FRR 8.4 Release
We are pleased to announce FRR 8.4.
FRR 8.4 brings a long list of enhancements and fixes with 700+ commits from 66 developers. Thanks to all contributors.
Debian Packages - https://deb.frrouting.org
RPM Packages - https://rpm.frrouting.org
Snaps - https://snapcraft.io/frr
Docker - frrouting/frr:v8.4.0
Release Overview
- New BGP command (
neighbor PEER soo
) to configure SoO to prevent routing loops and suboptimal routing on dual-homed sites. - Command
debug bgp allow-martian
replaced tobgp allow-martian-nexthop
because previously we allowed using martian next-hops when debug is turned on. - Implement
BGP Prefix Origin Validation State Extended Community
rfc8097 - Implement
Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages
rfc9234 - BMP L3VPN support
- PIMv6 support
- MLD support
- New command to enable using reserved IPv4 ranges as normal addresses for BGP next-hops, interface addresses, etc.
- As usual, lots of bugs and memory leaks were fixed \m/
Changelog
babeld
- Ignore Sub-TLV's with mandatory bit set
- Ignore unicast Hello's
bfdd
- Add IPv4 BFD Echo support
- Add RTT to BFD IPv4 Echo packet processing
- Allow L3 VRF BFD sessions without UDP leaking
bgpd
- Add
mpls bgp forwarding
to ease MPLS-VPN EBGP peering - Add
bgp allow-martian-nexthop
command (removedebug bgp allow-martian
) - Add
neighbor soo
command - Add
no rpki
command - Add
show bgp access-list
command to filter routes by access-list - Implement rfc8097
- Implement rfc9234
- Add resolution for L3VPN traffic over GRE interfaces
- Allow setting custom port for BGP unnumbered peers
- Allow statistics gathering to give more data about prefix lengths
- Apply conditional advertisements policy to update-group
- Associate appropriate family for redistributed connected addresses
- Avoid notify race between io and main pthreads
- Call a hook when as-path filter is replaced
- Cleanup memory leaks associated with t_deferral_timer
- Do not check if the whole as-path has target asn when using as-override
- Do not print new line for EVPN CLI outputs if it's a JSON
- Do not show polling_period default value in CLI for RPKI
- Don't advertise conditionally withdrawn routes
- Drop SSH public key for RPKI CLI option
- Fix
show bgp nexthop a.b.c.d
- Fix for
aggregate-address summary-only matching-med-only
- Fix inconsistencies with default-originate route-map
- Fix memory leak for
as-override
- Fix memory leak for
set as-path replace
route-map command - Fix memory leak for community alias
- Fix memory leak for community stuff
- Fix memory leak in SRv6 locator
- Fix memory leak when an SRv6 sid is removed
- Fix memory leak when setting [l]community at the egress
- Fix route-map update and delete route-map
- Fix
show bgp l2vpn evpn route rd
crash - Fix the wrong next-hop BGP struct for next-hop validation
- Fixed BMP VPNv4 monitoring are withdrawn instead of updates
- Fixup PBR rule changes that were missed
- Fixup some MAC address token CLI syntax
- Free ecommunity before returning on warning/error
- Free memory for as-path filter if regexp is wrong
- Free memory for BMP listeners when deleting BGP instance
- Generate RPKI CLI config even if no cache servers are configured
- Handle origin validation state extended community via route-map match
- Handle route-refresh requests received before EOR
- Implement retain route-target all behavior
- Improve labelpool performance at scale
- Inconsistencies in snt counters with default-originate
- Prevent memory leak of the listener on shutdown
- Print peer's hostname for BGP (filtering) messages
- Print source VRF name when leaking to another VRF
- Release RCU lock in BGP keepalive pthread
- Reset BGP sessions when changing the port
- Send route updates when modifying access/aspath/prefix lists
- Set TTL for iBGP/eBGP by checking only if generic TTL security applied
- Show cache server preference in
show rpki cache-server
output - Show extended communities memory consumption
- Show TTL value unconditionally for neighbors
- Start conditional advertisement timer instantly
- Stop conditional advertisements thread when terminating
- Stop LLGR thread when deleting a peer and/or gr flags changed
