New config functionality:
r1# conf
r1(config)# router isis 1
r1(config-router)# log-
log-adjacency-changes Log changes in adjacency state
log-pdu-drops Log any dropped PDUs
r1(config-router)# log-pdu-drops
r1(config-router)# end
Signed-off-by: Isabella de Leon <ideleon@microsoft.com>
It's not allowed to install routes with zero distance, let's disallow this
for route-maps as well.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
The following command is not working:
> (routemap) set aggregator as ASNUM A.B.C.D
Since "aggregator-asn" has already supported asdot,
fixed it with new yang type. Extra ASN validation
(leading zeroes for instance) are done in the validate
hook of the yang leaf.
Signed-off-by: anlan_cs <vic.lan@pica8.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
New config and show functionality:
r1# conf
r1(config)# router isis 1
r1(config-router)#
advertise-high-metrics Advertise high metric value on all interfaces
area-password Configure the authentication password for an area
...
r1(config-router)# advertise-high-metrics
r1(config-router)# end
r1# show isis summary
...
Area 1:
Net: 49.0001.1720.1700.0002.00
TX counters per PDU type:
L2 IIH: 1
P2P IIH: 36
LSP RXMT: 0
RX counters per PDU type:
Advertise high metrics: Enabled
Level-2:
...
r1# conf
r1(config)# router isis 1
r1(config-router)# no advertise-high-metrics
r1(config-router)# end
r1# show isis summary
...
Area 1:
Net: 49.0001.1720.1700.0002.00
TX counters per PDU type:
L2 IIH: 1
P2P IIH: 45
LSP RXMT: 0
RX counters per PDU type:
Advertise high metrics: Disabled
Level-2:
...
r1#
Signed-off-by: Isabella de Leon <ideleon@microsoft.com>
New configuration to pad ISIS hello packets during adjacency formation only.
Signed-off-by: Diogo Oliveira <14191454+dorDiogo@users.noreply.github.com>
Add the support of Extended Admin-Group (RFC7308) to the zebra interface
link-params Traffic-Engineering context.
Extended admin-groups can be configured with the affinity-map:
> affinity-map blue bit-position 221
> int eth-rt1
> link-params
> affinity blue
> exit-link-params
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Some route-distinguisher notation is not supported today.
route-map rmap permit 1
match evpn rd 1.1:1
match evpn rd 0.65000:1
!
Add support for this.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Some route-distinguisher combinations were not possible under
route-maps:
route-map rmap permit 1
match evpn rd 65540:44
match evpn rd 1.2.3.4:44
match evpn rd 2000000:44
Do not use the ietf definition for route-distinguisher by overriding
a new definition in bgp-route-map.yang itself. When the BGP northbound
API will be done, this route-distinguisher definition will have to
be used too.
Fixes: ("48cb7ea99d10") bgpd: North-bound implementation for bgp rmaps
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Add the affinity-map global command to zebra. The syntax is:
> affinity-map NAME bit-position (0-1023)
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
YANG files get to keep their license boilerplate in addition to the SPDX
header, since they are likely to be copied around individually.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The files converted in this commit either had some random misspelling or
formatting weirdness that made them escape automated replacement, or
have a particularly "weird" licensing setup (e.g. dual-licensed.)
This also marks a bunch of "public domain" files as SPDX License "NONE".
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Parallel build may be executing another copy of embedmodel.py at the
same time, with both getting "False" on the isdir check, and then both
trying to mkdir - one of which will error out.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Define a generic BFD monitoring group template and use it to add support
for static route monitoring.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
This commit adds a new option to control whether a VRRPv3 group
accepts / computes its checksum with a prepended IPv4 pseudoheader.
This should improve interoperability with other devices.
Signed-off-by: Siger Yang <siger.yang@outlook.com>
Before:
r1# conf
r1(config)# router isis <area-tag>
r1(config-router)# set-overload-bit
<cr>
r1(config-router)# end
After:
r1# conf
r1(config)# router isis <area-tag>
r1(config-router)# set-overload-bit
<cr>
on-startup Set overload bit on startup
r1(config-router)# set-overload-bit on-startup
(0-86400) Set overload time in seconds
r1(config-router)# set-overload-bit on-startup 300
r1(config-router)# end
Signed-off-by: Isabella de Leon <ideleon@microsoft.com>
When a route imported from l3vpn is analysed, the nexthop from default
VRF is looked up against a valid MPLS path. Generally, this is done on
backbones with a MPLS signalisation transport layer like LDP. Generally,
the BGP connection is multiple hops away. That scenario is already
working.
There is case where it is possible to run L3VPN over GRE interfaces, and
where there is no LSP path over that GRE interface: GRE is just here to
tunnel MPLS traffic. On that case, the nexthop given in the path does not
have MPLS path, but should be authorized to convey MPLS traffic provided
that the user permits it via a configuration command.
