// SPDX-License-Identifier: GPL-2.0-or-later

/*

 *

 * Copyright 2009-2016, LabN Consulting, L.L.C.

 *

 */

/*

 * File:  vnc_import_bgp.c

 * Purpose: Import routes from BGP unicast directly (not via zebra)

 */

#include "lib/zebra.h"

#include "lib/prefix.h"

#include "lib/agg_table.h"

#include "lib/vty.h"

#include "lib/log.h"

#include "lib/memory.h"

#include "lib/linklist.h"

#include "lib/plist.h"

#include "lib/routemap.h"

#include "lib/lib_errors.h"

#include "bgpd/bgpd.h"

#include "bgpd/bgp_ecommunity.h"

#include "bgpd/bgp_attr.h"

#include "bgpd/bgp_route.h"

#include "bgpd/bgp_mplsvpn.h" /* for RD_TYPE_IP */

#include "bgpd/rfapi/vnc_export_bgp.h"

#include "bgpd/rfapi/bgp_rfapi_cfg.h"

#include "bgpd/rfapi/rfapi.h"

#include "bgpd/rfapi/rfapi_import.h"

#include "bgpd/rfapi/rfapi_private.h"

#include "bgpd/rfapi/rfapi_monitor.h"

#include "bgpd/rfapi/rfapi_vty.h"

#include "bgpd/rfapi/vnc_import_bgp.h"

#include "bgpd/rfapi/vnc_import_bgp_p.h"

#include "bgpd/rfapi/vnc_debug.h"

#define ENABLE_VNC_RHNCK

#define DEBUG_RHN_LIST  0

static struct rfapi_descriptor vncHDBgpDirect;  /* dummy nve descriptor */

static struct rfapi_descriptor vncHDResolveNve; /* dummy nve descriptor */

/*

 * For routes from another AS:

 *

 * If MED is set,

 *  LOCAL_PREF = 255 - MIN(255, MED)

 * else

 *  LOCAL_PREF = default_local_pref

 *

 * For routes from the same AS:

 *

 *  LOCAL_PREF unchanged

 */

uint32_t calc_local_pref(struct attr *attr, struct peer *peer)

{

  uint32_t local_pref = 0;

  if (!attr) {

    if (peer) {

      return peer->bgp->default_local_pref;

    }

    return bgp_get_default()->default_local_pref;

  }

  if (peer && (peer->as != peer->bgp->as)) {

    if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC)) {

      if (attr->med > 255) {

        local_pref = 0;

      } else {

        local_pref = 255 - attr->med;

      }

    } else {

      local_pref = peer->bgp->default_local_pref;

    }

  } else {

    if (attr->flag & ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)) {

      local_pref = attr->local_pref;

    } else {

      if (peer && peer->bgp) {

        local_pref = peer->bgp->default_local_pref;

      }

    }

  }

  return local_pref;

}

static int is_host_prefix(const struct prefix *p)

{

  switch (p->family) {

  case AF_INET:

    return (p->prefixlen == IPV4_MAX_BITLEN);

  case AF_INET6:

    return (p->prefixlen == IPV6_MAX_BITLEN);

  }

  return 0;

}

/***********************************************************************

 *        RHN list

 ***********************************************************************/

struct prefix_bag {

  struct prefix hpfx;   /* ce address = unicast nexthop */

  struct prefix upfx;   /* unicast prefix */

  struct bgp_path_info *ubpi; /* unicast route */

};

static const uint8_t maskbit[] = {0x00, 0x80, 0xc0, 0xe0, 0xf0,

          0xf8, 0xfc, 0xfe, 0xff};

int vnc_prefix_cmp(const void *pfx1, const void *pfx2)

