Allow EVPN Type 5 overlay gateway injection#231
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
Enables controller-supplied EVPN Type 5 (IP Prefix) injection with an optional non-zero Gateway Address (overlay-index testing), exposing the new field through the gRPC API and rustbgpctl, and updating docs/roadmap/changelog to reflect the expanded supported shape while still failing closed on unsupported combinations.
Changes:
- Extend
AddEvpnRouteRequestwith an optionalgatewayfield for Type 5 and enforce additional validation in the injection service. - Add
--gatewaytorustbgpctl evpn add-ip-prefix, preserving the default interface-less (empty gateway) behavior. - Update documentation (API, enablement, roadmap) and changelog entries to describe overlay-index gateway injection support.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| ROADMAP.md | Notes controller-injected Type 5 gateway support in overlay-index IRB roadmap items. |
| proto/rustbgpd.proto | Adds gateway to AddEvpnRouteRequest and updates API comments for Type 5 behavior. |
| docs/evpn-enablement.md | Documents that Type 5 injection supports both interface-less and overlay-index gateway shapes. |
| docs/API.md | Updates public API documentation/examples to describe the new Type 5 gateway field and semantics. |
| crates/cli/src/main.rs | Adds --gateway flag plumbing for evpn add-ip-prefix and updates CLI parsing tests. |
| crates/cli/src/commands/evpn.rs | Threads optional gateway into AddEvpnRouteRequest for Type 5; keeps Type 2/3 gateway empty. |
| crates/api/src/injection_service.rs | Implements gateway parsing/validation and constructs Type 5 routes with either zero or provided gateway. |
| CHANGELOG.md | Announces EVPN Type 5 overlay-index gateway injection feature. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| return Err(Status::invalid_argument( | ||
| "gateway must not be zero; omit gateway for interface-less Type 5", | ||
| )); | ||
| } |
Comment on lines
+1435
to
+1438
| // Optional Gateway IP (Type 5 only). Empty encodes the interface-less | ||
| // zero gateway for the prefix family; non-empty enables overlay-index | ||
| // Type 5 injection and must use the same address family as `prefix` | ||
| // and `next_hop`. |
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
Comment on lines
+123
to
+135
| let gateway: IpAddr = gateway_str | ||
| .parse() | ||
| .map_err(|e| Status::invalid_argument(format!("invalid Type 5 gateway: {e}")))?; | ||
| if gateway.is_unspecified() { | ||
| return Err(Status::invalid_argument( | ||
| "gateway must not be zero; omit gateway for interface-less Type 5", | ||
| )); | ||
| } | ||
| if gateway.is_multicast() { | ||
| return Err(Status::invalid_argument( | ||
| "Type 5 gateway must be a unicast address", | ||
| )); | ||
| } |
Comment on lines
+642
to
+646
| labels and the `IpVrfState.remote_prefix_drop_counts` API / CLI field, so | ||
| recursive failures are visible without prefix/MAC cardinality in metrics or | ||
| status output. | ||
| status output. Controller injection can now synthesize non-zero Gateway | ||
| Address Type 5 routes for targeted overlay-index testing without enabling | ||
| native local overlay-index origination. |
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
A Type 5 overlay-index Gateway Address identifies a unicast host gateway, so reject multicast values (mirroring parse_unicast_nexthop) rather than only zero. Document in the proto / API docs that a set gateway must be a non-zero unicast address; omit it for interface-less Type 5. Add a multicast-gateway rejection test.
… note - parse_type5_gateway now rejects the IPv4 limited broadcast address in addition to zero/multicast, matching the unicast contract in the docs. - Remove the controller-injection sentence appended to the v0.18.0 "Shipped pieces" overlay-index bullet; the capability is already documented in the Gate 6 controller-injection section.
lance0
force-pushed
the
feat/evpn-type5-overlay-gateway-injection
branch
from
f87e441 to
1c8122b
Compare
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
| if ethernet_tag != 0 { | ||
| return Err(CliError::Argument( | ||
| "EVPN Type 5 pure/interface-less injection requires --ethernet-tag 0".into(), | ||
| "EVPN Type 5 injection requires --ethernet-tag 0".into(), |
validate_ip_prefix_ethernet_tag backs both add-ip-prefix and delete-ip-prefix, so the "injection" wording was misleading on the delete path. Use a route-type-neutral message.
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
Comment on lines
+131
to
+136
| let is_broadcast = matches!(gateway, IpAddr::V4(v4) if v4.is_broadcast()); | ||
| if gateway.is_multicast() || is_broadcast { | ||
| return Err(Status::invalid_argument( | ||
| "Type 5 gateway must be a unicast address", | ||
| )); | ||
| } |
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
lance0
temporarily deployed
to
kernel-dataplane-auto
GitHub Actions
Inactive
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Verification
Notes
This is the non-#210 EVPN follow-through slice from the local sprint board. DeleteEvpnRoute remains keyed by RD, Ethernet Tag, and prefix/prefix length because the current local EVPN Type 5 route key excludes gateway; native local overlay-index origination remains future work.