This commit refactors several Nexus diagnostic test cases to use the
existing `Mle::GetMeshLocalRloc()` method instead of manually assembling
the RLOC by combining the mesh-local prefix and the node's RLOC16. This
improves code readability and adheres to the standard pattern for
retrieving a node's Routing Locator.
This commit renames several methods in the `Mle` class that construct
an IPv6 address from the mesh-local prefix and an RLOC16/ALOC16 from
`Get...()` to `Compose...()` to better reflect their behavior.
The affected methods are:
- `GetLeaderRloc()` -> `ComposeLeaderRloc()`
- `GetLeaderAloc()` -> `ComposeLeaderAloc()`
- `GetCommissionerAloc()` -> `ComposeCommissionerAloc()`
- `GetServiceAloc()` -> `ComposeServiceAloc()`
This commit updates the codebase to use the `Icmp6Header` type
directly, replacing the nested `Ip6::Icmp::Header` definition.
This change aligns the ICMPv6 header type definition with the
conventions used for other network protocol headers and simplifies
type references across the network, border router, and utility
modules.
This commit removes the OPENTHREAD_CONFIG_TMF_PROXY_DUA_ENABLE feature
and all associated code, tests, CLI commands, and harness references.
Changes:
- Removed OPENTHREAD_CONFIG_TMF_PROXY_DUA_ENABLE definition and all
assert/preprocessor checks.
- Completely deleted dua_manager.cpp and dua_manager.hpp.
- Removed DUA registration notifying and request URI paths.
- Cleaned up all references to Domain Unicast Address (DUA) across
child management, notifier, time ticker, and MLE.
- Removed DUA commands and logic from the CLI and Python cert tests
(including packet verifier).
- Verified that the entire codebase compiles clean and all tests
successfully pass using the Nexus test suite.
This commit updates the SRP registration and verification logic to pass
the 1_3_SRP_TC_1 test case in the Nexus simulator:
1. In test_1_3_SRP_TC_1.cpp, temporarily disable/enable the eth1 DNS-SD
agent during SRV, AAAA, and browser resolver queries to force a
clear of the local cache. This ensures the queries are sent over the
wire to the Border Router (DUT) instead of being answered from the
resolver's cache.
2. In verify_1_3_SRP_TC_1.py, add checks for mDNS query and response
packets for Steps 9b, 9c, 15b, and 15c. Relax the Step 15c check to
not require the ML-EID in the mDNS response, as advertising
Mesh-Local addresses on the infrastructure link is optional and not
done by the OpenThread SRP advertising proxy.
This commit wraps the contents of `tcp6.hpp` and `tcp6_ext.hpp` with
`#if OPENTHREAD_CONFIG_TCP_ENABLE` feature guards to ensure that TCP
definitions and types are cleanly excluded when TCP support is disabled
in the build configuration. Additionally, it explicitly disables the
`OPENTHREAD_CONFIG_TCP_ENABLE` feature flag in the Toranj test
configuration to validate building without TCP support.
This commit removes the deprecated `test_trel_connectivity.py`
integration test. The TREL connectivity test functionality is
already fully covered by the Nexus simulation test suite, which
provides faster and more reliable testing.
This commit migrates the legacy Thread certification test
'test_publish_meshcop_service.py' to the C++ simulation test suite
in the Nexus platform.
To avoid redundancy and keep the test suite clean, the coverage
is consolidated directly within 'tests/nexus/test_border_agent.cpp'
instead of introducing a new redundant test file.
Consolidated coverage and changes:
- Extended the state bitmap parser and 'ValidateMeshCoPTxtData' in
'test_border_agent.cpp' to verify Backbone Router (BBR) active
and primary flags (kFlagBbrIsActive, kFlagBbrIsPrimary) when
OPENTHREAD_CONFIG_BACKBONE_ROUTER_ENABLE is enabled.
- Added a new test block in 'TestBorderAgentServiceRegistration' to
enable Backbone Router on node0, verify that BBR active and primary
flags are dynamically advertised in the MeshCoP TXT record over
mDNS, and verify that disabling BBR correctly updates the TXT
record state bitmap.
- Fully deleted the legacy Python certification script
'test_publish_meshcop_service.py' from 'thread-cert'.
