Mailing List Archive

Quagga 1.2.0 released
Hi,

Quagga 1.2.0 has been released, available from the usual place:

https://download.savannah.gnu.org/releases/quagga/

This is a feature release, for testing or more adventurous users. More
conservative users may wish to stay with an older release. This release
contains:

* Next-Hop Resolution Protocol support from Timo Ter?s
* BGP session establishment reworked, for speed and reliability
* BGP route-advertisement timer interval default lowered, to 3s for eBGP and 1s for iBGP.
* BGP Connect retries made more aggressive, with lower retry timer and a slower-ramping backoff.

These BGP changes were stress-tested, and compared to other open-source
BGP implementations. With these changes, Quagga performs comparably or
better, particularly at scale with large numbers of routes.

The change-list overview:

release: Quagga 1.2.0
build/HACKING: add check for pandoc and update make rule for HACKING.pdf
HACKING: Update governance
ripd: Fix restriction on default RTE that's incompatible with CIDR
bgpd: Rollback "always send OPEN" a little, to workaround test suite issues
bgpd: Config state related to OPEN must now be copied to accept peer.
bgpd: Better/more debug for collisions, inc. logging port of NOTIFYs.
bgpd: collision detection assumes 'new' peer is the inbound connection
bgpd: collision-detect should retain Established peers + tidy logic + logs
lib: Add a trivial sockunion_get_port helper function
bgpd: Send OPEN immediately on inbound connections
release: Add release.sh script and update HACKING.md accordingly.
doc: nhrpd.texi needs to referenced by Makefile for dist tarballs
nhrpd: Makefile.am needs to specify the headers, for dist tarballs to work
doc: add initial nhrpd documentation
lib: routemap.h depends on prefix.h
bgpd: Fix unhandled enum warning for AFI_ETHER
bgpd: Add support for BGP Large Communities
nhrpd: Add libgen.h include for basename call
bgpd: Graphviz dot files for the BGP FSM
bgpd: Make the exponential backoff on BGP stop_with_error slower
bgpd: consolidate start timer backoff via a 'BGP_Stop_with_error' FSM event
bgpd: Remove change that makes NHT tickle BGP FSM.
bgpd: Rejiggle exported nht function names and consolidate some code
bgpd: Modernise BGP defaults for MRAI and connect time
lib: track worst case # of cycles and don't allow granularity to go above
tools: Extend multiple-bgpd.sh to support BIRD, ExaBGP plus more configurables
tools/multiple-bgpd: extend the ring, enable mpath, add links to +-2 instances
tools: Remove historic scripts
ripd: Fix GCC6 warning on misleading indentation
isisd,ospf6d,bgpd: Fix GCC 6 warnings on indentation not matching control flow
build: Add GCC stack-protector/SSP to default flag set
lib: vty_prefix_list_install should validate afi/safi
ospfd: 'ip ospf network' interface should down iface before changing type
bgpd: Add route count from neighbours & established sessions to bgp summary
bgpd: fix invalid memory access in peer_free()
bgpd: fix "show ip bgp" column alignment
vtysh, zebra: Fix link-params to use exit-link-params
zebra: fix link-params CLI handling
build: configure.ac - use AC_PROG_CC_C99 instead of cflags to force c99 mode
ospfd: Fix arm compile issue
ripngd: add support for route tags
ripd: add support for route tags
ospf6d: add support for route tags
*: Port Christians tweaks for 32-bit route tags
ospfd: Update route in zebra when tag changes
nhrpd: implement next hop resolution protocol
zserv: get rid of code duplication in nexthop_lookup[_mrib] functions
zebra: Change bitwise operations to purpose-built macros
lib: Clean command.c
vtysh: fix a memory leak in vtysh_client_execute
vtysh: handle case if there is no match in "write terminal $daemon"
ripd: print md5 auth digest correctly
pimd: don't leak original_s_route on error
ospfd: fix double assignment in ospf_vl_set_timers
bgpd: fix memory leaks in show commands
bgpd: don't leak memory in community_regexp_include
bgpd: check return value of zebra_interface_state_read
bgpd: setting nexthop doesn't need inet_pton
lib: AgentX: use threads instead of eventloop hack
lib: add thread_add_timer_tv (struct timeval)
lib: linklist: add listnode_add_before()
pimd: Fix of using uninitialized Memory
vtysh: send "no interface" command to all daemons that support it
bgpd: fix potential crash in community_list_dup_check
zebra: make fpm netlink_route_info_fill more robust
ospf6d: remove unused broken function
isisd: exit if daemonizing fails
zebra: fix a crash in static_add_ipv6 caused by a NULL dereference
pimd: Add ability to safely ignore route-maps
pimd: Add support for displaying ip mroute
pimd: Remove igmp_add_group_by_addr unneeded parameter
pimd: Remove source_new unneeded parameter
pimd: Remove dead code.
lib/stream: Add stream_discard, to discard read data from a stream
Extend BGP_SEND_ASPATH_CHECK to cover confederations
lib/memory: fix indirect static link with zlib
configure: fix static linking with readline
config: Give the option of disabling run as user/group
bgpd: simplify ebgp-multihop and ttl-security handling
bgpd: honor disable-connected-check option with next hop tracking
zebra: fix nht validity checking to be same as when it's resolved
zebra: use FIB state for nexthop tracking


