1 /* BGP attributes management routines.
2 * Copyright (C) 1996, 97, 98, 1999 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
36 #include "bgpd/bgpd.h"
37 #include "bgpd/bgp_attr.h"
38 #include "bgpd/bgp_route.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_community.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_errors.h"
43 #include "bgpd/bgp_label.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_ecommunity.h"
46 #include "bgpd/bgp_lcommunity.h"
47 #include "bgpd/bgp_updgrp.h"
48 #include "bgpd/bgp_encap_types.h"
50 #include "bgpd/rfapi/bgp_rfapi_cfg.h"
51 #include "bgp_encap_types.h"
52 #include "bgp_vnc_types.h"
55 #include "bgp_flowspec_private.h"
58 /* Attribute strings for logging. */
59 static const struct message attr_str
[] = {
60 {BGP_ATTR_ORIGIN
, "ORIGIN"},
61 {BGP_ATTR_AS_PATH
, "AS_PATH"},
62 {BGP_ATTR_NEXT_HOP
, "NEXT_HOP"},
63 {BGP_ATTR_MULTI_EXIT_DISC
, "MULTI_EXIT_DISC"},
64 {BGP_ATTR_LOCAL_PREF
, "LOCAL_PREF"},
65 {BGP_ATTR_ATOMIC_AGGREGATE
, "ATOMIC_AGGREGATE"},
66 {BGP_ATTR_AGGREGATOR
, "AGGREGATOR"},
67 {BGP_ATTR_COMMUNITIES
, "COMMUNITY"},
68 {BGP_ATTR_ORIGINATOR_ID
, "ORIGINATOR_ID"},
69 {BGP_ATTR_CLUSTER_LIST
, "CLUSTER_LIST"},
70 {BGP_ATTR_DPA
, "DPA"},
71 {BGP_ATTR_ADVERTISER
, "ADVERTISER"},
72 {BGP_ATTR_RCID_PATH
, "RCID_PATH"},
73 {BGP_ATTR_MP_REACH_NLRI
, "MP_REACH_NLRI"},
74 {BGP_ATTR_MP_UNREACH_NLRI
, "MP_UNREACH_NLRI"},
75 {BGP_ATTR_EXT_COMMUNITIES
, "EXT_COMMUNITIES"},
76 {BGP_ATTR_AS4_PATH
, "AS4_PATH"},
77 {BGP_ATTR_AS4_AGGREGATOR
, "AS4_AGGREGATOR"},
78 {BGP_ATTR_AS_PATHLIMIT
, "AS_PATHLIMIT"},
79 {BGP_ATTR_PMSI_TUNNEL
, "PMSI_TUNNEL_ATTRIBUTE"},
80 {BGP_ATTR_ENCAP
, "ENCAP"},
81 #if ENABLE_BGP_VNC_ATTR
82 {BGP_ATTR_VNC
, "VNC"},
84 {BGP_ATTR_LARGE_COMMUNITIES
, "LARGE_COMMUNITY"},
85 {BGP_ATTR_PREFIX_SID
, "PREFIX_SID"},
88 static const struct message attr_flag_str
[] = {
89 {BGP_ATTR_FLAG_OPTIONAL
, "Optional"},
90 {BGP_ATTR_FLAG_TRANS
, "Transitive"},
91 {BGP_ATTR_FLAG_PARTIAL
, "Partial"},
92 /* bgp_attr_flags_diagnose() relies on this bit being last in
94 {BGP_ATTR_FLAG_EXTLEN
, "Extended Length"},
97 static struct hash
*cluster_hash
;
99 static void *cluster_hash_alloc(void *p
)
101 const struct cluster_list
*val
= (const struct cluster_list
*)p
;
102 struct cluster_list
*cluster
;
104 cluster
= XMALLOC(MTYPE_CLUSTER
, sizeof(struct cluster_list
));
105 cluster
->length
= val
->length
;
107 if (cluster
->length
) {
108 cluster
->list
= XMALLOC(MTYPE_CLUSTER_VAL
, val
->length
);
109 memcpy(cluster
->list
, val
->list
, val
->length
);
111 cluster
->list
= NULL
;
118 /* Cluster list related functions. */
119 static struct cluster_list
*cluster_parse(struct in_addr
*pnt
, int length
)
121 struct cluster_list tmp
;
122 struct cluster_list
*cluster
;
127 cluster
= hash_get(cluster_hash
, &tmp
, cluster_hash_alloc
);
132 int cluster_loop_check(struct cluster_list
*cluster
, struct in_addr originator
)
136 for (i
= 0; i
< cluster
->length
/ 4; i
++)
137 if (cluster
->list
[i
].s_addr
== originator
.s_addr
)
142 static unsigned int cluster_hash_key_make(const void *p
)
144 const struct cluster_list
*cluster
= p
;
146 return jhash(cluster
->list
, cluster
->length
, 0);
149 static bool cluster_hash_cmp(const void *p1
, const void *p2
)
151 const struct cluster_list
*cluster1
= p1
;
152 const struct cluster_list
*cluster2
= p2
;
154 return (cluster1
->length
== cluster2
->length
155 && memcmp(cluster1
->list
, cluster2
->list
, cluster1
->length
)
159 static void cluster_free(struct cluster_list
*cluster
)
161 XFREE(MTYPE_CLUSTER_VAL
, cluster
->list
);
162 XFREE(MTYPE_CLUSTER
, cluster
);
165 static struct cluster_list
*cluster_intern(struct cluster_list
*cluster
)
167 struct cluster_list
*find
;
169 find
= hash_get(cluster_hash
, cluster
, cluster_hash_alloc
);
175 void cluster_unintern(struct cluster_list
*cluster
)
180 if (cluster
->refcnt
== 0) {
181 hash_release(cluster_hash
, cluster
);
182 cluster_free(cluster
);
186 static void cluster_init(void)
188 cluster_hash
= hash_create(cluster_hash_key_make
, cluster_hash_cmp
,
192 static void cluster_finish(void)
194 hash_clean(cluster_hash
, (void (*)(void *))cluster_free
);
195 hash_free(cluster_hash
);
199 static struct hash
*encap_hash
= NULL
;
201 static struct hash
*vnc_hash
= NULL
;
204 struct bgp_attr_encap_subtlv
*encap_tlv_dup(struct bgp_attr_encap_subtlv
*orig
)
206 struct bgp_attr_encap_subtlv
*new;
207 struct bgp_attr_encap_subtlv
*tail
;
208 struct bgp_attr_encap_subtlv
*p
;
210 for (p
= orig
, tail
= new = NULL
; p
; p
= p
->next
) {
211 int size
= sizeof(struct bgp_attr_encap_subtlv
) + p
->length
;
213 tail
->next
= XCALLOC(MTYPE_ENCAP_TLV
, size
);
216 tail
= new = XCALLOC(MTYPE_ENCAP_TLV
, size
);
219 memcpy(tail
, p
, size
);
226 static void encap_free(struct bgp_attr_encap_subtlv
*p
)
228 struct bgp_attr_encap_subtlv
*next
;
232 XFREE(MTYPE_ENCAP_TLV
, p
);
237 void bgp_attr_flush_encap(struct attr
*attr
)
242 if (attr
->encap_subtlvs
) {
243 encap_free(attr
->encap_subtlvs
);
244 attr
->encap_subtlvs
= NULL
;
247 if (attr
->vnc_subtlvs
) {
248 encap_free(attr
->vnc_subtlvs
);
249 attr
->vnc_subtlvs
= NULL
;
255 * Compare encap sub-tlv chains
260 * This algorithm could be made faster if needed
262 static int encap_same(const struct bgp_attr_encap_subtlv
*h1
,
263 const struct bgp_attr_encap_subtlv
*h2
)
265 const struct bgp_attr_encap_subtlv
*p
;
266 const struct bgp_attr_encap_subtlv
*q
;
270 if (h1
== NULL
|| h2
== NULL
)
273 for (p
= h1
; p
; p
= p
->next
) {
274 for (q
= h2
; q
; q
= q
->next
) {
275 if ((p
->type
== q
->type
) && (p
->length
== q
->length
)
276 && !memcmp(p
->value
, q
->value
, p
->length
)) {
285 for (p
= h2
; p
; p
= p
->next
) {
286 for (q
= h1
; q
; q
= q
->next
) {
287 if ((p
->type
== q
->type
) && (p
->length
== q
->length
)
288 && !memcmp(p
->value
, q
->value
, p
->length
)) {
300 static void *encap_hash_alloc(void *p
)
302 /* Encap structure is already allocated. */
313 static struct bgp_attr_encap_subtlv
*
314 encap_intern(struct bgp_attr_encap_subtlv
*encap
, encap_subtlv_type type
)
316 struct bgp_attr_encap_subtlv
*find
;
317 struct hash
*hash
= encap_hash
;
319 if (type
== VNC_SUBTLV_TYPE
)
323 find
= hash_get(hash
, encap
, encap_hash_alloc
);
331 static void encap_unintern(struct bgp_attr_encap_subtlv
**encapp
,
332 encap_subtlv_type type
)
334 struct bgp_attr_encap_subtlv
*encap
= *encapp
;
338 if (encap
->refcnt
== 0) {
339 struct hash
*hash
= encap_hash
;
341 if (type
== VNC_SUBTLV_TYPE
)
344 hash_release(hash
, encap
);
350 static unsigned int encap_hash_key_make(const void *p
)
352 const struct bgp_attr_encap_subtlv
*encap
= p
;
354 return jhash(encap
->value
, encap
->length
, 0);
357 static bool encap_hash_cmp(const void *p1
, const void *p2
)
359 return encap_same((const struct bgp_attr_encap_subtlv
*)p1
,
360 (const struct bgp_attr_encap_subtlv
*)p2
);
363 static void encap_init(void)
365 encap_hash
= hash_create(encap_hash_key_make
, encap_hash_cmp
,
368 vnc_hash
= hash_create(encap_hash_key_make
, encap_hash_cmp
,
373 static void encap_finish(void)
375 hash_clean(encap_hash
, (void (*)(void *))encap_free
);
376 hash_free(encap_hash
);
379 hash_clean(vnc_hash
, (void (*)(void *))encap_free
);
385 static bool overlay_index_same(const struct attr
*a1
, const struct attr
*a2
)
393 return !memcmp(&(a1
->evpn_overlay
), &(a2
->evpn_overlay
),
394 sizeof(struct bgp_route_evpn
));
397 /* Unknown transit attribute. */
398 static struct hash
*transit_hash
;
400 static void transit_free(struct transit
*transit
)
402 XFREE(MTYPE_TRANSIT_VAL
, transit
->val
);
403 XFREE(MTYPE_TRANSIT
, transit
);
406 static void *transit_hash_alloc(void *p
)
408 /* Transit structure is already allocated. */
412 static struct transit
*transit_intern(struct transit
*transit
)
414 struct transit
*find
;
416 find
= hash_get(transit_hash
, transit
, transit_hash_alloc
);
418 transit_free(transit
);
424 static void transit_unintern(struct transit
**transit
)
426 if ((*transit
)->refcnt
)
427 (*transit
)->refcnt
--;
429 if ((*transit
)->refcnt
== 0) {
430 hash_release(transit_hash
, *transit
);
431 transit_free(*transit
);
436 static unsigned int transit_hash_key_make(const void *p
)
438 const struct transit
*transit
= p
;
440 return jhash(transit
->val
, transit
->length
, 0);
443 static bool transit_hash_cmp(const void *p1
, const void *p2
)
445 const struct transit
*transit1
= p1
;
446 const struct transit
*transit2
= p2
;
448 return (transit1
->length
== transit2
->length
449 && memcmp(transit1
->val
, transit2
->val
, transit1
->length
) == 0);
452 static void transit_init(void)
454 transit_hash
= hash_create(transit_hash_key_make
, transit_hash_cmp
,
458 static void transit_finish(void)
460 hash_clean(transit_hash
, (void (*)(void *))transit_free
);
461 hash_free(transit_hash
);
465 /* Attribute hash routines. */
466 static struct hash
*attrhash
;
468 /* Shallow copy of an attribute
469 * Though, not so shallow that it doesn't copy the contents
470 * of the attr_extra pointed to by 'extra'
472 void bgp_attr_dup(struct attr
*new, struct attr
*orig
)
477 unsigned long int attr_count(void)
479 return attrhash
->count
;
482 unsigned long int attr_unknown_count(void)
484 return transit_hash
->count
;
487 unsigned int attrhash_key_make(const void *p
)
489 const struct attr
*attr
= (struct attr
*)p
;
491 #define MIX(val) key = jhash_1word(val, key)
492 #define MIX3(a, b, c) key = jhash_3words((a), (b), (c), key)
494 MIX3(attr
->origin
, attr
->nexthop
.s_addr
, attr
->med
);
495 MIX3(attr
->local_pref
, attr
->aggregator_as
,
496 attr
->aggregator_addr
.s_addr
);
497 MIX3(attr
->weight
, attr
->mp_nexthop_global_in
.s_addr
,
498 attr
->originator_id
.s_addr
);
499 MIX3(attr
->tag
, attr
->label
, attr
->label_index
);
502 MIX(aspath_key_make(attr
->aspath
));
504 MIX(community_hash_make(attr
->community
));
506 if (attr
->lcommunity
)
507 MIX(lcommunity_hash_make(attr
->lcommunity
));
508 if (attr
->ecommunity
)
509 MIX(ecommunity_hash_make(attr
->ecommunity
));
511 MIX(cluster_hash_key_make(attr
->cluster
));
513 MIX(transit_hash_key_make(attr
->transit
));
514 if (attr
->encap_subtlvs
)
515 MIX(encap_hash_key_make(attr
->encap_subtlvs
));
517 if (attr
->vnc_subtlvs
)
518 MIX(encap_hash_key_make(attr
->vnc_subtlvs
));
520 MIX(attr
->mp_nexthop_len
);
521 key
= jhash(attr
->mp_nexthop_global
.s6_addr
, IPV6_MAX_BYTELEN
, key
);
522 key
= jhash(attr
->mp_nexthop_local
.s6_addr
, IPV6_MAX_BYTELEN
, key
);
523 MIX3(attr
->nh_ifindex
, attr
->nh_lla_ifindex
, attr
->distance
);
524 MIX(attr
->rmap_table_id
);
529 bool attrhash_cmp(const void *p1
, const void *p2
)
531 const struct attr
*attr1
= p1
;
532 const struct attr
*attr2
= p2
;
534 if (attr1
->flag
== attr2
->flag
&& attr1
->origin
== attr2
->origin
535 && attr1
->nexthop
.s_addr
== attr2
->nexthop
.s_addr
536 && attr1
->aspath
== attr2
->aspath
537 && attr1
->community
== attr2
->community
&& attr1
->med
== attr2
->med
538 && attr1
->local_pref
== attr2
->local_pref
539 && attr1
->rmap_change_flags
== attr2
->rmap_change_flags
) {
540 if (attr1
->aggregator_as
== attr2
->aggregator_as
541 && attr1
->aggregator_addr
.s_addr
542 == attr2
->aggregator_addr
.s_addr
543 && attr1
->weight
== attr2
->weight
544 && attr1
->tag
== attr2
->tag
545 && attr1
->label_index
== attr2
->label_index
546 && attr1
->mp_nexthop_len
== attr2
->mp_nexthop_len
547 && attr1
->ecommunity
== attr2
->ecommunity
548 && attr1
->lcommunity
== attr2
->lcommunity
549 && attr1
->cluster
== attr2
->cluster
550 && attr1
->transit
== attr2
->transit
551 && attr1
->rmap_table_id
== attr2
->rmap_table_id
552 && (attr1
->encap_tunneltype
== attr2
->encap_tunneltype
)
553 && encap_same(attr1
->encap_subtlvs
