]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_evpn.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
lib: enforce vrf_name_to_id by returning default_vrf when name is null
[mirror_frr.git] / bgpd / bgp_evpn.c
1 /* Ethernet-VPN Packet and vty Processing File
2 * Copyright (C) 2016 6WIND
3 * Copyright (C) 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRRouting is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRRouting is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "command.h"
25 #include "filter.h"
26 #include "prefix.h"
27 #include "log.h"
28 #include "memory.h"
29 #include "stream.h"
30 #include "hash.h"
31 #include "jhash.h"
32 #include "zclient.h"
33
34 #include "bgpd/bgp_attr_evpn.h"
35 #include "bgpd/bgpd.h"
36 #include "bgpd/bgp_table.h"
37 #include "bgpd/bgp_route.h"
38 #include "bgpd/bgp_attr.h"
39 #include "bgpd/bgp_mplsvpn.h"
40 #include "bgpd/bgp_label.h"
41 #include "bgpd/bgp_evpn.h"
42 #include "bgpd/bgp_evpn_private.h"
43 #include "bgpd/bgp_ecommunity.h"
44 #include "bgpd/bgp_encap_types.h"
45 #include "bgpd/bgp_debug.h"
46 #include "bgpd/bgp_errors.h"
47 #include "bgpd/bgp_aspath.h"
48 #include "bgpd/bgp_zebra.h"
49 #include "bgpd/bgp_nexthop.h"
50 #include "bgpd/bgp_addpath.h"
51
52 /*
53 * Definitions and external declarations.
54 */
55 extern struct zclient *zclient;
56
57 DEFINE_QOBJ_TYPE(bgpevpn)
58 DEFINE_QOBJ_TYPE(evpnes)
59
60
61 /*
62 * Static function declarations
63 */
64 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
65 struct bgp_node *rn,
66 struct bgp_path_info **pi);
67 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn);
68
69 /*
70 * Private functions.
71 */
72
73 /* compare two IPV4 VTEP IPs */
74 static int evpn_vtep_ip_cmp(void *p1, void *p2)
75 {
76 const struct in_addr *ip1 = p1;
77 const struct in_addr *ip2 = p2;
78
79 return ip1->s_addr - ip2->s_addr;
80 }
81
82 /*
83 * Make hash key for ESI.
84 */
85 static unsigned int esi_hash_keymake(void *p)
86 {
87 struct evpnes *pes = p;
88 const void *pnt = (void *)pes->esi.val;
89
90 return jhash(pnt, ESI_BYTES, 0xa5a5a55a);
91 }
92
93 /*
94 * Compare two ESIs.
95 */
96 static bool esi_cmp(const void *p1, const void *p2)
97 {
98 const struct evpnes *pes1 = p1;
99 const struct evpnes *pes2 = p2;
100
101 if (pes1 == NULL && pes2 == NULL)
102 return true;
103
104 if (pes1 == NULL || pes2 == NULL)
105 return false;
106
107 return (memcmp(pes1->esi.val, pes2->esi.val, ESI_BYTES) == 0);
108 }
109
110 /*
111 * Make vni hash key.
112 */
113 static unsigned int vni_hash_key_make(void *p)
114 {
115 struct bgpevpn *vpn = p;
116 return (jhash_1word(vpn->vni, 0));
117 }
118
119 /*
120 * Comparison function for vni hash
121 */
122 static bool vni_hash_cmp(const void *p1, const void *p2)
123 {
124 const struct bgpevpn *vpn1 = p1;
125 const struct bgpevpn *vpn2 = p2;
126
127 if (!vpn1 && !vpn2)
128 return true;
129 if (!vpn1 || !vpn2)
130 return false;
131 return (vpn1->vni == vpn2->vni);
132 }
133
134 static int vni_list_cmp(void *p1, void *p2)
135 {
136 const struct bgpevpn *vpn1 = p1;
137 const struct bgpevpn *vpn2 = p2;
138
139 return vpn1->vni - vpn2->vni;
140 }
141
142 /*
143 * Make vrf import route target hash key.
144 */
145 static unsigned int vrf_import_rt_hash_key_make(void *p)
146 {
147 struct vrf_irt_node *irt = p;
148 char *pnt = irt->rt.val;
149
150 return jhash(pnt, 8, 0x5abc1234);
151 }
152
153 /*
154 * Comparison function for vrf import rt hash
155 */
156 static bool vrf_import_rt_hash_cmp(const void *p1, const void *p2)
157 {
158 const struct vrf_irt_node *irt1 = p1;
159 const struct vrf_irt_node *irt2 = p2;
160
161 if (irt1 == NULL && irt2 == NULL)
162 return true;
163
164 if (irt1 == NULL || irt2 == NULL)
165 return false;
166
167 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
168 }
169
170 /*
171 * Create a new vrf import_rt in default instance
172 */
173 static struct vrf_irt_node *vrf_import_rt_new(struct ecommunity_val *rt)
174 {
175 struct bgp *bgp_def = NULL;
176 struct vrf_irt_node *irt;
177
178 bgp_def = bgp_get_default();
179 if (!bgp_def) {
180 flog_err(EC_BGP_NO_DFLT,
181 "vrf import rt new - def instance not created yet");
182 return NULL;
183 }
184
185 irt = XCALLOC(MTYPE_BGP_EVPN_VRF_IMPORT_RT,
186 sizeof(struct vrf_irt_node));
187 if (!irt)
188 return NULL;
189
190 irt->rt = *rt;
191 irt->vrfs = list_new();
192
193 /* Add to hash */
194 if (!hash_get(bgp_def->vrf_import_rt_hash, irt, hash_alloc_intern)) {
195 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
196 return NULL;
197 }
198
199 return irt;
200 }
201
202 /*
203 * Free the vrf import rt node
204 */
205 static void vrf_import_rt_free(struct vrf_irt_node *irt)
206 {
207 struct bgp *bgp_def = NULL;
208
209 bgp_def = bgp_get_default();
210 if (!bgp_def) {
211 flog_err(EC_BGP_NO_DFLT,
212 "vrf import rt free - def instance not created yet");
213 return;
214 }
215
216 hash_release(bgp_def->vrf_import_rt_hash, irt);
217 list_delete(&irt->vrfs);
218 XFREE(MTYPE_BGP_EVPN_VRF_IMPORT_RT, irt);
219 }
220
221 /*
222 * Function to lookup Import RT node - used to map a RT to set of
223 * VNIs importing routes with that RT.
224 */
225 static struct vrf_irt_node *lookup_vrf_import_rt(struct ecommunity_val *rt)
226 {
227 struct bgp *bgp_def = NULL;
228 struct vrf_irt_node *irt;
229 struct vrf_irt_node tmp;
230
231 bgp_def = bgp_get_default();
232 if (!bgp_def) {
233 flog_err(EC_BGP_NO_DFLT,
234 "vrf import rt lookup - def instance not created yet");
235 return NULL;
236 }
237
238 memset(&tmp, 0, sizeof(struct vrf_irt_node));
239 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
240 irt = hash_lookup(bgp_def->vrf_import_rt_hash, &tmp);
241 return irt;
242 }
243
244 /*
245 * Is specified VRF present on the RT's list of "importing" VRFs?
246 */
247 static int is_vrf_present_in_irt_vrfs(struct list *vrfs, struct bgp *bgp_vrf)
248 {
249 struct listnode *node = NULL, *nnode = NULL;
250 struct bgp *tmp_bgp_vrf = NULL;
251
252 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, tmp_bgp_vrf)) {
253 if (tmp_bgp_vrf == bgp_vrf)
254 return 1;
255 }
256 return 0;
257 }
258
259 /*
260 * Make import route target hash key.
261 */
262 static unsigned int import_rt_hash_key_make(void *p)
263 {
264 struct irt_node *irt = p;
265 char *pnt = irt->rt.val;
266
267 return jhash(pnt, 8, 0xdeadbeef);
268 }
269
270 /*
271 * Comparison function for import rt hash
272 */
273 static bool import_rt_hash_cmp(const void *p1, const void *p2)
274 {
275 const struct irt_node *irt1 = p1;
276 const struct irt_node *irt2 = p2;
277
278 if (irt1 == NULL && irt2 == NULL)
279 return true;
280
281 if (irt1 == NULL || irt2 == NULL)
282 return false;
283
284 return (memcmp(irt1->rt.val, irt2->rt.val, ECOMMUNITY_SIZE) == 0);
285 }
286
287 /*
288 * Create a new import_rt
289 */
290 static struct irt_node *import_rt_new(struct bgp *bgp,
291 struct ecommunity_val *rt)
292 {
293 struct irt_node *irt;
294
295 if (!bgp)
296 return NULL;
297
298 irt = XCALLOC(MTYPE_BGP_EVPN_IMPORT_RT, sizeof(struct irt_node));
299 if (!irt)
300 return NULL;
301
302 irt->rt = *rt;
303 irt->vnis = list_new();
304
305 /* Add to hash */
306 if (!hash_get(bgp->import_rt_hash, irt, hash_alloc_intern)) {
307 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
308 return NULL;
309 }
310
311 return irt;
312 }
313
314 /*
315 * Free the import rt node
316 */
317 static void import_rt_free(struct bgp *bgp, struct irt_node *irt)
318 {
319 hash_release(bgp->import_rt_hash, irt);
320 list_delete(&irt->vnis);
321 XFREE(MTYPE_BGP_EVPN_IMPORT_RT, irt);
322 }
323
324 /*
325 * Function to lookup Import RT node - used to map a RT to set of
326 * VNIs importing routes with that RT.
327 */
328 static struct irt_node *lookup_import_rt(struct bgp *bgp,
329 struct ecommunity_val *rt)
330 {
331 struct irt_node *irt;
332 struct irt_node tmp;
333
334 memset(&tmp, 0, sizeof(struct irt_node));
335 memcpy(&tmp.rt, rt, ECOMMUNITY_SIZE);
336 irt = hash_lookup(bgp->import_rt_hash, &tmp);
337 return irt;
338 }
339
340 /*
341 * Is specified VNI present on the RT's list of "importing" VNIs?
342 */
343 static int is_vni_present_in_irt_vnis(struct list *vnis, struct bgpevpn *vpn)
344 {
345 struct listnode *node, *nnode;
346 struct bgpevpn *tmp_vpn;
347
348 for (ALL_LIST_ELEMENTS(vnis, node, nnode, tmp_vpn)) {
349 if (tmp_vpn == vpn)
350 return 1;
351 }
352
353 return 0;
354 }
355
356 /*
357 * Compare Route Targets.
358 */
359 static int evpn_route_target_cmp(struct ecommunity *ecom1,
360 struct ecommunity *ecom2)
361 {
362 if (ecom1 && !ecom2)
363 return -1;
364
365 if (!ecom1 && ecom2)
366 return 1;
367
368 if (!ecom1 && !ecom2)
369 return 0;
370
371 if (ecom1->str && !ecom2->str)
372 return -1;
373
374 if (!ecom1->str && ecom2->str)
375 return 1;
376
377 if (!ecom1->str && !ecom2->str)
378 return 0;
379
380 return strcmp(ecom1->str, ecom2->str);
381 }
382
383 static void evpn_xxport_delete_ecomm(void *val)
384 {
385 struct ecommunity *ecomm = val;
386 ecommunity_free(&ecomm);
387 }
388
389 /*
390 * Mask off global-admin field of specified extended community (RT),
391 * just retain the local-admin field.
392 */
393 static inline void mask_ecom_global_admin(struct ecommunity_val *dst,
394 struct ecommunity_val *src)
395 {
396 uint8_t type;
397
398 type = src->val[0];
399 dst->val[0] = 0;
400 if (type == ECOMMUNITY_ENCODE_AS) {
401 dst->val[2] = dst->val[3] = 0;
402 } else if (type == ECOMMUNITY_ENCODE_AS4
403 || type == ECOMMUNITY_ENCODE_IP) {
404 dst->val[2] = dst->val[3] = 0;
405 dst->val[4] = dst->val[5] = 0;
406 }
407 }
408
409 /*
410 * Map one RT to specified VRF.
411 * bgp_vrf = BGP vrf instance
412 */
413 static void map_vrf_to_rt(struct bgp *bgp_vrf, struct ecommunity_val *eval)
414 {
415 struct vrf_irt_node *irt = NULL;
416 struct ecommunity_val eval_tmp;
417
418 /* If using "automatic" RT,
419 * we only care about the local-admin sub-field.
420 * This is to facilitate using L3VNI(VRF-VNI)
421 * as the RT for EBGP peering too.
422 */
423 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
424 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
425 mask_ecom_global_admin(&eval_tmp, eval);
426
427 irt = lookup_vrf_import_rt(&eval_tmp);
428 if (irt && is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
429 /* Already mapped. */
430 return;
431
432 if (!irt)
433 irt = vrf_import_rt_new(&eval_tmp);
434
435 /* Add VRF to the list for this RT. */
436 listnode_add(irt->vrfs, bgp_vrf);
437 }
438
439 /*
440 * Unmap specified VRF from specified RT. If there are no other
441 * VRFs for this RT, then the RT hash is deleted.
442 * bgp_vrf: BGP VRF specific instance
443 */
444 static void unmap_vrf_from_rt(struct bgp *bgp_vrf, struct vrf_irt_node *irt)
445 {
446 /* Delete VRF from list for this RT. */
447 listnode_delete(irt->vrfs, bgp_vrf);
448 if (!listnode_head(irt->vrfs)) {
449 vrf_import_rt_free(irt);
450 }
451 }
452
453 /*
454 * Map one RT to specified VNI.
455 */
456 static void map_vni_to_rt(struct bgp *bgp, struct bgpevpn *vpn,
457 struct ecommunity_val *eval)
458 {
459 struct irt_node *irt;
460 struct ecommunity_val eval_tmp;
461
462 /* If using "automatic" RT, we only care about the local-admin
463 * sub-field.
464 * This is to facilitate using VNI as the RT for EBGP peering too.
465 */
466 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
467 if (!is_import_rt_configured(vpn))
468 mask_ecom_global_admin(&eval_tmp, eval);
469
470 irt = lookup_import_rt(bgp, &eval_tmp);
471 if (irt)
472 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
473 /* Already mapped. */
474 return;
475
476 if (!irt) {
477 irt = import_rt_new(bgp, &eval_tmp);
478 assert(irt);
479 }
480
481 /* Add VNI to the hash list for this RT. */
482 listnode_add(irt->vnis, vpn);
483 }
484
485 /*
486 * Unmap specified VNI from specified RT. If there are no other
487 * VNIs for this RT, then the RT hash is deleted.
488 */
489 static void unmap_vni_from_rt(struct bgp *bgp, struct bgpevpn *vpn,
490 struct irt_node *irt)
491 {
492 /* Delete VNI from hash list for this RT. */
493 listnode_delete(irt->vnis, vpn);
494 if (!listnode_head(irt->vnis)) {
495 import_rt_free(bgp, irt);
496 }
497 }
498
499 /*
500 * Create RT extended community automatically from passed information:
501 * of the form AS:VNI.
502 * NOTE: We use only the lower 16 bits of the AS. This is sufficient as
503 * the need is to get a RT value that will be unique across different
504 * VNIs but the same across routers (in the same AS) for a particular
505 * VNI.
506 */
507 static void form_auto_rt(struct bgp *bgp, vni_t vni, struct list *rtl)
508 {
509 struct ecommunity_val eval;
510 struct ecommunity *ecomadd;
511
512 if (bgp->advertise_autort_rfc8365)
513 vni |= EVPN_AUTORT_VXLAN;
514 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
515
516 ecomadd = ecommunity_new();
517 ecommunity_add_val(ecomadd, &eval);
518 listnode_add_sort(rtl, ecomadd);
519 }
520
521 /*
522 * Derive RD and RT for a VNI automatically. Invoked at the time of
523 * creation of a VNI.
524 */
525 static void derive_rd_rt_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
526 {
527 bgp_evpn_derive_auto_rd(bgp, vpn);
528 bgp_evpn_derive_auto_rt_import(bgp, vpn);
529 bgp_evpn_derive_auto_rt_export(bgp, vpn);
530 }
531
532 /*
533 * Convert nexthop (remote VTEP IP) into an IPv6 address.
534 */
535 static void evpn_convert_nexthop_to_ipv6(struct attr *attr)
536 {
537 if (BGP_ATTR_NEXTHOP_AFI_IP6(attr))
538 return;
539 ipv4_to_ipv4_mapped_ipv6(&attr->mp_nexthop_global, attr->nexthop);
540 attr->mp_nexthop_len = IPV6_MAX_BYTELEN;
541 }
542
543 /*
544 * Add (update) or delete MACIP from zebra.
545 */
546 static int bgp_zebra_send_remote_macip(struct bgp *bgp, struct bgpevpn *vpn,
547 struct prefix_evpn *p,
548 struct in_addr remote_vtep_ip, int add,
549 uint8_t flags, uint32_t seq)
550 {
551 struct stream *s;
552 int ipa_len;
553 char buf1[ETHER_ADDR_STRLEN];
554 char buf2[INET6_ADDRSTRLEN];
555 char buf3[INET6_ADDRSTRLEN];
556
557 /* Check socket. */
558 if (!zclient || zclient->sock < 0)
559 return 0;
560
561 /* Don't try to register if Zebra doesn't know of this instance. */
562 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
563 if (BGP_DEBUG(zebra, ZEBRA))
564 zlog_debug("%s: No zebra instance to talk to, not installing remote macip",
565 __PRETTY_FUNCTION__);
566 return 0;
567 }
568 s = zclient->obuf;
569 stream_reset(s);
570
571 zclient_create_header(
572 s, add ? ZEBRA_REMOTE_MACIP_ADD : ZEBRA_REMOTE_MACIP_DEL,
573 bgp->vrf_id);
574 stream_putl(s, vpn->vni);
575 stream_put(s, &p->prefix.macip_addr.mac.octet, ETH_ALEN); /* Mac Addr */
576 /* IP address length and IP address, if any. */
577 if (is_evpn_prefix_ipaddr_none(p))
578 stream_putl(s, 0);
579 else {
580 ipa_len = is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BYTELEN
581 : IPV6_MAX_BYTELEN;
582 stream_putl(s, ipa_len);
583 stream_put(s, &p->prefix.macip_addr.ip.ip.addr, ipa_len);
584 }
585 stream_put_in_addr(s, &remote_vtep_ip);
586
587 /* TX flags - MAC sticky status and/or gateway mac */
588 /* Also TX the sequence number of the best route. */
589 if (add) {
590 stream_putc(s, flags);
591 stream_putl(s, seq);
592 }
593
594 stream_putw_at(s, 0, stream_get_endp(s));
595
596 if (bgp_debug_zebra(NULL))
597 zlog_debug(
598 "Tx %s MACIP, VNI %u MAC %s IP %s flags 0x%x seq %u remote VTEP %s",
599 add ? "ADD" : "DEL", vpn->vni,
600 prefix_mac2str(&p->prefix.macip_addr.mac,
601 buf1, sizeof(buf1)),
602 ipaddr2str(&p->prefix.macip_addr.ip,
603 buf3, sizeof(buf3)), flags, seq,
604 inet_ntop(AF_INET, &remote_vtep_ip, buf2,
605 sizeof(buf2)));
606
607 return zclient_send_message(zclient);
608 }
609
610 /*
611 * Add (update) or delete remote VTEP from zebra.
612 */
613 static int bgp_zebra_send_remote_vtep(struct bgp *bgp, struct bgpevpn *vpn,
614 struct prefix_evpn *p, int add)
615 {
616 struct stream *s;
617
618 /* Check socket. */
619 if (!zclient || zclient->sock < 0)
620 return 0;
621
622 /* Don't try to register if Zebra doesn't know of this instance. */
623 if (!IS_BGP_INST_KNOWN_TO_ZEBRA(bgp)) {
624 if (BGP_DEBUG(zebra, ZEBRA))
625 zlog_debug("%s: No zebra instance to talk to, not installing remote vtep",
626 __PRETTY_FUNCTION__);
627 return 0;
628 }
629
630 s = zclient->obuf;
631 stream_reset(s);
632
633 zclient_create_header(
634 s, add ? ZEBRA_REMOTE_VTEP_ADD : ZEBRA_REMOTE_VTEP_DEL,
635 bgp->vrf_id);
636 stream_putl(s, vpn->vni);
637 if (is_evpn_prefix_ipaddr_v4(p))
638 stream_put_in_addr(s, &p->prefix.imet_addr.ip.ipaddr_v4);
639 else if (is_evpn_prefix_ipaddr_v6(p)) {
640 flog_err(
641 EC_BGP_VTEP_INVALID,
642 "Bad remote IP when trying to %s remote VTEP for VNI %u",
643 add ? "ADD" : "DEL", vpn->vni);
644 return -1;
645 }
646
647 stream_putw_at(s, 0, stream_get_endp(s));
648
649 if (bgp_debug_zebra(NULL))
650 zlog_debug("Tx %s Remote VTEP, VNI %u remote VTEP %s",
651 add ? "ADD" : "DEL", vpn->vni,
652 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
653
654 return zclient_send_message(zclient);
655 }
656
657 /*
658 * Build extended community for EVPN ES (type-4) route
659 */
660 static void build_evpn_type4_route_extcomm(struct evpnes *es,
661 struct attr *attr)
662 {
663 struct ecommunity ecom_encap;
664 struct ecommunity ecom_es_rt;
665 struct ecommunity_val eval;
666 struct ecommunity_val eval_es_rt;
667 bgp_encap_types tnl_type;
668 struct ethaddr mac;
669
670 /* Encap */
671 tnl_type = BGP_ENCAP_TYPE_VXLAN;
672 memset(&ecom_encap, 0, sizeof(ecom_encap));
673 encode_encap_extcomm(tnl_type, &eval);
674 ecom_encap.size = 1;
675 ecom_encap.val = (uint8_t *)eval.val;
676 attr->ecommunity = ecommunity_dup(&ecom_encap);
677
678 /* ES import RT */
679 memset(&mac, 0, sizeof(struct ethaddr));
680 memset(&ecom_es_rt, 0, sizeof(ecom_es_rt));
681 es_get_system_mac(&es->esi, &mac);
682 encode_es_rt_extcomm(&eval_es_rt, &mac);
683 ecom_es_rt.size = 1;
684 ecom_es_rt.val = (uint8_t *)eval_es_rt.val;
685 attr->ecommunity =
686 ecommunity_merge(attr->ecommunity, &ecom_es_rt);
687
688 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
689 }
690
691 /*
692 * Build extended communities for EVPN prefix route.
693 */
694 static void build_evpn_type5_route_extcomm(struct bgp *bgp_vrf,
695 struct attr *attr)
696 {
697 struct ecommunity ecom_encap;
698 struct ecommunity ecom_rmac;
699 struct ecommunity_val eval;
700 struct ecommunity_val eval_rmac;
701 bgp_encap_types tnl_type;
702 struct listnode *node, *nnode;
703 struct ecommunity *ecom;
704 struct list *vrf_export_rtl = NULL;
705
706 /* Encap */
707 tnl_type = BGP_ENCAP_TYPE_VXLAN;
708 memset(&ecom_encap, 0, sizeof(ecom_encap));
709 encode_encap_extcomm(tnl_type, &eval);
710 ecom_encap.size = 1;
711 ecom_encap.val = (uint8_t *)eval.val;
712
713 /* Add Encap */
714 attr->ecommunity = ecommunity_dup(&ecom_encap);
715
716 /* Add the export RTs for L3VNI/VRF */
717 vrf_export_rtl = bgp_vrf->vrf_export_rtl;
718 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode, ecom))
719 attr->ecommunity =
720 ecommunity_merge(attr->ecommunity, ecom);
721
722 /* add the router mac extended community */
723 if (!is_zero_mac(&attr->rmac)) {
724 memset(&ecom_rmac, 0, sizeof(ecom_rmac));
725 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
726 ecom_rmac.size = 1;
727 ecom_rmac.val = (uint8_t *)eval_rmac.val;
728 attr->ecommunity =
729 ecommunity_merge(attr->ecommunity, &ecom_rmac);
730 }
731
732 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
733 }
734
735 /*
736 * Build extended communities for EVPN route.
737 * This function is applicable for type-2 and type-3 routes. The layer-2 RT
738 * and ENCAP extended communities are applicable for all routes.
739 * The default gateway extended community and MAC mobility (sticky) extended
740 * community are added as needed based on passed settings - only for type-2
741 * routes. Likewise, the layer-3 RT and Router MAC extended communities are
742 * added, if present, based on passed settings - only for non-link-local
743 * type-2 routes.
744 */
745 static void build_evpn_route_extcomm(struct bgpevpn *vpn, struct attr *attr,
746 int add_l3_ecomm)
747 {
748 struct ecommunity ecom_encap;
749 struct ecommunity ecom_sticky;
750 struct ecommunity ecom_default_gw;
751 struct ecommunity ecom_rmac;
752 struct ecommunity ecom_na;
753 struct ecommunity_val eval;
754 struct ecommunity_val eval_sticky;
755 struct ecommunity_val eval_default_gw;
756 struct ecommunity_val eval_rmac;
757 struct ecommunity_val eval_na;
758
759 bgp_encap_types tnl_type;
760 struct listnode *node, *nnode;
761 struct ecommunity *ecom;
762 uint32_t seqnum;
763 struct list *vrf_export_rtl = NULL;
764
765 /* Encap */
766 tnl_type = BGP_ENCAP_TYPE_VXLAN;
767 memset(&ecom_encap, 0, sizeof(ecom_encap));
768 encode_encap_extcomm(tnl_type, &eval);
769 ecom_encap.size = 1;
770 ecom_encap.val = (uint8_t *)eval.val;
771
772 /* Add Encap */
773 attr->ecommunity = ecommunity_dup(&ecom_encap);
774
775 /* Add the export RTs for L2VNI */
776 for (ALL_LIST_ELEMENTS(vpn->export_rtl, node, nnode, ecom))
777 attr->ecommunity = ecommunity_merge(attr->ecommunity, ecom);
778
779 /* Add the export RTs for L3VNI if told to - caller determines
780 * when this should be done.
