]>
Commit | Line | Data |
---|---|---|
718e3744 | 1 | /* BGP open message handling |
896014f4 DL |
2 | * Copyright (C) 1998, 1999 Kunihiro Ishiguro |
3 | * | |
4 | * This file is part of GNU Zebra. | |
5 | * | |
6 | * GNU Zebra is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2, or (at your option) any | |
9 | * later version. | |
10 | * | |
11 | * GNU Zebra is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License along | |
17 | * with this program; see the file COPYING; if not, write to the Free Software | |
18 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
19 | */ | |
718e3744 | 20 | |
21 | #include <zebra.h> | |
22 | ||
23 | #include "linklist.h" | |
24 | #include "prefix.h" | |
25 | #include "stream.h" | |
26 | #include "thread.h" | |
27 | #include "log.h" | |
28 | #include "command.h" | |
6d58272b | 29 | #include "memory.h" |
3f9c7369 | 30 | #include "queue.h" |
039f3a34 | 31 | #include "filter.h" |
718e3744 | 32 | |
856ca177 | 33 | #include "lib/json.h" |
718e3744 | 34 | #include "bgpd/bgpd.h" |
35 | #include "bgpd/bgp_attr.h" | |
36 | #include "bgpd/bgp_debug.h" | |
14454c9f | 37 | #include "bgpd/bgp_errors.h" |
718e3744 | 38 | #include "bgpd/bgp_fsm.h" |
39 | #include "bgpd/bgp_packet.h" | |
40 | #include "bgpd/bgp_open.h" | |
0b2aa3a0 | 41 | #include "bgpd/bgp_aspath.h" |
538621f2 | 42 | #include "bgpd/bgp_vty.h" |
4a1ab8e4 | 43 | #include "bgpd/bgp_memory.h" |
538621f2 | 44 | |
718e3744 | 45 | /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can |
46 | negotiate remote peer supports extentions or not. But if | |
47 | remote-peer doesn't supports negotiation process itself. We would | |
48 | like to do manual configuration. | |
49 | ||
50 | So there is many configurable point. First of all we want set each | |
51 | peer whether we send capability negotiation to the peer or not. | |
da88f402 | 52 | Next, if we send capability to the peer we want to set my capability |
718e3744 | 53 | inforation at each peer. */ |
54 | ||
9f049418 DS |
55 | void bgp_capability_vty_out(struct vty *vty, struct peer *peer, bool use_json, |
56 | json_object *json_neigh) | |
718e3744 | 57 | { |
d62a17ae | 58 | char *pnt; |
59 | char *end; | |
60 | struct capability_mp_data mpc; | |
61 | struct capability_header *hdr; | |
62 | json_object *json_cap = NULL; | |
63 | ||
64 | if (use_json) | |
65 | json_cap = json_object_new_object(); | |
66 | ||
67 | pnt = peer->notify.data; | |
68 | end = pnt + peer->notify.length; | |
69 | ||
70 | while (pnt < end) { | |
71 | if (pnt + sizeof(struct capability_mp_data) + 2 > end) | |
72 | return; | |
73 | ||
74 | hdr = (struct capability_header *)pnt; | |
75 | if (pnt + hdr->length + 2 > end) | |
76 | return; | |
77 | ||
78 | memcpy(&mpc, pnt + 2, sizeof(struct capability_mp_data)); | |
79 | ||
80 | if (hdr->code == CAPABILITY_CODE_MP) { | |
81 | afi_t afi; | |
82 | safi_t safi; | |
83 | ||
da3b87f8 | 84 | (void)bgp_map_afi_safi_iana2int(ntohs(mpc.afi), |
85 | mpc.safi, &afi, &safi); | |
86 | ||
d62a17ae | 87 | if (use_json) { |
88 | switch (afi) { | |
89 | case AFI_IP: | |
90 | json_object_string_add( | |
91 | json_cap, | |
92 | "capabilityErrorMultiProtocolAfi", | |
93 | "IPv4"); | |
94 | break; | |
95 | case AFI_IP6: | |
96 | json_object_string_add( | |
97 | json_cap, | |
98 | "capabilityErrorMultiProtocolAfi", | |
99 | "IPv6"); | |
100 | break; | |
101 | case AFI_L2VPN: | |
102 | json_object_string_add( | |
103 | json_cap, | |
104 | "capabilityErrorMultiProtocolAfi", | |
105 | "L2VPN"); | |
106 | break; | |
107 | default: | |
108 | json_object_int_add( | |
109 | json_cap, | |
110 | "capabilityErrorMultiProtocolAfiUnknown", | |
111 | ntohs(mpc.afi)); | |
112 | break; | |
113 | } | |
114 | switch (safi) { | |
115 | case SAFI_UNICAST: | |
116 | json_object_string_add( | |
117 | json_cap, | |
118 | "capabilityErrorMultiProtocolSafi", | |
119 | "unicast"); | |
120 | break; | |
121 | case SAFI_MULTICAST: | |
122 | json_object_string_add( | |
123 | json_cap, | |
124 | "capabilityErrorMultiProtocolSafi", | |
125 | "multicast"); | |
126 | break; | |
127 | case SAFI_LABELED_UNICAST: | |
128 | json_object_string_add( | |
129 | json_cap, | |
130 | "capabilityErrorMultiProtocolSafi", | |
131 | "labeled-unicast"); | |
132 | break; | |
133 | case SAFI_MPLS_VPN: | |
134 | json_object_string_add( | |
135 | json_cap, | |
136 | "capabilityErrorMultiProtocolSafi", | |
137 | "MPLS-labeled VPN"); | |
138 | break; | |
139 | case SAFI_ENCAP: | |
140 | json_object_string_add( | |
141 | json_cap, | |
142 | "capabilityErrorMultiProtocolSafi", | |
143 | "encap"); | |
144 | break; | |
145 | case SAFI_EVPN: | |
146 | json_object_string_add( | |
147 | json_cap, | |
148 | "capabilityErrorMultiProtocolSafi", | |
149 | "EVPN"); | |
150 | break; | |
7c40bf39 | 151 | case SAFI_FLOWSPEC: |
152 | json_object_string_add( | |
153 | json_cap, | |
154 | "capabilityErrorMultiProtocolSafi", | |
155 | "flowspec"); | |
156 | break; | |
d62a17ae | 157 | default: |
158 | json_object_int_add( | |
159 | json_cap, | |
160 | "capabilityErrorMultiProtocolSafiUnknown", | |
161 | mpc.safi); | |
162 | break; | |
163 | } | |
164 | } else { | |
165 | vty_out(vty, | |
166 | " Capability error for: Multi protocol "); | |
167 | switch (afi) { | |
168 | case AFI_IP: | |
169 | vty_out(vty, "AFI IPv4, "); | |
170 | break; | |
171 | case AFI_IP6: | |
172 | vty_out(vty, "AFI IPv6, "); | |
173 | break; | |
174 | case AFI_L2VPN: | |
175 | vty_out(vty, "AFI L2VPN, "); | |
176 | break; | |
177 | default: | |
178 | vty_out(vty, "AFI Unknown %d, ", | |
179 | ntohs(mpc.afi)); | |
180 | break; | |
181 | } | |
182 | switch (safi) { | |
183 | case SAFI_UNICAST: | |
184 | vty_out(vty, "SAFI Unicast"); | |
185 | break; | |
186 | case SAFI_MULTICAST: | |
187 | vty_out(vty, "SAFI Multicast"); | |
188 | break; | |
189 | case SAFI_LABELED_UNICAST: | |
190 | vty_out(vty, "SAFI Labeled-unicast"); | |
191 | break; | |
192 | case SAFI_MPLS_VPN: | |
193 | vty_out(vty, "SAFI MPLS-labeled VPN"); | |
194 | break; | |
195 | case SAFI_ENCAP: | |
196 | vty_out(vty, "SAFI ENCAP"); | |
197 | break; | |
7c40bf39 | 198 | case SAFI_FLOWSPEC: |
199 | vty_out(vty, "SAFI FLOWSPEC"); | |
200 | break; | |
d62a17ae | 201 | case SAFI_EVPN: |
202 | vty_out(vty, "SAFI EVPN"); | |
203 | break; | |
204 | default: | |
205 | vty_out(vty, "SAFI Unknown %d ", | |
206 | mpc.safi); | |
207 | break; | |
208 | } | |
209 | vty_out(vty, "\n"); | |
210 | } | |
211 | } else if (hdr->code >= 128) { | |
212 | if (use_json) | |
213 | json_object_int_add( | |
214 | json_cap, | |
215 | "capabilityErrorVendorSpecificCapabilityCode", | |
216 | hdr->code); | |
217 | else | |
218 | vty_out(vty, | |
219 | " Capability error: vendor specific capability code %d", | |
220 | hdr->code); | |
221 | } else { | |
222 | if (use_json) | |
223 | json_object_int_add( | |
224 | json_cap, | |
225 | "capabilityErrorUnknownCapabilityCode", | |
226 | hdr->code); | |
227 | else | |
228 | vty_out(vty, | |
229 | " Capability error: unknown capability code %d", | |
230 | hdr->code); | |
231 | } | |
232 | pnt += hdr->length + 2; | |
233 | } | |
234 | if (use_json) | |
235 | json_object_object_add(json_neigh, "capabilityErrors", | |
236 | json_cap); | |
718e3744 | 237 | } |
238 | ||
d62a17ae | 239 | static void bgp_capability_mp_data(struct stream *s, |
240 | struct capability_mp_data *mpc) | |
718e3744 | 241 | { |
d62a17ae | 242 | mpc->afi = stream_getw(s); |
243 | mpc->reserved = stream_getc(s); | |
244 | mpc->safi = stream_getc(s); | |
6d58272b | 245 | } |
718e3744 | 246 | |
6d58272b | 247 | /* Set negotiated capability value. */ |
