]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_evpn_mh.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #12487 from anlancs/fix/fix-doc-ospf
[mirror_frr.git] / bgpd / bgp_evpn_mh.c
1 /* EVPN Multihoming procedures
2 *
3 * Copyright (C) 2019 Cumulus Networks, Inc.
4 * Anuradha Karuppiah
5 *
6 * This file is part of FRR.
7 *
8 * FRRouting is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * FRRouting is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 */
19
20 #include <zebra.h>
21
22 #include "command.h"
23 #include "filter.h"
24 #include "prefix.h"
25 #include "log.h"
26 #include "memory.h"
27 #include "stream.h"
28 #include "hash.h"
29 #include "jhash.h"
30 #include "zclient.h"
31
32 #include "lib/printfrr.h"
33
34 #include "bgpd/bgp_attr_evpn.h"
35 #include "bgpd/bgpd.h"
36 #include "bgpd/bgp_table.h"
37 #include "bgpd/bgp_route.h"
38 #include "bgpd/bgp_attr.h"
39 #include "bgpd/bgp_mplsvpn.h"
40 #include "bgpd/bgp_evpn.h"
41 #include "bgpd/bgp_evpn_private.h"
42 #include "bgpd/bgp_evpn_mh.h"
43 #include "bgpd/bgp_ecommunity.h"
44 #include "bgpd/bgp_encap_types.h"
45 #include "bgpd/bgp_debug.h"
46 #include "bgpd/bgp_errors.h"
47 #include "bgpd/bgp_aspath.h"
48 #include "bgpd/bgp_zebra.h"
49 #include "bgpd/bgp_addpath.h"
50 #include "bgpd/bgp_label.h"
51 #include "bgpd/bgp_nht.h"
52 #include "bgpd/bgp_mpath.h"
53 #include "bgpd/bgp_trace.h"
54
55 static void bgp_evpn_local_es_down(struct bgp *bgp,
56 struct bgp_evpn_es *es);
57 static void bgp_evpn_local_type1_evi_route_del(struct bgp *bgp,
58 struct bgp_evpn_es *es);
59 static struct bgp_evpn_es_vtep *bgp_evpn_es_vtep_add(struct bgp *bgp,
60 struct bgp_evpn_es *es,
61 struct in_addr vtep_ip,
62 bool esr, uint8_t df_alg,
63 uint16_t df_pref);
64 static void bgp_evpn_es_vtep_del(struct bgp *bgp,
65 struct bgp_evpn_es *es, struct in_addr vtep_ip, bool esr);
66 static void bgp_evpn_es_cons_checks_pend_add(struct bgp_evpn_es *es);
67 static void bgp_evpn_es_cons_checks_pend_del(struct bgp_evpn_es *es);
68 static struct bgp_evpn_es_evi *
69 bgp_evpn_local_es_evi_do_del(struct bgp_evpn_es_evi *es_evi);
70 static uint32_t bgp_evpn_es_get_active_vtep_cnt(struct bgp_evpn_es *es);
71 static void bgp_evpn_l3nhg_update_on_vtep_chg(struct bgp_evpn_es *es);
72 static struct bgp_evpn_es *bgp_evpn_es_new(struct bgp *bgp, const esi_t *esi);
73 static void bgp_evpn_es_free(struct bgp_evpn_es *es, const char *caller);
74 static void bgp_evpn_path_es_unlink(struct bgp_path_es_info *es_info);
75 static void bgp_evpn_mac_update_on_es_local_chg(struct bgp_evpn_es *es,
76 bool is_local);
77
78 esi_t zero_esi_buf, *zero_esi = &zero_esi_buf;
79 static void bgp_evpn_run_consistency_checks(struct thread *t);
80 static void bgp_evpn_path_nh_info_free(struct bgp_path_evpn_nh_info *nh_info);
81 static void bgp_evpn_path_nh_unlink(struct bgp_path_evpn_nh_info *nh_info);
82
83 /******************************************************************************
84 * per-ES (Ethernet Segment) routing table
85 *
86 * Following routes are added to the ES's routing table -
87 * 1. Local and remote ESR (Type-4)
88 * 2. Local EAD-per-ES (Type-1).
89 *
90 * Key for these routes is {ESI, VTEP-IP} so the path selection is practically
91 * a no-op i.e. all paths lead to same VTEP-IP (i.e. result in the same VTEP
92 * being added to same ES).
93 *
94 * Note the following routes go into the VNI routing table (instead of the
95 * ES routing table) -
96 * 1. Remote EAD-per-ES
97 * 2. Local and remote EAD-per-EVI
98 */
99
100 /* Calculate the best path for a multi-homing (Type-1 or Type-4) route
101 * installed in the ES's routing table.
102 */
103 static int bgp_evpn_es_route_select_install(struct bgp *bgp,
104 struct bgp_evpn_es *es,
105 struct bgp_dest *dest)
106 {
107 int ret = 0;
108 afi_t afi = AFI_L2VPN;
109 safi_t safi = SAFI_EVPN;
110 struct bgp_path_info *old_select; /* old best */
111 struct bgp_path_info *new_select; /* new best */
112 struct bgp_path_info_pair old_and_new;
113
114 /* Compute the best path. */
115 bgp_best_selection(bgp, dest, &bgp->maxpaths[afi][safi], &old_and_new,
116 afi, safi);
117 old_select = old_and_new.old;
118 new_select = old_and_new.new;
119
120 /*
121 * If the best path hasn't changed - see if something needs to be
122 * updated
123 */
124 if (old_select && old_select == new_select
125 && old_select->type == ZEBRA_ROUTE_BGP
126 && old_select->sub_type == BGP_ROUTE_IMPORTED
127 && !CHECK_FLAG(dest->flags, BGP_NODE_USER_CLEAR)
128 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
129 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
130 if (bgp_zebra_has_route_changed(old_select)) {
131 bgp_evpn_es_vtep_add(bgp, es, old_select->attr->nexthop,
132 true /*esr*/,
133 old_select->attr->df_alg,
134 old_select->attr->df_pref);
135 }
136 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
137 bgp_zebra_clear_route_change_flags(dest);
138 return ret;
139 }
140
141 /* If the user did a "clear" this flag will be set */
142 UNSET_FLAG(dest->flags, BGP_NODE_USER_CLEAR);
143
144 /* bestpath has changed; update relevant fields and install or uninstall
145 * into the zebra RIB.
146 */
147 if (old_select || new_select)
148 bgp_bump_version(dest);
149
150 if (old_select)
151 bgp_path_info_unset_flag(dest, old_select, BGP_PATH_SELECTED);
152 if (new_select) {
153 bgp_path_info_set_flag(dest, new_select, BGP_PATH_SELECTED);
154 bgp_path_info_unset_flag(dest, new_select,
155 BGP_PATH_ATTR_CHANGED);
156 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
157 }
158
159 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
160 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
161 bgp_evpn_es_vtep_add(bgp, es, new_select->attr->nexthop,
162 true /*esr */, new_select->attr->df_alg,
163 new_select->attr->df_pref);
164 } else {
165 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
166 && old_select->sub_type == BGP_ROUTE_IMPORTED)
167 bgp_evpn_es_vtep_del(
168 bgp, es, old_select->attr->nexthop,
169 true /*esr*/);
170 }
171
172 /* Clear any route change flags. */
173 bgp_zebra_clear_route_change_flags(dest);
174
175 /* Reap old select bgp_path_info, if it has been removed */
176 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
177 bgp_path_info_reap(dest, old_select);
178
179 return ret;
180 }
181
182 /* Install Type-1/Type-4 route entry in the per-ES routing table */
183 static int bgp_evpn_es_route_install(struct bgp *bgp,
184 struct bgp_evpn_es *es, struct prefix_evpn *p,
185 struct bgp_path_info *parent_pi)
186 {
187 int ret = 0;
188 struct bgp_dest *dest = NULL;
189 struct bgp_path_info *pi = NULL;
190 struct attr *attr_new = NULL;
191
192 /* Create (or fetch) route within the VNI.
193 * NOTE: There is no RD here.
194 */
195 dest = bgp_node_get(es->route_table, (struct prefix *)p);
196
197 /* Check if route entry is already present. */
198 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
199 if (pi->extra &&
200 (struct bgp_path_info *)pi->extra->parent == parent_pi)
201 break;
202
203 if (!pi) {
204 /* Add (or update) attribute to hash. */
205 attr_new = bgp_attr_intern(parent_pi->attr);
206
207 /* Create new route with its attribute. */
208 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
209 parent_pi->peer, attr_new, dest);
210 SET_FLAG(pi->flags, BGP_PATH_VALID);
211 bgp_path_info_extra_get(pi);
212 pi->extra->parent = bgp_path_info_lock(parent_pi);
213 bgp_dest_lock_node((struct bgp_dest *)parent_pi->net);
214 bgp_path_info_add(dest, pi);
215 } else {
216 if (attrhash_cmp(pi->attr, parent_pi->attr)
217 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
218 bgp_dest_unlock_node(dest);
219 return 0;
220 }
221 /* The attribute has changed. */
222 /* Add (or update) attribute to hash. */
223 attr_new = bgp_attr_intern(parent_pi->attr);
224
225 /* Restore route, if needed. */
226 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
227 bgp_path_info_restore(dest, pi);
228
229 /* Mark if nexthop has changed. */
230 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
231 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
232
233 /* Unintern existing, set to new. */
234 bgp_attr_unintern(&pi->attr);
235 pi->attr = attr_new;
236 pi->uptime = monotime(NULL);
237 }
238
239 /* Perform route selection and update zebra, if required. */
240 ret = bgp_evpn_es_route_select_install(bgp, es, dest);
241
242 bgp_dest_unlock_node(dest);
243
244 return ret;
245 }
246
247 /* Uninstall Type-1/Type-4 route entry from the ES routing table */
248 static int bgp_evpn_es_route_uninstall(struct bgp *bgp, struct bgp_evpn_es *es,
249 struct prefix_evpn *p, struct bgp_path_info *parent_pi)
250 {
251 int ret;
252 struct bgp_dest *dest;
253 struct bgp_path_info *pi;
254
255 if (!es->route_table)
256 return 0;
257
258 /* Locate route within the ESI.
259 * NOTE: There is no RD here.
260 */
261 dest = bgp_node_lookup(es->route_table, (struct prefix *)p);
262 if (!dest)
263 return 0;
264
265 /* Find matching route entry. */
266 for (pi = bgp_dest_get_bgp_path_info(dest); pi; pi = pi->next)
267 if (pi->extra
268 && (struct bgp_path_info *)pi->extra->parent ==
269 parent_pi)
270 break;
271
272 if (!pi) {
273 bgp_dest_unlock_node(dest);
274 return 0;
275 }
276
277 /* Mark entry for deletion */
278 bgp_path_info_delete(dest, pi);
279
280 /* Perform route selection and update zebra, if required. */
281 ret = bgp_evpn_es_route_select_install(bgp, es, dest);
282
283 /* Unlock route node. */
284 bgp_dest_unlock_node(dest);
285
286 return ret;
287 }
288
289 /* Install or unistall a Type-4 route in the per-ES routing table */
290 int bgp_evpn_es_route_install_uninstall(struct bgp *bgp, struct bgp_evpn_es *es,
291 afi_t afi, safi_t safi, struct prefix_evpn *evp,
292 struct bgp_path_info *pi, int install)
293 {
294 int ret = 0;
295
296 if (install)
297 ret = bgp_evpn_es_route_install(bgp, es, evp, pi);
298 else
299 ret = bgp_evpn_es_route_uninstall(bgp, es, evp, pi);
300
301 if (ret) {
302 flog_err(
303 EC_BGP_EVPN_FAIL,
304 "%u: Failed to %s EVPN %s route in ESI %s",
305 bgp->vrf_id,
306 install ? "install" : "uninstall",
307 "ES", es->esi_str);
308 return ret;
309 }
310 return 0;
311 }
312
313 /* Delete (and withdraw) local routes for specified ES from global and ES table.
314 * Also remove all remote routes from the per ES table. Invoked when ES
315 * is deleted.
316 */
317 static void bgp_evpn_es_route_del_all(struct bgp *bgp, struct bgp_evpn_es *es)
318 {
319 struct bgp_dest *dest;
320 struct bgp_path_info *pi, *nextpi;
321
322 /* de-activate the ES */
323 bgp_evpn_local_es_down(bgp, es);
324 bgp_evpn_local_type1_evi_route_del(bgp, es);
325
326 /* Walk this ES's routing table and delete all routes. */
327 for (dest = bgp_table_top(es->route_table); dest;
328 dest = bgp_route_next(dest)) {
329 for (pi = bgp_dest_get_bgp_path_info(dest);
330 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
331 bgp_path_info_delete(dest, pi);
332 bgp_path_info_reap(dest, pi);
333 }
334 }
335 }
336
337 /*****************************************************************************
338 * Base APIs for creating MH routes (Type-1 or Type-4) on local ethernet
339 * segment updates.
340 */
341
342 /* create or update local EVPN type1/type4 route entry.
343 *
344 * This could be in -
345 * the ES table if ESR/EAD-ES (or)
346 * the VNI table if EAD-EVI (or)
347 * the global table if ESR/EAD-ES/EAD-EVI
348 *
349 * Note: vpn is applicable only to EAD-EVI routes (NULL for EAD-ES and
350 * ESR).
351 */
352 int bgp_evpn_mh_route_update(struct bgp *bgp, struct bgp_evpn_es *es,
353 struct bgpevpn *vpn, afi_t afi, safi_t safi,
354 struct bgp_dest *dest, struct attr *attr,
355 struct bgp_path_info **ri, int *route_changed)
356 {
357 struct bgp_path_info *tmp_pi = NULL;
358 struct bgp_path_info *local_pi = NULL; /* local route entry if any */
359 struct bgp_path_info *remote_pi = NULL; /* remote route entry if any */
360 struct attr *attr_new = NULL;
361 struct prefix_evpn *evp;
362
363 *ri = NULL;
364 evp = (struct prefix_evpn *)bgp_dest_get_prefix(dest);
365 *route_changed = 1;
366
367 /* locate the local and remote entries if any */
368 for (tmp_pi = bgp_dest_get_bgp_path_info(dest); tmp_pi;
369 tmp_pi = tmp_pi->next) {
370 if (tmp_pi->peer == bgp->peer_self
371 && tmp_pi->type == ZEBRA_ROUTE_BGP
372 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
373 local_pi = tmp_pi;
374 if (tmp_pi->type == ZEBRA_ROUTE_BGP
375 && tmp_pi->sub_type == BGP_ROUTE_IMPORTED
376 && CHECK_FLAG(tmp_pi->flags, BGP_PATH_VALID))
377 remote_pi = tmp_pi;
378 }
379
380 /* we don't expect to see a remote_pi at this point as
381 * an ES route has {esi, vtep_ip} as the key in the ES-rt-table
382 * in the VNI-rt-table.
383 */
384 if (remote_pi) {
385 flog_err(
386 EC_BGP_ES_INVALID,
387 "%u ERROR: local es route for ESI: %s vtep %pI4 also learnt from remote",
388 bgp->vrf_id, es ? es->esi_str : "Null",
389 es ? &es->originator_ip : NULL);
390 return -1;
391 }
392
393 /* create or update the entry */
394 if (!local_pi) {
395
396 /* Add or update attribute to hash */
397 attr_new = bgp_attr_intern(attr);
398
399 /* Create new route with its attribute. */
400 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
401 bgp->peer_self, attr_new, dest);
402 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
403
404 if (evp->prefix.route_type == BGP_EVPN_AD_ROUTE) {
405 bgp_path_info_extra_get(tmp_pi);
406 tmp_pi->extra->num_labels = 1;
407 if (vpn)
408 vni2label(vpn->vni, &tmp_pi->extra->label[0]);
409 else
410 tmp_pi->extra->label[0] = 0;
411 }
412
413 /* add the newly created path to the route-node */
414 bgp_path_info_add(dest, tmp_pi);
415 } else {
416 tmp_pi = local_pi;
417 if (attrhash_cmp(tmp_pi->attr, attr)
418 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
419 *route_changed = 0;
420 else {
421 /* The attribute has changed.
422 * Add (or update) attribute to hash.
423 */
424 attr_new = bgp_attr_intern(attr);
425 bgp_path_info_set_flag(dest, tmp_pi,
426 BGP_PATH_ATTR_CHANGED);
427
428 /* Restore route, if needed. */
429 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
430 bgp_path_info_restore(dest, tmp_pi);
431
432 /* Unintern existing, set to new. */
433 bgp_attr_unintern(&tmp_pi->attr);
434 tmp_pi->attr = attr_new;
435 tmp_pi->uptime = monotime(NULL);
436 }
437 }
438
439 if (*route_changed) {
440 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
441 zlog_debug(
442 "local ES %s vni %u route-type %s nexthop %pI4 updated",
443 es ? es->esi_str : "Null", vpn ? vpn->vni : 0,
444 evp->prefix.route_type == BGP_EVPN_ES_ROUTE
445 ? "esr"
446 : (vpn ? "ead-evi" : "ead-es"),
447 &attr->mp_nexthop_global_in);
448 }
449
450 /* Return back the route entry. */
451 *ri = tmp_pi;
452 return 0;
453 }
454
455 /* Delete local EVPN ESR (type-4) and EAD (type-1) route
456 *
457 * Note: vpn is applicable only to EAD-EVI routes (NULL for EAD-ES and
458 * ESR).
459 */
460 static int bgp_evpn_mh_route_delete(struct bgp *bgp, struct bgp_evpn_es *es,
461 struct bgpevpn *vpn,
462 struct bgp_evpn_es_frag *es_frag,
463 struct prefix_evpn *p)
464 {
465 afi_t afi = AFI_L2VPN;
466 safi_t safi = SAFI_EVPN;
467 struct bgp_path_info *pi;
468 struct bgp_dest *dest = NULL; /* dest in esi table */
469 struct bgp_dest *global_dest = NULL; /* dest in global table */
470 struct bgp_table *rt_table;
471 struct prefix_rd *prd;
472
473 if (vpn) {
474 rt_table = vpn->ip_table;
475 prd = &vpn->prd;
476 } else {
477 rt_table = es->route_table;
478 prd = &es_frag->prd;
479 }
480
481 /* First, locate the route node within the ESI or VNI.
482 * If it doesn't exist, ther is nothing to do.
483 * Note: there is no RD here.
484 */
485 dest = bgp_node_lookup(rt_table, (struct prefix *)p);
486 if (!dest)
487 return 0;
488
489 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
490 zlog_debug(
491 "local ES %s vni %u route-type %s nexthop %pI4 delete",
492 es->esi_str, vpn ? vpn->vni : 0,
493 p->prefix.route_type == BGP_EVPN_ES_ROUTE
494 ? "esr"
495 : (vpn ? "ead-evi" : "ead-es"),
496 &es->originator_ip);
497
498 /* Next, locate route node in the global EVPN routing table.
499 * Note that this table is a 2-level tree (RD-level + Prefix-level)
500 */
501 global_dest = bgp_evpn_global_node_lookup(bgp->rib[afi][safi], afi,
502 safi, p, prd, NULL);
503 if (global_dest) {
504
505 /* Delete route entry in the global EVPN table. */
506 delete_evpn_route_entry(bgp, afi, safi, global_dest, &pi);
507
508 /* Schedule for processing - withdraws to peers happen from
509 * this table.
510 */
511 if (pi)
512 bgp_process(bgp, global_dest, afi, safi);
513 bgp_dest_unlock_node(global_dest);
514 }
515
516 /*
517 * Delete route entry in the ESI or VNI routing table.
518 * This can just be removed.
519 */
520 delete_evpn_route_entry(bgp, afi, safi, dest, &pi);
521 if (pi)
522 bgp_path_info_reap(dest, pi);
523 bgp_dest_unlock_node(dest);
524 return 0;
525 }
526
527 /*
528 * This function is called when the VNI RD changes.
529 * Delete all EAD/EVI local routes for this VNI from the global routing table.
530 * These routes are scheduled for withdraw from peers.
531 */
532 int delete_global_ead_evi_routes(struct bgp *bgp, struct bgpevpn *vpn)
533 {
534 afi_t afi;
535 safi_t safi;
536 struct bgp_dest *rdrn, *rn;
537 struct bgp_table *table;
538 struct bgp_path_info *pi;
539
540 afi = AFI_L2VPN;
541 safi = SAFI_EVPN;
542
543 /* Find the RD node for the VNI in the global table */
544 rdrn = bgp_node_lookup(bgp->rib[afi][safi], (struct prefix *)&vpn->prd);
545 if (rdrn && bgp_dest_has_bgp_path_info_data(rdrn)) {
546 table = bgp_dest_get_bgp_table_info(rdrn);
547
548 /*
549 * Iterate over all the routes in this table and delete EAD/EVI
550 * routes
551 */
552 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
553 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
554
555 if (evp->prefix.route_type != BGP_EVPN_AD_ROUTE)
556 continue;
557
558 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
559 if (pi)
560 bgp_process(bgp, rn, afi, safi);
561 }
562 }
563
564 /* Unlock RD node. */
565 if (rdrn)
566 bgp_dest_unlock_node(rdrn);
567
568 return 0;
569 }
570
571 /*****************************************************************************
572 * Ethernet Segment (Type-4) Routes
573 * ESRs are used for DF election. Currently service-carving described in
574 * RFC 7432 is NOT supported. Instead preference based DF election is
575 * used by default.
576 * Reference: draft-ietf-bess-evpn-pref-df
577 */
578 /* Build extended community for EVPN ES (type-4) route */
579 static void bgp_evpn_type4_route_extcomm_build(struct bgp_evpn_es *es,
580 struct attr *attr)
581 {
582 struct ecommunity ecom_encap;
583 struct ecommunity ecom_es_rt;
584 struct ecommunity ecom_df;
585 struct ecommunity_val eval;
586 struct ecommunity_val eval_es_rt;
587 struct ecommunity_val eval_df;
588 bgp_encap_types tnl_type;
589 struct ethaddr mac;
590
591 /* Encap */
592 tnl_type = BGP_ENCAP_TYPE_VXLAN;
593 memset(&ecom_encap, 0, sizeof(ecom_encap));
594 encode_encap_extcomm(tnl_type, &eval);
595 ecom_encap.size = 1;
596 ecom_encap.unit_size = ECOMMUNITY_SIZE;
597 ecom_encap.val = (uint8_t *)eval.val;
598 bgp_attr_set_ecommunity(attr, ecommunity_dup(&ecom_encap));
599
600 /* ES import RT */
601 memset(&mac, 0, sizeof(mac));
602 memset(&ecom_es_rt, 0, sizeof(ecom_es_rt));
603 es_get_system_mac(&es->esi, &mac);
604 encode_es_rt_extcomm(&eval_es_rt, &mac);
605 ecom_es_rt.size = 1;
606 ecom_es_rt.unit_size = ECOMMUNITY_SIZE;
607 ecom_es_rt.val = (uint8_t *)eval_es_rt.val;
608 bgp_attr_set_ecommunity(
609 attr,
610 ecommunity_merge(bgp_attr_get_ecommunity(attr), &ecom_es_rt));
611
612 /* DF election extended community */
613 memset(&ecom_df, 0, sizeof(ecom_df));
614 encode_df_elect_extcomm(&eval_df, es->df_pref);
615 ecom_df.size = 1;
616 ecom_df.val = (uint8_t *)eval_df.val;
617 bgp_attr_set_ecommunity(
618 attr,
619 ecommunity_merge(bgp_attr_get_ecommunity(attr), &ecom_df));
620 }
621
622 /* Create or update local type-4 route */
623 static int bgp_evpn_type4_route_update(struct bgp *bgp,
624 struct bgp_evpn_es *es, struct prefix_evpn *p)
625 {
626 int ret = 0;
627 int route_changed = 0;
628 afi_t afi = AFI_L2VPN;
629 safi_t safi = SAFI_EVPN;
630 struct attr attr;
631 struct attr *attr_new = NULL;
632 struct bgp_dest *dest = NULL;
633 struct bgp_path_info *pi = NULL;
634
635 memset(&attr, 0, sizeof(attr));
636
637 /* Build path-attribute for this route. */
638 bgp_attr_default_set(&attr, bgp, BGP_ORIGIN_IGP);
639 attr.nexthop = es->originator_ip;
640 attr.mp_nexthop_global_in = es->originator_ip;
641 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
642
643 /* Set up extended community. */
644 bgp_evpn_type4_route_extcomm_build(es, &attr);
645
646 /* First, create (or fetch) route node within the ESI. */
647 /* NOTE: There is no RD here. */
648 dest = bgp_node_get(es->route_table, (struct prefix *)p);
649
650 /* Create or update route entry. */
651 ret = bgp_evpn_mh_route_update(bgp, es, NULL, afi, safi, dest, &attr,
652 &pi, &route_changed);
653 if (ret != 0)
654 flog_err(
655 EC_BGP_ES_INVALID,
656 "%u ERROR: Failed to updated ES route ESI: %s VTEP %pI4",
657 bgp->vrf_id, es->esi_str, &es->originator_ip);
658
659 assert(pi);
660 attr_new = pi->attr;
661
662 /* Perform route selection;
663 * this is just to set the flags correctly
664 * as local route in the ES always wins.
665 */
666 bgp_evpn_es_route_select_install(bgp, es, dest);
667 bgp_dest_unlock_node(dest);
668
669 /* If this is a new route or some attribute has changed, export the
670 * route to the global table. The route will be advertised to peers
671 * from there. Note that this table is a 2-level tree (RD-level +
672 * Prefix-level) similar to L3VPN routes.
