Merge pull request #7635 from AnuradhaKaruppiah/ead-evi-knobs

bgpd: add config knobs to disable rx and tx of ead-per-evi routes
2026-01-27 20:52:55 +00:00 · 2021-01-26 17:14:57 +00:00 · 2021-01-26 17:14:57 +00:00 · b5a9054d76
commit b5a9054d76
parent ab57fb1280 e2b89b611a
4 changed files with 93 additions and 21 deletions
--- a/bgpd/bgp_evpn_mh.c
+++ b/bgpd/bgp_evpn_mh.c
@ -991,6 +991,10 @@ static void bgp_evpn_local_type1_evi_route_add(struct bgp *bgp,
 	struct prefix_evpn p;
 	struct bgp_evpn_es_evi *es_evi;

+	/* EAD-per-EVI routes have been suppressed */
+	if (!bgp_mh_info->ead_evi_tx)
+		return;
+
 	if (CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI))
 		/* EAD-EVI route add for this ES is already done */
 		return;
@ -2718,14 +2722,20 @@ static void bgp_evpn_es_evi_vtep_re_eval_active(struct bgp *bgp,
 {
 	bool old_active;
 	bool new_active;
+	uint32_t ead_activity_flags;

 	old_active = !!CHECK_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);

-	/* Both EAD-per-ES and EAD-per-EVI routes must be rxed from a PE
-	 * before it can be activated.
-	 */
-	if ((evi_vtep->flags & BGP_EVPN_EVI_VTEP_EAD) ==
-			BGP_EVPN_EVI_VTEP_EAD)
+	if (bgp_mh_info->ead_evi_rx)
+		/* Both EAD-per-ES and EAD-per-EVI routes must be rxed from a PE
+		 * before it can be activated.
+		 */
+		ead_activity_flags = BGP_EVPN_EVI_VTEP_EAD;
+	else
+		/* EAD-per-ES is sufficent to activate the PE */
+		ead_activity_flags = BGP_EVPN_EVI_VTEP_EAD_PER_ES;
+
+	if ((evi_vtep->flags & ead_activity_flags) == ead_activity_flags)
 		SET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);
 	else
 		UNSET_FLAG(evi_vtep->flags, BGP_EVPN_EVI_VTEP_ACTIVE);
@ -3076,9 +3086,9 @@ int bgp_evpn_local_es_evi_add(struct bgp *bgp, esi_t *esi, vni_t vni)
 	bgp_evpn_es_evi_local_info_set(es_evi);

 	/* generate an EAD-EVI for this new VNI */
-	build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG,
-			&es->esi, es->originator_ip);
 	if (CHECK_FLAG(es->flags, BGP_EVPNES_ADV_EVI)) {
+		build_evpn_type1_prefix(&p, BGP_EVPN_AD_EVI_ETH_TAG, &es->esi,
+					es->originator_ip);
 		if (bgp_evpn_type1_route_update(bgp, es, vpn, &p))
 			flog_err(EC_BGP_EVPN_ROUTE_CREATE,
 					"%u: EAD-EVI route creation failure for ESI %s VNI %u",
@ -3718,6 +3728,9 @@ void bgp_evpn_mh_init(void)
 	bgp_mh_info->pend_es_list = list_new();
 	listset_app_node_mem(bgp_mh_info->pend_es_list);

+	bgp_mh_info->ead_evi_rx = BGP_EVPN_MH_EAD_EVI_RX_DEF;
+	bgp_mh_info->ead_evi_tx = BGP_EVPN_MH_EAD_EVI_TX_DEF;
+
 	/* config knobs - XXX add cli to control it */
 	bgp_mh_info->ead_evi_adv_for_down_links = true;
 	bgp_mh_info->consistency_checking = true;
--- a/bgpd/bgp_evpn_mh.h
+++ b/bgpd/bgp_evpn_mh.h
@ -261,6 +261,15 @@ struct bgp_evpn_mh_info {
 	/* Use L3 NHGs for host routes in symmetric IRB */
 	bool install_l3nhg;
 	bool host_routes_use_l3nhg;
+	/* Some vendors are not generating the EAD-per-EVI route. This knob
+	 * can be turned off to activate a remote ES-PE when the EAD-per-ES
+	 * route is rxed i.e. not wait on the EAD-per-EVI route
+	 */
+	bool ead_evi_rx;
+#define BGP_EVPN_MH_EAD_EVI_RX_DEF true
+	/* Skip EAD-EVI advertisements by turning off this knob */
+	bool ead_evi_tx;
+#define BGP_EVPN_MH_EAD_EVI_TX_DEF true
 };