{

  int offset;

  int shift;

  uint8_t mask;

  const struct prefix *p1 = pfx1;

  const struct prefix *p2 = pfx2;

  if (p1->family < p2->family)

    return -1;

  if (p1->family > p2->family)

    return 1;

  if (p1->prefixlen < p2->prefixlen)

    return -1;

  if (p1->prefixlen > p2->prefixlen)

    return 1;

  offset = p1->prefixlen / 8;

  shift = p1->prefixlen % 8;

  if (shift == 0 && offset) { /* catch aligned case */

    offset--;

    shift = 8;

  }

  /* Set both prefix's head pointer. */

  const uint8_t *pp1 = (const uint8_t *)&p1->u.prefix;

  const uint8_t *pp2 = (const uint8_t *)&p2->u.prefix;

  while (offset--) {

    if (*pp1 < *pp2)

      return -1;

    if (*pp1 > *pp2)

      return 1;

    ++pp1;

    ++pp2;

  }

  mask = maskbit[shift];

  if ((*pp1 & mask) < (*pp2 & mask))

    return -1;

  if ((*pp1 & mask) > (*pp2 & mask))

    return 1;

  return 0;

}

static void prefix_bag_free(void *pb)

{

  XFREE(MTYPE_RFAPI_PREFIX_BAG, pb);

}

#if DEBUG_RHN_LIST

static void print_rhn_list(const char *tag1, const char *tag2)

{

  struct bgp *bgp;

  struct skiplist *sl;

  struct skiplistnode *p;

  struct prefix_bag *pb;

  int count = 0;

  bgp = bgp_get_default();

  if (!bgp)

    return;

  sl = bgp->frapi->resolve_nve_nexthop;

  if (!sl) {

    vnc_zlog_debug_verbose("%s: %s: RHN List is empty",

               (tag1 ? tag1 : ""), (tag2 ? tag2 : ""));

    return;

  }

  vnc_zlog_debug_verbose("%s: %s: RHN list:", (tag1 ? tag1 : ""),

             (tag2 ? tag2 : ""));

  /* XXX uses secret knowledge of skiplist structure */

  for (p = sl->header->forward[0]; p; p = p->forward[0]) {

    pb = p->value;

    vnc_zlog_debug_verbose(

      "RHN Entry %d (q=%p): kpfx=%pFX, upfx=%pFX, hpfx=%pFX, ubpi=%p",

      ++count, p, p->key, &pb->upfx, &pb->hpfx, pb->ubpi);

  }

}

#endif

#ifdef ENABLE_VNC_RHNCK

static void vnc_rhnck(char *tag)

{

  struct bgp *bgp;

  struct skiplist *sl;

  struct skiplistnode *p;

  bgp = bgp_get_default();

  if (!bgp)

    return;

  sl = bgp->rfapi->resolve_nve_nexthop;

  if (!sl)

    return;

  /* XXX uses secret knowledge of skiplist structure */

  for (p = sl->header->forward[0]; p; p = p->forward[0]) {

    struct prefix_bag *pb;

    struct prefix *pkey;

    afi_t afi;

    struct prefix pfx_orig_nexthop;

    memset(&pfx_orig_nexthop, 0,

           sizeof(pfx_orig_nexthop)); /* keep valgrind happy */

    pkey = p->key;

    pb = p->value;

    afi = family2afi(pb->upfx.family);

    rfapiUnicastNexthop2Prefix(afi, pb->ubpi->attr,

             &pfx_orig_nexthop);

    /* pb->hpfx, pb->ubpi nexthop, pkey should all reflect the same

     * pfx */

    assert(!vnc_prefix_cmp(&pb->hpfx, pkey));

    if (vnc_prefix_cmp(&pb->hpfx, &pfx_orig_nexthop)) {

      vnc_zlog_debug_verbose(

        "%s: %s: FATAL: resolve_nve_nexthop list item bpi nexthop %pFX != nve pfx %pFX",

        __func__, tag, &pfx_orig_nexthop, &pb->hpfx);

      assert(0);

    }

  }

  vnc_zlog_debug_verbose("%s: vnc_rhnck OK", tag);

}

#define VNC_RHNCK(n)                                                           \

  do {                                                                   \

    char buf[BUFSIZ];                                              \

    snprintf(buf, sizeof(buf), "%s: %s", __func__, #n);            \

    vnc_rhnck(buf);                                                \

  } while (0)

#else

#define VNC_RHNCK(n)

#endif

/***********************************************************************

 *      Add/Delete Unicast Route

 ***********************************************************************/

/*

 * "Adding a Route" import process

 */

/*

 * extract and package information from the BGP unicast route.

