1 /*
2 * Zebra EVPN for VxLAN code
3 * Copyright (C) 2016, 2017 Cumulus Networks, Inc.
4 *
5 * This file is part of FRR.
6 *
7 * FRR is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * FRR is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with FRR; see the file COPYING. If not, write to the Free
19 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
20 * 02111-1307, USA.
21 */
22 #include <zebra.h>
23
24 #include "hash.h"
25 #include "if.h"
26 #include "jhash.h"
27 #include "linklist.h"
28 #include "log.h"
29 #include "memory.h"
30 #include "prefix.h"
31 #include "stream.h"
32 #include "table.h"
33 #include "vlan.h"
34 #include "vxlan.h"
35 #ifdef GNU_LINUX
36 #include <linux/neighbour.h>
37 #endif
38
39 #include "zebra/zebra_router.h"
40 #include "zebra/debug.h"
41 #include "zebra/interface.h"
42 #include "zebra/rib.h"
43 #include "zebra/rt.h"
44 #include "zebra/rt_netlink.h"
45 #include "zebra/zebra_errors.h"
46 #include "zebra/zebra_l2.h"
47 #include "zebra/zebra_memory.h"
48 #include "zebra/zebra_ns.h"
49 #include "zebra/zebra_vrf.h"
50 #include "zebra/zebra_vxlan.h"
51 #include "zebra/zebra_evpn.h"
52 #include "zebra/zebra_evpn_mac.h"
53 #include "zebra/zebra_evpn_neigh.h"
54 #include "zebra/zebra_vxlan_private.h"
55 #include "zebra/zebra_evpn_mh.h"
56 #include "zebra/zebra_evpn_vxlan.h"
57 #include "zebra/zebra_router.h"
58
59 DEFINE_MTYPE_STATIC(ZEBRA, ZEVPN, "VNI hash");
60 DEFINE_MTYPE_STATIC(ZEBRA, ZEVPN_VTEP, "VNI remote VTEP");
61
62 /* PMSI strings. */
63 #define VXLAN_FLOOD_STR_NO_INFO "-"
64 #define VXLAN_FLOOD_STR_DEFAULT VXLAN_FLOOD_STR_NO_INFO
65 static const struct message zvtep_flood_str[] = {
66 {VXLAN_FLOOD_DISABLED, VXLAN_FLOOD_STR_NO_INFO},
67 {VXLAN_FLOOD_PIM_SM, "PIM-SM"},
68 {VXLAN_FLOOD_HEAD_END_REPL, "HER"},
69 {0}
70 };
71
advertise_gw_macip_enabled(zebra_evpn_t * zevpn)72 int advertise_gw_macip_enabled(zebra_evpn_t *zevpn)
73 {
74 struct zebra_vrf *zvrf;
75
76 zvrf = zebra_vrf_get_evpn();
77 if (zvrf && zvrf->advertise_gw_macip)
78 return 1;
79
80 if (zevpn && zevpn->advertise_gw_macip)
81 return 1;
82
83 return 0;
84 }
85
advertise_svi_macip_enabled(zebra_evpn_t * zevpn)86 int advertise_svi_macip_enabled(zebra_evpn_t *zevpn)
87 {
88 struct zebra_vrf *zvrf;
89
90 zvrf = zebra_vrf_get_evpn();
91 if (zvrf && zvrf->advertise_svi_macip)
92 return 1;
93
94 if (zevpn && zevpn->advertise_svi_macip)
95 return 1;
96
97 return 0;
98 }
99
100 /*
101 * Print a specific EVPN entry.
102 */
zebra_evpn_print(zebra_evpn_t * zevpn,void ** ctxt)103 void zebra_evpn_print(zebra_evpn_t *zevpn, void **ctxt)
104 {
105 struct vty *vty;
106 zebra_vtep_t *zvtep;
107 uint32_t num_macs;
108 uint32_t num_neigh;
109 json_object *json = NULL;
110 json_object *json_vtep_list = NULL;
111 json_object *json_ip_str = NULL;
112
113 vty = ctxt[0];
114 json = ctxt[1];
115
116 if (json == NULL) {
117 vty_out(vty, "VNI: %u\n", zevpn->vni);
118 vty_out(vty, " Type: %s\n", "L2");
119 vty_out(vty, " Tenant VRF: %s\n", vrf_id_to_name(zevpn->vrf_id));
120 } else {
121 json_object_int_add(json, "vni", zevpn->vni);
122 json_object_string_add(json, "type", "L2");
123 json_object_string_add(json, "vrf",
124 vrf_id_to_name(zevpn->vrf_id));
125 }
126
127 if (!zevpn->vxlan_if) { // unexpected
128 if (json == NULL)
129 vty_out(vty, " VxLAN interface: unknown\n");
130 return;
131 }
132 num_macs = num_valid_macs(zevpn);
133 num_neigh = hashcount(zevpn->neigh_table);
134 if (json == NULL) {
135 vty_out(vty, " VxLAN interface: %s\n", zevpn->vxlan_if->name);
136 vty_out(vty, " VxLAN ifIndex: %u\n", zevpn->vxlan_if->ifindex);
137 vty_out(vty, " Local VTEP IP: %s\n",
138 inet_ntoa(zevpn->local_vtep_ip));
139 vty_out(vty, " Mcast group: %s\n",
140 inet_ntoa(zevpn->mcast_grp));
141 } else {
142 json_object_string_add(json, "vxlanInterface",
143 zevpn->vxlan_if->name);
144 json_object_int_add(json, "ifindex", zevpn->vxlan_if->ifindex);
145 json_object_string_add(json, "vtepIp",
146 inet_ntoa(zevpn->local_vtep_ip));
147 json_object_string_add(json, "mcastGroup",
148 inet_ntoa(zevpn->mcast_grp));
149 json_object_string_add(json, "advertiseGatewayMacip",
150 zevpn->advertise_gw_macip ? "Yes" : "No");
151 json_object_int_add(json, "numMacs", num_macs);
152 json_object_int_add(json, "numArpNd", num_neigh);
153 }
154 if (!zevpn->vteps) {
155 if (json == NULL)
156 vty_out(vty, " No remote VTEPs known for this VNI\n");
157 } else {
158 if (json == NULL)
159 vty_out(vty, " Remote VTEPs for this VNI:\n");
160 else
161 json_vtep_list = json_object_new_array();
162 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
163 const char *flood_str = lookup_msg(zvtep_flood_str,
164 zvtep->flood_control,
165 VXLAN_FLOOD_STR_DEFAULT);
166
167 if (json == NULL) {
168 vty_out(vty, " %s flood: %s\n",
169 inet_ntoa(zvtep->vtep_ip),
170 flood_str);
171 } else {
172 json_ip_str = json_object_new_string(
173 inet_ntoa(zvtep->vtep_ip));
174 json_object_array_add(json_vtep_list,
175 json_ip_str);
176 }
177 }
178 if (json)
179 json_object_object_add(json, "numRemoteVteps",
180 json_vtep_list);
181 }
182 if (json == NULL) {
183 vty_out(vty,
184 " Number of MACs (local and remote) known for this VNI: %u\n",
185 num_macs);
186 vty_out(vty,
187 " Number of ARPs (IPv4 and IPv6, local and remote) "
188 "known for this VNI: %u\n",
189 num_neigh);
190 vty_out(vty, " Advertise-gw-macip: %s\n",
191 zevpn->advertise_gw_macip ? "Yes" : "No");
192 }
193 }
194
195 /*
196 * Print an EVPN hash entry - called for display of all VNIs.
