]>
Commit | Line | Data |
---|---|---|
718e3744 | 1 | /* BGP packet management routine. |
56257a44 QY |
2 | * Contains utility functions for constructing and consuming BGP messages. |
3 | * Copyright (C) 2017 Cumulus Networks | |
896014f4 DL |
4 | * Copyright (C) 1999 Kunihiro Ishiguro |
5 | * | |
6 | * This file is part of GNU Zebra. | |
7 | * | |
8 | * GNU Zebra is free software; you can redistribute it and/or modify it | |
9 | * under the terms of the GNU General Public License as published by the | |
10 | * Free Software Foundation; either version 2, or (at your option) any | |
11 | * later version. | |
12 | * | |
13 | * GNU Zebra is distributed in the hope that it will be useful, but | |
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
16 | * General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License along | |
19 | * with this program; see the file COPYING; if not, write to the Free Software | |
20 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
21 | */ | |
718e3744 | 22 | |
23 | #include <zebra.h> | |
d3ecc69e | 24 | #include <sys/time.h> |
718e3744 | 25 | |
26 | #include "thread.h" | |
27 | #include "stream.h" | |
28 | #include "network.h" | |
29 | #include "prefix.h" | |
30 | #include "command.h" | |
31 | #include "log.h" | |
32 | #include "memory.h" | |
d62a17ae | 33 | #include "sockunion.h" /* for inet_ntop () */ |
baa376fc | 34 | #include "sockopt.h" |
718e3744 | 35 | #include "linklist.h" |
36 | #include "plist.h" | |
3f9c7369 | 37 | #include "queue.h" |
039f3a34 | 38 | #include "filter.h" |
718e3744 | 39 | |
40 | #include "bgpd/bgpd.h" | |
41 | #include "bgpd/bgp_table.h" | |
42 | #include "bgpd/bgp_dump.h" | |
43 | #include "bgpd/bgp_attr.h" | |
44 | #include "bgpd/bgp_debug.h" | |
45 | #include "bgpd/bgp_fsm.h" | |
46 | #include "bgpd/bgp_route.h" | |
47 | #include "bgpd/bgp_packet.h" | |
48 | #include "bgpd/bgp_open.h" | |
49 | #include "bgpd/bgp_aspath.h" | |
50 | #include "bgpd/bgp_community.h" | |
51 | #include "bgpd/bgp_ecommunity.h" | |
57d187bc | 52 | #include "bgpd/bgp_lcommunity.h" |
718e3744 | 53 | #include "bgpd/bgp_network.h" |
54 | #include "bgpd/bgp_mplsvpn.h" | |
7ef5a232 | 55 | #include "bgpd/bgp_evpn.h" |
718e3744 | 56 | #include "bgpd/bgp_advertise.h" |
93406d87 | 57 | #include "bgpd/bgp_vty.h" |
3f9c7369 | 58 | #include "bgpd/bgp_updgrp.h" |
cd1964ff | 59 | #include "bgpd/bgp_label.h" |
56257a44 | 60 | #include "bgpd/bgp_io.h" |
718e3744 | 61 | |
d8151687 QY |
62 | /** |
63 | * Sets marker and type fields for a BGP message. | |
64 | * | |
65 | * @param s the stream containing the packet | |
66 | * @param type the packet type | |
67 | * @return the size of the stream | |
68 | */ | |
d62a17ae | 69 | int bgp_packet_set_marker(struct stream *s, u_char type) |
718e3744 | 70 | { |
d62a17ae | 71 | int i; |
718e3744 | 72 | |
d62a17ae | 73 | /* Fill in marker. */ |
74 | for (i = 0; i < BGP_MARKER_SIZE; i++) | |
75 | stream_putc(s, 0xff); | |
718e3744 | 76 | |
d62a17ae | 77 | /* Dummy total length. This field is should be filled in later on. */ |
78 | stream_putw(s, 0); | |
718e3744 | 79 | |
d62a17ae | 80 | /* BGP packet type. */ |
81 | stream_putc(s, type); | |
718e3744 | 82 | |
d62a17ae | 83 | /* Return current stream size. */ |
84 | return stream_get_endp(s); | |
718e3744 | 85 | } |
86 | ||
d8151687 QY |
87 | /** |
88 | * Sets size field for a BGP message. | |
89 | * | |
90 | * Size field is set to the size of the stream passed. | |
91 | * | |
92 | * @param s the stream containing the packet | |
93 | * @return the size of the stream | |
94 | */ | |
d62a17ae | 95 | int bgp_packet_set_size(struct stream *s) |
718e3744 | 96 | { |
d62a17ae | 97 | int cp; |
718e3744 | 98 | |
d62a17ae | 99 | /* Preserve current pointer. */ |
100 | cp = stream_get_endp(s); | |
101 | stream_putw_at(s, BGP_MARKER_SIZE, cp); | |
718e3744 | 102 | |
d62a17ae | 103 | return cp; |
718e3744 | 104 | } |
105 | ||
d3ecc69e QY |
106 | /* |
107 | * Push a packet onto the beginning of the peer's output queue. | |
108 | * This function acquires the peer's write mutex before proceeding. | |
109 | */ | |
110 | static void bgp_packet_add(struct peer *peer, struct stream *s) | |
111 | { | |
424ab01d | 112 | pthread_mutex_lock(&peer->io_mtx); |
56257a44 | 113 | stream_fifo_push(peer->obuf, s); |
424ab01d | 114 | pthread_mutex_unlock(&peer->io_mtx); |
718e3744 | 115 | } |
116 | ||
d62a17ae | 117 | static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi, |
118 | safi_t safi) | |
93406d87 | 119 | { |
d62a17ae | 120 | struct stream *s; |
121 | iana_afi_t pkt_afi; | |
5c525538 | 122 | iana_safi_t pkt_safi; |
d62a17ae | 123 | |
124 | if (DISABLE_BGP_ANNOUNCE) | |
125 | return NULL; | |
126 | ||
127 | if (bgp_debug_neighbor_events(peer)) | |
128 | zlog_debug("send End-of-RIB for %s to %s", | |
129 | afi_safi_print(afi, safi), peer->host); | |
130 | ||
131 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
132 | ||
133 | /* Make BGP update packet. */ | |
134 | bgp_packet_set_marker(s, BGP_MSG_UPDATE); | |
135 | ||
136 | /* Unfeasible Routes Length */ | |
137 | stream_putw(s, 0); | |
138 | ||
139 | if (afi == AFI_IP && safi == SAFI_UNICAST) { | |
140 | /* Total Path Attribute Length */ | |
141 | stream_putw(s, 0); | |
142 | } else { | |
143 | /* Convert AFI, SAFI to values for packet. */ | |
144 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
145 | ||
146 | /* Total Path Attribute Length */ | |
147 | stream_putw(s, 6); | |
148 | stream_putc(s, BGP_ATTR_FLAG_OPTIONAL); | |
149 | stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI); | |
150 | stream_putc(s, 3); | |
151 | stream_putw(s, pkt_afi); | |
152 | stream_putc(s, pkt_safi); | |
153 | } | |
154 | ||
155 | bgp_packet_set_size(s); | |
d62a17ae | 156 | return s; |
718e3744 | 157 | } |
158 | ||
d8151687 QY |
159 | /* Called when there is a change in the EOR(implicit or explicit) status of a |
160 | * peer. Ends the update-delay if all expected peers are done with EORs. */ | |
161 | void bgp_check_update_delay(struct bgp *bgp) | |
162 | { | |
163 | struct listnode *node, *nnode; | |
164 | struct peer *peer = NULL; | |
165 | ||
166 | if (bgp_debug_neighbor_events(peer)) | |
167 | zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d", | |
168 | bgp->established, bgp->restarted_peers, | |
169 | bgp->implicit_eors, bgp->explicit_eors); | |
170 | ||
171 | if (bgp->established | |
172 | <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) { | |
173 | /* This is an extra sanity check to make sure we wait for all | |
174 | the | |
175 | eligible configured peers. This check is performed if | |
176 | establish wait | |
177 | timer is on, or establish wait option is not given with the | |
178 | update-delay command */ | |
179 | if (bgp->t_establish_wait | |
180 | || (bgp->v_establish_wait == bgp->v_update_delay)) | |
181 | for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) { | |
182 | if (CHECK_FLAG(peer->flags, | |
183 | PEER_FLAG_CONFIG_NODE) | |
184 | && !CHECK_FLAG(peer->flags, | |
185 | PEER_FLAG_SHUTDOWN) | |
186 | && !peer->update_delay_over) { | |
187 | if (bgp_debug_neighbor_events(peer)) | |
188 | zlog_debug( | |
189 | " Peer %s pending, continuing read-only mode", | |
190 | peer->host); | |
191 | return; | |
192 | } | |
193 | } | |
194 | ||
195 | zlog_info( | |
196 | "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d", | |
197 | bgp->restarted_peers, bgp->implicit_eors, | |
198 | bgp->explicit_eors); | |
199 | bgp_update_delay_end(bgp); | |
200 | } | |
201 | } | |
202 | ||
203 | /* Called if peer is known to have restarted. The restart-state bit in | |
204 | Graceful-Restart capability is used for that */ | |
205 | void bgp_update_restarted_peers(struct peer *peer) | |
206 | { | |
207 | if (!bgp_update_delay_active(peer->bgp)) | |
208 | return; /* BGP update delay has ended */ | |
209 | if (peer->update_delay_over) | |
210 | return; /* This peer has already been considered */ | |
211 | ||
212 | if (bgp_debug_neighbor_events(peer)) | |
213 | zlog_debug("Peer %s: Checking restarted", peer->host); | |
214 | ||
215 | if (peer->status == Established) { | |
216 | peer->update_delay_over = 1; | |
217 | peer->bgp->restarted_peers++; | |
218 | bgp_check_update_delay(peer->bgp); | |
219 | } | |
220 | } | |
221 | ||
222 | /* Called as peer receives a keep-alive. Determines if this occurence can be | |
223 | taken as an implicit EOR for this peer. | |
224 | NOTE: The very first keep-alive after the Established state of a peer is | |
225 | considered implicit EOR for the update-delay purposes */ | |
226 | void bgp_update_implicit_eors(struct peer *peer) | |
227 | { | |
228 | if (!bgp_update_delay_active(peer->bgp)) | |
229 | return; /* BGP update delay has ended */ | |
230 | if (peer->update_delay_over) | |
231 | return; /* This peer has already been considered */ | |
232 | ||
233 | if (bgp_debug_neighbor_events(peer)) | |
234 | zlog_debug("Peer %s: Checking implicit EORs", peer->host); | |
235 | ||
236 | if (peer->status == Established) { | |
237 | peer->update_delay_over = 1; | |
238 | peer->bgp->implicit_eors++; | |
239 | bgp_check_update_delay(peer->bgp); | |
240 | } | |
241 | } | |
242 | ||
243 | /* Should be called only when there is a change in the EOR_RECEIVED status | |
244 | for any afi/safi on a peer */ | |
245 | static void bgp_update_explicit_eors(struct peer *peer) | |
246 | { | |
247 | afi_t afi; | |
248 | safi_t safi; | |
249 | ||
250 | if (!bgp_update_delay_active(peer->bgp)) | |
251 | return; /* BGP update delay has ended */ | |
252 | if (peer->update_delay_over) | |
253 | return; /* This peer has already been considered */ | |
254 | ||
255 | if (bgp_debug_neighbor_events(peer)) | |
256 | zlog_debug("Peer %s: Checking explicit EORs", peer->host); | |
257 | ||
258 | for (afi = AFI_IP; afi < AFI_MAX; afi++) | |
259 | for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) { | |
260 | if (peer->afc_nego[afi][safi] | |
261 | && !CHECK_FLAG(peer->af_sflags[afi][safi], | |
262 | PEER_STATUS_EOR_RECEIVED)) { | |
263 | if (bgp_debug_neighbor_events(peer)) | |
264 | zlog_debug( | |
265 | " afi %d safi %d didnt receive EOR", | |
266 | afi, safi); | |
267 | return; | |
268 | } | |
269 | } | |
270 | ||
271 | peer->update_delay_over = 1; | |
272 | peer->bgp->explicit_eors++; | |
273 | bgp_check_update_delay(peer->bgp); | |
274 | } | |
275 | ||
276 | /** | |