781 */
782 if (add_l3_ecomm) {
783 vrf_export_rtl = bgpevpn_get_vrf_export_rtl(vpn);
784 if (vrf_export_rtl && !list_isempty(vrf_export_rtl)) {
785 for (ALL_LIST_ELEMENTS(vrf_export_rtl, node, nnode,
786 ecom))
787 attr->ecommunity = ecommunity_merge(
788 attr->ecommunity, ecom);
789 }
790 }
791
792 /* Add MAC mobility (sticky) if needed. */
793 if (attr->sticky) {
794 seqnum = 0;
795 memset(&ecom_sticky, 0, sizeof(ecom_sticky));
796 encode_mac_mobility_extcomm(1, seqnum, &eval_sticky);
797 ecom_sticky.size = 1;
798 ecom_sticky.val = (uint8_t *)eval_sticky.val;
799 attr->ecommunity =
800 ecommunity_merge(attr->ecommunity, &ecom_sticky);
801 }
802
803 /* Add RMAC, if told to. */
804 if (add_l3_ecomm) {
805 memset(&ecom_rmac, 0, sizeof(ecom_rmac));
806 encode_rmac_extcomm(&eval_rmac, &attr->rmac);
807 ecom_rmac.size = 1;
808 ecom_rmac.val = (uint8_t *)eval_rmac.val;
809 attr->ecommunity =
810 ecommunity_merge(attr->ecommunity, &ecom_rmac);
811 }
812
813 /* Add default gateway, if needed. */
814 if (attr->default_gw) {
815 memset(&ecom_default_gw, 0, sizeof(ecom_default_gw));
816 encode_default_gw_extcomm(&eval_default_gw);
817 ecom_default_gw.size = 1;
818 ecom_default_gw.val = (uint8_t *)eval_default_gw.val;
819 attr->ecommunity =
820 ecommunity_merge(attr->ecommunity, &ecom_default_gw);
821 }
822
823 if (attr->router_flag) {
824 memset(&ecom_na, 0, sizeof(ecom_na));
825 encode_na_flag_extcomm(&eval_na, attr->router_flag);
826 ecom_na.size = 1;
827 ecom_na.val = (uint8_t *)eval_na.val;
828 attr->ecommunity = ecommunity_merge(attr->ecommunity,
829 &ecom_na);
830 }
831
832 attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES);
833 }
834
835 /*
836 * Add MAC mobility extended community to attribute.
837 */
838 static void add_mac_mobility_to_attr(uint32_t seq_num, struct attr *attr)
839 {
840 struct ecommunity ecom_tmp;
841 struct ecommunity_val eval;
842 uint8_t *ecom_val_ptr;
843 int i;
844 uint8_t *pnt;
845 int type = 0;
846 int sub_type = 0;
847
848 /* Build MM */
849 encode_mac_mobility_extcomm(0, seq_num, &eval);
850
851 /* Find current MM ecommunity */
852 ecom_val_ptr = NULL;
853
854 if (attr->ecommunity) {
855 for (i = 0; i < attr->ecommunity->size; i++) {
856 pnt = attr->ecommunity->val + (i * 8);
857 type = *pnt++;
858 sub_type = *pnt++;
859
860 if (type == ECOMMUNITY_ENCODE_EVPN
861 && sub_type
862 == ECOMMUNITY_EVPN_SUBTYPE_MACMOBILITY) {
863 ecom_val_ptr = (uint8_t *)(attr->ecommunity->val
864 + (i * 8));
865 break;
866 }
867 }
868 }
869
870 /* Update the existing MM ecommunity */
871 if (ecom_val_ptr) {
872 memcpy(ecom_val_ptr, eval.val, sizeof(char) * ECOMMUNITY_SIZE);
873 }
874 /* Add MM to existing */
875 else {
876 memset(&ecom_tmp, 0, sizeof(ecom_tmp));
877 ecom_tmp.size = 1;
878 ecom_tmp.val = (uint8_t *)eval.val;
879
880 if (attr->ecommunity)
881 attr->ecommunity =
882 ecommunity_merge(attr->ecommunity, &ecom_tmp);
883 else
884 attr->ecommunity = ecommunity_dup(&ecom_tmp);
885 }
886 }
887
888 /* Install EVPN route into zebra. */
889 static int evpn_zebra_install(struct bgp *bgp, struct bgpevpn *vpn,
890 struct prefix_evpn *p,
891 struct in_addr remote_vtep_ip, uint8_t flags,
892 uint32_t seq)
893 {
894 int ret;
895
896 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
897 ret = bgp_zebra_send_remote_macip(bgp, vpn, p, remote_vtep_ip,
898 1, flags, seq);
899 else
900 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p, 1);
901
902 return ret;
903 }
904
905 /* Uninstall EVPN route from zebra. */
906 static int evpn_zebra_uninstall(struct bgp *bgp, struct bgpevpn *vpn,
907 struct prefix_evpn *p,
908 struct in_addr remote_vtep_ip)
909 {
910 int ret;
911
912 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
913 ret = bgp_zebra_send_remote_macip(bgp, vpn, p, remote_vtep_ip,
914 0, 0, 0);
915 else
916 ret = bgp_zebra_send_remote_vtep(bgp, vpn, p, 0);
917
918 return ret;
919 }
920
921 /*
922 * Due to MAC mobility, the prior "local" best route has been supplanted
923 * by a "remote" best route. The prior route has to be deleted and withdrawn
924 * from peers.
925 */
926 static void evpn_delete_old_local_route(struct bgp *bgp, struct bgpevpn *vpn,
927 struct bgp_node *rn,
928 struct bgp_path_info *old_local)
929 {
930 struct bgp_node *global_rn;
931 struct bgp_path_info *pi;
932 afi_t afi = AFI_L2VPN;
933 safi_t safi = SAFI_EVPN;
934
935 /* Locate route node in the global EVPN routing table. Note that
936 * this table is a 2-level tree (RD-level + Prefix-level) similar to
937 * L3VPN routes.
938 */
939 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
940 (struct prefix *)&rn->p, &vpn->prd);
941 if (global_rn) {
942 /* Delete route entry in the global EVPN table. */
943 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
944
945 /* Schedule for processing - withdraws to peers happen from
946 * this table.
947 */
948 if (pi)
949 bgp_process(bgp, global_rn, afi, safi);
950 bgp_unlock_node(global_rn);
951 }
952
953 /* Delete route entry in the VNI route table, caller to remove. */
954 bgp_path_info_delete(rn, old_local);
955 }
956
957 static struct in_addr *es_vtep_new(struct in_addr vtep)
958 {
959 struct in_addr *ip;
960
961 ip = XCALLOC(MTYPE_BGP_EVPN_ES_VTEP, sizeof(struct in_addr));
962 if (!ip)
963 return NULL;
964
965 ip->s_addr = vtep.s_addr;
966 return ip;
967 }
968
969 static void es_vtep_free(struct in_addr *ip)
970 {
971 XFREE(MTYPE_BGP_EVPN_ES_VTEP, ip);
972 }
973
974 /* check if VTEP is already part of the list */
975 static int is_vtep_present_in_list(struct list *list,
976 struct in_addr vtep)
977 {
978 struct listnode *node = NULL;
979 struct in_addr *tmp;
980
981 for (ALL_LIST_ELEMENTS_RO(list, node, tmp)) {
982 if (tmp->s_addr == vtep.s_addr)
983 return 1;
984 }
985 return 0;
986 }
987
988 /*
989 * Best path for ES route was changed,
990 * update the list of VTEPs for this ES
991 */
992 static int evpn_es_install_vtep(struct bgp *bgp,
993 struct evpnes *es,
994 struct prefix_evpn *p,
995 struct in_addr rvtep)
996 {
997 struct in_addr *vtep_ip;
998
999 if (is_vtep_present_in_list(es->vtep_list, rvtep))
1000 return 0;
1001
1002
1003 vtep_ip = es_vtep_new(rvtep);
1004 if (vtep_ip)
1005 listnode_add_sort(es->vtep_list, vtep_ip);
1006 return 0;
1007 }
1008
1009 /*
1010 * Best path for ES route was changed,
1011 * update the list of VTEPs for this ES
1012 */
1013 static int evpn_es_uninstall_vtep(struct bgp *bgp,
1014 struct evpnes *es,
1015 struct prefix_evpn *p,
1016 struct in_addr rvtep)
1017 {
1018 struct listnode *node, *nnode, *node_to_del = NULL;
1019 struct in_addr *tmp;
1020
1021 for (ALL_LIST_ELEMENTS(es->vtep_list, node, nnode, tmp)) {
1022 if (tmp->s_addr == rvtep.s_addr) {
1023 es_vtep_free(tmp);
1024 node_to_del = node;
1025 }
1026 }
1027
1028 if (node_to_del)
1029 list_delete_node(es->vtep_list, node_to_del);
1030
1031 return 0;
1032 }
1033
1034 /*
1035 * Calculate the best path for a ES(type-4) route.
1036 */
1037 static int evpn_es_route_select_install(struct bgp *bgp,
1038 struct evpnes *es,
1039 struct bgp_node *rn)
1040 {
1041 int ret = 0;
1042 afi_t afi = AFI_L2VPN;
1043 safi_t safi = SAFI_EVPN;
1044 struct bgp_path_info *old_select; /* old best */
1045 struct bgp_path_info *new_select; /* new best */
1046 struct bgp_path_info_pair old_and_new;
1047
1048 /* Compute the best path. */
1049 bgp_best_selection(bgp, rn, &bgp->maxpaths[afi][safi],
1050 &old_and_new, afi, safi);
1051 old_select = old_and_new.old;
1052 new_select = old_and_new.new;
1053
1054 /*
1055 * If the best path hasn't changed - see if something needs to be
1056 * updated
1057 */
1058 if (old_select && old_select == new_select
1059 && old_select->type == ZEBRA_ROUTE_BGP
1060 && old_select->sub_type == BGP_ROUTE_IMPORTED
1061 && !CHECK_FLAG(rn->flags, BGP_NODE_USER_CLEAR)
1062 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1063 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1064 if (bgp_zebra_has_route_changed(rn, old_select)) {
1065 ret = evpn_es_install_vtep(bgp, es,
1066 (struct prefix_evpn *)&rn->p,
1067 old_select->attr->nexthop);
1068 }
1069 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1070 bgp_zebra_clear_route_change_flags(rn);
1071 return ret;
1072 }
1073
1074 /* If the user did a "clear" this flag will be set */
1075 UNSET_FLAG(rn->flags, BGP_NODE_USER_CLEAR);
1076
1077 /*
1078 * bestpath has changed; update relevant fields and install or uninstall
1079 * into the zebra RIB.
1080 */
1081 if (old_select || new_select)
1082 bgp_bump_version(rn);
1083
1084 if (old_select)
1085 bgp_path_info_unset_flag(rn, old_select, BGP_PATH_SELECTED);
1086 if (new_select) {
1087 bgp_path_info_set_flag(rn, new_select, BGP_PATH_SELECTED);
1088 bgp_path_info_unset_flag(rn, new_select, BGP_PATH_ATTR_CHANGED);
1089 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1090 }
1091
1092 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1093 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1094 ret = evpn_es_install_vtep(bgp, es,
1095 (struct prefix_evpn *)&rn->p,
1096 new_select->attr->nexthop);
1097 } else {
1098 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1099 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1100 ret = evpn_es_uninstall_vtep(
1101 bgp, es, (struct prefix_evpn *)&rn->p,
1102 old_select->attr->nexthop);
1103 }
1104
1105 /* Clear any route change flags. */
1106 bgp_zebra_clear_route_change_flags(rn);
1107
1108 /* Reap old select bgp_path_info, if it has been removed */
1109 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1110 bgp_path_info_reap(rn, old_select);
1111
1112 return ret;
1113 }
1114
1115 /*
1116 * Calculate the best path for an EVPN route. Install/update best path in zebra,
1117 * if appropriate.
1118 */
1119 static int evpn_route_select_install(struct bgp *bgp, struct bgpevpn *vpn,
1120 struct bgp_node *rn)
1121 {
1122 struct bgp_path_info *old_select, *new_select;
1123 struct bgp_path_info_pair old_and_new;
1124 struct prefix_evpn *evp;
1125 afi_t afi = AFI_L2VPN;
1126 safi_t safi = SAFI_EVPN;
1127 int ret = 0;
1128 uint8_t flags = 0;
1129
1130 /* Compute the best path. */
1131 bgp_best_selection(bgp, rn, &bgp->maxpaths[afi][safi], &old_and_new,
1132 afi, safi);
1133 old_select = old_and_new.old;
1134 new_select = old_and_new.new;
1135
1136 evp = (struct prefix_evpn *)&rn->p;
1137 /* If the best path hasn't changed - see if there is still something to
1138 * update
1139 * to zebra RIB.
1140 */
1141 if (old_select && old_select == new_select
1142 && old_select->type == ZEBRA_ROUTE_BGP
1143 && old_select->sub_type == BGP_ROUTE_IMPORTED
1144 && !CHECK_FLAG(rn->flags, BGP_NODE_USER_CLEAR)
1145 && !CHECK_FLAG(old_select->flags, BGP_PATH_ATTR_CHANGED)
1146 && !bgp_addpath_is_addpath_used(&bgp->tx_addpath, afi, safi)) {
1147 if (bgp_zebra_has_route_changed(rn, old_select)) {
1148 if (old_select->attr->sticky)
1149 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1150 if (old_select->attr->default_gw)
1151 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1152 if (is_evpn_prefix_ipaddr_v6(evp) &&
1153 old_select->attr->router_flag)
1154 SET_FLAG(flags, ZEBRA_MACIP_TYPE_ROUTER_FLAG);
1155
1156 ret = evpn_zebra_install(
1157 bgp, vpn, (struct prefix_evpn *)&rn->p,
1158 old_select->attr->nexthop, flags,
1159 mac_mobility_seqnum(old_select->attr));
1160 }
1161 UNSET_FLAG(old_select->flags, BGP_PATH_MULTIPATH_CHG);
1162 bgp_zebra_clear_route_change_flags(rn);
1163 return ret;
1164 }
1165
1166 /* If the user did a "clear" this flag will be set */
1167 UNSET_FLAG(rn->flags, BGP_NODE_USER_CLEAR);
1168
1169 /* bestpath has changed; update relevant fields and install or uninstall
1170 * into the zebra RIB.
1171 */
1172 if (old_select || new_select)
1173 bgp_bump_version(rn);
1174
1175 if (old_select)
1176 bgp_path_info_unset_flag(rn, old_select, BGP_PATH_SELECTED);
1177 if (new_select) {
1178 bgp_path_info_set_flag(rn, new_select, BGP_PATH_SELECTED);
1179 bgp_path_info_unset_flag(rn, new_select, BGP_PATH_ATTR_CHANGED);
1180 UNSET_FLAG(new_select->flags, BGP_PATH_MULTIPATH_CHG);
1181 }
1182
1183 if (new_select && new_select->type == ZEBRA_ROUTE_BGP
1184 && new_select->sub_type == BGP_ROUTE_IMPORTED) {
1185 flags = 0;
1186 if (new_select->attr->sticky)
1187 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1188 if (new_select->attr->default_gw)
1189 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1190 if (is_evpn_prefix_ipaddr_v6(evp) &&
1191 new_select->attr->router_flag)
1192 SET_FLAG(flags, ZEBRA_MACIP_TYPE_ROUTER_FLAG);
1193
1194 ret = evpn_zebra_install(bgp, vpn, (struct prefix_evpn *)&rn->p,
1195 new_select->attr->nexthop, flags,
1196 mac_mobility_seqnum(new_select->attr));
1197 /* If an old best existed and it was a "local" route, the only
1198 * reason
1199 * it would be supplanted is due to MAC mobility procedures. So,
1200 * we
1201 * need to do an implicit delete and withdraw that route from
1202 * peers.
1203 */
1204 if (old_select && old_select->peer == bgp->peer_self
1205 && old_select->type == ZEBRA_ROUTE_BGP
1206 && old_select->sub_type == BGP_ROUTE_STATIC)
1207 evpn_delete_old_local_route(bgp, vpn, rn, old_select);
1208 } else {
1209 if (old_select && old_select->type == ZEBRA_ROUTE_BGP
1210 && old_select->sub_type == BGP_ROUTE_IMPORTED)
1211 ret = evpn_zebra_uninstall(bgp, vpn,
1212 (struct prefix_evpn *)&rn->p,
1213 old_select->attr->nexthop);
1214 }
1215
1216 /* Clear any route change flags. */
1217 bgp_zebra_clear_route_change_flags(rn);
1218
1219 /* Reap old select bgp_path_info, if it has been removed */
1220 if (old_select && CHECK_FLAG(old_select->flags, BGP_PATH_REMOVED))
1221 bgp_path_info_reap(rn, old_select);
1222
1223 return ret;
1224 }
1225
1226 /*
1227 * Return true if the local ri for this rn is of type gateway mac
1228 */
1229 static int evpn_route_is_def_gw(struct bgp *bgp, struct bgp_node *rn)
1230 {
1231 struct bgp_path_info *tmp_pi = NULL;
1232 struct bgp_path_info *local_pi = NULL;
1233
1234 local_pi = NULL;
1235 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1236 tmp_pi = tmp_pi->next) {
1237 if (tmp_pi->peer == bgp->peer_self
1238 && tmp_pi->type == ZEBRA_ROUTE_BGP
1239 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1240 local_pi = tmp_pi;
1241 }
1242
1243 if (!local_pi)
1244 return 0;
1245
1246 return local_pi->attr->default_gw;
1247 }
1248
1249
1250 /*
1251 * Return true if the local ri for this rn has sticky set
1252 */
1253 static int evpn_route_is_sticky(struct bgp *bgp, struct bgp_node *rn)
1254 {
1255 struct bgp_path_info *tmp_pi;
1256 struct bgp_path_info *local_pi;
1257
1258 local_pi = NULL;
1259 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1260 tmp_pi = tmp_pi->next) {
1261 if (tmp_pi->peer == bgp->peer_self
1262 && tmp_pi->type == ZEBRA_ROUTE_BGP
1263 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1264 local_pi = tmp_pi;
1265 }
1266
1267 if (!local_pi)
1268 return 0;
1269
1270 return local_pi->attr->sticky;
1271 }
1272
1273 /*
1274 * create or update EVPN type4 route entry.
1275 * This could be in the ES table or the global table.
1276 * TODO: handle remote ES (type4) routes as well
1277 */
1278 static int update_evpn_type4_route_entry(struct bgp *bgp, struct evpnes *es,
1279 afi_t afi, safi_t safi,
1280 struct bgp_node *rn, struct attr *attr,
1281 int add, struct bgp_path_info **ri,
1282 int *route_changed)
1283 {
1284 char buf[ESI_STR_LEN];
1285 char buf1[INET6_ADDRSTRLEN];
1286 struct bgp_path_info *tmp_pi = NULL;
1287 struct bgp_path_info *local_pi = NULL; /* local route entry if any */
1288 struct bgp_path_info *remote_pi = NULL; /* remote route entry if any */
1289 struct attr *attr_new = NULL;
1290 struct prefix_evpn *evp = NULL;
1291
1292 *ri = NULL;
1293 *route_changed = 1;
1294 evp = (struct prefix_evpn *)&rn->p;
1295
1296 /* locate the local and remote entries if any */
1297 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1298 tmp_pi = tmp_pi->next) {
1299 if (tmp_pi->peer == bgp->peer_self
1300 && tmp_pi->type == ZEBRA_ROUTE_BGP
1301 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1302 local_pi = tmp_pi;
1303 if (tmp_pi->type == ZEBRA_ROUTE_BGP
1304 && tmp_pi->sub_type == BGP_ROUTE_IMPORTED
1305 && CHECK_FLAG(tmp_pi->flags, BGP_PATH_VALID))
1306 remote_pi = tmp_pi;
1307 }
1308
1309 /* we don't expect to see a remote_ri at this point.
1310 * An ES route has esi + vtep_ip as the key,
1311 * We shouldn't see the same route from any other vtep.
1312 */
1313 if (remote_pi) {
1314 flog_err(
1315 EC_BGP_ES_INVALID,
1316 "%u ERROR: local es route for ESI: %s Vtep %s also learnt from remote",
1317 bgp->vrf_id,
1318 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)),
1319 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1320 return -1;
1321 }
1322
1323 if (!local_pi && !add)
1324 return 0;
1325
1326 /* create or update the entry */
1327 if (!local_pi) {
1328
1329 /* Add or update attribute to hash */
1330 attr_new = bgp_attr_intern(attr);
1331
1332 /* Create new route with its attribute. */
1333 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1334 bgp->peer_self, attr_new, rn);
1335 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1336
1337 /* add the newly created path to the route-node */
1338 bgp_path_info_add(rn, tmp_pi);
1339 } else {
1340 tmp_pi = local_pi;
1341 if (attrhash_cmp(tmp_pi->attr, attr)
1342 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1343 *route_changed = 0;
1344 else {
1345 /* The attribute has changed.
1346 * Add (or update) attribute to hash. */
1347 attr_new = bgp_attr_intern(attr);
1348 bgp_path_info_set_flag(rn, tmp_pi,
1349 BGP_PATH_ATTR_CHANGED);
1350
1351 /* Restore route, if needed. */
1352 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1353 bgp_path_info_restore(rn, tmp_pi);
1354
1355 /* Unintern existing, set to new. */
1356 bgp_attr_unintern(&tmp_pi->attr);
1357 tmp_pi->attr = attr_new;
1358 tmp_pi->uptime = bgp_clock();
1359 }
1360 }
1361
1362 /* Return back the route entry. */
1363 *ri = tmp_pi;
1364 return 0;
1365 }
1366
1367 /* update evpn es (type-4) route */
1368 static int update_evpn_type4_route(struct bgp *bgp,
1369 struct evpnes *es,
1370 struct prefix_evpn *p)
1371 {
1372 int ret = 0;
1373 int route_changed = 0;
1374 char buf[ESI_STR_LEN];
1375 char buf1[INET6_ADDRSTRLEN];
1376 afi_t afi = AFI_L2VPN;
1377 safi_t safi = SAFI_EVPN;
1378 struct attr attr;
1379 struct attr *attr_new = NULL;
1380 struct bgp_node *rn = NULL;
1381 struct bgp_path_info *pi = NULL;
1382
1383 memset(&attr, 0, sizeof(struct attr));
1384
1385 /* Build path-attribute for this route. */
1386 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1387 attr.nexthop = es->originator_ip.ipaddr_v4;
1388 attr.mp_nexthop_global_in = es->originator_ip.ipaddr_v4;
1389 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1390
1391 /* Set up extended community. */
1392 build_evpn_type4_route_extcomm(es, &attr);
1393
1394 /* First, create (or fetch) route node within the ESI. */
1395 /* NOTE: There is no RD here. */
1396 rn = bgp_node_get(es->route_table, (struct prefix *)p);
1397
1398 /* Create or update route entry. */
1399 ret = update_evpn_type4_route_entry(bgp, es, afi, safi, rn, &attr, 1,
1400 &pi, &route_changed);
1401 if (ret != 0) {
1402 flog_err(EC_BGP_ES_INVALID,
1403 "%u ERROR: Failed to updated ES route ESI: %s VTEP %s",
1404 bgp->vrf_id,
1405 esi_to_str(&p->prefix.es_addr.esi, buf, sizeof(buf)),
1406 ipaddr2str(&es->originator_ip, buf1, sizeof(buf1)));
1407 }
1408
1409 assert(pi);
1410 attr_new = pi->attr;
1411
1412 /* Perform route selection;
1413 * this is just to set the flags correctly
1414 * as local route in the ES always wins.
1415 */
1416 evpn_es_route_select_install(bgp, es, rn);
1417 bgp_unlock_node(rn);
1418
1419 /* If this is a new route or some attribute has changed, export the
1420 * route to the global table. The route will be advertised to peers
1421 * from there. Note that this table is a 2-level tree (RD-level +
1422 * Prefix-level) similar to L3VPN routes.
1423 */
1424 if (route_changed) {
1425 struct bgp_path_info *global_pi;
1426
1427 rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1428 (struct prefix *)p, &es->prd);
1429 update_evpn_type4_route_entry(bgp, es, afi, safi, rn, attr_new,
1430 1, &global_pi, &route_changed);
1431
1432 /* Schedule for processing and unlock node. */
1433 bgp_process(bgp, rn, afi, safi);
1434 bgp_unlock_node(rn);
1435 }
1436
1437 /* Unintern temporary. */
1438 aspath_unintern(&attr.aspath);
1439 return 0;
1440 }
1441
1442 static int update_evpn_type5_route_entry(struct bgp *bgp_def,
1443 struct bgp *bgp_vrf, afi_t afi,
1444 safi_t safi, struct bgp_node *rn,
1445 struct attr *attr, int *route_changed)
1446 {
1447 struct attr *attr_new = NULL;
1448 struct bgp_path_info *pi = NULL;
1449 mpls_label_t label = MPLS_INVALID_LABEL;
1450 struct bgp_path_info *local_pi = NULL;
1451 struct bgp_path_info *tmp_pi = NULL;
1452
1453 *route_changed = 0;
1454 /* locate the local route entry if any */
1455 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1456 tmp_pi = tmp_pi->next) {
1457 if (tmp_pi->peer == bgp_def->peer_self
1458 && tmp_pi->type == ZEBRA_ROUTE_BGP
1459 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1460 local_pi = tmp_pi;
1461 }
1462
1463 /*
1464 * create a new route entry if one doesn't exist.
1465 * Otherwise see if route attr has changed
1466 */
1467 if (!local_pi) {
1468
1469 /* route has changed as this is the first entry */
1470 *route_changed = 1;
1471
1472 /* Add (or update) attribute to hash. */
1473 attr_new = bgp_attr_intern(attr);
1474
1475 /* create the route info from attribute */
1476 pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1477 bgp_def->peer_self, attr_new, rn);
1478 SET_FLAG(pi->flags, BGP_PATH_VALID);
1479
1480 /* Type-5 routes advertise the L3-VNI */
1481 bgp_path_info_extra_get(pi);
1482 vni2label(bgp_vrf->l3vni, &label);
1483 memcpy(&pi->extra->label, &label, sizeof(label));
1484 pi->extra->num_labels = 1;
1485
1486 /* add the route entry to route node*/
1487 bgp_path_info_add(rn, pi);
1488 } else {
1489
1490 tmp_pi = local_pi;
1491 if (!attrhash_cmp(tmp_pi->attr, attr)) {
1492
1493 /* attribute changed */
1494 *route_changed = 1;
1495
1496 /* The attribute has changed. */
1497 /* Add (or update) attribute to hash. */
1498 attr_new = bgp_attr_intern(attr);
1499 bgp_path_info_set_flag(rn, tmp_pi,
1500 BGP_PATH_ATTR_CHANGED);
1501
1502 /* Restore route, if needed. */
1503 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1504 bgp_path_info_restore(rn, tmp_pi);
1505
1506 /* Unintern existing, set to new. */
1507 bgp_attr_unintern(&tmp_pi->attr);
1508 tmp_pi->attr = attr_new;
1509 tmp_pi->uptime = bgp_clock();
1510 }
1511 }
1512 return 0;
1513 }
1514
1515 /* update evpn type-5 route entry */
1516 static int update_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp,
1517 struct attr *src_attr)
1518 {
1519 afi_t afi = AFI_L2VPN;
1520 safi_t safi = SAFI_EVPN;
1521 struct attr attr;
1522 struct bgp_node *rn = NULL;
1523 struct bgp *bgp_def = NULL;
1524 int route_changed = 0;
1525
1526 bgp_def = bgp_get_default();
1527 if (!bgp_def)
1528 return 0;
1529
1530 /* Build path attribute for this route - use the source attr, if
1531 * present, else treat as locally originated.
