Rpki Encapsulation #5015
Merged
Rpki Encapsulation #5015
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Outdated results 💚Basic BGPD CI results: SUCCESS, 0 tests failed
For details, please contact louberger |
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
from
b4e68b5 to
75040f3
Compare
Outdated results 💚Basic BGPD CI results: SUCCESS, 0 tests failed
For details, please contact louberger |
|
ci:rerun |
Continuous Integration Result: FAILEDContinuous Integration Result: FAILEDSee below for issues. This is a comment from an automated CI system. Get source / Pull Request: SuccessfulBuilding Stage: FailedDebian 10 amd64 build: Failed (click for details)Debian 10 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/DEB10BUILD/config.status/config.statusPackage building failed for Debian 10 amd64 build: Ubuntu 14.04 amd64 build: Failed (click for details)Ubuntu 14.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI001BUILD/config.status/config.statusPackage building failed for Ubuntu 14.04 amd64 build: Ubuntu 16.04 amd64 build: Failed (click for details)Ubuntu 16.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI014BUILD/config.status/config.statusPackage building failed for Ubuntu 16.04 amd64 build: Ubuntu 18.04 amd64 build: Failed (click for details)Ubuntu 18.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1804AMD64/config.status/config.statusPackage building failed for Ubuntu 18.04 amd64 build: Ubuntu 16.04 i386 build: Failed (click for details)Ubuntu 16.04 i386 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1604I386/config.status/config.statusPackage building failed for Ubuntu 16.04 i386 build: Debian 8 amd64 build: Failed (click for details)Debian 8 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI008BLD/config.status/config.statusPackage building failed for Debian 8 amd64 build: Ubuntu 18.04 ppc64le build: Failed (click for details)Ubuntu 18.04 ppc64le build: config.log output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1804PPC64LEBUILD/config.log/ Ubuntu 18.04 ppc64le build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1804PPC64LEBUILD/config.status/config.statusPackage building failed for Ubuntu 18.04 ppc64le build: Debian 9 amd64 build: Failed (click for details)Debian 9 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI021BUILD/config.status/config.statusPackage building failed for Debian 9 amd64 build: Successful on other platforms
Warnings Generated during build:Checkout code: Successful with additional warningsDebian 10 amd64 build: Failed (click for details)Debian 10 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/DEB10BUILD/config.status/config.statusPackage building failed for Debian 10 amd64 build: Ubuntu 14.04 amd64 build: Failed (click for details)Ubuntu 14.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI001BUILD/config.status/config.statusPackage building failed for Ubuntu 14.04 amd64 build: Ubuntu 16.04 amd64 build: Failed (click for details)Ubuntu 16.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI014BUILD/config.status/config.statusPackage building failed for Ubuntu 16.04 amd64 build: Ubuntu 18.04 amd64 build: Failed (click for details)Ubuntu 18.04 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1804AMD64/config.status/config.statusPackage building failed for Ubuntu 18.04 amd64 build: Ubuntu 16.04 i386 build: Failed (click for details)Ubuntu 16.04 i386 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1604I386/config.status/config.statusPackage building failed for Ubuntu 16.04 i386 build: Debian 8 amd64 build: Failed (click for details)Debian 8 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI008BLD/config.status/config.statusPackage building failed for Debian 8 amd64 build: Ubuntu 18.04 ppc64le build: Failed (click for details)Ubuntu 18.04 ppc64le build: config.log output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1804PPC64LEBUILD/config.log/ Ubuntu 18.04 ppc64le build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/U1804PPC64LEBUILD/config.status/config.statusPackage building failed for Ubuntu 18.04 ppc64le build: Debian 9 amd64 build: Failed (click for details)Debian 9 amd64 build: config.status output from configure script can be found at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8981/artifact/CI021BUILD/config.status/config.statusPackage building failed for Debian 9 amd64 build: |
