]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_evpn.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #6778 from mjstapp/fix_topo_route_scale
[mirror_frr.git] / bgpd / bgp_evpn.c
1 /* Ethernet-VPN Packet and vty Processing File
2 * Copyright (C) 2016 6WIND
3 * Copyright (C) 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRRouting is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRRouting is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "command.h"
25 #include "filter.h"
26 #include "prefix.h"
27 #include "log.h"
28 #include "memory.h"
29 #include "stream.h"
30 #include "hash.h"
31 #include "jhash.h"
32 #include "zclient.h"
33
34 #include "bgpd/bgp_attr_evpn.h"
35 #include "bgpd/bgpd.h"
36 #include "bgpd/bgp_table.h"
37 #include "bgpd/bgp_route.h"
38 #include "bgpd/bgp_attr.h"
39 #include "bgpd/bgp_mplsvpn.h"
40 #include "bgpd/bgp_label.h"
41 #include "bgpd/bgp_evpn.h"
42 #include "bgpd/bgp_evpn_private.h"
43 #include "bgpd/bgp_ecommunity.h"
44 #include "bgpd/bgp_encap_types.h"
45 #include "bgpd/bgp_debug.h"
46 #include "bgpd/bgp_errors.h"
47 #include "bgpd/bgp_aspath.h"
48 #include "bgpd/bgp_zebra.h"
49 #include "bgpd/bgp_nexthop.h"
50 #include "bgpd/bgp_addpath.h"
51 #include "bgpd/bgp_mac.h"
52 #include "bgpd/bgp_vty.h"
53
54 /*
55 * Definitions and external declarations.
56 */
57 extern struct zclient *zclient;
58
59 DEFINE_QOBJ_TYPE(bgpevpn)
60 DEFINE_QOBJ_TYPE(evpnes)
61
62
63 /*
64 * Static function declarations
65 */
66 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
67 struct bgp_dest *dest,
68 struct bgp_path_info **pi);
69 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn);
70
71 /*
72 * Private functions.
73 */
74
75 /* compare two IPV4 VTEP IPs */
76 static int evpn_vtep_ip_cmp(void *p1, void *p2)
77 {
78 const struct in_addr *ip1 = p1;
79 const struct in_addr *ip2 = p2;
80
81 return ip1->s_addr - ip2->s_addr;
82 }
83
84 /*
85 * Make hash key for ESI.
86 */
87 static unsigned int esi_hash_keymake(const void *p)
88 {
89 const struct evpnes *pes = p;
90 const void *pnt = (void *)pes->esi.val;
91
92 return jhash(pnt, ESI_BYTES, 0xa5a5a55a);
93 }
94
95 /*
96 * Compare two ESIs.
97 */
98 static bool esi_cmp(const void *p1, const void *p2)
99 {
100 const struct evpnes *pes1 = p1;
101 const struct evpnes *pes2 = p2;
102
103 if (pes1 == NULL && pes2 == NULL)
104 return true;
105
106 if (pes1 == NULL || pes2 == NULL)
107 return false;
108
109 return (memcmp(pes1->esi.val, pes2->esi.val, ESI_BYTES) == 0);
110 }
111
112 /*
113 * Make vni hash key.
114 */
115 static unsigned int vni_hash_key_make(const void *p)
116 {
117 const struct bgpevpn *vpn = p;
118 return (jhash_1word(vpn->vni, 0));
119 }
120
121 /*
122 * Comparison function for vni hash
123 */
124 static bool vni_hash_cmp(const void *p1, const void *p2)
125 {
126 const struct bgpevpn *vpn1 = p1;
127 const struct bgpevpn *vpn2 = p2;
128
129 if (!vpn1 && !vpn2)
130 return true;
131 if (!vpn1 || !vpn2)
132 return false;
133 return (vpn1->vni == vpn2->vni);
134 }
135
136 static int vni_list_cmp(void *p1, void *p2)
137 {
138 const struct bgpevpn *vpn1 = p1;
139 const struct bgpevpn *vpn2 = p2;
140
141 return vpn1->vni - vpn2->vni;
142 }
143
144 /*
145 * Make vrf import route target hash key.
146 */
147 static unsigned int vrf_import_rt_hash_key_make(const void *p)
148 {
149 const struct vrf_irt_node *irt = p;
150 const char *pnt = irt->rt.val;
151
152 return jhash(pnt, 8, 0x5abc1234);
153 }
154
155 /*
156 * Comparison function for vrf import rt hash
157 */
158 static bool vrf_import_rt_hash_cmp(const void *p1, const void *p2)
159 {
160 const struct vrf_irt_node *irt1 = p1;
161 const struct vrf_irt_node *irt2 = p2;
162
163 if (irt1 == NULL && irt2 == NULL)
164 return true;
165
166 if (irt1 == NULL || irt2 == NULL)
167 return false;
168
169 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
170 }
171
172 /*
173 * Create a new vrf import_rt in evpn instance
174 */
175 static struct vrf_irt_node *vrf_import_rt_new(struct ecommunity_val *rt)
176 {
177 struct bgp *bgp_evpn = NULL;
178 struct vrf_irt_node *irt;
179
180 bgp_evpn = bgp_get_evpn();
181 if (!bgp_evpn) {
182 flog_err(EC_BGP_NO_DFLT,
183 "vrf import rt new - evpn instance not created yet");
184 return NULL;
185 }
186
187 irt = XCALLOC(MTYPE_BGP_EVPN_VRF_IMPORT_RT,
188 sizeof(struct vrf_irt_node));
189
190 irt->rt = *rt;
191 irt->vrfs = list_new();
192
193 /* Add to hash */
194 if (!hash_get(bgp_evpn->vrf_import_rt_hash, irt, hash_alloc_intern)) {
195 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
196 return NULL;
197 }
198
199 return irt;
200 }
201
202 /*
203 * Free the vrf import rt node
204 */
205 static void vrf_import_rt_free(struct vrf_irt_node *irt)
206 {
207 struct bgp *bgp_evpn = NULL;
208
209 bgp_evpn = bgp_get_evpn();
210 if (!bgp_evpn) {
211 flog_err(EC_BGP_NO_DFLT,
212 "vrf import rt free - evpn instance not created yet");
213 return;
214 }
215
216 hash_release(bgp_evpn->vrf_import_rt_hash, irt);
217 list_delete(&irt->vrfs);
218 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
219 }
220
221 /*
222 * Function to lookup Import RT node - used to map a RT to set of
223 * VNIs importing routes with that RT.
224 */
225 static struct vrf_irt_node *lookup_vrf_import_rt(struct ecommunity_val *rt)
226 {
227 struct bgp *bgp_evpn = NULL;
228 struct vrf_irt_node *irt;
229 struct vrf_irt_node tmp;
230
231 bgp_evpn = bgp_get_evpn();
232 if (!bgp_evpn) {
233 flog_err(
234 EC_BGP_NO_DFLT,
235 "vrf import rt lookup - evpn instance not created yet");
236 return NULL;
237 }
238
239 memset(&tmp, 0, sizeof(struct vrf_irt_node));
240 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
241 irt = hash_lookup(bgp_evpn->vrf_import_rt_hash, &tmp);
242 return irt;
243 }
244
245 /*
246 * Is specified VRF present on the RT's list of "importing" VRFs?
247 */
248 static int is_vrf_present_in_irt_vrfs(struct list *vrfs, struct bgp *bgp_vrf)
249 {
250 struct listnode *node = NULL, *nnode = NULL;
251 struct bgp *tmp_bgp_vrf = NULL;
252
253 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, tmp_bgp_vrf)) {
254 if (tmp_bgp_vrf == bgp_vrf)
255 return 1;
256 }
257 return 0;
258 }
259
260 /*
261 * Make import route target hash key.
262 */
263 static unsigned int import_rt_hash_key_make(const void *p)
264 {
265 const struct irt_node *irt = p;
266 const char *pnt = irt->rt.val;
267
268 return jhash(pnt, 8, 0xdeadbeef);
269 }
270
271 /*
272 * Comparison function for import rt hash
273 */
274 static bool import_rt_hash_cmp(const void *p1, const void *p2)
275 {
276 const struct irt_node *irt1 = p1;
277 const struct irt_node *irt2 = p2;
278
279 if (irt1 == NULL && irt2 == NULL)
280 return true;
281
282 if (irt1 == NULL || irt2 == NULL)
283 return false;
284
285 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
286 }
287
288 /*
289 * Create a new import_rt
290 */
291 static struct irt_node *import_rt_new(struct bgp *bgp,
292 struct ecommunity_val *rt)
293 {
294 struct irt_node *irt;
295
296 if (!bgp)
297 return NULL;
298
299 irt = XCALLOC(MTYPE_BGP_EVPN_IMPORT_RT, sizeof(struct irt_node));
300
301 irt->rt = *rt;
302 irt->vnis = list_new();
303
304 /* Add to hash */
305 if (!hash_get(bgp->import_rt_hash, irt, hash_alloc_intern)) {
306 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
307 return NULL;
308 }
309
310 return irt;
311 }
312
313 /*
314 * Free the import rt node
315 */
316 static void import_rt_free(struct bgp *bgp, struct irt_node *irt)
317 {
318 hash_release(bgp->import_rt_hash, irt);
319 list_delete(&irt->vnis);
320 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
321 }
322
323 /*
324 * Function to lookup Import RT node - used to map a RT to set of
325 * VNIs importing routes with that RT.
326 */
327 static struct irt_node *lookup_import_rt(struct bgp *bgp,
328 struct ecommunity_val *rt)
329 {
330 struct irt_node *irt;
331 struct irt_node tmp;
332
333 memset(&tmp, 0, sizeof(struct irt_node));
334 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
335 irt = hash_lookup(bgp->import_rt_hash, &tmp);
336 return irt;
337 }
338
339 /*
340 * Is specified VNI present on the RT's list of "importing" VNIs?
341 */
342 static int is_vni_present_in_irt_vnis(struct list *vnis, struct bgpevpn *vpn)
343 {
344 struct listnode *node, *nnode;
345 struct bgpevpn *tmp_vpn;
346
347 for (ALL_LIST_ELEMENTS(vnis, node, nnode, tmp_vpn)) {
348 if (tmp_vpn == vpn)
349 return 1;
350 }
351
352 return 0;
353 }
354
355 /*
356 * Compare Route Targets.
357 */
358 static int evpn_route_target_cmp(struct ecommunity *ecom1,
359 struct ecommunity *ecom2)
360 {
361 if (ecom1 && !ecom2)
362 return -1;
363
364 if (!ecom1 && ecom2)
365 return 1;
366
367 if (!ecom1 && !ecom2)
368 return 0;
369
370 if (ecom1->str && !ecom2->str)
371 return -1;
372
373 if (!ecom1->str && ecom2->str)
374 return 1;
375
376 if (!ecom1->str && !ecom2->str)
377 return 0;
378
379 return strcmp(ecom1->str, ecom2->str);
380 }
381
382 static void evpn_xxport_delete_ecomm(void *val)
383 {
384 struct ecommunity *ecomm = val;
385 ecommunity_free(&ecomm);
386 }
387
388 /*
389 * Mask off global-admin field of specified extended community (RT),
390 * just retain the local-admin field.
391 */
392 static inline void mask_ecom_global_admin(struct ecommunity_val *dst,
393 struct ecommunity_val *src)
394 {
395 uint8_t type;
396
397 type = src->val[0];
398 dst->val[0] = 0;
399 if (type == ECOMMUNITY_ENCODE_AS) {
400 dst->val[2] = dst->val[3] = 0;
401 } else if (type == ECOMMUNITY_ENCODE_AS4
402 || type == ECOMMUNITY_ENCODE_IP) {
403 dst->val[2] = dst->val[3] = 0;
404 dst->val[4] = dst->val[5] = 0;
405 }
406 }
407
408 /*
409 * Map one RT to specified VRF.
410 * bgp_vrf = BGP vrf instance
411 */
412 static void map_vrf_to_rt(struct bgp *bgp_vrf, struct ecommunity_val *eval)
413 {
414 struct vrf_irt_node *irt = NULL;
415 struct ecommunity_val eval_tmp;
416
417 /* If using "automatic" RT,
418 * we only care about the local-admin sub-field.
419 * This is to facilitate using L3VNI(VRF-VNI)
420 * as the RT for EBGP peering too.
421 */
422 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
423 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
424 mask_ecom_global_admin(&eval_tmp, eval);
425
426 irt = lookup_vrf_import_rt(&eval_tmp);
427 if (irt && is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
428 /* Already mapped. */
429 return;
430
431 if (!irt)
432 irt = vrf_import_rt_new(&eval_tmp);
433
434 /* Add VRF to the list for this RT. */
435 listnode_add(irt->vrfs, bgp_vrf);
436 }
437
438 /*
439 * Unmap specified VRF from specified RT. If there are no other
440 * VRFs for this RT, then the RT hash is deleted.
441 * bgp_vrf: BGP VRF specific instance
442 */
443 static void unmap_vrf_from_rt(struct bgp *bgp_vrf, struct vrf_irt_node *irt)
444 {
445 /* Delete VRF from list for this RT. */
446 listnode_delete(irt->vrfs, bgp_vrf);
447 if (!listnode_head(irt->vrfs)) {
448 vrf_import_rt_free(irt);
449 }
450 }
451
452 /*
453 * Map one RT to specified VNI.
454 */
455 static void map_vni_to_rt(struct bgp *bgp, struct bgpevpn *vpn,
456 struct ecommunity_val *eval)
457 {
458 struct irt_node *irt;
459 struct ecommunity_val eval_tmp;
460
461 /* If using "automatic" RT, we only care about the local-admin
462 * sub-field.
463 * This is to facilitate using VNI as the RT for EBGP peering too.
464 */
465 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
466 if (!is_import_rt_configured(vpn))
467 mask_ecom_global_admin(&eval_tmp, eval);
468
469 irt = lookup_import_rt(bgp, &eval_tmp);
470 if (irt)
471 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
472 /* Already mapped. */
473 return;
474
475 if (!irt) {
476 irt = import_rt_new(bgp, &eval_tmp);
477 assert(irt);
478 }
479
480 /* Add VNI to the hash list for this RT. */
481 listnode_add(irt->vnis, vpn);
482 }
483
484 /*
485 * Unmap specified VNI from specified RT. If there are no other
486 * VNIs for this RT, then the RT hash is deleted.
487 */
488 static void unmap_vni_from_rt(struct bgp *bgp, struct bgpevpn *vpn,
489 struct irt_node *irt)
490 {
491 /* Delete VNI from hash list for this RT. */
492 listnode_delete(irt->vnis, vpn);
493 if (!listnode_head(irt->vnis)) {
494 import_rt_free(bgp, irt);
495 }
496 }
497
498 static void bgp_evpn_get_rmac_nexthop(struct bgpevpn *vpn,
499 const struct prefix_evpn *p,
500 struct attr *attr, uint8_t flags)
501 {
502 struct bgp *bgp_vrf = vpn->bgp_vrf;
503
504 memset(&attr->rmac, 0, sizeof(struct ethaddr));
505 if (!bgp_vrf)
506 return;
507
508 if (p->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
509 return;
510
511 /* Copy sys (pip) RMAC and PIP IP as nexthop
512 * in case of route is self MAC-IP,
513 * advertise-pip and advertise-svi-ip features
514 * are enabled.
515 * Otherwise, for all host MAC-IP route's
516 * copy anycast RMAC.
517 */
518 if (CHECK_FLAG(flags, BGP_EVPN_MACIP_TYPE_SVI_IP)
519 && bgp_vrf->evpn_info->advertise_pip &&
520 bgp_vrf->evpn_info->is_anycast_mac) {
521 /* copy sys rmac */
522 memcpy(&attr->rmac, &bgp_vrf->evpn_info->pip_rmac,
523 ETH_ALEN);
524 attr->nexthop = bgp_vrf->evpn_info->pip_ip;
525 attr->mp_nexthop_global_in =
526 bgp_vrf->evpn_info->pip_ip;
527 } else
528 memcpy(&attr->rmac, &bgp_vrf->rmac, ETH_ALEN);
529 }
530
531 /*
532 * Create RT extended community automatically from passed information:
533 * of the form AS:VNI.
534 * NOTE: We use only the lower 16 bits of the AS. This is sufficient as
535 * the need is to get a RT value that will be unique across different
536 * VNIs but the same across routers (in the same AS) for a particular
537 * VNI.
538 */
539 static void form_auto_rt(struct bgp *bgp, vni_t vni, struct list *rtl)
540 {
541 struct ecommunity_val eval;
542 struct ecommunity *ecomadd, *ecom;
543 bool ecom_found = false;
544 struct listnode *node;
545
546 if (bgp->advertise_autort_rfc8365)
547 vni |= EVPN_AUTORT_VXLAN;
548 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
549
550 ecomadd = ecommunity_new();
551 ecommunity_add_val(ecomadd, &eval, false, false);
552 for (ALL_LIST_ELEMENTS_RO(rtl, node, ecom))
553 if (ecommunity_cmp(ecomadd, ecom))
554 ecom_found = true;
555
556 if (!ecom_found)
557 listnode_add_sort(rtl, ecomadd);
558 }
559
560 /*
561 * Derive RD and RT for a VNI automatically. Invoked at the time of
562 * creation of a VNI.
563 */
564 static void derive_rd_rt_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
565 {
566 bgp_evpn_derive_auto_rd(bgp, vpn);
567 bgp_evpn_derive_auto_rt_import(bgp, vpn);
568 bgp_evpn_derive_auto_rt_export(bgp, vpn);
569 }
570
571 /*
572 * Convert nexthop (remote VTEP IP) into an IPv6 address.
573 */
574 static void evpn_convert_nexthop_to_ipv6(struct attr *attr)
575 {
576 if (BGP_ATTR_NEXTHOP_AFI_IP6(attr))
577 return;
578 ipv4_to_ipv4_mapped_ipv6(&attr->mp_nexthop_global, attr->nexthop);
579 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
580 }
581
582 /*
583 * Add (update) or delete MACIP from zebra.
584 */
585 static int bgp_zebra_send_remote_macip(struct bgp *bgp, struct bgpevpn *vpn,
586 const struct prefix_evpn *p,
587 struct in_addr remote_vtep_ip, int add,
588 uint8_t flags, uint32_t seq)
589 {
590 struct stream *s;
591 int ipa_len;
592 char buf1[ETHER_ADDR_STRLEN];
593 char buf2[INET6_ADDRSTRLEN];
594 char buf3[INET6_ADDRSTRLEN];
595
596 /* Check socket. */
597 if (!zclient || zclient->sock < 0)
598 return 0;
599
600 /* Don't try to register if Zebra doesn't know of this instance. */
601 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
602 if (BGP_DEBUG(zebra, ZEBRA))
603 zlog_debug(
604 "%s: No zebra instance to talk to, not installing remote macip",
605 __func__);
606 return 0;
607 }
608 s = zclient->obuf;
609 stream_reset(s);
610
611 zclient_create_header(
612 s, add ? ZEBRA_REMOTE_MACIP_ADD : ZEBRA_REMOTE_MACIP_DEL,
613 bgp->vrf_id);
614 stream_putl(s, vpn->vni);
615 stream_put(s, &p->prefix.macip_addr.mac.octet, ETH_ALEN); /* Mac Addr */
616 /* IP address length and IP address, if any. */
617 if (is_evpn_prefix_ipaddr_none(p))
618 stream_putl(s, 0);
619 else {
620 ipa_len = is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BYTELEN
621 : IPV6_MAX_BYTELEN;
622 stream_putl(s, ipa_len);
623 stream_put(s, &p->prefix.macip_addr.ip.ip.addr, ipa_len);
624 }
625 stream_put_in_addr(s, &remote_vtep_ip);
626
627 /* TX flags - MAC sticky status and/or gateway mac */
628 /* Also TX the sequence number of the best route. */
629 if (add) {
630 stream_putc(s, flags);
631 stream_putl(s, seq);
632 }
633
634 stream_putw_at(s, 0, stream_get_endp(s));
635
636 if (bgp_debug_zebra(NULL))
637 zlog_debug(
638 "Tx %s MACIP, VNI %u MAC %s IP %s flags 0x%x seq %u remote VTEP %s",
639 add ? "ADD" : "DEL", vpn->vni,
640 prefix_mac2str(&p->prefix.macip_addr.mac,
641 buf1, sizeof(buf1)),
642 ipaddr2str(&p->prefix.macip_addr.ip,
643 buf3, sizeof(buf3)), flags, seq,
644 inet_ntop(AF_INET, &remote_vtep_ip, buf2,
645 sizeof(buf2)));
646
647 return zclient_send_message(zclient);
648 }
649
650 /*
651 * Add (update) or delete remote VTEP from zebra.
652 */
653 static int bgp_zebra_send_remote_vtep(struct bgp *bgp, struct bgpevpn *vpn,
654 const struct prefix_evpn *p,
655 int flood_control, int add)
656 {
657 struct stream *s;
658
659 /* Check socket. */
660 if (!zclient || zclient->sock < 0)
661 return 0;
662
663 /* Don't try to register if Zebra doesn't know of this instance. */
664 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
665 if (BGP_DEBUG(zebra, ZEBRA))
666 zlog_debug(
667 "%s: No zebra instance to talk to, not installing remote vtep",
668 __func__);
669 return 0;
670 }
671
672 s = zclient->obuf;
673 stream_reset(s);
674
675 zclient_create_header(
676 s, add ? ZEBRA_REMOTE_VTEP_ADD : ZEBRA_REMOTE_VTEP_DEL,
677 bgp->vrf_id);
678 stream_putl(s, vpn->vni);
679 if (is_evpn_prefix_ipaddr_v4(p))
680 stream_put_in_addr(s, &p->prefix.imet_addr.ip.ipaddr_v4);
681 else if (is_evpn_prefix_ipaddr_v6(p)) {
682 flog_err(
683 EC_BGP_VTEP_INVALID,
684 "Bad remote IP when trying to %s remote VTEP for VNI %u",
685 add ? "ADD" : "DEL", vpn->vni);
686 return -1;
687 }
688 stream_putl(s, flood_control);
689
690 stream_putw_at(s, 0, stream_get_endp(s));
691
692 if (bgp_debug_zebra(NULL))
693 zlog_debug("Tx %s Remote VTEP, VNI %u remote VTEP %s",
694 add ? "ADD" : "DEL", vpn->vni,
695 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
696
697 return zclient_send_message(zclient);
698 }
699
700 /*
701 * Build extended community for EVPN ES (type-4) route
702 */
703 static void build_evpn_type4_route_extcomm(struct evpnes *es,
704 struct attr *attr)
705 {
706 struct ecommunity ecom_encap;
707 struct ecommunity ecom_es_rt;
708 struct ecommunity_val eval;
709 struct ecommunity_val eval_es_rt;
710 bgp_encap_types tnl_type;
711 struct ethaddr mac;
712
713 /* Encap */
714 tnl_type = BGP_ENCAP_TYPE_VXLAN;
715 memset(&ecom_encap, 0, sizeof(ecom_encap));
716 encode_encap_extcomm(tnl_type, &eval);
717 ecom_encap.size = 1;
718 ecom_encap.val = (uint8_t *)eval.val;
719 attr->ecommunity = ecommunity_dup(&ecom_encap);
720
721 /* ES import RT */
722 memset(&mac, 0, sizeof(struct ethaddr));
723 memset(&ecom_es_rt, 0, sizeof(ecom_es_rt));
724 es_get_system_mac(&es->esi, &mac);
725 encode_es_rt_extcomm(&eval_es_rt, &mac);
726 ecom_es_rt.size = 1;
727 ecom_es_rt.val = (uint8_t *)eval_es_rt.val;
728 attr->ecommunity =
729 ecommunity_merge(attr->ecommunity, &ecom_es_rt);
730
731 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
732 }
733
734 /*
735 * Build extended communities for EVPN prefix route.
736 */
737 static void build_evpn_type5_route_extcomm(struct bgp *bgp_vrf,
738 struct attr *attr)
739 {
740 struct ecommunity ecom_encap;
741 struct ecommunity_val eval;
742 struct ecommunity_val eval_rmac;
743 bgp_encap_types tnl_type;
744 struct listnode *node, *nnode;
745 struct ecommunity *ecom;
746 struct ecommunity *old_ecom;
747 struct list *vrf_export_rtl = NULL;
748
749 /* Encap */
750 tnl_type = BGP_ENCAP_TYPE_VXLAN;
751 memset(&ecom_encap, 0, sizeof(ecom_encap));
752 encode_encap_extcomm(tnl_type, &eval);
753 ecom_encap.size = 1;
754 ecom_encap.val = (uint8_t *)eval.val;
755
756 /* Add Encap */
757 if (attr->ecommunity) {
758 old_ecom = attr->ecommunity;
759 ecom = ecommunity_merge(ecommunity_dup(old_ecom), &ecom_encap);
760 if (!old_ecom->refcnt)
761 ecommunity_free(&old_ecom);
762 } else
763 ecom = ecommunity_dup(&ecom_encap);
764 attr->ecommunity = ecom;
765
766 /* Add the export RTs for L3VNI/VRF */
767 vrf_export_rtl = bgp_vrf->vrf_export_rtl;
768 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode, ecom))
769 attr->ecommunity =
770 ecommunity_merge(attr->ecommunity, ecom);
771
772 /* add the router mac extended community */
773 if (!is_zero_mac(&attr->rmac)) {
774 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
775 ecommunity_add_val(attr->ecommunity, &eval_rmac, true, true);
776 }
777
778 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
779 }
780
781 /*
782 * Build extended communities for EVPN route.
783 * This function is applicable for type-2 and type-3 routes. The layer-2 RT
784 * and ENCAP extended communities are applicable for all routes.
785 * The default gateway extended community and MAC mobility (sticky) extended
786 * community are added as needed based on passed settings - only for type-2
787 * routes. Likewise, the layer-3 RT and Router MAC extended communities are
788 * added, if present, based on passed settings - only for non-link-local
789 * type-2 routes.
790 */
791 static void build_evpn_route_extcomm(struct bgpevpn *vpn, struct attr *attr,
792 int add_l3_ecomm)
793 {
794 struct ecommunity ecom_encap;
795 struct ecommunity ecom_sticky;
796 struct ecommunity ecom_default_gw;
797 struct ecommunity ecom_na;
798 struct ecommunity_val eval;
799 struct ecommunity_val eval_sticky;
800 struct ecommunity_val eval_default_gw;
801 struct ecommunity_val eval_rmac;
802 struct ecommunity_val eval_na;
803
804 bgp_encap_types tnl_type;
805 struct listnode *node, *nnode;
806 struct ecommunity *ecom;
807 uint32_t seqnum;
808 struct list *vrf_export_rtl = NULL;
809
810 /* Encap */
811 tnl_type = BGP_ENCAP_TYPE_VXLAN;
812 memset(&ecom_encap, 0, sizeof(ecom_encap));
813 encode_encap_extcomm(tnl_type, &eval);
814 ecom_encap.size = 1;
815 ecom_encap.val = (uint8_t *)eval.val;
816
817 /* Add Encap */
818 attr->ecommunity = ecommunity_dup(&ecom_encap);
819
820 /* Add the export RTs for L2VNI */
821 for (ALL_LIST_ELEMENTS(vpn->export_rtl, node, nnode, ecom))
822 attr->ecommunity = ecommunity_merge(attr->ecommunity, ecom);
823
824 /* Add the export RTs for L3VNI if told to - caller determines
825 * when this should be done.
826 */
827 if (add_l3_ecomm) {
828 vrf_export_rtl = bgpevpn_get_vrf_export_rtl(vpn);
829 if (vrf_export_rtl && !list_isempty(vrf_export_rtl)) {
830 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode,
831 ecom))
832 attr->ecommunity = ecommunity_merge(
833 attr->ecommunity, ecom);
834 }
835 }
836
837 /* Add MAC mobility (sticky) if needed. */
838 if (attr->sticky) {
839 seqnum = 0;
840 memset(&ecom_sticky, 0, sizeof(ecom_sticky));
841 encode_mac_mobility_extcomm(1, seqnum, &eval_sticky);
842 ecom_sticky.size = 1;
843 ecom_sticky.val = (uint8_t *)eval_sticky.val;
844 attr->ecommunity =
845 ecommunity_merge(attr->ecommunity, &ecom_sticky);
846 }
847
848 /* Add RMAC, if told to. */
849 if (add_l3_ecomm) {
850 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
851 ecommunity_add_val(attr->ecommunity, &eval_rmac, true, true);
852 }
853
854 /* Add default gateway, if needed. */
855 if (attr->default_gw) {
856 memset(&ecom_default_gw, 0, sizeof(ecom_default_gw));
857 encode_default_gw_extcomm(&eval_default_gw);
858 ecom_default_gw.size = 1;
859 ecom_default_gw.val = (uint8_t *)eval_default_gw.val;
860 attr->ecommunity =
861 ecommunity_merge(attr->ecommunity, &ecom_default_gw);
862 }
863
864 if (attr->router_flag) {
865 memset(&ecom_na, 0, sizeof(ecom_na));
866 encode_na_flag_extcomm(&eval_na, attr->router_flag);
867 ecom_na.size = 1;
868 ecom_na.val = (uint8_t *)eval_na.val;
869 attr->ecommunity = ecommunity_merge(attr->ecommunity,
870 &ecom_na);
871 }
872
873 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
874 }
875
876 /*
877 * Add MAC mobility extended community to attribute.
