]> git.proxmox.com Git - mirror_frr.git/blob - lib/vrf.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #6279 from opensourcerouting/nb-cb-args
[mirror_frr.git] / lib / vrf.c
1 /*
2 * VRF functions.
3 * Copyright (C) 2014 6WIND S.A.
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published
9 * by the Free Software Foundation; either version 2, or (at your
10 * option) any later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 /* for basename */
25 #include <libgen.h>
26
27 #include "if.h"
28 #include "vrf.h"
29 #include "vrf_int.h"
30 #include "prefix.h"
31 #include "table.h"
32 #include "log.h"
33 #include "memory.h"
34 #include "command.h"
35 #include "ns.h"
36 #include "privs.h"
37 #include "nexthop_group.h"
38 #include "lib_errors.h"
39 #include "northbound.h"
40 #include "northbound_cli.h"
41
42 /* default VRF ID value used when VRF backend is not NETNS */
43 #define VRF_DEFAULT_INTERNAL 0
44 #define VRF_DEFAULT_NAME_INTERNAL "default"
45
46 DEFINE_MTYPE_STATIC(LIB, VRF, "VRF")
47 DEFINE_MTYPE_STATIC(LIB, VRF_BITMAP, "VRF bit-map")
48
49 DEFINE_QOBJ_TYPE(vrf)
50
51 static __inline int vrf_id_compare(const struct vrf *, const struct vrf *);
52 static __inline int vrf_name_compare(const struct vrf *, const struct vrf *);
53
54 RB_GENERATE(vrf_id_head, vrf, id_entry, vrf_id_compare);
55 RB_GENERATE(vrf_name_head, vrf, name_entry, vrf_name_compare);
56
57 struct vrf_id_head vrfs_by_id = RB_INITIALIZER(&vrfs_by_id);
58 struct vrf_name_head vrfs_by_name = RB_INITIALIZER(&vrfs_by_name);
59
60 static int vrf_backend;
61 static int vrf_backend_configured;
62 static struct zebra_privs_t *vrf_daemon_privs;
63 static char vrf_default_name[VRF_NAMSIZ] = VRF_DEFAULT_NAME_INTERNAL;
64
65 /*
66 * Turn on/off debug code
67 * for vrf.
68 */
69 static int debug_vrf = 0;
70
71 /* Holding VRF hooks */
72 static struct vrf_master {
73 int (*vrf_new_hook)(struct vrf *);
74 int (*vrf_delete_hook)(struct vrf *);
75 int (*vrf_enable_hook)(struct vrf *);
76 int (*vrf_disable_hook)(struct vrf *);
77 int (*vrf_update_name_hook)(struct vrf *vrf);
78 } vrf_master = {
79 0,
80 };
81
82 static int vrf_is_enabled(struct vrf *vrf);
83
84 /* VRF list existance check by name. */
85 struct vrf *vrf_lookup_by_name(const char *name)
86 {
87 struct vrf vrf;
88 strlcpy(vrf.name, name, sizeof(vrf.name));
89 return (RB_FIND(vrf_name_head, &vrfs_by_name, &vrf));
90 }
91
92 static __inline int vrf_id_compare(const struct vrf *a, const struct vrf *b)
93 {
94 return (a->vrf_id - b->vrf_id);
95 }
96
97 static int vrf_name_compare(const struct vrf *a, const struct vrf *b)
98 {
99 return strcmp(a->name, b->name);
100 }
101
102 /* if ns_id is different and not VRF_UNKNOWN,
103 * then update vrf identifier, and enable VRF
104 */
105 static void vrf_update_vrf_id(ns_id_t ns_id, void *opaqueptr)
106 {
107 ns_id_t vrf_id = (vrf_id_t)ns_id;
108 vrf_id_t old_vrf_id;
109 struct vrf *vrf = (struct vrf *)opaqueptr;
110
111 if (!vrf)
112 return;
113 old_vrf_id = vrf->vrf_id;
114 if (vrf_id == vrf->vrf_id)
115 return;
116 if (vrf->vrf_id != VRF_UNKNOWN)
117 RB_REMOVE(vrf_id_head, &vrfs_by_id, vrf);
118 vrf->vrf_id = vrf_id;
119 RB_INSERT(vrf_id_head, &vrfs_by_id, vrf);
120 if (old_vrf_id == VRF_UNKNOWN)
121 vrf_enable(vrf);
122 }
123
124 int vrf_switch_to_netns(vrf_id_t vrf_id)
125 {
126 char *name;
127 struct vrf *vrf = vrf_lookup_by_id(vrf_id);
128
129 /* VRF is default VRF. silently ignore */
130 if (!vrf || vrf->vrf_id == VRF_DEFAULT)
131 return 1; /* 1 = default */
132 /* VRF has no NETNS backend. silently ignore */
133 if (vrf->data.l.netns_name[0] == '\0')
134 return 2; /* 2 = no netns */
135 name = ns_netns_pathname(NULL, vrf->data.l.netns_name);
136 if (debug_vrf)
137 zlog_debug("VRF_SWITCH: %s(%u)", name, vrf->vrf_id);
138 return ns_switch_to_netns(name);
139 }
140
141 int vrf_switchback_to_initial(void)
142 {
143 int ret = ns_switchback_to_initial();
144
145 if (ret == 0 && debug_vrf)
146 zlog_debug("VRF_SWITCHBACK");
147 return ret;
148 }
149
150 /* Get a VRF. If not found, create one.
