]> git.proxmox.com Git - mirror_frr.git/blob - zebra/zebra_evpn.c
projects / mirror_frr.git / blob
? search:


77b028ad64f04993b9489daa65e51176e7c77131
[mirror_frr.git] / zebra / zebra_evpn.c
1 /*
2 * Zebra EVPN for VxLAN code
3 * Copyright (C) 2016, 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRR is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRR is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with FRR; see the file COPYING. If not, write to the Free
19 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
20 * 02111-1307, USA.
21 */
22 #include <zebra.h>
23
24 #include "hash.h"
25 #include "if.h"
26 #include "jhash.h"
27 #include "linklist.h"
28 #include "log.h"
29 #include "memory.h"
30 #include "prefix.h"
31 #include "stream.h"
32 #include "table.h"
33 #include "vlan.h"
34 #include "vxlan.h"
35 #ifdef GNU_LINUX
36 #include <linux/neighbour.h>
37 #endif
38
39 #include "zebra/zebra_router.h"
40 #include "zebra/debug.h"
41 #include "zebra/interface.h"
42 #include "zebra/rib.h"
43 #include "zebra/rt.h"
44 #include "zebra/rt_netlink.h"
45 #include "zebra/zebra_errors.h"
46 #include "zebra/zebra_l2.h"
47 #include "zebra/zebra_l2_bridge_if.h"
48 #include "zebra/zebra_ns.h"
49 #include "zebra/zebra_vrf.h"
50 #include "zebra/zebra_vxlan.h"
51 #include "zebra/zebra_vxlan_private.h"
52 #include "zebra/zebra_evpn.h"
53 #include "zebra/zebra_evpn_mac.h"
54 #include "zebra/zebra_evpn_neigh.h"
55 #include "zebra/zebra_evpn_mh.h"
56 #include "zebra/zebra_evpn_vxlan.h"
57 #include "zebra/zebra_router.h"
58
59 DEFINE_MTYPE_STATIC(ZEBRA, ZEVPN, "VNI hash");
60 DEFINE_MTYPE_STATIC(ZEBRA, ZEVPN_VTEP, "VNI remote VTEP");
61
62 /* PMSI strings. */
63 #define VXLAN_FLOOD_STR_NO_INFO "-"
64 #define VXLAN_FLOOD_STR_DEFAULT VXLAN_FLOOD_STR_NO_INFO
65 static const struct message zvtep_flood_str[] = {
66 {VXLAN_FLOOD_DISABLED, VXLAN_FLOOD_STR_NO_INFO},
67 {VXLAN_FLOOD_PIM_SM, "PIM-SM"},
68 {VXLAN_FLOOD_HEAD_END_REPL, "HER"},
69 {0}
70 };
71
72 int advertise_gw_macip_enabled(struct zebra_evpn *zevpn)
73 {
74 struct zebra_vrf *zvrf;
75
76 zvrf = zebra_vrf_get_evpn();
77 if (zvrf->advertise_gw_macip)
78 return 1;
79
80 if (zevpn && zevpn->advertise_gw_macip)
81 return 1;
82
83 return 0;
84 }
85
86 int advertise_svi_macip_enabled(struct zebra_evpn *zevpn)
87 {
88 struct zebra_vrf *zvrf;
89
90 zvrf = zebra_vrf_get_evpn();
91 if (zvrf->advertise_svi_macip)
92 return 1;
93
94 if (zevpn && zevpn->advertise_svi_macip)
95 return 1;
96
97 return 0;
98 }
99
100 /*
101 * Print a specific EVPN entry.
102 */
103 void zebra_evpn_print(struct zebra_evpn *zevpn, void **ctxt)
104 {
105
106 struct vty *vty = NULL;
107 struct zebra_vtep *zvtep = NULL;
108 uint32_t num_macs = 0;
109 uint32_t num_neigh = 0;
110 uint32_t num_vteps = 0;
111 json_object *json = NULL;
112 json_object *json_vtep_list = NULL;
113 json_object *json_vtep = NULL;
114
115 vty = ctxt[0];
116 json = ctxt[1];
117
118 if (json == NULL) {
119 vty_out(vty, "VNI: %u\n", zevpn->vni);
120 vty_out(vty, " Type: %s\n", "L2");
121 vty_out(vty, " Vlan: %u\n", zevpn->vid);
122 vty_out(vty, " Bridge: %s\n",
123 zevpn->bridge_if ? zevpn->bridge_if->name : "-");
124 vty_out(vty, " Tenant VRF: %s\n", vrf_id_to_name(zevpn->vrf_id));
125 } else {
126 json_object_int_add(json, "vni", zevpn->vni);
127 json_object_string_add(json, "type", "L2");
128 #if CONFDATE > 20240210
129 CPP_NOTICE("Drop `vrf` from JSON output")
130 #endif
131 json_object_string_add(json, "vrf",
132 vrf_id_to_name(zevpn->vrf_id));
133 json_object_string_add(json, "tenantVrf",
134 vrf_id_to_name(zevpn->vrf_id));
135 }
136
137 if (!zevpn->vxlan_if) { // unexpected
138 if (json == NULL)
139 vty_out(vty, " VxLAN interface: unknown\n");
140 else
141 json_object_string_add(json, "vxlanInterface",
142 "unknown");
143 return;
144 }
145 num_macs = num_valid_macs(zevpn);
146 num_neigh = hashcount(zevpn->neigh_table);
147 if (json == NULL) {
148 vty_out(vty, " VxLAN interface: %s\n", zevpn->vxlan_if->name);
149 vty_out(vty, " VxLAN ifIndex: %u\n", zevpn->vxlan_if->ifindex);
150 vty_out(vty, " SVI interface: %s\n",
151 (zevpn->svi_if ? zevpn->svi_if->name : ""));
152 vty_out(vty, " SVI ifIndex: %u\n",
153 (zevpn->svi_if ? zevpn->svi_if->ifindex : 0));
154 vty_out(vty, " Local VTEP IP: %pI4\n",
155 &zevpn->local_vtep_ip);
156 vty_out(vty, " Mcast group: %pI4\n",
157 &zevpn->mcast_grp);
158 } else {
159 json_object_string_add(json, "vxlanInterface",
160 zevpn->vxlan_if->name);
161 #if CONFDATE > 20240210
162 CPP_NOTICE("Drop `ifindex` from JSON output")
163 #endif
164 json_object_int_add(json, "ifindex", zevpn->vxlan_if->ifindex);
165 json_object_int_add(json, "vxlanIfindex",
166 zevpn->vxlan_if->ifindex);
167 if (zevpn->svi_if) {
168 json_object_string_add(json, "sviInterface",
169 zevpn->svi_if->name);
170 json_object_int_add(json, "sviIfindex",
171 zevpn->svi_if->ifindex);
172 }
173 json_object_string_addf(json, "vtepIp", "%pI4",
174 &zevpn->local_vtep_ip);
175 json_object_string_addf(json, "mcastGroup", "%pI4",
176 &zevpn->mcast_grp);
177 json_object_string_add(json, "advertiseGatewayMacip",
178 zevpn->advertise_gw_macip ? "Yes"
179 : "No");
180 json_object_string_add(json, "advertiseSviMacip",
181 zevpn->advertise_svi_macip ? "Yes"
182 : "No");
183 json_object_int_add(json, "numMacs", num_macs);
184 json_object_int_add(json, "numArpNd", num_neigh);
185 }
186 if (!zevpn->vteps) {
187 if (json == NULL)
188 vty_out(vty, " No remote VTEPs known for this VNI\n");
189 else
190 json_object_int_add(json, "numRemoteVteps", num_vteps);
191 } else {
192 if (json == NULL)
193 vty_out(vty, " Remote VTEPs for this VNI:\n");
194 else
195 json_vtep_list = json_object_new_array();
196 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
197 const char *flood_str = lookup_msg(
198 zvtep_flood_str, zvtep->flood_control,
199 VXLAN_FLOOD_STR_DEFAULT);
200
201 if (json == NULL) {
202 vty_out(vty, " %pI4 flood: %s\n",
203 &zvtep->vtep_ip,
204 flood_str);
205 } else {
206 json_vtep = json_object_new_object();
207 json_object_string_addf(json_vtep, "ip", "%pI4",
208 &zvtep->vtep_ip);
209 json_object_string_add(json_vtep, "flood",
210 flood_str);
211 json_object_array_add(json_vtep_list,
212 json_vtep);
213 }
214 num_vteps++;
215 }
216 if (json) {
217 json_object_int_add(json, "numRemoteVteps", num_vteps);
218 json_object_object_add(json, "remoteVteps",
219 json_vtep_list);
220 }
221 }
222 if (json == NULL) {
223 vty_out(vty,
224 " Number of MACs (local and remote) known for this VNI: %u\n",
225 num_macs);
226 vty_out(vty,
227 " Number of ARPs (IPv4 and IPv6, local and remote) "
228 "known for this VNI: %u\n",
229 num_neigh);
230 vty_out(vty, " Advertise-gw-macip: %s\n",
231 zevpn->advertise_gw_macip ? "Yes" : "No");
232 vty_out(vty, " Advertise-svi-macip: %s\n",
233 zevpn->advertise_svi_macip ? "Yes" : "No");
234 }
235 }
236
237 /*
238 * Print an EVPN hash entry - called for display of all VNIs.