That commit introduces a new command that can be activated in route-map:
> set l3vpn next-hop encapsulation gre
That command authorizes the nexthop tracking engine to accept paths that
o have a GRE interface as output, independently of the presence of an LSP
path or not.
A configuration example is given below. When bgp incoming vpnv4 updates
are received, the nexthop of NLRI is 192.168.0.2. Based on nexthop
tracking service from zebra, BGP knows that the output interface to reach
192.168.0.2 is r1-gre0. Because that interface is not MPLS based, but is
a GRE tunnel, then the update will be using that nexthop to be installed.
interface r1-gre0
ip address 192.168.0.1/24
exit
router bgp 65500
bgp router-id 1.1.1.1
neighbor 192.168.0.2 remote-as 65500
!
address-family ipv4 unicast
no neighbor 192.168.0.2 activate
exit-address-family
!
address-family ipv4 vpn
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 route-map rmap in
exit-address-family
exit
!
router bgp 65500 vrf vrf1
bgp router-id 1.1.1.1
no bgp network import-check
!
address-family ipv4 unicast
network 10.201.0.0/24
redistribute connected
label vpn export 101
rd vpn export 444:1
rt vpn both 52:100
export vpn
import vpn
exit-address-family
exit
!
route-map rmap permit 1
set l3vpn next-hop encapsulation gre
exit
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Add an ability to match via route-maps. An additional route-map command
`match rpki-extcommunity <invalid|notfound|valid>` added.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Only the multi-topology command can use 'ipv4-unicast' keyword to
configure standard topology.
The remaining code: dump from show commands, and yang definition,
uses 'standard' keyword instead.
The test have not been modified. The change would consists in
modifying test_fuzz_isis_tlv_tests.h.gz:
- replacing ipv4-unicast occurences with standard
\x69\x70\x76\x34\x2d\x75\x6e\x69\x63\x61\x73\x74
with
\x73\x74\x61\x6e\x64\x61\x72\x64
- align the buffer length by removing 4 bytes per occurence
Instead, a specific isis_mtid2str_fake() routing has been
put in place in isis_tlvs.c file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The pattern defined for ipv6-multicast-group-prefix is wrong.
This is leading to mismatch for all the valid ipv6 multicast
addresses.
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
A few optimizations for bfd NB:
- Remove unuseful checks for parameters with the same values
- Replace checking values of bfd parameters with YANG's "range"
- Append "required-echo-receive-interval" with 0 for it can be disabled
Signed-off-by: anlan_cs <vic.lan@pica8.com>
Just like other parameters of bfd, "minimum-ttl" should also have
a default value. Parameters with default value will not be displayed
in running configuration.
Additionly adjust the other "range" with double quotation marks.
Signed-off-by: anlan_cs <vic.lan@pica8.com>
Renamed frr-igmp.yang to frr-gmp.yang, igmp to gmp container.
to support IGMP and MLD protocol.
frr-gmp.yang, created a list of address family under mgmd
container. For PIMV4 the key is IPV4, where as for PIMV6
the key is IPV6. This is done for PIMV6 development.
This commit will have all the northbound changes to support
IPV4 address family.
Signed-off-by: sarita patra <saritap@vmware.com>
frr-pim.yang, created a list of address family under pim
container. For PIMV4 the key is IPV4, where as for PIMV6
the key is IPV6. This is done for PIMV6 development.
This commit will have all the northbound changes to support
IPV4 address family.
Signed-off-by: sarita patra <saritap@vmware.com>
Add Link State TED features to isis_te.c and new CLI to export LS TED and
show LS TED to IS-IS.
IS-IS LSPs are parse each time a new LSP event occurs in order to update
accordingly the Link State Traffic Engineering Database. LS TED could be
exported through the ZAPI Opaque message (see sharpd as example).
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
- Add advertisement of Global IPv6 address in IIH pdu
- Add new CLI to set IPv6 Router ID
- Add advertisement of IPv6 Router ID
- Correctly advertise IPv6 local and neighbor addresses in Extended IS and MT
Reachability TLVs
- Correct output of Neighbor IPv6 address in 'show isis database detail'
- Manage IPv6 addresses advertisement and corresponiding Adjacency SID when
IS-IS is not using Multi-Topology by introducing a new ISIS_MT_DISABLE
value for mtid (== 4096 i.e. first reserved flag set to 1)
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This is needed for the following two reasons:
1. To be able to remove the northbound HACK in if_update_to_new_vrf. It
is totally wrong to rewrite the configuration datastore when some
operational state changes. It is a hard blocker for storing a
configuration data in a management daemon which knows nothing about
the operational state.