- Treat as withdraw if we receive as path with as_set / as_confed_set
- When specifying listen address for BGP we shouldn't imply no-fib flag
- Withdraw implicitly old paths from VRFs when import/export list changes
- Ensure that bgp open message stream has enough data to read
- Notify BGP conditional advertisement thread when the peer goes down
bmp
- Add an interface source to BMP connect command
- Add L3VPN support
eigrpd
- VRF variable name hides a parameter of the same name
fabricd
- Turn off excessive logging when peering will not come up
isisd
- Ensure rcap is freed in error case
- Fix crash with xfrm interface type
- Fix memory leak on shutdown with prefix lists
- Fix prefix-sid last-hop-behavior
ldpd
- Check if the thread is scheduled before calling for remained time
lib
- Abstract usage of '%pnhs' so that next-hop groups can use it too
- Add errno details to the sockopt_reuseaddr API
- Add sys_rawio to the capabilities definitions
- Allow downgrade of all caps when none are specified
- Allow using ipv4 (class e) reserved block if enabled
- Check hostname in resolver_resolve
- Cleanup red-herring memleaks in the parent of daemonizing fork
- Ensure ls_msg2edge does not use memory after freeing
- Fix
show route-map name json
command and memory leak - Fix memory leak in
zclient_send_localsid()
- Fix skip of every other plist deletion
- Fixup workqueue.c to use the proper thread.h semantics
- Function
crypt
does not need to be declared mid function - Increase next-hop flags size to 16 bits
- Prevent uninitialized usage of data
- Remove usage of inet_ntop in lib/sockopt.c
- Require at least 2.1.42 version of sysrepo when compiling
- Return 0 as the remaining msec if the thread is not scheduled
- stream_dup memory alloc cannot fail
- Update sysrepo code with the latest API changes
- Use pi4 instead of inet_ntop in sockopt.c
nhrpd
- Use frr_weak_random()
- Use nhrp_interface_update_nbma when source VRF was changed
ospf6d
- Don't remove the summary route if it is a range
- Ensure that ospf6d does not memcpy beyond the end of the data
- Fix missing cost change
- Permit route delete without next-hops
- Remove ospf6enabled from JSON output
ospfd
- Add how many packets the interface has queued to send
- Add router-id support to OSPF API
- Added CLIs to change default timers for lsa refresh and maxage remove delay.
- Adding per neighbor JSON details to gr helper detail command
- Crash when router acts as gr helper upon a topo change
- Fix
show ip ospf neighbour <nbrid>
command - Increase packets sent at one time in ospf_write
- Refactor fifo_flush for the interface
- Remove deprecated command
graceful-restart helper-only
- When a neighbor goes down clear the oi->obuf if we can
- Catch and report too small LSAs
- Remove assert on zero length LSA - which is permitted by spec
- Fix bug where acks were not be generated to incoming P2P/P2MP neighbors
pathd
no mpls-te on
command was not working- Add a zebra stop handler
- Change the vty output, when no ted is enabled on pathd
- Ensure the path is free'd after we no longer need it
- Nai adjacency fix query type f for IPv5
pim6d
- (*,g) mroutes not learnt after pim6d daemon restart
- Lots of CLI changes regarding MLD
- Lots of CLI changes regarding PIMv6
- Clear interface stats on interface shutdown
- Disable pim6d compilation by default
- Don't enable MLD on pimreg interface
- Fix the code for MLD in the show pim state command
- mroute stuck in register state, multicast traffic getting drops
- Register message getting dropped in the source node, mroute stuck in regj
- Send register msg with IPv6 global address
- Update last_member_query_interval and last_member_query_count
- Use ttable for displaying show commands
- Deleting the memory malloced for JSON
- Adding JSON support for show ipv6 next-hop
- Send register msg via register socket
- Change the show running commands based on the address family
- Set rp to true if the address matches, ignore prefix-length
pimd
- Allow v6 to do non-integrated configuration
- Assign a vty port value for v6
- Cleanup rpf lookup debug to help us figure out what is going on
- Correct the order of show JSON for interface traffic
- During prune pending, behave as noinfo state