239 */
240 void zebra_evpn_print_hash(struct hash_bucket *bucket, void *ctxt[])
241 {
242 struct vty *vty;
243 struct zebra_evpn *zevpn;
244 struct zebra_vtep *zvtep;
245 uint32_t num_vteps = 0;
246 uint32_t num_macs = 0;
247 uint32_t num_neigh = 0;
248 json_object *json = NULL;
249 json_object *json_evpn = NULL;
250 json_object *json_ip_str = NULL;
251 json_object *json_vtep_list = NULL;
252 char buf[PREFIX_STRLEN];
253
254 vty = ctxt[0];
255 json = ctxt[1];
256
257 zevpn = (struct zebra_evpn *)bucket->data;
258
259 zvtep = zevpn->vteps;
260 while (zvtep) {
261 num_vteps++;
262 zvtep = zvtep->next;
263 }
264
265 num_macs = num_valid_macs(zevpn);
266 num_neigh = hashcount(zevpn->neigh_table);
267 if (json == NULL)
268 vty_out(vty, "%-10u %-4s %-21s %-8u %-8u %-15u %-37s\n",
269 zevpn->vni, "L2",
270 zevpn->vxlan_if ? zevpn->vxlan_if->name : "unknown",
271 num_macs, num_neigh, num_vteps,
272 vrf_id_to_name(zevpn->vrf_id));
273 else {
274 char vni_str[VNI_STR_LEN];
275 snprintf(vni_str, VNI_STR_LEN, "%u", zevpn->vni);
276 json_evpn = json_object_new_object();
277 json_object_int_add(json_evpn, "vni", zevpn->vni);
278 json_object_string_add(json_evpn, "type", "L2");
279 json_object_string_add(json_evpn, "vxlanIf",
280 zevpn->vxlan_if ? zevpn->vxlan_if->name
281 : "unknown");
282 json_object_int_add(json_evpn, "numMacs", num_macs);
283 json_object_int_add(json_evpn, "numArpNd", num_neigh);
284 json_object_int_add(json_evpn, "numRemoteVteps", num_vteps);
285 json_object_string_add(json_evpn, "tenantVrf",
286 vrf_id_to_name(zevpn->vrf_id));
287 if (num_vteps) {
288 json_vtep_list = json_object_new_array();
289 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
290 json_ip_str = json_object_new_string(
291 inet_ntop(AF_INET, &zvtep->vtep_ip, buf,
292 sizeof(buf)));
293 json_object_array_add(json_vtep_list,
294 json_ip_str);
295 }
296 json_object_object_add(json_evpn, "remoteVteps",
297 json_vtep_list);
298 }
299 json_object_object_add(json, vni_str, json_evpn);
300 }
301 }
302
303 /*
304 * Print an EVPN hash entry in detail - called for display of all EVPNs.
305 */
306 void zebra_evpn_print_hash_detail(struct hash_bucket *bucket, void *data)
307 {
308 struct vty *vty;
309 struct zebra_evpn *zevpn;
310 json_object *json_array = NULL;
311 bool use_json = false;
312 struct zebra_evpn_show *zes = data;
313
314 vty = zes->vty;
315 json_array = zes->json;
316 use_json = zes->use_json;
317
318 zevpn = (struct zebra_evpn *)bucket->data;
319
320 zebra_vxlan_print_vni(vty, zes->zvrf, zevpn->vni, use_json, json_array);
321
322 if (!use_json)
323 vty_out(vty, "\n");
324 }
325
326 int zebra_evpn_del_macip_for_intf(struct interface *ifp,
327 struct zebra_evpn *zevpn)
328 {
329 struct listnode *cnode = NULL, *cnnode = NULL;
330 struct connected *c = NULL;
331 struct ethaddr macaddr;
332
333 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
334
335 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
336 struct ipaddr ip;
337
338 memset(&ip, 0, sizeof(struct ipaddr));
339 if (!CHECK_FLAG(c->conf, ZEBRA_IFC_REAL))
340 continue;
341
342 if (c->address->family == AF_INET) {
343 ip.ipa_type = IPADDR_V4;
344 memcpy(&(ip.ipaddr_v4), &(c->address->u.prefix4),
345 sizeof(struct in_addr));
346 } else if (c->address->family == AF_INET6) {
347 ip.ipa_type = IPADDR_V6;
348 memcpy(&(ip.ipaddr_v6), &(c->address->u.prefix6),
349 sizeof(struct in6_addr));
350 } else {
351 continue;
352 }
353
354 zebra_evpn_gw_macip_del(ifp, zevpn, &ip);
355 }
356
357 return 0;
358 }
359
360 int zebra_evpn_add_macip_for_intf(struct interface *ifp,
361 struct zebra_evpn *zevpn)
362 {
363 struct listnode *cnode = NULL, *cnnode = NULL;
364 struct connected *c = NULL;
365 struct ethaddr macaddr;
366
367 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
368
369 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
370 struct ipaddr ip;
371
372 if (!CHECK_FLAG(c->conf, ZEBRA_IFC_REAL))
373 continue;
374
375 memset(&ip, 0, sizeof(struct ipaddr));
376 if (c->address->family == AF_INET) {
377 ip.ipa_type = IPADDR_V4;
378 memcpy(&(ip.ipaddr_v4), &(c->address->u.prefix4),
379 sizeof(struct in_addr));
380 } else if (c->address->family == AF_INET6) {
381 ip.ipa_type = IPADDR_V6;
382 memcpy(&(ip.ipaddr_v6), &(c->address->u.prefix6),
383 sizeof(struct in6_addr));
384 } else {
385 continue;
386 }
387
388 zebra_evpn_gw_macip_add(ifp, zevpn, &macaddr, &ip);
389 }
390 return 0;
391 }
392
393 static int ip_prefix_send_to_client(vrf_id_t vrf_id, struct prefix *p,
394 uint16_t cmd)
395 {
396 struct zserv *client = NULL;
397 struct stream *s = NULL;
398
399 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
400 /* BGP may not be running. */
401 if (!client)
402 return 0;
403
404 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
405
406 zclient_create_header(s, cmd, vrf_id);
407 stream_put(s, p, sizeof(struct prefix));
408
409 /* Write packet size. */
410 stream_putw_at(s, 0, stream_get_endp(s));
411
412 if (IS_ZEBRA_DEBUG_VXLAN)
413 zlog_debug("Send ip prefix %pFX %s on vrf %s", p,
414 (cmd == ZEBRA_IP_PREFIX_ROUTE_ADD) ? "ADD" : "DEL",
415 vrf_id_to_name(vrf_id));
416
417 if (cmd == ZEBRA_IP_PREFIX_ROUTE_ADD)
418 client->prefixadd_cnt++;
419 else
420 client->prefixdel_cnt++;
421
422 return zserv_send_message(client, s);
423 }
424
425 int zebra_evpn_advertise_subnet(struct zebra_evpn *zevpn, struct interface *ifp,
426 int advertise)
427 {
428 struct listnode *cnode = NULL, *cnnode = NULL;
429 struct connected *c = NULL;
430 struct ethaddr macaddr;
431
432 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
433
434 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
435 struct prefix p;
436
437 memcpy(&p, c->address, sizeof(struct prefix));
438
439 /* skip link local address */
440 if (IN6_IS_ADDR_LINKLOCAL(&p.u.prefix6))
441 continue;
442
443 apply_mask(&p);
444 if (advertise)
445 ip_prefix_send_to_client(ifp->vrf->vrf_id, &p,
446 ZEBRA_IP_PREFIX_ROUTE_ADD);
447 else
448 ip_prefix_send_to_client(ifp->vrf->vrf_id, &p,
449 ZEBRA_IP_PREFIX_ROUTE_DEL);