673 */
674 if (route_changed) {
675 struct bgp_path_info *global_pi;
676
677 dest = bgp_evpn_global_node_get(bgp->rib[afi][safi], afi, safi,
678 p, &es->es_base_frag->prd,
679 NULL);
680 bgp_evpn_mh_route_update(bgp, es, NULL, afi, safi, dest,
681 attr_new, &global_pi, &route_changed);
682
683 /* Schedule for processing and unlock node. */
684 bgp_process(bgp, dest, afi, safi);
685 bgp_dest_unlock_node(dest);
686 }
687
688 /* Unintern temporary. */
689 aspath_unintern(&attr.aspath);
690 return 0;
691 }
692
693 /* Delete local type-4 route */
694 static int bgp_evpn_type4_route_delete(struct bgp *bgp,
695 struct bgp_evpn_es *es, struct prefix_evpn *p)
696 {
697 if (!es->es_base_frag)
698 return -1;
699
700 return bgp_evpn_mh_route_delete(bgp, es, NULL /* l2vni */,
701 es->es_base_frag, p);
702 }
703
704 /* Process remote/received EVPN type-4 route (advertise or withdraw) */
705 int bgp_evpn_type4_route_process(struct peer *peer, afi_t afi, safi_t safi,
706 struct attr *attr, uint8_t *pfx, int psize,
707 uint32_t addpath_id)
708 {
709 int ret;
710 esi_t esi;
711 uint8_t ipaddr_len;
712 struct in_addr vtep_ip;
713 struct prefix_rd prd;
714 struct prefix_evpn p;
715
716 /* Type-4 route should be either 23 or 35 bytes
717 * RD (8), ESI (10), ip-len (1), ip (4 or 16)
718 */
719 if (psize != BGP_EVPN_TYPE4_V4_PSIZE &&
720 psize != BGP_EVPN_TYPE4_V6_PSIZE) {
721 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
722 "%u:%s - Rx EVPN Type-4 NLRI with invalid length %d",
723 peer->bgp->vrf_id, peer->host, psize);
724 return -1;
725 }
726
727 /* Make prefix_rd */
728 prd.family = AF_UNSPEC;
729 prd.prefixlen = 64;
730 memcpy(&prd.val, pfx, RD_BYTES);
731 pfx += RD_BYTES;
732
733 /* get the ESI */
734 memcpy(&esi, pfx, ESI_BYTES);
735 pfx += ESI_BYTES;
736
737
738 /* Get the IP. */
739 ipaddr_len = *pfx++;
740 if (ipaddr_len == IPV4_MAX_BITLEN) {
741 memcpy(&vtep_ip, pfx, IPV4_MAX_BYTELEN);
742 } else {
743 flog_err(
744 EC_BGP_EVPN_ROUTE_INVALID,
745 "%u:%s - Rx EVPN Type-4 NLRI with unsupported IP address length %d",
746 peer->bgp->vrf_id, peer->host, ipaddr_len);
747 return -1;
748 }
749
750 build_evpn_type4_prefix(&p, &esi, vtep_ip);
751 /* Process the route. */
752 if (attr) {
753 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
754 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
755 &prd, NULL, 0, 0, NULL);
756 } else {
757 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
758 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
759 &prd, NULL, 0, NULL);
760 }
761 return ret;
762 }
763
764 /* Check if a prefix belongs to the local ES */
765 static bool bgp_evpn_type4_prefix_match(struct prefix_evpn *p,
766 struct bgp_evpn_es *es)
767 {
768 return (p->prefix.route_type == BGP_EVPN_ES_ROUTE) &&
769 !memcmp(&p->prefix.es_addr.esi, &es->esi, sizeof(esi_t));
770 }
771
772 /* Import remote ESRs on local ethernet segment add */
773 static int bgp_evpn_type4_remote_routes_import(struct bgp *bgp,
774 struct bgp_evpn_es *es, bool install)
775 {
776 int ret;
777 afi_t afi;
778 safi_t safi;
779 struct bgp_dest *rd_dest, *dest;
780 struct bgp_table *table;
781 struct bgp_path_info *pi;
782
783 afi = AFI_L2VPN;
784 safi = SAFI_EVPN;
785
786 /* Walk entire global routing table and evaluate routes which could be
787 * imported into this Ethernet Segment.
788 */
789 for (rd_dest = bgp_table_top(bgp->rib[afi][safi]); rd_dest;
790 rd_dest = bgp_route_next(rd_dest)) {
791 table = bgp_dest_get_bgp_table_info(rd_dest);
792 if (!table)
793 continue;
794
795 for (dest = bgp_table_top(table); dest;
796 dest = bgp_route_next(dest)) {
797 struct prefix_evpn *evp =
798 (struct prefix_evpn *)bgp_dest_get_prefix(dest);
799
800 for (pi = bgp_dest_get_bgp_path_info(dest); pi;
801 pi = pi->next) {
802 /*
803 * Consider "valid" remote routes applicable for
804 * this ES.
805 */
806 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
807 && pi->type == ZEBRA_ROUTE_BGP
808 && pi->sub_type == BGP_ROUTE_NORMAL))
809 continue;
810
811 if (!bgp_evpn_type4_prefix_match(evp, es))
812 continue;
813
814 if (install)
815 ret = bgp_evpn_es_route_install(
816 bgp, es, evp, pi);
817 else
818 ret = bgp_evpn_es_route_uninstall(
819 bgp, es, evp, pi);
820
821 if (ret) {
822 flog_err(
823 EC_BGP_EVPN_FAIL,
824 "Failed to %s EVPN %pFX route in ESI %s",
825 install ? "install"
826 : "uninstall",
827 evp, es->esi_str);
828
829 bgp_dest_unlock_node(rd_dest);
830 bgp_dest_unlock_node(dest);
831 return ret;
832 }
833 }
834 }
835 }
836 return 0;
837 }
838
839 /*****************************************************************************
840 * Ethernet Auto Discovery (EAD/Type-1) route handling
841 * There are two types of EAD routes -
842 * 1. EAD-per-ES - Key: {ESI, ET=0xffffffff}
843 * 2. EAD-per-EVI - Key: {ESI, ET=0}
844 */
845
846 /* Extended communities associated with EAD-per-ES */
847 static void
848 bgp_evpn_type1_es_route_extcomm_build(struct bgp_evpn_es_frag *es_frag,
849 struct attr *attr)
850 {
851 struct ecommunity ecom_encap;
852 struct ecommunity ecom_esi_label;
853 struct ecommunity_val eval;
854 struct ecommunity_val eval_esi_label;
855 bgp_encap_types tnl_type;
856 struct listnode *evi_node, *rt_node;
857 struct ecommunity *ecom;
858 struct bgp_evpn_es_evi *es_evi;
859
860 /* Encap */
861 tnl_type = BGP_ENCAP_TYPE_VXLAN;
862 memset(&ecom_encap, 0, sizeof(ecom_encap));
863 encode_encap_extcomm(tnl_type, &eval);
864 ecom_encap.size = 1;
865 ecom_encap.unit_size = ECOMMUNITY_SIZE;
866 ecom_encap.val = (uint8_t *)eval.val;
867 bgp_attr_set_ecommunity(attr, ecommunity_dup(&ecom_encap));
868
869 /* ESI label */
870 encode_esi_label_extcomm(&eval_esi_label,
871 false /*single_active*/);
872 ecom_esi_label.size = 1;
873 ecom_esi_label.unit_size = ECOMMUNITY_SIZE;
874 ecom_esi_label.val = (uint8_t *)eval_esi_label.val;
875 bgp_attr_set_ecommunity(attr,
876 ecommunity_merge(bgp_attr_get_ecommunity(attr),
877 &ecom_esi_label));
878
879 /* Add export RTs for all L2-VNIs associated with this ES */
880 /* XXX - suppress EAD-ES advertisment if there are no EVIs associated
881 * with it.
882 */
883 if (listcount(bgp_mh_info->ead_es_export_rtl)) {
884 for (ALL_LIST_ELEMENTS_RO(bgp_mh_info->ead_es_export_rtl,
885 rt_node, ecom))
886 bgp_attr_set_ecommunity(
887 attr, ecommunity_merge(attr->ecommunity, ecom));
888 } else {
889 for (ALL_LIST_ELEMENTS_RO(es_frag->es_evi_frag_list, evi_node,
890 es_evi)) {
891 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL))
892 continue;
893 for (ALL_LIST_ELEMENTS_RO(es_evi->vpn->export_rtl,
894 rt_node, ecom))
895 bgp_attr_set_ecommunity(
896 attr, ecommunity_merge(attr->ecommunity,
897 ecom));
898 }
899 }
900 }
901
902 /* Extended communities associated with EAD-per-EVI */
903 static void bgp_evpn_type1_evi_route_extcomm_build(struct bgp_evpn_es *es,
904 struct bgpevpn *vpn, struct attr *attr)
905 {
906 struct ecommunity ecom_encap;
907 struct ecommunity_val eval;
908 bgp_encap_types tnl_type;
909 struct listnode *rt_node;
910 struct ecommunity *ecom;
911
912 /* Encap */
913 tnl_type = BGP_ENCAP_TYPE_VXLAN;
914 memset(&ecom_encap, 0, sizeof(ecom_encap));
915 encode_encap_extcomm(tnl_type, &eval);
916 ecom_encap.size = 1;
917 ecom_encap.unit_size = ECOMMUNITY_SIZE;
918 ecom_encap.val = (uint8_t *)eval.val;
919 bgp_attr_set_ecommunity(attr, ecommunity_dup(&ecom_encap));
920
921 /* Add export RTs for the L2-VNI */
922 for (ALL_LIST_ELEMENTS_RO(vpn->export_rtl, rt_node, ecom))
923 bgp_attr_set_ecommunity(
924 attr,
925 ecommunity_merge(bgp_attr_get_ecommunity(attr), ecom));
926 }
927
928 /* Update EVPN EAD (type-1) route -
929 * vpn - valid for EAD-EVI routes and NULL for EAD-ES routes
930 */
931 static int bgp_evpn_type1_route_update(struct bgp *bgp, struct bgp_evpn_es *es,
932 struct bgpevpn *vpn,
933 struct bgp_evpn_es_frag *es_frag,
934 struct prefix_evpn *p)
935 {
936 int ret = 0;
937 afi_t afi = AFI_L2VPN;
938 safi_t safi = SAFI_EVPN;
939 struct attr attr;
940 struct attr *attr_new = NULL;
941 struct bgp_dest *dest = NULL;
942 struct bgp_path_info *pi = NULL;
943 int route_changed = 0;
944 struct prefix_rd *global_rd;
945
946 memset(&attr, 0, sizeof(attr));
947
948 /* Build path-attribute for this route. */
949 bgp_attr_default_set(&attr, bgp, BGP_ORIGIN_IGP);
950 attr.nexthop = es->originator_ip;
951 attr.mp_nexthop_global_in = es->originator_ip;
952 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
953
954 if (vpn) {
955 /* EAD-EVI route update */
956 /* MPLS label */
957 vni2label(vpn->vni, &(attr.label));
958
959 /* Set up extended community */
960 bgp_evpn_type1_evi_route_extcomm_build(es, vpn, &attr);
961
962 /* First, create (or fetch) route node within the VNI. */
963 dest = bgp_node_get(vpn->ip_table, (struct prefix *)p);
964
965 /* Create or update route entry. */
966 ret = bgp_evpn_mh_route_update(bgp, es, vpn, afi, safi, dest,
967 &attr, &pi, &route_changed);
968 if (ret != 0)
969 flog_err(
970 EC_BGP_ES_INVALID,
971 "%u Failed to update EAD-EVI route ESI: %s VNI %u VTEP %pI4",
972 bgp->vrf_id, es->esi_str, vpn->vni,
973 &es->originator_ip);
974 global_rd = &vpn->prd;
975 } else {
976 /* EAD-ES route update */
977 /* MPLS label is 0 for EAD-ES route */
978
979 /* Set up extended community */
980 bgp_evpn_type1_es_route_extcomm_build(es_frag, &attr);
981
982 /* First, create (or fetch) route node within the ES. */
983 /* NOTE: There is no RD here. */
984 /* XXX: fragment ID must be included as a part of the prefix. */
985 dest = bgp_node_get(es->route_table, (struct prefix *)p);
986
987 /* Create or update route entry. */
988 ret = bgp_evpn_mh_route_update(bgp, es, vpn, afi, safi, dest,
989 &attr, &pi, &route_changed);
990 if (ret != 0) {
991 flog_err(
992 EC_BGP_ES_INVALID,
993 "%u ERROR: Failed to updated EAD-ES route ESI: %s VTEP %pI4",
994 bgp->vrf_id, es->esi_str, &es->originator_ip);
995 }
996 global_rd = &es_frag->prd;
997 }
998
999
1000 assert(pi);
1001 attr_new = pi->attr;
1002
1003 /* Perform route selection;
1004 * this is just to set the flags correctly as local route in
1005 * the ES always wins.
1006 */
1007 evpn_route_select_install(bgp, vpn, dest);
1008 bgp_dest_unlock_node(dest);
1009
1010 /* If this is a new route or some attribute has changed, export the
1011 * route to the global table. The route will be advertised to peers
1012 * from there. Note that this table is a 2-level tree (RD-level +
1013 * Prefix-level) similar to L3VPN routes.
1014 */
1015 if (route_changed) {
1016 struct bgp_path_info *global_pi;
1017
1018 dest = bgp_evpn_global_node_get(bgp->rib[afi][safi], afi, safi,
1019 p, global_rd, NULL);
1020 bgp_evpn_mh_route_update(bgp, es, vpn, afi, safi, dest,
1021 attr_new, &global_pi, &route_changed);
1022
1023 /* Schedule for processing and unlock node. */
1024 bgp_process(bgp, dest, afi, safi);
1025 bgp_dest_unlock_node(dest);
1026 }
1027
1028 /* Unintern temporary. */
1029 aspath_unintern(&attr.aspath);
1030 return 0;
1031 }
1032
1033 /*
1034 * This function is called when the export RT for a VNI changes.
1035 * Update all type-1 local routes for this VNI from VNI/ES tables and the global
1036 * table and advertise these routes to peers.
1037 */
1038
1039 static void bgp_evpn_ead_es_route_update(struct bgp *bgp,
1040 struct bgp_evpn_es *es)
1041 {
1042 struct listnode *node;
1043 struct bgp_evpn_es_frag *es_frag;
1044 struct prefix_evpn p;
1045
1046 build_evpn_type1_prefix(&p, BGP_EVPN_AD_ES_ETH_TAG, &es->esi,
1047 es->originator_ip);
1048 for (ALL_LIST_ELEMENTS_RO(es->es_frag_list, node, es_frag)) {
1049 if (!listcount(es_frag->es_evi_frag_list))
1050 continue;
1051
1052 p.prefix.ead_addr.frag_id = es_frag->rd_id;
1053 if (bgp_evpn_type1_route_update(bgp, es, NULL, es_frag, &p))
1054 flog_err(
1055 EC_BGP_EVPN_ROUTE_CREATE,
1056 "EAD-ES route creation failure for ESI %s frag %u",
1057 es->esi_str, es_frag->rd_id);
1058 }
1059 }
1060
1061 static void bgp_evpn_ead_evi_route_update(struct bgp *bgp,
1062 struct bgp_evpn_es *es,
1063 struct bgpevpn *vpn,
1064 struct prefix_evpn *p)
1065 {
1066 if (bgp_evpn_type1_route_update(bgp, es, vpn, NULL, p))
1067 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
1068 "EAD-EVI route creation failure for ESI %s VNI %u",
1069 es->esi_str, vpn->vni);
1070 }
1071
1072 void update_type1_routes_for_evi(struct bgp *bgp, struct bgpevpn *vpn)
1073 {
1074 struct prefix_evpn p;
1075 struct bgp_evpn_es *es;
1076 struct bgp_evpn_es_evi *es_evi;
1077
1078
1079 RB_FOREACH (es_evi, bgp_es_evi_rb_head, &vpn->es_evi_rb_tree) {
1080 es = es_evi->es;
1081
1082 if (es_evi->vpn != vpn)
1083 continue;
1084
1085 /* Update EAD-ES */
1086 bgp_evpn_ead_es_route_update(bgp, es);
1087
1088 /* Update EAD-EVI */
1089 if (CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI)) {
1090 build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG,
1091 &es->esi, es->originator_ip);
1092 bgp_evpn_ead_evi_route_update(bgp, es, vpn, &p);
1093 }
1094 }
1095 }
1096
1097 /* Delete local Type-1 route */
1098 static void bgp_evpn_ead_es_route_delete(struct bgp *bgp,
1099 struct bgp_evpn_es *es)
1100 {
1101 struct listnode *node;
1102 struct bgp_evpn_es_frag *es_frag;
1103 struct prefix_evpn p;
1104
1105 build_evpn_type1_prefix(&p, BGP_EVPN_AD_ES_ETH_TAG, &es->esi,
1106 es->originator_ip);
1107 for (ALL_LIST_ELEMENTS_RO(es->es_frag_list, node, es_frag)) {
1108 p.prefix.ead_addr.frag_id = es_frag->rd_id;
1109 bgp_evpn_mh_route_delete(bgp, es, NULL, es_frag, &p);
1110 }
1111 }
1112
1113 static int bgp_evpn_ead_evi_route_delete(struct bgp *bgp,
1114 struct bgp_evpn_es *es,
1115 struct bgpevpn *vpn,
1116 struct prefix_evpn *p)
1117 {
1118 return bgp_evpn_mh_route_delete(bgp, es, vpn, NULL, p);
1119 }
1120
1121 /* Generate EAD-EVI for all VNIs */
1122 static void bgp_evpn_local_type1_evi_route_add(struct bgp *bgp,
1123 struct bgp_evpn_es *es)
1124 {
1125 struct listnode *evi_node;
1126 struct prefix_evpn p;
1127 struct bgp_evpn_es_evi *es_evi;
1128
1129 /* EAD-per-EVI routes have been suppressed */
1130 if (!bgp_mh_info->ead_evi_tx)
1131 return;
1132
1133 if (CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI))
1134 /* EAD-EVI route add for this ES is already done */
1135 return;
1136
1137 SET_FLAG(es->flags, BGP_EVPNES_ADV_EVI);
1138 build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG,
1139 &es->esi, es->originator_ip);
1140
1141 for (ALL_LIST_ELEMENTS_RO(es->es_evi_list, evi_node, es_evi)) {
1142 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL))
1143 continue;
1144 bgp_evpn_ead_evi_route_update(bgp, es, es_evi->vpn, &p);
1145 }
1146 }
1147
1148 /*
1149 * Withdraw EAD-EVI for all VNIs
1150 */
1151 static void bgp_evpn_local_type1_evi_route_del(struct bgp *bgp,
1152 struct bgp_evpn_es *es)
1153 {
1154 struct listnode *evi_node;
1155 struct prefix_evpn p;
1156 struct bgp_evpn_es_evi *es_evi;
1157
1158 /* Delete and withdraw locally learnt EAD-EVI route */
1159 if (!CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI))
1160 /* EAD-EVI route has not been advertised for this ES */
1161 return;
1162
1163 UNSET_FLAG(es->flags, BGP_EVPNES_ADV_EVI);
1164 build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG,
1165 &es->esi, es->originator_ip);
1166 for (ALL_LIST_ELEMENTS_RO(es->es_evi_list, evi_node, es_evi)) {
1167 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL))
1168 continue;
1169 if (bgp_evpn_mh_route_delete(bgp, es, es_evi->vpn, NULL, &p))
1170 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
1171 "%u: Type4 route creation failure for ESI %s",
1172 bgp->vrf_id, es->esi_str);
1173 }
1174 }
1175
1176 /*
1177 * Process received EVPN type-1 route (advertise or withdraw).
1178 */
1179 int bgp_evpn_type1_route_process(struct peer *peer, afi_t afi, safi_t safi,
1180 struct attr *attr, uint8_t *pfx, int psize,
1181 uint32_t addpath_id)
1182 {
1183 int ret;
1184 struct prefix_rd prd;
1185 esi_t esi;
1186 uint32_t eth_tag;
1187 mpls_label_t label;
1188 struct in_addr vtep_ip;
1189 struct prefix_evpn p;
1190
1191 if (psize != BGP_EVPN_TYPE1_PSIZE) {
1192 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
1193 "%u:%s - Rx EVPN Type-1 NLRI with invalid length %d",
1194 peer->bgp->vrf_id, peer->host, psize);
1195 return -1;
1196 }
1197
1198 /* Make prefix_rd */
1199 prd.family = AF_UNSPEC;
1200 prd.prefixlen = 64;
1201 memcpy(&prd.val, pfx, RD_BYTES);
1202 pfx += RD_BYTES;
1203
1204 /* get the ESI */
1205 memcpy(&esi, pfx, ESI_BYTES);
1206 pfx += ESI_BYTES;
1207
1208 /* Copy Ethernet Tag */
1209 memcpy(&eth_tag, pfx, EVPN_ETH_TAG_BYTES);
1210 eth_tag = ntohl(eth_tag);
1211 pfx += EVPN_ETH_TAG_BYTES;
1212
1213 memcpy(&label, pfx, BGP_LABEL_BYTES);
1214
1215 /* EAD route prefix doesn't include the nexthop in the global
1216 * table
1217 */
1218 vtep_ip.s_addr = INADDR_ANY;
1219 build_evpn_type1_prefix(&p, eth_tag, &esi, vtep_ip);
1220 /* Process the route. */
1221 if (attr) {
1222 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
1223 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
1224 &prd, NULL, 0, 0, NULL);
1225 } else {
1226 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
1227 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
1228 &prd, NULL, 0, NULL);
1229 }
1230 return ret;
1231 }
1232
1233 void bgp_evpn_mh_config_ead_export_rt(struct bgp *bgp,
1234 struct ecommunity *ecomcfg, bool del)
1235 {
1236 struct listnode *node, *nnode, *node_to_del;
1237 struct ecommunity *ecom;
1238 struct bgp_evpn_es *es;
1239
1240 if (del) {
1241 if (ecomcfg == NULL) {
1242 /* Reset to default and process all routes. */
1243 for (ALL_LIST_ELEMENTS(bgp_mh_info->ead_es_export_rtl,
1244 node, nnode, ecom)) {
1245 ecommunity_free(&ecom);
1246 list_delete_node(bgp_mh_info->ead_es_export_rtl,
1247 node);
1248 }
1249 }
1250
1251 /* Delete a specific export RT */
1252 else {
1253 node_to_del = NULL;
1254
1255 for (ALL_LIST_ELEMENTS(bgp_mh_info->ead_es_export_rtl,
1256 node, nnode, ecom)) {
1257 if (ecommunity_match(ecom, ecomcfg)) {
1258 ecommunity_free(&ecom);
1259 node_to_del = node;
1260 break;
1261 }
1262 }
1263
1264 assert(node_to_del);
1265 list_delete_node(bgp_mh_info->ead_es_export_rtl,
1266 node_to_del);
1267 }
1268 } else {
1269 listnode_add_sort(bgp_mh_info->ead_es_export_rtl, ecomcfg);
1270 }
1271
1272 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
1273 zlog_debug("local ES del/re-add EAD route on export RT change");
1274 /*
1275 * walk through all active ESs withdraw the old EAD and
1276 * generate a new one
1277 */
1278 RB_FOREACH (es, bgp_es_rb_head, &bgp_mh_info->es_rb_tree) {
1279 if (!bgp_evpn_is_es_local(es) ||
1280 !bgp_evpn_local_es_is_active(es))
1281 continue;
1282
1283 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
1284 zlog_debug(
1285 "local ES %s del/re-add EAD route on export RT change",
1286 es->esi_str);
1287
1288 /*
1289 * withdraw EAD-ES. XXX - this should technically not be
1290 * needed; can be removed after testing
1291 */
1292 bgp_evpn_ead_es_route_delete(bgp, es);
1293
1294 /* generate EAD-ES */
1295 bgp_evpn_ead_es_route_update(bgp, es);
1296 }
1297 }
1298
1299 /*****************************************************************************/
1300 /* Ethernet Segment Management
1301 * 1. Ethernet Segment is a collection of links attached to the same
1302 * server (MHD) or switch (MHN)
1303 * 2. An Ethernet Segment can span multiple PEs and is identified by the
1304 * 10-byte ES-ID.
1305 * 3. Local ESs are configured in zebra and sent to BGP
1306 * 4. Remote ESs are created by BGP when one or more ES-EVIs reference it i.e.
1307 * created on first reference and release on last de-reference
1308 * 5. An ES can be both local and remote. Infact most local ESs are expected
1309 * to have an ES peer.
