bgpd: Allow importing local routes with accept-own mechanism

Before this patch we allowed importing routes between VRFs in the same node,
only for external routes, but not for local (e.g.: redistribute).

Relax here a bit, and allow importing local routes between VRFs when the RT
list is modified using route reflectors.

Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>

diff --git a/bgpd/bgp_mplsvpn.c b/bgpd/bgp_mplsvpn.c
index c92d678eff846cde48f81d57120cab0479b0b2c6..ddc9a525f9355e893729145f2f082d5f94cc38f4 100644 (file)
--- a/bgpd/bgp_mplsvpn.c
+++ b/bgpd/bgp_mplsvpn.c
@@ -1070,12 +1070,14 @@ static bool leak_update_nexthop_valid(struct bgp *to_bgp, struct bgp_dest *bn,
                bgp_nexthop = bgp_orig;
 
        /*
-        * No nexthop tracking for redistributed routes or for
-        * EVPN-imported routes that get leaked.
+        * No nexthop tracking for redistributed routes, for
+        * EVPN-imported routes that get leaked, or for routes
+        * leaked between VRFs with accept-own community.
         */
        if (bpi_ultimate->sub_type == BGP_ROUTE_REDISTRIBUTE ||
-           is_pi_family_evpn(bpi_ultimate))
-               nh_valid = 1;
+           is_pi_family_evpn(bpi_ultimate) ||
+           CHECK_FLAG(bpi_ultimate->flags, BGP_PATH_ACCEPT_OWN))
+               nh_valid = true;
        else
                /*
                 * TBD do we need to do anything about the
@@ -1875,6 +1877,22 @@ static bool vpn_leak_to_vrf_update_onevrf(struct bgp *to_bgp,   /* to */
                return false;
        }
 
+       /*
+        * For VRF-2-VRF route-leaking,
+        * the source will be the originating VRF.
+        *
+        * If ACCEPT_OWN mechanism is enabled, then we SHOULD(?)
+        * get the source VRF (BGP) by looking at the RD.
+        */
+       struct bgp *src_bgp = bgp_lookup_by_rd(path_vpn, prd, afi);
+
+       if (path_vpn->extra && path_vpn->extra->bgp_orig)
+               src_vrf = path_vpn->extra->bgp_orig;
+       else if (src_bgp)
+               src_vrf = src_bgp;
+       else
+               src_vrf = from_bgp;
+
        /* Check for intersection of route targets */
        if (!ecommunity_include(
                    to_bgp->vpn_policy[afi].rtlist[BGP_VPN_POLICY_DIR_FROMVPN],
@@ -1940,6 +1958,13 @@ static bool vpn_leak_to_vrf_update_onevrf(struct bgp *to_bgp,   /* to */
        memset(&nexthop_orig, 0, sizeof(nexthop_orig));
        nexthop_orig.family = nhfamily;
 
+       /* If the path has accept-own community and the source VRF
+        * is valid, reset next-hop to self, to allow importing own
+        * routes between different VRFs on the same node.
+        */
+       if (src_bgp)
+               subgroup_announce_reset_nhop(nhfamily, &static_attr);
+
        switch (nhfamily) {
        case AF_INET:
                /* save */
@@ -2051,22 +2076,6 @@ static bool vpn_leak_to_vrf_update_onevrf(struct bgp *to_bgp,   /* to */
                zlog_debug("%s: pfx %pBD: num_labels %d", __func__,
                           path_vpn->net, num_labels);
 
-       /*
-        * For VRF-2-VRF route-leaking,
-        * the source will be the originating VRF.
-        *
-        * If ACCEPT_OWN mechanism is enabled, then we SHOULD(?)
-        * get the source VRF (BGP) by looking at the RD.
-        */
-       struct bgp *src_bgp = bgp_lookup_by_rd(path_vpn, prd, afi);
-
-       if (path_vpn->extra && path_vpn->extra->bgp_orig)
-               src_vrf = path_vpn->extra->bgp_orig;
-       else if (src_bgp)
-               src_vrf = src_bgp;
-       else
-               src_vrf = from_bgp;
-
        leak_update(to_bgp, bn, new_attr, afi, safi, path_vpn, pLabels,
                    num_labels, src_vrf, &nexthop_orig, nexthop_self_flag,
                    debug);