, attr2
->encap_subtlvs
)
555 && encap_same(attr1
->vnc_subtlvs
, attr2
->vnc_subtlvs
)
557 && IPV6_ADDR_SAME(&attr1
->mp_nexthop_global
,
558 &attr2
->mp_nexthop_global
)
559 && IPV6_ADDR_SAME(&attr1
->mp_nexthop_local
,
560 &attr2
->mp_nexthop_local
)
561 && IPV4_ADDR_SAME(&attr1
->mp_nexthop_global_in
,
562 &attr2
->mp_nexthop_global_in
)
563 && IPV4_ADDR_SAME(&attr1
->originator_id
,
564 &attr2
->originator_id
)
565 && overlay_index_same(attr1
, attr2
)
566 && attr1
->nh_ifindex
== attr2
->nh_ifindex
567 && attr1
->nh_lla_ifindex
== attr2
->nh_lla_ifindex
568 && attr1
->distance
== attr2
->distance
)
575 static void attrhash_init(void)
578 hash_create(attrhash_key_make
, attrhash_cmp
, "BGP Attributes");
582 * special for hash_clean below
584 static void attr_vfree(void *attr
)
586 XFREE(MTYPE_ATTR
, attr
);
589 static void attrhash_finish(void)
591 hash_clean(attrhash
, attr_vfree
);
596 static void attr_show_all_iterator(struct hash_bucket
*bucket
, struct vty
*vty
)
598 struct attr
*attr
= bucket
->data
;
600 vty_out(vty
, "attr[%ld] nexthop %s\n", attr
->refcnt
,
601 inet_ntoa(attr
->nexthop
));
602 vty_out(vty
, "\tflags: %" PRIu64
" med: %u local_pref: %u origin: %u weight: %u label: %u\n",
603 attr
->flag
, attr
->med
, attr
->local_pref
, attr
->origin
,
604 attr
->weight
, attr
->label
);
607 void attr_show_all(struct vty
*vty
)
609 hash_iterate(attrhash
, (void (*)(struct hash_bucket
*,
610 void *))attr_show_all_iterator
,
614 static void *bgp_attr_hash_alloc(void *p
)
616 struct attr
*val
= (struct attr
*)p
;
619 attr
= XMALLOC(MTYPE_ATTR
, sizeof(struct attr
));
621 if (val
->encap_subtlvs
) {
622 val
->encap_subtlvs
= NULL
;
625 if (val
->vnc_subtlvs
) {
626 val
->vnc_subtlvs
= NULL
;
633 /* Internet argument attribute. */
634 struct attr
*bgp_attr_intern(struct attr
*attr
)
638 /* Intern referenced strucutre. */
640 if (!attr
->aspath
->refcnt
)
641 attr
->aspath
= aspath_intern(attr
->aspath
);
643 attr
->aspath
->refcnt
++;
645 if (attr
->community
) {
646 if (!attr
->community
->refcnt
)
647 attr
->community
= community_intern(attr
->community
);
649 attr
->community
->refcnt
++;
652 if (attr
->ecommunity
) {
653 if (!attr
->ecommunity
->refcnt
)
654 attr
->ecommunity
= ecommunity_intern(attr
->ecommunity
);
656 attr
->ecommunity
->refcnt
++;
658 if (attr
->lcommunity
) {
659 if (!attr
->lcommunity
->refcnt
)
660 attr
->lcommunity
= lcommunity_intern(attr
->lcommunity
);
662 attr
->lcommunity
->refcnt
++;
665 if (!attr
->cluster
->refcnt
)
666 attr
->cluster
= cluster_intern(attr
->cluster
);
668 attr
->cluster
->refcnt
++;
671 if (!attr
->transit
->refcnt
)
672 attr
->transit
= transit_intern(attr
->transit
);
674 attr
->transit
->refcnt
++;
676 if (attr
->encap_subtlvs
) {
677 if (!attr
->encap_subtlvs
->refcnt
)
678 attr
->encap_subtlvs
= encap_intern(attr
->encap_subtlvs
,
681 attr
->encap_subtlvs
->refcnt
++;
684 if (attr
->vnc_subtlvs
) {
685 if (!attr
->vnc_subtlvs
->refcnt
)
686 attr
->vnc_subtlvs
= encap_intern(attr
->vnc_subtlvs
,
689 attr
->vnc_subtlvs
->refcnt
++;
693 /* At this point, attr only contains intern'd pointers. that means
694 * if we find it in attrhash, it has all the same pointers and we
695 * correctly updated the refcounts on these.
696 * If we don't find it, we need to allocate a one because in all
697 * cases this returns a new reference to a hashed attr, but the input
699 find
= (struct attr
*)hash_get(attrhash
, attr
, bgp_attr_hash_alloc
);
705 /* Make network statement's attribute. */
706 struct attr
*bgp_attr_default_set(struct attr
*attr
, uint8_t origin
)
708 memset(attr
, 0, sizeof(struct attr
));
710 attr
->origin
= origin
;
711 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
712 attr
->aspath
= aspath_empty();
713 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
714 attr
->weight
= BGP_ATTR_DEFAULT_WEIGHT
;
716 attr
->label_index
= BGP_INVALID_LABEL_INDEX
;
717 attr
->label
= MPLS_INVALID_LABEL
;
718 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
719 attr
->mp_nexthop_len
= IPV6_MAX_BYTELEN
;
724 /* Create the attributes for an aggregate */
725 struct attr
*bgp_attr_aggregate_intern(struct bgp
*bgp
, uint8_t origin
,
726 struct aspath
*aspath
,
727 struct community
*community
,
728 struct ecommunity
*ecommunity
,
729 struct lcommunity
*lcommunity
,
730 struct bgp_aggregate
*aggregate
,
731 uint8_t atomic_aggregate
,
738 memset(&attr
, 0, sizeof(struct attr
));
740 /* Origin attribute. */
741 attr
.origin
= origin
;
742 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
744 /* AS path attribute. */
746 attr
.aspath
= aspath_intern(aspath
);
748 attr
.aspath
= aspath_empty();
749 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
751 /* Next hop attribute. */
752 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
755 uint32_t gshut
= COMMUNITY_GSHUT
;
757 /* If we are not shutting down ourselves and we are
758 * aggregating a route that contains the GSHUT community we
759 * need to remove that community when creating the aggregate */
760 if (!bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
)
761 && community_include(community
, gshut
)) {
762 community_del_val(community
, &gshut
);
765 attr
.community
= community
;
766 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
);
770 attr
.ecommunity
= ecommunity
;
771 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
);
775 attr
.lcommunity
= lcommunity
;
776 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
);
779 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
)) {
780 bgp_attr_add_gshut_community(&attr
);
783 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
784 attr
.label
= MPLS_INVALID_LABEL
;
785 attr
.weight
= BGP_ATTR_DEFAULT_WEIGHT
;
786 attr
.mp_nexthop_len
= IPV6_MAX_BYTELEN
;
787 if (!aggregate
->as_set
|| atomic_aggregate
)
788 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
);
789 attr
.flag
|= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
);
790 if (CHECK_FLAG(bgp
->config
, BGP_CONFIG_CONFEDERATION
))
791 attr
.aggregator_as
= bgp
->confed_id
;
793 attr
.aggregator_as
= bgp
->as
;
794 attr
.aggregator_addr
= bgp
->router_id
;
795 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
796 attr
.label
= MPLS_INVALID_LABEL
;
798 /* Apply route-map */
799 if (aggregate
->rmap
.name
) {
800 struct attr attr_tmp
= attr
;
801 struct bgp_path_info rmap_path
;
803 memset(&rmap_path
, 0, sizeof(struct bgp_path_info
));
804 rmap_path
.peer
= bgp
->peer_self
;
805 rmap_path
.attr
= &attr_tmp
;
807 SET_FLAG(bgp
->peer_self
->rmap_type
, PEER_RMAP_TYPE_AGGREGATE
);
809 ret
= route_map_apply(aggregate
->rmap
.map
, p
, RMAP_BGP
,
812 bgp
->peer_self
->rmap_type
= 0;
814 if (ret
== RMAP_DENYMATCH
) {
815 /* Free uninterned attribute. */
816 bgp_attr_flush(&attr_tmp
);
818 /* Unintern original. */
819 aspath_unintern(&attr
.aspath
);
823 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
))
824 bgp_attr_add_gshut_community(&attr_tmp
);
826 new = bgp_attr_intern(&attr_tmp
);
829 if (bgp_flag_check(bgp
, BGP_FLAG_GRACEFUL_SHUTDOWN
))
830 bgp_attr_add_gshut_community(&attr
);
832 new = bgp_attr_intern(&attr
);
835 aspath_unintern(&new->aspath
);
839 /* Unintern just the sub-components of the attr, but not the attr */
840 void bgp_attr_unintern_sub(struct attr
*attr
)
842 /* aspath refcount shoud be decrement. */
844 aspath_unintern(&attr
->aspath
);
845 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
));
848 community_unintern(&attr
->community
);
849 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
));
851 if (attr
->ecommunity
)
852 ecommunity_unintern(&attr
->ecommunity
);
853 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
));
855 if (attr
->lcommunity
)
856 lcommunity_unintern(&attr
->lcommunity
);
857 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
));
860 cluster_unintern(attr
->cluster
);
861 UNSET_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST
));
864 transit_unintern(&attr
->transit
);
866 if (attr
->encap_subtlvs
)
867 encap_unintern(&attr
->encap_subtlvs
, ENCAP_SUBTLV_TYPE
);
870 if (attr
->vnc_subtlvs
)
871 encap_unintern(&attr
->vnc_subtlvs
, VNC_SUBTLV_TYPE
);
876 * We have some show commands that let you experimentally
877 * apply a route-map. When we apply the route-map
878 * we are reseting values but not saving them for
879 * posterity via intern'ing( because route-maps don't
880 * do that) but at this point in time we need
881 * to compare the new attr to the old and if the
882 * routemap has changed it we need to, as Snoop Dog says,
883 * Drop it like it's hot
885 void bgp_attr_undup(struct attr
*new, struct attr
*old
)
887 if (new->aspath
!= old
->aspath
)
888 aspath_free(new->aspath
);
890 if (new->community
!= old
->community
)
891 community_free(&new->community
);
893 if (new->ecommunity
!= old
->ecommunity
)
894 ecommunity_free(&new->ecommunity
);
896 if (new->lcommunity
!= old
->lcommunity
)
897 lcommunity_free(&new->lcommunity
);
900 /* Free bgp attribute and aspath. */
901 void bgp_attr_unintern(struct attr
**pattr
)
903 struct attr
*attr
= *pattr
;
907 /* Decrement attribute reference. */
912 /* If reference becomes zero then free attribute object. */
913 if (attr
->refcnt
== 0) {
914 ret
= hash_release(attrhash
, attr
);
916 XFREE(MTYPE_ATTR
, attr
);
920 bgp_attr_unintern_sub(&tmp
);
923 void bgp_attr_flush(struct attr
*attr
)
925 if (attr
->aspath
&& !attr
->aspath
->refcnt
) {
926 aspath_free(attr
->aspath
);
929 if (attr
->community
&& !attr
->community
->refcnt
)
930 community_free(&attr
->community
);
931 if (attr
->ecommunity
&& !attr
->ecommunity
->refcnt
)
932 ecommunity_free(&attr
->ecommunity
);
933 if (attr
->lcommunity
&& !attr
->lcommunity
->refcnt
)
934 lcommunity_free(&attr
->lcommunity
);
935 if (attr
->cluster
&& !attr
->cluster
->refcnt
) {
936 cluster_free(attr
->cluster
);
937 attr
->cluster
= NULL
;
939 if (attr
->transit
&& !attr
->transit
->refcnt
) {
940 transit_free(attr
->transit
);
941 attr
->transit
= NULL
;
943 if (attr
->encap_subtlvs
&& !attr
->encap_subtlvs
->refcnt
) {
944 encap_free(attr
->encap_subtlvs
);
945 attr
->encap_subtlvs
= NULL
;
948 if (attr
->vnc_subtlvs
&& !attr
->vnc_subtlvs
->refcnt
) {
949 encap_free(attr
->vnc_subtlvs
);
950 attr
->vnc_subtlvs
= NULL
;
955 /* Implement draft-scudder-idr-optional-transitive behaviour and
956 * avoid resetting sessions for malformed attributes which are
957 * are partial/optional and hence where the error likely was not
958 * introduced by the sending neighbour.
960 static bgp_attr_parse_ret_t
961 bgp_attr_malformed(struct bgp_attr_parser_args
*args
, uint8_t subcode
,
964 struct peer
*const peer
= args
->peer
;
965 const uint8_t flags
= args
->flags
;
966 /* startp and length must be special-cased, as whether or not to
967 * send the attribute data with the NOTIFY depends on the error,
968 * the caller therefore signals this with the seperate length argument
970 uint8_t *notify_datap
= (length
> 0 ? args
->startp
: NULL
);
972 /* Only relax error handling for eBGP peers */
973 if (peer
->sort
!= BGP_PEER_EBGP
) {
974 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
, subcode
,
975 notify_datap
, length
);
976 return BGP_ATTR_PARSE_ERROR
;
979 /* Adjust the stream getp to the end of the attribute, in case we can
980 * still proceed but the caller hasn't read all the attribute.
982 stream_set_getp(BGP_INPUT(peer
),
983 (args
->startp
- STREAM_DATA(BGP_INPUT(peer
)))
986 switch (args
->type
) {
987 /* where an attribute is relatively inconsequential, e.g. it does not
988 * affect route selection, and can be safely ignored, then any such
989 * attributes which are malformed should just be ignored and the route
990 * processed as normal.