The full change-list:

commit c876b0b27e398c7d733966ce8636c26dd7a8e6eb
Author: Paul Jakma <paul@jakma.org>
Date: Wed Feb 8 15:19:38 2017 +0000

release: Quagga 1.2.0

commit 3c06ac025adbd4611e3a290b43fea4cb512688ac
Author: Paul Jakma <paul@jakma.org>
Date: Sun Feb 5 21:45:05 2017 +0000

build/HACKING: add check for pandoc and update make rule for HACKING.pdf

commit b29cd82299206f77a584699bcb3b7a7b36183787
Author: Paul Jakma <paul@jakma.org>
Date: Sun Feb 5 21:24:42 2017 +0000

HACKING: Update governance

commit f452d5409a5eb275ee4d5dd24e67461231dc425a
Author: Jim Carroll <jim@carroll.com>
Date: Fri Jan 27 16:08:59 2017 +0000

ripd: Fix restriction on default RTE that's incompatible with CIDR

* ripd.c: (rip_response_process) A 0 address can still easily have a
non-zero netmask. E.g., 0/1 to complement 128/1. These should be allowed
through. See bug #903.

Modify to check for malformed pseudo-default routes, where the netmask is
0 but the address is non-0, and warn and drop such routes instead.

commit d023f9ffae4b040335d12c1aa7409a9a15b7a3ac
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Fri Sep 16 15:13:43 2016 +0100

bgpd: Rollback "always send OPEN" a little, to workaround test suite issues

* "bgpd: Send OPEN immediately on inbound connections" doesn't play well with
some partial BGP implementations, test and conformance suites e.g., which
have rigid expectations about ordering and don't implement much of CD.

roll back, but only a little, by deferring OPEN sending on outbound till
receive.

* bgpd.h: (struct peer) add PEER_STATUS_OPEN_DEFERRED status flag.
Kind of a sub-fsm. Main FSM does not allow transition functions to
signal next-state - next-state is inflexibly fixed in the table -
so can't handle it cleanly at that level.
* bgp_fsm.c: (bgp_connect_success) Defer sending open if the peer is
an accept-peer/inbound and there appears to be an outbound connection
in progress. Set PEER_STATUS_OPEN_DEFERRED to signal to bgp_open_receive
that an OPEN still must be sent.
* bgp_packet.c: (bgp_open_receive) Send the OPEN here, when deferred.

commit 5a0c1be698a044bc838f3e6c8b259fa52cf9981c
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Thu Sep 15 17:13:16 2016 +0100

bgpd: Config state related to OPEN must now be copied to accept peer.

* bgp_network.c: (bgp_accept) OPEN is now sent on accept peer, due to
"Send OPEN immediately on inbound connections", so configuration state
that affects OPEN also has to be copied for.

Fixes failure with Martin Winter / NetDEFs test cases, where bgpd was
failing to advertise configured AFI/SAFIs.

commit c79862373cd310dba8c0a51ff94ddce48be0099e
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Wed Sep 21 17:42:37 2016 +0100

bgpd: Better/more debug for collisions, inc. logging port of NOTIFYs.

commit 1ebafb61a4a2059fdd50aeefd27780d6358dd488
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Wed Apr 27 09:55:21 2016 +0100

bgpd: collision detection assumes 'new' peer is the inbound connection

* bgp_packet.c: (bgp_collision_detect) for a long time, this has assumed
the 'new' peer argument on which an OPEN has just been received must be
an 'inbound' connection, and the looked up 'peer' the outbound. However,
this doesn't seem a robust assumption. It seems possible it could be the
other way around.

The consequences are that collision detection could behave inconsistently
with other implementations, and result in both sides closing the same
connection.

Fix to follow the RFC.

commit ac278ea6b770fd0bf74b3e718c2e6a4d84fcba3a
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue Apr 26 11:46:34 2016 +0100

bgpd: collision-detect should retain Established peers + tidy logic + logs

* bgp_network.c: (bgp_accept) We should also reject connections where
the main peer is in >Established state.
Could potentially also reject connections for main peer == Established
here too.

Log the port number too, so it's easier to reconcile logs with
network dumps.

* bgp_packet.c: (bgp_collision_detect) Try factor out some of the
conditionals controlling the action of the loop to the top, for
readability.

Handle existing Established session, by closing the new one, favouring
stability and as per RFC, except for GR.

(bgp_open_receive) Tidy up the logic a bit for readability, making each
case distinct in the main body of the loop.

commit f408fa2c81a8e5873cb0a8c37fe44e389f65d50e
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Mon Apr 25 15:50:31 2016 +0100

lib: Add a trivial sockunion_get_port helper function

commit 2d81a7a8e425dcc4ca0cda411e73915f7ec3c1c9
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Wed Apr 20 14:05:20 2016 +0100

bgpd: Send OPEN immediately on inbound connections

* bgpd_fsm.c: (bgp_connect_success) This is the transition function
called when TCP_connection_open occurs in Connect or Active. It
sends OPEN, but only for a !ACCEPT_PEER. I.e. only on the local
bgpd's outbound connection.

This means OPEN will never be sent on a received connection, until
OPEN is received on it. Which means if the remote peer delays
sending its OPEN on such an inbound connection, the local peer might
hit a timer (e.g. connectretry) before then and reset.

There should be no harm in sending OPEN ASAP on any new connection
with any conforming implementation, indeed this is supposed to be the
behaviour. It should speed up things, decrease the window in which
collision detection could be hit, and make things more robust. So do
so.

* bgp_packet.c: (bgp_open_receive) Update the comment.
Do not send bgp_open_send on the ACCEPT_PEER connection that has just
been transferred over, that's now done in bgp_connect_success, as it
should be.

The accept peer's output fifo must also be transferred over, to
ensure the Open gets sent, if not already, and the write thread state
replicated accordingly.