 * Return code 0 means OK, non-0 means drop.

 *

 * If return code is 0, caller MUST release ecom

 */

static int process_unicast_route(struct bgp *bgp,    /* in */

         afi_t afi,      /* in */

         const struct prefix *prefix,  /* in */

         struct bgp_path_info *info,   /* in */

         struct ecommunity **ecom,   /* OUT */

         struct prefix *unicast_nexthop) /* OUT */

{

  struct rfapi_cfg *hc = bgp->rfapi_cfg;

  struct peer *peer = info->peer;

  struct attr *attr = info->attr;

  struct attr hattr;

  struct route_map *rmap = NULL;

  struct prefix pfx_orig_nexthop;

  memset(&pfx_orig_nexthop, 0,

         sizeof(pfx_orig_nexthop)); /* keep valgrind happy */

  /*

   * prefix list check

   */

  if (hc->plist_redist[ZEBRA_ROUTE_BGP_DIRECT][afi]) {

    vnc_zlog_debug_verbose("%s: HC prefix list is set, checking",

               __func__);

    if (prefix_list_apply(

          hc->plist_redist[ZEBRA_ROUTE_BGP_DIRECT][afi],

          prefix)

        == PREFIX_DENY) {

      vnc_zlog_debug_verbose(

        "%s: prefix list returns DENY, blocking route",

        __func__);

      return -1;

    }

    vnc_zlog_debug_verbose(

      "%s: prefix list returns PASS, allowing route",

      __func__);

  }

  /* apply routemap, if any, later */

  rmap = hc->routemap_redist[ZEBRA_ROUTE_BGP_DIRECT];

  /*

   * Extract original nexthop, which we expect to be a NVE connected

   * router

   * Note that this is the nexthop before any possible application of

   * policy

   */

  /*

   * Incoming prefix is unicast. If v6, it is in multiprotocol area,

   * but if v4 it is in attr->nexthop

   */

  rfapiUnicastNexthop2Prefix(afi, attr, &pfx_orig_nexthop);

  /*

   * route map handling

   * This code is here because it allocates an interned attr which

   * must be freed before we return. It's easier to put it after

   * all of the possible returns above.

   */

  memset(&hattr, 0, sizeof(hattr));

  /* hattr becomes a ghost attr */

  hattr = *attr;

  if (rmap) {

    struct bgp_path_info info;

    route_map_result_t ret;

    memset(&info, 0, sizeof(info));

    info.peer = peer;

    info.attr = &hattr;

    ret = route_map_apply(rmap, prefix, &info);

    if (ret == RMAP_DENYMATCH) {

      bgp_attr_flush(&hattr);

      vnc_zlog_debug_verbose(

        "%s: route map \"%s\" says DENY, returning",

        __func__, rmap->name);

      return -1;

    }

  }

  /*

   * Get the (possibly altered by policy) unicast nexthop

   * for later lookup in the Import Table by caller

   */

  rfapiUnicastNexthop2Prefix(afi, &hattr, unicast_nexthop);

  if (bgp_attr_get_ecommunity(&hattr))

    *ecom = ecommunity_dup(bgp_attr_get_ecommunity(&hattr));

  else

    *ecom = ecommunity_new();

  /*

   * Done with hattr, clean up

   */

  bgp_attr_flush(&hattr);

  /*

   * Add EC that carries original NH of iBGP route (2 bytes = magic

   * value indicating it came from an VNC gateway; default 5226, but

   * must be user configurable). Note that this is the nexthop before

   * any application of policy.