992 case BGP_ATTR_AS4_AGGREGATOR
:
993 case BGP_ATTR_AGGREGATOR
:
994 case BGP_ATTR_ATOMIC_AGGREGATE
:
995 return BGP_ATTR_PARSE_PROCEED
;
997 /* Core attributes, particularly ones which may influence route
998 * selection, should always cause session resets
1000 case BGP_ATTR_ORIGIN
:
1001 case BGP_ATTR_AS_PATH
:
1002 case BGP_ATTR_NEXT_HOP
:
1003 case BGP_ATTR_MULTI_EXIT_DISC
:
1004 case BGP_ATTR_LOCAL_PREF
:
1005 case BGP_ATTR_COMMUNITIES
:
1006 case BGP_ATTR_ORIGINATOR_ID
:
1007 case BGP_ATTR_CLUSTER_LIST
:
1008 case BGP_ATTR_MP_REACH_NLRI
:
1009 case BGP_ATTR_MP_UNREACH_NLRI
:
1010 case BGP_ATTR_EXT_COMMUNITIES
:
1011 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
, subcode
,
1012 notify_datap
, length
);
1013 return BGP_ATTR_PARSE_ERROR
;
1016 /* Partial optional attributes that are malformed should not cause
1017 * the whole session to be reset. Instead treat it as a withdrawal
1018 * of the routes, if possible.
1020 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
)
1021 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1022 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_PARTIAL
))
1023 return BGP_ATTR_PARSE_WITHDRAW
;
1025 /* default to reset */
1026 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1029 /* Find out what is wrong with the path attribute flag bits and log the error.
1030 "Flag bits" here stand for Optional, Transitive and Partial, but not for
1031 Extended Length. Checking O/T/P bits at once implies, that the attribute
1032 being diagnosed is defined by RFC as either a "well-known" or an "optional,
1033 non-transitive" attribute. */
1035 bgp_attr_flags_diagnose(struct bgp_attr_parser_args
*args
,
1036 uint8_t desired_flags
/* how RFC says it must be */
1039 uint8_t seen
= 0, i
;
1040 uint8_t real_flags
= args
->flags
;
1041 const uint8_t attr_code
= args
->type
;
1043 desired_flags
&= ~BGP_ATTR_FLAG_EXTLEN
;
1044 real_flags
&= ~BGP_ATTR_FLAG_EXTLEN
;
1045 for (i
= 0; i
<= 2; i
++) /* O,T,P, but not E */
1046 if (CHECK_FLAG(desired_flags
, attr_flag_str
[i
].key
)
1047 != CHECK_FLAG(real_flags
, attr_flag_str
[i
].key
)) {
1048 flog_err(EC_BGP_ATTR_FLAG
,
1049 "%s attribute must%s be flagged as \"%s\"",
1050 lookup_msg(attr_str
, attr_code
, NULL
),
1051 CHECK_FLAG(desired_flags
, attr_flag_str
[i
].key
)
1054 attr_flag_str
[i
].str
);
1059 "Strange, %s called for attr %s, but no problem found with flags"
1060 " (real flags 0x%x, desired 0x%x)",
1061 __func__
, lookup_msg(attr_str
, attr_code
, NULL
),
1062 real_flags
, desired_flags
);
1066 /* Required flags for attributes. EXTLEN will be masked off when testing,
1067 * as will PARTIAL for optional+transitive attributes.
1069 const uint8_t attr_flags_values
[] = {
1070 [BGP_ATTR_ORIGIN
] = BGP_ATTR_FLAG_TRANS
,
1071 [BGP_ATTR_AS_PATH
] = BGP_ATTR_FLAG_TRANS
,
1072 [BGP_ATTR_NEXT_HOP
] = BGP_ATTR_FLAG_TRANS
,
1073 [BGP_ATTR_MULTI_EXIT_DISC
] = BGP_ATTR_FLAG_OPTIONAL
,
1074 [BGP_ATTR_LOCAL_PREF
] = BGP_ATTR_FLAG_TRANS
,
1075 [BGP_ATTR_ATOMIC_AGGREGATE
] = BGP_ATTR_FLAG_TRANS
,
1076 [BGP_ATTR_AGGREGATOR
] = BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
,
1077 [BGP_ATTR_COMMUNITIES
] = BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
,
1078 [BGP_ATTR_ORIGINATOR_ID
] = BGP_ATTR_FLAG_OPTIONAL
,
1079 [BGP_ATTR_CLUSTER_LIST
] = BGP_ATTR_FLAG_OPTIONAL
,
1080 [BGP_ATTR_MP_REACH_NLRI
] = BGP_ATTR_FLAG_OPTIONAL
,
1081 [BGP_ATTR_MP_UNREACH_NLRI
] = BGP_ATTR_FLAG_OPTIONAL
,
1082 [BGP_ATTR_EXT_COMMUNITIES
] =
1083 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1084 [BGP_ATTR_AS4_PATH
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1085 [BGP_ATTR_AS4_AGGREGATOR
] =
1086 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1087 [BGP_ATTR_PMSI_TUNNEL
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1088 [BGP_ATTR_LARGE_COMMUNITIES
] =
1089 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1090 [BGP_ATTR_PREFIX_SID
] = BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
,
1092 static const size_t attr_flags_values_max
= array_size(attr_flags_values
) - 1;
1094 static int bgp_attr_flag_invalid(struct bgp_attr_parser_args
*args
)
1096 uint8_t mask
= BGP_ATTR_FLAG_EXTLEN
;
1097 const uint8_t flags
= args
->flags
;
1098 const uint8_t attr_code
= args
->type
;
1100 /* there may be attributes we don't know about */
1101 if (attr_code
> attr_flags_values_max
)
1103 if (attr_flags_values
[attr_code
] == 0)
1106 /* RFC4271, "For well-known attributes, the Transitive bit MUST be set
1110 if (!CHECK_FLAG(BGP_ATTR_FLAG_OPTIONAL
, flags
)
1111 && !CHECK_FLAG(BGP_ATTR_FLAG_TRANS
, flags
)) {
1114 "%s well-known attributes must have transitive flag set (%x)",
1115 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1119 /* "For well-known attributes and for optional non-transitive
1121 * the Partial bit MUST be set to 0."
1123 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_PARTIAL
)) {
1124 if (!CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)) {
1125 flog_err(EC_BGP_ATTR_FLAG
,
1126 "%s well-known attribute "
1127 "must NOT have the partial flag set (%x)",
1128 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1131 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1132 && !CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
)) {
1133 flog_err(EC_BGP_ATTR_FLAG
,
1134 "%s optional + transitive attribute "
1135 "must NOT have the partial flag set (%x)",
1136 lookup_msg(attr_str
, attr_code
, NULL
), flags
);
1141 /* Optional transitive attributes may go through speakers that don't
1142 * reocgnise them and set the Partial bit.
1144 if (CHECK_FLAG(flags
, BGP_ATTR_FLAG_OPTIONAL
)
1145 && CHECK_FLAG(flags
, BGP_ATTR_FLAG_TRANS
))
1146 SET_FLAG(mask
, BGP_ATTR_FLAG_PARTIAL
);
1148 if ((flags
& ~mask
) == attr_flags_values
[attr_code
])
1151 bgp_attr_flags_diagnose(args
, attr_flags_values
[attr_code
]);
1155 /* Get origin attribute of the update message. */
1156 static bgp_attr_parse_ret_t
bgp_attr_origin(struct bgp_attr_parser_args
*args
)
1158 struct peer
*const peer
= args
->peer
;
1159 struct attr
*const attr
= args
->attr
;
1160 const bgp_size_t length
= args
->length
;
1162 /* If any recognized attribute has Attribute Length that conflicts
1163 with the expected length (based on the attribute type code), then
1164 the Error Subcode is set to Attribute Length Error. The Data
1165 field contains the erroneous attribute (type, length and
1168 flog_err(EC_BGP_ATTR_LEN
,
1169 "Origin attribute length is not one %d", length
);
1170 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1174 /* Fetch origin attribute. */
1175 attr
->origin
= stream_getc(BGP_INPUT(peer
));
1177 /* If the ORIGIN attribute has an undefined value, then the Error
1178 Subcode is set to Invalid Origin Attribute. The Data field
1179 contains the unrecognized attribute (type, length and value). */
1180 if ((attr
->origin
!= BGP_ORIGIN_IGP
) && (attr
->origin
!= BGP_ORIGIN_EGP
)
1181 && (attr
->origin
!= BGP_ORIGIN_INCOMPLETE
)) {
1182 flog_err(EC_BGP_ATTR_ORIGIN
,
1183 "Origin attribute value is invalid %d", attr
->origin
);
1184 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_INVAL_ORIGIN
,
1188 /* Set oring attribute flag. */
1189 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
);
1194 /* Parse AS path information. This function is wrapper of
1196 static int bgp_attr_aspath(struct bgp_attr_parser_args
*args
)
1198 struct attr
*const attr
= args
->attr
;
1199 struct peer
*const peer
= args
->peer
;
1200 const bgp_size_t length
= args
->length
;
1203 * peer with AS4 => will get 4Byte ASnums
1204 * otherwise, will get 16 Bit
1206 attr
->aspath
= aspath_parse(peer
->curr
, length
,
1207 CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
));
1209 /* In case of IBGP, length will be zero. */
1210 if (!attr
->aspath
) {
1211 flog_err(EC_BGP_ATTR_MAL_AS_PATH
,
1212 "Malformed AS path from %s, length is %d", peer
->host
,
1214 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_MAL_AS_PATH
,
1218 /* Set aspath attribute flag. */
1219 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
);
1221 return BGP_ATTR_PARSE_PROCEED
;
1224 static bgp_attr_parse_ret_t
bgp_attr_aspath_check(struct peer
*const peer
,
1225 struct attr
*const attr
)
1227 /* These checks were part of bgp_attr_aspath, but with
1228 * as4 we should to check aspath things when
1229 * aspath synthesizing with as4_path has already taken place.
1230 * Otherwise we check ASPATH and use the synthesized thing, and that is
1232 * So do the checks later, i.e. here
1234 struct aspath
*aspath
;
1236 /* Confederation sanity check. */
1237 if ((peer
->sort
== BGP_PEER_CONFED
1238 && !aspath_left_confed_check(attr
->aspath
))
1239 || (peer
->sort
== BGP_PEER_EBGP
1240 && aspath_confed_check(attr
->aspath
))) {
1241 flog_err(EC_BGP_ATTR_MAL_AS_PATH
, "Malformed AS path from %s",
1243 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1244 BGP_NOTIFY_UPDATE_MAL_AS_PATH
);
1245 return BGP_ATTR_PARSE_ERROR
;
1248 /* First AS check for EBGP. */
1249 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_ENFORCE_FIRST_AS
)) {
1250 if (peer
->sort
== BGP_PEER_EBGP
1251 && !aspath_firstas_check(attr
->aspath
, peer
->as
)) {
1252 flog_err(EC_BGP_ATTR_FIRST_AS
,
1253 "%s incorrect first AS (must be %u)",
1254 peer
->host
, peer
->as
);
1255 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1256 BGP_NOTIFY_UPDATE_MAL_AS_PATH
);
1257 return BGP_ATTR_PARSE_ERROR
;
1261 /* local-as prepend */
1262 if (peer
->change_local_as
1263 && !CHECK_FLAG(peer
->flags
, PEER_FLAG_LOCAL_AS_NO_PREPEND
)) {
1264 aspath
= aspath_dup(attr
->aspath
);
1265 aspath
= aspath_add_seq(aspath
, peer
->change_local_as
);
1266 aspath_unintern(&attr
->aspath
);
1267 attr
->aspath
= aspath_intern(aspath
);
1270 return BGP_ATTR_PARSE_PROCEED
;
1273 /* Parse AS4 path information. This function is another wrapper of
1275 static int bgp_attr_as4_path(struct bgp_attr_parser_args
*args
,
1276 struct aspath
**as4_path
)
1278 struct peer
*const peer
= args
->peer
;
1279 struct attr
*const attr
= args
->attr
;
1280 const bgp_size_t length
= args
->length
;
1282 *as4_path
= aspath_parse(peer
->curr
, length
, 1);
1284 /* In case of IBGP, length will be zero. */
1286 flog_err(EC_BGP_ATTR_MAL_AS_PATH
,
1287 "Malformed AS4 path from %s, length is %d", peer
->host
,
1289 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_MAL_AS_PATH
,
1293 /* Set aspath attribute flag. */
1294 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
);
1296 return BGP_ATTR_PARSE_PROCEED
;
1300 * Check that the nexthop attribute is valid.
1302 bgp_attr_parse_ret_t
1303 bgp_attr_nexthop_valid(struct peer
*peer
, struct attr
*attr
)
1305 in_addr_t nexthop_h
;
1307 nexthop_h
= ntohl(attr
->nexthop
.s_addr
);
1308 if ((IPV4_NET0(nexthop_h
) || IPV4_NET127(nexthop_h
)
1309 || IPV4_CLASS_DE(nexthop_h
))
1310 && !BGP_DEBUG(allow_martians
, ALLOW_MARTIANS
)) {
1311 uint8_t data
[7]; /* type(2) + length(1) + nhop(4) */
1312 char buf
[INET_ADDRSTRLEN
];
1314 inet_ntop(AF_INET
, &attr
->nexthop
.s_addr
, buf
,
1316 flog_err(EC_BGP_ATTR_MARTIAN_NH
, "Martian nexthop %s",
1318 data
[0] = BGP_ATTR_FLAG_TRANS
;
1319 data
[1] = BGP_ATTR_NEXT_HOP
;
1320 data
[2] = BGP_ATTR_NHLEN_IPV4
;
1321 memcpy(&data
[3], &attr
->nexthop
.s_addr
, BGP_ATTR_NHLEN_IPV4
);
1322 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
1323 BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP
,
1325 return BGP_ATTR_PARSE_ERROR
;
1328 return BGP_ATTR_PARSE_PROCEED
;
1331 /* Nexthop attribute. */
1332 static bgp_attr_parse_ret_t
bgp_attr_nexthop(struct bgp_attr_parser_args
*args
)
1334 struct peer
*const peer
= args
->peer
;
1335 struct attr
*const attr
= args
->attr
;
1336 const bgp_size_t length
= args
->length
;
1338 /* Check nexthop attribute length. */
1340 flog_err(EC_BGP_ATTR_LEN
,
1341 "Nexthop attribute length isn't four [%d]", length
);
1343 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1347 attr
->nexthop
.s_addr
= stream_get_ipv4(peer
->curr
);
1348 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
);
1350 return BGP_ATTR_PARSE_PROCEED
;
1353 /* MED atrribute. */
1354 static bgp_attr_parse_ret_t
bgp_attr_med(struct bgp_attr_parser_args
*args
)
1356 struct peer
*const peer
= args
->peer
;
1357 struct attr
*const attr
= args
->attr
;
1358 const bgp_size_t length
= args
->length
;
1362 flog_err(EC_BGP_ATTR_LEN
,
1363 "MED attribute length isn't four [%d]", length
);
1365 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1369 attr
->med
= stream_getl(peer
->curr
);
1371 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
);
1373 return BGP_ATTR_PARSE_PROCEED
;
1376 /* Local preference attribute. */
1377 static bgp_attr_parse_ret_t
1378 bgp_attr_local_pref(struct bgp_attr_parser_args
*args
)
1380 struct peer
*const peer
= args
->peer
;
1381 struct attr
*const attr
= args
->attr
;
1382 const bgp_size_t length
= args
->length
;
1386 flog_err(EC_BGP_ATTR_LEN
,
1387 "LOCAL_PREF attribute length isn't 4 [%u]", length
);
1388 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1392 /* If it is contained in an UPDATE message that is received from an
1393 external peer, then this attribute MUST be ignored by the
1394 receiving speaker. */
1395 if (peer
->sort
== BGP_PEER_EBGP
) {
1396 stream_forward_getp(peer
->curr
, length
);
1397 return BGP_ATTR_PARSE_PROCEED
;
1400 attr
->local_pref
= stream_getl(peer
->curr
);
1402 /* Set the local-pref flag. */
1403 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
);
1405 return BGP_ATTR_PARSE_PROCEED
;
1408 /* Atomic aggregate. */
1409 static int bgp_attr_atomic(struct bgp_attr_parser_args
*args
)
1411 struct attr
*const attr
= args
->attr
;
1412 const bgp_size_t length
= args
->length
;
1416 flog_err(EC_BGP_ATTR_LEN
,
1417 "ATOMIC_AGGREGATE attribute length isn't 0 [%u]",
1419 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1423 /* Set atomic aggregate flag. */
1424 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
);
1426 return BGP_ATTR_PARSE_PROCEED
;
1429 /* Aggregator attribute */
1430 static int bgp_attr_aggregator(struct bgp_attr_parser_args
*args
)
1432 struct peer
*const peer
= args
->peer
;
1433 struct attr
*const attr
= args
->attr
;
1434 const bgp_size_t length
= args
->length
;
1438 /* peer with AS4 will send 4 Byte AS, peer without will send 2 Byte */
1439 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
))
1442 if (length
!= wantedlen
) {
1443 flog_err(EC_BGP_ATTR_LEN
,
1444 "AGGREGATOR attribute length isn't %u [%u]", wantedlen
,
1446 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1450 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
))
1451 attr
->aggregator_as
= stream_getl(peer
->curr
);
1453 attr
->aggregator_as
= stream_getw(peer
->curr
);
1454 attr
->aggregator_addr
.s_addr
= stream_get_ipv4(peer
->curr
);
1456 /* Set atomic aggregate flag. */
1457 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
);
1459 return BGP_ATTR_PARSE_PROCEED
;
1462 /* New Aggregator attribute */
1463 static bgp_attr_parse_ret_t
1464 bgp_attr_as4_aggregator(struct bgp_attr_parser_args
*args
,
1465 as_t
*as4_aggregator_as
,
1466 struct in_addr
*as4_aggregator_addr
)
1468 struct peer
*const peer
= args
->peer
;
1469 struct attr
*const attr
= args
->attr
;
1470 const bgp_size_t length
= args
->length
;
1473 flog_err(EC_BGP_ATTR_LEN
, "New Aggregator length is not 8 [%d]",
1475 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1479 *as4_aggregator_as
= stream_getl(peer
->curr
);
1480 as4_aggregator_addr
->s_addr
= stream_get_ipv4(peer
->curr
);
1482 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
);
1484 return BGP_ATTR_PARSE_PROCEED
;
1487 /* Munge Aggregator and New-Aggregator, AS_PATH and NEW_AS_PATH.
