nexthop group extensions #15038
Closed
nexthop group extensions #15038
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frrbot
bot
added
bugfix
documentation
libfrr
sharp
tests
pguibert6WIND
force-pushed
the
nhg_extensions
branch
from
5e8ffe9 to
b009ec9
Compare
pguibert6WIND
force-pushed
the
nhg_extensions
branch
from
b009ec9 to
e5b4063
Compare
|
ci:rerun |
1 similar comment
|
ci:rerun |
pguibert6WIND
force-pushed
the
nhg_extensions
branch
3 times, most recently
from
aed67da to
f2fd112
Compare
|
ci:rerun |
1 similar comment
|
ci:rerun |
pguibert6WIND
force-pushed
the
nhg_extensions
branch
4 times, most recently
from
5c6dc63 to
12793cf
Compare
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
pguibert6WIND
force-pushed
the
nhg_extensions
branch
from
12793cf to
773d782
Compare
In sharpd, configuring a nexthop-group with an IP nexthop that is not directly connected does not create a NHG context in zebra: > ubuntu2204(config)# interface loop1 > ubuntu2204(config-if)# ip address 192.0.2.1/24 > ubuntu2204(config-if)# exi > ubuntu2204(config)# ip route 192.168.0.0/24 192.0.2.100 > ubuntu2204(config)# nexthop-group ABCD > ubuntu2204(config-nh-group)# nexthop 192.168.0.100 > 2024/01/17 16:36:23 SHARP: [Y2G2F-ZTW6M] nhg_add: nhg 181818169 not sent: no valid nexthops > ubuntu2204(config-nh-group)# do show nexthop-group rib 181818169 > Nexthop Group ID: 181818169 does not exist Nexthops with an undefined interface index are neither handled in ZEBRA, nor in SHARPD. On the other hand, if we had created a route pointing to the same nexthop (by using ZEBRA_ROUTE_ADD zapi), the next-hop would have been installed, thanks to the ALLOW_RECURSION flag embedded in the zapi_route structure. Add the support for recursivity in nexthop groups by introducing a flags attribute in the nexthop group structure. Define the NEXTHOP_GROUP_ALLOW_RECURSION value, which will be used by ZEBRA to check for the next-hop group recursivity. This flag will be set when the 'allow-recursion' command will be used: > ubuntu2204(config)# nexthop-group ABCD > ubuntu2204(config-nh-group)# allow-recursion > ubuntu2204(config-nh-group)# nexthop 192.168.0.100 > 2024/01/17 16:57:44 SHARP: [JWRCN-N9K90] Installed nhg 181818168 > ubuntu2204(config-nh-group)# do show nexthop-group rib 181818168 > ID: 181818168 (sharp) > RefCnt: 1 > Uptime: 00:00:10 > VRF: default > Valid, Installed > Depends: (73) > via 192.168.0.100 (vrf default) (recursive), weight 1 > via 192.0.2.100, loop1 (vrf default), weight 1 This flag control is mandatory, as the recursivity may not be allowed by protocols like eBGP single-hop. Signed-off-by: Philippe Guibert <[email protected]>
Add a nexthop group test that ensures that a recursive next-hop is resolved in zebra. Signed-off-by: Philippe Guibert <[email protected]>
In BGP, it is possible to push an eBGP route without using the ALLOW_RECURSION flag in the route flags option. In SHARP, it is possible to do the same with the 'sharp install route' command, but it is not possible to push a NHG that has not allow-recursion flag set. > sharp install routes 9.9.9.20 ... no-recurse > => pushed > nexthop-group A > nexthop 172.31.0.200 > => not pushed This is a design issue related to the SHARP daemon only. Change the design: - Extend the nexthop group hooks with a running-config call back - Add a vty command in SHARP only, under the nexthop-group node, that will permit to push any NHG. > nexthop-group A > force-nexthop-config > nexthop 172.31.0.200 > The nhg will be sent to ZEBRA, and will be attempted to be resolved. Signed-off-by: Philippe Guibert <[email protected]>
When routes from eBGP peers are pushed in ZEBRA, and are not resolved over connected paths, an error message is displayed. This is because neither the ALLOW_RECURSION, nor the IBGP flag are set on the route. When attempting to do the same in SHARP, it appears that the NHG do not have this IBGP flag. > cli# debug zebra rib detail > [..] > 2023/12/17 21:09:43 ZEBRA: [NWWQT-S584X] nexthop_active: Route Type bgp has not turned on recursion 172.31.0.102/32 failed to match > 2023/12/17 21:09:43 ZEBRA: [PKF9S-7G8XM] EBGP: see "disable-ebgp-connected-route-check" or "disable-connected-check" Attempting to push NHGs to ZEBRA does not lead to the same error messages, for two reasons: - NHGs are not sent by SHARPD if allow-recursion flag is not set - the IBGP flag is not implemented in NHGs This commit includes two changes: - introduce the ZEBRA_NHG_FLAG