This commit updates the codebase to use the `Icmp4Header` type directly,
replacing the nested `Ip4::Icmp::Header` type. The empty `Ip4::Icmp`
wrapper class is removed to simplify the header definition. This change
aligns the ICMPv4 header structure with the flat naming conventions used
for other IP headers (e.g., `Ip6::Icmp6Header`, `Ip6::UpdHeader`).
This commit completely removes the local Domain Unicast Address (DUA)
registration feature flag (OPENTHREAD_CONFIG_DUA_ENABLE) and all of
its associated implementation, public APIs, CLI commands, Spinel
property handlers, and certification tests.
Thread 1.2 FTD Border Router/Router DUA proxying features for MTD
children (OPENTHREAD_CONFIG_TMF_PROXY_DUA_ENABLE) are preserved and
updated to only compile/instantiate components when proxy DUA
features are active.
Detailed Changes:
- Remove default definition of OPENTHREAD_CONFIG_DUA_ENABLE from
misc.h.
- Remove OT_DUA and openthread_config_dua_enable from CMake/GN
configs.
- Remove otThreadSetFixedDuaInterfaceIdentifier and
otThreadGetFixedDuaInterfaceIdentifier from
include/openthread/thread.h
and implementation src/core/api/thread_api.cpp.
- Remove CLI DUA interpreter from src/cli/cli.cpp.
- Remove SPINEL_CAP_DUA capability and SPINEL_PROP_THREAD_DUA_ID
Spinel property handlers and dispatchers from NCP.
- Strip local DUA management features (conflict checking, SLAAC DUA
interface identifiers, and dad info settings) from DuaManager, MLE,
Address Resolver, and settings.
- Clean up Notifier, TimeTicker, and TMF dispatcher guards.
- Clean up -DOT_DUA=ON compilation flags across build/test scripts.
- Delete obsolete DUA certification tests:
- v1_2_test_domain_unicast_address
- v1_2_test_domain_unicast_address_registration
- v1_2_test_dua_handle_address_error
`PtrRecord::ReadPtrName()` reads a PTR target's first label with
`Name::ReadLabel()`, which performs no emptiness check. A response whose
first label is a single NUL byte (wire `01 00`) is stored as an empty
C-string and cached by the browse cache as a service instance. When the
cache later builds a known-answer question, it calls
`Name::AppendLabel("")`, which returns `kErrorInvalidArgs`; the
surrounding `SuccessOrAssert()` turns that into an abort. A single
unauthenticated link-local mDNS response thus crashes any node with an
active browser.
Reject an empty first label in `ReadPtrName()` so the record is dropped
on receive and never cached. This matches the `Name::ValidateLabel`
checks already applied on the registration and resolver paths, and makes
the "ReadPtrName() validates that PTR record is well-formed" comment at
the call site accurate.
Add a regression test that delivers a PTR response with a single
NUL-byte instance label and verifies no result is reported and the
browser keeps querying without the malformed entry.
This commit adds the missing Doxygen groups for TCP (`core-tcp`),
TCP Extensions (`core-tcp-ext`), and UDP (`core-udp`). These groups
are used in the code but were not previously defined.
This commit updates the codebase to use `TcpHeader` and `UdpHeader` types
directly, instead of the nested `Tcp::Header` and `Udp::Header` types.
The `TcpHeader` and `UdpHeader` classes are already defined in
`ip6_headers.hpp`. This change reduces dependencies on the `Tcp` and
`Udp` class definitions, which is particularly useful when TCP
is disabled in the build configuration, avoiding the need to include
their respective class headers just for the header definitions.
This commit fixes instances of "the the" typos found in various
files across the codebase, including documentation, headers, source
files, and test scripts.
This commit updates the `markdown-lint-check` job to explicitly set
the `PUPPETEER_EXECUTABLE_PATH` environment variable to use the
system-installed Google Chrome (`/usr/bin/google-chrome`) for the
`linkspector` action. This resolves issues where the action fails
to find a browser environment to execute properly.
This commit implements additional vendor application or ecosystem
policy settings for TCAT including:
1) Automatic deactivation of the TCAT agent / TCAT advertisement after
the thread network has been started over TCAT
2) Automatic activation of the TCAT agent / TCAT advertisement after
the thread network has been stopped over TCAT
3) Automatic activation of the TCAT agent / TCAT advertisement after
decommissioning over TCAT
4) Blocking support of certain TCAT TLVs by the application /
ecosystem
The commit also fixes an issue with certificate storage after
decommissioning.