878 */
879 static void add_mac_mobility_to_attr(uint32_t seq_num, struct attr *attr)
880 {
881 struct ecommunity ecom_tmp;
882 struct ecommunity_val eval;
883 uint8_t *ecom_val_ptr;
884 int i;
885 uint8_t *pnt;
886 int type = 0;
887 int sub_type = 0;
888
889 /* Build MM */
890 encode_mac_mobility_extcomm(0, seq_num, &eval);
891
892 /* Find current MM ecommunity */
893 ecom_val_ptr = NULL;
894
895 if (attr->ecommunity) {
896 for (i = 0; i < attr->ecommunity->size; i++) {
897 pnt = attr->ecommunity->val + (i * 8);
898 type = *pnt++;
899 sub_type = *pnt++;
900
901 if (type == ECOMMUNITY_ENCODE_EVPN
902 && sub_type
903 == ECOMMUNITY_EVPN_SUBTYPE_MACMOBILITY) {
904 ecom_val_ptr =
905 (attr->ecommunity->val + (i * 8));
906 break;
907 }
908 }
909 }
910
911 /* Update the existing MM ecommunity */
912 if (ecom_val_ptr) {
913 memcpy(ecom_val_ptr, eval.val, sizeof(char) * ECOMMUNITY_SIZE);
914 }
915 /* Add MM to existing */
916 else {
917 memset(&ecom_tmp, 0, sizeof(ecom_tmp));
918 ecom_tmp.size = 1;
919 ecom_tmp.val = (uint8_t *)eval.val;
920
921 if (attr->ecommunity)
922 attr->ecommunity =
923 ecommunity_merge(attr->ecommunity, &ecom_tmp);
924 else
925 attr->ecommunity = ecommunity_dup(&ecom_tmp);
926 }
927 }
928
929 /* Install EVPN route into zebra. */
930 static int evpn_zebra_install(struct bgp *bgp, struct bgpevpn *vpn,
931 const struct prefix_evpn *p,
932 struct bgp_path_info *pi)
933 {
934 int ret;
935 uint8_t flags;
936 int flood_control;
937
938 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
939 flags = 0;
940 if (pi->attr->sticky)
941 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
942 if (pi->attr->default_gw)
943 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
944 if (is_evpn_prefix_ipaddr_v6(p) &&
945 pi->attr->router_flag)
946 SET_FLAG(flags, ZEBRA_MACIP_TYPE_ROUTER_FLAG);
947 ret = bgp_zebra_send_remote_macip(
948 bgp, vpn, p, pi->attr->nexthop, 1, flags,
949 mac_mobility_seqnum(pi->attr));
950 } else {
951 switch (pi->attr->pmsi_tnl_type) {
952 case PMSI_TNLTYPE_INGR_REPL:
953 flood_control = VXLAN_FLOOD_HEAD_END_REPL;
954 break;
955
956 case PMSI_TNLTYPE_PIM_SM:
957 flood_control = VXLAN_FLOOD_PIM_SM;
958 break;
959
960 default:
961 flood_control = VXLAN_FLOOD_DISABLED;
962 break;
963 }
964 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p, flood_control, 1);
965 }
966
967 return ret;
968 }
969
970 /* Uninstall EVPN route from zebra. */
971 static int evpn_zebra_uninstall(struct bgp *bgp, struct bgpevpn *vpn,
972 const struct prefix_evpn *p,
973 struct in_addr remote_vtep_ip)
974 {
975 int ret;
976
977 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
978 ret = bgp_zebra_send_remote_macip(bgp, vpn, p, remote_vtep_ip,
979 0, 0, 0);
980 else
981 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p,
982 VXLAN_FLOOD_DISABLED, 0);
983
984 return ret;
985 }
986
987 /*
988 * Due to MAC mobility, the prior "local" best route has been supplanted
989 * by a "remote" best route. The prior route has to be deleted and withdrawn
990 * from peers.
991 */
992 static void evpn_delete_old_local_route(struct bgp *bgp, struct bgpevpn *vpn,
993 struct bgp_dest *dest,
994 struct bgp_path_info *old_local)
995 {
996 struct bgp_dest *global_dest;
997 struct bgp_path_info *pi;
998 afi_t afi = AFI_L2VPN;
999 safi_t safi = SAFI_EVPN;
1000
1001 /* Locate route node in the global EVPN routing table. Note that
1002 * this table is a 2-level tree (RD-level + Prefix-level) similar to
1003 * L3VPN routes.
1004 */
1005 global_dest = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
1006 bgp_dest_get_prefix(dest), &vpn->prd);
1007 if (global_dest) {
1008 /* Delete route entry in the global EVPN table. */
1009 delete_evpn_route_entry(bgp, afi, safi, global_dest, &pi);
1010
1011 /* Schedule for processing - withdraws to peers happen from
1012 * this table.
1013 */
1014 if (pi)
1015 bgp_process(bgp, global_dest, afi, safi);
1016 bgp_dest_unlock_node(global_dest);
1017 }
1018
1019 /* Delete route entry in the VNI route table, caller to remove. */
1020 bgp_path_info_delete(dest, old_local);
1021 }
1022
1023 static struct in_addr *es_vtep_new(struct in_addr vtep)
1024 {
1025 struct in_addr *ip;
1026
1027 ip = XCALLOC(MTYPE_BGP_EVPN_ES_VTEP, sizeof(struct in_addr));
1028
1029 ip->s_addr = vtep.s_addr;
1030 return ip;
1031 }
1032
1033 static void es_vtep_free(struct in_addr *ip)
1034 {
1035 XFREE(MTYPE_BGP_EVPN_ES_VTEP, ip);
1036 }
1037
1038 /* check if VTEP is already part of the list */
1039 static int is_vtep_present_in_list(struct list *list,
1040 struct in_addr vtep)
1041 {
1042 struct listnode *node = NULL;
1043 struct in_addr *tmp;
1044
1045 for (ALL_LIST_ELEMENTS_RO(list, node, tmp)) {
1046 if (tmp->s_addr == vtep.s_addr)
1047 return 1;
1048 }
1049 return 0;
1050 }
1051
1052 /*
1053 * Best path for ES route was changed,
1054 * update the list of VTEPs for this ES
1055 */
1056 static int evpn_es_install_vtep(struct bgp *bgp, struct evpnes *es,
1057 const struct prefix_evpn *p,
1058 struct in_addr rvtep)
1059 {
1060 struct in_addr *vtep_ip;
1061
1062 if (is_vtep_present_in_list(es->vtep_list, rvtep))
1063 return 0;
1064
1065
1066 vtep_ip = es_vtep_new(rvtep);
1067 if (vtep_ip)
1068 listnode_add_sort(es->vtep_list, vtep_ip);
1069 return 0;
1070 }
1071
1072 /*
1073 * Best path for ES route was changed,
1074 * update the list of VTEPs for this ES
1075 */
1076 static int evpn_es_uninstall_vtep(struct bgp *bgp,
1077 struct evpnes *es,
1078 struct prefix_evpn *p,
1079 struct in_addr rvtep)
1080 {
1081 struct listnode *node, *nnode, *node_to_del = NULL;
1082 struct in_addr *tmp;
1083
1084 for (ALL_LIST_ELEMENTS(es->vtep_list, node, nnode, tmp)) {
1085 if (tmp->s_addr == rvtep.s_addr) {
1086 es_vtep_free(tmp);
1087 node_to_del = node;
1088 }
1089 }
1090
1091 if (node_to_del)
1092 list_delete_node(es->vtep_list, node_to_del);
1093
1094 return 0;
1095 }
1096
1097 /*
1098 * Calculate the best path for a ES(type-4) route.
1099 */
1100 static int evpn_es_route_select_install(struct bgp *bgp, struct evpnes *es,
1101 struct bgp_dest *dest)
1102 {
1103 int ret = 0;
1104 afi_t afi = AFI_L2VPN;
1105 safi_t safi = SAFI_EVPN;
1106 struct bgp_path_info *old_select; /* old best */
1107 struct bgp_path_info *new_select; /* new best */
1108 struct bgp_path_info_pair old_and_new;
1109
1110 /* Compute the best path. */
1111 bgp_best_selection(bgp, dest, &bgp->maxpaths[afi][safi], &old_and_new,
1112 afi, safi);
1113 old_select = old_and_new.old;
1114 new_select = old_and_new.new;
1115
1116 /*
1117 * If the best path hasn't changed - see if something needs to be
1118 * updated
1119 */
1120 if (old_select && old_select == new_select
1121 && old_select->type == ZEBRA_ROUTE_BGP
1122 && old_select->sub_type == BGP_ROUTE_IMPORTED
1123 && !CHECK_FLAG(dest->flags, BGP_NODE_USER_CLEAR)
1124 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1125 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1126 if (bgp_zebra_has_route_changed(old_select)) {
1127 ret = evpn_es_install_vtep(
1128 bgp, es,
1129 (const struct prefix_evpn *)bgp_dest_get_prefix(
1130 dest),
1131 old_select->attr->nexthop);
1132 }
1133 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1134 UNSET_FLAG(old_select->flags, BGP_PATH_LINK_BW_CHG);
1135 bgp_zebra_clear_route_change_flags(dest);
1136 return ret;
1137 }
1138
1139 /* If the user did a "clear" this flag will be set */
1140 UNSET_FLAG(dest->flags, BGP_NODE_USER_CLEAR);
1141
1142 /*
1143 * bestpath has changed; update relevant fields and install or uninstall
1144 * into the zebra RIB.
1145 */
1146 if (old_select || new_select)
1147 bgp_bump_version(dest);
1148
1149 if (old_select)
1150 bgp_path_info_unset_flag(dest, old_select, BGP_PATH_SELECTED);
1151 if (new_select) {
1152 bgp_path_info_set_flag(dest, new_select, BGP_PATH_SELECTED);
1153 bgp_path_info_unset_flag(dest, new_select,
1154 BGP_PATH_ATTR_CHANGED);
1155 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1156 UNSET_FLAG(new_select->flags, BGP_PATH_LINK_BW_CHG);
1157 }
1158
1159 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1160 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1161 ret = evpn_es_install_vtep(
1162 bgp, es,
1163 (const struct prefix_evpn *)bgp_dest_get_prefix(dest),
1164 new_select->attr->nexthop);
1165 } else {
1166 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1167 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1168 ret = evpn_es_uninstall_vtep(
1169 bgp, es,
1170 (struct prefix_evpn *)bgp_dest_get_prefix(dest),
1171 old_select->attr->nexthop);
1172 }
1173
1174 /* Clear any route change flags. */
1175 bgp_zebra_clear_route_change_flags(dest);
1176
1177 /* Reap old select bgp_path_info, if it has been removed */
1178 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1179 bgp_path_info_reap(dest, old_select);
1180
1181 return ret;
1182 }
1183
1184 /*
1185 * Calculate the best path for an EVPN route. Install/update best path in zebra,
1186 * if appropriate.
1187 */
1188 static int evpn_route_select_install(struct bgp *bgp, struct bgpevpn *vpn,
1189 struct bgp_dest *dest)
1190 {
1191 struct bgp_path_info *old_select, *new_select;
1192 struct bgp_path_info_pair old_and_new;
1193 afi_t afi = AFI_L2VPN;
1194 safi_t safi = SAFI_EVPN;
1195 int ret = 0;
1196
1197 /* Compute the best path. */
1198 bgp_best_selection(bgp, dest, &bgp->maxpaths[afi][safi], &old_and_new,
1199 afi, safi);
1200 old_select = old_and_new.old;
1201 new_select = old_and_new.new;
1202
1203 /* If the best path hasn't changed - see if there is still something to
1204 * update
1205 * to zebra RIB.
1206 */
1207 if (old_select && old_select == new_select
1208 && old_select->type == ZEBRA_ROUTE_BGP
1209 && old_select->sub_type == BGP_ROUTE_IMPORTED
1210 && !CHECK_FLAG(dest->flags, BGP_NODE_USER_CLEAR)
1211 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1212 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1213 if (bgp_zebra_has_route_changed(old_select))
1214 ret = evpn_zebra_install(
1215 bgp, vpn,
1216 (const struct prefix_evpn *)bgp_dest_get_prefix(
1217 dest),
1218 old_select);
1219 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1220 UNSET_FLAG(old_select->flags, BGP_PATH_LINK_BW_CHG);
1221 bgp_zebra_clear_route_change_flags(dest);
1222 return ret;
1223 }
1224
1225 /* If the user did a "clear" this flag will be set */
1226 UNSET_FLAG(dest->flags, BGP_NODE_USER_CLEAR);
1227
1228 /* bestpath has changed; update relevant fields and install or uninstall
1229 * into the zebra RIB.
1230 */
1231 if (old_select || new_select)
1232 bgp_bump_version(dest);
1233
1234 if (old_select)
1235 bgp_path_info_unset_flag(dest, old_select, BGP_PATH_SELECTED);
1236 if (new_select) {
1237 bgp_path_info_set_flag(dest, new_select, BGP_PATH_SELECTED);
1238 bgp_path_info_unset_flag(dest, new_select,
1239 BGP_PATH_ATTR_CHANGED);
1240 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1241 UNSET_FLAG(new_select->flags, BGP_PATH_LINK_BW_CHG);
1242 }
1243
1244 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1245 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1246 ret = evpn_zebra_install(
1247 bgp, vpn,
1248 (struct prefix_evpn *)bgp_dest_get_prefix(dest),
1249 new_select);
1250
1251 /* If an old best existed and it was a "local" route, the only
1252 * reason
1253 * it would be supplanted is due to MAC mobility procedures. So,
1254 * we
1255 * need to do an implicit delete and withdraw that route from
1256 * peers.
1257 */
1258 if (old_select && old_select->peer == bgp->peer_self
1259 && old_select->type == ZEBRA_ROUTE_BGP
1260 && old_select->sub_type == BGP_ROUTE_STATIC)
1261 evpn_delete_old_local_route(bgp, vpn, dest, old_select);
1262 } else {
1263 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1264 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1265 ret = evpn_zebra_uninstall(
1266 bgp, vpn,
1267 (const struct prefix_evpn *)bgp_dest_get_prefix(
1268 dest),
1269 old_select->attr->nexthop);
1270 }
1271
1272 /* Clear any route change flags. */
1273 bgp_zebra_clear_route_change_flags(dest);
1274
1275 /* Reap old select bgp_path_info, if it has been removed */
1276 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1277 bgp_path_info_reap(dest, old_select);
1278
1279 return ret;
1280 }
1281
1282 /*
1283 * Return true if the local ri for this rn is of type gateway mac
1284 */
1285 static int evpn_route_is_def_gw(struct bgp *bgp, struct bgp_dest *dest)
1286 {
1287 struct bgp_path_info *tmp_pi = NULL;
1288 struct bgp_path_info *local_pi = NULL;
1289
1290 local_pi = NULL;
1291 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
1292 tmp_pi = tmp_pi->next) {
1293 if (tmp_pi->peer == bgp->peer_self
1294 && tmp_pi->type == ZEBRA_ROUTE_BGP
1295 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1296 local_pi = tmp_pi;
1297 }
1298
1299 if (!local_pi)
1300 return 0;
1301
1302 return local_pi->attr->default_gw;
1303 }
1304
1305
1306 /*
1307 * Return true if the local ri for this rn has sticky set
1308 */
1309 static int evpn_route_is_sticky(struct bgp *bgp, struct bgp_dest *dest)
1310 {
1311 struct bgp_path_info *tmp_pi;
1312 struct bgp_path_info *local_pi;
1313
1314 local_pi = NULL;
1315 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
1316 tmp_pi = tmp_pi->next) {
1317 if (tmp_pi->peer == bgp->peer_self
1318 && tmp_pi->type == ZEBRA_ROUTE_BGP
1319 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1320 local_pi = tmp_pi;
1321 }
1322
1323 if (!local_pi)
1324 return 0;
1325
1326 return local_pi->attr->sticky;
1327 }
1328
1329 /*
1330 * create or update EVPN type4 route entry.
1331 * This could be in the ES table or the global table.
1332 * TODO: handle remote ES (type4) routes as well
1333 */
1334 static int update_evpn_type4_route_entry(struct bgp *bgp, struct evpnes *es,
1335 afi_t afi, safi_t safi,
1336 struct bgp_dest *dest,
1337 struct attr *attr, int add,
1338 struct bgp_path_info **ri,
1339 int *route_changed)
1340 {
1341 char buf[ESI_STR_LEN];
1342 char buf1[INET6_ADDRSTRLEN];
1343 struct bgp_path_info *tmp_pi = NULL;
1344 struct bgp_path_info *local_pi = NULL; /* local route entry if any */
1345 struct bgp_path_info *remote_pi = NULL; /* remote route entry if any */
1346 struct attr *attr_new = NULL;
1347 const struct prefix_evpn *evp = NULL;
1348
1349 *ri = NULL;
1350 *route_changed = 1;
1351 evp = (const struct prefix_evpn *)bgp_dest_get_prefix(dest);
1352
1353 /* locate the local and remote entries if any */
1354 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
1355 tmp_pi = tmp_pi->next) {
1356 if (tmp_pi->peer == bgp->peer_self
1357 && tmp_pi->type == ZEBRA_ROUTE_BGP
1358 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1359 local_pi = tmp_pi;
1360 if (tmp_pi->type == ZEBRA_ROUTE_BGP
1361 && tmp_pi->sub_type == BGP_ROUTE_IMPORTED
1362 && CHECK_FLAG(tmp_pi->flags, BGP_PATH_VALID))
1363 remote_pi = tmp_pi;
1364 }
1365
1366 /* we don't expect to see a remote_ri at this point.
1367 * An ES route has esi + vtep_ip as the key,
1368 * We shouldn't see the same route from any other vtep.
1369 */
1370 if (remote_pi) {
1371 flog_err(
1372 EC_BGP_ES_INVALID,
1373 "%u ERROR: local es route for ESI: %s Vtep %s also learnt from remote",
1374 bgp->vrf_id,
1375 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)),
1376 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1377 return -1;
1378 }
1379
1380 if (!local_pi && !add)
1381 return 0;
1382
1383 /* create or update the entry */
1384 if (!local_pi) {
1385
1386 /* Add or update attribute to hash */
1387 attr_new = bgp_attr_intern(attr);
1388
1389 /* Create new route with its attribute. */
1390 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1391 bgp->peer_self, attr_new, dest);
1392 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1393
1394 /* add the newly created path to the route-node */
1395 bgp_path_info_add(dest, tmp_pi);
1396 } else {
1397 tmp_pi = local_pi;
1398 if (attrhash_cmp(tmp_pi->attr, attr)
1399 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1400 *route_changed = 0;
1401 else {
1402 /* The attribute has changed.
1403 * Add (or update) attribute to hash. */
1404 attr_new = bgp_attr_intern(attr);
1405 bgp_path_info_set_flag(dest, tmp_pi,
1406 BGP_PATH_ATTR_CHANGED);
1407
1408 /* Restore route, if needed. */
1409 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1410 bgp_path_info_restore(dest, tmp_pi);
1411
1412 /* Unintern existing, set to new. */
1413 bgp_attr_unintern(&tmp_pi->attr);
1414 tmp_pi->attr = attr_new;
1415 tmp_pi->uptime = bgp_clock();
1416 }
1417 }
1418
1419 /* Return back the route entry. */
1420 *ri = tmp_pi;
1421 return 0;
1422 }
1423
1424 /* update evpn es (type-4) route */
1425 static int update_evpn_type4_route(struct bgp *bgp,
1426 struct evpnes *es,
1427 struct prefix_evpn *p)
1428 {
1429 int ret = 0;
1430 int route_changed = 0;
1431 char buf[ESI_STR_LEN];
1432 char buf1[INET6_ADDRSTRLEN];
1433 afi_t afi = AFI_L2VPN;
1434 safi_t safi = SAFI_EVPN;
1435 struct attr attr;
1436 struct attr *attr_new = NULL;
1437 struct bgp_dest *dest = NULL;
1438 struct bgp_path_info *pi = NULL;
1439
1440 memset(&attr, 0, sizeof(struct attr));
1441
1442 /* Build path-attribute for this route. */
1443 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1444 attr.nexthop = es->originator_ip.ipaddr_v4;
1445 attr.mp_nexthop_global_in = es->originator_ip.ipaddr_v4;
1446 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1447
1448 /* Set up extended community. */
1449 build_evpn_type4_route_extcomm(es, &attr);
1450
1451 /* First, create (or fetch) route node within the ESI. */
1452 /* NOTE: There is no RD here. */
1453 dest = bgp_node_get(es->route_table, (struct prefix *)p);
1454
1455 /* Create or update route entry. */
1456 ret = update_evpn_type4_route_entry(bgp, es, afi, safi, dest, &attr, 1,
1457 &pi, &route_changed);
1458 if (ret != 0) {
1459 flog_err(EC_BGP_ES_INVALID,
1460 "%u ERROR: Failed to updated ES route ESI: %s VTEP %s",
1461 bgp->vrf_id,
1462 esi_to_str(&p->prefix.es_addr.esi, buf, sizeof(buf)),
1463 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1464 }
1465
1466 assert(pi);
1467 attr_new = pi->attr;
1468
1469 /* Perform route selection;
1470 * this is just to set the flags correctly
1471 * as local route in the ES always wins.
1472 */
1473 evpn_es_route_select_install(bgp, es, dest);
1474 bgp_dest_unlock_node(dest);
1475
1476 /* If this is a new route or some attribute has changed, export the
1477 * route to the global table. The route will be advertised to peers
1478 * from there. Note that this table is a 2-level tree (RD-level +
1479 * Prefix-level) similar to L3VPN routes.
1480 */
1481 if (route_changed) {
1482 struct bgp_path_info *global_pi;
1483
1484 dest = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1485 (struct prefix *)p, &es->prd);
1486 update_evpn_type4_route_entry(bgp, es, afi, safi, dest,
1487 attr_new, 1, &global_pi,
1488 &route_changed);
1489
1490 /* Schedule for processing and unlock node. */
1491 bgp_process(bgp, dest, afi, safi);
1492 bgp_dest_unlock_node(dest);
1493 }
1494
1495 /* Unintern temporary. */
1496 aspath_unintern(&attr.aspath);
1497 return 0;
1498 }
1499
1500 static int update_evpn_type5_route_entry(struct bgp *bgp_evpn,
1501 struct bgp *bgp_vrf, afi_t afi,
1502 safi_t safi, struct bgp_dest *dest,
1503 struct attr *attr, int *route_changed)
1504 {
1505 struct attr *attr_new = NULL;
1506 struct bgp_path_info *pi = NULL;
1507 mpls_label_t label = MPLS_INVALID_LABEL;
1508 struct bgp_path_info *local_pi = NULL;
1509 struct bgp_path_info *tmp_pi = NULL;
1510
1511 *route_changed = 0;
1512 /* locate the local route entry if any */
1513 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
1514 tmp_pi = tmp_pi->next) {
1515 if (tmp_pi->peer == bgp_evpn->peer_self
1516 && tmp_pi->type == ZEBRA_ROUTE_BGP
1517 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1518 local_pi = tmp_pi;
1519 }
1520
1521 /*
1522 * create a new route entry if one doesn't exist.
1523 * Otherwise see if route attr has changed
1524 */
1525 if (!local_pi) {
1526
1527 /* route has changed as this is the first entry */
1528 *route_changed = 1;
1529
1530 /* Add (or update) attribute to hash. */
1531 attr_new = bgp_attr_intern(attr);
1532
1533 /* create the route info from attribute */
1534 pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1535 bgp_evpn->peer_self, attr_new, dest);
1536 SET_FLAG(pi->flags, BGP_PATH_VALID);
1537
1538 /* Type-5 routes advertise the L3-VNI */
1539 bgp_path_info_extra_get(pi);
1540 vni2label(bgp_vrf->l3vni, &label);
1541 memcpy(&pi->extra->label, &label, sizeof(label));
1542 pi->extra->num_labels = 1;
1543
1544 /* add the route entry to route node*/
1545 bgp_path_info_add(dest, pi);
1546 } else {
1547
1548 tmp_pi = local_pi;
1549 if (!attrhash_cmp(tmp_pi->attr, attr)) {
1550
1551 /* attribute changed */
1552 *route_changed = 1;
1553
1554 /* The attribute has changed. */
1555 /* Add (or update) attribute to hash. */
1556 attr_new = bgp_attr_intern(attr);
1557 bgp_path_info_set_flag(dest, tmp_pi,
1558 BGP_PATH_ATTR_CHANGED);
1559
1560 /* Restore route, if needed. */
1561 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1562 bgp_path_info_restore(dest, tmp_pi);
1563
1564 /* Unintern existing, set to new. */
1565 bgp_attr_unintern(&tmp_pi->attr);
1566 tmp_pi->attr = attr_new;
1567 tmp_pi->uptime = bgp_clock();
1568 }
1569 }
1570 return 0;
1571 }
1572
1573 /* update evpn type-5 route entry */
1574 static int update_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp,
1575 struct attr *src_attr)
1576 {
1577 afi_t afi = AFI_L2VPN;
1578 safi_t safi = SAFI_EVPN;
1579 struct attr attr;
1580 struct bgp_dest *dest = NULL;
1581 struct bgp *bgp_evpn = NULL;
1582 int route_changed = 0;
1583
1584 bgp_evpn = bgp_get_evpn();
1585 if (!bgp_evpn)
1586 return 0;
1587
1588 /* Build path attribute for this route - use the source attr, if
1589 * present, else treat as locally originated.
1590 */
1591 if (src_attr)
1592 attr = *src_attr;
1593 else {
1594 memset(&attr, 0, sizeof(struct attr));
1595 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1596 }
1597
1598 /* Advertise Primary IP (PIP) is enabled, send individual
1599 * IP (default instance router-id) as nexthop.
1600 * PIP is disabled or vrr interface is not present
1601 * use anycast-IP as nexthop and anycast RMAC.
1602 */
1603 if (!bgp_vrf->evpn_info->advertise_pip ||
1604 (!bgp_vrf->evpn_info->is_anycast_mac)) {
1605 attr.nexthop = bgp_vrf->originator_ip;
1606 attr.mp_nexthop_global_in = bgp_vrf->originator_ip;
1607 memcpy(&attr.rmac, &bgp_vrf->rmac, ETH_ALEN);
1608 } else {
1609 /* copy sys rmac */
1610 memcpy(&attr.rmac, &bgp_vrf->evpn_info->pip_rmac, ETH_ALEN);
1611 if (bgp_vrf->evpn_info->pip_ip.s_addr != INADDR_ANY) {
1612 attr.nexthop = bgp_vrf->evpn_info->pip_ip;
1613 attr.mp_nexthop_global_in = bgp_vrf->evpn_info->pip_ip;
1614 } else if (bgp_vrf->evpn_info->pip_ip.s_addr == INADDR_ANY)
1615 if (bgp_debug_zebra(NULL)) {
1616 char buf1[PREFIX_STRLEN];
1617
1618 zlog_debug("VRF %s evp %s advertise-pip primary ip is not configured",
1619 vrf_id_to_name(bgp_vrf->vrf_id),
1620 prefix2str(evp, buf1, sizeof(buf1)));
1621 }
1622 }
1623
1624 if (bgp_debug_zebra(NULL)) {
1625 char buf[ETHER_ADDR_STRLEN];
1626 char buf1[PREFIX_STRLEN];
1627 char buf2[INET6_ADDRSTRLEN];
1628
1629 zlog_debug("VRF %s type-5 route evp %s RMAC %s nexthop %s",
1630 vrf_id_to_name(bgp_vrf->vrf_id),
1631 prefix2str(evp, buf1, sizeof(buf1)),
1632 prefix_mac2str(&attr.rmac, buf, sizeof(buf)),
1633 inet_ntop(AF_INET, &attr.nexthop, buf2,
1634 INET_ADDRSTRLEN));
1635 }
1636
1637 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1638
1639 /* Setup RT and encap extended community */
1640 build_evpn_type5_route_extcomm(bgp_vrf, &attr);
1641
1642 /* get the route node in global table */
1643 dest = bgp_afi_node_get(bgp_evpn->rib[afi][safi], afi, safi,
1644 (struct prefix *)evp, &bgp_vrf->vrf_prd);
1645 assert(dest);
1646
1647 /* create or update the route entry within the route node */
1648 update_evpn_type5_route_entry(bgp_evpn, bgp_vrf, afi, safi, dest, &attr,
1649 &route_changed);
1650
1651 /* schedule for processing and unlock node */
1652 if (route_changed) {
1653 bgp_process(bgp_evpn, dest, afi, safi);
1654 bgp_dest_unlock_node(dest);
1655 }
1656
1657 /* uninten temporary */
1658 if (!src_attr)
1659 aspath_unintern(&attr.aspath);
1660 return 0;
1661 }
1662
1663 /*
1664 * Create or update EVPN route entry. This could be in the VNI route table
1665 * or the global route table.