d62a17ae | 248 | static int bgp_capability_mp(struct peer *peer, struct capability_header *hdr) |
6d58272b | 249 | { |
d62a17ae | 250 | struct capability_mp_data mpc; |
251 | struct stream *s = BGP_INPUT(peer); | |
252 | afi_t afi; | |
253 | safi_t safi; | |
254 | ||
255 | /* Verify length is 4 */ | |
256 | if (hdr->length != 4) { | |
065eaa36 | 257 | flog_warn( |
e50f7cfd | 258 | EC_BGP_CAPABILITY_INVALID_LENGTH, |
d62a17ae | 259 | "MP Cap: Received invalid length %d, non-multiple of 4", |
260 | hdr->length); | |
261 | return -1; | |
262 | } | |
263 | ||
264 | bgp_capability_mp_data(s, &mpc); | |
265 | ||
266 | if (bgp_debug_neighbor_events(peer)) | |
748a041f DS |
267 | zlog_debug("%s OPEN has MP_EXT CAP for afi/safi: %s/%s", |
268 | peer->host, iana_afi2str(mpc.afi), | |
269 | iana_safi2str(mpc.safi)); | |
d62a17ae | 270 | |
271 | /* Convert AFI, SAFI to internal values, check. */ | |
272 | if (bgp_map_afi_safi_iana2int(mpc.afi, mpc.safi, &afi, &safi)) | |
273 | return -1; | |
274 | ||
275 | /* Now safi remapped, and afi/safi are valid array indices */ | |
276 | peer->afc_recv[afi][safi] = 1; | |
277 | ||
278 | if (peer->afc[afi][safi]) | |
279 | peer->afc_nego[afi][safi] = 1; | |
280 | else | |
281 | return -1; | |
282 | ||
283 | return 0; | |
718e3744 | 284 | } |
285 | ||
d62a17ae | 286 | static void bgp_capability_orf_not_support(struct peer *peer, iana_afi_t afi, |
d7c0a89a QY |
287 | iana_safi_t safi, uint8_t type, |
288 | uint8_t mode) | |
718e3744 | 289 | { |
d62a17ae | 290 | if (bgp_debug_neighbor_events(peer)) |
291 | zlog_debug( | |
292 | "%s Addr-family %d/%d has ORF type/mode %d/%d not supported", | |
293 | peer->host, afi, safi, type, mode); | |
718e3744 | 294 | } |
295 | ||
d62a17ae | 296 | static const struct message orf_type_str[] = { |
297 | {ORF_TYPE_PREFIX, "Prefixlist"}, | |
298 | {ORF_TYPE_PREFIX_OLD, "Prefixlist (old)"}, | |
299 | {0}}; | |
6d58272b | 300 | |
d62a17ae | 301 | static const struct message orf_mode_str[] = {{ORF_MODE_RECEIVE, "Receive"}, |
302 | {ORF_MODE_SEND, "Send"}, | |
303 | {ORF_MODE_BOTH, "Both"}, | |
304 | {0}}; | |
6d58272b | 305 | |
d62a17ae | 306 | static int bgp_capability_orf_entry(struct peer *peer, |
307 | struct capability_header *hdr) | |
718e3744 | 308 | { |
d62a17ae | 309 | struct stream *s = BGP_INPUT(peer); |
310 | struct capability_mp_data mpc; | |
d7c0a89a | 311 | uint8_t num; |
d62a17ae | 312 | iana_afi_t pkt_afi; |
313 | afi_t afi; | |
5c525538 RW |
314 | iana_safi_t pkt_safi; |
315 | safi_t safi; | |
d7c0a89a QY |
316 | uint8_t type; |
317 | uint8_t mode; | |
318 | uint16_t sm_cap = 0; /* capability send-mode receive */ | |
319 | uint16_t rm_cap = 0; /* capability receive-mode receive */ | |
d62a17ae | 320 | int i; |
321 | ||
322 | /* ORF Entry header */ | |
323 | bgp_capability_mp_data(s, &mpc); | |
324 | num = stream_getc(s); | |
325 | pkt_afi = mpc.afi; | |
326 | pkt_safi = mpc.safi; | |
327 | ||
328 | if (bgp_debug_neighbor_events(peer)) | |
748a041f DS |
329 | zlog_debug("%s ORF Cap entry for afi/safi: %s/%s", peer->host, |
330 | iana_afi2str(mpc.afi), iana_safi2str(mpc.safi)); | |
d62a17ae | 331 | |
332 | /* Convert AFI, SAFI to internal values, check. */ | |
333 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) { | |
334 | zlog_info( | |
3efd0893 | 335 | "%s Addr-family %d/%d not supported. Ignoring the ORF capability", |
d62a17ae | 336 | peer->host, pkt_afi, pkt_safi); |
337 | return 0; | |
718e3744 | 338 | } |
d62a17ae | 339 | |
340 | mpc.afi = pkt_afi; | |
341 | mpc.safi = safi; | |
342 | ||
343 | /* validate number field */ | |
344 | if (CAPABILITY_CODE_ORF_LEN + (num * 2) > hdr->length) { | |
345 | zlog_info( | |
3efd0893 | 346 | "%s ORF Capability entry length error, Cap length %u, num %u", |
d62a17ae | 347 | peer->host, hdr->length, num); |
348 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
349 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
350 | return -1; | |
718e3744 | 351 | } |
352 | ||
d62a17ae | 353 | for (i = 0; i < num; i++) { |
354 | type = stream_getc(s); | |
355 | mode = stream_getc(s); | |
356 | ||
357 | /* ORF Mode error check */ | |
358 | switch (mode) { | |
359 | case ORF_MODE_BOTH: | |
360 | case ORF_MODE_SEND: | |
361 | case ORF_MODE_RECEIVE: | |
362 | break; | |
363 | default: | |
364 | bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi, | |
365 | type, mode); | |
366 | continue; | |
367 | } | |
368 | /* ORF Type and afi/safi error checks */ | |
369 | /* capcode versus type */ | |
370 | switch (hdr->code) { | |
371 | case CAPABILITY_CODE_ORF: | |
372 | switch (type) { | |
373 | case ORF_TYPE_PREFIX: | |
374 | break; | |
375 | default: | |
376 | bgp_capability_orf_not_support( | |
377 | peer, pkt_afi, pkt_safi, type, mode); | |
378 | continue; | |
379 | } | |
380 | break; | |
381 | case CAPABILITY_CODE_ORF_OLD: | |
382 | switch (type) { | |
383 | case ORF_TYPE_PREFIX_OLD: | |
384 | break; | |
385 | default: | |
386 | bgp_capability_orf_not_support( | |
387 | peer, pkt_afi, pkt_safi, type, mode); | |
388 | continue; | |
389 | } | |
390 | break; | |
391 | default: | |
392 | bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi, | |
393 | type, mode); | |
394 | continue; | |
395 | } | |
396 | ||
397 | /* AFI vs SAFI */ | |
398 | if (!((afi == AFI_IP && safi == SAFI_UNICAST) | |
399 | || (afi == AFI_IP && safi == SAFI_MULTICAST) | |
400 | || (afi == AFI_IP6 && safi == SAFI_UNICAST))) { | |
401 | bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi, | |
402 | type, mode); | |
403 | continue; | |
404 | } | |
405 | ||
406 | if (bgp_debug_neighbor_events(peer)) | |
407 | zlog_debug( | |
3efd0893 | 408 | "%s OPEN has %s ORF capability as %s for afi/safi: %s/%s", |
d62a17ae | 409 | peer->host, |
410 | lookup_msg(orf_type_str, type, NULL), | |
748a041f DS |
411 | lookup_msg(orf_mode_str, mode, NULL), |
412 | iana_afi2str(pkt_afi), iana_safi2str(pkt_safi)); | |
d62a17ae | 413 | |
414 | if (hdr->code == CAPABILITY_CODE_ORF) { | |
415 | sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV; | |
416 | rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV; | |
417 | } else if (hdr->code == CAPABILITY_CODE_ORF_OLD) { | |
418 | sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV; | |
419 | rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV; | |
420 | } else { | |
421 | bgp_capability_orf_not_support(peer, pkt_afi, pkt_safi, | |
422 | type, mode); | |
423 | continue; | |
424 | } | |
425 | ||
426 | switch (mode) { | |
427 | case ORF_MODE_BOTH: | |
428 | SET_FLAG(peer->af_cap[afi][safi], sm_cap); | |
429 | SET_FLAG(peer->af_cap[afi][safi], rm_cap); | |
430 | break; | |
431 | case ORF_MODE_SEND: | |
432 | SET_FLAG(peer->af_cap[afi][safi], sm_cap); | |
433 | break; | |
434 | case ORF_MODE_RECEIVE: | |
435 | SET_FLAG(peer->af_cap[afi][safi], rm_cap); | |
436 | break; | |
437 | } | |
718e3744 | 438 | } |
d62a17ae | 439 | return 0; |
718e3744 | 440 | } |
441 | ||
d62a17ae | 442 | static int bgp_capability_restart(struct peer *peer, |
443 | struct capability_header *caphdr) | |
6d58272b | 444 | { |
d62a17ae | 445 | struct stream *s = BGP_INPUT(peer); |
d7c0a89a | 446 | uint16_t restart_flag_time; |
d62a17ae | 447 | size_t end = stream_get_getp(s) + caphdr->length; |
448 | ||
449 | /* Verify length is a multiple of 4 */ | |
450 | if ((caphdr->length - 2) % 4) { | |
065eaa36 | 451 | flog_warn( |
e50f7cfd | 452 | EC_BGP_CAPABILITY_INVALID_LENGTH, |
d62a17ae | 453 | "Restart Cap: Received invalid length %d, non-multiple of 4", |
454 | caphdr->length); | |
455 | return -1; | |
456 | } | |
457 | ||
