Bird: add bgp/evpn support with vxlan and anycast gateway

netsim/ansible/templates/gateway/frr.j2

@@ -53,4 +53,6 @@ if [ ! -e /sys/class/net/{{ v_if }} ]; then
   ip link set dev {{ v_if }} up
 fi
 {% endfor %}
+{% if interfaces | selectattr('gateway.protocol', 'defined') | selectattr('gateway.protocol', 'equalto', 'vrrp') | list %}
 {% include 'frr.vrrp-config.j2' %}
+{% endif %}

netsim/ansible/templates/initial/bird.j2

@@ -0,0 +1,32 @@
+#!/bin/sh
+#
+# Initial configuration for BIRD containers (docker exec / sh mode).
+# Do not use the -clab suffix here: that convention is for netns execution on the host.
+#
+set -x
+set -e
+{% if 'vxlan' in module|default([]) %}
+#
+# containerlab interfaces might not be ready when netlab initial executes this
+# script via docker exec
+#
+waited=0
+while [ "$waited" -lt "${NETLAB_INTERFACE_WAIT:-30}" ]; do
+  if [ -d /sys/class/net/eth1 ]; then
+    break
+  fi
+  sleep 1
+  waited=$((waited + 1))
+done
+if [ ! -d /sys/class/net/eth1 ]; then
+  echo "Timeout waiting for containerlab interfaces (eth1)" >&2
+  exit 1
+fi
+{% endif %}
+{% include 'linux/vanilla.j2' +%}
+#
+{% if loopback.ipv6 is defined %}
+set +e
+ip addr add fe80::1/64 dev lo scope link
+{% endif %}
+exit 0

netsim/ansible/templates/vxlan/frr.j2

@@ -6,10 +6,12 @@ set -e # Exit immediately when any command fails
 {% set use_evpn = vxlan.flooding|default('') == 'evpn' %}
 
 {% macro create_vxlan_interface(vni,br_name,vrf=None,mtu=1500) %}
+if [ ! -e /sys/devices/virtual/net/vxlan{{ vni }} ]; then
 ip link add vxlan{{ vni }} type vxlan \
   id {{ vni }} \
   dstport 4789 \
   local {{ vxlan.vtep }} {{ 'nolearning' if use_evpn else '' }}
+fi
 #
 # Add it to the VLAN bridge (create if needed for l3 vnis); disable STP
 if [ ! -e /sys/devices/virtual/net/{{ br_name}} ]; then

netsim/daemons/bird.yml

@@ -1,11 +1,14 @@
 ---
 description: BIRD Internet Routing Daemon
+parent: linux
+role: router
 group_vars:
   netlab_import_map:
     bgp: RTS_BGP
     ospf: RTS_OSPF
     connected: RTS_DEVICE
     static: RTS_STATIC_DEVICE,RTS_STATIC
+  netlab_initial: always
 packages:
   bird: bird
 daemon_config:
@@ -16,12 +19,16 @@ daemon_config:
   bgp@policy: /etc/bird/bgp.policy.conf
   ospf@areas: /etc/bird/ospf.areas.conf
   ospf: /etc/bird/ospf.mod.conf
+  vxlan: /etc/bird/vxlan.mod.conf
+  evpn: /etc/bird/evpn.mod.conf
   routing: /etc/bird/routing.mod.conf
 clab:
+  node_config: null             # Do not inherit linux :ns scripts; use netlab_config_mode: sh
   group_vars:
     netlab_show_command: [ birdc, 'show $@' ]
     docker_shell: bash -il
     netlab_config_mode: sh
+    netlab_config_done: /var/run/netlab-config-done
   image: netlab/bird:latest
   build: True
   sw_version: 2.19.1
@@ -69,6 +76,15 @@ features:
     areas: true
   routing:
     static.discard: true
+  evpn:
+    transport: [ vxlan ]
+  vxlan:
+    vtep6: true
+  vlan:
+    model: router
+    svi_interface_name: vlan{vlan}
+  gateway:
+    protocol: [ anycast ]
   dhcp: false
   initial:
     ipv4:

netsim/daemons/bird/Dockerfile.v2_from_src.j2

@@ -48,6 +48,10 @@ LABEL description="BIRD Internet Routing Daemon v2 built from source ({{ _sw_ver
 RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
     --mount=type=cache,target=/var/lib/apt,sharing=locked \
     apt-get update && apt-get install -y \
+    iproute2 \
+    iputils-ping \
+    net-tools \
+    procps \
     libreadline8 \
     libssh-4 \
     && rm -rf /var/lib/apt/lists/*
@@ -57,8 +61,23 @@ COPY --from=builder /usr/sbin/bird /usr/sbin/bird
 COPY --from=builder /usr/sbin/birdcl /usr/sbin/birdcl
 COPY --from=builder /etc/bird /etc/bird
 