1532 */
1533 if (src_attr)
1534 bgp_attr_dup(&attr, src_attr);
1535 else {
1536 memset(&attr, 0, sizeof(struct attr));
1537 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1538 }
1539 /* Set nexthop to ourselves and fill in the Router MAC. */
1540 attr.nexthop = bgp_vrf->originator_ip;
1541 attr.mp_nexthop_global_in = bgp_vrf->originator_ip;
1542 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1543 memcpy(&attr.rmac, &bgp_vrf->rmac, sizeof(struct ethaddr));
1544
1545 /* Setup RT and encap extended community */
1546 build_evpn_type5_route_extcomm(bgp_vrf, &attr);
1547
1548 /* get the route node in global table */
1549 rn = bgp_afi_node_get(bgp_def->rib[afi][safi], afi, safi,
1550 (struct prefix *)evp, &bgp_vrf->vrf_prd);
1551 assert(rn);
1552
1553 /* create or update the route entry within the route node */
1554 update_evpn_type5_route_entry(bgp_def, bgp_vrf, afi, safi, rn, &attr,
1555 &route_changed);
1556
1557 /* schedule for processing and unlock node */
1558 if (route_changed) {
1559 bgp_process(bgp_def, rn, afi, safi);
1560 bgp_unlock_node(rn);
1561 }
1562
1563 /* uninten temporary */
1564 if (!src_attr)
1565 aspath_unintern(&attr.aspath);
1566 return 0;
1567 }
1568
1569 /*
1570 * Create or update EVPN route entry. This could be in the VNI route table
1571 * or the global route table.
1572 */
1573 static int update_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
1574 afi_t afi, safi_t safi, struct bgp_node *rn,
1575 struct attr *attr, int add,
1576 struct bgp_path_info **pi, uint8_t flags,
1577 uint32_t seq)
1578 {
1579 struct bgp_path_info *tmp_pi;
1580 struct bgp_path_info *local_pi;
1581 struct attr *attr_new;
1582 mpls_label_t label[BGP_MAX_LABELS];
1583 uint32_t num_labels = 1;
1584 int route_change = 1;
1585 uint8_t sticky = 0;
1586 struct prefix_evpn *evp;
1587
1588 *pi = NULL;
1589 evp = (struct prefix_evpn *)&rn->p;
1590 memset(&label, 0, sizeof(label));
1591
1592 /* See if this is an update of an existing route, or a new add. */
1593 local_pi = NULL;
1594 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1595 tmp_pi = tmp_pi->next) {
1596 if (tmp_pi->peer == bgp->peer_self
1597 && tmp_pi->type == ZEBRA_ROUTE_BGP
1598 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1599 local_pi = tmp_pi;
1600 }
1601
1602 /* If route doesn't exist already, create a new one, if told to.
1603 * Otherwise act based on whether the attributes of the route have
1604 * changed or not.
1605 */
1606 if (!local_pi && !add)
1607 return 0;
1608
1609 /* For non-GW MACs, update MAC mobility seq number, if needed. */
1610 if (seq && !CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW))
1611 add_mac_mobility_to_attr(seq, attr);
1612
1613 if (!local_pi) {
1614 /* Add (or update) attribute to hash. */
1615 attr_new = bgp_attr_intern(attr);
1616
1617 /* Extract MAC mobility sequence number, if any. */
1618 attr_new->mm_seqnum =
1619 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1620 attr_new->sticky = sticky;
1621
1622 /* Create new route with its attribute. */
1623 tmp_pi = info_make(ZEBRA_ROUTE_BGP, BGP_ROUTE_STATIC, 0,
1624 bgp->peer_self, attr_new, rn);
1625 SET_FLAG(tmp_pi->flags, BGP_PATH_VALID);
1626 bgp_path_info_extra_get(tmp_pi);
1627
1628 /* The VNI goes into the 'label' field of the route */
1629 vni2label(vpn->vni, &label[0]);
1630
1631 /* Type-2 routes may carry a second VNI - the L3-VNI.
1632 * Only attach second label if we are advertising two labels for
1633 * type-2 routes.
1634 */
1635 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1636 && CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS)) {
1637 vni_t l3vni;
1638
1639 l3vni = bgpevpn_get_l3vni(vpn);
1640 if (l3vni) {
1641 vni2label(l3vni, &label[1]);
1642 num_labels++;
1643 }
1644 }
1645
1646 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1647 tmp_pi->extra->num_labels = num_labels;
1648 bgp_path_info_add(rn, tmp_pi);
1649 } else {
1650 tmp_pi = local_pi;
1651 if (attrhash_cmp(tmp_pi->attr, attr)
1652 && !CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1653 route_change = 0;
1654 else {
1655 /*
1656 * The attributes have changed, type-2 routes needs to
1657 * be advertised with right labels.
1658 */
1659 vni2label(vpn->vni, &label[0]);
1660 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
1661 && CHECK_FLAG(vpn->flags,
1662 VNI_FLAG_USE_TWO_LABELS)) {
1663 vni_t l3vni;
1664
1665 l3vni = bgpevpn_get_l3vni(vpn);
1666 if (l3vni) {
1667 vni2label(l3vni, &label[1]);
1668 num_labels++;
1669 }
1670 }
1671 memcpy(&tmp_pi->extra->label, label, sizeof(label));
1672 tmp_pi->extra->num_labels = num_labels;
1673
1674 /* The attribute has changed. */
1675 /* Add (or update) attribute to hash. */
1676 attr_new = bgp_attr_intern(attr);
1677 bgp_path_info_set_flag(rn, tmp_pi,
1678 BGP_PATH_ATTR_CHANGED);
1679
1680 /* Extract MAC mobility sequence number, if any. */
1681 attr_new->mm_seqnum =
1682 bgp_attr_mac_mobility_seqnum(attr_new, &sticky);
1683 attr_new->sticky = sticky;
1684
1685 /* Restore route, if needed. */
1686 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_REMOVED))
1687 bgp_path_info_restore(rn, tmp_pi);
1688
1689 /* Unintern existing, set to new. */
1690 bgp_attr_unintern(&tmp_pi->attr);
1691 tmp_pi->attr = attr_new;
1692 tmp_pi->uptime = bgp_clock();
1693 }
1694 }
1695
1696 /* Return back the route entry. */
1697 *pi = tmp_pi;
1698 return route_change;
1699 }
1700
1701 /*
1702 * If the local route was not selected evict it and tell zebra to re-add
1703 * the best remote dest.
1704 *
1705 * Typically a local path added by zebra is expected to be selected as
1706 * best. In which case when a remote path wins as best (later)
1707 * evpn_route_select_install itself evicts the older-local-best path.
1708 *
1709 * However if bgp's add and zebra's add cross paths (race condition) it
1710 * is possible that the local path is no longer the "older" best path.
1711 * It is a path that was never designated as best and hence requires
1712 * additional handling to prevent bgp from injecting and holding on to a
1713 * non-best local path.
1714 */
1715 static void evpn_cleanup_local_non_best_route(struct bgp *bgp,
1716 struct bgpevpn *vpn,
1717 struct bgp_node *rn,
1718 struct bgp_path_info *local_pi)
1719 {
1720 struct bgp_path_info *tmp_pi;
1721 struct bgp_path_info *curr_select = NULL;
1722 uint8_t flags = 0;
1723 char buf[PREFIX_STRLEN];
1724
1725 /* local path was not picked as the winner; kick it out */
1726 if (bgp_debug_zebra(NULL)) {
1727 zlog_debug("evicting local evpn prefix %s as remote won",
1728 prefix2str(&rn->p, buf, sizeof(buf)));
1729 }
1730 evpn_delete_old_local_route(bgp, vpn, rn, local_pi);
1731 bgp_path_info_reap(rn, local_pi);
1732
1733 /* tell zebra to re-add the best remote path */
1734 for (tmp_pi = bgp_node_get_bgp_path_info(rn);
1735 tmp_pi; tmp_pi = tmp_pi->next) {
1736 if (CHECK_FLAG(tmp_pi->flags, BGP_PATH_SELECTED)) {
1737 curr_select = tmp_pi;
1738 break;
1739 }
1740 }
1741 if (curr_select &&
1742 curr_select->type == ZEBRA_ROUTE_BGP
1743 && curr_select->sub_type == BGP_ROUTE_IMPORTED) {
1744 if (curr_select->attr->sticky)
1745 SET_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1746 if (curr_select->attr->default_gw)
1747 SET_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1748 evpn_zebra_install(bgp, vpn, (struct prefix_evpn *)&rn->p,
1749 curr_select->attr->nexthop, flags,
1750 mac_mobility_seqnum(curr_select->attr));
1751 }
1752 }
1753
1754 /*
1755 * Create or update EVPN route (of type based on prefix) for specified VNI
1756 * and schedule for processing.
1757 */
1758 static int update_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
1759 struct prefix_evpn *p, uint8_t flags,
1760 uint32_t seq)
1761 {
1762 struct bgp_node *rn;
1763 struct attr attr;
1764 struct attr *attr_new;
1765 int add_l3_ecomm = 0;
1766 struct bgp_path_info *pi;
1767 afi_t afi = AFI_L2VPN;
1768 safi_t safi = SAFI_EVPN;
1769 int route_change;
1770
1771 memset(&attr, 0, sizeof(struct attr));
1772
1773 /* Build path-attribute for this route. */
1774 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
1775 attr.nexthop = vpn->originator_ip;
1776 attr.mp_nexthop_global_in = vpn->originator_ip;
1777 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
1778 attr.sticky = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY) ? 1 : 0;
1779 attr.default_gw = CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW) ? 1 : 0;
1780 attr.router_flag = CHECK_FLAG(flags,
1781 ZEBRA_MACIP_TYPE_ROUTER_FLAG) ? 1 : 0;
1782
1783 /* PMSI is only needed for type-3 routes */
1784 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE)
1785 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL);
1786
1787 /* router mac is only needed for type-2 routes here. */
1788 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
1789 bgpevpn_get_rmac(vpn, &attr.rmac);
1790 vni2label(vpn->vni, &(attr.label));
1791
1792 /* Include L3 VNI related RTs and RMAC for type-2 routes, if they're
1793 * IPv4 or IPv6 global addresses and we're advertising L3VNI with
1794 * these routes.
1795 */
1796 if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE &&
1797 (is_evpn_prefix_ipaddr_v4(p) ||
1798 !IN6_IS_ADDR_LINKLOCAL(&p->prefix.macip_addr.ip.ipaddr_v6)) &&
1799 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
1800 bgpevpn_get_l3vni(vpn))
1801 add_l3_ecomm = 1;
1802
1803 /* Set up extended community. */
1804 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
1805
1806 /* First, create (or fetch) route node within the VNI. */
1807 /* NOTE: There is no RD here. */
1808 rn = bgp_node_get(vpn->route_table, (struct prefix *)p);
1809
1810 /* Create or update route entry. */
1811 route_change = update_evpn_route_entry(bgp, vpn, afi, safi, rn, &attr,
1812 1, &pi, flags, seq);
1813 assert(pi);
1814 attr_new = pi->attr;
1815
1816 /* lock ri to prevent freeing in evpn_route_select_install */
1817 bgp_path_info_lock(pi);
1818 /* Perform route selection; this is just to set the flags correctly
1819 * as local route in the VNI always wins.
1820 */
1821 evpn_route_select_install(bgp, vpn, rn);
1822 /*
1823 * If the new local route was not selected evict it and tell zebra
1824 * to re-add the best remote dest. BGP doesn't retain non-best local
1825 * routes.
1826 */
1827 if (!CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)) {
1828 route_change = 0;
1829 evpn_cleanup_local_non_best_route(bgp, vpn, rn, pi);
1830 }
1831 bgp_path_info_unlock(pi);
1832
1833 bgp_unlock_node(rn);
1834
1835 /* If this is a new route or some attribute has changed, export the
1836 * route to the global table. The route will be advertised to peers
1837 * from there. Note that this table is a 2-level tree (RD-level +
1838 * Prefix-level) similar to L3VPN routes.
1839 */
1840 if (route_change) {
1841 struct bgp_path_info *global_pi;
1842
1843 rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
1844 (struct prefix *)p, &vpn->prd);
1845 update_evpn_route_entry(bgp, vpn, afi, safi, rn, attr_new, 1,
1846 &global_pi, flags, seq);
1847
1848 /* Schedule for processing and unlock node. */
1849 bgp_process(bgp, rn, afi, safi);
1850 bgp_unlock_node(rn);
1851 }
1852
1853 /* Unintern temporary. */
1854 aspath_unintern(&attr.aspath);
1855
1856 return 0;
1857 }
1858
1859 /*
1860 * Delete EVPN route entry.
1861 * The entry can be in ESI/VNI table or the global table.
1862 */
1863 static void delete_evpn_route_entry(struct bgp *bgp, afi_t afi, safi_t safi,
1864 struct bgp_node *rn,
1865 struct bgp_path_info **pi)
1866 {
1867 struct bgp_path_info *tmp_pi;
1868
1869 *pi = NULL;
1870
1871 /* Now, find matching route. */
1872 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
1873 tmp_pi = tmp_pi->next)
1874 if (tmp_pi->peer == bgp->peer_self
1875 && tmp_pi->type == ZEBRA_ROUTE_BGP
1876 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
1877 break;
1878
1879 *pi = tmp_pi;
1880
1881 /* Mark route for delete. */
1882 if (tmp_pi)
1883 bgp_path_info_delete(rn, tmp_pi);
1884 }
1885
1886
1887
1888 /* Delete EVPN ES (type-4) route */
1889 static int delete_evpn_type4_route(struct bgp *bgp,
1890 struct evpnes *es,
1891 struct prefix_evpn *p)
1892 {
1893 afi_t afi = AFI_L2VPN;
1894 safi_t safi = SAFI_EVPN;
1895 struct bgp_path_info *pi;
1896 struct bgp_node *rn = NULL; /* rn in esi table */
1897 struct bgp_node *global_rn = NULL; /* rn in global table */
1898
1899 /* First, locate the route node within the ESI.
1900 * If it doesn't exist, ther is nothing to do.
1901 * Note: there is no RD here.
1902 */
1903 rn = bgp_node_lookup(es->route_table, (struct prefix *)p);
1904 if (!rn)
1905 return 0;
1906
1907 /* Next, locate route node in the global EVPN routing table.
1908 * Note that this table is a 2-level tree (RD-level + Prefix-level)
1909 */
1910 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
1911 (struct prefix *)p, &es->prd);
1912 if (global_rn) {
1913
1914 /* Delete route entry in the global EVPN table. */
1915 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
1916
1917 /* Schedule for processing - withdraws to peers happen from
1918 * this table.
1919 */
1920 if (pi)
1921 bgp_process(bgp, global_rn, afi, safi);
1922 bgp_unlock_node(global_rn);
1923 }
1924
1925 /*
1926 * Delete route entry in the ESI route table.
1927 * This can just be removed.
1928 */
1929 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
1930 if (pi)
1931 bgp_path_info_reap(rn, pi);
1932 bgp_unlock_node(rn);
1933 return 0;
1934 }
1935
1936 /* Delete EVPN type5 route */
1937 static int delete_evpn_type5_route(struct bgp *bgp_vrf, struct prefix_evpn *evp)
1938 {
1939 afi_t afi = AFI_L2VPN;
1940 safi_t safi = SAFI_EVPN;
1941 struct bgp_node *rn = NULL;
1942 struct bgp_path_info *pi = NULL;
1943 struct bgp *bgp_def = NULL; /* default bgp instance */
1944
1945 bgp_def = bgp_get_default();
1946 if (!bgp_def)
1947 return 0;
1948
1949 /* locate the global route entry for this type-5 prefix */
1950 rn = bgp_afi_node_lookup(bgp_def->rib[afi][safi], afi, safi,
1951 (struct prefix *)evp, &bgp_vrf->vrf_prd);
1952 if (!rn)
1953 return 0;
1954
1955 delete_evpn_route_entry(bgp_def, afi, safi, rn, &pi);
1956 if (pi)
1957 bgp_process(bgp_def, rn, afi, safi);
1958 bgp_unlock_node(rn);
1959 return 0;
1960 }
1961
1962 /*
1963 * Delete EVPN route (of type based on prefix) for specified VNI and
1964 * schedule for processing.
1965 */
1966 static int delete_evpn_route(struct bgp *bgp, struct bgpevpn *vpn,
1967 struct prefix_evpn *p)
1968 {
1969 struct bgp_node *rn, *global_rn;
1970 struct bgp_path_info *pi;
1971 afi_t afi = AFI_L2VPN;
1972 safi_t safi = SAFI_EVPN;
1973
1974 /* First, locate the route node within the VNI. If it doesn't exist,
1975 * there
1976 * is nothing further to do.
1977 */
1978 /* NOTE: There is no RD here. */
1979 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
1980 if (!rn)
1981 return 0;
1982
1983 /* Next, locate route node in the global EVPN routing table. Note that
1984 * this table is a 2-level tree (RD-level + Prefix-level) similar to
1985 * L3VPN routes.
1986 */
1987 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
1988 (struct prefix *)p, &vpn->prd);
1989 if (global_rn) {
1990 /* Delete route entry in the global EVPN table. */
1991 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
1992
1993 /* Schedule for processing - withdraws to peers happen from
1994 * this table.
1995 */
1996 if (pi)
1997 bgp_process(bgp, global_rn, afi, safi);
1998 bgp_unlock_node(global_rn);
1999 }
2000
2001 /* Delete route entry in the VNI route table. This can just be removed.
2002 */
2003 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2004 if (pi) {
2005 bgp_path_info_reap(rn, pi);
2006 evpn_route_select_install(bgp, vpn, rn);
2007 }
2008 bgp_unlock_node(rn);
2009
2010 return 0;
2011 }
2012
2013 /*
2014 * Update all type-2 (MACIP) local routes for this VNI - these should also
2015 * be scheduled for advertise to peers.
2016 */
2017 static int update_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2018 {
2019 afi_t afi;
2020 safi_t safi;
2021 struct bgp_node *rn;
2022 struct bgp_path_info *pi, *tmp_pi;
2023 struct attr attr;
2024 struct attr *attr_new;
2025 uint32_t seq;
2026 int add_l3_ecomm = 0;
2027
2028 afi = AFI_L2VPN;
2029 safi = SAFI_EVPN;
2030
2031 /* Walk this VNI's route table and update local type-2 routes. For any
2032 * routes updated, update corresponding entry in the global table too.
2033 */
2034 for (rn = bgp_table_top(vpn->route_table); rn;
2035 rn = bgp_route_next(rn)) {
2036 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2037 struct bgp_node *rd_rn;
2038 struct bgp_path_info *global_pi;
2039
2040 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2041 continue;
2042
2043 /* Identify local route. */
2044 for (tmp_pi = bgp_node_get_bgp_path_info(rn); tmp_pi;
2045 tmp_pi = tmp_pi->next) {
2046 if (tmp_pi->peer == bgp->peer_self
2047 && tmp_pi->type == ZEBRA_ROUTE_BGP
2048 && tmp_pi->sub_type == BGP_ROUTE_STATIC)
2049 break;
2050 }
2051
2052 if (!tmp_pi)
2053 continue;
2054
2055 /*
2056 * Build attribute per local route as the MAC mobility and
2057 * some other values could differ for different routes. The
2058 * attributes will be shared in the hash table.
2059 */
2060 bgp_attr_default_set(&attr, BGP_ORIGIN_IGP);
2061 attr.nexthop = vpn->originator_ip;
2062 attr.mp_nexthop_global_in = vpn->originator_ip;
2063 attr.mp_nexthop_len = BGP_ATTR_NHLEN_IPV4;
2064 bgpevpn_get_rmac(vpn, &attr.rmac);
2065
2066 if (evpn_route_is_sticky(bgp, rn))
2067 attr.sticky = 1;
2068 else if (evpn_route_is_def_gw(bgp, rn)) {
2069 attr.default_gw = 1;
2070 if (is_evpn_prefix_ipaddr_v6(evp))
2071 attr.router_flag = 1;
2072 }
2073
2074 /* Add L3 VNI RTs and RMAC for non IPv6 link-local if
2075 * using L3 VNI for type-2 routes also.
2076 */
2077 if ((is_evpn_prefix_ipaddr_v4(evp) ||
2078 !IN6_IS_ADDR_LINKLOCAL(
2079 &evp->prefix.macip_addr.ip.ipaddr_v6)) &&
2080 CHECK_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS) &&
2081 bgpevpn_get_l3vni(vpn))
2082 add_l3_ecomm = 1;
2083
2084 /* Set up extended community. */
2085 build_evpn_route_extcomm(vpn, &attr, add_l3_ecomm);
2086
2087 seq = mac_mobility_seqnum(tmp_pi->attr);
2088
2089 /* Update the route entry. */
2090 update_evpn_route_entry(bgp, vpn, afi, safi, rn, &attr, 0, &pi,
2091 0, seq);
2092
2093 /* Perform route selection; this is just to set the flags
2094 * correctly as local route in the VNI always wins.
2095 */
2096 evpn_route_select_install(bgp, vpn, rn);
2097
2098 attr_new = pi->attr;
2099
2100 /* Update route in global routing table. */
2101 rd_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
2102 (struct prefix *)evp, &vpn->prd);
2103 assert(rd_rn);
2104 update_evpn_route_entry(bgp, vpn, afi, safi, rd_rn, attr_new, 0,
2105 &global_pi, 0,
2106 mac_mobility_seqnum(attr_new));
2107
2108 /* Schedule for processing and unlock node. */
2109 bgp_process(bgp, rd_rn, afi, safi);
2110 bgp_unlock_node(rd_rn);
2111
2112 /* Unintern temporary. */
2113 aspath_unintern(&attr.aspath);
2114
2115 }
2116
2117 return 0;
2118 }
2119
2120 /*
2121 * Delete all type-2 (MACIP) local routes for this VNI - only from the
2122 * global routing table. These are also scheduled for withdraw from peers.
2123 */
2124 static int delete_global_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2125 {
2126 afi_t afi;
2127 safi_t safi;
2128 struct bgp_node *rdrn, *rn;
2129 struct bgp_table *table;
2130 struct bgp_path_info *pi;
2131
2132 afi = AFI_L2VPN;
2133 safi = SAFI_EVPN;
2134
2135 rdrn = bgp_node_lookup(bgp->rib[afi][safi], (struct prefix *)&vpn->prd);
2136 if (rdrn && bgp_node_has_bgp_path_info_data(rdrn)) {
2137 table = bgp_node_get_bgp_table_info(rdrn);
2138 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2139 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2140
2141 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2142 continue;
2143
2144 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2145 if (pi)
2146 bgp_process(bgp, rn, afi, safi);
2147 }
2148 }
2149
2150 /* Unlock RD node. */
2151 if (rdrn)
2152 bgp_unlock_node(rdrn);
2153
2154 return 0;
2155 }
2156
2157 /*
2158 * Delete all type-2 (MACIP) local routes for this VNI - from the global
2159 * table as well as the per-VNI route table.
2160 */
2161 static int delete_all_type2_routes(struct bgp *bgp, struct bgpevpn *vpn)
2162 {
2163 afi_t afi;
2164 safi_t safi;
2165 struct bgp_node *rn;
2166 struct bgp_path_info *pi;
2167
2168 afi = AFI_L2VPN;
2169 safi = SAFI_EVPN;
2170
2171 /* First, walk the global route table for this VNI's type-2 local
2172 * routes.
2173 * EVPN routes are a 2-level table, first get the RD table.
2174 */
2175 delete_global_type2_routes(bgp, vpn);
2176
2177 /* Next, walk this VNI's route table and delete local type-2 routes. */
2178 for (rn = bgp_table_top(vpn->route_table); rn;
2179 rn = bgp_route_next(rn)) {
2180 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2181
2182 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
2183 continue;
2184
2185 delete_evpn_route_entry(bgp, afi, safi, rn, &pi);
2186
2187 /* Route entry in local table gets deleted immediately. */
2188 if (pi)
2189 bgp_path_info_reap(rn, pi);
2190 }
2191
2192 return 0;
2193 }
2194
2195 /*
2196 * Delete all routes in per ES route-table
2197 */
2198 static int delete_all_es_routes(struct bgp *bgp, struct evpnes *es)
2199 {
2200 struct bgp_node *rn;
2201 struct bgp_path_info *pi, *nextpi;
2202
2203 /* Walk this ES's route table and delete all routes. */
2204 for (rn = bgp_table_top(es->route_table); rn;
2205 rn = bgp_route_next(rn)) {
2206 for (pi = bgp_node_get_bgp_path_info(rn);
2207 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
2208 bgp_path_info_delete(rn, pi);
2209 bgp_path_info_reap(rn, pi);
2210 }
2211 }
2212
2213 return 0;
2214 }
2215
2216 /*
2217 * Delete all routes in the per-VNI route table.
2218 */
2219 static int delete_all_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
2220 {
2221 struct bgp_node *rn;
2222 struct bgp_path_info *pi, *nextpi;
2223
2224 /* Walk this VNI's route table and delete all routes. */
2225 for (rn = bgp_table_top(vpn->route_table); rn;
2226 rn = bgp_route_next(rn)) {
2227 for (pi = bgp_node_get_bgp_path_info(rn);
2228 (pi != NULL) && (nextpi = pi->next, 1); pi = nextpi) {
2229 bgp_path_info_delete(rn, pi);
2230 bgp_path_info_reap(rn, pi);
2231 }
2232 }
2233
2234 return 0;
2235 }
2236
2237 /*
2238 * Update (and advertise) local routes for a VNI. Invoked upon the VNI
2239 * export RT getting modified or change to tunnel IP. Note that these
2240 * situations need the route in the per-VNI table as well as the global
2241 * table to be updated (as attributes change).
2242 */
2243 static int update_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2244 {
2245 int ret;
2246 struct prefix_evpn p;
2247
2248 /* Update and advertise the type-3 route (only one) followed by the
2249 * locally learnt type-2 routes (MACIP) - for this VNI.
2250 *
2251 * RT-3 only if doing head-end replication
2252 */
2253 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL) {
2254 build_evpn_type3_prefix(&p, vpn->originator_ip);
2255 ret = update_evpn_route(bgp, vpn, &p, 0, 0);
2256 if (ret)
2257 return ret;
2258 }
2259
2260 return update_all_type2_routes(bgp, vpn);
2261 }
2262
2263 /* Delete (and withdraw) local routes for specified ES from global and ES table.
2264 * Also remove all other routes from the per ES table.
2265 * Invoked when ES is deleted.
2266 */
2267 static int delete_routes_for_es(struct bgp *bgp, struct evpnes *es)
2268 {
2269 int ret;
2270 char buf[ESI_STR_LEN];
2271 struct prefix_evpn p;
2272
2273 /* Delete and withdraw locally learnt ES route */
2274 build_evpn_type4_prefix(&p, &es->esi, es->originator_ip.ipaddr_v4);
2275 ret = delete_evpn_type4_route(bgp, es, &p);
2276 if (ret) {
2277 flog_err(EC_BGP_EVPN_ROUTE_DELETE,
2278 "%u failed to delete type-4 route for ESI %s",
2279 bgp->vrf_id, esi_to_str(&es->esi, buf, sizeof(buf)));
2280 }
2281
2282 /* Delete all routes from per ES table */
2283 return delete_all_es_routes(bgp, es);
2284 }
2285
2286 /*
2287 * Delete (and withdraw) local routes for specified VNI from the global
2288 * table and per-VNI table. After this, remove all other routes from
2289 * the per-VNI table. Invoked upon the VNI being deleted or EVPN
2290 * (advertise-all-vni) being disabled.
