From c5aec50b81afbd19b554838bc42401ed7b40fbb9 Mon Sep 17 00:00:00 2001 From: Madhuri Kuruganti Date: Fri, 2 Oct 2020 02:10:48 +0530 Subject: [PATCH] bgpd: conditional advertisement - with route-map filter Sample configuration along with route-map filter ------------------------------------------------ Router2# show running-config Building configuration... Current configuration: ! frr version 7.6-dev-MyOwnFRRVersion frr defaults traditional hostname router log file /var/log/frr/bgpd.log log syslog informational hostname Router2 service integrated-vtysh-config ! debug bgp updates in debug bgp updates out ! debug route-map ! ip route 200.200.0.0/16 blackhole ipv6 route 2001:db8::200/128 blackhole ! interface enp0s9 ip address 10.10.10.2/24 ! interface enp0s10 ip address 10.10.20.2/24 ! interface lo ip address 2.2.2.2/24 ipv6 address 2001:db8::2/128 ! router bgp 2 bgp log-neighbor-changes no bgp ebgp-requires-policy neighbor 10.10.10.1 remote-as 1 neighbor 10.10.20.3 remote-as 3 ! address-family ipv4 unicast network 2.2.2.0/24 network 200.200.0.0/16 neighbor 10.10.10.1 soft-reconfiguration inbound neighbor 10.10.10.1 route-map RMAP_PERMIT_100 out neighbor 10.10.10.1 advertise-map ADVERTISE non-exist-map CONDITION neighbor 10.10.20.3 soft-reconfiguration inbound exit-address-family ! address-family ipv6 unicast network 2001:db8::2/128 network 2001:db8::200/128 neighbor 10.10.10.1 activate neighbor 10.10.10.1 soft-reconfiguration inbound neighbor 10.10.10.1 route-map CONDITION_6 out neighbor 10.10.10.1 advertise-map ADVERTISE_6 non-exist-map CONDITION_6 neighbor 10.10.20.3 activate neighbor 10.10.20.3 soft-reconfiguration inbound exit-address-family ! access-list CONDITION seq 5 permit 3.3.3.0/24 access-list ADVERTISE seq 6 permit 200.200.0.0/16 access-list ADVERTISE seq 7 permit 20.20.0.0/16 access-list ADVERTISE seq 5 permit 2.2.2.0/24 access-list RMAP_PERMIT_100 seq 4 permit 100.100.0.0/16 ! ipv6 access-list ADVERTISE_6 seq 5 permit 2001:db8::2/128 ipv6 access-list CONDITION_6 seq 5 permit 2001:db8::3/128 ! route-map ADVERTISE permit 10 match ip address ADVERTISE ! route-map CONDITION permit 10 match ip address CONDITION ! route-map ADVERTISE_6 permit 10 match ipv6 address ADVERTISE_6 ! route-map CONDITION_6 permit 10 match ipv6 address CONDITION_6 ! route-map RMAP_PERMIT_100 permit 10 match ip address RMAP_PERMIT_100 ! line vty ! end Sample output when non-exist-map prefixes present in BGP table -------------------------------------------------------------- Router2# show ip bgp all wide For address family: IPv4 Unicast BGP table version is 5, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 10.10.10.1 0 0 1 i *> 2.2.2.0/24 0.0.0.0 0 32768 i *> 3.3.3.0/24 10.10.20.3 0 0 3 i *> 100.100.0.0/16 10.10.20.3 0 0 3 i *> 200.200.0.0/16 0.0.0.0 0 32768 i Displayed 5 routes and 5 total paths For address family: IPv6 Unicast BGP table version is 4, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 2001:db8::1/128 fe80::a00:27ff:fecb:ad57 0 0 1 i *> 2001:db8::2/128 :: 0 32768 i *> 2001:db8::3/128 fe80::a00:27ff:fe76:6738 0 0 3 i *> 2001:db8::200/128 :: 0 32768 i Displayed 4 routes and 4 total paths Router2# Router2# Router2# Router2# Router2# show ip bgp all neighbors 10.10.10.1 advertised-routes wide For address family: IPv4 Unicast BGP table version is 5, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 100.100.0.0/16 