2 * Copyright (C) 2000 Kunihiro Ishiguro <kunihiro@zebra.org>
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_debug.h"
36 #include "bgpd/bgp_errors.h"
37 #include "bgpd/bgp_table.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_attr.h"
40 #include "bgpd/bgp_label.h"
41 #include "bgpd/bgp_mplsvpn.h"
42 #include "bgpd/bgp_packet.h"
43 #include "bgpd/bgp_vty.h"
44 #include "bgpd/bgp_vpn.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_zebra.h"
47 #include "bgpd/bgp_nexthop.h"
48 #include "bgpd/bgp_nht.h"
51 #include "bgpd/rfapi/rfapi_backend.h"
55 * Definitions and external declarations.
57 extern struct zclient
*zclient
;
59 extern int argv_find_and_parse_vpnvx(struct cmd_token
**argv
, int argc
,
60 int *index
, afi_t
*afi
)
63 if (argv_find(argv
, argc
, "vpnv4", index
)) {
67 } else if (argv_find(argv
, argc
, "vpnv6", index
)) {
75 uint32_t decode_label(mpls_label_t
*label_pnt
)
78 uint8_t *pnt
= (uint8_t *)label_pnt
;
80 l
= ((uint32_t)*pnt
++ << 12);
81 l
|= (uint32_t)*pnt
++ << 4;
82 l
|= (uint32_t)((*pnt
& 0xf0) >> 4);
86 void encode_label(mpls_label_t label
, mpls_label_t
*label_pnt
)
88 uint8_t *pnt
= (uint8_t *)label_pnt
;
91 if (label
== BGP_PREVENT_VRF_2_VRF_LEAK
) {
95 *pnt
++ = (label
>> 12) & 0xff;
96 *pnt
++ = (label
>> 4) & 0xff;
97 *pnt
++ = ((label
<< 4) + 1) & 0xff; /* S=1 */
100 int bgp_nlri_parse_vpn(struct peer
*peer
, struct attr
*attr
,
101 struct bgp_nlri
*packet
)
111 struct prefix_rd prd
;
112 mpls_label_t label
= {0};
119 prd
.family
= AF_UNSPEC
;
123 lim
= pnt
+ packet
->length
;
129 (CHECK_FLAG(peer
->af_cap
[afi
][safi
], PEER_CAP_ADDPATH_AF_RX_ADV
)
130 && CHECK_FLAG(peer
->af_cap
[afi
][safi
],
131 PEER_CAP_ADDPATH_AF_TX_RCV
));
133 #define VPN_PREFIXLEN_MIN_BYTES (3 + 8) /* label + RD */
134 for (; pnt
< lim
; pnt
+= psize
) {
135 /* Clear prefix structure. */
136 memset(&p
, 0, sizeof(struct prefix
));
138 if (addpath_encoded
) {
140 /* When packet overflow occurs return immediately. */
141 if (pnt
+ BGP_ADDPATH_ID_LEN
> lim
)
144 addpath_id
= ntohl(*((uint32_t *)pnt
));
145 pnt
+= BGP_ADDPATH_ID_LEN
;
148 /* Fetch prefix length. */
150 p
.family
= afi2family(packet
->afi
);
151 psize
= PSIZE(prefixlen
);
153 if (prefixlen
< VPN_PREFIXLEN_MIN_BYTES
* 8) {
156 "%s [Error] Update packet error / VPN (prefix length %d less than VPN min length)",
157 peer
->host
, prefixlen
);
161 /* sanity check against packet data */
162 if ((pnt
+ psize
) > lim
) {
165 "%s [Error] Update packet error / VPN (prefix length %d exceeds packet size %u)",
166 peer
->host
, prefixlen
, (uint
)(lim
- pnt
));
170 /* sanity check against storage for the IP address portion */
171 if ((psize
- VPN_PREFIXLEN_MIN_BYTES
) > (ssize_t
)sizeof(p
.u
)) {
174 "%s [Error] Update packet error / VPN (psize %d exceeds storage size %zu)",
176 prefixlen
- VPN_PREFIXLEN_MIN_BYTES
* 8,
181 /* Sanity check against max bitlen of the address family */
182 if ((psize
- VPN_PREFIXLEN_MIN_BYTES
) > prefix_blen(&p
)) {
185 "%s [Error] Update packet error / VPN (psize %d exceeds family (%u) max byte len %u)",
187 prefixlen
- VPN_PREFIXLEN_MIN_BYTES
* 8,
188 p
.family
, prefix_blen(&p
));
192 /* Copy label to prefix. */
193 memcpy(&label
, pnt
, BGP_LABEL_BYTES
);
194 bgp_set_valid_label(&label
);
196 /* Copy routing distinguisher to rd. */
197 memcpy(&prd
.val
, pnt
+ BGP_LABEL_BYTES
, 8);
199 /* Decode RD type. */
200 type
= decode_rd_type(pnt
+ BGP_LABEL_BYTES
);
204 decode_rd_as(pnt
+ 5, &rd_as
);
208 decode_rd_as4(pnt
+ 5, &rd_as
);
212 decode_rd_ip(pnt
+ 5, &rd_ip
);
216 case RD_TYPE_VNC_ETH
:
221 flog_err(EC_BGP_UPDATE_RCV
, "Unknown RD type %d", type
);
222 break; /* just report */
227 - VPN_PREFIXLEN_MIN_BYTES
* 8; /* exclude label & RD */
228 memcpy(p
.u
.val
, pnt
+ VPN_PREFIXLEN_MIN_BYTES
,
229 psize
- VPN_PREFIXLEN_MIN_BYTES
);
232 bgp_update(peer
, &p
, addpath_id
, attr
, packet
->afi
,
233 SAFI_MPLS_VPN
, ZEBRA_ROUTE_BGP
,
234 BGP_ROUTE_NORMAL
, &prd
, &label
, 1, 0, NULL
);
236 bgp_withdraw(peer
, &p
, addpath_id
, attr
, packet
->afi
,
237 SAFI_MPLS_VPN
, ZEBRA_ROUTE_BGP
,
238 BGP_ROUTE_NORMAL
, &prd
, &label
, 1, NULL
);
241 /* Packet length consistency check. */
245 "%s [Error] Update packet error / VPN (%zu data remaining after parsing)",
246 peer
->host
, lim
- pnt
);
251 #undef VPN_PREFIXLEN_MIN_BYTES
255 * This function informs zebra of the label this vrf sets on routes
256 * leaked to VPN. Zebra should install this label in the kernel with
257 * an action of "pop label and then use this vrf's IP FIB to route the PDU."
259 * Sending this vrf-label association is qualified by a) whether vrf->vpn
260 * exporting is active ("export vpn" is enabled, vpn-policy RD and RT list
261 * are set) and b) whether vpn-policy label is set.
263 * If any of these conditions do not hold, then we send MPLS_LABEL_NONE
264 * for this vrf, which zebra interprets to mean "delete this vrf-label
267 void vpn_leak_zebra_vrf_label_update(struct bgp
*bgp
, afi_t afi
)
269 mpls_label_t label
= MPLS_LABEL_NONE
;
270 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_LABEL
);
272 if (bgp
->vrf_id
== VRF_UNKNOWN
) {
275 "%s: vrf %s: afi %s: vrf_id not set, "
276 "can't set zebra vrf label",
277 __func__
, bgp
->name_pretty
, afi2str(afi
));
282 if (vpn_leak_to_vpn_active(bgp
, afi
, NULL
)) {
283 label
= bgp
->vpn_policy
[afi
].tovpn_label
;
287 zlog_debug("%s: vrf %s: afi %s: setting label %d for vrf id %d",
288 __func__
, bgp
->name_pretty
, afi2str(afi
), label
,
292 if (label
== BGP_PREVENT_VRF_2_VRF_LEAK
)
293 label
= MPLS_LABEL_NONE
;
294 zclient_send_vrf_label(zclient
, bgp
->vrf_id
, afi
, label
, ZEBRA_LSP_BGP
);
295 bgp
->vpn_policy
[afi
].tovpn_zebra_vrf_label_last_sent
= label
;
299 * If zebra tells us vrf has become unconfigured, tell zebra not to
300 * use this label to forward to the vrf anymore
302 void vpn_leak_zebra_vrf_label_withdraw(struct bgp
*bgp
, afi_t afi
)
304 mpls_label_t label
= MPLS_LABEL_NONE
;
305 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_LABEL
);
307 if (bgp
->vrf_id
== VRF_UNKNOWN
) {
310 "%s: vrf_id not set, can't delete zebra vrf label",
317 zlog_debug("%s: deleting label for vrf %s (id=%d)", __func__
,
318 bgp
->name_pretty
, bgp
->vrf_id
);
321 if (label
== BGP_PREVENT_VRF_2_VRF_LEAK
)
322 label
= MPLS_LABEL_NONE
;
324 zclient_send_vrf_label(zclient
, bgp
->vrf_id
, afi
, label
, ZEBRA_LSP_BGP
);
325 bgp
->vpn_policy
[afi
].tovpn_zebra_vrf_label_last_sent
= label
;
328 int vpn_leak_label_callback(
333 struct vpn_policy
*vp
= (struct vpn_policy
*)labelid
;
334 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_LABEL
