From 5481c6a69a16f65fa2f82c772a7855e5918b3829 Mon Sep 17 00:00:00 2001 From: Michal Ruprich Date: Tue, 10 Oct 2023 16:22:36 +0200 Subject: [PATCH] Resolves: RHEL-2263 - eBGP multihop peer flapping due to delta miscalculation of new configuration --- .fmf/version | 1 + 0015-max-ttl-reload.patch | 93 ++++++++++++++++++++++++++ frr.spec | 6 +- gating.yaml | 5 +- plans/internal/Acceptance-internal.fmf | 10 +++ plans/internal/other-internal.fmf | 10 +++ plans/internal/tier1-internal.fmf | 10 +++ plans/internal/tier2-internal.fmf | 10 +++ plans/internal/tier3-internal.fmf | 10 +++ plans/public/Acceptance-public.fmf | 7 ++ plans/public/other-public.fmf | 7 ++ plans/public/tier1-public.fmf | 7 ++ plans/public/tier2-public.fmf | 7 ++ plans/public/tier3-public.fmf | 7 ++ 14 files changed, 188 insertions(+), 2 deletions(-) create mode 100644 .fmf/version create mode 100644 0015-max-ttl-reload.patch create mode 100644 plans/internal/Acceptance-internal.fmf create mode 100644 plans/internal/other-internal.fmf create mode 100644 plans/internal/tier1-internal.fmf create mode 100644 plans/internal/tier2-internal.fmf create mode 100644 plans/internal/tier3-internal.fmf create mode 100644 plans/public/Acceptance-public.fmf create mode 100644 plans/public/other-public.fmf create mode 100644 plans/public/tier1-public.fmf create mode 100644 plans/public/tier2-public.fmf create mode 100644 plans/public/tier3-public.fmf diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 0000000..d00491f --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/0015-max-ttl-reload.patch b/0015-max-ttl-reload.patch new file mode 100644 index 0000000..e68a221 --- /dev/null +++ b/0015-max-ttl-reload.patch @@ -0,0 +1,93 @@ +From 767aaa3a80489bfc4ff097f932fc347e3db25b89 Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Mon, 21 Aug 2023 00:01:42 +0300 +Subject: [PATCH] bgpd: Do not explicitly print MAXTTL value for ebgp-multihop + vty output + +1. Create /etc/frr/frr.conf +``` +frr version 7.5 +frr defaults traditional +hostname centos8.localdomain +no ip forwarding +no ipv6 forwarding +service integrated-vtysh-config +line vty +router bgp 4250001000 + neighbor 192.168.122.207 remote-as 65512 + neighbor 192.168.122.207 ebgp-multihop +``` + +2. Start FRR +`# systemctl start frr +` +3. Show running configuration. Note that FRR explicitly set and shows the default TTL (225) + +``` +Building configuration... + +Current configuration: +! +frr version 7.5 +frr defaults traditional +hostname centos8.localdomain +no ip forwarding +no ipv6 forwarding +service integrated-vtysh-config +! +router bgp 4250001000 + neighbor 192.168.122.207 remote-as 65512 + neighbor 192.168.122.207 ebgp-multihop 255 +! +line vty +! +end +``` +4. Copy initial frr.conf to frr.conf.new (no changes) +`# cp /etc/frr/frr.conf /root/frr.conf.new +` +5. Run frr-reload.sh: + +``` +$ /usr/lib/frr/frr-reload.py --test /root/frr.conf.new +2023-08-20 20:15:48,050 INFO: Called via "Namespace(bindir='/usr/bin', confdir='/etc/frr', daemon='', debug=False, filename='/root/frr.conf.new', input=None, log_level='info', overwrite=False, pathspace=None, reload=False, rundir='/var/run/frr', stdout=False, test=True, vty_socket=None)" +2023-08-20 20:15:48,050 INFO: Loading Config object from file /root/frr.conf.new +2023-08-20 20:15:48,124 INFO: Loading Config object from vtysh show running + +Lines To Delete +=============== +router bgp 4250001000 + no neighbor 192.168.122.207 ebgp-multihop 255 + +Lines To Add +============ +router bgp 4250001000 + neighbor 192.168.122.207 ebgp-multihop +``` + +Closes https://github.com/FRRouting/frr/issues/14242 + +Signed-off-by: Donatas Abraitis +--- + bgpd/bgp_vty.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c +index be0fe4283747..c9a9255f3392 100644 +--- a/bgpd/bgp_vty.c ++++ b/bgpd/bgp_vty.c +@@ -17735,8 +17735,12 @@ static void bgp_config_write_peer_global(struct vty *vty, struct bgp *bgp, + && !(peer->gtsm_hops != BGP_GTSM_HOPS_DISABLED + && peer->ttl == MAXTTL)) { + if (!peer_group_active(peer) || g_peer->ttl != peer->ttl) { +- vty_out(vty, " neighbor %s ebgp-multihop %d\n", addr, +- peer->ttl); ++ if (peer->ttl != MAXTTL) ++ vty_out(vty, " neighbor %s ebgp-multihop %d\n", ++ addr, peer->ttl); ++ else ++ vty_out(vty, " neighbor %s ebgp-multihop\n", ++ addr); + } + } + diff --git a/frr.spec b/frr.spec index db1a9ce..1d065cb 100644 --- a/frr.spec +++ b/frr.spec @@ -7,7 +7,7 @@ Name: frr Version: 7.5.1 -Release: 12%{?checkout}%{?dist} +Release: 13%{?checkout}%{?dist} Summary: Routing daemon License: GPLv2+ URL: http://www.frrouting.org @@ -54,6 +54,7 @@ Patch0011: 0011-reload-bfd-profile.patch Patch0012: 0012-graceful-restart.patch Patch0013: 0013-CVE-2022-37032.patch Patch0014: 0014-bfd-profile-crash.patch +Patch0015: 0015-max-ttl-reload.patch %description FRRouting is free software that manages TCP/IP based routing protocols. It takes @@ -274,6 +275,9 @@ make check PYTHON=%{__python3} %endif %changelog +* Tue Oct 10 2023 Michal Ruprich - 7.5.1-13 +- Resolves: RHEL-2263 - eBGP multihop peer flapping due to delta miscalculation of new configuration + * Wed Aug 23 2023 Michal Ruprich - 7.5.1-12 - Resolves: #2216911 - Adding missing sys_admin SELinux call diff --git a/gating.yaml b/gating.yaml index f422e3c..ec65926 100644 --- a/gating.yaml +++ b/gating.yaml @@ -4,5 +4,8 @@ product_versions: decision_context: osci_compose_gate rules: - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/internal/tier1-internal.