LSAcks (for directed acks) are being sent to neighbor's unicast address.
RFC 2328 says:
"The IP destination address for the packet is selected as
follows. On physical point-to-point networks, the IP
destination is always set to the address AllSPFRouters"
Fix is to unconditionally set the destination address for LSAcks over
point-to-point links as AllSPFRouters. Quagga OSPF already has similar
change for OSPF DBD, LSUpdate and LSrequest packets.
Signed-off-by: Vipin Kumar <vipin@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt@cumulusnetworks.com>
——————————————-------------
- etc/init.d/quagga is modified to support creating separate ospf daemon
process for each instance. Each individual instance is monitored by
watchquagga just like any protocol daemons.(requires initd-mi.patch).
- Vtysh is modified to able to connect to multiple daemons of the same
protocol (supported for OSPF only for now).
- ospfd is modified to remember the Instance-ID that its invoked with. For
the entire life of the process it caters to any command request that
matches that instance-ID (unless its a non instance specific command).
Routes/messages to zebra are tagged with instance-ID.
- zebra route/redistribute mechanisms are modified to work with
[protocol type + instance-id]
- bgpd now has ability to have multiple instance specific redistribution
for a protocol (OSPF only supported/tested for now).
- zlog ability to display instance-id besides the protocol/daemon name.
- Changes in other daemons are to because of the needed integration with
some of the modified APIs/routines. (Didn’t prefer replicating too many
separate instance specific APIs.)
- config/show/debug commands are modified to take instance-id argument
as appropriate.
Guidelines to start using multi-instance ospf
---------------------------------------------
The patch is backward compatible, i.e for any previous way of single ospf
deamon(router ospf <cr>) will continue to work as is, including all the
show commands etc.
To enable multiple instances, do the following:
1. service quagga stop
2. Modify /etc/quagga/daemons to add instance-ids of each desired
instance in the following format:
ospfd=“yes"
ospfd_instances="1,2,3"
assuming you want to enable 3 instances with those instance ids.
3. Create corresponding ospfd config files as ospfd-1.conf, ospfd-2.conf
and ospfd-3.conf.
4. service quagga start/restart
5. Verify that the deamons are started as expected. You should see
ospfd started with -n <instance-id> option.
ps –ef | grep quagga
With that /var/run/quagga/ should have ospfd-<instance-id>.pid and
ospfd-<instance-id>/vty to each instance.
6. vtysh to work with instances as you would with any other deamons.
7. Overall most quagga semantics are the same working with the instance
deamon, like it is for any other daemon.
NOTE:
To safeguard against errors leading to too many processes getting invoked,
a hard limit on number of instance-ids is in place, currently its 5.
Allowed instance-id range is <1-65535>
Once daemons are up, show running from vtysh should show the instance-id
of each daemon as 'router ospf <instance-id>’ (without needing explicit
configuration)
Instance-id can not be changed via vtysh, other router ospf configuration
is allowed as before.
Signed-off-by: Vipin Kumar <vipin@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Dinesh G Dutt <ddutt@cumulusnetworks.com>
is able to send out K (=3 by default) packets per thread-write.
Signed-off-by: Ayan Banerjee <ayan@cumulusnetworks.com>
Reviewed-by: JR Rivers <jrrivers@cumulusnetworks.com>
Quagga sources have inherited a slew of Page Feed (^L, \xC) characters
from ancient history. Among other things, these break patchwork's
XML-RPC API because \xC is not a valid character in XML documents.
Nuke them from high orbit.
Patches can be adapted simply by:
sed -e 's%^L%%' -i filename.patch
(you can type page feeds in some environments with Ctrl-V Ctrl-L)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
ISSUE:
RTA(DR)-----(BackupDR)RTB
RTA advertises a new LSA to RTB, and then flushes the LSA (with setting
the age of the LSA to MaxAge) within 1 second. Then the LSA is deleted
from RTA, while it still exists on RTB with non-MaxAge and can not be
flushed any more.