* bgp_network.c: (bgp_accept) local AS config needs to set, so we can
send Open early on ACCEPT_PEER connections.

Note: The Cumulus "Fix FSM to handle active/passive connections better"
patch also makes this change, amongst other things.

commit a04d836427dcea903edf3d6aea3c0978b8ba1300
Author: Paul Jakma <paul@jakma.org>
Date: Fri Jan 27 11:37:36 2017 +0000

release: Add release.sh script and update HACKING.md accordingly.

commit 461649d3346a15a4b8be64156181bc2dac7a538e
Author: Paul Jakma <paul@jakma.org>
Date: Fri Jan 27 11:19:48 2017 +0000

doc: nhrpd.texi needs to referenced by Makefile for dist tarballs

commit ac728fd929f5b949364089c4f0d95cfa322a7683
Author: Paul Jakma <paul@jakma.org>
Date: Fri Jan 27 11:07:24 2017 +0000

nhrpd: Makefile.am needs to specify the headers, for dist tarballs to work

commit b1887c852c5c040e109925887ec8c1ca8c428730
Author: Timo Ter?s <timo.teras@iki.fi>
Date: Tue Jan 24 16:42:19 2017 +0200

doc: add initial nhrpd documentation

commit 23426d21d5ceccec47d80288e8cf411e44f59e58
Author: Paul Jakma <paul@jakma.org>
Date: Mon Jan 23 10:55:55 2017 +0000

lib: routemap.h depends on prefix.h

commit 7fa7acb4926f2a0d1fb5eb0834ae6c60b8ba5147
Author: Paul Jakma <paul@jakma.org>
Date: Fri Jan 20 18:16:04 2017 +0000

bgpd: Fix unhandled enum warning for AFI_ETHER

* bgp_open.c: (bgp_afi_safi_valid_indices) We have AFI_ETHER defined, but
don't handle it at this point.

commit 3334bab0d96b2d7064111e025ff6294d6a32d026
Author: Job Snijders <job@instituut.net>
Date: Fri Jan 20 14:47:12 2017 +0000

bgpd: Add support for BGP Large Communities

As described by Michael Lambert <lambert@psc.edu> to the list:

Traditional communities are four-octet entities to support two-octet ASNs
and are usually represented as <asn>:<data>. Large communities are an
enhancement to support four-octet ASNs and are 12 octets long, represented
as <asn>:<data-1>:<data-2>.

This issue has been tracked in quagga bugzilla ticket #875, which documents
some of the usage and indicates that some testing has been done.

TODO: Documentation - update doc/bgpd.texi.

* bgp_attr.{c,h}: Add BGP_ATTR_LARGE_COMMUNITIES codepoint. Add
(struct lcommunity *) to (struct bgp_attr_extra).
* bgp_clist.{c,h}: Large community codepoints and routines.
* bgp_route.c: Display support.
* bgp_routemap.c: 'match lcommunity', 'set large-community' and
'set large-comm-list'
* bgp_vty.c: Peer configuration, add 'large' to 'neighbor send-community ..'.
Add "show ip bgp large-community", ""ip large-community-list ...".

Authors: Keyur Patel <keyur@arrcus.com>
Job Snijders <job@instituut.net>

commit f2a4b8fffb1f771371d6bfc425e7a69a14057b06
Author: Paul Jakma <paul@jakma.org>
Date: Fri Jan 20 14:45:47 2017 +0000

nhrpd: Add libgen.h include for basename call

commit 86d87e018bd8f9249986be4e6b713ab918fa5e0b
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Wed Apr 20 14:04:22 2016 +0100

bgpd: Graphviz dot files for the BGP FSM

* bgp_fsm_{quagga,4271}.dot: Graphviz DOT files to document the BGP FSM
somewhat, for both Quagga and the basics of 4271. May contain
errors, and could do with more work, but hopefully a useful start.

commit b8f8ba1bb24295a47758cb0e0b3072e017e52280
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Wed Sep 28 16:54:48 2016 +0100

bgpd: Make the exponential backoff on BGP stop_with_error slower

* bgp_fsm.c: (bgp_stop_with_error) peer->v_start * 2^x exponential back
off, up to max of 120s, ramps up fast. Use a slower back off, implemented
via a helper.
(back_off_exp2) The original 2^x back off.
(back_off_exp2_bias) Exp back-off, but biased down by the initial value to
slow the rampup initially.

commit b1b1579bf16e6c3a21216d7f68b1b175ab1303bd
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Wed Sep 21 18:50:23 2016 +0100

bgpd: consolidate start timer backoff via a 'BGP_Stop_with_error' FSM event

* Exponential increase/back-off on the peer start timer is replicated in
a few places. Consolidate by adding a "BGP_Stop_with_error" event
so places outside FSM can just raise that event.
* bgpd.h: Add BGP_Stop_with_error
* bgp_fsm.c: (bgp_event_str[]) Add text for BGP_Stop_with_error.
FSM table: Handle BGP_Stop_with_error, identical to bgp_stop
in nearly all cases.
* bgp_packet.c: (bgp_write,bgp_write_notify) can just raise new event now.

commit 5a9f13a4a0df45c72dc425cc930e5e5682ba59ae
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue Oct 4 13:00:00 2016 +0100

bgpd: Remove change that makes NHT tickle BGP FSM.

