From e8bfa90eaac3095db181ea580a9f74063e93393b Mon Sep 17 00:00:00 2001
From: vivek <vivek@cumulusnetworks.com>
Date: Tue, 17 Mar 2020 20:36:05 -0700
Subject: [PATCH] bgpd: Strip Route Targets during VRF-to-VRF route leak

During VRF-to-VRF route leaking, strip any extraneous route targets. This
ensures that source-VRF-specific route targets or route targets that are
internally assigned for the VRF-to-VRF route leaking don't get attached
to the route in the target VRF.

Signed-off-by: Vivek Venkatraman <vivek@cumulusnetworks.com>
Reviewed-by:   Donald Sharp <sharpd@cumulusnetworks.com>
Reviewed-by:   Don Slice <dslice@cumulusnetworks.com>
---
 bgpd/bgp_ecommunity.h |  9 +++++++++
 bgpd/bgp_mplsvpn.c    | 23 +++++++++++++++++++++--
 2 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/bgpd/bgp_ecommunity.h b/bgpd/bgp_ecommunity.h
index ae64f41ca1..3cf33c91bf 100644
--- a/bgpd/bgp_ecommunity.h
+++ b/bgpd/bgp_ecommunity.h
@@ -202,4 +202,13 @@ extern void bgp_remove_ecomm_from_aggregate_hash(
 					struct ecommunity *ecommunity);
 extern void bgp_aggr_ecommunity_remove(void *arg);
 
+
+static inline void ecommunity_strip_rts(struct ecommunity *ecom)
+{
+	uint8_t subtype = ECOMMUNITY_ROUTE_TARGET;
+
+	ecommunity_strip(ecom, ECOMMUNITY_ENCODE_AS, subtype);
+	ecommunity_strip(ecom, ECOMMUNITY_ENCODE_IP, subtype);
+	ecommunity_strip(ecom, ECOMMUNITY_ENCODE_AS4, subtype);
+}
 #endif /* _QUAGGA_BGP_ECOMMUNITY_H */
diff --git a/bgpd/bgp_mplsvpn.c b/bgpd/bgp_mplsvpn.c
index 8758d0ca78..7e68fde8f3 100644
--- a/bgpd/bgp_mplsvpn.c
+++ b/bgpd/bgp_mplsvpn.c
@@ -744,10 +744,15 @@ void vpn_leak_from_vrf_update(struct bgp *bgp_vpn,	    /* to */
 	struct ecommunity *old_ecom;
 	struct ecommunity *new_ecom;
 
+	/* Export with the 'from' instance's export RTs. */
+	/* If doing VRF-to-VRF leaking, strip existing RTs first. */
 	old_ecom = static_attr.ecommunity;
 	if (old_ecom) {
-		new_ecom = ecommunity_merge(
-			ecommunity_dup(old_ecom),
+		new_ecom = ecommunity_dup(old_ecom);
+		if (CHECK_FLAG(bgp_vrf->af_flags[afi][SAFI_UNICAST],
+				BGP_CONFIG_VRF_TO_VRF_EXPORT))
+			ecommunity_strip_rts(new_ecom);
+		new_ecom = ecommunity_merge(new_ecom,
 			bgp_vrf->vpn_policy[afi]
 				.rtlist[BGP_VPN_POLICY_DIR_TOVPN]);
 		if (!old_ecom->refcnt)
@@ -1087,6 +1092,20 @@ vpn_leak_to_vrf_update_onevrf(struct bgp *bgp_vrf,	    /* to */
 	/* shallow copy */
 	static_attr = *path_vpn->attr;
 
+	struct ecommunity *old_ecom;
+	struct ecommunity *new_ecom;
+
+	/* If doing VRF-to-VRF leaking, strip RTs. */
+	old_ecom = static_attr.ecommunity;
+	if (old_ecom && CHECK_FLAG(bgp_vrf->af_flags[afi][safi],
+				BGP_CONFIG_VRF_TO_VRF_IMPORT)) {
+		new_ecom = ecommunity_dup(old_ecom);
+		ecommunity_strip_rts(new_ecom);
+		static_attr.ecommunity = new_ecom;
+		if (!old_ecom->refcnt)
+			ecommunity_free(&old_ecom);
+	}
+
 	/*
 	 * Nexthop: stash and clear
 	 *
-- 
2.39.5