in the nexthop_group structure The flag will be used by ZEBRA when attempting to check if the nexthops of the NHG are active or not. - add a vty command in nexthop group that maps over the IBGP flag. > ubuntu2204(config)# nexthop-group H > ubuntu2204(config-nh-group)# ibgp The below test shows that when turning on ibgp, the EBGP trace disappears: > ubuntu2204(config)# debu zebra nexthop de > ubuntu2204(config)# debu zebra rib de > ubuntu2204(config)# ip route 172.31.0.102/32 192.168.0.77 > ubuntu2204(config)# nexthop-group H > ubuntu2204(config-nh-group)# force-nexthop-config > ubuntu2204(config-nh-group)# nexthop 172.31.0.102 > [..] > 2023/12/17 22:09:43 ZEBRA: [NWWQT-S584X] nexthop_active: Route Type sharp has not turned on recursion 172.31.0.102/32 failed to match > 2023/12/17 22:09:43 ZEBRA: [PKF9S-7G8XM] EBGP: see "disable-ebgp-connected-route-check" or "disable-connected-check" > ubuntu2204(config-nh-group)# ibgp > 2023/12/17 22:14:57 ZEBRA: [NWWQT-S584X] nexthop_active: Route Type sharp has not turned on recursion 172.31.0.102/32 failed to match Signed-off-by: Philippe Guibert <[email protected]>
When passing from nexthop to zapi_nexthop, the srte color is copied. Do the same reversely. Fixes: 31f937f ("lib, zebra: Add SR-TE policy infrastructure to zebra") Signed-off-by: Philippe Guibert <[email protected]>
The nexthop group CLI can not configure color support. Add a new option under nexthop command to configure an srte color: > nexthop-group 1 > [..] > nexthop 192.0.2.100 color 100 Add srte color support for nhg: - Add NEXTHOP_GROUP_MESSAGE_COLOR support in NHG. - Add ZAPI_NEXTHOP_MESSAGE_SRTE support in ZAPI. - When checking for nexthop active, an SRTE policy with the (color, nexthop ip) tuple will be looked ip. Add a NHG sharp test for SRTE color: - a NHG matching an SRTE policy is configured - NHG sharp is extended to watch a given NHT color > sharp watch nexthop 172.31.0.200 color 1 - Upon NHT call back, the NHG is re-added, and updates the nexthop. Signed-off-by: Philippe Guibert <[email protected]>
Today, when a protocol creates a NHG, then ZEBRA automatically creates a NHG dependency with this NHG. Creating dynamic NHGs at ZEBRA layer goes against the concept of a protocol daemon that wants to entirely control its NHG. The below example considers the sharpd created nexthop as a NHG with id 179687502, while the nexthop information is stored in a zebra created nexthop 6462. > ubuntu2204(config)# nexthop-group 10 > 2023/11/23 10:27:34 SHARP: [Q5NBA-GN1BG] NHG ID assigned: 179687502 > ubuntu2204(config-nh-group)# nexthop 192.0.2.200 loop10 > [..] > ID: 179687502 (sharp) > RefCnt: 1 > Uptime: 00:00:17 > VRF: default > Valid, Installed > Depends: (6462) > via 192.0.2.200, loop1 (vrf default), weight 1 > ID: 6462 (sharp) > RefCnt: 2 > Uptime: 00:00:17 > VRF: default > Valid, Installed > Interface Index: 2964 > via 192.0.2.200, loop1 (vrf default), weight 1 > Dependents: (179687502) > > # ip nexthop ls > [..] > id 179687502 group 6462 proto 194 > id 6462 via 192.0.2.200 dev loop1 scope link proto 194 Add a CLI option to NHG that request zebra to not move the nexthop information in a separate NHG. > ubuntu2204(config-nh-group)# protocol-controlled > ubuntu2204(config-nh-group)# nexthop 192.0.2.200 loop10 > ubuntu2204(config-nh-group)# do show nexthop-group rib sharpd > ID: 179687504 (sharp) > RefCnt: 1 > Uptime: 00:00:04 > VRF: default > Valid, Installed > via 192.0.2.200, loop1 (vrf default), weight 1 > > # ip nexthop ls > [..] > id 179687504 via 192.0.2.200 dev loop1 scope link proto 194 Add associate tests for that in topotests. Signed-off-by: Philippe Guibert <[email protected]>
The zapi nexthop group structure is unable to reference other nexthop groups. Actually, only nexthop IP addresses can be associated to a nexthop group via the ZAPI interface. This first commit is a preliminary commit that prepares the ZAPI interface in order to host a second type of nexthop group, by moving the current zapi_nexthop definition into a specific sub-structure. This commit does not change the functionality. Signed-off-by: Philippe Guibert <[email protected]>
