Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ospfd: implement passive-interface function of cisco #2359

Closed
wants to merge 2 commits into from
Closed

ospfd: implement passive-interface function of cisco #2359

wants to merge 2 commits into from

Conversation

fengtian6WIND
Copy link

"passive-interface default/interface [IPv4]" will automatic
add interface into ospf but not active it for adjacency and
futher action

"no passive-interface default/interface [IPv4]" will active
the passive interface for adjacency and futher

@pguibert6WIND pguibert6WIND mentioned this pull request Jun 4, 2018
Open
qlyoung
qlyoung reviewed Jun 4, 2018
View reviewed changes
Copy link
Member

@qlyoung qlyoung left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please rewrap your code to 80 columns.

ospfd/ospfd.c Outdated
/*
* if router_id is not configured, dont bring up
* interfaces.
* ospf_router_id_update() will call ospf_if_update
* whenever r-id is configured instead.
*/
if ((area->ospf->router_id.s_addr != 0) && if_is_operative(co->ifp))
if ((area->ospf->router_id.s_addr != 0) && if_is_operative(co->ifp) &&
oi->passive_interface == OSPF_IF_ACTIVE)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please indent this so it looks like:

	if ((area->ospf->router_id.s_addr != 0) && if_is_operative(co->ifp) &&
	    oi->passive_interface == OSPF_IF_ACTIVE)

@fengtian6WIND
Copy link
Author

fengtian6WIND commented Jun 5, 2018 via email

odd22
odd22 approved these changes Jun 5, 2018
View reviewed changes
Copy link
Member

@odd22 odd22 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Patch seems OK for me.

@odd22
Copy link
Member

odd22 commented Jun 5, 2018

Need to fix remaining Check Style, especially line over 80 characters. See CI report.

@rwestphal rwestphal self-requested a review June 5, 2018 14:36
rwestphal
rwestphal reviewed Jun 5, 2018
View reviewed changes
ospfd/ospf_vty.c Outdated
ospf->passive_interface_default = OSPF_IF_ACTIVE;

/* XXX We should call ospf_if_set_multicast on exactly those
* * interfaces for which the passive property changed. It is too much
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please fix these comments, only the first asterisk should be present.

ospfd/ospf_interface.h Outdated
@@ -186,6 +186,7 @@ struct ospf_interface {

struct prefix *address; /* Interface prefix */
struct connected *connected; /* Pointer to connected */
uint8_t passive_interface; /* 1 = passive interface, 0 = active interface */
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you clarify why we need this new variable when we already have params->passive_interface and the OSPF_IF_PASSIVE_STATUS macro?

@fengtian6WIND
Copy link
Author

continue format the patch

@rwestphal
Copy link
Member

@fengtian6WIND I see you made the following change in your latest commit:

-	uint8_t passive_interface; /* 1 = passive interface, 0 = active interface */
+
+	/* This flag indicate if the network of a interface is passive/active
+	   and it's more simple and clear than params->passive_interface */
+	uint8_t passive_interface;
 
 	/* Configured varables. */
 	struct ospf_if_params *params;

For me it makes no sense to have two different variables to control whether an interface is in the passive mode or not. Please remove this new variable or provide a very good explanation of why you're doing this.

I see there are still a few places using OSPF_IF_PASSIVE_STATUS but you removed all calls to SET_IF_PARAM(params, passive_interface). This smells really bad.

rwestphal
rwestphal requested changes Jun 13, 2018
View reviewed changes
Copy link
Member

@rwestphal rwestphal left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fengtian6WIND Thanks for the updates. I've found a few problems with this PR.

Testing ospfd I got this:

rt2-ospfd# show running-config
[snip]
!
router ospf
 ospf router-id 2.2.2.2
 network 0.0.0.0/0 area 0
!
[snip]
rt2-ospfd#
rt2-ospfd# conf t
rt2-ospfd(config)# router ospf
rt2-ospfd(config-router)# passive-interface rt2-eth0
rt2-ospfd(config-router)# do sh run
[snip]
!
router ospf
 ospf router-id 2.2.2.2
 network 0.0.0.0/0 area 0
!
[snip]
rt2-ospfd(config-router)# passive-interface default
rt2-ospfd(config-router)#
rt2-ospfd(config-router)#
rt2-ospfd(config-router)# do sh ip ospf nei

