[quagga-dev 14874] Re: [PATCH 1/3] zebra: Remove unused #ifdef HAVE_STRUCT_SOCKADDR_DL

2016-03-10 Thread Timo Teras 
On Thu, 10 Mar 2016 20:16:46 -0500
Donald Sharp  wrote:

> The #ifdef HAVE_STRUCT_SOCKADDR_DL is true on freebsd
> but the data structures that are defined by it are
> never used.  This commit removes the dead code.

Nack. I added this to zebra/*.h in my patches that removed it from
elsewhere. The BSD side kernel routing table changing code uses this.

The sockaddr_dl was removed from lib/*.h, but is still required here in
zebra.

This is what caused the travis-ci build failure.

> 
> Signed-off-by: Donald Sharp 
> ---
>  zebra/interface.h | 10 --
>  zebra/rtadv.c |  3 ---
>  2 files changed, 13 deletions(-)
> 
> diff --git a/zebra/interface.h b/zebra/interface.h
> index dbb33c5..936156e 100644
> --- a/zebra/interface.h
> +++ b/zebra/interface.h
> @@ -196,16 +196,6 @@ struct zebra_if
>struct irdp_interface irdp;
>  #endif
>  
> -#ifdef HAVE_STRUCT_SOCKADDR_DL
> -  union {
> -/* note that sdl_storage is never accessed, it only exists to
> make space.
> - * all actual uses refer to sdl - but use sizeof(sdl_storage)!
> this fits
> - * best with C aliasing rules. */
> -struct sockaddr_dl sdl;
> -struct sockaddr_storage sdl_storage;
> -  };
> -#endif
> -
>  #ifdef SUNOS_5
>/* the real IFF_UP state of the primary interface.
> * need this to differentiate between all interfaces being
> diff --git a/zebra/rtadv.c b/zebra/rtadv.c
> index 9450f9a..fa62d97 100644
> --- a/zebra/rtadv.c
> +++ b/zebra/rtadv.c
> @@ -132,9 +132,6 @@ rtadv_send_packet (int sock, struct interface
> *ifp) struct cmsghdr  *cmsgptr;
>struct in6_pktinfo *pkt;
>struct sockaddr_in6 addr;
> -#ifdef HAVE_STRUCT_SOCKADDR_DL
> -  struct sockaddr_dl *sdl;
> -#endif /* HAVE_STRUCT_SOCKADDR_DL */
>static void *adata = NULL;
>unsigned char buf[RTADV_MSG_SIZE];
>struct nd_router_advert *rtadv;


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14873] CI Testresult: FAILED (Re: [quagga-dev, 14870, 3/3] lib: Remove unnecessary paranthesis)

2016-03-10 Thread cisystem 
Continous Integration Result: FAILED

See below for issues.
This is an EXPERIMENTAL automated CI system.
For questions and feedback, feel free to email
Martin Winter .

Patches applied :
  Patchwork 1853: http://patchwork.quagga.net/patch/1853
   [quagga-dev,14869,1/3] zebra: Remove unused #ifdef 
HAVE_STRUCT_SOCKADDR_DL
  Patchwork 1855: http://patchwork.quagga.net/patch/1855
   [quagga-dev,14868,2/3] bgpd: Fix code path that leads to uninitialized 
variables
  Patchwork 1854: http://patchwork.quagga.net/patch/1854
   [quagga-dev,14870,3/3] lib: Remove unnecessary paranthesis
Tested on top of Git : e3f623b (as of 20160309.134159 UTC)
CI System Testrun URL: https://ci1.netdef.org/browse/QUAGGA-QPWORK-250/


Get source and apply patch from patchwork: Successful


Building Stage: Failed

CentOS6 amd64 build: Successful
Ubuntu1204 amd64 build: Successful
CentOS7 amd64 build: Successful
Debian8 amd64 build: Successful
Ubuntu1404 amd64 build: Successful

Make failed for FreeBSD10 amd64 build:(see full log in attachment 
freebsd10_amd64_make.log)
>   CC   rtread_sysctl.o
>   CC   kernel_socket.o
> kernel_socket.c:566:52: error: no member named 'sdl' in 'struct zebra_if'
>   memcpy (&((struct zebra_if *)ifp->info)->sdl, sdl, sdl->sdl_len);
>~~  ^
> kernel_socket.c:1135:67: error: no member named 'sdl' in 'struct zebra_if'
>   gate = (union sockunion *) &((struct zebra_if *)ifp->info)->sdl;
>   ~~  ^
> 2 errors generated.

