Age | Commit message (Collapse) | Author |
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
The `router-mac` option in `gobgp` CLI allows sending Router's
MAC Extended Community via BGP EVPN Type 2 and Type 5 advertisements.
As explained in below RFC draft, this community is used to carry the
MAC address of the VTEP where MAC-IP pair resides.
More info: For example, GoBGP router (R1) peers with Cisco router (R2).
R1 is used by an orchestraction platform, e.g. OpenStack, Docker Swarm,
etc., to advertise container MAC-IP bindings. When R1 advertises the
binding it also sets next hop for the route as the host where the MAC-IP
binding (i.e. container) resides. When R2 receives the route, it will
not install it unless Router's MAC Extended Community is present. R2
will use the MAC address in the community to create an entry in MAC
address table of R2 pointint to NVE interface.
```
gobgp global rib -a evpn add macadv e9:72:d7:aa:1f:b4 \
172.16.100.100 etag 0 label 34567 rd 10.1.1.1:100 \
rt 65001:100 encap vxlan nexthop 10.10.10.10 \
origin igp router-mac e9:72:d7:aa:1f:b4
gobgp global rib -a evpn add nexthop 10.10.10.10 origin igp \
prefix 172.16.100.100/32 esi 0 etag 0 rd 10.1.1.1:100 \
rt 65001:100 gw 10.10.10.10 label 34567 encap vxlan \
router-mac e9:72:d7:aa:1f:b4
```
In the above example, a host with IP of `10.10.10.10` runs a
container connected to an Open vSwitch instance. The container's IP
address is `172.16.100.100` and MAC address `e9:72:d7:aa:1f:b4`.
The Open vSwitch is VTEP with `tunnel_key=34567`, i.e. VNID `34567`.
GoBGP (R1) and Cisco (R2) routers are in BGP AS 65001. R1's IP is
`10.1.1.1`. R2 used RT of `65001:100` to import routes and place
them into appropriate VRF. In this case the VRF is associated with
L2VNI from VLAN 300. Upon the receipt of the above BGP EVPN
Type 2 and Type 5 routes, R2 will create create a MAC address
entry pointing to it's NVE interface with destination IP address
of `10.10.10.10`.
```
Legend:
* - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
age - seconds since last seen,+ - primary entry using vPC Peer-Link,
(T) - True, (F) - False, C - ControlPlane MAC
VLAN MAC Address Type age Secure NTFY Ports
---------+-----------------+--------+---------+------+----+------------------
* 300 e972.d7aa.1fb4 static - F F nve1(10.10.10.10)
```
The R2 will use the `router-mac e9:72:d7:aa:1f:b4` as the destination MAC
address of the inner VXLAN packet. For example, an underlay host `20.20.20.20`
ping the container. The inner VXLAN L2 destination address is
`e9:72:d7:aa:1f:b4`. The inner VXLAN L2 source address is R2's MAC. The outer
VXLAN L3 source address, i.e. `10.2.2.2` is R2' NVE address.
```
OUTER VXLAN L2: 10:20:08:d0:ff:23 > b2:0e:19:6a:8d:51
OUTER VXLAN L3: 10.2.2.2.45532 > 10.10.10.10.4789: VXLAN, flags [I] (0x08), vni 34567
INNER VXLAN L2: 4e:f4:ca:aa:f6:7b > e9:72:d7:aa:1f:b4
INNER VXLAN L3: 20.20.20.20 > 172.16.100.100: ICMP echo reply, id 66, seq 1267, length 64
```
See also: https://tools.ietf.org/html/draft-sajassi-l2vpn-evpn-inter-subnet-forwarding-05#section-6.1
Signed-off-by: Paul Greenberg <greenpau@outlook.com>
|
|
save about 100MB memory.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
A path object in the adj-in is also in the master rib. We can't update
such.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Shrink memory usage.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
https://github.com/osrg/gobgp/issues/1249
The IN policy was removed. The modification by the IMPORT policy are
visible to all route server peers.
This saves some dozens bytes memory per a path.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This commit contains `systemd` unit file and the documentation
describing how to run `gobgp` as `systemd` managed service
on CentOS/RHEL Linux distribution.
Signed-off-by: Paul Greenberg <greenpau@outlook.com>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
|
|
|
|
RFC4724(Graceful Restart) says that if "Restart State" bit is set
in the Open message, its peer must not wait for the EoR marker
from the speaker before advertising routing information to the speaker.
