]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_evpn.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #3438 from opensourcerouting/bgp-rfapi-default-value
[mirror_frr.git] / bgpd / bgp_evpn.c
1 /* Ethernet-VPN Packet and vty Processing File
2 * Copyright (C) 2016 6WIND
3 * Copyright (C) 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRRouting is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRRouting is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "command.h"
25 #include "filter.h"
26 #include "prefix.h"
27 #include "log.h"
28 #include "memory.h"
29 #include "stream.h"
30 #include "hash.h"
31 #include "jhash.h"
32 #include "zclient.h"
33
34 #include "bgpd/bgp_attr_evpn.h"
35 #include "bgpd/bgpd.h"
36 #include "bgpd/bgp_table.h"
37 #include "bgpd/bgp_route.h"
38 #include "bgpd/bgp_attr.h"
39 #include "bgpd/bgp_mplsvpn.h"
40 #include "bgpd/bgp_label.h"
41 #include "bgpd/bgp_evpn.h"
42 #include "bgpd/bgp_evpn_private.h"
43 #include "bgpd/bgp_ecommunity.h"
44 #include "bgpd/bgp_encap_types.h"
45 #include "bgpd/bgp_debug.h"
46 #include "bgpd/bgp_errors.h"
47 #include "bgpd/bgp_aspath.h"
48 #include "bgpd/bgp_zebra.h"
49 #include "bgpd/bgp_nexthop.h"
50 #include "bgpd/bgp_addpath.h"
51
52 /*
53 * Definitions and external declarations.
54 */
55 extern struct zclient *zclient;
56
57 DEFINE_QOBJ_TYPE(bgpevpn)
58 DEFINE_QOBJ_TYPE(evpnes)
59
60
61 /*
62 * Static function declarations
63 */
64 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
65 struct bgp_node *rn,
66 struct bgp_path_info **pi);
67 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn);
68
69 /*
70 * Private functions.
71 */
72
73 /* compare two IPV4 VTEP IPs */
74 static int evpn_vtep_ip_cmp(void *p1, void *p2)
75 {
76 const struct in_addr *ip1 = p1;
77 const struct in_addr *ip2 = p2;
78
79 return ip1->s_addr - ip2->s_addr;
80 }
81
82 /*
83 * Make hash key for ESI.
84 */
85 static unsigned int esi_hash_keymake(void *p)
86 {
87 struct evpnes *pes = p;
88 const void *pnt = (void *)pes->esi.val;
89
90 return jhash(pnt, ESI_BYTES, 0xa5a5a55a);
91 }
92
93 /*
94 * Compare two ESIs.
95 */
96 static bool esi_cmp(const void *p1, const void *p2)
97 {
98 const struct evpnes *pes1 = p1;
99 const struct evpnes *pes2 = p2;
100
101 if (pes1 == NULL && pes2 == NULL)
102 return true;
103
104 if (pes1 == NULL || pes2 == NULL)
105 return false;
106
107 return (memcmp(pes1->esi.val, pes2->esi.val, ESI_BYTES) == 0);
108 }
109
110 /*
111 * Make vni hash key.
112 */
113 static unsigned int vni_hash_key_make(void *p)
114 {
115 struct bgpevpn *vpn = p;
116 return (jhash_1word(vpn->vni, 0));
117 }
118
119 /*
120 * Comparison function for vni hash
121 */
122 static bool vni_hash_cmp(const void *p1, const void *p2)
123 {
124 const struct bgpevpn *vpn1 = p1;
125 const struct bgpevpn *vpn2 = p2;
126
127 if (!vpn1 && !vpn2)
128 return true;
129 if (!vpn1 || !vpn2)
130 return false;
131 return (vpn1->vni == vpn2->vni);
132 }
133
134 static int vni_list_cmp(void *p1, void *p2)
135 {
136 const struct bgpevpn *vpn1 = p1;
137 const struct bgpevpn *vpn2 = p2;
138
139 return vpn1->vni - vpn2->vni;
140 }
141
142 /*
143 * Make vrf import route target hash key.
144 */
145 static unsigned int vrf_import_rt_hash_key_make(void *p)
146 {
147 struct vrf_irt_node *irt = p;
148 char *pnt = irt->rt.val;
149
150 return jhash(pnt, 8, 0x5abc1234);
151 }
152
153 /*
154 * Comparison function for vrf import rt hash
155 */
156 static bool vrf_import_rt_hash_cmp(const void *p1, const void *p2)
157 {
158 const struct vrf_irt_node *irt1 = p1;
159 const struct vrf_irt_node *irt2 = p2;
160
161 if (irt1 == NULL && irt2 == NULL)
162 return true;
163
164 if (irt1 == NULL || irt2 == NULL)
165 return false;
166
167 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
168 }
169
170 /*
171 * Create a new vrf import_rt in default instance
172 */
173 static struct vrf_irt_node *vrf_import_rt_new(struct ecommunity_val *rt)
174 {
175 struct bgp *bgp_def = NULL;
176 struct vrf_irt_node *irt;
177
178 bgp_def = bgp_get_default();
179 if (!bgp_def) {
180 flog_err(EC_BGP_NO_DFLT,
181 "vrf import rt new - def instance not created yet");
182 return NULL;
183 }
184
185 irt = XCALLOC(MTYPE_BGP_EVPN_VRF_IMPORT_RT,
186 sizeof(struct vrf_irt_node));
187 if (!irt)
188 return NULL;
189
190 irt->rt = *rt;
191 irt->vrfs = list_new();
192
193 /* Add to hash */
194 if (!hash_get(bgp_def->vrf_import_rt_hash, irt, hash_alloc_intern)) {
195 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
196 return NULL;
197 }
198
199 return irt;
200 }
201
202 /*
203 * Free the vrf import rt node
204 */
205 static void vrf_import_rt_free(struct vrf_irt_node *irt)
206 {
207 struct bgp *bgp_def = NULL;
208
209 bgp_def = bgp_get_default();
210 if (!bgp_def) {
211 flog_err(EC_BGP_NO_DFLT,
212 "vrf import rt free - def instance not created yet");
213 return;
214 }
215
216 hash_release(bgp_def->vrf_import_rt_hash, irt);
217 list_delete(&irt->vrfs);
218 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
219 }
220
221 /*
222 * Function to lookup Import RT node - used to map a RT to set of
223 * VNIs importing routes with that RT.
224 */
225 static struct vrf_irt_node *lookup_vrf_import_rt(struct ecommunity_val *rt)
226 {
227 struct bgp *bgp_def = NULL;
228 struct vrf_irt_node *irt;
229 struct vrf_irt_node tmp;
230
231 bgp_def = bgp_get_default();
232 if (!bgp_def) {
233 flog_err(EC_BGP_NO_DFLT,
234 "vrf import rt lookup - def instance not created yet");
235 return NULL;
236 }
237
238 memset(&tmp, 0, sizeof(struct vrf_irt_node));
239 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
240 irt = hash_lookup(bgp_def->vrf_import_rt_hash, &tmp);
241 return irt;
242 }
243
244 /*
245 * Is specified VRF present on the RT's list of "importing" VRFs?
246 */
247 static int is_vrf_present_in_irt_vrfs(struct list *vrfs, struct bgp *bgp_vrf)
248 {
249 struct listnode *node = NULL, *nnode = NULL;
250 struct bgp *tmp_bgp_vrf = NULL;
251
252 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, tmp_bgp_vrf)) {
253 if (tmp_bgp_vrf == bgp_vrf)
254 return 1;
255 }
256 return 0;
257 }
258
259 /*
260 * Make import route target hash key.
261 */
262 static unsigned int import_rt_hash_key_make(void *p)
263 {
264 struct irt_node *irt = p;
265 char *pnt = irt->rt.val;
266
267 return jhash(pnt, 8, 0xdeadbeef);
268 }
269
270 /*
271 * Comparison function for import rt hash
272 */
273 static bool import_rt_hash_cmp(const void *p1, const void *p2)
274 {
275 const struct irt_node *irt1 = p1;
276 const struct irt_node *irt2 = p2;
277
278 if (irt1 == NULL && irt2 == NULL)
279 return true;
280
281 if (irt1 == NULL || irt2 == NULL)
282 return false;
283
284 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
285 }
286
287 /*
288 * Create a new import_rt
289 */
290 static struct irt_node *import_rt_new(struct bgp *bgp,
291 struct ecommunity_val *rt)
292 {
293 struct irt_node *irt;
294
295 if (!bgp)
296 return NULL;
297
298 irt = XCALLOC(MTYPE_BGP_EVPN_IMPORT_RT, sizeof(struct irt_node));
299 if (!irt)
300 return NULL;
301
302 irt->rt = *rt;
303 irt->vnis = list_new();
304
305 /* Add to hash */
306 if (!hash_get(bgp->import_rt_hash, irt, hash_alloc_intern)) {
307 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
308 return NULL;
309 }
310
311 return irt;
312 }
313
314 /*
315 * Free the import rt node
316 */
317 static void import_rt_free(struct bgp *bgp, struct irt_node *irt)
318 {
319 hash_release(bgp->import_rt_hash, irt);
320 list_delete(&irt->vnis);
321 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
322 }
323
324 /*
325 * Function to lookup Import RT node - used to map a RT to set of
326 * VNIs importing routes with that RT.
327 */
328 static struct irt_node *lookup_import_rt(struct bgp *bgp,
329 struct ecommunity_val *rt)
330 {
331 struct irt_node *irt;
332 struct irt_node tmp;
333
334 memset(&tmp, 0, sizeof(struct irt_node));
335 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
336 irt = hash_lookup(bgp->import_rt_hash, &tmp);
337 return irt;
338 }
339
340 /*
341 * Is specified VNI present on the RT's list of "importing" VNIs?
342 */
343 static int is_vni_present_in_irt_vnis(struct list *vnis, struct bgpevpn *vpn)
344 {
345 struct listnode *node, *nnode;
346 struct bgpevpn *tmp_vpn;
347
348 for (ALL_LIST_ELEMENTS(vnis, node, nnode, tmp_vpn)) {
349 if (tmp_vpn == vpn)
350 return 1;
351 }
352
353 return 0;
354 }
355
356 /*
357 * Compare Route Targets.
358 */
359 static int evpn_route_target_cmp(struct ecommunity *ecom1,
360 struct ecommunity *ecom2)
361 {
362 if (ecom1 && !ecom2)
363 return -1;
364
365 if (!ecom1 && ecom2)
366 return 1;
367
368 if (!ecom1 && !ecom2)
369 return 0;
370
371 if (ecom1->str && !ecom2->str)
372 return -1;
373
374 if (!ecom1->str && ecom2->str)
375 return 1;
376
377 if (!ecom1->str && !ecom2->str)
378 return 0;
379
380 return strcmp(ecom1->str, ecom2->str);
381 }
382
383 static void evpn_xxport_delete_ecomm(void *val)
384 {
385 struct ecommunity *ecomm = val;
386 ecommunity_free(&ecomm);
387 }
388
389 /*
390 * Mask off global-admin field of specified extended community (RT),
391 * just retain the local-admin field.
392 */
393 static inline void mask_ecom_global_admin(struct ecommunity_val *dst,
394 struct ecommunity_val *src)
395 {
396 uint8_t type;
397
398 type = src->val[0];
399 dst->val[0] = 0;
400 if (type == ECOMMUNITY_ENCODE_AS) {
401 dst->val[2] = dst->val[3] = 0;
402 } else if (type == ECOMMUNITY_ENCODE_AS4
403 || type == ECOMMUNITY_ENCODE_IP) {
404 dst->val[2] = dst->val[3] = 0;
405 dst->val[4] = dst->val[5] = 0;
406 }
407 }
408
409 /*
410 * Map one RT to specified VRF.
411 * bgp_vrf = BGP vrf instance
412 */
413 static void map_vrf_to_rt(struct bgp *bgp_vrf, struct ecommunity_val *eval)
414 {
415 struct vrf_irt_node *irt = NULL;
416 struct ecommunity_val eval_tmp;
417
418 /* If using "automatic" RT,
419 * we only care about the local-admin sub-field.
420 * This is to facilitate using L3VNI(VRF-VNI)
421 * as the RT for EBGP peering too.
422 */
423 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
424 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
425 mask_ecom_global_admin(&eval_tmp, eval);
426
427 irt = lookup_vrf_import_rt(&eval_tmp);
428 if (irt && is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
429 /* Already mapped. */
430 return;
431
432 if (!irt)
433 irt = vrf_import_rt_new(&eval_tmp);
434
435 /* Add VRF to the list for this RT. */
436 listnode_add(irt->vrfs, bgp_vrf);
437 }
438
439 /*
440 * Unmap specified VRF from specified RT. If there are no other
441 * VRFs for this RT, then the RT hash is deleted.
442 * bgp_vrf: BGP VRF specific instance
443 */
444 static void unmap_vrf_from_rt(struct bgp *bgp_vrf, struct vrf_irt_node *irt)
445 {
446 /* Delete VRF from list for this RT. */
447 listnode_delete(irt->vrfs, bgp_vrf);
448 if (!listnode_head(irt->vrfs)) {
449 vrf_import_rt_free(irt);
450 }
451 }
452
453 /*
454 * Map one RT to specified VNI.
455 */
456 static void map_vni_to_rt(struct bgp *bgp, struct bgpevpn *vpn,
457 struct ecommunity_val *eval)
458 {
459 struct irt_node *irt;
460 struct ecommunity_val eval_tmp;
461
462 /* If using "automatic" RT, we only care about the local-admin
463 * sub-field.
464 * This is to facilitate using VNI as the RT for EBGP peering too.
465 */
466 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
467 if (!is_import_rt_configured(vpn))
468 mask_ecom_global_admin(&eval_tmp, eval);
469
470 irt = lookup_import_rt(bgp, &eval_tmp);
471 if (irt)
472 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
473 /* Already mapped. */
474 return;
475
476 if (!irt) {
477 irt = import_rt_new(bgp, &eval_tmp);
478 assert(irt);
479 }
480
481 /* Add VNI to the hash list for this RT. */
482 listnode_add(irt->vnis, vpn);
483 }
484
485 /*
486 * Unmap specified VNI from specified RT. If there are no other
487 * VNIs for this RT, then the RT hash is deleted.
488 */
489 static void unmap_vni_from_rt(struct bgp *bgp, struct bgpevpn *vpn,
490 struct irt_node *irt)
491 {
492 /* Delete VNI from hash list for this RT. */
493 listnode_delete(irt->vnis, vpn);
494 if (!listnode_head(irt->vnis)) {
495 import_rt_free(bgp, irt);
496 }
497 }
498
499 /*
500 * Create RT extended community automatically from passed information:
501 * of the form AS:VNI.
502 * NOTE: We use only the lower 16 bits of the AS. This is sufficient as
503 * the need is to get a RT value that will be unique across different
504 * VNIs but the same across routers (in the same AS) for a particular
505 * VNI.
506 */
507 static void form_auto_rt(struct bgp *bgp, vni_t vni, struct list *rtl)
508 {
509 struct ecommunity_val eval;
510 struct ecommunity *ecomadd;
511
512 if (bgp->advertise_autort_rfc8365)
513 vni |= EVPN_AUTORT_VXLAN;
514 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
515
516 ecomadd = ecommunity_new();
517 ecommunity_add_val(ecomadd, &eval);
518 listnode_add_sort(rtl, ecomadd);
519 }
520
521 /*
522 * Derive RD and RT for a VNI automatically. Invoked at the time of
523 * creation of a VNI.
524 */
525 static void derive_rd_rt_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
526 {
527 bgp_evpn_derive_auto_rd(bgp, vpn);
528 bgp_evpn_derive_auto_rt_import(bgp, vpn);
529 bgp_evpn_derive_auto_rt_export(bgp, vpn);
530 }
531
532 /*
533 * Convert nexthop (remote VTEP IP) into an IPv6 address.
534 */
535 static void evpn_convert_nexthop_to_ipv6(struct attr *attr)
536 {
537 if (BGP_ATTR_NEXTHOP_AFI_IP6(attr))
538 return;
539 ipv4_to_ipv4_mapped_ipv6(&attr->mp_nexthop_global, attr->nexthop);
540 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
541 }
542
543 /*
544 * Add (update) or delete MACIP from zebra.
545 */
546 static int bgp_zebra_send_remote_macip(struct bgp *bgp, struct bgpevpn *vpn,
547 struct prefix_evpn *p,
548 struct in_addr remote_vtep_ip, int add,
549 uint8_t flags, uint32_t seq)
550 {
551 struct stream *s;
552 int ipa_len;
553 char buf1[ETHER_ADDR_STRLEN];
554 char buf2[INET6_ADDRSTRLEN];
555 char buf3[INET6_ADDRSTRLEN];
556
557 /* Check socket. */
558 if (!zclient || zclient->sock < 0)
559 return 0;
560
561 /* Don't try to register if Zebra doesn't know of this instance. */
562 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
563 if (BGP_DEBUG(zebra, ZEBRA))
564 zlog_debug("%s: No zebra instance to talk to, not installing remote macip",
565 __PRETTY_FUNCTION__);
566 return 0;
567 }
568 s = zclient->obuf;
569 stream_reset(s);
570
571 zclient_create_header(
572 s, add ? ZEBRA_REMOTE_MACIP_ADD : ZEBRA_REMOTE_MACIP_DEL,
573 bgp->vrf_id);
574 stream_putl(s, vpn->vni);
575 stream_put(s, &p->prefix.macip_addr.mac.octet, ETH_ALEN); /* Mac Addr */
576 /* IP address length and IP address, if any. */
577 if (is_evpn_prefix_ipaddr_none(p))
578 stream_putl(s, 0);
579 else {
580 ipa_len = is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BYTELEN
581 : IPV6_MAX_BYTELEN;
582 stream_putl(s, ipa_len);
583 stream_put(s, &p->prefix.macip_addr.ip.ip.addr, ipa_len);
584 }
585 stream_put_in_addr(s, &remote_vtep_ip);
586
587 /* TX flags - MAC sticky status and/or gateway mac */
588 /* Also TX the sequence number of the best route. */
589 if (add) {
590 stream_putc(s, flags);
591 stream_putl(s, seq);
592 }
593
594 stream_putw_at(s, 0, stream_get_endp(s));
595
596 if (bgp_debug_zebra(NULL))
597 zlog_debug(
598 "Tx %s MACIP, VNI %u MAC %s IP %s flags 0x%x seq %u remote VTEP %s",
599 add ? "ADD" : "DEL", vpn->vni,
600 prefix_mac2str(&p->prefix.macip_addr.mac,
601 buf1, sizeof(buf1)),
602 ipaddr2str(&p->prefix.macip_addr.ip,
603 buf3, sizeof(buf3)), flags, seq,
604 inet_ntop(AF_INET, &remote_vtep_ip, buf2,
605 sizeof(buf2)));
606
607 return zclient_send_message(zclient);
608 }
609
610 /*
611 * Add (update) or delete remote VTEP from zebra.
612 */
613 static int bgp_zebra_send_remote_vtep(struct bgp *bgp, struct bgpevpn *vpn,
614 struct prefix_evpn *p, int add)
615 {
616 struct stream *s;
617
618 /* Check socket. */
619 if (!zclient || zclient->sock < 0)
620 return 0;
621
622 /* Don't try to register if Zebra doesn't know of this instance. */
623 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
624 if (BGP_DEBUG(zebra, ZEBRA))
625 zlog_debug("%s: No zebra instance to talk to, not installing remote vtep",
626 __PRETTY_FUNCTION__);
627 return 0;
628 }
629
630 s = zclient->obuf;
631 stream_reset(s);
632
633 zclient_create_header(
634 s, add ? ZEBRA_REMOTE_VTEP_ADD : ZEBRA_REMOTE_VTEP_DEL,
635 bgp->vrf_id);
636 stream_putl(s, vpn->vni);
637 if (is_evpn_prefix_ipaddr_v4(p))
638 stream_put_in_addr(s, &p->prefix.imet_addr.ip.ipaddr_v4);
639 else if (is_evpn_prefix_ipaddr_v6(p)) {
640 flog_err(
641 EC_BGP_VTEP_INVALID,
642 "Bad remote IP when trying to %s remote VTEP for VNI %u",
643 add ? "ADD" : "DEL", vpn->vni);
644 return -1;
645 }
646
647 stream_putw_at(s, 0, stream_get_endp(s));
648
649 if (bgp_debug_zebra(NULL))
650 zlog_debug("Tx %s Remote VTEP, VNI %u remote VTEP %s",
651 add ? "ADD" : "DEL", vpn->vni,
652 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
653
654 return zclient_send_message(zclient);
655 }
656
657 /*
658 * Build extended community for EVPN ES (type-4) route
659 */
660 static void build_evpn_type4_route_extcomm(struct evpnes *es,
661 struct attr *attr)
662 {
663 struct ecommunity ecom_encap;
664 struct ecommunity ecom_es_rt;
665 struct ecommunity_val eval;
666 struct ecommunity_val eval_es_rt;
667 bgp_encap_types tnl_type;
668 struct ethaddr mac;
669
670 /* Encap */
671 tnl_type = BGP_ENCAP_TYPE_VXLAN;
672 memset(&ecom_encap, 0, sizeof(ecom_encap));
673 encode_encap_extcomm(tnl_type, &eval);
674 ecom_encap.size = 1;
675 ecom_encap.val = (uint8_t *)eval.val;
676 attr->ecommunity = ecommunity_dup(&ecom_encap);
677
678 /* ES import RT */
679 memset(&mac, 0, sizeof(struct ethaddr));
680 memset(&ecom_es_rt, 0, sizeof(ecom_es_rt));
681 es_get_system_mac(&es->esi, &mac);
682 encode_es_rt_extcomm(&eval_es_rt, &mac);
683 ecom_es_rt.size = 1;
684 ecom_es_rt.val = (uint8_t *)eval_es_rt.val;
685 attr->ecommunity =
686 ecommunity_merge(attr->ecommunity, &ecom_es_rt);
687
688 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
689 }
690
691 /*
692 * Build extended communities for EVPN prefix route.
693 */
694 static void build_evpn_type5_route_extcomm(struct bgp *bgp_vrf,
695 struct attr *attr)
696 {
697 struct ecommunity ecom_encap;
698 struct ecommunity ecom_rmac;
699 struct ecommunity_val eval;
700 struct ecommunity_val eval_rmac;
701 bgp_encap_types tnl_type;
702 struct listnode *node, *nnode;
703 struct ecommunity *ecom;
704 struct list *vrf_export_rtl = NULL;
705
706 /* Encap */
707 tnl_type = BGP_ENCAP_TYPE_VXLAN;
708 memset(&ecom_encap, 0, sizeof(ecom_encap));
709 encode_encap_extcomm(tnl_type, &eval);
710 ecom_encap.size = 1;
711 ecom_encap.val = (uint8_t *)eval.val;
712
713 /* Add Encap */
714 attr->ecommunity = ecommunity_dup(&ecom_encap);
715
716 /* Add the export RTs for L3VNI/VRF */
717 vrf_export_rtl = bgp_vrf->vrf_export_rtl;
718 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode, ecom))
719 attr->ecommunity =
720 ecommunity_merge(attr->ecommunity, ecom);
721
722 /* add the router mac extended community */
723 if (!is_zero_mac(&attr->rmac)) {
724 memset(&ecom_rmac, 0, sizeof(ecom_rmac));
725 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
726 ecom_rmac.size = 1;
727 ecom_rmac.val = (uint8_t *)eval_rmac.val;
728 attr->ecommunity =
729 ecommunity_merge(attr->ecommunity, &ecom_rmac);
730 }
731
732 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
733 }
734
735 /*
736 * Build extended communities for EVPN route.
737 * This function is applicable for type-2 and type-3 routes. The layer-2 RT
738 * and ENCAP extended communities are applicable for all routes.
739 * The default gateway extended community and MAC mobility (sticky) extended
740 * community are added as needed based on passed settings - only for type-2
741 * routes. Likewise, the layer-3 RT and Router MAC extended communities are
742 * added, if present, based on passed settings - only for non-link-local
743 * type-2 routes.
744 */
745 static void build_evpn_route_extcomm(struct bgpevpn *vpn, struct attr *attr,
746 int add_l3_ecomm)
747 {
748 struct ecommunity ecom_encap;
749 struct ecommunity ecom_sticky;
750 struct ecommunity ecom_default_gw;
751 struct ecommunity ecom_rmac;
752 struct ecommunity ecom_na;
753 struct ecommunity_val eval;
754 struct ecommunity_val eval_sticky;
755 struct ecommunity_val eval_default_gw;
756 struct ecommunity_val eval_rmac;
757 struct ecommunity_val eval_na;
758
759 bgp_encap_types tnl_type;
760 struct listnode *node, *nnode;
761 struct ecommunity *ecom;
762 uint32_t seqnum;
763 struct list *vrf_export_rtl = NULL;
764
765 /* Encap */
766 tnl_type = BGP_ENCAP_TYPE_VXLAN;
767 memset(&ecom_encap, 0, sizeof(ecom_encap));
768 encode_encap_extcomm(tnl_type, &eval);
769 ecom_encap.size = 1;
770 ecom_encap.val = (uint8_t *)eval.val;
771
772 /* Add Encap */
773 attr->ecommunity = ecommunity_dup(&ecom_encap);
774
775 /* Add the export RTs for L2VNI */
776 for (ALL_LIST_ELEMENTS(vpn->export_rtl, node, nnode, ecom))
777 attr->ecommunity = ecommunity_merge(attr->ecommunity, ecom);
778
779 /* Add the export RTs for L3VNI if told to - caller determines
780 * when this should be done.