2. To allow changing the VRF of the interface using FRR CLI or any other
frontend in the future. If the VRF is a part of the key, it can't be
changed. If the VRF is a simple leaf, it becomes possible to change
it and thus move the interface between VRFs. For now I mark the leaf
as a "config false" as it's not yet possible to control it from FRR.
But we can't simply remove the VRF from the key, because it is needed to
distinguish interfaces when using netns based VRFs, as it is possible to
have multiple interfaces with the same name in different namespaces. To
handle this, I came up with an idea to store both VRF and an interface
name in the "name" leaf using the pattern "vrfname:ifname". For example,
if there's an interface "eth0" in VRF "red" then its "name" leaf will be
"red:eth0".
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
No functional difference, but `length "0"` is more comprehensible.
Suggested-by: Christian Hopps <chopps@labn.net>
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
While defaults are good picks for "reasonable" guesses, min and max
range values really aren't. Operators and experimenters often like to
configure "unreasonable" values to stress test, tests boundary
conditions and explore innovations.
With that in mind, change all ranges to 1..max (of type).
While we're here add optional ignored values in the "no" CLI forms.
Signed-off-by: Christian Hopps <chopps@labn.net>
The code assumes that these leafs always exist when their complementary
leafs exist. For example, when processing `ipv4-exact-match`, the code
always expects to have access to `ipv4-prefix`. If those leafs are not
provided, code crashes. It doesn't happen when using the CLI because it
always does the right thing, but it can happen when using other
frontends.
Also fix incorrect description for prefix-list sequence leaf.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Allow the join-prune interval to be as small as 5 seconds instead
of limiting the value to 60.
This can and will come at a price of being able to converge less
mroutes.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Will be handy to filter BGP prefixes by using BGP community alias
instead of numerical community values.
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
Making the interface holdtime range to 3.5 times the hello-time
As per 7761, Section 4.11:
The Holdtime in a Hello message should be set to
(3.5 * Hello_Period), giving a default value of 105 seconds.
Therefore providing the user also to configure max upto 3.5 times
the hello timer interval.
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
Make the source address mandatory since it doesn't work without it. The
CLI already mandated it before so it makes sense to change this here as
well.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
- Add following set clause for route-maps
"set evpn gateway-ip <ipv4|ipv6 >A.B.C.D|X:X::X:X"
- When this route-map is applied as outboubd policy in BGP, it will set the
gateway-ip in BGP attribute For EVPN type-5 routes.
Example configuration:
route-map RMAP-EVPN_GWIP permit 5
set evpn gateway-ip ipv4 50.0.2.12
set evpn gateway-ip ipv6 50:0:2::12
router bgp 101
bgp router-id 10.100.0.1
neighbor 10.0.1.2 remote-as 102
!
address-family l2vpn evpn
neighbor 10.0.1.2 activate
neighbor 10.0.1.2 route-map RMAP-EVPN_GWIP out
advertise-all-vni
exit-address-family
Signed-off-by: Ameya Dharkar <adharkar@vmware.com>
The default for extended-nexthop-capability is true for
unnumbered (interface) neighbors, false for other types. Break the inner
grouping out of the outer neighbor-parameters grouping so that we can
refine the default in that uses case.
Signed-off-by: Christian Hopps <chopps@gmail.com>
Fix many of the commands in the `address-family ipv4 multicast` to use
the proper type to avoid wrong YANG model validation failures.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
The leaf is called "no-replace-as" in the model but is used reversed in
all the code. Let's rename it to comply with the actual behavior.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Compile with v2.0.0 tag of `libyang2` branch of:
https://github.com/CESNET/libyang
staticd init load time of 10k routes now 6s vs ly1 time of 150s
Signed-off-by: Christian Hopps <chopps@labn.net>
- Explicit segment list nai will be resolved to corresponded sid.
- Dynamic segment list (from pce) will be validated.
- If segment list could not be resolved or validated won't be used.
- Now this new config is supported
segment-list sl-1
index 10 nai prefix 10.1.2.1/32 iface 1
index 30 nai adjacency 10.2.5.2 10.2.5.5
index 40 nai prefix 10.10.10.5/32 algorithm 0
Signed-off-by: Javier Garcia <javier.garcia@voltanet.io>
The current implementation of TI-LFA computes link-protecting
repair paths (even when node protection is enabled) to have repair
paths to all destinations when no node-protecting repair has been
found. This may be desired or not. E.g. the link-protecting paths
may use the protected node and be, therefore, useless if the node
fails. Also, computing link-protecting repairs incurs extra
calculations.
With this patch, when node protection is enabled, link protecting
repair paths are only computed if "link-fallback" is specified in
the configuration, on a per interface and IS-IS level.