197 */
zebra_evpn_print_hash(struct hash_bucket * bucket,void * ctxt[])198 void zebra_evpn_print_hash(struct hash_bucket *bucket, void *ctxt[])
199 {
200 struct vty *vty;
201 zebra_evpn_t *zevpn;
202 zebra_vtep_t *zvtep;
203 uint32_t num_vteps = 0;
204 uint32_t num_macs = 0;
205 uint32_t num_neigh = 0;
206 json_object *json = NULL;
207 json_object *json_evpn = NULL;
208 json_object *json_ip_str = NULL;
209 json_object *json_vtep_list = NULL;
210
211 vty = ctxt[0];
212 json = ctxt[1];
213
214 zevpn = (zebra_evpn_t *)bucket->data;
215
216 zvtep = zevpn->vteps;
217 while (zvtep) {
218 num_vteps++;
219 zvtep = zvtep->next;
220 }
221
222 num_macs = num_valid_macs(zevpn);
223 num_neigh = hashcount(zevpn->neigh_table);
224 if (json == NULL)
225 vty_out(vty, "%-10u %-4s %-21s %-8u %-8u %-15u %-37s\n",
226 zevpn->vni, "L2",
227 zevpn->vxlan_if ? zevpn->vxlan_if->name : "unknown",
228 num_macs, num_neigh, num_vteps,
229 vrf_id_to_name(zevpn->vrf_id));
230 else {
231 char vni_str[VNI_STR_LEN];
232 snprintf(vni_str, VNI_STR_LEN, "%u", zevpn->vni);
233 json_evpn = json_object_new_object();
234 json_object_int_add(json_evpn, "vni", zevpn->vni);
235 json_object_string_add(json_evpn, "type", "L2");
236 json_object_string_add(json_evpn, "vxlanIf",
237 zevpn->vxlan_if ? zevpn->vxlan_if->name
238 : "unknown");
239 json_object_int_add(json_evpn, "numMacs", num_macs);
240 json_object_int_add(json_evpn, "numArpNd", num_neigh);
241 json_object_int_add(json_evpn, "numRemoteVteps", num_vteps);
242 json_object_string_add(json_evpn, "tenantVrf",
243 vrf_id_to_name(zevpn->vrf_id));
244 if (num_vteps) {
245 json_vtep_list = json_object_new_array();
246 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
247 json_ip_str = json_object_new_string(
248 inet_ntoa(zvtep->vtep_ip));
249 json_object_array_add(json_vtep_list,
250 json_ip_str);
251 }
252 json_object_object_add(json_evpn, "remoteVteps",
253 json_vtep_list);
254 }
255 json_object_object_add(json, vni_str, json_evpn);
256 }
257 }
258
259 /*
260 * Print an EVPN hash entry in detail - called for display of all EVPNs.
261 */
zebra_evpn_print_hash_detail(struct hash_bucket * bucket,void * data)262 void zebra_evpn_print_hash_detail(struct hash_bucket *bucket, void *data)
263 {
264 struct vty *vty;
265 zebra_evpn_t *zevpn;
266 json_object *json_array = NULL;
267 bool use_json = false;
268 struct zebra_evpn_show *zes = data;
269
270 vty = zes->vty;
271 json_array = zes->json;
272 use_json = zes->use_json;
273
274 zevpn = (zebra_evpn_t *)bucket->data;
275
276 zebra_vxlan_print_vni(vty, zes->zvrf, zevpn->vni, use_json, json_array);
277
278 if (!use_json)
279 vty_out(vty, "\n");
280 }
281
zebra_evpn_del_macip_for_intf(struct interface * ifp,zebra_evpn_t * zevpn)282 int zebra_evpn_del_macip_for_intf(struct interface *ifp, zebra_evpn_t *zevpn)
283 {
284 struct listnode *cnode = NULL, *cnnode = NULL;
285 struct connected *c = NULL;
286 struct ethaddr macaddr;
287
288 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
289
290 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
291 struct ipaddr ip;
292
293 memset(&ip, 0, sizeof(struct ipaddr));
294 if (!CHECK_FLAG(c->conf, ZEBRA_IFC_REAL))
295 continue;
296
297 if (c->address->family == AF_INET) {
298 ip.ipa_type = IPADDR_V4;
299 memcpy(&(ip.ipaddr_v4), &(c->address->u.prefix4),
300 sizeof(struct in_addr));
301 } else if (c->address->family == AF_INET6) {
302 ip.ipa_type = IPADDR_V6;
303 memcpy(&(ip.ipaddr_v6), &(c->address->u.prefix6),
304 sizeof(struct in6_addr));
305 } else {
306 continue;
307 }
308
309 zebra_evpn_gw_macip_del(ifp, zevpn, &ip);
310 }
311
312 return 0;
313 }
314
zebra_evpn_add_macip_for_intf(struct interface * ifp,zebra_evpn_t * zevpn)315 int zebra_evpn_add_macip_for_intf(struct interface *ifp, zebra_evpn_t *zevpn)
316 {
317 struct listnode *cnode = NULL, *cnnode = NULL;
318 struct connected *c = NULL;
319 struct ethaddr macaddr;
320
321 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
322
323 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
324 struct ipaddr ip;
325
326 memset(&ip, 0, sizeof(struct ipaddr));
327 if (!CHECK_FLAG(c->conf, ZEBRA_IFC_REAL))
328 continue;
329
330 if (c->address->family == AF_INET) {
331 ip.ipa_type = IPADDR_V4;
332 memcpy(&(ip.ipaddr_v4), &(c->address->u.prefix4),
333 sizeof(struct in_addr));
334 } else if (c->address->family == AF_INET6) {
335 ip.ipa_type = IPADDR_V6;
336 memcpy(&(ip.ipaddr_v6), &(c->address->u.prefix6),
337 sizeof(struct in6_addr));
338 } else {
339 continue;
340 }
341
342 zebra_evpn_gw_macip_add(ifp, zevpn, &macaddr, &ip);
343 }
344 return 0;
345 }
346
ip_prefix_send_to_client(vrf_id_t vrf_id,struct prefix * p,uint16_t cmd)347 static int ip_prefix_send_to_client(vrf_id_t vrf_id, struct prefix *p,
348 uint16_t cmd)
349 {
350 struct zserv *client = NULL;
351 struct stream *s = NULL;
352 char buf[PREFIX_STRLEN];
353
354 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
355 /* BGP may not be running. */
356 if (!client)
357 return 0;
358
359 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
360
361 zclient_create_header(s, cmd, vrf_id);
362 stream_put(s, p, sizeof(struct prefix));
363
364 /* Write packet size. */
365 stream_putw_at(s, 0, stream_get_endp(s));
366
367 if (IS_ZEBRA_DEBUG_VXLAN)
368 zlog_debug("Send ip prefix %s %s on vrf %s",
369 prefix2str(p, buf, sizeof(buf)),
370 (cmd == ZEBRA_IP_PREFIX_ROUTE_ADD) ? "ADD" : "DEL",
371 vrf_id_to_name(vrf_id));
372
373 if (cmd == ZEBRA_IP_PREFIX_ROUTE_ADD)
374 client->prefixadd_cnt++;
375 else
376 client->prefixdel_cnt++;
377
378 return zserv_send_message(client, s);
379 }
380
zebra_evpn_advertise_subnet(zebra_evpn_t * zevpn,struct interface * ifp,int advertise)381 int zebra_evpn_advertise_subnet(zebra_evpn_t *zevpn, struct interface *ifp,
382 int advertise)
383 {
384 struct listnode *cnode = NULL, *cnnode = NULL;
385 struct connected *c = NULL;
386 struct ethaddr macaddr;
387
388 memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
389
390 for (ALL_LIST_ELEMENTS(ifp->connected, cnode, cnnode, c)) {
391 struct prefix p;
392
393 memcpy(&p, c->address, sizeof(struct prefix));
394
395 /* skip link local address */
396 if (IN6_IS_ADDR_LINKLOCAL(&p.u.prefix6))
397 continue;
398
