bgpd: fix last Reset timer losing day part after 24 hoursThe lastResetTimerMsecs JSON field was computed using gmtime_r() and
only accounted for hours, minutes, and seconds (tm_hour, tm_min,
tm_sec), but missed the day field (tm_yday). This caused the value
to wrap around and lose days when elapsed time exceeded 24 hours.
Use direct multiplication (uptime * 1000) instead, matching how
bgpTimerUpMsec is correctly computed.
Signed-off-by: Soumya Roy <...
pimd: fix NOCACHE MFC resync detection log, add vrf name tooOnly treat as kernel/user MFC resync when MFC was already installed
before this NOCACHE upcall (snapshot via pim_upstream_find before
find_or_add). Avoids false positives on first packet when find_or_add
installs in the same call. Log resync at debug with VRF; add VRF to
kernel upcall lines.
Without this fix, pim logs a warning for every new flow:
```
r1-eth0: NOCACHE for (192.168.100.10,238.0...
tests: staticd: test VRF teardown cleanup for ECMP routesAdd test_vrf_teardown_cleanup to the static_cross_vrf_nexthop topotest
suite to cover the bug fixed in static_cleanup_vrf(): when a nexthop
VRF goes down, the stale cross-VRF nexthop must not appear in the route
ADD sent to zebra.
The fix marks affected nexthops VRF_UNKNOWN before calling
static_zebra_route_add(), which skips VRF_UNKNOWN entries. Without
the fix, the ADD is sent with the old ...
staticd: fix static_cleanup_vrf() nexthop-VRF removal orderingWhen a nexthop VRF goes down, static_cleanup_vrf() must mark affected
nexthops as VRF_UNKNOWN *before* reinstalling the path. The previous
code called static_uninstall_nexthop() per nexthop while nh->nh_vrf_id
still held the old valid VRF ID. This caused static_uninstall_path()
to issue a ZAPI ADD that included the departing nexthop — since
static_zebra_route_add() only skips nexthops already...
ospf6d: Remove ospf6 route when connected winsCurrently when ospf6 installs a route that is later
covered by a connected, the ospf6 route is never removed.
Modify the code to detect the case where the new route
that `wins` in ospf6 notices that it is connected and the
old route that was in was a ospf6 route. If so send a
specific route deletion for the ospf6 route.
This failure is happening infrequently in the ospf6_point_to_multipoint
t...
doc: document standalone Sphinx HTML build without configureAdd a section at the end of building-doc.rst describing how to run
sphinx-build from the repository root when the tree has not been
configured.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
ci: gate github-ci Build/Test jobs on non-doc paths; add HTML doc job- Add doc-path-filter job (dorny/paths-filter) for doc/** vs rest of tree.
- Run Prepare-MIB-Cache, Build, and Test only when changes exist outside doc/.
- Add Documentation-HTML job (sphinx user + developer) when doc/ changes.
- Skip Documentation-HTML when doc/ is unchanged.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
tests: update test descriptionThis is a particular type of test we shouldn't mix in other generic
config tests. The previous name was too generic as well so update it
too.
Signed-off-by: Christian Hopps <chopps@labn.net>
tests: Modify tests to better test some zebra cli changesBetter test:
a) ip import table
b) allow-external....
c) packet read in values for zebra
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Signed-off-by: Christian Hopps <chopps@labn.net>
mgmtd: improve vty error handling for `mgmt edit`Improve handling of error in frontend client/mgmt vty. Use this to
return a more appropriate result (CMD_WARNING_CONFIG_FAILED) back to
vtysh mirroring the normal config change path. As a result vtysh will
correctly exit with status 1 when running one shot `mgmt edit` config
commands.
Signed-off-by: Christian Hopps <chopps@labn.net>
zebra: Move `ip import-table` to mgmt frontend sideThe `ip import-table ...` commands were not on the mgmt
front end side. Move them to it.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: Move `zebra work-queue` to mgmt frontend sideReroute the `zebra work-queue` commands to actually be
on the mgmt frontend side instead of the zebra side.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: Move `zebra zapi-packets` to mgmt frontend sideMove the `zebra zapi-packets` command to fully use the mgmt
frontend.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: Move `zebra dplane limit` to mgmt frontend sideRoute the `zebra dplane limit` CLI through the mgmt-fronted
zebra NB path and implement the existing dplane queue limit
NB apply callback so the command keeps its behavior after the move.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
doc: document new RIP log toggleDocument a new command in the `router rip` configuration node to toggle
the RIP discovery / disappearance messages.
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
tests: increment test to include new loggingIncrement the RIP BFD test to include testing the new log messages. The
RIP BFD topology fits this test well due to the decreased interval
between peer discovery and peer disappearance (due to BFD fast
convergence).
Signed-off-by: Rafael Zalamena <rzalamena@opensourcerouting.org>
ripd, yang: add log-neighbor-changes configurationWhen log-neighbor-changes is enabled the RIP daemon will log everytime
a peer is discovered and a peer times out.
Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
pceplib: obj is already de-refed, no need to check for NULLobj is created via common_object_create() which never
returns a NULL pointer. There is no need to test
for it being NULL.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
bgpd: remove unreachable json_paths free in evpn_show_all_routes()When brief is true, json_paths is never allocated; the else branch was
dead code and triggered Coverity CID 1670529 (DEADCODE).
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
ospfd: add validation in several places before accessingAdd validation of LSA, TLV, and sub-TLV sizes before accessing
bytes within the message bodies.
Reported-by: Haruto Kimura (Stella) <harutokimura0608@gmail.com>
Signed-off-by: Mark Stapp <mjs@cisco.com>
bfdd: avoid prefix-list memory allocation in bfd to solve oom issuePrefix-list memory is allocated in all FRR modules even when not needed. Added a mechanism to avoid allocation for modules that do not use prefix lists.
Ticket: #4707868
Signed-off-by: Sougata Barik <sougatab@nvidia.com>
pimd: `pim_inet4_dump` -> `%pI4s`Better late than never, we don't need `pim_inet4_dump` when we have
`printfrr`, replace it with `%pI4s` format strings.
Signed-off-by: David 'equinox' Lamparter <equinox@opensourcerouting.org>
bgpd: Use %pI4/%pI6 formatters in BGP-LS NLRI displaybgp_ls_nlri_display() converts addresses with inet_ntop() into a local
string buffer before printing. FRR already supports %pI4/%pI6 in vty_out(),
so the extra conversion path and temporary buffer are unnecessary.
Replace inet_ntop()-based formatting with direct %pI4/%pI6 printing for
router IDs and link interface/neighbor addresses, and drop the unused
ipaddr_str buffer.
This simplifies the ...
bgpd: Skip oversized BGP-LS Node and Link Name TLVsparse_node_name() and parse_link_name() accept a length parameter from
the BGP-LS TLV header and allocate a buffer of that size without bounds
checking. A malicious peer can send TLVs with length fields up to 64KB,
causing per-advertisement memory exhaustion that accumulates across many
updates.
Fix by adding separate constants BGP_LS_MAX_NODE_NAME_LEN and
BGP_LS_MAX_LINK_NAME_LEN (255 bytes e...
Donald Sharp
souroy
Mark Stapp
Ainur Bikchantaev
Enke Chen
Donald Sharp
Christian Hopps
Rafael Zalamena
Sougata Barik
David Lamparter
Carmine Scarpitta