450 }
451 return 0;
452 }
453
454 /*
455 * zebra_evpn_gw_macip_add_to_client
456 */
457 int zebra_evpn_gw_macip_add(struct interface *ifp, struct zebra_evpn *zevpn,
458 struct ethaddr *macaddr, struct ipaddr *ip)
459 {
460 struct zebra_mac *mac = NULL;
461 struct zebra_if *zif = NULL;
462 struct zebra_vxlan_vni *vni;
463
464 zif = zevpn->vxlan_if->info;
465 if (!zif)
466 return -1;
467
468 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
469
470 zebra_evpn_mac_gw_macip_add(ifp, zevpn, ip, &mac, macaddr,
471 vni->access_vlan, true);
472
473 return zebra_evpn_neigh_gw_macip_add(ifp, zevpn, ip, mac);
474 }
475
476 /*
477 * zebra_evpn_gw_macip_del_from_client
478 */
479 int zebra_evpn_gw_macip_del(struct interface *ifp, struct zebra_evpn *zevpn,
480 struct ipaddr *ip)
481 {
482 struct zebra_neigh *n = NULL;
483 struct zebra_mac *mac = NULL;
484
485 /* If the neigh entry is not present nothing to do*/
486 n = zebra_evpn_neigh_lookup(zevpn, ip);
487 if (!n)
488 return 0;
489
490 /* mac entry should be present */
491 mac = zebra_evpn_mac_lookup(zevpn, &n->emac);
492 if (!mac) {
493 if (IS_ZEBRA_DEBUG_VXLAN)
494 zlog_debug("MAC %pEA doesn't exist for neigh %pIA on VNI %u",
495 &n->emac, ip, zevpn->vni);
496 return -1;
497 }
498
499 /* If the entry is not local nothing to do*/
500 if (!CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL))
501 return -1;
502
503 /* only need to delete the entry from bgp if we sent it before */
504 if (IS_ZEBRA_DEBUG_VXLAN)
505 zlog_debug(
506 "%u:SVI %s(%u) VNI %u, sending GW MAC %pEA IP %pIA del to BGP",
507 ifp->vrf->vrf_id, ifp->name, ifp->ifindex, zevpn->vni,
508 &n->emac, ip);
509
510 /* Remove neighbor from BGP. */
511 zebra_evpn_neigh_send_del_to_client(zevpn->vni, &n->ip, &n->emac,
512 n->flags, ZEBRA_NEIGH_ACTIVE,
513 false /*force*/);
514
515 /* Delete this neighbor entry. */
516 zebra_evpn_neigh_del(zevpn, n);
517
518 /* see if the mac needs to be deleted as well*/
519 if (mac)
520 zebra_evpn_deref_ip2mac(zevpn, mac);
521
522 return 0;
523 }
524
525 void zebra_evpn_gw_macip_del_for_evpn_hash(struct hash_bucket *bucket,
526 void *ctxt)
527 {
528 struct zebra_evpn *zevpn = NULL;
529 struct zebra_if *zif = NULL;
530 struct zebra_vxlan_vni *vni = NULL;
531 struct interface *vlan_if = NULL;
532 struct interface *vrr_if = NULL;
533 struct interface *ifp;
534
535 /* Add primary SVI MAC*/
536 zevpn = (struct zebra_evpn *)bucket->data;
537
538 /* Global (Zvrf) advertise-default-gw is disabled,
539 * but zevpn advertise-default-gw is enabled
540 */
541 if (zevpn->advertise_gw_macip) {
542 if (IS_ZEBRA_DEBUG_VXLAN)
543 zlog_debug("VNI: %u GW-MACIP enabled, retain gw-macip",
544 zevpn->vni);
545 return;
546 }
547
548 ifp = zevpn->vxlan_if;
549 if (!ifp)
550 return;
551 zif = ifp->info;
552
553 /* If down or not mapped to a bridge, we're done. */
554 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
555 return;
556
557 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
558 if (!vni)
559 return;
560
561 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
562 if (!vlan_if)
563 return;
564
565 /* Del primary MAC-IP */
566 zebra_evpn_del_macip_for_intf(vlan_if, zevpn);
567
568 /* Del VRR MAC-IP - if any*/
569 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
570 if (vrr_if)
571 zebra_evpn_del_macip_for_intf(vrr_if, zevpn);
572
573 return;
574 }
575
576 void zebra_evpn_gw_macip_add_for_evpn_hash(struct hash_bucket *bucket,
577 void *ctxt)
578 {
579 struct zebra_evpn *zevpn = NULL;
580 struct zebra_if *zif = NULL;
581 struct interface *vlan_if = NULL;
582 struct interface *vrr_if = NULL;
583 struct interface *ifp = NULL;
584 struct zebra_vxlan_vni *vni = NULL;
585
586 zevpn = (struct zebra_evpn *)bucket->data;
587
588 ifp = zevpn->vxlan_if;
589 if (!ifp)
590 return;
591 zif = ifp->info;
592
593 /* If down or not mapped to a bridge, we're done. */
594 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
595 return;
596 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
597 if (!vni)
598 return;
599
600 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
601 if (!vlan_if)
602 return;
603
604 /* Add primary SVI MAC-IP */
605 if (advertise_svi_macip_enabled(zevpn)
606 || advertise_gw_macip_enabled(zevpn))
607 zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
608
609 if (advertise_gw_macip_enabled(zevpn)) {
610 /* Add VRR MAC-IP - if any*/
611 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
612 if (vrr_if)
613 zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
614 }
615
616 return;
617 }
618
619 void zebra_evpn_svi_macip_del_for_evpn_hash(struct hash_bucket *bucket,
620 void *ctxt)
621 {
622 struct zebra_evpn *zevpn = NULL;
623 struct zebra_if *zif = NULL;
624 struct interface *vlan_if = NULL;
625 struct zebra_vxlan_vni *vni = NULL;
626 struct interface *ifp;
627
628 /* Add primary SVI MAC*/
629 zevpn = (struct zebra_evpn *)bucket->data;
630 if (!zevpn)
631 return;
632
633 /* Global(vrf) advertise-svi-ip disabled, but zevpn advertise-svi-ip
634 * enabled
635 */
636 if (zevpn->advertise_svi_macip) {
637 if (IS_ZEBRA_DEBUG_VXLAN)
638 zlog_debug("VNI: %u SVI-MACIP enabled, retain svi-macip",
639 zevpn->vni);
640 return;
641 }
642
643 ifp = zevpn->vxlan_if;
644 if (!ifp)
645 return;
646 zif = ifp->info;
647
648 /* If down or not mapped to a bridge, we're done. */
649 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
650 return;
651
652 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
653 if (!vni)
654 return;
655
656 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
657 if (!vlan_if)
658 return;
659
660 /* Del primary MAC-IP */
661 zebra_evpn_del_macip_for_intf(vlan_if, zevpn);
662
663 return;
664 }
665
666 static int zebra_evpn_map_vlan_ns(struct ns *ns,
667 void *_in_param,
668 void **_p_zevpn)
669 {
670 int found = 0;
671 struct zebra_ns *zns = ns->info;
672 struct route_node *rn;
673 struct interface *br_if;
674 struct zebra_evpn **p_zevpn = (struct zebra_evpn **)_p_zevpn;
675 struct zebra_evpn *zevpn;