781 */
782 if (add_l3_ecomm) {
783 vrf_export_rtl = bgpevpn_get_vrf_export_rtl(vpn);
784 if (vrf_export_rtl && !list_isempty(vrf_export_rtl)) {
785 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode,
786 ecom))
787 attr->ecommunity = ecommunity_merge(
788 attr->ecommunity, ecom);
789 }
790 }
791
792 /* Add MAC mobility (sticky) if needed. */
793 if (attr->sticky) {
794 seqnum = 0;
795 memset(&ecom_sticky, 0, sizeof(ecom_sticky));
796 encode_mac_mobility_extcomm(1, seqnum, &eval_sticky);
797 ecom_sticky.size = 1;
798 ecom_sticky.val = (uint8_t *)eval_sticky.val;
799 attr->ecommunity =
800 ecommunity_merge(attr->ecommunity, &ecom_sticky);
801 }
802
803 /* Add RMAC, if told to. */
804 if (add_l3_ecomm) {
805 memset(&ecom_rmac, 0, sizeof(ecom_rmac));
806 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
807 ecom_rmac.size = 1;
808 ecom_rmac.val = (uint8_t *)eval_rmac.val;
809 attr->ecommunity =
810 ecommunity_merge(attr->ecommunity, &ecom_rmac);
811 }
812
813 /* Add default gateway, if needed. */
814 if (attr->default_gw) {
815 memset(&ecom_default_gw, 0, sizeof(ecom_default_gw));
816 encode_default_gw_extcomm(&eval_default_gw);
817 ecom_default_gw.size = 1;
818 ecom_default_gw.val = (uint8_t *)eval_default_gw.val;
819 attr->ecommunity =
820 ecommunity_merge(attr->ecommunity, &ecom_default_gw);
821 }
822
823 if (attr->router_flag) {
824 memset(&ecom_na, 0, sizeof(ecom_na));
825 encode_na_flag_extcomm(&eval_na, attr->router_flag);
826 ecom_na.size = 1;
827 ecom_na.val = (uint8_t *)eval_na.val;
828 attr->ecommunity = ecommunity_merge(attr->ecommunity,
829 &ecom_na);
830 }
831
832 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
833 }
834
835 /*
836 * Add MAC mobility extended community to attribute.
837 */
838 static void add_mac_mobility_to_attr(uint32_t seq_num, struct attr *attr)
839 {
840 struct ecommunity ecom_tmp;
841 struct ecommunity_val eval;
842 uint8_t *ecom_val_ptr;
843 int i;
844 uint8_t *pnt;
845 int type = 0;
846 int sub_type = 0;
847
848 /* Build MM */
849 encode_mac_mobility_extcomm(0, seq_num, &eval);
850
851 /* Find current MM ecommunity */
852 ecom_val_ptr = NULL;
853
854 if (attr->ecommunity) {
855 for (i = 0; i < attr->ecommunity->size; i++) {
856 pnt = attr->ecommunity->val + (i * 8);
857 type = *pnt++;
858 sub_type = *pnt++;
859
860 if (type == ECOMMUNITY_ENCODE_EVPN
861 && sub_type
862 == ECOMMUNITY_EVPN_SUBTYPE_MACMOBILITY) {
863 ecom_val_ptr = (uint8_t *)(attr->ecommunity->val
864 + (i * 8));
865 break;
866 }
867 }
868 }
869
870 /* Update the existing MM ecommunity */
871 if (ecom_val_ptr) {
872 memcpy(ecom_val_ptr, eval.val, sizeof(char) * ECOMMUNITY_SIZE);
873 }
874 /* Add MM to existing */
875 else {
876 memset(&ecom_tmp, 0, sizeof(ecom_tmp));
877 ecom_tmp.size = 1;
878 ecom_tmp.val = (uint8_t *)eval.val;
879
880 if (attr->ecommunity)
881 attr->ecommunity =
882 ecommunity_merge(attr->ecommunity, &ecom_tmp);
883 else
884 attr->ecommunity = ecommunity_dup(&ecom_tmp);
885 }
886 }
887
888 /* Install EVPN route into zebra. */
889 static int evpn_zebra_install(struct bgp *bgp, struct bgpevpn *vpn,
890 struct prefix_evpn *p,
891 struct in_addr remote_vtep_ip, uint8_t flags,
892 uint32_t seq)
893 {
894 int ret;
895
896 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
897 ret = bgp_zebra_send_remote_macip(bgp, vpn, p, remote_vtep_ip,
898 1, flags, seq);
899 else
900 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p, 1);
901
902 return ret;
903 }
904
905 /* Uninstall EVPN route from zebra. */
906 static int evpn_zebra_uninstall(struct bgp *bgp, struct bgpevpn *vpn,
907 struct prefix_evpn *p,
908 struct in_addr remote_vtep_ip)
909 {
910 int ret;
911
912 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
913 ret = bgp_zebra_send_remote_macip(bgp, vpn, p, remote_vtep_ip,
914 0, 0, 0);
915 else
916 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p, 0);
917
918 return ret;
919 }
920
921 /*
922 * Due to MAC mobility, the prior "local" best route has been supplanted
923 * by a "remote" best route. The prior route has to be deleted and withdrawn
924 * from peers.
925 */
926 static void evpn_delete_old_local_route(struct bgp *bgp, struct bgpevpn *vpn,
927 struct bgp_node *rn,
928 struct bgp_path_info *old_local)
929 {
930 struct bgp_node *global_rn;
931 struct bgp_path_info *pi;
932 afi_t afi = AFI_L2VPN;
933 safi_t safi = SAFI_EVPN;
934
935 /* Locate route node in the global EVPN routing table. Note that
936 * this table is a 2-level tree (RD-level + Prefix-level) similar to
937 * L3VPN routes.
938 */
939 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
940 (struct prefix *)&rn->p, &vpn->prd);
941 if (global_rn) {
942 /* Delete route entry in the global EVPN table. */
943 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
944
945 /* Schedule for processing - withdraws to peers happen from
946 * this table.
947 */
948 if (pi)
949 bgp_process(bgp, global_rn, afi, safi);
950 bgp_unlock_node(global_rn);
951 }
952
953 /* Delete route entry in the VNI route table, caller to remove. */
954 bgp_path_info_delete(rn, old_local);
955 }
956
957 static struct in_addr *es_vtep_new(struct in_addr vtep)
958 {
959 struct in_addr *ip;
960
961 ip = XCALLOC(MTYPE_BGP_EVPN_ES_VTEP, sizeof(struct in_addr));
962 if (!ip)
963 return NULL;
964
965 ip->s_addr = vtep.s_addr;
966 return ip;
967 }
968
969 static void es_vtep_free(struct in_addr *ip)
970 {
971 XFREE(MTYPE_BGP_EVPN_ES_VTEP, ip);
972 }
973
974 /* check if VTEP is already part of the list */
975 static int is_vtep_present_in_list(struct list *list,
976 struct in_addr vtep)
977 {
978 struct listnode *node = NULL;
979 struct in_addr *tmp;
980
981 for (ALL_LIST_ELEMENTS_RO(list, node, tmp)) {
982 if (tmp->s_addr == vtep.s_addr)
983 return 1;
984 }
985 return 0;
986 }
987
988 /*
989 * Best path for ES route was changed,
990 * update the list of VTEPs for this ES
991 */
992 static int evpn_es_install_vtep(struct bgp *bgp,
993 struct evpnes *es,
994 struct prefix_evpn *p,
995 struct in_addr rvtep)
996 {
997 struct in_addr *vtep_ip;
998
999 if (is_vtep_present_in_list(es->vtep_list, rvtep))
1000 return 0;
1001
1002
1003 vtep_ip = es_vtep_new(rvtep);
1004 if (vtep_ip)
1005 listnode_add_sort(es->vtep_list, vtep_ip);
1006 return 0;
1007 }
1008
1009 /*
1010 * Best path for ES route was changed,
1011 * update the list of VTEPs for this ES
1012 */
1013 static int evpn_es_uninstall_vtep(struct bgp *bgp,
1014 struct evpnes *es,
1015 struct prefix_evpn *p,
1016 struct in_addr rvtep)
1017 {
1018 struct listnode *node, *nnode, *node_to_del = NULL;
1019 struct in_addr *tmp;
1020
1021 for (ALL_LIST_ELEMENTS(es->vtep_list, node, nnode, tmp)) {
1022 if (tmp->s_addr == rvtep.s_addr) {
1023 es_vtep_free(tmp);
1024 node_to_del = node;
1025 }
1026 }
1027
1028 if (node_to_del)
1029 list_delete_node(es->vtep_list, node_to_del);
1030
1031 return 0;
1032 }
1033
1034 /*
1035 * Calculate the best path for a ES(type-4) route.
1036 */
1037 static int evpn_es_route_select_install(struct bgp *bgp,
1038 struct evpnes *es,
1039 struct bgp_node *rn)
1040 {
1041 int ret = 0;
1042 afi_t afi = AFI_L2VPN;
1043 safi_t safi = SAFI_EVPN;
1044 struct bgp_path_info *old_select; /* old best */
1045 struct bgp_path_info *new_select; /* new best */
1046 struct bgp_path_info_pair old_and_new;
1047
1048 /* Compute the best path. */
1049 bgp_best_selection(bgp, rn, &bgp->maxpaths[afi][safi],
1050 &old_and_new, afi, safi);
1051 old_select = old_and_new.old;
1052 new_select = old_and_new.new;
1053
1054 /*
1055 * If the best path hasn't changed - see if something needs to be
1056 * updated
1057 */
1058 if (old_select && old_select == new_select
1059 && old_select->type == ZEBRA_ROUTE_BGP
1060 && old_select->sub_type == BGP_ROUTE_IMPORTED
1061 && !CHECK_FLAG(rn->flags, BGP_NODE_USER_CLEAR)
1062 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1063 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1064 if (bgp_zebra_has_route_changed(rn, old_select)) {
1065 ret = evpn_es_install_vtep(bgp, es,
1066 (struct prefix_evpn *)&rn->p,
1067 old_select->attr->nexthop);
1068 }
1069 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1070 bgp_zebra_clear_route_change_flags(rn);
1071 return ret;
1072 }
1073
1074 /* If the user did a "clear" this flag will be set */
1075 UNSET_FLAG(rn->flags, BGP_NODE_USER_CLEAR);
1076
1077 /*
1078 * bestpath has changed; update relevant fields and install or uninstall
1079 * into the zebra RIB.
1080 */
1081 if (old_select || new_select)
1082 bgp_bump_version(rn);
1083
1084 if (old_select)
1085 bgp_path_info_unset_flag(rn, old_select, BGP_PATH_SELECTED);
1086 if (new_select) {
1087 bgp_path_info_set_flag(rn, new_select, BGP_PATH_SELECTED);
1088 bgp_path_info_unset_flag(rn, new_select, BGP_PATH_ATTR_CHANGED);
1089 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1090 }
1091
1092 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1093 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1094 ret = evpn_es_install_vtep(bgp, es,
1095 (struct prefix_evpn *)&rn->p,
1096 new_select->attr->nexthop);
1097 } else {
1098 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1099 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1100 ret = evpn_es_uninstall_vtep(
1101 bgp, es, (struct prefix_evpn *)&rn->p,
1102 old_select->attr->nexthop);
1103 }
1104
1105 /* Clear any route change flags. */
1106 bgp_zebra_clear_route_change_flags(rn);
1107
1108 /* Reap old select bgp_path_info, if it has been removed */
1109 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1110 bgp_path_info_reap(rn, old_select);
1111
1112 return ret;
1113 }
1114
1115 /*
1116 * Calculate the best path for an EVPN route. Install/update best path in zebra,
1117 * if appropriate.
1118 */
1119 static int evpn_route_select_install(struct bgp *bgp, struct bgpevpn *vpn,
1120 struct bgp_node *rn)
1121 {
1122 struct bgp_path_info *old_select, *new_select;
1123 struct bgp_path_info_pair old_and_new;
1124 struct prefix_evpn *evp;
1125 afi_t afi = AFI_L2VPN;
1126 safi_t safi = SAFI_EVPN;
1127 int ret = 0;
1128 uint8_t flags = 0;
1129
1130 /* Compute the best path. */
1131 bgp_best_selection(bgp, rn, &bgp->maxpaths[afi][safi], &old_and_new,
1132 afi, safi);
1133 old_select = old_and_new.old;
1134 new_select = old_and_new.new;
1135
1136 evp = (struct prefix_evpn *)&rn->p;
1137 /* If the best path hasn't changed - see if there is still something to
1138 * update
1139 * to zebra RIB.
1140 */
1141 if (old_select && old_select == new_select
1142 && old_select->type == ZEBRA_ROUTE_BGP
1143 && old_select->sub_type == BGP_ROUTE_IMPORTED
1144 && !CHECK_FLAG(rn->flags, BGP_NODE_USER_CLEAR)
1145 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1146 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1147 if (bgp_zebra_has_route_changed(rn, old_select)) {
1148 if (old_select->attr->sticky)
1149 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1150 if (old_select->attr->default_gw)
1151 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1152 if (is_evpn_prefix_ipaddr_v6(evp) &&
1153 old_select->attr->router_flag)
1154 SET_FLAG(flags, ZEBRA_MACIP_TYPE_ROUTER_FLAG);
1155
1156 ret = evpn_zebra_install(
1157 bgp, vpn, (struct prefix_evpn *)&rn->p,
1158 old_select->attr->nexthop, flags,
1159 mac_mobility_seqnum(old_select->attr));
1160 }
1161 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1162 bgp_zebra_clear_route_change_flags(rn);
1163 return ret;
1164 }
1165
1166 /* If the user did a "clear" this flag will be set */
1167 UNSET_FLAG(rn->flags, BGP_NODE_USER_CLEAR);
1168
1169 /* bestpath has changed; update relevant fields and install or uninstall
1170 * into the zebra RIB.
1171 */
1172 if (old_select || new_select)
1173 bgp_bump_version(rn);
1174
1175 if (old_select)
1176 bgp_path_info_unset_flag(rn, old_select, BGP_PATH_SELECTED);
1177 if (new_select) {
1178 bgp_path_info_set_flag(rn, new_select, BGP_PATH_SELECTED);
1179 bgp_path_info_unset_flag(rn, new_select, BGP_PATH_ATTR_CHANGED);
1180 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1181 }
1182
1183 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1184 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1185 flags = 0;
1186 if (new_select->attr->sticky)
1187 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1188 if (new_select->attr->default_gw)
1189 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1190 if (is_evpn_prefix_ipaddr_v6(evp) &&
1191 new_select->attr->router_flag)
1192 SET_FLAG(flags, ZEBRA_MACIP_TYPE_ROUTER_FLAG);
1193
1194 ret = evpn_zebra_install(bgp, vpn, (struct prefix_evpn *)&rn->p,
1195 new_select->attr->nexthop, flags,
1196 mac_mobility_seqnum(new_select->attr));
1197 /* If an old best existed and it was a "local" route, the only
1198 * reason
1199 * it would be supplanted is due to MAC mobility procedures. So,
1200 * we
1201 * need to do an implicit delete and withdraw that route from
1202 * peers.
1203 */
1204 if (old_select && old_select->peer == bgp->peer_self
1205 && old_select->type == ZEBRA_ROUTE_BGP
1206 && old_select->sub_type == BGP_ROUTE_STATIC)
1207 evpn_delete_old_local_route(bgp, vpn, rn, old_select);
1208 } else {
1209 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1210 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1211 ret = evpn_zebra_uninstall(bgp, vpn,
1212 (struct prefix_evpn *)&rn->p,
1213 old_select->attr->nexthop);
1214 }
1215
1216 /* Clear any route change flags. */
1217 bgp_zebra_clear_route_change_flags(rn);
1218
1219 /* Reap old select bgp_path_info, if it has been removed */
1220 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1221 bgp_path_info_reap(rn, old_select);
1222
1223 return ret;
1224 }
1225
1226 /*
1227 * Return true if the local ri for this rn is of type gateway mac
1228 */
1229 static int evpn_route_is_def_gw(struct bgp *bgp, struct bgp_node *rn)
1230 {
1231 struct bgp_path_info *tmp_pi = NULL;
1232 struct bgp_path_info *local_pi = NULL;
1233
1234 local_pi = NULL;
1235 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
1236 if (tmp_pi->peer == bgp->peer_self
1237 && tmp_pi->type == ZEBRA_ROUTE_BGP
1238 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1239 local_pi = tmp_pi;
1240 }
1241
1242 if (!local_pi)
1243 return 0;
1244
1245 return local_pi->attr->default_gw;
1246 }
1247
1248
1249 /*
1250 * Return true if the local ri for this rn has sticky set
1251 */
1252 static int evpn_route_is_sticky(struct bgp *bgp, struct bgp_node *rn)
1253 {
1254 struct bgp_path_info *tmp_pi;
1255 struct bgp_path_info *local_pi;
1256
1257 local_pi = NULL;
1258 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
1259 if (tmp_pi->peer == bgp->peer_self
1260 && tmp_pi->type == ZEBRA_ROUTE_BGP
1261 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1262 local_pi = tmp_pi;
1263 }
1264
1265 if (!local_pi)
1266 return 0;
1267
1268 return local_pi->attr->sticky;
1269 }
1270
1271 /*
1272 * create or update EVPN type4 route entry.
1273 * This could be in the ES table or the global table.
1274 * TODO: handle remote ES (type4) routes as well
1275 */
1276 static int update_evpn_type4_route_entry(struct bgp *bgp, struct evpnes *es,
1277 afi_t afi, safi_t safi,
1278 struct bgp_node *rn, struct attr *attr,
1279 int add, struct bgp_path_info **ri,
1280 int *route_changed)
1281 {
1282 char buf[ESI_STR_LEN];
1283 char buf1[INET6_ADDRSTRLEN];
1284 struct bgp_path_info *tmp_pi = NULL;
1285 struct bgp_path_info *local_pi = NULL; /* local route entry if any */
1286 struct bgp_path_info *remote_pi = NULL; /* remote route entry if any */
1287 struct attr *attr_new = NULL;
1288 struct prefix_evpn *evp = NULL;
1289
1290 *ri = NULL;
1291 *route_changed = 1;
1292 evp = (struct prefix_evpn *)&rn->p;
1293
1294 /* locate the local and remote entries if any */
1295 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
1296 if (tmp_pi->peer == bgp->peer_self
1297 && tmp_pi->type == ZEBRA_ROUTE_BGP
1298 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1299 local_pi = tmp_pi;
1300 if (tmp_pi->type == ZEBRA_ROUTE_BGP
1301 && tmp_pi->sub_type == BGP_ROUTE_IMPORTED
1302 && CHECK_FLAG(tmp_pi->flags, BGP_PATH_VALID))
1303 remote_pi = tmp_pi;
1304 }
1305
1306 /* we don't expect to see a remote_pi at this point.
1307 * An ES route has esi + vtep_ip as the key,
1308 * We shouldn't see the same route from any other vtep.
1309 */
1310 if (remote_pi) {
1311 flog_err(
1312 EC_BGP_ES_INVALID,
1313 "%u ERROR: local es route for ESI: %s Vtep %s also learnt from remote",
1314 bgp->vrf_id,
1315 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)),
1316 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1317 return -1;
1318 }
1319
1320 if (!local_pi && !add)
1321 return 0;
1322
1323 /* create or update the entry */
1324 if (!local_pi) {
1325
1326 /* Add or update attribute to hash */
1327 attr_new = bgp_attr_intern(attr);
1328
1329 /* Create new route with its attribute. */
1330 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1331 bgp->peer_self, attr_new, rn);
1332 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1333
1334 /* add the newly created path to the route-node */
1335 bgp_path_info_add(rn, tmp_pi);
1336 } else {
1337 tmp_pi = local_pi;
1338 if (attrhash_cmp(tmp_pi->attr, attr)
1339 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1340 *route_changed = 0;
1341 else {
1342 /* The attribute has changed.
1343 * Add (or update) attribute to hash. */
1344 attr_new = bgp_attr_intern(attr);
1345 bgp_path_info_set_flag(rn, tmp_pi,
1346 BGP_PATH_ATTR_CHANGED);
1347
1348 /* Restore route, if needed. */
1349 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1350 bgp_path_info_restore(rn, tmp_pi);
1351
1352 /* Unintern existing, set to new. */
1353 bgp_attr_unintern(&tmp_pi->attr);
1354 tmp_pi->attr = attr_new;
1355 tmp_pi->uptime = bgp_clock();
1356 }
1357 }
1358
1359 /* Return back the route entry. */
1360 *ri = tmp_pi;
1361 return 0;
1362 }
1363
1364 /* update evpn es (type-4) route */
1365 static int update_evpn_type4_route(struct bgp *bgp,
1366 struct evpnes *es,
1367 struct prefix_evpn *p)
1368 {
1369 int ret = 0;
1370 int route_changed = 0;
1371 char buf[ESI_STR_LEN];
1372 char buf1[INET6_ADDRSTRLEN];
1373 afi_t afi = AFI_L2VPN;
1374 safi_t safi = SAFI_EVPN;
1375 struct attr attr;
1376 struct attr *attr_new = NULL;
1377 struct bgp_node *rn = NULL;
1378 struct bgp_path_info *pi = NULL;
1379
1380 memset(&attr, 0, sizeof(struct attr));
1381
1382 /* Build path-attribute for this route. */
1383 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1384 attr.nexthop = es->originator_ip.ipaddr_v4;
1385 attr.mp_nexthop_global_in = es->originator_ip.ipaddr_v4;
1386 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1387
1388 /* Set up extended community. */
1389 build_evpn_type4_route_extcomm(es, &attr);
1390
1391 /* First, create (or fetch) route node within the ESI. */
1392 /* NOTE: There is no RD here. */
1393 rn = bgp_node_get(es->route_table, (struct prefix *)p);
1394
1395 /* Create or update route entry. */
1396 ret = update_evpn_type4_route_entry(bgp, es, afi, safi, rn, &attr, 1,
1397 &pi, &route_changed);
1398 if (ret != 0) {
1399 flog_err(EC_BGP_ES_INVALID,
1400 "%u ERROR: Failed to updated ES route ESI: %s VTEP %s",
1401 bgp->vrf_id,
1402 esi_to_str(&p->prefix.es_addr.esi, buf, sizeof(buf)),
1403 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1404 }
1405
1406 assert(pi);
1407 attr_new = pi->attr;
1408
1409 /* Perform route selection;
1410 * this is just to set the flags correctly
1411 * as local route in the ES always wins.
1412 */
1413 evpn_es_route_select_install(bgp, es, rn);
1414 bgp_unlock_node(rn);
1415
1416 /* If this is a new route or some attribute has changed, export the
1417 * route to the global table. The route will be advertised to peers
1418 * from there. Note that this table is a 2-level tree (RD-level +
1419 * Prefix-level) similar to L3VPN routes.
1420 */
1421 if (route_changed) {
1422 struct bgp_path_info *global_pi;
1423
1424 rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1425 (struct prefix *)p, &es->prd);
1426 update_evpn_type4_route_entry(bgp, es, afi, safi, rn, attr_new,
1427 1, &global_pi, &route_changed);
1428
1429 /* Schedule for processing and unlock node. */
1430 bgp_process(bgp, rn, afi, safi);
1431 bgp_unlock_node(rn);
1432 }
1433
1434 /* Unintern temporary. */
1435 aspath_unintern(&attr.aspath);
1436 return 0;
1437 }
1438
1439 static int update_evpn_type5_route_entry(struct bgp *bgp_def,
1440 struct bgp *bgp_vrf, afi_t afi,
1441 safi_t safi, struct bgp_node *rn,
1442 struct attr *attr, int *route_changed)
1443 {
1444 struct attr *attr_new = NULL;
1445 struct bgp_path_info *pi = NULL;
1446 mpls_label_t label = MPLS_INVALID_LABEL;
1447 struct bgp_path_info *local_pi = NULL;
1448 struct bgp_path_info *tmp_pi = NULL;
1449
1450 *route_changed = 0;
1451 /* locate the local route entry if any */
1452 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
1453 if (tmp_pi->peer == bgp_def->peer_self
1454 && tmp_pi->type == ZEBRA_ROUTE_BGP
1455 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1456 local_pi = tmp_pi;
1457 }
1458
1459 /*
1460 * create a new route entry if one doesn't exist.
1461 * Otherwise see if route attr has changed
1462 */
1463 if (!local_pi) {
1464
1465 /* route has changed as this is the first entry */
1466 *route_changed = 1;
1467
1468 /* Add (or update) attribute to hash. */
1469 attr_new = bgp_attr_intern(attr);
1470
1471 /* create the route info from attribute */
1472 pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1473 bgp_def->peer_self, attr_new, rn);
1474 SET_FLAG(pi->flags, BGP_PATH_VALID);
1475
1476 /* Type-5 routes advertise the L3-VNI */
1477 bgp_path_info_extra_get(pi);
1478 vni2label(bgp_vrf->l3vni, &label);
1479 memcpy(&pi->extra->label, &label, sizeof(label));
1480 pi->extra->num_labels = 1;
1481
1482 /* add the route entry to route node*/
1483 bgp_path_info_add(rn, pi);
1484 } else {
1485
1486 tmp_pi = local_pi;
1487 if (!attrhash_cmp(tmp_pi->attr, attr)) {
1488
1489 /* attribute changed */
1490 *route_changed = 1;
1491
1492 /* The attribute has changed. */
1493 /* Add (or update) attribute to hash. */
1494 attr_new = bgp_attr_intern(attr);
1495 bgp_path_info_set_flag(rn, tmp_pi,
1496 BGP_PATH_ATTR_CHANGED);
1497
1498 /* Restore route, if needed. */
1499 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1500 bgp_path_info_restore(rn, tmp_pi);
1501
1502 /* Unintern existing, set to new. */
1503 bgp_attr_unintern(&tmp_pi->attr);
1504 tmp_pi->attr = attr_new;
1505 tmp_pi->uptime = bgp_clock();
1506 }
1507 }
1508 return 0;
1509 }
1510
1511 /* update evpn type-5 route entry */
1512 static int update_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp,
1513 struct attr *src_attr)
1514 {
1515 afi_t afi = AFI_L2VPN;
1516 safi_t safi = SAFI_EVPN;
1517 struct attr attr;
1518 struct bgp_node *rn = NULL;
1519 struct bgp *bgp_def = NULL;
1520 int route_changed = 0;
1521
1522 bgp_def = bgp_get_default();
1523 if (!bgp_def)
1524 return 0;
1525
1526 /* Build path attribute for this route - use the source attr, if
1527 * present, else treat as locally originated.
