1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_errors.h"
43 #include "bgpd/bgp_label.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_lcommunity.h"
47 #include "bgpd/bgp_updgrp.h"
48 #include "bgpd/bgp_encap_types.h"
50 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
51 #include "bgp_encap_types.h"
52 #include "bgp_vnc_types.h"
54 #include "bgp_encap_types.h"
56 #include "bgp_flowspec_private.h"
59 /* Attribute strings for logging. */
60 static const struct message attr_str
[] = {
61 {BGP_ATTR_ORIGIN
, "ORIGIN"},
62 {BGP_ATTR_AS_PATH
, "AS_PATH"},
63 {BGP_ATTR_NEXT_HOP
, "NEXT_HOP"},
64 {BGP_ATTR_MULTI_EXIT_DISC
, "MULTI_EXIT_DISC"},
65 {BGP_ATTR_LOCAL_PREF
, "LOCAL_PREF"},
66 {BGP_ATTR_ATOMIC_AGGREGATE
, "ATOMIC_AGGREGATE"},
67 {BGP_ATTR_AGGREGATOR
, "AGGREGATOR"},
68 {BGP_ATTR_COMMUNITIES
, "COMMUNITY"},
69 {BGP_ATTR_ORIGINATOR_ID
, "ORIGINATOR_ID"},
70 {BGP_ATTR_CLUSTER_LIST
, "CLUSTER_LIST"},
71 {BGP_ATTR_DPA
, "DPA"},
72 {BGP_ATTR_ADVERTISER
, "ADVERTISER"},
73 {BGP_ATTR_RCID_PATH
, "RCID_PATH"},
74 {BGP_ATTR_MP_REACH_NLRI
, "MP_REACH_NLRI"},
75 {BGP_ATTR_MP_UNREACH_NLRI
, "MP_UNREACH_NLRI"},
76 {BGP_ATTR_EXT_COMMUNITIES
, "EXT_COMMUNITIES"},
77 {BGP_ATTR_AS4_PATH
, "AS4_PATH"},
78 {BGP_ATTR_AS4_AGGREGATOR
, "AS4_AGGREGATOR"},
79 {BGP_ATTR_AS_PATHLIMIT
, "AS_PATHLIMIT"},
80 {BGP_ATTR_PMSI_TUNNEL
, "PMSI_TUNNEL_ATTRIBUTE"},
81 {BGP_ATTR_ENCAP
, "ENCAP"},
82 #if ENABLE_BGP_VNC_ATTR
83 {BGP_ATTR_VNC
, "VNC"},
85 {BGP_ATTR_LARGE_COMMUNITIES
, "LARGE_COMMUNITY"},
86 {BGP_ATTR_PREFIX_SID
, "PREFIX_SID"},
89 static const struct message attr_flag_str
[] = {
90 {BGP_ATTR_FLAG_OPTIONAL
, "Optional"},
91 {BGP_ATTR_FLAG_TRANS
, "Transitive"},
92 {BGP_ATTR_FLAG_PARTIAL
, "Partial"},
93 /* bgp_attr_flags_diagnose() relies on this bit being last in
95 {BGP_ATTR_FLAG_EXTLEN
, "Extended Length"},
98 static struct hash
*cluster_hash
;
100 static void *cluster_hash_alloc(void *p
)
102 const struct cluster_list
*val
= (const struct cluster_list
*)p
;
103 struct cluster_list
*cluster
;
105 cluster
= XMALLOC(MTYPE_CLUSTER
, sizeof(struct cluster_list
));
106 cluster
->length
= val
->length
;
108 if (cluster
->length
) {
109 cluster
->list
= XMALLOC(MTYPE_CLUSTER_VAL
, val
->length
);
110 memcpy(cluster
->list
, val
->list
, val
->length
);
112 cluster
->list
= NULL
;
119 /* Cluster list related functions. */
120 static struct cluster_list
*cluster_parse(struct in_addr
*pnt
, int length
)
122 struct cluster_list tmp
;
123 struct cluster_list
*cluster
;
128 cluster
= hash_get(cluster_hash
, &tmp
, cluster_hash_alloc
);
133 int cluster_loop_check(struct cluster_list
*cluster
, struct in_addr originator
)
137 for (i
= 0; i
< cluster
->length
/ 4; i
++)
138 if (cluster
->list
[i
].s_addr
== originator
.s_addr
)
143 static unsigned int cluster_hash_key_make(const void *p
)
145 const struct cluster_list
*cluster
= p
;
147 return jhash(cluster
->list
, cluster
->length
, 0);
150 static bool cluster_hash_cmp(const void *p1
, const void *p2
)
152 const struct cluster_list
*cluster1
= p1
;
153 const struct cluster_list
*cluster2
= p2
;
155 return (cluster1
->length
== cluster2
->length
156 && memcmp(cluster1
->list
, cluster2
->list
, cluster1
->length
)
160 static void cluster_free(struct cluster_list
*cluster
)
162 XFREE(MTYPE_CLUSTER_VAL
, cluster
->list
);
163 XFREE(MTYPE_CLUSTER
, cluster
);
166 static struct cluster_list
*cluster_intern(struct cluster_list
*cluster
)
168 struct cluster_list
*find
;
170 find
= hash_get(cluster_hash
, cluster
, cluster_hash_alloc
);
176 void cluster_unintern(struct cluster_list
*cluster
)
181 if (cluster
->refcnt
== 0) {
182 hash_release(cluster_hash
, cluster
);
183 cluster_free(cluster
);
187 static void cluster_init(void)
189 cluster_hash
= hash_create(cluster_hash_key_make
, cluster_hash_cmp
,
193 static void cluster_finish(void)
195 hash_clean(cluster_hash
, (void (*)(void *))cluster_free
);
196 hash_free(cluster_hash
);
200 static struct hash
*encap_hash
= NULL
;
202 static struct hash
*vnc_hash
= NULL
;
205 struct bgp_attr_encap_subtlv
*encap_tlv_dup(struct bgp_attr_encap_subtlv
*orig
)
207 struct bgp_attr_encap_subtlv
*new;
208 struct bgp_attr_encap_subtlv
*tail
;
209 struct bgp_attr_encap_subtlv
*p
;
211 for (p
= orig
, tail
= new = NULL
; p
; p
= p
->next
) {
212 int size
= sizeof(struct bgp_attr_encap_subtlv
) + p
->length
;
214 tail
->next
= XCALLOC(MTYPE_ENCAP_TLV
, size
);
217 tail
= new = XCALLOC(MTYPE_ENCAP_TLV
, size
);
220 memcpy(tail
, p
, size
);
227 static void encap_free(struct bgp_attr_encap_subtlv
*p
)
229 struct bgp_attr_encap_subtlv
*next
;
233 XFREE(MTYPE_ENCAP_TLV
, p
);
238 void bgp_attr_flush_encap(struct attr
*attr
)
243 if (attr
->encap_subtlvs
) {
244 encap_free(attr
->encap_subtlvs
);
245 attr
->encap_subtlvs
= NULL
;
248 if (attr
->vnc_subtlvs
) {
249 encap_free(attr
->vnc_subtlvs
);
250 attr
->vnc_subtlvs
= NULL
;
256 * Compare encap sub-tlv chains
261 * This algorithm could be made faster if needed
263 static int encap_same(const struct bgp_attr_encap_subtlv
*h1
,
264 const struct bgp_attr_encap_subtlv
*h2
)
266 const struct bgp_attr_encap_subtlv
*p
;
267 const struct bgp_attr_encap_subtlv
*q
;
271 if (h1
== NULL
|| h2
== NULL
)
274 for (p
= h1
; p
; p
= p
->next
) {
275 for (q
= h2
; q
; q
= q
->next
) {
276 if ((p
->type
== q
->type
) && (p
->length
== q
->length
)
277 && !memcmp(p
->value
, q
->value
, p
->length
)) {
286 for (p
= h2
; p
; p
= p
->next
) {
287 for (q
= h1
; q
; q
= q
->next
) {
288 if ((p
->type
== q
->type
) && (p
->length
== q
->length
)
289 && !memcmp(p
->value
, q
->value
, p
->length
)) {
301 static void *encap_hash_alloc(void *p
)
303 /* Encap structure is already allocated. */
314 static struct bgp_attr_encap_subtlv
*
315 encap_intern(struct bgp_attr_encap_subtlv
*encap
, encap_subtlv_type type
)
317 struct bgp_attr_encap_subtlv
*find
;
318 struct hash
*hash
= encap_hash
;
320 if (type
== VNC_SUBTLV_TYPE
)
324 find
= hash_get(hash
, encap
, encap_hash_alloc
);
332 static void encap_unintern(struct bgp_attr_encap_subtlv
**encapp
,
333 encap_subtlv_type type
)
335 struct bgp_attr_encap_subtlv
*encap
= *encapp
;
339 if (encap
->refcnt
== 0) {
340 struct hash
*hash
= encap_hash
;
342 if (type
== VNC_SUBTLV_TYPE
)
345 hash_release(hash
, encap
);
351 static unsigned int encap_hash_key_make(const void *p
)
353 const struct bgp_attr_encap_subtlv
*encap
= p
;
355 return jhash(encap
->value
, encap
->length
, 0);
358 static bool encap_hash_cmp(const void *p1
, const void *p2
)
360 return encap_same((const struct bgp_attr_encap_subtlv
*)p1
,
361 (const struct bgp_attr_encap_subtlv
*)p2
);
364 static void encap_init(void)
366 encap_hash
= hash_create(encap_hash_key_make
, encap_hash_cmp
,
369 vnc_hash
= hash_create(encap_hash_key_make
, encap_hash_cmp
,
374 static void encap_finish(void)
376 hash_clean(encap_hash
, (void (*)(void *))encap_free
);
377 hash_free(encap_hash
);
380 hash_clean(vnc_hash
, (void (*)(void *))encap_free
);
386 static bool overlay_index_same(const struct attr
*a1
, const struct attr
*a2
)
394 return !memcmp(&(a1
->evpn_overlay
), &(a2
->evpn_overlay
),
395 sizeof(struct bgp_route_evpn
));
398 /* Unknown transit attribute. */
399 static struct hash
*transit_hash
;
401 static void transit_free(struct transit
*transit
)
403 XFREE(MTYPE_TRANSIT_VAL
, transit
->val
);
404 XFREE(MTYPE_TRANSIT
, transit
);
407 static void *transit_hash_alloc(void *p
)
409 /* Transit structure is already allocated. */
413 static struct transit
*transit_intern(struct transit
*transit
)
415 struct transit
*find
;
417 find
= hash_get(transit_hash
, transit
, transit_hash_alloc
);
419 transit_free(transit
);
425 void transit_unintern(struct transit
*transit
)
430 if (transit
->refcnt
== 0) {
431 hash_release(transit_hash
, transit
);
432 transit_free(transit
);
436 static unsigned int transit_hash_key_make(const void *p
)
438 const struct transit
*transit
= p
;
440 return jhash(transit
->val
, transit
->length
, 0);
443 static bool transit_hash_cmp(const void *p1
, const void *p2
)
445 const struct transit
*transit1
= p1
;
446 const struct transit
*transit2
= p2
;
448 return (transit1
->length
== transit2
->length
449 && memcmp(transit1
->val
, transit2
->val
, transit1
->length
) == 0);
452 static void transit_init(void)
454 transit_hash
= hash_create(transit_hash_key_make
, transit_hash_cmp
,
458 static void transit_finish(void)
460 hash_clean(transit_hash
, (void (*)(void *))transit_free
);
461 hash_free(transit_hash
);
465 /* Attribute hash routines. */
466 static struct hash
*attrhash
;
468 /* Shallow copy of an attribute
469 * Though, not so shallow that it doesn't copy the contents
470 * of the attr_extra pointed to by 'extra'
472 void bgp_attr_dup(struct attr
*new, struct attr
*orig
)
477 unsigned long int attr_count(void)
479 return attrhash
->count
;
482 unsigned long int attr_unknown_count(void)
484 return transit_hash
->count
;
487 unsigned int attrhash_key_make(const void *p
)
489 const struct attr
*attr
= (struct attr
*)p
;
491 #define MIX(val) key = jhash_1word(val, key)
492 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
494 MIX3(attr
->origin
, attr
->nexthop
.s_addr
, attr
->med
);
495 MIX3(attr
->local_pref
, attr
->aggregator_as
,
496 attr
->aggregator_addr
.s_addr
);
497 MIX3(attr
->weight
, attr
->mp_nexthop_global_in
.s_addr
,
498 attr
->originator_id
.s_addr
);
499 MIX3(attr
->tag
, attr
->label
, attr
->label_index
);
502 MIX(aspath_key_make(attr
->aspath
));
504 MIX(community_hash_make(attr
->community
));
506 if (attr
->lcommunity
)
507 MIX(lcommunity_hash_make(attr
->lcommunity
));
508 if (attr
->ecommunity
)
509 MIX(ecommunity_hash_make(attr
->ecommunity
));
511 MIX(cluster_hash_key_make(attr
->cluster
));
513 MIX(transit_hash_key_make(attr
->transit
));
514 if (attr
->encap_subtlvs
)
515 MIX(encap_hash_key_make(attr
->encap_subtlvs
));
517 if (attr
->vnc_subtlvs
)
518 MIX(encap_hash_key_make(attr
->vnc_subtlvs
));
520 MIX(attr
->mp_nexthop_len
);
521 key
= jhash(attr
->mp_nexthop_global
.s6_addr
, IPV6_MAX_BYTELEN
, key
);
522 key
= jhash(attr
->mp_nexthop_local
.s6_addr
, IPV6_MAX_BYTELEN
, key
);
523 MIX(attr
->nh_ifindex
);
524 MIX(attr
->nh_lla_ifindex
);
529 bool attrhash_cmp(const void *p1
, const void *p2
)
531 const struct attr
*attr1
= p1
;
532 const struct attr
*attr2
= p2
;
534 if (attr1
->flag
== attr2
->flag
&& attr1
->origin
== attr2
->origin
535 && attr1
->nexthop
.s_addr
== attr2
->nexthop
.s_addr
536 && attr1
->aspath
== attr2
->aspath
537 && attr1
->community
== attr2
->community
&& attr1
->med
== attr2
->med
538 && attr1
->local_pref
== attr2
->local_pref
539 && attr1
->rmap_change_flags
== attr2
->rmap_change_flags
) {
540 if (attr1
->aggregator_as
== attr2
->aggregator_as
541 && attr1
->aggregator_addr
.s_addr
542 == attr2
->aggregator_addr
.s_addr
543 && attr1
->weight
== attr2
->weight
544 && attr1
->tag
== attr2
->tag
545 && attr1
->label_index
== attr2
->label_index
546 && attr1
->mp_nexthop_len
== attr2
->mp_nexthop_len
547 && attr1
->ecommunity
== attr2
->ecommunity
548 && attr1
->lcommunity
== attr2
->lcommunity
549 && attr1
->cluster
== attr2
->cluster
550 && attr1
->transit
== attr2
->transit
551 && (attr1
->encap_tunneltype
== attr2
->encap_tunneltype
)
552 && encap_same(attr1
->encap_subtlvs
, attr2
->encap_subtlvs
)
554 && encap_same(attr1
->vnc_subtlvs
, attr2
->vnc_subtlvs
)
556 && IPV6_ADDR_SAME(&attr1
->mp_nexthop_global
,
557 &attr2
->mp_nexthop_global
)
558 && IPV6_ADDR_SAME(&attr1
->mp_nexthop_local
,
559 &attr2
->mp_nexthop_local
)
560 && IPV4_ADDR_SAME(&attr1
->mp_nexthop_global_in
,
561 &attr2
->mp_nexthop_global_in
)
562 && IPV4_ADDR_SAME(&attr1
->originator_id
,
563 &attr2
->originator_id
)
564 && overlay_index_same(attr1
, attr2
)
565 && attr1
->nh_ifindex
== attr2
->nh_ifindex
566 && attr1
->nh_lla_ifindex
== attr2
->nh_lla_ifindex
)
573 static void attrhash_init(void)
576 hash_create(attrhash_key_make
, attrhash_cmp
, "BGP Attributes");
580 * special for hash_clean below
582 static void attr_vfree(void *attr
)
584 XFREE(MTYPE_ATTR
, attr
);
587 static void attrhash_finish(void)
589 hash_clean(attrhash
, attr_vfree
);
594 static void attr_show_all_iterator(struct hash_bucket
*bucket
, struct vty
*vty
)
596 struct attr
*attr
= bucket
->data
;
598 vty_out(vty
, "attr[%ld] nexthop %s\n", attr
->refcnt
,
599 inet_ntoa(attr
->nexthop
));
600 vty_out(vty
, "\tflags: %" PRIu64
" med: %u local_pref: %u origin: %u weight: %u label: %u\n",
601 attr
->flag
, attr
->med
, attr
->local_pref
, attr
->origin
,
602 attr
->weight
, attr
->label
);
605 void attr_show_all(struct vty
*vty
)
607 hash_iterate(attrhash
, (void (*)(struct hash_bucket
*,
608 void *))attr_show_all_iterator
,
612 static void *bgp_attr_hash_alloc(void *p
)
614 struct attr
*val
= (struct attr
*)p
;
617 attr
= XMALLOC(MTYPE_ATTR
, sizeof(struct attr
));
619 if (val
->encap_subtlvs
) {
620 val
->encap_subtlvs
= NULL
;
623 if (val
->vnc_subtlvs
) {
624 val
->vnc_subtlvs
= NULL
;
631 /* Internet argument attribute. */
632 struct attr
*bgp_attr_intern(struct attr
*attr
)
636 /* Intern referenced strucutre. */
638 if (!attr
->aspath
->refcnt
)
639 attr
->aspath
= aspath_intern(attr
->aspath
);
641 attr
->aspath
->refcnt
++;
643 if (attr
->community
) {
644 if (!attr
->community
->refcnt
)
645 attr
->community
= community_intern(attr
->community
);
647 attr
->community
->refcnt
++;
650 if (attr
->ecommunity
) {
651 if (!attr
->ecommunity
->refcnt
)
652 attr
->ecommunity
= ecommunity_intern(attr
->ecommunity
);
654 attr
->ecommunity
->refcnt
++;
656 if (attr
->lcommunity
) {
657 if (!attr
->lcommunity
->refcnt
)
658 attr
->lcommunity
= lcommunity_intern(attr
->lcommunity
);
660 attr
->lcommunity
->refcnt
++;
663 if (!attr
->cluster
->refcnt
)
664 attr
->cluster
= cluster_intern(attr
->cluster
);
666 attr
->cluster
->refcnt
++;
669 if (!attr
->transit
->refcnt
)
670 attr
->transit
= transit_intern(attr
->transit
);
672 attr
->transit
->refcnt
++;
674 if (attr
->encap_subtlvs
) {
675 if (!attr
->encap_subtlvs
->refcnt
)
676 attr
->encap_subtlvs
= encap_intern(attr
->encap_subtlvs
,
679 attr
->encap_subtlvs
->refcnt
++;
682 if (attr
->vnc_subtlvs
) {
683 if (!attr
->vnc_subtlvs
->refcnt
)
684 attr
->vnc_subtlvs
= encap_intern(attr
->vnc_subtlvs
,
687 attr
->vnc_subtlvs
->refcnt
++;
691 /* At this point, attr only contains intern'd pointers. that means
692 * if we find it in attrhash, it has all the same pointers and we
693 * correctly updated the refcounts on these.
694 * If we don't find it, we need to allocate a one because in all
695 * cases this returns a new reference to a hashed attr, but the input
697 find
= (struct attr
*)hash_get(attrhash
, attr
, bgp_attr_hash_alloc
);
703 /* Make network statement's attribute. */
704 struct attr
*bgp_attr_default_set(struct attr
*attr
, uint8_t origin
)
706 memset(attr
, 0, sizeof(struct attr
));
708 attr
->origin
= origin
;
709 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
710 attr
->aspath
= aspath_empty();
711 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
712 attr
->weight
= BGP_ATTR_DEFAULT_WEIGHT
;
714 attr
->label_index
= BGP_INVALID_LABEL_INDEX
;
715 attr
->label
= MPLS_INVALID_LABEL
;
716 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
717 attr
->mp_nexthop_len
= IPV6_MAX_BYTELEN
;
722 /* Create the attributes for an aggregate */
723 struct attr
*bgp_attr_aggregate_intern(struct bgp
*bgp
, uint8_t origin
,
724 struct aspath
*aspath
,
725 struct community
*community
,
726 struct ecommunity
*ecommunity
,
727 struct lcommunity
*lcommunity
,
728 int as_set
, uint8_t atomic_aggregate
)
733 memset(&attr
, 0, sizeof(struct attr
));
735 /* Origin attribute. */
736 attr
.origin
= origin
;
737 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
739 /* AS path attribute. */
741 attr
.aspath
= aspath_intern(aspath
);
743 attr
.aspath
= aspath_empty();
744 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
746 /* Next hop attribute. */
747 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
750 uint32_t gshut
= COMMUNITY_GSHUT
;
752 /* If we are not shutting down ourselves and we are
753 * aggregating a route that contains the GSHUT community we
754 * need to remove that community when creating the aggregate */
755 if (!bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
)
756 && community_include(community
, gshut
)) {
757 community_del_val(community
, &gshut
);
760 attr
.community
= community
;
761 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
);
765 attr
.ecommunity
= ecommunity
;
766 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
);
770 attr
.lcommunity
= lcommunity
;
771 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
);
774 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
)) {
775 bgp_attr_add_gshut_community(&attr
);
778 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
779 attr
.label
= MPLS_INVALID_LABEL
;
780 attr
.weight
= BGP_ATTR_DEFAULT_WEIGHT
;
781 attr
.mp_nexthop_len
= IPV6_MAX_BYTELEN
;
782 if (!as_set
|| atomic_aggregate
)
783 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
);
784 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
);
785 if (CHECK_FLAG(bgp
->config
, BGP_CONFIG_CONFEDERATION
))
786 attr
.aggregator_as
= bgp
->confed_id
;
788 attr
.aggregator_as
= bgp
->as
;
789 attr
.aggregator_addr
= bgp
->router_id
;
790 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
791 attr
.label
= MPLS_INVALID_LABEL
;
793 new = bgp_attr_intern(&attr
);
795 aspath_unintern(&new->aspath
);
799 /* Unintern just the sub-components of the attr, but not the attr */
800 void bgp_attr_unintern_sub(struct attr
*attr
)
802 /* aspath refcount shoud be decrement. */
804 aspath_unintern(&attr
->aspath
);
805 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
));
808 community_unintern(&attr
->community
);
809 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
));
811 if (attr
->ecommunity
)
812 ecommunity_unintern(&attr
->ecommunity
);
813 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
));
815 if (attr
->lcommunity
)
816 lcommunity_unintern(&attr
->lcommunity
);
817 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
));
820 cluster_unintern(attr
->cluster
);
821 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST
));
824 transit_unintern(attr
->transit
);
826 if (attr
->encap_subtlvs
)
827 encap_unintern(&attr
->encap_subtlvs
, ENCAP_SUBTLV_TYPE
);
830 if (attr
->vnc_subtlvs
)
831 encap_unintern(&attr
->vnc_subtlvs
, VNC_SUBTLV_TYPE
);
836 * We have some show commands that let you experimentally
837 * apply a route-map. When we apply the route-map
838 * we are reseting values but not saving them for
839 * posterity via intern'ing( because route-maps don't
840 * do that) but at this point in time we need
841 * to compare the new attr to the old and if the
842 * routemap has changed it we need to, as Snoop Dog says,
843 * Drop it like it's hot
845 void bgp_attr_undup(struct attr
*new, struct attr
*old
)
847 if (new->aspath
!= old
->aspath
)
848 aspath_free(new->aspath
);
850 if (new->community
!= old
->community
)
851 community_free(&new->community
);
853 if (new->ecommunity
!= old
->ecommunity
)
854 ecommunity_free(&new->ecommunity
);
856 if (new->lcommunity
!= old
->lcommunity
)
857 lcommunity_free(&new->lcommunity
);
860 /* Free bgp attribute and aspath. */
861 void bgp_attr_unintern(struct attr
**pattr
)
863 struct attr
*attr
= *pattr
;
867 /* Decrement attribute reference. */
872 /* If reference becomes zero then free attribute object. */
873 if (attr
->refcnt
== 0) {
874 ret
= hash_release(attrhash
, attr
);
876 XFREE(MTYPE_ATTR
, attr
);
880 bgp_attr_unintern_sub(&tmp
);
883 void bgp_attr_flush(struct attr
*attr
)
885 if (attr
->aspath
&& !attr
->aspath
->refcnt
) {
886 aspath_free(attr
->aspath
);
889 if (attr
->community
&& !attr
->community
->refcnt
)
890 community_free(&attr
->community
);
891 if (attr
->ecommunity
&& !attr
->ecommunity
->refcnt
)
892 ecommunity_free(&attr
->ecommunity
);
893 if (attr
->lcommunity
&& !attr
->lcommunity
->refcnt
)
894 lcommunity_free(&attr
->lcommunity
);
895 if (attr
->cluster
&& !attr
->cluster
->refcnt
) {
896 cluster_free(attr
->cluster
);
897 attr
->cluster
= NULL
;
899 if (attr
->transit
&& !attr
->transit
->refcnt
) {
900 transit_free(attr
->transit
);
901 attr
->transit
= NULL
;
903 if (attr
->encap_subtlvs
&& !attr
->encap_subtlvs
->refcnt
) {
904 encap_free(attr
->encap_subtlvs
);
905 attr
->encap_subtlvs
= NULL
;
908 if (attr
->vnc_subtlvs
&& !attr
->vnc_subtlvs
->refcnt
) {
909 encap_free(attr
->vnc_subtlvs
);
910 attr
->vnc_subtlvs
= NULL
;
915 /* Implement draft-scudder-idr-optional-transitive behaviour and
916 * avoid resetting sessions for malformed attributes which are
917 * are partial/optional and hence where the error likely was not
918 * introduced by the sending neighbour.
920 static bgp_attr_parse_ret_t
921 bgp_attr_malformed(struct bgp_attr_parser_args
*args
, uint8_t subcode
,
924 struct peer
*const peer
= args
->peer
;
925 const uint8_t flags
= args
->flags
;
926 /* startp and length must be special-cased, as whether or not to
927 * send the attribute data with the NOTIFY depends on the error,
928 * the caller therefore signals this with the seperate length argument
930 uint8_t *notify_datap
= (length
> 0 ? args
->startp
: NULL
);
932 /* Only relax error handling for eBGP peers */
933 if (peer
->sort
!= BGP_PEER_EBGP
) {
934 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
, subcode
,
935 notify_datap
, length
);
936 return BGP_ATTR_PARSE_ERROR
;
939 /* Adjust the stream getp to the end of the attribute, in case we can
940 * still proceed but the caller hasn't read all the attribute.
942 stream_set_getp(BGP_INPUT(peer
),
943 (args
->startp
- STREAM_DATA(BGP_INPUT(peer
)))
946 switch (args
->type
) {
947 /* where an attribute is relatively inconsequential, e.g. it does not
948 * affect route selection, and can be safely ignored, then any such
949 * attributes which are malformed should just be ignored and the route
950 * processed as normal.
952 case BGP_ATTR_AS4_AGGREGATOR
:
953 case BGP_ATTR_AGGREGATOR
:
954 case BGP_ATTR_ATOMIC_AGGREGATE
:
955 return BGP_ATTR_PARSE_PROCEED
;
957 /* Core attributes, particularly ones which may influence route
958 * selection, should always cause session resets
960 case BGP_ATTR_ORIGIN
:
961 case BGP_ATTR_AS_PATH
:
962 case BGP_ATTR_NEXT_HOP
:
963 case BGP_ATTR_MULTI_EXIT_DISC
:
964 case BGP_ATTR_LOCAL_PREF
:
965 case BGP_ATTR_COMMUNITIES
:
966 case BGP_ATTR_ORIGINATOR_ID
:
967 case BGP_ATTR_CLUSTER_LIST
:
968 case BGP_ATTR_MP_REACH_NLRI
:
969 case BGP_ATTR_MP_UNREACH_NLRI
:
970 case BGP_ATTR_EXT_COMMUNITIES
:
971 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
, subcode
,
972 notify_datap
, length
);
973 return BGP_ATTR_PARSE_ERROR
;
976 /* Partial optional attributes that are malformed should not cause
977 * the whole session to be reset. Instead treat it as a withdrawal
978 * of the routes, if possible.
980 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
)
981 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
982 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_PARTIAL
))
983 return BGP_ATTR_PARSE_WITHDRAW
;
985 /* default to reset */
986 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
989 /* Find out what is wrong with the path attribute flag bits and log the error.
990 "Flag bits" here stand for Optional, Transitive and Partial, but not for
991 Extended Length. Checking O/T/P bits at once implies, that the attribute
992 being diagnosed is defined by RFC as either a "well-known" or an "optional,
993 non-transitive" attribute. */
995 bgp_attr_flags_diagnose(struct bgp_attr_parser_args
*args
,
996 uint8_t desired_flags
/* how RFC says it must be */
1000 uint8_t real_flags
= args
->flags
;
1001 const uint8_t attr_code
= args
->type
;
1003 desired_flags
&= ~BGP_ATTR_FLAG_EXTLEN
;
1004 real_flags
&= ~BGP_ATTR_FLAG_EXTLEN
;
1005 for (i
= 0; i
<= 2; i
++) /* O,T,P, but not E */
1006 if (CHECK_FLAG(desired_flags
, attr_flag_str
[i
].key
)
1007 != CHECK_FLAG(real_flags
, attr_flag_str
[i
].key
)) {
1008 flog_err(EC_BGP_ATTR_FLAG
,
1009 "%s attribute must%s be flagged as \"%s\"",
1010 lookup_msg(attr_str
, attr_code
, NULL
),
1011 CHECK_FLAG(desired_flags
, attr_flag_str
[i
].key
)
1014 attr_flag_str
[i
].str
);
1019 "Strange, %s called for attr %s, but no problem found with flags"
1020 " (real flags 0x%x, desired 0x%x)",
1021 __func__
, lookup_msg(attr_str
, attr_code
, NULL
),
1022 real_flags
, desired_flags
);
1026 /* Required flags for attributes. EXTLEN will be masked off when testing,
1027 * as will PARTIAL for optional+transitive attributes.
1029 const uint8_t attr_flags_values
[] = {
1030 [BGP_ATTR_ORIGIN
] = BGP_ATTR_FLAG_TRANS
,
1031 [BGP_ATTR_AS_PATH
] = BGP_ATTR_FLAG_TRANS
,
1032 [BGP_ATTR_NEXT_HOP
] = BGP_ATTR_FLAG_TRANS
,
1033 [BGP_ATTR_MULTI_EXIT_DISC
] = BGP_ATTR_FLAG_OPTIONAL
,
1034 [BGP_ATTR_LOCAL_PREF
] = BGP_ATTR_FLAG_TRANS
,
1035 [BGP_ATTR_ATOMIC_AGGREGATE
] = BGP_ATTR_FLAG_TRANS
,
1036 [BGP_ATTR_AGGREGATOR
] = BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
,
1037 [BGP_ATTR_COMMUNITIES
] = BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
,
1038 [BGP_ATTR_ORIGINATOR_ID
] = BGP_ATTR_FLAG_OPTIONAL
,
1039 [BGP_ATTR_CLUSTER_LIST
] = BGP_ATTR_FLAG_OPTIONAL
,
1040 [BGP_ATTR_MP_REACH_NLRI
] = BGP_ATTR_FLAG_OPTIONAL
,
1041 [BGP_ATTR_MP_UNREACH_NLRI
] = BGP_ATTR_FLAG_OPTIONAL
,
1042 [BGP_ATTR_EXT_COMMUNITIES
] =
1043 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1044 [BGP_ATTR_AS4_PATH
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1045 [BGP_ATTR_AS4_AGGREGATOR
] =
1046 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1047 [BGP_ATTR_PMSI_TUNNEL
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1048 [BGP_ATTR_LARGE_COMMUNITIES
] =
1049 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1050 [BGP_ATTR_PREFIX_SID
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1052 static const size_t attr_flags_values_max
= array_size(attr_flags_values
) - 1;
1054 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args
*args
)
1056 uint8_t mask
= BGP_ATTR_FLAG_EXTLEN
;
1057 const uint8_t flags
= args
->flags
;
1058 const uint8_t attr_code
= args
->type
;
1060 /* there may be attributes we don't know about */
1061 if (attr_code
> attr_flags_values_max
)
1063 if (attr_flags_values
[attr_code
] == 0)
1066 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1070 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL
, flags
)
1071 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS
, flags
)) {
1074 "%s well-known attributes must have transitive flag set (%x)",
1075 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1079 /* "For well-known attributes and for optional non-transitive
1081 * the Partial bit MUST be set to 0."
1083 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_PARTIAL
)) {
1084 if (!CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)) {
1085 flog_err(EC_BGP_ATTR_FLAG
,
1086 "%s well-known attribute "
1087 "must NOT have the partial flag set (%x)",
1088 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1091 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1092 && !CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
)) {
1093 flog_err(EC_BGP_ATTR_FLAG
,
1094 "%s optional + transitive attribute "
1095 "must NOT have the partial flag set (%x)",
1096 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1101 /* Optional transitive attributes may go through speakers that don't
1102 * reocgnise them and set the Partial bit.
1104 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1105 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
))
1106 SET_FLAG(mask
, BGP_ATTR_FLAG_PARTIAL
);
1108 if ((flags
& ~mask
) == attr_flags_values
[attr_code
])
1111 bgp_attr_flags_diagnose(args
, attr_flags_values
[attr_code
]);
1115 /* Get origin attribute of the update message. */
1116 static bgp_attr_parse_ret_t
bgp_attr_origin(struct bgp_attr_parser_args
*args
)
1118 struct peer
*const peer
= args
->peer
;
1119 struct attr
*const attr
= args
->attr
;
1120 const bgp_size_t length
= args
->length
;
1122 /* If any recognized attribute has Attribute Length that conflicts
1123 with the expected length (based on the attribute type code), then
1124 the Error Subcode is set to Attribute Length Error. The Data
1125 field contains the erroneous attribute (type, length and
1128 flog_err(EC_BGP_ATTR_LEN
,
1129 "Origin attribute length is not one %d", length
);
1130 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1134 /* Fetch origin attribute. */
1135 attr
->origin
= stream_getc(BGP_INPUT(peer
));
1137 /* If the ORIGIN attribute has an undefined value, then the Error
1138 Subcode is set to Invalid Origin Attribute. The Data field
1139 contains the unrecognized attribute (type, length and value). */
1140 if ((attr
->origin
!= BGP_ORIGIN_IGP
) && (attr
->origin
!= BGP_ORIGIN_EGP
)
1141 && (attr
->origin
!= BGP_ORIGIN_INCOMPLETE
)) {
1142 flog_err(EC_BGP_ATTR_ORIGIN
,
1143 "Origin attribute value is invalid %d", attr
->origin
);
1144 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_INVAL_ORIGIN
,
1148 /* Set oring attribute flag. */
1149 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
1154 /* Parse AS path information. This function is wrapper of
1156 static int bgp_attr_aspath(struct bgp_attr_parser_args
*args
)
1158 struct attr
*const attr
= args
->attr
;
1159 struct peer
*const peer
= args
->peer
;
1160 const bgp_size_t length
= args
->length
;
1163 * peer with AS4 => will get 4Byte ASnums
1164 * otherwise, will get 16 Bit
1166 attr
->aspath
= aspath_parse(peer
->curr
, length
,
1167 CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
));
1169 /* In case of IBGP, length will be zero. */
1170 if (!attr
->aspath
) {
1171 flog_err(EC_BGP_ATTR_MAL_AS_PATH
,
1172 "Malformed AS path from %s, length is %d", peer
->host
,
1174 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_MAL_AS_PATH
,
1178 /* Set aspath attribute flag. */
1179 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
1181 return BGP_ATTR_PARSE_PROCEED
;
1184 static bgp_attr_parse_ret_t
bgp_attr_aspath_check(struct peer
*const peer
,
1185 struct attr
*const attr
)
1187 /* These checks were part of bgp_attr_aspath, but with
1188 * as4 we should to check aspath things when
1189 * aspath synthesizing with as4_path has already taken place.
1190 * Otherwise we check ASPATH and use the synthesized thing, and that is
1192 * So do the checks later, i.e. here
1194 struct aspath
*aspath
;
1196 /* Confederation sanity check. */
1197 if ((peer
->sort
== BGP_PEER_CONFED
1198 && !aspath_left_confed_check(attr
->aspath
))
1199 || (peer
->sort
== BGP_PEER_EBGP
1200 && aspath_confed_check(attr
->aspath
))) {
1201 flog_err(EC_BGP_ATTR_MAL_AS_PATH
, "Malformed AS path from %s",
1203 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1204 BGP_NOTIFY_UPDATE_MAL_AS_PATH
);
1205 return BGP_ATTR_PARSE_ERROR
;
1208 /* First AS check for EBGP. */
1209 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_ENFORCE_FIRST_AS
)) {
1210 if (peer
->sort
== BGP_PEER_EBGP
1211 && !aspath_firstas_check(attr
->aspath
, peer
->as
)) {
1212 flog_err(EC_BGP_ATTR_FIRST_AS
,
1213 "%s incorrect first AS (must be %u)",
1214 peer
->host
, peer
->as
);
1215 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1216 BGP_NOTIFY_UPDATE_MAL_AS_PATH
);
1217 return BGP_ATTR_PARSE_ERROR
;
1221 /* local-as prepend */
1222 if (peer
->change_local_as
1223 && !CHECK_FLAG(peer
->flags
, PEER_FLAG_LOCAL_AS_NO_PREPEND
)) {
1224 aspath
= aspath_dup(attr
->aspath
);
1225 aspath
= aspath_add_seq(aspath
, peer
->change_local_as
);
1226 aspath_unintern(&attr
->aspath
);
1227 attr
->aspath
= aspath_intern(aspath
);
1230 return BGP_ATTR_PARSE_PROCEED
;
1233 /* Parse AS4 path information. This function is another wrapper of
1235 static int bgp_attr_as4_path(struct bgp_attr_parser_args
*args
,
1236 struct aspath
**as4_path
)
1238 struct peer
*const peer
= args
->peer
;
1239 struct attr
*const attr
= args
->attr
;
1240 const bgp_size_t length
= args
->length
;
1242 *as4_path
= aspath_parse(peer
->curr
, length
, 1);
1244 /* In case of IBGP, length will be zero. */
1246 flog_err(EC_BGP_ATTR_MAL_AS_PATH
,
1247 "Malformed AS4 path from %s, length is %d", peer
->host
,
1249 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_MAL_AS_PATH
,
1253 /* Set aspath attribute flag. */
1254 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
);
1256 return BGP_ATTR_PARSE_PROCEED
;
1260 * Check that the nexthop attribute is valid.
1262 bgp_attr_parse_ret_t
1263 bgp_attr_nexthop_valid(struct peer
*peer
, struct attr
*attr
)
1265 in_addr_t nexthop_h
;
1267 nexthop_h
= ntohl(attr
->nexthop
.s_addr
);
1268 if ((IPV4_NET0(nexthop_h
) || IPV4_NET127(nexthop_h
)
1269 || IPV4_CLASS_DE(nexthop_h
))
1270 && !BGP_DEBUG(allow_martians
, ALLOW_MARTIANS
)) {
1271 char buf
[INET_ADDRSTRLEN
];
1273 inet_ntop(AF_INET
, &attr
->nexthop
.s_addr
, buf
,
1275 flog_err(EC_BGP_ATTR_MARTIAN_NH
, "Martian nexthop %s",
1277 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1278 BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP
);
1279 return BGP_ATTR_PARSE_ERROR
;
1282 return BGP_ATTR_PARSE_PROCEED
;
1285 /* Nexthop attribute. */
1286 static bgp_attr_parse_ret_t
bgp_attr_nexthop(struct bgp_attr_parser_args
*args
)
1288 struct peer
*const peer
= args
->peer
;
1289 struct attr
*const attr
= args
->attr
;
1290 const bgp_size_t length
= args
->length
;
1292 /* Check nexthop attribute length. */
1294 flog_err(EC_BGP_ATTR_LEN
,
1295 "Nexthop attribute length isn't four [%d]", length
);
1297 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1301 attr
->nexthop
.s_addr
= stream_get_ipv4(peer
->curr
);
1302 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
1304 return BGP_ATTR_PARSE_PROCEED
;
1307 /* MED atrribute. */
1308 static bgp_attr_parse_ret_t
bgp_attr_med(struct bgp_attr_parser_args
*args
)
1310 struct peer
*const peer
= args
->peer
;
1311 struct attr
*const attr
= args
->attr
;
1312 const bgp_size_t length
= args
->length
;
1316 flog_err(EC_BGP_ATTR_LEN
,
1317 "MED attribute length isn't four [%d]", length
);
1319 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1323 attr
->med
= stream_getl(peer
->curr
);
1325 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
);
1327 return BGP_ATTR_PARSE_PROCEED
;
1330 /* Local preference attribute. */
1331 static bgp_attr_parse_ret_t
1332 bgp_attr_local_pref(struct bgp_attr_parser_args
*args
)
1334 struct peer
*const peer
= args
->peer
;
1335 struct attr
*const attr
= args
->attr
;
1336 const bgp_size_t length
= args
->length
;
1340 flog_err(EC_BGP_ATTR_LEN
,
1341 "LOCAL_PREF attribute length isn't 4 [%u]", length
);
1342 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1346 /* If it is contained in an UPDATE message that is received from an
1347 external peer, then this attribute MUST be ignored by the
1348 receiving speaker. */
1349 if (peer
->sort
== BGP_PEER_EBGP
) {
1350 stream_forward_getp(peer
->curr
, length
);
1351 return BGP_ATTR_PARSE_PROCEED
;
1354 attr
->local_pref
= stream_getl(peer
->curr
);
1356 /* Set the local-pref flag. */
1357 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
);
1359 return BGP_ATTR_PARSE_PROCEED
;
1362 /* Atomic aggregate. */
1363 static int bgp_attr_atomic(struct bgp_attr_parser_args
*args
)
1365 struct attr
*const attr
= args
->attr
;
1366 const bgp_size_t length
= args
->length
;
1370 flog_err(EC_BGP_ATTR_LEN
,
1371 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1373 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1377 /* Set atomic aggregate flag. */
1378 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
);
1380 return BGP_ATTR_PARSE_PROCEED
;
1383 /* Aggregator attribute */
1384 static int bgp_attr_aggregator(struct bgp_attr_parser_args
*args
)
1386 struct peer
*const peer
= args
->peer
;
1387 struct attr
*const attr
= args
->attr
;
1388 const bgp_size_t length
= args
->length
;
1392 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1393 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
))
1396 if (length
!= wantedlen
) {
1397 flog_err(EC_BGP_ATTR_LEN
,
1398 "AGGREGATOR attribute length isn't %u [%u]", wantedlen
,
1400 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1404 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
))
1405 attr
->aggregator_as
= stream_getl(peer
->curr
);
1407 attr
->aggregator_as
= stream_getw(peer
->curr
);
1408 attr
->aggregator_addr
.s_addr
= stream_get_ipv4(peer
->curr
);
1410 /* Set atomic aggregate flag. */
1411 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
);
1413 return BGP_ATTR_PARSE_PROCEED
;
1416 /* New Aggregator attribute */
1417 static bgp_attr_parse_ret_t
1418 bgp_attr_as4_aggregator(struct bgp_attr_parser_args
*args
,
1419 as_t
*as4_aggregator_as
,
1420 struct in_addr
*as4_aggregator_addr
)
1422 struct peer
*const peer
= args
->peer
;
1423 struct attr
*const attr
= args
->attr
;
1424 const bgp_size_t length
= args
->length
;
1427 flog_err(EC_BGP_ATTR_LEN
, "New Aggregator length is not 8 [%d]",
1429 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1433 *as4_aggregator_as
= stream_getl(peer
->curr
);
1434 as4_aggregator_addr
->s_addr
= stream_get_ipv4(peer
->curr
);
1436 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
);
1438 return BGP_ATTR_PARSE_PROCEED
;
1441 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1443 static bgp_attr_parse_ret_t
1444 bgp_attr_munge_as4_attrs(struct peer
*const peer
, struct attr
*const attr
,
1445 struct aspath
*as4_path
, as_t as4_aggregator
,
1446 struct in_addr
*as4_aggregator_addr
)
1448 int ignore_as4_path
= 0;
1449 struct aspath
*newpath
;
1451 if (!attr
->aspath
) {
1452 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1454 * checked that all well-known, mandatory attributes were
1457 * Can only be a problem with peer itself - hard error
1459 return BGP_ATTR_PARSE_ERROR
;
1462 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)) {
1463 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1465 * It is worth a warning though, because the peer really
1466 * should not send them
1468 if (BGP_DEBUG(as4
, AS4
)) {
1469 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
)))
1470 zlog_debug("[AS4] %s %s AS4_PATH", peer
->host
,
1471 "AS4 capable peer, yet it sent");
1474 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
)))
1475 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1477 "AS4 capable peer, yet it sent");
1480 return BGP_ATTR_PARSE_PROCEED
;
1483 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1484 * because that may override AS4_PATH
1486 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
))) {
1487 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
))) {
1489 * if the as_number in aggregator is not AS_TRANS,
1490 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1491 * and the Aggregator shall be taken as
1492 * info on the aggregating node, and the AS_PATH
1493 * shall be taken as the AS_PATH
1495 * the Aggregator shall be ignored and the
1496 * AS4_AGGREGATOR shall be taken as the
1497 * Aggregating node and the AS_PATH is to be
1498 * constructed "as in all other cases"
1500 if (attr
->aggregator_as
!= BGP_AS_TRANS
) {
1502 if (BGP_DEBUG(as4
, AS4
))
1504 "[AS4] %s BGP not AS4 capable peer"
1505 " send AGGREGATOR != AS_TRANS and"
1506 " AS4_AGGREGATOR, so ignore"
1507 " AS4_AGGREGATOR and AS4_PATH",
1509 ignore_as4_path
= 1;
1511 /* "New_aggregator shall be taken as aggregator"
1513 attr
->aggregator_as
= as4_aggregator
;
1514 attr
->aggregator_addr
.s_addr
=
1515 as4_aggregator_addr
->s_addr
;
1518 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1519 * That is bogus - but reading the conditions
1520 * we have to handle AS4_AGGREGATOR as if it were
1521 * AGGREGATOR in that case
1523 if (BGP_DEBUG(as4
, AS4
))
1525 "[AS4] %s BGP not AS4 capable peer send"
1526 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1527 " it as if AGGREGATOR with AS_TRANS had been there",
1529 attr
->aggregator_as
= as4_aggregator
;
1530 /* sweep it under the carpet and simulate a "good"
1532 attr
->flag
|= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
));
1536 /* need to reconcile NEW_AS_PATH and AS_PATH */
1537 if (!ignore_as4_path
1538 && (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
)))) {
1539 newpath
= aspath_reconcile_as4(attr
->aspath
, as4_path
);
1541 return BGP_ATTR_PARSE_ERROR
;
1543 aspath_unintern(&attr
->aspath
);
1544 attr
->aspath
= aspath_intern(newpath
);
1546 return BGP_ATTR_PARSE_PROCEED
;
1549 /* Community attribute. */
1550 static bgp_attr_parse_ret_t
1551 bgp_attr_community(struct bgp_attr_parser_args
*args
)
1553 struct peer
*const peer
= args
->peer
;
1554 struct attr
*const attr
= args
->attr
;
1555 const bgp_size_t length
= args
->length
;
1558 attr
->community
= NULL
;
1559 return BGP_ATTR_PARSE_PROCEED
;
1563 community_parse((uint32_t *)stream_pnt(peer
->curr
), length
);
1565 /* XXX: fix community_parse to use stream API and remove this */
1566 stream_forward_getp(peer
->curr
, length
);
1568 if (!attr
->community
)
1569 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1572 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
);
1574 return BGP_ATTR_PARSE_PROCEED
;
1577 /* Originator ID attribute. */
1578 static bgp_attr_parse_ret_t
1579 bgp_attr_originator_id(struct bgp_attr_parser_args
*args
)
1581 struct peer
*const peer
= args
->peer
;
1582 struct attr
*const attr
= args
->attr
;
1583 const bgp_size_t length
= args
->length
;
1587 flog_err(EC_BGP_ATTR_LEN
, "Bad originator ID length %d",
1590 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1594 attr
->originator_id
.s_addr
= stream_get_ipv4(peer
->curr
);
1596 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
);
1598 return BGP_ATTR_PARSE_PROCEED
;
1601 /* Cluster list attribute. */
1602 static bgp_attr_parse_ret_t
1603 bgp_attr_cluster_list(struct bgp_attr_parser_args
*args
)
1605 struct peer
*const peer
= args
->peer
;
1606 struct attr
*const attr
= args
->attr
;
1607 const bgp_size_t length
= args
->length
;
1611 flog_err(EC_BGP_ATTR_LEN
, "Bad cluster list length %d", length
);
1613 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1618 cluster_parse((struct in_addr
*)stream_pnt(peer
->curr
), length
);
1620 /* XXX: Fix cluster_parse to use stream API and then remove this */
1621 stream_forward_getp(peer
->curr
, length
);
1623 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST
);
1625 return BGP_ATTR_PARSE_PROCEED
;
1628 /* Multiprotocol reachability information parse. */
1629 int bgp_mp_reach_parse(struct bgp_attr_parser_args
*args
,
1630 struct bgp_nlri
*mp_update
)
1634 iana_safi_t pkt_safi
;
1636 bgp_size_t nlri_len
;
1639 struct peer
*const peer
= args
->peer
;
1640 struct attr
*const attr
= args
->attr
;
1641 const bgp_size_t length
= args
->length
;
1643 /* Set end of packet. */
1644 s
= BGP_INPUT(peer
);
1645 start
= stream_get_getp(s
);
1647 /* safe to read statically sized header? */
1648 #define BGP_MP_REACH_MIN_SIZE 5
1649 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1650 if ((length
> STREAM_READABLE(s
)) || (length
< BGP_MP_REACH_MIN_SIZE
)) {
1651 zlog_info("%s: %s sent invalid length, %lu", __func__
,
1652 peer
->host
, (unsigned long)length
);
1653 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1656 /* Load AFI, SAFI. */
1657 pkt_afi
= stream_getw(s
);
1658 pkt_safi
= stream_getc(s
);
1660 /* Convert AFI, SAFI to internal values, check. */
1661 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
1662 /* Log if AFI or SAFI is unrecognized. This is not an error
1664 * the attribute is otherwise malformed.
1666 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
1668 "%s: MP_REACH received AFI %u or SAFI %u is unrecognized",
1669 peer
->host
, pkt_afi
, pkt_safi
);
1670 return BGP_ATTR_PARSE_ERROR
;
1673 /* Get nexthop length. */
1674 attr
->mp_nexthop_len
= stream_getc(s
);
1676 if (LEN_LEFT
< attr
->mp_nexthop_len
) {
1678 "%s: %s, MP nexthop length, %u, goes past end of attribute",
1679 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1680 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1683 /* Nexthop length check. */
1684 switch (attr
->mp_nexthop_len
) {
1686 if (safi
!= SAFI_FLOWSPEC
) {
1687 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1688 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1689 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1692 case BGP_ATTR_NHLEN_VPNV4
:
1693 stream_getl(s
); /* RD high */
1694 stream_getl(s
); /* RD low */
1696 * NOTE: intentional fall through
1697 * - for consistency in rx processing
1699 * The following comment is to signal GCC this intention
1700 * and suppress the warning
1703 case BGP_ATTR_NHLEN_IPV4
:
1704 stream_get(&attr
->mp_nexthop_global_in
, s
, IPV4_MAX_BYTELEN
);
1705 /* Probably needed for RFC 2283 */
1706 if (attr
->nexthop
.s_addr
== 0)
1707 memcpy(&attr
->nexthop
.s_addr
,
1708 &attr
->mp_nexthop_global_in
, IPV4_MAX_BYTELEN
);
1710 case BGP_ATTR_NHLEN_IPV6_GLOBAL
:
1711 case BGP_ATTR_NHLEN_VPNV6_GLOBAL
:
1712 if (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_VPNV6_GLOBAL
) {
1713 stream_getl(s
); /* RD high */
1714 stream_getl(s
); /* RD low */
1716 stream_get(&attr
->mp_nexthop_global
, s
, IPV6_MAX_BYTELEN
);
1717 if (IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_global
)) {
1718 if (!peer
->nexthop
.ifp
) {
1719 zlog_warn("%s: Received a V6/VPNV6 Global attribute but address is a V6 LL and we have no peer interface information, withdrawing",
1721 return BGP_ATTR_PARSE_WITHDRAW
;
1723 attr
->nh_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1726 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
:
1727 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
:
1728 if (attr
->mp_nexthop_len
1729 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
) {
1730 stream_getl(s
); /* RD high */
1731 stream_getl(s
); /* RD low */
1733 stream_get(&attr
->mp_nexthop_global
, s
, IPV6_MAX_BYTELEN
);
1734 if (IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_global
)) {
1735 if (!peer
->nexthop
.ifp
) {
1736 zlog_warn("%s: Received V6/VPNV6 Global and LL attribute but global address is a V6 LL and we have no peer interface information, withdrawing",
1738 return BGP_ATTR_PARSE_WITHDRAW
;
1740 attr
->nh_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1742 if (attr
->mp_nexthop_len
1743 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
) {
1744 stream_getl(s
); /* RD high */
1745 stream_getl(s
); /* RD low */
1747 stream_get(&attr
->mp_nexthop_local
, s
, IPV6_MAX_BYTELEN
);
1748 if (!IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_local
)) {
1749 char buf1
[INET6_ADDRSTRLEN
];
1750 char buf2
[INET6_ADDRSTRLEN
];
1752 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
1754 "%s rcvd nexthops %s, %s -- ignoring non-LL value",
1757 &attr
->mp_nexthop_global
,
1758 buf1
, INET6_ADDRSTRLEN
),
1760 &attr
->mp_nexthop_local
, buf2
,
1763 attr
->mp_nexthop_len
= IPV6_MAX_BYTELEN
;
1765 if (!peer
->nexthop
.ifp
) {
1766 zlog_warn("%s: Received a V6 LL nexthop and we have no peer interface information, withdrawing",
1768 return BGP_ATTR_PARSE_WITHDRAW
;
1770 attr
->nh_lla_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1773 zlog_info("%s: (%s) Wrong multiprotocol next hop length: %d",
1774 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1775 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1779 zlog_info("%s: (%s) Failed to read SNPA and NLRI(s)", __func__
,
1781 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1786 if ((val
= stream_getc(s
)))
1788 EC_BGP_DEFUNCT_SNPA_LEN
,
1789 "%s sent non-zero value, %u, for defunct SNPA-length field",
1793 /* must have nrli_len, what is left of the attribute */
1794 nlri_len
= LEN_LEFT
;
1795 if (nlri_len
> STREAM_READABLE(s
)) {
1796 zlog_info("%s: (%s) Failed to read NLRI", __func__
, peer
->host
);
1797 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1801 zlog_info("%s: (%s) No Reachability, Treating as a EOR marker",
1802 __func__
, peer
->host
);
1804 mp_update
->afi
= afi
;
1805 mp_update
->safi
= safi
;
1806 return BGP_ATTR_PARSE_EOR
;
1809 mp_update
->afi
= afi
;
1810 mp_update
->safi
= safi
;
1811 mp_update
->nlri
= stream_pnt(s
);
1812 mp_update
->length
= nlri_len
;
1814 stream_forward_getp(s
, nlri_len
);
1816 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
);
1818 return BGP_ATTR_PARSE_PROCEED
;
1822 /* Multiprotocol unreachable parse */
1823 int bgp_mp_unreach_parse(struct bgp_attr_parser_args
*args
,
1824 struct bgp_nlri
*mp_withdraw
)
1829 iana_safi_t pkt_safi
;
1831 uint16_t withdraw_len
;
1832 struct peer
*const peer
= args
->peer
;
1833 struct attr
*const attr
= args
->attr
;
1834 const bgp_size_t length
= args
->length
;
1838 #define BGP_MP_UNREACH_MIN_SIZE 3
1839 if ((length
> STREAM_READABLE(s
)) || (length
< BGP_MP_UNREACH_MIN_SIZE
))
1840 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1842 pkt_afi
= stream_getw(s
);
1843 pkt_safi
= stream_getc(s
);
1845 /* Convert AFI, SAFI to internal values, check. */
1846 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
1847 /* Log if AFI or SAFI is unrecognized. This is not an error
1849 * the attribute is otherwise malformed.
1851 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
1853 "%s: MP_UNREACH received AFI %u or SAFI %u is unrecognized",
1854 peer
->host
, pkt_afi
, pkt_safi
);
1855 return BGP_ATTR_PARSE_ERROR
;
1858 withdraw_len
= length
- BGP_MP_UNREACH_MIN_SIZE
;
1860 mp_withdraw
->afi
= afi
;
1861 mp_withdraw
->safi
= safi
;
1862 mp_withdraw
->nlri
= stream_pnt(s
);
1863 mp_withdraw
->length
= withdraw_len
;
1865 stream_forward_getp(s
, withdraw_len
);
1867 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
);
1869 return BGP_ATTR_PARSE_PROCEED
;
1872 /* Large Community attribute. */
1873 static bgp_attr_parse_ret_t
1874 bgp_attr_large_community(struct bgp_attr_parser_args
*args
)
1876 struct peer
*const peer
= args
->peer
;
1877 struct attr
*const attr
= args
->attr
;
1878 const bgp_size_t length
= args
->length
;
1881 * Large community follows new attribute format.
1884 attr
->lcommunity
= NULL
;
1885 /* Empty extcomm doesn't seem to be invalid per se */
1886 return BGP_ATTR_PARSE_PROCEED
;
1890 lcommunity_parse((uint8_t *)stream_pnt(peer
->curr
), length
);
1891 /* XXX: fix ecommunity_parse to use stream API */
1892 stream_forward_getp(peer
->curr
, length
);
1894 if (!attr
->lcommunity
)
1895 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1898 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
);
1900 return BGP_ATTR_PARSE_PROCEED
;
1903 /* Extended Community attribute. */
1904 static bgp_attr_parse_ret_t
1905 bgp_attr_ext_communities(struct bgp_attr_parser_args
*args
)
1907 struct peer
*const peer
= args
->peer
;
1908 struct attr
*const attr
= args
->attr
;
1909 const bgp_size_t length
= args
->length
;
1913 attr
->ecommunity
= NULL
;
1914 /* Empty extcomm doesn't seem to be invalid per se */
1915 return BGP_ATTR_PARSE_PROCEED
;
1919 ecommunity_parse((uint8_t *)stream_pnt(peer
->curr
), length
);
1920 /* XXX: fix ecommunity_parse to use stream API */
1921 stream_forward_getp(peer
->curr
, length
);
1923 if (!attr
->ecommunity
)
1924 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1927 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
);
1929 /* Extract MAC mobility sequence number, if any. */
1930 attr
->mm_seqnum
= bgp_attr_mac_mobility_seqnum(attr
, &sticky
);
1931 attr
->sticky
= sticky
;
1933 /* Check if this is a Gateway MAC-IP advertisement */
1934 attr
->default_gw
= bgp_attr_default_gw(attr
);
1936 /* Handle scenario where router flag ecommunity is not
1937 * set but default gw ext community is present.
1938 * Use default gateway, set and propogate R-bit.
1940 if (attr
->default_gw
)
1941 attr
->router_flag
= 1;
1943 /* Check EVPN Neighbor advertisement flags, R-bit */
1944 bgp_attr_evpn_na_flag(attr
, &attr
->router_flag
);
1946 /* Extract the Rmac, if any */
1947 if (bgp_attr_rmac(attr
, &attr
->rmac
)) {
1948 if (bgp_debug_update(peer
, NULL
, NULL
, 1) &&
1949 bgp_mac_exist(&attr
->rmac
)) {
1950 char buf1
[ETHER_ADDR_STRLEN
];
1952 zlog_debug("%s: router mac %s is self mac",
1954 prefix_mac2str(&attr
->rmac
, buf1
,
1960 return BGP_ATTR_PARSE_PROCEED
;
1963 /* Parse Tunnel Encap attribute in an UPDATE */
1964 static int bgp_attr_encap(uint8_t type
, struct peer
*peer
, /* IN */
1965 bgp_size_t length
, /* IN: attr's length field */
1966 struct attr
*attr
, /* IN: caller already allocated */
1967 uint8_t flag
, /* IN: attr's flags field */
1971 uint16_t tunneltype
= 0;
1973 total
= length
+ (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
) ? 4 : 3);
1975 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_TRANS
)
1976 || !CHECK_FLAG(flag
, BGP_ATTR_FLAG_OPTIONAL
)) {
1978 "Tunnel Encap attribute flag isn't optional and transitive %d",
1980 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
1981 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR
,
1986 if (BGP_ATTR_ENCAP
== type
) {
1987 /* read outer TLV type and length */
1988 uint16_t tlv_length
;
1992 "Tunnel Encap attribute not long enough to contain outer T,L");
1993 bgp_notify_send_with_data(
1994 peer
, BGP_NOTIFY_UPDATE_ERR
,
1995 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
, startp
, total
);
1998 tunneltype
= stream_getw(BGP_INPUT(peer
));
1999 tlv_length
= stream_getw(BGP_INPUT(peer
));
2002 if (tlv_length
!= length
) {
2003 zlog_info("%s: tlv_length(%d) != length(%d)", __func__
,
2004 tlv_length
, length
);
2008 while (length
>= 4) {
2009 uint16_t subtype
= 0;
2010 uint16_t sublength
= 0;
2011 struct bgp_attr_encap_subtlv
*tlv
;
2013 if (BGP_ATTR_ENCAP
== type
) {
2014 subtype
= stream_getc(BGP_INPUT(peer
));
2015 sublength
= stream_getc(BGP_INPUT(peer
));
2019 subtype
= stream_getw(BGP_INPUT(peer
));
2020 sublength
= stream_getw(BGP_INPUT(peer
));
2025 if (sublength
> length
) {
2027 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2029 bgp_notify_send_with_data(
2030 peer
, BGP_NOTIFY_UPDATE_ERR
,
2031 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
, startp
, total
);
2035 /* alloc and copy sub-tlv */
2036 /* TBD make sure these are freed when attributes are released */
2037 tlv
= XCALLOC(MTYPE_ENCAP_TLV
,
2038 sizeof(struct bgp_attr_encap_subtlv
) + sublength
);
2039 tlv
->type
= subtype
;
2040 tlv
->length
= sublength
;
2041 stream_get(tlv
->value
, peer
->curr
, sublength
);
2042 length
-= sublength
;
2044 /* attach tlv to encap chain */
2045 if (BGP_ATTR_ENCAP
== type
) {
2046 struct bgp_attr_encap_subtlv
*stlv_last
;
2047 for (stlv_last
= attr
->encap_subtlvs
;
2048 stlv_last
&& stlv_last
->next
;
2049 stlv_last
= stlv_last
->next
)
2052 stlv_last
->next
= tlv
;
2054 attr
->encap_subtlvs
= tlv
;
2058 struct bgp_attr_encap_subtlv
*stlv_last
;
2059 for (stlv_last
= attr
->vnc_subtlvs
;
2060 stlv_last
&& stlv_last
->next
;
2061 stlv_last
= stlv_last
->next
)
2064 stlv_last
->next
= tlv
;
2066 attr
->vnc_subtlvs
= tlv
;
2072 if (BGP_ATTR_ENCAP
== type
) {
2073 attr
->encap_tunneltype
= tunneltype
;
2077 /* spurious leftover data */
2079 "Tunnel Encap attribute length is bad: %d leftover octets",
2081 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2082 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2091 * Read an individual SID value returning how much data we have read
2092 * Returns 0 if there was an error that needs to be passed up the stack
2094 static bgp_attr_parse_ret_t
bgp_attr_psid_sub(int32_t type
,
2096 struct bgp_attr_parser_args
*args
,
2097 struct bgp_nlri
*mp_update
)
2099 struct peer
*const peer
= args
->peer
;
2100 struct attr
*const attr
= args
->attr
;
2101 uint32_t label_index
;
2102 struct in6_addr ipv6_sid
;
2104 uint32_t srgb_range
;
2107 if (type
== BGP_PREFIX_SID_LABEL_INDEX
) {
2108 if (length
!= BGP_PREFIX_SID_LABEL_INDEX_LENGTH
) {
2111 "Prefix SID label index length is %d instead of %d",
2112 length
, BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
2113 return bgp_attr_malformed(args
,
2114 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2118 /* Ignore flags and reserved */
2119 stream_getc(peer
->curr
);
2120 stream_getw(peer
->curr
);
2122 /* Fetch the label index and see if it is valid. */
2123 label_index
= stream_getl(peer
->curr
);
2124 if (label_index
== BGP_INVALID_LABEL_INDEX
)
2125 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2128 /* Store label index; subsequently, we'll check on
2130 attr
->label_index
= label_index
;
2133 * Ignore the Label index attribute unless received for
2137 if (!mp_update
->length
2138 || mp_update
->safi
!= SAFI_LABELED_UNICAST
)
2139 attr
->label_index
= BGP_INVALID_LABEL_INDEX
;
2142 /* Placeholder code for the IPv6 SID type */
2143 else if (type
== BGP_PREFIX_SID_IPV6
) {
2144 if (length
!= BGP_PREFIX_SID_IPV6_LENGTH
) {
2145 flog_err(EC_BGP_ATTR_LEN
,
2146 "Prefix SID IPv6 length is %d instead of %d",
2147 length
, BGP_PREFIX_SID_IPV6_LENGTH
);
2148 return bgp_attr_malformed(args
,
2149 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2153 /* Ignore reserved */
2154 stream_getc(peer
->curr
);
2155 stream_getw(peer
->curr
);
2157 stream_get(&ipv6_sid
, peer
->curr
, 16);
2160 /* Placeholder code for the Originator SRGB type */
2161 else if (type
== BGP_PREFIX_SID_ORIGINATOR_SRGB
) {
2163 stream_getw(peer
->curr
);
2167 if (length
% BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
) {
2170 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2171 length
, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
);
2172 return bgp_attr_malformed(
2173 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2177 srgb_count
= length
/ BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
;
2179 for (int i
= 0; i
< srgb_count
; i
++) {
2180 stream_get(&srgb_base
, peer
->curr
, 3);
2181 stream_get(&srgb_range
, peer
->curr
, 3);
2185 return BGP_ATTR_PARSE_PROCEED
;
2188 /* Prefix SID attribute
2189 * draft-ietf-idr-bgp-prefix-sid-05
2191 bgp_attr_parse_ret_t
2192 bgp_attr_prefix_sid(int32_t tlength
, struct bgp_attr_parser_args
*args
,
2193 struct bgp_nlri
*mp_update
)
2195 struct peer
*const peer
= args
->peer
;
2196 struct attr
*const attr
= args
->attr
;
2197 bgp_attr_parse_ret_t ret
;
2199 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
);
2202 int32_t type
, length
;
2204 type
= stream_getc(peer
->curr
);
2205 length
= stream_getw(peer
->curr
);
2207 ret
= bgp_attr_psid_sub(type
, length
, args
, mp_update
);
2209 if (ret
!= BGP_ATTR_PARSE_PROCEED
)
2212 * Subtract length + the T and the L
2213 * since length is the Vector portion
2215 tlength
-= length
+ 3;
2220 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2222 return bgp_attr_malformed(args
,
2223 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2228 return BGP_ATTR_PARSE_PROCEED
;
2231 /* PMSI tunnel attribute (RFC 6514)
2232 * Basic validation checks done here.
2234 static bgp_attr_parse_ret_t
2235 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args
*args
)
2237 struct peer
*const peer
= args
->peer
;
2238 struct attr
*const attr
= args
->attr
;
2239 const bgp_size_t length
= args
->length
;
2241 int attr_parse_len
= 2 + BGP_LABEL_BYTES
;
2243 /* Verify that the receiver is expecting "ingress replication" as we
2244 * can only support that.
2246 if (length
< attr_parse_len
) {
2247 flog_err(EC_BGP_ATTR_LEN
, "Bad PMSI tunnel attribute length %d",
2249 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2252 stream_getc(peer
->curr
); /* Flags */
2253 tnl_type
= stream_getc(peer
->curr
);
2254 if (tnl_type
> PMSI_TNLTYPE_MAX
) {
2255 flog_err(EC_BGP_ATTR_PMSI_TYPE
,
2256 "Invalid PMSI tunnel attribute type %d", tnl_type
);
2257 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2260 if (tnl_type
== PMSI_TNLTYPE_INGR_REPL
) {
2262 flog_err(EC_BGP_ATTR_PMSI_LEN
,
2263 "Bad PMSI tunnel attribute length %d for IR",
2265 return bgp_attr_malformed(
2266 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2271 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL
);
2272 attr
->pmsi_tnl_type
= tnl_type
;
2273 stream_get(&attr
->label
, peer
->curr
, BGP_LABEL_BYTES
);
2275 /* Forward read pointer of input stream. */
2276 stream_forward_getp(peer
->curr
, length
- attr_parse_len
);
2278 return BGP_ATTR_PARSE_PROCEED
;
2281 /* BGP unknown attribute treatment. */
2282 static bgp_attr_parse_ret_t
bgp_attr_unknown(struct bgp_attr_parser_args
*args
)
2284 bgp_size_t total
= args
->total
;
2285 struct transit
*transit
;
2286 struct peer
*const peer
= args
->peer
;
2287 struct attr
*const attr
= args
->attr
;
2288 uint8_t *const startp
= args
->startp
;
2289 const uint8_t type
= args
->type
;
2290 const uint8_t flag
= args
->flags
;
2291 const bgp_size_t length
= args
->length
;
2293 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
2295 "%s Unknown attribute is received (type %d, length %d)",
2296 peer
->host
, type
, length
);
2298 /* Forward read pointer of input stream. */
2299 stream_forward_getp(peer
->curr
, length
);
2301 /* If any of the mandatory well-known attributes are not recognized,
2302 then the Error Subcode is set to Unrecognized Well-known
2303 Attribute. The Data field contains the unrecognized attribute
2304 (type, length and value). */
2305 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_OPTIONAL
)) {
2306 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_UNREC_ATTR
,
2310 /* Unrecognized non-transitive optional attributes must be quietly
2311 ignored and not passed along to other BGP peers. */
2312 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_TRANS
))
2313 return BGP_ATTR_PARSE_PROCEED
;
2315 /* If a path with recognized transitive optional attribute is
2316 accepted and passed along to other BGP peers and the Partial bit
2317 in the Attribute Flags octet is set to 1 by some previous AS, it
2318 is not set back to 0 by the current AS. */
2319 SET_FLAG(*startp
, BGP_ATTR_FLAG_PARTIAL
);
2321 /* Store transitive attribute to the end of attr->transit. */
2323 attr
->transit
= XCALLOC(MTYPE_TRANSIT
, sizeof(struct transit
));
2325 transit
= attr
->transit
;
2328 transit
->val
= XREALLOC(MTYPE_TRANSIT_VAL
, transit
->val
,
2329 transit
->length
+ total
);
2331 transit
->val
= XMALLOC(MTYPE_TRANSIT_VAL
, total
);
2333 memcpy(transit
->val
+ transit
->length
, startp
, total
);
2334 transit
->length
+= total
;
2336 return BGP_ATTR_PARSE_PROCEED
;
2339 /* Well-known attribute check. */
2340 static int bgp_attr_check(struct peer
*peer
, struct attr
*attr
)
2344 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2346 if (CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
) && !attr
->flag
)
2347 return BGP_ATTR_PARSE_PROCEED
;
2349 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2350 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2351 are present, it should. Check for any other attribute being present
2354 if ((!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
)) &&
2355 CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
))))
2356 return BGP_ATTR_PARSE_PROCEED
;
2358 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
)))
2359 type
= BGP_ATTR_ORIGIN
;
2361 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
)))
2362 type
= BGP_ATTR_AS_PATH
;
2364 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2366 * NLRI is empty. We can't easily check NLRI empty here though.
2368 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
))
2369 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
)))
2370 type
= BGP_ATTR_NEXT_HOP
;
2372 if (peer
->sort
== BGP_PEER_IBGP
2373 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
)))
2374 type
= BGP_ATTR_LOCAL_PREF
;
2377 flog_warn(EC_BGP_MISSING_ATTRIBUTE
,
2378 "%s Missing well-known attribute %s.", peer
->host
,
2379 lookup_msg(attr_str
, type
, NULL
));
2380 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2381 BGP_NOTIFY_UPDATE_MISS_ATTR
, &type
,
2383 return BGP_ATTR_PARSE_ERROR
;
2385 return BGP_ATTR_PARSE_PROCEED
;
2388 /* Read attribute of update packet. This function is called from
2389 bgp_update_receive() in bgp_packet.c. */
2390 bgp_attr_parse_ret_t
bgp_attr_parse(struct peer
*peer
, struct attr
*attr
,
2391 bgp_size_t size
, struct bgp_nlri
*mp_update
,
2392 struct bgp_nlri
*mp_withdraw
)
2394 bgp_attr_parse_ret_t ret
;
2398 uint8_t *startp
, *endp
;
2400 uint8_t seen
[BGP_ATTR_BITMAP_SIZE
];
2401 /* we need the as4_path only until we have synthesized the as_path with
2403 /* same goes for as4_aggregator */
2404 struct aspath
*as4_path
= NULL
;
2405 as_t as4_aggregator
= 0;
2406 struct in_addr as4_aggregator_addr
= {.s_addr
= 0};
2408 /* Initialize bitmap. */
2409 memset(seen
, 0, BGP_ATTR_BITMAP_SIZE
);
2411 /* End pointer of BGP attribute. */
2412 endp
= BGP_INPUT_PNT(peer
) + size
;
2414 /* Get attributes to the end of attribute length. */
2415 while (BGP_INPUT_PNT(peer
) < endp
) {
2416 /* Check remaining length check.*/
2417 if (endp
- BGP_INPUT_PNT(peer
) < BGP_ATTR_MIN_LEN
) {
2418 /* XXX warning: long int format, int arg (arg 5) */
2420 EC_BGP_ATTRIBUTE_TOO_SMALL
,
2421 "%s: error BGP attribute length %lu is smaller than min len",
2423 (unsigned long)(endp
2424 - stream_pnt(BGP_INPUT(peer
))));
2426 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2427 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2428 return BGP_ATTR_PARSE_ERROR
;
2431 /* Fetch attribute flag and type. */
2432 startp
= BGP_INPUT_PNT(peer
);
2433 /* "The lower-order four bits of the Attribute Flags octet are
2434 unused. They MUST be zero when sent and MUST be ignored when
2436 flag
= 0xF0 & stream_getc(BGP_INPUT(peer
));
2437 type
= stream_getc(BGP_INPUT(peer
));
2439 /* Check whether Extended-Length applies and is in bounds */
2440 if (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
)
2441 && ((endp
- startp
) < (BGP_ATTR_MIN_LEN
+ 1))) {
2443 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL
,
2444 "%s: Extended length set, but just %lu bytes of attr header",
2446 (unsigned long)(endp
2447 - stream_pnt(BGP_INPUT(peer
))));
2449 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2450 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2451 return BGP_ATTR_PARSE_ERROR
;
2454 /* Check extended attribue length bit. */
2455 if (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
))
2456 length
= stream_getw(BGP_INPUT(peer
));
2458 length
= stream_getc(BGP_INPUT(peer
));
2460 /* If any attribute appears more than once in the UPDATE
2461 message, then the Error Subcode is set to Malformed Attribute
2464 if (CHECK_BITMAP(seen
, type
)) {
2466 EC_BGP_ATTRIBUTE_REPEATED
,
2467 "%s: error BGP attribute type %d appears twice in a message",
2470 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2471 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2472 return BGP_ATTR_PARSE_ERROR
;
2475 /* Set type to bitmap to check duplicate attribute. `type' is
2476 unsigned char so it never overflow bitmap range. */
2478 SET_BITMAP(seen
, type
);
2480 /* Overflow check. */
2481 attr_endp
= BGP_INPUT_PNT(peer
) + length
;
2483 if (attr_endp
> endp
) {
2485 EC_BGP_ATTRIBUTE_TOO_LARGE
,
2486 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2487 peer
->host
, type
, length
, size
, attr_endp
,
2491 * If any recognized attribute has an Attribute
2492 * Length that conflicts with the expected length
2493 * (based on the attribute type code), then the
2494 * Error Subcode MUST be set to Attribute Length
2495 * Error. The Data field MUST contain the erroneous
2496 * attribute (type, length, and value).
2498 * We do not currently have a good way to determine the
2499 * length of the attribute independent of the length
2500 * received in the message. Instead we send the
2501 * minimum between the amount of data we have and the
2502 * amount specified by the attribute length field.
2504 * Instead of directly passing in the packet buffer and
2505 * offset we use the stream_get* functions to read into
2506 * a stack buffer, since they perform bounds checking
2507 * and we are working with untrusted data.
2509 unsigned char ndata
[BGP_MAX_PACKET_SIZE
];
2510 memset(ndata
, 0x00, sizeof(ndata
));
2512 CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
) ? 2 : 1;
2513 /* Rewind to end of flag field */
2514 stream_forward_getp(BGP_INPUT(peer
), -(1 + lfl
));
2516 stream_get(&ndata
[0], BGP_INPUT(peer
), 1);
2518 stream_get(&ndata
[1], BGP_INPUT(peer
), lfl
);
2520 size_t atl
= attr_endp
- startp
;
2521 size_t ndl
= MIN(atl
, STREAM_READABLE(BGP_INPUT(peer
)));
2522 stream_get(&ndata
[lfl
+ 1], BGP_INPUT(peer
), ndl
);
2524 bgp_notify_send_with_data(
2525 peer
, BGP_NOTIFY_UPDATE_ERR
,
2526 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
, ndata
,
2529 return BGP_ATTR_PARSE_ERROR
;
2532 struct bgp_attr_parser_args attr_args
= {
2539 .total
= attr_endp
- startp
,
2543 /* If any recognized attribute has Attribute Flags that conflict
2544 with the Attribute Type Code, then the Error Subcode is set
2546 Attribute Flags Error. The Data field contains the erroneous
2547 attribute (type, length and value). */
2548 if (bgp_attr_flag_invalid(&attr_args
)) {
2549 ret
= bgp_attr_malformed(
2550 &attr_args
, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR
,
2552 if (ret
== BGP_ATTR_PARSE_PROCEED
)
2557 /* OK check attribute and store it's value. */
2559 case BGP_ATTR_ORIGIN
:
2560 ret
= bgp_attr_origin(&attr_args
);
2562 case BGP_ATTR_AS_PATH
:
2563 ret
= bgp_attr_aspath(&attr_args
);
2565 case BGP_ATTR_AS4_PATH
:
2566 ret
= bgp_attr_as4_path(&attr_args
, &as4_path
);
2568 case BGP_ATTR_NEXT_HOP
:
2569 ret
= bgp_attr_nexthop(&attr_args
);
2571 case BGP_ATTR_MULTI_EXIT_DISC
:
2572 ret
= bgp_attr_med(&attr_args
);
2574 case BGP_ATTR_LOCAL_PREF
:
2575 ret
= bgp_attr_local_pref(&attr_args
);
2577 case BGP_ATTR_ATOMIC_AGGREGATE
:
2578 ret
= bgp_attr_atomic(&attr_args
);
2580 case BGP_ATTR_AGGREGATOR
:
2581 ret
= bgp_attr_aggregator(&attr_args
);
2583 case BGP_ATTR_AS4_AGGREGATOR
:
2584 ret
= bgp_attr_as4_aggregator(&attr_args
,
2586 &as4_aggregator_addr
);
2588 case BGP_ATTR_COMMUNITIES
:
2589 ret
= bgp_attr_community(&attr_args
);
2591 case BGP_ATTR_LARGE_COMMUNITIES
:
2592 ret
= bgp_attr_large_community(&attr_args
);
2594 case BGP_ATTR_ORIGINATOR_ID
:
2595 ret
= bgp_attr_originator_id(&attr_args
);
2597 case BGP_ATTR_CLUSTER_LIST
:
2598 ret
= bgp_attr_cluster_list(&attr_args
);
2600 case BGP_ATTR_MP_REACH_NLRI
:
2601 ret
= bgp_mp_reach_parse(&attr_args
, mp_update
);
2603 case BGP_ATTR_MP_UNREACH_NLRI
:
2604 ret
= bgp_mp_unreach_parse(&attr_args
, mp_withdraw
);
2606 case BGP_ATTR_EXT_COMMUNITIES
:
2607 ret
= bgp_attr_ext_communities(&attr_args
);
2609 #if ENABLE_BGP_VNC_ATTR
2612 case BGP_ATTR_ENCAP
:
2613 ret
= bgp_attr_encap(type
, peer
, length
, attr
, flag
,
2616 case BGP_ATTR_PREFIX_SID
:
2617 ret
= bgp_attr_prefix_sid(length
,
2618 &attr_args
, mp_update
);
2620 case BGP_ATTR_PMSI_TUNNEL
:
2621 ret
= bgp_attr_pmsi_tunnel(&attr_args
);
2624 ret
= bgp_attr_unknown(&attr_args
);
2628 if (ret
== BGP_ATTR_PARSE_ERROR_NOTIFYPLS
) {
2629 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2630 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2631 ret
= BGP_ATTR_PARSE_ERROR
;
2634 if (ret
== BGP_ATTR_PARSE_EOR
) {
2636 aspath_unintern(&as4_path
);
2640 /* If hard error occurred immediately return to the caller. */
2641 if (ret
== BGP_ATTR_PARSE_ERROR
) {
2642 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR
,
2643 "%s: Attribute %s, parse error", peer
->host
,
2644 lookup_msg(attr_str
, type
, NULL
));
2646 aspath_unintern(&as4_path
);
2649 if (ret
== BGP_ATTR_PARSE_WITHDRAW
) {
2652 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW
,
2653 "%s: Attribute %s, parse error - treating as withdrawal",
2654 peer
->host
, lookup_msg(attr_str
, type
, NULL
));
2656 aspath_unintern(&as4_path
);
2660 /* Check the fetched length. */
2661 if (BGP_INPUT_PNT(peer
) != attr_endp
) {
2662 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR
,
2663 "%s: BGP attribute %s, fetch error",
2664 peer
->host
, lookup_msg(attr_str
, type
, NULL
));
2665 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2666 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2668 aspath_unintern(&as4_path
);
2669 return BGP_ATTR_PARSE_ERROR
;
2673 /* Check final read pointer is same as end pointer. */
2674 if (BGP_INPUT_PNT(peer
) != endp
) {
2675 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH
,
2676 "%s: BGP attribute %s, length mismatch", peer
->host
,
2677 lookup_msg(attr_str
, type
, NULL
));
2678 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2679 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2681 aspath_unintern(&as4_path
);
2682 return BGP_ATTR_PARSE_ERROR
;
2686 * RFC4271: If the NEXT_HOP attribute field is syntactically incorrect,
2687 * then the Error Subcode MUST be set to Invalid NEXT_HOP Attribute.
2688 * This is implemented below and will result in a NOTIFICATION. If the
2689 * NEXT_HOP attribute is semantically incorrect, the error SHOULD be
2690 * logged, and the route SHOULD be ignored. In this case, a NOTIFICATION
2691 * message SHOULD NOT be sent. This is implemented elsewhere.
2693 * RFC4760: An UPDATE message that carries no NLRI, other than the one
2694 * encoded in the MP_REACH_NLRI attribute, SHOULD NOT carry the NEXT_HOP
2695 * attribute. If such a message contains the NEXT_HOP attribute, the BGP
2696 * speaker that receives the message SHOULD ignore this attribute.
2698 if (CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
))
2699 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
))) {
2700 if (bgp_attr_nexthop_valid(peer
, attr
) < 0) {
2701 return BGP_ATTR_PARSE_ERROR
;
2705 /* Check all mandatory well-known attributes are present */
2706 if ((ret
= bgp_attr_check(peer
, attr
)) < 0) {
2708 aspath_unintern(&as4_path
);
2713 * At this place we can see whether we got AS4_PATH and/or
2714 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2715 * We can not do this before we've read all attributes because
2716 * the as4 handling does not say whether AS4_PATH has to be sent
2717 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2718 * in relationship to AGGREGATOR.
2719 * So, to be defensive, we are not relying on any order and read
2720 * all attributes first, including these 32bit ones, and now,
2721 * afterwards, we look what and if something is to be done for as4.
2723 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2726 /* actually... this doesn't ever return failure currently, but
2727 * better safe than sorry */
2728 if (CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
))
2729 && bgp_attr_munge_as4_attrs(peer
, attr
, as4_path
, as4_aggregator
,
2730 &as4_aggregator_addr
)) {
2731 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2732 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2734 aspath_unintern(&as4_path
);
2735 return BGP_ATTR_PARSE_ERROR
;
2738 /* At this stage, we have done all fiddling with as4, and the
2739 * resulting info is in attr->aggregator resp. attr->aspath
2740 * so we can chuck as4_aggregator and as4_path alltogether in
2741 * order to save memory
2744 aspath_unintern(&as4_path
); /* unintern - it is in the hash */
2745 /* The flag that we got this is still there, but that does not
2750 * The "rest" of the code does nothing with as4_aggregator.
2751 * there is no memory attached specifically which is not part
2753 * so ignoring just means do nothing.
2756 * Finally do the checks on the aspath we did not do yet
2757 * because we waited for a potentially synthesized aspath.
2759 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
))) {
2760 ret
= bgp_attr_aspath_check(peer
, attr
);
2761 if (ret
!= BGP_ATTR_PARSE_PROCEED
)
2764 /* Finally intern unknown attribute. */
2766 attr
->transit
= transit_intern(attr
->transit
);
2767 if (attr
->encap_subtlvs
)
2768 attr
->encap_subtlvs
=
2769 encap_intern(attr
->encap_subtlvs
, ENCAP_SUBTLV_TYPE
);
2771 if (attr
->vnc_subtlvs
)
2773 encap_intern(attr
->vnc_subtlvs
, VNC_SUBTLV_TYPE
);
2776 return BGP_ATTR_PARSE_PROCEED
;
2779 size_t bgp_packet_mpattr_start(struct stream
*s
, struct peer
*peer
, afi_t afi
,
2780 safi_t safi
, struct bpacket_attr_vec_arr
*vecarr
,
2785 iana_safi_t pkt_safi
;
2788 /* Set extended bit always to encode the attribute length as 2 bytes */
2789 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_EXTLEN
);
2790 stream_putc(s
, BGP_ATTR_MP_REACH_NLRI
);
2791 sizep
= stream_get_endp(s
);
2792 stream_putw(s
, 0); /* Marker: Attribute length. */
2795 /* Convert AFI, SAFI to values for packet. */
2796 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
2798 stream_putw(s
, pkt_afi
); /* AFI */
2799 stream_putc(s
, pkt_safi
); /* SAFI */
2803 && (safi
== SAFI_UNICAST
|| safi
== SAFI_LABELED_UNICAST
))
2804 nh_afi
= peer_cap_enhe(peer
, afi
, safi
) ? AFI_IP6
: AFI_IP
;
2806 nh_afi
= BGP_NEXTHOP_AFI_FROM_NHLEN(attr
->mp_nexthop_len
);
2809 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
, attr
);
2814 case SAFI_MULTICAST
:
2815 case SAFI_LABELED_UNICAST
:
2817 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
2821 stream_putl(s
, 0); /* RD = 0, per RFC */
2823 stream_put(s
, &attr
->mp_nexthop_global_in
, 4);
2828 stream_put(s
, &attr
->mp_nexthop_global_in
, 4);
2831 stream_putc(s
, 0); /* no nexthop for flowspec */
2839 case SAFI_MULTICAST
:
2840 case SAFI_LABELED_UNICAST
:
2842 if (attr
->mp_nexthop_len
2843 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
) {
2845 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
);
2846 stream_put(s
, &attr
->mp_nexthop_global
,
2848 stream_put(s
, &attr
->mp_nexthop_local
,
2851 stream_putc(s
, IPV6_MAX_BYTELEN
);
2852 stream_put(s
, &attr
->mp_nexthop_global
,
2856 case SAFI_MPLS_VPN
: {
2857 if (attr
->mp_nexthop_len
2858 == BGP_ATTR_NHLEN_IPV6_GLOBAL
) {
2860 stream_putl(s
, 0); /* RD = 0, per RFC */
2862 stream_put(s
, &attr
->mp_nexthop_global
,
2864 } else if (attr
->mp_nexthop_len
2865 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
) {
2867 stream_putl(s
, 0); /* RD = 0, per RFC */
2869 stream_put(s
, &attr
->mp_nexthop_global
,
2871 stream_putl(s
, 0); /* RD = 0, per RFC */
2873 stream_put(s
, &attr
->mp_nexthop_local
,
2878 stream_putc(s
, IPV6_MAX_BYTELEN
);
2879 stream_put(s
, &attr
->mp_nexthop_global
,
2883 stream_putc(s
, 0); /* no nexthop for flowspec */
2889 if (safi
!= SAFI_FLOWSPEC
)
2891 EC_BGP_ATTR_NH_SEND_LEN
,
2892 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
2893 peer
->host
, afi
, safi
, attr
->mp_nexthop_len
);
2902 void bgp_packet_mpattr_prefix(struct stream
*s
, afi_t afi
, safi_t safi
,
2903 struct prefix
*p
, struct prefix_rd
*prd
,
2904 mpls_label_t
*label
, uint32_t num_labels
,
2905 int addpath_encode
, uint32_t addpath_tx_id
,
2908 if (safi
== SAFI_MPLS_VPN
) {
2910 stream_putl(s
, addpath_tx_id
);
2911 /* Label, RD, Prefix write. */
2912 stream_putc(s
, p
->prefixlen
+ 88);
2913 stream_put(s
, label
, BGP_LABEL_BYTES
);
2914 stream_put(s
, prd
->val
, 8);
2915 stream_put(s
, &p
->u
.prefix
, PSIZE(p
->prefixlen
));
2916 } else if (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
) {
2917 /* EVPN prefix - contents depend on type */
2918 bgp_evpn_encode_prefix(s
, p
, prd
, label
, num_labels
, attr
,
2919 addpath_encode
, addpath_tx_id
);
2920 } else if (safi
== SAFI_LABELED_UNICAST
) {
2921 /* Prefix write with label. */
2922 stream_put_labeled_prefix(s
, p
, label
);
2923 } else if (safi
== SAFI_FLOWSPEC
) {
2924 if (PSIZE (p
->prefixlen
)+2 < FLOWSPEC_NLRI_SIZELIMIT
)
2925 stream_putc(s
, PSIZE (p
->prefixlen
)+2);
2927 stream_putw(s
, (PSIZE (p
->prefixlen
)+2)|(0xf<<12));
2928 stream_putc(s
, 2);/* Filter type */
2929 stream_putc(s
, p
->prefixlen
);/* Prefix length */
2930 stream_put(s
, &p
->u
.prefix
, PSIZE (p
->prefixlen
));
2932 stream_put_prefix_addpath(s
, p
, addpath_encode
, addpath_tx_id
);
2935 size_t bgp_packet_mpattr_prefix_size(afi_t afi
, safi_t safi
, struct prefix
*p
)
2937 int size
= PSIZE(p
->prefixlen
);
2938 if (safi
== SAFI_MPLS_VPN
)
2940 else if (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
)
2941 size
+= 232; // TODO: Maximum possible for type-2, type-3 and
2947 * Encodes the tunnel encapsulation attribute,
2948 * and with ENABLE_BGP_VNC the VNC attribute which uses
2949 * almost the same TLV format
2951 static void bgp_packet_mpattr_tea(struct bgp
*bgp
, struct peer
*peer
,
2952 struct stream
*s
, struct attr
*attr
,
2955 unsigned int attrlenfield
= 0;
2956 unsigned int attrhdrlen
= 0;
2957 struct bgp_attr_encap_subtlv
*subtlvs
;
2958 struct bgp_attr_encap_subtlv
*st
;
2959 const char *attrname
;
2961 if (!attr
|| (attrtype
== BGP_ATTR_ENCAP
2962 && (!attr
->encap_tunneltype
2963 || attr
->encap_tunneltype
== BGP_ENCAP_TYPE_MPLS
)))
2967 case BGP_ATTR_ENCAP
:
2968 attrname
= "Tunnel Encap";
2969 subtlvs
= attr
->encap_subtlvs
;
2970 if (subtlvs
== NULL
) /* nothing to do */
2973 * The tunnel encap attr has an "outer" tlv.
2975 * L = total length of subtlvs,
2976 * V = concatenated subtlvs.
2978 attrlenfield
= 2 + 2; /* T + L */
2979 attrhdrlen
= 1 + 1; /* subTLV T + L */
2982 #if ENABLE_BGP_VNC_ATTR
2985 subtlvs
= attr
->vnc_subtlvs
;
2986 if (subtlvs
== NULL
) /* nothing to do */
2988 attrlenfield
= 0; /* no outer T + L */
2989 attrhdrlen
= 2 + 2; /* subTLV T + L */
2997 /* compute attr length */
2998 for (st
= subtlvs
; st
; st
= st
->next
) {
2999 attrlenfield
+= (attrhdrlen
+ st
->length
);
3002 if (attrlenfield
> 0xffff) {
3003 zlog_info("%s attribute is too long (length=%d), can't send it",
3004 attrname
, attrlenfield
);
3008 if (attrlenfield
> 0xff) {
3009 /* 2-octet length field */
3011 BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
3012 | BGP_ATTR_FLAG_EXTLEN
);
3013 stream_putc(s
, attrtype
);
3014 stream_putw(s
, attrlenfield
& 0xffff);
3016 /* 1-octet length field */
3017 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
);
3018 stream_putc(s
, attrtype
);
3019 stream_putc(s
, attrlenfield
& 0xff);
3022 if (attrtype
== BGP_ATTR_ENCAP
) {
3023 /* write outer T+L */
3024 stream_putw(s
, attr
->encap_tunneltype
);
3025 stream_putw(s
, attrlenfield
- 4);
3028 /* write each sub-tlv */
3029 for (st
= subtlvs
; st
; st
= st
->next
) {
3030 if (attrtype
== BGP_ATTR_ENCAP
) {
3031 stream_putc(s
, st
->type
);
3032 stream_putc(s
, st
->length
);
3035 stream_putw(s
, st
->type
);
3036 stream_putw(s
, st
->length
);
3039 stream_put(s
, st
->value
, st
->length
);
3043 void bgp_packet_mpattr_end(struct stream
*s
, size_t sizep
)
3045 /* Set MP attribute length. Don't count the (2) bytes used to encode
3047 stream_putw_at(s
, sizep
, (stream_get_endp(s
) - sizep
) - 2);
3050 static int bgp_append_local_as(struct peer
*peer
, afi_t afi
, safi_t safi
)
3052 if (!BGP_AS_IS_PRIVATE(peer
->local_as
)
3053 || (BGP_AS_IS_PRIVATE(peer
->local_as
)
3054 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3055 PEER_FLAG_REMOVE_PRIVATE_AS
)
3056 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3057 PEER_FLAG_REMOVE_PRIVATE_AS_ALL
)
3058 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3059 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE
)
3060 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3061 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE
)))
3066 /* Make attribute packet. */
3067 bgp_size_t
bgp_packet_attribute(struct bgp
*bgp
, struct peer
*peer
,
3068 struct stream
*s
, struct attr
*attr
,
3069 struct bpacket_attr_vec_arr
*vecarr
,
3070 struct prefix
*p
, afi_t afi
, safi_t safi
,
3071 struct peer
*from
, struct prefix_rd
*prd
,
3072 mpls_label_t
*label
, uint32_t num_labels
,
3073 int addpath_encode
, uint32_t addpath_tx_id
)
3076 size_t aspath_sizep
;
3077 struct aspath
*aspath
;
3078 int send_as4_path
= 0;
3079 int send_as4_aggregator
= 0;
3080 int use32bit
= (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)) ? 1 : 0;
3085 /* Remember current pointer. */
3086 cp
= stream_get_endp(s
);
3089 && !((afi
== AFI_IP
&& safi
== SAFI_UNICAST
)
3090 && !peer_cap_enhe(peer
, afi
, safi
))) {
3091 size_t mpattrlen_pos
= 0;
3093 mpattrlen_pos
= bgp_packet_mpattr_start(s
, peer
, afi
, safi
,
3095 bgp_packet_mpattr_prefix(s
, afi
, safi
, p
, prd
, label
,
3096 num_labels
, addpath_encode
,
3097 addpath_tx_id
, attr
);
3098 bgp_packet_mpattr_end(s
, mpattrlen_pos
);
3101 /* Origin attribute. */
3102 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3103 stream_putc(s
, BGP_ATTR_ORIGIN
);
3105 stream_putc(s
, attr
->origin
);
3107 /* AS path attribute. */
3109 /* If remote-peer is EBGP */
3110 if (peer
->sort
== BGP_PEER_EBGP
3111 && (!CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3112 PEER_FLAG_AS_PATH_UNCHANGED
)
3113 || attr
->aspath
->segments
== NULL
)
3114 && (!CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3115 PEER_FLAG_RSERVER_CLIENT
))) {
3116 aspath
= aspath_dup(attr
->aspath
);
3118 /* Even though we may not be configured for confederations we
3120 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3121 aspath
= aspath_delete_confed_seq(aspath
);
3123 if (CHECK_FLAG(bgp
->config
, BGP_CONFIG_CONFEDERATION
)) {
3124 /* Stuff our path CONFED_ID on the front */
3125 aspath
= aspath_add_seq(aspath
, bgp
->confed_id
);
3127 if (peer
->change_local_as
) {
3128 /* If replace-as is specified, we only use the
3129 change_local_as when
3130 advertising routes. */
3131 if (!CHECK_FLAG(peer
->flags
,
3132 PEER_FLAG_LOCAL_AS_REPLACE_AS
))
3133 if (bgp_append_local_as(peer
, afi
,
3135 aspath
= aspath_add_seq(
3136 aspath
, peer
->local_as
);
3137 aspath
= aspath_add_seq(aspath
,
3138 peer
->change_local_as
);
3140 aspath
= aspath_add_seq(aspath
, peer
->local_as
);
3143 } else if (peer
->sort
== BGP_PEER_CONFED
) {
3144 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3146 aspath
= aspath_dup(attr
->aspath
);
3147 aspath
= aspath_add_confed_seq(aspath
, peer
->local_as
);
3149 aspath
= attr
->aspath
;
3151 /* If peer is not AS4 capable, then:
3152 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3153 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3155 * types are in it (i.e. exclude them if they are there)
3156 * AND do this only if there is at least one asnum > 65535 in the
3158 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3160 * all ASnums > 65535 to BGP_AS_TRANS
3163 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_EXTLEN
);
3164 stream_putc(s
, BGP_ATTR_AS_PATH
);
3165 aspath_sizep
= stream_get_endp(s
);
3167 stream_putw_at(s
, aspath_sizep
, aspath_put(s
, aspath
, use32bit
));
3169 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3172 if (!use32bit
&& aspath_has_as4(aspath
))
3174 1; /* we'll do this later, at the correct place */
3176 /* Nexthop attribute. */
3177 if (afi
== AFI_IP
&& safi
== SAFI_UNICAST
3178 && !peer_cap_enhe(peer
, afi
, safi
)) {
3179 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
)) {
3180 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3181 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3182 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
,
3185 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3186 } else if (peer_cap_enhe(from
, afi
, safi
)) {
3188 * Likely this is the case when an IPv4 prefix was
3190 * Extended Next-hop capability and now being advertised
3193 * Setting the mandatory (ipv4) next-hop attribute here
3195 * implicit next-hop self with correct (ipv4 address
3198 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3199 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3200 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
,
3203 stream_put_ipv4(s
, 0);
3207 /* MED attribute. */
3208 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
)
3209 || bgp
->maxmed_active
) {
3210 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3211 stream_putc(s
, BGP_ATTR_MULTI_EXIT_DISC
);
3213 stream_putl(s
, (bgp
->maxmed_active
? bgp
->maxmed_value
3217 /* Local preference. */
3218 if (peer
->sort
== BGP_PEER_IBGP
|| peer
->sort
== BGP_PEER_CONFED
) {
3219 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3220 stream_putc(s
, BGP_ATTR_LOCAL_PREF
);
3222 stream_putl(s
, attr
->local_pref
);
3225 /* Atomic aggregate. */
3226 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
)) {
3227 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3228 stream_putc(s
, BGP_ATTR_ATOMIC_AGGREGATE
);
3233 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
)) {
3234 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3235 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3236 stream_putc(s
, BGP_ATTR_AGGREGATOR
);
3239 /* AS4 capable peer */
3241 stream_putl(s
, attr
->aggregator_as
);
3243 /* 2-byte AS peer */
3246 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3248 if (attr
->aggregator_as
> 65535) {
3249 stream_putw(s
, BGP_AS_TRANS
);
3251 /* we have to send AS4_AGGREGATOR, too.
3252 * we'll do that later in order to send
3253 * attributes in ascending
3256 send_as4_aggregator
= 1;
3258 stream_putw(s
, (uint16_t)attr
->aggregator_as
);
3260 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3263 /* Community attribute. */
3264 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_SEND_COMMUNITY
)
3265 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
))) {
3266 if (attr
->community
->size
* 4 > 255) {
3268 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3269 | BGP_ATTR_FLAG_EXTLEN
);
3270 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3271 stream_putw(s
, attr
->community
->size
* 4);
3274 BGP_ATTR_FLAG_OPTIONAL
3275 | BGP_ATTR_FLAG_TRANS
);
3276 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3277 stream_putc(s
, attr
->community
->size
* 4);
3279 stream_put(s
, attr
->community
->val
, attr
->community
->size
* 4);
3283 * Large Community attribute.
3285 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3286 PEER_FLAG_SEND_LARGE_COMMUNITY
)
3287 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
))) {
3288 if (lcom_length(attr
->lcommunity
) > 255) {
3290 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3291 | BGP_ATTR_FLAG_EXTLEN
);
3292 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3293 stream_putw(s
, lcom_length(attr
->lcommunity
));
3296 BGP_ATTR_FLAG_OPTIONAL
3297 | BGP_ATTR_FLAG_TRANS
);
3298 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3299 stream_putc(s
, lcom_length(attr
->lcommunity
));
3301 stream_put(s
, attr
->lcommunity
->val
,
3302 lcom_length(attr
->lcommunity
));
3305 /* Route Reflector. */
3306 if (peer
->sort
== BGP_PEER_IBGP
&& from
3307 && from
->sort
== BGP_PEER_IBGP
) {
3308 /* Originator ID. */
3309 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3310 stream_putc(s
, BGP_ATTR_ORIGINATOR_ID
);
3313 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
))
3314 stream_put_in_addr(s
, &attr
->originator_id
);
3316 stream_put_in_addr(s
, &from
->remote_id
);
3319 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3320 stream_putc(s
, BGP_ATTR_CLUSTER_LIST
);
3322 if (attr
->cluster
) {
3323 stream_putc(s
, attr
->cluster
->length
+ 4);
3324 /* If this peer configuration's parent BGP has
3326 if (bgp
->config
& BGP_CONFIG_CLUSTER_ID
)
3327 stream_put_in_addr(s
, &bgp
->cluster_id
);
3329 stream_put_in_addr(s
, &bgp
->router_id
);
3330 stream_put(s
, attr
->cluster
->list
,
3331 attr
->cluster
->length
);
3334 /* If this peer configuration's parent BGP has
3336 if (bgp
->config
& BGP_CONFIG_CLUSTER_ID
)
3337 stream_put_in_addr(s
, &bgp
->cluster_id
);
3339 stream_put_in_addr(s
, &bgp
->router_id
);
3343 /* Extended Communities attribute. */
3344 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_SEND_EXT_COMMUNITY
)
3345 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
))) {
3346 if (peer
->sort
== BGP_PEER_IBGP
3347 || peer
->sort
== BGP_PEER_CONFED
) {
3348 if (attr
->ecommunity
->size
* 8 > 255) {
3350 BGP_ATTR_FLAG_OPTIONAL
3351 | BGP_ATTR_FLAG_TRANS
3352 | BGP_ATTR_FLAG_EXTLEN
);
3353 stream_putc(s
, BGP_ATTR_EXT_COMMUNITIES
);
3354 stream_putw(s
, attr
->ecommunity
->size
* 8);
3357 BGP_ATTR_FLAG_OPTIONAL
3358 | BGP_ATTR_FLAG_TRANS
);
3359 stream_putc(s
, BGP_ATTR_EXT_COMMUNITIES
);
3360 stream_putc(s
, attr
->ecommunity
->size
* 8);
3362 stream_put(s
, attr
->ecommunity
->val
,
3363 attr
->ecommunity
->size
* 8);
3367 int ecom_tr_size
= 0;
3370 for (i
= 0; i
< attr
->ecommunity
->size
; i
++) {
3371 pnt
= attr
->ecommunity
->val
+ (i
* 8);
3374 if (CHECK_FLAG(tbit
,
3375 ECOMMUNITY_FLAG_NON_TRANSITIVE
))
3382 if (ecom_tr_size
* 8 > 255) {
3385 BGP_ATTR_FLAG_OPTIONAL
3386 | BGP_ATTR_FLAG_TRANS
3387 | BGP_ATTR_FLAG_EXTLEN
);
3389 BGP_ATTR_EXT_COMMUNITIES
);
3390 stream_putw(s
, ecom_tr_size
* 8);
3394 BGP_ATTR_FLAG_OPTIONAL
3395 | BGP_ATTR_FLAG_TRANS
);
3397 BGP_ATTR_EXT_COMMUNITIES
);
3398 stream_putc(s
, ecom_tr_size
* 8);
3401 for (i
= 0; i
< attr
->ecommunity
->size
; i
++) {
3402 pnt
= attr
->ecommunity
->val
+ (i
* 8);
3407 ECOMMUNITY_FLAG_NON_TRANSITIVE
))
3410 stream_put(s
, pnt
, 8);
3416 /* Label index attribute. */
3417 if (safi
== SAFI_LABELED_UNICAST
) {
3418 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
)) {
3419 uint32_t label_index
;
3421 label_index
= attr
->label_index
;
3423 if (label_index
!= BGP_INVALID_LABEL_INDEX
) {
3425 BGP_ATTR_FLAG_OPTIONAL
3426 | BGP_ATTR_FLAG_TRANS
);
3427 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3429 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX
);
3431 BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
3432 stream_putc(s
, 0); // reserved
3433 stream_putw(s
, 0); // flags
3434 stream_putl(s
, label_index
);
3439 if (send_as4_path
) {
3440 /* If the peer is NOT As4 capable, AND */
3441 /* there are ASnums > 65535 in path THEN
3442 * give out AS4_PATH */
3444 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3446 * Hm, I wonder... confederation things *should* only be at
3447 * the beginning of an aspath, right? Then we should use
3448 * aspath_delete_confed_seq for this, because it is already
3450 * Folks, talk to me: what is reasonable here!?
3452 aspath
= aspath_delete_confed_seq(aspath
);
3455 BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
3456 | BGP_ATTR_FLAG_EXTLEN
);
3457 stream_putc(s
, BGP_ATTR_AS4_PATH
);
3458 aspath_sizep
= stream_get_endp(s
);
3460 stream_putw_at(s
, aspath_sizep
, aspath_put(s
, aspath
, 1));
3463 if (aspath
!= attr
->aspath
)
3464 aspath_free(aspath
);
3466 if (send_as4_aggregator
) {
3467 /* send AS4_AGGREGATOR, at this place */
3468 /* this section of code moved here in order to ensure the
3470 * *ascending* order of attributes
3472 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3473 stream_putc(s
, BGP_ATTR_AS4_AGGREGATOR
);
3475 stream_putl(s
, attr
->aggregator_as
);
3476 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3479 if (((afi
== AFI_IP
|| afi
== AFI_IP6
)
3480 && (safi
== SAFI_ENCAP
|| safi
== SAFI_MPLS_VPN
))
3481 || (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
)) {
3482 /* Tunnel Encap attribute */
3483 bgp_packet_mpattr_tea(bgp
, peer
, s
, attr
, BGP_ATTR_ENCAP
);
3485 #if ENABLE_BGP_VNC_ATTR
3487 bgp_packet_mpattr_tea(bgp
, peer
, s
, attr
, BGP_ATTR_VNC
);
3492 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL
)) {
3493 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3494 stream_putc(s
, BGP_ATTR_PMSI_TUNNEL
);
3495 stream_putc(s
, 9); // Length
3496 stream_putc(s
, 0); // Flags
3497 stream_putc(s
, attr
->pmsi_tnl_type
);
3498 stream_put(s
, &(attr
->label
),
3499 BGP_LABEL_BYTES
); // MPLS Label / VXLAN VNI
3500 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3501 // Unicast tunnel endpoint IP address
3504 /* Unknown transit attribute. */
3506 stream_put(s
, attr
->transit
->val
, attr
->transit
->length
);
3508 /* Return total size of attribute. */
3509 return stream_get_endp(s
) - cp
;
3512 size_t bgp_packet_mpunreach_start(struct stream
*s
, afi_t afi
, safi_t safi
)
3514 unsigned long attrlen_pnt
;
3516 iana_safi_t pkt_safi
;
3518 /* Set extended bit always to encode the attribute length as 2 bytes */
3519 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_EXTLEN
);
3520 stream_putc(s
, BGP_ATTR_MP_UNREACH_NLRI
);
3522 attrlen_pnt
= stream_get_endp(s
);
3523 stream_putw(s
, 0); /* Length of this attribute. */
3525 /* Convert AFI, SAFI to values for packet. */
3526 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
3528 stream_putw(s
, pkt_afi
);
3529 stream_putc(s
, pkt_safi
);
3534 void bgp_packet_mpunreach_prefix(struct stream
*s
, struct prefix
*p
, afi_t afi
,
3535 safi_t safi
, struct prefix_rd
*prd
,
3536 mpls_label_t
*label
, uint32_t num_labels
,
3537 int addpath_encode
, uint32_t addpath_tx_id
,
3540 uint8_t wlabel
[3] = {0x80, 0x00, 0x00};
3542 if (safi
== SAFI_LABELED_UNICAST
) {
3543 label
= (mpls_label_t
*)wlabel
;
3547 bgp_packet_mpattr_prefix(s
, afi
, safi
, p
, prd
, label
, num_labels
,
3548 addpath_encode
, addpath_tx_id
, attr
);
3551 void bgp_packet_mpunreach_end(struct stream
*s
, size_t attrlen_pnt
)
3553 bgp_packet_mpattr_end(s
, attrlen_pnt
);
3556 /* Initialization of attribute. */
3557 void bgp_attr_init(void)
3569 void bgp_attr_finish(void)
3574 ecommunity_finish();
3575 lcommunity_finish();
3581 /* Make attribute packet. */
3582 void bgp_dump_routes_attr(struct stream
*s
, struct attr
*attr
,
3583 struct prefix
*prefix
)
3588 struct aspath
*aspath
;
3589 int addpath_encode
= 0;
3590 uint32_t addpath_tx_id
= 0;
3592 /* Remember current pointer. */
3593 cp
= stream_get_endp(s
);
3595 /* Place holder of length. */
3598 /* Origin attribute. */
3599 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3600 stream_putc(s
, BGP_ATTR_ORIGIN
);
3602 stream_putc(s
, attr
->origin
);
3604 aspath
= attr
->aspath
;
3606 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_EXTLEN
);
3607 stream_putc(s
, BGP_ATTR_AS_PATH
);
3608 aspath_lenp
= stream_get_endp(s
);
3611 stream_putw_at(s
, aspath_lenp
, aspath_put(s
, aspath
, 1));
3613 /* Nexthop attribute. */
3614 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3615 if (prefix
!= NULL
&& prefix
->family
!= AF_INET6
) {
3616 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3617 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3619 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3622 /* MED attribute. */
3623 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
)) {
3624 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3625 stream_putc(s
, BGP_ATTR_MULTI_EXIT_DISC
);
3627 stream_putl(s
, attr
->med
);
3630 /* Local preference. */
3631 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
)) {
3632 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3633 stream_putc(s
, BGP_ATTR_LOCAL_PREF
);
3635 stream_putl(s
, attr
->local_pref
);
3638 /* Atomic aggregate. */
3639 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
)) {
3640 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3641 stream_putc(s
, BGP_ATTR_ATOMIC_AGGREGATE
);
3646 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
)) {
3647 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3648 stream_putc(s
, BGP_ATTR_AGGREGATOR
);
3650 stream_putl(s
, attr
->aggregator_as
);
3651 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3654 /* Community attribute. */
3655 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
)) {
3656 if (attr
->community
->size
* 4 > 255) {
3658 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3659 | BGP_ATTR_FLAG_EXTLEN
);
3660 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3661 stream_putw(s
, attr
->community
->size
* 4);
3664 BGP_ATTR_FLAG_OPTIONAL
3665 | BGP_ATTR_FLAG_TRANS
);
3666 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3667 stream_putc(s
, attr
->community
->size
* 4);
3669 stream_put(s
, attr
->community
->val
, attr
->community
->size
* 4);
3672 /* Large Community attribute. */
3673 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
)) {
3674 if (lcom_length(attr
->lcommunity
) > 255) {
3676 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3677 | BGP_ATTR_FLAG_EXTLEN
);
3678 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3679 stream_putw(s
, lcom_length(attr
->lcommunity
));
3682 BGP_ATTR_FLAG_OPTIONAL
3683 | BGP_ATTR_FLAG_TRANS
);
3684 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3685 stream_putc(s
, lcom_length(attr
->lcommunity
));
3688 stream_put(s
, attr
->lcommunity
->val
,
3689 lcom_length(attr
->lcommunity
));
3692 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3693 if (prefix
!= NULL
&& prefix
->family
== AF_INET6
3694 && (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL
3695 || attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
)) {
3698 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3699 stream_putc(s
, BGP_ATTR_MP_REACH_NLRI
);
3700 sizep
= stream_get_endp(s
);
3703 stream_putc(s
, 0); /* Marker: Attribute length. */
3704 stream_putw(s
, AFI_IP6
); /* AFI */
3705 stream_putc(s
, SAFI_UNICAST
); /* SAFI */
3708 stream_putc(s
, attr
->mp_nexthop_len
);
3709 stream_put(s
, &attr
->mp_nexthop_global
, IPV6_MAX_BYTELEN
);
3710 if (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
)
3711 stream_put(s
, &attr
->mp_nexthop_local
,
3718 stream_put_prefix_addpath(s
, prefix
, addpath_encode
,
3721 /* Set MP attribute length. */
3722 stream_putc_at(s
, sizep
, (stream_get_endp(s
) - sizep
) - 1);
3726 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
)) {
3727 if (attr
->label_index
!= BGP_INVALID_LABEL_INDEX
) {
3729 BGP_ATTR_FLAG_OPTIONAL
3730 | BGP_ATTR_FLAG_TRANS
);
3731 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3733 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX
);
3734 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
3735 stream_putc(s
, 0); // reserved
3736 stream_putw(s
, 0); // flags
3737 stream_putl(s
, attr
->label_index
);
3741 /* Return total size of attribute. */
3742 len
= stream_get_endp(s
) - cp
- 2;
3743 stream_putw_at(s
, cp
, len
);