]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bgpd: Add BGP Software Version Capability
[mirror_frr.git] / bgpd / bgp_packet.c
CommitLineData
718e3744 1/* BGP packet management routine.
56257a44
QY		 2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
896014f4
DL		 4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
718e3744 22
23#include <zebra.h>
d3ecc69e 24#include <sys/time.h>
718e3744 25
26#include "thread.h"
27#include "stream.h"
28#include "network.h"
29#include "prefix.h"
30#include "command.h"
31#include "log.h"
32#include "memory.h"
d62a17ae 33#include "sockunion.h" /* for inet_ntop () */
baa376fc 34#include "sockopt.h"
718e3744 35#include "linklist.h"
36#include "plist.h"
3f9c7369 37#include "queue.h"
039f3a34 38#include "filter.h"
02705213 39#include "lib_errors.h"
718e3744 40
41#include "bgpd/bgpd.h"
42#include "bgpd/bgp_table.h"
43#include "bgpd/bgp_dump.h"
6c29258c 44#include "bgpd/bgp_bmp.h"
718e3744 45#include "bgpd/bgp_attr.h"
46#include "bgpd/bgp_debug.h"
14454c9f 47#include "bgpd/bgp_errors.h"
718e3744 48#include "bgpd/bgp_fsm.h"
49#include "bgpd/bgp_route.h"
50#include "bgpd/bgp_packet.h"
51#include "bgpd/bgp_open.h"
52#include "bgpd/bgp_aspath.h"
53#include "bgpd/bgp_community.h"
54#include "bgpd/bgp_ecommunity.h"
57d187bc 55#include "bgpd/bgp_lcommunity.h"
718e3744 56#include "bgpd/bgp_network.h"
57#include "bgpd/bgp_mplsvpn.h"
7ef5a232 58#include "bgpd/bgp_evpn.h"
718e3744 59#include "bgpd/bgp_advertise.h"
93406d87 60#include "bgpd/bgp_vty.h"
3f9c7369 61#include "bgpd/bgp_updgrp.h"
cd1964ff 62#include "bgpd/bgp_label.h"
56257a44 63#include "bgpd/bgp_io.h"
934af458 64#include "bgpd/bgp_keepalives.h"
7c40bf39 65#include "bgpd/bgp_flowspec.h"
d9a03c57 66#include "bgpd/bgp_trace.h"
718e3744 67
584470fb
DL		 68DEFINE_HOOK(bgp_packet_dump,
69 (struct peer *peer, uint8_t type, bgp_size_t size,
70 struct stream *s),
8451921b 71 (peer, type, size, s));
584470fb 72
6fd04594
DL		 73DEFINE_HOOK(bgp_packet_send,
74 (struct peer *peer, uint8_t type, bgp_size_t size,
75 struct stream *s),
8451921b 76 (peer, type, size, s));
6fd04594 77
d8151687
QY		 78/**
79 * Sets marker and type fields for a BGP message.
80 *
81 * @param s the stream containing the packet
82 * @param type the packet type
83 * @return the size of the stream
84 */
d7c0a89a 85int bgp_packet_set_marker(struct stream *s, uint8_t type)
718e3744 86{
d62a17ae 87 int i;
718e3744 88
d62a17ae 89 /* Fill in marker. */
90 for (i = 0; i < BGP_MARKER_SIZE; i++)
91 stream_putc(s, 0xff);
718e3744 92
d62a17ae 93 /* Dummy total length. This field is should be filled in later on. */
94 stream_putw(s, 0);
718e3744 95
d62a17ae 96 /* BGP packet type. */
97 stream_putc(s, type);
718e3744 98
d62a17ae 99 /* Return current stream size. */
100 return stream_get_endp(s);
718e3744 101}
102
d8151687
QY		 103/**
104 * Sets size field for a BGP message.
105 *
106 * Size field is set to the size of the stream passed.
107 *
108 * @param s the stream containing the packet
d8151687 109 */
65baedca 110void bgp_packet_set_size(struct stream *s)
718e3744 111{
d62a17ae 112 int cp;
718e3744 113
d62a17ae 114 /* Preserve current pointer. */
115 cp = stream_get_endp(s);
116 stream_putw_at(s, BGP_MARKER_SIZE, cp);
718e3744 117}
118
d3ecc69e
QY		 119/*
120 * Push a packet onto the beginning of the peer's output queue.
121 * This function acquires the peer's write mutex before proceeding.
122 */
123static void bgp_packet_add(struct peer *peer, struct stream *s)
124{
bd9fb6f3
DL		 125 intmax_t delta;
126 uint32_t holdtime;
460ed839 127 intmax_t sendholdtime;
bd9fb6f3 128
cb1991af 129 frr_with_mutex (&peer->io_mtx) {
bd9fb6f3
DL		 130 /* if the queue is empty, reset the "last OK" timestamp to
131 * now, otherwise if we write another packet immediately
132 * after it'll get confused
133 */
134 if (!stream_fifo_count_safe(peer->obuf))
083ec940 135 peer->last_sendq_ok = monotime(NULL);
bd9fb6f3 136
00dffa8c 137 stream_fifo_push(peer->obuf, s);
bd9fb6f3 138
083ec940 139 delta = monotime(NULL) - peer->last_sendq_ok;
460ed839
DA		 140
141 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
142 holdtime = atomic_load_explicit(&peer->holdtime,
143 memory_order_relaxed);
144 else
145 holdtime = peer->bgp->default_holdtime;
146
147 sendholdtime = holdtime * 2;
bd9fb6f3
DL		 148
149 /* Note that when we're here, we're adding some packet to the
150 * OutQ. That includes keepalives when there is nothing to
151 * do, so there's a guarantee we pass by here once in a while.
152 *
153 * That implies there is no need to go set up another separate
154 * timer that ticks down SendHoldTime, as we'll be here sooner
155 * or later anyway and will see the checks below failing.
156 */
382268f4
DL		 157 if (!holdtime) {
158 /* no holdtime, do nothing. */
460ed839 159 } else if (delta > sendholdtime) {
bd9fb6f3
DL		 160 flog_err(
161 EC_BGP_SENDQ_STUCK_PROPER,
460ed839
DA		 162 "%pBP has not made any SendQ progress for 2 holdtimes (%jds), terminating session",
163 peer, sendholdtime);
bd9fb6f3
DL		 164 BGP_EVENT_ADD(peer, TCP_fatal_error);
165 } else if (delta > (intmax_t)holdtime &&
083ec940 166 monotime(NULL) - peer->last_sendq_warn > 5) {
bd9fb6f3
DL		 167 flog_warn(
168 EC_BGP_SENDQ_STUCK_WARN,
460ed839
DA		 169 "%pBP has not made any SendQ progress for 1 holdtime (%us), peer overloaded?",
170 peer, holdtime);
083ec940 171 peer->last_sendq_warn = monotime(NULL);
bd9fb6f3 172 }
00dffa8c 173 }
718e3744 174}
175
d62a17ae 176static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
177 safi_t safi)
93406d87 178{
d62a17ae 179 struct stream *s;
617975d1
DS		 180 iana_afi_t pkt_afi = IANA_AFI_IPV4;
181 iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
d62a17ae 182
183 if (DISABLE_BGP_ANNOUNCE)
184 return NULL;
185
186 if (bgp_debug_neighbor_events(peer))
187 zlog_debug("send End-of-RIB for %s to %s",
5cb5f4d0 188 get_afi_safi_str(afi, safi, false), peer->host);
d62a17ae 189
ef56aee4 190 s = stream_new(peer->max_packet_size);
d62a17ae 191
192 /* Make BGP update packet. */
193 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
194
195 /* Unfeasible Routes Length */
196 stream_putw(s, 0);
197
198 if (afi == AFI_IP && safi == SAFI_UNICAST) {
199 /* Total Path Attribute Length */
200 stream_putw(s, 0);
201 } else {
202 /* Convert AFI, SAFI to values for packet. */
203 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
204
205 /* Total Path Attribute Length */
206 stream_putw(s, 6);
207 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
208 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
209 stream_putc(s, 3);
210 stream_putw(s, pkt_afi);
211 stream_putc(s, pkt_safi);
212 }
213
214 bgp_packet_set_size(s);
d62a17ae 215 return s;
718e3744 216}
217
d8151687
QY		 218/* Called when there is a change in the EOR(implicit or explicit) status of a
219 * peer. Ends the update-delay if all expected peers are done with EORs. */
220void bgp_check_update_delay(struct bgp *bgp)
221{
222 struct listnode *node, *nnode;
223 struct peer *peer = NULL;
224
225 if (bgp_debug_neighbor_events(peer))
226 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
227 bgp->established, bgp->restarted_peers,
228 bgp->implicit_eors, bgp->explicit_eors);
229
230 if (bgp->established
231 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
becedef6
QY		 232 /*
233 * This is an extra sanity check to make sure we wait for all
234 * the eligible configured peers. This check is performed if
235 * establish wait timer is on, or establish wait option is not
236 * given with the update-delay command
237 */
d8151687
QY		 238 if (bgp->t_establish_wait
239 || (bgp->v_establish_wait == bgp->v_update_delay))
240 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
241 if (CHECK_FLAG(peer->flags,
242 PEER_FLAG_CONFIG_NODE)
243 && !CHECK_FLAG(peer->flags,
244 PEER_FLAG_SHUTDOWN)
cb9196e7
DS		 245 && !CHECK_FLAG(peer->bgp->flags,
246 BGP_FLAG_SHUTDOWN)
d8151687
QY		 247 && !peer->update_delay_over) {
248 if (bgp_debug_neighbor_events(peer))
249 zlog_debug(
250 " Peer %s pending, continuing read-only mode",
251 peer->host);
252 return;
253 }
254 }
255
256 zlog_info(
257 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
258 bgp->restarted_peers, bgp->implicit_eors,
259 bgp->explicit_eors);
260 bgp_update_delay_end(bgp);
261 }
262}
263
becedef6
QY		 264/*
265 * Called if peer is known to have restarted. The restart-state bit in
266 * Graceful-Restart capability is used for that
267 */
d8151687
QY		 268void bgp_update_restarted_peers(struct peer *peer)
269{
270 if (!bgp_update_delay_active(peer->bgp))
271 return; /* BGP update delay has ended */
272 if (peer->update_delay_over)
273 return; /* This peer has already been considered */
274
275 if (bgp_debug_neighbor_events(peer))
276 zlog_debug("Peer %s: Checking restarted", peer->host);
277
feb17238 278 if (peer_established(peer)) {
d8151687
QY		 279 peer->update_delay_over = 1;
280 peer->bgp->restarted_peers++;
281 bgp_check_update_delay(peer->bgp);
282 }
283}
284
becedef6
QY		 285/*
286 * Called as peer receives a keep-alive. Determines if this occurence can be
287 * taken as an implicit EOR for this peer.
288 * NOTE: The very first keep-alive after the Established state of a peer is
289 * considered implicit EOR for the update-delay purposes
290 */
d8151687
QY		 291void bgp_update_implicit_eors(struct peer *peer)
292{
293 if (!bgp_update_delay_active(peer->bgp))
294 return; /* BGP update delay has ended */
295 if (peer->update_delay_over)
296 return; /* This peer has already been considered */
297
298 if (bgp_debug_neighbor_events(peer))
299 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
300
feb17238 301 if (peer_established(peer)) {
d8151687
QY		 302 peer->update_delay_over = 1;
303 peer->bgp->implicit_eors++;
304 bgp_check_update_delay(peer->bgp);
305 }
306}
307
becedef6
QY		 308/*
309 * Should be called only when there is a change in the EOR_RECEIVED status
310 * for any afi/safi on a peer.
311 */
d8151687
QY		 312static void bgp_update_explicit_eors(struct peer *peer)
313{
314 afi_t afi;
315 safi_t safi;
316
317 if (!bgp_update_delay_active(peer->bgp))
318 return; /* BGP update delay has ended */
319 if (peer->update_delay_over)
320 return; /* This peer has already been considered */
321
322 if (bgp_debug_neighbor_events(peer))
323 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
324
f18ba3cd
DS		 325 FOREACH_AFI_SAFI (afi, safi) {
326 if (peer->afc_nego[afi][safi]
327 && !CHECK_FLAG(peer->af_sflags[afi][safi],
328 PEER_STATUS_EOR_RECEIVED)) {
329 if (bgp_debug_neighbor_events(peer))
330 zlog_debug(
331 " afi %d safi %d didn't receive EOR",
332 afi, safi);
333 return;
d8151687 334 }
f18ba3cd 335 }
d8151687
QY		 336
337 peer->update_delay_over = 1;
338 peer->bgp->explicit_eors++;
339 bgp_check_update_delay(peer->bgp);
340}
341
342/**
343 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
344 *
345 * mp_withdraw, if set, is used to nullify attr structure on most of the
346 * calling safi function and for evpn, passed as parameter
347 */
348int bgp_nlri_parse(struct peer *peer, struct attr *attr,
349 struct bgp_nlri *packet, int mp_withdraw)
350{
351 switch (packet->safi) {
352 case SAFI_UNICAST:
353 case SAFI_MULTICAST:
354 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
355 packet);
356 case SAFI_LABELED_UNICAST:
357 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
358 packet);
359 case SAFI_MPLS_VPN:
360 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
361 packet);
362 case SAFI_EVPN:
363 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
7c40bf39 364 case SAFI_FLOWSPEC:
365 return bgp_nlri_parse_flowspec(peer, attr, packet, mp_withdraw);
d8151687 366 }
513386b5 367 return BGP_NLRI_PARSE_ERROR;
d8151687
QY		 368}
369
a783cc05
XL		 370
371/*
372 * Check if route-refresh request from peer is pending (received before EoR),
373 * and process it now.
374 */
375static void bgp_process_pending_refresh(struct peer *peer, afi_t afi,
376 safi_t safi)
377{
378 if (CHECK_FLAG(peer->af_sflags[afi][safi],
379 PEER_STATUS_REFRESH_PENDING)) {
380 UNSET_FLAG(peer->af_sflags[afi][safi],
381 PEER_STATUS_REFRESH_PENDING);
382 bgp_route_refresh_send(peer, afi, safi, 0, 0, 0,
383 BGP_ROUTE_REFRESH_BORR);
384 if (bgp_debug_neighbor_events(peer))
385 zlog_debug(
386 "%pBP sending route-refresh (BoRR) for %s/%s (for pending REQUEST)",
387 peer, afi2str(afi), safi2str(safi));
388
389 SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_BORR_SEND);
390 UNSET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EORR_SEND);
391 bgp_announce_route(peer, afi, safi, true);
392 }
393}
394
6ec98a2f
QY		 395/*
396 * Checks a variety of conditions to determine whether the peer needs to be
397 * rescheduled for packet generation again, and does so if necessary.