Make failed for Openbsd58 amd64 build:(see full log in attachment 
openbsd58_amd64_make.log)
> kernel_socket.c:92:2: warning: #warning "net/route.h does not define 
> RT_ROUNDUP; making unwarranted assumptions!"
> kernel_socket.c: In function 'ifm_read':
> kernel_socket.c:566: error: 'struct zebra_if' has no member named 'sdl'
> kernel_socket.c: In function 'rtm_write':
> kernel_socket.c:1135: error: 'struct zebra_if' has no member named 'sdl'
> *** Error 1 in zebra (Makefile:571 'kernel_socket.o': @echo "  CC  " 
> kernel_socket.o;gcc -DHAVE_CONFIG_H -DSYSCONFDIR=\"/home/ci/cibuild...)
> *** Error 1 in . (Makefile:485 'all-recursive')
> *** Error 1 in /home/ci/cibuild.250/quagga-source (Makefile:392 'all')

Make failed for NetBSD6 amd64 build:(see full log in attachment 
netbsd6_amd64_make.log)
>   CC   kernel_socket.o
> kernel_socket.c: In function 'ifm_read':
> kernel_socket.c:566:50: error: 'struct zebra_if' has no member named 'sdl'
> kernel_socket.c: In function 'rtm_write':
> kernel_socket.c:1135:65: error: 'struct zebra_if' has no member named 'sdl'
> *** Error code 1
> Stop.
> make: stopped in /home/ci/cibuild.250/quagga-source/zebra
> *** Error code 1

Make failed for NetBSD7 amd64 build:(see full log in attachment 
netbsd7_amd64_make.log)
>   CC   kernel_socket.o
> kernel_socket.c: In function 'ifm_read':
> kernel_socket.c:566:50: error: 'struct zebra_if' has no member named 'sdl'
>memcpy (&((struct zebra_if *)ifp->info)->sdl, sdl, sdl->sdl_len);
>   ^
> kernel_socket.c: In function 'rtm_write':
> kernel_socket.c:1135:65: error: 'struct zebra_if' has no member named 'sdl'
>gate = (union sockunion *) &((struct zebra_if *)ifp->info)->sdl;
>  ^

Make failed for FreeBSD8 amd64 build:(see full log in attachment 
freebsd8_amd64_make.log)
>   CC   kernel_socket.o
> kernel_socket.c: In function 'ifm_read':
> kernel_socket.c:566: error: 'struct zebra_if' has no member named 'sdl'
> kernel_socket.c: In function 'rtm_write':
> kernel_socket.c:1135: error: 'struct zebra_if' has no member named 'sdl'
> *** Error code 1
> Stop in /usr/home/ci/cibuild.250/quagga-source/zebra.
> *** Error code 1
> Stop in /usr/home/ci/cibuild.250/quagga-source.

Make failed for FreeBSD9 amd64 build:(see full log in attachment 
freebsd9_amd64_make.log)
>   CC   kernel_socket.o
> kernel_socket.c: In function 'ifm_read':
> kernel_socket.c:566: error: 'struct zebra_if' has no member named 'sdl'
> kernel_socket.c: In function 'rtm_write':
> kernel_socket.c:1135: error: 'struct zebra_if' has no member named 'sdl'
> *** [kernel_socket.o] Error code 1
> Stop in /usr/home/ci/cibuild.250/quagga-source/zebra.
> *** [all-recursive] Error code 1
> Stop in /usr/home/ci/cibuild.250/quagga-source.

Make failed for OmniOS amd64 build:(see full log in attachment 
omnios_amd64_make.log)
>   CC   kernel_socket.o
> kernel_socket.c: In function ‘ifm_read’:
> kernel_socket.c:568:50: error: ‘struct zebra_if’ has no member named ‘sdl’
>memcpy (&((struct zebra_if *)ifp->info)->sdl, sdl, sizeof (struct 
> sockaddr_dl));
>   ^
> kernel_socket.c: In function ‘rtm_write’:
> kernel_socket.c:1135:65: error: ‘struct zebra_if’ has no member n

[quagga-dev 14872] Quagga 1.0.20160309 - BGP Crashing

2016-03-10 Thread Martin Winter 

(New thread so people actually see it)

I really wish my suggestion to Donald/Paul would have been followed and 
we would have created a RC version first
or at least updated Master first with giving me a few days for some 
checks…  :-(


Anyway, the brand new version 1.0.20160309 crashes in my BGP Tests:

2016/03/09 09:42:20 BGP: vty[??]@# exit
2016/03/09 09:42:20 BGP: stream_getl: Attempt to get long out of bounds
2016/03/09 09:42:20 BGP: &(struct stream): 0x7f495d91f6b0, size: 4096, 
getp: 23, endp: 25


2016/03/09 09:42:20 BGP: Assertion `0' failed in file stream.c, line 
413, function stream_getl

2016/03/09 09:42:20 BGP: Backtrace for 9 stack frames:
2016/03/09 09:42:20 BGP: [bt 0] 
/usr/lib/libzebra.so.0(zlog_backtrace+0x2b) [0x7f495c661c10]
2016/03/09 09:42:20 BGP: [bt 1] 
/usr/lib/libzebra.so.0(_zlog_assert_failed+0xa1) [0x7f495c66234c]
2016/03/09 09:42:20 BGP: [bt 2] /usr/lib/libzebra.so.0(stream_getl+0x7f) 
[0x7f495c65ef69]

2016/03/09 09:42:20 BGP: [bt 3] bgpd(+0x5c2f0) [0x7f495cb132f0]
2016/03/09 09:42:20 BGP: [bt 4] /usr/lib/libzebra.so.0(+0x34141) 
[0x7f495c666141]
2016/03/09 09:42:20 BGP: [bt 5] /usr/lib/libzebra.so.0(thread_call+0x7e) 
[0x7f495c656728]

2016/03/09 09:42:20 BGP: [bt 6] bgpd(main+0x417) [0x7f495caec22a]
2016/03/09 09:42:20 BGP: [bt 7] 
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f495bf88ec5]

2016/03/09 09:42:20 BGP: [bt 8] bgpd(+0x35267) [0x7f495caec267]
2016/03/09 09:42:20 BGP: Current thread function zclient_read, scheduled 
from file zclient.c, line 1131


This is on Ubuntu 14.04

I’ll start digging into the details, just wanted to give a heads up.

