From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id CD2B08F06 for ; Wed, 23 Aug 2023 16:26:23 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id B6D0F1835C for ; Wed, 23 Aug 2023 16:26:23 +0200 (CEST) Received: from bastionodiso.odiso.net (bastionodiso.odiso.net [IPv6:2a0a:1580:2000::2d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 23 Aug 2023 16:26:22 +0200 (CEST) Received: from kvmformation3.odiso.net (formationkvm3.odiso.net [10.3.94.12]) by bastionodiso.odiso.net (Postfix) with ESMTP id CD8F58108; Wed, 23 Aug 2023 16:26:14 +0200 (CEST) Received: by kvmformation3.odiso.net (Postfix, from userid 0) id BE7A42B479E; Wed, 23 Aug 2023 16:26:14 +0200 (CEST) From: Alexandre Derumier To: pve-devel@lists.proxmox.com Date: Wed, 23 Aug 2023 16:26:13 +0200 Message-Id: <20230823142613.3948275-1-aderumier@odiso.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.361 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy HEADER_FROM_DIFFERENT_DOMAINS 0.25 From and EnvelopeFrom 2nd level mail domains are different KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment KAM_LAZY_DOMAIN_SECURITY 1 Sending domain does not have any anti-forgery methods KAM_LOTSOFHASH 0.25 Emails with lots of hash-like gibberish KAM_NUMSUBJECT 0.5 Subject ends in numbers excluding current years SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_NONE 0.001 SPF: sender does not publish an SPF Record Subject: [pve-devel] [PATCH frr] Fix #4810: bump to 8.5.2-1+pve1 X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Aug 2023 14:26:23 -0000 frr 8.5.1 a critical bug evpn bug with Type-3 EVPN route This is fixed with https://github.com/FRRouting/frr/pull/14094 Not yet applied in 8.5.2, but already in stable/8.5 branch. This patch serie update frr to stable/8.5 on commit 3d1b6c0e604ef96ee9a4601b31b6561258fd80f0 (Please update frr mirror to this commit) Signed-off-by: Alexandre Derumier --- debian/changelog | 6 ++ .../0001-zebra-fix-evpn-dup-detected.patch | 46 ------------ .../0002-zebra-evpn-handle-del-event.patch | 71 ------------------- debian/patches/series | 2 - 4 files changed, 6 insertions(+), 119 deletions(-) delete mode 100644 debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch delete mode 100644 debian/patches/frr/0002-zebra-evpn-handle-del-event.patch diff --git a/debian/changelog b/debian/changelog index e2b2f80..ac3edd5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +frr (8.5.2-1+pve1) bookworm; urgency=medium + + * update upstream sources to stable/8.5 commit 3d1b6c0e604ef96ee9a4601b31b6561258fd80f0 + + -- Proxmox Support Team Fri, 18 Aug 2023 15:01:42 +0200 + frr (8.5.1-1+pve1) bookworm; urgency=medium * update upstream sources to 8.5.1 diff --git a/debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch b/debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch deleted file mode 100644 index a41379d..0000000 --- a/debian/patches/frr/0001-zebra-fix-evpn-dup-detected.patch +++ /dev/null @@ -1,46 +0,0 @@ -From bd65a991901f43e14b557fd5057130b4bee81df2 Mon Sep 17 00:00:00 2001 -From: Chirag Shah -Date: Sat, 22 Oct 2022 16:00:14 -0700 -Subject: [PATCH] zebra:fix evpn dup detected local mac del event - -The current local mac delete event send to flag with force -always which breaks the duplicate detected MACs where -it requires to be resynced from bgpd to earlier state. - -Ticket:#3233019 -Issue:3233019 - -Signed-off-by: Chirag Shah -(cherry picked from commit 89844a967858d34de99bad8dcb410b4ab4e1dece) ---- - zebra/zebra_evpn_mac.c | 7 +++---- - 1 file changed, 3 insertions(+), 4 deletions(-) - -diff --git a/zebra/zebra_evpn_mac.c b/zebra/zebra_evpn_mac.c -index cebdb978add..25bdc9a877c 100644 ---- a/zebra/zebra_evpn_mac.c -+++ b/zebra/zebra_evpn_mac.c -@@ -1044,12 +1044,11 @@ int zebra_evpn_macip_send_msg_to_client(vni_t vni, - char flag_buf[MACIP_BUF_SIZE]; - - zlog_debug( -- "Send MACIP %s f %s MAC %pEA IP %pIA seq %u L2-VNI %u ESI %s to %s", -+ "Send MACIP %s f %s state %u MAC %pEA IP %pIA seq %u L2-VNI %u ESI %s to %s", - (cmd == ZEBRA_MACIP_ADD) ? "Add" : "Del", - zclient_evpn_dump_macip_flags(flags, flag_buf, - sizeof(flag_buf)), -- macaddr, ip, seq, vni, -- es ? es->esi_str : "-", -+ state, macaddr, ip, seq, vni, es ? es->esi_str : "-", - zebra_route_string(client->proto)); - } - -@@ -2451,7 +2450,7 @@ int zebra_evpn_del_local_mac(struct zebra_evpn *zevpn, struct zebra_mac *mac, - - /* Remove MAC from BGP. */ - zebra_evpn_mac_send_del_to_client(zevpn->vni, &mac->macaddr, mac->flags, -- false /* force */); -+ clear_static /* force */); - - zebra_evpn_es_mac_deref_entry(mac); - diff --git a/debian/patches/frr/0002-zebra-evpn-handle-del-event.patch b/debian/patches/frr/0002-zebra-evpn-handle-del-event.patch deleted file mode 100644 index a0cf1f1..0000000 --- a/debian/patches/frr/0002-zebra-evpn-handle-del-event.patch +++ /dev/null @@ -1,71 +0,0 @@ -From b6e64012549d7e2a5cf1f8ad67544c75998aa5fb Mon Sep 17 00:00:00 2001 -From: Chirag Shah -Date: Tue, 30 Nov 2021 20:42:01 -0800 -Subject: [PATCH] zebra: evpn handle del event for dup detected mac - -Upon receiving local mobility event for MAC + NEIGH, -both are detected as duplicate upon hitting DAD threshold. - -Duplicated detected ( freezed) MAC + NEIGH are not known -to bgpd. - -If locally learnt MAC + NEIGH are deleted in kernel, -the MAC is marked as AUTO after sending delete event -to bgpd. - -Bgpd only reinstalls best route for MAC_IP route (NEIGH) -but not for MAC event. -This puts a situation where MAC is AUTO state and -associated neigh as remote. - -Fix: -DUPLICATE + LOCAL MAC deletion, set MAC delete request -as reinstall from bgpd. - -Ticket:#2873307 -Reviewed By: -Testing Done: - -Freeze MAC + two NEIGHs in local mobility event. -Delete MAC and NEIGH from kerenl. -bgp rsync remote mac route which puts MAC to remote state. - -Signed-off-by: Chirag Shah -(cherry picked from commit ad7685de2871996469d370192af7afafc234a3ca) ---- - zebra/zebra_evpn_mac.c | 14 ++++++++++++-- - 1 file changed, 12 insertions(+), 2 deletions(-) - -diff --git a/zebra/zebra_evpn_mac.c b/zebra/zebra_evpn_mac.c -index a2fe9fd00ba..cebdb978add 100644 ---- a/zebra/zebra_evpn_mac.c -+++ b/zebra/zebra_evpn_mac.c -@@ -1347,16 +1347,26 @@ int zebra_evpn_mac_send_add_to_client(vni_t vni, const struct ethaddr *macaddr, - int zebra_evpn_mac_send_del_to_client(vni_t vni, const struct ethaddr *macaddr, - uint32_t flags, bool force) - { -+ int state = ZEBRA_NEIGH_ACTIVE; -+ - if (!force) { - if (CHECK_FLAG(flags, ZEBRA_MAC_LOCAL_INACTIVE) - && !CHECK_FLAG(flags, ZEBRA_MAC_ES_PEER_ACTIVE)) - /* the host was not advertised - nothing to delete */ - return 0; -+ -+ /* MAC is LOCAL and DUP_DETECTED, this local mobility event -+ * is not known to bgpd. Upon receiving local delete -+ * ask bgp to reinstall the best route (remote entry). -+ */ -+ if (CHECK_FLAG(flags, ZEBRA_MAC_LOCAL) && -+ CHECK_FLAG(flags, ZEBRA_MAC_DUPLICATE)) -+ state = ZEBRA_NEIGH_INACTIVE; - } - - return zebra_evpn_macip_send_msg_to_client( -- vni, macaddr, NULL, 0 /* flags */, 0 /* seq */, -- ZEBRA_NEIGH_ACTIVE, NULL, ZEBRA_MACIP_DEL); -+ vni, macaddr, NULL, 0 /* flags */, 0 /* seq */, state, NULL, -+ ZEBRA_MACIP_DEL); - } - - /* diff --git a/debian/patches/series b/debian/patches/series index 4f01bee..50b22cc 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,2 @@ -frr/0001-zebra-fix-evpn-dup-detected.patch -frr/0002-zebra-evpn-handle-del-event.patch pve/0001-enable-bgp-daemon.patch pve/0002-bgpd-add-an-option-for-RT-auto-derivation-to-force-A.patch -- 2.39.2