1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
37 #include "bgpd/bgpd.h"
38 #include "bgpd/bgp_attr.h"
39 #include "bgpd/bgp_route.h"
40 #include "bgpd/bgp_aspath.h"
41 #include "bgpd/bgp_community.h"
42 #include "bgpd/bgp_debug.h"
43 #include "bgpd/bgp_errors.h"
44 #include "bgpd/bgp_label.h"
45 #include "bgpd/bgp_packet.h"
46 #include "bgpd/bgp_ecommunity.h"
47 #include "bgpd/bgp_lcommunity.h"
48 #include "bgpd/bgp_updgrp.h"
49 #include "bgpd/bgp_encap_types.h"
51 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
52 #include "bgp_encap_types.h"
53 #include "bgp_vnc_types.h"
56 #include "bgp_flowspec_private.h"
59 /* Attribute strings for logging. */
60 static const struct message attr_str
[] = {
61 {BGP_ATTR_ORIGIN
, "ORIGIN"},
62 {BGP_ATTR_AS_PATH
, "AS_PATH"},
63 {BGP_ATTR_NEXT_HOP
, "NEXT_HOP"},
64 {BGP_ATTR_MULTI_EXIT_DISC
, "MULTI_EXIT_DISC"},
65 {BGP_ATTR_LOCAL_PREF
, "LOCAL_PREF"},
66 {BGP_ATTR_ATOMIC_AGGREGATE
, "ATOMIC_AGGREGATE"},
67 {BGP_ATTR_AGGREGATOR
, "AGGREGATOR"},
68 {BGP_ATTR_COMMUNITIES
, "COMMUNITY"},
69 {BGP_ATTR_ORIGINATOR_ID
, "ORIGINATOR_ID"},
70 {BGP_ATTR_CLUSTER_LIST
, "CLUSTER_LIST"},
71 {BGP_ATTR_DPA
, "DPA"},
72 {BGP_ATTR_ADVERTISER
, "ADVERTISER"},
73 {BGP_ATTR_RCID_PATH
, "RCID_PATH"},
74 {BGP_ATTR_MP_REACH_NLRI
, "MP_REACH_NLRI"},
75 {BGP_ATTR_MP_UNREACH_NLRI
, "MP_UNREACH_NLRI"},
76 {BGP_ATTR_EXT_COMMUNITIES
, "EXT_COMMUNITIES"},
77 {BGP_ATTR_AS4_PATH
, "AS4_PATH"},
78 {BGP_ATTR_AS4_AGGREGATOR
, "AS4_AGGREGATOR"},
79 {BGP_ATTR_AS_PATHLIMIT
, "AS_PATHLIMIT"},
80 {BGP_ATTR_PMSI_TUNNEL
, "PMSI_TUNNEL_ATTRIBUTE"},
81 {BGP_ATTR_ENCAP
, "ENCAP"},
82 #if ENABLE_BGP_VNC_ATTR
83 {BGP_ATTR_VNC
, "VNC"},
85 {BGP_ATTR_LARGE_COMMUNITIES
, "LARGE_COMMUNITY"},
86 {BGP_ATTR_PREFIX_SID
, "PREFIX_SID"},
89 static const struct message attr_flag_str
[] = {
90 {BGP_ATTR_FLAG_OPTIONAL
, "Optional"},
91 {BGP_ATTR_FLAG_TRANS
, "Transitive"},
92 {BGP_ATTR_FLAG_PARTIAL
, "Partial"},
93 /* bgp_attr_flags_diagnose() relies on this bit being last in
95 {BGP_ATTR_FLAG_EXTLEN
, "Extended Length"},
98 static struct hash
*cluster_hash
;
100 static void *cluster_hash_alloc(void *p
)
102 const struct cluster_list
*val
= (const struct cluster_list
*)p
;
103 struct cluster_list
*cluster
;
105 cluster
= XMALLOC(MTYPE_CLUSTER
, sizeof(struct cluster_list
));
106 cluster
->length
= val
->length
;
108 if (cluster
->length
) {
109 cluster
->list
= XMALLOC(MTYPE_CLUSTER_VAL
, val
->length
);
110 memcpy(cluster
->list
, val
->list
, val
->length
);
112 cluster
->list
= NULL
;
119 /* Cluster list related functions. */
120 static struct cluster_list
*cluster_parse(struct in_addr
*pnt
, int length
)
122 struct cluster_list tmp
;
123 struct cluster_list
*cluster
;
128 cluster
= hash_get(cluster_hash
, &tmp
, cluster_hash_alloc
);
133 int cluster_loop_check(struct cluster_list
*cluster
, struct in_addr originator
)
137 for (i
= 0; i
< cluster
->length
/ 4; i
++)
138 if (cluster
->list
[i
].s_addr
== originator
.s_addr
)
143 static unsigned int cluster_hash_key_make(const void *p
)
145 const struct cluster_list
*cluster
= p
;
147 return jhash(cluster
->list
, cluster
->length
, 0);
150 static bool cluster_hash_cmp(const void *p1
, const void *p2
)
152 const struct cluster_list
*cluster1
= p1
;
153 const struct cluster_list
*cluster2
= p2
;
155 return (cluster1
->length
== cluster2
->length
156 && (cluster1
->list
== cluster2
->list
157 || memcmp(cluster1
->list
, cluster2
->list
, cluster1
->length
)
161 static void cluster_free(struct cluster_list
*cluster
)
163 XFREE(MTYPE_CLUSTER_VAL
, cluster
->list
);
164 XFREE(MTYPE_CLUSTER
, cluster
);
167 static struct cluster_list
*cluster_intern(struct cluster_list
*cluster
)
169 struct cluster_list
*find
;
171 find
= hash_get(cluster_hash
, cluster
, cluster_hash_alloc
);
177 void cluster_unintern(struct cluster_list
*cluster
)
182 if (cluster
->refcnt
== 0) {
183 hash_release(cluster_hash
, cluster
);
184 cluster_free(cluster
);
188 static void cluster_init(void)
190 cluster_hash
= hash_create(cluster_hash_key_make
, cluster_hash_cmp
,
194 static void cluster_finish(void)
196 hash_clean(cluster_hash
, (void (*)(void *))cluster_free
);
197 hash_free(cluster_hash
);
201 static struct hash
*encap_hash
= NULL
;
203 static struct hash
*vnc_hash
= NULL
;
205 static struct hash
*srv6_l3vpn_hash
;
206 static struct hash
*srv6_vpn_hash
;
208 struct bgp_attr_encap_subtlv
*encap_tlv_dup(struct bgp_attr_encap_subtlv
*orig
)
210 struct bgp_attr_encap_subtlv
*new;
211 struct bgp_attr_encap_subtlv
*tail
;
212 struct bgp_attr_encap_subtlv
*p
;
214 for (p
= orig
, tail
= new = NULL
; p
; p
= p
->next
) {
215 int size
= sizeof(struct bgp_attr_encap_subtlv
) + p
->length
;
217 tail
->next
= XCALLOC(MTYPE_ENCAP_TLV
, size
);
220 tail
= new = XCALLOC(MTYPE_ENCAP_TLV
, size
);
223 memcpy(tail
, p
, size
);
230 static void encap_free(struct bgp_attr_encap_subtlv
*p
)
232 struct bgp_attr_encap_subtlv
*next
;
236 XFREE(MTYPE_ENCAP_TLV
, p
);
241 void bgp_attr_flush_encap(struct attr
*attr
)
246 if (attr
->encap_subtlvs
) {
247 encap_free(attr
->encap_subtlvs
);
248 attr
->encap_subtlvs
= NULL
;
251 if (attr
->vnc_subtlvs
) {
252 encap_free(attr
->vnc_subtlvs
);
253 attr
->vnc_subtlvs
= NULL
;
259 * Compare encap sub-tlv chains
264 * This algorithm could be made faster if needed
266 static int encap_same(const struct bgp_attr_encap_subtlv
*h1
,
267 const struct bgp_attr_encap_subtlv
*h2
)
269 const struct bgp_attr_encap_subtlv
*p
;
270 const struct bgp_attr_encap_subtlv
*q
;
274 if (h1
== NULL
|| h2
== NULL
)
277 for (p
= h1
; p
; p
= p
->next
) {
278 for (q
= h2
; q
; q
= q
->next
) {
279 if ((p
->type
== q
->type
) && (p
->length
== q
->length
)
280 && !memcmp(p
->value
, q
->value
, p
->length
)) {
289 for (p
= h2
; p
; p
= p
->next
) {
290 for (q
= h1
; q
; q
= q
->next
) {
291 if ((p
->type
== q
->type
) && (p
->length
== q
->length
)
292 && !memcmp(p
->value
, q
->value
, p
->length
)) {
304 static void *encap_hash_alloc(void *p
)
306 /* Encap structure is already allocated. */
317 static struct bgp_attr_encap_subtlv
*
318 encap_intern(struct bgp_attr_encap_subtlv
*encap
, encap_subtlv_type type
)
320 struct bgp_attr_encap_subtlv
*find
;
321 struct hash
*hash
= encap_hash
;
323 if (type
== VNC_SUBTLV_TYPE
)
327 find
= hash_get(hash
, encap
, encap_hash_alloc
);
335 static void encap_unintern(struct bgp_attr_encap_subtlv
**encapp
,
336 encap_subtlv_type type
)
338 struct bgp_attr_encap_subtlv
*encap
= *encapp
;
342 if (encap
->refcnt
== 0) {
343 struct hash
*hash
= encap_hash
;
345 if (type
== VNC_SUBTLV_TYPE
)
348 hash_release(hash
, encap
);
354 static unsigned int encap_hash_key_make(const void *p
)
356 const struct bgp_attr_encap_subtlv
*encap
= p
;
358 return jhash(encap
->value
, encap
->length
, 0);
361 static bool encap_hash_cmp(const void *p1
, const void *p2
)
363 return encap_same((const struct bgp_attr_encap_subtlv
*)p1
,
364 (const struct bgp_attr_encap_subtlv
*)p2
);
367 static void encap_init(void)
369 encap_hash
= hash_create(encap_hash_key_make
, encap_hash_cmp
,
372 vnc_hash
= hash_create(encap_hash_key_make
, encap_hash_cmp
,
377 static void encap_finish(void)
379 hash_clean(encap_hash
, (void (*)(void *))encap_free
);
380 hash_free(encap_hash
);
383 hash_clean(vnc_hash
, (void (*)(void *))encap_free
);
389 static bool overlay_index_same(const struct attr
*a1
, const struct attr
*a2
)
397 return !memcmp(&(a1
->evpn_overlay
), &(a2
->evpn_overlay
),
398 sizeof(struct bgp_route_evpn
));
401 /* Unknown transit attribute. */
402 static struct hash
*transit_hash
;
404 static void transit_free(struct transit
*transit
)
406 XFREE(MTYPE_TRANSIT_VAL
, transit
->val
);
407 XFREE(MTYPE_TRANSIT
, transit
);
410 static void *transit_hash_alloc(void *p
)
412 /* Transit structure is already allocated. */
416 static struct transit
*transit_intern(struct transit
*transit
)
418 struct transit
*find
;
420 find
= hash_get(transit_hash
, transit
, transit_hash_alloc
);
422 transit_free(transit
);
428 static void transit_unintern(struct transit
**transit
)
430 if ((*transit
)->refcnt
)
431 (*transit
)->refcnt
--;
433 if ((*transit
)->refcnt
== 0) {
434 hash_release(transit_hash
, *transit
);
435 transit_free(*transit
);
440 static void *srv6_l3vpn_hash_alloc(void *p
)
445 static void srv6_l3vpn_free(struct bgp_attr_srv6_l3vpn
*l3vpn
)
447 XFREE(MTYPE_BGP_SRV6_L3VPN
, l3vpn
);
450 static struct bgp_attr_srv6_l3vpn
*
451 srv6_l3vpn_intern(struct bgp_attr_srv6_l3vpn
*l3vpn
)
453 struct bgp_attr_srv6_l3vpn
*find
;
455 find
= hash_get(srv6_l3vpn_hash
, l3vpn
, srv6_l3vpn_hash_alloc
);
457 srv6_l3vpn_free(l3vpn
);
462 static void srv6_l3vpn_unintern(struct bgp_attr_srv6_l3vpn
**l3vpnp
)
464 struct bgp_attr_srv6_l3vpn
*l3vpn
= *l3vpnp
;
469 if (l3vpn
->refcnt
== 0) {
470 hash_release(srv6_l3vpn_hash
, l3vpn
);
471 srv6_l3vpn_free(l3vpn
);
476 static void *srv6_vpn_hash_alloc(void *p
)
481 static void srv6_vpn_free(struct bgp_attr_srv6_vpn
*vpn
)
483 XFREE(MTYPE_BGP_SRV6_VPN
, vpn
);
486 static struct bgp_attr_srv6_vpn
*srv6_vpn_intern(struct bgp_attr_srv6_vpn
*vpn
)
488 struct bgp_attr_srv6_vpn
*find
;
490 find
= hash_get(srv6_vpn_hash
, vpn
, srv6_vpn_hash_alloc
);
497 static void srv6_vpn_unintern(struct bgp_attr_srv6_vpn
**vpnp
)
499 struct bgp_attr_srv6_vpn
*vpn
= *vpnp
;
504 if (vpn
->refcnt
== 0) {
505 hash_release(srv6_vpn_hash
, vpn
);
511 static uint32_t srv6_l3vpn_hash_key_make(const void *p
)
513 const struct bgp_attr_srv6_l3vpn
*l3vpn
= p
;
516 key
= jhash(&l3vpn
->sid
, 16, key
);
517 key
= jhash_1word(l3vpn
->sid_flags
, key
);
518 key
= jhash_1word(l3vpn
->endpoint_behavior
, key
);
522 static bool srv6_l3vpn_hash_cmp(const void *p1
, const void *p2
)
524 const struct bgp_attr_srv6_l3vpn
*l3vpn1
= p1
;
525 const struct bgp_attr_srv6_l3vpn
*l3vpn2
= p2
;
527 return sid_same(&l3vpn1
->sid
, &l3vpn2
->sid
)
528 && l3vpn1
->sid_flags
== l3vpn2
->sid_flags
529 && l3vpn1
->endpoint_behavior
== l3vpn2
->endpoint_behavior
;
532 static bool srv6_l3vpn_same(const struct bgp_attr_srv6_l3vpn
*h1
,
533 const struct bgp_attr_srv6_l3vpn
*h2
)
537 else if (h1
== NULL
|| h2
== NULL
)
540 return srv6_l3vpn_hash_cmp((const void *)h1
, (const void *)h2
);
543 static unsigned int srv6_vpn_hash_key_make(const void *p
)
545 const struct bgp_attr_srv6_vpn
*vpn
= p
;
548 key
= jhash(&vpn
->sid
, 16, key
);
549 key
= jhash_1word(vpn
->sid_flags
, key
);
553 static bool srv6_vpn_hash_cmp(const void *p1
, const void *p2
)
555 const struct bgp_attr_srv6_vpn
*vpn1
= p1
;
556 const struct bgp_attr_srv6_vpn
*vpn2
= p2
;
558 return sid_same(&vpn1
->sid
, &vpn2
->sid
)
559 && vpn1
->sid_flags
== vpn2
->sid_flags
;
562 static bool srv6_vpn_same(const struct bgp_attr_srv6_vpn
*h1
,
563 const struct bgp_attr_srv6_vpn
*h2
)
567 else if (h1
== NULL
|| h2
== NULL
)
570 return srv6_vpn_hash_cmp((const void *)h1
, (const void *)h2
);
573 static void srv6_init(void)
576 hash_create(srv6_l3vpn_hash_key_make
, srv6_l3vpn_hash_cmp
,
577 "BGP Prefix-SID SRv6-L3VPN-Service-TLV");
578 srv6_vpn_hash
= hash_create(srv6_vpn_hash_key_make
, srv6_vpn_hash_cmp
,
579 "BGP Prefix-SID SRv6-VPN-Service-TLV");
582 static void srv6_finish(void)
584 hash_clean(srv6_l3vpn_hash
, (void (*)(void *))srv6_l3vpn_free
);
585 hash_free(srv6_l3vpn_hash
);
586 srv6_l3vpn_hash
= NULL
;
587 hash_clean(srv6_vpn_hash
, (void (*)(void *))srv6_vpn_free
);
588 hash_free(srv6_vpn_hash
);
589 srv6_vpn_hash
= NULL
;
592 static unsigned int transit_hash_key_make(const void *p
)
594 const struct transit
*transit
= p
;
596 return jhash(transit
->val
, transit
->length
, 0);
599 static bool transit_hash_cmp(const void *p1
, const void *p2
)
601 const struct transit
*transit1
= p1
;
602 const struct transit
*transit2
= p2
;
604 return (transit1
->length
== transit2
->length
605 && memcmp(transit1
->val
, transit2
->val
, transit1
->length
) == 0);
608 static void transit_init(void)
610 transit_hash
= hash_create(transit_hash_key_make
, transit_hash_cmp
,
614 static void transit_finish(void)
616 hash_clean(transit_hash
, (void (*)(void *))transit_free
);
617 hash_free(transit_hash
);
621 /* Attribute hash routines. */
622 static struct hash
*attrhash
;
624 unsigned long int attr_count(void)
626 return attrhash
->count
;
629 unsigned long int attr_unknown_count(void)
631 return transit_hash
->count
;
634 unsigned int attrhash_key_make(const void *p
)
636 const struct attr
*attr
= (struct attr
*)p
;
638 #define MIX(val) key = jhash_1word(val, key)
639 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
641 MIX3(attr
->origin
, attr
->nexthop
.s_addr
, attr
->med
);
642 MIX3(attr
->local_pref
, attr
->aggregator_as
,
643 attr
->aggregator_addr
.s_addr
);
644 MIX3(attr
->weight
, attr
->mp_nexthop_global_in
.s_addr
,
645 attr
->originator_id
.s_addr
);
646 MIX3(attr
->tag
, attr
->label
, attr
->label_index
);
649 MIX(aspath_key_make(attr
->aspath
));
651 MIX(community_hash_make(attr
->community
));
653 if (attr
->lcommunity
)
654 MIX(lcommunity_hash_make(attr
->lcommunity
));
655 if (attr
->ecommunity
)
656 MIX(ecommunity_hash_make(attr
->ecommunity
));
658 MIX(cluster_hash_key_make(attr
->cluster
));