399 apply_mask(&p);
400 if (advertise)
401 ip_prefix_send_to_client(ifp->vrf_id, &p,
402 ZEBRA_IP_PREFIX_ROUTE_ADD);
403 else
404 ip_prefix_send_to_client(ifp->vrf_id, &p,
405 ZEBRA_IP_PREFIX_ROUTE_DEL);
406 }
407 return 0;
408 }
409
410 /*
411 * zebra_evpn_gw_macip_add_to_client
412 */
zebra_evpn_gw_macip_add(struct interface * ifp,zebra_evpn_t * zevpn,struct ethaddr * macaddr,struct ipaddr * ip)413 int zebra_evpn_gw_macip_add(struct interface *ifp, zebra_evpn_t *zevpn,
414 struct ethaddr *macaddr, struct ipaddr *ip)
415 {
416 zebra_mac_t *mac = NULL;
417 struct zebra_if *zif = NULL;
418 struct zebra_l2info_vxlan *vxl = NULL;
419
420 zif = zevpn->vxlan_if->info;
421 if (!zif)
422 return -1;
423
424 vxl = &zif->l2info.vxl;
425
426 if (zebra_evpn_mac_gw_macip_add(ifp, zevpn, ip, &mac, macaddr,
427 vxl->access_vlan)
428 != 0)
429 return -1;
430
431 return zebra_evpn_neigh_gw_macip_add(ifp, zevpn, ip, mac);
432 }
433
434 /*
435 * zebra_evpn_gw_macip_del_from_client
436 */
zebra_evpn_gw_macip_del(struct interface * ifp,zebra_evpn_t * zevpn,struct ipaddr * ip)437 int zebra_evpn_gw_macip_del(struct interface *ifp, zebra_evpn_t *zevpn,
438 struct ipaddr *ip)
439 {
440 char buf1[ETHER_ADDR_STRLEN];
441 char buf2[INET6_ADDRSTRLEN];
442 zebra_neigh_t *n = NULL;
443 zebra_mac_t *mac = NULL;
444
445 /* If the neigh entry is not present nothing to do*/
446 n = zebra_evpn_neigh_lookup(zevpn, ip);
447 if (!n)
448 return 0;
449
450 /* mac entry should be present */
451 mac = zebra_evpn_mac_lookup(zevpn, &n->emac);
452 if (!mac) {
453 if (IS_ZEBRA_DEBUG_VXLAN)
454 zlog_debug("MAC %s doesn't exist for neigh %s on VNI %u",
455 prefix_mac2str(&n->emac,
456 buf1, sizeof(buf1)),
457 ipaddr2str(ip, buf2, sizeof(buf2)),
458 zevpn->vni);
459 return -1;
460 }
461
462 /* If the entry is not local nothing to do*/
463 if (!CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL))
464 return -1;
465
466 /* only need to delete the entry from bgp if we sent it before */
467 if (IS_ZEBRA_DEBUG_VXLAN)
468 zlog_debug(
469 "%u:SVI %s(%u) VNI %u, sending GW MAC %s IP %s del to BGP",
470 ifp->vrf_id, ifp->name, ifp->ifindex, zevpn->vni,
471 prefix_mac2str(&(n->emac), buf1, sizeof(buf1)),
472 ipaddr2str(ip, buf2, sizeof(buf2)));
473
474 /* Remove neighbor from BGP. */
475 zebra_evpn_neigh_send_del_to_client(zevpn->vni, &n->ip, &n->emac,
476 n->flags, ZEBRA_NEIGH_ACTIVE,
477 false /*force*/);
478
479 /* Delete this neighbor entry. */
480 zebra_evpn_neigh_del(zevpn, n);
481
482 /* see if the mac needs to be deleted as well*/
483 if (mac)
484 zebra_evpn_deref_ip2mac(zevpn, mac);
485
486 return 0;
487 }
488
zebra_evpn_gw_macip_del_for_evpn_hash(struct hash_bucket * bucket,void * ctxt)489 void zebra_evpn_gw_macip_del_for_evpn_hash(struct hash_bucket *bucket,
490 void *ctxt)
491 {
492 zebra_evpn_t *zevpn = NULL;
493 struct zebra_if *zif = NULL;
494 struct zebra_l2info_vxlan zl2_info;
495 struct interface *vlan_if = NULL;
496 struct interface *vrr_if = NULL;
497 struct interface *ifp;
498
499 /* Add primary SVI MAC*/
500 zevpn = (zebra_evpn_t *)bucket->data;
501
502 /* Global (Zvrf) advertise-default-gw is disabled,
503 * but zevpn advertise-default-gw is enabled
504 */
505 if (zevpn->advertise_gw_macip) {
506 if (IS_ZEBRA_DEBUG_VXLAN)
507 zlog_debug("VNI: %u GW-MACIP enabled, retain gw-macip",
508 zevpn->vni);
509 return;
510 }
511
512 ifp = zevpn->vxlan_if;
513 if (!ifp)
514 return;
515 zif = ifp->info;
516
517 /* If down or not mapped to a bridge, we're done. */
518 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
519 return;
520
521 zl2_info = zif->l2info.vxl;
522
523 vlan_if =
524 zvni_map_to_svi(zl2_info.access_vlan, zif->brslave_info.br_if);
525 if (!vlan_if)
526 return;
527
528 /* Del primary MAC-IP */
529 zebra_evpn_del_macip_for_intf(vlan_if, zevpn);
530
531 /* Del VRR MAC-IP - if any*/
532 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
533 if (vrr_if)
534 zebra_evpn_del_macip_for_intf(vrr_if, zevpn);
535
536 return;
537 }
538
zebra_evpn_gw_macip_add_for_evpn_hash(struct hash_bucket * bucket,void * ctxt)539 void zebra_evpn_gw_macip_add_for_evpn_hash(struct hash_bucket *bucket,
540 void *ctxt)
541 {
542 zebra_evpn_t *zevpn = NULL;
543 struct zebra_if *zif = NULL;
544 struct zebra_l2info_vxlan zl2_info;
545 struct interface *vlan_if = NULL;
546 struct interface *vrr_if = NULL;
547 struct interface *ifp = NULL;
548
549 zevpn = (zebra_evpn_t *)bucket->data;
550
551 ifp = zevpn->vxlan_if;
552 if (!ifp)
553 return;
554 zif = ifp->info;
555
556 /* If down or not mapped to a bridge, we're done. */
557 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
558 return;
559 zl2_info = zif->l2info.vxl;
560
561 vlan_if =
562 zvni_map_to_svi(zl2_info.access_vlan, zif->brslave_info.br_if);
563 if (!vlan_if)
564 return;
565
566 /* Add primary SVI MAC-IP */
567 zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
568
569 if (advertise_gw_macip_enabled(zevpn)) {
570 /* Add VRR MAC-IP - if any*/
571 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
572 if (vrr_if)
573 zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
574 }
575
576 return;
577 }
578
zebra_evpn_svi_macip_del_for_evpn_hash(struct hash_bucket * bucket,void * ctxt)579 void zebra_evpn_svi_macip_del_for_evpn_hash(struct hash_bucket *bucket,
580 void *ctxt)
581 {
582 zebra_evpn_t *zevpn = NULL;
583 struct zebra_if *zif = NULL;
584 struct zebra_l2info_vxlan zl2_info;
585 struct interface *vlan_if = NULL;
586 struct interface *ifp;
587
588 /* Add primary SVI MAC*/
589 zevpn = (zebra_evpn_t *)bucket->data;
590 if (!zevpn)
591 return;
592
593 /* Global(vrf) advertise-svi-ip disabled, but zevpn advertise-svi-ip
594 * enabled
595 */
596 if (zevpn->advertise_svi_macip) {
597 if (IS_ZEBRA_DEBUG_VXLAN)
598 zlog_debug("VNI: %u SVI-MACIP enabled, retain svi-macip",
599 zevpn->vni);
600 return;
601 }
602
603 ifp = zevpn->vxlan_if;
604 if (!ifp)
605 return;
606 zif = ifp->info;
607
608 /* If down or not mapped to a bridge, we're done. */
609 if (!if_is_operative(ifp) || !zif->brslave_info.br_if)
610 return;
611
612 zl2_info = zif->l2info.vxl;
613
614 vlan_if =
615 zvni_map_to_svi(zl2_info.access_vlan, zif->brslave_info.br_if);
616 if (!vlan_if)
617 return;
618
619 /* Del primary MAC-IP */