398 *
399 * @param peer to check for rescheduling
400 */
af1e1dc6
QY		 401static void bgp_write_proceed_actions(struct peer *peer)
402{
403 afi_t afi;
404 safi_t safi;
405 struct peer_af *paf;
406 struct bpacket *next_pkt;
407 struct update_subgroup *subgrp;
0e5cdd59 408 enum bgp_af_index index;
af1e1dc6 409
0e5cdd59
DS		 410 for (index = BGP_AF_START; index < BGP_AF_MAX; index++) {
411 paf = peer->peer_af_array[index];
c58b0f46
QY		 412 if (!paf)
413 continue;
0e5cdd59 414
c58b0f46
QY		 415 subgrp = paf->subgroup;
416 if (!subgrp)
417 continue;
418
419 next_pkt = paf->next_pkt_to_send;
420 if (next_pkt && next_pkt->buffer) {
421 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
422 bgp_generate_updgrp_packets, 0);
423 return;
424 }
af1e1dc6 425
c58b0f46
QY		 426 /* No packets readily available for AFI/SAFI, are there
427 * subgroup packets
428 * that need to be generated? */
429 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
430 SUBGRP_PKTQ(subgrp))
431 || subgroup_packets_to_build(subgrp)) {
432 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
433 bgp_generate_updgrp_packets, 0);
434 return;
435 }
af1e1dc6 436
0e5cdd59
DS		 437 afi = paf->afi;
438 safi = paf->safi;
439
c58b0f46
QY		 440 /* No packets to send, see if EOR is pending */
441 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
442 if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
443 && peer->synctime
444 && !CHECK_FLAG(peer->af_sflags[afi][safi],
445 PEER_STATUS_EOR_SEND)
446 && safi != SAFI_MPLS_VPN) {
af1e1dc6
QY		 447 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
448 bgp_generate_updgrp_packets, 0);
449 return;
450 }
af1e1dc6 451 }
c58b0f46 452 }
af1e1dc6
QY		 453}
454
6ec98a2f
QY		 455/*
456 * Generate advertisement information (withdraws, updates, EOR) from each
457 * update group a peer belongs to, encode this information into packets, and
458 * enqueue the packets onto the peer's output buffer.
56257a44 459 */
cc9f21da 460void bgp_generate_updgrp_packets(struct thread *thread)
718e3744 461{
56257a44 462 struct peer *peer = THREAD_ARG(thread);
56257a44
QY		 463
464 struct stream *s;
d62a17ae 465 struct peer_af *paf;
466 struct bpacket *next_pkt;
d0ad6d8e
QY		 467 uint32_t wpq;
468 uint32_t generated = 0;
d62a17ae 469 afi_t afi;
470 safi_t safi;
471
d0ad6d8e
QY		 472 wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
473 memory_order_relaxed);
474
d62a17ae 475 /*
476 * The code beyond this part deals with update packets, proceed only
477 * if peer is Established and updates are not on hold (as part of
f4d2dd84 478 * update-delay processing).
3f9c7369 479 */
feb17238 480 if (!peer_established(peer))
cc9f21da 481 return;
d62a17ae 482
f4d2dd84
DS		 483 if ((peer->bgp->main_peers_update_hold)
484 || bgp_update_delay_active(peer->bgp))
cc9f21da 485 return;
d62a17ae 486
b10b6d52 487 if (peer->t_routeadv)
cc9f21da 488 return;
b10b6d52 489
963b7ee4
DS		 490 /*
491 * Since the following is a do while loop
492 * let's stop adding to the outq if we are
493 * already at the limit.
494 */
495 if (peer->obuf->count >= bm->outq_limit) {
496 bgp_write_proceed_actions(peer);
497 return;
498 }
499
56257a44 500 do {
0e5cdd59
DS		 501 enum bgp_af_index index;
502
56257a44 503 s = NULL;
0e5cdd59
DS		 504 for (index = BGP_AF_START; index < BGP_AF_MAX; index++) {
505 paf = peer->peer_af_array[index];
c58b0f46
QY		 506 if (!paf || !PAF_SUBGRP(paf))
507 continue;
0e5cdd59
DS		 508
509 afi = paf->afi;
510 safi = paf->safi;
c58b0f46 511 next_pkt = paf->next_pkt_to_send;
80bd61c4 512
c58b0f46
QY		 513 /*
514 * Try to generate a packet for the peer if we are at
515 * the end of the list. Always try to push out
516 * WITHDRAWs first.
517 */
518 if (!next_pkt || !next_pkt->buffer) {
519 next_pkt = subgroup_withdraw_packet(
520 PAF_SUBGRP(paf));
521 if (!next_pkt || !next_pkt->buffer)
522 subgroup_update_packet(PAF_SUBGRP(paf));
523 next_pkt = paf->next_pkt_to_send;
524 }
80bd61c4 525
c58b0f46
QY		 526 /*
527 * If we still don't have a packet to send to the peer,
528 * then try to find out out if we have to send eor or
529 * if not, skip to the next AFI, SAFI. Don't send the
530 * EOR prematurely; if the subgroup's coalesce timer is
531 * running, the adjacency-out structure is not created
532 * yet.
533 */
534 if (!next_pkt || !next_pkt->buffer) {
9af52ccf
DA		 535 if (!paf->t_announce_route) {
536 /* Make sure we supress BGP UPDATES
537 * for normal processing later again.
538 */
2adac256
DA		 539 UNSET_FLAG(paf->subgroup->sflags,
540 SUBGRP_STATUS_FORCE_UPDATES);
541
9af52ccf
DA		 542 /* If route-refresh BoRR message was
543 * already sent and we are done with
544 * re-announcing tables for a decent
545 * afi/safi, we ready to send
546 * EoRR request.
547 */
548 if (CHECK_FLAG(
549 peer->af_sflags[afi][safi],
550 PEER_STATUS_BORR_SEND)) {
551 bgp_route_refresh_send(
552 peer, afi, safi, 0, 0,
553 0,
554 BGP_ROUTE_REFRESH_EORR);
555
556 SET_FLAG(peer->af_sflags[afi]
557 [safi],
558 PEER_STATUS_EORR_SEND);
559 UNSET_FLAG(
560 peer->af_sflags[afi]
561 [safi],
562 PEER_STATUS_BORR_SEND);
563
564 if (bgp_debug_neighbor_events(
565 peer))
566 zlog_debug(
f70c91dc
DA		 567 "%pBP sending route-refresh (EoRR) for %s/%s",
568 peer,
9af52ccf
DA		 569 afi2str(afi),
570 safi2str(safi));
571 }
572 }
573
c58b0f46 574 if (CHECK_FLAG(peer->cap,
36235319 575 PEER_CAP_RESTART_RCV)) {
c58b0f46 576 if (!(PAF_SUBGRP(paf))->t_coalesce
36235319
QY		 577 && peer->afc_nego[afi][safi]
578 && peer->synctime
579 && !CHECK_FLAG(
580 peer->af_sflags[afi][safi],
581 PEER_STATUS_EOR_SEND)) {
d6e3c15b 582 /* If EOR is disabled,
583 * the message is not sent
584 */
36235319
QY		 585 if (BGP_SEND_EOR(peer->bgp, afi,
586 safi)) {
d6e3c15b 587 SET_FLAG(
36235319
QY		 588 peer->af_sflags
589 [afi]
590 [safi],
591 PEER_STATUS_EOR_SEND);
d6e3c15b 592
9e3b51a7 593 /* Update EOR
594 * send time
595 */
36235319
QY		 596 peer->eor_stime[afi]
597 [safi] =
598 monotime(NULL);
9e3b51a7 599
d6e3c15b 600 BGP_UPDATE_EOR_PKT(
36235319
QY		 601 peer, afi, safi,
602 s);
a783cc05
XL		 603 bgp_process_pending_refresh(
604 peer, afi,
605 safi);
56257a44 606 }
80bd61c4 607 }
d62a17ae 608 }
c58b0f46
QY		 609 continue;
610 }
9e3b51a7 611
612 /* Update packet send time */
613 peer->pkt_stime[afi][safi] = monotime(NULL);
614
c58b0f46
QY		 615 /* Found a packet template to send, overwrite
616 * packet with appropriate attributes from peer
617 * and advance peer */
618 s = bpacket_reformat_for_peer(next_pkt, paf);
619 bgp_packet_add(peer, s);
c58b0f46
QY		 620 bpacket_queue_advance_peer(paf);
621 }
963b7ee4
DS		 622 } while (s && (++generated < wpq) &&
623 (peer->obuf->count <= bm->outq_limit));
80bd61c4 624
6ec98a2f
QY		 625 if (generated)
626 bgp_writes_on(peer);
627
af1e1dc6 628 bgp_write_proceed_actions(peer);
80bd61c4
QY		 629}
630
d3ecc69e
QY		 631/*
632 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
633 */
d62a17ae 634void bgp_keepalive_send(struct peer *peer)
718e3744 635{
d62a17ae 636 struct stream *s;
637
556beacf 638 s = stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE);
718e3744 639
d62a17ae 640 /* Make keepalive packet. */
641 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
718e3744 642
d62a17ae 643 /* Set packet size. */
65baedca 644 bgp_packet_set_size(s);
718e3744 645
d62a17ae 646 /* Dump packet if debug option is set. */
647 /* bgp_packet_dump (s); */
718e3744 648
d62a17ae 649 if (bgp_debug_keepalive(peer))
650 zlog_debug("%s sending KEEPALIVE", peer->host);
718e3744 651
d62a17ae 652 /* Add packet to the peer. */
653 bgp_packet_add(peer, s);
424ab01d
QY		 654
655 bgp_writes_on(peer);
718e3744 656}
657
d3ecc69e
QY		 658/*
659 * Creates a BGP Open packet and appends it to the peer's output queue.
660 * Sets capabilities as necessary.
661 */
d62a17ae 662void bgp_open_send(struct peer *peer)
718e3744 663{
d62a17ae 664 struct stream *s;
d7c0a89a 665 uint16_t send_holdtime;
d62a17ae 666 as_t local_as;
718e3744 667
b90a8e13 668 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
d62a17ae 669 send_holdtime = peer->holdtime;
670 else
671 send_holdtime = peer->bgp->default_holdtime;
718e3744 672
d62a17ae 673 /* local-as Change */
674 if (peer->change_local_as)
675 local_as = peer->change_local_as;
676 else
677 local_as = peer->local_as;
718e3744 678
556beacf 679 s = stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE);
718e3744 680
d62a17ae 681 /* Make open packet. */
682 bgp_packet_set_marker(s, BGP_MSG_OPEN);
718e3744 683
d62a17ae 684 /* Set open packet values. */
685 stream_putc(s, BGP_VERSION_4); /* BGP version */
d7c0a89a
QY		 686 stream_putw(s, (local_as <= BGP_AS_MAX) ? (uint16_t)local_as
687 : BGP_AS_TRANS);
d62a17ae 688 stream_putw(s, send_holdtime); /* Hold Time */
689 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
718e3744 690
d08c0c80
DA		 691 /* Set capabilities */
692 if (CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
693 (void)bgp_open_capability(s, peer, true);
694 } else {
695 struct stream *tmp = stream_new(STREAM_SIZE(s));
696
697 stream_copy(tmp, s);
698 if (bgp_open_capability(tmp, peer, false)
699 > BGP_OPEN_NON_EXT_OPT_LEN) {
700 stream_free(tmp);
701 (void)bgp_open_capability(s, peer, true);
702 } else {
703 stream_copy(s, tmp);
704 stream_free(tmp);
705 }
706 }
718e3744 707
d62a17ae 708 /* Set BGP packet length. */
65baedca 709 bgp_packet_set_size(s);
718e3744 710
d62a17ae 711 if (bgp_debug_neighbor_events(peer))
712 zlog_debug(
23d0a753 713 "%s sending OPEN, version %d, my as %u, holdtime %d, id %pI4",
d62a17ae 714 peer->host, BGP_VERSION_4, local_as, send_holdtime,
23d0a753 715 &peer->local_id);
718e3744 716
d62a17ae 717 /* Dump packet if debug option is set. */
718 /* bgp_packet_dump (s); */
6fd04594 719 hook_call(bgp_packet_send, peer, BGP_MSG_OPEN, stream_get_endp(s), s);
718e3744 720
d62a17ae 721 /* Add packet to the peer. */
722 bgp_packet_add(peer, s);
424ab01d
QY		 723
724 bgp_writes_on(peer);
725}
726
a127f33b
QY		 727/*
728 * Writes NOTIFICATION message directly to a peer socket without waiting for
729 * the I/O thread.
730 *
731 * There must be exactly one stream on the peer->obuf FIFO, and the data within
732 * this stream must match the format of a BGP NOTIFICATION message.
733 * Transmission is best-effort.
734 *
735 * @requires peer->io_mtx
736 * @param peer
737 * @return 0
738 */
3dc339cd 739static void bgp_write_notify(struct peer *peer)
424ab01d
QY		 740{
741 int ret, val;
d7c0a89a 742 uint8_t type;
424ab01d
QY		 743 struct stream *s;
744
a127f33b
QY		 745 /* There should be at least one packet. */
746 s = stream_fifo_pop(peer->obuf);
424ab01d 747
8ec586b0 748 if (!s)
3dc339cd 749 return;
8ec586b0
QY		 750
751 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
752
becedef6
QY		 753 /*
754 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
755 * we only care about getting a clean shutdown at this point.
756 */
424ab01d
QY		 757 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
758
becedef6
QY		 759 /*
760 * only connection reset/close gets counted as TCP_fatal_error, failure
761 * to write the entire NOTIFY doesn't get different FSM treatment
762 */
424ab01d 763 if (ret <= 0) {
3735936b 764 stream_free(s);
424ab01d 765 BGP_EVENT_ADD(peer, TCP_fatal_error);
3dc339cd 766 return;
424ab01d
QY		 767 }
768
769 /* Disable Nagle, make NOTIFY packet go out right away */
770 val = 1;
771 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
772 sizeof(val));
773
774 /* Retrieve BGP packet type. */
775 stream_set_getp(s, BGP_MARKER_SIZE + 2);
776 type = stream_getc(s);
777
778 assert(type == BGP_MSG_NOTIFY);
779
780 /* Type should be notify. */
0112e9e0 781 atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
424ab01d
QY		 782
783 /* Double start timer. */
784 peer->v_start *= 2;
785
786 /* Overflow check. */
787 if (peer->v_start >= (60 * 2))
788 peer->v_start = (60 * 2);
789
becedef6
QY		 790 /*
791 * Handle Graceful Restart case where the state changes to
792 * Connect instead of Idle
793 */
424ab01d
QY		 794 BGP_EVENT_ADD(peer, BGP_Stop);
795
3735936b 796 stream_free(s);
718e3744 797}
798
eea685b6
DA		 799/*
800 * Encapsulate an original BGP CEASE Notification into Hard Reset
801 */
802static uint8_t *bgp_notify_encapsulate_hard_reset(uint8_t code, uint8_t subcode,
803 uint8_t *data, size_t datalen)
804{
805 uint8_t *message = XCALLOC(MTYPE_BGP_NOTIFICATION, datalen + 2);
806
807 /* ErrCode */
808 message[0] = code;
809 /* Subcode */
810 message[1] = subcode;
811 /* Data */
812 if (datalen)
813 memcpy(message + 2, data, datalen);
814
815 return message;
816}
817
818/*
819 * Decapsulate an original BGP CEASE Notification from Hard Reset
820 */
821struct bgp_notify bgp_notify_decapsulate_hard_reset(struct bgp_notify *notify)
822{
823 struct bgp_notify bn = {};
824
825 bn.code = notify->raw_data[0];
826 bn.subcode = notify->raw_data[1];
827 bn.length = notify->length - 2;
828
c73d2363 829 bn.raw_data = XMALLOC(MTYPE_BGP_NOTIFICATION, bn.length);
eea685b6
DA		 830 memcpy(bn.raw_data, notify->raw_data + 2, bn.length);
831
832 return bn;
833}
834
20170775
DA		 835/* Check if Graceful-Restart N-bit is exchanged */
836bool bgp_has_graceful_restart_notification(struct peer *peer)
837{
838 return CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV) &&
839 CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_ADV);
840}
841
eea685b6
DA		 842/*
843 * Check if to send BGP CEASE Notification/Hard Reset?