660 MIX(transit_hash_key_make(attr
->transit
));
661 if (attr
->encap_subtlvs
)
662 MIX(encap_hash_key_make(attr
->encap_subtlvs
));
664 if (attr
->vnc_subtlvs
)
665 MIX(encap_hash_key_make(attr
->vnc_subtlvs
));
667 MIX(attr
->mp_nexthop_len
);
668 key
= jhash(attr
->mp_nexthop_global
.s6_addr
, IPV6_MAX_BYTELEN
, key
);
669 key
= jhash(attr
->mp_nexthop_local
.s6_addr
, IPV6_MAX_BYTELEN
, key
);
670 MIX3(attr
->nh_ifindex
, attr
->nh_lla_ifindex
, attr
->distance
);
671 MIX(attr
->rmap_table_id
);
676 bool attrhash_cmp(const void *p1
, const void *p2
)
678 const struct attr
*attr1
= p1
;
679 const struct attr
*attr2
= p2
;
681 if (attr1
->flag
== attr2
->flag
&& attr1
->origin
== attr2
->origin
682 && attr1
->nexthop
.s_addr
== attr2
->nexthop
.s_addr
683 && attr1
->aspath
== attr2
->aspath
684 && attr1
->community
== attr2
->community
&& attr1
->med
== attr2
->med
685 && attr1
->local_pref
== attr2
->local_pref
686 && attr1
->rmap_change_flags
== attr2
->rmap_change_flags
) {
687 if (attr1
->aggregator_as
== attr2
->aggregator_as
688 && attr1
->aggregator_addr
.s_addr
689 == attr2
->aggregator_addr
.s_addr
690 && attr1
->weight
== attr2
->weight
691 && attr1
->tag
== attr2
->tag
692 && attr1
->label_index
== attr2
->label_index
693 && attr1
->mp_nexthop_len
== attr2
->mp_nexthop_len
694 && attr1
->ecommunity
== attr2
->ecommunity
695 && attr1
->lcommunity
== attr2
->lcommunity
696 && attr1
->cluster
== attr2
->cluster
697 && attr1
->transit
== attr2
->transit
698 && attr1
->rmap_table_id
== attr2
->rmap_table_id
699 && (attr1
->encap_tunneltype
== attr2
->encap_tunneltype
)
700 && encap_same(attr1
->encap_subtlvs
, attr2
->encap_subtlvs
)
702 && encap_same(attr1
->vnc_subtlvs
, attr2
->vnc_subtlvs
)
704 && IPV6_ADDR_SAME(&attr1
->mp_nexthop_global
,
705 &attr2
->mp_nexthop_global
)
706 && IPV6_ADDR_SAME(&attr1
->mp_nexthop_local
,
707 &attr2
->mp_nexthop_local
)
708 && IPV4_ADDR_SAME(&attr1
->mp_nexthop_global_in
,
709 &attr2
->mp_nexthop_global_in
)
710 && IPV4_ADDR_SAME(&attr1
->originator_id
,
711 &attr2
->originator_id
)
712 && overlay_index_same(attr1
, attr2
)
713 && attr1
->nh_ifindex
== attr2
->nh_ifindex
714 && attr1
->nh_lla_ifindex
== attr2
->nh_lla_ifindex
715 && attr1
->distance
== attr2
->distance
716 && srv6_l3vpn_same(attr1
->srv6_l3vpn
, attr2
->srv6_l3vpn
)
717 && srv6_vpn_same(attr1
->srv6_vpn
, attr2
->srv6_vpn
))
724 static void attrhash_init(void)
727 hash_create(attrhash_key_make
, attrhash_cmp
, "BGP Attributes");
731 * special for hash_clean below
733 static void attr_vfree(void *attr
)
735 XFREE(MTYPE_ATTR
, attr
);
738 static void attrhash_finish(void)
740 hash_clean(attrhash
, attr_vfree
);
745 static void attr_show_all_iterator(struct hash_bucket
*bucket
, struct vty
*vty
)
747 struct attr
*attr
= bucket
->data
;
748 char sid_str
[BUFSIZ
];
750 vty_out(vty
, "attr[%ld] nexthop %s\n", attr
->refcnt
,
751 inet_ntoa(attr
->nexthop
));
754 if (attr
->srv6_l3vpn
)
755 inet_ntop(AF_INET6
, &attr
->srv6_l3vpn
->sid
, sid_str
, BUFSIZ
);
756 else if (attr
->srv6_vpn
)
757 inet_ntop(AF_INET6
, &attr
->srv6_vpn
->sid
, sid_str
, BUFSIZ
);
761 " med: %u local_pref: %u origin: %u weight: %u label: %u sid: %s\n",
762 attr
->flag
, attr
->med
, attr
->local_pref
, attr
->origin
,
763 attr
->weight
, attr
->label
, sid_str
);
766 void attr_show_all(struct vty
*vty
)
768 hash_iterate(attrhash
, (void (*)(struct hash_bucket
*,
769 void *))attr_show_all_iterator
,
773 static void *bgp_attr_hash_alloc(void *p
)
775 struct attr
*val
= (struct attr
*)p
;
778 attr
= XMALLOC(MTYPE_ATTR
, sizeof(struct attr
));
780 if (val
->encap_subtlvs
) {
781 val
->encap_subtlvs
= NULL
;
784 if (val
->vnc_subtlvs
) {
785 val
->vnc_subtlvs
= NULL
;
789 val
->srv6_l3vpn
= NULL
;
791 val
->srv6_vpn
= NULL
;
797 /* Internet argument attribute. */
798 struct attr
*bgp_attr_intern(struct attr
*attr
)
802 /* Intern referenced strucutre. */
804 if (!attr
->aspath
->refcnt
)
805 attr
->aspath
= aspath_intern(attr
->aspath
);
807 attr
->aspath
->refcnt
++;
809 if (attr
->community
) {
810 if (!attr
->community
->refcnt
)
811 attr
->community
= community_intern(attr
->community
);
813 attr
->community
->refcnt
++;
816 if (attr
->ecommunity
) {
817 if (!attr
->ecommunity
->refcnt
)
818 attr
->ecommunity
= ecommunity_intern(attr
->ecommunity
);
820 attr
->ecommunity
->refcnt
++;
822 if (attr
->lcommunity
) {
823 if (!attr
->lcommunity
->refcnt
)
824 attr
->lcommunity
= lcommunity_intern(attr
->lcommunity
);
826 attr
->lcommunity
->refcnt
++;
829 if (!attr
->cluster
->refcnt
)
830 attr
->cluster
= cluster_intern(attr
->cluster
);
832 attr
->cluster
->refcnt
++;
835 if (!attr
->transit
->refcnt
)
836 attr
->transit
= transit_intern(attr
->transit
);
838 attr
->transit
->refcnt
++;
840 if (attr
->encap_subtlvs
) {
841 if (!attr
->encap_subtlvs
->refcnt
)
842 attr
->encap_subtlvs
= encap_intern(attr
->encap_subtlvs
,
845 attr
->encap_subtlvs
->refcnt
++;
847 if (attr
->srv6_l3vpn
) {
848 if (!attr
->srv6_l3vpn
->refcnt
)
849 attr
->srv6_l3vpn
= srv6_l3vpn_intern(attr
->srv6_l3vpn
);
851 attr
->srv6_l3vpn
->refcnt
++;
853 if (attr
->srv6_vpn
) {
854 if (!attr
->srv6_vpn
->refcnt
)
855 attr
->srv6_vpn
= srv6_vpn_intern(attr
->srv6_vpn
);
857 attr
->srv6_vpn
->refcnt
++;
860 if (attr
->vnc_subtlvs
) {
861 if (!attr
->vnc_subtlvs
->refcnt
)
862 attr
->vnc_subtlvs
= encap_intern(attr
->vnc_subtlvs
,
865 attr
->vnc_subtlvs
->refcnt
++;
869 /* At this point, attr only contains intern'd pointers. that means
870 * if we find it in attrhash, it has all the same pointers and we
871 * correctly updated the refcounts on these.
872 * If we don't find it, we need to allocate a one because in all
873 * cases this returns a new reference to a hashed attr, but the input
875 find
= (struct attr
*)hash_get(attrhash
, attr
, bgp_attr_hash_alloc
);
881 /* Make network statement's attribute. */
882 struct attr
*bgp_attr_default_set(struct attr
*attr
, uint8_t origin
)
884 memset(attr
, 0, sizeof(struct attr
));
886 attr
->origin
= origin
;
887 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
888 attr
->aspath
= aspath_empty();
889 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
890 attr
->weight
= BGP_ATTR_DEFAULT_WEIGHT
;
892 attr
->label_index
= BGP_INVALID_LABEL_INDEX
;
893 attr
->label
= MPLS_INVALID_LABEL
;
894 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
895 attr
->mp_nexthop_len
= IPV6_MAX_BYTELEN
;
900 /* Create the attributes for an aggregate */
901 struct attr
*bgp_attr_aggregate_intern(struct bgp
*bgp
, uint8_t origin
,
902 struct aspath
*aspath
,
903 struct community
*community
,
904 struct ecommunity
*ecommunity
,
905 struct lcommunity
*lcommunity
,
906 struct bgp_aggregate
*aggregate
,
907 uint8_t atomic_aggregate
,
914 memset(&attr
, 0, sizeof(struct attr
));
916 /* Origin attribute. */
917 attr
.origin
= origin
;
918 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
920 /* AS path attribute. */
922 attr
.aspath
= aspath_intern(aspath
);
924 attr
.aspath
= aspath_empty();
925 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
927 /* Next hop attribute. */
928 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
931 uint32_t gshut
= COMMUNITY_GSHUT
;
933 /* If we are not shutting down ourselves and we are
934 * aggregating a route that contains the GSHUT community we
935 * need to remove that community when creating the aggregate */
936 if (!bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
)
937 && community_include(community
, gshut
)) {
938 community_del_val(community
, &gshut
);
941 attr
.community
= community
;
942 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
);
946 attr
.ecommunity
= ecommunity
;
947 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
);
951 attr
.lcommunity
= lcommunity
;
952 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
);
955 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
)) {
956 bgp_attr_add_gshut_community(&attr
);
959 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
960 attr
.label
= MPLS_INVALID_LABEL
;
961 attr
.weight
= BGP_ATTR_DEFAULT_WEIGHT
;
962 attr
.mp_nexthop_len
= IPV6_MAX_BYTELEN
;
963 if (!aggregate
->as_set
|| atomic_aggregate
)
964 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
);
965 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
);
966 if (CHECK_FLAG(bgp
->config
, BGP_CONFIG_CONFEDERATION
))
967 attr
.aggregator_as
= bgp
->confed_id
;
969 attr
.aggregator_as
= bgp
->as
;
970 attr
.aggregator_addr
= bgp
->router_id
;
971 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
972 attr
.label
= MPLS_INVALID_LABEL
;
974 /* Apply route-map */
975 if (aggregate
->rmap
.name
) {
976 struct attr attr_tmp
= attr
;
977 struct bgp_path_info rmap_path
;
979 memset(&rmap_path
, 0, sizeof(struct bgp_path_info
));
980 rmap_path
.peer
= bgp
->peer_self
;
981 rmap_path
.attr
= &attr_tmp
;
983 SET_FLAG(bgp
->peer_self
->rmap_type
, PEER_RMAP_TYPE_AGGREGATE
);
985 ret
= route_map_apply(aggregate
->rmap
.map
, p
, RMAP_BGP
,
988 bgp
->peer_self
->rmap_type
= 0;
990 if (ret
== RMAP_DENYMATCH
) {
991 /* Free uninterned attribute. */
992 bgp_attr_flush(&attr_tmp
);
994 /* Unintern original. */
995 aspath_unintern(&attr
.aspath
);
999 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
))
1000 bgp_attr_add_gshut_community(&attr_tmp
);
1002 new = bgp_attr_intern(&attr_tmp
);
1005 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
))
1006 bgp_attr_add_gshut_community(&attr
);
1008 new = bgp_attr_intern(&attr
);
1011 aspath_unintern(&new->aspath
);
1015 /* Unintern just the sub-components of the attr, but not the attr */
1016 void bgp_attr_unintern_sub(struct attr
*attr
)
1018 /* aspath refcount shoud be decrement. */
1020 aspath_unintern(&attr
->aspath
);
1021 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
));
1023 if (attr
->community
)
1024 community_unintern(&attr
->community
);
1025 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
));
1027 if (attr
->ecommunity
)
1028 ecommunity_unintern(&attr
->ecommunity
);
1029 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
));
1031 if (attr
->lcommunity
)
1032 lcommunity_unintern(&attr
->lcommunity
);
1033 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
));
1036 cluster_unintern(attr
->cluster
);
1037 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST
));
1040 transit_unintern(&attr
->transit
);
1042 if (attr
->encap_subtlvs
)
1043 encap_unintern(&attr
->encap_subtlvs
, ENCAP_SUBTLV_TYPE
);
1046 if (attr
->vnc_subtlvs
)
1047 encap_unintern(&attr
->vnc_subtlvs
, VNC_SUBTLV_TYPE
);
1050 if (attr
->srv6_l3vpn
)
1051 srv6_l3vpn_unintern(&attr
->srv6_l3vpn
);
1054 srv6_vpn_unintern(&attr
->srv6_vpn
);
1058 * We have some show commands that let you experimentally
1059 * apply a route-map. When we apply the route-map
1060 * we are reseting values but not saving them for
1061 * posterity via intern'ing( because route-maps don't
1062 * do that) but at this point in time we need
1063 * to compare the new attr to the old and if the
1064 * routemap has changed it we need to, as Snoop Dog says,
1065 * Drop it like it's hot
1067 void bgp_attr_undup(struct attr
*new, struct attr
*old
)
1069 if (new->aspath
!= old
->aspath
)
1070 aspath_free(new->aspath
);
1072 if (new->community
!= old
->community
)
1073 community_free(&new->community
);
1075 if (new->ecommunity
!= old
->ecommunity
)
1076 ecommunity_free(&new->ecommunity
);
1078 if (new->lcommunity
!= old
->lcommunity
)
1079 lcommunity_free(&new->lcommunity
);
1082 /* Free bgp attribute and aspath. */
1083 void bgp_attr_unintern(struct attr
**pattr
)
1085 struct attr
*attr
= *pattr
;
1089 /* Decrement attribute reference. */
1094 /* If reference becomes zero then free attribute object. */
1095 if (attr
->refcnt
== 0) {
1096 ret
= hash_release(attrhash
, attr
);
1097 assert(ret
!= NULL
);
1098 XFREE(MTYPE_ATTR
, attr
);
1102 bgp_attr_unintern_sub(&tmp
);
1105 void bgp_attr_flush(struct attr
*attr
)
1107 if (attr
->aspath
&& !attr
->aspath
->refcnt
) {
1108 aspath_free(attr
->aspath
);
1109 attr
->aspath
= NULL
;
1111 if (attr
->community
&& !attr
->community
->refcnt
)
1112 community_free(&attr
->community
);
1113 if (attr
->ecommunity
&& !attr
->ecommunity
->refcnt
)
1114 ecommunity_free(&attr
->ecommunity
);
1115 if (attr
->lcommunity
&& !attr
->lcommunity
->refcnt
)
1116 lcommunity_free(&attr
->lcommunity
);
1117 if (attr
->cluster
&& !attr
->cluster
->refcnt
) {
1118 cluster_free(attr
->cluster
);
1119 attr
->cluster
= NULL
;
1121 if (attr
->transit
&& !attr
->transit
->refcnt
) {
1122 transit_free(attr
->transit
);
1123 attr
->transit
= NULL
;
1125 if (attr
->encap_subtlvs
&& !attr
->encap_subtlvs
->refcnt
) {
1126 encap_free(attr
->encap_subtlvs
);
1127 attr
->encap_subtlvs
= NULL
;
1130 if (attr
->vnc_subtlvs
&& !attr
->vnc_subtlvs
->refcnt
) {
1131 encap_free(attr
->vnc_subtlvs
);
1132 attr
->vnc_subtlvs
= NULL
;
1137 /* Implement draft-scudder-idr-optional-transitive behaviour and
1138 * avoid resetting sessions for malformed attributes which are
1139 * are partial/optional and hence where the error likely was not
1140 * introduced by the sending neighbour.