2291 */
2292 static int delete_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
2293 {
2294 int ret;
2295 struct prefix_evpn p;
2296
2297 /* Delete and withdraw locally learnt type-2 routes (MACIP)
2298 * followed by type-3 routes (only one) - for this VNI.
2299 */
2300 ret = delete_all_type2_routes(bgp, vpn);
2301 if (ret)
2302 return ret;
2303
2304 build_evpn_type3_prefix(&p, vpn->originator_ip);
2305 ret = delete_evpn_route(bgp, vpn, &p);
2306 if (ret)
2307 return ret;
2308
2309 /* Delete all routes from the per-VNI table. */
2310 return delete_all_vni_routes(bgp, vpn);
2311 }
2312
2313 /*
2314 * There is a tunnel endpoint IP address change for this VNI, delete
2315 * prior type-3 route (if needed) and update.
2316 * Note: Route re-advertisement happens elsewhere after other processing
2317 * other changes.
2318 */
2319 static int handle_tunnel_ip_change(struct bgp *bgp, struct bgpevpn *vpn,
2320 struct in_addr originator_ip)
2321 {
2322 struct prefix_evpn p;
2323
2324 /* If VNI is not live, we only need to update the originator ip */
2325 if (!is_vni_live(vpn)) {
2326 vpn->originator_ip = originator_ip;
2327 return 0;
2328 }
2329
2330 /* Update the tunnel-ip hash */
2331 bgp_tip_del(bgp, &vpn->originator_ip);
2332 bgp_tip_add(bgp, &originator_ip);
2333
2334 /* filter routes as martian nexthop db has changed */
2335 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
2336
2337 /* Need to withdraw type-3 route as the originator IP is part
2338 * of the key.
2339 */
2340 build_evpn_type3_prefix(&p, vpn->originator_ip);
2341 delete_evpn_route(bgp, vpn, &p);
2342
2343 /* Update the tunnel IP and re-advertise all routes for this VNI. */
2344 vpn->originator_ip = originator_ip;
2345 return 0;
2346 }
2347
2348 /* Install EVPN route entry in ES */
2349 static int install_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2350 struct prefix_evpn *p,
2351 struct bgp_path_info *parent_pi)
2352 {
2353 int ret = 0;
2354 struct bgp_node *rn = NULL;
2355 struct bgp_path_info *pi = NULL;
2356 struct attr *attr_new = NULL;
2357
2358 /* Create (or fetch) route within the VNI.
2359 * NOTE: There is no RD here.
2360 */
2361 rn = bgp_node_get(es->route_table, (struct prefix *)p);
2362
2363 /* Check if route entry is already present. */
2364 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2365 if (pi->extra
2366 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2367 break;
2368
2369 if (!pi) {
2370 /* Add (or update) attribute to hash. */
2371 attr_new = bgp_attr_intern(parent_pi->attr);
2372
2373 /* Create new route with its attribute. */
2374 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2375 parent_pi->peer, attr_new, rn);
2376 SET_FLAG(pi->flags, BGP_PATH_VALID);
2377 bgp_path_info_extra_get(pi);
2378 pi->extra->parent = parent_pi;
2379 bgp_path_info_add(rn, pi);
2380 } else {
2381 if (attrhash_cmp(pi->attr, parent_pi->attr)
2382 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2383 bgp_unlock_node(rn);
2384 return 0;
2385 }
2386 /* The attribute has changed. */
2387 /* Add (or update) attribute to hash. */
2388 attr_new = bgp_attr_intern(parent_pi->attr);
2389
2390 /* Restore route, if needed. */
2391 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2392 bgp_path_info_restore(rn, pi);
2393
2394 /* Mark if nexthop has changed. */
2395 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2396 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2397
2398 /* Unintern existing, set to new. */
2399 bgp_attr_unintern(&pi->attr);
2400 pi->attr = attr_new;
2401 pi->uptime = bgp_clock();
2402 }
2403
2404 /* Perform route selection and update zebra, if required. */
2405 ret = evpn_es_route_select_install(bgp, es, rn);
2406 return ret;
2407 }
2408
2409 /*
2410 * Install route entry into the VRF routing table and invoke route selection.
2411 */
2412 static int install_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2413 struct prefix_evpn *evp,
2414 struct bgp_path_info *parent_pi)
2415 {
2416 struct bgp_node *rn;
2417 struct bgp_path_info *pi;
2418 struct attr attr;
2419 struct attr *attr_new;
2420 int ret = 0;
2421 struct prefix p;
2422 struct prefix *pp = &p;
2423 afi_t afi = 0;
2424 safi_t safi = 0;
2425 char buf[PREFIX_STRLEN];
2426 char buf1[PREFIX_STRLEN];
2427
2428 memset(pp, 0, sizeof(struct prefix));
2429 ip_prefix_from_evpn_prefix(evp, pp);
2430
2431 if (bgp_debug_zebra(NULL)) {
2432 zlog_debug(
2433 "installing evpn prefix %s as ip prefix %s in vrf %s",
2434 prefix2str(evp, buf, sizeof(buf)),
2435 prefix2str(pp, buf1, sizeof(buf)),
2436 vrf_id_to_name(bgp_vrf->vrf_id));
2437 }
2438
2439 /* Create (or fetch) route within the VRF. */
2440 /* NOTE: There is no RD here. */
2441 if (is_evpn_prefix_ipaddr_v4(evp)) {
2442 afi = AFI_IP;
2443 safi = SAFI_UNICAST;
2444 rn = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2445 } else if (is_evpn_prefix_ipaddr_v6(evp)) {
2446 afi = AFI_IP6;
2447 safi = SAFI_UNICAST;
2448 rn = bgp_node_get(bgp_vrf->rib[afi][safi], pp);
2449 } else
2450 return 0;
2451
2452 /* EVPN routes currently only support a IPv4 next hop which corresponds
2453 * to the remote VTEP. When importing into a VRF, if it is IPv6 host
2454 * or prefix route, we have to convert the next hop to an IPv4-mapped
2455 * address for the rest of the code to flow through. In the case of IPv4,
2456 * make sure to set the flag for next hop attribute.
2457 */
2458 bgp_attr_dup(&attr, parent_pi->attr);
2459 if (afi == AFI_IP6)
2460 evpn_convert_nexthop_to_ipv6(&attr);
2461 else
2462 attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP);
2463
2464 /* Check if route entry is already present. */
2465 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2466 if (pi->extra
2467 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2468 break;
2469
2470 if (!pi) {
2471 /* Add (or update) attribute to hash. */
2472 attr_new = bgp_attr_intern(&attr);
2473
2474 /* Create new route with its attribute. */
2475 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2476 parent_pi->peer, attr_new, rn);
2477 SET_FLAG(pi->flags, BGP_PATH_VALID);
2478 bgp_path_info_extra_get(pi);
2479 pi->extra->parent = bgp_path_info_lock(parent_pi);
2480 bgp_lock_node((struct bgp_node *)parent_pi->net);
2481 if (parent_pi->extra) {
2482 memcpy(&pi->extra->label, &parent_pi->extra->label,
2483 sizeof(pi->extra->label));
2484 pi->extra->num_labels = parent_pi->extra->num_labels;
2485 }
2486 bgp_path_info_add(rn, pi);
2487 } else {
2488 if (attrhash_cmp(pi->attr, &attr)
2489 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2490 bgp_unlock_node(rn);
2491 return 0;
2492 }
2493 /* The attribute has changed. */
2494 /* Add (or update) attribute to hash. */
2495 attr_new = bgp_attr_intern(&attr);
2496
2497 /* Restore route, if needed. */
2498 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2499 bgp_path_info_restore(rn, pi);
2500
2501 /* Mark if nexthop has changed. */
2502 if ((afi == AFI_IP
2503 && !IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2504 || (afi == AFI_IP6
2505 && !IPV6_ADDR_SAME(&pi->attr->mp_nexthop_global,
2506 &attr_new->mp_nexthop_global)))
2507 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2508
2509 bgp_path_info_set_flag(rn, pi, BGP_PATH_ATTR_CHANGED);
2510 /* Unintern existing, set to new. */
2511 bgp_attr_unintern(&pi->attr);
2512 pi->attr = attr_new;
2513 pi->uptime = bgp_clock();
2514 }
2515
2516 bgp_aggregate_increment(bgp_vrf, &rn->p, pi, afi, safi);
2517
2518 /* Perform route selection and update zebra, if required. */
2519 bgp_process(bgp_vrf, rn, afi, safi);
2520
2521 return ret;
2522 }
2523
2524 /*
2525 * Install route entry into the VNI routing table and invoke route selection.
2526 */
2527 static int install_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2528 struct prefix_evpn *p,
2529 struct bgp_path_info *parent_pi)
2530 {
2531 struct bgp_node *rn;
2532 struct bgp_path_info *pi;
2533 struct attr *attr_new;
2534 int ret;
2535
2536 /* Create (or fetch) route within the VNI. */
2537 /* NOTE: There is no RD here. */
2538 rn = bgp_node_get(vpn->route_table, (struct prefix *)p);
2539
2540 /* Check if route entry is already present. */
2541 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2542 if (pi->extra
2543 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2544 break;
2545
2546 if (!pi) {
2547 /* Add (or update) attribute to hash. */
2548 attr_new = bgp_attr_intern(parent_pi->attr);
2549
2550 /* Create new route with its attribute. */
2551 pi = info_make(parent_pi->type, BGP_ROUTE_IMPORTED, 0,
2552 parent_pi->peer, attr_new, rn);
2553 SET_FLAG(pi->flags, BGP_PATH_VALID);
2554 bgp_path_info_extra_get(pi);
2555 pi->extra->parent = bgp_path_info_lock(parent_pi);
2556 bgp_lock_node((struct bgp_node *)parent_pi->net);
2557 if (parent_pi->extra) {
2558 memcpy(&pi->extra->label, &parent_pi->extra->label,
2559 sizeof(pi->extra->label));
2560 pi->extra->num_labels = parent_pi->extra->num_labels;
2561 }
2562 bgp_path_info_add(rn, pi);
2563 } else {
2564 if (attrhash_cmp(pi->attr, parent_pi->attr)
2565 && !CHECK_FLAG(pi->flags, BGP_PATH_REMOVED)) {
2566 bgp_unlock_node(rn);
2567 return 0;
2568 }
2569 /* The attribute has changed. */
2570 /* Add (or update) attribute to hash. */
2571 attr_new = bgp_attr_intern(parent_pi->attr);
2572
2573 /* Restore route, if needed. */
2574 if (CHECK_FLAG(pi->flags, BGP_PATH_REMOVED))
2575 bgp_path_info_restore(rn, pi);
2576
2577 /* Mark if nexthop has changed. */
2578 if (!IPV4_ADDR_SAME(&pi->attr->nexthop, &attr_new->nexthop))
2579 SET_FLAG(pi->flags, BGP_PATH_IGP_CHANGED);
2580
2581 /* Unintern existing, set to new. */
2582 bgp_attr_unintern(&pi->attr);
2583 pi->attr = attr_new;
2584 pi->uptime = bgp_clock();
2585 }
2586
2587 /* Perform route selection and update zebra, if required. */
2588 ret = evpn_route_select_install(bgp, vpn, rn);
2589
2590 return ret;
2591 }
2592
2593 /* Uninstall EVPN route entry from ES route table */
2594 static int uninstall_evpn_route_entry_in_es(struct bgp *bgp, struct evpnes *es,
2595 struct prefix_evpn *p,
2596 struct bgp_path_info *parent_pi)
2597 {
2598 int ret;
2599 struct bgp_node *rn;
2600 struct bgp_path_info *pi;
2601
2602 if (!es->route_table)
2603 return 0;
2604
2605 /* Locate route within the ESI.
2606 * NOTE: There is no RD here.
2607 */
2608 rn = bgp_node_lookup(es->route_table, (struct prefix *)p);
2609 if (!rn)
2610 return 0;
2611
2612 /* Find matching route entry. */
2613 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2614 if (pi->extra
2615 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2616 break;
2617
2618 if (!pi)
2619 return 0;
2620
2621 /* Mark entry for deletion */
2622 bgp_path_info_delete(rn, pi);
2623
2624 /* Perform route selection and update zebra, if required. */
2625 ret = evpn_es_route_select_install(bgp, es, rn);
2626
2627 /* Unlock route node. */
2628 bgp_unlock_node(rn);
2629
2630 return ret;
2631 }
2632
2633 /*
2634 * Uninstall route entry from the VRF routing table and send message
2635 * to zebra, if appropriate.
2636 */
2637 static int uninstall_evpn_route_entry_in_vrf(struct bgp *bgp_vrf,
2638 struct prefix_evpn *evp,
2639 struct bgp_path_info *parent_pi)
2640 {
2641 struct bgp_node *rn;
2642 struct bgp_path_info *pi;
2643 int ret = 0;
2644 struct prefix p;
2645 struct prefix *pp = &p;
2646 afi_t afi = 0;
2647 safi_t safi = 0;
2648 char buf[PREFIX_STRLEN];
2649 char buf1[PREFIX_STRLEN];
2650
2651 memset(pp, 0, sizeof(struct prefix));
2652 ip_prefix_from_evpn_prefix(evp, pp);
2653
2654 if (bgp_debug_zebra(NULL)) {
2655 zlog_debug(
2656 "uninstalling evpn prefix %s as ip prefix %s in vrf %s",
2657 prefix2str(evp, buf, sizeof(buf)),
2658 prefix2str(pp, buf1, sizeof(buf)),
2659 vrf_id_to_name(bgp_vrf->vrf_id));
2660 }
2661
2662 /* Locate route within the VRF. */
2663 /* NOTE: There is no RD here. */
2664 if (is_evpn_prefix_ipaddr_v4(evp)) {
2665 afi = AFI_IP;
2666 safi = SAFI_UNICAST;
2667 rn = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2668 } else {
2669 afi = AFI_IP6;
2670 safi = SAFI_UNICAST;
2671 rn = bgp_node_lookup(bgp_vrf->rib[afi][safi], pp);
2672 }
2673
2674 if (!rn)
2675 return 0;
2676
2677 /* Find matching route entry. */
2678 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2679 if (pi->extra
2680 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2681 break;
2682
2683 if (!pi)
2684 return 0;
2685
2686 bgp_aggregate_decrement(bgp_vrf, &rn->p, pi, afi, safi);
2687
2688 /* Mark entry for deletion */
2689 bgp_path_info_delete(rn, pi);
2690
2691 /* Perform route selection and update zebra, if required. */
2692 bgp_process(bgp_vrf, rn, afi, safi);
2693
2694 /* Unlock route node. */
2695 bgp_unlock_node(rn);
2696
2697 return ret;
2698 }
2699
2700 /*
2701 * Uninstall route entry from the VNI routing table and send message
2702 * to zebra, if appropriate.
2703 */
2704 static int uninstall_evpn_route_entry(struct bgp *bgp, struct bgpevpn *vpn,
2705 struct prefix_evpn *p,
2706 struct bgp_path_info *parent_pi)
2707 {
2708 struct bgp_node *rn;
2709 struct bgp_path_info *pi;
2710 int ret;
2711
2712 /* Locate route within the VNI. */
2713 /* NOTE: There is no RD here. */
2714 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)p);
2715 if (!rn)
2716 return 0;
2717
2718 /* Find matching route entry. */
2719 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
2720 if (pi->extra
2721 && (struct bgp_path_info *)pi->extra->parent == parent_pi)
2722 break;
2723
2724 if (!pi)
2725 return 0;
2726
2727 /* Mark entry for deletion */
2728 bgp_path_info_delete(rn, pi);
2729
2730 /* Perform route selection and update zebra, if required. */
2731 ret = evpn_route_select_install(bgp, vpn, rn);
2732
2733 /* Unlock route node. */
2734 bgp_unlock_node(rn);
2735
2736 return ret;
2737 }
2738
2739 /*
2740 * Given a prefix, see if it belongs to ES.
2741 */
2742 static int is_prefix_matching_for_es(struct prefix_evpn *p,
2743 struct evpnes *es)
2744 {
2745 /* if not an ES route return false */
2746 if (p->prefix.route_type != BGP_EVPN_ES_ROUTE)
2747 return 0;
2748
2749 if (memcmp(&p->prefix.es_addr.esi, &es->esi, sizeof(esi_t)) == 0)
2750 return 1;
2751
2752 return 0;
2753 }
2754
2755 /*
2756 * Given a route entry and a VRF, see if this route entry should be
2757 * imported into the VRF i.e., RTs match.
2758 */
2759 static int is_route_matching_for_vrf(struct bgp *bgp_vrf,
2760 struct bgp_path_info *pi)
2761 {
2762 struct attr *attr = pi->attr;
2763 struct ecommunity *ecom;
2764 int i;
2765
2766 assert(attr);
2767 /* Route should have valid RT to be even considered. */
2768 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2769 return 0;
2770
2771 ecom = attr->ecommunity;
2772 if (!ecom || !ecom->size)
2773 return 0;
2774
2775 /* For each extended community RT, see if it matches this VNI. If any RT
2776 * matches, we're done.
2777 */
2778 for (i = 0; i < ecom->size; i++) {
2779 uint8_t *pnt;
2780 uint8_t type, sub_type;
2781 struct ecommunity_val *eval;
2782 struct ecommunity_val eval_tmp;
2783 struct vrf_irt_node *irt;
2784
2785 /* Only deal with RTs */
2786 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2787 eval = (struct ecommunity_val *)(ecom->val
2788 + (i * ECOMMUNITY_SIZE));
2789 type = *pnt++;
2790 sub_type = *pnt++;
2791 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
2792 continue;
2793
2794 /* See if this RT matches specified VNIs import RTs */
2795 irt = lookup_vrf_import_rt(eval);
2796 if (irt)
2797 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
2798 return 1;
2799
2800 /* Also check for non-exact match. In this, we mask out the AS
2801 * and
2802 * only check on the local-admin sub-field. This is to
2803 * facilitate using
2804 * VNI as the RT for EBGP peering too.
2805 */
2806 irt = NULL;
2807 if (type == ECOMMUNITY_ENCODE_AS
2808 || type == ECOMMUNITY_ENCODE_AS4
2809 || type == ECOMMUNITY_ENCODE_IP) {
2810 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
2811 mask_ecom_global_admin(&eval_tmp, eval);
2812 irt = lookup_vrf_import_rt(&eval_tmp);
2813 }
2814 if (irt)
2815 if (is_vrf_present_in_irt_vrfs(irt->vrfs, bgp_vrf))
2816 return 1;
2817 }
2818
2819 return 0;
2820 }
2821
2822 /*
2823 * Given a route entry and a VNI, see if this route entry should be
2824 * imported into the VNI i.e., RTs match.
2825 */
2826 static int is_route_matching_for_vni(struct bgp *bgp, struct bgpevpn *vpn,
2827 struct bgp_path_info *pi)
2828 {
2829 struct attr *attr = pi->attr;
2830 struct ecommunity *ecom;
2831 int i;
2832
2833 assert(attr);
2834 /* Route should have valid RT to be even considered. */
2835 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
2836 return 0;
2837
2838 ecom = attr->ecommunity;
2839 if (!ecom || !ecom->size)
2840 return 0;
2841
2842 /* For each extended community RT, see if it matches this VNI. If any RT
2843 * matches, we're done.
2844 */
2845 for (i = 0; i < ecom->size; i++) {
2846 uint8_t *pnt;
2847 uint8_t type, sub_type;
2848 struct ecommunity_val *eval;
2849 struct ecommunity_val eval_tmp;
2850 struct irt_node *irt;
2851
2852 /* Only deal with RTs */
2853 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
2854 eval = (struct ecommunity_val *)(ecom->val
2855 + (i * ECOMMUNITY_SIZE));
2856 type = *pnt++;
2857 sub_type = *pnt++;
2858 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
2859 continue;
2860
2861 /* See if this RT matches specified VNIs import RTs */
2862 irt = lookup_import_rt(bgp, eval);
2863 if (irt)
2864 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
2865 return 1;
2866
2867 /* Also check for non-exact match. In this, we mask out the AS
2868 * and
2869 * only check on the local-admin sub-field. This is to
2870 * facilitate using
2871 * VNI as the RT for EBGP peering too.
2872 */
2873 irt = NULL;
2874 if (type == ECOMMUNITY_ENCODE_AS
2875 || type == ECOMMUNITY_ENCODE_AS4
2876 || type == ECOMMUNITY_ENCODE_IP) {
2877 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
2878 mask_ecom_global_admin(&eval_tmp, eval);
2879 irt = lookup_import_rt(bgp, &eval_tmp);
2880 }
2881 if (irt)
2882 if (is_vni_present_in_irt_vnis(irt->vnis, vpn))
2883 return 1;
2884 }
2885
2886 return 0;
2887 }
2888
2889 static int install_uninstall_routes_for_es(struct bgp *bgp,
2890 struct evpnes *es,
2891 int install)
2892 {
2893 int ret;
2894 afi_t afi;
2895 safi_t safi;
2896 char buf[PREFIX_STRLEN];
2897 char buf1[ESI_STR_LEN];
2898 struct bgp_node *rd_rn, *rn;
2899 struct bgp_table *table;
2900 struct bgp_path_info *pi;
2901
2902 afi = AFI_L2VPN;
2903 safi = SAFI_EVPN;
2904
2905 /*
2906 * Walk entire global routing table and evaluate routes which could be
2907 * imported into this VRF. Note that we need to loop through all global
2908 * routes to determine which route matches the import rt on vrf
2909 */
2910 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
2911 rd_rn = bgp_route_next(rd_rn)) {
2912 table = bgp_node_get_bgp_table_info(rd_rn);
2913 if (!table)
2914 continue;
2915
2916 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2917 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2918
2919 for (pi = bgp_node_get_bgp_path_info(rn); pi;
2920 pi = pi->next) {
2921 /*
2922 * Consider "valid" remote routes applicable for
2923 * this ES.
2924 */
2925 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
2926 && pi->type == ZEBRA_ROUTE_BGP
2927 && pi->sub_type == BGP_ROUTE_NORMAL))
2928 continue;
2929
2930 if (!is_prefix_matching_for_es(evp, es))
2931 continue;
2932
2933 if (install)
2934 ret = install_evpn_route_entry_in_es(
2935 bgp, es, evp, pi);
2936 else
2937 ret = uninstall_evpn_route_entry_in_es(
2938 bgp, es, evp, pi);
2939
2940 if (ret) {
2941 flog_err(
2942 EC_BGP_EVPN_FAIL,
2943 "Failed to %s EVPN %s route in ESI %s",
2944 install ? "install"
2945 : "uninstall",
2946 prefix2str(evp, buf,
2947 sizeof(buf)),
2948 esi_to_str(&es->esi, buf1,
2949 sizeof(buf1)));
2950 return ret;
2951 }
2952 }
2953 }
2954 }
2955 return 0;
2956 }
2957
2958 /*
2959 * Install or uninstall mac-ip routes are appropriate for this
2960 * particular VRF.
2961 */
2962 static int install_uninstall_routes_for_vrf(struct bgp *bgp_vrf, int install)
2963 {
2964 afi_t afi;
2965 safi_t safi;
2966 struct bgp_node *rd_rn, *rn;
2967 struct bgp_table *table;
2968 struct bgp_path_info *pi;
2969 int ret;
2970 char buf[PREFIX_STRLEN];
2971 struct bgp *bgp_def = NULL;
2972
2973 afi = AFI_L2VPN;
2974 safi = SAFI_EVPN;
2975 bgp_def = bgp_get_default();
2976 if (!bgp_def)
2977 return -1;
2978
2979 /* Walk entire global routing table and evaluate routes which could be
2980 * imported into this VRF. Note that we need to loop through all global
2981 * routes to determine which route matches the import rt on vrf
2982 */
2983 for (rd_rn = bgp_table_top(bgp_def->rib[afi][safi]); rd_rn;
2984 rd_rn = bgp_route_next(rd_rn)) {
2985 table = bgp_node_get_bgp_table_info(rd_rn);
2986 if (!table)
2987 continue;
2988
2989 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
2990 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
2991
2992 /* if not mac-ip route skip this route */
2993 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
2994 || evp->prefix.route_type
2995 == BGP_EVPN_IP_PREFIX_ROUTE))
2996 continue;
2997
2998 /* if not a mac+ip route skip this route */
2999 if (!(is_evpn_prefix_ipaddr_v4(evp)
3000 || is_evpn_prefix_ipaddr_v6(evp)))
3001 continue;
3002
3003 for (pi = bgp_node_get_bgp_path_info(rn); pi;
3004 pi = pi->next) {
3005 /* Consider "valid" remote routes applicable for
3006 * this VRF.
3007 */
3008 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3009 && pi->type == ZEBRA_ROUTE_BGP
3010 && pi->sub_type == BGP_ROUTE_NORMAL))
3011 continue;
3012
3013 if (is_route_matching_for_vrf(bgp_vrf, pi)) {
3014 if (install)
3015 ret = install_evpn_route_entry_in_vrf(
3016 bgp_vrf, evp, pi);
3017 else
3018 ret = uninstall_evpn_route_entry_in_vrf(
3019 bgp_vrf, evp, pi);
3020
3021 if (ret) {
3022 flog_err(
3023 EC_BGP_EVPN_FAIL,
3024 "Failed to %s EVPN %s route in VRF %s",
3025 install ? "install"
3026 : "uninstall",
3027 prefix2str(evp, buf,
3028 sizeof(buf)),
3029 vrf_id_to_name(
3030 bgp_vrf->vrf_id));
3031 return ret;
3032 }
3033 }
3034 }
3035 }
3036 }
3037
3038 return 0;
3039 }
3040
3041 /*
3042 * Install or uninstall routes of specified type that are appropriate for this
3043 * particular VNI.
3044 */
3045 static int install_uninstall_routes_for_vni(struct bgp *bgp,
3046 struct bgpevpn *vpn,
3047 bgp_evpn_route_type rtype,
3048 int install)
3049 {
3050 afi_t afi;
3051 safi_t safi;
3052 struct bgp_node *rd_rn, *rn;
3053 struct bgp_table *table;
3054 struct bgp_path_info *pi;
3055 int ret;
3056
3057 afi = AFI_L2VPN;
3058 safi = SAFI_EVPN;
3059
3060 /* Walk entire global routing table and evaluate routes which could be
3061 * imported into this VPN. Note that we cannot just look at the routes
3062 * for
3063 * the VNI's RD - remote routes applicable for this VNI could have any
3064 * RD.