Any hints on differences to the Proposed/6 branch?

- Martin
(Would like to be excited on 1.0…)

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14871] Re: rib_add_ipv4() in kernel_socket.c

2016-03-10 Thread Donald Sharp 
If you do not specify an ifindex this happens in rib_add_ipv4:
  /* Nexthop settings. */
  if (gate)
{
  if (ifindex)
nexthop_ipv4_ifindex_add (rib, gate, src, ifindex);
  else
nexthop_ipv4_add (rib, gate, src);
}
  else
nexthop_ifindex_add (rib, ifindex);


So what is happening is that rib_add_ipv4 is noticing that we haven't
received an ifindex from the caller and adds a gateway via
nexthop_ipv4_add, which does the lookup for the outgoing interface.

Does it matter?  I don't think it does.  The outgoing interface received in
kernel_socket.c is specified as a char *.  Which would need to be
translated into an interface pointer.

So the code has a choice of converting the interface char * into a ifp or
turning the ip address of the nexthop into a ifp.  Not sure that it matters.

donald

On Thu, Mar 10, 2016 at 6:03 PM, Jafar Al-Gharaibeh 
wrote:

> The following functions:
>
> rib_add_ipv[4/6]
> rib_delete_ipv[4/6]
>
> expect an interface index as one of the arguments, which seems to be the
> case
> everywhere they are used in the code except in zebra/kernel_socket.c.
> For the ipv4 family the value 0 is passed for the index, whereas
> for the ipv6,  one place passes 0 and two other places pass a variable
> called ifindex
> that is only initialized to non-zero under an ifdef.
>
> Is that how it should be? Does ifindex have any significance in these
> cases ?
>
> Thanks,
> Jafar
>
>
> ___
> Quagga-dev mailing list
> Quagga-dev@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-dev
>
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14870] [PATCH 3/3] lib: Remove unnecessary paranthesis

2016-03-10 Thread Donald Sharp 
The freebsd compiler complains that there is an extra set of ()'s
around the if statement.

Signed-off-by: Donald Sharp 
---
 lib/vty.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/vty.c b/lib/vty.c
index e4510f8..aafa271 100644
--- a/lib/vty.c
+++ b/lib/vty.c
@@ -423,7 +423,7 @@ vty_command (struct vty *vty, char *buf)
   snprintf(vty_str, sizeof(vty_str), "vty[??]@%s", vty->address);
   if (vty)
 for (i = 0; i < vector_active (vtyvec); i++)
-  if ((vty == vector_slot (vtyvec, i)))
+  if (vty == vector_slot (vtyvec, i))
 {
   snprintf(vty_str, sizeof(vty_str), "vty[%d]@%s",
  i, vty->address);
-- 
1.9.1


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14868] [PATCH 2/3] bgpd: Fix code path that leads to uninitialized variables

2016-03-10 Thread Donald Sharp 
subtype and sublength are not initialized and if on Line 1877
BGP_ATTR_ENCAP != type we will not set subtype and sublength,
but these variables are used immediately below that if statement.

This issue was discovered via the freebsd compiler.

Signed-off-by: Donald Sharp 
---
 bgpd/bgp_attr.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index f34e649..149b888 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -1870,8 +1870,8 @@ bgp_attr_encap(
   }
 
   while (length >= 4) {
-uint16_t   subtype;
-uint16_t   sublength;
+uint16_t   subtype = 0;
+uint16_t   sublength = 0;
 struct bgp_attr_encap_subtlv *tlv;
 
 if (BGP_ATTR_ENCAP == type) {
-- 
1.9.1


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14869] [PATCH 1/3] zebra: Remove unused #ifdef HAVE_STRUCT_SOCKADDR_DL

2016-03-10 Thread Donald Sharp 
The #ifdef HAVE_STRUCT_SOCKADDR_DL is true on freebsd
but the data structures that are defined by it are
never used.  This commit removes the dead code.