1310 */
1311
1312 /* A list of remote VTEPs is maintained for each ES. This list includes -
1313 * 1. VTEPs for which we have imported the ESR i.e. ES-peers
1314 * 2. VTEPs that have an "active" ES-EVI VTEP i.e. EAD-per-ES and EAD-per-EVI
1315 * have been imported into one or more VNIs
1316 */
1317 static int bgp_evpn_es_vtep_cmp(void *p1, void *p2)
1318 {
1319 const struct bgp_evpn_es_vtep *es_vtep1 = p1;
1320 const struct bgp_evpn_es_vtep *es_vtep2 = p2;
1321
1322 return es_vtep1->vtep_ip.s_addr - es_vtep2->vtep_ip.s_addr;
1323 }
1324
1325 static struct bgp_evpn_es_vtep *bgp_evpn_es_vtep_new(struct bgp_evpn_es *es,
1326 struct in_addr vtep_ip)
1327 {
1328 struct bgp_evpn_es_vtep *es_vtep;
1329
1330 es_vtep = XCALLOC(MTYPE_BGP_EVPN_ES_VTEP, sizeof(*es_vtep));
1331
1332 es_vtep->es = es;
1333 es_vtep->vtep_ip.s_addr = vtep_ip.s_addr;
1334 inet_ntop(AF_INET, &es_vtep->vtep_ip, es_vtep->vtep_str,
1335 sizeof(es_vtep->vtep_str));
1336 listnode_init(&es_vtep->es_listnode, es_vtep);
1337 listnode_add_sort(es->es_vtep_list, &es_vtep->es_listnode);
1338
1339 return es_vtep;
1340 }
1341
1342 static void bgp_evpn_es_vtep_free(struct bgp_evpn_es_vtep *es_vtep)
1343 {
1344 struct bgp_evpn_es *es = es_vtep->es;
1345
1346 if (CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ESR) ||
1347 es_vtep->evi_cnt)
1348 /* as long as there is some reference we can't free it */
1349 return;
1350
1351 list_delete_node(es->es_vtep_list, &es_vtep->es_listnode);
1352 XFREE(MTYPE_BGP_EVPN_ES_VTEP, es_vtep);
1353 }
1354
1355 /* check if VTEP is already part of the list */
1356 static struct bgp_evpn_es_vtep *bgp_evpn_es_vtep_find(struct bgp_evpn_es *es,
1357 struct in_addr vtep_ip)
1358 {
1359 struct listnode *node = NULL;
1360 struct bgp_evpn_es_vtep *es_vtep;
1361
1362 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, es_vtep)) {
1363 if (es_vtep->vtep_ip.s_addr == vtep_ip.s_addr)
1364 return es_vtep;
1365 }
1366 return NULL;
1367 }
1368
1369 /* Send the remote ES to zebra for NHG programming */
1370 static int bgp_zebra_send_remote_es_vtep(struct bgp *bgp,
1371 struct bgp_evpn_es_vtep *es_vtep, bool add)
1372 {
1373 struct bgp_evpn_es *es = es_vtep->es;
1374 struct stream *s;
1375 uint32_t flags = 0;
1376
1377 /* Check socket. */
1378 if (!zclient || zclient->sock < 0)
1379 return 0;
1380
1381 /* Don't try to register if Zebra doesn't know of this instance. */
1382 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
1383 if (BGP_DEBUG(zebra, ZEBRA))
1384 zlog_debug("No zebra instance, not installing remote es %s",
1385 es->esi_str);
1386 return 0;
1387 }
1388
1389 if (es_vtep->flags & BGP_EVPNES_VTEP_ESR)
1390 flags |= ZAPI_ES_VTEP_FLAG_ESR_RXED;
1391
1392 s = zclient->obuf;
1393 stream_reset(s);
1394
1395 zclient_create_header(s,
1396 add ? ZEBRA_REMOTE_ES_VTEP_ADD : ZEBRA_REMOTE_ES_VTEP_DEL,
1397 bgp->vrf_id);
1398 stream_put(s, &es->esi, sizeof(esi_t));
1399 stream_put_ipv4(s, es_vtep->vtep_ip.s_addr);
1400 if (add) {
1401 stream_putl(s, flags);
1402 stream_putc(s, es_vtep->df_alg);
1403 stream_putw(s, es_vtep->df_pref);
1404 }
1405
1406 stream_putw_at(s, 0, stream_get_endp(s));
1407
1408 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1409 zlog_debug("Tx %s Remote ESI %s VTEP %pI4", add ? "ADD" : "DEL",
1410 es->esi_str, &es_vtep->vtep_ip);
1411
1412 frrtrace(3, frr_bgp, evpn_mh_vtep_zsend, add, es, es_vtep);
1413
1414 return zclient_send_message(zclient);
1415 }
1416
1417 static void bgp_evpn_es_vtep_re_eval_active(struct bgp *bgp,
1418 struct bgp_evpn_es_vtep *es_vtep,
1419 bool param_change)
1420 {
1421 bool old_active;
1422 bool new_active;
1423
1424 old_active = CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE);
1425 /* currently we need an active EVI reference to use the VTEP as
1426 * a nexthop. this may change...
1427 */
1428 if (es_vtep->evi_cnt)
1429 SET_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE);
1430 else
1431 UNSET_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE);
1432
1433 new_active = CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE);
1434
1435 if ((old_active != new_active) || (new_active && param_change)) {
1436
1437 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1438 zlog_debug("es %s vtep %pI4 %s df %u/%u",
1439 es_vtep->es->esi_str, &es_vtep->vtep_ip,
1440 new_active ? "active" : "inactive",
1441 es_vtep->df_alg, es_vtep->df_pref);
1442
1443 /* send remote ES to zebra */
1444 bgp_zebra_send_remote_es_vtep(bgp, es_vtep, new_active);
1445
1446 /* The NHG is updated first for efficient failover handling.
1447 * Note the NHG can be de-activated while there are bgp
1448 * routes referencing it. Zebra is capable of handling that
1449 * elegantly by holding the NHG till all routes using it are
1450 * removed.
1451 */
1452 bgp_evpn_l3nhg_update_on_vtep_chg(es_vtep->es);
1453 /* queue up the es for background consistency checks */
1454 bgp_evpn_es_cons_checks_pend_add(es_vtep->es);
1455 }
1456 }
1457
1458 static struct bgp_evpn_es_vtep *bgp_evpn_es_vtep_add(struct bgp *bgp,
1459 struct bgp_evpn_es *es,
1460 struct in_addr vtep_ip,
1461 bool esr, uint8_t df_alg,
1462 uint16_t df_pref)
1463 {
1464 struct bgp_evpn_es_vtep *es_vtep;
1465 bool param_change = false;
1466
1467 es_vtep = bgp_evpn_es_vtep_find(es, vtep_ip);
1468
1469 if (!es_vtep)
1470 es_vtep = bgp_evpn_es_vtep_new(es, vtep_ip);
1471
1472 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1473 zlog_debug("es %s vtep %pI4 add %s df %u/%u",
1474 es_vtep->es->esi_str, &es_vtep->vtep_ip,
1475 esr ? "esr" : "ead", df_alg, df_pref);
1476
1477 if (esr) {
1478 SET_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ESR);
1479 if ((es_vtep->df_pref != df_pref)
1480 || (es_vtep->df_alg != df_alg)) {
1481 param_change = true;
1482 es_vtep->df_pref = df_pref;
1483 es_vtep->df_alg = df_alg;
1484 }
1485 } else {
1486 ++es_vtep->evi_cnt;
1487 }
1488
1489 bgp_evpn_es_vtep_re_eval_active(bgp, es_vtep, param_change);
1490
1491 return es_vtep;
1492 }
1493
1494 static void bgp_evpn_es_vtep_do_del(struct bgp *bgp,
1495 struct bgp_evpn_es_vtep *es_vtep, bool esr)
1496 {
1497 bool param_change = false;
1498
1499 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1500 zlog_debug("es %s vtep %pI4 del %s", es_vtep->es->esi_str,
1501 &es_vtep->vtep_ip, esr ? "esr" : "ead");
1502 if (esr) {
1503 UNSET_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ESR);
1504 if (es_vtep->df_pref || es_vtep->df_alg) {
1505 param_change = true;
1506 es_vtep->df_pref = 0;
1507 es_vtep->df_alg = 0;
1508 }
1509 } else {
1510 if (es_vtep->evi_cnt)
1511 --es_vtep->evi_cnt;
1512 }
1513
1514 bgp_evpn_es_vtep_re_eval_active(bgp, es_vtep, param_change);
1515 bgp_evpn_es_vtep_free(es_vtep);
1516 }
1517
1518 static void bgp_evpn_es_vtep_del(struct bgp *bgp,
1519 struct bgp_evpn_es *es, struct in_addr vtep_ip, bool esr)
1520 {
1521 struct bgp_evpn_es_vtep *es_vtep;
1522
1523 es_vtep = bgp_evpn_es_vtep_find(es, vtep_ip);
1524 if (es_vtep)
1525 bgp_evpn_es_vtep_do_del(bgp, es_vtep, esr);
1526 }
1527
1528 /********************** ES MAC-IP paths *************************************
1529 * 1. Local MAC-IP routes in the VNI routing table are linked to the
1530 * destination ES (macip_evi_path_list) for efficient updates on ES oper
1531 * state changes.
1532 * 2. Non-local MAC-IP routes in the global routing table are linked to
1533 * the detination for efficient updates on -
1534 * a. VTEP add/del - this results in a L3NHG update.
1535 * b. ES-VRF add/del - this may result in the host route being migrated to
1536 * L3NHG or vice versa (flat multipath list).
1537 ****************************************************************************/
1538 static void bgp_evpn_path_es_info_free(struct bgp_path_es_info *es_info)
1539 {
1540 bgp_evpn_path_es_unlink(es_info);
1541 XFREE(MTYPE_BGP_EVPN_PATH_ES_INFO, es_info);
1542 }
1543
1544 void bgp_evpn_path_mh_info_free(struct bgp_path_mh_info *mh_info)
1545 {
1546 if (mh_info->es_info)
1547 bgp_evpn_path_es_info_free(mh_info->es_info);
1548 if (mh_info->nh_info)
1549 bgp_evpn_path_nh_info_free(mh_info->nh_info);
1550 XFREE(MTYPE_BGP_EVPN_PATH_MH_INFO, mh_info);
1551 }
1552
1553 static struct bgp_path_es_info *
1554 bgp_evpn_path_es_info_new(struct bgp_path_info *pi, vni_t vni)
1555 {
1556 struct bgp_path_info_extra *e;
1557 struct bgp_path_mh_info *mh_info;
1558 struct bgp_path_es_info *es_info;
1559
1560 e = bgp_path_info_extra_get(pi);
1561
1562 /* If mh_info doesn't exist allocate it */
1563 mh_info = e->mh_info;
1564 if (!mh_info)
1565 e->mh_info = mh_info = XCALLOC(MTYPE_BGP_EVPN_PATH_MH_INFO,
1566 sizeof(struct bgp_path_mh_info));
1567
1568 /* If es_info doesn't exist allocate it */
1569 es_info = mh_info->es_info;
1570 if (!es_info) {
1571 mh_info->es_info = es_info =
1572 XCALLOC(MTYPE_BGP_EVPN_PATH_ES_INFO,
1573 sizeof(struct bgp_path_es_info));
1574 es_info->vni = vni;
1575 es_info->pi = pi;
1576 }
1577
1578 return es_info;
1579 }
1580
1581 static void bgp_evpn_path_es_unlink(struct bgp_path_es_info *es_info)
1582 {
1583 struct bgp_evpn_es *es = es_info->es;
1584 struct bgp_path_info *pi;
1585
1586 if (!es)
1587 return;
1588
1589 pi = es_info->pi;
1590 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
1591 zlog_debug("vni %u path %pFX unlinked from es %s", es_info->vni,
1592 &pi->net->p, es->esi_str);
1593
1594 if (es_info->vni)
1595 list_delete_node(es->macip_evi_path_list,
1596 &es_info->es_listnode);
1597 else
1598 list_delete_node(es->macip_global_path_list,
1599 &es_info->es_listnode);
1600
1601 es_info->es = NULL;
1602
1603 /* if there are no other references against the ES it
1604 * needs to be freed
1605 */
1606 bgp_evpn_es_free(es, __func__);
1607
1608 /* Note we don't free the path es_info on unlink; it will be freed up
1609 * along with the path.
1610 */
1611 }
1612
1613 void bgp_evpn_path_es_link(struct bgp_path_info *pi, vni_t vni, esi_t *esi)
1614 {
1615 struct bgp_path_es_info *es_info;
1616 struct bgp_evpn_es *es;
1617 struct bgp *bgp_evpn;
1618
1619 es_info = (pi->extra && pi->extra->mh_info)
1620 ? pi->extra->mh_info->es_info
1621 : NULL;
1622 /* if the esi is zero just unlink the path from the old es */
1623 if (!esi || !memcmp(esi, zero_esi, sizeof(*esi))) {
1624 if (es_info)
1625 bgp_evpn_path_es_unlink(es_info);
1626 return;
1627 }
1628
1629 bgp_evpn = bgp_get_evpn();
1630 if (!bgp_evpn)
1631 return;
1632
1633 /* setup es_info against the path if it doesn't aleady exist */
1634 if (!es_info)
1635 es_info = bgp_evpn_path_es_info_new(pi, vni);
1636
1637 /* find-create ES */
1638 es = bgp_evpn_es_find(esi);
1639 if (!es)
1640 es = bgp_evpn_es_new(bgp_evpn, esi);
1641
1642 /* dup check */
1643 if (es_info->es == es)
1644 return;
1645
1646 /* unlink old ES if any */
1647 bgp_evpn_path_es_unlink(es_info);
1648
1649 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
1650 zlog_debug("vni %u path %pFX linked to es %s", vni, &pi->net->p,
1651 es->esi_str);
1652
1653 /* link mac-ip path to the new destination ES */
1654 es_info->es = es;
1655 listnode_init(&es_info->es_listnode, es_info);
1656 if (es_info->vni)
1657 listnode_add(es->macip_evi_path_list, &es_info->es_listnode);
1658 else
1659 listnode_add(es->macip_global_path_list, &es_info->es_listnode);
1660 }
1661
1662 static bool bgp_evpn_is_macip_path(struct bgp_path_info *pi)
1663 {
1664 struct prefix_evpn *evp;
1665
1666 /* Only MAC-IP routes need to be linked (MAC-only routes can be
1667 * skipped) as these lists are maintained for managing
1668 * host routes in the tenant VRF
1669 */
1670 evp = (struct prefix_evpn *)&pi->net->p;
1671 return is_evpn_prefix_ipaddr_v4(evp) || is_evpn_prefix_ipaddr_v6(evp);
1672 }
1673
1674 /* When a remote ES is added to a VRF, routes using that as
1675 * a destination need to be migrated to a L3NHG or viceversa.
1676 * This is done indirectly by re-attempting an install of the
1677 * route in the associated VRFs. As a part of the VRF install use
1678 * of l3 NHG is evaluated and this results in the
1679 * attr.es_flag ATTR_ES_L3_NHG_USE being set or cleared.
1680 */
1681 static void
1682 bgp_evpn_es_path_update_on_es_vrf_chg(struct bgp_evpn_es_vrf *es_vrf,
1683 const char *reason)
1684 {
1685 struct listnode *node;
1686 struct bgp_path_es_info *es_info;
1687 struct bgp_path_info *pi;
1688 struct bgp_evpn_es *es = es_vrf->es;
1689
1690 if (!bgp_mh_info->host_routes_use_l3nhg)
1691 return;
1692
1693 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
1694 zlog_debug("update paths linked to es %s on es-vrf %s %s",
1695 es->esi_str, es_vrf->bgp_vrf->name_pretty, reason);
1696
1697 for (ALL_LIST_ELEMENTS_RO(es->macip_global_path_list, node, es_info)) {
1698 pi = es_info->pi;
1699
1700 if (!bgp_evpn_is_macip_path(pi))
1701 continue;
1702
1703 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
1704 zlog_debug(
1705 "update path %pFX linked to es %s on vrf chg",
1706 &pi->net->p, es->esi_str);
1707 bgp_evpn_route_entry_install_if_vrf_match(es_vrf->bgp_vrf, pi,
1708 1);
1709 }
1710 }
1711
1712 static void bgp_evpn_es_frag_free(struct bgp_evpn_es_frag *es_frag)
1713 {
1714 struct bgp_evpn_es *es = es_frag->es;
1715
1716 if (es->es_base_frag == es_frag)
1717 es->es_base_frag = NULL;
1718
1719 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1720 zlog_debug("es %s frag %u free", es->esi_str, es_frag->rd_id);
1721 list_delete_node(es->es_frag_list, &es_frag->es_listnode);
1722
1723 /* EVIs that are advertised using the info in this fragment */
1724 list_delete(&es_frag->es_evi_frag_list);
1725
1726 bf_release_index(bm->rd_idspace, es_frag->rd_id);
1727
1728
1729 XFREE(MTYPE_BGP_EVPN_ES_FRAG, es_frag);
1730 }
1731
1732 static void bgp_evpn_es_frag_free_unused(struct bgp_evpn_es_frag *es_frag)
1733 {
1734 if ((es_frag->es->es_base_frag == es_frag) ||
1735 listcount(es_frag->es_evi_frag_list))
1736 return;
1737
1738 bgp_evpn_es_frag_free(es_frag);
1739 }
1740
1741 static void bgp_evpn_es_frag_free_all(struct bgp_evpn_es *es)
1742 {
1743 struct listnode *node;
1744 struct listnode *nnode;
1745 struct bgp_evpn_es_frag *es_frag;
1746
1747 for (ALL_LIST_ELEMENTS(es->es_frag_list, node, nnode, es_frag))
1748 bgp_evpn_es_frag_free(es_frag);
1749 }
1750
1751 static struct bgp_evpn_es_frag *bgp_evpn_es_frag_new(struct bgp_evpn_es *es)
1752 {
1753 struct bgp_evpn_es_frag *es_frag;
1754 char buf[BGP_EVPN_PREFIX_RD_LEN];
1755 struct bgp *bgp;
1756
1757 es_frag = XCALLOC(MTYPE_BGP_EVPN_ES_FRAG, sizeof(*es_frag));
1758 bf_assign_index(bm->rd_idspace, es_frag->rd_id);
1759 es_frag->prd.family = AF_UNSPEC;
1760 es_frag->prd.prefixlen = 64;
1761 bgp = bgp_get_evpn();
1762 snprintfrr(buf, sizeof(buf), "%pI4:%hu", &bgp->router_id,
1763 es_frag->rd_id);
1764 (void)str2prefix_rd(buf, &es_frag->prd);
1765
1766 /* EVIs that are advertised using the info in this fragment */
1767 es_frag->es_evi_frag_list = list_new();
1768 listset_app_node_mem(es_frag->es_evi_frag_list);
1769
1770 /* Link the fragment to the parent ES */
1771 es_frag->es = es;
1772 listnode_init(&es_frag->es_listnode, es_frag);
1773 listnode_add(es->es_frag_list, &es_frag->es_listnode);
1774
1775 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1776 zlog_debug("es %s frag %u new", es->esi_str, es_frag->rd_id);
1777 return es_frag;
1778 }
1779
1780 static struct bgp_evpn_es_frag *
1781 bgp_evpn_es_find_frag_with_space(struct bgp_evpn_es *es)
1782 {
1783 struct listnode *node;
1784 struct bgp_evpn_es_frag *es_frag;
1785
1786 for (ALL_LIST_ELEMENTS_RO(es->es_frag_list, node, es_frag)) {
1787 if (listcount(es_frag->es_evi_frag_list) <
1788 bgp_mh_info->evi_per_es_frag)
1789 return es_frag;
1790 }
1791
1792 /* No frags where found with space; allocate a new one */
1793 return bgp_evpn_es_frag_new(es);
1794 }
1795
1796 /* Link the ES-EVI to one of the ES fragments */
1797 static void bgp_evpn_es_frag_evi_add(struct bgp_evpn_es_evi *es_evi)
1798 {
1799 struct bgp_evpn_es_frag *es_frag;
1800 struct bgp_evpn_es *es = es_evi->es;
1801
1802 if (es_evi->es_frag ||
1803 !(CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL)))
1804 return;
1805
1806 es_frag = bgp_evpn_es_find_frag_with_space(es);
1807
1808 es_evi->es_frag = es_frag;
1809 listnode_init(&es_evi->es_frag_listnode, es_evi);
1810 listnode_add(es_frag->es_evi_frag_list, &es_evi->es_frag_listnode);
1811
1812 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1813 zlog_debug("es %s vni %d linked to frag %u", es->esi_str,
1814 es_evi->vpn->vni, es_frag->rd_id);
1815 }
1816
1817 /* UnLink the ES-EVI from the ES fragment */
1818 static void bgp_evpn_es_frag_evi_del(struct bgp_evpn_es_evi *es_evi,
1819 bool send_ead_del_if_empty)
1820 {
1821 struct bgp_evpn_es_frag *es_frag = es_evi->es_frag;
1822 struct prefix_evpn p;
1823 struct bgp_evpn_es *es;
1824 struct bgp *bgp;
1825
1826 if (!es_frag)
1827 return;
1828
1829 es = es_frag->es;
1830 es_evi->es_frag = NULL;
1831 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1832 zlog_debug("es %s vni %d unlinked from frag %u", es->esi_str,
1833 es_evi->vpn->vni, es_frag->rd_id);
1834
1835 list_delete_node(es_frag->es_evi_frag_list, &es_evi->es_frag_listnode);
1836
1837 /*
1838 * if there are no other EVIs on the fragment deleted the EAD-ES for
1839 * the fragment
1840 */
1841 if (send_ead_del_if_empty && !listcount(es_frag->es_evi_frag_list)) {
1842 bgp = bgp_get_evpn();
1843
1844 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1845 zlog_debug("es %s frag %u ead-es route delete",
1846 es->esi_str, es_frag->rd_id);
1847 build_evpn_type1_prefix(&p, BGP_EVPN_AD_ES_ETH_TAG, &es->esi,
1848 es->originator_ip);
1849 p.prefix.ead_addr.frag_id = es_frag->rd_id;
1850 bgp_evpn_mh_route_delete(bgp, es, NULL, es_frag, &p);
1851 }
1852
1853 /* We don't attempt to coalesce frags that may not be full. Instead we
1854 * only free up the frag when it is completely empty.
1855 */
1856 bgp_evpn_es_frag_free_unused(es_frag);
1857 }
1858
1859 /* Link the ES-EVIs to one of the ES fragments */
1860 static void bgp_evpn_es_frag_evi_update_all(struct bgp_evpn_es *es, bool add)
1861 {
1862 struct listnode *node;
1863 struct bgp_evpn_es_evi *es_evi;
1864
1865 for (ALL_LIST_ELEMENTS_RO(es->es_evi_list, node, es_evi)) {
1866 if (add)
1867 bgp_evpn_es_frag_evi_add(es_evi);
1868 else
1869 bgp_evpn_es_frag_evi_del(es_evi, false);
1870 }
1871 }
1872
1873 /* compare ES-IDs for the global ES RB tree */
1874 static int bgp_es_rb_cmp(const struct bgp_evpn_es *es1,
1875 const struct bgp_evpn_es *es2)
1876 {
1877 return memcmp(&es1->esi, &es2->esi, ESI_BYTES);
1878 }
1879 RB_GENERATE(bgp_es_rb_head, bgp_evpn_es, rb_node, bgp_es_rb_cmp);
1880
1881 struct bgp_evpn_es *bgp_evpn_es_find(const esi_t *esi)
1882 {
1883 struct bgp_evpn_es tmp;
1884
1885 memcpy(&tmp.esi, esi, sizeof(esi_t));
1886 return RB_FIND(bgp_es_rb_head, &bgp_mh_info->es_rb_tree, &tmp);
1887 }
1888
1889 static struct bgp_evpn_es *bgp_evpn_es_new(struct bgp *bgp, const esi_t *esi)
1890 {
1891 struct bgp_evpn_es *es;
1892
1893 es = XCALLOC(MTYPE_BGP_EVPN_ES, sizeof(struct bgp_evpn_es));
1894
1895 /* set the ESI */
1896 memcpy(&es->esi, esi, sizeof(esi_t));
1897
1898 /* Initialise the VTEP list */
1899 es->es_vtep_list = list_new();
1900 listset_app_node_mem(es->es_vtep_list);
1901 es->es_vtep_list->cmp = bgp_evpn_es_vtep_cmp;
1902
1903 esi_to_str(&es->esi, es->esi_str, sizeof(es->esi_str));
1904
1905 /* Initialize the ES routing table */
1906 es->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
1907
1908 /* Add to rb_tree */
1909 RB_INSERT(bgp_es_rb_head, &bgp_mh_info->es_rb_tree, es);
1910
1911 /* Initialise the ES-EVI list */
1912 es->es_evi_list = list_new();
1913 listset_app_node_mem(es->es_evi_list);
1914
1915 /* Initialise the ES-VRF list used for L3NHG management */
1916 es->es_vrf_list = list_new();
1917 listset_app_node_mem(es->es_vrf_list);
1918
1919 /* Initialise the route list used for efficient event handling */
1920 es->macip_evi_path_list = list_new();
1921 listset_app_node_mem(es->macip_evi_path_list);
1922 es->macip_global_path_list = list_new();
1923 listset_app_node_mem(es->macip_global_path_list);
1924 es->es_frag_list = list_new();
1925 listset_app_node_mem(es->es_frag_list);
1926
1927 QOBJ_REG(es, bgp_evpn_es);
1928
1929 return es;
1930 }
1931
1932 /* Free a given ES -
1933 * This just frees appropriate memory, caller should have taken other
1934 * needed actions.