151 * Arg:
152 * name - The name of the vrf. May be NULL if unknown.
153 * vrf_id - The vrf_id of the vrf. May be VRF_UNKNOWN if unknown
154 * Description: Please note that this routine can be called with just the name
155 * and 0 vrf-id
156 */
157 struct vrf *vrf_get(vrf_id_t vrf_id, const char *name)
158 {
159 struct vrf *vrf = NULL;
160 int new = 0;
161
162 if (debug_vrf)
163 zlog_debug("VRF_GET: %s(%u)", name == NULL ? "(NULL)" : name,
164 vrf_id);
165
166 /* Nothing to see, move along here */
167 if (!name && vrf_id == VRF_UNKNOWN)
168 return NULL;
169
170 /* attempt to find already available VRF
171 */
172 if (name)
173 vrf = vrf_lookup_by_name(name);
174 if (vrf && vrf_id != VRF_UNKNOWN
175 && vrf->vrf_id != VRF_UNKNOWN
176 && vrf->vrf_id != vrf_id) {
177 zlog_debug("VRF_GET: avoid %s creation(%u), same name exists (%u)",
178 name, vrf_id, vrf->vrf_id);
179 return NULL;
180 }
181 /* Try to find VRF both by ID and name */
182 if (!vrf && vrf_id != VRF_UNKNOWN)
183 vrf = vrf_lookup_by_id(vrf_id);
184
185 if (vrf == NULL) {
186 vrf = XCALLOC(MTYPE_VRF, sizeof(struct vrf));
187 vrf->vrf_id = VRF_UNKNOWN;
188 QOBJ_REG(vrf, vrf);
189 new = 1;
190
191 if (debug_vrf)
192 zlog_debug("VRF(%u) %s is created.", vrf_id,
193 (name) ? name : "(NULL)");
194 }
195
196 /* Set identifier */
197 if (vrf_id != VRF_UNKNOWN && vrf->vrf_id == VRF_UNKNOWN) {
198 vrf->vrf_id = vrf_id;
199 RB_INSERT(vrf_id_head, &vrfs_by_id, vrf);
200 }
201
202 /* Set name */
203 if (name && vrf->name[0] != '\0' && strcmp(name, vrf->name)) {
204 /* update the vrf name */
205 RB_REMOVE(vrf_name_head, &vrfs_by_name, vrf);
206 strlcpy(vrf->data.l.netns_name,
207 name, NS_NAMSIZ);
208 strlcpy(vrf->name, name, sizeof(vrf->name));
209 RB_INSERT(vrf_name_head, &vrfs_by_name, vrf);
210 if (vrf->vrf_id == VRF_DEFAULT)
211 vrf_set_default_name(vrf->name, false);
212 } else if (name && vrf->name[0] == '\0') {
213 strlcpy(vrf->name, name, sizeof(vrf->name));
214 RB_INSERT(vrf_name_head, &vrfs_by_name, vrf);
215 }
216 if (new &&vrf_master.vrf_new_hook)
217 (*vrf_master.vrf_new_hook)(vrf);
218
219 return vrf;
220 }
221
222 /* Delete a VRF. This is called when the underlying VRF goes away, a
223 * pre-configured VRF is deleted or when shutting down (vrf_terminate()).
224 */
225 void vrf_delete(struct vrf *vrf)
226 {
227 if (debug_vrf)
228 zlog_debug("VRF %u is to be deleted.", vrf->vrf_id);
229
230 if (vrf_is_enabled(vrf))
231 vrf_disable(vrf);
232
233 /* If the VRF is user configured, it'll stick around, just remove
234 * the ID mapping. Interfaces assigned to this VRF should've been
235 * removed already as part of the VRF going down.
236 */
237 if (vrf_is_user_cfged(vrf)) {
238 if (vrf->vrf_id != VRF_UNKNOWN) {
239 /* Delete any VRF interfaces - should be only
240 * the VRF itself, other interfaces should've
241 * been moved out of the VRF.
242 */
243 if_terminate(vrf);
244 RB_REMOVE(vrf_id_head, &vrfs_by_id, vrf);
245 vrf->vrf_id = VRF_UNKNOWN;
246 }
247 return;
248 }
249
250 if (vrf_master.vrf_delete_hook)
251 (*vrf_master.vrf_delete_hook)(vrf);
252
253 QOBJ_UNREG(vrf);
254 if_terminate(vrf);
255
256 if (vrf->vrf_id != VRF_UNKNOWN)
257 RB_REMOVE(vrf_id_head, &vrfs_by_id, vrf);
258 if (vrf->name[0] != '\0')
259 RB_REMOVE(vrf_name_head, &vrfs_by_name, vrf);
260
261 XFREE(MTYPE_VRF, vrf);
262 }
263
264 /* Look up a VRF by identifier. */
265 struct vrf *vrf_lookup_by_id(vrf_id_t vrf_id)
266 {
267 struct vrf vrf;
268 vrf.vrf_id = vrf_id;
269 return (RB_FIND(vrf_id_head, &vrfs_by_id, &vrf));
270 }
271
272 /*
273 * Enable a VRF - that is, let the VRF be ready to use.
274 * The VRF_ENABLE_HOOK callback will be called to inform
275 * that they can allocate resources in this VRF.
276 *
277 * RETURN: 1 - enabled successfully; otherwise, 0.