620 zebra_evpn_del_macip_for_intf(vlan_if, zevpn);
621
622 return;
623 }
624
zebra_evpn_map_vlan_ns(struct ns * ns,void * _in_param,void ** _p_zevpn)625 static int zebra_evpn_map_vlan_ns(struct ns *ns,
626 void *_in_param,
627 void **_p_zevpn)
628 {
629 struct zebra_ns *zns = ns->info;
630 struct route_node *rn;
631 struct interface *br_if;
632 zebra_evpn_t **p_zevpn = (zebra_evpn_t **)_p_zevpn;
633 zebra_evpn_t *zevpn;
634 struct interface *tmp_if = NULL;
635 struct zebra_if *zif;
636 struct zebra_l2info_vxlan *vxl = NULL;
637 struct zebra_from_svi_param *in_param =
638 (struct zebra_from_svi_param *)_in_param;
639 int found = 0;
640
641 if (!in_param)
642 return NS_WALK_STOP;
643 br_if = in_param->br_if;
644 zif = in_param->zif;
645 assert(zif);
646 assert(br_if);
647
648 /* See if this interface (or interface plus VLAN Id) maps to a VxLAN */
649 /* TODO: Optimize with a hash. */
650 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
651 tmp_if = (struct interface *)rn->info;
652 if (!tmp_if)
653 continue;
654 zif = tmp_if->info;
655 if (!zif || zif->zif_type != ZEBRA_IF_VXLAN)
656 continue;
657 if (!if_is_operative(tmp_if))
658 continue;
659 vxl = &zif->l2info.vxl;
660
661 if (zif->brslave_info.br_if != br_if)
662 continue;
663
664 if (!in_param->bridge_vlan_aware
665 || vxl->access_vlan == in_param->vid) {
666 found = 1;
667 break;
668 }
669 }
670 if (!found)
671 return NS_WALK_CONTINUE;
672
673 zevpn = zebra_evpn_lookup(vxl->vni);
674 if (p_zevpn)
675 *p_zevpn = zevpn;
676 return NS_WALK_STOP;
677 }
678
679 /*
680 * Map port or (port, VLAN) to an EVPN. This is invoked upon getting MAC
681 * notifications, to see if they are of interest.
682 */
zebra_evpn_map_vlan(struct interface * ifp,struct interface * br_if,vlanid_t vid)683 zebra_evpn_t *zebra_evpn_map_vlan(struct interface *ifp,
684 struct interface *br_if, vlanid_t vid)
685 {
686 struct zebra_if *zif;
687 struct zebra_l2info_bridge *br;
688 zebra_evpn_t **p_zevpn;
689 zebra_evpn_t *zevpn = NULL;
690 struct zebra_from_svi_param in_param;
691
692 /* Determine if bridge is VLAN-aware or not */
693 zif = br_if->info;
694 assert(zif);
695 br = &zif->l2info.br;
696 in_param.bridge_vlan_aware = br->vlan_aware;
697 in_param.vid = vid;
698 in_param.br_if = br_if;
699 in_param.zif = zif;
700 p_zevpn = &zevpn;
701
702 ns_walk_func(zebra_evpn_map_vlan_ns,
703 (void *)&in_param,
704 (void **)p_zevpn);
705 return zevpn;
706 }
707
zebra_evpn_from_svi_ns(struct ns * ns,void * _in_param,void ** _p_zevpn)708 static int zebra_evpn_from_svi_ns(struct ns *ns,
709 void *_in_param,
710 void **_p_zevpn)
711 {
712 struct zebra_ns *zns = ns->info;
713 struct route_node *rn;
714 struct interface *br_if;
715 zebra_evpn_t **p_zevpn = (zebra_evpn_t **)_p_zevpn;
716 zebra_evpn_t *zevpn;
717 struct interface *tmp_if = NULL;
718 struct zebra_if *zif;
719 struct zebra_l2info_vxlan *vxl = NULL;
720 struct zebra_from_svi_param *in_param =
721 (struct zebra_from_svi_param *)_in_param;
722 int found = 0;
723
724 if (!in_param)
725 return NS_WALK_STOP;
726 br_if = in_param->br_if;
727 zif = in_param->zif;
728 assert(zif);
729
730 /* TODO: Optimize with a hash. */
731 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
732 tmp_if = (struct interface *)rn->info;
733 if (!tmp_if)
734 continue;
735 zif = tmp_if->info;
736 if (!zif || zif->zif_type != ZEBRA_IF_VXLAN)
737 continue;
738 if (!if_is_operative(tmp_if))
739 continue;
740 vxl = &zif->l2info.vxl;
741
742 if (zif->brslave_info.br_if != br_if)
743 continue;
744
745 if (!in_param->bridge_vlan_aware
746 || vxl->access_vlan == in_param->vid) {
747 found = 1;
748 break;
749 }
750 }
751
752 if (!found)
753 return NS_WALK_CONTINUE;
754
755 zevpn = zebra_evpn_lookup(vxl->vni);
756 if (p_zevpn)
757 *p_zevpn = zevpn;
758 return NS_WALK_STOP;
759 }
760
761 /*
762 * Map SVI and associated bridge to an EVPN. This is invoked upon getting
763 * neighbor notifications, to see if they are of interest.
764 */
zebra_evpn_from_svi(struct interface * ifp,struct interface * br_if)765 zebra_evpn_t *zebra_evpn_from_svi(struct interface *ifp,
766 struct interface *br_if)
767 {
768 struct zebra_l2info_bridge *br;
769 zebra_evpn_t *zevpn = NULL;
770 zebra_evpn_t **p_zevpn;
771 struct zebra_if *zif;
772 struct zebra_from_svi_param in_param;
773
774 if (!br_if)
775 return NULL;
776
777 /* Make sure the linked interface is a bridge. */
778 if (!IS_ZEBRA_IF_BRIDGE(br_if))
779 return NULL;
780
781 /* Determine if bridge is VLAN-aware or not */
782 zif = br_if->info;
783 assert(zif);
784 br = &zif->l2info.br;
785 in_param.bridge_vlan_aware = br->vlan_aware;
786 in_param.vid = 0;
787
788 if (in_param.bridge_vlan_aware) {
789 struct zebra_l2info_vlan *vl;
790
791 if (!IS_ZEBRA_IF_VLAN(ifp))
792 return NULL;
793
794 zif = ifp->info;
795 assert(zif);
796 vl = &zif->l2info.vl;
797 in_param.vid = vl->vid;
798 }
799
800 in_param.br_if = br_if;
801 in_param.zif = zif;
802 p_zevpn = &zevpn;
803 /* See if this interface (or interface plus VLAN Id) maps to a VxLAN */
804 ns_walk_func(zebra_evpn_from_svi_ns, (void *)&in_param,
805 (void **)p_zevpn);
806 return zevpn;
807 }
808
zvni_map_to_macvlan_ns(struct ns * ns,void * _in_param,void ** _p_ifp)809 static int zvni_map_to_macvlan_ns(struct ns *ns,
810 void *_in_param,
811 void **_p_ifp)
812 {
813 struct zebra_ns *zns = ns->info;
814 struct zebra_from_svi_param *in_param =
815 (struct zebra_from_svi_param *)_in_param;
816 struct interface **p_ifp = (struct interface **)_p_ifp;
817 struct route_node *rn;
818 struct interface *tmp_if = NULL;
819 struct zebra_if *zif;
820
821 if (!in_param)
822 return NS_WALK_STOP;
823
824 /* Identify corresponding VLAN interface. */
825 for (rn = route_top(zns->if_table); rn; rn = route_next(rn)) {
826 tmp_if = (struct interface *)rn->info;
827 /* Check oper status of the SVI. */
828 if (!tmp_if || !if_is_operative(tmp_if))
829 continue;
830 zif = tmp_if->info;
831
832 if (!zif || zif->zif_type != ZEBRA_IF_MACVLAN)
833 continue;
834
835 if (zif->link == in_param->svi_if) {
836 if (p_ifp)
837 *p_ifp = tmp_if;
838 return NS_WALK_STOP;
839 }
840 }
841
842 return NS_WALK_CONTINUE;
843 }
844
845 /* Map to MAC-VLAN interface corresponding to specified SVI interface.