Signed-off-by: Donald Sharp 
---
 zebra/interface.h | 10 --
 zebra/rtadv.c |  3 ---
 2 files changed, 13 deletions(-)

diff --git a/zebra/interface.h b/zebra/interface.h
index dbb33c5..936156e 100644
--- a/zebra/interface.h
+++ b/zebra/interface.h
@@ -196,16 +196,6 @@ struct zebra_if
   struct irdp_interface irdp;
 #endif
 
-#ifdef HAVE_STRUCT_SOCKADDR_DL
-  union {
-/* note that sdl_storage is never accessed, it only exists to make space.
- * all actual uses refer to sdl - but use sizeof(sdl_storage)!  this fits
- * best with C aliasing rules. */
-struct sockaddr_dl sdl;
-struct sockaddr_storage sdl_storage;
-  };
-#endif
-
 #ifdef SUNOS_5
   /* the real IFF_UP state of the primary interface.
* need this to differentiate between all interfaces being
diff --git a/zebra/rtadv.c b/zebra/rtadv.c
index 9450f9a..fa62d97 100644
--- a/zebra/rtadv.c
+++ b/zebra/rtadv.c
@@ -132,9 +132,6 @@ rtadv_send_packet (int sock, struct interface *ifp)
   struct cmsghdr  *cmsgptr;
   struct in6_pktinfo *pkt;
   struct sockaddr_in6 addr;
-#ifdef HAVE_STRUCT_SOCKADDR_DL
-  struct sockaddr_dl *sdl;
-#endif /* HAVE_STRUCT_SOCKADDR_DL */
   static void *adata = NULL;
   unsigned char buf[RTADV_MSG_SIZE];
   struct nd_router_advert *rtadv;
-- 
1.9.1


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14867] rib_add_ipv4() in kernel_socket.c

2016-03-10 Thread Jafar Al-Gharaibeh 

The following functions:

rib_add_ipv[4/6]
rib_delete_ipv[4/6]

expect an interface index as one of the arguments, which seems to be the 
case

everywhere they are used in the code except in zebra/kernel_socket.c.
For the ipv4 family the value 0 is passed for the index, whereas
for the ipv6,  one place passes 0 and two other places pass a variable 
called ifindex

that is only initialized to non-zero under an ifdef.

Is that how it should be? Does ifindex have any significance in these 
cases ?


Thanks,
Jafar


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14866] Re: Release 1.0.20160309 of Quagga

2016-03-10 Thread Paul Jakma 
CERT have published their Vulnerability Report for the VPNv4 security 
issue:


https://www.kb.cert.org/vuls/id/270232

regards,

Paul

On Thu, 10 Mar 2016, Donald Sharp wrote:


Quagga 1.0.20160309 has been released.


This release addresses Security Vulnerability VU #270232.

Users using VPNv4 to untrusted peers and zebra that have

untrusted clients talking to it are advised to upgrade to

this release.


This release is up on Savannah or download at:


http://download.savannah.gnu.org/releases/quagga

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.gz

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.xz

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.asc


If you encounter a “404” error, Savannah mirrors are probably

still synchronizing the files, please give it another day.


Major user-visible changes:

[quagga] - Namespace VRF Support has been added.

[lib] - Add 'show commandtree'

[bgpd] - vpnv4 and vpnv6 handling has been included.

[bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling.

[bgpd] - Addition of 'show ip bgp dampening' command tree.

[bgpd] - If route-map does not exist default to DENY for redistribute
statements

[bgpd] - Lower default 'timers connect' in BGP to 10 seconds.

[bgpd] - Enable "bgp log-neighbor-changes" by default

[bgpd] - Add support for timer commands with peer-group syntax

[bgpd] - Extend Dump to allow Extended Time Format

[babeld] - Removed from the distribution.

[isisd] - Allow the adjustment of lsp-mtu

[isisd] - Allow the import of routes from other protocols

[ospfd] - Add per interface 'ip ospf area' command

[ospfd] - Lower the default OSPF spf timers to '0 50 5000'

[ripngd] - Add ECMP support

[pimd] - Add multicast static routes.

[pimd] - Add ability to set DR priority for an interface

[pimd] - Add ability to modify hello and hold timers per interface

[vtysh] - Add 'show thread cpu ..' and 'show work-queues'

[vtysh] - Add 'show run ' command

[vtysh] - Fix history handling

[solaris] - Fix compilation issues.


Distributor-visible changes:

--enable-opaque-lsa is removed.  This is considered industry

 default and there should be no need to specify at compile time

 to include this feature


--enable-ospf-te is removed.  This is considered industry

 default and there should be no need to specify at compile time

 to include this feature


--enable-pimd is default.  This will allow compile time issues

 to be caught before they become a problem


--enable-vtysh is default.  This will allow compile time issues

 to be caught before they become a problem


--enable-werror has been added.  If turned on, compilation will

 turn all warnings into errors


--enable-babeld has been removed.  The babel daemon has been

 removed from Quagga distribution.


Thanks!


donald



--
Paul Jakma  p...@jakma.org  @pjakma Key ID: 64A2FF6A
Fortune:
Big book, big bore.
-- Callimachus___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14865] Re: Monthly Quagga Meeting

2016-03-10 Thread Vincent JARDIN 
David's proposal needs to be analysed. It can help to open new path to
management APIs.
Le 10 mars 2016 16:47, "Donald Sharp"  a écrit :

> The quagga monthly meeting is next tuesday.  If you would like an invite,
> please let me know.
>
> If you have something that you would like to talk about please let me know
> and I can add it to the agenda.
>
> Current agenda items that I would like to talk about:
>
> 1) Proposed branching scheme, sent under cover of another email
> 2) Call for more gatekeepers.  Please self nominate!
>
> Additionally David Lamparter has generously agreed to give a presentation
> on his current cli api abstraction work, which we will be seeing
> immediately after all other agenda items have been accounted for.
>
> thanks!
>
> donald
>
>
> ___
> Quagga-dev mailing list
> Quagga-dev@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-dev
>
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14864] Re: Monthly Quagga Meeting

2016-03-10 Thread olivier.dugeon 

Hello Donald,

I'll attend the meeting and would discuss about the recent 
LinuxFundation project about data IO speed for networking  see 
https://fd.io 
This new project aims at providing an opensource stack to forward packet 
at line rate on top of a standard Linux. It is based on VPP technology 
provided by Cisco.