- Fix invalid memory access join_timer_stop
- Fix memleak in bfd profile
- Fix PIM interface deletion flow
- Fix static mroute to also take into account the input interface
- Fix the setting of oif_flags in channel oil
- Fix unaligned accesses
- Handle receive of (*,g) register stop with src addr as 0
- Igmp querier election is not correct in lan scenario
- JSON support for next-hop
- Let the end operator know the ifindex as well in the failure case
- Limit PIM's ECMP to what zebra tells us is the multipath
- Querier to non-querier transition to be ignored
- Register stop message sent with mask 32
- Show interface traffic even if the interface is currently
down
- Update mroute iif based on next-hop received from zebra
- VRF may be null from pim_cmd_lookup_vrf
ripd
- Use a sequence number instead of a time
sharpd
- Fix memory leak in release-locator-chunk
- Fix memory leak in release-locator-chunk
- Fix memory leaks related to SRv6 next-hops
staticd
- When changing the underlying nh ensure it is reinstalled
tools
- Add missing bfdd to logrotate config
- Add pim6d to tools so that pim6d will work properly
- Fix boot config load in watchfrr
- Stop zebra daemon last
vtysh
- Account validity should be verified when authenticating users with pam
- Add autocomplete for VRFs when using with
router bgp
- Handle SIGTSTP (c-z) without exiting the vty shell
- Ignore
end
when parsing frr.conf - Properly handle
[no] service cputime-stats
in config - Properly handle
service cputime-warning xx
in the config - Add
allow-reserved-ranges
global command
watchfrr
- Check that the operational timeout specified is good
zebrad
- Fixing log flooding when disabling MLAG leaf configuration
- Add a
mpls enable
interface node command - Add a configurable knob
zebra nexthop-group keep (1-3600)
- Add a timer to next-hop group deletion
- Add ability for netconf dplane to handle global values
- Add interface sysctl ignore on linkdown status
- Add more cases to proto2zebra for understanding kernel routes
- Add some more data to rtadv socket failures
- Add support for maintaining local neigh entries
- Add tc handlers in the script code
- Add tc netlink and dplane ops
- Allow kernel routes to stick around better on interface state changes
- Attempt to make ioctl.c have a bit more useful log messages
- Avoid buffer overflow using netlink_parse_rtattr_nested()
- Cleanup the memory from the hash for MPLS stuff
- Create a zebra_rib_route_entry_new function and use it
- Debug decode rta_expires and rta_mfc_stats
- Delete the malloced memory under
show zebra
- Don't install connected routes multiple times into frr
- Expand PBR rule action for data-plane programming
- Explicitly call out the correct queue name
- Fix bond down for EVPN-MH
- Fix bug in netconf handling where dplane would drop the change
- Fix crash in shutdown w/ pw thread still running
- Fix ctab calculation typo in tc netlink
- Fix FPM crash
- Fix lost memory on lsp free
- Fix memory leak in srv6 locator delete
- Fix memory leaks and use after frees in nhg's on shutdown
- Fix missing tenant VRF change notification
- Fix missing VNI transition
- Fix remaining mr rtm_getroute oddities
- Fix rtadv startup when config read in is before interface up
- Free neighbor state before the exit to avoid memleaks
- Handle freebsd routing socket enobufs
- Iif/oif are not used in mr rtm_getroute
- Infrastructure for the new dataplane plugin
- Initialize hw via DPDK
- Introduce early route processing on the metaq
- Mc_forwarding was being sent but not retrieved across dataplane
- Notice when an interface is turned on w/ mpls and enable mpls subsystem
- On Linux let interface data come in through netlink messaging
- Pass AFI received for netconf updates
- Pass PBR expanded actions to the dataplane
- Pbr DPDK programming
- Reconfiguring netns for VRF is not a failure
- Rtnetlink: flow attr per gateway attr in multipath updates
- Setup the zebra interface to the DPDK port map table
- System routes should be processed the same time as the kernel
- Use default ns directly in tc dplane
- When deleting next-hop group entries ensure the thread is off
- When saving nhg for later stop processing