]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_evpn.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bgpd: evpn pip handle svi ip route
[mirror_frr.git] / bgpd / bgp_evpn.c
1 /* Ethernet-VPN Packet and vty Processing File
2 * Copyright (C) 2016 6WIND
3 * Copyright (C) 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRRouting is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRRouting is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "command.h"
25 #include "filter.h"
26 #include "prefix.h"
27 #include "log.h"
28 #include "memory.h"
29 #include "stream.h"
30 #include "hash.h"
31 #include "jhash.h"
32 #include "zclient.h"
33
34 #include "bgpd/bgp_attr_evpn.h"
35 #include "bgpd/bgpd.h"
36 #include "bgpd/bgp_table.h"
37 #include "bgpd/bgp_route.h"
38 #include "bgpd/bgp_attr.h"
39 #include "bgpd/bgp_mplsvpn.h"
40 #include "bgpd/bgp_label.h"
41 #include "bgpd/bgp_evpn.h"
42 #include "bgpd/bgp_evpn_private.h"
43 #include "bgpd/bgp_ecommunity.h"
44 #include "bgpd/bgp_encap_types.h"
45 #include "bgpd/bgp_debug.h"
46 #include "bgpd/bgp_errors.h"
47 #include "bgpd/bgp_aspath.h"
48 #include "bgpd/bgp_zebra.h"
49 #include "bgpd/bgp_nexthop.h"
50 #include "bgpd/bgp_addpath.h"
51 #include "bgpd/bgp_mac.h"
52
53 /*
54 * Definitions and external declarations.
55 */
56 extern struct zclient *zclient;
57
58 DEFINE_QOBJ_TYPE(bgpevpn)
59 DEFINE_QOBJ_TYPE(evpnes)
60
61
62 /*
63 * Static function declarations
64 */
65 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
66 struct bgp_node *rn,
67 struct bgp_path_info **pi);
68 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn);
69
70 /*
71 * Private functions.
72 */
73
74 /* compare two IPV4 VTEP IPs */
75 static int evpn_vtep_ip_cmp(void *p1, void *p2)
76 {
77 const struct in_addr *ip1 = p1;
78 const struct in_addr *ip2 = p2;
79
80 return ip1->s_addr - ip2->s_addr;
81 }
82
83 /*
84 * Make hash key for ESI.
85 */
86 static unsigned int esi_hash_keymake(const void *p)
87 {
88 const struct evpnes *pes = p;
89 const void *pnt = (void *)pes->esi.val;
90
91 return jhash(pnt, ESI_BYTES, 0xa5a5a55a);
92 }
93
94 /*
95 * Compare two ESIs.
96 */
97 static bool esi_cmp(const void *p1, const void *p2)
98 {
99 const struct evpnes *pes1 = p1;
100 const struct evpnes *pes2 = p2;
101
102 if (pes1 == NULL && pes2 == NULL)
103 return true;
104
105 if (pes1 == NULL || pes2 == NULL)
106 return false;
107
108 return (memcmp(pes1->esi.val, pes2->esi.val, ESI_BYTES) == 0);
109 }
110
111 /*
112 * Make vni hash key.
113 */
114 static unsigned int vni_hash_key_make(const void *p)
115 {
116 const struct bgpevpn *vpn = p;
117 return (jhash_1word(vpn->vni, 0));
118 }
119
120 /*
121 * Comparison function for vni hash
122 */
123 static bool vni_hash_cmp(const void *p1, const void *p2)
124 {
125 const struct bgpevpn *vpn1 = p1;
126 const struct bgpevpn *vpn2 = p2;
127
128 if (!vpn1 && !vpn2)
129 return true;
130 if (!vpn1 || !vpn2)
131 return false;
132 return (vpn1->vni == vpn2->vni);
133 }
134
135 static int vni_list_cmp(void *p1, void *p2)
136 {
137 const struct bgpevpn *vpn1 = p1;
138 const struct bgpevpn *vpn2 = p2;
139
140 return vpn1->vni - vpn2->vni;
141 }
142
143 /*
144 * Make vrf import route target hash key.
145 */
146 static unsigned int vrf_import_rt_hash_key_make(const void *p)
147 {
148 const struct vrf_irt_node *irt = p;
149 const char *pnt = irt->rt.val;
150
151 return jhash(pnt, 8, 0x5abc1234);
152 }
153
154 /*
155 * Comparison function for vrf import rt hash
156 */
157 static bool vrf_import_rt_hash_cmp(const void *p1, const void *p2)
158 {
159 const struct vrf_irt_node *irt1 = p1;
160 const struct vrf_irt_node *irt2 = p2;
161
162 if (irt1 == NULL && irt2 == NULL)
163 return true;
164
165 if (irt1 == NULL || irt2 == NULL)
166 return false;
167
168 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
169 }
170
171 /*
172 * Create a new vrf import_rt in evpn instance
173 */
174 static struct vrf_irt_node *vrf_import_rt_new(struct ecommunity_val *rt)
175 {
176 struct bgp *bgp_evpn = NULL;
177 struct vrf_irt_node *irt;
178
179 bgp_evpn = bgp_get_evpn();
180 if (!bgp_evpn) {
181 flog_err(EC_BGP_NO_DFLT,
182 "vrf import rt new - evpn instance not created yet");
183 return NULL;
184 }
185
186 irt = XCALLOC(MTYPE_BGP_EVPN_VRF_IMPORT_RT,
187 sizeof(struct vrf_irt_node));
188
189 irt->rt = *rt;
190 irt->vrfs = list_new();
191
192 /* Add to hash */
193 if (!hash_get(bgp_evpn->vrf_import_rt_hash, irt, hash_alloc_intern)) {
194 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
195 return NULL;
196 }
197
198 return irt;
199 }
200
201 /*
202 * Free the vrf import rt node
203 */
204 static void vrf_import_rt_free(struct vrf_irt_node *irt)
205 {
206 struct bgp *bgp_evpn = NULL;
207
208 bgp_evpn = bgp_get_evpn();
209 if (!bgp_evpn) {
210 flog_err(EC_BGP_NO_DFLT,
211 "vrf import rt free - evpn instance not created yet");
212 return;
213 }
214
215 hash_release(bgp_evpn->vrf_import_rt_hash, irt);
216 list_delete(&irt->vrfs);
217 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
218 }
219
220 /*
221 * Function to lookup Import RT node - used to map a RT to set of
222 * VNIs importing routes with that RT.
223 */
224 static struct vrf_irt_node *lookup_vrf_import_rt(struct ecommunity_val *rt)
225 {
226 struct bgp *bgp_evpn = NULL;
227 struct vrf_irt_node *irt;
228 struct vrf_irt_node tmp;
229
230 bgp_evpn = bgp_get_evpn();
231 if (!bgp_evpn) {
232 flog_err(
233 EC_BGP_NO_DFLT,
234 "vrf import rt lookup - evpn instance not created yet");
235 return NULL;
236 }
237
238 memset(&tmp, 0, sizeof(struct vrf_irt_node));
239 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
240 irt = hash_lookup(bgp_evpn->vrf_import_rt_hash, &tmp);
241 return irt;
242 }
243
244 /*
245 * Is specified VRF present on the RT's list of "importing" VRFs?
246 */
247 static int is_vrf_present_in_irt_vrfs(struct list *vrfs, struct bgp *bgp_vrf)
248 {
249 struct listnode *node = NULL, *nnode = NULL;
250 struct bgp *tmp_bgp_vrf = NULL;
251
252 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, tmp_bgp_vrf)) {
253 if (tmp_bgp_vrf == bgp_vrf)
254 return 1;
255 }
256 return 0;
257 }
258
259 /*
260 * Make import route target hash key.
261 */
262 static unsigned int import_rt_hash_key_make(const void *p)
263 {
264 const struct irt_node *irt = p;
265 const char *pnt = irt->rt.val;
266
267 return jhash(pnt, 8, 0xdeadbeef);
268 }
269
270 /*
271 * Comparison function for import rt hash
272 */
273 static bool import_rt_hash_cmp(const void *p1, const void *p2)
274 {
275 const struct irt_node *irt1 = p1;
276 const struct irt_node *irt2 = p2;
277
278 if (irt1 == NULL && irt2 == NULL)
279 return true;
280
281 if (irt1 == NULL || irt2 == NULL)
282 return false;
283
284 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
285 }
286
287 /*
288 * Create a new import_rt
289 */
290 static struct irt_node *import_rt_new(struct bgp *bgp,
291 struct ecommunity_val *rt)
292 {
293 struct irt_node *irt;
294
295 if (!bgp)
296 return NULL;
297
298 irt = XCALLOC(MTYPE_BGP_EVPN_IMPORT_RT, sizeof(struct irt_node));
299
300 irt->rt = *rt;
301 irt->vnis = list_new();
302
303 /* Add to hash */
304 if (!hash_get(bgp->import_rt_hash, irt, hash_alloc_intern)) {
305 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
306 return NULL;
307 }
308
309 return irt;
310 }
311
312 /*
313 * Free the import rt node
314 */
315 static void import_rt_free(struct bgp *bgp, struct irt_node *irt)
316 {
317 hash_release(bgp->import_rt_hash, irt);
318 list_delete(&irt->vnis);
319 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
320 }
321
322 /*
323 * Function to lookup Import RT node - used to map a RT to set of
324 * VNIs importing routes with that RT.
325 */
326 static struct irt_node *lookup_import_rt(struct bgp *bgp,
327 struct ecommunity_val *rt)
328 {
329 struct irt_node *irt;
330 struct irt_node tmp;
331
332 memset(&tmp, 0, sizeof(struct irt_node));
333 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
334 irt = hash_lookup(bgp->import_rt_hash, &tmp);
335 return irt;
336 }
337
338 /*
339 * Is specified VNI present on the RT's list of "importing" VNIs?
340 */
341 static int is_vni_present_in_irt_vnis(struct list *vnis, struct bgpevpn *vpn)
342 {
343 struct listnode *node, *nnode;
344 struct bgpevpn *tmp_vpn;
345
346 for (ALL_LIST_ELEMENTS(vnis, node, nnode, tmp_vpn)) {
347 if (tmp_vpn == vpn)
348 return 1;
349 }
350
351 return 0;
352 }
353
354 /*
355 * Compare Route Targets.
356 */
357 static int evpn_route_target_cmp(struct ecommunity *ecom1,
358 struct ecommunity *ecom2)
359 {
360 if (ecom1 && !ecom2)
361 return -1;
362
363 if (!ecom1 && ecom2)
364 return 1;
365
366 if (!ecom1 && !ecom2)
367 return 0;
368
369 if (ecom1->str && !ecom2->str)
370 return -1;
371
372 if (!ecom1->str && ecom2->str)
373 return 1;
374
375 if (!ecom1->str && !ecom2->str)
376 return 0;
377
378 return strcmp(ecom1->str, ecom2->str);
379 }
380
381 static void evpn_xxport_delete_ecomm(void *val)
382 {
383 struct ecommunity *ecomm = val;
384 ecommunity_free(&ecomm);
385 }
386
387 /*
388 * Mask off global-admin field of specified extended community (RT),
389 * just retain the local-admin field.
390 */
391 static inline void mask_ecom_global_admin(struct ecommunity_val *dst,
392 struct ecommunity_val *src)
393 {
394 uint8_t type;
395
396 type = src->val[0];
397 dst->val[0] = 0;
398 if (type == ECOMMUNITY_ENCODE_AS) {
399 dst->val[2] = dst->val[3] = 0;
400 } else if (type == ECOMMUNITY_ENCODE_AS4
401 || type == ECOMMUNITY_ENCODE_IP) {
402 dst->val[2] = dst->val[3] = 0;
403 dst->val[4] = dst->val[5] = 0;
404 }
405 }
406
407 /*
408 * Map one RT to specified VRF.
409 * bgp_vrf = BGP vrf instance
410 */
411 static void map_vrf_to_rt(struct bgp *bgp_vrf, struct ecommunity_val *eval)
412 {
413 struct vrf_irt_node *irt = NULL;
414 struct ecommunity_val eval_tmp;
415
416 /* If using "automatic" RT,
417 * we only care about the local-admin sub-field.
418 * This is to facilitate using L3VNI(VRF-VNI)
419 * as the RT for EBGP peering too.
420 */
421 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
422 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
423 mask_ecom_global_admin(&eval_tmp, eval);
424
425 irt = lookup_vrf_import_rt(&eval_tmp);
426 if (irt && is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
427 /* Already mapped. */
428 return;
429
430 if (!irt)
431 irt = vrf_import_rt_new(&eval_tmp);
432
433 /* Add VRF to the list for this RT. */
434 listnode_add(irt->vrfs, bgp_vrf);
435 }
436
437 /*
438 * Unmap specified VRF from specified RT. If there are no other
439 * VRFs for this RT, then the RT hash is deleted.
440 * bgp_vrf: BGP VRF specific instance
441 */
442 static void unmap_vrf_from_rt(struct bgp *bgp_vrf, struct vrf_irt_node *irt)
443 {
444 /* Delete VRF from list for this RT. */
445 listnode_delete(irt->vrfs, bgp_vrf);
446 if (!listnode_head(irt->vrfs)) {
447 vrf_import_rt_free(irt);
448 }
449 }
450
451 /*
452 * Map one RT to specified VNI.
453 */
454 static void map_vni_to_rt(struct bgp *bgp, struct bgpevpn *vpn,
455 struct ecommunity_val *eval)
456 {
457 struct irt_node *irt;
458 struct ecommunity_val eval_tmp;
459
460 /* If using "automatic" RT, we only care about the local-admin
461 * sub-field.
462 * This is to facilitate using VNI as the RT for EBGP peering too.
463 */
464 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
465 if (!is_import_rt_configured(vpn))
466 mask_ecom_global_admin(&eval_tmp, eval);
467
468 irt = lookup_import_rt(bgp, &eval_tmp);
469 if (irt)
470 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
471 /* Already mapped. */
472 return;
473
474 if (!irt) {
475 irt = import_rt_new(bgp, &eval_tmp);
476 assert(irt);
477 }
478
479 /* Add VNI to the hash list for this RT. */
480 listnode_add(irt->vnis, vpn);
481 }
482
483 /*
484 * Unmap specified VNI from specified RT. If there are no other
485 * VNIs for this RT, then the RT hash is deleted.
486 */
487 static void unmap_vni_from_rt(struct bgp *bgp, struct bgpevpn *vpn,
488 struct irt_node *irt)
489 {
490 /* Delete VNI from hash list for this RT. */
491 listnode_delete(irt->vnis, vpn);
492 if (!listnode_head(irt->vnis)) {
493 import_rt_free(bgp, irt);
494 }
495 }
496
497 static void bgp_evpn_get_rmac_nexthop(struct bgpevpn *vpn,
498 struct prefix_evpn *p,
499 struct attr *attr, uint8_t flags)
500 {
501 struct bgp *bgp_vrf = vpn->bgp_vrf;
502
503 memset(&attr->rmac, 0, sizeof(struct ethaddr));
504 if (!bgp_vrf)
505 return;
506
507 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
508 /* Copy sys (pip) RMAC and PIP IP as nexthop
509 * in case of route is self MAC-IP,
510 * advertise-pip and advertise-svi-ip features
511 * are enabled.
512 * Otherwise, for all host MAC-IP route's
513 * copy anycast RMAC
514 */
515 if (CHECK_FLAG(flags, BGP_EVPN_MACIP_TYPE_SVI_IP)
516 && bgp_evpn_is_svi_macip_enabled(vpn)) {
517 /* copy sys rmac */
518 memcpy(&attr->rmac, &bgp_vrf->evpn_info->pip_rmac,
519 ETH_ALEN);
520 if (bgp_vrf->evpn_info->advertise_pip &&
521 bgp_vrf->evpn_info->is_anycast_mac) {
522 attr->nexthop = bgp_vrf->evpn_info->pip_ip;
523 attr->mp_nexthop_global_in =
524 bgp_vrf->evpn_info->pip_ip;
525 }
526 } else
527 memcpy(&attr->rmac, &bgp_vrf->rmac, ETH_ALEN);
528 }
529 }
530 /*
531 * Create RT extended community automatically from passed information:
532 * of the form AS:VNI.
533 * NOTE: We use only the lower 16 bits of the AS. This is sufficient as
534 * the need is to get a RT value that will be unique across different
535 * VNIs but the same across routers (in the same AS) for a particular
536 * VNI.
537 */
538 static void form_auto_rt(struct bgp *bgp, vni_t vni, struct list *rtl)
539 {
540 struct ecommunity_val eval;
541 struct ecommunity *ecomadd, *ecom;
542 bool ecom_found = false;
543 struct listnode *node;
544
545 if (bgp->advertise_autort_rfc8365)
546 vni |= EVPN_AUTORT_VXLAN;
547 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
548
549 ecomadd = ecommunity_new();
550 ecommunity_add_val(ecomadd, &eval);
551 for (ALL_LIST_ELEMENTS_RO(rtl, node, ecom))
552 if (ecommunity_cmp(ecomadd, ecom))
553 ecom_found = true;
554
555 if (!ecom_found)
556 listnode_add_sort(rtl, ecomadd);
557 }
558
559 /*
560 * Derive RD and RT for a VNI automatically. Invoked at the time of
561 * creation of a VNI.
562 */
563 static void derive_rd_rt_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
564 {
565 bgp_evpn_derive_auto_rd(bgp, vpn);
566 bgp_evpn_derive_auto_rt_import(bgp, vpn);
567 bgp_evpn_derive_auto_rt_export(bgp, vpn);
568 }
569
570 /*
571 * Convert nexthop (remote VTEP IP) into an IPv6 address.
572 */
573 static void evpn_convert_nexthop_to_ipv6(struct attr *attr)
574 {
575 if (BGP_ATTR_NEXTHOP_AFI_IP6(attr))
576 return;
577 ipv4_to_ipv4_mapped_ipv6(&attr->mp_nexthop_global, attr->nexthop);
578 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
579 }
580
581 /*
582 * Add (update) or delete MACIP from zebra.
583 */
584 static int bgp_zebra_send_remote_macip(struct bgp *bgp, struct bgpevpn *vpn,
585 struct prefix_evpn *p,
586 struct in_addr remote_vtep_ip, int add,
587 uint8_t flags, uint32_t seq)
588 {
589 struct stream *s;
590 int ipa_len;
591 char buf1[ETHER_ADDR_STRLEN];
592 char buf2[INET6_ADDRSTRLEN];
593 char buf3[INET6_ADDRSTRLEN];
594
595 /* Check socket. */
596 if (!zclient || zclient->sock < 0)
597 return 0;
598
599 /* Don't try to register if Zebra doesn't know of this instance. */
600 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
601 if (BGP_DEBUG(zebra, ZEBRA))
602 zlog_debug("%s: No zebra instance to talk to, not installing remote macip",
603 __PRETTY_FUNCTION__);
604 return 0;
605 }
606 s = zclient->obuf;
607 stream_reset(s);
608
609 zclient_create_header(
610 s, add ? ZEBRA_REMOTE_MACIP_ADD : ZEBRA_REMOTE_MACIP_DEL,
611 bgp->vrf_id);
612 stream_putl(s, vpn->vni);
613 stream_put(s, &p->prefix.macip_addr.mac.octet, ETH_ALEN); /* Mac Addr */
614 /* IP address length and IP address, if any. */
615 if (is_evpn_prefix_ipaddr_none(p))
616 stream_putl(s, 0);
617 else {
618 ipa_len = is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BYTELEN
619 : IPV6_MAX_BYTELEN;
620 stream_putl(s, ipa_len);
621 stream_put(s, &p->prefix.macip_addr.ip.ip.addr, ipa_len);
622 }
623 stream_put_in_addr(s, &remote_vtep_ip);
624
625 /* TX flags - MAC sticky status and/or gateway mac */
626 /* Also TX the sequence number of the best route. */
627 if (add) {
628 stream_putc(s, flags);
629 stream_putl(s, seq);
630 }
631
632 stream_putw_at(s, 0, stream_get_endp(s));
633
634 if (bgp_debug_zebra(NULL))
635 zlog_debug(
636 "Tx %s MACIP, VNI %u MAC %s IP %s flags 0x%x seq %u remote VTEP %s",
637 add ? "ADD" : "DEL", vpn->vni,
638 prefix_mac2str(&p->prefix.macip_addr.mac,
639 buf1, sizeof(buf1)),
640 ipaddr2str(&p->prefix.macip_addr.ip,
641 buf3, sizeof(buf3)), flags, seq,
642 inet_ntop(AF_INET, &remote_vtep_ip, buf2,
643 sizeof(buf2)));
644
645 return zclient_send_message(zclient);
646 }
647
648 /*
649 * Add (update) or delete remote VTEP from zebra.
650 */
651 static int bgp_zebra_send_remote_vtep(struct bgp *bgp, struct bgpevpn *vpn,
652 struct prefix_evpn *p,
653 int flood_control, int add)
654 {
655 struct stream *s;
656
657 /* Check socket. */
658 if (!zclient || zclient->sock < 0)
659 return 0;
660
661 /* Don't try to register if Zebra doesn't know of this instance. */
662 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
663 if (BGP_DEBUG(zebra, ZEBRA))
664 zlog_debug("%s: No zebra instance to talk to, not installing remote vtep",
665 __PRETTY_FUNCTION__);
666 return 0;
667 }
668
669 s = zclient->obuf;
670 stream_reset(s);
671
672 zclient_create_header(
673 s, add ? ZEBRA_REMOTE_VTEP_ADD : ZEBRA_REMOTE_VTEP_DEL,
674 bgp->vrf_id);
675 stream_putl(s, vpn->vni);
676 if (is_evpn_prefix_ipaddr_v4(p))
677 stream_put_in_addr(s, &p->prefix.imet_addr.ip.ipaddr_v4);
678 else if (is_evpn_prefix_ipaddr_v6(p)) {
679 flog_err(
680 EC_BGP_VTEP_INVALID,
681 "Bad remote IP when trying to %s remote VTEP for VNI %u",
682 add ? "ADD" : "DEL", vpn->vni);
683 return -1;
684 }
685 stream_putl(s, flood_control);
686
687 stream_putw_at(s, 0, stream_get_endp(s));
688
689 if (bgp_debug_zebra(NULL))
690 zlog_debug("Tx %s Remote VTEP, VNI %u remote VTEP %s",
691 add ? "ADD" : "DEL", vpn->vni,
692 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
693
694 return zclient_send_message(zclient);
695 }
696
697 /*
698 * Build extended community for EVPN ES (type-4) route
699 */
700 static void build_evpn_type4_route_extcomm(struct evpnes *es,
701 struct attr *attr)
702 {
703 struct ecommunity ecom_encap;
704 struct ecommunity ecom_es_rt;
705 struct ecommunity_val eval;
706 struct ecommunity_val eval_es_rt;
707 bgp_encap_types tnl_type;
708 struct ethaddr mac;
709
710 /* Encap */
711 tnl_type = BGP_ENCAP_TYPE_VXLAN;
712 memset(&ecom_encap, 0, sizeof(ecom_encap));
713 encode_encap_extcomm(tnl_type, &eval);
714 ecom_encap.size = 1;
715 ecom_encap.val = (uint8_t *)eval.val;
716 attr->ecommunity = ecommunity_dup(&ecom_encap);
717
718 /* ES import RT */
719 memset(&mac, 0, sizeof(struct ethaddr));
720 memset(&ecom_es_rt, 0, sizeof(ecom_es_rt));
721 es_get_system_mac(&es->esi, &mac);
722 encode_es_rt_extcomm(&eval_es_rt, &mac);
723 ecom_es_rt.size = 1;
724 ecom_es_rt.val = (uint8_t *)eval_es_rt.val;
725 attr->ecommunity =
726 ecommunity_merge(attr->ecommunity, &ecom_es_rt);
727
728 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
729 }
730
731 /*
732 * Build extended communities for EVPN prefix route.
733 */
734 static void build_evpn_type5_route_extcomm(struct bgp *bgp_vrf,
735 struct attr *attr)
736 {
737 struct ecommunity ecom_encap;
738 struct ecommunity ecom_rmac;
739 struct ecommunity_val eval;
740 struct ecommunity_val eval_rmac;
741 bgp_encap_types tnl_type;
742 struct listnode *node, *nnode;
743 struct ecommunity *ecom;
744 struct list *vrf_export_rtl = NULL;
745
746 /* Encap */
747 tnl_type = BGP_ENCAP_TYPE_VXLAN;
748 memset(&ecom_encap, 0, sizeof(ecom_encap));
749 encode_encap_extcomm(tnl_type, &eval);
750 ecom_encap.size = 1;
751 ecom_encap.val = (uint8_t *)eval.val;
752
753 /* Add Encap */
754 attr->ecommunity = ecommunity_dup(&ecom_encap);
755
756 /* Add the export RTs for L3VNI/VRF */
757 vrf_export_rtl = bgp_vrf->vrf_export_rtl;
758 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode, ecom))
759 attr->ecommunity =
760 ecommunity_merge(attr->ecommunity, ecom);
761
762 /* add the router mac extended community */
763 if (!is_zero_mac(&attr->rmac)) {
764 memset(&ecom_rmac, 0, sizeof(ecom_rmac));
765 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
766 ecom_rmac.size = 1;
767 ecom_rmac.val = (uint8_t *)eval_rmac.val;
768 attr->ecommunity =
769 ecommunity_merge(attr->ecommunity, &ecom_rmac);
770 }
771
772 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
773 }
774
775 /*
776 * Build extended communities for EVPN route.
777 * This function is applicable for type-2 and type-3 routes. The layer-2 RT
778 * and ENCAP extended communities are applicable for all routes.
779 * The default gateway extended community and MAC mobility (sticky) extended
780 * community are added as needed based on passed settings - only for type-2
781 * routes. Likewise, the layer-3 RT and Router MAC extended communities are
782 * added, if present, based on passed settings - only for non-link-local
783 * type-2 routes.
784 */
785 static void build_evpn_route_extcomm(struct bgpevpn *vpn, struct attr *attr,
786 int add_l3_ecomm)
787 {
788 struct ecommunity ecom_encap;
789 struct ecommunity ecom_sticky;
790 struct ecommunity ecom_default_gw;
791 struct ecommunity ecom_rmac;
792 struct ecommunity ecom_na;
793 struct ecommunity_val eval;
794 struct ecommunity_val eval_sticky;
795 struct ecommunity_val eval_default_gw;
796 struct ecommunity_val eval_rmac;
797 struct ecommunity_val eval_na;
798
799 bgp_encap_types tnl_type;
800 struct listnode *node, *nnode;
801 struct ecommunity *ecom;
802 uint32_t seqnum;
803 struct list *vrf_export_rtl = NULL;
804
805 /* Encap */
806 tnl_type = BGP_ENCAP_TYPE_VXLAN;
807 memset(&ecom_encap, 0, sizeof(ecom_encap));
808 encode_encap_extcomm(tnl_type, &eval);
809 ecom_encap.size = 1;
810 ecom_encap.val = (uint8_t *)eval.val;
811
812 /* Add Encap */
813 attr->ecommunity = ecommunity_dup(&ecom_encap);
814
815 /* Add the export RTs for L2VNI */
816 for (ALL_LIST_ELEMENTS(vpn->export_rtl, node, nnode, ecom))
817 attr->ecommunity = ecommunity_merge(attr->ecommunity, ecom);
818
819 /* Add the export RTs for L3VNI if told to - caller determines
820 * when this should be done.