Signed-off-by: Fredi Raspall <fredi@voltanet.io>
YANG model and CLI commands allow user to configure LDP-sync per area.
But the actual implementation is incorrect - all commands are changing
the config for the whole VRF instead of a single area. This commit fixes
this issue by actually implementing per area configuration.
Fixes#8578.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
increase the maximum number of neighbors in a bgp group.
Set the maximum value to 50000 instead of 5000.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This commit includes the following:
1) Modifications to the frr-route-map.yang to enable addition of
bgpd, ospfd, ospf6d and zebra specific route map match/set clauses.
2) Yang definitions for bgpd match/set clauses.
3) Yang definitions for ospfd and ospf6d match/set clauses.
4) Yang definitions for zebra match/set clauses.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
Signed-off-by: Sarita Patra <saritap@vmware.com>
Also included display of hold time in CLI 'show ip pim int <intf>' cmd
and json commands.
Issue:
PIM neighbor not coming up if hold time is less than hello timer
since hello is sent every 4 sec and hold is 1 sec,
because of this nbr is flapping
Fix:
Do not allow configuration of hold timer less than hello timer
Also reset the value of hold timer to 3.5 times to hello whenever
only hello is modified so that the relationship holds good.
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
Currently there is a single interval for both RX and TX echo functions.
This commit introduces separate RX and TX timers for echo packets.
The main advantage is to be able to set the receive interval to zero
when we don't want to receive echo packets from the remote system.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Zebra routing tables are not controlled by the user and can not be
created/deleted manually. Current NB create/destroy callbacks are
incorrectly implemented because instead of creating/deleting the RIB
they are only checking for it's existence. YANG model should reflect
the real situation.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Current behavior is inconsistent. When the session is created by another
daemon, it is up by default. When we later configure peer in bfdd, the
session is still up, but the NB layer thinks that it is down.
More than that, even when the session is created in bfdd using peer
command, it is created in DOWN state, not ADM_DOWN. And it actually
starts sending and receiving packets. The sessions is marked with
SHUTDOWN flag only when we try to reconfigure some parameter. This
behavior is also very unexpected.
Fixes#7780.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
when changing both ranges at the same time the order of the commands
matters, as we need to make sure that the intermediate state is valid.
This represents a problem when pushing configuration via frr-reload.
To fix this, the global-block command was extended to optionally
allow setting the local-block range as well. The local-block command
is deprecated with a 1-year notice.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
Remove when statements from prefix-list yang OM,
and do the same check in frr validation phase.
This helps a bit in perfomance of prefix-lists
scale config.
Ticket:CM-32035
Reviewed By:CCR-11096
Testing Done:
Signed-off-by: Chirag Shah <chirag@nvidia.com>
The purpose of the Attach-bit is to accomplish inter-area routing. In other
venders, the Attached-bit is automatically set when a router is configured
as a L1|L2 router and has two adjacencies. When a L1 router receives a LSP
with the Attached-bit set it is supposed to create a default route pointing
toward the neighbor to provide a default path out of the L1 area.
ISIS implementation has been fixed to support the above definition:
Setting the Attach-bit is now the default behavior and we allow the user to
turn it off.
We will only set the Default Attach-bit when creating a L1 LSP, if we are
a L1|L2 router and have a L2 adjacency up.
When a L1 router receives a LSP with the Attach-bit set, we will create a
default route pointing to the L1|L2 router as the nexthop.
The default route will be removed if the LSP is received with the Attach-bit
cleared.
Signed-off-by: Lynne Morrison <lynne@voltanet.io>
Remove when conditions from the yang OM as it degrades
the performance in libyang.
Instead do the same when conditional check in frr northbound
validate phase. Reject the config if condiion do not meet.
Ticket:CM-32530
Testing Done:
Co-developed-by: VishalDhingra <vdhingra@vmware.com>
Signed-off-by: Chirag Shah <chirag@nvidia.com>
modified the yang model for path-list.
table-id should be a key, as one route can have
multiple table-ids.
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
This new daemon manages Segment-Routing Traffic-Engineering
(SR-TE) Policies and installs them into zebra. It provides
the usual yang support and vtysh commands to define or change
SR-TE Policies.
In a nutshell SR-TE Policies provide the possibility to steer
traffic through a (possibly dynamic) list of Segment Routing
segments to the endpoint of the policy. This list of segments
is part of a Candidate Path which again belongs to the SR-TE
Policy. SR-TE Policies are uniquely identified by their color
and endpoint. The color can be used to e.g. match BGP
communities on incoming traffic.
