]> git.proxmox.com Git - mirror_frr.git/blob - zebra/zebra_evpn.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #12728 from opensourcerouting/feature/bgp_neighbor_path-attribute_...
[mirror_frr.git] / zebra / zebra_evpn.c
1 /*
2 * Zebra EVPN for VxLAN code
3 * Copyright (C) 2016, 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRR is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRR is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with FRR; see the file COPYING. If not, write to the Free
19 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
20 * 02111-1307, USA.
21 */
22 #include <zebra.h>
23
24 #include "hash.h"
25 #include "if.h"
26 #include "jhash.h"
27 #include "linklist.h"
28 #include "log.h"
29 #include "memory.h"
30 #include "prefix.h"
31 #include "stream.h"
32 #include "table.h"
33 #include "vlan.h"
34 #include "vxlan.h"
35 #ifdef GNU_LINUX
36 #include <linux/neighbour.h>
37 #endif
38
39 #include "zebra/zebra_router.h"
40 #include "zebra/debug.h"
41 #include "zebra/interface.h"
42 #include "zebra/rib.h"
43 #include "zebra/rt.h"
44 #include "zebra/rt_netlink.h"
45 #include "zebra/zebra_errors.h"
46 #include "zebra/zebra_l2.h"
47 #include "zebra/zebra_l2_bridge_if.h"
48 #include "zebra/zebra_ns.h"
49 #include "zebra/zebra_vrf.h"
50 #include "zebra/zebra_vxlan.h"
51 #include "zebra/zebra_vxlan_private.h"
52 #include "zebra/zebra_evpn.h"
53 #include "zebra/zebra_evpn_mac.h"
54 #include "zebra/zebra_evpn_neigh.h"
55 #include "zebra/zebra_evpn_mh.h"
56 #include "zebra/zebra_evpn_vxlan.h"
57 #include "zebra/zebra_router.h"
58
59 DEFINE_MTYPE_STATIC(ZEBRA, ZEVPN, "VNI hash");
60 DEFINE_MTYPE_STATIC(ZEBRA, ZEVPN_VTEP, "VNI remote VTEP");
61
62 /* PMSI strings. */
63 #define VXLAN_FLOOD_STR_NO_INFO "-"
64 #define VXLAN_FLOOD_STR_DEFAULT VXLAN_FLOOD_STR_NO_INFO
65 static const struct message zvtep_flood_str[] = {
66 {VXLAN_FLOOD_DISABLED, VXLAN_FLOOD_STR_NO_INFO},
67 {VXLAN_FLOOD_PIM_SM, "PIM-SM"},
68 {VXLAN_FLOOD_HEAD_END_REPL, "HER"},
69 {0}
70 };
71
72 int advertise_gw_macip_enabled(struct zebra_evpn *zevpn)
73 {
74 struct zebra_vrf *zvrf;
75
76 zvrf = zebra_vrf_get_evpn();
77 if (zvrf->advertise_gw_macip)
78 return 1;
79
80 if (zevpn && zevpn->advertise_gw_macip)
81 return 1;
82
83 return 0;
84 }
85
86 int advertise_svi_macip_enabled(struct zebra_evpn *zevpn)
87 {
88 struct zebra_vrf *zvrf;
89
90 zvrf = zebra_vrf_get_evpn();
91 if (zvrf->advertise_svi_macip)
92 return 1;
93
94 if (zevpn && zevpn->advertise_svi_macip)
95 return 1;
96
97 return 0;
98 }
99
100 /*
101 * Print a specific EVPN entry.
102 */
103 void zebra_evpn_print(struct zebra_evpn *zevpn, void **ctxt)
104 {
105
106 struct vty *vty = NULL;
107 struct zebra_vtep *zvtep = NULL;
108 uint32_t num_macs = 0;
109 uint32_t num_neigh = 0;
110 uint32_t num_vteps = 0;
111 json_object *json = NULL;
112 json_object *json_vtep_list = NULL;
113 json_object *json_vtep = NULL;
114
115 vty = ctxt[0];
116 json = ctxt[1];
117
118 if (json == NULL) {
119 vty_out(vty, "VNI: %u\n", zevpn->vni);
120 vty_out(vty, " Type: %s\n", "L2");
121 vty_out(vty, " Vlan: %u\n", zevpn->vid);
122 vty_out(vty, " Bridge: %s\n",
123 zevpn->bridge_if ? zevpn->bridge_if->name : "-");
124 vty_out(vty, " Tenant VRF: %s\n", vrf_id_to_name(zevpn->vrf_id));
125 } else {
126 json_object_int_add(json, "vni", zevpn->vni);
127 json_object_string_add(json, "type", "L2");
128 #if CONFDATE > 20240210
129 CPP_NOTICE("Drop `vrf` from JSON output")
130 #endif
131 json_object_string_add(json, "vrf",
132 vrf_id_to_name(zevpn->vrf_id));
133 json_object_string_add(json, "tenantVrf",
134 vrf_id_to_name(zevpn->vrf_id));
135 }
136
137 if (!zevpn->vxlan_if) { // unexpected
138 if (json == NULL)
139 vty_out(vty, " VxLAN interface: unknown\n");
140 else
141 json_object_string_add(json, "vxlanInterface",
142 "unknown");
143 return;
144 }
145 num_macs = num_valid_macs(zevpn);
146 num_neigh = hashcount(zevpn->neigh_table);
147 if (json == NULL) {
148 vty_out(vty, " VxLAN interface: %s\n", zevpn->vxlan_if->name);
149 vty_out(vty, " VxLAN ifIndex: %u\n", zevpn->vxlan_if->ifindex);
150 vty_out(vty, " SVI interface: %s\n",
151 (zevpn->svi_if ? zevpn->svi_if->name : ""));
152 vty_out(vty, " SVI ifIndex: %u\n",
153 (zevpn->svi_if ? zevpn->svi_if->ifindex : 0));
154 vty_out(vty, " Local VTEP IP: %pI4\n",
155 &zevpn->local_vtep_ip);
156 vty_out(vty, " Mcast group: %pI4\n",
157 &zevpn->mcast_grp);
158 } else {
159 json_object_string_add(json, "vxlanInterface",
160 zevpn->vxlan_if->name);
161 #if CONFDATE > 20240210
162 CPP_NOTICE("Drop `ifindex` from JSON output")
163 #endif
164 json_object_int_add(json, "ifindex", zevpn->vxlan_if->ifindex);
165 json_object_int_add(json, "vxlanIfindex",
166 zevpn->vxlan_if->ifindex);
167 if (zevpn->svi_if) {
168 json_object_string_add(json, "sviInterface",
169 zevpn->svi_if->name);
170 json_object_int_add(json, "sviIfindex",
171 zevpn->svi_if->ifindex);
172 }
173 json_object_string_addf(json, "vtepIp", "%pI4",
174 &zevpn->local_vtep_ip);
175 json_object_string_addf(json, "mcastGroup", "%pI4",
176 &zevpn->mcast_grp);
177 json_object_string_add(json, "advertiseGatewayMacip",
178 zevpn->advertise_gw_macip ? "Yes"
179 : "No");
180 json_object_string_add(json, "advertiseSviMacip",
181 zevpn->advertise_svi_macip ? "Yes"
182 : "No");
183 json_object_int_add(json, "numMacs", num_macs);
184 json_object_int_add(json, "numArpNd", num_neigh);
185 }
186 if (!zevpn->vteps) {
187 if (json == NULL)
188 vty_out(vty, " No remote VTEPs known for this VNI\n");
189 else
190 json_object_int_add(json, "numRemoteVteps", num_vteps);
191 } else {
192 if (json == NULL)
193 vty_out(vty, " Remote VTEPs for this VNI:\n");
194 else
195 json_vtep_list = json_object_new_array();
196 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
197 const char *flood_str = lookup_msg(
198 zvtep_flood_str, zvtep->flood_control,
199 VXLAN_FLOOD_STR_DEFAULT);
200
201 if (json == NULL) {
202 vty_out(vty, " %pI4 flood: %s\n",
203 &zvtep->vtep_ip,
204 flood_str);
205 } else {
206 json_vtep = json_object_new_object();
207 json_object_string_addf(json_vtep, "ip", "%pI4",
208 &zvtep->vtep_ip);
209 json_object_string_add(json_vtep, "flood",
210 flood_str);
211 json_object_array_add(json_vtep_list,
212 json_vtep);
213 }
214 num_vteps++;
215 }
216 if (json) {
217 json_object_int_add(json, "numRemoteVteps", num_vteps);
218 json_object_object_add(json, "remoteVteps",
219 json_vtep_list);
220 }
221 }
222 if (json == NULL) {
223 vty_out(vty,
224 " Number of MACs (local and remote) known for this VNI: %u\n",
225 num_macs);
226 vty_out(vty,
227 " Number of ARPs (IPv4 and IPv6, local and remote) "
228 "known for this VNI: %u\n",
229 num_neigh);
230 vty_out(vty, " Advertise-gw-macip: %s\n",
231 zevpn->advertise_gw_macip ? "Yes" : "No");
232 vty_out(vty, " Advertise-svi-macip: %s\n",
233 zevpn->advertise_svi_macip ? "Yes" : "No");
234 }
235 }
236
237 /*
238 * Print an EVPN hash entry - called for display of all VNIs.