277 | * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers. | |
278 | * | |
279 | * mp_withdraw, if set, is used to nullify attr structure on most of the | |
280 | * calling safi function and for evpn, passed as parameter | |
281 | */ | |
282 | int bgp_nlri_parse(struct peer *peer, struct attr *attr, | |
283 | struct bgp_nlri *packet, int mp_withdraw) | |
284 | { | |
285 | switch (packet->safi) { | |
286 | case SAFI_UNICAST: | |
287 | case SAFI_MULTICAST: | |
288 | return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr, | |
289 | packet); | |
290 | case SAFI_LABELED_UNICAST: | |
291 | return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr, | |
292 | packet); | |
293 | case SAFI_MPLS_VPN: | |
294 | return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr, | |
295 | packet); | |
296 | case SAFI_EVPN: | |
297 | return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw); | |
298 | } | |
299 | return -1; | |
300 | } | |
301 | ||
56257a44 QY |
302 | /* |
303 | * Enqueue onto the peer's output buffer any packets which are pending for the | |
304 | * update group it is a member of. | |
305 | * | |
306 | * XXX: Severely needs performance work. | |
307 | */ | |
308 | int bgp_generate_updgrp_packets(struct thread *thread) | |
718e3744 | 309 | { |
56257a44 | 310 | struct peer *peer = THREAD_ARG(thread); |
56257a44 QY |
311 | |
312 | struct stream *s; | |
d62a17ae | 313 | struct peer_af *paf; |
314 | struct bpacket *next_pkt; | |
315 | afi_t afi; | |
316 | safi_t safi; | |
317 | ||
d62a17ae | 318 | /* |
319 | * The code beyond this part deals with update packets, proceed only | |
320 | * if peer is Established and updates are not on hold (as part of | |
321 | * update-delay post processing). | |
3f9c7369 | 322 | */ |
d62a17ae | 323 | if (peer->status != Established) |
56257a44 | 324 | return 0; |
d62a17ae | 325 | |
326 | if (peer->bgp && peer->bgp->main_peers_update_hold) | |
56257a44 | 327 | return 0; |
d62a17ae | 328 | |
56257a44 QY |
329 | do { |
330 | s = NULL; | |
331 | for (afi = AFI_IP; afi < AFI_MAX; afi++) | |
332 | for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) { | |
333 | paf = peer_af_find(peer, afi, safi); | |
334 | if (!paf || !PAF_SUBGRP(paf)) | |
335 | continue; | |
80bd61c4 | 336 | next_pkt = paf->next_pkt_to_send; |
80bd61c4 | 337 | |
56257a44 QY |
338 | /* Try to generate a packet for the peer if we |
339 | * are at the end of | |
340 | * the list. Always try to push out WITHDRAWs | |
341 | * first. */ | |
342 | if (!next_pkt || !next_pkt->buffer) { | |
343 | next_pkt = subgroup_withdraw_packet( | |
344 | PAF_SUBGRP(paf)); | |
345 | if (!next_pkt || !next_pkt->buffer) | |
346 | subgroup_update_packet( | |
347 | PAF_SUBGRP(paf)); | |
348 | next_pkt = paf->next_pkt_to_send; | |
349 | } | |
80bd61c4 | 350 | |
56257a44 QY |
351 | /* If we still don't have a packet to send to |
352 | * the peer, then | |
353 | * try to find out out if we have to send eor or | |
354 | * if not, skip to | |
355 | * the next AFI, SAFI. | |
356 | * Don't send the EOR prematurely... if the | |
357 | * subgroup's coalesce | |
358 | * timer is running, the adjacency-out structure | |
359 | * is not created | |
360 | * yet. | |
361 | */ | |
362 | if (!next_pkt || !next_pkt->buffer) { | |
363 | if (CHECK_FLAG(peer->cap, | |
364 | PEER_CAP_RESTART_RCV)) { | |
365 | if (!(PAF_SUBGRP(paf)) | |
366 | ->t_coalesce | |
367 | && peer->afc_nego[afi][safi] | |
368 | && peer->synctime | |
369 | && !CHECK_FLAG( | |
370 | peer->af_sflags | |
371 | [afi] | |
372 | [safi], | |
373 | PEER_STATUS_EOR_SEND)) { | |
374 | SET_FLAG( | |
375 | peer->af_sflags | |
376 | [afi] | |
377 | [safi], | |
378 | PEER_STATUS_EOR_SEND); | |
379 | ||
380 | if ((s = bgp_update_packet_eor( | |
381 | peer, afi, | |
424ab01d | 382 | safi))) { |
56257a44 QY |
383 | bgp_packet_add( |
384 | peer, | |
385 | s); | |
424ab01d QY |
386 | bgp_writes_on( |
387 | peer); | |
388 | } | |
56257a44 | 389 | } |
80bd61c4 | 390 | } |
56257a44 | 391 | continue; |
d62a17ae | 392 | } |
d62a17ae | 393 | |
718e3744 | 394 | |
56257a44 QY |
395 | /* Found a packet template to send, overwrite |
396 | * packet with appropriate | |
397 | * attributes from peer and advance peer */ | |
398 | s = bpacket_reformat_for_peer(next_pkt, paf); | |
399 | bgp_packet_add(peer, s); | |
424ab01d | 400 | bgp_writes_on(peer); |
56257a44 QY |
401 | bpacket_queue_advance_peer(paf); |
402 | } | |
403 | } while (s); | |
80bd61c4 | 404 | |
80bd61c4 QY |
405 | return 0; |
406 | } | |
407 | ||
d3ecc69e QY |
408 | /* |
409 | * Creates a BGP Keepalive packet and appends it to the peer's output queue. | |
410 | */ | |
d62a17ae | 411 | void bgp_keepalive_send(struct peer *peer) |
718e3744 | 412 | { |
d62a17ae | 413 | struct stream *s; |
414 | ||
415 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
718e3744 | 416 | |
d62a17ae | 417 | /* Make keepalive packet. */ |
418 | bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE); | |
718e3744 | 419 | |
d62a17ae | 420 | /* Set packet size. */ |
421 | (void)bgp_packet_set_size(s); | |
718e3744 | 422 | |
d62a17ae | 423 | /* Dump packet if debug option is set. */ |
424 | /* bgp_packet_dump (s); */ | |
718e3744 | 425 | |
d62a17ae | 426 | if (bgp_debug_keepalive(peer)) |
427 | zlog_debug("%s sending KEEPALIVE", peer->host); | |
718e3744 | 428 | |
d62a17ae | 429 | /* Add packet to the peer. */ |
430 | bgp_packet_add(peer, s); | |
424ab01d QY |
431 | |
432 | bgp_writes_on(peer); | |
718e3744 | 433 | } |
434 | ||
d3ecc69e QY |
435 | /* |
436 | * Creates a BGP Open packet and appends it to the peer's output queue. | |
437 | * Sets capabilities as necessary. | |
438 | */ | |
d62a17ae | 439 | void bgp_open_send(struct peer *peer) |
718e3744 | 440 | { |
d62a17ae | 441 | struct stream *s; |
442 | u_int16_t send_holdtime; | |
443 | as_t local_as; | |
718e3744 | 444 | |
d25e4efc | 445 | if (PEER_OR_GROUP_TIMER_SET(peer)) |
d62a17ae | 446 | send_holdtime = peer->holdtime; |
447 | else | |
448 | send_holdtime = peer->bgp->default_holdtime; | |
718e3744 | 449 | |
d62a17ae | 450 | /* local-as Change */ |
451 | if (peer->change_local_as) | |
452 | local_as = peer->change_local_as; | |
453 | else | |
454 | local_as = peer->local_as; | |
718e3744 | 455 | |
d62a17ae | 456 | s = stream_new(BGP_MAX_PACKET_SIZE); |
718e3744 | 457 | |
d62a17ae | 458 | /* Make open packet. */ |
459 | bgp_packet_set_marker(s, BGP_MSG_OPEN); | |
718e3744 | 460 | |
d62a17ae | 461 | /* Set open packet values. */ |
462 | stream_putc(s, BGP_VERSION_4); /* BGP version */ | |
9d303b37 DL |
463 | stream_putw(s, |
464 | (local_as <= BGP_AS_MAX) ? (u_int16_t)local_as | |
465 | : BGP_AS_TRANS); | |
d62a17ae | 466 | stream_putw(s, send_holdtime); /* Hold Time */ |
467 | stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */ | |
718e3744 | 468 | |
d62a17ae | 469 | /* Set capability code. */ |
470 | bgp_open_capability(s, peer); | |
718e3744 | 471 | |
d62a17ae | 472 | /* Set BGP packet length. */ |
473 | (void)bgp_packet_set_size(s); | |
718e3744 | 474 | |
d62a17ae | 475 | if (bgp_debug_neighbor_events(peer)) |
476 | zlog_debug( | |
477 | "%s sending OPEN, version %d, my as %u, holdtime %d, id %s", | |
478 | peer->host, BGP_VERSION_4, local_as, send_holdtime, | |
479 | inet_ntoa(peer->local_id)); | |
718e3744 | 480 | |
d62a17ae | 481 | /* Dump packet if debug option is set. */ |
482 | /* bgp_packet_dump (s); */ | |
718e3744 | 483 | |
d62a17ae | 484 | /* Add packet to the peer. */ |
485 | bgp_packet_add(peer, s); | |
424ab01d QY |
486 | |
487 | bgp_writes_on(peer); | |
488 | } | |
489 | ||
490 | /* This is only for sending NOTIFICATION message to neighbor. */ | |
491 | static int bgp_write_notify(struct peer *peer) | |
492 | { | |
493 | int ret, val; | |
494 | u_char type; | |
495 | struct stream *s; | |
496 | ||
497 | pthread_mutex_lock(&peer->io_mtx); | |
498 | { | |
499 | /* There should be at least one packet. */ | |
500 | s = stream_fifo_pop(peer->obuf); | |
501 | if (!s) | |
502 | return 0; | |
503 | assert(stream_get_endp(s) >= BGP_HEADER_SIZE); | |
504 | } | |
505 | pthread_mutex_unlock(&peer->io_mtx); | |
506 | ||
507 | /* Stop collecting data within the socket */ | |
508 | sockopt_cork(peer->fd, 0); | |
509 | ||
510 | /* socket is in nonblocking mode, if we can't deliver the NOTIFY, well, | |
511 | * we only care about getting a clean shutdown at this point. */ | |
512 | ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s)); | |
513 | ||
514 | /* only connection reset/close gets counted as TCP_fatal_error, failure | |
515 | * to write the entire NOTIFY doesn't get different FSM treatment */ | |
516 | if (ret <= 0) { | |
3735936b | 517 | stream_free(s); |
424ab01d QY |
518 | BGP_EVENT_ADD(peer, TCP_fatal_error); |
519 | return 0; | |
520 | } | |
521 | ||
522 | /* Disable Nagle, make NOTIFY packet go out right away */ | |
523 | val = 1; | |
524 | (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, | |
525 | sizeof(val)); | |
526 | ||
527 | /* Retrieve BGP packet type. */ | |
528 | stream_set_getp(s, BGP_MARKER_SIZE + 2); | |
529 | type = stream_getc(s); | |
530 | ||
531 | assert(type == BGP_MSG_NOTIFY); | |
532 | ||
533 | /* Type should be notify. */ | |
534 | peer->notify_out++; | |
535 | ||
536 | /* Double start timer. */ | |
537 | peer->v_start *= 2; | |
538 | ||
539 | /* Overflow check. */ | |
540 | if (peer->v_start >= (60 * 2)) | |
541 | peer->v_start = (60 * 2); | |
542 | ||
543 | /* Handle Graceful Restart case where the state changes to | |
544 | Connect instead of Idle */ | |
545 | BGP_EVENT_ADD(peer, BGP_Stop); | |
546 | ||
3735936b QY |
547 | stream_free(s); |
548 | ||
424ab01d | 549 | return 0; |
718e3744 | 550 | } |
551 | ||
d3ecc69e QY |
552 | /* |
553 | * Creates a BGP Notify and appends it to the peer's output queue. | |
554 | * | |
555 | * This function awakens the write thread to ensure the packet | |
556 | * gets out ASAP. | |
557 | * | |
558 | * @param peer | |
559 | * @param code BGP error code | |
560 | * @param sub_code BGP error subcode | |
561 | * @param data Data portion | |
562 | * @param datalen length of data portion | |
563 | */ | |
d62a17ae | 564 | void bgp_notify_send_with_data(struct peer *peer, u_char code, u_char sub_code, |
565 | u_char *data, size_t datalen) | |
718e3744 | 566 | { |
d62a17ae | 567 | struct stream *s; |
568 | int length; | |
569 | ||
570 | /* Allocate new stream. */ | |
