bgpd: Fix copy-paste error in SRv6 DT46 SID duplicate install checkSRv6 End.DT46 uses a single shared SID for both the IPv4 (AFI_IP) and
IPv6 (AFI_IP6) address families within a VRF. When zebra notifies bgpd
that a SID has been assigned, bgpd must install it for both AFIs. To
avoid sending zebra a duplicate ROUTE_ADD, the AFI_IP6 code path first
checks whether AFI_IP has already done the install:
1) do both AFIs currently hold the same SID?
2) has AFI_I...
bgpd,lib,zebra: cast pointers to intptr_t in tracepointsCast pointers in tracepoint arguments to intptr_t explicitly
to keep compilers happy.
Signed-off-by: Mark Stapp <mjs@cisco.com>
bgpd: fix error in evpn_mac_ip_zsend tracepoint definitionprefix.macip_addr.eth_tag used as a pointer, but actually an int.
Signed-off-by: Mark Stapp <mjs@cisco.com>
doc: fix SRv6 route commands (bis)Follow-up fix for something I missed earlier.
An example uses `ens3`, while others use `sr0`. Keep it consistent
and use `sr0` everywhere. Also fix the output of an example showing
`ens3` although `sr0` was configured.
Fixes: 62465b9 ("doc: Add SRv6 encapsulation behavior configuration to staticd doc")
Signed-off-by: Justin Iurman <justin.iurman@6wind.com>
pimd: use upstream-owned pim pointer in register and upstream timersMultiple upstream control paths fetched the PIM instance through
up->channel_oil->pim even though upstream already owns a stable
up->pim pointer.
In teardown/re-eval edge flows, channel_oil can be detached before
these paths execute. Dereferencing channel_oil only to access pim adds
an avoidable null/stale pointer risk.
Switch these call sites to up->pim:
- pim_register_join()
- pim_upstream_...
pimd: use upstream-owned pim pointer in MSDP update pathsSeveral MSDP helper paths fetched the PIM instance through
up->channel_oil->pim even though they only require the upstream's
instance context.
In teardown/re-evaluation edge flows, channel_oil can be detached before
these paths run (for example while IGMP prune side effects and upstream
cleanup overlap). Dereferencing up->channel_oil only to access pim then
creates an avoidable null/stale poin...
pimd: avoid JP build deref through channel OILpim_msg_build_jp_groups() fetched the pim instance via
source->up->channel_oil->pim for (*,G) entries. That creates an
unnecessary dependency on channel_oil lifetime while building JP
messages.
In teardown/re-evaluation edge flows, channel_oil may already be
detached before JP aggregation/encoding finishes, making this path
vulnerable to null/stale dereference.
Use source->up->pim directly in...
pimd: guard RP RPF-failure mroute delete on detached OILpim_upstream_update() unconditionally called pim_mroute_del()
when pim_rpf_update() returned PIM_RPF_FAILURE. In teardown/re-eval
edge cases, overlapping prune/delete side effects can detach
up->channel_oil before this path executes.
Control flow can reach this from IGMP prune-driven cleanup where
ifchannel/upstream teardown races with RP re-evaluation. If
up->channel_oil is already NULL, call...
pimd: avoid null deref in upstream delete debug pathThe upstream delete trace log read up->channel_oil->oil_ref_count
unconditionally. In teardown edge cases, channel_oil may already be
detached before this debug statement executes, turning diagnostic
logging into a potential null dereference.
Control flow for the crash case is:
igmp_source_forward_stop() -> tib_sg_gm_prune() ->
pim_ifchannel_local_membership_del() -> delete_on_noinfo() ->
pim_...
pimd: guard channel OIL detach against stale pointersIGMP prune and ifchannel teardown paths can delete the same (S,G)
channel OIL before upstream teardown reaches
pim_channel_oil_upstream_deref(). When that happens, upstream delete
can pass a stale OIL pointer into RB removal, which crashes in
typed_rb_remove() during igmp_source_timer-driven cleanup.
This can happen via prune side effects in the same event flow:
igmp_source_forward_stop() -> t...
doc: fix SRv6 route commandsMove text out of code block, use H_Encaps and H_Encaps_Red in vtysh
commands (instead of H.Encaps and H.Encaps.Red), refresh output.
