]> git.proxmox.com Git - mirror_frr.git/blame - bgpd/bgp_packet.c
projects / mirror_frr.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
*: Properly use memset() when zeroing
[mirror_frr.git] / bgpd / bgp_packet.c
CommitLineData
718e3744 1/* BGP packet management routine.
56257a44
QY		 2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
896014f4
DL		 4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
718e3744 22
23#include <zebra.h>
d3ecc69e 24#include <sys/time.h>
718e3744 25
26#include "thread.h"
27#include "stream.h"
28#include "network.h"
29#include "prefix.h"
30#include "command.h"
31#include "log.h"
32#include "memory.h"
d62a17ae 33#include "sockunion.h" /* for inet_ntop () */
baa376fc 34#include "sockopt.h"
718e3744 35#include "linklist.h"
36#include "plist.h"
3f9c7369 37#include "queue.h"
039f3a34 38#include "filter.h"
02705213 39#include "lib_errors.h"
718e3744 40
41#include "bgpd/bgpd.h"
42#include "bgpd/bgp_table.h"
43#include "bgpd/bgp_dump.h"
6c29258c 44#include "bgpd/bgp_bmp.h"
718e3744 45#include "bgpd/bgp_attr.h"
46#include "bgpd/bgp_debug.h"
14454c9f 47#include "bgpd/bgp_errors.h"
718e3744 48#include "bgpd/bgp_fsm.h"
49#include "bgpd/bgp_route.h"
50#include "bgpd/bgp_packet.h"
51#include "bgpd/bgp_open.h"
52#include "bgpd/bgp_aspath.h"
53#include "bgpd/bgp_community.h"
54#include "bgpd/bgp_ecommunity.h"
57d187bc 55#include "bgpd/bgp_lcommunity.h"
718e3744 56#include "bgpd/bgp_network.h"
57#include "bgpd/bgp_mplsvpn.h"
7ef5a232 58#include "bgpd/bgp_evpn.h"
718e3744 59#include "bgpd/bgp_advertise.h"
93406d87 60#include "bgpd/bgp_vty.h"
3f9c7369 61#include "bgpd/bgp_updgrp.h"
cd1964ff 62#include "bgpd/bgp_label.h"
56257a44 63#include "bgpd/bgp_io.h"
934af458 64#include "bgpd/bgp_keepalives.h"
7c40bf39 65#include "bgpd/bgp_flowspec.h"
d9a03c57 66#include "bgpd/bgp_trace.h"
718e3744 67
584470fb
DL		 68DEFINE_HOOK(bgp_packet_dump,
69 (struct peer *peer, uint8_t type, bgp_size_t size,
70 struct stream *s),
8451921b 71 (peer, type, size, s));
584470fb 72
6fd04594
DL		 73DEFINE_HOOK(bgp_packet_send,
74 (struct peer *peer, uint8_t type, bgp_size_t size,
75 struct stream *s),
8451921b 76 (peer, type, size, s));
6fd04594 77
d8151687
QY		 78/**
79 * Sets marker and type fields for a BGP message.
80 *
81 * @param s the stream containing the packet
82 * @param type the packet type
83 * @return the size of the stream
84 */
d7c0a89a 85int bgp_packet_set_marker(struct stream *s, uint8_t type)
718e3744 86{
d62a17ae 87 int i;
718e3744 88
d62a17ae 89 /* Fill in marker. */
90 for (i = 0; i < BGP_MARKER_SIZE; i++)
91 stream_putc(s, 0xff);
718e3744 92
d62a17ae 93 /* Dummy total length. This field is should be filled in later on. */
94 stream_putw(s, 0);
718e3744 95
d62a17ae 96 /* BGP packet type. */
97 stream_putc(s, type);
718e3744 98
d62a17ae 99 /* Return current stream size. */
100 return stream_get_endp(s);
718e3744 101}
102
d8151687
QY		 103/**
104 * Sets size field for a BGP message.
105 *
106 * Size field is set to the size of the stream passed.
107 *
108 * @param s the stream containing the packet
d8151687 109 */
65baedca 110void bgp_packet_set_size(struct stream *s)
718e3744 111{
d62a17ae 112 int cp;
718e3744 113
d62a17ae 114 /* Preserve current pointer. */
115 cp = stream_get_endp(s);
116 stream_putw_at(s, BGP_MARKER_SIZE, cp);
718e3744 117}
118
d3ecc69e
QY		 119/*
120 * Push a packet onto the beginning of the peer's output queue.
121 * This function acquires the peer's write mutex before proceeding.
122 */
123static void bgp_packet_add(struct peer *peer, struct stream *s)
124{
00dffa8c
DL		 125 frr_with_mutex(&peer->io_mtx) {
126 stream_fifo_push(peer->obuf, s);
127 }
718e3744 128}
129
d62a17ae 130static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
131 safi_t safi)
93406d87 132{
d62a17ae 133 struct stream *s;
617975d1
DS		 134 iana_afi_t pkt_afi = IANA_AFI_IPV4;
135 iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
d62a17ae 136
137 if (DISABLE_BGP_ANNOUNCE)
138 return NULL;
139
140 if (bgp_debug_neighbor_events(peer))
141 zlog_debug("send End-of-RIB for %s to %s",
5cb5f4d0 142 get_afi_safi_str(afi, safi, false), peer->host);
d62a17ae 143
ef56aee4 144 s = stream_new(peer->max_packet_size);
d62a17ae 145
146 /* Make BGP update packet. */
147 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
148
149 /* Unfeasible Routes Length */
150 stream_putw(s, 0);
151
152 if (afi == AFI_IP && safi == SAFI_UNICAST) {
153 /* Total Path Attribute Length */
154 stream_putw(s, 0);
155 } else {
156 /* Convert AFI, SAFI to values for packet. */
157 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
158
159 /* Total Path Attribute Length */
160 stream_putw(s, 6);
161 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
162 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
163 stream_putc(s, 3);
164 stream_putw(s, pkt_afi);
165 stream_putc(s, pkt_safi);
166 }
167
168 bgp_packet_set_size(s);
d62a17ae 169 return s;
718e3744 170}
171
d8151687
QY		 172/* Called when there is a change in the EOR(implicit or explicit) status of a
173 * peer. Ends the update-delay if all expected peers are done with EORs. */
174void bgp_check_update_delay(struct bgp *bgp)
175{
176 struct listnode *node, *nnode;
177 struct peer *peer = NULL;
178
179 if (bgp_debug_neighbor_events(peer))
180 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
181 bgp->established, bgp->restarted_peers,
182 bgp->implicit_eors, bgp->explicit_eors);
183
184 if (bgp->established
185 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
becedef6
QY		 186 /*
187 * This is an extra sanity check to make sure we wait for all
188 * the eligible configured peers. This check is performed if
189 * establish wait timer is on, or establish wait option is not
190 * given with the update-delay command
191 */
d8151687
QY		 192 if (bgp->t_establish_wait
193 || (bgp->v_establish_wait == bgp->v_update_delay))
194 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
195 if (CHECK_FLAG(peer->flags,
196 PEER_FLAG_CONFIG_NODE)
197 && !CHECK_FLAG(peer->flags,
198 PEER_FLAG_SHUTDOWN)
cb9196e7
DS		 199 && !CHECK_FLAG(peer->bgp->flags,
200 BGP_FLAG_SHUTDOWN)
d8151687
QY		 201 && !peer->update_delay_over) {
202 if (bgp_debug_neighbor_events(peer))
203 zlog_debug(
204 " Peer %s pending, continuing read-only mode",
205 peer->host);
206 return;
207 }
208 }
209
210 zlog_info(
211 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
212 bgp->restarted_peers, bgp->implicit_eors,
213 bgp->explicit_eors);
214 bgp_update_delay_end(bgp);
215 }
216}
217
becedef6
QY		 218/*
219 * Called if peer is known to have restarted. The restart-state bit in
220 * Graceful-Restart capability is used for that
221 */
d8151687
QY		 222void bgp_update_restarted_peers(struct peer *peer)
223{
224 if (!bgp_update_delay_active(peer->bgp))
225 return; /* BGP update delay has ended */
226 if (peer->update_delay_over)
227 return; /* This peer has already been considered */
228
229 if (bgp_debug_neighbor_events(peer))
230 zlog_debug("Peer %s: Checking restarted", peer->host);
231
feb17238 232 if (peer_established(peer)) {
d8151687
QY		 233 peer->update_delay_over = 1;
234 peer->bgp->restarted_peers++;
235 bgp_check_update_delay(peer->bgp);
236 }
237}
238
becedef6
QY		 239/*
240 * Called as peer receives a keep-alive. Determines if this occurence can be
241 * taken as an implicit EOR for this peer.
242 * NOTE: The very first keep-alive after the Established state of a peer is
243 * considered implicit EOR for the update-delay purposes
244 */
d8151687
QY		 245void bgp_update_implicit_eors(struct peer *peer)
246{
247 if (!bgp_update_delay_active(peer->bgp))
248 return; /* BGP update delay has ended */
249 if (peer->update_delay_over)
250 return; /* This peer has already been considered */
251
252 if (bgp_debug_neighbor_events(peer))
253 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
254
feb17238 255 if (peer_established(peer)) {
d8151687
QY		 256 peer->update_delay_over = 1;
257 peer->bgp->implicit_eors++;
258 bgp_check_update_delay(peer->bgp);
259 }
260}
261
becedef6
QY		 262/*
263 * Should be called only when there is a change in the EOR_RECEIVED status
264 * for any afi/safi on a peer.
265 */
d8151687
QY		 266static void bgp_update_explicit_eors(struct peer *peer)
267{
268 afi_t afi;
269 safi_t safi;
270
271 if (!bgp_update_delay_active(peer->bgp))
272 return; /* BGP update delay has ended */
273 if (peer->update_delay_over)
274 return; /* This peer has already been considered */
275
276 if (bgp_debug_neighbor_events(peer))
277 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
278
f18ba3cd
DS		 279 FOREACH_AFI_SAFI (afi, safi) {
280 if (peer->afc_nego[afi][safi]
281 && !CHECK_FLAG(peer->af_sflags[afi][safi],
282 PEER_STATUS_EOR_RECEIVED)) {
283 if (bgp_debug_neighbor_events(peer))
284 zlog_debug(
285 " afi %d safi %d didn't receive EOR",
286 afi, safi);
287 return;
d8151687 288 }
f18ba3cd 289 }
d8151687
QY		 290
291 peer->update_delay_over = 1;
292 peer->bgp->explicit_eors++;
293 bgp_check_update_delay(peer->bgp);
294}
295
296/**
297 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
298 *
299 * mp_withdraw, if set, is used to nullify attr structure on most of the
300 * calling safi function and for evpn, passed as parameter
301 */
302int bgp_nlri_parse(struct peer *peer, struct attr *attr,
303 struct bgp_nlri *packet, int mp_withdraw)
304{
305 switch (packet->safi) {
306 case SAFI_UNICAST:
307 case SAFI_MULTICAST:
308 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
309 packet);
310 case SAFI_LABELED_UNICAST:
311 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
312 packet);
313 case SAFI_MPLS_VPN:
314 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
315 packet);
316 case SAFI_EVPN:
317 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
7c40bf39 318 case SAFI_FLOWSPEC:
319 return bgp_nlri_parse_flowspec(peer, attr, packet, mp_withdraw);
d8151687 320 }
513386b5 321 return BGP_NLRI_PARSE_ERROR;
d8151687
QY		 322}
323
6ec98a2f
QY		 324/*
325 * Checks a variety of conditions to determine whether the peer needs to be
326 * rescheduled for packet generation again, and does so if necessary.
327 *
328 * @param peer to check for rescheduling
329 */
af1e1dc6
QY		 330static void bgp_write_proceed_actions(struct peer *peer)
331{
332 afi_t afi;
333 safi_t safi;
334 struct peer_af *paf;
335 struct bpacket *next_pkt;
336 struct update_subgroup *subgrp;
0e5cdd59 337 enum bgp_af_index index;
af1e1dc6 338
0e5cdd59
DS		 339 for (index = BGP_AF_START; index < BGP_AF_MAX; index++) {
340 paf = peer->peer_af_array[index];
c58b0f46
QY		 341 if (!paf)
342 continue;
0e5cdd59 343
c58b0f46
QY		 344 subgrp = paf->subgroup;
345 if (!subgrp)
346 continue;
347
348 next_pkt = paf->next_pkt_to_send;
349 if (next_pkt && next_pkt->buffer) {
350 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
351 bgp_generate_updgrp_packets, 0);
352 return;
353 }
af1e1dc6 354
c58b0f46
QY		 355 /* No packets readily available for AFI/SAFI, are there
356 * subgroup packets
357 * that need to be generated? */
358 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
359 SUBGRP_PKTQ(subgrp))
360 || subgroup_packets_to_build(subgrp)) {
361 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
362 bgp_generate_updgrp_packets, 0);
363 return;
364 }
af1e1dc6 365
0e5cdd59
DS		 366 afi = paf->afi;
367 safi = paf->safi;
368
c58b0f46
QY		 369 /* No packets to send, see if EOR is pending */
370 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
371 if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
372 && peer->synctime
373 && !CHECK_FLAG(peer->af_sflags[afi][safi],
374 PEER_STATUS_EOR_SEND)
375 && safi != SAFI_MPLS_VPN) {
af1e1dc6
QY		 376 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
377 bgp_generate_updgrp_packets, 0);
378 return;
379 }
af1e1dc6 380 }
c58b0f46 381 }
af1e1dc6
QY		 382}
383
6ec98a2f
QY		 384/*
385 * Generate advertisement information (withdraws, updates, EOR) from each
386 * update group a peer belongs to, encode this information into packets, and
387 * enqueue the packets onto the peer's output buffer.
56257a44 388 */
cc9f21da 389void bgp_generate_updgrp_packets(struct thread *thread)
718e3744 390{
56257a44 391 struct peer *peer = THREAD_ARG(thread);
56257a44
QY		 392
393 struct stream *s;
d62a17ae 394 struct peer_af *paf;
395 struct bpacket *next_pkt;
d0ad6d8e
QY		 396 uint32_t wpq;
397 uint32_t generated = 0;
d62a17ae 398 afi_t afi;
399 safi_t safi;
400
d0ad6d8e
QY		 401 wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
402 memory_order_relaxed);
403
d62a17ae 404 /*
405 * The code beyond this part deals with update packets, proceed only
406 * if peer is Established and updates are not on hold (as part of
f4d2dd84 407 * update-delay processing).
