summaryrefslogtreecommitdiffstats
path: root/yang/frr-bgp-route-map.yang
diff options
context:
space:
mode:
authorPhilippe Guibert <philippe.guibert@6wind.com>2021-09-20 11:50:52 +0200
committerPhilippe Guibert <philippe.guibert@6wind.com>2022-09-05 22:26:25 +0200
commit1bb550b63ceb1809c069a81f1cbd74603c966fbb (patch)
tree08a8f04287cc27d1f4d374b058c2962d5e4c3851 /yang/frr-bgp-route-map.yang
parentMerge pull request #11879 from mobash-rasool/fixes2 (diff)
downloadfrr-1bb550b63ceb1809c069a81f1cbd74603c966fbb.tar.xz
frr-1bb550b63ceb1809c069a81f1cbd74603c966fbb.zip
bgpd: add resolution for l3vpn traffic over gre interfaces
When a route imported from l3vpn is analysed, the nexthop from default VRF is looked up against a valid MPLS path. Generally, this is done on backbones with a MPLS signalisation transport layer like LDP. Generally, the BGP connection is multiple hops away. That scenario is already working. There is case where it is possible to run L3VPN over GRE interfaces, and where there is no LSP path over that GRE interface: GRE is just here to tunnel MPLS traffic. On that case, the nexthop given in the path does not have MPLS path, but should be authorized to convey MPLS traffic provided that the user permits it via a configuration command. That commit introduces a new command that can be activated in route-map: > set l3vpn next-hop encapsulation gre That command authorizes the nexthop tracking engine to accept paths that o have a GRE interface as output, independently of the presence of an LSP path or not. A configuration example is given below. When bgp incoming vpnv4 updates are received, the nexthop of NLRI is 192.168.0.2. Based on nexthop tracking service from zebra, BGP knows that the output interface to reach 192.168.0.2 is r1-gre0. Because that interface is not MPLS based, but is a GRE tunnel, then the update will be using that nexthop to be installed. interface r1-gre0 ip address 192.168.0.1/24 exit router bgp 65500 bgp router-id 1.1.1.1 neighbor 192.168.0.2 remote-as 65500 ! address-family ipv4 unicast no neighbor 192.168.0.2 activate exit-address-family ! address-family ipv4 vpn neighbor 192.168.0.2 activate neighbor 192.168.0.2 route-map rmap in exit-address-family exit ! router bgp 65500 vrf vrf1 bgp router-id 1.1.1.1 no bgp network import-check ! address-family ipv4 unicast network 10.201.0.0/24 redistribute connected label vpn export 101 rd vpn export 444:1 rt vpn both 52:100 export vpn import vpn exit-address-family exit ! route-map rmap permit 1 set l3vpn next-hop encapsulation gre exit Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Diffstat (limited to 'yang/frr-bgp-route-map.yang')
-rw-r--r--yang/frr-bgp-route-map.yang22
1 files changed, 22 insertions, 0 deletions
diff --git a/yang/frr-bgp-route-map.yang b/yang/frr-bgp-route-map.yang
index eaa7891f0..fcfd14e4f 100644
--- a/yang/frr-bgp-route-map.yang
+++ b/yang/frr-bgp-route-map.yang
@@ -330,6 +330,12 @@ module frr-bgp-route-map {
"Set EVPN gateway IP overlay index IPv6";
}
+ identity set-l3vpn-nexthop-encapsulation {
+ base frr-route-map:rmap-set-type;
+ description
+ "Accept L3VPN traffic over other than LSP encapsulation";
+ }
+
grouping extcommunity-non-transitive-types {
leaf two-octet-as-specific {
type boolean;
@@ -902,5 +908,21 @@ module frr-bgp-route-map {
type inet:ipv6-address;
}
}
+ case l3vpn-nexthop-encapsulation {
+ when
+ "derived-from-or-self(/frr-route-map:lib/frr-route-map:route-map/frr-route-map:entry/frr-route-map:set-action/frr-route-map:action,
+ 'frr-bgp-route-map:set-l3vpn-nexthop-encapsulation')";
+ description
+ "Accept L3VPN traffic over other than LSP encapsulation";
+ leaf l3vpn-nexthop-encapsulation {
+ type enumeration {
+ enum "gre" {
+ value 0;
+ description
+ "GRE protocol";
+ }
+ }
+ }
+ }
}
}