vrf->ns_ctxt is only ever used in zebra, so move its initialization to
zebra's callback. Ideally this pointer shouldn't even be a part of
library's vrf struct, and moved to zebra-specific struct, but this is
the first step.
Signed-off-by: Igor Ryzhov <idryzhov@gmail.com>
The backend type cannot be unknown. It is configured to VRF_LITE by
default in zebra anyway, so just init to VRF_LITE in the lib and remove
the UNKNOWN type.
Signed-off-by: Igor Ryzhov <idryzhov@gmail.com>
Add a mechanism in route-map to filter out route-map which have a list
of communities greater than the given number.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
lua_pcall() returns LUA_ERRGCMM in 5.3 which is already deprecated.
The constant LUA_ERRGCMM was removed.
Errors in finalizers are never propagated; instead, they generate a warning.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd crashes when there is several entries in the prefix-list. No
backtrace is provided because the issue was catched from a code review.
Fixes: 856ca177c4 ("Added json formating support to show-...-neighbors-... bgp commands.")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
0x<address>FX was displayed instead of the prefix.
Fixes: b219dda129 ("lib: Convert usage of strings to %pFX and %pRN")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
In zlog_5424_cycle(), struct zlt_5424 *zlt only points to valid memory when
the passed file descriptor is >= 0 (and passing -1 seems to be a supported
use case). So we shouldn't try to compute the address of its zt member when
zlt is NULL.
Signed-off-by: Martin Buck <mb-tmp-tvguho.pbz@gromit.dyndns.org>
When changing the log threshold (prio_min) using zlog_5424_apply_meta(), try
to open the log destination using zlog_5424_open() if we haven't done so
before. Without this, we might never open the destination at all, because
when zlog_5424_apply_dst() gets called (which so far was the only initial
caller of zlog_5424_open()), chances are that prio_min is still at its
initial value of ZLOG_DISABLED, causing it to skip the call to
zlog_5424_open().
Signed-off-by: Martin Buck <mb-tmp-tvguho.pbz@gromit.dyndns.org>
Don't over-allocate syscaps in zcaps2sys(): This is just a single struct
(pset_t) with a count and a pointer to an array of capabilities, not an
array. So only allocate a single pset_t, not num copies of it.
The allocation size of syscaps->caps then needs to be based on the number of
Linux capabilities (count), but that is already handled properly a few lines
below.
Note that this fix is mostly cosmetic and for correctness. There was no
potential for memory corruption, because num is guaranteed to be nonzero. So
at least the one required pset_t was always allocated (but potentially much
more).
Signed-off-by: Martin Buck <mb-tmp-tvguho.pbz@gromit.dyndns.org>
This allows eliminating the superfluous yang_data object (which
is getting created used to call lyd_new_term then deleted). Instead
just call lyd_new_term() in the callback directly.
Signed-off-by: Christian Hopps <chopps@labn.net>
"ip/ipv6 protocol any route-map <route map>" cli is setting
wrong route type ( ZEBRA_ROUTE_MAX ), It should set route type
ZEBRA_ROUTE_ALL.
Ticket: #4101560
Signed-off-by: Sougata Barik <sougatab@nvidia.com>
newline is not expected to be printed in JSON outputs, e.g.:
```
"lastUpdate":{"epoch":1734490463,"string":"Wed Dec 18 04:54:23 2024\n"
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Issue: When the incoming config has say 30K entries of a prefix-lists,
current implementation is to schedule the configs to be batched and
only after batching the entire config, the processing of the configs
take place. As part of batching this config, we perform string
concatenation to save all the configs in the buffer which over time
results in taking longer time.
Ex: Imagine each line of config is 50 chars. With a delimiter of ‘- ‘ we end
up adding 52 chars to buffer for each command i.e. 52*30000 = 156K of chars.
Strlcat is an expensive operation and every time we strlcat, we have to
traverse at end of string to append new char.
Because of this, we end up adding extra 6-8 secs for accepting the config.
Fix: The idea here is to bring back something similar to the backoff
count implemented as part of 20e9a402 (lib: introduce configuration
back-off timer for YANG-modeled commands).
Essentially we keep a cap of 5000 per batch. So once 5000k config
commands are batched, we process them, clear the buffer, set the count
to 0 and then continue processing the rest of the config.
option1 file has 30K entries of prefix-list
Without Fix:
root@mlx-3700-20:mgmt:/var/log/raja/frr# time sudo vtysh -f option1
<SNIP>..............