-# Create runtime directory for control sockets
-RUN mkdir -p /var/run
+# Wait for netlab initial to execute bound /etc/config scripts, then start BIRD.
+RUN cat >/entrypoint.sh <<'ENTRYPOINT'
+#!/bin/bash
+set -e
 
-# Run BIRD in the foreground with the default config path
-CMD ["/usr/sbin/bird", "-f", "-c", "/etc/bird/bird.conf"]
+marker="${NETLAB_CONFIG_DONE:-/var/run/netlab-config-done}"
+timeout="${NETLAB_CONFIG_WAIT:-120}"
+
+while [ ! -f "$marker" ] && [ "$timeout" -gt 0 ]; do
+  sleep 1
+  timeout=$((timeout - 1))
+done
+
+[ -f "$marker" ] || { echo "bird: timeout waiting for ${marker}" >&2; exit 1; }
+
+exec bird -f -c /etc/bird/bird.conf -d
+ENTRYPOINT
+RUN chmod +x /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]

netsim/daemons/bird/bgp.j2

@@ -2,6 +2,12 @@
 router id {{ bgp.router_id }};
 {% endif %}
 
+{% for n in bgp.neighbors|default([]) if n.evpn|default(false) %}
+{%   if loop.first %}
+evpn table evpntab;
+{%   endif %}
+{% endfor %}
+
 {% for ngb in bgp.neighbors|default([]) if ngb.default_originate|default(False) %}
 {%   if loop.first %}
 {%     for _af in ['ipv4','ipv6'] if _af in af %}
@@ -39,6 +45,9 @@ function bgp_prefixes( bool originate_default ) {
   if source ~ [ {{ netlab_import_map[proto] }} ]
     then accept "{{ proto }} route:", net;
 {%   endfor %}
+{% elif 'ospf' in module|default([]) %}
+  if source ~ [ RTS_OSPF ]
+    then accept "ospf route:", net;
 {% endif %}
 {% for pfx_af in ['ipv4','ipv6'] %}
 {%   for pfx in bgp.advertise|default([]) if pfx_af in pfx %}
@@ -79,7 +88,7 @@ function bgp_export_{{ ntype }}( bool originate_default; bool rem_private_as ) {
 
 {% for n in bgp.neighbors %}
 {%   for af in [ 'ipv4','ipv6' ] if af in n and n[af] is string %}
-protocol bgp bgp_{{ n.name }}_{{ af }} {
+protocol bgp bgp_{{ n.name }}_{{ n.type }}_{{ af }} {
 {%     set loopback = loopback|default({}) %}
 {%     set local_ip = loopback[af]|default('') %}
   local {{ local_ip.split('/')[0] if n.type == 'ibgp' else '' }} as {{ n.local_as|default(bgp.as) }};
@@ -149,6 +158,19 @@ protocol bgp bgp_{{ n.name }}_{{ af }} {
   };
 {%      endif %}
 {%     endfor %}
+{%     if n.evpn|default('') == af %}
+  evpn {
+    table evpntab;
+    import all;
+    export all;
+{%     if n.type == 'ebgp' %}
+    gateway recursive;
+{%       if bgp.rr|default('') %}
+    next hop keep;
+{%       endif %}
+{%     endif %}
+  };
+{%     endif %}
 }
 {%   endfor %}
 {% endfor %}

netsim/daemons/bird/bird.j2

@@ -1,5 +1,5 @@
 {% set module = module|default([]) %}
-log "/var/log/bird" all;
+log stderr all;
 