Fixes: 62465b9dcc82 ("doc: Add SRv6 encapsulation behavior configuration to staticd doc")
Signed-off-by: Justin Iurman <justin.iurman@6wind.com>
Merge pull request #21409 from opensourcerouting/fix/drop_deprecated_branch_deletion_for_mergifytools: Upgrade configuration to current format for Mergify
Merge pull request #21399 from opensourcerouting/fix/bgp_send_notification_if_orf_length_too_bigbgpd: Do not allow triggering route-refresh path with a malformed ORF length
Merge pull request #21394 from opensourcerouting/fix/bgp_do_not_allocate_stream_if_rr_cap_not_receivedbgpd: Do not allocate stream if route-refresh capability is not received
tools: Upgrade configuration to current format for MergifyDrop deprecated (soon) fields for Mergifyio.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Merge pull request #21350 from opensourcerouting/fix/bgp_flowspec_missing_offset_advance_unknown_typebgpd: Return an error for unknown flowspec component type
bgpd: Do not allow triggering route-refresh path with a malformed ORF lengthBefore this patch we just continued with the route-refresh flow blindly instead
of sending a notification.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd: larger one field to be 2 bytesThe `struct attr`'s `encap_tunneltype` should be 2 bytes based on
current code.
Signed-off-by: anlan_cs <anlan_cs@126.com>
bgpd: fix wrong overwritten for evpnThe `ecommunity_tunnel_type()` sets the value based on the pointer of
`(bgp_encap_types *tunnel_type)`. But the `struct attr`'s `encap_tunneltype` field
is `uint8_t` type, it is wrongly as input parameter in `bgp_attr_ext_communities()`,
resulting in the subsequent fileds to be overritten.
Change `bgp_attr_ext_communities()` to the same style as others:
`rfapiGetVncTunnelUnAddr()/rfapiRouteInf...
bgpd: Check dynamic capability action before validating ENHE capabilityWithout checking the action we cannot reach the path where we unset the
capability, because the length is 0 for CAPABILITY_ACTION_UNSET.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
bgpd: Do not allocate stream if route-refresh capability is not receivedJust allocate the stream only if we have a sanity check regarding the capability.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Merge pull request #21345 from opensourcerouting/fix/bgp_srv6_BGP_PREFIX_SID_SRV6_L3_SERVICE_SID_INFO_lenbgpd: Fix srv6 type parsing and EVPN type-5 NLRI prefix lengh parsing for IPv4
staticd: fix static_disable_vrf() to always send a route DELETEstatic_disable_vrf() called static_uninstall_path() to remove routes
belonging to a VRF being disabled. However, static_uninstall_path()
sends a ZAPI ADD (not a DELETE) when nexthops are still in the list,
so the routes were never actually withdrawn from zebra.
Replace with static_zebra_route_add(pn, false) to unconditionally send
a DELETE for each path, which is the correct behavior when tea...
topotests: split bgp_evpn_mh_v4_v6_num v4/v6 layoutSeparate v4 and v6 topology configs into dedicated directories, keep only shared host configs under common/, and remove ARP redirect-specific tests so this PR contains only test-structure split changes.
Drop three unused helper functions from test_evpn_mh_v4_v6_num.py.
Signed-off-by: Ashwini Reddy <ashred@nvidia.com>
Made-with: Cursor
zebra: EVPN prevent stale mbr_zifs entries from early returnPrematurely resetting zif->vlan_bitmap in interface_bridge_vlan_update()
leads to inconsistent state if the function bails out early because the
kernel AF_BRIDGE netlink notification arrived without VLAN info (no
IFLA_BRIDGE_VLAN_INFO).
Because the old bitmap is replaced by an empty one before the NULL check
on bvarray, the early return skips zebra_vlan_mbr_re_eval() and leaks
the old bitmap. ...
Russ White
Carmine Scarpitta
Mark Stapp
Y Bharath
Justin Iurman
Jafar Al-Gharaibeh
Donatas Abraitis
anlan_cs
harini
Enke Chen
Ashwini Reddy
Chirag Shah