   */

  {

    struct ecommunity_val vnc_gateway_magic;

    uint16_t localadmin;

    /* Using route origin extended community type */

    memset(&vnc_gateway_magic, 0, sizeof(vnc_gateway_magic));

    vnc_gateway_magic.val[0] = 0x01;

    vnc_gateway_magic.val[1] = 0x03;

    /* Only works for IPv4 nexthops */

    if (prefix->family == AF_INET) {

      memcpy(vnc_gateway_magic.val + 2,

             &unicast_nexthop->u.prefix4, 4);

    }

    localadmin = htons(hc->resolve_nve_roo_local_admin);

    memcpy(vnc_gateway_magic.val + 6, (char *)&localadmin, 2);

    ecommunity_add_val(*ecom, &vnc_gateway_magic, false, false);

  }

  return 0;

}

static void vnc_import_bgp_add_route_mode_resolve_nve_one_bi(

  struct bgp *bgp, afi_t afi, struct bgp_path_info *bpi, /* VPN bpi */

  struct prefix_rd *prd,               /* RD */

  const struct prefix *prefix, /* unicast route prefix */

  uint32_t *local_pref,      /* NULL = no local_pref */

  uint32_t *med,         /* NULL = no med */

  struct ecommunity *ecom)     /* generated ecoms */

{

  struct prefix un;

  struct prefix nexthop;

  struct rfapi_ip_addr nexthop_h;

  uint32_t lifetime;

  uint32_t *plifetime;

  struct bgp_attr_encap_subtlv *encaptlvs;

  uint32_t label = 0;

  struct rfapi_un_option optary[3];

  struct rfapi_un_option *opt = NULL;

  int cur_opt = 0;

  vnc_zlog_debug_verbose("%s: entry", __func__);

  if (bpi->type != ZEBRA_ROUTE_BGP

      && bpi->type != ZEBRA_ROUTE_BGP_DIRECT) {

    return;

  }

  if (bpi->sub_type != BGP_ROUTE_NORMAL

      && bpi->sub_type != BGP_ROUTE_STATIC

      && bpi->sub_type != BGP_ROUTE_RFP) {

    return;

  }

  if (CHECK_FLAG(bpi->flags, BGP_PATH_REMOVED))

    return;

  vncHDResolveNve.peer = bpi->peer;

  if (!rfapiGetVncTunnelUnAddr(bpi->attr, &un)) {

    if (rfapiQprefix2Raddr(&un, &vncHDResolveNve.un_addr))

      return;

  } else {

    memset(&vncHDResolveNve.un_addr, 0,

           sizeof(vncHDResolveNve.un_addr));

  }

  /* Use nexthop of VPN route as nexthop of constructed route */

  rfapiNexthop2Prefix(bpi->attr, &nexthop);

  rfapiQprefix2Raddr(&nexthop, &nexthop_h);

  if (rfapiGetVncLifetime(bpi->attr, &lifetime)) {

    plifetime = NULL;

  } else {

    plifetime = &lifetime;

  }

  encaptlvs = bgp_attr_get_vnc_subtlvs(bpi->attr);

  if (bpi->attr->encap_tunneltype != BGP_ENCAP_TYPE_RESERVED

      && bpi->attr->encap_tunneltype != BGP_ENCAP_TYPE_MPLS) {

    opt = &optary[cur_opt++];

    memset(opt, 0, sizeof(struct rfapi_un_option));

    opt->type = RFAPI_UN_OPTION_TYPE_TUNNELTYPE;

    opt->v.tunnel.type = bpi->attr->encap_tunneltype;