844 */
1ae314be
DA		 845bool bgp_notify_send_hard_reset(struct peer *peer, uint8_t code,
846 uint8_t subcode)
eea685b6
DA		 847{
848 /* When the "N" bit has been exchanged, a Hard Reset message is used to
849 * indicate to the peer that the session is to be fully terminated.
850 */
20170775 851 if (!bgp_has_graceful_restart_notification(peer))
eea685b6
DA		 852 return false;
853
854 /*
855 * https://datatracker.ietf.org/doc/html/rfc8538#section-5.1
856 */
1ae314be 857 if (code == BGP_NOTIFY_CEASE) {
eea685b6
DA		 858 switch (subcode) {
859 case BGP_NOTIFY_CEASE_MAX_PREFIX:
860 case BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN:
861 case BGP_NOTIFY_CEASE_PEER_UNCONFIG:
862 case BGP_NOTIFY_CEASE_HARD_RESET:
aebe2e37 863 case BGP_NOTIFY_CEASE_BFD_DOWN:
eea685b6 864 return true;
1ae314be
DA		 865 case BGP_NOTIFY_CEASE_ADMIN_RESET:
866 /* Provide user control:
867 * `bgp hard-adminstrative-reset`
868 */
869 if (CHECK_FLAG(peer->bgp->flags,
870 BGP_FLAG_HARD_ADMIN_RESET))
871 return true;
872 else
873 return false;
eea685b6
DA		 874 default:
875 break;
876 }
877 }
878
879 return false;
880}
881
1ae314be
DA		 882/*
883 * Check if received BGP CEASE Notification/Hard Reset?
884 */
885bool bgp_notify_received_hard_reset(struct peer *peer, uint8_t code,
886 uint8_t subcode)
887{
888 /* When the "N" bit has been exchanged, a Hard Reset message is used to
889 * indicate to the peer that the session is to be fully terminated.
890 */
20170775 891 if (!bgp_has_graceful_restart_notification(peer))
1ae314be
DA		 892 return false;
893
894 if (code == BGP_NOTIFY_CEASE && subcode == BGP_NOTIFY_CEASE_HARD_RESET)
895 return true;
896
897 return false;
898}
899
d3ecc69e
QY		 900/*
901 * Creates a BGP Notify and appends it to the peer's output queue.
902 *
becedef6
QY		 903 * This function attempts to write the packet from the thread it is called
904 * from, to ensure the packet gets out ASAP.
d3ecc69e 905 *
a127f33b
QY		 906 * This function may be called from multiple threads. Since the function
907 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
908 * call to prevent tampering from other threads.
909 *
910 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
911 * return, the peer structure *must* be reset; no assumptions about session
912 * state are valid.
913 *
d3ecc69e
QY		 914 * @param peer
915 * @param code BGP error code
916 * @param sub_code BGP error subcode
917 * @param data Data portion
918 * @param datalen length of data portion
919 */
71ca5b09
MS		 920static void bgp_notify_send_internal(struct peer *peer, uint8_t code,
921 uint8_t sub_code, uint8_t *data,
922 size_t datalen, bool use_curr)
718e3744 923{
d62a17ae 924 struct stream *s;
1ae314be 925 bool hard_reset = bgp_notify_send_hard_reset(peer, code, sub_code);
d62a17ae 926
a127f33b 927 /* Lock I/O mutex to prevent other threads from pushing packets */
00dffa8c 928 frr_mutex_lock_autounlock(&peer->io_mtx);
a127f33b
QY		 929 /* ============================================== */
930
d62a17ae 931 /* Allocate new stream. */
ef56aee4 932 s = stream_new(peer->max_packet_size);
d62a17ae 933
d3ecc69e 934 /* Make notify packet. */
d62a17ae 935 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
936
eea685b6
DA		 937 /* Check if we should send Hard Reset Notification or not */
938 if (hard_reset) {
939 uint8_t *hard_reset_message = bgp_notify_encapsulate_hard_reset(
940 code, sub_code, data, datalen);
d62a17ae 941
eea685b6
DA		 942 /* Hard Reset encapsulates another NOTIFICATION message
943 * in its data portion.
944 */
945 stream_putc(s, BGP_NOTIFY_CEASE);
946 stream_putc(s, BGP_NOTIFY_CEASE_HARD_RESET);
947 stream_write(s, hard_reset_message, datalen + 2);
948
949 XFREE(MTYPE_BGP_NOTIFICATION, hard_reset_message);
950 } else {
951 stream_putc(s, code);
952 stream_putc(s, sub_code);
953 if (data)
954 stream_write(s, data, datalen);
955 }
d62a17ae 956
957 /* Set BGP packet length. */
bd6b2706 958 bgp_packet_set_size(s);
d62a17ae 959
424ab01d 960 /* wipe output buffer */
a127f33b 961 stream_fifo_clean(peer->obuf);
d62a17ae 962
becedef6
QY		 963 /*
964 * If possible, store last packet for debugging purposes. This check is
965 * in place because we are sometimes called with a doppelganger peer,
966 * who tends to have a plethora of fields nulled out.
71ca5b09
MS		 967 *
968 * Some callers should not attempt this - the io pthread for example
969 * should not touch internals of the peer struct.
becedef6 970 */
71ca5b09 971 if (use_curr && peer->curr) {
d8151687 972 size_t packetsize = stream_get_endp(peer->curr);
556beacf 973 assert(packetsize <= peer->max_packet_size);
d8151687
QY		 974 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
975 peer->last_reset_cause_size = packetsize;
976 }
977
d62a17ae 978 /* For debug */
979 {
980 struct bgp_notify bgp_notify;
981 int first = 0;
982 int i;
983 char c[4];
984
985 bgp_notify.code = code;
986 bgp_notify.subcode = sub_code;
987 bgp_notify.data = NULL;
e0981960 988 bgp_notify.length = datalen;
d62a17ae 989 bgp_notify.raw_data = data;
990
991 peer->notify.code = bgp_notify.code;
992 peer->notify.subcode = bgp_notify.subcode;
3573b171 993 peer->notify.length = bgp_notify.length;
d62a17ae 994
e0981960 995 if (bgp_notify.length && data) {
3573b171
DA		 996 bgp_notify.data = XMALLOC(MTYPE_BGP_NOTIFICATION,
997 bgp_notify.length * 3);
d62a17ae 998 for (i = 0; i < bgp_notify.length; i++)
999 if (first) {
552d6491
QY		 1000 snprintf(c, sizeof(c), " %02x",
1001 data[i]);
f009ff26 1002
552d6491 1003 strlcat(bgp_notify.data, c,
2ba1fe69 1004 bgp_notify.length);
f009ff26 1005
d62a17ae 1006 } else {
1007 first = 1;
552d6491 1008 snprintf(c, sizeof(c), "%02x", data[i]);
f009ff26 1009
552d6491 1010 strlcpy(bgp_notify.data, c,
2ba1fe69 1011 bgp_notify.length);
d62a17ae 1012 }
1013 }
eea685b6 1014 bgp_notify_print(peer, &bgp_notify, "sending", hard_reset);
d62a17ae 1015
1016 if (bgp_notify.data) {
3573b171
DA		 1017 if (data) {
1018 XFREE(MTYPE_BGP_NOTIFICATION,
1019 peer->notify.data);
1020 peer->notify.data = XCALLOC(
1021 MTYPE_BGP_NOTIFICATION, datalen);
1022 memcpy(peer->notify.data, data, datalen);
1023 }
1024
1025 XFREE(MTYPE_BGP_NOTIFICATION, bgp_notify.data);
d62a17ae 1026 bgp_notify.length = 0;
1027 }
1028 }
1029
1030 /* peer reset cause */
1031 if (code == BGP_NOTIFY_CEASE) {
1032 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
1033 peer->last_reset = PEER_DOWN_USER_RESET;
5597214c
DA		 1034 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN) {
1035 if (CHECK_FLAG(peer->sflags, PEER_STATUS_RTT_SHUTDOWN))
1036 peer->last_reset = PEER_DOWN_RTT_SHUTDOWN;
1037 else
1038 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
1039 } else
d62a17ae 1040 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
1041 } else
1042 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
1043
d3ecc69e 1044 /* Add packet to peer's output queue */
a127f33b 1045 stream_fifo_push(peer->obuf, s);
424ab01d 1046
5cce3f05 1047 bgp_peer_gr_flags_update(peer);
36235319
QY		 1048 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
1049 peer->bgp->peer);
5cce3f05 1050
424ab01d 1051 bgp_write_notify(peer);
718e3744 1052}
1053
d3ecc69e
QY		 1054/*
1055 * Creates a BGP Notify and appends it to the peer's output queue.
1056 *
becedef6
QY		 1057 * This function attempts to write the packet from the thread it is called
1058 * from, to ensure the packet gets out ASAP.
d3ecc69e
QY		 1059 *
1060 * @param peer
1061 * @param code BGP error code
1062 * @param sub_code BGP error subcode
1063 */
d7c0a89a 1064void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code)
718e3744 1065{
71ca5b09
MS		 1066 bgp_notify_send_internal(peer, code, sub_code, NULL, 0, true);
1067}
1068
1069/*
1070 * Enqueue notification; called from the main pthread, peer object access is ok.
1071 */
1072void bgp_notify_send_with_data(struct peer *peer, uint8_t code,
1073 uint8_t sub_code, uint8_t *data, size_t datalen)
1074{
1075 bgp_notify_send_internal(peer, code, sub_code, data, datalen, true);
1076}
1077
1078/*
1079 * For use by the io pthread, queueing a notification but avoiding access to
1080 * the peer object.
1081 */
1082void bgp_notify_io_invalid(struct peer *peer, uint8_t code, uint8_t sub_code,
1083 uint8_t *data, size_t datalen)
1084{
1085 /* Avoid touching the peer object */
1086 bgp_notify_send_internal(peer, code, sub_code, data, datalen, false);
718e3744 1087}
1088
d3ecc69e
QY		 1089/*
1090 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
1091 *
1092 * @param peer
1093 * @param afi Address Family Identifier
1094 * @param safi Subsequent Address Family Identifier
1095 * @param orf_type Outbound Route Filtering type
1096 * @param when_to_refresh Whether to refresh immediately or defer
1097 * @param remove Whether to remove ORF for specified AFI/SAFI
1098 */
d62a17ae 1099void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
d7c0a89a 1100 uint8_t orf_type, uint8_t when_to_refresh,
9af52ccf 1101 int remove, uint8_t subtype)
718e3744 1102{
d62a17ae 1103 struct stream *s;
1104 struct bgp_filter *filter;
1105 int orf_refresh = 0;
617975d1
DS		 1106 iana_afi_t pkt_afi = IANA_AFI_IPV4;
1107 iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
d62a17ae 1108
1109 if (DISABLE_BGP_ANNOUNCE)
1110 return;
1111
1112 filter = &peer->filter[afi][safi];
1113
1114 /* Convert AFI, SAFI to values for packet. */
1115 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
1116
ef56aee4 1117 s = stream_new(peer->max_packet_size);
d62a17ae 1118
1119 /* Make BGP update packet. */
1120 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
1121 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
718e3744 1122 else
d62a17ae 1123 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
1124
1125 /* Encode Route Refresh message. */
1126 stream_putw(s, pkt_afi);
9af52ccf
DA		 1127 if (subtype)
1128 stream_putc(s, subtype);
1129 else
1130 stream_putc(s, 0);
d62a17ae 1131 stream_putc(s, pkt_safi);
1132
1133 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
1134 if (remove || filter->plist[FILTER_IN].plist) {
d7c0a89a 1135 uint16_t orf_len;
d62a17ae 1136 unsigned long orfp;
1137
1138 orf_refresh = 1;
1139 stream_putc(s, when_to_refresh);
1140 stream_putc(s, orf_type);
1141 orfp = stream_get_endp(s);
1142 stream_putw(s, 0);
1143
1144 if (remove) {
1145 UNSET_FLAG(peer->af_sflags[afi][safi],
1146 PEER_STATUS_ORF_PREFIX_SEND);
1147 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
1148 if (bgp_debug_neighbor_events(peer))
1149 zlog_debug(
f70c91dc
DA		 1150 "%pBP sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
1151 peer, orf_type,
a7d91a8c
DA		 1152 (when_to_refresh ==
1153 REFRESH_DEFER
d62a17ae 1154 ? "defer"
1155 : "immediate"),
748a041f
DS		 1156 iana_afi2str(pkt_afi),
1157 iana_safi2str(pkt_safi));
d62a17ae 1158 } else {
1159 SET_FLAG(peer->af_sflags[afi][safi],
1160 PEER_STATUS_ORF_PREFIX_SEND);
1161 prefix_bgp_orf_entry(
1162 s, filter->plist[FILTER_IN].plist,
1163 ORF_COMMON_PART_ADD,
1164 ORF_COMMON_PART_PERMIT,
1165 ORF_COMMON_PART_DENY);
1166 if (bgp_debug_neighbor_events(peer))
1167 zlog_debug(
f70c91dc
DA		 1168 "%pBP sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
1169 peer, orf_type,
a7d91a8c
DA		 1170 (when_to_refresh ==
1171 REFRESH_DEFER
d62a17ae 1172 ? "defer"
1173 : "immediate"),
748a041f
DS		 1174 iana_afi2str(pkt_afi),
1175 iana_safi2str(pkt_safi));
d62a17ae 1176 }
1177
1178 /* Total ORF Entry Len. */
1179 orf_len = stream_get_endp(s) - orfp - 2;
1180 stream_putw_at(s, orfp, orf_len);
1181 }
1182
1183 /* Set packet size. */
65baedca 1184 bgp_packet_set_size(s);
d62a17ae 1185
1186 if (bgp_debug_neighbor_events(peer)) {
1187 if (!orf_refresh)
a7d91a8c 1188 zlog_debug(
f70c91dc
DA		 1189 "%pBP sending REFRESH_REQ for afi/safi: %s/%s",
1190 peer, iana_afi2str(pkt_afi),
1191 iana_safi2str(pkt_safi));
d62a17ae 1192 }
1193
1194 /* Add packet to the peer. */
1195 bgp_packet_add(peer, s);
424ab01d
QY		 1196
1197 bgp_writes_on(peer);
718e3744 1198}
1199
d3ecc69e
QY		 1200/*
1201 * Create a BGP Capability packet and append it to the peer's output queue.
