zebra: EVPN fix stale remote vtep entriesThe EVPN route delete paths in process_subq_early_route_add
(route replace) and process_subq_early_route_delete used
ere->afi (route address family) to determine the VTEP IP type.
For IPv4 routes with IPv6 VTEP endpoints, this incorrectly
created an IPv4 vtep_ip when the nexthop is actually IPv6.
The add path already correctly uses tmp_nh->type (nexthop type).
The mismatch meant delete never m...
bfdd: Allow for command completions to work with peersAdd the ability for bfdd to tell you more about the bfd peers
when you ask for command completion help:
eva# show bfd peer
1::2 2603:6080:602:509e:f6d2:e774:dfce:4b99
eva# show bfd peer 2603:6080:602:509e:f6d2:e774:dfce:4b99
BFD Peer:
peer 2603:6080:602:509e:f6d2:e774:dfce:4b99 local-address 2603:6080:602:509e:f6d2:e774:dfce:4b08 vrf default interface enp13s...
bfdd: Fix `show bfd peers brief` to display local address in some casesWhen the bfdd peering has not been established if you have a local peer
when you do a `show bfd peers brief` the local address is listed as unknown.
Which is poppycock:
bfd
peer 2603:6080:602:509e:f6d2:e774:dfce:4b99 local-address 2603:6080:602:509e:f6d2:e774:dfce:4b08 interface enp13s0
exit
!
exit
!
end
eva# show bfd peers brief
Session count: 1
SessionId LocalAddress ...
bfdd: Look up the bfdd peer a bit earlier on packet receptionThe bfdd code looks up the bfdd peer very late in the packet reception
path. Move the peer lookup to much earlier, mainly so that the bad packets
received can be associated with the correct peer.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
bfdd: Remove unnecessary NULL checkbfdd is finding the bfd session and if we do not find one,
the function returns. The very next if statement is checking to see
if the bfd pointer is NULL. We know it is not NULL there.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
bfdd, yang: Add a bad packet counter for bfd peersCurrently bfdd completely ignores bad packets received and
there is no way to know that a bad packet has been coming
in unless you infer it through other means. This is not
easy for a operator to do.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
ci: harden MIB downloads and add shared workflow cacheAdd a dedicated CI cache preparation flow for MIB files and restore
that cache in build jobs so Docker builds reuse cached MIB assets
instead of repeatedly downloading from external links.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
ci: set artifact retention and upload strictnessSet explicit retention periods for build and test artifacts
and define if-no-files-found behavior to improve CI storage
hygiene and upload diagnostics.
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
bgpd: change L2 attr displayL2attr display is too long:
> L2: P flag:Y, B Flag Y, C word Y, MTU 1500
change to
> L2: Cflags CPB, MTU 1500
Signed-off-by: Loïc Sang <loic.sang@6wind.com>
Merge pull request #20917 from nishant111/nishant/bgp_fib_suppress_stale_fixbgpd: Fix routes to be removed from rib when suppress fib pending is configed
tests: Add a topotest that shows that metaQ deduplication works for NHGTest that the MetaQ deduplipication is working as expected.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: Add a hidden command `[no] zebra test metaq disable`Add the ability to plug the zebra metaQ to allow for testing
of deduplication.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
zebra: Limit NHG metaQ to only 1 item per NHG IDCurrently if there is a large number of changes going on
via received NHG's and Zebra is extremely busy doing other
work as well, It is possible that the received NHG list
for processing in the metaQ is quite large. This is especially
problematic at scale. Modify the code such that the MetaQ
looks to see if the NHG being modified is already in the list.
If so just remove the old one and keep ...
zebra: Keep high water mark for some queuesThe dplane provider incoming and outgoing queues back to
zebra were not keeping the high water marks for them. Add them
eva# show zebra dplane providers
dataplane Incoming Queue from Zebra: 0, q_max: 5
Zebra dataplane providers:
Kernel (1): in: 77, q: 0, q_max: 5, out: 77, q: 0, q_max: 5
dataplane Outgoing Queue to Zebra: 0, q_max: 30
eva#
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
tests: Show a ordering bug in test_bgp_nhc.pyWhen r6 intentionally brings up bgp peering towards
r7 and r8 first and then brings up the r1 peering
the bgp_nhc feature is not working correctly.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
pcep: fix heap buffer overflowASAN reported a heap buffer overflow when printing path->name in
path_pcep_config_update_path():
snprintf(segment_list_name_buff, sizeof(segment_list_name_buff),
"%s-%u", path->name, path->plsp_id);
The symbolic name is allocated in pcep_lib_parse_lsp_symbolic_name()
using the following:
path->name = XCALLOC(MTYPE_PCEP, size);
strlcpy((char *)path->name, tlv->symbolic_path_n...
bgpd: make code more robust in bgp_advertise_attr_unintern()As hash_release() uses the attribute data, it would be more robust
to call hash_release() before bgp_attr_unintern().
Signed-off-by: Enke Chen <enchen@paloaltonetworks.com>
bgpd: Fix nht to properly notice a changecommit: 8dcd0a6b9cdbfac47eea2cf2100badf7744dbf98 broke
path handling in some rare cases. This can be especially
seen in bgp evpn processing when a path transitions from !valid
to valid. The bgp_evpn_rt5_addpath code is failing occassionally
because of this change. Modify the code to intentionally also
call bgp_process when the old_path_valid is not the same
as the new path being valid.
Sign...
isisd: Fix fortify abort by simplifying lsp_bits2stringThe lsp_bits2string function was incorrectly passing the total buf_size
to subsequent snprintf calls instead of the remaining buffer space.
This caused the compiler's _FORTIFY_SOURCE security checks to trigger a
SIGABRT, as the requested write size exceeded the bounds of the buffer.
This issue was exposed after switching the compiler from GCC to Clang
on Ubuntu 24.04.
Instead of fixing the po...
bgpd: Fix routes to be removed from rib when suppress fib pending is configedIf GR N bit is set and fib suppress pending is configured then routes
will not be advertised to GR peer. This is because the routes are marked
as stale during the peer reset due to GR config. When peers reconnect
bgp does not attempt a route install as the routes were never removed from
rib.
Fix by unsetting the PEER_STATUS_NSF_WAIT flag explicitely in the fib
suppress config path.
Signed-off-...
bgpd: Fix condition when evaluating pathsOriginal commit said:
Let's broaden this scope a tiny bit to allow for matches where the number of
nexthops is 1 and the nexthop->ifindex is the same as the interfaces ifindex
for the up/down event.
But the condition was incorrect according to the definition.
That leads to routes being flushed incorrectly.
When nexthop_num > 1, the first clause is false, so the whole continue is
skipped, an...
isisd: validate minimum frame size before LLC removalMove and consolidate the minimum frame-size validation alongside recvmsg() result handling so short frames are rejected before LLC removal.
Signed-off-by: Ashwini Reddy <ashred@nvidia.com>
Russ White
Manpreet Kaur
Y Bharath
Donald Sharp
Loïc Sang
Justin Iurman
Enke Chen
Renato Botelho do Couto
Nishant
Ashwini Reddy