1666 */
1667 static int update_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
1668 afi_t afi, safi_t safi,
1669 struct bgp_dest *dest, struct attr *attr,
1670 int add, struct bgp_path_info **pi,
1671 uint8_t flags, uint32_t seq)
1672 {
1673 struct bgp_path_info *tmp_pi;
1674 struct bgp_path_info *local_pi;
1675 struct attr *attr_new;
1676 mpls_label_t label[BGP_MAX_LABELS];
1677 uint32_t num_labels = 1;
1678 int route_change = 1;
1679 uint8_t sticky = 0;
1680 const struct prefix_evpn *evp;
1681
1682 *pi = NULL;
1683 evp = (const struct prefix_evpn *)bgp_dest_get_prefix(dest);
1684 memset(&label, 0, sizeof(label));
1685
1686 /* See if this is an update of an existing route, or a new add. */
1687 local_pi = NULL;
1688 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
1689 tmp_pi = tmp_pi->next) {
1690 if (tmp_pi->peer == bgp->peer_self
1691 && tmp_pi->type == ZEBRA_ROUTE_BGP
1692 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1693 local_pi = tmp_pi;
1694 }
1695
1696 /* If route doesn't exist already, create a new one, if told to.
1697 * Otherwise act based on whether the attributes of the route have
1698 * changed or not.
1699 */
1700 if (!local_pi && !add)
1701 return 0;
1702
1703 /* For non-GW MACs, update MAC mobility seq number, if needed. */
1704 if (seq && !CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW))
1705 add_mac_mobility_to_attr(seq, attr);
1706
1707 if (!local_pi) {
1708 /* Add (or update) attribute to hash. */
1709 attr_new = bgp_attr_intern(attr);
1710
1711 /* Extract MAC mobility sequence number, if any. */
1712 attr_new->mm_seqnum =
1713 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1714 attr_new->sticky = sticky;
1715
1716 /* Create new route with its attribute. */
1717 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1718 bgp->peer_self, attr_new, dest);
1719 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1720 bgp_path_info_extra_get(tmp_pi);
1721
1722 /* The VNI goes into the 'label' field of the route */
1723 vni2label(vpn->vni, &label[0]);
1724
1725 /* Type-2 routes may carry a second VNI - the L3-VNI.
1726 * Only attach second label if we are advertising two labels for
1727 * type-2 routes.
1728 */
1729 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1730 && CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS)) {
1731 vni_t l3vni;
1732
1733 l3vni = bgpevpn_get_l3vni(vpn);
1734 if (l3vni) {
1735 vni2label(l3vni, &label[1]);
1736 num_labels++;
1737 }
1738 }
1739
1740 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1741 tmp_pi->extra->num_labels = num_labels;
1742 /* Mark route as self type-2 route */
1743 if (flags && CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_SVI_IP))
1744 tmp_pi->extra->af_flags = BGP_EVPN_MACIP_TYPE_SVI_IP;
1745 bgp_path_info_add(dest, tmp_pi);
1746 } else {
1747 tmp_pi = local_pi;
1748 if (attrhash_cmp(tmp_pi->attr, attr)
1749 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1750 route_change = 0;
1751 else {
1752 /*
1753 * The attributes have changed, type-2 routes needs to
1754 * be advertised with right labels.
1755 */
1756 vni2label(vpn->vni, &label[0]);
1757 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1758 && CHECK_FLAG(vpn->flags,
1759 VNI_FLAG_USE_TWO_LABELS)) {
1760 vni_t l3vni;
1761
1762 l3vni = bgpevpn_get_l3vni(vpn);
1763 if (l3vni) {
1764 vni2label(l3vni, &label[1]);
1765 num_labels++;
1766 }
1767 }
1768 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1769 tmp_pi->extra->num_labels = num_labels;
1770
1771 /* The attribute has changed. */
1772 /* Add (or update) attribute to hash. */
1773 attr_new = bgp_attr_intern(attr);
1774 bgp_path_info_set_flag(dest, tmp_pi,
1775 BGP_PATH_ATTR_CHANGED);
1776
1777 /* Extract MAC mobility sequence number, if any. */
1778 attr_new->mm_seqnum =
1779 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1780 attr_new->sticky = sticky;
1781
1782 /* Restore route, if needed. */
1783 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1784 bgp_path_info_restore(dest, tmp_pi);
1785
1786 /* Unintern existing, set to new. */
1787 bgp_attr_unintern(&tmp_pi->attr);
1788 tmp_pi->attr = attr_new;
1789 tmp_pi->uptime = bgp_clock();
1790 }
1791 }
1792
1793 /* Return back the route entry. */
1794 *pi = tmp_pi;
1795 return route_change;
1796 }
1797
1798 static void evpn_zebra_reinstall_best_route(struct bgp *bgp,
1799 struct bgpevpn *vpn,
1800 struct bgp_dest *dest)
1801 {
1802 struct bgp_path_info *tmp_ri;
1803 struct bgp_path_info *curr_select = NULL;
1804
1805 for (tmp_ri = bgp_dest_get_bgp_path_info(dest); tmp_ri;
1806 tmp_ri = tmp_ri->next) {
1807 if (CHECK_FLAG(tmp_ri->flags, BGP_PATH_SELECTED)) {
1808 curr_select = tmp_ri;
1809 break;
1810 }
1811 }
1812
1813 if (curr_select && curr_select->type == ZEBRA_ROUTE_BGP
1814 && curr_select->sub_type == BGP_ROUTE_IMPORTED)
1815 evpn_zebra_install(
1816 bgp, vpn,
1817 (const struct prefix_evpn *)bgp_dest_get_prefix(dest),
1818 curr_select);
1819 }
1820
1821 /*
1822 * If the local route was not selected evict it and tell zebra to re-add
1823 * the best remote dest.
1824 *
1825 * Typically a local path added by zebra is expected to be selected as
1826 * best. In which case when a remote path wins as best (later)
1827 * evpn_route_select_install itself evicts the older-local-best path.
1828 *
1829 * However if bgp's add and zebra's add cross paths (race condition) it
1830 * is possible that the local path is no longer the "older" best path.
1831 * It is a path that was never designated as best and hence requires
1832 * additional handling to prevent bgp from injecting and holding on to a
1833 * non-best local path.
1834 */
1835 static void evpn_cleanup_local_non_best_route(struct bgp *bgp,
1836 struct bgpevpn *vpn,
1837 struct bgp_dest *dest,
1838 struct bgp_path_info *local_pi)
1839 {
1840 /* local path was not picked as the winner; kick it out */
1841 if (bgp_debug_zebra(NULL))
1842 zlog_debug("evicting local evpn prefix %pRN as remote won",
1843 dest);
1844
1845 evpn_delete_old_local_route(bgp, vpn, dest, local_pi);
1846 bgp_path_info_reap(dest, local_pi);
1847
1848 /* tell zebra to re-add the best remote path */
1849 evpn_zebra_reinstall_best_route(bgp, vpn, dest);
1850 }
1851
1852 /*
1853 * Create or update EVPN route (of type based on prefix) for specified VNI
1854 * and schedule for processing.
1855 */
1856 static int update_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
1857 struct prefix_evpn *p, uint8_t flags,
1858 uint32_t seq)
1859 {
1860 struct bgp_dest *dest;
1861 struct attr attr;
1862 struct attr *attr_new;
1863 int add_l3_ecomm = 0;
1864 struct bgp_path_info *pi;
1865 afi_t afi = AFI_L2VPN;
1866 safi_t safi = SAFI_EVPN;
1867 int route_change;
1868
1869 memset(&attr, 0, sizeof(struct attr));
1870
1871 /* Build path-attribute for this route. */
1872 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1873 attr.nexthop = vpn->originator_ip;
1874 attr.mp_nexthop_global_in = vpn->originator_ip;
1875 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1876 attr.sticky = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY) ? 1 : 0;
1877 attr.default_gw = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW) ? 1 : 0;
1878 attr.router_flag = CHECK_FLAG(flags,
1879 ZEBRA_MACIP_TYPE_ROUTER_FLAG) ? 1 : 0;
1880
1881 /* PMSI is only needed for type-3 routes */
1882 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
1883 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
1884 attr.pmsi_tnl_type = PMSI_TNLTYPE_INGR_REPL;
1885 }
1886
1887 /* router mac is only needed for type-2 routes here. */
1888 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
1889 uint8_t af_flags = 0;
1890
1891 if (CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_SVI_IP))
1892 SET_FLAG(af_flags, BGP_EVPN_MACIP_TYPE_SVI_IP);
1893
1894 bgp_evpn_get_rmac_nexthop(vpn, p, &attr, af_flags);
1895
1896 if (bgp_debug_zebra(NULL)) {
1897 char buf[ETHER_ADDR_STRLEN];
1898 char buf1[PREFIX_STRLEN];
1899
1900 zlog_debug("VRF %s vni %u type-2 route evp %s RMAC %s nexthop %s",
1901 vpn->bgp_vrf ?
1902 vrf_id_to_name(vpn->bgp_vrf->vrf_id) : " ",
1903 vpn->vni,
1904 prefix2str(p, buf1, sizeof(buf1)),
1905 prefix_mac2str(&attr.rmac, buf,
1906 sizeof(buf)),
1907 inet_ntoa(attr.mp_nexthop_global_in));
1908 }
1909 }
1910
1911 vni2label(vpn->vni, &(attr.label));
1912
1913 /* Include L3 VNI related RTs and RMAC for type-2 routes, if they're
1914 * IPv4 or IPv6 global addresses and we're advertising L3VNI with
1915 * these routes.
1916 */
1917 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE &&
1918 (is_evpn_prefix_ipaddr_v4(p) ||
1919 !IN6_IS_ADDR_LINKLOCAL(&p->prefix.macip_addr.ip.ipaddr_v6)) &&
1920 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
1921 bgpevpn_get_l3vni(vpn))
1922 add_l3_ecomm = 1;
1923
1924 /* Set up extended community. */
1925 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
1926
1927 /* First, create (or fetch) route node within the VNI. */
1928 /* NOTE: There is no RD here. */
1929 dest = bgp_node_get(vpn->route_table, (struct prefix *)p);
1930
1931 /* Create or update route entry. */
1932 route_change = update_evpn_route_entry(bgp, vpn, afi, safi, dest, &attr,
1933 1, &pi, flags, seq);
1934 assert(pi);
1935 attr_new = pi->attr;
1936
1937 /* lock ri to prevent freeing in evpn_route_select_install */
1938 bgp_path_info_lock(pi);
1939
1940 /* Perform route selection. Normally, the local route in the
1941 * VNI is expected to win and be the best route. However, if
1942 * there is a race condition where a host moved from local to
1943 * remote and the remote route was received in BGP just prior
1944 * to the local MACIP notification from zebra, the remote
1945 * route would win, and we should evict the defunct local route
1946 * and (re)install the remote route into zebra.
1947 */
1948 evpn_route_select_install(bgp, vpn, dest);
1949 /*
1950 * If the new local route was not selected evict it and tell zebra
1951 * to re-add the best remote dest. BGP doesn't retain non-best local
1952 * routes.
1953 */
1954 if (!CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)) {
1955 route_change = 0;
1956 evpn_cleanup_local_non_best_route(bgp, vpn, dest, pi);
1957 }
1958 bgp_path_info_unlock(pi);
1959
1960 bgp_dest_unlock_node(dest);
1961
1962 /* If this is a new route or some attribute has changed, export the
1963 * route to the global table. The route will be advertised to peers
1964 * from there. Note that this table is a 2-level tree (RD-level +
1965 * Prefix-level) similar to L3VPN routes.
1966 */
1967 if (route_change) {
1968 struct bgp_path_info *global_pi;
1969
1970 dest = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1971 (struct prefix *)p, &vpn->prd);
1972 update_evpn_route_entry(bgp, vpn, afi, safi, dest, attr_new, 1,
1973 &global_pi, flags, seq);
1974
1975 /* Schedule for processing and unlock node. */
1976 bgp_process(bgp, dest, afi, safi);
1977 bgp_dest_unlock_node(dest);
1978 }
1979
1980 /* Unintern temporary. */
1981 aspath_unintern(&attr.aspath);
1982
1983 return 0;
1984 }
1985
1986 /*
1987 * Delete EVPN route entry.
1988 * The entry can be in ESI/VNI table or the global table.
1989 */
1990 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
1991 struct bgp_dest *dest,
1992 struct bgp_path_info **pi)
1993 {
1994 struct bgp_path_info *tmp_pi;
1995
1996 *pi = NULL;
1997
1998 /* Now, find matching route. */
1999 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
2000 tmp_pi = tmp_pi->next)
2001 if (tmp_pi->peer == bgp->peer_self
2002 && tmp_pi->type == ZEBRA_ROUTE_BGP
2003 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
2004 break;
2005
2006 *pi = tmp_pi;
2007
2008 /* Mark route for delete. */
2009 if (tmp_pi)
2010 bgp_path_info_delete(dest, tmp_pi);
2011 }
2012
2013
2014
2015 /* Delete EVPN ES (type-4) route */
2016 static int delete_evpn_type4_route(struct bgp *bgp,
2017 struct evpnes *es,
2018 struct prefix_evpn *p)
2019 {
2020 afi_t afi = AFI_L2VPN;
2021 safi_t safi = SAFI_EVPN;
2022 struct bgp_path_info *pi;
2023 struct bgp_dest *dest = NULL; /* dest in esi table */
2024 struct bgp_dest *global_dest = NULL; /* dest in global table */
2025
2026 /* First, locate the route node within the ESI.
2027 * If it doesn't exist, ther is nothing to do.
2028 * Note: there is no RD here.
2029 */
2030 dest = bgp_node_lookup(es->route_table, (struct prefix *)p);
2031 if (!dest)
2032 return 0;
2033
2034 /* Next, locate route node in the global EVPN routing table.
2035 * Note that this table is a 2-level tree (RD-level + Prefix-level)
2036 */
2037 global_dest = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
2038 (struct prefix *)p, &es->prd);
2039 if (global_dest) {
2040
2041 /* Delete route entry in the global EVPN table. */
2042 delete_evpn_route_entry(bgp, afi, safi, global_dest, &pi);
2043
2044 /* Schedule for processing - withdraws to peers happen from
2045 * this table.
2046 */
2047 if (pi)
2048 bgp_process(bgp, global_dest, afi, safi);
2049 bgp_dest_unlock_node(global_dest);
2050 }
2051
2052 /*
2053 * Delete route entry in the ESI route table.
2054 * This can just be removed.
2055 */
2056 delete_evpn_route_entry(bgp, afi, safi, dest, &pi);
2057 if (pi)
2058 bgp_path_info_reap(dest, pi);
2059 bgp_dest_unlock_node(dest);
2060 return 0;
2061 }
2062
2063 /* Delete EVPN type5 route */
2064 static int delete_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp)
2065 {
2066 afi_t afi = AFI_L2VPN;
2067 safi_t safi = SAFI_EVPN;
2068 struct bgp_dest *dest = NULL;
2069 struct bgp_path_info *pi = NULL;
2070 struct bgp *bgp_evpn = NULL; /* evpn bgp instance */
2071
2072 bgp_evpn = bgp_get_evpn();
2073 if (!bgp_evpn)
2074 return 0;
2075
2076 /* locate the global route entry for this type-5 prefix */
2077 dest = bgp_afi_node_lookup(bgp_evpn->rib[afi][safi], afi, safi,
2078 (struct prefix *)evp, &bgp_vrf->vrf_prd);
2079 if (!dest)
2080 return 0;
2081
2082 delete_evpn_route_entry(bgp_evpn, afi, safi, dest, &pi);
2083 if (pi)
2084 bgp_process(bgp_evpn, dest, afi, safi);
2085 bgp_dest_unlock_node(dest);
2086 return 0;
2087 }
2088
2089 /*
2090 * Delete EVPN route (of type based on prefix) for specified VNI and
2091 * schedule for processing.
2092 */
2093 static int delete_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
2094 struct prefix_evpn *p)
2095 {
2096 struct bgp_dest *dest, *global_dest;
2097 struct bgp_path_info *pi;
2098 afi_t afi = AFI_L2VPN;
2099 safi_t safi = SAFI_EVPN;
2100
2101 /* First, locate the route node within the VNI. If it doesn't exist,
2102 * there
2103 * is nothing further to do.
2104 */
2105 /* NOTE: There is no RD here. */
2106 dest = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
2107 if (!dest)
2108 return 0;
2109
2110 /* Next, locate route node in the global EVPN routing table. Note that
2111 * this table is a 2-level tree (RD-level + Prefix-level) similar to
2112 * L3VPN routes.
2113 */
2114 global_dest = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
2115 (struct prefix *)p, &vpn->prd);
2116 if (global_dest) {
2117 /* Delete route entry in the global EVPN table. */
2118 delete_evpn_route_entry(bgp, afi, safi, global_dest, &pi);
2119
2120 /* Schedule for processing - withdraws to peers happen from
2121 * this table.
2122 */
2123 if (pi)
2124 bgp_process(bgp, global_dest, afi, safi);
2125 bgp_dest_unlock_node(global_dest);
2126 }
2127
2128 /* Delete route entry in the VNI route table. This can just be removed.
2129 */
2130 delete_evpn_route_entry(bgp, afi, safi, dest, &pi);
2131 if (pi) {
2132 bgp_path_info_reap(dest, pi);
2133 evpn_route_select_install(bgp, vpn, dest);
2134 }
2135 bgp_dest_unlock_node(dest);
2136
2137 return 0;
2138 }
2139
2140 /*
2141 * Update all type-2 (MACIP) local routes for this VNI - these should also
2142 * be scheduled for advertise to peers.
2143 */
2144 static int update_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2145 {
2146 afi_t afi;
2147 safi_t safi;
2148 struct bgp_dest *dest;
2149 struct bgp_path_info *pi, *tmp_pi;
2150 struct attr attr;
2151 struct attr *attr_new;
2152 uint32_t seq;
2153 int add_l3_ecomm = 0;
2154
2155 afi = AFI_L2VPN;
2156 safi = SAFI_EVPN;
2157
2158 /* Walk this VNI's route table and update local type-2 routes. For any
2159 * routes updated, update corresponding entry in the global table too.
2160 */
2161 for (dest = bgp_table_top(vpn->route_table); dest;
2162 dest = bgp_route_next(dest)) {
2163 const struct prefix_evpn *evp =
2164 (const struct prefix_evpn *)bgp_dest_get_prefix(dest);
2165 struct bgp_dest *rd_dest;
2166 struct bgp_path_info *global_pi;
2167
2168 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2169 continue;
2170
2171 /* Identify local route. */
2172 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
2173 tmp_pi = tmp_pi->next) {
2174 if (tmp_pi->peer == bgp->peer_self
2175 && tmp_pi->type == ZEBRA_ROUTE_BGP
2176 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
2177 break;
2178 }
2179
2180 if (!tmp_pi)
2181 continue;
2182
2183 /*
2184 * Build attribute per local route as the MAC mobility and
2185 * some other values could differ for different routes. The
2186 * attributes will be shared in the hash table.
2187 */
2188 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
2189 attr.nexthop = vpn->originator_ip;
2190 attr.mp_nexthop_global_in = vpn->originator_ip;
2191 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
2192 bgp_evpn_get_rmac_nexthop(vpn, evp, &attr,
2193 tmp_pi->extra->af_flags);
2194
2195 if (evpn_route_is_sticky(bgp, dest))
2196 attr.sticky = 1;
2197 else if (evpn_route_is_def_gw(bgp, dest)) {
2198 attr.default_gw = 1;
2199 if (is_evpn_prefix_ipaddr_v6(evp))
2200 attr.router_flag = 1;
2201 }
2202
2203 if (bgp_debug_zebra(NULL)) {
2204 char buf[ETHER_ADDR_STRLEN];
2205 char buf1[PREFIX_STRLEN];
2206
2207 zlog_debug("VRF %s vni %u evp %s RMAC %s nexthop %s",
2208 vpn->bgp_vrf ?
2209 vrf_id_to_name(vpn->bgp_vrf->vrf_id) : " ",
2210 vpn->vni,
2211 prefix2str(evp, buf1, sizeof(buf1)),
2212 prefix_mac2str(&attr.rmac, buf, sizeof(buf)),
2213 inet_ntoa(attr.mp_nexthop_global_in));
2214 }
2215
2216 /* Add L3 VNI RTs and RMAC for non IPv6 link-local if
2217 * using L3 VNI for type-2 routes also.
2218 */
2219 if ((is_evpn_prefix_ipaddr_v4(evp) ||
2220 !IN6_IS_ADDR_LINKLOCAL(
2221 &evp->prefix.macip_addr.ip.ipaddr_v6)) &&
2222 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
2223 bgpevpn_get_l3vni(vpn))
2224 add_l3_ecomm = 1;
2225
2226 /* Set up extended community. */
2227 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
2228
2229 seq = mac_mobility_seqnum(tmp_pi->attr);
2230
2231 /* Update the route entry. */
2232 update_evpn_route_entry(bgp, vpn, afi, safi, dest, &attr, 0,
2233 &pi, 0, seq);
2234
2235 /* lock ri to prevent freeing in evpn_route_select_install */
2236 bgp_path_info_lock(pi);
2237
2238 /* Perform route selection. Normally, the local route in the
2239 * VNI is expected to win and be the best route. However,
2240 * under peculiar situations (e.g., tunnel (next hop) IP change
2241 * that causes best selection to be based on next hop), a
2242 * remote route could win. If the local route is the best,
2243 * ensure it is updated in the global EVPN route table and
2244 * advertised to peers; otherwise, ensure it is evicted and
2245 * (re)install the remote route into zebra.
2246 */
2247 evpn_route_select_install(bgp, vpn, dest);
2248 if (!CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)) {
2249 evpn_cleanup_local_non_best_route(bgp, vpn, dest, pi);
2250 /* unlock pi */
2251 bgp_path_info_unlock(pi);
2252 } else {
2253 attr_new = pi->attr;
2254 /* unlock pi */
2255 bgp_path_info_unlock(pi);
2256
2257 /* Update route in global routing table. */
2258 rd_dest = bgp_afi_node_get(bgp->rib[afi][safi], afi,
2259 safi, (struct prefix *)evp,
2260 &vpn->prd);
2261 assert(rd_dest);
2262 update_evpn_route_entry(bgp, vpn, afi, safi, rd_dest,
2263 attr_new, 0, &global_pi, 0,
2264 mac_mobility_seqnum(attr_new));
2265
2266 /* Schedule for processing and unlock node. */
2267 bgp_process(bgp, rd_dest, afi, safi);
2268 bgp_dest_unlock_node(rd_dest);
2269 }
2270
2271 /* Unintern temporary. */
2272 aspath_unintern(&attr.aspath);
2273 }
2274
2275 return 0;
2276 }
2277
2278 /*
2279 * Delete all type-2 (MACIP) local routes for this VNI - only from the
2280 * global routing table. These are also scheduled for withdraw from peers.
2281 */
2282 static int delete_global_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2283 {
2284 afi_t afi;
2285 safi_t safi;
2286 struct bgp_dest *rddest, *dest;
2287 struct bgp_table *table;
2288 struct bgp_path_info *pi;
2289
2290 afi = AFI_L2VPN;
2291 safi = SAFI_EVPN;
2292
2293 rddest = bgp_node_lookup(bgp->rib[afi][safi],
2294 (struct prefix *)&vpn->prd);
2295 if (rddest && bgp_dest_has_bgp_path_info_data(rddest)) {
2296 table = bgp_dest_get_bgp_table_info(rddest);
2297 for (dest = bgp_table_top(table); dest;
2298 dest = bgp_route_next(dest)) {
2299 const struct prefix_evpn *evp =
2300 (const struct prefix_evpn *)bgp_dest_get_prefix(
2301 dest);
2302
2303 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2304 continue;
2305
2306 delete_evpn_route_entry(bgp, afi, safi, dest, &pi);
2307 if (pi)
2308 bgp_process(bgp, dest, afi, safi);
2309 }
2310 }
2311
2312 /* Unlock RD node. */
2313 if (rddest)
2314 bgp_dest_unlock_node(rddest);
2315
2316 return 0;
2317 }
2318
2319 /*
2320 * Delete all type-2 (MACIP) local routes for this VNI - from the global
2321 * table as well as the per-VNI route table.
2322 */
2323 static int delete_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2324 {
2325 afi_t afi;
2326 safi_t safi;
2327 struct bgp_dest *dest;
2328 struct bgp_path_info *pi;
2329
2330 afi = AFI_L2VPN;
2331 safi = SAFI_EVPN;
2332
2333 /* First, walk the global route table for this VNI's type-2 local
2334 * routes.
2335 * EVPN routes are a 2-level table, first get the RD table.
2336 */
2337 delete_global_type2_routes(bgp, vpn);
2338
2339 /* Next, walk this VNI's route table and delete local type-2 routes. */
2340 for (dest = bgp_table_top(vpn->route_table); dest;
2341 dest = bgp_route_next(dest)) {
2342 const struct prefix_evpn *evp =
2343 (const struct prefix_evpn *)bgp_dest_get_prefix(dest);
2344
2345 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2346 continue;
2347
2348 delete_evpn_route_entry(bgp, afi, safi, dest, &pi);
2349
2350 /* Route entry in local table gets deleted immediately. */
2351 if (pi)
2352 bgp_path_info_reap(dest, pi);
2353 }
2354
2355 return 0;
2356 }
2357
2358 /*
2359 * Delete all routes in per ES route-table
2360 */
2361 static int delete_all_es_routes(struct bgp *bgp, struct evpnes *es)
2362 {
2363 struct bgp_dest *dest;
2364 struct bgp_path_info *pi, *nextpi;
2365
2366 /* Walk this ES's route table and delete all routes. */
2367 for (dest = bgp_table_top(es->route_table); dest;
2368 dest = bgp_route_next(dest)) {
2369 for (pi = bgp_dest_get_bgp_path_info(dest);
2370 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
2371 bgp_path_info_delete(dest, pi);
2372 bgp_path_info_reap(dest, pi);
2373 }
2374 }
2375
2376 return 0;
2377 }
2378
2379 /*
2380 * Delete all routes in the per-VNI route table.
2381 */
2382 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
2383 {
2384 struct bgp_dest *dest;
2385 struct bgp_path_info *pi, *nextpi;
2386
2387 /* Walk this VNI's route table and delete all routes. */
2388 for (dest = bgp_table_top(vpn->route_table); dest;
2389 dest = bgp_route_next(dest)) {
2390 for (pi = bgp_dest_get_bgp_path_info(dest);
2391 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
2392 bgp_path_info_delete(dest, pi);
2393 bgp_path_info_reap(dest, pi);
2394 }
2395 }
2396
2397 return 0;
2398 }
2399
2400 /* BUM traffic flood mode per-l2-vni */
2401 static int bgp_evpn_vni_flood_mode_get(struct bgp *bgp,
2402 struct bgpevpn *vpn)
2403 {
2404 /* if flooding has been globally disabled per-vni mode is
2405 * not relevant
2406 */
2407 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_DISABLED)
2408 return VXLAN_FLOOD_DISABLED;
2409
2410 /* if mcast group ip has been specified we use a PIM-SM MDT */
2411 if (vpn->mcast_grp.s_addr != INADDR_ANY)
2412 return VXLAN_FLOOD_PIM_SM;
2413
2414 /* default is ingress replication */
2415 return VXLAN_FLOOD_HEAD_END_REPL;
2416 }
2417
2418 /*
2419 * Update (and advertise) local routes for a VNI. Invoked upon the VNI
2420 * export RT getting modified or change to tunnel IP. Note that these
2421 * situations need the route in the per-VNI table as well as the global
2422 * table to be updated (as attributes change).
2423 */
2424 int update_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2425 {
2426 int ret;
2427 struct prefix_evpn p;
2428
2429 /* Update and advertise the type-3 route (only one) followed by the
2430 * locally learnt type-2 routes (MACIP) - for this VNI.
2431 *
2432 * RT-3 only if doing head-end replication
2433 */
2434 if (bgp_evpn_vni_flood_mode_get(bgp, vpn)
2435 == VXLAN_FLOOD_HEAD_END_REPL) {
2436 build_evpn_type3_prefix(&p, vpn->originator_ip);
2437 ret = update_evpn_route(bgp, vpn, &p, 0, 0);
2438 if (ret)
2439 return ret;
2440 }
2441
2442 return update_all_type2_routes(bgp, vpn);
2443 }
2444
2445 /* Delete (and withdraw) local routes for specified ES from global and ES table.