6Wind is Gold member of this new project. I got a presentation by Cisco 
about their VPP and I would discuss the opportunity for Quagga to become 
an application of VPP. In fact, is there room / on-going effort / ... to 
add code to the Zebra layer in order to interact with the VPP intead of 
using the standard kernel API.


Regards,

Olivier

Le 10/03/2016 16:46, Donald Sharp a écrit :
The quagga monthly meeting is next tuesday.  If you would like an 
invite, please let me know.


If you have something that you would like to talk about please let me 
know and I can add it to the agenda.


Current agenda items that I would like to talk about:

1) Proposed branching scheme, sent under cover of another email
2) Call for more gatekeepers.  Please self nominate!

Additionally David Lamparter has generously agreed to give a 
presentation on his current cli api abstraction work, which we will be 
seeing immediately after all other agenda items have been accounted for.


thanks!

donald



___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev



_

Ce message et ses pieces jointes peuvent contenir des informations 
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce 
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages 
electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou 
falsifie. Merci.

This message and its attachments may contain confidential or privileged 
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete 
this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been 
modified, changed or falsified.
Thank you.

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14863] Re: Release 1.0.20160309 of Quagga

2016-03-10 Thread Vincent JARDIN 
+1
Le 10 mars 2016 17:10, "Dinesh Dutt"  a écrit :

> Thanks Donald, and the rest of the maintainers in getting a 1.0 out,
>
> Dinesh
>
> On Thu, Mar 10, 2016 at 4:33 AM, Donald Sharp 
> wrote:
>
>> Quagga 1.0.20160309 has been released.
>>
>>
>> This release addresses Security Vulnerability VU #270232.
>>
>> Users using VPNv4 to untrusted peers and zebra that have
>>
>> untrusted clients talking to it are advised to upgrade to
>>
>> this release.
>>
>>
>> This release is up on Savannah or download at:
>>
>>
>> http://download.savannah.gnu.org/releases/quagga
>>
>>
>> http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.gz
>>
>>
>> http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.xz
>>
>>
>> http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.asc
>>
>>
>> If you encounter a “404” error, Savannah mirrors are probably
>>
>> still synchronizing the files, please give it another day.
>>
>>
>> Major user-visible changes:
>>
>> [quagga] - Namespace VRF Support has been added.
>>
>> [lib] - Add 'show commandtree'
>>
>> [bgpd] - vpnv4 and vpnv6 handling has been included.
>>
>> [bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling.
>>
>> [bgpd] - Addition of 'show ip bgp dampening' command tree.
>>
>> [bgpd] - If route-map does not exist default to DENY for redistribute
>> statements
>>
>> [bgpd] - Lower default 'timers connect' in BGP to 10 seconds.
>>
>> [bgpd] - Enable "bgp log-neighbor-changes" by default
>>
>> [bgpd] - Add support for timer commands with peer-group syntax
>>
>> [bgpd] - Extend Dump to allow Extended Time Format
>>
>> [babeld] - Removed from the distribution.
>>
>> [isisd] - Allow the adjustment of lsp-mtu
>>
>> [isisd] - Allow the import of routes from other protocols
>>
>> [ospfd] - Add per interface 'ip ospf area' command
>>
>> [ospfd] - Lower the default OSPF spf timers to '0 50 5000'
>>
>> [ripngd] - Add ECMP support
>>
>> [pimd] - Add multicast static routes.
>>
>> [pimd] - Add ability to set DR priority for an interface
>>
>> [pimd] - Add ability to modify hello and hold timers per interface
>>
>> [vtysh] - Add 'show thread cpu ..' and 'show work-queues'
>>
>> [vtysh] - Add 'show run ' command
>>
>> [vtysh] - Fix history handling
>>
>> [solaris] - Fix compilation issues.
>>
>>
>> Distributor-visible changes:
>>
>> --enable-opaque-lsa is removed.  This is considered industry
>>
>>   default and there should be no need to specify at compile time
>>
>>   to include this feature
>>
>>
>> --enable-ospf-te is removed.  This is considered industry
>>
>>   default and there should be no need to specify at compile time
>>
>>   to include this feature
>>
>>
>> --enable-pimd is default.  This will allow compile time issues
>>
>>   to be caught before they become a problem
>>
>>
>> --enable-vtysh is default.  This will allow compile time issues
>>
>>   to be caught before they become a problem
>>
>>
>> --enable-werror has been added.  If turned on, compilation will
>>
>>   turn all warnings into errors
>>
>>
>> --enable-babeld has been removed.  The babel daemon has been
>>
>>   removed from Quagga distribution.
>>
>>
>> Thanks!
>>
>>
>> donald
>>
>> ___
>> Quagga-dev mailing list
>> Quagga-dev@lists.quagga.net
>> https://lists.quagga.net/mailman/listinfo/quagga-dev
>>
>
>
> ___
> Quagga-dev mailing list
> Quagga-dev@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-dev
>
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14862] A question on project roles (was Re: Monthly Quagga Meeting)

2016-03-10 Thread Lou Berger 

Hi Donald, (and anyone else who may have an opinion)

I'm not really sure who to direct this question, but you're mail
prompted me to send this message - so it's going to you.  My question is?