1935 */
1936 static void bgp_evpn_es_free(struct bgp_evpn_es *es, const char *caller)
1937 {
1938 if ((es->flags & (BGP_EVPNES_LOCAL | BGP_EVPNES_REMOTE))
1939 || listcount(es->macip_evi_path_list)
1940 || listcount(es->macip_global_path_list))
1941 return;
1942
1943 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
1944 zlog_debug("%s: es %s free", caller, es->esi_str);
1945
1946 /* cleanup resources maintained against the ES */
1947 list_delete(&es->es_evi_list);
1948 list_delete(&es->es_vrf_list);
1949 list_delete(&es->es_vtep_list);
1950 list_delete(&es->macip_evi_path_list);
1951 list_delete(&es->macip_global_path_list);
1952 list_delete(&es->es_frag_list);
1953 bgp_table_unlock(es->route_table);
1954
1955 /* remove the entry from various databases */
1956 RB_REMOVE(bgp_es_rb_head, &bgp_mh_info->es_rb_tree, es);
1957 bgp_evpn_es_cons_checks_pend_del(es);
1958
1959 QOBJ_UNREG(es);
1960 XFREE(MTYPE_BGP_EVPN_ES, es);
1961 }
1962
1963 static inline bool bgp_evpn_is_es_local_and_non_bypass(struct bgp_evpn_es *es)
1964 {
1965 return (es->flags & BGP_EVPNES_LOCAL)
1966 && !(es->flags & BGP_EVPNES_BYPASS);
1967 }
1968
1969 /* init local info associated with the ES */
1970 static void bgp_evpn_es_local_info_set(struct bgp *bgp, struct bgp_evpn_es *es)
1971 {
1972 bool old_is_local;
1973 bool is_local;
1974
1975 if (CHECK_FLAG(es->flags, BGP_EVPNES_LOCAL))
1976 return;
1977
1978 old_is_local = bgp_evpn_is_es_local_and_non_bypass(es);
1979 SET_FLAG(es->flags, BGP_EVPNES_LOCAL);
1980
1981 listnode_init(&es->es_listnode, es);
1982 listnode_add(bgp_mh_info->local_es_list, &es->es_listnode);
1983
1984 /* setup the first ES fragment; more fragments may be allocated based
1985 * on the the number of EVI entries
1986 */
1987 es->es_base_frag = bgp_evpn_es_frag_new(es);
1988 /* distribute ES-EVIs to one or more ES fragments */
1989 bgp_evpn_es_frag_evi_update_all(es, true);
1990
1991 is_local = bgp_evpn_is_es_local_and_non_bypass(es);
1992 if (old_is_local != is_local)
1993 bgp_evpn_mac_update_on_es_local_chg(es, is_local);
1994 }
1995
1996 /* clear any local info associated with the ES */
1997 static void bgp_evpn_es_local_info_clear(struct bgp_evpn_es *es, bool finish)
1998 {
1999 bool old_is_local;
2000 bool is_local;
2001
2002 if (!CHECK_FLAG(es->flags, BGP_EVPNES_LOCAL))
2003 return;
2004
2005 /* clear the es frag references and free them up */
2006 bgp_evpn_es_frag_evi_update_all(es, false);
2007 es->es_base_frag = NULL;
2008 bgp_evpn_es_frag_free_all(es);
2009
2010 old_is_local = bgp_evpn_is_es_local_and_non_bypass(es);
2011 UNSET_FLAG(es->flags, BGP_EVPNES_LOCAL);
2012
2013 is_local = bgp_evpn_is_es_local_and_non_bypass(es);
2014 if (!finish && (old_is_local != is_local))
2015 bgp_evpn_mac_update_on_es_local_chg(es, is_local);
2016
2017 /* remove from the ES local list */
2018 list_delete_node(bgp_mh_info->local_es_list, &es->es_listnode);
2019
2020 bgp_evpn_es_free(es, __func__);
2021 }
2022
2023 /* eval remote info associated with the ES */
2024 static void bgp_evpn_es_remote_info_re_eval(struct bgp_evpn_es *es)
2025 {
2026 if (es->remote_es_evi_cnt) {
2027 SET_FLAG(es->flags, BGP_EVPNES_REMOTE);
2028 } else {
2029 if (CHECK_FLAG(es->flags, BGP_EVPNES_REMOTE)) {
2030 UNSET_FLAG(es->flags, BGP_EVPNES_REMOTE);
2031 bgp_evpn_es_free(es, __func__);
2032 }
2033 }
2034 }
2035
2036 /* If ES is present and local it needs to be active/oper-up for
2037 * including L3 EC
2038 */
2039 bool bgp_evpn_es_add_l3_ecomm_ok(esi_t *esi)
2040 {
2041 struct bgp_evpn_es *es;
2042
2043 if (!esi || !bgp_mh_info->suppress_l3_ecomm_on_inactive_es)
2044 return true;
2045
2046 es = bgp_evpn_es_find(esi);
2047
2048 return (!es || !(es->flags & BGP_EVPNES_LOCAL)
2049 || bgp_evpn_local_es_is_active(es));
2050 }
2051
2052 static bool bgp_evpn_is_valid_local_path(struct bgp_path_info *pi)
2053 {
2054 return (CHECK_FLAG(pi->flags, BGP_PATH_VALID)
2055 && pi->type == ZEBRA_ROUTE_BGP
2056 && pi->sub_type == BGP_ROUTE_STATIC);
2057 }
2058
2059 /* Update all local MAC-IP routes in the VNI routing table associated
2060 * with the ES. When the ES is down the routes are advertised without
2061 * the L3 extcomm
2062 */
2063 static void bgp_evpn_mac_update_on_es_oper_chg(struct bgp_evpn_es *es)
2064 {
2065 struct listnode *node;
2066 struct bgp_path_es_info *es_info;
2067 struct bgp_path_info *pi;
2068 struct bgp *bgp;
2069 struct bgpevpn *vpn;
2070
2071 if (!bgp_mh_info->suppress_l3_ecomm_on_inactive_es)
2072 return;
2073
2074 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2075 zlog_debug("update paths linked to es %s on oper chg",
2076 es->esi_str);
2077
2078 bgp = bgp_get_evpn();
2079 for (ALL_LIST_ELEMENTS_RO(es->macip_evi_path_list, node, es_info)) {
2080 pi = es_info->pi;
2081
2082 if (!bgp_evpn_is_valid_local_path(pi))
2083 continue;
2084
2085 if (!bgp_evpn_is_macip_path(pi))
2086 continue;
2087
2088 vpn = bgp_evpn_lookup_vni(bgp, es_info->vni);
2089 if (!vpn)
2090 continue;
2091
2092 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
2093 zlog_debug(
2094 "update path %d %pFX linked to es %s on oper chg",
2095 es_info->vni, &pi->net->p, es->esi_str);
2096
2097 bgp_evpn_update_type2_route_entry(bgp, vpn, pi->net, pi,
2098 __func__);
2099 }
2100 }
2101
2102 static bool bgp_evpn_is_valid_bgp_path(struct bgp_path_info *pi)
2103 {
2104 return (CHECK_FLAG(pi->flags, BGP_PATH_VALID)
2105 && pi->type == ZEBRA_ROUTE_BGP
2106 && pi->sub_type == BGP_ROUTE_NORMAL);
2107 }
2108
2109 /* If an ES is no longer local (or becomes local) we need to re-install
2110 * paths using that ES as destination. This is needed as the criteria
2111 * for best path selection has changed.
2112 */
2113 static void bgp_evpn_mac_update_on_es_local_chg(struct bgp_evpn_es *es,
2114 bool is_local)
2115 {
2116 struct listnode *node;
2117 struct bgp_path_es_info *es_info;
2118 struct bgp_path_info *pi;
2119 bool tmp_local;
2120 struct attr *attr_new;
2121 struct attr attr_tmp;
2122
2123 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2124 zlog_debug("update paths linked to es %s on chg to %s",
2125 es->esi_str, is_local ? "local" : "non-local");
2126
2127 for (ALL_LIST_ELEMENTS_RO(es->macip_global_path_list, node, es_info)) {
2128 pi = es_info->pi;
2129
2130 /* Consider "valid" remote routes */
2131 if (!bgp_evpn_is_valid_bgp_path(pi))
2132 continue;
2133
2134 if (!pi->attr)
2135 continue;
2136
2137 tmp_local = !!(pi->attr->es_flags & ATTR_ES_IS_LOCAL);
2138 if (tmp_local == is_local)
2139 continue;
2140
2141 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
2142 zlog_debug(
2143 "update path %pFX linked to es %s on chg to %s",
2144 &pi->net->p, es->esi_str,
2145 is_local ? "local" : "non-local");
2146
2147 attr_tmp = *pi->attr;
2148 if (is_local)
2149 attr_tmp.es_flags |= ATTR_ES_IS_LOCAL;
2150 else
2151 attr_tmp.es_flags &= ~ATTR_ES_IS_LOCAL;
2152 attr_new = bgp_attr_intern(&attr_tmp);
2153 bgp_attr_unintern(&pi->attr);
2154 pi->attr = attr_new;
2155 bgp_evpn_import_type2_route(pi, 1);
2156 }
2157 }
2158
2159 static void bgp_evpn_local_es_deactivate(struct bgp *bgp,
2160 struct bgp_evpn_es *es)
2161 {
2162 struct prefix_evpn p;
2163 int ret;
2164
2165 /* withdraw ESR */
2166 /* Delete and withdraw locally learnt ES route */
2167 build_evpn_type4_prefix(&p, &es->esi, es->originator_ip);
2168 ret = bgp_evpn_type4_route_delete(bgp, es, &p);
2169 if (ret) {
2170 flog_err(EC_BGP_EVPN_ROUTE_DELETE,
2171 "%u failed to delete type-4 route for ESI %s",
2172 bgp->vrf_id, es->esi_str);
2173 }
2174
2175 /* withdraw EAD-EVI */
2176 if (!bgp_mh_info->ead_evi_adv_for_down_links)
2177 bgp_evpn_local_type1_evi_route_del(bgp, es);
2178
2179 /* withdraw EAD-ES */
2180 bgp_evpn_ead_es_route_delete(bgp, es);
2181
2182 bgp_evpn_mac_update_on_es_oper_chg(es);
2183 }
2184
2185 /* Process ES link oper-down by withdrawing ES-EAD and ESR */
2186 static void bgp_evpn_local_es_down(struct bgp *bgp, struct bgp_evpn_es *es)
2187 {
2188 bool old_active;
2189
2190 if (!CHECK_FLAG(es->flags, BGP_EVPNES_OPER_UP))
2191 return;
2192
2193 old_active = bgp_evpn_local_es_is_active(es);
2194 UNSET_FLAG(es->flags, BGP_EVPNES_OPER_UP);
2195
2196 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2197 zlog_debug("local es %s down", es->esi_str);
2198
2199 if (old_active)
2200 bgp_evpn_local_es_deactivate(bgp, es);
2201 }
2202
2203 static void bgp_evpn_local_es_activate(struct bgp *bgp, struct bgp_evpn_es *es,
2204 bool regen_ead, bool regen_esr)
2205 {
2206 struct prefix_evpn p;
2207
2208 if (regen_esr) {
2209 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2210 zlog_debug("local es %s generate ESR", es->esi_str);
2211 /* generate ESR */
2212 build_evpn_type4_prefix(&p, &es->esi, es->originator_ip);
2213 if (bgp_evpn_type4_route_update(bgp, es, &p))
2214 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
2215 "%u: Type4 route creation failure for ESI %s",
2216 bgp->vrf_id, es->esi_str);
2217 }
2218
2219 if (regen_ead) {
2220 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2221 zlog_debug("local es %s generate EAD", es->esi_str);
2222 /* generate EAD-EVI */
2223 bgp_evpn_local_type1_evi_route_add(bgp, es);
2224
2225 /* generate EAD-ES */
2226 bgp_evpn_ead_es_route_update(bgp, es);
2227 }
2228
2229 bgp_evpn_mac_update_on_es_oper_chg(es);
2230 }
2231
2232 /* Process ES link oper-up by generating ES-EAD and ESR */
2233 static void bgp_evpn_local_es_up(struct bgp *bgp, struct bgp_evpn_es *es,
2234 bool regen_esr)
2235 {
2236 bool regen_ead = false;
2237 bool active = false;
2238
2239 if (!CHECK_FLAG(es->flags, BGP_EVPNES_OPER_UP)) {
2240 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2241 zlog_debug("local es %s up", es->esi_str);
2242
2243 SET_FLAG(es->flags, BGP_EVPNES_OPER_UP);
2244 regen_esr = true;
2245 regen_ead = true;
2246 }
2247
2248 active = bgp_evpn_local_es_is_active(es);
2249 if (active && (regen_ead || regen_esr))
2250 bgp_evpn_local_es_activate(bgp, es, regen_ead, regen_esr);
2251 }
2252
2253 /* If an ethernet segment is in LACP bypass we cannot advertise
2254 * reachability to it i.e. EAD-per-ES and ESR is not advertised in
2255 * bypass state.
2256 * PS: EAD-per-EVI will continue to be advertised
2257 */
2258 static void bgp_evpn_local_es_bypass_update(struct bgp *bgp,
2259 struct bgp_evpn_es *es, bool bypass)
2260 {
2261 bool old_bypass = !!(es->flags & BGP_EVPNES_BYPASS);
2262 bool old_active;
2263 bool new_active;
2264 bool old_is_local;
2265 bool is_local;
2266
2267 if (bypass == old_bypass)
2268 return;
2269
2270 old_active = bgp_evpn_local_es_is_active(es);
2271 old_is_local = bgp_evpn_is_es_local_and_non_bypass(es);
2272 if (bypass)
2273 SET_FLAG(es->flags, BGP_EVPNES_BYPASS);
2274 else
2275 UNSET_FLAG(es->flags, BGP_EVPNES_BYPASS);
2276
2277 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2278 zlog_debug("local es %s bypass %s", es->esi_str,
2279 bypass ? "set" : "clear");
2280
2281 new_active = bgp_evpn_local_es_is_active(es);
2282 if (old_active != new_active) {
2283 if (new_active)
2284 bgp_evpn_local_es_activate(bgp, es, true, true);
2285 else
2286 bgp_evpn_local_es_deactivate(bgp, es);
2287 }
2288
2289 is_local = bgp_evpn_is_es_local_and_non_bypass(es);
2290 if (old_is_local != is_local)
2291 bgp_evpn_mac_update_on_es_local_chg(es, is_local);
2292 }
2293
2294 static void bgp_evpn_local_es_do_del(struct bgp *bgp, struct bgp_evpn_es *es)
2295 {
2296 struct bgp_evpn_es_evi *es_evi;
2297 struct listnode *evi_node, *evi_next_node;
2298
2299 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2300 zlog_debug("del local es %s", es->esi_str);
2301
2302 /* Delete all local EVPN ES routes from ESI table
2303 * and schedule for processing (to withdraw from peers))
2304 */
2305 bgp_evpn_es_route_del_all(bgp, es);
2306
2307 /* release all local ES EVIs associated with the ES */
2308 for (ALL_LIST_ELEMENTS(es->es_evi_list, evi_node,
2309 evi_next_node, es_evi)) {
2310 bgp_evpn_local_es_evi_do_del(es_evi);
2311 }
2312
2313 /* Clear local info associated with the ES and free it up if there is
2314 * no remote reference
2315 */
2316 bgp_evpn_es_local_info_clear(es, false);
2317 }
2318
2319 bool bgp_evpn_is_esi_local_and_non_bypass(esi_t *esi)
2320 {
2321 struct bgp_evpn_es *es = NULL;
2322
2323 /* Lookup ESI hash - should exist. */
2324 es = bgp_evpn_es_find(esi);
2325
2326 return es && bgp_evpn_is_es_local_and_non_bypass(es);
2327 }
2328
2329 int bgp_evpn_local_es_del(struct bgp *bgp, esi_t *esi)
2330 {
2331 struct bgp_evpn_es *es = NULL;
2332
2333 /* Lookup ESI hash - should exist. */
2334 es = bgp_evpn_es_find(esi);
2335 if (!es) {
2336 flog_warn(EC_BGP_EVPN_ESI, "%u: ES missing at local ES DEL",
2337 bgp->vrf_id);
2338 return -1;
2339 }
2340
2341 bgp_evpn_local_es_do_del(bgp, es);
2342 return 0;
2343 }
2344
2345 /* Handle device to ES id association. Results in the creation of a local
2346 * ES.
2347 */
2348 int bgp_evpn_local_es_add(struct bgp *bgp, esi_t *esi,
2349 struct in_addr originator_ip, bool oper_up,
2350 uint16_t df_pref, bool bypass)
2351 {
2352 struct bgp_evpn_es *es;
2353 bool new_es = true;
2354 bool regen_esr = false;
2355
2356 /* create the new es */
2357 es = bgp_evpn_es_find(esi);
2358 if (es) {
2359 if (CHECK_FLAG(es->flags, BGP_EVPNES_LOCAL))
2360 new_es = false;
2361 } else
2362 es = bgp_evpn_es_new(bgp, esi);
2363
2364 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2365 zlog_debug("add local es %s orig-ip %pI4 df_pref %u %s",
2366 es->esi_str, &originator_ip, df_pref,
2367 bypass ? "bypass" : "");
2368
2369 es->originator_ip = originator_ip;
2370 if (df_pref != es->df_pref) {
2371 es->df_pref = df_pref;
2372 regen_esr = true;
2373 }
2374 bgp_evpn_es_local_info_set(bgp, es);
2375
2376 /* import all remote Type-4 routes in the ES table */
2377 if (new_es)
2378 bgp_evpn_type4_remote_routes_import(bgp, es,
2379 true /* install */);
2380
2381 /* create and advertise EAD-EVI routes for the ES -
2382 * XXX - till an ES-EVI reference is created there is really nothing to
2383 * advertise
2384 */
2385 if (bgp_mh_info->ead_evi_adv_for_down_links)
2386 bgp_evpn_local_type1_evi_route_add(bgp, es);
2387
2388 bgp_evpn_local_es_bypass_update(bgp, es, bypass);
2389
2390 /* If the ES link is operationally up generate EAD-ES. EAD-EVI
2391 * can be generated even if the link is inactive.
2392 */
2393 if (oper_up)
2394 bgp_evpn_local_es_up(bgp, es, regen_esr);
2395 else
2396 bgp_evpn_local_es_down(bgp, es);
2397
2398 return 0;
2399 }
2400
2401 static void bgp_evpn_es_json_frag_fill(json_object *json_frags,
2402 struct bgp_evpn_es *es)
2403 {
2404 json_object *json_frag;
2405 struct listnode *node;
2406 struct bgp_evpn_es_frag *es_frag;
2407
2408 for (ALL_LIST_ELEMENTS_RO(es->es_frag_list, node, es_frag)) {
2409 json_frag = json_object_new_object();
2410
2411 json_object_string_addf(json_frag, "rd", "%pRD", &es_frag->prd);
2412 json_object_int_add(json_frag, "eviCount",
2413 listcount(es_frag->es_evi_frag_list));
2414
2415 json_object_array_add(json_frags, json_frag);
2416 }
2417 }
2418
2419 static void bgp_evpn_es_frag_show_detail(struct vty *vty,
2420 struct bgp_evpn_es *es)
2421 {
2422 struct listnode *node;
2423 struct bgp_evpn_es_frag *es_frag;
2424
2425 for (ALL_LIST_ELEMENTS_RO(es->es_frag_list, node, es_frag)) {
2426 vty_out(vty, " %pRD EVIs: %d\n", &es_frag->prd,
2427 listcount(es_frag->es_evi_frag_list));
2428 }
2429 }
2430
2431 static char *bgp_evpn_es_vteps_str(char *vtep_str, struct bgp_evpn_es *es,
2432 uint8_t vtep_str_size)
2433 {
2434 char vtep_flag_str[BGP_EVPN_FLAG_STR_SZ];
2435 struct listnode *node;
2436 struct bgp_evpn_es_vtep *es_vtep;
2437 bool first = true;
2438 char ip_buf[INET_ADDRSTRLEN];
2439
2440 vtep_str[0] = '\0';
2441 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, es_vtep)) {
2442 vtep_flag_str[0] = '\0';
2443
2444 if (es_vtep->flags & BGP_EVPNES_VTEP_ESR)
2445 strlcat(vtep_flag_str, "E", sizeof(vtep_flag_str));
2446 if (es_vtep->flags & BGP_EVPNES_VTEP_ACTIVE)
2447 strlcat(vtep_flag_str, "A", sizeof(vtep_flag_str));
2448
2449 if (!strlen(vtep_flag_str))
2450 strlcat(vtep_flag_str, "-", sizeof(vtep_flag_str));
2451 if (first)
2452 first = false;
2453 else
2454 strlcat(vtep_str, ",", vtep_str_size);
2455 strlcat(vtep_str,
2456 inet_ntop(AF_INET, &es_vtep->vtep_ip, ip_buf,
2457 sizeof(ip_buf)),
2458 vtep_str_size);
2459 strlcat(vtep_str, "(", vtep_str_size);
2460 strlcat(vtep_str, vtep_flag_str, vtep_str_size);
2461 strlcat(vtep_str, ")", vtep_str_size);
2462 }
2463
2464 return vtep_str;
2465 }
2466
2467 static void bgp_evpn_es_json_vtep_fill(json_object *json_vteps,
2468 struct bgp_evpn_es_vtep *es_vtep)
2469 {
2470 json_object *json_vtep_entry;
2471 json_object *json_flags;
2472
2473 json_vtep_entry = json_object_new_object();
2474
2475 json_object_string_addf(json_vtep_entry, "vtep_ip", "%pI4",
2476 &es_vtep->vtep_ip);
2477 if (es_vtep->flags & (BGP_EVPNES_VTEP_ESR |
2478 BGP_EVPNES_VTEP_ACTIVE)) {
2479 json_flags = json_object_new_array();
2480 if (es_vtep->flags & BGP_EVPNES_VTEP_ESR)
2481 json_array_string_add(json_flags, "esr");
2482 if (es_vtep->flags & BGP_EVPNES_VTEP_ACTIVE)
2483 json_array_string_add(json_flags, "active");
2484 json_object_object_add(json_vtep_entry, "flags", json_flags);
2485 if (es_vtep->flags & BGP_EVPNES_VTEP_ESR) {
2486 json_object_int_add(json_vtep_entry, "dfPreference",
2487 es_vtep->df_pref);
2488 json_object_int_add(json_vtep_entry, "dfAlgorithm",
2489 es_vtep->df_pref);
2490 }
2491 }
2492
2493 json_object_array_add(json_vteps,
2494 json_vtep_entry);
2495 }
2496
2497 static void bgp_evpn_es_vteps_show_detail(struct vty *vty,
2498 struct bgp_evpn_es *es)
2499 {
2500 char vtep_flag_str[BGP_EVPN_FLAG_STR_SZ];
2501 struct listnode *node;
2502 struct bgp_evpn_es_vtep *es_vtep;
2503 char alg_buf[EVPN_DF_ALG_STR_LEN];
2504
2505 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, es_vtep)) {
2506 vtep_flag_str[0] = '\0';
2507 if (es_vtep->flags & BGP_EVPNES_VTEP_ESR)
2508 strlcat(vtep_flag_str, "E", sizeof(vtep_flag_str));
2509 if (es_vtep->flags & BGP_EVPNES_VTEP_ACTIVE)
2510 strlcat(vtep_flag_str, "A", sizeof(vtep_flag_str));
2511
2512 if (!strlen(vtep_flag_str))
2513 strlcat(vtep_flag_str, "-", sizeof(vtep_flag_str));
2514
2515 vty_out(vty, " %pI4 flags: %s", &es_vtep->vtep_ip,
2516 vtep_flag_str);
2517
2518 if (es_vtep->flags & BGP_EVPNES_VTEP_ESR)
2519 vty_out(vty, " df_alg: %s df_pref: %u\n",
2520 evpn_es_df_alg2str(es_vtep->df_alg, alg_buf,
2521 sizeof(alg_buf)),
2522 es_vtep->df_pref);
2523 else
2524 vty_out(vty, "\n");
2525 }
2526 }
2527
2528 static void bgp_evpn_es_show_entry(struct vty *vty,
2529 struct bgp_evpn_es *es, json_object *json)
2530 {
2531 struct listnode *node;
2532 struct bgp_evpn_es_vtep *es_vtep;
2533
2534 if (json) {
2535 json_object *json_vteps;
2536 json_object *json_types;
2537
2538 json_object_string_add(json, "esi", es->esi_str);
2539 if (es->es_base_frag)
2540 json_object_string_addf(json, "rd", "%pRD",
2541 &es->es_base_frag->prd);
2542
2543 if (es->flags & (BGP_EVPNES_LOCAL | BGP_EVPNES_REMOTE)) {
2544 json_types = json_object_new_array();
2545 if (es->flags & BGP_EVPNES_LOCAL)
2546 json_array_string_add(json_types, "local");
2547 if (es->flags & BGP_EVPNES_REMOTE)
2548 json_array_string_add(json_types, "remote");
2549 json_object_object_add(json, "type", json_types);
2550 }
2551
2552 if (listcount(es->es_vtep_list)) {
2553 json_vteps = json_object_new_array();
2554 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list,
2555 node, es_vtep)) {
2556 bgp_evpn_es_json_vtep_fill(json_vteps, es_vtep);
2557 }
2558 json_object_object_add(json, "vteps", json_vteps);
2559 }
2560 json_object_int_add(json, "vniCount",
2561 listcount(es->es_evi_list));
2562 } else {
2563 char type_str[4];
2564 char vtep_str[ES_VTEP_LIST_STR_SZ + BGP_EVPN_VTEPS_FLAG_STR_SZ];
2565
2566 type_str[0] = '\0';
2567 if (es->flags & BGP_EVPNES_BYPASS)
2568 strlcat(type_str, "B", sizeof(type_str));
2569 if (es->flags & BGP_EVPNES_LOCAL)
2570 strlcat(type_str, "L", sizeof(type_str));
2571 if (es->flags & BGP_EVPNES_REMOTE)
2572 strlcat(type_str, "R", sizeof(type_str));
2573 if (es->inconsistencies)
2574 strlcat(type_str, "I", sizeof(type_str));
2575
2576 bgp_evpn_es_vteps_str(vtep_str, es, sizeof(vtep_str));
2577
2578 vty_out(vty, "%-30s %-5s %-21pRD %-8d %s\n", es->esi_str,
2579 type_str, &es->es_base_frag->prd,
2580 listcount(es->es_evi_list), vtep_str);
2581 }
2582 }
2583
2584 static void bgp_evpn_es_show_entry_detail(struct vty *vty,
2585 struct bgp_evpn_es *es, json_object *json)
2586 {
2587 if (json) {
2588 json_object *json_flags;
2589 json_object *json_incons;
2590 json_object *json_vteps;
2591 json_object *json_frags;
2592 struct listnode *node;
2593 struct bgp_evpn_es_vtep *es_vtep;
2594
2595 /* Add the "brief" info first */
2596 bgp_evpn_es_show_entry(vty, es, json);
2597 if (es->flags
2598 & (BGP_EVPNES_OPER_UP | BGP_EVPNES_ADV_EVI
2599 | BGP_EVPNES_BYPASS)) {
2600 json_flags = json_object_new_array();
2601 if (es->flags & BGP_EVPNES_OPER_UP)
2602 json_array_string_add(json_flags, "up");
2603 if (es->flags & BGP_EVPNES_ADV_EVI)
2604 json_array_string_add(json_flags,
2605 "advertiseEVI");
2606 if (es->flags & BGP_EVPNES_BYPASS)
2607 json_array_string_add(json_flags, "bypass");
2608 json_object_object_add(json, "flags", json_flags);
2609 }
2610 json_object_string_addf(json, "originator_ip", "%pI4",
2611 &es->originator_ip);
2612 json_object_int_add(json, "remoteVniCount",
2613 es->remote_es_evi_cnt);
2614 json_object_int_add(json, "vrfCount",
2615 listcount(es->es_vrf_list));
2616 json_object_int_add(json, "macipPathCount",
2617 listcount(es->macip_evi_path_list));
2618 json_object_int_add(json, "macipGlobalPathCount",
2619 listcount(es->macip_global_path_list));
2620 json_object_int_add(json, "inconsistentVniVtepCount",
2621 es->incons_evi_vtep_cnt);
2622 if (listcount(es->es_vtep_list)) {
2623 json_vteps = json_object_new_array();
2624 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node,
2625 es_vtep)) {
2626 bgp_evpn_es_json_vtep_fill(json_vteps, es_vtep);
2627 }
2628 json_object_object_add(json, "vteps", json_vteps);
2629 }
2630 if (listcount(es->es_frag_list)) {
2631 json_frags = json_object_new_array();
2632 bgp_evpn_es_json_frag_fill(json_frags, es);
2633 json_object_object_add(json, "fragments", json_frags);
2634 }
2635 if (es->inconsistencies) {
2636 json_incons = json_object_new_array();
2637 if (es->inconsistencies & BGP_EVPNES_INCONS_VTEP_LIST)
2638 json_array_string_add(json_incons,
2639 "vni-vtep-mismatch");
2640 json_object_object_add(json, "inconsistencies",
2641 json_incons);
2642 }
2643 } else {
2644 char incons_str[BGP_EVPNES_INCONS_STR_SZ];
2645 char type_str[4];
2646
2647 type_str[0] = '\0';
2648 if (es->flags & BGP_EVPNES_LOCAL)
2649 strlcat(type_str, "L", sizeof(type_str));
2650 if (es->flags & BGP_EVPNES_REMOTE)
2651 strlcat(type_str, "R", sizeof(type_str));
2652
2653 vty_out(vty, "ESI: %s\n", es->esi_str);
2654 vty_out(vty, " Type: %s\n", type_str);
2655 vty_out(vty, " RD: %pRD\n", &es->es_base_frag->prd);
2656 vty_out(vty, " Originator-IP: %pI4\n", &es->originator_ip);
2657 if (es->flags & BGP_EVPNES_LOCAL)
2658 vty_out(vty, " Local ES DF preference: %u\n",
2659 es->df_pref);
2660 if (es->flags & BGP_EVPNES_BYPASS)
2661 vty_out(vty, " LACP bypass: on\n");
2662 vty_out(vty, " VNI Count: %d\n", listcount(es->es_evi_list));
2663 vty_out(vty, " Remote VNI Count: %d\n",
2664 es->remote_es_evi_cnt);
2665 vty_out(vty, " VRF Count: %d\n", listcount(es->es_vrf_list));
2666 vty_out(vty, " MACIP EVI Path Count: %d\n",
2667 listcount(es->macip_evi_path_list));
2668 vty_out(vty, " MACIP Global Path Count: %d\n",
2669 listcount(es->macip_global_path_list));
2670 vty_out(vty, " Inconsistent VNI VTEP Count: %d\n",
2671 es->incons_evi_vtep_cnt);
2672 if (es->inconsistencies) {
2673 incons_str[0] = '\0';
2674 if (es->inconsistencies & BGP_EVPNES_INCONS_VTEP_LIST)
2675 strlcat(incons_str, "vni-vtep-mismatch",
2676 sizeof(incons_str));
2677 } else {
2678 strlcpy(incons_str, "-", sizeof(incons_str));
2679 }
2680 vty_out(vty, " Inconsistencies: %s\n",
2681 incons_str);
2682 if (listcount(es->es_frag_list)) {
2683 vty_out(vty, " Fragments:\n");
2684 bgp_evpn_es_frag_show_detail(vty, es);
2685 }
2686 if (listcount(es->es_vtep_list)) {
2687 vty_out(vty, " VTEPs:\n");
2688 bgp_evpn_es_vteps_show_detail(vty, es);
2689 }
2690 vty_out(vty, "\n");
2691 }
2692 }
2693
2694 /* Display all ESs */
2695 void bgp_evpn_es_show(struct vty *vty, bool uj, bool detail)
2696 {
2697 struct bgp_evpn_es *es;
2698 json_object *json_array = NULL;
2699 json_object *json = NULL;
2700
2701 if (uj) {
2702 /* create an array of ESs */
2703 json_array = json_object_new_array();
2704 } else {
2705 if (!detail) {
2706 vty_out(vty,
2707 "ES Flags: B - bypass, L local, R remote, I inconsistent\n");
2708 vty_out(vty,
2709 "VTEP Flags: E ESR/Type-4, A active nexthop\n");
2710 vty_out(vty,
2711 "%-30s %-5s %-21s %-8s %s\n",
2712 "ESI", "Flags", "RD", "#VNIs", "VTEPs");
2713 }
2714 }
2715
2716 RB_FOREACH(es, bgp_es_rb_head, &bgp_mh_info->es_rb_tree) {
2717 if (uj)
2718 /* create a separate json object for each ES */
2719 json = json_object_new_object();
2720 if (detail)
2721 bgp_evpn_es_show_entry_detail(vty, es, json);
2722 else
2723 bgp_evpn_es_show_entry(vty, es, json);
2724 /* add ES to the json array */
2725 if (uj)
2726 json_object_array_add(json_array, json);
2727 }
2728
2729 /* print the array of json-ESs */
2730 if (uj)
2731 vty_json(vty, json_array);
2732 }
2733
2734 /* Display specific ES */
2735 void bgp_evpn_es_show_esi(struct vty *vty, esi_t *esi, bool uj)
2736 {
2737 struct bgp_evpn_es *es;
2738 json_object *json = NULL;
2739
2740 if (uj)
2741 json = json_object_new_object();
2742
2743 es = bgp_evpn_es_find(esi);
2744 if (es) {
2745 bgp_evpn_es_show_entry_detail(vty, es, json);
2746 } else {
2747 if (!uj)
2748 vty_out(vty, "ESI not found\n");
2749 }
2750
2751 if (uj)
2752 vty_json(vty, json);
2753 }
2754
2755 /*****************************************************************************/
2756 /* Ethernet Segment to VRF association -
2757 * 1. Each ES-EVI entry is associated with a tenant VRF. This associaton
2758 * triggers the creation of an ES-VRF entry.