676 struct interface *tmp_if = NULL;
677 struct zebra_if *zif;
678 struct zebra_from_svi_param *in_param =
679 (struct zebra_from_svi_param *)_in_param;
680 vlanid_t vid;
681 vni_t vni_id = 0;
682 uint8_t bridge_vlan_aware;
683
684 assert(p_zevpn && in_param);
685
686 br_if = in_param->br_if;
687 assert(br_if);
688 zif = in_param->zif;
689 assert(zif);
690 vid = in_param->vid;
691 bridge_vlan_aware = in_param->bridge_vlan_aware;
692
693 if (bridge_vlan_aware) {
694 vni_id = zebra_l2_bridge_if_vni_find(zif, vid);
695 if (vni_id)
696 found = 1;
697 } else {
698 /*
699 * See if this interface (or interface plus VLAN Id) maps to a
700 * VxLAN
701 */
702 /* TODO: Optimize with a hash. */
703 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
704 tmp_if = (struct interface *)rn->info;
705 if (!tmp_if)
706 continue;
707 zif = tmp_if->info;
708 if (!zif || zif->zif_type != ZEBRA_IF_VXLAN)
709 continue;
710 if (!if_is_operative(tmp_if))
711 continue;
712
713 if (zif->brslave_info.br_if != br_if)
714 continue;
715
716 vni_id =
717 zebra_vxlan_if_access_vlan_vni_find(zif, br_if);
718 if (vni_id) {
719 found = 1;
720 break;
721 }
722 }
723 }
724
725 if (!found)
726 return NS_WALK_CONTINUE;
727
728 zevpn = zebra_evpn_lookup(vni_id);
729 *p_zevpn = zevpn;
730 return NS_WALK_STOP;
731 }
732
733 /*
734 * Map port or (port, VLAN) to an EVPN. This is invoked upon getting MAC
735 * notifications, to see if they are of interest.
736 */
737 struct zebra_evpn *zebra_evpn_map_vlan(struct interface *ifp,
738 struct interface *br_if, vlanid_t vid)
739 {
740 struct zebra_if *zif;
741 struct zebra_evpn **p_zevpn;
742 struct zebra_evpn *zevpn = NULL;
743 struct zebra_from_svi_param in_param;
744
745 /* Determine if bridge is VLAN-aware or not */
746 zif = br_if->info;
747 assert(zif);
748 in_param.bridge_vlan_aware = IS_ZEBRA_IF_BRIDGE_VLAN_AWARE(zif);
749 in_param.vid = vid;
750 in_param.br_if = br_if;
751 in_param.zif = zif;
752 p_zevpn = &zevpn;
753
754 ns_walk_func(zebra_evpn_map_vlan_ns,
755 (void *)&in_param,
756 (void **)p_zevpn);
757 return zevpn;
758 }
759
760 static int zebra_evpn_from_svi_ns(struct ns *ns,
761 void *_in_param,
762 void **_p_zevpn)
763 {
764 struct zebra_ns *zns = ns->info;
765 struct route_node *rn;
766 struct interface *br_if;
767 struct zebra_evpn **p_zevpn = (struct zebra_evpn **)_p_zevpn;
768 struct zebra_evpn *zevpn;
769 struct interface *tmp_if = NULL;
770 struct zebra_if *zif;
771 struct zebra_if *br_zif;
772 struct zebra_l2_bridge_vlan *bvlan;
773 struct zebra_from_svi_param *in_param =
774 (struct zebra_from_svi_param *)_in_param;
775 int found = 0;
776 vni_t vni_id = 0;
777 vlanid_t vid = 0;
778 uint8_t bridge_vlan_aware;
779
780 if (!in_param)
781 return NS_WALK_STOP;
782
783 br_if = in_param->br_if;
784 zif = in_param->zif;
785 assert(zif);
786 bridge_vlan_aware = in_param->bridge_vlan_aware;
787 vid = in_param->vid;
788 br_zif = br_if->info;
789 assert(br_zif);
790
791 if (bridge_vlan_aware) {
792 bvlan = zebra_l2_bridge_if_vlan_find(br_zif, vid);
793 if (bvlan && bvlan->access_bd && bvlan->access_bd->vni) {
794 found = 1;
795 vni_id = bvlan->access_bd->vni;
796 }
797 } else {
798 /* TODO: Optimize with a hash. */
799 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
800 tmp_if = (struct interface *)rn->info;
801 if (!tmp_if)
802 continue;
803 zif = tmp_if->info;
804 if (!zif || zif->zif_type != ZEBRA_IF_VXLAN)
805 continue;
806 if (!if_is_operative(tmp_if))
807 continue;
808
809 if (zif->brslave_info.br_if != br_if)
810 continue;
811
812 vni_id =
813 zebra_vxlan_if_access_vlan_vni_find(zif, br_if);
814 if (vni_id) {
815 found = 1;
816 break;
817 }
818 }
819 }
820
821 if (!found)
822 return NS_WALK_CONTINUE;
823
824 zevpn = zebra_evpn_lookup(vni_id);
825 if (p_zevpn)
826 *p_zevpn = zevpn;
827 return NS_WALK_STOP;
828 }
829
830 /*
831 * Map SVI and associated bridge to an EVPN. This is invoked upon getting
832 * neighbor notifications, to see if they are of interest.
833 */
834 struct zebra_evpn *zebra_evpn_from_svi(struct interface *ifp,
835 struct interface *br_if)
836 {
837 struct zebra_evpn *zevpn = NULL;
838 struct zebra_evpn **p_zevpn;
839 struct zebra_if *zif;
840 struct zebra_from_svi_param in_param;
841
842 if (!br_if)
843 return NULL;
844
845 /* Make sure the linked interface is a bridge. */
846 if (!IS_ZEBRA_IF_BRIDGE(br_if))
847 return NULL;
848
849 /* Determine if bridge is VLAN-aware or not */
850 zif = br_if->info;
851 assert(zif);
852 in_param.bridge_vlan_aware = IS_ZEBRA_IF_BRIDGE_VLAN_AWARE(zif);
853 in_param.vid = 0;
854
855 if (in_param.bridge_vlan_aware) {
856 struct zebra_l2info_vlan *vl;
857
858 if (!IS_ZEBRA_IF_VLAN(ifp))
859 return NULL;
860
861 zif = ifp->info;
862 assert(zif);
863 vl = &zif->l2info.vl;
864 in_param.vid = vl->vid;
865 }
866
867 in_param.br_if = br_if;
868 in_param.zif = zif;
869 p_zevpn = &zevpn;
870 /* See if this interface (or interface plus VLAN Id) maps to a VxLAN */
871 ns_walk_func(zebra_evpn_from_svi_ns, (void *)&in_param,
872 (void **)p_zevpn);
873 return zevpn;
874 }
875
876 static int zvni_map_to_macvlan_ns(struct ns *ns,
877 void *_in_param,
878 void **_p_ifp)
879 {
880 struct zebra_ns *zns = ns->info;
881 struct zebra_from_svi_param *in_param =
882 (struct zebra_from_svi_param *)_in_param;
883 struct interface **p_ifp = (struct interface **)_p_ifp;
884 struct route_node *rn;
885 struct interface *tmp_if = NULL;
886 struct zebra_if *zif;
887
888 assert(in_param && p_ifp);
889
890 /* Identify corresponding VLAN interface. */
891 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
892 tmp_if = (struct interface *)rn->info;
893 /* Check oper status of the SVI. */
894 if (!tmp_if || !if_is_operative(tmp_if))
895 continue;
896 zif = tmp_if->info;
897
898 if (!zif || zif->zif_type != ZEBRA_IF_MACVLAN)
899 continue;
900
901 if (zif->link == in_param->svi_if) {
902 *p_ifp = tmp_if;
903 return NS_WALK_STOP;
904 }
905 }
906
907 return NS_WALK_CONTINUE;
908 }
909
910 /* Map to MAC-VLAN interface corresponding to specified SVI interface.