1528 */
1529 if (src_attr)
1530 bgp_attr_dup(&attr, src_attr);
1531 else {
1532 memset(&attr, 0, sizeof(struct attr));
1533 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1534 }
1535 /* Set nexthop to ourselves and fill in the Router MAC. */
1536 attr.nexthop = bgp_vrf->originator_ip;
1537 attr.mp_nexthop_global_in = bgp_vrf->originator_ip;
1538 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1539 memcpy(&attr.rmac, &bgp_vrf->rmac, sizeof(struct ethaddr));
1540
1541 /* Setup RT and encap extended community */
1542 build_evpn_type5_route_extcomm(bgp_vrf, &attr);
1543
1544 /* get the route node in global table */
1545 rn = bgp_afi_node_get(bgp_def->rib[afi][safi], afi, safi,
1546 (struct prefix *)evp, &bgp_vrf->vrf_prd);
1547 assert(rn);
1548
1549 /* create or update the route entry within the route node */
1550 update_evpn_type5_route_entry(bgp_def, bgp_vrf, afi, safi, rn, &attr,
1551 &route_changed);
1552
1553 /* schedule for processing and unlock node */
1554 if (route_changed) {
1555 bgp_process(bgp_def, rn, afi, safi);
1556 bgp_unlock_node(rn);
1557 }
1558
1559 /* uninten temporary */
1560 if (!src_attr)
1561 aspath_unintern(&attr.aspath);
1562 return 0;
1563 }
1564
1565 /*
1566 * Create or update EVPN route entry. This could be in the VNI route table
1567 * or the global route table.
1568 */
1569 static int update_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
1570 afi_t afi, safi_t safi, struct bgp_node *rn,
1571 struct attr *attr, int add,
1572 struct bgp_path_info **pi, uint8_t flags,
1573 uint32_t seq)
1574 {
1575 struct bgp_path_info *tmp_pi;
1576 struct bgp_path_info *local_pi;
1577 struct attr *attr_new;
1578 mpls_label_t label[BGP_MAX_LABELS];
1579 uint32_t num_labels = 1;
1580 int route_change = 1;
1581 uint8_t sticky = 0;
1582 struct prefix_evpn *evp;
1583
1584 *pi = NULL;
1585 evp = (struct prefix_evpn *)&rn->p;
1586 memset(&label, 0, sizeof(label));
1587
1588 /* See if this is an update of an existing route, or a new add. */
1589 local_pi = NULL;
1590 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
1591 if (tmp_pi->peer == bgp->peer_self
1592 && tmp_pi->type == ZEBRA_ROUTE_BGP
1593 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1594 local_pi = tmp_pi;
1595 }
1596
1597 /* If route doesn't exist already, create a new one, if told to.
1598 * Otherwise act based on whether the attributes of the route have
1599 * changed or not.
1600 */
1601 if (!local_pi && !add)
1602 return 0;
1603
1604 /* For non-GW MACs, update MAC mobility seq number, if needed. */
1605 if (seq && !CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW))
1606 add_mac_mobility_to_attr(seq, attr);
1607
1608 if (!local_pi) {
1609 /* Add (or update) attribute to hash. */
1610 attr_new = bgp_attr_intern(attr);
1611
1612 /* Extract MAC mobility sequence number, if any. */
1613 attr_new->mm_seqnum =
1614 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1615 attr_new->sticky = sticky;
1616
1617 /* Create new route with its attribute. */
1618 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1619 bgp->peer_self, attr_new, rn);
1620 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1621 bgp_path_info_extra_get(tmp_pi);
1622
1623 /* The VNI goes into the 'label' field of the route */
1624 vni2label(vpn->vni, &label[0]);
1625
1626 /* Type-2 routes may carry a second VNI - the L3-VNI.
1627 * Only attach second label if we are advertising two labels for
1628 * type-2 routes.
1629 */
1630 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1631 && CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS)) {
1632 vni_t l3vni;
1633
1634 l3vni = bgpevpn_get_l3vni(vpn);
1635 if (l3vni) {
1636 vni2label(l3vni, &label[1]);
1637 num_labels++;
1638 }
1639 }
1640
1641 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1642 tmp_pi->extra->num_labels = num_labels;
1643 bgp_path_info_add(rn, tmp_pi);
1644 } else {
1645 tmp_pi = local_pi;
1646 if (attrhash_cmp(tmp_pi->attr, attr)
1647 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1648 route_change = 0;
1649 else {
1650 /*
1651 * The attributes have changed, type-2 routes needs to
1652 * be advertised with right labels.
1653 */
1654 vni2label(vpn->vni, &label[0]);
1655 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1656 && CHECK_FLAG(vpn->flags,
1657 VNI_FLAG_USE_TWO_LABELS)) {
1658 vni_t l3vni;
1659
1660 l3vni = bgpevpn_get_l3vni(vpn);
1661 if (l3vni) {
1662 vni2label(l3vni, &label[1]);
1663 num_labels++;
1664 }
1665 }
1666 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1667 tmp_pi->extra->num_labels = num_labels;
1668
1669 /* The attribute has changed. */
1670 /* Add (or update) attribute to hash. */
1671 attr_new = bgp_attr_intern(attr);
1672 bgp_path_info_set_flag(rn, tmp_pi,
1673 BGP_PATH_ATTR_CHANGED);
1674
1675 /* Extract MAC mobility sequence number, if any. */
1676 attr_new->mm_seqnum =
1677 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1678 attr_new->sticky = sticky;
1679
1680 /* Restore route, if needed. */
1681 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1682 bgp_path_info_restore(rn, tmp_pi);
1683
1684 /* Unintern existing, set to new. */
1685 bgp_attr_unintern(&tmp_pi->attr);
1686 tmp_pi->attr = attr_new;
1687 tmp_pi->uptime = bgp_clock();
1688 }
1689 }
1690
1691 /* Return back the route entry. */
1692 *pi = tmp_pi;
1693 return route_change;
1694 }
1695
1696 /*
1697 * If the local route was not selected evict it and tell zebra to re-add
1698 * the best remote dest.
1699 *
1700 * Typically a local path added by zebra is expected to be selected as
1701 * best. In which case when a remote path wins as best (later)
1702 * evpn_route_select_install itself evicts the older-local-best path.
1703 *
1704 * However if bgp's add and zebra's add cross paths (race condition) it
1705 * is possible that the local path is no longer the "older" best path.
1706 * It is a path that was never designated as best and hence requires
1707 * additional handling to prevent bgp from injecting and holding on to a
1708 * non-best local path.
1709 */
1710 static void evpn_cleanup_local_non_best_route(struct bgp *bgp,
1711 struct bgpevpn *vpn,
1712 struct bgp_node *rn,
1713 struct bgp_path_info *local_pi)
1714 {
1715 struct bgp_path_info *tmp_pi;
1716 struct bgp_path_info *curr_select = NULL;
1717 uint8_t flags = 0;
1718 char buf[PREFIX_STRLEN];
1719
1720 /* local path was not picked as the winner; kick it out */
1721 if (bgp_debug_zebra(NULL)) {
1722 zlog_debug("evicting local evpn prefix %s as remote won",
1723 prefix2str(&rn->p, buf, sizeof(buf)));
1724 }
1725 evpn_delete_old_local_route(bgp, vpn, rn, local_pi);
1726 bgp_path_info_reap(rn, local_pi);
1727
1728 /* tell zebra to re-add the best remote path */
1729 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
1730 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_SELECTED)) {
1731 curr_select = tmp_pi;
1732 break;
1733 }
1734 }
1735 if (curr_select &&
1736 curr_select->type == ZEBRA_ROUTE_BGP
1737 && curr_select->sub_type == BGP_ROUTE_IMPORTED) {
1738 if (curr_select->attr->sticky)
1739 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1740 if (curr_select->attr->default_gw)
1741 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1742 evpn_zebra_install(bgp, vpn, (struct prefix_evpn *)&rn->p,
1743 curr_select->attr->nexthop, flags,
1744 mac_mobility_seqnum(curr_select->attr));
1745 }
1746 }
1747
1748 /*
1749 * Create or update EVPN route (of type based on prefix) for specified VNI
1750 * and schedule for processing.
1751 */
1752 static int update_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
1753 struct prefix_evpn *p, uint8_t flags,
1754 uint32_t seq)
1755 {
1756 struct bgp_node *rn;
1757 struct attr attr;
1758 struct attr *attr_new;
1759 int add_l3_ecomm = 0;
1760 struct bgp_path_info *pi;
1761 afi_t afi = AFI_L2VPN;
1762 safi_t safi = SAFI_EVPN;
1763 int route_change;
1764
1765 memset(&attr, 0, sizeof(struct attr));
1766
1767 /* Build path-attribute for this route. */
1768 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1769 attr.nexthop = vpn->originator_ip;
1770 attr.mp_nexthop_global_in = vpn->originator_ip;
1771 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1772 attr.sticky = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY) ? 1 : 0;
1773 attr.default_gw = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW) ? 1 : 0;
1774 attr.router_flag = CHECK_FLAG(flags,
1775 ZEBRA_MACIP_TYPE_ROUTER_FLAG) ? 1 : 0;
1776
1777 /* PMSI is only needed for type-3 routes */
1778 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE)
1779 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
1780
1781 /* router mac is only needed for type-2 routes here. */
1782 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
1783 bgpevpn_get_rmac(vpn, &attr.rmac);
1784 vni2label(vpn->vni, &(attr.label));
1785
1786 /* Include L3 VNI related RTs and RMAC for type-2 routes, if they're
1787 * IPv4 or IPv6 global addresses and we're advertising L3VNI with
1788 * these routes.
1789 */
1790 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE &&
1791 (is_evpn_prefix_ipaddr_v4(p) ||
1792 !IN6_IS_ADDR_LINKLOCAL(&p->prefix.macip_addr.ip.ipaddr_v6)) &&
1793 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
1794 bgpevpn_get_l3vni(vpn))
1795 add_l3_ecomm = 1;
1796
1797 /* Set up extended community. */
1798 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
1799
1800 /* First, create (or fetch) route node within the VNI. */
1801 /* NOTE: There is no RD here. */
1802 rn = bgp_node_get(vpn->route_table, (struct prefix *)p);
1803
1804 /* Create or update route entry. */
1805 route_change = update_evpn_route_entry(bgp, vpn, afi, safi, rn, &attr,
1806 1, &pi, flags, seq);
1807 assert(pi);
1808 attr_new = pi->attr;
1809
1810 /* lock ri to prevent freeing in evpn_route_select_install */
1811 bgp_path_info_lock(pi);
1812 /* Perform route selection; this is just to set the flags correctly
1813 * as local route in the VNI always wins.
1814 */
1815 evpn_route_select_install(bgp, vpn, rn);
1816 /*
1817 * If the new local route was not selected evict it and tell zebra
1818 * to re-add the best remote dest. BGP doesn't retain non-best local
1819 * routes.
1820 */
1821 if (!CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)) {
1822 route_change = 0;
1823 evpn_cleanup_local_non_best_route(bgp, vpn, rn, pi);
1824 }
1825 bgp_path_info_unlock(pi);
1826
1827 bgp_unlock_node(rn);
1828
1829 /* If this is a new route or some attribute has changed, export the
1830 * route to the global table. The route will be advertised to peers
1831 * from there. Note that this table is a 2-level tree (RD-level +
1832 * Prefix-level) similar to L3VPN routes.
1833 */
1834 if (route_change) {
1835 struct bgp_path_info *global_pi;
1836
1837 rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1838 (struct prefix *)p, &vpn->prd);
1839 update_evpn_route_entry(bgp, vpn, afi, safi, rn, attr_new, 1,
1840 &global_pi, flags, seq);
1841
1842 /* Schedule for processing and unlock node. */
1843 bgp_process(bgp, rn, afi, safi);
1844 bgp_unlock_node(rn);
1845 }
1846
1847 /* Unintern temporary. */
1848 aspath_unintern(&attr.aspath);
1849
1850 return 0;
1851 }
1852
1853 /*
1854 * Delete EVPN route entry.
1855 * The entry can be in ESI/VNI table or the global table.
1856 */
1857 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
1858 struct bgp_node *rn,
1859 struct bgp_path_info **pi)
1860 {
1861 struct bgp_path_info *tmp_pi;
1862
1863 *pi = NULL;
1864
1865 /* Now, find matching route. */
1866 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next)
1867 if (tmp_pi->peer == bgp->peer_self
1868 && tmp_pi->type == ZEBRA_ROUTE_BGP
1869 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1870 break;
1871
1872 *pi = tmp_pi;
1873
1874 /* Mark route for delete. */
1875 if (tmp_pi)
1876 bgp_path_info_delete(rn, tmp_pi);
1877 }
1878
1879
1880
1881 /* Delete EVPN ES (type-4) route */
1882 static int delete_evpn_type4_route(struct bgp *bgp,
1883 struct evpnes *es,
1884 struct prefix_evpn *p)
1885 {
1886 afi_t afi = AFI_L2VPN;
1887 safi_t safi = SAFI_EVPN;
1888 struct bgp_path_info *pi;
1889 struct bgp_node *rn = NULL; /* rn in esi table */
1890 struct bgp_node *global_rn = NULL; /* rn in global table */
1891
1892 /* First, locate the route node within the ESI.
1893 * If it doesn't exist, ther is nothing to do.
1894 * Note: there is no RD here.
1895 */
1896 rn = bgp_node_lookup(es->route_table, (struct prefix *)p);
1897 if (!rn)
1898 return 0;
1899
1900 /* Next, locate route node in the global EVPN routing table.
1901 * Note that this table is a 2-level tree (RD-level + Prefix-level)
1902 */
1903 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
1904 (struct prefix *)p, &es->prd);
1905 if (global_rn) {
1906
1907 /* Delete route entry in the global EVPN table. */
1908 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
1909
1910 /* Schedule for processing - withdraws to peers happen from
1911 * this table.
1912 */
1913 if (pi)
1914 bgp_process(bgp, global_rn, afi, safi);
1915 bgp_unlock_node(global_rn);
1916 }
1917
1918 /*
1919 * Delete route entry in the ESI route table.
1920 * This can just be removed.
1921 */
1922 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
1923 if (pi)
1924 bgp_path_info_reap(rn, pi);
1925 bgp_unlock_node(rn);
1926 return 0;
1927 }
1928
1929 /* Delete EVPN type5 route */
1930 static int delete_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp)
1931 {
1932 afi_t afi = AFI_L2VPN;
1933 safi_t safi = SAFI_EVPN;
1934 struct bgp_node *rn = NULL;
1935 struct bgp_path_info *pi = NULL;
1936 struct bgp *bgp_def = NULL; /* default bgp instance */
1937
1938 bgp_def = bgp_get_default();
1939 if (!bgp_def)
1940 return 0;
1941
1942 /* locate the global route entry for this type-5 prefix */
1943 rn = bgp_afi_node_lookup(bgp_def->rib[afi][safi], afi, safi,
1944 (struct prefix *)evp, &bgp_vrf->vrf_prd);
1945 if (!rn)
1946 return 0;
1947
1948 delete_evpn_route_entry(bgp_def, afi, safi, rn, &pi);
1949 if (pi)
1950 bgp_process(bgp_def, rn, afi, safi);
1951 bgp_unlock_node(rn);
1952 return 0;
1953 }
1954
1955 /*
1956 * Delete EVPN route (of type based on prefix) for specified VNI and
1957 * schedule for processing.
1958 */
1959 static int delete_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
1960 struct prefix_evpn *p)
1961 {
1962 struct bgp_node *rn, *global_rn;
1963 struct bgp_path_info *pi;
1964 afi_t afi = AFI_L2VPN;
1965 safi_t safi = SAFI_EVPN;
1966
1967 /* First, locate the route node within the VNI. If it doesn't exist,
1968 * there
1969 * is nothing further to do.
1970 */
1971 /* NOTE: There is no RD here. */
1972 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
1973 if (!rn)
1974 return 0;
1975
1976 /* Next, locate route node in the global EVPN routing table. Note that
1977 * this table is a 2-level tree (RD-level + Prefix-level) similar to
1978 * L3VPN routes.
1979 */
1980 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
1981 (struct prefix *)p, &vpn->prd);
1982 if (global_rn) {
1983 /* Delete route entry in the global EVPN table. */
1984 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
1985
1986 /* Schedule for processing - withdraws to peers happen from
1987 * this table.
1988 */
1989 if (pi)
1990 bgp_process(bgp, global_rn, afi, safi);
1991 bgp_unlock_node(global_rn);
1992 }
1993
1994 /* Delete route entry in the VNI route table. This can just be removed.
1995 */
1996 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
1997 if (pi) {
1998 bgp_path_info_reap(rn, pi);
1999 evpn_route_select_install(bgp, vpn, rn);
2000 }
2001 bgp_unlock_node(rn);
2002
2003 return 0;
2004 }
2005
2006 /*
2007 * Update all type-2 (MACIP) local routes for this VNI - these should also
2008 * be scheduled for advertise to peers.
2009 */
2010 static int update_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2011 {
2012 afi_t afi;
2013 safi_t safi;
2014 struct bgp_node *rn;
2015 struct bgp_path_info *pi, *tmp_pi;
2016 struct attr attr;
2017 struct attr *attr_new;
2018 uint32_t seq;
2019 int add_l3_ecomm = 0;
2020
2021 afi = AFI_L2VPN;
2022 safi = SAFI_EVPN;
2023
2024 /* Walk this VNI's route table and update local type-2 routes. For any
2025 * routes updated, update corresponding entry in the global table too.
2026 */
2027 for (rn = bgp_table_top(vpn->route_table); rn;
2028 rn = bgp_route_next(rn)) {
2029 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2030 struct bgp_node *rd_rn;
2031 struct bgp_path_info *global_pi;
2032
2033 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2034 continue;
2035
2036 /* Identify local route. */
2037 for (tmp_pi = rn->info; tmp_pi; tmp_pi = tmp_pi->next) {
2038 if (tmp_pi->peer == bgp->peer_self
2039 && tmp_pi->type == ZEBRA_ROUTE_BGP
2040 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
2041 break;
2042 }
2043
2044 if (!tmp_pi)
2045 continue;
2046
2047 /*
2048 * Build attribute per local route as the MAC mobility and
2049 * some other values could differ for different routes. The
2050 * attributes will be shared in the hash table.
2051 */
2052 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
2053 attr.nexthop = vpn->originator_ip;
2054 attr.mp_nexthop_global_in = vpn->originator_ip;
2055 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
2056 bgpevpn_get_rmac(vpn, &attr.rmac);
2057
2058 if (evpn_route_is_sticky(bgp, rn))
2059 attr.sticky = 1;
2060 else if (evpn_route_is_def_gw(bgp, rn)) {
2061 attr.default_gw = 1;
2062 if (is_evpn_prefix_ipaddr_v6(evp))
2063 attr.router_flag = 1;
2064 }
2065
2066 /* Add L3 VNI RTs and RMAC for non IPv6 link-local if
2067 * using L3 VNI for type-2 routes also.
2068 */
2069 if ((is_evpn_prefix_ipaddr_v4(evp) ||
2070 !IN6_IS_ADDR_LINKLOCAL(
2071 &evp->prefix.macip_addr.ip.ipaddr_v6)) &&
2072 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
2073 bgpevpn_get_l3vni(vpn))
2074 add_l3_ecomm = 1;
2075
2076 /* Set up extended community. */
2077 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
2078
2079 seq = mac_mobility_seqnum(tmp_pi->attr);
2080
2081 /* Update the route entry. */
2082 update_evpn_route_entry(bgp, vpn, afi, safi, rn, &attr, 0, &pi,
2083 0, seq);
2084
2085 /* Perform route selection; this is just to set the flags
2086 * correctly as local route in the VNI always wins.
2087 */
2088 evpn_route_select_install(bgp, vpn, rn);
2089
2090 attr_new = pi->attr;
2091
2092 /* Update route in global routing table. */
2093 rd_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
2094 (struct prefix *)evp, &vpn->prd);
2095 assert(rd_rn);
2096 update_evpn_route_entry(bgp, vpn, afi, safi, rd_rn, attr_new, 0,
2097 &global_pi, 0,
2098 mac_mobility_seqnum(attr_new));
2099
2100 /* Schedule for processing and unlock node. */
2101 bgp_process(bgp, rd_rn, afi, safi);
2102 bgp_unlock_node(rd_rn);
2103
2104 /* Unintern temporary. */
2105 aspath_unintern(&attr.aspath);
2106
2107 }
2108
2109 return 0;
2110 }
2111
2112 /*
2113 * Delete all type-2 (MACIP) local routes for this VNI - only from the
2114 * global routing table. These are also scheduled for withdraw from peers.
2115 */
2116 static int delete_global_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2117 {
2118 afi_t afi;
2119 safi_t safi;
2120 struct bgp_node *rdrn, *rn;
2121 struct bgp_table *table;
2122 struct bgp_path_info *pi;
2123
2124 afi = AFI_L2VPN;
2125 safi = SAFI_EVPN;
2126
2127 rdrn = bgp_node_lookup(bgp->rib[afi][safi], (struct prefix *)&vpn->prd);
2128 if (rdrn && rdrn->info) {
2129 table = (struct bgp_table *)rdrn->info;
2130 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2131 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2132
2133 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2134 continue;
2135
2136 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2137 if (pi)
2138 bgp_process(bgp, rn, afi, safi);
2139 }
2140 }
2141
2142 /* Unlock RD node. */
2143 if (rdrn)
2144 bgp_unlock_node(rdrn);
2145
2146 return 0;
2147 }
2148
2149 /*
2150 * Delete all type-2 (MACIP) local routes for this VNI - from the global
2151 * table as well as the per-VNI route table.
2152 */
2153 static int delete_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2154 {
2155 afi_t afi;
2156 safi_t safi;
2157 struct bgp_node *rn;
2158 struct bgp_path_info *pi;
2159
2160 afi = AFI_L2VPN;
2161 safi = SAFI_EVPN;
2162
2163 /* First, walk the global route table for this VNI's type-2 local
2164 * routes.
2165 * EVPN routes are a 2-level table, first get the RD table.
2166 */
2167 delete_global_type2_routes(bgp, vpn);
2168
2169 /* Next, walk this VNI's route table and delete local type-2 routes. */
2170 for (rn = bgp_table_top(vpn->route_table); rn;
2171 rn = bgp_route_next(rn)) {
2172 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2173
2174 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2175 continue;
2176
2177 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2178
2179 /* Route entry in local table gets deleted immediately. */
2180 if (pi)
2181 bgp_path_info_reap(rn, pi);
2182 }
2183
2184 return 0;
2185 }
2186
2187 /*
2188 * Delete all routes in per ES route-table
2189 */
2190 static int delete_all_es_routes(struct bgp *bgp, struct evpnes *es)
2191 {
2192 struct bgp_node *rn;
2193 struct bgp_path_info *pi, *nextpi;
2194
2195 /* Walk this ES's route table and delete all routes. */
2196 for (rn = bgp_table_top(es->route_table); rn;
2197 rn = bgp_route_next(rn)) {
2198 for (pi = rn->info; (pi != NULL) && (nextpi = pi->next, 1);
2199 pi = nextpi) {
2200 bgp_path_info_delete(rn, pi);
2201 bgp_path_info_reap(rn, pi);
2202 }
2203 }
2204
2205 return 0;
2206 }
2207
2208 /*
2209 * Delete all routes in the per-VNI route table.
2210 */
2211 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
2212 {
2213 struct bgp_node *rn;
2214 struct bgp_path_info *pi, *nextpi;
2215
2216 /* Walk this VNI's route table and delete all routes. */
2217 for (rn = bgp_table_top(vpn->route_table); rn;
2218 rn = bgp_route_next(rn)) {
2219 for (pi = rn->info; (pi != NULL) && (nextpi = pi->next, 1);
2220 pi = nextpi) {
2221 bgp_path_info_delete(rn, pi);
2222 bgp_path_info_reap(rn, pi);
2223 }
2224 }
2225
2226 return 0;
2227 }
2228
2229 /*
2230 * Update (and advertise) local routes for a VNI. Invoked upon the VNI
2231 * export RT getting modified or change to tunnel IP. Note that these
2232 * situations need the route in the per-VNI table as well as the global
2233 * table to be updated (as attributes change).
2234 */
2235 static int update_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2236 {
2237 int ret;
2238 struct prefix_evpn p;
2239
2240 /* Update and advertise the type-3 route (only one) followed by the
2241 * locally learnt type-2 routes (MACIP) - for this VNI.
2242 *
2243 * RT-3 only if doing head-end replication
2244 */
2245 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL) {
2246 build_evpn_type3_prefix(&p, vpn->originator_ip);
2247 ret = update_evpn_route(bgp, vpn, &p, 0, 0);
2248 if (ret)
2249 return ret;
2250 }
2251
2252 return update_all_type2_routes(bgp, vpn);
2253 }
2254
2255 /* Delete (and withdraw) local routes for specified ES from global and ES table.
2256 * Also remove all other routes from the per ES table.
2257 * Invoked when ES is deleted.