1142 static bgp_attr_parse_ret_t
1143 bgp_attr_malformed(struct bgp_attr_parser_args
*args
, uint8_t subcode
,
1146 struct peer
*const peer
= args
->peer
;
1147 const uint8_t flags
= args
->flags
;
1148 /* startp and length must be special-cased, as whether or not to
1149 * send the attribute data with the NOTIFY depends on the error,
1150 * the caller therefore signals this with the seperate length argument
1152 uint8_t *notify_datap
= (length
> 0 ? args
->startp
: NULL
);
1154 /* Only relax error handling for eBGP peers */
1155 if (peer
->sort
!= BGP_PEER_EBGP
) {
1156 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
, subcode
,
1157 notify_datap
, length
);
1158 return BGP_ATTR_PARSE_ERROR
;
1161 /* Adjust the stream getp to the end of the attribute, in case we can
1162 * still proceed but the caller hasn't read all the attribute.
1164 stream_set_getp(BGP_INPUT(peer
),
1165 (args
->startp
- STREAM_DATA(BGP_INPUT(peer
)))
1168 switch (args
->type
) {
1169 /* where an attribute is relatively inconsequential, e.g. it does not
1170 * affect route selection, and can be safely ignored, then any such
1171 * attributes which are malformed should just be ignored and the route
1172 * processed as normal.
1174 case BGP_ATTR_AS4_AGGREGATOR
:
1175 case BGP_ATTR_AGGREGATOR
:
1176 case BGP_ATTR_ATOMIC_AGGREGATE
:
1177 return BGP_ATTR_PARSE_PROCEED
;
1179 /* Core attributes, particularly ones which may influence route
1180 * selection, should be treat-as-withdraw.
1182 case BGP_ATTR_ORIGIN
:
1183 case BGP_ATTR_AS_PATH
:
1184 case BGP_ATTR_NEXT_HOP
:
1185 case BGP_ATTR_MULTI_EXIT_DISC
:
1186 case BGP_ATTR_LOCAL_PREF
:
1187 case BGP_ATTR_COMMUNITIES
:
1188 case BGP_ATTR_EXT_COMMUNITIES
:
1189 case BGP_ATTR_LARGE_COMMUNITIES
:
1190 case BGP_ATTR_ORIGINATOR_ID
:
1191 case BGP_ATTR_CLUSTER_LIST
:
1192 return BGP_ATTR_PARSE_WITHDRAW
;
1193 case BGP_ATTR_MP_REACH_NLRI
:
1194 case BGP_ATTR_MP_UNREACH_NLRI
:
1195 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
, subcode
,
1196 notify_datap
, length
);
1197 return BGP_ATTR_PARSE_ERROR
;
1200 /* Partial optional attributes that are malformed should not cause
1201 * the whole session to be reset. Instead treat it as a withdrawal
1202 * of the routes, if possible.
1204 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
)
1205 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1206 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_PARTIAL
))
1207 return BGP_ATTR_PARSE_WITHDRAW
;
1209 /* default to reset */
1210 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1213 /* Find out what is wrong with the path attribute flag bits and log the error.
1214 "Flag bits" here stand for Optional, Transitive and Partial, but not for
1215 Extended Length. Checking O/T/P bits at once implies, that the attribute
1216 being diagnosed is defined by RFC as either a "well-known" or an "optional,
1217 non-transitive" attribute. */
1219 bgp_attr_flags_diagnose(struct bgp_attr_parser_args
*args
,
1220 uint8_t desired_flags
/* how RFC says it must be */
1223 uint8_t seen
= 0, i
;
1224 uint8_t real_flags
= args
->flags
;
1225 const uint8_t attr_code
= args
->type
;
1227 desired_flags
&= ~BGP_ATTR_FLAG_EXTLEN
;
1228 real_flags
&= ~BGP_ATTR_FLAG_EXTLEN
;
1229 for (i
= 0; i
<= 2; i
++) /* O,T,P, but not E */
1230 if (CHECK_FLAG(desired_flags
, attr_flag_str
[i
].key
)
1231 != CHECK_FLAG(real_flags
, attr_flag_str
[i
].key
)) {
1232 flog_err(EC_BGP_ATTR_FLAG
,
1233 "%s attribute must%s be flagged as \"%s\"",
1234 lookup_msg(attr_str
, attr_code
, NULL
),
1235 CHECK_FLAG(desired_flags
, attr_flag_str
[i
].key
)
1238 attr_flag_str
[i
].str
);
1243 "Strange, %s called for attr %s, but no problem found with flags"
1244 " (real flags 0x%x, desired 0x%x)",
1245 __func__
, lookup_msg(attr_str
, attr_code
, NULL
),
1246 real_flags
, desired_flags
);
1250 /* Required flags for attributes. EXTLEN will be masked off when testing,
1251 * as will PARTIAL for optional+transitive attributes.
1253 const uint8_t attr_flags_values
[] = {
1254 [BGP_ATTR_ORIGIN
] = BGP_ATTR_FLAG_TRANS
,
1255 [BGP_ATTR_AS_PATH
] = BGP_ATTR_FLAG_TRANS
,
1256 [BGP_ATTR_NEXT_HOP
] = BGP_ATTR_FLAG_TRANS
,
1257 [BGP_ATTR_MULTI_EXIT_DISC
] = BGP_ATTR_FLAG_OPTIONAL
,
1258 [BGP_ATTR_LOCAL_PREF
] = BGP_ATTR_FLAG_TRANS
,
1259 [BGP_ATTR_ATOMIC_AGGREGATE
] = BGP_ATTR_FLAG_TRANS
,
1260 [BGP_ATTR_AGGREGATOR
] = BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
,
1261 [BGP_ATTR_COMMUNITIES
] = BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
,
1262 [BGP_ATTR_ORIGINATOR_ID
] = BGP_ATTR_FLAG_OPTIONAL
,
1263 [BGP_ATTR_CLUSTER_LIST
] = BGP_ATTR_FLAG_OPTIONAL
,
1264 [BGP_ATTR_MP_REACH_NLRI
] = BGP_ATTR_FLAG_OPTIONAL
,
1265 [BGP_ATTR_MP_UNREACH_NLRI
] = BGP_ATTR_FLAG_OPTIONAL
,
1266 [BGP_ATTR_EXT_COMMUNITIES
] =
1267 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1268 [BGP_ATTR_AS4_PATH
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1269 [BGP_ATTR_AS4_AGGREGATOR
] =
1270 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1271 [BGP_ATTR_PMSI_TUNNEL
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1272 [BGP_ATTR_LARGE_COMMUNITIES
] =
1273 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1274 [BGP_ATTR_PREFIX_SID
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1276 static const size_t attr_flags_values_max
= array_size(attr_flags_values
) - 1;
1278 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args
*args
)
1280 uint8_t mask
= BGP_ATTR_FLAG_EXTLEN
;
1281 const uint8_t flags
= args
->flags
;
1282 const uint8_t attr_code
= args
->type
;
1284 /* there may be attributes we don't know about */
1285 if (attr_code
> attr_flags_values_max
)
1287 if (attr_flags_values
[attr_code
] == 0)
1290 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1294 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL
, flags
)
1295 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS
, flags
)) {
1298 "%s well-known attributes must have transitive flag set (%x)",
1299 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1303 /* "For well-known attributes and for optional non-transitive
1305 * the Partial bit MUST be set to 0."
1307 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_PARTIAL
)) {
1308 if (!CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)) {
1309 flog_err(EC_BGP_ATTR_FLAG
,
1310 "%s well-known attribute "
1311 "must NOT have the partial flag set (%x)",
1312 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1315 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1316 && !CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
)) {
1317 flog_err(EC_BGP_ATTR_FLAG
,
1318 "%s optional + transitive attribute "
1319 "must NOT have the partial flag set (%x)",
1320 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1325 /* Optional transitive attributes may go through speakers that don't
1326 * reocgnise them and set the Partial bit.
1328 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1329 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
))
1330 SET_FLAG(mask
, BGP_ATTR_FLAG_PARTIAL
);
1332 if ((flags
& ~mask
) == attr_flags_values
[attr_code
])
1335 bgp_attr_flags_diagnose(args
, attr_flags_values
[attr_code
]);
1339 /* Get origin attribute of the update message. */
1340 static bgp_attr_parse_ret_t
bgp_attr_origin(struct bgp_attr_parser_args
*args
)
1342 struct peer
*const peer
= args
->peer
;
1343 struct attr
*const attr
= args
->attr
;
1344 const bgp_size_t length
= args
->length
;
1346 /* If any recognized attribute has Attribute Length that conflicts
1347 with the expected length (based on the attribute type code), then
1348 the Error Subcode is set to Attribute Length Error. The Data
1349 field contains the erroneous attribute (type, length and
1352 flog_err(EC_BGP_ATTR_LEN
,
1353 "Origin attribute length is not one %d", length
);
1354 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1358 /* Fetch origin attribute. */
1359 attr
->origin
= stream_getc(BGP_INPUT(peer
));
1361 /* If the ORIGIN attribute has an undefined value, then the Error
1362 Subcode is set to Invalid Origin Attribute. The Data field
1363 contains the unrecognized attribute (type, length and value). */
1364 if ((attr
->origin
!= BGP_ORIGIN_IGP
) && (attr
->origin
!= BGP_ORIGIN_EGP
)
1365 && (attr
->origin
!= BGP_ORIGIN_INCOMPLETE
)) {
1366 flog_err(EC_BGP_ATTR_ORIGIN
,
1367 "Origin attribute value is invalid %d", attr
->origin
);
1368 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_INVAL_ORIGIN
,
1372 /* Set oring attribute flag. */
1373 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
1378 /* Parse AS path information. This function is wrapper of
1380 static int bgp_attr_aspath(struct bgp_attr_parser_args
*args
)
1382 struct attr
*const attr
= args
->attr
;
1383 struct peer
*const peer
= args
->peer
;
1384 const bgp_size_t length
= args
->length
;
1387 * peer with AS4 => will get 4Byte ASnums
1388 * otherwise, will get 16 Bit
1390 attr
->aspath
= aspath_parse(peer
->curr
, length
,
1391 CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
));
1393 /* In case of IBGP, length will be zero. */
1394 if (!attr
->aspath
) {
1395 flog_err(EC_BGP_ATTR_MAL_AS_PATH
,
1396 "Malformed AS path from %s, length is %d", peer
->host
,
1398 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_MAL_AS_PATH
,
1402 /* Set aspath attribute flag. */
1403 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
1405 return BGP_ATTR_PARSE_PROCEED
;
1408 static bgp_attr_parse_ret_t
bgp_attr_aspath_check(struct peer
*const peer
,
1409 struct attr
*const attr
)
1411 /* These checks were part of bgp_attr_aspath, but with
1412 * as4 we should to check aspath things when
1413 * aspath synthesizing with as4_path has already taken place.
1414 * Otherwise we check ASPATH and use the synthesized thing, and that is
1416 * So do the checks later, i.e. here
1418 struct aspath
*aspath
;
1420 /* Confederation sanity check. */
1421 if ((peer
->sort
== BGP_PEER_CONFED
1422 && !aspath_left_confed_check(attr
->aspath
))
1423 || (peer
->sort
== BGP_PEER_EBGP
1424 && aspath_confed_check(attr
->aspath
))) {
1425 flog_err(EC_BGP_ATTR_MAL_AS_PATH
, "Malformed AS path from %s",
1427 return BGP_ATTR_PARSE_WITHDRAW
;
1430 /* First AS check for EBGP. */
1431 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_ENFORCE_FIRST_AS
)) {
1432 if (peer
->sort
== BGP_PEER_EBGP
1433 && !aspath_firstas_check(attr
->aspath
, peer
->as
)) {
1434 flog_err(EC_BGP_ATTR_FIRST_AS
,
1435 "%s incorrect first AS (must be %u)",
1436 peer
->host
, peer
->as
);
1437 return BGP_ATTR_PARSE_WITHDRAW
;
1441 /* local-as prepend */
1442 if (peer
->change_local_as
1443 && !CHECK_FLAG(peer
->flags
, PEER_FLAG_LOCAL_AS_NO_PREPEND
)) {
1444 aspath
= aspath_dup(attr
->aspath
);
1445 aspath
= aspath_add_seq(aspath
, peer
->change_local_as
);
1446 aspath_unintern(&attr
->aspath
);
1447 attr
->aspath
= aspath_intern(aspath
);
1450 return BGP_ATTR_PARSE_PROCEED
;
1453 /* Parse AS4 path information. This function is another wrapper of
1455 static int bgp_attr_as4_path(struct bgp_attr_parser_args
*args
,
1456 struct aspath
**as4_path
)
1458 struct peer
*const peer
= args
->peer
;
1459 struct attr
*const attr
= args
->attr
;
1460 const bgp_size_t length
= args
->length
;
1462 *as4_path
= aspath_parse(peer
->curr
, length
, 1);
1464 /* In case of IBGP, length will be zero. */
1466 flog_err(EC_BGP_ATTR_MAL_AS_PATH
,
1467 "Malformed AS4 path from %s, length is %d", peer
->host
,
1469 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_MAL_AS_PATH
,
1473 /* Set aspath attribute flag. */
1474 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
);
1476 return BGP_ATTR_PARSE_PROCEED
;
1480 * Check that the nexthop attribute is valid.