571 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
572 | ||
d3ecc69e | 573 | /* Make notify packet. */ |
d62a17ae | 574 | bgp_packet_set_marker(s, BGP_MSG_NOTIFY); |
575 | ||
576 | /* Set notify packet values. */ | |
577 | stream_putc(s, code); /* BGP notify code */ | |
578 | stream_putc(s, sub_code); /* BGP notify sub_code */ | |
579 | ||
580 | /* If notify data is present. */ | |
581 | if (data) | |
582 | stream_write(s, data, datalen); | |
583 | ||
584 | /* Set BGP packet length. */ | |
585 | length = bgp_packet_set_size(s); | |
586 | ||
424ab01d QY |
587 | /* wipe output buffer */ |
588 | pthread_mutex_lock(&peer->io_mtx); | |
589 | { | |
590 | stream_fifo_clean(peer->obuf); | |
591 | } | |
592 | pthread_mutex_unlock(&peer->io_mtx); | |
d62a17ae | 593 | |
d8151687 QY |
594 | /* If possible, store last packet for debugging purposes. This check is |
595 | * in | |
596 | * place because we are sometimes called with a doppelganger peer, who | |
597 | * tends | |
598 | * to have a plethora of fields nulled out. */ | |
599 | if (peer->curr && peer->last_reset_cause_size) { | |
600 | size_t packetsize = stream_get_endp(peer->curr); | |
601 | assert(packetsize <= peer->last_reset_cause_size); | |
602 | memcpy(peer->last_reset_cause, peer->curr->data, packetsize); | |
603 | peer->last_reset_cause_size = packetsize; | |
604 | } | |
605 | ||
d62a17ae | 606 | /* For debug */ |
607 | { | |
608 | struct bgp_notify bgp_notify; | |
609 | int first = 0; | |
610 | int i; | |
611 | char c[4]; | |
612 | ||
613 | bgp_notify.code = code; | |
614 | bgp_notify.subcode = sub_code; | |
615 | bgp_notify.data = NULL; | |
616 | bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE; | |
617 | bgp_notify.raw_data = data; | |
618 | ||
619 | peer->notify.code = bgp_notify.code; | |
620 | peer->notify.subcode = bgp_notify.subcode; | |
621 | ||
622 | if (bgp_notify.length) { | |
623 | bgp_notify.data = | |
624 | XMALLOC(MTYPE_TMP, bgp_notify.length * 3); | |
625 | for (i = 0; i < bgp_notify.length; i++) | |
626 | if (first) { | |
627 | sprintf(c, " %02x", data[i]); | |
628 | strcat(bgp_notify.data, c); | |
629 | } else { | |
630 | first = 1; | |
631 | sprintf(c, "%02x", data[i]); | |
632 | strcpy(bgp_notify.data, c); | |
633 | } | |
634 | } | |
635 | bgp_notify_print(peer, &bgp_notify, "sending"); | |
636 | ||
637 | if (bgp_notify.data) { | |
638 | XFREE(MTYPE_TMP, bgp_notify.data); | |
639 | bgp_notify.data = NULL; | |
640 | bgp_notify.length = 0; | |
641 | } | |
642 | } | |
643 | ||
644 | /* peer reset cause */ | |
645 | if (code == BGP_NOTIFY_CEASE) { | |
646 | if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET) | |
647 | peer->last_reset = PEER_DOWN_USER_RESET; | |
648 | else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN) | |
649 | peer->last_reset = PEER_DOWN_USER_SHUTDOWN; | |
650 | else | |
651 | peer->last_reset = PEER_DOWN_NOTIFY_SEND; | |
652 | } else | |
653 | peer->last_reset = PEER_DOWN_NOTIFY_SEND; | |
654 | ||
d3ecc69e QY |
655 | /* Add packet to peer's output queue */ |
656 | bgp_packet_add(peer, s); | |
424ab01d QY |
657 | |
658 | bgp_write_notify(peer); | |
718e3744 | 659 | } |
660 | ||
d3ecc69e QY |
661 | /* |
662 | * Creates a BGP Notify and appends it to the peer's output queue. | |
663 | * | |
664 | * This function awakens the write thread to ensure the packet | |
665 | * gets out ASAP. | |
666 | * | |
667 | * @param peer | |
668 | * @param code BGP error code | |
669 | * @param sub_code BGP error subcode | |
670 | */ | |
d62a17ae | 671 | void bgp_notify_send(struct peer *peer, u_char code, u_char sub_code) |
718e3744 | 672 | { |
d62a17ae | 673 | bgp_notify_send_with_data(peer, code, sub_code, NULL, 0); |
718e3744 | 674 | } |
675 | ||
d3ecc69e QY |
676 | /* |
677 | * Creates BGP Route Refresh packet and appends it to the peer's output queue. | |
678 | * | |
679 | * @param peer | |
680 | * @param afi Address Family Identifier | |
681 | * @param safi Subsequent Address Family Identifier | |
682 | * @param orf_type Outbound Route Filtering type | |
683 | * @param when_to_refresh Whether to refresh immediately or defer | |
684 | * @param remove Whether to remove ORF for specified AFI/SAFI | |
685 | */ | |
d62a17ae | 686 | void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi, |
687 | u_char orf_type, u_char when_to_refresh, int remove) | |
718e3744 | 688 | { |
d62a17ae | 689 | struct stream *s; |
690 | struct bgp_filter *filter; | |
691 | int orf_refresh = 0; | |
692 | iana_afi_t pkt_afi; | |
5c525538 | 693 | iana_safi_t pkt_safi; |
d62a17ae | 694 | |
695 | if (DISABLE_BGP_ANNOUNCE) | |
696 | return; | |
697 | ||
698 | filter = &peer->filter[afi][safi]; | |
699 | ||
700 | /* Convert AFI, SAFI to values for packet. */ | |
701 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
702 | ||
703 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
704 | ||
705 | /* Make BGP update packet. */ | |
706 | if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV)) | |
707 | bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW); | |
718e3744 | 708 | else |
d62a17ae | 709 | bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD); |
710 | ||
711 | /* Encode Route Refresh message. */ | |
712 | stream_putw(s, pkt_afi); | |
713 | stream_putc(s, 0); | |
714 | stream_putc(s, pkt_safi); | |
715 | ||
716 | if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD) | |
717 | if (remove || filter->plist[FILTER_IN].plist) { | |
718 | u_int16_t orf_len; | |
719 | unsigned long orfp; | |
720 | ||
721 | orf_refresh = 1; | |
722 | stream_putc(s, when_to_refresh); | |
723 | stream_putc(s, orf_type); | |
724 | orfp = stream_get_endp(s); | |
725 | stream_putw(s, 0); | |
726 | ||
727 | if (remove) { | |
728 | UNSET_FLAG(peer->af_sflags[afi][safi], | |
729 | PEER_STATUS_ORF_PREFIX_SEND); | |
730 | stream_putc(s, ORF_COMMON_PART_REMOVE_ALL); | |
731 | if (bgp_debug_neighbor_events(peer)) | |
732 | zlog_debug( | |
733 | "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d", | |
734 | peer->host, orf_type, | |
735 | (when_to_refresh == REFRESH_DEFER | |
736 | ? "defer" | |
737 | : "immediate"), | |
738 | pkt_afi, pkt_safi); | |
739 | } else { | |
740 | SET_FLAG(peer->af_sflags[afi][safi], | |
741 | PEER_STATUS_ORF_PREFIX_SEND); | |
742 | prefix_bgp_orf_entry( | |
743 | s, filter->plist[FILTER_IN].plist, | |
744 | ORF_COMMON_PART_ADD, | |
745 | ORF_COMMON_PART_PERMIT, | |
746 | ORF_COMMON_PART_DENY); | |
747 | if (bgp_debug_neighbor_events(peer)) | |
748 | zlog_debug( | |
749 | "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d", | |
750 | peer->host, orf_type, | |
751 | (when_to_refresh == REFRESH_DEFER | |
752 | ? "defer" | |
753 | : "immediate"), | |
754 | pkt_afi, pkt_safi); | |
755 | } | |
756 | ||
757 | /* Total ORF Entry Len. */ | |
758 | orf_len = stream_get_endp(s) - orfp - 2; | |
759 | stream_putw_at(s, orfp, orf_len); | |
760 | } | |
761 | ||
762 | /* Set packet size. */ | |
763 | (void)bgp_packet_set_size(s); | |
764 | ||
765 | if (bgp_debug_neighbor_events(peer)) { | |
766 | if (!orf_refresh) | |
767 | zlog_debug("%s sending REFRESH_REQ for afi/safi: %d/%d", | |
768 | peer->host, pkt_afi, pkt_safi); | |
769 | } | |
770 | ||
771 | /* Add packet to the peer. */ | |
772 | bgp_packet_add(peer, s); | |
424ab01d QY |
773 | |
774 | bgp_writes_on(peer); | |
718e3744 | 775 | } |
776 | ||
d3ecc69e QY |
777 | /* |
778 | * Create a BGP Capability packet and append it to the peer's output queue. | |
779 | * | |
780 | * @param peer | |
781 | * @param afi Address Family Identifier | |
782 | * @param safi Subsequent Address Family Identifier | |
783 | * @param capability_code BGP Capability Code | |
784 | * @param action Set or Remove capability | |
785 | */ | |
d62a17ae | 786 | void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi, |
787 | int capability_code, int action) | |
718e3744 | 788 | { |
d62a17ae | 789 | struct stream *s; |
790 | iana_afi_t pkt_afi; | |
5c525538 | 791 | iana_safi_t pkt_safi; |
d62a17ae | 792 | |
793 | /* Convert AFI, SAFI to values for packet. */ | |
794 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
795 | ||
796 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
797 | ||
798 | /* Make BGP update packet. */ | |
799 | bgp_packet_set_marker(s, BGP_MSG_CAPABILITY); | |
800 | ||
801 | /* Encode MP_EXT capability. */ | |
802 | if (capability_code == CAPABILITY_CODE_MP) { | |
803 | stream_putc(s, action); | |
804 | stream_putc(s, CAPABILITY_CODE_MP); | |
805 | stream_putc(s, CAPABILITY_CODE_MP_LEN); | |
806 | stream_putw(s, pkt_afi); | |
807 | stream_putc(s, 0); | |
808 | stream_putc(s, pkt_safi); | |
809 | ||
810 | if (bgp_debug_neighbor_events(peer)) | |
811 | zlog_debug( | |
812 | "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d", | |
813 | peer->host, | |
814 | action == CAPABILITY_ACTION_SET ? "Advertising" | |
815 | : "Removing", | |
816 | pkt_afi, pkt_safi); | |
817 | } | |
818 | ||
819 | /* Set packet size. */ | |
820 | (void)bgp_packet_set_size(s); | |
718e3744 | 821 | |
d62a17ae | 822 | /* Add packet to the peer. */ |
823 | bgp_packet_add(peer, s); | |
424ab01d QY |
824 | |
825 | bgp_writes_on(peer); | |
d62a17ae | 826 | } |
718e3744 | 827 | |
d62a17ae | 828 | /* RFC1771 6.8 Connection collision detection. */ |
829 | static int bgp_collision_detect(struct peer *new, struct in_addr remote_id) | |
830 | { | |
831 | struct peer *peer; | |
832 | ||
833 | /* Upon receipt of an OPEN message, the local system must examine | |
834 | all of its connections that are in the OpenConfirm state. A BGP | |
835 | speaker may also examine connections in an OpenSent state if it | |
836 | knows the BGP Identifier of the peer by means outside of the | |
837 | protocol. If among these connections there is a connection to a | |
838 | remote BGP speaker whose BGP Identifier equals the one in the | |
839 | OPEN message, then the local system performs the following | |
840 | collision resolution procedure: */ | |
841 | ||
842 | if ((peer = new->doppelganger) != NULL) { | |
843 | /* Do not accept the new connection in Established or Clearing | |
844 | * states. | |
845 | * Note that a peer GR is handled by closing the existing | |
846 | * connection | |
847 | * upon receipt of new one. | |
848 | */ | |
849 | if (peer->status == Established || peer->status == Clearing) { | |
850 | bgp_notify_send(new, BGP_NOTIFY_CEASE, | |