2258 */
2259 static int delete_routes_for_es(struct bgp *bgp, struct evpnes *es)
2260 {
2261 int ret;
2262 char buf[ESI_STR_LEN];
2263 struct prefix_evpn p;
2264
2265 /* Delete and withdraw locally learnt ES route */
2266 build_evpn_type4_prefix(&p, &es->esi, es->originator_ip.ipaddr_v4);
2267 ret = delete_evpn_type4_route(bgp, es, &p);
2268 if (ret) {
2269 flog_err(EC_BGP_EVPN_ROUTE_DELETE,
2270 "%u failed to delete type-4 route for ESI %s",
2271 bgp->vrf_id, esi_to_str(&es->esi, buf, sizeof(buf)));
2272 }
2273
2274 /* Delete all routes from per ES table */
2275 return delete_all_es_routes(bgp, es);
2276 }
2277
2278 /*
2279 * Delete (and withdraw) local routes for specified VNI from the global
2280 * table and per-VNI table. After this, remove all other routes from
2281 * the per-VNI table. Invoked upon the VNI being deleted or EVPN
2282 * (advertise-all-vni) being disabled.
2283 */
2284 static int delete_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2285 {
2286 int ret;
2287 struct prefix_evpn p;
2288
2289 /* Delete and withdraw locally learnt type-2 routes (MACIP)
2290 * followed by type-3 routes (only one) - for this VNI.
2291 */
2292 ret = delete_all_type2_routes(bgp, vpn);
2293 if (ret)
2294 return ret;
2295
2296 build_evpn_type3_prefix(&p, vpn->originator_ip);
2297 ret = delete_evpn_route(bgp, vpn, &p);
2298 if (ret)
2299 return ret;
2300
2301 /* Delete all routes from the per-VNI table. */
2302 return delete_all_vni_routes(bgp, vpn);
2303 }
2304
2305 /*
2306 * There is a tunnel endpoint IP address change for this VNI, delete
2307 * prior type-3 route (if needed) and update.
2308 * Note: Route re-advertisement happens elsewhere after other processing
2309 * other changes.
2310 */
2311 static int handle_tunnel_ip_change(struct bgp *bgp, struct bgpevpn *vpn,
2312 struct in_addr originator_ip)
2313 {
2314 struct prefix_evpn p;
2315
2316 /* If VNI is not live, we only need to update the originator ip */
2317 if (!is_vni_live(vpn)) {
2318 vpn->originator_ip = originator_ip;
2319 return 0;
2320 }
2321
2322 /* Update the tunnel-ip hash */
2323 bgp_tip_del(bgp, &vpn->originator_ip);
2324 bgp_tip_add(bgp, &originator_ip);
2325
2326 /* filter routes as martian nexthop db has changed */
2327 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
2328
2329 /* Need to withdraw type-3 route as the originator IP is part
2330 * of the key.
2331 */
2332 build_evpn_type3_prefix(&p, vpn->originator_ip);
2333 delete_evpn_route(bgp, vpn, &p);
2334
2335 /* Update the tunnel IP and re-advertise all routes for this VNI. */
2336 vpn->originator_ip = originator_ip;
2337 return 0;
2338 }
2339
2340 /* Install EVPN route entry in ES */
2341 static int install_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2342 struct prefix_evpn *p,
2343 struct bgp_path_info *parent_pi)
2344 {
2345 int ret = 0;
2346 struct bgp_node *rn = NULL;
2347 struct bgp_path_info *pi = NULL;
2348 struct attr *attr_new = NULL;
2349
2350 /* Create (or fetch) route within the VNI.
2351 * NOTE: There is no RD here.
2352 */
2353 rn = bgp_node_get(es->route_table, (struct prefix *)p);
2354
2355 /* Check if route entry is already present. */
2356 for (pi = rn->info; pi; pi = pi->next)
2357 if (pi->extra
2358 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2359 break;
2360
2361 if (!pi) {
2362 /* Add (or update) attribute to hash. */
2363 attr_new = bgp_attr_intern(parent_pi->attr);
2364
2365 /* Create new route with its attribute. */
2366 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2367 parent_pi->peer, attr_new, rn);
2368 SET_FLAG(pi->flags, BGP_PATH_VALID);
2369 bgp_path_info_extra_get(pi);
2370 pi->extra->parent = parent_pi;
2371 bgp_path_info_add(rn, pi);
2372 } else {
2373 if (attrhash_cmp(pi->attr, parent_pi->attr)
2374 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2375 bgp_unlock_node(rn);
2376 return 0;
2377 }
2378 /* The attribute has changed. */
2379 /* Add (or update) attribute to hash. */
2380 attr_new = bgp_attr_intern(parent_pi->attr);
2381
2382 /* Restore route, if needed. */
2383 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2384 bgp_path_info_restore(rn, pi);
2385
2386 /* Mark if nexthop has changed. */
2387 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2388 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2389
2390 /* Unintern existing, set to new. */
2391 bgp_attr_unintern(&pi->attr);
2392 pi->attr = attr_new;
2393 pi->uptime = bgp_clock();
2394 }
2395
2396 /* Perform route selection and update zebra, if required. */
2397 ret = evpn_es_route_select_install(bgp, es, rn);
2398 return ret;
2399 }
2400
2401 /*
2402 * Install route entry into the VRF routing table and invoke route selection.
2403 */
2404 static int install_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2405 struct prefix_evpn *evp,
2406 struct bgp_path_info *parent_pi)
2407 {
2408 struct bgp_node *rn;
2409 struct bgp_path_info *pi;
2410 struct attr attr;
2411 struct attr *attr_new;
2412 int ret = 0;
2413 struct prefix p;
2414 struct prefix *pp = &p;
2415 afi_t afi = 0;
2416 safi_t safi = 0;
2417 char buf[PREFIX_STRLEN];
2418 char buf1[PREFIX_STRLEN];
2419
2420 memset(pp, 0, sizeof(struct prefix));
2421 ip_prefix_from_evpn_prefix(evp, pp);
2422
2423 if (bgp_debug_zebra(NULL)) {
2424 zlog_debug(
2425 "installing evpn prefix %s as ip prefix %s in vrf %s",
2426 prefix2str(evp, buf, sizeof(buf)),
2427 prefix2str(pp, buf1, sizeof(buf)),
2428 vrf_id_to_name(bgp_vrf->vrf_id));
2429 }
2430
2431 /* Create (or fetch) route within the VRF. */
2432 /* NOTE: There is no RD here. */
2433 if (is_evpn_prefix_ipaddr_v4(evp)) {
2434 afi = AFI_IP;
2435 safi = SAFI_UNICAST;
2436 rn = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2437 } else if (is_evpn_prefix_ipaddr_v6(evp)) {
2438 afi = AFI_IP6;
2439 safi = SAFI_UNICAST;
2440 rn = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2441 } else
2442 return 0;
2443
2444 /* EVPN routes currently only support a IPv4 next hop which corresponds
2445 * to the remote VTEP. When importing into a VRF, if it is IPv6 host
2446 * or prefix route, we have to convert the next hop to an IPv4-mapped
2447 * address for the rest of the code to flow through. In the case of IPv4,
2448 * make sure to set the flag for next hop attribute.
2449 */
2450 bgp_attr_dup(&attr, parent_pi->attr);
2451 if (afi == AFI_IP6)
2452 evpn_convert_nexthop_to_ipv6(&attr);
2453 else
2454 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
2455
2456 /* Check if route entry is already present. */
2457 for (pi = rn->info; pi; pi = pi->next)
2458 if (pi->extra
2459 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2460 break;
2461
2462 if (!pi) {
2463 /* Add (or update) attribute to hash. */
2464 attr_new = bgp_attr_intern(&attr);
2465
2466 /* Create new route with its attribute. */
2467 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2468 parent_pi->peer, attr_new, rn);
2469 SET_FLAG(pi->flags, BGP_PATH_VALID);
2470 bgp_path_info_extra_get(pi);
2471 pi->extra->parent = bgp_path_info_lock(parent_pi);
2472 bgp_lock_node((struct bgp_node *)parent_pi->net);
2473 if (parent_pi->extra) {
2474 memcpy(&pi->extra->label, &parent_pi->extra->label,
2475 sizeof(pi->extra->label));
2476 pi->extra->num_labels = parent_pi->extra->num_labels;
2477 }
2478 bgp_path_info_add(rn, pi);
2479 } else {
2480 if (attrhash_cmp(pi->attr, &attr)
2481 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2482 bgp_unlock_node(rn);
2483 return 0;
2484 }
2485 /* The attribute has changed. */
2486 /* Add (or update) attribute to hash. */
2487 attr_new = bgp_attr_intern(&attr);
2488
2489 /* Restore route, if needed. */
2490 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2491 bgp_path_info_restore(rn, pi);
2492
2493 /* Mark if nexthop has changed. */
2494 if ((afi == AFI_IP
2495 && !IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2496 || (afi == AFI_IP6
2497 && !IPV6_ADDR_SAME(&pi->attr->mp_nexthop_global,
2498 &attr_new->mp_nexthop_global)))
2499 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2500
2501 bgp_path_info_set_flag(rn, pi, BGP_PATH_ATTR_CHANGED);
2502 /* Unintern existing, set to new. */
2503 bgp_attr_unintern(&pi->attr);
2504 pi->attr = attr_new;
2505 pi->uptime = bgp_clock();
2506 }
2507
2508 bgp_aggregate_increment(bgp_vrf, &rn->p, pi, afi, safi);
2509
2510 /* Perform route selection and update zebra, if required. */
2511 bgp_process(bgp_vrf, rn, afi, safi);
2512
2513 return ret;
2514 }
2515
2516 /*
2517 * Install route entry into the VNI routing table and invoke route selection.
2518 */
2519 static int install_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2520 struct prefix_evpn *p,
2521 struct bgp_path_info *parent_pi)
2522 {
2523 struct bgp_node *rn;
2524 struct bgp_path_info *pi;
2525 struct attr *attr_new;
2526 int ret;
2527
2528 /* Create (or fetch) route within the VNI. */
2529 /* NOTE: There is no RD here. */
2530 rn = bgp_node_get(vpn->route_table, (struct prefix *)p);
2531
2532 /* Check if route entry is already present. */
2533 for (pi = rn->info; pi; pi = pi->next)
2534 if (pi->extra
2535 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2536 break;
2537
2538 if (!pi) {
2539 /* Add (or update) attribute to hash. */
2540 attr_new = bgp_attr_intern(parent_pi->attr);
2541
2542 /* Create new route with its attribute. */
2543 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2544 parent_pi->peer, attr_new, rn);
2545 SET_FLAG(pi->flags, BGP_PATH_VALID);
2546 bgp_path_info_extra_get(pi);
2547 pi->extra->parent = bgp_path_info_lock(parent_pi);
2548 bgp_lock_node((struct bgp_node *)parent_pi->net);
2549 if (parent_pi->extra) {
2550 memcpy(&pi->extra->label, &parent_pi->extra->label,
2551 sizeof(pi->extra->label));
2552 pi->extra->num_labels = parent_pi->extra->num_labels;
2553 }
2554 bgp_path_info_add(rn, pi);
2555 } else {
2556 if (attrhash_cmp(pi->attr, parent_pi->attr)
2557 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2558 bgp_unlock_node(rn);
2559 return 0;
2560 }
2561 /* The attribute has changed. */
2562 /* Add (or update) attribute to hash. */
2563 attr_new = bgp_attr_intern(parent_pi->attr);
2564
2565 /* Restore route, if needed. */
2566 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2567 bgp_path_info_restore(rn, pi);
2568
2569 /* Mark if nexthop has changed. */
2570 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2571 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2572
2573 /* Unintern existing, set to new. */
2574 bgp_attr_unintern(&pi->attr);
2575 pi->attr = attr_new;
2576 pi->uptime = bgp_clock();
2577 }
2578
2579 /* Perform route selection and update zebra, if required. */
2580 ret = evpn_route_select_install(bgp, vpn, rn);
2581
2582 return ret;
2583 }
2584
2585 /* Uninstall EVPN route entry from ES route table */
2586 static int uninstall_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2587 struct prefix_evpn *p,
2588 struct bgp_path_info *parent_pi)
2589 {
2590 int ret;
2591 struct bgp_node *rn;
2592 struct bgp_path_info *pi;
2593
2594 if (!es->route_table)
2595 return 0;
2596
2597 /* Locate route within the ESI.
2598 * NOTE: There is no RD here.
2599 */
2600 rn = bgp_node_lookup(es->route_table, (struct prefix *)p);
2601 if (!rn)
2602 return 0;
2603
2604 /* Find matching route entry. */
2605 for (pi = rn->info; pi; pi = pi->next)
2606 if (pi->extra
2607 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2608 break;
2609
2610 if (!pi)
2611 return 0;
2612
2613 /* Mark entry for deletion */
2614 bgp_path_info_delete(rn, pi);
2615
2616 /* Perform route selection and update zebra, if required. */
2617 ret = evpn_es_route_select_install(bgp, es, rn);
2618
2619 /* Unlock route node. */
2620 bgp_unlock_node(rn);
2621
2622 return ret;
2623 }
2624
2625 /*
2626 * Uninstall route entry from the VRF routing table and send message
2627 * to zebra, if appropriate.
2628 */
2629 static int uninstall_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2630 struct prefix_evpn *evp,
2631 struct bgp_path_info *parent_pi)
2632 {
2633 struct bgp_node *rn;
2634 struct bgp_path_info *pi;
2635 int ret = 0;
2636 struct prefix p;
2637 struct prefix *pp = &p;
2638 afi_t afi = 0;
2639 safi_t safi = 0;
2640 char buf[PREFIX_STRLEN];
2641 char buf1[PREFIX_STRLEN];
2642
2643 memset(pp, 0, sizeof(struct prefix));
2644 ip_prefix_from_evpn_prefix(evp, pp);
2645
2646 if (bgp_debug_zebra(NULL)) {
2647 zlog_debug(
2648 "uninstalling evpn prefix %s as ip prefix %s in vrf %s",
2649 prefix2str(evp, buf, sizeof(buf)),
2650 prefix2str(pp, buf1, sizeof(buf)),
2651 vrf_id_to_name(bgp_vrf->vrf_id));
2652 }
2653
2654 /* Locate route within the VRF. */
2655 /* NOTE: There is no RD here. */
2656 if (is_evpn_prefix_ipaddr_v4(evp)) {
2657 afi = AFI_IP;
2658 safi = SAFI_UNICAST;
2659 rn = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2660 } else {
2661 afi = AFI_IP6;
2662 safi = SAFI_UNICAST;
2663 rn = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2664 }
2665
2666 if (!rn)
2667 return 0;
2668
2669 /* Find matching route entry. */
2670 for (pi = rn->info; pi; pi = pi->next)
2671 if (pi->extra
2672 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2673 break;
2674
2675 if (!pi)
2676 return 0;
2677
2678 bgp_aggregate_decrement(bgp_vrf, &rn->p, pi, afi, safi);
2679
2680 /* Mark entry for deletion */
2681 bgp_path_info_delete(rn, pi);
2682
2683 /* Perform route selection and update zebra, if required. */
2684 bgp_process(bgp_vrf, rn, afi, safi);
2685
2686 /* Unlock route node. */
2687 bgp_unlock_node(rn);
2688
2689 return ret;
2690 }
2691
2692 /*
2693 * Uninstall route entry from the VNI routing table and send message
2694 * to zebra, if appropriate.
2695 */
2696 static int uninstall_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2697 struct prefix_evpn *p,
2698 struct bgp_path_info *parent_pi)
2699 {
2700 struct bgp_node *rn;
2701 struct bgp_path_info *pi;
2702 int ret;
2703
2704 /* Locate route within the VNI. */
2705 /* NOTE: There is no RD here. */
2706 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
2707 if (!rn)
2708 return 0;
2709
2710 /* Find matching route entry. */
2711 for (pi = rn->info; pi; pi = pi->next)
2712 if (pi->extra
2713 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2714 break;
2715
2716 if (!pi)
2717 return 0;
2718
2719 /* Mark entry for deletion */
2720 bgp_path_info_delete(rn, pi);
2721
2722 /* Perform route selection and update zebra, if required. */
2723 ret = evpn_route_select_install(bgp, vpn, rn);
2724
2725 /* Unlock route node. */
2726 bgp_unlock_node(rn);
2727
2728 return ret;
2729 }
2730
2731 /*
2732 * Given a prefix, see if it belongs to ES.
2733 */
2734 static int is_prefix_matching_for_es(struct prefix_evpn *p,
2735 struct evpnes *es)
2736 {
2737 /* if not an ES route return false */
2738 if (p->prefix.route_type != BGP_EVPN_ES_ROUTE)
2739 return 0;
2740
2741 if (memcmp(&p->prefix.es_addr.esi, &es->esi, sizeof(esi_t)) == 0)
2742 return 1;
2743
2744 return 0;
2745 }
2746
2747 /*
2748 * Given a route entry and a VRF, see if this route entry should be
2749 * imported into the VRF i.e., RTs match.
2750 */
2751 static int is_route_matching_for_vrf(struct bgp *bgp_vrf,
2752 struct bgp_path_info *pi)
2753 {
2754 struct attr *attr = pi->attr;
2755 struct ecommunity *ecom;
2756 int i;
2757
2758 assert(attr);
2759 /* Route should have valid RT to be even considered. */
2760 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2761 return 0;
2762
2763 ecom = attr->ecommunity;
2764 if (!ecom || !ecom->size)
2765 return 0;
2766
2767 /* For each extended community RT, see if it matches this VNI. If any RT
2768 * matches, we're done.
2769 */
2770 for (i = 0; i < ecom->size; i++) {
2771 uint8_t *pnt;
2772 uint8_t type, sub_type;
2773 struct ecommunity_val *eval;
2774 struct ecommunity_val eval_tmp;
2775 struct vrf_irt_node *irt;
2776
2777 /* Only deal with RTs */
2778 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2779 eval = (struct ecommunity_val *)(ecom->val
2780 + (i * ECOMMUNITY_SIZE));
2781 type = *pnt++;
2782 sub_type = *pnt++;
2783 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
2784 continue;
2785
2786 /* See if this RT matches specified VNIs import RTs */
2787 irt = lookup_vrf_import_rt(eval);
2788 if (irt)
2789 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
2790 return 1;
2791
2792 /* Also check for non-exact match. In this, we mask out the AS
2793 * and
2794 * only check on the local-admin sub-field. This is to
2795 * facilitate using
2796 * VNI as the RT for EBGP peering too.
2797 */
2798 irt = NULL;
2799 if (type == ECOMMUNITY_ENCODE_AS
2800 || type == ECOMMUNITY_ENCODE_AS4
2801 || type == ECOMMUNITY_ENCODE_IP) {
2802 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
2803 mask_ecom_global_admin(&eval_tmp, eval);
2804 irt = lookup_vrf_import_rt(&eval_tmp);
2805 }
2806 if (irt)
2807 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
2808 return 1;
2809 }
2810
2811 return 0;
2812 }
2813
2814 /*
2815 * Given a route entry and a VNI, see if this route entry should be
2816 * imported into the VNI i.e., RTs match.
2817 */
2818 static int is_route_matching_for_vni(struct bgp *bgp, struct bgpevpn *vpn,
2819 struct bgp_path_info *pi)
2820 {
2821 struct attr *attr = pi->attr;
2822 struct ecommunity *ecom;
2823 int i;
2824
2825 assert(attr);
2826 /* Route should have valid RT to be even considered. */
2827 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2828 return 0;
2829
2830 ecom = attr->ecommunity;
2831 if (!ecom || !ecom->size)
2832 return 0;
2833
2834 /* For each extended community RT, see if it matches this VNI. If any RT
2835 * matches, we're done.
2836 */
2837 for (i = 0; i < ecom->size; i++) {
2838 uint8_t *pnt;
2839 uint8_t type, sub_type;
2840 struct ecommunity_val *eval;
2841 struct ecommunity_val eval_tmp;
2842 struct irt_node *irt;
2843
2844 /* Only deal with RTs */
2845 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2846 eval = (struct ecommunity_val *)(ecom->val
2847 + (i * ECOMMUNITY_SIZE));
2848 type = *pnt++;
2849 sub_type = *pnt++;
2850 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
2851 continue;
2852
2853 /* See if this RT matches specified VNIs import RTs */
2854 irt = lookup_import_rt(bgp, eval);
2855 if (irt)
2856 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
2857 return 1;
2858
2859 /* Also check for non-exact match. In this, we mask out the AS
2860 * and
2861 * only check on the local-admin sub-field. This is to
2862 * facilitate using
2863 * VNI as the RT for EBGP peering too.
2864 */
2865 irt = NULL;
2866 if (type == ECOMMUNITY_ENCODE_AS
2867 || type == ECOMMUNITY_ENCODE_AS4
2868 || type == ECOMMUNITY_ENCODE_IP) {
2869 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
2870 mask_ecom_global_admin(&eval_tmp, eval);
2871 irt = lookup_import_rt(bgp, &eval_tmp);
2872 }
2873 if (irt)
2874 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
2875 return 1;
2876 }
2877
2878 return 0;
2879 }
2880
2881 static int install_uninstall_routes_for_es(struct bgp *bgp,
2882 struct evpnes *es,
2883 int install)
2884 {
2885 int ret;
2886 afi_t afi;
2887 safi_t safi;
2888 char buf[PREFIX_STRLEN];
2889 char buf1[ESI_STR_LEN];
2890 struct bgp_node *rd_rn, *rn;
2891 struct bgp_table *table;
2892 struct bgp_path_info *pi;
2893
2894 afi = AFI_L2VPN;
2895 safi = SAFI_EVPN;
2896
2897 /*
2898 * Walk entire global routing table and evaluate routes which could be
2899 * imported into this VRF. Note that we need to loop through all global
2900 * routes to determine which route matches the import rt on vrf
2901 */
2902 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
2903 rd_rn = bgp_route_next(rd_rn)) {
2904 table = (struct bgp_table *)(rd_rn->info);
2905 if (!table)
2906 continue;
2907
2908 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2909 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2910
2911 for (pi = rn->info; pi; pi = pi->next) {
2912 /*
2913 * Consider "valid" remote routes applicable for
2914 * this ES.
2915 */
2916 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
2917 && pi->type == ZEBRA_ROUTE_BGP
2918 && pi->sub_type == BGP_ROUTE_NORMAL))
2919 continue;
2920
2921 if (!is_prefix_matching_for_es(evp, es))
2922 continue;
2923
2924 if (install)
2925 ret = install_evpn_route_entry_in_es(
2926 bgp, es, evp, pi);
2927 else
2928 ret = uninstall_evpn_route_entry_in_es(
2929 bgp, es, evp, pi);
2930
2931 if (ret) {
2932 flog_err(
2933 EC_BGP_EVPN_FAIL,
2934 "Failed to %s EVPN %s route in ESI %s",
2935 install ? "install"
2936 : "uninstall",
2937 prefix2str(evp, buf,
2938 sizeof(buf)),
2939 esi_to_str(&es->esi, buf1,
2940 sizeof(buf1)));
2941 return ret;
2942 }
2943 }
2944 }
2945 }
2946 return 0;
2947 }
2948
2949 /*
2950 * Install or uninstall mac-ip routes are appropriate for this
2951 * particular VRF.
2952 */
2953 static int install_uninstall_routes_for_vrf(struct bgp *bgp_vrf, int install)
2954 {
2955 afi_t afi;
2956 safi_t safi;
2957 struct bgp_node *rd_rn, *rn;
2958 struct bgp_table *table;
2959 struct bgp_path_info *pi;
2960 int ret;
2961 char buf[PREFIX_STRLEN];
2962 struct bgp *bgp_def = NULL;
2963
2964 afi = AFI_L2VPN;
2965 safi = SAFI_EVPN;
2966 bgp_def = bgp_get_default();
2967 if (!bgp_def)
2968 return -1;
2969
2970 /* Walk entire global routing table and evaluate routes which could be
2971 * imported into this VRF. Note that we need to loop through all global
2972 * routes to determine which route matches the import rt on vrf
2973 */
2974 for (rd_rn = bgp_table_top(bgp_def->rib[afi][safi]); rd_rn;
2975 rd_rn = bgp_route_next(rd_rn)) {
2976 table = (struct bgp_table *)(rd_rn->info);
2977 if (!table)
2978 continue;
2979
2980 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2981 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2982
2983 /* if not mac-ip route skip this route */
2984 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
2985 || evp->prefix.route_type
2986 == BGP_EVPN_IP_PREFIX_ROUTE))
2987 continue;
2988
2989 /* if not a mac+ip route skip this route */
2990 if (!(is_evpn_prefix_ipaddr_v4(evp)
2991 || is_evpn_prefix_ipaddr_v6(evp)))
2992 continue;
2993
2994 for (pi = rn->info; pi; pi = pi->next) {
2995 /* Consider "valid" remote routes applicable for
2996 * this VRF.
2997 */
2998 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
2999 && pi->type == ZEBRA_ROUTE_BGP
3000 && pi->sub_type == BGP_ROUTE_NORMAL))
3001 continue;
3002
3003 if (is_route_matching_for_vrf(bgp_vrf, pi)) {
3004 if (install)
3005 ret = install_evpn_route_entry_in_vrf(
3006 bgp_vrf, evp, pi);
3007 else
3008 ret = uninstall_evpn_route_entry_in_vrf(
3009 bgp_vrf, evp, pi);
3010
3011 if (ret) {
3012 flog_err(
3013 EC_BGP_EVPN_FAIL,
3014 "Failed to %s EVPN %s route in VRF %s",
3015 install ? "install"
3016 : "uninstall",
3017 prefix2str(evp, buf,
3018 sizeof(buf)),
3019 vrf_id_to_name(
3020 bgp_vrf->vrf_id));
3021 return ret;
3022 }
3023 }
3024 }
3025 }
3026 }
3027
3028 return 0;
3029 }
3030
3031 /*
3032 * Install or uninstall routes of specified type that are appropriate for this
3033 * particular VNI.