);
337 zlog_debug("%s: label=%u, allocated=%d",
338 __func__
, label
, allocated
);
342 * previously-allocated label is now invalid
344 if (CHECK_FLAG(vp
->flags
, BGP_VPN_POLICY_TOVPN_LABEL_AUTO
) &&
345 (vp
->tovpn_label
!= MPLS_LABEL_NONE
)) {
347 vpn_leak_prechange(BGP_VPN_POLICY_DIR_TOVPN
,
348 vp
->afi
, bgp_get_default(), vp
->bgp
);
349 vp
->tovpn_label
= MPLS_LABEL_NONE
;
350 vpn_leak_postchange(BGP_VPN_POLICY_DIR_TOVPN
,
351 vp
->afi
, bgp_get_default(), vp
->bgp
);
357 * New label allocation
359 if (!CHECK_FLAG(vp
->flags
, BGP_VPN_POLICY_TOVPN_LABEL_AUTO
)) {
362 * not currently configured for auto label, reject allocation
367 if (vp
->tovpn_label
!= MPLS_LABEL_NONE
) {
368 if (label
== vp
->tovpn_label
) {
369 /* already have same label, accept but do nothing */
372 /* Shouldn't happen: different label allocation */
373 flog_err(EC_BGP_LABEL
,
374 "%s: %s had label %u but got new assignment %u",
375 __func__
, vp
->bgp
->name_pretty
, vp
->tovpn_label
,
380 vpn_leak_prechange(BGP_VPN_POLICY_DIR_TOVPN
,
381 vp
->afi
, bgp_get_default(), vp
->bgp
);
382 vp
->tovpn_label
= label
;
383 vpn_leak_postchange(BGP_VPN_POLICY_DIR_TOVPN
,
384 vp
->afi
, bgp_get_default(), vp
->bgp
);
389 static int ecom_intersect(struct ecommunity
*e1
, struct ecommunity
*e2
)
397 for (i
= 0; i
< e1
->size
; ++i
) {
398 for (j
= 0; j
< e2
->size
; ++j
) {
399 if (!memcmp(e1
->val
+ (i
* ECOMMUNITY_SIZE
),
400 e2
->val
+ (j
* ECOMMUNITY_SIZE
),
410 static bool labels_same(struct bgp_path_info
*bpi
, mpls_label_t
*label
,
422 if (n
!= bpi
->extra
->num_labels
)
425 for (i
= 0; i
< n
; ++i
) {
426 if (label
[i
] != bpi
->extra
->label
[i
])
433 * make encoded route labels match specified encoded label set
435 static void setlabels(struct bgp_path_info
*bpi
,
436 mpls_label_t
*label
, /* array of labels */
441 assert(num_labels
<= BGP_MAX_LABELS
);
445 bpi
->extra
->num_labels
= 0;
449 struct bgp_path_info_extra
*extra
= bgp_path_info_extra_get(bpi
);
452 for (i
= 0; i
< num_labels
; ++i
) {
453 extra
->label
[i
] = label
[i
];
454 if (!bgp_is_valid_label(&label
[i
])) {
455 bgp_set_valid_label(&extra
->label
[i
]);
458 extra
->num_labels
= num_labels
;
462 * returns pointer to new bgp_path_info upon success
464 static struct bgp_path_info
*
465 leak_update(struct bgp
*bgp
, /* destination bgp instance */
466 struct bgp_node
*bn
, struct attr
*new_attr
, /* already interned */
467 afi_t afi
, safi_t safi
, struct bgp_path_info
*source_bpi
,
468 mpls_label_t
*label
, uint32_t num_labels
, void *parent
,
469 struct bgp
*bgp_orig
, struct prefix
*nexthop_orig
,
470 int nexthop_self_flag
, int debug
)
472 struct prefix
*p
= &bn
->p
;
473 struct bgp_path_info
*bpi
;
474 struct bgp_path_info
*bpi_ultimate
;
475 struct bgp_path_info
*new;
476 char buf_prefix
[PREFIX_STRLEN
];
479 prefix2str(&bn
->p
, buf_prefix
, sizeof(buf_prefix
));
480 zlog_debug("%s: entry: leak-to=%s, p=%s, type=%d, sub_type=%d",
481 __func__
, bgp
->name_pretty
, buf_prefix
,
482 source_bpi
->type
, source_bpi
->sub_type
);
486 * Routes that are redistributed into BGP from zebra do not get
487 * nexthop tracking. However, if those routes are subsequently
488 * imported to other RIBs within BGP, the leaked routes do not
489 * carry the original BGP_ROUTE_REDISTRIBUTE sub_type. Therefore,
490 * in order to determine if the route we are currently leaking
491 * should have nexthop tracking, we must find the ultimate
492 * parent so we can check its sub_type.
494 * As of now, source_bpi may at most be a second-generation route
495 * (only one hop back to ultimate parent for vrf-vpn-vrf scheme).
496 * Using a loop here supports more complex intra-bgp import-export
497 * schemes that could be implemented in the future.
500 for (bpi_ultimate
= source_bpi
;
501 bpi_ultimate
->extra
&& bpi_ultimate
->extra
->parent
;
502 bpi_ultimate
= bpi_ultimate
->extra
->parent
)
508 for (bpi
= bgp_node_get_bgp_path_info(bn
); bpi
; bpi
= bpi
->next
) {
509 if (bpi
->extra
&& bpi
->extra
->parent
== parent
)
514 bool labelssame
= labels_same(bpi
, label
, num_labels
);
516 if (attrhash_cmp(bpi
->attr
, new_attr
) && labelssame
517 && !CHECK_FLAG(bpi
->flags
, BGP_PATH_REMOVED
)) {
519 bgp_attr_unintern(&new_attr
);
522 "%s: ->%s: %s: Found route, no change",
523 __func__
, bgp
->name_pretty
,
528 /* attr is changed */
529 bgp_path_info_set_flag(bn
, bpi
, BGP_PATH_ATTR_CHANGED
);
531 /* Rewrite BGP route information. */
532 if (CHECK_FLAG(bpi
->flags
, BGP_PATH_REMOVED
))
533 bgp_path_info_restore(bn
, bpi
);
535 bgp_aggregate_decrement(bgp
, p
, bpi
, afi
, safi
);
536 bgp_attr_unintern(&bpi
->attr
);
537 bpi
->attr
= new_attr
;
538 bpi
->uptime
= bgp_clock();
544 setlabels(bpi
, label
, num_labels
);
546 if (nexthop_self_flag
)
547 bgp_path_info_set_flag(bn
, bpi
, BGP_PATH_ANNC_NH_SELF
);
549 struct bgp
*bgp_nexthop
= bgp
;
552 if (bpi
->extra
&& bpi
->extra
->bgp_orig
)
553 bgp_nexthop
= bpi
->extra
->bgp_orig
;
555 /* No nexthop tracking for redistributed routes */
556 if (bpi_ultimate
->sub_type
== BGP_ROUTE_REDISTRIBUTE
)
560 * TBD do we need to do anything about the
561 * 'connected' parameter?
563 nh_valid
= bgp_find_or_add_nexthop(bgp
, bgp_nexthop
,
567 zlog_debug("%s: nexthop is %svalid (in vrf %s)",
568 __func__
, (nh_valid
? "" : "not "),
569 bgp_nexthop
->name_pretty
);
572 bgp_path_info_set_flag(bn
, bpi
, BGP_PATH_VALID
);
574 /* Process change. */
575 bgp_aggregate_increment(bgp
, p
, bpi
, afi
, safi
);
576 bgp_process(bgp
, bn
, afi
, safi
);
580 zlog_debug("%s: ->%s: %s Found route, changed attr",
581 __func__
, bgp
->name_pretty
, buf_prefix
);
586 new = info_make(ZEBRA_ROUTE_BGP
, BGP_ROUTE_IMPORTED
, 0,
587 bgp
->peer_self
, new_attr
, bn
);
589 if (nexthop_self_flag
)
590 bgp_path_info_set_flag(bn
, new, BGP_PATH_ANNC_NH_SELF
);
592 bgp_path_info_extra_get(new);
595 setlabels(new, label
, num_labels
);
597 new->extra
->parent
= bgp_path_info_lock(parent
);
598 bgp_lock_node((struct bgp_node
*)((struct bgp_path_info
*)parent
)->net
);
600 new->extra
->bgp_orig
= bgp_lock(bgp_orig
);
602 new->extra
->nexthop_orig
= *nexthop_orig
;
605 * nexthop tracking for unicast routes
607 struct bgp
*bgp_nexthop
= bgp
;
610 if (new->extra
->bgp_orig
)
611 bgp_nexthop
= new->extra
->bgp_orig
;
614 * No nexthop tracking for redistributed routes because
615 * their originating protocols will do the tracking and
616 * withdraw those routes if the nexthops become unreachable
618 if (bpi_ultimate
->sub_type
== BGP_ROUTE_REDISTRIBUTE
)
622 * TBD do we need to do anything about the
623 * 'connected' parameter?
625 nh_valid
= bgp_find_or_add_nexthop(bgp
, bgp_nexthop
,
629 zlog_debug("%s: nexthop is %svalid (in vrf %s)",
630 __func__
, (nh_valid
? "" : "not "),
631 bgp_nexthop
->name_pretty
);
633 bgp_path_info_set_flag(bn
, new, BGP_PATH_VALID
);
635 bgp_aggregate_increment(bgp
, p
, new, afi
, safi
);
636 bgp_path_info_add(bn
, new);
639 bgp_process(bgp
, bn
, afi
, safi
);
642 zlog_debug("%s: ->%s: %s: Added new route", __func__
,
643 bgp
->name_pretty
, buf_prefix
);
648 /* cf vnc_import_bgp_add_route_mode_nvegroup() and add_vnc_route() */
649 void vpn_leak_from_vrf_update(struct bgp
*bgp_vpn
, /* to */
650 struct bgp
*bgp_vrf
, /* from */
651 struct bgp_path_info
*path_vrf
) /* route */
653 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_FROM_VRF
);
654 struct prefix
*p
= &path_vrf
->net
->p
;
655 afi_t afi
= family2afi(p
->family
);
656 struct attr static_attr
= {0};
657 struct attr
*new_attr
= NULL
;
658 safi_t safi
= SAFI_MPLS_VPN
;
659 mpls_label_t label_val
;
662 const char *debugmsg
;
663 int nexthop_self_flag
= 0;
666 zlog_debug("%s: from vrf %s", __func__
, bgp_vrf
->name_pretty
);
668 if (debug
&& path_vrf
->attr
->ecommunity
) {
669 char *s
= ecommunity_ecom2str(path_vrf
->attr
->ecommunity
,
670 ECOMMUNITY_FORMAT_ROUTE_MAP
, 0);
672 zlog_debug("%s: %s path_vrf->type=%d, EC{%s}", __func__
,
673 bgp_vrf
->name
, path_vrf
->type
, s
);
674 XFREE(MTYPE_ECOMMUNITY_STR
, s
);
682 zlog_debug("%s: can't get afi of prefix", __func__
);
686 /* loop check - should not be an imported route. */
687 if (path_vrf
->extra
&& path_vrf
->extra
->bgp_orig
)
691 if (!vpn_leak_to_vpn_active(bgp_vrf
, afi
, &debugmsg
)) {
693 zlog_debug("%s: %s skipping: %s", __func__
,
694 bgp_vrf
->name
, debugmsg
);
698 bgp_attr_dup(&static_attr
, path_vrf
->attr
); /* shallow copy */
703 if (bgp_vrf
->vpn_policy
[afi
].rmap
[BGP_VPN_POLICY_DIR_TOVPN
]) {
704 struct bgp_path_info info
;
705 route_map_result_t ret
;
707 memset(&info
, 0, sizeof(info
));
708 info
.peer
= bgp_vpn
->peer_self
;
709 info
.attr
= &static_attr
;
710 ret
= route_map_apply(
711 bgp_vrf
->vpn_policy
[afi
].rmap
[BGP_VPN_POLICY_DIR_TOVPN
],
713 if (RMAP_DENYMATCH
== ret
) {
714 bgp_attr_flush(&static_attr
); /* free any added parts */
717 "%s: vrf %s route map \"%s\" says DENY, returning",
718 __func__
, bgp_vrf
->name_pretty
,
719 bgp_vrf
->vpn_policy
[afi
]
720 .rmap
[BGP_VPN_POLICY_DIR_TOVPN
]
726 if (debug
&& static_attr
.ecommunity
) {
727 char *s
= ecommunity_ecom2str(static_attr
.ecommunity
,
728 ECOMMUNITY_FORMAT_ROUTE_MAP
, 0);
730 zlog_debug("%s: post route map static_attr.ecommunity{%s}",
732 XFREE(MTYPE_ECOMMUNITY_STR
, s
);
736 * Add the vpn-policy rt-list
738 struct ecommunity
*old_ecom
;
739 struct ecommunity
*new_ecom
;
741 old_ecom
= static_attr
.ecommunity
;
743 new_ecom
= ecommunity_merge(
744 ecommunity_dup(old_ecom
),
745 bgp_vrf
->vpn_policy
[afi
]
746 .rtlist
[BGP_VPN_POLICY_DIR_TOVPN
]);
747 if (!old_ecom
->refcnt
)
748 ecommunity_free(&old_ecom
);
750 new_ecom
= ecommunity_dup(
751 bgp_vrf
->vpn_policy
[afi
]
752 .rtlist
[BGP_VPN_POLICY_DIR_TOVPN
]);
754 static_attr
.ecommunity
= new_ecom
;
755 SET_FLAG(static_attr
.flag
, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
));
757 if (debug
&& static_attr
.ecommunity
) {
758 char *s
= ecommunity_ecom2str(static_attr
.ecommunity
,
759 ECOMMUNITY_FORMAT_ROUTE_MAP
, 0);
761 zlog_debug("%s: post merge static_attr.ecommunity{%s}",
763 XFREE(MTYPE_ECOMMUNITY_STR
, s
);
767 /* if policy nexthop not set, use 0 */
768 if (CHECK_FLAG(bgp_vrf
->vpn_policy
[afi
].flags
,
769 BGP_VPN_POLICY_TOVPN_NEXTHOP_SET
)) {
770 struct prefix
*nexthop
=
771 &bgp_vrf
->vpn_policy
[afi
].tovpn_nexthop
;
773 switch (nexthop
->family
) {
775 /* prevent mp_nexthop_global_in <- self in bgp_route.c
777 static_attr
.nexthop
.s_addr
= nexthop
->u
.prefix4
.s_addr
;
779 static_attr
.mp_nexthop_global_in
= nexthop
->u
.prefix4
;
780 static_attr
.mp_nexthop_len
= 4;
784 static_attr
.mp_nexthop_global
= nexthop
->u
.prefix6
;
785 static_attr
.mp_nexthop_len
= 16;
792 if (!CHECK_FLAG(bgp_vrf
->af_flags
[afi
][SAFI_UNICAST
],
793 BGP_CONFIG_VRF_TO_VRF_EXPORT
)) {
796 * For ipv4, copy to multiprotocol
799 static_attr
.mp_nexthop_global_in
=
801 static_attr
.mp_nexthop_len
= 4;
803 * XXX Leave static_attr.nexthop
807 ~ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
810 /* Update based on next-hop family to account for
811 * RFC 5549 (BGP unnumbered) scenario. Note that
812 * specific action is only needed for the case of
813 * IPv4 nexthops as the attr has been copied
817 && !BGP_ATTR_NEXTHOP_AFI_IP6(path_vrf
->attr
)) {
818 static_attr
.mp_nexthop_global_in
.s_addr
=
819 static_attr
.nexthop
.s_addr
;
820 static_attr
.mp_nexthop_len
= 4;
822 ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
825 nexthop_self_flag
= 1;
828 label_val
= bgp_vrf
->vpn_policy
[afi
].tovpn_label
;
829 if (label_val
== MPLS_LABEL_NONE
) {
830 encode_label(MPLS_LABEL_IMPLICIT_NULL
, &label
);
832 encode_label(label_val
, &label
);
835 /* Set originator ID to "me" */
836 SET_FLAG(static_attr
.flag
, ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
));
837 static_attr
.originator_id
= bgp_vpn
->router_id
;
840 new_attr
= bgp_attr_intern(
841 &static_attr
); /* hashed refcounted everything */
842 bgp_attr_flush(&static_attr
); /* free locally-allocated parts */
844 if (debug
&& new_attr
->ecommunity
) {
845 char *s
= ecommunity_ecom2str(new_attr
->ecommunity
,
846 ECOMMUNITY_FORMAT_ROUTE_MAP
, 0);
848 zlog_debug("%s: new_attr->ecommunity{%s}", __func__
, s
);
849 XFREE(MTYPE_ECOMMUNITY_STR
, s
);
852 /* Now new_attr is an allocated interned attr */
854 bn
= bgp_afi_node_get(bgp_vpn
->rib
[afi
][safi
], afi
, safi
, p
,
855 &(bgp_vrf
->vpn_policy
[afi
].tovpn_rd
));
857 struct bgp_path_info
*new_info
;
859 new_info
= leak_update(bgp_vpn
, bn
, new_attr
, afi
, safi
, path_vrf
,
860 &label
, 1, path_vrf
, bgp_vrf
, NULL
,
861 nexthop_self_flag
, debug
);
864 * Routes actually installed in the vpn RIB must also be
865 * offered to all vrfs (because now they originate from
868 * Acceptance into other vrfs depends on rt-lists.
869 * Originating vrf will not accept the looped back route
870 * because of loop checking.