Today, protocol daemons can not create ECMP next-hops by using multiple NHGs. The below configuration shows an ECMP NHG. > nexthop-group ABCD > nexthop 192.168.0.100 loop1 > nexthop 192.168.0.105 loop1 > In the 'multiple NHG' case, 2 NHGs would be used for each nexthop, and the 3rd ony would group the two first, similar to what is done with iproute2: > ip nexthop add id 210 via 192.168.0.100 dev loop1 > ip nexthop add id 211 via 192.168.0.105 dev loop1 > ip nexthop add id 212 group 210/211 Extend the nexthop group structure to support a list of nexthop groups. Expose a vty API inside the nexthop group node, to host a new command to configure a group name. That group name points to another nexthop group. > nexthop-group ABCD > group ECMP1 > group ECMP2 > exit > nexthop-group ECMP1 > nexthop 192.168.0.100 loop1 > exit > nexthop-group ECMP2 > nexthop 192.168.0.105 loop1 > exit This commit only focuses to changes in the ZAPI interface, and on the sharpd daemon. The handling of group ids on zebra is stopped in 'zebra_nhg_proto_add()' function. Signed-off-by: Philippe Guibert <[email protected]>
Reduce the code size by reusing the same code to display nexthops and backup nexthops. Signed-off-by: Philippe Guibert <[email protected]>
…nction Move the rib_evpn_route_add() and rib_evpn_route_delete() functions in a separate place. Signed-off-by: Philippe Guibert <[email protected]>
Factorise the nexthop display handling in a separate function. Signed-off-by: Philippe Guibert <[email protected]>
When a nexthop group with dependencies is attached to a route entry, the real nexthop flags are not easily reachable for read or write operations. In order to do so, at the route install, or at the nexthop group update, for each nexthop dependency, use an internal nhg pointer to remember the used nexthop group. The pointer is refreshed at nexthop group replacement. Signed-off-by: Philippe Guibert <[email protected]>
The zebra nexthop group support is not adapted to create dependencies between group when a request comes from the routing protocols. Add those extra changes in the zebra nexthop group library for that, a stub is temporarily added in dataplane_ctx_init. The changes ignore for now the zebra dataplane handling. Signed-off-by: Philippe Guibert <[email protected]>
Add support to install routes attached to a nexthop group which is dependent of other nexthop groups: - Disable the src option. - The dataplane stub is removed Signed-off-by: Philippe Guibert <[email protected]>
Create a separate function to handle separately the nexthop structure. On the next commit, when a nexthop group is used, the nexthop of each nexthop group dependency is used. Signed-off-by: Philippe Guibert <[email protected]>
The show_route_nexthop_group_helper() and the show_nexthop_group_json_helper() helper functions are introduced to separate nexthop handling from the remaining 'show ip route' command. Signed-off-by: Philippe Guibert <[email protected]>
The following commands can not be used when using nhg groups, forged by the protocol: - 'show nexthop-group rib' - 'show ip route' Add the support for the 2 commands Signed-off-by: Philippe Guibert <[email protected]>
Some tests may check if there is a valid nexthop in a nexthop-group. Generalize the check by accounting for the number of nexthops in a nexthop group. Signed-off-by: Philippe Guibert <[email protected]>
Create a mpls_ftn_uninstall_nhg() function that handles the nexthop parsing for each route entry. This parsing is common to primary and backup nexthops. Signed-off-by: Philippe Guibert <[email protected]>
The nexthop group dependencies may also have an NHLFE entry. Signed-off-by: Philippe Guibert <[email protected]>
Create a second function zsend_redistribute_route_nhg() to handle nexthop group. Signed-off-by: Philippe Guibert <[email protected]>
Signed-off-by: Philippe Guibert <[email protected]>
An ECMP configuration is tested with nexthop group. Signed-off-by: Philippe Guibert <[email protected]>
pguibert6WIND
force-pushed
the
nhg_extensions
branch
from
ef66fc4 to
27d4fdc
Compare
|
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
|
replaced with #15488 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is the continuation from #14973.
More options than allow_recursion will have to be handled at nexthop group level:
For the later command, the cases where a NHG will be sent to ZEBRA, but will not be installed, may happen.
Some sharp extensions have been done for that in that branch.
To leverage ECMP and nexthop group aggregation at protocol level, nexthop group has to be modified to either host a dependent nexthopgroup or a nexthop. For that, two new commands will be added:
The last work will be reused to implement BGP PIC for ECMP (with addpath).