239 */
240 void zebra_evpn_print_hash(struct hash_bucket *bucket, void *ctxt[])
241 {
242 struct vty *vty;
243 struct zebra_evpn *zevpn;
244 struct zebra_vtep *zvtep;
245 uint32_t num_vteps = 0;
246 uint32_t num_macs = 0;
247 uint32_t num_neigh = 0;
248 json_object *json = NULL;
249 json_object *json_evpn = NULL;
250 json_object *json_ip_str = NULL;
251 json_object *json_vtep_list = NULL;
252 char buf[PREFIX_STRLEN];
253
254 vty = ctxt[0];
255 json = ctxt[1];
256
257 zevpn = (struct zebra_evpn *)bucket->data;
258
259 zvtep = zevpn->vteps;
260 while (zvtep) {
261 num_vteps++;
262 zvtep = zvtep->next;
263 }
264
265 num_macs = num_valid_macs(zevpn);
266 num_neigh = hashcount(zevpn->neigh_table);
267 if (json == NULL)
268 vty_out(vty, "%-10u %-4s %-21s %-8u %-8u %-15u %-37s\n",
269 zevpn->vni, "L2",
270 zevpn->vxlan_if ? zevpn->vxlan_if->name : "unknown",
271 num_macs, num_neigh, num_vteps,
272 vrf_id_to_name(zevpn->vrf_id));
273 else {
274 char vni_str[VNI_STR_LEN];
275 snprintf(vni_str, VNI_STR_LEN, "%u", zevpn->vni);
276 json_evpn = json_object_new_object();
277 json_object_int_add(json_evpn, "vni", zevpn->vni);
278 json_object_string_add(json_evpn, "type", "L2");
279 json_object_string_add(json_evpn, "vxlanIf",
280 zevpn->vxlan_if ? zevpn->vxlan_if->name
281 : "unknown");
282 json_object_int_add(json_evpn, "numMacs", num_macs);
283 json_object_int_add(json_evpn, "numArpNd", num_neigh);
284 json_object_int_add(json_evpn, "numRemoteVteps", num_vteps);
285 json_object_string_add(json_evpn, "tenantVrf",
286 vrf_id_to_name(zevpn->vrf_id));
287 if (num_vteps) {
288 json_vtep_list = json_object_new_array();
289 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
290 json_ip_str = json_object_new_string(
291 inet_ntop(AF_INET, &zvtep->vtep_ip, buf,
292 sizeof(buf)));
293 json_object_array_add(json_vtep_list,
294 json_ip_str);
295 }
296 json_object_object_add(json_evpn, "remoteVteps",
297 json_vtep_list);
298 }
299 json_object_object_add(json, vni_str, json_evpn);
300 }
301 }
302
303 /*
304 * Print an EVPN hash entry in detail - called for display of all EVPNs.
305 */
306 void zebra_evpn_print_hash_detail(struct hash_bucket *bucket, void *data)
307 {
308 struct vty *vty;
309 struct zebra_evpn *zevpn;
310 json_object *json_array = NULL;
311 bool use_json = false;
312 struct zebra_evpn_show *zes = data;
313
314 vty = zes->vty;
315 json_array = zes->json;
316 use_json = zes->use_json;
317
318 zevpn = (struct zebra_evpn *)bucket->data;
319
320 zebra_vxlan_print_vni(vty, zes->zvrf, zevpn->vni, use_json, json_array);
321
322 if (!use_json)
323 vty_out(vty, "\n");
324 }
325
326 int zebra_evpn_del_macip_for_intf(struct interface *ifp,
327 struct zebra_evpn *zevpn)
328 {
329 struct listnode *cnode = NULL, *cnnode = NULL;
330 struct connected *c = NULL;
331 struct ethaddr macaddr;
332
333 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
334
335 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
336 struct ipaddr ip;
337
338 memset(&ip, 0, sizeof(struct ipaddr));
339 if (!CHECK_FLAG(c->conf, ZEBRA_IFC_REAL))
340 continue;
341
342 if (c->address->family == AF_INET) {
343 ip.ipa_type = IPADDR_V4;
344 memcpy(&(ip.ipaddr_v4), &(c->address->u.prefix4),
345 sizeof(struct in_addr));
346 } else if (c->address->family == AF_INET6) {
347 ip.ipa_type = IPADDR_V6;
348 memcpy(&(ip.ipaddr_v6), &(c->address->u.prefix6),
349 sizeof(struct in6_addr));
350 } else {
351 continue;
352 }
353
354 zebra_evpn_gw_macip_del(ifp, zevpn, &ip);
355 }
356
357 return 0;
358 }
359
360 int zebra_evpn_add_macip_for_intf(struct interface *ifp,
361 struct zebra_evpn *zevpn)
362 {
363 struct listnode *cnode = NULL, *cnnode = NULL;
364 struct connected *c = NULL;
365 struct ethaddr macaddr;
366
367 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
368
369 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
370 struct ipaddr ip;
371
372 if (!CHECK_FLAG(c->conf, ZEBRA_IFC_REAL))
373 continue;
374
375 memset(&ip, 0, sizeof(struct ipaddr));
376 if (c->address->family == AF_INET) {
377 ip.ipa_type = IPADDR_V4;
378 memcpy(&(ip.ipaddr_v4), &(c->address->u.prefix4),
379 sizeof(struct in_addr));
380 } else if (c->address->family == AF_INET6) {
381 ip.ipa_type = IPADDR_V6;
382 memcpy(&(ip.ipaddr_v6), &(c->address->u.prefix6),
383 sizeof(struct in6_addr));
384 } else {
385 continue;
386 }
387
388 zebra_evpn_gw_macip_add(ifp, zevpn, &macaddr, &ip);
389 }
390 return 0;
391 }
392
393 static int ip_prefix_send_to_client(vrf_id_t vrf_id, struct prefix *p,
394 uint16_t cmd)
395 {
396 struct zserv *client = NULL;
397 struct stream *s = NULL;
398
399 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
400 /* BGP may not be running. */
401 if (!client)
402 return 0;
403
404 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
405
406 zclient_create_header(s, cmd, vrf_id);
407 stream_put(s, p, sizeof(struct prefix));
408
409 /* Write packet size. */
410 stream_putw_at(s, 0, stream_get_endp(s));
411
412 if (IS_ZEBRA_DEBUG_VXLAN)
413 zlog_debug("Send ip prefix %pFX %s on vrf %s", p,
414 (cmd == ZEBRA_IP_PREFIX_ROUTE_ADD) ? "ADD" : "DEL",
415 vrf_id_to_name(vrf_id));
416
417 if (cmd == ZEBRA_IP_PREFIX_ROUTE_ADD)
418 client->prefixadd_cnt++;
419 else
420 client->prefixdel_cnt++;
421
422 return zserv_send_message(client, s);
423 }
424
425 int zebra_evpn_advertise_subnet(struct zebra_evpn *zevpn, struct interface *ifp,
426 int advertise)
427 {
428 struct listnode *cnode = NULL, *cnnode = NULL;
429 struct connected *c = NULL;
430 struct ethaddr macaddr;
431
432 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
433
434 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
435 struct prefix p;
436
437 memcpy(&p, c->address, sizeof(struct prefix));
438
439 /* skip link local address */
440 if (IN6_IS_ADDR_LINKLOCAL(&p.u.prefix6))
441 continue;
442
443 apply_mask(&p);
444 if (advertise)
445 ip_prefix_send_to_client(ifp->vrf->vrf_id, &p,
446 ZEBRA_IP_PREFIX_ROUTE_ADD);
447 else
448 ip_prefix_send_to_client(ifp->vrf->vrf_id, &p,
449 ZEBRA_IP_PREFIX_ROUTE_DEL);
450 }
451 return 0;
452 }
453
454 /*
455 * zebra_evpn_gw_macip_add_to_client
456 */
457 int zebra_evpn_gw_macip_add(struct interface *ifp, struct zebra_evpn *zevpn,
458 struct ethaddr *macaddr, struct ipaddr *ip)
459 {
460 struct zebra_mac *mac = NULL;
461 struct zebra_if *zif = NULL;
462 struct zebra_vxlan_vni *vni;
463
464 zif = zevpn->vxlan_if->info;
465 if (!zif)
466 return -1;
467
468 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
469
470 zebra_evpn_mac_gw_macip_add(ifp, zevpn, ip, &mac, macaddr,
471 vni->access_vlan, true);
472
473 return zebra_evpn_neigh_gw_macip_add(ifp, zevpn, ip, mac);
474 }
475
476 /*
477 * zebra_evpn_gw_macip_del_from_client
478 */