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
from
75040f3 to
742a738
Compare
Continuous Integration Result: SUCCESSFULContinuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8987/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsCLANG Static Analyzer Summary
No Changes in Static Analysis warnings compared to base1 Static Analyzer issues remaining.See details at |
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
2 times, most recently
from
53a24f3 to
9d4286e
Compare
Outdated results 💚Basic BGPD CI results: SUCCESS, 0 tests failed
For details, please contact louberger |
Continuous Integration Result: SUCCESSFULContinuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8990/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsCLANG Static Analyzer Summary
No Changes in Static Analysis warnings compared to base1 Static Analyzer issues remaining.See details at |
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
from
9d4286e to
f308689
Compare
Continuous Integration Result: SUCCESSFULContinuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8991/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsCLANG Static Analyzer Summary
No Changes in Static Analysis warnings compared to base1 Static Analyzer issues remaining.See details at |
Outdated results 💚Basic BGPD CI results: SUCCESS, 0 tests failed
For details, please contact louberger |
Continuous Integration Result: SUCCESSFULContinuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-8993/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsCLANG Static Analyzer Summary
No Changes in Static Analysis warnings compared to base1 Static Analyzer issues remaining.See details at |
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
from
f308689 to
15283b7
Compare
Outdated results 💚Basic BGPD CI results: SUCCESS, 0 tests failed
For details, please contact louberger |
Continuous Integration Result: FAILEDContinuous Integration Result: FAILEDSee below for issues. This is a comment from an automated CI system. Get source / Pull Request: SuccessfulBuilding Stage: SuccessfulBasic Tests: FailedIPv4 protocols on Ubuntu 14.04: Failed (click for details)RFC Compliance Test ANVL-BGP4-21.4 failing: IPv6 protocols on Ubuntu 14.04: Failed (click for details)Successful on other platforms
Warnings Generated during build:Checkout code: Successful with additional warningsIPv4 protocols on Ubuntu 14.04: Failed (click for details)RFC Compliance Test ANVL-BGP4-21.4 failing: IPv6 protocols on Ubuntu 14.04: Failed (click for details)CLANG Static Analyzer Summary
No Changes in Static Analysis warnings compared to base1 Static Analyzer issues remaining.See details at |
|
ci:rerun |
|
That pull request does not have rpki vrf-aware feature yet. Then a 2nd series of commits will come with rtrlib adaptation. |
Continuous Integration Result: SUCCESSFULContinuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-9021/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsCLANG Static Analyzer Summary
No Changes in Static Analysis warnings compared to base1 Static Analyzer issues remaining.See details at |
mroethke
reviewed
Oct 18, 2019
There was a problem hiding this comment.
This seems fine in general to me, but I commented on a few thinkgs.
Furthermore can someone explain the qobj stuff and why it is necessary here? I looked the the header and the early commits of those files, but they did not enlighten me.
And finally I'm not sure it makes sense to merge this without vrf support in rtrlib. Because as far as I understand it would not work. Or am I mistaken here?
| ssh_privkey); | ||
| if (!strmatch(pub, ssh_pubkey)) { | ||
| vty_out(vty, | ||
| "ssh public key overriden: %s.pub\n", |
There was a problem hiding this comment.
This sounds like the key is overridden on disk
There was a problem hiding this comment.
can you be more specific. do you expect an other message?