911 */
912 struct interface *zebra_evpn_map_to_macvlan(struct interface *br_if,
913 struct interface *svi_if)
914 {
915 struct interface *tmp_if = NULL;
916 struct zebra_if *zif;
917 struct interface **p_ifp;
918 struct zebra_from_svi_param in_param;
919
920 /* Defensive check, caller expected to invoke only with valid bridge. */
921 if (!br_if)
922 return NULL;
923
924 if (!svi_if) {
925 zlog_debug("svi_if is not passed.");
926 return NULL;
927 }
928
929 /* Determine if bridge is VLAN-aware or not */
930 zif = br_if->info;
931 assert(zif);
932
933 in_param.vid = 0;
934 in_param.br_if = br_if;
935 in_param.zif = NULL;
936 in_param.svi_if = svi_if;
937 p_ifp = &tmp_if;
938
939 /* Identify corresponding VLAN interface. */
940 ns_walk_func(zvni_map_to_macvlan_ns,
941 (void *)&in_param,
942 (void **)p_ifp);
943 return tmp_if;
944 }
945
946 /*
947 * Install MAC hash entry - called upon access VLAN change.
948 */
949 void zebra_evpn_install_mac_hash(struct hash_bucket *bucket, void *ctxt)
950 {
951 struct zebra_mac *mac;
952 struct mac_walk_ctx *wctx = ctxt;
953
954 mac = (struct zebra_mac *)bucket->data;
955
956 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE))
957 zebra_evpn_rem_mac_install(wctx->zevpn, mac, false);
958 }
959
960 /*
961 * Read and populate local MACs and neighbors corresponding to this EVPN.
962 */
963 void zebra_evpn_read_mac_neigh(struct zebra_evpn *zevpn, struct interface *ifp)
964 {
965 struct zebra_ns *zns;
966 struct zebra_vrf *zvrf;
967 struct zebra_if *zif;
968 struct interface *vlan_if;
969 struct zebra_vxlan_vni *vni;
970 struct interface *vrr_if;
971
972 zif = ifp->info;
973 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
974 zvrf = zebra_vrf_lookup_by_id(zevpn->vrf_id);
975 if (!zvrf || !zvrf->zns)
976 return;
977 zns = zvrf->zns;
978
979 if (IS_ZEBRA_DEBUG_VXLAN)
980 zlog_debug(
981 "Reading MAC FDB and Neighbors for intf %s(%u) VNI %u master %u",
982 ifp->name, ifp->ifindex, zevpn->vni,
983 zif->brslave_info.bridge_ifindex);
984
985 macfdb_read_for_bridge(zns, ifp, zif->brslave_info.br_if,
986 vni->access_vlan);
987 /* We need to specifically read and retrieve the entry for BUM handling
988 * via multicast, if any.
989 */
990 macfdb_read_mcast_entry_for_vni(zns, ifp, zevpn->vni);
991 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
992 if (vlan_if) {
993 /* Add SVI MAC */
994 zebra_evpn_acc_bd_svi_mac_add(vlan_if);
995
996 /* Add SVI MAC-IP */
997 if (advertise_svi_macip_enabled(zevpn)
998 || advertise_gw_macip_enabled(zevpn))
999 zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
1000
1001 /* Add VRR MAC-IP - if any*/
1002 if (advertise_gw_macip_enabled(zevpn)) {
1003 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
1004 if (vrr_if)
1005 zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
1006 }
1007
1008 neigh_read_for_vlan(zns, vlan_if);
1009 }
1010 }
1011
1012 /*
1013 * Hash function for EVPN.
1014 */
1015 unsigned int zebra_evpn_hash_keymake(const void *p)
1016 {
1017 const struct zebra_evpn *zevpn = p;
1018
1019 return (jhash_1word(zevpn->vni, 0));
1020 }
1021
1022 /*
1023 * Compare 2 evpn hash entries.
1024 */
1025 bool zebra_evpn_hash_cmp(const void *p1, const void *p2)
1026 {
1027 const struct zebra_evpn *zevpn1 = p1;
1028 const struct zebra_evpn *zevpn2 = p2;
1029
1030 return (zevpn1->vni == zevpn2->vni);
1031 }
1032
1033 int zebra_evpn_list_cmp(void *p1, void *p2)
1034 {
1035 const struct zebra_evpn *zevpn1 = p1;
1036 const struct zebra_evpn *zevpn2 = p2;
1037
1038 if (zevpn1->vni == zevpn2->vni)
1039 return 0;
1040 return (zevpn1->vni < zevpn2->vni) ? -1 : 1;
1041 }
1042
1043 /*
1044 * Callback to allocate VNI hash entry.
1045 */
1046 void *zebra_evpn_alloc(void *p)
1047 {
1048 const struct zebra_evpn *tmp_vni = p;
1049 struct zebra_evpn *zevpn;
1050
1051 zevpn = XCALLOC(MTYPE_ZEVPN, sizeof(struct zebra_evpn));
1052 zevpn->vni = tmp_vni->vni;
1053 return ((void *)zevpn);
1054 }
1055
1056 /*
1057 * Look up EVPN hash entry.
1058 */
1059 struct zebra_evpn *zebra_evpn_lookup(vni_t vni)
1060 {
1061 struct zebra_vrf *zvrf;
1062 struct zebra_evpn tmp_vni;
1063 struct zebra_evpn *zevpn = NULL;
1064
1065 zvrf = zebra_vrf_get_evpn();
1066 memset(&tmp_vni, 0, sizeof(tmp_vni));
1067 tmp_vni.vni = vni;
1068 zevpn = hash_lookup(zvrf->evpn_table, &tmp_vni);
1069
1070 return zevpn;
1071 }
1072
1073 /*
1074 * Add EVPN hash entry.
1075 */
1076 struct zebra_evpn *zebra_evpn_add(vni_t vni)
1077 {
1078 char buffer[80];
1079 struct zebra_vrf *zvrf;
1080 struct zebra_evpn tmp_zevpn;
1081 struct zebra_evpn *zevpn = NULL;
1082
1083 zvrf = zebra_vrf_get_evpn();
1084 memset(&tmp_zevpn, 0, sizeof(tmp_zevpn));
1085 tmp_zevpn.vni = vni;
1086 zevpn = hash_get(zvrf->evpn_table, &tmp_zevpn, zebra_evpn_alloc);
1087
1088 zebra_evpn_es_evi_init(zevpn);
1089
1090 snprintf(buffer, sizeof(buffer), "Zebra EVPN MAC Table vni: %u", vni);
1091 /* Create hash table for MAC */
1092 zevpn->mac_table = zebra_mac_db_create(buffer);
1093
1094 snprintf(buffer, sizeof(buffer), "Zebra EVPN Neighbor Table vni: %u",
1095 vni);
1096 /* Create hash table for neighbors */
1097 zevpn->neigh_table = zebra_neigh_db_create(buffer);
1098
1099 return zevpn;
1100 }
1101
1102 /*
1103 * Delete EVPN hash entry.