479 int zebra_evpn_gw_macip_del(struct interface *ifp, struct zebra_evpn *zevpn,
480 struct ipaddr *ip)
481 {
482 struct zebra_neigh *n = NULL;
483 struct zebra_mac *mac = NULL;
484
485 /* If the neigh entry is not present nothing to do*/
486 n = zebra_evpn_neigh_lookup(zevpn, ip);
487 if (!n)
488 return 0;
489
490 /* mac entry should be present */
491 mac = zebra_evpn_mac_lookup(zevpn, &n->emac);
492 if (!mac) {
493 if (IS_ZEBRA_DEBUG_VXLAN)
494 zlog_debug("MAC %pEA doesn't exist for neigh %pIA on VNI %u",
495 &n->emac, ip, zevpn->vni);
496 return -1;
497 }
498
499 /* If the entry is not local nothing to do*/
500 if (!CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL))
501 return -1;
502
503 /* only need to delete the entry from bgp if we sent it before */
504 if (IS_ZEBRA_DEBUG_VXLAN)
505 zlog_debug(
506 "%u:SVI %s(%u) VNI %u, sending GW MAC %pEA IP %pIA del to BGP",
507 ifp->vrf->vrf_id, ifp->name, ifp->ifindex, zevpn->vni,
508 &n->emac, ip);
509
510 /* Remove neighbor from BGP. */
511 zebra_evpn_neigh_send_del_to_client(zevpn->vni, &n->ip, &n->emac,
512 n->flags, ZEBRA_NEIGH_ACTIVE,
513 false /*force*/);
514
515 /* Delete this neighbor entry. */
516 zebra_evpn_neigh_del(zevpn, n);
517
518 /* see if the mac needs to be deleted as well*/
519 if (mac)
520 zebra_evpn_deref_ip2mac(zevpn, mac);
521
522 return 0;
523 }
524
525 void zebra_evpn_gw_macip_del_for_evpn_hash(struct hash_bucket *bucket,
526 void *ctxt)
527 {
528 struct zebra_evpn *zevpn = NULL;
529 struct zebra_if *zif = NULL;
530 struct zebra_vxlan_vni *vni = NULL;
531 struct interface *vlan_if = NULL;
532 struct interface *vrr_if = NULL;
533 struct interface *ifp;
534
535 /* Add primary SVI MAC*/
536 zevpn = (struct zebra_evpn *)bucket->data;
537
538 /* Global (Zvrf) advertise-default-gw is disabled,
539 * but zevpn advertise-default-gw is enabled
540 */
541 if (zevpn->advertise_gw_macip) {
542 if (IS_ZEBRA_DEBUG_VXLAN)
543 zlog_debug("VNI: %u GW-MACIP enabled, retain gw-macip",
544 zevpn->vni);
545 return;
546 }
547
548 ifp = zevpn->vxlan_if;
549 if (!ifp)
550 return;
551 zif = ifp->info;
552
553 /* If down or not mapped to a bridge, we're done. */
554 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
555 return;
556
557 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
558 if (!vni)
559 return;
560
561 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
562 if (!vlan_if)
563 return;
564
565 /* Del primary MAC-IP */
566 zebra_evpn_del_macip_for_intf(vlan_if, zevpn);
567
568 /* Del VRR MAC-IP - if any*/
569 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
570 if (vrr_if)
571 zebra_evpn_del_macip_for_intf(vrr_if, zevpn);
572
573 return;
574 }
575
576 void zebra_evpn_gw_macip_add_for_evpn_hash(struct hash_bucket *bucket,
577 void *ctxt)
578 {
579 struct zebra_evpn *zevpn = NULL;
580 struct zebra_if *zif = NULL;
581 struct interface *vlan_if = NULL;
582 struct interface *vrr_if = NULL;
583 struct interface *ifp = NULL;
584 struct zebra_vxlan_vni *vni = NULL;
585
586 zevpn = (struct zebra_evpn *)bucket->data;
587
588 ifp = zevpn->vxlan_if;
589 if (!ifp)
590 return;
591 zif = ifp->info;
592
593 /* If down or not mapped to a bridge, we're done. */
594 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
595 return;
596 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
597 if (!vni)
598 return;
599
600 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
601 if (!vlan_if)
602 return;
603
604 /* Add primary SVI MAC-IP */
605 if (advertise_svi_macip_enabled(zevpn)
606 || advertise_gw_macip_enabled(zevpn))
607 zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
608
609 if (advertise_gw_macip_enabled(zevpn)) {
610 /* Add VRR MAC-IP - if any*/
611 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
612 if (vrr_if)
613 zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
614 }
615
616 return;
617 }
618
619 void zebra_evpn_svi_macip_del_for_evpn_hash(struct hash_bucket *bucket,
620 void *ctxt)
621 {
622 struct zebra_evpn *zevpn = NULL;
623 struct zebra_if *zif = NULL;
624 struct interface *vlan_if = NULL;
625 struct zebra_vxlan_vni *vni = NULL;
626 struct interface *ifp;
627
628 /* Add primary SVI MAC*/
629 zevpn = (struct zebra_evpn *)bucket->data;
630 if (!zevpn)
631 return;
632
633 /* Global(vrf) advertise-svi-ip disabled, but zevpn advertise-svi-ip
634 * enabled
635 */
636 if (zevpn->advertise_svi_macip) {
637 if (IS_ZEBRA_DEBUG_VXLAN)
638 zlog_debug("VNI: %u SVI-MACIP enabled, retain svi-macip",
639 zevpn->vni);
640 return;
641 }
642
643 ifp = zevpn->vxlan_if;
644 if (!ifp)
645 return;
646 zif = ifp->info;
647
648 /* If down or not mapped to a bridge, we're done. */
649 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
650 return;
651
652 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
653 if (!vni)
654 return;
655
656 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
657 if (!vlan_if)
658 return;
659
660 /* Del primary MAC-IP */
661 zebra_evpn_del_macip_for_intf(vlan_if, zevpn);
662
663 return;
664 }
665
666 static int zebra_evpn_map_vlan_ns(struct ns *ns,
667 void *_in_param,
668 void **_p_zevpn)
669 {
670 int found = 0;
671 struct zebra_ns *zns = ns->info;
672 struct route_node *rn;
673 struct interface *br_if;
674 struct zebra_evpn **p_zevpn = (struct zebra_evpn **)_p_zevpn;
675 struct zebra_evpn *zevpn;
676 struct interface *tmp_if = NULL;
677 struct zebra_if *zif;
678 struct zebra_from_svi_param *in_param =
679 (struct zebra_from_svi_param *)_in_param;
680 vlanid_t vid;
681 vni_t vni_id = 0;
682 uint8_t bridge_vlan_aware;
683
684 assert(p_zevpn && in_param);
685
686 br_if = in_param->br_if;
687 assert(br_if);
688 zif = in_param->zif;
689 assert(zif);
690 vid = in_param->vid;
691 bridge_vlan_aware = in_param->bridge_vlan_aware;
692
693 if (bridge_vlan_aware) {
694 vni_id = zebra_l2_bridge_if_vni_find(zif, vid);
695 if (vni_id)
696 found = 1;
697 } else {
698 /*
699 * See if this interface (or interface plus VLAN Id) maps to a
700 * VxLAN
701 */
702 /* TODO: Optimize with a hash. */
703 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
704 tmp_if = (struct interface *)rn->info;
705 if (!tmp_if)
706 continue;
707 zif = tmp_if->info;
708 if (!zif || zif->zif_type != ZEBRA_IF_VXLAN)
709 continue;
710 if (!if_is_operative(tmp_if))
711 continue;
712
713 if (zif->brslave_info.br_if != br_if)
714 continue;
715
716 vni_id =
717 zebra_vxlan_if_access_vlan_vni_find(zif, br_if);
718 if (vni_id) {
719 found = 1;
720 break;
721 }
722 }
723 }
724
725 if (!found)
726 return NS_WALK_CONTINUE;
727
728 zevpn = zebra_evpn_lookup(vni_id);
729 *p_zevpn = zevpn;
730 return NS_WALK_STOP;
731 }
732
733 /*
734 * Map port or (port, VLAN) to an EVPN. This is invoked upon getting MAC
735 * notifications, to see if they are of interest.