278 */
279 int vrf_enable(struct vrf *vrf)
280 {
281 if (vrf_is_enabled(vrf))
282 return 1;
283
284 if (debug_vrf)
285 zlog_debug("VRF %u is enabled.", vrf->vrf_id);
286
287 SET_FLAG(vrf->status, VRF_ACTIVE);
288
289 if (vrf_master.vrf_enable_hook)
290 (*vrf_master.vrf_enable_hook)(vrf);
291
292 /*
293 * If we have any nexthop group entries that
294 * are awaiting vrf initialization then
295 * let's let people know about it
296 */
297 nexthop_group_enable_vrf(vrf);
298
299 return 1;
300 }
301
302 /*
303 * Disable a VRF - that is, let the VRF be unusable.
304 * The VRF_DELETE_HOOK callback will be called to inform
305 * that they must release the resources in the VRF.
306 */
307 void vrf_disable(struct vrf *vrf)
308 {
309 if (!vrf_is_enabled(vrf))
310 return;
311
312 UNSET_FLAG(vrf->status, VRF_ACTIVE);
313
314 if (debug_vrf)
315 zlog_debug("VRF %u is to be disabled.", vrf->vrf_id);
316
317 /* Till now, nothing to be done for the default VRF. */
318 // Pending: see why this statement.
319
320 if (vrf_master.vrf_disable_hook)
321 (*vrf_master.vrf_disable_hook)(vrf);
322 }
323
324 const char *vrf_id_to_name(vrf_id_t vrf_id)
325 {
326 struct vrf *vrf;
327
328 vrf = vrf_lookup_by_id(vrf_id);
329 return VRF_LOGNAME(vrf);
330 }
331
332 vrf_id_t vrf_name_to_id(const char *name)
333 {
334 struct vrf *vrf;
335 vrf_id_t vrf_id = VRF_DEFAULT; // Pending: need a way to return invalid
336 // id/ routine not used.
337
338 if (!name)
339 return vrf_id;
340 vrf = vrf_lookup_by_name(name);
341 if (vrf)
342 vrf_id = vrf->vrf_id;
343
344 return vrf_id;
345 }
346
347 /* Get the data pointer of the specified VRF. If not found, create one. */
348 void *vrf_info_get(vrf_id_t vrf_id)
349 {
350 struct vrf *vrf = vrf_get(vrf_id, NULL);
351 return vrf->info;
352 }
353
354 /* Look up the data pointer of the specified VRF. */
355 void *vrf_info_lookup(vrf_id_t vrf_id)
356 {
357 struct vrf *vrf = vrf_lookup_by_id(vrf_id);
358 return vrf ? vrf->info : NULL;
359 }
360
361 /*
362 * VRF hash for storing set or not.
363 */
364 struct vrf_bit_set {
365 vrf_id_t vrf_id;
366 bool set;
367 };
368
369 static unsigned int vrf_hash_bitmap_key(const void *data)
370 {
371 const struct vrf_bit_set *bit = data;
372
373 return bit->vrf_id;
374 }
375
376 static bool vrf_hash_bitmap_cmp(const void *a, const void *b)
377 {
378 const struct vrf_bit_set *bit1 = a;
379 const struct vrf_bit_set *bit2 = b;
380
381 return bit1->vrf_id == bit2->vrf_id;
382 }
383
384 static void *vrf_hash_bitmap_alloc(void *data)
385 {
386 struct vrf_bit_set *copy = data;
387 struct vrf_bit_set *bit;
388
389 bit = XMALLOC(MTYPE_VRF_BITMAP, sizeof(*bit));
390 bit->vrf_id = copy->vrf_id;
391
392 return bit;
393 }
394
395 static void vrf_hash_bitmap_free(void *data)
396 {
397 struct vrf_bit_set *bit = data;
398
399 XFREE(MTYPE_VRF_BITMAP, bit);
400 }
401
402 vrf_bitmap_t vrf_bitmap_init(void)
403 {
404 return hash_create_size(32, vrf_hash_bitmap_key, vrf_hash_bitmap_cmp,
405 "VRF BIT HASH");
406 }
407
408 void vrf_bitmap_free(vrf_bitmap_t bmap)
409 {
410 struct hash *vrf_hash = bmap;
411
412 if (vrf_hash == NULL)
413 return;
414
415 hash_clean(vrf_hash, vrf_hash_bitmap_free);
416 hash_free(vrf_hash);
417 }
418
419 void vrf_bitmap_set(vrf_bitmap_t bmap, vrf_id_t vrf_id)
420 {
421 struct vrf_bit_set lookup = { .vrf_id = vrf_id };
422 struct hash *vrf_hash = bmap;
423 struct vrf_bit_set *bit;
424
425 if (vrf_hash == NULL || vrf_id == VRF_UNKNOWN)
426 return;
427
428 bit = hash_get(vrf_hash, &lookup, vrf_hash_bitmap_alloc);
429 bit->set = true;
430 }
431
432 void vrf_bitmap_unset(vrf_bitmap_t bmap, vrf_id_t vrf_id)
433 {
434 struct vrf_bit_set lookup = { .vrf_id = vrf_id };
435 struct hash *vrf_hash = bmap;
436 struct vrf_bit_set *bit;
437
438 if (vrf_hash == NULL || vrf_id == VRF_UNKNOWN)
439 return;
440
441 bit = hash_get(vrf_hash, &lookup, vrf_hash_bitmap_alloc);
