_rtm_ipv6(). Everything else uses the _multipath variants of these functions. Signed-off-by: David Lamparter commit 52f02b47685bc823c4c75560175a27aab0bd6709 Author: David Lamparter Date: Fri Apr 10 09:14:30 2015 +0200 zebra, isisd: cast to unsigned char for ctypes ctype.h macros take int as arguments, but expect arguments to be in unsigned char's range. Even though it probably works, this isn't correct on systems that have a signed char type. Cast explicitly. Signed-off-by: David Lamparter commit 60a4601e2270920958e221fbffd7b0743f498d3c Author: David Lamparter Date: Tue Mar 3 08:56:05 2015 +0100 isisd: remove unused process_is_hello() The code uses process_lan_hello() or process_p2p_hello(). The unused process_is_hello() seems to be a leftover generic version. Signed-off-by: David Lamparter commit 01da6176b88fe59b3c6ceaf3630df88046c83159 Author: David Lamparter Date: Fri Apr 10 09:10:11 2015 +0200 isisd: fix size_t confusions isisd had a few places that mixed up size_t vs. unsigned long, and %zd vs. %ld. Clean out. Signed-off-by: David Lamparter commit f50ee93d12f8213a048a04fcf7d73e12662288e5 Author: David Lamparter Date: Wed Mar 4 07:13:38 2015 +0100 isisd: assorted fixes (unused variables, static) This just mops up a few warnings in isisd. Signed-off-by: David Lamparter commit 6db3ef65c7683069609b5ceb29bdaab49ca09f48 Author: David Lamparter Date: Tue Mar 3 09:07:43 2015 +0100 isisd: fix minor & vs. && mix-up apparently we were displaying all IPv6 reachabilities as external. Signed-off-by: David Lamparter commit 1250dc7834a1ba52cfd5195f68d24f22fd9c41b0 Author: David Lamparter Date: Tue Mar 3 08:56:35 2015 +0100 isisd: don't use POSIX reserved y1/yn names y1 and yn are POSIX standard names for Bessel functions. For consistency, just rename all of these variables from "y" to "yy". Signed-off-by: David Lamparter commit 8c9cd85631b77fac0bc30ffb9f23b29c466d31c4 Author: David Lamparter Date: Sun Apr 19 14:40:02 2015 +0200 bgpd: random() returns long bgpd was using unsigned to store a probability value to be used with random(). That, however, returns long, running into some warnings (and worst case, if RAND_MAX > UINT_MAX, won't work correctly. Just use long to shuffle the value around. Signed-off-by: David Lamparter commit 94bad67cd8fe7ad023a40547a1153a414d70fa0a Author: David Lamparter Date: Tue Mar 3 08:52:22 2015 +0100 bgpd: don't use #ifdef inside macro args Using #ifdef inside preprocessor macro argument lists is not guaranteed to work. In reality it mostly does, but we don't need these ifdefs for HAVE_IPV6 anymore, so let's get rid of the warning nonetheless. Signed-off-by: David Lamparter commit d43f8b39b075fe60e0c8fdb33b07b284d3fae503 Author: David Lamparter Date: Tue Mar 3 08:54:54 2015 +0100 bgpd, zebra: fix struct/pointer sizeof mixups Two places were taking sizeof(pointer) instead of the sizeof(struct), while performing operations on the struct. Both are initialisation functions; I guess we haven't seen fallout since they weren't critical. Fix anyway. [v2: fix mistake that actually broke bgpd RS workqueue init] Signed-off-by: David Lamparter commit b1672ce858cc9c16fd7cc67b673aa241d9583a59 Author: David Lamparter Date: Sun Apr 19 15:17:02 2015 +0200 bgpd: fix ecommunity_token initialiser This pulls up ecommunity_token_unknown to be the first enum value (at 0), and uses that as initialiser to get rid of the uninitialised use warning. Signed-off-by: David Lamparter commit ab90fc04a57b7b1d93ccddb8c9fbbf339a7ffc4c Author: David Lamparter Date: Tue Mar 3 09:07:25 2015 +0100 *: add/cleanup initialisers There were some (inconsequential) warnings about uninitialised use of variables. Also, in one case, sub-structs were mixed in initialisation, which doesn't quite work as intended. Signed-off-by: David Lamparter commit 388f8857eb81ef75014060976776523a58a99389 Author: David Lamparter Date: Tue Mar 3 08:55:54 2015 +0100 *: add missing includes Some places, particularly headers, were spewing