Bug#948332: extended next hop capability not working in Buster

Tue, 07 Jan 2020 05:04:13 -0800 

Source: frr
Version: 6.0.2-2
Severity: important

Dear maintainer,

As per the issue described here:
https://github.com/FRRouting/frr/issues/3251

extended next hop capability does not work in Debian Buster.
As a consequence, we aren't able to advertize for an IP
address on our local loopback through the IPv6 link local,
which is how we would like to do BGP to the host.

Note that this issue is from version 5.0.1 up to version
7.2, so I took the time to cherry-pick the fix from upstream.
I have attached the resulting debdiff. I would like to upload
the resulting package to Buster, if you don't mind. So I am
opening a stable release team bug right away.

Cheers,

Thomas Goirand (zigo)

diff -Nru frr-6.0.2/debian/changelog frr-6.0.2/debian/changelog
--- frr-6.0.2/debian/changelog  2019-02-04 22:16:07.000000000 +0100
+++ frr-6.0.2/debian/changelog  2020-01-07 13:21:50.000000000 +0100
@@ -1,3 +1,11 @@
+frr (6.0.2-2+deb10u1) buster; urgency=medium
+
+  * extended next hop capability not working: add upstream patches:
+    - Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch.
+    - interface_based_peers_should_automatically_override_it_s_peer_group.patch
+
+ -- Thomas Goirand <z...@debian.org>  Tue, 07 Jan 2020 13:21:50 +0100
+
 frr (6.0.2-2) unstable; urgency=medium
 
   * remove bogus libjson0 build-dep (closes: #921349)
diff -Nru 
frr-6.0.2/debian/patches/Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch 
frr-6.0.2/debian/patches/Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch
--- 
frr-6.0.2/debian/patches/Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch 
    1970-01-01 01:00:00.000000000 +0100
+++ 
frr-6.0.2/debian/patches/Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch 
    2020-01-07 13:21:30.000000000 +0100
@@ -0,0 +1,40 @@
+Author: Donatas Abraitis <donatas.abrai...@gmail.com>
+Date: Mon, 25 Feb 2019 21:16:02 +0200
+Description: [PATCH] bgpd: Add peer action for PEER_FLAG_IFPEER_V6ONLY flag
+ peer_flag_modify() will always return BGP_ERR_INVALID_FLAG because
+ the action was not defined for PEER_FLAG_IFPEER_V6ONLY flag.
+ 
+ ```
+ global PEER_FLAG_IFPEER_V6ONLY = 16384;
+ global BGP_ERR_INVALID_FLAG = -2;
+ probe 
process("/usr/lib/frr/bgpd").statement("peer_flag_modify@/root/frr/bgpd/bgpd.c:3975")
+ {
+       if ($flag == PEER_FLAG_IFPEER_V6ONLY && $action->type == 0)
+               printf("action not found for the flag 
PEER_FLAG_IFPEER_V6ONLY\n");
+ }
+ probe process("/usr/lib/frr/bgpd").function("peer_flag_modify").return
+ {
+       if ($return == BGP_ERR_INVALID_FLAG)
+               printf("return BGP_ERR_INVALID_FLAG\n");
+ }
+ ```
+ produces:
+ action not found for the flag PEER_FLAG_IFPEER_V6ONLY
+ return BGP_ERR_INVALID_FLAG
+$ vtysh -c 'conf t' -c 'router bgp 20' -c 'neighbor eth1 interface v6only 
remote-as external'
+Signed-off-by: Donatas Abraitis <donatas.abrai...@gmail.com>
+Origin: upstream, 
https://github.com/FRRouting/frr/commit/79c245c358b55b372fdea3aeb1e4e4758979f2ae.patch
+Last-Update: 2020-01-07
+
+Index: frr-6.0.2/bgpd/bgpd.c
+===================================================================
+--- frr-6.0.2.orig/bgpd/bgpd.c
++++ frr-6.0.2/bgpd/bgpd.c
+@@ -3660,6 +3660,7 @@ static const struct peer_flag_action pee
+       {PEER_FLAG_DISABLE_CONNECTED_CHECK, 0, peer_change_reset},
+       {PEER_FLAG_CAPABILITY_ENHE, 0, peer_change_reset},
+       {PEER_FLAG_ENFORCE_FIRST_AS, 0, peer_change_reset_in},
++      {PEER_FLAG_IFPEER_V6ONLY, 0, peer_change_reset},
+       {PEER_FLAG_ROUTEADV, 0, peer_change_none},
+       {PEER_FLAG_TIMER, 0, peer_change_none},
+       {PEER_FLAG_TIMER_CONNECT, 0, peer_change_none},
diff -Nru 
frr-6.0.2/debian/patches/interface_based_peers_should_automatically_override_it_s_peer_group.patch
 