    /* TBD parse bpi->attr->extra->encap_subtlvs */

  }

  struct ecommunity *new_ecom = ecommunity_dup(ecom);

  if (bgp_attr_get_ecommunity(bpi->attr))

    ecommunity_merge(new_ecom, bgp_attr_get_ecommunity(bpi->attr));

  if (bpi->extra)

    label = decode_label(&bpi->extra->label[0]);

  add_vnc_route(&vncHDResolveNve, bgp, SAFI_MPLS_VPN,

          prefix,   /* unicast route prefix */

          prd, &nexthop_h, /* new nexthop */

          local_pref, plifetime,

          (struct bgp_tea_options *)encaptlvs, /* RFP options */

          opt, NULL, new_ecom, med, /* NULL => don't set med */

          (label ? &label : NULL),  /* NULL= default */

          ZEBRA_ROUTE_BGP_DIRECT, BGP_ROUTE_REDISTRIBUTE,

          RFAPI_AHR_RFPOPT_IS_VNCTLV); /* flags */

  ecommunity_free(&new_ecom);

}

static void vnc_import_bgp_add_route_mode_resolve_nve_one_rd(

  struct prefix_rd *prd,      /* RD */

  struct bgp_table *table_rd, /* per-rd VPN route table */

  afi_t afi, struct bgp *bgp,

  const struct prefix *prefix, /* unicast prefix */

  struct ecommunity *ecom,     /* generated ecoms */

  uint32_t *local_pref,      /* NULL = no local_pref */

  uint32_t *med,         /* NULL = no med */

  struct prefix *ubpi_nexthop) /* unicast nexthop */

{

  struct bgp_dest *bd;

  struct bgp_path_info *bpi;

  if (!table_rd)

    return;

  vnc_zlog_debug_verbose("%s: ubpi_nexthop=%pFX", __func__, ubpi_nexthop);

  /* exact match */

  bd = bgp_node_lookup(table_rd, ubpi_nexthop);

  if (!bd) {

    vnc_zlog_debug_verbose(

      "%s: no match in RD's table for ubpi_nexthop",

      __func__);

    return;

  }

  /* Iterate over bgp_info items at this node */

  for (bpi = bgp_dest_get_bgp_path_info(bd); bpi; bpi = bpi->next) {

    vnc_import_bgp_add_route_mode_resolve_nve_one_bi(

      bgp, afi, bpi, /* VPN bpi */

      prd, prefix, local_pref, med, ecom);

  }

  bgp_dest_unlock_node(bd);

}

static void vnc_import_bgp_add_route_mode_resolve_nve(

  struct bgp *bgp, const struct prefix *prefix, /* unicast prefix */

  struct bgp_path_info *info)         /* unicast info */

{

  afi_t afi = family2afi(prefix->family);

  struct prefix pfx_unicast_nexthop = {0}; /* happy valgrind */

  struct ecommunity *ecom = NULL;

  uint32_t local_pref;

  uint32_t *med = NULL;

  struct prefix_bag *pb;

  struct bgp_dest *bdp; /* prd table node */

  /*debugging */

  if (VNC_DEBUG(VERBOSE)) {

    char str_nh[PREFIX_STRLEN];

    struct prefix nh;

    nh.prefixlen = 0;

    rfapiUnicastNexthop2Prefix(afi, info->attr, &nh);

    if (nh.prefixlen) {

      prefix2str(&nh, str_nh, sizeof(str_nh));

    } else {

      str_nh[0] = '?';

      str_nh[1] = 0;

    }

    vnc_zlog_debug_verbose(

      "%s(bgp=%p, unicast prefix=%pFX, unicast nh=%s)",

      __func__, bgp, prefix, str_nh);

  }

  if (info->type != ZEBRA_ROUTE_BGP) {

    vnc_zlog_debug_verbose(

      "%s: unicast type %d=\"%s\" is not %d=%s, skipping",

      __func__, info->type, zebra_route_string(info->type),

      ZEBRA_ROUTE_BGP, "ZEBRA_ROUTE_BGP");

    return;