* bgpd NHT patch makes NHT tickle FSM to restart session attempts that
are still very early, pre sending of messages. Not really necessary,
and conceptually it may be nicer to just keep these two pieces
separate from each other.
* bgpd.h: Remove NHT_Update FSM event
* bgp_fsm.c: Remove NHT_Update event action from the FSM.
* bgp_nht.c: Remove NHT_Update event.

commit 3dda6b3eccb9a2a88d607372c83c04c796e7daac
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue Sep 6 16:57:40 2016 +0100

bgpd: Rejiggle exported nht function names and consolidate some code

* bgp_nht.h: Tweak the API a bit to simplify and make names a bit clearer on
function. Remove AFI argument, it's implied in both bgp_infos and peers.

(bgp_find_nexthop) this doesn't so much find a bnc, as check the bnc
for the given bgp_info is valid. Rename to (bgp_nexthop_check).

(bgp_find_or_add_nexthop) This ensures a bnc exists, so call it
(bgp_ensure_nexthop).

(bgp_unlink_nexthop_by_peer) Remove via peer.

* bgp_nht.c: Adjust to above.
(bgp_get_nexthop_rn) helper to get the rn.
(bgp_find_nexthop) further helper to get the bnc for path or peer.
(bgp_unlink_nexthop_check) helper to check whether a bnc should go.
(bgp_ensure_nexthop) Use the helpers.

* bgp_{route,fsm}.c: s/bgp_find_or_add_nexthop/bgp_ensure_nexthop/

commit 05c9075b09bea9e2328980df7138da5fd8157dc3
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue May 17 13:28:16 2016 +0100

bgpd: Modernise BGP defaults for MRAI and connect time

Quagga uses historic BGP defaults for its minimum route advertisement
interval (MRAI) timers, and its ConnectRetry timer. It uses 30s and
5s for the eBGP and iBGP MRAIs, and 120s for the ConnectRetry timer.
These values are quite high, and delay convergence and session
establishment, and are unlikely to be desirable in modern networks.

The MRAI can, without a doubt, be significantly reduced. The optimal
MRAI is related to the size of the network, its diameter in terms of
BGP propagation latency particularly. Prior research suggests values
of 5s to 15s for Internet BGP, as reasonably conservative values.
Further, other implementations have long shipped with 1s or even 0s
MRAI values.

A too low MRAI, e.g. a 0 MRAI, can greatly increase the number of
BGP messages a speaker sends, and hence the bandwidth and even CPU it
might use. I.e. some MRAI is better than no MRAI, with current BGP,
or it is prone to excessive - even extreme - chattiness.

The ConnectRetry timer default also should be set much lower.

Lowering the MRAI had previously been suggested by:

"Lower the default MRAI timer for iBGP peers to 0

Signed-off-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>"

* bgpd/bgpd.h: Set defaults to:
- 3s for the eBGP MRAI
- 1s for iBGP MRAI (lower, but non-0, would be nice for this)
- 5s for the ConnectRetry timer

commit a2f0db2be27385211f033271d8b83e9caf362236
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Thu Feb 25 16:41:56 2016 +0000

lib: track worst case # of cycles and don't allow granularity to go above

* The workqueue code at present errs towards optimising the granularity
for throughput of queue items in runs. This perhaps is at the cost
of risking excessive delays at times. Make the workqueue take
worst-cases into account.

* thread.c: (thread_should_yield) When thread should yield, we can
return the time taken for free, as it might be useful to caller.
work_queue_run

* workqueue.h: (struct work_queue) Add fields for worst # of cycles,
and (independently) worst time taken.

* workqueue.c: (work_queue_new) Worst starts high.

(work_queue_run) Track the worst number of cycles taken, where a
queue run had to yield before clearing out the queue. Use this as an
upper-bound on the granularity, so the granulity can never increase.

Track the worst-case delay per work-queue, where it had to yield, thanks
to the thread_should_yield return value change. Note that "show thread
cpu" already shows stats for the work_queue_run function, inc average and
worst cases.

Deficiencies:

- A spurious outside delay (e.g. process not run in ages) could cause
'worst' to be very low in some particular invocation of a process,
and it will stay that way for life of process.

- The whole thing of trying to calculate suitable granularities is just
fragile and impossible to get 100% right.

commit 366bb4ab851137e669a2e7db7a45d73b39090249
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue May 17 13:59:55 2016 +0100

tools: Extend multiple-bgpd.sh to support BIRD, ExaBGP plus more configurables

* tools/multiple-bgpd.sh: Extend this script to support having
multiple different implementations in the ring. Add config
generator and launch functions for BIRD and ExaBGP.

Allow the proportion of other instances in the ring to peer with to
be configurable as %age via PEERPROP. Allow number of v4 routes to
advertise to be configurable via ADV. Allow "external", non-ring
BGP peers to be defined via the EXPEER* arrays.

commit a6efbab768b94a398adb52f0e2b3fe064cfe2f59
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue Dec 1 16:09:08 2015 +0000

tools/multiple-bgpd: extend the ring, enable mpath, add links to +-2 instances

* multiple-bgpd.sh: Configure mpath to test it. Add links to the ?2 instances
in the ring to get a bit more multi-pathing (otherwise, only mpath to
the furthest neighbour IF there's an even number of instances).

commit 5931124b6c78ec211e3171606fc2ad2dd448b12a
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Fri Jul 8 11:24:09 2016 +0100

tools: Remove historic scripts

commit b174a58467d155b8609f1b5a1f6e27f22afdb81c
Author: Paul Jakma <paul@jakma.org>
Date: Mon Jan 23 10:55:26 2017 +0000

ripd: Fix GCC6 warning on misleading indentation

commit 5bc62ca9561fa01a989e386cbf6e71cbdef77a3c
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Mon Jul 11 16:21:23 2016 +0100

isisd,ospf6d,bgpd: Fix GCC 6 warnings on indentation not matching control flow

GCC 6 can now give warnings when the indentation of code does not
align with the scope of prior control flow statement(s). I.e., where
the code visually suggests one kind of control flow, but in actuality
follows another.