3f9c7369 408 */
feb17238 409 if (!peer_established(peer))
cc9f21da 410 return;
d62a17ae 411
f4d2dd84
DS		 412 if ((peer->bgp->main_peers_update_hold)
413 || bgp_update_delay_active(peer->bgp))
cc9f21da 414 return;
d62a17ae 415
b10b6d52 416 if (peer->t_routeadv)
cc9f21da 417 return;
b10b6d52 418
56257a44 419 do {
0e5cdd59
DS		 420 enum bgp_af_index index;
421
56257a44 422 s = NULL;
0e5cdd59
DS		 423 for (index = BGP_AF_START; index < BGP_AF_MAX; index++) {
424 paf = peer->peer_af_array[index];
c58b0f46
QY		 425 if (!paf || !PAF_SUBGRP(paf))
426 continue;
0e5cdd59
DS		 427
428 afi = paf->afi;
429 safi = paf->safi;
c58b0f46 430 next_pkt = paf->next_pkt_to_send;
80bd61c4 431
c58b0f46
QY		 432 /*
433 * Try to generate a packet for the peer if we are at
434 * the end of the list. Always try to push out
435 * WITHDRAWs first.
436 */
437 if (!next_pkt || !next_pkt->buffer) {
438 next_pkt = subgroup_withdraw_packet(
439 PAF_SUBGRP(paf));
440 if (!next_pkt || !next_pkt->buffer)
441 subgroup_update_packet(PAF_SUBGRP(paf));
442 next_pkt = paf->next_pkt_to_send;
443 }
80bd61c4 444
c58b0f46
QY		 445 /*
446 * If we still don't have a packet to send to the peer,
447 * then try to find out out if we have to send eor or
448 * if not, skip to the next AFI, SAFI. Don't send the
449 * EOR prematurely; if the subgroup's coalesce timer is
450 * running, the adjacency-out structure is not created
451 * yet.
452 */
453 if (!next_pkt || !next_pkt->buffer) {
9af52ccf
DA		 454 if (!paf->t_announce_route) {
455 /* Make sure we supress BGP UPDATES
456 * for normal processing later again.
457 */
2adac256
DA		 458 UNSET_FLAG(paf->subgroup->sflags,
459 SUBGRP_STATUS_FORCE_UPDATES);
460
9af52ccf
DA		 461 /* If route-refresh BoRR message was
462 * already sent and we are done with
463 * re-announcing tables for a decent
464 * afi/safi, we ready to send
465 * EoRR request.
466 */
467 if (CHECK_FLAG(
468 peer->af_sflags[afi][safi],
469 PEER_STATUS_BORR_SEND)) {
470 bgp_route_refresh_send(
471 peer, afi, safi, 0, 0,
472 0,
473 BGP_ROUTE_REFRESH_EORR);
474
475 SET_FLAG(peer->af_sflags[afi]
476 [safi],
477 PEER_STATUS_EORR_SEND);
478 UNSET_FLAG(
479 peer->af_sflags[afi]
480 [safi],
481 PEER_STATUS_BORR_SEND);
482
483 if (bgp_debug_neighbor_events(
484 peer))
485 zlog_debug(
f70c91dc
DA		 486 "%pBP sending route-refresh (EoRR) for %s/%s",
487 peer,
9af52ccf
DA		 488 afi2str(afi),
489 safi2str(safi));
490 }
491 }
492
c58b0f46 493 if (CHECK_FLAG(peer->cap,
36235319 494 PEER_CAP_RESTART_RCV)) {
c58b0f46 495 if (!(PAF_SUBGRP(paf))->t_coalesce
36235319
QY		 496 && peer->afc_nego[afi][safi]
497 && peer->synctime
498 && !CHECK_FLAG(
499 peer->af_sflags[afi][safi],
500 PEER_STATUS_EOR_SEND)) {
d6e3c15b 501 /* If EOR is disabled,
502 * the message is not sent
503 */
36235319
QY		 504 if (BGP_SEND_EOR(peer->bgp, afi,
505 safi)) {
d6e3c15b 506 SET_FLAG(
36235319
QY		 507 peer->af_sflags
508 [afi]
509 [safi],
510 PEER_STATUS_EOR_SEND);
d6e3c15b 511
9e3b51a7 512 /* Update EOR
513 * send time
514 */
36235319
QY		 515 peer->eor_stime[afi]
516 [safi] =
517 monotime(NULL);
9e3b51a7 518
d6e3c15b 519 BGP_UPDATE_EOR_PKT(
36235319
QY		 520 peer, afi, safi,
521 s);
56257a44 522 }
80bd61c4 523 }
d62a17ae 524 }
c58b0f46
QY		 525 continue;
526 }
9e3b51a7 527
528 /* Update packet send time */
529 peer->pkt_stime[afi][safi] = monotime(NULL);
530
c58b0f46
QY		 531 /* Found a packet template to send, overwrite
532 * packet with appropriate attributes from peer
533 * and advance peer */
534 s = bpacket_reformat_for_peer(next_pkt, paf);
535 bgp_packet_add(peer, s);
c58b0f46
QY		 536 bpacket_queue_advance_peer(paf);
537 }
d0ad6d8e 538 } while (s && (++generated < wpq));
80bd61c4 539
6ec98a2f
QY		 540 if (generated)
541 bgp_writes_on(peer);
542
af1e1dc6 543 bgp_write_proceed_actions(peer);
80bd61c4
QY		 544}
545
d3ecc69e
QY		 546/*
547 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
548 */
d62a17ae 549void bgp_keepalive_send(struct peer *peer)
718e3744 550{
d62a17ae 551 struct stream *s;
552
556beacf 553 s = stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE);
718e3744 554
d62a17ae 555 /* Make keepalive packet. */
556 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
718e3744 557
d62a17ae 558 /* Set packet size. */
65baedca 559 bgp_packet_set_size(s);
718e3744 560
d62a17ae 561 /* Dump packet if debug option is set. */
562 /* bgp_packet_dump (s); */
718e3744 563
d62a17ae 564 if (bgp_debug_keepalive(peer))
565 zlog_debug("%s sending KEEPALIVE", peer->host);
718e3744 566
d62a17ae 567 /* Add packet to the peer. */
568 bgp_packet_add(peer, s);
424ab01d
QY		 569
570 bgp_writes_on(peer);
718e3744 571}
572
d3ecc69e
QY		 573/*
574 * Creates a BGP Open packet and appends it to the peer's output queue.
575 * Sets capabilities as necessary.
576 */
d62a17ae 577void bgp_open_send(struct peer *peer)
718e3744 578{
d62a17ae 579 struct stream *s;
d7c0a89a 580 uint16_t send_holdtime;
d62a17ae 581 as_t local_as;
718e3744 582
b90a8e13 583 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
d62a17ae 584 send_holdtime = peer->holdtime;
585 else
586 send_holdtime = peer->bgp->default_holdtime;
718e3744 587
d62a17ae 588 /* local-as Change */
589 if (peer->change_local_as)
590 local_as = peer->change_local_as;
591 else
592 local_as = peer->local_as;
718e3744 593
556beacf 594 s = stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE);
718e3744 595
d62a17ae 596 /* Make open packet. */
597 bgp_packet_set_marker(s, BGP_MSG_OPEN);
718e3744 598
d62a17ae 599 /* Set open packet values. */
600 stream_putc(s, BGP_VERSION_4); /* BGP version */
d7c0a89a
QY		 601 stream_putw(s, (local_as <= BGP_AS_MAX) ? (uint16_t)local_as
602 : BGP_AS_TRANS);
d62a17ae 603 stream_putw(s, send_holdtime); /* Hold Time */
604 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
718e3744 605
d08c0c80
DA		 606 /* Set capabilities */
607 if (CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
608 (void)bgp_open_capability(s, peer, true);
609 } else {
610 struct stream *tmp = stream_new(STREAM_SIZE(s));
611
612 stream_copy(tmp, s);
613 if (bgp_open_capability(tmp, peer, false)
614 > BGP_OPEN_NON_EXT_OPT_LEN) {
615 stream_free(tmp);
616 (void)bgp_open_capability(s, peer, true);
617 } else {
618 stream_copy(s, tmp);
619 stream_free(tmp);
620 }
621 }
718e3744 622
d62a17ae 623 /* Set BGP packet length. */
65baedca 624 bgp_packet_set_size(s);
718e3744 625
d62a17ae 626 if (bgp_debug_neighbor_events(peer))
627 zlog_debug(
23d0a753 628 "%s sending OPEN, version %d, my as %u, holdtime %d, id %pI4",
d62a17ae 629 peer->host, BGP_VERSION_4, local_as, send_holdtime,
23d0a753 630 &peer->local_id);
718e3744 631
d62a17ae 632 /* Dump packet if debug option is set. */
633 /* bgp_packet_dump (s); */
6fd04594 634 hook_call(bgp_packet_send, peer, BGP_MSG_OPEN, stream_get_endp(s), s);
718e3744 635
d62a17ae 636 /* Add packet to the peer. */
637 bgp_packet_add(peer, s);
424ab01d
QY		 638
639 bgp_writes_on(peer);
640}
641
a127f33b
QY		 642/*
643 * Writes NOTIFICATION message directly to a peer socket without waiting for
644 * the I/O thread.
645 *
646 * There must be exactly one stream on the peer->obuf FIFO, and the data within
647 * this stream must match the format of a BGP NOTIFICATION message.
648 * Transmission is best-effort.
649 *
650 * @requires peer->io_mtx
651 * @param peer
652 * @return 0
653 */
3dc339cd 654static void bgp_write_notify(struct peer *peer)
424ab01d
QY		 655{
656 int ret, val;
d7c0a89a 657 uint8_t type;
424ab01d
QY		 658 struct stream *s;
659
a127f33b
QY		 660 /* There should be at least one packet. */
661 s = stream_fifo_pop(peer->obuf);
424ab01d 662
8ec586b0 663 if (!s)
3dc339cd 664 return;
8ec586b0
QY		 665
666 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
667
becedef6
QY		 668 /*
669 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
670 * we only care about getting a clean shutdown at this point.
671 */
424ab01d
QY		 672 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
673
becedef6
QY		 674 /*
675 * only connection reset/close gets counted as TCP_fatal_error, failure
676 * to write the entire NOTIFY doesn't get different FSM treatment
677 */
424ab01d 678 if (ret <= 0) {
3735936b 679 stream_free(s);
424ab01d 680 BGP_EVENT_ADD(peer, TCP_fatal_error);
3dc339cd 681 return;
424ab01d
QY		 682 }
683
684 /* Disable Nagle, make NOTIFY packet go out right away */
685 val = 1;
686 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
687 sizeof(val));
688
689 /* Retrieve BGP packet type. */
690 stream_set_getp(s, BGP_MARKER_SIZE + 2);
691 type = stream_getc(s);
692
693 assert(type == BGP_MSG_NOTIFY);
694
695 /* Type should be notify. */
0112e9e0 696 atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
424ab01d
QY		 697 peer->notify_out++;
698
699 /* Double start timer. */
700 peer->v_start *= 2;
701
702 /* Overflow check. */
703 if (peer->v_start >= (60 * 2))
704 peer->v_start = (60 * 2);
705
becedef6
QY		 706 /*
707 * Handle Graceful Restart case where the state changes to
708 * Connect instead of Idle
709 */
424ab01d
QY		 710 BGP_EVENT_ADD(peer, BGP_Stop);
711
3735936b 712 stream_free(s);
718e3744 713}
714
eea685b6
DA		 715/*
716 * Encapsulate an original BGP CEASE Notification into Hard Reset
717 */
718static uint8_t *bgp_notify_encapsulate_hard_reset(uint8_t code, uint8_t subcode,
719 uint8_t *data, size_t datalen)
720{
721 uint8_t *message = XCALLOC(MTYPE_BGP_NOTIFICATION, datalen + 2);
722
723 /* ErrCode */
724 message[0] = code;
725 /* Subcode */
726 message[1] = subcode;
727 /* Data */
728 if (datalen)
729 memcpy(message + 2, data, datalen);
730
731 return message;
732}
733
734/*
735 * Decapsulate an original BGP CEASE Notification from Hard Reset
736 */
737struct bgp_notify bgp_notify_decapsulate_hard_reset(struct bgp_notify *notify)
738{
739 struct bgp_notify bn = {};
740
741 bn.code = notify->raw_data[0];
742 bn.subcode = notify->raw_data[1];
743 bn.length = notify->length - 2;
744
745 bn.raw_data = XCALLOC(MTYPE_BGP_NOTIFICATION, bn.length);
746 memcpy(bn.raw_data, notify->raw_data + 2, bn.length);
747
748 return bn;
749}
750
751/*
752 * Check if to send BGP CEASE Notification/Hard Reset?
753 */
1ae314be
DA		 754bool bgp_notify_send_hard_reset(struct peer *peer, uint8_t code,
755 uint8_t subcode)
eea685b6
DA		 756{
757 /* When the "N" bit has been exchanged, a Hard Reset message is used to
758 * indicate to the peer that the session is to be fully terminated.
759 */
760 if (!CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV) ||
761 !CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_ADV))
762 return false;
763
764 /*
765 * https://datatracker.ietf.org/doc/html/rfc8538#section-5.1
766 */
1ae314be 767 if (code == BGP_NOTIFY_CEASE) {
eea685b6
DA		 768 switch (subcode) {
769 case BGP_NOTIFY_CEASE_MAX_PREFIX:
770 case BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN:
771 case BGP_NOTIFY_CEASE_PEER_UNCONFIG:
772 case BGP_NOTIFY_CEASE_HARD_RESET:
773 return true;
1ae314be
DA		 774 case BGP_NOTIFY_CEASE_ADMIN_RESET:
775 /* Provide user control:
776 * `bgp hard-adminstrative-reset`
777 */
778 if (CHECK_FLAG(peer->bgp->flags,
779 BGP_FLAG_HARD_ADMIN_RESET))
780 return true;
781 else
782 return false;
eea685b6
DA		 783 default:
784 break;
785 }
786 }
787
788 return false;
789}
790
1ae314be
DA		 791/*
792 * Check if received BGP CEASE Notification/Hard Reset?
