]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
bgpd: peer->bgp must be non NULL
[mirror_frr.git] / bgpd / bgp_packet.c
CommitLineData
718e3744 1/* BGP packet management routine.
56257a44
QY		 2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
896014f4
DL		 4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
718e3744 22
23#include <zebra.h>
d3ecc69e 24#include <sys/time.h>
718e3744 25
26#include "thread.h"
27#include "stream.h"
28#include "network.h"
29#include "prefix.h"
30#include "command.h"
31#include "log.h"
32#include "memory.h"
d62a17ae 33#include "sockunion.h" /* for inet_ntop () */
baa376fc 34#include "sockopt.h"
718e3744 35#include "linklist.h"
36#include "plist.h"
3f9c7369 37#include "queue.h"
039f3a34 38#include "filter.h"
718e3744 39
40#include "bgpd/bgpd.h"
41#include "bgpd/bgp_table.h"
42#include "bgpd/bgp_dump.h"
43#include "bgpd/bgp_attr.h"
44#include "bgpd/bgp_debug.h"
45#include "bgpd/bgp_fsm.h"
46#include "bgpd/bgp_route.h"
47#include "bgpd/bgp_packet.h"
48#include "bgpd/bgp_open.h"
49#include "bgpd/bgp_aspath.h"
50#include "bgpd/bgp_community.h"
51#include "bgpd/bgp_ecommunity.h"
57d187bc 52#include "bgpd/bgp_lcommunity.h"
718e3744 53#include "bgpd/bgp_network.h"
54#include "bgpd/bgp_mplsvpn.h"
7ef5a232 55#include "bgpd/bgp_evpn.h"
718e3744 56#include "bgpd/bgp_advertise.h"
93406d87 57#include "bgpd/bgp_vty.h"
3f9c7369 58#include "bgpd/bgp_updgrp.h"
cd1964ff 59#include "bgpd/bgp_label.h"
56257a44 60#include "bgpd/bgp_io.h"
934af458 61#include "bgpd/bgp_keepalives.h"
718e3744 62
d8151687
QY		 63/**
64 * Sets marker and type fields for a BGP message.
65 *
66 * @param s the stream containing the packet
67 * @param type the packet type
68 * @return the size of the stream
69 */
d62a17ae 70int bgp_packet_set_marker(struct stream *s, u_char type)
718e3744 71{
d62a17ae 72 int i;
718e3744 73
d62a17ae 74 /* Fill in marker. */
75 for (i = 0; i < BGP_MARKER_SIZE; i++)
76 stream_putc(s, 0xff);
718e3744 77
d62a17ae 78 /* Dummy total length. This field is should be filled in later on. */
79 stream_putw(s, 0);
718e3744 80
d62a17ae 81 /* BGP packet type. */
82 stream_putc(s, type);
718e3744 83
d62a17ae 84 /* Return current stream size. */
85 return stream_get_endp(s);
718e3744 86}
87
d8151687
QY		 88/**
89 * Sets size field for a BGP message.
90 *
91 * Size field is set to the size of the stream passed.
92 *
93 * @param s the stream containing the packet
94 * @return the size of the stream
95 */
d62a17ae 96int bgp_packet_set_size(struct stream *s)
718e3744 97{
d62a17ae 98 int cp;
718e3744 99
d62a17ae 100 /* Preserve current pointer. */
101 cp = stream_get_endp(s);
102 stream_putw_at(s, BGP_MARKER_SIZE, cp);
718e3744 103
d62a17ae 104 return cp;
718e3744 105}
106
d3ecc69e
QY		 107/*
108 * Push a packet onto the beginning of the peer's output queue.
109 * This function acquires the peer's write mutex before proceeding.
110 */
111static void bgp_packet_add(struct peer *peer, struct stream *s)
112{
424ab01d 113 pthread_mutex_lock(&peer->io_mtx);
56257a44 114 stream_fifo_push(peer->obuf, s);
424ab01d 115 pthread_mutex_unlock(&peer->io_mtx);
718e3744 116}
117
d62a17ae 118static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
119 safi_t safi)
93406d87 120{
d62a17ae 121 struct stream *s;
122 iana_afi_t pkt_afi;
5c525538 123 iana_safi_t pkt_safi;
d62a17ae 124
125 if (DISABLE_BGP_ANNOUNCE)
126 return NULL;
127
128 if (bgp_debug_neighbor_events(peer))
129 zlog_debug("send End-of-RIB for %s to %s",
130 afi_safi_print(afi, safi), peer->host);
131
132 s = stream_new(BGP_MAX_PACKET_SIZE);
133
134 /* Make BGP update packet. */
135 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
136
137 /* Unfeasible Routes Length */
138 stream_putw(s, 0);
139
140 if (afi == AFI_IP && safi == SAFI_UNICAST) {
141 /* Total Path Attribute Length */
142 stream_putw(s, 0);
143 } else {
144 /* Convert AFI, SAFI to values for packet. */
145 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
146
147 /* Total Path Attribute Length */
148 stream_putw(s, 6);
149 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
150 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
151 stream_putc(s, 3);
152 stream_putw(s, pkt_afi);
153 stream_putc(s, pkt_safi);
154 }
155
156 bgp_packet_set_size(s);
d62a17ae 157 return s;
718e3744 158}
159
d8151687
QY		 160/* Called when there is a change in the EOR(implicit or explicit) status of a
161 * peer. Ends the update-delay if all expected peers are done with EORs. */
162void bgp_check_update_delay(struct bgp *bgp)
163{
164 struct listnode *node, *nnode;
165 struct peer *peer = NULL;
166
167 if (bgp_debug_neighbor_events(peer))
168 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
169 bgp->established, bgp->restarted_peers,
170 bgp->implicit_eors, bgp->explicit_eors);
171
172 if (bgp->established
173 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
becedef6
QY		 174 /*
175 * This is an extra sanity check to make sure we wait for all
176 * the eligible configured peers. This check is performed if
177 * establish wait timer is on, or establish wait option is not
178 * given with the update-delay command
179 */
d8151687
QY		 180 if (bgp->t_establish_wait
181 || (bgp->v_establish_wait == bgp->v_update_delay))
182 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
183 if (CHECK_FLAG(peer->flags,
184 PEER_FLAG_CONFIG_NODE)
185 && !CHECK_FLAG(peer->flags,
186 PEER_FLAG_SHUTDOWN)
187 && !peer->update_delay_over) {
188 if (bgp_debug_neighbor_events(peer))
189 zlog_debug(
190 " Peer %s pending, continuing read-only mode",
191 peer->host);
192 return;
193 }
194 }
195
196 zlog_info(
197 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
198 bgp->restarted_peers, bgp->implicit_eors,
199 bgp->explicit_eors);
200 bgp_update_delay_end(bgp);
201 }
202}
203
becedef6
QY		 204/*
205 * Called if peer is known to have restarted. The restart-state bit in
206 * Graceful-Restart capability is used for that
207 */
d8151687
QY		 208void bgp_update_restarted_peers(struct peer *peer)
209{
210 if (!bgp_update_delay_active(peer->bgp))
211 return; /* BGP update delay has ended */
212 if (peer->update_delay_over)
213 return; /* This peer has already been considered */
214
215 if (bgp_debug_neighbor_events(peer))
216 zlog_debug("Peer %s: Checking restarted", peer->host);
217
218 if (peer->status == Established) {
219 peer->update_delay_over = 1;
220 peer->bgp->restarted_peers++;
221 bgp_check_update_delay(peer->bgp);
222 }
223}
224
becedef6
QY		 225/*
226 * Called as peer receives a keep-alive. Determines if this occurence can be
227 * taken as an implicit EOR for this peer.
228 * NOTE: The very first keep-alive after the Established state of a peer is
229 * considered implicit EOR for the update-delay purposes
230 */
d8151687
QY		 231void bgp_update_implicit_eors(struct peer *peer)
232{
233 if (!bgp_update_delay_active(peer->bgp))
234 return; /* BGP update delay has ended */
235 if (peer->update_delay_over)
236 return; /* This peer has already been considered */
237
238 if (bgp_debug_neighbor_events(peer))
239 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
240
241 if (peer->status == Established) {
242 peer->update_delay_over = 1;
243 peer->bgp->implicit_eors++;
244 bgp_check_update_delay(peer->bgp);
245 }
246}
247
becedef6
QY		 248/*
249 * Should be called only when there is a change in the EOR_RECEIVED status
250 * for any afi/safi on a peer.
251 */
d8151687
QY		 252static void bgp_update_explicit_eors(struct peer *peer)
253{
254 afi_t afi;
255 safi_t safi;
256
257 if (!bgp_update_delay_active(peer->bgp))
258 return; /* BGP update delay has ended */
259 if (peer->update_delay_over)
260 return; /* This peer has already been considered */
261
262 if (bgp_debug_neighbor_events(peer))
263 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
264
265 for (afi = AFI_IP; afi < AFI_MAX; afi++)
266 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
267 if (peer->afc_nego[afi][safi]
268 && !CHECK_FLAG(peer->af_sflags[afi][safi],
269 PEER_STATUS_EOR_RECEIVED)) {
270 if (bgp_debug_neighbor_events(peer))
271 zlog_debug(
272 " afi %d safi %d didnt receive EOR",
273 afi, safi);
274 return;
275 }
276 }
277
278 peer->update_delay_over = 1;
279 peer->bgp->explicit_eors++;
280 bgp_check_update_delay(peer->bgp);
281}
282
283/**
284 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
285 *
286 * mp_withdraw, if set, is used to nullify attr structure on most of the
287 * calling safi function and for evpn, passed as parameter
288 */
289int bgp_nlri_parse(struct peer *peer, struct attr *attr,
290 struct bgp_nlri *packet, int mp_withdraw)
291{
292 switch (packet->safi) {
293 case SAFI_UNICAST:
294 case SAFI_MULTICAST:
295 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
296 packet);
297 case SAFI_LABELED_UNICAST:
298 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
299 packet);
300 case SAFI_MPLS_VPN:
301 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
302 packet);
303 case SAFI_EVPN:
304 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
305 }
306 return -1;
307}
308
6ec98a2f
QY		 309/*
310 * Checks a variety of conditions to determine whether the peer needs to be
311 * rescheduled for packet generation again, and does so if necessary.