736 */
737 struct zebra_evpn *zebra_evpn_map_vlan(struct interface *ifp,
738 struct interface *br_if, vlanid_t vid)
739 {
740 struct zebra_if *zif;
741 struct zebra_evpn **p_zevpn;
742 struct zebra_evpn *zevpn = NULL;
743 struct zebra_from_svi_param in_param;
744
745 /* Determine if bridge is VLAN-aware or not */
746 zif = br_if->info;
747 assert(zif);
748 in_param.bridge_vlan_aware = IS_ZEBRA_IF_BRIDGE_VLAN_AWARE(zif);
749 in_param.vid = vid;
750 in_param.br_if = br_if;
751 in_param.zif = zif;
752 p_zevpn = &zevpn;
753
754 ns_walk_func(zebra_evpn_map_vlan_ns,
755 (void *)&in_param,
756 (void **)p_zevpn);
757 return zevpn;
758 }
759
760 static int zebra_evpn_from_svi_ns(struct ns *ns,
761 void *_in_param,
762 void **_p_zevpn)
763 {
764 struct zebra_ns *zns = ns->info;
765 struct route_node *rn;
766 struct interface *br_if;
767 struct zebra_evpn **p_zevpn = (struct zebra_evpn **)_p_zevpn;
768 struct zebra_evpn *zevpn;
769 struct interface *tmp_if = NULL;
770 struct zebra_if *zif;
771 struct zebra_if *br_zif;
772 struct zebra_l2_bridge_vlan *bvlan;
773 struct zebra_from_svi_param *in_param =
774 (struct zebra_from_svi_param *)_in_param;
775 int found = 0;
776 vni_t vni_id = 0;
777 vlanid_t vid = 0;
778 uint8_t bridge_vlan_aware;
779
780 if (!in_param)
781 return NS_WALK_STOP;
782
783 br_if = in_param->br_if;
784 zif = in_param->zif;
785 assert(zif);
786 bridge_vlan_aware = in_param->bridge_vlan_aware;
787 vid = in_param->vid;
788 br_zif = br_if->info;
789 assert(br_zif);
790
791 if (bridge_vlan_aware) {
792 bvlan = zebra_l2_bridge_if_vlan_find(br_zif, vid);
793 if (bvlan && bvlan->access_bd && bvlan->access_bd->vni) {
794 found = 1;
795 vni_id = bvlan->access_bd->vni;
796 }
797 } else {
798 /* TODO: Optimize with a hash. */
799 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
800 tmp_if = (struct interface *)rn->info;
801 if (!tmp_if)
802 continue;
803 zif = tmp_if->info;
804 if (!zif || zif->zif_type != ZEBRA_IF_VXLAN)
805 continue;
806 if (!if_is_operative(tmp_if))
807 continue;
808
809 if (zif->brslave_info.br_if != br_if)
810 continue;
811
812 vni_id =
813 zebra_vxlan_if_access_vlan_vni_find(zif, br_if);
814 if (vni_id) {
815 found = 1;
816 break;
817 }
818 }
819 }
820
821 if (!found)
822 return NS_WALK_CONTINUE;
823
824 zevpn = zebra_evpn_lookup(vni_id);
825 if (p_zevpn)
826 *p_zevpn = zevpn;
827 return NS_WALK_STOP;
828 }
829
830 /*
831 * Map SVI and associated bridge to an EVPN. This is invoked upon getting
832 * neighbor notifications, to see if they are of interest.
833 */
834 struct zebra_evpn *zebra_evpn_from_svi(struct interface *ifp,
835 struct interface *br_if)
836 {
837 struct zebra_evpn *zevpn = NULL;
838 struct zebra_evpn **p_zevpn;
839 struct zebra_if *zif;
840 struct zebra_from_svi_param in_param;
841
842 if (!br_if)
843 return NULL;
844
845 /* Make sure the linked interface is a bridge. */
846 if (!IS_ZEBRA_IF_BRIDGE(br_if))
847 return NULL;
848
849 /* Determine if bridge is VLAN-aware or not */
850 zif = br_if->info;
851 assert(zif);
852 in_param.bridge_vlan_aware = IS_ZEBRA_IF_BRIDGE_VLAN_AWARE(zif);
853 in_param.vid = 0;
854
855 if (in_param.bridge_vlan_aware) {
856 struct zebra_l2info_vlan *vl;
857
858 if (!IS_ZEBRA_IF_VLAN(ifp))
859 return NULL;
860
861 zif = ifp->info;
862 assert(zif);
863 vl = &zif->l2info.vl;
864 in_param.vid = vl->vid;
865 }
866
867 in_param.br_if = br_if;
868 in_param.zif = zif;
869 p_zevpn = &zevpn;
870 /* See if this interface (or interface plus VLAN Id) maps to a VxLAN */
871 ns_walk_func(zebra_evpn_from_svi_ns, (void *)&in_param,
872 (void **)p_zevpn);
873 return zevpn;
874 }
875
876 static int zvni_map_to_macvlan_ns(struct ns *ns,
877 void *_in_param,
878 void **_p_ifp)
879 {
880 struct zebra_ns *zns = ns->info;
881 struct zebra_from_svi_param *in_param =
882 (struct zebra_from_svi_param *)_in_param;
883 struct interface **p_ifp = (struct interface **)_p_ifp;
884 struct route_node *rn;
885 struct interface *tmp_if = NULL;
886 struct zebra_if *zif;
887
888 assert(in_param && p_ifp);
889
890 /* Identify corresponding VLAN interface. */
891 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
892 tmp_if = (struct interface *)rn->info;
893 /* Check oper status of the SVI. */
894 if (!tmp_if || !if_is_operative(tmp_if))
895 continue;
896 zif = tmp_if->info;
897
898 if (!zif || zif->zif_type != ZEBRA_IF_MACVLAN)
899 continue;
900
901 if (zif->link == in_param->svi_if) {
902 *p_ifp = tmp_if;
903 return NS_WALK_STOP;
904 }
905 }
906
907 return NS_WALK_CONTINUE;
908 }
909
910 /* Map to MAC-VLAN interface corresponding to specified SVI interface.