873 vpn_leak_to_vrf_update(bgp_vrf
, new_info
);
876 void vpn_leak_from_vrf_withdraw(struct bgp
*bgp_vpn
, /* to */
877 struct bgp
*bgp_vrf
, /* from */
878 struct bgp_path_info
*path_vrf
) /* route */
880 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_FROM_VRF
);
881 struct prefix
*p
= &path_vrf
->net
->p
;
882 afi_t afi
= family2afi(p
->family
);
883 safi_t safi
= SAFI_MPLS_VPN
;
884 struct bgp_path_info
*bpi
;
886 const char *debugmsg
;
887 char buf_prefix
[PREFIX_STRLEN
];
890 prefix2str(p
, buf_prefix
, sizeof(buf_prefix
));
892 "%s: entry: leak-from=%s, p=%s, type=%d, sub_type=%d",
893 __func__
, bgp_vrf
->name_pretty
, buf_prefix
,
894 path_vrf
->type
, path_vrf
->sub_type
);
897 if (path_vrf
->sub_type
!= BGP_ROUTE_NORMAL
898 && path_vrf
->sub_type
!= BGP_ROUTE_STATIC
899 && path_vrf
->sub_type
!= BGP_ROUTE_REDISTRIBUTE
) {
902 zlog_debug("%s: wrong sub_type %d", __func__
,
911 zlog_debug("%s: can't get afi of prefix", __func__
);
915 if (!vpn_leak_to_vpn_active(bgp_vrf
, afi
, &debugmsg
)) {
917 zlog_debug("%s: skipping: %s", __func__
, debugmsg
);
922 zlog_debug("%s: withdrawing (path_vrf=%p)", __func__
, path_vrf
);
924 bn
= bgp_afi_node_get(bgp_vpn
->rib
[afi
][safi
], afi
, safi
, p
,
925 &(bgp_vrf
->vpn_policy
[afi
].tovpn_rd
));
931 * match original bpi imported from
933 for (bpi
= bgp_node_get_bgp_path_info(bn
); bpi
; bpi
= bpi
->next
) {
934 if (bpi
->extra
&& bpi
->extra
->parent
== path_vrf
) {
940 /* withdraw from looped vrfs as well */
941 vpn_leak_to_vrf_withdraw(bgp_vpn
, bpi
);
943 bgp_aggregate_decrement(bgp_vpn
, p
, bpi
, afi
, safi
);
944 bgp_path_info_delete(bn
, bpi
);
945 bgp_process(bgp_vpn
, bn
, afi
, safi
);
950 void vpn_leak_from_vrf_withdraw_all(struct bgp
*bgp_vpn
, /* to */
951 struct bgp
*bgp_vrf
, /* from */
954 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_FROM_VRF
);
955 struct bgp_node
*prn
;
956 safi_t safi
= SAFI_MPLS_VPN
;
959 * Walk vpn table, delete bpi with bgp_orig == bgp_vrf
961 for (prn
= bgp_table_top(bgp_vpn
->rib
[afi
][safi
]); prn
;
962 prn
= bgp_route_next(prn
)) {
964 struct bgp_table
*table
;
966 struct bgp_path_info
*bpi
;
968 /* This is the per-RD table of prefixes */
969 table
= bgp_node_get_bgp_table_info(prn
);
974 for (bn
= bgp_table_top(table
); bn
; bn
= bgp_route_next(bn
)) {
976 char buf
[PREFIX2STR_BUFFER
];
978 bpi
= bgp_node_get_bgp_path_info(bn
);
981 "%s: looking at prefix %s", __func__
,
982 prefix2str(&bn
->p
, buf
, sizeof(buf
)));
985 for (; bpi
; bpi
= bpi
->next
) {
987 zlog_debug("%s: type %d, sub_type %d",
990 if (bpi
->sub_type
!= BGP_ROUTE_IMPORTED
)
994 if ((struct bgp
*)bpi
->extra
->bgp_orig
998 zlog_debug("%s: deleting it\n",
1000 bgp_aggregate_decrement(bgp_vpn
, &bn
->p
,
1002 bgp_path_info_delete(bn
, bpi
);
1003 bgp_process(bgp_vpn
, bn
, afi
, safi
);
1010 void vpn_leak_from_vrf_update_all(struct bgp
*bgp_vpn
, /* to */
1011 struct bgp
*bgp_vrf
, /* from */
1014 struct bgp_node
*bn
;
1015 struct bgp_path_info
*bpi
;
1016 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_FROM_VRF
);
1019 zlog_debug("%s: entry, afi=%d, vrf=%s", __func__
, afi
,
1020 bgp_vrf
->name_pretty
);
1022 for (bn
= bgp_table_top(bgp_vrf
->rib
[afi
][SAFI_UNICAST
]); bn
;
1023 bn
= bgp_route_next(bn
)) {
1026 zlog_debug("%s: node=%p", __func__
, bn
);
1028 for (bpi
= bgp_node_get_bgp_path_info(bn
); bpi
;
1032 "%s: calling vpn_leak_from_vrf_update",
1034 vpn_leak_from_vrf_update(bgp_vpn
, bgp_vrf
, bpi
);
1040 vpn_leak_to_vrf_update_onevrf(struct bgp
*bgp_vrf
, /* to */
1041 struct bgp
*bgp_vpn
, /* from */
1042 struct bgp_path_info
*path_vpn
) /* route */
1044 struct prefix
*p
= &path_vpn
->net
->p
;
1045 afi_t afi
= family2afi(p
->family
);
1047 struct attr static_attr
= {0};
1048 struct attr
*new_attr
= NULL
;
1049 struct bgp_node
*bn
;
1050 safi_t safi
= SAFI_UNICAST
;
1051 const char *debugmsg
;
1052 struct prefix nexthop_orig
;
1053 mpls_label_t
*pLabels
= NULL
;
1054 uint32_t num_labels
= 0;
1055 int nexthop_self_flag
= 1;
1056 struct bgp_path_info
*bpi_ultimate
= NULL
;
1057 int origin_local
= 0;
1058 struct bgp
*src_vrf
;
1060 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_TO_VRF
);
1062 if (!vpn_leak_from_vpn_active(bgp_vrf
, afi
, &debugmsg
)) {
1064 zlog_debug("%s: skipping: %s", __func__
, debugmsg
);
1068 /* Check for intersection of route targets */
1069 if (!ecom_intersect(
1070 bgp_vrf
->vpn_policy
[afi
].rtlist
[BGP_VPN_POLICY_DIR_FROMVPN
],
1071 path_vpn
->attr
->ecommunity
)) {
1077 char buf_prefix
[PREFIX_STRLEN
];
1079 prefix2str(p
, buf_prefix
, sizeof(buf_prefix
));
1080 zlog_debug("%s: updating %s to vrf %s", __func__
,
1081 buf_prefix
, bgp_vrf
->name_pretty
);
1084 bgp_attr_dup(&static_attr
, path_vpn
->attr
); /* shallow copy */
1087 * Nexthop: stash and clear
1089 * Nexthop is valid in context of VPN core, but not in destination vrf.
1090 * Stash it for later label resolution by vrf ingress path and then
1091 * overwrite with 0, i.e., "me", for the sake of vrf advertisement.
1093 uint8_t nhfamily
= NEXTHOP_FAMILY(path_vpn
->attr
->mp_nexthop_len
);
1095 memset(&nexthop_orig
, 0, sizeof(nexthop_orig
));
1096 nexthop_orig
.family
= nhfamily
;
1101 nexthop_orig
.u
.prefix4
= path_vpn
->attr
->mp_nexthop_global_in
;
1102 nexthop_orig
.prefixlen
= 32;
1104 if (CHECK_FLAG(bgp_vrf
->af_flags
[afi
][safi
],
1105 BGP_CONFIG_VRF_TO_VRF_IMPORT
)) {
1106 static_attr
.nexthop
.s_addr
=
1107 nexthop_orig
.u
.prefix4
.s_addr
;
1109 static_attr
.mp_nexthop_global_in
=
1110 path_vpn
->attr
->mp_nexthop_global_in
;
1111 static_attr
.mp_nexthop_len
=
1112 path_vpn
->attr
->mp_nexthop_len
;
1114 static_attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
1118 nexthop_orig
.u
.prefix6
= path_vpn
->attr
->mp_nexthop_global
;
1119 nexthop_orig
.prefixlen
= 128;
1121 if (CHECK_FLAG(bgp_vrf
->af_flags
[afi
][safi
],
1122 BGP_CONFIG_VRF_TO_VRF_IMPORT
)) {
1123 static_attr
.mp_nexthop_global
= nexthop_orig
.u
.prefix6
;
1129 * route map handling
1131 if (bgp_vrf
->vpn_policy
[afi
].rmap
[BGP_VPN_POLICY_DIR_FROMVPN
]) {
1132 struct bgp_path_info info
;
1133 route_map_result_t ret
;
1135 memset(&info
, 0, sizeof(info
));
1136 info
.peer
= bgp_vrf
->peer_self
;
1137 info
.attr
= &static_attr
;
1138 info
.extra
= path_vpn
->extra
; /* Used for source-vrf filter */
1139 ret
= route_map_apply(bgp_vrf
->vpn_policy
[afi
]
1140 .rmap
[BGP_VPN_POLICY_DIR_FROMVPN
],
1141 p
, RMAP_BGP
, &info
);
1142 if (RMAP_DENYMATCH
== ret
) {
1143 bgp_attr_flush(&static_attr
); /* free any added parts */
1146 "%s: vrf %s vpn-policy route map \"%s\" says DENY, returning",
1147 __func__
, bgp_vrf
->name_pretty
,
1148 bgp_vrf
->vpn_policy
[afi
]
1149 .rmap
[BGP_VPN_POLICY_DIR_FROMVPN
]
1154 * if route-map changed nexthop, don't nexthop-self on output
1156 if (!CHECK_FLAG(static_attr
.rmap_change_flags
,
1157 BATTR_RMAP_NEXTHOP_UNCHANGED
))
1158 nexthop_self_flag
= 0;
1161 new_attr
= bgp_attr_intern(&static_attr
);
1162 bgp_attr_flush(&static_attr
);
1164 bn
= bgp_afi_node_get(bgp_vrf
->rib
[afi
][safi
], afi
, safi
, p
, NULL
);
1167 * ensure labels are copied
1169 * However, there is a special case: if the route originated in
1170 * another local VRF (as opposed to arriving via VPN), then the
1171 * nexthop is reached by hairpinning through this router (me)
1172 * using IP forwarding only (no LSP). Therefore, the route
1173 * imported to the VRF should not have labels attached. Note
1174 * that nexthop tracking is also involved: eliminating the
1175 * labels for these routes enables the non-labeled nexthops
1176 * from the originating VRF to be considered valid for this route.
1178 if (!CHECK_FLAG(bgp_vrf
->af_flags
[afi
][safi
],
1179 BGP_CONFIG_VRF_TO_VRF_IMPORT
)) {
1180 /* work back to original route */
1181 for (bpi_ultimate
= path_vpn
;
1182 bpi_ultimate
->extra
&& bpi_ultimate
->extra
->parent
;
1183 bpi_ultimate
= bpi_ultimate
->extra
->parent
)
1187 * if original route was unicast,
1188 * then it did not arrive over vpn
1190 if (bpi_ultimate
->net
) {
1191 struct bgp_table
*table
;
1193 table
= bgp_node_table(bpi_ultimate
->net
);
1194 if (table
&& (table
->safi
== SAFI_UNICAST
))
1199 if (!origin_local
&& path_vpn
->extra
1200 && path_vpn
->extra
->num_labels
) {
1201 num_labels
= path_vpn
->extra
->num_labels
;
1202 if (num_labels
> BGP_MAX_LABELS
)
1203 num_labels
= BGP_MAX_LABELS
;
1204 pLabels
= path_vpn
->extra
->label
;
1209 char buf_prefix
[PREFIX_STRLEN
];
1210 prefix2str(p
, buf_prefix
, sizeof(buf_prefix
));
1211 zlog_debug("%s: pfx %s: num_labels %d", __func__
, buf_prefix
,
1216 * For VRF-2-VRF route-leaking,
1217 * the source will be the originating VRF.