1202 *
1203 * @param peer
1204 * @param afi Address Family Identifier
1205 * @param safi Subsequent Address Family Identifier
1206 * @param capability_code BGP Capability Code
1207 * @param action Set or Remove capability
1208 */
d62a17ae 1209void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
1210 int capability_code, int action)
718e3744 1211{
d62a17ae 1212 struct stream *s;
617975d1
DS		 1213 iana_afi_t pkt_afi = IANA_AFI_IPV4;
1214 iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
d62a17ae 1215
1216 /* Convert AFI, SAFI to values for packet. */
1217 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
1218
ef56aee4 1219 s = stream_new(peer->max_packet_size);
d62a17ae 1220
1221 /* Make BGP update packet. */
1222 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
1223
1224 /* Encode MP_EXT capability. */
1225 if (capability_code == CAPABILITY_CODE_MP) {
1226 stream_putc(s, action);
1227 stream_putc(s, CAPABILITY_CODE_MP);
1228 stream_putc(s, CAPABILITY_CODE_MP_LEN);
1229 stream_putw(s, pkt_afi);
1230 stream_putc(s, 0);
1231 stream_putc(s, pkt_safi);
1232
1233 if (bgp_debug_neighbor_events(peer))
1234 zlog_debug(
f70c91dc
DA		 1235 "%pBP sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
1236 peer,
d62a17ae 1237 action == CAPABILITY_ACTION_SET ? "Advertising"
1238 : "Removing",
748a041f 1239 iana_afi2str(pkt_afi), iana_safi2str(pkt_safi));
d62a17ae 1240 }
1241
1242 /* Set packet size. */
65baedca 1243 bgp_packet_set_size(s);
718e3744 1244
d62a17ae 1245 /* Add packet to the peer. */
1246 bgp_packet_add(peer, s);
424ab01d
QY		 1247
1248 bgp_writes_on(peer);
d62a17ae 1249}
718e3744 1250
d62a17ae 1251/* RFC1771 6.8 Connection collision detection. */
1252static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
1253{
1254 struct peer *peer;
1255
f88221f3
DS		 1256 /*
1257 * Upon receipt of an OPEN message, the local system must examine
1258 * all of its connections that are in the OpenConfirm state. A BGP
1259 * speaker may also examine connections in an OpenSent state if it
1260 * knows the BGP Identifier of the peer by means outside of the
1261 * protocol. If among these connections there is a connection to a
1262 * remote BGP speaker whose BGP Identifier equals the one in the
1263 * OPEN message, then the local system performs the following
1264 * collision resolution procedure:
1265 */
1266 peer = new->doppelganger;
1267 if (peer == NULL)
1268 return 0;
1269
1270 /*
1271 * Do not accept the new connection in Established or Clearing
1272 * states. Note that a peer GR is handled by closing the existing
1273 * connection upon receipt of new one.
1274 */
feb17238 1275 if (peer_established(peer) || peer->status == Clearing) {
f88221f3
DS		 1276 bgp_notify_send(new, BGP_NOTIFY_CEASE,
1277 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1278 return -1;
1279 }
1280
1281 if ((peer->status != OpenConfirm) && (peer->status != OpenSent))
1282 return 0;
1283
1284 /*
1285 * 1. The BGP Identifier of the local system is
1286 * compared to the BGP Identifier of the remote
1287 * system (as specified in the OPEN message).
1288 *
1289 * If the BGP Identifiers of the peers
1290 * involved in the connection collision
1291 * are identical, then the connection
1292 * initiated by the BGP speaker with the
1293 * larger AS number is preserved.
1294 */
1295 if (ntohl(peer->local_id.s_addr) < ntohl(remote_id.s_addr)
1296 || (ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)
1297 && peer->local_as < peer->as))
1298 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)) {
1299 /*
1300 * 2. If the value of the local BGP
1301 * Identifier is less than the remote one,
1302 * the local system closes BGP connection
1303 * that already exists (the one that is
1304 * already in the OpenConfirm state),
1305 * and accepts BGP connection initiated by
1306 * the remote system.
1307 */
1308 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1309 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1310 return 1;
1311 } else {
1312 bgp_notify_send(new, BGP_NOTIFY_CEASE,
1313 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1314 return -1;
1315 }
1316 else {
1317 if (ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)
1318 && peer->local_as == peer->as)
1319 flog_err(EC_BGP_ROUTER_ID_SAME,
1320 "Peer's router-id %pI4 is the same as ours",
1321 &remote_id);
1322
1323 /*
1324 * 3. Otherwise, the local system closes newly
1325 * created BGP connection (the one associated with the
1326 * newly received OPEN message), and continues to use
1327 * the existing one (the one that is already in the
1328 * OpenConfirm state).
d62a17ae 1329 */
f88221f3
DS		 1330 if (CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)) {
1331 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1332 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1333 return 1;
1334 } else {
d62a17ae 1335 bgp_notify_send(new, BGP_NOTIFY_CEASE,
1336 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
95f7965d 1337 return -1;
d62a17ae 1338 }
1339 }
d62a17ae 1340}
718e3744 1341
d8151687
QY		 1342/* Packet processing routines ---------------------------------------------- */
1343/*
1344 * This is a family of functions designed to be called from
1345 * bgp_process_packet(). These functions all share similar behavior and should
1346 * adhere to the following invariants and restrictions:
1347 *
1348 * Return codes
1349 * ------------
1350 * The return code of any one of those functions should be one of the FSM event
1351 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1352 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1353 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1354 * error and Receive_OPEN_message otherwise.
1355 *
1356 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1357 * defined below.
1358 *
1359 * Side effects
1360 * ------------
1361 * - May send NOTIFY messages
1362 * - May not modify peer->status
1363 * - May not call bgp_event_update()
1364 */
1365
1366#define BGP_PACKET_NOOP 0
1367
1368/**
1369 * Process BGP OPEN message for peer.
1370 *
1371 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1372 * and returns BGP_Stop.
1373 *
1374 * @param peer
1375 * @param size size of the packet
1376 * @return as in summary
1377 */
d62a17ae 1378static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1379{
1380 int ret;
d7c0a89a 1381 uint8_t version;
d08c0c80 1382 uint16_t optlen;
d7c0a89a
QY		 1383 uint16_t holdtime;
1384 uint16_t send_holdtime;
d62a17ae 1385 as_t remote_as;
6dcef54c 1386 as_t as4 = 0, as4_be;
d62a17ae 1387 struct in_addr remote_id;
1388 int mp_capability;
d7c0a89a
QY		 1389 uint8_t notify_data_remote_as[2];
1390 uint8_t notify_data_remote_as4[4];
1391 uint8_t notify_data_remote_id[4];
1392 uint16_t *holdtime_ptr;
d62a17ae 1393
1394 /* Parse open packet. */
424ab01d
QY		 1395 version = stream_getc(peer->curr);
1396 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1397 remote_as = stream_getw(peer->curr);
d7c0a89a 1398 holdtime_ptr = (uint16_t *)stream_pnt(peer->curr);
424ab01d
QY		 1399 holdtime = stream_getw(peer->curr);
1400 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1401 remote_id.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1402
d62a17ae 1403 /* BEGIN to read the capability here, but dont do it yet */
1404 mp_capability = 0;
424ab01d 1405 optlen = stream_getc(peer->curr);
d62a17ae 1406
d08c0c80
DA		 1407 /* Extended Optional Parameters Length for BGP OPEN Message */
1408 if (optlen == BGP_OPEN_NON_EXT_OPT_LEN
1409 || CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
1410 uint8_t opttype;
1411
766eec1b
DS		 1412 if (STREAM_READABLE(peer->curr) < 1) {
1413 flog_err(
1414 EC_BGP_PKT_OPEN,
1415 "%s: stream does not have enough bytes for extended optional parameters",
1416 peer->host);
1417 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1418 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1419 return BGP_Stop;
1420 }
1421
d08c0c80
DA		 1422 opttype = stream_getc(peer->curr);
1423 if (opttype == BGP_OPEN_NON_EXT_OPT_TYPE_EXTENDED_LENGTH) {
766eec1b
DS		 1424 if (STREAM_READABLE(peer->curr) < 2) {
1425 flog_err(
1426 EC_BGP_PKT_OPEN,
1427 "%s: stream does not have enough bytes to read the extended optional parameters optlen",
1428 peer->host);
1429 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1430 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1431 return BGP_Stop;
1432 }
d08c0c80
DA		 1433 optlen = stream_getw(peer->curr);
1434 SET_FLAG(peer->sflags,
1435 PEER_STATUS_EXT_OPT_PARAMS_LENGTH);
1436 }
1437 }
1438
1439 /* Receive OPEN message log */
1440 if (bgp_debug_neighbor_events(peer))
1441 zlog_debug(
1442 "%s rcv OPEN%s, version %d, remote-as (in open) %u, holdtime %d, id %pI4",
1443 peer->host,
1444 CHECK_FLAG(peer->sflags,
1445 PEER_STATUS_EXT_OPT_PARAMS_LENGTH)
1446 ? " (Extended)"
1447 : "",
1448 version, remote_as, holdtime, &remote_id);
1449
d62a17ae 1450 if (optlen != 0) {
1451 /* If not enough bytes, it is an error. */
424ab01d 1452 if (STREAM_READABLE(peer->curr) < optlen) {
d08c0c80
DA		 1453 flog_err(EC_BGP_PKT_OPEN,
1454 "%s: stream has not enough bytes (%u)",
1455 peer->host, optlen);
d62a17ae 1456 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1457 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
d8151687 1458 return BGP_Stop;
d62a17ae 1459 }
718e3744 1460
d62a17ae 1461 /* We need the as4 capability value *right now* because
1462 * if it is there, we have not got the remote_as yet, and
1463 * without
1464 * that we do not know which peer is connecting to us now.
1465 */
1466 as4 = peek_for_as4_capability(peer, optlen);
d62a17ae 1467 }
718e3744 1468
6dcef54c
DL		 1469 as4_be = htonl(as4);
1470 memcpy(notify_data_remote_as4, &as4_be, 4);
1471
d62a17ae 1472 /* Just in case we have a silly peer who sends AS4 capability set to 0
1473 */
1474 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
e50f7cfd 1475 flog_err(EC_BGP_PKT_OPEN,
1c50c1c0
QY		 1476 "%s bad OPEN, got AS4 capability, but AS4 set to 0",
1477 peer->host);
d62a17ae 1478 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1479 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1480 notify_data_remote_as4, 4);
d8151687 1481 return BGP_Stop;
d62a17ae 1482 }
718e3744 1483
33d022bc
DA		 1484 /* Codification of AS 0 Processing */
1485 if (remote_as == BGP_AS_ZERO) {
1486 flog_err(EC_BGP_PKT_OPEN, "%s bad OPEN, got AS set to 0",
1487 peer->host);
1488 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1489 BGP_NOTIFY_OPEN_BAD_PEER_AS);
1490 return BGP_Stop;
1491 }
1492
d62a17ae 1493 if (remote_as == BGP_AS_TRANS) {
1494 /* Take the AS4 from the capability. We must have received the
1495 * capability now! Otherwise we have a asn16 peer who uses
1496 * BGP_AS_TRANS, for some unknown reason.
1497 */
1498 if (as4 == BGP_AS_TRANS) {
af4c2728 1499 flog_err(
e50f7cfd 1500 EC_BGP_PKT_OPEN,
d62a17ae 1501 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1502 peer->host);
1503 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1504 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1505 notify_data_remote_as4, 4);
d8151687 1506 return BGP_Stop;
d62a17ae 1507 }
718e3744 1508
d62a17ae 1509 if (!as4 && BGP_DEBUG(as4, AS4))
1510 zlog_debug(
3efd0893 1511 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4. Odd, but proceeding.",
d62a17ae 1512 peer->host);
1513 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1514 zlog_debug(
3efd0893 1515 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits in 2-bytes, very odd peer.",
d62a17ae 1516 peer->host, as4);
1517 if (as4)
1518 remote_as = as4;
1519 } else {
1520 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1521 */
1522 /* If we have got the capability, peer->as4cap must match
1523 * remote_as */
1524 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1525 && as4 != remote_as) {
1526 /* raise error, log this, close session */
af4c2728 1527 flog_err(
e50f7cfd 1528 EC_BGP_PKT_OPEN,
3efd0893 1529 "%s bad OPEN, got AS4 capability, but remote_as %u mismatch with 16bit 'myasn' %u in open",
d62a17ae 1530 peer->host, as4, remote_as);
1531 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1532 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1533 notify_data_remote_as4, 4);
d8151687 1534 return BGP_Stop;
d62a17ae 1535 }
1536 }
6b0655a2 1537
787c3020
DA		 1538 /* rfc6286:
1539 * If the BGP Identifier field of the OPEN message
1540 * is zero, or if it is the same as the BGP Identifier
1541 * of the local BGP speaker and the message is from an
1542 * internal peer, then the Error Subcode is set to
1543 * "Bad BGP Identifier".
1544 */
975a328e 1545 if (remote_id.s_addr == INADDR_ANY
787c3020
DA		 1546 || (peer->sort == BGP_PEER_IBGP
1547 && ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr))) {
d62a17ae 1548 if (bgp_debug_neighbor_events(peer))
23d0a753
DA		 1549 zlog_debug("%s bad OPEN, wrong router identifier %pI4",
1550 peer->host, &remote_id);
d62a17ae 1551 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1552 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1553 notify_data_remote_id, 4);
d8151687 1554 return BGP_Stop;
d62a17ae 1555 }
1556
d62a17ae 1557 /* Peer BGP version check. */
1558 if (version != BGP_VERSION_4) {
d7c0a89a 1559 uint16_t maxver = htons(BGP_VERSION_4);
d62a17ae 1560 /* XXX this reply may not be correct if version < 4 XXX */
1561 if (bgp_debug_neighbor_events(peer))
1562 zlog_debug(
1563 "%s bad protocol version, remote requested %d, local request %d",
1564 peer->host, version, BGP_VERSION_4);
1565 /* Data must be in network byte order here */
1566 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1567 BGP_NOTIFY_OPEN_UNSUP_VERSION,
d7c0a89a 1568 (uint8_t *)&maxver, 2);
d8151687 1569 return BGP_Stop;
d62a17ae 1570 }
1571
1572 /* Check neighbor as number. */
1573 if (peer->as_type == AS_UNSPECIFIED) {
1574 if (bgp_debug_neighbor_events(peer))
1575 zlog_debug(
1576 "%s bad OPEN, remote AS is unspecified currently",
1577 peer->host);
1578 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1579 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1580 notify_data_remote_as, 2);
d8151687 1581 return BGP_Stop;
d62a17ae 1582 } else if (peer->as_type == AS_INTERNAL) {
1583 if (remote_as != peer->bgp->as) {
1584 if (bgp_debug_neighbor_events(peer))
1585 zlog_debug(
1586 "%s bad OPEN, remote AS is %u, internal specified",
1587 peer->host, remote_as);
1588 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1589 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1590 notify_data_remote_as, 2);
d8151687 1591 return BGP_Stop;
1ff9a340 1592 }
d62a17ae 1593 peer->as = peer->local_as;
1594 } else if (peer->as_type == AS_EXTERNAL) {
1595 if (remote_as == peer->bgp->as) {
1596 if (bgp_debug_neighbor_events(peer))
1597 zlog_debug(
1598 "%s bad OPEN, remote AS is %u, external specified",
1599 peer->host, remote_as);
1600 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1601 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1602 notify_data_remote_as, 2);
d8151687 1603 return BGP_Stop;
1ff9a340 1604 }
d62a17ae 1605 peer->as = remote_as;
1606 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1607 if (bgp_debug_neighbor_events(peer))
1608 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1609 peer->host, remote_as, peer->as);
1610 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1611 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1612 notify_data_remote_as, 2);
d8151687 1613 return BGP_Stop;
eb821189 1614 }
718e3744 1615
7a75470f
DS		 1616 /*
1617 * When collision is detected and this peer is closed.
1618 * Return immediately.