Fix warnings found. They all seem to be simple cases of the indentation being
deceptive, but the existing flow being correct.

commit 40fc3dda2b7a345e447d2ef355108c987e59ed13
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue Oct 11 16:00:27 2016 +0100

build: Add GCC stack-protector/SSP to default flag set

* configure.ac: Add GCC SSP / -fstack-protector-strong to default flag
set, when available, as part of defence in depth. At least some
distros already use SSP by default and it can detect buffer overflows
above a certain size.

commit 867946bb8802c02049bf68a4e97843d777cbcb68
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Mon Dec 21 13:39:33 2015 +0000

lib: vty_prefix_list_install should validate afi/safi

* lib/plist.c: (vty_prefix_list_install) Check afi/safi is supported and warn
if not, as a safeguard and to ensure the user is warned, if somehow that
code is ever called for non-IP AFI.

commit 0c175f82a812c6e86eeb2c11b7f3f96bf46459fa
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Mon Dec 21 12:57:31 2015 +0000

ospfd: 'ip ospf network' interface should down iface before changing type

* ospf_vty.c: (ip_ospf_network) This function changes the interface type
and only then downs/ups the interface if already up. So the down happens
with the interface type already altered. However, the interface type
can have major ramifications for how underlying state is stored/indexed,
which may cause problems.

Further, bit of an encapsulation violation to twiddle state here.
(no_ip_ospf_network) ditto.
* ospf_interface.c: (ospf_if_reset_type) New function to reset the OSPF
interface type on an interface. Ensure the interface is downed before
the type is changed.
* ospf_interface.h: (ospf_if_reset_type) Export, for ospf_vty.c

commit 574e5007d5155ee261a4da39fc18502f76e40a30
Author: Paul Jakma <paul.jakma@hpe.com>
Date: Tue May 17 13:33:11 2016 +0100

bgpd: Add route count from neighbours & established sessions to bgp summary

* bgp_vty.c: (bgp_show_summary) The sum of the routes received from
each neighbour can be interesting/useful. Add a line with this to
end of 'show ... bgp ... summary'. Also, add a count of the number of
established sessions.

Note, the route count is also available from 'show bgp <afi> <safi>
statistics', along with more.

commit 670f3dba6721a500418b5793a2b00579198d2bd7
Author: Renato Westphal <renato@opensourcerouting.org>
Date: Mon Nov 28 16:47:13 2016 -0200

bgpd: fix invalid memory access in peer_free()

We shoult not call bgp_unlock() before calling
bgp_delete_connected_nexthop() in the peer_free() function. Otherwise,
if bgp->lock reaches zero, bgp_free() is called and peer->bgp becomes
an invalid pointer in the bgp_delete_connected_nexthop() function.

To fix this, move the call to bgp_unlock() to the end of peer_free().

commit 4d48bb360db5148b18524d06616555b06342fa68
Author: Daniel Walton <dwalton@cumulusnetworks.com>
Date: Tue Nov 29 12:47:12 2016 -0500

bgpd: fix "show ip bgp" column alignment

The "Weight" column is off:

BGP table version is 0, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, =
multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 4.1.1.2/32 9.9.9.2 0 32768 ?
*> 4.1.1.4/32 9.9.9.2 0 32768 ?
Displayed 2 out of 2 total prefixes

Reviewed-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 2c0adbf9bc0c2425f567848ba7f790059d18b253
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Fri Nov 18 15:42:41 2016 -0500

vtysh, zebra: Fix link-params to use exit-link-params

Fix the link-params submode to use the 'exit-link-params'
to indicate we are exiting a submode.

Fixup all the relevant bits.

commit f2f44eaa321be5a52e5ad67069bd8061603589a1
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Sat Nov 12 17:43:15 2016 +0900

zebra: fix link-params CLI handling

vtysh was breaking in a rather ugly way, and some "no" forms were
missing too.

commit a53d4e55a51518ae5735a65405dcee88c59cd5d8
Author: Martin Winter <mwinter@opensourcerouting.org>
Date: Thu Oct 20 23:55:10 2016 -0700

build: configure.ac - use AC_PROG_CC_C99 instead of cflags to force c99 mode

commit c2c63cb3d5e2f56cf2b2d3f00535d275ab23a969
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Mon Oct 10 19:35:43 2016 -0400

ospfd: Fix arm compile issue

size_t printf formatter is %zd!

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 5bb328e82137a0a9cc73e887d5074da273562d38
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat Oct 1 22:35:32 2016 +0200

ripngd: add support for route tags

commit 2bbacea824300be05f46094a4d156cb12c0dca13
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat Oct 1 21:43:17 2016 +0200

ripd: add support for route tags

commit 7ae2b609875756663e0a7d677609d04baa04b613
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat Oct 1 06:41:40 2016 +0200

ospf6d: add support for route tags

[ported by Paul Jakma, paul@jakma.org]

commit ddc160cce1767ef006a812f5213cabfb24e3cd4d
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat Oct 1 20:42:34 2016 +0200

*: Port Christians tweaks for 32-bit route tags

Port over Christian's tweaks from his port of my commit widening the
route-tag field width to 32-bit. Commit dc9ffce8786844
"*: Consistently support 32-bit route tags".

with "changes which make this actually useful for all the daemons".