312 *
313 * @param peer to check for rescheduling
314 */
af1e1dc6
QY		 315static void bgp_write_proceed_actions(struct peer *peer)
316{
317 afi_t afi;
318 safi_t safi;
319 struct peer_af *paf;
320 struct bpacket *next_pkt;
321 struct update_subgroup *subgrp;
322
c58b0f46
QY		 323 FOREACH_AFI_SAFI (afi, safi) {
324 paf = peer_af_find(peer, afi, safi);
325 if (!paf)
326 continue;
327 subgrp = paf->subgroup;
328 if (!subgrp)
329 continue;
330
331 next_pkt = paf->next_pkt_to_send;
332 if (next_pkt && next_pkt->buffer) {
333 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
334 bgp_generate_updgrp_packets, 0);
335 return;
336 }
af1e1dc6 337
c58b0f46
QY		 338 /* No packets readily available for AFI/SAFI, are there
339 * subgroup packets
340 * that need to be generated? */
341 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
342 SUBGRP_PKTQ(subgrp))
343 || subgroup_packets_to_build(subgrp)) {
344 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
345 bgp_generate_updgrp_packets, 0);
346 return;
347 }
af1e1dc6 348
c58b0f46
QY		 349 /* No packets to send, see if EOR is pending */
350 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
351 if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
352 && peer->synctime
353 && !CHECK_FLAG(peer->af_sflags[afi][safi],
354 PEER_STATUS_EOR_SEND)
355 && safi != SAFI_MPLS_VPN) {
af1e1dc6
QY		 356 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
357 bgp_generate_updgrp_packets, 0);
358 return;
359 }
af1e1dc6 360 }
c58b0f46 361 }
af1e1dc6
QY		 362}
363
6ec98a2f
QY		 364/*
365 * Generate advertisement information (withdraws, updates, EOR) from each
366 * update group a peer belongs to, encode this information into packets, and
367 * enqueue the packets onto the peer's output buffer.
56257a44
QY		 368 */
369int bgp_generate_updgrp_packets(struct thread *thread)
718e3744 370{
56257a44 371 struct peer *peer = THREAD_ARG(thread);
56257a44
QY		 372
373 struct stream *s;
d62a17ae 374 struct peer_af *paf;
375 struct bpacket *next_pkt;
d0ad6d8e
QY		 376 uint32_t wpq;
377 uint32_t generated = 0;
d62a17ae 378 afi_t afi;
379 safi_t safi;
380
d0ad6d8e
QY		 381 wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
382 memory_order_relaxed);
383
d62a17ae 384 /*
385 * The code beyond this part deals with update packets, proceed only
386 * if peer is Established and updates are not on hold (as part of
387 * update-delay post processing).
3f9c7369 388 */
d62a17ae 389 if (peer->status != Established)
56257a44 390 return 0;
d62a17ae 391
5410015a 392 if (peer->bgp->main_peers_update_hold)
56257a44 393 return 0;
d62a17ae 394
56257a44
QY		 395 do {
396 s = NULL;
c58b0f46
QY		 397 FOREACH_AFI_SAFI (afi, safi) {
398 paf = peer_af_find(peer, afi, safi);
399 if (!paf || !PAF_SUBGRP(paf))
400 continue;
401 next_pkt = paf->next_pkt_to_send;
80bd61c4 402
c58b0f46
QY		 403 /*
404 * Try to generate a packet for the peer if we are at
405 * the end of the list. Always try to push out
406 * WITHDRAWs first.
407 */
408 if (!next_pkt || !next_pkt->buffer) {
409 next_pkt = subgroup_withdraw_packet(
410 PAF_SUBGRP(paf));
411 if (!next_pkt || !next_pkt->buffer)
412 subgroup_update_packet(PAF_SUBGRP(paf));
413 next_pkt = paf->next_pkt_to_send;
414 }
80bd61c4 415
c58b0f46
QY		 416 /*
417 * If we still don't have a packet to send to the peer,
418 * then try to find out out if we have to send eor or
419 * if not, skip to the next AFI, SAFI. Don't send the
420 * EOR prematurely; if the subgroup's coalesce timer is
421 * running, the adjacency-out structure is not created
422 * yet.
423 */
424 if (!next_pkt || !next_pkt->buffer) {
425 if (CHECK_FLAG(peer->cap,
426 PEER_CAP_RESTART_RCV)) {
427 if (!(PAF_SUBGRP(paf))->t_coalesce
428 && peer->afc_nego[afi][safi]
429 && peer->synctime
430 && !CHECK_FLAG(
431 peer->af_sflags[afi]
432 [safi],
433 PEER_STATUS_EOR_SEND)) {
434 SET_FLAG(peer->af_sflags[afi]
56257a44 435 [safi],
c58b0f46
QY		 436 PEER_STATUS_EOR_SEND);
437
438 if ((s = bgp_update_packet_eor(
439 peer, afi,
440 safi))) {
441 bgp_packet_add(peer, s);
56257a44 442 }
80bd61c4 443 }
d62a17ae 444 }
c58b0f46
QY		 445 continue;
446 }
d62a17ae 447
718e3744 448
c58b0f46
QY		 449 /* Found a packet template to send, overwrite
450 * packet with appropriate attributes from peer
451 * and advance peer */
452 s = bpacket_reformat_for_peer(next_pkt, paf);
453 bgp_packet_add(peer, s);
c58b0f46
QY		 454 bpacket_queue_advance_peer(paf);
455 }
d0ad6d8e 456 } while (s && (++generated < wpq));
80bd61c4 457
6ec98a2f
QY		 458 if (generated)
459 bgp_writes_on(peer);
460
af1e1dc6
QY		 461 bgp_write_proceed_actions(peer);
462
80bd61c4
QY		 463 return 0;
464}
465
d3ecc69e
QY		 466/*
467 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
468 */
d62a17ae 469void bgp_keepalive_send(struct peer *peer)
718e3744 470{
d62a17ae 471 struct stream *s;
472
473 s = stream_new(BGP_MAX_PACKET_SIZE);
718e3744 474
d62a17ae 475 /* Make keepalive packet. */
476 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
718e3744 477
d62a17ae 478 /* Set packet size. */
479 (void)bgp_packet_set_size(s);
718e3744 480
d62a17ae 481 /* Dump packet if debug option is set. */
482 /* bgp_packet_dump (s); */
718e3744 483
d62a17ae 484 if (bgp_debug_keepalive(peer))
485 zlog_debug("%s sending KEEPALIVE", peer->host);
718e3744 486
d62a17ae 487 /* Add packet to the peer. */
488 bgp_packet_add(peer, s);
424ab01d
QY		 489
490 bgp_writes_on(peer);
718e3744 491}
492
d3ecc69e
QY		 493/*
494 * Creates a BGP Open packet and appends it to the peer's output queue.
495 * Sets capabilities as necessary.
496 */
d62a17ae 497void bgp_open_send(struct peer *peer)
718e3744 498{
d62a17ae 499 struct stream *s;
500 u_int16_t send_holdtime;
501 as_t local_as;
718e3744 502
d25e4efc 503 if (PEER_OR_GROUP_TIMER_SET(peer))
d62a17ae 504 send_holdtime = peer->holdtime;
505 else
506 send_holdtime = peer->bgp->default_holdtime;
718e3744 507
d62a17ae 508 /* local-as Change */
509 if (peer->change_local_as)
510 local_as = peer->change_local_as;
511 else
512 local_as = peer->local_as;
718e3744 513
d62a17ae 514 s = stream_new(BGP_MAX_PACKET_SIZE);
718e3744 515
d62a17ae 516 /* Make open packet. */
517 bgp_packet_set_marker(s, BGP_MSG_OPEN);
718e3744 518
d62a17ae 519 /* Set open packet values. */
520 stream_putc(s, BGP_VERSION_4); /* BGP version */
9d303b37
DL		 521 stream_putw(s,
522 (local_as <= BGP_AS_MAX) ? (u_int16_t)local_as
523 : BGP_AS_TRANS);
d62a17ae 524 stream_putw(s, send_holdtime); /* Hold Time */
525 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
718e3744 526
d62a17ae 527 /* Set capability code. */
528 bgp_open_capability(s, peer);
718e3744 529
d62a17ae 530 /* Set BGP packet length. */
531 (void)bgp_packet_set_size(s);
718e3744 532
d62a17ae 533 if (bgp_debug_neighbor_events(peer))
534 zlog_debug(
535 "%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
536 peer->host, BGP_VERSION_4, local_as, send_holdtime,
537 inet_ntoa(peer->local_id));
718e3744 538
d62a17ae 539 /* Dump packet if debug option is set. */
540 /* bgp_packet_dump (s); */
718e3744 541
d62a17ae 542 /* Add packet to the peer. */
543 bgp_packet_add(peer, s);
424ab01d
QY		 544
545 bgp_writes_on(peer);
546}
547
a127f33b
QY		 548/*
549 * Writes NOTIFICATION message directly to a peer socket without waiting for
550 * the I/O thread.
551 *
552 * There must be exactly one stream on the peer->obuf FIFO, and the data within
553 * this stream must match the format of a BGP NOTIFICATION message.
554 * Transmission is best-effort.
555 *
556 * @requires peer->io_mtx
557 * @param peer
558 * @return 0
559 */
424ab01d
QY		 560static int bgp_write_notify(struct peer *peer)
561{
562 int ret, val;
563 u_char type;
564 struct stream *s;
565
a127f33b
QY		 566 /* There should be at least one packet. */
567 s = stream_fifo_pop(peer->obuf);
424ab01d 568
8ec586b0
QY		 569 if (!s)
570 return 0;
571
572 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
573
424ab01d
QY		 574 /* Stop collecting data within the socket */
575 sockopt_cork(peer->fd, 0);
576
becedef6
QY		 577 /*
578 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
579 * we only care about getting a clean shutdown at this point.