846 */
zebra_evpn_map_to_macvlan(struct interface * br_if,struct interface * svi_if)847 struct interface *zebra_evpn_map_to_macvlan(struct interface *br_if,
848 struct interface *svi_if)
849 {
850 struct interface *tmp_if = NULL;
851 struct zebra_if *zif;
852 struct interface **p_ifp;
853 struct zebra_from_svi_param in_param;
854
855 /* Defensive check, caller expected to invoke only with valid bridge. */
856 if (!br_if)
857 return NULL;
858
859 if (!svi_if) {
860 zlog_debug("svi_if is not passed.");
861 return NULL;
862 }
863
864 /* Determine if bridge is VLAN-aware or not */
865 zif = br_if->info;
866 assert(zif);
867
868 in_param.vid = 0;
869 in_param.br_if = br_if;
870 in_param.zif = NULL;
871 in_param.svi_if = svi_if;
872 p_ifp = &tmp_if;
873
874 /* Identify corresponding VLAN interface. */
875 ns_walk_func(zvni_map_to_macvlan_ns,
876 (void *)&in_param,
877 (void **)p_ifp);
878 return tmp_if;
879 }
880
881 /*
882 * Install MAC hash entry - called upon access VLAN change.
883 */
zebra_evpn_install_mac_hash(struct hash_bucket * bucket,void * ctxt)884 void zebra_evpn_install_mac_hash(struct hash_bucket *bucket, void *ctxt)
885 {
886 zebra_mac_t *mac;
887 struct mac_walk_ctx *wctx = ctxt;
888
889 mac = (zebra_mac_t *)bucket->data;
890
891 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE))
892 zebra_evpn_rem_mac_install(wctx->zevpn, mac, false);
893 }
894
895 /*
896 * Read and populate local MACs and neighbors corresponding to this EVPN.
897 */
zebra_evpn_read_mac_neigh(zebra_evpn_t * zevpn,struct interface * ifp)898 void zebra_evpn_read_mac_neigh(zebra_evpn_t *zevpn, struct interface *ifp)
899 {
900 struct zebra_ns *zns;
901 struct zebra_vrf *zvrf;
902 struct zebra_if *zif;
903 struct interface *vlan_if;
904 struct zebra_l2info_vxlan *vxl;
905 struct interface *vrr_if;
906
907 zif = ifp->info;
908 vxl = &zif->l2info.vxl;
909 zvrf = zebra_vrf_lookup_by_id(zevpn->vrf_id);
910 if (!zvrf || !zvrf->zns)
911 return;
912 zns = zvrf->zns;
913
914 if (IS_ZEBRA_DEBUG_VXLAN)
915 zlog_debug(
916 "Reading MAC FDB and Neighbors for intf %s(%u) VNI %u master %u",
917 ifp->name, ifp->ifindex, zevpn->vni,
918 zif->brslave_info.bridge_ifindex);
919
920 macfdb_read_for_bridge(zns, ifp, zif->brslave_info.br_if);
921 vlan_if = zvni_map_to_svi(vxl->access_vlan, zif->brslave_info.br_if);
922 if (vlan_if) {
923
924 /* Add SVI MAC-IP */
925 zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
926
927 /* Add VRR MAC-IP - if any*/
928 vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
929 if (vrr_if)
930 zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
931
932 neigh_read_for_vlan(zns, vlan_if);
933 }
934 }
935
936 /*
937 * Hash function for EVPN.
938 */
zebra_evpn_hash_keymake(const void * p)939 unsigned int zebra_evpn_hash_keymake(const void *p)
940 {
941 const zebra_evpn_t *zevpn = p;
942
943 return (jhash_1word(zevpn->vni, 0));
944 }
945
946 /*
947 * Compare 2 evpn hash entries.
948 */
zebra_evpn_hash_cmp(const void * p1,const void * p2)949 bool zebra_evpn_hash_cmp(const void *p1, const void *p2)
950 {
951 const zebra_evpn_t *zevpn1 = p1;
952 const zebra_evpn_t *zevpn2 = p2;
953
954 return (zevpn1->vni == zevpn2->vni);
955 }
956
zebra_evpn_list_cmp(void * p1,void * p2)957 int zebra_evpn_list_cmp(void *p1, void *p2)
958 {
959 const zebra_evpn_t *zevpn1 = p1;
960 const zebra_evpn_t *zevpn2 = p2;
961
962 if (zevpn1->vni == zevpn2->vni)
963 return 0;
964 return (zevpn1->vni < zevpn2->vni) ? -1 : 1;
965 }
966
967 /*
968 * Callback to allocate VNI hash entry.
969 */
zebra_evpn_alloc(void * p)970 void *zebra_evpn_alloc(void *p)
971 {
972 const zebra_evpn_t *tmp_vni = p;
973 zebra_evpn_t *zevpn;
974
975 zevpn = XCALLOC(MTYPE_ZEVPN, sizeof(zebra_evpn_t));
976 zevpn->vni = tmp_vni->vni;
977 return ((void *)zevpn);
978 }
979
980 /*
981 * Look up EVPN hash entry.
982 */
zebra_evpn_lookup(vni_t vni)983 zebra_evpn_t *zebra_evpn_lookup(vni_t vni)
984 {
985 struct zebra_vrf *zvrf;
986 zebra_evpn_t tmp_vni;
987 zebra_evpn_t *zevpn = NULL;
988
989 zvrf = zebra_vrf_get_evpn();
990 assert(zvrf);
991 memset(&tmp_vni, 0, sizeof(zebra_evpn_t));
992 tmp_vni.vni = vni;
993 zevpn = hash_lookup(zvrf->evpn_table, &tmp_vni);
994
995 return zevpn;
996 }
997
998 /*
999 * Add EVPN hash entry.
1000 */
zebra_evpn_add(vni_t vni)1001 zebra_evpn_t *zebra_evpn_add(vni_t vni)
1002 {
1003 struct zebra_vrf *zvrf;
1004 zebra_evpn_t tmp_zevpn;
1005 zebra_evpn_t *zevpn = NULL;
1006
1007 zvrf = zebra_vrf_get_evpn();
1008 assert(zvrf);
1009 memset(&tmp_zevpn, 0, sizeof(zebra_evpn_t));
1010 tmp_zevpn.vni = vni;
1011 zevpn = hash_get(zvrf->evpn_table, &tmp_zevpn, zebra_evpn_alloc);
1012 assert(zevpn);
1013
1014 zebra_evpn_evpn_es_init(zevpn);
1015
1016 /* Create hash table for MAC */
1017 zevpn->mac_table = zebra_mac_db_create("Zebra EVPN MAC Table");
1018
1019 /* Create hash table for neighbors */
1020 zevpn->neigh_table = zebra_neigh_db_create("Zebra EVPN Neighbor Table");
1021
1022 return zevpn;
1023 }
1024
1025 /*
1026 * Delete EVPN hash entry.
