Merge branch 'master' of https://github.com/frrouting/frr into evpn-i…

…pv6-tenant-routing

Conflicts:
	zebra/zserv.c

COMMUNITY.md

@@ -492,6 +492,36 @@ In all cases, compatibility pieces should be marked with compiler/preprocessor
 annotations to print warnings at compile time, pointing to the appropriate
 update path.  A `-Werror` build should fail if compatibility bits are used.
 
+### Release Process/Schedule
+
+FRR employs a <MAJOR>.<MINOR>.<BUGFIX> versioning scheme.
+
+* MAJOR - Significant new features or multiple minor features
+  A example of a MAJOR feature is a New Routing Protocol
+* MINOR - Smaller Features
+  A example of a MINOR feature is the addition of the BGP Shutdown feature.
+* BUGFIX - Fixes for actual bugs and/or security issues.
+
+We will pull a new development branch for the next release every 4 months.
+The current schedule is Feb/June/October 1.  The decision for a MAJOR/MINOR
+release is made at the time of branch pull based on what has been received
+the previous 4 months.  The branch name will be dev/MAJOR.MINOR.  At
+this point in time the master branch configure.ac and packaging systems
+will be updated to reflect the next possible release name to allow
+for easy distinguishing.  Additionally the new dev branch will have
+these files updated too.
+
+After one month the development branch will be renamed to
+stable/MAJOR.MINOR.  This process is not held up unless a crash or
+security issue has been found and needs to be addressed.  Issues
+being fixed will not cause a delay.
+
+Bug fix releases are at 1 month intervals until next MAJOR.MINOR is
+pulled.  Then at that time as needed for issues filed.
+
+Security issues are fixed for 1 year minimum on old releases and
+normal bug fixes for the current and previous release
+
 ### Miscellaneous
 
 When in doubt, follow the guidelines in the Linux kernel style guide, or ask on

bgpd/bgp_evpn.c

@@ -1754,8 +1754,10 @@ static int delete_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
 }
 
 /*
- * There is a tunnel endpoint IP address change for this VNI,
- * need to re-advertise routes with the new nexthop.
+ * There is a tunnel endpoint IP address change for this VNI, delete
+ * prior type-3 route (if needed) and update.
+ * Note: Route re-advertisement happens elsewhere after other processing
+ * other changes.
  */
 static int handle_tunnel_ip_change(struct bgp *bgp, struct bgpevpn *vpn,
 				   struct in_addr originator_ip)
@@ -1783,7 +1785,7 @@ static int handle_tunnel_ip_change(struct bgp *bgp, struct bgpevpn *vpn,
 
 	/* Update the tunnel IP and re-advertise all routes for this VNI. */
 	vpn->originator_ip = originator_ip;
-	return update_routes_for_vni(bgp, vpn);
+	return 0;
 }
 
 /*
@@ -3253,15 +3255,25 @@ void bgp_evpn_withdraw_type5_routes(struct bgp *bgp_vrf,
 {
 	struct bgp_table *table = NULL;
 	struct bgp_node *rn = NULL;
+	struct bgp_info *ri;
 
 	/* Bail out early if we don't have to advertise type-5 routes. */
 	if (!advertise_type5_routes(bgp_vrf, afi))
 		return;
 
 	table = bgp_vrf->rib[afi][safi];
-	for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn))
-		bgp_evpn_withdraw_type5_route(bgp_vrf, &rn->p, afi, safi);
-
+	for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
+		/* Only care about "selected" routes - non-imported. */
+		/* TODO: Support for AddPath for EVPN. */
+		for (ri = rn->info; ri; ri = ri->next) {
+			if (CHECK_FLAG(ri->flags, BGP_INFO_SELECTED) &&
+			    (!ri->extra || !ri->extra->parent)) {
+				bgp_evpn_withdraw_type5_route(bgp_vrf, &rn->p,
+							      afi, safi);
+				break;
+			}
+		}
+	}
 }
 
