bgpd: Strip Route Targets during VRF-to-VRF route leak

During VRF-to-VRF route leaking, strip any extraneous route targets. This
ensures that source-VRF-specific route targets or route targets that are
internally assigned for the VRF-to-VRF route leaking don't get attached
to the route in the target VRF.

Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by:   Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by:   Don Slice <dslice@cumulusnetworks.com>

diff --git a/bgpd/bgp_ecommunity.h b/bgpd/bgp_ecommunity.h
index ae64f41ca15592b6425857218ac2f0d073e5e69e..3cf33c91bf60d6bd3408c96c0a2a6c599ec301c4 100644 (file)
--- a/bgpd/bgp_ecommunity.h
+++ b/bgpd/bgp_ecommunity.h
@@ -202,4 +202,13 @@ extern void bgp_remove_ecomm_from_aggregate_hash(
                                        struct ecommunity *ecommunity);
 extern void bgp_aggr_ecommunity_remove(void *arg);
 
+
+static inline void ecommunity_strip_rts(struct ecommunity *ecom)
+{
+       uint8_t subtype = ECOMMUNITY_ROUTE_TARGET;
+
+       ecommunity_strip(ecom, ECOMMUNITY_ENCODE_AS, subtype);
+       ecommunity_strip(ecom, ECOMMUNITY_ENCODE_IP, subtype);
+       ecommunity_strip(ecom, ECOMMUNITY_ENCODE_AS4, subtype);
+}
 #endif /* _QUAGGA_BGP_ECOMMUNITY_H */

diff --git a/bgpd/bgp_mplsvpn.c b/bgpd/bgp_mplsvpn.c
index 8758d0ca781901dd0b6d48a1c10be8a0edbed8ae..7e68fde8f38662e53d22459d0b2c6cd8f6b7f1a5 100644 (file)
--- a/bgpd/bgp_mplsvpn.c
+++ b/bgpd/bgp_mplsvpn.c
@@ -744,10 +744,15 @@ void vpn_leak_from_vrf_update(struct bgp *bgp_vpn,            /* to */
        struct ecommunity *old_ecom;
        struct ecommunity *new_ecom;
 
+       /* Export with the 'from' instance's export RTs. */
+       /* If doing VRF-to-VRF leaking, strip existing RTs first. */
        old_ecom = static_attr.ecommunity;
        if (old_ecom) {
-               new_ecom = ecommunity_merge(
-                       ecommunity_dup(old_ecom),
+               new_ecom = ecommunity_dup(old_ecom);
+               if (CHECK_FLAG(bgp_vrf->af_flags[afi][SAFI_UNICAST],
+                               BGP_CONFIG_VRF_TO_VRF_EXPORT))
+                       ecommunity_strip_rts(new_ecom);
+               new_ecom = ecommunity_merge(new_ecom,
                        bgp_vrf->vpn_policy[afi]
                                .rtlist[BGP_VPN_POLICY_DIR_TOVPN]);
                if (!old_ecom->refcnt)
@@ -1087,6 +1092,20 @@ vpn_leak_to_vrf_update_onevrf(struct bgp *bgp_vrf,           /* to */
        /* shallow copy */
        static_attr = *path_vpn->attr;
 
+       struct ecommunity *old_ecom;
+       struct ecommunity *new_ecom;
+
+       /* If doing VRF-to-VRF leaking, strip RTs. */
+       old_ecom = static_attr.ecommunity;
+       if (old_ecom && CHECK_FLAG(bgp_vrf->af_flags[afi][safi],
+                               BGP_CONFIG_VRF_TO_VRF_IMPORT)) {
+               new_ecom = ecommunity_dup(old_ecom);
+               ecommunity_strip_rts(new_ecom);
+               static_attr.ecommunity = new_ecom;
+               if (!old_ecom->refcnt)
+                       ecommunity_free(&old_ecom);
+       }
+
        /*
         * Nexthop: stash and clear
         *