458 | SET_FLAG(peer->cap, PEER_CAP_RESTART_RCV); | |
459 | restart_flag_time = stream_getw(s); | |
460 | if (CHECK_FLAG(restart_flag_time, RESTART_R_BIT)) | |
461 | SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV); | |
d7b3cda6 | 462 | else |
463 | UNSET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV); | |
d62a17ae | 464 | |
465 | UNSET_FLAG(restart_flag_time, 0xF000); | |
466 | peer->v_gr_restart = restart_flag_time; | |
467 | ||
468 | if (bgp_debug_neighbor_events(peer)) { | |
469 | zlog_debug("%s OPEN has Graceful Restart capability", | |
470 | peer->host); | |
471 | zlog_debug("%s Peer has%srestarted. Restart Time : %d", | |
472 | peer->host, | |
473 | CHECK_FLAG(peer->cap, PEER_CAP_RESTART_BIT_RCV) | |
474 | ? " " | |
475 | : " not ", | |
476 | peer->v_gr_restart); | |
477 | } | |
478 | ||
479 | while (stream_get_getp(s) + 4 <= end) { | |
480 | afi_t afi; | |
481 | safi_t safi; | |
482 | iana_afi_t pkt_afi = stream_getw(s); | |
5c525538 | 483 | iana_safi_t pkt_safi = stream_getc(s); |
d7c0a89a | 484 | uint8_t flag = stream_getc(s); |
d62a17ae | 485 | |
486 | /* Convert AFI, SAFI to internal values, check. */ | |
487 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) { | |
488 | if (bgp_debug_neighbor_events(peer)) | |
489 | zlog_debug( | |
3efd0893 | 490 | "%s Addr-family %s/%s(afi/safi) not supported. Ignore the Graceful Restart capability for this AFI/SAFI", |
748a041f DS |
491 | peer->host, iana_afi2str(pkt_afi), |
492 | iana_safi2str(pkt_safi)); | |
d62a17ae | 493 | } else if (!peer->afc[afi][safi]) { |
494 | if (bgp_debug_neighbor_events(peer)) | |
495 | zlog_debug( | |
3efd0893 | 496 | "%s Addr-family %s/%s(afi/safi) not enabled. Ignore the Graceful Restart capability", |
748a041f DS |
497 | peer->host, iana_afi2str(pkt_afi), |
498 | iana_safi2str(pkt_safi)); | |
d62a17ae | 499 | } else { |
500 | if (bgp_debug_neighbor_events(peer)) | |
501 | zlog_debug( | |
502 | "%s Address family %s is%spreserved", | |
5cb5f4d0 | 503 | peer->host, get_afi_safi_str(afi, safi, false), |
d62a17ae | 504 | CHECK_FLAG( |
505 | peer->af_cap[afi][safi], | |
506 | PEER_CAP_RESTART_AF_PRESERVE_RCV) | |
507 | ? " " | |
508 | : " not "); | |
509 | ||
510 | SET_FLAG(peer->af_cap[afi][safi], | |
511 | PEER_CAP_RESTART_AF_RCV); | |
512 | if (CHECK_FLAG(flag, RESTART_F_BIT)) | |
513 | SET_FLAG(peer->af_cap[afi][safi], | |
514 | PEER_CAP_RESTART_AF_PRESERVE_RCV); | |
515 | } | |
516 | } | |
517 | return 0; | |
6d58272b | 518 | } |
718e3744 | 519 | |
14051b36 | 520 | /* Unlike other capability parsing routines, this one returns 0 on error */ |
d62a17ae | 521 | static as_t bgp_capability_as4(struct peer *peer, struct capability_header *hdr) |
0b2aa3a0 | 522 | { |
d62a17ae | 523 | SET_FLAG(peer->cap, PEER_CAP_AS4_RCV); |
524 | ||
525 | if (hdr->length != CAPABILITY_CODE_AS4_LEN) { | |
e50f7cfd | 526 | flog_err(EC_BGP_PKT_OPEN, |
1c50c1c0 QY |
527 | "%s AS4 capability has incorrect data length %d", |
528 | peer->host, hdr->length); | |
d62a17ae | 529 | return 0; |
530 | } | |
531 | ||
532 | as_t as4 = stream_getl(BGP_INPUT(peer)); | |
533 | ||
534 | if (BGP_DEBUG(as4, AS4)) | |
535 | zlog_debug( | |
536 | "%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u", | |
537 | peer->host, as4); | |
538 | return as4; | |
0b2aa3a0 PJ |
539 | } |
540 | ||
d62a17ae | 541 | static int bgp_capability_addpath(struct peer *peer, |
542 | struct capability_header *hdr) | |
a82478b9 | 543 | { |
d62a17ae | 544 | struct stream *s = BGP_INPUT(peer); |
545 | size_t end = stream_get_getp(s) + hdr->length; | |
546 | ||
547 | SET_FLAG(peer->cap, PEER_CAP_ADDPATH_RCV); | |
548 | ||
549 | /* Verify length is a multiple of 4 */ | |
550 | if (hdr->length % 4) { | |
065eaa36 | 551 | flog_warn( |
e50f7cfd | 552 | EC_BGP_CAPABILITY_INVALID_LENGTH, |
d62a17ae | 553 | "Add Path: Received invalid length %d, non-multiple of 4", |
554 | hdr->length); | |
555 | return -1; | |
556 | } | |
557 | ||
558 | while (stream_get_getp(s) + 4 <= end) { | |
559 | afi_t afi; | |
560 | safi_t safi; | |
561 | iana_afi_t pkt_afi = stream_getw(s); | |
5c525538 | 562 | iana_safi_t pkt_safi = stream_getc(s); |
d7c0a89a | 563 | uint8_t send_receive = stream_getc(s); |
d62a17ae | 564 | |
565 | if (bgp_debug_neighbor_events(peer)) | |
566 | zlog_debug( | |
748a041f DS |
567 | "%s OPEN has AddPath CAP for afi/safi: %s/%s%s%s", |
568 | peer->host, iana_afi2str(pkt_afi), | |
569 | iana_safi2str(pkt_safi), | |
d62a17ae | 570 | (send_receive & BGP_ADDPATH_RX) ? ", receive" |
571 | : "", | |
572 | (send_receive & BGP_ADDPATH_TX) ? ", transmit" | |
573 | : ""); | |
574 | ||
575 | /* Convert AFI, SAFI to internal values, check. */ | |
576 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) { | |
577 | if (bgp_debug_neighbor_events(peer)) | |
578 | zlog_debug( | |
3efd0893 | 579 | "%s Addr-family %s/%s(afi/safi) not supported. Ignore the Addpath Attribute for this AFI/SAFI", |
748a041f DS |
580 | peer->host, iana_afi2str(pkt_afi), |
581 | iana_safi2str(pkt_safi)); | |
d62a17ae | 582 | continue; |
583 | } else if (!peer->afc[afi][safi]) { | |
584 | if (bgp_debug_neighbor_events(peer)) | |
585 | zlog_debug( | |
3efd0893 | 586 | "%s Addr-family %s/%s(afi/safi) not enabled. Ignore the AddPath capability for this AFI/SAFI", |
748a041f DS |
587 | peer->host, iana_afi2str(pkt_afi), |
588 | iana_safi2str(pkt_safi)); | |
d62a17ae | 589 | continue; |
590 | } | |
591 | ||
592 | if (send_receive & BGP_ADDPATH_RX) | |
593 | SET_FLAG(peer->af_cap[afi][safi], | |
594 | PEER_CAP_ADDPATH_AF_RX_RCV); | |
595 | ||
596 | if (send_receive & BGP_ADDPATH_TX) | |
597 | SET_FLAG(peer->af_cap[afi][safi], | |
598 | PEER_CAP_ADDPATH_AF_TX_RCV); | |
599 | } | |
600 | ||
601 | return 0; | |
a82478b9 DS |
602 | } |
603 | ||
d62a17ae | 604 | static int bgp_capability_enhe(struct peer *peer, struct capability_header *hdr) |
8a92a8a0 | 605 | { |
d62a17ae | 606 | struct stream *s = BGP_INPUT(peer); |
607 | size_t end = stream_get_getp(s) + hdr->length; | |
608 | ||
609 | /* Verify length is a multiple of 4 */ | |
610 | if (hdr->length % 6) { | |
065eaa36 | 611 | flog_warn( |
e50f7cfd | 612 | EC_BGP_CAPABILITY_INVALID_LENGTH, |
d62a17ae | 613 | "Extended NH: Received invalid length %d, non-multiple of 6", |
614 | hdr->length); | |
615 | return -1; | |
616 | } | |
617 | ||
618 | while (stream_get_getp(s) + 6 <= end) { | |
619 | iana_afi_t pkt_afi = stream_getw(s); | |
620 | afi_t afi; | |
5c525538 RW |
621 | iana_safi_t pkt_safi = stream_getw(s); |
622 | safi_t safi; | |
d62a17ae | 623 | iana_afi_t pkt_nh_afi = stream_getw(s); |
624 | afi_t nh_afi; | |
625 | ||
626 | if (bgp_debug_neighbor_events(peer)) | |
627 | zlog_debug( | |
748a041f DS |
628 | "%s Received with afi/safi/next-hop afi: %s/%s/%u", |
629 | peer->host, iana_afi2str(pkt_afi), | |
630 | iana_safi2str(pkt_safi), pkt_nh_afi); | |
d62a17ae | 631 | |
632 | /* Convert AFI, SAFI to internal values, check. */ | |
633 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) { | |
634 | if (bgp_debug_neighbor_events(peer)) | |
635 | zlog_debug( | |
3efd0893 | 636 | "%s Addr-family %s/%s(afi/safi) not supported. Ignore the ENHE Attribute for this AFI/SAFI", |
748a041f DS |
637 | peer->host, iana_afi2str(pkt_afi), |
638 | iana_safi2str(pkt_safi)); | |
d62a17ae | 639 | continue; |
640 | } | |
641 | ||
642 | /* RFC 5549 specifies use of this capability only for IPv4 AFI, | |
643 | * with | |
644 | * the Nexthop AFI being IPv6. A future spec may introduce other | |
645 | * possibilities, so we ignore other values with a log. Also, | |
646 | * only | |
647 | * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported | |
648 | * (and expected). | |
649 | */ | |
650 | nh_afi = afi_iana2int(pkt_nh_afi); | |
651 | ||
652 | if (afi != AFI_IP || nh_afi != AFI_IP6 | |
770df5fd | 653 | || !(safi == SAFI_UNICAST || safi == SAFI_MPLS_VPN |
d62a17ae | 654 | || safi == SAFI_LABELED_UNICAST)) { |
065eaa36 | 655 | flog_warn( |
e50f7cfd | 656 | EC_BGP_CAPABILITY_INVALID_DATA, |
3efd0893 | 657 | "%s Unexpected afi/safi/next-hop afi: %s/%s/%u in Extended Next-hop capability, ignoring", |
748a041f DS |
658 | peer->host, iana_afi2str(pkt_afi), |
659 | iana_safi2str(pkt_safi), pkt_nh_afi); | |
d62a17ae | 660 | continue; |
661 | } | |
662 | ||
663 | SET_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV); | |
664 | ||
665 | if (CHECK_FLAG(peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV)) | |
666 | SET_FLAG(peer->af_cap[afi][safi], | |
667 | PEER_CAP_ENHE_AF_NEGO); | |
668 | } | |
669 | ||
670 | SET_FLAG(peer->cap, PEER_CAP_ENHE_RCV); | |
671 | ||
672 | return 0; | |
8a92a8a0 DS |
673 | } |
674 | ||
d62a17ae | 675 | static int bgp_capability_hostname(struct peer *peer, |
676 | struct capability_header *hdr) | |
04b6bdc0 | 677 | { |
d62a17ae | 678 | struct stream *s = BGP_INPUT(peer); |
679 | char str[BGP_MAX_HOSTNAME + 1]; | |
680 | size_t end = stream_get_getp(s) + hdr->length; | |
d7c0a89a | 681 | uint8_t len; |
d62a17ae | 682 | |
683 | SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV); | |
684 | ||
685 | len = stream_getc(s); | |
686 | if (stream_get_getp(s) + len > end) { | |
065eaa36 | 687 | flog_warn( |
e50f7cfd | 688 | EC_BGP_CAPABILITY_INVALID_DATA, |
d62a17ae | 689 | "%s: Received malformed hostname capability from peer %s", |
15569c58 | 690 | __func__, peer->host); |
d62a17ae | 691 | return -1; |
692 | } | |
693 | ||
694 | if (len > BGP_MAX_HOSTNAME) { | |
695 | stream_get(str, s, BGP_MAX_HOSTNAME); | |
696 | stream_forward_getp(s, len - BGP_MAX_HOSTNAME); | |
697 | len = BGP_MAX_HOSTNAME; /* to set the '\0' below */ | |
698 | } else if (len) | |
699 | stream_get(str, s, len); | |
700 | ||
701 | if (len) { | |
702 | str[len] = '\0'; | |
703 | ||
e1b36e13 QY |
704 | XFREE(MTYPE_BGP_PEER_HOST, peer->hostname); |
705 | XFREE(MTYPE_BGP_PEER_HOST, peer->domainname); | |
d62a17ae | 706 | |
707 | peer->hostname = XSTRDUP(MTYPE_BGP_PEER_HOST, str); | |
708 | } | |
709 | ||
710 | if (stream_get_getp(s) + 1 > end) { | |
065eaa36 | 711 | flog_warn( |
e50f7cfd | 712 | EC_BGP_CAPABILITY_INVALID_DATA, |
d62a17ae | 713 | "%s: Received invalid domain name len (hostname capability) from peer %s", |
15569c58 | 714 | __func__, peer->host); |
d62a17ae | 715 | return -1; |
716 | } | |
717 | ||
718 | len = stream_getc(s); | |
719 | if (stream_get_getp(s) + len > end) { | |
065eaa36 | 720 | flog_warn( |
e50f7cfd | 721 | EC_BGP_CAPABILITY_INVALID_DATA, |
d62a17ae | 722 | "%s: Received runt domain name (hostname capability) from peer %s", |
15569c58 | 723 | __func__, peer->host); |
d62a17ae | 724 | return -1; |
725 | } | |
726 | ||
727 | if (len > BGP_MAX_HOSTNAME) { | |
728 | stream_get(str, s, BGP_MAX_HOSTNAME); | |
729 | stream_forward_getp(s, len - BGP_MAX_HOSTNAME); | |
730 | len = BGP_MAX_HOSTNAME; /* to set the '\0' below */ | |
731 | } else if (len) | |
732 | stream_get(str, s, len); | |
733 | ||
734 | if (len) { | |
735 | str[len] = '\0'; | |
aba5353c | 736 | |
e1b36e13 | 737 | XFREE(MTYPE_BGP_PEER_HOST, peer->domainname); |
aba5353c | 738 | |
d62a17ae | 739 | peer->domainname = XSTRDUP(MTYPE_BGP_PEER_HOST, str); |
740 | } | |
741 | ||
742 | if (bgp_debug_neighbor_events(peer)) { | |
743 | zlog_debug("%s received hostname %s, domainname %s", peer->host, | |
744 | peer->hostname, peer->domainname); | |
745 | } | |
746 | ||
747 | return 0; | |
04b6bdc0 DW |
748 | } |
749 | ||
d62a17ae | 750 | static const struct message capcode_str[] = { |
751 | {CAPABILITY_CODE_MP, "MultiProtocol Extensions"}, | |
752 | {CAPABILITY_CODE_REFRESH, "Route Refresh"}, | |
753 | {CAPABILITY_CODE_ORF, "Cooperative Route Filtering"}, | |
754 | {CAPABILITY_CODE_RESTART, "Graceful Restart"}, | |
755 | {CAPABILITY_CODE_AS4, "4-octet AS number"}, | |
756 | {CAPABILITY_CODE_ADDPATH, "AddPath"}, | |
757 | {CAPABILITY_CODE_DYNAMIC, "Dynamic"}, | |
758 | {CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding"}, | |
759 | {CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)"}, | |
760 | {CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)"}, | |
761 | {CAPABILITY_CODE_ORF_OLD, "ORF (Old)"}, | |
762 | {CAPABILITY_CODE_FQDN, "FQDN"}, | |
9af52ccf | 763 | {CAPABILITY_CODE_ENHANCED_RR, "Enhanced Route Refresh"}, |
d62a17ae | 764 | {0}}; |
6d58272b PJ |
765 | |
766 | /* Minimum sizes for length field of each cap (so not inc. the header) */ | |
d62a17ae | 767 | static const size_t cap_minsizes[] = { |
9d303b37 DL |
768 | [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN, |
769 | [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN, | |
770 | [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN, | |
771 | [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN, | |
772 | [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN, | |
773 | [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN, | |
774 | [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN, | |
775 | [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN, | |
776 | [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN, | |
777 | [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN, | |
778 | [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN, | |
779 | [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN, | |
9af52ccf | 780 | [CAPABILITY_CODE_ENHANCED_RR] = CAPABILITY_CODE_ENHANCED_LEN, |
6d58272b PJ |
781 | }; |
782 | ||
695ef95f PJ |
783 | /* value the capability must be a multiple of. |
784 | * 0-data capabilities won't be checked against this. | |
785 | * Other capabilities whose data doesn't fall on convenient boundaries for this | |
786 | * table should be set to 1. | |
787 | */ | |
d62a17ae | 788 | static const size_t cap_modsizes[] = { |
9d303b37 DL |
789 | [CAPABILITY_CODE_MP] = 4, |
790 | [CAPABILITY_CODE_REFRESH] = 1, | |
791 | [CAPABILITY_CODE_ORF] = 1, | |
792 | [CAPABILITY_CODE_RESTART] = 1, | |
793 | [CAPABILITY_CODE_AS4] = 4, | |
794 | [CAPABILITY_CODE_ADDPATH] = 4, | |
795 | [CAPABILITY_CODE_DYNAMIC] = 1, | |
796 | [CAPABILITY_CODE_DYNAMIC_OLD] = 1, | |
797 | [CAPABILITY_CODE_ENHE] = 6, | |
798 | [CAPABILITY_CODE_REFRESH_OLD] = 1, | |
799 | [CAPABILITY_CODE_ORF_OLD] = 1, | |
800 | [CAPABILITY_CODE_FQDN] = 1, | |
9af52ccf | 801 | [CAPABILITY_CODE_ENHANCED_RR] = 1, |
695ef95f PJ |
802 | }; |
803 | ||
3b381c32 AS |
804 | /** |
805 | * Parse given capability. | |
6d58272b | 806 | * XXX: This is reading into a stream, but not using stream API |
3b381c32 AS |
807 | * |
808 | * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol | |
809 | * capabilities were encountered. | |
6d58272b | 810 | */ |
d62a17ae | 811 | static int bgp_capability_parse(struct peer *peer, size_t length, |
d7c0a89a | 812 | int *mp_capability, uint8_t **error) |
6d58272b | 813 | { |
d62a17ae | 814 | int ret; |
815 | struct stream *s = BGP_INPUT(peer); | |
816 | size_t end = stream_get_getp(s) + length; | |
34aa7448 | 817 | uint16_t restart_flag_time = 0; |
d62a17ae | 818 | |
819 | assert(STREAM_READABLE(s) >= length); | |
820 | ||
821 | while (stream_get_getp(s) < end) { | |
822 | size_t start; | |
d7c0a89a | 823 | uint8_t *sp = stream_pnt(s); |
d62a17ae | 824 | struct capability_header caphdr; |
825 | ||
826 | ret = 0; | |
827 | /* We need at least capability code and capability length. */ | |