851 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
852 | return (-1); | |
853 | } else if ((peer->status == OpenConfirm) | |
854 | || (peer->status == OpenSent)) { | |
855 | /* 1. The BGP Identifier of the local system is compared | |
856 | to | |
857 | the BGP Identifier of the remote system (as specified | |
858 | in | |
859 | the OPEN message). */ | |
860 | ||
861 | if (ntohl(peer->local_id.s_addr) | |
862 | < ntohl(remote_id.s_addr)) | |
863 | if (!CHECK_FLAG(peer->sflags, | |
864 | PEER_STATUS_ACCEPT_PEER)) { | |
865 | /* 2. If the value of the local BGP | |
866 | Identifier is less | |
867 | than the remote one, the local system | |
868 | closes BGP | |
869 | connection that already exists (the | |
870 | one that is | |
871 | already in the OpenConfirm state), | |
872 | and accepts BGP | |
873 | connection initiated by the remote | |
874 | system. */ | |
875 | bgp_notify_send( | |
876 | peer, BGP_NOTIFY_CEASE, | |
877 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
878 | return 1; | |
879 | } else { | |
880 | bgp_notify_send( | |
881 | new, BGP_NOTIFY_CEASE, | |
882 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
883 | return -1; | |
884 | } | |
885 | else { | |
886 | /* 3. Otherwise, the local system closes newly | |
887 | created | |
888 | BGP connection (the one associated with the | |
889 | newly | |
890 | received OPEN message), and continues to use | |
891 | the | |
892 | existing one (the one that is already in the | |
893 | OpenConfirm state). */ | |
894 | if (CHECK_FLAG(peer->sflags, | |
895 | PEER_STATUS_ACCEPT_PEER)) { | |
896 | bgp_notify_send( | |
897 | peer, BGP_NOTIFY_CEASE, | |
898 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
899 | return 1; | |
900 | } else { | |
901 | bgp_notify_send( | |
902 | new, BGP_NOTIFY_CEASE, | |
903 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
904 | return -1; | |
905 | } | |
906 | } | |
907 | } | |
908 | } | |
909 | return 0; | |
910 | } | |
718e3744 | 911 | |
d8151687 QY |
912 | /* Packet processing routines ---------------------------------------------- */ |
913 | /* | |
914 | * This is a family of functions designed to be called from | |
915 | * bgp_process_packet(). These functions all share similar behavior and should | |
916 | * adhere to the following invariants and restrictions: | |
917 | * | |
918 | * Return codes | |
919 | * ------------ | |
920 | * The return code of any one of those functions should be one of the FSM event | |
921 | * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be | |
922 | * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected | |
923 | * packet type. For example, bgp_open_receive() should return BGP_Stop upon | |
924 | * error and Receive_OPEN_message otherwise. | |
925 | * | |
926 | * If no action is necessary, the correct return code is BGP_PACKET_NOOP as | |
927 | * defined below. | |
928 | * | |
929 | * Side effects | |
930 | * ------------ | |
931 | * - May send NOTIFY messages | |
932 | * - May not modify peer->status | |
933 | * - May not call bgp_event_update() | |
934 | */ | |
935 | ||
936 | #define BGP_PACKET_NOOP 0 | |
937 | ||
938 | /** | |
939 | * Process BGP OPEN message for peer. | |
940 | * | |
941 | * If any errors are encountered in the OPEN message, immediately sends NOTIFY | |
942 | * and returns BGP_Stop. | |
943 | * | |
944 | * @param peer | |
945 | * @param size size of the packet | |
946 | * @return as in summary | |
947 | */ | |
d62a17ae | 948 | static int bgp_open_receive(struct peer *peer, bgp_size_t size) |
949 | { | |
950 | int ret; | |
951 | u_char version; | |
952 | u_char optlen; | |
953 | u_int16_t holdtime; | |
954 | u_int16_t send_holdtime; | |
955 | as_t remote_as; | |
956 | as_t as4 = 0; | |
957 | struct in_addr remote_id; | |
958 | int mp_capability; | |
959 | u_int8_t notify_data_remote_as[2]; | |
960 | u_int8_t notify_data_remote_as4[4]; | |
961 | u_int8_t notify_data_remote_id[4]; | |
962 | u_int16_t *holdtime_ptr; | |
963 | ||
964 | /* Parse open packet. */ | |
424ab01d QY |
965 | version = stream_getc(peer->curr); |
966 | memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2); | |
967 | remote_as = stream_getw(peer->curr); | |
968 | holdtime_ptr = (u_int16_t *)stream_pnt(peer->curr); | |
969 | holdtime = stream_getw(peer->curr); | |
970 | memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4); | |
971 | remote_id.s_addr = stream_get_ipv4(peer->curr); | |
d62a17ae | 972 | |
973 | /* Receive OPEN message log */ | |
974 | if (bgp_debug_neighbor_events(peer)) | |
975 | zlog_debug( | |
976 | "%s rcv OPEN, version %d, remote-as (in open) %u," | |
977 | " holdtime %d, id %s", | |
978 | peer->host, version, remote_as, holdtime, | |
979 | inet_ntoa(remote_id)); | |
980 | ||
981 | /* BEGIN to read the capability here, but dont do it yet */ | |
982 | mp_capability = 0; | |
424ab01d | 983 | optlen = stream_getc(peer->curr); |
d62a17ae | 984 | |
985 | if (optlen != 0) { | |
986 | /* If not enough bytes, it is an error. */ | |
424ab01d | 987 | if (STREAM_READABLE(peer->curr) < optlen) { |
d62a17ae | 988 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, |
989 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
d8151687 | 990 | return BGP_Stop; |
d62a17ae | 991 | } |
718e3744 | 992 | |
d62a17ae | 993 | /* We need the as4 capability value *right now* because |
994 | * if it is there, we have not got the remote_as yet, and | |
995 | * without | |
996 | * that we do not know which peer is connecting to us now. | |
997 | */ | |
998 | as4 = peek_for_as4_capability(peer, optlen); | |
999 | memcpy(notify_data_remote_as4, &as4, 4); | |
1000 | } | |
718e3744 | 1001 | |
d62a17ae | 1002 | /* Just in case we have a silly peer who sends AS4 capability set to 0 |
1003 | */ | |
1004 | if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) { | |
1005 | zlog_err("%s bad OPEN, got AS4 capability, but AS4 set to 0", | |
1006 | peer->host); | |
1007 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1008 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1009 | notify_data_remote_as4, 4); | |
d8151687 | 1010 | return BGP_Stop; |
d62a17ae | 1011 | } |
718e3744 | 1012 | |
d62a17ae | 1013 | if (remote_as == BGP_AS_TRANS) { |
1014 | /* Take the AS4 from the capability. We must have received the | |
1015 | * capability now! Otherwise we have a asn16 peer who uses | |
1016 | * BGP_AS_TRANS, for some unknown reason. | |
1017 | */ | |
1018 | if (as4 == BGP_AS_TRANS) { | |
1019 | zlog_err( | |
1020 | "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed", | |
1021 | peer->host); | |
1022 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1023 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1024 | notify_data_remote_as4, 4); | |
d8151687 | 1025 | return BGP_Stop; |
d62a17ae | 1026 | } |
718e3744 | 1027 | |
d62a17ae | 1028 | if (!as4 && BGP_DEBUG(as4, AS4)) |
1029 | zlog_debug( | |
1030 | "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4." | |
1031 | " Odd, but proceeding.", | |
1032 | peer->host); | |
1033 | else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4)) | |
1034 | zlog_debug( | |
1035 | "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits " | |
1036 | "in 2-bytes, very odd peer.", | |
1037 | peer->host, as4); | |
1038 | if (as4) | |
1039 | remote_as = as4; | |
1040 | } else { | |
1041 | /* We may have a partner with AS4 who has an asno < BGP_AS_MAX | |
1042 | */ | |
1043 | /* If we have got the capability, peer->as4cap must match | |
1044 | * remote_as */ | |
1045 | if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) | |
1046 | && as4 != remote_as) { | |
1047 | /* raise error, log this, close session */ | |
1048 | zlog_err( | |
1049 | "%s bad OPEN, got AS4 capability, but remote_as %u" | |
1050 | " mismatch with 16bit 'myasn' %u in open", | |
1051 | peer->host, as4, remote_as); | |
1052 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1053 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1054 | notify_data_remote_as4, 4); | |
d8151687 | 1055 | return BGP_Stop; |
d62a17ae | 1056 | } |
1057 | } | |
6b0655a2 | 1058 | |
d62a17ae | 1059 | /* remote router-id check. */ |
1060 | if (remote_id.s_addr == 0 || IPV4_CLASS_DE(ntohl(remote_id.s_addr)) | |
1061 | || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) { | |
1062 | if (bgp_debug_neighbor_events(peer)) | |
1063 | zlog_debug("%s bad OPEN, wrong router identifier %s", | |
1064 | peer->host, inet_ntoa(remote_id)); | |
1065 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1066 | BGP_NOTIFY_OPEN_BAD_BGP_IDENT, | |
1067 | notify_data_remote_id, 4); | |
d8151687 | 1068 | return BGP_Stop; |
d62a17ae | 1069 | } |
1070 | ||
1071 | /* Set remote router-id */ | |
1072 | peer->remote_id = remote_id; | |
1073 | ||
1074 | /* Peer BGP version check. */ | |
1075 | if (version != BGP_VERSION_4) { | |
1076 | u_int16_t maxver = htons(BGP_VERSION_4); | |
1077 | /* XXX this reply may not be correct if version < 4 XXX */ | |
1078 | if (bgp_debug_neighbor_events(peer)) | |
1079 | zlog_debug( | |
1080 | "%s bad protocol version, remote requested %d, local request %d", | |
1081 | peer->host, version, BGP_VERSION_4); | |
1082 | /* Data must be in network byte order here */ | |
1083 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1084 | BGP_NOTIFY_OPEN_UNSUP_VERSION, | |
1085 | (u_int8_t *)&maxver, 2); | |
d8151687 | 1086 | return BGP_Stop; |
d62a17ae | 1087 | } |
1088 | ||
1089 | /* Check neighbor as number. */ | |
1090 | if (peer->as_type == AS_UNSPECIFIED) { | |
1091 | if (bgp_debug_neighbor_events(peer)) | |
1092 | zlog_debug( | |
1093 | "%s bad OPEN, remote AS is unspecified currently", | |
1094 | peer->host); | |
1095 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1096 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1097 | notify_data_remote_as, 2); | |
d8151687 | 1098 | return BGP_Stop; |
d62a17ae | 1099 | } else if (peer->as_type == AS_INTERNAL) { |
1100 | if (remote_as != peer->bgp->as) { | |
1101 | if (bgp_debug_neighbor_events(peer)) | |
1102 | zlog_debug( | |
1103 | "%s bad OPEN, remote AS is %u, internal specified", | |
1104 | peer->host, remote_as); | |
1105 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1106 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1107 | notify_data_remote_as, 2); | |
d8151687 | 1108 | return BGP_Stop; |
1ff9a340 | 1109 | } |
d62a17ae | 1110 | peer->as = peer->local_as; |