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/internal/Acceptance-internal.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public/tier1-public.functional} + - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/internal/Acceptance-public.functional} - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation} - - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.acceptance-tier.functional} diff --git a/plans/internal/Acceptance-internal.fmf b/plans/internal/Acceptance-internal.fmf new file mode 100644 index 0000000..176a236 --- /dev/null +++ b/plans/internal/Acceptance-internal.fmf @@ -0,0 +1,10 @@ +summary: Internal Acceptance tests plan +discover: + how: fmf + filter: 'tag: Acceptance' + url: git://pkgs.devel.redhat.com/tests/frr +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream or distro == fedora \ No newline at end of file diff --git a/plans/internal/other-internal.fmf b/plans/internal/other-internal.fmf new file mode 100644 index 0000000..d374ff1 --- /dev/null +++ b/plans/internal/other-internal.fmf @@ -0,0 +1,10 @@ +summary: Internal Other tests plan +discover: + how: fmf + filter: 'tier: -1 & tier: -2 & tier: -3 & tag: -Acceptance & tag: -multihost' + url: git://pkgs.devel.redhat.com/tests/frr +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream or distro == fedora \ No newline at end of file diff --git a/plans/internal/tier1-internal.fmf b/plans/internal/tier1-internal.fmf new file mode 100644 index 0000000..237a86e --- /dev/null +++ b/plans/internal/tier1-internal.fmf @@ -0,0 +1,10 @@ +summary: Internal Tier1 tests plan +discover: + how: fmf + filter: 'tier: 1' + url: git://pkgs.devel.redhat.com/tests/frr +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream or distro == fedora \ No newline at end of file diff --git a/plans/internal/tier2-internal.fmf b/plans/internal/tier2-internal.fmf new file mode 100644 index 0000000..d7fcc46 --- /dev/null +++ b/plans/internal/tier2-internal.fmf @@ -0,0 +1,10 @@ +summary: Internal Tier2 tests plan +discover: + how: fmf + filter: 'tier: 2' + url: git://pkgs.devel.redhat.com/tests/frr +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream or distro == fedora \ No newline at end of file diff --git a/plans/internal/tier3-internal.fmf b/plans/internal/tier3-internal.fmf new file mode 100644 index 0000000..5688267 --- /dev/null +++ b/plans/internal/tier3-internal.fmf @@ -0,0 +1,10 @@ +summary: Internal Tier3 tests plan +discover: + how: fmf + filter: 'tier: 3' + url: git://pkgs.devel.redhat.com/tests/frr +execute: + how: tmt +adjust: + enabled: false + when: distro == centos-stream or distro == fedora \ No newline at end of file diff --git a/plans/public/Acceptance-public.fmf b/plans/public/Acceptance-public.fmf new file mode 100644 index 0000000..8781b3e --- /dev/null +++ b/plans/public/Acceptance-public.fmf @@ -0,0 +1,7 @@ +Summary: Public Acceptance tests plan +discover: + how: fmf + url: https://src.fedoraproject.org/tests/frr.git + filter: 'tag: Acceptance' +execute: + how: tmt diff --git a/plans/public/other-public.fmf b/plans/public/other-public.fmf new file mode 100644 index 0000000..9e4df6e --- /dev/null +++ b/plans/public/other-public.fmf @@ -0,0 +1,7 @@ +Summary: Public other tests plan +discover: + how: fmf + url: https://src.fedoraproject.org/tests/frr.git + filter: 'tier: -1 & tier: -2 & tier: -3 & tag: -Acceptance & tag: -multihost' +execute: + how: tmt diff --git a/plans/public/tier1-public.fmf b/plans/public/tier1-public.fmf new file mode 100644 index 0000000..cf2e8d5 --- /dev/null +++ b/plans/public/tier1-public.fmf @@ -0,0 +1,7 @@ +Summary: Public Tier1 tests plan +discover: + how: fmf + url: https://src.fedoraproject.org/tests/frr.git + filter: 'tier: 1' +execute: + how: tmt diff --git a/plans/public/tier2-public.fmf b/plans/public/tier2-public.fmf new file mode 100644 index 0000000..e9a13c0 --- /dev/null +++ b/plans/public/tier2-public.fmf @@ -0,0 +1,7 @@ +Summary: Public Tier2 tests plan +discover: + how: fmf + url: https://src.fedoraproject.org/tests/frr.git + filter: 'tier: 2' +execute: + how: tmt diff --git a/plans/public/tier3-public.fmf b/plans/public/tier3-public.fmf new file mode 100644 index 0000000..7ba9e3c --- /dev/null +++ b/plans/public/tier3-public.fmf @@ -0,0 +1,7 @@ +Summary: Public Tier3 tests plan +discover: + how: fmf + url: https://src.fedoraproject.org/tests/frr.git + filter: 'tier: 3' +execute: + how: tmt