This commit renames several methods in `Ip6::Address`,
`Ip6::InterfaceIdentifier`, `Ip6::Prefix`, and `Ip4::Address` that
fully initialize the object from `Set...()` to `Init...()`.
This creates a clear semantic distinction in the API:
- `Init...()`: Fully (re-)initializing the object.
- `Set...()`: Modifies a specific property or a sub-component of
the object (e.g., `SetPrefix()`, `SetLocator()`,
`SetSubnetId()`).
Some examples of renames include:
- `SetFromExtAddress()` -> `InitFromExtAddress()`
- `SetToLocator()` -> `InitAsLocator()`
- `SetToLinkLocalAddress()` -> `InitAsLinkLocalAddress()`
- `SetToRoutingLocator()` -> `InitAsRoutingLocator()`
- `SetToAnycastLocator()` -> `InitAsAnycastLocator()`
- `SetToIp4Mapped()` -> `InitAsIp4Mapped()`
All calls to these methods across the codebase have been updated
to reflect the new names.
This commit sets the SO_RCVBUF socket option to 2MB on the
multicast receiving sockets in the simulation platform.
Under heavy simulation load (such as expect tests with 15 nodes
all sending MLE advertisements and discovery packets), the default
OS UDP receive socket buffer can overflow, leading to silent
packet drops. This occasionally caused expect tests like
cli-big-table.exp to fail with "Join failed [NotFound]" because
Node 4's discovery requests or response beacons were dropped.
Increasing the receive buffer size to 2MB prevents packet loss
during dense simulation runs, resolving intermittent CI test
failures.
This commit fixes a frequent unit test flake in ot-test-trickle_timer
under the TestTrickleTimerMinMaxIntervalChange test case.
The test case starts the trickle timer with Imin = 2000 and
Imax = 2000. The random time t (mTimeInInterval) is chosen in
[1000, 2000), so t can range up to 1999.
When t randomly evaluates to 1999, t + 1 becomes 2000. Calling
timer.SetIntervalMax(2000) triggers an early-exit optimization
in TrickleTimer::SetIntervalMax because mIntervalMax is already 2000,
leaving the scheduled timer's fire time unchanged. The test then
crashes on the assertion expecting the fire time to have changed.
This is resolved by setting the new interval max to
Min(t + 1, interval - 1). This ensures that the requested value is
strictly less than 2000 even when t = 1999, successfully triggering
the interval shortening and rescheduling logic tested by this case.
This commit adds a brief 0.1-second sleep delay immediately after
spawning node processes (rcp, cli, and mtd types) in the expect test
harness.
Under high CPU load on GitHub Actions runner VMs, the PTY file
descriptors can take a fraction of a second to fully initialize. If
commands are sent immediately after spawn without delay, the initial
expect match can fail with an instant timeout. This triggers duplicate
retransmissions in wait_for, leaving extra "Done" strings in expect's
PTY read buffer. The leftover "Done" strings desynchronize subsequent
assertions, causing tests to match cached output instead of waiting
for actual command execution (e.g., sending "diag stats" during an
active "diag send" command, which fails).
Adding a 100ms delay gives the PTY and child process enough time to
fully initialize and stabilize, avoiding instant timeouts and
subsequent test harness desynchronization.
This commit adds GCC 15 (version 15.2.rel1) to the `arm-gcc` job
matrix in the OpenThread build (`build.yml`) workflow.
Including GCC 15 in the builds helps ensure that OpenThread compiles
successfully and is free from warnings or errors with the latest GCC
15.2.rel1 release.
Increase wait delay after starting the OTBR service in the
test_publish_meshcop_service.py script.
Starting otbr-agent requires the node to re-attach to the simulated
Thread network and transition to the leader role. In virtualized CI
environments, this role transition can take up to 14.5 seconds. Using
a hardcoded 10-second delay results in a race condition where the
service is published very late, causing the subsequent browse query to
miss the service and fail with AssertionError.
Substituting the delay with BORDER_ROUTER_STARTUP_DELAY (20s) ensures
the node has sufficient time to attach, become leader, start the border
agent, and fully register the mDNS service before browsing.
This commit simplifies MLR state tracking for child devices. Previously,
`Child::Ip6AddrEntry` inherited from `Ip6::Address` to encapsulate the
MLR registration check using the `Child` reference. This introduced
tight coupling between `Child` and `Ip6AddrEntry`.