580 */
424ab01d
QY		 581 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
582
becedef6
QY		 583 /*
584 * only connection reset/close gets counted as TCP_fatal_error, failure
585 * to write the entire NOTIFY doesn't get different FSM treatment
586 */
424ab01d 587 if (ret <= 0) {
3735936b 588 stream_free(s);
424ab01d
QY		 589 BGP_EVENT_ADD(peer, TCP_fatal_error);
590 return 0;
591 }
592
593 /* Disable Nagle, make NOTIFY packet go out right away */
594 val = 1;
595 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
596 sizeof(val));
597
598 /* Retrieve BGP packet type. */
599 stream_set_getp(s, BGP_MARKER_SIZE + 2);
600 type = stream_getc(s);
601
602 assert(type == BGP_MSG_NOTIFY);
603
604 /* Type should be notify. */
0112e9e0 605 atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
424ab01d
QY		 606 peer->notify_out++;
607
608 /* Double start timer. */
609 peer->v_start *= 2;
610
611 /* Overflow check. */
612 if (peer->v_start >= (60 * 2))
613 peer->v_start = (60 * 2);
614
becedef6
QY		 615 /*
616 * Handle Graceful Restart case where the state changes to
617 * Connect instead of Idle
618 */
424ab01d
QY		 619 BGP_EVENT_ADD(peer, BGP_Stop);
620
3735936b
QY		 621 stream_free(s);
622
424ab01d 623 return 0;
718e3744 624}
625
d3ecc69e
QY		 626/*
627 * Creates a BGP Notify and appends it to the peer's output queue.
628 *
becedef6
QY		 629 * This function attempts to write the packet from the thread it is called
630 * from, to ensure the packet gets out ASAP.
d3ecc69e 631 *
a127f33b
QY		 632 * This function may be called from multiple threads. Since the function
633 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
634 * call to prevent tampering from other threads.
635 *
636 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
637 * return, the peer structure *must* be reset; no assumptions about session
638 * state are valid.
639 *
d3ecc69e
QY		 640 * @param peer
641 * @param code BGP error code
642 * @param sub_code BGP error subcode
643 * @param data Data portion
644 * @param datalen length of data portion
645 */
d62a17ae 646void bgp_notify_send_with_data(struct peer *peer, u_char code, u_char sub_code,
647 u_char *data, size_t datalen)
718e3744 648{
d62a17ae 649 struct stream *s;
650 int length;
651
a127f33b
QY		 652 /* Lock I/O mutex to prevent other threads from pushing packets */
653 pthread_mutex_lock(&peer->io_mtx);
654 /* ============================================== */
655
d62a17ae 656 /* Allocate new stream. */
657 s = stream_new(BGP_MAX_PACKET_SIZE);
658
d3ecc69e 659 /* Make notify packet. */
d62a17ae 660 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
661
662 /* Set notify packet values. */
663 stream_putc(s, code); /* BGP notify code */
664 stream_putc(s, sub_code); /* BGP notify sub_code */
665
666 /* If notify data is present. */
667 if (data)
668 stream_write(s, data, datalen);
669
670 /* Set BGP packet length. */
671 length = bgp_packet_set_size(s);
672
424ab01d 673 /* wipe output buffer */
a127f33b 674 stream_fifo_clean(peer->obuf);
d62a17ae 675
becedef6
QY		 676 /*
677 * If possible, store last packet for debugging purposes. This check is
678 * in place because we are sometimes called with a doppelganger peer,
679 * who tends to have a plethora of fields nulled out.
680 */
d8151687
QY		 681 if (peer->curr && peer->last_reset_cause_size) {
682 size_t packetsize = stream_get_endp(peer->curr);
683 assert(packetsize <= peer->last_reset_cause_size);
684 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
685 peer->last_reset_cause_size = packetsize;
686 }
687
d62a17ae 688 /* For debug */
689 {
690 struct bgp_notify bgp_notify;
691 int first = 0;
692 int i;
693 char c[4];
694
695 bgp_notify.code = code;
696 bgp_notify.subcode = sub_code;
697 bgp_notify.data = NULL;
698 bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE;
699 bgp_notify.raw_data = data;
700
701 peer->notify.code = bgp_notify.code;
702 peer->notify.subcode = bgp_notify.subcode;
703
704 if (bgp_notify.length) {
705 bgp_notify.data =
706 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
707 for (i = 0; i < bgp_notify.length; i++)
708 if (first) {
709 sprintf(c, " %02x", data[i]);
710 strcat(bgp_notify.data, c);
711 } else {
712 first = 1;
713 sprintf(c, "%02x", data[i]);
714 strcpy(bgp_notify.data, c);
715 }
716 }
717 bgp_notify_print(peer, &bgp_notify, "sending");
718
719 if (bgp_notify.data) {
720 XFREE(MTYPE_TMP, bgp_notify.data);
721 bgp_notify.data = NULL;
722 bgp_notify.length = 0;
723 }
724 }
725
726 /* peer reset cause */
727 if (code == BGP_NOTIFY_CEASE) {
728 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
729 peer->last_reset = PEER_DOWN_USER_RESET;
730 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
731 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
732 else
733 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
734 } else
735 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
736
d3ecc69e 737 /* Add packet to peer's output queue */
a127f33b 738 stream_fifo_push(peer->obuf, s);
424ab01d
QY		 739
740 bgp_write_notify(peer);
a127f33b
QY		 741
742 /* ============================================== */
743 pthread_mutex_unlock(&peer->io_mtx);
718e3744 744}
745
d3ecc69e
QY		 746/*
747 * Creates a BGP Notify and appends it to the peer's output queue.
748 *
becedef6
QY		 749 * This function attempts to write the packet from the thread it is called
750 * from, to ensure the packet gets out ASAP.
d3ecc69e
QY		 751 *
752 * @param peer
753 * @param code BGP error code
754 * @param sub_code BGP error subcode
755 */
d62a17ae 756void bgp_notify_send(struct peer *peer, u_char code, u_char sub_code)
718e3744 757{
d62a17ae 758 bgp_notify_send_with_data(peer, code, sub_code, NULL, 0);
718e3744 759}
760
d3ecc69e
QY		 761/*
762 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
763 *
764 * @param peer
765 * @param afi Address Family Identifier
766 * @param safi Subsequent Address Family Identifier
767 * @param orf_type Outbound Route Filtering type
768 * @param when_to_refresh Whether to refresh immediately or defer
769 * @param remove Whether to remove ORF for specified AFI/SAFI
770 */
d62a17ae 771void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
772 u_char orf_type, u_char when_to_refresh, int remove)
718e3744 773{
d62a17ae 774 struct stream *s;
775 struct bgp_filter *filter;
776 int orf_refresh = 0;
777 iana_afi_t pkt_afi;
5c525538 778 iana_safi_t pkt_safi;
d62a17ae 779
780 if (DISABLE_BGP_ANNOUNCE)
781 return;
782
783 filter = &peer->filter[afi][safi];
784
785 /* Convert AFI, SAFI to values for packet. */
786 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
787
788 s = stream_new(BGP_MAX_PACKET_SIZE);
789
790 /* Make BGP update packet. */
791 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
792 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
718e3744 793 else
d62a17ae 794 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
795
796 /* Encode Route Refresh message. */
797 stream_putw(s, pkt_afi);
798 stream_putc(s, 0);
799 stream_putc(s, pkt_safi);
800
801 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
802 if (remove || filter->plist[FILTER_IN].plist) {
803 u_int16_t orf_len;
804 unsigned long orfp;
805
806 orf_refresh = 1;
807 stream_putc(s, when_to_refresh);
808 stream_putc(s, orf_type);
809 orfp = stream_get_endp(s);
810 stream_putw(s, 0);
811
812 if (remove) {
813 UNSET_FLAG(peer->af_sflags[afi][safi],
814 PEER_STATUS_ORF_PREFIX_SEND);
815 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
816 if (bgp_debug_neighbor_events(peer))
817 zlog_debug(
818 "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d",
819 peer->host, orf_type,
820 (when_to_refresh == REFRESH_DEFER
821 ? "defer"
822 : "immediate"),
823 pkt_afi, pkt_safi);
824 } else {
825 SET_FLAG(peer->af_sflags[afi][safi],
826 PEER_STATUS_ORF_PREFIX_SEND);
827 prefix_bgp_orf_entry(
828 s, filter->plist[FILTER_IN].plist,
829 ORF_COMMON_PART_ADD,
830 ORF_COMMON_PART_PERMIT,
831 ORF_COMMON_PART_DENY);
832 if (bgp_debug_neighbor_events(peer))
833 zlog_debug(
834 "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d",
835 peer->host, orf_type,
836 (when_to_refresh == REFRESH_DEFER
837 ? "defer"
838 : "immediate"),
839 pkt_afi, pkt_safi);
840 }
841
842 /* Total ORF Entry Len. */
843 orf_len = stream_get_endp(s) - orfp - 2;
844 stream_putw_at(s, orfp, orf_len);
845 }
846
847 /* Set packet size. */
848 (void)bgp_packet_set_size(s);
849
850 if (bgp_debug_neighbor_events(peer)) {
851 if (!orf_refresh)
852 zlog_debug("%s sending REFRESH_REQ for afi/safi: %d/%d",
853 peer->host, pkt_afi, pkt_safi);
854 }
855
856 /* Add packet to the peer. */
857 bgp_packet_add(peer, s);
424ab01d
QY		 858
859 bgp_writes_on(peer);
718e3744 860}
861
d3ecc69e
QY		 862/*
863 * Create a BGP Capability packet and append it to the peer's output queue.