1219 if (path_vpn
->extra
&& path_vpn
->extra
->bgp_orig
)
1220 src_vrf
= path_vpn
->extra
->bgp_orig
;
1224 leak_update(bgp_vrf
, bn
, new_attr
, afi
, safi
, path_vpn
, pLabels
,
1225 num_labels
, path_vpn
, /* parent */
1226 src_vrf
, &nexthop_orig
, nexthop_self_flag
, debug
);
1229 void vpn_leak_to_vrf_update(struct bgp
*bgp_vpn
, /* from */
1230 struct bgp_path_info
*path_vpn
) /* route */
1232 struct listnode
*mnode
, *mnnode
;
1235 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_TO_VRF
);
1238 zlog_debug("%s: start (path_vpn=%p)", __func__
, path_vpn
);
1240 /* Loop over VRFs */
1241 for (ALL_LIST_ELEMENTS(bm
->bgp
, mnode
, mnnode
, bgp
)) {
1243 if (!path_vpn
->extra
1244 || path_vpn
->extra
->bgp_orig
!= bgp
) { /* no loop */
1245 vpn_leak_to_vrf_update_onevrf(bgp
, bgp_vpn
, path_vpn
);
1250 void vpn_leak_to_vrf_withdraw(struct bgp
*bgp_vpn
, /* from */
1251 struct bgp_path_info
*path_vpn
) /* route */
1255 safi_t safi
= SAFI_UNICAST
;
1257 struct listnode
*mnode
, *mnnode
;
1258 struct bgp_node
*bn
;
1259 struct bgp_path_info
*bpi
;
1260 const char *debugmsg
;
1261 char buf_prefix
[PREFIX_STRLEN
];
1263 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_TO_VRF
);
1266 prefix2str(&path_vpn
->net
->p
, buf_prefix
, sizeof(buf_prefix
));
1267 zlog_debug("%s: entry: p=%s, type=%d, sub_type=%d", __func__
,
1268 buf_prefix
, path_vpn
->type
, path_vpn
->sub_type
);
1272 zlog_debug("%s: start (path_vpn=%p)", __func__
, path_vpn
);
1274 if (!path_vpn
->net
) {
1276 /* BGP_ROUTE_RFP routes do not have path_vpn->net set (yet) */
1277 if (path_vpn
->type
== ZEBRA_ROUTE_BGP
1278 && path_vpn
->sub_type
== BGP_ROUTE_RFP
) {
1285 "%s: path_vpn->net unexpectedly NULL, no prefix, bailing",
1290 p
= &path_vpn
->net
->p
;
1291 afi
= family2afi(p
->family
);
1293 /* Loop over VRFs */
1294 for (ALL_LIST_ELEMENTS(bm
->bgp
, mnode
, mnnode
, bgp
)) {
1295 if (!vpn_leak_from_vpn_active(bgp
, afi
, &debugmsg
)) {
1297 zlog_debug("%s: skipping: %s", __func__
,
1302 /* Check for intersection of route targets */
1303 if (!ecom_intersect(bgp
->vpn_policy
[afi
]
1304 .rtlist
[BGP_VPN_POLICY_DIR_FROMVPN
],
1305 path_vpn
->attr
->ecommunity
)) {
1311 zlog_debug("%s: withdrawing from vrf %s", __func__
,
1314 bn
= bgp_afi_node_get(bgp
->rib
[afi
][safi
], afi
, safi
, p
, NULL
);
1316 for (bpi
= bgp_node_get_bgp_path_info(bn
); bpi
;
1319 && (struct bgp_path_info
*)bpi
->extra
->parent
1327 zlog_debug("%s: deleting bpi %p", __func__
,
1329 bgp_aggregate_decrement(bgp
, p
, bpi
, afi
, safi
);
1330 bgp_path_info_delete(bn
, bpi
);
1331 bgp_process(bgp
, bn
, afi
, safi
);
1333 bgp_unlock_node(bn
);
1337 void vpn_leak_to_vrf_withdraw_all(struct bgp
*bgp_vrf
, /* to */
1340 struct bgp_node
*bn
;
1341 struct bgp_path_info
*bpi
;
1342 safi_t safi
= SAFI_UNICAST
;
1343 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_TO_VRF
);
1346 zlog_debug("%s: entry", __func__
);
1348 * Walk vrf table, delete bpi with bgp_orig in a different vrf
1350 for (bn
= bgp_table_top(bgp_vrf
->rib
[afi
][safi
]); bn
;
1351 bn
= bgp_route_next(bn
)) {
1353 for (bpi
= bgp_node_get_bgp_path_info(bn
); bpi
;
1355 if (bpi
->extra
&& bpi
->extra
->bgp_orig
!= bgp_vrf
) {
1358 bgp_aggregate_decrement(bgp_vrf
, &bn
->p
, bpi
,
1360 bgp_path_info_delete(bn
, bpi
);
1361 bgp_process(bgp_vrf
, bn
, afi
, safi
);
1367 void vpn_leak_to_vrf_update_all(struct bgp
*bgp_vrf
, /* to */
1368 struct bgp
*bgp_vpn
, /* from */
1371 struct prefix_rd prd
;
1372 struct bgp_node
*prn
;
1373 safi_t safi
= SAFI_MPLS_VPN
;
1380 for (prn
= bgp_table_top(bgp_vpn
->rib
[afi
][safi
]); prn
;
1381 prn
= bgp_route_next(prn
)) {
1383 struct bgp_table
*table
;
1384 struct bgp_node
*bn
;
1385 struct bgp_path_info
*bpi
;
1387 memset(&prd
, 0, sizeof(prd
));
1388 prd
.family
= AF_UNSPEC
;
1390 memcpy(prd
.val
, prn
->p
.u
.val
, 8);
1392 /* This is the per-RD table of prefixes */
1393 table
= bgp_node_get_bgp_table_info(prn
);
1398 for (bn
= bgp_table_top(table
); bn
; bn
= bgp_route_next(bn
)) {
1400 for (bpi
= bgp_node_get_bgp_path_info(bn
); bpi
;
1404 && bpi
->extra
->bgp_orig
== bgp_vrf
)
1407 vpn_leak_to_vrf_update_onevrf(bgp_vrf
, bgp_vpn
,
1415 * This function is called for definition/deletion/change to a route-map
1417 static void vpn_policy_routemap_update(struct bgp
*bgp
, const char *rmap_name
)
1419 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_RMAP_EVENT
);
1421 struct route_map
*rmap
;
1423 if (bgp
->inst_type
!= BGP_INSTANCE_TYPE_DEFAULT
1424 && bgp
->inst_type
!= BGP_INSTANCE_TYPE_VRF
) {
1429 rmap
= route_map_lookup_by_name(rmap_name
); /* NULL if deleted */
1431 for (afi
= 0; afi
< AFI_MAX
; ++afi
) {
1433 if (bgp
->vpn_policy
[afi
].rmap_name
[BGP_VPN_POLICY_DIR_TOVPN
]
1434 && !strcmp(rmap_name
,
1435 bgp
->vpn_policy
[afi
]
1436 .rmap_name
[BGP_VPN_POLICY_DIR_TOVPN
])) {
1440 "%s: rmap \"%s\" matches vrf-policy tovpn for as %d afi %s",
1441 __func__
, rmap_name
, bgp
->as
,
1444 vpn_leak_prechange(BGP_VPN_POLICY_DIR_TOVPN
, afi
,
1445 bgp_get_default(), bgp
);
1447 zlog_debug("%s: after vpn_leak_prechange",
1450 /* in case of definition/deletion */
1451 bgp
->vpn_policy
[afi
].rmap
[BGP_VPN_POLICY_DIR_TOVPN
] =
1454 vpn_leak_postchange(BGP_VPN_POLICY_DIR_TOVPN
, afi
,
1455 bgp_get_default(), bgp
);
1458 zlog_debug("%s: after vpn_leak_postchange",
1462 if (bgp
->vpn_policy
[afi
].rmap_name
[BGP_VPN_POLICY_DIR_FROMVPN
]
1463 && !strcmp(rmap_name
,
1464 bgp
->vpn_policy
[afi
]
1465 .rmap_name
[BGP_VPN_POLICY_DIR_FROMVPN
])) {
1468 zlog_debug("%s: rmap \"%s\" matches vrf-policy fromvpn for as %d afi %s",
1469 __func__
, rmap_name
, bgp
->as
,
1473 vpn_leak_prechange(BGP_VPN_POLICY_DIR_FROMVPN
, afi
,
1474 bgp_get_default(), bgp
);
1476 /* in case of definition/deletion */
1477 bgp
->vpn_policy
[afi
].rmap
[BGP_VPN_POLICY_DIR_FROMVPN
] =
1480 vpn_leak_postchange(BGP_VPN_POLICY_DIR_FROMVPN
, afi
,
1481 bgp_get_default(), bgp
);
1486 void vpn_policy_routemap_event(const char *rmap_name
)
1488 int debug
= BGP_DEBUG(vpn
, VPN_LEAK_RMAP_EVENT
);
1489 struct listnode
*mnode
, *mnnode
;
1493 zlog_debug("%s: entry", __func__
);
1495 if (bm
->bgp
== NULL
) /* may be called during cleanup */
1498 for (ALL_LIST_ELEMENTS(bm
->bgp
, mnode
, mnnode
, bgp
))
1499 vpn_policy_routemap_update(bgp
, rmap_name
);
1502 void vrf_import_from_vrf(struct bgp
*to_bgp
, struct bgp
*from_bgp
,
1503 afi_t afi
, safi_t safi
)
1505 const char *export_name
;
1506 vpn_policy_direction_t idir
, edir
;
1509 struct ecommunity
*ecom
;
1510 bool first_export
= false;
1512 export_name
= to_bgp
->name
? to_bgp
->name
: VRF_DEFAULT_NAME
;
1513 idir
= BGP_VPN_POLICY_DIR_FROMVPN
;
1514 edir
= BGP_VPN_POLICY_DIR_TOVPN
;
1517 * Cross-ref both VRFs. Also, note if this is the first time
1518 * any VRF is importing from "import_vrf".