1482 bgp_attr_parse_ret_t
1483 bgp_attr_nexthop_valid(struct peer
*peer
, struct attr
*attr
)
1485 in_addr_t nexthop_h
;
1487 nexthop_h
= ntohl(attr
->nexthop
.s_addr
);
1488 if ((IPV4_NET0(nexthop_h
) || IPV4_NET127(nexthop_h
)
1489 || IPV4_CLASS_DE(nexthop_h
))
1490 && !BGP_DEBUG(allow_martians
, ALLOW_MARTIANS
)) {
1491 uint8_t data
[7]; /* type(2) + length(1) + nhop(4) */
1492 char buf
[INET_ADDRSTRLEN
];
1494 inet_ntop(AF_INET
, &attr
->nexthop
.s_addr
, buf
,
1496 flog_err(EC_BGP_ATTR_MARTIAN_NH
, "Martian nexthop %s",
1498 data
[0] = BGP_ATTR_FLAG_TRANS
;
1499 data
[1] = BGP_ATTR_NEXT_HOP
;
1500 data
[2] = BGP_ATTR_NHLEN_IPV4
;
1501 memcpy(&data
[3], &attr
->nexthop
.s_addr
, BGP_ATTR_NHLEN_IPV4
);
1502 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
1503 BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP
,
1505 return BGP_ATTR_PARSE_ERROR
;
1508 return BGP_ATTR_PARSE_PROCEED
;
1511 /* Nexthop attribute. */
1512 static bgp_attr_parse_ret_t
bgp_attr_nexthop(struct bgp_attr_parser_args
*args
)
1514 struct peer
*const peer
= args
->peer
;
1515 struct attr
*const attr
= args
->attr
;
1516 const bgp_size_t length
= args
->length
;
1518 /* Check nexthop attribute length. */
1520 flog_err(EC_BGP_ATTR_LEN
,
1521 "Nexthop attribute length isn't four [%d]", length
);
1523 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1527 attr
->nexthop
.s_addr
= stream_get_ipv4(peer
->curr
);
1528 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
1530 return BGP_ATTR_PARSE_PROCEED
;
1533 /* MED atrribute. */
1534 static bgp_attr_parse_ret_t
bgp_attr_med(struct bgp_attr_parser_args
*args
)
1536 struct peer
*const peer
= args
->peer
;
1537 struct attr
*const attr
= args
->attr
;
1538 const bgp_size_t length
= args
->length
;
1542 flog_err(EC_BGP_ATTR_LEN
,
1543 "MED attribute length isn't four [%d]", length
);
1545 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1549 attr
->med
= stream_getl(peer
->curr
);
1551 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
);
1553 return BGP_ATTR_PARSE_PROCEED
;
1556 /* Local preference attribute. */
1557 static bgp_attr_parse_ret_t
1558 bgp_attr_local_pref(struct bgp_attr_parser_args
*args
)
1560 struct peer
*const peer
= args
->peer
;
1561 struct attr
*const attr
= args
->attr
;
1562 const bgp_size_t length
= args
->length
;
1564 /* if received from an internal neighbor, it SHALL be considered
1565 * malformed if its length is not equal to 4. If malformed, the
1566 * UPDATE message SHALL be handled using the approach of "treat-as-
1569 if (peer
->sort
== BGP_PEER_IBGP
&& length
!= 4) {
1570 flog_err(EC_BGP_ATTR_LEN
,
1571 "LOCAL_PREF attribute length isn't 4 [%u]", length
);
1572 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1576 /* If it is contained in an UPDATE message that is received from an
1577 external peer, then this attribute MUST be ignored by the
1578 receiving speaker. */
1579 if (peer
->sort
== BGP_PEER_EBGP
) {
1580 stream_forward_getp(peer
->curr
, length
);
1581 return BGP_ATTR_PARSE_PROCEED
;
1584 attr
->local_pref
= stream_getl(peer
->curr
);
1586 /* Set the local-pref flag. */
1587 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
);
1589 return BGP_ATTR_PARSE_PROCEED
;
1592 /* Atomic aggregate. */
1593 static int bgp_attr_atomic(struct bgp_attr_parser_args
*args
)
1595 struct attr
*const attr
= args
->attr
;
1596 const bgp_size_t length
= args
->length
;
1600 flog_err(EC_BGP_ATTR_LEN
,
1601 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1603 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1607 /* Set atomic aggregate flag. */
1608 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
);
1610 return BGP_ATTR_PARSE_PROCEED
;
1613 /* Aggregator attribute */
1614 static int bgp_attr_aggregator(struct bgp_attr_parser_args
*args
)
1616 struct peer
*const peer
= args
->peer
;
1617 struct attr
*const attr
= args
->attr
;
1618 const bgp_size_t length
= args
->length
;
1622 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1623 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)
1624 && CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_ADV
))
1627 if (length
!= wantedlen
) {
1628 flog_err(EC_BGP_ATTR_LEN
,
1629 "AGGREGATOR attribute length isn't %u [%u]", wantedlen
,
1631 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1635 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
))
1636 attr
->aggregator_as
= stream_getl(peer
->curr
);
1638 attr
->aggregator_as
= stream_getw(peer
->curr
);
1639 attr
->aggregator_addr
.s_addr
= stream_get_ipv4(peer
->curr
);
1641 /* Set atomic aggregate flag. */
1642 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
);
1644 return BGP_ATTR_PARSE_PROCEED
;
1647 /* New Aggregator attribute */
1648 static bgp_attr_parse_ret_t
1649 bgp_attr_as4_aggregator(struct bgp_attr_parser_args
*args
,
1650 as_t
*as4_aggregator_as
,
1651 struct in_addr
*as4_aggregator_addr
)
1653 struct peer
*const peer
= args
->peer
;
1654 struct attr
*const attr
= args
->attr
;
1655 const bgp_size_t length
= args
->length
;
1658 flog_err(EC_BGP_ATTR_LEN
, "New Aggregator length is not 8 [%d]",
1660 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1664 *as4_aggregator_as
= stream_getl(peer
->curr
);
1665 as4_aggregator_addr
->s_addr
= stream_get_ipv4(peer
->curr
);
1667 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
);
1669 return BGP_ATTR_PARSE_PROCEED
;
1672 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1674 static bgp_attr_parse_ret_t
1675 bgp_attr_munge_as4_attrs(struct peer
*const peer
, struct attr
*const attr
,
1676 struct aspath
*as4_path
, as_t as4_aggregator
,
1677 struct in_addr
*as4_aggregator_addr
)
1679 int ignore_as4_path
= 0;
1680 struct aspath
*newpath
;
1682 if (!attr
->aspath
) {
1683 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1685 * checked that all well-known, mandatory attributes were
1688 * Can only be a problem with peer itself - hard error
1690 return BGP_ATTR_PARSE_ERROR
;
1693 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)) {
1694 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1696 * It is worth a warning though, because the peer really
1697 * should not send them
1699 if (BGP_DEBUG(as4
, AS4
)) {
1700 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
)))
1701 zlog_debug("[AS4] %s %s AS4_PATH", peer
->host
,
1702 "AS4 capable peer, yet it sent");
1705 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
)))
1706 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1708 "AS4 capable peer, yet it sent");
1711 return BGP_ATTR_PARSE_PROCEED
;
1714 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1715 * because that may override AS4_PATH
1717 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
))) {
1718 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
))) {
1720 * if the as_number in aggregator is not AS_TRANS,
1721 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1722 * and the Aggregator shall be taken as
1723 * info on the aggregating node, and the AS_PATH
1724 * shall be taken as the AS_PATH
1726 * the Aggregator shall be ignored and the
1727 * AS4_AGGREGATOR shall be taken as the
1728 * Aggregating node and the AS_PATH is to be
1729 * constructed "as in all other cases"
1731 if (attr
->aggregator_as
!= BGP_AS_TRANS
) {
1733 if (BGP_DEBUG(as4
, AS4
))
1735 "[AS4] %s BGP not AS4 capable peer"
1736 " send AGGREGATOR != AS_TRANS and"
1737 " AS4_AGGREGATOR, so ignore"
1738 " AS4_AGGREGATOR and AS4_PATH",
1740 ignore_as4_path
= 1;
1742 /* "New_aggregator shall be taken as aggregator"
1744 attr
->aggregator_as
= as4_aggregator
;
1745 attr
->aggregator_addr
.s_addr
=
1746 as4_aggregator_addr
->s_addr
;
1749 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1750 * That is bogus - but reading the conditions
1751 * we have to handle AS4_AGGREGATOR as if it were
1752 * AGGREGATOR in that case
1754 if (BGP_DEBUG(as4
, AS4
))
1756 "[AS4] %s BGP not AS4 capable peer send"
1757 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1758 " it as if AGGREGATOR with AS_TRANS had been there",
1760 attr
->aggregator_as
= as4_aggregator
;
1761 /* sweep it under the carpet and simulate a "good"
1763 attr
->flag
|= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
));
1767 /* need to reconcile NEW_AS_PATH and AS_PATH */
1768 if (!ignore_as4_path
1769 && (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
)))) {
1770 newpath
= aspath_reconcile_as4(attr
->aspath
, as4_path
);
1772 return BGP_ATTR_PARSE_ERROR
;
1774 aspath_unintern(&attr
->aspath
);
1775 attr
->aspath
= aspath_intern(newpath
);
1777 return BGP_ATTR_PARSE_PROCEED
;
1780 /* Community attribute. */
1781 static bgp_attr_parse_ret_t
1782 bgp_attr_community(struct bgp_attr_parser_args
*args
)
1784 struct peer
*const peer
= args
->peer
;
1785 struct attr
*const attr
= args
->attr
;
1786 const bgp_size_t length
= args
->length
;
1789 attr
->community
= NULL
;
1790 return BGP_ATTR_PARSE_PROCEED
;
1794 community_parse((uint32_t *)stream_pnt(peer
->curr
), length
);
1796 /* XXX: fix community_parse to use stream API and remove this */
1797 stream_forward_getp(peer
->curr
, length
);
1799 /* The Community attribute SHALL be considered malformed if its
1800 * length is not a non-zero multiple of 4.
1802 if (!attr
->community
)
1803 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1806 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
);
1808 return BGP_ATTR_PARSE_PROCEED
;
1811 /* Originator ID attribute. */
1812 static bgp_attr_parse_ret_t
1813 bgp_attr_originator_id(struct bgp_attr_parser_args
*args
)
1815 struct peer
*const peer
= args
->peer
;
1816 struct attr
*const attr
= args
->attr
;
1817 const bgp_size_t length
= args
->length
;
1819 /* if received from an internal neighbor, it SHALL be considered
1820 * malformed if its length is not equal to 4. If malformed, the
1821 * UPDATE message SHALL be handled using the approach of "treat-as-
1825 flog_err(EC_BGP_ATTR_LEN
, "Bad originator ID length %d",
1828 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1832 attr
->originator_id
.s_addr
= stream_get_ipv4(peer
->curr
);
1834 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
);
1836 return BGP_ATTR_PARSE_PROCEED
;
1839 /* Cluster list attribute. */
1840 static bgp_attr_parse_ret_t
1841 bgp_attr_cluster_list(struct bgp_attr_parser_args
*args
)
1843 struct peer
*const peer
= args
->peer
;
1844 struct attr
*const attr
= args
->attr
;
1845 const bgp_size_t length
= args
->length
;
1847 /* if received from an internal neighbor, it SHALL be considered
1848 * malformed if its length is not a non-zero multiple of 4. If
1849 * malformed, the UPDATE message SHALL be handled using the approach
1850 * of "treat-as-withdraw".
1853 flog_err(EC_BGP_ATTR_LEN
, "Bad cluster list length %d", length
);
1855 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1860 cluster_parse((struct in_addr
*)stream_pnt(peer
->curr
), length
);
1862 /* XXX: Fix cluster_parse to use stream API and then remove this */
1863 stream_forward_getp(peer
->curr
, length
);
1865 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST
);
1867 return BGP_ATTR_PARSE_PROCEED
;
1870 /* Multiprotocol reachability information parse. */
1871 int bgp_mp_reach_parse(struct bgp_attr_parser_args
*args
,
1872 struct bgp_nlri
*mp_update
)
1876 iana_safi_t pkt_safi
;
1878 bgp_size_t nlri_len
;
1881 struct peer
*const peer
= args
->peer
;
1882 struct attr
*const attr
= args
->attr
;
1883 const bgp_size_t length
= args
->length
;
1885 /* Set end of packet. */
1886 s
= BGP_INPUT(peer
);
1887 start
= stream_get_getp(s
);
1889 /* safe to read statically sized header? */
1890 #define BGP_MP_REACH_MIN_SIZE 5
1891 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1892 if ((length
> STREAM_READABLE(s
)) || (length
< BGP_MP_REACH_MIN_SIZE
)) {
1893 zlog_info("%s: %s sent invalid length, %lu, of MP_REACH_NLRI",
1894 __func__
, peer
->host
, (unsigned long)length
);
1895 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1898 /* Load AFI, SAFI. */
1899 pkt_afi
= stream_getw(s
);
1900 pkt_safi
= stream_getc(s
);
1902 /* Convert AFI, SAFI to internal values, check. */
1903 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
1904 /* Log if AFI or SAFI is unrecognized. This is not an error
1906 * the attribute is otherwise malformed.
1908 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
1910 "%s sent unrecognizable AFI, %s or, SAFI, %s, of MP_REACH_NLRI",
1911 peer
->host
, iana_afi2str(pkt_afi
),
1912 iana_safi2str(pkt_safi
));
1913 return BGP_ATTR_PARSE_ERROR
;
1916 /* Get nexthop length. */
1917 attr
->mp_nexthop_len
= stream_getc(s
);
1919 if (LEN_LEFT
< attr
->mp_nexthop_len
) {
1921 "%s: %s sent next-hop length, %u, in MP_REACH_NLRI which goes past the end of attribute",
1922 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1923 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1926 /* Nexthop length check. */
1927 switch (attr
->mp_nexthop_len
) {
1929 if (safi
!= SAFI_FLOWSPEC
) {
1930 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1931 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1932 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1935 case BGP_ATTR_NHLEN_VPNV4
:
1936 stream_getl(s
); /* RD high */
1937 stream_getl(s
); /* RD low */
1939 * NOTE: intentional fall through
1940 * - for consistency in rx processing
1942 * The following comment is to signal GCC this intention
1943 * and suppress the warning
1946 case BGP_ATTR_NHLEN_IPV4
:
1947 stream_get(&attr
->mp_nexthop_global_in
, s
, IPV4_MAX_BYTELEN
);
1948 /* Probably needed for RFC 2283 */
1949 if (attr
->nexthop
.s_addr
== 0)
1950 memcpy(&attr
->nexthop
.s_addr
,
1951 &attr
->mp_nexthop_global_in
, IPV4_MAX_BYTELEN
);
1953 case BGP_ATTR_NHLEN_IPV6_GLOBAL
:
1954 case BGP_ATTR_NHLEN_VPNV6_GLOBAL
:
1955 if (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_VPNV6_GLOBAL
) {
1956 stream_getl(s
); /* RD high */
1957 stream_getl(s
); /* RD low */
1959 stream_get(&attr
->mp_nexthop_global
, s
, IPV6_MAX_BYTELEN
);
1960 if (IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_global
)) {
1961 if (!peer
->nexthop
.ifp
) {
1962 zlog_warn("%s sent a v6 global attribute but address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1964 return BGP_ATTR_PARSE_WITHDRAW
;
1966 attr
->nh_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1969 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
:
1970 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
:
1971 if (attr
->mp_nexthop_len
1972 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
) {
1973 stream_getl(s
); /* RD high */
1974 stream_getl(s
); /* RD low */
1976 stream_get(&attr
->mp_nexthop_global
, s
, IPV6_MAX_BYTELEN
);
1977 if (IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_global
)) {
1978 if (!peer
->nexthop
.ifp
) {
1979 zlog_warn("%s sent a v6 global and LL attribute but global address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1981 return BGP_ATTR_PARSE_WITHDRAW
;
1983 attr
->nh_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1985 if (attr
->mp_nexthop_len
1986 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
) {
1987 stream_getl(s
); /* RD high */
1988 stream_getl(s
); /* RD low */
1990 stream_get(&attr
->mp_nexthop_local
, s
, IPV6_MAX_BYTELEN
);
1991 if (!IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_local
)) {
1992 char buf1
[INET6_ADDRSTRLEN
];
1993 char buf2
[INET6_ADDRSTRLEN
];
1995 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
1997 "%s sent next-hops %s and %s. Ignoring non-LL value",
2000 &attr
->mp_nexthop_global
,
2001 buf1
, INET6_ADDRSTRLEN
),
2003 &attr
->mp_nexthop_local
, buf2
,
2006 attr
->mp_nexthop_len
= IPV6_MAX_BYTELEN
;
2008 if (!peer
->nexthop
.ifp
) {
2009 zlog_warn("%s sent a v6 LL next-hop and there's no peer interface information. Hence, withdrawing",
2011 return BGP_ATTR_PARSE_WITHDRAW
;
2013 attr
->nh_lla_ifindex
= peer
->nexthop
.ifp
->ifindex
;
2016 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
2017 __func__
, peer
->host
, attr
->mp_nexthop_len
);
2018 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
2022 zlog_info("%s: %s sent SNPA which couldn't be read",
2023 __func__
, peer
->host
);
2024 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
2029 if ((val
= stream_getc(s
)))
2031 EC_BGP_DEFUNCT_SNPA_LEN
,
2032 "%s sent non-zero value, %u, for defunct SNPA-length field",
2036 /* must have nrli_len, what is left of the attribute */
2037 nlri_len
= LEN_LEFT
;
2038 if (nlri_len
> STREAM_READABLE(s
)) {
2039 zlog_info("%s: %s sent MP_REACH_NLRI which couldn't be read",
2040 __func__
, peer
->host
);
2041 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
2045 zlog_info("%s: %s sent a zero-length NLRI. Hence, treating as a EOR marker",
2046 __func__
, peer
->host
);
2048 mp_update
->afi
= afi
;
2049 mp_update
->safi
= safi
;
2050 return BGP_ATTR_PARSE_EOR
;
2053 mp_update
->afi
= afi
;
2054 mp_update
->safi
= safi
;
2055 mp_update
->nlri
= stream_pnt(s
);
2056 mp_update
->length
= nlri_len
;
2058 stream_forward_getp(s
, nlri_len
);
2060 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
);
2062 return BGP_ATTR_PARSE_PROCEED
;
2066 /* Multiprotocol unreachable parse */
2067 int bgp_mp_unreach_parse(struct bgp_attr_parser_args
*args
,
2068 struct bgp_nlri
*mp_withdraw
)
2073 iana_safi_t pkt_safi
;
2075 uint16_t withdraw_len
;
2076 struct peer
*const peer
= args
->peer
;
2077 struct attr
*const attr
= args
->attr
;
2078 const bgp_size_t length
= args
->length
;
2082 #define BGP_MP_UNREACH_MIN_SIZE 3
2083 if ((length
> STREAM_READABLE(s
)) || (length
< BGP_MP_UNREACH_MIN_SIZE
))
2084 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
2086 pkt_afi
= stream_getw(s
);
2087 pkt_safi
= stream_getc(s
);
2089 /* Convert AFI, SAFI to internal values, check. */
2090 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
2091 /* Log if AFI or SAFI is unrecognized. This is not an error
2093 * the attribute is otherwise malformed.
2095 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
2097 "%s: MP_UNREACH received AFI %s or SAFI %s is unrecognized",
2098 peer
->host
, iana_afi2str(pkt_afi
),
2099 iana_safi2str(pkt_safi
));
2100 return BGP_ATTR_PARSE_ERROR
;
2103 withdraw_len
= length
- BGP_MP_UNREACH_MIN_SIZE
;
2105 mp_withdraw
->afi
= afi
;
2106 mp_withdraw
->safi
= safi
;
2107 mp_withdraw
->nlri
= stream_pnt(s
);
2108 mp_withdraw
->length
= withdraw_len
;
2110 stream_forward_getp(s
, withdraw_len
);
2112 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
);
2114 return BGP_ATTR_PARSE_PROCEED
;
2117 /* Large Community attribute. */
2118 static bgp_attr_parse_ret_t
2119 bgp_attr_large_community(struct bgp_attr_parser_args
*args
)
2121 struct peer
*const peer
= args
->peer
;
2122 struct attr
*const attr
= args
->attr
;
2123 const bgp_size_t length
= args
->length
;
2126 * Large community follows new attribute format.