1027 */
zebra_evpn_del(zebra_evpn_t * zevpn)1028 int zebra_evpn_del(zebra_evpn_t *zevpn)
1029 {
1030 struct zebra_vrf *zvrf;
1031 zebra_evpn_t *tmp_zevpn;
1032
1033 zvrf = zebra_vrf_get_evpn();
1034 assert(zvrf);
1035
1036 /* Free the neighbor hash table. */
1037 hash_free(zevpn->neigh_table);
1038 zevpn->neigh_table = NULL;
1039
1040 /* Free the MAC hash table. */
1041 hash_free(zevpn->mac_table);
1042 zevpn->mac_table = NULL;
1043
1044 zebra_evpn_evpn_es_cleanup(zevpn);
1045
1046 /* Free the EVPN hash entry and allocated memory. */
1047 tmp_zevpn = hash_release(zvrf->evpn_table, zevpn);
1048 XFREE(MTYPE_ZEVPN, tmp_zevpn);
1049
1050 return 0;
1051 }
1052
1053 /*
1054 * Inform BGP about local EVPN addition.
1055 */
zebra_evpn_send_add_to_client(zebra_evpn_t * zevpn)1056 int zebra_evpn_send_add_to_client(zebra_evpn_t *zevpn)
1057 {
1058 struct zserv *client;
1059 struct stream *s;
1060 int rc;
1061
1062 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
1063 /* BGP may not be running. */
1064 if (!client)
1065 return 0;
1066
1067 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
1068
1069 zclient_create_header(s, ZEBRA_VNI_ADD, zebra_vrf_get_evpn_id());
1070 stream_putl(s, zevpn->vni);
1071 stream_put_in_addr(s, &zevpn->local_vtep_ip);
1072 stream_put(s, &zevpn->vrf_id, sizeof(vrf_id_t)); /* tenant vrf */
1073 stream_put_in_addr(s, &zevpn->mcast_grp);
1074
1075 /* Write packet size. */
1076 stream_putw_at(s, 0, stream_get_endp(s));
1077
1078 if (IS_ZEBRA_DEBUG_VXLAN)
1079 zlog_debug("Send EVPN_ADD %u %s tenant vrf %s to %s", zevpn->vni,
1080 inet_ntoa(zevpn->local_vtep_ip),
1081 vrf_id_to_name(zevpn->vrf_id),
1082 zebra_route_string(client->proto));
1083
1084 client->vniadd_cnt++;
1085 rc = zserv_send_message(client, s);
1086
1087 if (!(zevpn->flags & ZEVPN_READY_FOR_BGP)) {
1088 zevpn->flags |= ZEVPN_READY_FOR_BGP;
1089 /* once the EVPN is sent the ES-EVIs can also be replayed
1090 * to BGP
1091 */
1092 zebra_evpn_update_all_es(zevpn);
1093 }
1094 return rc;
1095 }
1096
1097 /*
1098 * Inform BGP about local EVPN deletion.
1099 */
zebra_evpn_send_del_to_client(zebra_evpn_t * zevpn)1100 int zebra_evpn_send_del_to_client(zebra_evpn_t *zevpn)
1101 {
1102 struct zserv *client;
1103 struct stream *s;
1104
1105 client = zserv_find_client(ZEBRA_ROUTE_BGP, 0);
1106 /* BGP may not be running. */
1107 if (!client)
1108 return 0;
1109
1110 if (zevpn->flags & ZEVPN_READY_FOR_BGP) {
1111 zevpn->flags &= ~ZEVPN_READY_FOR_BGP;
1112 /* the ES-EVIs must be removed from BGP before the EVPN is */
1113 zebra_evpn_update_all_es(zevpn);
1114 }
1115
1116 s = stream_new(ZEBRA_MAX_PACKET_SIZ);
1117 stream_reset(s);
1118
1119 zclient_create_header(s, ZEBRA_VNI_DEL, zebra_vrf_get_evpn_id());
1120 stream_putl(s, zevpn->vni);
1121
1122 /* Write packet size. */
1123 stream_putw_at(s, 0, stream_get_endp(s));
1124
1125 if (IS_ZEBRA_DEBUG_VXLAN)
1126 zlog_debug("Send EVPN_DEL %u to %s", zevpn->vni,
1127 zebra_route_string(client->proto));
1128
1129 client->vnidel_cnt++;
1130 return zserv_send_message(client, s);
1131 }
1132
1133 /*
1134 * See if remote VTEP matches with prefix.
1135 */
zebra_evpn_vtep_match(struct in_addr * vtep_ip,zebra_vtep_t * zvtep)1136 static int zebra_evpn_vtep_match(struct in_addr *vtep_ip, zebra_vtep_t *zvtep)
1137 {
1138 return (IPV4_ADDR_SAME(vtep_ip, &zvtep->vtep_ip));
1139 }
1140
1141 /*
1142 * Locate remote VTEP in EVPN hash table.
1143 */
zebra_evpn_vtep_find(zebra_evpn_t * zevpn,struct in_addr * vtep_ip)1144 zebra_vtep_t *zebra_evpn_vtep_find(zebra_evpn_t *zevpn, struct in_addr *vtep_ip)
1145 {
1146 zebra_vtep_t *zvtep;
1147
1148 if (!zevpn)
1149 return NULL;
1150
1151 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
1152 if (zebra_evpn_vtep_match(vtep_ip, zvtep))
1153 break;
1154 }
1155
1156 return zvtep;
1157 }
1158
1159 /*
1160 * Add remote VTEP to EVPN hash table.
1161 */
zebra_evpn_vtep_add(zebra_evpn_t * zevpn,struct in_addr * vtep_ip,int flood_control)1162 zebra_vtep_t *zebra_evpn_vtep_add(zebra_evpn_t *zevpn, struct in_addr *vtep_ip,
1163 int flood_control)
1164
1165 {
1166 zebra_vtep_t *zvtep;
1167
1168 zvtep = XCALLOC(MTYPE_ZEVPN_VTEP, sizeof(zebra_vtep_t));
1169
1170 zvtep->vtep_ip = *vtep_ip;
1171 zvtep->flood_control = flood_control;
1172
1173 if (zevpn->vteps)
1174 zevpn->vteps->prev = zvtep;
1175 zvtep->next = zevpn->vteps;
1176 zevpn->vteps = zvtep;
1177
1178 return zvtep;
1179 }
1180
1181 /*
1182 * Remove remote VTEP from EVPN hash table.
1183 */
zebra_evpn_vtep_del(zebra_evpn_t * zevpn,zebra_vtep_t * zvtep)1184 int zebra_evpn_vtep_del(zebra_evpn_t *zevpn, zebra_vtep_t *zvtep)
1185 {
1186 if (zvtep->next)
1187 zvtep->next->prev = zvtep->prev;
1188 if (zvtep->prev)
1189 zvtep->prev->next = zvtep->next;
1190 else
1191 zevpn->vteps = zvtep->next;
1192
1193 zvtep->prev = zvtep->next = NULL;
1194 XFREE(MTYPE_ZEVPN_VTEP, zvtep);
1195
1196 return 0;
1197 }
1198
1199 /*
1200 * Delete all remote VTEPs for this EVPN (upon VNI delete). Also
1201 * uninstall from kernel if asked to.
1202 */
zebra_evpn_vtep_del_all(zebra_evpn_t * zevpn,int uninstall)1203 int zebra_evpn_vtep_del_all(zebra_evpn_t *zevpn, int uninstall)
1204 {
1205 zebra_vtep_t *zvtep, *zvtep_next;
1206
1207 if (!zevpn)
1208 return -1;
1209
1210 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep_next) {
1211 zvtep_next = zvtep->next;
1212 if (uninstall)
1213 zebra_evpn_vtep_uninstall(zevpn, &zvtep->vtep_ip);
1214 zebra_evpn_vtep_del(zevpn, zvtep);
1215 }
1216
1217 return 0;
1218 }
1219
1220 /*
1221 * Install remote VTEP into the kernel if the remote VTEP has asked
1222 * for head-end-replication.
