From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 98DE39AC92 for ; Tue, 23 May 2023 08:08:42 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 819D837432 for ; Tue, 23 May 2023 08:08:42 +0200 (CEST) Received: from bastionodiso.odiso.net (bastionodiso.odiso.net [185.151.191.93]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Tue, 23 May 2023 08:08:41 +0200 (CEST) Received: from kvmformation3.odiso.net (formationkvm3.odiso.net [10.3.94.12]) by bastionodiso.odiso.net (Postfix) with ESMTP id A791B7AFC; Tue, 23 May 2023 08:08:40 +0200 (CEST) Received: by kvmformation3.odiso.net (Postfix, from userid 0) id A3B5C2C087C; Tue, 23 May 2023 08:08:40 +0200 (CEST) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Tue, 23 May 2023 08:08:37 +0200 Message-Id: <20230523060838.2229411-4-aderumier@odiso.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20230523060838.2229411-1-aderumier@odiso.com> References: <20230523060838.2229411-1-aderumier@odiso.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.232 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy HEADER_FROM_DIFFERENT_DOMAINS 0.25 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KAM_NUMSUBJECT 0.5 Subject ends in numbers excluding current years SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] [PATCH frr 3/4] patches : add evpn mac mobility fixes from stable/8.0 X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 May 2023 06:08:42 -0000 2 importants fixes for a very old bug, they have missed the 8.5.1 release Signed-off-by: Alexandre Derumier --- .../0001-zebra-fix-evpn-dup-detected.patch | 46 ++++++++++++ .../0002-zebra-evpn-handle-del-event.patch | 71 +++++++++++++++++++ debian/patches/series | 2 + 3 files changed, 119 insertions(+) create mode 100644 debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch create mode 100644 debian/patches/frr/0002-zebra-evpn-handle-del-event.patch diff --git a/debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch b/debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch new file mode 100644 index 0000000..a41379d --- /dev/null +++ b/debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch @@ -0,0 +1,46 @@ +From bd65a991901f43e14b557fd5057130b4bee81df2 Mon Sep 17 00:00:00 2001 +From: Chirag Shah +Date: Sat, 22 Oct 2022 16:00:14 -0700 +Subject: [PATCH] zebra:fix evpn dup detected local mac del event + +The current local mac delete event send to flag with force +always which breaks the duplicate detected MACs where +it requires to be resynced from bgpd to earlier state. + +Ticket:#3233019 +Issue:3233019 + +Signed-off-by: Chirag Shah +(cherry picked from commit 89844a967858d34de99bad8dcb410b4ab4e1dece) +--- + zebra/zebra_evpn_mac.c | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/zebra/zebra_evpn_mac.c b/zebra/zebra_evpn_mac.c +index cebdb978add..25bdc9a877c 100644 +--- a/zebra/zebra_evpn_mac.c ++++ b/zebra/zebra_evpn_mac.c +@@ -1044,12 +1044,11 @@ int zebra_evpn_macip_send_msg_to_client(vni_t vni, + char flag_buf[MACIP_BUF_SIZE]; + + zlog_debug( +- "Send MACIP %s f %s MAC %pEA IP %pIA seq %u L2-VNI %u ESI %s to %s", ++ "Send MACIP %s f %s state %u MAC %pEA IP %pIA seq %u L2-VNI %u ESI %s to %s", + (cmd == ZEBRA_MACIP_ADD) ? "Add" : "Del", + zclient_evpn_dump_macip_flags(flags, flag_buf, + sizeof(flag_buf)), +- macaddr, ip, seq, vni, +- es ? es->esi_str : "-", ++ state, macaddr, ip, seq, vni, es ? es->esi_str : "-", + zebra_route_string(client->proto)); + } + +@@ -2451,7 +2450,7 @@ int zebra_evpn_del_local_mac(struct zebra_evpn *zevpn, struct zebra_mac *mac, + + /* Remove MAC from BGP. */ + zebra_evpn_mac_send_del_to_client(zevpn->vni, &mac->macaddr, mac->flags, +- false /* force */); ++ clear_static /* force */); + + zebra_evpn_es_mac_deref_entry(mac); + diff --git a/debian/patches/frr/0002-zebra-evpn-handle-del-event.patch b/debian/patches/frr/0002-zebra-evpn-handle-del-event.patch new file mode 100644 index 0000000..a0cf1f1 --- /dev/null +++ b/debian/patches/frr/0002-zebra-evpn-handle-del-event.patch @@ -0,0 +1,71 @@ +From b6e64012549d7e2a5cf1f8ad67544c75998aa5fb Mon Sep 17 00:00:00 2001 +From: Chirag Shah +Date: Tue, 30 Nov 2021 20:42:01 -0800 +Subject: [PATCH] zebra: evpn handle del event for dup detected mac + +Upon receiving local mobility event for MAC + NEIGH, +both are detected as duplicate upon hitting DAD threshold. + +Duplicated detected ( freezed) MAC + NEIGH are not known +to bgpd. + +If locally learnt MAC + NEIGH are deleted in kernel, +the MAC is marked as AUTO after sending delete event +to bgpd. + +Bgpd only reinstalls best route for MAC_IP route (NEIGH) +but not for MAC event. +This puts a situation where MAC is AUTO state and +associated neigh as remote. + +Fix: +DUPLICATE + LOCAL MAC deletion, set MAC delete request +as reinstall from bgpd. + +Ticket:#2873307 +Reviewed By: +Testing Done: + +Freeze MAC + two NEIGHs in local mobility event. +Delete MAC and NEIGH from kerenl. +bgp rsync remote mac route which puts MAC to remote state. + +Signed-off-by: Chirag Shah +(cherry picked from commit ad7685de2871996469d370192af7afafc234a3ca) +--- + zebra/zebra_evpn_mac.c | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/zebra/zebra_evpn_mac.c b/zebra/zebra_evpn_mac.c +index a2fe9fd00ba..cebdb978add 100644 +--- a/zebra/zebra_evpn_mac.c ++++ b/zebra/zebra_evpn_mac.c +@@ -1347,16 +1347,26 @@ int zebra_evpn_mac_send_add_to_client(vni_t vni, const struct ethaddr *macaddr, + int zebra_evpn_mac_send_del_to_client(vni_t vni, const struct ethaddr *macaddr, + uint32_t flags, bool force) + { ++ int state = ZEBRA_NEIGH_ACTIVE; ++ + if (!force) { + if (CHECK_FLAG(flags, ZEBRA_MAC_LOCAL_INACTIVE) + && !CHECK_FLAG(flags, ZEBRA_MAC_ES_PEER_ACTIVE)) + /* the host was not advertised - nothing to delete */ + return 0; ++ ++ /* MAC is LOCAL and DUP_DETECTED, this local mobility event ++ * is not known to bgpd. Upon receiving local delete ++ * ask bgp to reinstall the best route (remote entry). ++ */ ++ if (CHECK_FLAG(flags, ZEBRA_MAC_LOCAL) && ++ CHECK_FLAG(flags, ZEBRA_MAC_DUPLICATE)) ++ state = ZEBRA_NEIGH_INACTIVE; + } + + return zebra_evpn_macip_send_msg_to_client( +- vni, macaddr, NULL, 0 /* flags */, 0 /* seq */, +- ZEBRA_NEIGH_ACTIVE, NULL, ZEBRA_MACIP_DEL); ++ vni, macaddr, NULL, 0 /* flags */, 0 /* seq */, state, NULL, ++ ZEBRA_MACIP_DEL); + } + + /* diff --git a/debian/patches/series b/debian/patches/series index 9af7c71..a70a233 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,2 +1,4 @@ +frr/0001-zebra-fix-evpn-dup-detected.patch +frr/0002-zebra-evpn-handle-del-event.patch pve/0001-enable-bgp-daemon.patch pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch \ No newline at end of file -- 2.30.2