This is missing the zebra route-map changes.

commit 5958b8f790f0049f980b74b3e2916979850e5d09
Author: Christian Franke <chris@opensourcerouting.org>
Date: Sat Oct 1 04:06:03 2016 +0200

ospfd: Update route in zebra when tag changes

Signed-off-by: Christian Franke <chris@opensourcerouting.org>

commit dafa05e65fe4b3b3ed5525443f554215ba14f42c
Author: Timo Ter?s <timo.teras@iki.fi>
Date: Thu Jan 19 17:27:01 2017 +0200

nhrpd: implement next hop resolution protocol

This provides DMVPN support and integrates to strongSwan. Please read
README.nhrpd and README.kernel for more details.

commit 56ae5c4847f53f10e2151039556ec76a7a94c7fb
Author: Jafar Al-Gharaibeh <jafar@atcorp.com>
Date: Fri Jun 17 16:01:12 2016 -0500

zserv: get rid of code duplication in nexthop_lookup[_mrib] functions

z[send/read]_ipv4_nexthop_lookup functions have been duplicated for multicast mrib lookup. The mrib versions are identical to the unicast versions except for a couple of places. The differences do not justify duplicating two functions and 80 lines of codes. Code refactoring and an if statement with a few lines of code are enough to handle the differences with a lot less and cleaner code.

Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>

commit 54f1476c2ab201808fae1ec9f2ee1a5460f7882b
Author: Quentin Young <qlyoung@cumulusnetworks.com>
Date: Mon Jun 20 13:58:05 2016 -0400

zebra: Change bitwise operations to purpose-built macros

Some bitfields for zebra_debug_* flags were being modified
with bitwise operators instead of the purpose-built macros
in lib/zebra.h. Changed such instances to use the macros.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Acked-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>

commit be987c2804730f39828e2e047fb09f05ebd9915a
Author: Quentin Young <qlyoung@cumulusnetworks.com>
Date: Thu Jun 16 11:26:44 2016 -0400

lib: Clean command.c

Removed dead code paths and fixed a typo.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>

commit 99f567205357570091ba109caad126b7bafcf8ce
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:07:10 2016 +0200

vtysh: fix a memory leak in vtysh_client_execute

buf is dynamically allocated and needs to be freed in the error handling
path too.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 5d9fae294228ad39d12913312485429b9129a3b0
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:07:09 2016 +0200

vtysh: handle case if there is no match in "write terminal $daemon"

While the DEFUN should match the list of clients registered in
vtysh, it seems better to handle the case explicitly instead of
relying on the client list and the DEFUN signature being in sync.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 93ad10e27beebb0416cf33d2f0acf96425064a48
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:07:08 2016 +0200

ripd: print md5 auth digest correctly

The dump of the md5 hash was missing one byte of the hash.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit d1da1e9d18f46d80da4e91fdabafb03fa4272a01
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:07:07 2016 +0200

pimd: don't leak original_s_route on error

original_s_route is allocated on the heap and was not freed during the
error case.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 5bd78b9f409b0a7d4b6a9e15d495ca2c53757a4d
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:07:02 2016 +0200

ospfd: fix double assignment in ospf_vl_set_timers

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit c8e80972d5b99fb8baaa367a726f1dc36a840744
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:07:01 2016 +0200

bgpd: fix memory leaks in show commands

sockunion_str2su allocates a struct sockunion that used to be leaked
in the show commands. Use str2sockunion and keep the information
on the stack instead.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>

commit 32e41f75fd1735071e0fa0bdd918e9b1241d1837
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:06:59 2016 +0200

bgpd: don't leak memory in community_regexp_include

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 708ea62f82f34c8674042b369ee8cba5d7b34c02
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:06:57 2016 +0200

bgpd: check return value of zebra_interface_state_read

zebra_interface_state_read can return NULL in cornercases. The other
daemons check for this, so should bgpd.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 5cb81ce51d5c2ed6b6f7ce51dcfa5388b1836c27
Author: Christian Franke <nobody@nowhere.ws>
Date: Tue Jun 14 20:06:56 2016 +0200

bgpd: setting nexthop doesn't need inet_pton

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit cfb4826340ab177b3cfbce4f138187f41860b68e
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon Jun 13 17:29:14 2016 +0200

lib: AgentX: use threads instead of eventloop hack

AgentX fd/timeout handling is rather hackishly monkeyed into thread.c.
Replace with code that uses plain thread_* functions.

NB: Net-SNMP's API rivals Quagga's in terms of age and absence of
documentation. netsnmp_check_outstanding_agent_requests() in particular
seems to be unused and is therefore untested.

The most useful documentation on this is actually the blog post Vincent
Bernat wrote when he originally integrated this into lldpd and Quagga:
https://vincent.bernat.im/en/blog/2012-snmp-event-loop.html

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

commit 47fb0a8eb8138572a9117156223259413a956e81
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon Jun 13 17:29:13 2016 +0200

lib: add thread_add_timer_tv (struct timeval)

Another zoo extension, this adds a timer scheduling function that takes
a struct timeval argument (which is actually what the wrappers boil down
to, yet it's not exposed...)

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

commit 449b29e8bd9fb1ae2e57cea7074e1b9778343455
Author: David Lamparter <equinox@opensourcerouting.org>
Date: Mon Jun 13 17:29:12 2016 +0200

lib: linklist: add listnode_add_before()

This utility function, to join the zoo that the Quagga linked-list
implementation has accumulated, does an insert-before while returning
the newly allocated node.