1520 vname
= (from_bgp
->name
? XSTRDUP(MTYPE_TMP
, from_bgp
->name
)
1521 : XSTRDUP(MTYPE_TMP
, VRF_DEFAULT_NAME
));
1523 listnode_add(to_bgp
->vpn_policy
[afi
].import_vrf
, vname
);
1525 if (!listcount(from_bgp
->vpn_policy
[afi
].export_vrf
))
1526 first_export
= true;
1527 vname
= XSTRDUP(MTYPE_TMP
, export_name
);
1528 listnode_add(from_bgp
->vpn_policy
[afi
].export_vrf
, vname
);
1530 /* Update import RT for current VRF using export RT of the VRF we're
1531 * importing from. First though, make sure "import_vrf" has that
1535 form_auto_rd(from_bgp
->router_id
, from_bgp
->vrf_rd_id
,
1536 &from_bgp
->vrf_prd_auto
);
1537 from_bgp
->vpn_policy
[afi
].tovpn_rd
= from_bgp
->vrf_prd_auto
;
1538 SET_FLAG(from_bgp
->vpn_policy
[afi
].flags
,
1539 BGP_VPN_POLICY_TOVPN_RD_SET
);
1540 prefix_rd2str(&from_bgp
->vpn_policy
[afi
].tovpn_rd
,
1542 from_bgp
->vpn_policy
[afi
].rtlist
[edir
] =
1543 ecommunity_str2com(buf
, ECOMMUNITY_ROUTE_TARGET
, 0);
1544 SET_FLAG(from_bgp
->af_flags
[afi
][safi
],
1545 BGP_CONFIG_VRF_TO_VRF_EXPORT
);
1546 from_bgp
->vpn_policy
[afi
].tovpn_label
=
1547 BGP_PREVENT_VRF_2_VRF_LEAK
;
1549 ecom
= from_bgp
->vpn_policy
[afi
].rtlist
[edir
];
1550 if (to_bgp
->vpn_policy
[afi
].rtlist
[idir
])
1551 to_bgp
->vpn_policy
[afi
].rtlist
[idir
] =
1552 ecommunity_merge(to_bgp
->vpn_policy
[afi
]
1553 .rtlist
[idir
], ecom
);
1555 to_bgp
->vpn_policy
[afi
].rtlist
[idir
] = ecommunity_dup(ecom
);
1556 SET_FLAG(to_bgp
->af_flags
[afi
][safi
], BGP_CONFIG_VRF_TO_VRF_IMPORT
);
1558 /* Does "import_vrf" first need to export its routes or that
1559 * is already done and we just need to import those routes
1560 * from the global table?
1563 vpn_leak_postchange(edir
, afi
, bgp_get_default(), from_bgp
);
1565 vpn_leak_postchange(idir
, afi
, bgp_get_default(), to_bgp
);
1568 void vrf_unimport_from_vrf(struct bgp
*to_bgp
, struct bgp
*from_bgp
,
1569 afi_t afi
, safi_t safi
)
1571 const char *export_name
, *tmp_name
;
1572 vpn_policy_direction_t idir
, edir
;
1574 struct ecommunity
*ecom
;
1575 struct listnode
*node
;
1577 export_name
= to_bgp
->name
? to_bgp
->name
: VRF_DEFAULT_NAME
;
1578 tmp_name
= from_bgp
->name
? from_bgp
->name
: VRF_DEFAULT_NAME
;
1579 idir
= BGP_VPN_POLICY_DIR_FROMVPN
;
1580 edir
= BGP_VPN_POLICY_DIR_TOVPN
;
1582 /* Were we importing from "import_vrf"? */
1583 for (ALL_LIST_ELEMENTS_RO(to_bgp
->vpn_policy
[afi
].import_vrf
, node
,
1585 if (strcmp(vname
, tmp_name
) == 0)
1590 * We do not check in the cli if the passed in bgp
1591 * instance is actually imported into us before
1592 * we call this function. As such if we do not
1593 * find this in the import_vrf list than
1594 * we just need to return safely.
1599 /* Remove "import_vrf" from our import list. */
1600 listnode_delete(to_bgp
->vpn_policy
[afi
].import_vrf
, vname
);
1601 XFREE(MTYPE_TMP
, vname
);
1603 /* Remove routes imported from "import_vrf". */
1604 /* TODO: In the current logic, we have to first remove all
1605 * imported routes and then (if needed) import back routes
1607 vpn_leak_prechange(idir
, afi
, bgp_get_default(), to_bgp
);
1609 if (to_bgp
->vpn_policy
[afi
].import_vrf
->count
== 0) {
1610 UNSET_FLAG(to_bgp
->af_flags
[afi
][safi
],
1611 BGP_CONFIG_VRF_TO_VRF_IMPORT
);
1612 ecommunity_free(&to_bgp
->vpn_policy
[afi
].rtlist
[idir
]);
1614 ecom
= from_bgp
->vpn_policy
[afi
].rtlist
[edir
];
1615 ecommunity_del_val(to_bgp
->vpn_policy
[afi
].rtlist
[idir
],
1616 (struct ecommunity_val
*)ecom
->val
);
1617 vpn_leak_postchange(idir
, afi
, bgp_get_default(), to_bgp
);
1622 * So SA is assuming that since the ALL_LIST_ELEMENTS_RO
1623 * below is checking for NULL that export_vrf can be
1624 * NULL, consequently it is complaining( like a cabbage )
1625 * that we could dereference and crash in the listcount(..)
1627 * So make it happy, under protest, with liberty and justice
1630 assert(from_bgp
->vpn_policy
[afi
].export_vrf
);
1632 /* Remove us from "import_vrf's" export list. If no other VRF
1633 * is importing from "import_vrf", cleanup appropriately.
1635 for (ALL_LIST_ELEMENTS_RO(from_bgp
->vpn_policy
[afi
].export_vrf
,
1637 if (strcmp(vname
, export_name
) == 0)
1642 * If we have gotten to this point then the vname must
1643 * exist. If not, we are in a world of trouble and
1644 * have slag sitting around.
1646 * import_vrf and export_vrf must match in having
1647 * the in/out names as appropriate.
1651 listnode_delete(from_bgp
->vpn_policy
[afi
].export_vrf
, vname
);
1652 XFREE(MTYPE_TMP
, vname
);
1654 if (!listcount(from_bgp
->vpn_policy
[afi
].export_vrf
)) {
1655 vpn_leak_prechange(edir
, afi
, bgp_get_default(), from_bgp
);
1656 ecommunity_free(&from_bgp
->vpn_policy
[afi
].rtlist
[edir
]);
1657 UNSET_FLAG(from_bgp
->af_flags
[afi
][safi
],
1658 BGP_CONFIG_VRF_TO_VRF_EXPORT
);
1659 memset(&from_bgp
->vpn_policy
[afi
].tovpn_rd
, 0,
1660 sizeof(struct prefix_rd
));
1661 UNSET_FLAG(from_bgp
->vpn_policy
[afi
].flags
,
1662 BGP_VPN_POLICY_TOVPN_RD_SET
);
1663 from_bgp
->vpn_policy
[afi
].tovpn_label
= MPLS_LABEL_NONE
;
1668 /* For testing purpose, static route of MPLS-VPN. */
1669 DEFUN (vpnv4_network
,
1671 "network A.B.C.D/M rd ASN:NN_OR_IP-ADDRESS:NN <tag|label> (0-1048575)",
1672 "Specify a network to announce via BGP\n"
1674 "Specify Route Distinguisher\n"
1675 "VPN Route Distinguisher\n"
1676 "VPN NLRI label (tag)\n"
1677 "VPN NLRI label (tag)\n"
1680 int idx_ipv4_prefixlen
= 1;
1681 int idx_ext_community
= 3;
1683 return bgp_static_set_safi(
1684 AFI_IP
, SAFI_MPLS_VPN
, vty
, argv
[idx_ipv4_prefixlen
]->arg
,
1685 argv
[idx_ext_community
]->arg
, argv
[idx_label
]->arg
, NULL
, 0,
1686 NULL
, NULL
, NULL
, NULL
);
1689 DEFUN (vpnv4_network_route_map
,
1690 vpnv4_network_route_map_cmd
,
1691 "network A.B.C.D/M rd ASN:NN_OR_IP-ADDRESS:NN <tag|label> (0-1048575) route-map WORD",
1692 "Specify a network to announce via BGP\n"
1694 "Specify Route Distinguisher\n"
1695 "VPN Route Distinguisher\n"
1696 "VPN NLRI label (tag)\n"
1697 "VPN NLRI label (tag)\n"
1702 int idx_ipv4_prefixlen
= 1;
1703 int idx_ext_community
= 3;
1706 return bgp_static_set_safi(
1707 AFI_IP
, SAFI_MPLS_VPN
, vty
, argv
[idx_ipv4_prefixlen
]->arg
,
1708 argv
[idx_ext_community
]->arg
, argv
[idx_label
]->arg
,
1709 argv
[idx_word_2
]->arg
, 0, NULL
, NULL
, NULL
, NULL
);
1712 /* For testing purpose, static route of MPLS-VPN. */
1713 DEFUN (no_vpnv4_network
,
1714 no_vpnv4_network_cmd
,
1715 "no network A.B.C.D/M rd ASN:NN_OR_IP-ADDRESS:NN <tag|label> (0-1048575)",
1717 "Specify a network to announce via BGP\n"
1719 "Specify Route Distinguisher\n"
1720 "VPN Route Distinguisher\n"
1721 "VPN NLRI label (tag)\n"
1722 "VPN NLRI label (tag)\n"
1725 int idx_ipv4_prefixlen
= 2;
1726 int idx_ext_community
= 4;
1728 return bgp_static_unset_safi(AFI_IP
, SAFI_MPLS_VPN
, vty
,
1729 argv
[idx_ipv4_prefixlen
]->arg
,
1730 argv
[idx_ext_community
]->arg
,
1731 argv
[idx_label
]->arg
, 0, NULL
, NULL
, NULL
);
1734 DEFUN (vpnv6_network