FIX:
The reason can be explained in below:
a) RTA -- new LSA, #seq=1 --> RTB (RTB will send the delayed Ack in 1s)
b) RTA -- MaxAge LSA, #seq=1 --> RTB (RTB discards it for the MIN_LS_ARRIVAL)
c) RTA <-- Ack for the new LSA, #seq=1 -- RTB (RTA accepts it)
In the step c), ospf_ls_ack() compares the #seq of the entry in the LS-Ack
with that of local MaxAge LSA. The #seq of the two entries are same. So
the Ack is accepted and the LSA is removed from the retransmit-list (while
it should not).
In RFC2328, section 13.7. Receiving link state acknowledgments:
o If the acknowledgment is for the same instance that is <==
contained on the list, remove the item from the list and
examine the next acknowledgment. Otherwise:
where "same instance" does not mean the same #seq. We must call
ospf_lsa_more_recent() to check whether the two instances are same.
Signed-off-by: Feng Lu <lu.feng@6wind.com>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
VU#229804 reports that, by injecting Router LSAs with the Advertising
Router ID different from the Link State ID, OSPF implementations can be
tricked into retaining and using invalid information.
Quagga is not vulnerable to this because it looks up Router LSAs by
(Router-ID, LS-ID) pair. The relevant code is in ospf_lsa.c l.3140.
Note the double "id" parameter at the end.
Still, we can provide an improvement here by discarding such malformed
LSAs and providing a warning to the administrator. While we cannot
prevent such malformed LSAs from entering the OSPF domain, we can
certainly try to limit their distribution.
cf. http://www.kb.cert.org/vuls/id/229804 for the vulnerability report.
This issue is a specification issue in the OSPF protocol that was
discovered by Dr. Gabi Nakibly.
Reported-by: CERT Coordination Center <cert@cert.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
An ospf router should accept a new maxage LSA into its lsdb if it has any
neighbors in state Exchange or Loading. ospfd would however only account
for neighbors on the same interface which does not seem to be a valid
optimization.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
Signed-off-by: David Lamparter <equinox@diac24.net>
If configured without opaque LSA support, the old code would incorrectly
associate type 5 LSAs with an area.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
A set of patches to clarify some comments as well as cleanup code that was
causing warnings. After these patches, the code can be compiled with
-Wall -Wsign-compare -Wpointer-arith -Wbad-function-cast -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations -Wchar-subscripts -Wcast-qual
-Wextra -Wno-unused-parameter -Wno-missing-field-initializers
(what is current in trunk plus -Wextra -Wno-unused-parameter
-Wno-missing-field-initializers).
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Reduce the log level for the MaxAge LSA reception when such an LSA does
not exist in the database.
Signed-off-by: Ayan Banerjee <ayan@cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Signed-off-by: Scott Feldman <sfeldma@cumulusnetworks.com>
OVERVIEW
The checksum used in OSPF (rfc2328) is specified in rc905 annex B. There is an
sample implementation in rfc1008 which forms the basis of the quagga
implementation. This algorithm works perfectly when generating a checksum;
however, validation is a bit problematic.
The following LSA (generated by a non-quagga implementation) is received by
quagga and marked with an invalid checksum; however, it passes both the rfc905
and rfc1008 validation checks.
static uint8_t lsa_10_121_233_29[] = {
0x0e, 0x10, 0x02, 0x03,
0x09, 0x00, 0x35, 0x40,
0x0a, 0x79, 0xe9, 0x1d,
0x80, 0x00, 0x00, 0x03,
0x00, 0x8a, 0x00, 0x1c,
0xff, 0xff, 0xff, 0xe0,
0x00, 0x00, 0x36, 0xb0
};
LS Type: Summary-LSA (IP network)
LS Age: 3600 seconds
Do Not Age: False
Options: 0x02 (E)
Link-State Advertisement Type: Summary-LSA (IP network) (3)
Link State ID: 9.0.53.64
Advertising Router: 10.121.233.29 (10.121.233.29)
LS Sequence Number: 0x80000003
LS Checksum: 0x008a
Length: 28
Netmask: 255.255.255.224
Metric: 14000
You'll note that one byte of the checksum is 0x00; quagga would calculate the
checksum as 0xff8a.
It can be argued that the sourcing implementation generates an incorrect
checksum; however, rfc905 indicates that, for 1's complement arithmetic, the
value 255 shall be regarded as 0, thus either values are valid.
EXPLANATION
The quagga ospfd and ospf6d implementations operate by copying the PDU's
existing checksum in a holding variable, calculating the checksum, and comparing
the resulting checksum to the original. As a note, this implementation has the
side effect of modifying the contents of the PDU.
Evaluation of both rfc905 and rfc1008 shows that checksum validation should
involve calculating the sum over the PDU and checking that both resulting C0 and
C1 values are zero. This behavior is enacted in the rfc1008 implementation by
calling encodecc with k = 0 (checksum offset); however, this functionality had
been omitted from the quagga implementation.
PATCH
This patch adds the ability to call the quagga's fletcher_checksum() with a
checksum offset value of 0xffff (aka FLETCHER_CHECKSUM_VALIDATE) which returns
the sum over the buffer (a value of 0 indicates a valid checksum). This is
similar to the mechanism in rfc1008 when called with k = 0. The patch also
introduces ospf_lsa_checksum_valid().
ospf6d had it's own implementation of the fletcher checksum in
ospf6_lsa_checksum(); it's the same algorithm as in fletcher_checksum(). This
patch removes the local implementation in favor of the library's as well as creates
and uses ospf6_lsa_checksum_valid().
quagga's ISIS implementation suffers from the same problem; however, I do not
have the facilities to validate a fix to ISIS, thus this change has been left to
the ISIS maintainers. The function iso_csum_verify() should be reduced to
running the fletcher checksum over the buffer using an offset of 0.
Signed-off-by: JR Rivers <jrrivers@cumulusnetworks.com>
Reviewed-by: Scott Feldman <sfeldma@cumulusnetworks.com>
Reviewed-by: Nolan Leake <nolan@cumulusnetworks.com>
Reviewed-by: Ayan Banerjee <ayan@cumulusnetworks.com>
Reviewed-by: Shrijeet Mukherjee <shm@cumulusnetworks.com>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The old ospf_check_auth() function did two different jobs depending on
AuType. For Null and Simple cases it actually authenticated the packet,
but for Cryptographic case it only checked declared packet size (not
taking the actual number of bytes on wire into account). The calling
function, ospf_verify_header(), had its own set of MD5/checksum checks
dispatched depending on AuType.
This commit makes the packet size check work against the real number of
bytes and moves it to ospf_packet_examine(). All MD5/checksum
verification is now performed in ospf_check_auth() function.
* ospf_packet.c
* ospf_packet_examin(): check length with MD5 bytes in mind
* ospf_verify_header(): remove all AuType-specific code
* ospf_check_auth(): completely rewrite
An OSPFv2 packet with trailing data blocks (authentication and/or
link-local signaling) failed the recently implemented packet length
check, because trailing data length isn't counted in the packet header
"length" field. This commit fixes respective check conditions.
* ospf_packet.c
* ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
This commit ports more packet checks to OSPFv2, in particular, LSA size
verification and Router-LSA link blocks verification.
* ospf_lsa.h: add LSA size macros
* ospf_packet.h: add struct ospf_ls_update
* ospf_packet.c
* ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[]
* ospf_router_lsa_links_examin(): new function, verifies trailing
part of a Router-LSA
* ospf_lsa_examin(): new function like ospf6_lsa_examin()
* ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin()
* ospf_packet_examin(): add type-specific deeper level checks
1. The only purpose of "ibuf" argument was to get stream size, which
was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized
in ospf_new().
2. Fix the packet size check condition, which was incorrect for very
large packets, at least in theory.
This commit ports some of the OSPFv3 packet reception checks
to OSPFv2.
* ospf_packet.c
* ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[]
* ospf_packet_examin(): new function designed after the first part
of ospf6_packet_examin()
* ospf_read(): verify received packet with ospf_packet_examin()
* ospf_packet.h: add convenience macros
* (general) Move functions in headers into files, to be compiled into
shared object files. Remove inline qualifier from functions. Let the
compiler do the work.
* ospf_packet.c (ospf_recv_packet): FreeBSD, starting from version 10, will not
subtract the IP header size from ip_len.
This is the patch from FreeBSD's ports/net/quagga/files/patch-ospfd__ospf_packet.c,
by Boris Kovalenko.
This vulnerability (CERT-FI #514838) was reported by CROSS project.