There can be multiple Candidate Paths for a single
policy, the active Candidate Path is chosen according to
certain conditions of which the most important is its
preference. Candidate Paths can be explicit (fixed list of
segments) or dynamic (list of segment comes from e.g. PCEP, see
below).
Configuration example:
segment-routing
traffic-eng
segment-list SL
index 10 mpls label 1111
index 20 mpls label 2222
!
policy color 4 endpoint 10.10.10.4
name POL4
binding-sid 104
candidate-path preference 100 name exp explicit segment-list SL
candidate-path preference 200 name dyn dynamic
!
!
!
There is an important connection between dynamic Candidate
Paths and the overall topic of Path Computation. Later on for
pathd a dynamic module will be introduced that is capable
of communicating via the PCEP protocol with a PCE (Path
Computation Element) which again is capable of calculating
paths according to its local TED (Traffic Engineering Database).
This dynamic module will be able to inject the mentioned
dynamic Candidate Paths into pathd based on calculated paths
from a PCE.
https://tools.ietf.org/html/draft-ietf-spring-segment-routing-policy-06
Co-authored-by: Sebastien Merle <sebastien@netdef.org>
Co-authored-by: Renato Westphal <renato@opensourcerouting.org>
Co-authored-by: GalaxyGorilla <sascha@netdef.org>
Co-authored-by: Emanuele Di Pascale <emanuele@voltanet.io>
Signed-off-by: Sebastien Merle <sebastien@netdef.org>
Reference: https://www.cmand.org/communityexploration
--y2--
/ | \
c1 ---- x1 ---- y1 | z1
\ | /
--y3--
1. z1 announces 192.168.255.254/32 to y2, y3.
2. y2 and y3 tags this prefix at ingress with appropriate
communities 65004:2 (y2) and 65004:3 (y3).
3. x1 filters all communities at the egress to c1.
4. Shutdown the link between y1 and y2.
5. y1 will generate a BGP UPDATE message regarding the next-hop change.
6. x1 will generate a BGP UPDATE message regarding community change.
To avoid sending duplicate BGP UPDATE messages we should make sure
we send only actual route updates. In this example, x1 will skip
BGP UPDATE to c1 because the actual route is the same
(filtered communities - nothing changes).
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
shorten prefix-limit's option name in yang model.
change restart timer to uint16.
Stubbed northbound callbacks with above changes.
Signed-off-by: Chirag Shah <chirag@nvidia.com>
Add the "n-flag-clear" option to the "segment-routing prefix"
command. The only thing that option does is to clear the node
flag of the Prefix-SID, even if it corresponds to a local loopback
address. No changes are necessary other than that in order to fully
support Anycast-SIDs. isisd already supports multiple routers
advertising the same route with the same Prefix-SID after the recent
refactoring. Clearing the node flag for such anycast routes isn't
strictly required, but failure to do so can lead to problems like
TI-LFA picking the wrong Prefix-SID when calculating repair paths.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Fix the following libyang error when trying to load the "frr-nexthop"
module explicitly (e.g. using the 'gen_northbound_callbacks' tool):
libyang: A circular chain of leafrefs detected. (/frr-nexthop:frr-nexthop-group/nexthop-groups/name)
libyang: Invalid value "frr-nexthop-grouping" of "uses". (/frr-nexthop:frr-nexthop-group/frr-nexthop-grouping)
libyang: Copying data from grouping failed. (/frr-nexthop:frr-nexthop-group/frr-nexthop-grouping)
libyang: Module "frr-nexthop" parsing failed.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Don't attempt to put the wildcard information into a 1 byte field
otherwise we'll lose information.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
move `router bgp` nb callback at `bgp` node level
to have access to bgp context at neighbor and peer-group
level and align create/destroy callbacks call during
no router bgp.
Earlier `no router bgp` is performed first global destroy
callback is called which essentially removes `bgp context`
then it calls to remove (parallel nodes) neighbor and peer-group
which does not have access to bgp context.
Moving router bgp at bgp solves this destroy callback ordering issue.
Signed-off-by: Chirag Shah <chirag@nvidia.com>
The "set metric" command wasn't processing metric additions and
subtractions (using + and -) correctly. Fix those problems.
Also, remove the "+metric" and "-metric" options since they don't
work and don't make any sense (they could be interpreted as unitary
increments/decrements but that was never supported).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
1. Added isis with different vrf and it's dependecies.
2. Added new vrf leaf in yang.
3. A minor change for IF_DOWN_FROM_Z passing argrument is
replaced with ifp pointer in api "isis_if_delete_hook()".
4. Minor fix in the isisd spf unit test.
Co-authored-by: Kaushik <kaushik@niralnetworks.com>"
Signed-off-by: harios_niral <hari@niralnetworks.com>
The extended value must be a part of the cisco choice otherwise it will
be possible to create a destination only part which will cause a crash
when trying to access the assumed mandatory source.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
OSPFD sends ARP proactively to speed up convergence for /32 networks
on a p2p connection. It is only an optimization, so it can be disabled.