 {% include 'protocols.j2' %}
 

netsim/daemons/bird/evpn.j2

@@ -0,0 +1,52 @@
+{% macro bird_ec(rt) %}(rt, {{ rt.split(':')[0] }}, {{ rt.split(':')[1] }}){% endmacro %}
+
+{% if vxlan is defined and vxlan.flooding|default('') == 'evpn' %}
+{% for vname in vxlan.vlans|default([]) if vlans[vname].vni is defined and 'evpn' in vlans[vname] %}
+{% set vlan = vlans[vname] %}
+protocol bridge bridge_{{ vname }} {
+  eth { table eth_{{ vname }}; export all; };
+  bridge device "vlan{{ vlan.id }}";
+};
+
+protocol evpn evpn_{{ vname }} {
+  eth { table eth_{{ vname }}; };
+  evpn { table evpntab; import all; export all; };
+  rd {{ vlan.evpn.rd }};
+{% for rt in vlan.evpn.import|default([]) %}
+  import target {{ bird_ec(rt) }};
+{% endfor %}
+{% for rt in vlan.evpn.export|default([]) %}
+  export target {{ bird_ec(rt) }};
+{% endfor %}
+  vni {{ vlan.vni }};
+  vid {{ vlan.id }};
+  encapsulation vxlan {
+    tunnel device "vxlan{{ vlan.vni }}";
+    router address {{ vxlan.vtep }};
+  };
+};
+{% endfor %}
+{% endif %}
+
+{% for vname,vdata in vrfs|default({})|dictsort %}
+{% if 'evpn' in vdata and vdata.evpn.transit_vni is defined %}
+eth table eth_vrf_{{ vname }};
+
+protocol evpn evpn_vrf_{{ vname }} {
+  eth { table eth_vrf_{{ vname }}; };
+  evpn { table evpntab; import all; export all; };
+  rd {{ vdata.rd }};
+{% for rt in vdata.import|default([]) %}
+  import target {{ bird_ec(rt) }};
+{% endfor %}
+{% for rt in vdata.export|default([]) %}
+  export target {{ bird_ec(rt) }};
+{% endfor %}
+  vni {{ vdata.evpn.transit_vni }};
+  encapsulation vxlan {
+    tunnel device "vxlan{{ vdata.evpn.transit_vni }}";
+    router address {{ vxlan.vtep }};
+  };
+};
+{% endif %}
+{% endfor %}

netsim/daemons/bird/gateway.j2

@@ -0,0 +1 @@
+{% include 'gateway/frr.j2' +%}

netsim/daemons/bird/vlan.j2

@@ -0,0 +1,4 @@
+{% include 'vlan/frr.j2' +%}
+{% if 'vxlan' in module|default([]) %}
+{% include 'vxlan/frr.j2' +%}
+{% endif %}

netsim/daemons/bird/vxlan.j2

@@ -0,0 +1,5 @@
+{% if vxlan.flooding|default('') == 'evpn' %}
+{%   for vname in vxlan.vlans|default([]) if vlans[vname].vni is defined and 'evpn' in vlans[vname] %}
+eth table eth_{{ vname }};
+{%   endfor %}
+{% endif %}

netsim/providers/clab/__init__.py

@@ -125,7 +125,7 @@ def deploy_node_config(self, node: Box, topology: Box, deploy_list: list) -> Non
     if not cfg_files:                                          # No node files => no config to deploy here
       return
     node_name = self.get_node_name(node.name,topology)          # ... get container/namespace name
-    configs.deploy_container_config(node,node_name,deploy_list)
+    configs.deploy_container_config(node,node_name,deploy_list,topology)
 
   def capture_command(self, node: Box, topology: Box, args: argparse.Namespace) -> list:
     cmd = strings.string_to_list(topology.defaults.netlab.capture.command)

netsim/providers/clab/configs.py

@@ -12,6 +12,24 @@
 from ...utils import log, strings
 from . import utils
 
+
+def mark_config_done(node: Box, node_name: str, topology: Box) -> None:
+  marker = devices.get_node_group_var(node,'netlab_config_done',topology.defaults)
+  if not marker:
+    return
+
+  status = external_commands.run_command(
+              cmd=['docker','exec',node_name,'touch',marker],
+              ignore_errors=True,
+              return_exitcode=True)
+  if status != 0:
+    log.error(
+      f'Cannot create netlab configuration done marker on node {node.name}',
+      category=log.FatalError,
+      more_data=f'Executed command: docker exec {node_name} touch {marker}',
+      skip_header=True,
+      module='initial')
+
 '''
 add_default_config_mode: if the netlab_config_mode is set, add configured modules to _node_config dictionary
 '''
@@ -97,7 +115,7 @@ def generate_startup_config(n: Box) -> None:
     log.status_created()
     print(f"startup configuration for {n.name}",flush=True)
 
-def  deploy_container_config(node: Box, node_name: str, deploy_list: list) -> None:
+def  deploy_container_config(node: Box, node_name: str, deploy_list: list, topology: Box) -> None:
   for cfg_item in node.clab.config_templates:                 # Go through configuration files (we know they exist)
     mod_name = cfg_item.source                                # Get module name
     f_type = cfg_item.get('mode',None)
@@ -163,4 +181,7 @@ def  deploy_container_config(node: Box, node_name: str, deploy_list: list) -> No
         skip_header=True,
         module='initial')
       append_to_list(node._deploy,'failed',mod_name)
-      break
+      break
+
+  if '_deploy.failed' not in node and '_deploy.success' in node:
+    mark_config_done(node,node_name,topology)