442 bit->set = false;
443 }
444
445 int vrf_bitmap_check(vrf_bitmap_t bmap, vrf_id_t vrf_id)
446 {
447 struct vrf_bit_set lookup = { .vrf_id = vrf_id };
448 struct hash *vrf_hash = bmap;
449 struct vrf_bit_set *bit;
450
451 if (vrf_hash == NULL || vrf_id == VRF_UNKNOWN)
452 return 0;
453
454 bit = hash_lookup(vrf_hash, &lookup);
455 if (bit)
456 return bit->set;
457
458 return 0;
459 }
460
461 static void vrf_autocomplete(vector comps, struct cmd_token *token)
462 {
463 struct vrf *vrf = NULL;
464
465 RB_FOREACH (vrf, vrf_name_head, &vrfs_by_name)
466 vector_set(comps, XSTRDUP(MTYPE_COMPLETION, vrf->name));
467 }
468
469 static const struct cmd_variable_handler vrf_var_handlers[] = {
470 {
471 .varname = "vrf",
472 .completions = vrf_autocomplete,
473 },
474 {
475 .varname = "vrf_name",
476 .completions = vrf_autocomplete,
477 },
478 {
479 .varname = "nexthop_vrf",
480 .completions = vrf_autocomplete,
481 },
482 {.completions = NULL},
483 };
484
485 /* Initialize VRF module. */
486 void vrf_init(int (*create)(struct vrf *), int (*enable)(struct vrf *),
487 int (*disable)(struct vrf *), int (*destroy)(struct vrf *),
488 int ((*update)(struct vrf *)))
489 {
490 struct vrf *default_vrf;
491
492 /* initialise NS, in case VRF backend if NETNS */
493 ns_init();
494 if (debug_vrf)
495 zlog_debug("%s: Initializing VRF subsystem", __func__);
496
497 vrf_master.vrf_new_hook = create;
498 vrf_master.vrf_enable_hook = enable;
499 vrf_master.vrf_disable_hook = disable;
500 vrf_master.vrf_delete_hook = destroy;
501 vrf_master.vrf_update_name_hook = update;
502
503 /* The default VRF always exists. */
504 default_vrf = vrf_get(VRF_DEFAULT, VRF_DEFAULT_NAME);
505 if (!default_vrf) {
506 flog_err(EC_LIB_VRF_START,
507 "vrf_init: failed to create the default VRF!");
508 exit(1);
509 }
510 if (vrf_is_backend_netns()) {
511 struct ns *ns;
512
513 strlcpy(default_vrf->data.l.netns_name,
514 VRF_DEFAULT_NAME, NS_NAMSIZ);
515 ns = ns_lookup(ns_get_default_id());
516 ns->vrf_ctxt = default_vrf;
517 default_vrf->ns_ctxt = ns;
518 }
519
520 /* Enable the default VRF. */
521 if (!vrf_enable(default_vrf)) {
522 flog_err(EC_LIB_VRF_START,
523 "vrf_init: failed to enable the default VRF!");
524 exit(1);
525 }
526
527 cmd_variable_handler_register(vrf_var_handlers);
528 }
529
530 /* Terminate VRF module. */
531 void vrf_terminate(void)
532 {
533 struct vrf *vrf;
534
535 if (debug_vrf)
536 zlog_debug("%s: Shutting down vrf subsystem", __func__);
537
538 while (!RB_EMPTY(vrf_id_head, &vrfs_by_id)) {
539 vrf = RB_ROOT(vrf_id_head, &vrfs_by_id);
540
541 /* Clear configured flag and invoke delete. */
542 UNSET_FLAG(vrf->status, VRF_CONFIGURED);
543 vrf_delete(vrf);
544 }
545
546 while (!RB_EMPTY(vrf_name_head, &vrfs_by_name)) {
547 vrf = RB_ROOT(vrf_name_head, &vrfs_by_name);
548
549 /* Clear configured flag and invoke delete. */
550 UNSET_FLAG(vrf->status, VRF_CONFIGURED);
551 vrf_delete(vrf);
552 }
553 }
554
555 int vrf_socket(int domain, int type, int protocol, vrf_id_t vrf_id,
556 const char *interfacename)
557 {
558 int ret, save_errno, ret2;
559
560 ret = vrf_switch_to_netns(vrf_id);
561 if (ret < 0)
562 flog_err_sys(EC_LIB_SOCKET, "%s: Can't switch to VRF %u (%s)",
563 __func__, vrf_id, safe_strerror(errno));
564
565 ret = socket(domain, type, protocol);
566 save_errno = errno;
567 ret2 = vrf_switchback_to_initial();
568 if (ret2 < 0)
569 flog_err_sys(EC_LIB_SOCKET,
570 "%s: Can't switchback from VRF %u (%s)", __func__,
571 vrf_id, safe_strerror(errno));
572 errno = save_errno;
573 if (ret <= 0)
574 return ret;
575 ret2 = vrf_bind(vrf_id, ret, interfacename);
576 if (ret2 < 0) {
577 close(ret);
578 ret = ret2;
579 }
580 return ret;
581 }
582
583 int vrf_is_backend_netns(void)
584 {
585 return (vrf_backend == VRF_BACKEND_NETNS);
586 }
587
588 int vrf_get_backend(void)