821 */
822 if (add_l3_ecomm) {
823 vrf_export_rtl = bgpevpn_get_vrf_export_rtl(vpn);
824 if (vrf_export_rtl && !list_isempty(vrf_export_rtl)) {
825 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode,
826 ecom))
827 attr->ecommunity = ecommunity_merge(
828 attr->ecommunity, ecom);
829 }
830 }
831
832 /* Add MAC mobility (sticky) if needed. */
833 if (attr->sticky) {
834 seqnum = 0;
835 memset(&ecom_sticky, 0, sizeof(ecom_sticky));
836 encode_mac_mobility_extcomm(1, seqnum, &eval_sticky);
837 ecom_sticky.size = 1;
838 ecom_sticky.val = (uint8_t *)eval_sticky.val;
839 attr->ecommunity =
840 ecommunity_merge(attr->ecommunity, &ecom_sticky);
841 }
842
843 /* Add RMAC, if told to. */
844 if (add_l3_ecomm) {
845 memset(&ecom_rmac, 0, sizeof(ecom_rmac));
846 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
847 ecom_rmac.size = 1;
848 ecom_rmac.val = (uint8_t *)eval_rmac.val;
849 attr->ecommunity =
850 ecommunity_merge(attr->ecommunity, &ecom_rmac);
851 }
852
853 /* Add default gateway, if needed. */
854 if (attr->default_gw) {
855 memset(&ecom_default_gw, 0, sizeof(ecom_default_gw));
856 encode_default_gw_extcomm(&eval_default_gw);
857 ecom_default_gw.size = 1;
858 ecom_default_gw.val = (uint8_t *)eval_default_gw.val;
859 attr->ecommunity =
860 ecommunity_merge(attr->ecommunity, &ecom_default_gw);
861 }
862
863 if (attr->router_flag) {
864 memset(&ecom_na, 0, sizeof(ecom_na));
865 encode_na_flag_extcomm(&eval_na, attr->router_flag);
866 ecom_na.size = 1;
867 ecom_na.val = (uint8_t *)eval_na.val;
868 attr->ecommunity = ecommunity_merge(attr->ecommunity,
869 &ecom_na);
870 }
871
872 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
873 }
874
875 /*
876 * Add MAC mobility extended community to attribute.
877 */
878 static void add_mac_mobility_to_attr(uint32_t seq_num, struct attr *attr)
879 {
880 struct ecommunity ecom_tmp;
881 struct ecommunity_val eval;
882 uint8_t *ecom_val_ptr;
883 int i;
884 uint8_t *pnt;
885 int type = 0;
886 int sub_type = 0;
887
888 /* Build MM */
889 encode_mac_mobility_extcomm(0, seq_num, &eval);
890
891 /* Find current MM ecommunity */
892 ecom_val_ptr = NULL;
893
894 if (attr->ecommunity) {
895 for (i = 0; i < attr->ecommunity->size; i++) {
896 pnt = attr->ecommunity->val + (i * 8);
897 type = *pnt++;
898 sub_type = *pnt++;
899
900 if (type == ECOMMUNITY_ENCODE_EVPN
901 && sub_type
902 == ECOMMUNITY_EVPN_SUBTYPE_MACMOBILITY) {
903 ecom_val_ptr = (uint8_t *)(attr->ecommunity->val
904 + (i * 8));
905 break;
906 }
907 }
908 }
909
910 /* Update the existing MM ecommunity */
911 if (ecom_val_ptr) {
912 memcpy(ecom_val_ptr, eval.val, sizeof(char) * ECOMMUNITY_SIZE);
913 }
914 /* Add MM to existing */
915 else {
916 memset(&ecom_tmp, 0, sizeof(ecom_tmp));
917 ecom_tmp.size = 1;
918 ecom_tmp.val = (uint8_t *)eval.val;
919
920 if (attr->ecommunity)
921 attr->ecommunity =
922 ecommunity_merge(attr->ecommunity, &ecom_tmp);
923 else
924 attr->ecommunity = ecommunity_dup(&ecom_tmp);
925 }
926 }
927
928 /* Install EVPN route into zebra. */
929 static int evpn_zebra_install(struct bgp *bgp, struct bgpevpn *vpn,
930 struct prefix_evpn *p, struct bgp_path_info *pi)
931 {
932 int ret;
933 uint8_t flags;
934 int flood_control;
935
936 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
937 flags = 0;
938 if (pi->attr->sticky)
939 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
940 if (pi->attr->default_gw)
941 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
942 if (is_evpn_prefix_ipaddr_v6(p) &&
943 pi->attr->router_flag)
944 SET_FLAG(flags, ZEBRA_MACIP_TYPE_ROUTER_FLAG);
945 ret = bgp_zebra_send_remote_macip(
946 bgp, vpn, p, pi->attr->nexthop, 1, flags,
947 mac_mobility_seqnum(pi->attr));
948 } else {
949 switch (pi->attr->pmsi_tnl_type) {
950 case PMSI_TNLTYPE_INGR_REPL:
951 flood_control = VXLAN_FLOOD_HEAD_END_REPL;
952 break;
953
954 case PMSI_TNLTYPE_PIM_SM:
955 flood_control = VXLAN_FLOOD_PIM_SM;
956 break;
957
958 default:
959 flood_control = VXLAN_FLOOD_DISABLED;
960 break;
961 }
962 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p, flood_control, 1);
963 }
964
965 return ret;
966 }
967
968 /* Uninstall EVPN route from zebra. */
969 static int evpn_zebra_uninstall(struct bgp *bgp, struct bgpevpn *vpn,
970 struct prefix_evpn *p,
971 struct in_addr remote_vtep_ip)
972 {
973 int ret;
974
975 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
976 ret = bgp_zebra_send_remote_macip(bgp, vpn, p, remote_vtep_ip,
977 0, 0, 0);
978 else
979 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p,
980 VXLAN_FLOOD_DISABLED, 0);
981
982 return ret;
983 }
984
985 /*
986 * Due to MAC mobility, the prior "local" best route has been supplanted
987 * by a "remote" best route. The prior route has to be deleted and withdrawn
988 * from peers.
989 */
990 static void evpn_delete_old_local_route(struct bgp *bgp, struct bgpevpn *vpn,
991 struct bgp_node *rn,
992 struct bgp_path_info *old_local)
993 {
994 struct bgp_node *global_rn;
995 struct bgp_path_info *pi;
996 afi_t afi = AFI_L2VPN;
997 safi_t safi = SAFI_EVPN;
998
999 /* Locate route node in the global EVPN routing table. Note that
1000 * this table is a 2-level tree (RD-level + Prefix-level) similar to
1001 * L3VPN routes.
1002 */
1003 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
1004 (struct prefix *)&rn->p, &vpn->prd);
1005 if (global_rn) {
1006 /* Delete route entry in the global EVPN table. */
1007 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
1008
1009 /* Schedule for processing - withdraws to peers happen from
1010 * this table.
1011 */
1012 if (pi)
1013 bgp_process(bgp, global_rn, afi, safi);
1014 bgp_unlock_node(global_rn);
1015 }
1016
1017 /* Delete route entry in the VNI route table, caller to remove. */
1018 bgp_path_info_delete(rn, old_local);
1019 }
1020
1021 static struct in_addr *es_vtep_new(struct in_addr vtep)
1022 {
1023 struct in_addr *ip;
1024
1025 ip = XCALLOC(MTYPE_BGP_EVPN_ES_VTEP, sizeof(struct in_addr));
1026
1027 ip->s_addr = vtep.s_addr;
1028 return ip;
1029 }
1030
1031 static void es_vtep_free(struct in_addr *ip)
1032 {
1033 XFREE(MTYPE_BGP_EVPN_ES_VTEP, ip);
1034 }
1035
1036 /* check if VTEP is already part of the list */
1037 static int is_vtep_present_in_list(struct list *list,
1038 struct in_addr vtep)
1039 {
1040 struct listnode *node = NULL;
1041 struct in_addr *tmp;
1042
1043 for (ALL_LIST_ELEMENTS_RO(list, node, tmp)) {
1044 if (tmp->s_addr == vtep.s_addr)
1045 return 1;
1046 }
1047 return 0;
1048 }
1049
1050 /*
1051 * Best path for ES route was changed,
1052 * update the list of VTEPs for this ES
1053 */
1054 static int evpn_es_install_vtep(struct bgp *bgp,
1055 struct evpnes *es,
1056 struct prefix_evpn *p,
1057 struct in_addr rvtep)
1058 {
1059 struct in_addr *vtep_ip;
1060
1061 if (is_vtep_present_in_list(es->vtep_list, rvtep))
1062 return 0;
1063
1064
1065 vtep_ip = es_vtep_new(rvtep);
1066 if (vtep_ip)
1067 listnode_add_sort(es->vtep_list, vtep_ip);
1068 return 0;
1069 }
1070
1071 /*
1072 * Best path for ES route was changed,
1073 * update the list of VTEPs for this ES
1074 */
1075 static int evpn_es_uninstall_vtep(struct bgp *bgp,
1076 struct evpnes *es,
1077 struct prefix_evpn *p,
1078 struct in_addr rvtep)
1079 {
1080 struct listnode *node, *nnode, *node_to_del = NULL;
1081 struct in_addr *tmp;
1082
1083 for (ALL_LIST_ELEMENTS(es->vtep_list, node, nnode, tmp)) {
1084 if (tmp->s_addr == rvtep.s_addr) {
1085 es_vtep_free(tmp);
1086 node_to_del = node;
1087 }
1088 }
1089
1090 if (node_to_del)
1091 list_delete_node(es->vtep_list, node_to_del);
1092
1093 return 0;
1094 }
1095
1096 /*
1097 * Calculate the best path for a ES(type-4) route.
1098 */
1099 static int evpn_es_route_select_install(struct bgp *bgp,
1100 struct evpnes *es,
1101 struct bgp_node *rn)
1102 {
1103 int ret = 0;
1104 afi_t afi = AFI_L2VPN;
1105 safi_t safi = SAFI_EVPN;
1106 struct bgp_path_info *old_select; /* old best */
1107 struct bgp_path_info *new_select; /* new best */
1108 struct bgp_path_info_pair old_and_new;
1109
1110 /* Compute the best path. */
1111 bgp_best_selection(bgp, rn, &bgp->maxpaths[afi][safi],
1112 &old_and_new, afi, safi);
1113 old_select = old_and_new.old;
1114 new_select = old_and_new.new;
1115
1116 /*
1117 * If the best path hasn't changed - see if something needs to be
1118 * updated
1119 */
1120 if (old_select && old_select == new_select
1121 && old_select->type == ZEBRA_ROUTE_BGP
1122 && old_select->sub_type == BGP_ROUTE_IMPORTED
1123 && !CHECK_FLAG(rn->flags, BGP_NODE_USER_CLEAR)
1124 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1125 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1126 if (bgp_zebra_has_route_changed(rn, old_select)) {
1127 ret = evpn_es_install_vtep(bgp, es,
1128 (struct prefix_evpn *)&rn->p,
1129 old_select->attr->nexthop);
1130 }
1131 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1132 bgp_zebra_clear_route_change_flags(rn);
1133 return ret;
1134 }
1135
1136 /* If the user did a "clear" this flag will be set */
1137 UNSET_FLAG(rn->flags, BGP_NODE_USER_CLEAR);
1138
1139 /*
1140 * bestpath has changed; update relevant fields and install or uninstall
1141 * into the zebra RIB.
1142 */
1143 if (old_select || new_select)
1144 bgp_bump_version(rn);
1145
1146 if (old_select)
1147 bgp_path_info_unset_flag(rn, old_select, BGP_PATH_SELECTED);
1148 if (new_select) {
1149 bgp_path_info_set_flag(rn, new_select, BGP_PATH_SELECTED);
1150 bgp_path_info_unset_flag(rn, new_select, BGP_PATH_ATTR_CHANGED);
1151 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1152 }
1153
1154 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1155 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1156 ret = evpn_es_install_vtep(bgp, es,
1157 (struct prefix_evpn *)&rn->p,
1158 new_select->attr->nexthop);
1159 } else {
1160 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1161 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1162 ret = evpn_es_uninstall_vtep(
1163 bgp, es, (struct prefix_evpn *)&rn->p,
1164 old_select->attr->nexthop);
1165 }
1166
1167 /* Clear any route change flags. */
1168 bgp_zebra_clear_route_change_flags(rn);
1169
1170 /* Reap old select bgp_path_info, if it has been removed */
1171 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1172 bgp_path_info_reap(rn, old_select);
1173
1174 return ret;
1175 }
1176
1177 /*
1178 * Calculate the best path for an EVPN route. Install/update best path in zebra,
1179 * if appropriate.
1180 */
1181 static int evpn_route_select_install(struct bgp *bgp, struct bgpevpn *vpn,
1182 struct bgp_node *rn)
1183 {
1184 struct bgp_path_info *old_select, *new_select;
1185 struct bgp_path_info_pair old_and_new;
1186 afi_t afi = AFI_L2VPN;
1187 safi_t safi = SAFI_EVPN;
1188 int ret = 0;
1189
1190 /* Compute the best path. */
1191 bgp_best_selection(bgp, rn, &bgp->maxpaths[afi][safi], &old_and_new,
1192 afi, safi);
1193 old_select = old_and_new.old;
1194 new_select = old_and_new.new;
1195
1196 /* If the best path hasn't changed - see if there is still something to
1197 * update
1198 * to zebra RIB.
1199 */
1200 if (old_select && old_select == new_select
1201 && old_select->type == ZEBRA_ROUTE_BGP
1202 && old_select->sub_type == BGP_ROUTE_IMPORTED
1203 && !CHECK_FLAG(rn->flags, BGP_NODE_USER_CLEAR)
1204 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1205 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1206 if (bgp_zebra_has_route_changed(rn, old_select))
1207 ret = evpn_zebra_install(
1208 bgp, vpn, (struct prefix_evpn *)&rn->p,
1209 old_select);
1210 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1211 bgp_zebra_clear_route_change_flags(rn);
1212 return ret;
1213 }
1214
1215 /* If the user did a "clear" this flag will be set */
1216 UNSET_FLAG(rn->flags, BGP_NODE_USER_CLEAR);
1217
1218 /* bestpath has changed; update relevant fields and install or uninstall
1219 * into the zebra RIB.
1220 */
1221 if (old_select || new_select)
1222 bgp_bump_version(rn);
1223
1224 if (old_select)
1225 bgp_path_info_unset_flag(rn, old_select, BGP_PATH_SELECTED);
1226 if (new_select) {
1227 bgp_path_info_set_flag(rn, new_select, BGP_PATH_SELECTED);
1228 bgp_path_info_unset_flag(rn, new_select, BGP_PATH_ATTR_CHANGED);
1229 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1230 }
1231
1232 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1233 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1234 ret = evpn_zebra_install(bgp, vpn, (struct prefix_evpn *)&rn->p,
1235 new_select);
1236
1237 /* If an old best existed and it was a "local" route, the only
1238 * reason
1239 * it would be supplanted is due to MAC mobility procedures. So,
1240 * we
1241 * need to do an implicit delete and withdraw that route from
1242 * peers.
1243 */
1244 if (old_select && old_select->peer == bgp->peer_self
1245 && old_select->type == ZEBRA_ROUTE_BGP
1246 && old_select->sub_type == BGP_ROUTE_STATIC)
1247 evpn_delete_old_local_route(bgp, vpn, rn, old_select);
1248 } else {
1249 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1250 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1251 ret = evpn_zebra_uninstall(bgp, vpn,
1252 (struct prefix_evpn *)&rn->p,
1253 old_select->attr->nexthop);
1254 }
1255
1256 /* Clear any route change flags. */
1257 bgp_zebra_clear_route_change_flags(rn);
1258
1259 /* Reap old select bgp_path_info, if it has been removed */
1260 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1261 bgp_path_info_reap(rn, old_select);
1262
1263 return ret;
1264 }
1265
1266 /*
1267 * Return true if the local ri for this rn is of type gateway mac
1268 */
1269 static int evpn_route_is_def_gw(struct bgp *bgp, struct bgp_node *rn)
1270 {
1271 struct bgp_path_info *tmp_pi = NULL;
1272 struct bgp_path_info *local_pi = NULL;
1273
1274 local_pi = NULL;
1275 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1276 tmp_pi = tmp_pi->next) {
1277 if (tmp_pi->peer == bgp->peer_self
1278 && tmp_pi->type == ZEBRA_ROUTE_BGP
1279 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1280 local_pi = tmp_pi;
1281 }
1282
1283 if (!local_pi)
1284 return 0;
1285
1286 return local_pi->attr->default_gw;
1287 }
1288
1289
1290 /*
1291 * Return true if the local ri for this rn has sticky set
1292 */
1293 static int evpn_route_is_sticky(struct bgp *bgp, struct bgp_node *rn)
1294 {
1295 struct bgp_path_info *tmp_pi;
1296 struct bgp_path_info *local_pi;
1297
1298 local_pi = NULL;
1299 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1300 tmp_pi = tmp_pi->next) {
1301 if (tmp_pi->peer == bgp->peer_self
1302 && tmp_pi->type == ZEBRA_ROUTE_BGP
1303 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1304 local_pi = tmp_pi;
1305 }
1306
1307 if (!local_pi)
1308 return 0;
1309
1310 return local_pi->attr->sticky;
1311 }
1312
1313 /*
1314 * create or update EVPN type4 route entry.
1315 * This could be in the ES table or the global table.
1316 * TODO: handle remote ES (type4) routes as well
1317 */
1318 static int update_evpn_type4_route_entry(struct bgp *bgp, struct evpnes *es,
1319 afi_t afi, safi_t safi,
1320 struct bgp_node *rn, struct attr *attr,
1321 int add, struct bgp_path_info **ri,
1322 int *route_changed)
1323 {
1324 char buf[ESI_STR_LEN];
1325 char buf1[INET6_ADDRSTRLEN];
1326 struct bgp_path_info *tmp_pi = NULL;
1327 struct bgp_path_info *local_pi = NULL; /* local route entry if any */
1328 struct bgp_path_info *remote_pi = NULL; /* remote route entry if any */
1329 struct attr *attr_new = NULL;
1330 struct prefix_evpn *evp = NULL;
1331
1332 *ri = NULL;
1333 *route_changed = 1;
1334 evp = (struct prefix_evpn *)&rn->p;
1335
1336 /* locate the local and remote entries if any */
1337 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1338 tmp_pi = tmp_pi->next) {
1339 if (tmp_pi->peer == bgp->peer_self
1340 && tmp_pi->type == ZEBRA_ROUTE_BGP
1341 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1342 local_pi = tmp_pi;
1343 if (tmp_pi->type == ZEBRA_ROUTE_BGP
1344 && tmp_pi->sub_type == BGP_ROUTE_IMPORTED
1345 && CHECK_FLAG(tmp_pi->flags, BGP_PATH_VALID))
1346 remote_pi = tmp_pi;
1347 }
1348
1349 /* we don't expect to see a remote_ri at this point.
1350 * An ES route has esi + vtep_ip as the key,
1351 * We shouldn't see the same route from any other vtep.
1352 */
1353 if (remote_pi) {
1354 flog_err(
1355 EC_BGP_ES_INVALID,
1356 "%u ERROR: local es route for ESI: %s Vtep %s also learnt from remote",
1357 bgp->vrf_id,
1358 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)),
1359 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1360 return -1;
1361 }
1362
1363 if (!local_pi && !add)
1364 return 0;
1365
1366 /* create or update the entry */
1367 if (!local_pi) {
1368
1369 /* Add or update attribute to hash */
1370 attr_new = bgp_attr_intern(attr);
1371
1372 /* Create new route with its attribute. */
1373 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1374 bgp->peer_self, attr_new, rn);
1375 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1376
1377 /* add the newly created path to the route-node */
1378 bgp_path_info_add(rn, tmp_pi);
1379 } else {
1380 tmp_pi = local_pi;
1381 if (attrhash_cmp(tmp_pi->attr, attr)
1382 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1383 *route_changed = 0;
1384 else {
1385 /* The attribute has changed.
1386 * Add (or update) attribute to hash. */
1387 attr_new = bgp_attr_intern(attr);
1388 bgp_path_info_set_flag(rn, tmp_pi,
1389 BGP_PATH_ATTR_CHANGED);
1390
1391 /* Restore route, if needed. */
1392 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1393 bgp_path_info_restore(rn, tmp_pi);
1394
1395 /* Unintern existing, set to new. */
1396 bgp_attr_unintern(&tmp_pi->attr);
1397 tmp_pi->attr = attr_new;
1398 tmp_pi->uptime = bgp_clock();
1399 }
1400 }
1401
1402 /* Return back the route entry. */
1403 *ri = tmp_pi;
1404 return 0;
1405 }
1406
1407 /* update evpn es (type-4) route */
1408 static int update_evpn_type4_route(struct bgp *bgp,
1409 struct evpnes *es,
1410 struct prefix_evpn *p)
1411 {
1412 int ret = 0;
1413 int route_changed = 0;
1414 char buf[ESI_STR_LEN];
1415 char buf1[INET6_ADDRSTRLEN];
1416 afi_t afi = AFI_L2VPN;
1417 safi_t safi = SAFI_EVPN;
1418 struct attr attr;
1419 struct attr *attr_new = NULL;
1420 struct bgp_node *rn = NULL;
1421 struct bgp_path_info *pi = NULL;
1422
1423 memset(&attr, 0, sizeof(struct attr));
1424
1425 /* Build path-attribute for this route. */
1426 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1427 attr.nexthop = es->originator_ip.ipaddr_v4;
1428 attr.mp_nexthop_global_in = es->originator_ip.ipaddr_v4;
1429 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1430
1431 /* Set up extended community. */
1432 build_evpn_type4_route_extcomm(es, &attr);
1433
1434 /* First, create (or fetch) route node within the ESI. */
1435 /* NOTE: There is no RD here. */
1436 rn = bgp_node_get(es->route_table, (struct prefix *)p);
1437
1438 /* Create or update route entry. */
1439 ret = update_evpn_type4_route_entry(bgp, es, afi, safi, rn, &attr, 1,
1440 &pi, &route_changed);
1441 if (ret != 0) {
1442 flog_err(EC_BGP_ES_INVALID,
1443 "%u ERROR: Failed to updated ES route ESI: %s VTEP %s",
1444 bgp->vrf_id,
1445 esi_to_str(&p->prefix.es_addr.esi, buf, sizeof(buf)),
1446 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1447 }
1448
1449 assert(pi);
1450 attr_new = pi->attr;
1451
1452 /* Perform route selection;
1453 * this is just to set the flags correctly
1454 * as local route in the ES always wins.
1455 */
1456 evpn_es_route_select_install(bgp, es, rn);
1457 bgp_unlock_node(rn);
1458
1459 /* If this is a new route or some attribute has changed, export the
1460 * route to the global table. The route will be advertised to peers
1461 * from there. Note that this table is a 2-level tree (RD-level +
1462 * Prefix-level) similar to L3VPN routes.
1463 */
1464 if (route_changed) {
1465 struct bgp_path_info *global_pi;
1466
1467 rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1468 (struct prefix *)p, &es->prd);
1469 update_evpn_type4_route_entry(bgp, es, afi, safi, rn, attr_new,
1470 1, &global_pi, &route_changed);
1471
1472 /* Schedule for processing and unlock node. */
1473 bgp_process(bgp, rn, afi, safi);
1474 bgp_unlock_node(rn);
1475 }
1476
1477 /* Unintern temporary. */
1478 aspath_unintern(&attr.aspath);
1479 return 0;
1480 }
1481
1482 static int update_evpn_type5_route_entry(struct bgp *bgp_evpn,
1483 struct bgp *bgp_vrf, afi_t afi,
1484 safi_t safi, struct bgp_node *rn,
1485 struct attr *attr, int *route_changed)
1486 {
1487 struct attr *attr_new = NULL;
1488 struct bgp_path_info *pi = NULL;
1489 mpls_label_t label = MPLS_INVALID_LABEL;
1490 struct bgp_path_info *local_pi = NULL;
1491 struct bgp_path_info *tmp_pi = NULL;
1492
1493 *route_changed = 0;
1494 /* locate the local route entry if any */
1495 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1496 tmp_pi = tmp_pi->next) {
1497 if (tmp_pi->peer == bgp_evpn->peer_self
1498 && tmp_pi->type == ZEBRA_ROUTE_BGP
1499 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1500 local_pi = tmp_pi;
1501 }
1502
1503 /*
1504 * create a new route entry if one doesn't exist.
1505 * Otherwise see if route attr has changed
1506 */
1507 if (!local_pi) {
1508
1509 /* route has changed as this is the first entry */
1510 *route_changed = 1;
1511
1512 /* Add (or update) attribute to hash. */
1513 attr_new = bgp_attr_intern(attr);
1514
1515 /* create the route info from attribute */
1516 pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1517 bgp_evpn->peer_self, attr_new, rn);
1518 SET_FLAG(pi->flags, BGP_PATH_VALID);
1519
1520 /* Type-5 routes advertise the L3-VNI */
1521 bgp_path_info_extra_get(pi);
1522 vni2label(bgp_vrf->l3vni, &label);
1523 memcpy(&pi->extra->label, &label, sizeof(label));
1524 pi->extra->num_labels = 1;
1525
1526 /* add the route entry to route node*/
1527 bgp_path_info_add(rn, pi);
1528 } else {
1529
1530 tmp_pi = local_pi;
1531 if (!attrhash_cmp(tmp_pi->attr, attr)) {
1532
1533 /* attribute changed */
1534 *route_changed = 1;
1535
1536 /* The attribute has changed. */
1537 /* Add (or update) attribute to hash. */
1538 attr_new = bgp_attr_intern(attr);
1539 bgp_path_info_set_flag(rn, tmp_pi,
1540 BGP_PATH_ATTR_CHANGED);
1541
1542 /* Restore route, if needed. */
1543 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1544 bgp_path_info_restore(rn, tmp_pi);
1545
1546 /* Unintern existing, set to new. */
1547 bgp_attr_unintern(&tmp_pi->attr);
1548 tmp_pi->attr = attr_new;
1549 tmp_pi->uptime = bgp_clock();
1550 }
1551 }
1552 return 0;
1553 }
1554
1555 /* update evpn type-5 route entry */
1556 static int update_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp,
1557 struct attr *src_attr)
1558 {
1559 afi_t afi = AFI_L2VPN;
1560 safi_t safi = SAFI_EVPN;
1561 struct attr attr;
1562 struct bgp_node *rn = NULL;
1563 struct bgp *bgp_evpn = NULL;
1564 int route_changed = 0;
1565
1566 bgp_evpn = bgp_get_evpn();
1567 if (!bgp_evpn)
1568 return 0;
1569
1570 /* Build path attribute for this route - use the source attr, if
1571 * present, else treat as locally originated.
1572 */
1573 if (src_attr)
1574 bgp_attr_dup(&attr, src_attr);
1575 else {
1576 memset(&attr, 0, sizeof(struct attr));
1577 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1578 }
1579
1580 /* copy sys rmac */
1581 memcpy(&attr.rmac, &bgp_vrf->evpn_info->pip_rmac, ETH_ALEN);
1582 /* Advertise Primary IP (PIP) is enabled, send individual
1583 * IP (default instance router-id) as nexthop.
1584 * PIP is disabled or vrr interface is not present
1585 * use anycast-IP as nexthop.