864 *
865 * @param peer
866 * @param afi Address Family Identifier
867 * @param safi Subsequent Address Family Identifier
868 * @param capability_code BGP Capability Code
869 * @param action Set or Remove capability
870 */
d62a17ae 871void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
872 int capability_code, int action)
718e3744 873{
d62a17ae 874 struct stream *s;
875 iana_afi_t pkt_afi;
5c525538 876 iana_safi_t pkt_safi;
d62a17ae 877
878 /* Convert AFI, SAFI to values for packet. */
879 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
880
881 s = stream_new(BGP_MAX_PACKET_SIZE);
882
883 /* Make BGP update packet. */
884 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
885
886 /* Encode MP_EXT capability. */
887 if (capability_code == CAPABILITY_CODE_MP) {
888 stream_putc(s, action);
889 stream_putc(s, CAPABILITY_CODE_MP);
890 stream_putc(s, CAPABILITY_CODE_MP_LEN);
891 stream_putw(s, pkt_afi);
892 stream_putc(s, 0);
893 stream_putc(s, pkt_safi);
894
895 if (bgp_debug_neighbor_events(peer))
896 zlog_debug(
897 "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d",
898 peer->host,
899 action == CAPABILITY_ACTION_SET ? "Advertising"
900 : "Removing",
901 pkt_afi, pkt_safi);
902 }
903
904 /* Set packet size. */
905 (void)bgp_packet_set_size(s);
718e3744 906
d62a17ae 907 /* Add packet to the peer. */
908 bgp_packet_add(peer, s);
424ab01d
QY		 909
910 bgp_writes_on(peer);
d62a17ae 911}
718e3744 912
d62a17ae 913/* RFC1771 6.8 Connection collision detection. */
914static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
915{
916 struct peer *peer;
917
918 /* Upon receipt of an OPEN message, the local system must examine
919 all of its connections that are in the OpenConfirm state. A BGP
920 speaker may also examine connections in an OpenSent state if it
921 knows the BGP Identifier of the peer by means outside of the
922 protocol. If among these connections there is a connection to a
923 remote BGP speaker whose BGP Identifier equals the one in the
924 OPEN message, then the local system performs the following
925 collision resolution procedure: */
926
927 if ((peer = new->doppelganger) != NULL) {
928 /* Do not accept the new connection in Established or Clearing
929 * states.
930 * Note that a peer GR is handled by closing the existing
931 * connection
932 * upon receipt of new one.
933 */
934 if (peer->status == Established || peer->status == Clearing) {
935 bgp_notify_send(new, BGP_NOTIFY_CEASE,
936 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
937 return (-1);
938 } else if ((peer->status == OpenConfirm)
939 || (peer->status == OpenSent)) {
940 /* 1. The BGP Identifier of the local system is compared
941 to
942 the BGP Identifier of the remote system (as specified
943 in
944 the OPEN message). */
945
946 if (ntohl(peer->local_id.s_addr)
947 < ntohl(remote_id.s_addr))
948 if (!CHECK_FLAG(peer->sflags,
949 PEER_STATUS_ACCEPT_PEER)) {
950 /* 2. If the value of the local BGP
951 Identifier is less
952 than the remote one, the local system
953 closes BGP
954 connection that already exists (the
955 one that is
956 already in the OpenConfirm state),
957 and accepts BGP
958 connection initiated by the remote
959 system. */
960 bgp_notify_send(
961 peer, BGP_NOTIFY_CEASE,
962 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
963 return 1;
964 } else {
965 bgp_notify_send(
966 new, BGP_NOTIFY_CEASE,
967 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
968 return -1;
969 }
970 else {
971 /* 3. Otherwise, the local system closes newly
972 created
973 BGP connection (the one associated with the
974 newly
975 received OPEN message), and continues to use
976 the
977 existing one (the one that is already in the
978 OpenConfirm state). */
979 if (CHECK_FLAG(peer->sflags,
980 PEER_STATUS_ACCEPT_PEER)) {
981 bgp_notify_send(
982 peer, BGP_NOTIFY_CEASE,
983 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
984 return 1;
985 } else {
986 bgp_notify_send(
987 new, BGP_NOTIFY_CEASE,
988 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
989 return -1;
990 }
991 }
992 }
993 }
994 return 0;
995}
718e3744 996
d8151687
QY		 997/* Packet processing routines ---------------------------------------------- */
998/*
999 * This is a family of functions designed to be called from
1000 * bgp_process_packet(). These functions all share similar behavior and should
1001 * adhere to the following invariants and restrictions:
1002 *
1003 * Return codes
1004 * ------------
1005 * The return code of any one of those functions should be one of the FSM event
1006 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1007 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1008 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1009 * error and Receive_OPEN_message otherwise.
1010 *
1011 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1012 * defined below.
1013 *
1014 * Side effects
1015 * ------------
1016 * - May send NOTIFY messages
1017 * - May not modify peer->status
1018 * - May not call bgp_event_update()
1019 */
1020
1021#define BGP_PACKET_NOOP 0
1022
1023/**
1024 * Process BGP OPEN message for peer.
1025 *
1026 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1027 * and returns BGP_Stop.
1028 *
1029 * @param peer
1030 * @param size size of the packet
1031 * @return as in summary
1032 */
d62a17ae 1033static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1034{
1035 int ret;
1036 u_char version;
1037 u_char optlen;
1038 u_int16_t holdtime;
1039 u_int16_t send_holdtime;
1040 as_t remote_as;
1041 as_t as4 = 0;
1042 struct in_addr remote_id;
1043 int mp_capability;
1044 u_int8_t notify_data_remote_as[2];
1045 u_int8_t notify_data_remote_as4[4];
1046 u_int8_t notify_data_remote_id[4];
1047 u_int16_t *holdtime_ptr;
1048
1049 /* Parse open packet. */
424ab01d
QY		 1050 version = stream_getc(peer->curr);
1051 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1052 remote_as = stream_getw(peer->curr);
1053 holdtime_ptr = (u_int16_t *)stream_pnt(peer->curr);
1054 holdtime = stream_getw(peer->curr);
1055 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1056 remote_id.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1057
1058 /* Receive OPEN message log */
1059 if (bgp_debug_neighbor_events(peer))
1060 zlog_debug(
1061 "%s rcv OPEN, version %d, remote-as (in open) %u,"
1062 " holdtime %d, id %s",
1063 peer->host, version, remote_as, holdtime,
1064 inet_ntoa(remote_id));
1065
1066 /* BEGIN to read the capability here, but dont do it yet */
1067 mp_capability = 0;
424ab01d 1068 optlen = stream_getc(peer->curr);
d62a17ae 1069
1070 if (optlen != 0) {
1071 /* If not enough bytes, it is an error. */
424ab01d 1072 if (STREAM_READABLE(peer->curr) < optlen) {
d62a17ae 1073 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1074 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
d8151687 1075 return BGP_Stop;
d62a17ae 1076 }
718e3744 1077
d62a17ae 1078 /* We need the as4 capability value *right now* because
1079 * if it is there, we have not got the remote_as yet, and
1080 * without
1081 * that we do not know which peer is connecting to us now.
1082 */
1083 as4 = peek_for_as4_capability(peer, optlen);
1084 memcpy(notify_data_remote_as4, &as4, 4);
1085 }
718e3744 1086
d62a17ae 1087 /* Just in case we have a silly peer who sends AS4 capability set to 0
1088 */
1089 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
1090 zlog_err("%s bad OPEN, got AS4 capability, but AS4 set to 0",
1091 peer->host);
1092 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1093 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1094 notify_data_remote_as4, 4);
d8151687 1095 return BGP_Stop;
d62a17ae 1096 }
718e3744 1097
d62a17ae 1098 if (remote_as == BGP_AS_TRANS) {
1099 /* Take the AS4 from the capability. We must have received the
1100 * capability now! Otherwise we have a asn16 peer who uses
1101 * BGP_AS_TRANS, for some unknown reason.
1102 */
1103 if (as4 == BGP_AS_TRANS) {
1104 zlog_err(
1105 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1106 peer->host);
1107 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1108 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1109 notify_data_remote_as4, 4);
d8151687 1110 return BGP_Stop;
d62a17ae 1111 }
718e3744 1112
d62a17ae 1113 if (!as4 && BGP_DEBUG(as4, AS4))
1114 zlog_debug(
1115 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
1116 " Odd, but proceeding.",
1117 peer->host);
1118 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1119 zlog_debug(
1120 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
1121 "in 2-bytes, very odd peer.",
1122 peer->host, as4);
1123 if (as4)
1124 remote_as = as4;
1125 } else {
1126 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1127 */
1128 /* If we have got the capability, peer->as4cap must match
1129 * remote_as */
1130 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1131 && as4 != remote_as) {
1132 /* raise error, log this, close session */
1133 zlog_err(
1134 "%s bad OPEN, got AS4 capability, but remote_as %u"
1135 " mismatch with 16bit 'myasn' %u in open",
1136 peer->host, as4, remote_as);
1137 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1138 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1139 notify_data_remote_as4, 4);
d8151687 1140 return BGP_Stop;
d62a17ae 1141 }
1142 }
6b0655a2 1143
d62a17ae 1144 /* remote router-id check. */
1145 if (remote_id.s_addr == 0 || IPV4_CLASS_DE(ntohl(remote_id.s_addr))
1146 || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) {
1147 if (bgp_debug_neighbor_events(peer))
1148 zlog_debug("%s bad OPEN, wrong router identifier %s",
1149 peer->host, inet_ntoa(remote_id));
1150 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1151 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1152 notify_data_remote_id, 4);
d8151687 1153 return BGP_Stop;
d62a17ae 1154 }
1155
1156 /* Set remote router-id */
1157 peer->remote_id = remote_id;
1158
1159 /* Peer BGP version check. */
1160 if (version != BGP_VERSION_4) {
1161 u_int16_t maxver = htons(BGP_VERSION_4);
1162 /* XXX this reply may not be correct if version < 4 XXX */
1163 if (bgp_debug_neighbor_events(peer))
1164 zlog_debug(
1165 "%s bad protocol version, remote requested %d, local request %d",
1166 peer->host, version, BGP_VERSION_4);
1167 /* Data must be in network byte order here */
1168 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1169 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1170 (u_int8_t *)&maxver, 2);
d8151687 1171 return BGP_Stop;
d62a17ae 1172 }
1173
1174 /* Check neighbor as number. */
1175 if (peer->as_type == AS_UNSPECIFIED) {
1176 if (bgp_debug_neighbor_events(peer))
1177 zlog_debug(
1178 "%s bad OPEN, remote AS is unspecified currently",
1179 peer->host);
1180 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1181 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1182 notify_data_remote_as, 2);
d8151687 1183 return BGP_Stop;
d62a17ae 1184 } else if (peer->as_type == AS_INTERNAL) {
1185 if (remote_as != peer->bgp->as) {
1186 if (bgp_debug_neighbor_events(peer))
1187 zlog_debug(
1188 "%s bad OPEN, remote AS is %u, internal specified",
1189 peer->host, remote_as);
1190 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1191 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1192 notify_data_remote_as, 2);
d8151687 1193 return BGP_Stop;
1ff9a340 1194 }
d62a17ae 1195 peer->as = peer->local_as;
1196 } else if (peer->as_type == AS_EXTERNAL) {
1197 if (remote_as == peer->bgp->as) {
1198 if (bgp_debug_neighbor_events(peer))
1199 zlog_debug(
1200 "%s bad OPEN, remote AS is %u, external specified",
1201 peer->host, remote_as);
1202 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1203 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1204 notify_data_remote_as, 2);
d8151687 1205 return BGP_Stop;
1ff9a340 1206 }
d62a17ae 1207 peer->as = remote_as;
1208 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1209 if (bgp_debug_neighbor_events(peer))
1210 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1211 peer->host, remote_as, peer->as);
1212 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1213 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1214 notify_data_remote_as, 2);
d8151687 1215 return BGP_Stop;
eb821189 1216 }
718e3744 1217
d62a17ae 1218 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1219 calculate the value of the Hold Timer by using the smaller of its
1220 configured Hold Time and the Hold Time received in the OPEN message.