 /****************************************************************************/
--- a/bgpd/bgp_evpn_vty.c
+++ b/bgpd/bgp_evpn_vty.c
@ -3761,6 +3761,26 @@ DEFPY (bgp_evpn_use_es_l3nhg,
 	return CMD_SUCCESS;
 }

+DEFPY (bgp_evpn_ead_evi_rx_disable,
+       bgp_evpn_ead_evi_rx_disable_cmd,
+       "[no$no] disable-ead-evi-rx",
+       NO_STR
+       "Activate PE on EAD-ES even if EAD-EVI is not received\n")
+{
+	bgp_mh_info->ead_evi_rx = no? true :false;
+	return CMD_SUCCESS;
+}
+
+DEFPY (bgp_evpn_ead_evi_tx_disable,
+       bgp_evpn_ead_evi_tx_disable_cmd,
+       "[no$no] disable-ead-evi-tx",
+       NO_STR
+       "Don't advertise EAD-EVI for local ESs\n")
+{
+	bgp_mh_info->ead_evi_tx = no? true :false;
+	return CMD_SUCCESS;
+}
+
 DEFPY (bgp_evpn_advertise_pip_ip_mac,
       bgp_evpn_advertise_pip_ip_mac_cmd,
       "[no$no] advertise-pip [ip <A.B.C.D> [mac <X:X:X:X:X:X|X:X:X:X:X:X/M>]]",
@ -5755,6 +5775,20 @@ void bgp_config_write_evpn_info(struct vty *vty, struct bgp *bgp, afi_t afi,
 			vty_out(vty, "  no use-es-l3nhg\n");
 	}

+	if (bgp_mh_info->ead_evi_rx != BGP_EVPN_MH_EAD_EVI_RX_DEF) {
+		if (bgp_mh_info->ead_evi_rx)
+			vty_out(vty, "  no disable-ead-evi-rx\n");
+		else
+			vty_out(vty, "  disable-ead-evi-rx\n");
+	}
+
+	if (bgp_mh_info->ead_evi_tx != BGP_EVPN_MH_EAD_EVI_TX_DEF) {
+		if (bgp_mh_info->ead_evi_tx)
+			vty_out(vty, "  no disable-ead-evi-tx\n");
+		else
+			vty_out(vty, "  disable-ead-evi-tx\n");
+	}
+
 	if (!bgp->evpn_info->dup_addr_detect)
 		vty_out(vty, "  no dup-addr-detection\n");

@ -5900,6 +5934,8 @@ void bgp_ethernetvpn_init(void)
 	install_element(BGP_EVPN_NODE, &bgp_evpn_flood_control_cmd);
 	install_element(BGP_EVPN_NODE, &bgp_evpn_advertise_pip_ip_mac_cmd);
 	install_element(BGP_EVPN_NODE, &bgp_evpn_use_es_l3nhg_cmd);
+	install_element(BGP_EVPN_NODE, &bgp_evpn_ead_evi_rx_disable_cmd);
+	install_element(BGP_EVPN_NODE, &bgp_evpn_ead_evi_tx_disable_cmd);

 	/* test commands */
 	install_element(BGP_EVPN_NODE, &test_es_add_cmd);
--- a/doc/user/bgp.rst
+++ b/doc/user/bgp.rst
@ -2758,11 +2758,11 @@ Ethernet Segments
 An Ethernet Segment can be configured by specifying a system-MAC and a
 local discriminatior against the bond interface on the PE (via zebra) -

-.. index:: evpn mh es-id [(1-16777215)$es_lid]
-.. clicmd:: [no] evpn mh es-id [(1-16777215)$es_lid]
+.. index:: evpn mh es-id (1-16777215)
+.. clicmd:: [no] evpn mh es-id (1-16777215)