828 | if (stream_get_getp(s) + 2 > end) { | |
829 | zlog_info("%s Capability length error (< header)", | |
830 | peer->host); | |
831 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
832 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
833 | return -1; | |
834 | } | |
835 | ||
836 | caphdr.code = stream_getc(s); | |
837 | caphdr.length = stream_getc(s); | |
838 | start = stream_get_getp(s); | |
839 | ||
840 | /* Capability length check sanity check. */ | |
841 | if (start + caphdr.length > end) { | |
842 | zlog_info("%s Capability length error (< length)", | |
843 | peer->host); | |
844 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
845 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
846 | return -1; | |
847 | } | |
848 | ||
849 | if (bgp_debug_neighbor_events(peer)) | |
850 | zlog_debug("%s OPEN has %s capability (%u), length %u", | |
851 | peer->host, | |
852 | lookup_msg(capcode_str, caphdr.code, NULL), | |
853 | caphdr.code, caphdr.length); | |
854 | ||
855 | /* Length sanity check, type-specific, for known capabilities */ | |
856 | switch (caphdr.code) { | |
857 | case CAPABILITY_CODE_MP: | |
858 | case CAPABILITY_CODE_REFRESH: | |
859 | case CAPABILITY_CODE_REFRESH_OLD: | |
860 | case CAPABILITY_CODE_ORF: | |
861 | case CAPABILITY_CODE_ORF_OLD: | |
862 | case CAPABILITY_CODE_RESTART: | |
863 | case CAPABILITY_CODE_AS4: | |
864 | case CAPABILITY_CODE_ADDPATH: | |
865 | case CAPABILITY_CODE_DYNAMIC: | |
866 | case CAPABILITY_CODE_DYNAMIC_OLD: | |
867 | case CAPABILITY_CODE_ENHE: | |
868 | case CAPABILITY_CODE_FQDN: | |
9af52ccf | 869 | case CAPABILITY_CODE_ENHANCED_RR: |
d62a17ae | 870 | /* Check length. */ |
871 | if (caphdr.length < cap_minsizes[caphdr.code]) { | |
872 | zlog_info( | |
3efd0893 | 873 | "%s %s Capability length error: got %u, expected at least %u", |
d62a17ae | 874 | peer->host, |
875 | lookup_msg(capcode_str, caphdr.code, | |
876 | NULL), | |
877 | caphdr.length, | |
878 | (unsigned)cap_minsizes[caphdr.code]); | |
879 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
880 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
881 | return -1; | |
882 | } | |
883 | if (caphdr.length | |
884 | && caphdr.length % cap_modsizes[caphdr.code] != 0) { | |
885 | zlog_info( | |
3efd0893 | 886 | "%s %s Capability length error: got %u, expected a multiple of %u", |
d62a17ae | 887 | peer->host, |
888 | lookup_msg(capcode_str, caphdr.code, | |
889 | NULL), | |
890 | caphdr.length, | |
891 | (unsigned)cap_modsizes[caphdr.code]); | |
892 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
893 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
894 | return -1; | |
895 | } | |
896 | /* we deliberately ignore unknown codes, see below */ | |
897 | default: | |
898 | break; | |
899 | } | |
900 | ||
901 | switch (caphdr.code) { | |
902 | case CAPABILITY_CODE_MP: { | |
903 | *mp_capability = 1; | |
904 | ||
905 | /* Ignore capability when override-capability is set. */ | |
906 | if (!CHECK_FLAG(peer->flags, | |
907 | PEER_FLAG_OVERRIDE_CAPABILITY)) { | |
908 | /* Set negotiated value. */ | |
909 | ret = bgp_capability_mp(peer, &caphdr); | |
910 | ||
911 | /* Unsupported Capability. */ | |
912 | if (ret < 0) { | |
913 | /* Store return data. */ | |
914 | memcpy(*error, sp, caphdr.length + 2); | |
915 | *error += caphdr.length + 2; | |
916 | } | |
917 | ret = 0; /* Don't return error for this */ | |
918 | } | |
919 | } break; | |
9af52ccf | 920 | case CAPABILITY_CODE_ENHANCED_RR: |
d62a17ae | 921 | case CAPABILITY_CODE_REFRESH: |
922 | case CAPABILITY_CODE_REFRESH_OLD: { | |
923 | /* BGP refresh capability */ | |
9af52ccf DA |
924 | if (caphdr.code == CAPABILITY_CODE_ENHANCED_RR) |
925 | SET_FLAG(peer->cap, PEER_CAP_ENHANCED_RR_RCV); | |
926 | else if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD) | |
d62a17ae | 927 | SET_FLAG(peer->cap, PEER_CAP_REFRESH_OLD_RCV); |
928 | else | |
929 | SET_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV); | |
930 | } break; | |
931 | case CAPABILITY_CODE_ORF: | |
932 | case CAPABILITY_CODE_ORF_OLD: | |
933 | ret = bgp_capability_orf_entry(peer, &caphdr); | |
934 | break; | |
935 | case CAPABILITY_CODE_RESTART: | |
936 | ret = bgp_capability_restart(peer, &caphdr); | |
937 | break; | |
938 | case CAPABILITY_CODE_DYNAMIC: | |
939 | case CAPABILITY_CODE_DYNAMIC_OLD: | |
940 | SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV); | |
941 | break; | |
942 | case CAPABILITY_CODE_AS4: | |
943 | /* Already handled as a special-case parsing of the | |
944 | * capabilities | |
945 | * at the beginning of OPEN processing. So we care not a | |
946 | * jot | |
947 | * for the value really, only error case. | |
948 | */ | |
949 | if (!bgp_capability_as4(peer, &caphdr)) | |
950 | ret = -1; | |
951 | break; | |
952 | case CAPABILITY_CODE_ADDPATH: | |
953 | ret = bgp_capability_addpath(peer, &caphdr); | |
954 | break; | |
955 | case CAPABILITY_CODE_ENHE: | |
956 | ret = bgp_capability_enhe(peer, &caphdr); | |
957 | break; | |
958 | case CAPABILITY_CODE_FQDN: | |
959 | ret = bgp_capability_hostname(peer, &caphdr); | |
960 | break; | |
961 | default: | |
962 | if (caphdr.code > 128) { | |
963 | /* We don't send Notification for unknown vendor | |
964 | specific | |
965 | capabilities. It seems reasonable for now... | |
966 | */ | |
e50f7cfd | 967 | flog_warn(EC_BGP_CAPABILITY_VENDOR, |
065eaa36 | 968 | "%s Vendor specific capability %d", |
d62a17ae | 969 | peer->host, caphdr.code); |
970 | } else { | |
065eaa36 | 971 | flog_warn( |
e50f7cfd | 972 | EC_BGP_CAPABILITY_UNKNOWN, |
d62a17ae | 973 | "%s unrecognized capability code: %d - ignored", |
974 | peer->host, caphdr.code); | |
975 | memcpy(*error, sp, caphdr.length + 2); | |
976 | *error += caphdr.length + 2; | |
977 | } | |
978 | } | |
979 | ||
980 | if (ret < 0) { | |
981 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
982 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
983 | return -1; | |
984 | } | |
985 | if (stream_get_getp(s) != (start + caphdr.length)) { | |
986 | if (stream_get_getp(s) > (start + caphdr.length)) | |
065eaa36 | 987 | flog_warn( |
e50f7cfd | 988 | EC_BGP_CAPABILITY_INVALID_LENGTH, |
d62a17ae | 989 | "%s Cap-parser for %s read past cap-length, %u!", |
990 | peer->host, | |
991 | lookup_msg(capcode_str, caphdr.code, | |
992 | NULL), | |
993 | caphdr.length); | |
994 | stream_set_getp(s, start + caphdr.length); | |
995 | } | |
34aa7448 | 996 | |
997 | if (!CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) { | |
998 | UNSET_FLAG(restart_flag_time, 0xF000); | |
999 | peer->v_gr_restart = restart_flag_time; | |
1000 | } | |
718e3744 | 1001 | } |
d62a17ae | 1002 | return 0; |
718e3744 | 1003 | } |
1004 | ||
d62a17ae | 1005 | static int bgp_auth_parse(struct peer *peer, size_t length) |
718e3744 | 1006 | { |
d62a17ae | 1007 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, |
1008 | BGP_NOTIFY_OPEN_AUTH_FAILURE); | |
1009 | return -1; | |
718e3744 | 1010 | } |
1011 | ||
3dc339cd | 1012 | static bool strict_capability_same(struct peer *peer) |
718e3744 | 1013 | { |
d62a17ae | 1014 | int i, j; |
718e3744 | 1015 | |
d62a17ae | 1016 | for (i = AFI_IP; i < AFI_MAX; i++) |
1017 | for (j = SAFI_UNICAST; j < SAFI_MAX; j++) | |
1018 | if (peer->afc[i][j] != peer->afc_nego[i][j]) | |
3dc339cd DA |
1019 | return false; |
1020 | return true; | |
718e3744 | 1021 | } |
1022 | ||
0b2aa3a0 PJ |
1023 | /* peek into option, stores ASN to *as4 if the AS4 capability was found. |
1024 | * Returns 0 if no as4 found, as4cap value otherwise. | |
1025 | */ | |