2129 attr
->lcommunity
= NULL
;
2130 /* Empty extcomm doesn't seem to be invalid per se */
2131 return BGP_ATTR_PARSE_PROCEED
;
2135 lcommunity_parse((uint8_t *)stream_pnt(peer
->curr
), length
);
2136 /* XXX: fix ecommunity_parse to use stream API */
2137 stream_forward_getp(peer
->curr
, length
);
2139 if (!attr
->lcommunity
)
2140 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2143 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
);
2145 return BGP_ATTR_PARSE_PROCEED
;
2148 /* Extended Community attribute. */
2149 static bgp_attr_parse_ret_t
2150 bgp_attr_ext_communities(struct bgp_attr_parser_args
*args
)
2152 struct peer
*const peer
= args
->peer
;
2153 struct attr
*const attr
= args
->attr
;
2154 const bgp_size_t length
= args
->length
;
2158 attr
->ecommunity
= NULL
;
2159 /* Empty extcomm doesn't seem to be invalid per se */
2160 return BGP_ATTR_PARSE_PROCEED
;
2164 ecommunity_parse((uint8_t *)stream_pnt(peer
->curr
), length
);
2165 /* XXX: fix ecommunity_parse to use stream API */
2166 stream_forward_getp(peer
->curr
, length
);
2168 /* The Extended Community attribute SHALL be considered malformed if
2169 * its length is not a non-zero multiple of 8.
2171 if (!attr
->ecommunity
)
2172 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2175 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
);
2177 /* Extract MAC mobility sequence number, if any. */
2178 attr
->mm_seqnum
= bgp_attr_mac_mobility_seqnum(attr
, &sticky
);
2179 attr
->sticky
= sticky
;
2181 /* Check if this is a Gateway MAC-IP advertisement */
2182 attr
->default_gw
= bgp_attr_default_gw(attr
);
2184 /* Handle scenario where router flag ecommunity is not
2185 * set but default gw ext community is present.
2186 * Use default gateway, set and propogate R-bit.
2188 if (attr
->default_gw
)
2189 attr
->router_flag
= 1;
2191 /* Check EVPN Neighbor advertisement flags, R-bit */
2192 bgp_attr_evpn_na_flag(attr
, &attr
->router_flag
);
2194 /* Extract the Rmac, if any */
2195 if (bgp_attr_rmac(attr
, &attr
->rmac
)) {
2196 if (bgp_debug_update(peer
, NULL
, NULL
, 1) &&
2197 bgp_mac_exist(&attr
->rmac
)) {
2198 char buf1
[ETHER_ADDR_STRLEN
];
2200 zlog_debug("%s: router mac %s is self mac",
2202 prefix_mac2str(&attr
->rmac
, buf1
,
2208 /* Get the tunnel type from encap extended community */
2209 bgp_attr_extcom_tunnel_type(attr
,
2210 (bgp_encap_types
*)&attr
->encap_tunneltype
);
2212 return BGP_ATTR_PARSE_PROCEED
;
2215 /* Parse Tunnel Encap attribute in an UPDATE */
2216 static int bgp_attr_encap(uint8_t type
, struct peer
*peer
, /* IN */
2217 bgp_size_t length
, /* IN: attr's length field */
2218 struct attr
*attr
, /* IN: caller already allocated */
2219 uint8_t flag
, /* IN: attr's flags field */
2223 uint16_t tunneltype
= 0;
2225 total
= length
+ (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
) ? 4 : 3);
2227 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_TRANS
)
2228 || !CHECK_FLAG(flag
, BGP_ATTR_FLAG_OPTIONAL
)) {
2230 "Tunnel Encap attribute flag isn't optional and transitive %d",
2232 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2233 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR
,
2238 if (BGP_ATTR_ENCAP
== type
) {
2239 /* read outer TLV type and length */
2240 uint16_t tlv_length
;
2244 "Tunnel Encap attribute not long enough to contain outer T,L");
2245 bgp_notify_send_with_data(
2246 peer
, BGP_NOTIFY_UPDATE_ERR
,
2247 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
, startp
, total
);
2250 tunneltype
= stream_getw(BGP_INPUT(peer
));
2251 tlv_length
= stream_getw(BGP_INPUT(peer
));
2254 if (tlv_length
!= length
) {
2255 zlog_info("%s: tlv_length(%d) != length(%d)",
2256 __func__
, tlv_length
, length
);
2260 while (length
>= 4) {
2261 uint16_t subtype
= 0;
2262 uint16_t sublength
= 0;
2263 struct bgp_attr_encap_subtlv
*tlv
;
2265 if (BGP_ATTR_ENCAP
== type
) {
2266 subtype
= stream_getc(BGP_INPUT(peer
));
2267 sublength
= stream_getc(BGP_INPUT(peer
));
2271 subtype
= stream_getw(BGP_INPUT(peer
));
2272 sublength
= stream_getw(BGP_INPUT(peer
));
2277 if (sublength
> length
) {
2279 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2281 bgp_notify_send_with_data(
2282 peer
, BGP_NOTIFY_UPDATE_ERR
,
2283 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
, startp
, total
);
2287 /* alloc and copy sub-tlv */
2288 /* TBD make sure these are freed when attributes are released */
2289 tlv
= XCALLOC(MTYPE_ENCAP_TLV
,
2290 sizeof(struct bgp_attr_encap_subtlv
) + sublength
);
2291 tlv
->type
= subtype
;
2292 tlv
->length
= sublength
;
2293 stream_get(tlv
->value
, peer
->curr
, sublength
);
2294 length
-= sublength
;
2296 /* attach tlv to encap chain */
2297 if (BGP_ATTR_ENCAP
== type
) {
2298 struct bgp_attr_encap_subtlv
*stlv_last
;
2299 for (stlv_last
= attr
->encap_subtlvs
;
2300 stlv_last
&& stlv_last
->next
;
2301 stlv_last
= stlv_last
->next
)
2304 stlv_last
->next
= tlv
;
2306 attr
->encap_subtlvs
= tlv
;
2310 struct bgp_attr_encap_subtlv
*stlv_last
;
2311 for (stlv_last
= attr
->vnc_subtlvs
;
2312 stlv_last
&& stlv_last
->next
;
2313 stlv_last
= stlv_last
->next
)
2316 stlv_last
->next
= tlv
;
2318 attr
->vnc_subtlvs
= tlv
;
2324 if (BGP_ATTR_ENCAP
== type
) {
2325 attr
->encap_tunneltype
= tunneltype
;
2329 /* spurious leftover data */
2331 "Tunnel Encap attribute length is bad: %d leftover octets",
2333 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2334 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2343 * Read an individual SID value returning how much data we have read
2344 * Returns 0 if there was an error that needs to be passed up the stack
2346 static bgp_attr_parse_ret_t
bgp_attr_psid_sub(uint8_t type
, uint16_t length
,
2347 struct bgp_attr_parser_args
*args
,
2348 struct bgp_nlri
*mp_update
)
2350 struct peer
*const peer
= args
->peer
;
2351 struct attr
*const attr
= args
->attr
;
2352 uint32_t label_index
;
2353 struct in6_addr ipv6_sid
;
2355 uint32_t srgb_range
;
2357 uint8_t sid_type
, sid_flags
;
2358 uint16_t endpoint_behavior
;
2361 if (type
== BGP_PREFIX_SID_LABEL_INDEX
) {
2362 if (STREAM_READABLE(peer
->curr
) < length
2363 || length
!= BGP_PREFIX_SID_LABEL_INDEX_LENGTH
) {
2364 flog_err(EC_BGP_ATTR_LEN
,
2365 "Prefix SID label index length is %" PRIu16
2367 length
, BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
2368 return bgp_attr_malformed(args
,
2369 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2373 /* Ignore flags and reserved */
2374 stream_getc(peer
->curr
);
2375 stream_getw(peer
->curr
);
2377 /* Fetch the label index and see if it is valid. */
2378 label_index
= stream_getl(peer
->curr
);
2379 if (label_index
== BGP_INVALID_LABEL_INDEX
)
2380 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2383 /* Store label index; subsequently, we'll check on
2385 attr
->label_index
= label_index
;
2388 * Ignore the Label index attribute unless received for
2392 if (!mp_update
->length
2393 || mp_update
->safi
!= SAFI_LABELED_UNICAST
)
2394 attr
->label_index
= BGP_INVALID_LABEL_INDEX
;
2397 /* Placeholder code for the IPv6 SID type */
2398 else if (type
== BGP_PREFIX_SID_IPV6
) {
2399 if (STREAM_READABLE(peer
->curr
) < length
2400 || length
!= BGP_PREFIX_SID_IPV6_LENGTH
) {
2401 flog_err(EC_BGP_ATTR_LEN
,
2402 "Prefix SID IPv6 length is %" PRIu16
2404 length
, BGP_PREFIX_SID_IPV6_LENGTH
);
2405 return bgp_attr_malformed(args
,
2406 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2410 /* Ignore reserved */
2411 stream_getc(peer
->curr
);
2412 stream_getw(peer
->curr
);
2414 stream_get(&ipv6_sid
, peer
->curr
, 16);
2417 /* Placeholder code for the Originator SRGB type */
2418 else if (type
== BGP_PREFIX_SID_ORIGINATOR_SRGB
) {
2420 * ietf-idr-bgp-prefix-sid-05:
2421 * Length is the total length of the value portion of the
2422 * TLV: 2 + multiple of 6.
2424 * peer->curr stream readp should be at the beginning of the 16
2425 * bit flag field at this point in the code.
2429 * Check that the TLV length field is sane: at least 2 bytes of
2430 * flag, and at least 1 SRGB (these are 6 bytes each)
2432 if (length
< (2 + BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
)) {
2435 "Prefix SID Originator SRGB length field claims length of %" PRIu16
" bytes, but the minimum for this TLV type is %u",
2437 2 + BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
);
2438 return bgp_attr_malformed(
2439 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2444 * Check that we actually have at least as much data as
2445 * specified by the length field
2447 if (STREAM_READABLE(peer
->curr
) < length
) {
2448 flog_err(EC_BGP_ATTR_LEN
,
2449 "Prefix SID Originator SRGB specifies length %" PRIu16
", but only %zu bytes remain",
2450 length
, STREAM_READABLE(peer
->curr
));
2451 return bgp_attr_malformed(
2452 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2457 * Check that the portion of the TLV containing the sequence of
2458 * SRGBs corresponds to a multiple of the SRGB size; to get
2459 * that length, we skip the 16 bit flags field
2461 stream_getw(peer
->curr
);
2463 if (length
% BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
) {
2466 "Prefix SID Originator SRGB length field claims attribute SRGB sequence section is %" PRIu16
"bytes, but it must be a multiple of %u",
2467 length
, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
);
2468 return bgp_attr_malformed(
2469 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2473 srgb_count
= length
/ BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
;
2475 for (int i
= 0; i
< srgb_count
; i
++) {
2476 stream_get(&srgb_base
, peer
->curr
, 3);
2477 stream_get(&srgb_range
, peer
->curr
, 3);
2481 /* Placeholder code for the VPN-SID Service type */
2482 else if (type
== BGP_PREFIX_SID_VPN_SID
) {
2483 if (STREAM_READABLE(peer
->curr
) < length
2484 || length
!= BGP_PREFIX_SID_VPN_SID_LENGTH
) {
2485 flog_err(EC_BGP_ATTR_LEN
,
2486 "Prefix SID VPN SID length is %" PRIu16
2488 length
, BGP_PREFIX_SID_VPN_SID_LENGTH
);
2489 return bgp_attr_malformed(args
,
2490 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2494 /* Parse VPN-SID Sub-TLV */
2495 stream_getc(peer
->curr
); /* reserved */
2496 sid_type
= stream_getc(peer
->curr
); /* sid_type */
2497 sid_flags
= stream_getc(peer
->curr
); /* sid_flags */
2498 stream_get(&ipv6_sid
, peer
->curr
,
2499 sizeof(ipv6_sid
)); /* sid_value */
2501 /* Log VPN-SID Sub-TLV */
2502 if (BGP_DEBUG(vpn
, VPN_LEAK_LABEL
)) {
2503 inet_ntop(AF_INET6
, &ipv6_sid
, buf
, sizeof(buf
));
2505 "%s: vpn-sid: sid %s, sid-type 0x%02x sid-flags 0x%02x",
2506 __func__
, buf
, sid_type
, sid_flags
);
2509 /* Configure from Info */
2510 attr
->srv6_vpn
= XMALLOC(MTYPE_BGP_SRV6_VPN
,
2511 sizeof(struct bgp_attr_srv6_vpn
));
2512 attr
->srv6_vpn
->refcnt
= 0;
2513 attr
->srv6_vpn
->sid_flags
= sid_flags
;
2514 sid_copy(&attr
->srv6_vpn
->sid
, &ipv6_sid
);
2517 /* Placeholder code for the SRv6 L3 Service type */
2518 else if (type
== BGP_PREFIX_SID_SRV6_L3_SERVICE
) {
2519 if (STREAM_READABLE(peer
->curr
) < length
2520 || length
!= BGP_PREFIX_SID_SRV6_L3_SERVICE_LENGTH
) {
2521 flog_err(EC_BGP_ATTR_LEN
,
2522 "Prefix SID SRv6 L3-Service length is %" PRIu16
2524 length
, BGP_PREFIX_SID_SRV6_L3_SERVICE_LENGTH
);
2525 return bgp_attr_malformed(args
,
2526 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2530 /* Parse L3-SERVICE Sub-TLV */
2531 stream_getc(peer
->curr
); /* reserved */
2532 stream_get(&ipv6_sid
, peer
->curr
,
2533 sizeof(ipv6_sid
)); /* sid_value */
2534 sid_flags
= stream_getc(peer
->curr
); /* sid_flags */
2535 endpoint_behavior
= stream_getw(peer
->curr
); /* endpoint */
2536 stream_getc(peer
->curr
); /* reserved */
2538 /* Log L3-SERVICE Sub-TLV */
2539 if (BGP_DEBUG(vpn
, VPN_LEAK_LABEL
)) {
2540 inet_ntop(AF_INET6
, &ipv6_sid
, buf
, sizeof(buf
));
2542 "%s: srv6-l3-srv sid %s, sid-flags 0x%02x, end-behaviour 0x%04x",
2543 __func__
, buf
, sid_flags
, endpoint_behavior
);
2546 /* Configure from Info */
2547 attr
->srv6_l3vpn
= XMALLOC(MTYPE_BGP_SRV6_L3VPN
,
2548 sizeof(struct bgp_attr_srv6_l3vpn
));
2549 attr
->srv6_l3vpn
->sid_flags
= sid_flags
;
2550 attr
->srv6_l3vpn
->endpoint_behavior
= endpoint_behavior
;
2551 sid_copy(&attr
->srv6_l3vpn
->sid
, &ipv6_sid
);
2554 /* Placeholder code for Unsupported TLV */
2557 if (STREAM_READABLE(peer
->curr
) < length
) {
2560 "Prefix SID SRv6 length is %" PRIu16
2561 " - too long, only %zu remaining in this UPDATE",
2562 length
, STREAM_READABLE(peer
->curr
));
2563 return bgp_attr_malformed(
2564 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2568 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
2570 "%s attr Prefix-SID sub-type=%u is not supported, skipped",
2573 stream_forward_getp(peer
->curr
, length
);
2576 return BGP_ATTR_PARSE_PROCEED
;
2579 /* Prefix SID attribute
2580 * draft-ietf-idr-bgp-prefix-sid-05
2582 bgp_attr_parse_ret_t
bgp_attr_prefix_sid(struct bgp_attr_parser_args
*args
,
2583 struct bgp_nlri
*mp_update
)
2585 struct peer
*const peer
= args
->peer
;
2586 struct attr
*const attr
= args
->attr
;
2587 bgp_attr_parse_ret_t ret
;
2589 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
);
2593 size_t headersz
= sizeof(type
) + sizeof(length
);
2595 while (STREAM_READABLE(peer
->curr
) > 0) {
2597 if (STREAM_READABLE(peer
->curr
) < headersz
) {
2600 "Malformed Prefix SID attribute - insufficent data (need %zu for attribute header, have %zu remaining in UPDATE)",
2601 headersz
, STREAM_READABLE(peer
->curr
));
2602 return bgp_attr_malformed(
2603 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2607 type
= stream_getc(peer
->curr
);
2608 length
= stream_getw(peer
->curr
);
2610 if (STREAM_READABLE(peer
->curr
) < length
) {
2613 "Malformed Prefix SID attribute - insufficient data (need %" PRIu8
2614 " for attribute body, have %zu remaining in UPDATE)",
2615 length
, STREAM_READABLE(peer
->curr
));
2616 return bgp_attr_malformed(args
,
2617 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2621 ret
= bgp_attr_psid_sub(type
, length
, args
, mp_update
);
2623 if (ret
!= BGP_ATTR_PARSE_PROCEED
)
2627 return BGP_ATTR_PARSE_PROCEED
;
2630 /* PMSI tunnel attribute (RFC 6514)
2631 * Basic validation checks done here.
2633 static bgp_attr_parse_ret_t
2634 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args
*args
)
2636 struct peer
*const peer
= args
->peer
;
2637 struct attr
*const attr
= args
->attr
;
2638 const bgp_size_t length
= args
->length
;
2640 int attr_parse_len
= 2 + BGP_LABEL_BYTES
;
2642 /* Verify that the receiver is expecting "ingress replication" as we
2643 * can only support that.