The error is reproducible only when ospfd debugging is enabled:
* debug ospf packet all
* debug ospf zebra
When incoming packet header type field is set to 0x0a, ospfd will crash.
* ospf_packet.c
* ospf_verify_header(): add type field check
* ospf_read(): perform input checks early
This vulnerability (CERT-FI #514838) was reported by CROSS project.
When only 14 first bytes of a Hello packet is delivered, ospfd crashes.
* ospf_packet.c
* ospf_read(): add size check
* It's possible for the packet output buffer to be filled up with a long
series of non-Hello packets in between Hellos packets, such that the
router's neighbours don't receive the Hello packet in time, even though
the hello-timer ran at about the right time. Fix this by prioritising
Hello packets, letting them skip the queue and go ahead of any packets
already on the queue.
This problem can occur when there are lots of LSAs and slow links.
* ospf_packet.h: (ospf_hello_send_sub) not used outside of ospf_packet.c
* ospf_packet.c: (ospf_fifo_push_head) add packet to head of fifo (so its
no longer really a fifo, but hey)
(ospf_packet_add_top) add packet to top of the packet output queue.
(ospf_hello_send_sub) Put Hello's at the top of the packet output queue.
make it take in_addr_t parameter, so that this
ospf_hello_send can re-use this code too.
(ospf_hello_send) consolidate code by using ospf_hello_send_sub
(ospf_poll_send,ospf_hello_reply_timer) adjust for ospf_hello_send_sub.
* The hello protocol monitors connectivity in 2 different ways:
a) local -> remote
b) remote -> local
Connectivity is required in both directions (2-way) for adjacencies to
form.
The first requires a round-trip to detect, and is done by advertising
which other hosts a router knows about in its hello messages. This allows
a host to detect which other routers are and are not receiving its
message. If a remote neighbour delists the local router, then the local
router raises a "1-Way Received" event.
The latter is straight-forward, and is detected by setting a timer for the
neighbour. If another Hello packet is not received within this time then
the neighbour is dead, and a separate "Inactive" event is raised.
These are 2 different and relatively independent measures.
Knowing that we can optimise the 2nd, remote->local measure and reset
the timer when /any/ packet arrives from that neighbour. For any packet
is as good as a Hello packet. This can help in marginal situations, where
the number of protocol messages that must be sent sometimes can exceed
the capacity of the network to transmit the messages within the configured
dead-time. I.e. an OSPF network with lots of LSAs, slow links and/or
slow hosts (e.g. O(10k) LSAs, O(100kbit) links, embedded CPUs, and O(10s)
dead-times).
This optimisation allows an OSPF network to run closer to this margin,
and/or allows networks to perhaps better cope with rare periods of
exceptional load, where otherwise they would not.
It's fully compatible with plain OSPF implementations and doesn't
prejudice dead-neighbour detection.
* ospf_nsm.h: Rename HelloReceived event to PacketReceived.
* ospf_nsm.c: (nsm_hello_received) -> nsm_packet_received
* ospf_packet.c: Schedule PacketReceived whenever a valid message is
received.
* ospf_packet.c: (ospf_ls_upd) the corresponding test on the arrival side
in (ospf_flood) is <, so this should be >=, not >, purely for consistency.
There is no practical effect here though.
* ospf_packet.c: make this message conditional on 'debug ospf event', as it
be easily triggered with, e.g., multiple subnets sharing same physical
network. E.g, see bug #532.
This function will return the interface for the first matching
remote address for PtP i/f's. That won't work for multiple
unnumbered i/f's as these may all have the same address.
Pass in the struct interface pointer, ifp, to find the
correct set of oi's to search in. This also reduces the
size of the search list, making it faster.
* ospfd/ospf_interface.c: Add struct interface * param to
ospf_if_lookup_recv_if() to select the right list to search in.
* ospfd/ospf_interface.h: ditto.
* ospfd/ospf_packet.c: Pass new ifp argument to ospf_if_lookup_recv_if()
Update ospf_db_desc_send(), ospf_ls_upd_queue_send() and ospf_ls_req_send()
to always use OSPF_ALLSPFROUTERS for PtP links.
See RFC 2328, chap 8.1 for details:
"The IP destination address for the packet is selected as
follows. On physical point-to-point networks, the IP
destination is always set to the address AllSPFRouters."