1221 The Hold Time MUST be either zero or at least three seconds. An
1222 implementation may reject connections on the basis of the Hold Time.
0b2aa3a0 1223 */
d62a17ae 1224
1225 if (holdtime < 3 && holdtime != 0) {
1226 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1227 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1228 (u_char *)holdtime_ptr, 2);
d8151687 1229 return BGP_Stop;
0b2aa3a0 1230 }
d62a17ae 1231
1232 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1233 would be one third of the Hold Time interval. KEEPALIVE messages
1234 MUST NOT be sent more frequently than one per second. An
1235 implementation MAY adjust the rate at which it sends KEEPALIVE
1236 messages as a function of the Hold Time interval. */
1237
d25e4efc 1238 if (PEER_OR_GROUP_TIMER_SET(peer))
d62a17ae 1239 send_holdtime = peer->holdtime;
1240 else
1241 send_holdtime = peer->bgp->default_holdtime;
1242
1243 if (holdtime < send_holdtime)
1244 peer->v_holdtime = holdtime;
1245 else
1246 peer->v_holdtime = send_holdtime;
1247
d25e4efc
DS		 1248 if ((PEER_OR_GROUP_TIMER_SET(peer))
1249 && (peer->keepalive < peer->v_holdtime / 3))
d62a17ae 1250 peer->v_keepalive = peer->keepalive;
1251 else
1252 peer->v_keepalive = peer->v_holdtime / 3;
1253
1254 /* Open option part parse. */
1255 if (optlen != 0) {
1256 if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability))
1257 < 0)
d8151687 1258 return BGP_Stop;
d62a17ae 1259 } else {
1260 if (bgp_debug_neighbor_events(peer))
1261 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1262 peer->host);
0299c004 1263 }
d62a17ae 1264
1265 /*
1266 * Assume that the peer supports the locally configured set of
1267 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1268 * capabilities, or if 'override-capability' is configured.
1269 */
1270 if (!mp_capability
1271 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1272 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1273 peer->afc[AFI_IP][SAFI_UNICAST];
1274 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1275 peer->afc[AFI_IP][SAFI_MULTICAST];
1276 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1277 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1278 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1279 peer->afc[AFI_IP6][SAFI_UNICAST];
1280 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1281 peer->afc[AFI_IP6][SAFI_MULTICAST];
1282 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1283 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1284 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1285 peer->afc[AFI_L2VPN][SAFI_EVPN];
0299c004 1286 }
d62a17ae 1287
1288 /* When collision is detected and this peer is closed. Retrun
1289 immidiately. */
1290 ret = bgp_collision_detect(peer, remote_id);
1291 if (ret < 0)
d8151687 1292 return BGP_Stop;
d62a17ae 1293
1294 /* Get sockname. */
1295 if ((ret = bgp_getsockname(peer)) < 0) {
1296 zlog_err("%s: bgp_getsockname() failed for peer: %s",
1297 __FUNCTION__, peer->host);
d8151687 1298 return BGP_Stop;
d62a17ae 1299 }
1300
1301 /* Verify valid local address present based on negotiated
1302 * address-families. */
1303 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
e5f22b30 1304 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
d62a17ae 1305 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1306 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1307 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
1308 if (!peer->nexthop.v4.s_addr) {
1309#if defined(HAVE_CUMULUS)
1310 zlog_err(
1311 "%s: No local IPv4 addr resetting connection, fd %d",
1312 peer->host, peer->fd);
1313 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1314 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 1315 return BGP_Stop;
1d808091 1316#endif
d62a17ae 1317 }
1318 }
1319 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
e5f22b30 1320 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
d62a17ae 1321 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1322 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1323 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1324 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1325#if defined(HAVE_CUMULUS)
1326 zlog_err(
1327 "%s: No local IPv6 addr resetting connection, fd %d",
1328 peer->host, peer->fd);
1329 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1330 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 1331 return BGP_Stop;
1d808091 1332#endif
d62a17ae 1333 }
1334 }
1335 peer->rtt = sockopt_tcp_rtt(peer->fd);
1336
d8151687 1337 return Receive_OPEN_message;
718e3744 1338}
1339
d8151687
QY		 1340/**
1341 * Process BGP KEEPALIVE message for peer.
1342 *
1343 * @param peer
1344 * @param size size of the packet
1345 * @return as in summary
1346 */
1347static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
f188f2c4 1348{
d8151687
QY		 1349 if (bgp_debug_keepalive(peer))
1350 zlog_debug("%s KEEPALIVE rcvd", peer->host);
d62a17ae 1351
d8151687 1352 bgp_update_implicit_eors(peer);
d62a17ae 1353
d8151687 1354 return Receive_KEEPALIVE_message;
f188f2c4
DS		 1355}
1356
d62a17ae 1357
d8151687
QY		 1358/**
1359 * Process BGP UPDATE message for peer.
1360 *
1361 * Parses UPDATE and creates attribute object.
1362 *
1363 * @param peer
1364 * @param size size of the packet
1365 * @return as in summary
7ef5a232 1366 */
d62a17ae 1367static int bgp_update_receive(struct peer *peer, bgp_size_t size)
718e3744 1368{
d62a17ae 1369 int ret, nlri_ret;
1370 u_char *end;
1371 struct stream *s;
1372 struct attr attr;
1373 bgp_size_t attribute_len;
1374 bgp_size_t update_len;
1375 bgp_size_t withdraw_len;
1376
1377 enum NLRI_TYPES {
1378 NLRI_UPDATE,
1379 NLRI_WITHDRAW,
1380 NLRI_MP_UPDATE,
1381 NLRI_MP_WITHDRAW,
1382 NLRI_TYPE_MAX
1383 };
1384 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1385
1386 /* Status must be Established. */
1387 if (peer->status != Established) {
1388 zlog_err("%s [FSM] Update packet received under status %s",
1389 peer->host,
1390 lookup_msg(bgp_status_msg, peer->status, NULL));
1391 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
d8151687 1392 return BGP_Stop;
d62a17ae 1393 }
1394
1395 /* Set initial values. */
1396 memset(&attr, 0, sizeof(struct attr));
1397 attr.label_index = BGP_INVALID_LABEL_INDEX;
1398 attr.label = MPLS_INVALID_LABEL;
1399 memset(&nlris, 0, sizeof(nlris));
1400 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1401 peer->rcvd_attr_printed = 0;
1402
424ab01d 1403 s = peer->curr;
d62a17ae 1404 end = stream_pnt(s) + size;
1405
1406 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1407 Length is too large (i.e., if Unfeasible Routes Length + Total
1408 Attribute Length + 23 exceeds the message Length), then the Error
1409 Subcode is set to Malformed Attribute List. */
1410 if (stream_pnt(s) + 2 > end) {
1411 zlog_err(
1412 "%s [Error] Update packet error"
1413 " (packet length is short for unfeasible length)",
1414 peer->host);
1415 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1416 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1417 return BGP_Stop;
d62a17ae 1418 }
1419
1420 /* Unfeasible Route Length. */
1421 withdraw_len = stream_getw(s);
1422
1423 /* Unfeasible Route Length check. */
1424 if (stream_pnt(s) + withdraw_len > end) {
1425 zlog_err(
1426 "%s [Error] Update packet error"
1427 " (packet unfeasible length overflow %d)",
1428 peer->host, withdraw_len);
1429 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1430 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1431 return BGP_Stop;
d62a17ae 1432 }
1433
1434 /* Unfeasible Route packet format check. */
1435 if (withdraw_len > 0) {
1436 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1437 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1438 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1439 nlris[NLRI_WITHDRAW].length = withdraw_len;
1440 stream_forward_getp(s, withdraw_len);
1441 }
1442
1443 /* Attribute total length check. */
1444 if (stream_pnt(s) + 2 > end) {
1445 zlog_warn(
1446 "%s [Error] Packet Error"
1447 " (update packet is short for attribute length)",
1448 peer->host);
1449 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1450 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1451 return BGP_Stop;
d62a17ae 1452 }
1453
1454 /* Fetch attribute total length. */
1455 attribute_len = stream_getw(s);
1456
1457 /* Attribute length check. */
1458 if (stream_pnt(s) + attribute_len > end) {
1459 zlog_warn(
1460 "%s [Error] Packet Error"
1461 " (update packet attribute length overflow %d)",
1462 peer->host, attribute_len);
1463 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1464 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1465 return BGP_Stop;
d62a17ae 1466 }
1467
1468 /* Certain attribute parsing errors should not be considered bad enough
1469 * to reset the session for, most particularly any partial/optional
1470 * attributes that have 'tunneled' over speakers that don't understand
1471 * them. Instead we withdraw only the prefix concerned.
1472 *
1473 * Complicates the flow a little though..
1474 */
1475 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1476/* This define morphs the update case into a withdraw when lower levels
1477 * have signalled an error condition where this is best.
