ospf: RFC 9129 ietf-ospf YANG support (operational state + config-write)#22058
Open
lamestllama wants to merge 45 commits into
Open
ospf: RFC 9129 ietf-ospf YANG support (operational state + config-write)#22058lamestllama wants to merge 45 commits into
lamestllama wants to merge 45 commits into
Conversation
Member
|
Please stop closing/opening PRs for the same changes. Update your branch and force push to the same PR. |
Greptile SummaryThis PR adds RFC 9129
Confidence Score: 4/5PR is safe to merge; all previously flagged P0/P1 issues have been resolved in this revision. All critical bugs identified in prior review rounds (use-after-free on radix glue nodes, virtual-link validation timing, NULL dereferences in interface/BFD callbacks, stale dead-interval timer, atomic interface-area-move race, P2MP state suppression in OSPFv3, multi-instance wrong-XPath, missing destroy callbacks) are addressed. The predicate-aware mgmtd dispatch is logically sound. One point deducted because the changeset is very large (~6000 lines across 88 files) with limited test coverage visible in the diff, and the new cfg_opt_in/F_NB_NODE_IGNORE_CFG_CBS interaction in northbound.c is a subtle infrastructure change that warrants careful integration testing. ospfd/ospf_nb_config.c and mgmtd/mgmt_be_adapter.c warrant the closest integration testing — the config callback file is the largest and most complex new file, and the predicate-aware XPath dispatch is new infrastructure with broad impact. Important Files Changed
Sequence DiagramsequenceDiagram
participant CLI as CLI / NETCONF
participant mgmtd as mgmtd
participant adapter as mgmt_be_adapter
participant ospfd as ospfd northbound
participant nb as lib/northbound
participant ospf as OSPF core
CLI->>mgmtd: YANG set/get on ietf-ospf XPath
mgmtd->>adapter: mgmt_be_xpath_prefix(xpath, client)
alt xpath contains predicates
adapter->>adapter: mgmt_be_xpath_predicates_compatible()
adapter-->>mgmtd: match / no-match
else legacy xpath (no predicates)
adapter->>adapter: mgmt_be_xpath_prefix_legacy()
adapter-->>mgmtd: match / no-match
end
mgmtd->>ospfd: send candidate config transaction
ospfd->>nb: nb_candidate_commit()
nb->>nb: nb_callback_configuration()
nb->>ospfd: NB_EV_VALIDATE
nb->>ospfd: NB_EV_PREPARE
nb->>ospfd: NB_EV_APPLY
ospfd->>ospf: ospf_if_update / ospf_nbr_reset
ospf-->>ospfd: hook_call(ospf_ism_change)
ospfd->>ospfd: ospfd_ietf_if_state_change()
ospfd->>nb: nb_op_update_notif(if-state-change)
nb-->>mgmtd: YANG notification stream
ospf-->>ospfd: hook_call(ospf_nsm_change)
ospfd->>ospfd: ospfd_ietf_nbr_state_change()
ospfd->>nb: nb_op_update_notif(nbr-state-change)
nb-->>mgmtd: YANG notification stream
Reviews (40): Last reviewed commit: "ospfd,ospf6d: harden OSPF notification m..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
from
5b9699b to
4b9886d
Compare
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
from
4b9886d to
1bfe80e
Compare
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
3 times, most recently
from
ed9b4d6 to
05b4fac
Compare
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
2 times, most recently
from
32dcdb3 to
c48c147
Compare
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
4 times, most recently
from
c1ac4db to
af790dd
Compare
|
Want your agent to iterate on Greptile's feedback? Try greploops. |
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
2 times, most recently
from
777454f to
ada554e
Compare
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
from
e5b76ea to
2a634e7
Compare
Add startup coverage for config-file batching. The fixture uses dependent OSPF configuration that succeeds only when the file is committed as one northbound transaction. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Document the RFC 9129 config-write surface implemented by ospfd and ospf6d, including the mapping to native daemon objects and the current boundary of supported writes. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Keep control-plane-protocol parent entries in the northbound candidate while OSPF child configuration exists. Same-transaction child edits can then resolve the daemon instance during validation and apply. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Add config-write support for RFC 9129 interface transmit-delay. The leaf maps directly to the existing OSPF interface parameter and is restored to the daemon default on delete. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Convert OSPFv2 interface timer CLI commands to write the RFC 9129 timer leaves. The CLI path now uses the same YANG validation as mgmtd writes. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Add coverage for CLI commands that now route through ietf-ospf callbacks. The tests write through vtysh, check the resulting state, and delete the configuration again. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement RFC 9129 spf-control path limit writes for both OSPF daemons. The callbacks map the standard leaves to FRR maximum-paths state. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Add OSPFv2 config-write support for RFC 9129 MPLS LDP IGP sync. The leaf maps to ospfd's existing LDP sync integration. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement the RFC 9129 stub-router always knob for OSPFv2. The callback updates the native state used to advertise the router as non-transit. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Add config-write support for prefix suppression on OSPF interfaces. The callbacks update the existing daemon interface state that controls prefix advertisement. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement RFC 9129 auto-cost reference-bandwidth writes for both OSPF daemons. The deviation module pins enabled to true, matching FRR's runtime auto-cost behaviour. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Add OSPFv2 config-write support for the RFC 9129 MPLS TE router ID leaf. The callback maps the standard node to ospfd's traffic-engineering router-id state. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement the RFC 9129 graceful-restart restarter configuration for OSPFv2 and OSPFv3. The callbacks update the native restart support, grace period and reason fields. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement the RFC 9129 graceful-restart helper configuration for both OSPF daemons. The callbacks map helper enablement and strict LSA checking onto FRR helper state. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Document the RFC 9129 nodes outside this config-write slice. The list records which nodes need daemon support, deviations or later schema work. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
ospf6_route_remove_all() can trigger hooks while walking route tables. Snapshot the routes before applying removals so hook re-entry cannot invalidate the iterator being used by the removal pass. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement the RFC 9129 ietf-bfd-types client-cfg-parms surface for per-interface OSPF BFD configuration. The callbacks map enablement, local multiplier, desired transmit interval and required receive interval onto the existing daemon BFD state. ospfd stores the configured parameters separately from the active BFD session options, while ospf6d embeds its BFD configuration in the interface object. Promote the needed helper entry points so both daemons can update their native state through the same YANG container apply_finish pattern. Keep `[quick]` and `[profile X]` as legacy-CLI-only forms for now. They do not have an RFC 9129 equivalent in this subtree and need a future FRR-native augment if they are to become standard northbound configuration. Convert the RFC millisecond values to the daemon-side units used by each implementation, clamp the supported interval range in the deviation module, and mark the unsupported single-interval form not-supported. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement RFC 9129 NBMA static-neighbor writes for ospfd. The model keys neighbours by area, interface and identifier, while FRR stores NBMA neighbours per OSPF instance and IPv4 address. Keep the area and interface labels in the YANG subtree but apply only the identifier, poll-interval and priority to the daemon's native neighbour entry. VALIDATE rejects duplicate identifiers across the instance because they would collapse onto the same FRR-side neighbour. Mark cost not-supported in the deviation module, since FRR has no NBMA cost knob. Leave the legacy `neighbor A.B.C.D` CLI on its direct mutation path because it is instance-level and cannot manufacture a credible RFC 9129 area or interface key. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement the key-chain case of RFC 9129 per-interface authentication for OSPFv2 and OSPFv3. The callbacks map the standard key-chain leaves to the existing FRR authentication command state and rely on the RFC leafrefs to validate that the referenced key chain exists. Leave the explicit-key triplet, IPsec SA and auth-trailer-rfc branches out of this slice. They remain available through the legacy CLI, but the YANG leaves are marked not-supported by deviation so mgmtd rejects unsupported writes at validation time. For OSPFv3, reject key-chain writes at VALIDATE when a manual key is already configured. This matches the legacy CLI conflict rule in ospf_vty.c and keeps CLI and mgmtd writes on the same daemon contract. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Publish the shared ietf-bfd-types module information from lib. Backends that use the same standard typedefs can reuse the common module registration. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Extend the developer notes with RFC 9129 nodes that lack matching FRR daemon support or need later schema work. This records the intended branch boundary for reviewers. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Centralise repeated instance and interface callback resolution for the OSPF YANG config callbacks. Use container apply_finish for BFD and list-entry apply_finish for static-neighbors. Keep destroy callbacks away from defaulted leaves, clear both regular and NSSA ranges before area teardown, and preserve the RFC 9129 deviations for unsupported leaves. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Implement the RFC 9129 clear-neighbor and clear-database RPCs for both OSPF daemons. RPC dispatch resolves the routing protocol and optional interface before invoking the native clear operation. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Emit RFC 9129 nbr-state-change notifications from the existing OSPFv2 and OSPFv3 neighbour state transition paths. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Emit RFC 9129 if-state-change notifications from the existing OSPF interface state transition paths. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Emit RFC 9129 graceful-restart restart-status-change and restart-helper-status-change notifications from the existing graceful restart paths. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Emit RFC 9129 if-rx-bad-packet and if-config-error notifications from the existing packet receive and configuration mismatch paths. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
Emit the RFC 9129 NSSA translator status notification from the OSPFv2 translator path and tighten the shared notification state mappings. Use table-driven translations for neighbour, interface and graceful restart helper states while preserving the daemon-specific lifecycle, DR/BDR and graceful-restart values required by RFC 9129. Signed-off-by: Eric Parsonage <eric@eparsonage.com>
lamestllama
force-pushed
the
ospfd-yang-rfc9129-v2
branch
from
303240d to
8e6b47b
Compare
Author
|
@greptile[bot] review |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Overview
Adds RFC 9129
ietf-ospfYANG support for the implemented FRR-backedOSPFv2 and OSPFv3 subset through mgmtd.
The implementation is anchored on the IETF model. FRR-specific behaviour stays
on the existing CLI surface unless there is a concrete FRR-native augment with
callbacks.
This PR provides the OSPF YANG model integration, callback wiring, mgmtd
dispatch support needed for the shared OSPFv2/OSPFv3 subtree, RPC callbacks,
notifications, user documentation and developer notes.
This PR implements the OSPF YANG RPC callbacks and notification emitters. It
does not implement the generic gRPC transport methods that invoke or subscribe
to them.
Generic gRPC
ExecuteandSubscribesupport through mgmtd is handled in#22158. When #22158 is present, external gRPC clients can use
Executeto callthe OSPF RPC callbacks from this PR and
Subscribeto receive the OSPFnotifications emitted by this PR. Without #22158, those OSPF RPCs and
notifications are still available through the mgmtd/vtysh-facing machinery
described below. This PR does not depend on #22158.
What This PR Provides
Operators get broad RFC 9129 YANG configuration, RPC and operational state
coverage for the implemented FRR-backed OSPF subset.
The supported mgmtd-facing surfaces are:
vtyshthroughmgmt set-config,mgmt rpcandmgmt commit applywith mgmtd
The gRPC
ExecuteandSubscribemethods are not part of this PR. They aretransport support for reaching these same YANG RPC callbacks and notification
emitters from external gRPC clients, and are covered by #22158.
The OSPFv2 and OSPFv3 implementations share the RFC 9129
control-plane-protocolsubtree. Requests are routed to the correct daemon bymatching the predicated protocol entry, for example the OSPFv2 or OSPFv3
typeandnamekeys.Architecture
RFC 9129 puts OSPFv2 and OSPFv3 under the shared RFC 8349
control-plane-protocollist, distinguished bytypeandnamekeys. That isthe standard shape, but it means
ospfdandospf6dshare one schema subtreeand must receive only the requests that belong to their daemon and instance.
The series adds reusable infrastructure for that shape:
control-plane-protocol[type='ietf-ospf:ospfv2'].For multi-instance OSPFv2, backend client names are made instance-aware:
non-instanced daemons keep their existing names, while instanced daemons append
the decimal instance ID, such as
ospfd-1orospfd-2. The RFC 9129 protocolnamein instance mode is the decimal instance ID.Configuration Coverage
Per-instance leaves:
explicit-router-idpreference/{all,intra-area,inter-area,internal,external}internalmaps onto intra/inter-area distances.spf-control/pathsMULTIPATH_NUM.auto-cost/{enabled,reference-bandwidth}enabled=falseis rejected at validation.mpls/ldp/igp-syncospf6dhas no LDP/IGP-sync.mpls/te-rid/ipv4-router-idospf6dhas no MPLS-TE.graceful-restart/{enabled,restart-interval,helper-enabled,helper-strict-lsa-checking}stub-router/alwaysospf6dhas no stub-router.Per-area:
areas/arealifecyclearea/area-typenormal, stub and NSSAarea/summaryarea/default-costarea/ranges/range,advertiseandcostPer-interface:
interfaces/interfacearea attachmentinterface/costinterface/{hello,dead,retransmit}-intervalinterface/priorityinterface/mtu-ignoreinterface/transmit-delayinterface/interface-typeinterface/passiveinterface/prefix-suppressioninterface/bfd/{enabled,local-multiplier,desired-min-tx-interval,required-min-rx-interval}interface/static-neighbors/neighbor,poll-intervalandpriorityinterface/authentication/ospfv2-key-chain/ospfv3-key-chainRPCs
clear-neighborclear-databaseospf{,6}_process_reset.Notifications
nbr-state-changeospf_nsm_change/ospf6_neighbor_changehooksif-state-changeospf_ism_change/ospf6_interface_changehooksrestart-status-changenbr-restart-helper-status-changeif-rx-bad-packetif-config-errornssa-translator-status-changelsdb-{approaching-,}overflowThe graceful-restart notifications are covered by live OSPFv2 and OSPFv3
topotests that trigger real GR prepare, helper observation and daemon restart
flows.
Out of Scope
Documented in
doc/developer/ospf-yang-northbound-notes.rst.The deviation module advertises the implemented surface. Unsupported leaves are
hidden, constrained to the daemon that implements them, or rejected by schema
validation.
Deferred because there is no matching FRR surface, the FRR surface has a
different shape, or the RFC 9129 path needs a separate future mapping:
instance-idospf/nsrdatabase-control/max-lsaspf-control/ietf-spf-delaynode-tag-configinterface/{enabled,multi-areas,ttl-security}ospf/enabledipv6mpls/te-rid/ipv6-router-idfast-reroute/lfaRelated Work
Two earlier OSPF YANG attempts shaped the choices here:
It was useful as a state-callback reference, but its paths do not map onto
the current RFC 9129 surface.
frr-ospfd.yang. It was useful as a coverage map, but most callbacks werestubs.
FRR also has an experimental YANG-module translator for mapping non-native
models onto native FRR models via deviation modules and XPath translation
tables. This PR does not use it because OSPF does not yet have a complete
callback-backed native OSPF YANG model to serve as the source of truth. RFC
9129 is implemented directly as the canonical northbound surface for the OSPF
behaviour it covers.
Documentation
doc/user/ospfd.rstanddoc/user/ospf6d.rst: supported leaves,daemon-instance naming and worked
mgmt set-config/mgmt commit applyexamples.
doc/developer/ospf-yang-northbound-notes.rst: RFC 9129 design choice,predicate-aware dispatch, startup batching, validation approach,
notification wiring and future FRR-native augment boundaries.
IETF Module Sources
ietf-ospf.yang,ietf-routing.yang,ietf-bfd-types.yang,iana-routing-types.yangandiana-bfd-types.yangare pulled from theirrespective RFCs unchanged, with the IETF Trust BSD licence text.
This follows the existing handling of
ietf-interfaces.yang,ietf-key-chain.yangandietf-routing-types.yangalready inyang/ietf/.Commit Organisation
The series is organised so that reusable infrastructure lands before the OSPF
callbacks that depend on it:
Each commit is intended to be reviewable in isolation.