Without this, it won't be possible to establish adjacencies on
multiple unnumbered links to the same router.
ChangeLog:
2008-07-25 Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
* ospfd/ospf_packet.c: Set destination for PtP links to
OSPF_ALLSPFROUTERS.
2007-05-09 Paul Jakma <paul.jakma@sun.com>
* configure.ac: sys/conf.h depends on sys/param.h, at least on
FBSD 6.2.
(bug #363) Should check for in_pktinfo for IRDP
2006-05-27 Paul Jakma <paul.jakma@sun.com>
* configure.ac: General cleanup of header and type checks, introducing
an internal define, QUAGGA_INCLUDES, to build up a list of
stuff to include so as to avoid 'present but cant be compiled'
warnings.
Misc additional checks of things missing according to autoscan.
Add LIBM, for bgpd's use of libm, so as to avoid burdening
LIBS, and all the binaries, with libm linkage.
Remove the bad practice of using m4 changequote(), just
quote the []'s in the case statements properly.
This should fix bugs 162, 303 and 178.
* */*.{c,h}: Update all HAVE_* to the standard autoconf namespaced
HAVE_* defines. I.e. HAVE_SA_LEN -> HAVE_STRUCT_SOCKADDR_SA_LEN,
* bgpd/Makefile.am: Add LIBM to bgpd's LDADD, for pow().
2006-10-22 Yar Tikhiy <yar@comp.chem.msu.su>
* (general) Add support for passive-interface default (with
minor edits by Paul Jakma).
* ospf_interface.h: Add OSPF_IF_PASSIVE_STATUS macro, looking
at configured value, or the global 'default' value, as
required.
* ospf_interface.c: (ospf_if_new_hook) Leave passive
unconfigured per default, allowing global 'default' to
take effect for unconfigured interfaces.
* ospf_packet.c: (various) use OSPF_IF_PASSIVE_STATUS
* ospf_vty.c: (ospf_passive_interface_default) new function,
unset passive from all interfaces if default is enabled, as
the per-iface settings become redundant.
(ospf_passive_interface_update) new func, update passive
setting taking global default into account.
({no,}ospf_passive_interface_addr_cmd) Add support for
'default' variant of command.
(show_ip_ospf_interface_sub) Update to take global
default into account when printing passive status.
(ospf_config_write) ditto.
* ospfd.c: (ospf_new) set global passive-interface default.
* ospfd.h: (struct ospf) Add field for global
passive-interface.
2006-09-25 Andrew J. Schorr <ajschorr@alumni.princeton.edu>
* ospf_packet.c: (ospf_packet_dup, ospf_make_md5_digest)
Fix zlog_warn messages to eliminate compiler warnings.
(ospf_hello) Improve warning messages to show why we
are complaining.
2006-08-28 Andy Gay <andy@andynet.net>
* ospf_packet.c: (ospf_make_db_desc) Assert added with More-bit
fixes does not hold up with addition of Ogier DB-Exchange
optimisation, which can empty the db-summary list in between
sent DD packets. Remove assert, update More-bit always when
in Exchange.
2006-08-25 Paul Jakma <paul.jakma@sun.com>
* (general) Bug #134. Be more robust to backward time changes,
use the newly added libzebra time functions.
In most cases: recent_time -> recent_relative_time()
gettimeofday -> quagga_gettime (QUAGGA_CLK_MONOTONIC, ..)
time -> quagga_time.
(ospf_make_md5_digest) time() call deliberately not changed.
(ospf_external_lsa_refresh) remove useless gettimeofday, LSA
tv_orig time was already set in ospf_lsa_new, called via
ospf_external_lsa_new.
2006-08-03 Paul Jakma <paul.jakma@sun.com>
* ospf_packet.c: (ospf_make_db_desc) Unset the DD More bit
after constructing the packet, if appropriate.
(ospf_db_desc_proc) Speed up Exchange, slave should raise
ExchangeDone earlier, as RFC mandates, by forming its reply
before deciding whether both sides are done, avoids a
needless round of empty DD packet exchanges at the end of
Exchange, hence speeding up ExchangeDone.
(ospf_db_desc) use UNSET_FLAG macro.