1619 */
1620 ret = bgp_collision_detect(peer, remote_id);
1621 if (ret < 0)
1622 return BGP_Stop;
1623
1624 /* Get sockname. */
1625 if (bgp_getsockname(peer) < 0) {
1626 flog_err_sys(EC_LIB_SOCKET,
1627 "%s: bgp_getsockname() failed for peer: %s",
1628 __func__, peer->host);
1629 return BGP_Stop;
1630 }
1631
1632 /* Set remote router-id */
1633 peer->remote_id = remote_id;
1634
d62a17ae 1635 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1636 calculate the value of the Hold Timer by using the smaller of its
1637 configured Hold Time and the Hold Time received in the OPEN message.
1638 The Hold Time MUST be either zero or at least three seconds. An
1639 implementation may reject connections on the basis of the Hold Time.
0b2aa3a0 1640 */
d62a17ae 1641
1642 if (holdtime < 3 && holdtime != 0) {
b042667a
TI		 1643 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1644 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1645 (uint8_t *)holdtime_ptr, 2);
1646 return BGP_Stop;
1647 }
1648
1649 /* Send notification message when Hold Time received in the OPEN message
1650 * is smaller than configured minimum Hold Time. */
1651 if (holdtime < peer->bgp->default_min_holdtime
1652 && peer->bgp->default_min_holdtime != 0) {
d62a17ae 1653 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1654 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
d7c0a89a 1655 (uint8_t *)holdtime_ptr, 2);
d8151687 1656 return BGP_Stop;
0b2aa3a0 1657 }
d62a17ae 1658
1659 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1660 would be one third of the Hold Time interval. KEEPALIVE messages
1661 MUST NOT be sent more frequently than one per second. An
1662 implementation MAY adjust the rate at which it sends KEEPALIVE
1663 messages as a function of the Hold Time interval. */
1664
b90a8e13 1665 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
d62a17ae 1666 send_holdtime = peer->holdtime;
1667 else
1668 send_holdtime = peer->bgp->default_holdtime;
1669
1670 if (holdtime < send_holdtime)
1671 peer->v_holdtime = holdtime;
1672 else
1673 peer->v_holdtime = send_holdtime;
1674
7aa4fd5b
TA		 1675 /* Set effective keepalive to 1/3 the effective holdtime.
1676 * Use configured keeplive when < effective keepalive.
1677 */
1678 peer->v_keepalive = peer->v_holdtime / 3;
1679 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER)) {
1680 if (peer->keepalive && peer->keepalive < peer->v_keepalive)
1681 peer->v_keepalive = peer->keepalive;
1682 } else {
1683 if (peer->bgp->default_keepalive
1684 && peer->bgp->default_keepalive < peer->v_keepalive)
1685 peer->v_keepalive = peer->bgp->default_keepalive;
1686 }
d62a17ae 1687
234f6fd4
DA		 1688 /* If another side disabled sending Software Version capability,
1689 * we MUST drop the previous from showing in the outputs to avoid
1690 * stale information and due to security reasons.
1691 */
1692 if (peer->soft_version)
1693 XFREE(MTYPE_BGP_SOFT_VERSION, peer->soft_version);
1694
d62a17ae 1695 /* Open option part parse. */
1696 if (optlen != 0) {
1bb379bf 1697 if (bgp_open_option_parse(peer, optlen, &mp_capability) < 0)
d8151687 1698 return BGP_Stop;
d62a17ae 1699 } else {
1700 if (bgp_debug_neighbor_events(peer))
1701 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1702 peer->host);
0299c004 1703 }
d62a17ae 1704
1705 /*
1706 * Assume that the peer supports the locally configured set of
1707 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1708 * capabilities, or if 'override-capability' is configured.
1709 */
1710 if (!mp_capability
1711 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1712 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1713 peer->afc[AFI_IP][SAFI_UNICAST];
1714 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1715 peer->afc[AFI_IP][SAFI_MULTICAST];
1716 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1717 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
7c40bf39 1718 peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] =
1719 peer->afc[AFI_IP][SAFI_FLOWSPEC];
d62a17ae 1720 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1721 peer->afc[AFI_IP6][SAFI_UNICAST];
1722 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1723 peer->afc[AFI_IP6][SAFI_MULTICAST];
1724 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1725 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1726 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1727 peer->afc[AFI_L2VPN][SAFI_EVPN];
7c40bf39 1728 peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] =
1729 peer->afc[AFI_IP6][SAFI_FLOWSPEC];
0299c004 1730 }
d62a17ae 1731
d62a17ae 1732 /* Verify valid local address present based on negotiated
1733 * address-families. */
1734 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
e5f22b30 1735 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
d62a17ae 1736 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1737 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1738 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
975a328e 1739 if (peer->nexthop.v4.s_addr == INADDR_ANY) {
d62a17ae 1740#if defined(HAVE_CUMULUS)
50121ac0
DS		 1741 zlog_warn("%s: No local IPv4 addr, BGP routing may not work",
1742 peer->host);
1d808091 1743#endif
d62a17ae 1744 }
1745 }
1746 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
e5f22b30 1747 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
d62a17ae 1748 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1749 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1750 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1751 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1752#if defined(HAVE_CUMULUS)
50121ac0
DS		 1753 zlog_warn("%s: No local IPv6 address, BGP routing may not work",
1754 peer->host);
1d808091 1755#endif
d62a17ae 1756 }
1757 }
1758 peer->rtt = sockopt_tcp_rtt(peer->fd);
1759
d8151687 1760 return Receive_OPEN_message;
718e3744 1761}
1762
d8151687
QY		 1763/**
1764 * Process BGP KEEPALIVE message for peer.
1765 *
1766 * @param peer
1767 * @param size size of the packet
1768 * @return as in summary
1769 */
1770static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
f188f2c4 1771{
d8151687
QY		 1772 if (bgp_debug_keepalive(peer))
1773 zlog_debug("%s KEEPALIVE rcvd", peer->host);
d62a17ae 1774
d8151687 1775 bgp_update_implicit_eors(peer);
d62a17ae 1776
e410d563
DA		 1777 peer->rtt = sockopt_tcp_rtt(peer->fd);
1778
8336c896
DA		 1779 /* If the peer's RTT is higher than expected, shutdown
1780 * the peer automatically.
1781 */
5597214c
DA		 1782 if (!CHECK_FLAG(peer->flags, PEER_FLAG_RTT_SHUTDOWN))
1783 return Receive_KEEPALIVE_message;
8336c896 1784
5597214c 1785 if (peer->rtt > peer->rtt_expected) {
8336c896
DA		 1786 peer->rtt_keepalive_rcv++;
1787
1788 if (peer->rtt_keepalive_rcv > peer->rtt_keepalive_conf) {
5597214c
DA		 1789 char rtt_shutdown_reason[BUFSIZ] = {};
1790
1791 snprintfrr(
1792 rtt_shutdown_reason,
1793 sizeof(rtt_shutdown_reason),
1794 "shutdown due to high round-trip-time (%dms > %dms, hit %u times)",
1795 peer->rtt, peer->rtt_expected,
1796 peer->rtt_keepalive_rcv);
1797 zlog_warn("%s %s", peer->host, rtt_shutdown_reason);
1798 SET_FLAG(peer->sflags, PEER_STATUS_RTT_SHUTDOWN);
1799 peer_tx_shutdown_message_set(peer, rtt_shutdown_reason);
8336c896
DA		 1800 peer_flag_set(peer, PEER_FLAG_SHUTDOWN);
1801 }
1802 } else {
1803 if (peer->rtt_keepalive_rcv)
1804 peer->rtt_keepalive_rcv--;
1805 }
1806
d8151687 1807 return Receive_KEEPALIVE_message;
f188f2c4
DS		 1808}
1809
cc9f21da 1810static void bgp_refresh_stalepath_timer_expire(struct thread *thread)
9af52ccf
DA		 1811{
1812 struct peer_af *paf;
1813
1814 paf = THREAD_ARG(thread);
1815
1816 afi_t afi = paf->afi;
1817 safi_t safi = paf->safi;
1818 struct peer *peer = paf->peer;
1819
1820 peer->t_refresh_stalepath = NULL;
1821
1822 if (peer->nsf[afi][safi])
1823 bgp_clear_stale_route(peer, afi, safi);
1824
1825 if (bgp_debug_neighbor_events(peer))
a7d91a8c 1826 zlog_debug(
f70c91dc
DA		 1827 "%pBP route-refresh (BoRR) timer expired for afi/safi: %d/%d",
1828 peer, afi, safi);
9af52ccf
DA		 1829
1830 bgp_timer_set(peer);
9af52ccf 1831}
d62a17ae 1832
d8151687
QY		 1833/**
1834 * Process BGP UPDATE message for peer.
1835 *
1836 * Parses UPDATE and creates attribute object.
1837 *
1838 * @param peer
1839 * @param size size of the packet
1840 * @return as in summary
7ef5a232 1841 */
d62a17ae 1842static int bgp_update_receive(struct peer *peer, bgp_size_t size)
718e3744 1843{
d62a17ae 1844 int ret, nlri_ret;
d7c0a89a 1845 uint8_t *end;
d62a17ae 1846 struct stream *s;
1847 struct attr attr;
1848 bgp_size_t attribute_len;
1849 bgp_size_t update_len;
1850 bgp_size_t withdraw_len;
f009ff26 1851 bool restart = false;
d62a17ae 1852
1853 enum NLRI_TYPES {
1854 NLRI_UPDATE,
1855 NLRI_WITHDRAW,
1856 NLRI_MP_UPDATE,
1857 NLRI_MP_WITHDRAW,
1858 NLRI_TYPE_MAX
1859 };
1860 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1861
1862 /* Status must be Established. */
feb17238 1863 if (!peer_established(peer)) {
e50f7cfd 1864 flog_err(EC_BGP_INVALID_STATUS,
1c50c1c0
QY		 1865 "%s [FSM] Update packet received under status %s",
1866 peer->host,
1867 lookup_msg(bgp_status_msg, peer->status, NULL));
0e35025e 1868 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
3893aeee 1869 bgp_fsm_error_subcode(peer->status));
d8151687 1870 return BGP_Stop;
d62a17ae 1871 }
1872
1873 /* Set initial values. */
6006b807 1874 memset(&attr, 0, sizeof(attr));
d62a17ae 1875 attr.label_index = BGP_INVALID_LABEL_INDEX;
1876 attr.label = MPLS_INVALID_LABEL;
1877 memset(&nlris, 0, sizeof(nlris));
1878 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1879 peer->rcvd_attr_printed = 0;
1880
424ab01d 1881 s = peer->curr;
d62a17ae 1882 end = stream_pnt(s) + size;
1883
1884 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1885 Length is too large (i.e., if Unfeasible Routes Length + Total
1886 Attribute Length + 23 exceeds the message Length), then the Error
1887 Subcode is set to Malformed Attribute List. */
1888 if (stream_pnt(s) + 2 > end) {
e50f7cfd 1889 flog_err(EC_BGP_UPDATE_RCV,
3efd0893 1890 "%s [Error] Update packet error (packet length is short for unfeasible length)",
1c50c1c0 1891 peer->host);
d62a17ae 1892 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1893 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1894 return BGP_Stop;
d62a17ae 1895 }
1896
1897 /* Unfeasible Route Length. */
1898 withdraw_len = stream_getw(s);
1899
1900 /* Unfeasible Route Length check. */
1901 if (stream_pnt(s) + withdraw_len > end) {
e50f7cfd 1902 flog_err(EC_BGP_UPDATE_RCV,
3efd0893 1903 "%s [Error] Update packet error (packet unfeasible length overflow %d)",
1c50c1c0 1904 peer->host, withdraw_len);
d62a17ae 1905 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1906 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1907 return BGP_Stop;
d62a17ae 1908 }
1909
1910 /* Unfeasible Route packet format check. */
1911 if (withdraw_len > 0) {
1912 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1913 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1914 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1915 nlris[NLRI_WITHDRAW].length = withdraw_len;
1916 stream_forward_getp(s, withdraw_len);
1917 }
1918
1919 /* Attribute total length check. */
1920 if (stream_pnt(s) + 2 > end) {
ade6974d 1921 flog_warn(
e50f7cfd 1922 EC_BGP_UPDATE_PACKET_SHORT,
ade6974d
QY		 1923 "%s [Error] Packet Error (update packet is short for attribute length)",
1924 peer->host);
d62a17ae 1925 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1926 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1927 return BGP_Stop;
d62a17ae 1928 }
1929
1930 /* Fetch attribute total length. */
1931 attribute_len = stream_getw(s);
1932
1933 /* Attribute length check. */
1934 if (stream_pnt(s) + attribute_len > end) {
ade6974d 1935 flog_warn(
e50f7cfd 1936 EC_BGP_UPDATE_PACKET_LONG,
ade6974d
QY		 1937 "%s [Error] Packet Error (update packet attribute length overflow %d)",
1938 peer->host, attribute_len);
d62a17ae 1939 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1940 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1941 return BGP_Stop;
d62a17ae 1942 }
1943
1944 /* Certain attribute parsing errors should not be considered bad enough
1945 * to reset the session for, most particularly any partial/optional
1946 * attributes that have 'tunneled' over speakers that don't understand
1947 * them. Instead we withdraw only the prefix concerned.
1948 *
1949 * Complicates the flow a little though..
1950 */
79288e4c 1951 enum bgp_attr_parse_ret attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
d62a17ae 1952/* This define morphs the update case into a withdraw when lower levels
1953 * have signalled an error condition where this is best.
1954 */
b881c707 1955#define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
718e3744 1956
d62a17ae 1957 /* Parse attribute when it exists. */
1958 if (attribute_len) {
1959 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1960 &nlris[NLRI_MP_UPDATE],
1961 &nlris[NLRI_MP_WITHDRAW]);
1962 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1963 bgp_attr_unintern_sub(&attr);
d8151687 1964 return BGP_Stop;
d62a17ae 1965 }
1966 }
1967
1968 /* Logging the attribute. */
1969 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1970 || BGP_DEBUG(update, UPDATE_IN)
1971 || BGP_DEBUG(update, UPDATE_PREFIX)) {
5022c833
DA		 1972 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str,
1973 sizeof(peer->rcvd_attr_str));
d62a17ae 1974
b4d46cc9
DL		 1975 peer->stat_upd_7606++;
1976
d62a17ae 1977 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
af4c2728 1978 flog_err(
e50f7cfd 1979 EC_BGP_UPDATE_RCV,
f70c91dc
DA		 1980 "%pBP rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1981 peer);
d62a17ae 1982
1983 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
f70c91dc 1984 zlog_debug("%pBP rcvd UPDATE w/ attr: %s", peer,
d62a17ae 1985 peer->rcvd_attr_str);
1986 peer->rcvd_attr_printed = 1;
1987 }
1988 }
1989
1990 /* Network Layer Reachability Information. */
1991 update_len = end - stream_pnt(s);
1992
1993 if (update_len) {
1994 /* Set NLRI portion to structure. */
1995 nlris[NLRI_UPDATE].afi = AFI_IP;
1996 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1997 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1998 nlris[NLRI_UPDATE].length = update_len;
1999 stream_forward_getp(s, update_len);
9738e9aa 2000
2001 if (CHECK_FLAG(attr.flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
2002 /*
2003 * We skipped nexthop attribute validation earlier so
2004 * validate the nexthop now.