1478 */
b881c707 1479#define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
718e3744 1480
d62a17ae 1481 /* Parse attribute when it exists. */
1482 if (attribute_len) {
1483 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1484 &nlris[NLRI_MP_UPDATE],
1485 &nlris[NLRI_MP_WITHDRAW]);
1486 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1487 bgp_attr_unintern_sub(&attr);
d8151687 1488 return BGP_Stop;
d62a17ae 1489 }
1490 }
1491
1492 /* Logging the attribute. */
1493 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1494 || BGP_DEBUG(update, UPDATE_IN)
1495 || BGP_DEBUG(update, UPDATE_PREFIX)) {
1496 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ);
1497
1498 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1499 zlog_err(
1500 "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1501 peer->host);
1502
1503 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
1504 zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host,
1505 peer->rcvd_attr_str);
1506 peer->rcvd_attr_printed = 1;
1507 }
1508 }
1509
1510 /* Network Layer Reachability Information. */
1511 update_len = end - stream_pnt(s);
1512
1513 if (update_len) {
1514 /* Set NLRI portion to structure. */
1515 nlris[NLRI_UPDATE].afi = AFI_IP;
1516 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1517 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1518 nlris[NLRI_UPDATE].length = update_len;
1519 stream_forward_getp(s, update_len);
1520 }
1521
1522 if (BGP_DEBUG(update, UPDATE_IN))
1523 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1524 peer->host, withdraw_len, attribute_len, update_len);
1525
1526 /* Parse any given NLRIs */
1527 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
1528 if (!nlris[i].nlri)
1529 continue;
1530
1531 /* NLRI is processed iff the peer if configured for the specific
1532 * afi/safi */
1533 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
1534 zlog_info(
1535 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1536 peer->host, nlris[i].afi, nlris[i].safi);
1537 continue;
1538 }
1539
1540 /* EoR handled later */
1541 if (nlris[i].length == 0)
1542 continue;
1543
1544 switch (i) {
1545 case NLRI_UPDATE:
1546 case NLRI_MP_UPDATE:
1547 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
1548 &nlris[i], 0);
1549 break;
1550 case NLRI_WITHDRAW:
1551 case NLRI_MP_WITHDRAW:
1552 nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1);
1553 break;
1554 default:
1555 nlri_ret = -1;
1556 }
1557
1558 if (nlri_ret < 0) {
1559 zlog_err("%s [Error] Error parsing NLRI", peer->host);
1560 if (peer->status == Established)
1561 bgp_notify_send(
1562 peer, BGP_NOTIFY_UPDATE_ERR,
1563 i <= NLRI_WITHDRAW
1564 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1565 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1566 bgp_attr_unintern_sub(&attr);
d8151687 1567 return BGP_Stop;
d62a17ae 1568 }
1569 }
1570
1571 /* EoR checks
1572 *
1573 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1574 * and MP EoR should have only an empty MP_UNREACH
1575 */
996c9314
LB		 1576 if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
1577 || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
d62a17ae 1578 afi_t afi = 0;
1579 safi_t safi;
1580
1581 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1582 * checked
1583 * update and withdraw NLRI lengths are 0.
1584 */
1585 if (!attribute_len) {
1586 afi = AFI_IP;
1587 safi = SAFI_UNICAST;
1588 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
1589 && nlris[NLRI_MP_WITHDRAW].length == 0) {
1590 afi = nlris[NLRI_MP_WITHDRAW].afi;
1591 safi = nlris[NLRI_MP_WITHDRAW].safi;
9b9df989
DS		 1592 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
1593 afi = nlris[NLRI_MP_UPDATE].afi;
1594 safi = nlris[NLRI_MP_UPDATE].safi;
d62a17ae 1595 }
1596
1597 if (afi && peer->afc[afi][safi]) {
1598 /* End-of-RIB received */
1599 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
1600 PEER_STATUS_EOR_RECEIVED)) {
1601 SET_FLAG(peer->af_sflags[afi][safi],
1602 PEER_STATUS_EOR_RECEIVED);
1603 bgp_update_explicit_eors(peer);
1604 }
1605
1606 /* NSF delete stale route */
1607 if (peer->nsf[afi][safi])
1608 bgp_clear_stale_route(peer, afi, safi);
1609
1610 if (bgp_debug_neighbor_events(peer)) {
1611 zlog_debug("rcvd End-of-RIB for %s from %s",
1612 afi_safi_print(afi, safi),
1613 peer->host);
1614 }
1615 }
f80f838b 1616 }
d62a17ae 1617
1618 /* Everything is done. We unintern temporary structures which
1619 interned in bgp_attr_parse(). */
1620 bgp_attr_unintern_sub(&attr);
1621
d62a17ae 1622 peer->update_time = bgp_clock();
1623
1624 /* Rearm holdtime timer */
1625 BGP_TIMER_OFF(peer->t_holdtime);
1626 bgp_timer_set(peer);
1627
d8151687 1628 return Receive_UPDATE_message;
718e3744 1629}
1630
d8151687
QY		 1631/**
1632 * Process BGP NOTIFY message for peer.
1633 *
1634 * @param peer
1635 * @param size size of the packet
1636 * @return as in summary
1637 */
1638static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
718e3744 1639{
d62a17ae 1640 struct bgp_notify bgp_notify;
1641
1642 if (peer->notify.data) {
1643 XFREE(MTYPE_TMP, peer->notify.data);
1644 peer->notify.data = NULL;
1645 peer->notify.length = 0;
1646 }
1647
424ab01d
QY		 1648 bgp_notify.code = stream_getc(peer->curr);
1649 bgp_notify.subcode = stream_getc(peer->curr);
d62a17ae 1650 bgp_notify.length = size - 2;
1651 bgp_notify.data = NULL;
1652
1653 /* Preserv notify code and sub code. */
1654 peer->notify.code = bgp_notify.code;
1655 peer->notify.subcode = bgp_notify.subcode;
1656 /* For further diagnostic record returned Data. */
1657 if (bgp_notify.length) {
1658 peer->notify.length = size - 2;
1659 peer->notify.data = XMALLOC(MTYPE_TMP, size - 2);
424ab01d 1660 memcpy(peer->notify.data, stream_pnt(peer->curr), size - 2);
d62a17ae 1661 }
1662
1663 /* For debug */
1664 {
1665 int i;
1666 int first = 0;
1667 char c[4];
1668
1669 if (bgp_notify.length) {
1670 bgp_notify.data =
1671 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
1672 for (i = 0; i < bgp_notify.length; i++)
1673 if (first) {
1674 sprintf(c, " %02x",
424ab01d 1675 stream_getc(peer->curr));
d62a17ae 1676 strcat(bgp_notify.data, c);
1677 } else {
1678 first = 1;
1679 sprintf(c, "%02x",
424ab01d 1680 stream_getc(peer->curr));
d62a17ae 1681 strcpy(bgp_notify.data, c);
1682 }
1683 bgp_notify.raw_data = (u_char *)peer->notify.data;
1684 }
1685
1686 bgp_notify_print(peer, &bgp_notify, "received");
1687 if (bgp_notify.data) {
1688 XFREE(MTYPE_TMP, bgp_notify.data);
1689 bgp_notify.data = NULL;
1690 bgp_notify.length = 0;
1691 }
1692 }
1693
1694 /* peer count update */
0112e9e0 1695 atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
d62a17ae 1696
1697 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1698
1699 /* We have to check for Notify with Unsupported Optional Parameter.
1700 in that case we fallback to open without the capability option.
1701 But this done in bgp_stop. We just mark it here to avoid changing
1702 the fsm tables. */
1703 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR
1704 && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
1705 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1706
d8151687 1707 return Receive_NOTIFICATION_message;
718e3744 1708}
1709
d8151687
QY		 1710/**
1711 * Process BGP ROUTEREFRESH message for peer.
1712 *
1713 * @param peer
1714 * @param size size of the packet
1715 * @return as in summary
1716 */
1717static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
718e3744 1718{
d62a17ae 1719 iana_afi_t pkt_afi;
1720 afi_t afi;
5c525538
RW		 1721 iana_safi_t pkt_safi;
1722 safi_t safi;
d62a17ae 1723 struct stream *s;
1724 struct peer_af *paf;
1725 struct update_group *updgrp;
1726 struct peer *updgrp_peer;
1727
1728 /* If peer does not have the capability, send notification. */
1729 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
1730 zlog_err("%s [Error] BGP route refresh is not enabled",
1731 peer->host);
1732 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
1733 BGP_NOTIFY_HEADER_BAD_MESTYPE);
d8151687 1734 return BGP_Stop;
d62a17ae 1735 }
1736
1737 /* Status must be Established. */
1738 if (peer->status != Established) {
1739 zlog_err(
1740 "%s [Error] Route refresh packet received under status %s",
1741 peer->host,
1742 lookup_msg(bgp_status_msg, peer->status, NULL));
1743 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
d8151687 1744 return BGP_Stop;
d62a17ae 1745 }
1746
424ab01d 1747 s = peer->curr;
d62a17ae 1748
1749 /* Parse packet. */
1750 pkt_afi = stream_getw(s);
1751 (void)stream_getc(s);
1752 pkt_safi = stream_getc(s);
1753
1754 if (bgp_debug_update(peer, NULL, NULL, 0))
1755 zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %d/%d",
1756 peer->host, pkt_afi, pkt_safi);
1757
1758 /* Convert AFI, SAFI to internal values and check. */
1759 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1760 zlog_info(
1761 "%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored",
1762 peer->host, pkt_afi, pkt_safi);
d8151687 1763 return BGP_PACKET_NOOP;
d62a17ae 1764 }
1765
1766 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
1767 u_char *end;
1768 u_char when_to_refresh;
1769 u_char orf_type;
1770 u_int16_t orf_len;
1771
1772 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1773 < 5) {
1774 zlog_info("%s ORF route refresh length error",
1775 peer->host);
1776 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
d8151687 1777 return BGP_Stop;
718e3744 1778 }
1779
d62a17ae 1780 when_to_refresh = stream_getc(s);
1781 end = stream_pnt(s) + (size - 5);
1782
1783 while ((stream_pnt(s) + 2) < end) {
1784 orf_type = stream_getc(s);
1785 orf_len = stream_getw(s);
1786
1787 /* orf_len in bounds? */
1788 if ((stream_pnt(s) + orf_len) > end)
1789 break; /* XXX: Notify instead?? */
1790 if (orf_type == ORF_TYPE_PREFIX
1791 || orf_type == ORF_TYPE_PREFIX_OLD) {
1792 uint8_t *p_pnt = stream_pnt(s);
1793 uint8_t *p_end = stream_pnt(s) + orf_len;
1794 struct orf_prefix orfp;
1795 u_char common = 0;
1796 u_int32_t seq;
1797 int psize;
1798 char name[BUFSIZ];
1799 int ret = CMD_SUCCESS;
1800
1801 if (bgp_debug_neighbor_events(peer)) {
1802 zlog_debug(
1803 "%s rcvd Prefixlist ORF(%d) length %d",
1804 peer->host, orf_type, orf_len);
1805 }
1806
1807 /* we're going to read at least 1 byte of common
1808 * ORF header,
1809 * and 7 bytes of ORF Address-filter entry from
1810 * the stream
1811 */
1812 if (orf_len < 7)
1813 break;
1814
1815 /* ORF prefix-list name */
1816 sprintf(name, "%s.%d.%d", peer->host, afi,
1817 safi);
1818
1819 while (p_pnt < p_end) {
1820 /* If the ORF entry is malformed, want
1821 * to read as much of it
1822 * as possible without going beyond the
1823 * bounds of the entry,
1824 * to maximise debug information.