  }

  /*

   * Preliminary checks

   */

  if (!afi) {

    flog_err(EC_LIB_DEVELOPMENT, "%s: can't get afi of prefix",

       __func__);

    return;

  }

  if (!(bgp->rfapi_cfg)) {

    vnc_zlog_debug_verbose("%s: bgp->rfapi_cfg is NULL, skipping",

               __func__);

    return;

  }

  /* check vnc redist flag for bgp direct routes */

  if (!bgp->rfapi_cfg->redist[afi][ZEBRA_ROUTE_BGP_DIRECT]) {

    vnc_zlog_debug_verbose(

      "%s: bgp->rfapi_cfg->redist[afi=%d][type=ZEBRA_ROUTE_BGP_DIRECT] is 0, skipping",

      __func__, afi);

    return;

  }

  if (process_unicast_route(bgp, afi, prefix, info, &ecom,

          &pfx_unicast_nexthop)) {

    vnc_zlog_debug_verbose(

      "%s: process_unicast_route error, skipping", __func__);

    return;

  }

  local_pref = calc_local_pref(info->attr, info->peer);

  if (info->attr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC))

    med = &info->attr->med;

  /*

   * At this point, we have allocated:

   *

   *  ecom    ecommunity ptr, union of unicast and ROO parts (no NVE part)

   *

   * And we have set:

   *

   *  pfx_unicast_nexthop     nexthop of uncast route

   */

  if (!bgp->rfapi->resolve_nve_nexthop) {

    bgp->rfapi->resolve_nve_nexthop =

      skiplist_new(SKIPLIST_FLAG_ALLOW_DUPLICATES,

             vnc_prefix_cmp, prefix_bag_free);

  }

  pb = XCALLOC(MTYPE_RFAPI_PREFIX_BAG, sizeof(struct prefix_bag));

  pb->hpfx = pfx_unicast_nexthop;

  pb->ubpi = info;

  pb->upfx = *prefix;

  bgp_path_info_lock(info); /* skiplist refers to it */

  skiplist_insert(bgp->rfapi->resolve_nve_nexthop, &pb->hpfx, pb);

  /*

   * Iterate over RDs in VPN RIB. For each RD, look up unicast nexthop

   * (exact match, /32). If an exact match is found, call add_vnc_route.

   */

  for (bdp = bgp_table_top(bgp->rib[afi][SAFI_MPLS_VPN]); bdp;

       bdp = bgp_route_next(bdp)) {

    struct bgp_table *table;

    table = bgp_dest_get_bgp_table_info(bdp);

    if (!table)

      continue;

    vnc_import_bgp_add_route_mode_resolve_nve_one_rd(

      (struct prefix_rd *)bgp_dest_get_prefix(bdp), table,

      afi, bgp, prefix, ecom, &local_pref, med,

      &pfx_unicast_nexthop);

  }

  if (ecom)

    ecommunity_free(&ecom);

  vnc_zlog_debug_verbose("%s: done", __func__);

}

static void vnc_import_bgp_add_route_mode_plain(struct bgp *bgp,

            const struct prefix *prefix,

            struct bgp_path_info *info)

{

  afi_t afi = family2afi(prefix->family);

  struct peer *peer = info->peer;

  struct attr *attr = info->attr;

  struct attr hattr;

  struct rfapi_cfg *hc = bgp->rfapi_cfg;

  struct attr *iattr = NULL;

  struct rfapi_ip_addr vnaddr;

  struct prefix vn_pfx_space;

  struct prefix *vn_pfx = NULL;

  int ahr_flags = 0;

  struct ecommunity *ecom = NULL;

  struct prefix_rd prd;

  struct route_map *rmap = NULL;

  uint32_t local_pref;

  uint32_t *med = NULL;

  vnc_zlog_debug_verbose("%s(prefix=%pFX) entry", __func__, prefix);

  if (!afi) {

    flog_err(EC_LIB_DEVELOPMENT, "%s: can't get afi of prefix",

       __func__);

    return;