793 */
794bool bgp_notify_received_hard_reset(struct peer *peer, uint8_t code,
795 uint8_t subcode)
796{
797 /* When the "N" bit has been exchanged, a Hard Reset message is used to
798 * indicate to the peer that the session is to be fully terminated.
799 */
800 if (!CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV) ||
801 !CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_ADV))
802 return false;
803
804 if (code == BGP_NOTIFY_CEASE && subcode == BGP_NOTIFY_CEASE_HARD_RESET)
805 return true;
806
807 return false;
808}
809
d3ecc69e
QY		 810/*
811 * Creates a BGP Notify and appends it to the peer's output queue.
812 *
becedef6
QY		 813 * This function attempts to write the packet from the thread it is called
814 * from, to ensure the packet gets out ASAP.
d3ecc69e 815 *
a127f33b
QY		 816 * This function may be called from multiple threads. Since the function
817 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
818 * call to prevent tampering from other threads.
819 *
820 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
821 * return, the peer structure *must* be reset; no assumptions about session
822 * state are valid.
823 *
d3ecc69e
QY		 824 * @param peer
825 * @param code BGP error code
826 * @param sub_code BGP error subcode
827 * @param data Data portion
828 * @param datalen length of data portion
829 */
d7c0a89a
QY		 830void bgp_notify_send_with_data(struct peer *peer, uint8_t code,
831 uint8_t sub_code, uint8_t *data, size_t datalen)
718e3744 832{
d62a17ae 833 struct stream *s;
1ae314be 834 bool hard_reset = bgp_notify_send_hard_reset(peer, code, sub_code);
d62a17ae 835
a127f33b 836 /* Lock I/O mutex to prevent other threads from pushing packets */
00dffa8c 837 frr_mutex_lock_autounlock(&peer->io_mtx);
a127f33b
QY		 838 /* ============================================== */
839
d62a17ae 840 /* Allocate new stream. */
ef56aee4 841 s = stream_new(peer->max_packet_size);
d62a17ae 842
d3ecc69e 843 /* Make notify packet. */
d62a17ae 844 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
845
eea685b6
DA		 846 /* Check if we should send Hard Reset Notification or not */
847 if (hard_reset) {
848 uint8_t *hard_reset_message = bgp_notify_encapsulate_hard_reset(
849 code, sub_code, data, datalen);
d62a17ae 850
eea685b6
DA		 851 /* Hard Reset encapsulates another NOTIFICATION message
852 * in its data portion.
853 */
854 stream_putc(s, BGP_NOTIFY_CEASE);
855 stream_putc(s, BGP_NOTIFY_CEASE_HARD_RESET);
856 stream_write(s, hard_reset_message, datalen + 2);
857
858 XFREE(MTYPE_BGP_NOTIFICATION, hard_reset_message);
859 } else {
860 stream_putc(s, code);
861 stream_putc(s, sub_code);
862 if (data)
863 stream_write(s, data, datalen);
864 }
d62a17ae 865
866 /* Set BGP packet length. */
bd6b2706 867 bgp_packet_set_size(s);
d62a17ae 868
424ab01d 869 /* wipe output buffer */
a127f33b 870 stream_fifo_clean(peer->obuf);
d62a17ae 871
becedef6
QY		 872 /*
873 * If possible, store last packet for debugging purposes. This check is
874 * in place because we are sometimes called with a doppelganger peer,
875 * who tends to have a plethora of fields nulled out.
876 */
1a1f4534 877 if (peer->curr) {
d8151687 878 size_t packetsize = stream_get_endp(peer->curr);
556beacf 879 assert(packetsize <= peer->max_packet_size);
d8151687
QY		 880 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
881 peer->last_reset_cause_size = packetsize;
882 }
883
d62a17ae 884 /* For debug */
885 {
886 struct bgp_notify bgp_notify;
887 int first = 0;
888 int i;
889 char c[4];
890
891 bgp_notify.code = code;
892 bgp_notify.subcode = sub_code;
893 bgp_notify.data = NULL;
e0981960 894 bgp_notify.length = datalen;
d62a17ae 895 bgp_notify.raw_data = data;
896
897 peer->notify.code = bgp_notify.code;
898 peer->notify.subcode = bgp_notify.subcode;
899
e0981960 900 if (bgp_notify.length && data) {
d62a17ae 901 bgp_notify.data =
902 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
903 for (i = 0; i < bgp_notify.length; i++)
904 if (first) {
552d6491
QY		 905 snprintf(c, sizeof(c), " %02x",
906 data[i]);
f009ff26 907
552d6491 908 strlcat(bgp_notify.data, c,
2ba1fe69 909 bgp_notify.length);
f009ff26 910
d62a17ae 911 } else {
912 first = 1;
552d6491 913 snprintf(c, sizeof(c), "%02x", data[i]);
f009ff26 914
552d6491 915 strlcpy(bgp_notify.data, c,
2ba1fe69 916 bgp_notify.length);
d62a17ae 917 }
918 }
eea685b6 919 bgp_notify_print(peer, &bgp_notify, "sending", hard_reset);
d62a17ae 920
921 if (bgp_notify.data) {
922 XFREE(MTYPE_TMP, bgp_notify.data);
d62a17ae 923 bgp_notify.length = 0;
924 }
925 }
926
927 /* peer reset cause */
928 if (code == BGP_NOTIFY_CEASE) {
929 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
930 peer->last_reset = PEER_DOWN_USER_RESET;
931 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
932 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
933 else
934 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
935 } else
936 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
937
d3ecc69e 938 /* Add packet to peer's output queue */
a127f33b 939 stream_fifo_push(peer->obuf, s);
424ab01d 940
5cce3f05 941 bgp_peer_gr_flags_update(peer);
36235319
QY		 942 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
943 peer->bgp->peer);
5cce3f05 944
424ab01d 945 bgp_write_notify(peer);
718e3744 946}
947
d3ecc69e
QY		 948/*
949 * Creates a BGP Notify and appends it to the peer's output queue.
950 *
becedef6
QY		 951 * This function attempts to write the packet from the thread it is called
952 * from, to ensure the packet gets out ASAP.
d3ecc69e
QY		 953 *
954 * @param peer
955 * @param code BGP error code
956 * @param sub_code BGP error subcode
957 */
d7c0a89a 958void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code)
718e3744 959{
d62a17ae 960 bgp_notify_send_with_data(peer, code, sub_code, NULL, 0);
718e3744 961}
962
d3ecc69e
QY		 963/*
964 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
965 *
966 * @param peer
967 * @param afi Address Family Identifier
968 * @param safi Subsequent Address Family Identifier
969 * @param orf_type Outbound Route Filtering type
970 * @param when_to_refresh Whether to refresh immediately or defer
971 * @param remove Whether to remove ORF for specified AFI/SAFI
972 */
d62a17ae 973void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
d7c0a89a 974 uint8_t orf_type, uint8_t when_to_refresh,
9af52ccf 975 int remove, uint8_t subtype)
718e3744 976{
d62a17ae 977 struct stream *s;
978 struct bgp_filter *filter;
979 int orf_refresh = 0;
617975d1
DS		 980 iana_afi_t pkt_afi = IANA_AFI_IPV4;
981 iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
d62a17ae 982
983 if (DISABLE_BGP_ANNOUNCE)
984 return;
985
986 filter = &peer->filter[afi][safi];
987
988 /* Convert AFI, SAFI to values for packet. */
989 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
990
ef56aee4 991 s = stream_new(peer->max_packet_size);
d62a17ae 992
993 /* Make BGP update packet. */
994 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
995 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
718e3744 996 else
d62a17ae 997 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
998
999 /* Encode Route Refresh message. */
1000 stream_putw(s, pkt_afi);
9af52ccf
DA		 1001 if (subtype)
1002 stream_putc(s, subtype);
1003 else
1004 stream_putc(s, 0);
d62a17ae 1005 stream_putc(s, pkt_safi);
1006
1007 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
1008 if (remove || filter->plist[FILTER_IN].plist) {
d7c0a89a 1009 uint16_t orf_len;
d62a17ae 1010 unsigned long orfp;
1011
1012 orf_refresh = 1;
1013 stream_putc(s, when_to_refresh);
1014 stream_putc(s, orf_type);
1015 orfp = stream_get_endp(s);
1016 stream_putw(s, 0);
1017
1018 if (remove) {
1019 UNSET_FLAG(peer->af_sflags[afi][safi],
1020 PEER_STATUS_ORF_PREFIX_SEND);
1021 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
1022 if (bgp_debug_neighbor_events(peer))
1023 zlog_debug(
f70c91dc
DA		 1024 "%pBP sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
1025 peer, orf_type,
a7d91a8c
DA		 1026 (when_to_refresh ==
1027 REFRESH_DEFER
d62a17ae 1028 ? "defer"
1029 : "immediate"),
748a041f
DS		 1030 iana_afi2str(pkt_afi),
1031 iana_safi2str(pkt_safi));
d62a17ae 1032 } else {
1033 SET_FLAG(peer->af_sflags[afi][safi],
1034 PEER_STATUS_ORF_PREFIX_SEND);
1035 prefix_bgp_orf_entry(
1036 s, filter->plist[FILTER_IN].plist,
1037 ORF_COMMON_PART_ADD,
1038 ORF_COMMON_PART_PERMIT,
1039 ORF_COMMON_PART_DENY);
1040 if (bgp_debug_neighbor_events(peer))
1041 zlog_debug(
f70c91dc
DA		 1042 "%pBP sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
1043 peer, orf_type,
a7d91a8c
DA		 1044 (when_to_refresh ==
1045 REFRESH_DEFER
d62a17ae 1046 ? "defer"
1047 : "immediate"),
748a041f
DS		 1048 iana_afi2str(pkt_afi),
1049 iana_safi2str(pkt_safi));
d62a17ae 1050 }
1051
1052 /* Total ORF Entry Len. */
1053 orf_len = stream_get_endp(s) - orfp - 2;
1054 stream_putw_at(s, orfp, orf_len);
1055 }
1056
1057 /* Set packet size. */
65baedca 1058 bgp_packet_set_size(s);
d62a17ae 1059
1060 if (bgp_debug_neighbor_events(peer)) {
1061 if (!orf_refresh)
a7d91a8c 1062 zlog_debug(
f70c91dc
DA		 1063 "%pBP sending REFRESH_REQ for afi/safi: %s/%s",
1064 peer, iana_afi2str(pkt_afi),
1065 iana_safi2str(pkt_safi));
d62a17ae 1066 }
1067
1068 /* Add packet to the peer. */
1069 bgp_packet_add(peer, s);
424ab01d
QY		 1070
1071 bgp_writes_on(peer);
718e3744 1072}
1073
d3ecc69e
QY		 1074/*
1075 * Create a BGP Capability packet and append it to the peer's output queue.
1076 *
1077 * @param peer
1078 * @param afi Address Family Identifier
1079 * @param safi Subsequent Address Family Identifier
1080 * @param capability_code BGP Capability Code
1081 * @param action Set or Remove capability
1082 */
d62a17ae 1083void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
1084 int capability_code, int action)
718e3744 1085{
d62a17ae 1086 struct stream *s;
617975d1
DS		 1087 iana_afi_t pkt_afi = IANA_AFI_IPV4;
1088 iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
d62a17ae 1089
1090 /* Convert AFI, SAFI to values for packet. */
1091 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
1092
ef56aee4 1093 s = stream_new(peer->max_packet_size);
d62a17ae 1094
1095 /* Make BGP update packet. */
1096 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
1097
1098 /* Encode MP_EXT capability. */
1099 if (capability_code == CAPABILITY_CODE_MP) {
1100 stream_putc(s, action);
1101 stream_putc(s, CAPABILITY_CODE_MP);
1102 stream_putc(s, CAPABILITY_CODE_MP_LEN);
1103 stream_putw(s, pkt_afi);
1104 stream_putc(s, 0);
1105 stream_putc(s, pkt_safi);
1106
1107 if (bgp_debug_neighbor_events(peer))
1108 zlog_debug(
f70c91dc
DA		 1109 "%pBP sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
1110 peer,
d62a17ae 1111 action == CAPABILITY_ACTION_SET ? "Advertising"
1112 : "Removing",
748a041f 1113 iana_afi2str(pkt_afi), iana_safi2str(pkt_safi));
d62a17ae 1114 }
1115
1116 /* Set packet size. */
65baedca 1117 bgp_packet_set_size(s);
718e3744 1118
d62a17ae 1119 /* Add packet to the peer. */
1120 bgp_packet_add(peer, s);
424ab01d
QY		 1121
1122 bgp_writes_on(peer);
d62a17ae 1123}
718e3744 1124
d62a17ae 1125/* RFC1771 6.8 Connection collision detection. */
1126static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
1127{
1128 struct peer *peer;
1129
f88221f3
DS		 1130 /*
1131 * Upon receipt of an OPEN message, the local system must examine
1132 * all of its connections that are in the OpenConfirm state. A BGP
1133 * speaker may also examine connections in an OpenSent state if it
1134 * knows the BGP Identifier of the peer by means outside of the
1135 * protocol. If among these connections there is a connection to a
1136 * remote BGP speaker whose BGP Identifier equals the one in the
1137 * OPEN message, then the local system performs the following
1138 * collision resolution procedure:
1139 */
1140 peer = new->doppelganger;
1141 if (peer == NULL)
1142 return 0;
1143
1144 /*
1145 * Do not accept the new connection in Established or Clearing
1146 * states. Note that a peer GR is handled by closing the existing
1147 * connection upon receipt of new one.
1148 */
feb17238 1149 if (peer_established(peer) || peer->status == Clearing) {
f88221f3
DS		 1150 bgp_notify_send(new, BGP_NOTIFY_CEASE,
1151 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1152 return -1;
1153 }
1154
1155 if ((peer->status != OpenConfirm) && (peer->status != OpenSent))
1156 return 0;
1157
1158 /*
1159 * 1. The BGP Identifier of the local system is
1160 * compared to the BGP Identifier of the remote
1161 * system (as specified in the OPEN message).