1586 */
1587 if (!bgp_vrf->evpn_info->advertise_pip ||
1588 (!bgp_vrf->evpn_info->is_anycast_mac)) {
1589 attr.nexthop = bgp_vrf->originator_ip;
1590 attr.mp_nexthop_global_in = bgp_vrf->originator_ip;
1591 } else {
1592 if (bgp_vrf->evpn_info->pip_ip.s_addr != INADDR_ANY) {
1593 attr.nexthop = bgp_vrf->evpn_info->pip_ip;
1594 attr.mp_nexthop_global_in = bgp_vrf->evpn_info->pip_ip;
1595 } else if (bgp_vrf->evpn_info->pip_ip.s_addr == INADDR_ANY)
1596 if (bgp_debug_zebra(NULL)) {
1597 char buf1[PREFIX_STRLEN];
1598
1599 zlog_debug("VRF %s evp %s advertise-pip primary ip is not configured",
1600 vrf_id_to_name(bgp_vrf->vrf_id),
1601 prefix2str(evp, buf1, sizeof(buf1)));
1602 }
1603 }
1604
1605 if (bgp_debug_zebra(NULL)) {
1606 char buf[ETHER_ADDR_STRLEN];
1607 char buf1[PREFIX_STRLEN];
1608
1609 zlog_debug("VRF %s type-5 route evp %s RMAC %s nexthop %s",
1610 vrf_id_to_name(bgp_vrf->vrf_id),
1611 prefix2str(evp, buf1, sizeof(buf1)),
1612 prefix_mac2str(&attr.rmac, buf, sizeof(buf)),
1613 inet_ntoa(attr.nexthop));
1614 }
1615
1616 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1617
1618 /* Setup RT and encap extended community */
1619 build_evpn_type5_route_extcomm(bgp_vrf, &attr);
1620
1621 /* get the route node in global table */
1622 rn = bgp_afi_node_get(bgp_evpn->rib[afi][safi], afi, safi,
1623 (struct prefix *)evp, &bgp_vrf->vrf_prd);
1624 assert(rn);
1625
1626 /* create or update the route entry within the route node */
1627 update_evpn_type5_route_entry(bgp_evpn, bgp_vrf, afi, safi, rn, &attr,
1628 &route_changed);
1629
1630 /* schedule for processing and unlock node */
1631 if (route_changed) {
1632 bgp_process(bgp_evpn, rn, afi, safi);
1633 bgp_unlock_node(rn);
1634 }
1635
1636 /* uninten temporary */
1637 if (!src_attr)
1638 aspath_unintern(&attr.aspath);
1639 return 0;
1640 }
1641
1642 /*
1643 * Create or update EVPN route entry. This could be in the VNI route table
1644 * or the global route table.
1645 */
1646 static int update_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
1647 afi_t afi, safi_t safi, struct bgp_node *rn,
1648 struct attr *attr, int add,
1649 struct bgp_path_info **pi, uint8_t flags,
1650 uint32_t seq)
1651 {
1652 struct bgp_path_info *tmp_pi;
1653 struct bgp_path_info *local_pi;
1654 struct attr *attr_new;
1655 mpls_label_t label[BGP_MAX_LABELS];
1656 uint32_t num_labels = 1;
1657 int route_change = 1;
1658 uint8_t sticky = 0;
1659 struct prefix_evpn *evp;
1660
1661 *pi = NULL;
1662 evp = (struct prefix_evpn *)&rn->p;
1663 memset(&label, 0, sizeof(label));
1664
1665 /* See if this is an update of an existing route, or a new add. */
1666 local_pi = NULL;
1667 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1668 tmp_pi = tmp_pi->next) {
1669 if (tmp_pi->peer == bgp->peer_self
1670 && tmp_pi->type == ZEBRA_ROUTE_BGP
1671 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1672 local_pi = tmp_pi;
1673 }
1674
1675 /* If route doesn't exist already, create a new one, if told to.
1676 * Otherwise act based on whether the attributes of the route have
1677 * changed or not.
1678 */
1679 if (!local_pi && !add)
1680 return 0;
1681
1682 /* For non-GW MACs, update MAC mobility seq number, if needed. */
1683 if (seq && !CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW))
1684 add_mac_mobility_to_attr(seq, attr);
1685
1686 if (!local_pi) {
1687 /* Add (or update) attribute to hash. */
1688 attr_new = bgp_attr_intern(attr);
1689
1690 /* Extract MAC mobility sequence number, if any. */
1691 attr_new->mm_seqnum =
1692 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1693 attr_new->sticky = sticky;
1694
1695 /* Create new route with its attribute. */
1696 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1697 bgp->peer_self, attr_new, rn);
1698 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1699 bgp_path_info_extra_get(tmp_pi);
1700
1701 /* The VNI goes into the 'label' field of the route */
1702 vni2label(vpn->vni, &label[0]);
1703
1704 /* Type-2 routes may carry a second VNI - the L3-VNI.
1705 * Only attach second label if we are advertising two labels for
1706 * type-2 routes.
1707 */
1708 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1709 && CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS)) {
1710 vni_t l3vni;
1711
1712 l3vni = bgpevpn_get_l3vni(vpn);
1713 if (l3vni) {
1714 vni2label(l3vni, &label[1]);
1715 num_labels++;
1716 }
1717 }
1718
1719 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1720 tmp_pi->extra->num_labels = num_labels;
1721 /* Mark route as self type-2 route */
1722 if (flags && CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_SVI_IP))
1723 tmp_pi->extra->af_flags = BGP_EVPN_MACIP_TYPE_SVI_IP;
1724 bgp_path_info_add(rn, tmp_pi);
1725 } else {
1726 tmp_pi = local_pi;
1727 if (attrhash_cmp(tmp_pi->attr, attr)
1728 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1729 route_change = 0;
1730 else {
1731 /*
1732 * The attributes have changed, type-2 routes needs to
1733 * be advertised with right labels.
1734 */
1735 vni2label(vpn->vni, &label[0]);
1736 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1737 && CHECK_FLAG(vpn->flags,
1738 VNI_FLAG_USE_TWO_LABELS)) {
1739 vni_t l3vni;
1740
1741 l3vni = bgpevpn_get_l3vni(vpn);
1742 if (l3vni) {
1743 vni2label(l3vni, &label[1]);
1744 num_labels++;
1745 }
1746 }
1747 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1748 tmp_pi->extra->num_labels = num_labels;
1749
1750 /* The attribute has changed. */
1751 /* Add (or update) attribute to hash. */
1752 attr_new = bgp_attr_intern(attr);
1753 bgp_path_info_set_flag(rn, tmp_pi,
1754 BGP_PATH_ATTR_CHANGED);
1755
1756 /* Extract MAC mobility sequence number, if any. */
1757 attr_new->mm_seqnum =
1758 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1759 attr_new->sticky = sticky;
1760
1761 /* Restore route, if needed. */
1762 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1763 bgp_path_info_restore(rn, tmp_pi);
1764
1765 /* Unintern existing, set to new. */
1766 bgp_attr_unintern(&tmp_pi->attr);
1767 tmp_pi->attr = attr_new;
1768 tmp_pi->uptime = bgp_clock();
1769 }
1770 }
1771
1772 /* Return back the route entry. */
1773 *pi = tmp_pi;
1774 return route_change;
1775 }
1776
1777 static void evpn_zebra_reinstall_best_route(struct bgp *bgp,
1778 struct bgpevpn *vpn, struct bgp_node *rn)
1779 {
1780 struct bgp_path_info *tmp_ri;
1781 struct bgp_path_info *curr_select = NULL;
1782
1783 for (tmp_ri = bgp_node_get_bgp_path_info(rn);
1784 tmp_ri; tmp_ri = tmp_ri->next) {
1785 if (CHECK_FLAG(tmp_ri->flags, BGP_PATH_SELECTED)) {
1786 curr_select = tmp_ri;
1787 break;
1788 }
1789 }
1790
1791 if (curr_select && curr_select->type == ZEBRA_ROUTE_BGP
1792 && curr_select->sub_type == BGP_ROUTE_IMPORTED)
1793 evpn_zebra_install(bgp, vpn,
1794 (struct prefix_evpn *)&rn->p,
1795 curr_select);
1796 }
1797
1798 /*
1799 * If the local route was not selected evict it and tell zebra to re-add
1800 * the best remote dest.
1801 *
1802 * Typically a local path added by zebra is expected to be selected as
1803 * best. In which case when a remote path wins as best (later)
1804 * evpn_route_select_install itself evicts the older-local-best path.
1805 *
1806 * However if bgp's add and zebra's add cross paths (race condition) it
1807 * is possible that the local path is no longer the "older" best path.
1808 * It is a path that was never designated as best and hence requires
1809 * additional handling to prevent bgp from injecting and holding on to a
1810 * non-best local path.
1811 */
1812 static void evpn_cleanup_local_non_best_route(struct bgp *bgp,
1813 struct bgpevpn *vpn,
1814 struct bgp_node *rn,
1815 struct bgp_path_info *local_pi)
1816 {
1817 char buf[PREFIX_STRLEN];
1818
1819 /* local path was not picked as the winner; kick it out */
1820 if (bgp_debug_zebra(NULL)) {
1821 zlog_debug("evicting local evpn prefix %s as remote won",
1822 prefix2str(&rn->p, buf, sizeof(buf)));
1823 }
1824 evpn_delete_old_local_route(bgp, vpn, rn, local_pi);
1825 bgp_path_info_reap(rn, local_pi);
1826
1827 /* tell zebra to re-add the best remote path */
1828 evpn_zebra_reinstall_best_route(bgp, vpn, rn);
1829 }
1830
1831 /*
1832 * Create or update EVPN route (of type based on prefix) for specified VNI
1833 * and schedule for processing.
1834 */
1835 static int update_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
1836 struct prefix_evpn *p, uint8_t flags,
1837 uint32_t seq)
1838 {
1839 struct bgp_node *rn;
1840 struct attr attr;
1841 struct attr *attr_new;
1842 int add_l3_ecomm = 0;
1843 struct bgp_path_info *pi;
1844 afi_t afi = AFI_L2VPN;
1845 safi_t safi = SAFI_EVPN;
1846 int route_change;
1847
1848 memset(&attr, 0, sizeof(struct attr));
1849
1850 /* Build path-attribute for this route. */
1851 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1852 attr.nexthop = vpn->originator_ip;
1853 attr.mp_nexthop_global_in = vpn->originator_ip;
1854 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1855 attr.sticky = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY) ? 1 : 0;
1856 attr.default_gw = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW) ? 1 : 0;
1857 attr.router_flag = CHECK_FLAG(flags,
1858 ZEBRA_MACIP_TYPE_ROUTER_FLAG) ? 1 : 0;
1859
1860 /* PMSI is only needed for type-3 routes */
1861 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
1862 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
1863 attr.pmsi_tnl_type = PMSI_TNLTYPE_INGR_REPL;
1864 }
1865
1866 /* router mac is only needed for type-2 routes here. */
1867 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
1868 uint8_t af_flags = 0;
1869
1870 if (CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_SVI_IP))
1871 SET_FLAG(af_flags, BGP_EVPN_MACIP_TYPE_SVI_IP);
1872
1873 bgp_evpn_get_rmac_nexthop(vpn, p, &attr, af_flags);
1874
1875 if (bgp_debug_zebra(NULL)) {
1876 char buf[ETHER_ADDR_STRLEN];
1877 char buf1[PREFIX_STRLEN];
1878
1879 zlog_debug("VRF %s vni %u type-2 route evp %s RMAC %s nexthop %s",
1880 vpn->bgp_vrf ?
1881 vrf_id_to_name(vpn->bgp_vrf->vrf_id) : " ",
1882 vpn->vni,
1883 prefix2str(p, buf1, sizeof(buf1)),
1884 prefix_mac2str(&attr.rmac, buf,
1885 sizeof(buf)),
1886 inet_ntoa(attr.mp_nexthop_global_in));
1887 }
1888 }
1889
1890 vni2label(vpn->vni, &(attr.label));
1891
1892 /* Include L3 VNI related RTs and RMAC for type-2 routes, if they're
1893 * IPv4 or IPv6 global addresses and we're advertising L3VNI with
1894 * these routes.
1895 */
1896 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE &&
1897 (is_evpn_prefix_ipaddr_v4(p) ||
1898 !IN6_IS_ADDR_LINKLOCAL(&p->prefix.macip_addr.ip.ipaddr_v6)) &&
1899 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
1900 bgpevpn_get_l3vni(vpn))
1901 add_l3_ecomm = 1;
1902
1903 /* Set up extended community. */
1904 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
1905
1906 /* First, create (or fetch) route node within the VNI. */
1907 /* NOTE: There is no RD here. */
1908 rn = bgp_node_get(vpn->route_table, (struct prefix *)p);
1909
1910 /* Create or update route entry. */
1911 route_change = update_evpn_route_entry(bgp, vpn, afi, safi, rn, &attr,
1912 1, &pi, flags, seq);
1913 assert(pi);
1914 attr_new = pi->attr;
1915
1916 /* lock ri to prevent freeing in evpn_route_select_install */
1917 bgp_path_info_lock(pi);
1918 /* Perform route selection; this is just to set the flags correctly
1919 * as local route in the VNI always wins.
1920 */
1921 evpn_route_select_install(bgp, vpn, rn);
1922 /*
1923 * If the new local route was not selected evict it and tell zebra
1924 * to re-add the best remote dest. BGP doesn't retain non-best local
1925 * routes.
1926 */
1927 if (!CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)) {
1928 route_change = 0;
1929 evpn_cleanup_local_non_best_route(bgp, vpn, rn, pi);
1930 }
1931 bgp_path_info_unlock(pi);
1932
1933 bgp_unlock_node(rn);
1934
1935 /* If this is a new route or some attribute has changed, export the
1936 * route to the global table. The route will be advertised to peers
1937 * from there. Note that this table is a 2-level tree (RD-level +
1938 * Prefix-level) similar to L3VPN routes.
1939 */
1940 if (route_change) {
1941 struct bgp_path_info *global_pi;
1942
1943 rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1944 (struct prefix *)p, &vpn->prd);
1945 update_evpn_route_entry(bgp, vpn, afi, safi, rn, attr_new, 1,
1946 &global_pi, flags, seq);
1947
1948 /* Schedule for processing and unlock node. */
1949 bgp_process(bgp, rn, afi, safi);
1950 bgp_unlock_node(rn);
1951 }
1952
1953 /* Unintern temporary. */
1954 aspath_unintern(&attr.aspath);
1955
1956 return 0;
1957 }
1958
1959 /*
1960 * Delete EVPN route entry.
1961 * The entry can be in ESI/VNI table or the global table.
1962 */
1963 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
1964 struct bgp_node *rn,
1965 struct bgp_path_info **pi)
1966 {
1967 struct bgp_path_info *tmp_pi;
1968
1969 *pi = NULL;
1970
1971 /* Now, find matching route. */
1972 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1973 tmp_pi = tmp_pi->next)
1974 if (tmp_pi->peer == bgp->peer_self
1975 && tmp_pi->type == ZEBRA_ROUTE_BGP
1976 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1977 break;
1978
1979 *pi = tmp_pi;
1980
1981 /* Mark route for delete. */
1982 if (tmp_pi)
1983 bgp_path_info_delete(rn, tmp_pi);
1984 }
1985
1986
1987
1988 /* Delete EVPN ES (type-4) route */
1989 static int delete_evpn_type4_route(struct bgp *bgp,
1990 struct evpnes *es,
1991 struct prefix_evpn *p)
1992 {
1993 afi_t afi = AFI_L2VPN;
1994 safi_t safi = SAFI_EVPN;
1995 struct bgp_path_info *pi;
1996 struct bgp_node *rn = NULL; /* rn in esi table */
1997 struct bgp_node *global_rn = NULL; /* rn in global table */
1998
1999 /* First, locate the route node within the ESI.
2000 * If it doesn't exist, ther is nothing to do.
2001 * Note: there is no RD here.
2002 */
2003 rn = bgp_node_lookup(es->route_table, (struct prefix *)p);
2004 if (!rn)
2005 return 0;
2006
2007 /* Next, locate route node in the global EVPN routing table.
2008 * Note that this table is a 2-level tree (RD-level + Prefix-level)
2009 */
2010 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
2011 (struct prefix *)p, &es->prd);
2012 if (global_rn) {
2013
2014 /* Delete route entry in the global EVPN table. */
2015 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
2016
2017 /* Schedule for processing - withdraws to peers happen from
2018 * this table.
2019 */
2020 if (pi)
2021 bgp_process(bgp, global_rn, afi, safi);
2022 bgp_unlock_node(global_rn);
2023 }
2024
2025 /*
2026 * Delete route entry in the ESI route table.
2027 * This can just be removed.
2028 */
2029 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2030 if (pi)
2031 bgp_path_info_reap(rn, pi);
2032 bgp_unlock_node(rn);
2033 return 0;
2034 }
2035
2036 /* Delete EVPN type5 route */
2037 static int delete_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp)
2038 {
2039 afi_t afi = AFI_L2VPN;
2040 safi_t safi = SAFI_EVPN;
2041 struct bgp_node *rn = NULL;
2042 struct bgp_path_info *pi = NULL;
2043 struct bgp *bgp_evpn = NULL; /* evpn bgp instance */
2044
2045 bgp_evpn = bgp_get_evpn();
2046 if (!bgp_evpn)
2047 return 0;
2048
2049 /* locate the global route entry for this type-5 prefix */
2050 rn = bgp_afi_node_lookup(bgp_evpn->rib[afi][safi], afi, safi,
2051 (struct prefix *)evp, &bgp_vrf->vrf_prd);
2052 if (!rn)
2053 return 0;
2054
2055 delete_evpn_route_entry(bgp_evpn, afi, safi, rn, &pi);
2056 if (pi)
2057 bgp_process(bgp_evpn, rn, afi, safi);
2058 bgp_unlock_node(rn);
2059 return 0;
2060 }
2061
2062 /*
2063 * Delete EVPN route (of type based on prefix) for specified VNI and
2064 * schedule for processing.
2065 */
2066 static int delete_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
2067 struct prefix_evpn *p)
2068 {
2069 struct bgp_node *rn, *global_rn;
2070 struct bgp_path_info *pi;
2071 afi_t afi = AFI_L2VPN;
2072 safi_t safi = SAFI_EVPN;
2073
2074 /* First, locate the route node within the VNI. If it doesn't exist,
2075 * there
2076 * is nothing further to do.
2077 */
2078 /* NOTE: There is no RD here. */
2079 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
2080 if (!rn)
2081 return 0;
2082
2083 /* Next, locate route node in the global EVPN routing table. Note that
2084 * this table is a 2-level tree (RD-level + Prefix-level) similar to
2085 * L3VPN routes.
2086 */
2087 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
2088 (struct prefix *)p, &vpn->prd);
2089 if (global_rn) {
2090 /* Delete route entry in the global EVPN table. */
2091 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
2092
2093 /* Schedule for processing - withdraws to peers happen from
2094 * this table.
2095 */
2096 if (pi)
2097 bgp_process(bgp, global_rn, afi, safi);
2098 bgp_unlock_node(global_rn);
2099 }
2100
2101 /* Delete route entry in the VNI route table. This can just be removed.
2102 */
2103 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2104 if (pi) {
2105 bgp_path_info_reap(rn, pi);
2106 evpn_route_select_install(bgp, vpn, rn);
2107 }
2108 bgp_unlock_node(rn);
2109
2110 return 0;
2111 }
2112
2113 /*
2114 * Update all type-2 (MACIP) local routes for this VNI - these should also
2115 * be scheduled for advertise to peers.
2116 */
2117 static int update_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2118 {
2119 afi_t afi;
2120 safi_t safi;
2121 struct bgp_node *rn;
2122 struct bgp_path_info *pi, *tmp_pi;
2123 struct attr attr;
2124 struct attr *attr_new;
2125 uint32_t seq;
2126 int add_l3_ecomm = 0;
2127
2128 afi = AFI_L2VPN;
2129 safi = SAFI_EVPN;
2130
2131 /* Walk this VNI's route table and update local type-2 routes. For any
2132 * routes updated, update corresponding entry in the global table too.
2133 */
2134 for (rn = bgp_table_top(vpn->route_table); rn;
2135 rn = bgp_route_next(rn)) {
2136 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2137 struct bgp_node *rd_rn;
2138 struct bgp_path_info *global_pi;
2139
2140 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2141 continue;
2142
2143 /* Identify local route. */
2144 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
2145 tmp_pi = tmp_pi->next) {
2146 if (tmp_pi->peer == bgp->peer_self
2147 && tmp_pi->type == ZEBRA_ROUTE_BGP
2148 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
2149 break;
2150 }
2151
2152 if (!tmp_pi)
2153 continue;
2154
2155 /*
2156 * Build attribute per local route as the MAC mobility and
2157 * some other values could differ for different routes. The
2158 * attributes will be shared in the hash table.
2159 */
2160 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
2161 attr.nexthop = vpn->originator_ip;
2162 attr.mp_nexthop_global_in = vpn->originator_ip;
2163 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
2164 bgp_evpn_get_rmac_nexthop(vpn, evp, &attr,
2165 tmp_pi->extra->af_flags);
2166
2167 if (evpn_route_is_sticky(bgp, rn))
2168 attr.sticky = 1;
2169 else if (evpn_route_is_def_gw(bgp, rn)) {
2170 attr.default_gw = 1;
2171 if (is_evpn_prefix_ipaddr_v6(evp))
2172 attr.router_flag = 1;
2173 }
2174
2175 if (bgp_debug_zebra(NULL)) {
2176 char buf[ETHER_ADDR_STRLEN];
2177 char buf1[PREFIX_STRLEN];
2178
2179 zlog_debug("VRF %s vni %u evp %s RMAC %s nexthop %s",
2180 vpn->bgp_vrf ?
2181 vrf_id_to_name(vpn->bgp_vrf->vrf_id) : " ",
2182 vpn->vni,
2183 prefix2str(evp, buf1, sizeof(buf1)),
2184 prefix_mac2str(&attr.rmac, buf, sizeof(buf)),
2185 inet_ntoa(attr.mp_nexthop_global_in));
2186 }
2187
2188 /* Add L3 VNI RTs and RMAC for non IPv6 link-local if
2189 * using L3 VNI for type-2 routes also.
2190 */
2191 if ((is_evpn_prefix_ipaddr_v4(evp) ||
2192 !IN6_IS_ADDR_LINKLOCAL(
2193 &evp->prefix.macip_addr.ip.ipaddr_v6)) &&
2194 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
2195 bgpevpn_get_l3vni(vpn))
2196 add_l3_ecomm = 1;
2197
2198 /* Set up extended community. */
2199 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
2200
2201 seq = mac_mobility_seqnum(tmp_pi->attr);
2202
2203 /* Update the route entry. */
2204 update_evpn_route_entry(bgp, vpn, afi, safi, rn, &attr, 0, &pi,
2205 0, seq);
2206
2207 /* Perform route selection; this is just to set the flags
2208 * correctly as local route in the VNI always wins.
2209 */
2210 evpn_route_select_install(bgp, vpn, rn);
2211
2212 attr_new = pi->attr;
2213
2214 /* Update route in global routing table. */
2215 rd_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
2216 (struct prefix *)evp, &vpn->prd);
2217 assert(rd_rn);
2218 update_evpn_route_entry(bgp, vpn, afi, safi, rd_rn, attr_new, 0,
2219 &global_pi, 0,
2220 mac_mobility_seqnum(attr_new));
2221
2222 /* Schedule for processing and unlock node. */
2223 bgp_process(bgp, rd_rn, afi, safi);
2224 bgp_unlock_node(rd_rn);
2225
2226 /* Unintern temporary. */
2227 aspath_unintern(&attr.aspath);
2228
2229 }
2230
2231 return 0;
2232 }
2233
2234 /*
2235 * Delete all type-2 (MACIP) local routes for this VNI - only from the
2236 * global routing table. These are also scheduled for withdraw from peers.
2237 */
2238 static int delete_global_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2239 {
2240 afi_t afi;
2241 safi_t safi;
2242 struct bgp_node *rdrn, *rn;
2243 struct bgp_table *table;
2244 struct bgp_path_info *pi;
2245
2246 afi = AFI_L2VPN;
2247 safi = SAFI_EVPN;
2248
2249 rdrn = bgp_node_lookup(bgp->rib[afi][safi], (struct prefix *)&vpn->prd);
2250 if (rdrn && bgp_node_has_bgp_path_info_data(rdrn)) {
2251 table = bgp_node_get_bgp_table_info(rdrn);
2252 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2253 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2254
2255 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2256 continue;
2257
2258 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2259 if (pi)
2260 bgp_process(bgp, rn, afi, safi);
2261 }
2262 }
2263
2264 /* Unlock RD node. */
2265 if (rdrn)
2266 bgp_unlock_node(rdrn);
2267
2268 return 0;
2269 }
2270
2271 /*
2272 * Delete all type-2 (MACIP) local routes for this VNI - from the global
2273 * table as well as the per-VNI route table.
2274 */
2275 static int delete_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2276 {
2277 afi_t afi;
2278 safi_t safi;
2279 struct bgp_node *rn;
2280 struct bgp_path_info *pi;
2281
2282 afi = AFI_L2VPN;
2283 safi = SAFI_EVPN;
2284
2285 /* First, walk the global route table for this VNI's type-2 local
2286 * routes.
2287 * EVPN routes are a 2-level table, first get the RD table.
2288 */
2289 delete_global_type2_routes(bgp, vpn);
2290
2291 /* Next, walk this VNI's route table and delete local type-2 routes. */
2292 for (rn = bgp_table_top(vpn->route_table); rn;
2293 rn = bgp_route_next(rn)) {
2294 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2295
2296 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2297 continue;
2298
2299 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2300
2301 /* Route entry in local table gets deleted immediately. */
2302 if (pi)
2303 bgp_path_info_reap(rn, pi);
2304 }
2305
2306 return 0;
2307 }
2308
2309 /*
2310 * Delete all routes in per ES route-table
2311 */
2312 static int delete_all_es_routes(struct bgp *bgp, struct evpnes *es)
2313 {
2314 struct bgp_node *rn;
2315 struct bgp_path_info *pi, *nextpi;
2316
2317 /* Walk this ES's route table and delete all routes. */
2318 for (rn = bgp_table_top(es->route_table); rn;
2319 rn = bgp_route_next(rn)) {
2320 for (pi = bgp_node_get_bgp_path_info(rn);
2321 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
2322 bgp_path_info_delete(rn, pi);
2323 bgp_path_info_reap(rn, pi);
2324 }
2325 }
2326
2327 return 0;
2328 }
2329
2330 /*
2331 * Delete all routes in the per-VNI route table.
2332 */
2333 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
2334 {
2335 struct bgp_node *rn;
2336 struct bgp_path_info *pi, *nextpi;
2337
2338 /* Walk this VNI's route table and delete all routes. */
2339 for (rn = bgp_table_top(vpn->route_table); rn;
2340 rn = bgp_route_next(rn)) {
2341 for (pi = bgp_node_get_bgp_path_info(rn);
2342 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
2343 bgp_path_info_delete(rn, pi);
2344 bgp_path_info_reap(rn, pi);
2345 }
2346 }
2347
2348 return 0;
2349 }
2350
2351 /* BUM traffic flood mode per-l2-vni */
2352 static int bgp_evpn_vni_flood_mode_get(struct bgp *bgp,
2353 struct bgpevpn *vpn)
2354 {
2355 /* if flooding has been globally disabled per-vni mode is
2356 * not relevant
2357 */
2358 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_DISABLED)
2359 return VXLAN_FLOOD_DISABLED;
2360
2361 /* if mcast group ip has been specified we use a PIM-SM MDT */
2362 if (vpn->mcast_grp.s_addr != INADDR_ANY)
2363 return VXLAN_FLOOD_PIM_SM;
2364
2365 /* default is ingress replication */
2366 return VXLAN_FLOOD_HEAD_END_REPL;
2367 }
2368
2369 /*
2370 * Update (and advertise) local routes for a VNI. Invoked upon the VNI
2371 * export RT getting modified or change to tunnel IP. Note that these
2372 * situations need the route in the per-VNI table as well as the global
2373 * table to be updated (as attributes change).
2374 */
2375 int update_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2376 {
2377 int ret;
2378 struct prefix_evpn p;
2379
2380 /* Update and advertise the type-3 route (only one) followed by the
2381 * locally learnt type-2 routes (MACIP) - for this VNI.
2382 *
2383 * RT-3 only if doing head-end replication
2384 */
2385 if (bgp_evpn_vni_flood_mode_get(bgp, vpn)
2386 == VXLAN_FLOOD_HEAD_END_REPL) {
2387 build_evpn_type3_prefix(&p, vpn->originator_ip);
2388 ret = update_evpn_route(bgp, vpn, &p, 0, 0);
2389 if (ret)
2390 return ret;
2391 }
2392
2393 return update_all_type2_routes(bgp, vpn);
2394 }
2395
2396 /* Delete (and withdraw) local routes for specified ES from global and ES table.
