Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SRv6 BGP SID reachability #14810

Merged
merged 4 commits into from
Feb 27, 2024

Conversation

dmytroshytyi-6WIND
Copy link
Contributor

For BGP SRv6 updates, This PR considers "SRv6 SID reachability" and replaces the NH reachability with the
SRv6 SID reachability.

Today, only the NH reachability is checked, and when route is installed, if the SRv6 SID is not reachable
then the SRv6 segs route will fail to be installed.
This is what happens on kernel.

This PR:

  • avoids this use case, and does not install the BGP route.
  • ensures the SID is reachable, before installing the BGP route to zebra

Possible cases like the one below are not considered, and do not work anyway:

Router A and D are running BGP protocol. The route map, to set nexthop == C, is configured on
router D. Such that router C IPv6 address is verified to be reachable to flag the SRv6 reachable,
but if route on the router C that points to D router's SRv6 SID dissapears(broken link),
on node A SID is expected to be still reachable, because nexthop C is reachable.

BGP update with explicit nexthop(C) set via route-map and SRV6 SID
__________________________ 
|                         |
▽                         ^
(A-B-C--------------------D)
     
     ^                    ^
nexthop C                SRv6 SID
of BGP update

@frrbot frrbot bot added bgp documentation tests Topotests, make check, etc labels Nov 16, 2023
doc/user/bgp.rst Show resolved Hide resolved
bgpd/bgp_nht.c Outdated Show resolved Hide resolved
bgpd/bgp_nht.c Outdated Show resolved Hide resolved
tests/topotests/bgp_srv6_sid_reachability/r1/bgpd.conf Outdated Show resolved Hide resolved
tests/topotests/bgp_srv6_sid_reachability/r2/bgpd.conf Outdated Show resolved Hide resolved
tests/topotests/bgp_srv6_sid_reachability/r3/bgpd.conf Outdated Show resolved Hide resolved
@ton31337
Copy link
Member

Just a quick question: is this behavior something that other vendors have (SID reachability tracking)? I'm worried that we can't break anything if this is turned ON by default and can't be controlled. Maybe a knob would be handy?

Copy link
Member

@riw777 riw777 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good

@donaldsharp donaldsharp self-requested a review November 21, 2023 16:26
bgpd/bgp_nht.c Outdated Show resolved Hide resolved
@eddieruan-alibaba
Copy link

Would this raise any scale concerns?

VPN SID is similar to vpn label for MPLS VPN, which provides local information once packets reach to this PE. In the example you provide,


| |
▽ ^
(A-B-C--------------------D)

If we don't sue route-map to set nexthop, the nexthop is D. Do we really want to let A, B, C all aware the reachablity of your VPN SID, or just keep it as local context to D if some chip has scale concerns with v6 prefixes.

https://datatracker.ietf.org/doc/rfc8986/ section 3.3. "Routed and non-routed SRv6 SIDs are the SRv6 instantiation of
global and local segments, "

how do you plan to handle these local segment use cases?

@pguibert6WIND
Copy link
Member

ci:rerun

Copy link
Contributor

@cscarpitta cscarpitta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dmytroshytyi-6WIND Thanks for the SRv6 contribution. Overall LGTM, I have only two nits.

@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_bgp_sid_reachability branch 2 times, most recently from ebfc5be to 4086473 Compare January 25, 2024 15:00

if (is_bgp_static) {
if (pi && pi->attr && pi->attr->srv6_l3vpn) {
IPV6_ADDR_COPY(&(p->u.prefix6),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no need to check for pi != NULL. it is alread done above.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks fixed.

bgpd/bgp_nht.c Outdated
@@ -660,6 +672,7 @@ static void bgp_process_nexthop_update(struct bgp_nexthop_cache *bnc,

if (BGP_DEBUG(nht, NHT)) {
char buf[NEXTHOP_STRLEN];

zlog_debug(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no need to add empty line

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Fixed.

Copy link
Member

@pguibert6WIND pguibert6WIND left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2 minor issues.
also, the commit "bgpd: srv6 sid reachability information".
I would add this in the commit log:
Fixes 7f8c7d9 ("bgpd: ignore nexthop validation for srv6-vpn")

BGP IPv4 L3VPN with SRv6 SID reachability example
provided in the documentation

Signed-off-by: Dmytro Shytyi <[email protected]>
Enable the SRv6 SID prefix generation in make_prefix()
function of bgp_nht.c.