1111 | } else if (peer->as_type == AS_EXTERNAL) { | |
1112 | if (remote_as == peer->bgp->as) { | |
1113 | if (bgp_debug_neighbor_events(peer)) | |
1114 | zlog_debug( | |
1115 | "%s bad OPEN, remote AS is %u, external specified", | |
1116 | peer->host, remote_as); | |
1117 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1118 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1119 | notify_data_remote_as, 2); | |
d8151687 | 1120 | return BGP_Stop; |
1ff9a340 | 1121 | } |
d62a17ae | 1122 | peer->as = remote_as; |
1123 | } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) { | |
1124 | if (bgp_debug_neighbor_events(peer)) | |
1125 | zlog_debug("%s bad OPEN, remote AS is %u, expected %u", | |
1126 | peer->host, remote_as, peer->as); | |
1127 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1128 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1129 | notify_data_remote_as, 2); | |
d8151687 | 1130 | return BGP_Stop; |
eb821189 | 1131 | } |
718e3744 | 1132 | |
d62a17ae | 1133 | /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST |
1134 | calculate the value of the Hold Timer by using the smaller of its | |
1135 | configured Hold Time and the Hold Time received in the OPEN message. | |
1136 | The Hold Time MUST be either zero or at least three seconds. An | |
1137 | implementation may reject connections on the basis of the Hold Time. | |
0b2aa3a0 | 1138 | */ |
d62a17ae | 1139 | |
1140 | if (holdtime < 3 && holdtime != 0) { | |
1141 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1142 | BGP_NOTIFY_OPEN_UNACEP_HOLDTIME, | |
1143 | (u_char *)holdtime_ptr, 2); | |
d8151687 | 1144 | return BGP_Stop; |
0b2aa3a0 | 1145 | } |
d62a17ae | 1146 | |
1147 | /* From the rfc: A reasonable maximum time between KEEPALIVE messages | |
1148 | would be one third of the Hold Time interval. KEEPALIVE messages | |
1149 | MUST NOT be sent more frequently than one per second. An | |
1150 | implementation MAY adjust the rate at which it sends KEEPALIVE | |
1151 | messages as a function of the Hold Time interval. */ | |
1152 | ||
d25e4efc | 1153 | if (PEER_OR_GROUP_TIMER_SET(peer)) |
d62a17ae | 1154 | send_holdtime = peer->holdtime; |
1155 | else | |
1156 | send_holdtime = peer->bgp->default_holdtime; | |
1157 | ||
1158 | if (holdtime < send_holdtime) | |
1159 | peer->v_holdtime = holdtime; | |
1160 | else | |
1161 | peer->v_holdtime = send_holdtime; | |
1162 | ||
d25e4efc DS |
1163 | if ((PEER_OR_GROUP_TIMER_SET(peer)) |
1164 | && (peer->keepalive < peer->v_holdtime / 3)) | |
d62a17ae | 1165 | peer->v_keepalive = peer->keepalive; |
1166 | else | |
1167 | peer->v_keepalive = peer->v_holdtime / 3; | |
1168 | ||
1169 | /* Open option part parse. */ | |
1170 | if (optlen != 0) { | |
1171 | if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability)) | |
1172 | < 0) | |
d8151687 | 1173 | return BGP_Stop; |
d62a17ae | 1174 | } else { |
1175 | if (bgp_debug_neighbor_events(peer)) | |
1176 | zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0", | |
1177 | peer->host); | |
0299c004 | 1178 | } |
d62a17ae | 1179 | |
1180 | /* | |
1181 | * Assume that the peer supports the locally configured set of | |
1182 | * AFI/SAFIs if the peer did not send us any Mulitiprotocol | |
1183 | * capabilities, or if 'override-capability' is configured. | |
1184 | */ | |
1185 | if (!mp_capability | |
1186 | || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) { | |
1187 | peer->afc_nego[AFI_IP][SAFI_UNICAST] = | |
1188 | peer->afc[AFI_IP][SAFI_UNICAST]; | |
1189 | peer->afc_nego[AFI_IP][SAFI_MULTICAST] = | |
1190 | peer->afc[AFI_IP][SAFI_MULTICAST]; | |
1191 | peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] = | |
1192 | peer->afc[AFI_IP][SAFI_LABELED_UNICAST]; | |
1193 | peer->afc_nego[AFI_IP6][SAFI_UNICAST] = | |
1194 | peer->afc[AFI_IP6][SAFI_UNICAST]; | |
1195 | peer->afc_nego[AFI_IP6][SAFI_MULTICAST] = | |
1196 | peer->afc[AFI_IP6][SAFI_MULTICAST]; | |
1197 | peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] = | |
1198 | peer->afc[AFI_IP6][SAFI_LABELED_UNICAST]; | |
1199 | peer->afc_nego[AFI_L2VPN][SAFI_EVPN] = | |
1200 | peer->afc[AFI_L2VPN][SAFI_EVPN]; | |
0299c004 | 1201 | } |
d62a17ae | 1202 | |
1203 | /* When collision is detected and this peer is closed. Retrun | |
1204 | immidiately. */ | |
1205 | ret = bgp_collision_detect(peer, remote_id); | |
1206 | if (ret < 0) | |
d8151687 | 1207 | return BGP_Stop; |
d62a17ae | 1208 | |
1209 | /* Get sockname. */ | |
1210 | if ((ret = bgp_getsockname(peer)) < 0) { | |
1211 | zlog_err("%s: bgp_getsockname() failed for peer: %s", | |
1212 | __FUNCTION__, peer->host); | |
d8151687 | 1213 | return BGP_Stop; |
d62a17ae | 1214 | } |
1215 | ||
1216 | /* Verify valid local address present based on negotiated | |
1217 | * address-families. */ | |
1218 | if (peer->afc_nego[AFI_IP][SAFI_UNICAST] | |
e5f22b30 | 1219 | || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] |
d62a17ae | 1220 | || peer->afc_nego[AFI_IP][SAFI_MULTICAST] |
1221 | || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN] | |
1222 | || peer->afc_nego[AFI_IP][SAFI_ENCAP]) { | |
1223 | if (!peer->nexthop.v4.s_addr) { | |
1224 | #if defined(HAVE_CUMULUS) | |
1225 | zlog_err( | |
1226 | "%s: No local IPv4 addr resetting connection, fd %d", | |
1227 | peer->host, peer->fd); | |
1228 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, | |
1229 | BGP_NOTIFY_SUBCODE_UNSPECIFIC); | |
d8151687 | 1230 | return BGP_Stop; |
1d808091 | 1231 | #endif |
d62a17ae | 1232 | } |
1233 | } | |
1234 | if (peer->afc_nego[AFI_IP6][SAFI_UNICAST] | |
e5f22b30 | 1235 | || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] |
d62a17ae | 1236 | || peer->afc_nego[AFI_IP6][SAFI_MULTICAST] |
1237 | || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN] | |
1238 | || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) { | |
1239 | if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) { | |
1240 | #if defined(HAVE_CUMULUS) | |
1241 | zlog_err( | |
1242 | "%s: No local IPv6 addr resetting connection, fd %d", | |
1243 | peer->host, peer->fd); | |
1244 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, | |
1245 | BGP_NOTIFY_SUBCODE_UNSPECIFIC); | |
d8151687 | 1246 | return BGP_Stop; |
1d808091 | 1247 | #endif |
d62a17ae | 1248 | } |
1249 | } | |
1250 | peer->rtt = sockopt_tcp_rtt(peer->fd); | |
1251 | ||
d8151687 | 1252 | return Receive_OPEN_message; |
718e3744 | 1253 | } |
1254 | ||
d8151687 QY |
1255 | /** |
1256 | * Process BGP KEEPALIVE message for peer. | |
1257 | * | |
1258 | * @param peer | |
1259 | * @param size size of the packet | |
1260 | * @return as in summary | |
1261 | */ | |
1262 | static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size) | |
f188f2c4 | 1263 | { |
d8151687 QY |
1264 | if (bgp_debug_keepalive(peer)) |
1265 | zlog_debug("%s KEEPALIVE rcvd", peer->host); | |
d62a17ae | 1266 | |
d8151687 | 1267 | bgp_update_implicit_eors(peer); |
d62a17ae | 1268 | |
d8151687 | 1269 | return Receive_KEEPALIVE_message; |
f188f2c4 DS |
1270 | } |
1271 | ||
d62a17ae | 1272 | |
d8151687 QY |
1273 | /** |
1274 | * Process BGP UPDATE message for peer. | |
1275 | * | |
1276 | * Parses UPDATE and creates attribute object. | |
1277 | * | |
1278 | * @param peer | |
1279 | * @param size size of the packet | |
1280 | * @return as in summary | |
7ef5a232 | 1281 | */ |
d62a17ae | 1282 | static int bgp_update_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 1283 | { |
d62a17ae | 1284 | int ret, nlri_ret; |
1285 | u_char *end; | |
1286 | struct stream *s; | |
1287 | struct attr attr; | |
1288 | bgp_size_t attribute_len; | |
1289 | bgp_size_t update_len; | |
1290 | bgp_size_t withdraw_len; | |
1291 | ||
1292 | enum NLRI_TYPES { | |
1293 | NLRI_UPDATE, | |
1294 | NLRI_WITHDRAW, | |
1295 | NLRI_MP_UPDATE, | |
1296 | NLRI_MP_WITHDRAW, | |
1297 | NLRI_TYPE_MAX | |
1298 | }; | |
1299 | struct bgp_nlri nlris[NLRI_TYPE_MAX]; | |
1300 | ||
1301 | /* Status must be Established. */ | |
1302 | if (peer->status != Established) { | |
1303 | zlog_err("%s [FSM] Update packet received under status %s", | |
1304 | peer->host, | |
1305 | lookup_msg(bgp_status_msg, peer->status, NULL)); | |
1306 | bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0); | |
d8151687 | 1307 | return BGP_Stop; |
d62a17ae | 1308 | } |
1309 | ||
1310 | /* Set initial values. */ | |
1311 | memset(&attr, 0, sizeof(struct attr)); | |
1312 | attr.label_index = BGP_INVALID_LABEL_INDEX; | |
1313 | attr.label = MPLS_INVALID_LABEL; | |
1314 | memset(&nlris, 0, sizeof(nlris)); | |
1315 | memset(peer->rcvd_attr_str, 0, BUFSIZ); | |
1316 | peer->rcvd_attr_printed = 0; | |
1317 | ||
424ab01d | 1318 | s = peer->curr; |
d62a17ae | 1319 | end = stream_pnt(s) + size; |
1320 | ||
1321 | /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute | |
1322 | Length is too large (i.e., if Unfeasible Routes Length + Total | |
1323 | Attribute Length + 23 exceeds the message Length), then the Error | |
1324 | Subcode is set to Malformed Attribute List. */ | |
1325 | if (stream_pnt(s) + 2 > end) { | |
1326 | zlog_err( | |
1327 | "%s [Error] Update packet error" | |
1328 | " (packet length is short for unfeasible length)", | |
1329 | peer->host); | |
1330 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1331 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
d8151687 | 1332 | return BGP_Stop; |
d62a17ae | 1333 | } |
1334 | ||
1335 | /* Unfeasible Route Length. */ | |
1336 | withdraw_len = stream_getw(s); | |
1337 | ||
1338 | /* Unfeasible Route Length check. */ | |
1339 | if (stream_pnt(s) + withdraw_len > end) { | |
1340 | zlog_err( | |
1341 | "%s [Error] Update packet error" | |
1342 | " (packet unfeasible length overflow %d)", | |
1343 | peer->host, withdraw_len); | |
1344 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1345 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
d8151687 | 1346 | return BGP_Stop; |
d62a17ae | 1347 | } |
1348 | ||
1349 | /* Unfeasible Route packet format check. */ | |
1350 | if (withdraw_len > 0) { | |
1351 | nlris[NLRI_WITHDRAW].afi = AFI_IP; | |
1352 | nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST; | |
1353 | nlris[NLRI_WITHDRAW].nlri = stream_pnt(s); | |
1354 | nlris[NLRI_WITHDRAW].length = withdraw_len; | |
1355 | stream_forward_getp(s, withdraw_len); | |
1356 | } | |
1357 | ||
1358 | /* Attribute total length check. */ | |
1359 | if (stream_pnt(s) + 2 > end) { | |