2759 * 2. The ES-VRF entry is maintained for the purpose of L3-NHG creation
2760 * 3. Type-2/MAC-IP routes are imported into a tenant VRF and programmed as
2761 * a /32 or host route entry in the dataplane. If the destination of
2762 * the host route is a remote-ES the route is programmed with the
2763 * corresponding (keyed in by {vrf,ES-id}) L3-NHG.
2764 * 4. The reason for this indirection (route->L3-NHG, L3-NHG->list-of-VTEPs)
2765 * is to avoid route updates to the dplane when a remote-ES link flaps i.e.
2766 * instead of updating all the dependent routes the NHG's contents are updated.
2767 * This reduces the amount of datplane updates (nhg updates vs. route updates)
2768 * allowing for a faster failover.
2769 *
2770 * XXX - can the L3 SVI index change without change in vpn->bgp_vrf
2771 * association? If yes we need to handle that by updating all the L3 NHGs
2772 * in that VRF.
2773 */
2774 /******************************** L3 NHG management *************************/
2775 static void bgp_evpn_l3nhg_zebra_add_v4_or_v6(struct bgp_evpn_es_vrf *es_vrf,
2776 bool v4_nhg)
2777 {
2778 uint32_t nhg_id = v4_nhg ? es_vrf->nhg_id : es_vrf->v6_nhg_id;
2779 struct bgp_evpn_es *es = es_vrf->es;
2780 struct listnode *node;
2781 struct bgp_evpn_es_vtep *es_vtep;
2782 struct nexthop nh;
2783 struct zapi_nexthop *api_nh;
2784 struct zapi_nhg api_nhg = {};
2785
2786 /* Skip installation of L3-NHG if host routes used */
2787 if (!nhg_id)
2788 return;
2789
2790 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2791 zlog_debug("es %s vrf %u %s nhg %u to zebra", es->esi_str,
2792 es_vrf->bgp_vrf->vrf_id,
2793 v4_nhg ? "v4_nhg" : "v6_nhg", nhg_id);
2794
2795 frrtrace(4, frr_bgp, evpn_mh_nhg_zsend, true, v4_nhg, nhg_id, es_vrf);
2796
2797 /* only the gateway ip changes for each NH. rest of the params
2798 * are constant
2799 */
2800 memset(&nh, 0, sizeof(nh));
2801 nh.vrf_id = es_vrf->bgp_vrf->vrf_id;
2802 nh.flags = NEXTHOP_FLAG_ONLINK;
2803 nh.ifindex = es_vrf->bgp_vrf->l3vni_svi_ifindex;
2804 nh.weight = 1;
2805 nh.type =
2806 v4_nhg ? NEXTHOP_TYPE_IPV4_IFINDEX : NEXTHOP_TYPE_IPV6_IFINDEX;
2807
2808 api_nhg.id = nhg_id;
2809 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, es_vtep)) {
2810 if (!CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE))
2811 continue;
2812
2813 /* Don't overrun the zapi buffer. */
2814 if (api_nhg.nexthop_num == MULTIPATH_NUM)
2815 break;
2816
2817 /* overwrite the gw */
2818 if (v4_nhg)
2819 nh.gate.ipv4 = es_vtep->vtep_ip;
2820 else
2821 ipv4_to_ipv4_mapped_ipv6(&nh.gate.ipv6,
2822 es_vtep->vtep_ip);
2823
2824 /* convert to zapi format */
2825 api_nh = &api_nhg.nexthops[api_nhg.nexthop_num];
2826 zapi_nexthop_from_nexthop(api_nh, &nh);
2827
2828 ++api_nhg.nexthop_num;
2829 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2830 zlog_debug("nhg %u vtep %pI4 l3-svi %d", api_nhg.id,
2831 &es_vtep->vtep_ip,
2832 es_vrf->bgp_vrf->l3vni_svi_ifindex);
2833
2834 frrtrace(3, frr_bgp, evpn_mh_nh_zsend, nhg_id, es_vtep, es_vrf);
2835 }
2836
2837 if (!api_nhg.nexthop_num)
2838 return;
2839
2840 zclient_nhg_send(zclient, ZEBRA_NHG_ADD, &api_nhg);
2841 }
2842
2843 static bool bgp_evpn_l3nhg_zebra_ok(struct bgp_evpn_es_vrf *es_vrf)
2844 {
2845 if (!bgp_mh_info->host_routes_use_l3nhg)
2846 return false;
2847
2848 /* Check socket. */
2849 if (!zclient || zclient->sock < 0)
2850 return false;
2851
2852 return true;
2853 }
2854
2855 static void bgp_evpn_l3nhg_zebra_add(struct bgp_evpn_es_vrf *es_vrf)
2856 {
2857 if (!bgp_evpn_l3nhg_zebra_ok(es_vrf))
2858 return;
2859
2860 bgp_evpn_l3nhg_zebra_add_v4_or_v6(es_vrf, true /*v4_nhg*/);
2861 bgp_evpn_l3nhg_zebra_add_v4_or_v6(es_vrf, false /*v4_nhg*/);
2862 }
2863
2864 static void bgp_evpn_l3nhg_zebra_del_v4_or_v6(struct bgp_evpn_es_vrf *es_vrf,
2865 bool v4_nhg)
2866 {
2867 struct zapi_nhg api_nhg = {};
2868
2869 api_nhg.id = v4_nhg ? es_vrf->nhg_id : es_vrf->v6_nhg_id;
2870
2871 /* Skip installation of L3-NHG if host routes used */
2872 if (!api_nhg.id)
2873 return;
2874
2875 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2876 zlog_debug("es %s vrf %u %s nhg %u to zebra",
2877 es_vrf->es->esi_str, es_vrf->bgp_vrf->vrf_id,
2878 v4_nhg ? "v4_nhg" : "v6_nhg", api_nhg.id);
2879
2880
2881 frrtrace(4, frr_bgp, evpn_mh_nhg_zsend, false, v4_nhg, api_nhg.id,
2882 es_vrf);
2883
2884 zclient_nhg_send(zclient, ZEBRA_NHG_DEL, &api_nhg);
2885 }
2886
2887 static void bgp_evpn_l3nhg_zebra_del(struct bgp_evpn_es_vrf *es_vrf)
2888 {
2889 if (!bgp_evpn_l3nhg_zebra_ok(es_vrf))
2890 return;
2891
2892 bgp_evpn_l3nhg_zebra_del_v4_or_v6(es_vrf, true /*v4_nhg*/);
2893 bgp_evpn_l3nhg_zebra_del_v4_or_v6(es_vrf, false /*v4_nhg*/);
2894 }
2895
2896 static void bgp_evpn_l3nhg_deactivate(struct bgp_evpn_es_vrf *es_vrf)
2897 {
2898 if (!(es_vrf->flags & BGP_EVPNES_VRF_NHG_ACTIVE))
2899 return;
2900
2901 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2902 zlog_debug("es %s vrf %u nhg %u de-activate",
2903 es_vrf->es->esi_str, es_vrf->bgp_vrf->vrf_id,
2904 es_vrf->nhg_id);
2905 bgp_evpn_l3nhg_zebra_del(es_vrf);
2906 es_vrf->flags &= ~BGP_EVPNES_VRF_NHG_ACTIVE;
2907 /* MAC-IPs can now be installed via the L3NHG */
2908 bgp_evpn_es_path_update_on_es_vrf_chg(es_vrf, "l3nhg-deactivate");
2909 }
2910
2911 static void bgp_evpn_l3nhg_activate(struct bgp_evpn_es_vrf *es_vrf, bool update)
2912 {
2913 if (!bgp_evpn_es_get_active_vtep_cnt(es_vrf->es)) {
2914 bgp_evpn_l3nhg_deactivate(es_vrf);
2915 return;
2916 }
2917
2918 if (es_vrf->flags & BGP_EVPNES_VRF_NHG_ACTIVE) {
2919 if (!update)
2920 return;
2921 } else {
2922 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2923 zlog_debug("es %s vrf %u nhg %u activate",
2924 es_vrf->es->esi_str, es_vrf->bgp_vrf->vrf_id,
2925 es_vrf->nhg_id);
2926 es_vrf->flags |= BGP_EVPNES_VRF_NHG_ACTIVE;
2927 /* MAC-IPs can now be installed via the L3NHG */
2928 bgp_evpn_es_path_update_on_es_vrf_chg(es_vrf, "l3nhg_activate");
2929 }
2930
2931 bgp_evpn_l3nhg_zebra_add(es_vrf);
2932 }
2933
2934 /* when a VTEP is activated or de-activated against an ES associated
2935 * VRFs' NHG needs to be updated
2936 */
2937 static void bgp_evpn_l3nhg_update_on_vtep_chg(struct bgp_evpn_es *es)
2938 {
2939 struct bgp_evpn_es_vrf *es_vrf;
2940 struct listnode *es_vrf_node;
2941
2942 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2943 zlog_debug("es %s nhg update on vtep chg", es->esi_str);
2944
2945 for (ALL_LIST_ELEMENTS_RO(es->es_vrf_list, es_vrf_node, es_vrf))
2946 bgp_evpn_l3nhg_activate(es_vrf, true /* update */);
2947 }
2948
2949 /* compare ES-IDs for the ES-VRF RB tree maintained per-VRF */
2950 static int bgp_es_vrf_rb_cmp(const struct bgp_evpn_es_vrf *es_vrf1,
2951 const struct bgp_evpn_es_vrf *es_vrf2)
2952 {
2953 return memcmp(&es_vrf1->es->esi, &es_vrf2->es->esi, ESI_BYTES);
2954 }
2955 RB_GENERATE(bgp_es_vrf_rb_head, bgp_evpn_es_vrf, rb_node, bgp_es_vrf_rb_cmp);
2956
2957 /* Initialize the ES tables maintained per-tenant vrf */
2958 void bgp_evpn_vrf_es_init(struct bgp *bgp_vrf)
2959 {
2960 /* Initialize the ES-VRF RB tree */
2961 RB_INIT(bgp_es_vrf_rb_head, &bgp_vrf->es_vrf_rb_tree);
2962 }
2963
2964 /* find the ES-VRF in the per-VRF RB tree */
2965 static struct bgp_evpn_es_vrf *bgp_evpn_es_vrf_find(struct bgp_evpn_es *es,
2966 struct bgp *bgp_vrf)
2967 {
2968 struct bgp_evpn_es_vrf es_vrf;
2969
2970 es_vrf.es = es;
2971
2972 return RB_FIND(bgp_es_vrf_rb_head, &bgp_vrf->es_vrf_rb_tree, &es_vrf);
2973 }
2974
2975 /* allocate a new ES-VRF and setup L3NHG for it */
2976 static struct bgp_evpn_es_vrf *bgp_evpn_es_vrf_create(struct bgp_evpn_es *es,
2977 struct bgp *bgp_vrf)
2978 {
2979 struct bgp_evpn_es_vrf *es_vrf;
2980
2981 es_vrf = XCALLOC(MTYPE_BGP_EVPN_ES_VRF, sizeof(*es_vrf));
2982
2983 es_vrf->es = es;
2984 es_vrf->bgp_vrf = bgp_vrf;
2985
2986 /* insert into the VRF-ESI rb tree */
2987 RB_INSERT(bgp_es_vrf_rb_head, &bgp_vrf->es_vrf_rb_tree, es_vrf);
2988
2989 /* add to the ES's VRF list */
2990 listnode_init(&es_vrf->es_listnode, es_vrf);
2991 listnode_add(es->es_vrf_list, &es_vrf->es_listnode);
2992
2993 /* setup the L3 NHG id for the ES */
2994 es_vrf->nhg_id = bgp_l3nhg_id_alloc();
2995 es_vrf->v6_nhg_id = bgp_l3nhg_id_alloc();
2996
2997 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
2998 zlog_debug("es %s vrf %u nhg %u v6_nhg %d create", es->esi_str,
2999 bgp_vrf->vrf_id, es_vrf->nhg_id, es_vrf->v6_nhg_id);
3000 bgp_evpn_l3nhg_activate(es_vrf, false /* update */);
3001
3002 /* update paths in the VRF that may already be associated with
3003 * this destination ES
3004 */
3005 bgp_evpn_es_path_update_on_es_vrf_chg(es_vrf, "es-vrf-create");
3006
3007 return es_vrf;
3008 }
3009
3010 /* remove the L3-NHG associated with the ES-VRF and free it */
3011 static void bgp_evpn_es_vrf_delete(struct bgp_evpn_es_vrf *es_vrf)
3012 {
3013 struct bgp_evpn_es *es = es_vrf->es;
3014 struct bgp *bgp_vrf = es_vrf->bgp_vrf;
3015
3016 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3017 zlog_debug("es %s vrf %u nhg %u delete", es->esi_str,
3018 bgp_vrf->vrf_id, es_vrf->nhg_id);
3019
3020 /* Remove the NHG resources */
3021 bgp_evpn_l3nhg_deactivate(es_vrf);
3022 if (es_vrf->nhg_id)
3023 bgp_l3nhg_id_free(es_vrf->nhg_id);
3024 es_vrf->nhg_id = 0;
3025 if (es_vrf->v6_nhg_id)
3026 bgp_l3nhg_id_free(es_vrf->v6_nhg_id);
3027 es_vrf->v6_nhg_id = 0;
3028
3029 /* remove from the ES's VRF list */
3030 list_delete_node(es->es_vrf_list, &es_vrf->es_listnode);
3031
3032 /* remove from the VRF-ESI rb tree */
3033 RB_REMOVE(bgp_es_vrf_rb_head, &bgp_vrf->es_vrf_rb_tree, es_vrf);
3034
3035 /* update paths in the VRF that may already be associated with
3036 * this destination ES
3037 */
3038 bgp_evpn_es_path_update_on_es_vrf_chg(es_vrf, "es-vrf-delete");
3039
3040 XFREE(MTYPE_BGP_EVPN_ES_VRF, es_vrf);
3041 }
3042
3043 /* deref and delete if there are no references */
3044 void bgp_evpn_es_vrf_deref(struct bgp_evpn_es_evi *es_evi)
3045 {
3046 struct bgp_evpn_es_vrf *es_vrf = es_evi->es_vrf;
3047
3048 if (!es_vrf)
3049 return;
3050
3051 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3052 zlog_debug("es-evi %s vni %u vrf %u de-ref",
3053 es_evi->es->esi_str, es_evi->vpn->vni,
3054 es_vrf->bgp_vrf->vrf_id);
3055
3056 es_evi->es_vrf = NULL;
3057 if (es_vrf->ref_cnt)
3058 --es_vrf->ref_cnt;
3059
3060 if (!es_vrf->ref_cnt)
3061 bgp_evpn_es_vrf_delete(es_vrf);
3062 }
3063
3064 /* find or create and reference */
3065 void bgp_evpn_es_vrf_ref(struct bgp_evpn_es_evi *es_evi, struct bgp *bgp_vrf)
3066 {
3067 struct bgp_evpn_es *es = es_evi->es;
3068 struct bgp_evpn_es_vrf *es_vrf = es_evi->es_vrf;
3069 struct bgp *old_bgp_vrf = NULL;
3070
3071 if (es_vrf)
3072 old_bgp_vrf = es_vrf->bgp_vrf;
3073
3074 if (old_bgp_vrf == bgp_vrf)
3075 return;
3076
3077 /* deref the old ES-VRF */
3078 bgp_evpn_es_vrf_deref(es_evi);
3079
3080 if (!bgp_vrf)
3081 return;
3082
3083 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3084 zlog_debug("es-evi %s vni %u vrf %u ref", es_evi->es->esi_str,
3085 es_evi->vpn->vni, bgp_vrf->vrf_id);
3086
3087 /* find-create the new ES-VRF */
3088 es_vrf = bgp_evpn_es_vrf_find(es, bgp_vrf);
3089 if (!es_vrf)
3090 es_vrf = bgp_evpn_es_vrf_create(es, bgp_vrf);
3091
3092 es_evi->es_vrf = es_vrf;
3093 ++es_vrf->ref_cnt;
3094 }
3095
3096 /* When the L2-VNI is associated with a L3-VNI/VRF update all the
3097 * associated ES-EVI entries
3098 */
3099 void bgp_evpn_es_evi_vrf_deref(struct bgpevpn *vpn)
3100 {
3101 struct bgp_evpn_es_evi *es_evi;
3102
3103 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3104 zlog_debug("es-vrf de-ref for vni %u", vpn->vni);
3105
3106 RB_FOREACH (es_evi, bgp_es_evi_rb_head, &vpn->es_evi_rb_tree)
3107 bgp_evpn_es_vrf_deref(es_evi);
3108 }
3109 void bgp_evpn_es_evi_vrf_ref(struct bgpevpn *vpn)
3110 {
3111 struct bgp_evpn_es_evi *es_evi;
3112
3113 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3114 zlog_debug("es-vrf ref for vni %u", vpn->vni);
3115
3116 RB_FOREACH (es_evi, bgp_es_evi_rb_head, &vpn->es_evi_rb_tree)
3117 bgp_evpn_es_vrf_ref(es_evi, vpn->bgp_vrf);
3118 }
3119
3120 /* 1. If ES-VRF is not present install the host route with the exploded/flat
3121 * multi-path list.
3122 * 2. If ES-VRF is present -
3123 * - if L3NHG has not been activated for the ES-VRF (this could be because
3124 * all the PEs attached to the VRF are down) do not install the route
3125 * in zebra.