3034 */
3035 static int install_uninstall_routes_for_vni(struct bgp *bgp,
3036 struct bgpevpn *vpn,
3037 bgp_evpn_route_type rtype,
3038 int install)
3039 {
3040 afi_t afi;
3041 safi_t safi;
3042 struct bgp_node *rd_rn, *rn;
3043 struct bgp_table *table;
3044 struct bgp_path_info *pi;
3045 int ret;
3046
3047 afi = AFI_L2VPN;
3048 safi = SAFI_EVPN;
3049
3050 /* Walk entire global routing table and evaluate routes which could be
3051 * imported into this VPN. Note that we cannot just look at the routes
3052 * for
3053 * the VNI's RD - remote routes applicable for this VNI could have any
3054 * RD.
3055 */
3056 /* EVPN routes are a 2-level table. */
3057 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
3058 rd_rn = bgp_route_next(rd_rn)) {
3059 table = (struct bgp_table *)(rd_rn->info);
3060 if (!table)
3061 continue;
3062
3063 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
3064 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3065
3066 if (evp->prefix.route_type != rtype)
3067 continue;
3068
3069 for (pi = rn->info; pi; pi = pi->next) {
3070 /* Consider "valid" remote routes applicable for
3071 * this VNI. */
3072 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3073 && pi->type == ZEBRA_ROUTE_BGP
3074 && pi->sub_type == BGP_ROUTE_NORMAL))
3075 continue;
3076
3077 if (is_route_matching_for_vni(bgp, vpn, pi)) {
3078 if (install)
3079 ret = install_evpn_route_entry(
3080 bgp, vpn, evp, pi);
3081 else
3082 ret = uninstall_evpn_route_entry(
3083 bgp, vpn, evp, pi);
3084
3085 if (ret) {
3086 flog_err(
3087 EC_BGP_EVPN_FAIL,
3088 "%u: Failed to %s EVPN %s route in VNI %u",
3089 bgp->vrf_id,
3090 install ? "install"
3091 : "uninstall",
3092 rtype == BGP_EVPN_MAC_IP_ROUTE
3093 ? "MACIP"
3094 : "IMET",
3095 vpn->vni);
3096 return ret;
3097 }
3098 }
3099 }
3100 }
3101 }
3102
3103 return 0;
3104 }
3105
3106 /* Install any existing remote ES routes applicable for this ES into its routing
3107 * table. This is invoked when ES comes up.
3108 */
3109 static int install_routes_for_es(struct bgp *bgp, struct evpnes *es)
3110 {
3111 return install_uninstall_routes_for_es(bgp, es, 1);
3112 }
3113
3114
3115 /* Install any existing remote routes applicable for this VRF into VRF RIB. This
3116 * is invoked upon l3vni-add or l3vni import rt change
3117 */
3118 static int install_routes_for_vrf(struct bgp *bgp_vrf)
3119 {
3120 install_uninstall_routes_for_vrf(bgp_vrf, 1);
3121 return 0;
3122 }
3123
3124 /*
3125 * Install any existing remote routes applicable for this VNI into its
3126 * routing table. This is invoked when a VNI becomes "live" or its Import
3127 * RT is changed.
3128 */
3129 static int install_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3130 {
3131 int ret;
3132
3133 /* Install type-3 routes followed by type-2 routes - the ones applicable
3134 * for this VNI.
3135 */
3136 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3137 1);
3138 if (ret)
3139 return ret;
3140
3141 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3142 1);
3143 }
3144
3145 /* uninstall routes from l3vni vrf. */
3146 static int uninstall_routes_for_vrf(struct bgp *bgp_vrf)
3147 {
3148 install_uninstall_routes_for_vrf(bgp_vrf, 0);
3149 return 0;
3150 }
3151
3152 /*
3153 * Uninstall any existing remote routes for this VNI. One scenario in which
3154 * this is invoked is upon an import RT change.
3155 */
3156 static int uninstall_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3157 {
3158 int ret;
3159
3160 /* Uninstall type-2 routes followed by type-3 routes - the ones
3161 * applicable
3162 * for this VNI.
3163 */
3164 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3165 0);
3166 if (ret)
3167 return ret;
3168
3169 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3170 0);
3171 }
3172
3173 /* Install or unistall route in ES */
3174 static int install_uninstall_route_in_es(struct bgp *bgp, struct evpnes *es,
3175 afi_t afi, safi_t safi,
3176 struct prefix_evpn *evp,
3177 struct bgp_path_info *pi, int install)
3178 {
3179 int ret = 0;
3180 char buf[ESI_STR_LEN];
3181
3182 if (install)
3183 ret = install_evpn_route_entry_in_es(bgp, es, evp, pi);
3184 else
3185 ret = uninstall_evpn_route_entry_in_es(bgp, es, evp, pi);
3186
3187 if (ret) {
3188 flog_err(
3189 EC_BGP_EVPN_FAIL,
3190 "%u: Failed to %s EVPN %s route in ESI %s", bgp->vrf_id,
3191 install ? "install" : "uninstall", "ES",
3192 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)));
3193 return ret;
3194 }
3195 return 0;
3196 }
3197
3198 /*
3199 * Install or uninstall route in matching VRFs (list).
3200 */
3201 static int install_uninstall_route_in_vrfs(struct bgp *bgp_def, afi_t afi,
3202 safi_t safi, struct prefix_evpn *evp,
3203 struct bgp_path_info *pi,
3204 struct list *vrfs, int install)
3205 {
3206 char buf[PREFIX2STR_BUFFER];
3207 struct bgp *bgp_vrf;
3208 struct listnode *node, *nnode;
3209
3210 /* Only type-2/type-5 routes go into a VRF */
3211 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3212 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3213 return 0;
3214
3215 /* if it is type-2 route and not a mac+ip route skip this route */
3216 if ((evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
3217 && !(is_evpn_prefix_ipaddr_v4(evp)
3218 || is_evpn_prefix_ipaddr_v6(evp)))
3219 return 0;
3220
3221 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, bgp_vrf)) {
3222 int ret;
3223
3224 if (install)
3225 ret = install_evpn_route_entry_in_vrf(bgp_vrf, evp, pi);
3226 else
3227 ret = uninstall_evpn_route_entry_in_vrf(bgp_vrf, evp,
3228 pi);
3229
3230 if (ret) {
3231 flog_err(EC_BGP_EVPN_FAIL,
3232 "%u: Failed to %s prefix %s in VRF %s",
3233 bgp_def->vrf_id,
3234 install ? "install" : "uninstall",
3235 prefix2str(evp, buf, sizeof(buf)),
3236 vrf_id_to_name(bgp_vrf->vrf_id));
3237 return ret;
3238 }
3239 }
3240
3241 return 0;
3242 }
3243
3244 /*
3245 * Install or uninstall route in matching VNIs (list).
3246 */
3247 static int install_uninstall_route_in_vnis(struct bgp *bgp, afi_t afi,
3248 safi_t safi, struct prefix_evpn *evp,
3249 struct bgp_path_info *pi,
3250 struct list *vnis, int install)
3251 {
3252 struct bgpevpn *vpn;
3253 struct listnode *node, *nnode;
3254
3255 for (ALL_LIST_ELEMENTS(vnis, node, nnode, vpn)) {
3256 int ret;
3257
3258 if (!is_vni_live(vpn))
3259 continue;
3260
3261 if (install)
3262 ret = install_evpn_route_entry(bgp, vpn, evp, pi);
3263 else
3264 ret = uninstall_evpn_route_entry(bgp, vpn, evp, pi);
3265
3266 if (ret) {
3267 flog_err(EC_BGP_EVPN_FAIL,
3268 "%u: Failed to %s EVPN %s route in VNI %u",
3269 bgp->vrf_id, install ? "install" : "uninstall",
3270 evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3271 ? "MACIP"
3272 : "IMET",
3273 vpn->vni);
3274 return ret;
3275 }
3276 }
3277
3278 return 0;
3279 }
3280
3281 /*
3282 * Install or uninstall route for appropriate VNIs/ESIs.
3283 */
3284 static int install_uninstall_evpn_route(struct bgp *bgp, afi_t afi, safi_t safi,
3285 struct prefix *p,
3286 struct bgp_path_info *pi, int import)
3287 {
3288 struct prefix_evpn *evp = (struct prefix_evpn *)p;
3289 struct attr *attr = pi->attr;
3290 struct ecommunity *ecom;
3291 int i;
3292
3293 assert(attr);
3294
3295 /* Only type-2, type-3, type-4 and type-5 are supported currently */
3296 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3297 || evp->prefix.route_type == BGP_EVPN_IMET_ROUTE
3298 || evp->prefix.route_type == BGP_EVPN_ES_ROUTE
3299 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3300 return 0;
3301
3302 /* If we don't have Route Target, nothing much to do. */
3303 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
3304 return 0;
3305
3306 ecom = attr->ecommunity;
3307 if (!ecom || !ecom->size)
3308 return -1;
3309
3310 /* An EVPN route belongs to a VNI or a VRF or an ESI based on the RTs
3311 * attached to the route */
3312 for (i = 0; i < ecom->size; i++) {
3313 uint8_t *pnt;
3314 uint8_t type, sub_type;
3315 struct ecommunity_val *eval;
3316 struct ecommunity_val eval_tmp;
3317 struct irt_node *irt; /* import rt for l2vni */
3318 struct vrf_irt_node *vrf_irt; /* import rt for l3vni */
3319 struct evpnes *es;
3320
3321 /* Only deal with RTs */
3322 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3323 eval = (struct ecommunity_val *)(ecom->val
3324 + (i * ECOMMUNITY_SIZE));
3325 type = *pnt++;
3326 sub_type = *pnt++;
3327 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3328 continue;
3329
3330 /*
3331 * macip routes (type-2) are imported into VNI and VRF tables.
3332 * IMET route is imported into VNI table.
3333 * prefix routes are imported into VRF table.
3334 */
3335 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE ||
3336 evp->prefix.route_type == BGP_EVPN_IMET_ROUTE ||
3337 evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
3338
3339 irt = lookup_import_rt(bgp, eval);
3340 if (irt)
3341 install_uninstall_route_in_vnis(
3342 bgp, afi, safi, evp, pi, irt->vnis,
3343 import);
3344
3345 vrf_irt = lookup_vrf_import_rt(eval);
3346 if (vrf_irt)
3347 install_uninstall_route_in_vrfs(
3348 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3349 import);
3350
3351 /* Also check for non-exact match.
3352 * In this, we mask out the AS and
3353 * only check on the local-admin sub-field.
3354 * This is to facilitate using
3355 * VNI as the RT for EBGP peering too.
3356 */
3357 irt = NULL;
3358 vrf_irt = NULL;
3359 if (type == ECOMMUNITY_ENCODE_AS
3360 || type == ECOMMUNITY_ENCODE_AS4
3361 || type == ECOMMUNITY_ENCODE_IP) {
3362 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3363 mask_ecom_global_admin(&eval_tmp, eval);
3364 irt = lookup_import_rt(bgp, &eval_tmp);
3365 vrf_irt = lookup_vrf_import_rt(&eval_tmp);
3366 }
3367
3368 if (irt)
3369 install_uninstall_route_in_vnis(
3370 bgp, afi, safi, evp, pi, irt->vnis,
3371 import);
3372 if (vrf_irt)
3373 install_uninstall_route_in_vrfs(
3374 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3375 import);
3376 }
3377
3378 /* es route is imported into the es table */
3379 if (evp->prefix.route_type == BGP_EVPN_ES_ROUTE) {
3380
3381 /* we will match based on the entire esi to avoid
3382 * imoort of an es route for esi2 into esi1
3383 */
3384 es = bgp_evpn_lookup_es(bgp, &evp->prefix.es_addr.esi);
3385 if (es && is_es_local(es))
3386 install_uninstall_route_in_es(
3387 bgp, es, afi, safi, evp, pi, import);
3388 }
3389 }
3390
3391 return 0;
3392 }
3393
3394 /*
3395 * delete and withdraw all ipv4 and ipv6 routes in the vrf table as type-5
3396 * routes
3397 */
3398 static void delete_withdraw_vrf_routes(struct bgp *bgp_vrf)
3399 {
3400 /* Delete ipv4 default route and withdraw from peers */
3401 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3402 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3403 SAFI_UNICAST, false);
3404
3405 /* delete all ipv4 routes and withdraw from peers */
3406 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3407 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3408
3409 /* Delete ipv6 default route and withdraw from peers */
3410 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3411 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3412 SAFI_UNICAST, false);
3413
3414 /* delete all ipv6 routes and withdraw from peers */
3415 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3416 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3417 }
3418
3419 /*
3420 * update and advertise all ipv4 and ipv6 routes in thr vrf table as type-5
3421 * routes
3422 */
3423 static void update_advertise_vrf_routes(struct bgp *bgp_vrf)
3424 {
3425 /* update all ipv4 routes */
3426 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3427 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3428
3429 /* update ipv4 default route and withdraw from peers */
3430 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3431 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3432 SAFI_UNICAST, true);
3433
3434 /* update all ipv6 routes */
3435 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3436 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3437
3438 /* update ipv6 default route and withdraw from peers */
3439 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3440 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3441 SAFI_UNICAST, true);
3442
3443 }
3444
3445 /*
3446 * update and advertise local routes for a VRF as type-5 routes.
3447 * This is invoked upon RD change for a VRF. Note taht the processing is only
3448 * done in the global route table using the routes which already exist in the
3449 * VRF routing table
3450 */
3451 static void update_router_id_vrf(struct bgp *bgp_vrf)
3452 {
3453 /* skip if the RD is configured */
3454 if (is_vrf_rd_configured(bgp_vrf))
3455 return;
3456
3457 /* derive the RD for the VRF based on new router-id */
3458 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
3459
3460 /* update advertise ipv4|ipv6 routes as type-5 routes */
3461 update_advertise_vrf_routes(bgp_vrf);
3462 }
3463
3464 /*
3465 * Delete and withdraw all type-5 routes for the RD corresponding to VRF.
3466 * This is invoked upon VRF RD change. The processing is done only from global
3467 * table.
3468 */
3469 static void withdraw_router_id_vrf(struct bgp *bgp_vrf)
3470 {
3471 /* skip if the RD is configured */
3472 if (is_vrf_rd_configured(bgp_vrf))
3473 return;
3474
3475 /* delete/withdraw ipv4|ipv6 routes as type-5 routes */
3476 delete_withdraw_vrf_routes(bgp_vrf);
3477 }
3478
3479 /*
3480 * Update and advertise local routes for a VNI. Invoked upon router-id
3481 * change. Note that the processing is done only on the global route table
3482 * using routes that already exist in the per-VNI table.
3483 */
3484 static int update_advertise_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3485 {
3486 struct prefix_evpn p;
3487 struct bgp_node *rn, *global_rn;
3488 struct bgp_path_info *pi, *global_pi;
3489 struct attr *attr;
3490 afi_t afi = AFI_L2VPN;
3491 safi_t safi = SAFI_EVPN;
3492
3493 /* Locate type-3 route for VNI in the per-VNI table and use its
3494 * attributes to create and advertise the type-3 route for this VNI
3495 * in the global table.
3496 *
3497 * RT-3 only if doing head-end replication
3498 */
3499 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL) {
3500 build_evpn_type3_prefix(&p, vpn->originator_ip);
3501 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)&p);
3502 if (!rn) /* unexpected */
3503 return 0;
3504 for (pi = rn->info; pi; pi = pi->next)
3505 if (pi->peer == bgp->peer_self &&
3506 pi->type == ZEBRA_ROUTE_BGP
3507 && pi->sub_type == BGP_ROUTE_STATIC)
3508 break;
3509 if (!pi) /* unexpected */
3510 return 0;
3511 attr = pi->attr;
3512
3513 global_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3514 (struct prefix *)&p, &vpn->prd);
3515 update_evpn_route_entry(bgp, vpn, afi, safi, global_rn, attr,
3516 1, &pi, 0, mac_mobility_seqnum(attr));
3517
3518 /* Schedule for processing and unlock node. */
3519 bgp_process(bgp, global_rn, afi, safi);
3520 bgp_unlock_node(global_rn);
3521 }
3522
3523 /* Now, walk this VNI's route table and use the route and its attribute
3524 * to create and schedule route in global table.
3525 */
3526 for (rn = bgp_table_top(vpn->route_table); rn;
3527 rn = bgp_route_next(rn)) {
3528 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3529
3530 /* Identify MAC-IP local routes. */
3531 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
3532 continue;
3533
3534 for (pi = rn->info; pi; pi = pi->next)
3535 if (pi->peer == bgp->peer_self
3536 && pi->type == ZEBRA_ROUTE_BGP
3537 && pi->sub_type == BGP_ROUTE_STATIC)
3538 break;
3539 if (!pi)
3540 continue;
3541
3542 /* Create route in global routing table using this route entry's
3543 * attribute.
3544 */
3545 attr = pi->attr;
3546 global_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3547 (struct prefix *)evp, &vpn->prd);
3548 assert(global_rn);
3549 update_evpn_route_entry(bgp, vpn, afi, safi, global_rn, attr, 1,
3550 &global_pi, 0,
3551 mac_mobility_seqnum(attr));
3552
3553 /* Schedule for processing and unlock node. */
3554 bgp_process(bgp, global_rn, afi, safi);
3555 bgp_unlock_node(global_rn);
3556 }
3557
3558 return 0;
3559 }
3560
3561 /*
3562 * Delete (and withdraw) local routes for a VNI - only from the global
3563 * table. Invoked upon router-id change.
3564 */
3565 static int delete_withdraw_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3566 {
3567 int ret;
3568 struct prefix_evpn p;
3569 struct bgp_node *global_rn;
3570 struct bgp_path_info *pi;
3571 afi_t afi = AFI_L2VPN;
3572 safi_t safi = SAFI_EVPN;
3573
3574 /* Delete and withdraw locally learnt type-2 routes (MACIP)
3575 * for this VNI - from the global table.
3576 */
3577 ret = delete_global_type2_routes(bgp, vpn);
3578 if (ret)
3579 return ret;
3580
3581 /* Remove type-3 route for this VNI from global table. */
3582 build_evpn_type3_prefix(&p, vpn->originator_ip);
3583 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
3584 (struct prefix *)&p, &vpn->prd);
3585 if (global_rn) {
3586 /* Delete route entry in the global EVPN table. */
3587 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
3588
3589 /* Schedule for processing - withdraws to peers happen from
3590 * this table.
3591 */
3592 if (pi)
3593 bgp_process(bgp, global_rn, afi, safi);
3594 bgp_unlock_node(global_rn);
3595 }
3596
3597 return 0;
3598 }
3599
3600 /*
3601 * Handle router-id change. Update and advertise local routes corresponding
3602 * to this VNI from peers. Note that this is invoked after updating the
3603 * router-id. The routes in the per-VNI table are used to create routes in
3604 * the global table and schedule them.
3605 */
3606 static void update_router_id_vni(struct hash_backet *backet, struct bgp *bgp)
3607 {
3608 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
3609
3610 /* Skip VNIs with configured RD. */
3611 if (is_rd_configured(vpn))
3612 return;
3613
3614 bgp_evpn_derive_auto_rd(bgp, vpn);
3615 update_advertise_vni_routes(bgp, vpn);
3616 }
3617
3618 /*
3619 * Handle router-id change. Delete and withdraw local routes corresponding
3620 * to this VNI from peers. Note that this is invoked prior to updating
3621 * the router-id and is done only on the global route table, the routes
3622 * are needed in the per-VNI table to re-advertise with new router id.
3623 */
3624 static void withdraw_router_id_vni(struct hash_backet *backet, struct bgp *bgp)
3625 {
3626 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
3627
3628 /* Skip VNIs with configured RD. */
3629 if (is_rd_configured(vpn))
3630 return;
3631
3632 delete_withdraw_vni_routes(bgp, vpn);
3633 }
3634
3635 /*
3636 * Create RT-3 for a VNI and schedule for processing and advertisement.
3637 * This is invoked upon flooding mode changing to head-end replication.
3638 */
3639 static void create_advertise_type3(struct hash_backet *backet, void *data)
3640 {
3641 struct bgpevpn *vpn = backet->data;
3642 struct bgp *bgp = data;
3643 struct prefix_evpn p;
3644
3645 if (!vpn || !is_vni_live(vpn))
3646 return;
3647
3648 build_evpn_type3_prefix(&p, vpn->originator_ip);
3649 if (update_evpn_route(bgp, vpn, &p, 0, 0))
3650 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
3651 "Type3 route creation failure for VNI %u", vpn->vni);
3652 }
3653
3654 /*
3655 * Delete RT-3 for a VNI and schedule for processing and withdrawal.
3656 * This is invoked upon flooding mode changing to drop BUM packets.
3657 */
3658 static void delete_withdraw_type3(struct hash_backet *backet, void *data)
3659 {
3660 struct bgpevpn *vpn = backet->data;
3661 struct bgp *bgp = data;
3662 struct prefix_evpn p;
3663
3664 if (!vpn || !is_vni_live(vpn))
3665 return;
3666
3667 build_evpn_type3_prefix(&p, vpn->originator_ip);
3668 delete_evpn_route(bgp, vpn, &p);
3669 }
3670
3671 /*
3672 * Process received EVPN type-2 route (advertise or withdraw).
3673 */
3674 static int process_type2_route(struct peer *peer, afi_t afi, safi_t safi,
3675 struct attr *attr, uint8_t *pfx, int psize,
3676 uint32_t addpath_id)
3677 {
3678 struct prefix_rd prd;
3679 struct prefix_evpn p;
3680 struct bgp_route_evpn evpn;
3681 uint8_t ipaddr_len;
3682 uint8_t macaddr_len;
3683 mpls_label_t label[BGP_MAX_LABELS]; /* holds the VNI(s) as in packet */
3684 uint32_t num_labels = 0;
3685 uint32_t eth_tag;
3686 int ret;
3687
3688 /* Type-2 route should be either 33, 37 or 49 bytes or an
3689 * additional 3 bytes if there is a second label (VNI):
3690 * RD (8), ESI (10), Eth Tag (4), MAC Addr Len (1),
3691 * MAC Addr (6), IP len (1), IP (0, 4 or 16),
3692 * MPLS Lbl1 (3), MPLS Lbl2 (0 or 3)
3693 */
3694 if (psize != 33 && psize != 37 && psize != 49 && psize != 36
3695 && psize != 40 && psize != 52) {
3696 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3697 "%u:%s - Rx EVPN Type-2 NLRI with invalid length %d",
3698 peer->bgp->vrf_id, peer->host, psize);
3699 return -1;
3700 }
3701
3702 memset(&evpn, 0, sizeof(evpn));
3703
3704 /* Make prefix_rd */
3705 prd.family = AF_UNSPEC;
3706 prd.prefixlen = 64;
3707 memcpy(&prd.val, pfx, 8);
3708 pfx += 8;
3709
3710 /* Make EVPN prefix. */
3711 memset(&p, 0, sizeof(struct prefix_evpn));
3712 p.family = AF_EVPN;
3713 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3714 p.prefix.route_type = BGP_EVPN_MAC_IP_ROUTE;
3715
3716 /* Copy Ethernet Seg Identifier */
3717 memcpy(&evpn.eth_s_id.val, pfx, ESI_LEN);
3718 pfx += ESI_LEN;
3719
3720 /* Copy Ethernet Tag */
3721 memcpy(&eth_tag, pfx, 4);
3722 p.prefix.macip_addr.eth_tag = ntohl(eth_tag);
3723 pfx += 4;
3724
3725 /* Get the MAC Addr len */
3726 macaddr_len = *pfx++;
3727
3728 /* Get the MAC Addr */
3729 if (macaddr_len == (ETH_ALEN * 8)) {
3730 memcpy(&p.prefix.macip_addr.mac.octet, pfx, ETH_ALEN);
3731 pfx += ETH_ALEN;
3732 } else {
3733 flog_err(
3734 EC_BGP_EVPN_ROUTE_INVALID,
3735 "%u:%s - Rx EVPN Type-2 NLRI with unsupported MAC address length %d",
3736 peer->bgp->vrf_id, peer->host, macaddr_len);
3737 return -1;
3738 }
3739
3740
3741 /* Get the IP. */
3742 ipaddr_len = *pfx++;
3743 if (ipaddr_len != 0 && ipaddr_len != IPV4_MAX_BITLEN
3744 && ipaddr_len != IPV6_MAX_BITLEN) {
3745 flog_err(
3746 EC_BGP_EVPN_ROUTE_INVALID,
3747 "%u:%s - Rx EVPN Type-2 NLRI with unsupported IP address length %d",
3748 peer->bgp->vrf_id, peer->host, ipaddr_len);
3749 return -1;
3750 }
3751
3752 if (ipaddr_len) {
3753 ipaddr_len /= 8; /* Convert to bytes. */
3754 p.prefix.macip_addr.ip.ipa_type = (ipaddr_len == IPV4_MAX_BYTELEN)
3755 ? IPADDR_V4
3756 : IPADDR_V6;
3757 memcpy(&p.prefix.macip_addr.ip.ip.addr, pfx, ipaddr_len);
3758 }
3759 pfx += ipaddr_len;
3760
3761 /* Get the VNI(s). Stored as bytes here. */
3762 num_labels++;
3763 memset(label, 0, sizeof(label));
3764 memcpy(&label[0], pfx, BGP_LABEL_BYTES);
3765 pfx += BGP_LABEL_BYTES;
3766 psize -= (33 + ipaddr_len);
3767 /* Do we have a second VNI? */
3768 if (psize) {
3769 num_labels++;
3770 memcpy(&label[1], pfx, BGP_LABEL_BYTES);
3771 /*
3772 * If in future, we are required to access additional fields,
3773 * we MUST increment pfx by BGP_LABEL_BYTES in before reading
3774 * the next field
3775 */
3776 }
3777
3778 /* Process the route. */
3779 if (attr)
3780 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
3781 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3782 &prd, &label[0], num_labels, 0, &evpn);
3783 else
3784 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
3785 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3786 &prd, &label[0], num_labels, &evpn);
3787 return ret;
3788 }
3789
3790 /*
3791 * Process received EVPN type-3 route (advertise or withdraw).