Neighbor ID     Pri State           Dead Time Address         Interface            RXmtL RqstL DBsmL
1.1.1.1           1 Full/Backup       38.206s 10.0.1.1        rt2-eth0:10.0.1.2        0     0     0
3.3.3.3           1 Full/Backup       38.206s 10.0.2.3        rt2-eth1:10.0.2.2        0     0     0
4.4.4.4           1 Full/DR           38.206s 10.0.2.4        rt2-eth1:10.0.2.2        0     0     0
rt2-ospfd(config-router)#
rt2-ospfd(config-router)#
rt2-ospfd(config-router)# do sh run
[snip]
!
router ospf
 ospf router-id 2.2.2.2
 network 0.0.0.0/0 area 0
 network 2.2.2.2/32 area 0
 network 10.0.1.0/24 area 0
 network 10.0.2.0/24 area 0
!
[snip]

Now the problems:
1 - The passive-interface command is not working at all. ospfd is forming adjacencies normally.
2 - Both passive-interface default and passive-interface IFNAME are not appearing in the running configuration. And you removed the logic to prepend a no before passive-interface IFNAME depending whether passive-interface default is configured or not.
3 - New network statements were introduced in the running configuration. Thinking from the perspective of the northbound API, my opinion is that a daemon shouldn't change its running configuration internally. sh run should reflect exactly what the operator configured.

To reinforce my last point, imagine someone configuring ospfd like this:

rt2-ospfd(config)# router ospf
rt2-ospfd(config-router)# passive-interface default
rt2-ospfd(config-router)# network 0.0.0.0/0 area 0
rt2-ospfd(config-router)# no network 0.0.0.0/0 area 0
rt2-ospfd(config-router)# network 0.0.0.0/0 area 5
rt2-ospfd(config-router)#
rt2-ospfd(config-router)# do sh run
[snip]
!
router ospf
 ospf router-id 2.2.2.2
 network 0.0.0.0/0 area 5
 network 2.2.2.2/32 area 0
 network 10.0.1.0/24 area 0
 network 10.0.2.0/24 area 0
!
[snip]

Now the operator has a problem to solve.. and it could be worse depending on the number of interfaces. I think you should find a way to do what you're doing "under the hood" without affecting the running configuration. I'm not very familiar with ospfd code, but maybe you could ping @chiragshah6 to get some pointers on what would be the best way to solve this problem.

ospfd/ospf_vty.c Outdated

if (create == OSPF_IF_PASSIVE) {
/* create passive-interface from connected address */
ospf->passive_interface_default = OSPF_IF_PASSIVE;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't make sense. You're setting ospf->passive_interface_default to OSPF_IF_PASSIVE here and setting it to OSPF_IF_ACTIVE a few lines below. The problem is that a) no one is checking the value of this variable and b) this function acts on interfaces but passive_interface_default is tied to OSPF areas and not OSPF interfaces.

@fengtian6WIND
Copy link
Author

fengtian6WIND commented Jun 16, 2018 via email

@fengtian6WIND
Copy link
Author

fengtian6WIND commented Jun 28, 2018 via email

rwestphal
rwestphal requested changes Jul 9, 2018
View reviewed changes
Copy link
Member

@rwestphal rwestphal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fengtian6WIND Thanks the updates.

I see that the passive-interface command is now working again. However my other concern about ospfd changing its running configuration internally has not been addressed.

This is what I got in my test topology:

rt2-ospfd(config-router)# do sh run
[snip]
!                      
router ospf            
 ospf router-id 2.2.2.2             
 redistribute connected             
!                                   
[snip]                   
end
rt2-ospfd(config-router)#
rt2-ospfd(config-router)# passive-interface default
rt2-ospfd(config-router)# do sh run
[snip]  
!
router ospf
 ospf router-id 2.2.2.2
 redistribute connected
 passive-interface rt2-eth0 10.0.1.2
 passive-interface rt2-eth1 10.0.2.2
 passive-interface rt2-eth2 10.0.3.2
 passive-interface rt2-lo1 2.2.2.2
 network 2.2.2.2/32 area 0
!
[snip]

Those passive-interface rt2-xxx statements shouldn't have been added, sh run should show only what was configured explicitly by the operator. A daemon that changes its running configuration on its own would break the transactional configuration model we're trying to implement in FRR. Also, the passive-interface default command is not being displayed, which is wrong.