1825 */
1826 int ok;
1827 memset(&orfp, 0,
1828 sizeof(struct orf_prefix));
1829 common = *p_pnt++;
1830 /* after ++: p_pnt <= p_end */
1831 if (common
1832 & ORF_COMMON_PART_REMOVE_ALL) {
1833 if (bgp_debug_neighbor_events(
1834 peer))
1835 zlog_debug(
1836 "%s rcvd Remove-All pfxlist ORF request",
1837 peer->host);
1838 prefix_bgp_orf_remove_all(afi,
1839 name);
1840 break;
1841 }
1842 ok = ((u_int32_t)(p_end - p_pnt)
1843 >= sizeof(u_int32_t));
1844 if (ok) {
1845 memcpy(&seq, p_pnt,
1846 sizeof(u_int32_t));
1847 p_pnt += sizeof(u_int32_t);
1848 orfp.seq = ntohl(seq);
1849 } else
1850 p_pnt = p_end;
1851
1852 if ((ok = (p_pnt < p_end)))
1853 orfp.ge =
1854 *p_pnt++; /* value
1855 checked in
1856 prefix_bgp_orf_set()
1857 */
1858 if ((ok = (p_pnt < p_end)))
1859 orfp.le =
1860 *p_pnt++; /* value
1861 checked in
1862 prefix_bgp_orf_set()
1863 */
1864 if ((ok = (p_pnt < p_end)))
1865 orfp.p.prefixlen = *p_pnt++;
1866 orfp.p.family = afi2family(
1867 afi); /* afi checked already */
1868
1869 psize = PSIZE(
1870 orfp.p.prefixlen); /* 0 if not
1871 ok */
1872 if (psize
1873 > prefix_blen(
1874 &orfp.p)) /* valid for
1875 family ? */
1876 {
1877 ok = 0;
1878 psize = prefix_blen(&orfp.p);
1879 }
1880 if (psize
1881 > (p_end - p_pnt)) /* valid for
1882 packet ? */
1883 {
1884 ok = 0;
1885 psize = p_end - p_pnt;
1886 }
1887
1888 if (psize > 0)
1889 memcpy(&orfp.p.u.prefix, p_pnt,
1890 psize);
1891 p_pnt += psize;
1892
1893 if (bgp_debug_neighbor_events(peer)) {
1894 char buf[INET6_BUFSIZ];
1895
1896 zlog_debug(
1897 "%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
1898 peer->host,
1899 (common & ORF_COMMON_PART_REMOVE
1900 ? "Remove"
1901 : "Add"),
1902 (common & ORF_COMMON_PART_DENY
1903 ? "deny"
1904 : "permit"),
1905 orfp.seq,
1906 inet_ntop(
1907 orfp.p.family,
1908 &orfp.p.u.prefix,
1909 buf,
1910 INET6_BUFSIZ),
1911 orfp.p.prefixlen,
1912 orfp.ge, orfp.le,
1913 ok ? "" : " MALFORMED");
1914 }
1915
1916 if (ok)
1917 ret = prefix_bgp_orf_set(
1918 name, afi, &orfp,
1919 (common & ORF_COMMON_PART_DENY
1920 ? 0
1921 : 1),
1922 (common & ORF_COMMON_PART_REMOVE
1923 ? 0
1924 : 1));
1925
1926 if (!ok || (ok && ret != CMD_SUCCESS)) {
1927 zlog_info(
1928 "%s Received misformatted prefixlist ORF."
1929 " Remove All pfxlist",
1930 peer->host);
1931 prefix_bgp_orf_remove_all(afi,
1932 name);
1933 break;
1934 }
1935 }
1936
1937 peer->orf_plist[afi][safi] =
1938 prefix_bgp_orf_lookup(afi, name);
1939 }
1940 stream_forward_getp(s, orf_len);
718e3744 1941 }
d62a17ae 1942 if (bgp_debug_neighbor_events(peer))
1943 zlog_debug("%s rcvd Refresh %s ORF request", peer->host,
1944 when_to_refresh == REFRESH_DEFER
1945 ? "Defer"
1946 : "Immediate");
1947 if (when_to_refresh == REFRESH_DEFER)
d8151687 1948 return BGP_PACKET_NOOP;
d62a17ae 1949 }
40d2700d 1950
d62a17ae 1951 /* First update is deferred until ORF or ROUTE-REFRESH is received */
1952 if (CHECK_FLAG(peer->af_sflags[afi][safi],
1953 PEER_STATUS_ORF_WAIT_REFRESH))
1954 UNSET_FLAG(peer->af_sflags[afi][safi],
1955 PEER_STATUS_ORF_WAIT_REFRESH);
1956
1957 paf = peer_af_find(peer, afi, safi);
1958 if (paf && paf->subgroup) {
1959 if (peer->orf_plist[afi][safi]) {
1960 updgrp = PAF_UPDGRP(paf);
1961 updgrp_peer = UPDGRP_PEER(updgrp);
1962 updgrp_peer->orf_plist[afi][safi] =
1963 peer->orf_plist[afi][safi];
1964 }
1965
1966 /* If the peer is configured for default-originate clear the
1967 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
1968 * re-advertise the
1969 * default
1970 */
1971 if (CHECK_FLAG(paf->subgroup->sflags,
1972 SUBGRP_STATUS_DEFAULT_ORIGINATE))
1973 UNSET_FLAG(paf->subgroup->sflags,
1974 SUBGRP_STATUS_DEFAULT_ORIGINATE);
718e3744 1975 }
d62a17ae 1976
1977 /* Perform route refreshment to the peer */
1978 bgp_announce_route(peer, afi, safi);
d8151687
QY		 1979
1980 /* No FSM action necessary */
1981 return BGP_PACKET_NOOP;
718e3744 1982}
1983
d8151687
QY		 1984/**
1985 * Parse BGP CAPABILITY message for peer.
1986 *
1987 * @param peer
1988 * @param size size of the packet
1989 * @return as in summary
1990 */
d62a17ae 1991static int bgp_capability_msg_parse(struct peer *peer, u_char *pnt,
1992 bgp_size_t length)
718e3744 1993{
d62a17ae 1994 u_char *end;
1995 struct capability_mp_data mpc;
1996 struct capability_header *hdr;
1997 u_char action;
1998 iana_afi_t pkt_afi;
1999 afi_t afi;
5c525538
RW		 2000 iana_safi_t pkt_safi;
2001 safi_t safi;
d62a17ae 2002
2003 end = pnt + length;
2004
2005 while (pnt < end) {
2006 /* We need at least action, capability code and capability
2007 * length. */
2008 if (pnt + 3 > end) {
2009 zlog_info("%s Capability length error", peer->host);
2010 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
d8151687 2011 return BGP_Stop;
d62a17ae 2012 }
2013 action = *pnt;
2014 hdr = (struct capability_header *)(pnt + 1);
2015
2016 /* Action value check. */
2017 if (action != CAPABILITY_ACTION_SET
2018 && action != CAPABILITY_ACTION_UNSET) {
2019 zlog_info("%s Capability Action Value error %d",
2020 peer->host, action);
2021 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
d8151687 2022 return BGP_Stop;
d62a17ae 2023 }
2024
2025 if (bgp_debug_neighbor_events(peer))
2026 zlog_debug(
2027 "%s CAPABILITY has action: %d, code: %u, length %u",
2028 peer->host, action, hdr->code, hdr->length);
2029
2030 /* Capability length check. */
2031 if ((pnt + hdr->length + 3) > end) {
2032 zlog_info("%s Capability length error", peer->host);
2033 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
d8151687 2034 return BGP_Stop;
d62a17ae 2035 }
2036
2037 /* Fetch structure to the byte stream. */
2038 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
d2b6417b 2039 pnt += hdr->length + 3;
d62a17ae 2040
2041 /* We know MP Capability Code. */
2042 if (hdr->code == CAPABILITY_CODE_MP) {
2043 pkt_afi = ntohs(mpc.afi);
2044 pkt_safi = mpc.safi;
2045
2046 /* Ignore capability when override-capability is set. */
2047 if (CHECK_FLAG(peer->flags,
2048 PEER_FLAG_OVERRIDE_CAPABILITY))
2049 continue;
2050
2051 /* Convert AFI, SAFI to internal values. */
2052 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2053 &safi)) {
2054 if (bgp_debug_neighbor_events(peer))
2055 zlog_debug(
2056 "%s Dynamic Capability MP_EXT afi/safi invalid "
2057 "(%u/%u)",
2058 peer->host, pkt_afi, pkt_safi);
2059 continue;
2060 }
2061
2062 /* Address family check. */
2063 if (bgp_debug_neighbor_events(peer))
2064 zlog_debug(
2065 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2066 peer->host,
2067 action == CAPABILITY_ACTION_SET
2068 ? "Advertising"
2069 : "Removing",
2070 pkt_afi, pkt_safi);
2071
2072 if (action == CAPABILITY_ACTION_SET) {
2073 peer->afc_recv[afi][safi] = 1;
2074 if (peer->afc[afi][safi]) {
2075 peer->afc_nego[afi][safi] = 1;
2076 bgp_announce_route(peer, afi, safi);
2077 }
2078 } else {
2079 peer->afc_recv[afi][safi] = 0;
2080 peer->afc_nego[afi][safi] = 0;
2081
2082 if (peer_active_nego(peer))
2083 bgp_clear_route(peer, afi, safi);
2084 else
d8151687 2085 return BGP_Stop;
d62a17ae 2086 }
2087 } else {
2088 zlog_warn(
2089 "%s unrecognized capability code: %d - ignored",
2090 peer->host, hdr->code);
2091 }
d62a17ae 2092 }
d8151687
QY		 2093
2094 /* No FSM action necessary */
2095 return BGP_PACKET_NOOP;
718e3744 2096}
2097
d8151687
QY		 2098/**
2099 * Parse BGP CAPABILITY message for peer.