It is enabled by default.
Signed-off-by: Jakub Urbańczyk <xthaid@gmail.com>
Yang files for bgpd to use northbound APIs
Co-authored-by: Santosh P K <sapk@vmware.com>
Co-authored-by: vishaldhingra <vdhingra@vmware.com>
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
Configuration example:
ip route 9.9.9.9/32 6.6.6.6 color 123
The SR Policy to be chosen is uniquely identified by the policy
endpoint (6.6.6.6) and the SR-TE color (123). Traffic will be
augmented with an MPLS label stack according to the active
candidate path of that particular policy.
Co-authored-by: GalaxyGorilla <sascha@netdef.org>
Signed-off-by: Sebastien Merle <sebastien@netdef.org>
It's time to say good bye to libyang 0.16.105. The recently
released libyang 1.0.184 includes numerous bug fixes and performance
improvements that we need.
Despite the major version bump from 0.x to 1.x, the libyang API is
the same except for a single backward-incompatible change in the
user types interface (which we're currently not using). Hence no
code changes were necessary to adapt FRR to libyang 1.x.
This commit also reintroduces some leafrefs that needed to be
removed from our YANG modules due to a bug that was present on
libyang 0.16.105.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Initial version of OSPF configuration Yang.
Raised new PR with review comment fixes on top of PR
https://github.com/FRRouting/frr/pull/6055
Revision History:
1. Fixed review comments.
2. Removed ospf list with id as key, name can be used as key
3. Corrected the alignment
Co-authored-by : Santosh P K <sapk@vmware.com>
Co-authored-by : Mobashshera Rasool <mrasool@vmware.com>
Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
BGP Yang is using sub modules and at present FRR is not processing
submodules in embedded framework yang
Signed-off-by: VishalDhingra <vdhingra@vmware.com>
Move pim and igmp yang files registery to appropriate makefiles.
In yang directory makefile move under `PIMD`
Remove pimd yang files from library makefile instead move them
to pimd makefile.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Merge the cisco style access list with zebra's logic so we can mix both
types of rules while keeping the commands.
With this the cisco style limitation of having 'destination-*' only for
specific number ranges no longer exist for users of YANG/northbound (the
CLI still has this limitation).
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
To address the ip mroute command there is a need to add
safi as a key. So adding the afi-safi-type identityref
as a key.
Signed-off-by: VishalDhingra <vdhingra@vmware.com>
staticd yang has been modified to support below use cases
1. src-table for IPV6 address family.
2. distance,tag and table-id would be the key for a given prefix.
Signed-off-by: VishalDhingra <vdhingra@vmware.com>
BFD profiles can now be used on the interface level like this:
interface eth1
ip router isis 1
isis bfd
isis bfd profile default
Here the 'default' profile needs to be specified as usual in the
bfdd configuration.
Signed-off-by: GalaxyGorilla <sascha@netdef.org>
Segment Routing Local Block (SRLB) is part of RFC8667. This change introduces
the possibility for isisd to advertize SRLB in LSP. Base and Range of SRLB
could be configured through CLI or Yang.
Adjacency-SID are now using this SRLB for label allocation. SRLB could also
be used for SID-Binding (e.g. LDP to SR).
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Separate out nexthop config and operational models.
nexthop-group config model has list of nexthop-groups
where else operational nexthop group is single entity
underneath list of nexthops.
The common code is fectored into grouping to use among
config and operational model.
nexthop operational model caters to RIB operational model.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Changes:
- Use `description` on CLI but `remark` on YANG like access-list (also
because `description` is a reserved word).
- Rename YANG model field and northbound code.
- Fix wrong sequence type get.
- Fix wrong action XPath in action callback.
- Fix wrong concat in (ipv6|mac) access-list.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Important changes:
* Limit the access-list name length according to header definition;
* Add another list (sequence) inside instances to avoid repeated fields;
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Allow sessions to use BFD profile configurations instead of having to
clone the configuration per peer.
If using a profile and setting a peer configuration, the peer
configuration will take precedence over the profile.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Now that the "frr-interface" list has a "state" container, move the
IS-IS interface state nodes underneath it using a new augmentation.
Also, update the IS-IS SR topotest to account for this change. Make
use of symlinks where possible to avoid having multiple files with
the same content.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
This commit implements:
RIB operational list create/destroy.
Walk over RIB tables using keys.
The first RIB table will be IPV4/unicast (table-id 254)
will be fetched.