Waiting for children to finish applying config...
[25191|staticd] done
[25189|watchfrr] done
[25178|ospfd] done
[25190|pbrd] done
[25181|bgpd] done
[25175|zebra] done
real 0m20.123s
user 0m9.384s
sys 0m2.403s
With Fix:
root@mlx-3700-20:mgmt:/var/log/raja/frr# time sudo vtysh -f option1
<SNIP>..............
Waiting for children to finish applying config...
[19887|staticd] done
[19885|watchfrr] done
[19886|pbrd] done
[19874|ospfd] done
[19877|bgpd] done
[19871|zebra] done
real 0m12.168s
user 0m7.511s
sys 0m1.981s
Issue: 3589101
Ticket# 3589101
Signed-off-by: Rajasekar Raja <rajasekarr@nvidia.com>
- WHen declaring macro scoped variables, can run into problem if the macro
variable passed in has the same name as the new variable introduced in the inner
scope. We don't get a warning and the uses will be wrong.
e.g.,
```
{
int __len = 10;
foo(__len); // => 10 and not 15 as we wanted.
}
```
Signed-off-by: Christian Hopps <chopps@labn.net>
- ran into problem with darr macros and nested macros using the same name
variables as passed in variables in an out scope. Make these macro scoped
variables more unique as well.
Signed-off-by: Christian Hopps <chopps@labn.net>
Modified ZEBRA_NEXTHOP_LOOKUP_MRIB to include the SAFI from which to do the lookup.
This generalizes the API away from MRIB specifically and allows the user to decide how it should do lookups.
Rename ZEBRA_NEXTHOP_LOOKUP_MRIB to ZEBRA_NEXTHOP_LOOKUP now that it is more generalized.
This change is in preperation to remove multicast lookup mode completely from zebra.
Signed-off-by: Nathan Bahr <nbahr@atcorp.com>
Without the fix:
```
show ip prefix-list test_1 10.20.30.96/27 first-match
<no result>
show ip prefix-list test_2 192.168.1.2/32 first-match
<no result>
```
With the fix:
```
ip prefix-list test_1 seq 10 permit 10.20.30.64/26 le 27
!
end
donatas# show ip prefix-list test_1 10.20.30.96/27
seq 10 permit 10.20.30.64/26 le 27 (hit count: 1, refcount: 0)
donatas# show ip prefix-list test_1 10.20.30.64/27
seq 10 permit 10.20.30.64/26 le 27 (hit count: 2, refcount: 0)
donatas# show ip prefix-list test_1 10.20.30.64/28
donatas# show ip prefix-list test_1 10.20.30.126/26
seq 10 permit 10.20.30.64/26 le 27 (hit count: 3, refcount: 0)
donatas# show ip prefix-list test_1 10.20.30.126/30
donatas#
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Currently the zapi reconnection is once every 10 seconds
for the first 3 times and then once every 60 seconds from then
on out. We are seeing interesting behavior under loaded systems
where zebra is just slow to come up and daemons are spending a long
time waiting to connect. Let's just make things a bit more aggressive.
Change the code to attempt to reconnect once every second for 30 seconds
and then change to once every 5 seconds from then on out.
This should help with non-integrated configuration on system startup.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
This would give more details why at some point we return deny, no match, etc.
Before this we have sometimes (I don't know why), e.g.:
```
Route-map: null, prefix: 192.168.2.0/24, result: deny
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Commit: 9112fb367b
Introduced the idea of setting the socket buffer
send/receive sizes. BSD's in general have the fun
issue of not allowing nearly as large as a size as
linux. Since the above commit was developed on linux
and not run on bsd it was never tested. Modify the
codebase to use the backoff setsockopt that we have
in the code base and use the returned values to allow
us to notice what was set and respond appropriately.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Currently if you have this sequence of events:
a) BGP starts
b) BGP reads cli that has bfd configuration
c) BGP attempts to install bfd configuration but fails because
zebra is not connected to yet
d) BGP connects to zebra
e) BGP receives resend bfd code from bfdd
f) BGP was not sending down the unsent data to bfd, never causing
the bfd session to be established.