2446 * Also remove all other routes from the per ES table.
2447 * Invoked when ES is deleted.
2448 */
2449 static int delete_routes_for_es(struct bgp *bgp, struct evpnes *es)
2450 {
2451 int ret;
2452 char buf[ESI_STR_LEN];
2453 struct prefix_evpn p;
2454
2455 /* Delete and withdraw locally learnt ES route */
2456 build_evpn_type4_prefix(&p, &es->esi, es->originator_ip.ipaddr_v4);
2457 ret = delete_evpn_type4_route(bgp, es, &p);
2458 if (ret) {
2459 flog_err(EC_BGP_EVPN_ROUTE_DELETE,
2460 "%u failed to delete type-4 route for ESI %s",
2461 bgp->vrf_id, esi_to_str(&es->esi, buf, sizeof(buf)));
2462 }
2463
2464 /* Delete all routes from per ES table */
2465 return delete_all_es_routes(bgp, es);
2466 }
2467
2468 /*
2469 * Delete (and withdraw) local routes for specified VNI from the global
2470 * table and per-VNI table. After this, remove all other routes from
2471 * the per-VNI table. Invoked upon the VNI being deleted or EVPN
2472 * (advertise-all-vni) being disabled.
2473 */
2474 static int delete_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2475 {
2476 int ret;
2477 struct prefix_evpn p;
2478
2479 /* Delete and withdraw locally learnt type-2 routes (MACIP)
2480 * followed by type-3 routes (only one) - for this VNI.
2481 */
2482 ret = delete_all_type2_routes(bgp, vpn);
2483 if (ret)
2484 return ret;
2485
2486 build_evpn_type3_prefix(&p, vpn->originator_ip);
2487 ret = delete_evpn_route(bgp, vpn, &p);
2488 if (ret)
2489 return ret;
2490
2491 /* Delete all routes from the per-VNI table. */
2492 return delete_all_vni_routes(bgp, vpn);
2493 }
2494
2495 /*
2496 * There is a flood mcast IP address change. Update the mcast-grp and
2497 * remove the type-3 route if any. A new type-3 route will be generated
2498 * post tunnel_ip update if the new flood mode is head-end-replication.
2499 */
2500 static int bgp_evpn_mcast_grp_change(struct bgp *bgp, struct bgpevpn *vpn,
2501 struct in_addr mcast_grp)
2502 {
2503 struct prefix_evpn p;
2504
2505 vpn->mcast_grp = mcast_grp;
2506
2507 if (is_vni_live(vpn)) {
2508 build_evpn_type3_prefix(&p, vpn->originator_ip);
2509 delete_evpn_route(bgp, vpn, &p);
2510 }
2511
2512 return 0;
2513 }
2514
2515 /*
2516 * There is a tunnel endpoint IP address change for this VNI, delete
2517 * prior type-3 route (if needed) and update.
2518 * Note: Route re-advertisement happens elsewhere after other processing
2519 * other changes.
2520 */
2521 static int handle_tunnel_ip_change(struct bgp *bgp, struct bgpevpn *vpn,
2522 struct in_addr originator_ip)
2523 {
2524 struct prefix_evpn p;
2525
2526 /* If VNI is not live, we only need to update the originator ip */
2527 if (!is_vni_live(vpn)) {
2528 vpn->originator_ip = originator_ip;
2529 return 0;
2530 }
2531
2532 /* Update the tunnel-ip hash */
2533 bgp_tip_del(bgp, &vpn->originator_ip);
2534 bgp_tip_add(bgp, &originator_ip);
2535
2536 /* filter routes as martian nexthop db has changed */
2537 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
2538
2539 /* Need to withdraw type-3 route as the originator IP is part
2540 * of the key.
2541 */
2542 build_evpn_type3_prefix(&p, vpn->originator_ip);
2543 delete_evpn_route(bgp, vpn, &p);
2544
2545 /* Update the tunnel IP and re-advertise all routes for this VNI. */
2546 vpn->originator_ip = originator_ip;
2547 return 0;
2548 }
2549
2550 static struct bgp_path_info *
2551 bgp_create_evpn_bgp_path_info(struct bgp_path_info *parent_pi,
2552 struct bgp_dest *dest, struct attr *attr)
2553 {
2554 struct attr *attr_new;
2555 struct bgp_path_info *pi;
2556
2557 /* Add (or update) attribute to hash. */
2558 attr_new = bgp_attr_intern(attr);
2559
2560 /* Create new route with its attribute. */
2561 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0, parent_pi->peer,
2562 attr_new, dest);
2563 SET_FLAG(pi->flags, BGP_PATH_VALID);
2564 bgp_path_info_extra_get(pi);
2565 pi->extra->parent = bgp_path_info_lock(parent_pi);
2566 bgp_dest_lock_node((struct bgp_dest *)parent_pi->net);
2567 if (parent_pi->extra) {
2568 memcpy(&pi->extra->label, &parent_pi->extra->label,
2569 sizeof(pi->extra->label));
2570 pi->extra->num_labels = parent_pi->extra->num_labels;
2571 }
2572 bgp_path_info_add(dest, pi);
2573
2574 return pi;
2575 }
2576
2577 /* Install EVPN route entry in ES */
2578 static int install_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2579 const struct prefix_evpn *p,
2580 struct bgp_path_info *parent_pi)
2581 {
2582 int ret = 0;
2583 struct bgp_dest *dest = NULL;
2584 struct bgp_path_info *pi = NULL;
2585 struct attr *attr_new = NULL;
2586
2587 /* Create (or fetch) route within the VNI.
2588 * NOTE: There is no RD here.
2589 */
2590 dest = bgp_node_get(es->route_table, (struct prefix *)p);
2591
2592 /* Check if route entry is already present. */
2593 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
2594 if (pi->extra
2595 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2596 break;
2597
2598 if (!pi) {
2599 /* Add (or update) attribute to hash. */
2600 attr_new = bgp_attr_intern(parent_pi->attr);
2601
2602 /* Create new route with its attribute. */
2603 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2604 parent_pi->peer, attr_new, dest);
2605 SET_FLAG(pi->flags, BGP_PATH_VALID);
2606 bgp_path_info_extra_get(pi);
2607 pi->extra->parent = bgp_path_info_lock(parent_pi);
2608 bgp_dest_lock_node((struct bgp_dest *)parent_pi->net);
2609 bgp_path_info_add(dest, pi);
2610 } else {
2611 if (attrhash_cmp(pi->attr, parent_pi->attr)
2612 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2613 bgp_dest_unlock_node(dest);
2614 return 0;
2615 }
2616 /* The attribute has changed. */
2617 /* Add (or update) attribute to hash. */
2618 attr_new = bgp_attr_intern(parent_pi->attr);
2619
2620 /* Restore route, if needed. */
2621 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2622 bgp_path_info_restore(dest, pi);
2623
2624 /* Mark if nexthop has changed. */
2625 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2626 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2627
2628 /* Unintern existing, set to new. */
2629 bgp_attr_unintern(&pi->attr);
2630 pi->attr = attr_new;
2631 pi->uptime = bgp_clock();
2632 }
2633
2634 /* Perform route selection and update zebra, if required. */
2635 ret = evpn_es_route_select_install(bgp, es, dest);
2636 return ret;
2637 }
2638
2639 /*
2640 * Install route entry into the VRF routing table and invoke route selection.
2641 */
2642 static int install_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2643 const struct prefix_evpn *evp,
2644 struct bgp_path_info *parent_pi)
2645 {
2646 struct bgp_dest *dest;
2647 struct bgp_path_info *pi;
2648 struct attr attr;
2649 struct attr *attr_new;
2650 int ret = 0;
2651 struct prefix p;
2652 struct prefix *pp = &p;
2653 afi_t afi = 0;
2654 safi_t safi = 0;
2655 char buf[PREFIX_STRLEN];
2656 bool new_pi = false;
2657
2658 memset(pp, 0, sizeof(struct prefix));
2659 ip_prefix_from_evpn_prefix(evp, pp);
2660
2661 if (bgp_debug_zebra(NULL)) {
2662 zlog_debug(
2663 "vrf %s: import evpn prefix %s parent %p flags 0x%x",
2664 vrf_id_to_name(bgp_vrf->vrf_id),
2665 prefix2str(evp, buf, sizeof(buf)),
2666 parent_pi, parent_pi->flags);
2667 }
2668
2669 /* Create (or fetch) route within the VRF. */
2670 /* NOTE: There is no RD here. */
2671 if (is_evpn_prefix_ipaddr_v4(evp)) {
2672 afi = AFI_IP;
2673 safi = SAFI_UNICAST;
2674 dest = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2675 } else if (is_evpn_prefix_ipaddr_v6(evp)) {
2676 afi = AFI_IP6;
2677 safi = SAFI_UNICAST;
2678 dest = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2679 } else
2680 return 0;
2681
2682 /* EVPN routes currently only support a IPv4 next hop which corresponds
2683 * to the remote VTEP. When importing into a VRF, if it is IPv6 host
2684 * or prefix route, we have to convert the next hop to an IPv4-mapped
2685 * address for the rest of the code to flow through. In the case of IPv4,
2686 * make sure to set the flag for next hop attribute.
2687 */
2688 attr = *parent_pi->attr;
2689 if (afi == AFI_IP6)
2690 evpn_convert_nexthop_to_ipv6(&attr);
2691 else
2692 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
2693
2694 /* Check if route entry is already present. */
2695 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
2696 if (pi->extra
2697 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2698 break;
2699
2700 if (!pi) {
2701 pi = bgp_create_evpn_bgp_path_info(parent_pi, dest, &attr);
2702 new_pi = true;
2703 } else {
2704 if (attrhash_cmp(pi->attr, &attr)
2705 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2706 bgp_dest_unlock_node(dest);
2707 return 0;
2708 }
2709 /* The attribute has changed. */
2710 /* Add (or update) attribute to hash. */
2711 attr_new = bgp_attr_intern(&attr);
2712
2713 /* Restore route, if needed. */
2714 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2715 bgp_path_info_restore(dest, pi);
2716
2717 /* Mark if nexthop has changed. */
2718 if ((afi == AFI_IP
2719 && !IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2720 || (afi == AFI_IP6
2721 && !IPV6_ADDR_SAME(&pi->attr->mp_nexthop_global,
2722 &attr_new->mp_nexthop_global)))
2723 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2724
2725 bgp_path_info_set_flag(dest, pi, BGP_PATH_ATTR_CHANGED);
2726 /* Unintern existing, set to new. */
2727 bgp_attr_unintern(&pi->attr);
2728 pi->attr = attr_new;
2729 pi->uptime = bgp_clock();
2730 }
2731 /* as it is an importation, change nexthop */
2732 bgp_path_info_set_flag(dest, pi, BGP_PATH_ANNC_NH_SELF);
2733
2734 bgp_aggregate_increment(bgp_vrf, bgp_dest_get_prefix(dest), pi, afi,
2735 safi);
2736
2737 /* Perform route selection and update zebra, if required. */
2738 bgp_process(bgp_vrf, dest, afi, safi);
2739
2740 /* Process for route leaking. */
2741 vpn_leak_from_vrf_update(bgp_get_default(), bgp_vrf, pi);
2742
2743 bgp_dest_unlock_node(dest);
2744
2745 if (bgp_debug_zebra(NULL))
2746 zlog_debug(
2747 "... %s pi dest %p (l %d) pi %p (l %d, f 0x%x)",
2748 new_pi ? "new" : "update",
2749 dest, bgp_dest_to_rnode(dest)->lock,
2750 pi, pi->lock, pi->flags);
2751
2752 return ret;
2753 }
2754
2755 /*
2756 * Install route entry into the VNI routing table and invoke route selection.
2757 */
2758 static int install_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2759 const struct prefix_evpn *p,
2760 struct bgp_path_info *parent_pi)
2761 {
2762 struct bgp_dest *dest;
2763 struct bgp_path_info *pi;
2764 struct attr *attr_new;
2765 int ret;
2766
2767 /* Create (or fetch) route within the VNI. */
2768 /* NOTE: There is no RD here. */
2769 dest = bgp_node_get(vpn->route_table, (struct prefix *)p);
2770
2771 /* Check if route entry is already present. */
2772 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
2773 if (pi->extra
2774 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2775 break;
2776
2777 if (!pi) {
2778 /* Create an info */
2779 (void)bgp_create_evpn_bgp_path_info(parent_pi, dest,
2780 parent_pi->attr);
2781 } else {
2782 if (attrhash_cmp(pi->attr, parent_pi->attr)
2783 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2784 bgp_dest_unlock_node(dest);
2785 return 0;
2786 }
2787 /* The attribute has changed. */
2788 /* Add (or update) attribute to hash. */
2789 attr_new = bgp_attr_intern(parent_pi->attr);
2790
2791 /* Restore route, if needed. */
2792 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2793 bgp_path_info_restore(dest, pi);
2794
2795 /* Mark if nexthop has changed. */
2796 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2797 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2798
2799 /* Unintern existing, set to new. */
2800 bgp_attr_unintern(&pi->attr);
2801 pi->attr = attr_new;
2802 pi->uptime = bgp_clock();
2803 }
2804
2805 /* Perform route selection and update zebra, if required. */
2806 ret = evpn_route_select_install(bgp, vpn, dest);
2807
2808 bgp_dest_unlock_node(dest);
2809
2810 return ret;
2811 }
2812
2813 /* Uninstall EVPN route entry from ES route table */
2814 static int uninstall_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2815 const struct prefix_evpn *p,
2816 struct bgp_path_info *parent_pi)
2817 {
2818 int ret;
2819 struct bgp_dest *dest;
2820 struct bgp_path_info *pi;
2821
2822 if (!es->route_table)
2823 return 0;
2824
2825 /* Locate route within the ESI.
2826 * NOTE: There is no RD here.
2827 */
2828 dest = bgp_node_lookup(es->route_table, (struct prefix *)p);
2829 if (!dest)
2830 return 0;
2831
2832 /* Find matching route entry. */
2833 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
2834 if (pi->extra
2835 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2836 break;
2837
2838 if (!pi)
2839 return 0;
2840
2841 /* Mark entry for deletion */
2842 bgp_path_info_delete(dest, pi);
2843
2844 /* Perform route selection and update zebra, if required. */
2845 ret = evpn_es_route_select_install(bgp, es, dest);
2846
2847 /* Unlock route node. */
2848 bgp_dest_unlock_node(dest);
2849
2850 return ret;
2851 }
2852
2853 /*
2854 * Uninstall route entry from the VRF routing table and send message
2855 * to zebra, if appropriate.
2856 */
2857 static int uninstall_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2858 const struct prefix_evpn *evp,
2859 struct bgp_path_info *parent_pi)
2860 {
2861 struct bgp_dest *dest;
2862 struct bgp_path_info *pi;
2863 int ret = 0;
2864 struct prefix p;
2865 struct prefix *pp = &p;
2866 afi_t afi = 0;
2867 safi_t safi = 0;
2868 char buf[PREFIX_STRLEN];
2869
2870 memset(pp, 0, sizeof(struct prefix));
2871 ip_prefix_from_evpn_prefix(evp, pp);
2872
2873 if (bgp_debug_zebra(NULL)) {
2874 zlog_debug(
2875 "vrf %s: unimport evpn prefix %s parent %p flags 0x%x",
2876 vrf_id_to_name(bgp_vrf->vrf_id),
2877 prefix2str(evp, buf, sizeof(buf)),
2878 parent_pi, parent_pi->flags);
2879 }
2880
2881 /* Locate route within the VRF. */
2882 /* NOTE: There is no RD here. */
2883 if (is_evpn_prefix_ipaddr_v4(evp)) {
2884 afi = AFI_IP;
2885 safi = SAFI_UNICAST;
2886 dest = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2887 } else {
2888 afi = AFI_IP6;
2889 safi = SAFI_UNICAST;
2890 dest = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2891 }
2892
2893 if (!dest)
2894 return 0;
2895
2896 /* Find matching route entry. */
2897 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
2898 if (pi->extra
2899 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2900 break;
2901
2902 if (!pi)
2903 return 0;
2904
2905 if (bgp_debug_zebra(NULL))
2906 zlog_debug(
2907 "... delete dest %p (l %d) pi %p (l %d, f 0x%x)",
2908 dest, bgp_dest_to_rnode(dest)->lock,
2909 pi, pi->lock, pi->flags);
2910
2911 /* Process for route leaking. */
2912 vpn_leak_from_vrf_withdraw(bgp_get_default(), bgp_vrf, pi);
2913
2914 bgp_aggregate_decrement(bgp_vrf, bgp_dest_get_prefix(dest), pi, afi,
2915 safi);
2916
2917 /* Mark entry for deletion */
2918 bgp_path_info_delete(dest, pi);
2919
2920 /* Perform route selection and update zebra, if required. */
2921 bgp_process(bgp_vrf, dest, afi, safi);
2922
2923 /* Unlock route node. */
2924 bgp_dest_unlock_node(dest);
2925
2926 return ret;
2927 }
2928
2929 /*
2930 * Uninstall route entry from the VNI routing table and send message
2931 * to zebra, if appropriate.
2932 */
2933 static int uninstall_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2934 const struct prefix_evpn *p,
2935 struct bgp_path_info *parent_pi)
2936 {
2937 struct bgp_dest *dest;
2938 struct bgp_path_info *pi;
2939 int ret;
2940
2941 /* Locate route within the VNI. */
2942 /* NOTE: There is no RD here. */
2943 dest = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
2944 if (!dest)
2945 return 0;
2946
2947 /* Find matching route entry. */
2948 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
2949 if (pi->extra
2950 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2951 break;
2952
2953 if (!pi)
2954 return 0;
2955
2956 /* Mark entry for deletion */
2957 bgp_path_info_delete(dest, pi);
2958
2959 /* Perform route selection and update zebra, if required. */
2960 ret = evpn_route_select_install(bgp, vpn, dest);
2961
2962 /* Unlock route node. */
2963 bgp_dest_unlock_node(dest);
2964
2965 return ret;
2966 }
2967
2968 /*
2969 * Given a prefix, see if it belongs to ES.
2970 */
2971 static int is_prefix_matching_for_es(const struct prefix_evpn *p,
2972 struct evpnes *es)
2973 {
2974 /* if not an ES route return false */
2975 if (p->prefix.route_type != BGP_EVPN_ES_ROUTE)
2976 return 0;
2977
2978 if (memcmp(&p->prefix.es_addr.esi, &es->esi, sizeof(esi_t)) == 0)
2979 return 1;
2980
2981 return 0;
2982 }
2983
2984 /*
2985 * Given a route entry and a VRF, see if this route entry should be
2986 * imported into the VRF i.e., RTs match.
2987 */
2988 static int is_route_matching_for_vrf(struct bgp *bgp_vrf,
2989 struct bgp_path_info *pi)
2990 {
2991 struct attr *attr = pi->attr;
2992 struct ecommunity *ecom;
2993 int i;
2994
2995 assert(attr);
2996 /* Route should have valid RT to be even considered. */
2997 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2998 return 0;
2999
3000 ecom = attr->ecommunity;
3001 if (!ecom || !ecom->size)
3002 return 0;
3003
3004 /* For each extended community RT, see if it matches this VNI. If any RT
3005 * matches, we're done.
3006 */
3007 for (i = 0; i < ecom->size; i++) {
3008 uint8_t *pnt;
3009 uint8_t type, sub_type;
3010 struct ecommunity_val *eval;
3011 struct ecommunity_val eval_tmp;
3012 struct vrf_irt_node *irt;
3013
3014 /* Only deal with RTs */
3015 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3016 eval = (struct ecommunity_val *)(ecom->val
3017 + (i * ECOMMUNITY_SIZE));
3018 type = *pnt++;
3019 sub_type = *pnt++;
3020 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3021 continue;
3022
3023 /* See if this RT matches specified VNIs import RTs */
3024 irt = lookup_vrf_import_rt(eval);
3025 if (irt)
3026 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
3027 return 1;
3028
3029 /* Also check for non-exact match. In this, we mask out the AS
3030 * and
3031 * only check on the local-admin sub-field. This is to
3032 * facilitate using
3033 * VNI as the RT for EBGP peering too.
3034 */
3035 irt = NULL;
3036 if (type == ECOMMUNITY_ENCODE_AS
3037 || type == ECOMMUNITY_ENCODE_AS4
3038 || type == ECOMMUNITY_ENCODE_IP) {
3039 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3040 mask_ecom_global_admin(&eval_tmp, eval);
3041 irt = lookup_vrf_import_rt(&eval_tmp);
3042 }
3043 if (irt)
3044 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
3045 return 1;
3046 }
3047
3048 return 0;
3049 }
3050
3051 /*
3052 * Given a route entry and a VNI, see if this route entry should be
3053 * imported into the VNI i.e., RTs match.
3054 */
3055 static int is_route_matching_for_vni(struct bgp *bgp, struct bgpevpn *vpn,
3056 struct bgp_path_info *pi)
3057 {
3058 struct attr *attr = pi->attr;
3059 struct ecommunity *ecom;
3060 int i;
3061
3062 assert(attr);
3063 /* Route should have valid RT to be even considered. */
3064 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
3065 return 0;
3066
3067 ecom = attr->ecommunity;
3068 if (!ecom || !ecom->size)
3069 return 0;
3070
3071 /* For each extended community RT, see if it matches this VNI. If any RT
3072 * matches, we're done.
3073 */
3074 for (i = 0; i < ecom->size; i++) {
3075 uint8_t *pnt;
3076 uint8_t type, sub_type;
3077 struct ecommunity_val *eval;
3078 struct ecommunity_val eval_tmp;
3079 struct irt_node *irt;
3080
3081 /* Only deal with RTs */
3082 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3083 eval = (struct ecommunity_val *)(ecom->val
3084 + (i * ECOMMUNITY_SIZE));
3085 type = *pnt++;
3086 sub_type = *pnt++;
3087 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3088 continue;
3089
3090 /* See if this RT matches specified VNIs import RTs */
3091 irt = lookup_import_rt(bgp, eval);
3092 if (irt)
3093 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
3094 return 1;
3095
3096 /* Also check for non-exact match. In this, we mask out the AS
3097 * and
3098 * only check on the local-admin sub-field. This is to
3099 * facilitate using
3100 * VNI as the RT for EBGP peering too.
3101 */
3102 irt = NULL;
3103 if (type == ECOMMUNITY_ENCODE_AS
3104 || type == ECOMMUNITY_ENCODE_AS4
3105 || type == ECOMMUNITY_ENCODE_IP) {
3106 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3107 mask_ecom_global_admin(&eval_tmp, eval);
3108 irt = lookup_import_rt(bgp, &eval_tmp);
3109 }
3110 if (irt)
3111 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
3112 return 1;
3113 }
3114
3115 return 0;
3116 }
3117
3118 static int install_uninstall_routes_for_es(struct bgp *bgp,
3119 struct evpnes *es,
3120 int install)
3121 {
3122 int ret;
3123 afi_t afi;
3124 safi_t safi;
3125 char buf[PREFIX_STRLEN];
3126 char buf1[ESI_STR_LEN];
3127 struct bgp_dest *rd_dest, *dest;
3128 struct bgp_table *table;
3129 struct bgp_path_info *pi;
3130
3131 afi = AFI_L2VPN;
3132 safi = SAFI_EVPN;
3133
3134 /*
3135 * Walk entire global routing table and evaluate routes which could be
3136 * imported into this VRF. Note that we need to loop through all global
3137 * routes to determine which route matches the import rt on vrf
3138 */
3139 for (rd_dest = bgp_table_top(bgp->rib[afi][safi]); rd_dest;
3140 rd_dest = bgp_route_next(rd_dest)) {
3141 table = bgp_dest_get_bgp_table_info(rd_dest);
3142 if (!table)
3143 continue;
3144
3145 for (dest = bgp_table_top(table); dest;
3146 dest = bgp_route_next(dest)) {
3147 const struct prefix_evpn *evp =
3148 (const struct prefix_evpn *)bgp_dest_get_prefix(
3149 dest);
3150
3151 for (pi = bgp_dest_get_bgp_path_info(dest); pi;
3152 pi = pi->next) {
3153 /*
3154 * Consider "valid" remote routes applicable for
3155 * this ES.
3156 */
3157 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3158 && pi->type == ZEBRA_ROUTE_BGP
3159 && pi->sub_type == BGP_ROUTE_NORMAL))
3160 continue;
3161
3162 if (!is_prefix_matching_for_es(evp, es))
3163 continue;
3164
3165 if (install)
3166 ret = install_evpn_route_entry_in_es(
3167 bgp, es, evp, pi);
3168 else
3169 ret = uninstall_evpn_route_entry_in_es(
3170 bgp, es, evp, pi);
3171
3172 if (ret) {
3173 flog_err(
3174 EC_BGP_EVPN_FAIL,
3175 "Failed to %s EVPN %s route in ESI %s",
3176 install ? "install"
3177 : "uninstall",
3178 prefix2str(evp, buf,
3179 sizeof(buf)),
3180 esi_to_str(&es->esi, buf1,
3181 sizeof(buf1)));
3182 return ret;
3183 }
3184 }
3185 }
3186 }
3187 return 0;
3188 }
3189
3190 /* This API will scan evpn routes for checking attribute's rmac
3191 * macthes with bgp instance router mac. It avoid installing
3192 * route into bgp vrf table and remote rmac in bridge table.
3193 */
3194 static int bgp_evpn_route_rmac_self_check(struct bgp *bgp_vrf,
3195 const struct prefix_evpn *evp,
3196 struct bgp_path_info *pi)
3197 {
3198 /* evpn route could have learnt prior to L3vni has come up,
3199 * perform rmac check before installing route and
3200 * remote router mac.
3201 * The route will be removed from global bgp table once
3202 * SVI comes up with MAC and stored in hash, triggers
3203 * bgp_mac_rescan_all_evpn_tables.
3204 */
3205 if (memcmp(&bgp_vrf->rmac, &pi->attr->rmac, ETH_ALEN) == 0) {
3206 if (bgp_debug_update(pi->peer, NULL, NULL, 1)) {
3207 char buf1[PREFIX_STRLEN];
3208 char attr_str[BUFSIZ] = {0};
3209
3210 bgp_dump_attr(pi->attr, attr_str, BUFSIZ);
3211
3212 zlog_debug("%s: bgp %u prefix %s with attr %s - DENIED due to self mac",
3213 __func__, bgp_vrf->vrf_id,
3214 prefix2str(evp, buf1, sizeof(buf1)),
3215 attr_str);
3216 }
3217
3218 return 1;
3219 }
3220
3221 return 0;
3222 }
3223
3224 /*
3225 * Install or uninstall mac-ip routes are appropriate for this
3226 * particular VRF.
3227 */
3228 static int install_uninstall_routes_for_vrf(struct bgp *bgp_vrf, int install)
3229 {
3230 afi_t afi;
3231 safi_t safi;
3232 struct bgp_dest *rd_dest, *dest;
3233 struct bgp_table *table;
3234 struct bgp_path_info *pi;
3235 int ret;
3236 char buf[PREFIX_STRLEN];
3237 struct bgp *bgp_evpn = NULL;
3238
3239 afi = AFI_L2VPN;
3240 safi = SAFI_EVPN;
3241 bgp_evpn = bgp_get_evpn();
3242 if (!bgp_evpn)
3243 return -1;
3244
3245 /* Walk entire global routing table and evaluate routes which could be
3246 * imported into this VRF. Note that we need to loop through all global
3247 * routes to determine which route matches the import rt on vrf
3248 */
3249 for (rd_dest = bgp_table_top(bgp_evpn->rib[afi][safi]); rd_dest;
3250 rd_dest = bgp_route_next(rd_dest)) {
3251 table = bgp_dest_get_bgp_table_info(rd_dest);
3252 if (!table)
3253 continue;
3254
3255 for (dest = bgp_table_top(table); dest;
3256 dest = bgp_route_next(dest)) {
3257 const struct prefix_evpn *evp =
3258 (const struct prefix_evpn *)bgp_dest_get_prefix(
3259 dest);
3260
3261 /* if not mac-ip route skip this route */
3262 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3263 || evp->prefix.route_type
3264 == BGP_EVPN_IP_PREFIX_ROUTE))
3265 continue;
3266
3267 /* if not a mac+ip route skip this route */
3268 if (!(is_evpn_prefix_ipaddr_v4(evp)
3269 || is_evpn_prefix_ipaddr_v6(evp)))
3270 continue;
3271
3272 for (pi = bgp_dest_get_bgp_path_info(dest); pi;
3273 pi = pi->next) {
3274 /* Consider "valid" remote routes applicable for
3275 * this VRF.