1489 static bgp_attr_parse_ret_t
1490 bgp_attr_munge_as4_attrs(struct peer
*const peer
, struct attr
*const attr
,
1491 struct aspath
*as4_path
, as_t as4_aggregator
,
1492 struct in_addr
*as4_aggregator_addr
)
1494 int ignore_as4_path
= 0;
1495 struct aspath
*newpath
;
1497 if (!attr
->aspath
) {
1498 /* NULL aspath shouldn't be possible as bgp_attr_parse should
1500 * checked that all well-known, mandatory attributes were
1503 * Can only be a problem with peer itself - hard error
1505 return BGP_ATTR_PARSE_ERROR
;
1508 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)) {
1509 /* peer can do AS4, so we ignore AS4_PATH and AS4_AGGREGATOR
1511 * It is worth a warning though, because the peer really
1512 * should not send them
1514 if (BGP_DEBUG(as4
, AS4
)) {
1515 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
)))
1516 zlog_debug("[AS4] %s %s AS4_PATH", peer
->host
,
1517 "AS4 capable peer, yet it sent");
1520 & (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
)))
1521 zlog_debug("[AS4] %s %s AS4_AGGREGATOR",
1523 "AS4 capable peer, yet it sent");
1526 return BGP_ATTR_PARSE_PROCEED
;
1529 /* We have a asn16 peer. First, look for AS4_AGGREGATOR
1530 * because that may override AS4_PATH
1532 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_AGGREGATOR
))) {
1533 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
))) {
1535 * if the as_number in aggregator is not AS_TRANS,
1536 * then AS4_AGGREGATOR and AS4_PATH shall be ignored
1537 * and the Aggregator shall be taken as
1538 * info on the aggregating node, and the AS_PATH
1539 * shall be taken as the AS_PATH
1541 * the Aggregator shall be ignored and the
1542 * AS4_AGGREGATOR shall be taken as the
1543 * Aggregating node and the AS_PATH is to be
1544 * constructed "as in all other cases"
1546 if (attr
->aggregator_as
!= BGP_AS_TRANS
) {
1548 if (BGP_DEBUG(as4
, AS4
))
1550 "[AS4] %s BGP not AS4 capable peer"
1551 " send AGGREGATOR != AS_TRANS and"
1552 " AS4_AGGREGATOR, so ignore"
1553 " AS4_AGGREGATOR and AS4_PATH",
1555 ignore_as4_path
= 1;
1557 /* "New_aggregator shall be taken as aggregator"
1559 attr
->aggregator_as
= as4_aggregator
;
1560 attr
->aggregator_addr
.s_addr
=
1561 as4_aggregator_addr
->s_addr
;
1564 /* We received a AS4_AGGREGATOR but no AGGREGATOR.
1565 * That is bogus - but reading the conditions
1566 * we have to handle AS4_AGGREGATOR as if it were
1567 * AGGREGATOR in that case
1569 if (BGP_DEBUG(as4
, AS4
))
1571 "[AS4] %s BGP not AS4 capable peer send"
1572 " AS4_AGGREGATOR but no AGGREGATOR, will take"
1573 " it as if AGGREGATOR with AS_TRANS had been there",
1575 attr
->aggregator_as
= as4_aggregator
;
1576 /* sweep it under the carpet and simulate a "good"
1578 attr
->flag
|= (ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
));
1582 /* need to reconcile NEW_AS_PATH and AS_PATH */
1583 if (!ignore_as4_path
1584 && (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS4_PATH
)))) {
1585 newpath
= aspath_reconcile_as4(attr
->aspath
, as4_path
);
1587 return BGP_ATTR_PARSE_ERROR
;
1589 aspath_unintern(&attr
->aspath
);
1590 attr
->aspath
= aspath_intern(newpath
);
1592 return BGP_ATTR_PARSE_PROCEED
;
1595 /* Community attribute. */
1596 static bgp_attr_parse_ret_t
1597 bgp_attr_community(struct bgp_attr_parser_args
*args
)
1599 struct peer
*const peer
= args
->peer
;
1600 struct attr
*const attr
= args
->attr
;
1601 const bgp_size_t length
= args
->length
;
1604 attr
->community
= NULL
;
1605 return BGP_ATTR_PARSE_PROCEED
;
1609 community_parse((uint32_t *)stream_pnt(peer
->curr
), length
);
1611 /* XXX: fix community_parse to use stream API and remove this */
1612 stream_forward_getp(peer
->curr
, length
);
1614 if (!attr
->community
)
1615 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1618 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
);
1620 return BGP_ATTR_PARSE_PROCEED
;
1623 /* Originator ID attribute. */
1624 static bgp_attr_parse_ret_t
1625 bgp_attr_originator_id(struct bgp_attr_parser_args
*args
)
1627 struct peer
*const peer
= args
->peer
;
1628 struct attr
*const attr
= args
->attr
;
1629 const bgp_size_t length
= args
->length
;
1633 flog_err(EC_BGP_ATTR_LEN
, "Bad originator ID length %d",
1636 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1640 attr
->originator_id
.s_addr
= stream_get_ipv4(peer
->curr
);
1642 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
);
1644 return BGP_ATTR_PARSE_PROCEED
;
1647 /* Cluster list attribute. */
1648 static bgp_attr_parse_ret_t
1649 bgp_attr_cluster_list(struct bgp_attr_parser_args
*args
)
1651 struct peer
*const peer
= args
->peer
;
1652 struct attr
*const attr
= args
->attr
;
1653 const bgp_size_t length
= args
->length
;
1657 flog_err(EC_BGP_ATTR_LEN
, "Bad cluster list length %d", length
);
1659 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
1664 cluster_parse((struct in_addr
*)stream_pnt(peer
->curr
), length
);
1666 /* XXX: Fix cluster_parse to use stream API and then remove this */
1667 stream_forward_getp(peer
->curr
, length
);
1669 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_CLUSTER_LIST
);
1671 return BGP_ATTR_PARSE_PROCEED
;
1674 /* Multiprotocol reachability information parse. */
1675 int bgp_mp_reach_parse(struct bgp_attr_parser_args
*args
,
1676 struct bgp_nlri
*mp_update
)
1680 iana_safi_t pkt_safi
;
1682 bgp_size_t nlri_len
;
1685 struct peer
*const peer
= args
->peer
;
1686 struct attr
*const attr
= args
->attr
;
1687 const bgp_size_t length
= args
->length
;
1689 /* Set end of packet. */
1690 s
= BGP_INPUT(peer
);
1691 start
= stream_get_getp(s
);
1693 /* safe to read statically sized header? */
1694 #define BGP_MP_REACH_MIN_SIZE 5
1695 #define LEN_LEFT (length - (stream_get_getp(s) - start))
1696 if ((length
> STREAM_READABLE(s
)) || (length
< BGP_MP_REACH_MIN_SIZE
)) {
1697 zlog_info("%s: %s sent invalid length, %lu, of MP_REACH_NLRI",
1698 __func__
, peer
->host
, (unsigned long)length
);
1699 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1702 /* Load AFI, SAFI. */
1703 pkt_afi
= stream_getw(s
);
1704 pkt_safi
= stream_getc(s
);
1706 /* Convert AFI, SAFI to internal values, check. */
1707 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
1708 /* Log if AFI or SAFI is unrecognized. This is not an error
1710 * the attribute is otherwise malformed.
1712 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
1714 "%s sent unrecognizable AFI, %s or, SAFI, %s, of MP_REACH_NLRI",
1715 peer
->host
, iana_afi2str(pkt_afi
),
1716 iana_safi2str(pkt_safi
));
1717 return BGP_ATTR_PARSE_ERROR
;
1720 /* Get nexthop length. */
1721 attr
->mp_nexthop_len
= stream_getc(s
);
1723 if (LEN_LEFT
< attr
->mp_nexthop_len
) {
1725 "%s: %s sent next-hop length, %u, in MP_REACH_NLRI which goes past the end of attribute",
1726 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1727 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1730 /* Nexthop length check. */
1731 switch (attr
->mp_nexthop_len
) {
1733 if (safi
!= SAFI_FLOWSPEC
) {
1734 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1735 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1736 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1739 case BGP_ATTR_NHLEN_VPNV4
:
1740 stream_getl(s
); /* RD high */
1741 stream_getl(s
); /* RD low */
1743 * NOTE: intentional fall through
1744 * - for consistency in rx processing
1746 * The following comment is to signal GCC this intention
1747 * and suppress the warning
1750 case BGP_ATTR_NHLEN_IPV4
:
1751 stream_get(&attr
->mp_nexthop_global_in
, s
, IPV4_MAX_BYTELEN
);
1752 /* Probably needed for RFC 2283 */
1753 if (attr
->nexthop
.s_addr
== 0)
1754 memcpy(&attr
->nexthop
.s_addr
,
1755 &attr
->mp_nexthop_global_in
, IPV4_MAX_BYTELEN
);
1757 case BGP_ATTR_NHLEN_IPV6_GLOBAL
:
1758 case BGP_ATTR_NHLEN_VPNV6_GLOBAL
:
1759 if (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_VPNV6_GLOBAL
) {
1760 stream_getl(s
); /* RD high */
1761 stream_getl(s
); /* RD low */
1763 stream_get(&attr
->mp_nexthop_global
, s
, IPV6_MAX_BYTELEN
);
1764 if (IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_global
)) {
1765 if (!peer
->nexthop
.ifp
) {
1766 zlog_warn("%s sent a v6 global attribute but address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1768 return BGP_ATTR_PARSE_WITHDRAW
;
1770 attr
->nh_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1773 case BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
:
1774 case BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
:
1775 if (attr
->mp_nexthop_len
1776 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
) {
1777 stream_getl(s
); /* RD high */
1778 stream_getl(s
); /* RD low */
1780 stream_get(&attr
->mp_nexthop_global
, s
, IPV6_MAX_BYTELEN
);
1781 if (IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_global
)) {
1782 if (!peer
->nexthop
.ifp
) {
1783 zlog_warn("%s sent a v6 global and LL attribute but global address is a V6 LL and there's no peer interface information. Hence, withdrawing",
1785 return BGP_ATTR_PARSE_WITHDRAW
;
1787 attr
->nh_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1789 if (attr
->mp_nexthop_len
1790 == BGP_ATTR_NHLEN_VPNV6_GLOBAL_AND_LL
) {
1791 stream_getl(s
); /* RD high */
1792 stream_getl(s
); /* RD low */
1794 stream_get(&attr
->mp_nexthop_local
, s
, IPV6_MAX_BYTELEN
);
1795 if (!IN6_IS_ADDR_LINKLOCAL(&attr
->mp_nexthop_local
)) {
1796 char buf1
[INET6_ADDRSTRLEN
];
1797 char buf2
[INET6_ADDRSTRLEN
];
1799 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
1801 "%s sent next-hops %s and %s. Ignoring non-LL value",
1804 &attr
->mp_nexthop_global
,
1805 buf1
, INET6_ADDRSTRLEN
),
1807 &attr
->mp_nexthop_local
, buf2
,
1810 attr
->mp_nexthop_len
= IPV6_MAX_BYTELEN
;
1812 if (!peer
->nexthop
.ifp
) {
1813 zlog_warn("%s sent a v6 LL next-hop and there's no peer interface information. Hence, withdrawing",
1815 return BGP_ATTR_PARSE_WITHDRAW
;
1817 attr
->nh_lla_ifindex
= peer
->nexthop
.ifp
->ifindex
;
1820 zlog_info("%s: %s sent wrong next-hop length, %d, in MP_REACH_NLRI",
1821 __func__
, peer
->host
, attr
->mp_nexthop_len
);
1822 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1826 zlog_info("%s: %s sent SNPA which couldn't be read",
1827 __func__
, peer
->host
);
1828 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1833 if ((val
= stream_getc(s
)))
1835 EC_BGP_DEFUNCT_SNPA_LEN
,
1836 "%s sent non-zero value, %u, for defunct SNPA-length field",
1840 /* must have nrli_len, what is left of the attribute */
1841 nlri_len
= LEN_LEFT
;
1842 if (nlri_len
> STREAM_READABLE(s
)) {
1843 zlog_info("%s: %s sent MP_REACH_NLRI which couldn't be read",
1844 __func__
, peer
->host
);
1845 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1849 zlog_info("%s: %s sent a zero-length NLRI. Hence, treating as a EOR marker",
1850 __func__
, peer
->host
);
1852 mp_update
->afi
= afi
;
1853 mp_update
->safi
= safi
;
1854 return BGP_ATTR_PARSE_EOR
;
1857 mp_update
->afi
= afi
;
1858 mp_update
->safi
= safi
;
1859 mp_update
->nlri
= stream_pnt(s
);
1860 mp_update
->length
= nlri_len
;
1862 stream_forward_getp(s
, nlri_len
);
1864 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
);
1866 return BGP_ATTR_PARSE_PROCEED
;
1870 /* Multiprotocol unreachable parse */
1871 int bgp_mp_unreach_parse(struct bgp_attr_parser_args
*args
,
1872 struct bgp_nlri
*mp_withdraw
)
1877 iana_safi_t pkt_safi
;
1879 uint16_t withdraw_len
;
1880 struct peer
*const peer
= args
->peer
;
1881 struct attr
*const attr
= args
->attr
;
1882 const bgp_size_t length
= args
->length
;
1886 #define BGP_MP_UNREACH_MIN_SIZE 3
1887 if ((length
> STREAM_READABLE(s
)) || (length
< BGP_MP_UNREACH_MIN_SIZE
))
1888 return BGP_ATTR_PARSE_ERROR_NOTIFYPLS
;
1890 pkt_afi
= stream_getw(s
);
1891 pkt_safi
= stream_getc(s
);
1893 /* Convert AFI, SAFI to internal values, check. */
1894 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
1895 /* Log if AFI or SAFI is unrecognized. This is not an error
1897 * the attribute is otherwise malformed.
1899 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
1901 "%s: MP_UNREACH received AFI %s or SAFI %s is unrecognized",
1902 peer
->host
, iana_afi2str(pkt_afi
),
1903 iana_safi2str(pkt_safi
));
1904 return BGP_ATTR_PARSE_ERROR
;
1907 withdraw_len
= length
- BGP_MP_UNREACH_MIN_SIZE
;
1909 mp_withdraw
->afi
= afi
;
1910 mp_withdraw
->safi
= safi
;
1911 mp_withdraw
->nlri
= stream_pnt(s
);
1912 mp_withdraw
->length
= withdraw_len
;
1914 stream_forward_getp(s
, withdraw_len
);
1916 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
);
1918 return BGP_ATTR_PARSE_PROCEED
;
1921 /* Large Community attribute. */
1922 static bgp_attr_parse_ret_t
1923 bgp_attr_large_community(struct bgp_attr_parser_args
*args
)
1925 struct peer
*const peer
= args
->peer
;
1926 struct attr
*const attr
= args
->attr
;
1927 const bgp_size_t length
= args
->length
;
1930 * Large community follows new attribute format.
1933 attr
->lcommunity
= NULL
;
1934 /* Empty extcomm doesn't seem to be invalid per se */
1935 return BGP_ATTR_PARSE_PROCEED
;
1939 lcommunity_parse((uint8_t *)stream_pnt(peer
->curr
), length
);
1940 /* XXX: fix ecommunity_parse to use stream API */
1941 stream_forward_getp(peer
->curr
, length
);
1943 if (!attr
->lcommunity
)
1944 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1947 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
);
1949 return BGP_ATTR_PARSE_PROCEED
;
1952 /* Extended Community attribute. */
1953 static bgp_attr_parse_ret_t
1954 bgp_attr_ext_communities(struct bgp_attr_parser_args
*args
)
1956 struct peer
*const peer
= args
->peer
;
1957 struct attr
*const attr
= args
->attr
;
1958 const bgp_size_t length
= args
->length
;
1962 attr
->ecommunity
= NULL
;
1963 /* Empty extcomm doesn't seem to be invalid per se */
1964 return BGP_ATTR_PARSE_PROCEED
;
1968 ecommunity_parse((uint8_t *)stream_pnt(peer
->curr
), length
);
1969 /* XXX: fix ecommunity_parse to use stream API */
1970 stream_forward_getp(peer
->curr
, length
);
1972 if (!attr
->ecommunity
)
1973 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
1976 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
);
1978 /* Extract MAC mobility sequence number, if any. */
1979 attr
->mm_seqnum
= bgp_attr_mac_mobility_seqnum(attr
, &sticky
);
1980 attr
->sticky
= sticky
;
1982 /* Check if this is a Gateway MAC-IP advertisement */
1983 attr
->default_gw
= bgp_attr_default_gw(attr
);
1985 /* Handle scenario where router flag ecommunity is not
1986 * set but default gw ext community is present.
1987 * Use default gateway, set and propogate R-bit.
1989 if (attr
->default_gw
)
1990 attr
->router_flag
= 1;
1992 /* Check EVPN Neighbor advertisement flags, R-bit */
1993 bgp_attr_evpn_na_flag(attr
, &attr
->router_flag
);
1995 /* Extract the Rmac, if any */
1996 if (bgp_attr_rmac(attr
, &attr
->rmac
)) {
1997 if (bgp_debug_update(peer
, NULL
, NULL
, 1) &&
1998 bgp_mac_exist(&attr
->rmac
)) {
1999 char buf1
[ETHER_ADDR_STRLEN
];
2001 zlog_debug("%s: router mac %s is self mac",
2003 prefix_mac2str(&attr
->rmac
, buf1
,
2009 /* Get the tunnel type from encap extended community */
2010 bgp_attr_extcom_tunnel_type(attr
,
2011 (bgp_encap_types
*)&attr
->encap_tunneltype
);
2013 return BGP_ATTR_PARSE_PROCEED
;
2016 /* Parse Tunnel Encap attribute in an UPDATE */
2017 static int bgp_attr_encap(uint8_t type
, struct peer
*peer
, /* IN */
2018 bgp_size_t length
, /* IN: attr's length field */
2019 struct attr
*attr
, /* IN: caller already allocated */
2020 uint8_t flag
, /* IN: attr's flags field */
2024 uint16_t tunneltype
= 0;
2026 total
= length
+ (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
) ? 4 : 3);
2028 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_TRANS
)
2029 || !CHECK_FLAG(flag
, BGP_ATTR_FLAG_OPTIONAL
)) {
2031 "Tunnel Encap attribute flag isn't optional and transitive %d",
2033 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2034 BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR
,
2039 if (BGP_ATTR_ENCAP
== type
) {
2040 /* read outer TLV type and length */
2041 uint16_t tlv_length
;
2045 "Tunnel Encap attribute not long enough to contain outer T,L");
2046 bgp_notify_send_with_data(
2047 peer
, BGP_NOTIFY_UPDATE_ERR
,
2048 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
, startp
, total
);
2051 tunneltype
= stream_getw(BGP_INPUT(peer
));
2052 tlv_length
= stream_getw(BGP_INPUT(peer
));
2055 if (tlv_length
!= length
) {
2056 zlog_info("%s: tlv_length(%d) != length(%d)",
2057 __func__
, tlv_length
, length
);
2061 while (length
>= 4) {
2062 uint16_t subtype
= 0;
2063 uint16_t sublength
= 0;
2064 struct bgp_attr_encap_subtlv
*tlv
;
2066 if (BGP_ATTR_ENCAP
== type
) {
2067 subtype
= stream_getc(BGP_INPUT(peer
));
2068 sublength
= stream_getc(BGP_INPUT(peer
));
2072 subtype
= stream_getw(BGP_INPUT(peer
));
2073 sublength
= stream_getw(BGP_INPUT(peer
));
2078 if (sublength
> length
) {
2080 "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
2082 bgp_notify_send_with_data(
2083 peer
, BGP_NOTIFY_UPDATE_ERR
,
2084 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
, startp
, total
);
2088 /* alloc and copy sub-tlv */
2089 /* TBD make sure these are freed when attributes are released */
2090 tlv
= XCALLOC(MTYPE_ENCAP_TLV
,
2091 sizeof(struct bgp_attr_encap_subtlv
) + sublength
);
2092 tlv
->type
= subtype
;
2093 tlv
->length
= sublength
;
2094 stream_get(tlv
->value
, peer
->curr
, sublength
);
2095 length
-= sublength
;
2097 /* attach tlv to encap chain */
2098 if (BGP_ATTR_ENCAP
== type
) {
2099 struct bgp_attr_encap_subtlv
*stlv_last
;
2100 for (stlv_last
= attr
->encap_subtlvs
;
2101 stlv_last
&& stlv_last
->next
;
2102 stlv_last
= stlv_last
->next
)
2105 stlv_last
->next
= tlv
;
2107 attr
->encap_subtlvs
= tlv
;
2111 struct bgp_attr_encap_subtlv
*stlv_last
;
2112 for (stlv_last
= attr
->vnc_subtlvs
;
2113 stlv_last
&& stlv_last
->next
;
2114 stlv_last
= stlv_last
->next
)
2117 stlv_last
->next
= tlv
;
2119 attr
->vnc_subtlvs
= tlv
;
2125 if (BGP_ATTR_ENCAP
== type
) {
2126 attr
->encap_tunneltype
= tunneltype
;
2130 /* spurious leftover data */
2132 "Tunnel Encap attribute length is bad: %d leftover octets",
2134 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2135 BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2144 * Read an individual SID value returning how much data we have read
2145 * Returns 0 if there was an error that needs to be passed up the stack
2147 static bgp_attr_parse_ret_t
bgp_attr_psid_sub(int32_t type
,
2149 struct bgp_attr_parser_args
*args
,
2150 struct bgp_nlri
*mp_update
)
2152 struct peer
*const peer
= args
->peer
;
2153 struct attr
*const attr
= args
->attr
;
2154 uint32_t label_index
;
2155 struct in6_addr ipv6_sid
;
2157 uint32_t srgb_range
;
2160 if (type
== BGP_PREFIX_SID_LABEL_INDEX
) {
2161 if (length
!= BGP_PREFIX_SID_LABEL_INDEX_LENGTH
) {
2164 "Prefix SID label index length is %d instead of %d",
2165 length
, BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
2166 return bgp_attr_malformed(args
,
2167 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2171 /* Ignore flags and reserved */
2172 stream_getc(peer
->curr
);
2173 stream_getw(peer
->curr
);
2175 /* Fetch the label index and see if it is valid. */
2176 label_index
= stream_getl(peer
->curr
);
2177 if (label_index
== BGP_INVALID_LABEL_INDEX
)
2178 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2181 /* Store label index; subsequently, we'll check on
2183 attr
->label_index
= label_index
;
2186 * Ignore the Label index attribute unless received for
2190 if (!mp_update
->length
2191 || mp_update
->safi
!= SAFI_LABELED_UNICAST
)
2192 attr
->label_index
= BGP_INVALID_LABEL_INDEX
;
2195 /* Placeholder code for the IPv6 SID type */
2196 else if (type
== BGP_PREFIX_SID_IPV6
) {
2197 if (length
!= BGP_PREFIX_SID_IPV6_LENGTH
) {
2198 flog_err(EC_BGP_ATTR_LEN
,
2199 "Prefix SID IPv6 length is %d instead of %d",
2200 length
, BGP_PREFIX_SID_IPV6_LENGTH
);
2201 return bgp_attr_malformed(args
,
2202 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2206 /* Ignore reserved */
2207 stream_getc(peer
->curr
);
2208 stream_getw(peer
->curr
);
2210 stream_get(&ipv6_sid
, peer
->curr
, 16);
2213 /* Placeholder code for the Originator SRGB type */
2214 else if (type
== BGP_PREFIX_SID_ORIGINATOR_SRGB
) {
2216 stream_getw(peer
->curr
);
2220 if (length
% BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
) {
2223 "Prefix SID Originator SRGB length is %d, it must be a multiple of %d ",
2224 length
, BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
);
2225 return bgp_attr_malformed(
2226 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2230 srgb_count
= length
/ BGP_PREFIX_SID_ORIGINATOR_SRGB_LENGTH
;
2232 for (int i
= 0; i
< srgb_count
; i
++) {
2233 stream_get(&srgb_base
, peer
->curr
, 3);
2234 stream_get(&srgb_range
, peer
->curr
, 3);
2239 * Placeholder code for Unsupported TLV
2240 * - SRv6 L3 Service TLV (type5)
2241 * - SRv6 L2 Service TLV (type6)
2243 else if (type
== BGP_PREFIX_SID_SRV6_L3_SERVICE
2244 || type
== BGP_PREFIX_SID_SRV6_L2_SERVICE
) {
2245 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
2247 "%s attr Prefix-SID sub-type=%u is not supported, skipped",
2249 for (int i
= 0; i
< length
; i
++)
2250 stream_getc(peer
->curr
);
2253 return BGP_ATTR_PARSE_PROCEED
;
2256 /* Prefix SID attribute
2257 * draft-ietf-idr-bgp-prefix-sid-05
2259 bgp_attr_parse_ret_t
2260 bgp_attr_prefix_sid(int32_t tlength
, struct bgp_attr_parser_args
*args
,
2261 struct bgp_nlri
*mp_update
)
2263 struct peer
*const peer
= args
->peer
;
2264 struct attr
*const attr
= args
->attr
;
2265 bgp_attr_parse_ret_t ret
;
2267 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
);
2270 int32_t type
, length
;
2272 type
= stream_getc(peer
->curr
);
2273 length
= stream_getw(peer
->curr
);
2275 ret
= bgp_attr_psid_sub(type
, length
, args
, mp_update
);
2277 if (ret
!= BGP_ATTR_PARSE_PROCEED
)
2280 * Subtract length + the T and the L
2281 * since length is the Vector portion
2283 tlength
-= length
+ 3;
2288 "Prefix SID internal length %d causes us to read beyond the total Prefix SID length",
2290 return bgp_attr_malformed(args
,
2291 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2296 return BGP_ATTR_PARSE_PROCEED
;
2299 /* PMSI tunnel attribute (RFC 6514)
2300 * Basic validation checks done here.
2302 static bgp_attr_parse_ret_t
2303 bgp_attr_pmsi_tunnel(struct bgp_attr_parser_args
*args
)
2305 struct peer
*const peer
= args
->peer
;
2306 struct attr
*const attr
= args
->attr
;
2307 const bgp_size_t length
= args
->length
;
2309 int attr_parse_len
= 2 + BGP_LABEL_BYTES
;
2311 /* Verify that the receiver is expecting "ingress replication" as we
2312 * can only support that.