The logic is refactored by removing `Ip6AddrEntry`. Instead, `Child`
now directly manages a `Child::Ip6AddressArray` and encapsulates the
MLR state querying/updating through new methods:
- `SetAddressMlrRegistrationState()`
- `GetAllMlrRegisteredAddresses()`
- `ClearAllAddressesMlrRegistrationState()`
In `Mlr::Manager`, the redundant `ChildAddressArray` typedef and
`kMaxChildAddresses` constant are removed, reusing the
`Child::Ip6AddressArray`. The method `UpdateProxiedSubscriptions()`
is renamed to the more intuitive `UpdateChildRegistrations()`, and
overloaded to allow calling it without an old address list during
initial child registration.
The test `test_1_3_DBR_TC_7A` was failing occasionally due to
uninitialized stack memory in `NetworkData::OnMeshPrefixConfig config`.
Because `OnMeshPrefixConfig` inherits from `otBorderRouterConfig`
and does not automatically initialize its fields in its default
constructor, declaring `NetworkData::OnMeshPrefixConfig config;`
on the stack left its members (including `mDp` and `mNdDns` flags)
with arbitrary stack garbage. If `mDp` (Domain Prefix flag)
evaluated to true, it caused the registered `PRE_1` prefix to be
erroneously processed as a Domain Prefix. Consequently, the border
router did not include `PRE_1` as a Route Information Option (RIO)
in its emitted Router Advertisements, causing packet verification
to fail in Step 4.
This commit fixes the issue by explicitly initializing the
`config` struct using `config.Clear()` right after declaration.
Fixes an intermittent failure in the
`nexus_announce_no_flap_on_unmergeable_partitions` test.
Previously, only LEADER_NEW was isolated (by enabling allowlist
mode with an empty address list) in Step 2. Because LEADER_OLD
still had allowlist mode disabled, it could receive advertisements
from LEADER_NEW. If LEADER_NEW's randomly allocated partition ID
happened to be larger than LEADER_OLD's, LEADER_OLD would see it
as a "better partition" and initiate a transition to child to
attach to LEADER_NEW.
Although this attempt would initially fail in Step 2 (since
LEADER_NEW dropped all RX), it kept retrying. In Step 3, when the
allowlist was opened on both sides, the queued/retried attach
attempt from LEADER_OLD succeeded, making it a child and causing
the Leader assertion to fail.
Isolating both nodes during Step 2 ensures that LEADER_OLD never
hears LEADER_NEW's initial good-link advertisements. When Step 3
begins, it only hears LEADER_NEW through the weak link and
correctly rejects the advertisements, keeping both nodes stable
leaders of separate partitions.
Explicitly cast the result of the bitwise NOT operator ~ to uint8_t in
BitSetUtils::FlipBits to resolve a build error under AppleClang.
In C++, using the bitwise NOT operator on a uint8_t value promotes it to
an int. Assigning the promoted int back to uint8_t triggers an implicit
conversion warning/error (-Wimplicit-int-conversion) under newer
compiler versions, which fails the build when compiled with -Werror.
This commit introduces helper methods to `MeshCoP::Dataset` to determine
if a given Dataset affects network connectivity or the Network Key.
It also adds a corresponding public API `otDatasetAffectsConnectivity()`.
A Dataset is considered to affect connectivity if it contains a
different Channel, PAN ID, Mesh Local Prefix, or Network Key than
the current values in use.
`Mle::AnnounceHandler::HandleAnnounce` previously executed the
`kAnnounceAttachAfterDelay` action on an attached node even when
the announced channel and PAN ID already equaled the current MAC
parameters. The `!channelAndPanIdMatch` guard was only consulted
in the `IsDetached()` branch. For an attached node this scheduled
`StartAnnounceAttach`, which calls `Stop()` then `Start()` with
the same channel/PAN ID -- accomplishing nothing while disrupting
attached children.
This causes an endless role flap in a topology where two FTDs
share channel, PAN ID, and network credentials but hold different
Active Dataset Timestamps, and where their RF link is too weak to
merge partitions (Advertisements rejected with LinkMarginLow at
`mle_router.cpp`). Each side restarts on every Announce received
from the higher-timestamp peer; the reactive `kSendAnnouceBack`
path further amplifies this because the lower-timestamp side's
own outgoing Announces draw Announce responses from the peer.