1162 *
1163 * If the BGP Identifiers of the peers
1164 * involved in the connection collision
1165 * are identical, then the connection
1166 * initiated by the BGP speaker with the
1167 * larger AS number is preserved.
1168 */
1169 if (ntohl(peer->local_id.s_addr) < ntohl(remote_id.s_addr)
1170 || (ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)
1171 && peer->local_as < peer->as))
1172 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)) {
1173 /*
1174 * 2. If the value of the local BGP
1175 * Identifier is less than the remote one,
1176 * the local system closes BGP connection
1177 * that already exists (the one that is
1178 * already in the OpenConfirm state),
1179 * and accepts BGP connection initiated by
1180 * the remote system.
1181 */
1182 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1183 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1184 return 1;
1185 } else {
1186 bgp_notify_send(new, BGP_NOTIFY_CEASE,
1187 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1188 return -1;
1189 }
1190 else {
1191 if (ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)
1192 && peer->local_as == peer->as)
1193 flog_err(EC_BGP_ROUTER_ID_SAME,
1194 "Peer's router-id %pI4 is the same as ours",
1195 &remote_id);
1196
1197 /*
1198 * 3. Otherwise, the local system closes newly
1199 * created BGP connection (the one associated with the
1200 * newly received OPEN message), and continues to use
1201 * the existing one (the one that is already in the
1202 * OpenConfirm state).
d62a17ae 1203 */
f88221f3
DS		 1204 if (CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)) {
1205 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1206 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1207 return 1;
1208 } else {
d62a17ae 1209 bgp_notify_send(new, BGP_NOTIFY_CEASE,
1210 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
95f7965d 1211 return -1;
d62a17ae 1212 }
1213 }
d62a17ae 1214}
718e3744 1215
d8151687
QY		 1216/* Packet processing routines ---------------------------------------------- */
1217/*
1218 * This is a family of functions designed to be called from
1219 * bgp_process_packet(). These functions all share similar behavior and should
1220 * adhere to the following invariants and restrictions:
1221 *
1222 * Return codes
1223 * ------------
1224 * The return code of any one of those functions should be one of the FSM event
1225 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1226 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1227 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1228 * error and Receive_OPEN_message otherwise.
1229 *
1230 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1231 * defined below.
1232 *
1233 * Side effects
1234 * ------------
1235 * - May send NOTIFY messages
1236 * - May not modify peer->status
1237 * - May not call bgp_event_update()
1238 */
1239
1240#define BGP_PACKET_NOOP 0
1241
1242/**
1243 * Process BGP OPEN message for peer.
1244 *
1245 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1246 * and returns BGP_Stop.
1247 *
1248 * @param peer
1249 * @param size size of the packet
1250 * @return as in summary
1251 */
d62a17ae 1252static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1253{
1254 int ret;
d7c0a89a 1255 uint8_t version;
d08c0c80 1256 uint16_t optlen;
d7c0a89a
QY		 1257 uint16_t holdtime;
1258 uint16_t send_holdtime;
d62a17ae 1259 as_t remote_as;
6dcef54c 1260 as_t as4 = 0, as4_be;
d62a17ae 1261 struct in_addr remote_id;
1262 int mp_capability;
d7c0a89a
QY		 1263 uint8_t notify_data_remote_as[2];
1264 uint8_t notify_data_remote_as4[4];
1265 uint8_t notify_data_remote_id[4];
1266 uint16_t *holdtime_ptr;
d62a17ae 1267
1268 /* Parse open packet. */
424ab01d
QY		 1269 version = stream_getc(peer->curr);
1270 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1271 remote_as = stream_getw(peer->curr);
d7c0a89a 1272 holdtime_ptr = (uint16_t *)stream_pnt(peer->curr);
424ab01d
QY		 1273 holdtime = stream_getw(peer->curr);
1274 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1275 remote_id.s_addr = stream_get_ipv4(peer->curr);
d62a17ae 1276
d62a17ae 1277 /* BEGIN to read the capability here, but dont do it yet */
1278 mp_capability = 0;
424ab01d 1279 optlen = stream_getc(peer->curr);
d62a17ae 1280
d08c0c80
DA		 1281 /* Extended Optional Parameters Length for BGP OPEN Message */
1282 if (optlen == BGP_OPEN_NON_EXT_OPT_LEN
1283 || CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
1284 uint8_t opttype;
1285
1286 opttype = stream_getc(peer->curr);
1287 if (opttype == BGP_OPEN_NON_EXT_OPT_TYPE_EXTENDED_LENGTH) {
1288 optlen = stream_getw(peer->curr);
1289 SET_FLAG(peer->sflags,
1290 PEER_STATUS_EXT_OPT_PARAMS_LENGTH);
1291 }
1292 }
1293
1294 /* Receive OPEN message log */
1295 if (bgp_debug_neighbor_events(peer))
1296 zlog_debug(
1297 "%s rcv OPEN%s, version %d, remote-as (in open) %u, holdtime %d, id %pI4",
1298 peer->host,
1299 CHECK_FLAG(peer->sflags,
1300 PEER_STATUS_EXT_OPT_PARAMS_LENGTH)
1301 ? " (Extended)"
1302 : "",
1303 version, remote_as, holdtime, &remote_id);
1304
d62a17ae 1305 if (optlen != 0) {
1306 /* If not enough bytes, it is an error. */
424ab01d 1307 if (STREAM_READABLE(peer->curr) < optlen) {
d08c0c80
DA		 1308 flog_err(EC_BGP_PKT_OPEN,
1309 "%s: stream has not enough bytes (%u)",
1310 peer->host, optlen);
d62a17ae 1311 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1312 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
d8151687 1313 return BGP_Stop;
d62a17ae 1314 }
718e3744 1315
d62a17ae 1316 /* We need the as4 capability value *right now* because
1317 * if it is there, we have not got the remote_as yet, and
1318 * without
1319 * that we do not know which peer is connecting to us now.
1320 */
1321 as4 = peek_for_as4_capability(peer, optlen);
d62a17ae 1322 }
718e3744 1323
6dcef54c
DL		 1324 as4_be = htonl(as4);
1325 memcpy(notify_data_remote_as4, &as4_be, 4);
1326
d62a17ae 1327 /* Just in case we have a silly peer who sends AS4 capability set to 0
1328 */
1329 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
e50f7cfd 1330 flog_err(EC_BGP_PKT_OPEN,
1c50c1c0
QY		 1331 "%s bad OPEN, got AS4 capability, but AS4 set to 0",
1332 peer->host);
d62a17ae 1333 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1334 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1335 notify_data_remote_as4, 4);
d8151687 1336 return BGP_Stop;
d62a17ae 1337 }
718e3744 1338
33d022bc
DA		 1339 /* Codification of AS 0 Processing */
1340 if (remote_as == BGP_AS_ZERO) {
1341 flog_err(EC_BGP_PKT_OPEN, "%s bad OPEN, got AS set to 0",
1342 peer->host);
1343 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1344 BGP_NOTIFY_OPEN_BAD_PEER_AS);
1345 return BGP_Stop;
1346 }
1347
d62a17ae 1348 if (remote_as == BGP_AS_TRANS) {
1349 /* Take the AS4 from the capability. We must have received the
1350 * capability now! Otherwise we have a asn16 peer who uses
1351 * BGP_AS_TRANS, for some unknown reason.
1352 */
1353 if (as4 == BGP_AS_TRANS) {
af4c2728 1354 flog_err(
e50f7cfd 1355 EC_BGP_PKT_OPEN,
d62a17ae 1356 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1357 peer->host);
1358 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1359 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1360 notify_data_remote_as4, 4);
d8151687 1361 return BGP_Stop;
d62a17ae 1362 }
718e3744 1363
d62a17ae 1364 if (!as4 && BGP_DEBUG(as4, AS4))
1365 zlog_debug(
3efd0893 1366 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4. Odd, but proceeding.",
d62a17ae 1367 peer->host);
1368 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1369 zlog_debug(
3efd0893 1370 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits in 2-bytes, very odd peer.",
d62a17ae 1371 peer->host, as4);
1372 if (as4)
1373 remote_as = as4;
1374 } else {
1375 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1376 */
1377 /* If we have got the capability, peer->as4cap must match
1378 * remote_as */
1379 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1380 && as4 != remote_as) {
1381 /* raise error, log this, close session */
af4c2728 1382 flog_err(
e50f7cfd 1383 EC_BGP_PKT_OPEN,
3efd0893 1384 "%s bad OPEN, got AS4 capability, but remote_as %u mismatch with 16bit 'myasn' %u in open",
d62a17ae 1385 peer->host, as4, remote_as);
1386 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1387 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1388 notify_data_remote_as4, 4);
d8151687 1389 return BGP_Stop;
d62a17ae 1390 }
1391 }
6b0655a2 1392
787c3020
DA		 1393 /* rfc6286:
1394 * If the BGP Identifier field of the OPEN message
1395 * is zero, or if it is the same as the BGP Identifier
1396 * of the local BGP speaker and the message is from an
1397 * internal peer, then the Error Subcode is set to
1398 * "Bad BGP Identifier".
1399 */
975a328e 1400 if (remote_id.s_addr == INADDR_ANY
787c3020
DA		 1401 || (peer->sort == BGP_PEER_IBGP
1402 && ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr))) {
d62a17ae 1403 if (bgp_debug_neighbor_events(peer))
23d0a753
DA		 1404 zlog_debug("%s bad OPEN, wrong router identifier %pI4",
1405 peer->host, &remote_id);
d62a17ae 1406 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1407 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1408 notify_data_remote_id, 4);
d8151687 1409 return BGP_Stop;
d62a17ae 1410 }
1411
d62a17ae 1412 /* Peer BGP version check. */
1413 if (version != BGP_VERSION_4) {
d7c0a89a 1414 uint16_t maxver = htons(BGP_VERSION_4);
d62a17ae 1415 /* XXX this reply may not be correct if version < 4 XXX */
1416 if (bgp_debug_neighbor_events(peer))
1417 zlog_debug(
1418 "%s bad protocol version, remote requested %d, local request %d",
1419 peer->host, version, BGP_VERSION_4);
1420 /* Data must be in network byte order here */
1421 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1422 BGP_NOTIFY_OPEN_UNSUP_VERSION,
d7c0a89a 1423 (uint8_t *)&maxver, 2);
d8151687 1424 return BGP_Stop;
d62a17ae 1425 }
1426
1427 /* Check neighbor as number. */
1428 if (peer->as_type == AS_UNSPECIFIED) {
1429 if (bgp_debug_neighbor_events(peer))
1430 zlog_debug(
1431 "%s bad OPEN, remote AS is unspecified currently",
1432 peer->host);
1433 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1434 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1435 notify_data_remote_as, 2);
d8151687 1436 return BGP_Stop;
d62a17ae 1437 } else if (peer->as_type == AS_INTERNAL) {
1438 if (remote_as != peer->bgp->as) {
1439 if (bgp_debug_neighbor_events(peer))
1440 zlog_debug(
1441 "%s bad OPEN, remote AS is %u, internal specified",
1442 peer->host, remote_as);
1443 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1444 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1445 notify_data_remote_as, 2);
d8151687 1446 return BGP_Stop;
1ff9a340 1447 }
d62a17ae 1448 peer->as = peer->local_as;
1449 } else if (peer->as_type == AS_EXTERNAL) {
1450 if (remote_as == peer->bgp->as) {
1451 if (bgp_debug_neighbor_events(peer))
1452 zlog_debug(
1453 "%s bad OPEN, remote AS is %u, external specified",
1454 peer->host, remote_as);
1455 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1456 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1457 notify_data_remote_as, 2);
d8151687 1458 return BGP_Stop;
1ff9a340 1459 }
d62a17ae 1460 peer->as = remote_as;
1461 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1462 if (bgp_debug_neighbor_events(peer))
1463 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1464 peer->host, remote_as, peer->as);
1465 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1466 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1467 notify_data_remote_as, 2);
d8151687 1468 return BGP_Stop;
eb821189 1469 }
718e3744 1470
7a75470f
DS		 1471 /*
1472 * When collision is detected and this peer is closed.
1473 * Return immediately.
1474 */
1475 ret = bgp_collision_detect(peer, remote_id);
1476 if (ret < 0)
1477 return BGP_Stop;
1478
1479 /* Get sockname. */
1480 if (bgp_getsockname(peer) < 0) {
1481 flog_err_sys(EC_LIB_SOCKET,
1482 "%s: bgp_getsockname() failed for peer: %s",
1483 __func__, peer->host);
1484 return BGP_Stop;
1485 }
1486
1487 /* Set remote router-id */
1488 peer->remote_id = remote_id;
1489
d62a17ae 1490 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1491 calculate the value of the Hold Timer by using the smaller of its
1492 configured Hold Time and the Hold Time received in the OPEN message.
1493 The Hold Time MUST be either zero or at least three seconds. An
1494 implementation may reject connections on the basis of the Hold Time.
0b2aa3a0 1495 */
d62a17ae 1496
1497 if (holdtime < 3 && holdtime != 0) {
b042667a
TI		 1498 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1499 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1500 (uint8_t *)holdtime_ptr, 2);
1501 return BGP_Stop;
1502 }
1503
1504 /* Send notification message when Hold Time received in the OPEN message
1505 * is smaller than configured minimum Hold Time. */
1506 if (holdtime < peer->bgp->default_min_holdtime
1507 && peer->bgp->default_min_holdtime != 0) {
d62a17ae 1508 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1509 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
d7c0a89a 1510 (uint8_t *)holdtime_ptr, 2);
d8151687 1511 return BGP_Stop;
0b2aa3a0 1512 }
d62a17ae 1513
1514 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1515 would be one third of the Hold Time interval. KEEPALIVE messages
1516 MUST NOT be sent more frequently than one per second. An
1517 implementation MAY adjust the rate at which it sends KEEPALIVE
1518 messages as a function of the Hold Time interval. */
1519
b90a8e13 1520 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
d62a17ae 1521 send_holdtime = peer->holdtime;
1522 else
1523 send_holdtime = peer->bgp->default_holdtime;
1524
1525 if (holdtime < send_holdtime)
1526 peer->v_holdtime = holdtime;
1527 else
1528 peer->v_holdtime = send_holdtime;
1529
7aa4fd5b
TA		 1530 /* Set effective keepalive to 1/3 the effective holdtime.