3126 * - if L3NHG has been activated install the route via that L3NHG
3127 */
3128 void bgp_evpn_es_vrf_use_nhg(struct bgp *bgp_vrf, esi_t *esi, bool *use_l3nhg,
3129 bool *is_l3nhg_active,
3130 struct bgp_evpn_es_vrf **es_vrf_p)
3131 {
3132 struct bgp_evpn_es *es;
3133 struct bgp_evpn_es_vrf *es_vrf;
3134
3135 if (!bgp_mh_info->host_routes_use_l3nhg)
3136 return;
3137
3138 es = bgp_evpn_es_find(esi);
3139 if (!es)
3140 return;
3141
3142 es_vrf = bgp_evpn_es_vrf_find(es, bgp_vrf);
3143 if (!es_vrf)
3144 return;
3145
3146 *use_l3nhg = true;
3147 if (es_vrf->flags & BGP_EVPNES_VRF_NHG_ACTIVE)
3148 *is_l3nhg_active = true;
3149 if (es_vrf_p)
3150 *es_vrf_p = es_vrf;
3151 }
3152
3153 /* returns false if legacy-exploded mp needs to be used for route install */
3154 bool bgp_evpn_path_es_use_nhg(struct bgp *bgp_vrf, struct bgp_path_info *pi,
3155 uint32_t *nhg_p)
3156 {
3157 esi_t *esi;
3158 struct bgp_evpn_es_vrf *es_vrf = NULL;
3159 struct bgp_path_info *parent_pi;
3160 struct bgp_node *rn;
3161 struct prefix_evpn *evp;
3162 struct bgp_path_info *mpinfo;
3163 bool use_l3nhg = false;
3164 bool is_l3nhg_active = false;
3165
3166 *nhg_p = 0;
3167
3168 /* we don't support NHG for routes leaked from another VRF yet */
3169 if (pi->extra && pi->extra->bgp_orig)
3170 return false;
3171
3172 parent_pi = get_route_parent_evpn(pi);
3173 if (!parent_pi)
3174 return false;
3175
3176 rn = parent_pi->net;
3177 if (!rn)
3178 return false;
3179
3180 evp = (struct prefix_evpn *)&rn->p;
3181 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
3182 return false;
3183
3184 /* non-es path, use legacy-exploded multipath */
3185 esi = bgp_evpn_attr_get_esi(parent_pi->attr);
3186 if (!memcmp(esi, zero_esi, sizeof(*esi)))
3187 return false;
3188
3189 bgp_evpn_es_vrf_use_nhg(bgp_vrf, esi, &use_l3nhg, &is_l3nhg_active,
3190 &es_vrf);
3191
3192 /* L3NHG support is disabled, use legacy-exploded multipath */
3193 if (!use_l3nhg)
3194 return false;
3195
3196 /* if the NHG has not been installed we cannot install the route yet,
3197 * return a 0-NHG to indicate that
3198 */
3199 if (!is_l3nhg_active)
3200 return true;
3201
3202 /* this needs to be set the v6NHG if v6route */
3203 if (is_evpn_prefix_ipaddr_v6(evp))
3204 *nhg_p = es_vrf->v6_nhg_id;
3205 else
3206 *nhg_p = es_vrf->nhg_id;
3207
3208 for (mpinfo = bgp_path_info_mpath_next(pi); mpinfo;
3209 mpinfo = bgp_path_info_mpath_next(mpinfo)) {
3210 /* if any of the paths have a different ESI we can't use
3211 * the NHG associated with the ES. fallback to legacy-exploded
3212 * multipath
3213 */
3214 if (memcmp(esi, bgp_evpn_attr_get_esi(mpinfo->attr),
3215 sizeof(*esi)))
3216 return false;
3217 }
3218
3219 return true;
3220 }
3221
3222 static void bgp_evpn_es_vrf_show_entry(struct vty *vty,
3223 struct bgp_evpn_es_vrf *es_vrf,
3224 json_object *json)
3225 {
3226 struct bgp_evpn_es *es = es_vrf->es;
3227 struct bgp *bgp_vrf = es_vrf->bgp_vrf;
3228
3229 if (json) {
3230 json_object *json_types;
3231
3232 json_object_string_add(json, "esi", es->esi_str);
3233 json_object_string_add(json, "vrf", bgp_vrf->name_pretty);
3234
3235 if (es_vrf->flags & (BGP_EVPNES_VRF_NHG_ACTIVE)) {
3236 json_types = json_object_new_array();
3237 if (es_vrf->flags & BGP_EVPNES_VRF_NHG_ACTIVE)
3238 json_array_string_add(json_types, "active");
3239 json_object_object_add(json, "flags", json_types);
3240 }
3241
3242 json_object_int_add(json, "ipv4NHG", es_vrf->nhg_id);
3243 json_object_int_add(json, "ipv6NHG", es_vrf->v6_nhg_id);
3244 json_object_int_add(json, "refCount", es_vrf->ref_cnt);
3245 } else {
3246 char flags_str[4];
3247
3248 flags_str[0] = '\0';
3249 if (es_vrf->flags & BGP_EVPNES_VRF_NHG_ACTIVE)
3250 strlcat(flags_str, "A", sizeof(flags_str));
3251
3252 vty_out(vty, "%-30s %-15s %-5s %-8u %-8u %u\n", es->esi_str,
3253 bgp_vrf->name_pretty, flags_str, es_vrf->nhg_id,
3254 es_vrf->v6_nhg_id, es_vrf->ref_cnt);
3255 }
3256 }
3257
3258 static void bgp_evpn_es_vrf_show_es(struct vty *vty, json_object *json_array,
3259 struct bgp_evpn_es *es)
3260 {
3261 json_object *json = NULL;
3262 struct listnode *es_vrf_node;
3263 struct bgp_evpn_es_vrf *es_vrf;
3264
3265 for (ALL_LIST_ELEMENTS_RO(es->es_vrf_list, es_vrf_node, es_vrf)) {
3266 /* create a separate json object for each ES-VRF */
3267 if (json_array)
3268 json = json_object_new_object();
3269 bgp_evpn_es_vrf_show_entry(vty, es_vrf, json);
3270 /* add ES-VRF to the json array */
3271 if (json_array)
3272 json_object_array_add(json_array, json);
3273 }
3274 }
3275
3276 /* Display all ES VRFs */
3277 void bgp_evpn_es_vrf_show(struct vty *vty, bool uj, struct bgp_evpn_es *es)
3278 {
3279 json_object *json_array = NULL;
3280
3281 if (uj) {
3282 /* create an array of ESs */
3283 json_array = json_object_new_array();
3284 } else {
3285 vty_out(vty, "ES-VRF Flags: A Active\n");
3286 vty_out(vty, "%-30s %-15s %-5s %-8s %-8s %s\n", "ESI", "VRF",
3287 "Flags", "IPv4-NHG", "IPv6-NHG", "Ref");
3288 }
3289
3290 if (es) {
3291 bgp_evpn_es_vrf_show_es(vty, json_array, es);
3292 } else {
3293 RB_FOREACH (es, bgp_es_rb_head, &bgp_mh_info->es_rb_tree)
3294 bgp_evpn_es_vrf_show_es(vty, json_array, es);
3295 }
3296
3297 /* print the array of json-ESs */
3298 if (uj)
3299 vty_json(vty, json_array);
3300 }
3301
3302 /* Display specific ES VRF */
3303 void bgp_evpn_es_vrf_show_esi(struct vty *vty, esi_t *esi, bool uj)
3304 {
3305 struct bgp_evpn_es *es;
3306
3307 es = bgp_evpn_es_find(esi);
3308 if (es) {
3309 bgp_evpn_es_vrf_show(vty, uj, es);
3310 } else {
3311 if (!uj)
3312 vty_out(vty, "ESI not found\n");
3313 }
3314 }
3315
3316 /*****************************************************************************/
3317 /* Ethernet Segment to EVI association -
3318 * 1. The ES-EVI entry is maintained as a RB tree per L2-VNI
3319 * (bgpevpn->es_evi_rb_tree).
3320 * 2. Each local ES-EVI entry is rxed from zebra and then used by BGP to
3321 * advertises an EAD-EVI (Type-1 EVPN) route
3322 * 3. The remote ES-EVI is created when a bgp_evpn_es_evi_vtep references
3323 * it.
3324 */
3325
3326 /* A list of remote VTEPs is maintained for each ES-EVI. This list includes -
3327 * 1. VTEPs for which we have imported the EAD-per-ES Type1 route
3328 * 2. VTEPs for which we have imported the EAD-per-EVI Type1 route
3329 * VTEPs for which both routes have been rxed are activated. Activation
3330 * creates a NHG in the parent ES.
3331 */
3332 static int bgp_evpn_es_evi_vtep_cmp(void *p1, void *p2)
3333 {
3334 const struct bgp_evpn_es_evi_vtep *evi_vtep1 = p1;
3335 const struct bgp_evpn_es_evi_vtep *evi_vtep2 = p2;
3336
3337 return evi_vtep1->vtep_ip.s_addr - evi_vtep2->vtep_ip.s_addr;
3338 }
3339
3340 static struct bgp_evpn_es_evi_vtep *bgp_evpn_es_evi_vtep_new(
3341 struct bgp_evpn_es_evi *es_evi, struct in_addr vtep_ip)
3342 {
3343 struct bgp_evpn_es_evi_vtep *evi_vtep;
3344
3345 evi_vtep = XCALLOC(MTYPE_BGP_EVPN_ES_EVI_VTEP, sizeof(*evi_vtep));
3346
3347 evi_vtep->es_evi = es_evi;
3348 evi_vtep->vtep_ip.s_addr = vtep_ip.s_addr;
3349 listnode_init(&evi_vtep->es_evi_listnode, evi_vtep);
3350 listnode_add_sort(es_evi->es_evi_vtep_list, &evi_vtep->es_evi_listnode);
3351
3352 return evi_vtep;
3353 }
3354
3355 static void bgp_evpn_es_evi_vtep_free(struct bgp_evpn_es_evi_vtep *evi_vtep)
3356 {
3357 struct bgp_evpn_es_evi *es_evi = evi_vtep->es_evi;
3358
3359 if (evi_vtep->flags & (BGP_EVPN_EVI_VTEP_EAD))
3360 /* as long as there is some reference we can't free it */
3361 return;
3362
3363 list_delete_node(es_evi->es_evi_vtep_list, &evi_vtep->es_evi_listnode);
3364 XFREE(MTYPE_BGP_EVPN_ES_EVI_VTEP, evi_vtep);
3365 }
3366
3367 /* check if VTEP is already part of the list */
3368 static struct bgp_evpn_es_evi_vtep *bgp_evpn_es_evi_vtep_find(
3369 struct bgp_evpn_es_evi *es_evi, struct in_addr vtep_ip)
3370 {
3371 struct listnode *node = NULL;
3372 struct bgp_evpn_es_evi_vtep *evi_vtep;
3373
3374 for (ALL_LIST_ELEMENTS_RO(es_evi->es_evi_vtep_list, node, evi_vtep)) {
3375 if (evi_vtep->vtep_ip.s_addr == vtep_ip.s_addr)
3376 return evi_vtep;
3377 }
3378 return NULL;
3379 }
3380
3381 /* A VTEP can be added as "active" attach to an ES if EAD-per-ES and
3382 * EAD-per-EVI routes are rxed from it.
3383 */
3384 static void bgp_evpn_es_evi_vtep_re_eval_active(struct bgp *bgp,
3385 struct bgp_evpn_es_evi_vtep *evi_vtep)
3386 {
3387 bool old_active;
3388 bool new_active;
3389 uint32_t ead_activity_flags;
3390
3391 old_active = CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);
3392
3393 if (bgp_mh_info->ead_evi_rx)
3394 /* Both EAD-per-ES and EAD-per-EVI routes must be rxed from a PE
3395 * before it can be activated.
3396 */
3397 ead_activity_flags = BGP_EVPN_EVI_VTEP_EAD;
3398 else
3399 /* EAD-per-ES is sufficent to activate the PE */
3400 ead_activity_flags = BGP_EVPN_EVI_VTEP_EAD_PER_ES;
3401
3402 if ((evi_vtep->flags & ead_activity_flags) == ead_activity_flags)
3403 SET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);
3404 else
3405 UNSET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);
3406
3407 new_active = CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);
3408
3409 if (old_active == new_active)
3410 return;
3411
3412 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3413 zlog_debug("es %s evi %u vtep %pI4 %s",
3414 evi_vtep->es_evi->es->esi_str,
3415 evi_vtep->es_evi->vpn->vni, &evi_vtep->vtep_ip,
3416 new_active ? "active" : "inactive");
3417
3418 /* add VTEP to parent es */
3419 if (new_active)
3420 evi_vtep->es_vtep = bgp_evpn_es_vtep_add(
3421 bgp, evi_vtep->es_evi->es, evi_vtep->vtep_ip,
3422 false /*esr*/, 0, 0);
3423 else {
3424 if (evi_vtep->es_vtep) {
3425 bgp_evpn_es_vtep_do_del(bgp, evi_vtep->es_vtep,
3426 false /*esr*/);
3427 evi_vtep->es_vtep = NULL;
3428 }
3429 }
3430 /* queue up the parent es for background consistency checks */
3431 bgp_evpn_es_cons_checks_pend_add(evi_vtep->es_evi->es);
3432 }
3433
3434 static void bgp_evpn_es_evi_vtep_add(struct bgp *bgp,
3435 struct bgp_evpn_es_evi *es_evi, struct in_addr vtep_ip,
3436 bool ead_es)
3437 {
3438 struct bgp_evpn_es_evi_vtep *evi_vtep;
3439
3440 evi_vtep = bgp_evpn_es_evi_vtep_find(es_evi, vtep_ip);
3441
3442 if (!evi_vtep)
3443 evi_vtep = bgp_evpn_es_evi_vtep_new(es_evi, vtep_ip);
3444
3445 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3446 zlog_debug("add es %s evi %u vtep %pI4 %s",
3447 evi_vtep->es_evi->es->esi_str,
3448 evi_vtep->es_evi->vpn->vni, &evi_vtep->vtep_ip,
3449 ead_es ? "ead_es" : "ead_evi");
3450
3451 if (ead_es)
3452 SET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_EAD_PER_ES);
3453 else
3454 SET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_EAD_PER_EVI);
3455
3456 bgp_evpn_es_evi_vtep_re_eval_active(bgp, evi_vtep);
3457 }
3458
3459 static void bgp_evpn_es_evi_vtep_del(struct bgp *bgp,
3460 struct bgp_evpn_es_evi *es_evi, struct in_addr vtep_ip,
3461 bool ead_es)
3462 {
3463 struct bgp_evpn_es_evi_vtep *evi_vtep;
3464
3465 evi_vtep = bgp_evpn_es_evi_vtep_find(es_evi, vtep_ip);
3466 if (!evi_vtep)
3467 return;
3468
3469 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3470 zlog_debug("del es %s evi %u vtep %pI4 %s",
3471 evi_vtep->es_evi->es->esi_str,
3472 evi_vtep->es_evi->vpn->vni, &evi_vtep->vtep_ip,
3473 ead_es ? "ead_es" : "ead_evi");
3474
3475 if (ead_es)
3476 UNSET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_EAD_PER_ES);
3477 else
3478 UNSET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_EAD_PER_EVI);
3479
3480 bgp_evpn_es_evi_vtep_re_eval_active(bgp, evi_vtep);
3481 bgp_evpn_es_evi_vtep_free(evi_vtep);
3482 }
3483
3484 /* compare ES-IDs for the ES-EVI RB tree maintained per-VNI */
3485 static int bgp_es_evi_rb_cmp(const struct bgp_evpn_es_evi *es_evi1,
3486 const struct bgp_evpn_es_evi *es_evi2)
3487 {
3488 return memcmp(&es_evi1->es->esi, &es_evi2->es->esi, ESI_BYTES);
3489 }
3490 RB_GENERATE(bgp_es_evi_rb_head, bgp_evpn_es_evi, rb_node, bgp_es_evi_rb_cmp);
3491
3492 /* find the ES-EVI in the per-L2-VNI RB tree */
3493 static struct bgp_evpn_es_evi *bgp_evpn_es_evi_find(struct bgp_evpn_es *es,
3494 struct bgpevpn *vpn)
3495 {
3496 struct bgp_evpn_es_evi es_evi;
3497
3498 es_evi.es = es;
3499
3500 return RB_FIND(bgp_es_evi_rb_head, &vpn->es_evi_rb_tree, &es_evi);
3501 }
3502
3503 /* allocate a new ES-EVI and insert it into the per-L2-VNI and per-ES
3504 * tables.
3505 */
3506 static struct bgp_evpn_es_evi *bgp_evpn_es_evi_new(struct bgp_evpn_es *es,
3507 struct bgpevpn *vpn)
3508 {
3509 struct bgp_evpn_es_evi *es_evi;
3510
3511 es_evi = XCALLOC(MTYPE_BGP_EVPN_ES_EVI, sizeof(*es_evi));
3512
3513 es_evi->es = es;
3514 es_evi->vpn = vpn;
3515
3516 /* Initialise the VTEP list */
3517 es_evi->es_evi_vtep_list = list_new();
3518 listset_app_node_mem(es_evi->es_evi_vtep_list);
3519 es_evi->es_evi_vtep_list->cmp = bgp_evpn_es_evi_vtep_cmp;
3520
3521 /* insert into the VNI-ESI rb tree */
3522 RB_INSERT(bgp_es_evi_rb_head, &vpn->es_evi_rb_tree, es_evi);
3523
3524 /* add to the ES's VNI list */
3525 listnode_init(&es_evi->es_listnode, es_evi);
3526 listnode_add(es->es_evi_list, &es_evi->es_listnode);
3527
3528 bgp_evpn_es_vrf_ref(es_evi, vpn->bgp_vrf);
3529
3530 return es_evi;
3531 }
3532
3533 /* remove the ES-EVI from the per-L2-VNI and per-ES tables and free
3534 * up the memory.
3535 */
3536 static struct bgp_evpn_es_evi *
3537 bgp_evpn_es_evi_free(struct bgp_evpn_es_evi *es_evi)
3538 {
3539 struct bgp_evpn_es *es = es_evi->es;
3540 struct bgpevpn *vpn = es_evi->vpn;
3541
3542 /* cannot free the element as long as there is a local or remote
3543 * reference
3544 */
3545 if (es_evi->flags & (BGP_EVPNES_EVI_LOCAL | BGP_EVPNES_EVI_REMOTE))
3546 return es_evi;
3547 bgp_evpn_es_frag_evi_del(es_evi, false);
3548 bgp_evpn_es_vrf_deref(es_evi);
3549
3550 /* remove from the ES's VNI list */
3551 list_delete_node(es->es_evi_list, &es_evi->es_listnode);
3552
3553 /* remove from the VNI-ESI rb tree */
3554 RB_REMOVE(bgp_es_evi_rb_head, &vpn->es_evi_rb_tree, es_evi);
3555
3556 /* free the VTEP list */
3557 list_delete(&es_evi->es_evi_vtep_list);
3558
3559 /* remove from the VNI-ESI rb tree */
3560 XFREE(MTYPE_BGP_EVPN_ES_EVI, es_evi);
3561
3562 return NULL;
3563 }
3564
3565 /* init local info associated with the ES-EVI */
3566 static void bgp_evpn_es_evi_local_info_set(struct bgp_evpn_es_evi *es_evi)
3567 {
3568 struct bgpevpn *vpn = es_evi->vpn;
3569
3570 if (CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL))
3571 return;
3572
3573 SET_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL);
3574 listnode_init(&es_evi->l2vni_listnode, es_evi);
3575 listnode_add(vpn->local_es_evi_list, &es_evi->l2vni_listnode);
3576 bgp_evpn_es_frag_evi_add(es_evi);
3577 }
3578
3579 /* clear any local info associated with the ES-EVI */
3580 static struct bgp_evpn_es_evi *
3581 bgp_evpn_es_evi_local_info_clear(struct bgp_evpn_es_evi *es_evi)
3582 {
3583 struct bgpevpn *vpn = es_evi->vpn;
3584
3585 UNSET_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL);
3586 list_delete_node(vpn->local_es_evi_list, &es_evi->l2vni_listnode);
3587
3588 return bgp_evpn_es_evi_free(es_evi);
3589 }
3590
3591 /* eval remote info associated with the ES */
3592 static void bgp_evpn_es_evi_remote_info_re_eval(struct bgp_evpn_es_evi *es_evi)
3593 {
3594 struct bgp_evpn_es *es = es_evi->es;
3595
3596 /* if there are remote VTEPs the ES-EVI is classified as "remote" */
3597 if (listcount(es_evi->es_evi_vtep_list)) {
3598 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_REMOTE)) {
3599 SET_FLAG(es_evi->flags, BGP_EVPNES_EVI_REMOTE);
3600 ++es->remote_es_evi_cnt;
3601 /* set remote on the parent es */
3602 bgp_evpn_es_remote_info_re_eval(es);
3603 }
3604 } else {
3605 if (CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_REMOTE)) {
3606 UNSET_FLAG(es_evi->flags, BGP_EVPNES_EVI_REMOTE);
3607 if (es->remote_es_evi_cnt)
3608 --es->remote_es_evi_cnt;
3609 bgp_evpn_es_evi_free(es_evi);
3610 /* check if "remote" can be cleared from the
3611 * parent es.
3612 */
3613 bgp_evpn_es_remote_info_re_eval(es);
3614 }
3615 }
3616 }
3617
3618 static struct bgp_evpn_es_evi *
3619 bgp_evpn_local_es_evi_do_del(struct bgp_evpn_es_evi *es_evi)
3620 {
3621 struct prefix_evpn p;
3622 struct bgp_evpn_es *es = es_evi->es;
3623 struct bgp *bgp;
3624
3625 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL))
3626 return es_evi;
3627
3628 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3629 zlog_debug("del local es %s evi %u",
3630 es_evi->es->esi_str,
3631 es_evi->vpn->vni);
3632
3633 bgp = bgp_get_evpn();
3634
3635 /* remove the es_evi from the es_frag before sending the update */
3636 bgp_evpn_es_frag_evi_del(es_evi, true);
3637 if (bgp) {
3638 /* update EAD-ES with new list of VNIs */
3639 if (bgp_evpn_local_es_is_active(es))
3640 bgp_evpn_ead_es_route_update(bgp, es);
3641
3642 /* withdraw and delete EAD-EVI */
3643 if (CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI)) {
3644 build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG,
3645 &es->esi, es->originator_ip);
3646 if (bgp_evpn_ead_evi_route_delete(bgp, es, es_evi->vpn,
3647 &p))
3648 flog_err(EC_BGP_EVPN_ROUTE_DELETE,
3649 "%u: EAD-EVI route deletion failure for ESI %s VNI %u",
3650 bgp->vrf_id, es->esi_str,
3651 es_evi->vpn->vni);
3652 }
3653 }
3654
3655 return bgp_evpn_es_evi_local_info_clear(es_evi);
3656 }
3657
3658 int bgp_evpn_local_es_evi_del(struct bgp *bgp, esi_t *esi, vni_t vni)
3659 {
3660 struct bgpevpn *vpn;
3661 struct bgp_evpn_es *es;
3662 struct bgp_evpn_es_evi *es_evi;
3663 char buf[ESI_STR_LEN];
3664
3665 es = bgp_evpn_es_find(esi);
3666 if (!es) {
3667 flog_err(
3668 EC_BGP_ES_CREATE,
3669 "%u: Failed to deref VNI %d from ESI %s; ES not present",
3670 bgp->vrf_id, vni,
3671 esi_to_str(esi, buf, sizeof(buf)));
3672 return -1;
3673 }
3674
3675 vpn = bgp_evpn_lookup_vni(bgp, vni);
3676 if (!vpn) {
3677 flog_err(
3678 EC_BGP_ES_CREATE,
3679 "%u: Failed to deref VNI %d from ESI %s; VNI not present",
3680 bgp->vrf_id, vni, es->esi_str);
3681 return -1;
3682 }
3683
3684 es_evi = bgp_evpn_es_evi_find(es, vpn);
3685 if (!es_evi) {
3686 flog_err(
3687 EC_BGP_ES_CREATE,
3688 "%u: Failed to deref VNI %d from ESI %s; ES-VNI not present",
3689 bgp->vrf_id, vni, es->esi_str);
3690 return -1;
3691 }
3692
3693 bgp_evpn_local_es_evi_do_del(es_evi);
3694 return 0;
3695 }
3696
3697 /* Create ES-EVI and advertise the corresponding EAD routes */
3698 int bgp_evpn_local_es_evi_add(struct bgp *bgp, esi_t *esi, vni_t vni)
3699 {
3700 struct bgpevpn *vpn;
3701 struct prefix_evpn p;
3702 struct bgp_evpn_es *es;
3703 struct bgp_evpn_es_evi *es_evi;
3704 char buf[ESI_STR_LEN];
3705
3706 es = bgp_evpn_es_find(esi);
3707 if (!es) {
3708 flog_err(
3709 EC_BGP_ES_CREATE,
3710 "%u: Failed to associate VNI %d with ESI %s; ES not present",
3711 bgp->vrf_id, vni,
3712 esi_to_str(esi, buf, sizeof(buf)));
3713 return -1;
3714 }
3715
3716 vpn = bgp_evpn_lookup_vni(bgp, vni);
3717 if (!vpn) {
3718 flog_err(
3719 EC_BGP_ES_CREATE,
3720 "%u: Failed to associate VNI %d with ESI %s; VNI not present",
3721 bgp->vrf_id, vni, es->esi_str);
3722 return -1;
3723 }
3724
3725 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3726 zlog_debug("add local es %s evi %u",
3727 es->esi_str, vni);
3728
3729 es_evi = bgp_evpn_es_evi_find(es, vpn);
3730
3731 if (es_evi) {
3732 if (CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_LOCAL))
3733 /* dup */
3734 return 0;
3735 } else
3736 es_evi = bgp_evpn_es_evi_new(es, vpn);
3737
3738 bgp_evpn_es_evi_local_info_set(es_evi);
3739
3740 /* generate an EAD-EVI for this new VNI */
3741 if (CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI)) {
3742 build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG, &es->esi,
3743 es->originator_ip);
3744 bgp_evpn_ead_evi_route_update(bgp, es, vpn, &p);
3745 }
3746
3747 /* update EAD-ES */
3748 if (bgp_evpn_local_es_is_active(es))
3749 bgp_evpn_ead_es_route_update(bgp, es);
3750
3751 return 0;
3752 }
3753
3754 /* Add remote ES-EVI entry. This is actually the remote VTEP add and the
3755 * ES-EVI is implicity created on first VTEP's reference.
3756 */
3757 int bgp_evpn_remote_es_evi_add(struct bgp *bgp, struct bgpevpn *vpn,
3758 const struct prefix_evpn *p)
3759 {
3760 char buf[ESI_STR_LEN];
3761 struct bgp_evpn_es *es;
3762 struct bgp_evpn_es_evi *es_evi;
3763 bool ead_es;
3764 const esi_t *esi = &p->prefix.ead_addr.esi;
3765
3766 if (!vpn)
3767 /* local EAD-ES need not be sent back to zebra */
3768 return 0;
3769
3770 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3771 zlog_debug("add remote %s es %s evi %u vtep %pI4",
3772 p->prefix.ead_addr.eth_tag ? "ead-es" : "ead-evi",
3773 esi_to_str(esi, buf, sizeof(buf)), vpn->vni,
3774 &p->prefix.ead_addr.ip.ipaddr_v4);
3775
3776 es = bgp_evpn_es_find(esi);
3777 if (!es)
3778 es = bgp_evpn_es_new(bgp, esi);
3779
3780 es_evi = bgp_evpn_es_evi_find(es, vpn);
3781 if (!es_evi)
3782 es_evi = bgp_evpn_es_evi_new(es, vpn);
3783
3784 ead_es = !!p->prefix.ead_addr.eth_tag;
3785 bgp_evpn_es_evi_vtep_add(bgp, es_evi, p->prefix.ead_addr.ip.ipaddr_v4,
3786 ead_es);
3787
3788 bgp_evpn_es_evi_remote_info_re_eval(es_evi);
3789 return 0;
3790 }
3791
3792 /* A remote VTEP has withdrawn. The es-evi-vtep will be deleted and the
3793 * parent es-evi freed up implicitly in last VTEP's deref.