911 */
912 struct interface *zebra_evpn_map_to_macvlan(struct interface *br_if,
913 struct interface *svi_if)
914 {
915 struct interface *tmp_if = NULL;
916 struct zebra_if *zif;
917 struct interface **p_ifp;
918 struct zebra_from_svi_param in_param;
919
920 /* Defensive check, caller expected to invoke only with valid bridge. */
921 if (!br_if)
922 return NULL;
923
924 if (!svi_if) {
925 zlog_debug("svi_if is not passed.");
926 return NULL;
927 }
928
929 /* Determine if bridge is VLAN-aware or not */
930 zif = br_if->info;
931 assert(zif);
932
933 in_param.vid = 0;
934 in_param.br_if = br_if;
935 in_param.zif = NULL;
936 in_param.svi_if = svi_if;
937 p_ifp = &tmp_if;
938
939 /* Identify corresponding VLAN interface. */
940 ns_walk_func(zvni_map_to_macvlan_ns,
941 (void *)&in_param,
942 (void **)p_ifp);
943 return tmp_if;
944 }
945
946 /*
947 * Uninstall MAC hash entry - called upon access VLAN change.
948 */
949 static void zebra_evpn_uninstall_mac_hash(struct hash_bucket *bucket,
950 void *ctxt)
951 {
952 struct zebra_mac *mac;
953 struct mac_walk_ctx *wctx = ctxt;
954
955 mac = (struct zebra_mac *)bucket->data;
956
957 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE))
958 zebra_evpn_rem_mac_uninstall(wctx->zevpn, mac, false);
959 }
960
961 /*
962 * Install MAC hash entry - called upon access VLAN change.
963 */
964 static void zebra_evpn_install_mac_hash(struct hash_bucket *bucket, void *ctxt)
965 {
966 struct zebra_mac *mac;
967 struct mac_walk_ctx *wctx = ctxt;
968
969 mac = (struct zebra_mac *)bucket->data;
970
971 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE))
972 zebra_evpn_rem_mac_install(wctx->zevpn, mac, false);
973 }
974
975 /*
976 * Uninstall remote MAC entries for this EVPN.
977 */
978 void zebra_evpn_rem_mac_uninstall_all(struct zebra_evpn *zevpn)
979 {
980 struct mac_walk_ctx wctx;
981
982 if (!zevpn->mac_table)
983 return;
984
985 memset(&wctx, 0, sizeof(struct mac_walk_ctx));
986 wctx.zevpn = zevpn;
987 wctx.uninstall = 1;
988 wctx.upd_client = 0;
989 wctx.flags = ZEBRA_MAC_REMOTE;
990
991 hash_iterate(zevpn->mac_table, zebra_evpn_uninstall_mac_hash, &wctx);
992 }
993
994 /*
995 * Install remote MAC entries for this EVPN.
996 */
997 void zebra_evpn_rem_mac_install_all(struct zebra_evpn *zevpn)
998 {
999 struct mac_walk_ctx wctx;
1000
1001 if (!zevpn->mac_table)
1002 return;
1003
1004 memset(&wctx, 0, sizeof(struct mac_walk_ctx));
1005 wctx.zevpn = zevpn;
1006 wctx.uninstall = 0;
1007 wctx.upd_client = 0;
1008 wctx.flags = ZEBRA_MAC_REMOTE;
1009
1010 hash_iterate(zevpn->mac_table, zebra_evpn_install_mac_hash, &wctx);
1011 }
1012
1013 /*
1014 * Read and populate local MACs and neighbors corresponding to this EVPN.
1015 */
1016 void zebra_evpn_read_mac_neigh(struct zebra_evpn *zevpn, struct interface *ifp)
1017 {
1018 struct zebra_ns *zns;
1019 struct zebra_vrf *zvrf;
1020 struct zebra_if *zif;
1021 struct interface *vlan_if;
1022 struct zebra_vxlan_vni *vni;
1023 struct interface *vrr_if;
1024
1025 zif = ifp->info;
1026 vni = zebra_vxlan_if_vni_find(zif, zevpn->vni);
1027 zvrf = zebra_vrf_lookup_by_id(zevpn->vrf_id);
1028 if (!zvrf || !zvrf->zns)
1029 return;
1030 zns = zvrf->zns;
1031
1032 if (IS_ZEBRA_DEBUG_VXLAN)
1033 zlog_debug(
1034 "Reading MAC FDB and Neighbors for intf %s(%u) VNI %u master %u",
1035 ifp->name, ifp->ifindex, zevpn->vni,
1036 zif->brslave_info.bridge_ifindex);
1037
1038 macfdb_read_for_bridge(zns, ifp, zif->brslave_info.br_if,
1039 vni->access_vlan);
1040 /* We need to specifically read and retrieve the entry for BUM handling
1041 * via multicast, if any.
1042 */
1043 macfdb_read_mcast_entry_for_vni(zns, ifp, zevpn->vni);
1044 vlan_if = zvni_map_to_svi(vni->access_vlan, zif->brslave_info.br_if);
1045 if (vlan_if) {
1046 /* Add SVI MAC */
1047 zebra_evpn_acc_bd_svi_mac_add(vlan_if);
1048
1049 /* Add SVI MAC-IP */
1050 if (advertise_svi_macip_enabled(zevpn)
1051 || advertise_gw_macip_enabled(zevpn))
1052 zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
1053
1054 /* Add VRR MAC-IP - if any*/
1055 if (advertise_gw_macip_enabled(zevpn)) {
1056 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
1057 if (vrr_if)
1058 zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
1059 }
1060
1061 neigh_read_for_vlan(zns, vlan_if);
1062 }
1063 }
1064
1065 /*
1066 * Hash function for EVPN.
1067 */
1068 unsigned int zebra_evpn_hash_keymake(const void *p)
1069 {
1070 const struct zebra_evpn *zevpn = p;
1071
1072 return (jhash_1word(zevpn->vni, 0));
1073 }
1074
1075 /*
1076 * Compare 2 evpn hash entries.
1077 */
1078 bool zebra_evpn_hash_cmp(const void *p1, const void *p2)
1079 {
1080 const struct zebra_evpn *zevpn1 = p1;
1081 const struct zebra_evpn *zevpn2 = p2;
1082
1083 return (zevpn1->vni == zevpn2->vni);
1084 }
1085
1086 int zebra_evpn_list_cmp(void *p1, void *p2)
1087 {
1088 const struct zebra_evpn *zevpn1 = p1;
1089 const struct zebra_evpn *zevpn2 = p2;
1090
1091 if (zevpn1->vni == zevpn2->vni)
1092 return 0;
1093 return (zevpn1->vni < zevpn2->vni) ? -1 : 1;
1094 }
1095
1096 /*
1097 * Callback to allocate VNI hash entry.
1098 */
1099 void *zebra_evpn_alloc(void *p)
1100 {
1101 const struct zebra_evpn *tmp_vni = p;
1102 struct zebra_evpn *zevpn;
1103
1104 zevpn = XCALLOC(MTYPE_ZEVPN, sizeof(struct zebra_evpn));
1105 zevpn->vni = tmp_vni->vni;
1106 return ((void *)zevpn);
1107 }
1108
1109 /*
1110 * Look up EVPN hash entry.
1111 */
1112 struct zebra_evpn *zebra_evpn_lookup(vni_t vni)
1113 {
1114 struct zebra_vrf *zvrf;
1115 struct zebra_evpn tmp_vni;
1116 struct zebra_evpn *zevpn = NULL;
1117
1118 zvrf = zebra_vrf_get_evpn();
1119 memset(&tmp_vni, 0, sizeof(tmp_vni));
1120 tmp_vni.vni = vni;
1121 zevpn = hash_lookup(zvrf->evpn_table, &tmp_vni);
1122
1123 return zevpn;
1124 }
1125
1126 /*
1127 * Add EVPN hash entry.
