import frr-7.5-11.el8

SOURCES/0008-ospf-multi-instance.patch

@@ -0,0 +1,119 @@
+diff --git a/ospfd/ospfd.c b/ospfd/ospfd.c
+index d8be19db9..6fe94f3a4 100644
+--- a/ospfd/ospfd.c
++++ b/ospfd/ospfd.c
+@@ -384,12 +384,50 @@ struct ospf *ospf_lookup_by_inst_name(unsigned short instance, const char *name)
+ 	return NULL;
+ }
+ 
+-struct ospf *ospf_get(unsigned short instance, const char *name, bool *created)
++static void ospf_init(struct ospf *ospf)
+ {
+-	struct ospf *ospf;
+ 	struct vrf *vrf;
+ 	struct interface *ifp;
+ 
++	ospf_opaque_type11_lsa_init(ospf);
++
++	if (ospf->vrf_id != VRF_UNKNOWN)
++		ospf->oi_running = 1;
++
++	/* Activate 'ip ospf area x' configured interfaces for given
++	 * vrf. Activate area on vrf x aware interfaces.
++	 * vrf_enable callback calls router_id_update which
++	 * internally will call ospf_if_update to trigger
++	 * network_run_state
++	 */
++	vrf = vrf_lookup_by_id(ospf->vrf_id);
++
++	FOR_ALL_INTERFACES (vrf, ifp) {
++		struct ospf_if_params *params;
++		struct route_node *rn;
++		uint32_t count = 0;
++
++		params = IF_DEF_PARAMS(ifp);
++		if (OSPF_IF_PARAM_CONFIGURED(params, if_area))
++			count++;
++
++		for (rn = route_top(IF_OIFS_PARAMS(ifp)); rn; rn = route_next(rn))
++			if ((params = rn->info) && OSPF_IF_PARAM_CONFIGURED(params, if_area))
++				count++;
++
++		if (count > 0) {
++			ospf_interface_area_set(ospf, ifp);
++			ospf->if_ospf_cli_count += count;
++		}
++	}
++
++	ospf_router_id_update(ospf);
++}
++
++struct ospf *ospf_get(unsigned short instance, const char *name, bool *created)
++{
++	struct ospf *ospf;
++
+ 	/* vrf name provided call inst and name based api
+ 	 * in case of no name pass default ospf instance */
+ 	if (name)
+@@ -402,39 +440,7 @@ struct ospf *ospf_get(unsigned short instance, const char *name, bool *created)
+ 		ospf = ospf_new(instance, name);
+ 		ospf_add(ospf);
+ 
+-		ospf_opaque_type11_lsa_init(ospf);
+-
+-		if (ospf->vrf_id != VRF_UNKNOWN)
+-			ospf->oi_running = 1;
+-
+-		/* Activate 'ip ospf area x' configured interfaces for given
+-		 * vrf. Activate area on vrf x aware interfaces.
+-		 * vrf_enable callback calls router_id_update which
+-		 * internally will call ospf_if_update to trigger
+-		 * network_run_state
+-		 */
+-		vrf = vrf_lookup_by_id(ospf->vrf_id);
+-
+-		FOR_ALL_INTERFACES (vrf, ifp) {
+-			struct ospf_if_params *params;
+-			struct route_node *rn;
+-			uint32_t count = 0;
+-
+-			params = IF_DEF_PARAMS(ifp);
+-			if (OSPF_IF_PARAM_CONFIGURED(params, if_area))
+-				count++;
+-
+-			for (rn = route_top(IF_OIFS_PARAMS(ifp)); rn; rn = route_next(rn))
+-				if ((params = rn->info) && OSPF_IF_PARAM_CONFIGURED(params, if_area))
+-					count++;
+-
+-			if (count > 0) {
+-				ospf_interface_area_set(ospf, ifp);
+-				ospf->if_ospf_cli_count += count;
+-			}
+-		}
+-
+-		ospf_router_id_update(ospf);
++		ospf_init(ospf);
+ 	}
+ 
+ 	return ospf;
+@@ -450,7 +456,7 @@ struct ospf *ospf_get_instance(unsigned short instance, bool *created)
+ 		ospf = ospf_new(instance, NULL /* VRF_DEFAULT*/);
+ 		ospf_add(ospf);
+ 
+-		ospf_opaque_type11_lsa_init(ospf);
++		ospf_init(ospf);
+ 	}
+ 
+ 	return ospf;
+diff --git a/ospfd/ospfd.h b/ospfd/ospfd.h
+index 192e54281..3087b735a 100644
+--- a/ospfd/ospfd.h
++++ b/ospfd/ospfd.h
+@@ -604,7 +604,6 @@ extern int ospf_nbr_nbma_poll_interval_set(struct ospf *, struct in_addr,
+ 					   unsigned int);
+ extern int ospf_nbr_nbma_poll_interval_unset(struct ospf *, struct in_addr);
+ extern void ospf_prefix_list_update(struct prefix_list *);
+-extern void ospf_init(void);
+ extern void ospf_if_update(struct ospf *, struct interface *);
+ extern void ospf_ls_upd_queue_empty(struct ospf_interface *);
+ extern void ospf_terminate(void);