2397 * Also remove all other routes from the per ES table.
2398 * Invoked when ES is deleted.
2399 */
2400 static int delete_routes_for_es(struct bgp *bgp, struct evpnes *es)
2401 {
2402 int ret;
2403 char buf[ESI_STR_LEN];
2404 struct prefix_evpn p;
2405
2406 /* Delete and withdraw locally learnt ES route */
2407 build_evpn_type4_prefix(&p, &es->esi, es->originator_ip.ipaddr_v4);
2408 ret = delete_evpn_type4_route(bgp, es, &p);
2409 if (ret) {
2410 flog_err(EC_BGP_EVPN_ROUTE_DELETE,
2411 "%u failed to delete type-4 route for ESI %s",
2412 bgp->vrf_id, esi_to_str(&es->esi, buf, sizeof(buf)));
2413 }
2414
2415 /* Delete all routes from per ES table */
2416 return delete_all_es_routes(bgp, es);
2417 }
2418
2419 /*
2420 * Delete (and withdraw) local routes for specified VNI from the global
2421 * table and per-VNI table. After this, remove all other routes from
2422 * the per-VNI table. Invoked upon the VNI being deleted or EVPN
2423 * (advertise-all-vni) being disabled.
2424 */
2425 static int delete_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2426 {
2427 int ret;
2428 struct prefix_evpn p;
2429
2430 /* Delete and withdraw locally learnt type-2 routes (MACIP)
2431 * followed by type-3 routes (only one) - for this VNI.
2432 */
2433 ret = delete_all_type2_routes(bgp, vpn);
2434 if (ret)
2435 return ret;
2436
2437 build_evpn_type3_prefix(&p, vpn->originator_ip);
2438 ret = delete_evpn_route(bgp, vpn, &p);
2439 if (ret)
2440 return ret;
2441
2442 /* Delete all routes from the per-VNI table. */
2443 return delete_all_vni_routes(bgp, vpn);
2444 }
2445
2446 /*
2447 * There is a flood mcast IP address change. Update the mcast-grp and
2448 * remove the type-3 route if any. A new type-3 route will be generated
2449 * post tunnel_ip update if the new flood mode is head-end-replication.
2450 */
2451 static int bgp_evpn_mcast_grp_change(struct bgp *bgp, struct bgpevpn *vpn,
2452 struct in_addr mcast_grp)
2453 {
2454 struct prefix_evpn p;
2455
2456 vpn->mcast_grp = mcast_grp;
2457
2458 if (is_vni_live(vpn)) {
2459 build_evpn_type3_prefix(&p, vpn->originator_ip);
2460 delete_evpn_route(bgp, vpn, &p);
2461 }
2462
2463 return 0;
2464 }
2465
2466 /*
2467 * There is a tunnel endpoint IP address change for this VNI, delete
2468 * prior type-3 route (if needed) and update.
2469 * Note: Route re-advertisement happens elsewhere after other processing
2470 * other changes.
2471 */
2472 static int handle_tunnel_ip_change(struct bgp *bgp, struct bgpevpn *vpn,
2473 struct in_addr originator_ip)
2474 {
2475 struct prefix_evpn p;
2476
2477 /* If VNI is not live, we only need to update the originator ip */
2478 if (!is_vni_live(vpn)) {
2479 vpn->originator_ip = originator_ip;
2480 return 0;
2481 }
2482
2483 /* Update the tunnel-ip hash */
2484 bgp_tip_del(bgp, &vpn->originator_ip);
2485 bgp_tip_add(bgp, &originator_ip);
2486
2487 /* filter routes as martian nexthop db has changed */
2488 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
2489
2490 /* Need to withdraw type-3 route as the originator IP is part
2491 * of the key.
2492 */
2493 build_evpn_type3_prefix(&p, vpn->originator_ip);
2494 delete_evpn_route(bgp, vpn, &p);
2495
2496 /* Update the tunnel IP and re-advertise all routes for this VNI. */
2497 vpn->originator_ip = originator_ip;
2498 return 0;
2499 }
2500
2501 static struct bgp_path_info *
2502 bgp_create_evpn_bgp_path_info(struct bgp_path_info *parent_pi,
2503 struct bgp_node *rn)
2504 {
2505 struct attr *attr_new;
2506 struct bgp_path_info *pi;
2507
2508 /* Add (or update) attribute to hash. */
2509 attr_new = bgp_attr_intern(parent_pi->attr);
2510
2511 /* Create new route with its attribute. */
2512 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0, parent_pi->peer,
2513 attr_new, rn);
2514 SET_FLAG(pi->flags, BGP_PATH_VALID);
2515 bgp_path_info_extra_get(pi);
2516 pi->extra->parent = bgp_path_info_lock(parent_pi);
2517 bgp_lock_node((struct bgp_node *)parent_pi->net);
2518 if (parent_pi->extra) {
2519 memcpy(&pi->extra->label, &parent_pi->extra->label,
2520 sizeof(pi->extra->label));
2521 pi->extra->num_labels = parent_pi->extra->num_labels;
2522 }
2523 bgp_path_info_add(rn, pi);
2524
2525 return pi;
2526 }
2527
2528 /* Install EVPN route entry in ES */
2529 static int install_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2530 struct prefix_evpn *p,
2531 struct bgp_path_info *parent_pi)
2532 {
2533 int ret = 0;
2534 struct bgp_node *rn = NULL;
2535 struct bgp_path_info *pi = NULL;
2536 struct attr *attr_new = NULL;
2537
2538 /* Create (or fetch) route within the VNI.
2539 * NOTE: There is no RD here.
2540 */
2541 rn = bgp_node_get(es->route_table, (struct prefix *)p);
2542
2543 /* Check if route entry is already present. */
2544 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2545 if (pi->extra
2546 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2547 break;
2548
2549 if (!pi) {
2550 /* Add (or update) attribute to hash. */
2551 attr_new = bgp_attr_intern(parent_pi->attr);
2552
2553 /* Create new route with its attribute. */
2554 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2555 parent_pi->peer, attr_new, rn);
2556 SET_FLAG(pi->flags, BGP_PATH_VALID);
2557 bgp_path_info_extra_get(pi);
2558 pi->extra->parent = bgp_path_info_lock(parent_pi);
2559 bgp_lock_node((struct bgp_node *)parent_pi->net);
2560 bgp_path_info_add(rn, pi);
2561 } else {
2562 if (attrhash_cmp(pi->attr, parent_pi->attr)
2563 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2564 bgp_unlock_node(rn);
2565 return 0;
2566 }
2567 /* The attribute has changed. */
2568 /* Add (or update) attribute to hash. */
2569 attr_new = bgp_attr_intern(parent_pi->attr);
2570
2571 /* Restore route, if needed. */
2572 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2573 bgp_path_info_restore(rn, pi);
2574
2575 /* Mark if nexthop has changed. */
2576 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2577 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2578
2579 /* Unintern existing, set to new. */
2580 bgp_attr_unintern(&pi->attr);
2581 pi->attr = attr_new;
2582 pi->uptime = bgp_clock();
2583 }
2584
2585 /* Perform route selection and update zebra, if required. */
2586 ret = evpn_es_route_select_install(bgp, es, rn);
2587 return ret;
2588 }
2589
2590 /*
2591 * Install route entry into the VRF routing table and invoke route selection.
2592 */
2593 static int install_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2594 struct prefix_evpn *evp,
2595 struct bgp_path_info *parent_pi)
2596 {
2597 struct bgp_node *rn;
2598 struct bgp_path_info *pi;
2599 struct attr attr;
2600 struct attr *attr_new;
2601 int ret = 0;
2602 struct prefix p;
2603 struct prefix *pp = &p;
2604 afi_t afi = 0;
2605 safi_t safi = 0;
2606 char buf[PREFIX_STRLEN];
2607 char buf1[PREFIX_STRLEN];
2608
2609 memset(pp, 0, sizeof(struct prefix));
2610 ip_prefix_from_evpn_prefix(evp, pp);
2611
2612 if (bgp_debug_zebra(NULL)) {
2613 zlog_debug(
2614 "import evpn prefix %s as ip prefix %s in vrf %s",
2615 prefix2str(evp, buf, sizeof(buf)),
2616 prefix2str(pp, buf1, sizeof(buf)),
2617 vrf_id_to_name(bgp_vrf->vrf_id));
2618 }
2619
2620 /* Create (or fetch) route within the VRF. */
2621 /* NOTE: There is no RD here. */
2622 if (is_evpn_prefix_ipaddr_v4(evp)) {
2623 afi = AFI_IP;
2624 safi = SAFI_UNICAST;
2625 rn = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2626 } else if (is_evpn_prefix_ipaddr_v6(evp)) {
2627 afi = AFI_IP6;
2628 safi = SAFI_UNICAST;
2629 rn = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2630 } else
2631 return 0;
2632
2633 /* EVPN routes currently only support a IPv4 next hop which corresponds
2634 * to the remote VTEP. When importing into a VRF, if it is IPv6 host
2635 * or prefix route, we have to convert the next hop to an IPv4-mapped
2636 * address for the rest of the code to flow through. In the case of IPv4,
2637 * make sure to set the flag for next hop attribute.
2638 */
2639 bgp_attr_dup(&attr, parent_pi->attr);
2640 if (afi == AFI_IP6)
2641 evpn_convert_nexthop_to_ipv6(&attr);
2642 else
2643 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
2644
2645 /* Check if route entry is already present. */
2646 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2647 if (pi->extra
2648 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2649 break;
2650
2651 if (!pi)
2652 pi = bgp_create_evpn_bgp_path_info(parent_pi, rn);
2653 else {
2654 if (attrhash_cmp(pi->attr, &attr)
2655 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2656 bgp_unlock_node(rn);
2657 return 0;
2658 }
2659 /* The attribute has changed. */
2660 /* Add (or update) attribute to hash. */
2661 attr_new = bgp_attr_intern(&attr);
2662
2663 /* Restore route, if needed. */
2664 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2665 bgp_path_info_restore(rn, pi);
2666
2667 /* Mark if nexthop has changed. */
2668 if ((afi == AFI_IP
2669 && !IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2670 || (afi == AFI_IP6
2671 && !IPV6_ADDR_SAME(&pi->attr->mp_nexthop_global,
2672 &attr_new->mp_nexthop_global)))
2673 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2674
2675 bgp_path_info_set_flag(rn, pi, BGP_PATH_ATTR_CHANGED);
2676 /* Unintern existing, set to new. */
2677 bgp_attr_unintern(&pi->attr);
2678 pi->attr = attr_new;
2679 pi->uptime = bgp_clock();
2680 }
2681
2682 bgp_aggregate_increment(bgp_vrf, &rn->p, pi, afi, safi);
2683
2684 /* Perform route selection and update zebra, if required. */
2685 bgp_process(bgp_vrf, rn, afi, safi);
2686
2687 /* Process for route leaking. */
2688 vpn_leak_from_vrf_update(bgp_get_default(), bgp_vrf, pi);
2689
2690 bgp_unlock_node(rn);
2691
2692 return ret;
2693 }
2694
2695 /*
2696 * Install route entry into the VNI routing table and invoke route selection.
2697 */
2698 static int install_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2699 struct prefix_evpn *p,
2700 struct bgp_path_info *parent_pi)
2701 {
2702 struct bgp_node *rn;
2703 struct bgp_path_info *pi;
2704 struct attr *attr_new;
2705 int ret;
2706
2707 /* Create (or fetch) route within the VNI. */
2708 /* NOTE: There is no RD here. */
2709 rn = bgp_node_get(vpn->route_table, (struct prefix *)p);
2710
2711 /* Check if route entry is already present. */
2712 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2713 if (pi->extra
2714 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2715 break;
2716
2717 if (!pi) {
2718 /* Create an info */
2719 (void)bgp_create_evpn_bgp_path_info(parent_pi, rn);
2720 } else {
2721 if (attrhash_cmp(pi->attr, parent_pi->attr)
2722 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2723 bgp_unlock_node(rn);
2724 return 0;
2725 }
2726 /* The attribute has changed. */
2727 /* Add (or update) attribute to hash. */
2728 attr_new = bgp_attr_intern(parent_pi->attr);
2729
2730 /* Restore route, if needed. */
2731 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2732 bgp_path_info_restore(rn, pi);
2733
2734 /* Mark if nexthop has changed. */
2735 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2736 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2737
2738 /* Unintern existing, set to new. */
2739 bgp_attr_unintern(&pi->attr);
2740 pi->attr = attr_new;
2741 pi->uptime = bgp_clock();
2742 }
2743
2744 /* Perform route selection and update zebra, if required. */
2745 ret = evpn_route_select_install(bgp, vpn, rn);
2746
2747 bgp_unlock_node(rn);
2748
2749 return ret;
2750 }
2751
2752 /* Uninstall EVPN route entry from ES route table */
2753 static int uninstall_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2754 struct prefix_evpn *p,
2755 struct bgp_path_info *parent_pi)
2756 {
2757 int ret;
2758 struct bgp_node *rn;
2759 struct bgp_path_info *pi;
2760
2761 if (!es->route_table)
2762 return 0;
2763
2764 /* Locate route within the ESI.
2765 * NOTE: There is no RD here.
2766 */
2767 rn = bgp_node_lookup(es->route_table, (struct prefix *)p);
2768 if (!rn)
2769 return 0;
2770
2771 /* Find matching route entry. */
2772 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2773 if (pi->extra
2774 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2775 break;
2776
2777 if (!pi)
2778 return 0;
2779
2780 /* Mark entry for deletion */
2781 bgp_path_info_delete(rn, pi);
2782
2783 /* Perform route selection and update zebra, if required. */
2784 ret = evpn_es_route_select_install(bgp, es, rn);
2785
2786 /* Unlock route node. */
2787 bgp_unlock_node(rn);
2788
2789 return ret;
2790 }
2791
2792 /*
2793 * Uninstall route entry from the VRF routing table and send message
2794 * to zebra, if appropriate.
2795 */
2796 static int uninstall_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2797 struct prefix_evpn *evp,
2798 struct bgp_path_info *parent_pi)
2799 {
2800 struct bgp_node *rn;
2801 struct bgp_path_info *pi;
2802 int ret = 0;
2803 struct prefix p;
2804 struct prefix *pp = &p;
2805 afi_t afi = 0;
2806 safi_t safi = 0;
2807 char buf[PREFIX_STRLEN];
2808 char buf1[PREFIX_STRLEN];
2809
2810 memset(pp, 0, sizeof(struct prefix));
2811 ip_prefix_from_evpn_prefix(evp, pp);
2812
2813 if (bgp_debug_zebra(NULL)) {
2814 zlog_debug(
2815 "uninstalling evpn prefix %s as ip prefix %s in vrf %s",
2816 prefix2str(evp, buf, sizeof(buf)),
2817 prefix2str(pp, buf1, sizeof(buf)),
2818 vrf_id_to_name(bgp_vrf->vrf_id));
2819 }
2820
2821 /* Locate route within the VRF. */
2822 /* NOTE: There is no RD here. */
2823 if (is_evpn_prefix_ipaddr_v4(evp)) {
2824 afi = AFI_IP;
2825 safi = SAFI_UNICAST;
2826 rn = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2827 } else {
2828 afi = AFI_IP6;
2829 safi = SAFI_UNICAST;
2830 rn = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2831 }
2832
2833 if (!rn)
2834 return 0;
2835
2836 /* Find matching route entry. */
2837 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2838 if (pi->extra
2839 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2840 break;
2841
2842 if (!pi)
2843 return 0;
2844
2845 /* Process for route leaking. */
2846 vpn_leak_from_vrf_withdraw(bgp_get_default(), bgp_vrf, pi);
2847
2848 bgp_aggregate_decrement(bgp_vrf, &rn->p, pi, afi, safi);
2849
2850 /* Mark entry for deletion */
2851 bgp_path_info_delete(rn, pi);
2852
2853 /* Perform route selection and update zebra, if required. */
2854 bgp_process(bgp_vrf, rn, afi, safi);
2855
2856 /* Unlock route node. */
2857 bgp_unlock_node(rn);
2858
2859 return ret;
2860 }
2861
2862 /*
2863 * Uninstall route entry from the VNI routing table and send message
2864 * to zebra, if appropriate.
2865 */
2866 static int uninstall_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2867 struct prefix_evpn *p,
2868 struct bgp_path_info *parent_pi)
2869 {
2870 struct bgp_node *rn;
2871 struct bgp_path_info *pi;
2872 int ret;
2873
2874 /* Locate route within the VNI. */
2875 /* NOTE: There is no RD here. */
2876 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
2877 if (!rn)
2878 return 0;
2879
2880 /* Find matching route entry. */
2881 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2882 if (pi->extra
2883 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2884 break;
2885
2886 if (!pi)
2887 return 0;
2888
2889 /* Mark entry for deletion */
2890 bgp_path_info_delete(rn, pi);
2891
2892 /* Perform route selection and update zebra, if required. */
2893 ret = evpn_route_select_install(bgp, vpn, rn);
2894
2895 /* Unlock route node. */
2896 bgp_unlock_node(rn);
2897
2898 return ret;
2899 }
2900
2901 /*
2902 * Given a prefix, see if it belongs to ES.
2903 */
2904 static int is_prefix_matching_for_es(struct prefix_evpn *p,
2905 struct evpnes *es)
2906 {
2907 /* if not an ES route return false */
2908 if (p->prefix.route_type != BGP_EVPN_ES_ROUTE)
2909 return 0;
2910
2911 if (memcmp(&p->prefix.es_addr.esi, &es->esi, sizeof(esi_t)) == 0)
2912 return 1;
2913
2914 return 0;
2915 }
2916
2917 /*
2918 * Given a route entry and a VRF, see if this route entry should be
2919 * imported into the VRF i.e., RTs match.
2920 */
2921 static int is_route_matching_for_vrf(struct bgp *bgp_vrf,
2922 struct bgp_path_info *pi)
2923 {
2924 struct attr *attr = pi->attr;
2925 struct ecommunity *ecom;
2926 int i;
2927
2928 assert(attr);
2929 /* Route should have valid RT to be even considered. */
2930 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2931 return 0;
2932
2933 ecom = attr->ecommunity;
2934 if (!ecom || !ecom->size)
2935 return 0;
2936
2937 /* For each extended community RT, see if it matches this VNI. If any RT
2938 * matches, we're done.
2939 */
2940 for (i = 0; i < ecom->size; i++) {
2941 uint8_t *pnt;
2942 uint8_t type, sub_type;
2943 struct ecommunity_val *eval;
2944 struct ecommunity_val eval_tmp;
2945 struct vrf_irt_node *irt;
2946
2947 /* Only deal with RTs */
2948 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2949 eval = (struct ecommunity_val *)(ecom->val
2950 + (i * ECOMMUNITY_SIZE));
2951 type = *pnt++;
2952 sub_type = *pnt++;
2953 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
2954 continue;
2955
2956 /* See if this RT matches specified VNIs import RTs */
2957 irt = lookup_vrf_import_rt(eval);
2958 if (irt)
2959 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
2960 return 1;
2961
2962 /* Also check for non-exact match. In this, we mask out the AS
2963 * and
2964 * only check on the local-admin sub-field. This is to
2965 * facilitate using
2966 * VNI as the RT for EBGP peering too.
2967 */
2968 irt = NULL;
2969 if (type == ECOMMUNITY_ENCODE_AS
2970 || type == ECOMMUNITY_ENCODE_AS4
2971 || type == ECOMMUNITY_ENCODE_IP) {
2972 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
2973 mask_ecom_global_admin(&eval_tmp, eval);
2974 irt = lookup_vrf_import_rt(&eval_tmp);
2975 }
2976 if (irt)
2977 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
2978 return 1;
2979 }
2980
2981 return 0;
2982 }
2983
2984 /*
2985 * Given a route entry and a VNI, see if this route entry should be
2986 * imported into the VNI i.e., RTs match.
2987 */
2988 static int is_route_matching_for_vni(struct bgp *bgp, struct bgpevpn *vpn,
2989 struct bgp_path_info *pi)
2990 {
2991 struct attr *attr = pi->attr;
2992 struct ecommunity *ecom;
2993 int i;
2994
2995 assert(attr);
2996 /* Route should have valid RT to be even considered. */
2997 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2998 return 0;
2999
3000 ecom = attr->ecommunity;
3001 if (!ecom || !ecom->size)
3002 return 0;
3003
3004 /* For each extended community RT, see if it matches this VNI. If any RT
3005 * matches, we're done.
3006 */
3007 for (i = 0; i < ecom->size; i++) {
3008 uint8_t *pnt;
3009 uint8_t type, sub_type;
3010 struct ecommunity_val *eval;
3011 struct ecommunity_val eval_tmp;
3012 struct irt_node *irt;
3013
3014 /* Only deal with RTs */
3015 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3016 eval = (struct ecommunity_val *)(ecom->val
3017 + (i * ECOMMUNITY_SIZE));
3018 type = *pnt++;
3019 sub_type = *pnt++;
3020 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3021 continue;
3022
3023 /* See if this RT matches specified VNIs import RTs */
3024 irt = lookup_import_rt(bgp, eval);
3025 if (irt)
3026 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
3027 return 1;
3028
3029 /* Also check for non-exact match. In this, we mask out the AS
3030 * and
3031 * only check on the local-admin sub-field. This is to
3032 * facilitate using
3033 * VNI as the RT for EBGP peering too.
3034 */
3035 irt = NULL;
3036 if (type == ECOMMUNITY_ENCODE_AS
3037 || type == ECOMMUNITY_ENCODE_AS4
3038 || type == ECOMMUNITY_ENCODE_IP) {
3039 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3040 mask_ecom_global_admin(&eval_tmp, eval);
3041 irt = lookup_import_rt(bgp, &eval_tmp);
3042 }
3043 if (irt)
3044 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
3045 return 1;
3046 }
3047
3048 return 0;
3049 }
3050
3051 static int install_uninstall_routes_for_es(struct bgp *bgp,
3052 struct evpnes *es,
3053 int install)
3054 {
3055 int ret;
3056 afi_t afi;
3057 safi_t safi;
3058 char buf[PREFIX_STRLEN];
3059 char buf1[ESI_STR_LEN];
3060 struct bgp_node *rd_rn, *rn;
3061 struct bgp_table *table;
3062 struct bgp_path_info *pi;
3063
3064 afi = AFI_L2VPN;
3065 safi = SAFI_EVPN;
3066
3067 /*
3068 * Walk entire global routing table and evaluate routes which could be
3069 * imported into this VRF. Note that we need to loop through all global
3070 * routes to determine which route matches the import rt on vrf
3071 */
3072 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
3073 rd_rn = bgp_route_next(rd_rn)) {
3074 table = bgp_node_get_bgp_table_info(rd_rn);
3075 if (!table)
3076 continue;
3077
3078 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
3079 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3080
3081 for (pi = bgp_node_get_bgp_path_info(rn); pi;
3082 pi = pi->next) {
3083 /*
3084 * Consider "valid" remote routes applicable for
3085 * this ES.
3086 */
3087 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3088 && pi->type == ZEBRA_ROUTE_BGP
3089 && pi->sub_type == BGP_ROUTE_NORMAL))
3090 continue;
3091
3092 if (!is_prefix_matching_for_es(evp, es))
3093 continue;
3094
3095 if (install)
3096 ret = install_evpn_route_entry_in_es(
3097 bgp, es, evp, pi);
3098 else
3099 ret = uninstall_evpn_route_entry_in_es(
3100 bgp, es, evp, pi);
3101
3102 if (ret) {
3103 flog_err(
3104 EC_BGP_EVPN_FAIL,
3105 "Failed to %s EVPN %s route in ESI %s",
3106 install ? "install"
3107 : "uninstall",
3108 prefix2str(evp, buf,
3109 sizeof(buf)),
3110 esi_to_str(&es->esi, buf1,
3111 sizeof(buf1)));
3112 return ret;
3113 }
3114 }
3115 }
3116 }
3117 return 0;
3118 }
3119
3120 /* This API will scan evpn routes for checking attribute's rmac
3121 * macthes with bgp instance router mac. It avoid installing
3122 * route into bgp vrf table and remote rmac in bridge table.
3123 */
3124 static int bgp_evpn_route_rmac_self_check(struct bgp *bgp_vrf,
3125 struct prefix_evpn *evp,
3126 struct bgp_path_info *pi)
3127 {
3128 /* evpn route could have learnt prior to L3vni has come up,
3129 * perform rmac check before installing route and
3130 * remote router mac.
3131 * The route will be removed from global bgp table once
3132 * SVI comes up with MAC and stored in hash, triggers
3133 * bgp_mac_rescan_all_evpn_tables.
3134 */
3135 if (memcmp(&bgp_vrf->rmac, &pi->attr->rmac, ETH_ALEN) == 0) {
3136 if (bgp_debug_update(pi->peer, NULL, NULL, 1)) {
3137 char buf1[PREFIX_STRLEN];
3138 char attr_str[BUFSIZ] = {0};
3139
3140 bgp_dump_attr(pi->attr, attr_str, BUFSIZ);
3141
3142 zlog_debug("%s: bgp %u prefix %s with attr %s - DENIED due to self mac",
3143 __func__, bgp_vrf->vrf_id,
3144 prefix2str(evp, buf1, sizeof(buf1)),
3145 attr_str);
3146 }
3147
3148 return 1;
3149 }
3150
3151 return 0;
3152 }
3153
3154 /*
3155 * Install or uninstall mac-ip routes are appropriate for this
3156 * particular VRF.
3157 */
3158 static int install_uninstall_routes_for_vrf(struct bgp *bgp_vrf, int install)
3159 {
3160 afi_t afi;
3161 safi_t safi;
3162 struct bgp_node *rd_rn, *rn;
3163 struct bgp_table *table;
3164 struct bgp_path_info *pi;
3165 int ret;
3166 char buf[PREFIX_STRLEN];
3167 struct bgp *bgp_evpn = NULL;
3168
3169 afi = AFI_L2VPN;
3170 safi = SAFI_EVPN;
3171 bgp_evpn = bgp_get_evpn();
3172 if (!bgp_evpn)
3173 return -1;
3174
3175 /* Walk entire global routing table and evaluate routes which could be
3176 * imported into this VRF. Note that we need to loop through all global
3177 * routes to determine which route matches the import rt on vrf
3178 */
3179 for (rd_rn = bgp_table_top(bgp_evpn->rib[afi][safi]); rd_rn;
3180 rd_rn = bgp_route_next(rd_rn)) {
3181 table = bgp_node_get_bgp_table_info(rd_rn);
3182 if (!table)
3183 continue;
3184
3185 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
3186 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3187
3188 /* if not mac-ip route skip this route */
3189 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3190 || evp->prefix.route_type
3191 == BGP_EVPN_IP_PREFIX_ROUTE))
3192 continue;
3193
3194 /* if not a mac+ip route skip this route */
3195 if (!(is_evpn_prefix_ipaddr_v4(evp)
3196 || is_evpn_prefix_ipaddr_v6(evp)))
3197 continue;
3198
3199 for (pi = bgp_node_get_bgp_path_info(rn); pi;
3200 pi = pi->next) {
3201 /* Consider "valid" remote routes applicable for
3202 * this VRF.