589 {
590 if (!vrf_backend_configured)
591 return VRF_BACKEND_UNKNOWN;
592 return vrf_backend;
593 }
594
595 int vrf_configure_backend(enum vrf_backend_type backend)
596 {
597 /* Work around issue in old gcc */
598 switch (backend) {
599 case VRF_BACKEND_UNKNOWN:
600 case VRF_BACKEND_NETNS:
601 case VRF_BACKEND_VRF_LITE:
602 break;
603 default:
604 return -1;
605 }
606
607 vrf_backend = backend;
608 vrf_backend_configured = 1;
609
610 return 0;
611 }
612
613 int vrf_handler_create(struct vty *vty, const char *vrfname,
614 struct vrf **vrf)
615 {
616 struct vrf *vrfp;
617 char xpath_list[XPATH_MAXLEN];
618 int ret;
619
620 if (strlen(vrfname) > VRF_NAMSIZ) {
621 if (vty)
622 vty_out(vty,
623 "%% VRF name %s invalid: length exceeds %d bytes\n",
624 vrfname, VRF_NAMSIZ);
625 else
626 flog_warn(
627 EC_LIB_VRF_LENGTH,
628 "%% VRF name %s invalid: length exceeds %d bytes\n",
629 vrfname, VRF_NAMSIZ);
630 return CMD_WARNING_CONFIG_FAILED;
631 }
632
633 if (vty) {
634 snprintf(xpath_list, sizeof(xpath_list),
635 "/frr-vrf:lib/vrf[name='%s']", vrfname);
636
637 nb_cli_enqueue_change(vty, xpath_list, NB_OP_CREATE, NULL);
638 ret = nb_cli_apply_changes(vty, xpath_list);
639 if (ret == CMD_SUCCESS) {
640 VTY_PUSH_XPATH(VRF_NODE, xpath_list);
641 vrfp = vrf_lookup_by_name(vrfname);
642 if (vrfp)
643 VTY_PUSH_CONTEXT(VRF_NODE, vrfp);
644 }
645 } else {
646 vrfp = vrf_get(VRF_UNKNOWN, vrfname);
647
648 if (vrf)
649 *vrf = vrfp;
650 }
651 return CMD_SUCCESS;
652 }
653
654 int vrf_netns_handler_create(struct vty *vty, struct vrf *vrf, char *pathname,
655 ns_id_t ns_id, ns_id_t internal_ns_id)
656 {
657 struct ns *ns = NULL;
658
659 if (!vrf)
660 return CMD_WARNING_CONFIG_FAILED;
661 if (vrf->vrf_id != VRF_UNKNOWN && vrf->ns_ctxt == NULL) {
662 if (vty)
663 vty_out(vty,
664 "VRF %u is already configured with VRF %s\n",
665 vrf->vrf_id, vrf->name);
666 else
667 zlog_info("VRF %u is already configured with VRF %s",
668 vrf->vrf_id, vrf->name);
669 return CMD_WARNING_CONFIG_FAILED;
670 }
671 if (vrf->ns_ctxt != NULL) {
672 ns = (struct ns *)vrf->ns_ctxt;
673 if (!strcmp(ns->name, pathname)) {
674 if (vty)
675 vty_out(vty,
676 "VRF %u already configured with NETNS %s\n",
677 vrf->vrf_id, ns->name);
678 else
679 zlog_info(
680 "VRF %u already configured with NETNS %s",
681 vrf->vrf_id, ns->name);
682 return CMD_WARNING_CONFIG_FAILED;
683 }
684 }
685 ns = ns_lookup_name(pathname);
686 if (ns && ns->vrf_ctxt) {
687 struct vrf *vrf2 = (struct vrf *)ns->vrf_ctxt;
688
689 if (vrf2 == vrf)
690 return CMD_SUCCESS;
691 if (vty)
692 vty_out(vty,
693 "NS %s is already configured"
694 " with VRF %u(%s)\n",
695 ns->name, vrf2->vrf_id, vrf2->name);
696 else
697 zlog_info("NS %s is already configured with VRF %u(%s)",
698 ns->name, vrf2->vrf_id, vrf2->name);
699 return CMD_WARNING_CONFIG_FAILED;
700 }
701 ns = ns_get_created(ns, pathname, ns_id);
702 ns->internal_ns_id = internal_ns_id;
703 ns->vrf_ctxt = (void *)vrf;
704 vrf->ns_ctxt = (void *)ns;
705 /* update VRF netns NAME */
706 strlcpy(vrf->data.l.netns_name, basename(pathname), NS_NAMSIZ);
707
708 if (!ns_enable(ns, vrf_update_vrf_id)) {
709 if (vty)
710 vty_out(vty, "Can not associate NS %u with NETNS %s\n",
711 ns->ns_id, ns->name);
712 else
713 zlog_info("Can not associate NS %u with NETNS %s",
714 ns->ns_id, ns->name);
715 return CMD_WARNING_CONFIG_FAILED;
716 }
717
718 return CMD_SUCCESS;
719 }
720
721 /* vrf CLI commands */
722 DEFUN_NOSH(vrf_exit,
723 vrf_exit_cmd,
724 "exit-vrf",
725 "Exit current mode and down to previous mode\n")
726 {
727 /* We have to set vrf context to default vrf */
728 VTY_PUSH_CONTEXT(VRF_NODE, vrf_get(VRF_DEFAULT, VRF_DEFAULT_NAME));
729 vty->node = CONFIG_NODE;
730 return CMD_SUCCESS;
731 }
732
733 DEFUN_NOSH (vrf,
734 vrf_cmd,
735 "vrf NAME",
736 "Select a VRF to configure\n"
737 "VRF's name\n")