,
1736 "network X:X::X:X/M rd ASN:NN_OR_IP-ADDRESS:NN <tag|label> (0-1048575) [route-map WORD]",
1737 "Specify a network to announce via BGP\n"
1738 "IPv6 prefix <network>/<length>, e.g., 3ffe::/16\n"
1739 "Specify Route Distinguisher\n"
1740 "VPN Route Distinguisher\n"
1741 "VPN NLRI label (tag)\n"
1742 "VPN NLRI label (tag)\n"
1747 int idx_ipv6_prefix
= 1;
1748 int idx_ext_community
= 3;
1752 return bgp_static_set_safi(
1753 AFI_IP6
, SAFI_MPLS_VPN
, vty
, argv
[idx_ipv6_prefix
]->arg
,
1754 argv
[idx_ext_community
]->arg
, argv
[idx_label
]->arg
,
1755 argv
[idx_word_2
]->arg
, 0, NULL
, NULL
, NULL
, NULL
);
1757 return bgp_static_set_safi(
1758 AFI_IP6
, SAFI_MPLS_VPN
, vty
, argv
[idx_ipv6_prefix
]->arg
,
1759 argv
[idx_ext_community
]->arg
, argv
[idx_label
]->arg
,
1760 NULL
, 0, NULL
, NULL
, NULL
, NULL
);
1763 /* For testing purpose, static route of MPLS-VPN. */
1764 DEFUN (no_vpnv6_network
,
1765 no_vpnv6_network_cmd
,
1766 "no network X:X::X:X/M rd ASN:NN_OR_IP-ADDRESS:NN <tag|label> (0-1048575)",
1768 "Specify a network to announce via BGP\n"
1769 "IPv6 prefix <network>/<length>, e.g., 3ffe::/16\n"
1770 "Specify Route Distinguisher\n"
1771 "VPN Route Distinguisher\n"
1772 "VPN NLRI label (tag)\n"
1773 "VPN NLRI label (tag)\n"
1776 int idx_ipv6_prefix
= 2;
1777 int idx_ext_community
= 4;
1779 return bgp_static_unset_safi(AFI_IP6
, SAFI_MPLS_VPN
, vty
,
1780 argv
[idx_ipv6_prefix
]->arg
,
1781 argv
[idx_ext_community
]->arg
,
1782 argv
[idx_label
]->arg
, 0, NULL
, NULL
, NULL
);
1785 int bgp_show_mpls_vpn(struct vty
*vty
, afi_t afi
, struct prefix_rd
*prd
,
1786 enum bgp_show_type type
, void *output_arg
, int tags
,
1790 struct bgp_table
*table
;
1792 bgp
= bgp_get_default();
1795 vty_out(vty
, "No BGP process is configured\n");
1797 vty_out(vty
, "{}\n");
1800 table
= bgp
->rib
[afi
][SAFI_MPLS_VPN
];
1801 return bgp_show_table_rd(vty
, bgp
, SAFI_MPLS_VPN
, table
, prd
, type
,
1802 output_arg
, use_json
);
1805 DEFUN (show_bgp_ip_vpn_all_rd
,
1806 show_bgp_ip_vpn_all_rd_cmd
,
1807 "show bgp "BGP_AFI_CMD_STR
" vpn all [rd ASN:NN_OR_IP-ADDRESS:NN] [json]",
1811 "Display VPN NLRI specific information\n"
1812 "Display VPN NLRI specific information\n"
1813 "Display information for a route distinguisher\n"
1814 "VPN Route Distinguisher\n"
1818 struct prefix_rd prd
;
1822 if (argv_find_and_parse_afi(argv
, argc
, &idx
, &afi
)) {
1823 if (argv_find(argv
, argc
, "rd", &idx
)) {
1824 ret
= str2prefix_rd(argv
[idx
+ 1]->arg
, &prd
);
1827 "%% Malformed Route Distinguisher\n");
1830 return bgp_show_mpls_vpn(vty
, afi
, &prd
,
1831 bgp_show_type_normal
, NULL
, 0,
1832 use_json(argc
, argv
));
1834 return bgp_show_mpls_vpn(vty
, afi
, NULL
,
1835 bgp_show_type_normal
, NULL
, 0,
1836 use_json(argc
, argv
));
1842 ALIAS(show_bgp_ip_vpn_all_rd
,
1843 show_bgp_ip_vpn_rd_cmd
,
1844 "show bgp "BGP_AFI_CMD_STR
" vpn rd ASN:NN_OR_IP-ADDRESS:NN [json]",
1848 "Display VPN NLRI specific information\n"
1849 "Display information for a route distinguisher\n"
1850 "VPN Route Distinguisher\n"
1853 #ifdef KEEP_OLD_VPN_COMMANDS
1854 DEFUN (show_ip_bgp_vpn_rd
,
1855 show_ip_bgp_vpn_rd_cmd
,
1856 "show ip bgp "BGP_AFI_CMD_STR
" vpn rd ASN:NN_OR_IP-ADDRESS:NN",
1861 "Address Family modifier\n"
1862 "Display information for a route distinguisher\n"
1863 "VPN Route Distinguisher\n")
1865 int idx_ext_community
= argc
- 1;
1867 struct prefix_rd prd
;
1871 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
)) {
1872 ret
= str2prefix_rd(argv
[idx_ext_community
]->arg
, &prd
);
1874 vty_out(vty
, "%% Malformed Route Distinguisher\n");
1877 return bgp_show_mpls_vpn(vty
, afi
, &prd
, bgp_show_type_normal
,
1883 DEFUN (show_ip_bgp_vpn_all
,
1884 show_ip_bgp_vpn_all_cmd
,
1885 "show [ip] bgp <vpnv4|vpnv6>",
1894 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
))
1895 return bgp_show_mpls_vpn(vty
, afi
, NULL
, bgp_show_type_normal
,
1900 DEFUN (show_ip_bgp_vpn_all_tags
,
1901 show_ip_bgp_vpn_all_tags_cmd
,
1902 "show [ip] bgp <vpnv4|vpnv6> all tags",
1907 "Display information about all VPNv4/VPNV6 NLRIs\n"
1908 "Display BGP tags for prefixes\n")
1913 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
))
1914 return bgp_show_mpls_vpn(vty
, afi
, NULL
, bgp_show_type_normal
,
1919 DEFUN (show_ip_bgp_vpn_rd_tags
,
1920 show_ip_bgp_vpn_rd_tags_cmd
,
1921 "show [ip] bgp <vpnv4|vpnv6> rd ASN:NN_OR_IP-ADDRESS:NN tags",
1926 "Display information for a route distinguisher\n"
1927 "VPN Route Distinguisher\n"
1928 "Display BGP tags for prefixes\n")
1930 int idx_ext_community
= 5;
1932 struct prefix_rd prd
;
1936 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
)) {
1937 ret
= str2prefix_rd(argv
[idx_ext_community
]->arg
, &prd
);
1939 vty_out(vty
, "%% Malformed Route Distinguisher\n");
1942 return bgp_show_mpls_vpn(vty
, afi
, &prd
, bgp_show_type_normal
,
1948 DEFUN (show_ip_bgp_vpn_all_neighbor_routes
,
1949 show_ip_bgp_vpn_all_neighbor_routes_cmd
,
1950 "show [ip] bgp <vpnv4|vpnv6> all neighbors A.B.C.D routes [json]",
1955 "Display information about all VPNv4/VPNv6 NLRIs\n"
1956 "Detailed information on TCP and BGP neighbor connections\n"
1957 "Neighbor to display information about\n"
1958 "Display routes learned from neighbor\n"
1965 bool uj
= use_json(argc
, argv
);
1969 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
)) {
1970 ret
= str2sockunion(argv
[idx_ipv4
]->arg
, &su
);
1973 json_object
*json_no
= NULL
;
1974 json_no
= json_object_new_object();
1975 json_object_string_add(json_no
, "warning",
1976 "Malformed address");
1977 vty_out(vty
, "%s\n",
1978 json_object_to_json_string(json_no
));
1979 json_object_free(json_no
);
1981 vty_out(vty
, "Malformed address: %s\n",
1982 argv
[idx_ipv4
]->arg
);
1986 peer
= peer_lookup(NULL
, &su
);
1987 if (!peer
|| !peer
->afc
[afi
][SAFI_MPLS_VPN
]) {
1989 json_object
*json_no
= NULL
;
1990 json_no
= json_object_new_object();
1991 json_object_string_add(
1993 "No such neighbor or address family");
1994 vty_out(vty
, "%s\n",
1995 json_object_to_json_string(json_no
));
1996 json_object_free(json_no
);
1999 "%% No such neighbor or address family\n");
2003 return bgp_show_mpls_vpn(vty
, afi
, NULL
, bgp_show_type_neighbor
,
2009 DEFUN (show_ip_bgp_vpn_rd_neighbor_routes
,
2010 show_ip_bgp_vpn_rd_neighbor_routes_cmd
,
2011 "show [ip] bgp <vpnv4|vpnv6> rd ASN:NN_OR_IP-ADDRESS:NN neighbors A.B.C.D routes [json]",
2016 "Display information for a route distinguisher\n"
2017 "VPN Route Distinguisher\n"
2018 "Detailed information on TCP and BGP neighbor connections\n"
2019 "Neighbor to display information about\n"
2020 "Display routes learned from neighbor\n"
2023 int idx_ext_community
= 5;
2028 struct prefix_rd prd
;
2029 bool uj
= use_json(argc
, argv
);
2033 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
)) {
2034 ret
= str2prefix_rd(argv
[idx_ext_community
]->arg
, &prd
);
2037 json_object
*json_no
= NULL
;
2038 json_no
= json_object_new_object();
2039 json_object_string_add(