2645 if (length
< attr_parse_len
) {
2646 flog_err(EC_BGP_ATTR_LEN
, "Bad PMSI tunnel attribute length %d",
2648 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2651 stream_getc(peer
->curr
); /* Flags */
2652 tnl_type
= stream_getc(peer
->curr
);
2653 if (tnl_type
> PMSI_TNLTYPE_MAX
) {
2654 flog_err(EC_BGP_ATTR_PMSI_TYPE
,
2655 "Invalid PMSI tunnel attribute type %d", tnl_type
);
2656 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2659 if (tnl_type
== PMSI_TNLTYPE_INGR_REPL
) {
2661 flog_err(EC_BGP_ATTR_PMSI_LEN
,
2662 "Bad PMSI tunnel attribute length %d for IR",
2664 return bgp_attr_malformed(
2665 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2670 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL
);
2671 attr
->pmsi_tnl_type
= tnl_type
;
2672 stream_get(&attr
->label
, peer
->curr
, BGP_LABEL_BYTES
);
2674 /* Forward read pointer of input stream. */
2675 stream_forward_getp(peer
->curr
, length
- attr_parse_len
);
2677 return BGP_ATTR_PARSE_PROCEED
;
2680 /* BGP unknown attribute treatment. */
2681 static bgp_attr_parse_ret_t
bgp_attr_unknown(struct bgp_attr_parser_args
*args
)
2683 bgp_size_t total
= args
->total
;
2684 struct transit
*transit
;
2685 struct peer
*const peer
= args
->peer
;
2686 struct attr
*const attr
= args
->attr
;
2687 uint8_t *const startp
= args
->startp
;
2688 const uint8_t type
= args
->type
;
2689 const uint8_t flag
= args
->flags
;
2690 const bgp_size_t length
= args
->length
;
2692 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
2694 "%s Unknown attribute is received (type %d, length %d)",
2695 peer
->host
, type
, length
);
2697 /* Forward read pointer of input stream. */
2698 stream_forward_getp(peer
->curr
, length
);
2700 /* If any of the mandatory well-known attributes are not recognized,
2701 then the Error Subcode is set to Unrecognized Well-known
2702 Attribute. The Data field contains the unrecognized attribute
2703 (type, length and value). */
2704 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_OPTIONAL
)) {
2705 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_UNREC_ATTR
,
2709 /* Unrecognized non-transitive optional attributes must be quietly
2710 ignored and not passed along to other BGP peers. */
2711 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_TRANS
))
2712 return BGP_ATTR_PARSE_PROCEED
;
2714 /* If a path with recognized transitive optional attribute is
2715 accepted and passed along to other BGP peers and the Partial bit
2716 in the Attribute Flags octet is set to 1 by some previous AS, it
2717 is not set back to 0 by the current AS. */
2718 SET_FLAG(*startp
, BGP_ATTR_FLAG_PARTIAL
);
2720 /* Store transitive attribute to the end of attr->transit. */
2722 attr
->transit
= XCALLOC(MTYPE_TRANSIT
, sizeof(struct transit
));
2724 transit
= attr
->transit
;
2727 transit
->val
= XREALLOC(MTYPE_TRANSIT_VAL
, transit
->val
,
2728 transit
->length
+ total
);
2730 transit
->val
= XMALLOC(MTYPE_TRANSIT_VAL
, total
);
2732 memcpy(transit
->val
+ transit
->length
, startp
, total
);
2733 transit
->length
+= total
;
2735 return BGP_ATTR_PARSE_PROCEED
;
2738 /* Well-known attribute check. */
2739 static int bgp_attr_check(struct peer
*peer
, struct attr
*attr
)
2743 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2745 if (CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
) && !attr
->flag
)
2746 return BGP_ATTR_PARSE_PROCEED
;
2748 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2749 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2750 are present, it should. Check for any other attribute being present
2753 if ((!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
)) &&
2754 CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
))))
2755 return BGP_ATTR_PARSE_PROCEED
;
2757 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
)))
2758 type
= BGP_ATTR_ORIGIN
;
2760 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
)))
2761 type
= BGP_ATTR_AS_PATH
;
2763 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2765 * NLRI is empty. We can't easily check NLRI empty here though.
2767 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
))
2768 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
)))
2769 type
= BGP_ATTR_NEXT_HOP
;
2771 if (peer
->sort
== BGP_PEER_IBGP
2772 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
)))
2773 type
= BGP_ATTR_LOCAL_PREF
;
2775 /* If any of the well-known mandatory attributes are not present
2776 * in an UPDATE message, then "treat-as-withdraw" MUST be used.
2779 flog_warn(EC_BGP_MISSING_ATTRIBUTE
,
2780 "%s Missing well-known attribute %s.", peer
->host
,
2781 lookup_msg(attr_str
, type
, NULL
));
2782 return BGP_ATTR_PARSE_WITHDRAW
;
2784 return BGP_ATTR_PARSE_PROCEED
;
2787 /* Read attribute of update packet. This function is called from
2788 bgp_update_receive() in bgp_packet.c. */
2789 bgp_attr_parse_ret_t
bgp_attr_parse(struct peer
*peer
, struct attr
*attr
,
2790 bgp_size_t size
, struct bgp_nlri
*mp_update
,
2791 struct bgp_nlri
*mp_withdraw
)
2793 bgp_attr_parse_ret_t ret
;
2797 uint8_t *startp
, *endp
;
2799 uint8_t seen
[BGP_ATTR_BITMAP_SIZE
];
2800 /* we need the as4_path only until we have synthesized the as_path with
2802 /* same goes for as4_aggregator */
2803 struct aspath
*as4_path
= NULL
;
2804 as_t as4_aggregator
= 0;
2805 struct in_addr as4_aggregator_addr
= {.s_addr
= 0};
2807 /* Initialize bitmap. */
2808 memset(seen
, 0, BGP_ATTR_BITMAP_SIZE
);
2810 /* End pointer of BGP attribute. */
2811 endp
= BGP_INPUT_PNT(peer
) + size
;
2813 /* Get attributes to the end of attribute length. */
2814 while (BGP_INPUT_PNT(peer
) < endp
) {
2815 /* Check remaining length check.*/
2816 if (endp
- BGP_INPUT_PNT(peer
) < BGP_ATTR_MIN_LEN
) {
2817 /* XXX warning: long int format, int arg (arg 5) */
2819 EC_BGP_ATTRIBUTE_TOO_SMALL
,
2820 "%s: error BGP attribute length %lu is smaller than min len",
2822 (unsigned long)(endp
2823 - stream_pnt(BGP_INPUT(peer
))));
2825 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2826 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2827 ret
= BGP_ATTR_PARSE_ERROR
;
2831 /* Fetch attribute flag and type. */
2832 startp
= BGP_INPUT_PNT(peer
);
2833 /* "The lower-order four bits of the Attribute Flags octet are
2834 unused. They MUST be zero when sent and MUST be ignored when
2836 flag
= 0xF0 & stream_getc(BGP_INPUT(peer
));
2837 type
= stream_getc(BGP_INPUT(peer
));
2839 /* Check whether Extended-Length applies and is in bounds */
2840 if (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
)
2841 && ((endp
- startp
) < (BGP_ATTR_MIN_LEN
+ 1))) {
2843 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL
,
2844 "%s: Extended length set, but just %lu bytes of attr header",
2846 (unsigned long)(endp
2847 - stream_pnt(BGP_INPUT(peer
))));
2849 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2850 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2851 ret
= BGP_ATTR_PARSE_ERROR
;
2855 /* Check extended attribue length bit. */
2856 if (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
))
2857 length
= stream_getw(BGP_INPUT(peer
));
2859 length
= stream_getc(BGP_INPUT(peer
));
2861 /* If any attribute appears more than once in the UPDATE
2862 message, then the Error Subcode is set to Malformed Attribute
2865 if (CHECK_BITMAP(seen
, type
)) {
2867 EC_BGP_ATTRIBUTE_REPEATED
,
2868 "%s: error BGP attribute type %d appears twice in a message",
2871 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2872 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2873 ret
= BGP_ATTR_PARSE_ERROR
;
2877 /* Set type to bitmap to check duplicate attribute. `type' is
2878 unsigned char so it never overflow bitmap range. */
2880 SET_BITMAP(seen
, type
);
2882 /* Overflow check. */
2883 attr_endp
= BGP_INPUT_PNT(peer
) + length
;
2885 if (attr_endp
> endp
) {
2887 EC_BGP_ATTRIBUTE_TOO_LARGE
,
2888 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2889 peer
->host
, type
, length
, size
, attr_endp
,
2893 * If any recognized attribute has an Attribute
2894 * Length that conflicts with the expected length
2895 * (based on the attribute type code), then the
2896 * Error Subcode MUST be set to Attribute Length
2897 * Error. The Data field MUST contain the erroneous
2898 * attribute (type, length, and value).
2900 * We do not currently have a good way to determine the
2901 * length of the attribute independent of the length
2902 * received in the message. Instead we send the
2903 * minimum between the amount of data we have and the
2904 * amount specified by the attribute length field.
2906 * Instead of directly passing in the packet buffer and
2907 * offset we use the stream_get* functions to read into
2908 * a stack buffer, since they perform bounds checking
2909 * and we are working with untrusted data.
2911 unsigned char ndata
[BGP_MAX_PACKET_SIZE
];
2912 memset(ndata
, 0x00, sizeof(ndata
));
2914 CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
) ? 2 : 1;
2915 /* Rewind to end of flag field */
2916 stream_forward_getp(BGP_INPUT(peer
), -(1 + lfl
));
2918 stream_get(&ndata
[0], BGP_INPUT(peer
), 1);
2920 stream_get(&ndata
[1], BGP_INPUT(peer
), lfl
);
2922 size_t atl
= attr_endp
- startp
;
2923 size_t ndl
= MIN(atl
, STREAM_READABLE(BGP_INPUT(peer
)));
2924 stream_get(&ndata
[lfl
+ 1], BGP_INPUT(peer
), ndl
);
2926 bgp_notify_send_with_data(
2927 peer
, BGP_NOTIFY_UPDATE_ERR
,
2928 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
, ndata
,
2931 ret
= BGP_ATTR_PARSE_ERROR
;
2935 struct bgp_attr_parser_args attr_args
= {
2942 .total
= attr_endp
- startp
,
2946 /* If any recognized attribute has Attribute Flags that conflict
2947 with the Attribute Type Code, then the Error Subcode is set
2949 Attribute Flags Error. The Data field contains the erroneous
2950 attribute (type, length and value). */
2951 if (bgp_attr_flag_invalid(&attr_args
)) {
2952 ret
= bgp_attr_malformed(
2953 &attr_args
, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR
,
2955 if (ret
== BGP_ATTR_PARSE_PROCEED
)
2960 /* OK check attribute and store it's value. */
2962 case BGP_ATTR_ORIGIN
:
2963 ret
= bgp_attr_origin(&attr_args
);
2965 case BGP_ATTR_AS_PATH
:
2966 ret
= bgp_attr_aspath(&attr_args
);
2968 case BGP_ATTR_AS4_PATH
:
2969 ret
= bgp_attr_as4_path(&attr_args
, &as4_path
);
2971 case BGP_ATTR_NEXT_HOP
:
2972 ret
= bgp_attr_nexthop(&attr_args
);
2974 case BGP_ATTR_MULTI_EXIT_DISC
:
2975 ret
= bgp_attr_med(&attr_args
);
2977 case BGP_ATTR_LOCAL_PREF
:
2978 ret
= bgp_attr_local_pref(&attr_args
);
2980 case BGP_ATTR_ATOMIC_AGGREGATE
:
2981 ret
= bgp_attr_atomic(&attr_args
);
2983 case BGP_ATTR_AGGREGATOR
:
2984 ret
= bgp_attr_aggregator(&attr_args
);
2986 case BGP_ATTR_AS4_AGGREGATOR
:
2987 ret
= bgp_attr_as4_aggregator(&attr_args
,
2989 &as4_aggregator_addr
);
2991 case BGP_ATTR_COMMUNITIES
:
2992 ret
= bgp_attr_community(&attr_args
);
2994 case BGP_ATTR_LARGE_COMMUNITIES
:
2995 ret
= bgp_attr_large_community(&attr_args
);
2997 case BGP_ATTR_ORIGINATOR_ID
:
2998 ret
= bgp_attr_originator_id(&attr_args
);
3000 case BGP_ATTR_CLUSTER_LIST
:
3001 ret
= bgp_attr_cluster_list(&attr_args
);
3003 case BGP_ATTR_MP_REACH_NLRI
:
3004 ret
= bgp_mp_reach_parse(&attr_args
, mp_update
);
3006 case BGP_ATTR_MP_UNREACH_NLRI
:
3007 ret
= bgp_mp_unreach_parse(&attr_args
, mp_withdraw
);
3009 case BGP_ATTR_EXT_COMMUNITIES
:
3010 ret
= bgp_attr_ext_communities(&attr_args
);
3012 #if ENABLE_BGP_VNC_ATTR
3015 case BGP_ATTR_ENCAP
:
3016 ret
= bgp_attr_encap(type
, peer
, length
, attr
, flag
,
3019 case BGP_ATTR_PREFIX_SID
:
3020 ret
= bgp_attr_prefix_sid(&attr_args
, mp_update
);
3022 case BGP_ATTR_PMSI_TUNNEL
:
3023 ret
= bgp_attr_pmsi_tunnel(&attr_args
);
3026 ret
= bgp_attr_unknown(&attr_args
);
3030 if (ret
== BGP_ATTR_PARSE_ERROR_NOTIFYPLS
) {
3031 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
3032 BGP_NOTIFY_UPDATE_MAL_ATTR
);
3033 ret
= BGP_ATTR_PARSE_ERROR
;
3037 if (ret
== BGP_ATTR_PARSE_EOR
) {
3041 if (ret
== BGP_ATTR_PARSE_ERROR
) {
3042 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR
,
3043 "%s: Attribute %s, parse error", peer
->host
,
3044 lookup_msg(attr_str
, type
, NULL
));
3047 if (ret
== BGP_ATTR_PARSE_WITHDRAW
) {
3049 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW
,
3050 "%s: Attribute %s, parse error - treating as withdrawal",
3051 peer
->host
, lookup_msg(attr_str
, type
, NULL
));
3055 /* Check the fetched length. */
3056 if (BGP_INPUT_PNT(peer
) != attr_endp
) {
3057 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR
,
3058 "%s: BGP attribute %s, fetch error",
3059 peer
->host
, lookup_msg(attr_str
, type
, NULL
));
3060 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
3061 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
3062 ret
= BGP_ATTR_PARSE_ERROR
;
3067 /* Check final read pointer is same as end pointer. */
3068 if (BGP_INPUT_PNT(peer
) != endp
) {
3069 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH
,
3070 "%s: BGP attribute %s, length mismatch", peer
->host
,
3071 lookup_msg(attr_str
, type
, NULL
));
3072 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
3073 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
3075 ret
= BGP_ATTR_PARSE_ERROR
;
3080 * RFC4271: If the NEXT_HOP attribute field is syntactically incorrect,
3081 * then the Error Subcode MUST be set to Invalid NEXT_HOP Attribute.
3082 * This is implemented below and will result in a NOTIFICATION. If the
3083 * NEXT_HOP attribute is semantically incorrect, the error SHOULD be
3084 * logged, and the route SHOULD be ignored. In this case, a NOTIFICATION
3085 * message SHOULD NOT be sent. This is implemented elsewhere.
3087 * RFC4760: An UPDATE message that carries no NLRI, other than the one
3088 * encoded in the MP_REACH_NLRI attribute, SHOULD NOT carry the NEXT_HOP
3089 * attribute. If such a message contains the NEXT_HOP attribute, the BGP
3090 * speaker that receives the message SHOULD ignore this attribute.
3092 if (CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
))
3093 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
))) {
3094 if (bgp_attr_nexthop_valid(peer
, attr
) < 0) {
3095 ret
= BGP_ATTR_PARSE_ERROR
;
3100 /* Check all mandatory well-known attributes are present */
3101 if ((ret
= bgp_attr_check(peer
, attr
)) < 0)
3105 * At this place we can see whether we got AS4_PATH and/or
3106 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
3107 * We can not do this before we've read all attributes because
3108 * the as4 handling does not say whether AS4_PATH has to be sent
3109 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
3110 * in relationship to AGGREGATOR.
3111 * So, to be defensive, we are not relying on any order and read
3112 * all attributes first, including these 32bit ones, and now,
3113 * afterwards, we look what and if something is to be done for as4.
3115 * It is possible to not have AS_PATH, e.g. GR EoR and sole
3118 /* actually... this doesn't ever return failure currently, but
3119 * better safe than sorry */
3120 if (CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
))
3121 && bgp_attr_munge_as4_attrs(peer
, attr
, as4_path
, as4_aggregator
,
3122 &as4_aggregator_addr
)) {
3123 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
3124 BGP_NOTIFY_UPDATE_MAL_ATTR
);
3125 ret
= BGP_ATTR_PARSE_ERROR
;
3130 * Finally do the checks on the aspath we did not do yet
3131 * because we waited for a potentially synthesized aspath.