So effectively bfd was attempting to install but failed
and then when it was asked to replay everything it decided
that the bfd information for a particular peer was actually
installed and does not need to be resent. Modify the code
such that the bfd code now tracks failed installation and
allows the resend of data to bfdd.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
In zebra_mpls.c it has a usage of MTYPE_NH_LABEL which is
defined in both lib/nexthop.c and zebra/zebra_mpls.c. The
usage in zebra_mpls.c is a realloc. This leads to a crash:
(gdb) bt
0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=126487246404032) at ./nptl/pthread_kill.c:44
1 __pthread_kill_internal (signo=6, threadid=126487246404032) at ./nptl/pthread_kill.c:78
2 __GI___pthread_kill (threadid=126487246404032, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
3 0x0000730a1b442476 in __GI_raise (sig=6) at ../sysdeps/posix/raise.c:26
4 0x0000730a1b94fb18 in core_handler (signo=6, siginfo=0x7ffeed1e07b0, context=0x7ffeed1e0680) at lib/sigevent.c:268
5 <signal handler called>
6 __pthread_kill_implementation (no_tid=0, signo=6, threadid=126487246404032) at ./nptl/pthread_kill.c:44
7 __pthread_kill_internal (signo=6, threadid=126487246404032) at ./nptl/pthread_kill.c:78
8 __GI___pthread_kill (threadid=126487246404032, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
9 0x0000730a1b442476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
10 0x0000730a1b4287f3 in __GI_abort () at ./stdlib/abort.c:79
11 0x0000730a1b9984f5 in _zlog_assert_failed (xref=0x730a1ba59480 <_xref.16>, extra=0x0) at lib/zlog.c:789
12 0x0000730a1b8f8908 in mt_count_free (mt=0x576e0edda520 <MTYPE_NH_LABEL>, ptr=0x576e36617b80) at lib/memory.c:74
13 0x0000730a1b8f8a59 in qrealloc (mt=0x576e0edda520 <MTYPE_NH_LABEL>, ptr=0x576e36617b80, size=16) at lib/memory.c:112
14 0x0000576e0ec85e2e in nhlfe_out_label_update (nhlfe=0x576e368895f0, nh_label=0x576e3660e9b0) at zebra/zebra_mpls.c:1462
15 0x0000576e0ec833ff in lsp_install (zvrf=0x576e3655fb50, label=17, rn=0x576e366197c0, re=0x576e3660a590) at zebra/zebra_mpls.c:224
16 0x0000576e0ec87c34 in zebra_mpls_lsp_install (zvrf=0x576e3655fb50, rn=0x576e366197c0, re=0x576e3660a590) at zebra/zebra_mpls.c:2215
17 0x0000576e0ecbb427 in rib_process_update_fib (zvrf=0x576e3655fb50, rn=0x576e366197c0, old=0x576e36619660, new=0x576e3660a590) at zebra/zebra_rib.c:1084
18 0x0000576e0ecbc230 in rib_process (rn=0x576e366197c0) at zebra/zebra_rib.c:1480
19 0x0000576e0ecbee04 in process_subq_route (lnode=0x576e368e0270, qindex=8 '\b') at zebra/zebra_rib.c:2661
20 0x0000576e0ecc0711 in process_subq (subq=0x576e3653fc80, qindex=META_QUEUE_BGP) at zebra/zebra_rib.c:3226
21 0x0000576e0ecc07f9 in meta_queue_process (dummy=0x576e3653fae0, data=0x576e3653fb80) at zebra/zebra_rib.c:3265
22 0x0000730a1b97d2a9 in work_queue_run (thread=0x7ffeed1e3f30) at lib/workqueue.c:282
23 0x0000730a1b96b039 in event_call (thread=0x7ffeed1e3f30) at lib/event.c:1996
24 0x0000730a1b8e4d2d in frr_run (master=0x576e36277e10) at lib/libfrr.c:1232
25 0x0000576e0ec35ca9 in main (argc=7, argv=0x7ffeed1e4208) at zebra/main.c:536
Clearly replacing a label stack is an operation that should be owned by
lib/nexthop.c. So lets move this function into there and have
zebra_mpls.c just call the function to replace the label stack.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
CID 1601478: Uninitialized variables (UNINIT)
Using uninitialized value "mbefore.real.tv_usec" when calling "event_consumed_time".
Fixes: 3e3a666331 ("lib: Add ability to track time in individual routemaps")
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Add the abilty to track how much time is spent in routemaps.