1223 */
zebra_evpn_vtep_install(zebra_evpn_t * zevpn,zebra_vtep_t * zvtep)1224 int zebra_evpn_vtep_install(zebra_evpn_t *zevpn, zebra_vtep_t *zvtep)
1225 {
1226 if (is_vxlan_flooding_head_end() &&
1227 (zvtep->flood_control == VXLAN_FLOOD_HEAD_END_REPL)) {
1228 if (ZEBRA_DPLANE_REQUEST_FAILURE ==
1229 dplane_vtep_add(zevpn->vxlan_if,
1230 &zvtep->vtep_ip, zevpn->vni))
1231 return -1;
1232 }
1233
1234 return 0;
1235 }
1236
1237 /*
1238 * Uninstall remote VTEP from the kernel.
1239 */
zebra_evpn_vtep_uninstall(zebra_evpn_t * zevpn,struct in_addr * vtep_ip)1240 int zebra_evpn_vtep_uninstall(zebra_evpn_t *zevpn, struct in_addr *vtep_ip)
1241 {
1242 if (!zevpn->vxlan_if) {
1243 zlog_debug("VNI %u hash %p couldn't be uninstalled - no intf",
1244 zevpn->vni, zevpn);
1245 return -1;
1246 }
1247
1248 if (ZEBRA_DPLANE_REQUEST_FAILURE ==
1249 dplane_vtep_delete(zevpn->vxlan_if, vtep_ip, zevpn->vni))
1250 return -1;
1251
1252 return 0;
1253 }
1254
1255 /*
1256 * Install or uninstall flood entries in the kernel corresponding to
1257 * remote VTEPs. This is invoked upon change to BUM handling.
1258 */
zebra_evpn_handle_flooding_remote_vteps(struct hash_bucket * bucket,void * zvrf)1259 void zebra_evpn_handle_flooding_remote_vteps(struct hash_bucket *bucket,
1260 void *zvrf)
1261 {
1262 zebra_evpn_t *zevpn;
1263 zebra_vtep_t *zvtep;
1264
1265 zevpn = (zebra_evpn_t *)bucket->data;
1266 if (!zevpn)
1267 return;
1268
1269 for (zvtep = zevpn->vteps; zvtep; zvtep = zvtep->next) {
1270 if (is_vxlan_flooding_head_end())
1271 zebra_evpn_vtep_install(zevpn, zvtep);
1272 else
1273 zebra_evpn_vtep_uninstall(zevpn, &zvtep->vtep_ip);
1274 }
1275 }
1276
1277 /*
1278 * Cleanup EVPN/VTEP and update kernel
1279 */
zebra_evpn_cleanup_all(struct hash_bucket * bucket,void * arg)1280 void zebra_evpn_cleanup_all(struct hash_bucket *bucket, void *arg)
1281 {
1282 zebra_evpn_t *zevpn = NULL;
1283
1284 zevpn = (zebra_evpn_t *)bucket->data;
1285
1286 /* Free up all neighbors and MACs, if any. */
1287 zebra_evpn_neigh_del_all(zevpn, 1, 0, DEL_ALL_NEIGH);
1288 zebra_evpn_mac_del_all(zevpn, 1, 0, DEL_ALL_MAC);
1289
1290 /* Free up all remote VTEPs, if any. */
1291 zebra_evpn_vtep_del_all(zevpn, 1);
1292
1293 /* Delete the hash entry. */
1294 zebra_evpn_del(zevpn);
1295 }
1296
1297 static void
zebra_evpn_process_sync_macip_add(zebra_evpn_t * zevpn,struct ethaddr * macaddr,uint16_t ipa_len,struct ipaddr * ipaddr,uint8_t flags,uint32_t seq,esi_t * esi)1298 zebra_evpn_process_sync_macip_add(zebra_evpn_t *zevpn, struct ethaddr *macaddr,
1299 uint16_t ipa_len, struct ipaddr *ipaddr,
1300 uint8_t flags, uint32_t seq, esi_t *esi)
1301 {
1302 struct sync_mac_ip_ctx ctx;
1303 char macbuf[ETHER_ADDR_STRLEN];
1304 char ipbuf[INET6_ADDRSTRLEN];
1305 bool sticky;
1306 bool remote_gw;
1307 zebra_neigh_t *n = NULL;
1308
1309 sticky = !!CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_STICKY);
1310 remote_gw = !!CHECK_FLAG(flags, ZEBRA_MACIP_TYPE_GW);
1311 /* if sticky or remote-gw ignore updates from the peer */
1312 if (sticky || remote_gw) {
1313 if (IS_ZEBRA_DEBUG_VXLAN || IS_ZEBRA_DEBUG_EVPN_MH_NEIGH
1314 || IS_ZEBRA_DEBUG_EVPN_MH_MAC)
1315 zlog_debug(
1316 "Ignore sync-macip vni %u mac %s%s%s%s%s",
1317 zevpn->vni,
1318 prefix_mac2str(macaddr, macbuf, sizeof(macbuf)),
1319 ipa_len ? " IP " : "",
1320 ipa_len ? ipaddr2str(ipaddr, ipbuf,
1321 sizeof(ipbuf))
1322 : "",
1323 sticky ? " sticky" : "",
1324 remote_gw ? " remote_gw" : "");
1325 return;
1326 }
1327
1328 if (ipa_len) {
1329 n = zebra_evpn_neigh_lookup(zevpn, ipaddr);
1330 if (n
1331 && !zebra_evpn_neigh_is_bgp_seq_ok(zevpn, n, macaddr, seq))
1332 return;
1333 }
1334
1335 memset(&ctx, 0, sizeof(ctx));
1336 ctx.mac = zebra_evpn_proc_sync_mac_update(
1337 zevpn, macaddr, ipa_len, ipaddr, flags, seq, esi, &ctx);
1338 if (ctx.ignore_macip || !ctx.mac || !ipa_len)
1339 return;
1340
1341 zebra_evpn_proc_sync_neigh_update(zevpn, n, ipa_len, ipaddr, flags, seq,
1342 esi, &ctx);
1343 }
1344
1345 /************************** remote mac-ip handling **************************/
1346 /* Process a remote MACIP add from BGP. */
process_remote_macip_add(vni_t vni,struct ethaddr * macaddr,uint16_t ipa_len,struct ipaddr * ipaddr,uint8_t flags,uint32_t seq,struct in_addr vtep_ip,esi_t * esi)1347 void process_remote_macip_add(vni_t vni, struct ethaddr *macaddr,
1348 uint16_t ipa_len, struct ipaddr *ipaddr,
1349 uint8_t flags, uint32_t seq,
1350 struct in_addr vtep_ip, esi_t *esi)
1351 {
1352 zebra_evpn_t *zevpn;
1353 zebra_vtep_t *zvtep;
1354 zebra_mac_t *mac = NULL;
1355 struct interface *ifp = NULL;
1356 struct zebra_if *zif = NULL;
1357 struct zebra_vrf *zvrf;
1358
1359 /* Locate EVPN hash entry - expected to exist. */
1360 zevpn = zebra_evpn_lookup(vni);
1361 if (!zevpn) {
1362 zlog_warn("Unknown VNI %u upon remote MACIP ADD", vni);
1363 return;
1364 }
1365
1366 ifp = zevpn->vxlan_if;
1367 if (ifp)
1368 zif = ifp->info;
1369 if (!ifp || !if_is_operative(ifp) || !zif || !zif->brslave_info.br_if) {
1370 zlog_warn(
1371 "Ignoring remote MACIP ADD VNI %u, invalid interface state or info",
1372 vni);
1373 return;
1374 }
1375
1376 /* Type-2 routes from another PE can be interpreted as remote or
1377 * SYNC based on the destination ES -
1378 * SYNC - if ES is local
1379 * REMOTE - if ES is not local
1380 */
1381 if (flags & ZEBRA_MACIP_TYPE_SYNC_PATH) {
1382 zebra_evpn_process_sync_macip_add(zevpn, macaddr, ipa_len,
1383 ipaddr, flags, seq, esi);
1384 return;
1385 }
1386
1387 /* The remote VTEP specified should normally exist, but it is
1388 * possible that when peering comes up, peer may advertise MACIP
1389 * routes before advertising type-3 routes.