3065 */
3066 /* EVPN routes are a 2-level table. */
3067 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
3068 rd_rn = bgp_route_next(rd_rn)) {
3069 table = bgp_node_get_bgp_table_info(rd_rn);
3070 if (!table)
3071 continue;
3072
3073 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
3074 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3075
3076 if (evp->prefix.route_type != rtype)
3077 continue;
3078
3079 for (pi = bgp_node_get_bgp_path_info(rn); pi;
3080 pi = pi->next) {
3081 /* Consider "valid" remote routes applicable for
3082 * this VNI. */
3083 if (!(CHECK_FLAG(pi->flags, BGP_PATH_VALID)
3084 && pi->type == ZEBRA_ROUTE_BGP
3085 && pi->sub_type == BGP_ROUTE_NORMAL))
3086 continue;
3087
3088 if (is_route_matching_for_vni(bgp, vpn, pi)) {
3089 if (install)
3090 ret = install_evpn_route_entry(
3091 bgp, vpn, evp, pi);
3092 else
3093 ret = uninstall_evpn_route_entry(
3094 bgp, vpn, evp, pi);
3095
3096 if (ret) {
3097 flog_err(
3098 EC_BGP_EVPN_FAIL,
3099 "%u: Failed to %s EVPN %s route in VNI %u",
3100 bgp->vrf_id,
3101 install ? "install"
3102 : "uninstall",
3103 rtype == BGP_EVPN_MAC_IP_ROUTE
3104 ? "MACIP"
3105 : "IMET",
3106 vpn->vni);
3107 return ret;
3108 }
3109 }
3110 }
3111 }
3112 }
3113
3114 return 0;
3115 }
3116
3117 /* Install any existing remote ES routes applicable for this ES into its routing
3118 * table. This is invoked when ES comes up.
3119 */
3120 static int install_routes_for_es(struct bgp *bgp, struct evpnes *es)
3121 {
3122 return install_uninstall_routes_for_es(bgp, es, 1);
3123 }
3124
3125
3126 /* Install any existing remote routes applicable for this VRF into VRF RIB. This
3127 * is invoked upon l3vni-add or l3vni import rt change
3128 */
3129 static int install_routes_for_vrf(struct bgp *bgp_vrf)
3130 {
3131 install_uninstall_routes_for_vrf(bgp_vrf, 1);
3132 return 0;
3133 }
3134
3135 /*
3136 * Install any existing remote routes applicable for this VNI into its
3137 * routing table. This is invoked when a VNI becomes "live" or its Import
3138 * RT is changed.
3139 */
3140 static int install_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3141 {
3142 int ret;
3143
3144 /* Install type-3 routes followed by type-2 routes - the ones applicable
3145 * for this VNI.
3146 */
3147 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3148 1);
3149 if (ret)
3150 return ret;
3151
3152 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3153 1);
3154 }
3155
3156 /* uninstall routes from l3vni vrf. */
3157 static int uninstall_routes_for_vrf(struct bgp *bgp_vrf)
3158 {
3159 install_uninstall_routes_for_vrf(bgp_vrf, 0);
3160 return 0;
3161 }
3162
3163 /*
3164 * Uninstall any existing remote routes for this VNI. One scenario in which
3165 * this is invoked is upon an import RT change.
3166 */
3167 static int uninstall_routes_for_vni(struct bgp *bgp, struct bgpevpn *vpn)
3168 {
3169 int ret;
3170
3171 /* Uninstall type-2 routes followed by type-3 routes - the ones
3172 * applicable
3173 * for this VNI.
3174 */
3175 ret = install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_MAC_IP_ROUTE,
3176 0);
3177 if (ret)
3178 return ret;
3179
3180 return install_uninstall_routes_for_vni(bgp, vpn, BGP_EVPN_IMET_ROUTE,
3181 0);
3182 }
3183
3184 /* Install or unistall route in ES */
3185 static int install_uninstall_route_in_es(struct bgp *bgp, struct evpnes *es,
3186 afi_t afi, safi_t safi,
3187 struct prefix_evpn *evp,
3188 struct bgp_path_info *pi, int install)
3189 {
3190 int ret = 0;
3191 char buf[ESI_STR_LEN];
3192
3193 if (install)
3194 ret = install_evpn_route_entry_in_es(bgp, es, evp, pi);
3195 else
3196 ret = uninstall_evpn_route_entry_in_es(bgp, es, evp, pi);
3197
3198 if (ret) {
3199 flog_err(
3200 EC_BGP_EVPN_FAIL,
3201 "%u: Failed to %s EVPN %s route in ESI %s", bgp->vrf_id,
3202 install ? "install" : "uninstall", "ES",
3203 esi_to_str(&evp->prefix.es_addr.esi, buf, sizeof(buf)));
3204 return ret;
3205 }
3206 return 0;
3207 }
3208
3209 /*
3210 * Install or uninstall route in matching VRFs (list).
3211 */
3212 static int install_uninstall_route_in_vrfs(struct bgp *bgp_def, afi_t afi,
3213 safi_t safi, struct prefix_evpn *evp,
3214 struct bgp_path_info *pi,
3215 struct list *vrfs, int install)
3216 {
3217 char buf[PREFIX2STR_BUFFER];
3218 struct bgp *bgp_vrf;
3219 struct listnode *node, *nnode;
3220
3221 /* Only type-2/type-5 routes go into a VRF */
3222 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3223 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3224 return 0;
3225
3226 /* if it is type-2 route and not a mac+ip route skip this route */
3227 if ((evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE)
3228 && !(is_evpn_prefix_ipaddr_v4(evp)
3229 || is_evpn_prefix_ipaddr_v6(evp)))
3230 return 0;
3231
3232 for (ALL_LIST_ELEMENTS(vrfs, node, nnode, bgp_vrf)) {
3233 int ret;
3234
3235 if (install)
3236 ret = install_evpn_route_entry_in_vrf(bgp_vrf, evp, pi);
3237 else
3238 ret = uninstall_evpn_route_entry_in_vrf(bgp_vrf, evp,
3239 pi);
3240
3241 if (ret) {
3242 flog_err(EC_BGP_EVPN_FAIL,
3243 "%u: Failed to %s prefix %s in VRF %s",
3244 bgp_def->vrf_id,
3245 install ? "install" : "uninstall",
3246 prefix2str(evp, buf, sizeof(buf)),
3247 vrf_id_to_name(bgp_vrf->vrf_id));
3248 return ret;
3249 }
3250 }
3251
3252 return 0;
3253 }
3254
3255 /*
3256 * Install or uninstall route in matching VNIs (list).
3257 */
3258 static int install_uninstall_route_in_vnis(struct bgp *bgp, afi_t afi,
3259 safi_t safi, struct prefix_evpn *evp,
3260 struct bgp_path_info *pi,
3261 struct list *vnis, int install)
3262 {
3263 struct bgpevpn *vpn;
3264 struct listnode *node, *nnode;
3265
3266 for (ALL_LIST_ELEMENTS(vnis, node, nnode, vpn)) {
3267 int ret;
3268
3269 if (!is_vni_live(vpn))
3270 continue;
3271
3272 if (install)
3273 ret = install_evpn_route_entry(bgp, vpn, evp, pi);
3274 else
3275 ret = uninstall_evpn_route_entry(bgp, vpn, evp, pi);
3276
3277 if (ret) {
3278 flog_err(EC_BGP_EVPN_FAIL,
3279 "%u: Failed to %s EVPN %s route in VNI %u",
3280 bgp->vrf_id, install ? "install" : "uninstall",
3281 evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3282 ? "MACIP"
3283 : "IMET",
3284 vpn->vni);
3285 return ret;
3286 }
3287 }
3288
3289 return 0;
3290 }
3291
3292 /*
3293 * Install or uninstall route for appropriate VNIs/ESIs.
3294 */
3295 static int install_uninstall_evpn_route(struct bgp *bgp, afi_t afi, safi_t safi,
3296 struct prefix *p,
3297 struct bgp_path_info *pi, int import)
3298 {
3299 struct prefix_evpn *evp = (struct prefix_evpn *)p;
3300 struct attr *attr = pi->attr;
3301 struct ecommunity *ecom;
3302 int i;
3303
3304 assert(attr);
3305
3306 /* Only type-2, type-3, type-4 and type-5 are supported currently */
3307 if (!(evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE
3308 || evp->prefix.route_type == BGP_EVPN_IMET_ROUTE
3309 || evp->prefix.route_type == BGP_EVPN_ES_ROUTE
3310 || evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE))
3311 return 0;
3312
3313 /* If we don't have Route Target, nothing much to do. */
3314 if (!(attr->flag & ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES)))
3315 return 0;
3316
3317 ecom = attr->ecommunity;
3318 if (!ecom || !ecom->size)
3319 return -1;
3320
3321 /* An EVPN route belongs to a VNI or a VRF or an ESI based on the RTs
3322 * attached to the route */
3323 for (i = 0; i < ecom->size; i++) {
3324 uint8_t *pnt;
3325 uint8_t type, sub_type;
3326 struct ecommunity_val *eval;
3327 struct ecommunity_val eval_tmp;
3328 struct irt_node *irt; /* import rt for l2vni */
3329 struct vrf_irt_node *vrf_irt; /* import rt for l3vni */
3330 struct evpnes *es;
3331
3332 /* Only deal with RTs */
3333 pnt = (ecom->val + (i * ECOMMUNITY_SIZE));
3334 eval = (struct ecommunity_val *)(ecom->val
3335 + (i * ECOMMUNITY_SIZE));
3336 type = *pnt++;
3337 sub_type = *pnt++;
3338 if (sub_type != ECOMMUNITY_ROUTE_TARGET)
3339 continue;
3340
3341 /*
3342 * macip routes (type-2) are imported into VNI and VRF tables.
3343 * IMET route is imported into VNI table.
3344 * prefix routes are imported into VRF table.
3345 */
3346 if (evp->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE ||
3347 evp->prefix.route_type == BGP_EVPN_IMET_ROUTE ||
3348 evp->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
3349
3350 irt = lookup_import_rt(bgp, eval);
3351 if (irt)
3352 install_uninstall_route_in_vnis(
3353 bgp, afi, safi, evp, pi, irt->vnis,
3354 import);
3355
3356 vrf_irt = lookup_vrf_import_rt(eval);
3357 if (vrf_irt)
3358 install_uninstall_route_in_vrfs(
3359 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3360 import);
3361
3362 /* Also check for non-exact match.
3363 * In this, we mask out the AS and
3364 * only check on the local-admin sub-field.
3365 * This is to facilitate using
3366 * VNI as the RT for EBGP peering too.
3367 */
3368 irt = NULL;
3369 vrf_irt = NULL;
3370 if (type == ECOMMUNITY_ENCODE_AS
3371 || type == ECOMMUNITY_ENCODE_AS4
3372 || type == ECOMMUNITY_ENCODE_IP) {
3373 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
3374 mask_ecom_global_admin(&eval_tmp, eval);
3375 irt = lookup_import_rt(bgp, &eval_tmp);
3376 vrf_irt = lookup_vrf_import_rt(&eval_tmp);
3377 }
3378
3379 if (irt)
3380 install_uninstall_route_in_vnis(
3381 bgp, afi, safi, evp, pi, irt->vnis,
3382 import);
3383 if (vrf_irt)
3384 install_uninstall_route_in_vrfs(
3385 bgp, afi, safi, evp, pi, vrf_irt->vrfs,
3386 import);
3387 }
3388
3389 /* es route is imported into the es table */
3390 if (evp->prefix.route_type == BGP_EVPN_ES_ROUTE) {
3391
3392 /* we will match based on the entire esi to avoid
3393 * imoort of an es route for esi2 into esi1
3394 */
3395 es = bgp_evpn_lookup_es(bgp, &evp->prefix.es_addr.esi);
3396 if (es && is_es_local(es))
3397 install_uninstall_route_in_es(
3398 bgp, es, afi, safi, evp, pi, import);
3399 }
3400 }
3401
3402 return 0;
3403 }
3404
3405 /*
3406 * delete and withdraw all ipv4 and ipv6 routes in the vrf table as type-5
3407 * routes
3408 */
3409 static void delete_withdraw_vrf_routes(struct bgp *bgp_vrf)
3410 {
3411 /* Delete ipv4 default route and withdraw from peers */
3412 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3413 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3414 SAFI_UNICAST, false);
3415
3416 /* delete all ipv4 routes and withdraw from peers */
3417 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3418 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3419
3420 /* Delete ipv6 default route and withdraw from peers */
3421 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3422 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3423 SAFI_UNICAST, false);
3424
3425 /* delete all ipv6 routes and withdraw from peers */
3426 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3427 bgp_evpn_withdraw_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3428 }
3429
3430 /*
3431 * update and advertise all ipv4 and ipv6 routes in thr vrf table as type-5
3432 * routes
3433 */
3434 static void update_advertise_vrf_routes(struct bgp *bgp_vrf)
3435 {
3436 /* update all ipv4 routes */
3437 if (advertise_type5_routes(bgp_vrf, AFI_IP))
3438 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP, SAFI_UNICAST);
3439
3440 /* update ipv4 default route and withdraw from peers */
3441 if (evpn_default_originate_set(bgp_vrf, AFI_IP, SAFI_UNICAST))
3442 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP,
3443 SAFI_UNICAST, true);
3444
3445 /* update all ipv6 routes */
3446 if (advertise_type5_routes(bgp_vrf, AFI_IP6))
3447 bgp_evpn_advertise_type5_routes(bgp_vrf, AFI_IP6, SAFI_UNICAST);
3448
3449 /* update ipv6 default route and withdraw from peers */
3450 if (evpn_default_originate_set(bgp_vrf, AFI_IP6, SAFI_UNICAST))
3451 bgp_evpn_install_uninstall_default_route(bgp_vrf, AFI_IP6,
3452 SAFI_UNICAST, true);
3453
3454 }
3455
3456 /*
3457 * update and advertise local routes for a VRF as type-5 routes.
3458 * This is invoked upon RD change for a VRF. Note taht the processing is only
3459 * done in the global route table using the routes which already exist in the
3460 * VRF routing table
3461 */
3462 static void update_router_id_vrf(struct bgp *bgp_vrf)
3463 {
3464 /* skip if the RD is configured */
3465 if (is_vrf_rd_configured(bgp_vrf))
3466 return;
3467
3468 /* derive the RD for the VRF based on new router-id */
3469 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
3470
3471 /* update advertise ipv4|ipv6 routes as type-5 routes */
3472 update_advertise_vrf_routes(bgp_vrf);
3473 }
3474
3475 /*
3476 * Delete and withdraw all type-5 routes for the RD corresponding to VRF.
3477 * This is invoked upon VRF RD change. The processing is done only from global
3478 * table.
3479 */
3480 static void withdraw_router_id_vrf(struct bgp *bgp_vrf)
3481 {
3482 /* skip if the RD is configured */
3483 if (is_vrf_rd_configured(bgp_vrf))
3484 return;
3485
3486 /* delete/withdraw ipv4|ipv6 routes as type-5 routes */
3487 delete_withdraw_vrf_routes(bgp_vrf);
3488 }
3489
3490 /*
3491 * Update and advertise local routes for a VNI. Invoked upon router-id
3492 * change. Note that the processing is done only on the global route table
3493 * using routes that already exist in the per-VNI table.
3494 */
3495 static int update_advertise_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3496 {
3497 struct prefix_evpn p;
3498 struct bgp_node *rn, *global_rn;
3499 struct bgp_path_info *pi, *global_pi;
3500 struct attr *attr;
3501 afi_t afi = AFI_L2VPN;
3502 safi_t safi = SAFI_EVPN;
3503
3504 /* Locate type-3 route for VNI in the per-VNI table and use its
3505 * attributes to create and advertise the type-3 route for this VNI
3506 * in the global table.
3507 *
3508 * RT-3 only if doing head-end replication
3509 */
3510 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL) {
3511 build_evpn_type3_prefix(&p, vpn->originator_ip);
3512 rn = bgp_node_lookup(vpn->route_table, (struct prefix *)&p);
3513 if (!rn) /* unexpected */
3514 return 0;
3515 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
3516 if (pi->peer == bgp->peer_self &&
3517 pi->type == ZEBRA_ROUTE_BGP
3518 && pi->sub_type == BGP_ROUTE_STATIC)
3519 break;
3520 if (!pi) /* unexpected */
3521 return 0;
3522 attr = pi->attr;
3523
3524 global_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3525 (struct prefix *)&p, &vpn->prd);
3526 update_evpn_route_entry(bgp, vpn, afi, safi, global_rn, attr,
3527 1, &pi, 0, mac_mobility_seqnum(attr));
3528
3529 /* Schedule for processing and unlock node. */
3530 bgp_process(bgp, global_rn, afi, safi);
3531 bgp_unlock_node(global_rn);
3532 }
3533
3534 /* Now, walk this VNI's route table and use the route and its attribute
3535 * to create and schedule route in global table.
3536 */
3537 for (rn = bgp_table_top(vpn->route_table); rn;
3538 rn = bgp_route_next(rn)) {
3539 struct prefix_evpn *evp = (struct prefix_evpn *)&rn->p;
3540
3541 /* Identify MAC-IP local routes. */
3542 if (evp->prefix.route_type != BGP_EVPN_MAC_IP_ROUTE)
3543 continue;
3544
3545 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next)
3546 if (pi->peer == bgp->peer_self
3547 && pi->type == ZEBRA_ROUTE_BGP
3548 && pi->sub_type == BGP_ROUTE_STATIC)
3549 break;
3550 if (!pi)
3551 continue;
3552
3553 /* Create route in global routing table using this route entry's
3554 * attribute.
3555 */
3556 attr = pi->attr;
3557 global_rn = bgp_afi_node_get(bgp->rib[afi][safi], afi, safi,
3558 (struct prefix *)evp, &vpn->prd);
3559 assert(global_rn);
3560 update_evpn_route_entry(bgp, vpn, afi, safi, global_rn, attr, 1,
3561 &global_pi, 0,
3562 mac_mobility_seqnum(attr));
3563
3564 /* Schedule for processing and unlock node. */
3565 bgp_process(bgp, global_rn, afi, safi);
3566 bgp_unlock_node(global_rn);
3567 }
3568
3569 return 0;
3570 }
3571
3572 /*
3573 * Delete (and withdraw) local routes for a VNI - only from the global
3574 * table. Invoked upon router-id change.
3575 */
3576 static int delete_withdraw_vni_routes(struct bgp *bgp, struct bgpevpn *vpn)
3577 {
3578 int ret;
3579 struct prefix_evpn p;
3580 struct bgp_node *global_rn;
3581 struct bgp_path_info *pi;
3582 afi_t afi = AFI_L2VPN;
3583 safi_t safi = SAFI_EVPN;
3584
3585 /* Delete and withdraw locally learnt type-2 routes (MACIP)
3586 * for this VNI - from the global table.
3587 */
3588 ret = delete_global_type2_routes(bgp, vpn);
3589 if (ret)
3590 return ret;
3591
3592 /* Remove type-3 route for this VNI from global table. */
3593 build_evpn_type3_prefix(&p, vpn->originator_ip);
3594 global_rn = bgp_afi_node_lookup(bgp->rib[afi][safi], afi, safi,
3595 (struct prefix *)&p, &vpn->prd);
3596 if (global_rn) {
3597 /* Delete route entry in the global EVPN table. */
3598 delete_evpn_route_entry(bgp, afi, safi, global_rn, &pi);
3599
3600 /* Schedule for processing - withdraws to peers happen from
3601 * this table.
3602 */
3603 if (pi)
3604 bgp_process(bgp, global_rn, afi, safi);
3605 bgp_unlock_node(global_rn);
3606 }
3607
3608 return 0;
3609 }
3610
3611 /*
3612 * Handle router-id change. Update and advertise local routes corresponding
3613 * to this VNI from peers. Note that this is invoked after updating the
3614 * router-id. The routes in the per-VNI table are used to create routes in
3615 * the global table and schedule them.
3616 */
3617 static void update_router_id_vni(struct hash_backet *backet, struct bgp *bgp)
3618 {
3619 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
3620
3621 /* Skip VNIs with configured RD. */
3622 if (is_rd_configured(vpn))
3623 return;
3624
3625 bgp_evpn_derive_auto_rd(bgp, vpn);
3626 update_advertise_vni_routes(bgp, vpn);
3627 }
3628
3629 /*
3630 * Handle router-id change. Delete and withdraw local routes corresponding
3631 * to this VNI from peers. Note that this is invoked prior to updating
3632 * the router-id and is done only on the global route table, the routes
3633 * are needed in the per-VNI table to re-advertise with new router id.
3634 */
3635 static void withdraw_router_id_vni(struct hash_backet *backet, struct bgp *bgp)
3636 {
3637 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
3638
3639 /* Skip VNIs with configured RD. */
3640 if (is_rd_configured(vpn))
3641 return;
3642
3643 delete_withdraw_vni_routes(bgp, vpn);
3644 }
3645
3646 /*
3647 * Create RT-3 for a VNI and schedule for processing and advertisement.
3648 * This is invoked upon flooding mode changing to head-end replication.
3649 */
3650 static void create_advertise_type3(struct hash_backet *backet, void *data)
3651 {
3652 struct bgpevpn *vpn = backet->data;
3653 struct bgp *bgp = data;
3654 struct prefix_evpn p;
3655
3656 if (!vpn || !is_vni_live(vpn))
3657 return;
3658
3659 build_evpn_type3_prefix(&p, vpn->originator_ip);
3660 if (update_evpn_route(bgp, vpn, &p, 0, 0))
3661 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
3662 "Type3 route creation failure for VNI %u", vpn->vni);
3663 }
3664
3665 /*
3666 * Delete RT-3 for a VNI and schedule for processing and withdrawal.
3667 * This is invoked upon flooding mode changing to drop BUM packets.
3668 */
3669 static void delete_withdraw_type3(struct hash_backet *backet, void *data)
3670 {
3671 struct bgpevpn *vpn = backet->data;
3672 struct bgp *bgp = data;
3673 struct prefix_evpn p;
3674
3675 if (!vpn || !is_vni_live(vpn))
3676 return;
3677
3678 build_evpn_type3_prefix(&p, vpn->originator_ip);
3679 delete_evpn_route(bgp, vpn, &p);
3680 }
3681
3682 /*
3683 * Process received EVPN type-2 route (advertise or withdraw).
3684 */
3685 static int process_type2_route(struct peer *peer, afi_t afi, safi_t safi,
3686 struct attr *attr, uint8_t *pfx, int psize,
3687 uint32_t addpath_id)
3688 {
3689 struct prefix_rd prd;
3690 struct prefix_evpn p;
3691 struct bgp_route_evpn evpn;
3692 uint8_t ipaddr_len;
3693 uint8_t macaddr_len;
3694 mpls_label_t label[BGP_MAX_LABELS]; /* holds the VNI(s) as in packet */
3695 uint32_t num_labels = 0;
3696 uint32_t eth_tag;
3697 int ret;
3698
3699 /* Type-2 route should be either 33, 37 or 49 bytes or an
3700 * additional 3 bytes if there is a second label (VNI):
3701 * RD (8), ESI (10), Eth Tag (4), MAC Addr Len (1),
3702 * MAC Addr (6), IP len (1), IP (0, 4 or 16),
3703 * MPLS Lbl1 (3), MPLS Lbl2 (0 or 3)
3704 */
3705 if (psize != 33 && psize != 37 && psize != 49 && psize != 36
3706 && psize != 40 && psize != 52) {
3707 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3708 "%u:%s - Rx EVPN Type-2 NLRI with invalid length %d",
3709 peer->bgp->vrf_id, peer->host, psize);
3710 return -1;
3711 }
3712
3713 memset(&evpn, 0, sizeof(evpn));
3714
3715 /* Make prefix_rd */
3716 prd.family = AF_UNSPEC;
3717 prd.prefixlen = 64;
3718 memcpy(&prd.val, pfx, 8);
3719 pfx += 8;
3720
3721 /* Make EVPN prefix. */
3722 memset(&p, 0, sizeof(struct prefix_evpn));
3723 p.family = AF_EVPN;
3724 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3725 p.prefix.route_type = BGP_EVPN_MAC_IP_ROUTE;
3726
3727 /* Copy Ethernet Seg Identifier */
3728 memcpy(&evpn.eth_s_id.val, pfx, ESI_LEN);
3729 pfx += ESI_LEN;
3730
3731 /* Copy Ethernet Tag */
3732 memcpy(&eth_tag, pfx, 4);
3733 p.prefix.macip_addr.eth_tag = ntohl(eth_tag);
3734 pfx += 4;
3735
3736 /* Get the MAC Addr len */
3737 macaddr_len = *pfx++;
3738
3739 /* Get the MAC Addr */
3740 if (macaddr_len == (ETH_ALEN * 8)) {
3741 memcpy(&p.prefix.macip_addr.mac.octet, pfx, ETH_ALEN);
3742 pfx += ETH_ALEN;
3743 } else {
3744 flog_err(
3745 EC_BGP_EVPN_ROUTE_INVALID,
3746 "%u:%s - Rx EVPN Type-2 NLRI with unsupported MAC address length %d",
3747 peer->bgp->vrf_id, peer->host, macaddr_len);
3748 return -1;
3749 }
3750
3751
3752 /* Get the IP. */
3753 ipaddr_len = *pfx++;
3754 if (ipaddr_len != 0 && ipaddr_len != IPV4_MAX_BITLEN
3755 && ipaddr_len != IPV6_MAX_BITLEN) {
3756 flog_err(
3757 EC_BGP_EVPN_ROUTE_INVALID,
3758 "%u:%s - Rx EVPN Type-2 NLRI with unsupported IP address length %d",
3759 peer->bgp->vrf_id, peer->host, ipaddr_len);
3760 return -1;
3761 }
3762
3763 if (ipaddr_len) {
3764 ipaddr_len /= 8; /* Convert to bytes. */
3765 p.prefix.macip_addr.ip.ipa_type = (ipaddr_len == IPV4_MAX_BYTELEN)
3766 ? IPADDR_V4
3767 : IPADDR_V6;
3768 memcpy(&p.prefix.macip_addr.ip.ip.addr, pfx, ipaddr_len);
3769 }
3770 pfx += ipaddr_len;
3771
3772 /* Get the VNI(s). Stored as bytes here. */
3773 num_labels++;
3774 memset(label, 0, sizeof(label));
3775 memcpy(&label[0], pfx, BGP_LABEL_BYTES);
3776 pfx += BGP_LABEL_BYTES;
3777 psize -= (33 + ipaddr_len);
3778 /* Do we have a second VNI? */
3779 if (psize) {
3780 num_labels++;
3781 memcpy(&label[1], pfx, BGP_LABEL_BYTES);
3782 /*
3783 * If in future, we are required to access additional fields,
3784 * we MUST increment pfx by BGP_LABEL_BYTES in before reading
3785 * the next field
3786 */
3787 }
3788
3789 /* Process the route. */
3790 if (attr)
3791 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
3792 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3793 &prd, &label[0], num_labels, 0, &evpn);
3794 else
3795 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
3796 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3797 &prd, &label[0], num_labels, &evpn);
3798 return ret;
3799 }
3800
3801 /*
3802 * Process received EVPN type-3 route (advertise or withdraw).