d7c0a89a | 1026 | as_t peek_for_as4_capability(struct peer *peer, uint8_t length) |
0b2aa3a0 | 1027 | { |
d62a17ae | 1028 | struct stream *s = BGP_INPUT(peer); |
1029 | size_t orig_getp = stream_get_getp(s); | |
1030 | size_t end = orig_getp + length; | |
1031 | as_t as4 = 0; | |
1032 | ||
1033 | if (BGP_DEBUG(as4, AS4)) | |
4cb5e18b | 1034 | zlog_debug( |
3efd0893 | 1035 | "%s [AS4] rcv OPEN w/ OPTION parameter len: %u, peeking for as4", |
d62a17ae | 1036 | peer->host, length); |
1037 | /* the error cases we DONT handle, we ONLY try to read as4 out of | |
1038 | * correctly formatted options. | |
1039 | */ | |
1040 | while (stream_get_getp(s) < end) { | |
d7c0a89a QY |
1041 | uint8_t opt_type; |
1042 | uint8_t opt_length; | |
d62a17ae | 1043 | |
1044 | /* Check the length. */ | |
1045 | if (stream_get_getp(s) + 2 > end) | |
1046 | goto end; | |
1047 | ||
1048 | /* Fetch option type and length. */ | |
1049 | opt_type = stream_getc(s); | |
1050 | opt_length = stream_getc(s); | |
1051 | ||
1052 | /* Option length check. */ | |
1053 | if (stream_get_getp(s) + opt_length > end) | |
1054 | goto end; | |
1055 | ||
1056 | if (opt_type == BGP_OPEN_OPT_CAP) { | |
1057 | unsigned long capd_start = stream_get_getp(s); | |
1058 | unsigned long capd_end = capd_start + opt_length; | |
1059 | ||
1060 | assert(capd_end <= end); | |
1061 | ||
1062 | while (stream_get_getp(s) < capd_end) { | |
1063 | struct capability_header hdr; | |
1064 | ||
1065 | if (stream_get_getp(s) + 2 > capd_end) | |
1066 | goto end; | |
1067 | ||
1068 | hdr.code = stream_getc(s); | |
1069 | hdr.length = stream_getc(s); | |
1070 | ||
1071 | if ((stream_get_getp(s) + hdr.length) | |
1072 | > capd_end) | |
1073 | goto end; | |
1074 | ||
1075 | if (hdr.code == CAPABILITY_CODE_AS4) { | |
1076 | if (BGP_DEBUG(as4, AS4)) | |
4cb5e18b | 1077 | zlog_debug( |
d62a17ae | 1078 | "[AS4] found AS4 capability, about to parse"); |
1079 | as4 = bgp_capability_as4(peer, &hdr); | |
1080 | ||
1081 | goto end; | |
1082 | } | |
1083 | stream_forward_getp(s, hdr.length); | |
1084 | } | |
1085 | } | |
0b2aa3a0 | 1086 | } |
0b2aa3a0 PJ |
1087 | |
1088 | end: | |
d62a17ae | 1089 | stream_set_getp(s, orig_getp); |
1090 | return as4; | |
0b2aa3a0 PJ |
1091 | } |
1092 | ||
3b381c32 AS |
1093 | /** |
1094 | * Parse open option. | |
1095 | * | |
1096 | * @param[out] mp_capability @see bgp_capability_parse() for semantics. | |
1097 | */ | |
d7c0a89a | 1098 | int bgp_open_option_parse(struct peer *peer, uint8_t length, int *mp_capability) |
718e3744 | 1099 | { |
d62a17ae | 1100 | int ret = 0; |
d7c0a89a QY |
1101 | uint8_t *error; |
1102 | uint8_t error_data[BGP_MAX_PACKET_SIZE]; | |
d62a17ae | 1103 | struct stream *s = BGP_INPUT(peer); |
1104 | size_t end = stream_get_getp(s) + length; | |
1105 | ||
1106 | error = error_data; | |
1107 | ||
1108 | if (bgp_debug_neighbor_events(peer)) | |
1109 | zlog_debug("%s rcv OPEN w/ OPTION parameter len: %u", | |
1110 | peer->host, length); | |
1111 | ||
77b34214 NT |
1112 | /* Unset any previously received GR capability. */ |
1113 | UNSET_FLAG(peer->cap, PEER_CAP_RESTART_RCV); | |
1114 | ||
d62a17ae | 1115 | while (stream_get_getp(s) < end) { |
d7c0a89a QY |
1116 | uint8_t opt_type; |
1117 | uint8_t opt_length; | |
d62a17ae | 1118 | |
1119 | /* Must have at least an OPEN option header */ | |
1120 | if (STREAM_READABLE(s) < 2) { | |
1121 | zlog_info("%s Option length error", peer->host); | |
1122 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
1123 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
1124 | return -1; | |
1125 | } | |
1126 | ||
1127 | /* Fetch option type and length. */ | |
1128 | opt_type = stream_getc(s); | |
1129 | opt_length = stream_getc(s); | |
1130 | ||
1131 | /* Option length check. */ | |
1132 | if (STREAM_READABLE(s) < opt_length) { | |
1133 | zlog_info("%s Option length error", peer->host); | |
1134 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
1135 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
1136 | return -1; | |
1137 | } | |
1138 | ||
1139 | if (bgp_debug_neighbor_events(peer)) | |
1140 | zlog_debug( | |
1141 | "%s rcvd OPEN w/ optional parameter type %u (%s) len %u", | |
1142 | peer->host, opt_type, | |
1143 | opt_type == BGP_OPEN_OPT_AUTH | |
1144 | ? "Authentication" | |
1145 | : opt_type == BGP_OPEN_OPT_CAP | |
1146 | ? "Capability" | |
1147 | : "Unknown", | |
1148 | opt_length); | |
1149 | ||
1150 | switch (opt_type) { | |
1151 | case BGP_OPEN_OPT_AUTH: | |
1152 | ret = bgp_auth_parse(peer, opt_length); | |
1153 | break; | |
1154 | case BGP_OPEN_OPT_CAP: | |
1155 | ret = bgp_capability_parse(peer, opt_length, | |
1156 | mp_capability, &error); | |
1157 | break; | |
1158 | default: | |
1159 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
1160 | BGP_NOTIFY_OPEN_UNSUP_PARAM); | |
1161 | ret = -1; | |
1162 | break; | |
1163 | } | |
1164 | ||
1165 | /* Parse error. To accumulate all unsupported capability codes, | |
1166 | bgp_capability_parse does not return -1 when encounter | |
1167 | unsupported capability code. To detect that, please check | |
1168 | error and erro_data pointer, like below. */ | |
1169 | if (ret < 0) | |
1170 | return -1; | |
718e3744 | 1171 | } |
1172 | ||
d62a17ae | 1173 | /* All OPEN option is parsed. Check capability when strict compare |
1174 | flag is enabled.*/ | |
1175 | if (CHECK_FLAG(peer->flags, PEER_FLAG_STRICT_CAP_MATCH)) { | |
1176 | /* If Unsupported Capability exists. */ | |
1177 | if (error != error_data) { | |
1178 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1179 | BGP_NOTIFY_OPEN_UNSUP_CAPBL, | |
1180 | error_data, | |
1181 | error - error_data); | |
1182 | return -1; | |
1183 | } | |
1184 | ||
1185 | /* Check local capability does not negotiated with remote | |
1186 | peer. */ | |
1187 | if (!strict_capability_same(peer)) { | |
1188 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
1189 | BGP_NOTIFY_OPEN_UNSUP_CAPBL); | |
1190 | return -1; | |
1191 | } | |
718e3744 | 1192 | } |
1193 | ||
d62a17ae | 1194 | /* Check there are no common AFI/SAFIs and send Unsupported Capability |
1195 | error. */ | |
1196 | if (*mp_capability | |
1197 | && !CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) { | |
1198 | if (!peer->afc_nego[AFI_IP][SAFI_UNICAST] | |
1199 | && !peer->afc_nego[AFI_IP][SAFI_MULTICAST] | |
1200 | && !peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] | |
1201 | && !peer->afc_nego[AFI_IP][SAFI_MPLS_VPN] | |
1202 | && !peer->afc_nego[AFI_IP][SAFI_ENCAP] | |
7c40bf39 | 1203 | && !peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] |
d62a17ae | 1204 | && !peer->afc_nego[AFI_IP6][SAFI_UNICAST] |
1205 | && !peer->afc_nego[AFI_IP6][SAFI_MULTICAST] | |
1206 | && !peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] | |
1207 | && !peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN] | |
1208 | && !peer->afc_nego[AFI_IP6][SAFI_ENCAP] | |
7c40bf39 | 1209 | && !peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] |
d62a17ae | 1210 | && !peer->afc_nego[AFI_L2VPN][SAFI_EVPN]) { |
e50f7cfd | 1211 | flog_err(EC_BGP_PKT_OPEN, |
3efd0893 | 1212 | "%s [Error] Configured AFI/SAFIs do not overlap with received MP capabilities", |
1c50c1c0 | 1213 | peer->host); |
d62a17ae | 1214 | |
1215 | if (error != error_data) | |
1216 | bgp_notify_send_with_data( | |
1217 | peer, BGP_NOTIFY_OPEN_ERR, | |
1218 | BGP_NOTIFY_OPEN_UNSUP_CAPBL, error_data, | |
1219 | error - error_data); | |
1220 | else | |
1221 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
1222 | BGP_NOTIFY_OPEN_UNSUP_CAPBL); | |
1223 | return -1; | |
1224 | } | |