1128 */
1129 struct zebra_evpn *zebra_evpn_add(vni_t vni)
1130 {
1131 char buffer[80];
1132 struct zebra_vrf *zvrf;
1133 struct zebra_evpn tmp_zevpn;
1134 struct zebra_evpn *zevpn = NULL;
1135
1136 zvrf = zebra_vrf_get_evpn();
1137 memset(&tmp_zevpn, 0, sizeof(tmp_zevpn));
1138 tmp_zevpn.vni = vni;
1139 zevpn = hash_get(zvrf->evpn_table, &tmp_zevpn, zebra_evpn_alloc);
1140
1141 zebra_evpn_es_evi_init(zevpn);
1142
1143 snprintf(buffer, sizeof(buffer), "Zebra EVPN MAC Table vni: %u", vni);
1144 /* Create hash table for MAC */
1145 zevpn->mac_table = zebra_mac_db_create(buffer);
1146
1147 snprintf(buffer, sizeof(buffer), "Zebra EVPN Neighbor Table vni: %u",
1148 vni);
1149 /* Create hash table for neighbors */
1150 zevpn->neigh_table = zebra_neigh_db_create(buffer);
1151
1152 return zevpn;
1153 }
1154
1155 /*
1156 * Delete EVPN hash entry.
1157 */
1158 int zebra_evpn_del(struct zebra_evpn *zevpn)
1159 {
1160 struct zebra_vrf *zvrf;
1161 struct zebra_evpn *tmp_zevpn;
1162
1163 zvrf = zebra_vrf_get_evpn();
1164
1165 zevpn->svi_if = NULL;
1166
1167 /* Free the neighbor hash table. */
1168 hash_free(zevpn->neigh_table);
1169 zevpn->neigh_table = NULL;
1170
1171 /* Free the MAC hash table. */
1172 hash_free(zevpn->mac_table);
1173 zevpn->mac_table = NULL;
1174
1175 /* Remove references to the zevpn in the MH databases */
1176 if (zevpn->vxlan_if)
1177 zebra_evpn_vxl_evpn_set(zevpn->vxlan_if->info, zevpn, false);
1178 zebra_evpn_es_evi_cleanup(zevpn);
1179
1180 /* Free the EVPN hash entry and allocated memory. */
1181 tmp_zevpn = hash_release(zvrf->evpn_table, zevpn);
1182 XFREE(MTYPE_ZEVPN, tmp_zevpn);
1183
1184 return 0;
1185 }
1186
1187 /*
1188 * Inform BGP about local EVPN addition.
1189 */
1190 int zebra_evpn_send_add_to_client(struct zebra_evpn *zevpn)
1191 {
1192 struct zserv *client;
1193 struct stream *s;
1194 ifindex_t svi_index;
1195 int rc;
1196
1197 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
1198 /* BGP may not be running. */
1199 if (!client)
1200 return 0;
1201
1202 svi_index = zevpn->svi_if ? zevpn->svi_if->ifindex : 0;
1203
1204 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
1205
1206 zclient_create_header(s, ZEBRA_VNI_ADD, zebra_vrf_get_evpn_id());
1207 stream_putl(s, zevpn->vni);
1208 stream_put_in_addr(s, &zevpn->local_vtep_ip);
1209 stream_put(s, &zevpn->vrf_id, sizeof(vrf_id_t)); /* tenant vrf */
1210 stream_put_in_addr(s, &zevpn->mcast_grp);
1211 stream_put(s, &svi_index, sizeof(ifindex_t));
1212
1213 /* Write packet size. */
1214 stream_putw_at(s, 0, stream_get_endp(s));
1215
1216 if (IS_ZEBRA_DEBUG_VXLAN)
1217 zlog_debug(
1218 "Send EVPN_ADD %u %pI4 tenant vrf %s(%u) SVI index %u to %s",
1219 zevpn->vni, &zevpn->local_vtep_ip,
1220 vrf_id_to_name(zevpn->vrf_id), zevpn->vrf_id,
1221 (zevpn->svi_if ? zevpn->svi_if->ifindex : 0),
1222 zebra_route_string(client->proto));
1223
1224 client->vniadd_cnt++;
1225 rc = zserv_send_message(client, s);
1226
1227 if (!(zevpn->flags & ZEVPN_READY_FOR_BGP)) {
1228 zevpn->flags |= ZEVPN_READY_FOR_BGP;
1229 /* once the EVPN is sent the ES-EVIs can also be replayed
1230 * to BGP
1231 */
1232 zebra_evpn_update_all_es(zevpn);
1233 }
1234 return rc;
1235 }
1236
1237 /*
1238 * Inform BGP about local EVPN deletion.
1239 */
1240 int zebra_evpn_send_del_to_client(struct zebra_evpn *zevpn)
1241 {
1242 struct zserv *client;
1243 struct stream *s;
1244
1245 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
1246 /* BGP may not be running. */
1247 if (!client)
1248 return 0;
1249
1250 if (zevpn->flags & ZEVPN_READY_FOR_BGP) {
1251 zevpn->flags &= ~ZEVPN_READY_FOR_BGP;
1252 /* the ES-EVIs must be removed from BGP before the EVPN is */
1253 zebra_evpn_update_all_es(zevpn);
1254 }
1255
1256 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
1257 stream_reset(s);
1258
1259 zclient_create_header(s, ZEBRA_VNI_DEL, zebra_vrf_get_evpn_id());
1260 stream_putl(s, zevpn->vni);
1261
1262 /* Write packet size. */
1263 stream_putw_at(s, 0, stream_get_endp(s));
1264
1265 if (IS_ZEBRA_DEBUG_VXLAN)
1266 zlog_debug("Send EVPN_DEL %u to %s", zevpn->vni,
1267 zebra_route_string(client->proto));
1268
1269 client->vnidel_cnt++;
1270 return zserv_send_message(client, s);
1271 }
1272
1273 /*
1274 * See if remote VTEP matches with prefix.
1275 */
1276 static int zebra_evpn_vtep_match(struct in_addr *vtep_ip,
1277 struct zebra_vtep *zvtep)
1278 {
1279 return (IPV4_ADDR_SAME(vtep_ip, &zvtep->vtep_ip));
1280 }
1281
1282 /*
1283 * Locate remote VTEP in EVPN hash table.
1284 */
1285 struct zebra_vtep *zebra_evpn_vtep_find(struct zebra_evpn *zevpn,
1286 struct in_addr *vtep_ip)
1287 {
1288 struct zebra_vtep *zvtep;
1289
1290 if (!zevpn)
1291 return NULL;
1292
1293 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
1294 if (zebra_evpn_vtep_match(vtep_ip, zvtep))
1295 break;
1296 }
1297
1298 return zvtep;
1299 }
1300
1301 /*
1302 * Add remote VTEP to EVPN hash table.
1303 */
1304 struct zebra_vtep *zebra_evpn_vtep_add(struct zebra_evpn *zevpn,
1305 struct in_addr *vtep_ip,
1306 int flood_control)
1307
1308 {
1309 struct zebra_vtep *zvtep;
1310
1311 zvtep = XCALLOC(MTYPE_ZEVPN_VTEP, sizeof(struct zebra_vtep));
1312
1313 zvtep->vtep_ip = *vtep_ip;
1314 zvtep->flood_control = flood_control;
1315
1316 if (zevpn->vteps)
1317 zevpn->vteps->prev = zvtep;
1318 zvtep->next = zevpn->vteps;
1319 zevpn->vteps = zvtep;
1320
1321 return zvtep;
1322 }
1323
1324 /*
1325 * Remove remote VTEP from EVPN hash table.
1326 */
1327 int zebra_evpn_vtep_del(struct zebra_evpn *zevpn, struct zebra_vtep *zvtep)
1328 {
1329 if (zvtep->next)
1330 zvtep->next->prev = zvtep->prev;
1331 if (zvtep->prev)
1332 zvtep->prev->next = zvtep->next;
1333 else
1334 zevpn->vteps = zvtep->next;
1335
1336 zvtep->prev = zvtep->next = NULL;
1337 XFREE(MTYPE_ZEVPN_VTEP, zvtep);
1338
1339 return 0;
1340 }
1341
1342 /*
1343 * Delete all remote VTEPs for this EVPN (upon VNI delete). Also
1344 * uninstall from kernel if asked to.