2005 */
2006 if (bgp_attr_nexthop_valid(peer, &attr) < 0) {
2007 bgp_attr_unintern_sub(&attr);
2008 return BGP_Stop;
2009 }
2010 }
d62a17ae 2011 }
2012
2013 if (BGP_DEBUG(update, UPDATE_IN))
f70c91dc
DA		 2014 zlog_debug("%pBP rcvd UPDATE wlen %d attrlen %d alen %d", peer,
2015 withdraw_len, attribute_len, update_len);
d62a17ae 2016
2017 /* Parse any given NLRIs */
2018 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
2019 if (!nlris[i].nlri)
2020 continue;
2021
2022 /* NLRI is processed iff the peer if configured for the specific
2023 * afi/safi */
2024 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
2025 zlog_info(
2026 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
2027 peer->host, nlris[i].afi, nlris[i].safi);
2028 continue;
2029 }
2030
2031 /* EoR handled later */
2032 if (nlris[i].length == 0)
2033 continue;
2034
2035 switch (i) {
2036 case NLRI_UPDATE:
2037 case NLRI_MP_UPDATE:
2038 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
2039 &nlris[i], 0);
2040 break;
2041 case NLRI_WITHDRAW:
2042 case NLRI_MP_WITHDRAW:
b1d7888f
DA		 2043 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
2044 &nlris[i], 1);
d62a17ae 2045 break;
2046 default:
513386b5 2047 nlri_ret = BGP_NLRI_PARSE_ERROR;
d62a17ae 2048 }
2049
513386b5
DA		 2050 if (nlri_ret < BGP_NLRI_PARSE_OK
2051 && nlri_ret != BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW) {
e50f7cfd 2052 flog_err(EC_BGP_UPDATE_RCV,
1c50c1c0 2053 "%s [Error] Error parsing NLRI", peer->host);
feb17238 2054 if (peer_established(peer))
d62a17ae 2055 bgp_notify_send(
2056 peer, BGP_NOTIFY_UPDATE_ERR,
2057 i <= NLRI_WITHDRAW
2058 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
2059 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
2060 bgp_attr_unintern_sub(&attr);
d8151687 2061 return BGP_Stop;
d62a17ae 2062 }
2063 }
2064
2065 /* EoR checks
2066 *
2067 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
2068 * and MP EoR should have only an empty MP_UNREACH
2069 */
996c9314
LB		 2070 if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
2071 || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
d62a17ae 2072 afi_t afi = 0;
2073 safi_t safi;
f009ff26 2074 struct graceful_restart_info *gr_info;
2075
2076 /* Restarting router */
36235319
QY		 2077 if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer)
2078 && BGP_PEER_RESTARTING_MODE(peer))
f009ff26 2079 restart = true;
d62a17ae 2080
2081 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
2082 * checked
2083 * update and withdraw NLRI lengths are 0.
2084 */
2085 if (!attribute_len) {
2086 afi = AFI_IP;
2087 safi = SAFI_UNICAST;
2088 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
2089 && nlris[NLRI_MP_WITHDRAW].length == 0) {
2090 afi = nlris[NLRI_MP_WITHDRAW].afi;
2091 safi = nlris[NLRI_MP_WITHDRAW].safi;
9b9df989
DS		 2092 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
2093 afi = nlris[NLRI_MP_UPDATE].afi;
2094 safi = nlris[NLRI_MP_UPDATE].safi;
d62a17ae 2095 }
2096
2097 if (afi && peer->afc[afi][safi]) {
e82d19a3
DS		 2098 struct vrf *vrf = vrf_lookup_by_id(peer->bgp->vrf_id);
2099
d62a17ae 2100 /* End-of-RIB received */
2101 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
2102 PEER_STATUS_EOR_RECEIVED)) {
2103 SET_FLAG(peer->af_sflags[afi][safi],
2104 PEER_STATUS_EOR_RECEIVED);
2105 bgp_update_explicit_eors(peer);
f009ff26 2106 /* Update graceful restart information */
2107 gr_info = &(peer->bgp->gr_info[afi][safi]);
2108 if (restart)
2109 gr_info->eor_received++;
2110 /* If EOR received from all peers and selection
2111 * deferral timer is running, cancel the timer
2112 * and invoke the best path calculation
2113 */
36235319
QY		 2114 if (gr_info->eor_required
2115 == gr_info->eor_received) {
2116 if (bgp_debug_neighbor_events(peer))
2117 zlog_debug(
2118 "%s %d, %s %d",
f009ff26 2119 "EOR REQ",
2120 gr_info->eor_required,
2121 "EOR RCV",
2122 gr_info->eor_received);
b96b4f1c
SB		 2123 if (gr_info->t_select_deferral) {
2124 void *info = THREAD_ARG(
2125 gr_info->t_select_deferral);
2126 XFREE(MTYPE_TMP, info);
2127 }
fa5806c3 2128 THREAD_OFF(gr_info->t_select_deferral);
f009ff26 2129 gr_info->eor_required = 0;
2130 gr_info->eor_received = 0;
2131 /* Best path selection */
42c93837
DA		 2132 bgp_best_path_select_defer(peer->bgp,
2133 afi, safi);
f009ff26 2134 }
d62a17ae 2135 }
2136
2137 /* NSF delete stale route */
2138 if (peer->nsf[afi][safi])
2139 bgp_clear_stale_route(peer, afi, safi);
2140
1479ed2f
DA		 2141 zlog_info(
2142 "%s: rcvd End-of-RIB for %s from %s in vrf %s",
2143 __func__, get_afi_safi_str(afi, safi, false),
2144 peer->host, vrf ? vrf->name : VRF_DEFAULT_NAME);
2145 }
f80f838b 2146 }
d62a17ae 2147
2148 /* Everything is done. We unintern temporary structures which
2149 interned in bgp_attr_parse(). */
2150 bgp_attr_unintern_sub(&attr);
2151
083ec940 2152 peer->update_time = monotime(NULL);
d62a17ae 2153
c385f82a
MK		 2154 /* Notify BGP Conditional advertisement scanner process */
2155 peer->advmap_table_change = true;
2156
d8151687 2157 return Receive_UPDATE_message;
718e3744 2158}
2159
d8151687
QY		 2160/**
2161 * Process BGP NOTIFY message for peer.
2162 *
2163 * @param peer
2164 * @param size size of the packet
2165 * @return as in summary
2166 */
2167static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
718e3744 2168{
10d476d4
DA		 2169 struct bgp_notify outer = {};
2170 struct bgp_notify inner = {};
eea685b6 2171 bool hard_reset = false;
d62a17ae 2172
2173 if (peer->notify.data) {
eea685b6 2174 XFREE(MTYPE_BGP_NOTIFICATION, peer->notify.data);
d62a17ae 2175 peer->notify.length = 0;
e7ce634f 2176 peer->notify.hard_reset = false;
d62a17ae 2177 }
2178
eea685b6
DA		 2179 outer.code = stream_getc(peer->curr);
2180 outer.subcode = stream_getc(peer->curr);
2181 outer.length = size - 2;
2182 outer.data = NULL;
2183 outer.raw_data = NULL;
2184 if (outer.length) {
2185 outer.raw_data = XMALLOC(MTYPE_BGP_NOTIFICATION, outer.length);
2186 memcpy(outer.raw_data, stream_pnt(peer->curr), outer.length);
2187 }
2188
1ae314be
DA		 2189 hard_reset =
2190 bgp_notify_received_hard_reset(peer, outer.code, outer.subcode);
eea685b6
DA		 2191 if (hard_reset && outer.length) {
2192 inner = bgp_notify_decapsulate_hard_reset(&outer);
2193 peer->notify.hard_reset = true;
2194 } else {
2195 inner = outer;
2196 }
d62a17ae 2197
2198 /* Preserv notify code and sub code. */
eea685b6
DA		 2199 peer->notify.code = inner.code;
2200 peer->notify.subcode = inner.subcode;
d62a17ae 2201 /* For further diagnostic record returned Data. */
eea685b6
DA		 2202 if (inner.length) {
2203 peer->notify.length = inner.length;
2204 peer->notify.data =
2205 XMALLOC(MTYPE_BGP_NOTIFICATION, inner.length);
2206 memcpy(peer->notify.data, inner.raw_data, inner.length);
d62a17ae 2207 }
2208
2209 /* For debug */
2210 {
2211 int i;
2212 int first = 0;
2213 char c[4];
2214
eea685b6
DA		 2215 if (inner.length) {
2216 inner.data = XMALLOC(MTYPE_BGP_NOTIFICATION,
2217 inner.length * 3);
2218 for (i = 0; i < inner.length; i++)
d62a17ae 2219 if (first) {
552d6491 2220 snprintf(c, sizeof(c), " %02x",
424ab01d 2221 stream_getc(peer->curr));
f009ff26 2222
eea685b6
DA		 2223 strlcat(inner.data, c,
2224 inner.length * 3);
f009ff26 2225
d62a17ae 2226 } else {
2227 first = 1;
552d6491
QY		 2228 snprintf(c, sizeof(c), "%02x",
2229 stream_getc(peer->curr));
f009ff26 2230
eea685b6
DA		 2231 strlcpy(inner.data, c,
2232 inner.length * 3);
d62a17ae 2233 }
d62a17ae 2234 }
2235
eea685b6 2236 bgp_notify_print(peer, &inner, "received", hard_reset);
10d476d4 2237 if (inner.length) {
eea685b6
DA		 2238 XFREE(MTYPE_BGP_NOTIFICATION, inner.data);
2239 inner.length = 0;
2240 }
2241 if (outer.length) {
2242 XFREE(MTYPE_BGP_NOTIFICATION, outer.data);
10d476d4 2243 XFREE(MTYPE_BGP_NOTIFICATION, outer.raw_data);
c73d2363
DA		 2244
2245 /* If this is a Hard Reset notification, we MUST free
2246 * the inner (encapsulated) notification too.
2247 */
2248 if (hard_reset)
2249 XFREE(MTYPE_BGP_NOTIFICATION, inner.raw_data);
eea685b6 2250 outer.length = 0;
d62a17ae 2251 }
2252 }
2253
2254 /* peer count update */
0112e9e0 2255 atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
d62a17ae 2256
2257 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
2258
2259 /* We have to check for Notify with Unsupported Optional Parameter.
2260 in that case we fallback to open without the capability option.
2261 But this done in bgp_stop. We just mark it here to avoid changing
2262 the fsm tables. */
eea685b6
DA		 2263 if (inner.code == BGP_NOTIFY_OPEN_ERR &&
2264 inner.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
d62a17ae 2265 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
2266
20170775
DA		 2267 /* If Graceful-Restart N-bit (Notification) is exchanged,
2268 * and it's not a Hard Reset, let's retain the routes.
2269 */
2270 if (bgp_has_graceful_restart_notification(peer) && !hard_reset &&
2271 CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE))
2272 SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT);
2273
5cce3f05 2274 bgp_peer_gr_flags_update(peer);
36235319
QY		 2275 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
2276 peer->bgp->peer);
5cce3f05 2277
d8151687 2278 return Receive_NOTIFICATION_message;
718e3744 2279}
2280
d8151687
QY		 2281/**
2282 * Process BGP ROUTEREFRESH message for peer.
2283 *
2284 * @param peer
2285 * @param size size of the packet
2286 * @return as in summary
2287 */
2288static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
718e3744 2289{
d62a17ae 2290 iana_afi_t pkt_afi;
2291 afi_t afi;
5c525538
RW		 2292 iana_safi_t pkt_safi;
2293 safi_t safi;
d62a17ae 2294 struct stream *s;
2295 struct peer_af *paf;
2296 struct update_group *updgrp;
2297 struct peer *updgrp_peer;
9af52ccf 2298 uint8_t subtype;
e1a32ec1 2299 bool force_update = false;
9af52ccf
DA		 2300 bgp_size_t msg_length =
2301 size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE);
d62a17ae 2302
2303 /* If peer does not have the capability, send notification. */
2304 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
e50f7cfd 2305 flog_err(EC_BGP_NO_CAP,
1c50c1c0
QY		 2306 "%s [Error] BGP route refresh is not enabled",
2307 peer->host);
d62a17ae 2308 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2309 BGP_NOTIFY_HEADER_BAD_MESTYPE);
d8151687 2310 return BGP_Stop;
d62a17ae 2311 }
2312
2313 /* Status must be Established. */
feb17238 2314 if (!peer_established(peer)) {
af4c2728 2315 flog_err(
e50f7cfd 2316 EC_BGP_INVALID_STATUS,
d62a17ae 2317 "%s [Error] Route refresh packet received under status %s",
2318 peer->host,
2319 lookup_msg(bgp_status_msg, peer->status, NULL));
0e35025e 2320 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
3893aeee 2321 bgp_fsm_error_subcode(peer->status));
d8151687 2322 return BGP_Stop;
d62a17ae 2323 }
2324
424ab01d 2325 s = peer->curr;
d62a17ae 2326
2327 /* Parse packet. */
2328 pkt_afi = stream_getw(s);
9af52ccf 2329 subtype = stream_getc(s);
d62a17ae 2330 pkt_safi = stream_getc(s);
2331
d62a17ae 2332 /* Convert AFI, SAFI to internal values and check. */
2333 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
2334 zlog_info(
748a041f
DS		 2335 "%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
2336 peer->host, iana_afi2str(pkt_afi),
2337 iana_safi2str(pkt_safi));
d8151687 2338 return BGP_PACKET_NOOP;
d62a17ae 2339 }
2340
2341 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
d7c0a89a
QY		 2342 uint8_t *end;
2343 uint8_t when_to_refresh;
2344 uint8_t orf_type;
2345 uint16_t orf_len;
d62a17ae 2346
9af52ccf
DA		 2347 if (subtype) {
2348 /* If the length, excluding the fixed-size message
2349 * header, of the received ROUTE-REFRESH message with
2350 * Message Subtype 1 and 2 is not 4, then the BGP
2351 * speaker MUST send a NOTIFICATION message with the
2352 * Error Code of "ROUTE-REFRESH Message Error" and the
2353 * subcode of "Invalid Message Length".
2354 */
2355 if (msg_length != 4) {
2356 zlog_err(
2357 "%s Enhanced Route Refresh message length error",
2358 peer->host);
2359 bgp_notify_send(
2360 peer, BGP_NOTIFY_ROUTE_REFRESH_ERR,
2361 BGP_NOTIFY_ROUTE_REFRESH_INVALID_MSG_LEN);
2362 }
2363
2364 /* When the BGP speaker receives a ROUTE-REFRESH message
2365 * with a "Message Subtype" field other than 0, 1, or 2,
2366 * it MUST ignore the received ROUTE-REFRESH message.