An additional problem is that new interfaces (e.g. tun interfaces) are not being put into the passive mode when passive-interface default is present. The passive-interface default command only converts the interfaces one time once it's executed. As I said before, I think you need to analyze the problem from a different perspective and restart from scratch. You need to change the internals of ospfd to do what you need to do, changing the ospfd configuration behind the users back is not the correct solution.

@fengtian6WIND
Copy link
Author

fengtian6WIND commented Jul 12, 2018 via email

@rwestphal
Copy link
Member

@fengtian6WIND Adding/deleting interfaces during runtime is a normal operation that is already supported by FRR. When a new interface is added, zebra detects it and notifies all clients about it, which process the message using the interface_add zclient callback. Your PR is introducing a regression because the ospfd passive-interface default command works for new interfaces on master whereas it doesn't work on your branch. There's also the problem about ospfd changing its running configuration internally, which is a much bigger issue that also needs to be resolved.

@fengtian6WIND
Copy link
Author

fengtian6WIND commented Jul 12, 2018 via email

@fengtian6WIND
Copy link
Author

fengtian6WIND commented Jul 17, 2018 via email

@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@FRRouting FRRouting deleted a comment from NetDEF-CI Jul 18, 2018
@rwestphal
Copy link
Member

Hi @fengtian6WIND,

I just tested your latest updates and I noticed a good progress, but there are still a few problems:

  • After starting ospfd, passive-interface default is shown in the running configuration even when the command is not present in ospfd.conf.
  • When I configure passive-interface rt2-eth0, it shows up as passive-interface rt2-eth0 10.0.1.2 in the running configuration.
  • When I configure passive-interface default, a new network 2.2.2.2/32 area 0 statement appears in the running configuration.
  • When I configure no passive-interface rt2-eth1, lots of passive-interface IFNAME statements show up in the running configuration.

I didn't look at the code this time but it seems you're in the right direction. And please squash all your commits into one.

eqvinox
eqvinox requested changes Jul 30, 2018
View reviewed changes
ospfd/ospf_interface.h Outdated
passive: no sending or
receiving (no need to
join multicast groups)
*/
DECLARE_IF_PARAM(uint8_t, priority); /* OSPF Interface priority */
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I disagree with taking one interface configuration option and pulling it out of the ospf_if_params struct while everything else is still in ospf_if_params. If you think the ospf_if_params struct is a bad idea in general, we should talk about that and we can change it for everything.

But either way it's not related to this patch and I don't see why it should be mixed in here.

@NetDEF-CI
Copy link
Collaborator

Continuous Integration Result: FAILED

See below for issues.
CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/

This is a comment from an EXPERIMENTAL automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

Get source and apply patch from patchwork: Successful

Building Stage: Failed

OpenBSD60 amd64 build: Successful
Fedora24 amd64 build: Successful
FreeBSD11 amd64 build: Successful
NetBSD7 amd64 build: Successful
CentOS6 amd64 build: Successful
NetBSD6 amd64 build: Successful
FreeBSD9 amd64 build: Successful
CentOS7 amd64 build: Successful
Ubuntu1204 amd64 build: Successful
FreeBSD10 amd64 build: Successful
OmniOS amd64 build: Successful
Ubuntu1404 amd64 build: Successful

Ubuntu1604 amd64 build: Failed

Package building failed for Ubuntu1604 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI014BUILD/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Ubuntu1604 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI014BUILD/config.status/config.status

Ubuntu 16.04 i386: Failed

Package building failed for Ubuntu 16.04 i386:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1604I386/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Ubuntu 16.04 i386: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1604I386/config.status/config.status

Ubuntu 18.04 amd64 build: Failed

Package building failed for Ubuntu 18.04 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1804AMD64/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Ubuntu 18.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1804AMD64/config.status/config.status

Debian8 amd64 build: Failed

Package building failed for Debian8 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI008BLD/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Debian8 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI008BLD/config.status/config.status

Debian9 amd64 build: Failed

Package building failed for Debian9 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI021BUILD/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Debian9 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI021BUILD/config.status/config.status

Warnings Generated during build:

Checkout code: Successful with additional warnings:

Ubuntu1604 amd64 build: Failed

Package building failed for Ubuntu1604 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI014BUILD/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Ubuntu1604 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI014BUILD/config.status/config.status