3803 */
3804 static int process_type3_route(struct peer *peer, afi_t afi, safi_t safi,
3805 struct attr *attr, uint8_t *pfx, int psize,
3806 uint32_t addpath_id)
3807 {
3808 struct prefix_rd prd;
3809 struct prefix_evpn p;
3810 uint8_t ipaddr_len;
3811 uint32_t eth_tag;
3812 int ret;
3813
3814 /* Type-3 route should be either 17 or 29 bytes: RD (8), Eth Tag (4),
3815 * IP len (1) and IP (4 or 16).
3816 */
3817 if (psize != 17 && psize != 29) {
3818 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3819 "%u:%s - Rx EVPN Type-3 NLRI with invalid length %d",
3820 peer->bgp->vrf_id, peer->host, psize);
3821 return -1;
3822 }
3823
3824 /* If PMSI is present, log if it is anything other than IR.
3825 * Note: We just simply ignore the values as it is not clear if
3826 * doing anything else is better.
3827 */
3828 if (attr &&
3829 (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL))) {
3830 if (attr->pmsi_tnl_type != PMSI_TNLTYPE_INGR_REPL) {
3831 flog_warn(
3832 EC_BGP_EVPN_PMSI_PRESENT,
3833 "%u:%s - Rx EVPN Type-3 NLRI with unsupported PTA %d",
3834 peer->bgp->vrf_id, peer->host,
3835 attr->pmsi_tnl_type);
3836 }
3837 }
3838
3839 /* Make prefix_rd */
3840 prd.family = AF_UNSPEC;
3841 prd.prefixlen = 64;
3842 memcpy(&prd.val, pfx, 8);
3843 pfx += 8;
3844
3845 /* Make EVPN prefix. */
3846 memset(&p, 0, sizeof(struct prefix_evpn));
3847 p.family = AF_EVPN;
3848 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3849 p.prefix.route_type = BGP_EVPN_IMET_ROUTE;
3850
3851 /* Copy Ethernet Tag */
3852 memcpy(&eth_tag, pfx, 4);
3853 p.prefix.imet_addr.eth_tag = ntohl(eth_tag);
3854 pfx += 4;
3855
3856 /* Get the IP. */
3857 ipaddr_len = *pfx++;
3858 if (ipaddr_len == IPV4_MAX_BITLEN) {
3859 p.prefix.imet_addr.ip.ipa_type = IPADDR_V4;
3860 memcpy(&p.prefix.imet_addr.ip.ip.addr, pfx, IPV4_MAX_BYTELEN);
3861 } else {
3862 flog_err(
3863 EC_BGP_EVPN_ROUTE_INVALID,
3864 "%u:%s - Rx EVPN Type-3 NLRI with unsupported IP address length %d",
3865 peer->bgp->vrf_id, peer->host, ipaddr_len);
3866 return -1;
3867 }
3868
3869 /* Process the route. */
3870 if (attr)
3871 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
3872 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3873 &prd, NULL, 0, 0, NULL);
3874 else
3875 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
3876 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3877 &prd, NULL, 0, NULL);
3878 return ret;
3879 }
3880
3881 /*
3882 * Process received EVPN type-4 route (advertise or withdraw).
3883 */
3884 static int process_type4_route(struct peer *peer, afi_t afi, safi_t safi,
3885 struct attr *attr, uint8_t *pfx, int psize,
3886 uint32_t addpath_id)
3887 {
3888 int ret;
3889 esi_t esi;
3890 uint8_t ipaddr_len;
3891 struct in_addr vtep_ip;
3892 struct prefix_rd prd;
3893 struct prefix_evpn p;
3894
3895 /* Type-4 route should be either 23 or 35 bytes
3896 * RD (8), ESI (10), ip-len (1), ip (4 or 16)
3897 */
3898 if (psize != 23 && psize != 35) {
3899 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3900 "%u:%s - Rx EVPN Type-4 NLRI with invalid length %d",
3901 peer->bgp->vrf_id, peer->host, psize);
3902 return -1;
3903 }
3904
3905 /* Make prefix_rd */
3906 prd.family = AF_UNSPEC;
3907 prd.prefixlen = 64;
3908 memcpy(&prd.val, pfx, 8);
3909 pfx += 8;
3910
3911 /* get the ESI */
3912 memcpy(&esi, pfx, ESI_BYTES);
3913 pfx += ESI_BYTES;
3914
3915
3916 /* Get the IP. */
3917 ipaddr_len = *pfx++;
3918 if (ipaddr_len == IPV4_MAX_BITLEN) {
3919 memcpy(&vtep_ip, pfx, IPV4_MAX_BYTELEN);
3920 } else {
3921 flog_err(
3922 EC_BGP_EVPN_ROUTE_INVALID,
3923 "%u:%s - Rx EVPN Type-4 NLRI with unsupported IP address length %d",
3924 peer->bgp->vrf_id, peer->host, ipaddr_len);
3925 return -1;
3926 }
3927
3928 build_evpn_type4_prefix(&p, &esi, vtep_ip);
3929 /* Process the route. */
3930 if (attr) {
3931 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
3932 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3933 &prd, NULL, 0, 0, NULL);
3934 } else {
3935 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
3936 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
3937 &prd, NULL, 0, NULL);
3938 }
3939 return ret;
3940 }
3941
3942
3943 /*
3944 * Process received EVPN type-5 route (advertise or withdraw).
3945 */
3946 static int process_type5_route(struct peer *peer, afi_t afi, safi_t safi,
3947 struct attr *attr, uint8_t *pfx, int psize,
3948 uint32_t addpath_id, int withdraw)
3949 {
3950 struct prefix_rd prd;
3951 struct prefix_evpn p;
3952 struct bgp_route_evpn evpn;
3953 uint8_t ippfx_len;
3954 uint32_t eth_tag;
3955 mpls_label_t label; /* holds the VNI as in the packet */
3956 int ret;
3957
3958 /* Type-5 route should be 34 or 58 bytes:
3959 * RD (8), ESI (10), Eth Tag (4), IP len (1), IP (4 or 16),
3960 * GW (4 or 16) and VNI (3).
3961 * Note that the IP and GW should both be IPv4 or both IPv6.
3962 */
3963 if (psize != 34 && psize != 58) {
3964 flog_err(EC_BGP_EVPN_ROUTE_INVALID,
3965 "%u:%s - Rx EVPN Type-5 NLRI with invalid length %d",
3966 peer->bgp->vrf_id, peer->host, psize);
3967 return -1;
3968 }
3969
3970 /* Make prefix_rd */
3971 prd.family = AF_UNSPEC;
3972 prd.prefixlen = 64;
3973 memcpy(&prd.val, pfx, 8);
3974 pfx += 8;
3975
3976 /* Make EVPN prefix. */
3977 memset(&p, 0, sizeof(struct prefix_evpn));
3978 p.family = AF_EVPN;
3979 p.prefixlen = EVPN_ROUTE_PREFIXLEN;
3980 p.prefix.route_type = BGP_EVPN_IP_PREFIX_ROUTE;
3981
3982 /* Additional information outside of prefix - ESI and GW IP */
3983 memset(&evpn, 0, sizeof(evpn));
3984
3985 /* Fetch ESI */
3986 memcpy(&evpn.eth_s_id.val, pfx, 10);
3987 pfx += 10;
3988
3989 /* Fetch Ethernet Tag. */
3990 memcpy(&eth_tag, pfx, 4);
3991 p.prefix.prefix_addr.eth_tag = ntohl(eth_tag);
3992 pfx += 4;
3993
3994 /* Fetch IP prefix length. */
3995 ippfx_len = *pfx++;
3996 if (ippfx_len > IPV6_MAX_BITLEN) {
3997 flog_err(
3998 EC_BGP_EVPN_ROUTE_INVALID,
3999 "%u:%s - Rx EVPN Type-5 NLRI with invalid IP Prefix length %d",
4000 peer->bgp->vrf_id, peer->host, ippfx_len);
4001 return -1;
4002 }
4003 p.prefix.prefix_addr.ip_prefix_length = ippfx_len;
4004
4005 /* Determine IPv4 or IPv6 prefix */
4006 /* Since the address and GW are from the same family, this just becomes
4007 * a simple check on the total size.
4008 */
4009 if (psize == 34) {
4010 SET_IPADDR_V4(&p.prefix.prefix_addr.ip);
4011 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v4, pfx, 4);
4012 pfx += 4;
4013 memcpy(&evpn.gw_ip.ipv4, pfx, 4);
4014 pfx += 4;
4015 } else {
4016 SET_IPADDR_V6(&p.prefix.prefix_addr.ip);
4017 memcpy(&p.prefix.prefix_addr.ip.ipaddr_v6, pfx, 16);
4018 pfx += 16;
4019 memcpy(&evpn.gw_ip.ipv6, pfx, 16);
4020 pfx += 16;
4021 }
4022
4023 /* Get the VNI (in MPLS label field). Stored as bytes here. */
4024 memset(&label, 0, sizeof(label));
4025 memcpy(&label, pfx, BGP_LABEL_BYTES);
4026
4027 /*
4028 * If in future, we are required to access additional fields,
4029 * we MUST increment pfx by BGP_LABEL_BYTES in before reading the next
4030 * field
4031 */
4032
4033 /* Process the route. */
4034 if (!withdraw)
4035 ret = bgp_update(peer, (struct prefix *)&p, addpath_id, attr,
4036 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4037 &prd, &label, 1, 0, &evpn);
4038 else
4039 ret = bgp_withdraw(peer, (struct prefix *)&p, addpath_id, attr,
4040 afi, safi, ZEBRA_ROUTE_BGP, BGP_ROUTE_NORMAL,
4041 &prd, &label, 1, &evpn);
4042
4043 return ret;
4044 }
4045
4046 static void evpn_mpattr_encode_type5(struct stream *s, struct prefix *p,
4047 struct prefix_rd *prd, mpls_label_t *label,
4048 uint32_t num_labels, struct attr *attr)
4049 {
4050 int len;
4051 char temp[16];
4052 struct evpn_addr *p_evpn_p;
4053
4054 memset(&temp, 0, 16);
4055 if (p->family != AF_EVPN)
4056 return;
4057 p_evpn_p = &(p->u.prefix_evpn);
4058
4059 /* len denites the total len of IP and GW-IP in the route
4060 IP and GW-IP have to be both ipv4 or ipv6
4061 */
4062 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4063 len = 8; /* IP and GWIP are both ipv4 */
4064 else
4065 len = 32; /* IP and GWIP are both ipv6 */
4066 /* Prefix contains RD, ESI, EthTag, IP length, IP, GWIP and VNI */
4067 stream_putc(s, 8 + 10 + 4 + 1 + len + 3);
4068 stream_put(s, prd->val, 8);
4069 if (attr)
4070 stream_put(s, &(attr->evpn_overlay.eth_s_id), 10);
4071 else
4072 stream_put(s, &temp, 10);
4073 stream_putl(s, p_evpn_p->prefix_addr.eth_tag);
4074 stream_putc(s, p_evpn_p->prefix_addr.ip_prefix_length);
4075 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4076 stream_put_ipv4(s, p_evpn_p->prefix_addr.ip.ipaddr_v4.s_addr);
4077 else
4078 stream_put(s, &p_evpn_p->prefix_addr.ip.ipaddr_v6, 16);
4079 if (attr) {
4080 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4081 stream_put_ipv4(s,
4082 attr->evpn_overlay.gw_ip.ipv4.s_addr);
4083 else
4084 stream_put(s, &(attr->evpn_overlay.gw_ip.ipv6), 16);
4085 } else {
4086 if (IS_IPADDR_V4(&p_evpn_p->prefix_addr.ip))
4087 stream_put_ipv4(s, 0);
4088 else
4089 stream_put(s, &temp, 16);
4090 }
4091
4092 if (num_labels)
4093 stream_put(s, label, 3);
4094 else
4095 stream_put3(s, 0);
4096 }
4097
4098 /*
4099 * Cleanup specific VNI upon EVPN (advertise-all-vni) being disabled.
4100 */
4101 static void cleanup_vni_on_disable(struct hash_backet *backet, struct bgp *bgp)
4102 {
4103 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
4104
4105 /* Remove EVPN routes and schedule for processing. */
4106 delete_routes_for_vni(bgp, vpn);
4107
4108 /* Clear "live" flag and see if hash needs to be freed. */
4109 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
4110 if (!is_vni_configured(vpn))
4111 bgp_evpn_free(bgp, vpn);
4112 }
4113
4114 /*
4115 * Free a VNI entry; iterator function called during cleanup.
4116 */
4117 static void free_vni_entry(struct hash_backet *backet, struct bgp *bgp)
4118 {
4119 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
4120
4121 delete_all_vni_routes(bgp, vpn);
4122 bgp_evpn_free(bgp, vpn);
4123 }
4124
4125 /*
4126 * Derive AUTO import RT for BGP VRF - L3VNI
4127 */
4128 static void evpn_auto_rt_import_add_for_vrf(struct bgp *bgp_vrf)
4129 {
4130 struct bgp *bgp_def = NULL;
4131
4132 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4133 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4134
4135 /* Map RT to VRF */
4136 bgp_def = bgp_get_default();
4137 if (!bgp_def)
4138 return;
4139 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4140 }
4141
4142 /*
4143 * Delete AUTO import RT from BGP VRF - L3VNI
4144 */
4145 static void evpn_auto_rt_import_delete_for_vrf(struct bgp *bgp_vrf)
4146 {
4147 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_import_rtl);
4148 }
4149
4150 /*
4151 * Derive AUTO export RT for BGP VRF - L3VNI
4152 */
4153 static void evpn_auto_rt_export_add_for_vrf(struct bgp *bgp_vrf)
4154 {
4155 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4156 form_auto_rt(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4157 }
4158
4159 /*
4160 * Delete AUTO export RT from BGP VRF - L3VNI
4161 */
4162 static void evpn_auto_rt_export_delete_for_vrf(struct bgp *bgp_vrf)
4163 {
4164 evpn_rt_delete_auto(bgp_vrf, bgp_vrf->l3vni, bgp_vrf->vrf_export_rtl);
4165 }
4166
4167 static void bgp_evpn_handle_export_rt_change_for_vrf(struct bgp *bgp_vrf)
4168 {
4169 struct bgp *bgp_def = NULL;
4170 struct listnode *node = NULL;
4171 struct bgpevpn *vpn = NULL;
4172
4173 bgp_def = bgp_get_default();
4174 if (!bgp_def)
4175 return;
4176
4177 /* update all type-5 routes */
4178 update_advertise_vrf_routes(bgp_vrf);
4179
4180 /* update all type-2 routes */
4181 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
4182 update_routes_for_vni(bgp_def, vpn);
4183 }
4184
4185 /*
4186 * Handle autort change for a given VNI.
4187 */
4188 static void update_autort_vni(struct hash_backet *backet, struct bgp *bgp)
4189 {
4190 struct bgpevpn *vpn = backet->data;
4191
4192 if (!is_import_rt_configured(vpn)) {
4193 if (is_vni_live(vpn))
4194 bgp_evpn_uninstall_routes(bgp, vpn);
4195 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
4196 list_delete_all_node(vpn->import_rtl);
4197 bgp_evpn_derive_auto_rt_import(bgp, vpn);
4198 if (is_vni_live(vpn))
4199 bgp_evpn_install_routes(bgp, vpn);
4200 }
4201 if (!is_export_rt_configured(vpn)) {
4202 list_delete_all_node(vpn->export_rtl);
4203 bgp_evpn_derive_auto_rt_export(bgp, vpn);
4204 if (is_vni_live(vpn))
4205 bgp_evpn_handle_export_rt_change(bgp, vpn);
4206 }
4207 }
4208
4209 /*
4210 * Public functions.
4211 */
4212
4213 /* withdraw type-5 route corresponding to ip prefix */
4214 void bgp_evpn_withdraw_type5_route(struct bgp *bgp_vrf, struct prefix *p,
4215 afi_t afi, safi_t safi)
4216 {
4217 int ret = 0;
4218 struct prefix_evpn evp;
4219 char buf[PREFIX_STRLEN];
4220
4221 build_type5_prefix_from_ip_prefix(&evp, p);
4222 ret = delete_evpn_type5_route(bgp_vrf, &evp);
4223 if (ret) {
4224 flog_err(
4225 EC_BGP_EVPN_ROUTE_DELETE,
4226 "%u failed to delete type-5 route for prefix %s in vrf %s",
4227 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)),
4228 vrf_id_to_name(bgp_vrf->vrf_id));
4229 }
4230 }
4231
4232 /* withdraw all type-5 routes for an address family */
4233 void bgp_evpn_withdraw_type5_routes(struct bgp *bgp_vrf, afi_t afi, safi_t safi)
4234 {
4235 struct bgp_table *table = NULL;
4236 struct bgp_node *rn = NULL;
4237 struct bgp_path_info *pi;
4238
4239 table = bgp_vrf->rib[afi][safi];
4240 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
4241 /* Only care about "selected" routes - non-imported. */
4242 /* TODO: Support for AddPath for EVPN. */
4243 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next) {
4244 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4245 && (!pi->extra || !pi->extra->parent)) {
4246 bgp_evpn_withdraw_type5_route(bgp_vrf, &rn->p,
4247 afi, safi);
4248 break;
4249 }
4250 }
4251 }
4252 }
4253
4254 /*
4255 * evpn - enable advertisement of default g/w
4256 */
4257 void bgp_evpn_install_uninstall_default_route(struct bgp *bgp_vrf, afi_t afi,
4258 safi_t safi, bool add)
4259 {
4260 struct prefix ip_prefix;
4261
4262 /* form the default prefix 0.0.0.0/0 */
4263 memset(&ip_prefix, 0, sizeof(struct prefix));
4264 ip_prefix.family = afi2family(afi);
4265
4266 if (add) {
4267 bgp_evpn_advertise_type5_route(bgp_vrf, &ip_prefix,
4268 NULL, afi, safi);
4269 } else {
4270 bgp_evpn_withdraw_type5_route(bgp_vrf, &ip_prefix,
4271 afi, safi);
4272 }
4273 }
4274
4275
4276 /*
4277 * Advertise IP prefix as type-5 route. The afi/safi and src_attr passed
4278 * to this function correspond to those of the source IP prefix (best
4279 * path in the case of the attr. In the case of a local prefix (when we
4280 * are advertising local subnets), the src_attr will be NULL.
4281 */
4282 void bgp_evpn_advertise_type5_route(struct bgp *bgp_vrf, struct prefix *p,
4283 struct attr *src_attr, afi_t afi,
4284 safi_t safi)
4285 {
4286 int ret = 0;
4287 struct prefix_evpn evp;
4288 char buf[PREFIX_STRLEN];
4289
4290 build_type5_prefix_from_ip_prefix(&evp, p);
4291 ret = update_evpn_type5_route(bgp_vrf, &evp, src_attr);
4292 if (ret)
4293 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
4294 "%u: Failed to create type-5 route for prefix %s",
4295 bgp_vrf->vrf_id, prefix2str(p, buf, sizeof(buf)));
4296 }
4297
4298 /* Inject all prefixes of a particular address-family (currently, IPv4 or
4299 * IPv6 unicast) into EVPN as type-5 routes. This is invoked when the
4300 * advertisement is enabled.
4301 */
4302 void bgp_evpn_advertise_type5_routes(struct bgp *bgp_vrf, afi_t afi,
4303 safi_t safi)
4304 {
4305 struct bgp_table *table = NULL;
4306 struct bgp_node *rn = NULL;
4307 struct bgp_path_info *pi;
4308
4309 table = bgp_vrf->rib[afi][safi];
4310 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
4311 /* Need to identify the "selected" route entry to use its
4312 * attribute. Also, we only consider "non-imported" routes.
4313 * TODO: Support for AddPath for EVPN.
4314 */
4315 for (pi = bgp_node_get_bgp_path_info(rn); pi; pi = pi->next) {
4316 if (CHECK_FLAG(pi->flags, BGP_PATH_SELECTED)
4317 && (!pi->extra || !pi->extra->parent)) {
4318
4319 /* apply the route-map */
4320 if (bgp_vrf->adv_cmd_rmap[afi][safi].map) {
4321 int ret = 0;
4322
4323 ret = route_map_apply(
4324 bgp_vrf->adv_cmd_rmap[afi][safi]
4325 .map,
4326 &rn->p, RMAP_BGP, pi);
4327 if (ret == RMAP_DENYMATCH)
4328 continue;
4329 }
4330 bgp_evpn_advertise_type5_route(
4331 bgp_vrf, &rn->p, pi->attr, afi, safi);
4332 break;
4333 }
4334 }
4335 }
4336 }
4337
4338 void evpn_rt_delete_auto(struct bgp *bgp, vni_t vni, struct list *rtl)
4339 {
4340 struct listnode *node, *nnode, *node_to_del;
4341 struct ecommunity *ecom, *ecom_auto;
4342 struct ecommunity_val eval;
4343
4344 if (bgp->advertise_autort_rfc8365)
4345 vni |= EVPN_AUTORT_VXLAN;
4346 encode_route_target_as((bgp->as & 0xFFFF), vni, &eval);
4347
4348 ecom_auto = ecommunity_new();
4349 ecommunity_add_val(ecom_auto, &eval);
4350 node_to_del = NULL;
4351
4352 for (ALL_LIST_ELEMENTS(rtl, node, nnode, ecom)) {
4353 if (ecommunity_match(ecom, ecom_auto)) {
4354 ecommunity_free(&ecom);
4355 node_to_del = node;
4356 }
4357 }
4358
4359 if (node_to_del)
4360 list_delete_node(rtl, node_to_del);
4361
4362 ecommunity_free(&ecom_auto);
4363 }
4364
4365 void bgp_evpn_configure_import_rt_for_vrf(struct bgp *bgp_vrf,
4366 struct ecommunity *ecomadd)
4367 {
4368 /* uninstall routes from vrf */
4369 uninstall_routes_for_vrf(bgp_vrf);
4370
4371 /* Cleanup the RT to VRF mapping */
4372 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4373
4374 /* Remove auto generated RT */
4375 evpn_auto_rt_import_delete_for_vrf(bgp_vrf);
4376
4377 /* Add the newly configured RT to RT list */
4378 listnode_add_sort(bgp_vrf->vrf_import_rtl, ecomadd);
4379 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4380
4381 /* map VRF to its RTs */
4382 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4383
4384 /* install routes matching the new VRF */
4385 install_routes_for_vrf(bgp_vrf);
4386 }
4387
4388 void bgp_evpn_unconfigure_import_rt_for_vrf(struct bgp *bgp_vrf,
4389 struct ecommunity *ecomdel)
4390 {
4391 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4392 struct ecommunity *ecom = NULL;
4393
4394 /* uninstall routes from vrf */
4395 uninstall_routes_for_vrf(bgp_vrf);
4396
4397 /* Cleanup the RT to VRF mapping */
4398 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
4399
4400 /* remove the RT from the RT list */
4401 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4402 if (ecommunity_match(ecom, ecomdel)) {
4403 ecommunity_free(&ecom);
4404 node_to_del = node;
4405 break;
4406 }
4407 }
4408
4409 if (node_to_del)
4410 list_delete_node(bgp_vrf->vrf_import_rtl, node_to_del);
4411
4412 assert(bgp_vrf->vrf_import_rtl);
4413 /* fallback to auto import rt, if this was the last RT */
4414 if (bgp_vrf->vrf_import_rtl && list_isempty(bgp_vrf->vrf_import_rtl)) {
4415 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD);
4416 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
4417 }
4418
4419 /* map VRFs to its RTs */
4420 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
4421
4422 /* install routes matching this new RT */
4423 install_routes_for_vrf(bgp_vrf);
4424 }
4425
4426 void bgp_evpn_configure_export_rt_for_vrf(struct bgp *bgp_vrf,
4427 struct ecommunity *ecomadd)
4428 {
4429 /* remove auto-generated RT */
4430 evpn_auto_rt_export_delete_for_vrf(bgp_vrf);
4431
4432 /* Add the new RT to the RT list */
4433 listnode_add_sort(bgp_vrf->vrf_export_rtl, ecomadd);
4434 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4435
4436 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4437 }
4438
4439 void bgp_evpn_unconfigure_export_rt_for_vrf(struct bgp *bgp_vrf,
4440 struct ecommunity *ecomdel)
4441 {
4442 struct listnode *node = NULL, *nnode = NULL, *node_to_del = NULL;
4443 struct ecommunity *ecom = NULL;
4444
4445 /* Remove the RT from the RT list */
4446 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_export_rtl, node, nnode, ecom)) {
4447 if (ecommunity_match(ecom, ecomdel)) {
4448 ecommunity_free(&ecom);
4449 node_to_del = node;
4450 break;
4451 }
4452 }
4453
4454 if (node_to_del)
4455 list_delete_node(bgp_vrf->vrf_export_rtl, node_to_del);
4456
4457 /*
4458 * Temporary assert to make SA happy.
4459 * The ALL_LIST_ELEMENTS macro above has a NULL check
4460 * which means that SA is going to complain about
4461 * the list_isempty call, which doesn't NULL check.
4462 * So until we get this situation cleaned up, here
4463 * we are.
4464 */
4465 assert(bgp_vrf->vrf_export_rtl);
4466
4467 /* fall back to auto-generated RT if this was the last RT */
4468 if (list_isempty(bgp_vrf->vrf_export_rtl)) {
4469 UNSET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD);
4470 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
4471 }
4472
4473 bgp_evpn_handle_export_rt_change_for_vrf(bgp_vrf);
4474 }
4475
4476 /*
4477 * Handle change to BGP router id. This is invoked twice by the change
4478 * handler, first before the router id has been changed and then after
4479 * the router id has been changed. The first invocation will result in
4480 * local routes for all VNIs/VRF being deleted and withdrawn and the next
4481 * will result in the routes being re-advertised.
4482 */
4483 void bgp_evpn_handle_router_id_update(struct bgp *bgp, int withdraw)
4484 {
4485 if (withdraw) {
4486
4487 /* delete and withdraw all the type-5 routes
4488 stored in the global table for this vrf
4489 */
4490 withdraw_router_id_vrf(bgp);
4491
4492 /* delete all the VNI routes (type-2/type-3) routes for all the
4493 * L2-VNIs
4494 */
4495 hash_iterate(bgp->vnihash,
4496 (void (*)(struct hash_backet *,
4497 void *))withdraw_router_id_vni,
4498 bgp);
4499 } else {
4500
4501 /* advertise all routes in the vrf as type-5 routes with the new
4502 * RD
4503 */
4504 update_router_id_vrf(bgp);
4505
4506 /* advertise all the VNI routes (type-2/type-3) routes with the
4507 * new RD
4508 */
4509 hash_iterate(bgp->vnihash,
4510 (void (*)(struct hash_backet *,
4511 void *))update_router_id_vni,
4512 bgp);
4513 }
4514 }
4515
4516 /*
4517 * Handle change to auto-RT algorithm - update and advertise local routes.
4518 */
4519 void bgp_evpn_handle_autort_change(struct bgp *bgp)
4520 {
4521 hash_iterate(bgp->vnihash,
4522 (void (*)(struct hash_backet *,
4523 void*))update_autort_vni,
4524 bgp);
4525 }
4526
4527 /*
4528 * Handle change to export RT - update and advertise local routes.