3203 */
3204 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3205 && pi->type == ZEBRA_ROUTE_BGP
3206 && pi->sub_type == BGP_ROUTE_NORMAL))
3207 continue;
3208
3209 if (is_route_matching_for_vrf(bgp_vrf, pi)) {
3210 if (bgp_evpn_route_rmac_self_check(
3211 bgp_vrf, evp, pi))
3212 continue;
3213
3214 if (install)
3215 ret = install_evpn_route_entry_in_vrf(
3216 bgp_vrf, evp, pi);
3217 else
3218 ret = uninstall_evpn_route_entry_in_vrf(
3219 bgp_vrf, evp, pi);
3220
3221 if (ret) {
3222 flog_err(
3223 EC_BGP_EVPN_FAIL,
3224 "Failed to %s EVPN %s route in VRF %s",
3225 install ? "install"
3226 : "uninstall",
3227 prefix2str(evp, buf,
3228 sizeof(buf)),
3229 vrf_id_to_name(
3230 bgp_vrf->vrf_id));
3231 return ret;
3232 }
3233 }
3234 }
3235 }
3236 }
3237
3238 return 0;
3239 }
3240
3241 /*
3242 * Install or uninstall routes of specified type that are appropriate for this
3243 * particular VNI.
3244 */
3245 static int install_uninstall_routes_for_vni(struct bgp *bgp,
3246 struct bgpevpn *vpn,
3247 bgp_evpn_route_type rtype,
3248 int install)
3249 {
3250 afi_t afi;
3251 safi_t safi;
3252 struct bgp_node *rd_rn, *rn;
3253 struct bgp_table *table;
3254 struct bgp_path_info *pi;
3255 int ret;
3256
3257 afi = AFI_L2VPN;
3258 safi = SAFI_EVPN;
3259
3260 /* Walk entire global routing table and evaluate routes which could be
3261 * imported into this VPN. Note that we cannot just look at the routes
3262 * for
3263 * the VNI's RD - remote routes applicable for this VNI could have any
3264 * RD.
3265 */
3266 /* EVPN routes are a 2-level table. */
3267 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
3268 rd_rn = bgp_route_next(rd_rn)) {
3269 table = bgp_node_get_bgp_table_info(rd_rn);
3270 if (!table)
3271 continue;
3272
3273 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
3274 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3275
3276 if (evp->prefix.route_type != rtype)
3277 continue;
3278
3279 for (pi = bgp_node_get_bgp_path_info(rn); pi;
3280 pi = pi->next) {
3281 /* Consider "valid" remote routes applicable for
3282 * this VNI. */
3283 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3284 && pi->type == ZEBRA_ROUTE_BGP
3285 && pi->sub_type == BGP_ROUTE_NORMAL))
3286 continue;
3287
3288 if (is_route_matching_for_vni(bgp, vpn, pi)) {
3289 if (install)
3290 ret = install_evpn_route_entry(
3291 bgp, vpn, evp, pi);
3292 else
3293 ret = uninstall_evpn_route_entry(
3294 bgp, vpn, evp, pi);
3295
3296 if (ret) {
3297 flog_err(
3298 EC_BGP_EVPN_FAIL,
3299 "%u: Failed to %s EVPN %s route in VNI %u",
3300 bgp->vrf_id,
3301 install ? "install"
3302 : "uninstall",
3303 rtype == BGP_EVPN_MAC_IP_ROUTE
3304 ? "MACIP"
3305 : "IMET",
3306 vpn->vni);
3307 return ret;
3308 }
3309 }
3310 }
3311 }
3312 }
3313
3314 return 0;
3315 }
3316
3317 /* Install any existing remote ES routes applicable for this ES into its routing
3318 * table. This is invoked when ES comes up.
3319 */
3320 static int install_routes_for_es(struct bgp *bgp, struct evpnes *es)
3321 {
3322 return install_uninstall_routes_for_es(bgp, es, 1);
3323 }
3324
3325
3326 /* Install any existing remote routes applicable for this VRF into VRF RIB. This
3327 * is invoked upon l3vni-add or l3vni import rt change
3328 */
3329 static int install_routes_for_vrf(struct bgp *bgp_vrf)
3330 {
3331 install_uninstall_routes_for_vrf(bgp_vrf, 1);
3332 return 0;
3333 }
3334
3335 /*
3336 * Install any existing remote routes applicable for this VNI into its
3337 * routing table. This is invoked when a VNI becomes "live" or its Import
3338 * RT is changed.
3339 */
3340 static int install_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3341 {
3342 int ret;
3343
3344 /* Install type-3 routes followed by type-2 routes - the ones applicable
3345 * for this VNI.
3346 */
3347 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3348 1);
3349 if (ret)
3350 return ret;
3351
3352 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3353 1);
3354 }
3355
3356 /* uninstall routes from l3vni vrf. */
3357 static int uninstall_routes_for_vrf(struct bgp *bgp_vrf)
3358 {
3359 install_uninstall_routes_for_vrf(bgp_vrf, 0);
3360 return 0;
3361 }
3362
3363 /*
3364 * Uninstall any existing remote routes for this VNI. One scenario in which
3365 * this is invoked is upon an import RT change.
3366 */
3367 static int uninstall_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3368 {
3369 int ret;
3370
3371 /* Uninstall type-2 routes followed by type-3 routes - the ones
3372 * applicable
3373 * for this VNI.
3374 */
3375 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3376 0);
3377 if (ret)
3378 return ret;
3379
3380 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3381 0);
3382 }
3383
3384 /* Install or unistall route in ES */
3385 static int install_uninstall_route_in_es(struct bgp *bgp, struct evpnes *es,
3386 afi_t afi, safi_t safi,
3387 struct prefix_evpn *evp,
3388 struct bgp_path_info *pi, int install)
3389 {
3390 int ret = 0;
3391 char buf[ESI_STR_LEN];
3392
3393 if (install)
3394 ret = install_evpn_route_entry_in_es(bgp, es, evp, pi);
3395 else
3396 ret = uninstall_evpn_route_entry_in_es(bgp, es, evp, pi);
3397
3398 if (ret) {
3399 flog_err(
3400 EC_BGP_EVPN_FAIL,
3401 "%u: Failed to %s EVPN %s route in ESI %s", bgp->vrf_id,
3402 install ? "install" : "uninstall", "ES",
3403 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)));
3404 return ret;
3405 }
3406 return 0;
3407 }
3408
3409 /*
3410 * Install or uninstall route in matching VRFs (list).
3411 */
3412 static int install_uninstall_route_in_vrfs(struct bgp *bgp_def, afi_t afi,
3413 safi_t safi, struct prefix_evpn *evp,
3414 struct bgp_path_info *pi,
3415 struct list *vrfs, int install)
3416 {
3417 char buf[PREFIX2STR_BUFFER];
3418 struct bgp *bgp_vrf;
3419 struct listnode *node, *nnode;
3420
3421 /* Only type-2/type-5 routes go into a VRF */
3422 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3423 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3424 return 0;
3425
3426 /* if it is type-2 route and not a mac+ip route skip this route */
3427 if ((evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
3428 && !(is_evpn_prefix_ipaddr_v4(evp)
3429 || is_evpn_prefix_ipaddr_v6(evp)))
3430 return 0;
3431
3432 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, bgp_vrf)) {
3433 int ret;
3434
3435 if (install)
3436 ret = install_evpn_route_entry_in_vrf(bgp_vrf, evp, pi);
3437 else
3438 ret = uninstall_evpn_route_entry_in_vrf(bgp_vrf, evp,
3439 pi);
3440
3441 if (ret) {
3442 flog_err(EC_BGP_EVPN_FAIL,
3443 "%u: Failed to %s prefix %s in VRF %s",
3444 bgp_def->vrf_id,
3445 install ? "install" : "uninstall",
3446 prefix2str(evp, buf, sizeof(buf)),
3447 vrf_id_to_name(bgp_vrf->vrf_id));
3448 return ret;
3449 }
3450 }
3451
3452 return 0;
3453 }
3454
3455 /*
3456 * Install or uninstall route in matching VNIs (list).
3457 */
3458 static int install_uninstall_route_in_vnis(struct bgp *bgp, afi_t afi,
3459 safi_t safi, struct prefix_evpn *evp,
3460 struct bgp_path_info *pi,
3461 struct list *vnis, int install)
3462 {
3463 struct bgpevpn *vpn;
3464 struct listnode *node, *nnode;
3465
3466 for (ALL_LIST_ELEMENTS(vnis, node, nnode, vpn)) {
3467 int ret;
3468
3469 if (!is_vni_live(vpn))
3470 continue;
3471
3472 if (install)
3473 ret = install_evpn_route_entry(bgp, vpn, evp, pi);
3474 else
3475 ret = uninstall_evpn_route_entry(bgp, vpn, evp, pi);
3476
3477 if (ret) {
3478 flog_err(EC_BGP_EVPN_FAIL,
3479 "%u: Failed to %s EVPN %s route in VNI %u",
3480 bgp->vrf_id, install ? "install" : "uninstall",
3481 evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3482 ? "MACIP"
3483 : "IMET",
3484 vpn->vni);
3485 return ret;
3486 }
3487 }
3488
3489 return 0;
3490 }
3491
3492 /*
3493 * Install or uninstall route for appropriate VNIs/ESIs.
3494 */
3495 static int install_uninstall_evpn_route(struct bgp *bgp, afi_t afi, safi_t safi,
3496 struct prefix *p,
3497 struct bgp_path_info *pi, int import)
3498 {
3499 struct prefix_evpn *evp = (struct prefix_evpn *)p;
3500 struct attr *attr = pi->attr;
3501 struct ecommunity *ecom;
3502 int i;
3503
3504 assert(attr);
3505
3506 /* Only type-2, type-3, type-4 and type-5 are supported currently */
3507 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3508 || evp->prefix.route_type == BGP_EVPN_IMET_ROUTE
3509 || evp->prefix.route_type == BGP_EVPN_ES_ROUTE
3510 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3511 return 0;
3512
3513 /* If we don't have Route Target, nothing much to do. */
3514 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
3515 return 0;
3516
3517 ecom = attr->ecommunity;
3518 if (!ecom || !ecom->size)
3519 return -1;
3520
3521 /* An EVPN route belongs to a VNI or a VRF or an ESI based on the RTs
3522 * attached to the route */
3523 for (i = 0; i < ecom->size; i++) {
3524 uint8_t *pnt;
3525 uint8_t type, sub_type;
3526 struct ecommunity_val *eval;
3527 struct ecommunity_val eval_tmp;
3528 struct irt_node *irt; /* import rt for l2vni */
3529 struct vrf_irt_node *vrf_irt; /* import rt for l3vni */
3530 struct evpnes *es;
3531
3532 /* Only deal with RTs */
3533 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3534 eval = (struct ecommunity_val *)(ecom->val
3535 + (i * ECOMMUNITY_SIZE));
3536 type = *pnt++;
3537 sub_type = *pnt++;
3538 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3539 continue;
3540
3541 /*
3542 * macip routes (type-2) are imported into VNI and VRF tables.
3543 * IMET route is imported into VNI table.
3544 * prefix routes are imported into VRF table.
3545 */
3546 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE ||
3547 evp->prefix.route_type == BGP_EVPN_IMET_ROUTE ||
3548 evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
3549
3550 irt = lookup_import_rt(bgp, eval);
3551 if (irt)
3552 install_uninstall_route_in_vnis(
3553 bgp, afi, safi, evp, pi, irt->vnis,
3554 import);
3555
3556 vrf_irt = lookup_vrf_import_rt(eval);
3557 if (vrf_irt)
3558 install_uninstall_route_in_vrfs(
3559 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3560 import);
3561
3562 /* Also check for non-exact match.
3563 * In this, we mask out the AS and
3564 * only check on the local-admin sub-field.
3565 * This is to facilitate using
3566 * VNI as the RT for EBGP peering too.
3567 */
3568 irt = NULL;
3569 vrf_irt = NULL;
3570 if (type == ECOMMUNITY_ENCODE_AS
3571 || type == ECOMMUNITY_ENCODE_AS4
3572 || type == ECOMMUNITY_ENCODE_IP) {
3573 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3574 mask_ecom_global_admin(&eval_tmp, eval);
3575 irt = lookup_import_rt(bgp, &eval_tmp);
3576 vrf_irt = lookup_vrf_import_rt(&eval_tmp);
3577 }
3578
3579 if (irt)
3580 install_uninstall_route_in_vnis(
3581 bgp, afi, safi, evp, pi, irt->vnis,
3582 import);
3583 if (vrf_irt)
3584 install_uninstall_route_in_vrfs(
3585 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3586 import);
3587 }
3588
3589 /* es route is imported into the es table */
3590 if (evp->prefix.route_type == BGP_EVPN_ES_ROUTE) {
3591
3592 /* we will match based on the entire esi to avoid
3593 * imoort of an es route for esi2 into esi1
3594 */
3595 es = bgp_evpn_lookup_es(bgp, &evp->prefix.es_addr.esi);
3596 if (es && is_es_local(es))
3597 install_uninstall_route_in_es(
3598 bgp, es, afi, safi, evp, pi, import);
3599 }
3600 }
3601
3602 return 0;
3603 }
3604
3605 /*
3606 * delete and withdraw all ipv4 and ipv6 routes in the vrf table as type-5
3607 * routes
3608 */
3609 static void delete_withdraw_vrf_routes(struct bgp *bgp_vrf)
3610 {
3611 /* Delete ipv4 default route and withdraw from peers */
3612 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3613 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3614 SAFI_UNICAST, false);
3615
3616 /* delete all ipv4 routes and withdraw from peers */
3617 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3618 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3619
3620 /* Delete ipv6 default route and withdraw from peers */
3621 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3622 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3623 SAFI_UNICAST, false);
3624
3625 /* delete all ipv6 routes and withdraw from peers */
3626 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3627 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3628 }
3629
3630 /*
3631 * update and advertise all ipv4 and ipv6 routes in thr vrf table as type-5
3632 * routes
3633 */
3634 void update_advertise_vrf_routes(struct bgp *bgp_vrf)
3635 {
3636 struct bgp *bgp_evpn = NULL; /* EVPN bgp instance */
3637
3638 bgp_evpn = bgp_get_evpn();
3639 if (!bgp_evpn)
3640 return;
3641
3642 /* update all ipv4 routes */
3643 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3644 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3645
3646 /* update ipv4 default route and withdraw from peers */
3647 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3648 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3649 SAFI_UNICAST, true);
3650
3651 /* update all ipv6 routes */
3652 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3653 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3654
3655 /* update ipv6 default route and withdraw from peers */
3656 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3657 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3658 SAFI_UNICAST, true);
3659
3660 }
3661
3662 /*
3663 * update and advertise local routes for a VRF as type-5 routes.
3664 * This is invoked upon RD change for a VRF. Note taht the processing is only
3665 * done in the global route table using the routes which already exist in the
3666 * VRF routing table
3667 */
3668 static void update_router_id_vrf(struct bgp *bgp_vrf)
3669 {
3670 /* skip if the RD is configured */
3671 if (is_vrf_rd_configured(bgp_vrf))
3672 return;
3673
3674 /* derive the RD for the VRF based on new router-id */
3675 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
3676
3677 /* update advertise ipv4|ipv6 routes as type-5 routes */
3678 update_advertise_vrf_routes(bgp_vrf);
3679 }
3680
3681 /*
3682 * Delete and withdraw all type-5 routes for the RD corresponding to VRF.
3683 * This is invoked upon VRF RD change. The processing is done only from global
3684 * table.
3685 */
3686 static void withdraw_router_id_vrf(struct bgp *bgp_vrf)
3687 {
3688 /* skip if the RD is configured */
3689 if (is_vrf_rd_configured(bgp_vrf))
3690 return;
3691
3692 /* delete/withdraw ipv4|ipv6 routes as type-5 routes */
3693 delete_withdraw_vrf_routes(bgp_vrf);
3694 }
3695
3696 /*
3697 * Update and advertise local routes for a VNI. Invoked upon router-id
3698 * change. Note that the processing is done only on the global route table
3699 * using routes that already exist in the per-VNI table.
3700 */
3701 static int update_advertise_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3702 {
3703 struct prefix_evpn p;
3704 struct bgp_node *rn, *global_rn;
3705 struct bgp_path_info *pi, *global_pi;
3706 struct attr *attr;
3707 afi_t afi = AFI_L2VPN;
3708 safi_t safi = SAFI_EVPN;
3709
3710 /* Locate type-3 route for VNI in the per-VNI table and use its
3711 * attributes to create and advertise the type-3 route for this VNI
3712 * in the global table.
3713 *
3714 * RT-3 only if doing head-end replication
3715 */
3716 if (bgp_evpn_vni_flood_mode_get(bgp, vpn)
3717 == VXLAN_FLOOD_HEAD_END_REPL) {
3718 build_evpn_type3_prefix(&p, vpn->originator_ip);
3719 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)&p);
3720 if (!rn) /* unexpected */
3721 return 0;
3722 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
3723 if (pi->peer == bgp->peer_self &&
3724 pi->type == ZEBRA_ROUTE_BGP
3725 && pi->sub_type == BGP_ROUTE_STATIC)
3726 break;
3727 if (!pi) /* unexpected */
3728 return 0;
3729 attr = pi->attr;
3730
3731 global_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3732 (struct prefix *)&p, &vpn->prd);
3733 update_evpn_route_entry(bgp, vpn, afi, safi, global_rn, attr,
3734 1, &pi, 0, mac_mobility_seqnum(attr));
3735
3736 /* Schedule for processing and unlock node. */
3737 bgp_process(bgp, global_rn, afi, safi);
3738 bgp_unlock_node(global_rn);
3739 }
3740
3741 /* Now, walk this VNI's route table and use the route and its attribute
3742 * to create and schedule route in global table.
3743 */
3744 for (rn = bgp_table_top(vpn->route_table); rn;
3745 rn = bgp_route_next(rn)) {
3746 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3747
3748 /* Identify MAC-IP local routes. */
3749 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
3750 continue;
3751
3752 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
3753 if (pi->peer == bgp->peer_self
3754 && pi->type == ZEBRA_ROUTE_BGP
3755 && pi->sub_type == BGP_ROUTE_STATIC)
3756 break;
3757 if (!pi)
3758 continue;
3759
3760 /* Create route in global routing table using this route entry's
3761 * attribute.
3762 */
3763 attr = pi->attr;
3764 global_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3765 (struct prefix *)evp, &vpn->prd);
3766 assert(global_rn);
3767 update_evpn_route_entry(bgp, vpn, afi, safi, global_rn, attr, 1,
3768 &global_pi, 0,
3769 mac_mobility_seqnum(attr));
3770
3771 /* Schedule for processing and unlock node. */
3772 bgp_process(bgp, global_rn, afi, safi);
3773 bgp_unlock_node(global_rn);
3774 }
3775
3776 return 0;
3777 }
3778
3779 /*
3780 * Delete (and withdraw) local routes for a VNI - only from the global
3781 * table. Invoked upon router-id change.
3782 */
3783 static int delete_withdraw_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3784 {
3785 int ret;
3786 struct prefix_evpn p;
3787 struct bgp_node *global_rn;
3788 struct bgp_path_info *pi;
3789 afi_t afi = AFI_L2VPN;
3790 safi_t safi = SAFI_EVPN;
3791
3792 /* Delete and withdraw locally learnt type-2 routes (MACIP)
3793 * for this VNI - from the global table.
3794 */
3795 ret = delete_global_type2_routes(bgp, vpn);
3796 if (ret)
3797 return ret;
3798
3799 /* Remove type-3 route for this VNI from global table. */
3800 build_evpn_type3_prefix(&p, vpn->originator_ip);
3801 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
3802 (struct prefix *)&p, &vpn->prd);
3803 if (global_rn) {
3804 /* Delete route entry in the global EVPN table. */
3805 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
3806
3807 /* Schedule for processing - withdraws to peers happen from
3808 * this table.
3809 */
3810 if (pi)
3811 bgp_process(bgp, global_rn, afi, safi);
3812 bgp_unlock_node(global_rn);
3813 }
3814
3815 return 0;
3816 }
3817
3818 /*
3819 * Handle router-id change. Update and advertise local routes corresponding
3820 * to this VNI from peers. Note that this is invoked after updating the
3821 * router-id. The routes in the per-VNI table are used to create routes in
3822 * the global table and schedule them.
3823 */
3824 static void update_router_id_vni(struct hash_bucket *bucket, struct bgp *bgp)
3825 {
3826 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
3827
3828 /* Skip VNIs with configured RD. */
3829 if (is_rd_configured(vpn))
3830 return;
3831
3832 bgp_evpn_derive_auto_rd(bgp, vpn);
3833 update_advertise_vni_routes(bgp, vpn);
3834 }
3835
3836 /*
3837 * Handle router-id change. Delete and withdraw local routes corresponding
3838 * to this VNI from peers. Note that this is invoked prior to updating
3839 * the router-id and is done only on the global route table, the routes
3840 * are needed in the per-VNI table to re-advertise with new router id.
3841 */
3842 static void withdraw_router_id_vni(struct hash_bucket *bucket, struct bgp *bgp)
3843 {
3844 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
3845
3846 /* Skip VNIs with configured RD. */
3847 if (is_rd_configured(vpn))
3848 return;
3849
3850 delete_withdraw_vni_routes(bgp, vpn);
3851 }
3852
3853 /*
3854 * Create RT-3 for a VNI and schedule for processing and advertisement.
3855 * This is invoked upon flooding mode changing to head-end replication.
3856 */
3857 static void create_advertise_type3(struct hash_bucket *bucket, void *data)
3858 {
3859 struct bgpevpn *vpn = bucket->data;
3860 struct bgp *bgp = data;
3861 struct prefix_evpn p;
3862
3863 if (!vpn || !is_vni_live(vpn) ||
3864 bgp_evpn_vni_flood_mode_get(bgp, vpn)
3865 != VXLAN_FLOOD_HEAD_END_REPL)
3866 return;
3867
3868 build_evpn_type3_prefix(&p, vpn->originator_ip);
3869 if (update_evpn_route(bgp, vpn, &p, 0, 0))
3870 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
3871 "Type3 route creation failure for VNI %u", vpn->vni);
3872 }
3873
3874 /*
3875 * Delete RT-3 for a VNI and schedule for processing and withdrawal.
3876 * This is invoked upon flooding mode changing to drop BUM packets.
3877 */
3878 static void delete_withdraw_type3(struct hash_bucket *bucket, void *data)
3879 {
3880 struct bgpevpn *vpn = bucket->data;
3881 struct bgp *bgp = data;
3882 struct prefix_evpn p;
3883
3884 if (!vpn || !is_vni_live(vpn))
3885 return;
3886
3887 build_evpn_type3_prefix(&p, vpn->originator_ip);
3888 delete_evpn_route(bgp, vpn, &p);
3889 }
3890
3891 /*
3892 * Process received EVPN type-2 route (advertise or withdraw).
3893 */
3894 static int process_type2_route(struct peer *peer, afi_t afi, safi_t safi,
3895 struct attr *attr, uint8_t *pfx, int psize,
3896 uint32_t addpath_id)
3897 {
3898 struct prefix_rd prd;
3899 struct prefix_evpn p;
3900 struct bgp_route_evpn evpn;
3901 uint8_t ipaddr_len;
3902 uint8_t macaddr_len;
3903 mpls_label_t label[BGP_MAX_LABELS]; /* holds the VNI(s) as in packet */
3904 uint32_t num_labels = 0;
3905 uint32_t eth_tag;
3906 int ret;
3907
3908 /* Type-2 route should be either 33, 37 or 49 bytes or an
3909 * additional 3 bytes if there is a second label (VNI):
3910 * RD (8), ESI (10), Eth Tag (4), MAC Addr Len (1),
3911 * MAC Addr (6), IP len (1), IP (0, 4 or 16),
3912 * MPLS Lbl1 (3), MPLS Lbl2 (0 or 3)
3913 */
3914 if (psize != 33 && psize != 37 && psize != 49 && psize != 36
3915 && psize != 40 && psize != 52) {
3916 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3917 "%u:%s - Rx EVPN Type-2 NLRI with invalid length %d",
3918 peer->bgp->vrf_id, peer->host, psize);
3919 return -1;
3920 }
3921
3922 memset(&evpn, 0, sizeof(evpn));
3923
3924 /* Make prefix_rd */
3925 prd.family = AF_UNSPEC;
3926 prd.prefixlen = 64;
3927 memcpy(&prd.val, pfx, 8);
3928 pfx += 8;
3929
3930 /* Make EVPN prefix. */
3931 memset(&p, 0, sizeof(struct prefix_evpn));
3932 p.family = AF_EVPN;
3933 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3934 p.prefix.route_type = BGP_EVPN_MAC_IP_ROUTE;
3935
3936 /* Copy Ethernet Seg Identifier */
3937 memcpy(&evpn.eth_s_id.val, pfx, ESI_LEN);
3938 pfx += ESI_LEN;
3939
3940 /* Copy Ethernet Tag */
3941 memcpy(&eth_tag, pfx, 4);
3942 p.prefix.macip_addr.eth_tag = ntohl(eth_tag);
3943 pfx += 4;
3944
3945 /* Get the MAC Addr len */
3946 macaddr_len = *pfx++;
3947
3948 /* Get the MAC Addr */
3949 if (macaddr_len == (ETH_ALEN * 8)) {
3950 memcpy(&p.prefix.macip_addr.mac.octet, pfx, ETH_ALEN);
3951 pfx += ETH_ALEN;
3952 } else {
3953 flog_err(
3954 EC_BGP_EVPN_ROUTE_INVALID,
3955 "%u:%s - Rx EVPN Type-2 NLRI with unsupported MAC address length %d",
3956 peer->bgp->vrf_id, peer->host, macaddr_len);
3957 return -1;
3958 }
3959
3960
3961 /* Get the IP. */
3962 ipaddr_len = *pfx++;
3963 if (ipaddr_len != 0 && ipaddr_len != IPV4_MAX_BITLEN
3964 && ipaddr_len != IPV6_MAX_BITLEN) {
3965 flog_err(
3966 EC_BGP_EVPN_ROUTE_INVALID,
3967 "%u:%s - Rx EVPN Type-2 NLRI with unsupported IP address length %d",
3968 peer->bgp->vrf_id, peer->host, ipaddr_len);
3969 return -1;
3970 }
3971
3972 if (ipaddr_len) {
3973 ipaddr_len /= 8; /* Convert to bytes. */
3974 p.prefix.macip_addr.ip.ipa_type = (ipaddr_len == IPV4_MAX_BYTELEN)
3975 ? IPADDR_V4
3976 : IPADDR_V6;
3977 memcpy(&p.prefix.macip_addr.ip.ip.addr, pfx, ipaddr_len);
3978 }
3979 pfx += ipaddr_len;
3980
3981 /* Get the VNI(s). Stored as bytes here. */
3982 num_labels++;
3983 memset(label, 0, sizeof(label));
3984 memcpy(&label[0], pfx, BGP_LABEL_BYTES);
3985 pfx += BGP_LABEL_BYTES;
3986 psize -= (33 + ipaddr_len);
3987 /* Do we have a second VNI? */
3988 if (psize) {
3989 num_labels++;
3990 memcpy(&label[1], pfx, BGP_LABEL_BYTES);
3991 /*
3992 * If in future, we are required to access additional fields,
3993 * we MUST increment pfx by BGP_LABEL_BYTES in before reading
3994 * the next field
3995 */
3996 }
3997
3998 /* Process the route. */
3999 if (attr)
4000 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4001 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4002 &prd, &label[0], num_labels, 0, &evpn);
4003 else
4004 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4005 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4006 &prd, &label[0], num_labels, &evpn);
4007 return ret;
4008 }
4009
4010 /*
4011 * Process received EVPN type-3 route (advertise or withdraw).
4012 */
4013 static int process_type3_route(struct peer *peer, afi_t afi, safi_t safi,
4014 struct attr *attr, uint8_t *pfx, int psize,
4015 uint32_t addpath_id)
4016 {
4017 struct prefix_rd prd;
4018 struct prefix_evpn p;
4019 uint8_t ipaddr_len;
4020 uint32_t eth_tag;
4021 int ret;
4022
4023 /* Type-3 route should be either 17 or 29 bytes: RD (8), Eth Tag (4),
4024 * IP len (1) and IP (4 or 16).