3133 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
))) {
3134 ret
= bgp_attr_aspath_check(peer
, attr
);
3135 if (ret
!= BGP_ATTR_PARSE_PROCEED
)
3139 ret
= BGP_ATTR_PARSE_PROCEED
;
3143 * At this stage, we have done all fiddling with as4, and the
3144 * resulting info is in attr->aggregator resp. attr->aspath so
3145 * we can chuck as4_aggregator and as4_path alltogether in order
3150 * unintern - it is in the hash
3151 * The flag that we got this is still there, but that
3152 * does not do any trouble
3154 aspath_unintern(&as4_path
);
3157 if (ret
!= BGP_ATTR_PARSE_ERROR
) {
3158 /* Finally intern unknown attribute. */
3160 attr
->transit
= transit_intern(attr
->transit
);
3161 if (attr
->encap_subtlvs
)
3162 attr
->encap_subtlvs
= encap_intern(attr
->encap_subtlvs
,
3165 if (attr
->vnc_subtlvs
)
3166 attr
->vnc_subtlvs
= encap_intern(attr
->vnc_subtlvs
,
3170 if (attr
->transit
) {
3171 transit_free(attr
->transit
);
3172 attr
->transit
= NULL
;
3175 bgp_attr_flush_encap(attr
);
3180 assert(attr
->transit
->refcnt
> 0);
3181 if (attr
->encap_subtlvs
)
3182 assert(attr
->encap_subtlvs
->refcnt
> 0);
3184 if (attr
->vnc_subtlvs
)
3185 assert(attr
->vnc_subtlvs
->refcnt
> 0);
3192 * Extract the tunnel type from extended community
3194 void bgp_attr_extcom_tunnel_type(struct attr
*attr
,
3195 bgp_encap_types
*tunnel_type
)
3197 struct ecommunity
*ecom
;
3202 ecom
= attr
->ecommunity
;
3203 if (!ecom
|| !ecom
->size
)
3206 for (i
= 0; i
< ecom
->size
; i
++) {
3208 uint8_t type
, sub_type
;
3210 pnt
= (ecom
->val
+ (i
* ECOMMUNITY_SIZE
));
3213 if (!(type
== ECOMMUNITY_ENCODE_OPAQUE
&&
3214 sub_type
== ECOMMUNITY_OPAQUE_SUBTYPE_ENCAP
))
3216 *tunnel_type
= ((pnt
[6] << 8) | pnt
[7]);
3223 size_t bgp_packet_mpattr_start(struct stream
*s
, struct peer
*peer
, afi_t afi
,
3224 safi_t safi
, struct bpacket_attr_vec_arr
*vecarr
,
3229 iana_safi_t pkt_safi
;
3232 /* Set extended bit always to encode the attribute length as 2 bytes */
3233 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_EXTLEN
);
3234 stream_putc(s
, BGP_ATTR_MP_REACH_NLRI
);
3235 sizep
= stream_get_endp(s
);
3236 stream_putw(s
, 0); /* Marker: Attribute length. */
3239 /* Convert AFI, SAFI to values for packet. */
3240 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
3242 stream_putw(s
, pkt_afi
); /* AFI */
3243 stream_putc(s
, pkt_safi
); /* SAFI */
3247 && (safi
== SAFI_UNICAST
|| safi
== SAFI_LABELED_UNICAST
3248 || safi
== SAFI_MPLS_VPN
|| safi
== SAFI_MULTICAST
))
3249 nh_afi
= peer_cap_enhe(peer
, afi
, safi
) ? AFI_IP6
: AFI_IP
;
3250 else if (safi
== SAFI_FLOWSPEC
)
3253 nh_afi
= BGP_NEXTHOP_AFI_FROM_NHLEN(attr
->mp_nexthop_len
);
3256 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
, attr
);
3261 case SAFI_MULTICAST
:
3262 case SAFI_LABELED_UNICAST
:
3264 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3268 stream_putl(s
, 0); /* RD = 0, per RFC */
3270 stream_put(s
, &attr
->mp_nexthop_global_in
, 4);
3275 stream_put(s
, &attr
->mp_nexthop_global_in
, 4);
3278 if (attr
->mp_nexthop_len
== 0)
3279 stream_putc(s
, 0); /* no nexthop for flowspec */
3281 stream_putc(s
, attr
->mp_nexthop_len
);
3282 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3291 case SAFI_MULTICAST
:
3292 case SAFI_LABELED_UNICAST
:
3294 if (attr
->mp_nexthop_len
3295 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
) {
3297 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
);
3298 stream_put(s
, &attr
->mp_nexthop_global
,
3300 stream_put(s
, &attr
->mp_nexthop_local
,
3303 stream_putc(s
, IPV6_MAX_BYTELEN
);
3304 stream_put(s
, &attr
->mp_nexthop_global
,
3308 case SAFI_MPLS_VPN
: {
3309 if (attr
->mp_nexthop_len
3310 == BGP_ATTR_NHLEN_IPV6_GLOBAL
) {
3312 stream_putl(s
, 0); /* RD = 0, per RFC */
3314 stream_put(s
, &attr
->mp_nexthop_global
,
3316 } else if (attr
->mp_nexthop_len
3317 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
) {
3319 stream_putl(s
, 0); /* RD = 0, per RFC */
3321 stream_put(s
, &attr
->mp_nexthop_global
,
3323 stream_putl(s
, 0); /* RD = 0, per RFC */
3325 stream_put(s
, &attr
->mp_nexthop_local
,
3330 stream_putc(s
, IPV6_MAX_BYTELEN
);
3331 stream_put(s
, &attr
->mp_nexthop_global
,
3335 stream_putc(s
, 0); /* no nexthop for flowspec */
3341 if (safi
!= SAFI_FLOWSPEC
)
3343 EC_BGP_ATTR_NH_SEND_LEN
,
3344 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
3345 peer
->host
, afi
, safi
, attr
->mp_nexthop_len
);
3354 void bgp_packet_mpattr_prefix(struct stream
*s
, afi_t afi
, safi_t safi
,
3355 struct prefix
*p
, struct prefix_rd
*prd
,
3356 mpls_label_t
*label
, uint32_t num_labels
,
3357 int addpath_encode
, uint32_t addpath_tx_id
,
3360 if (safi
== SAFI_MPLS_VPN
) {
3362 stream_putl(s
, addpath_tx_id
);
3363 /* Label, RD, Prefix write. */
3364 stream_putc(s
, p
->prefixlen
+ 88);
3365 stream_put(s
, label
, BGP_LABEL_BYTES
);
3366 stream_put(s
, prd
->val
, 8);
3367 stream_put(s
, &p
->u
.prefix
, PSIZE(p
->prefixlen
));
3368 } else if (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
) {
3369 /* EVPN prefix - contents depend on type */
3370 bgp_evpn_encode_prefix(s
, p
, prd
, label
, num_labels
, attr
,
3371 addpath_encode
, addpath_tx_id
);
3372 } else if (safi
== SAFI_LABELED_UNICAST
) {
3373 /* Prefix write with label. */
3374 stream_put_labeled_prefix(s
, p
, label
, addpath_encode
,
3376 } else if (safi
== SAFI_FLOWSPEC
) {
3377 stream_putc(s
, p
->u
.prefix_flowspec
.prefixlen
);
3378 stream_put(s
, (const void *)p
->u
.prefix_flowspec
.ptr
,
3379 p
->u
.prefix_flowspec
.prefixlen
);
3381 stream_put_prefix_addpath(s
, p
, addpath_encode
, addpath_tx_id
);
3384 size_t bgp_packet_mpattr_prefix_size(afi_t afi
, safi_t safi
, struct prefix
*p
)
3386 int size
= PSIZE(p
->prefixlen
);
3387 if (safi
== SAFI_MPLS_VPN
)
3389 else if (safi
== SAFI_LABELED_UNICAST
)
3390 size
+= BGP_LABEL_BYTES
;
3391 else if (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
)
3392 size
+= 232; // TODO: Maximum possible for type-2, type-3 and
3398 * Encodes the tunnel encapsulation attribute,
3399 * and with ENABLE_BGP_VNC the VNC attribute which uses
3400 * almost the same TLV format
3402 static void bgp_packet_mpattr_tea(struct bgp
*bgp
, struct peer
*peer
,
3403 struct stream
*s
, struct attr
*attr
,
3406 unsigned int attrlenfield
= 0;
3407 unsigned int attrhdrlen
= 0;
3408 struct bgp_attr_encap_subtlv
*subtlvs
;
3409 struct bgp_attr_encap_subtlv
*st
;
3410 const char *attrname
;
3412 if (!attr
|| (attrtype
== BGP_ATTR_ENCAP
3413 && (!attr
->encap_tunneltype
3414 || attr
->encap_tunneltype
== BGP_ENCAP_TYPE_MPLS
)))
3418 case BGP_ATTR_ENCAP
:
3419 attrname
= "Tunnel Encap";
3420 subtlvs
= attr
->encap_subtlvs
;
3421 if (subtlvs
== NULL
) /* nothing to do */
3424 * The tunnel encap attr has an "outer" tlv.
3426 * L = total length of subtlvs,
3427 * V = concatenated subtlvs.
3429 attrlenfield
= 2 + 2; /* T + L */
3430 attrhdrlen
= 1 + 1; /* subTLV T + L */
3433 #if ENABLE_BGP_VNC_ATTR
3436 subtlvs
= attr
->vnc_subtlvs
;
3437 if (subtlvs
== NULL
) /* nothing to do */
3439 attrlenfield
= 0; /* no outer T + L */
3440 attrhdrlen
= 2 + 2; /* subTLV T + L */
3448 /* compute attr length */
3449 for (st
= subtlvs
; st
; st
= st
->next
) {
3450 attrlenfield
+= (attrhdrlen
+ st
->length
);
3453 if (attrlenfield
> 0xffff) {
3454 zlog_info("%s attribute is too long (length=%d), can't send it",
3455 attrname
, attrlenfield
);
3459 if (attrlenfield
> 0xff) {
3460 /* 2-octet length field */
3462 BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
3463 | BGP_ATTR_FLAG_EXTLEN
);
3464 stream_putc(s
, attrtype
);
3465 stream_putw(s
, attrlenfield
& 0xffff);
3467 /* 1-octet length field */
3468 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
);
3469 stream_putc(s
, attrtype
);
3470 stream_putc(s
, attrlenfield
& 0xff);
3473 if (attrtype
== BGP_ATTR_ENCAP
) {
3474 /* write outer T+L */
3475 stream_putw(s
, attr
->encap_tunneltype
);
3476 stream_putw(s
, attrlenfield
- 4);
3479 /* write each sub-tlv */
3480 for (st
= subtlvs
; st
; st
= st
->next
) {
3481 if (attrtype
== BGP_ATTR_ENCAP
) {
3482 stream_putc(s
, st
->type
);
3483 stream_putc(s
, st
->length
);
3486 stream_putw(s
, st
->type
);
3487 stream_putw(s
, st
->length
);
3490 stream_put(s
, st
->value
, st
->length
);
3494 void bgp_packet_mpattr_end(struct stream
*s
, size_t sizep
)
3496 /* Set MP attribute length. Don't count the (2) bytes used to encode
3498 stream_putw_at(s
, sizep
, (stream_get_endp(s
) - sizep
) - 2);
3501 static int bgp_append_local_as(struct peer
*peer
, afi_t afi
, safi_t safi
)
3503 if (!BGP_AS_IS_PRIVATE(peer
->local_as
)
3504 || (BGP_AS_IS_PRIVATE(peer
->local_as
)
3505 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3506 PEER_FLAG_REMOVE_PRIVATE_AS
)
3507 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3508 PEER_FLAG_REMOVE_PRIVATE_AS_ALL
)
3509 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3510 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE
)
3511 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3512 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE
)))
3517 /* Make attribute packet. */
3518 bgp_size_t
bgp_packet_attribute(struct bgp
*bgp
, struct peer
*peer
,
3519 struct stream
*s
, struct attr
*attr
,
3520 struct bpacket_attr_vec_arr
*vecarr
,
3521 struct prefix
*p
, afi_t afi
, safi_t safi
,
3522 struct peer
*from
, struct prefix_rd
*prd
,
3523 mpls_label_t
*label
, uint32_t num_labels
,
3524 int addpath_encode
, uint32_t addpath_tx_id
)
3527 size_t aspath_sizep
;
3528 struct aspath
*aspath
;
3529 int send_as4_path
= 0;
3530 int send_as4_aggregator
= 0;
3531 int use32bit
= (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)) ? 1 : 0;
3536 /* Remember current pointer. */
3537 cp
= stream_get_endp(s
);
3540 && !((afi
== AFI_IP
&& safi
== SAFI_UNICAST
)
3541 && !peer_cap_enhe(peer
, afi
, safi
))) {
3542 size_t mpattrlen_pos
= 0;
3544 mpattrlen_pos
= bgp_packet_mpattr_start(s
, peer
, afi
, safi
,
3546 bgp_packet_mpattr_prefix(s
, afi
, safi
, p
, prd
, label
,
3547 num_labels
, addpath_encode
,
3548 addpath_tx_id
, attr
);
3549 bgp_packet_mpattr_end(s
, mpattrlen_pos
);
3552 /* Origin attribute. */
3553 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3554 stream_putc(s
, BGP_ATTR_ORIGIN
);
3556 stream_putc(s
, attr
->origin
);
3558 /* AS path attribute. */
3560 /* If remote-peer is EBGP */
3561 if (peer
->sort
== BGP_PEER_EBGP
3562 && (!CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3563 PEER_FLAG_AS_PATH_UNCHANGED
)
3564 || attr
->aspath
->segments
== NULL
)
3565 && (!CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3566 PEER_FLAG_RSERVER_CLIENT
))) {
3567 aspath
= aspath_dup(attr
->aspath
);
3569 /* Even though we may not be configured for confederations we
3571 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3572 aspath
= aspath_delete_confed_seq(aspath
);
3574 if (CHECK_FLAG(bgp
->config
, BGP_CONFIG_CONFEDERATION
)) {
3575 /* Stuff our path CONFED_ID on the front */
3576 aspath
= aspath_add_seq(aspath
, bgp
->confed_id
);
3578 if (peer
->change_local_as
) {
3579 /* If replace-as is specified, we only use the
3580 change_local_as when
3581 advertising routes. */
3582 if (!CHECK_FLAG(peer
->flags
,
3583 PEER_FLAG_LOCAL_AS_REPLACE_AS
))
3584 if (bgp_append_local_as(peer
, afi
,
3586 aspath
= aspath_add_seq(
3587 aspath
, peer
->local_as
);
3588 aspath
= aspath_add_seq(aspath
,
3589 peer
->change_local_as
);
3591 aspath
= aspath_add_seq(aspath
, peer
->local_as
);
3594 } else if (peer
->sort
== BGP_PEER_CONFED
) {
3595 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3597 aspath
= aspath_dup(attr
->aspath
);
3598 aspath
= aspath_add_confed_seq(aspath
, peer
->local_as
);
3600 aspath
= attr
->aspath
;
3602 /* If peer is not AS4 capable, then:
3603 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3604 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3606 * types are in it (i.e. exclude them if they are there)
3607 * AND do this only if there is at least one asnum > 65535 in the
3609 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3611 * all ASnums > 65535 to BGP_AS_TRANS
3614 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_EXTLEN
);
3615 stream_putc(s
, BGP_ATTR_AS_PATH
);
3616 aspath_sizep
= stream_get_endp(s
);
3618 stream_putw_at(s
, aspath_sizep
, aspath_put(s
, aspath
, use32bit
));
3620 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3623 if (!use32bit
&& aspath_has_as4(aspath
))
3625 1; /* we'll do this later, at the correct place */
3627 /* Nexthop attribute. */
3628 if (afi
== AFI_IP
&& safi
== SAFI_UNICAST
3629 && !peer_cap_enhe(peer
, afi
, safi
)) {
3630 afi_t nh_afi
= BGP_NEXTHOP_AFI_FROM_NHLEN(attr
->mp_nexthop_len
);
3632 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
)) {
3633 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3634 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3635 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
,
3638 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3639 } else if (peer_cap_enhe(from
, afi
, safi
)
3640 || (nh_afi
== AFI_IP6
)) {
3642 * Likely this is the case when an IPv4 prefix was
3643 * received with Extended Next-hop capability in this
3644 * or another vrf and is now being advertised to
3645 * non-ENHE peers. Since peer_cap_enhe only checks
3646 * peers in this vrf, also check the nh_afi to catch
3647 * the case where the originator was in another vrf.
3648 * Setting the mandatory (ipv4) next-hop attribute here
3649 * to enable implicit next-hop self with correct A-F
3650 * (ipv4 address family).
3652 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3653 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3654 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
,
3657 stream_put_ipv4(s
, 0);
3661 /* MED attribute. */
3662 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
)
3663 || bgp
->maxmed_active
) {
3664 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3665 stream_putc(s
, BGP_ATTR_MULTI_EXIT_DISC
);
3667 stream_putl(s
, (bgp
->maxmed_active
? bgp
->maxmed_value
3671 /* Local preference. */
3672 if (peer
->sort
== BGP_PEER_IBGP
|| peer
->sort
== BGP_PEER_CONFED
) {
3673 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3674 stream_putc(s
, BGP_ATTR_LOCAL_PREF
);
3676 stream_putl(s
, attr
->local_pref
);
3679 /* Atomic aggregate. */
3680 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
)) {
3681 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3682 stream_putc(s
, BGP_ATTR_ATOMIC_AGGREGATE
);
3687 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
)) {
3688 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3689 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3690 stream_putc(s
, BGP_ATTR_AGGREGATOR
);
3693 /* AS4 capable peer */
3695 stream_putl(s
, attr
->aggregator_as
);
3697 /* 2-byte AS peer */
3700 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3702 if (attr
->aggregator_as
> 65535) {
3703 stream_putw(s
, BGP_AS_TRANS
);
3705 /* we have to send AS4_AGGREGATOR, too.
3706 * we'll do that later in order to send
3707 * attributes in ascending
3710 send_as4_aggregator
= 1;
3712 stream_putw(s
, (uint16_t)attr
->aggregator_as
);
3714 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3717 /* Community attribute. */
3718 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_SEND_COMMUNITY
)
3719 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
))) {
3720 if (attr
->community
->size
* 4 > 255) {
3722 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3723 | BGP_ATTR_FLAG_EXTLEN
);
3724 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3725 stream_putw(s
, attr
->community
->size
* 4);
3728 BGP_ATTR_FLAG_OPTIONAL
3729 | BGP_ATTR_FLAG_TRANS
);
3730 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3731 stream_putc(s
, attr
->community
->size
* 4);
3733 stream_put(s
, attr
->community
->val
, attr
->community
->size
* 4);
3737 * Large Community attribute.
3739 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3740 PEER_FLAG_SEND_LARGE_COMMUNITY
)
3741 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
))) {
3742 if (lcom_length(attr
->lcommunity
) > 255) {
3744 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3745 | BGP_ATTR_FLAG_EXTLEN
);
3746 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3747 stream_putw(s
, lcom_length(attr
->lcommunity
));
3750 BGP_ATTR_FLAG_OPTIONAL
3751 | BGP_ATTR_FLAG_TRANS
);
3752 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3753 stream_putc(s
, lcom_length(attr
->lcommunity
));
3755 stream_put(s
, attr
->lcommunity
->val
,
3756 lcom_length(attr
->lcommunity
));
3759 /* Route Reflector. */
3760 if (peer
->sort
== BGP_PEER_IBGP
&& from
3761 && from
->sort
== BGP_PEER_IBGP
) {
3762 /* Originator ID. */
3763 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3764 stream_putc(s
, BGP_ATTR_ORIGINATOR_ID
);
3767 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
))
3768 stream_put_in_addr(s
, &attr
->originator_id
);
3770 stream_put_in_addr(s
, &from
->remote_id
);
3773 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3774 stream_putc(s
, BGP_ATTR_CLUSTER_LIST
);
3776 if (attr
->cluster
) {
3777 stream_putc(s
, attr
->cluster
->length
+ 4);
3778 /* If this peer configuration's parent BGP has
3780 if (bgp
->config
& BGP_CONFIG_CLUSTER_ID
)
3781 stream_put_in_addr(s
, &bgp
->cluster_id
);
3783 stream_put_in_addr(s
, &bgp
->router_id
);
3784 stream_put(s
, attr
->cluster
->list
,
3785 attr
->cluster
->length
);
3788 /* If this peer configuration's parent BGP has
3790 if (bgp
->config
& BGP_CONFIG_CLUSTER_ID
)
3791 stream_put_in_addr(s
, &bgp
->cluster_id
);
3793 stream_put_in_addr(s
, &bgp
->router_id
);
3797 /* Extended Communities attribute. */
3798 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_SEND_EXT_COMMUNITY
)
3799 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
))) {
3800 if (peer
->sort
== BGP_PEER_IBGP
3801 || peer
->sort
== BGP_PEER_CONFED
) {
3802 if (attr
->ecommunity
->size
* 8 > 255) {
3804 BGP_ATTR_FLAG_OPTIONAL
3805 | BGP_ATTR_FLAG_TRANS
3806 | BGP_ATTR_FLAG_EXTLEN
);
3807 stream_putc(s
, BGP_ATTR_EXT_COMMUNITIES
);
3808 stream_putw(s
, attr
->ecommunity
->size
* 8);
3811 BGP_ATTR_FLAG_OPTIONAL
3812 | BGP_ATTR_FLAG_TRANS
);
3813 stream_putc(s
, BGP_ATTR_EXT_COMMUNITIES
);
3814 stream_putc(s
, attr
->ecommunity
->size
* 8);
3816 stream_put(s
, attr
->ecommunity
->val
,
3817 attr
->ecommunity
->size
* 8);
3821 int ecom_tr_size
= 0;
3824 for (i
= 0; i
< attr
->ecommunity
->size
; i
++) {
3825 pnt
= attr
->ecommunity
->val
+ (i
* 8);
3828 if (CHECK_FLAG(tbit
,
3829 ECOMMUNITY_FLAG_NON_TRANSITIVE
))
3836 if (ecom_tr_size
* 8 > 255) {
3839 BGP_ATTR_FLAG_OPTIONAL
3840 | BGP_ATTR_FLAG_TRANS
3841 | BGP_ATTR_FLAG_EXTLEN
);
3843 BGP_ATTR_EXT_COMMUNITIES
);
3844 stream_putw(s
, ecom_tr_size
* 8);
3848 BGP_ATTR_FLAG_OPTIONAL
3849 | BGP_ATTR_FLAG_TRANS
);
3851 BGP_ATTR_EXT_COMMUNITIES
);
3852 stream_putc(s
, ecom_tr_size
* 8);
3855 for (i
= 0; i
< attr
->ecommunity
->size
; i
++) {
3856 pnt
= attr
->ecommunity
->val
+ (i
* 8);
3861 ECOMMUNITY_FLAG_NON_TRANSITIVE
))
3864 stream_put(s
, pnt
, 8);
3870 /* Label index attribute. */
3871 if (safi
== SAFI_LABELED_UNICAST
) {
3872 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
)) {
3873 uint32_t label_index
;
3875 label_index
= attr
->label_index
;
3877 if (label_index
!= BGP_INVALID_LABEL_INDEX
) {
3879 BGP_ATTR_FLAG_OPTIONAL
3880 | BGP_ATTR_FLAG_TRANS
);
3881 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3883 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX
);
3885 BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
3886 stream_putc(s
, 0); // reserved
3887 stream_putw(s
, 0); // flags
3888 stream_putl(s
, label_index
);
3893 /* SRv6 Service Information Attribute. */
3894 if (afi
== AFI_IP
&& safi
== SAFI_MPLS_VPN
) {
3895 if (attr
->srv6_l3vpn
) {
3896 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
3897 | BGP_ATTR_FLAG_TRANS
);
3898 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3899 stream_putc(s
, 24); /* tlv len */
3900 stream_putc(s
, BGP_PREFIX_SID_SRV6_L3_SERVICE
);
3901 stream_putw(s
, 21); /* sub-tlv len */
3902 stream_putc(s
, 0); /* reserved */
3903 stream_put(s
, &attr
->srv6_l3vpn
->sid
,
3904 sizeof(attr
->srv6_l3vpn
->sid
)); /* sid */
3905 stream_putc(s
, 0); /* sid_flags */
3906 stream_putw(s
, 0xffff); /* endpoint */
3907 stream_putc(s
, 0); /* reserved */
3908 } else if (attr
->srv6_vpn
) {
3909 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
3910 | BGP_ATTR_FLAG_TRANS
);
3911 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3912 stream_putc(s
, 22); /* tlv len */
3913 stream_putc(s
, BGP_PREFIX_SID_VPN_SID
);
3914 stream_putw(s
, 0x13); /* tlv len */
3915 stream_putc(s
, 0x00); /* reserved */
3916 stream_putc(s
, 0x01); /* sid_type */
3917 stream_putc(s
, 0x00); /* sif_flags */
3918 stream_put(s
, &attr
->srv6_vpn
->sid
,
3919 sizeof(attr
->srv6_vpn
->sid
)); /* sid */
3923 if (send_as4_path
) {
3924 /* If the peer is NOT As4 capable, AND */
3925 /* there are ASnums > 65535 in path THEN
3926 * give out AS4_PATH */
3928 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3930 * Hm, I wonder... confederation things *should* only be at
3931 * the beginning of an aspath, right? Then we should use
3932 * aspath_delete_confed_seq for this, because it is already
3934 * Folks, talk to me: what is reasonable here!?
3936 aspath
= aspath_delete_confed_seq(aspath
);
3939 BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
3940 | BGP_ATTR_FLAG_EXTLEN
);
3941 stream_putc(s
, BGP_ATTR_AS4_PATH
);
3942 aspath_sizep
= stream_get_endp(s
);
3944 stream_putw_at(s
, aspath_sizep
, aspath_put(s
, aspath
, 1));
3947 if (aspath
!= attr
->aspath
)
3948 aspath_free(aspath
);
3950 if (send_as4_aggregator
) {
3951 /* send AS4_AGGREGATOR, at this place */
3952 /* this section of code moved here in order to ensure the
3954 * *ascending* order of attributes
3956 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3957 stream_putc(s
, BGP_ATTR_AS4_AGGREGATOR
);
3959 stream_putl(s
, attr
->aggregator_as
);
3960 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3963 if (((afi
== AFI_IP
|| afi
== AFI_IP6
)
3964 && (safi
== SAFI_ENCAP
|| safi
== SAFI_MPLS_VPN
))
3965 || (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
)) {
3966 /* Tunnel Encap attribute */
3967 bgp_packet_mpattr_tea(bgp
, peer
, s
, attr
, BGP_ATTR_ENCAP
);
3969 #if ENABLE_BGP_VNC_ATTR
3971 bgp_packet_mpattr_tea(bgp
, peer
, s
, attr
, BGP_ATTR_VNC
);
3976 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL
)) {
3977 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3978 stream_putc(s
, BGP_ATTR_PMSI_TUNNEL
);
3979 stream_putc(s
, 9); // Length
3980 stream_putc(s
, 0); // Flags
3981 stream_putc(s
, attr
->pmsi_tnl_type
);
3982 stream_put(s
, &(attr
->label
),
3983 BGP_LABEL_BYTES
); // MPLS Label / VXLAN VNI
3984 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3985 // Unicast tunnel endpoint IP address
3988 /* Unknown transit attribute. */
3990 stream_put(s
, attr
->transit
->val
, attr
->transit
->length
);
3992 /* Return total size of attribute. */
3993 return stream_get_endp(s
) - cp
;
3996 size_t bgp_packet_mpunreach_start(struct stream
*s
, afi_t afi
, safi_t safi
)
3998 unsigned long attrlen_pnt
;
4000 iana_safi_t pkt_safi
;
4002 /* Set extended bit always to encode the attribute length as 2 bytes */
4003 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_EXTLEN
);
4004 stream_putc(s
, BGP_ATTR_MP_UNREACH_NLRI
);
4006 attrlen_pnt
= stream_get_endp(s
);
4007 stream_putw(s
, 0); /* Length of this attribute. */
4009 /* Convert AFI, SAFI to values for packet. */
4010 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
4012 stream_putw(s
, pkt_afi
);
4013 stream_putc(s
, pkt_safi
);
4018 void bgp_packet_mpunreach_prefix(struct stream
*s
, struct prefix
*p
, afi_t afi
,
4019 safi_t safi
, struct prefix_rd
*prd
,
4020 mpls_label_t
*label
, uint32_t num_labels
,
4021 int addpath_encode
, uint32_t addpath_tx_id
,
4024 uint8_t wlabel
[3] = {0x80, 0x00, 0x00};
4026 if (safi
== SAFI_LABELED_UNICAST
) {
4027 label
= (mpls_label_t
*)wlabel
;
4031 bgp_packet_mpattr_prefix(s
, afi
, safi
, p
, prd
, label
, num_labels
,
4032 addpath_encode
, addpath_tx_id
, attr
);
4035 void bgp_packet_mpunreach_end(struct stream
*s
, size_t attrlen_pnt
)
4037 bgp_packet_mpattr_end(s
, attrlen_pnt
);
4040 /* Initialization of attribute. */
4041 void bgp_attr_init(void)
4054 void bgp_attr_finish(void)
4059 ecommunity_finish();
4060 lcommunity_finish();
4067 /* Make attribute packet. */
4068 void bgp_dump_routes_attr(struct stream
*s
, struct attr
*attr
,
4069 struct prefix
*prefix
)
4074 struct aspath
*aspath
;
4075 int addpath_encode
= 0;
4076 uint32_t addpath_tx_id
= 0;
4078 /* Remember current pointer. */
4079 cp
= stream_get_endp(s
);
4081 /* Place holder of length. */
4084 /* Origin attribute. */
4085 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
4086 stream_putc(s
, BGP_ATTR_ORIGIN
);
4088 stream_putc(s
, attr
->origin
);
4090 aspath
= attr
->aspath
;
4092 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_EXTLEN
);
4093 stream_putc(s
, BGP_ATTR_AS_PATH
);
4094 aspath_lenp
= stream_get_endp(s
);
4097 stream_putw_at(s
, aspath_lenp
, aspath_put(s
, aspath
, 1));
4099 /* Nexthop attribute. */
4100 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
4101 if (prefix
!= NULL
&& prefix
->family
!= AF_INET6
) {
4102 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
4103 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
4105 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
4108 /* MED attribute. */
4109 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
)) {
4110 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
4111 stream_putc(s
, BGP_ATTR_MULTI_EXIT_DISC
);
4113 stream_putl(s
, attr
->med
);
4116 /* Local preference. */
4117 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
)) {
4118 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
4119 stream_putc(s
, BGP_ATTR_LOCAL_PREF
);
4121 stream_putl(s
, attr
->local_pref
);
4124 /* Atomic aggregate. */
4125 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
)) {
4126 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
4127 stream_putc(s
, BGP_ATTR_ATOMIC_AGGREGATE
);
4132 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
)) {
4133 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
4134 stream_putc(s
, BGP_ATTR_AGGREGATOR
);
4136 stream_putl(s
, attr
->aggregator_as
);
4137 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
4140 /* Community attribute. */
4141 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
)) {
4142 if (attr
->community
->size
* 4 > 255) {
4144 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
4145 | BGP_ATTR_FLAG_EXTLEN
);
4146 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
4147 stream_putw(s
, attr
->community
->size
* 4);
4150 BGP_ATTR_FLAG_OPTIONAL
4151 | BGP_ATTR_FLAG_TRANS
);
4152 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
4153 stream_putc(s
, attr
->community
->size
* 4);
4155 stream_put(s
, attr
->community
->val
, attr
->community
->size
* 4);
4158 /* Large Community attribute. */
4159 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
)) {
4160 if (lcom_length(attr
->lcommunity
) > 255) {
4162 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
4163 | BGP_ATTR_FLAG_EXTLEN
);
4164 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
4165 stream_putw(s
, lcom_length(attr
->lcommunity
));
4168 BGP_ATTR_FLAG_OPTIONAL
4169 | BGP_ATTR_FLAG_TRANS
);
4170 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
4171 stream_putc(s
, lcom_length(attr
->lcommunity
));
4174 stream_put(s
, attr
->lcommunity
->val
,
4175 lcom_length(attr
->lcommunity
));
4178 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
4179 if (prefix
!= NULL
&& prefix
->family
== AF_INET6
4180 && (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL
4181 || attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
)) {
4184 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
4185 stream_putc(s
, BGP_ATTR_MP_REACH_NLRI
);
4186 sizep
= stream_get_endp(s
);
4189 stream_putc(s
, 0); /* Marker: Attribute length. */
4190 stream_putw(s
, AFI_IP6
); /* AFI */
4191 stream_putc(s
, SAFI_UNICAST
); /* SAFI */
4194 stream_putc(s
, attr
->mp_nexthop_len
);
4195 stream_put(s
, &attr
->mp_nexthop_global
, IPV6_MAX_BYTELEN
);
4196 if (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
)
4197 stream_put(s
, &attr
->mp_nexthop_local
,
4204 stream_put_prefix_addpath(s
, prefix
, addpath_encode
,
4207 /* Set MP attribute length. */
4208 stream_putc_at(s
, sizep
, (stream_get_endp(s
) - sizep
) - 1);
4212 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
)) {
4213 if (attr
->label_index
!= BGP_INVALID_LABEL_INDEX
) {
4215 BGP_ATTR_FLAG_OPTIONAL
4216 | BGP_ATTR_FLAG_TRANS
);
4217 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
4219 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX
);
4220 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
4221 stream_putc(s
, 0); // reserved
4222 stream_putw(s
, 0); // flags
4223 stream_putl(s
, attr
->label_index
);
4227 /* Return total size of attribute. */
4228 len
= stream_get_endp(s
) - cp
- 2;
4229 stream_putw_at(s
, cp
, len
);