3794 */
3795 int bgp_evpn_remote_es_evi_del(struct bgp *bgp, struct bgpevpn *vpn,
3796 const struct prefix_evpn *p)
3797 {
3798 char buf[ESI_STR_LEN];
3799 struct bgp_evpn_es *es;
3800 struct bgp_evpn_es_evi *es_evi;
3801 bool ead_es;
3802
3803 if (!vpn)
3804 /* local EAD-ES need not be sent back to zebra */
3805 return 0;
3806
3807 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3808 zlog_debug(
3809 "del remote %s es %s evi %u vtep %pI4",
3810 p->prefix.ead_addr.eth_tag ? "ead-es" : "ead-evi",
3811 esi_to_str(&p->prefix.ead_addr.esi, buf, sizeof(buf)),
3812 vpn->vni, &p->prefix.ead_addr.ip.ipaddr_v4);
3813
3814 es = bgp_evpn_es_find(&p->prefix.ead_addr.esi);
3815 if (!es) {
3816 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3817 zlog_debug(
3818 "del remote %s es %s evi %u vtep %pI4, NO es",
3819 p->prefix.ead_addr.eth_tag ? "ead-es"
3820 : "ead-evi",
3821 esi_to_str(&p->prefix.ead_addr.esi, buf,
3822 sizeof(buf)),
3823 vpn->vni, &p->prefix.ead_addr.ip.ipaddr_v4);
3824 return 0;
3825 }
3826 es_evi = bgp_evpn_es_evi_find(es, vpn);
3827 if (!es_evi) {
3828 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
3829 zlog_debug(
3830 "del remote %s es %s evi %u vtep %pI4, NO es-evi",
3831 p->prefix.ead_addr.eth_tag ? "ead-es"
3832 : "ead-evi",
3833 esi_to_str(&p->prefix.ead_addr.esi, buf,
3834 sizeof(buf)),
3835 vpn->vni,
3836 &p->prefix.ead_addr.ip.ipaddr_v4);
3837 return 0;
3838 }
3839
3840 ead_es = !!p->prefix.ead_addr.eth_tag;
3841 bgp_evpn_es_evi_vtep_del(bgp, es_evi, p->prefix.ead_addr.ip.ipaddr_v4,
3842 ead_es);
3843 bgp_evpn_es_evi_remote_info_re_eval(es_evi);
3844 return 0;
3845 }
3846
3847 /* If a VNI is being deleted we need to force del all remote VTEPs */
3848 static void bgp_evpn_remote_es_evi_flush(struct bgp_evpn_es_evi *es_evi)
3849 {
3850 struct listnode *node = NULL;
3851 struct listnode *nnode = NULL;
3852 struct bgp_evpn_es_evi_vtep *evi_vtep;
3853 struct bgp *bgp;
3854
3855 bgp = bgp_get_evpn();
3856 if (!bgp)
3857 return;
3858
3859 /* delete all VTEPs */
3860 for (ALL_LIST_ELEMENTS(es_evi->es_evi_vtep_list, node, nnode,
3861 evi_vtep)) {
3862 evi_vtep->flags &= ~(BGP_EVPN_EVI_VTEP_EAD_PER_ES
3863 | BGP_EVPN_EVI_VTEP_EAD_PER_EVI);
3864 bgp_evpn_es_evi_vtep_re_eval_active(bgp, evi_vtep);
3865 bgp_evpn_es_evi_vtep_free(evi_vtep);
3866 }
3867 /* delete the EVI */
3868 bgp_evpn_es_evi_remote_info_re_eval(es_evi);
3869 }
3870
3871 /* Initialize the ES tables maintained per-L2_VNI */
3872 void bgp_evpn_vni_es_init(struct bgpevpn *vpn)
3873 {
3874 /* Initialize the ES-EVI RB tree */
3875 RB_INIT(bgp_es_evi_rb_head, &vpn->es_evi_rb_tree);
3876
3877 /* Initialize the local list maintained for quick walks by type */
3878 vpn->local_es_evi_list = list_new();
3879 listset_app_node_mem(vpn->local_es_evi_list);
3880 }
3881
3882 /* Cleanup the ES info maintained per-L2_VNI */
3883 void bgp_evpn_vni_es_cleanup(struct bgpevpn *vpn)
3884 {
3885 struct bgp_evpn_es_evi *es_evi;
3886 struct bgp_evpn_es_evi *es_evi_next;
3887
3888 RB_FOREACH_SAFE(es_evi, bgp_es_evi_rb_head,
3889 &vpn->es_evi_rb_tree, es_evi_next) {
3890 es_evi = bgp_evpn_local_es_evi_do_del(es_evi);
3891 if (es_evi)
3892 bgp_evpn_remote_es_evi_flush(es_evi);
3893 }
3894
3895 list_delete(&vpn->local_es_evi_list);
3896 }
3897
3898 static char *bgp_evpn_es_evi_vteps_str(char *vtep_str,
3899 struct bgp_evpn_es_evi *es_evi,
3900 uint8_t vtep_str_size)
3901 {
3902 char vtep_flag_str[BGP_EVPN_FLAG_STR_SZ];
3903 struct listnode *node;
3904 struct bgp_evpn_es_evi_vtep *evi_vtep;
3905 bool first = true;
3906 char ip_buf[INET_ADDRSTRLEN];
3907
3908 vtep_str[0] = '\0';
3909 for (ALL_LIST_ELEMENTS_RO(es_evi->es_evi_vtep_list, node, evi_vtep)) {
3910 vtep_flag_str[0] = '\0';
3911 if (evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD_PER_ES)
3912 strlcat(vtep_flag_str, "E", sizeof(vtep_flag_str));
3913 if (evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD_PER_EVI)
3914 strlcat(vtep_flag_str, "V", sizeof(vtep_flag_str));
3915
3916 if (!strnlen(vtep_flag_str, sizeof(vtep_flag_str)))
3917 strlcpy(vtep_flag_str, "-", sizeof(vtep_flag_str));
3918 if (first)
3919 first = false;
3920 else
3921 strlcat(vtep_str, ",", vtep_str_size);
3922 strlcat(vtep_str,
3923 inet_ntop(AF_INET, &evi_vtep->vtep_ip, ip_buf,
3924 sizeof(ip_buf)),
3925 vtep_str_size);
3926 strlcat(vtep_str, "(", vtep_str_size);
3927 strlcat(vtep_str, vtep_flag_str, vtep_str_size);
3928 strlcat(vtep_str, ")", vtep_str_size);
3929 }
3930
3931 return vtep_str;
3932 }
3933
3934 static void bgp_evpn_es_evi_json_vtep_fill(json_object *json_vteps,
3935 struct bgp_evpn_es_evi_vtep *evi_vtep)
3936 {
3937 json_object *json_vtep_entry;
3938 json_object *json_flags;
3939
3940 json_vtep_entry = json_object_new_object();
3941
3942 json_object_string_addf(json_vtep_entry, "vtep_ip", "%pI4",
3943 &evi_vtep->vtep_ip);
3944 if (evi_vtep->flags & (BGP_EVPN_EVI_VTEP_EAD_PER_ES |
3945 BGP_EVPN_EVI_VTEP_EAD_PER_EVI)) {
3946 json_flags = json_object_new_array();
3947 if (evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD_PER_ES)
3948 json_array_string_add(json_flags, "ead-per-es");
3949 if (evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD_PER_EVI)
3950 json_array_string_add(json_flags, "ead-per-evi");
3951 json_object_object_add(json_vtep_entry,
3952 "flags", json_flags);
3953 }
3954
3955 json_object_array_add(json_vteps,
3956 json_vtep_entry);
3957 }
3958
3959 static void bgp_evpn_es_evi_show_entry(struct vty *vty,
3960 struct bgp_evpn_es_evi *es_evi, json_object *json)
3961 {
3962 struct listnode *node;
3963 struct bgp_evpn_es_evi_vtep *evi_vtep;
3964
3965 if (json) {
3966 json_object *json_vteps;
3967 json_object *json_types;
3968
3969 json_object_string_add(json, "esi", es_evi->es->esi_str);
3970 json_object_int_add(json, "vni", es_evi->vpn->vni);
3971
3972 if (es_evi->flags & (BGP_EVPNES_EVI_LOCAL |
3973 BGP_EVPNES_EVI_REMOTE)) {
3974 json_types = json_object_new_array();
3975 if (es_evi->flags & BGP_EVPNES_EVI_LOCAL)
3976 json_array_string_add(json_types, "local");
3977 if (es_evi->flags & BGP_EVPNES_EVI_REMOTE)
3978 json_array_string_add(json_types, "remote");
3979 json_object_object_add(json, "type", json_types);
3980 }
3981
3982 if (listcount(es_evi->es_evi_vtep_list)) {
3983 json_vteps = json_object_new_array();
3984 for (ALL_LIST_ELEMENTS_RO(es_evi->es_evi_vtep_list,
3985 node, evi_vtep)) {
3986 bgp_evpn_es_evi_json_vtep_fill(json_vteps,
3987 evi_vtep);
3988 }
3989 json_object_object_add(json, "vteps", json_vteps);
3990 }
3991 } else {
3992 char type_str[4];
3993 char vtep_str[ES_VTEP_LIST_STR_SZ + BGP_EVPN_VTEPS_FLAG_STR_SZ];
3994
3995 type_str[0] = '\0';
3996 if (es_evi->flags & BGP_EVPNES_EVI_LOCAL)
3997 strlcat(type_str, "L", sizeof(type_str));
3998 if (es_evi->flags & BGP_EVPNES_EVI_REMOTE)
3999 strlcat(type_str, "R", sizeof(type_str));
4000 if (es_evi->flags & BGP_EVPNES_EVI_INCONS_VTEP_LIST)
4001 strlcat(type_str, "I", sizeof(type_str));
4002
4003 bgp_evpn_es_evi_vteps_str(vtep_str, es_evi, sizeof(vtep_str));
4004
4005 vty_out(vty, "%-8d %-30s %-5s %s\n",
4006 es_evi->vpn->vni, es_evi->es->esi_str,
4007 type_str, vtep_str);
4008 }
4009 }
4010
4011 static void bgp_evpn_es_evi_show_entry_detail(struct vty *vty,
4012 struct bgp_evpn_es_evi *es_evi, json_object *json)
4013 {
4014 if (json) {
4015 json_object *json_flags;
4016
4017 /* Add the "brief" info first */
4018 bgp_evpn_es_evi_show_entry(vty, es_evi, json);
4019 if (es_evi->es_frag)
4020 json_object_string_addf(json, "esFragmentRd", "%pRD",
4021 &es_evi->es_frag->prd);
4022 if (es_evi->flags & BGP_EVPNES_EVI_INCONS_VTEP_LIST) {
4023 json_flags = json_object_new_array();
4024 json_array_string_add(json_flags, "es-vtep-mismatch");
4025 json_object_object_add(json, "flags", json_flags);
4026 }
4027 } else {
4028 char vtep_str[ES_VTEP_LIST_STR_SZ + BGP_EVPN_VTEPS_FLAG_STR_SZ];
4029 char type_str[4];
4030
4031 type_str[0] = '\0';
4032 if (es_evi->flags & BGP_EVPNES_EVI_LOCAL)
4033 strlcat(type_str, "L", sizeof(type_str));
4034 if (es_evi->flags & BGP_EVPNES_EVI_REMOTE)
4035 strlcat(type_str, "R", sizeof(type_str));
4036
4037 bgp_evpn_es_evi_vteps_str(vtep_str, es_evi, sizeof(vtep_str));
4038 if (!strlen(vtep_str))
4039 strlcpy(vtep_str, "-", sizeof(type_str));
4040
4041 vty_out(vty, "VNI: %d ESI: %s\n",
4042 es_evi->vpn->vni, es_evi->es->esi_str);
4043 vty_out(vty, " Type: %s\n", type_str);
4044 if (es_evi->es_frag)
4045 vty_out(vty, " ES fragment RD: %pRD\n",
4046 &es_evi->es_frag->prd);
4047 vty_out(vty, " Inconsistencies: %s\n",
4048 (es_evi->flags & BGP_EVPNES_EVI_INCONS_VTEP_LIST) ?
4049 "es-vtep-mismatch":"-");
4050 vty_out(vty, " VTEPs: %s\n", vtep_str);
4051 vty_out(vty, "\n");
4052 }
4053 }
4054
4055 static void bgp_evpn_es_evi_show_one_vni(struct bgpevpn *vpn, struct vty *vty,
4056 json_object *json_array, bool detail)
4057 {
4058 struct bgp_evpn_es_evi *es_evi;
4059 json_object *json = NULL;
4060
4061 RB_FOREACH(es_evi, bgp_es_evi_rb_head, &vpn->es_evi_rb_tree) {
4062 if (json_array)
4063 /* create a separate json object for each ES */
4064 json = json_object_new_object();
4065 if (detail)
4066 bgp_evpn_es_evi_show_entry_detail(vty, es_evi, json);
4067 else
4068 bgp_evpn_es_evi_show_entry(vty, es_evi, json);
4069 /* add ES to the json array */
4070 if (json_array)
4071 json_object_array_add(json_array, json);
4072 }
4073 }
4074
4075 struct es_evi_show_ctx {
4076 struct vty *vty;
4077 json_object *json;
4078 int detail;
4079 };
4080
4081 static void bgp_evpn_es_evi_show_one_vni_hash_cb(struct hash_bucket *bucket,
4082 void *ctxt)
4083 {
4084 struct bgpevpn *vpn = (struct bgpevpn *)bucket->data;
4085 struct es_evi_show_ctx *wctx = (struct es_evi_show_ctx *)ctxt;
4086
4087 bgp_evpn_es_evi_show_one_vni(vpn, wctx->vty, wctx->json, wctx->detail);
4088 }
4089
4090 /* Display all ES EVIs */
4091 void bgp_evpn_es_evi_show(struct vty *vty, bool uj, bool detail)
4092 {
4093 json_object *json_array = NULL;
4094 struct es_evi_show_ctx wctx;
4095 struct bgp *bgp;
4096
4097 if (uj) {
4098 /* create an array of ES-EVIs */
4099 json_array = json_object_new_array();
4100 }
4101
4102 wctx.vty = vty;
4103 wctx.json = json_array;
4104 wctx.detail = detail;
4105
4106 bgp = bgp_get_evpn();
4107
4108 if (!json_array && !detail) {
4109 vty_out(vty, "Flags: L local, R remote, I inconsistent\n");
4110 vty_out(vty, "VTEP-Flags: E EAD-per-ES, V EAD-per-EVI\n");
4111 vty_out(vty, "%-8s %-30s %-5s %s\n",
4112 "VNI", "ESI", "Flags", "VTEPs");
4113 }
4114
4115 if (bgp)
4116 hash_iterate(bgp->vnihash,
4117 (void (*)(struct hash_bucket *,
4118 void *))bgp_evpn_es_evi_show_one_vni_hash_cb,
4119 &wctx);
4120 if (uj)
4121 vty_json(vty, json_array);
4122 }
4123
4124 /* Display specific ES EVI */
4125 void bgp_evpn_es_evi_show_vni(struct vty *vty, vni_t vni,
4126 bool uj, bool detail)
4127 {
4128 struct bgpevpn *vpn = NULL;
4129 json_object *json_array = NULL;
4130 struct bgp *bgp;
4131
4132 if (uj) {
4133 /* create an array of ES-EVIs */
4134 json_array = json_object_new_array();
4135 }
4136
4137 bgp = bgp_get_evpn();
4138 if (bgp)
4139 vpn = bgp_evpn_lookup_vni(bgp, vni);
4140
4141 if (vpn) {
4142 if (!json_array && !detail) {
4143 vty_out(vty, "Flags: L local, R remote, I inconsistent\n");
4144 vty_out(vty, "VTEP-Flags: E EAD-per-ES, V EAD-per-EVI\n");
4145 vty_out(vty, "%-8s %-30s %-5s %s\n",
4146 "VNI", "ESI", "Flags", "VTEPs");
4147 }
4148
4149 bgp_evpn_es_evi_show_one_vni(vpn, vty, json_array, detail);
4150 } else {
4151 if (!uj)
4152 vty_out(vty, "VNI not found\n");
4153 }
4154
4155 if (uj)
4156 vty_json(vty, json_array);
4157 }
4158
4159 /*****************************************************************************
4160 * Ethernet Segment Consistency checks
4161 * Consistency checking is done to detect misconfig or mis-cabling. When
4162 * an inconsistency is detected it is simply logged (and displayed via
4163 * show commands) at this point. A more drastic action can be executed (based
4164 * on user config) in the future.
4165 */
4166 static void bgp_evpn_es_cons_checks_timer_start(void)
4167 {
4168 if (!bgp_mh_info->consistency_checking || bgp_mh_info->t_cons_check)
4169 return;
4170
4171 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4172 zlog_debug("periodic consistency checking started");
4173
4174 thread_add_timer(bm->master, bgp_evpn_run_consistency_checks, NULL,
4175 BGP_EVPN_CONS_CHECK_INTERVAL,
4176 &bgp_mh_info->t_cons_check);
4177 }
4178
4179 /* queue up the es for background consistency checks */
4180 static void bgp_evpn_es_cons_checks_pend_add(struct bgp_evpn_es *es)
4181 {
4182 if (!bgp_mh_info->consistency_checking)
4183 /* consistency checking is not enabled */
4184 return;
4185
4186 if (CHECK_FLAG(es->flags, BGP_EVPNES_CONS_CHECK_PEND))
4187 /* already queued for consistency checking */
4188 return;
4189
4190 /* start the periodic timer for consistency checks if it is not
4191 * already running */
4192 bgp_evpn_es_cons_checks_timer_start();
4193
4194 SET_FLAG(es->flags, BGP_EVPNES_CONS_CHECK_PEND);
4195 listnode_init(&es->pend_es_listnode, es);
4196 listnode_add_after(bgp_mh_info->pend_es_list,
4197 listtail_unchecked(bgp_mh_info->pend_es_list),
4198 &es->pend_es_listnode);
4199 }
4200
4201 /* pull the ES from the consistency check list */
4202 static void bgp_evpn_es_cons_checks_pend_del(struct bgp_evpn_es *es)
4203 {
4204 if (!CHECK_FLAG(es->flags, BGP_EVPNES_CONS_CHECK_PEND))
4205 return;
4206
4207 UNSET_FLAG(es->flags, BGP_EVPNES_CONS_CHECK_PEND);
4208 list_delete_node(bgp_mh_info->pend_es_list,
4209 &es->pend_es_listnode);
4210 }
4211
4212 /* Number of active VTEPs associated with the ES-per-EVI */
4213 static uint32_t bgp_evpn_es_evi_get_active_vtep_cnt(
4214 struct bgp_evpn_es_evi *es_evi)
4215 {
4216 struct bgp_evpn_es_evi_vtep *evi_vtep;
4217 struct listnode *node;
4218 uint32_t vtep_cnt = 0;
4219
4220 for (ALL_LIST_ELEMENTS_RO(es_evi->es_evi_vtep_list, node, evi_vtep)) {
4221 if (CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE))
4222 ++vtep_cnt;
4223 }
4224
4225 return vtep_cnt;
4226 }
4227
4228 /* Number of active VTEPs associated with the ES */
4229 static uint32_t bgp_evpn_es_get_active_vtep_cnt(struct bgp_evpn_es *es)
4230 {
4231 struct listnode *node;
4232 uint32_t vtep_cnt = 0;
4233 struct bgp_evpn_es_vtep *es_vtep;
4234
4235 for (ALL_LIST_ELEMENTS_RO(es->es_vtep_list, node, es_vtep)) {
4236 if (CHECK_FLAG(es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE))
4237 ++vtep_cnt;
4238 }
4239
4240 return vtep_cnt;
4241 }
4242
4243 static struct bgp_evpn_es_vtep *bgp_evpn_es_get_next_active_vtep(
4244 struct bgp_evpn_es *es, struct bgp_evpn_es_vtep *es_vtep)
4245 {
4246 struct listnode *node;
4247 struct bgp_evpn_es_vtep *next_es_vtep;
4248
4249 if (es_vtep)
4250 node = listnextnode_unchecked(&es_vtep->es_listnode);
4251 else
4252 node = listhead(es->es_vtep_list);
4253
4254 for (; node; node = listnextnode_unchecked(node)) {
4255 next_es_vtep = listgetdata(node);
4256 if (CHECK_FLAG(next_es_vtep->flags, BGP_EVPNES_VTEP_ACTIVE))
4257 return next_es_vtep;
4258 }
4259
4260 return NULL;
4261 }
4262
4263 static struct bgp_evpn_es_evi_vtep *bgp_evpn_es_evi_get_next_active_vtep(
4264 struct bgp_evpn_es_evi *es_evi,
4265 struct bgp_evpn_es_evi_vtep *evi_vtep)
4266 {
4267 struct listnode *node;
4268 struct bgp_evpn_es_evi_vtep *next_evi_vtep;
4269
4270 if (evi_vtep)
4271 node = listnextnode_unchecked(&evi_vtep->es_evi_listnode);
4272 else
4273 node = listhead(es_evi->es_evi_vtep_list);
4274
4275 for (; node; node = listnextnode_unchecked(node)) {
4276 next_evi_vtep = listgetdata(node);
4277 if (CHECK_FLAG(next_evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE))
4278 return next_evi_vtep;
4279 }
4280
4281 return NULL;
4282 }
4283
4284 static void bgp_evpn_es_evi_set_inconsistent(struct bgp_evpn_es_evi *es_evi)
4285 {
4286 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_INCONS_VTEP_LIST)) {
4287 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4288 zlog_debug("inconsistency detected - es %s evi %u vtep list mismatch",
4289 es_evi->es->esi_str,
4290 es_evi->vpn->vni);
4291 SET_FLAG(es_evi->flags, BGP_EVPNES_EVI_INCONS_VTEP_LIST);
4292
4293 /* update parent ES with the incosistency setting */
4294 if (!es_evi->es->incons_evi_vtep_cnt &&
4295 BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4296 zlog_debug("inconsistency detected - es %s vtep list mismatch",
4297 es_evi->es->esi_str);
4298 ++es_evi->es->incons_evi_vtep_cnt;
4299 SET_FLAG(es_evi->es->inconsistencies,
4300 BGP_EVPNES_INCONS_VTEP_LIST);
4301 }
4302 }
4303
4304 static uint32_t bgp_evpn_es_run_consistency_checks(struct bgp_evpn_es *es)
4305 {
4306 int proc_cnt = 0;
4307 int es_active_vtep_cnt;
4308 int evi_active_vtep_cnt;
4309 struct bgp_evpn_es_evi *es_evi;
4310 struct listnode *evi_node;
4311 struct bgp_evpn_es_vtep *es_vtep;
4312 struct bgp_evpn_es_evi_vtep *evi_vtep;
4313
4314 /* reset the inconsistencies and re-evaluate */
4315 es->incons_evi_vtep_cnt = 0;
4316 es->inconsistencies = 0;
4317
4318 es_active_vtep_cnt = bgp_evpn_es_get_active_vtep_cnt(es);
4319 for (ALL_LIST_ELEMENTS_RO(es->es_evi_list,
4320 evi_node, es_evi)) {
4321 ++proc_cnt;
4322
4323 /* reset the inconsistencies on the EVI and re-evaluate*/
4324 UNSET_FLAG(es_evi->flags, BGP_EVPNES_EVI_INCONS_VTEP_LIST);
4325
4326 evi_active_vtep_cnt =
4327 bgp_evpn_es_evi_get_active_vtep_cnt(es_evi);
4328 if (es_active_vtep_cnt != evi_active_vtep_cnt) {
4329 bgp_evpn_es_evi_set_inconsistent(es_evi);
4330 continue;
4331 }
4332
4333 if (!es_active_vtep_cnt)
4334 continue;
4335
4336 es_vtep = NULL;
4337 evi_vtep = NULL;
4338 while ((es_vtep = bgp_evpn_es_get_next_active_vtep(
4339 es, es_vtep))) {
4340 evi_vtep = bgp_evpn_es_evi_get_next_active_vtep(es_evi,
4341 evi_vtep);
4342 if (!evi_vtep) {
4343 bgp_evpn_es_evi_set_inconsistent(es_evi);
4344 break;
4345 }
4346 if (es_vtep->vtep_ip.s_addr !=
4347 evi_vtep->vtep_ip.s_addr) {
4348 /* inconsistency detected; set it and move
4349 * to the next evi
4350 */
4351 bgp_evpn_es_evi_set_inconsistent(es_evi);
4352 break;
4353 }
4354 }
4355 }
4356
4357 return proc_cnt;
4358 }
4359
4360 static void bgp_evpn_run_consistency_checks(struct thread *t)
4361 {
4362 int proc_cnt = 0;
4363 struct listnode *node;
4364 struct listnode *nextnode;
4365 struct bgp_evpn_es *es;
4366
4367 for (ALL_LIST_ELEMENTS(bgp_mh_info->pend_es_list,
4368 node, nextnode, es)) {
4369 ++proc_cnt;
4370 /* run consistency checks on the ES and remove it from the
4371 * pending list
4372 */
4373 proc_cnt += bgp_evpn_es_run_consistency_checks(es);
4374 bgp_evpn_es_cons_checks_pend_del(es);
4375 if (proc_cnt > 500)
4376 break;
4377 }
4378
4379 /* restart the timer */
4380 thread_add_timer(bm->master, bgp_evpn_run_consistency_checks, NULL,
4381 BGP_EVPN_CONS_CHECK_INTERVAL,
4382 &bgp_mh_info->t_cons_check);
4383 }
4384
4385 /*****************************************************************************
4386 * EVPN-Nexthop and RMAC management: nexthops associated with Type-2 routes
4387 * that have an ES as destination are consolidated by BGP into a per-VRF
4388 * nh->rmac mapping which is sent to zebra. Zebra installs the nexthop
4389 * as a remote neigh/fdb entry with a dummy (type-1) prefix referencing it.
