From cc317518035337f325b456f400d2cf3411d2b642 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Sang?= Date: Tue, 16 Jul 2024 14:03:11 +0200 Subject: [PATCH] bgpd: fix label lost when vrf loopback comes back MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit VRF-label association drops when the VRF loopback goes down, however, it does not return once the interface is enabled again. Logs show that when VRF loopback goes down, a label drop message is sent to zebra and immediately resent label installation to zebra: 2024/07/16 13:26:29 BGP: [RVJ1J-J2T22] ifp down r1-cust1 vrf id 7 2024/07/16 13:26:29 BGP: [WA2QY-06STJ] vpn_leak_zebra_vrf_label_withdraw: deleting label for vrf VRF r1-cust1 (id=7) 2024/07/16 13:26:30 BGP: [S82AC-6YAC8] vpn_leak_zebra_vrf_label_update: vrf VRF r1-cust1: afi IPv4: setting label 80 for vrf id 7 Since the interface is down, the netlink message is not send to kernel. Once the interface comes back, zebra ignore the installation assuming the label is already seen. To fix this, add a check for the interface status before attempting to reinstall the label. Signed-off-by: Loïc Sang --- bgpd/bgp_mplsvpn.c | 10 ++++++++-- bgpd/bgp_mplsvpn.h | 15 +++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/bgpd/bgp_mplsvpn.c b/bgpd/bgp_mplsvpn.c index 90881621b331..046d71595ef0 100644 --- a/bgpd/bgp_mplsvpn.c +++ b/bgpd/bgp_mplsvpn.c @@ -280,7 +280,8 @@ int bgp_nlri_parse_vpn(struct peer *peer, struct attr *attr, * * Sending this vrf-label association is qualified by a) whether vrf->vpn * exporting is active ("export vpn" is enabled, vpn-policy RD and RT list - * are set) and b) whether vpn-policy label is set. + * are set), b) whether vpn-policy label is set and c) the vrf loopback + * interface is up. * * If any of these conditions do not hold, then we send MPLS_LABEL_NONE * for this vrf, which zebra interprets to mean "delete this vrf-label @@ -288,6 +289,7 @@ int bgp_nlri_parse_vpn(struct peer *peer, struct attr *attr, */ void vpn_leak_zebra_vrf_label_update(struct bgp *bgp, afi_t afi) { + const char *debugmsg = NULL; mpls_label_t label = MPLS_LABEL_NONE; int debug = BGP_DEBUG(vpn, VPN_LEAK_LABEL); @@ -300,11 +302,15 @@ void vpn_leak_zebra_vrf_label_update(struct bgp *bgp, afi_t afi) return; } - if (vpn_leak_to_vpn_active(bgp, afi, NULL, false)) { + if (vpn_leak_to_vpn_active(bgp, afi, &debugmsg, false)) { label = bgp->vpn_policy[afi].tovpn_label; } if (debug) { + if (debugmsg) + zlog_debug("%s: vrf %s: afi %s: label %u not updated, %s", + __func__, bgp->name_pretty, afi2str(afi), + bgp->vpn_policy[afi].tovpn_label, debugmsg); zlog_debug("%s: vrf %s: afi %s: setting label %d for vrf id %d", __func__, bgp->name_pretty, afi2str(afi), label, bgp->vrf_id); diff --git a/bgpd/bgp_mplsvpn.h b/bgpd/bgp_mplsvpn.h index 92a9fba887ae..3a7e9e063f7f 100644 --- a/bgpd/bgp_mplsvpn.h +++ b/bgpd/bgp_mplsvpn.h @@ -116,6 +116,8 @@ static inline int vpn_leak_to_vpn_active(struct bgp *bgp_vrf, afi_t afi, const char **pmsg, bool ignore_export_rt_list) { + struct interface *ifp; + if (bgp_vrf->inst_type != BGP_INSTANCE_TYPE_VRF && bgp_vrf->inst_type != BGP_INSTANCE_TYPE_DEFAULT) { @@ -124,6 +126,19 @@ static inline int vpn_leak_to_vpn_active(struct bgp *bgp_vrf, afi_t afi, return 0; } + ifp = if_get_vrf_loopback(bgp_vrf->vrf_id); + /* should not happen */ + if (!ifp) { + if (pmsg) + *pmsg = "loopback interface not defined"; + return 0; + } + if (!if_is_up(ifp)) { + if (pmsg) + *pmsg = "loopback interface is down"; + return 0; + } + /* Is vrf configured to export to vpn? */ if (!CHECK_FLAG(bgp_vrf->af_flags[afi][SAFI_UNICAST], BGP_CONFIG_VRF_TO_MPLSVPN_EXPORT)