3276 */
3277 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3278 && pi->type == ZEBRA_ROUTE_BGP
3279 && pi->sub_type == BGP_ROUTE_NORMAL))
3280 continue;
3281
3282 if (is_route_matching_for_vrf(bgp_vrf, pi)) {
3283 if (bgp_evpn_route_rmac_self_check(
3284 bgp_vrf, evp, pi))
3285 continue;
3286
3287 if (install)
3288 ret = install_evpn_route_entry_in_vrf(
3289 bgp_vrf, evp, pi);
3290 else
3291 ret = uninstall_evpn_route_entry_in_vrf(
3292 bgp_vrf, evp, pi);
3293
3294 if (ret) {
3295 flog_err(
3296 EC_BGP_EVPN_FAIL,
3297 "Failed to %s EVPN %s route in VRF %s",
3298 install ? "install"
3299 : "uninstall",
3300 prefix2str(evp, buf,
3301 sizeof(buf)),
3302 vrf_id_to_name(
3303 bgp_vrf->vrf_id));
3304 return ret;
3305 }
3306 }
3307 }
3308 }
3309 }
3310
3311 return 0;
3312 }
3313
3314 /*
3315 * Install or uninstall routes of specified type that are appropriate for this
3316 * particular VNI.
3317 */
3318 static int install_uninstall_routes_for_vni(struct bgp *bgp,
3319 struct bgpevpn *vpn,
3320 bgp_evpn_route_type rtype,
3321 int install)
3322 {
3323 afi_t afi;
3324 safi_t safi;
3325 struct bgp_dest *rd_dest, *dest;
3326 struct bgp_table *table;
3327 struct bgp_path_info *pi;
3328 int ret;
3329
3330 afi = AFI_L2VPN;
3331 safi = SAFI_EVPN;
3332
3333 /* Walk entire global routing table and evaluate routes which could be
3334 * imported into this VPN. Note that we cannot just look at the routes
3335 * for
3336 * the VNI's RD - remote routes applicable for this VNI could have any
3337 * RD.
3338 */
3339 /* EVPN routes are a 2-level table. */
3340 for (rd_dest = bgp_table_top(bgp->rib[afi][safi]); rd_dest;
3341 rd_dest = bgp_route_next(rd_dest)) {
3342 table = bgp_dest_get_bgp_table_info(rd_dest);
3343 if (!table)
3344 continue;
3345
3346 for (dest = bgp_table_top(table); dest;
3347 dest = bgp_route_next(dest)) {
3348 const struct prefix_evpn *evp =
3349 (const struct prefix_evpn *)bgp_dest_get_prefix(
3350 dest);
3351
3352 if (evp->prefix.route_type != rtype)
3353 continue;
3354
3355 for (pi = bgp_dest_get_bgp_path_info(dest); pi;
3356 pi = pi->next) {
3357 /* Consider "valid" remote routes applicable for
3358 * this VNI. */
3359 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3360 && pi->type == ZEBRA_ROUTE_BGP
3361 && pi->sub_type == BGP_ROUTE_NORMAL))
3362 continue;
3363
3364 if (is_route_matching_for_vni(bgp, vpn, pi)) {
3365 if (install)
3366 ret = install_evpn_route_entry(
3367 bgp, vpn, evp, pi);
3368 else
3369 ret = uninstall_evpn_route_entry(
3370 bgp, vpn, evp, pi);
3371
3372 if (ret) {
3373 flog_err(
3374 EC_BGP_EVPN_FAIL,
3375 "%u: Failed to %s EVPN %s route in VNI %u",
3376 bgp->vrf_id,
3377 install ? "install"
3378 : "uninstall",
3379 rtype == BGP_EVPN_MAC_IP_ROUTE
3380 ? "MACIP"
3381 : "IMET",
3382 vpn->vni);
3383 return ret;
3384 }
3385 }
3386 }
3387 }
3388 }
3389
3390 return 0;
3391 }
3392
3393 /* Install any existing remote ES routes applicable for this ES into its routing
3394 * table. This is invoked when ES comes up.
3395 */
3396 static int install_routes_for_es(struct bgp *bgp, struct evpnes *es)
3397 {
3398 return install_uninstall_routes_for_es(bgp, es, 1);
3399 }
3400
3401
3402 /* Install any existing remote routes applicable for this VRF into VRF RIB. This
3403 * is invoked upon l3vni-add or l3vni import rt change
3404 */
3405 static int install_routes_for_vrf(struct bgp *bgp_vrf)
3406 {
3407 install_uninstall_routes_for_vrf(bgp_vrf, 1);
3408 return 0;
3409 }
3410
3411 /*
3412 * Install any existing remote routes applicable for this VNI into its
3413 * routing table. This is invoked when a VNI becomes "live" or its Import
3414 * RT is changed.
3415 */
3416 static int install_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3417 {
3418 int ret;
3419
3420 /* Install type-3 routes followed by type-2 routes - the ones applicable
3421 * for this VNI.
3422 */
3423 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3424 1);
3425 if (ret)
3426 return ret;
3427
3428 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3429 1);
3430 }
3431
3432 /* uninstall routes from l3vni vrf. */
3433 static int uninstall_routes_for_vrf(struct bgp *bgp_vrf)
3434 {
3435 install_uninstall_routes_for_vrf(bgp_vrf, 0);
3436 return 0;
3437 }
3438
3439 /*
3440 * Uninstall any existing remote routes for this VNI. One scenario in which
3441 * this is invoked is upon an import RT change.
3442 */
3443 static int uninstall_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3444 {
3445 int ret;
3446
3447 /* Uninstall type-2 routes followed by type-3 routes - the ones
3448 * applicable
3449 * for this VNI.
3450 */
3451 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3452 0);
3453 if (ret)
3454 return ret;
3455
3456 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3457 0);
3458 }
3459
3460 /* Install or unistall route in ES */
3461 static int install_uninstall_route_in_es(struct bgp *bgp, struct evpnes *es,
3462 afi_t afi, safi_t safi,
3463 struct prefix_evpn *evp,
3464 struct bgp_path_info *pi, int install)
3465 {
3466 int ret = 0;
3467 char buf[ESI_STR_LEN];
3468
3469 if (install)
3470 ret = install_evpn_route_entry_in_es(bgp, es, evp, pi);
3471 else
3472 ret = uninstall_evpn_route_entry_in_es(bgp, es, evp, pi);
3473
3474 if (ret) {
3475 flog_err(
3476 EC_BGP_EVPN_FAIL,
3477 "%u: Failed to %s EVPN %s route in ESI %s", bgp->vrf_id,
3478 install ? "install" : "uninstall", "ES",
3479 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)));
3480 return ret;
3481 }
3482 return 0;
3483 }
3484
3485 /*
3486 * Install or uninstall route in matching VRFs (list).
3487 */
3488 static int install_uninstall_route_in_vrfs(struct bgp *bgp_def, afi_t afi,
3489 safi_t safi, struct prefix_evpn *evp,
3490 struct bgp_path_info *pi,
3491 struct list *vrfs, int install)
3492 {
3493 char buf[PREFIX2STR_BUFFER];
3494 struct bgp *bgp_vrf;
3495 struct listnode *node, *nnode;
3496
3497 /* Only type-2/type-5 routes go into a VRF */
3498 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3499 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3500 return 0;
3501
3502 /* if it is type-2 route and not a mac+ip route skip this route */
3503 if ((evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
3504 && !(is_evpn_prefix_ipaddr_v4(evp)
3505 || is_evpn_prefix_ipaddr_v6(evp)))
3506 return 0;
3507
3508 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, bgp_vrf)) {
3509 int ret;
3510
3511 if (install)
3512 ret = install_evpn_route_entry_in_vrf(bgp_vrf, evp, pi);
3513 else
3514 ret = uninstall_evpn_route_entry_in_vrf(bgp_vrf, evp,
3515 pi);
3516
3517 if (ret) {
3518 flog_err(EC_BGP_EVPN_FAIL,
3519 "%u: Failed to %s prefix %s in VRF %s",
3520 bgp_def->vrf_id,
3521 install ? "install" : "uninstall",
3522 prefix2str(evp, buf, sizeof(buf)),
3523 vrf_id_to_name(bgp_vrf->vrf_id));
3524 return ret;
3525 }
3526 }
3527
3528 return 0;
3529 }
3530
3531 /*
3532 * Install or uninstall route in matching VNIs (list).
3533 */
3534 static int install_uninstall_route_in_vnis(struct bgp *bgp, afi_t afi,
3535 safi_t safi, struct prefix_evpn *evp,
3536 struct bgp_path_info *pi,
3537 struct list *vnis, int install)
3538 {
3539 struct bgpevpn *vpn;
3540 struct listnode *node, *nnode;
3541
3542 for (ALL_LIST_ELEMENTS(vnis, node, nnode, vpn)) {
3543 int ret;
3544
3545 if (!is_vni_live(vpn))
3546 continue;
3547
3548 if (install)
3549 ret = install_evpn_route_entry(bgp, vpn, evp, pi);
3550 else
3551 ret = uninstall_evpn_route_entry(bgp, vpn, evp, pi);
3552
3553 if (ret) {
3554 flog_err(EC_BGP_EVPN_FAIL,
3555 "%u: Failed to %s EVPN %s route in VNI %u",
3556 bgp->vrf_id, install ? "install" : "uninstall",
3557 evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3558 ? "MACIP"
3559 : "IMET",
3560 vpn->vni);
3561 return ret;
3562 }
3563 }
3564
3565 return 0;
3566 }
3567
3568 /*
3569 * Install or uninstall route for appropriate VNIs/ESIs.
3570 */
3571 static int install_uninstall_evpn_route(struct bgp *bgp, afi_t afi, safi_t safi,
3572 const struct prefix *p,
3573 struct bgp_path_info *pi, int import)
3574 {
3575 struct prefix_evpn *evp = (struct prefix_evpn *)p;
3576 struct attr *attr = pi->attr;
3577 struct ecommunity *ecom;
3578 int i;
3579
3580 assert(attr);
3581
3582 /* Only type-2, type-3, type-4 and type-5 are supported currently */
3583 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3584 || evp->prefix.route_type == BGP_EVPN_IMET_ROUTE
3585 || evp->prefix.route_type == BGP_EVPN_ES_ROUTE
3586 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3587 return 0;
3588
3589 /* If we don't have Route Target, nothing much to do. */
3590 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
3591 return 0;
3592
3593 ecom = attr->ecommunity;
3594 if (!ecom || !ecom->size)
3595 return -1;
3596
3597 /* An EVPN route belongs to a VNI or a VRF or an ESI based on the RTs
3598 * attached to the route */
3599 for (i = 0; i < ecom->size; i++) {
3600 uint8_t *pnt;
3601 uint8_t type, sub_type;
3602 struct ecommunity_val *eval;
3603 struct ecommunity_val eval_tmp;
3604 struct irt_node *irt; /* import rt for l2vni */
3605 struct vrf_irt_node *vrf_irt; /* import rt for l3vni */
3606 struct evpnes *es;
3607
3608 /* Only deal with RTs */
3609 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3610 eval = (struct ecommunity_val *)(ecom->val
3611 + (i * ECOMMUNITY_SIZE));
3612 type = *pnt++;
3613 sub_type = *pnt++;
3614 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3615 continue;
3616
3617 /*
3618 * macip routes (type-2) are imported into VNI and VRF tables.
3619 * IMET route is imported into VNI table.
3620 * prefix routes are imported into VRF table.
3621 */
3622 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE ||
3623 evp->prefix.route_type == BGP_EVPN_IMET_ROUTE ||
3624 evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
3625
3626 irt = lookup_import_rt(bgp, eval);
3627 if (irt)
3628 install_uninstall_route_in_vnis(
3629 bgp, afi, safi, evp, pi, irt->vnis,
3630 import);
3631
3632 vrf_irt = lookup_vrf_import_rt(eval);
3633 if (vrf_irt)
3634 install_uninstall_route_in_vrfs(
3635 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3636 import);
3637
3638 /* Also check for non-exact match.
3639 * In this, we mask out the AS and
3640 * only check on the local-admin sub-field.
3641 * This is to facilitate using
3642 * VNI as the RT for EBGP peering too.
3643 */
3644 irt = NULL;
3645 vrf_irt = NULL;
3646 if (type == ECOMMUNITY_ENCODE_AS
3647 || type == ECOMMUNITY_ENCODE_AS4
3648 || type == ECOMMUNITY_ENCODE_IP) {
3649 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3650 mask_ecom_global_admin(&eval_tmp, eval);
3651 irt = lookup_import_rt(bgp, &eval_tmp);
3652 vrf_irt = lookup_vrf_import_rt(&eval_tmp);
3653 }
3654
3655 if (irt)
3656 install_uninstall_route_in_vnis(
3657 bgp, afi, safi, evp, pi, irt->vnis,
3658 import);
3659 if (vrf_irt)
3660 install_uninstall_route_in_vrfs(
3661 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3662 import);
3663 }
3664
3665 /* es route is imported into the es table */
3666 if (evp->prefix.route_type == BGP_EVPN_ES_ROUTE) {
3667
3668 /* we will match based on the entire esi to avoid
3669 * imoort of an es route for esi2 into esi1
3670 */
3671 es = bgp_evpn_lookup_es(bgp, &evp->prefix.es_addr.esi);
3672 if (es && is_es_local(es))
3673 install_uninstall_route_in_es(
3674 bgp, es, afi, safi, evp, pi, import);
3675 }
3676 }
3677
3678 return 0;
3679 }
3680
3681 /*
3682 * delete and withdraw all ipv4 and ipv6 routes in the vrf table as type-5
3683 * routes
3684 */
3685 static void delete_withdraw_vrf_routes(struct bgp *bgp_vrf)
3686 {
3687 /* Delete ipv4 default route and withdraw from peers */
3688 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3689 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3690 SAFI_UNICAST, false);
3691
3692 /* delete all ipv4 routes and withdraw from peers */
3693 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3694 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3695
3696 /* Delete ipv6 default route and withdraw from peers */
3697 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3698 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3699 SAFI_UNICAST, false);
3700
3701 /* delete all ipv6 routes and withdraw from peers */
3702 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3703 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3704 }
3705
3706 /*
3707 * update and advertise all ipv4 and ipv6 routes in thr vrf table as type-5
3708 * routes
3709 */
3710 void update_advertise_vrf_routes(struct bgp *bgp_vrf)
3711 {
3712 struct bgp *bgp_evpn = NULL; /* EVPN bgp instance */
3713
3714 bgp_evpn = bgp_get_evpn();
3715 if (!bgp_evpn)
3716 return;
3717
3718 /* update all ipv4 routes */
3719 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3720 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3721
3722 /* update ipv4 default route and withdraw from peers */
3723 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3724 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3725 SAFI_UNICAST, true);
3726
3727 /* update all ipv6 routes */
3728 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3729 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3730
3731 /* update ipv6 default route and withdraw from peers */
3732 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3733 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3734 SAFI_UNICAST, true);
3735
3736 }
3737
3738 /*
3739 * update and advertise local routes for a VRF as type-5 routes.
3740 * This is invoked upon RD change for a VRF. Note taht the processing is only
3741 * done in the global route table using the routes which already exist in the
3742 * VRF routing table
3743 */
3744 static void update_router_id_vrf(struct bgp *bgp_vrf)
3745 {
3746 /* skip if the RD is configured */
3747 if (is_vrf_rd_configured(bgp_vrf))
3748 return;
3749
3750 /* derive the RD for the VRF based on new router-id */
3751 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
3752
3753 /* update advertise ipv4|ipv6 routes as type-5 routes */
3754 update_advertise_vrf_routes(bgp_vrf);
3755 }
3756
3757 /*
3758 * Delete and withdraw all type-5 routes for the RD corresponding to VRF.
3759 * This is invoked upon VRF RD change. The processing is done only from global
3760 * table.
3761 */
3762 static void withdraw_router_id_vrf(struct bgp *bgp_vrf)
3763 {
3764 /* skip if the RD is configured */
3765 if (is_vrf_rd_configured(bgp_vrf))
3766 return;
3767
3768 /* delete/withdraw ipv4|ipv6 routes as type-5 routes */
3769 delete_withdraw_vrf_routes(bgp_vrf);
3770 }
3771
3772 /*
3773 * Update and advertise local routes for a VNI. Invoked upon router-id
3774 * change. Note that the processing is done only on the global route table
3775 * using routes that already exist in the per-VNI table.
3776 */
3777 static int update_advertise_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3778 {
3779 struct prefix_evpn p;
3780 struct bgp_dest *dest, *global_dest;
3781 struct bgp_path_info *pi, *global_pi;
3782 struct attr *attr;
3783 afi_t afi = AFI_L2VPN;
3784 safi_t safi = SAFI_EVPN;
3785
3786 /* Locate type-3 route for VNI in the per-VNI table and use its
3787 * attributes to create and advertise the type-3 route for this VNI
3788 * in the global table.
3789 *
3790 * RT-3 only if doing head-end replication
3791 */
3792 if (bgp_evpn_vni_flood_mode_get(bgp, vpn)
3793 == VXLAN_FLOOD_HEAD_END_REPL) {
3794 build_evpn_type3_prefix(&p, vpn->originator_ip);
3795 dest = bgp_node_lookup(vpn->route_table, (struct prefix *)&p);
3796 if (!dest) /* unexpected */
3797 return 0;
3798 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
3799 if (pi->peer == bgp->peer_self &&
3800 pi->type == ZEBRA_ROUTE_BGP
3801 && pi->sub_type == BGP_ROUTE_STATIC)
3802 break;
3803 if (!pi) /* unexpected */
3804 return 0;
3805 attr = pi->attr;
3806
3807 global_dest = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3808 (struct prefix *)&p, &vpn->prd);
3809 update_evpn_route_entry(bgp, vpn, afi, safi, global_dest, attr,
3810 1, &pi, 0, mac_mobility_seqnum(attr));
3811
3812 /* Schedule for processing and unlock node. */
3813 bgp_process(bgp, global_dest, afi, safi);
3814 bgp_dest_unlock_node(global_dest);
3815 }
3816
3817 /* Now, walk this VNI's route table and use the route and its attribute
3818 * to create and schedule route in global table.
3819 */
3820 for (dest = bgp_table_top(vpn->route_table); dest;
3821 dest = bgp_route_next(dest)) {
3822 const struct prefix_evpn *evp =
3823 (const struct prefix_evpn *)bgp_dest_get_prefix(dest);
3824
3825 /* Identify MAC-IP local routes. */
3826 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
3827 continue;
3828
3829 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
3830 if (pi->peer == bgp->peer_self
3831 && pi->type == ZEBRA_ROUTE_BGP
3832 && pi->sub_type == BGP_ROUTE_STATIC)
3833 break;
3834 if (!pi)
3835 continue;
3836
3837 /* Create route in global routing table using this route entry's
3838 * attribute.
3839 */
3840 attr = pi->attr;
3841 global_dest = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3842 (struct prefix *)evp, &vpn->prd);
3843 assert(global_dest);
3844 update_evpn_route_entry(bgp, vpn, afi, safi, global_dest, attr,
3845 1, &global_pi, 0,
3846 mac_mobility_seqnum(attr));
3847
3848 /* Schedule for processing and unlock node. */
3849 bgp_process(bgp, global_dest, afi, safi);
3850 bgp_dest_unlock_node(global_dest);
3851 }
3852
3853 return 0;
3854 }
3855
3856 /*
3857 * Delete (and withdraw) local routes for a VNI - only from the global
3858 * table. Invoked upon router-id change.
3859 */
3860 static int delete_withdraw_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3861 {
3862 int ret;
3863 struct prefix_evpn p;
3864 struct bgp_dest *global_dest;
3865 struct bgp_path_info *pi;
3866 afi_t afi = AFI_L2VPN;
3867 safi_t safi = SAFI_EVPN;
3868
3869 /* Delete and withdraw locally learnt type-2 routes (MACIP)
3870 * for this VNI - from the global table.
3871 */
3872 ret = delete_global_type2_routes(bgp, vpn);
3873 if (ret)
3874 return ret;
3875
3876 /* Remove type-3 route for this VNI from global table. */
3877 build_evpn_type3_prefix(&p, vpn->originator_ip);
3878 global_dest = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
3879 (struct prefix *)&p, &vpn->prd);
3880 if (global_dest) {
3881 /* Delete route entry in the global EVPN table. */
3882 delete_evpn_route_entry(bgp, afi, safi, global_dest, &pi);
3883
3884 /* Schedule for processing - withdraws to peers happen from
3885 * this table.
3886 */
3887 if (pi)
3888 bgp_process(bgp, global_dest, afi, safi);
3889 bgp_dest_unlock_node(global_dest);
3890 }
3891
3892 return 0;
3893 }
3894
3895 /*
3896 * Handle router-id change. Update and advertise local routes corresponding
3897 * to this VNI from peers. Note that this is invoked after updating the
3898 * router-id. The routes in the per-VNI table are used to create routes in
3899 * the global table and schedule them.
3900 */
3901 static void update_router_id_vni(struct hash_bucket *bucket, struct bgp *bgp)
3902 {
3903 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
3904
3905 /* Skip VNIs with configured RD. */
3906 if (is_rd_configured(vpn))
3907 return;
3908
3909 bgp_evpn_derive_auto_rd(bgp, vpn);
3910 update_advertise_vni_routes(bgp, vpn);
3911 }
3912
3913 /*
3914 * Handle router-id change. Delete and withdraw local routes corresponding
3915 * to this VNI from peers. Note that this is invoked prior to updating
3916 * the router-id and is done only on the global route table, the routes
3917 * are needed in the per-VNI table to re-advertise with new router id.
3918 */
3919 static void withdraw_router_id_vni(struct hash_bucket *bucket, struct bgp *bgp)
3920 {
3921 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
3922
3923 /* Skip VNIs with configured RD. */
3924 if (is_rd_configured(vpn))
3925 return;
3926
3927 delete_withdraw_vni_routes(bgp, vpn);
3928 }
3929
3930 /*
3931 * Create RT-3 for a VNI and schedule for processing and advertisement.
3932 * This is invoked upon flooding mode changing to head-end replication.
3933 */
3934 static void create_advertise_type3(struct hash_bucket *bucket, void *data)
3935 {
3936 struct bgpevpn *vpn = bucket->data;
3937 struct bgp *bgp = data;
3938 struct prefix_evpn p;
3939
3940 if (!vpn || !is_vni_live(vpn) ||
3941 bgp_evpn_vni_flood_mode_get(bgp, vpn)
3942 != VXLAN_FLOOD_HEAD_END_REPL)
3943 return;
3944
3945 build_evpn_type3_prefix(&p, vpn->originator_ip);
3946 if (update_evpn_route(bgp, vpn, &p, 0, 0))
3947 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
3948 "Type3 route creation failure for VNI %u", vpn->vni);
3949 }
3950
3951 /*
3952 * Delete RT-3 for a VNI and schedule for processing and withdrawal.
3953 * This is invoked upon flooding mode changing to drop BUM packets.
3954 */
3955 static void delete_withdraw_type3(struct hash_bucket *bucket, void *data)
3956 {
3957 struct bgpevpn *vpn = bucket->data;
3958 struct bgp *bgp = data;
3959 struct prefix_evpn p;
3960
3961 if (!vpn || !is_vni_live(vpn))
3962 return;
3963
3964 build_evpn_type3_prefix(&p, vpn->originator_ip);
3965 delete_evpn_route(bgp, vpn, &p);
3966 }
3967
3968 /*
3969 * Process received EVPN type-2 route (advertise or withdraw).
3970 */
3971 static int process_type2_route(struct peer *peer, afi_t afi, safi_t safi,
3972 struct attr *attr, uint8_t *pfx, int psize,
3973 uint32_t addpath_id)
3974 {
3975 struct prefix_rd prd;
3976 struct prefix_evpn p;
3977 struct bgp_route_evpn evpn;
3978 uint8_t ipaddr_len;
3979 uint8_t macaddr_len;
3980 mpls_label_t label[BGP_MAX_LABELS]; /* holds the VNI(s) as in packet */
3981 uint32_t num_labels = 0;
3982 uint32_t eth_tag;
3983 int ret;
3984
3985 /* Type-2 route should be either 33, 37 or 49 bytes or an
3986 * additional 3 bytes if there is a second label (VNI):
3987 * RD (8), ESI (10), Eth Tag (4), MAC Addr Len (1),
3988 * MAC Addr (6), IP len (1), IP (0, 4 or 16),
3989 * MPLS Lbl1 (3), MPLS Lbl2 (0 or 3)
3990 */
3991 if (psize != 33 && psize != 37 && psize != 49 && psize != 36
3992 && psize != 40 && psize != 52) {
3993 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3994 "%u:%s - Rx EVPN Type-2 NLRI with invalid length %d",
3995 peer->bgp->vrf_id, peer->host, psize);
3996 return -1;
3997 }
3998
3999 memset(&evpn, 0, sizeof(evpn));
4000
4001 /* Make prefix_rd */
4002 prd.family = AF_UNSPEC;
4003 prd.prefixlen = 64;
4004 memcpy(&prd.val, pfx, 8);
4005 pfx += 8;
4006
4007 /* Make EVPN prefix. */
4008 memset(&p, 0, sizeof(struct prefix_evpn));
4009 p.family = AF_EVPN;
4010 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
4011 p.prefix.route_type = BGP_EVPN_MAC_IP_ROUTE;
4012
4013 /* Copy Ethernet Seg Identifier */
4014 memcpy(&evpn.eth_s_id.val, pfx, ESI_LEN);
4015 pfx += ESI_LEN;
4016
4017 /* Copy Ethernet Tag */
4018 memcpy(&eth_tag, pfx, 4);
4019 p.prefix.macip_addr.eth_tag = ntohl(eth_tag);
4020 pfx += 4;
4021
4022 /* Get the MAC Addr len */
4023 macaddr_len = *pfx++;
4024
4025 /* Get the MAC Addr */
4026 if (macaddr_len == (ETH_ALEN * 8)) {
4027 memcpy(&p.prefix.macip_addr.mac.octet, pfx, ETH_ALEN);
4028 pfx += ETH_ALEN;
4029 } else {
4030 flog_err(
4031 EC_BGP_EVPN_ROUTE_INVALID,
4032 "%u:%s - Rx EVPN Type-2 NLRI with unsupported MAC address length %d",
4033 peer->bgp->vrf_id, peer->host, macaddr_len);
4034 return -1;
4035 }
4036
4037
4038 /* Get the IP. */
4039 ipaddr_len = *pfx++;
4040 if (ipaddr_len != 0 && ipaddr_len != IPV4_MAX_BITLEN
4041 && ipaddr_len != IPV6_MAX_BITLEN) {
4042 flog_err(
4043 EC_BGP_EVPN_ROUTE_INVALID,
4044 "%u:%s - Rx EVPN Type-2 NLRI with unsupported IP address length %d",
4045 peer->bgp->vrf_id, peer->host, ipaddr_len);
4046 return -1;
4047 }
4048
4049 if (ipaddr_len) {
4050 ipaddr_len /= 8; /* Convert to bytes. */
4051 p.prefix.macip_addr.ip.ipa_type = (ipaddr_len == IPV4_MAX_BYTELEN)
4052 ? IPADDR_V4
4053 : IPADDR_V6;
4054 memcpy(&p.prefix.macip_addr.ip.ip.addr, pfx, ipaddr_len);
4055 }
4056 pfx += ipaddr_len;
4057
4058 /* Get the VNI(s). Stored as bytes here. */
4059 num_labels++;
4060 memset(label, 0, sizeof(label));
4061 memcpy(&label[0], pfx, BGP_LABEL_BYTES);
4062 pfx += BGP_LABEL_BYTES;
4063 psize -= (33 + ipaddr_len);
4064 /* Do we have a second VNI? */
4065 if (psize) {
4066 num_labels++;
4067 memcpy(&label[1], pfx, BGP_LABEL_BYTES);
4068 /*
4069 * If in future, we are required to access additional fields,
4070 * we MUST increment pfx by BGP_LABEL_BYTES in before reading
4071 * the next field
4072 */
4073 }
4074
4075 /* Process the route. */
4076 if (attr)
4077 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4078 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4079 &prd, &label[0], num_labels, 0, &evpn);
4080 else
4081 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4082 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4083 &prd, &label[0], num_labels, &evpn);
4084 return ret;
4085 }
4086
4087 /*
4088 * Process received EVPN type-3 route (advertise or withdraw).
4089 */
4090 static int process_type3_route(struct peer *peer, afi_t afi, safi_t safi,
4091 struct attr *attr, uint8_t *pfx, int psize,
4092 uint32_t addpath_id)
4093 {
4094 struct prefix_rd prd;
4095 struct prefix_evpn p;
4096 uint8_t ipaddr_len;
4097 uint32_t eth_tag;
4098 int ret;
4099
4100 /* Type-3 route should be either 17 or 29 bytes: RD (8), Eth Tag (4),
4101 * IP len (1) and IP (4 or 16).
