isisd: route leak at different levels

Signed-off-by: JosiahMg <JosiahMg@163.com>

isisd/isis_cli.c

@@ -1434,6 +1434,37 @@ DEFPY_YANG(isis_redistribute, isis_redistribute_cmd,
 		level);
 }
 
+DEFPY_YANG(isis_redistribute_isis, isis_redistribute_isis_cmd,
+      "[no] redistribute <ipv4|ipv6>$ip isis "
+	  "<level-1|level-2>$level "
+      "[{metric (0-16777215)|route-map RMAP_NAME$route_map}]",
+      NO_STR REDIST_STR
+      "Redistribute IPv4 routes\n"
+      "Redistribute IPv6 routes\n"
+      "Intermediate System to Intermediate System (IS-IS)\n"
+      "Redistribute into level-1\n"
+      "Redistribute into level-2\n"
+      "Metric for redistributed routes\n"
+      "IS-IS default metric\n"
+      "Route map reference\n"
+      "Pointer to route-map entries\n")
+{
+	if (no)
+		nb_cli_enqueue_change(vty, ".", NB_OP_DESTROY, NULL);
+	else {
+		nb_cli_enqueue_change(vty, ".", NB_OP_CREATE, NULL);
+		nb_cli_enqueue_change(vty, "./route-map",
+				      route_map ? NB_OP_MODIFY : NB_OP_DESTROY,
+				      route_map ? route_map : NULL);
+		nb_cli_enqueue_change(vty, "./metric", NB_OP_MODIFY,
+				      metric_str ? metric_str : NULL);
+	}
+
+	return nb_cli_apply_changes(vty,
+				    "./redistribute/%s[protocol='isis'][level='%s']",
+				    ip, level);
+}
+
 /*
  * XPath: /frr-isisd:isis/instance/redistribute/table
  */
@@ -4016,6 +4047,7 @@ void isis_cli_init(void)
 
 	install_element(ISIS_NODE, &isis_default_originate_cmd);
 	install_element(ISIS_NODE, &isis_redistribute_cmd);
+	install_element(ISIS_NODE, &isis_redistribute_isis_cmd);
 	install_element(ISIS_NODE, &isis_redistribute_table_cmd);
 
 	install_element(ISIS_NODE, &isis_topology_cmd);

isisd/isis_lsp.c

@@ -931,6 +931,30 @@ static void lsp_build_internal_reach_ipv6(struct isis_lsp *lsp,
 				 metric, false, pcfgs);
 }
 
+static bool check_ip_in_self_level_db(const struct prefix_ipv4 *ipv4,
+				      struct isis_area *area, int level)
+{
+	struct isis_lsp *lsp = NULL;
+	struct lspdb_head *head = &area->lspdb[level - 1];
+
+	if (head) {
+		frr_each (lspdb, head, lsp) {
+			for (struct isis_item *i =
+				     lsp->tlvs->extended_ip_reach.head;
+			     i; i = i->next) {
+				struct isis_extended_ip_reach *rt =
+					(struct isis_extended_ip_reach *)i;
+
+				if (IPV4_ADDR_SAME(&ipv4->prefix,
+						   &rt->prefix.prefix) &&
+				    ipv4->prefixlen == rt->prefix.prefixlen) {
+					return true;
+				}
+			}
+		}
+	}
+	return false;
+}
 
 static void lsp_build_ext_reach_ipv4(struct isis_lsp *lsp,
 				     struct isis_area *area)
@@ -947,6 +971,13 @@ static void lsp_build_ext_reach_ipv4(struct isis_lsp *lsp,
 		struct prefix_ipv4 *ipv4 = (struct prefix_ipv4 *)&rn->p;
 		struct isis_ext_info *info = rn->info;
 
+		if (info && info->origin == ZEBRA_ROUTE_ISIS) {
+			if ((area->is_type != IS_LEVEL_1_AND_2) ||
+			    (ipv4 &&
+			     check_ip_in_self_level_db(ipv4, area, lsp->level)))
+				continue;
+		}
+
 		uint32_t metric = info->metric;
 		if (metric > MAX_WIDE_PATH_METRIC)
 			metric = MAX_WIDE_PATH_METRIC;
@@ -978,6 +1009,31 @@ static void lsp_build_ext_reach_ipv4(struct isis_lsp *lsp,
 	}
 }
 
+static bool check_ipv6_in_self_level_db(const struct prefix_ipv6 *ipv6,
+					struct isis_area *area, int level)
+{
+	struct isis_lsp *lsp = NULL;
+	struct lspdb_head *head = &area->lspdb[level - 1];
+
+	if (head) {
+		frr_each (lspdb, head, lsp) {
+			for (struct isis_item *i = lsp->tlvs->ipv6_reach.head;
+			     i; i = i->next) {
+				struct isis_ipv6_reach *rt =
+					(struct isis_ipv6_reach *)i;
+
+				if (IPV6_ADDR_SAME(&ipv6->prefix.s6_addr,
+						   rt->prefix.prefix.s6_addr) &&
+				    ipv6->prefixlen == rt->prefix.prefixlen) {
+					return true;
+				}
+			}
+		}
+	}
+	return false;
+}
+
+
 static void lsp_build_ext_reach_ipv6(struct isis_lsp *lsp,
 				     struct isis_area *area)
 {
@@ -991,11 +1047,18 @@ static void lsp_build_ext_reach_ipv6(struct isis_lsp *lsp,
 		if (!rn->info)
 			continue;
 		struct isis_ext_info *info = rn->info;
-		struct prefix_ipv6 *p, *src_p;
+		struct prefix_ipv6 *p = NULL, *src_p;
 
 		srcdest_rnode_prefixes(rn, (const struct prefix **)&p,
 				       (const struct prefix **)&src_p);
 
+		if (info && info->origin == ZEBRA_ROUTE_ISIS) {
+			if ((area->is_type != IS_LEVEL_1_AND_2) ||
+			    (p &&
+			     check_ipv6_in_self_level_db(p, area, lsp->level)))
+				continue;
+		}
+
 		uint32_t metric = info->metric;
 		if (info->metric > MAX_WIDE_PATH_METRIC)
 			metric = MAX_WIDE_PATH_METRIC;

lib/zclient.c

@@ -503,8 +503,10 @@ void zclient_send_reg_requests(struct zclient *zclient, vrf_id_t vrf_id)
 
 	/* Set unwanted redistribute route. */
 	for (afi = AFI_IP; afi < AFI_MAX; afi++)
-		vrf_bitmap_set(&zclient->redist[afi][zclient->redist_default],
-			       vrf_id);
+		if (zclient->redist_default != ZEBRA_ROUTE_ISIS)
+			vrf_bitmap_set(&zclient->redist[afi]
+						       [zclient->redist_default],
+				       vrf_id);
 
 	/* Flush all redistribute request. */
 	if (vrf_id == VRF_DEFAULT) {

yang/frr-isisd.yang

@@ -1483,7 +1483,6 @@ module frr-isisd {
             "IPv4 route redistribution.";
           leaf protocol {
             type frr-route-types:frr-route-types-v4;
-            must ". != \"isis\"";
             description
               "Originating routing protocol for the IPv4 routes.";
           }
@@ -1527,7 +1526,6 @@ module frr-isisd {
             "IPv6 route redistribution.";
           leaf protocol {
             type frr-route-types:frr-route-types-v6;
-            must ". != \"isis\"";
             description
               "Originating routing protocol for the IPv6 routes.";
           }