But currently, GoBGP waits EoR even if "Restart State" bit is set
in graceful restart process.
This commit fixes it to skipping syncing process for the
restarting peers.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Currently, the result of Route Target Constraint filter is unexpectedly
ignored when Route Reflector reflecting the VPN routes because "ignore"
flag can be overwritten without evaluated.
This patch fixes to return "nil" before "ignore" flag overwritten and
enable to filter outgoing VPN routes based on RTC.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
fixes #1640
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
When GoBGP dropped adj-Rib-out per Peer, we fixed to send the same Route
Target Membership (RTM) NLRI even if it is already sent. This can cause
the infinite UPDATE loop when Route Reflector(RR) reflects RTM NLRI to
its clients.
For example, the following situation causes the infinite UPDATE loop.
Topology:
+----- RR -----+
| |
Client1 Client2
When Client1 has VRF with RT 65000:1 and sends a RTM NLRI to RR, then RR
reflects the NLRI to Client2. If a new VRF with the same RT 65000:1 on
Client2 is created, Client2 will notify it to RR, then RR calculates the
best, but RR will send the NLRI from Client2 to Client1 even if it is
not the best. Client1 receives the NLRI again, calculates the best and
re-sends the best. Then, RR reflects the received NLRI ... (infinite
loop).
This patch fixes to compare the candidate path to be sent with the old
path and assume the given candidate path was already sent before if the
candidate path and the old path is the same path. Then avoids the
infinite UPDATE loop.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
The typo in function Less() was causing logical error during comparison
and the comparison would always return whether AS number was less or not
regardless of Maxlen.
fixes #1633
|
|
This patch adds getter functions for the segment type and AS list of
each segment without using type assertion.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
When initializing IPv4AddressSpecificExtended or
IPv6AddressSpecificExtended structure, nil value will be returned when
an invalid IP address is given.
But the redirect action extended community types;
- RedirectIPv4AddressSpecificExtended
- RedirectIPv6AddressSpecificExtended
which embed IP address specific extended community types, are not aware
of nil value when initializing, so these redirect action extended
community can be unexpectedly initialized with nil value.
This patch fixes to check return value of the embedded structure and
also return nil when failure of initializing it.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Because "Serialize()" functions of NLRIs or PathAttributes can be called
from some different goroutines, updating fields of a structure can cause
data races.
This patch moves the normalization for each field (mostly length and
flags calculation) into "NewXxx()" or "DecodeFromBytes()" and avoids the
data races.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
The length value can be retrieved from the route type specific data
field and need not to be specified at the initialization.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Keeping binary representation increases the size of structure and can
cause data races.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
This patch adds UT file to detect data races when serializing BGP UPDATE
messages.
Example of Usage:
$ go test -race github.com/osrg/gobgp/packet/bgp -run ^Test_RaceCondition$
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
When using IDE (e.g. VSCode), we can easily check the results of
markdownlint and it should not be a heavy burden to write docs.
This patch introduces an unit test to invoke markdownlint on Travis-CI.
See https://github.com/DavidAnson/markdownlint/blob/master/doc/Rules.md,
for configuration details of ".markdownlint.json".
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
In CLI operation, currently, unexpected argument names
(such as 'aspath' for 'gobgp neighbor add')
may pass the validations and return no errors.
This commit prevents accepting those argument names
by specifying the number of expected arguments for each argument names.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Currently, globalRib is always set to dynamic neighbors
even if they are route server clients.
This patch fixes to set rsRib when the neighbor is
a route server client.
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
When neighbor had AddPath capability, then disable AddPath after that. Old marshallingOptions remains. So once neighbor enabled AddPath it can't be disabled with no AddPath capability option in Open Message.
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
|
|
The serialization of ipv4/v6 nlri should be goroutine-safe but somehow not.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
The way to install GoBGP is outdated. README tells how so let's remove.
Also bash completion scripts haven't be updated for long time so let's
remove too.
[ci skip]
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
In order to avoid races, zclient should not access to RIB without
calling APIs of BgpServer.
But currently zclient directly accesses to the global RIB when handling
NEXTHO_UPDATE messages.
This patch fixes this problem by calling BgpServer.GetRib().
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|
|
Currently, "UnknownExtended.GetTypes()" returns always the constant
values even if "Type" value is given.
This patch fixes to return the given type value and use the first
"Value" byte as the sub type.
Also, introduces "NewUnknownExtended()" function for the convenience.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
|