4102 */
4103 if (psize != 17 && psize != 29) {
4104 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
4105 "%u:%s - Rx EVPN Type-3 NLRI with invalid length %d",
4106 peer->bgp->vrf_id, peer->host, psize);
4107 return -1;
4108 }
4109
4110 /* If PMSI is present, log if it is anything other than IR.
4111 * Note: We just simply ignore the values as it is not clear if
4112 * doing anything else is better.
4113 */
4114 if (attr &&
4115 (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL))) {
4116 if (attr->pmsi_tnl_type != PMSI_TNLTYPE_INGR_REPL &&
4117 attr->pmsi_tnl_type != PMSI_TNLTYPE_PIM_SM) {
4118 flog_warn(EC_BGP_EVPN_PMSI_PRESENT,
4119 "%u:%s - Rx EVPN Type-3 NLRI with unsupported PTA %d",
4120 peer->bgp->vrf_id, peer->host,
4121 attr->pmsi_tnl_type);
4122 }
4123 }
4124
4125 /* Make prefix_rd */
4126 prd.family = AF_UNSPEC;
4127 prd.prefixlen = 64;
4128 memcpy(&prd.val, pfx, 8);
4129 pfx += 8;
4130
4131 /* Make EVPN prefix. */
4132 memset(&p, 0, sizeof(struct prefix_evpn));
4133 p.family = AF_EVPN;
4134 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
4135 p.prefix.route_type = BGP_EVPN_IMET_ROUTE;
4136
4137 /* Copy Ethernet Tag */
4138 memcpy(&eth_tag, pfx, 4);
4139 p.prefix.imet_addr.eth_tag = ntohl(eth_tag);
4140 pfx += 4;
4141
4142 /* Get the IP. */
4143 ipaddr_len = *pfx++;
4144 if (ipaddr_len == IPV4_MAX_BITLEN) {
4145 p.prefix.imet_addr.ip.ipa_type = IPADDR_V4;
4146 memcpy(&p.prefix.imet_addr.ip.ip.addr, pfx, IPV4_MAX_BYTELEN);
4147 } else {
4148 flog_err(
4149 EC_BGP_EVPN_ROUTE_INVALID,
4150 "%u:%s - Rx EVPN Type-3 NLRI with unsupported IP address length %d",
4151 peer->bgp->vrf_id, peer->host, ipaddr_len);
4152 return -1;
4153 }
4154
4155 /* Process the route. */
4156 if (attr)
4157 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4158 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4159 &prd, NULL, 0, 0, NULL);
4160 else
4161 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4162 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4163 &prd, NULL, 0, NULL);
4164 return ret;
4165 }
4166
4167 /*
4168 * Process received EVPN type-4 route (advertise or withdraw).
4169 */
4170 static int process_type4_route(struct peer *peer, afi_t afi, safi_t safi,
4171 struct attr *attr, uint8_t *pfx, int psize,
4172 uint32_t addpath_id)
4173 {
4174 int ret;
4175 esi_t esi;
4176 uint8_t ipaddr_len;
4177 struct in_addr vtep_ip;
4178 struct prefix_rd prd;
4179 struct prefix_evpn p;
4180
4181 /* Type-4 route should be either 23 or 35 bytes
4182 * RD (8), ESI (10), ip-len (1), ip (4 or 16)
4183 */
4184 if (psize != 23 && psize != 35) {
4185 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
4186 "%u:%s - Rx EVPN Type-4 NLRI with invalid length %d",
4187 peer->bgp->vrf_id, peer->host, psize);
4188 return -1;
4189 }
4190
4191 /* Make prefix_rd */
4192 prd.family = AF_UNSPEC;
4193 prd.prefixlen = 64;
4194 memcpy(&prd.val, pfx, 8);
4195 pfx += 8;
4196
4197 /* get the ESI */
4198 memcpy(&esi, pfx, ESI_BYTES);
4199 pfx += ESI_BYTES;
4200
4201
4202 /* Get the IP. */
4203 ipaddr_len = *pfx++;
4204 if (ipaddr_len == IPV4_MAX_BITLEN) {
4205 memcpy(&vtep_ip, pfx, IPV4_MAX_BYTELEN);
4206 } else {
4207 flog_err(
4208 EC_BGP_EVPN_ROUTE_INVALID,
4209 "%u:%s - Rx EVPN Type-4 NLRI with unsupported IP address length %d",
4210 peer->bgp->vrf_id, peer->host, ipaddr_len);
4211 return -1;
4212 }
4213
4214 build_evpn_type4_prefix(&p, &esi, vtep_ip);
4215 /* Process the route. */
4216 if (attr) {
4217 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4218 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4219 &prd, NULL, 0, 0, NULL);
4220 } else {
4221 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4222 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4223 &prd, NULL, 0, NULL);
4224 }
4225 return ret;
4226 }
4227
4228
4229 /*
4230 * Process received EVPN type-5 route (advertise or withdraw).
4231 */
4232 static int process_type5_route(struct peer *peer, afi_t afi, safi_t safi,
4233 struct attr *attr, uint8_t *pfx, int psize,
4234 uint32_t addpath_id)
4235 {
4236 struct prefix_rd prd;
4237 struct prefix_evpn p;
4238 struct bgp_route_evpn evpn;
4239 uint8_t ippfx_len;
4240 uint32_t eth_tag;
4241 mpls_label_t label; /* holds the VNI as in the packet */
4242 int ret;
4243 afi_t gw_afi;
4244 bool is_valid_update = false;
4245
4246 /* Type-5 route should be 34 or 58 bytes:
4247 * RD (8), ESI (10), Eth Tag (4), IP len (1), IP (4 or 16),
4248 * GW (4 or 16) and VNI (3).
4249 * Note that the IP and GW should both be IPv4 or both IPv6.
4250 */
4251 if (psize != 34 && psize != 58) {
4252 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
4253 "%u:%s - Rx EVPN Type-5 NLRI with invalid length %d",
4254 peer->bgp->vrf_id, peer->host, psize);
4255 return -1;
4256 }
4257
4258 /* Make prefix_rd */
4259 prd.family = AF_UNSPEC;
4260 prd.prefixlen = 64;
4261 memcpy(&prd.val, pfx, 8);
4262 pfx += 8;
4263
4264 /* Make EVPN prefix. */
4265 memset(&p, 0, sizeof(struct prefix_evpn));
4266 p.family = AF_EVPN;
4267 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
4268 p.prefix.route_type = BGP_EVPN_IP_PREFIX_ROUTE;
4269
4270 /* Additional information outside of prefix - ESI and GW IP */
4271 memset(&evpn, 0, sizeof(evpn));
4272
4273 /* Fetch ESI */
4274 memcpy(&evpn.eth_s_id.val, pfx, 10);
4275 pfx += 10;
4276
4277 /* Fetch Ethernet Tag. */
4278 memcpy(&eth_tag, pfx, 4);
4279 p.prefix.prefix_addr.eth_tag = ntohl(eth_tag);
4280 pfx += 4;
4281
4282 /* Fetch IP prefix length. */
4283 ippfx_len = *pfx++;
4284 if (ippfx_len > IPV6_MAX_BITLEN) {
4285 flog_err(
4286 EC_BGP_EVPN_ROUTE_INVALID,
4287 "%u:%s - Rx EVPN Type-5 NLRI with invalid IP Prefix length %d",
4288 peer->bgp->vrf_id, peer->host, ippfx_len);
4289 return -1;
4290 }
4291 p.prefix.prefix_addr.ip_prefix_length = ippfx_len;
4292
4293 /* Determine IPv4 or IPv6 prefix */
4294 /* Since the address and GW are from the same family, this just becomes
4295 * a simple check on the total size.
4296 */
4297 if (psize == 34) {
4298 SET_IPADDR_V4(&p.prefix.prefix_addr.ip);
4299 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v4, pfx, 4);
4300 pfx += 4;
4301 memcpy(&evpn.gw_ip.ipv4, pfx, 4);
4302 pfx += 4;
4303 gw_afi = AF_INET;
4304 } else {
4305 SET_IPADDR_V6(&p.prefix.prefix_addr.ip);
4306 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v6, pfx, 16);
4307 pfx += 16;
4308 memcpy(&evpn.gw_ip.ipv6, pfx, 16);
4309 pfx += 16;
4310 gw_afi = AF_INET6;
4311 }
4312
4313 /* Get the VNI (in MPLS label field). Stored as bytes here. */
4314 memset(&label, 0, sizeof(label));
4315 memcpy(&label, pfx, BGP_LABEL_BYTES);
4316
4317 /*
4318 * If in future, we are required to access additional fields,
4319 * we MUST increment pfx by BGP_LABEL_BYTES in before reading the next
4320 * field
4321 */
4322
4323 if (attr) {
4324 is_valid_update = true;
4325 if (is_zero_mac(&attr->rmac) && is_zero_esi(&evpn.eth_s_id) &&
4326 is_zero_gw_ip(&evpn.gw_ip, gw_afi))
4327 is_valid_update = false;
4328
4329 if (is_mcast_mac(&attr->rmac) || is_bcast_mac(&attr->rmac))
4330 is_valid_update = false;
4331 }
4332
4333 /* Process the route. */
4334 if (is_valid_update)
4335 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4336 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4337 &prd, &label, 1, 0, &evpn);
4338 else
4339 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4340 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4341 &prd, &label, 1, &evpn);
4342
4343 return ret;
4344 }
4345
4346 static void evpn_mpattr_encode_type5(struct stream *s, const struct prefix *p,
4347 const struct prefix_rd *prd,
4348 mpls_label_t *label, uint32_t num_labels,
4349 struct attr *attr)
4350 {
4351 int len;
4352 char temp[16];
4353 const struct evpn_addr *p_evpn_p;
4354
4355 memset(&temp, 0, 16);
4356 if (p->family != AF_EVPN)
4357 return;
4358 p_evpn_p = &(p->u.prefix_evpn);
4359
4360 /* len denites the total len of IP and GW-IP in the route
4361 IP and GW-IP have to be both ipv4 or ipv6
4362 */
4363 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4364 len = 8; /* IP and GWIP are both ipv4 */
4365 else
4366 len = 32; /* IP and GWIP are both ipv6 */
4367 /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */
4368 stream_putc(s, 8 + 10 + 4 + 1 + len + 3);
4369 stream_put(s, prd->val, 8);
4370 if (attr)
4371 stream_put(s, &(attr->evpn_overlay.eth_s_id), 10);
4372 else
4373 stream_put(s, &temp, 10);
4374 stream_putl(s, p_evpn_p->prefix_addr.eth_tag);
4375 stream_putc(s, p_evpn_p->prefix_addr.ip_prefix_length);
4376 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4377 stream_put_ipv4(s, p_evpn_p->prefix_addr.ip.ipaddr_v4.s_addr);
4378 else
4379 stream_put(s, &p_evpn_p->prefix_addr.ip.ipaddr_v6, 16);
4380 if (attr) {
4381 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4382 stream_put_ipv4(s,
4383 attr->evpn_overlay.gw_ip.ipv4.s_addr);
4384 else
4385 stream_put(s, &(attr->evpn_overlay.gw_ip.ipv6), 16);
4386 } else {
4387 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4388 stream_put_ipv4(s, 0);
4389 else
4390 stream_put(s, &temp, 16);
4391 }
4392
4393 if (num_labels)
4394 stream_put(s, label, 3);
4395 else
4396 stream_put3(s, 0);
4397 }
4398
4399 /*
4400 * Cleanup specific VNI upon EVPN (advertise-all-vni) being disabled.
4401 */
4402 static void cleanup_vni_on_disable(struct hash_bucket *bucket, struct bgp *bgp)
4403 {
4404 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
4405
4406 /* Remove EVPN routes and schedule for processing. */
4407 delete_routes_for_vni(bgp, vpn);
4408
4409 /* Clear "live" flag and see if hash needs to be freed. */
4410 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
4411 if (!is_vni_configured(vpn))
4412 bgp_evpn_free(bgp, vpn);
4413 }
4414
4415 /*
4416 * Free a VNI entry; iterator function called during cleanup.
4417 */
4418 static void free_vni_entry(struct hash_bucket *bucket, struct bgp *bgp)
4419 {
4420 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
4421
4422 delete_all_vni_routes(bgp, vpn);
4423 bgp_evpn_free(bgp, vpn);
4424 }
4425
4426 /*
4427 * Derive AUTO import RT for BGP VRF - L3VNI
4428 */
4429 static void evpn_auto_rt_import_add_for_vrf(struct bgp *bgp_vrf)
4430 {
4431 struct bgp *bgp_evpn = NULL;
4432
4433 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4434 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4435
4436 /* Map RT to VRF */
4437 bgp_evpn = bgp_get_evpn();
4438 if (!bgp_evpn)
4439 return;
4440 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4441 }
4442
4443 /*
4444 * Delete AUTO import RT from BGP VRF - L3VNI
4445 */
4446 static void evpn_auto_rt_import_delete_for_vrf(struct bgp *bgp_vrf)
4447 {
4448 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4449 }
4450
4451 /*
4452 * Derive AUTO export RT for BGP VRF - L3VNI
4453 */
4454 static void evpn_auto_rt_export_add_for_vrf(struct bgp *bgp_vrf)
4455 {
4456 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4457 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4458 }
4459
4460 /*
4461 * Delete AUTO export RT from BGP VRF - L3VNI
4462 */
4463 static void evpn_auto_rt_export_delete_for_vrf(struct bgp *bgp_vrf)
4464 {
4465 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4466 }
4467
4468 static void bgp_evpn_handle_export_rt_change_for_vrf(struct bgp *bgp_vrf)
4469 {
4470 struct bgp *bgp_evpn = NULL;
4471 struct listnode *node = NULL;
4472 struct bgpevpn *vpn = NULL;
4473
4474 bgp_evpn = bgp_get_evpn();
4475 if (!bgp_evpn)
4476 return;
4477
4478 /* update all type-5 routes */
4479 update_advertise_vrf_routes(bgp_vrf);
4480
4481 /* update all type-2 routes */
4482 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
4483 update_routes_for_vni(bgp_evpn, vpn);
4484 }
4485
4486 /*
4487 * Handle autort change for a given VNI.
4488 */
4489 static void update_autort_vni(struct hash_bucket *bucket, struct bgp *bgp)
4490 {
4491 struct bgpevpn *vpn = bucket->data;
4492
4493 if (!is_import_rt_configured(vpn)) {
4494 if (is_vni_live(vpn))
4495 bgp_evpn_uninstall_routes(bgp, vpn);
4496 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
4497 list_delete_all_node(vpn->import_rtl);
4498 bgp_evpn_derive_auto_rt_import(bgp, vpn);
4499 if (is_vni_live(vpn))
4500 bgp_evpn_install_routes(bgp, vpn);
4501 }
4502 if (!is_export_rt_configured(vpn)) {
4503 list_delete_all_node(vpn->export_rtl);
4504 bgp_evpn_derive_auto_rt_export(bgp, vpn);
4505 if (is_vni_live(vpn))
4506 bgp_evpn_handle_export_rt_change(bgp, vpn);
4507 }
4508 }
4509
4510 /*
4511 * Public functions.
4512 */
4513
4514 /* withdraw type-5 route corresponding to ip prefix */
4515 void bgp_evpn_withdraw_type5_route(struct bgp *bgp_vrf, const struct prefix *p,
4516 afi_t afi, safi_t safi)
4517 {
4518 int ret = 0;
4519 struct prefix_evpn evp;
4520 char buf[PREFIX_STRLEN];
4521
4522 build_type5_prefix_from_ip_prefix(&evp, p);
4523 ret = delete_evpn_type5_route(bgp_vrf, &evp);
4524 if (ret) {
4525 flog_err(
4526 EC_BGP_EVPN_ROUTE_DELETE,
4527 "%u failed to delete type-5 route for prefix %s in vrf %s",
4528 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)),
4529 vrf_id_to_name(bgp_vrf->vrf_id));
4530 }
4531 }
4532
4533 /* withdraw all type-5 routes for an address family */
4534 void bgp_evpn_withdraw_type5_routes(struct bgp *bgp_vrf, afi_t afi, safi_t safi)
4535 {
4536 struct bgp_table *table = NULL;
4537 struct bgp_dest *dest = NULL;
4538 struct bgp_path_info *pi;
4539
4540 table = bgp_vrf->rib[afi][safi];
4541 for (dest = bgp_table_top(table); dest; dest = bgp_route_next(dest)) {
4542 /* Only care about "selected" routes. Also ensure that
4543 * these are routes that are injectable into EVPN.
4544 */
4545 /* TODO: Support for AddPath for EVPN. */
4546 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next) {
4547 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4548 && is_route_injectable_into_evpn(pi)) {
4549 bgp_evpn_withdraw_type5_route(
4550 bgp_vrf, bgp_dest_get_prefix(dest), afi,
4551 safi);
4552 break;
4553 }
4554 }
4555 }
4556 }
4557
4558 /*
4559 * evpn - enable advertisement of default g/w
4560 */
4561 void bgp_evpn_install_uninstall_default_route(struct bgp *bgp_vrf, afi_t afi,
4562 safi_t safi, bool add)
4563 {
4564 struct prefix ip_prefix;
4565
4566 /* form the default prefix 0.0.0.0/0 */
4567 memset(&ip_prefix, 0, sizeof(struct prefix));
4568 ip_prefix.family = afi2family(afi);
4569
4570 if (add) {
4571 bgp_evpn_advertise_type5_route(bgp_vrf, &ip_prefix,
4572 NULL, afi, safi);
4573 } else {
4574 bgp_evpn_withdraw_type5_route(bgp_vrf, &ip_prefix,
4575 afi, safi);
4576 }
4577 }
4578
4579
4580 /*
4581 * Advertise IP prefix as type-5 route. The afi/safi and src_attr passed
4582 * to this function correspond to those of the source IP prefix (best
4583 * path in the case of the attr. In the case of a local prefix (when we
4584 * are advertising local subnets), the src_attr will be NULL.
4585 */
4586 void bgp_evpn_advertise_type5_route(struct bgp *bgp_vrf, const struct prefix *p,
4587 struct attr *src_attr, afi_t afi,
4588 safi_t safi)
4589 {
4590 int ret = 0;
4591 struct prefix_evpn evp;
4592 char buf[PREFIX_STRLEN];
4593
4594 build_type5_prefix_from_ip_prefix(&evp, p);
4595 ret = update_evpn_type5_route(bgp_vrf, &evp, src_attr);
4596 if (ret)
4597 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
4598 "%u: Failed to create type-5 route for prefix %s",
4599 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)));
4600 }
4601
4602 /* Inject all prefixes of a particular address-family (currently, IPv4 or
4603 * IPv6 unicast) into EVPN as type-5 routes. This is invoked when the
4604 * advertisement is enabled.
4605 */
4606 void bgp_evpn_advertise_type5_routes(struct bgp *bgp_vrf, afi_t afi,
4607 safi_t safi)
4608 {
4609 struct bgp_table *table = NULL;
4610 struct bgp_dest *dest = NULL;
4611 struct bgp_path_info *pi;
4612
4613 table = bgp_vrf->rib[afi][safi];
4614 for (dest = bgp_table_top(table); dest; dest = bgp_route_next(dest)) {
4615 /* Need to identify the "selected" route entry to use its
4616 * attribute. Also, ensure that the route is injectable
4617 * into EVPN.
4618 * TODO: Support for AddPath for EVPN.
4619 */
4620 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next) {
4621 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4622 && is_route_injectable_into_evpn(pi)) {
4623
4624 /* apply the route-map */
4625 if (bgp_vrf->adv_cmd_rmap[afi][safi].map) {
4626 route_map_result_t ret;
4627 struct bgp_path_info tmp_pi;
4628 struct bgp_path_info_extra tmp_pie;
4629 struct attr tmp_attr;
4630
4631 tmp_attr = *pi->attr;
4632
4633 /* Fill temp path_info */
4634 prep_for_rmap_apply(&tmp_pi, &tmp_pie,
4635 dest, pi, pi->peer,
4636 &tmp_attr);
4637
4638 RESET_FLAG(tmp_attr.rmap_change_flags);
4639
4640 ret = route_map_apply(
4641 bgp_vrf->adv_cmd_rmap[afi][safi]
4642 .map,
4643 bgp_dest_get_prefix(dest),
4644 RMAP_BGP, &tmp_pi);
4645 if (ret == RMAP_DENYMATCH) {
4646 bgp_attr_flush(&tmp_attr);
4647 continue;
4648 }
4649 bgp_evpn_advertise_type5_route(
4650 bgp_vrf,
4651 bgp_dest_get_prefix(dest),
4652 &tmp_attr, afi, safi);
4653 } else
4654 bgp_evpn_advertise_type5_route(
4655 bgp_vrf,
4656 bgp_dest_get_prefix(dest),
4657 pi->attr, afi, safi);
4658 break;
4659 }
4660 }
4661 }
4662 }
4663
4664 void evpn_rt_delete_auto(struct bgp *bgp, vni_t vni, struct list *rtl)
4665 {
4666 struct listnode *node, *nnode, *node_to_del;
4667 struct ecommunity *ecom, *ecom_auto;
4668 struct ecommunity_val eval;
4669
4670 if (bgp->advertise_autort_rfc8365)
4671 vni |= EVPN_AUTORT_VXLAN;
4672 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
4673
4674 ecom_auto = ecommunity_new();
4675 ecommunity_add_val(ecom_auto, &eval, false, false);
4676 node_to_del = NULL;
4677
4678 for (ALL_LIST_ELEMENTS(rtl, node, nnode, ecom)) {
4679 if (ecommunity_match(ecom, ecom_auto)) {
4680 ecommunity_free(&ecom);
4681 node_to_del = node;
4682 }
4683 }
4684
4685 if (node_to_del)
4686 list_delete_node(rtl, node_to_del);
4687
4688 ecommunity_free(&ecom_auto);
4689 }
4690
4691 void bgp_evpn_configure_import_rt_for_vrf(struct bgp *bgp_vrf,
4692 struct ecommunity *ecomadd)
4693 {
4694 /* uninstall routes from vrf */
4695 if (is_l3vni_live(bgp_vrf))
4696 uninstall_routes_for_vrf(bgp_vrf);
4697
4698 /* Cleanup the RT to VRF mapping */
4699 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4700
4701 /* Remove auto generated RT */
4702 evpn_auto_rt_import_delete_for_vrf(bgp_vrf);
4703
4704 /* Add the newly configured RT to RT list */
4705 listnode_add_sort(bgp_vrf->vrf_import_rtl, ecomadd);
4706 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4707
4708 /* map VRF to its RTs and install routes matching the new RTs */
4709 if (is_l3vni_live(bgp_vrf)) {
4710 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4711 install_routes_for_vrf(bgp_vrf);
4712 }
4713 }
4714
4715 void bgp_evpn_unconfigure_import_rt_for_vrf(struct bgp *bgp_vrf,
4716 struct ecommunity *ecomdel)
4717 {
4718 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4719 struct ecommunity *ecom = NULL;
4720
4721 /* uninstall routes from vrf */
4722 if (is_l3vni_live(bgp_vrf))
4723 uninstall_routes_for_vrf(bgp_vrf);
4724
4725 /* Cleanup the RT to VRF mapping */
4726 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4727
4728 /* remove the RT from the RT list */
4729 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4730 if (ecommunity_match(ecom, ecomdel)) {
4731 ecommunity_free(&ecom);
4732 node_to_del = node;
4733 break;
4734 }
4735 }
4736
4737 if (node_to_del)
4738 list_delete_node(bgp_vrf->vrf_import_rtl, node_to_del);
4739
4740 assert(bgp_vrf->vrf_import_rtl);
4741 /* fallback to auto import rt, if this was the last RT */
4742 if (bgp_vrf->vrf_import_rtl && list_isempty(bgp_vrf->vrf_import_rtl)) {
4743 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4744 if (is_l3vni_live(bgp_vrf))
4745 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
4746 }
4747
4748 /* map VRFs to its RTs and install routes matching this new RT */
4749 if (is_l3vni_live(bgp_vrf)) {
4750 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4751 install_routes_for_vrf(bgp_vrf);
4752 }
4753 }
4754
4755 void bgp_evpn_configure_export_rt_for_vrf(struct bgp *bgp_vrf,
4756 struct ecommunity *ecomadd)
4757 {
4758 /* remove auto-generated RT */
4759 evpn_auto_rt_export_delete_for_vrf(bgp_vrf);
4760
4761 /* Add the new RT to the RT list */
4762 listnode_add_sort(bgp_vrf->vrf_export_rtl, ecomadd);
4763 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4764
4765 if (is_l3vni_live(bgp_vrf))
4766 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4767 }
4768
4769 void bgp_evpn_unconfigure_export_rt_for_vrf(struct bgp *bgp_vrf,
4770 struct ecommunity *ecomdel)
4771 {
4772 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4773 struct ecommunity *ecom = NULL;
4774
4775 /* Remove the RT from the RT list */
4776 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_export_rtl, node, nnode, ecom)) {
4777 if (ecommunity_match(ecom, ecomdel)) {
4778 ecommunity_free(&ecom);
4779 node_to_del = node;
4780 break;
4781 }
4782 }
4783
4784 if (node_to_del)
4785 list_delete_node(bgp_vrf->vrf_export_rtl, node_to_del);
4786
4787 /*
4788 * Temporary assert to make SA happy.
4789 * The ALL_LIST_ELEMENTS macro above has a NULL check
4790 * which means that SA is going to complain about
4791 * the list_isempty call, which doesn't NULL check.
4792 * So until we get this situation cleaned up, here
4793 * we are.
4794 */
4795 assert(bgp_vrf->vrf_export_rtl);
4796
4797 /* fall back to auto-generated RT if this was the last RT */
4798 if (list_isempty(bgp_vrf->vrf_export_rtl)) {
4799 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4800 if (is_l3vni_live(bgp_vrf))
4801 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
4802 }
4803
4804 if (is_l3vni_live(bgp_vrf))
4805 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4806 }
4807
4808 /*
4809 * Handle change to BGP router id. This is invoked twice by the change
4810 * handler, first before the router id has been changed and then after
4811 * the router id has been changed. The first invocation will result in
4812 * local routes for all VNIs/VRF being deleted and withdrawn and the next
4813 * will result in the routes being re-advertised.
4814 */
4815 void bgp_evpn_handle_router_id_update(struct bgp *bgp, int withdraw)
4816 {
4817 struct listnode *node;
4818 struct bgp *bgp_vrf;
4819
4820 if (withdraw) {
4821
4822 /* delete and withdraw all the type-5 routes
4823 stored in the global table for this vrf
4824 */
4825 withdraw_router_id_vrf(bgp);
4826
4827 /* delete all the VNI routes (type-2/type-3) routes for all the
4828 * L2-VNIs
4829 */
4830 hash_iterate(bgp->vnihash,
4831 (void (*)(struct hash_bucket *,
4832 void *))withdraw_router_id_vni,
4833 bgp);
4834
4835 if (bgp->inst_type == BGP_INSTANCE_TYPE_DEFAULT) {
4836 for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp_vrf)) {
4837 if (bgp_vrf->evpn_info->advertise_pip &&
4838 (bgp_vrf->evpn_info->pip_ip_static.s_addr
4839 == INADDR_ANY))
4840 bgp_vrf->evpn_info->pip_ip.s_addr
4841 = INADDR_ANY;
4842 }
4843 }
4844 } else {
4845
4846 /* Assign new default instance router-id */
4847 if (bgp->inst_type == BGP_INSTANCE_TYPE_DEFAULT) {
4848 for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp_vrf)) {
4849 if (bgp_vrf->evpn_info->advertise_pip &&
4850 (bgp_vrf->evpn_info->pip_ip_static.s_addr
4851 == INADDR_ANY)) {
4852 bgp_vrf->evpn_info->pip_ip =
4853 bgp->router_id;
4854 /* advertise type-5 routes with
4855 * new nexthop
4856 */
4857 update_advertise_vrf_routes(bgp_vrf);
4858 }
4859 }
4860 }
4861
4862 /* advertise all routes in the vrf as type-5 routes with the new
4863 * RD
4864 */
4865 update_router_id_vrf(bgp);
4866
4867 /* advertise all the VNI routes (type-2/type-3) routes with the
4868 * new RD
4869 */
4870 hash_iterate(bgp->vnihash,
4871 (void (*)(struct hash_bucket *,
4872 void *))update_router_id_vni,
4873 bgp);
4874 }
4875 }
4876
4877 /*
4878 * Handle change to auto-RT algorithm - update and advertise local routes.
4879 */
4880 void bgp_evpn_handle_autort_change(struct bgp *bgp)
4881 {
4882 hash_iterate(bgp->vnihash,
4883 (void (*)(struct hash_bucket *,
4884 void*))update_autort_vni,
4885 bgp);
4886 }
4887
4888 /*
4889 * Handle change to export RT - update and advertise local routes.