1104 */
1105 int zebra_evpn_del(struct zebra_evpn *zevpn)
1106 {
1107 struct zebra_vrf *zvrf;
1108 struct zebra_evpn *tmp_zevpn;
1109
1110 zvrf = zebra_vrf_get_evpn();
1111
1112 zevpn->svi_if = NULL;
1113
1114 /* Free the neighbor hash table. */
1115 hash_free(zevpn->neigh_table);
1116 zevpn->neigh_table = NULL;
1117
1118 /* Free the MAC hash table. */
1119 hash_free(zevpn->mac_table);
1120 zevpn->mac_table = NULL;
1121
1122 /* Remove references to the zevpn in the MH databases */
1123 if (zevpn->vxlan_if)
1124 zebra_evpn_vxl_evpn_set(zevpn->vxlan_if->info, zevpn, false);
1125 zebra_evpn_es_evi_cleanup(zevpn);
1126
1127 /* Free the EVPN hash entry and allocated memory. */
1128 tmp_zevpn = hash_release(zvrf->evpn_table, zevpn);
1129 XFREE(MTYPE_ZEVPN, tmp_zevpn);
1130
1131 return 0;
1132 }
1133
1134 /*
1135 * Inform BGP about local EVPN addition.
1136 */
1137 int zebra_evpn_send_add_to_client(struct zebra_evpn *zevpn)
1138 {
1139 struct zserv *client;
1140 struct stream *s;
1141 ifindex_t svi_index;
1142 int rc;
1143
1144 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
1145 /* BGP may not be running. */
1146 if (!client)
1147 return 0;
1148
1149 svi_index = zevpn->svi_if ? zevpn->svi_if->ifindex : 0;
1150
1151 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
1152
1153 zclient_create_header(s, ZEBRA_VNI_ADD, zebra_vrf_get_evpn_id());
1154 stream_putl(s, zevpn->vni);
1155 stream_put_in_addr(s, &zevpn->local_vtep_ip);
1156 stream_put(s, &zevpn->vrf_id, sizeof(vrf_id_t)); /* tenant vrf */
1157 stream_put_in_addr(s, &zevpn->mcast_grp);
1158 stream_put(s, &svi_index, sizeof(ifindex_t));
1159
1160 /* Write packet size. */
1161 stream_putw_at(s, 0, stream_get_endp(s));
1162
1163 if (IS_ZEBRA_DEBUG_VXLAN)
1164 zlog_debug(
1165 "Send EVPN_ADD %u %pI4 tenant vrf %s(%u) SVI index %u to %s",
1166 zevpn->vni, &zevpn->local_vtep_ip,
1167 vrf_id_to_name(zevpn->vrf_id), zevpn->vrf_id,
1168 (zevpn->svi_if ? zevpn->svi_if->ifindex : 0),
1169 zebra_route_string(client->proto));
1170
1171 client->vniadd_cnt++;
1172 rc = zserv_send_message(client, s);
1173
1174 if (!(zevpn->flags & ZEVPN_READY_FOR_BGP)) {
1175 zevpn->flags |= ZEVPN_READY_FOR_BGP;
1176 /* once the EVPN is sent the ES-EVIs can also be replayed
1177 * to BGP
1178 */
1179 zebra_evpn_update_all_es(zevpn);
1180 }
1181 return rc;
1182 }
1183
1184 /*
1185 * Inform BGP about local EVPN deletion.
1186 */
1187 int zebra_evpn_send_del_to_client(struct zebra_evpn *zevpn)
1188 {
1189 struct zserv *client;
1190 struct stream *s;
1191
1192 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
1193 /* BGP may not be running. */
1194 if (!client)
1195 return 0;
1196
1197 if (zevpn->flags & ZEVPN_READY_FOR_BGP) {
1198 zevpn->flags &= ~ZEVPN_READY_FOR_BGP;
1199 /* the ES-EVIs must be removed from BGP before the EVPN is */
1200 zebra_evpn_update_all_es(zevpn);
1201 }
1202
1203 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
1204 stream_reset(s);
1205
1206 zclient_create_header(s, ZEBRA_VNI_DEL, zebra_vrf_get_evpn_id());
1207 stream_putl(s, zevpn->vni);
1208
1209 /* Write packet size. */
1210 stream_putw_at(s, 0, stream_get_endp(s));
1211
1212 if (IS_ZEBRA_DEBUG_VXLAN)
1213 zlog_debug("Send EVPN_DEL %u to %s", zevpn->vni,
1214 zebra_route_string(client->proto));
1215
1216 client->vnidel_cnt++;
1217 return zserv_send_message(client, s);
1218 }
1219
1220 /*
1221 * See if remote VTEP matches with prefix.
1222 */
1223 static int zebra_evpn_vtep_match(struct in_addr *vtep_ip,
1224 struct zebra_vtep *zvtep)
1225 {
1226 return (IPV4_ADDR_SAME(vtep_ip, &zvtep->vtep_ip));
1227 }
1228
1229 /*
1230 * Locate remote VTEP in EVPN hash table.
1231 */
1232 struct zebra_vtep *zebra_evpn_vtep_find(struct zebra_evpn *zevpn,
1233 struct in_addr *vtep_ip)
1234 {
1235 struct zebra_vtep *zvtep;
1236
1237 if (!zevpn)
1238 return NULL;
1239
1240 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
1241 if (zebra_evpn_vtep_match(vtep_ip, zvtep))
1242 break;
1243 }
1244
1245 return zvtep;
1246 }
1247
1248 /*
1249 * Add remote VTEP to EVPN hash table.
1250 */
1251 struct zebra_vtep *zebra_evpn_vtep_add(struct zebra_evpn *zevpn,
1252 struct in_addr *vtep_ip,
1253 int flood_control)
1254
1255 {
1256 struct zebra_vtep *zvtep;
1257
1258 zvtep = XCALLOC(MTYPE_ZEVPN_VTEP, sizeof(struct zebra_vtep));
1259
1260 zvtep->vtep_ip = *vtep_ip;
1261 zvtep->flood_control = flood_control;
1262
1263 if (zevpn->vteps)
1264 zevpn->vteps->prev = zvtep;
1265 zvtep->next = zevpn->vteps;
1266 zevpn->vteps = zvtep;
1267
1268 return zvtep;
1269 }
1270
1271 /*
1272 * Remove remote VTEP from EVPN hash table.
1273 */
1274 int zebra_evpn_vtep_del(struct zebra_evpn *zevpn, struct zebra_vtep *zvtep)
1275 {
1276 if (zvtep->next)
1277 zvtep->next->prev = zvtep->prev;
1278 if (zvtep->prev)
1279 zvtep->prev->next = zvtep->next;
1280 else
1281 zevpn->vteps = zvtep->next;
1282
1283 zvtep->prev = zvtep->next = NULL;
1284 XFREE(MTYPE_ZEVPN_VTEP, zvtep);
1285
1286 return 0;
1287 }
1288
1289 /*
1290 * Delete all remote VTEPs for this EVPN (upon VNI delete). Also
1291 * uninstall from kernel if asked to.
1292 */
1293 int zebra_evpn_vtep_del_all(struct zebra_evpn *zevpn, int uninstall)
1294 {
1295 struct zebra_vtep *zvtep, *zvtep_next;
1296
1297 if (!zevpn)
1298 return -1;
1299
1300 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep_next) {
1301 zvtep_next = zvtep->next;
1302 if (uninstall)
1303 zebra_evpn_vtep_uninstall(zevpn, &zvtep->vtep_ip);
1304 zebra_evpn_vtep_del(zevpn, zvtep);
1305 }
1306
1307 return 0;
1308 }
1309
1310 /*
1311 * Install remote VTEP into the kernel if the remote VTEP has asked
1312 * for head-end-replication.