3792 */
3793 static int process_type3_route(struct peer *peer, afi_t afi, safi_t safi,
3794 struct attr *attr, uint8_t *pfx, int psize,
3795 uint32_t addpath_id)
3796 {
3797 struct prefix_rd prd;
3798 struct prefix_evpn p;
3799 uint8_t ipaddr_len;
3800 uint32_t eth_tag;
3801 int ret;
3802
3803 /* Type-3 route should be either 17 or 29 bytes: RD (8), Eth Tag (4),
3804 * IP len (1) and IP (4 or 16).
3805 */
3806 if (psize != 17 && psize != 29) {
3807 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3808 "%u:%s - Rx EVPN Type-3 NLRI with invalid length %d",
3809 peer->bgp->vrf_id, peer->host, psize);
3810 return -1;
3811 }
3812
3813 /* If PMSI is present, log if it is anything other than IR.
3814 * Note: We just simply ignore the values as it is not clear if
3815 * doing anything else is better.
3816 */
3817 if (attr &&
3818 (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL))) {
3819 if (attr->pmsi_tnl_type != PMSI_TNLTYPE_INGR_REPL) {
3820 flog_warn(
3821 EC_BGP_EVPN_PMSI_PRESENT,
3822 "%u:%s - Rx EVPN Type-3 NLRI with unsupported PTA %d",
3823 peer->bgp->vrf_id, peer->host,
3824 attr->pmsi_tnl_type);
3825 }
3826 }
3827
3828 /* Make prefix_rd */
3829 prd.family = AF_UNSPEC;
3830 prd.prefixlen = 64;
3831 memcpy(&prd.val, pfx, 8);
3832 pfx += 8;
3833
3834 /* Make EVPN prefix. */
3835 memset(&p, 0, sizeof(struct prefix_evpn));
3836 p.family = AF_EVPN;
3837 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3838 p.prefix.route_type = BGP_EVPN_IMET_ROUTE;
3839
3840 /* Copy Ethernet Tag */
3841 memcpy(&eth_tag, pfx, 4);
3842 p.prefix.imet_addr.eth_tag = ntohl(eth_tag);
3843 pfx += 4;
3844
3845 /* Get the IP. */
3846 ipaddr_len = *pfx++;
3847 if (ipaddr_len == IPV4_MAX_BITLEN) {
3848 p.prefix.imet_addr.ip.ipa_type = IPADDR_V4;
3849 memcpy(&p.prefix.imet_addr.ip.ip.addr, pfx, IPV4_MAX_BYTELEN);
3850 } else {
3851 flog_err(
3852 EC_BGP_EVPN_ROUTE_INVALID,
3853 "%u:%s - Rx EVPN Type-3 NLRI with unsupported IP address length %d",
3854 peer->bgp->vrf_id, peer->host, ipaddr_len);
3855 return -1;
3856 }
3857
3858 /* Process the route. */
3859 if (attr)
3860 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
3861 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3862 &prd, NULL, 0, 0, NULL);
3863 else
3864 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
3865 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3866 &prd, NULL, 0, NULL);
3867 return ret;
3868 }
3869
3870 /*
3871 * Process received EVPN type-4 route (advertise or withdraw).
3872 */
3873 static int process_type4_route(struct peer *peer, afi_t afi, safi_t safi,
3874 struct attr *attr, uint8_t *pfx, int psize,
3875 uint32_t addpath_id)
3876 {
3877 int ret;
3878 esi_t esi;
3879 uint8_t ipaddr_len;
3880 struct in_addr vtep_ip;
3881 struct prefix_rd prd;
3882 struct prefix_evpn p;
3883
3884 /* Type-4 route should be either 23 or 35 bytes
3885 * RD (8), ESI (10), ip-len (1), ip (4 or 16)
3886 */
3887 if (psize != 23 && psize != 35) {
3888 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3889 "%u:%s - Rx EVPN Type-4 NLRI with invalid length %d",
3890 peer->bgp->vrf_id, peer->host, psize);
3891 return -1;
3892 }
3893
3894 /* Make prefix_rd */
3895 prd.family = AF_UNSPEC;
3896 prd.prefixlen = 64;
3897 memcpy(&prd.val, pfx, 8);
3898 pfx += 8;
3899
3900 /* get the ESI */
3901 memcpy(&esi, pfx, ESI_BYTES);
3902 pfx += ESI_BYTES;
3903
3904
3905 /* Get the IP. */
3906 ipaddr_len = *pfx++;
3907 if (ipaddr_len == IPV4_MAX_BITLEN) {
3908 memcpy(&vtep_ip, pfx, IPV4_MAX_BYTELEN);
3909 } else {
3910 flog_err(
3911 EC_BGP_EVPN_ROUTE_INVALID,
3912 "%u:%s - Rx EVPN Type-4 NLRI with unsupported IP address length %d",
3913 peer->bgp->vrf_id, peer->host, ipaddr_len);
3914 return -1;
3915 }
3916
3917 build_evpn_type4_prefix(&p, &esi, vtep_ip);
3918 /* Process the route. */
3919 if (attr) {
3920 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
3921 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3922 &prd, NULL, 0, 0, NULL);
3923 } else {
3924 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
3925 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3926 &prd, NULL, 0, NULL);
3927 }
3928 return ret;
3929 }
3930
3931
3932 /*
3933 * Process received EVPN type-5 route (advertise or withdraw).
3934 */
3935 static int process_type5_route(struct peer *peer, afi_t afi, safi_t safi,
3936 struct attr *attr, uint8_t *pfx, int psize,
3937 uint32_t addpath_id, int withdraw)
3938 {
3939 struct prefix_rd prd;
3940 struct prefix_evpn p;
3941 struct bgp_route_evpn evpn;
3942 uint8_t ippfx_len;
3943 uint32_t eth_tag;
3944 mpls_label_t label; /* holds the VNI as in the packet */
3945 int ret;
3946
3947 /* Type-5 route should be 34 or 58 bytes:
3948 * RD (8), ESI (10), Eth Tag (4), IP len (1), IP (4 or 16),
3949 * GW (4 or 16) and VNI (3).
3950 * Note that the IP and GW should both be IPv4 or both IPv6.
3951 */
3952 if (psize != 34 && psize != 58) {
3953 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3954 "%u:%s - Rx EVPN Type-5 NLRI with invalid length %d",
3955 peer->bgp->vrf_id, peer->host, psize);
3956 return -1;
3957 }
3958
3959 /* Make prefix_rd */
3960 prd.family = AF_UNSPEC;
3961 prd.prefixlen = 64;
3962 memcpy(&prd.val, pfx, 8);
3963 pfx += 8;
3964
3965 /* Make EVPN prefix. */
3966 memset(&p, 0, sizeof(struct prefix_evpn));
3967 p.family = AF_EVPN;
3968 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3969 p.prefix.route_type = BGP_EVPN_IP_PREFIX_ROUTE;
3970
3971 /* Additional information outside of prefix - ESI and GW IP */
3972 memset(&evpn, 0, sizeof(evpn));
3973
3974 /* Fetch ESI */
3975 memcpy(&evpn.eth_s_id.val, pfx, 10);
3976 pfx += 10;
3977
3978 /* Fetch Ethernet Tag. */
3979 memcpy(&eth_tag, pfx, 4);
3980 p.prefix.prefix_addr.eth_tag = ntohl(eth_tag);
3981 pfx += 4;
3982
3983 /* Fetch IP prefix length. */
3984 ippfx_len = *pfx++;
3985 if (ippfx_len > IPV6_MAX_BITLEN) {
3986 flog_err(
3987 EC_BGP_EVPN_ROUTE_INVALID,
3988 "%u:%s - Rx EVPN Type-5 NLRI with invalid IP Prefix length %d",
3989 peer->bgp->vrf_id, peer->host, ippfx_len);
3990 return -1;
3991 }
3992 p.prefix.prefix_addr.ip_prefix_length = ippfx_len;
3993
3994 /* Determine IPv4 or IPv6 prefix */
3995 /* Since the address and GW are from the same family, this just becomes
3996 * a simple check on the total size.
3997 */
3998 if (psize == 34) {
3999 SET_IPADDR_V4(&p.prefix.prefix_addr.ip);
4000 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v4, pfx, 4);
4001 pfx += 4;
4002 memcpy(&evpn.gw_ip.ipv4, pfx, 4);
4003 pfx += 4;
4004 } else {
4005 SET_IPADDR_V6(&p.prefix.prefix_addr.ip);
4006 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v6, pfx, 16);
4007 pfx += 16;
4008 memcpy(&evpn.gw_ip.ipv6, pfx, 16);
4009 pfx += 16;
4010 }
4011
4012 /* Get the VNI (in MPLS label field). Stored as bytes here. */
4013 memset(&label, 0, sizeof(label));
4014 memcpy(&label, pfx, BGP_LABEL_BYTES);
4015
4016 /*
4017 * If in future, we are required to access additional fields,
4018 * we MUST increment pfx by BGP_LABEL_BYTES in before reading the next
4019 * field
4020 */
4021
4022 /* Process the route. */
4023 if (!withdraw)
4024 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4025 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4026 &prd, &label, 1, 0, &evpn);
4027 else
4028 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4029 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4030 &prd, &label, 1, &evpn);
4031
4032 return ret;
4033 }
4034
4035 static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p,
4036 struct prefix_rd *prd, mpls_label_t *label,
4037 uint32_t num_labels, struct attr *attr)
4038 {
4039 int len;
4040 char temp[16];
4041 struct evpn_addr *p_evpn_p;
4042
4043 memset(&temp, 0, 16);
4044 if (p->family != AF_EVPN)
4045 return;
4046 p_evpn_p = &(p->u.prefix_evpn);
4047
4048 /* len denites the total len of IP and GW-IP in the route
4049 IP and GW-IP have to be both ipv4 or ipv6
4050 */
4051 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4052 len = 8; /* IP and GWIP are both ipv4 */
4053 else
4054 len = 32; /* IP and GWIP are both ipv6 */
4055 /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */
4056 stream_putc(s, 8 + 10 + 4 + 1 + len + 3);
4057 stream_put(s, prd->val, 8);
4058 if (attr)
4059 stream_put(s, &(attr->evpn_overlay.eth_s_id), 10);
4060 else
4061 stream_put(s, &temp, 10);
4062 stream_putl(s, p_evpn_p->prefix_addr.eth_tag);
4063 stream_putc(s, p_evpn_p->prefix_addr.ip_prefix_length);
4064 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4065 stream_put_ipv4(s, p_evpn_p->prefix_addr.ip.ipaddr_v4.s_addr);
4066 else
4067 stream_put(s, &p_evpn_p->prefix_addr.ip.ipaddr_v6, 16);
4068 if (attr) {
4069 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4070 stream_put_ipv4(s,
4071 attr->evpn_overlay.gw_ip.ipv4.s_addr);
4072 else
4073 stream_put(s, &(attr->evpn_overlay.gw_ip.ipv6), 16);
4074 } else {
4075 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4076 stream_put_ipv4(s, 0);
4077 else
4078 stream_put(s, &temp, 16);
4079 }
4080
4081 if (num_labels)
4082 stream_put(s, label, 3);
4083 else
4084 stream_put3(s, 0);
4085 }
4086
4087 /*
4088 * Cleanup specific VNI upon EVPN (advertise-all-vni) being disabled.
4089 */
4090 static void cleanup_vni_on_disable(struct hash_backet *backet, struct bgp *bgp)
4091 {
4092 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
4093
4094 /* Remove EVPN routes and schedule for processing. */
4095 delete_routes_for_vni(bgp, vpn);
4096
4097 /* Clear "live" flag and see if hash needs to be freed. */
4098 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
4099 if (!is_vni_configured(vpn))
4100 bgp_evpn_free(bgp, vpn);
4101 }
4102
4103 /*
4104 * Free a VNI entry; iterator function called during cleanup.
4105 */
4106 static void free_vni_entry(struct hash_backet *backet, struct bgp *bgp)
4107 {
4108 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
4109
4110 delete_all_vni_routes(bgp, vpn);
4111 bgp_evpn_free(bgp, vpn);
4112 }
4113
4114 /*
4115 * Derive AUTO import RT for BGP VRF - L3VNI
4116 */
4117 static void evpn_auto_rt_import_add_for_vrf(struct bgp *bgp_vrf)
4118 {
4119 struct bgp *bgp_def = NULL;
4120
4121 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4122 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4123
4124 /* Map RT to VRF */
4125 bgp_def = bgp_get_default();
4126 if (!bgp_def)
4127 return;
4128 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4129 }
4130
4131 /*
4132 * Delete AUTO import RT from BGP VRF - L3VNI
4133 */
4134 static void evpn_auto_rt_import_delete_for_vrf(struct bgp *bgp_vrf)
4135 {
4136 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4137 }
4138
4139 /*
4140 * Derive AUTO export RT for BGP VRF - L3VNI
4141 */
4142 static void evpn_auto_rt_export_add_for_vrf(struct bgp *bgp_vrf)
4143 {
4144 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4145 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4146 }
4147
4148 /*
4149 * Delete AUTO export RT from BGP VRF - L3VNI
4150 */
4151 static void evpn_auto_rt_export_delete_for_vrf(struct bgp *bgp_vrf)
4152 {
4153 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4154 }
4155
4156 static void bgp_evpn_handle_export_rt_change_for_vrf(struct bgp *bgp_vrf)
4157 {
4158 struct bgp *bgp_def = NULL;
4159 struct listnode *node = NULL;
4160 struct bgpevpn *vpn = NULL;
4161
4162 bgp_def = bgp_get_default();
4163 if (!bgp_def)
4164 return;
4165
4166 /* update all type-5 routes */
4167 update_advertise_vrf_routes(bgp_vrf);
4168
4169 /* update all type-2 routes */
4170 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
4171 update_routes_for_vni(bgp_def, vpn);
4172 }
4173
4174 /*
4175 * Handle autort change for a given VNI.
4176 */
4177 static void update_autort_vni(struct hash_backet *backet, struct bgp *bgp)
4178 {
4179 struct bgpevpn *vpn = backet->data;
4180
4181 if (!is_import_rt_configured(vpn)) {
4182 if (is_vni_live(vpn))
4183 bgp_evpn_uninstall_routes(bgp, vpn);
4184 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
4185 list_delete_all_node(vpn->import_rtl);
4186 bgp_evpn_derive_auto_rt_import(bgp, vpn);
4187 if (is_vni_live(vpn))
4188 bgp_evpn_install_routes(bgp, vpn);
4189 }
4190 if (!is_export_rt_configured(vpn)) {
4191 list_delete_all_node(vpn->export_rtl);
4192 bgp_evpn_derive_auto_rt_export(bgp, vpn);
4193 if (is_vni_live(vpn))
4194 bgp_evpn_handle_export_rt_change(bgp, vpn);
4195 }
4196 }
4197
4198 /*
4199 * Public functions.
4200 */
4201
4202 /* withdraw type-5 route corresponding to ip prefix */
4203 void bgp_evpn_withdraw_type5_route(struct bgp *bgp_vrf, struct prefix *p,
4204 afi_t afi, safi_t safi)
4205 {
4206 int ret = 0;
4207 struct prefix_evpn evp;
4208 char buf[PREFIX_STRLEN];
4209
4210 build_type5_prefix_from_ip_prefix(&evp, p);
4211 ret = delete_evpn_type5_route(bgp_vrf, &evp);
4212 if (ret) {
4213 flog_err(
4214 EC_BGP_EVPN_ROUTE_DELETE,
4215 "%u failed to delete type-5 route for prefix %s in vrf %s",
4216 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)),
4217 vrf_id_to_name(bgp_vrf->vrf_id));
4218 }
4219 }
4220
4221 /* withdraw all type-5 routes for an address family */
4222 void bgp_evpn_withdraw_type5_routes(struct bgp *bgp_vrf, afi_t afi, safi_t safi)
4223 {
4224 struct bgp_table *table = NULL;
4225 struct bgp_node *rn = NULL;
4226 struct bgp_path_info *pi;
4227
4228 table = bgp_vrf->rib[afi][safi];
4229 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
4230 /* Only care about "selected" routes - non-imported. */
4231 /* TODO: Support for AddPath for EVPN. */
4232 for (pi = rn->info; pi; pi = pi->next) {
4233 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4234 && (!pi->extra || !pi->extra->parent)) {
4235 bgp_evpn_withdraw_type5_route(bgp_vrf, &rn->p,
4236 afi, safi);
4237 break;
4238 }
4239 }
4240 }
4241 }
4242
4243 /*
4244 * evpn - enable advertisement of default g/w
4245 */
4246 void bgp_evpn_install_uninstall_default_route(struct bgp *bgp_vrf, afi_t afi,
4247 safi_t safi, bool add)
4248 {
4249 struct prefix ip_prefix;
4250
4251 /* form the default prefix 0.0.0.0/0 */
4252 memset(&ip_prefix, 0, sizeof(struct prefix));
4253 ip_prefix.family = afi2family(afi);
4254
4255 if (add) {
4256 bgp_evpn_advertise_type5_route(bgp_vrf, &ip_prefix,
4257 NULL, afi, safi);
4258 } else {
4259 bgp_evpn_withdraw_type5_route(bgp_vrf, &ip_prefix,
4260 afi, safi);
4261 }
4262 }
4263
4264
4265 /*
4266 * Advertise IP prefix as type-5 route. The afi/safi and src_attr passed
4267 * to this function correspond to those of the source IP prefix (best
4268 * path in the case of the attr. In the case of a local prefix (when we
4269 * are advertising local subnets), the src_attr will be NULL.
4270 */
4271 void bgp_evpn_advertise_type5_route(struct bgp *bgp_vrf, struct prefix *p,
4272 struct attr *src_attr, afi_t afi,
4273 safi_t safi)
4274 {
4275 int ret = 0;
4276 struct prefix_evpn evp;
4277 char buf[PREFIX_STRLEN];
4278
4279 build_type5_prefix_from_ip_prefix(&evp, p);
4280 ret = update_evpn_type5_route(bgp_vrf, &evp, src_attr);
4281 if (ret)
4282 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
4283 "%u: Failed to create type-5 route for prefix %s",
4284 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)));
4285 }
4286
4287 /* Inject all prefixes of a particular address-family (currently, IPv4 or
4288 * IPv6 unicast) into EVPN as type-5 routes. This is invoked when the
4289 * advertisement is enabled.
4290 */
4291 void bgp_evpn_advertise_type5_routes(struct bgp *bgp_vrf, afi_t afi,
4292 safi_t safi)
4293 {
4294 struct bgp_table *table = NULL;
4295 struct bgp_node *rn = NULL;
4296 struct bgp_path_info *pi;
4297
4298 table = bgp_vrf->rib[afi][safi];
4299 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
4300 /* Need to identify the "selected" route entry to use its
4301 * attribute. Also, we only consider "non-imported" routes.
4302 * TODO: Support for AddPath for EVPN.
4303 */
4304 for (pi = rn->info; pi; pi = pi->next) {
4305 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4306 && (!pi->extra || !pi->extra->parent)) {
4307
4308 /* apply the route-map */
4309 if (bgp_vrf->adv_cmd_rmap[afi][safi].map) {
4310 int ret = 0;
4311
4312 ret = route_map_apply(
4313 bgp_vrf->adv_cmd_rmap[afi][safi]
4314 .map,
4315 &rn->p, RMAP_BGP, pi);
4316 if (ret == RMAP_DENYMATCH)
4317 continue;
4318 }
4319 bgp_evpn_advertise_type5_route(
4320 bgp_vrf, &rn->p, pi->attr, afi, safi);
4321 break;
4322 }
4323 }
4324 }
4325 }
4326
4327 void evpn_rt_delete_auto(struct bgp *bgp, vni_t vni, struct list *rtl)
4328 {
4329 struct listnode *node, *nnode, *node_to_del;
4330 struct ecommunity *ecom, *ecom_auto;
4331 struct ecommunity_val eval;
4332
4333 if (bgp->advertise_autort_rfc8365)
4334 vni |= EVPN_AUTORT_VXLAN;
4335 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
4336
4337 ecom_auto = ecommunity_new();
4338 ecommunity_add_val(ecom_auto, &eval);
4339 node_to_del = NULL;
4340
4341 for (ALL_LIST_ELEMENTS(rtl, node, nnode, ecom)) {
4342 if (ecommunity_match(ecom, ecom_auto)) {
4343 ecommunity_free(&ecom);
4344 node_to_del = node;
4345 }
4346 }
4347
4348 if (node_to_del)
4349 list_delete_node(rtl, node_to_del);
4350
4351 ecommunity_free(&ecom_auto);
4352 }
4353
4354 void bgp_evpn_configure_import_rt_for_vrf(struct bgp *bgp_vrf,
4355 struct ecommunity *ecomadd)
4356 {
4357 /* uninstall routes from vrf */
4358 uninstall_routes_for_vrf(bgp_vrf);
4359
4360 /* Cleanup the RT to VRF mapping */
4361 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4362
4363 /* Remove auto generated RT */
4364 evpn_auto_rt_import_delete_for_vrf(bgp_vrf);
4365
4366 /* Add the newly configured RT to RT list */
4367 listnode_add_sort(bgp_vrf->vrf_import_rtl, ecomadd);
4368 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4369
4370 /* map VRF to its RTs */
4371 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4372
4373 /* install routes matching the new VRF */
4374 install_routes_for_vrf(bgp_vrf);
4375 }
4376
4377 void bgp_evpn_unconfigure_import_rt_for_vrf(struct bgp *bgp_vrf,
4378 struct ecommunity *ecomdel)
4379 {
4380 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4381 struct ecommunity *ecom = NULL;
4382
4383 /* uninstall routes from vrf */
4384 uninstall_routes_for_vrf(bgp_vrf);
4385
4386 /* Cleanup the RT to VRF mapping */
4387 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4388
4389 /* remove the RT from the RT list */
4390 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4391 if (ecommunity_match(ecom, ecomdel)) {
4392 ecommunity_free(&ecom);
4393 node_to_del = node;
4394 break;
4395 }
4396 }
4397
4398 if (node_to_del)
4399 list_delete_node(bgp_vrf->vrf_import_rtl, node_to_del);
4400
4401 assert(bgp_vrf->vrf_import_rtl);
4402 /* fallback to auto import rt, if this was the last RT */
4403 if (bgp_vrf->vrf_import_rtl && list_isempty(bgp_vrf->vrf_import_rtl)) {
4404 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4405 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
4406 }
4407
4408 /* map VRFs to its RTs */
4409 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4410
4411 /* install routes matching this new RT */
4412 install_routes_for_vrf(bgp_vrf);
4413 }
4414
4415 void bgp_evpn_configure_export_rt_for_vrf(struct bgp *bgp_vrf,
4416 struct ecommunity *ecomadd)
4417 {
4418 /* remove auto-generated RT */
4419 evpn_auto_rt_export_delete_for_vrf(bgp_vrf);
4420
4421 /* Add the new RT to the RT list */
4422 listnode_add_sort(bgp_vrf->vrf_export_rtl, ecomadd);
4423 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4424
4425 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4426 }
4427
4428 void bgp_evpn_unconfigure_export_rt_for_vrf(struct bgp *bgp_vrf,
4429 struct ecommunity *ecomdel)
4430 {
4431 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4432 struct ecommunity *ecom = NULL;
4433
4434 /* Remove the RT from the RT list */
4435 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_export_rtl, node, nnode, ecom)) {
4436 if (ecommunity_match(ecom, ecomdel)) {
4437 ecommunity_free(&ecom);
4438 node_to_del = node;
4439 break;
4440 }
4441 }
4442
4443 if (node_to_del)
4444 list_delete_node(bgp_vrf->vrf_export_rtl, node_to_del);
4445
4446 /*
4447 * Temporary assert to make SA happy.
4448 * The ALL_LIST_ELEMENTS macro above has a NULL check
4449 * which means that SA is going to complain about
4450 * the list_isempty call, which doesn't NULL check.
4451 * So until we get this situation cleaned up, here
4452 * we are.
4453 */
4454 assert(bgp_vrf->vrf_export_rtl);
4455
4456 /* fall back to auto-generated RT if this was the last RT */
4457 if (list_isempty(bgp_vrf->vrf_export_rtl)) {
4458 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4459 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
4460 }
4461
4462 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4463 }
4464
4465 /*
4466 * Handle change to BGP router id. This is invoked twice by the change
4467 * handler, first before the router id has been changed and then after
4468 * the router id has been changed. The first invocation will result in
4469 * local routes for all VNIs/VRF being deleted and withdrawn and the next
4470 * will result in the routes being re-advertised.
4471 */
4472 void bgp_evpn_handle_router_id_update(struct bgp *bgp, int withdraw)
4473 {
4474 if (withdraw) {
4475
4476 /* delete and withdraw all the type-5 routes
4477 stored in the global table for this vrf
4478 */
4479 withdraw_router_id_vrf(bgp);
4480
4481 /* delete all the VNI routes (type-2/type-3) routes for all the
4482 * L2-VNIs
4483 */
4484 hash_iterate(bgp->vnihash,
4485 (void (*)(struct hash_backet *,
4486 void *))withdraw_router_id_vni,
4487 bgp);
4488 } else {
4489
4490 /* advertise all routes in the vrf as type-5 routes with the new
4491 * RD
4492 */
4493 update_router_id_vrf(bgp);
4494
4495 /* advertise all the VNI routes (type-2/type-3) routes with the
4496 * new RD
4497 */
4498 hash_iterate(bgp->vnihash,
4499 (void (*)(struct hash_backet *,
4500 void *))update_router_id_vni,
4501 bgp);
4502 }
4503 }
4504
4505 /*
4506 * Handle change to auto-RT algorithm - update and advertise local routes.