Apply the channel/PAN ID match guard unconditionally in
`kAnnounceAttachAfterDelay`. Mirror it on the FTD
`kSendAnnouceBack` path (matching the existing `isFromOrphan`
behavior) so peers sharing MAC parameters are not prompted to
migrate to the channel/PAN ID they already use.
Add `addon_test_announce_no_flap_on_unmergeable_partitions.py`
which builds the topology above and asserts that both nodes
retain their original partition IDs across a 20-minute simulated
window. Without this change the lower-timestamp node is
repeatedly demoted from leader during that window.
This commit moves the state and logic for managing the maximum number
of IP addresses per child from `Mle` to `ChildTable`. The logic for
checking the limit is also moved to the `Child` class itself.
This change better encapsulates the child table properties.
This commit updates the DHCPv6 Prefix Delegation (PD) client to
comply with RFC 9915, which obsoletes the Server Unicast option
(Option 12) and the UseMulticast status code.
Changes:
- Removed `mServerAddress` and `ProcessServerUnicastOption()` from
`Dhcp6PdClient`.
- Modified `Dhcp6PdClient::SendMessage` to always transmit via
multicast to `ff02::1:2`.
- Removed `UseMulticast` status code handling in `HandleReply()`.
- Added `otMessageFree` weak stub in simulation platform's
`infra_if.c` to resolve linking errors on simulation radio-only
targets when DHCPv6 PD client is enabled.
- Updated `test_dhcp6_pd_client.cpp` to expect multicast and
removed the obsolete UseMulticast test case.
This commit updates `MacCountersTlv` and `MleCountersTlv` to use the
`SimpleTlvInfo` template. The original classes are replaced with
`MacCountersTlvValue` and `MleCountersTlvValue` which only represent
the TLV values. This helps simplify the TLV parsing and appending
logic and more importantly allows the TLV value formats to be
reused.
This commit extends the `BitSet` class with several new
methods:
- `CountElements()`
- `IsSubsetOf()` and `IsSupersetOf()`
- `Complement()`
- `UnionWith()`, `IntersectWith()`, and `SubtractWith()`
- `SetMask()`, `AppendTo()`, and `ReadFrom()` message.
This commit also introduces a new `BitSetUtils` non-template base class
for the `BitSet<kNumBits>` template class. This change helps optimize
code by moving the common implementation logic for various bit
manipulation operations out of the template, reducing template
instantiation overhead.
This commit refactors the Nexus tests configuration in CMakeLists.txt
by properly classifying and sorting test cases:
- Moved `inform_previous_parent_on_reattach` from the "Cert tests"
section to the "Misc tests" section, and changed its label from
"cert;nexus" to "core;nexus".
- Moved `retransmission_security` from the "Cert tests" section
to the "Misc tests" section where it belongs (retaining its
"core;nexus" label) and sorted it alphabetically.
These changes ensure the CMake file remains clean and the tests are
properly categorized.
This commit removes the thread-cert/backbone tests and cleans
up all related configurations and references.
Specifically, the following changes are made:
- Deleted tests in tests/scripts/thread-cert/backbone/
- Removed the backbone-router job from .github/workflows/otbr.yml
- Removed backbone-router dependency from upload-coverage job
- Removed setup, cleanup, and checks for backbone tests in
tests/scripts/thread-cert/run_cert_suite.py
This commit removes the `avahi` mDNS configurations from the
`thread-border-router` job matrix in the OpenThread Border Router
(`otbr.yml`) workflow.
With this change, the `thread-border-router` integration tests will
exclusively run using the `mDNSResponder` configuration.
This commit renames the `NetworkDiagnostic` namespace in `src/core/thread/`
and its related types to `NetDiag` for brevity. It updates the
corresponding filenames and header guards as well.
When a sleepy end device (where `Mle::IsRxOnWhenIdle()` returns
false) sends an MLR request, it initiates fast data polls via
`DataPollSender::SendFastPolls()` to quickly receive the response.
This commit updates `Manager::HandleResponse()` to call
`DataPollSender::StopFastPolls()` when the MLR response is processed
by a sleepy end device. This ensures that the device does not
unnecessarily continue fast polling.
Retransmissions of frames containing time-dependent header Information
Elements (IEs), such as CSL or Time Sync, require updates to these
IEs to reflect the exact time of sending. If the frame counter is not
incremented for these retransmissions, it leads to nonce reuse in
AES-CCM encryption, which is a security vulnerability.
