bgpd: withdraw any exported routes when deleting a vrf

When a BGP vrf instance is deleted, the routes it exported into the
main VPN table are not deleted and they remain as stale routes
attached to an unknown bgp instance. When the new vrf instance comes
along, it imports these routes from the main table and thus we see
duplicatesalongside its own identical routes.
The solution is to call the unexport logic when a BGP vrf instance is
being deleted.

problem example
---------------
volta1# sh bgp vrf VRF-a ipv4 unicast
BGP table version is 4, local router ID is 18.0.0.1, vrf id 5
Default local pref 100, local AS 567
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
*> 7.0.0.6/32       7.0.0.5@0<              10    100      0 ?
*> 7.0.0.8/32       18.0.0.8                 0             0 111 ?
*> 18.0.0.0/24      18.0.0.8                 0             0 111 ?
*> 56.0.0.0/24      7.0.0.5@0<               0    100      0 ?
Displayed  4 routes and 4 total paths
volta1# conf t
volta1(config)# no router bgp 567 vrf VRF-a
volta1(config)#
volta1(config)# router bgp 567 vrf VRF-a
volta1(config-router)#  bgp router-id 18.0.0.1
volta1(config-router)#  no bgp ebgp-requires-policy
volta1(config-router)#  no bgp network import-check
volta1(config-router)#  neighbor 18.0.0.8 remote-as 111
volta1(config-router)#  !
volta1(config-router)#  address-family ipv4 unicast
volta1(config-router-af)#   label vpn export 12345
volta1(config-router-af)#   rd vpn export 567:111
volta1(config-router-af)#   rt vpn both 567:100
volta1(config-router-af)#   export vpn
volta1(config-router-af)#   import vpn
volta1(config-router-af)#  exit-address-family
volta1(config-router)# !
volta1(config-router)# end
volta1# sh bgp vrf VRF-a ipv4 unicast
BGP table version is 4, local router ID is 18.0.0.1, vrf id 5
Default local pref 100, local AS 567
Status codes:  s suppressed, d damped, h history, * valid, > best, = multipath,
               i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes:  i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
*> 7.0.0.6/32       7.0.0.5@0<              10    100      0 ?
*  7.0.0.8/32       18.0.0.8                 0             0 111 ?
*>                  18.0.0.8@-<              0             0 111 ?
*  18.0.0.0/24      18.0.0.8                 0             0 111 ?
*>                  18.0.0.8@-<              0             0 111 ?
*> 56.0.0.0/24      7.0.0.5@0<               0    100      0 ?
Displayed  4 routes and 6 total paths

@- routes indicating unknown bgp instance are imported

Signed-off-by: Pat Ruddy <pat@voltanet.io>

diff --git a/bgpd/bgp_nb_config.c b/bgpd/bgp_nb_config.c
index eca7093fcd6537afb0bad4d193df821b227c5d6f..e2818988ea174c45b5a702cfb92a13022174d11c 100644 (file)
--- a/bgpd/bgp_nb_config.c
+++ b/bgpd/bgp_nb_config.c
@@ -173,7 +173,6 @@ int bgp_router_destroy(struct nb_cb_destroy_args *args)
        case NB_EV_APPLY:
                bgp = nb_running_unset_entry(args->dnode);
 
-               bgp_vpn_leak_unimport(bgp);
                bgp_delete(bgp);
 
                break;

diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
index d2d94707a7fc117e3f90d22e17157615a633fb56..4cd603ee8b24a9817ec185796ce223e02bad768c 100644 (file)
--- a/bgpd/bgpd.c
+++ b/bgpd/bgpd.c
@@ -3382,6 +3382,14 @@ int bgp_delete(struct bgp *bgp)
 
        assert(bgp);
 
+       /* make sure we withdraw any exported routes */
+       vpn_leak_prechange(BGP_VPN_POLICY_DIR_TOVPN, AFI_IP, bgp_get_default(),
+                          bgp);
+       vpn_leak_prechange(BGP_VPN_POLICY_DIR_TOVPN, AFI_IP6, bgp_get_default(),
+                          bgp);
+
+       bgp_vpn_leak_unimport(bgp);
+
        hook_call(bgp_inst_delete, bgp);
 
        THREAD_OFF(bgp->t_startup);