4507 */
4508 void bgp_evpn_handle_autort_change(struct bgp *bgp)
4509 {
4510 hash_iterate(bgp->vnihash,
4511 (void (*)(struct hash_backet *,
4512 void*))update_autort_vni,
4513 bgp);
4514 }
4515
4516 /*
4517 * Handle change to export RT - update and advertise local routes.
4518 */
4519 int bgp_evpn_handle_export_rt_change(struct bgp *bgp, struct bgpevpn *vpn)
4520 {
4521 return update_routes_for_vni(bgp, vpn);
4522 }
4523
4524 void bgp_evpn_handle_vrf_rd_change(struct bgp *bgp_vrf, int withdraw)
4525 {
4526 if (withdraw)
4527 delete_withdraw_vrf_routes(bgp_vrf);
4528 else
4529 update_advertise_vrf_routes(bgp_vrf);
4530 }
4531
4532 /*
4533 * Handle change to RD. This is invoked twice by the change handler,
4534 * first before the RD has been changed and then after the RD has
4535 * been changed. The first invocation will result in local routes
4536 * of this VNI being deleted and withdrawn and the next will result
4537 * in the routes being re-advertised.
4538 */
4539 void bgp_evpn_handle_rd_change(struct bgp *bgp, struct bgpevpn *vpn,
4540 int withdraw)
4541 {
4542 if (withdraw)
4543 delete_withdraw_vni_routes(bgp, vpn);
4544 else
4545 update_advertise_vni_routes(bgp, vpn);
4546 }
4547
4548 /*
4549 * Install routes for this VNI. Invoked upon change to Import RT.
4550 */
4551 int bgp_evpn_install_routes(struct bgp *bgp, struct bgpevpn *vpn)
4552 {
4553 return install_routes_for_vni(bgp, vpn);
4554 }
4555
4556 /*
4557 * Uninstall all routes installed for this VNI. Invoked upon change
4558 * to Import RT.
4559 */
4560 int bgp_evpn_uninstall_routes(struct bgp *bgp, struct bgpevpn *vpn)
4561 {
4562 return uninstall_routes_for_vni(bgp, vpn);
4563 }
4564
4565 /*
4566 * TODO: Hardcoded for a maximum of 2 VNIs right now
4567 */
4568 char *bgp_evpn_label2str(mpls_label_t *label, uint32_t num_labels, char *buf,
4569 int len)
4570 {
4571 vni_t vni1, vni2;
4572
4573 vni1 = label2vni(label);
4574 if (num_labels == 2) {
4575 vni2 = label2vni(label + 1);
4576 snprintf(buf, len, "%u/%u", vni1, vni2);
4577 } else
4578 snprintf(buf, len, "%u", vni1);
4579 return buf;
4580 }
4581
4582 /*
4583 * Function to convert evpn route to json format.
4584 * NOTE: We don't use prefix2str as the output here is a bit different.
4585 */
4586 void bgp_evpn_route2json(struct prefix_evpn *p, json_object *json)
4587 {
4588 char buf1[ETHER_ADDR_STRLEN];
4589 char buf2[PREFIX2STR_BUFFER];
4590
4591 if (!json)
4592 return;
4593
4594 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
4595 json_object_int_add(json, "routeType", p->prefix.route_type);
4596 json_object_int_add(json, "ethTag",
4597 p->prefix.imet_addr.eth_tag);
4598 json_object_int_add(json, "ipLen",
4599 is_evpn_prefix_ipaddr_v4(p)
4600 ? IPV4_MAX_BITLEN
4601 : IPV6_MAX_BITLEN);
4602 json_object_string_add(json, "ip",
4603 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
4604 } else if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
4605 if (is_evpn_prefix_ipaddr_none(p)) {
4606 json_object_int_add(json, "routeType",
4607 p->prefix.route_type);
4608 json_object_int_add(json, "ethTag",
4609 p->prefix.macip_addr.eth_tag);
4610 json_object_int_add(json, "macLen", 8 * ETH_ALEN);
4611 json_object_string_add(json, "mac",
4612 prefix_mac2str(&p->prefix.macip_addr.mac,
4613 buf1,
4614 sizeof(buf1)));
4615 } else {
4616 uint8_t family;
4617
4618 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET
4619 : AF_INET6;
4620
4621 json_object_int_add(json, "routeType",
4622 p->prefix.route_type);
4623 json_object_int_add(json, "ethTag",
4624 p->prefix.macip_addr.eth_tag);
4625 json_object_int_add(json, "macLen", 8 * ETH_ALEN);
4626 json_object_string_add(json, "mac",
4627 prefix_mac2str(&p->prefix.macip_addr.mac,
4628 buf1,
4629 sizeof(buf1)));
4630 json_object_int_add(json, "ipLen",
4631 is_evpn_prefix_ipaddr_v4(p)
4632 ? IPV4_MAX_BITLEN
4633 : IPV6_MAX_BITLEN);
4634 json_object_string_add(
4635 json, "ip",
4636 inet_ntop(family,
4637 &p->prefix.macip_addr.ip.ip.addr,
4638 buf2,
4639 PREFIX2STR_BUFFER));
4640 }
4641 } else {
4642 /* Currently, this is to cater to other AF_ETHERNET code. */
4643 }
4644 }
4645
4646 /*
4647 * Function to convert evpn route to string.
4648 * NOTE: We don't use prefix2str as the output here is a bit different.
4649 */
4650 char *bgp_evpn_route2str(struct prefix_evpn *p, char *buf, int len)
4651 {
4652 char buf1[ETHER_ADDR_STRLEN];
4653 char buf2[PREFIX2STR_BUFFER];
4654 char buf3[ESI_STR_LEN];
4655
4656 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
4657 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]", p->prefix.route_type,
4658 p->prefix.imet_addr.eth_tag,
4659 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
4660 : IPV6_MAX_BITLEN,
4661 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
4662 } else if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
4663 if (is_evpn_prefix_ipaddr_none(p))
4664 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
4665 p->prefix.route_type,
4666 p->prefix.macip_addr.eth_tag,
4667 8 * ETH_ALEN,
4668 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4669 sizeof(buf1)));
4670 else {
4671 uint8_t family;
4672
4673 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET
4674 : AF_INET6;
4675 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]:[%d]:[%s]",
4676 p->prefix.route_type,
4677 p->prefix.macip_addr.eth_tag,
4678 8 * ETH_ALEN,
4679 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4680 sizeof(buf1)),
4681 family == AF_INET ? IPV4_MAX_BITLEN
4682 : IPV6_MAX_BITLEN,
4683 inet_ntop(family,
4684 &p->prefix.macip_addr.ip.ip.addr,
4685 buf2,
4686 PREFIX2STR_BUFFER));
4687 }
4688 } else if (p->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
4689 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
4690 p->prefix.route_type,
4691 p->prefix.prefix_addr.eth_tag,
4692 p->prefix.prefix_addr.ip_prefix_length,
4693 is_evpn_prefix_ipaddr_v4(p)
4694 ? inet_ntoa(p->prefix.prefix_addr.ip.ipaddr_v4)
4695 : inet6_ntoa(p->prefix.prefix_addr.ip.ipaddr_v6));
4696 } else if (p->prefix.route_type == BGP_EVPN_ES_ROUTE) {
4697 snprintf(buf, len, "[%d]:[%s]:[%d]:[%s]",
4698 p->prefix.route_type,
4699 esi_to_str(&p->prefix.es_addr.esi, buf3, sizeof(buf3)),
4700 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
4701 : IPV6_MAX_BITLEN,
4702 inet_ntoa(p->prefix.es_addr.ip.ipaddr_v4));
4703 } else {
4704 /* For EVPN route types not supported yet. */
4705 snprintf(buf, len, "(unsupported route type %d)",
4706 p->prefix.route_type);
4707 }
4708
4709 return (buf);
4710 }
4711
4712 /*
4713 * Encode EVPN prefix in Update (MP_REACH)
4714 */
4715 void bgp_evpn_encode_prefix(struct stream *s, struct prefix *p,
4716 struct prefix_rd *prd, mpls_label_t *label,
4717 uint32_t num_labels, struct attr *attr,
4718 int addpath_encode, uint32_t addpath_tx_id)
4719 {
4720 struct prefix_evpn *evp = (struct prefix_evpn *)p;
4721 int len, ipa_len = 0;
4722
4723 if (addpath_encode)
4724 stream_putl(s, addpath_tx_id);
4725
4726 /* Route type */
4727 stream_putc(s, evp->prefix.route_type);
4728
4729 switch (evp->prefix.route_type) {
4730 case BGP_EVPN_MAC_IP_ROUTE:
4731 if (is_evpn_prefix_ipaddr_v4(evp))
4732 ipa_len = IPV4_MAX_BYTELEN;
4733 else if (is_evpn_prefix_ipaddr_v6(evp))
4734 ipa_len = IPV6_MAX_BYTELEN;
4735 /* RD, ESI, EthTag, MAC+len, IP len, [IP], 1 VNI */
4736 len = 8 + 10 + 4 + 1 + 6 + 1 + ipa_len + 3;
4737 if (ipa_len && num_labels > 1) /* There are 2 VNIs */
4738 len += 3;
4739 stream_putc(s, len);
4740 stream_put(s, prd->val, 8); /* RD */
4741 if (attr)
4742 stream_put(s, &attr->evpn_overlay.eth_s_id, ESI_LEN);
4743 else
4744 stream_put(s, 0, 10);
4745 stream_putl(s, evp->prefix.macip_addr.eth_tag); /* Ethernet Tag ID */
4746 stream_putc(s, 8 * ETH_ALEN); /* Mac Addr Len - bits */
4747 stream_put(s, evp->prefix.macip_addr.mac.octet, 6); /* Mac Addr */
4748 stream_putc(s, 8 * ipa_len); /* IP address Length */
4749 if (ipa_len) /* IP */
4750 stream_put(s, &evp->prefix.macip_addr.ip.ip.addr,
4751 ipa_len);
4752 /* 1st label is the L2 VNI */
4753 stream_put(s, label, BGP_LABEL_BYTES);
4754 /* Include 2nd label (L3 VNI) if advertising MAC+IP */
4755 if (ipa_len && num_labels > 1)
4756 stream_put(s, label + 1, BGP_LABEL_BYTES);
4757 break;
4758
4759 case BGP_EVPN_IMET_ROUTE:
4760 stream_putc(s, 17); // TODO: length - assumes IPv4 address
4761 stream_put(s, prd->val, 8); /* RD */
4762 stream_putl(s, evp->prefix.imet_addr.eth_tag); /* Ethernet Tag ID */
4763 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
4764 /* Originating Router's IP Addr */
4765 stream_put_in_addr(s, &evp->prefix.imet_addr.ip.ipaddr_v4);
4766 break;
4767
4768 case BGP_EVPN_ES_ROUTE:
4769 stream_putc(s, 23); /* TODO: length: assumes ipv4 VTEP */
4770 stream_put(s, prd->val, 8); /* RD */
4771 stream_put(s, evp->prefix.es_addr.esi.val, 10); /* ESI */
4772 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
4773 /* VTEP IP */
4774 stream_put_in_addr(s, &evp->prefix.es_addr.ip.ipaddr_v4);
4775 break;
4776
4777 case BGP_EVPN_IP_PREFIX_ROUTE:
4778 /* TODO: AddPath support. */
4779 evpn_mpattr_encode_type5(s, p, prd, label, num_labels, attr);
4780 break;
4781
4782 default:
4783 break;
4784 }
4785 }
4786
4787 int bgp_nlri_parse_evpn(struct peer *peer, struct attr *attr,
4788 struct bgp_nlri *packet, int withdraw)
4789 {
4790 uint8_t *pnt;
4791 uint8_t *lim;
4792 afi_t afi;
4793 safi_t safi;
4794 uint32_t addpath_id;
4795 int addpath_encoded;
4796 int psize = 0;
4797 uint8_t rtype;
4798 struct prefix p;
4799
4800 /* Start processing the NLRI - there may be multiple in the MP_REACH */
4801 pnt = packet->nlri;
4802 lim = pnt + packet->length;
4803 afi = packet->afi;
4804 safi = packet->safi;
4805 addpath_id = 0;
4806
4807 addpath_encoded =
4808 (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV)
4809 && CHECK_FLAG(peer->af_cap[afi][safi],
4810 PEER_CAP_ADDPATH_AF_TX_RCV));
4811
4812 for (; pnt < lim; pnt += psize) {
4813 /* Clear prefix structure. */
4814 memset(&p, 0, sizeof(struct prefix));
4815
4816 /* Deal with path-id if AddPath is supported. */
4817 if (addpath_encoded) {
4818 /* When packet overflow occurs return immediately. */
4819 if (pnt + BGP_ADDPATH_ID_LEN > lim)
4820 return -1;
4821
4822 addpath_id = ntohl(*((uint32_t *)pnt));
4823 pnt += BGP_ADDPATH_ID_LEN;
4824 }
4825
4826 /* All EVPN NLRI types start with type and length. */
4827 if (pnt + 2 > lim)
4828 return -1;
4829
4830 rtype = *pnt++;
4831 psize = *pnt++;
4832
4833 /* When packet overflow occur return immediately. */
4834 if (pnt + psize > lim)
4835 return -1;
4836
4837 switch (rtype) {
4838 case BGP_EVPN_MAC_IP_ROUTE:
4839 if (process_type2_route(peer, afi, safi,
4840 withdraw ? NULL : attr, pnt,
4841 psize, addpath_id)) {
4842 flog_err(
4843 EC_BGP_EVPN_FAIL,
4844 "%u:%s - Error in processing EVPN type-2 NLRI size %d",
4845 peer->bgp->vrf_id, peer->host, psize);
4846 return -1;
4847 }
4848 break;
4849
4850 case BGP_EVPN_IMET_ROUTE:
4851 if (process_type3_route(peer, afi, safi,
4852 withdraw ? NULL : attr, pnt,
4853 psize, addpath_id)) {
4854 flog_err(
4855 EC_BGP_PKT_PROCESS,
4856 "%u:%s - Error in processing EVPN type-3 NLRI size %d",
4857 peer->bgp->vrf_id, peer->host, psize);
4858 return -1;
4859 }
4860 break;
4861
4862 case BGP_EVPN_ES_ROUTE:
4863 if (process_type4_route(peer, afi, safi,
4864 withdraw ? NULL : attr, pnt,
4865 psize, addpath_id)) {
4866 flog_err(
4867 EC_BGP_PKT_PROCESS,
4868 "%u:%s - Error in processing EVPN type-4 NLRI size %d",
4869 peer->bgp->vrf_id, peer->host, psize);
4870 return -1;
4871 }
4872 break;
4873
4874 case BGP_EVPN_IP_PREFIX_ROUTE:
4875 if (process_type5_route(peer, afi, safi, attr, pnt,
4876 psize, addpath_id, withdraw)) {
4877 flog_err(
4878 EC_BGP_PKT_PROCESS,
4879 "%u:%s - Error in processing EVPN type-5 NLRI size %d",
4880 peer->bgp->vrf_id, peer->host, psize);
4881 return -1;
4882 }
4883 break;
4884
4885 default:
4886 break;
4887 }
4888 }
4889
4890 /* Packet length consistency check. */
4891 if (pnt != lim)
4892 return -1;
4893
4894 return 0;
4895 }
4896
4897 /*
4898 * Map the RTs (configured or automatically derived) of a VRF to the VRF.
4899 * The mapping will be used during route processing.
4900 * bgp_def: default bgp instance
4901 * bgp_vrf: specific bgp vrf instance on which RT is configured
4902 */
4903 void bgp_evpn_map_vrf_to_its_rts(struct bgp *bgp_vrf)
4904 {
4905 int i = 0;
4906 struct ecommunity_val *eval = NULL;
4907 struct listnode *node = NULL, *nnode = NULL;
4908 struct ecommunity *ecom = NULL;
4909
4910 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4911 for (i = 0; i < ecom->size; i++) {
4912 eval = (struct ecommunity_val *)(ecom->val
4913 + (i
4914 * ECOMMUNITY_SIZE));
4915 map_vrf_to_rt(bgp_vrf, eval);
4916 }
4917 }
4918 }
4919
4920 /*
4921 * Unmap the RTs (configured or automatically derived) of a VRF from the VRF.
4922 */
4923 void bgp_evpn_unmap_vrf_from_its_rts(struct bgp *bgp_vrf)
4924 {
4925 int i;
4926 struct ecommunity_val *eval;
4927 struct listnode *node, *nnode;
4928 struct ecommunity *ecom;
4929
4930 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4931 for (i = 0; i < ecom->size; i++) {
4932 struct vrf_irt_node *irt;
4933 struct ecommunity_val eval_tmp;
4934
4935 eval = (struct ecommunity_val *)(ecom->val
4936 + (i
4937 * ECOMMUNITY_SIZE));
4938 /* If using "automatic" RT, we only care about the
4939 * local-admin sub-field.
4940 * This is to facilitate using VNI as the RT for EBGP
4941 * peering too.
4942 */
4943 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
4944 if (!CHECK_FLAG(bgp_vrf->vrf_flags,
4945 BGP_VRF_IMPORT_RT_CFGD))
4946 mask_ecom_global_admin(&eval_tmp, eval);
4947
4948 irt = lookup_vrf_import_rt(&eval_tmp);
4949 if (irt)
4950 unmap_vrf_from_rt(bgp_vrf, irt);
4951 }
4952 }
4953 }
4954
4955
4956 /*
4957 * Map the RTs (configured or automatically derived) of a VNI to the VNI.
4958 * The mapping will be used during route processing.
4959 */
4960 void bgp_evpn_map_vni_to_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
4961 {
4962 int i;
4963 struct ecommunity_val *eval;
4964 struct listnode *node, *nnode;
4965 struct ecommunity *ecom;
4966
4967 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
4968 for (i = 0; i < ecom->size; i++) {
4969 eval = (struct ecommunity_val *)(ecom->val
4970 + (i
4971 * ECOMMUNITY_SIZE));
4972 map_vni_to_rt(bgp, vpn, eval);
4973 }
4974 }
4975 }
4976
4977 /*
4978 * Unmap the RTs (configured or automatically derived) of a VNI from the VNI.
4979 */
4980 void bgp_evpn_unmap_vni_from_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
4981 {
4982 int i;
4983 struct ecommunity_val *eval;
4984 struct listnode *node, *nnode;
4985 struct ecommunity *ecom;
4986
4987 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
4988 for (i = 0; i < ecom->size; i++) {
4989 struct irt_node *irt;
4990 struct ecommunity_val eval_tmp;
4991
4992 eval = (struct ecommunity_val *)(ecom->val
4993 + (i
4994 * ECOMMUNITY_SIZE));
4995 /* If using "automatic" RT, we only care about the
4996 * local-admin sub-field.
4997 * This is to facilitate using VNI as the RT for EBGP
4998 * peering too.
4999 */
5000 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
5001 if (!is_import_rt_configured(vpn))
5002 mask_ecom_global_admin(&eval_tmp, eval);
5003
5004 irt = lookup_import_rt(bgp, &eval_tmp);
5005 if (irt)
5006 unmap_vni_from_rt(bgp, vpn, irt);
5007 }
5008 }
5009 }
5010
5011 /*
5012 * Derive Import RT automatically for VNI and map VNI to RT.
5013 * The mapping will be used during route processing.
5014 */
5015 void bgp_evpn_derive_auto_rt_import(struct bgp *bgp, struct bgpevpn *vpn)
5016 {
5017 form_auto_rt(bgp, vpn->vni, vpn->import_rtl);
5018 UNSET_FLAG(vpn->flags, VNI_FLAG_IMPRT_CFGD);
5019
5020 /* Map RT to VNI */
5021 bgp_evpn_map_vni_to_its_rts(bgp, vpn);
5022 }
5023
5024 /*
5025 * Derive Export RT automatically for VNI.
5026 */
5027 void bgp_evpn_derive_auto_rt_export(struct bgp *bgp, struct bgpevpn *vpn)
5028 {
5029 form_auto_rt(bgp, vpn->vni, vpn->export_rtl);
5030 UNSET_FLAG(vpn->flags, VNI_FLAG_EXPRT_CFGD);
5031 }
5032
5033 /*
5034 * Derive RD automatically for VNI using passed information - it
5035 * is of the form RouterId:unique-id-for-vni.
5036 */
5037 void bgp_evpn_derive_auto_rd_for_vrf(struct bgp *bgp)
5038 {
5039 form_auto_rd(bgp->router_id, bgp->vrf_rd_id, &bgp->vrf_prd);
5040 }
5041
5042 /*
5043 * Derive RD automatically for VNI using passed information - it
5044 * is of the form RouterId:unique-id-for-vni.
5045 */
5046 void bgp_evpn_derive_auto_rd(struct bgp *bgp, struct bgpevpn *vpn)
5047 {
5048 char buf[100];
5049
5050 vpn->prd.family = AF_UNSPEC;
5051 vpn->prd.prefixlen = 64;
5052 sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), vpn->rd_id);
5053 (void)str2prefix_rd(buf, &vpn->prd);
5054 UNSET_FLAG(vpn->flags, VNI_FLAG_RD_CFGD);
5055 }
5056
5057 /*
5058 * Lookup L3-VNI
5059 */
5060 bool bgp_evpn_lookup_l3vni_l2vni_table(vni_t vni)
5061 {
5062 struct list *inst = bm->bgp;
5063 struct listnode *node;
5064 struct bgp *bgp_vrf;
5065
5066 for (ALL_LIST_ELEMENTS_RO(inst, node, bgp_vrf)) {
5067 if (bgp_vrf->l3vni == vni)
5068 return true;
5069 }
5070
5071 return false;
5072 }
5073
5074 /*
5075 * Lookup VNI.
5076 */
5077 struct bgpevpn *bgp_evpn_lookup_vni(struct bgp *bgp, vni_t vni)
5078 {
5079 struct bgpevpn *vpn;
5080 struct bgpevpn tmp;
5081
5082 memset(&tmp, 0, sizeof(struct bgpevpn));
5083 tmp.vni = vni;
5084 vpn = hash_lookup(bgp->vnihash, &tmp);
5085 return vpn;
5086 }
5087
5088 /*
5089 * Create a new vpn - invoked upon configuration or zebra notification.
5090 */
5091 struct bgpevpn *bgp_evpn_new(struct bgp *bgp, vni_t vni,
5092 struct in_addr originator_ip,
5093 vrf_id_t tenant_vrf_id)
5094 {
5095 struct bgpevpn *vpn;
5096
5097 if (!bgp)
5098 return NULL;
5099
5100 vpn = XCALLOC(MTYPE_BGP_EVPN, sizeof(struct bgpevpn));
5101 if (!vpn)
5102 return NULL;
5103
5104 /* Set values - RD and RT set to defaults. */
5105 vpn->vni = vni;
5106 vpn->originator_ip = originator_ip;
5107 vpn->tenant_vrf_id = tenant_vrf_id;
5108
5109 /* Initialize route-target import and export lists */
5110 vpn->import_rtl = list_new();
5111 vpn->import_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5112 vpn->import_rtl->del = evpn_xxport_delete_ecomm;
5113 vpn->export_rtl = list_new();
5114 vpn->export_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5115 vpn->export_rtl->del = evpn_xxport_delete_ecomm;
5116 bf_assign_index(bm->rd_idspace, vpn->rd_id);
5117 derive_rd_rt_for_vni(bgp, vpn);
5118
5119 /* Initialize EVPN route table. */
5120 vpn->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5121
5122 /* Add to hash */
5123 if (!hash_get(bgp->vnihash, vpn, hash_alloc_intern)) {
5124 XFREE(MTYPE_BGP_EVPN, vpn);
5125 return NULL;
5126 }
5127
5128 /* add to l2vni list on corresponding vrf */
5129 bgpevpn_link_to_l3vni(vpn);
5130
5131 QOBJ_REG(vpn, bgpevpn);
5132 return vpn;
5133 }
5134
5135 /*
5136 * Free a given VPN - called in multiple scenarios such as zebra
5137 * notification, configuration being deleted, advertise-all-vni disabled etc.
5138 * This just frees appropriate memory, caller should have taken other
5139 * needed actions.
5140 */
5141 void bgp_evpn_free(struct bgp *bgp, struct bgpevpn *vpn)
5142 {
5143 bgpevpn_unlink_from_l3vni(vpn);
5144 bgp_table_unlock(vpn->route_table);
5145 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
5146 list_delete(&vpn->import_rtl);
5147 list_delete(&vpn->export_rtl);
5148 bf_release_index(bm->rd_idspace, vpn->rd_id);
5149 hash_release(bgp->vnihash, vpn);
5150 QOBJ_UNREG(vpn);
5151 XFREE(MTYPE_BGP_EVPN, vpn);
5152 }
5153
5154 /*
5155 * Lookup local ES.
5156 */
5157 struct evpnes *bgp_evpn_lookup_es(struct bgp *bgp, esi_t *esi)
5158 {
5159 struct evpnes *es;
5160 struct evpnes tmp;
5161
5162 memset(&tmp, 0, sizeof(struct evpnes));
5163 memcpy(&tmp.esi, esi, sizeof(esi_t));
5164 es = hash_lookup(bgp->esihash, &tmp);
5165 return es;
5166 }
5167
5168 /*
5169 * Create a new local es - invoked upon zebra notification.