Create a new api to fetch RIB table based on
afi-safi and table id as the keys.
remove mandatory true statement from the leaf which
is part of the list key.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Most definitions were borrowed from the IETF IS-IS SR YANG module,
with a few adaptations. Of particular notice are the following:
* No support for the configuration of multiple SRGBs.
* No distinction between local and connected Prefix-SIDs, both are
configured the same way.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
add weight field to operational model.
add leafref to nexthopgroup.
format according to yanglint.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Defined frr-igmp.yang file for IGMP protocol.
Co-authored-by: Sarita Patra <saritap@vmware.com>
Co-authored-by: Santosh P K <sapk@vmware.com>
Signed-off-by: Sarita Patra <saritap@vmware.com>
Grouping is referencing leaves outside the grouping
from where it is used. Removing it and defining leaves
at the used place.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Unable to access interface command:
root@bharat:~/stash/libyang/build# dpkg-query -W | grep libyang
libyang-dev 0.16.105-3~ubuntu18.04.1
libyang0.16 0.16.105-3~ubuntu18.04.1
root@bharat:~/stash/libyang/build# vtysh
bharat# config t
bharat(config)# interface lo
% Configuration failed: validation error.
Please check the logs for more details.
Logfile:
2020/03/21 16:48:55 ZEBRA: libyang: Leafref
"/frr-vrf:lib/frr-vrf:vrf/frr-vrf:name" of value "default"
points to a non-existing leaf.
(/frr-interface:lib/interface[name='lo'][vrf='default']/vrf)
2020/03/21 16:48:55 ZEBRA: [EC 100663337]
nb_candidate_commit_prepare: failed to validate
candidate configuration
CI system failure:
2020/03/21 18:53:18 ZEBRA: libyang: Leafref
"/frr-vrf:lib/frr-vrf:vrf/frr-vrf:name" of value "default"
points to a non-existing leaf.
(/frr-interface:lib/interface[name='r1-eth0'][vrf='default']/vrf)
2020/03/21 18:53:18 ZEBRA: [EC 100663337] nb_candidate_commit_prepare:
failed to validate candidate configuration
2020/03/21 18:53:18 ZEBRA: libyang: Leafref
"/frr-vrf:lib/frr-vrf:vrf/frr-vrf:name" of value "default"
points to a non-existing leaf.
(/frr-interface:lib/interface[name='r1-eth1'][vrf='default']/vrf)
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Yang files for basic frr-routing used by other
daemons like staticd and pim
Co-authored-by: Santosh P K <sapk@vmware.com>
Co-authored-by: vishaldhingra <vdhingra@vmware.com>
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
Yang files for staticd to use northbound APIs
Co-authored-by: Santosh P K <sapk@vmware.com>
Co-authored-by: vishaldhingra <vdhingra@vmware.com>
Signed-off-by: vishaldhingra <vdhingra@vmware.com>
A common nexthop and group nexthop yang data model
for all protocols in FRR.
Co-authored-by: Santosh P K <sapk@vmware.com>
Co-authored-by: Vishaldhingra <vdhingra@vmware.com>
Signed-off-by: Santosh P K <sapk@vmware.com>
Temporarily change the interface types in rip and ripng to
strings to allow us to work, since the yang uplift to 1.0
is proving difficult.
Signed-off-by: Donald Sharp sharpd@cumulusnetworks.com>
Yang constraints enforced by the northbound callbacks require that
the maximum lifetime be >= than (refresh interval + 300). When we are
moving from one config to another through frr-reload.py, we issue
a number of vtysh -c commands ('no lsp-refresh-interval level-1 500',
'no max-lsp-lifetime level-1 1000'), which reset these parameters to their
default values, respectively 900 and 1200. Depending on the actual
values in the current config, the order in which these commands are sent
might be the wrong one, in that we hit an invalid intermediate state and
make vtysh (and by extension frr-reload.py) return an error.
As a workaround, let's add a one-liner command that sets all these
inter-related parameters in one go, and make isisd display them as a
single line too, so that the diff will be computed as a single command.
The old individual commands are kept to ensure backwards compatibility.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
* Extend the route map yang model to have zebra enumerations;
* Add zebra route map specific match/set values;
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
This new type will be used by zebra route map match command which is IP
version agnostic.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
This fixes a warning on daemons that use route map about filter yang
model not being included in the binary.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Based on the route map old CLI, implement the route map handling using
the exported functions.