Ubuntu 16.04 i386: Failed

Package building failed for Ubuntu 16.04 i386:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1604I386/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Ubuntu 16.04 i386: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1604I386/config.status/config.status

Ubuntu 18.04 amd64 build: Failed

Package building failed for Ubuntu 18.04 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1804AMD64/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Ubuntu 18.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/U1804AMD64/config.status/config.status

Debian8 amd64 build: Failed

Package building failed for Debian8 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI008BLD/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Debian8 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI008BLD/config.status/config.status

Debian9 amd64 build: Failed

Package building failed for Debian9 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI021BUILD/ErrorLog/log_package_build.txt)

dh: Unknown sequence debian/backports/rules (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep)
# Frr needs /proc to check some BSD vs Linux specific stuff.
# Else it fails with an obscure error message pointing out that
# IPCTL_FORWARDING is an undefined symbol which is not very helpful.
if ! [ -e config.status ]; then \
dh_auto_configure -- \
	--enable-exampledir=/usr/share/doc/frr/examples/ \
	--localstatedir=/var/run/frr \
	--sbindir=/usr/lib/frr \

Debian9 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5080/artifact/CI021BUILD/config.status/config.status

Report for ospfd.h | 2 issues
===============================================
< WARNING: function definition argument 'uint8_t' should also have an identifier name
< #513: FILE: /tmp/f1-22894/ospfd.h:513:

@LabN-CI
Copy link
Collaborator

LabN-CI commented Aug 29, 2018

💚 Basic BGPD CI results: SUCCESS, 0 tests failed

Results table
_ _
Result SUCCESS git pull/2359 3632b26 (merge failed)
Date 08/28/2018
Start 22:20:09
Finish 22:43:17
Run-Time 23:08
Total 1816
Pass 1816
Fail 0
Valgrind-Errors 0
Valgrind-Loss 0
Details vncregress-2018-08-28-22:20:09.txt
Log autoscript-2018-08-28-22:20:54.log.bz2

For details, please contact louberger

@LabN-CI
Copy link
Collaborator

LabN-CI commented Aug 29, 2018

💚 Basic BGPD CI results: SUCCESS, 0 tests failed

Results table
_ _
Result SUCCESS git pull/2359 a7a9bc2 (merge failed)
Date 08/28/2018
Start 22:50:09
Finish 23:13:13
Run-Time 23:04
Total 1816
Pass 1816
Fail 0
Valgrind-Errors 0
Valgrind-Loss 0
Details vncregress-2018-08-28-22:50:09.txt
Log autoscript-2018-08-28-22:50:54.log.bz2

For details, please contact louberger

@NetDEF-CI
Copy link
Collaborator

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5081/

This is a comment from an EXPERIMENTAL automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

CLANG Static Analyzer Summary

  • Github Pull Request 2359, comparing to Git base SHA 96487ee

Fixed warnings:

  • Memory error: Use-after-free in dpd/lde.c, function lde_address_list_free, line 1624
  • Memory error: Use-after-free in ib/imsg-buffer.c, function msgbuf_clear, line 199
  • Memory error: Use-after-free in ib/imsg.c, function imsg_get_fd, line 305
  • Logic error: Assigned value is garbage or undefined in ib/skiplist.c, function skiplist_insert, line 224

New warnings:

Static Analysis warning summary compared to base:

  • Fixed warnings: 4
  • New warnings: 4

4 Static Analyzer issues remaining.

See details at
https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5081/artifact/shared/static_analysis/index.html

@fengtian6WIND
Copy link
Author

Hi @rwestphal

I give a patch for fix the issue and you can check it
but I didn't reproduce the issue of rt1-lo1rt1-eth0, please provide 'ip addr show' for those interface

@fengtian6WIND
ospfd: implement passive-interface function of cisco
d6bb46e 
"passive-interface default/interface [IPv4]" will automatic
add interface into ospf but not active it for adjacency and
futher action

"no passive-interface default/interface [IPv4]" will active
the passive interface for adjacency and futher

Signed-off-by: Fengtian Guo <fengtian.guo@6wind.com>
@LabN-CI
Copy link
Collaborator