0.0.0.0 0 3 i Total number of prefixes 1 For address family: IPv6 Unicast BGP table version is 4, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 2001:db8::3/128 :: 0 3 i Total number of prefixes 1 Router2# Sample output when non-exist-map prefixes not present in BGP table ------------------------------------------------------------------ Router2# show ip bgp all wide For address family: IPv4 Unicast BGP table version is 6, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 10.10.10.1 0 0 1 i *> 2.2.2.0/24 0.0.0.0 0 32768 i *> 100.100.0.0/16 10.10.20.3 0 0 3 i *> 200.200.0.0/16 0.0.0.0 0 32768 i Displayed 4 routes and 4 total paths For address family: IPv6 Unicast BGP table version is 5, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 2001:db8::1/128 fe80::a00:27ff:fecb:ad57 0 0 1 i *> 2001:db8::2/128 :: 0 32768 i *> 2001:db8::200/128 :: 0 32768 i Displayed 3 routes and 3 total paths Router2# Router2# show ip bgp all neighbors 10.10.10.1 advertised-routes wide For address family: IPv4 Unicast BGP table version is 6, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 2.2.2.0/24 0.0.0.0 0 32768 i *> 100.100.0.0/16 0.0.0.0 0 3 i *> 200.200.0.0/16 0.0.0.0 0 32768 i Total number of prefixes 3 For address family: IPv6 Unicast BGP table version is 5, local router ID is 2.2.2.2, vrf id 0 Default local pref 100, local AS 2 Status codes: s suppressed, d damped, h history, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 2001:db8::2/128 :: 0 32768 i Total number of prefixes 1 Router2# Signed-off-by: Madhuri Kuruganti --- bgpd/bgp_conditional_adv.c | 63 +++++++++----------------------------- bgpd/bgp_route.c | 4 +++ bgpd/bgp_routemap.c | 5 +-- 3 files changed, 22 insertions(+), 50 deletions(-) diff --git a/bgpd/bgp_conditional_adv.c b/bgpd/bgp_conditional_adv.c index f38ef902ea..f601e7a795 100644 --- a/bgpd/bgp_conditional_adv.c +++ b/bgpd/bgp_conditional_adv.c @@ -232,7 +232,6 @@ static int bgp_conditional_adv_timer(struct thread *t) struct update_subgroup *subgrp = NULL; enum route_map_cmd_result_t ret, prev_ret; bool route_advertised = false; - bool adv_withdrawn = false; int adv_conditional = 0; bgp = THREAD_ARG(t); @@ -278,7 +277,6 @@ static int bgp_conditional_adv_timer(struct thread *t) /* cmap (route-map attached to exist-map or * non-exist-map) map validation */ - adv_withdrawn = false; adv_conditional = 0; ret = bgp_check_rmap_prefixes_in_bgp_table(table, @@ -288,41 +286,25 @@ static int bgp_conditional_adv_timer(struct thread *t) switch (ret) { case RMAP_NOOP: - if (prev_ret == RMAP_NOOP) + if (prev_ret == RMAP_NOOP) { + peer->advmap_info[afi][safi] + .config_change = false; continue; - + } peer->advmap_info[afi][safi].cmap_prev_status = ret; - if (filter->advmap.status) - continue; - /* advertise previously withdrawn routes */ - adv_withdrawn = true; break; case RMAP_MATCH: /* Handle configuration changes */ if (peer->advmap_info[afi][safi] .config_change) { - /* If configuration(ACL filetr prefixes) - * is changed and if the advertise-map - * filter previous status was withdraw - * then we need to advertise the - * previously withdrawn routes. - * Nothing to do if the filter status - * was advertise. - */ - if ((prev_ret != RMAP_NOOP) - && !filter->advmap.status) - adv_withdrawn = true; - adv_conditional = (filter->advmap.condition == CONDITION_EXIST) ? NLRI : WITHDRAW; - peer->advmap_info[afi][safi] - .config_change = false; } else { if (prev_ret != RMAP_MATCH) adv_conditional = @@ -340,25 +322,11 @@ static int bgp_conditional_adv_timer(struct thread *t) /* Handle configuration changes */ if (peer->advmap_info[afi][safi] .config_change) { - /* If configuration(ACL filetr prefixes) - * is changed and if the advertise-map - * filter previous status was withdraw - * then we need to advertise the - * previously withdrawn routes. - * Nothing to do if the filter status - * was advertise. - */ - if ((prev_ret != RMAP_NOOP) - && !filter->advmap.status) - adv_withdrawn = true; - adv_conditional = (filter->advmap.condition == CONDITION_EXIST) ? WITHDRAW : NLRI; - peer->advmap_info[afi][safi] - .config_change = false; } else { if (prev_ret != RMAP_NOMATCH) adv_conditional = @@ -383,18 +351,9 @@ static int bgp_conditional_adv_timer(struct thread *t) */ ret = is_rmap_valid(filter->advmap.amap) ? RMAP_MATCH : RMAP_NOOP; - prev_ret = - peer->advmap_info[afi][safi].amap_prev_status; - if (ret == RMAP_NOOP) { - if (prev_ret == RMAP_NOOP) { - if (!adv_withdrawn) - continue; - /* Should not reach here. */ - } - if (filter->advmap.status && !adv_withdrawn) - continue; - } + if ((ret == RMAP_NOOP) && (prev_ret == RMAP_NOOP)) + continue; /* Derive conditional advertisement status from * condition and return value of condition-map @@ -411,7 +370,11 @@ static int bgp_conditional_adv_timer(struct thread *t) */ } - if (adv_withdrawn) { + /* Send regular update as per the existing policy. + * There is a change in route-map, match-rule, ACLs, + * or route-map filter configuration on the same peer. + */ + if (peer->advmap_info[afi][safi].config_change) { paf = peer_af_find(peer, afi, safi); if (paf) { update_subgroup_split_peer(paf, NULL); @@ -420,7 +383,11 @@ static int bgp_conditional_adv_timer(struct thread *t) subgroup_announce_table( paf->subgroup, NULL); } + peer->advmap_info[afi][safi].config_change = + false; } + + /* Send update as per the conditional advertisement */ if (adv_conditional) { route_advertised = bgp_conditional_adv_routes( peer, afi, safi, table, diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index e64cf4a541..48f38dfec7 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -4361,6 +4361,10 @@ static int bgp_announce_route_timer_expired(struct thread *t) return 0; peer_af_announce_route(paf, 1); + + /* Notify BGP conditional advertisement scanner percess */ + peer->advmap_info[paf->afi][paf->safi].config_change = true; + return 0; } diff --git a/bgpd/bgp_routemap.c b/bgpd/bgp_routemap.c index c8504cfc8f..2abebbcbc3 100644 --- a/bgpd/bgp_routemap.c +++ b/bgpd/bgp_routemap.c @@ -3698,18 +3698,19 @@ static void bgp_route_map_process_peer(const char *rmap_name, if (filter->advmap.aname && (strcmp(rmap_name, filter->advmap.aname) == 0)) { filter->advmap.amap = map; - peer->advmap_info[afi][safi].config_change = true; } if (filter->advmap.cname && (strcmp(rmap_name, filter->advmap.cname) == 0)) { filter->advmap.cmap = map; - peer->advmap_info[afi][safi].config_change = true; } if (peer->default_rmap[afi][safi].name && (strcmp(rmap_name, peer->default_rmap[afi][safi].name) == 0)) peer->default_rmap[afi][safi].map = map; + + /* Notify BGP conditional advertisement scanner percess */ + peer->advmap_info[afi][safi].config_change = true; } static void bgp_route_map_update_peer_group(const char *rmap_name,