SOURCES/0009-bgp-ttl-security.patch

@@ -0,0 +1,92 @@
+From 8a66632391db5f5181a4afef6aae41f48bee7fdb Mon Sep 17 00:00:00 2001
+From: Donald Sharp <sharpd@nvidia.com>
+Date: Fri, 15 Jan 2021 08:14:49 -0500
+Subject: [PATCH] bgpd: Allow peer-groups to have `ttl-security hops`
+ configured
+
+The command `neighbor PGROUP ttl-security hops X` was being
+accepted but ignored.  Allow it to be stored.  I am still
+not sure that this is applied correctly, but that is another
+problem.
+
+Fixes: #7848
+Signed-off-by: Donald Sharp <sharpd@nvidia.com>
+---
+ bgpd/bgpd.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
+index 9297ec4711c..4ebd3da0620 100644
+--- a/bgpd/bgpd.c
++++ b/bgpd/bgpd.c
+@@ -7150,6 +7150,7 @@ int is_ebgp_multihop_configured(struct peer *peer)
+ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ {
+ 	struct peer_group *group;
++	struct peer *gpeer;
+ 	struct listnode *node, *nnode;
+ 	int ret;
+ 
+@@ -7186,9 +7187,10 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 				return ret;
+ 		} else {
+ 			group = peer->group;
++			group->conf->gtsm_hops = gtsm_hops;
+ 			for (ALL_LIST_ELEMENTS(group->peer, node, nnode,
+-					       peer)) {
+-				peer->gtsm_hops = group->conf->gtsm_hops;
++					       gpeer)) {
++				gpeer->gtsm_hops = group->conf->gtsm_hops;
+ 
+ 				/* Calling ebgp multihop also resets the
+ 				 * session.
+@@ -7198,7 +7200,7 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 				 * value is
+ 				 * irrelevant.
+ 				 */
+-				peer_ebgp_multihop_set(peer, MAXTTL);
++				peer_ebgp_multihop_set(gpeer, MAXTTL);
+ 			}
+ 		}
+ 	} else {
+@@ -7219,9 +7221,10 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 					       MAXTTL + 1 - gtsm_hops);
+ 		} else {
+ 			group = peer->group;
++			group->conf->gtsm_hops = gtsm_hops;
+ 			for (ALL_LIST_ELEMENTS(group->peer, node, nnode,
+-					       peer)) {
+-				peer->gtsm_hops = group->conf->gtsm_hops;
++					       gpeer)) {
++				gpeer->gtsm_hops = group->conf->gtsm_hops;
+ 
+ 				/* Change setting of existing peer
+ 				 *   established then change value (may break
+@@ -7231,17 +7234,18 @@ int peer_ttl_security_hops_set(struct peer *peer, int gtsm_hops)
+ 				 *   no session then do nothing (will get
+ 				 * handled by next connection)
+ 				 */
+-				if (peer->fd >= 0
+-				    && peer->gtsm_hops
++				if (gpeer->fd >= 0
++				    && gpeer->gtsm_hops
+ 					       != BGP_GTSM_HOPS_DISABLED)
+ 					sockopt_minttl(
+-						peer->su.sa.sa_family, peer->fd,
+-						MAXTTL + 1 - peer->gtsm_hops);
+-				if ((peer->status < Established)
+-				    && peer->doppelganger
+-				    && (peer->doppelganger->fd >= 0))
+-					sockopt_minttl(peer->su.sa.sa_family,
+-						       peer->doppelganger->fd,
++						gpeer->su.sa.sa_family,
++						gpeer->fd,
++						MAXTTL + 1 - gpeer->gtsm_hops);
++				if ((gpeer->status < Established)
++				    && gpeer->doppelganger
++				    && (gpeer->doppelganger->fd >= 0))
++					sockopt_minttl(gpeer->su.sa.sa_family,
++						       gpeer->doppelganger->fd,
+ 						       MAXTTL + 1 - gtsm_hops);
+ 			}
+ 		}