On 3/10/2016 10:46 AM, Donald Sharp wrote:
> Call for more gatekeepers

What is a gatekeeper and where are Quagga project roles defined?

>From my vantage points I see that there are:

Users:
Folks who use quagga, and may also fill other project roles. Users
also report issues they may find and provide feedback on planned changes.

Contributors:
Folks like me/LabN which (occasionally)  write code that is
submitted back to the project.  I'm including both folks that fix bugs
and author new code in this category.  Some may subdivide this category,
but I haven't for simplicity sake.

Reviewers:
Folks that review submitted code and provide feedback.  I'm also
including folks that test contributions and candidate releases.  (I/LabN
have also done some of this.)

Maintainers:
Those who help Contributors get their submissions into a branch &
mainline and shepherd a release. These folks are able to devote
substantial time to the project either through apparent direct financial
support for their activity or otherwise make their time available.

Advisors:
The 'grey beards' who have long(er) term perspective on the project.

I can see where I and others on quagga-dev fit into this breakdown, but
don't really see this type of breakdown documented anywhere and the
recent discussion on this topic have (frankly) been a bit confusing to me.

Thanks,
Lou

PS I'm hoping for a simple answer, but suspect there isn't one - at
least yet.



___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14861] Re: Release 1.0.20160309 of Quagga

2016-03-10 Thread Dinesh Dutt 
Thanks Donald, and the rest of the maintainers in getting a 1.0 out,

Dinesh

On Thu, Mar 10, 2016 at 4:33 AM, Donald Sharp 
wrote:

> Quagga 1.0.20160309 has been released.
>
>
> This release addresses Security Vulnerability VU #270232.
>
> Users using VPNv4 to untrusted peers and zebra that have
>
> untrusted clients talking to it are advised to upgrade to
>
> this release.
>
>
> This release is up on Savannah or download at:
>
>
> http://download.savannah.gnu.org/releases/quagga
>
> http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.gz
>
> http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.xz
>
>
> http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.asc
>
>
> If you encounter a “404” error, Savannah mirrors are probably
>
> still synchronizing the files, please give it another day.
>
>
> Major user-visible changes:
>
> [quagga] - Namespace VRF Support has been added.
>
> [lib] - Add 'show commandtree'
>
> [bgpd] - vpnv4 and vpnv6 handling has been included.
>
> [bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling.
>
> [bgpd] - Addition of 'show ip bgp dampening' command tree.
>
> [bgpd] - If route-map does not exist default to DENY for redistribute
> statements
>
> [bgpd] - Lower default 'timers connect' in BGP to 10 seconds.
>
> [bgpd] - Enable "bgp log-neighbor-changes" by default
>
> [bgpd] - Add support for timer commands with peer-group syntax
>
> [bgpd] - Extend Dump to allow Extended Time Format
>
> [babeld] - Removed from the distribution.
>
> [isisd] - Allow the adjustment of lsp-mtu
>
> [isisd] - Allow the import of routes from other protocols
>
> [ospfd] - Add per interface 'ip ospf area' command
>
> [ospfd] - Lower the default OSPF spf timers to '0 50 5000'
>
> [ripngd] - Add ECMP support
>
> [pimd] - Add multicast static routes.
>
> [pimd] - Add ability to set DR priority for an interface
>
> [pimd] - Add ability to modify hello and hold timers per interface
>
> [vtysh] - Add 'show thread cpu ..' and 'show work-queues'
>
> [vtysh] - Add 'show run ' command
>
> [vtysh] - Fix history handling
>
> [solaris] - Fix compilation issues.
>
>
> Distributor-visible changes:
>
> --enable-opaque-lsa is removed.  This is considered industry
>
>   default and there should be no need to specify at compile time
>
>   to include this feature
>
>
> --enable-ospf-te is removed.  This is considered industry
>
>   default and there should be no need to specify at compile time
>
>   to include this feature
>
>
> --enable-pimd is default.  This will allow compile time issues
>
>   to be caught before they become a problem
>
>
> --enable-vtysh is default.  This will allow compile time issues
>
>   to be caught before they become a problem
>
>
> --enable-werror has been added.  If turned on, compilation will
>
>   turn all warnings into errors
>
>
> --enable-babeld has been removed.  The babel daemon has been
>
>   removed from Quagga distribution.
>
>
> Thanks!
>
>
> donald
>
> ___
> Quagga-dev mailing list
> Quagga-dev@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-dev
>
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14860] Monthly Quagga Meeting

2016-03-10 Thread Donald Sharp 
The quagga monthly meeting is next tuesday.  If you would like an invite,
please let me know.