 /*
@@ -3282,10 +3294,6 @@ void bgp_evpn_advertise_type5_route(struct bgp *bgp_vrf, struct prefix *p,
 	if (!advertise_type5_routes(bgp_vrf, afi))
 		return;
 
-	/* only advertise subnet routes as type-5 */
-	if (is_host_route(p))
-		return;
-
 	build_type5_prefix_from_ip_prefix(&evp, p);
 	ret = update_evpn_type5_route(bgp_vrf, &evp, src_attr);
 	if (ret)
@@ -3313,11 +3321,12 @@ void bgp_evpn_advertise_type5_routes(struct bgp *bgp_vrf,
 	table = bgp_vrf->rib[afi][safi];
 	for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
 		/* Need to identify the "selected" route entry to use its
-		 * attribute.
+		 * attribute. Also, we only consider "non-imported" routes.
 		 * TODO: Support for AddPath for EVPN.
 		 */
 		for (ri = rn->info; ri; ri = ri->next) {
-			if (CHECK_FLAG(ri->flags, BGP_INFO_SELECTED)) {
+			if (CHECK_FLAG(ri->flags, BGP_INFO_SELECTED) &&
+			    (!ri->extra || !ri->extra->parent)) {
 
 				/* apply the route-map */
 				if (bgp_vrf->adv_cmd_rmap[afi][safi].map) {
@@ -3330,7 +3339,6 @@ void bgp_evpn_advertise_type5_routes(struct bgp *bgp_vrf,
 					if (ret == RMAP_DENYMATCH)
 						continue;
 				}
-
 				bgp_evpn_advertise_type5_route(bgp_vrf, &rn->p,
 							       ri->attr,
 							       afi, safi);
@@ -4457,8 +4465,8 @@ int bgp_evpn_local_vni_del(struct bgp *bgp, vni_t vni)
 }
 
 /*
- * Handle add (or update) of a local VNI. The only VNI change we care
- * about is change to local-tunnel-ip.
+ * Handle add (or update) of a local VNI. The VNI changes we care
+ * about are for the local-tunnel-ip and the (tenant) VRF.
  */
 int bgp_evpn_local_vni_add(struct bgp *bgp, vni_t vni,
 			   struct in_addr originator_ip,
@@ -4476,24 +4484,31 @@ int bgp_evpn_local_vni_add(struct bgp *bgp, vni_t vni,
 	vpn = bgp_evpn_lookup_vni(bgp, vni);
 	if (vpn) {
 
-		/* update tenant_vrf_id if required */
+		if (is_vni_live(vpn)
+		    && IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip)
+		    && vpn->tenant_vrf_id == tenant_vrf_id)
+			/* Probably some other param has changed that we don't
+			 * care about. */
+			return 0;
+
+		/* Update tenant_vrf_id if it has changed. */
 		if (vpn->tenant_vrf_id != tenant_vrf_id) {
 			bgpevpn_unlink_from_l3vni(vpn);
 			vpn->tenant_vrf_id = tenant_vrf_id;
 			bgpevpn_link_to_l3vni(vpn);
-
-			/* update all routes with new export RT for VRFs */
-			update_routes_for_vni(bgp, vpn);
 		}
 
-		if (is_vni_live(vpn)
-		    && IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip))
-			/* Probably some other param has changed that we don't
-			 * care about. */
-			return 0;
+		/* If tunnel endpoint IP has changed, update (and delete prior
+		 * type-3 route, if needed.)
+		 */
+		if (!IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip))
+			handle_tunnel_ip_change(bgp, vpn, originator_ip);
 
-		/* Local tunnel endpoint IP address has changed */
-		handle_tunnel_ip_change(bgp, vpn, originator_ip);
+		/* Update all routes with new endpoint IP and/or export RT
+		 * for VRFs
+		 */
+		if (is_vni_live(vpn))
+			update_routes_for_vni(bgp, vpn);
 	}
 