frr-6.0.2/debian/patches/interface_based_peers_should_automatically_override_it_s_peer_group.patch
--- 
frr-6.0.2/debian/patches/interface_based_peers_should_automatically_override_it_s_peer_group.patch
  1970-01-01 01:00:00.000000000 +0100
+++ 
frr-6.0.2/debian/patches/interface_based_peers_should_automatically_override_it_s_peer_group.patch
  2020-01-07 13:21:50.000000000 +0100
@@ -0,0 +1,67 @@
+From: Donald Sharp <sha...@cumulusnetworks.com>
+Date: Wed, 28 Nov 2018 18:46:36 -0500
+Subject: bgpd: interface based peers should automatically override it's peer 
group
+ When a interface based peer is setup and if it is part of a peer
+ group we should ignore this and just use the PEER_FLAG_CAPABILITY_ENHE
+ no matter what.
+Signed-off-by: Donald Sharp <sha...@cumulusnetworks.com>
+Signed-off-by: Donatas Abraitis <donatas.abrai...@gmail.com>
+Origin: upstream, 
https://github.com/FRRouting/frr/commit/0c3558cb89ba1531b34a5640b9a91b397b74e3a1.patch
+Last-Update: 2020-01-07
+
+Index: frr-6.0.2/bgpd/bgp_vty.c
+===================================================================
+--- frr-6.0.2.orig/bgpd/bgp_vty.c
++++ frr-6.0.2/bgpd/bgp_vty.c
+@@ -2872,7 +2872,7 @@ static int peer_conf_interface_get(struc
+       if (!CHECK_FLAG(peer->flags_invert, PEER_FLAG_CAPABILITY_ENHE)) {
+               SET_FLAG(peer->flags, PEER_FLAG_CAPABILITY_ENHE);
+               SET_FLAG(peer->flags_invert, PEER_FLAG_CAPABILITY_ENHE);
+-              UNSET_FLAG(peer->flags_override, PEER_FLAG_CAPABILITY_ENHE);
++              SET_FLAG(peer->flags_override, PEER_FLAG_CAPABILITY_ENHE);
+       }
+ 
+       if (peer_group_name) {
+Index: frr-6.0.2/bgpd/bgpd.c
+===================================================================
+--- frr-6.0.2.orig/bgpd/bgpd.c
++++ frr-6.0.2/bgpd/bgpd.c
+@@ -6946,14 +6946,17 @@ static void bgp_config_write_peer_global
+ 
+       /* capability extended-nexthop */
+       if (peergroup_flag_check(peer, PEER_FLAG_CAPABILITY_ENHE)) {
+-              if (CHECK_FLAG(peer->flags_invert, PEER_FLAG_CAPABILITY_ENHE))
+-                      vty_out(vty,
+-                              " no neighbor %s capability extended-nexthop\n",
+-                              addr);
+-              else
+-                      vty_out(vty,
+-                              " neighbor %s capability extended-nexthop\n",
+-                              addr);
++              if (!peer->conf_if) {
++                      if (CHECK_FLAG(peer->flags_invert,
++                                     PEER_FLAG_CAPABILITY_ENHE))
++                              vty_out(vty,
++                                      " no neighbor %s capability 
extended-nexthop\n",
++                                      addr);
++                      else
++                              vty_out(vty,
++                                      " neighbor %s capability 
extended-nexthop\n",
++                                      addr);
++              }
+       }
+ 
+       /* dont-capability-negotiation */
+Index: frr-6.0.2/tests/bgpd/test_peer_attr.py
+===================================================================
+--- frr-6.0.2.orig/tests/bgpd/test_peer_attr.py
++++ frr-6.0.2/tests/bgpd/test_peer_attr.py
+@@ -9,7 +9,7 @@ class TestFlag(frrtest.TestMultiOut):
+ TestFlag.okfail('peer\\advertisement-interval')
+ TestFlag.okfail('peer\\capability dynamic')
+ TestFlag.okfail('peer\\capability extended-nexthop')
+-TestFlag.okfail('peer\\capability extended-nexthop')
++#TestFlag.okfail('peer\\capability extended-nexthop')
+ TestFlag.okfail('peer\\description')
+ TestFlag.okfail('peer\\disable-connected-check')
+ TestFlag.okfail('peer\\dont-capability-negotiate')
diff -Nru frr-6.0.2/debian/patches/series frr-6.0.2/debian/patches/series
--- frr-6.0.2/debian/patches/series     2019-02-04 22:16:07.000000000 +0100
+++ frr-6.0.2/debian/patches/series     2020-01-07 13:21:50.000000000 +0100
@@ -1,3 +1,5 @@
 0001-vtysh-fix-pager-compatibility-handling.patch
 0002-watchfrr-build-in-defaults-for-r-s-k.patch
 systemd-deps.patch
+Add_peer_action_for_PEER_FLAG_IFPEER_V6ONLY_flag.patch
+interface_based_peers_should_automatically_override_it_s_peer_group.patch

Reply via email to