1531 * Use configured keeplive when < effective keepalive.
1532 */
1533 peer->v_keepalive = peer->v_holdtime / 3;
1534 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER)) {
1535 if (peer->keepalive && peer->keepalive < peer->v_keepalive)
1536 peer->v_keepalive = peer->keepalive;
1537 } else {
1538 if (peer->bgp->default_keepalive
1539 && peer->bgp->default_keepalive < peer->v_keepalive)
1540 peer->v_keepalive = peer->bgp->default_keepalive;
1541 }
d62a17ae 1542
1543 /* Open option part parse. */
1544 if (optlen != 0) {
1bb379bf 1545 if (bgp_open_option_parse(peer, optlen, &mp_capability) < 0)
d8151687 1546 return BGP_Stop;
d62a17ae 1547 } else {
1548 if (bgp_debug_neighbor_events(peer))
1549 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1550 peer->host);
0299c004 1551 }
d62a17ae 1552
1553 /*
1554 * Assume that the peer supports the locally configured set of
1555 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1556 * capabilities, or if 'override-capability' is configured.
1557 */
1558 if (!mp_capability
1559 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1560 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1561 peer->afc[AFI_IP][SAFI_UNICAST];
1562 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1563 peer->afc[AFI_IP][SAFI_MULTICAST];
1564 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1565 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
7c40bf39 1566 peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] =
1567 peer->afc[AFI_IP][SAFI_FLOWSPEC];
d62a17ae 1568 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1569 peer->afc[AFI_IP6][SAFI_UNICAST];
1570 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1571 peer->afc[AFI_IP6][SAFI_MULTICAST];
1572 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1573 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1574 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1575 peer->afc[AFI_L2VPN][SAFI_EVPN];
7c40bf39 1576 peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] =
1577 peer->afc[AFI_IP6][SAFI_FLOWSPEC];
0299c004 1578 }
d62a17ae 1579
d62a17ae 1580 /* Verify valid local address present based on negotiated
1581 * address-families. */
1582 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
e5f22b30 1583 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
d62a17ae 1584 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1585 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1586 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
975a328e 1587 if (peer->nexthop.v4.s_addr == INADDR_ANY) {
d62a17ae 1588#if defined(HAVE_CUMULUS)
50121ac0
DS		 1589 zlog_warn("%s: No local IPv4 addr, BGP routing may not work",
1590 peer->host);
1d808091 1591#endif
d62a17ae 1592 }
1593 }
1594 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
e5f22b30 1595 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
d62a17ae 1596 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1597 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1598 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1599 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1600#if defined(HAVE_CUMULUS)
50121ac0
DS		 1601 zlog_warn("%s: No local IPv6 address, BGP routing may not work",
1602 peer->host);
1d808091 1603#endif
d62a17ae 1604 }
1605 }
1606 peer->rtt = sockopt_tcp_rtt(peer->fd);
1607
d8151687 1608 return Receive_OPEN_message;
718e3744 1609}
1610
d8151687
QY		 1611/**
1612 * Process BGP KEEPALIVE message for peer.
1613 *
1614 * @param peer
1615 * @param size size of the packet
1616 * @return as in summary
1617 */
1618static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
f188f2c4 1619{
d8151687
QY		 1620 if (bgp_debug_keepalive(peer))
1621 zlog_debug("%s KEEPALIVE rcvd", peer->host);
d62a17ae 1622
d8151687 1623 bgp_update_implicit_eors(peer);
d62a17ae 1624
e410d563
DA		 1625 peer->rtt = sockopt_tcp_rtt(peer->fd);
1626
8336c896
DA		 1627 /* If the peer's RTT is higher than expected, shutdown
1628 * the peer automatically.
1629 */
1630 if (CHECK_FLAG(peer->flags, PEER_FLAG_RTT_SHUTDOWN)
1631 && peer->rtt > peer->rtt_expected) {
1632
1633 peer->rtt_keepalive_rcv++;
1634
1635 if (peer->rtt_keepalive_rcv > peer->rtt_keepalive_conf) {
1636 zlog_warn(
1637 "%s shutdown due to high round-trip-time (%dms > %dms)",
1638 peer->host, peer->rtt, peer->rtt_expected);
1639 peer_flag_set(peer, PEER_FLAG_SHUTDOWN);
1640 }
1641 } else {
1642 if (peer->rtt_keepalive_rcv)
1643 peer->rtt_keepalive_rcv--;
1644 }
1645
d8151687 1646 return Receive_KEEPALIVE_message;
f188f2c4
DS		 1647}
1648
cc9f21da 1649static void bgp_refresh_stalepath_timer_expire(struct thread *thread)
9af52ccf
DA		 1650{
1651 struct peer_af *paf;
1652
1653 paf = THREAD_ARG(thread);
1654
1655 afi_t afi = paf->afi;
1656 safi_t safi = paf->safi;
1657 struct peer *peer = paf->peer;
1658
1659 peer->t_refresh_stalepath = NULL;
1660
1661 if (peer->nsf[afi][safi])
1662 bgp_clear_stale_route(peer, afi, safi);
1663
1664 if (bgp_debug_neighbor_events(peer))
a7d91a8c 1665 zlog_debug(
f70c91dc
DA		 1666 "%pBP route-refresh (BoRR) timer expired for afi/safi: %d/%d",
1667 peer, afi, safi);
9af52ccf
DA		 1668
1669 bgp_timer_set(peer);
9af52ccf 1670}
d62a17ae 1671
d8151687
QY		 1672/**
1673 * Process BGP UPDATE message for peer.
1674 *
1675 * Parses UPDATE and creates attribute object.
1676 *
1677 * @param peer
1678 * @param size size of the packet
1679 * @return as in summary
7ef5a232 1680 */
d62a17ae 1681static int bgp_update_receive(struct peer *peer, bgp_size_t size)
718e3744 1682{
d62a17ae 1683 int ret, nlri_ret;
d7c0a89a 1684 uint8_t *end;
d62a17ae 1685 struct stream *s;
1686 struct attr attr;
1687 bgp_size_t attribute_len;
1688 bgp_size_t update_len;
1689 bgp_size_t withdraw_len;
f009ff26 1690 bool restart = false;
d62a17ae 1691
1692 enum NLRI_TYPES {
1693 NLRI_UPDATE,
1694 NLRI_WITHDRAW,
1695 NLRI_MP_UPDATE,
1696 NLRI_MP_WITHDRAW,
1697 NLRI_TYPE_MAX
1698 };
1699 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1700
1701 /* Status must be Established. */
feb17238 1702 if (!peer_established(peer)) {
e50f7cfd 1703 flog_err(EC_BGP_INVALID_STATUS,
1c50c1c0
QY		 1704 "%s [FSM] Update packet received under status %s",
1705 peer->host,
1706 lookup_msg(bgp_status_msg, peer->status, NULL));
0e35025e 1707 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
3893aeee 1708 bgp_fsm_error_subcode(peer->status));
d8151687 1709 return BGP_Stop;
d62a17ae 1710 }
1711
1712 /* Set initial values. */
6006b807 1713 memset(&attr, 0, sizeof(attr));
d62a17ae 1714 attr.label_index = BGP_INVALID_LABEL_INDEX;
1715 attr.label = MPLS_INVALID_LABEL;
1716 memset(&nlris, 0, sizeof(nlris));
1717 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1718 peer->rcvd_attr_printed = 0;
1719
424ab01d 1720 s = peer->curr;
d62a17ae 1721 end = stream_pnt(s) + size;
1722
1723 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1724 Length is too large (i.e., if Unfeasible Routes Length + Total
1725 Attribute Length + 23 exceeds the message Length), then the Error
1726 Subcode is set to Malformed Attribute List. */
1727 if (stream_pnt(s) + 2 > end) {
e50f7cfd 1728 flog_err(EC_BGP_UPDATE_RCV,
3efd0893 1729 "%s [Error] Update packet error (packet length is short for unfeasible length)",
1c50c1c0 1730 peer->host);
d62a17ae 1731 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1732 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1733 return BGP_Stop;
d62a17ae 1734 }
1735
1736 /* Unfeasible Route Length. */
1737 withdraw_len = stream_getw(s);
1738
1739 /* Unfeasible Route Length check. */
1740 if (stream_pnt(s) + withdraw_len > end) {
e50f7cfd 1741 flog_err(EC_BGP_UPDATE_RCV,
3efd0893 1742 "%s [Error] Update packet error (packet unfeasible length overflow %d)",
1c50c1c0 1743 peer->host, withdraw_len);
d62a17ae 1744 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1745 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1746 return BGP_Stop;
d62a17ae 1747 }
1748
1749 /* Unfeasible Route packet format check. */
1750 if (withdraw_len > 0) {
1751 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1752 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1753 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1754 nlris[NLRI_WITHDRAW].length = withdraw_len;
1755 stream_forward_getp(s, withdraw_len);
1756 }
1757
1758 /* Attribute total length check. */
1759 if (stream_pnt(s) + 2 > end) {
ade6974d 1760 flog_warn(
e50f7cfd 1761 EC_BGP_UPDATE_PACKET_SHORT,
ade6974d
QY		 1762 "%s [Error] Packet Error (update packet is short for attribute length)",
1763 peer->host);
d62a17ae 1764 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1765 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1766 return BGP_Stop;
d62a17ae 1767 }
1768
1769 /* Fetch attribute total length. */
1770 attribute_len = stream_getw(s);
1771
1772 /* Attribute length check. */
1773 if (stream_pnt(s) + attribute_len > end) {
ade6974d 1774 flog_warn(
e50f7cfd 1775 EC_BGP_UPDATE_PACKET_LONG,
ade6974d
QY		 1776 "%s [Error] Packet Error (update packet attribute length overflow %d)",
1777 peer->host, attribute_len);
d62a17ae 1778 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1779 BGP_NOTIFY_UPDATE_MAL_ATTR);
d8151687 1780 return BGP_Stop;
d62a17ae 1781 }
1782
1783 /* Certain attribute parsing errors should not be considered bad enough
1784 * to reset the session for, most particularly any partial/optional
1785 * attributes that have 'tunneled' over speakers that don't understand
1786 * them. Instead we withdraw only the prefix concerned.
1787 *
1788 * Complicates the flow a little though..
1789 */
79288e4c 1790 enum bgp_attr_parse_ret attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
d62a17ae 1791/* This define morphs the update case into a withdraw when lower levels
1792 * have signalled an error condition where this is best.
1793 */
b881c707 1794#define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
718e3744 1795
d62a17ae 1796 /* Parse attribute when it exists. */
1797 if (attribute_len) {
1798 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1799 &nlris[NLRI_MP_UPDATE],
1800 &nlris[NLRI_MP_WITHDRAW]);
1801 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1802 bgp_attr_unintern_sub(&attr);
d8151687 1803 return BGP_Stop;
d62a17ae 1804 }
1805 }
1806
1807 /* Logging the attribute. */
1808 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1809 || BGP_DEBUG(update, UPDATE_IN)
1810 || BGP_DEBUG(update, UPDATE_PREFIX)) {
5022c833
DA		 1811 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str,
1812 sizeof(peer->rcvd_attr_str));
d62a17ae 1813
b4d46cc9
DL		 1814 peer->stat_upd_7606++;
1815
d62a17ae 1816 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
af4c2728 1817 flog_err(
e50f7cfd 1818 EC_BGP_UPDATE_RCV,
f70c91dc
DA		 1819 "%pBP rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1820 peer);
d62a17ae 1821
1822 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
f70c91dc 1823 zlog_debug("%pBP rcvd UPDATE w/ attr: %s", peer,
d62a17ae 1824 peer->rcvd_attr_str);
1825 peer->rcvd_attr_printed = 1;
1826 }
1827 }
1828
1829 /* Network Layer Reachability Information. */
1830 update_len = end - stream_pnt(s);
1831
1832 if (update_len) {
1833 /* Set NLRI portion to structure. */
1834 nlris[NLRI_UPDATE].afi = AFI_IP;
1835 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1836 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1837 nlris[NLRI_UPDATE].length = update_len;
1838 stream_forward_getp(s, update_len);
9738e9aa 1839
1840 if (CHECK_FLAG(attr.flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
1841 /*
1842 * We skipped nexthop attribute validation earlier so
1843 * validate the nexthop now.
1844 */
1845 if (bgp_attr_nexthop_valid(peer, &attr) < 0) {
1846 bgp_attr_unintern_sub(&attr);
1847 return BGP_Stop;
1848 }
1849 }
d62a17ae 1850 }
1851
1852 if (BGP_DEBUG(update, UPDATE_IN))
f70c91dc
DA		 1853 zlog_debug("%pBP rcvd UPDATE wlen %d attrlen %d alen %d", peer,
1854 withdraw_len, attribute_len, update_len);
d62a17ae 1855
1856 /* Parse any given NLRIs */
1857 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
1858 if (!nlris[i].nlri)
1859 continue;
1860
1861 /* NLRI is processed iff the peer if configured for the specific
1862 * afi/safi */
1863 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
1864 zlog_info(
1865 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1866 peer->host, nlris[i].afi, nlris[i].safi);
1867 continue;
1868 }
1869
1870 /* EoR handled later */
1871 if (nlris[i].length == 0)
1872 continue;
1873
1874 switch (i) {
1875 case NLRI_UPDATE:
1876 case NLRI_MP_UPDATE:
1877 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
1878 &nlris[i], 0);
1879 break;
1880 case NLRI_WITHDRAW:
1881 case NLRI_MP_WITHDRAW:
1882 nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1);
1883 break;
1884 default:
513386b5 1885 nlri_ret = BGP_NLRI_PARSE_ERROR;
d62a17ae 1886 }
1887
513386b5
DA		 1888 if (nlri_ret < BGP_NLRI_PARSE_OK
1889 && nlri_ret != BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW) {
e50f7cfd 1890 flog_err(EC_BGP_UPDATE_RCV,
1c50c1c0 1891 "%s [Error] Error parsing NLRI", peer->host);
feb17238 1892 if (peer_established(peer))
d62a17ae 1893 bgp_notify_send(
1894 peer, BGP_NOTIFY_UPDATE_ERR,
1895 i <= NLRI_WITHDRAW
1896 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1897 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1898 bgp_attr_unintern_sub(&attr);
d8151687 1899 return BGP_Stop;
d62a17ae 1900 }
1901 }
1902
1903 /* EoR checks
1904 *
1905 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1906 * and MP EoR should have only an empty MP_UNREACH
1907 */
996c9314
LB		 1908 if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
1909 || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
d62a17ae 1910 afi_t afi = 0;
1911 safi_t safi;
f009ff26 1912 struct graceful_restart_info *gr_info;
1913
1914 /* Restarting router */
36235319
QY		 1915 if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer)
1916 && BGP_PEER_RESTARTING_MODE(peer))
f009ff26 1917 restart = true;
d62a17ae 1918
1919 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1920 * checked
1921 * update and withdraw NLRI lengths are 0.