4025 */
4026 if (psize != 17 && psize != 29) {
4027 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
4028 "%u:%s - Rx EVPN Type-3 NLRI with invalid length %d",
4029 peer->bgp->vrf_id, peer->host, psize);
4030 return -1;
4031 }
4032
4033 /* If PMSI is present, log if it is anything other than IR.
4034 * Note: We just simply ignore the values as it is not clear if
4035 * doing anything else is better.
4036 */
4037 if (attr &&
4038 (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL))) {
4039 if (attr->pmsi_tnl_type != PMSI_TNLTYPE_INGR_REPL &&
4040 attr->pmsi_tnl_type != PMSI_TNLTYPE_PIM_SM) {
4041 flog_warn(EC_BGP_EVPN_PMSI_PRESENT,
4042 "%u:%s - Rx EVPN Type-3 NLRI with unsupported PTA %d",
4043 peer->bgp->vrf_id, peer->host,
4044 attr->pmsi_tnl_type);
4045 }
4046 }
4047
4048 /* Make prefix_rd */
4049 prd.family = AF_UNSPEC;
4050 prd.prefixlen = 64;
4051 memcpy(&prd.val, pfx, 8);
4052 pfx += 8;
4053
4054 /* Make EVPN prefix. */
4055 memset(&p, 0, sizeof(struct prefix_evpn));
4056 p.family = AF_EVPN;
4057 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
4058 p.prefix.route_type = BGP_EVPN_IMET_ROUTE;
4059
4060 /* Copy Ethernet Tag */
4061 memcpy(&eth_tag, pfx, 4);
4062 p.prefix.imet_addr.eth_tag = ntohl(eth_tag);
4063 pfx += 4;
4064
4065 /* Get the IP. */
4066 ipaddr_len = *pfx++;
4067 if (ipaddr_len == IPV4_MAX_BITLEN) {
4068 p.prefix.imet_addr.ip.ipa_type = IPADDR_V4;
4069 memcpy(&p.prefix.imet_addr.ip.ip.addr, pfx, IPV4_MAX_BYTELEN);
4070 } else {
4071 flog_err(
4072 EC_BGP_EVPN_ROUTE_INVALID,
4073 "%u:%s - Rx EVPN Type-3 NLRI with unsupported IP address length %d",
4074 peer->bgp->vrf_id, peer->host, ipaddr_len);
4075 return -1;
4076 }
4077
4078 /* Process the route. */
4079 if (attr)
4080 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4081 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4082 &prd, NULL, 0, 0, NULL);
4083 else
4084 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4085 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4086 &prd, NULL, 0, NULL);
4087 return ret;
4088 }
4089
4090 /*
4091 * Process received EVPN type-4 route (advertise or withdraw).
4092 */
4093 static int process_type4_route(struct peer *peer, afi_t afi, safi_t safi,
4094 struct attr *attr, uint8_t *pfx, int psize,
4095 uint32_t addpath_id)
4096 {
4097 int ret;
4098 esi_t esi;
4099 uint8_t ipaddr_len;
4100 struct in_addr vtep_ip;
4101 struct prefix_rd prd;
4102 struct prefix_evpn p;
4103
4104 /* Type-4 route should be either 23 or 35 bytes
4105 * RD (8), ESI (10), ip-len (1), ip (4 or 16)
4106 */
4107 if (psize != 23 && psize != 35) {
4108 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
4109 "%u:%s - Rx EVPN Type-4 NLRI with invalid length %d",
4110 peer->bgp->vrf_id, peer->host, psize);
4111 return -1;
4112 }
4113
4114 /* Make prefix_rd */
4115 prd.family = AF_UNSPEC;
4116 prd.prefixlen = 64;
4117 memcpy(&prd.val, pfx, 8);
4118 pfx += 8;
4119
4120 /* get the ESI */
4121 memcpy(&esi, pfx, ESI_BYTES);
4122 pfx += ESI_BYTES;
4123
4124
4125 /* Get the IP. */
4126 ipaddr_len = *pfx++;
4127 if (ipaddr_len == IPV4_MAX_BITLEN) {
4128 memcpy(&vtep_ip, pfx, IPV4_MAX_BYTELEN);
4129 } else {
4130 flog_err(
4131 EC_BGP_EVPN_ROUTE_INVALID,
4132 "%u:%s - Rx EVPN Type-4 NLRI with unsupported IP address length %d",
4133 peer->bgp->vrf_id, peer->host, ipaddr_len);
4134 return -1;
4135 }
4136
4137 build_evpn_type4_prefix(&p, &esi, vtep_ip);
4138 /* Process the route. */
4139 if (attr) {
4140 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4141 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4142 &prd, NULL, 0, 0, NULL);
4143 } else {
4144 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4145 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4146 &prd, NULL, 0, NULL);
4147 }
4148 return ret;
4149 }
4150
4151
4152 /*
4153 * Process received EVPN type-5 route (advertise or withdraw).
4154 */
4155 static int process_type5_route(struct peer *peer, afi_t afi, safi_t safi,
4156 struct attr *attr, uint8_t *pfx, int psize,
4157 uint32_t addpath_id)
4158 {
4159 struct prefix_rd prd;
4160 struct prefix_evpn p;
4161 struct bgp_route_evpn evpn;
4162 uint8_t ippfx_len;
4163 uint32_t eth_tag;
4164 mpls_label_t label; /* holds the VNI as in the packet */
4165 int ret;
4166
4167 /* Type-5 route should be 34 or 58 bytes:
4168 * RD (8), ESI (10), Eth Tag (4), IP len (1), IP (4 or 16),
4169 * GW (4 or 16) and VNI (3).
4170 * Note that the IP and GW should both be IPv4 or both IPv6.
4171 */
4172 if (psize != 34 && psize != 58) {
4173 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
4174 "%u:%s - Rx EVPN Type-5 NLRI with invalid length %d",
4175 peer->bgp->vrf_id, peer->host, psize);
4176 return -1;
4177 }
4178
4179 /* Make prefix_rd */
4180 prd.family = AF_UNSPEC;
4181 prd.prefixlen = 64;
4182 memcpy(&prd.val, pfx, 8);
4183 pfx += 8;
4184
4185 /* Make EVPN prefix. */
4186 memset(&p, 0, sizeof(struct prefix_evpn));
4187 p.family = AF_EVPN;
4188 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
4189 p.prefix.route_type = BGP_EVPN_IP_PREFIX_ROUTE;
4190
4191 /* Additional information outside of prefix - ESI and GW IP */
4192 memset(&evpn, 0, sizeof(evpn));
4193
4194 /* Fetch ESI */
4195 memcpy(&evpn.eth_s_id.val, pfx, 10);
4196 pfx += 10;
4197
4198 /* Fetch Ethernet Tag. */
4199 memcpy(&eth_tag, pfx, 4);
4200 p.prefix.prefix_addr.eth_tag = ntohl(eth_tag);
4201 pfx += 4;
4202
4203 /* Fetch IP prefix length. */
4204 ippfx_len = *pfx++;
4205 if (ippfx_len > IPV6_MAX_BITLEN) {
4206 flog_err(
4207 EC_BGP_EVPN_ROUTE_INVALID,
4208 "%u:%s - Rx EVPN Type-5 NLRI with invalid IP Prefix length %d",
4209 peer->bgp->vrf_id, peer->host, ippfx_len);
4210 return -1;
4211 }
4212 p.prefix.prefix_addr.ip_prefix_length = ippfx_len;
4213
4214 /* Determine IPv4 or IPv6 prefix */
4215 /* Since the address and GW are from the same family, this just becomes
4216 * a simple check on the total size.
4217 */
4218 if (psize == 34) {
4219 SET_IPADDR_V4(&p.prefix.prefix_addr.ip);
4220 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v4, pfx, 4);
4221 pfx += 4;
4222 memcpy(&evpn.gw_ip.ipv4, pfx, 4);
4223 pfx += 4;
4224 } else {
4225 SET_IPADDR_V6(&p.prefix.prefix_addr.ip);
4226 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v6, pfx, 16);
4227 pfx += 16;
4228 memcpy(&evpn.gw_ip.ipv6, pfx, 16);
4229 pfx += 16;
4230 }
4231
4232 /* Get the VNI (in MPLS label field). Stored as bytes here. */
4233 memset(&label, 0, sizeof(label));
4234 memcpy(&label, pfx, BGP_LABEL_BYTES);
4235
4236 /*
4237 * If in future, we are required to access additional fields,
4238 * we MUST increment pfx by BGP_LABEL_BYTES in before reading the next
4239 * field
4240 */
4241
4242 /* Process the route. */
4243 if (attr)
4244 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4245 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4246 &prd, &label, 1, 0, &evpn);
4247 else
4248 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4249 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4250 &prd, &label, 1, &evpn);
4251
4252 return ret;
4253 }
4254
4255 static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p,
4256 struct prefix_rd *prd, mpls_label_t *label,
4257 uint32_t num_labels, struct attr *attr)
4258 {
4259 int len;
4260 char temp[16];
4261 struct evpn_addr *p_evpn_p;
4262
4263 memset(&temp, 0, 16);
4264 if (p->family != AF_EVPN)
4265 return;
4266 p_evpn_p = &(p->u.prefix_evpn);
4267
4268 /* len denites the total len of IP and GW-IP in the route
4269 IP and GW-IP have to be both ipv4 or ipv6
4270 */
4271 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4272 len = 8; /* IP and GWIP are both ipv4 */
4273 else
4274 len = 32; /* IP and GWIP are both ipv6 */
4275 /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */
4276 stream_putc(s, 8 + 10 + 4 + 1 + len + 3);
4277 stream_put(s, prd->val, 8);
4278 if (attr)
4279 stream_put(s, &(attr->evpn_overlay.eth_s_id), 10);
4280 else
4281 stream_put(s, &temp, 10);
4282 stream_putl(s, p_evpn_p->prefix_addr.eth_tag);
4283 stream_putc(s, p_evpn_p->prefix_addr.ip_prefix_length);
4284 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4285 stream_put_ipv4(s, p_evpn_p->prefix_addr.ip.ipaddr_v4.s_addr);
4286 else
4287 stream_put(s, &p_evpn_p->prefix_addr.ip.ipaddr_v6, 16);
4288 if (attr) {
4289 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4290 stream_put_ipv4(s,
4291 attr->evpn_overlay.gw_ip.ipv4.s_addr);
4292 else
4293 stream_put(s, &(attr->evpn_overlay.gw_ip.ipv6), 16);
4294 } else {
4295 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4296 stream_put_ipv4(s, 0);
4297 else
4298 stream_put(s, &temp, 16);
4299 }
4300
4301 if (num_labels)
4302 stream_put(s, label, 3);
4303 else
4304 stream_put3(s, 0);
4305 }
4306
4307 /*
4308 * Cleanup specific VNI upon EVPN (advertise-all-vni) being disabled.
4309 */
4310 static void cleanup_vni_on_disable(struct hash_bucket *bucket, struct bgp *bgp)
4311 {
4312 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
4313
4314 /* Remove EVPN routes and schedule for processing. */
4315 delete_routes_for_vni(bgp, vpn);
4316
4317 /* Clear "live" flag and see if hash needs to be freed. */
4318 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
4319 if (!is_vni_configured(vpn))
4320 bgp_evpn_free(bgp, vpn);
4321 }
4322
4323 /*
4324 * Free a VNI entry; iterator function called during cleanup.
4325 */
4326 static void free_vni_entry(struct hash_bucket *bucket, struct bgp *bgp)
4327 {
4328 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
4329
4330 delete_all_vni_routes(bgp, vpn);
4331 bgp_evpn_free(bgp, vpn);
4332 }
4333
4334 /*
4335 * Derive AUTO import RT for BGP VRF - L3VNI
4336 */
4337 static void evpn_auto_rt_import_add_for_vrf(struct bgp *bgp_vrf)
4338 {
4339 struct bgp *bgp_evpn = NULL;
4340
4341 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4342 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4343
4344 /* Map RT to VRF */
4345 bgp_evpn = bgp_get_evpn();
4346 if (!bgp_evpn)
4347 return;
4348 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4349 }
4350
4351 /*
4352 * Delete AUTO import RT from BGP VRF - L3VNI
4353 */
4354 static void evpn_auto_rt_import_delete_for_vrf(struct bgp *bgp_vrf)
4355 {
4356 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4357 }
4358
4359 /*
4360 * Derive AUTO export RT for BGP VRF - L3VNI
4361 */
4362 static void evpn_auto_rt_export_add_for_vrf(struct bgp *bgp_vrf)
4363 {
4364 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4365 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4366 }
4367
4368 /*
4369 * Delete AUTO export RT from BGP VRF - L3VNI
4370 */
4371 static void evpn_auto_rt_export_delete_for_vrf(struct bgp *bgp_vrf)
4372 {
4373 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4374 }
4375
4376 static void bgp_evpn_handle_export_rt_change_for_vrf(struct bgp *bgp_vrf)
4377 {
4378 struct bgp *bgp_evpn = NULL;
4379 struct listnode *node = NULL;
4380 struct bgpevpn *vpn = NULL;
4381
4382 bgp_evpn = bgp_get_evpn();
4383 if (!bgp_evpn)
4384 return;
4385
4386 /* update all type-5 routes */
4387 update_advertise_vrf_routes(bgp_vrf);
4388
4389 /* update all type-2 routes */
4390 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
4391 update_routes_for_vni(bgp_evpn, vpn);
4392 }
4393
4394 /*
4395 * Handle autort change for a given VNI.
4396 */
4397 static void update_autort_vni(struct hash_bucket *bucket, struct bgp *bgp)
4398 {
4399 struct bgpevpn *vpn = bucket->data;
4400
4401 if (!is_import_rt_configured(vpn)) {
4402 if (is_vni_live(vpn))
4403 bgp_evpn_uninstall_routes(bgp, vpn);
4404 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
4405 list_delete_all_node(vpn->import_rtl);
4406 bgp_evpn_derive_auto_rt_import(bgp, vpn);
4407 if (is_vni_live(vpn))
4408 bgp_evpn_install_routes(bgp, vpn);
4409 }
4410 if (!is_export_rt_configured(vpn)) {
4411 list_delete_all_node(vpn->export_rtl);
4412 bgp_evpn_derive_auto_rt_export(bgp, vpn);
4413 if (is_vni_live(vpn))
4414 bgp_evpn_handle_export_rt_change(bgp, vpn);
4415 }
4416 }
4417
4418 /*
4419 * Public functions.
4420 */
4421
4422 /* withdraw type-5 route corresponding to ip prefix */
4423 void bgp_evpn_withdraw_type5_route(struct bgp *bgp_vrf, struct prefix *p,
4424 afi_t afi, safi_t safi)
4425 {
4426 int ret = 0;
4427 struct prefix_evpn evp;
4428 char buf[PREFIX_STRLEN];
4429
4430 build_type5_prefix_from_ip_prefix(&evp, p);
4431 ret = delete_evpn_type5_route(bgp_vrf, &evp);
4432 if (ret) {
4433 flog_err(
4434 EC_BGP_EVPN_ROUTE_DELETE,
4435 "%u failed to delete type-5 route for prefix %s in vrf %s",
4436 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)),
4437 vrf_id_to_name(bgp_vrf->vrf_id));
4438 }
4439 }
4440
4441 /* withdraw all type-5 routes for an address family */
4442 void bgp_evpn_withdraw_type5_routes(struct bgp *bgp_vrf, afi_t afi, safi_t safi)
4443 {
4444 struct bgp_table *table = NULL;
4445 struct bgp_node *rn = NULL;
4446 struct bgp_path_info *pi;
4447
4448 table = bgp_vrf->rib[afi][safi];
4449 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
4450 /* Only care about "selected" routes. Also ensure that
4451 * these are routes that are injectable into EVPN.
4452 */
4453 /* TODO: Support for AddPath for EVPN. */
4454 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next) {
4455 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4456 && is_route_injectable_into_evpn(pi)) {
4457 bgp_evpn_withdraw_type5_route(bgp_vrf, &rn->p,
4458 afi, safi);
4459 break;
4460 }
4461 }
4462 }
4463 }
4464
4465 /*
4466 * evpn - enable advertisement of default g/w
4467 */
4468 void bgp_evpn_install_uninstall_default_route(struct bgp *bgp_vrf, afi_t afi,
4469 safi_t safi, bool add)
4470 {
4471 struct prefix ip_prefix;
4472
4473 /* form the default prefix 0.0.0.0/0 */
4474 memset(&ip_prefix, 0, sizeof(struct prefix));
4475 ip_prefix.family = afi2family(afi);
4476
4477 if (add) {
4478 bgp_evpn_advertise_type5_route(bgp_vrf, &ip_prefix,
4479 NULL, afi, safi);
4480 } else {
4481 bgp_evpn_withdraw_type5_route(bgp_vrf, &ip_prefix,
4482 afi, safi);
4483 }
4484 }
4485
4486
4487 /*
4488 * Advertise IP prefix as type-5 route. The afi/safi and src_attr passed
4489 * to this function correspond to those of the source IP prefix (best
4490 * path in the case of the attr. In the case of a local prefix (when we
4491 * are advertising local subnets), the src_attr will be NULL.
4492 */
4493 void bgp_evpn_advertise_type5_route(struct bgp *bgp_vrf, struct prefix *p,
4494 struct attr *src_attr, afi_t afi,
4495 safi_t safi)
4496 {
4497 int ret = 0;
4498 struct prefix_evpn evp;
4499 char buf[PREFIX_STRLEN];
4500
4501 build_type5_prefix_from_ip_prefix(&evp, p);
4502 ret = update_evpn_type5_route(bgp_vrf, &evp, src_attr);
4503 if (ret)
4504 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
4505 "%u: Failed to create type-5 route for prefix %s",
4506 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)));
4507 }
4508
4509 /* Inject all prefixes of a particular address-family (currently, IPv4 or
4510 * IPv6 unicast) into EVPN as type-5 routes. This is invoked when the
4511 * advertisement is enabled.
4512 */
4513 void bgp_evpn_advertise_type5_routes(struct bgp *bgp_vrf, afi_t afi,
4514 safi_t safi)
4515 {
4516 struct bgp_table *table = NULL;
4517 struct bgp_node *rn = NULL;
4518 struct bgp_path_info *pi;
4519
4520 table = bgp_vrf->rib[afi][safi];
4521 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
4522 /* Need to identify the "selected" route entry to use its
4523 * attribute. Also, ensure that the route is injectable
4524 * into EVPN.
4525 * TODO: Support for AddPath for EVPN.
4526 */
4527 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next) {
4528 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4529 && is_route_injectable_into_evpn(pi)) {
4530
4531 /* apply the route-map */
4532 if (bgp_vrf->adv_cmd_rmap[afi][safi].map) {
4533 route_map_result_t ret;
4534
4535 ret = route_map_apply(
4536 bgp_vrf->adv_cmd_rmap[afi][safi]
4537 .map,
4538 &rn->p, RMAP_BGP, pi);
4539 if (ret == RMAP_DENYMATCH)
4540 continue;
4541 }
4542 bgp_evpn_advertise_type5_route(
4543 bgp_vrf, &rn->p, pi->attr, afi, safi);
4544 break;
4545 }
4546 }
4547 }
4548 }
4549
4550 void evpn_rt_delete_auto(struct bgp *bgp, vni_t vni, struct list *rtl)
4551 {
4552 struct listnode *node, *nnode, *node_to_del;
4553 struct ecommunity *ecom, *ecom_auto;
4554 struct ecommunity_val eval;
4555
4556 if (bgp->advertise_autort_rfc8365)
4557 vni |= EVPN_AUTORT_VXLAN;
4558 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
4559
4560 ecom_auto = ecommunity_new();
4561 ecommunity_add_val(ecom_auto, &eval);
4562 node_to_del = NULL;
4563
4564 for (ALL_LIST_ELEMENTS(rtl, node, nnode, ecom)) {
4565 if (ecommunity_match(ecom, ecom_auto)) {
4566 ecommunity_free(&ecom);
4567 node_to_del = node;
4568 }
4569 }
4570
4571 if (node_to_del)
4572 list_delete_node(rtl, node_to_del);
4573
4574 ecommunity_free(&ecom_auto);
4575 }
4576
4577 void bgp_evpn_configure_import_rt_for_vrf(struct bgp *bgp_vrf,
4578 struct ecommunity *ecomadd)
4579 {
4580 /* uninstall routes from vrf */
4581 if (is_l3vni_live(bgp_vrf))
4582 uninstall_routes_for_vrf(bgp_vrf);
4583
4584 /* Cleanup the RT to VRF mapping */
4585 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4586
4587 /* Remove auto generated RT */
4588 evpn_auto_rt_import_delete_for_vrf(bgp_vrf);
4589
4590 /* Add the newly configured RT to RT list */
4591 listnode_add_sort(bgp_vrf->vrf_import_rtl, ecomadd);
4592 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4593
4594 /* map VRF to its RTs and install routes matching the new RTs */
4595 if (is_l3vni_live(bgp_vrf)) {
4596 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4597 install_routes_for_vrf(bgp_vrf);
4598 }
4599 }
4600
4601 void bgp_evpn_unconfigure_import_rt_for_vrf(struct bgp *bgp_vrf,
4602 struct ecommunity *ecomdel)
4603 {
4604 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4605 struct ecommunity *ecom = NULL;
4606
4607 /* uninstall routes from vrf */
4608 if (is_l3vni_live(bgp_vrf))
4609 uninstall_routes_for_vrf(bgp_vrf);
4610
4611 /* Cleanup the RT to VRF mapping */
4612 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4613
4614 /* remove the RT from the RT list */
4615 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4616 if (ecommunity_match(ecom, ecomdel)) {
4617 ecommunity_free(&ecom);
4618 node_to_del = node;
4619 break;
4620 }
4621 }
4622
4623 if (node_to_del)
4624 list_delete_node(bgp_vrf->vrf_import_rtl, node_to_del);
4625
4626 assert(bgp_vrf->vrf_import_rtl);
4627 /* fallback to auto import rt, if this was the last RT */
4628 if (bgp_vrf->vrf_import_rtl && list_isempty(bgp_vrf->vrf_import_rtl)) {
4629 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4630 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
4631 }
4632
4633 /* map VRFs to its RTs and install routes matching this new RT */
4634 if (is_l3vni_live(bgp_vrf)) {
4635 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4636 install_routes_for_vrf(bgp_vrf);
4637 }
4638 }
4639
4640 void bgp_evpn_configure_export_rt_for_vrf(struct bgp *bgp_vrf,
4641 struct ecommunity *ecomadd)
4642 {
4643 /* remove auto-generated RT */
4644 evpn_auto_rt_export_delete_for_vrf(bgp_vrf);
4645
4646 /* Add the new RT to the RT list */
4647 listnode_add_sort(bgp_vrf->vrf_export_rtl, ecomadd);
4648 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4649
4650 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4651 }
4652
4653 void bgp_evpn_unconfigure_export_rt_for_vrf(struct bgp *bgp_vrf,
4654 struct ecommunity *ecomdel)
4655 {
4656 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4657 struct ecommunity *ecom = NULL;
4658
4659 /* Remove the RT from the RT list */
4660 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_export_rtl, node, nnode, ecom)) {
4661 if (ecommunity_match(ecom, ecomdel)) {
4662 ecommunity_free(&ecom);
4663 node_to_del = node;
4664 break;
4665 }
4666 }
4667
4668 if (node_to_del)
4669 list_delete_node(bgp_vrf->vrf_export_rtl, node_to_del);
4670
4671 /*
4672 * Temporary assert to make SA happy.
4673 * The ALL_LIST_ELEMENTS macro above has a NULL check
4674 * which means that SA is going to complain about
4675 * the list_isempty call, which doesn't NULL check.
4676 * So until we get this situation cleaned up, here
4677 * we are.
4678 */
4679 assert(bgp_vrf->vrf_export_rtl);
4680
4681 /* fall back to auto-generated RT if this was the last RT */
4682 if (list_isempty(bgp_vrf->vrf_export_rtl)) {
4683 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4684 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
4685 }
4686
4687 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4688 }
4689
4690 /*
4691 * Handle change to BGP router id. This is invoked twice by the change
4692 * handler, first before the router id has been changed and then after
4693 * the router id has been changed. The first invocation will result in
4694 * local routes for all VNIs/VRF being deleted and withdrawn and the next
4695 * will result in the routes being re-advertised.
4696 */
4697 void bgp_evpn_handle_router_id_update(struct bgp *bgp, int withdraw)
4698 {
4699 struct listnode *node;
4700 struct bgp *bgp_vrf;
4701
4702 if (withdraw) {
4703
4704 /* delete and withdraw all the type-5 routes
4705 stored in the global table for this vrf
4706 */
4707 withdraw_router_id_vrf(bgp);
4708
4709 /* delete all the VNI routes (type-2/type-3) routes for all the
4710 * L2-VNIs
4711 */
4712 hash_iterate(bgp->vnihash,
4713 (void (*)(struct hash_bucket *,
4714 void *))withdraw_router_id_vni,
4715 bgp);
4716
4717 if (bgp->inst_type == BGP_INSTANCE_TYPE_DEFAULT) {
4718 for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp_vrf)) {
4719 if (bgp_vrf->evpn_info->advertise_pip &&
4720 (bgp_vrf->evpn_info->pip_ip_static.s_addr
4721 == INADDR_ANY))
4722 bgp_vrf->evpn_info->pip_ip.s_addr
4723 = INADDR_ANY;
4724 }
4725 }
4726 } else {
4727
4728 /* Assign new default instance router-id */
4729 if (bgp->inst_type == BGP_INSTANCE_TYPE_DEFAULT) {
4730 for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp_vrf)) {
4731 if (bgp_vrf->evpn_info->advertise_pip &&
4732 (bgp_vrf->evpn_info->pip_ip_static.s_addr
4733 == INADDR_ANY)) {
4734 bgp_vrf->evpn_info->pip_ip =
4735 bgp->router_id;
4736 /* advertise type-5 routes with
4737 * new nexthop
4738 */
4739 update_advertise_vrf_routes(bgp_vrf);
4740 }
4741 }
4742 }
4743
4744 /* advertise all routes in the vrf as type-5 routes with the new
4745 * RD
4746 */
4747 update_router_id_vrf(bgp);
4748
4749 /* advertise all the VNI routes (type-2/type-3) routes with the
4750 * new RD
4751 */
4752 hash_iterate(bgp->vnihash,
4753 (void (*)(struct hash_bucket *,
4754 void *))update_router_id_vni,
4755 bgp);
4756 }
4757 }
4758
4759 /*
4760 * Handle change to auto-RT algorithm - update and advertise local routes.
4761 */
4762 void bgp_evpn_handle_autort_change(struct bgp *bgp)
4763 {
4764 hash_iterate(bgp->vnihash,
4765 (void (*)(struct hash_bucket *,
4766 void*))update_autort_vni,
4767 bgp);
4768 }
4769
4770 /*
4771 * Handle change to export RT - update and advertise local routes.
4772 */
4773 int bgp_evpn_handle_export_rt_change(struct bgp *bgp, struct bgpevpn *vpn)
4774 {
4775 return update_routes_for_vni(bgp, vpn);
4776 }
4777
4778 void bgp_evpn_handle_vrf_rd_change(struct bgp *bgp_vrf, int withdraw)
4779 {
4780 if (withdraw)
4781 delete_withdraw_vrf_routes(bgp_vrf);
4782 else
4783 update_advertise_vrf_routes(bgp_vrf);
4784 }
4785
4786 /*
4787 * Handle change to RD. This is invoked twice by the change handler,
4788 * first before the RD has been changed and then after the RD has
4789 * been changed. The first invocation will result in local routes
4790 * of this VNI being deleted and withdrawn and the next will result
4791 * in the routes being re-advertised.