2314 if (length
< attr_parse_len
) {
2315 flog_err(EC_BGP_ATTR_LEN
, "Bad PMSI tunnel attribute length %d",
2317 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2320 stream_getc(peer
->curr
); /* Flags */
2321 tnl_type
= stream_getc(peer
->curr
);
2322 if (tnl_type
> PMSI_TNLTYPE_MAX
) {
2323 flog_err(EC_BGP_ATTR_PMSI_TYPE
,
2324 "Invalid PMSI tunnel attribute type %d", tnl_type
);
2325 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
,
2328 if (tnl_type
== PMSI_TNLTYPE_INGR_REPL
) {
2330 flog_err(EC_BGP_ATTR_PMSI_LEN
,
2331 "Bad PMSI tunnel attribute length %d for IR",
2333 return bgp_attr_malformed(
2334 args
, BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
,
2339 attr
->flag
|= ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL
);
2340 attr
->pmsi_tnl_type
= tnl_type
;
2341 stream_get(&attr
->label
, peer
->curr
, BGP_LABEL_BYTES
);
2343 /* Forward read pointer of input stream. */
2344 stream_forward_getp(peer
->curr
, length
- attr_parse_len
);
2346 return BGP_ATTR_PARSE_PROCEED
;
2349 /* BGP unknown attribute treatment. */
2350 static bgp_attr_parse_ret_t
bgp_attr_unknown(struct bgp_attr_parser_args
*args
)
2352 bgp_size_t total
= args
->total
;
2353 struct transit
*transit
;
2354 struct peer
*const peer
= args
->peer
;
2355 struct attr
*const attr
= args
->attr
;
2356 uint8_t *const startp
= args
->startp
;
2357 const uint8_t type
= args
->type
;
2358 const uint8_t flag
= args
->flags
;
2359 const bgp_size_t length
= args
->length
;
2361 if (bgp_debug_update(peer
, NULL
, NULL
, 1))
2363 "%s Unknown attribute is received (type %d, length %d)",
2364 peer
->host
, type
, length
);
2366 /* Forward read pointer of input stream. */
2367 stream_forward_getp(peer
->curr
, length
);
2369 /* If any of the mandatory well-known attributes are not recognized,
2370 then the Error Subcode is set to Unrecognized Well-known
2371 Attribute. The Data field contains the unrecognized attribute
2372 (type, length and value). */
2373 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_OPTIONAL
)) {
2374 return bgp_attr_malformed(args
, BGP_NOTIFY_UPDATE_UNREC_ATTR
,
2378 /* Unrecognized non-transitive optional attributes must be quietly
2379 ignored and not passed along to other BGP peers. */
2380 if (!CHECK_FLAG(flag
, BGP_ATTR_FLAG_TRANS
))
2381 return BGP_ATTR_PARSE_PROCEED
;
2383 /* If a path with recognized transitive optional attribute is
2384 accepted and passed along to other BGP peers and the Partial bit
2385 in the Attribute Flags octet is set to 1 by some previous AS, it
2386 is not set back to 0 by the current AS. */
2387 SET_FLAG(*startp
, BGP_ATTR_FLAG_PARTIAL
);
2389 /* Store transitive attribute to the end of attr->transit. */
2391 attr
->transit
= XCALLOC(MTYPE_TRANSIT
, sizeof(struct transit
));
2393 transit
= attr
->transit
;
2396 transit
->val
= XREALLOC(MTYPE_TRANSIT_VAL
, transit
->val
,
2397 transit
->length
+ total
);
2399 transit
->val
= XMALLOC(MTYPE_TRANSIT_VAL
, total
);
2401 memcpy(transit
->val
+ transit
->length
, startp
, total
);
2402 transit
->length
+= total
;
2404 return BGP_ATTR_PARSE_PROCEED
;
2407 /* Well-known attribute check. */
2408 static int bgp_attr_check(struct peer
*peer
, struct attr
*attr
)
2412 /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
2414 if (CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
) && !attr
->flag
)
2415 return BGP_ATTR_PARSE_PROCEED
;
2417 /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
2418 to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
2419 are present, it should. Check for any other attribute being present
2422 if ((!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
)) &&
2423 CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
))))
2424 return BGP_ATTR_PARSE_PROCEED
;
2426 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN
)))
2427 type
= BGP_ATTR_ORIGIN
;
2429 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
)))
2430 type
= BGP_ATTR_AS_PATH
;
2432 /* RFC 2858 makes Next-Hop optional/ignored, if MP_REACH_NLRI is present
2434 * NLRI is empty. We can't easily check NLRI empty here though.
2436 if (!CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
))
2437 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
)))
2438 type
= BGP_ATTR_NEXT_HOP
;
2440 if (peer
->sort
== BGP_PEER_IBGP
2441 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
)))
2442 type
= BGP_ATTR_LOCAL_PREF
;
2445 flog_warn(EC_BGP_MISSING_ATTRIBUTE
,
2446 "%s Missing well-known attribute %s.", peer
->host
,
2447 lookup_msg(attr_str
, type
, NULL
));
2448 bgp_notify_send_with_data(peer
, BGP_NOTIFY_UPDATE_ERR
,
2449 BGP_NOTIFY_UPDATE_MISS_ATTR
, &type
,
2451 return BGP_ATTR_PARSE_ERROR
;
2453 return BGP_ATTR_PARSE_PROCEED
;
2456 /* Read attribute of update packet. This function is called from
2457 bgp_update_receive() in bgp_packet.c. */
2458 bgp_attr_parse_ret_t
bgp_attr_parse(struct peer
*peer
, struct attr
*attr
,
2459 bgp_size_t size
, struct bgp_nlri
*mp_update
,
2460 struct bgp_nlri
*mp_withdraw
)
2462 bgp_attr_parse_ret_t ret
;
2466 uint8_t *startp
, *endp
;
2468 uint8_t seen
[BGP_ATTR_BITMAP_SIZE
];
2469 /* we need the as4_path only until we have synthesized the as_path with
2471 /* same goes for as4_aggregator */
2472 struct aspath
*as4_path
= NULL
;
2473 as_t as4_aggregator
= 0;
2474 struct in_addr as4_aggregator_addr
= {.s_addr
= 0};
2476 /* Initialize bitmap. */
2477 memset(seen
, 0, BGP_ATTR_BITMAP_SIZE
);
2479 /* End pointer of BGP attribute. */
2480 endp
= BGP_INPUT_PNT(peer
) + size
;
2482 /* Get attributes to the end of attribute length. */
2483 while (BGP_INPUT_PNT(peer
) < endp
) {
2484 /* Check remaining length check.*/
2485 if (endp
- BGP_INPUT_PNT(peer
) < BGP_ATTR_MIN_LEN
) {
2486 /* XXX warning: long int format, int arg (arg 5) */
2488 EC_BGP_ATTRIBUTE_TOO_SMALL
,
2489 "%s: error BGP attribute length %lu is smaller than min len",
2491 (unsigned long)(endp
2492 - stream_pnt(BGP_INPUT(peer
))));
2494 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2495 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2496 ret
= BGP_ATTR_PARSE_ERROR
;
2500 /* Fetch attribute flag and type. */
2501 startp
= BGP_INPUT_PNT(peer
);
2502 /* "The lower-order four bits of the Attribute Flags octet are
2503 unused. They MUST be zero when sent and MUST be ignored when
2505 flag
= 0xF0 & stream_getc(BGP_INPUT(peer
));
2506 type
= stream_getc(BGP_INPUT(peer
));
2508 /* Check whether Extended-Length applies and is in bounds */
2509 if (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
)
2510 && ((endp
- startp
) < (BGP_ATTR_MIN_LEN
+ 1))) {
2512 EC_BGP_EXT_ATTRIBUTE_TOO_SMALL
,
2513 "%s: Extended length set, but just %lu bytes of attr header",
2515 (unsigned long)(endp
2516 - stream_pnt(BGP_INPUT(peer
))));
2518 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2519 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2520 ret
= BGP_ATTR_PARSE_ERROR
;
2524 /* Check extended attribue length bit. */
2525 if (CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
))
2526 length
= stream_getw(BGP_INPUT(peer
));
2528 length
= stream_getc(BGP_INPUT(peer
));
2530 /* If any attribute appears more than once in the UPDATE
2531 message, then the Error Subcode is set to Malformed Attribute
2534 if (CHECK_BITMAP(seen
, type
)) {
2536 EC_BGP_ATTRIBUTE_REPEATED
,
2537 "%s: error BGP attribute type %d appears twice in a message",
2540 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2541 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2542 ret
= BGP_ATTR_PARSE_ERROR
;
2546 /* Set type to bitmap to check duplicate attribute. `type' is
2547 unsigned char so it never overflow bitmap range. */
2549 SET_BITMAP(seen
, type
);
2551 /* Overflow check. */
2552 attr_endp
= BGP_INPUT_PNT(peer
) + length
;
2554 if (attr_endp
> endp
) {
2556 EC_BGP_ATTRIBUTE_TOO_LARGE
,
2557 "%s: BGP type %d length %d is too large, attribute total length is %d. attr_endp is %p. endp is %p",
2558 peer
->host
, type
, length
, size
, attr_endp
,
2562 * If any recognized attribute has an Attribute
2563 * Length that conflicts with the expected length
2564 * (based on the attribute type code), then the
2565 * Error Subcode MUST be set to Attribute Length
2566 * Error. The Data field MUST contain the erroneous
2567 * attribute (type, length, and value).
2569 * We do not currently have a good way to determine the
2570 * length of the attribute independent of the length
2571 * received in the message. Instead we send the
2572 * minimum between the amount of data we have and the
2573 * amount specified by the attribute length field.
2575 * Instead of directly passing in the packet buffer and
2576 * offset we use the stream_get* functions to read into
2577 * a stack buffer, since they perform bounds checking
2578 * and we are working with untrusted data.
2580 unsigned char ndata
[BGP_MAX_PACKET_SIZE
];
2581 memset(ndata
, 0x00, sizeof(ndata
));
2583 CHECK_FLAG(flag
, BGP_ATTR_FLAG_EXTLEN
) ? 2 : 1;
2584 /* Rewind to end of flag field */
2585 stream_forward_getp(BGP_INPUT(peer
), -(1 + lfl
));
2587 stream_get(&ndata
[0], BGP_INPUT(peer
), 1);
2589 stream_get(&ndata
[1], BGP_INPUT(peer
), lfl
);
2591 size_t atl
= attr_endp
- startp
;
2592 size_t ndl
= MIN(atl
, STREAM_READABLE(BGP_INPUT(peer
)));
2593 stream_get(&ndata
[lfl
+ 1], BGP_INPUT(peer
), ndl
);
2595 bgp_notify_send_with_data(
2596 peer
, BGP_NOTIFY_UPDATE_ERR
,
2597 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
, ndata
,
2600 ret
= BGP_ATTR_PARSE_ERROR
;
2604 struct bgp_attr_parser_args attr_args
= {
2611 .total
= attr_endp
- startp
,
2615 /* If any recognized attribute has Attribute Flags that conflict
2616 with the Attribute Type Code, then the Error Subcode is set
2618 Attribute Flags Error. The Data field contains the erroneous
2619 attribute (type, length and value). */
2620 if (bgp_attr_flag_invalid(&attr_args
)) {
2621 ret
= bgp_attr_malformed(
2622 &attr_args
, BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR
,
2624 if (ret
== BGP_ATTR_PARSE_PROCEED
)
2629 /* OK check attribute and store it's value. */
2631 case BGP_ATTR_ORIGIN
:
2632 ret
= bgp_attr_origin(&attr_args
);
2634 case BGP_ATTR_AS_PATH
:
2635 ret
= bgp_attr_aspath(&attr_args
);
2637 case BGP_ATTR_AS4_PATH
:
2638 ret
= bgp_attr_as4_path(&attr_args
, &as4_path
);
2640 case BGP_ATTR_NEXT_HOP
:
2641 ret
= bgp_attr_nexthop(&attr_args
);
2643 case BGP_ATTR_MULTI_EXIT_DISC
:
2644 ret
= bgp_attr_med(&attr_args
);
2646 case BGP_ATTR_LOCAL_PREF
:
2647 ret
= bgp_attr_local_pref(&attr_args
);
2649 case BGP_ATTR_ATOMIC_AGGREGATE
:
2650 ret
= bgp_attr_atomic(&attr_args
);
2652 case BGP_ATTR_AGGREGATOR
:
2653 ret
= bgp_attr_aggregator(&attr_args
);
2655 case BGP_ATTR_AS4_AGGREGATOR
:
2656 ret
= bgp_attr_as4_aggregator(&attr_args
,
2658 &as4_aggregator_addr
);
2660 case BGP_ATTR_COMMUNITIES
:
2661 ret
= bgp_attr_community(&attr_args
);
2663 case BGP_ATTR_LARGE_COMMUNITIES
:
2664 ret
= bgp_attr_large_community(&attr_args
);
2666 case BGP_ATTR_ORIGINATOR_ID
:
2667 ret
= bgp_attr_originator_id(&attr_args
);
2669 case BGP_ATTR_CLUSTER_LIST
:
2670 ret
= bgp_attr_cluster_list(&attr_args
);
2672 case BGP_ATTR_MP_REACH_NLRI
:
2673 ret
= bgp_mp_reach_parse(&attr_args
, mp_update
);
2675 case BGP_ATTR_MP_UNREACH_NLRI
:
2676 ret
= bgp_mp_unreach_parse(&attr_args
, mp_withdraw
);
2678 case BGP_ATTR_EXT_COMMUNITIES
:
2679 ret
= bgp_attr_ext_communities(&attr_args
);
2681 #if ENABLE_BGP_VNC_ATTR
2684 case BGP_ATTR_ENCAP
:
2685 ret
= bgp_attr_encap(type
, peer
, length
, attr
, flag
,
2688 case BGP_ATTR_PREFIX_SID
:
2689 ret
= bgp_attr_prefix_sid(length
,
2690 &attr_args
, mp_update
);
2692 case BGP_ATTR_PMSI_TUNNEL
:
2693 ret
= bgp_attr_pmsi_tunnel(&attr_args
);
2696 ret
= bgp_attr_unknown(&attr_args
);
2700 if (ret
== BGP_ATTR_PARSE_ERROR_NOTIFYPLS
) {
2701 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2702 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2703 ret
= BGP_ATTR_PARSE_ERROR
;
2707 if (ret
== BGP_ATTR_PARSE_EOR
) {
2711 if (ret
== BGP_ATTR_PARSE_ERROR
) {
2712 flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR
,
2713 "%s: Attribute %s, parse error", peer
->host
,
2714 lookup_msg(attr_str
, type
, NULL
));
2717 if (ret
== BGP_ATTR_PARSE_WITHDRAW
) {
2719 EC_BGP_ATTRIBUTE_PARSE_WITHDRAW
,
2720 "%s: Attribute %s, parse error - treating as withdrawal",
2721 peer
->host
, lookup_msg(attr_str
, type
, NULL
));
2725 /* Check the fetched length. */
2726 if (BGP_INPUT_PNT(peer
) != attr_endp
) {
2727 flog_warn(EC_BGP_ATTRIBUTE_FETCH_ERROR
,
2728 "%s: BGP attribute %s, fetch error",
2729 peer
->host
, lookup_msg(attr_str
, type
, NULL
));
2730 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2731 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2732 ret
= BGP_ATTR_PARSE_ERROR
;
2737 /* Check final read pointer is same as end pointer. */
2738 if (BGP_INPUT_PNT(peer
) != endp
) {
2739 flog_warn(EC_BGP_ATTRIBUTES_MISMATCH
,
2740 "%s: BGP attribute %s, length mismatch", peer
->host
,
2741 lookup_msg(attr_str
, type
, NULL
));
2742 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2743 BGP_NOTIFY_UPDATE_ATTR_LENG_ERR
);
2745 ret
= BGP_ATTR_PARSE_ERROR
;
2750 * RFC4271: If the NEXT_HOP attribute field is syntactically incorrect,
2751 * then the Error Subcode MUST be set to Invalid NEXT_HOP Attribute.