If you have something that you would like to talk about please let me know
and I can add it to the agenda.

Current agenda items that I would like to talk about:

1) Proposed branching scheme, sent under cover of another email
2) Call for more gatekeepers.  Please self nominate!

Additionally David Lamparter has generously agreed to give a presentation
on his current cli api abstraction work, which we will be seeing
immediately after all other agenda items have been accounted for.

thanks!

donald
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14859] Re: BGP Keepalive/Holdtime changes in master

2016-03-10 Thread John Kemp 
On 3/10/16 3:56 AM, Oleg A. Arkhangelsky wrote:
> 
> 
> 10.03.2016, 11:47, "Martin Winter" :
> 
>>
>> The change came from Cumulus and it makes a lot of sense in some
>> environments
>> (i.e. specially data centers).
> 
> Datacenters is mostly iBGP with relative small number of routes.
> Do you have cases when multiple eBGP full view (~550K routes for
> each) neighbors established (or maybe actively flapping)?

Exactly my case.  FWIW.

John Kemp

> 
> --
> wbr, Oleg.
> 
> "Anarchy is about taking complete responsibility for yourself."
>   Alan Moore.
> 
> ___
> Quagga-dev mailing list
> Quagga-dev@lists.quagga.net
> https://lists.quagga.net/mailman/listinfo/quagga-dev
> 


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14858] Proposal for how to improve patch pipeline

2016-03-10 Thread Donald Sharp 
Problem statement:

Patches can be in an unaccepted stated for a long time while the current
proposed branch is in a frozen state in order to get it ready for release.
This causes problems for the developer because there can be an extremely
long lead time between feedback on the patch and application to the quagga
git repository.

Proposed Solution:

Immediately after a proposed/X branch is declared 'frozen', a proposed/X+1
branch will be created off of the proposed/X branch and a new gatekeeper
will start accepting new patches on that branch.  As soon as proposed/X is
merged into master, any changes made to proposed/X will also be merged up
into proposed/X+1 by the X+1 gatekeeper.

thoughts?

donald
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14857] Re: Release 1.0.20160309 of Quagga

2016-03-10 Thread Lou Berger 
Donald/All,
Thanks for getting the release out!

On 3/10/2016 7:33 AM, Donald Sharp wrote:
>
> [bgpd] - vpnv4 and vpnv6 handling has been included.
>

[bgpd] v4&v6 encap safi & attribute handling has also been included.

Lou



___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14855] Re: Quagga key rotation

2016-03-10 Thread Paul Jakma 

Hi Martin,

On Thu, 10 Mar 2016, Martin Winter wrote:

can you give a list on who is included in these lists AND able to 
decrypt the messages? (I always thought that security is going to 
maintainers anyway?)


Right now, yes.

However, there's a change to that. As per the update to contacts:

"For sensitive security issues with Quagga, please email 
secur...@quagga.net. Regular contributors to Quagga and vendors may 
apply to the maintainers to join this list."


regards,
--
Paul Jakma  p...@jakma.org  @pjakma Key ID: 64A2FF6A
Fortune:
"Don't worry about people stealing your ideas.  If your ideas are any good,
you'll have to ram them down people's throats."
 -- Howard Aiken

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14856] Release 1.0.20160309 of Quagga

2016-03-10 Thread Donald Sharp 
Quagga 1.0.20160309 has been released.


This release addresses Security Vulnerability VU #270232.

Users using VPNv4 to untrusted peers and zebra that have

untrusted clients talking to it are advised to upgrade to

this release.


This release is up on Savannah or download at:


http://download.savannah.gnu.org/releases/quagga

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.gz

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.xz

http://download.savannah.gnu.org/releases/quagga/quagga-1.0.20160309.tar.asc


If you encounter a “404” error, Savannah mirrors are probably

still synchronizing the files, please give it another day.


Major user-visible changes:

[quagga] - Namespace VRF Support has been added.

[lib] - Add 'show commandtree'

[bgpd] - vpnv4 and vpnv6 handling has been included.

[bgpd] - Add 'set metric (rtt|+rtt|-rtt)' to route map handling.

[bgpd] - Addition of 'show ip bgp dampening' command tree.

[bgpd] - If route-map does not exist default to DENY for redistribute
statements

[bgpd] - Lower default 'timers connect' in BGP to 10 seconds.

[bgpd] - Enable "bgp log-neighbor-changes" by default

[bgpd] - Add support for timer commands with peer-group syntax

[bgpd] - Extend Dump to allow Extended Time Format

[babeld] - Removed from the distribution.

[isisd] - Allow the adjustment of lsp-mtu

[isisd] - Allow the import of routes from other protocols

[ospfd] - Add per interface 'ip ospf area' command

[ospfd] - Lower the default OSPF spf timers to '0 50 5000'

[ripngd] - Add ECMP support

[pimd] - Add multicast static routes.

[pimd] - Add ability to set DR priority for an interface

[pimd] - Add ability to modify hello and hold timers per interface

[vtysh] - Add 'show thread cpu ..' and 'show work-queues'

[vtysh] - Add 'show run ' command

[vtysh] - Fix history handling

[solaris] - Fix compilation issues.