  }

  if (!hc) {

    vnc_zlog_debug_verbose("%s: bgp->rfapi_cfg is NULL, skipping",

               __func__);

    return;

  }

  /* check vnc redist flag for bgp direct routes */

  if (!bgp->rfapi_cfg->redist[afi][ZEBRA_ROUTE_BGP_DIRECT]) {

    vnc_zlog_debug_verbose(

      "%s: bgp->rfapi_cfg->redist[afi=%d][type=ZEBRA_ROUTE_BGP_DIRECT] is 0, skipping",

      __func__, afi);

    return;

  }

  /*

   * mode "plain" specific code

   */

  {

    vnc_zlog_debug_verbose("%s: NOT using redist RFG", __func__);

    /*

     * prefix list check

     */

    if (hc->plist_redist[ZEBRA_ROUTE_BGP_DIRECT][afi]) {

      vnc_zlog_debug_verbose(

        "%s: HC prefix list is set, checking",

        __func__);

      if (prefix_list_apply(

            hc->plist_redist[ZEBRA_ROUTE_BGP_DIRECT]

                [afi],

            prefix)

          == PREFIX_DENY) {

        vnc_zlog_debug_verbose(

          "%s: prefix list returns DENY, blocking route",

          __func__);

        return;

      }

      vnc_zlog_debug_verbose(

        "%s: prefix list returns PASS, allowing route",

        __func__);

    }

    /* apply routemap, if any, later */

    rmap = hc->routemap_redist[ZEBRA_ROUTE_BGP_DIRECT];

    /*

     * Incoming prefix is unicast. If v6, it is in multiprotocol

     * area,

     * but if v4 it is in attr->nexthop

     */

    rfapiUnicastNexthop2Prefix(afi, attr, &vn_pfx_space);

    vn_pfx = &vn_pfx_space;

    /* UN address */

    ahr_flags |= RFAPI_AHR_NO_TUNNEL_SUBTLV;

  }

  if (VNC_DEBUG(IMPORT_BGP_ADD_ROUTE))

    vnc_zlog_debug_any("%s vn_pfx=%pFX", __func__, vn_pfx);

  /*

   * Compute VN address

   */

  if (rfapiQprefix2Raddr(vn_pfx, &vnaddr)) {

    vnc_zlog_debug_verbose("%s: redist VN invalid, skipping",

               __func__);

    return;

  }

  /*

   * route map handling

   * This code is here because it allocates an interned attr which

   * must be freed before we return. It's easier to put it after

   * all of the possible returns above.

   */

  memset(&hattr, 0, sizeof(hattr));

  /* hattr becomes a ghost attr */

  hattr = *attr;

  if (rmap) {

    struct bgp_path_info info;

    route_map_result_t ret;

    memset(&info, 0, sizeof(info));

    info.peer = peer;

    info.attr = &hattr;

    ret = route_map_apply(rmap, prefix, &info);

    if (ret == RMAP_DENYMATCH) {

      bgp_attr_flush(&hattr);

      vnc_zlog_debug_verbose(

        "%s: route map \"%s\" says DENY, returning",

        __func__, rmap->name);

      return;

    }

  }

  iattr = bgp_attr_intern(&hattr);

  bgp_attr_flush(&hattr);

  /* Now iattr is an allocated interned attr */

  /*

   * Mode "plain" specific code

   *

   * Sets RD in dummy HD

   * Allocates ecom

   */

  {

    if (vnaddr.addr_family != AF_INET) {

      vnc_zlog_debug_verbose(

        "%s: can't auto-assign RD, VN AF (%d) is not IPv4, skipping",

        __func__, vnaddr.addr_family);

      if (iattr) {

        bgp_attr_unintern(&iattr);

      }

      return;