738 {
739 int idx_name = 1;
740 const char *vrfname = argv[idx_name]->arg;
741
742 return vrf_handler_create(vty, vrfname, NULL);
743 }
744
745 DEFUN (no_vrf,
746 no_vrf_cmd,
747 "no vrf NAME",
748 NO_STR
749 "Delete a pseudo VRF's configuration\n"
750 "VRF's name\n")
751 {
752 const char *vrfname = argv[2]->arg;
753 char xpath_list[XPATH_MAXLEN];
754
755 struct vrf *vrfp;
756
757 vrfp = vrf_lookup_by_name(vrfname);
758
759 if (vrfp == NULL) {
760 vty_out(vty, "%% VRF %s does not exist\n", vrfname);
761 return CMD_WARNING_CONFIG_FAILED;
762 }
763
764 if (CHECK_FLAG(vrfp->status, VRF_ACTIVE)) {
765 vty_out(vty, "%% Only inactive VRFs can be deleted\n");
766 return CMD_WARNING_CONFIG_FAILED;
767 }
768
769 snprintf(xpath_list, sizeof(xpath_list), "/frr-vrf:lib/vrf[name='%s']",
770 vrfname);
771
772 nb_cli_enqueue_change(vty, xpath_list, NB_OP_DESTROY, NULL);
773 return nb_cli_apply_changes(vty, xpath_list);
774 }
775
776
777 static struct cmd_node vrf_node = {
778 .name = "vrf",
779 .node = VRF_NODE,
780 .parent_node = CONFIG_NODE,
781 .prompt = "%s(config-vrf)# ",
782 };
783
784 DEFUN_NOSH (vrf_netns,
785 vrf_netns_cmd,
786 "netns NAME",
787 "Attach VRF to a Namespace\n"
788 "The file name in " NS_RUN_DIR ", or a full pathname\n")
789 {
790 int idx_name = 1, ret;
791 char *pathname = ns_netns_pathname(vty, argv[idx_name]->arg);
792
793 VTY_DECLVAR_CONTEXT(vrf, vrf);
794
795 if (!pathname)
796 return CMD_WARNING_CONFIG_FAILED;
797
798 frr_with_privs(vrf_daemon_privs) {
799 ret = vrf_netns_handler_create(vty, vrf, pathname,
800 NS_UNKNOWN, NS_UNKNOWN);
801 }
802 return ret;
803 }
804
805 DEFUN_NOSH (no_vrf_netns,
806 no_vrf_netns_cmd,
807 "no netns [NAME]",
808 NO_STR
809 "Detach VRF from a Namespace\n"
810 "The file name in " NS_RUN_DIR ", or a full pathname\n")
811 {
812 struct ns *ns = NULL;
813
814 VTY_DECLVAR_CONTEXT(vrf, vrf);
815
816 if (!vrf_is_backend_netns()) {
817 vty_out(vty, "VRF backend is not Netns. Aborting\n");
818 return CMD_WARNING_CONFIG_FAILED;
819 }
820 if (!vrf->ns_ctxt) {
821 vty_out(vty, "VRF %s(%u) is not configured with NetNS\n",
822 vrf->name, vrf->vrf_id);
823 return CMD_WARNING_CONFIG_FAILED;
824 }
825
826 ns = (struct ns *)vrf->ns_ctxt;
827
828 ns->vrf_ctxt = NULL;
829 vrf_disable(vrf);
830 /* vrf ID from VRF is necessary for Zebra
831 * so that propagate to other clients is done
832 */
833 ns_delete(ns);
834 vrf->ns_ctxt = NULL;
835 return CMD_SUCCESS;
836 }
837
838 /*
839 * Debug CLI for vrf's
840 */
841 DEFUN (vrf_debug,
842 vrf_debug_cmd,
843 "debug vrf",
844 DEBUG_STR
845 "VRF Debugging\n")
846 {
847 debug_vrf = 1;
848
849 return CMD_SUCCESS;
850 }
851
852 DEFUN (no_vrf_debug,
853 no_vrf_debug_cmd,
854 "no debug vrf",
855 NO_STR
856 DEBUG_STR
857 "VRF Debugging\n")
858 {
859 debug_vrf = 0;
860
861 return CMD_SUCCESS;
862 }
863
864 static int vrf_write_host(struct vty *vty)
865 {
866 if (debug_vrf)
867 vty_out(vty, "debug vrf\n");
868
869 return 1;
870 }
871
872 static int vrf_write_host(struct vty *vty);
873 static struct cmd_node vrf_debug_node = {
874 .name = "vrf debug",
875 .node = VRF_DEBUG_NODE,
876 .prompt = "",
877 .config_write = vrf_write_host,
878 };
879
880 void vrf_install_commands(void)
881 {
882 install_node(&vrf_debug_node);
883
884 install_element(CONFIG_NODE, &vrf_debug_cmd);
885 install_element(ENABLE_NODE, &vrf_debug_cmd);
886 install_element(CONFIG_NODE, &no_vrf_debug_cmd);
887 install_element(ENABLE_NODE, &no_vrf_debug_cmd);
888 }
889
890 void vrf_cmd_init(int (*writefunc)(struct vty *vty),
891 struct zebra_privs_t *daemon_privs)
892 {
893 install_element(CONFIG_NODE, &vrf_cmd);
894 install_element(CONFIG_NODE, &no_vrf_cmd);
895 vrf_node.config_write = writefunc;
896 install_node(&vrf_node);
897 install_default(VRF_NODE);
898 install_element(VRF_NODE, &vrf_exit_cmd);
899 if (vrf_is_backend_netns() && ns_have_netns()) {