4890 */
4891 int bgp_evpn_handle_export_rt_change(struct bgp *bgp, struct bgpevpn *vpn)
4892 {
4893 return update_routes_for_vni(bgp, vpn);
4894 }
4895
4896 void bgp_evpn_handle_vrf_rd_change(struct bgp *bgp_vrf, int withdraw)
4897 {
4898 if (withdraw)
4899 delete_withdraw_vrf_routes(bgp_vrf);
4900 else
4901 update_advertise_vrf_routes(bgp_vrf);
4902 }
4903
4904 /*
4905 * Handle change to RD. This is invoked twice by the change handler,
4906 * first before the RD has been changed and then after the RD has
4907 * been changed. The first invocation will result in local routes
4908 * of this VNI being deleted and withdrawn and the next will result
4909 * in the routes being re-advertised.
4910 */
4911 void bgp_evpn_handle_rd_change(struct bgp *bgp, struct bgpevpn *vpn,
4912 int withdraw)
4913 {
4914 if (withdraw)
4915 delete_withdraw_vni_routes(bgp, vpn);
4916 else
4917 update_advertise_vni_routes(bgp, vpn);
4918 }
4919
4920 /*
4921 * Install routes for this VNI. Invoked upon change to Import RT.
4922 */
4923 int bgp_evpn_install_routes(struct bgp *bgp, struct bgpevpn *vpn)
4924 {
4925 return install_routes_for_vni(bgp, vpn);
4926 }
4927
4928 /*
4929 * Uninstall all routes installed for this VNI. Invoked upon change
4930 * to Import RT.
4931 */
4932 int bgp_evpn_uninstall_routes(struct bgp *bgp, struct bgpevpn *vpn)
4933 {
4934 return uninstall_routes_for_vni(bgp, vpn);
4935 }
4936
4937 /*
4938 * TODO: Hardcoded for a maximum of 2 VNIs right now
4939 */
4940 char *bgp_evpn_label2str(mpls_label_t *label, uint32_t num_labels, char *buf,
4941 int len)
4942 {
4943 vni_t vni1, vni2;
4944
4945 vni1 = label2vni(label);
4946 if (num_labels == 2) {
4947 vni2 = label2vni(label + 1);
4948 snprintf(buf, len, "%u/%u", vni1, vni2);
4949 } else
4950 snprintf(buf, len, "%u", vni1);
4951 return buf;
4952 }
4953
4954 /*
4955 * Function to convert evpn route to json format.
4956 * NOTE: We don't use prefix2str as the output here is a bit different.
4957 */
4958 void bgp_evpn_route2json(const struct prefix_evpn *p, json_object *json)
4959 {
4960 char buf1[ETHER_ADDR_STRLEN];
4961 char buf2[PREFIX2STR_BUFFER];
4962 uint8_t family;
4963 uint8_t prefixlen;
4964
4965 if (!json)
4966 return;
4967
4968 json_object_int_add(json, "routeType", p->prefix.route_type);
4969
4970 switch (p->prefix.route_type) {
4971 case BGP_EVPN_MAC_IP_ROUTE:
4972 json_object_int_add(json, "ethTag",
4973 p->prefix.macip_addr.eth_tag);
4974 json_object_int_add(json, "macLen", 8 * ETH_ALEN);
4975 json_object_string_add(json, "mac",
4976 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4977 sizeof(buf1)));
4978
4979 if (!is_evpn_prefix_ipaddr_none(p)) {
4980 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET :
4981 AF_INET6;
4982 prefixlen = (family == AF_INET) ?
4983 IPV4_MAX_BITLEN : IPV6_MAX_BITLEN;
4984 inet_ntop(family, &p->prefix.macip_addr.ip.ip.addr,
4985 buf2, PREFIX2STR_BUFFER);
4986 json_object_int_add(json, "ipLen", prefixlen);
4987 json_object_string_add(json, "ip", buf2);
4988 }
4989 break;
4990
4991 case BGP_EVPN_IMET_ROUTE:
4992 json_object_int_add(json, "ethTag",
4993 p->prefix.imet_addr.eth_tag);
4994 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET : AF_INET6;
4995 prefixlen = (family == AF_INET) ? IPV4_MAX_BITLEN :
4996 IPV6_MAX_BITLEN;
4997 inet_ntop(family, &p->prefix.imet_addr.ip.ip.addr, buf2,
4998 PREFIX2STR_BUFFER);
4999 json_object_int_add(json, "ipLen", prefixlen);
5000 json_object_string_add(json, "ip", buf2);
5001 break;
5002
5003 case BGP_EVPN_IP_PREFIX_ROUTE:
5004 json_object_int_add(json, "ethTag",
5005 p->prefix.prefix_addr.eth_tag);
5006 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET : AF_INET6;
5007 inet_ntop(family, &p->prefix.prefix_addr.ip.ip.addr,
5008 buf2, sizeof(buf2));
5009 json_object_int_add(json, "ipLen",
5010 p->prefix.prefix_addr.ip_prefix_length);
5011 json_object_string_add(json, "ip", buf2);
5012 break;
5013
5014 default:
5015 break;
5016 }
5017 }
5018
5019 /*
5020 * Function to convert evpn route to string.
5021 * NOTE: We don't use prefix2str as the output here is a bit different.
5022 */
5023 char *bgp_evpn_route2str(const struct prefix_evpn *p, char *buf, int len)
5024 {
5025 char buf1[ETHER_ADDR_STRLEN];
5026 char buf2[PREFIX2STR_BUFFER];
5027 char buf3[ESI_STR_LEN];
5028
5029 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
5030 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]", p->prefix.route_type,
5031 p->prefix.imet_addr.eth_tag,
5032 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
5033 : IPV6_MAX_BITLEN,
5034 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
5035 } else if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
5036 if (is_evpn_prefix_ipaddr_none(p))
5037 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
5038 p->prefix.route_type,
5039 p->prefix.macip_addr.eth_tag,
5040 8 * ETH_ALEN,
5041 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
5042 sizeof(buf1)));
5043 else {
5044 uint8_t family;
5045
5046 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET
5047 : AF_INET6;
5048 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]:[%d]:[%s]",
5049 p->prefix.route_type,
5050 p->prefix.macip_addr.eth_tag,
5051 8 * ETH_ALEN,
5052 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
5053 sizeof(buf1)),
5054 family == AF_INET ? IPV4_MAX_BITLEN
5055 : IPV6_MAX_BITLEN,
5056 inet_ntop(family,
5057 &p->prefix.macip_addr.ip.ip.addr,
5058 buf2,
5059 PREFIX2STR_BUFFER));
5060 }
5061 } else if (p->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
5062 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
5063 p->prefix.route_type,
5064 p->prefix.prefix_addr.eth_tag,
5065 p->prefix.prefix_addr.ip_prefix_length,
5066 is_evpn_prefix_ipaddr_v4(p)
5067 ? inet_ntoa(p->prefix.prefix_addr.ip.ipaddr_v4)
5068 : inet6_ntoa(p->prefix.prefix_addr.ip.ipaddr_v6));
5069 } else if (p->prefix.route_type == BGP_EVPN_ES_ROUTE) {
5070 snprintf(buf, len, "[%d]:[%s]:[%d]:[%s]",
5071 p->prefix.route_type,
5072 esi_to_str(&p->prefix.es_addr.esi, buf3, sizeof(buf3)),
5073 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
5074 : IPV6_MAX_BITLEN,
5075 inet_ntoa(p->prefix.es_addr.ip.ipaddr_v4));
5076 } else {
5077 /* For EVPN route types not supported yet. */
5078 snprintf(buf, len, "(unsupported route type %d)",
5079 p->prefix.route_type);
5080 }
5081
5082 return (buf);
5083 }
5084
5085 /*
5086 * Encode EVPN prefix in Update (MP_REACH)
5087 */
5088 void bgp_evpn_encode_prefix(struct stream *s, const struct prefix *p,
5089 const struct prefix_rd *prd, mpls_label_t *label,
5090 uint32_t num_labels, struct attr *attr,
5091 int addpath_encode, uint32_t addpath_tx_id)
5092 {
5093 struct prefix_evpn *evp = (struct prefix_evpn *)p;
5094 int len, ipa_len = 0;
5095
5096 if (addpath_encode)
5097 stream_putl(s, addpath_tx_id);
5098
5099 /* Route type */
5100 stream_putc(s, evp->prefix.route_type);
5101
5102 switch (evp->prefix.route_type) {
5103 case BGP_EVPN_MAC_IP_ROUTE:
5104 if (is_evpn_prefix_ipaddr_v4(evp))
5105 ipa_len = IPV4_MAX_BYTELEN;
5106 else if (is_evpn_prefix_ipaddr_v6(evp))
5107 ipa_len = IPV6_MAX_BYTELEN;
5108 /* RD, ESI, EthTag, MAC+len, IP len, [IP], 1 VNI */
5109 len = 8 + 10 + 4 + 1 + 6 + 1 + ipa_len + 3;
5110 if (ipa_len && num_labels > 1) /* There are 2 VNIs */
5111 len += 3;
5112 stream_putc(s, len);
5113 stream_put(s, prd->val, 8); /* RD */
5114 if (attr)
5115 stream_put(s, &attr->evpn_overlay.eth_s_id, ESI_LEN);
5116 else
5117 stream_put(s, 0, 10);
5118 stream_putl(s, evp->prefix.macip_addr.eth_tag); /* Ethernet Tag ID */
5119 stream_putc(s, 8 * ETH_ALEN); /* Mac Addr Len - bits */
5120 stream_put(s, evp->prefix.macip_addr.mac.octet, 6); /* Mac Addr */
5121 stream_putc(s, 8 * ipa_len); /* IP address Length */
5122 if (ipa_len) /* IP */
5123 stream_put(s, &evp->prefix.macip_addr.ip.ip.addr,
5124 ipa_len);
5125 /* 1st label is the L2 VNI */
5126 stream_put(s, label, BGP_LABEL_BYTES);
5127 /* Include 2nd label (L3 VNI) if advertising MAC+IP */
5128 if (ipa_len && num_labels > 1)
5129 stream_put(s, label + 1, BGP_LABEL_BYTES);
5130 break;
5131
5132 case BGP_EVPN_IMET_ROUTE:
5133 stream_putc(s, 17); // TODO: length - assumes IPv4 address
5134 stream_put(s, prd->val, 8); /* RD */
5135 stream_putl(s, evp->prefix.imet_addr.eth_tag); /* Ethernet Tag ID */
5136 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
5137 /* Originating Router's IP Addr */
5138 stream_put_in_addr(s, &evp->prefix.imet_addr.ip.ipaddr_v4);
5139 break;
5140
5141 case BGP_EVPN_ES_ROUTE:
5142 stream_putc(s, 23); /* TODO: length: assumes ipv4 VTEP */
5143 stream_put(s, prd->val, 8); /* RD */
5144 stream_put(s, evp->prefix.es_addr.esi.val, 10); /* ESI */
5145 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
5146 /* VTEP IP */
5147 stream_put_in_addr(s, &evp->prefix.es_addr.ip.ipaddr_v4);
5148 break;
5149
5150 case BGP_EVPN_IP_PREFIX_ROUTE:
5151 /* TODO: AddPath support. */
5152 evpn_mpattr_encode_type5(s, p, prd, label, num_labels, attr);
5153 break;
5154
5155 default:
5156 break;
5157 }
5158 }
5159
5160 int bgp_nlri_parse_evpn(struct peer *peer, struct attr *attr,
5161 struct bgp_nlri *packet, int withdraw)
5162 {
5163 uint8_t *pnt;
5164 uint8_t *lim;
5165 afi_t afi;
5166 safi_t safi;
5167 uint32_t addpath_id;
5168 int addpath_encoded;
5169 int psize = 0;
5170 uint8_t rtype;
5171 struct prefix p;
5172
5173 /* Start processing the NLRI - there may be multiple in the MP_REACH */
5174 pnt = packet->nlri;
5175 lim = pnt + packet->length;
5176 afi = packet->afi;
5177 safi = packet->safi;
5178 addpath_id = 0;
5179
5180 addpath_encoded =
5181 (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV)
5182 && CHECK_FLAG(peer->af_cap[afi][safi],
5183 PEER_CAP_ADDPATH_AF_TX_RCV));
5184
5185 for (; pnt < lim; pnt += psize) {
5186 /* Clear prefix structure. */
5187 memset(&p, 0, sizeof(struct prefix));
5188
5189 /* Deal with path-id if AddPath is supported. */
5190 if (addpath_encoded) {
5191 /* When packet overflow occurs return immediately. */
5192 if (pnt + BGP_ADDPATH_ID_LEN > lim)
5193 return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
5194
5195 memcpy(&addpath_id, pnt, BGP_ADDPATH_ID_LEN);
5196 addpath_id = ntohl(addpath_id);
5197 pnt += BGP_ADDPATH_ID_LEN;
5198 }
5199
5200 /* All EVPN NLRI types start with type and length. */
5201 if (pnt + 2 > lim)
5202 return BGP_NLRI_PARSE_ERROR_EVPN_MISSING_TYPE;
5203
5204 rtype = *pnt++;
5205 psize = *pnt++;
5206
5207 /* When packet overflow occur return immediately. */
5208 if (pnt + psize > lim)
5209 return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
5210
5211 switch (rtype) {
5212 case BGP_EVPN_MAC_IP_ROUTE:
5213 if (process_type2_route(peer, afi, safi,
5214 withdraw ? NULL : attr, pnt,
5215 psize, addpath_id)) {
5216 flog_err(
5217 EC_BGP_EVPN_FAIL,
5218 "%u:%s - Error in processing EVPN type-2 NLRI size %d",
5219 peer->bgp->vrf_id, peer->host, psize);
5220 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE2_SIZE;
5221 }
5222 break;
5223
5224 case BGP_EVPN_IMET_ROUTE:
5225 if (process_type3_route(peer, afi, safi,
5226 withdraw ? NULL : attr, pnt,
5227 psize, addpath_id)) {
5228 flog_err(
5229 EC_BGP_PKT_PROCESS,
5230 "%u:%s - Error in processing EVPN type-3 NLRI size %d",
5231 peer->bgp->vrf_id, peer->host, psize);
5232 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE3_SIZE;
5233 }
5234 break;
5235
5236 case BGP_EVPN_ES_ROUTE:
5237 if (process_type4_route(peer, afi, safi,
5238 withdraw ? NULL : attr, pnt,
5239 psize, addpath_id)) {
5240 flog_err(
5241 EC_BGP_PKT_PROCESS,
5242 "%u:%s - Error in processing EVPN type-4 NLRI size %d",
5243 peer->bgp->vrf_id, peer->host, psize);
5244 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE4_SIZE;
5245 }
5246 break;
5247
5248 case BGP_EVPN_IP_PREFIX_ROUTE:
5249 if (process_type5_route(peer, afi, safi,
5250 withdraw ? NULL : attr, pnt,
5251 psize, addpath_id)) {
5252 flog_err(
5253 EC_BGP_PKT_PROCESS,
5254 "%u:%s - Error in processing EVPN type-5 NLRI size %d",
5255 peer->bgp->vrf_id, peer->host, psize);
5256 return BGP_NLRI_PARSE_ERROR_EVPN_TYPE5_SIZE;
5257 }
5258 break;
5259
5260 default:
5261 break;
5262 }
5263 }
5264
5265 /* Packet length consistency check. */
5266 if (pnt != lim)
5267 return BGP_NLRI_PARSE_ERROR_PACKET_LENGTH;
5268
5269 return BGP_NLRI_PARSE_OK;
5270 }
5271
5272 /*
5273 * Map the RTs (configured or automatically derived) of a VRF to the VRF.
5274 * The mapping will be used during route processing.
5275 * bgp_def: default bgp instance
5276 * bgp_vrf: specific bgp vrf instance on which RT is configured
5277 */
5278 void bgp_evpn_map_vrf_to_its_rts(struct bgp *bgp_vrf)
5279 {
5280 int i = 0;
5281 struct ecommunity_val *eval = NULL;
5282 struct listnode *node = NULL, *nnode = NULL;
5283 struct ecommunity *ecom = NULL;
5284
5285 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
5286 for (i = 0; i < ecom->size; i++) {
5287 eval = (struct ecommunity_val *)(ecom->val
5288 + (i
5289 * ECOMMUNITY_SIZE));
5290 map_vrf_to_rt(bgp_vrf, eval);
5291 }
5292 }
5293 }
5294
5295 /*
5296 * Unmap the RTs (configured or automatically derived) of a VRF from the VRF.
5297 */
5298 void bgp_evpn_unmap_vrf_from_its_rts(struct bgp *bgp_vrf)
5299 {
5300 int i;
5301 struct ecommunity_val *eval;
5302 struct listnode *node, *nnode;
5303 struct ecommunity *ecom;
5304
5305 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
5306 for (i = 0; i < ecom->size; i++) {
5307 struct vrf_irt_node *irt;
5308 struct ecommunity_val eval_tmp;
5309
5310 eval = (struct ecommunity_val *)(ecom->val
5311 + (i
5312 * ECOMMUNITY_SIZE));
5313 /* If using "automatic" RT, we only care about the
5314 * local-admin sub-field.
5315 * This is to facilitate using VNI as the RT for EBGP
5316 * peering too.
5317 */
5318 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
5319 if (!CHECK_FLAG(bgp_vrf->vrf_flags,
5320 BGP_VRF_IMPORT_RT_CFGD))
5321 mask_ecom_global_admin(&eval_tmp, eval);
5322
5323 irt = lookup_vrf_import_rt(&eval_tmp);
5324 if (irt)
5325 unmap_vrf_from_rt(bgp_vrf, irt);
5326 }
5327 }
5328 }
5329
5330
5331 /*
5332 * Map the RTs (configured or automatically derived) of a VNI to the VNI.
5333 * The mapping will be used during route processing.
5334 */
5335 void bgp_evpn_map_vni_to_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
5336 {
5337 int i;
5338 struct ecommunity_val *eval;
5339 struct listnode *node, *nnode;
5340 struct ecommunity *ecom;
5341
5342 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
5343 for (i = 0; i < ecom->size; i++) {
5344 eval = (struct ecommunity_val *)(ecom->val
5345 + (i
5346 * ECOMMUNITY_SIZE));
5347 map_vni_to_rt(bgp, vpn, eval);
5348 }
5349 }
5350 }
5351
5352 /*
5353 * Unmap the RTs (configured or automatically derived) of a VNI from the VNI.
5354 */
5355 void bgp_evpn_unmap_vni_from_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
5356 {
5357 int i;
5358 struct ecommunity_val *eval;
5359 struct listnode *node, *nnode;
5360 struct ecommunity *ecom;
5361
5362 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
5363 for (i = 0; i < ecom->size; i++) {
5364 struct irt_node *irt;
5365 struct ecommunity_val eval_tmp;
5366
5367 eval = (struct ecommunity_val *)(ecom->val
5368 + (i
5369 * ECOMMUNITY_SIZE));
5370 /* If using "automatic" RT, we only care about the
5371 * local-admin sub-field.
5372 * This is to facilitate using VNI as the RT for EBGP
5373 * peering too.
5374 */
5375 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
5376 if (!is_import_rt_configured(vpn))
5377 mask_ecom_global_admin(&eval_tmp, eval);
5378
5379 irt = lookup_import_rt(bgp, &eval_tmp);
5380 if (irt)
5381 unmap_vni_from_rt(bgp, vpn, irt);
5382 }
5383 }
5384 }
5385
5386 /*
5387 * Derive Import RT automatically for VNI and map VNI to RT.
5388 * The mapping will be used during route processing.
5389 */
5390 void bgp_evpn_derive_auto_rt_import(struct bgp *bgp, struct bgpevpn *vpn)
5391 {
5392 form_auto_rt(bgp, vpn->vni, vpn->import_rtl);
5393 UNSET_FLAG(vpn->flags, VNI_FLAG_IMPRT_CFGD);
5394
5395 /* Map RT to VNI */
5396 bgp_evpn_map_vni_to_its_rts(bgp, vpn);
5397 }
5398
5399 /*
5400 * Derive Export RT automatically for VNI.
5401 */
5402 void bgp_evpn_derive_auto_rt_export(struct bgp *bgp, struct bgpevpn *vpn)
5403 {
5404 form_auto_rt(bgp, vpn->vni, vpn->export_rtl);
5405 UNSET_FLAG(vpn->flags, VNI_FLAG_EXPRT_CFGD);
5406 }
5407
5408 /*
5409 * Derive RD automatically for VNI using passed information - it
5410 * is of the form RouterId:unique-id-for-vni.
5411 */
5412 void bgp_evpn_derive_auto_rd_for_vrf(struct bgp *bgp)
5413 {
5414 if (is_vrf_rd_configured(bgp))
5415 return;
5416
5417 form_auto_rd(bgp->router_id, bgp->vrf_rd_id, &bgp->vrf_prd);
5418 }
5419
5420 /*
5421 * Derive RD automatically for VNI using passed information - it
5422 * is of the form RouterId:unique-id-for-vni.
5423 */
5424 void bgp_evpn_derive_auto_rd(struct bgp *bgp, struct bgpevpn *vpn)
5425 {
5426 char buf[100];
5427
5428 vpn->prd.family = AF_UNSPEC;
5429 vpn->prd.prefixlen = 64;
5430 snprintf(buf, sizeof(buf), "%s:%hu", inet_ntoa(bgp->router_id),
5431 vpn->rd_id);
5432 (void)str2prefix_rd(buf, &vpn->prd);
5433 UNSET_FLAG(vpn->flags, VNI_FLAG_RD_CFGD);
5434 }
5435
5436 /*
5437 * Lookup L3-VNI
5438 */
5439 bool bgp_evpn_lookup_l3vni_l2vni_table(vni_t vni)
5440 {
5441 struct list *inst = bm->bgp;
5442 struct listnode *node;
5443 struct bgp *bgp_vrf;
5444
5445 for (ALL_LIST_ELEMENTS_RO(inst, node, bgp_vrf)) {
5446 if (bgp_vrf->l3vni == vni)
5447 return true;
5448 }
5449
5450 return false;
5451 }
5452
5453 /*
5454 * Lookup VNI.
5455 */
5456 struct bgpevpn *bgp_evpn_lookup_vni(struct bgp *bgp, vni_t vni)
5457 {
5458 struct bgpevpn *vpn;
5459 struct bgpevpn tmp;
5460
5461 memset(&tmp, 0, sizeof(struct bgpevpn));
5462 tmp.vni = vni;
5463 vpn = hash_lookup(bgp->vnihash, &tmp);
5464 return vpn;
5465 }
5466
5467 /*
5468 * Create a new vpn - invoked upon configuration or zebra notification.
5469 */
5470 struct bgpevpn *bgp_evpn_new(struct bgp *bgp, vni_t vni,
5471 struct in_addr originator_ip,
5472 vrf_id_t tenant_vrf_id,
5473 struct in_addr mcast_grp)
5474 {
5475 struct bgpevpn *vpn;
5476
5477 if (!bgp)
5478 return NULL;
5479
5480 vpn = XCALLOC(MTYPE_BGP_EVPN, sizeof(struct bgpevpn));
5481
5482 /* Set values - RD and RT set to defaults. */
5483 vpn->vni = vni;
5484 vpn->originator_ip = originator_ip;
5485 vpn->tenant_vrf_id = tenant_vrf_id;
5486 vpn->mcast_grp = mcast_grp;
5487
5488 /* Initialize route-target import and export lists */
5489 vpn->import_rtl = list_new();
5490 vpn->import_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5491 vpn->import_rtl->del = evpn_xxport_delete_ecomm;
5492 vpn->export_rtl = list_new();
5493 vpn->export_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5494 vpn->export_rtl->del = evpn_xxport_delete_ecomm;
5495 bf_assign_index(bm->rd_idspace, vpn->rd_id);
5496 derive_rd_rt_for_vni(bgp, vpn);
5497
5498 /* Initialize EVPN route table. */
5499 vpn->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5500
5501 /* Add to hash */
5502 if (!hash_get(bgp->vnihash, vpn, hash_alloc_intern)) {
5503 XFREE(MTYPE_BGP_EVPN, vpn);
5504 return NULL;
5505 }
5506
5507 /* add to l2vni list on corresponding vrf */
5508 bgpevpn_link_to_l3vni(vpn);
5509
5510 QOBJ_REG(vpn, bgpevpn);
5511 return vpn;
5512 }
5513
5514 /*
5515 * Free a given VPN - called in multiple scenarios such as zebra
5516 * notification, configuration being deleted, advertise-all-vni disabled etc.
5517 * This just frees appropriate memory, caller should have taken other
5518 * needed actions.
5519 */
5520 void bgp_evpn_free(struct bgp *bgp, struct bgpevpn *vpn)
5521 {
5522 bgpevpn_unlink_from_l3vni(vpn);
5523 bgp_table_unlock(vpn->route_table);
5524 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
5525 list_delete(&vpn->import_rtl);
5526 list_delete(&vpn->export_rtl);
5527 bf_release_index(bm->rd_idspace, vpn->rd_id);
5528 hash_release(bgp->vnihash, vpn);
5529 QOBJ_UNREG(vpn);
5530 XFREE(MTYPE_BGP_EVPN, vpn);
5531 }
5532
5533 /*
5534 * Lookup local ES.
5535 */
5536 struct evpnes *bgp_evpn_lookup_es(struct bgp *bgp, esi_t *esi)
5537 {
5538 struct evpnes *es;
5539 struct evpnes tmp;
5540
5541 memset(&tmp, 0, sizeof(struct evpnes));
5542 memcpy(&tmp.esi, esi, sizeof(esi_t));
5543 es = hash_lookup(bgp->esihash, &tmp);
5544 return es;
5545 }
5546
5547 /*
5548 * Create a new local es - invoked upon zebra notification.
5549 */
5550 struct evpnes *bgp_evpn_es_new(struct bgp *bgp,
5551 esi_t *esi,
5552 struct ipaddr *originator_ip)
5553 {
5554 char buf[100];
5555 struct evpnes *es;
5556
5557 if (!bgp)
5558 return NULL;
5559
5560 es = XCALLOC(MTYPE_BGP_EVPN_ES, sizeof(struct evpnes));
5561
5562 /* set the ESI and originator_ip */
5563 memcpy(&es->esi, esi, sizeof(esi_t));
5564 memcpy(&es->originator_ip, originator_ip, sizeof(struct ipaddr));
5565
5566 /* Initialise the VTEP list */
5567 es->vtep_list = list_new();
5568 es->vtep_list->cmp = evpn_vtep_ip_cmp;
5569
5570 /* auto derive RD for this es */
5571 bf_assign_index(bm->rd_idspace, es->rd_id);
5572 es->prd.family = AF_UNSPEC;
5573 es->prd.prefixlen = 64;
5574 snprintf(buf, sizeof(buf), "%s:%hu", inet_ntoa(bgp->router_id),
5575 es->rd_id);
5576 (void)str2prefix_rd(buf, &es->prd);
5577
5578 /* Initialize the ES route table */
5579 es->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5580
5581 /* Add to hash */
5582 if (!hash_get(bgp->esihash, es, hash_alloc_intern)) {
5583 XFREE(MTYPE_BGP_EVPN_ES, es);
5584 return NULL;
5585 }
5586
5587 QOBJ_REG(es, evpnes);
5588 return es;
5589 }
5590
5591 /*
5592 * Free a given ES -
5593 * This just frees appropriate memory, caller should have taken other
5594 * needed actions.
5595 */
5596 void bgp_evpn_es_free(struct bgp *bgp, struct evpnes *es)
5597 {
5598 list_delete(&es->vtep_list);
5599 bgp_table_unlock(es->route_table);
5600 bf_release_index(bm->rd_idspace, es->rd_id);
5601 hash_release(bgp->esihash, es);
5602 QOBJ_UNREG(es);
5603 XFREE(MTYPE_BGP_EVPN_ES, es);
5604 }
5605
5606 /*
5607 * Import evpn route from global table to VNI/VRF/ESI.
5608 */
5609 int bgp_evpn_import_route(struct bgp *bgp, afi_t afi, safi_t safi,
5610 const struct prefix *p, struct bgp_path_info *pi)
5611 {
5612 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 1);
5613 }
5614
5615 /*
5616 * Unimport evpn route from VNI/VRF/ESI.
5617 */
5618 int bgp_evpn_unimport_route(struct bgp *bgp, afi_t afi, safi_t safi,
5619 const struct prefix *p, struct bgp_path_info *pi)
5620 {
5621 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 0);
5622 }
5623
5624 /* filter routes which have martian next hops */
5625 int bgp_filter_evpn_routes_upon_martian_nh_change(struct bgp *bgp)
5626 {
5627 afi_t afi;
5628 safi_t safi;
5629 struct bgp_dest *rd_dest, *dest;
5630 struct bgp_table *table;
5631 struct bgp_path_info *pi;
5632
5633 afi = AFI_L2VPN;
5634 safi = SAFI_EVPN;
5635
5636 /* Walk entire global routing table and evaluate routes which could be
5637 * imported into this VPN. Note that we cannot just look at the routes
5638 * for the VNI's RD -
5639 * remote routes applicable for this VNI could have any RD.