This commit addresses this issue by ensuring that every transmission
attempt (initial or retry) uses a fresh frame counter:
- Deferred security processing from `SubMac::Send()` to
`SubMac::BeginTransmit()`.
- Upon retransmission in `SubMac::HandleTransmitDone()`, the frame is
restored to plaintext via `TxFrame::DecryptTransmitAesCcm()` and
security flags are cleared.
- This allows time-dependent IEs to be updated and a new frame counter
to be assigned for every attempt.
Added a Nexus test case `retransmission_security` to verify that both
CSL and standard MAC retransmissions use incrementing frame counters
and updated CSL phases.
This commit introduces a structured state machine to `Mlr::Manager` to
coordinate Multicast Listener Registration (MLR) activities more
efficiently. The previous implementation relied on independent delay
variables and the global `TimeTicker`, which could lead to redundant
or premature registrations, especially when a Primary Backbone Router
(PBBR) was newly discovered or updated.
The new state machine (`kStateStopped`, `kStateIdle`,
`kStateToRegisterAll`, `kStateRegistering`, `kStateRegistered`,
`kStateNewAddrToRegister`) provides explicit transitions for the
entire MLR lifecycle. This ensures that registrations are properly
aggregated and that periodic renewals are correctly rescheduled after
successful out-of-band registrations.
Additionally, the manager now uses a dedicated `TimerMilli` instead of
`TimeTicker`, reducing system-wide overhead and providing more
precise timing control.
Per RFC 9664, the UL option is always included in a success response (RCODE=0).
Comment in test_srp_server is updated also to avoid suggesting the opposite.
This commit introduces a new set of template-based APIs for
non-cryptographic random number generation in the `Random::NonCrypto`
namespace. These new methods provide a cleaner, type-safe, and more
robust interface compared to the previous methods.
Key additions:
- `Generate<UintType>()`: Returns a random value of the given
unsigned integer type (`uint8_t`, `uint16_t`, or `uint32_t`).
- `GenerateUpToExcluding<UintType>(aMax)`: Returns a random value in
the range `[0, aMax)`.
- `GenerateFromMinUpToExcluding<UintType>(aMin, aMax)`: Returns a
random value in the range `[aMin, aMax)`.
- `GenerateInClosedRange<UintType>(aMin, aMax)`: Returns a random
value in the closed range `[aMin, aMax]`.
The introduction of `GenerateInClosedRange` is an improvement as it
safely handles ranges up to the maximum value of the integer type
(e.g., `0xffff`) without the risk of overflow.
All call sites across the OpenThread core stack and tests have been
updated to adopt these new APIs. The public `otRandomNonCrypto`
functions are also updated to leverage the new internal methods.
Doxygen documentation is added for all new template methods,
detailing their behavior, including edge cases where the upper bound
is smaller than or equal to the lower bound.
This commit refactors various unit tests to use `constexpr` for
defining constants instead of anonymous `enum` types.
Using `constexpr` is the modern and preferred approach in C++, as it
provides explicit types for constants and improves code clarity and
type safety.
This commit fixes minor coding style issues in
`RoutingManager::RoutePublisher::StateToString()`. It adds a missing
semicolon after the `DefineEnumStringArray()` macro and corrects the
indentation of the return statement.
This commit makes `Tlv::AppendTlvHeader()` public and updates call
sites to use it. This method automatically handles the formatting
of the TLV header as either a standard TLV header or an extended one
based on the provided length.
This commit removes all code, configurations, APIs, and tests related
to the OPENTHREAD_CONFIG_BACKBONE_ROUTER_DUA_NDPROXYING_ENABLE feature.
Specifically, the following changes were made:
- Removed DUA ND Proxying Backbone Router configuration option and the
related OPENTHREAD_CONFIG_NDPROXY_TABLE_ENTRY_NUM definition.
- Removed CLI commands: `bbr mgmt dua` and the proactive backbone
notification fake command `/b/ba`.
- Removed NdProxyTable and bbr_manager DUA ND Proxying implementation.
- Removed public/internal APIs for ND Proxying and proactive backbone
notifications.
- Deleted ndproxy_table source files and unit tests.
- Simplified CMake and GN build files to remove deleted targets.
This commit improves the `tests/nexus/build.sh` script by adding a
`display_usage()` function and implementing stricter command-line
argument validation.
Abtin Keshavarzian