1390 */
1391 if (vtep_ip.s_addr) {
1392 zvtep = zebra_evpn_vtep_find(zevpn, &vtep_ip);
1393 if (!zvtep) {
1394 zvtep = zebra_evpn_vtep_add(zevpn, &vtep_ip,
1395 VXLAN_FLOOD_DISABLED);
1396 if (!zvtep) {
1397 flog_err(
1398 EC_ZEBRA_VTEP_ADD_FAILED,
1399 "Failed to add remote VTEP, VNI %u zevpn %p upon remote MACIP ADD",
1400 vni, zevpn);
1401 return;
1402 }
1403
1404 zebra_evpn_vtep_install(zevpn, zvtep);
1405 }
1406 }
1407
1408 zvrf = zebra_vrf_get_evpn();
1409 if (!zvrf)
1410 return;
1411
1412
1413 if (process_mac_remote_macip_add(zevpn, zvrf, macaddr, ipa_len, ipaddr,
1414 &mac, vtep_ip, flags, seq, esi)
1415 != 0)
1416 return;
1417
1418 process_neigh_remote_macip_add(zevpn, zvrf, ipaddr, mac, vtep_ip, flags,
1419 seq);
1420 }
1421
1422 /* Process a remote MACIP delete from BGP. */
process_remote_macip_del(vni_t vni,struct ethaddr * macaddr,uint16_t ipa_len,struct ipaddr * ipaddr,struct in_addr vtep_ip)1423 void process_remote_macip_del(vni_t vni, struct ethaddr *macaddr,
1424 uint16_t ipa_len, struct ipaddr *ipaddr,
1425 struct in_addr vtep_ip)
1426 {
1427 zebra_evpn_t *zevpn;
1428 zebra_mac_t *mac = NULL;
1429 zebra_neigh_t *n = NULL;
1430 struct interface *ifp = NULL;
1431 struct zebra_if *zif = NULL;
1432 struct zebra_ns *zns;
1433 struct zebra_l2info_vxlan *vxl;
1434 struct zebra_vrf *zvrf;
1435 char buf[ETHER_ADDR_STRLEN];
1436 char buf1[INET6_ADDRSTRLEN];
1437
1438 /* Locate EVPN hash entry - expected to exist. */
1439 zevpn = zebra_evpn_lookup(vni);
1440 if (!zevpn) {
1441 if (IS_ZEBRA_DEBUG_VXLAN)
1442 zlog_debug("Unknown VNI %u upon remote MACIP DEL", vni);
1443 return;
1444 }
1445
1446 ifp = zevpn->vxlan_if;
1447 if (ifp)
1448 zif = ifp->info;
1449 if (!ifp || !if_is_operative(ifp) || !zif || !zif->brslave_info.br_if) {
1450 if (IS_ZEBRA_DEBUG_VXLAN)
1451 zlog_debug(
1452 "Ignoring remote MACIP DEL VNI %u, invalid interface state or info",
1453 vni);
1454 return;
1455 }
1456 zns = zebra_ns_lookup(NS_DEFAULT);
1457 vxl = &zif->l2info.vxl;
1458
1459 mac = zebra_evpn_mac_lookup(zevpn, macaddr);
1460 if (ipa_len)
1461 n = zebra_evpn_neigh_lookup(zevpn, ipaddr);
1462
1463 if (n && !mac) {
1464 zlog_warn(
1465 "Failed to locate MAC %s for neigh %s VNI %u upon remote MACIP DEL",
1466 prefix_mac2str(macaddr, buf, sizeof(buf)),
1467 ipaddr2str(ipaddr, buf1, sizeof(buf1)), vni);
1468 return;
1469 }
1470
1471 /* If the remote mac or neighbor doesn't exist there is nothing
1472 * more to do. Otherwise, uninstall the entry and then remove it.
1473 */
1474 if (!mac && !n)
1475 return;
1476
1477 zvrf = vrf_info_lookup(zevpn->vxlan_if->vrf_id);
1478
1479 /* Ignore the delete if this mac is a gateway mac-ip */
1480 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL)
1481 && CHECK_FLAG(mac->flags, ZEBRA_MAC_DEF_GW)) {
1482 zlog_warn(
1483 "Ignore remote MACIP DEL VNI %u MAC %s%s%s as MAC is already configured as gateway MAC",
1484 vni, prefix_mac2str(macaddr, buf, sizeof(buf)),
1485 ipa_len ? " IP " : "",
1486 ipa_len ? ipaddr2str(ipaddr, buf1, sizeof(buf1)) : "");
1487 return;
1488 }
1489
1490 /* Uninstall remote neighbor or MAC. */
1491 if (n)
1492 zebra_evpn_neigh_remote_uninstall(zevpn, zvrf, n, mac, ipaddr);
1493 else {
1494 /* DAD: when MAC is freeze state as remote learn event,
1495 * remote mac-ip delete event is received will result in freeze
1496 * entry removal, first fetch kernel for the same entry present
1497 * as LOCAL and reachable, avoid deleting this entry instead
1498 * use kerenel local entry to update during unfreeze time.
1499 */
1500 if (zvrf->dad_freeze
1501 && CHECK_FLAG(mac->flags, ZEBRA_MAC_DUPLICATE)
1502 && CHECK_FLAG(mac->flags, ZEBRA_MAC_REMOTE)) {
1503 if (IS_ZEBRA_DEBUG_VXLAN)
1504 zlog_debug(
1505 "%s: MAC %s (flags 0x%x) is remote and duplicate, read kernel for local entry",
1506 __func__,
1507 prefix_mac2str(macaddr, buf,
1508 sizeof(buf)),
1509 mac->flags);
1510 macfdb_read_specific_mac(zns, zif->brslave_info.br_if,
1511 macaddr, vxl->access_vlan);
1512 }
1513
1514 if (CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL)) {
1515 if (!ipa_len)
1516 zebra_evpn_sync_mac_del(mac);
1517 } else if (CHECK_FLAG(mac->flags, ZEBRA_NEIGH_REMOTE)) {
1518 zebra_evpn_rem_mac_del(zevpn, mac);
1519 }
1520 }
1521 }
1522
1523 /************************** EVPN BGP config management ************************/
zebra_evpn_cfg_cleanup(struct hash_bucket * bucket,void * ctxt)1524 void zebra_evpn_cfg_cleanup(struct hash_bucket *bucket, void *ctxt)
1525 {
1526 zebra_evpn_t *zevpn = NULL;
1527
1528 zevpn = (zebra_evpn_t *)bucket->data;
1529 zevpn->advertise_gw_macip = 0;
1530 zevpn->advertise_svi_macip = 0;
1531 zevpn->advertise_subnet = 0;
1532
1533 zebra_evpn_neigh_del_all(zevpn, 1, 0,
1534 DEL_REMOTE_NEIGH | DEL_REMOTE_NEIGH_FROM_VTEP);
1535 zebra_evpn_mac_del_all(zevpn, 1, 0,
1536 DEL_REMOTE_MAC | DEL_REMOTE_MAC_FROM_VTEP);
1537 zebra_evpn_vtep_del_all(zevpn, 1);
1538 }
1539