01b7ce2d 2100 *
d8151687
QY		 2101 * Exported for unit testing.
2102 *
2103 * @param peer
2104 * @param size size of the packet
2105 * @return as in summary
01b7ce2d 2106 */
d62a17ae 2107int bgp_capability_receive(struct peer *peer, bgp_size_t size)
718e3744 2108{
d62a17ae 2109 u_char *pnt;
2110
2111 /* Fetch pointer. */
424ab01d 2112 pnt = stream_pnt(peer->curr);
d62a17ae 2113
2114 if (bgp_debug_neighbor_events(peer))
2115 zlog_debug("%s rcv CAPABILITY", peer->host);
2116
2117 /* If peer does not have the capability, send notification. */
2118 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
2119 zlog_err("%s [Error] BGP dynamic capability is not enabled",
2120 peer->host);
2121 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2122 BGP_NOTIFY_HEADER_BAD_MESTYPE);
d8151687 2123 return BGP_Stop;
d62a17ae 2124 }
2125
2126 /* Status must be Established. */
2127 if (peer->status != Established) {
2128 zlog_err(
2129 "%s [Error] Dynamic capability packet received under status %s",
2130 peer->host,
2131 lookup_msg(bgp_status_msg, peer->status, NULL));
2132 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
d8151687 2133 return BGP_Stop;
d62a17ae 2134 }
2135
2136 /* Parse packet. */
2137 return bgp_capability_msg_parse(peer, pnt, size);
718e3744 2138}
6b0655a2 2139
d8151687
QY		 2140/**
2141 * Processes a peer's input buffer.
2142 *
2143 * This function sidesteps the event loop and directly calls bgp_event_update()
2144 * after processing each BGP message. This is necessary to ensure proper
2145 * ordering of FSM events and unifies the behavior that was present previously,
2146 * whereby some of the packet handling functions would update the FSM and some
2147 * would not, making event flow difficult to understand. Please think twice
2148 * before hacking this.
2149 *
2150 * Thread type: THREAD_EVENT
2151 * @param thread
2152 * @return 0
2153 */
424ab01d 2154int bgp_process_packet(struct thread *thread)
718e3744 2155{
424ab01d 2156 /* Yes first of all get peer pointer. */
d8151687
QY		 2157 struct peer *peer; // peer
2158 uint32_t rpkt_quanta_old; // how many packets to read
2159 int fsm_update_result; // return code of bgp_event_update()
2160 int mprc; // message processing return code
555e09d4 2161
424ab01d 2162 peer = THREAD_ARG(thread);
555e09d4
QY		 2163 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2164 memory_order_relaxed);
e3c7270d 2165 fsm_update_result = 0;
555e09d4 2166
424ab01d 2167 /* Guard against scheduled events that occur after peer deletion. */
9eb217ff 2168 if (peer->status == Deleted || peer->status == Clearing)
d62a17ae 2169 return 0;
718e3744 2170
555e09d4 2171 unsigned int processed = 0;
d62a17ae 2172
555e09d4 2173 while (processed < rpkt_quanta_old) {
9eb217ff
QY		 2174 u_char type = 0;
2175 bgp_size_t size;
2176 char notify_data_length[2];
d62a17ae 2177
9eb217ff
QY		 2178 pthread_mutex_lock(&peer->io_mtx);
2179 {
2180 peer->curr = stream_fifo_pop(peer->ibuf);
2181 }
2182 pthread_mutex_unlock(&peer->io_mtx);
d62a17ae 2183
9eb217ff
QY		 2184 if (peer->curr == NULL) // no packets to process, hmm...
2185 return 0;
d62a17ae 2186
9eb217ff
QY		 2187 /* skip the marker and copy the packet length */
2188 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2189 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2190
2191 /* read in the packet length and type */
2192 size = stream_getw(peer->curr);
2193 type = stream_getc(peer->curr);
2194
2195 /* BGP packet dump function. */
2196 bgp_dump_packet(peer, type, peer->curr);
2197
2198 /* adjust size to exclude the marker + length + type */
2199 size -= BGP_HEADER_SIZE;
2200
2201 /* Read rest of the packet and call each sort of packet routine
2202 */
2203 switch (type) {
2204 case BGP_MSG_OPEN:
0112e9e0
QY		 2205 atomic_fetch_add_explicit(&peer->open_in, 1,
2206 memory_order_relaxed);
d8151687
QY		 2207 mprc = bgp_open_receive(peer, size);
2208 if (mprc == BGP_Stop)
2209 zlog_err(
2210 "%s: BGP OPEN receipt failed for peer: %s",
2211 __FUNCTION__, peer->host);
9eb217ff
QY		 2212 break;
2213 case BGP_MSG_UPDATE:
0112e9e0
QY		 2214 atomic_fetch_add_explicit(&peer->update_in, 1,
2215 memory_order_relaxed);
9eb217ff 2216 peer->readtime = monotime(NULL);
d8151687
QY		 2217 mprc = bgp_update_receive(peer, size);
2218 if (mprc == BGP_Stop)
2219 zlog_err(
2220 "%s: BGP UPDATE receipt failed for peer: %s",
2221 __FUNCTION__, peer->host);
9eb217ff
QY		 2222 break;
2223 case BGP_MSG_NOTIFY:
0112e9e0
QY		 2224 atomic_fetch_add_explicit(&peer->notify_in, 1,
2225 memory_order_relaxed);
d8151687
QY		 2226 mprc = bgp_notify_receive(peer, size);
2227 if (mprc == BGP_Stop)
2228 zlog_err(
2229 "%s: BGP NOTIFY receipt failed for peer: %s",
2230 __FUNCTION__, peer->host);
9eb217ff
QY		 2231 break;
2232 case BGP_MSG_KEEPALIVE:
2233 peer->readtime = monotime(NULL);
0112e9e0
QY		 2234 atomic_fetch_add_explicit(&peer->keepalive_in, 1,
2235 memory_order_relaxed);
d8151687
QY		 2236 mprc = bgp_keepalive_receive(peer, size);
2237 if (mprc == BGP_Stop)
2238 zlog_err(
2239 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2240 __FUNCTION__, peer->host);
9eb217ff
QY		 2241 break;
2242 case BGP_MSG_ROUTE_REFRESH_NEW:
2243 case BGP_MSG_ROUTE_REFRESH_OLD:
0112e9e0
QY		 2244 atomic_fetch_add_explicit(&peer->refresh_in, 1,
2245 memory_order_relaxed);
d8151687
QY		 2246 mprc = bgp_route_refresh_receive(peer, size);
2247 if (mprc == BGP_Stop)
2248 zlog_err(
2249 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2250 __FUNCTION__, peer->host);
9eb217ff
QY		 2251 break;
2252 case BGP_MSG_CAPABILITY:
0112e9e0
QY		 2253 atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
2254 memory_order_relaxed);
d8151687
QY		 2255 mprc = bgp_capability_receive(peer, size);
2256 if (mprc == BGP_Stop)
2257 zlog_err(
2258 "%s: BGP CAPABILITY receipt failed for peer: %s",
2259 __FUNCTION__, peer->host);
9eb217ff 2260 break;
e3c7270d 2261 default:
becedef6
QY		 2262 /*
2263 * The message type should have been sanitized before
2264 * we ever got here. Receipt of a message with an
2265 * invalid header at this point is indicative of a
2266 * security issue.
2267 */
e3c7270d 2268 assert (!"Message of invalid type received during input processing");
9eb217ff
QY		 2269 }
2270
d8151687
QY		 2271 /* delete processed packet */
2272 stream_free(peer->curr);
2273 peer->curr = NULL;
2274 processed++;
9eb217ff 2275
d8151687
QY		 2276 /* Update FSM */
2277 if (mprc != BGP_PACKET_NOOP)
2278 fsm_update_result = bgp_event_update(peer, mprc);
e3c7270d
QY		 2279 else
2280 continue;
d8151687 2281
becedef6
QY		 2282 /*
2283 * If peer was deleted, do not process any more packets. This
2284 * is usually due to executing BGP_Stop or a stub deletion.
2285 */
d8151687
QY		 2286 if (fsm_update_result == FSM_PEER_TRANSFERRED
2287 || fsm_update_result == FSM_PEER_STOPPED)
2288 break;
d62a17ae 2289 }
2290
d8151687
QY		 2291 if (fsm_update_result != FSM_PEER_TRANSFERRED
2292 && fsm_update_result != FSM_PEER_STOPPED) {
2293 pthread_mutex_lock(&peer->io_mtx);
2294 {
becedef6
QY		 2295 // more work to do, come back later
2296 if (peer->ibuf->count > 0)
4af76660
QY		 2297 thread_add_timer_msec(
2298 bm->master, bgp_process_packet, peer, 0,
2299 &peer->t_process_packet);
d8151687
QY		 2300 }
2301 pthread_mutex_unlock(&peer->io_mtx);
718e3744 2302 }
2303
d62a17ae 2304 return 0;
718e3744 2305}
FRRouting mirror