Page MenuHomeVyOS Platform

frr: update to 9.1 release
Closed, ResolvedPublicFEATURE REQUEST


Release Overview

OSPFv2 HMAC-SHA Cryptographic Authentication

Specify that HMAC cryptographic authentication must be used on a specific interface using a key chain.

BGP MAC-VRF Site-Of-Origin support

In some EVPN deployments, it is useful to associate a logical VTEP’s Layer 2 domain (MAC-VRF) with a Site-of-Origin “site” identifier. This provides a BGP topology-independent means of marking and import-filtering EVPN routes originating from a particular L2 domain. One situation where this is valuable is when deploying EVPN using anycast VTEPs, i.e. Active/Active MLAG, as it can be used to avoid ownership conflicts between the two control planes (EVPN vs MLAG).

BGP Dynamic capability support

Added support for Graceful-Restart, Long-lived Graceful-Restart, Software-version, and Role BGP capabilities to be adjusted dynamically using BGP dynamic capability.

Dynamic BGP capability allows the dynamic update of capabilities over an established BGP session. This capability would facilitate non-disruptive capability changes by BGP speakers.

IS-IS SRv6 uSID support (RFC 9352)

The Segment Routing (SR) architecture allows a flexible definition of the end-to-end path by encoding it as a sequence of topological elements called “segments”. It can be implemented over the MPLS or the IPv6 data plane. This feature enables extensions in IS-IS to support Segment Routing over the IPv6 data plane (SRv6) as per RFC 9352.

More details are here.

Next-hop resolution via the default route

Changed the default for a traditional profile to be enabled. The datacenter profile is left as disabled.

More details are on the links link, link.

Add support for VLAN, ECN, DSCP mangling/filtering

PBR maps are a way to specify a set of rules that are applied to packets received on individual interfaces. If a received packet matches a rule, the rule’s next-hop-group or next-hop is used to forward it; any other actions specified in the rule are also applied to the packet.

With this change, we added more commands for PBR maps, like matching src-ip, dst-ip, src-port, dst-port, vlan, dscp, ecn, and more.

More details are here.

libyang 2.1.80 related breaking changes

prefix-list matching in route-maps is fundamentally broken with libyang 2.1.111. If you have this version, please downgrade to the most stable version 2.1.80.

More details

    1. Other significant changes
  • Zebra support for route replace semantics in FPM link
  • New command for BGP neighbor x addpath-tx-best-selected link
  • New command for BGP mpls bgp l3vpn-multi-domain-switching link
  • A couple more new BGP route-map commands:
    • set as-path exclude all link
    • set as-path exclude as-path-access-list link
    • set extended-comm-list delete link
    • set as-path replace <any|ASN> [<ASN>] link
    • set as-path replace as-path-access-list WORD [<ASN>] link
    • match community-list X any UPDATE


  • Deprecate pre-standard outbound route filtering capability
  • Deprecate pre-standard route refresh capability
  • Drop deprecated capability

A complete log of changes can be found by browsing the commit history of the FRR 9.1 tag here


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Perfectly compatible
Issue type
Package upgrade

Related Objects


Event Timeline

c-po changed the task status from Open to In progress.Nov 29 2023, 7:17 PM
c-po claimed this task.
c-po created this task.
Viacheslav triaged this task as Normal priority.Jan 20 2024, 2:06 AM
c-po moved this task from Need Triage to Finished on the VyOS 1.4 Sagitta board.