Use a curry-like programming pattern avoid code repetition when
destroying match/set entries. This is needed by other daemons that
implement custom route map functions and need to pass to lib their
specific destroy functions.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Important changes:
* Rename top container `route-map` to `lib`;
* Rename list `instance` to `route-map`;
* Move route map repeated data to list `entry`;
* Use interface reference instead of typedef'ed string;
* Remove some zebra specific route map conditions;
* Protect `tag` set value with `when "./action = 'tag'"`;
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Currently isisd has this strange (legacy) behavior where the
first area is created by default with level-1-2, while every
other subsequent area uses the default defined in the yang model,
which is level-1. This is a source of confusion when trying to
configure the daemon programatically, either with frr-reload
or using the transactional cli. Given how rare having multiple
IS-IS instances is anyway, the easiest solution is to remove
this behavior and default to level-1-2 for every area.
Note that this does not affect fabricd, which continues using
exclusively level-2-only areas.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
- Use correct units and conversions in model & code
- Fix incorrect CLI help string for V6 virtual addrs
- Fix nb get-entry callback for virtual router
- Fix a couple style nits
- Simplify some CLI code
- Remove unused code
- Remove unused YANG definitions
- Update sighup() to handle reloads
- Update interface level config writer to use NB callbacks
- Add simplified `no` forms for priority and advertisement-interval
commands
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
- Move virtual address configs to be under the version specific (v4/v6)
nodes
- Add lots of operdata
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
This adds support for VRRPv2 to the VRRP YANG model, which entails the
following changes:
- Add a version leaf with a default of 3
- Split v4 and v6 vritual addresses into separate lists, with
constraints on v6 addresses to only exist when the version is 3
General improvements:
- Remove unused config groupings
- Add administrative shutdown leaf
- Split state reporting into v4 and v6 blocks, since these are
considered separate virtual routers
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Adapted from OpenConfig. Changes:
- Interface tracking commented out (unsupported)
- Preemption delay commented out (unsupported)
- Accept_Mode default changed to 'true'
Also linted and stylized.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Add range to few of the string nodes
(including vrf, iptable names)
Use interface reference instead of interface string.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Adding ietf routing types yang module to makefile
lib: Adding this yang module to common place
so it can be accessed from all frr modules.
Signed-off-by: Chirag Shah <chirag@cumulusnetworks.com>
Add a yang model for some of zebra's functionality,
but the model is not integrated into the build at all yet. Also
add a model for nexthop and nexthop-group.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
The new "event-counters" grouping is almost a 1:1 copy of the same
grouping from the IETF IS-IS module, except for the "lan-dis-changes"
leaf which was skipped (more work needs to be done to support it).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The new "adjacency-state" grouping is almost a 1:1 copy of the
same grouping from the IETF IS-IS module, except for the "usage"
and "lastuptime" leafs that were skipped (more work needs to be
done to support those).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Do this to better separate config data from state data (coming in
the next commits) like done in the IETF IS-IS module.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
We had wrappers for IPv4 and IPv6 prefixes, but not for IP (version
agnostic) prefixes. This commit addresses this issue.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Instead of copy-pasting a 16 character string type for use as an
interface reference, create a new typedef that leafref's the name node
of an interface. This way the constraints change with the constraints on
an interface name itself, and it's self documenting.
Incidentally ripd and ripngd forgot the 16 character constraint in their
offset-list configs and IS-IS forgot it entirely, so this also fixes
minor bugs.
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Debian packaging when run finds a bunch of spelling errors:
I: frr: spelling-error-in-binary usr/bin/vtysh occurences occurrences
I: frr: spelling-error-in-binary usr/lib/frr/bfdd Amount of times Number of times
I: frr: spelling-error-in-binary usr/lib/frr/bgpd occurences occurrences
I: frr: spelling-error-in-binary usr/lib/frr/bgpd recieved received
I: frr: spelling-error-in-binary usr/lib/frr/isisd betweeen between
I: frr: spelling-error-in-binary usr/lib/frr/ospf6d Infomation Information
I: frr: spelling-error-in-binary usr/lib/frr/ospfd missmatch mismatch
I: frr: spelling-error-in-binary usr/lib/frr/pimd bootsrap bootstrap
I: frr: spelling-error-in-binary usr/lib/frr/pimd Unknwon Unknown
I: frr: spelling-error-in-binary usr/lib/frr/zebra Requsted Requested
I: frr: spelling-error-in-binary usr/lib/frr/zebra uknown unknown
I: frr: spelling-error-in-binary usr/lib/x86_64-linux-gnu/frr/libfrr.so.0.0.0 overriden overridden
This commit fixes all of them except the bgp `recieved` issue due to
it being part of json output. That one will need to go through
a deprecation cycle.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Move all configuration commands to the new CLI code (`eigrp_cli.c`),
implement the northbound and do all the necessary wiring to get it
working.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
In order to keep compatibility with the initial CLI, the enumeration
name for sha2 was changed. No CLI code workarounds required.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
Based on @rwestphal feedback, lets remove `case`s where we don't expect
to add more items or items with more than one `leaf`.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