 	/* Create or update as appropriate. */

bgpd/bgp_main.c

@@ -106,7 +106,7 @@ static int retain_mode = 0;
 
 /* privileges */
 static zebra_capabilities_t _caps_p[] = {
-	ZCAP_BIND, ZCAP_NET_RAW, ZCAP_NET_ADMIN,
+	ZCAP_BIND, ZCAP_NET_RAW, ZCAP_NET_ADMIN, ZCAP_SYS_ADMIN
 };
 
 struct zebra_privs_t bgpd_privs = {

bgpd/bgp_route.c

@@ -2228,10 +2228,13 @@ static void bgp_process_main_one(struct bgp *bgp, struct bgp_node *rn,
 
 	/* advertise/withdraw type-5 routes */
 	if ((afi == AFI_IP || afi == AFI_IP6) && (safi == SAFI_UNICAST)) {
-		if (new_select)
-			bgp_evpn_advertise_type5_route(
-				bgp, &rn->p, new_select->attr, afi, safi);
-		else if (old_select)
+		if (new_select &&
+		    (!new_select->extra || !new_select->extra->parent))
+			bgp_evpn_advertise_type5_route(bgp, &rn->p,
+						       new_select->attr,
+						       afi, safi);
+		else if (old_select &&
+		         (!old_select->extra || !old_select->extra->parent))
 			bgp_evpn_withdraw_type5_route(bgp, &rn->p, afi, safi);
 	}
 

bgpd/bgp_vty.c

@@ -833,7 +833,7 @@ DEFUN_NOSH (router_bgp,
 
 		if (listcount(bm->bgp) > 1) {
 			vty_out(vty,
-				"%% Multiple BGP processes are configured\n");
+				"%% Please specify ASN and VRF\n");
 			return CMD_WARNING_CONFIG_FAILED;
 		}
 	}
@@ -909,7 +909,7 @@ DEFUN (no_router_bgp,
 
 		if (listcount(bm->bgp) > 1) {
 			vty_out(vty,
-				"%% Multiple BGP processes are configured\n");
+				"%% Please specify ASN and VRF\n");
 			return CMD_WARNING_CONFIG_FAILED;
 		}
 

bgpd/bgp_zebra.c

@@ -1026,14 +1026,14 @@ void bgp_zebra_announce(struct bgp_node *rn, struct prefix *p,
 	if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED
 	    || info->sub_type == BGP_ROUTE_AGGREGATE) {
 		SET_FLAG(api.flags, ZEBRA_FLAG_IBGP);
-		SET_FLAG(api.flags, ZEBRA_FLAG_INTERNAL);
+		SET_FLAG(api.flags, ZEBRA_FLAG_ALLOW_RECURSION);
 	}
 
 	if ((peer->sort == BGP_PEER_EBGP && peer->ttl != 1)
 	    || CHECK_FLAG(peer->flags, PEER_FLAG_DISABLE_CONNECTED_CHECK)
 	    || bgp_flag_check(bgp, BGP_FLAG_DISABLE_NH_CONNECTED_CHK))
 
-		SET_FLAG(api.flags, ZEBRA_FLAG_INTERNAL);
+		SET_FLAG(api.flags, ZEBRA_FLAG_ALLOW_RECURSION);
 
 	/* Metric is currently based on the best-path only */
 	metric = info->attr->med;
@@ -1054,6 +1054,9 @@ void bgp_zebra_announce(struct bgp_node *rn, struct prefix *p,
 		else
 			continue;
 
+		api_nh = &api.nexthops[valid_nh_count];
+		api_nh->vrf_id = bgp->vrf_id;
+
 		if (nh_family == AF_INET) {
 			struct in_addr *nexthop;
 
@@ -1078,9 +1081,7 @@ void bgp_zebra_announce(struct bgp_node *rn, struct prefix *p,
 
 			nexthop = &mpinfo_cp->attr->nexthop;
 