4390 *
4391 * This handling is needed because Type-2 routes with ES as dest use NHG
4392 * that is setup using EAD routes (i.e. such NHGs do not include the
4393 * RMAC info).
4394 ****************************************************************************/
4395 static void bgp_evpn_nh_zebra_update_send(struct bgp_evpn_nh *nh, bool add)
4396 {
4397 struct stream *s;
4398 struct bgp *bgp_vrf = nh->bgp_vrf;
4399
4400 /* Check socket. */
4401 if (!zclient || zclient->sock < 0)
4402 return;
4403
4404 /* Don't try to register if Zebra doesn't know of this instance. */
4405 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp_vrf)) {
4406 if (BGP_DEBUG(zebra, ZEBRA))
4407 zlog_debug("No zebra instance, not %s remote nh %s",
4408 add ? "adding" : "deleting", nh->nh_str);
4409 return;
4410 }
4411
4412 s = zclient->obuf;
4413 stream_reset(s);
4414
4415 zclient_create_header(
4416 s, add ? ZEBRA_EVPN_REMOTE_NH_ADD : ZEBRA_EVPN_REMOTE_NH_DEL,
4417 bgp_vrf->vrf_id);
4418 stream_putl(s, bgp_vrf->vrf_id);
4419 stream_put(s, &nh->ip, sizeof(nh->ip));
4420 if (add)
4421 stream_put(s, &nh->rmac, sizeof(nh->rmac));
4422
4423 stream_putw_at(s, 0, stream_get_endp(s));
4424
4425 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES)) {
4426 if (add)
4427 zlog_debug("evpn vrf %s nh %s rmac %pEA add to zebra",
4428 nh->bgp_vrf->name_pretty, nh->nh_str,
4429 &nh->rmac);
4430 else if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4431 zlog_debug("evpn vrf %s nh %s del to zebra",
4432 nh->bgp_vrf->name_pretty, nh->nh_str);
4433 }
4434
4435 frrtrace(2, frr_bgp, evpn_mh_nh_rmac_zsend, add, nh);
4436
4437 zclient_send_message(zclient);
4438 }
4439
4440 static void bgp_evpn_nh_zebra_update(struct bgp_evpn_nh *nh, bool add)
4441 {
4442 if (add && !is_zero_mac(&nh->rmac)) {
4443 nh->flags |= BGP_EVPN_NH_READY_FOR_ZEBRA;
4444 bgp_evpn_nh_zebra_update_send(nh, true);
4445 } else {
4446 if (!(nh->flags & BGP_EVPN_NH_READY_FOR_ZEBRA))
4447 return;
4448 nh->flags &= ~BGP_EVPN_NH_READY_FOR_ZEBRA;
4449 bgp_evpn_nh_zebra_update_send(nh, false);
4450 }
4451 }
4452
4453 static void *bgp_evpn_nh_alloc(void *p)
4454 {
4455 struct bgp_evpn_nh *tmp_n = p;
4456 struct bgp_evpn_nh *n;
4457
4458 n = XCALLOC(MTYPE_BGP_EVPN_NH, sizeof(struct bgp_evpn_nh));
4459 *n = *tmp_n;
4460
4461 return ((void *)n);
4462 }
4463
4464 static struct bgp_evpn_nh *bgp_evpn_nh_find(struct bgp *bgp_vrf,
4465 struct ipaddr *ip)
4466 {
4467 struct bgp_evpn_nh tmp;
4468 struct bgp_evpn_nh *n;
4469
4470 memset(&tmp, 0, sizeof(tmp));
4471 memcpy(&tmp.ip, ip, sizeof(struct ipaddr));
4472 n = hash_lookup(bgp_vrf->evpn_nh_table, &tmp);
4473
4474 return n;
4475 }
4476
4477 /* Add nexthop entry - implicitly created on first path reference */
4478 static struct bgp_evpn_nh *bgp_evpn_nh_add(struct bgp *bgp_vrf,
4479 struct ipaddr *ip,
4480 struct bgp_path_info *pi)
4481 {
4482 struct bgp_evpn_nh tmp_n;
4483 struct bgp_evpn_nh *n = NULL;
4484
4485 memset(&tmp_n, 0, sizeof(tmp_n));
4486 memcpy(&tmp_n.ip, ip, sizeof(struct ipaddr));
4487 n = hash_get(bgp_vrf->evpn_nh_table, &tmp_n, bgp_evpn_nh_alloc);
4488 ipaddr2str(ip, n->nh_str, sizeof(n->nh_str));
4489 n->bgp_vrf = bgp_vrf;
4490
4491 n->pi_list = list_new();
4492 listset_app_node_mem(n->pi_list);
4493
4494 /* Setup ref_pi when the nh is created */
4495 if (CHECK_FLAG(pi->flags, BGP_PATH_VALID) && pi->attr) {
4496 n->ref_pi = pi;
4497 memcpy(&n->rmac, &pi->attr->rmac, ETH_ALEN);
4498 }
4499
4500 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4501 zlog_debug("evpn vrf %s nh %s rmac %pEA add",
4502 n->bgp_vrf->name_pretty, n->nh_str, &n->rmac);
4503 bgp_evpn_nh_zebra_update(n, true);
4504 return n;
4505 }
4506
4507 /* Delete nexthop entry if there are no paths referencing it */
4508 static void bgp_evpn_nh_del(struct bgp_evpn_nh *n)
4509 {
4510 struct bgp_evpn_nh *tmp_n;
4511 struct bgp *bgp_vrf = n->bgp_vrf;
4512
4513 if (listcount(n->pi_list))
4514 return;
4515
4516 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4517 zlog_debug("evpn vrf %s nh %s del to zebra",
4518 bgp_vrf->name_pretty, n->nh_str);
4519
4520 bgp_evpn_nh_zebra_update(n, false);
4521 list_delete(&n->pi_list);
4522 tmp_n = hash_release(bgp_vrf->evpn_nh_table, n);
4523 XFREE(MTYPE_BGP_EVPN_NH, tmp_n);
4524 }
4525
4526 static void hash_evpn_nh_free(struct bgp_evpn_nh *ben)
4527 {
4528 XFREE(MTYPE_BGP_EVPN_NH, ben);
4529 }
4530
4531 static unsigned int bgp_evpn_nh_hash_keymake(const void *p)
4532 {
4533 const struct bgp_evpn_nh *n = p;
4534 const struct ipaddr *ip = &n->ip;
4535
4536 if (IS_IPADDR_V4(ip))
4537 return jhash_1word(ip->ipaddr_v4.s_addr, 0);
4538
4539 return jhash2(ip->ipaddr_v6.s6_addr32,
4540 array_size(ip->ipaddr_v6.s6_addr32), 0);
4541 }
4542
4543 static bool bgp_evpn_nh_cmp(const void *p1, const void *p2)
4544 {
4545 const struct bgp_evpn_nh *n1 = p1;
4546 const struct bgp_evpn_nh *n2 = p2;
4547
4548 if (n1 == NULL && n2 == NULL)
4549 return true;
4550
4551 if (n1 == NULL || n2 == NULL)
4552 return false;
4553
4554 return (ipaddr_cmp(&n1->ip, &n2->ip) == 0);
4555 }
4556
4557 void bgp_evpn_nh_init(struct bgp *bgp_vrf)
4558 {
4559 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4560 zlog_debug("evpn vrf %s nh init", bgp_vrf->name_pretty);
4561 bgp_vrf->evpn_nh_table = hash_create(
4562 bgp_evpn_nh_hash_keymake, bgp_evpn_nh_cmp, "BGP EVPN NH table");
4563 }
4564
4565 static void bgp_evpn_nh_flush_entry(struct bgp_evpn_nh *nh)
4566 {
4567 struct listnode *node;
4568 struct listnode *nnode;
4569 struct bgp_path_evpn_nh_info *nh_info;
4570
4571 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4572 zlog_debug("evpn vrf %s nh %s flush", nh->bgp_vrf->name_pretty,
4573 nh->nh_str);
4574
4575 /* force flush paths */
4576 for (ALL_LIST_ELEMENTS(nh->pi_list, node, nnode, nh_info))
4577 bgp_evpn_path_nh_del(nh->bgp_vrf, nh_info->pi);
4578 }
4579
4580 static void bgp_evpn_nh_flush_cb(struct hash_bucket *bucket, void *ctxt)
4581 {
4582 struct bgp_evpn_nh *nh = (struct bgp_evpn_nh *)bucket->data;
4583
4584 bgp_evpn_nh_flush_entry(nh);
4585 }
4586
4587 void bgp_evpn_nh_finish(struct bgp *bgp_vrf)
4588 {
4589 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4590 zlog_debug("evpn vrf %s nh finish", bgp_vrf->name_pretty);
4591 hash_iterate(
4592 bgp_vrf->evpn_nh_table,
4593 (void (*)(struct hash_bucket *, void *))bgp_evpn_nh_flush_cb,
4594 NULL);
4595 hash_clean(bgp_vrf->evpn_nh_table, (void (*)(void *))hash_evpn_nh_free);
4596 hash_free(bgp_vrf->evpn_nh_table);
4597 bgp_vrf->evpn_nh_table = NULL;
4598 }
4599
4600 static void bgp_evpn_nh_update_ref_pi(struct bgp_evpn_nh *nh)
4601 {
4602 struct listnode *node;
4603 struct bgp_path_info *pi;
4604 struct bgp_path_evpn_nh_info *nh_info;
4605
4606 if (nh->ref_pi)
4607 return;
4608
4609 for (ALL_LIST_ELEMENTS_RO(nh->pi_list, node, nh_info)) {
4610 pi = nh_info->pi;
4611 if (!CHECK_FLAG(pi->flags, BGP_PATH_VALID) || !pi->attr)
4612 continue;
4613
4614 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4615 zlog_debug("evpn vrf %s nh %s ref_pi update",
4616 nh->bgp_vrf->name_pretty, nh->nh_str);
4617 nh->ref_pi = pi;
4618 /* If we have a new pi copy rmac from it and update
4619 * zebra if the new rmac is different
4620 */
4621 if (memcmp(&nh->rmac, &nh->ref_pi->attr->rmac, ETH_ALEN)) {
4622 memcpy(&nh->rmac, &nh->ref_pi->attr->rmac, ETH_ALEN);
4623 bgp_evpn_nh_zebra_update(nh, true);
4624 }
4625 break;
4626 }
4627 }
4628
4629 static void bgp_evpn_nh_clear_ref_pi(struct bgp_evpn_nh *nh,
4630 struct bgp_path_info *pi)
4631 {
4632 if (nh->ref_pi != pi)
4633 return;
4634
4635 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES))
4636 zlog_debug("evpn vrf %s nh %s ref_pi clear",
4637 nh->bgp_vrf->name_pretty, nh->nh_str);
4638 nh->ref_pi = NULL;
4639 /* try to find another ref_pi */
4640 bgp_evpn_nh_update_ref_pi(nh);
4641 /* couldn't find one - clear the old rmac and notify zebra */
4642 if (!nh->ref_pi) {
4643 memset(&nh->rmac, 0, ETH_ALEN);
4644 bgp_evpn_nh_zebra_update(nh, true);
4645 }
4646 }
4647
4648 static void bgp_evpn_path_nh_info_free(struct bgp_path_evpn_nh_info *nh_info)
4649 {
4650 bgp_evpn_path_nh_unlink(nh_info);
4651 XFREE(MTYPE_BGP_EVPN_PATH_NH_INFO, nh_info);
4652 }
4653
4654 static struct bgp_path_evpn_nh_info *
4655 bgp_evpn_path_nh_info_new(struct bgp_path_info *pi)
4656 {
4657 struct bgp_path_info_extra *e;
4658 struct bgp_path_mh_info *mh_info;
4659 struct bgp_path_evpn_nh_info *nh_info;
4660
4661 e = bgp_path_info_extra_get(pi);
4662
4663 /* If mh_info doesn't exist allocate it */
4664 mh_info = e->mh_info;
4665 if (!mh_info)
4666 e->mh_info = mh_info = XCALLOC(MTYPE_BGP_EVPN_PATH_MH_INFO,
4667 sizeof(struct bgp_path_mh_info));
4668
4669 /* If nh_info doesn't exist allocate it */
4670 nh_info = mh_info->nh_info;
4671 if (!nh_info) {
4672 mh_info->nh_info = nh_info =
4673 XCALLOC(MTYPE_BGP_EVPN_PATH_NH_INFO,
4674 sizeof(struct bgp_path_evpn_nh_info));
4675 nh_info->pi = pi;
4676 }
4677
4678 return nh_info;
4679 }
4680
4681 static void bgp_evpn_path_nh_unlink(struct bgp_path_evpn_nh_info *nh_info)
4682 {
4683 struct bgp_evpn_nh *nh = nh_info->nh;
4684 struct bgp_path_info *pi;
4685 char prefix_buf[PREFIX_STRLEN];
4686
4687 if (!nh)
4688 return;
4689
4690 pi = nh_info->pi;
4691 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
4692 zlog_debug("path %s unlinked from nh %s %s",
4693 pi->net ? prefix2str(&pi->net->p, prefix_buf,
4694 sizeof(prefix_buf))
4695 : "",
4696 nh->bgp_vrf->name_pretty, nh->nh_str);
4697
4698 list_delete_node(nh->pi_list, &nh_info->nh_listnode);
4699
4700 nh_info->nh = NULL;
4701
4702 /* check if the ref_pi need to be updated */
4703 bgp_evpn_nh_clear_ref_pi(nh, pi);
4704
4705 /* if there are no other references against the nh it
4706 * needs to be freed
4707 */
4708 bgp_evpn_nh_del(nh);
4709
4710 /* Note we don't free the path nh_info on unlink; it will be freed up
4711 * along with the path.
4712 */
4713 }
4714
4715 static void bgp_evpn_path_nh_link(struct bgp *bgp_vrf, struct bgp_path_info *pi)
4716 {
4717 struct bgp_path_evpn_nh_info *nh_info;
4718 struct bgp_evpn_nh *nh;
4719 struct ipaddr ip;
4720
4721 /* EVPN nexthop setup in bgp has been turned off */
4722 if (!bgp_mh_info->bgp_evpn_nh_setup)
4723 return;
4724
4725 if (!bgp_vrf->evpn_nh_table) {
4726 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
4727 zlog_debug("path %pFX linked to vrf %s failed",
4728 &pi->net->p, bgp_vrf->name_pretty);
4729 return;
4730 }
4731
4732 nh_info = (pi->extra && pi->extra->mh_info)
4733 ? pi->extra->mh_info->nh_info
4734 : NULL;
4735
4736 /* if NHG is not being used for this path we don't need to manage the
4737 * nexthops in bgp (they are managed by zebra instead)
4738 */
4739 if (!(pi->attr->es_flags & ATTR_ES_L3_NHG_USE)) {
4740 if (nh_info)
4741 bgp_evpn_path_nh_unlink(nh_info);
4742 return;
4743 }
4744
4745 /* setup nh_info against the path if it doesn't aleady exist */
4746 if (!nh_info)
4747 nh_info = bgp_evpn_path_nh_info_new(pi);
4748
4749 /* find-create nh */
4750 memset(&ip, 0, sizeof(ip));
4751 if (pi->net->p.family == AF_INET6) {
4752 SET_IPADDR_V6(&ip);
4753 memcpy(&ip.ipaddr_v6, &pi->attr->mp_nexthop_global,
4754 sizeof(ip.ipaddr_v6));
4755 } else {
4756 SET_IPADDR_V4(&ip);
4757 memcpy(&ip.ipaddr_v4, &pi->attr->nexthop, sizeof(ip.ipaddr_v4));
4758 }
4759
4760 nh = bgp_evpn_nh_find(bgp_vrf, &ip);
4761 if (!nh)
4762 nh = bgp_evpn_nh_add(bgp_vrf, &ip, pi);
4763
4764 /* dup check */
4765 if (nh_info->nh == nh) {
4766 /* Check if any of the paths are now valid */
4767 bgp_evpn_nh_update_ref_pi(nh);
4768 return;
4769 }
4770
4771 /* unlink old nh if any */
4772 bgp_evpn_path_nh_unlink(nh_info);
4773
4774 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
4775 zlog_debug("path %pFX linked to nh %s %s", &pi->net->p,
4776 nh->bgp_vrf->name_pretty, nh->nh_str);
4777
4778 /* link mac-ip path to the new nh */
4779 nh_info->nh = nh;
4780 listnode_init(&nh_info->nh_listnode, nh_info);
4781 listnode_add(nh->pi_list, &nh_info->nh_listnode);
4782 /* If a new valid path got linked to the nh see if can get the rmac
4783 * from it
4784 */
4785 bgp_evpn_nh_update_ref_pi(nh);
4786 if (BGP_DEBUG(evpn_mh, EVPN_MH_ES)) {
4787 if (!nh->ref_pi)
4788 zlog_debug(
4789 "path %pFX linked to nh %s %s with no valid pi",
4790 &pi->net->p, nh->bgp_vrf->name_pretty,
4791 nh->nh_str);
4792 }
4793 }
4794
4795 void bgp_evpn_path_nh_del(struct bgp *bgp_vrf, struct bgp_path_info *pi)
4796 {
4797 struct bgp_path_evpn_nh_info *nh_info;
4798
4799 nh_info = (pi->extra && pi->extra->mh_info)
4800 ? pi->extra->mh_info->nh_info
4801 : NULL;
4802
4803 if (!nh_info)
4804 return;
4805
4806 bgp_evpn_path_nh_unlink(nh_info);
4807 }
4808
4809 void bgp_evpn_path_nh_add(struct bgp *bgp_vrf, struct bgp_path_info *pi)
4810 {
4811 bgp_evpn_path_nh_link(bgp_vrf, pi);
4812 }
4813
4814 static void bgp_evpn_nh_show_entry(struct bgp_evpn_nh *nh, struct vty *vty,
4815 json_object *json_array)
4816 {
4817 json_object *json = NULL;
4818 char mac_buf[ETHER_ADDR_STRLEN];
4819 char prefix_buf[PREFIX_STRLEN];
4820
4821 if (json_array)
4822 /* create a separate json object for each ES */
4823 json = json_object_new_object();
4824
4825 prefix_mac2str(&nh->rmac, mac_buf, sizeof(mac_buf));
4826 if (nh->ref_pi && nh->ref_pi->net)
4827 prefix2str(&nh->ref_pi->net->p, prefix_buf, sizeof(prefix_buf));
4828 else
4829 prefix_buf[0] = '\0';
4830 if (json) {
4831 json_object_string_add(json, "vrf", nh->bgp_vrf->name_pretty);
4832 json_object_string_add(json, "ip", nh->nh_str);
4833 json_object_string_add(json, "rmac", mac_buf);
4834 json_object_string_add(json, "basePath", prefix_buf);
4835 json_object_int_add(json, "pathCount", listcount(nh->pi_list));
4836 } else {
4837 vty_out(vty, "%-15s %-15s %-17s %-10d %s\n",
4838 nh->bgp_vrf->name_pretty, nh->nh_str, mac_buf,
4839 listcount(nh->pi_list), prefix_buf);
4840 }
4841
4842 /* add ES to the json array */
4843 if (json_array)
4844 json_object_array_add(json_array, json);
4845 }
4846
4847 struct nh_show_ctx {
4848 struct vty *vty;
4849 json_object *json;
4850 };
4851
4852 static void bgp_evpn_nh_show_hash_cb(struct hash_bucket *bucket, void *ctxt)
4853 {
4854 struct bgp_evpn_nh *nh = (struct bgp_evpn_nh *)bucket->data;
4855 struct nh_show_ctx *wctx = (struct nh_show_ctx *)ctxt;
4856
4857 bgp_evpn_nh_show_entry(nh, wctx->vty, wctx->json);
4858 }
4859
4860 /* Display all evpn nexthops */
4861 void bgp_evpn_nh_show(struct vty *vty, bool uj)
4862 {
4863 json_object *json_array = NULL;
4864 struct bgp *bgp_vrf;
4865 struct listnode *node;
4866 struct nh_show_ctx wctx;
4867
4868 if (uj) {
4869 /* create an array of nexthops */
4870 json_array = json_object_new_array();
4871 } else {
4872 vty_out(vty, "%-15s %-15s %-17s %-10s %s\n", "VRF", "IP",
4873 "RMAC", "#Paths", "Base Path");
4874 }
4875
4876 wctx.vty = vty;
4877 wctx.json = json_array;
4878
4879 /* walk through all vrfs */
4880 for (ALL_LIST_ELEMENTS_RO(bm->bgp, node, bgp_vrf)) {
4881 hash_iterate(bgp_vrf->evpn_nh_table,
4882 (void (*)(struct hash_bucket *,
4883 void *))bgp_evpn_nh_show_hash_cb,
4884 &wctx);
4885 }
4886
4887 /* print the array of json-ESs */
4888 if (uj)
4889 vty_json(vty, json_array);
4890 }
4891
4892 /*****************************************************************************/
4893 void bgp_evpn_mh_init(void)
4894 {
4895 bm->mh_info = XCALLOC(MTYPE_BGP_EVPN_MH_INFO, sizeof(*bm->mh_info));
4896
4897 /* setup ES tables */
4898 RB_INIT(bgp_es_rb_head, &bgp_mh_info->es_rb_tree);
4899 /* local ES list */
4900 bgp_mh_info->local_es_list = list_new();
4901 listset_app_node_mem(bgp_mh_info->local_es_list);
4902 /* list of ESs with pending processing */
4903 bgp_mh_info->pend_es_list = list_new();
4904 listset_app_node_mem(bgp_mh_info->pend_es_list);
4905
4906 bgp_mh_info->ead_evi_rx = BGP_EVPN_MH_EAD_EVI_RX_DEF;
4907 bgp_mh_info->ead_evi_tx = BGP_EVPN_MH_EAD_EVI_TX_DEF;
4908 bgp_mh_info->ead_es_export_rtl = list_new();
4909 bgp_mh_info->ead_es_export_rtl->cmp =
4910 (int (*)(void *, void *))bgp_evpn_route_target_cmp;
4911 bgp_mh_info->ead_es_export_rtl->del = bgp_evpn_xxport_delete_ecomm;
4912
4913 /* config knobs - XXX add cli to control it */
4914 bgp_mh_info->ead_evi_adv_for_down_links = true;
4915 bgp_mh_info->consistency_checking = true;
4916 bgp_mh_info->host_routes_use_l3nhg = BGP_EVPN_MH_USE_ES_L3NHG_DEF;
4917 bgp_mh_info->suppress_l3_ecomm_on_inactive_es = true;
4918 bgp_mh_info->bgp_evpn_nh_setup = true;
4919 bgp_mh_info->evi_per_es_frag = BGP_EVPN_MAX_EVI_PER_ES_FRAG;
4920
4921 memset(&zero_esi_buf, 0, sizeof(esi_t));
4922 }
4923
4924 void bgp_evpn_mh_finish(void)
4925 {
4926 struct bgp_evpn_es *es;
4927 struct bgp_evpn_es *es_next;
4928
4929 if (BGP_DEBUG(evpn_mh, EVPN_MH_RT))
4930 zlog_debug("evpn mh finish");
4931
4932 RB_FOREACH_SAFE (es, bgp_es_rb_head, &bgp_mh_info->es_rb_tree,
4933 es_next) {
4934 bgp_evpn_es_local_info_clear(es, true);
4935 }
4936 if (bgp_mh_info->t_cons_check)
4937 THREAD_OFF(bgp_mh_info->t_cons_check);
4938 list_delete(&bgp_mh_info->local_es_list);
4939 list_delete(&bgp_mh_info->pend_es_list);
4940 list_delete(&bgp_mh_info->ead_es_export_rtl);
4941
4942 XFREE(MTYPE_BGP_EVPN_MH_INFO, bgp_mh_info);
4943 }
4944
4945 /* This function is called when disable-ead-evi-rx knob flaps */
4946 void bgp_evpn_switch_ead_evi_rx(void)
4947 {
4948 struct bgp *bgp;
4949 struct bgp_evpn_es *es;
4950 struct bgp_evpn_es_evi *es_evi;
4951 struct listnode *evi_node = NULL;
4952 struct listnode *evi_next = NULL;
4953 struct bgp_evpn_es_evi_vtep *vtep;
4954 struct listnode *vtep_node = NULL;
4955 struct listnode *vtep_next = NULL;
4956
4957 bgp = bgp_get_evpn();
4958 if (!bgp)
4959 return;
4960
4961 /*
4962 * Process all the remote es_evi_vteps and reevaluate if the es_evi_vtep
4963 * is active.
4964 */
4965 RB_FOREACH(es, bgp_es_rb_head, &bgp_mh_info->es_rb_tree) {
4966 if (!CHECK_FLAG(es->flags, BGP_EVPNES_REMOTE))
4967 continue;
4968
4969 for (ALL_LIST_ELEMENTS(es->es_evi_list, evi_node, evi_next,
4970 es_evi)) {
4971 if (!CHECK_FLAG(es_evi->flags, BGP_EVPNES_EVI_REMOTE))
4972 continue;
4973
4974 for (ALL_LIST_ELEMENTS(es_evi->es_evi_vtep_list,
4975 vtep_node, vtep_next, vtep))
4976 bgp_evpn_es_evi_vtep_re_eval_active(bgp, vtep);
4977 }
4978 }
4979 }
FRRouting mirror