4529 */
4530 int bgp_evpn_handle_export_rt_change(struct bgp *bgp, struct bgpevpn *vpn)
4531 {
4532 return update_routes_for_vni(bgp, vpn);
4533 }
4534
4535 void bgp_evpn_handle_vrf_rd_change(struct bgp *bgp_vrf, int withdraw)
4536 {
4537 if (withdraw)
4538 delete_withdraw_vrf_routes(bgp_vrf);
4539 else
4540 update_advertise_vrf_routes(bgp_vrf);
4541 }
4542
4543 /*
4544 * Handle change to RD. This is invoked twice by the change handler,
4545 * first before the RD has been changed and then after the RD has
4546 * been changed. The first invocation will result in local routes
4547 * of this VNI being deleted and withdrawn and the next will result
4548 * in the routes being re-advertised.
4549 */
4550 void bgp_evpn_handle_rd_change(struct bgp *bgp, struct bgpevpn *vpn,
4551 int withdraw)
4552 {
4553 if (withdraw)
4554 delete_withdraw_vni_routes(bgp, vpn);
4555 else
4556 update_advertise_vni_routes(bgp, vpn);
4557 }
4558
4559 /*
4560 * Install routes for this VNI. Invoked upon change to Import RT.
4561 */
4562 int bgp_evpn_install_routes(struct bgp *bgp, struct bgpevpn *vpn)
4563 {
4564 return install_routes_for_vni(bgp, vpn);
4565 }
4566
4567 /*
4568 * Uninstall all routes installed for this VNI. Invoked upon change
4569 * to Import RT.
4570 */
4571 int bgp_evpn_uninstall_routes(struct bgp *bgp, struct bgpevpn *vpn)
4572 {
4573 return uninstall_routes_for_vni(bgp, vpn);
4574 }
4575
4576 /*
4577 * TODO: Hardcoded for a maximum of 2 VNIs right now
4578 */
4579 char *bgp_evpn_label2str(mpls_label_t *label, uint32_t num_labels, char *buf,
4580 int len)
4581 {
4582 vni_t vni1, vni2;
4583
4584 vni1 = label2vni(label);
4585 if (num_labels == 2) {
4586 vni2 = label2vni(label + 1);
4587 snprintf(buf, len, "%u/%u", vni1, vni2);
4588 } else
4589 snprintf(buf, len, "%u", vni1);
4590 return buf;
4591 }
4592
4593 /*
4594 * Function to convert evpn route to json format.
4595 * NOTE: We don't use prefix2str as the output here is a bit different.
4596 */
4597 void bgp_evpn_route2json(struct prefix_evpn *p, json_object *json)
4598 {
4599 char buf1[ETHER_ADDR_STRLEN];
4600 char buf2[PREFIX2STR_BUFFER];
4601
4602 if (!json)
4603 return;
4604
4605 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
4606 json_object_int_add(json, "routeType", p->prefix.route_type);
4607 json_object_int_add(json, "ethTag",
4608 p->prefix.imet_addr.eth_tag);
4609 json_object_int_add(json, "ipLen",
4610 is_evpn_prefix_ipaddr_v4(p)
4611 ? IPV4_MAX_BITLEN
4612 : IPV6_MAX_BITLEN);
4613 json_object_string_add(json, "ip",
4614 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
4615 } else if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
4616 if (is_evpn_prefix_ipaddr_none(p)) {
4617 json_object_int_add(json, "routeType",
4618 p->prefix.route_type);
4619 json_object_int_add(json, "ethTag",
4620 p->prefix.macip_addr.eth_tag);
4621 json_object_int_add(json, "macLen", 8 * ETH_ALEN);
4622 json_object_string_add(json, "mac",
4623 prefix_mac2str(&p->prefix.macip_addr.mac,
4624 buf1,
4625 sizeof(buf1)));
4626 } else {
4627 uint8_t family;
4628
4629 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET
4630 : AF_INET6;
4631
4632 json_object_int_add(json, "routeType",
4633 p->prefix.route_type);
4634 json_object_int_add(json, "ethTag",
4635 p->prefix.macip_addr.eth_tag);
4636 json_object_int_add(json, "macLen", 8 * ETH_ALEN);
4637 json_object_string_add(json, "mac",
4638 prefix_mac2str(&p->prefix.macip_addr.mac,
4639 buf1,
4640 sizeof(buf1)));
4641 json_object_int_add(json, "ipLen",
4642 is_evpn_prefix_ipaddr_v4(p)
4643 ? IPV4_MAX_BITLEN
4644 : IPV6_MAX_BITLEN);
4645 json_object_string_add(
4646 json, "ip",
4647 inet_ntop(family,
4648 &p->prefix.macip_addr.ip.ip.addr,
4649 buf2,
4650 PREFIX2STR_BUFFER));
4651 }
4652 } else {
4653 /* Currently, this is to cater to other AF_ETHERNET code. */
4654 }
4655 }
4656
4657 /*
4658 * Function to convert evpn route to string.
4659 * NOTE: We don't use prefix2str as the output here is a bit different.
4660 */
4661 char *bgp_evpn_route2str(struct prefix_evpn *p, char *buf, int len)
4662 {
4663 char buf1[ETHER_ADDR_STRLEN];
4664 char buf2[PREFIX2STR_BUFFER];
4665 char buf3[ESI_STR_LEN];
4666
4667 if (p->prefix.route_type == BGP_EVPN_IMET_ROUTE) {
4668 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]", p->prefix.route_type,
4669 p->prefix.imet_addr.eth_tag,
4670 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
4671 : IPV6_MAX_BITLEN,
4672 inet_ntoa(p->prefix.imet_addr.ip.ipaddr_v4));
4673 } else if (p->prefix.route_type == BGP_EVPN_MAC_IP_ROUTE) {
4674 if (is_evpn_prefix_ipaddr_none(p))
4675 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
4676 p->prefix.route_type,
4677 p->prefix.macip_addr.eth_tag,
4678 8 * ETH_ALEN,
4679 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4680 sizeof(buf1)));
4681 else {
4682 uint8_t family;
4683
4684 family = is_evpn_prefix_ipaddr_v4(p) ? AF_INET
4685 : AF_INET6;
4686 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]:[%d]:[%s]",
4687 p->prefix.route_type,
4688 p->prefix.macip_addr.eth_tag,
4689 8 * ETH_ALEN,
4690 prefix_mac2str(&p->prefix.macip_addr.mac, buf1,
4691 sizeof(buf1)),
4692 family == AF_INET ? IPV4_MAX_BITLEN
4693 : IPV6_MAX_BITLEN,
4694 inet_ntop(family,
4695 &p->prefix.macip_addr.ip.ip.addr,
4696 buf2,
4697 PREFIX2STR_BUFFER));
4698 }
4699 } else if (p->prefix.route_type == BGP_EVPN_IP_PREFIX_ROUTE) {
4700 snprintf(buf, len, "[%d]:[%d]:[%d]:[%s]",
4701 p->prefix.route_type,
4702 p->prefix.prefix_addr.eth_tag,
4703 p->prefix.prefix_addr.ip_prefix_length,
4704 is_evpn_prefix_ipaddr_v4(p)
4705 ? inet_ntoa(p->prefix.prefix_addr.ip.ipaddr_v4)
4706 : inet6_ntoa(p->prefix.prefix_addr.ip.ipaddr_v6));
4707 } else if (p->prefix.route_type == BGP_EVPN_ES_ROUTE) {
4708 snprintf(buf, len, "[%d]:[%s]:[%d]:[%s]",
4709 p->prefix.route_type,
4710 esi_to_str(&p->prefix.es_addr.esi, buf3, sizeof(buf3)),
4711 is_evpn_prefix_ipaddr_v4(p) ? IPV4_MAX_BITLEN
4712 : IPV6_MAX_BITLEN,
4713 inet_ntoa(p->prefix.es_addr.ip.ipaddr_v4));
4714 } else {
4715 /* For EVPN route types not supported yet. */
4716 snprintf(buf, len, "(unsupported route type %d)",
4717 p->prefix.route_type);
4718 }
4719
4720 return (buf);
4721 }
4722
4723 /*
4724 * Encode EVPN prefix in Update (MP_REACH)
4725 */
4726 void bgp_evpn_encode_prefix(struct stream *s, struct prefix *p,
4727 struct prefix_rd *prd, mpls_label_t *label,
4728 uint32_t num_labels, struct attr *attr,
4729 int addpath_encode, uint32_t addpath_tx_id)
4730 {
4731 struct prefix_evpn *evp = (struct prefix_evpn *)p;
4732 int len, ipa_len = 0;
4733
4734 if (addpath_encode)
4735 stream_putl(s, addpath_tx_id);
4736
4737 /* Route type */
4738 stream_putc(s, evp->prefix.route_type);
4739
4740 switch (evp->prefix.route_type) {
4741 case BGP_EVPN_MAC_IP_ROUTE:
4742 if (is_evpn_prefix_ipaddr_v4(evp))
4743 ipa_len = IPV4_MAX_BYTELEN;
4744 else if (is_evpn_prefix_ipaddr_v6(evp))
4745 ipa_len = IPV6_MAX_BYTELEN;
4746 /* RD, ESI, EthTag, MAC+len, IP len, [IP], 1 VNI */
4747 len = 8 + 10 + 4 + 1 + 6 + 1 + ipa_len + 3;
4748 if (ipa_len && num_labels > 1) /* There are 2 VNIs */
4749 len += 3;
4750 stream_putc(s, len);
4751 stream_put(s, prd->val, 8); /* RD */
4752 if (attr)
4753 stream_put(s, &attr->evpn_overlay.eth_s_id, ESI_LEN);
4754 else
4755 stream_put(s, 0, 10);
4756 stream_putl(s, evp->prefix.macip_addr.eth_tag); /* Ethernet Tag ID */
4757 stream_putc(s, 8 * ETH_ALEN); /* Mac Addr Len - bits */
4758 stream_put(s, evp->prefix.macip_addr.mac.octet, 6); /* Mac Addr */
4759 stream_putc(s, 8 * ipa_len); /* IP address Length */
4760 if (ipa_len) /* IP */
4761 stream_put(s, &evp->prefix.macip_addr.ip.ip.addr,
4762 ipa_len);
4763 /* 1st label is the L2 VNI */
4764 stream_put(s, label, BGP_LABEL_BYTES);
4765 /* Include 2nd label (L3 VNI) if advertising MAC+IP */
4766 if (ipa_len && num_labels > 1)
4767 stream_put(s, label + 1, BGP_LABEL_BYTES);
4768 break;
4769
4770 case BGP_EVPN_IMET_ROUTE:
4771 stream_putc(s, 17); // TODO: length - assumes IPv4 address
4772 stream_put(s, prd->val, 8); /* RD */
4773 stream_putl(s, evp->prefix.imet_addr.eth_tag); /* Ethernet Tag ID */
4774 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
4775 /* Originating Router's IP Addr */
4776 stream_put_in_addr(s, &evp->prefix.imet_addr.ip.ipaddr_v4);
4777 break;
4778
4779 case BGP_EVPN_ES_ROUTE:
4780 stream_putc(s, 23); /* TODO: length: assumes ipv4 VTEP */
4781 stream_put(s, prd->val, 8); /* RD */
4782 stream_put(s, evp->prefix.es_addr.esi.val, 10); /* ESI */
4783 stream_putc(s, IPV4_MAX_BITLEN); /* IP address Length - bits */
4784 /* VTEP IP */
4785 stream_put_in_addr(s, &evp->prefix.es_addr.ip.ipaddr_v4);
4786 break;
4787
4788 case BGP_EVPN_IP_PREFIX_ROUTE:
4789 /* TODO: AddPath support. */
4790 evpn_mpattr_encode_type5(s, p, prd, label, num_labels, attr);
4791 break;
4792
4793 default:
4794 break;
4795 }
4796 }
4797
4798 int bgp_nlri_parse_evpn(struct peer *peer, struct attr *attr,
4799 struct bgp_nlri *packet, int withdraw)
4800 {
4801 uint8_t *pnt;
4802 uint8_t *lim;
4803 afi_t afi;
4804 safi_t safi;
4805 uint32_t addpath_id;
4806 int addpath_encoded;
4807 int psize = 0;
4808 uint8_t rtype;
4809 struct prefix p;
4810
4811 /* Start processing the NLRI - there may be multiple in the MP_REACH */
4812 pnt = packet->nlri;
4813 lim = pnt + packet->length;
4814 afi = packet->afi;
4815 safi = packet->safi;
4816 addpath_id = 0;
4817
4818 addpath_encoded =
4819 (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV)
4820 && CHECK_FLAG(peer->af_cap[afi][safi],
4821 PEER_CAP_ADDPATH_AF_TX_RCV));
4822
4823 for (; pnt < lim; pnt += psize) {
4824 /* Clear prefix structure. */
4825 memset(&p, 0, sizeof(struct prefix));
4826
4827 /* Deal with path-id if AddPath is supported. */
4828 if (addpath_encoded) {
4829 /* When packet overflow occurs return immediately. */
4830 if (pnt + BGP_ADDPATH_ID_LEN > lim)
4831 return -1;
4832
4833 addpath_id = ntohl(*((uint32_t *)pnt));
4834 pnt += BGP_ADDPATH_ID_LEN;
4835 }
4836
4837 /* All EVPN NLRI types start with type and length. */
4838 if (pnt + 2 > lim)
4839 return -1;
4840
4841 rtype = *pnt++;
4842 psize = *pnt++;
4843
4844 /* When packet overflow occur return immediately. */
4845 if (pnt + psize > lim)
4846 return -1;
4847
4848 switch (rtype) {
4849 case BGP_EVPN_MAC_IP_ROUTE:
4850 if (process_type2_route(peer, afi, safi,
4851 withdraw ? NULL : attr, pnt,
4852 psize, addpath_id)) {
4853 flog_err(
4854 EC_BGP_EVPN_FAIL,
4855 "%u:%s - Error in processing EVPN type-2 NLRI size %d",
4856 peer->bgp->vrf_id, peer->host, psize);
4857 return -1;
4858 }
4859 break;
4860
4861 case BGP_EVPN_IMET_ROUTE:
4862 if (process_type3_route(peer, afi, safi,
4863 withdraw ? NULL : attr, pnt,
4864 psize, addpath_id)) {
4865 flog_err(
4866 EC_BGP_PKT_PROCESS,
4867 "%u:%s - Error in processing EVPN type-3 NLRI size %d",
4868 peer->bgp->vrf_id, peer->host, psize);
4869 return -1;
4870 }
4871 break;
4872
4873 case BGP_EVPN_ES_ROUTE:
4874 if (process_type4_route(peer, afi, safi,
4875 withdraw ? NULL : attr, pnt,
4876 psize, addpath_id)) {
4877 flog_err(
4878 EC_BGP_PKT_PROCESS,
4879 "%u:%s - Error in processing EVPN type-4 NLRI size %d",
4880 peer->bgp->vrf_id, peer->host, psize);
4881 return -1;
4882 }
4883 break;
4884
4885 case BGP_EVPN_IP_PREFIX_ROUTE:
4886 if (process_type5_route(peer, afi, safi, attr, pnt,
4887 psize, addpath_id, withdraw)) {
4888 flog_err(
4889 EC_BGP_PKT_PROCESS,
4890 "%u:%s - Error in processing EVPN type-5 NLRI size %d",
4891 peer->bgp->vrf_id, peer->host, psize);
4892 return -1;
4893 }
4894 break;
4895
4896 default:
4897 break;
4898 }
4899 }
4900
4901 /* Packet length consistency check. */
4902 if (pnt != lim)
4903 return -1;
4904
4905 return 0;
4906 }
4907
4908 /*
4909 * Map the RTs (configured or automatically derived) of a VRF to the VRF.
4910 * The mapping will be used during route processing.
4911 * bgp_def: default bgp instance
4912 * bgp_vrf: specific bgp vrf instance on which RT is configured
4913 */
4914 void bgp_evpn_map_vrf_to_its_rts(struct bgp *bgp_vrf)
4915 {
4916 int i = 0;
4917 struct ecommunity_val *eval = NULL;
4918 struct listnode *node = NULL, *nnode = NULL;
4919 struct ecommunity *ecom = NULL;
4920
4921 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4922 for (i = 0; i < ecom->size; i++) {
4923 eval = (struct ecommunity_val *)(ecom->val
4924 + (i
4925 * ECOMMUNITY_SIZE));
4926 map_vrf_to_rt(bgp_vrf, eval);
4927 }
4928 }
4929 }
4930
4931 /*
4932 * Unmap the RTs (configured or automatically derived) of a VRF from the VRF.
4933 */
4934 void bgp_evpn_unmap_vrf_from_its_rts(struct bgp *bgp_vrf)
4935 {
4936 int i;
4937 struct ecommunity_val *eval;
4938 struct listnode *node, *nnode;
4939 struct ecommunity *ecom;
4940
4941 for (ALL_LIST_ELEMENTS(bgp_vrf->vrf_import_rtl, node, nnode, ecom)) {
4942 for (i = 0; i < ecom->size; i++) {
4943 struct vrf_irt_node *irt;
4944 struct ecommunity_val eval_tmp;
4945
4946 eval = (struct ecommunity_val *)(ecom->val
4947 + (i
4948 * ECOMMUNITY_SIZE));
4949 /* If using "automatic" RT, we only care about the
4950 * local-admin sub-field.
4951 * This is to facilitate using VNI as the RT for EBGP
4952 * peering too.
4953 */
4954 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
4955 if (!CHECK_FLAG(bgp_vrf->vrf_flags,
4956 BGP_VRF_IMPORT_RT_CFGD))
4957 mask_ecom_global_admin(&eval_tmp, eval);
4958
4959 irt = lookup_vrf_import_rt(&eval_tmp);
4960 if (irt)
4961 unmap_vrf_from_rt(bgp_vrf, irt);
4962 }
4963 }
4964 }
4965
4966
4967 /*
4968 * Map the RTs (configured or automatically derived) of a VNI to the VNI.
4969 * The mapping will be used during route processing.
4970 */
4971 void bgp_evpn_map_vni_to_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
4972 {
4973 int i;
4974 struct ecommunity_val *eval;
4975 struct listnode *node, *nnode;
4976 struct ecommunity *ecom;
4977
4978 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
4979 for (i = 0; i < ecom->size; i++) {
4980 eval = (struct ecommunity_val *)(ecom->val
4981 + (i
4982 * ECOMMUNITY_SIZE));
4983 map_vni_to_rt(bgp, vpn, eval);
4984 }
4985 }
4986 }
4987
4988 /*
4989 * Unmap the RTs (configured or automatically derived) of a VNI from the VNI.
4990 */
4991 void bgp_evpn_unmap_vni_from_its_rts(struct bgp *bgp, struct bgpevpn *vpn)
4992 {
4993 int i;
4994 struct ecommunity_val *eval;
4995 struct listnode *node, *nnode;
4996 struct ecommunity *ecom;
4997
4998 for (ALL_LIST_ELEMENTS(vpn->import_rtl, node, nnode, ecom)) {
4999 for (i = 0; i < ecom->size; i++) {
5000 struct irt_node *irt;
5001 struct ecommunity_val eval_tmp;
5002
5003 eval = (struct ecommunity_val *)(ecom->val
5004 + (i
5005 * ECOMMUNITY_SIZE));
5006 /* If using "automatic" RT, we only care about the
5007 * local-admin sub-field.
5008 * This is to facilitate using VNI as the RT for EBGP
5009 * peering too.
5010 */
5011 memcpy(&eval_tmp, eval, ECOMMUNITY_SIZE);
5012 if (!is_import_rt_configured(vpn))
5013 mask_ecom_global_admin(&eval_tmp, eval);
5014
5015 irt = lookup_import_rt(bgp, &eval_tmp);
5016 if (irt)
5017 unmap_vni_from_rt(bgp, vpn, irt);
5018 }
5019 }
5020 }
5021
5022 /*
5023 * Derive Import RT automatically for VNI and map VNI to RT.
5024 * The mapping will be used during route processing.
5025 */
5026 void bgp_evpn_derive_auto_rt_import(struct bgp *bgp, struct bgpevpn *vpn)
5027 {
5028 form_auto_rt(bgp, vpn->vni, vpn->import_rtl);
5029 UNSET_FLAG(vpn->flags, VNI_FLAG_IMPRT_CFGD);
5030
5031 /* Map RT to VNI */
5032 bgp_evpn_map_vni_to_its_rts(bgp, vpn);
5033 }
5034
5035 /*
5036 * Derive Export RT automatically for VNI.
5037 */
5038 void bgp_evpn_derive_auto_rt_export(struct bgp *bgp, struct bgpevpn *vpn)
5039 {
5040 form_auto_rt(bgp, vpn->vni, vpn->export_rtl);
5041 UNSET_FLAG(vpn->flags, VNI_FLAG_EXPRT_CFGD);
5042 }
5043
5044 /*
5045 * Derive RD automatically for VNI using passed information - it
5046 * is of the form RouterId:unique-id-for-vni.
5047 */
5048 void bgp_evpn_derive_auto_rd_for_vrf(struct bgp *bgp)
5049 {
5050 form_auto_rd(bgp->router_id, bgp->vrf_rd_id, &bgp->vrf_prd);
5051 }
5052
5053 /*
5054 * Derive RD automatically for VNI using passed information - it
5055 * is of the form RouterId:unique-id-for-vni.
5056 */
5057 void bgp_evpn_derive_auto_rd(struct bgp *bgp, struct bgpevpn *vpn)
5058 {
5059 char buf[100];
5060
5061 vpn->prd.family = AF_UNSPEC;
5062 vpn->prd.prefixlen = 64;
5063 sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), vpn->rd_id);
5064 (void)str2prefix_rd(buf, &vpn->prd);
5065 UNSET_FLAG(vpn->flags, VNI_FLAG_RD_CFGD);
5066 }
5067
5068 /*
5069 * Lookup L3-VNI
5070 */
5071 bool bgp_evpn_lookup_l3vni_l2vni_table(vni_t vni)
5072 {
5073 struct list *inst = bm->bgp;
5074 struct listnode *node;
5075 struct bgp *bgp_vrf;
5076
5077 for (ALL_LIST_ELEMENTS_RO(inst, node, bgp_vrf)) {
5078 if (bgp_vrf->l3vni == vni)
5079 return true;
5080 }
5081
5082 return false;
5083 }
5084
5085 /*
5086 * Lookup VNI.
5087 */
5088 struct bgpevpn *bgp_evpn_lookup_vni(struct bgp *bgp, vni_t vni)
5089 {
5090 struct bgpevpn *vpn;
5091 struct bgpevpn tmp;
5092
5093 memset(&tmp, 0, sizeof(struct bgpevpn));
5094 tmp.vni = vni;
5095 vpn = hash_lookup(bgp->vnihash, &tmp);
5096 return vpn;
5097 }
5098
5099 /*
5100 * Create a new vpn - invoked upon configuration or zebra notification.
5101 */
5102 struct bgpevpn *bgp_evpn_new(struct bgp *bgp, vni_t vni,
5103 struct in_addr originator_ip,
5104 vrf_id_t tenant_vrf_id)
5105 {
5106 struct bgpevpn *vpn;
5107
5108 if (!bgp)
5109 return NULL;
5110
5111 vpn = XCALLOC(MTYPE_BGP_EVPN, sizeof(struct bgpevpn));
5112 if (!vpn)
5113 return NULL;
5114
5115 /* Set values - RD and RT set to defaults. */
5116 vpn->vni = vni;
5117 vpn->originator_ip = originator_ip;
5118 vpn->tenant_vrf_id = tenant_vrf_id;
5119
5120 /* Initialize route-target import and export lists */
5121 vpn->import_rtl = list_new();
5122 vpn->import_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5123 vpn->import_rtl->del = evpn_xxport_delete_ecomm;
5124 vpn->export_rtl = list_new();
5125 vpn->export_rtl->cmp = (int (*)(void *, void *))evpn_route_target_cmp;
5126 vpn->export_rtl->del = evpn_xxport_delete_ecomm;
5127 bf_assign_index(bm->rd_idspace, vpn->rd_id);
5128 derive_rd_rt_for_vni(bgp, vpn);
5129
5130 /* Initialize EVPN route table. */
5131 vpn->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5132
5133 /* Add to hash */
5134 if (!hash_get(bgp->vnihash, vpn, hash_alloc_intern)) {
5135 XFREE(MTYPE_BGP_EVPN, vpn);
5136 return NULL;
5137 }
5138
5139 /* add to l2vni list on corresponding vrf */
5140 bgpevpn_link_to_l3vni(vpn);
5141
5142 QOBJ_REG(vpn, bgpevpn);
5143 return vpn;
5144 }
5145
5146 /*
5147 * Free a given VPN - called in multiple scenarios such as zebra
5148 * notification, configuration being deleted, advertise-all-vni disabled etc.
5149 * This just frees appropriate memory, caller should have taken other
5150 * needed actions.
5151 */
5152 void bgp_evpn_free(struct bgp *bgp, struct bgpevpn *vpn)
5153 {
5154 bgpevpn_unlink_from_l3vni(vpn);
5155 bgp_table_unlock(vpn->route_table);
5156 bgp_evpn_unmap_vni_from_its_rts(bgp, vpn);
5157 list_delete(&vpn->import_rtl);
5158 list_delete(&vpn->export_rtl);
5159 bf_release_index(bm->rd_idspace, vpn->rd_id);
5160 hash_release(bgp->vnihash, vpn);
5161 QOBJ_UNREG(vpn);
5162 XFREE(MTYPE_BGP_EVPN, vpn);
5163 }
5164
5165 /*
5166 * Lookup local ES.
5167 */
5168 struct evpnes *bgp_evpn_lookup_es(struct bgp *bgp, esi_t *esi)
5169 {
5170 struct evpnes *es;
5171 struct evpnes tmp;
5172
5173 memset(&tmp, 0, sizeof(struct evpnes));
5174 memcpy(&tmp.esi, esi, sizeof(esi_t));
5175 es = hash_lookup(bgp->esihash, &tmp);
5176 return es;
5177 }
5178
5179 /*
5180 * Create a new local es - invoked upon zebra notification.
5181 */
5182 struct evpnes *bgp_evpn_es_new(struct bgp *bgp,
5183 esi_t *esi,
5184 struct ipaddr *originator_ip)
5185 {
5186 char buf[100];
5187 struct evpnes *es;
5188
5189 if (!bgp)
5190 return NULL;
5191
5192 es = XCALLOC(MTYPE_BGP_EVPN_ES, sizeof(struct evpnes));
5193 if (!es)
5194 return NULL;
5195
5196 /* set the ESI and originator_ip */
5197 memcpy(&es->esi, esi, sizeof(esi_t));
5198 memcpy(&es->originator_ip, originator_ip, sizeof(struct ipaddr));
5199
5200 /* Initialise the VTEP list */
5201 es->vtep_list = list_new();
5202 es->vtep_list->cmp = evpn_vtep_ip_cmp;
5203
5204 /* auto derive RD for this es */
5205 bf_assign_index(bm->rd_idspace, es->rd_id);
5206 es->prd.family = AF_UNSPEC;
5207 es->prd.prefixlen = 64;
5208 sprintf(buf, "%s:%hu", inet_ntoa(bgp->router_id), es->rd_id);
5209 (void)str2prefix_rd(buf, &es->prd);
5210
5211 /* Initialize the ES route table */
5212 es->route_table = bgp_table_init(bgp, AFI_L2VPN, SAFI_EVPN);
5213
5214 /* Add to hash */
5215 if (!hash_get(bgp->esihash, es, hash_alloc_intern)) {
5216 XFREE(MTYPE_BGP_EVPN_ES, es);
5217 return NULL;
5218 }
5219
5220 QOBJ_REG(es, evpnes);
5221 return es;
5222 }
5223
5224 /*
5225 * Free a given ES -
5226 * This just frees appropriate memory, caller should have taken other
5227 * needed actions.