2367 */
2368 if (subtype > 2)
2369 zlog_err(
2370 "%s Enhanced Route Refresh invalid subtype",
2371 peer->host);
2372 }
2373
2374 if (msg_length < 5) {
d62a17ae 2375 zlog_info("%s ORF route refresh length error",
2376 peer->host);
0e35025e
DA		 2377 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2378 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2379 return BGP_Stop;
718e3744 2380 }
2381
d62a17ae 2382 when_to_refresh = stream_getc(s);
2383 end = stream_pnt(s) + (size - 5);
2384
2385 while ((stream_pnt(s) + 2) < end) {
2386 orf_type = stream_getc(s);
2387 orf_len = stream_getw(s);
2388
2389 /* orf_len in bounds? */
2390 if ((stream_pnt(s) + orf_len) > end)
2391 break; /* XXX: Notify instead?? */
2392 if (orf_type == ORF_TYPE_PREFIX
2393 || orf_type == ORF_TYPE_PREFIX_OLD) {
2394 uint8_t *p_pnt = stream_pnt(s);
2395 uint8_t *p_end = stream_pnt(s) + orf_len;
2396 struct orf_prefix orfp;
d7c0a89a
QY		 2397 uint8_t common = 0;
2398 uint32_t seq;
d62a17ae 2399 int psize;
2400 char name[BUFSIZ];
2401 int ret = CMD_SUCCESS;
2402
2403 if (bgp_debug_neighbor_events(peer)) {
2404 zlog_debug(
f70c91dc
DA		 2405 "%pBP rcvd Prefixlist ORF(%d) length %d",
2406 peer, orf_type, orf_len);
d62a17ae 2407 }
2408
f1aa4929
DA		 2409 /* ORF prefix-list name */
2410 snprintf(name, sizeof(name), "%s.%d.%d",
2411 peer->host, afi, safi);
2412
d62a17ae 2413 /* we're going to read at least 1 byte of common
2414 * ORF header,
2415 * and 7 bytes of ORF Address-filter entry from
2416 * the stream
2417 */
f1aa4929
DA		 2418 if (*p_pnt & ORF_COMMON_PART_REMOVE_ALL) {
2419 if (bgp_debug_neighbor_events(peer))
2420 zlog_debug(
2421 "%pBP rcvd Remove-All pfxlist ORF request",
2422 peer);
2423 prefix_bgp_orf_remove_all(afi, name);
d62a17ae 2424 break;
f1aa4929 2425 }
d62a17ae 2426
f1aa4929
DA		 2427 if (orf_len < 7)
2428 break;
d62a17ae 2429
2430 while (p_pnt < p_end) {
2431 /* If the ORF entry is malformed, want
2432 * to read as much of it
2433 * as possible without going beyond the
2434 * bounds of the entry,
2435 * to maximise debug information.
2436 */
2437 int ok;
6006b807 2438 memset(&orfp, 0, sizeof(orfp));
d62a17ae 2439 common = *p_pnt++;
2440 /* after ++: p_pnt <= p_end */
d7c0a89a
QY		 2441 ok = ((uint32_t)(p_end - p_pnt)
2442 >= sizeof(uint32_t));
d62a17ae 2443 if (ok) {
2444 memcpy(&seq, p_pnt,
d7c0a89a
QY		 2445 sizeof(uint32_t));
2446 p_pnt += sizeof(uint32_t);
d62a17ae 2447 orfp.seq = ntohl(seq);
2448 } else
2449 p_pnt = p_end;
2450
5ca840a3 2451 /* val checked in prefix_bgp_orf_set */
1bb379bf 2452 if (p_pnt < p_end)
5ca840a3
DS		 2453 orfp.ge = *p_pnt++;
2454
2455 /* val checked in prefix_bgp_orf_set */
1bb379bf 2456 if (p_pnt < p_end)
5ca840a3
DS		 2457 orfp.le = *p_pnt++;
2458
d62a17ae 2459 if ((ok = (p_pnt < p_end)))
2460 orfp.p.prefixlen = *p_pnt++;
5ca840a3
DS		 2461
2462 /* afi checked already */
2463 orfp.p.family = afi2family(afi);
2464
2465 /* 0 if not ok */
2466 psize = PSIZE(orfp.p.prefixlen);
2467 /* valid for family ? */
2468 if (psize > prefix_blen(&orfp.p)) {
d62a17ae 2469 ok = 0;
2470 psize = prefix_blen(&orfp.p);
2471 }
5ca840a3
DS		 2472 /* valid for packet ? */
2473 if (psize > (p_end - p_pnt)) {
d62a17ae 2474 ok = 0;
2475 psize = p_end - p_pnt;
2476 }
2477
2478 if (psize > 0)
2479 memcpy(&orfp.p.u.prefix, p_pnt,
2480 psize);
2481 p_pnt += psize;
2482
2483 if (bgp_debug_neighbor_events(peer)) {
2484 char buf[INET6_BUFSIZ];
2485
2486 zlog_debug(
f70c91dc
DA		 2487 "%pBP rcvd %s %s seq %u %s/%d ge %d le %d%s",
2488 peer,
d62a17ae 2489 (common & ORF_COMMON_PART_REMOVE
2490 ? "Remove"
2491 : "Add"),
2492 (common & ORF_COMMON_PART_DENY
2493 ? "deny"
2494 : "permit"),
2495 orfp.seq,
2496 inet_ntop(
2497 orfp.p.family,
2498 &orfp.p.u.prefix,
2499 buf,
2500 INET6_BUFSIZ),
2501 orfp.p.prefixlen,
2502 orfp.ge, orfp.le,
2503 ok ? "" : " MALFORMED");
2504 }
2505
2506 if (ok)
2507 ret = prefix_bgp_orf_set(
2508 name, afi, &orfp,
2509 (common & ORF_COMMON_PART_DENY
2510 ? 0
2511 : 1),
2512 (common & ORF_COMMON_PART_REMOVE
2513 ? 0
2514 : 1));
2515
2516 if (!ok || (ok && ret != CMD_SUCCESS)) {
2517 zlog_info(
f70c91dc
DA		 2518 "%pBP Received misformatted prefixlist ORF. Remove All pfxlist",
2519 peer);
d62a17ae 2520 prefix_bgp_orf_remove_all(afi,
2521 name);
2522 break;
2523 }
2524 }
2525
2526 peer->orf_plist[afi][safi] =
2527 prefix_bgp_orf_lookup(afi, name);
2528 }
2529 stream_forward_getp(s, orf_len);
718e3744 2530 }
d62a17ae 2531 if (bgp_debug_neighbor_events(peer))
f70c91dc 2532 zlog_debug("%pBP rcvd Refresh %s ORF request", peer,
d62a17ae 2533 when_to_refresh == REFRESH_DEFER
2534 ? "Defer"
2535 : "Immediate");
2536 if (when_to_refresh == REFRESH_DEFER)
d8151687 2537 return BGP_PACKET_NOOP;
d62a17ae 2538 }
40d2700d 2539
d62a17ae 2540 /* First update is deferred until ORF or ROUTE-REFRESH is received */
2541 if (CHECK_FLAG(peer->af_sflags[afi][safi],
2542 PEER_STATUS_ORF_WAIT_REFRESH))
2543 UNSET_FLAG(peer->af_sflags[afi][safi],
2544 PEER_STATUS_ORF_WAIT_REFRESH);
2545
2546 paf = peer_af_find(peer, afi, safi);
2547 if (paf && paf->subgroup) {
2548 if (peer->orf_plist[afi][safi]) {
2549 updgrp = PAF_UPDGRP(paf);
2550 updgrp_peer = UPDGRP_PEER(updgrp);
2551 updgrp_peer->orf_plist[afi][safi] =
2552 peer->orf_plist[afi][safi];
2553 }
2554
2adac256
DA		 2555 /* Avoid supressing duplicate routes later
2556 * when processing in subgroup_announce_table().
2557 */
e1a32ec1 2558 force_update = true;
2adac256 2559
d62a17ae 2560 /* If the peer is configured for default-originate clear the
2561 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
2562 * re-advertise the
2563 * default
2564 */
2565 if (CHECK_FLAG(paf->subgroup->sflags,
2566 SUBGRP_STATUS_DEFAULT_ORIGINATE))
2567 UNSET_FLAG(paf->subgroup->sflags,
2568 SUBGRP_STATUS_DEFAULT_ORIGINATE);
718e3744 2569 }
d62a17ae 2570
9af52ccf
DA		 2571 if (subtype == BGP_ROUTE_REFRESH_BORR) {
2572 /* A BGP speaker that has received the Graceful Restart
2573 * Capability from its neighbor MUST ignore any BoRRs for
2574 * an <AFI, SAFI> from the neighbor before the speaker
2575 * receives the EoR for the given <AFI, SAFI> from the
2576 * neighbor.
2577 */
2578 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)
2579 && !CHECK_FLAG(peer->af_sflags[afi][safi],
2580 PEER_STATUS_EOR_RECEIVED)) {
2581 if (bgp_debug_neighbor_events(peer))
2582 zlog_debug(
f70c91dc
DA		 2583 "%pBP rcvd route-refresh (BoRR) for %s/%s before EoR",
2584 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2585 return BGP_PACKET_NOOP;
2586 }
2587
2588 if (peer->t_refresh_stalepath) {
2589 if (bgp_debug_neighbor_events(peer))
2590 zlog_debug(
f70c91dc
DA		 2591 "%pBP rcvd route-refresh (BoRR) for %s/%s, whereas BoRR already received",
2592 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2593 return BGP_PACKET_NOOP;
2594 }
2595
2596 SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_BORR_RECEIVED);
2597 UNSET_FLAG(peer->af_sflags[afi][safi],
2598 PEER_STATUS_EORR_RECEIVED);
2599
2600 /* When a BGP speaker receives a BoRR message from
2601 * a peer, it MUST mark all the routes with the given
2602 * Address Family Identifier and Subsequent Address
2603 * Family Identifier, <AFI, SAFI> [RFC2918], from
2604 * that peer as stale.
2605 */
2606 if (peer_active_nego(peer)) {
2607 SET_FLAG(peer->af_sflags[afi][safi],
2608 PEER_STATUS_ENHANCED_REFRESH);
2609 bgp_set_stale_route(peer, afi, safi);
2610 }
2611
feb17238 2612 if (peer_established(peer))
9af52ccf
DA		 2613 thread_add_timer(bm->master,
2614 bgp_refresh_stalepath_timer_expire,
2615 paf, peer->bgp->stalepath_time,
2616 &peer->t_refresh_stalepath);
2617
2618 if (bgp_debug_neighbor_events(peer))
2619 zlog_debug(
f70c91dc
DA		 2620 "%pBP rcvd route-refresh (BoRR) for %s/%s, triggering timer for %u seconds",
2621 peer, afi2str(afi), safi2str(safi),
9af52ccf
DA		 2622 peer->bgp->stalepath_time);
2623 } else if (subtype == BGP_ROUTE_REFRESH_EORR) {
2624 if (!peer->t_refresh_stalepath) {
2625 zlog_err(
f70c91dc
DA		 2626 "%pBP rcvd route-refresh (EoRR) for %s/%s, whereas no BoRR received",
2627 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2628 return BGP_PACKET_NOOP;
2629 }
2630
fa5806c3 2631 THREAD_OFF(peer->t_refresh_stalepath);
9af52ccf
DA		 2632
2633 SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EORR_RECEIVED);
2634 UNSET_FLAG(peer->af_sflags[afi][safi],
2635 PEER_STATUS_BORR_RECEIVED);
2636
2637 if (bgp_debug_neighbor_events(peer))
2638 zlog_debug(
f70c91dc
DA		 2639 "%pBP rcvd route-refresh (EoRR) for %s/%s, stopping BoRR timer",
2640 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2641
2642 if (peer->nsf[afi][safi])
2643 bgp_clear_stale_route(peer, afi, safi);
2644 } else {
bcbeb3f9 2645 if (bgp_debug_neighbor_events(peer))
a7d91a8c 2646 zlog_debug(
f70c91dc
DA		 2647 "%pBP rcvd route-refresh (REQUEST) for %s/%s",
2648 peer, afi2str(afi), safi2str(safi));
bcbeb3f9 2649
9af52ccf
DA		 2650 /* In response to a "normal route refresh request" from the
2651 * peer, the speaker MUST send a BoRR message.
2652 */
2653 if (CHECK_FLAG(peer->cap, PEER_CAP_ENHANCED_RR_RCV)) {
2654 /* For a BGP speaker that supports the BGP Graceful
2655 * Restart, it MUST NOT send a BoRR for an <AFI, SAFI>
2656 * to a neighbor before it sends the EoR for the
2657 * <AFI, SAFI> to the neighbor.
2658 */
2659 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
2660 PEER_STATUS_EOR_SEND)) {
2661 if (bgp_debug_neighbor_events(peer))
2662 zlog_debug(
f70c91dc
DA		 2663 "%pBP rcvd route-refresh (REQUEST) for %s/%s before EoR",
2664 peer, afi2str(afi),
2665 safi2str(safi));
a783cc05
XL		 2666 /* Can't send BoRR now, postpone after EoR */
2667 SET_FLAG(peer->af_sflags[afi][safi],
2668 PEER_STATUS_REFRESH_PENDING);
9af52ccf
DA		 2669 return BGP_PACKET_NOOP;
2670 }
2671
2672 bgp_route_refresh_send(peer, afi, safi, 0, 0, 0,
2673 BGP_ROUTE_REFRESH_BORR);
2674
2675 if (bgp_debug_neighbor_events(peer))
2676 zlog_debug(
f70c91dc
DA		 2677 "%pBP sending route-refresh (BoRR) for %s/%s",
2678 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2679
2680 /* Set flag Ready-To-Send to know when we can send EoRR
2681 * message.
2682 */
2683 SET_FLAG(peer->af_sflags[afi][safi],
2684 PEER_STATUS_BORR_SEND);
2685 UNSET_FLAG(peer->af_sflags[afi][safi],
2686 PEER_STATUS_EORR_SEND);
2687 }
2688 }
2689
d62a17ae 2690 /* Perform route refreshment to the peer */
e1a32ec1 2691 bgp_announce_route(peer, afi, safi, force_update);
d8151687
QY		 2692
2693 /* No FSM action necessary */
2694 return BGP_PACKET_NOOP;
718e3744 2695}
2696
d8151687
QY		 2697/**
2698 * Parse BGP CAPABILITY message for peer.