900 /* Install NS commands. */
901 vrf_daemon_privs = daemon_privs;
902 install_element(VRF_NODE, &vrf_netns_cmd);
903 install_element(VRF_NODE, &no_vrf_netns_cmd);
904 }
905 }
906
907 void vrf_set_default_name(const char *default_name, bool force)
908 {
909 struct vrf *def_vrf;
910 static bool def_vrf_forced;
911
912 def_vrf = vrf_lookup_by_id(VRF_DEFAULT);
913 assert(default_name);
914 if (def_vrf && !force && def_vrf_forced) {
915 zlog_debug("VRF: %s, avoid changing name to %s, previously forced (%u)",
916 def_vrf->name, default_name,
917 def_vrf->vrf_id);
918 return;
919 }
920 if (strmatch(vrf_default_name, default_name))
921 return;
922 snprintf(vrf_default_name, VRF_NAMSIZ, "%s", default_name);
923 if (def_vrf) {
924 if (force)
925 def_vrf_forced = true;
926 RB_REMOVE(vrf_name_head, &vrfs_by_name, def_vrf);
927 strlcpy(def_vrf->data.l.netns_name,
928 vrf_default_name, NS_NAMSIZ);
929 strlcpy(def_vrf->name, vrf_default_name, sizeof(def_vrf->name));
930 RB_INSERT(vrf_name_head, &vrfs_by_name, def_vrf);
931 if (vrf_master.vrf_update_name_hook)
932 (*vrf_master.vrf_update_name_hook)(def_vrf);
933 }
934 }
935
936 const char *vrf_get_default_name(void)
937 {
938 return vrf_default_name;
939 }
940
941 vrf_id_t vrf_get_default_id(void)
942 {
943 /* backend netns is only known by zebra
944 * for other daemons, we return VRF_DEFAULT_INTERNAL
945 */
946 if (vrf_is_backend_netns())
947 return ns_get_default_id();
948 else
949 return VRF_DEFAULT_INTERNAL;
950 }
951
952 int vrf_bind(vrf_id_t vrf_id, int fd, const char *name)
953 {
954 int ret = 0;
955 struct interface *ifp;
956
957 if (fd < 0 || name == NULL)
958 return fd;
959 /* the device should exist
960 * otherwise we should return
961 * case ifname = vrf in netns mode => return
962 */
963 ifp = if_lookup_by_name(name, vrf_id);
964 if (!ifp)
965 return fd;
966 #ifdef SO_BINDTODEVICE
967 ret = setsockopt(fd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name)+1);
968 if (ret < 0)
969 zlog_debug("bind to interface %s failed, errno=%d", name,
970 errno);
971 #endif /* SO_BINDTODEVICE */
972 return ret;
973 }
974 int vrf_getaddrinfo(const char *node, const char *service,
975 const struct addrinfo *hints, struct addrinfo **res,
976 vrf_id_t vrf_id)
977 {
978 int ret, ret2, save_errno;
979
980 ret = vrf_switch_to_netns(vrf_id);
981 if (ret < 0)
982 flog_err_sys(EC_LIB_SOCKET, "%s: Can't switch to VRF %u (%s)",
983 __func__, vrf_id, safe_strerror(errno));
984 ret = getaddrinfo(node, service, hints, res);
985 save_errno = errno;
986 ret2 = vrf_switchback_to_initial();
987 if (ret2 < 0)
988 flog_err_sys(EC_LIB_SOCKET,
989 "%s: Can't switchback from VRF %u (%s)", __func__,
990 vrf_id, safe_strerror(errno));
991 errno = save_errno;
992 return ret;
993 }
994
995 int vrf_ioctl(vrf_id_t vrf_id, int d, unsigned long request, char *params)
996 {
997 int ret, saved_errno, rc;
998
999 ret = vrf_switch_to_netns(vrf_id);
1000 if (ret < 0) {
1001 flog_err_sys(EC_LIB_SOCKET, "%s: Can't switch to VRF %u (%s)",
1002 __func__, vrf_id, safe_strerror(errno));
1003 return 0;
1004 }
1005 rc = ioctl(d, request, params);
1006 saved_errno = errno;
1007 ret = vrf_switchback_to_initial();
1008 if (ret < 0)
1009 flog_err_sys(EC_LIB_SOCKET,
1010 "%s: Can't switchback from VRF %u (%s)", __func__,
1011 vrf_id, safe_strerror(errno));
1012 errno = saved_errno;
1013 return rc;
1014 }
1015
1016 int vrf_sockunion_socket(const union sockunion *su, vrf_id_t vrf_id,
1017 const char *interfacename)
1018 {
1019 int ret, save_errno, ret2;
1020
1021 ret = vrf_switch_to_netns(vrf_id);
1022 if (ret < 0)
1023 flog_err_sys(EC_LIB_SOCKET, "%s: Can't switch to VRF %u (%s)",
1024 __func__, vrf_id, safe_strerror(errno));
1025 ret = sockunion_socket(su);
1026 save_errno = errno;
1027 ret2 = vrf_switchback_to_initial();
1028 if (ret2 < 0)