2752 * This is implemented below and will result in a NOTIFICATION. If the
2753 * NEXT_HOP attribute is semantically incorrect, the error SHOULD be
2754 * logged, and the route SHOULD be ignored. In this case, a NOTIFICATION
2755 * message SHOULD NOT be sent. This is implemented elsewhere.
2757 * RFC4760: An UPDATE message that carries no NLRI, other than the one
2758 * encoded in the MP_REACH_NLRI attribute, SHOULD NOT carry the NEXT_HOP
2759 * attribute. If such a message contains the NEXT_HOP attribute, the BGP
2760 * speaker that receives the message SHOULD ignore this attribute.
2762 if (CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
))
2763 && !CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
))) {
2764 if (bgp_attr_nexthop_valid(peer
, attr
) < 0) {
2765 ret
= BGP_ATTR_PARSE_ERROR
;
2770 /* Check all mandatory well-known attributes are present */
2771 if ((ret
= bgp_attr_check(peer
, attr
)) < 0)
2775 * At this place we can see whether we got AS4_PATH and/or
2776 * AS4_AGGREGATOR from a 16Bit peer and act accordingly.
2777 * We can not do this before we've read all attributes because
2778 * the as4 handling does not say whether AS4_PATH has to be sent
2779 * after AS_PATH or not - and when AS4_AGGREGATOR will be send
2780 * in relationship to AGGREGATOR.
2781 * So, to be defensive, we are not relying on any order and read
2782 * all attributes first, including these 32bit ones, and now,
2783 * afterwards, we look what and if something is to be done for as4.
2785 * It is possible to not have AS_PATH, e.g. GR EoR and sole
2788 /* actually... this doesn't ever return failure currently, but
2789 * better safe than sorry */
2790 if (CHECK_FLAG(attr
->flag
, ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
))
2791 && bgp_attr_munge_as4_attrs(peer
, attr
, as4_path
, as4_aggregator
,
2792 &as4_aggregator_addr
)) {
2793 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
2794 BGP_NOTIFY_UPDATE_MAL_ATTR
);
2795 ret
= BGP_ATTR_PARSE_ERROR
;
2800 * Finally do the checks on the aspath we did not do yet
2801 * because we waited for a potentially synthesized aspath.
2803 if (attr
->flag
& (ATTR_FLAG_BIT(BGP_ATTR_AS_PATH
))) {
2804 ret
= bgp_attr_aspath_check(peer
, attr
);
2805 if (ret
!= BGP_ATTR_PARSE_PROCEED
)
2809 ret
= BGP_ATTR_PARSE_PROCEED
;
2813 * At this stage, we have done all fiddling with as4, and the
2814 * resulting info is in attr->aggregator resp. attr->aspath so
2815 * we can chuck as4_aggregator and as4_path alltogether in order
2820 * unintern - it is in the hash
2821 * The flag that we got this is still there, but that
2822 * does not do any trouble
2824 aspath_unintern(&as4_path
);
2827 if (ret
!= BGP_ATTR_PARSE_ERROR
) {
2828 /* Finally intern unknown attribute. */
2830 attr
->transit
= transit_intern(attr
->transit
);
2831 if (attr
->encap_subtlvs
)
2832 attr
->encap_subtlvs
= encap_intern(attr
->encap_subtlvs
,
2835 if (attr
->vnc_subtlvs
)
2836 attr
->vnc_subtlvs
= encap_intern(attr
->vnc_subtlvs
,
2840 if (attr
->transit
) {
2841 transit_free(attr
->transit
);
2842 attr
->transit
= NULL
;
2845 bgp_attr_flush_encap(attr
);
2850 assert(attr
->transit
->refcnt
> 0);
2851 if (attr
->encap_subtlvs
)
2852 assert(attr
->encap_subtlvs
->refcnt
> 0);
2854 if (attr
->vnc_subtlvs
)
2855 assert(attr
->vnc_subtlvs
->refcnt
> 0);
2862 * Extract the tunnel type from extended community
2864 void bgp_attr_extcom_tunnel_type(struct attr
*attr
,
2865 bgp_encap_types
*tunnel_type
)
2867 struct ecommunity
*ecom
;
2872 ecom
= attr
->ecommunity
;
2873 if (!ecom
|| !ecom
->size
)
2876 for (i
= 0; i
< ecom
->size
; i
++) {
2878 uint8_t type
, sub_type
;
2880 pnt
= (ecom
->val
+ (i
* ECOMMUNITY_SIZE
));
2883 if (!(type
== ECOMMUNITY_ENCODE_OPAQUE
&&
2884 sub_type
== ECOMMUNITY_OPAQUE_SUBTYPE_ENCAP
))
2886 *tunnel_type
= ((pnt
[6] << 8) | pnt
[7]);
2893 size_t bgp_packet_mpattr_start(struct stream
*s
, struct peer
*peer
, afi_t afi
,
2894 safi_t safi
, struct bpacket_attr_vec_arr
*vecarr
,
2899 iana_safi_t pkt_safi
;
2902 /* Set extended bit always to encode the attribute length as 2 bytes */
2903 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_EXTLEN
);
2904 stream_putc(s
, BGP_ATTR_MP_REACH_NLRI
);
2905 sizep
= stream_get_endp(s
);
2906 stream_putw(s
, 0); /* Marker: Attribute length. */
2909 /* Convert AFI, SAFI to values for packet. */
2910 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
2912 stream_putw(s
, pkt_afi
); /* AFI */
2913 stream_putc(s
, pkt_safi
); /* SAFI */
2917 && (safi
== SAFI_UNICAST
|| safi
== SAFI_LABELED_UNICAST
))
2918 nh_afi
= peer_cap_enhe(peer
, afi
, safi
) ? AFI_IP6
: AFI_IP
;
2920 nh_afi
= BGP_NEXTHOP_AFI_FROM_NHLEN(attr
->mp_nexthop_len
);
2923 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
, attr
);
2928 case SAFI_MULTICAST
:
2929 case SAFI_LABELED_UNICAST
:
2931 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
2935 stream_putl(s
, 0); /* RD = 0, per RFC */
2937 stream_put(s
, &attr
->mp_nexthop_global_in
, 4);
2942 stream_put(s
, &attr
->mp_nexthop_global_in
, 4);
2945 stream_putc(s
, 0); /* no nexthop for flowspec */
2953 case SAFI_MULTICAST
:
2954 case SAFI_LABELED_UNICAST
:
2956 if (attr
->mp_nexthop_len
2957 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
) {
2959 BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
);
2960 stream_put(s
, &attr
->mp_nexthop_global
,
2962 stream_put(s
, &attr
->mp_nexthop_local
,
2965 stream_putc(s
, IPV6_MAX_BYTELEN
);
2966 stream_put(s
, &attr
->mp_nexthop_global
,
2970 case SAFI_MPLS_VPN
: {
2971 if (attr
->mp_nexthop_len
2972 == BGP_ATTR_NHLEN_IPV6_GLOBAL
) {
2974 stream_putl(s
, 0); /* RD = 0, per RFC */
2976 stream_put(s
, &attr
->mp_nexthop_global
,
2978 } else if (attr
->mp_nexthop_len
2979 == BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
) {
2981 stream_putl(s
, 0); /* RD = 0, per RFC */
2983 stream_put(s
, &attr
->mp_nexthop_global
,
2985 stream_putl(s
, 0); /* RD = 0, per RFC */
2987 stream_put(s
, &attr
->mp_nexthop_local
,
2992 stream_putc(s
, IPV6_MAX_BYTELEN
);
2993 stream_put(s
, &attr
->mp_nexthop_global
,
2997 stream_putc(s
, 0); /* no nexthop for flowspec */
3003 if (safi
!= SAFI_FLOWSPEC
)
3005 EC_BGP_ATTR_NH_SEND_LEN
,
3006 "Bad nexthop when sending to %s, AFI %u SAFI %u nhlen %d",
3007 peer
->host
, afi
, safi
, attr
->mp_nexthop_len
);
3016 void bgp_packet_mpattr_prefix(struct stream
*s
, afi_t afi
, safi_t safi
,
3017 struct prefix
*p
, struct prefix_rd
*prd
,
3018 mpls_label_t
*label
, uint32_t num_labels
,
3019 int addpath_encode
, uint32_t addpath_tx_id
,
3022 if (safi
== SAFI_MPLS_VPN
) {
3024 stream_putl(s
, addpath_tx_id
);
3025 /* Label, RD, Prefix write. */
3026 stream_putc(s
, p
->prefixlen
+ 88);
3027 stream_put(s
, label
, BGP_LABEL_BYTES
);
3028 stream_put(s
, prd
->val
, 8);
3029 stream_put(s
, &p
->u
.prefix
, PSIZE(p
->prefixlen
));
3030 } else if (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
) {
3031 /* EVPN prefix - contents depend on type */
3032 bgp_evpn_encode_prefix(s
, p
, prd
, label
, num_labels
, attr
,
3033 addpath_encode
, addpath_tx_id
);
3034 } else if (safi
== SAFI_LABELED_UNICAST
) {
3035 /* Prefix write with label. */
3036 stream_put_labeled_prefix(s
, p
, label
, addpath_encode
,
3038 } else if (safi
== SAFI_FLOWSPEC
) {
3039 if (PSIZE (p
->prefixlen
)+2 < FLOWSPEC_NLRI_SIZELIMIT
)
3040 stream_putc(s
, PSIZE (p
->prefixlen
)+2);
3042 stream_putw(s
, (PSIZE (p
->prefixlen
)+2)|(0xf<<12));
3043 stream_putc(s
, 2);/* Filter type */
3044 stream_putc(s
, p
->prefixlen
);/* Prefix length */
3045 stream_put(s
, &p
->u
.prefix
, PSIZE (p
->prefixlen
));
3047 stream_put_prefix_addpath(s
, p
, addpath_encode
, addpath_tx_id
);
3050 size_t bgp_packet_mpattr_prefix_size(afi_t afi
, safi_t safi
, struct prefix
*p
)
3052 int size
= PSIZE(p
->prefixlen
);
3053 if (safi
== SAFI_MPLS_VPN
)
3055 else if (safi
== SAFI_LABELED_UNICAST
)
3056 size
+= BGP_LABEL_BYTES
;
3057 else if (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
)
3058 size
+= 232; // TODO: Maximum possible for type-2, type-3 and
3064 * Encodes the tunnel encapsulation attribute,
3065 * and with ENABLE_BGP_VNC the VNC attribute which uses
3066 * almost the same TLV format
3068 static void bgp_packet_mpattr_tea(struct bgp
*bgp
, struct peer
*peer
,
3069 struct stream
*s
, struct attr
*attr
,
3072 unsigned int attrlenfield
= 0;
3073 unsigned int attrhdrlen
= 0;
3074 struct bgp_attr_encap_subtlv
*subtlvs
;
3075 struct bgp_attr_encap_subtlv
*st
;
3076 const char *attrname
;
3078 if (!attr
|| (attrtype
== BGP_ATTR_ENCAP
3079 && (!attr
->encap_tunneltype
3080 || attr
->encap_tunneltype
== BGP_ENCAP_TYPE_MPLS
)))
3084 case BGP_ATTR_ENCAP
:
3085 attrname
= "Tunnel Encap";
3086 subtlvs
= attr
->encap_subtlvs
;
3087 if (subtlvs
== NULL
) /* nothing to do */
3090 * The tunnel encap attr has an "outer" tlv.
3092 * L = total length of subtlvs,
3093 * V = concatenated subtlvs.