Distributor-visible changes:

--enable-opaque-lsa is removed.  This is considered industry

  default and there should be no need to specify at compile time

  to include this feature


--enable-ospf-te is removed.  This is considered industry

  default and there should be no need to specify at compile time

  to include this feature


--enable-pimd is default.  This will allow compile time issues

  to be caught before they become a problem


--enable-vtysh is default.  This will allow compile time issues

  to be caught before they become a problem


--enable-werror has been added.  If turned on, compilation will

  turn all warnings into errors


--enable-babeld has been removed.  The babel daemon has been

  removed from Quagga distribution.


Thanks!


donald
___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14854] Re: BGP Keepalive/Holdtime changes in master

2016-03-10 Thread Martin Winter 
On 10 Mar 2016, at 0:56, Oleg A. Arkhangelsky wrote:

> 10.03.2016, 11:47, "Martin Winter" :
>
>>
>> The change came from Cumulus and it makes a lot of sense in some
>> environments
>> (i.e. specially data centers).
>
> Datacenters is mostly iBGP with relative small number of routes.
> Do you have cases when multiple eBGP full view (~550K routes for
> each) neighbors established (or maybe actively flapping)?

I only have my test cases and I know about concerns from ISPs
for changes.
Anyway - I was the person who argued for keeping the old values
of 60/180sec. And that’s the current decision to go forward.
(At least for next release)

- Martin

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14853] Re: BGP Keepalive/Holdtime changes in master

2016-03-10 Thread Oleg A . Arkhangelsky 


10.03.2016, 11:47, "Martin Winter" :

>
> The change came from Cumulus and it makes a lot of sense in some
> environments
> (i.e. specially data centers).

Datacenters is mostly iBGP with relative small number of routes.
Do you have cases when multiple eBGP full view (~550K routes for
each) neighbors established (or maybe actively flapping)?

--
wbr, Oleg.

"Anarchy is about taking complete responsibility for yourself."
  Alan Moore.

___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14852] Re: Quagga key rotation

2016-03-10 Thread Martin Winter 

Paul,

Thanks for the heads-up.

can you give a list on who is included in these lists AND able to 
decrypt the messages?

(I always thought that security is going to maintainers anyway?)

- Martin

On 9 Mar 2016, at 6:54, Paul Jakma wrote:


Hi,

I have hopefully rolled over the Quagga PGP key. Note there should now 
be 3 keys:


C1A4AEA6: A signing only key, no email address, to sign releases.

8D0599B7: secur...@quagga.net

0E20C9BB: maintain...@quagga.net

These keys should all be self-signed, and signed by the old (6BB68C9C) 
and new maintain...@quagga.net keys, as well my personal key.


I have also updated http://www.nongnu.org/quagga/contacts.html to 
reflect current practices/status - please see the note about the 
distribution of secur...@quagga.net.


I have updated a major keyserver and 
http://www.nongnu.org/quagga/quagga.net.pgp.asc with the public keys.


Please let me know if I've screwed anything up. :)

regards,
- -- Paul Jakma p...@jakma.org  @pjakma Key ID: 64A2FF6A
Fortune:
This life is yours.  Some of it was given to you; the rest, you made 
yourself.



___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev

[quagga-dev 14851] Re: BGP Keepalive/Holdtime changes in master

2016-03-10 Thread Martin Winter 

On 8 Mar 2016, at 11:30, John Kemp wrote:


You can't just update to 60 and 180 and commit that?


That’s what it used to be and what it reverts to again for the next 
release.



The 3s and 9s is just going to mess up anyone who pulls that version.


The change came from Cumulus and it makes a lot of sense in some 
environments

(i.e. specially data centers).
The main issue is that the default isn’t visible in the config and by 
changing
it everyone who didn’t set anything else would have changed their 
timers the

the new lower value.

I think the current consensus is that the shorter timers might be good, 
but

the missing defaults in the config make it difficult to change.
So we may need to fix the issue with the invisible defaults first 
(somehow)


- Martin Winter



On 3/8/2016 4:52 AM, Martin Winter wrote:

On 8 Mar 2016, at 2:59, Paul Jakma wrote:


On Tue, 15 Dec 2015, Martin Winter wrote:

Just to want to bring this up to everyones attention - one more 
time.


The commits from proposed 5 branch are now in master and the BGP
keepalive/holdtimer is now changed to 3s keepalive and 9s holdtime
(from 60s keepalive and 180s holdtime)


Had a chat with Donald about this yesterday, as you'd also recently
raised this again.

The underlying problem here is we need a better way to handle
defaults, and perhaps we should tackle that first. E.g., we also 
have

the link-detect default issue.

Donald and I are happy to back this out for now, before a release.

OK?


OK with me, but anyone else having a strong opinion against backing
this out, please speak up!

And yes, fully agree on the default issue. Suggestions welcome…

- Martin Winter


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev



___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev


___
Quagga-dev mailing list
Quagga-dev@lists.quagga.net
https://lists.quagga.net/mailman/listinfo/quagga-dev