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
from
15283b7 to
63b2c60
Compare
|
Hi Marcel, |
Outdated results 💚Basic BGPD CI results: SUCCESS, 0 tests failed
For details, please contact louberger |
Continuous Integration Result: SUCCESSFULContinuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-9335/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsCLANG Static Analyzer Summary
Fixed warnings:
New warnings:
Static Analysis warning summary compared to base:
1 Static Analyzer issues remaining.See details at |
if ssh cache servers are configured, then show rpki-table is looking at the tcp server context. Fix this by checking the server cache type, and also display the ssh context if this is configured. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
show running-config did not display rpki retry-interval. fixes this. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
a missing command expire-interval was not present in show running-config. append it. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
the show running-config rpki was displaying systematically the default values, when at least one cache server was configured. now, if the rpki configuration has been changed, either because of a new cache server, or because of a change in the default settings, then the associated configuration is dumped in the 'show running-config' command. adding to this, to permit user to dump the settings values, the command 'show rpki configuration' dumps the values whatever default or not. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
when a plugin is attached, some debugs may be attached to that plugin. For that, add one hook that is interacting with vty: a boolean indicates what the usage is for: either for impacting the 'show running-config', or for impacting the 'show debugging' command. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
rpki debugging is linked with standard bgp debugging facilities. - debug rpki is dumped in running-config if the command is executed from configure terminal. - show debugging indicated whether rpki debug is enabled or not. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this work is a preparatory work so that rpki can have per-vrf contexts. the work consists in allocating a rpki_vrf structure with all inside: rtr_config, cache, etc.. This work is also necessary in the long term support with yang northboundapi. Indeed, there may be highly possible that yang context for rpki be defined per core instance. That work also instantiates a list of rpki_vrf, though only one instance is created. That work also introduces a vrfname field attribute that is set to null for now , and stands for default vrf where rpki is configured on. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this command may conflict with the same command available under vrf subnode. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
rpki_node is a node under configure terminal. as such, align with other nodes that are similar. Note that this change is important, since the location where show running-config from vtysh displays rpki configuration is changed in the middle of the configuration instead of at the top, before authentication. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
rpki context can be removed by doing 'no rpki' command from configure node. this work allows to allocate the associated rpki_vrf context when entering in rpki node, instead of at the initialisation step. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this hook can be used by plugins like rpki. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this commit change introduces a callback function pointer that rtrlib calls. this permits to create the socket and initialising the socket with the right information, in the right vrf. Adding to this, rpki uses a hook to be triggered when a vrf is enabled/disabled. in this way, start mechanisms will be triggered only when vrf is available, and stop mechanism will be done upon vrf disable event. Adding to this, the cache structure contains a back pointer to the rpki vrf structure. this is done to retrieve the vrf where the cache points to. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
it is possible to dump rpki commands per vrf context. also, rpki start/stop commands are also appended with vrfname parameter. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
rpki vrf subnode is instantiated under the vrf subnode. It it to be noted that this commit contains a change in vtysh. Actually, the output of bgp daemon from show running-config is extracted in vtysh, and reengineered ( hence the vtysh_config.c change done). This permits having a subnode under vrf sub node. Also, add vrf node support to bgpd, as rpki command can not be found under vrf node. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
rpki config can be displayed in the 'show running-config'. there is a fix to be done yet, this is related to the order of rpki per vrf configuration. actually, the output is not saveable in the running-config since the rpki commands are swapped. this prevents from running rpki config at startup. That commit also changes the identation, since rpki configure node was with one extra space. reducing this, and add the changes for vrf configuration too. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this command permits to stop and flush the rpki contexts for a specific vrf. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
the validation of rpki routes will impact the matching bgp instance. Until now, the rpki was triggering validation of all bgp entries. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
this extra trace will help to understand which rpki context is triggered. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
rpki per vrf documentation is being added. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
bool format suits better for rtr_is_running and rtr_is_stopped values. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
pguibert6WIND
force-pushed
the
rpki_vrf_encapsulation
branch
from
2868387 to
76ddd87
Compare
💚 Basic BGPD CI results: SUCCESS, 0 tests failedResults table
For details, please contact louberger |
Continuous Integration Result: SUCCESSFULCongratulations, this patch passed basic tests Tested-by: NetDEF / OpenSourceRouting.org CI System CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-12938/ This is a comment from an automated CI system. Warnings Generated during build:Checkout code: Successful with additional warningsWarnings Generated during build:Debian 10 amd64 build: Successful with additional warningsDebian Package lintian failed for Debian 10 amd64 build: |
srimohans
approved these changes
Jul 3, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This set of commits fixes some rpki issues.
on top of that, it encapsulated all global variables of rpki into a sub structure.
this work is preparatory work for: