We are pleased to announce FRR release 9.1.
FRR 9.1 brings a long list of enhancements and fixes with 941 commits from 73 developers. Thanks to all contributors.
Debian Packages - https://deb.frrouting.org
RPM Packages - https://rpm.frrouting.org
Snaps - https://snapcraft.io/frr
Docker - quay.io/frrouting/frr:v9.1
Release Overview
OSPFv2 HMAC-SHA Cryptographic Authentication
Specify that HMAC cryptographic authentication must be used on a specific interface using a key chain.
More details are here.
BGP MAC-VRF Site-Of-Origin support
In some EVPN deployments, it is useful to associate a logical VTEP’s Layer 2 domain (MAC-VRF) with a Site-of-Origin “site” identifier. This provides a BGP topology-independent means of marking and import-filtering EVPN routes originating from a particular L2 domain. One situation where this is valuable is when deploying EVPN using anycast VTEPs, i.e. Active/Active MLAG, as it can be used to avoid ownership conflicts between the two control planes (EVPN vs MLAG).
More details are here.
BGP Dynamic capability support
Added support for Graceful-Restart, Long-lived Graceful-Restart, Software-version, and Role BGP capabilities to be adjusted dynamically using BGP dynamic capability.
Dynamic BGP capability allows the dynamic update of capabilities over an established BGP session. This capability would facilitate non-disruptive capability changes by BGP speakers.
Here is the draft implemented.
IS-IS SRv6 uSID support (RFC 9352)
The Segment Routing (SR) architecture allows a flexible definition of the end-to-end path by encoding it as a sequence of topological elements called "segments". It can be implemented over the MPLS or the IPv6 data plane. This feature enables extensions in IS-IS to support Segment Routing over the IPv6 data plane (SRv6) as per RFC 9352.
More details are here.
Next-hop resolution via the default route
Changed the default for a traditional
profile to be enabled. The datacenter
profile is left as disabled.
More details are on the links link, link.
Add support for VLAN, ECN, DSCP mangling/filtering
PBR maps are a way to specify a set of rules that are applied to packets received on individual interfaces. If a received packet matches a rule, the rule’s next-hop-group or next-hop is used to forward it; any other actions specified in the rule are also applied to the packet.
With this change, we added more commands for PBR maps, like matching src-ip, dst-ip, src-port, dst-port, vlan, dscp, ecn, and more.
More details are here.
libyang 2.1.80 related breaking changes
prefix-list matching in route-maps is fundamentally broken with libyang 2.1.111. If you have this version, please downgrade to the most stable version 2.1.80.
More details CESNET/libyang#2090
Other significant changes
- Zebra support for route replace semantics in FPM link
- New command for BGP
neighbor x addpath-tx-best-selected
link - New command for BGP
mpls bgp l3vpn-multi-domain-switching
link - A couple more new BGP route-map commands:
Deprecations
- Deprecate pre-standard outbound route filtering capability
- Deprecate pre-standard route refresh capability
- Drop deprecated capability
A complete log of changes can be found by browsing the commit history of the FRR 9.1 tag here