1922 */
1923 if (!attribute_len) {
1924 afi = AFI_IP;
1925 safi = SAFI_UNICAST;
1926 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
1927 && nlris[NLRI_MP_WITHDRAW].length == 0) {
1928 afi = nlris[NLRI_MP_WITHDRAW].afi;
1929 safi = nlris[NLRI_MP_WITHDRAW].safi;
9b9df989
DS		 1930 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
1931 afi = nlris[NLRI_MP_UPDATE].afi;
1932 safi = nlris[NLRI_MP_UPDATE].safi;
d62a17ae 1933 }
1934
1935 if (afi && peer->afc[afi][safi]) {
e82d19a3
DS		 1936 struct vrf *vrf = vrf_lookup_by_id(peer->bgp->vrf_id);
1937
d62a17ae 1938 /* End-of-RIB received */
1939 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
1940 PEER_STATUS_EOR_RECEIVED)) {
1941 SET_FLAG(peer->af_sflags[afi][safi],
1942 PEER_STATUS_EOR_RECEIVED);
1943 bgp_update_explicit_eors(peer);
f009ff26 1944 /* Update graceful restart information */
1945 gr_info = &(peer->bgp->gr_info[afi][safi]);
1946 if (restart)
1947 gr_info->eor_received++;
1948 /* If EOR received from all peers and selection
1949 * deferral timer is running, cancel the timer
1950 * and invoke the best path calculation
1951 */
36235319
QY		 1952 if (gr_info->eor_required
1953 == gr_info->eor_received) {
1954 if (bgp_debug_neighbor_events(peer))
1955 zlog_debug(
1956 "%s %d, %s %d",
f009ff26 1957 "EOR REQ",
1958 gr_info->eor_required,
1959 "EOR RCV",
1960 gr_info->eor_received);
1961 BGP_TIMER_OFF(
1962 gr_info->t_select_deferral);
1963 gr_info->eor_required = 0;
1964 gr_info->eor_received = 0;
1965 /* Best path selection */
1966 if (bgp_best_path_select_defer(
36235319
QY		 1967 peer->bgp, afi, safi)
1968 < 0)
f009ff26 1969 return BGP_Stop;
1970 }
d62a17ae 1971 }
1972
1973 /* NSF delete stale route */
1974 if (peer->nsf[afi][safi])
1975 bgp_clear_stale_route(peer, afi, safi);
1976
1479ed2f
DA		 1977 zlog_info(
1978 "%s: rcvd End-of-RIB for %s from %s in vrf %s",
1979 __func__, get_afi_safi_str(afi, safi, false),
1980 peer->host, vrf ? vrf->name : VRF_DEFAULT_NAME);
1981 }
f80f838b 1982 }
d62a17ae 1983
1984 /* Everything is done. We unintern temporary structures which
1985 interned in bgp_attr_parse(). */
1986 bgp_attr_unintern_sub(&attr);
1987
d62a17ae 1988 peer->update_time = bgp_clock();
1989
c385f82a
MK		 1990 /* Notify BGP Conditional advertisement scanner process */
1991 peer->advmap_table_change = true;
1992
d8151687 1993 return Receive_UPDATE_message;
718e3744 1994}
1995
d8151687
QY		 1996/**
1997 * Process BGP NOTIFY message for peer.
1998 *
1999 * @param peer
2000 * @param size size of the packet
2001 * @return as in summary
2002 */
2003static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
718e3744 2004{
10d476d4
DA		 2005 struct bgp_notify outer = {};
2006 struct bgp_notify inner = {};
eea685b6 2007 bool hard_reset = false;
d62a17ae 2008
2009 if (peer->notify.data) {
eea685b6 2010 XFREE(MTYPE_BGP_NOTIFICATION, peer->notify.data);
d62a17ae 2011 peer->notify.length = 0;
e7ce634f 2012 peer->notify.hard_reset = false;
d62a17ae 2013 }
2014
eea685b6
DA		 2015 outer.code = stream_getc(peer->curr);
2016 outer.subcode = stream_getc(peer->curr);
2017 outer.length = size - 2;
2018 outer.data = NULL;
2019 outer.raw_data = NULL;
2020 if (outer.length) {
2021 outer.raw_data = XMALLOC(MTYPE_BGP_NOTIFICATION, outer.length);
2022 memcpy(outer.raw_data, stream_pnt(peer->curr), outer.length);
2023 }
2024
1ae314be
DA		 2025 hard_reset =
2026 bgp_notify_received_hard_reset(peer, outer.code, outer.subcode);
eea685b6
DA		 2027 if (hard_reset && outer.length) {
2028 inner = bgp_notify_decapsulate_hard_reset(&outer);
2029 peer->notify.hard_reset = true;
2030 } else {
2031 inner = outer;
2032 }
d62a17ae 2033
2034 /* Preserv notify code and sub code. */
eea685b6
DA		 2035 peer->notify.code = inner.code;
2036 peer->notify.subcode = inner.subcode;
d62a17ae 2037 /* For further diagnostic record returned Data. */
eea685b6
DA		 2038 if (inner.length) {
2039 peer->notify.length = inner.length;
2040 peer->notify.data =
2041 XMALLOC(MTYPE_BGP_NOTIFICATION, inner.length);
2042 memcpy(peer->notify.data, inner.raw_data, inner.length);
d62a17ae 2043 }
2044
2045 /* For debug */
2046 {
2047 int i;
2048 int first = 0;
2049 char c[4];
2050
eea685b6
DA		 2051 if (inner.length) {
2052 inner.data = XMALLOC(MTYPE_BGP_NOTIFICATION,
2053 inner.length * 3);
2054 for (i = 0; i < inner.length; i++)
d62a17ae 2055 if (first) {
552d6491 2056 snprintf(c, sizeof(c), " %02x",
424ab01d 2057 stream_getc(peer->curr));
f009ff26 2058
eea685b6
DA		 2059 strlcat(inner.data, c,
2060 inner.length * 3);
f009ff26 2061
d62a17ae 2062 } else {
2063 first = 1;
552d6491
QY		 2064 snprintf(c, sizeof(c), "%02x",
2065 stream_getc(peer->curr));
f009ff26 2066
eea685b6
DA		 2067 strlcpy(inner.data, c,
2068 inner.length * 3);
d62a17ae 2069 }
d62a17ae 2070 }
2071
eea685b6 2072 bgp_notify_print(peer, &inner, "received", hard_reset);
10d476d4 2073 if (inner.length) {
eea685b6
DA		 2074 XFREE(MTYPE_BGP_NOTIFICATION, inner.data);
2075 inner.length = 0;
2076 }
2077 if (outer.length) {
2078 XFREE(MTYPE_BGP_NOTIFICATION, outer.data);
10d476d4 2079 XFREE(MTYPE_BGP_NOTIFICATION, outer.raw_data);
eea685b6 2080 outer.length = 0;
d62a17ae 2081 }
2082 }
2083
2084 /* peer count update */
0112e9e0 2085 atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
d62a17ae 2086
2087 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
2088
2089 /* We have to check for Notify with Unsupported Optional Parameter.
2090 in that case we fallback to open without the capability option.
2091 But this done in bgp_stop. We just mark it here to avoid changing
2092 the fsm tables. */
eea685b6
DA		 2093 if (inner.code == BGP_NOTIFY_OPEN_ERR &&
2094 inner.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
d62a17ae 2095 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
2096
5cce3f05 2097 bgp_peer_gr_flags_update(peer);
36235319
QY		 2098 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
2099 peer->bgp->peer);
5cce3f05 2100
d8151687 2101 return Receive_NOTIFICATION_message;
718e3744 2102}
2103
d8151687
QY		 2104/**
2105 * Process BGP ROUTEREFRESH message for peer.
2106 *
2107 * @param peer
2108 * @param size size of the packet
2109 * @return as in summary
2110 */
2111static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
718e3744 2112{
d62a17ae 2113 iana_afi_t pkt_afi;
2114 afi_t afi;
5c525538
RW		 2115 iana_safi_t pkt_safi;
2116 safi_t safi;
d62a17ae 2117 struct stream *s;
2118 struct peer_af *paf;
2119 struct update_group *updgrp;
2120 struct peer *updgrp_peer;
9af52ccf 2121 uint8_t subtype;
e1a32ec1 2122 bool force_update = false;
9af52ccf
DA		 2123 bgp_size_t msg_length =
2124 size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE);
d62a17ae 2125
2126 /* If peer does not have the capability, send notification. */
2127 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
e50f7cfd 2128 flog_err(EC_BGP_NO_CAP,
1c50c1c0
QY		 2129 "%s [Error] BGP route refresh is not enabled",
2130 peer->host);
d62a17ae 2131 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2132 BGP_NOTIFY_HEADER_BAD_MESTYPE);
d8151687 2133 return BGP_Stop;
d62a17ae 2134 }
2135
2136 /* Status must be Established. */
feb17238 2137 if (!peer_established(peer)) {
af4c2728 2138 flog_err(
e50f7cfd 2139 EC_BGP_INVALID_STATUS,
d62a17ae 2140 "%s [Error] Route refresh packet received under status %s",
2141 peer->host,
2142 lookup_msg(bgp_status_msg, peer->status, NULL));
0e35025e 2143 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
3893aeee 2144 bgp_fsm_error_subcode(peer->status));
d8151687 2145 return BGP_Stop;
d62a17ae 2146 }
2147
424ab01d 2148 s = peer->curr;
d62a17ae 2149
2150 /* Parse packet. */
2151 pkt_afi = stream_getw(s);
9af52ccf 2152 subtype = stream_getc(s);
d62a17ae 2153 pkt_safi = stream_getc(s);
2154
d62a17ae 2155 /* Convert AFI, SAFI to internal values and check. */
2156 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
2157 zlog_info(
748a041f
DS		 2158 "%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
2159 peer->host, iana_afi2str(pkt_afi),
2160 iana_safi2str(pkt_safi));
d8151687 2161 return BGP_PACKET_NOOP;
d62a17ae 2162 }
2163
2164 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
d7c0a89a
QY		 2165 uint8_t *end;
2166 uint8_t when_to_refresh;
2167 uint8_t orf_type;
2168 uint16_t orf_len;
d62a17ae 2169
9af52ccf
DA		 2170 if (subtype) {
2171 /* If the length, excluding the fixed-size message
2172 * header, of the received ROUTE-REFRESH message with
2173 * Message Subtype 1 and 2 is not 4, then the BGP
2174 * speaker MUST send a NOTIFICATION message with the
2175 * Error Code of "ROUTE-REFRESH Message Error" and the
2176 * subcode of "Invalid Message Length".
2177 */
2178 if (msg_length != 4) {
2179 zlog_err(
2180 "%s Enhanced Route Refresh message length error",
2181 peer->host);
2182 bgp_notify_send(
2183 peer, BGP_NOTIFY_ROUTE_REFRESH_ERR,
2184 BGP_NOTIFY_ROUTE_REFRESH_INVALID_MSG_LEN);
2185 }
2186
2187 /* When the BGP speaker receives a ROUTE-REFRESH message
2188 * with a "Message Subtype" field other than 0, 1, or 2,
2189 * it MUST ignore the received ROUTE-REFRESH message.
2190 */
2191 if (subtype > 2)
2192 zlog_err(
2193 "%s Enhanced Route Refresh invalid subtype",
2194 peer->host);
2195 }
2196
2197 if (msg_length < 5) {
d62a17ae 2198 zlog_info("%s ORF route refresh length error",
2199 peer->host);
0e35025e
DA		 2200 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2201 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2202 return BGP_Stop;
718e3744 2203 }
2204
d62a17ae 2205 when_to_refresh = stream_getc(s);
2206 end = stream_pnt(s) + (size - 5);
2207
2208 while ((stream_pnt(s) + 2) < end) {
2209 orf_type = stream_getc(s);
2210 orf_len = stream_getw(s);
2211
2212 /* orf_len in bounds? */
2213 if ((stream_pnt(s) + orf_len) > end)
2214 break; /* XXX: Notify instead?? */
2215 if (orf_type == ORF_TYPE_PREFIX
2216 || orf_type == ORF_TYPE_PREFIX_OLD) {
2217 uint8_t *p_pnt = stream_pnt(s);
2218 uint8_t *p_end = stream_pnt(s) + orf_len;
2219 struct orf_prefix orfp;
d7c0a89a
QY		 2220 uint8_t common = 0;
2221 uint32_t seq;
d62a17ae 2222 int psize;
2223 char name[BUFSIZ];
2224 int ret = CMD_SUCCESS;
2225
2226 if (bgp_debug_neighbor_events(peer)) {
2227 zlog_debug(
f70c91dc
DA		 2228 "%pBP rcvd Prefixlist ORF(%d) length %d",
2229 peer, orf_type, orf_len);
d62a17ae 2230 }
2231
2232 /* we're going to read at least 1 byte of common
2233 * ORF header,
2234 * and 7 bytes of ORF Address-filter entry from
2235 * the stream
2236 */
2237 if (orf_len < 7)
2238 break;
2239
2240 /* ORF prefix-list name */
772270f3
QY		 2241 snprintf(name, sizeof(name), "%s.%d.%d",
2242 peer->host, afi, safi);
d62a17ae 2243
2244 while (p_pnt < p_end) {
2245 /* If the ORF entry is malformed, want
2246 * to read as much of it
2247 * as possible without going beyond the
2248 * bounds of the entry,
2249 * to maximise debug information.
