The `rib_update_handle_kernel_route_down_possibility()` didn't consider
the kernel routes ( blackhole ) without interface. When some other
interfaces are down, these kernel routes will be wrongly removed.
Signed-off-by: anlan_cs <anlan_cs@126.com>
Currently the code to check to see if any input filters are
applicable is *before* the RFC 8212 check to see if we have
any filters at all. As such we have already tested for this,
so let's move this check for RFC 8212 to immediately before
the input filter test.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The nexthop reachability code was cut-n-pasted 2 times
with just a tiny bit of difference. If we ever change
that it becomes `fun` to keep them in sync. Since this
is more important than full on speed of code let's abstract
and get bgp_update() to be a bit easier to maintain.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The code is just arbitrarily checking to see if there are any
mac addresses associated with a prefix. This makes no
sense from the perspective that it can only happen as
an evpn route. Let's not make non-evpn people pay
the price to check this data.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
The variable is_loop_check is being set and then later
we test against it multiple times. Move the setting
of whether or not to check for as loops to where it
is tested against and stop testing it multiple times.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
In the interest of speeding up code, there is no point in
attempting to see if a label is usable if the number of labels
passed in is 0. Since that is a much much quicker test than
the bgp_is_valid_label() call, let's test that first.
Additionally, there is no point in walking the label[] array
passed in unless we are in the if statement, so move it inside.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
In bgp_update(), the two variables allowas_in and aspath_loop_count
are only used when peer->change_local_as is true. Move the retrieval
of the allowas_in data to inside the if statement to save some
(very) small amount of time in bgp_update not gathering this
data unless the particular peer has this set.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
memcmp will return and act exactly the same as in6addr_cmp
but it does it significantly faster than how in6addr_cmp
does it. Let this be a lesson for implementing something
that is a duplicate of what is provided by the c library.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
If we set router-id, e.g. `router-id x.x.x.x`, then we have:
```
pc.donatas.net# show ip ospf | include Router ID
OSPF Routing Process, Router ID: x.x.x.x
```
But once we remove it (`no router-id x.x.x.x`), the old router-id remains.
This is kinda OK, but to be consistent with OSPFv3 we should use what Zebra
already has, instead of retaining the old one.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
A new command is `ospf router-id ...`, but the old one is also valid. Just a no
form was missed.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Traceback (most recent call last):
File "/home/docs/checkouts/readthedocs.org/user_builds/frrouting/envs/latest/lib/python3.11/site-packages/sphinx/config.py", line 529, in eval_config_file
exec(code, namespace) # NoQA: S102
^^^^^^^^^^^^^^^^^^^^^
File "/home/docs/checkouts/readthedocs.org/user_builds/frrouting/checkouts/latest/doc/user/conf.py", line 77, in <module>
html_context["READTHEDOCS"] = True
^^^^^^^^^^^^
NameError: name 'html_context' is not defined
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Before this patch, if we set something like:
```
bgp extcommunity-list expanded 1234 permit admin
```
In running config we have:
```
bgp extcommunity-list 1234 seq 5 permit admin
```
That leads to incorrect rendering, even more the line can't be deleted.
With this fix we treat numbered community-list only if it's inside the range
1-500, otherwise it's a non-numbered clist.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Expanded the cli command to include an mrib flag for importing to
the main table MRIB instead of the main table URIB.
Piped through specifying the safi through the import table functions
rather than hardcoding to SAFI_UNICAST.
Import still only import routes from the URIB subtable, only added the
ability to import into the main table MRIB.
Signed-off-by: Nathan Bahr <nbahr@atcorp.com>
Our switch statements with a default value confuse
clang-sa 19. Make it happy. Just following David's
earlier commit.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Modified nhrp_connection_authorized(). Initially, when writing debug
information about incoming NHRP packets with authentication enabled,
the nhrp_connection_authorized() function would print the
passphrase of the incoming packet as if it were a null terminated
string. This meant that if the passphrase on the incoming packet
had non ASCII-complient bytes in it, it would attempt to print those
bytes anyway. There was also no check that the size of the passphrase in
the incoming packet matched the size of the passphrase on the interface.
The changes in this commit log the passphrase on the incoming packet as
well as the passphrase on interface in HEX to avoid issues with ASCII.
It also performs a check that accounts for the sizes of the two different
passphrases
Moved CISCO_PASS_LENGTH_LEN from nhrp_vty.c to nhrp_protocol.h
for easier access to the macro in other files
Signed-off-by: Joshua Muthii <jmuthii@labn.net>
Modified nhrp_topo topotest to test for newly added resolution
request retry feature. Changes to the topotest include adding a spoke to the
existing nhrp_topo topotest so that a topology with two spokes and hub
can be used to create shortcuts and test the sending/resending of
resolution requests and responses between spoke and hub. The resolution
request retry feature was tested by blocking incoming resolution requests on a
receiving nodes to stop the creation of a successful shortcut - which
then triggered the sending spoke to retry sending resolution requests
Signed-off-by: Joshua Muthii <jmuthii@labn.net>
In the case that the RLIMIT_CORE hard limit cannot
be raised on a system, do not fail due to an exception.
Instead, attempt to increase the soft limit to as large
a value as possible (e.g. to the set hard limit).
Signed-off-by: Liam Brady <lbrady@labn.net>
Currently the mroute code was not allowing the mroute
to be sent to the dataplane. This leaves us with a
situation where the routes being installed where never
being set as installed and additionally nht against
the mrib would not work if the route came into existence
after the nexthop tracking was asked for.
Turns out all the pieces where there to let this work.
Modify the code to pass it to the dplane and to send
it back up as having worked.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