5228 */
5229 void bgp_evpn_es_free(struct bgp *bgp, struct evpnes *es)
5230 {
5231 list_delete(&es->vtep_list);
5232 bgp_table_unlock(es->route_table);
5233 bf_release_index(bm->rd_idspace, es->rd_id);
5234 hash_release(bgp->esihash, es);
5235 QOBJ_UNREG(es);
5236 XFREE(MTYPE_BGP_EVPN_ES, es);
5237 }
5238
5239 /*
5240 * Import evpn route from global table to VNI/VRF/ESI.
5241 */
5242 int bgp_evpn_import_route(struct bgp *bgp, afi_t afi, safi_t safi,
5243 struct prefix *p, struct bgp_path_info *pi)
5244 {
5245 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 1);
5246 }
5247
5248 /*
5249 * Unimport evpn route from VNI/VRF/ESI.
5250 */
5251 int bgp_evpn_unimport_route(struct bgp *bgp, afi_t afi, safi_t safi,
5252 struct prefix *p, struct bgp_path_info *pi)
5253 {
5254 return install_uninstall_evpn_route(bgp, afi, safi, p, pi, 0);
5255 }
5256
5257 /* filter routes which have martian next hops */
5258 int bgp_filter_evpn_routes_upon_martian_nh_change(struct bgp *bgp)
5259 {
5260 afi_t afi;
5261 safi_t safi;
5262 struct bgp_node *rd_rn, *rn;
5263 struct bgp_table *table;
5264 struct bgp_path_info *pi;
5265
5266 afi = AFI_L2VPN;
5267 safi = SAFI_EVPN;
5268
5269 /* Walk entire global routing table and evaluate routes which could be
5270 * imported into this VPN. Note that we cannot just look at the routes
5271 * for the VNI's RD -
5272 * remote routes applicable for this VNI could have any RD.
5273 */
5274 /* EVPN routes are a 2-level table. */
5275 for (rd_rn = bgp_table_top(bgp->rib[afi][safi]); rd_rn;
5276 rd_rn = bgp_route_next(rd_rn)) {
5277 table = bgp_node_get_bgp_table_info(rd_rn);
5278 if (!table)
5279 continue;
5280
5281 for (rn = bgp_table_top(table); rn; rn = bgp_route_next(rn)) {
5282
5283 for (pi = bgp_node_get_bgp_path_info(rn); pi;
5284 pi = pi->next) {
5285
5286 /* Consider "valid" remote routes applicable for
5287 * this VNI. */
5288 if (!(pi->type == ZEBRA_ROUTE_BGP
5289 && pi->sub_type == BGP_ROUTE_NORMAL))
5290 continue;
5291
5292 if (bgp_nexthop_self(bgp, pi->attr->nexthop)) {
5293
5294 char attr_str[BUFSIZ];
5295 char pbuf[PREFIX_STRLEN];
5296
5297 bgp_dump_attr(pi->attr, attr_str,
5298 BUFSIZ);
5299
5300 if (bgp_debug_update(pi->peer, &rn->p,
5301 NULL, 1))
5302 zlog_debug(
5303 "%u: prefix %s with attr %s - DENIED due to martian or self nexthop",
5304 bgp->vrf_id,
5305 prefix2str(
5306 &rn->p, pbuf,
5307 sizeof(pbuf)),
5308 attr_str);
5309
5310 bgp_evpn_unimport_route(bgp, afi, safi,
5311 &rn->p, pi);
5312
5313 bgp_rib_remove(rn, pi, pi->peer, afi,
5314 safi);
5315 }
5316 }
5317 }
5318 }
5319
5320 return 0;
5321 }
5322
5323 /*
5324 * Handle del of a local MACIP.
5325 */
5326 int bgp_evpn_local_macip_del(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5327 struct ipaddr *ip)
5328 {
5329 struct bgpevpn *vpn;
5330 struct prefix_evpn p;
5331
5332 /* Lookup VNI hash - should exist. */
5333 vpn = bgp_evpn_lookup_vni(bgp, vni);
5334 if (!vpn || !is_vni_live(vpn)) {
5335 flog_warn(EC_BGP_EVPN_VPN_VNI,
5336 "%u: VNI hash entry for VNI %u %s at MACIP DEL",
5337 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5338 return -1;
5339 }
5340
5341 /* Remove EVPN type-2 route and schedule for processing. */
5342 build_evpn_type2_prefix(&p, mac, ip);
5343 delete_evpn_route(bgp, vpn, &p);
5344
5345 return 0;
5346 }
5347
5348 /*
5349 * Handle add of a local MACIP.
5350 */
5351 int bgp_evpn_local_macip_add(struct bgp *bgp, vni_t vni, struct ethaddr *mac,
5352 struct ipaddr *ip, uint8_t flags, uint32_t seq)
5353 {
5354 struct bgpevpn *vpn;
5355 struct prefix_evpn p;
5356
5357 /* Lookup VNI hash - should exist. */
5358 vpn = bgp_evpn_lookup_vni(bgp, vni);
5359 if (!vpn || !is_vni_live(vpn)) {
5360 flog_warn(EC_BGP_EVPN_VPN_VNI,
5361 "%u: VNI hash entry for VNI %u %s at MACIP ADD",
5362 bgp->vrf_id, vni, vpn ? "not live" : "not found");
5363 return -1;
5364 }
5365
5366 /* Create EVPN type-2 route and schedule for processing. */
5367 build_evpn_type2_prefix(&p, mac, ip);
5368 if (update_evpn_route(bgp, vpn, &p, flags, seq)) {
5369 char buf[ETHER_ADDR_STRLEN];
5370 char buf2[INET6_ADDRSTRLEN];
5371
5372 flog_err(
5373 EC_BGP_EVPN_ROUTE_CREATE,
5374 "%u:Failed to create Type-2 route, VNI %u %s MAC %s IP %s (flags: 0x%x)",
5375 bgp->vrf_id, vpn->vni,
5376 CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY)
5377 ? "sticky gateway"
5378 : "",
5379 prefix_mac2str(mac, buf, sizeof(buf)),
5380 ipaddr2str(ip, buf2, sizeof(buf2)), flags);
5381 return -1;
5382 }
5383
5384 return 0;
5385 }
5386
5387 static void link_l2vni_hash_to_l3vni(struct hash_backet *backet,
5388 struct bgp *bgp_vrf)
5389 {
5390 struct bgpevpn *vpn = (struct bgpevpn *)backet->data;
5391 struct bgp *bgp_def = NULL;
5392
5393 bgp_def = bgp_get_default();
5394 assert(bgp_def);
5395
5396 if (vpn->tenant_vrf_id == bgp_vrf->vrf_id)
5397 bgpevpn_link_to_l3vni(vpn);
5398 }
5399
5400 int bgp_evpn_local_l3vni_add(vni_t l3vni, vrf_id_t vrf_id, struct ethaddr *rmac,
5401 struct in_addr originator_ip, int filter)
5402 {
5403 struct bgp *bgp_vrf = NULL; /* bgp VRF instance */
5404 struct bgp *bgp_def = NULL; /* default bgp instance */
5405 struct listnode *node = NULL;
5406 struct bgpevpn *vpn = NULL;
5407 as_t as = 0;
5408
5409 /* get the default instance - required to get the AS number for VRF
5410 * auto-creatio
5411 */
5412 bgp_def = bgp_get_default();
5413 if (!bgp_def) {
5414 flog_err(
5415 EC_BGP_NO_DFLT,
5416 "Cannot process L3VNI %u ADD - default BGP instance not yet created",
5417 l3vni);
5418 return -1;
5419 }
5420 as = bgp_def->as;
5421
5422 /* if the BGP vrf instance doesn't exist - create one */
5423 bgp_vrf = bgp_lookup_by_name(vrf_id_to_name(vrf_id));
5424 if (!bgp_vrf) {
5425
5426 int ret = 0;
5427
5428 ret = bgp_get(&bgp_vrf, &as, vrf_id_to_name(vrf_id),
5429 BGP_INSTANCE_TYPE_VRF);
5430 switch (ret) {
5431 case BGP_ERR_MULTIPLE_INSTANCE_NOT_SET:
5432 flog_err(EC_BGP_MULTI_INSTANCE,
5433 "'bgp multiple-instance' not present\n");
5434 return -1;
5435 case BGP_ERR_AS_MISMATCH:
5436 flog_err(EC_BGP_EVPN_AS_MISMATCH,
5437 "BGP is already running; AS is %u\n", as);
5438 return -1;
5439 case BGP_ERR_INSTANCE_MISMATCH:
5440 flog_err(EC_BGP_EVPN_INSTANCE_MISMATCH,
5441 "BGP instance name and AS number mismatch\n");
5442 return -1;
5443 }
5444
5445 /* mark as auto created */
5446 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO);
5447 }
5448
5449 /* associate with l3vni */
5450 bgp_vrf->l3vni = l3vni;
5451
5452 /* set the router mac - to be used in mac-ip routes for this vrf */
5453 memcpy(&bgp_vrf->rmac, rmac, sizeof(struct ethaddr));
5454
5455 /* set the originator ip */
5456 bgp_vrf->originator_ip = originator_ip;
5457
5458 /* set the right filter - are we using l3vni only for prefix routes? */
5459 if (filter)
5460 SET_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY);
5461
5462 /* Map auto derive or configured RTs */
5463 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5464 evpn_auto_rt_import_add_for_vrf(bgp_vrf);
5465 else
5466 bgp_evpn_map_vrf_to_its_rts(bgp_vrf);
5467
5468 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD))
5469 evpn_auto_rt_export_add_for_vrf(bgp_vrf);
5470
5471 /* auto derive RD */
5472 bgp_evpn_derive_auto_rd_for_vrf(bgp_vrf);
5473
5474 /* link all corresponding l2vnis */
5475 hash_iterate(bgp_def->vnihash,
5476 (void (*)(struct hash_backet *,
5477 void *))link_l2vni_hash_to_l3vni,
5478 bgp_vrf);
5479
5480 /* Only update all corresponding type-2 routes if we are advertising two
5481 * labels along with type-2 routes
5482 */
5483 if (!filter)
5484 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn))
5485 update_routes_for_vni(bgp_def, vpn);
5486
5487 /* advertise type-5 routes if needed */
5488 update_advertise_vrf_routes(bgp_vrf);
5489
5490 /* install all remote routes belonging to this l3vni into correspondng
5491 * vrf */
5492 install_routes_for_vrf(bgp_vrf);
5493
5494 return 0;
5495 }
5496
5497 int bgp_evpn_local_l3vni_del(vni_t l3vni, vrf_id_t vrf_id)
5498 {
5499 struct bgp *bgp_vrf = NULL; /* bgp vrf instance */
5500 struct bgp *bgp_def = NULL; /* default bgp instance */
5501 struct listnode *node = NULL;
5502 struct listnode *next = NULL;
5503 struct bgpevpn *vpn = NULL;
5504
5505 bgp_vrf = bgp_lookup_by_vrf_id(vrf_id);
5506 if (!bgp_vrf) {
5507 flog_err(
5508 EC_BGP_NO_DFLT,
5509 "Cannot process L3VNI %u Del - Could not find BGP instance",
5510 l3vni);
5511 return -1;
5512 }
5513
5514 bgp_def = bgp_get_default();
5515 if (!bgp_def) {
5516 flog_err(
5517 EC_BGP_NO_DFLT,
5518 "Cannot process L3VNI %u Del - Could not find default BGP instance",
5519 l3vni);
5520 return -1;
5521 }
5522
5523 /* Remove remote routes from BGT VRF even if BGP_VRF_AUTO is configured,
5524 * bgp_delete would not remove/decrement bgp_path_info of the ip_prefix
5525 * routes. This will uninstalling the routes from zebra and decremnt the
5526 * bgp info count.
5527 */
5528 uninstall_routes_for_vrf(bgp_vrf);
5529
5530 /* delete/withdraw all type-5 routes */
5531 delete_withdraw_vrf_routes(bgp_vrf);
5532
5533 /* remove the l3vni from vrf instance */
5534 bgp_vrf->l3vni = 0;
5535
5536 /* remove the Rmac from the BGP vrf */
5537 memset(&bgp_vrf->rmac, 0, sizeof(struct ethaddr));
5538
5539 /* remove default import RT or Unmap non-default import RT */
5540 if (!list_isempty(bgp_vrf->vrf_import_rtl)) {
5541 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
5542 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_IMPORT_RT_CFGD))
5543 list_delete_all_node(bgp_vrf->vrf_import_rtl);
5544 }
5545
5546 /* remove default export RT */
5547 if (!list_isempty(bgp_vrf->vrf_export_rtl) &&
5548 !CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_EXPORT_RT_CFGD)) {
5549 list_delete_all_node(bgp_vrf->vrf_export_rtl);
5550 }
5551
5552 /* update all corresponding local mac-ip routes */
5553 if (!CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_L3VNI_PREFIX_ROUTES_ONLY)) {
5554 for (ALL_LIST_ELEMENTS_RO(bgp_vrf->l2vnis, node, vpn)) {
5555 UNSET_FLAG(vpn->flags, VNI_FLAG_USE_TWO_LABELS);
5556 update_routes_for_vni(bgp_def, vpn);
5557 }
5558 }
5559
5560 /* If any L2VNIs point to this instance, unlink them. */
5561 for (ALL_LIST_ELEMENTS(bgp_vrf->l2vnis, node, next, vpn))
5562 bgpevpn_unlink_from_l3vni(vpn);
5563
5564 /* Delete the instance if it was autocreated */
5565 if (CHECK_FLAG(bgp_vrf->vrf_flags, BGP_VRF_AUTO))
5566 bgp_delete(bgp_vrf);
5567
5568 return 0;
5569 }
5570
5571 /*
5572 * Handle del of a local VNI.
5573 */
5574 int bgp_evpn_local_vni_del(struct bgp *bgp, vni_t vni)
5575 {
5576 struct bgpevpn *vpn;
5577
5578 /* Locate VNI hash */
5579 vpn = bgp_evpn_lookup_vni(bgp, vni);
5580 if (!vpn) {
5581 if (bgp_debug_zebra(NULL))
5582 flog_warn(
5583 EC_BGP_EVPN_VPN_VNI,
5584 "%u: VNI hash entry for VNI %u not found at DEL",
5585 bgp->vrf_id, vni);
5586 return 0;
5587 }
5588
5589 /* Remove all local EVPN routes and schedule for processing (to
5590 * withdraw from peers).
5591 */
5592 delete_routes_for_vni(bgp, vpn);
5593
5594 /*
5595 * tunnel is no longer active, del tunnel ip address from tip_hash
5596 */
5597 bgp_tip_del(bgp, &vpn->originator_ip);
5598
5599 /* Clear "live" flag and see if hash needs to be freed. */
5600 UNSET_FLAG(vpn->flags, VNI_FLAG_LIVE);
5601 if (!is_vni_configured(vpn))
5602 bgp_evpn_free(bgp, vpn);
5603
5604 return 0;
5605 }
5606
5607 /*
5608 * Handle add (or update) of a local VNI. The VNI changes we care
5609 * about are for the local-tunnel-ip and the (tenant) VRF.
5610 */
5611 int bgp_evpn_local_vni_add(struct bgp *bgp, vni_t vni,
5612 struct in_addr originator_ip, vrf_id_t tenant_vrf_id)
5613 {
5614 struct bgpevpn *vpn;
5615 struct prefix_evpn p;
5616
5617 /* Lookup VNI. If present and no change, exit. */
5618 vpn = bgp_evpn_lookup_vni(bgp, vni);
5619 if (vpn) {
5620
5621 if (is_vni_live(vpn)
5622 && IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip)
5623 && vpn->tenant_vrf_id == tenant_vrf_id)
5624 /* Probably some other param has changed that we don't
5625 * care about. */
5626 return 0;
5627
5628 /* Update tenant_vrf_id if it has changed. */
5629 if (vpn->tenant_vrf_id != tenant_vrf_id) {
5630 bgpevpn_unlink_from_l3vni(vpn);
5631 vpn->tenant_vrf_id = tenant_vrf_id;
5632 bgpevpn_link_to_l3vni(vpn);
5633 }
5634
5635 /* If tunnel endpoint IP has changed, update (and delete prior
5636 * type-3 route, if needed.)
5637 */
5638 if (!IPV4_ADDR_SAME(&vpn->originator_ip, &originator_ip))
5639 handle_tunnel_ip_change(bgp, vpn, originator_ip);
5640
5641 /* Update all routes with new endpoint IP and/or export RT
5642 * for VRFs
5643 */
5644 if (is_vni_live(vpn))
5645 update_routes_for_vni(bgp, vpn);
5646 }
5647
5648 /* Create or update as appropriate. */
5649 if (!vpn) {
5650 vpn = bgp_evpn_new(bgp, vni, originator_ip, tenant_vrf_id);
5651 if (!vpn) {
5652 flog_err(
5653 EC_BGP_VNI,
5654 "%u: Failed to allocate VNI entry for VNI %u - at Add",
5655 bgp->vrf_id, vni);
5656 return -1;
5657 }
5658 }
5659
5660 /* if the VNI is live already, there is nothing more to do */
5661 if (is_vni_live(vpn))
5662 return 0;
5663
5664 /* Mark as "live" */
5665 SET_FLAG(vpn->flags, VNI_FLAG_LIVE);
5666
5667 /* tunnel is now active, add tunnel-ip to db */
5668 bgp_tip_add(bgp, &originator_ip);
5669
5670 /* filter routes as nexthop database has changed */
5671 bgp_filter_evpn_routes_upon_martian_nh_change(bgp);
5672
5673 /*
5674 * Create EVPN type-3 route and schedule for processing.
5675 *
5676 * RT-3 only if doing head-end replication
5677 */
5678 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL) {
5679 build_evpn_type3_prefix(&p, vpn->originator_ip);
5680 if (update_evpn_route(bgp, vpn, &p, 0, 0)) {
5681 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
5682 "%u: Type3 route creation failure for VNI %u",
5683 bgp->vrf_id, vni);
5684 return -1;
5685 }
5686 }
5687
5688 /* If we have learnt and retained remote routes (VTEPs, MACs) for this
5689 * VNI,
5690 * install them.
5691 */
5692 install_routes_for_vni(bgp, vpn);
5693
5694 /* If we are advertising gateway mac-ip
5695 It needs to be conveyed again to zebra */
5696 bgp_zebra_advertise_gw_macip(bgp, vpn->advertise_gw_macip, vpn->vni);
5697
5698 return 0;
5699 }
5700
5701 /*
5702 * bgp_evpn_local_es_del
5703 */
5704 int bgp_evpn_local_es_del(struct bgp *bgp,
5705 esi_t *esi,
5706 struct ipaddr *originator_ip)
5707 {
5708 char buf[ESI_STR_LEN];
5709 struct evpnes *es = NULL;
5710
5711 if (!bgp->esihash) {
5712 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
5713 bgp->vrf_id);
5714 return -1;
5715 }
5716
5717 /* Lookup ESI hash - should exist. */
5718 es = bgp_evpn_lookup_es(bgp, esi);
5719 if (!es) {
5720 flog_warn(EC_BGP_EVPN_ESI,
5721 "%u: ESI hash entry for ESI %s at Local ES DEL",
5722 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
5723 return -1;
5724 }
5725
5726 /* Delete all local EVPN ES routes from ESI table
5727 * and schedule for processing (to withdraw from peers))
5728 */
5729 delete_routes_for_es(bgp, es);
5730
5731 /* free the hash entry */
5732 bgp_evpn_es_free(bgp, es);
5733
5734 return 0;
5735 }
5736
5737 /*
5738 * bgp_evpn_local_es_add
5739 */
5740 int bgp_evpn_local_es_add(struct bgp *bgp,
5741 esi_t *esi,
5742 struct ipaddr *originator_ip)
5743 {
5744 char buf[ESI_STR_LEN];
5745 struct evpnes *es = NULL;
5746 struct prefix_evpn p;
5747
5748 if (!bgp->esihash) {
5749 flog_err(EC_BGP_ES_CREATE, "%u: ESI hash not yet created",
5750 bgp->vrf_id);
5751 return -1;
5752 }
5753
5754 /* create the new es */
5755 es = bgp_evpn_lookup_es(bgp, esi);
5756 if (!es) {
5757 es = bgp_evpn_es_new(bgp, esi, originator_ip);
5758 if (!es) {
5759 flog_err(
5760 EC_BGP_ES_CREATE,
5761 "%u: Failed to allocate ES entry for ESI %s - at Local ES Add",
5762 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
5763 return -1;
5764 }
5765 }
5766 UNSET_FLAG(es->flags, EVPNES_REMOTE);
5767 SET_FLAG(es->flags, EVPNES_LOCAL);
5768
5769 build_evpn_type4_prefix(&p, esi, originator_ip->ipaddr_v4);
5770 if (update_evpn_type4_route(bgp, es, &p)) {
5771 flog_err(EC_BGP_EVPN_ROUTE_CREATE,
5772 "%u: Type4 route creation failure for ESI %s",
5773 bgp->vrf_id, esi_to_str(esi, buf, sizeof(buf)));
5774 return -1;
5775 }
5776
5777 /* import all remote ES routes in th ES table */
5778 install_routes_for_es(bgp, es);
5779
5780 return 0;
5781 }
5782
5783 /*
5784 * Handle change in setting for BUM handling. The supported values
5785 * are head-end replication and dropping all BUM packets. Any change
5786 * should be registered with zebra. Also, if doing head-end replication,
5787 * need to advertise local VNIs as EVPN RT-3 wheras, if BUM packets are
5788 * to be dropped, the RT-3s must be withdrawn.
5789 */
5790 void bgp_evpn_flood_control_change(struct bgp *bgp)
5791 {
5792 zlog_info("L2VPN EVPN BUM handling is %s",
5793 bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL ?
5794 "Flooding" : "Flooding Disabled");
5795
5796 bgp_zebra_vxlan_flood_control(bgp, bgp->vxlan_flood_ctrl);
5797 if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_HEAD_END_REPL)
5798 hash_iterate(bgp->vnihash, create_advertise_type3, bgp);
5799 else if (bgp->vxlan_flood_ctrl == VXLAN_FLOOD_DISABLED)
5800 hash_iterate(bgp->vnihash, delete_withdraw_type3, bgp);
5801 }
5802
5803 /*
5804 * Cleanup EVPN information on disable - Need to delete and withdraw
5805 * EVPN routes from peers.
5806 */
5807 void bgp_evpn_cleanup_on_disable(struct bgp *bgp)
5808 {
5809 hash_iterate(bgp->vnihash, (void (*)(struct hash_backet *,
5810 void *))cleanup_vni_on_disable,
5811 bgp);
5812 }
5813
5814 /*
5815 * Cleanup EVPN information - invoked at the time of bgpd exit or when the
5816 * BGP instance (default) is being freed.
5817 */
5818 void bgp_evpn_cleanup(struct bgp *bgp)
5819 {
5820 hash_iterate(bgp->vnihash,
5821 (void (*)(struct hash_backet *, void *))free_vni_entry,
5822 bgp);
5823
5824 hash_free(bgp->import_rt_hash);
5825 bgp->import_rt_hash = NULL;
5826
5827 hash_free(bgp->vrf_import_rt_hash);
5828 bgp->vrf_import_rt_hash = NULL;
5829
5830 hash_free(bgp->vnihash);
5831 bgp->vnihash = NULL;
5832 if (bgp->esihash)
5833 hash_free(bgp->esihash);
5834 bgp->esihash = NULL;
5835
5836 list_delete(&bgp->vrf_import_rtl);
5837 list_delete(&bgp->vrf_export_rtl);
5838 list_delete(&bgp->l2vnis);
5839 }
5840
5841 /*
5842 * Initialization for EVPN
5843 * Create
5844 * VNI hash table
5845 * hash for RT to VNI
5846 */
5847 void bgp_evpn_init(struct bgp *bgp)
5848 {
5849 bgp->vnihash =
5850 hash_create(vni_hash_key_make, vni_hash_cmp, "BGP VNI Hash");
5851 bgp->esihash =
5852 hash_create(esi_hash_keymake, esi_cmp,
5853 "BGP EVPN Local ESI Hash");
5854 bgp->import_rt_hash =
5855 hash_create(import_rt_hash_key_make, import_rt_hash_cmp,
5856 "BGP Import RT Hash");
5857 bgp->vrf_import_rt_hash =
5858 hash_create(vrf_import_rt_hash_key_make, vrf_import_rt_hash_cmp,
5859 "BGP VRF Import RT Hash");
5860 bgp->vrf_import_rtl = list_new();
5861 bgp->vrf_import_rtl->cmp =
5862 (int (*)(void *, void *))evpn_route_target_cmp;
5863 bgp->vrf_import_rtl->del = evpn_xxport_delete_ecomm;
5864 bgp->vrf_export_rtl = list_new();
5865 bgp->vrf_export_rtl->cmp =
5866 (int (*)(void *, void *))evpn_route_target_cmp;
5867 bgp->vrf_export_rtl->del = evpn_xxport_delete_ecomm;
5868 bgp->l2vnis = list_new();
5869 bgp->l2vnis->cmp = vni_list_cmp;
5870 /* By default Duplicate Address Dection is enabled.
5871 * Max-moves (N) 5, detection time (M) 180
5872 * default action is warning-only
5873 * freeze action permanently freezes address,
5874 * and freeze time (auto-recovery) is disabled.
5875 */
5876 if (bgp->evpn_info) {
5877 bgp->evpn_info->dup_addr_detect = true;
5878 bgp->evpn_info->dad_time = EVPN_DAD_DEFAULT_TIME;
5879 bgp->evpn_info->dad_max_moves = EVPN_DAD_DEFAULT_MAX_MOVES;
5880 bgp->evpn_info->dad_freeze = false;
5881 bgp->evpn_info->dad_freeze_time = 0;
5882 /* Initialize zebra vxlan */
5883 bgp_zebra_dup_addr_detection(bgp);
5884 }
5885
5886 /* Default BUM handling is to do head-end replication. */
5887 bgp->vxlan_flood_ctrl = VXLAN_FLOOD_HEAD_END_REPL;
5888 }
5889
5890 void bgp_evpn_vrf_delete(struct bgp *bgp_vrf)
5891 {
5892 bgp_evpn_unmap_vrf_from_its_rts(bgp_vrf);
5893 }
FRRouting mirror