From 355f3c1174a9859697c89b3c07844225df29db41 Mon Sep 17 00:00:00 2001 From: Anuradha Karuppiah Date: Tue, 12 Feb 2019 12:56:26 -0800 Subject: [PATCH] bgpd: parse label in pmsi tunnel attribute Consider the following topo VTEP1->SPINE1->VTEP2. ebgp is being used for evpn route exchange with SPINE just acting as a pass through. 1. VTEP1 was building the type-3 IMET route with the correct PMSI tunnel type (ingress-replication) and label (VNI) 2. Spine1 was however only parsing the tunnel-type in the attr (was skipping parsing of the label field altogether) - >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> root@MSP1:~# net show bgp l2vpn evpn route rd 27.0.0.15:4 type multicast EVPN type-2 prefix: [2]:[ESI]:[EthTag]:[MAClen]:[MAC] EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP] EVPN type-5 prefix: [5]:[ESI]:[EthTag]:[IPlen]:[IP] BGP routing table entry for 27.0.0.15:4:[3]:[0]:[32]:[27.0.0.15] Paths: (1 available, best #1) Advertised to non peer-group peers: TORC11(downlink-1) TORC12(downlink-2) TORC21(downlink-3) TORC22(downlink-4) TORS1(downlink-5) TORS2(downlink-6) Route [3]:[0]:[32]:[27.0.0.15] 5550 27.0.0.15 from TORS1(downlink-5) (27.0.0.15) Origin IGP, valid, external, bestpath-from-AS 5550, best Extended Community: RT:5550:1003 ET:8 AddPath ID: RX 0, TX 227 Last update: Thu Feb 7 15:44:22 2019 PMSI Tunnel Type: Ingress Replication, label: 16777213 >>>>>>> Displayed 1 prefixes (1 paths) with this RD (of requested type) root@MSP1:~# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 3. So VTEP2 didn't rx the correct label. In an all FRR setup this doesn't have any functional consequence but some vendors are validating the content of the label field as well and ignoring the IMET route from FRR (say VTEP1 is FRR and VTEP2 is 3rd-party). The functional consequence of this VTEP2 ignores VTEP1's IMET route and doesn't add VTEP1 to the corresponding l2-vni flood list. This commit fixes up the PMSI attr parsing on spine-1 - >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> root@MSP1:~# net show bgp l2vpn evpn route rd 27.0.0.15:4 type multicast EVPN type-2 prefix: [2]:[ESI]:[EthTag]:[MAClen]:[MAC] EVPN type-3 prefix: [3]:[EthTag]:[IPlen]:[OrigIP] EVPN type-5 prefix: [5]:[ESI]:[EthTag]:[IPlen]:[IP] BGP routing table entry for 27.0.0.15:4:[3]:[0]:[32]:[27.0.0.15] Paths: (1 available, best #1) Advertised to non peer-group peers: TORC11(downlink-1) TORC12(downlink-2) TORC21(downlink-3) TORC22(downlink-4) TORS1(downlink-5) TORS2(downlink-6) Route [3]:[0]:[32]:[27.0.0.15] 5550 27.0.0.15 from TORS1(downlink-5) (27.0.0.15) Origin IGP, valid, external, bestpath-from-AS 5550, best Extended Community: RT:5550:1003 ET:8 AddPath ID: RX 0, TX 278 Last update: Thu Feb 7 00:17:40 2019 PMSI Tunnel Type: Ingress Replication, label: 1003 >>>>>>>>>>> Displayed 1 prefixes (1 paths) with this RD (of requested type) root@MSP1:~# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Ticket: CM-23790 Signed-off-by: Anuradha Karuppiah --- bgpd/bgp_attr.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index 3b5261fdf944..aa271da07f10 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -2227,11 +2227,12 @@ bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args) struct attr *const attr = args->attr; const bgp_size_t length = args->length; uint8_t tnl_type; + int attr_parse_len = 2 + BGP_LABEL_BYTES; /* Verify that the receiver is expecting "ingress replication" as we * can only support that. */ - if (length < 2) { + if (length < attr_parse_len) { flog_err(EC_BGP_ATTR_LEN, "Bad PMSI tunnel attribute length %d", length); return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR, @@ -2258,9 +2259,10 @@ bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args *args) attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL); attr->pmsi_tnl_type = tnl_type; + stream_get(&attr->label, peer->curr, BGP_LABEL_BYTES); /* Forward read pointer of input stream. */ - stream_forward_getp(peer->curr, length - 2); + stream_forward_getp(peer->curr, length - attr_parse_len); return BGP_ATTR_PARSE_PROCEED; }