1345 */
1346 int zebra_evpn_vtep_del_all(struct zebra_evpn *zevpn, int uninstall)
1347 {
1348 struct zebra_vtep *zvtep, *zvtep_next;
1349
1350 if (!zevpn)
1351 return -1;
1352
1353 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep_next) {
1354 zvtep_next = zvtep->next;
1355 if (uninstall)
1356 zebra_evpn_vtep_uninstall(zevpn, &zvtep->vtep_ip);
1357 zebra_evpn_vtep_del(zevpn, zvtep);
1358 }
1359
1360 return 0;
1361 }
1362
1363 /*
1364 * Install remote VTEP into the kernel if the remote VTEP has asked
1365 * for head-end-replication.
1366 */
1367 int zebra_evpn_vtep_install(struct zebra_evpn *zevpn, struct zebra_vtep *zvtep)
1368 {
1369 if (is_vxlan_flooding_head_end() &&
1370 (zvtep->flood_control == VXLAN_FLOOD_HEAD_END_REPL)) {
1371 if (ZEBRA_DPLANE_REQUEST_FAILURE ==
1372 dplane_vtep_add(zevpn->vxlan_if,
1373 &zvtep->vtep_ip, zevpn->vni))
1374 return -1;
1375 }
1376
1377 return 0;
1378 }
1379
1380 /*
1381 * Uninstall remote VTEP from the kernel.
1382 */
1383 int zebra_evpn_vtep_uninstall(struct zebra_evpn *zevpn, struct in_addr *vtep_ip)
1384 {
1385 if (!zevpn->vxlan_if) {
1386 zlog_debug("VNI %u hash %p couldn't be uninstalled - no intf",
1387 zevpn->vni, zevpn);
1388 return -1;
1389 }
1390
1391 if (ZEBRA_DPLANE_REQUEST_FAILURE ==
1392 dplane_vtep_delete(zevpn->vxlan_if, vtep_ip, zevpn->vni))
1393 return -1;
1394
1395 return 0;
1396 }
1397
1398 /*
1399 * Install or uninstall flood entries in the kernel corresponding to
1400 * remote VTEPs. This is invoked upon change to BUM handling.
1401 */
1402 void zebra_evpn_handle_flooding_remote_vteps(struct hash_bucket *bucket,
1403 void *zvrf)
1404 {
1405 struct zebra_evpn *zevpn;
1406 struct zebra_vtep *zvtep;
1407
1408 zevpn = (struct zebra_evpn *)bucket->data;
1409 if (!zevpn)
1410 return;
1411
1412 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
1413 if (is_vxlan_flooding_head_end())
1414 zebra_evpn_vtep_install(zevpn, zvtep);
1415 else
1416 zebra_evpn_vtep_uninstall(zevpn, &zvtep->vtep_ip);
1417 }
1418 }
1419
1420 /*
1421 * Cleanup EVPN/VTEP and update kernel
1422 */
1423 void zebra_evpn_cleanup_all(struct hash_bucket *bucket, void *arg)
1424 {
1425 struct zebra_evpn *zevpn = NULL;
1426
1427 zevpn = (struct zebra_evpn *)bucket->data;
1428
1429 /* Free up all neighbors and MACs, if any. */
1430 zebra_evpn_neigh_del_all(zevpn, 1, 0, DEL_ALL_NEIGH);
1431 zebra_evpn_mac_del_all(zevpn, 1, 0, DEL_ALL_MAC);
1432
1433 /* Free up all remote VTEPs, if any. */
1434 zebra_evpn_vtep_del_all(zevpn, 1);
1435
1436 /* Delete the hash entry. */
1437 zebra_evpn_del(zevpn);
1438 }
1439
1440 static void zebra_evpn_process_sync_macip_add(struct zebra_evpn *zevpn,
1441 const struct ethaddr *macaddr,
1442 uint16_t ipa_len,
1443 const struct ipaddr *ipaddr,
1444 uint8_t flags, uint32_t seq,
1445 const esi_t *esi)
1446 {
1447 char ipbuf[INET6_ADDRSTRLEN];
1448 bool sticky;
1449 bool remote_gw;
1450 struct zebra_neigh *n = NULL;
1451 struct zebra_mac *mac = NULL;
1452
1453 sticky = !!CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1454 remote_gw = !!CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1455 /* if sticky or remote-gw ignore updates from the peer */
1456 if (sticky || remote_gw) {
1457 if (IS_ZEBRA_DEBUG_VXLAN || IS_ZEBRA_DEBUG_EVPN_MH_NEIGH
1458 || IS_ZEBRA_DEBUG_EVPN_MH_MAC)
1459 zlog_debug(
1460 "Ignore sync-macip vni %u mac %pEA%s%s%s%s",
1461 zevpn->vni,
1462 macaddr,
1463 ipa_len ? " IP " : "",
1464 ipa_len ? ipaddr2str(ipaddr, ipbuf,
1465 sizeof(ipbuf))
1466 : "",
1467 sticky ? " sticky" : "",
1468 remote_gw ? " remote_gw" : "");
1469 return;
1470 }
1471
1472 if (!ipa_len) {
1473 /* MAC update */
1474 (void)zebra_evpn_proc_sync_mac_update(zevpn, macaddr, ipa_len,
1475 ipaddr, flags, seq, esi);
1476 } else {
1477 /* MAC-IP update */
1478 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1479 if (!mac) {
1480 mac = zebra_evpn_proc_sync_mac_update(zevpn, macaddr,
1481 ipa_len, ipaddr,
1482 flags, seq, esi);
1483 }
1484 if (!mac)
1485 return;
1486
1487 n = zebra_evpn_neigh_lookup(zevpn, ipaddr);
1488 if (n
1489 && !zebra_evpn_neigh_is_bgp_seq_ok(zevpn, n, macaddr, seq,
1490 true))
1491 return;
1492
1493 zebra_evpn_proc_sync_neigh_update(zevpn, n, ipa_len, ipaddr,
1494 flags, seq, esi, mac);
1495 }
1496 }
1497
1498 /************************** remote mac-ip handling **************************/
1499 /* Process a remote MACIP add from BGP. */
1500 void zebra_evpn_rem_macip_add(vni_t vni, const struct ethaddr *macaddr,
1501 uint16_t ipa_len, const struct ipaddr *ipaddr,
1502 uint8_t flags, uint32_t seq,
1503 struct in_addr vtep_ip, const esi_t *esi)
1504 {
1505 struct zebra_evpn *zevpn;
1506 struct zebra_vtep *zvtep;
1507 struct zebra_mac *mac = NULL;
1508 struct interface *ifp = NULL;
1509 struct zebra_if *zif = NULL;
1510 struct zebra_vrf *zvrf;
1511
1512 /* Locate EVPN hash entry - expected to exist. */
1513 zevpn = zebra_evpn_lookup(vni);
1514 if (!zevpn) {
1515 if (IS_ZEBRA_DEBUG_VXLAN)
1516 zlog_debug("Unknown VNI %u upon remote MACIP ADD", vni);
1517 return;
1518 }
1519
1520 ifp = zevpn->vxlan_if;
1521 if (ifp)
1522 zif = ifp->info;
1523 if (!ifp || !if_is_operative(ifp) || !zif || !zif->brslave_info.br_if) {
1524 if (IS_ZEBRA_DEBUG_VXLAN)
1525 zlog_debug(
1526 "Ignoring remote MACIP ADD VNI %u, invalid interface state or info",
1527 vni);
1528 return;
1529 }
1530
1531 /* Type-2 routes from another PE can be interpreted as remote or
1532 * SYNC based on the destination ES -
1533 * SYNC - if ES is local
1534 * REMOTE - if ES is not local
1535 */
1536 if (flags & ZEBRA_MACIP_TYPE_SYNC_PATH) {
1537 struct zebra_evpn_es *es;
1538
1539 es = zebra_evpn_es_find(esi);
1540 if (es && (es->flags & ZEBRA_EVPNES_READY_FOR_BGP)) {
1541 zebra_evpn_process_sync_macip_add(zevpn, macaddr,
1542 ipa_len, ipaddr,
1543 flags, seq, esi);
1544 } else {
1545 if (IS_ZEBRA_DEBUG_EVPN_MH_ES) {
1546 char esi_str[ESI_STR_LEN];
1547
1548 esi_to_str(esi, esi_str, sizeof(esi_str));
1549 zlog_debug(
1550 "Ignore sync-macip add; ES %s is not ready",
1551 esi_str);
1552 }
1553 }
1554
1555 return;
1556 }
1557
1558 /* The remote VTEP specified should normally exist, but it is
1559 * possible that when peering comes up, peer may advertise MACIP
1560 * routes before advertising type-3 routes.