1360 | zlog_warn( | |
1361 | "%s [Error] Packet Error" | |
1362 | " (update packet is short for attribute length)", | |
1363 | peer->host); | |
1364 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1365 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
d8151687 | 1366 | return BGP_Stop; |
d62a17ae | 1367 | } |
1368 | ||
1369 | /* Fetch attribute total length. */ | |
1370 | attribute_len = stream_getw(s); | |
1371 | ||
1372 | /* Attribute length check. */ | |
1373 | if (stream_pnt(s) + attribute_len > end) { | |
1374 | zlog_warn( | |
1375 | "%s [Error] Packet Error" | |
1376 | " (update packet attribute length overflow %d)", | |
1377 | peer->host, attribute_len); | |
1378 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1379 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
d8151687 | 1380 | return BGP_Stop; |
d62a17ae | 1381 | } |
1382 | ||
1383 | /* Certain attribute parsing errors should not be considered bad enough | |
1384 | * to reset the session for, most particularly any partial/optional | |
1385 | * attributes that have 'tunneled' over speakers that don't understand | |
1386 | * them. Instead we withdraw only the prefix concerned. | |
1387 | * | |
1388 | * Complicates the flow a little though.. | |
1389 | */ | |
1390 | bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED; | |
1391 | /* This define morphs the update case into a withdraw when lower levels | |
1392 | * have signalled an error condition where this is best. | |
1393 | */ | |
b881c707 | 1394 | #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL) |
718e3744 | 1395 | |
d62a17ae | 1396 | /* Parse attribute when it exists. */ |
1397 | if (attribute_len) { | |
1398 | attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len, | |
1399 | &nlris[NLRI_MP_UPDATE], | |
1400 | &nlris[NLRI_MP_WITHDRAW]); | |
1401 | if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) { | |
1402 | bgp_attr_unintern_sub(&attr); | |
d8151687 | 1403 | return BGP_Stop; |
d62a17ae | 1404 | } |
1405 | } | |
1406 | ||
1407 | /* Logging the attribute. */ | |
1408 | if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW | |
1409 | || BGP_DEBUG(update, UPDATE_IN) | |
1410 | || BGP_DEBUG(update, UPDATE_PREFIX)) { | |
1411 | ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ); | |
1412 | ||
1413 | if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW) | |
1414 | zlog_err( | |
1415 | "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.", | |
1416 | peer->host); | |
1417 | ||
1418 | if (ret && bgp_debug_update(peer, NULL, NULL, 1)) { | |
1419 | zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host, | |
1420 | peer->rcvd_attr_str); | |
1421 | peer->rcvd_attr_printed = 1; | |
1422 | } | |
1423 | } | |
1424 | ||
1425 | /* Network Layer Reachability Information. */ | |
1426 | update_len = end - stream_pnt(s); | |
1427 | ||
1428 | if (update_len) { | |
1429 | /* Set NLRI portion to structure. */ | |
1430 | nlris[NLRI_UPDATE].afi = AFI_IP; | |
1431 | nlris[NLRI_UPDATE].safi = SAFI_UNICAST; | |
1432 | nlris[NLRI_UPDATE].nlri = stream_pnt(s); | |
1433 | nlris[NLRI_UPDATE].length = update_len; | |
1434 | stream_forward_getp(s, update_len); | |
1435 | } | |
1436 | ||
1437 | if (BGP_DEBUG(update, UPDATE_IN)) | |
1438 | zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d", | |
1439 | peer->host, withdraw_len, attribute_len, update_len); | |
1440 | ||
1441 | /* Parse any given NLRIs */ | |
1442 | for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) { | |
1443 | if (!nlris[i].nlri) | |
1444 | continue; | |
1445 | ||
1446 | /* NLRI is processed iff the peer if configured for the specific | |
1447 | * afi/safi */ | |
1448 | if (!peer->afc[nlris[i].afi][nlris[i].safi]) { | |
1449 | zlog_info( | |
1450 | "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u", | |
1451 | peer->host, nlris[i].afi, nlris[i].safi); | |
1452 | continue; | |
1453 | } | |
1454 | ||
1455 | /* EoR handled later */ | |
1456 | if (nlris[i].length == 0) | |
1457 | continue; | |
1458 | ||
1459 | switch (i) { | |
1460 | case NLRI_UPDATE: | |
1461 | case NLRI_MP_UPDATE: | |
1462 | nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG, | |
1463 | &nlris[i], 0); | |
1464 | break; | |
1465 | case NLRI_WITHDRAW: | |
1466 | case NLRI_MP_WITHDRAW: | |
1467 | nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1); | |
1468 | break; | |
1469 | default: | |
1470 | nlri_ret = -1; | |
1471 | } | |
1472 | ||
1473 | if (nlri_ret < 0) { | |
1474 | zlog_err("%s [Error] Error parsing NLRI", peer->host); | |
1475 | if (peer->status == Established) | |
1476 | bgp_notify_send( | |
1477 | peer, BGP_NOTIFY_UPDATE_ERR, | |
1478 | i <= NLRI_WITHDRAW | |
1479 | ? BGP_NOTIFY_UPDATE_INVAL_NETWORK | |
1480 | : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR); | |
1481 | bgp_attr_unintern_sub(&attr); | |
d8151687 | 1482 | return BGP_Stop; |
d62a17ae | 1483 | } |
1484 | } | |
1485 | ||
1486 | /* EoR checks | |
1487 | * | |
1488 | * Non-MP IPv4/Unicast EoR is a completely empty UPDATE | |
1489 | * and MP EoR should have only an empty MP_UNREACH | |
1490 | */ | |
9b9df989 DS |
1491 | if ((!update_len && !withdraw_len && |
1492 | nlris[NLRI_MP_UPDATE].length == 0) || | |
1493 | (attr_parse_ret == BGP_ATTR_PARSE_EOR)) { | |
d62a17ae | 1494 | afi_t afi = 0; |
1495 | safi_t safi; | |
1496 | ||
1497 | /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already | |
1498 | * checked | |
1499 | * update and withdraw NLRI lengths are 0. | |
1500 | */ | |
1501 | if (!attribute_len) { | |
1502 | afi = AFI_IP; | |
1503 | safi = SAFI_UNICAST; | |
1504 | } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI) | |
1505 | && nlris[NLRI_MP_WITHDRAW].length == 0) { | |
1506 | afi = nlris[NLRI_MP_WITHDRAW].afi; | |
1507 | safi = nlris[NLRI_MP_WITHDRAW].safi; | |
9b9df989 DS |
1508 | } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) { |
1509 | afi = nlris[NLRI_MP_UPDATE].afi; | |
1510 | safi = nlris[NLRI_MP_UPDATE].safi; | |
d62a17ae | 1511 | } |
1512 | ||
1513 | if (afi && peer->afc[afi][safi]) { | |
1514 | /* End-of-RIB received */ | |
1515 | if (!CHECK_FLAG(peer->af_sflags[afi][safi], | |
1516 | PEER_STATUS_EOR_RECEIVED)) { | |
1517 | SET_FLAG(peer->af_sflags[afi][safi], | |
1518 | PEER_STATUS_EOR_RECEIVED); | |
1519 | bgp_update_explicit_eors(peer); | |
1520 | } | |
1521 | ||
1522 | /* NSF delete stale route */ | |
1523 | if (peer->nsf[afi][safi]) | |
1524 | bgp_clear_stale_route(peer, afi, safi); | |
1525 | ||
1526 | if (bgp_debug_neighbor_events(peer)) { | |
1527 | zlog_debug("rcvd End-of-RIB for %s from %s", | |
1528 | afi_safi_print(afi, safi), | |
1529 | peer->host); | |
1530 | } | |
1531 | } | |
f80f838b | 1532 | } |
d62a17ae | 1533 | |
1534 | /* Everything is done. We unintern temporary structures which | |
1535 | interned in bgp_attr_parse(). */ | |
1536 | bgp_attr_unintern_sub(&attr); | |
1537 | ||
d62a17ae | 1538 | peer->update_time = bgp_clock(); |
1539 | ||
1540 | /* Rearm holdtime timer */ | |
1541 | BGP_TIMER_OFF(peer->t_holdtime); | |
1542 | bgp_timer_set(peer); | |
1543 | ||
d8151687 | 1544 | return Receive_UPDATE_message; |
718e3744 | 1545 | } |
1546 | ||
d8151687 QY |
1547 | /** |
1548 | * Process BGP NOTIFY message for peer. | |
1549 | * | |
1550 | * @param peer | |
1551 | * @param size size of the packet | |
1552 | * @return as in summary | |
1553 | */ | |
1554 | static int bgp_notify_receive(struct peer *peer, bgp_size_t size) | |
718e3744 | 1555 | { |
d62a17ae | 1556 | struct bgp_notify bgp_notify; |
1557 | ||
1558 | if (peer->notify.data) { | |
1559 | XFREE(MTYPE_TMP, peer->notify.data); | |
1560 | peer->notify.data = NULL; | |
1561 | peer->notify.length = 0; | |
1562 | } | |
1563 | ||
424ab01d QY |
1564 | bgp_notify.code = stream_getc(peer->curr); |
1565 | bgp_notify.subcode = stream_getc(peer->curr); | |
d62a17ae | 1566 | bgp_notify.length = size - 2; |
1567 | bgp_notify.data = NULL; | |
1568 | ||
1569 | /* Preserv notify code and sub code. */ | |
1570 | peer->notify.code = bgp_notify.code; | |
1571 | peer->notify.subcode = bgp_notify.subcode; | |
1572 | /* For further diagnostic record returned Data. */ | |
1573 | if (bgp_notify.length) { | |
1574 | peer->notify.length = size - 2; | |
1575 | peer->notify.data = XMALLOC(MTYPE_TMP, size - 2); | |
424ab01d | 1576 | memcpy(peer->notify.data, stream_pnt(peer->curr), size - 2); |
d62a17ae | 1577 | } |
1578 | ||
1579 | /* For debug */ | |
1580 | { | |
1581 | int i; | |
1582 | int first = 0; | |
1583 | char c[4]; | |
1584 | ||
1585 | if (bgp_notify.length) { | |
1586 | bgp_notify.data = | |
1587 | XMALLOC(MTYPE_TMP, bgp_notify.length * 3); | |
1588 | for (i = 0; i < bgp_notify.length; i++) | |
1589 | if (first) { | |
1590 | sprintf(c, " %02x", | |
424ab01d | 1591 | stream_getc(peer->curr)); |
d62a17ae | 1592 | strcat(bgp_notify.data, c); |
1593 | } else { | |
1594 | first = 1; | |
1595 | sprintf(c, "%02x", | |
424ab01d | 1596 | stream_getc(peer->curr)); |
d62a17ae | 1597 | strcpy(bgp_notify.data, c); |
1598 | } | |
1599 | bgp_notify.raw_data = (u_char *)peer->notify.data; | |
1600 | } | |
1601 | ||
1602 | bgp_notify_print(peer, &bgp_notify, "received"); | |
1603 | if (bgp_notify.data) { | |
1604 | XFREE(MTYPE_TMP, bgp_notify.data); | |
1605 | bgp_notify.data = NULL; | |
1606 | bgp_notify.length = 0; | |
1607 | } | |
1608 | } | |
1609 | ||
1610 | /* peer count update */ | |
1611 | peer->notify_in++; | |
1612 | ||
1613 | peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED; | |
1614 | ||
1615 | /* We have to check for Notify with Unsupported Optional Parameter. | |
1616 | in that case we fallback to open without the capability option. | |
1617 | But this done in bgp_stop. We just mark it here to avoid changing | |
1618 | the fsm tables. */ | |
1619 | if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR | |
1620 | && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM) | |
1621 | UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN); | |
1622 | ||
d8151687 | 1623 | return Receive_NOTIFICATION_message; |
718e3744 | 1624 | } |
1625 | ||
d8151687 QY |
1626 | /** |
1627 | * Process BGP ROUTEREFRESH message for peer. | |
1628 | * | |
1629 | * @param peer | |
1630 | * @param size size of the packet | |
1631 | * @return as in summary | |
1632 | */ | |
1633 | static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size) | |
718e3744 | 1634 | { |