-.. index:: evpn mh es-sys-mac [X:X:X:X:X:X$mac]
-.. clicmd:: [no$no] evpn mh es-sys-mac [X:X:X:X:X:X$mac]
+.. index:: evpn mh es-sys-mac X:X:X:X:X:X
+.. clicmd:: [no] evpn mh es-sys-mac X:X:X:X:X:X

 The sys-mac and local discriminator are used for generating a 10-byte,
 Type-3 Ethernet Segment ID.
@ -2785,8 +2785,8 @@ forward BUM traffic received via the overlay network. This implementation
 uses a preference based DF election specified by draft-ietf-bess-evpn-pref-df.
 The DF preference is configurable per-ES (via zebra) -

-.. index:: evpn mh es-df-pref [(1-16777215)$df_pref]
-.. clicmd:: [no] evpn mh es-df-pref [(1-16777215)$df_pref]
+.. index:: evpn mh es-df-pref (1-16777215)
+.. clicmd:: [no] evpn mh es-df-pref (1-16777215)

 BUM traffic is rxed via the overlay by all PEs attached to a server but
 only the DF can forward the de-capsulated traffic to the access port. To
@ -2796,6 +2796,20 @@ the traffic.
 Similarly traffic received from ES peers via the overlay cannot be forwarded
 to the server. This is split-horizon-filtering with local bias.

+Knobs for interop
+"""""""""""""""""
+Some vendors do not send EAD-per-EVI routes. To interop with them we
+need to relax the dependency on EAD-per-EVI routes and activate a remote
+ES-PE based on just the EAD-per-ES route.
+
+Note that by default we advertise and expect EAD-per-EVI routes.
+
+.. index:: disable-ead-evi-rx
+.. clicmd:: [no] disable-ead-evi-rx
+
+.. index:: disable-ead-evi-tx
+.. clicmd:: [no] disable-ead-evi-tx
+
 Fast failover
 """""""""""""
 As the primary purpose of EVPN-MH is redundancy keeping the failover efficient
@ -2809,14 +2823,14 @@ been introduced for the express purpose of efficient ES failovers.
  on via the following BGP config -

 .. index:: use-es-l3nhg
-.. clicmd:: [no$no] use-es-l3nhg
+.. clicmd:: [no] use-es-l3nhg

 - Local ES (MAC/Neigh) failover via ES-redirect.
  On dataplanes that do not have support for ES-redirect the feature can be
  turned off via the following zebra config -

 .. index:: evpn mh redirect-off
-.. clicmd:: [no$no] evpn mh redirect-off
+.. clicmd:: [no] evpn mh redirect-off

 Uplink/Core tracking
 """"""""""""""""""""
@ -2837,11 +2851,11 @@ the ES peer (PE2) goes down PE1 continues to advertise hosts learnt from PE2
 for a holdtime during which it attempts to establish local reachability of
 the host. This holdtime is configurable via the following zebra commands -

-.. index:: evpn mh neigh-holdtime (0-86400)$duration
-.. clicmd:: [no$no] evpn mh neigh-holdtime (0-86400)$duration
+.. index:: evpn mh neigh-holdtime (0-86400)
+.. clicmd:: [no] evpn mh neigh-holdtime (0-86400)

-.. index:: evpn mh mac-holdtime (0-86400)$duration
-.. clicmd:: [no$no] evpn mh mac-holdtime (0-86400)$duration
+.. index:: evpn mh mac-holdtime (0-86400)
+.. clicmd:: [no] evpn mh mac-holdtime (0-86400)

 Startup delay
 """""""""""""
@ -2850,8 +2864,8 @@ and EVPN network to converge before enabling the ESs. For this duration the
 ES bonds are held protodown. The startup delay is configurable via the
 following zebra command -

-.. index:: evpn mh startup-delay(0-3600)$duration
-.. clicmd:: [no] evpn mh startup-delay(0-3600)$duration
+.. index:: evpn mh startup-delay (0-3600)
+.. clicmd:: [no] evpn mh startup-delay (0-3600)

 +Support with VRF network namespace backend
 +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^