It is similar to:
- listnode_add_after(), but
- complementary direction
- returns allocated node
- list_add_node_prev(), but
- supports before == NULL
- returns allocated node

In general, the entire linked-list implementation is in bad shape, and
while it needs a cleanup / rewrite / replacement, this would both cause
significant conflicts and block other cleanups...

Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>

commit c96e78dde1f118eaee4269aa2c91ef70850e5423
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Thu Jun 9 15:34:59 2016 -0400

pimd: Fix of using uninitialized Memory

Valgrind is reporting that pimd is using uninitialized
memory for comparisons. This commit addresses
the issues found there.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 6ff2acde9291b855c44edf9a7a0423580c901d03
Author: Igor Ryzhov <iryzhov@nfware.com>
Date: Thu Jun 9 16:44:21 2016 +0300

vtysh: send "no interface" command to all daemons that support it

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>

commit c0a613f3a2be8e40265704fd00166cd5342ca409
Author: Christian Franke <nobody@nowhere.ws>
Date: Mon Jun 6 22:22:15 2016 +0200

bgpd: fix potential crash in community_list_dup_check

extcommunity_list_set may set the ->config for an entry
to NULL. In this case, the old code in community_list_dup_check
would cause a NULL pointer dereference.

Adjust the code so it behaves the same in the absence of NULL
pointers and otherwise checks if both are NULL to determine
equality.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 51b45a52adf944ac391c0e90f86597454ab4d657
Author: Christian Franke <nobody@nowhere.ws>
Date: Mon Jun 6 22:04:30 2016 +0200

zebra: make fpm netlink_route_info_fill more robust

Having an RTM_ADDROUTE with a rib == NULL would lead
to a crash due to a NULL pointer dereference.

Since an RTM_ADDROUTE without a rib object doesn't make
much sense, print a warning and remove the concerned
route instead.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Tested-by: NetDEF CI System <cisystem@netdef.org>

commit 8db38639cc4cf796484b352c57f2709151f0e2e4
Author: Christian Franke <nobody@nowhere.ws>
Date: Mon Jun 6 21:49:59 2016 +0200

ospf6d: remove unused broken function

ospf6_interface_if_del has not been in use since for quite some
years and is broken. (Will crash ospf6d if oi->area == NULL)

Since it is not used, just remove it.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 5a7a23b09fed1cb26b901e3160c2f6e560cfd679
Author: Christian Franke <nobody@nowhere.ws>
Date: Mon Jun 6 21:13:15 2016 +0200

isisd: exit if daemonizing fails

The other daemons in Quagga exit with an error if they cannot fork.
Change isisd to behave consistently.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 68cfaabc2e281b6ef9810138db3b42e52f1f0060
Author: Christian Franke <nobody@nowhere.ws>
Date: Mon Jun 6 21:10:24 2016 +0200

zebra: fix a crash in static_add_ipv6 caused by a NULL dereference

si will be NULL after end of the preceeding for loop. update is the
right static route info to use for deleting the old route.

Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Donald Sharp <sharpd@cumulusnetworks.com>

commit 456cb633436c567a173dadb9b6fb4610266c2ef9
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Thu Jun 2 02:37:52 2016 -0400

pimd: Add ability to safely ignore route-maps

pim was not parsing route-map code and causing issues
using vtysh because of this. Add code to safely
ignore the route-map code and set us up for future
expansion into route-maps if neeeded.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Jafar Al-Gharaibeh <jafar@atcorp.com>

commit 18343eeff67b9b17b7d688a13a1f0829db1ad436
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Thu Jun 2 02:30:46 2016 -0400

pimd: Add support for displaying ip mroute

When you enter a static mroute under an interface
the 'show run' is not displaying this information.
Add code to allow this.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by: Daniel Walton <dwalton@cumulusnetworks.com>
Reviewed-by: Don Slice <dslice@cumulusnetworks.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Jafar Al-Gharaibeh <jafar@atcorp.com>

commit f8aef5fd4aa48eceedb67fb8919378e33617bc5d
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Thu Jun 2 02:20:29 2016 -0400

pimd: Remove igmp_add_group_by_addr unneeded parameter

The interface name is already passed in as
part of the 'struct igrmp *group' pointer.
No need to do it twice.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>
Acked-by: Jafar Al-Gharaibeh <jafar@atcorp.com>

commit 3e6a3a64359ae6fa370fbd9c843b7c0d04a946c3
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Thu Jun 2 02:20:28 2016 -0400

pimd: Remove source_new unneeded parameter

The interface name is already passed in as
part of the 'struct igmp_group *group' pointer.
No need to do it twice.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Acked-by: Jafar Al-Gharaibeh <jafar@atcorp.com>

commit d395fd1996df70eb5e6ecc4fc1cf90e8303f43a6
Author: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Thu Jun 2 02:20:27 2016 -0400

pimd: Remove dead code.

No need to keep '#if 0' code. If we need it in the future,
just go back into the history and grab it.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
Acked-by: Jafar Al-Gharaibeh <jafar@atcorp.com>

commit dc633bd1833c4b9df44df27135ce12fef884b53f
Author: Paul Jakma <paul@jakma.org>
Date: Mon Dec 26 17:25:26 2016 +0000

lib/stream: Add stream_discard, to discard read data from a stream

* stream.c: (stream_discard) Discard the already data from a stream, as
indicated by the getp. Move remaining, unread data, to the beginning of
the stream. get and end stream pointers are updated as appropriate.