d62a17ae | 1635 | iana_afi_t pkt_afi; |
1636 | afi_t afi; | |
5c525538 RW |
1637 | iana_safi_t pkt_safi; |
1638 | safi_t safi; | |
d62a17ae | 1639 | struct stream *s; |
1640 | struct peer_af *paf; | |
1641 | struct update_group *updgrp; | |
1642 | struct peer *updgrp_peer; | |
1643 | ||
1644 | /* If peer does not have the capability, send notification. */ | |
1645 | if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) { | |
1646 | zlog_err("%s [Error] BGP route refresh is not enabled", | |
1647 | peer->host); | |
1648 | bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, | |
1649 | BGP_NOTIFY_HEADER_BAD_MESTYPE); | |
d8151687 | 1650 | return BGP_Stop; |
d62a17ae | 1651 | } |
1652 | ||
1653 | /* Status must be Established. */ | |
1654 | if (peer->status != Established) { | |
1655 | zlog_err( | |
1656 | "%s [Error] Route refresh packet received under status %s", | |
1657 | peer->host, | |
1658 | lookup_msg(bgp_status_msg, peer->status, NULL)); | |
1659 | bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0); | |
d8151687 | 1660 | return BGP_Stop; |
d62a17ae | 1661 | } |
1662 | ||
424ab01d | 1663 | s = peer->curr; |
d62a17ae | 1664 | |
1665 | /* Parse packet. */ | |
1666 | pkt_afi = stream_getw(s); | |
1667 | (void)stream_getc(s); | |
1668 | pkt_safi = stream_getc(s); | |
1669 | ||
1670 | if (bgp_debug_update(peer, NULL, NULL, 0)) | |
1671 | zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %d/%d", | |
1672 | peer->host, pkt_afi, pkt_safi); | |
1673 | ||
1674 | /* Convert AFI, SAFI to internal values and check. */ | |
1675 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) { | |
1676 | zlog_info( | |
1677 | "%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored", | |
1678 | peer->host, pkt_afi, pkt_safi); | |
d8151687 | 1679 | return BGP_PACKET_NOOP; |
d62a17ae | 1680 | } |
1681 | ||
1682 | if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) { | |
1683 | u_char *end; | |
1684 | u_char when_to_refresh; | |
1685 | u_char orf_type; | |
1686 | u_int16_t orf_len; | |
1687 | ||
1688 | if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) | |
1689 | < 5) { | |
1690 | zlog_info("%s ORF route refresh length error", | |
1691 | peer->host); | |
1692 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
d8151687 | 1693 | return BGP_Stop; |
718e3744 | 1694 | } |
1695 | ||
d62a17ae | 1696 | when_to_refresh = stream_getc(s); |
1697 | end = stream_pnt(s) + (size - 5); | |
1698 | ||
1699 | while ((stream_pnt(s) + 2) < end) { | |
1700 | orf_type = stream_getc(s); | |
1701 | orf_len = stream_getw(s); | |
1702 | ||
1703 | /* orf_len in bounds? */ | |
1704 | if ((stream_pnt(s) + orf_len) > end) | |
1705 | break; /* XXX: Notify instead?? */ | |
1706 | if (orf_type == ORF_TYPE_PREFIX | |
1707 | || orf_type == ORF_TYPE_PREFIX_OLD) { | |
1708 | uint8_t *p_pnt = stream_pnt(s); | |
1709 | uint8_t *p_end = stream_pnt(s) + orf_len; | |
1710 | struct orf_prefix orfp; | |
1711 | u_char common = 0; | |
1712 | u_int32_t seq; | |
1713 | int psize; | |
1714 | char name[BUFSIZ]; | |
1715 | int ret = CMD_SUCCESS; | |
1716 | ||
1717 | if (bgp_debug_neighbor_events(peer)) { | |
1718 | zlog_debug( | |
1719 | "%s rcvd Prefixlist ORF(%d) length %d", | |
1720 | peer->host, orf_type, orf_len); | |
1721 | } | |
1722 | ||
1723 | /* we're going to read at least 1 byte of common | |
1724 | * ORF header, | |
1725 | * and 7 bytes of ORF Address-filter entry from | |
1726 | * the stream | |
1727 | */ | |
1728 | if (orf_len < 7) | |
1729 | break; | |
1730 | ||
1731 | /* ORF prefix-list name */ | |
1732 | sprintf(name, "%s.%d.%d", peer->host, afi, | |
1733 | safi); | |
1734 | ||
1735 | while (p_pnt < p_end) { | |
1736 | /* If the ORF entry is malformed, want | |
1737 | * to read as much of it | |
1738 | * as possible without going beyond the | |
1739 | * bounds of the entry, | |
1740 | * to maximise debug information. | |
1741 | */ | |
1742 | int ok; | |
1743 | memset(&orfp, 0, | |
1744 | sizeof(struct orf_prefix)); | |
1745 | common = *p_pnt++; | |
1746 | /* after ++: p_pnt <= p_end */ | |
1747 | if (common | |
1748 | & ORF_COMMON_PART_REMOVE_ALL) { | |
1749 | if (bgp_debug_neighbor_events( | |
1750 | peer)) | |
1751 | zlog_debug( | |
1752 | "%s rcvd Remove-All pfxlist ORF request", | |
1753 | peer->host); | |
1754 | prefix_bgp_orf_remove_all(afi, | |
1755 | name); | |
1756 | break; | |
1757 | } | |
1758 | ok = ((u_int32_t)(p_end - p_pnt) | |
1759 | >= sizeof(u_int32_t)); | |
1760 | if (ok) { | |
1761 | memcpy(&seq, p_pnt, | |
1762 | sizeof(u_int32_t)); | |
1763 | p_pnt += sizeof(u_int32_t); | |
1764 | orfp.seq = ntohl(seq); | |
1765 | } else | |
1766 | p_pnt = p_end; | |
1767 | ||
1768 | if ((ok = (p_pnt < p_end))) | |
1769 | orfp.ge = | |
1770 | *p_pnt++; /* value | |
1771 | checked in | |
1772 | prefix_bgp_orf_set() | |
1773 | */ | |
1774 | if ((ok = (p_pnt < p_end))) | |
1775 | orfp.le = | |
1776 | *p_pnt++; /* value | |
1777 | checked in | |
1778 | prefix_bgp_orf_set() | |
1779 | */ | |
1780 | if ((ok = (p_pnt < p_end))) | |
1781 | orfp.p.prefixlen = *p_pnt++; | |
1782 | orfp.p.family = afi2family( | |
1783 | afi); /* afi checked already */ | |
1784 | ||
1785 | psize = PSIZE( | |
1786 | orfp.p.prefixlen); /* 0 if not | |
1787 | ok */ | |
1788 | if (psize | |
1789 | > prefix_blen( | |
1790 | &orfp.p)) /* valid for | |
1791 | family ? */ | |
1792 | { | |
1793 | ok = 0; | |
1794 | psize = prefix_blen(&orfp.p); | |
1795 | } | |
1796 | if (psize | |
1797 | > (p_end - p_pnt)) /* valid for | |
1798 | packet ? */ | |
1799 | { | |
1800 | ok = 0; | |
1801 | psize = p_end - p_pnt; | |
1802 | } | |
1803 | ||
1804 | if (psize > 0) | |
1805 | memcpy(&orfp.p.u.prefix, p_pnt, | |
1806 | psize); | |
1807 | p_pnt += psize; | |
1808 | ||
1809 | if (bgp_debug_neighbor_events(peer)) { | |
1810 | char buf[INET6_BUFSIZ]; | |
1811 | ||
1812 | zlog_debug( | |
1813 | "%s rcvd %s %s seq %u %s/%d ge %d le %d%s", | |
1814 | peer->host, | |
1815 | (common & ORF_COMMON_PART_REMOVE | |
1816 | ? "Remove" | |
1817 | : "Add"), | |
1818 | (common & ORF_COMMON_PART_DENY | |
1819 | ? "deny" | |
1820 | : "permit"), | |
1821 | orfp.seq, | |
1822 | inet_ntop( | |
1823 | orfp.p.family, | |
1824 | &orfp.p.u.prefix, | |
1825 | buf, | |
1826 | INET6_BUFSIZ), | |
1827 | orfp.p.prefixlen, | |
1828 | orfp.ge, orfp.le, | |
1829 | ok ? "" : " MALFORMED"); | |
1830 | } | |
1831 | ||
1832 | if (ok) | |
1833 | ret = prefix_bgp_orf_set( | |
1834 | name, afi, &orfp, | |
1835 | (common & ORF_COMMON_PART_DENY | |
1836 | ? 0 | |
1837 | : 1), | |
1838 | (common & ORF_COMMON_PART_REMOVE | |
1839 | ? 0 | |
1840 | : 1)); | |
1841 | ||
1842 | if (!ok || (ok && ret != CMD_SUCCESS)) { | |
1843 | zlog_info( | |
1844 | "%s Received misformatted prefixlist ORF." | |
1845 | " Remove All pfxlist", | |
1846 | peer->host); | |
1847 | prefix_bgp_orf_remove_all(afi, | |
1848 | name); | |
1849 | break; | |
1850 | } | |
1851 | } | |
1852 | ||
1853 | peer->orf_plist[afi][safi] = | |
1854 | prefix_bgp_orf_lookup(afi, name); | |
1855 | } | |
1856 | stream_forward_getp(s, orf_len); | |
718e3744 | 1857 | } |
d62a17ae | 1858 | if (bgp_debug_neighbor_events(peer)) |
1859 | zlog_debug("%s rcvd Refresh %s ORF request", peer->host, | |
1860 | when_to_refresh == REFRESH_DEFER | |
1861 | ? "Defer" | |
1862 | : "Immediate"); | |
1863 | if (when_to_refresh == REFRESH_DEFER) | |
d8151687 | 1864 | return BGP_PACKET_NOOP; |
d62a17ae | 1865 | } |
40d2700d | 1866 | |
d62a17ae | 1867 | /* First update is deferred until ORF or ROUTE-REFRESH is received */ |
1868 | if (CHECK_FLAG(peer->af_sflags[afi][safi], | |
1869 | PEER_STATUS_ORF_WAIT_REFRESH)) | |
1870 | UNSET_FLAG(peer->af_sflags[afi][safi], | |
1871 | PEER_STATUS_ORF_WAIT_REFRESH); | |
1872 | ||
1873 | paf = peer_af_find(peer, afi, safi); | |
1874 | if (paf && paf->subgroup) { | |
1875 | if (peer->orf_plist[afi][safi]) { | |
1876 | updgrp = PAF_UPDGRP(paf); | |
1877 | updgrp_peer = UPDGRP_PEER(updgrp); | |
1878 | updgrp_peer->orf_plist[afi][safi] = | |
1879 | peer->orf_plist[afi][safi]; | |
1880 | } | |
1881 | ||
1882 | /* If the peer is configured for default-originate clear the | |
1883 | * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will | |
1884 | * re-advertise the | |
1885 | * default | |
1886 | */ | |
1887 | if (CHECK_FLAG(paf->subgroup->sflags, | |
1888 | SUBGRP_STATUS_DEFAULT_ORIGINATE)) | |
1889 | UNSET_FLAG(paf->subgroup->sflags, | |
1890 | SUBGRP_STATUS_DEFAULT_ORIGINATE); | |
718e3744 | 1891 | } |
d62a17ae | 1892 | |
1893 | /* Perform route refreshment to the peer */ | |
1894 | bgp_announce_route(peer, afi, safi); | |
d8151687 QY |
1895 | |
1896 | /* No FSM action necessary */ | |
1897 | return BGP_PACKET_NOOP; | |
718e3744 | 1898 | } |
1899 | ||
d8151687 QY |
1900 | /** |
1901 | * Parse BGP CAPABILITY message for peer. | |
1902 | * | |
1903 | * @param peer | |
1904 | * @param size size of the packet | |
1905 | * @return as in summary | |
1906 | */ | |
d62a17ae | 1907 | static int bgp_capability_msg_parse(struct peer *peer, u_char *pnt, |
1908 | bgp_size_t length) | |
718e3744 | 1909 | { |
d62a17ae | 1910 | u_char *end; |
1911 | struct capability_mp_data mpc; | |
1912 | struct capability_header *hdr; | |
1913 | u_char action; | |
1914 | iana_afi_t pkt_afi; | |
1915 | afi_t afi; | |
5c525538 RW |
1916 | iana_safi_t pkt_safi; |
1917 | safi_t safi; | |
d62a17ae | 1918 | |
1919 | end = pnt + length; | |
1920 | ||
1921 | while (pnt < end) { | |
1922 | /* We need at least action, capability code and capability | |
1923 | * length. */ | |
1924 | if (pnt + 3 > end) { | |
1925 | zlog_info("%s Capability length error", peer->host); | |
1926 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
d8151687 | 1927 | return BGP_Stop; |
d62a17ae | 1928 | } |
1929 | action = *pnt; | |
1930 | hdr = (struct capability_header *)(pnt + 1); | |
1931 | ||
1932 | /* Action value check. */ | |
1933 | if (action != CAPABILITY_ACTION_SET | |
1934 | && action != CAPABILITY_ACTION_UNSET) { | |
1935 | zlog_info("%s Capability Action Value error %d", | |
1936 | peer->host, action); | |
1937 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
d8151687 | 1938 | return BGP_Stop; |
d62a17ae | 1939 | } |
1940 | ||
1941 | if (bgp_debug_neighbor_events(peer)) | |
1942 | zlog_debug( | |
1943 | "%s CAPABILITY has action: %d, code: %u, length %u", | |
1944 | peer->host, action, hdr->code, hdr->length); | |
1945 | ||