Example of the new output:
eva# show route-map
ZEBRA:
route-map: FOO Invoked: 1000000 (323 milliseconds total) Optimization: enabled Processed Change: false
deny, sequence 10 Invoked 1000000 (320 milliseconds total)
Match clauses:
Set clauses:
Call clause:
Action:
Exit routemap
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The `alloc` counter was tracking the current active
number of events in the system and if it went to
0 when freeing a new one it would assert. This
assert is a duplicate of what would happen with the
XFREE in the same situation. As such it is not
necessary.
Also remove the `event_master_free_unused` function
from the system.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
With commit:
60a3efec24
The ability for the wheel code to display the name of what
wheel was actually being run was removed from the system.
Since we can no longer do this and it's been 4 years since it's
been in, let's just remove this bit of dead code.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
memcmp will return and act exactly the same as in6addr_cmp
but it does it significantly faster than how in6addr_cmp
does it. Let this be a lesson for implementing something
that is a duplicate of what is provided by the c library.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The configured OSPF refresh interval was not being used for opaque LSA (it always used the constant). Also, modified the timers lsa min-arrival command to have a maximum of 5000 msecs as well as providing a path for backward command compatibility.
Added missing user documentation for both timers lsa min-arrival and timers throttle lsa all.
Signed-off-by: Acee Lindem <acee@lindem.com>
`checkpatch` has sufficiently annoyed me to fix this.
Includes free overflow guard in CSV code.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The frrevent system is spitting out this message in bgpd:
20:40:15 mem1-roc-f2-b1-r5-t2-d4 bgpd[13166]: [XETTR-D5MR0][EC 100663316] Attempting to process an I/O event but for fd: 214(8) no thread to handle this!
This is because as each io event is processed, it is possible that a
.events is set to 0. This can leave a situation where we ask
ppoll to handle anything that happens on a fd with a .events of 0,
in this situation ppoll can return POLLERR, which indicates that
something bad has happened on the fd.
Let's set the ppoll fds.fd value to -1 when there are no more
events to be processed. ppoll specifically calls out that
it will just skip this particular one.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Move the various destinations handling into lib/memory.c, include
"normal" logging as target, and make `ACTIVEATEXIT` properly non-error
as it was intended to be.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
`log_memstats()` is not AS-safe. It can hang the crash handler (or set
your PC on fire, or cause the sun to go supernova - according to POSIX
specs, anyway.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
No `zlog_fini()`, please. Getting log messages until the end is more
important than leaking memory allocated for zlog targets.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Well, this was only checked for exit status, which we didn't really
observe... so, uh, yeah, not particularly noticeable it wasn't even
wired up...
clang-format off/on added to not get formatting wrecked on this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
errno is only valid if there was an actual error. A zero return value
isn't an error, it's either EOF or an empty datagram depending on
context. Fix the logic.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The flex-generated code is disabled for clang-SA builds already, but
that means that function prototypes are missing too. Just add dummy
function prototypes so clang-SA can process the file.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
In these cases the value assigned by the switch block is used directly
rather than returned. Mark the initial/default value as used so
clang-SA doesn't complain about it.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
clang-19's SA complains about unused initializers for this kind of
"switch (enum) { return string }" kind of code. Use direct string
return values to avoid the issue.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Currently FRR needs to send a uint16_t value for the number
of nexthops as well it needs the ability to properly decode
all of this. Find and handle all the places that this happens.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Same as `set metric igp`, but in this case accumulated IGP metric is being
sent as MED attribute.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
They are managed under `frr-route-map`, not under `frr-bgp-route-map`.
Fixes: https://github.com/FRRouting/frr/issues/17055
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
If e.g. BGP neighbor is using a route-map at the boot, that is not yet created,
then the log is spammed with `The route-map 'X' does not exist`.
Processing earlier, should do the trick.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Mgmtd makes use of libyang's internal ietf-yang-library module to add
support for said module to FRR management. Previously, mgmtd was loading
this module explicitly; however, that required that libyang's
`ietf-yang-library.yang` module definition file be co-located with FRR's
yang files so that it (and ietf-datastore.yang) would be found when
searched for by libyang using FRRs search path. This isn't always the
case depending on how the user compiles and installs libyang so mgmtd
was failing to run in some cases.
Instead of doing it the above way we simply tell libyang to load it's
internal version of ietf-yang-library when we initialize the libyang
context.
This required adding a boolean to a couple of the init functions which
is why so many files are touched (although all the changes are minimal).
Signed-off-by: Christian Hopps <chopps@labn.net>
It's possible to specify via the cli and configure how many
nexthops that are allowed on the system. If you happen to
have > 255 then things are about to get interesting otherwise.