If all data has been consumed, then this behaves identically to
stream_reset.

commit 95509a6f55c63b72541fa390f7dda7fab2fa3210
Author: Thorvald Natvig <thorvald@medallia.com>
Date: Thu Sep 29 10:25:35 2016 -0700

Extend BGP_SEND_ASPATH_CHECK to cover confederations

Extend the check for BGP_SEND_ASPATH_CHECK to also cover confederations.

commit 9ed99f040f0dd14d0aca82e159f67d27e64042ae
Author: Baruch Siach <baruch@tkos.co.il>
Date: Sun Aug 21 09:23:05 2016 +0300

lib/memory: fix indirect static link with zlib

quagga SNMP support depends on netsnmp, that optionally depends on OpenSSL,
which in turn requires zlib. zlib exports the 'zcalloc' symbol, which collides
with a function of the same name in memory.c. This is not a problem when
linking dynamically, since quagga does not use zlib directly. But static
linking fails with the error:

CCLD ospfd
.../output/host/usr/mips64el-buildroot-linux-uclibc/sysroot/usr/lib/libz.a(zutil.o): In function `zcalloc':
zutil.c:(.text+0x48): multiple definition of `zcalloc'
.../output/build/quagga-1.0.20160315/lib/.libs/libzebra.a(memory.o):memory.c:(.text+0x1a0): first defined here

Rename 'zcalloc' to 'zzcalloc' to avoid symbol collision.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>

commit 64f8c7d80fd9685936613f6c564b9572dd28561d
Author: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Date: Sun Aug 21 09:23:04 2016 +0300

configure: fix static linking with readline

When static linking is used, the order of the libraries is important,
and the libraries using a symbol from another library should be listed
*before* the library providing that symbol (see
http://eli.thegreenplace.net/2013/07/09/library-order-in-static-linking)
for details.

When vtysh is linked statically, the command line contains "-lcurses
-lreadline", which causes a build failure due to unresolved
symbols. This is because readline is using symbols from the curses
library: the order should be the opposite.

This patch fixes that problem by putting the -lreadline at the
beginning of the LIBREADLINE variable calcualted by the configure
script.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>

commit a8f9790a9bae34b4ef6b1c0c9391d2a9cc991f47
Author: Jafar Al-Gharaibeh <jafar@atcorp.com>
Date: Thu Jul 28 14:41:20 2016 -0500

config: Give the option of disabling run as user/group

Leave "user/group" unset when explicitly configuring with
"--disable-user" / "--enable-user=no" and
"--disable-group" / "--enable-group=no"
This allows quagga to skip unsupported system calls such
as setuid() on certain platfroms.

Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Signed-off-by: Jafar Al-Gharaibeh <jafar@atcorp.com>
Tested-by: NetDEF CI System <cisystem@netdef.org>

commit e3443a21552b6a3cd6ebdbb98336eede217a478f
Author: Timo Ter?s <timo.teras@iki.fi>
Date: Wed Oct 19 16:02:34 2016 +0300

bgpd: simplify ebgp-multihop and ttl-security handling

Change to track configured value in ->ttl and ->gtsm_hops;
not the value set to sockopt. Instead, setting of socket's ttl
and minttl options are now merged to one function which calculates
it on demand. This greatly simplifies the code.

commit c9cc52af9edf0f23a1434c944812064de220a7bf
Author: Timo Ter?s <timo.teras@iki.fi>
Date: Wed Oct 19 16:02:33 2016 +0300

bgpd: honor disable-connected-check option with next hop tracking

Make bgpd ignore connected state again if configured to do so.

commit b41bb62e039454f53e54959b2c3f7eea816e6422
Author: Timo Ter?s <timo.teras@iki.fi>
Date: Wed Oct 19 16:02:32 2016 +0300

zebra: fix nht validity checking to be same as when it's resolved

This reverts commit 7e3a435bd99 "A valid BGP nexthop is flagged as invalid"

Problem is BGP thinks the nexthop is accessible when it's recursive, and
selects it, but zebra rejects it at route install time. Causing FIB and
BGP state to be out-of-sync. Fix nht to follow same rules as zebra rib.

commit 631fcd2e51b02b3d5548bee4108044921fb3e58b
Author: Timo Ter?s <timo.teras@iki.fi>
Date: Wed Oct 19 16:02:31 2016 +0300

zebra: use FIB state for nexthop tracking

The FIB override routes can override ZEBRA_FLAG_SELECTED routes
in FIB. Use the FIB state instead to report correct nexthop when
FIB override routes are present.

regards,
--
Paul Jakma | paul@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
On the whole, I'd rather be in Philadelphia.
-- W.C. Fields' epitaph
Re: Quagga 1.2.0 released [ In reply to ]
On Wed, 8 Feb 2017, Paul Jakma wrote:

> Hi,
>
> Quagga 1.2.0 has been released, available from the usual place:
>
> https: //download.savannah.gnu.org/releases/quagga/
>
> This is a feature release, for testing or more adventurous users. More
> conservative users may wish to stay with an older release. This release
> contains:
>
> * Next-Hop Resolution Protocol support from Timo Ter?s * BGP session
> establishment reworked, for speed and reliability
> * BGP route-advertisement timer interval default lowered, to 3s for eBGP and
> 1s for iBGP.
> * BGP Connect retries made more aggressive, with lower retry timer and a
> slower-ramping backoff.

Ah, oops. This summary was meant to have also included:

* BGP Large Community support, thanks to Job Snijders and Keyur Patel

regards,
--
Paul Jakma | paul@jakma.org | @pjakma | Key ID: 0xD86BF79464A2FF6A
Fortune:
Any stone in your boot always migrates against the pressure gradient to
exactly the point of most pressure.
-- Milt Barber