1946 | /* Capability length check. */ | |
1947 | if ((pnt + hdr->length + 3) > end) { | |
1948 | zlog_info("%s Capability length error", peer->host); | |
1949 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
d8151687 | 1950 | return BGP_Stop; |
d62a17ae | 1951 | } |
1952 | ||
1953 | /* Fetch structure to the byte stream. */ | |
1954 | memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data)); | |
d2b6417b | 1955 | pnt += hdr->length + 3; |
d62a17ae | 1956 | |
1957 | /* We know MP Capability Code. */ | |
1958 | if (hdr->code == CAPABILITY_CODE_MP) { | |
1959 | pkt_afi = ntohs(mpc.afi); | |
1960 | pkt_safi = mpc.safi; | |
1961 | ||
1962 | /* Ignore capability when override-capability is set. */ | |
1963 | if (CHECK_FLAG(peer->flags, | |
1964 | PEER_FLAG_OVERRIDE_CAPABILITY)) | |
1965 | continue; | |
1966 | ||
1967 | /* Convert AFI, SAFI to internal values. */ | |
1968 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, | |
1969 | &safi)) { | |
1970 | if (bgp_debug_neighbor_events(peer)) | |
1971 | zlog_debug( | |
1972 | "%s Dynamic Capability MP_EXT afi/safi invalid " | |
1973 | "(%u/%u)", | |
1974 | peer->host, pkt_afi, pkt_safi); | |
1975 | continue; | |
1976 | } | |
1977 | ||
1978 | /* Address family check. */ | |
1979 | if (bgp_debug_neighbor_events(peer)) | |
1980 | zlog_debug( | |
1981 | "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u", | |
1982 | peer->host, | |
1983 | action == CAPABILITY_ACTION_SET | |
1984 | ? "Advertising" | |
1985 | : "Removing", | |
1986 | pkt_afi, pkt_safi); | |
1987 | ||
1988 | if (action == CAPABILITY_ACTION_SET) { | |
1989 | peer->afc_recv[afi][safi] = 1; | |
1990 | if (peer->afc[afi][safi]) { | |
1991 | peer->afc_nego[afi][safi] = 1; | |
1992 | bgp_announce_route(peer, afi, safi); | |
1993 | } | |
1994 | } else { | |
1995 | peer->afc_recv[afi][safi] = 0; | |
1996 | peer->afc_nego[afi][safi] = 0; | |
1997 | ||
1998 | if (peer_active_nego(peer)) | |
1999 | bgp_clear_route(peer, afi, safi); | |
2000 | else | |
d8151687 | 2001 | return BGP_Stop; |
d62a17ae | 2002 | } |
2003 | } else { | |
2004 | zlog_warn( | |
2005 | "%s unrecognized capability code: %d - ignored", | |
2006 | peer->host, hdr->code); | |
2007 | } | |
d62a17ae | 2008 | } |
d8151687 QY |
2009 | |
2010 | /* No FSM action necessary */ | |
2011 | return BGP_PACKET_NOOP; | |
718e3744 | 2012 | } |
2013 | ||
d8151687 QY |
2014 | /** |
2015 | * Parse BGP CAPABILITY message for peer. | |
01b7ce2d | 2016 | * |
d8151687 QY |
2017 | * Exported for unit testing. |
2018 | * | |
2019 | * @param peer | |
2020 | * @param size size of the packet | |
2021 | * @return as in summary | |
01b7ce2d | 2022 | */ |
d62a17ae | 2023 | int bgp_capability_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 2024 | { |
d62a17ae | 2025 | u_char *pnt; |
2026 | ||
2027 | /* Fetch pointer. */ | |
424ab01d | 2028 | pnt = stream_pnt(peer->curr); |
d62a17ae | 2029 | |
2030 | if (bgp_debug_neighbor_events(peer)) | |
2031 | zlog_debug("%s rcv CAPABILITY", peer->host); | |
2032 | ||
2033 | /* If peer does not have the capability, send notification. */ | |
2034 | if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) { | |
2035 | zlog_err("%s [Error] BGP dynamic capability is not enabled", | |
2036 | peer->host); | |
2037 | bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, | |
2038 | BGP_NOTIFY_HEADER_BAD_MESTYPE); | |
d8151687 | 2039 | return BGP_Stop; |
d62a17ae | 2040 | } |
2041 | ||
2042 | /* Status must be Established. */ | |
2043 | if (peer->status != Established) { | |
2044 | zlog_err( | |
2045 | "%s [Error] Dynamic capability packet received under status %s", | |
2046 | peer->host, | |
2047 | lookup_msg(bgp_status_msg, peer->status, NULL)); | |
2048 | bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0); | |
d8151687 | 2049 | return BGP_Stop; |
d62a17ae | 2050 | } |
2051 | ||
2052 | /* Parse packet. */ | |
2053 | return bgp_capability_msg_parse(peer, pnt, size); | |
718e3744 | 2054 | } |
6b0655a2 | 2055 | |
d8151687 QY |
2056 | /** |
2057 | * Processes a peer's input buffer. | |
2058 | * | |
2059 | * This function sidesteps the event loop and directly calls bgp_event_update() | |
2060 | * after processing each BGP message. This is necessary to ensure proper | |
2061 | * ordering of FSM events and unifies the behavior that was present previously, | |
2062 | * whereby some of the packet handling functions would update the FSM and some | |
2063 | * would not, making event flow difficult to understand. Please think twice | |
2064 | * before hacking this. | |
2065 | * | |
2066 | * Thread type: THREAD_EVENT | |
2067 | * @param thread | |
2068 | * @return 0 | |
2069 | */ | |
424ab01d | 2070 | int bgp_process_packet(struct thread *thread) |
718e3744 | 2071 | { |
424ab01d | 2072 | /* Yes first of all get peer pointer. */ |
d8151687 QY |
2073 | struct peer *peer; // peer |
2074 | uint32_t rpkt_quanta_old; // how many packets to read | |
2075 | int fsm_update_result; // return code of bgp_event_update() | |
2076 | int mprc; // message processing return code | |
555e09d4 | 2077 | |
424ab01d | 2078 | peer = THREAD_ARG(thread); |
555e09d4 QY |
2079 | rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta, |
2080 | memory_order_relaxed); | |
e3c7270d | 2081 | fsm_update_result = 0; |
555e09d4 | 2082 | |
424ab01d | 2083 | /* Guard against scheduled events that occur after peer deletion. */ |
9eb217ff | 2084 | if (peer->status == Deleted || peer->status == Clearing) |
d62a17ae | 2085 | return 0; |
718e3744 | 2086 | |
555e09d4 | 2087 | unsigned int processed = 0; |
d62a17ae | 2088 | |
555e09d4 | 2089 | while (processed < rpkt_quanta_old) { |
9eb217ff QY |
2090 | u_char type = 0; |
2091 | bgp_size_t size; | |
2092 | char notify_data_length[2]; | |
d62a17ae | 2093 | |
9eb217ff QY |
2094 | pthread_mutex_lock(&peer->io_mtx); |
2095 | { | |
2096 | peer->curr = stream_fifo_pop(peer->ibuf); | |
2097 | } | |
2098 | pthread_mutex_unlock(&peer->io_mtx); | |
d62a17ae | 2099 | |
9eb217ff QY |
2100 | if (peer->curr == NULL) // no packets to process, hmm... |
2101 | return 0; | |
d62a17ae | 2102 | |
9eb217ff QY |
2103 | /* skip the marker and copy the packet length */ |
2104 | stream_forward_getp(peer->curr, BGP_MARKER_SIZE); | |
2105 | memcpy(notify_data_length, stream_pnt(peer->curr), 2); | |
2106 | ||
2107 | /* read in the packet length and type */ | |
2108 | size = stream_getw(peer->curr); | |
2109 | type = stream_getc(peer->curr); | |
2110 | ||
2111 | /* BGP packet dump function. */ | |
2112 | bgp_dump_packet(peer, type, peer->curr); | |
2113 | ||
2114 | /* adjust size to exclude the marker + length + type */ | |
2115 | size -= BGP_HEADER_SIZE; | |
2116 | ||
2117 | /* Read rest of the packet and call each sort of packet routine | |
2118 | */ | |
2119 | switch (type) { | |
2120 | case BGP_MSG_OPEN: | |
2121 | peer->open_in++; | |
d8151687 QY |
2122 | mprc = bgp_open_receive(peer, size); |
2123 | if (mprc == BGP_Stop) | |
2124 | zlog_err( | |
2125 | "%s: BGP OPEN receipt failed for peer: %s", | |
2126 | __FUNCTION__, peer->host); | |
9eb217ff QY |
2127 | break; |
2128 | case BGP_MSG_UPDATE: | |
d8151687 | 2129 | peer->update_in++; |
9eb217ff | 2130 | peer->readtime = monotime(NULL); |
d8151687 QY |
2131 | mprc = bgp_update_receive(peer, size); |
2132 | if (mprc == BGP_Stop) | |
2133 | zlog_err( | |
2134 | "%s: BGP UPDATE receipt failed for peer: %s", | |
2135 | __FUNCTION__, peer->host); | |
9eb217ff QY |
2136 | break; |
2137 | case BGP_MSG_NOTIFY: | |
d8151687 QY |
2138 | peer->notify_in++; |
2139 | mprc = bgp_notify_receive(peer, size); | |
2140 | if (mprc == BGP_Stop) | |
2141 | zlog_err( | |
2142 | "%s: BGP NOTIFY receipt failed for peer: %s", | |
2143 | __FUNCTION__, peer->host); | |
9eb217ff QY |
2144 | break; |
2145 | case BGP_MSG_KEEPALIVE: | |
2146 | peer->readtime = monotime(NULL); | |
d8151687 QY |
2147 | peer->keepalive_in++; |
2148 | mprc = bgp_keepalive_receive(peer, size); | |
2149 | if (mprc == BGP_Stop) | |
2150 | zlog_err( | |
2151 | "%s: BGP KEEPALIVE receipt failed for peer: %s", | |
2152 | __FUNCTION__, peer->host); | |
9eb217ff QY |
2153 | break; |
2154 | case BGP_MSG_ROUTE_REFRESH_NEW: | |
2155 | case BGP_MSG_ROUTE_REFRESH_OLD: | |
2156 | peer->refresh_in++; | |
d8151687 QY |
2157 | mprc = bgp_route_refresh_receive(peer, size); |
2158 | if (mprc == BGP_Stop) | |
2159 | zlog_err( | |
2160 | "%s: BGP ROUTEREFRESH receipt failed for peer: %s", | |
2161 | __FUNCTION__, peer->host); | |
9eb217ff QY |
2162 | break; |
2163 | case BGP_MSG_CAPABILITY: | |
2164 | peer->dynamic_cap_in++; | |
d8151687 QY |
2165 | mprc = bgp_capability_receive(peer, size); |
2166 | if (mprc == BGP_Stop) | |
2167 | zlog_err( | |
2168 | "%s: BGP CAPABILITY receipt failed for peer: %s", | |
2169 | __FUNCTION__, peer->host); | |
9eb217ff | 2170 | break; |
e3c7270d QY |
2171 | default: |
2172 | /* The message type should have been sanitized before we | |
2173 | * ever got | |
2174 | * here. Receipt of a message with an invalid header at | |
2175 | * this point is | |
2176 | * indicative of a security issue. */ | |
2177 | assert (!"Message of invalid type received during input processing"); | |
9eb217ff QY |
2178 | } |
2179 | ||
d8151687 QY |
2180 | /* delete processed packet */ |
2181 | stream_free(peer->curr); | |
2182 | peer->curr = NULL; | |
2183 | processed++; | |
9eb217ff | 2184 | |
d8151687 QY |
2185 | /* Update FSM */ |
2186 | if (mprc != BGP_PACKET_NOOP) | |
2187 | fsm_update_result = bgp_event_update(peer, mprc); | |
e3c7270d QY |
2188 | else |
2189 | continue; | |
d8151687 QY |
2190 | |
2191 | /* If peer was deleted, do not process any more packets. This is | |
2192 | * usually | |
2193 | * due to executing BGP_Stop or a stub deletion. */ | |
2194 | if (fsm_update_result == FSM_PEER_TRANSFERRED | |
2195 | || fsm_update_result == FSM_PEER_STOPPED) | |
2196 | break; | |
d62a17ae | 2197 | } |
2198 | ||
d8151687 QY |
2199 | if (fsm_update_result != FSM_PEER_TRANSFERRED |
2200 | && fsm_update_result != FSM_PEER_STOPPED) { | |
2201 | pthread_mutex_lock(&peer->io_mtx); | |
2202 | { | |
2203 | if (peer->ibuf->count | |
2204 | > 0) // more work to do, come back later | |
2205 | thread_add_event(bm->master, bgp_process_packet, | |
2206 | peer, 0, NULL); | |
2207 | } | |
2208 | pthread_mutex_unlock(&peer->io_mtx); | |
718e3744 | 2209 | } |
2210 | ||
d62a17ae | 2211 | return 0; |
718e3744 | 2212 | } |