1561 */
1562 if (vtep_ip.s_addr) {
1563 zvtep = zebra_evpn_vtep_find(zevpn, &vtep_ip);
1564 if (!zvtep) {
1565 zvtep = zebra_evpn_vtep_add(zevpn, &vtep_ip,
1566 VXLAN_FLOOD_DISABLED);
1567 if (!zvtep) {
1568 flog_err(
1569 EC_ZEBRA_VTEP_ADD_FAILED,
1570 "Failed to add remote VTEP, VNI %u zevpn %p upon remote MACIP ADD",
1571 vni, zevpn);
1572 return;
1573 }
1574
1575 zebra_evpn_vtep_install(zevpn, zvtep);
1576 }
1577 }
1578
1579 zvrf = zebra_vrf_get_evpn();
1580 if (!zvrf)
1581 return;
1582
1583 if (!ipa_len) {
1584 /* MAC update */
1585 zebra_evpn_mac_remote_macip_add(zevpn, zvrf, macaddr, vtep_ip,
1586 flags, seq, esi);
1587 } else {
1588 /* MAC-IP update
1589 * Add auto MAC if it doesn't exist.
1590 */
1591 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1592 if (!mac) {
1593 mac = zebra_evpn_mac_add_auto(zevpn, macaddr);
1594
1595 if (IS_ZEBRA_DEBUG_VXLAN)
1596 zlog_debug(
1597 "Neigh %pIA: MAC %pEA not found, Auto MAC created",
1598 ipaddr, macaddr);
1599 }
1600
1601 zebra_evpn_neigh_remote_macip_add(zevpn, zvrf, ipaddr, mac,
1602 vtep_ip, flags, seq);
1603 }
1604 }
1605
1606 /* Process a remote MACIP delete from BGP. */
1607 void zebra_evpn_rem_macip_del(vni_t vni, const struct ethaddr *macaddr,
1608 uint16_t ipa_len, const struct ipaddr *ipaddr,
1609 struct in_addr vtep_ip)
1610 {
1611 struct zebra_evpn *zevpn;
1612 struct zebra_mac *mac = NULL;
1613 struct zebra_neigh *n = NULL;
1614 struct interface *ifp = NULL;
1615 struct zebra_if *zif = NULL;
1616 struct zebra_ns *zns;
1617 struct zebra_vxlan_vni *vnip;
1618 struct zebra_vrf *zvrf;
1619 char buf1[INET6_ADDRSTRLEN];
1620
1621 /* Locate EVPN hash entry - expected to exist. */
1622 zevpn = zebra_evpn_lookup(vni);
1623 if (!zevpn) {
1624 if (IS_ZEBRA_DEBUG_VXLAN)
1625 zlog_debug("Unknown VNI %u upon remote MACIP DEL", vni);
1626 return;
1627 }
1628
1629 ifp = zevpn->vxlan_if;
1630 if (ifp)
1631 zif = ifp->info;
1632 if (!ifp || !if_is_operative(ifp) || !zif || !zif->brslave_info.br_if) {
1633 if (IS_ZEBRA_DEBUG_VXLAN)
1634 zlog_debug(
1635 "Ignoring remote MACIP DEL VNI %u, invalid interface state or info",
1636 vni);
1637 return;
1638 }
1639 zns = zebra_ns_lookup(NS_DEFAULT);
1640 vnip = zebra_vxlan_if_vni_find(zif, vni);
1641 if (!vnip) {
1642 if (IS_ZEBRA_DEBUG_VXLAN)
1643 zlog_debug(
1644 "VNI %u not in interface upon remote MACIP DEL",
1645 vni);
1646 return;
1647 }
1648
1649 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1650 if (ipa_len)
1651 n = zebra_evpn_neigh_lookup(zevpn, ipaddr);
1652
1653 if (n && !mac) {
1654 zlog_warn(
1655 "Failed to locate MAC %pEA for Neigh %pIA VNI %u upon remote MACIP DEL",
1656 macaddr, ipaddr, vni);
1657 return;
1658 }
1659
1660 /* If the remote mac or neighbor doesn't exist there is nothing
1661 * more to do. Otherwise, uninstall the entry and then remove it.
1662 */
1663 if (!mac && !n) {
1664 if (IS_ZEBRA_DEBUG_VXLAN)
1665 zlog_debug(
1666 "Failed to locate MAC %pEA & Neigh %pIA VNI %u upon remote MACIP DEL",
1667 macaddr, ipaddr, vni);
1668 return;
1669 }
1670
1671 zvrf = zevpn->vxlan_if->vrf->info;
1672
1673 /* Ignore the delete if this mac is a gateway mac-ip */
1674 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL)
1675 && CHECK_FLAG(mac->flags, ZEBRA_MAC_DEF_GW)) {
1676 zlog_warn(
1677 "Ignore remote MACIP DEL VNI %u MAC %pEA%s%s as MAC is already configured as gateway MAC",
1678 vni, macaddr,
1679 ipa_len ? " IP " : "",
1680 ipa_len ? ipaddr2str(ipaddr, buf1, sizeof(buf1)) : "");
1681 return;
1682 }
1683
1684 /* Uninstall remote neighbor or MAC. */
1685 if (n)
1686 zebra_evpn_neigh_remote_uninstall(zevpn, zvrf, n, mac, ipaddr);
1687 else {
1688 /* DAD: when MAC is freeze state as remote learn event,
1689 * remote mac-ip delete event is received will result in freeze
1690 * entry removal, first fetch kernel for the same entry present
1691 * as LOCAL and reachable, avoid deleting this entry instead
1692 * use kerenel local entry to update during unfreeze time.
1693 */
1694 if (zvrf->dad_freeze
1695 && CHECK_FLAG(mac->flags, ZEBRA_MAC_DUPLICATE)
1696 && CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE)) {
1697 if (IS_ZEBRA_DEBUG_VXLAN)
1698 zlog_debug(
1699 "%s: MAC %pEA (flags 0x%x) is remote and duplicate, read kernel for local entry",
1700 __func__, macaddr, mac->flags);
1701 macfdb_read_specific_mac(zns, zif->brslave_info.br_if,
1702 macaddr, vnip->access_vlan);
1703 }
1704
1705 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL)) {
1706 if (!ipa_len)
1707 zebra_evpn_sync_mac_del(mac);
1708 } else if (CHECK_FLAG(mac->flags, ZEBRA_NEIGH_REMOTE)) {
1709 zebra_evpn_rem_mac_del(zevpn, mac);
1710 }
1711 }
1712 }
1713
1714 /************************** EVPN BGP config management ************************/
1715 void zebra_evpn_cfg_cleanup(struct hash_bucket *bucket, void *ctxt)
1716 {
1717 struct zebra_evpn *zevpn = NULL;
1718
1719 zevpn = (struct zebra_evpn *)bucket->data;
1720 zevpn->advertise_gw_macip = 0;
1721 zevpn->advertise_svi_macip = 0;
1722 zevpn->advertise_subnet = 0;
1723
1724 zebra_evpn_neigh_del_all(zevpn, 1, 0,
1725 DEL_REMOTE_NEIGH | DEL_REMOTE_NEIGH_FROM_VTEP);
1726 zebra_evpn_mac_del_all(zevpn, 1, 0,
1727 DEL_REMOTE_MAC | DEL_REMOTE_MAC_FROM_VTEP);
1728 zebra_evpn_vtep_del_all(zevpn, 1);
1729 }
FRRouting mirror