2250 */
2251 int ok;
6006b807 2252 memset(&orfp, 0, sizeof(orfp));
d62a17ae 2253 common = *p_pnt++;
2254 /* after ++: p_pnt <= p_end */
2255 if (common
2256 & ORF_COMMON_PART_REMOVE_ALL) {
2257 if (bgp_debug_neighbor_events(
2258 peer))
2259 zlog_debug(
f70c91dc
DA		 2260 "%pBP rcvd Remove-All pfxlist ORF request",
2261 peer);
d62a17ae 2262 prefix_bgp_orf_remove_all(afi,
2263 name);
2264 break;
2265 }
d7c0a89a
QY		 2266 ok = ((uint32_t)(p_end - p_pnt)
2267 >= sizeof(uint32_t));
d62a17ae 2268 if (ok) {
2269 memcpy(&seq, p_pnt,
d7c0a89a
QY		 2270 sizeof(uint32_t));
2271 p_pnt += sizeof(uint32_t);
d62a17ae 2272 orfp.seq = ntohl(seq);
2273 } else
2274 p_pnt = p_end;
2275
5ca840a3 2276 /* val checked in prefix_bgp_orf_set */
1bb379bf 2277 if (p_pnt < p_end)
5ca840a3
DS		 2278 orfp.ge = *p_pnt++;
2279
2280 /* val checked in prefix_bgp_orf_set */
1bb379bf 2281 if (p_pnt < p_end)
5ca840a3
DS		 2282 orfp.le = *p_pnt++;
2283
d62a17ae 2284 if ((ok = (p_pnt < p_end)))
2285 orfp.p.prefixlen = *p_pnt++;
5ca840a3
DS		 2286
2287 /* afi checked already */
2288 orfp.p.family = afi2family(afi);
2289
2290 /* 0 if not ok */
2291 psize = PSIZE(orfp.p.prefixlen);
2292 /* valid for family ? */
2293 if (psize > prefix_blen(&orfp.p)) {
d62a17ae 2294 ok = 0;
2295 psize = prefix_blen(&orfp.p);
2296 }
5ca840a3
DS		 2297 /* valid for packet ? */
2298 if (psize > (p_end - p_pnt)) {
d62a17ae 2299 ok = 0;
2300 psize = p_end - p_pnt;
2301 }
2302
2303 if (psize > 0)
2304 memcpy(&orfp.p.u.prefix, p_pnt,
2305 psize);
2306 p_pnt += psize;
2307
2308 if (bgp_debug_neighbor_events(peer)) {
2309 char buf[INET6_BUFSIZ];
2310
2311 zlog_debug(
f70c91dc
DA		 2312 "%pBP rcvd %s %s seq %u %s/%d ge %d le %d%s",
2313 peer,
d62a17ae 2314 (common & ORF_COMMON_PART_REMOVE
2315 ? "Remove"
2316 : "Add"),
2317 (common & ORF_COMMON_PART_DENY
2318 ? "deny"
2319 : "permit"),
2320 orfp.seq,
2321 inet_ntop(
2322 orfp.p.family,
2323 &orfp.p.u.prefix,
2324 buf,
2325 INET6_BUFSIZ),
2326 orfp.p.prefixlen,
2327 orfp.ge, orfp.le,
2328 ok ? "" : " MALFORMED");
2329 }
2330
2331 if (ok)
2332 ret = prefix_bgp_orf_set(
2333 name, afi, &orfp,
2334 (common & ORF_COMMON_PART_DENY
2335 ? 0
2336 : 1),
2337 (common & ORF_COMMON_PART_REMOVE
2338 ? 0
2339 : 1));
2340
2341 if (!ok || (ok && ret != CMD_SUCCESS)) {
2342 zlog_info(
f70c91dc
DA		 2343 "%pBP Received misformatted prefixlist ORF. Remove All pfxlist",
2344 peer);
d62a17ae 2345 prefix_bgp_orf_remove_all(afi,
2346 name);
2347 break;
2348 }
2349 }
2350
2351 peer->orf_plist[afi][safi] =
2352 prefix_bgp_orf_lookup(afi, name);
2353 }
2354 stream_forward_getp(s, orf_len);
718e3744 2355 }
d62a17ae 2356 if (bgp_debug_neighbor_events(peer))
f70c91dc 2357 zlog_debug("%pBP rcvd Refresh %s ORF request", peer,
d62a17ae 2358 when_to_refresh == REFRESH_DEFER
2359 ? "Defer"
2360 : "Immediate");
2361 if (when_to_refresh == REFRESH_DEFER)
d8151687 2362 return BGP_PACKET_NOOP;
d62a17ae 2363 }
40d2700d 2364
d62a17ae 2365 /* First update is deferred until ORF or ROUTE-REFRESH is received */
2366 if (CHECK_FLAG(peer->af_sflags[afi][safi],
2367 PEER_STATUS_ORF_WAIT_REFRESH))
2368 UNSET_FLAG(peer->af_sflags[afi][safi],
2369 PEER_STATUS_ORF_WAIT_REFRESH);
2370
2371 paf = peer_af_find(peer, afi, safi);
2372 if (paf && paf->subgroup) {
2373 if (peer->orf_plist[afi][safi]) {
2374 updgrp = PAF_UPDGRP(paf);
2375 updgrp_peer = UPDGRP_PEER(updgrp);
2376 updgrp_peer->orf_plist[afi][safi] =
2377 peer->orf_plist[afi][safi];
2378 }
2379
2adac256
DA		 2380 /* Avoid supressing duplicate routes later
2381 * when processing in subgroup_announce_table().
2382 */
e1a32ec1 2383 force_update = true;
2adac256 2384
d62a17ae 2385 /* If the peer is configured for default-originate clear the
2386 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
2387 * re-advertise the
2388 * default
2389 */
2390 if (CHECK_FLAG(paf->subgroup->sflags,
2391 SUBGRP_STATUS_DEFAULT_ORIGINATE))
2392 UNSET_FLAG(paf->subgroup->sflags,
2393 SUBGRP_STATUS_DEFAULT_ORIGINATE);
718e3744 2394 }
d62a17ae 2395
9af52ccf
DA		 2396 if (subtype == BGP_ROUTE_REFRESH_BORR) {
2397 /* A BGP speaker that has received the Graceful Restart
2398 * Capability from its neighbor MUST ignore any BoRRs for
2399 * an <AFI, SAFI> from the neighbor before the speaker
2400 * receives the EoR for the given <AFI, SAFI> from the
2401 * neighbor.
2402 */
2403 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)
2404 && !CHECK_FLAG(peer->af_sflags[afi][safi],
2405 PEER_STATUS_EOR_RECEIVED)) {
2406 if (bgp_debug_neighbor_events(peer))
2407 zlog_debug(
f70c91dc
DA		 2408 "%pBP rcvd route-refresh (BoRR) for %s/%s before EoR",
2409 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2410 return BGP_PACKET_NOOP;
2411 }
2412
2413 if (peer->t_refresh_stalepath) {
2414 if (bgp_debug_neighbor_events(peer))
2415 zlog_debug(
f70c91dc
DA		 2416 "%pBP rcvd route-refresh (BoRR) for %s/%s, whereas BoRR already received",
2417 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2418 return BGP_PACKET_NOOP;
2419 }
2420
2421 SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_BORR_RECEIVED);
2422 UNSET_FLAG(peer->af_sflags[afi][safi],
2423 PEER_STATUS_EORR_RECEIVED);
2424
2425 /* When a BGP speaker receives a BoRR message from
2426 * a peer, it MUST mark all the routes with the given
2427 * Address Family Identifier and Subsequent Address
2428 * Family Identifier, <AFI, SAFI> [RFC2918], from
2429 * that peer as stale.
2430 */
2431 if (peer_active_nego(peer)) {
2432 SET_FLAG(peer->af_sflags[afi][safi],
2433 PEER_STATUS_ENHANCED_REFRESH);
2434 bgp_set_stale_route(peer, afi, safi);
2435 }
2436
feb17238 2437 if (peer_established(peer))
9af52ccf
DA		 2438 thread_add_timer(bm->master,
2439 bgp_refresh_stalepath_timer_expire,
2440 paf, peer->bgp->stalepath_time,
2441 &peer->t_refresh_stalepath);
2442
2443 if (bgp_debug_neighbor_events(peer))
2444 zlog_debug(
f70c91dc
DA		 2445 "%pBP rcvd route-refresh (BoRR) for %s/%s, triggering timer for %u seconds",
2446 peer, afi2str(afi), safi2str(safi),
9af52ccf
DA		 2447 peer->bgp->stalepath_time);
2448 } else if (subtype == BGP_ROUTE_REFRESH_EORR) {
2449 if (!peer->t_refresh_stalepath) {
2450 zlog_err(
f70c91dc
DA		 2451 "%pBP rcvd route-refresh (EoRR) for %s/%s, whereas no BoRR received",
2452 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2453 return BGP_PACKET_NOOP;
2454 }
2455
2456 BGP_TIMER_OFF(peer->t_refresh_stalepath);
2457
2458 SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EORR_RECEIVED);
2459 UNSET_FLAG(peer->af_sflags[afi][safi],
2460 PEER_STATUS_BORR_RECEIVED);
2461
2462 if (bgp_debug_neighbor_events(peer))
2463 zlog_debug(
f70c91dc
DA		 2464 "%pBP rcvd route-refresh (EoRR) for %s/%s, stopping BoRR timer",
2465 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2466
2467 if (peer->nsf[afi][safi])
2468 bgp_clear_stale_route(peer, afi, safi);
2469 } else {
bcbeb3f9 2470 if (bgp_debug_neighbor_events(peer))
a7d91a8c 2471 zlog_debug(
f70c91dc
DA		 2472 "%pBP rcvd route-refresh (REQUEST) for %s/%s",
2473 peer, afi2str(afi), safi2str(safi));
bcbeb3f9 2474
9af52ccf
DA		 2475 /* In response to a "normal route refresh request" from the
2476 * peer, the speaker MUST send a BoRR message.
2477 */
2478 if (CHECK_FLAG(peer->cap, PEER_CAP_ENHANCED_RR_RCV)) {
2479 /* For a BGP speaker that supports the BGP Graceful
2480 * Restart, it MUST NOT send a BoRR for an <AFI, SAFI>
2481 * to a neighbor before it sends the EoR for the
2482 * <AFI, SAFI> to the neighbor.
2483 */
2484 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
2485 PEER_STATUS_EOR_SEND)) {
2486 if (bgp_debug_neighbor_events(peer))
2487 zlog_debug(
f70c91dc
DA		 2488 "%pBP rcvd route-refresh (REQUEST) for %s/%s before EoR",
2489 peer, afi2str(afi),
2490 safi2str(safi));
9af52ccf
DA		 2491 return BGP_PACKET_NOOP;
2492 }
2493
2494 bgp_route_refresh_send(peer, afi, safi, 0, 0, 0,
2495 BGP_ROUTE_REFRESH_BORR);
2496
2497 if (bgp_debug_neighbor_events(peer))
2498 zlog_debug(
f70c91dc
DA		 2499 "%pBP sending route-refresh (BoRR) for %s/%s",
2500 peer, afi2str(afi), safi2str(safi));
9af52ccf
DA		 2501
2502 /* Set flag Ready-To-Send to know when we can send EoRR
2503 * message.
2504 */
2505 SET_FLAG(peer->af_sflags[afi][safi],
2506 PEER_STATUS_BORR_SEND);
2507 UNSET_FLAG(peer->af_sflags[afi][safi],
2508 PEER_STATUS_EORR_SEND);
2509 }
2510 }
2511
d62a17ae 2512 /* Perform route refreshment to the peer */
e1a32ec1 2513 bgp_announce_route(peer, afi, safi, force_update);
d8151687
QY		 2514
2515 /* No FSM action necessary */
2516 return BGP_PACKET_NOOP;
718e3744 2517}
2518
d8151687
QY		 2519/**
2520 * Parse BGP CAPABILITY message for peer.
2521 *
2522 * @param peer
2523 * @param size size of the packet
2524 * @return as in summary
2525 */
d7c0a89a 2526static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
d62a17ae 2527 bgp_size_t length)
718e3744 2528{
d7c0a89a 2529 uint8_t *end;
d62a17ae 2530 struct capability_mp_data mpc;
2531 struct capability_header *hdr;
d7c0a89a 2532 uint8_t action;
d62a17ae 2533 iana_afi_t pkt_afi;
2534 afi_t afi;
5c525538
RW		 2535 iana_safi_t pkt_safi;
2536 safi_t safi;
d62a17ae 2537
2538 end = pnt + length;
2539
2540 while (pnt < end) {
2541 /* We need at least action, capability code and capability
2542 * length. */
2543 if (pnt + 3 > end) {
2544 zlog_info("%s Capability length error", peer->host);
0e35025e
DA		 2545 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2546 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2547 return BGP_Stop;
d62a17ae 2548 }
2549 action = *pnt;
2550 hdr = (struct capability_header *)(pnt + 1);
2551
2552 /* Action value check. */
2553 if (action != CAPABILITY_ACTION_SET
2554 && action != CAPABILITY_ACTION_UNSET) {
2555 zlog_info("%s Capability Action Value error %d",
2556 peer->host, action);
0e35025e
DA		 2557 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2558 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2559 return BGP_Stop;
d62a17ae 2560 }
2561
2562 if (bgp_debug_neighbor_events(peer))
2563 zlog_debug(
2564 "%s CAPABILITY has action: %d, code: %u, length %u",
2565 peer->host, action, hdr->code, hdr->length);
2566
2567 /* Capability length check. */
2568 if ((pnt + hdr->length + 3) > end) {
2569 zlog_info("%s Capability length error", peer->host);
0e35025e
DA		 2570 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2571 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
d8151687 2572 return BGP_Stop;
d62a17ae 2573 }
2574
2575 /* Fetch structure to the byte stream. */
2576 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
d2b6417b 2577 pnt += hdr->length + 3;
d62a17ae 2578
2579 /* We know MP Capability Code. */
2580 if (hdr->code == CAPABILITY_CODE_MP) {
2581 pkt_afi = ntohs(mpc.afi);
2582 pkt_safi = mpc.safi;
2583
2584 /* Ignore capability when override-capability is set. */
2585 if (CHECK_FLAG(peer->flags,
2586 PEER_FLAG_OVERRIDE_CAPABILITY))
2587 continue;
2588
2589 /* Convert AFI, SAFI to internal values. */
2590 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2591 &safi)) {
2592 if (bgp_debug_neighbor_events(peer))
2593 zlog_debug(
3efd0893 2594 "%s Dynamic Capability MP_EXT afi/safi invalid (%s/%s)",
748a041f
DS		 2595 peer->host,
2596 iana_afi2str(pkt_afi),
2597 iana_safi2str(pkt_safi));
d62a17ae 2598 continue;
2599 }
2600
2601 /* Address family check. */
2602 if (bgp_debug_neighbor_events(peer))
2603 zlog_debug(
c386cdd8 2604 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
d62a17ae 2605 peer->host,
2606 action == CAPABILITY_ACTION_SET
2607 ? "Advertising"
2608 : "Removing",
c386cdd8
DA		 2609 iana_afi2str(pkt_afi),
2610 iana_safi2str(pkt_safi));
d62a17ae 2611
2612 if (action == CAPABILITY_ACTION_SET) {
2613 peer->afc_recv[afi][safi] = 1;
2614 if (peer->afc[afi][safi]) {
2615 peer->afc_nego[afi][safi] = 1;
e1a32ec1
DS		 2616 bgp_announce_route(peer, afi, safi,
2617 false);
d62a17ae 2618 }
2619 } else {
2620 peer->afc_recv[afi][safi] = 0;
2621 peer->afc_nego[afi][safi] = 0;
2622
2623 if (peer_active_nego(peer))
2624 bgp_clear_route(peer, afi, safi);
2625 else
d8151687 2626 return BGP_Stop;
d62a17ae 2627 }
2628 } else {
ade6974d 2629 flog_warn(
e50f7cfd 2630 EC_BGP_UNRECOGNIZED_CAPABILITY,
ade6974d
QY		 2631 "%s unrecognized capability code: %d - ignored",
2632 peer->host, hdr->code);
d62a17ae 2633 }
d62a17ae 2634 }
d8151687
QY		 2635
2636 /* No FSM action necessary */
2637 return BGP_PACKET_NOOP;
718e3744 2638}
2639
d8151687
QY		 2640/**
2641 * Parse BGP CAPABILITY message for peer.