1029 flog_err_sys(EC_LIB_SOCKET,
1030 "%s: Can't switchback from VRF %u (%s)", __func__,
1031 vrf_id, safe_strerror(errno));
1032 errno = save_errno;
1033
1034 if (ret <= 0)
1035 return ret;
1036 ret2 = vrf_bind(vrf_id, ret, interfacename);
1037 if (ret2 < 0) {
1038 close(ret);
1039 ret = ret2;
1040 }
1041 return ret;
1042 }
1043
1044 vrf_id_t vrf_generate_id(void)
1045 {
1046 static int vrf_id_local;
1047
1048 return ++vrf_id_local;
1049 }
1050
1051 /* ------- Northbound callbacks ------- */
1052
1053 /*
1054 * XPath: /frr-vrf:lib/vrf
1055 */
1056 static int lib_vrf_create(struct nb_cb_create_args *args)
1057 {
1058 const char *vrfname;
1059 struct vrf *vrfp;
1060
1061 vrfname = yang_dnode_get_string(args->dnode, "./name");
1062
1063 if (args->event != NB_EV_APPLY)
1064 return NB_OK;
1065
1066 vrfp = vrf_get(VRF_UNKNOWN, vrfname);
1067
1068 nb_running_set_entry(args->dnode, vrfp);
1069
1070 return NB_OK;
1071 }
1072
1073 static int lib_vrf_destroy(struct nb_cb_destroy_args *args)
1074 {
1075 struct vrf *vrfp;
1076
1077 switch (args->event) {
1078 case NB_EV_VALIDATE:
1079 vrfp = nb_running_get_entry(args->dnode, NULL, true);
1080 if (CHECK_FLAG(vrfp->status, VRF_ACTIVE)) {
1081 zlog_debug("%s Only inactive VRFs can be deleted",
1082 __func__);
1083 return NB_ERR_VALIDATION;
1084 }
1085 break;
1086 case NB_EV_PREPARE:
1087 case NB_EV_ABORT:
1088 break;
1089 case NB_EV_APPLY:
1090 vrfp = nb_running_unset_entry(args->dnode);
1091
1092 /* Clear configured flag and invoke delete. */
1093 UNSET_FLAG(vrfp->status, VRF_CONFIGURED);
1094 vrf_delete(vrfp);
1095 break;
1096 }
1097
1098 return NB_OK;
1099 }
1100
1101 static const void *lib_vrf_get_next(struct nb_cb_get_next_args *args)
1102 {
1103 struct vrf *vrfp = (struct vrf *)args->list_entry;
1104
1105 if (args->list_entry == NULL) {
1106 vrfp = RB_MIN(vrf_name_head, &vrfs_by_name);
1107 } else {
1108 vrfp = RB_NEXT(vrf_name_head, vrfp);
1109 }
1110
1111 return vrfp;
1112 }
1113
1114 static int lib_vrf_get_keys(struct nb_cb_get_keys_args *args)
1115 {
1116 struct vrf *vrfp = (struct vrf *)args->list_entry;
1117
1118 args->keys->num = 1;
1119 strlcpy(args->keys->key[0], vrfp->name, sizeof(args->keys->key[0]));
1120
1121 return NB_OK;
1122 }
1123
1124 static const void *lib_vrf_lookup_entry(struct nb_cb_lookup_entry_args *args)
1125 {
1126 const char *vrfname = args->keys->key[0];
1127
1128 struct vrf *vrf = vrf_lookup_by_name(vrfname);
1129
1130 return vrf;
1131 }
1132
1133 /*
1134 * XPath: /frr-vrf:lib/vrf/id
1135 */
1136 static struct yang_data *
1137 lib_vrf_state_id_get_elem(struct nb_cb_get_elem_args *args)
1138 {
1139 struct vrf *vrfp = (struct vrf *)args->list_entry;
1140
1141 return yang_data_new_uint32(args->xpath, vrfp->vrf_id);
1142 }
1143
1144 /*
1145 * XPath: /frr-vrf:lib/vrf/active
1146 */
1147 static struct yang_data *
1148 lib_vrf_state_active_get_elem(struct nb_cb_get_elem_args *args)
1149 {
1150 struct vrf *vrfp = (struct vrf *)args->list_entry;
1151
1152 if (vrfp->status == VRF_ACTIVE)
1153 return yang_data_new_bool(
1154 args->xpath, vrfp->status == VRF_ACTIVE ? true : false);
1155
1156 return NULL;
1157 }
1158
1159 /* clang-format off */
1160 const struct frr_yang_module_info frr_vrf_info = {
1161 .name = "frr-vrf",
1162 .nodes = {
1163 {
1164 .xpath = "/frr-vrf:lib/vrf",
1165 .cbs = {
1166 .create = lib_vrf_create,
1167 .destroy = lib_vrf_destroy,
1168 .get_next = lib_vrf_get_next,
1169 .get_keys = lib_vrf_get_keys,
1170 .lookup_entry = lib_vrf_lookup_entry,
1171 }
1172 },
1173 {
1174 .xpath = "/frr-vrf:lib/vrf/state/id",
1175 .cbs = {
1176 .get_elem = lib_vrf_state_id_get_elem,
1177 }
1178 },
1179 {
1180 .xpath = "/frr-vrf:lib/vrf/state/active",
1181 .cbs = {
1182 .get_elem = lib_vrf_state_active_get_elem,
1183 }
1184 },
1185 {
1186 .xpath = NULL,
1187 },
1188 }
1189 };
1190
FRRouting mirror