Signed-off-by: Dmytro Shytyi <[email protected]>

fixup: bgpd: extend make_prefix to form srv6-based prefix
In the case of SRv6-VPN we track the reachability
to the SID. We check that the SID is available
in the BGP update and then we check the nexthop
reachability.

Fixes 7f8c7d9 ("bgpd: ignore nexthop validation for srv6-vpn")

Signed-off-by: Dmytro Shytyi <[email protected]>
Signed-off-by: Philippe Guibert <[email protected]>
Verify that SRv6 SID becomes unreachable and
further the IPv4 route in L3VPN becomes invalid.

Signed-off-by: Dmytro Shytyi <[email protected]>
@dmytroshytyi-6WIND dmytroshytyi-6WIND force-pushed the srv6_bgp_sid_reachability branch from 4086473 to 5101463 Compare January 30, 2024 15:17
@dmytroshytyi-6WIND
Copy link
Contributor Author

ci:rerun

1 similar comment
@dmytroshytyi-6WIND
Copy link
Contributor Author

ci:rerun

@riw777
Copy link
Member

riw777 commented Feb 20, 2024

2 minor issues. also, the commit "bgpd: srv6 sid reachability information". I would add this in the commit log: Fixes 7f8c7d9 ("bgpd: ignore nexthop validation for srv6-vpn")

If this were in, I think we could merge this.

@dmytroshytyi-6WIND
Copy link
Contributor Author

2 minor issues. also, the commit "bgpd: srv6 sid reachability information". I would add this in the commit log: Fixes 7f8c7d9 ("bgpd: ignore nexthop validation for srv6-vpn")

If this were in, I think we could merge this.

This commit log includes the "Fixes" tag:
b3ac502

And these two comments were addressed:
#14810 (comment)
#14810 (comment)

Copy link
Member

@riw777 riw777 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good

@riw777 riw777 merged commit c4f9b87 into FRRouting:master Feb 27, 2024
9 checks passed
cscarpitta added a commit to cscarpitta/sonic-buildimage that referenced this pull request Dec 16, 2024
This commit brings PR FRRouting/frr#14810 from FRR mainline to SONiC

SRv6 BGP SID reachability
FRRouting/frr#14810

Signed-off-by: cscarpitta <[email protected]>
github-actions bot pushed a commit to bradh352/sonic-buildimage that referenced this pull request Jan 2, 2025
This commit brings PR FRRouting/frr#14810 from FRR mainline to SONiC

SRv6 BGP SID reachability
FRRouting/frr#14810

Signed-off-by: cscarpitta <[email protected]>
github-actions bot pushed a commit to bradh352/sonic-buildimage that referenced this pull request Jan 2, 2025
This commit brings PR FRRouting/frr#14810 from FRR mainline to SONiC

SRv6 BGP SID reachability
FRRouting/frr#14810

Signed-off-by: cscarpitta <[email protected]>
github-actions bot pushed a commit to bradh352/sonic-buildimage that referenced this pull request Jan 2, 2025
This commit brings PR FRRouting/frr#14810 from FRR mainline to SONiC

SRv6 BGP SID reachability
FRRouting/frr#14810

Signed-off-by: cscarpitta <[email protected]>
mssonicbld added a commit to mssonicbld/sonic-buildimage-msft that referenced this pull request Jan 7, 2025
#### Why I did it

Bring the below PRs from FRR mainline to SONiC in order to support SRv6 SID Manager in SONiC.

#### New patches that were added

| Patch             | FRR Pull Request |
| ------------- | ----------------- |
| 0064-SRv6-BGP-SID-reachability.patch | FRRouting/frr#14810 |
| 0065-zebra-display-srv6-encapsulation-source-address-when-configured.patch | FRRouting/frr#16151 |
| 0066-lib-fix-srv6-locator-flags-propagated-to-isis.patch | FRRouting/frr#15673 |
| 0067-Add-support-for-SRv6-SID-Manager.patch | FRRouting/frr#15604 |
| 0068-bgpd-Extend-BGP-to-communicate-with-the-SRv6-SID-Manager-to-allocate-release-SRv6-SIDs.patch | FRRouting/frr#15676 |
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants