]>
Commit | Line | Data |
---|---|---|
718e3744 | 1 | /* BGP packet management routine. |
896014f4 DL |
2 | * Copyright (C) 1999 Kunihiro Ishiguro |
3 | * | |
4 | * This file is part of GNU Zebra. | |
5 | * | |
6 | * GNU Zebra is free software; you can redistribute it and/or modify it | |
7 | * under the terms of the GNU General Public License as published by the | |
8 | * Free Software Foundation; either version 2, or (at your option) any | |
9 | * later version. | |
10 | * | |
11 | * GNU Zebra is distributed in the hope that it will be useful, but | |
12 | * WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License along | |
17 | * with this program; see the file COPYING; if not, write to the Free Software | |
18 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA | |
19 | */ | |
718e3744 | 20 | |
21 | #include <zebra.h> | |
22 | ||
23 | #include "thread.h" | |
24 | #include "stream.h" | |
25 | #include "network.h" | |
26 | #include "prefix.h" | |
27 | #include "command.h" | |
28 | #include "log.h" | |
29 | #include "memory.h" | |
d62a17ae | 30 | #include "sockunion.h" /* for inet_ntop () */ |
baa376fc | 31 | #include "sockopt.h" |
718e3744 | 32 | #include "linklist.h" |
33 | #include "plist.h" | |
3f9c7369 | 34 | #include "queue.h" |
039f3a34 | 35 | #include "filter.h" |
718e3744 | 36 | |
37 | #include "bgpd/bgpd.h" | |
38 | #include "bgpd/bgp_table.h" | |
39 | #include "bgpd/bgp_dump.h" | |
40 | #include "bgpd/bgp_attr.h" | |
41 | #include "bgpd/bgp_debug.h" | |
42 | #include "bgpd/bgp_fsm.h" | |
43 | #include "bgpd/bgp_route.h" | |
44 | #include "bgpd/bgp_packet.h" | |
45 | #include "bgpd/bgp_open.h" | |
46 | #include "bgpd/bgp_aspath.h" | |
47 | #include "bgpd/bgp_community.h" | |
48 | #include "bgpd/bgp_ecommunity.h" | |
57d187bc | 49 | #include "bgpd/bgp_lcommunity.h" |
718e3744 | 50 | #include "bgpd/bgp_network.h" |
51 | #include "bgpd/bgp_mplsvpn.h" | |
7ef5a232 | 52 | #include "bgpd/bgp_evpn.h" |
718e3744 | 53 | #include "bgpd/bgp_advertise.h" |
93406d87 | 54 | #include "bgpd/bgp_vty.h" |
3f9c7369 | 55 | #include "bgpd/bgp_updgrp.h" |
cd1964ff | 56 | #include "bgpd/bgp_label.h" |
718e3744 | 57 | |
718e3744 | 58 | /* Set up BGP packet marker and packet type. */ |
d62a17ae | 59 | int bgp_packet_set_marker(struct stream *s, u_char type) |
718e3744 | 60 | { |
d62a17ae | 61 | int i; |
718e3744 | 62 | |
d62a17ae | 63 | /* Fill in marker. */ |
64 | for (i = 0; i < BGP_MARKER_SIZE; i++) | |
65 | stream_putc(s, 0xff); | |
718e3744 | 66 | |
d62a17ae | 67 | /* Dummy total length. This field is should be filled in later on. */ |
68 | stream_putw(s, 0); | |
718e3744 | 69 | |
d62a17ae | 70 | /* BGP packet type. */ |
71 | stream_putc(s, type); | |
718e3744 | 72 | |
d62a17ae | 73 | /* Return current stream size. */ |
74 | return stream_get_endp(s); | |
718e3744 | 75 | } |
76 | ||
77 | /* Set BGP packet header size entry. If size is zero then use current | |
78 | stream size. */ | |
d62a17ae | 79 | int bgp_packet_set_size(struct stream *s) |
718e3744 | 80 | { |
d62a17ae | 81 | int cp; |
718e3744 | 82 | |
d62a17ae | 83 | /* Preserve current pointer. */ |
84 | cp = stream_get_endp(s); | |
85 | stream_putw_at(s, BGP_MARKER_SIZE, cp); | |
718e3744 | 86 | |
d62a17ae | 87 | return cp; |
718e3744 | 88 | } |
89 | ||
90 | /* Add new packet to the peer. */ | |
d62a17ae | 91 | void bgp_packet_add(struct peer *peer, struct stream *s) |
718e3744 | 92 | { |
d62a17ae | 93 | /* Add packet to the end of list. */ |
94 | stream_fifo_push(peer->obuf, s); | |
718e3744 | 95 | } |
96 | ||
97 | /* Free first packet. */ | |
d62a17ae | 98 | static void bgp_packet_delete(struct peer *peer) |
718e3744 | 99 | { |
d62a17ae | 100 | stream_free(stream_fifo_pop(peer->obuf)); |
718e3744 | 101 | } |
102 | ||
718e3744 | 103 | /* Check file descriptor whether connect is established. */ |
d62a17ae | 104 | int bgp_connect_check(struct peer *peer, int change_state) |
718e3744 | 105 | { |
d62a17ae | 106 | int status; |
107 | socklen_t slen; | |
108 | int ret; | |
109 | ||
110 | /* Anyway I have to reset read and write thread. */ | |
111 | BGP_READ_OFF(peer->t_read); | |
112 | BGP_WRITE_OFF(peer->t_write); | |
113 | ||
114 | /* Check file descriptor. */ | |
115 | slen = sizeof(status); | |
116 | ret = getsockopt(peer->fd, SOL_SOCKET, SO_ERROR, (void *)&status, | |
117 | &slen); | |
118 | ||
119 | /* If getsockopt is fail, this is fatal error. */ | |
120 | if (ret < 0) { | |
121 | zlog_info("can't get sockopt for nonblocking connect"); | |
122 | BGP_EVENT_ADD(peer, TCP_fatal_error); | |
123 | return -1; | |
124 | } | |
125 | ||
126 | /* When status is 0 then TCP connection is established. */ | |
127 | if (status == 0) { | |
128 | BGP_EVENT_ADD(peer, TCP_connection_open); | |
129 | return 1; | |
130 | } else { | |
131 | if (bgp_debug_neighbor_events(peer)) | |
132 | zlog_debug("%s [Event] Connect failed (%s)", peer->host, | |
133 | safe_strerror(errno)); | |
134 | if (change_state) | |
135 | BGP_EVENT_ADD(peer, TCP_connection_open_failed); | |
136 | return 0; | |
137 | } | |
718e3744 | 138 | } |
139 | ||
d62a17ae | 140 | static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi, |
141 | safi_t safi) | |
93406d87 | 142 | { |
d62a17ae | 143 | struct stream *s; |
144 | iana_afi_t pkt_afi; | |
145 | safi_t pkt_safi; | |
146 | ||
147 | if (DISABLE_BGP_ANNOUNCE) | |
148 | return NULL; | |
149 | ||
150 | if (bgp_debug_neighbor_events(peer)) | |
151 | zlog_debug("send End-of-RIB for %s to %s", | |
152 | afi_safi_print(afi, safi), peer->host); | |
153 | ||
154 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
155 | ||
156 | /* Make BGP update packet. */ | |
157 | bgp_packet_set_marker(s, BGP_MSG_UPDATE); | |
158 | ||
159 | /* Unfeasible Routes Length */ | |
160 | stream_putw(s, 0); | |
161 | ||
162 | if (afi == AFI_IP && safi == SAFI_UNICAST) { | |
163 | /* Total Path Attribute Length */ | |
164 | stream_putw(s, 0); | |
165 | } else { | |
166 | /* Convert AFI, SAFI to values for packet. */ | |
167 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
168 | ||
169 | /* Total Path Attribute Length */ | |
170 | stream_putw(s, 6); | |
171 | stream_putc(s, BGP_ATTR_FLAG_OPTIONAL); | |
172 | stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI); | |
173 | stream_putc(s, 3); | |
174 | stream_putw(s, pkt_afi); | |
175 | stream_putc(s, pkt_safi); | |
176 | } | |
177 | ||
178 | bgp_packet_set_size(s); | |
179 | bgp_packet_add(peer, s); | |
180 | return s; | |
718e3744 | 181 | } |
182 | ||
718e3744 | 183 | /* Get next packet to be written. */ |
d62a17ae | 184 | static struct stream *bgp_write_packet(struct peer *peer) |
718e3744 | 185 | { |
d62a17ae | 186 | struct stream *s = NULL; |
187 | struct peer_af *paf; | |
188 | struct bpacket *next_pkt; | |
189 | afi_t afi; | |
190 | safi_t safi; | |
191 | ||
192 | s = stream_fifo_head(peer->obuf); | |
193 | if (s) | |
194 | return s; | |
195 | ||
196 | /* | |
197 | * The code beyond this part deals with update packets, proceed only | |
198 | * if peer is Established and updates are not on hold (as part of | |
199 | * update-delay post processing). | |
3f9c7369 | 200 | */ |
d62a17ae | 201 | if (peer->status != Established) |
202 | return NULL; | |
203 | ||
204 | if (peer->bgp && peer->bgp->main_peers_update_hold) | |
205 | return NULL; | |
206 | ||
207 | for (afi = AFI_IP; afi < AFI_MAX; afi++) | |
208 | for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) { | |
209 | paf = peer_af_find(peer, afi, safi); | |
210 | if (!paf || !PAF_SUBGRP(paf)) | |
211 | continue; | |
212 | next_pkt = paf->next_pkt_to_send; | |
213 | ||
214 | /* Try to generate a packet for the peer if we are at | |
215 | * the end of | |
216 | * the list. Always try to push out WITHDRAWs first. */ | |
217 | if (!next_pkt || !next_pkt->buffer) { | |
218 | next_pkt = subgroup_withdraw_packet( | |
219 | PAF_SUBGRP(paf)); | |
220 | if (!next_pkt || !next_pkt->buffer) | |
221 | subgroup_update_packet(PAF_SUBGRP(paf)); | |
222 | next_pkt = paf->next_pkt_to_send; | |
223 | } | |
224 | ||
225 | /* If we still don't have a packet to send to the peer, | |
226 | * then | |
227 | * try to find out out if we have to send eor or if not, | |
228 | * skip to | |
229 | * the next AFI, SAFI. | |
230 | * Don't send the EOR prematurely... if the subgroup's | |
231 | * coalesce | |
232 | * timer is running, the adjacency-out structure is not | |
233 | * created | |
234 | * yet. | |
235 | */ | |
236 | if (!next_pkt || !next_pkt->buffer) { | |
237 | if (CHECK_FLAG(peer->cap, | |
238 | PEER_CAP_RESTART_RCV)) { | |
239 | if (!(PAF_SUBGRP(paf))->t_coalesce | |
240 | && peer->afc_nego[afi][safi] | |
241 | && peer->synctime | |
242 | && !CHECK_FLAG( | |
243 | peer->af_sflags[afi] | |
244 | [safi], | |
245 | PEER_STATUS_EOR_SEND)) { | |
246 | SET_FLAG(peer->af_sflags[afi] | |
247 | [safi], | |
248 | PEER_STATUS_EOR_SEND); | |
249 | return bgp_update_packet_eor( | |
250 | peer, afi, safi); | |
251 | } | |
252 | } | |
253 | continue; | |
254 | } | |
255 | ||
256 | ||
257 | /* | |
258 | * Found a packet template to send, overwrite packet | |
259 | * with appropriate | |
260 | * attributes from peer and advance peer | |
261 | */ | |
262 | s = bpacket_reformat_for_peer(next_pkt, paf); | |
263 | bpacket_queue_advance_peer(paf); | |
264 | return s; | |
265 | } | |
718e3744 | 266 | |
d62a17ae | 267 | return NULL; |
d889623f DS |
268 | } |
269 | ||
3f9c7369 | 270 | /* The next action for the peer from a write perspective */ |
d62a17ae | 271 | static void bgp_write_proceed_actions(struct peer *peer) |
d889623f | 272 | { |
d62a17ae | 273 | afi_t afi; |
274 | safi_t safi; | |
275 | struct peer_af *paf; | |
276 | struct bpacket *next_pkt; | |
277 | int fullq_found = 0; | |
278 | struct update_subgroup *subgrp; | |
279 | ||
280 | if (stream_fifo_head(peer->obuf)) { | |
281 | BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd); | |
282 | return; | |
283 | } | |
284 | ||
285 | for (afi = AFI_IP; afi < AFI_MAX; afi++) | |
286 | for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) { | |
287 | paf = peer_af_find(peer, afi, safi); | |
288 | if (!paf) | |
289 | continue; | |
290 | subgrp = paf->subgroup; | |
291 | if (!subgrp) | |
292 | continue; | |
293 | ||
294 | next_pkt = paf->next_pkt_to_send; | |
295 | if (next_pkt && next_pkt->buffer) { | |
296 | BGP_WRITE_ON(peer->t_write, bgp_write, | |
297 | peer->fd); | |
298 | return; | |
299 | } | |
300 | ||
301 | /* No packets readily available for AFI/SAFI, are there | |
302 | * subgroup packets | |
303 | * that need to be generated? */ | |
304 | if (bpacket_queue_is_full(SUBGRP_INST(subgrp), | |
305 | SUBGRP_PKTQ(subgrp))) | |
306 | fullq_found = 1; | |
307 | else if (subgroup_packets_to_build(subgrp)) { | |
308 | BGP_WRITE_ON(peer->t_write, bgp_write, | |
309 | peer->fd); | |
310 | return; | |
311 | } | |
312 | ||
313 | /* No packets to send, see if EOR is pending */ | |
314 | if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) { | |
315 | if (!subgrp->t_coalesce | |
316 | && peer->afc_nego[afi][safi] | |
317 | && peer->synctime | |
318 | && !CHECK_FLAG(peer->af_sflags[afi][safi], | |
319 | PEER_STATUS_EOR_SEND) | |
320 | && safi != SAFI_MPLS_VPN) { | |
321 | BGP_WRITE_ON(peer->t_write, bgp_write, | |
322 | peer->fd); | |
323 | return; | |
324 | } | |
325 | } | |
326 | } | |
327 | if (fullq_found) { | |
328 | BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd); | |
329 | return; | |
330 | } | |
d889623f DS |
331 | } |
332 | ||
718e3744 | 333 | /* Write packet to the peer. */ |
d62a17ae | 334 | int bgp_write(struct thread *thread) |
718e3744 | 335 | { |
d62a17ae | 336 | struct peer *peer; |
337 | u_char type; | |
338 | struct stream *s; | |
339 | int num; | |
340 | int update_last_write = 0; | |
341 | unsigned int count = 0; | |
342 | unsigned int oc = 0; | |
343 | ||
344 | /* Yes first of all get peer pointer. */ | |
345 | peer = THREAD_ARG(thread); | |
346 | peer->t_write = NULL; | |
347 | ||
348 | /* For non-blocking IO check. */ | |
349 | if (peer->status == Connect) { | |
350 | bgp_connect_check(peer, 1); | |
351 | return 0; | |
718e3744 | 352 | } |
35398589 | 353 | |
d62a17ae | 354 | s = bgp_write_packet(peer); |
355 | if (!s) { | |
356 | bgp_write_proceed_actions(peer); | |
357 | return 0; | |
718e3744 | 358 | } |
359 | ||
d62a17ae | 360 | sockopt_cork(peer->fd, 1); |
718e3744 | 361 | |
d62a17ae | 362 | oc = peer->update_out; |
718e3744 | 363 | |
d62a17ae | 364 | /* Nonblocking write until TCP output buffer is full. */ |
365 | do { | |
366 | int writenum; | |
718e3744 | 367 | |
d62a17ae | 368 | /* Number of bytes to be sent. */ |
369 | writenum = stream_get_endp(s) - stream_get_getp(s); | |
718e3744 | 370 | |
d62a17ae | 371 | /* Call write() system call. */ |
372 | num = write(peer->fd, STREAM_PNT(s), writenum); | |
373 | if (num < 0) { | |
374 | /* write failed either retry needed or error */ | |
375 | if (ERRNO_IO_RETRY(errno)) | |
376 | break; | |
cb1faec9 | 377 | |
d62a17ae | 378 | BGP_EVENT_ADD(peer, TCP_fatal_error); |
379 | return 0; | |
380 | } | |
3a69f74a | 381 | |
d62a17ae | 382 | if (num != writenum) { |
383 | /* Partial write */ | |
384 | stream_forward_getp(s, num); | |
385 | break; | |
386 | } | |
1ba2a97a | 387 | |
d62a17ae | 388 | /* Retrieve BGP packet type. */ |
389 | stream_set_getp(s, BGP_MARKER_SIZE + 2); | |
390 | type = stream_getc(s); | |
391 | ||
392 | switch (type) { | |
393 | case BGP_MSG_OPEN: | |
394 | peer->open_out++; | |
395 | break; | |
396 | case BGP_MSG_UPDATE: | |
397 | peer->update_out++; | |
398 | break; | |
399 | case BGP_MSG_NOTIFY: | |
400 | peer->notify_out++; | |
401 | /* Double start timer. */ | |
402 | peer->v_start *= 2; | |
403 | ||
404 | /* Overflow check. */ | |
405 | if (peer->v_start >= (60 * 2)) | |
406 | peer->v_start = (60 * 2); | |
407 | ||
408 | /* Flush any existing events */ | |
409 | BGP_EVENT_ADD(peer, BGP_Stop); | |
410 | goto done; | |
411 | ||
412 | case BGP_MSG_KEEPALIVE: | |
413 | peer->keepalive_out++; | |
414 | break; | |
415 | case BGP_MSG_ROUTE_REFRESH_NEW: | |
416 | case BGP_MSG_ROUTE_REFRESH_OLD: | |
417 | peer->refresh_out++; | |
418 | break; | |
419 | case BGP_MSG_CAPABILITY: | |
420 | peer->dynamic_cap_out++; | |
421 | break; | |
422 | } | |
cb1faec9 | 423 | |
d62a17ae | 424 | /* OK we send packet so delete it. */ |
425 | bgp_packet_delete(peer); | |
426 | update_last_write = 1; | |
427 | } while (++count < peer->bgp->wpkt_quanta | |
428 | && (s = bgp_write_packet(peer)) != NULL); | |
718e3744 | 429 | |
d62a17ae | 430 | bgp_write_proceed_actions(peer); |
718e3744 | 431 | |
d62a17ae | 432 | done: |
433 | /* Update last_update if UPDATEs were written. */ | |
434 | if (peer->update_out > oc) | |
435 | peer->last_update = bgp_clock(); | |
718e3744 | 436 | |
d62a17ae | 437 | /* If we TXed any flavor of packet update last_write */ |
438 | if (update_last_write) | |
439 | peer->last_write = bgp_clock(); | |
86998bc2 | 440 | |
d62a17ae | 441 | sockopt_cork(peer->fd, 0); |
442 | return 0; | |
443 | } | |
8ff202e2 | 444 | |
d62a17ae | 445 | /* This is only for sending NOTIFICATION message to neighbor. */ |
446 | static int bgp_write_notify(struct peer *peer) | |
447 | { | |
448 | int ret, val; | |
449 | u_char type; | |
450 | struct stream *s; | |
451 | ||
452 | /* There should be at least one packet. */ | |
453 | s = stream_fifo_head(peer->obuf); | |
454 | if (!s) | |
455 | return 0; | |
456 | assert(stream_get_endp(s) >= BGP_HEADER_SIZE); | |
457 | ||
458 | /* Stop collecting data within the socket */ | |
459 | sockopt_cork(peer->fd, 0); | |
460 | ||
461 | /* socket is in nonblocking mode, if we can't deliver the NOTIFY, well, | |
462 | * we only care about getting a clean shutdown at this point. */ | |
463 | ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s)); | |
464 | ||
465 | /* only connection reset/close gets counted as TCP_fatal_error, failure | |
466 | * to write the entire NOTIFY doesn't get different FSM treatment */ | |
467 | if (ret <= 0) { | |
468 | BGP_EVENT_ADD(peer, TCP_fatal_error); | |
469 | return 0; | |
470 | } | |
718e3744 | 471 | |
d62a17ae | 472 | /* Disable Nagle, make NOTIFY packet go out right away */ |
473 | val = 1; | |
474 | (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, | |
475 | sizeof(val)); | |
86998bc2 | 476 | |
d62a17ae | 477 | /* Retrieve BGP packet type. */ |
478 | stream_set_getp(s, BGP_MARKER_SIZE + 2); | |
479 | type = stream_getc(s); | |
718e3744 | 480 | |
d62a17ae | 481 | assert(type == BGP_MSG_NOTIFY); |
718e3744 | 482 | |
d62a17ae | 483 | /* Type should be notify. */ |
484 | peer->notify_out++; | |
718e3744 | 485 | |
d62a17ae | 486 | /* Double start timer. */ |
487 | peer->v_start *= 2; | |
718e3744 | 488 | |
d62a17ae | 489 | /* Overflow check. */ |
490 | if (peer->v_start >= (60 * 2)) | |
491 | peer->v_start = (60 * 2); | |
718e3744 | 492 | |
d62a17ae | 493 | /* Handle Graceful Restart case where the state changes to |
494 | Connect instead of Idle */ | |
495 | BGP_EVENT_ADD(peer, BGP_Stop); | |
718e3744 | 496 | |
d62a17ae | 497 | return 0; |
718e3744 | 498 | } |
499 | ||
500 | /* Make keepalive packet and send it to the peer. */ | |
d62a17ae | 501 | void bgp_keepalive_send(struct peer *peer) |
718e3744 | 502 | { |
d62a17ae | 503 | struct stream *s; |
504 | ||
505 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
718e3744 | 506 | |
d62a17ae | 507 | /* Make keepalive packet. */ |
508 | bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE); | |
718e3744 | 509 | |
d62a17ae | 510 | /* Set packet size. */ |
511 | (void)bgp_packet_set_size(s); | |
718e3744 | 512 | |
d62a17ae | 513 | /* Dump packet if debug option is set. */ |
514 | /* bgp_packet_dump (s); */ | |
718e3744 | 515 | |
d62a17ae | 516 | if (bgp_debug_keepalive(peer)) |
517 | zlog_debug("%s sending KEEPALIVE", peer->host); | |
718e3744 | 518 | |
d62a17ae | 519 | /* Add packet to the peer. */ |
520 | bgp_packet_add(peer, s); | |
718e3744 | 521 | |
d62a17ae | 522 | BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd); |
718e3744 | 523 | } |
524 | ||
525 | /* Make open packet and send it to the peer. */ | |
d62a17ae | 526 | void bgp_open_send(struct peer *peer) |
718e3744 | 527 | { |
d62a17ae | 528 | struct stream *s; |
529 | u_int16_t send_holdtime; | |
530 | as_t local_as; | |
718e3744 | 531 | |
d62a17ae | 532 | if (CHECK_FLAG(peer->config, PEER_CONFIG_TIMER)) |
533 | send_holdtime = peer->holdtime; | |
534 | else | |
535 | send_holdtime = peer->bgp->default_holdtime; | |
718e3744 | 536 | |
d62a17ae | 537 | /* local-as Change */ |
538 | if (peer->change_local_as) | |
539 | local_as = peer->change_local_as; | |
540 | else | |
541 | local_as = peer->local_as; | |
718e3744 | 542 | |
d62a17ae | 543 | s = stream_new(BGP_MAX_PACKET_SIZE); |
718e3744 | 544 | |
d62a17ae | 545 | /* Make open packet. */ |
546 | bgp_packet_set_marker(s, BGP_MSG_OPEN); | |
718e3744 | 547 | |
d62a17ae | 548 | /* Set open packet values. */ |
549 | stream_putc(s, BGP_VERSION_4); /* BGP version */ | |
550 | stream_putw(s, | |
551 | (local_as <= BGP_AS_MAX) ? (u_int16_t)local_as | |
552 | : BGP_AS_TRANS); | |
553 | stream_putw(s, send_holdtime); /* Hold Time */ | |
554 | stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */ | |
718e3744 | 555 | |
d62a17ae | 556 | /* Set capability code. */ |
557 | bgp_open_capability(s, peer); | |
718e3744 | 558 | |
d62a17ae | 559 | /* Set BGP packet length. */ |
560 | (void)bgp_packet_set_size(s); | |
718e3744 | 561 | |
d62a17ae | 562 | if (bgp_debug_neighbor_events(peer)) |
563 | zlog_debug( | |
564 | "%s sending OPEN, version %d, my as %u, holdtime %d, id %s", | |
565 | peer->host, BGP_VERSION_4, local_as, send_holdtime, | |
566 | inet_ntoa(peer->local_id)); | |
718e3744 | 567 | |
d62a17ae | 568 | /* Dump packet if debug option is set. */ |
569 | /* bgp_packet_dump (s); */ | |
718e3744 | 570 | |
d62a17ae | 571 | /* Add packet to the peer. */ |
572 | bgp_packet_add(peer, s); | |
718e3744 | 573 | |
d62a17ae | 574 | BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd); |
718e3744 | 575 | } |
576 | ||
577 | /* Send BGP notify packet with data potion. */ | |
d62a17ae | 578 | void bgp_notify_send_with_data(struct peer *peer, u_char code, u_char sub_code, |
579 | u_char *data, size_t datalen) | |
718e3744 | 580 | { |
d62a17ae | 581 | struct stream *s; |
582 | int length; | |
583 | ||
584 | /* Allocate new stream. */ | |
585 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
586 | ||
587 | /* Make nitify packet. */ | |
588 | bgp_packet_set_marker(s, BGP_MSG_NOTIFY); | |
589 | ||
590 | /* Set notify packet values. */ | |
591 | stream_putc(s, code); /* BGP notify code */ | |
592 | stream_putc(s, sub_code); /* BGP notify sub_code */ | |
593 | ||
594 | /* If notify data is present. */ | |
595 | if (data) | |
596 | stream_write(s, data, datalen); | |
597 | ||
598 | /* Set BGP packet length. */ | |
599 | length = bgp_packet_set_size(s); | |
600 | ||
601 | /* Add packet to the peer. */ | |
602 | stream_fifo_clean(peer->obuf); | |
603 | bgp_packet_add(peer, s); | |
604 | ||
605 | /* For debug */ | |
606 | { | |
607 | struct bgp_notify bgp_notify; | |
608 | int first = 0; | |
609 | int i; | |
610 | char c[4]; | |
611 | ||
612 | bgp_notify.code = code; | |
613 | bgp_notify.subcode = sub_code; | |
614 | bgp_notify.data = NULL; | |
615 | bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE; | |
616 | bgp_notify.raw_data = data; | |
617 | ||
618 | peer->notify.code = bgp_notify.code; | |
619 | peer->notify.subcode = bgp_notify.subcode; | |
620 | ||
621 | if (bgp_notify.length) { | |
622 | bgp_notify.data = | |
623 | XMALLOC(MTYPE_TMP, bgp_notify.length * 3); | |
624 | for (i = 0; i < bgp_notify.length; i++) | |
625 | if (first) { | |
626 | sprintf(c, " %02x", data[i]); | |
627 | strcat(bgp_notify.data, c); | |
628 | } else { | |
629 | first = 1; | |
630 | sprintf(c, "%02x", data[i]); | |
631 | strcpy(bgp_notify.data, c); | |
632 | } | |
633 | } | |
634 | bgp_notify_print(peer, &bgp_notify, "sending"); | |
635 | ||
636 | if (bgp_notify.data) { | |
637 | XFREE(MTYPE_TMP, bgp_notify.data); | |
638 | bgp_notify.data = NULL; | |
639 | bgp_notify.length = 0; | |
640 | } | |
641 | } | |
642 | ||
643 | /* peer reset cause */ | |
644 | if (code == BGP_NOTIFY_CEASE) { | |
645 | if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET) | |
646 | peer->last_reset = PEER_DOWN_USER_RESET; | |
647 | else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN) | |
648 | peer->last_reset = PEER_DOWN_USER_SHUTDOWN; | |
649 | else | |
650 | peer->last_reset = PEER_DOWN_NOTIFY_SEND; | |
651 | } else | |
652 | peer->last_reset = PEER_DOWN_NOTIFY_SEND; | |
653 | ||
654 | /* Call immediately. */ | |
655 | BGP_WRITE_OFF(peer->t_write); | |
656 | ||
657 | bgp_write_notify(peer); | |
718e3744 | 658 | } |
659 | ||
660 | /* Send BGP notify packet. */ | |
d62a17ae | 661 | void bgp_notify_send(struct peer *peer, u_char code, u_char sub_code) |
718e3744 | 662 | { |
d62a17ae | 663 | bgp_notify_send_with_data(peer, code, sub_code, NULL, 0); |
718e3744 | 664 | } |
665 | ||
718e3744 | 666 | /* Send route refresh message to the peer. */ |
d62a17ae | 667 | void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi, |
668 | u_char orf_type, u_char when_to_refresh, int remove) | |
718e3744 | 669 | { |
d62a17ae | 670 | struct stream *s; |
671 | struct bgp_filter *filter; | |
672 | int orf_refresh = 0; | |
673 | iana_afi_t pkt_afi; | |
674 | safi_t pkt_safi; | |
675 | ||
676 | if (DISABLE_BGP_ANNOUNCE) | |
677 | return; | |
678 | ||
679 | filter = &peer->filter[afi][safi]; | |
680 | ||
681 | /* Convert AFI, SAFI to values for packet. */ | |
682 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
683 | ||
684 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
685 | ||
686 | /* Make BGP update packet. */ | |
687 | if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV)) | |
688 | bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW); | |
718e3744 | 689 | else |
d62a17ae | 690 | bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD); |
691 | ||
692 | /* Encode Route Refresh message. */ | |
693 | stream_putw(s, pkt_afi); | |
694 | stream_putc(s, 0); | |
695 | stream_putc(s, pkt_safi); | |
696 | ||
697 | if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD) | |
698 | if (remove || filter->plist[FILTER_IN].plist) { | |
699 | u_int16_t orf_len; | |
700 | unsigned long orfp; | |
701 | ||
702 | orf_refresh = 1; | |
703 | stream_putc(s, when_to_refresh); | |
704 | stream_putc(s, orf_type); | |
705 | orfp = stream_get_endp(s); | |
706 | stream_putw(s, 0); | |
707 | ||
708 | if (remove) { | |
709 | UNSET_FLAG(peer->af_sflags[afi][safi], | |
710 | PEER_STATUS_ORF_PREFIX_SEND); | |
711 | stream_putc(s, ORF_COMMON_PART_REMOVE_ALL); | |
712 | if (bgp_debug_neighbor_events(peer)) | |
713 | zlog_debug( | |
714 | "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d", | |
715 | peer->host, orf_type, | |
716 | (when_to_refresh == REFRESH_DEFER | |
717 | ? "defer" | |
718 | : "immediate"), | |
719 | pkt_afi, pkt_safi); | |
720 | } else { | |
721 | SET_FLAG(peer->af_sflags[afi][safi], | |
722 | PEER_STATUS_ORF_PREFIX_SEND); | |
723 | prefix_bgp_orf_entry( | |
724 | s, filter->plist[FILTER_IN].plist, | |
725 | ORF_COMMON_PART_ADD, | |
726 | ORF_COMMON_PART_PERMIT, | |
727 | ORF_COMMON_PART_DENY); | |
728 | if (bgp_debug_neighbor_events(peer)) | |
729 | zlog_debug( | |
730 | "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d", | |
731 | peer->host, orf_type, | |
732 | (when_to_refresh == REFRESH_DEFER | |
733 | ? "defer" | |
734 | : "immediate"), | |
735 | pkt_afi, pkt_safi); | |
736 | } | |
737 | ||
738 | /* Total ORF Entry Len. */ | |
739 | orf_len = stream_get_endp(s) - orfp - 2; | |
740 | stream_putw_at(s, orfp, orf_len); | |
741 | } | |
742 | ||
743 | /* Set packet size. */ | |
744 | (void)bgp_packet_set_size(s); | |
745 | ||
746 | if (bgp_debug_neighbor_events(peer)) { | |
747 | if (!orf_refresh) | |
748 | zlog_debug("%s sending REFRESH_REQ for afi/safi: %d/%d", | |
749 | peer->host, pkt_afi, pkt_safi); | |
750 | } | |
751 | ||
752 | /* Add packet to the peer. */ | |
753 | bgp_packet_add(peer, s); | |
754 | ||
755 | BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd); | |
718e3744 | 756 | } |
757 | ||
758 | /* Send capability message to the peer. */ | |
d62a17ae | 759 | void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi, |
760 | int capability_code, int action) | |
718e3744 | 761 | { |
d62a17ae | 762 | struct stream *s; |
763 | iana_afi_t pkt_afi; | |
764 | safi_t pkt_safi; | |
765 | ||
766 | /* Convert AFI, SAFI to values for packet. */ | |
767 | bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi); | |
768 | ||
769 | s = stream_new(BGP_MAX_PACKET_SIZE); | |
770 | ||
771 | /* Make BGP update packet. */ | |
772 | bgp_packet_set_marker(s, BGP_MSG_CAPABILITY); | |
773 | ||
774 | /* Encode MP_EXT capability. */ | |
775 | if (capability_code == CAPABILITY_CODE_MP) { | |
776 | stream_putc(s, action); | |
777 | stream_putc(s, CAPABILITY_CODE_MP); | |
778 | stream_putc(s, CAPABILITY_CODE_MP_LEN); | |
779 | stream_putw(s, pkt_afi); | |
780 | stream_putc(s, 0); | |
781 | stream_putc(s, pkt_safi); | |
782 | ||
783 | if (bgp_debug_neighbor_events(peer)) | |
784 | zlog_debug( | |
785 | "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d", | |
786 | peer->host, | |
787 | action == CAPABILITY_ACTION_SET ? "Advertising" | |
788 | : "Removing", | |
789 | pkt_afi, pkt_safi); | |
790 | } | |
791 | ||
792 | /* Set packet size. */ | |
793 | (void)bgp_packet_set_size(s); | |
718e3744 | 794 | |
d62a17ae | 795 | /* Add packet to the peer. */ |
796 | bgp_packet_add(peer, s); | |
718e3744 | 797 | |
d62a17ae | 798 | BGP_WRITE_ON(peer->t_write, bgp_write, peer->fd); |
799 | } | |
718e3744 | 800 | |
d62a17ae | 801 | /* RFC1771 6.8 Connection collision detection. */ |
802 | static int bgp_collision_detect(struct peer *new, struct in_addr remote_id) | |
803 | { | |
804 | struct peer *peer; | |
805 | ||
806 | /* Upon receipt of an OPEN message, the local system must examine | |
807 | all of its connections that are in the OpenConfirm state. A BGP | |
808 | speaker may also examine connections in an OpenSent state if it | |
809 | knows the BGP Identifier of the peer by means outside of the | |
810 | protocol. If among these connections there is a connection to a | |
811 | remote BGP speaker whose BGP Identifier equals the one in the | |
812 | OPEN message, then the local system performs the following | |
813 | collision resolution procedure: */ | |
814 | ||
815 | if ((peer = new->doppelganger) != NULL) { | |
816 | /* Do not accept the new connection in Established or Clearing | |
817 | * states. | |
818 | * Note that a peer GR is handled by closing the existing | |
819 | * connection | |
820 | * upon receipt of new one. | |
821 | */ | |
822 | if (peer->status == Established || peer->status == Clearing) { | |
823 | bgp_notify_send(new, BGP_NOTIFY_CEASE, | |
824 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
825 | return (-1); | |
826 | } else if ((peer->status == OpenConfirm) | |
827 | || (peer->status == OpenSent)) { | |
828 | /* 1. The BGP Identifier of the local system is compared | |
829 | to | |
830 | the BGP Identifier of the remote system (as specified | |
831 | in | |
832 | the OPEN message). */ | |
833 | ||
834 | if (ntohl(peer->local_id.s_addr) | |
835 | < ntohl(remote_id.s_addr)) | |
836 | if (!CHECK_FLAG(peer->sflags, | |
837 | PEER_STATUS_ACCEPT_PEER)) { | |
838 | /* 2. If the value of the local BGP | |
839 | Identifier is less | |
840 | than the remote one, the local system | |
841 | closes BGP | |
842 | connection that already exists (the | |
843 | one that is | |
844 | already in the OpenConfirm state), | |
845 | and accepts BGP | |
846 | connection initiated by the remote | |
847 | system. */ | |
848 | bgp_notify_send( | |
849 | peer, BGP_NOTIFY_CEASE, | |
850 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
851 | return 1; | |
852 | } else { | |
853 | bgp_notify_send( | |
854 | new, BGP_NOTIFY_CEASE, | |
855 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
856 | return -1; | |
857 | } | |
858 | else { | |
859 | /* 3. Otherwise, the local system closes newly | |
860 | created | |
861 | BGP connection (the one associated with the | |
862 | newly | |
863 | received OPEN message), and continues to use | |
864 | the | |
865 | existing one (the one that is already in the | |
866 | OpenConfirm state). */ | |
867 | if (CHECK_FLAG(peer->sflags, | |
868 | PEER_STATUS_ACCEPT_PEER)) { | |
869 | bgp_notify_send( | |
870 | peer, BGP_NOTIFY_CEASE, | |
871 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
872 | return 1; | |
873 | } else { | |
874 | bgp_notify_send( | |
875 | new, BGP_NOTIFY_CEASE, | |
876 | BGP_NOTIFY_CEASE_COLLISION_RESOLUTION); | |
877 | return -1; | |
878 | } | |
879 | } | |
880 | } | |
881 | } | |
882 | return 0; | |
883 | } | |
718e3744 | 884 | |
d62a17ae | 885 | static int bgp_open_receive(struct peer *peer, bgp_size_t size) |
886 | { | |
887 | int ret; | |
888 | u_char version; | |
889 | u_char optlen; | |
890 | u_int16_t holdtime; | |
891 | u_int16_t send_holdtime; | |
892 | as_t remote_as; | |
893 | as_t as4 = 0; | |
894 | struct in_addr remote_id; | |
895 | int mp_capability; | |
896 | u_int8_t notify_data_remote_as[2]; | |
897 | u_int8_t notify_data_remote_as4[4]; | |
898 | u_int8_t notify_data_remote_id[4]; | |
899 | u_int16_t *holdtime_ptr; | |
900 | ||
901 | /* Parse open packet. */ | |
902 | version = stream_getc(peer->ibuf); | |
903 | memcpy(notify_data_remote_as, stream_pnt(peer->ibuf), 2); | |
904 | remote_as = stream_getw(peer->ibuf); | |
905 | holdtime_ptr = (u_int16_t *)stream_pnt(peer->ibuf); | |
906 | holdtime = stream_getw(peer->ibuf); | |
907 | memcpy(notify_data_remote_id, stream_pnt(peer->ibuf), 4); | |
908 | remote_id.s_addr = stream_get_ipv4(peer->ibuf); | |
909 | ||
910 | /* Receive OPEN message log */ | |
911 | if (bgp_debug_neighbor_events(peer)) | |
912 | zlog_debug( | |
913 | "%s rcv OPEN, version %d, remote-as (in open) %u," | |
914 | " holdtime %d, id %s", | |
915 | peer->host, version, remote_as, holdtime, | |
916 | inet_ntoa(remote_id)); | |
917 | ||
918 | /* BEGIN to read the capability here, but dont do it yet */ | |
919 | mp_capability = 0; | |
920 | optlen = stream_getc(peer->ibuf); | |
921 | ||
922 | if (optlen != 0) { | |
923 | /* If not enough bytes, it is an error. */ | |
924 | if (STREAM_READABLE(peer->ibuf) < optlen) { | |
925 | bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR, | |
926 | BGP_NOTIFY_OPEN_MALFORMED_ATTR); | |
927 | return -1; | |
928 | } | |
718e3744 | 929 | |
d62a17ae | 930 | /* We need the as4 capability value *right now* because |
931 | * if it is there, we have not got the remote_as yet, and | |
932 | * without | |
933 | * that we do not know which peer is connecting to us now. | |
934 | */ | |
935 | as4 = peek_for_as4_capability(peer, optlen); | |
936 | memcpy(notify_data_remote_as4, &as4, 4); | |
937 | } | |
718e3744 | 938 | |
d62a17ae | 939 | /* Just in case we have a silly peer who sends AS4 capability set to 0 |
940 | */ | |
941 | if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) { | |
942 | zlog_err("%s bad OPEN, got AS4 capability, but AS4 set to 0", | |
943 | peer->host); | |
944 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
945 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
946 | notify_data_remote_as4, 4); | |
947 | return -1; | |
948 | } | |
718e3744 | 949 | |
d62a17ae | 950 | if (remote_as == BGP_AS_TRANS) { |
951 | /* Take the AS4 from the capability. We must have received the | |
952 | * capability now! Otherwise we have a asn16 peer who uses | |
953 | * BGP_AS_TRANS, for some unknown reason. | |
954 | */ | |
955 | if (as4 == BGP_AS_TRANS) { | |
956 | zlog_err( | |
957 | "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed", | |
958 | peer->host); | |
959 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
960 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
961 | notify_data_remote_as4, 4); | |
962 | return -1; | |
963 | } | |
718e3744 | 964 | |
d62a17ae | 965 | if (!as4 && BGP_DEBUG(as4, AS4)) |
966 | zlog_debug( | |
967 | "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4." | |
968 | " Odd, but proceeding.", | |
969 | peer->host); | |
970 | else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4)) | |
971 | zlog_debug( | |
972 | "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits " | |
973 | "in 2-bytes, very odd peer.", | |
974 | peer->host, as4); | |
975 | if (as4) | |
976 | remote_as = as4; | |
977 | } else { | |
978 | /* We may have a partner with AS4 who has an asno < BGP_AS_MAX | |
979 | */ | |
980 | /* If we have got the capability, peer->as4cap must match | |
981 | * remote_as */ | |
982 | if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) | |
983 | && as4 != remote_as) { | |
984 | /* raise error, log this, close session */ | |
985 | zlog_err( | |
986 | "%s bad OPEN, got AS4 capability, but remote_as %u" | |
987 | " mismatch with 16bit 'myasn' %u in open", | |
988 | peer->host, as4, remote_as); | |
989 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
990 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
991 | notify_data_remote_as4, 4); | |
992 | return -1; | |
993 | } | |
994 | } | |
6b0655a2 | 995 | |
d62a17ae | 996 | /* remote router-id check. */ |
997 | if (remote_id.s_addr == 0 || IPV4_CLASS_DE(ntohl(remote_id.s_addr)) | |
998 | || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) { | |
999 | if (bgp_debug_neighbor_events(peer)) | |
1000 | zlog_debug("%s bad OPEN, wrong router identifier %s", | |
1001 | peer->host, inet_ntoa(remote_id)); | |
1002 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1003 | BGP_NOTIFY_OPEN_BAD_BGP_IDENT, | |
1004 | notify_data_remote_id, 4); | |
1005 | return -1; | |
1006 | } | |
1007 | ||
1008 | /* Set remote router-id */ | |
1009 | peer->remote_id = remote_id; | |
1010 | ||
1011 | /* Peer BGP version check. */ | |
1012 | if (version != BGP_VERSION_4) { | |
1013 | u_int16_t maxver = htons(BGP_VERSION_4); | |
1014 | /* XXX this reply may not be correct if version < 4 XXX */ | |
1015 | if (bgp_debug_neighbor_events(peer)) | |
1016 | zlog_debug( | |
1017 | "%s bad protocol version, remote requested %d, local request %d", | |
1018 | peer->host, version, BGP_VERSION_4); | |
1019 | /* Data must be in network byte order here */ | |
1020 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1021 | BGP_NOTIFY_OPEN_UNSUP_VERSION, | |
1022 | (u_int8_t *)&maxver, 2); | |
1023 | return -1; | |
1024 | } | |
1025 | ||
1026 | /* Check neighbor as number. */ | |
1027 | if (peer->as_type == AS_UNSPECIFIED) { | |
1028 | if (bgp_debug_neighbor_events(peer)) | |
1029 | zlog_debug( | |
1030 | "%s bad OPEN, remote AS is unspecified currently", | |
1031 | peer->host); | |
1032 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1033 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1034 | notify_data_remote_as, 2); | |
1ff9a340 | 1035 | return -1; |
d62a17ae | 1036 | } else if (peer->as_type == AS_INTERNAL) { |
1037 | if (remote_as != peer->bgp->as) { | |
1038 | if (bgp_debug_neighbor_events(peer)) | |
1039 | zlog_debug( | |
1040 | "%s bad OPEN, remote AS is %u, internal specified", | |
1041 | peer->host, remote_as); | |
1042 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1043 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1044 | notify_data_remote_as, 2); | |
1045 | return -1; | |
1ff9a340 | 1046 | } |
d62a17ae | 1047 | peer->as = peer->local_as; |
1048 | } else if (peer->as_type == AS_EXTERNAL) { | |
1049 | if (remote_as == peer->bgp->as) { | |
1050 | if (bgp_debug_neighbor_events(peer)) | |
1051 | zlog_debug( | |
1052 | "%s bad OPEN, remote AS is %u, external specified", | |
1053 | peer->host, remote_as); | |
1054 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1055 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1056 | notify_data_remote_as, 2); | |
1057 | return -1; | |
1ff9a340 | 1058 | } |
d62a17ae | 1059 | peer->as = remote_as; |
1060 | } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) { | |
1061 | if (bgp_debug_neighbor_events(peer)) | |
1062 | zlog_debug("%s bad OPEN, remote AS is %u, expected %u", | |
1063 | peer->host, remote_as, peer->as); | |
1064 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1065 | BGP_NOTIFY_OPEN_BAD_PEER_AS, | |
1066 | notify_data_remote_as, 2); | |
1067 | return -1; | |
eb821189 | 1068 | } |
718e3744 | 1069 | |
d62a17ae | 1070 | /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST |
1071 | calculate the value of the Hold Timer by using the smaller of its | |
1072 | configured Hold Time and the Hold Time received in the OPEN message. | |
1073 | The Hold Time MUST be either zero or at least three seconds. An | |
1074 | implementation may reject connections on the basis of the Hold Time. | |
0b2aa3a0 | 1075 | */ |
d62a17ae | 1076 | |
1077 | if (holdtime < 3 && holdtime != 0) { | |
1078 | bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR, | |
1079 | BGP_NOTIFY_OPEN_UNACEP_HOLDTIME, | |
1080 | (u_char *)holdtime_ptr, 2); | |
1081 | return -1; | |
0b2aa3a0 | 1082 | } |
d62a17ae | 1083 | |
1084 | /* From the rfc: A reasonable maximum time between KEEPALIVE messages | |
1085 | would be one third of the Hold Time interval. KEEPALIVE messages | |
1086 | MUST NOT be sent more frequently than one per second. An | |
1087 | implementation MAY adjust the rate at which it sends KEEPALIVE | |
1088 | messages as a function of the Hold Time interval. */ | |
1089 | ||
1090 | if (CHECK_FLAG(peer->config, PEER_CONFIG_TIMER)) | |
1091 | send_holdtime = peer->holdtime; | |
1092 | else | |
1093 | send_holdtime = peer->bgp->default_holdtime; | |
1094 | ||
1095 | if (holdtime < send_holdtime) | |
1096 | peer->v_holdtime = holdtime; | |
1097 | else | |
1098 | peer->v_holdtime = send_holdtime; | |
1099 | ||
1100 | if (CHECK_FLAG(peer->config, PEER_CONFIG_TIMER)) | |
1101 | peer->v_keepalive = peer->keepalive; | |
1102 | else | |
1103 | peer->v_keepalive = peer->v_holdtime / 3; | |
1104 | ||
1105 | /* Open option part parse. */ | |
1106 | if (optlen != 0) { | |
1107 | if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability)) | |
1108 | < 0) | |
1109 | return ret; | |
1110 | } else { | |
1111 | if (bgp_debug_neighbor_events(peer)) | |
1112 | zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0", | |
1113 | peer->host); | |
0299c004 | 1114 | } |
d62a17ae | 1115 | |
1116 | /* | |
1117 | * Assume that the peer supports the locally configured set of | |
1118 | * AFI/SAFIs if the peer did not send us any Mulitiprotocol | |
1119 | * capabilities, or if 'override-capability' is configured. | |
1120 | */ | |
1121 | if (!mp_capability | |
1122 | || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) { | |
1123 | peer->afc_nego[AFI_IP][SAFI_UNICAST] = | |
1124 | peer->afc[AFI_IP][SAFI_UNICAST]; | |
1125 | peer->afc_nego[AFI_IP][SAFI_MULTICAST] = | |
1126 | peer->afc[AFI_IP][SAFI_MULTICAST]; | |
1127 | peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] = | |
1128 | peer->afc[AFI_IP][SAFI_LABELED_UNICAST]; | |
1129 | peer->afc_nego[AFI_IP6][SAFI_UNICAST] = | |
1130 | peer->afc[AFI_IP6][SAFI_UNICAST]; | |
1131 | peer->afc_nego[AFI_IP6][SAFI_MULTICAST] = | |
1132 | peer->afc[AFI_IP6][SAFI_MULTICAST]; | |
1133 | peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] = | |
1134 | peer->afc[AFI_IP6][SAFI_LABELED_UNICAST]; | |
1135 | peer->afc_nego[AFI_L2VPN][SAFI_EVPN] = | |
1136 | peer->afc[AFI_L2VPN][SAFI_EVPN]; | |
0299c004 | 1137 | } |
d62a17ae | 1138 | |
1139 | /* When collision is detected and this peer is closed. Retrun | |
1140 | immidiately. */ | |
1141 | ret = bgp_collision_detect(peer, remote_id); | |
1142 | if (ret < 0) | |
1143 | return ret; | |
1144 | ||
1145 | /* Get sockname. */ | |
1146 | if ((ret = bgp_getsockname(peer)) < 0) { | |
1147 | zlog_err("%s: bgp_getsockname() failed for peer: %s", | |
1148 | __FUNCTION__, peer->host); | |
1149 | return (ret); | |
1150 | } | |
1151 | ||
1152 | /* Verify valid local address present based on negotiated | |
1153 | * address-families. */ | |
1154 | if (peer->afc_nego[AFI_IP][SAFI_UNICAST] | |
1155 | || peer->afc_nego[AFI_IP][SAFI_MULTICAST] | |
1156 | || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN] | |
1157 | || peer->afc_nego[AFI_IP][SAFI_ENCAP]) { | |
1158 | if (!peer->nexthop.v4.s_addr) { | |
1159 | #if defined(HAVE_CUMULUS) | |
1160 | zlog_err( | |
1161 | "%s: No local IPv4 addr resetting connection, fd %d", | |
1162 | peer->host, peer->fd); | |
1163 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, | |
1164 | BGP_NOTIFY_SUBCODE_UNSPECIFIC); | |
1165 | return -1; | |
1d808091 | 1166 | #endif |
d62a17ae | 1167 | } |
1168 | } | |
1169 | if (peer->afc_nego[AFI_IP6][SAFI_UNICAST] | |
1170 | || peer->afc_nego[AFI_IP6][SAFI_MULTICAST] | |
1171 | || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN] | |
1172 | || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) { | |
1173 | if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) { | |
1174 | #if defined(HAVE_CUMULUS) | |
1175 | zlog_err( | |
1176 | "%s: No local IPv6 addr resetting connection, fd %d", | |
1177 | peer->host, peer->fd); | |
1178 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, | |
1179 | BGP_NOTIFY_SUBCODE_UNSPECIFIC); | |
1180 | return -1; | |
1d808091 | 1181 | #endif |
d62a17ae | 1182 | } |
1183 | } | |
1184 | peer->rtt = sockopt_tcp_rtt(peer->fd); | |
1185 | ||
1186 | if ((ret = bgp_event_update(peer, Receive_OPEN_message)) < 0) { | |
1187 | zlog_err("%s: BGP event update failed for peer: %s", | |
1188 | __FUNCTION__, peer->host); | |
1189 | /* DD: bgp send notify and reset state */ | |
1190 | return (ret); | |
1191 | } | |
1192 | ||
1193 | peer->packet_size = 0; | |
1194 | if (peer->ibuf) | |
1195 | stream_reset(peer->ibuf); | |
1196 | ||
1197 | return 0; | |
718e3744 | 1198 | } |
1199 | ||
d62a17ae | 1200 | /* Called when there is a change in the EOR(implicit or explicit) status of a |
1201 | peer. | |
f188f2c4 | 1202 | Ends the update-delay if all expected peers are done with EORs. */ |
d62a17ae | 1203 | void bgp_check_update_delay(struct bgp *bgp) |
f188f2c4 | 1204 | { |
d62a17ae | 1205 | struct listnode *node, *nnode; |
1206 | struct peer *peer = NULL; | |
1207 | ||
1208 | if (bgp_debug_neighbor_events(peer)) | |
1209 | zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d", | |
1210 | bgp->established, bgp->restarted_peers, | |
1211 | bgp->implicit_eors, bgp->explicit_eors); | |
1212 | ||
1213 | if (bgp->established | |
1214 | <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) { | |
1215 | /* This is an extra sanity check to make sure we wait for all | |
1216 | the | |
1217 | eligible configured peers. This check is performed if | |
1218 | establish wait | |
1219 | timer is on, or establish wait option is not given with the | |
1220 | update-delay command */ | |
1221 | if (bgp->t_establish_wait | |
1222 | || (bgp->v_establish_wait == bgp->v_update_delay)) | |
1223 | for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) { | |
1224 | if (CHECK_FLAG(peer->flags, | |
1225 | PEER_FLAG_CONFIG_NODE) | |
1226 | && !CHECK_FLAG(peer->flags, | |
1227 | PEER_FLAG_SHUTDOWN) | |
1228 | && !peer->update_delay_over) { | |
1229 | if (bgp_debug_neighbor_events(peer)) | |
1230 | zlog_debug( | |
1231 | " Peer %s pending, continuing read-only mode", | |
1232 | peer->host); | |
1233 | return; | |
1234 | } | |
1235 | } | |
1236 | ||
1237 | zlog_info( | |
1238 | "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d", | |
1239 | bgp->restarted_peers, bgp->implicit_eors, | |
1240 | bgp->explicit_eors); | |
1241 | bgp_update_delay_end(bgp); | |
1242 | } | |
f188f2c4 DS |
1243 | } |
1244 | ||
1245 | /* Called if peer is known to have restarted. The restart-state bit in | |
1246 | Graceful-Restart capability is used for that */ | |
d62a17ae | 1247 | void bgp_update_restarted_peers(struct peer *peer) |
f188f2c4 | 1248 | { |
d62a17ae | 1249 | if (!bgp_update_delay_active(peer->bgp)) |
1250 | return; /* BGP update delay has ended */ | |
1251 | if (peer->update_delay_over) | |
1252 | return; /* This peer has already been considered */ | |
1253 | ||
1254 | if (bgp_debug_neighbor_events(peer)) | |
1255 | zlog_debug("Peer %s: Checking restarted", peer->host); | |
1256 | ||
1257 | if (peer->status == Established) { | |
1258 | peer->update_delay_over = 1; | |
1259 | peer->bgp->restarted_peers++; | |
1260 | bgp_check_update_delay(peer->bgp); | |
1261 | } | |
f188f2c4 DS |
1262 | } |
1263 | ||
1264 | /* Called as peer receives a keep-alive. Determines if this occurence can be | |
1265 | taken as an implicit EOR for this peer. | |
1266 | NOTE: The very first keep-alive after the Established state of a peer is | |
d62a17ae | 1267 | considered implicit EOR for the update-delay purposes */ |
1268 | void bgp_update_implicit_eors(struct peer *peer) | |
f188f2c4 | 1269 | { |
d62a17ae | 1270 | if (!bgp_update_delay_active(peer->bgp)) |
1271 | return; /* BGP update delay has ended */ | |
1272 | if (peer->update_delay_over) | |
1273 | return; /* This peer has already been considered */ | |
1274 | ||
1275 | if (bgp_debug_neighbor_events(peer)) | |
1276 | zlog_debug("Peer %s: Checking implicit EORs", peer->host); | |
1277 | ||
1278 | if (peer->status == Established) { | |
1279 | peer->update_delay_over = 1; | |
1280 | peer->bgp->implicit_eors++; | |
1281 | bgp_check_update_delay(peer->bgp); | |
1282 | } | |
f188f2c4 DS |
1283 | } |
1284 | ||
1285 | /* Should be called only when there is a change in the EOR_RECEIVED status | |
1286 | for any afi/safi on a peer */ | |
d62a17ae | 1287 | static void bgp_update_explicit_eors(struct peer *peer) |
f188f2c4 | 1288 | { |
d62a17ae | 1289 | afi_t afi; |
1290 | safi_t safi; | |
1291 | ||
1292 | if (!bgp_update_delay_active(peer->bgp)) | |
1293 | return; /* BGP update delay has ended */ | |
1294 | if (peer->update_delay_over) | |
1295 | return; /* This peer has already been considered */ | |
1296 | ||
1297 | if (bgp_debug_neighbor_events(peer)) | |
1298 | zlog_debug("Peer %s: Checking explicit EORs", peer->host); | |
1299 | ||
1300 | for (afi = AFI_IP; afi < AFI_MAX; afi++) | |
1301 | for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) { | |
1302 | if (peer->afc_nego[afi][safi] | |
1303 | && !CHECK_FLAG(peer->af_sflags[afi][safi], | |
1304 | PEER_STATUS_EOR_RECEIVED)) { | |
1305 | if (bgp_debug_neighbor_events(peer)) | |
1306 | zlog_debug( | |
1307 | " afi %d safi %d didnt receive EOR", | |
1308 | afi, safi); | |
1309 | return; | |
1310 | } | |
1311 | } | |
1312 | ||
1313 | peer->update_delay_over = 1; | |
1314 | peer->bgp->explicit_eors++; | |
1315 | bgp_check_update_delay(peer->bgp); | |
f188f2c4 DS |
1316 | } |
1317 | ||
d62a17ae | 1318 | /* Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers |
1319 | * mp_withdraw, if set, is used to nullify attr structure on most of the calling | |
1320 | * safi function | |
7ef5a232 PG |
1321 | * and for evpn, passed as parameter |
1322 | */ | |
d62a17ae | 1323 | int bgp_nlri_parse(struct peer *peer, struct attr *attr, |
1324 | struct bgp_nlri *packet, int mp_withdraw) | |
96e52474 | 1325 | { |
d62a17ae | 1326 | switch (packet->safi) { |
1327 | case SAFI_UNICAST: | |
1328 | case SAFI_MULTICAST: | |
1329 | return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr, | |
1330 | packet); | |
1331 | case SAFI_LABELED_UNICAST: | |
1332 | return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr, | |
1333 | packet); | |
1334 | case SAFI_MPLS_VPN: | |
1335 | return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr, | |
1336 | packet); | |
1337 | case SAFI_EVPN: | |
1338 | return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw); | |
1339 | } | |
1340 | return -1; | |
96e52474 PJ |
1341 | } |
1342 | ||
718e3744 | 1343 | /* Parse BGP Update packet and make attribute object. */ |
d62a17ae | 1344 | static int bgp_update_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 1345 | { |
d62a17ae | 1346 | int ret, nlri_ret; |
1347 | u_char *end; | |
1348 | struct stream *s; | |
1349 | struct attr attr; | |
1350 | bgp_size_t attribute_len; | |
1351 | bgp_size_t update_len; | |
1352 | bgp_size_t withdraw_len; | |
1353 | ||
1354 | enum NLRI_TYPES { | |
1355 | NLRI_UPDATE, | |
1356 | NLRI_WITHDRAW, | |
1357 | NLRI_MP_UPDATE, | |
1358 | NLRI_MP_WITHDRAW, | |
1359 | NLRI_TYPE_MAX | |
1360 | }; | |
1361 | struct bgp_nlri nlris[NLRI_TYPE_MAX]; | |
1362 | ||
1363 | /* Status must be Established. */ | |
1364 | if (peer->status != Established) { | |
1365 | zlog_err("%s [FSM] Update packet received under status %s", | |
1366 | peer->host, | |
1367 | lookup_msg(bgp_status_msg, peer->status, NULL)); | |
1368 | bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0); | |
1369 | return -1; | |
1370 | } | |
1371 | ||
1372 | /* Set initial values. */ | |
1373 | memset(&attr, 0, sizeof(struct attr)); | |
1374 | attr.label_index = BGP_INVALID_LABEL_INDEX; | |
1375 | attr.label = MPLS_INVALID_LABEL; | |
1376 | memset(&nlris, 0, sizeof(nlris)); | |
1377 | memset(peer->rcvd_attr_str, 0, BUFSIZ); | |
1378 | peer->rcvd_attr_printed = 0; | |
1379 | ||
1380 | s = peer->ibuf; | |
1381 | end = stream_pnt(s) + size; | |
1382 | ||
1383 | /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute | |
1384 | Length is too large (i.e., if Unfeasible Routes Length + Total | |
1385 | Attribute Length + 23 exceeds the message Length), then the Error | |
1386 | Subcode is set to Malformed Attribute List. */ | |
1387 | if (stream_pnt(s) + 2 > end) { | |
1388 | zlog_err( | |
1389 | "%s [Error] Update packet error" | |
1390 | " (packet length is short for unfeasible length)", | |
1391 | peer->host); | |
1392 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1393 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
1394 | return -1; | |
1395 | } | |
1396 | ||
1397 | /* Unfeasible Route Length. */ | |
1398 | withdraw_len = stream_getw(s); | |
1399 | ||
1400 | /* Unfeasible Route Length check. */ | |
1401 | if (stream_pnt(s) + withdraw_len > end) { | |
1402 | zlog_err( | |
1403 | "%s [Error] Update packet error" | |
1404 | " (packet unfeasible length overflow %d)", | |
1405 | peer->host, withdraw_len); | |
1406 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1407 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
1408 | return -1; | |
1409 | } | |
1410 | ||
1411 | /* Unfeasible Route packet format check. */ | |
1412 | if (withdraw_len > 0) { | |
1413 | nlris[NLRI_WITHDRAW].afi = AFI_IP; | |
1414 | nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST; | |
1415 | nlris[NLRI_WITHDRAW].nlri = stream_pnt(s); | |
1416 | nlris[NLRI_WITHDRAW].length = withdraw_len; | |
1417 | stream_forward_getp(s, withdraw_len); | |
1418 | } | |
1419 | ||
1420 | /* Attribute total length check. */ | |
1421 | if (stream_pnt(s) + 2 > end) { | |
1422 | zlog_warn( | |
1423 | "%s [Error] Packet Error" | |
1424 | " (update packet is short for attribute length)", | |
1425 | peer->host); | |
1426 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1427 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
1428 | return -1; | |
1429 | } | |
1430 | ||
1431 | /* Fetch attribute total length. */ | |
1432 | attribute_len = stream_getw(s); | |
1433 | ||
1434 | /* Attribute length check. */ | |
1435 | if (stream_pnt(s) + attribute_len > end) { | |
1436 | zlog_warn( | |
1437 | "%s [Error] Packet Error" | |
1438 | " (update packet attribute length overflow %d)", | |
1439 | peer->host, attribute_len); | |
1440 | bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, | |
1441 | BGP_NOTIFY_UPDATE_MAL_ATTR); | |
1442 | return -1; | |
1443 | } | |
1444 | ||
1445 | /* Certain attribute parsing errors should not be considered bad enough | |
1446 | * to reset the session for, most particularly any partial/optional | |
1447 | * attributes that have 'tunneled' over speakers that don't understand | |
1448 | * them. Instead we withdraw only the prefix concerned. | |
1449 | * | |
1450 | * Complicates the flow a little though.. | |
1451 | */ | |
1452 | bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED; | |
1453 | /* This define morphs the update case into a withdraw when lower levels | |
1454 | * have signalled an error condition where this is best. | |
1455 | */ | |
b881c707 | 1456 | #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL) |
718e3744 | 1457 | |
d62a17ae | 1458 | /* Parse attribute when it exists. */ |
1459 | if (attribute_len) { | |
1460 | attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len, | |
1461 | &nlris[NLRI_MP_UPDATE], | |
1462 | &nlris[NLRI_MP_WITHDRAW]); | |
1463 | if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) { | |
1464 | bgp_attr_unintern_sub(&attr); | |
1465 | return -1; | |
1466 | } | |
1467 | } | |
1468 | ||
1469 | /* Logging the attribute. */ | |
1470 | if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW | |
1471 | || BGP_DEBUG(update, UPDATE_IN) | |
1472 | || BGP_DEBUG(update, UPDATE_PREFIX)) { | |
1473 | ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ); | |
1474 | ||
1475 | if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW) | |
1476 | zlog_err( | |
1477 | "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.", | |
1478 | peer->host); | |
1479 | ||
1480 | if (ret && bgp_debug_update(peer, NULL, NULL, 1)) { | |
1481 | zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host, | |
1482 | peer->rcvd_attr_str); | |
1483 | peer->rcvd_attr_printed = 1; | |
1484 | } | |
1485 | } | |
1486 | ||
1487 | /* Network Layer Reachability Information. */ | |
1488 | update_len = end - stream_pnt(s); | |
1489 | ||
1490 | if (update_len) { | |
1491 | /* Set NLRI portion to structure. */ | |
1492 | nlris[NLRI_UPDATE].afi = AFI_IP; | |
1493 | nlris[NLRI_UPDATE].safi = SAFI_UNICAST; | |
1494 | nlris[NLRI_UPDATE].nlri = stream_pnt(s); | |
1495 | nlris[NLRI_UPDATE].length = update_len; | |
1496 | stream_forward_getp(s, update_len); | |
1497 | } | |
1498 | ||
1499 | if (BGP_DEBUG(update, UPDATE_IN)) | |
1500 | zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d", | |
1501 | peer->host, withdraw_len, attribute_len, update_len); | |
1502 | ||
1503 | /* Parse any given NLRIs */ | |
1504 | for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) { | |
1505 | if (!nlris[i].nlri) | |
1506 | continue; | |
1507 | ||
1508 | /* NLRI is processed iff the peer if configured for the specific | |
1509 | * afi/safi */ | |
1510 | if (!peer->afc[nlris[i].afi][nlris[i].safi]) { | |
1511 | zlog_info( | |
1512 | "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u", | |
1513 | peer->host, nlris[i].afi, nlris[i].safi); | |
1514 | continue; | |
1515 | } | |
1516 | ||
1517 | /* EoR handled later */ | |
1518 | if (nlris[i].length == 0) | |
1519 | continue; | |
1520 | ||
1521 | switch (i) { | |
1522 | case NLRI_UPDATE: | |
1523 | case NLRI_MP_UPDATE: | |
1524 | nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG, | |
1525 | &nlris[i], 0); | |
1526 | break; | |
1527 | case NLRI_WITHDRAW: | |
1528 | case NLRI_MP_WITHDRAW: | |
1529 | nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1); | |
1530 | break; | |
1531 | default: | |
1532 | nlri_ret = -1; | |
1533 | } | |
1534 | ||
1535 | if (nlri_ret < 0) { | |
1536 | zlog_err("%s [Error] Error parsing NLRI", peer->host); | |
1537 | if (peer->status == Established) | |
1538 | bgp_notify_send( | |
1539 | peer, BGP_NOTIFY_UPDATE_ERR, | |
1540 | i <= NLRI_WITHDRAW | |
1541 | ? BGP_NOTIFY_UPDATE_INVAL_NETWORK | |
1542 | : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR); | |
1543 | bgp_attr_unintern_sub(&attr); | |
1544 | return -1; | |
1545 | } | |
1546 | } | |
1547 | ||
1548 | /* EoR checks | |
1549 | * | |
1550 | * Non-MP IPv4/Unicast EoR is a completely empty UPDATE | |
1551 | * and MP EoR should have only an empty MP_UNREACH | |
1552 | */ | |
1553 | if (!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0) { | |
1554 | afi_t afi = 0; | |
1555 | safi_t safi; | |
1556 | ||
1557 | /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already | |
1558 | * checked | |
1559 | * update and withdraw NLRI lengths are 0. | |
1560 | */ | |
1561 | if (!attribute_len) { | |
1562 | afi = AFI_IP; | |
1563 | safi = SAFI_UNICAST; | |
1564 | } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI) | |
1565 | && nlris[NLRI_MP_WITHDRAW].length == 0) { | |
1566 | afi = nlris[NLRI_MP_WITHDRAW].afi; | |
1567 | safi = nlris[NLRI_MP_WITHDRAW].safi; | |
1568 | } | |
1569 | ||
1570 | if (afi && peer->afc[afi][safi]) { | |
1571 | /* End-of-RIB received */ | |
1572 | if (!CHECK_FLAG(peer->af_sflags[afi][safi], | |
1573 | PEER_STATUS_EOR_RECEIVED)) { | |
1574 | SET_FLAG(peer->af_sflags[afi][safi], | |
1575 | PEER_STATUS_EOR_RECEIVED); | |
1576 | bgp_update_explicit_eors(peer); | |
1577 | } | |
1578 | ||
1579 | /* NSF delete stale route */ | |
1580 | if (peer->nsf[afi][safi]) | |
1581 | bgp_clear_stale_route(peer, afi, safi); | |
1582 | ||
1583 | if (bgp_debug_neighbor_events(peer)) { | |
1584 | zlog_debug("rcvd End-of-RIB for %s from %s", | |
1585 | afi_safi_print(afi, safi), | |
1586 | peer->host); | |
1587 | } | |
1588 | } | |
f80f838b | 1589 | } |
d62a17ae | 1590 | |
1591 | /* Everything is done. We unintern temporary structures which | |
1592 | interned in bgp_attr_parse(). */ | |
1593 | bgp_attr_unintern_sub(&attr); | |
1594 | ||
1595 | /* If peering is stopped due to some reason, do not generate BGP | |
1596 | event. */ | |
1597 | if (peer->status != Established) | |
1598 | return 0; | |
1599 | ||
1600 | /* Increment packet counter. */ | |
1601 | peer->update_in++; | |
1602 | peer->update_time = bgp_clock(); | |
1603 | ||
1604 | /* Rearm holdtime timer */ | |
1605 | BGP_TIMER_OFF(peer->t_holdtime); | |
1606 | bgp_timer_set(peer); | |
1607 | ||
1608 | return 0; | |
718e3744 | 1609 | } |
1610 | ||
1611 | /* Notify message treatment function. */ | |
d62a17ae | 1612 | static void bgp_notify_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 1613 | { |
d62a17ae | 1614 | struct bgp_notify bgp_notify; |
1615 | ||
1616 | if (peer->notify.data) { | |
1617 | XFREE(MTYPE_TMP, peer->notify.data); | |
1618 | peer->notify.data = NULL; | |
1619 | peer->notify.length = 0; | |
1620 | } | |
1621 | ||
1622 | bgp_notify.code = stream_getc(peer->ibuf); | |
1623 | bgp_notify.subcode = stream_getc(peer->ibuf); | |
1624 | bgp_notify.length = size - 2; | |
1625 | bgp_notify.data = NULL; | |
1626 | ||
1627 | /* Preserv notify code and sub code. */ | |
1628 | peer->notify.code = bgp_notify.code; | |
1629 | peer->notify.subcode = bgp_notify.subcode; | |
1630 | /* For further diagnostic record returned Data. */ | |
1631 | if (bgp_notify.length) { | |
1632 | peer->notify.length = size - 2; | |
1633 | peer->notify.data = XMALLOC(MTYPE_TMP, size - 2); | |
1634 | memcpy(peer->notify.data, stream_pnt(peer->ibuf), size - 2); | |
1635 | } | |
1636 | ||
1637 | /* For debug */ | |
1638 | { | |
1639 | int i; | |
1640 | int first = 0; | |
1641 | char c[4]; | |
1642 | ||
1643 | if (bgp_notify.length) { | |
1644 | bgp_notify.data = | |
1645 | XMALLOC(MTYPE_TMP, bgp_notify.length * 3); | |
1646 | for (i = 0; i < bgp_notify.length; i++) | |
1647 | if (first) { | |
1648 | sprintf(c, " %02x", | |
1649 | stream_getc(peer->ibuf)); | |
1650 | strcat(bgp_notify.data, c); | |
1651 | } else { | |
1652 | first = 1; | |
1653 | sprintf(c, "%02x", | |
1654 | stream_getc(peer->ibuf)); | |
1655 | strcpy(bgp_notify.data, c); | |
1656 | } | |
1657 | bgp_notify.raw_data = (u_char *)peer->notify.data; | |
1658 | } | |
1659 | ||
1660 | bgp_notify_print(peer, &bgp_notify, "received"); | |
1661 | if (bgp_notify.data) { | |
1662 | XFREE(MTYPE_TMP, bgp_notify.data); | |
1663 | bgp_notify.data = NULL; | |
1664 | bgp_notify.length = 0; | |
1665 | } | |
1666 | } | |
1667 | ||
1668 | /* peer count update */ | |
1669 | peer->notify_in++; | |
1670 | ||
1671 | peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED; | |
1672 | ||
1673 | /* We have to check for Notify with Unsupported Optional Parameter. | |
1674 | in that case we fallback to open without the capability option. | |
1675 | But this done in bgp_stop. We just mark it here to avoid changing | |
1676 | the fsm tables. */ | |
1677 | if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR | |
1678 | && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM) | |
1679 | UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN); | |
1680 | ||
1681 | BGP_EVENT_ADD(peer, Receive_NOTIFICATION_message); | |
718e3744 | 1682 | } |
1683 | ||
1684 | /* Keepalive treatment function -- get keepalive send keepalive */ | |
d62a17ae | 1685 | static void bgp_keepalive_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 1686 | { |
d62a17ae | 1687 | if (bgp_debug_keepalive(peer)) |
1688 | zlog_debug("%s KEEPALIVE rcvd", peer->host); | |
1689 | ||
1690 | BGP_EVENT_ADD(peer, Receive_KEEPALIVE_message); | |
718e3744 | 1691 | } |
1692 | ||
1693 | /* Route refresh message is received. */ | |
d62a17ae | 1694 | static void bgp_route_refresh_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 1695 | { |
d62a17ae | 1696 | iana_afi_t pkt_afi; |
1697 | afi_t afi; | |
1698 | safi_t pkt_safi, safi; | |
1699 | struct stream *s; | |
1700 | struct peer_af *paf; | |
1701 | struct update_group *updgrp; | |
1702 | struct peer *updgrp_peer; | |
1703 | ||
1704 | /* If peer does not have the capability, send notification. */ | |
1705 | if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) { | |
1706 | zlog_err("%s [Error] BGP route refresh is not enabled", | |
1707 | peer->host); | |
1708 | bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, | |
1709 | BGP_NOTIFY_HEADER_BAD_MESTYPE); | |
1710 | return; | |
1711 | } | |
1712 | ||
1713 | /* Status must be Established. */ | |
1714 | if (peer->status != Established) { | |
1715 | zlog_err( | |
1716 | "%s [Error] Route refresh packet received under status %s", | |
1717 | peer->host, | |
1718 | lookup_msg(bgp_status_msg, peer->status, NULL)); | |
1719 | bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0); | |
1720 | return; | |
1721 | } | |
1722 | ||
1723 | s = peer->ibuf; | |
1724 | ||
1725 | /* Parse packet. */ | |
1726 | pkt_afi = stream_getw(s); | |
1727 | (void)stream_getc(s); | |
1728 | pkt_safi = stream_getc(s); | |
1729 | ||
1730 | if (bgp_debug_update(peer, NULL, NULL, 0)) | |
1731 | zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %d/%d", | |
1732 | peer->host, pkt_afi, pkt_safi); | |
1733 | ||
1734 | /* Convert AFI, SAFI to internal values and check. */ | |
1735 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) { | |
1736 | zlog_info( | |
1737 | "%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored", | |
1738 | peer->host, pkt_afi, pkt_safi); | |
1739 | return; | |
1740 | } | |
1741 | ||
1742 | if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) { | |
1743 | u_char *end; | |
1744 | u_char when_to_refresh; | |
1745 | u_char orf_type; | |
1746 | u_int16_t orf_len; | |
1747 | ||
1748 | if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) | |
1749 | < 5) { | |
1750 | zlog_info("%s ORF route refresh length error", | |
1751 | peer->host); | |
1752 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
1753 | return; | |
718e3744 | 1754 | } |
1755 | ||
d62a17ae | 1756 | when_to_refresh = stream_getc(s); |
1757 | end = stream_pnt(s) + (size - 5); | |
1758 | ||
1759 | while ((stream_pnt(s) + 2) < end) { | |
1760 | orf_type = stream_getc(s); | |
1761 | orf_len = stream_getw(s); | |
1762 | ||
1763 | /* orf_len in bounds? */ | |
1764 | if ((stream_pnt(s) + orf_len) > end) | |
1765 | break; /* XXX: Notify instead?? */ | |
1766 | if (orf_type == ORF_TYPE_PREFIX | |
1767 | || orf_type == ORF_TYPE_PREFIX_OLD) { | |
1768 | uint8_t *p_pnt = stream_pnt(s); | |
1769 | uint8_t *p_end = stream_pnt(s) + orf_len; | |
1770 | struct orf_prefix orfp; | |
1771 | u_char common = 0; | |
1772 | u_int32_t seq; | |
1773 | int psize; | |
1774 | char name[BUFSIZ]; | |
1775 | int ret = CMD_SUCCESS; | |
1776 | ||
1777 | if (bgp_debug_neighbor_events(peer)) { | |
1778 | zlog_debug( | |
1779 | "%s rcvd Prefixlist ORF(%d) length %d", | |
1780 | peer->host, orf_type, orf_len); | |
1781 | } | |
1782 | ||
1783 | /* we're going to read at least 1 byte of common | |
1784 | * ORF header, | |
1785 | * and 7 bytes of ORF Address-filter entry from | |
1786 | * the stream | |
1787 | */ | |
1788 | if (orf_len < 7) | |
1789 | break; | |
1790 | ||
1791 | /* ORF prefix-list name */ | |
1792 | sprintf(name, "%s.%d.%d", peer->host, afi, | |
1793 | safi); | |
1794 | ||
1795 | while (p_pnt < p_end) { | |
1796 | /* If the ORF entry is malformed, want | |
1797 | * to read as much of it | |
1798 | * as possible without going beyond the | |
1799 | * bounds of the entry, | |
1800 | * to maximise debug information. | |
1801 | */ | |
1802 | int ok; | |
1803 | memset(&orfp, 0, | |
1804 | sizeof(struct orf_prefix)); | |
1805 | common = *p_pnt++; | |
1806 | /* after ++: p_pnt <= p_end */ | |
1807 | if (common | |
1808 | & ORF_COMMON_PART_REMOVE_ALL) { | |
1809 | if (bgp_debug_neighbor_events( | |
1810 | peer)) | |
1811 | zlog_debug( | |
1812 | "%s rcvd Remove-All pfxlist ORF request", | |
1813 | peer->host); | |
1814 | prefix_bgp_orf_remove_all(afi, | |
1815 | name); | |
1816 | break; | |
1817 | } | |
1818 | ok = ((u_int32_t)(p_end - p_pnt) | |
1819 | >= sizeof(u_int32_t)); | |
1820 | if (ok) { | |
1821 | memcpy(&seq, p_pnt, | |
1822 | sizeof(u_int32_t)); | |
1823 | p_pnt += sizeof(u_int32_t); | |
1824 | orfp.seq = ntohl(seq); | |
1825 | } else | |
1826 | p_pnt = p_end; | |
1827 | ||
1828 | if ((ok = (p_pnt < p_end))) | |
1829 | orfp.ge = | |
1830 | *p_pnt++; /* value | |
1831 | checked in | |
1832 | prefix_bgp_orf_set() | |
1833 | */ | |
1834 | if ((ok = (p_pnt < p_end))) | |
1835 | orfp.le = | |
1836 | *p_pnt++; /* value | |
1837 | checked in | |
1838 | prefix_bgp_orf_set() | |
1839 | */ | |
1840 | if ((ok = (p_pnt < p_end))) | |
1841 | orfp.p.prefixlen = *p_pnt++; | |
1842 | orfp.p.family = afi2family( | |
1843 | afi); /* afi checked already */ | |
1844 | ||
1845 | psize = PSIZE( | |
1846 | orfp.p.prefixlen); /* 0 if not | |
1847 | ok */ | |
1848 | if (psize | |
1849 | > prefix_blen( | |
1850 | &orfp.p)) /* valid for | |
1851 | family ? */ | |
1852 | { | |
1853 | ok = 0; | |
1854 | psize = prefix_blen(&orfp.p); | |
1855 | } | |
1856 | if (psize | |
1857 | > (p_end - p_pnt)) /* valid for | |
1858 | packet ? */ | |
1859 | { | |
1860 | ok = 0; | |
1861 | psize = p_end - p_pnt; | |
1862 | } | |
1863 | ||
1864 | if (psize > 0) | |
1865 | memcpy(&orfp.p.u.prefix, p_pnt, | |
1866 | psize); | |
1867 | p_pnt += psize; | |
1868 | ||
1869 | if (bgp_debug_neighbor_events(peer)) { | |
1870 | char buf[INET6_BUFSIZ]; | |
1871 | ||
1872 | zlog_debug( | |
1873 | "%s rcvd %s %s seq %u %s/%d ge %d le %d%s", | |
1874 | peer->host, | |
1875 | (common & ORF_COMMON_PART_REMOVE | |
1876 | ? "Remove" | |
1877 | : "Add"), | |
1878 | (common & ORF_COMMON_PART_DENY | |
1879 | ? "deny" | |
1880 | : "permit"), | |
1881 | orfp.seq, | |
1882 | inet_ntop( | |
1883 | orfp.p.family, | |
1884 | &orfp.p.u.prefix, | |
1885 | buf, | |
1886 | INET6_BUFSIZ), | |
1887 | orfp.p.prefixlen, | |
1888 | orfp.ge, orfp.le, | |
1889 | ok ? "" : " MALFORMED"); | |
1890 | } | |
1891 | ||
1892 | if (ok) | |
1893 | ret = prefix_bgp_orf_set( | |
1894 | name, afi, &orfp, | |
1895 | (common & ORF_COMMON_PART_DENY | |
1896 | ? 0 | |
1897 | : 1), | |
1898 | (common & ORF_COMMON_PART_REMOVE | |
1899 | ? 0 | |
1900 | : 1)); | |
1901 | ||
1902 | if (!ok || (ok && ret != CMD_SUCCESS)) { | |
1903 | zlog_info( | |
1904 | "%s Received misformatted prefixlist ORF." | |
1905 | " Remove All pfxlist", | |
1906 | peer->host); | |
1907 | prefix_bgp_orf_remove_all(afi, | |
1908 | name); | |
1909 | break; | |
1910 | } | |
1911 | } | |
1912 | ||
1913 | peer->orf_plist[afi][safi] = | |
1914 | prefix_bgp_orf_lookup(afi, name); | |
1915 | } | |
1916 | stream_forward_getp(s, orf_len); | |
718e3744 | 1917 | } |
d62a17ae | 1918 | if (bgp_debug_neighbor_events(peer)) |
1919 | zlog_debug("%s rcvd Refresh %s ORF request", peer->host, | |
1920 | when_to_refresh == REFRESH_DEFER | |
1921 | ? "Defer" | |
1922 | : "Immediate"); | |
1923 | if (when_to_refresh == REFRESH_DEFER) | |
1924 | return; | |
1925 | } | |
40d2700d | 1926 | |
d62a17ae | 1927 | /* First update is deferred until ORF or ROUTE-REFRESH is received */ |
1928 | if (CHECK_FLAG(peer->af_sflags[afi][safi], | |
1929 | PEER_STATUS_ORF_WAIT_REFRESH)) | |
1930 | UNSET_FLAG(peer->af_sflags[afi][safi], | |
1931 | PEER_STATUS_ORF_WAIT_REFRESH); | |
1932 | ||
1933 | paf = peer_af_find(peer, afi, safi); | |
1934 | if (paf && paf->subgroup) { | |
1935 | if (peer->orf_plist[afi][safi]) { | |
1936 | updgrp = PAF_UPDGRP(paf); | |
1937 | updgrp_peer = UPDGRP_PEER(updgrp); | |
1938 | updgrp_peer->orf_plist[afi][safi] = | |
1939 | peer->orf_plist[afi][safi]; | |
1940 | } | |
1941 | ||
1942 | /* If the peer is configured for default-originate clear the | |
1943 | * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will | |
1944 | * re-advertise the | |
1945 | * default | |
1946 | */ | |
1947 | if (CHECK_FLAG(paf->subgroup->sflags, | |
1948 | SUBGRP_STATUS_DEFAULT_ORIGINATE)) | |
1949 | UNSET_FLAG(paf->subgroup->sflags, | |
1950 | SUBGRP_STATUS_DEFAULT_ORIGINATE); | |
718e3744 | 1951 | } |
d62a17ae | 1952 | |
1953 | /* Perform route refreshment to the peer */ | |
1954 | bgp_announce_route(peer, afi, safi); | |
718e3744 | 1955 | } |
1956 | ||
d62a17ae | 1957 | static int bgp_capability_msg_parse(struct peer *peer, u_char *pnt, |
1958 | bgp_size_t length) | |
718e3744 | 1959 | { |
d62a17ae | 1960 | u_char *end; |
1961 | struct capability_mp_data mpc; | |
1962 | struct capability_header *hdr; | |
1963 | u_char action; | |
1964 | iana_afi_t pkt_afi; | |
1965 | afi_t afi; | |
1966 | safi_t pkt_safi, safi; | |
1967 | ||
1968 | end = pnt + length; | |
1969 | ||
1970 | while (pnt < end) { | |
1971 | /* We need at least action, capability code and capability | |
1972 | * length. */ | |
1973 | if (pnt + 3 > end) { | |
1974 | zlog_info("%s Capability length error", peer->host); | |
1975 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
1976 | return -1; | |
1977 | } | |
1978 | action = *pnt; | |
1979 | hdr = (struct capability_header *)(pnt + 1); | |
1980 | ||
1981 | /* Action value check. */ | |
1982 | if (action != CAPABILITY_ACTION_SET | |
1983 | && action != CAPABILITY_ACTION_UNSET) { | |
1984 | zlog_info("%s Capability Action Value error %d", | |
1985 | peer->host, action); | |
1986 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
1987 | return -1; | |
1988 | } | |
1989 | ||
1990 | if (bgp_debug_neighbor_events(peer)) | |
1991 | zlog_debug( | |
1992 | "%s CAPABILITY has action: %d, code: %u, length %u", | |
1993 | peer->host, action, hdr->code, hdr->length); | |
1994 | ||
1995 | /* Capability length check. */ | |
1996 | if ((pnt + hdr->length + 3) > end) { | |
1997 | zlog_info("%s Capability length error", peer->host); | |
1998 | bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0); | |
1999 | return -1; | |
2000 | } | |
2001 | ||
2002 | /* Fetch structure to the byte stream. */ | |
2003 | memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data)); | |
2004 | ||
2005 | /* We know MP Capability Code. */ | |
2006 | if (hdr->code == CAPABILITY_CODE_MP) { | |
2007 | pkt_afi = ntohs(mpc.afi); | |
2008 | pkt_safi = mpc.safi; | |
2009 | ||
2010 | /* Ignore capability when override-capability is set. */ | |
2011 | if (CHECK_FLAG(peer->flags, | |
2012 | PEER_FLAG_OVERRIDE_CAPABILITY)) | |
2013 | continue; | |
2014 | ||
2015 | /* Convert AFI, SAFI to internal values. */ | |
2016 | if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, | |
2017 | &safi)) { | |
2018 | if (bgp_debug_neighbor_events(peer)) | |
2019 | zlog_debug( | |
2020 | "%s Dynamic Capability MP_EXT afi/safi invalid " | |
2021 | "(%u/%u)", | |
2022 | peer->host, pkt_afi, pkt_safi); | |
2023 | continue; | |
2024 | } | |
2025 | ||
2026 | /* Address family check. */ | |
2027 | if (bgp_debug_neighbor_events(peer)) | |
2028 | zlog_debug( | |
2029 | "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u", | |
2030 | peer->host, | |
2031 | action == CAPABILITY_ACTION_SET | |
2032 | ? "Advertising" | |
2033 | : "Removing", | |
2034 | pkt_afi, pkt_safi); | |
2035 | ||
2036 | if (action == CAPABILITY_ACTION_SET) { | |
2037 | peer->afc_recv[afi][safi] = 1; | |
2038 | if (peer->afc[afi][safi]) { | |
2039 | peer->afc_nego[afi][safi] = 1; | |
2040 | bgp_announce_route(peer, afi, safi); | |
2041 | } | |
2042 | } else { | |
2043 | peer->afc_recv[afi][safi] = 0; | |
2044 | peer->afc_nego[afi][safi] = 0; | |
2045 | ||
2046 | if (peer_active_nego(peer)) | |
2047 | bgp_clear_route(peer, afi, safi); | |
2048 | else | |
2049 | BGP_EVENT_ADD(peer, BGP_Stop); | |
2050 | } | |
2051 | } else { | |
2052 | zlog_warn( | |
2053 | "%s unrecognized capability code: %d - ignored", | |
2054 | peer->host, hdr->code); | |
2055 | } | |
2056 | pnt += hdr->length + 3; | |
2057 | } | |
2058 | return 0; | |
718e3744 | 2059 | } |
2060 | ||
d62a17ae | 2061 | /* Dynamic Capability is received. |
01b7ce2d PJ |
2062 | * |
2063 | * This is exported for unit-test purposes | |
2064 | */ | |
d62a17ae | 2065 | int bgp_capability_receive(struct peer *peer, bgp_size_t size) |
718e3744 | 2066 | { |
d62a17ae | 2067 | u_char *pnt; |
2068 | ||
2069 | /* Fetch pointer. */ | |
2070 | pnt = stream_pnt(peer->ibuf); | |
2071 | ||
2072 | if (bgp_debug_neighbor_events(peer)) | |
2073 | zlog_debug("%s rcv CAPABILITY", peer->host); | |
2074 | ||
2075 | /* If peer does not have the capability, send notification. */ | |
2076 | if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) { | |
2077 | zlog_err("%s [Error] BGP dynamic capability is not enabled", | |
2078 | peer->host); | |
2079 | bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, | |
2080 | BGP_NOTIFY_HEADER_BAD_MESTYPE); | |
2081 | return -1; | |
2082 | } | |
2083 | ||
2084 | /* Status must be Established. */ | |
2085 | if (peer->status != Established) { | |
2086 | zlog_err( | |
2087 | "%s [Error] Dynamic capability packet received under status %s", | |
2088 | peer->host, | |
2089 | lookup_msg(bgp_status_msg, peer->status, NULL)); | |
2090 | bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0); | |
2091 | return -1; | |
2092 | } | |
2093 | ||
2094 | /* Parse packet. */ | |
2095 | return bgp_capability_msg_parse(peer, pnt, size); | |
718e3744 | 2096 | } |
6b0655a2 | 2097 | |
718e3744 | 2098 | /* BGP read utility function. */ |
d62a17ae | 2099 | static int bgp_read_packet(struct peer *peer) |
718e3744 | 2100 | { |
d62a17ae | 2101 | int nbytes; |
2102 | int readsize; | |
718e3744 | 2103 | |
d62a17ae | 2104 | readsize = peer->packet_size - stream_get_endp(peer->ibuf); |
718e3744 | 2105 | |
d62a17ae | 2106 | /* If size is zero then return. */ |
2107 | if (!readsize) | |
2108 | return 0; | |
718e3744 | 2109 | |
d62a17ae | 2110 | /* Read packet from fd. */ |
2111 | nbytes = stream_read_try(peer->ibuf, peer->fd, readsize); | |
718e3744 | 2112 | |
d62a17ae | 2113 | /* If read byte is smaller than zero then error occured. */ |
2114 | if (nbytes < 0) { | |
2115 | /* Transient error should retry */ | |
2116 | if (nbytes == -2) | |
2117 | return -1; | |
718e3744 | 2118 | |
d62a17ae | 2119 | zlog_err("%s [Error] bgp_read_packet error: %s", peer->host, |
2120 | safe_strerror(errno)); | |
93406d87 | 2121 | |
d62a17ae | 2122 | if (peer->status == Established) { |
2123 | if (CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE)) { | |
2124 | peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION; | |
2125 | SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT); | |
2126 | } else | |
2127 | peer->last_reset = PEER_DOWN_CLOSE_SESSION; | |
2128 | } | |
93406d87 | 2129 | |
d62a17ae | 2130 | BGP_EVENT_ADD(peer, TCP_fatal_error); |
2131 | return -1; | |
2132 | } | |
718e3744 | 2133 | |
d62a17ae | 2134 | /* When read byte is zero : clear bgp peer and return */ |
2135 | if (nbytes == 0) { | |
2136 | if (bgp_debug_neighbor_events(peer)) | |
2137 | zlog_debug("%s [Event] BGP connection closed fd %d", | |
2138 | peer->host, peer->fd); | |
2139 | ||
2140 | if (peer->status == Established) { | |
2141 | if (CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE)) { | |
2142 | peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION; | |
2143 | SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT); | |
2144 | } else | |
2145 | peer->last_reset = PEER_DOWN_CLOSE_SESSION; | |
2146 | } | |
e0701b79 | 2147 | |
d62a17ae | 2148 | BGP_EVENT_ADD(peer, TCP_connection_closed); |
2149 | return -1; | |
93406d87 | 2150 | } |
e0701b79 | 2151 | |
d62a17ae | 2152 | /* We read partial packet. */ |
2153 | if (stream_get_endp(peer->ibuf) != peer->packet_size) | |
2154 | return -1; | |
718e3744 | 2155 | |
d62a17ae | 2156 | return 0; |
718e3744 | 2157 | } |
2158 | ||
2159 | /* Marker check. */ | |
d62a17ae | 2160 | static int bgp_marker_all_one(struct stream *s, int length) |
718e3744 | 2161 | { |
d62a17ae | 2162 | int i; |
718e3744 | 2163 | |
d62a17ae | 2164 | for (i = 0; i < length; i++) |
2165 | if (s->data[i] != 0xff) | |
2166 | return 0; | |
718e3744 | 2167 | |
d62a17ae | 2168 | return 1; |
718e3744 | 2169 | } |
2170 | ||
2171 | /* Starting point of packet process function. */ | |
d62a17ae | 2172 | int bgp_read(struct thread *thread) |
718e3744 | 2173 | { |
d62a17ae | 2174 | int ret; |
2175 | u_char type = 0; | |
2176 | struct peer *peer; | |
2177 | bgp_size_t size; | |
2178 | char notify_data_length[2]; | |
2179 | u_int32_t notify_out; | |
2180 | ||
2181 | /* Yes first of all get peer pointer. */ | |
2182 | peer = THREAD_ARG(thread); | |
2183 | peer->t_read = NULL; | |
2184 | ||
2185 | /* Note notify_out so we can check later to see if we sent another one | |
2186 | */ | |
2187 | notify_out = peer->notify_out; | |
2188 | ||
2189 | /* For non-blocking IO check. */ | |
2190 | if (peer->status == Connect) { | |
2191 | bgp_connect_check(peer, 1); | |
2192 | goto done; | |
2193 | } else { | |
2194 | if (peer->fd < 0) { | |
2195 | zlog_err("bgp_read peer's fd is negative value %d", | |
2196 | peer->fd); | |
2197 | return -1; | |
2198 | } | |
2199 | BGP_READ_ON(peer->t_read, bgp_read, peer->fd); | |
718e3744 | 2200 | } |
d62a17ae | 2201 | |
2202 | /* Read packet header to determine type of the packet */ | |
2203 | if (peer->packet_size == 0) | |
2204 | peer->packet_size = BGP_HEADER_SIZE; | |
2205 | ||
2206 | if (stream_get_endp(peer->ibuf) < BGP_HEADER_SIZE) { | |
2207 | ret = bgp_read_packet(peer); | |
2208 | ||
2209 | /* Header read error or partial read packet. */ | |
2210 | if (ret < 0) | |
2211 | goto done; | |
2212 | ||
2213 | /* Get size and type. */ | |
2214 | stream_forward_getp(peer->ibuf, BGP_MARKER_SIZE); | |
2215 | memcpy(notify_data_length, stream_pnt(peer->ibuf), 2); | |
2216 | size = stream_getw(peer->ibuf); | |
2217 | type = stream_getc(peer->ibuf); | |
2218 | ||
2219 | /* Marker check */ | |
2220 | if (((type == BGP_MSG_OPEN) || (type == BGP_MSG_KEEPALIVE)) | |
2221 | && !bgp_marker_all_one(peer->ibuf, BGP_MARKER_SIZE)) { | |
2222 | bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, | |
2223 | BGP_NOTIFY_HEADER_NOT_SYNC); | |
2224 | goto done; | |
2225 | } | |
2226 | ||
2227 | /* BGP type check. */ | |
2228 | if (type != BGP_MSG_OPEN && type != BGP_MSG_UPDATE | |
2229 | && type != BGP_MSG_NOTIFY && type != BGP_MSG_KEEPALIVE | |
2230 | && type != BGP_MSG_ROUTE_REFRESH_NEW | |
2231 | && type != BGP_MSG_ROUTE_REFRESH_OLD | |
2232 | && type != BGP_MSG_CAPABILITY) { | |
2233 | if (bgp_debug_neighbor_events(peer)) | |
2234 | zlog_debug("%s unknown message type 0x%02x", | |
2235 | peer->host, type); | |
2236 | bgp_notify_send_with_data(peer, BGP_NOTIFY_HEADER_ERR, | |
2237 | BGP_NOTIFY_HEADER_BAD_MESTYPE, | |
2238 | &type, 1); | |
2239 | goto done; | |
2240 | } | |
2241 | /* Mimimum packet length check. */ | |
2242 | if ((size < BGP_HEADER_SIZE) || (size > BGP_MAX_PACKET_SIZE) | |
2243 | || (type == BGP_MSG_OPEN && size < BGP_MSG_OPEN_MIN_SIZE) | |
2244 | || (type == BGP_MSG_UPDATE | |
2245 | && size < BGP_MSG_UPDATE_MIN_SIZE) | |
2246 | || (type == BGP_MSG_NOTIFY | |
2247 | && size < BGP_MSG_NOTIFY_MIN_SIZE) | |
2248 | || (type == BGP_MSG_KEEPALIVE | |
2249 | && size != BGP_MSG_KEEPALIVE_MIN_SIZE) | |
2250 | || (type == BGP_MSG_ROUTE_REFRESH_NEW | |
2251 | && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE) | |
2252 | || (type == BGP_MSG_ROUTE_REFRESH_OLD | |
2253 | && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE) | |
2254 | || (type == BGP_MSG_CAPABILITY | |
2255 | && size < BGP_MSG_CAPABILITY_MIN_SIZE)) { | |
2256 | if (bgp_debug_neighbor_events(peer)) | |
2257 | zlog_debug("%s bad message length - %d for %s", | |
2258 | peer->host, size, | |
2259 | type == 128 | |
2260 | ? "ROUTE-REFRESH" | |
2261 | : bgp_type_str[(int)type]); | |
2262 | bgp_notify_send_with_data(peer, BGP_NOTIFY_HEADER_ERR, | |
2263 | BGP_NOTIFY_HEADER_BAD_MESLEN, | |
2264 | (u_char *)notify_data_length, | |
2265 | 2); | |
2266 | goto done; | |
2267 | } | |
2268 | ||
2269 | /* Adjust size to message length. */ | |
2270 | peer->packet_size = size; | |
718e3744 | 2271 | } |
2272 | ||
d62a17ae | 2273 | ret = bgp_read_packet(peer); |
2274 | if (ret < 0) | |
2275 | goto done; | |
2276 | ||
2277 | /* Get size and type again. */ | |
2278 | (void)stream_getw_from(peer->ibuf, BGP_MARKER_SIZE); | |
2279 | type = stream_getc_from(peer->ibuf, BGP_MARKER_SIZE + 2); | |
2280 | ||
2281 | /* BGP packet dump function. */ | |
2282 | bgp_dump_packet(peer, type, peer->ibuf); | |
2283 | ||
2284 | size = (peer->packet_size - BGP_HEADER_SIZE); | |
2285 | ||
2286 | /* Read rest of the packet and call each sort of packet routine */ | |
2287 | switch (type) { | |
2288 | case BGP_MSG_OPEN: | |
2289 | peer->open_in++; | |
2290 | bgp_open_receive(peer, size); /* XXX return value ignored! */ | |
2291 | break; | |
2292 | case BGP_MSG_UPDATE: | |
2293 | peer->readtime = monotime(NULL); | |
2294 | bgp_update_receive(peer, size); | |
2295 | break; | |
2296 | case BGP_MSG_NOTIFY: | |
2297 | bgp_notify_receive(peer, size); | |
2298 | break; | |
2299 | case BGP_MSG_KEEPALIVE: | |
2300 | peer->readtime = monotime(NULL); | |
2301 | bgp_keepalive_receive(peer, size); | |
2302 | break; | |
2303 | case BGP_MSG_ROUTE_REFRESH_NEW: | |
2304 | case BGP_MSG_ROUTE_REFRESH_OLD: | |
2305 | peer->refresh_in++; | |
2306 | bgp_route_refresh_receive(peer, size); | |
2307 | break; | |
2308 | case BGP_MSG_CAPABILITY: | |
2309 | peer->dynamic_cap_in++; | |
2310 | bgp_capability_receive(peer, size); | |
2311 | break; | |
718e3744 | 2312 | } |
d62a17ae | 2313 | |
2314 | /* If reading this packet caused us to send a NOTIFICATION then store a | |
2315 | * copy | |
2316 | * of the packet for troubleshooting purposes | |
2317 | */ | |
2318 | if (notify_out < peer->notify_out) { | |
2319 | memcpy(peer->last_reset_cause, peer->ibuf->data, | |
2320 | peer->packet_size); | |
2321 | peer->last_reset_cause_size = peer->packet_size; | |
2322 | notify_out = peer->notify_out; | |
2323 | } | |
2324 | ||
2325 | /* Clear input buffer. */ | |
2326 | peer->packet_size = 0; | |
2327 | if (peer->ibuf) | |
2328 | stream_reset(peer->ibuf); | |
2329 | ||
2330 | done: | |
2331 | /* If reading this packet caused us to send a NOTIFICATION then store a | |
2332 | * copy | |
2333 | * of the packet for troubleshooting purposes | |
2334 | */ | |
2335 | if (notify_out < peer->notify_out) { | |
2336 | memcpy(peer->last_reset_cause, peer->ibuf->data, | |
2337 | peer->packet_size); | |
2338 | peer->last_reset_cause_size = peer->packet_size; | |
718e3744 | 2339 | } |
2340 | ||
d62a17ae | 2341 | return 0; |
718e3744 | 2342 | } |