    }

    memset(&prd, 0, sizeof(prd));

    rfapi_set_autord_from_vn(&prd, &vnaddr);

    if (iattr && bgp_attr_get_ecommunity(iattr))

      ecom = ecommunity_dup(bgp_attr_get_ecommunity(iattr));

  }

  local_pref = calc_local_pref(iattr, peer);

  if (iattr && (iattr->flag & ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC))) {

    med = &iattr->med;

  }

  if (VNC_DEBUG(IMPORT_BGP_ADD_ROUTE)) {

    char buf[PREFIX_STRLEN];

    rfapiRfapiIpAddr2Str(&vnaddr, buf, sizeof(buf));

    vnc_zlog_debug_any("%s: setting vnaddr to %s", __func__, buf);

  }

  vncHDBgpDirect.peer = peer;

  add_vnc_route(&vncHDBgpDirect, bgp, SAFI_MPLS_VPN, prefix, &prd,

          &vnaddr, &local_pref, &(bgp->rfapi_cfg->redist_lifetime),

          NULL,        /* RFP options */

          NULL, NULL, ecom, med, /* med */

          NULL,        /* label: default */

          ZEBRA_ROUTE_BGP_DIRECT, BGP_ROUTE_REDISTRIBUTE,

          ahr_flags);

  vncHDBgpDirect.peer = NULL;

  if (ecom)

    ecommunity_free(&ecom);

  if (iattr)

    bgp_attr_unintern(&iattr);

}

static void vnc_import_bgp_add_route_mode_nvegroup(

  struct bgp *bgp, const struct prefix *prefix,

  struct bgp_path_info *info, struct rfapi_nve_group_cfg *rfg)

{

  afi_t afi = family2afi(prefix->family);

  struct peer *peer = info->peer;

  struct attr *attr = info->attr;

  struct attr hattr;

  struct attr *iattr = NULL;

  struct rfapi_ip_addr vnaddr;

  struct prefix *vn_pfx = NULL;

  int ahr_flags = 0;

  struct ecommunity *ecom = NULL;

  struct prefix_rd prd;

  struct route_map *rmap = NULL;

  uint32_t local_pref;

  vnc_zlog_debug_verbose("%s(prefix=%pFX) entry", __func__, prefix);

  assert(rfg);

  if (!afi) {

    flog_err(EC_LIB_DEVELOPMENT, "%s: can't get afi of prefix",

       __func__);

    return;

  }

  if (!(bgp->rfapi_cfg)) {

    vnc_zlog_debug_verbose("%s: bgp->rfapi_cfg is NULL, skipping",

               __func__);

    return;

  }

  /* check vnc redist flag for bgp direct routes */

  if (!bgp->rfapi_cfg->redist[afi][ZEBRA_ROUTE_BGP_DIRECT]) {

    vnc_zlog_debug_verbose(

      "%s: bgp->rfapi_cfg->redist[afi=%d][type=ZEBRA_ROUTE_BGP_DIRECT] is 0, skipping",

      __func__, afi);

    return;

  }

  /*

   * RFG-specific code

   */

  {

    struct rfapi_ip_prefix pfx_un;

    vnc_zlog_debug_verbose("%s: using redist RFG", __func__);

    /*

     * RFG prefix list check

     */

    if (rfg->plist_redist[ZEBRA_ROUTE_BGP_DIRECT][afi]) {

      vnc_zlog_debug_verbose(

        "%s: RFG prefix list is set, checking",

        __func__);

      if (prefix_list_apply(

            rfg->plist_redist[ZEBRA_ROUTE_BGP_DIRECT]

                 [afi],

            prefix)

          == PREFIX_DENY) {

        vnc_zlog_debug_verbose(

          "%s: prefix list returns DENY, blocking route",

          __func__);

        return;

      }

      vnc_zlog_debug_verbose(

        "%s: prefix list returns PASS, allowing route",

        __func__);

    }