SOURCES/0011-designated-router.patch

@@ -0,0 +1,33 @@
+diff --git a/ospfd/ospf_vty.c b/ospfd/ospf_vty.c
+index 69a3e4587..57ef6029a 100644
+--- a/ospfd/ospf_vty.c
++++ b/ospfd/ospf_vty.c
+@@ -3737,6 +3737,28 @@ static void show_ip_ospf_interface_sub(struct vty *vty, struct ospf *ospf,
+ 				vty_out(vty,
+ 					"  No backup designated router on this network\n");
+ 		} else {
++			nbr = ospf_nbr_lookup_by_addr(oi->nbrs, &DR(oi));
++			if (nbr) {
++				if (use_json) {
++					json_object_string_add(
++						json_interface_sub, "drId",
++						inet_ntoa(nbr->router_id));
++					json_object_string_add(
++						json_interface_sub, "drAddress",
++						inet_ntoa(nbr->address.u
++								.prefix4));
++				} else {
++					vty_out(vty,
++						"  Designated Router (ID) %s",
++						inet_ntoa(nbr->router_id));
++					vty_out(vty,
++						" Interface Address %s\n",
++						inet_ntoa(nbr->address.u
++								.prefix4));
++				}
++			}
++			nbr = NULL;
++
+ 			nbr = ospf_nbr_lookup_by_addr(oi->nbrs, &BDR(oi));
+ 			if (nbr == NULL) {
+ 				if (!use_json)

SPECS/frr.spec

@@ -5,7 +5,7 @@
 
 Name: frr
 Version: 7.5
-Release: 4%{?checkout}%{?dist}.2
+Release: 11%{?checkout}%{?dist}
 Summary: Routing daemon
 License: GPLv2+
 URL: http://www.frrouting.org
@@ -37,7 +37,10 @@ Patch0003: 0003-disable-eigrp-crypto.patch
 Patch0004: 0004-fips-mode.patch
 Patch0006: 0006-CVE-2020-12831.patch
 Patch0007: 0007-frrinit.patch
-Patch0008: 0008-bfd-reload.patch
+Patch0008: 0008-ospf-multi-instance.patch
+Patch0009: 0009-bgp-ttl-security.patch
+Patch0010: 0010-bfd-reload.patch
+Patch0011: 0011-designated-router.patch
 Patch0012: 0012-bfd-peers-crash.patch
 
 %description
@@ -199,11 +202,27 @@ make check PYTHON=%{__python3}
 %{_tmpfilesdir}/%{name}.conf
 
 %changelog
-* Wed Jan 05 2022 Michal Ruprich <mruprich@redhat.com> - 7.5-4.2
-- Resolves: #2037200 - Bfdd crash in metallb CI
+* Wed Jan 05 2022 Michal Ruprich <mruprich@redhat.com> - 7.5-11
+- Resolves: #2034328 - Bfdd crash in metallb CI
 
-* Fri Dec 10 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-4.1
-- Resolves: #2031077 - FRR reloader generating invalid BFD configurations, exits with error
+* Tue Jan 04 2022 Michal Ruprich <mruprich@redhat.com> - 7.5-10
+- Resolves: #2020878 - frr ospfd show ip ospf interface does not show designated router info
+
+* Fri Dec 10 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-9
+- Resolves: #2029958 - FRR reloader generating invalid BFD configurations, exits with error
+
+* Tue Nov 16 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-8
+- Resolves: #2021819 - Rebuilding for the new json-c
+
+* Thu Sep 30 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-7
+- Related: #1917269 - Wrong value in gating file
+
+* Fri Sep 17 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-6
+- Related: #1917269 - Incomplete patch, adding gating rules
+
+* Thu Sep 16 2021 Michal Ruprich <mruprich@redhat.com> - 7.5-5
+- Resolves: #1979426 - Unable to configure OSPF in multi-instance mode
+- Resolves: #1917269 - vtysh running-config output not showing bgp ttl-security hops option
 
 * Tue Jan 12 2021 root - 7.5-4
 - Related: #1889323 - Fixing start-up with old config file