Let's allow up to 65k nexthops (ha!)
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Fix the following compiler warning:
```
lib/elf_py.c: In function _elffile_load_:
lib/elf_py.c:1310:34: warning: _calloc_ sizes specified with _sizeof_ in the earlier argument and not in the later argument [-Wcalloc-transposed-args]
1310 | w->sects = calloc(sizeof(PyObject *), w->ehdr->e_shnum);
| ^~~~~~~~
lib/elf_py.c:1310:34: note: earlier argument should specify number of elements, later size of each element
```
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
We can't use even `string()` function because built-in functions are not
loaded.
Testing with:
```
$ cat /etc/frr/scripts/zebra.lua
function on_rib_process_dplane_results(ctx)
log.warn(string.upper("testas"))
return {}
end
```
This results to "TESTAS" in the logs.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Prior to this commit stdout of a process started in a daemon mode was
attached to a calling process.
As a result a calling process hung for infinity.
Signed-off-by: Vladislav Odintsov <vlodintsov@k2.cloud>
When trying to track down a MTYPE_TMP memory leak
it's harder to search for it when you happen to
have some usage of ttable_dump. Let's just give
it it's own memory type so that we can avoid
confusion in the future.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The output buffer vty->obuf is a linked list where
each element is of 4KB.
Currently, when a huge sh command like <show ip route json>
is executed on a large scale, all the vty_outs are
processed and the entire data is accumulated.
After the entire vty execution, vtysh_flush proceeses
and puts this data in the socket (131KB at a time).
Problem here is the memory spike for such heavy duty
show commands.
The fix here is to chunkify the output on VTY shell by
flushing it intermediately for every 128 KB of output
accumulated and free the memory allocated for the buffer data.
This way, we achieve ~25-30% reduction in the memory spike.
Fixes: #16498
Note: This is a continuation of MR #16498
Signed-off-by: Srujana <skanchisamud@nvidia.com>
Signed-off-by: Rajasekar Raja <rajasekarr@nvidia.com>
Implement common code for debug status output and remove daemon-specific
code that is duplicated everywhere.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Implement common code for debug config output and remove daemon-specific
code that is duplicated everywhere.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
The debug library allows to register a `debug_set_all` callback which
should enable all debugs in a daemon. This callback is implemented
exactly the same in each daemon. Instead of duplicating the code, rework
the lib to allow registration of each debug type, and implement the
common code only once in the lib.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Currently nexthop weight is a discriminator on whether or not
a nexthop matches. There is a need to no use the weight as
part of this comparison function so let's add a boolean to
allow us to say use this or not.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Also an empty (thus non-replace) notify selectors message shouldn't
clear the selectors, it should just do nothing.
Signed-off-by: Christian Hopps <chopps@labn.net>
The events list is storing a `struct event *` allocated
as a MTYPE_TMP pointer, on shutdown ensure that it is
properly free'd up.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Fix the LYD_NEW_PATH_OUTPUT undeclared error to support the latest libyang v3.x version,
and also compatible with old version.
Signed-off-by: Lu Mao <lu.mao@molex.com>
When a whole distribute-list is deleted (can be done only using API),
all its children must be cleaned up manually.
Fixes#16538
Signed-off-by: Igor Ryzhov <idryzhov@gmail.com>
vtysh will print out the `stupidly large FD limit` upon
every run of the program if the ulimit is set stupidly
large. Prevent this from being displayed for vtysh.
Fixes: #16516
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Store a parsed and built graph of the CLI nodes in vtysh, rather than
parsing and building that graph every time vtysh starts up.
This provides a 3x to 5x reduction in vtysh startup overhead:
`vtysh -c 'configure' -c 'interface lo' -c 'do show version'`
- before: 92.9M cycles, 1114 samples
- after: 16.5M cycles, 330 samples
This improvement is particularly visible for users scripting `vtysh -c`
calls, which notably includes topotests.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
There is entirely no point to these being conditional. And pull them up
so the upcoming pre-parse code can work on a clean slate.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The command graph has its tail end nodes pointing at the
`struct cmd_element` rather than a `struct cmd_token`. This is a bit
weird to begin with, but becomes very annoying for the python bindings
where there is just no `struct cmd_element`.
Create a `CMD_ELEMENT_TKN` type for `cmd_token` instead, and replace the
tail end token in the python bindings with an instance of that.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