4792 */
4793 void bgp_evpn_handle_rd_change(struct bgp *bgp, struct bgpevpn *vpn,
4794 int withdraw)
4795 {
4796 if (withdraw)
4797 delete_withdraw_vni_routes(bgp, vpn);
4798 else
4799 update_advertise_vni_routes(bgp, vpn);
4800 }
4801
4802 /*
4803 * Install routes for this VNI. Invoked upon change to Import RT.
4804 */
4805 int bgp_evpn_install_routes(struct bgp *bgp, struct bgpevpn *vpn)
4806 {
4807 return install_routes_for_vni(bgp, vpn);
4808 }
4809
4810 /*
4811 * Uninstall all routes installed for this VNI. Invoked upon change
4812 * to Import RT.
4813 */
4814 int bgp_evpn_uninstall_routes(struct bgp *bgp, struct bgpevpn *vpn)
4815 {
4816 return uninstall_routes_for_vni(bgp, vpn);
4817 }
4818
4819 /*
4820 * TODO: Hardcoded for a maximum of 2 VNIs right now
4821 */
4822 char *bgp_evpn_label2str(mpls_label_t *label, uint32_t num_labels, char *buf,
4823 int len)
4824 {
4825 vni_t vni1, vni2;
4826
4827 vni1 = label2vni(label);
4828 if (num_labels == 2) {
4829 vni2 = label2vni(label + 1);
4830 snprintf(buf, len, "%u/%u", vni1, vni2);
4831 } else
4832 snprintf(buf, len, "%u", vni1);
4833 return buf;
4834 }
4835
4836 /*
4837 * Function to convert evpn route to json format.
4838 * NOTE: We don't use prefix2str as the output here is a bit different.
4839 */
4840 void bgp_evpn_route2json(struct prefix_evpn *p, json_object *json)
4841 {
4842 char buf1[ETHER_ADDR_STRLEN];
4843 char buf2[PREFIX2STR_BUFFER];
4844 uint8_t family;
4845 uint8_t prefixlen;
4846
4847 if (!json)
4848 return;
4849
4850 json_object_int_add(json, "routeType", p->prefix.route_type);
4851
4852 switch (p->prefix.route_type) {
4853 case BGP_EVPN_MAC_IP_ROUTE:
4854 json_object_int_add(json, "ethTag",
4855 p->prefix.macip_addr.eth_tag);
4856 json_object_int_add(json, "macLen", 8 * ETH_ALEN);
4857 json_object_string_add(json, "mac",
4858 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4859 sizeof(buf1)));
4860
4861 if (!is_evpn_prefix_ipaddr_none(p)) {
4862 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET :
4863 AF_INET6;
4864 prefixlen = (family == AF_INET) ?
4865 IPV4_MAX_BITLEN : IPV6_MAX_BITLEN;
4866 inet_ntop(family, &p->prefix.macip_addr.ip.ip.addr,
4867 buf2, PREFIX2STR_BUFFER);
4868 json_object_int_add(json, "ipLen", prefixlen);
4869 json_object_string_add(json, "ip", buf2);
4870 }
4871 break;
4872
4873 case BGP_EVPN_IMET_ROUTE:
4874 json_object_int_add(json, "ethTag",
4875 p->prefix.imet_addr.eth_tag);
4876 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET : AF_INET6;
4877 prefixlen = (family == AF_INET) ? IPV4_MAX_BITLEN :
4878 IPV6_MAX_BITLEN;
4879 inet_ntop(family, &p->prefix.imet_addr.ip.ip.addr, buf2,
4880 PREFIX2STR_BUFFER);
4881 json_object_int_add(json, "ipLen", prefixlen);
4882 json_object_string_add(json, "ip", buf2);
4883 break;
4884
4885 case BGP_EVPN_IP_PREFIX_ROUTE:
4886 json_object_int_add(json, "ethTag",
4887 p->prefix.prefix_addr.eth_tag);
4888 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET : AF_INET6;
4889 inet_ntop(family, &p->prefix.prefix_addr.ip.ip.addr,
4890 buf2, sizeof(buf2));
4891 json_object_int_add(json, "ipLen",
4892 p->prefix.prefix_addr.ip_prefix_length);
4893 json_object_string_add(json, "ip", buf2);
4894 break;
4895
4896 default:
4897 break;
4898 }
4899 }
4900
4901 /*
4902 * Function to convert evpn route to string.
4903 * NOTE: We don't use prefix2str as the output here is a bit different.
4904 */
4905 char *bgp_evpn_route2str(struct prefix_evpn *p, char *buf, int len)
4906 {
4907 char buf1[ETHER_ADDR_STRLEN];
4908 char buf2[PREFIX2STR_BUFFER];
4909 char buf3[ESI_STR_LEN];
4910
4911 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
4912 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]", p->prefix.route_type,
4913 p->prefix.imet_addr.eth_tag,
4914 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
4915 : IPV6_MAX_BITLEN,
4916 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
4917 } else if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
4918 if (is_evpn_prefix_ipaddr_none(p))
4919 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
4920 p->prefix.route_type,
4921 p->prefix.macip_addr.eth_tag,
4922 8 * ETH_ALEN,
4923 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4924 sizeof(buf1)));
4925 else {
4926 uint8_t family;
4927
4928 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET
4929 : AF_INET6;
4930 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]:[%d]:[%s]",
4931 p->prefix.route_type,
4932 p->prefix.macip_addr.eth_tag,
4933 8 * ETH_ALEN,
4934 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4935 sizeof(buf1)),
4936 family == AF_INET ? IPV4_MAX_BITLEN
4937 : IPV6_MAX_BITLEN,
4938 inet_ntop(family,
4939 &p->prefix.macip_addr.ip.ip.addr,
4940 buf2,
4941 PREFIX2STR_BUFFER));
4942 }
4943 } else if (p->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
4944 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
4945 p->prefix.route_type,
4946 p->prefix.prefix_addr.eth_tag,
4947 p->prefix.prefix_addr.ip_prefix_length,
4948 is_evpn_prefix_ipaddr_v4(p)
4949 ? inet_ntoa(p->prefix.prefix_addr.ip.ipaddr_v4)
4950 : inet6_ntoa(p->prefix.prefix_addr.ip.ipaddr_v6));
4951 } else if (p->prefix.route_type == BGP_EVPN_ES_ROUTE) {
4952 snprintf(buf, len, "[%d]:[%s]:[%d]:[%s]",
4953 p->prefix.route_type,
4954 esi_to_str(&p->prefix.es_addr.esi, buf3, sizeof(buf3)),
4955 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
4956 : IPV6_MAX_BITLEN,
4957 inet_ntoa(p->prefix.es_addr.ip.ipaddr_v4));
4958 } else {
4959 /* For EVPN route types not supported yet. */
4960 snprintf(buf, len, "(unsupported route type %d)",
4961 p->prefix.route_type);
4962 }
4963
4964 return (buf);
4965 }
4966
4967 /*
4968 * Encode EVPN prefix in Update (MP_REACH)
4969 */
4970 void bgp_evpn_encode_prefix(struct stream *s, struct prefix *p,
4971 struct prefix_rd *prd, mpls_label_t *label,
4972 uint32_t num_labels, struct attr *attr,
4973 int addpath_encode, uint32_t addpath_tx_id)
4974 {
4975 struct prefix_evpn *evp = (struct prefix_evpn *)p;
4976 int len, ipa_len = 0;
4977
4978 if (addpath_encode)
4979 stream_putl(s, addpath_tx_id);
4980
4981 /* Route type */
4982 stream_putc(s, evp->prefix.route_type);
4983
4984 switch (evp->prefix.route_type) {
4985 case BGP_EVPN_MAC_IP_ROUTE:
4986 if (is_evpn_prefix_ipaddr_v4(evp))
4987 ipa_len = IPV4_MAX_BYTELEN;
4988 else if (is_evpn_prefix_ipaddr_v6(evp))
4989 ipa_len = IPV6_MAX_BYTELEN;
4990 /* RD, ESI, EthTag, MAC+len, IP len, [IP], 1 VNI */
4991 len = 8 + 10 + 4 + 1 + 6 + 1 + ipa_len + 3;
4992 if (ipa_len && num_labels > 1) /* There are 2 VNIs */
4993 len += 3;
4994 stream_putc(s, len);
4995 stream_put(s, prd->val, 8); /* RD */
4996 if (attr)
4997 stream_put(s, &attr->evpn_overlay.eth_s_id, ESI_LEN);
4998 else
4999 stream_put(s, 0, 10);
5000 stream_putl(s, evp->prefix.macip_addr.eth_tag); /* Ethernet Tag ID */
5001 stream_putc(s, 8 * ETH_ALEN); /* Mac Addr Len - bits */
5002 stream_put(s, evp->prefix.macip_addr.mac.octet, 6); /* Mac Addr */
5003 stream_putc(s, 8 * ipa_len); /* IP address Length */
5004 if (ipa_len) /* IP */
5005 stream_put(s, &evp->prefix.macip_addr.ip.ip.addr,
5006 ipa_len);
5007 /* 1st label is the L2 VNI */
5008 stream_put(s, label, BGP_LABEL_BYTES);
5009 /* Include 2nd label (L3 VNI) if advertising MAC+IP */
5010 if (ipa_len && num_labels > 1)
5011 stream_put(s, label + 1, BGP_LABEL_BYTES);
5012 break;
5013
5014 case BGP_EVPN_IMET_ROUTE:
5015 stream_putc(s, 17); // TODO: length - assumes IPv4 address
5016 stream_put(s, prd->val, 8); /* RD */
5017 stream_putl(s, evp->prefix.imet_addr.eth_tag); /* Ethernet Tag ID */
5018 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
5019 /* Originating Router's IP Addr */
5020 stream_put_in_addr(s, &evp->prefix.imet_addr.ip.ipaddr_v4);
5021 break;
5022
5023 case BGP_EVPN_ES_ROUTE:
5024 stream_putc(s, 23); /* TODO: length: assumes ipv4 VTEP */
5025 stream_put(s, prd->val, 8); /* RD */
5026 stream_put(s, evp->prefix.es_addr.esi.val, 10); /* ESI */
5027 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
5028 /* VTEP IP */
5029 stream_put_in_addr(s, &evp->prefix.es_addr.ip.ipaddr_v4);
5030 break;
5031
5032 case BGP_EVPN_IP_PREFIX_ROUTE:
5033 /* TODO: AddPath support. */
5034 evpn_mpattr_encode_type5(s, p, prd, label, num_labels, attr);
5035 break;
5036
5037 default:
5038 break;
5039 }
5040 }
5041
5042 int bgp_nlri_parse_evpn(struct peer *peer, struct attr *attr,
5043 struct bgp_nlri *packet, int withdraw)
5044 {
5045 uint8_t *pnt;
5046 uint8_t *lim;
5047 afi_t afi;
5048 safi_t safi;
5049 uint32_t addpath_id;
5050 int addpath_encoded;
5051 int psize = 0;
5052 uint8_t rtype;
5053 struct prefix p;
5054
5055 /* Start processing the NLRI - there may be multiple in the MP_REACH */
5056 pnt = packet->nlri;
5057 lim = pnt + packet->length;
5058 afi = packet->afi;
5059 safi = packet->safi;
5060 addpath_id = 0;
5061
5062 addpath_encoded =
5063 (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV)
5064 && CHECK_FLAG(peer->af_cap[afi][safi],
5065 PEER_CAP_ADDPATH_AF_TX_RCV));
5066
5067 for (; pnt < lim; pnt += psize) {
5068 /* Clear prefix structure. */
5069 memset(&p, 0, sizeof(struct prefix));
5070
5071 /* Deal with path-id if AddPath is supported. */
5072 if (addpath_encoded) {
5073 /* When packet overflow occurs return immediately. */
5074 if (pnt + BGP_ADDPATH_ID_LEN > lim)
5075 return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
5076
5077 addpath_id = ntohl(*((uint32_t *)pnt));
5078 pnt += BGP_ADDPATH_ID_LEN;
5079 }
5080
5081 /* All EVPN NLRI types start with type and length. */
5082 if (pnt + 2 > lim)
5083 return BGP_NLRI_PARSE_ERROR_EVPN_MISSING_TYPE;
5084
5085 rtype = *pnt++;
5086 psize = *pnt++;
5087
5088 /* When packet overflow occur return immediately. */
5089 if (pnt + psize > lim)
5090 return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
5091
5092 switch (rtype) {
5093 case BGP_EVPN_MAC_IP_ROUTE:
5094 if (process_type2_route(peer, afi, safi,
5095 withdraw ? NULL : attr, pnt,
5096 psize, addpath_id)) {
5097 flog_err(
5098 EC_BGP_EVPN_FAIL,
5099 "%u:%s - Error in processing EVPN type-2 NLRI size %d",
5100 peer->bgp->vrf_id, peer->host, psize);
5101 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE2_SIZE;
5102 }
5103 break;
5104
5105 case BGP_EVPN_IMET_ROUTE:
5106 if (process_type3_route(peer, afi, safi,
5107 withdraw ? NULL : attr, pnt,
5108 psize, addpath_id)) {
5109 flog_err(
5110 EC_BGP_PKT_PROCESS,
5111 "%u:%s - Error in processing EVPN type-3 NLRI size %d",
5112 peer->bgp->vrf_id, peer->host, psize);
5113 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE3_SIZE;
5114 }
5115 break;
5116
5117 case BGP_EVPN_ES_ROUTE:
5118 if (process_type4_route(peer, afi, safi,
5119 withdraw ? NULL : attr, pnt,
5120 psize, addpath_id)) {
5121 flog_err(
5122 EC_BGP_PKT_PROCESS,
5123 "%u:%s - Error in processing EVPN type-4 NLRI size %d",
5124 peer->bgp->vrf_id, peer->host, psize);
5125 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE4_SIZE;
5126 }
5127 break;
5128
5129 case BGP_EVPN_IP_PREFIX_ROUTE:
5130 if (process_type5_route(peer, afi, safi,
5131 withdraw ? NULL : attr, pnt,
5132 psize, addpath_id)) {
5133 flog_err(
5134 EC_BGP_PKT_PROCESS,
5135 "%u:%s - Error in processing EVPN type-5 NLRI size %d",
5136 peer->bgp->vrf_id, peer->host, psize);
5137 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE5_SIZE;
5138 }
5139 break;
5140
5141 default:
5142 break;
5143 }
5144 }
5145
5146 /* Packet length consistency check. */
5147 if (pnt != lim)
5148 return BGP_NLRI_PARSE_ERROR_PACKET_LENGTH;
5149
5150 return BGP_NLRI_PARSE_OK;
5151 }
5152
5153 /*
5154 * Map the RTs (configured or automatically derived) of a VRF to the VRF.
5155 * The mapping will be used during route processing.
5156 * bgp_def: default bgp instance
5157 * bgp_vrf: specific bgp vrf instance on which RT is configured
5158 */
5159 void bgp_evpn_map_vrf_to_its_rts(struct bgp *bgp_vrf)
5160 {
5161 int i = 0;
5162 struct ecommunity_val *eval = NULL;
5163 struct listnode *node = NULL, *nnode = NULL;
5164 struct ecommunity *ecom = NULL;
5165
5166 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
5167 for (i = 0; i < ecom->size; i++) {
5168 eval = (struct ecommunity_val *)(ecom->val
5169 + (i
5170 * ECOMMUNITY_SIZE));
5171 map_vrf_to_rt(bgp_vrf, eval);
5172 }
5173 }
5174 }
5175
5176 /*
5177 * Unmap the RTs (configured or automatically derived) of a VRF from the VRF.
5178 */
5179 void bgp_evpn_unmap_vrf_from_its_rts(struct bgp *bgp_vrf)
5180 {
5181 int i;
5182 struct ecommunity_val *eval;
5183 struct listnode *node, *nnode;
5184 struct ecommunity *ecom;
5185
5186 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
5187 for (i = 0; i < ecom->size; i++) {
5188 struct vrf_irt_node *irt;
5189 struct ecommunity_val eval_tmp;
5190
5191 eval = (struct ecommunity_val *)(ecom->val
5192 + (i
5193 * ECOMMUNITY_SIZE));
5194 /* If using "automatic" RT, we only care about the
5195 * local-admin sub-field.
5196 * This is to facilitate using VNI as the RT for EBGP
5197 * peering too.
5198 */
5199 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
5200 if (!CHECK_FLAG(bgp_vrf->vrf_flags,
5201 BGP_VRF_IMPORT_RT_CFGD))
5202 mask_ecom_global_admin(&eval_tmp, eval);
5203
5204 irt = lookup_vrf_import_rt(&eval_tmp);
5205 if (irt)
5206 unmap_vrf_from_rt(bgp_vrf, irt);
5207 }
5208 }
5209 }
5210
5211
5212 /*
5213 * Map the RTs (configured or automatically derived) of a VNI to the VNI.
5214 * The mapping will be used during route processing.
5215 */
5216 void bgp_evpn_map_vni_to_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
5217 {
5218 int i;
5219 struct ecommunity_val *eval;
5220 struct listnode *node, *nnode;
5221 struct ecommunity *ecom;
5222
5223 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
5224 for (i = 0; i < ecom->size; i++) {
5225 eval = (struct ecommunity_val *)(ecom->val
5226 + (i
5227 * ECOMMUNITY_SIZE));
5228 map_vni_to_rt(bgp, vpn, eval);
5229 }
5230 }
5231 }
5232
5233 /*
5234 * Unmap the RTs (configured or automatically derived) of a VNI from the VNI.
5235 */
5236 void bgp_evpn_unmap_vni_from_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
5237 {
5238 int i;
5239 struct ecommunity_val *eval;
5240 struct listnode *node, *nnode;
5241 struct ecommunity *ecom;
5242
5243 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
5244 for (i = 0; i < ecom->size; i++) {
5245 struct irt_node *irt;
5246 struct ecommunity_val eval_tmp;
5247
5248 eval = (struct ecommunity_val *)(ecom->val
5249 + (i
5250 * ECOMMUNITY_SIZE));
5251 /* If using "automatic" RT, we only care about the
5252 * local-admin sub-field.
5253 * This is to facilitate using VNI as the RT for EBGP
5254 * peering too.
5255 */
5256 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
5257 if (!is_import_rt_configured(vpn))
5258 mask_ecom_global_admin(&eval_tmp, eval);
5259
5260 irt = lookup_import_rt(bgp, &eval_tmp);
5261 if (irt)
5262 unmap_vni_from_rt(bgp, vpn, irt);
5263 }
5264 }
5265 }
5266
5267 /*
5268 * Derive Import RT automatically for VNI and map VNI to RT.
5269 * The mapping will be used during route processing.
5270 */
5271 void bgp_evpn_derive_auto_rt_import(struct bgp *bgp, struct bgpevpn *vpn)
5272 {
5273 form_auto_rt(bgp, vpn->vni, vpn->import_rtl);
5274 UNSET_FLAG(vpn->flags, VNI_FLAG_IMPRT_CFGD);
5275
5276 /* Map RT to VNI */
5277 bgp_evpn_map_vni_to_its_rts(bgp, vpn);
5278 }
5279
5280 /*
5281 * Derive Export RT automatically for VNI.
5282 */
5283 void bgp_evpn_derive_auto_rt_export(struct bgp *bgp, struct bgpevpn *vpn)
5284 {
5285 form_auto_rt(bgp, vpn->vni, vpn->export_rtl);
5286 UNSET_FLAG(vpn->flags, VNI_FLAG_EXPRT_CFGD);
5287 }
5288
5289 /*
5290 * Derive RD automatically for VNI using passed information - it
5291 * is of the form RouterId:unique-id-for-vni.
5292 */
5293 void bgp_evpn_derive_auto_rd_for_vrf(struct bgp *bgp)
5294 {
5295 if (is_vrf_rd_configured(bgp))
5296 return;
5297
5298 form_auto_rd(bgp->router_id, bgp->vrf_rd_id, &bgp->vrf_prd);
5299 }
5300
5301 /*
5302 * Derive RD automatically for VNI using passed information - it
5303 * is of the form RouterId:unique-id-for-vni.
5304 */
5305 void bgp_evpn_derive_auto_rd(struct bgp *bgp, struct bgpevpn *vpn)
5306 {
5307 char buf[100];
5308
5309 vpn->prd.family = AF_UNSPEC;
5310 vpn->prd.prefixlen = 64;
5311 sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), vpn->rd_id);
5312 (void)str2prefix_rd(buf, &vpn->prd);
5313 UNSET_FLAG(vpn->flags, VNI_FLAG_RD_CFGD);
5314 }
5315
5316 /*
5317 * Lookup L3-VNI
5318 */
5319 bool bgp_evpn_lookup_l3vni_l2vni_table(vni_t vni)
5320 {
5321 struct list *inst = bm->bgp;
5322 struct listnode *node;
5323 struct bgp *bgp_vrf;
5324
5325 for (ALL_LIST_ELEMENTS_RO(inst, node, bgp_vrf)) {
5326 if (bgp_vrf->l3vni == vni)
5327 return true;
5328 }
5329
5330 return false;
5331 }
5332
5333 /*
5334 * Lookup VNI.
5335 */
5336 struct bgpevpn *bgp_evpn_lookup_vni(struct bgp *bgp, vni_t vni)
5337 {
5338 struct bgpevpn *vpn;
5339 struct bgpevpn tmp;
5340
5341 memset(&tmp, 0, sizeof(struct bgpevpn));
5342 tmp.vni = vni;
5343 vpn = hash_lookup(bgp->vnihash, &tmp);
5344 return vpn;
5345 }
5346
5347 /*
5348 * Create a new vpn - invoked upon configuration or zebra notification.
5349 */
5350 struct bgpevpn *bgp_evpn_new(struct bgp *bgp, vni_t vni,
5351 struct in_addr originator_ip,
5352 vrf_id_t tenant_vrf_id,
5353 struct in_addr mcast_grp)
5354 {
5355 struct bgpevpn *vpn;
5356
5357 if (!bgp)
5358 return NULL;
5359
5360 vpn = XCALLOC(MTYPE_BGP_EVPN, sizeof(struct bgpevpn));
5361
5362 /* Set values - RD and RT set to defaults. */
5363 vpn->vni = vni;
5364 vpn->originator_ip = originator_ip;
5365 vpn->tenant_vrf_id = tenant_vrf_id;
5366 vpn->mcast_grp = mcast_grp;
5367
5368 /* Initialize route-target import and export lists */
5369 vpn->import_rtl = list_new();
5370 vpn->import_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5371 vpn->import_rtl->del = evpn_xxport_delete_ecomm;
5372 vpn->export_rtl = list_new();
5373 vpn->export_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5374 vpn->export_rtl->del = evpn_xxport_delete_ecomm;
5375 bf_assign_index(bm->rd_idspace, vpn->rd_id);
5376 derive_rd_rt_for_vni(bgp, vpn);
5377
5378 /* Initialize EVPN route table. */
5379 vpn->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5380
5381 /* Add to hash */
5382 if (!hash_get(bgp->vnihash, vpn, hash_alloc_intern)) {
5383 XFREE(MTYPE_BGP_EVPN, vpn);
5384 return NULL;
5385 }
5386
5387 /* add to l2vni list on corresponding vrf */
5388 bgpevpn_link_to_l3vni(vpn);
5389
5390 QOBJ_REG(vpn, bgpevpn);
5391 return vpn;
5392 }
5393
5394 /*
5395 * Free a given VPN - called in multiple scenarios such as zebra
5396 * notification, configuration being deleted, advertise-all-vni disabled etc.
5397 * This just frees appropriate memory, caller should have taken other
5398 * needed actions.
5399 */
5400 void bgp_evpn_free(struct bgp *bgp, struct bgpevpn *vpn)
5401 {
5402 bgpevpn_unlink_from_l3vni(vpn);
5403 bgp_table_unlock(vpn->route_table);
5404 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
5405 list_delete(&vpn->import_rtl);
5406 list_delete(&vpn->export_rtl);
5407 bf_release_index(bm->rd_idspace, vpn->rd_id);
5408 hash_release(bgp->vnihash, vpn);
5409 QOBJ_UNREG(vpn);
5410 XFREE(MTYPE_BGP_EVPN, vpn);
5411 }
5412
5413 /*
5414 * Lookup local ES.
5415 */
5416 struct evpnes *bgp_evpn_lookup_es(struct bgp *bgp, esi_t *esi)
5417 {
5418 struct evpnes *es;
5419 struct evpnes tmp;
5420
5421 memset(&tmp, 0, sizeof(struct evpnes));
5422 memcpy(&tmp.esi, esi, sizeof(esi_t));
5423 es = hash_lookup(bgp->esihash, &tmp);
5424 return es;
5425 }
5426
5427 /*
5428 * Create a new local es - invoked upon zebra notification.
5429 */
5430 struct evpnes *bgp_evpn_es_new(struct bgp *bgp,
5431 esi_t *esi,
5432 struct ipaddr *originator_ip)
5433 {
5434 char buf[100];
5435 struct evpnes *es;
5436
5437 if (!bgp)
5438 return NULL;
5439
5440 es = XCALLOC(MTYPE_BGP_EVPN_ES, sizeof(struct evpnes));
5441
5442 /* set the ESI and originator_ip */
5443 memcpy(&es->esi, esi, sizeof(esi_t));
5444 memcpy(&es->originator_ip, originator_ip, sizeof(struct ipaddr));
5445
5446 /* Initialise the VTEP list */
5447 es->vtep_list = list_new();
5448 es->vtep_list->cmp = evpn_vtep_ip_cmp;
5449
5450 /* auto derive RD for this es */
5451 bf_assign_index(bm->rd_idspace, es->rd_id);
5452 es->prd.family = AF_UNSPEC;
5453 es->prd.prefixlen = 64;
5454 sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), es->rd_id);
5455 (void)str2prefix_rd(buf, &es->prd);
5456
5457 /* Initialize the ES route table */
5458 es->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5459
5460 /* Add to hash */
5461 if (!hash_get(bgp->esihash, es, hash_alloc_intern)) {
5462 XFREE(MTYPE_BGP_EVPN_ES, es);
5463 return NULL;
5464 }
5465
5466 QOBJ_REG(es, evpnes);
5467 return es;
5468 }
5469
5470 /*
5471 * Free a given ES -
5472 * This just frees appropriate memory, caller should have taken other
5473 * needed actions.
5474 */
5475 void bgp_evpn_es_free(struct bgp *bgp, struct evpnes *es)
5476 {
5477 list_delete(&es->vtep_list);
5478 bgp_table_unlock(es->route_table);
5479 bf_release_index(bm->rd_idspace, es->rd_id);
5480 hash_release(bgp->esihash, es);
5481 QOBJ_UNREG(es);
5482 XFREE(MTYPE_BGP_EVPN_ES, es);
5483 }
5484
5485 /*
5486 * Import evpn route from global table to VNI/VRF/ESI.
5487 */
5488 int bgp_evpn_import_route(struct bgp *bgp, afi_t afi, safi_t safi,
5489 struct prefix *p, struct bgp_path_info *pi)
5490 {
5491 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 1);
5492 }
5493
5494 /*
5495 * Unimport evpn route from VNI/VRF/ESI.
5496 */
5497 int bgp_evpn_unimport_route(struct bgp *bgp, afi_t afi, safi_t safi,
5498 struct prefix *p, struct bgp_path_info *pi)
5499 {
5500 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 0);
5501 }
5502
5503 /* filter routes which have martian next hops */
5504 int bgp_filter_evpn_routes_upon_martian_nh_change(struct bgp *bgp)
5505 {
5506 afi_t afi;
5507 safi_t safi;
5508 struct bgp_node *rd_rn, *rn;
5509 struct bgp_table *table;
5510 struct bgp_path_info *pi;
5511
5512 afi = AFI_L2VPN;
5513 safi = SAFI_EVPN;
5514
5515 /* Walk entire global routing table and evaluate routes which could be
5516 * imported into this VPN. Note that we cannot just look at the routes
5517 * for the VNI's RD -
5518 * remote routes applicable for this VNI could have any RD.