01b7ce2d 2642 *
d8151687
QY		 2643 * Exported for unit testing.
2644 *
2645 * @param peer
2646 * @param size size of the packet
2647 * @return as in summary
01b7ce2d 2648 */
d62a17ae 2649int bgp_capability_receive(struct peer *peer, bgp_size_t size)
718e3744 2650{
d7c0a89a 2651 uint8_t *pnt;
d62a17ae 2652
2653 /* Fetch pointer. */
424ab01d 2654 pnt = stream_pnt(peer->curr);
d62a17ae 2655
2656 if (bgp_debug_neighbor_events(peer))
2657 zlog_debug("%s rcv CAPABILITY", peer->host);
2658
2659 /* If peer does not have the capability, send notification. */
2660 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
e50f7cfd 2661 flog_err(EC_BGP_NO_CAP,
1c50c1c0
QY		 2662 "%s [Error] BGP dynamic capability is not enabled",
2663 peer->host);
d62a17ae 2664 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2665 BGP_NOTIFY_HEADER_BAD_MESTYPE);
d8151687 2666 return BGP_Stop;
d62a17ae 2667 }
2668
2669 /* Status must be Established. */
feb17238 2670 if (!peer_established(peer)) {
af4c2728 2671 flog_err(
e50f7cfd 2672 EC_BGP_NO_CAP,
d62a17ae 2673 "%s [Error] Dynamic capability packet received under status %s",
2674 peer->host,
2675 lookup_msg(bgp_status_msg, peer->status, NULL));
0e35025e 2676 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
3893aeee 2677 bgp_fsm_error_subcode(peer->status));
d8151687 2678 return BGP_Stop;
d62a17ae 2679 }
2680
2681 /* Parse packet. */
2682 return bgp_capability_msg_parse(peer, pnt, size);
718e3744 2683}
6b0655a2 2684
d8151687
QY		 2685/**
2686 * Processes a peer's input buffer.
2687 *
2688 * This function sidesteps the event loop and directly calls bgp_event_update()
2689 * after processing each BGP message. This is necessary to ensure proper
2690 * ordering of FSM events and unifies the behavior that was present previously,
2691 * whereby some of the packet handling functions would update the FSM and some
2692 * would not, making event flow difficult to understand. Please think twice
2693 * before hacking this.
2694 *
2695 * Thread type: THREAD_EVENT
2696 * @param thread
2697 * @return 0
2698 */
cc9f21da 2699void bgp_process_packet(struct thread *thread)
718e3744 2700{
424ab01d 2701 /* Yes first of all get peer pointer. */
d8151687
QY		 2702 struct peer *peer; // peer
2703 uint32_t rpkt_quanta_old; // how many packets to read
2704 int fsm_update_result; // return code of bgp_event_update()
2705 int mprc; // message processing return code
555e09d4 2706
424ab01d 2707 peer = THREAD_ARG(thread);
555e09d4
QY		 2708 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2709 memory_order_relaxed);
e3c7270d 2710 fsm_update_result = 0;
555e09d4 2711
424ab01d 2712 /* Guard against scheduled events that occur after peer deletion. */
9eb217ff 2713 if (peer->status == Deleted || peer->status == Clearing)
cc9f21da 2714 return;
718e3744 2715
555e09d4 2716 unsigned int processed = 0;
d62a17ae 2717
555e09d4 2718 while (processed < rpkt_quanta_old) {
d7c0a89a 2719 uint8_t type = 0;
9eb217ff
QY		 2720 bgp_size_t size;
2721 char notify_data_length[2];
d62a17ae 2722
00dffa8c 2723 frr_with_mutex(&peer->io_mtx) {
9eb217ff
QY		 2724 peer->curr = stream_fifo_pop(peer->ibuf);
2725 }
d62a17ae 2726
9eb217ff 2727 if (peer->curr == NULL) // no packets to process, hmm...
cc9f21da 2728 return;
d62a17ae 2729
9eb217ff
QY		 2730 /* skip the marker and copy the packet length */
2731 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2732 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2733
2734 /* read in the packet length and type */
2735 size = stream_getw(peer->curr);
2736 type = stream_getc(peer->curr);
2737
584470fb 2738 hook_call(bgp_packet_dump, peer, type, size, peer->curr);
9eb217ff
QY		 2739
2740 /* adjust size to exclude the marker + length + type */
2741 size -= BGP_HEADER_SIZE;
2742
2743 /* Read rest of the packet and call each sort of packet routine
2744 */
2745 switch (type) {
2746 case BGP_MSG_OPEN:
c7bb4f00 2747 frrtrace(2, frr_bgp, open_process, peer, size);
0112e9e0
QY		 2748 atomic_fetch_add_explicit(&peer->open_in, 1,
2749 memory_order_relaxed);
d8151687
QY		 2750 mprc = bgp_open_receive(peer, size);
2751 if (mprc == BGP_Stop)
af4c2728 2752 flog_err(
e50f7cfd 2753 EC_BGP_PKT_OPEN,
d8151687 2754 "%s: BGP OPEN receipt failed for peer: %s",
0767b4f3 2755 __func__, peer->host);
9eb217ff
QY		 2756 break;
2757 case BGP_MSG_UPDATE:
c7bb4f00 2758 frrtrace(2, frr_bgp, update_process, peer, size);
0112e9e0
QY		 2759 atomic_fetch_add_explicit(&peer->update_in, 1,
2760 memory_order_relaxed);
9eb217ff 2761 peer->readtime = monotime(NULL);
d8151687
QY		 2762 mprc = bgp_update_receive(peer, size);
2763 if (mprc == BGP_Stop)
af4c2728 2764 flog_err(
e50f7cfd 2765 EC_BGP_UPDATE_RCV,
d8151687 2766 "%s: BGP UPDATE receipt failed for peer: %s",
0767b4f3 2767 __func__, peer->host);
9eb217ff
QY		 2768 break;
2769 case BGP_MSG_NOTIFY:
c7bb4f00 2770 frrtrace(2, frr_bgp, notification_process, peer, size);
0112e9e0
QY		 2771 atomic_fetch_add_explicit(&peer->notify_in, 1,
2772 memory_order_relaxed);
d8151687
QY		 2773 mprc = bgp_notify_receive(peer, size);
2774 if (mprc == BGP_Stop)
af4c2728 2775 flog_err(
e50f7cfd 2776 EC_BGP_NOTIFY_RCV,
d8151687 2777 "%s: BGP NOTIFY receipt failed for peer: %s",
0767b4f3 2778 __func__, peer->host);
9eb217ff
QY		 2779 break;
2780 case BGP_MSG_KEEPALIVE:
c7bb4f00 2781 frrtrace(2, frr_bgp, keepalive_process, peer, size);
9eb217ff 2782 peer->readtime = monotime(NULL);
0112e9e0
QY		 2783 atomic_fetch_add_explicit(&peer->keepalive_in, 1,
2784 memory_order_relaxed);
d8151687
QY		 2785 mprc = bgp_keepalive_receive(peer, size);
2786 if (mprc == BGP_Stop)
af4c2728 2787 flog_err(
e50f7cfd 2788 EC_BGP_KEEP_RCV,
d8151687 2789 "%s: BGP KEEPALIVE receipt failed for peer: %s",
0767b4f3 2790 __func__, peer->host);
9eb217ff
QY		 2791 break;
2792 case BGP_MSG_ROUTE_REFRESH_NEW:
2793 case BGP_MSG_ROUTE_REFRESH_OLD:
c7bb4f00 2794 frrtrace(2, frr_bgp, refresh_process, peer, size);
0112e9e0
QY		 2795 atomic_fetch_add_explicit(&peer->refresh_in, 1,
2796 memory_order_relaxed);
d8151687
QY		 2797 mprc = bgp_route_refresh_receive(peer, size);
2798 if (mprc == BGP_Stop)
af4c2728 2799 flog_err(
e50f7cfd 2800 EC_BGP_RFSH_RCV,
d8151687 2801 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
0767b4f3 2802 __func__, peer->host);
9eb217ff
QY		 2803 break;
2804 case BGP_MSG_CAPABILITY:
c7bb4f00 2805 frrtrace(2, frr_bgp, capability_process, peer, size);
0112e9e0
QY		 2806 atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
2807 memory_order_relaxed);
d8151687
QY		 2808 mprc = bgp_capability_receive(peer, size);
2809 if (mprc == BGP_Stop)
af4c2728 2810 flog_err(
e50f7cfd 2811 EC_BGP_CAP_RCV,
d8151687 2812 "%s: BGP CAPABILITY receipt failed for peer: %s",
0767b4f3 2813 __func__, peer->host);
9eb217ff 2814 break;
e3c7270d 2815 default:
db878db0
QY		 2816 /* Suppress uninitialized variable warning */
2817 mprc = 0;
5041dc4f 2818 (void)mprc;
becedef6
QY		 2819 /*
2820 * The message type should have been sanitized before
2821 * we ever got here. Receipt of a message with an
2822 * invalid header at this point is indicative of a
2823 * security issue.
2824 */
e3c7270d 2825 assert (!"Message of invalid type received during input processing");
9eb217ff
QY		 2826 }
2827
d8151687
QY		 2828 /* delete processed packet */
2829 stream_free(peer->curr);
2830 peer->curr = NULL;
2831 processed++;
9eb217ff 2832
d8151687
QY		 2833 /* Update FSM */
2834 if (mprc != BGP_PACKET_NOOP)
2835 fsm_update_result = bgp_event_update(peer, mprc);
e3c7270d
QY		 2836 else
2837 continue;
d8151687 2838
becedef6
QY		 2839 /*
2840 * If peer was deleted, do not process any more packets. This
2841 * is usually due to executing BGP_Stop or a stub deletion.
2842 */
d8151687
QY		 2843 if (fsm_update_result == FSM_PEER_TRANSFERRED
2844 || fsm_update_result == FSM_PEER_STOPPED)
2845 break;
d62a17ae 2846 }
2847
d8151687
QY		 2848 if (fsm_update_result != FSM_PEER_TRANSFERRED
2849 && fsm_update_result != FSM_PEER_STOPPED) {
00dffa8c 2850 frr_with_mutex(&peer->io_mtx) {
becedef6
QY		 2851 // more work to do, come back later
2852 if (peer->ibuf->count > 0)
e0d550df 2853 thread_add_event(
4af76660
QY		 2854 bm->master, bgp_process_packet, peer, 0,
2855 &peer->t_process_packet);
d8151687 2856 }
718e3744 2857 }
718e3744 2858}
9e3b51a7 2859
2860/* Send EOR when routes are processed by selection deferral timer */
2861void bgp_send_delayed_eor(struct bgp *bgp)
2862{
2863 struct peer *peer;
2864 struct listnode *node, *nnode;
2865
2866 /* EOR message sent in bgp_write_proceed_actions */
2867 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer))
2868 bgp_write_proceed_actions(peer);
2869}
6af96fa3
MS		 2870
2871/*
2872 * Task callback to handle socket error encountered in the io pthread. We avoid
2873 * having the io pthread try to enqueue fsm events or mess with the peer
2874 * struct.
2875 */
cc9f21da 2876void bgp_packet_process_error(struct thread *thread)
6af96fa3
MS		 2877{
2878 struct peer *peer;
2879 int code;
2880
2881 peer = THREAD_ARG(thread);
2882 code = THREAD_VAL(thread);
2883
2884 if (bgp_debug_neighbor_events(peer))
2885 zlog_debug("%s [Event] BGP error %d on fd %d",
046bb347 2886 peer->host, code, peer->fd);
6af96fa3
MS		 2887
2888 /* Closed connection or error on the socket */
feb17238 2889 if (peer_established(peer)) {
6af96fa3
MS		 2890 if ((CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART)
2891 || CHECK_FLAG(peer->flags,
2892 PEER_FLAG_GRACEFUL_RESTART_HELPER))
2893 && CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE)) {
2894 peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
2895 SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT);
2896 } else
2897 peer->last_reset = PEER_DOWN_CLOSE_SESSION;
2898 }
2899
2900 bgp_event_update(peer, code);
6af96fa3 2901}
FRRouting mirror