warnings since they don't include neccessary other headers to get struct/enum definitions. Signed-off-by: David Lamparter commit 21401f3215be26dcb0f787105f5907745498e966 Author: David Lamparter Date: Tue Mar 3 08:55:26 2015 +0100 *: fix signedness mix-ups Signed-off-by: David Lamparter commit b7d5021bfa161f797cbfb1e92bf5b94327fb1b71 Author: David Lamparter Date: Tue Mar 3 08:53:18 2015 +0100 *: remove stray extra semicolons Some places had extra semicolons where none belong. Remove them. Signed-off-by: David Lamparter commit eed3c48d3a7d2dae2cae2f2f250deffb843754a6 Author: David Lamparter Date: Tue Mar 3 08:51:53 2015 +0100 *: use void * for printing pointers On higher warning levels, compilers expect %p printf arguments to be void *. Since format string / argument warnings can be useful otherwise, let's get rid of this noise by sprinkling casts to void * over printf calls. Signed-off-by: David Lamparter commit ef008d2f8dc8f7160d8a3d24a15f2fad79ef3242 Author: David Lamparter Date: Tue Mar 3 08:48:11 2015 +0100 *: use long long to print time_t Since we can't assume time_t to be long, int, or even long long, this consistently uses %lld/long long (or %llu/unsigned long long in a few cases) to print time_t/susecond_t values. This should fix a bunch of warnings, on NetBSD in particular. (Unfortunately, there seems to be no "PRId64" style printing macro for time_t...) Signed-off-by: David Lamparter commit 06bd420d4646333bc7ed9964e348f19a942fcfe2 Author: Balaji Date: Mon Mar 16 16:55:29 2015 +0000 bgpd: Display of configured dampening parameters Function to display configured bgp dampening parameters. Signed-off-by: Balaji.G [DL: formatting adjustments] Signed-off-by: David Lamparter commit aa7dbb1067b7d02e1354fe1e5664ccb7d259d649 Author: Balaji Date: Mon Mar 16 16:55:26 2015 +0000 bgpd: Configured suppress value cannot be less than the reuse value in bgp dampening RFC 2439, Section 4.2; the values pair up for hysteresis. Signed-off-by: Balaji.G Signed-off-by: David Lamparter commit 941789e470199df4f612368f669ecc0fd096fb9a Author: Greg Troxel Date: Mon Mar 23 15:16:29 2015 -0400 Fix alignment assumptions on non-RT_ROUNDUP platforms. The comment said that apple uses int and BSD traditionally used long, but the code was backwards. This fixes apple to be int, and otherwise long. That should make FreeBSD, which aligns to long, work correctly, even without using SA_SIZE. commit ec62e1438ece9af0546f9028aa1403f2c84bf177 Author: David Lamparter Date: Sat Mar 7 08:40:56 2015 +0100 build: list actual release procedure As in a few other places in HACKING.tex, the text doesn't quite reflect reality. Add the actual release procedure including a few more steps, and warn about autoconf's subdirectory behaviour. Signed-off-by: David Lamparter commit b7cce958649775600458f2fb3a8d33fc84683d26 Author: David Lamparter Date: Sat Mar 7 08:40:48 2015 +0100 zebra: don't print uninitialized string (3b02fe8) This crept in as part of the MRIB improvements and I missed the compiler warning between other noise. Unfortunately, printing an uninitialised variable can in fact make zebra crash, so this is not trivial. Fixes: 3b02fe8 ("zebra: add "show ip rpf" to get result of RPF lookup") Signed-off-by: David Lamparter commit 5cd0e5c659d0ae7840748e83cd9f340568fa4204 Author: Brian Bennett Date: Tue Feb 17 23:24:15 2015 +0000 lib: Fix POSIX capabilities on SunOS platforms When using POSIX capabilities on SunOS the capabilities are too restricitve resulting in quagga processes not being able to read their own config files. Credit goes to Oracle where this patch was originally authored and included in OpenSolaris. lib/privs.c: Include additional capabilities, better checking of missing capabilities. Fixes: #820 Acked-by: Greg Troxel Signed-off-by: David Lamparter commit d8d54ab78d915921a88a8707426e307aed3c323e Author: David Lamparter Date: Wed Mar 4 07:30:19 2015 +0100 build: tag version as 0.99.25-dev Signed-off-by: David Lamparter