5170 */
5171 struct evpnes *bgp_evpn_es_new(struct bgp *bgp,
5172 esi_t *esi,
5173 struct ipaddr *originator_ip)
5174 {
5175 char buf[100];
5176 struct evpnes *es;
5177
5178 if (!bgp)
5179 return NULL;
5180
5181 es = XCALLOC(MTYPE_BGP_EVPN_ES, sizeof(struct evpnes));
5182 if (!es)
5183 return NULL;
5184
5185 /* set the ESI and originator_ip */
5186 memcpy(&es->esi, esi, sizeof(esi_t));
5187 memcpy(&es->originator_ip, originator_ip, sizeof(struct ipaddr));
5188
5189 /* Initialise the VTEP list */
5190 es->vtep_list = list_new();
5191 es->vtep_list->cmp = evpn_vtep_ip_cmp;
5192
5193 /* auto derive RD for this es */
5194 bf_assign_index(bm->rd_idspace, es->rd_id);
5195 es->prd.family = AF_UNSPEC;
5196 es->prd.prefixlen = 64;
5197 sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), es->rd_id);
5198 (void)str2prefix_rd(buf, &es->prd);
5199
5200 /* Initialize the ES route table */
5201 es->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5202
5203 /* Add to hash */
5204 if (!hash_get(bgp->esihash, es, hash_alloc_intern)) {
5205 XFREE(MTYPE_BGP_EVPN_ES, es);
5206 return NULL;
5207 }
5208
5209 QOBJ_REG(es, evpnes);
5210 return es;
5211 }
5212
5213 /*
5214 * Free a given ES -
5215 * This just frees appropriate memory, caller should have taken other
5216 * needed actions.
5217 */
5218 void bgp_evpn_es_free(struct bgp *bgp, struct evpnes *es)
5219 {
5220 list_delete(&es->vtep_list);
5221 bgp_table_unlock(es->route_table);
5222 bf_release_index(bm->rd_idspace, es->rd_id);
5223 hash_release(bgp->esihash, es);
5224 QOBJ_UNREG(es);
5225 XFREE(MTYPE_BGP_EVPN_ES, es);
5226 }
5227
5228 /*
5229 * Import evpn route from global table to VNI/VRF/ESI.
5230 */
5231 int bgp_evpn_import_route(struct bgp *bgp, afi_t afi, safi_t safi,
5232 struct prefix *p, struct bgp_path_info *pi)
5233 {
5234 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 1);
5235 }
5236
5237 /*
5238 * Unimport evpn route from VNI/VRF/ESI.
5239 */
5240 int bgp_evpn_unimport_route(struct bgp *bgp, afi_t afi, safi_t safi,
5241 struct prefix *p, struct bgp_path_info *pi)
5242 {
5243 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 0);
5244 }
5245
5246 /* filter routes which have martian next hops */
5247 int bgp_filter_evpn_routes_upon_martian_nh_change(struct bgp *bgp)
5248 {
5249 afi_t afi;
5250 safi_t safi;
5251 struct bgp_node *rd_rn, *rn;
5252 struct bgp_table *table;
5253 struct bgp_path_info *pi;
5254
5255 afi = AFI_L2VPN;
5256 safi = SAFI_EVPN;
5257
5258 /* Walk entire global routing table and evaluate routes which could be
5259 * imported into this VPN. Note that we cannot just look at the routes
5260 * for the VNI's RD -
5261 * remote routes applicable for this VNI could have any RD.
5262 */
5263 /* EVPN routes are a 2-level table. */
5264 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
5265 rd_rn = bgp_route_next(rd_rn)) {
5266 table = (struct bgp_table *)(rd_rn->info);
5267 if (!table)
5268 continue;
5269
5270 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
5271
5272 for (pi = rn->info; pi; pi = pi->next) {
5273
5274 /* Consider "valid" remote routes applicable for
5275 * this VNI. */
5276 if (!(pi->type == ZEBRA_ROUTE_BGP
5277 && pi->sub_type == BGP_ROUTE_NORMAL))
5278 continue;
5279
5280 if (bgp_nexthop_self(bgp, pi->attr->nexthop)) {
5281
5282 char attr_str[BUFSIZ];
5283 char pbuf[PREFIX_STRLEN];
5284
5285 bgp_dump_attr(pi->attr, attr_str,
5286 BUFSIZ);
5287
5288 if (bgp_debug_update(pi->peer, &rn->p,
5289 NULL, 1))
5290 zlog_debug(
5291 "%u: prefix %s with attr %s - DENIED due to martian or self nexthop",
5292 bgp->vrf_id,
5293 prefix2str(
5294 &rn->p, pbuf,
5295 sizeof(pbuf)),
5296 attr_str);
5297
5298 bgp_evpn_unimport_route(bgp, afi, safi,
5299 &rn->p, pi);
5300
5301 bgp_rib_remove(rn, pi, pi->peer, afi,
5302 safi);
5303 }
5304 }
5305 }
5306 }
5307
5308 return 0;
5309 }
5310
5311 /*
5312 * Handle del of a local MACIP.
5313 */
5314 int bgp_evpn_local_macip_del(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5315 struct ipaddr *ip)
5316 {
5317 struct bgpevpn *vpn;
5318 struct prefix_evpn p;
5319
5320 /* Lookup VNI hash - should exist. */
5321 vpn = bgp_evpn_lookup_vni(bgp, vni);
5322 if (!vpn || !is_vni_live(vpn)) {
5323 flog_warn(EC_BGP_EVPN_VPN_VNI,
5324 "%u: VNI hash entry for VNI %u %s at MACIP DEL",
5325 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5326 return -1;
5327 }
5328
5329 /* Remove EVPN type-2 route and schedule for processing. */
5330 build_evpn_type2_prefix(&p, mac, ip);
5331 delete_evpn_route(bgp, vpn, &p);
5332
5333 return 0;
5334 }
5335
5336 /*
5337 * Handle add of a local MACIP.
5338 */
5339 int bgp_evpn_local_macip_add(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5340 struct ipaddr *ip, uint8_t flags, uint32_t seq)
5341 {
5342 struct bgpevpn *vpn;
5343 struct prefix_evpn p;
5344
5345 /* Lookup VNI hash - should exist. */
5346 vpn = bgp_evpn_lookup_vni(bgp, vni);
5347 if (!vpn || !is_vni_live(vpn)) {
5348 flog_warn(EC_BGP_EVPN_VPN_VNI,
5349 "%u: VNI hash entry for VNI %u %s at MACIP ADD",
5350 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5351 return -1;
5352 }
5353
5354 /* Create EVPN type-2 route and schedule for processing. */
5355 build_evpn_type2_prefix(&p, mac, ip);
5356 if (update_evpn_route(bgp, vpn, &p, flags, seq)) {
5357 char buf[ETHER_ADDR_STRLEN];
5358 char buf2[INET6_ADDRSTRLEN];
5359
5360 flog_err(
5361 EC_BGP_EVPN_ROUTE_CREATE,
5362 "%u:Failed to create Type-2 route, VNI %u %s MAC %s IP %s (flags: 0x%x)",
5363 bgp->vrf_id, vpn->vni,
5364 CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY)
5365 ? "sticky gateway"
5366 : "",
5367 prefix_mac2str(mac, buf, sizeof(buf)),
5368 ipaddr2str(ip, buf2, sizeof(buf2)), flags);
5369 return -1;
5370 }
5371
5372 return 0;
5373 }
5374
5375 static void link_l2vni_hash_to_l3vni(struct hash_backet *backet,
5376 struct bgp *bgp_vrf)
5377 {
5378 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
5379 struct bgp *bgp_def = NULL;
5380
5381 bgp_def = bgp_get_default();
5382 assert(bgp_def);
5383
5384 if (vpn->tenant_vrf_id == bgp_vrf->vrf_id)
5385 bgpevpn_link_to_l3vni(vpn);
5386 }
5387
5388 int bgp_evpn_local_l3vni_add(vni_t l3vni, vrf_id_t vrf_id, struct ethaddr *rmac,
5389 struct in_addr originator_ip, int filter)
5390 {
5391 struct bgp *bgp_vrf = NULL; /* bgp VRF instance */
5392 struct bgp *bgp_def = NULL; /* default bgp instance */
5393 struct listnode *node = NULL;
5394 struct bgpevpn *vpn = NULL;
5395 as_t as = 0;
5396
5397 /* get the default instance - required to get the AS number for VRF
5398 * auto-creatio
5399 */
5400 bgp_def = bgp_get_default();
5401 if (!bgp_def) {
5402 flog_err(
5403 EC_BGP_NO_DFLT,
5404 "Cannot process L3VNI %u ADD - default BGP instance not yet created",
5405 l3vni);
5406 return -1;
5407 }
5408 as = bgp_def->as;
5409
5410 /* if the BGP vrf instance doesn't exist - create one */
5411 bgp_vrf = bgp_lookup_by_name(vrf_id_to_name(vrf_id));
5412 if (!bgp_vrf) {
5413
5414 int ret = 0;
5415
5416 ret = bgp_get(&bgp_vrf, &as, vrf_id_to_name(vrf_id),
5417 BGP_INSTANCE_TYPE_VRF);
5418 switch (ret) {
5419 case BGP_ERR_MULTIPLE_INSTANCE_NOT_SET:
5420 flog_err(EC_BGP_MULTI_INSTANCE,
5421 "'bgp multiple-instance' not present\n");
5422 return -1;
5423 case BGP_ERR_AS_MISMATCH:
5424 flog_err(EC_BGP_EVPN_AS_MISMATCH,
5425 "BGP is already running; AS is %u\n", as);
5426 return -1;
5427 case BGP_ERR_INSTANCE_MISMATCH:
5428 flog_err(EC_BGP_EVPN_INSTANCE_MISMATCH,
5429 "BGP instance name and AS number mismatch\n");
5430 return -1;
5431 }
5432
5433 /* mark as auto created */
5434 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO);
5435 }
5436
5437 /* associate with l3vni */
5438 bgp_vrf->l3vni = l3vni;
5439
5440 /* set the router mac - to be used in mac-ip routes for this vrf */
5441 memcpy(&bgp_vrf->rmac, rmac, sizeof(struct ethaddr));
5442
5443 /* set the originator ip */
5444 bgp_vrf->originator_ip = originator_ip;
5445
5446 /* set the right filter - are we using l3vni only for prefix routes? */
5447 if (filter)
5448 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5449
5450 /* auto derive RD/RT */
5451 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5452 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
5453 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD))
5454 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
5455 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
5456
5457 /* link all corresponding l2vnis */
5458 hash_iterate(bgp_def->vnihash,
5459 (void (*)(struct hash_backet *,
5460 void *))link_l2vni_hash_to_l3vni,
5461 bgp_vrf);
5462
5463 /* Only update all corresponding type-2 routes if we are advertising two
5464 * labels along with type-2 routes
5465 */
5466 if (!filter)
5467 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
5468 update_routes_for_vni(bgp_def, vpn);
5469
5470 /* advertise type-5 routes if needed */
5471 update_advertise_vrf_routes(bgp_vrf);
5472
5473 /* install all remote routes belonging to this l3vni into correspondng
5474 * vrf */
5475 install_routes_for_vrf(bgp_vrf);
5476
5477 return 0;
5478 }
5479
5480 int bgp_evpn_local_l3vni_del(vni_t l3vni, vrf_id_t vrf_id)
5481 {
5482 struct bgp *bgp_vrf = NULL; /* bgp vrf instance */
5483 struct bgp *bgp_def = NULL; /* default bgp instance */
5484 struct listnode *node = NULL;
5485 struct listnode *next = NULL;
5486 struct bgpevpn *vpn = NULL;
5487
5488 bgp_vrf = bgp_lookup_by_vrf_id(vrf_id);
5489 if (!bgp_vrf) {
5490 flog_err(
5491 EC_BGP_NO_DFLT,
5492 "Cannot process L3VNI %u Del - Could not find BGP instance",
5493 l3vni);
5494 return -1;
5495 }
5496
5497 bgp_def = bgp_get_default();
5498 if (!bgp_def) {
5499 flog_err(
5500 EC_BGP_NO_DFLT,
5501 "Cannot process L3VNI %u Del - Could not find default BGP instance",
5502 l3vni);
5503 return -1;
5504 }
5505
5506 /* Remove remote routes from BGT VRF even if BGP_VRF_AUTO is configured,
5507 * bgp_delete would not remove/decrement bgp_path_info of the ip_prefix
5508 * routes. This will uninstalling the routes from zebra and decremnt the
5509 * bgp info count.
5510 */
5511 uninstall_routes_for_vrf(bgp_vrf);
5512
5513 /* delete/withdraw all type-5 routes */
5514 delete_withdraw_vrf_routes(bgp_vrf);
5515
5516 /* remove the l3vni from vrf instance */
5517 bgp_vrf->l3vni = 0;
5518
5519 /* remove the Rmac from the BGP vrf */
5520 memset(&bgp_vrf->rmac, 0, sizeof(struct ethaddr));
5521
5522 /* delete RD/RT */
5523 if (!list_isempty(bgp_vrf->vrf_import_rtl)) {
5524 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
5525 list_delete_all_node(bgp_vrf->vrf_import_rtl);
5526 }
5527 if (!list_isempty(bgp_vrf->vrf_export_rtl)) {
5528 list_delete_all_node(bgp_vrf->vrf_export_rtl);
5529 }
5530
5531 /* update all corresponding local mac-ip routes */
5532 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY)) {
5533 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn)) {
5534 UNSET_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS);
5535 update_routes_for_vni(bgp_def, vpn);
5536 }
5537 }
5538
5539 /* If any L2VNIs point to this instance, unlink them. */
5540 for (ALL_LIST_ELEMENTS(bgp_vrf->l2vnis, node, next, vpn))
5541 bgpevpn_unlink_from_l3vni(vpn);
5542
5543 /* Delete the instance if it was autocreated */
5544 if (CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO))
5545 bgp_delete(bgp_vrf);
5546
5547 return 0;
5548 }
5549
5550 /*
5551 * Handle del of a local VNI.
5552 */
5553 int bgp_evpn_local_vni_del(struct bgp *bgp, vni_t vni)
5554 {
5555 struct bgpevpn *vpn;
5556
5557 /* Locate VNI hash */
5558 vpn = bgp_evpn_lookup_vni(bgp, vni);
5559 if (!vpn) {
5560 if (bgp_debug_zebra(NULL))
5561 flog_warn(
5562 EC_BGP_EVPN_VPN_VNI,
5563 "%u: VNI hash entry for VNI %u not found at DEL",
5564 bgp->vrf_id, vni);
5565 return 0;
5566 }
5567
5568 /* Remove all local EVPN routes and schedule for processing (to
5569 * withdraw from peers).
5570 */
5571 delete_routes_for_vni(bgp, vpn);
5572
5573 /*
5574 * tunnel is no longer active, del tunnel ip address from tip_hash
5575 */
5576 bgp_tip_del(bgp, &vpn->originator_ip);
5577
5578 /* Clear "live" flag and see if hash needs to be freed. */
5579 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
5580 if (!is_vni_configured(vpn))
5581 bgp_evpn_free(bgp, vpn);
5582
5583 return 0;
5584 }
5585
5586 /*
5587 * Handle add (or update) of a local VNI. The VNI changes we care
5588 * about are for the local-tunnel-ip and the (tenant) VRF.
5589 */
5590 int bgp_evpn_local_vni_add(struct bgp *bgp, vni_t vni,
5591 struct in_addr originator_ip, vrf_id_t tenant_vrf_id)
5592 {
5593 struct bgpevpn *vpn;
5594 struct prefix_evpn p;
5595
5596 /* Lookup VNI. If present and no change, exit. */
5597 vpn = bgp_evpn_lookup_vni(bgp, vni);
5598 if (vpn) {
5599
5600 if (is_vni_live(vpn)
5601 && IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip)
5602 && vpn->tenant_vrf_id == tenant_vrf_id)
5603 /* Probably some other param has changed that we don't
5604 * care about. */
5605 return 0;
5606
5607 /* Update tenant_vrf_id if it has changed. */
5608 if (vpn->tenant_vrf_id != tenant_vrf_id) {
5609 bgpevpn_unlink_from_l3vni(vpn);
5610 vpn->tenant_vrf_id = tenant_vrf_id;
5611 bgpevpn_link_to_l3vni(vpn);
5612 }
5613
5614 /* If tunnel endpoint IP has changed, update (and delete prior
5615 * type-3 route, if needed.)
5616 */
5617 if (!IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip))
5618 handle_tunnel_ip_change(bgp, vpn, originator_ip);
5619
5620 /* Update all routes with new endpoint IP and/or export RT
5621 * for VRFs
5622 */
5623 if (is_vni_live(vpn))
5624 update_routes_for_vni(bgp, vpn);
5625 }
5626
5627 /* Create or update as appropriate. */
5628 if (!vpn) {
5629 vpn = bgp_evpn_new(bgp, vni, originator_ip, tenant_vrf_id);
5630 if (!vpn) {
5631 flog_err(
5632 EC_BGP_VNI,
5633 "%u: Failed to allocate VNI entry for VNI %u - at Add",
5634 bgp->vrf_id, vni);
5635 return -1;
5636 }
5637 }
5638
5639 /* if the VNI is live already, there is nothing more to do */
5640 if (is_vni_live(vpn))
5641 return 0;
5642
5643 /* Mark as "live" */
5644 SET_FLAG(vpn->flags, VNI_FLAG_LIVE);
5645
5646 /* tunnel is now active, add tunnel-ip to db */
5647 bgp_tip_add(bgp, &originator_ip);
5648
5649 /* filter routes as nexthop database has changed */
5650 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
5651
5652 /*
5653 * Create EVPN type-3 route and schedule for processing.
5654 *
5655 * RT-3 only if doing head-end replication
5656 */
5657 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL) {
5658 build_evpn_type3_prefix(&p, vpn->originator_ip);
5659 if (update_evpn_route(bgp, vpn, &p, 0, 0)) {
5660 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
5661 "%u: Type3 route creation failure for VNI %u",
5662 bgp->vrf_id, vni);
5663 return -1;
5664 }
5665 }
5666
5667 /* If we have learnt and retained remote routes (VTEPs, MACs) for this
5668 * VNI,
5669 * install them.
5670 */
5671 install_routes_for_vni(bgp, vpn);
5672
5673 /* If we are advertising gateway mac-ip
5674 It needs to be conveyed again to zebra */
5675 bgp_zebra_advertise_gw_macip(bgp, vpn->advertise_gw_macip, vpn->vni);
5676
5677 return 0;
5678 }
5679
5680 /*
5681 * bgp_evpn_local_es_del
5682 */
5683 int bgp_evpn_local_es_del(struct bgp *bgp,
5684 esi_t *esi,
5685 struct ipaddr *originator_ip)
5686 {
5687 char buf[ESI_STR_LEN];
5688 struct evpnes *es = NULL;
5689
5690 if (!bgp->esihash) {
5691 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
5692 bgp->vrf_id);
5693 return -1;
5694 }
5695
5696 /* Lookup ESI hash - should exist. */
5697 es = bgp_evpn_lookup_es(bgp, esi);
5698 if (!es) {
5699 flog_warn(EC_BGP_EVPN_ESI,
5700 "%u: ESI hash entry for ESI %s at Local ES DEL",
5701 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
5702 return -1;
5703 }
5704
5705 /* Delete all local EVPN ES routes from ESI table
5706 * and schedule for processing (to withdraw from peers))
5707 */
5708 delete_routes_for_es(bgp, es);
5709
5710 /* free the hash entry */
5711 bgp_evpn_es_free(bgp, es);
5712
5713 return 0;
5714 }
5715
5716 /*
5717 * bgp_evpn_local_es_add
5718 */
5719 int bgp_evpn_local_es_add(struct bgp *bgp,
5720 esi_t *esi,
5721 struct ipaddr *originator_ip)
5722 {
5723 char buf[ESI_STR_LEN];
5724 struct evpnes *es = NULL;
5725 struct prefix_evpn p;
5726
5727 if (!bgp->esihash) {
5728 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
5729 bgp->vrf_id);
5730 return -1;
5731 }
5732
5733 /* create the new es */
5734 es = bgp_evpn_lookup_es(bgp, esi);
5735 if (!es) {
5736 es = bgp_evpn_es_new(bgp, esi, originator_ip);
5737 if (!es) {
5738 flog_err(
5739 EC_BGP_ES_CREATE,
5740 "%u: Failed to allocate ES entry for ESI %s - at Local ES Add",
5741 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
5742 return -1;
5743 }
5744 }
5745 UNSET_FLAG(es->flags, EVPNES_REMOTE);
5746 SET_FLAG(es->flags, EVPNES_LOCAL);
5747
5748 build_evpn_type4_prefix(&p, esi, originator_ip->ipaddr_v4);
5749 if (update_evpn_type4_route(bgp, es, &p)) {
5750 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
5751 "%u: Type4 route creation failure for ESI %s",
5752 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
5753 return -1;
5754 }
5755
5756 /* import all remote ES routes in th ES table */
5757 install_routes_for_es(bgp, es);
5758
5759 return 0;
5760 }
5761
5762 /*
5763 * Handle change in setting for BUM handling. The supported values
5764 * are head-end replication and dropping all BUM packets. Any change
5765 * should be registered with zebra. Also, if doing head-end replication,
5766 * need to advertise local VNIs as EVPN RT-3 wheras, if BUM packets are
5767 * to be dropped, the RT-3s must be withdrawn.
5768 */
5769 void bgp_evpn_flood_control_change(struct bgp *bgp)
5770 {
5771 zlog_info("L2VPN EVPN BUM handling is %s",
5772 bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL ?
5773 "Flooding" : "Flooding Disabled");
5774
5775 bgp_zebra_vxlan_flood_control(bgp, bgp->vxlan_flood_ctrl);
5776 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL)
5777 hash_iterate(bgp->vnihash, create_advertise_type3, bgp);
5778 else if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_DISABLED)
5779 hash_iterate(bgp->vnihash, delete_withdraw_type3, bgp);
5780 }
5781
5782 /*
5783 * Cleanup EVPN information on disable - Need to delete and withdraw
5784 * EVPN routes from peers.
5785 */
5786 void bgp_evpn_cleanup_on_disable(struct bgp *bgp)
5787 {
5788 hash_iterate(bgp->vnihash, (void (*)(struct hash_backet *,
5789 void *))cleanup_vni_on_disable,
5790 bgp);
5791 }
5792
5793 /*
5794 * Cleanup EVPN information - invoked at the time of bgpd exit or when the
5795 * BGP instance (default) is being freed.
5796 */
5797 void bgp_evpn_cleanup(struct bgp *bgp)
5798 {
5799 hash_iterate(bgp->vnihash,
5800 (void (*)(struct hash_backet *, void *))free_vni_entry,
5801 bgp);
5802
5803 hash_free(bgp->import_rt_hash);
5804 bgp->import_rt_hash = NULL;
5805
5806 hash_free(bgp->vrf_import_rt_hash);
5807 bgp->vrf_import_rt_hash = NULL;
5808
5809 hash_free(bgp->vnihash);
5810 bgp->vnihash = NULL;
5811 if (bgp->esihash)
5812 hash_free(bgp->esihash);
5813 bgp->esihash = NULL;
5814
5815 list_delete(&bgp->vrf_import_rtl);
5816 list_delete(&bgp->vrf_export_rtl);
5817 list_delete(&bgp->l2vnis);
5818 }
5819
5820 /*
5821 * Initialization for EVPN
5822 * Create
5823 * VNI hash table
5824 * hash for RT to VNI
5825 */
5826 void bgp_evpn_init(struct bgp *bgp)
5827 {
5828 bgp->vnihash =
5829 hash_create(vni_hash_key_make, vni_hash_cmp, "BGP VNI Hash");
5830 bgp->esihash =
5831 hash_create(esi_hash_keymake, esi_cmp,
5832 "BGP EVPN Local ESI Hash");
5833 bgp->import_rt_hash =
5834 hash_create(import_rt_hash_key_make, import_rt_hash_cmp,
5835 "BGP Import RT Hash");
5836 bgp->vrf_import_rt_hash =
5837 hash_create(vrf_import_rt_hash_key_make, vrf_import_rt_hash_cmp,
5838 "BGP VRF Import RT Hash");
5839 bgp->vrf_import_rtl = list_new();
5840 bgp->vrf_import_rtl->cmp =
5841 (int (*)(void *, void *))evpn_route_target_cmp;
5842 bgp->vrf_import_rtl->del = evpn_xxport_delete_ecomm;
5843 bgp->vrf_export_rtl = list_new();
5844 bgp->vrf_export_rtl->cmp =
5845 (int (*)(void *, void *))evpn_route_target_cmp;
5846 bgp->vrf_export_rtl->del = evpn_xxport_delete_ecomm;
5847 bgp->l2vnis = list_new();
5848 bgp->l2vnis->cmp = vni_list_cmp;
5849 /* By default Duplicate Address Dection is enabled.
5850 * Max-moves (N) 5, detection time (M) 180
5851 * default action is warning-only
5852 * freeze action permanently freezes address,
5853 * and freeze time (auto-recovery) is disabled.
5854 */
5855 if (bgp->evpn_info) {
5856 bgp->evpn_info->dup_addr_detect = true;
5857 bgp->evpn_info->dad_time = EVPN_DAD_DEFAULT_TIME;
5858 bgp->evpn_info->dad_max_moves = EVPN_DAD_DEFAULT_MAX_MOVES;
5859 bgp->evpn_info->dad_freeze = false;
5860 bgp->evpn_info->dad_freeze_time = 0;
5861 /* Initialize zebra vxlan */
5862 bgp_zebra_dup_addr_detection(bgp);
5863 }
5864
5865 /* Default BUM handling is to do head-end replication. */
5866 bgp->vxlan_flood_ctrl = VXLAN_FLOOD_HEAD_END_REPL;
5867 }
5868
5869 void bgp_evpn_vrf_delete(struct bgp *bgp_vrf)
5870 {
5871 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
5872 }
FRRouting mirror