2699 *
2700 * @param peer
2701 * @param size size of the packet
2702 * @return as in summary
2703 */
d7c0a89a 2704static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
d62a17ae 2705 bgp_size_t length)
718e3744 2706{
d7c0a89a 2707 uint8_t *end;
d62a17ae 2708 struct capability_mp_data mpc;
2709 struct capability_header *hdr;
d7c0a89a 2710 uint8_t action;
d62a17ae 2711 iana_afi_t pkt_afi;
2712 afi_t afi;
5c525538
RW		 2713 iana_safi_t pkt_safi;
2714 safi_t safi;
d62a17ae 2715
2716 end = pnt + length;
2717
2718 while (pnt < end) {
2719 /* We need at least action, capability code and capability
2720 * length. */
2721 if (pnt + 3 > end) {
2722 zlog_info("%s Capability length error", peer->host);
0e35025e
DA		 2723 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2724 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2725 return BGP_Stop;
d62a17ae 2726 }
2727 action = *pnt;
2728 hdr = (struct capability_header *)(pnt + 1);
2729
2730 /* Action value check. */
2731 if (action != CAPABILITY_ACTION_SET
2732 && action != CAPABILITY_ACTION_UNSET) {
2733 zlog_info("%s Capability Action Value error %d",
2734 peer->host, action);
0e35025e
DA		 2735 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2736 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2737 return BGP_Stop;
d62a17ae 2738 }
2739
2740 if (bgp_debug_neighbor_events(peer))
2741 zlog_debug(
2742 "%s CAPABILITY has action: %d, code: %u, length %u",
2743 peer->host, action, hdr->code, hdr->length);
2744
ff6db102
DS		 2745 if (hdr->length < sizeof(struct capability_mp_data)) {
2746 zlog_info(
2747 "%pBP Capability structure is not properly filled out, expected at least %zu bytes but header length specified is %d",
2748 peer, sizeof(struct capability_mp_data),
2749 hdr->length);
2750 return BGP_Stop;
2751 }
2752
d62a17ae 2753 /* Capability length check. */
2754 if ((pnt + hdr->length + 3) > end) {
2755 zlog_info("%s Capability length error", peer->host);
0e35025e
DA		 2756 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2757 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2758 return BGP_Stop;
d62a17ae 2759 }
2760
2761 /* Fetch structure to the byte stream. */
2762 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
d2b6417b 2763 pnt += hdr->length + 3;
d62a17ae 2764
2765 /* We know MP Capability Code. */
2766 if (hdr->code == CAPABILITY_CODE_MP) {
2767 pkt_afi = ntohs(mpc.afi);
2768 pkt_safi = mpc.safi;
2769
2770 /* Ignore capability when override-capability is set. */
2771 if (CHECK_FLAG(peer->flags,
2772 PEER_FLAG_OVERRIDE_CAPABILITY))
2773 continue;
2774
2775 /* Convert AFI, SAFI to internal values. */
2776 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2777 &safi)) {
2778 if (bgp_debug_neighbor_events(peer))
2779 zlog_debug(
3efd0893 2780 "%s Dynamic Capability MP_EXT afi/safi invalid (%s/%s)",
748a041f
DS		 2781 peer->host,
2782 iana_afi2str(pkt_afi),
2783 iana_safi2str(pkt_safi));
d62a17ae 2784 continue;
2785 }
2786
2787 /* Address family check. */
2788 if (bgp_debug_neighbor_events(peer))
2789 zlog_debug(
c386cdd8 2790 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
d62a17ae 2791 peer->host,
2792 action == CAPABILITY_ACTION_SET
2793 ? "Advertising"
2794 : "Removing",
c386cdd8
DA		 2795 iana_afi2str(pkt_afi),
2796 iana_safi2str(pkt_safi));
d62a17ae 2797
2798 if (action == CAPABILITY_ACTION_SET) {
2799 peer->afc_recv[afi][safi] = 1;
2800 if (peer->afc[afi][safi]) {
2801 peer->afc_nego[afi][safi] = 1;
e1a32ec1
DS		 2802 bgp_announce_route(peer, afi, safi,
2803 false);
d62a17ae 2804 }
2805 } else {
2806 peer->afc_recv[afi][safi] = 0;
2807 peer->afc_nego[afi][safi] = 0;
2808
2809 if (peer_active_nego(peer))
2810 bgp_clear_route(peer, afi, safi);
2811 else
d8151687 2812 return BGP_Stop;
d62a17ae 2813 }
2814 } else {
ade6974d 2815 flog_warn(
e50f7cfd 2816 EC_BGP_UNRECOGNIZED_CAPABILITY,
ade6974d
QY		 2817 "%s unrecognized capability code: %d - ignored",
2818 peer->host, hdr->code);
d62a17ae 2819 }
d62a17ae 2820 }
d8151687
QY		 2821
2822 /* No FSM action necessary */
2823 return BGP_PACKET_NOOP;
718e3744 2824}
2825
d8151687
QY		 2826/**
2827 * Parse BGP CAPABILITY message for peer.
01b7ce2d 2828 *
d8151687
QY		 2829 * Exported for unit testing.
2830 *
2831 * @param peer
2832 * @param size size of the packet
2833 * @return as in summary
01b7ce2d 2834 */
d62a17ae 2835int bgp_capability_receive(struct peer *peer, bgp_size_t size)
718e3744 2836{
d7c0a89a 2837 uint8_t *pnt;
d62a17ae 2838
2839 /* Fetch pointer. */
424ab01d 2840 pnt = stream_pnt(peer->curr);
d62a17ae 2841
2842 if (bgp_debug_neighbor_events(peer))
2843 zlog_debug("%s rcv CAPABILITY", peer->host);
2844
2845 /* If peer does not have the capability, send notification. */
2846 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
e50f7cfd 2847 flog_err(EC_BGP_NO_CAP,
1c50c1c0
QY		 2848 "%s [Error] BGP dynamic capability is not enabled",
2849 peer->host);
d62a17ae 2850 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2851 BGP_NOTIFY_HEADER_BAD_MESTYPE);
d8151687 2852 return BGP_Stop;
d62a17ae 2853 }
2854
2855 /* Status must be Established. */
feb17238 2856 if (!peer_established(peer)) {
af4c2728 2857 flog_err(
e50f7cfd 2858 EC_BGP_NO_CAP,
d62a17ae 2859 "%s [Error] Dynamic capability packet received under status %s",
2860 peer->host,
2861 lookup_msg(bgp_status_msg, peer->status, NULL));
0e35025e 2862 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
3893aeee 2863 bgp_fsm_error_subcode(peer->status));
d8151687 2864 return BGP_Stop;
d62a17ae 2865 }
2866
2867 /* Parse packet. */
2868 return bgp_capability_msg_parse(peer, pnt, size);
718e3744 2869}
6b0655a2 2870
d8151687
QY		 2871/**
2872 * Processes a peer's input buffer.
2873 *
2874 * This function sidesteps the event loop and directly calls bgp_event_update()
2875 * after processing each BGP message. This is necessary to ensure proper
2876 * ordering of FSM events and unifies the behavior that was present previously,
2877 * whereby some of the packet handling functions would update the FSM and some
2878 * would not, making event flow difficult to understand. Please think twice
2879 * before hacking this.
2880 *
2881 * Thread type: THREAD_EVENT
2882 * @param thread
2883 * @return 0
2884 */
cc9f21da 2885void bgp_process_packet(struct thread *thread)
718e3744 2886{
424ab01d 2887 /* Yes first of all get peer pointer. */
d8151687
QY		 2888 struct peer *peer; // peer
2889 uint32_t rpkt_quanta_old; // how many packets to read
2890 int fsm_update_result; // return code of bgp_event_update()
2891 int mprc; // message processing return code
555e09d4 2892
424ab01d 2893 peer = THREAD_ARG(thread);
555e09d4
QY		 2894 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2895 memory_order_relaxed);
e3c7270d 2896 fsm_update_result = 0;
555e09d4 2897
424ab01d 2898 /* Guard against scheduled events that occur after peer deletion. */
9eb217ff 2899 if (peer->status == Deleted || peer->status == Clearing)
cc9f21da 2900 return;
718e3744 2901
555e09d4 2902 unsigned int processed = 0;
d62a17ae 2903
555e09d4 2904 while (processed < rpkt_quanta_old) {
d7c0a89a 2905 uint8_t type = 0;
9eb217ff
QY		 2906 bgp_size_t size;
2907 char notify_data_length[2];
d62a17ae 2908
cb1991af 2909 frr_with_mutex (&peer->io_mtx) {
9eb217ff
QY		 2910 peer->curr = stream_fifo_pop(peer->ibuf);
2911 }
d62a17ae 2912
9eb217ff 2913 if (peer->curr == NULL) // no packets to process, hmm...
cc9f21da 2914 return;
d62a17ae 2915
9eb217ff
QY		 2916 /* skip the marker and copy the packet length */
2917 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2918 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2919
2920 /* read in the packet length and type */
2921 size = stream_getw(peer->curr);
2922 type = stream_getc(peer->curr);
2923
584470fb 2924 hook_call(bgp_packet_dump, peer, type, size, peer->curr);
9eb217ff
QY		 2925
2926 /* adjust size to exclude the marker + length + type */
2927 size -= BGP_HEADER_SIZE;
2928
2929 /* Read rest of the packet and call each sort of packet routine
2930 */
2931 switch (type) {
2932 case BGP_MSG_OPEN:
c7bb4f00 2933 frrtrace(2, frr_bgp, open_process, peer, size);
0112e9e0
QY		 2934 atomic_fetch_add_explicit(&peer->open_in, 1,
2935 memory_order_relaxed);
d8151687
QY		 2936 mprc = bgp_open_receive(peer, size);
2937 if (mprc == BGP_Stop)
af4c2728 2938 flog_err(
e50f7cfd 2939 EC_BGP_PKT_OPEN,
d8151687 2940 "%s: BGP OPEN receipt failed for peer: %s",
0767b4f3 2941 __func__, peer->host);
9eb217ff
QY		 2942 break;
2943 case BGP_MSG_UPDATE:
c7bb4f00 2944 frrtrace(2, frr_bgp, update_process, peer, size);
0112e9e0
QY		 2945 atomic_fetch_add_explicit(&peer->update_in, 1,
2946 memory_order_relaxed);
9eb217ff 2947 peer->readtime = monotime(NULL);
d8151687
QY		 2948 mprc = bgp_update_receive(peer, size);
2949 if (mprc == BGP_Stop)
af4c2728 2950 flog_err(
e50f7cfd 2951 EC_BGP_UPDATE_RCV,
d8151687 2952 "%s: BGP UPDATE receipt failed for peer: %s",
0767b4f3 2953 __func__, peer->host);
9eb217ff
QY		 2954 break;
2955 case BGP_MSG_NOTIFY:
c7bb4f00 2956 frrtrace(2, frr_bgp, notification_process, peer, size);
0112e9e0
QY		 2957 atomic_fetch_add_explicit(&peer->notify_in, 1,
2958 memory_order_relaxed);
d8151687
QY		 2959 mprc = bgp_notify_receive(peer, size);
2960 if (mprc == BGP_Stop)
af4c2728 2961 flog_err(
e50f7cfd 2962 EC_BGP_NOTIFY_RCV,
d8151687 2963 "%s: BGP NOTIFY receipt failed for peer: %s",
0767b4f3 2964 __func__, peer->host);
9eb217ff
QY		 2965 break;
2966 case BGP_MSG_KEEPALIVE:
c7bb4f00 2967 frrtrace(2, frr_bgp, keepalive_process, peer, size);
9eb217ff 2968 peer->readtime = monotime(NULL);
0112e9e0
QY		 2969 atomic_fetch_add_explicit(&peer->keepalive_in, 1,
2970 memory_order_relaxed);
d8151687
QY		 2971 mprc = bgp_keepalive_receive(peer, size);
2972 if (mprc == BGP_Stop)
af4c2728 2973 flog_err(
e50f7cfd 2974 EC_BGP_KEEP_RCV,
d8151687 2975 "%s: BGP KEEPALIVE receipt failed for peer: %s",
0767b4f3 2976 __func__, peer->host);
9eb217ff
QY		 2977 break;
2978 case BGP_MSG_ROUTE_REFRESH_NEW:
2979 case BGP_MSG_ROUTE_REFRESH_OLD:
c7bb4f00 2980 frrtrace(2, frr_bgp, refresh_process, peer, size);
0112e9e0
QY		 2981 atomic_fetch_add_explicit(&peer->refresh_in, 1,
2982 memory_order_relaxed);
d8151687
QY		 2983 mprc = bgp_route_refresh_receive(peer, size);
2984 if (mprc == BGP_Stop)
af4c2728 2985 flog_err(
e50f7cfd 2986 EC_BGP_RFSH_RCV,
d8151687 2987 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
0767b4f3 2988 __func__, peer->host);
9eb217ff
QY		 2989 break;
2990 case BGP_MSG_CAPABILITY:
c7bb4f00 2991 frrtrace(2, frr_bgp, capability_process, peer, size);
0112e9e0
QY		 2992 atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
2993 memory_order_relaxed);
d8151687
QY		 2994 mprc = bgp_capability_receive(peer, size);
2995 if (mprc == BGP_Stop)
af4c2728 2996 flog_err(
e50f7cfd 2997 EC_BGP_CAP_RCV,
d8151687 2998 "%s: BGP CAPABILITY receipt failed for peer: %s",
0767b4f3 2999 __func__, peer->host);
9eb217ff 3000 break;
e3c7270d 3001 default:
db878db0
QY		 3002 /* Suppress uninitialized variable warning */
3003 mprc = 0;
5041dc4f 3004 (void)mprc;
becedef6
QY		 3005 /*
3006 * The message type should have been sanitized before
3007 * we ever got here. Receipt of a message with an
3008 * invalid header at this point is indicative of a
3009 * security issue.
3010 */
e3c7270d 3011 assert (!"Message of invalid type received during input processing");
9eb217ff
QY		 3012 }
3013
d8151687
QY		 3014 /* delete processed packet */
3015 stream_free(peer->curr);
3016 peer->curr = NULL;
3017 processed++;
9eb217ff 3018
d8151687
QY		 3019 /* Update FSM */
3020 if (mprc != BGP_PACKET_NOOP)
3021 fsm_update_result = bgp_event_update(peer, mprc);
e3c7270d
QY		 3022 else
3023 continue;
d8151687 3024
becedef6
QY		 3025 /*
3026 * If peer was deleted, do not process any more packets. This
3027 * is usually due to executing BGP_Stop or a stub deletion.
3028 */
d8151687
QY		 3029 if (fsm_update_result == FSM_PEER_TRANSFERRED
3030 || fsm_update_result == FSM_PEER_STOPPED)
3031 break;
d62a17ae 3032 }
3033
d8151687
QY		 3034 if (fsm_update_result != FSM_PEER_TRANSFERRED
3035 && fsm_update_result != FSM_PEER_STOPPED) {
cb1991af 3036 frr_with_mutex (&peer->io_mtx) {
becedef6
QY		 3037 // more work to do, come back later
3038 if (peer->ibuf->count > 0)
e0d550df 3039 thread_add_event(
4af76660
QY		 3040 bm->master, bgp_process_packet, peer, 0,
3041 &peer->t_process_packet);
d8151687 3042 }
718e3744 3043 }
718e3744 3044}
9e3b51a7 3045
3046/* Send EOR when routes are processed by selection deferral timer */
3047void bgp_send_delayed_eor(struct bgp *bgp)
3048{
3049 struct peer *peer;
3050 struct listnode *node, *nnode;
3051
3052 /* EOR message sent in bgp_write_proceed_actions */
3053 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer))
3054 bgp_write_proceed_actions(peer);
3055}
6af96fa3
MS		 3056
3057/*
3058 * Task callback to handle socket error encountered in the io pthread. We avoid
3059 * having the io pthread try to enqueue fsm events or mess with the peer
3060 * struct.
3061 */
cc9f21da 3062void bgp_packet_process_error(struct thread *thread)
6af96fa3
MS		 3063{
3064 struct peer *peer;
3065 int code;
3066
3067 peer = THREAD_ARG(thread);
3068 code = THREAD_VAL(thread);
3069
3070 if (bgp_debug_neighbor_events(peer))
3071 zlog_debug("%s [Event] BGP error %d on fd %d",
046bb347 3072 peer->host, code, peer->fd);
6af96fa3
MS		 3073
3074 /* Closed connection or error on the socket */
feb17238 3075 if (peer_established(peer)) {
6af96fa3
MS		 3076 if ((CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART)
3077 || CHECK_FLAG(peer->flags,
3078 PEER_FLAG_GRACEFUL_RESTART_HELPER))
3079 && CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE)) {
3080 peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
3081 SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT);
3082 } else
3083 peer->last_reset = PEER_DOWN_CLOSE_SESSION;
3084 }
3085
3086 bgp_event_update(peer, code);
6af96fa3 3087}
FRRouting mirror