5640 */
5641 /* EVPN routes are a 2-level table. */
5642 for (rd_dest = bgp_table_top(bgp->rib[afi][safi]); rd_dest;
5643 rd_dest = bgp_route_next(rd_dest)) {
5644 table = bgp_dest_get_bgp_table_info(rd_dest);
5645 if (!table)
5646 continue;
5647
5648 for (dest = bgp_table_top(table); dest;
5649 dest = bgp_route_next(dest)) {
5650
5651 for (pi = bgp_dest_get_bgp_path_info(dest); pi;
5652 pi = pi->next) {
5653
5654 /* Consider "valid" remote routes applicable for
5655 * this VNI. */
5656 if (!(pi->type == ZEBRA_ROUTE_BGP
5657 && pi->sub_type == BGP_ROUTE_NORMAL))
5658 continue;
5659 if (bgp_nexthop_self(bgp, afi, pi->type,
5660 pi->sub_type, pi->attr,
5661 dest)) {
5662 const struct prefix *p =
5663 bgp_dest_get_prefix(dest);
5664
5665 if (bgp_debug_update(pi->peer, p, NULL,
5666 1)) {
5667 char attr_str[BUFSIZ] = {0};
5668
5669 bgp_dump_attr(pi->attr,
5670 attr_str, BUFSIZ);
5671
5672 zlog_debug(
5673 "%u: prefix %pRN with attr %s - DENIED due to martian or self nexthop",
5674 bgp->vrf_id, dest,
5675 attr_str);
5676 }
5677 bgp_evpn_unimport_route(bgp, afi, safi,
5678 p, pi);
5679
5680 bgp_rib_remove(dest, pi, pi->peer, afi,
5681 safi);
5682 }
5683 }
5684 }
5685 }
5686
5687 return 0;
5688 }
5689
5690 /*
5691 * Handle del of a local MACIP.
5692 */
5693 int bgp_evpn_local_macip_del(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5694 struct ipaddr *ip, int state)
5695 {
5696 struct bgpevpn *vpn;
5697 struct prefix_evpn p;
5698 struct bgp_dest *dest;
5699
5700 /* Lookup VNI hash - should exist. */
5701 vpn = bgp_evpn_lookup_vni(bgp, vni);
5702 if (!vpn || !is_vni_live(vpn)) {
5703 flog_warn(EC_BGP_EVPN_VPN_VNI,
5704 "%u: VNI hash entry for VNI %u %s at MACIP DEL",
5705 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5706 return -1;
5707 }
5708
5709 build_evpn_type2_prefix(&p, mac, ip);
5710 if (state == ZEBRA_NEIGH_ACTIVE) {
5711 /* Remove EVPN type-2 route and schedule for processing. */
5712 delete_evpn_route(bgp, vpn, &p);
5713 } else {
5714 /* Re-instate the current remote best path if any */
5715 dest = bgp_node_lookup(vpn->route_table, (struct prefix *)&p);
5716 if (dest)
5717 evpn_zebra_reinstall_best_route(bgp, vpn, dest);
5718 }
5719
5720 return 0;
5721 }
5722
5723 /*
5724 * Handle add of a local MACIP.
5725 */
5726 int bgp_evpn_local_macip_add(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5727 struct ipaddr *ip, uint8_t flags, uint32_t seq)
5728 {
5729 struct bgpevpn *vpn;
5730 struct prefix_evpn p;
5731
5732 /* Lookup VNI hash - should exist. */
5733 vpn = bgp_evpn_lookup_vni(bgp, vni);
5734 if (!vpn || !is_vni_live(vpn)) {
5735 flog_warn(EC_BGP_EVPN_VPN_VNI,
5736 "%u: VNI hash entry for VNI %u %s at MACIP ADD",
5737 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5738 return -1;
5739 }
5740
5741 /* Create EVPN type-2 route and schedule for processing. */
5742 build_evpn_type2_prefix(&p, mac, ip);
5743 if (update_evpn_route(bgp, vpn, &p, flags, seq)) {
5744 char buf[ETHER_ADDR_STRLEN];
5745 char buf2[INET6_ADDRSTRLEN];
5746
5747 flog_err(
5748 EC_BGP_EVPN_ROUTE_CREATE,
5749 "%u:Failed to create Type-2 route, VNI %u %s MAC %s IP %s (flags: 0x%x)",
5750 bgp->vrf_id, vpn->vni,
5751 CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY)
5752 ? "sticky gateway"
5753 : "",
5754 prefix_mac2str(mac, buf, sizeof(buf)),
5755 ipaddr2str(ip, buf2, sizeof(buf2)), flags);
5756 return -1;
5757 }
5758
5759 return 0;
5760 }
5761
5762 static void link_l2vni_hash_to_l3vni(struct hash_bucket *bucket,
5763 struct bgp *bgp_vrf)
5764 {
5765 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
5766 struct bgp *bgp_evpn = NULL;
5767
5768 bgp_evpn = bgp_get_evpn();
5769 assert(bgp_evpn);
5770
5771 if (vpn->tenant_vrf_id == bgp_vrf->vrf_id)
5772 bgpevpn_link_to_l3vni(vpn);
5773 }
5774
5775 int bgp_evpn_local_l3vni_add(vni_t l3vni, vrf_id_t vrf_id,
5776 struct ethaddr *svi_rmac,
5777 struct ethaddr *vrr_rmac,
5778 struct in_addr originator_ip, int filter,
5779 ifindex_t svi_ifindex,
5780 bool is_anycast_mac)
5781 {
5782 struct bgp *bgp_vrf = NULL; /* bgp VRF instance */
5783 struct bgp *bgp_evpn = NULL; /* EVPN bgp instance */
5784 struct listnode *node = NULL;
5785 struct bgpevpn *vpn = NULL;
5786 as_t as = 0;
5787
5788 /* get the EVPN instance - required to get the AS number for VRF
5789 * auto-creatio
5790 */
5791 bgp_evpn = bgp_get_evpn();
5792 if (!bgp_evpn) {
5793 flog_err(
5794 EC_BGP_NO_DFLT,
5795 "Cannot process L3VNI %u ADD - EVPN BGP instance not yet created",
5796 l3vni);
5797 return -1;
5798 }
5799 as = bgp_evpn->as;
5800
5801 /* if the BGP vrf instance doesn't exist - create one */
5802 bgp_vrf = bgp_lookup_by_vrf_id(vrf_id);
5803 if (!bgp_vrf) {
5804
5805 int ret = 0;
5806
5807 ret = bgp_get_vty(&bgp_vrf, &as, vrf_id_to_name(vrf_id),
5808 vrf_id == VRF_DEFAULT
5809 ? BGP_INSTANCE_TYPE_DEFAULT
5810 : BGP_INSTANCE_TYPE_VRF);
5811 switch (ret) {
5812 case BGP_ERR_AS_MISMATCH:
5813 flog_err(EC_BGP_EVPN_AS_MISMATCH,
5814 "BGP is already running; AS is %u\n", as);
5815 return -1;
5816 case BGP_ERR_INSTANCE_MISMATCH:
5817 flog_err(EC_BGP_EVPN_INSTANCE_MISMATCH,
5818 "BGP instance name and AS number mismatch\n");
5819 return -1;
5820 }
5821
5822 /* mark as auto created */
5823 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO);
5824 }
5825
5826 /* associate the vrf with l3vni and related parameters */
5827 bgp_vrf->l3vni = l3vni;
5828 bgp_vrf->originator_ip = originator_ip;
5829 bgp_vrf->l3vni_svi_ifindex = svi_ifindex;
5830 bgp_vrf->evpn_info->is_anycast_mac = is_anycast_mac;
5831
5832 /* copy anycast MAC from VRR MAC */
5833 memcpy(&bgp_vrf->rmac, vrr_rmac, ETH_ALEN);
5834 /* copy sys RMAC from SVI MAC */
5835 memcpy(&bgp_vrf->evpn_info->pip_rmac_zebra, svi_rmac, ETH_ALEN);
5836 /* PIP user configured mac is not present use svi mac as sys mac */
5837 if (is_zero_mac(&bgp_vrf->evpn_info->pip_rmac_static))
5838 memcpy(&bgp_vrf->evpn_info->pip_rmac, svi_rmac, ETH_ALEN);
5839
5840 if (bgp_debug_zebra(NULL)) {
5841 char buf[ETHER_ADDR_STRLEN];
5842 char buf1[ETHER_ADDR_STRLEN];
5843 char buf2[ETHER_ADDR_STRLEN];
5844
5845 zlog_debug("VRF %s vni %u pip %s RMAC %s sys RMAC %s static RMAC %s is_anycast_mac %s",
5846 vrf_id_to_name(bgp_vrf->vrf_id),
5847 bgp_vrf->l3vni,
5848 bgp_vrf->evpn_info->advertise_pip ? "enable"
5849 : "disable",
5850 prefix_mac2str(&bgp_vrf->rmac, buf, sizeof(buf)),
5851 prefix_mac2str(&bgp_vrf->evpn_info->pip_rmac,
5852 buf1, sizeof(buf1)),
5853 prefix_mac2str(&bgp_vrf->evpn_info->pip_rmac_static,
5854 buf2, sizeof(buf2)),
5855 is_anycast_mac ? "Enable" : "Disable");
5856 }
5857 /* set the right filter - are we using l3vni only for prefix routes? */
5858 if (filter) {
5859 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5860
5861 /*
5862 * VNI_FLAG_USE_TWO_LABELS flag for linked L2VNIs should not be
5863 * set before linking vrf to L3VNI. Thus, no need to clear
5864 * that explicitly.
5865 */
5866 } else {
5867 UNSET_FLAG(bgp_vrf->vrf_flags,
5868 BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5869
5870 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn)) {
5871 if (!CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS)) {
5872
5873 /*
5874 * If we are flapping VNI_FLAG_USE_TWO_LABELS
5875 * flag, update all MACIP routes in this VNI
5876 */
5877 SET_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS);
5878 update_all_type2_routes(bgp_evpn, vpn);
5879 }
5880 }
5881 }
5882
5883 /* Map auto derive or configured RTs */
5884 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5885 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
5886 else
5887 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
5888
5889 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD))
5890 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
5891
5892 /* auto derive RD */
5893 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
5894
5895 /* link all corresponding l2vnis */
5896 hash_iterate(bgp_evpn->vnihash,
5897 (void (*)(struct hash_bucket *,
5898 void *))link_l2vni_hash_to_l3vni,
5899 bgp_vrf);
5900
5901 /* Only update all corresponding type-2 routes if we are advertising two
5902 * labels along with type-2 routes
5903 */
5904 if (!filter)
5905 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
5906 update_routes_for_vni(bgp_evpn, vpn);
5907
5908 /* advertise type-5 routes if needed */
5909 update_advertise_vrf_routes(bgp_vrf);
5910
5911 /* install all remote routes belonging to this l3vni into correspondng
5912 * vrf */
5913 install_routes_for_vrf(bgp_vrf);
5914
5915 return 0;
5916 }
5917
5918 int bgp_evpn_local_l3vni_del(vni_t l3vni, vrf_id_t vrf_id)
5919 {
5920 struct bgp *bgp_vrf = NULL; /* bgp vrf instance */
5921 struct bgp *bgp_evpn = NULL; /* EVPN bgp instance */
5922 struct listnode *node = NULL;
5923 struct listnode *next = NULL;
5924 struct bgpevpn *vpn = NULL;
5925
5926 bgp_vrf = bgp_lookup_by_vrf_id(vrf_id);
5927 if (!bgp_vrf) {
5928 flog_err(
5929 EC_BGP_NO_DFLT,
5930 "Cannot process L3VNI %u Del - Could not find BGP instance",
5931 l3vni);
5932 return -1;
5933 }
5934
5935 bgp_evpn = bgp_get_evpn();
5936 if (!bgp_evpn) {
5937 flog_err(
5938 EC_BGP_NO_DFLT,
5939 "Cannot process L3VNI %u Del - Could not find EVPN BGP instance",
5940 l3vni);
5941 return -1;
5942 }
5943
5944 /* Remove remote routes from BGT VRF even if BGP_VRF_AUTO is configured,
5945 * bgp_delete would not remove/decrement bgp_path_info of the ip_prefix
5946 * routes. This will uninstalling the routes from zebra and decremnt the
5947 * bgp info count.
5948 */
5949 uninstall_routes_for_vrf(bgp_vrf);
5950
5951 /* delete/withdraw all type-5 routes */
5952 delete_withdraw_vrf_routes(bgp_vrf);
5953
5954 /* remove the l3vni from vrf instance */
5955 bgp_vrf->l3vni = 0;
5956
5957 /* remove the Rmac from the BGP vrf */
5958 memset(&bgp_vrf->rmac, 0, sizeof(struct ethaddr));
5959 memset(&bgp_vrf->evpn_info->pip_rmac_zebra, 0, ETH_ALEN);
5960 if (is_zero_mac(&bgp_vrf->evpn_info->pip_rmac_static) &&
5961 !is_zero_mac(&bgp_vrf->evpn_info->pip_rmac))
5962 memset(&bgp_vrf->evpn_info->pip_rmac, 0, ETH_ALEN);
5963
5964 /* remove default import RT or Unmap non-default import RT */
5965 if (!list_isempty(bgp_vrf->vrf_import_rtl)) {
5966 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
5967 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5968 list_delete_all_node(bgp_vrf->vrf_import_rtl);
5969 }
5970
5971 /* remove default export RT */
5972 if (!list_isempty(bgp_vrf->vrf_export_rtl) &&
5973 !CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD)) {
5974 list_delete_all_node(bgp_vrf->vrf_export_rtl);
5975 }
5976
5977 /* update all corresponding local mac-ip routes */
5978 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY)) {
5979 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn)) {
5980 UNSET_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS);
5981 update_routes_for_vni(bgp_evpn, vpn);
5982 }
5983 }
5984
5985 /* If any L2VNIs point to this instance, unlink them. */
5986 for (ALL_LIST_ELEMENTS(bgp_vrf->l2vnis, node, next, vpn))
5987 bgpevpn_unlink_from_l3vni(vpn);
5988
5989 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5990
5991 /* Delete the instance if it was autocreated */
5992 if (CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO))
5993 bgp_delete(bgp_vrf);
5994
5995 return 0;
5996 }
5997
5998 /*
5999 * Handle del of a local VNI.
6000 */
6001 int bgp_evpn_local_vni_del(struct bgp *bgp, vni_t vni)
6002 {
6003 struct bgpevpn *vpn;
6004
6005 /* Locate VNI hash */
6006 vpn = bgp_evpn_lookup_vni(bgp, vni);
6007 if (!vpn) {
6008 if (bgp_debug_zebra(NULL))
6009 flog_warn(
6010 EC_BGP_EVPN_VPN_VNI,
6011 "%u: VNI hash entry for VNI %u not found at DEL",
6012 bgp->vrf_id, vni);
6013 return 0;
6014 }
6015
6016 /* Remove all local EVPN routes and schedule for processing (to
6017 * withdraw from peers).
6018 */
6019 delete_routes_for_vni(bgp, vpn);
6020
6021 /*
6022 * tunnel is no longer active, del tunnel ip address from tip_hash
6023 */
6024 bgp_tip_del(bgp, &vpn->originator_ip);
6025
6026 /* Clear "live" flag and see if hash needs to be freed. */
6027 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
6028 if (!is_vni_configured(vpn))
6029 bgp_evpn_free(bgp, vpn);
6030
6031 return 0;
6032 }
6033
6034 /*
6035 * Handle add (or update) of a local VNI. The VNI changes we care
6036 * about are for the local-tunnel-ip and the (tenant) VRF.
6037 */
6038 int bgp_evpn_local_vni_add(struct bgp *bgp, vni_t vni,
6039 struct in_addr originator_ip,
6040 vrf_id_t tenant_vrf_id,
6041 struct in_addr mcast_grp)
6042
6043 {
6044 struct bgpevpn *vpn;
6045 struct prefix_evpn p;
6046
6047 /* Lookup VNI. If present and no change, exit. */
6048 vpn = bgp_evpn_lookup_vni(bgp, vni);
6049 if (vpn) {
6050
6051 if (is_vni_live(vpn)
6052 && IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip)
6053 && IPV4_ADDR_SAME(&vpn->mcast_grp, &mcast_grp)
6054 && vpn->tenant_vrf_id == tenant_vrf_id)
6055 /* Probably some other param has changed that we don't
6056 * care about. */
6057 return 0;
6058
6059 bgp_evpn_mcast_grp_change(bgp, vpn, mcast_grp);
6060
6061 /* Update tenant_vrf_id if it has changed. */
6062 if (vpn->tenant_vrf_id != tenant_vrf_id) {
6063 bgpevpn_unlink_from_l3vni(vpn);
6064 vpn->tenant_vrf_id = tenant_vrf_id;
6065 bgpevpn_link_to_l3vni(vpn);
6066 }
6067
6068 /* If tunnel endpoint IP has changed, update (and delete prior
6069 * type-3 route, if needed.)
6070 */
6071 if (!IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip))
6072 handle_tunnel_ip_change(bgp, vpn, originator_ip);
6073
6074 /* Update all routes with new endpoint IP and/or export RT
6075 * for VRFs
6076 */
6077 if (is_vni_live(vpn))
6078 update_routes_for_vni(bgp, vpn);
6079 }
6080
6081 /* Create or update as appropriate. */
6082 if (!vpn) {
6083 vpn = bgp_evpn_new(bgp, vni, originator_ip, tenant_vrf_id,
6084 mcast_grp);
6085 if (!vpn) {
6086 flog_err(
6087 EC_BGP_VNI,
6088 "%u: Failed to allocate VNI entry for VNI %u - at Add",
6089 bgp->vrf_id, vni);
6090 return -1;
6091 }
6092 }
6093
6094 /* if the VNI is live already, there is nothing more to do */
6095 if (is_vni_live(vpn))
6096 return 0;
6097
6098 /* Mark as "live" */
6099 SET_FLAG(vpn->flags, VNI_FLAG_LIVE);
6100
6101 /* tunnel is now active, add tunnel-ip to db */
6102 bgp_tip_add(bgp, &originator_ip);
6103
6104 /* filter routes as nexthop database has changed */
6105 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
6106
6107 /*
6108 * Create EVPN type-3 route and schedule for processing.
6109 *
6110 * RT-3 only if doing head-end replication
6111 */
6112 if (bgp_evpn_vni_flood_mode_get(bgp, vpn)
6113 == VXLAN_FLOOD_HEAD_END_REPL) {
6114 build_evpn_type3_prefix(&p, vpn->originator_ip);
6115 if (update_evpn_route(bgp, vpn, &p, 0, 0)) {
6116 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
6117 "%u: Type3 route creation failure for VNI %u",
6118 bgp->vrf_id, vni);
6119 return -1;
6120 }
6121 }
6122
6123 /* If we have learnt and retained remote routes (VTEPs, MACs) for this
6124 * VNI,
6125 * install them.
6126 */
6127 install_routes_for_vni(bgp, vpn);
6128
6129 /* If we are advertising gateway mac-ip
6130 It needs to be conveyed again to zebra */
6131 bgp_zebra_advertise_gw_macip(bgp, vpn->advertise_gw_macip, vpn->vni);
6132
6133 /* advertise svi mac-ip knob to zebra */
6134 bgp_zebra_advertise_svi_macip(bgp, vpn->advertise_svi_macip, vpn->vni);
6135
6136 return 0;
6137 }
6138
6139 /*
6140 * bgp_evpn_local_es_del
6141 */
6142 int bgp_evpn_local_es_del(struct bgp *bgp,
6143 esi_t *esi,
6144 struct ipaddr *originator_ip)
6145 {
6146 char buf[ESI_STR_LEN];
6147 struct evpnes *es = NULL;
6148
6149 if (!bgp->esihash) {
6150 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
6151 bgp->vrf_id);
6152 return -1;
6153 }
6154
6155 /* Lookup ESI hash - should exist. */
6156 es = bgp_evpn_lookup_es(bgp, esi);
6157 if (!es) {
6158 flog_warn(EC_BGP_EVPN_ESI,
6159 "%u: ESI hash entry for ESI %s at Local ES DEL",
6160 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
6161 return -1;
6162 }
6163
6164 /* Delete all local EVPN ES routes from ESI table
6165 * and schedule for processing (to withdraw from peers))
6166 */
6167 delete_routes_for_es(bgp, es);
6168
6169 /* free the hash entry */
6170 bgp_evpn_es_free(bgp, es);
6171
6172 return 0;
6173 }
6174
6175 /*
6176 * bgp_evpn_local_es_add
6177 */
6178 int bgp_evpn_local_es_add(struct bgp *bgp,
6179 esi_t *esi,
6180 struct ipaddr *originator_ip)
6181 {
6182 char buf[ESI_STR_LEN];
6183 struct evpnes *es = NULL;
6184 struct prefix_evpn p;
6185
6186 if (!bgp->esihash) {
6187 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
6188 bgp->vrf_id);
6189 return -1;
6190 }
6191
6192 /* create the new es */
6193 es = bgp_evpn_lookup_es(bgp, esi);
6194 if (!es) {
6195 es = bgp_evpn_es_new(bgp, esi, originator_ip);
6196 if (!es) {
6197 flog_err(
6198 EC_BGP_ES_CREATE,
6199 "%u: Failed to allocate ES entry for ESI %s - at Local ES Add",
6200 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
6201 return -1;
6202 }
6203 }
6204 UNSET_FLAG(es->flags, EVPNES_REMOTE);
6205 SET_FLAG(es->flags, EVPNES_LOCAL);
6206
6207 build_evpn_type4_prefix(&p, esi, originator_ip->ipaddr_v4);
6208 if (update_evpn_type4_route(bgp, es, &p)) {
6209 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
6210 "%u: Type4 route creation failure for ESI %s",
6211 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
6212 return -1;
6213 }
6214
6215 /* import all remote ES routes in th ES table */
6216 install_routes_for_es(bgp, es);
6217
6218 return 0;
6219 }
6220
6221 /*
6222 * Handle change in setting for BUM handling. The supported values
6223 * are head-end replication and dropping all BUM packets. Any change
6224 * should be registered with zebra. Also, if doing head-end replication,
6225 * need to advertise local VNIs as EVPN RT-3 wheras, if BUM packets are
6226 * to be dropped, the RT-3s must be withdrawn.
6227 */
6228 void bgp_evpn_flood_control_change(struct bgp *bgp)
6229 {
6230 zlog_info("L2VPN EVPN BUM handling is %s",
6231 bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL ?
6232 "Flooding" : "Flooding Disabled");
6233
6234 bgp_zebra_vxlan_flood_control(bgp, bgp->vxlan_flood_ctrl);
6235 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL)
6236 hash_iterate(bgp->vnihash, create_advertise_type3, bgp);
6237 else if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_DISABLED)
6238 hash_iterate(bgp->vnihash, delete_withdraw_type3, bgp);
6239 }
6240
6241 /*
6242 * Cleanup EVPN information on disable - Need to delete and withdraw
6243 * EVPN routes from peers.
6244 */
6245 void bgp_evpn_cleanup_on_disable(struct bgp *bgp)
6246 {
6247 hash_iterate(bgp->vnihash, (void (*)(struct hash_bucket *,
6248 void *))cleanup_vni_on_disable,
6249 bgp);
6250 }
6251
6252 /*
6253 * Cleanup EVPN information - invoked at the time of bgpd exit or when the
6254 * BGP instance (default) is being freed.
6255 */
6256 void bgp_evpn_cleanup(struct bgp *bgp)
6257 {
6258 hash_iterate(bgp->vnihash,
6259 (void (*)(struct hash_bucket *, void *))free_vni_entry,
6260 bgp);
6261
6262 hash_free(bgp->import_rt_hash);
6263 bgp->import_rt_hash = NULL;
6264
6265 hash_free(bgp->vrf_import_rt_hash);
6266 bgp->vrf_import_rt_hash = NULL;
6267
6268 hash_free(bgp->vnihash);
6269 bgp->vnihash = NULL;
6270 if (bgp->esihash)
6271 hash_free(bgp->esihash);
6272 bgp->esihash = NULL;
6273
6274 list_delete(&bgp->vrf_import_rtl);
6275 list_delete(&bgp->vrf_export_rtl);
6276 list_delete(&bgp->l2vnis);
6277 }
6278
6279 /*
6280 * Initialization for EVPN
6281 * Create
6282 * VNI hash table
6283 * hash for RT to VNI
6284 */
6285 void bgp_evpn_init(struct bgp *bgp)
6286 {
6287 bgp->vnihash =
6288 hash_create(vni_hash_key_make, vni_hash_cmp, "BGP VNI Hash");
6289 bgp->esihash =
6290 hash_create(esi_hash_keymake, esi_cmp,
6291 "BGP EVPN Local ESI Hash");
6292 bgp->import_rt_hash =
6293 hash_create(import_rt_hash_key_make, import_rt_hash_cmp,
6294 "BGP Import RT Hash");
6295 bgp->vrf_import_rt_hash =
6296 hash_create(vrf_import_rt_hash_key_make, vrf_import_rt_hash_cmp,
6297 "BGP VRF Import RT Hash");
6298 bgp->vrf_import_rtl = list_new();
6299 bgp->vrf_import_rtl->cmp =
6300 (int (*)(void *, void *))evpn_route_target_cmp;
6301 bgp->vrf_import_rtl->del = evpn_xxport_delete_ecomm;
6302 bgp->vrf_export_rtl = list_new();
6303 bgp->vrf_export_rtl->cmp =
6304 (int (*)(void *, void *))evpn_route_target_cmp;
6305 bgp->vrf_export_rtl->del = evpn_xxport_delete_ecomm;
6306 bgp->l2vnis = list_new();
6307 bgp->l2vnis->cmp = vni_list_cmp;
6308 /* By default Duplicate Address Dection is enabled.
6309 * Max-moves (N) 5, detection time (M) 180
6310 * default action is warning-only
6311 * freeze action permanently freezes address,
6312 * and freeze time (auto-recovery) is disabled.
6313 */
6314 if (bgp->evpn_info) {
6315 bgp->evpn_info->dup_addr_detect = true;
6316 bgp->evpn_info->dad_time = EVPN_DAD_DEFAULT_TIME;
6317 bgp->evpn_info->dad_max_moves = EVPN_DAD_DEFAULT_MAX_MOVES;
6318 bgp->evpn_info->dad_freeze = false;
6319 bgp->evpn_info->dad_freeze_time = 0;
6320 /* Initialize zebra vxlan */
6321 bgp_zebra_dup_addr_detection(bgp);
6322 /* Enable PIP feature by default for bgp vrf instance */
6323 if (bgp->inst_type == BGP_INSTANCE_TYPE_VRF) {
6324 struct bgp *bgp_default;
6325
6326 bgp->evpn_info->advertise_pip = true;
6327 bgp_default = bgp_get_default();
6328 if (bgp_default)
6329 bgp->evpn_info->pip_ip = bgp_default->router_id;
6330 }
6331 }
6332
6333 /* Default BUM handling is to do head-end replication. */
6334 bgp->vxlan_flood_ctrl = VXLAN_FLOOD_HEAD_END_REPL;
6335 }
6336
6337 void bgp_evpn_vrf_delete(struct bgp *bgp_vrf)
6338 {
6339 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
6340 }
6341
6342 /*
6343 * Get the prefixlen of the ip prefix carried within the type5 evpn route.
6344 */
6345 int bgp_evpn_get_type5_prefixlen(const struct prefix *pfx)
6346 {
6347 struct prefix_evpn *evp = (struct prefix_evpn *)pfx;
6348
6349 if (!pfx || pfx->family != AF_EVPN)
6350 return 0;
6351
6352 if (evp->prefix.route_type != BGP_EVPN_IP_PREFIX_ROUTE)
6353 return 0;
6354
6355 return evp->prefix.prefix_addr.ip_prefix_length;
6356 }
6357
6358 /*
6359 * Should we register nexthop for this EVPN prefix for nexthop tracking?
6360 */
6361 bool bgp_evpn_is_prefix_nht_supported(const struct prefix *pfx)
6362 {
6363 struct prefix_evpn *evp = (struct prefix_evpn *)pfx;
6364
6365 /*
6366 * EVPN routes should be marked as valid only if the nexthop is
6367 * reachable. Only if this happens, the route should be imported
6368 * (into VNI or VRF routing tables) and/or advertised.
6369 * Note: This is currently applied for EVPN type-2, type-3 and
6370 * type-5 routes. It may be tweaked later on for other routes, or
6371 * even removed completely when all routes are handled.
6372 */
6373 if (pfx && pfx->family == AF_EVPN &&
6374 (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE ||
6375 evp->prefix.route_type == BGP_EVPN_IMET_ROUTE ||
6376 evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
6377 return true;
6378
6379 return false;
6380 }
FRRouting mirror