LabN-CI commented Sep 5, 2018

💚 Basic BGPD CI results: SUCCESS, 0 tests failed

Results table
_ _
Result SUCCESS git merge/2359 0a94267
Date 09/04/2018
Start 23:20:40
Finish 23:43:46
Run-Time 23:06
Total 1816
Pass 1816
Fail 0
Valgrind-Errors 0
Valgrind-Loss 0
Details vncregress-2018-09-04-23:20:40.txt
Log autoscript-2018-09-04-23:21:22.log.bz2

For details, please contact louberger

@NetDEF-CI
Copy link
Collaborator

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5189/

This is a comment from an EXPERIMENTAL automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

Warnings Generated during build:

Checkout code: Successful with additional warnings:

Report for ospfd.h | 2 issues
===============================================
< WARNING: function definition argument 'uint8_t' should also have an identifier name
< #513: FILE: /tmp/f1-7978/ospfd.h:513:

CLANG Static Analyzer Summary

  • Github Pull Request 2359, comparing to Git base SHA 74938ac

No Changes in Static Analysis warnings compared to base

4 Static Analyzer issues remaining.

See details at
https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5189/artifact/shared/static_analysis/index.html

@fengtian6WIND
ospf: fix 'network XXX' show bug
81c0845 
Signed-off-by: Fengtian Guo <fengtian.guo@6wind.com>
@LabN-CI
Copy link
Collaborator

LabN-CI commented Sep 5, 2018

💚 Basic BGPD CI results: SUCCESS, 0 tests failed

Results table
_ _
Result SUCCESS git merge/2359 81c0845
Date 09/05/2018
Start 03:40:47
Finish 04:04:20
Run-Time 23:33
Total 1816
Pass 1816
Fail 0
Valgrind-Errors 0
Valgrind-Loss 0
Details vncregress-2018-09-05-03:40:47.txt
Log autoscript-2018-09-05-03:41:36.log.bz2

For details, please contact louberger

@NetDEF-CI
Copy link
Collaborator

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-5194/

This is a comment from an EXPERIMENTAL automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

@fengtian6WIND
Copy link
Author

There is no person review this patch ?

@eqvinox eqvinox self-assigned this Sep 11, 2018
@eqvinox
Copy link
Contributor

eqvinox commented Sep 12, 2018

Hi @fengtian6WIND - sorry that this is taking very long, but the behaviour and change are very "non-obvious"; it's hard to correctly understand what is going on.

I've looked at Cisco docs for passive interface, and as far as I understand, in Cisco a passive interface is not automatically added to any area. So the network command must still be used in the config for the passive interface. Your patch seems to do this differently, with passive interfaces in area 0. Can you explain a bit what the logic is here?

@fengtian6WIND
Copy link
Author

Hi, eqvinox

  1. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/xe-3s/iri-xe-3s-book/iri-default-passive-interface.html
    In our company 6wind, we discuss to implement such function.
    Of course, the cisco document is not clear, I have no such test enviroment to confirm if cisco work as I implment in quagga

@eqvinox
Copy link
Contributor

eqvinox commented Sep 14, 2018
edited
Loading

@fengtian6WIND I've looked at that page and it still has the network statements for passive interfaces:

Device(config)# interface GigabitEthernet 0/0/0
Device(config-if)# ip address 172.19.64.38 255.255.255.0 secondary 
Device(config-if)# ip address 172.19.232.70 255.255.255.240 
Device(config-if)# no ip directed-broadcast 
Device(config-if)# exit 
Device(config)# interface Serial 0/0/0 
Device(config-if)# ip address 172.24.101.14 255.255.255.252 
Device(config-if)# no ip directed-broadcast 
Device(config-if)# no ip mroute-cache 
Device(config-if)# exit 
Device(config)# interface TokenRing 0/0/0
Device(config-if)# ip address 172.20.10.4 255.255.255.0 
Device(config-if)# no ip directed-broadcast 
Device(config-if)# no ip mroute-cache 
Device(config-if)# ring-speed 16 
Device(config-if)# exit 
Device(config)# router ospf 1 
Device(config-router)# passive-interface default 
Device(config-router)# no passive-interface Serial 0/0/0
Device(config-router)# network 172.16.10.0 0.0.0.255 area 0 
Device(config-router)# network 172.19.232.0 0.0.0.255 area 4 
Device(config-router)# network 172.24.101.0 0.0.0.255 area 4 
Device(config-router)# end