1313 */
1314 int zebra_evpn_vtep_install(struct zebra_evpn *zevpn, struct zebra_vtep *zvtep)
1315 {
1316 if (is_vxlan_flooding_head_end() &&
1317 (zvtep->flood_control == VXLAN_FLOOD_HEAD_END_REPL)) {
1318 if (ZEBRA_DPLANE_REQUEST_FAILURE ==
1319 dplane_vtep_add(zevpn->vxlan_if,
1320 &zvtep->vtep_ip, zevpn->vni))
1321 return -1;
1322 }
1323
1324 return 0;
1325 }
1326
1327 /*
1328 * Uninstall remote VTEP from the kernel.
1329 */
1330 int zebra_evpn_vtep_uninstall(struct zebra_evpn *zevpn, struct in_addr *vtep_ip)
1331 {
1332 if (!zevpn->vxlan_if) {
1333 zlog_debug("VNI %u hash %p couldn't be uninstalled - no intf",
1334 zevpn->vni, zevpn);
1335 return -1;
1336 }
1337
1338 if (ZEBRA_DPLANE_REQUEST_FAILURE ==
1339 dplane_vtep_delete(zevpn->vxlan_if, vtep_ip, zevpn->vni))
1340 return -1;
1341
1342 return 0;
1343 }
1344
1345 /*
1346 * Install or uninstall flood entries in the kernel corresponding to
1347 * remote VTEPs. This is invoked upon change to BUM handling.
1348 */
1349 void zebra_evpn_handle_flooding_remote_vteps(struct hash_bucket *bucket,
1350 void *zvrf)
1351 {
1352 struct zebra_evpn *zevpn;
1353 struct zebra_vtep *zvtep;
1354
1355 zevpn = (struct zebra_evpn *)bucket->data;
1356 if (!zevpn)
1357 return;
1358
1359 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
1360 if (is_vxlan_flooding_head_end())
1361 zebra_evpn_vtep_install(zevpn, zvtep);
1362 else
1363 zebra_evpn_vtep_uninstall(zevpn, &zvtep->vtep_ip);
1364 }
1365 }
1366
1367 /*
1368 * Cleanup EVPN/VTEP and update kernel
1369 */
1370 void zebra_evpn_cleanup_all(struct hash_bucket *bucket, void *arg)
1371 {
1372 struct zebra_evpn *zevpn = NULL;
1373
1374 zevpn = (struct zebra_evpn *)bucket->data;
1375
1376 /* Free up all neighbors and MACs, if any. */
1377 zebra_evpn_neigh_del_all(zevpn, 1, 0, DEL_ALL_NEIGH);
1378 zebra_evpn_mac_del_all(zevpn, 1, 0, DEL_ALL_MAC);
1379
1380 /* Free up all remote VTEPs, if any. */
1381 zebra_evpn_vtep_del_all(zevpn, 1);
1382
1383 /* Delete the hash entry. */
1384 zebra_evpn_del(zevpn);
1385 }
1386
1387 static void zebra_evpn_process_sync_macip_add(struct zebra_evpn *zevpn,
1388 const struct ethaddr *macaddr,
1389 uint16_t ipa_len,
1390 const struct ipaddr *ipaddr,
1391 uint8_t flags, uint32_t seq,
1392 const esi_t *esi)
1393 {
1394 char ipbuf[INET6_ADDRSTRLEN];
1395 bool sticky;
1396 bool remote_gw;
1397 struct zebra_neigh *n = NULL;
1398 struct zebra_mac *mac = NULL;
1399
1400 sticky = !!CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1401 remote_gw = !!CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1402 /* if sticky or remote-gw ignore updates from the peer */
1403 if (sticky || remote_gw) {
1404 if (IS_ZEBRA_DEBUG_VXLAN || IS_ZEBRA_DEBUG_EVPN_MH_NEIGH
1405 || IS_ZEBRA_DEBUG_EVPN_MH_MAC)
1406 zlog_debug(
1407 "Ignore sync-macip vni %u mac %pEA%s%s%s%s",
1408 zevpn->vni,
1409 macaddr,
1410 ipa_len ? " IP " : "",
1411 ipa_len ? ipaddr2str(ipaddr, ipbuf,
1412 sizeof(ipbuf))
1413 : "",
1414 sticky ? " sticky" : "",
1415 remote_gw ? " remote_gw" : "");
1416 return;
1417 }
1418
1419 if (!ipa_len) {
1420 /* MAC update */
1421 (void)zebra_evpn_proc_sync_mac_update(zevpn, macaddr, ipa_len,
1422 ipaddr, flags, seq, esi);
1423 } else {
1424 /* MAC-IP update */
1425 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1426 if (!mac) {
1427 mac = zebra_evpn_proc_sync_mac_update(zevpn, macaddr,
1428 ipa_len, ipaddr,
1429 flags, seq, esi);
1430 }
1431 if (!mac)
1432 return;
1433
1434 n = zebra_evpn_neigh_lookup(zevpn, ipaddr);
1435 if (n
1436 && !zebra_evpn_neigh_is_bgp_seq_ok(zevpn, n, macaddr, seq,
1437 true))
1438 return;
1439
1440 zebra_evpn_proc_sync_neigh_update(zevpn, n, ipa_len, ipaddr,
1441 flags, seq, esi, mac);
1442 }
1443 }
1444
1445 /************************** remote mac-ip handling **************************/
1446 /* Process a remote MACIP add from BGP. */
1447 void zebra_evpn_rem_macip_add(vni_t vni, const struct ethaddr *macaddr,
1448 uint16_t ipa_len, const struct ipaddr *ipaddr,
1449 uint8_t flags, uint32_t seq,
1450 struct in_addr vtep_ip, const esi_t *esi)
1451 {
1452 struct zebra_evpn *zevpn;
1453 struct zebra_vtep *zvtep;
1454 struct zebra_mac *mac = NULL;
1455 struct interface *ifp = NULL;
1456 struct zebra_if *zif = NULL;
1457 struct zebra_vrf *zvrf;
1458
1459 /* Locate EVPN hash entry - expected to exist. */
1460 zevpn = zebra_evpn_lookup(vni);
1461 if (!zevpn) {
1462 if (IS_ZEBRA_DEBUG_VXLAN)
1463 zlog_debug("Unknown VNI %u upon remote MACIP ADD", vni);
1464 return;
1465 }
1466
1467 ifp = zevpn->vxlan_if;
1468 if (ifp)
1469 zif = ifp->info;
1470 if (!ifp || !if_is_operative(ifp) || !zif || !zif->brslave_info.br_if) {
1471 if (IS_ZEBRA_DEBUG_VXLAN)
1472 zlog_debug(
1473 "Ignoring remote MACIP ADD VNI %u, invalid interface state or info",
1474 vni);
1475 return;
1476 }
1477
1478 /* Type-2 routes from another PE can be interpreted as remote or
1479 * SYNC based on the destination ES -
1480 * SYNC - if ES is local
1481 * REMOTE - if ES is not local
1482 */
1483 if (flags & ZEBRA_MACIP_TYPE_SYNC_PATH) {
1484 struct zebra_evpn_es *es;
1485
1486 es = zebra_evpn_es_find(esi);
1487 if (es && (es->flags & ZEBRA_EVPNES_READY_FOR_BGP)) {
1488 zebra_evpn_process_sync_macip_add(zevpn, macaddr,
1489 ipa_len, ipaddr,
1490 flags, seq, esi);
1491 } else {
1492 if (IS_ZEBRA_DEBUG_EVPN_MH_ES) {
1493 char esi_str[ESI_STR_LEN];
1494
1495 esi_to_str(esi, esi_str, sizeof(esi_str));
1496 zlog_debug(
1497 "Ignore sync-macip add; ES %s is not ready",
1498 esi_str);
1499 }
1500 }
1501
1502 return;
1503 }
1504
1505 /* The remote VTEP specified should normally exist, but it is
1506 * possible that when peering comes up, peer may advertise MACIP
1507 * routes before advertising type-3 routes.
