proxmox-mirrors/mirror_frr
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_frr synced 2025-08-13 21:10:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

bgpd: Refine check for which routes can be exported into VPN

Browse Source 
A non-imported route or a non-VPN imported route is a candidate to be
exported into the VPN routing table for leaking to other BGP instances
or advertisement into BGP/MPLS VPN. The former is a local or learnt
IPv4 or IPv6 route. The latter is an IPv4 or IPv6 route that is based
on a received EVPN type-2 or type-5 route.

Implement a function to specify if a route can be exported into VPN
and use in the appropriate places.

Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by:   Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
Reviewed-by:   Donald Sharp <sharpd@cumulusnetworks.com>
This commit is contained in:
vivek 2019-02-28 08:30:51 +00:00
parent 7452e879c3
commit 12d6100c52
2 changed files with 32 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bgpd/bgp_mplsvpn.c
View File

@ -683,11 +683,10 @@ void vpn_leak_from_vrf_update(struct bgp *bgp_vpn, /* to */
return;
}
/* loop check - should not be an imported route. */
if (path_vrf->extra && path_vrf->extra->bgp_orig)
/* Is this route exportable into the VPN table? */
if (!is_route_injectable_into_vpn(path_vrf))
return;
if (!vpn_leak_to_vpn_active(bgp_vrf, afi, &debugmsg)) {
if (debug)
zlog_debug("%s: %s skipping: %s", __func__,
@ -912,6 +911,10 @@ void vpn_leak_from_vrf_withdraw(struct bgp *bgp_vpn, /* to */
return;
}
/* Is this route exportable into the VPN table? */
if (!is_route_injectable_into_vpn(path_vrf))
return;
if (!vpn_leak_to_vpn_active(bgp_vrf, afi, &debugmsg)) {
if (debug)
zlog_debug("%s: skipping: %s", __func__, debugmsg);

26
bgpd/bgp_mplsvpn.h
View File

@ -226,6 +226,32 @@ static inline void vpn_leak_postchange(vpn_policy_direction_t direction,
}
}
/* Flag if the route is injectable into VPN. This would be either a
* non-imported route or a non-VPN imported route.
*/
static inline bool is_route_injectable_into_vpn(struct bgp_path_info *pi)
{
struct bgp_path_info *parent_pi;
struct bgp_table *table;
struct bgp_node *rn;
if (pi->sub_type != BGP_ROUTE_IMPORTED ||
!pi->extra ||
!pi->extra->parent)
return true;
parent_pi = (struct bgp_path_info *)pi->extra->parent;
rn = parent_pi->net;
if (!rn)
return true;
table = bgp_node_table(rn);
if (table &&
(table->afi == AFI_IP || table->afi == AFI_IP6) &&
table->safi == SAFI_MPLS_VPN)
return false;
return true;
}
extern void vpn_policy_routemap_event(const char *rmap_name);
extern vrf_id_t get_first_vrf_for_redirect_with_rt(struct ecommunity *eckey);