-			api_nh = &api.nexthops[valid_nh_count];
 			api_nh->gate.ipv4 = *nexthop;
-			api_nh->vrf_id = bgp->vrf_id;
 			/* EVPN type-2 routes are
 			   programmed as onlink on l3-vni SVI
 			 */
@@ -1135,7 +1136,6 @@ void bgp_zebra_announce(struct bgp_node *rn, struct prefix *p,
 			if (ifindex == 0)
 				continue;
 
-			api_nh = &api.nexthops[valid_nh_count];
 			api_nh->gate.ipv6 = *nexthop;
 			api_nh->ifindex = ifindex;
 			api_nh->type = NEXTHOP_TYPE_IPV6_IFINDEX;
@@ -1265,14 +1265,14 @@ void bgp_zebra_withdraw(struct prefix *p, struct bgp_info *info, safi_t safi)
 		SET_FLAG(api.flags, ZEBRA_FLAG_EVPN_ROUTE);
 
 	if (peer->sort == BGP_PEER_IBGP) {
-		SET_FLAG(api.flags, ZEBRA_FLAG_INTERNAL);
+		SET_FLAG(api.flags, ZEBRA_FLAG_ALLOW_RECURSION);
 		SET_FLAG(api.flags, ZEBRA_FLAG_IBGP);
 	}
 
 	if ((peer->sort == BGP_PEER_EBGP && peer->ttl != 1)
 	    || CHECK_FLAG(peer->flags, PEER_FLAG_DISABLE_CONNECTED_CHECK)
 	    || bgp_flag_check(peer->bgp, BGP_FLAG_DISABLE_NH_CONNECTED_CHK))
-		SET_FLAG(api.flags, ZEBRA_FLAG_INTERNAL);
+		SET_FLAG(api.flags, ZEBRA_FLAG_ALLOW_RECURSION);
 
 	if (bgp_debug_zebra(p)) {
 		char buf[PREFIX_STRLEN];

doc/OSPF-SR.rst

@@ -5,6 +5,26 @@ This is an EXPERIMENTAL support of draft
 `draft-ietf-ospf-segment-routing-extensions-24`.
 DON'T use it for production network.
 
+Supported Features
+------------------
+
+* Automatic computation of Primary and Backup Adjacency SID with
+  Cisco experimental remote IP address
+* SRGB configuration
+* Prefix configuration for Node SID with optional NO-PHP flag (Linux
+  kernel support both mode)
+* Node MSD configuration (with Linux Kernel >= 4.10 a maximum of 32 labels
+  could be stack)
+* Automatic provisioning of MPLS table
+* Static route configuration with label stack up to 32 labels
+
+Interoperability
+----------------
+
+* tested on various topology including point-to-point and LAN interfaces
+  in a mix of Free Range Routing instance and Cisco IOS-XR 6.0.x
+* check OSPF LSA conformity with latest wireshark release 2.5.0-rc
+
 Implementation details
 ----------------------
 
@@ -248,9 +268,6 @@ Known limitations
 * MPLS table are not flush at startup. Thus, restarting zebra process is
   mandatory to remove old MPLS entries in the data plane after a crash of
   ospfd daemon
-* Due to a bug in OSPF Opaque, LSA are not flood when enable Segment Routing
-  through CLI once OSPFd started. You must configure Segment Routing within
-  configuration file before launching OSPFd
 * With NO Penultimate Hop Popping, it is not possible to express a Segment
   Path with an Adjacency SID due to the impossibility for the Linux Kernel to
   perform double POP instruction.

doc/ospfd.texi

@@ -759,10 +759,11 @@ currently supported. The 'no-php-flag' means NO Penultimate Hop Popping that
 allows SR node to request to its neighbor to not pop the label.
 @end deffn
 