2041 "Malformed Route Distinguisher");
2042 vty_out(vty
, "%s\n",
2043 json_object_to_json_string(json_no
));
2044 json_object_free(json_no
);
2047 "%% Malformed Route Distinguisher\n");
2051 ret
= str2sockunion(argv
[idx_ipv4
]->arg
, &su
);
2054 json_object
*json_no
= NULL
;
2055 json_no
= json_object_new_object();
2056 json_object_string_add(json_no
, "warning",
2057 "Malformed address");
2058 vty_out(vty
, "%s\n",
2059 json_object_to_json_string(json_no
));
2060 json_object_free(json_no
);
2062 vty_out(vty
, "Malformed address: %s\n",
2063 argv
[idx_ext_community
]->arg
);
2067 peer
= peer_lookup(NULL
, &su
);
2068 if (!peer
|| !peer
->afc
[afi
][SAFI_MPLS_VPN
]) {
2070 json_object
*json_no
= NULL
;
2071 json_no
= json_object_new_object();
2072 json_object_string_add(
2074 "No such neighbor or address family");
2075 vty_out(vty
, "%s\n",
2076 json_object_to_json_string(json_no
));
2077 json_object_free(json_no
);
2080 "%% No such neighbor or address family\n");
2084 return bgp_show_mpls_vpn(vty
, afi
, &prd
, bgp_show_type_neighbor
,
2090 DEFUN (show_ip_bgp_vpn_all_neighbor_advertised_routes
,
2091 show_ip_bgp_vpn_all_neighbor_advertised_routes_cmd
,
2092 "show [ip] bgp <vpnv4|vpnv6> all neighbors A.B.C.D advertised-routes [json]",
2097 "Display information about all VPNv4/VPNv6 NLRIs\n"
2098 "Detailed information on TCP and BGP neighbor connections\n"
2099 "Neighbor to display information about\n"
2100 "Display the routes advertised to a BGP neighbor\n"
2107 bool uj
= use_json(argc
, argv
);
2111 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
)) {
2112 ret
= str2sockunion(argv
[idx_ipv4
]->arg
, &su
);
2115 json_object
*json_no
= NULL
;
2116 json_no
= json_object_new_object();
2117 json_object_string_add(json_no
, "warning",
2118 "Malformed address");
2119 vty_out(vty
, "%s\n",
2120 json_object_to_json_string(json_no
));
2121 json_object_free(json_no
);
2123 vty_out(vty
, "Malformed address: %s\n",
2124 argv
[idx_ipv4
]->arg
);
2127 peer
= peer_lookup(NULL
, &su
);
2128 if (!peer
|| !peer
->afc
[afi
][SAFI_MPLS_VPN
]) {
2130 json_object
*json_no
= NULL
;
2131 json_no
= json_object_new_object();
2132 json_object_string_add(
2134 "No such neighbor or address family");
2135 vty_out(vty
, "%s\n",
2136 json_object_to_json_string(json_no
));
2137 json_object_free(json_no
);
2140 "%% No such neighbor or address family\n");
2143 return show_adj_route_vpn(vty
, peer
, NULL
, AFI_IP
,
2149 DEFUN (show_ip_bgp_vpn_rd_neighbor_advertised_routes
,
2150 show_ip_bgp_vpn_rd_neighbor_advertised_routes_cmd
,
2151 "show [ip] bgp <vpnv4|vpnv6> rd ASN:NN_OR_IP-ADDRESS:NN neighbors A.B.C.D advertised-routes [json]",
2156 "Display information for a route distinguisher\n"
2157 "VPN Route Distinguisher\n"
2158 "Detailed information on TCP and BGP neighbor connections\n"
2159 "Neighbor to display information about\n"
2160 "Display the routes advertised to a BGP neighbor\n"
2163 int idx_ext_community
= 5;
2167 struct prefix_rd prd
;
2169 bool uj
= use_json(argc
, argv
);
2173 if (argv_find_and_parse_vpnvx(argv
, argc
, &idx
, &afi
)) {
2174 ret
= str2sockunion(argv
[idx_ipv4
]->arg
, &su
);
2177 json_object
*json_no
= NULL
;
2178 json_no
= json_object_new_object();
2179 json_object_string_add(json_no
, "warning",
2180 "Malformed address");
2181 vty_out(vty
, "%s\n",
2182 json_object_to_json_string(json_no
));
2183 json_object_free(json_no
);
2185 vty_out(vty
, "Malformed address: %s\n",
2186 argv
[idx_ext_community
]->arg
);
2189 peer
= peer_lookup(NULL
, &su
);
2190 if (!peer
|| !peer
->afc
[afi
][SAFI_MPLS_VPN
]) {
2192 json_object
*json_no
= NULL
;
2193 json_no
= json_object_new_object();
2194 json_object_string_add(
2196 "No such neighbor or address family");
2197 vty_out(vty
, "%s\n",
2198 json_object_to_json_string(json_no
));
2199 json_object_free(json_no
);
2202 "%% No such neighbor or address family\n");
2206 ret
= str2prefix_rd(argv
[idx_ext_community
]->arg
, &prd
);
2209 json_object
*json_no
= NULL
;
2210 json_no
= json_object_new_object();
2211 json_object_string_add(
2213 "Malformed Route Distinguisher");
2214 vty_out(vty
, "%s\n",
2215 json_object_to_json_string(json_no
));
2216 json_object_free(json_no
);
2219 "%% Malformed Route Distinguisher\n");
2223 return show_adj_route_vpn(vty
, peer
, &prd
, AFI_IP
,
2228 #endif /* KEEP_OLD_VPN_COMMANDS */
2230 void bgp_mplsvpn_init(void)
2232 install_element(BGP_VPNV4_NODE
, &vpnv4_network_cmd
);
2233 install_element(BGP_VPNV4_NODE
, &vpnv4_network_route_map_cmd
);
2234 install_element(BGP_VPNV4_NODE
, &no_vpnv4_network_cmd
);
2236 install_element(BGP_VPNV6_NODE
, &vpnv6_network_cmd
);
2237 install_element(BGP_VPNV6_NODE
, &no_vpnv6_network_cmd
);
2239 install_element(VIEW_NODE
, &show_bgp_ip_vpn_all_rd_cmd
);
2240 install_element(VIEW_NODE
, &show_bgp_ip_vpn_rd_cmd
);
2241 #ifdef KEEP_OLD_VPN_COMMANDS
2242 install_element(VIEW_NODE
, &show_ip_bgp_vpn_rd_cmd
);
2243 install_element(VIEW_NODE
, &show_ip_bgp_vpn_all_cmd
);
2244 install_element(VIEW_NODE
, &show_ip_bgp_vpn_all_tags_cmd
);
2245 install_element(VIEW_NODE
, &show_ip_bgp_vpn_rd_tags_cmd
);
2246 install_element(VIEW_NODE
, &show_ip_bgp_vpn_all_neighbor_routes_cmd
);
2247 install_element(VIEW_NODE
, &show_ip_bgp_vpn_rd_neighbor_routes_cmd
);
2248 install_element(VIEW_NODE
,
2249 &show_ip_bgp_vpn_all_neighbor_advertised_routes_cmd
);
2250 install_element(VIEW_NODE
,
2251 &show_ip_bgp_vpn_rd_neighbor_advertised_routes_cmd
);
2252 #endif /* KEEP_OLD_VPN_COMMANDS */
2255 vrf_id_t
get_first_vrf_for_redirect_with_rt(struct ecommunity
*eckey
)
2257 struct listnode
*mnode
, *mnnode
;
2260 for (ALL_LIST_ELEMENTS(bm
->bgp
, mnode
, mnnode
, bgp
)) {
2261 struct ecommunity
*ec
;
2263 if (bgp
->inst_type
!= BGP_INSTANCE_TYPE_VRF
)
2266 ec
= bgp
->vpn_policy
[AFI_IP
].import_redirect_rtlist
;
2268 if (ecom_intersect(ec
, eckey
))
2275 * The purpose of this function is to process leaks that were deferred
2276 * from earlier per-vrf configuration due to not-yet-existing default
2277 * vrf, in other words, configuration such as:
2279 * router bgp MMM vrf FOO
2280 * address-family ipv4 unicast
2282 * exit-address-family
2287 * This function gets called when the default instance ("router bgp NNN")
2290 void vpn_leak_postchange_all(void)
2292 struct listnode
*next
;
2294 struct bgp
*bgp_default
= bgp_get_default();
2296 assert(bgp_default
);
2298 /* First, do any exporting from VRFs to the single VPN RIB */
2299 for (ALL_LIST_ELEMENTS_RO(bm
->bgp
, next
, bgp
)) {
2301 if (bgp
->inst_type
!= BGP_INSTANCE_TYPE_VRF
)
2304 vpn_leak_postchange(
2305 BGP_VPN_POLICY_DIR_TOVPN
,
2310 vpn_leak_postchange(
2311 BGP_VPN_POLICY_DIR_TOVPN
,
2317 /* Now, do any importing to VRFs from the single VPN RIB */
2318 for (ALL_LIST_ELEMENTS_RO(bm
->bgp
, next
, bgp
)) {
2320 if (bgp
->inst_type
!= BGP_INSTANCE_TYPE_VRF
)
2323 vpn_leak_postchange(
2324 BGP_VPN_POLICY_DIR_FROMVPN
,
2329 vpn_leak_postchange(
2330 BGP_VPN_POLICY_DIR_FROMVPN
,