718e3744 | 1225 | } |
d62a17ae | 1226 | return 0; |
718e3744 | 1227 | } |
1228 | ||
d62a17ae | 1229 | static void bgp_open_capability_orf(struct stream *s, struct peer *peer, |
d7c0a89a | 1230 | afi_t afi, safi_t safi, uint8_t code) |
718e3744 | 1231 | { |
d7c0a89a QY |
1232 | uint8_t cap_len; |
1233 | uint8_t orf_len; | |
d62a17ae | 1234 | unsigned long capp; |
1235 | unsigned long orfp; | |
1236 | unsigned long numberp; | |
1237 | int number_of_orfs = 0; | |
1238 | iana_afi_t pkt_afi; | |
5c525538 | 1239 | iana_safi_t pkt_safi; |
d62a17ae | 1240 | |
1241 | /* Convert AFI, SAFI to values for packet. */ | |
1242 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
1243 | ||
1244 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1245 | capp = stream_get_endp(s); /* Set Capability Len Pointer */ | |
1246 | stream_putc(s, 0); /* Capability Length */ | |
1247 | stream_putc(s, code); /* Capability Code */ | |
1248 | orfp = stream_get_endp(s); /* Set ORF Len Pointer */ | |
1249 | stream_putc(s, 0); /* ORF Length */ | |
1250 | stream_putw(s, pkt_afi); | |
1251 | stream_putc(s, 0); | |
1252 | stream_putc(s, pkt_safi); | |
1253 | numberp = stream_get_endp(s); /* Set Number Pointer */ | |
1254 | stream_putc(s, 0); /* Number of ORFs */ | |
1255 | ||
1256 | /* Address Prefix ORF */ | |
1257 | if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM) | |
1258 | || CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM)) { | |
1259 | stream_putc(s, (code == CAPABILITY_CODE_ORF | |
1260 | ? ORF_TYPE_PREFIX | |
1261 | : ORF_TYPE_PREFIX_OLD)); | |
1262 | ||
1263 | if (CHECK_FLAG(peer->af_flags[afi][safi], | |
1264 | PEER_FLAG_ORF_PREFIX_SM) | |
1265 | && CHECK_FLAG(peer->af_flags[afi][safi], | |
1266 | PEER_FLAG_ORF_PREFIX_RM)) { | |
1267 | SET_FLAG(peer->af_cap[afi][safi], | |
1268 | PEER_CAP_ORF_PREFIX_SM_ADV); | |
1269 | SET_FLAG(peer->af_cap[afi][safi], | |
1270 | PEER_CAP_ORF_PREFIX_RM_ADV); | |
1271 | stream_putc(s, ORF_MODE_BOTH); | |
1272 | } else if (CHECK_FLAG(peer->af_flags[afi][safi], | |
1273 | PEER_FLAG_ORF_PREFIX_SM)) { | |
1274 | SET_FLAG(peer->af_cap[afi][safi], | |
1275 | PEER_CAP_ORF_PREFIX_SM_ADV); | |
1276 | stream_putc(s, ORF_MODE_SEND); | |
1277 | } else { | |
1278 | SET_FLAG(peer->af_cap[afi][safi], | |
1279 | PEER_CAP_ORF_PREFIX_RM_ADV); | |
1280 | stream_putc(s, ORF_MODE_RECEIVE); | |
1281 | } | |
1282 | number_of_orfs++; | |
718e3744 | 1283 | } |
718e3744 | 1284 | |
d62a17ae | 1285 | /* Total Number of ORFs. */ |
1286 | stream_putc_at(s, numberp, number_of_orfs); | |
718e3744 | 1287 | |
d62a17ae | 1288 | /* Total ORF Len. */ |
1289 | orf_len = stream_get_endp(s) - orfp - 1; | |
1290 | stream_putc_at(s, orfp, orf_len); | |
718e3744 | 1291 | |
d62a17ae | 1292 | /* Total Capability Len. */ |
1293 | cap_len = stream_get_endp(s) - capp - 1; | |
1294 | stream_putc_at(s, capp, cap_len); | |
718e3744 | 1295 | } |
1296 | ||
034e185d | 1297 | static void bgp_peer_send_gr_capability(struct stream *s, struct peer *peer, |
36235319 | 1298 | unsigned long cp) |
034e185d | 1299 | { |
1300 | int len; | |
1301 | iana_afi_t pkt_afi; | |
1302 | afi_t afi; | |
1303 | safi_t safi; | |
1304 | iana_safi_t pkt_safi; | |
1305 | uint32_t restart_time; | |
1306 | unsigned long capp = 0; | |
1307 | unsigned long rcapp = 0; | |
1308 | ||
13909c4f DS |
1309 | if (!CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART) |
1310 | && !CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART_HELPER)) | |
1311 | return; | |
1312 | ||
1313 | if (BGP_DEBUG(graceful_restart, GRACEFUL_RESTART)) | |
1314 | zlog_debug("[BGP_GR] Sending helper Capability for Peer :%s :", | |
1315 | peer->host); | |
1316 | ||
1317 | SET_FLAG(peer->cap, PEER_CAP_RESTART_ADV); | |
1318 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1319 | capp = stream_get_endp(s); /* Set Capability Len Pointer */ | |
1320 | stream_putc(s, 0); /* Capability Length */ | |
1321 | stream_putc(s, CAPABILITY_CODE_RESTART); | |
1322 | /* Set Restart Capability Len Pointer */ | |
1323 | rcapp = stream_get_endp(s); | |
1324 | stream_putc(s, 0); | |
1325 | restart_time = peer->bgp->restart_time; | |
1326 | if (peer->bgp->t_startup) { | |
1327 | SET_FLAG(restart_time, RESTART_R_BIT); | |
1328 | SET_FLAG(peer->cap, PEER_CAP_RESTART_BIT_ADV); | |
034e185d | 1329 | |
1330 | if (BGP_DEBUG(graceful_restart, GRACEFUL_RESTART)) | |
13909c4f DS |
1331 | zlog_debug("[BGP_GR] Sending R-Bit for Peer :%s :", |
1332 | peer->host); | |
1333 | } | |
1334 | ||
1335 | stream_putw(s, restart_time); | |
1336 | ||
1337 | /* Send address-family specific graceful-restart capability | |
1338 | * only when GR config is present | |
1339 | */ | |
1340 | if (CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART)) { | |
892fedb6 | 1341 | if (CHECK_FLAG(peer->bgp->flags, BGP_FLAG_GR_PRESERVE_FWD) |
13909c4f DS |
1342 | && BGP_DEBUG(graceful_restart, GRACEFUL_RESTART)) |
1343 | zlog_debug("[BGP_GR] F bit Set"); | |
1344 | ||
1345 | FOREACH_AFI_SAFI (afi, safi) { | |
1346 | if (!peer->afc[afi][safi]) | |
1347 | continue; | |
0f0444fb | 1348 | |
1349 | if (BGP_DEBUG(graceful_restart, GRACEFUL_RESTART)) | |
1350 | zlog_debug( | |
13909c4f DS |
1351 | "[BGP_GR] Sending GR Capability for AFI :%d :, SAFI :%d:", |
1352 | afi, safi); | |
034e185d | 1353 | |
13909c4f DS |
1354 | /* Convert AFI, SAFI to values for |
1355 | * packet. | |
1356 | */ | |
1357 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, | |
1358 | &pkt_safi); | |
1359 | stream_putw(s, pkt_afi); | |
1360 | stream_putc(s, pkt_safi); | |
892fedb6 DA |
1361 | if (CHECK_FLAG(peer->bgp->flags, |
1362 | BGP_FLAG_GR_PRESERVE_FWD)) | |
13909c4f DS |
1363 | stream_putc(s, RESTART_F_BIT); |
1364 | else | |
1365 | stream_putc(s, 0); | |
034e185d | 1366 | } |
034e185d | 1367 | } |
13909c4f DS |
1368 | |
1369 | /* Total Graceful restart capability Len. */ | |
1370 | len = stream_get_endp(s) - rcapp - 1; | |
1371 | stream_putc_at(s, rcapp, len); | |
1372 | ||
1373 | /* Total Capability Len. */ | |
1374 | len = stream_get_endp(s) - capp - 1; | |
1375 | stream_putc_at(s, capp, len); | |
034e185d | 1376 | } |
1377 | ||
718e3744 | 1378 | /* Fill in capability open option to the packet. */ |
d62a17ae | 1379 | void bgp_open_capability(struct stream *s, struct peer *peer) |
718e3744 | 1380 | { |
d7c0a89a | 1381 | uint8_t len; |
d62a17ae | 1382 | unsigned long cp, capp, rcapp; |
1383 | iana_afi_t pkt_afi; | |
1384 | afi_t afi; | |
5c525538 RW |
1385 | safi_t safi; |
1386 | iana_safi_t pkt_safi; | |
d62a17ae | 1387 | as_t local_as; |
d7c0a89a | 1388 | uint8_t afi_safi_count = 0; |
d62a17ae | 1389 | int adv_addpath_tx = 0; |
1390 | ||
1391 | /* Remember current pointer for Opt Parm Len. */ | |
1392 | cp = stream_get_endp(s); | |
1393 | ||
1394 | /* Opt Parm Len. */ | |
1395 | stream_putc(s, 0); | |
1396 | ||
1397 | /* Do not send capability. */ | |
1398 | if (!CHECK_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN) | |
1399 | || CHECK_FLAG(peer->flags, PEER_FLAG_DONT_CAPABILITY)) | |
1400 | return; | |
1401 | ||
1402 | /* MP capability for configured AFI, SAFI */ | |
05c7a1cc QY |
1403 | FOREACH_AFI_SAFI (afi, safi) { |
1404 | if (peer->afc[afi][safi]) { | |
1405 | /* Convert AFI, SAFI to values for packet. */ | |
1406 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, | |
1407 | &pkt_safi); | |
1408 | ||
1409 | peer->afc_adv[afi][safi] = 1; | |
1410 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1411 | stream_putc(s, CAPABILITY_CODE_MP_LEN + 2); | |
1412 | stream_putc(s, CAPABILITY_CODE_MP); | |
1413 | stream_putc(s, CAPABILITY_CODE_MP_LEN); | |
1414 | stream_putw(s, pkt_afi); | |
1415 | stream_putc(s, 0); | |
1416 | stream_putc(s, pkt_safi); | |
1417 | ||
1418 | /* Extended nexthop capability - currently | |
1419 | * supporting RFC-5549 for | |
1420 | * Link-Local peering only | |
1421 | */ | |
1422 | if (CHECK_FLAG(peer->flags, PEER_FLAG_CAPABILITY_ENHE) | |
1423 | && peer->su.sa.sa_family == AF_INET6 | |
05c7a1cc | 1424 | && afi == AFI_IP |
770df5fd | 1425 | && (safi == SAFI_UNICAST || safi == SAFI_MPLS_VPN |
05c7a1cc QY |
1426 | || safi == SAFI_LABELED_UNICAST)) { |
1427 | /* RFC 5549 Extended Next Hop Encoding | |
1428 | */ | |
1429 | SET_FLAG(peer->cap, PEER_CAP_ENHE_ADV); | |
d62a17ae | 1430 | stream_putc(s, BGP_OPEN_OPT_CAP); |
05c7a1cc QY |
1431 | stream_putc(s, CAPABILITY_CODE_ENHE_LEN + 2); |
1432 | stream_putc(s, CAPABILITY_CODE_ENHE); | |
1433 | stream_putc(s, CAPABILITY_CODE_ENHE_LEN); | |
1434 | ||
1435 | SET_FLAG(peer->af_cap[AFI_IP][safi], | |
1436 | PEER_CAP_ENHE_AF_ADV); | |
d62a17ae | 1437 | stream_putw(s, pkt_afi); |
05c7a1cc QY |
1438 | stream_putw(s, pkt_safi); |
1439 | stream_putw(s, afi_int2iana(AFI_IP6)); | |
d62a17ae | 1440 | |
05c7a1cc QY |
1441 | if (CHECK_FLAG(peer->af_cap[afi][safi], |
1442 | PEER_CAP_ENHE_AF_RCV)) | |
1443 | SET_FLAG(peer->af_cap[afi][safi], | |
1444 | PEER_CAP_ENHE_AF_NEGO); | |
d62a17ae | 1445 | } |
1446 | } | |
05c7a1cc | 1447 | } |
d62a17ae | 1448 | |
1449 | /* Route refresh. */ | |
1450 | SET_FLAG(peer->cap, PEER_CAP_REFRESH_ADV); | |
1451 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1452 | stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2); | |
1453 | stream_putc(s, CAPABILITY_CODE_REFRESH_OLD); | |
1454 | stream_putc(s, CAPABILITY_CODE_REFRESH_LEN); | |
1455 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1456 | stream_putc(s, CAPABILITY_CODE_REFRESH_LEN + 2); | |
1457 | stream_putc(s, CAPABILITY_CODE_REFRESH); | |
1458 | stream_putc(s, CAPABILITY_CODE_REFRESH_LEN); | |
1459 | ||
9af52ccf DA |
1460 | /* Enhanced Route Refresh. */ |
1461 | SET_FLAG(peer->cap, PEER_CAP_ENHANCED_RR_ADV); | |
1462 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1463 | stream_putc(s, CAPABILITY_CODE_ENHANCED_LEN + 2); | |
1464 | stream_putc(s, CAPABILITY_CODE_ENHANCED_RR); | |
1465 | stream_putc(s, CAPABILITY_CODE_ENHANCED_LEN); | |
1466 | ||
d62a17ae | 1467 | /* AS4 */ |
1468 | SET_FLAG(peer->cap, PEER_CAP_AS4_ADV); | |
1469 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1470 | stream_putc(s, CAPABILITY_CODE_AS4_LEN + 2); | |
1471 | stream_putc(s, CAPABILITY_CODE_AS4); | |
1472 | stream_putc(s, CAPABILITY_CODE_AS4_LEN); | |
1473 | if (peer->change_local_as) | |
1474 | local_as = peer->change_local_as; | |
1475 | else | |
1476 | local_as = peer->local_as; | |
1477 | stream_putl(s, local_as); | |
1478 | ||
1479 | /* AddPath */ | |
05c7a1cc QY |
1480 | FOREACH_AFI_SAFI (afi, safi) { |
1481 | if (peer->afc[afi][safi]) { | |
1482 | afi_safi_count++; | |
1483 | ||
1484 | /* Only advertise addpath TX if a feature that | |
1485 | * will use it is | |
1486 | * configured */ | |
dcc68b5e | 1487 | if (peer->addpath_type[afi][safi] != BGP_ADDPATH_NONE) |
05c7a1cc QY |
1488 | adv_addpath_tx = 1; |
1489 | } | |
1490 | } | |
d62a17ae | 1491 | |
1492 | SET_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV); | |
1493 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1494 | stream_putc(s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2); | |
1495 | stream_putc(s, CAPABILITY_CODE_ADDPATH); | |
1496 | stream_putc(s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count); | |
1497 | ||
05c7a1cc QY |
1498 | FOREACH_AFI_SAFI (afi, safi) { |
1499 | if (peer->afc[afi][safi]) { | |
1500 | /* Convert AFI, SAFI to values for packet. */ | |
1501 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, | |
1502 | &pkt_safi); | |
d62a17ae | 1503 | |
05c7a1cc QY |
1504 | stream_putw(s, pkt_afi); |
1505 | stream_putc(s, pkt_safi); | |
d62a17ae | 1506 | |
05c7a1cc QY |
1507 | if (adv_addpath_tx) { |
1508 | stream_putc(s, BGP_ADDPATH_RX | BGP_ADDPATH_TX); | |
1509 | SET_FLAG(peer->af_cap[afi][safi], | |
1510 | PEER_CAP_ADDPATH_AF_RX_ADV); | |
1511 | SET_FLAG(peer->af_cap[afi][safi], | |
1512 | PEER_CAP_ADDPATH_AF_TX_ADV); | |
1513 | } else { | |
1514 | stream_putc(s, BGP_ADDPATH_RX); | |
1515 | SET_FLAG(peer->af_cap[afi][safi], | |
1516 | PEER_CAP_ADDPATH_AF_RX_ADV); | |
1517 | UNSET_FLAG(peer->af_cap[afi][safi], | |
1518 | PEER_CAP_ADDPATH_AF_TX_ADV); | |
d62a17ae | 1519 | } |
05c7a1cc QY |
1520 | } |
1521 | } | |
d62a17ae | 1522 | |
1523 | /* ORF capability. */ | |
05c7a1cc QY |
1524 | FOREACH_AFI_SAFI (afi, safi) { |
1525 | if (CHECK_FLAG(peer->af_flags[afi][safi], | |
1526 | PEER_FLAG_ORF_PREFIX_SM) | |
1527 | || CHECK_FLAG(peer->af_flags[afi][safi], | |
1528 | PEER_FLAG_ORF_PREFIX_RM)) { | |
1529 | bgp_open_capability_orf(s, peer, afi, safi, | |
1530 | CAPABILITY_CODE_ORF_OLD); | |
1531 | bgp_open_capability_orf(s, peer, afi, safi, | |
1532 | CAPABILITY_CODE_ORF); | |
1533 | } | |
1534 | } | |
d62a17ae | 1535 | |
1536 | /* Dynamic capability. */ | |
1537 | if (CHECK_FLAG(peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY)) { | |
1538 | SET_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV); | |
1539 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1540 | stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2); | |
1541 | stream_putc(s, CAPABILITY_CODE_DYNAMIC_OLD); | |
1542 | stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN); | |
1543 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1544 | stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN + 2); | |
1545 | stream_putc(s, CAPABILITY_CODE_DYNAMIC); | |
1546 | stream_putc(s, CAPABILITY_CODE_DYNAMIC_LEN); | |
718e3744 | 1547 | } |
1548 | ||
d62a17ae | 1549 | /* Hostname capability */ |
6b3ee3a0 | 1550 | if (cmd_hostname_get()) { |
d62a17ae | 1551 | SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV); |
1552 | stream_putc(s, BGP_OPEN_OPT_CAP); | |
1553 | rcapp = stream_get_endp(s); /* Ptr to length placeholder */ | |
1554 | stream_putc(s, 0); /* dummy len for now */ | |
1555 | stream_putc(s, CAPABILITY_CODE_FQDN); | |
1556 | capp = stream_get_endp(s); | |
1557 | stream_putc(s, 0); /* dummy len for now */ | |
6b3ee3a0 | 1558 | len = strlen(cmd_hostname_get()); |
d62a17ae | 1559 | if (len > BGP_MAX_HOSTNAME) |
1560 | len = BGP_MAX_HOSTNAME; | |
1561 | ||
1562 | stream_putc(s, len); | |
6b3ee3a0 MK |
1563 | stream_put(s, cmd_hostname_get(), len); |
1564 | if (cmd_domainname_get()) { | |
1565 | len = strlen(cmd_domainname_get()); | |
d62a17ae | 1566 | if (len > BGP_MAX_HOSTNAME) |
1567 | len = BGP_MAX_HOSTNAME; | |
1568 | ||
1569 | stream_putc(s, len); | |
6b3ee3a0 | 1570 | stream_put(s, cmd_domainname_get(), len); |
d62a17ae | 1571 | } else |
d62a17ae | 1572 | stream_putc(s, 0); /* 0 length */ |
04b6bdc0 | 1573 | |
d62a17ae | 1574 | /* Set the lengths straight */ |
1575 | len = stream_get_endp(s) - rcapp - 1; | |
1576 | stream_putc_at(s, rcapp, len); | |
1577 | len = stream_get_endp(s) - capp - 1; | |
1578 | stream_putc_at(s, capp, len); | |
04b6bdc0 | 1579 | |
d62a17ae | 1580 | if (bgp_debug_neighbor_events(peer)) |
d62a17ae | 1581 | zlog_debug( |
1582 | "%s Sending hostname cap with hn = %s, dn = %s", | |
6b3ee3a0 MK |
1583 | peer->host, cmd_hostname_get(), |
1584 | cmd_domainname_get()); | |
d62a17ae | 1585 | } |
1586 | ||
034e185d | 1587 | bgp_peer_send_gr_capability(s, peer, cp); |
d62a17ae | 1588 | |
1589 | /* Total Opt Parm Len. */ | |
1590 | len = stream_get_endp(s) - cp - 1; | |
1591 | stream_putc_at(s, cp, len); | |
718e3744 | 1592 | } |