You can see that:

  • for TokenRing 0/0/0 there is no network command. OSPF is not enabled on it and will not send or receive.
  • for Serial 0/0/0 there is no passive-interface + network 172.24.101.0 0.0.0.255 area 4 => it is in OSPF area 4
  • for GigabitEthernet 0/0/0, there are 2 IP addresses which will be processed separately:
    • 172.19.64.38 has no network command => OSPF will not send or receive with this subnet. (With or without passive-interface does not matter.)
    • 172.19.232.70 there is network 172.19.232.0 0.0.0.255 area 4 but nothing about passive => passive-interface default makes it passive. But it is in area 4 (!!!)

For me it does not make any sense to have passive-interface create an implicit network command, because there is no way to give the area config for it. The passive-interface and network commands are completely separate and I don't see why we should make passive-interface have some hidden effect on network. It would be confusing for the user and redundant in the config. The user should just normally use the network command for subnet + area config, and passive-interface for, well, making interfaces passive.

@eqvinox eqvinox added the submitter action required The author/submitter needs to do something (fix, rebase, add info, etc.) label Oct 23, 2018
@pguibert6WIND
Copy link
Member

pguibert6WIND commented Oct 23, 2018
edited
Loading

For me it does not make any sense to have passive-interface create an implicit network command,
a network prefix can be built in the appropriate area, since there is an area configuration mode per interface

interface eth0
 ip ospf area 1
exit
interface eth1
ip address <IP1/MM>
ip address <IP2/MM>
exit
router ospf
passive-interface eth0           <--- a) all ips of eth0 will go in area 1
passive-interface eth1           <--- b) we should do nothing on IP1, and IP2, while area is not defined, 
                                               <--- or network command does not overlap ips from eth1

eventually, for b) we could change something else related to default area per interface, since no area is defined by default per interface. ( ip ospf area 0 is saved in running-config)

note that this pr has been opened to have same behaviour of cisco ( #2065 ), that is to say having passive-interface only - no network command)

@eqvinox
Copy link
Contributor

eqvinox commented Oct 23, 2018

ACK, this PR needs to be changed to match Cisco behaviour. passive-interface should not put an interface into OSPF. interface XXX -> ip ospf area is used for that in your case.

@rwestphal
Copy link
Member

passive-interface should not put an interface into OSPF. interface XXX -> ip ospf area is used for that in your case.

I just checked the IETF and OpenConfig OSPF models and found this:

  • IETF OSPF model:
    leaf passive {
      type boolean;
      description
        "Enable/Disable passive interface - a passive interface's
         prefix will be advertised but no neighbor adjacencies
         will be formed on the interface.";
    }
  • OpenConfig OSPF model:
    leaf passive {
      type boolean;
      description
        "When this leaf is set to true, the interface should be
        advertised within the OSPF area but OSPF adjacencies should
        not be established over the interface";
    }

In other words, what we're calling the Cisco behavior is also the behavior specified in the IETF/OC YANG models, so I think we should go for it. We should only fix the problem about implicit network statements being added to the running config, since that can lead to several problems as you pointed out.

@eqvinox eqvinox assigned pguibert6WIND and unassigned eqvinox Oct 30, 2018
@fengtian6WIND
Copy link
Author

So, now the conclusion
I should only fix implict network statements being added to running configure

@eqvinox
Copy link
Contributor

eqvinox commented Nov 1, 2018

So, now the conclusion
I should only fix implict network statements being added to running configure

The implicit network statements need to be removed completely, not just in show running-config.

Neither Cisco nor the YANG models have an implicit network statement in passive-interface. To run an interface in passive mode, both network and passive-interface must be used explicitly.

@donaldsharp
Copy link
Member

closing because will be worked on later

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qlyoung qlyoung qlyoung left review comments

@rwestphal rwestphal rwestphal requested changes

@eqvinox eqvinox eqvinox requested changes

@odd22 odd22 odd22 approved these changes

Assignees

@pguibert6WIND pguibert6WIND

Labels
preliminary (WiP) submitter action required The author/submitter needs to do something (fix, rebase, add info, etc.)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@fengtian6WIND @odd22 @rwestphal @LabN-CI @NetDEF-CI @donaldsharp @eqvinox @pguibert6WIND @qlyoung