-@deffn {Command} {show ip ospf database segment-routing} {}
-@deffnx {Command} {show ip ospf database segment-routing adv-router @var{adv-router}} {}
-@deffnx {Command} {show ip ospf database segment-routing self-originate} {}
+@deffn {Command} {show ip ospf database segment-routing [json]} {}
+@deffnx {Command} {show ip ospf database segment-routing adv-router @var{adv-router} [json]} {}
+@deffnx {Command} {show ip ospf database segment-routing self-originate [json]} {}
 Show Segment Routing Data Base, all SR nodes, specific advertized router or self router.
+Optional Json output could be obtain by adding 'json' at the end of the command.
 @end deffn
 
 @node Debugging OSPF

lib/command.c

@@ -500,6 +500,9 @@ static int config_write_host(struct vty *vty)
 	if (cmd_hostname_get())
 		vty_out(vty, "hostname %s\n", cmd_hostname_get());
 
+	if (cmd_domainname_get())
+		vty_out(vty, "domainname %s\n", cmd_domainname_get());
+
 	if (host.encrypt) {
 		if (host.password_encrypt)
 			vty_out(vty, "password 8 %s\n", host.password_encrypt);

lib/ipaddr.h

@@ -86,6 +86,12 @@ static inline char *ipaddr2str(struct ipaddr *ip, char *buf, int size)
 	return buf;
 }
 
+/*
+ * Convert IPv4 address to IPv4-mapped IPv6 address which is of the
+ * form ::FFFF:<IPv4 address> (RFC 4291). This IPv6 address can then
+ * be used to represent the IPv4 address, wherever only an IPv6 address
+ * is required.
+ */
 static inline void ipv4_to_ipv4_mapped_ipv6(struct in6_addr *in6,
 					    struct in_addr in)
 {

lib/zclient.c

@@ -1085,7 +1085,7 @@ int zapi_route_decode(struct stream *s, struct zapi_route *api)
 	STREAM_GETC(s, api->message);
 	STREAM_GETC(s, api->safi);
 	if (CHECK_FLAG(api->flags, ZEBRA_FLAG_EVPN_ROUTE))
-		stream_get(&(api->rmac), s, sizeof(struct ethaddr));
+		STREAM_GET(&(api->rmac), s, sizeof(struct ethaddr));
 
 	/* Prefix. */
 	STREAM_GETC(s, api->prefix.family);
@@ -1266,6 +1266,8 @@ bool zapi_nexthop_update_decode(struct stream *s, struct zapi_route *nhr)
 		break;
 	}
 
+	STREAM_GETC(s, nhr->type);
+	STREAM_GETW(s, nhr->instance);
 	STREAM_GETC(s, nhr->distance);
 	STREAM_GETL(s, nhr->metric);
 	STREAM_GETC(s, nhr->nexthop_num);

lib/zebra.h

@@ -402,7 +402,7 @@ extern const char *zserv_command_string(unsigned int command);
 #define strmatch(a,b) (!strcmp((a), (b)))
 
 /* Zebra message flags */
-#define ZEBRA_FLAG_INTERNAL           0x01
+#define ZEBRA_FLAG_ALLOW_RECURSION    0x01
 #define ZEBRA_FLAG_SELFROUTE          0x02
 #define ZEBRA_FLAG_IBGP               0x08
 #define ZEBRA_FLAG_SELECTED           0x10

nhrpd/nhrp_route.c

@@ -114,7 +114,7 @@ void nhrp_route_announce(int add, enum nhrp_cache_type type, const struct prefix
 		SET_FLAG(api.flags, ZEBRA_FLAG_FIB_OVERRIDE);
 		break;
 	}
-	SET_FLAG(api.flags, ZEBRA_FLAG_INTERNAL);
+	SET_FLAG(api.flags, ZEBRA_FLAG_ALLOW_RECURSION);
 
 	SET_FLAG(api.message, ZAPI_MESSAGE_NEXTHOP);
 	api.nexthop_num = 1;