5519 */
5520 /* EVPN routes are a 2-level table. */
5521 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
5522 rd_rn = bgp_route_next(rd_rn)) {
5523 table = bgp_node_get_bgp_table_info(rd_rn);
5524 if (!table)
5525 continue;
5526
5527 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
5528
5529 for (pi = bgp_node_get_bgp_path_info(rn); pi;
5530 pi = pi->next) {
5531
5532 /* Consider "valid" remote routes applicable for
5533 * this VNI. */
5534 if (!(pi->type == ZEBRA_ROUTE_BGP
5535 && pi->sub_type == BGP_ROUTE_NORMAL))
5536 continue;
5537 if (bgp_nexthop_self(bgp, afi,
5538 pi->type, pi->sub_type,
5539 pi->attr, rn)) {
5540
5541 char attr_str[BUFSIZ] = {0};
5542 char pbuf[PREFIX_STRLEN];
5543
5544 bgp_dump_attr(pi->attr, attr_str,
5545 BUFSIZ);
5546
5547 if (bgp_debug_update(pi->peer, &rn->p,
5548 NULL, 1))
5549 zlog_debug(
5550 "%u: prefix %s with attr %s - DENIED due to martian or self nexthop",
5551 bgp->vrf_id,
5552 prefix2str(
5553 &rn->p, pbuf,
5554 sizeof(pbuf)),
5555 attr_str);
5556
5557 bgp_evpn_unimport_route(bgp, afi, safi,
5558 &rn->p, pi);
5559
5560 bgp_rib_remove(rn, pi, pi->peer, afi,
5561 safi);
5562 }
5563 }
5564 }
5565 }
5566
5567 return 0;
5568 }
5569
5570 /*
5571 * Handle del of a local MACIP.
5572 */
5573 int bgp_evpn_local_macip_del(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5574 struct ipaddr *ip, int state)
5575 {
5576 struct bgpevpn *vpn;
5577 struct prefix_evpn p;
5578 struct bgp_node *rn;
5579
5580 /* Lookup VNI hash - should exist. */
5581 vpn = bgp_evpn_lookup_vni(bgp, vni);
5582 if (!vpn || !is_vni_live(vpn)) {
5583 flog_warn(EC_BGP_EVPN_VPN_VNI,
5584 "%u: VNI hash entry for VNI %u %s at MACIP DEL",
5585 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5586 return -1;
5587 }
5588
5589 build_evpn_type2_prefix(&p, mac, ip);
5590 if (state == ZEBRA_NEIGH_ACTIVE) {
5591 /* Remove EVPN type-2 route and schedule for processing. */
5592 delete_evpn_route(bgp, vpn, &p);
5593 } else {
5594 /* Re-instate the current remote best path if any */
5595 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)&p);
5596 if (rn)
5597 evpn_zebra_reinstall_best_route(bgp, vpn, rn);
5598 }
5599
5600 return 0;
5601 }
5602
5603 /*
5604 * Handle add of a local MACIP.
5605 */
5606 int bgp_evpn_local_macip_add(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5607 struct ipaddr *ip, uint8_t flags, uint32_t seq)
5608 {
5609 struct bgpevpn *vpn;
5610 struct prefix_evpn p;
5611
5612 /* Lookup VNI hash - should exist. */
5613 vpn = bgp_evpn_lookup_vni(bgp, vni);
5614 if (!vpn || !is_vni_live(vpn)) {
5615 flog_warn(EC_BGP_EVPN_VPN_VNI,
5616 "%u: VNI hash entry for VNI %u %s at MACIP ADD",
5617 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5618 return -1;
5619 }
5620
5621 /* Create EVPN type-2 route and schedule for processing. */
5622 build_evpn_type2_prefix(&p, mac, ip);
5623 if (update_evpn_route(bgp, vpn, &p, flags, seq)) {
5624 char buf[ETHER_ADDR_STRLEN];
5625 char buf2[INET6_ADDRSTRLEN];
5626
5627 flog_err(
5628 EC_BGP_EVPN_ROUTE_CREATE,
5629 "%u:Failed to create Type-2 route, VNI %u %s MAC %s IP %s (flags: 0x%x)",
5630 bgp->vrf_id, vpn->vni,
5631 CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY)
5632 ? "sticky gateway"
5633 : "",
5634 prefix_mac2str(mac, buf, sizeof(buf)),
5635 ipaddr2str(ip, buf2, sizeof(buf2)), flags);
5636 return -1;
5637 }
5638
5639 return 0;
5640 }
5641
5642 static void link_l2vni_hash_to_l3vni(struct hash_bucket *bucket,
5643 struct bgp *bgp_vrf)
5644 {
5645 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
5646 struct bgp *bgp_evpn = NULL;
5647
5648 bgp_evpn = bgp_get_evpn();
5649 assert(bgp_evpn);
5650
5651 if (vpn->tenant_vrf_id == bgp_vrf->vrf_id)
5652 bgpevpn_link_to_l3vni(vpn);
5653 }
5654
5655 int bgp_evpn_local_l3vni_add(vni_t l3vni, vrf_id_t vrf_id,
5656 struct ethaddr *svi_rmac,
5657 struct ethaddr *vrr_rmac,
5658 struct in_addr originator_ip, int filter,
5659 ifindex_t svi_ifindex,
5660 bool is_anycast_mac)
5661 {
5662 struct bgp *bgp_vrf = NULL; /* bgp VRF instance */
5663 struct bgp *bgp_evpn = NULL; /* EVPN bgp instance */
5664 struct listnode *node = NULL;
5665 struct bgpevpn *vpn = NULL;
5666 as_t as = 0;
5667
5668 /* get the EVPN instance - required to get the AS number for VRF
5669 * auto-creatio
5670 */
5671 bgp_evpn = bgp_get_evpn();
5672 if (!bgp_evpn) {
5673 flog_err(
5674 EC_BGP_NO_DFLT,
5675 "Cannot process L3VNI %u ADD - EVPN BGP instance not yet created",
5676 l3vni);
5677 return -1;
5678 }
5679 as = bgp_evpn->as;
5680
5681 /* if the BGP vrf instance doesn't exist - create one */
5682 bgp_vrf = bgp_lookup_by_vrf_id(vrf_id);
5683 if (!bgp_vrf) {
5684
5685 int ret = 0;
5686
5687 ret = bgp_get(&bgp_vrf, &as, vrf_id_to_name(vrf_id),
5688 vrf_id == VRF_DEFAULT ? BGP_INSTANCE_TYPE_DEFAULT
5689 : BGP_INSTANCE_TYPE_VRF);
5690 switch (ret) {
5691 case BGP_ERR_AS_MISMATCH:
5692 flog_err(EC_BGP_EVPN_AS_MISMATCH,
5693 "BGP is already running; AS is %u\n", as);
5694 return -1;
5695 case BGP_ERR_INSTANCE_MISMATCH:
5696 flog_err(EC_BGP_EVPN_INSTANCE_MISMATCH,
5697 "BGP instance name and AS number mismatch\n");
5698 return -1;
5699 }
5700
5701 /* mark as auto created */
5702 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO);
5703 }
5704
5705 /* associate the vrf with l3vni and related parameters */
5706 bgp_vrf->l3vni = l3vni;
5707 bgp_vrf->originator_ip = originator_ip;
5708 bgp_vrf->l3vni_svi_ifindex = svi_ifindex;
5709 bgp_vrf->evpn_info->is_anycast_mac = is_anycast_mac;
5710
5711 /* copy anycast MAC from VRR MAC */
5712 memcpy(&bgp_vrf->rmac, vrr_rmac, ETH_ALEN);
5713 /* copy sys RMAC from SVI MAC */
5714 memcpy(&bgp_vrf->evpn_info->pip_rmac_zebra, svi_rmac, ETH_ALEN);
5715 /* PIP user configured mac is not present use svi mac as sys mac */
5716 if (is_zero_mac(&bgp_vrf->evpn_info->pip_rmac_static))
5717 memcpy(&bgp_vrf->evpn_info->pip_rmac, svi_rmac, ETH_ALEN);
5718
5719 if (bgp_debug_zebra(NULL)) {
5720 char buf[ETHER_ADDR_STRLEN];
5721 char buf1[ETHER_ADDR_STRLEN];
5722 char buf2[ETHER_ADDR_STRLEN];
5723
5724 zlog_debug("VRF %s vni %u pip %s RMAC %s sys RMAC %s static RMAC %s is_anycast_mac %s",
5725 vrf_id_to_name(bgp_vrf->vrf_id),
5726 bgp_vrf->l3vni,
5727 bgp_vrf->evpn_info->advertise_pip ? "enable"
5728 : "disable",
5729 prefix_mac2str(&bgp_vrf->rmac, buf, sizeof(buf)),
5730 prefix_mac2str(&bgp_vrf->evpn_info->pip_rmac,
5731 buf1, sizeof(buf1)),
5732 prefix_mac2str(&bgp_vrf->evpn_info->pip_rmac_static,
5733 buf2, sizeof(buf2)),
5734 is_anycast_mac ? "Enable" : "Disable");
5735 }
5736 /* set the right filter - are we using l3vni only for prefix routes? */
5737 if (filter)
5738 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5739
5740 /* Map auto derive or configured RTs */
5741 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5742 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
5743 else
5744 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
5745
5746 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD))
5747 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
5748
5749 /* auto derive RD */
5750 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
5751
5752 /* link all corresponding l2vnis */
5753 hash_iterate(bgp_evpn->vnihash,
5754 (void (*)(struct hash_bucket *,
5755 void *))link_l2vni_hash_to_l3vni,
5756 bgp_vrf);
5757
5758 /* Only update all corresponding type-2 routes if we are advertising two
5759 * labels along with type-2 routes
5760 */
5761 if (!filter)
5762 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
5763 update_routes_for_vni(bgp_evpn, vpn);
5764
5765 /* advertise type-5 routes if needed */
5766 update_advertise_vrf_routes(bgp_vrf);
5767
5768 /* install all remote routes belonging to this l3vni into correspondng
5769 * vrf */
5770 install_routes_for_vrf(bgp_vrf);
5771
5772 return 0;
5773 }
5774
5775 int bgp_evpn_local_l3vni_del(vni_t l3vni, vrf_id_t vrf_id)
5776 {
5777 struct bgp *bgp_vrf = NULL; /* bgp vrf instance */
5778 struct bgp *bgp_evpn = NULL; /* EVPN bgp instance */
5779 struct listnode *node = NULL;
5780 struct listnode *next = NULL;
5781 struct bgpevpn *vpn = NULL;
5782
5783 bgp_vrf = bgp_lookup_by_vrf_id(vrf_id);
5784 if (!bgp_vrf) {
5785 flog_err(
5786 EC_BGP_NO_DFLT,
5787 "Cannot process L3VNI %u Del - Could not find BGP instance",
5788 l3vni);
5789 return -1;
5790 }
5791
5792 bgp_evpn = bgp_get_evpn();
5793 if (!bgp_evpn) {
5794 flog_err(
5795 EC_BGP_NO_DFLT,
5796 "Cannot process L3VNI %u Del - Could not find EVPN BGP instance",
5797 l3vni);
5798 return -1;
5799 }
5800
5801 /* Remove remote routes from BGT VRF even if BGP_VRF_AUTO is configured,
5802 * bgp_delete would not remove/decrement bgp_path_info of the ip_prefix
5803 * routes. This will uninstalling the routes from zebra and decremnt the
5804 * bgp info count.
5805 */
5806 uninstall_routes_for_vrf(bgp_vrf);
5807
5808 /* delete/withdraw all type-5 routes */
5809 delete_withdraw_vrf_routes(bgp_vrf);
5810
5811 /* remove the l3vni from vrf instance */
5812 bgp_vrf->l3vni = 0;
5813
5814 /* remove the Rmac from the BGP vrf */
5815 memset(&bgp_vrf->rmac, 0, sizeof(struct ethaddr));
5816 memset(&bgp_vrf->evpn_info->pip_rmac_zebra, 0, ETH_ALEN);
5817 if (is_zero_mac(&bgp_vrf->evpn_info->pip_rmac_static) &&
5818 !is_zero_mac(&bgp_vrf->evpn_info->pip_rmac))
5819 memset(&bgp_vrf->evpn_info->pip_rmac, 0, ETH_ALEN);
5820
5821 /* remove default import RT or Unmap non-default import RT */
5822 if (!list_isempty(bgp_vrf->vrf_import_rtl)) {
5823 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
5824 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5825 list_delete_all_node(bgp_vrf->vrf_import_rtl);
5826 }
5827
5828 /* remove default export RT */
5829 if (!list_isempty(bgp_vrf->vrf_export_rtl) &&
5830 !CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD)) {
5831 list_delete_all_node(bgp_vrf->vrf_export_rtl);
5832 }
5833
5834 /* update all corresponding local mac-ip routes */
5835 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY)) {
5836 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn)) {
5837 UNSET_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS);
5838 update_routes_for_vni(bgp_evpn, vpn);
5839 }
5840 }
5841
5842 /* If any L2VNIs point to this instance, unlink them. */
5843 for (ALL_LIST_ELEMENTS(bgp_vrf->l2vnis, node, next, vpn))
5844 bgpevpn_unlink_from_l3vni(vpn);
5845
5846 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5847
5848 /* Delete the instance if it was autocreated */
5849 if (CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO))
5850 bgp_delete(bgp_vrf);
5851
5852 return 0;
5853 }
5854
5855 /*
5856 * Handle del of a local VNI.
5857 */
5858 int bgp_evpn_local_vni_del(struct bgp *bgp, vni_t vni)
5859 {
5860 struct bgpevpn *vpn;
5861
5862 /* Locate VNI hash */
5863 vpn = bgp_evpn_lookup_vni(bgp, vni);
5864 if (!vpn) {
5865 if (bgp_debug_zebra(NULL))
5866 flog_warn(
5867 EC_BGP_EVPN_VPN_VNI,
5868 "%u: VNI hash entry for VNI %u not found at DEL",
5869 bgp->vrf_id, vni);
5870 return 0;
5871 }
5872
5873 /* Remove all local EVPN routes and schedule for processing (to
5874 * withdraw from peers).
5875 */
5876 delete_routes_for_vni(bgp, vpn);
5877
5878 /*
5879 * tunnel is no longer active, del tunnel ip address from tip_hash
5880 */
5881 bgp_tip_del(bgp, &vpn->originator_ip);
5882
5883 /* Clear "live" flag and see if hash needs to be freed. */
5884 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
5885 if (!is_vni_configured(vpn))
5886 bgp_evpn_free(bgp, vpn);
5887
5888 return 0;
5889 }
5890
5891 /*
5892 * Handle add (or update) of a local VNI. The VNI changes we care
5893 * about are for the local-tunnel-ip and the (tenant) VRF.
5894 */
5895 int bgp_evpn_local_vni_add(struct bgp *bgp, vni_t vni,
5896 struct in_addr originator_ip,
5897 vrf_id_t tenant_vrf_id,
5898 struct in_addr mcast_grp)
5899
5900 {
5901 struct bgpevpn *vpn;
5902 struct prefix_evpn p;
5903
5904 /* Lookup VNI. If present and no change, exit. */
5905 vpn = bgp_evpn_lookup_vni(bgp, vni);
5906 if (vpn) {
5907
5908 if (is_vni_live(vpn)
5909 && IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip)
5910 && IPV4_ADDR_SAME(&vpn->mcast_grp, &mcast_grp)
5911 && vpn->tenant_vrf_id == tenant_vrf_id)
5912 /* Probably some other param has changed that we don't
5913 * care about. */
5914 return 0;
5915
5916 bgp_evpn_mcast_grp_change(bgp, vpn, mcast_grp);
5917
5918 /* Update tenant_vrf_id if it has changed. */
5919 if (vpn->tenant_vrf_id != tenant_vrf_id) {
5920 bgpevpn_unlink_from_l3vni(vpn);
5921 vpn->tenant_vrf_id = tenant_vrf_id;
5922 bgpevpn_link_to_l3vni(vpn);
5923 }
5924
5925 /* If tunnel endpoint IP has changed, update (and delete prior
5926 * type-3 route, if needed.)
5927 */
5928 if (!IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip))
5929 handle_tunnel_ip_change(bgp, vpn, originator_ip);
5930
5931 /* Update all routes with new endpoint IP and/or export RT
5932 * for VRFs
5933 */
5934 if (is_vni_live(vpn))
5935 update_routes_for_vni(bgp, vpn);
5936 }
5937
5938 /* Create or update as appropriate. */
5939 if (!vpn) {
5940 vpn = bgp_evpn_new(bgp, vni, originator_ip, tenant_vrf_id,
5941 mcast_grp);
5942 if (!vpn) {
5943 flog_err(
5944 EC_BGP_VNI,
5945 "%u: Failed to allocate VNI entry for VNI %u - at Add",
5946 bgp->vrf_id, vni);
5947 return -1;
5948 }
5949 }
5950
5951 /* if the VNI is live already, there is nothing more to do */
5952 if (is_vni_live(vpn))
5953 return 0;
5954
5955 /* Mark as "live" */
5956 SET_FLAG(vpn->flags, VNI_FLAG_LIVE);
5957
5958 /* tunnel is now active, add tunnel-ip to db */
5959 bgp_tip_add(bgp, &originator_ip);
5960
5961 /* filter routes as nexthop database has changed */
5962 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
5963
5964 /*
5965 * Create EVPN type-3 route and schedule for processing.
5966 *
5967 * RT-3 only if doing head-end replication
5968 */
5969 if (bgp_evpn_vni_flood_mode_get(bgp, vpn)
5970 == VXLAN_FLOOD_HEAD_END_REPL) {
5971 build_evpn_type3_prefix(&p, vpn->originator_ip);
5972 if (update_evpn_route(bgp, vpn, &p, 0, 0)) {
5973 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
5974 "%u: Type3 route creation failure for VNI %u",
5975 bgp->vrf_id, vni);
5976 return -1;
5977 }
5978 }
5979
5980 /* If we have learnt and retained remote routes (VTEPs, MACs) for this
5981 * VNI,
5982 * install them.
5983 */
5984 install_routes_for_vni(bgp, vpn);
5985
5986 /* If we are advertising gateway mac-ip
5987 It needs to be conveyed again to zebra */
5988 bgp_zebra_advertise_gw_macip(bgp, vpn->advertise_gw_macip, vpn->vni);
5989
5990 /* advertise svi mac-ip knob to zebra */
5991 bgp_zebra_advertise_svi_macip(bgp, vpn->advertise_svi_macip, vpn->vni);
5992
5993 return 0;
5994 }
5995
5996 /*
5997 * bgp_evpn_local_es_del
5998 */
5999 int bgp_evpn_local_es_del(struct bgp *bgp,
6000 esi_t *esi,
6001 struct ipaddr *originator_ip)
6002 {
6003 char buf[ESI_STR_LEN];
6004 struct evpnes *es = NULL;
6005
6006 if (!bgp->esihash) {
6007 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
6008 bgp->vrf_id);
6009 return -1;
6010 }
6011
6012 /* Lookup ESI hash - should exist. */
6013 es = bgp_evpn_lookup_es(bgp, esi);
6014 if (!es) {
6015 flog_warn(EC_BGP_EVPN_ESI,
6016 "%u: ESI hash entry for ESI %s at Local ES DEL",
6017 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
6018 return -1;
6019 }
6020
6021 /* Delete all local EVPN ES routes from ESI table
6022 * and schedule for processing (to withdraw from peers))
6023 */
6024 delete_routes_for_es(bgp, es);
6025
6026 /* free the hash entry */
6027 bgp_evpn_es_free(bgp, es);
6028
6029 return 0;
6030 }
6031
6032 /*
6033 * bgp_evpn_local_es_add
6034 */
6035 int bgp_evpn_local_es_add(struct bgp *bgp,
6036 esi_t *esi,
6037 struct ipaddr *originator_ip)
6038 {
6039 char buf[ESI_STR_LEN];
6040 struct evpnes *es = NULL;
6041 struct prefix_evpn p;
6042
6043 if (!bgp->esihash) {
6044 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
6045 bgp->vrf_id);
6046 return -1;
6047 }
6048
6049 /* create the new es */
6050 es = bgp_evpn_lookup_es(bgp, esi);
6051 if (!es) {
6052 es = bgp_evpn_es_new(bgp, esi, originator_ip);
6053 if (!es) {
6054 flog_err(
6055 EC_BGP_ES_CREATE,
6056 "%u: Failed to allocate ES entry for ESI %s - at Local ES Add",
6057 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
6058 return -1;
6059 }
6060 }
6061 UNSET_FLAG(es->flags, EVPNES_REMOTE);
6062 SET_FLAG(es->flags, EVPNES_LOCAL);
6063
6064 build_evpn_type4_prefix(&p, esi, originator_ip->ipaddr_v4);
6065 if (update_evpn_type4_route(bgp, es, &p)) {
6066 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
6067 "%u: Type4 route creation failure for ESI %s",
6068 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
6069 return -1;
6070 }
6071
6072 /* import all remote ES routes in th ES table */
6073 install_routes_for_es(bgp, es);
6074
6075 return 0;
6076 }
6077
6078 /*
6079 * Handle change in setting for BUM handling. The supported values
6080 * are head-end replication and dropping all BUM packets. Any change
6081 * should be registered with zebra. Also, if doing head-end replication,
6082 * need to advertise local VNIs as EVPN RT-3 wheras, if BUM packets are
6083 * to be dropped, the RT-3s must be withdrawn.
6084 */
6085 void bgp_evpn_flood_control_change(struct bgp *bgp)
6086 {
6087 zlog_info("L2VPN EVPN BUM handling is %s",
6088 bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL ?
6089 "Flooding" : "Flooding Disabled");
6090
6091 bgp_zebra_vxlan_flood_control(bgp, bgp->vxlan_flood_ctrl);
6092 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL)
6093 hash_iterate(bgp->vnihash, create_advertise_type3, bgp);
6094 else if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_DISABLED)
6095 hash_iterate(bgp->vnihash, delete_withdraw_type3, bgp);
6096 }
6097
6098 /*
6099 * Cleanup EVPN information on disable - Need to delete and withdraw
6100 * EVPN routes from peers.
6101 */
6102 void bgp_evpn_cleanup_on_disable(struct bgp *bgp)
6103 {
6104 hash_iterate(bgp->vnihash, (void (*)(struct hash_bucket *,
6105 void *))cleanup_vni_on_disable,
6106 bgp);
6107 }
6108
6109 /*
6110 * Cleanup EVPN information - invoked at the time of bgpd exit or when the
6111 * BGP instance (default) is being freed.
6112 */
6113 void bgp_evpn_cleanup(struct bgp *bgp)
6114 {
6115 hash_iterate(bgp->vnihash,
6116 (void (*)(struct hash_bucket *, void *))free_vni_entry,
6117 bgp);
6118
6119 hash_free(bgp->import_rt_hash);
6120 bgp->import_rt_hash = NULL;
6121
6122 hash_free(bgp->vrf_import_rt_hash);
6123 bgp->vrf_import_rt_hash = NULL;
6124
6125 hash_free(bgp->vnihash);
6126 bgp->vnihash = NULL;
6127 if (bgp->esihash)
6128 hash_free(bgp->esihash);
6129 bgp->esihash = NULL;
6130
6131 list_delete(&bgp->vrf_import_rtl);
6132 list_delete(&bgp->vrf_export_rtl);
6133 list_delete(&bgp->l2vnis);
6134 }
6135
6136 /*
6137 * Initialization for EVPN
6138 * Create
6139 * VNI hash table
6140 * hash for RT to VNI
6141 */
6142 void bgp_evpn_init(struct bgp *bgp)
6143 {
6144 bgp->vnihash =
6145 hash_create(vni_hash_key_make, vni_hash_cmp, "BGP VNI Hash");
6146 bgp->esihash =
6147 hash_create(esi_hash_keymake, esi_cmp,
6148 "BGP EVPN Local ESI Hash");
6149 bgp->import_rt_hash =
6150 hash_create(import_rt_hash_key_make, import_rt_hash_cmp,
6151 "BGP Import RT Hash");
6152 bgp->vrf_import_rt_hash =
6153 hash_create(vrf_import_rt_hash_key_make, vrf_import_rt_hash_cmp,
6154 "BGP VRF Import RT Hash");
6155 bgp->vrf_import_rtl = list_new();
6156 bgp->vrf_import_rtl->cmp =
6157 (int (*)(void *, void *))evpn_route_target_cmp;
6158 bgp->vrf_import_rtl->del = evpn_xxport_delete_ecomm;
6159 bgp->vrf_export_rtl = list_new();
6160 bgp->vrf_export_rtl->cmp =
6161 (int (*)(void *, void *))evpn_route_target_cmp;
6162 bgp->vrf_export_rtl->del = evpn_xxport_delete_ecomm;
6163 bgp->l2vnis = list_new();
6164 bgp->l2vnis->cmp = vni_list_cmp;
6165 /* By default Duplicate Address Dection is enabled.
6166 * Max-moves (N) 5, detection time (M) 180
6167 * default action is warning-only
6168 * freeze action permanently freezes address,
6169 * and freeze time (auto-recovery) is disabled.
6170 */
6171 if (bgp->evpn_info) {
6172 bgp->evpn_info->dup_addr_detect = true;
6173 bgp->evpn_info->dad_time = EVPN_DAD_DEFAULT_TIME;
6174 bgp->evpn_info->dad_max_moves = EVPN_DAD_DEFAULT_MAX_MOVES;
6175 bgp->evpn_info->dad_freeze = false;
6176 bgp->evpn_info->dad_freeze_time = 0;
6177 /* Initialize zebra vxlan */
6178 bgp_zebra_dup_addr_detection(bgp);
6179 /* Enable PIP feature by default for bgp vrf instance */
6180 if (bgp->inst_type == BGP_INSTANCE_TYPE_VRF) {
6181 struct bgp *bgp_default;
6182
6183 bgp->evpn_info->advertise_pip = true;
6184 bgp_default = bgp_get_default();
6185 if (bgp_default)
6186 bgp->evpn_info->pip_ip = bgp_default->router_id;
6187 }
6188 }
6189
6190 /* Default BUM handling is to do head-end replication. */
6191 bgp->vxlan_flood_ctrl = VXLAN_FLOOD_HEAD_END_REPL;
6192 }
6193
6194 void bgp_evpn_vrf_delete(struct bgp *bgp_vrf)
6195 {
6196 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
6197 }
6198
6199 /*
6200 * Get the prefixlen of the ip prefix carried within the type5 evpn route.
6201 */
6202 int bgp_evpn_get_type5_prefixlen(struct prefix *pfx)
6203 {
6204 struct prefix_evpn *evp = (struct prefix_evpn *)pfx;
6205
6206 if (!pfx || pfx->family != AF_EVPN)
6207 return 0;
6208
6209 if (evp->prefix.route_type != BGP_EVPN_IP_PREFIX_ROUTE)
6210 return 0;
6211
6212 return evp->prefix.prefix_addr.ip_prefix_length;
6213 }
6214
6215 /*
6216 * Should we register nexthop for this EVPN prefix for nexthop tracking?
6217 */
6218 bool bgp_evpn_is_prefix_nht_supported(struct prefix *pfx)
6219 {
6220 struct prefix_evpn *evp = (struct prefix_evpn *)pfx;
6221
6222 /*
6223 * EVPN RT-5 should not be marked as valid and imported to vrfs if the
6224 * BGP nexthop is not reachable. To check for the nexthop reachability,
6225 * Add nexthop for EVPN RT-5 for nexthop tracking.
6226 *
6227 * Ideally, a BGP route should be marked as valid only if the
6228 * nexthop is reachable. Thus, other EVPN route types also should be
6229 * added here after testing is performed for them.
6230 */
6231 if (pfx && pfx->family == AF_EVPN &&
6232 evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE)
6233 return true;
6234
6235 return false;
6236 }
FRRouting mirror