1508 */
1509 if (vtep_ip.s_addr) {
1510 zvtep = zebra_evpn_vtep_find(zevpn, &vtep_ip);
1511 if (!zvtep) {
1512 zvtep = zebra_evpn_vtep_add(zevpn, &vtep_ip,
1513 VXLAN_FLOOD_DISABLED);
1514 if (!zvtep) {
1515 flog_err(
1516 EC_ZEBRA_VTEP_ADD_FAILED,
1517 "Failed to add remote VTEP, VNI %u zevpn %p upon remote MACIP ADD",
1518 vni, zevpn);
1519 return;
1520 }
1521
1522 zebra_evpn_vtep_install(zevpn, zvtep);
1523 }
1524 }
1525
1526 zvrf = zebra_vrf_get_evpn();
1527 if (!zvrf)
1528 return;
1529
1530 if (!ipa_len) {
1531 /* MAC update */
1532 zebra_evpn_mac_remote_macip_add(zevpn, zvrf, macaddr, vtep_ip,
1533 flags, seq, esi);
1534 } else {
1535 /* MAC-IP update
1536 * Add auto MAC if it doesn't exist.
1537 */
1538 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1539 if (!mac) {
1540 mac = zebra_evpn_mac_add_auto(zevpn, macaddr);
1541
1542 if (IS_ZEBRA_DEBUG_VXLAN)
1543 zlog_debug(
1544 "Neigh %pIA: MAC %pEA not found, Auto MAC created",
1545 ipaddr, macaddr);
1546 }
1547
1548 zebra_evpn_neigh_remote_macip_add(zevpn, zvrf, ipaddr, mac,
1549 vtep_ip, flags, seq);
1550 }
1551 }
1552
1553 /* Process a remote MACIP delete from BGP. */
1554 void zebra_evpn_rem_macip_del(vni_t vni, const struct ethaddr *macaddr,
1555 uint16_t ipa_len, const struct ipaddr *ipaddr,
1556 struct in_addr vtep_ip)
1557 {
1558 struct zebra_evpn *zevpn;
1559 struct zebra_mac *mac = NULL;
1560 struct zebra_neigh *n = NULL;
1561 struct interface *ifp = NULL;
1562 struct zebra_if *zif = NULL;
1563 struct zebra_ns *zns;
1564 struct zebra_vxlan_vni *vnip;
1565 struct zebra_vrf *zvrf;
1566 char buf1[INET6_ADDRSTRLEN];
1567
1568 /* Locate EVPN hash entry - expected to exist. */
1569 zevpn = zebra_evpn_lookup(vni);
1570 if (!zevpn) {
1571 if (IS_ZEBRA_DEBUG_VXLAN)
1572 zlog_debug("Unknown VNI %u upon remote MACIP DEL", vni);
1573 return;
1574 }
1575
1576 ifp = zevpn->vxlan_if;
1577 if (ifp)
1578 zif = ifp->info;
1579 if (!ifp || !if_is_operative(ifp) || !zif || !zif->brslave_info.br_if) {
1580 if (IS_ZEBRA_DEBUG_VXLAN)
1581 zlog_debug(
1582 "Ignoring remote MACIP DEL VNI %u, invalid interface state or info",
1583 vni);
1584 return;
1585 }
1586 zns = zebra_ns_lookup(NS_DEFAULT);
1587 vnip = zebra_vxlan_if_vni_find(zif, vni);
1588 if (!vnip) {
1589 if (IS_ZEBRA_DEBUG_VXLAN)
1590 zlog_debug(
1591 "VNI %u not in interface upon remote MACIP DEL",
1592 vni);
1593 return;
1594 }
1595
1596 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1597 if (ipa_len)
1598 n = zebra_evpn_neigh_lookup(zevpn, ipaddr);
1599
1600 if (n && !mac) {
1601 zlog_warn(
1602 "Failed to locate MAC %pEA for Neigh %pIA VNI %u upon remote MACIP DEL",
1603 macaddr, ipaddr, vni);
1604 return;
1605 }
1606
1607 /* If the remote mac or neighbor doesn't exist there is nothing
1608 * more to do. Otherwise, uninstall the entry and then remove it.
1609 */
1610 if (!mac && !n) {
1611 if (IS_ZEBRA_DEBUG_VXLAN)
1612 zlog_debug(
1613 "Failed to locate MAC %pEA & Neigh %pIA VNI %u upon remote MACIP DEL",
1614 macaddr, ipaddr, vni);
1615 return;
1616 }
1617
1618 zvrf = zevpn->vxlan_if->vrf->info;
1619
1620 /* Ignore the delete if this mac is a gateway mac-ip */
1621 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL)
1622 && CHECK_FLAG(mac->flags, ZEBRA_MAC_DEF_GW)) {
1623 zlog_warn(
1624 "Ignore remote MACIP DEL VNI %u MAC %pEA%s%s as MAC is already configured as gateway MAC",
1625 vni, macaddr,
1626 ipa_len ? " IP " : "",
1627 ipa_len ? ipaddr2str(ipaddr, buf1, sizeof(buf1)) : "");
1628 return;
1629 }
1630
1631 /* Uninstall remote neighbor or MAC. */
1632 if (n)
1633 zebra_evpn_neigh_remote_uninstall(zevpn, zvrf, n, mac, ipaddr);
1634 else {
1635 /* DAD: when MAC is freeze state as remote learn event,
1636 * remote mac-ip delete event is received will result in freeze
1637 * entry removal, first fetch kernel for the same entry present
1638 * as LOCAL and reachable, avoid deleting this entry instead
1639 * use kerenel local entry to update during unfreeze time.
1640 */
1641 if (zvrf->dad_freeze
1642 && CHECK_FLAG(mac->flags, ZEBRA_MAC_DUPLICATE)
1643 && CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE)) {
1644 if (IS_ZEBRA_DEBUG_VXLAN)
1645 zlog_debug(
1646 "%s: MAC %pEA (flags 0x%x) is remote and duplicate, read kernel for local entry",
1647 __func__, macaddr, mac->flags);
1648 macfdb_read_specific_mac(zns, zif->brslave_info.br_if,
1649 macaddr, vnip->access_vlan);
1650 }
1651
1652 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL)) {
1653 if (!ipa_len)
1654 zebra_evpn_sync_mac_del(mac);
1655 } else if (CHECK_FLAG(mac->flags, ZEBRA_NEIGH_REMOTE)) {
1656 zebra_evpn_rem_mac_del(zevpn, mac);
1657 }
1658 }
1659 }
1660
1661 /************************** EVPN BGP config management ************************/
1662 void zebra_evpn_cfg_cleanup(struct hash_bucket *bucket, void *ctxt)
1663 {
1664 struct zebra_evpn *zevpn = NULL;
1665
1666 zevpn = (struct zebra_evpn *)bucket->data;
1667 zevpn->advertise_gw_macip = 0;
1668 zevpn->advertise_svi_macip = 0;
1669 zevpn->advertise_subnet = 0;
1670
1671 zebra_evpn_neigh_del_all(zevpn, 1, 0,
1672 DEL_REMOTE_NEIGH | DEL_REMOTE_NEIGH_FROM_VTEP);
1673 zebra_evpn_mac_del_all(zevpn, 1, 0,
1674 DEL_REMOTE_MAC | DEL_REMOTE_MAC_FROM_VTEP);
1675 zebra_evpn_vtep_del_all(zevpn, 1);
1676 }
FRRouting mirror