3095 attrlenfield
= 2 + 2; /* T + L */
3096 attrhdrlen
= 1 + 1; /* subTLV T + L */
3099 #if ENABLE_BGP_VNC_ATTR
3102 subtlvs
= attr
->vnc_subtlvs
;
3103 if (subtlvs
== NULL
) /* nothing to do */
3105 attrlenfield
= 0; /* no outer T + L */
3106 attrhdrlen
= 2 + 2; /* subTLV T + L */
3114 /* compute attr length */
3115 for (st
= subtlvs
; st
; st
= st
->next
) {
3116 attrlenfield
+= (attrhdrlen
+ st
->length
);
3119 if (attrlenfield
> 0xffff) {
3120 zlog_info("%s attribute is too long (length=%d), can't send it",
3121 attrname
, attrlenfield
);
3125 if (attrlenfield
> 0xff) {
3126 /* 2-octet length field */
3128 BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
3129 | BGP_ATTR_FLAG_EXTLEN
);
3130 stream_putc(s
, attrtype
);
3131 stream_putw(s
, attrlenfield
& 0xffff);
3133 /* 1-octet length field */
3134 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
);
3135 stream_putc(s
, attrtype
);
3136 stream_putc(s
, attrlenfield
& 0xff);
3139 if (attrtype
== BGP_ATTR_ENCAP
) {
3140 /* write outer T+L */
3141 stream_putw(s
, attr
->encap_tunneltype
);
3142 stream_putw(s
, attrlenfield
- 4);
3145 /* write each sub-tlv */
3146 for (st
= subtlvs
; st
; st
= st
->next
) {
3147 if (attrtype
== BGP_ATTR_ENCAP
) {
3148 stream_putc(s
, st
->type
);
3149 stream_putc(s
, st
->length
);
3152 stream_putw(s
, st
->type
);
3153 stream_putw(s
, st
->length
);
3156 stream_put(s
, st
->value
, st
->length
);
3160 void bgp_packet_mpattr_end(struct stream
*s
, size_t sizep
)
3162 /* Set MP attribute length. Don't count the (2) bytes used to encode
3164 stream_putw_at(s
, sizep
, (stream_get_endp(s
) - sizep
) - 2);
3167 static int bgp_append_local_as(struct peer
*peer
, afi_t afi
, safi_t safi
)
3169 if (!BGP_AS_IS_PRIVATE(peer
->local_as
)
3170 || (BGP_AS_IS_PRIVATE(peer
->local_as
)
3171 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3172 PEER_FLAG_REMOVE_PRIVATE_AS
)
3173 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3174 PEER_FLAG_REMOVE_PRIVATE_AS_ALL
)
3175 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3176 PEER_FLAG_REMOVE_PRIVATE_AS_REPLACE
)
3177 && !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3178 PEER_FLAG_REMOVE_PRIVATE_AS_ALL_REPLACE
)))
3183 /* Make attribute packet. */
3184 bgp_size_t
bgp_packet_attribute(struct bgp
*bgp
, struct peer
*peer
,
3185 struct stream
*s
, struct attr
*attr
,
3186 struct bpacket_attr_vec_arr
*vecarr
,
3187 struct prefix
*p
, afi_t afi
, safi_t safi
,
3188 struct peer
*from
, struct prefix_rd
*prd
,
3189 mpls_label_t
*label
, uint32_t num_labels
,
3190 int addpath_encode
, uint32_t addpath_tx_id
)
3193 size_t aspath_sizep
;
3194 struct aspath
*aspath
;
3195 int send_as4_path
= 0;
3196 int send_as4_aggregator
= 0;
3197 int use32bit
= (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)) ? 1 : 0;
3202 /* Remember current pointer. */
3203 cp
= stream_get_endp(s
);
3206 && !((afi
== AFI_IP
&& safi
== SAFI_UNICAST
)
3207 && !peer_cap_enhe(peer
, afi
, safi
))) {
3208 size_t mpattrlen_pos
= 0;
3210 mpattrlen_pos
= bgp_packet_mpattr_start(s
, peer
, afi
, safi
,
3212 bgp_packet_mpattr_prefix(s
, afi
, safi
, p
, prd
, label
,
3213 num_labels
, addpath_encode
,
3214 addpath_tx_id
, attr
);
3215 bgp_packet_mpattr_end(s
, mpattrlen_pos
);
3218 /* Origin attribute. */
3219 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3220 stream_putc(s
, BGP_ATTR_ORIGIN
);
3222 stream_putc(s
, attr
->origin
);
3224 /* AS path attribute. */
3226 /* If remote-peer is EBGP */
3227 if (peer
->sort
== BGP_PEER_EBGP
3228 && (!CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3229 PEER_FLAG_AS_PATH_UNCHANGED
)
3230 || attr
->aspath
->segments
== NULL
)
3231 && (!CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3232 PEER_FLAG_RSERVER_CLIENT
))) {
3233 aspath
= aspath_dup(attr
->aspath
);
3235 /* Even though we may not be configured for confederations we
3237 * RXed an AS_PATH with AS_CONFED_SEQUENCE or AS_CONFED_SET */
3238 aspath
= aspath_delete_confed_seq(aspath
);
3240 if (CHECK_FLAG(bgp
->config
, BGP_CONFIG_CONFEDERATION
)) {
3241 /* Stuff our path CONFED_ID on the front */
3242 aspath
= aspath_add_seq(aspath
, bgp
->confed_id
);
3244 if (peer
->change_local_as
) {
3245 /* If replace-as is specified, we only use the
3246 change_local_as when
3247 advertising routes. */
3248 if (!CHECK_FLAG(peer
->flags
,
3249 PEER_FLAG_LOCAL_AS_REPLACE_AS
))
3250 if (bgp_append_local_as(peer
, afi
,
3252 aspath
= aspath_add_seq(
3253 aspath
, peer
->local_as
);
3254 aspath
= aspath_add_seq(aspath
,
3255 peer
->change_local_as
);
3257 aspath
= aspath_add_seq(aspath
, peer
->local_as
);
3260 } else if (peer
->sort
== BGP_PEER_CONFED
) {
3261 /* A confed member, so we need to do the AS_CONFED_SEQUENCE
3263 aspath
= aspath_dup(attr
->aspath
);
3264 aspath
= aspath_add_confed_seq(aspath
, peer
->local_as
);
3266 aspath
= attr
->aspath
;
3268 /* If peer is not AS4 capable, then:
3269 * - send the created AS_PATH out as AS4_PATH (optional, transitive),
3270 * but ensure that no AS_CONFED_SEQUENCE and AS_CONFED_SET path
3272 * types are in it (i.e. exclude them if they are there)
3273 * AND do this only if there is at least one asnum > 65535 in the
3275 * - send an AS_PATH out, but put 16Bit ASnums in it, not 32bit, and
3277 * all ASnums > 65535 to BGP_AS_TRANS
3280 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_EXTLEN
);
3281 stream_putc(s
, BGP_ATTR_AS_PATH
);
3282 aspath_sizep
= stream_get_endp(s
);
3284 stream_putw_at(s
, aspath_sizep
, aspath_put(s
, aspath
, use32bit
));
3286 /* OLD session may need NEW_AS_PATH sent, if there are 4-byte ASNs
3289 if (!use32bit
&& aspath_has_as4(aspath
))
3291 1; /* we'll do this later, at the correct place */
3293 /* Nexthop attribute. */
3294 if (afi
== AFI_IP
&& safi
== SAFI_UNICAST
3295 && !peer_cap_enhe(peer
, afi
, safi
)) {
3296 afi_t nh_afi
= BGP_NEXTHOP_AFI_FROM_NHLEN(attr
->mp_nexthop_len
);
3298 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_NEXT_HOP
)) {
3299 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3300 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3301 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
,
3304 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3305 } else if (peer_cap_enhe(from
, afi
, safi
)
3306 || (nh_afi
== AFI_IP6
)) {
3308 * Likely this is the case when an IPv4 prefix was
3309 * received with Extended Next-hop capability in this
3310 * or another vrf and is now being advertised to
3311 * non-ENHE peers. Since peer_cap_enhe only checks
3312 * peers in this vrf, also check the nh_afi to catch
3313 * the case where the originator was in another vrf.
3314 * Setting the mandatory (ipv4) next-hop attribute here
3315 * to enable implicit next-hop self with correct A-F
3316 * (ipv4 address family).
3318 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3319 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3320 bpacket_attr_vec_arr_set_vec(vecarr
, BGP_ATTR_VEC_NH
, s
,
3323 stream_put_ipv4(s
, 0);
3327 /* MED attribute. */
3328 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
)
3329 || bgp
->maxmed_active
) {
3330 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3331 stream_putc(s
, BGP_ATTR_MULTI_EXIT_DISC
);
3333 stream_putl(s
, (bgp
->maxmed_active
? bgp
->maxmed_value
3337 /* Local preference. */
3338 if (peer
->sort
== BGP_PEER_IBGP
|| peer
->sort
== BGP_PEER_CONFED
) {
3339 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3340 stream_putc(s
, BGP_ATTR_LOCAL_PREF
);
3342 stream_putl(s
, attr
->local_pref
);
3345 /* Atomic aggregate. */
3346 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
)) {
3347 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3348 stream_putc(s
, BGP_ATTR_ATOMIC_AGGREGATE
);
3353 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
)) {
3354 /* Common to BGP_ATTR_AGGREGATOR, regardless of ASN size */
3355 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3356 stream_putc(s
, BGP_ATTR_AGGREGATOR
);
3359 /* AS4 capable peer */
3361 stream_putl(s
, attr
->aggregator_as
);
3363 /* 2-byte AS peer */
3366 /* Is ASN representable in 2-bytes? Or must AS_TRANS be
3368 if (attr
->aggregator_as
> 65535) {
3369 stream_putw(s
, BGP_AS_TRANS
);
3371 /* we have to send AS4_AGGREGATOR, too.
3372 * we'll do that later in order to send
3373 * attributes in ascending
3376 send_as4_aggregator
= 1;
3378 stream_putw(s
, (uint16_t)attr
->aggregator_as
);
3380 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3383 /* Community attribute. */
3384 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_SEND_COMMUNITY
)
3385 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
))) {
3386 if (attr
->community
->size
* 4 > 255) {
3388 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3389 | BGP_ATTR_FLAG_EXTLEN
);
3390 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3391 stream_putw(s
, attr
->community
->size
* 4);
3394 BGP_ATTR_FLAG_OPTIONAL
3395 | BGP_ATTR_FLAG_TRANS
);
3396 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3397 stream_putc(s
, attr
->community
->size
* 4);
3399 stream_put(s
, attr
->community
->val
, attr
->community
->size
* 4);
3403 * Large Community attribute.
3405 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
],
3406 PEER_FLAG_SEND_LARGE_COMMUNITY
)
3407 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
))) {
3408 if (lcom_length(attr
->lcommunity
) > 255) {
3410 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3411 | BGP_ATTR_FLAG_EXTLEN
);
3412 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3413 stream_putw(s
, lcom_length(attr
->lcommunity
));
3416 BGP_ATTR_FLAG_OPTIONAL
3417 | BGP_ATTR_FLAG_TRANS
);
3418 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3419 stream_putc(s
, lcom_length(attr
->lcommunity
));
3421 stream_put(s
, attr
->lcommunity
->val
,
3422 lcom_length(attr
->lcommunity
));
3425 /* Route Reflector. */
3426 if (peer
->sort
== BGP_PEER_IBGP
&& from
3427 && from
->sort
== BGP_PEER_IBGP
) {
3428 /* Originator ID. */
3429 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3430 stream_putc(s
, BGP_ATTR_ORIGINATOR_ID
);
3433 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ORIGINATOR_ID
))
3434 stream_put_in_addr(s
, &attr
->originator_id
);
3436 stream_put_in_addr(s
, &from
->remote_id
);
3439 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3440 stream_putc(s
, BGP_ATTR_CLUSTER_LIST
);
3442 if (attr
->cluster
) {
3443 stream_putc(s
, attr
->cluster
->length
+ 4);
3444 /* If this peer configuration's parent BGP has
3446 if (bgp
->config
& BGP_CONFIG_CLUSTER_ID
)
3447 stream_put_in_addr(s
, &bgp
->cluster_id
);
3449 stream_put_in_addr(s
, &bgp
->router_id
);
3450 stream_put(s
, attr
->cluster
->list
,
3451 attr
->cluster
->length
);
3454 /* If this peer configuration's parent BGP has
3456 if (bgp
->config
& BGP_CONFIG_CLUSTER_ID
)
3457 stream_put_in_addr(s
, &bgp
->cluster_id
);
3459 stream_put_in_addr(s
, &bgp
->router_id
);
3463 /* Extended Communities attribute. */
3464 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_SEND_EXT_COMMUNITY
)
3465 && (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_EXT_COMMUNITIES
))) {
3466 if (peer
->sort
== BGP_PEER_IBGP
3467 || peer
->sort
== BGP_PEER_CONFED
) {
3468 if (attr
->ecommunity
->size
* 8 > 255) {
3470 BGP_ATTR_FLAG_OPTIONAL
3471 | BGP_ATTR_FLAG_TRANS
3472 | BGP_ATTR_FLAG_EXTLEN
);
3473 stream_putc(s
, BGP_ATTR_EXT_COMMUNITIES
);
3474 stream_putw(s
, attr
->ecommunity
->size
* 8);
3477 BGP_ATTR_FLAG_OPTIONAL
3478 | BGP_ATTR_FLAG_TRANS
);
3479 stream_putc(s
, BGP_ATTR_EXT_COMMUNITIES
);
3480 stream_putc(s
, attr
->ecommunity
->size
* 8);
3482 stream_put(s
, attr
->ecommunity
->val
,
3483 attr
->ecommunity
->size
* 8);
3487 int ecom_tr_size
= 0;
3490 for (i
= 0; i
< attr
->ecommunity
->size
; i
++) {
3491 pnt
= attr
->ecommunity
->val
+ (i
* 8);
3494 if (CHECK_FLAG(tbit
,
3495 ECOMMUNITY_FLAG_NON_TRANSITIVE
))
3502 if (ecom_tr_size
* 8 > 255) {
3505 BGP_ATTR_FLAG_OPTIONAL
3506 | BGP_ATTR_FLAG_TRANS
3507 | BGP_ATTR_FLAG_EXTLEN
);
3509 BGP_ATTR_EXT_COMMUNITIES
);
3510 stream_putw(s
, ecom_tr_size
* 8);
3514 BGP_ATTR_FLAG_OPTIONAL
3515 | BGP_ATTR_FLAG_TRANS
);
3517 BGP_ATTR_EXT_COMMUNITIES
);
3518 stream_putc(s
, ecom_tr_size
* 8);
3521 for (i
= 0; i
< attr
->ecommunity
->size
; i
++) {
3522 pnt
= attr
->ecommunity
->val
+ (i
* 8);
3527 ECOMMUNITY_FLAG_NON_TRANSITIVE
))
3530 stream_put(s
, pnt
, 8);
3536 /* Label index attribute. */
3537 if (safi
== SAFI_LABELED_UNICAST
) {
3538 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
)) {
3539 uint32_t label_index
;
3541 label_index
= attr
->label_index
;
3543 if (label_index
!= BGP_INVALID_LABEL_INDEX
) {
3545 BGP_ATTR_FLAG_OPTIONAL
3546 | BGP_ATTR_FLAG_TRANS
);
3547 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3549 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX
);
3551 BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
3552 stream_putc(s
, 0); // reserved
3553 stream_putw(s
, 0); // flags
3554 stream_putl(s
, label_index
);
3559 if (send_as4_path
) {
3560 /* If the peer is NOT As4 capable, AND */
3561 /* there are ASnums > 65535 in path THEN
3562 * give out AS4_PATH */
3564 /* Get rid of all AS_CONFED_SEQUENCE and AS_CONFED_SET
3566 * Hm, I wonder... confederation things *should* only be at
3567 * the beginning of an aspath, right? Then we should use
3568 * aspath_delete_confed_seq for this, because it is already
3570 * Folks, talk to me: what is reasonable here!?
3572 aspath
= aspath_delete_confed_seq(aspath
);
3575 BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_OPTIONAL
3576 | BGP_ATTR_FLAG_EXTLEN
);
3577 stream_putc(s
, BGP_ATTR_AS4_PATH
);
3578 aspath_sizep
= stream_get_endp(s
);
3580 stream_putw_at(s
, aspath_sizep
, aspath_put(s
, aspath
, 1));
3583 if (aspath
!= attr
->aspath
)
3584 aspath_free(aspath
);
3586 if (send_as4_aggregator
) {
3587 /* send AS4_AGGREGATOR, at this place */
3588 /* this section of code moved here in order to ensure the
3590 * *ascending* order of attributes
3592 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3593 stream_putc(s
, BGP_ATTR_AS4_AGGREGATOR
);
3595 stream_putl(s
, attr
->aggregator_as
);
3596 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3599 if (((afi
== AFI_IP
|| afi
== AFI_IP6
)
3600 && (safi
== SAFI_ENCAP
|| safi
== SAFI_MPLS_VPN
))
3601 || (afi
== AFI_L2VPN
&& safi
== SAFI_EVPN
)) {
3602 /* Tunnel Encap attribute */
3603 bgp_packet_mpattr_tea(bgp
, peer
, s
, attr
, BGP_ATTR_ENCAP
);
3605 #if ENABLE_BGP_VNC_ATTR
3607 bgp_packet_mpattr_tea(bgp
, peer
, s
, attr
, BGP_ATTR_VNC
);
3612 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PMSI_TUNNEL
)) {
3613 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3614 stream_putc(s
, BGP_ATTR_PMSI_TUNNEL
);
3615 stream_putc(s
, 9); // Length
3616 stream_putc(s
, 0); // Flags
3617 stream_putc(s
, attr
->pmsi_tnl_type
);
3618 stream_put(s
, &(attr
->label
),
3619 BGP_LABEL_BYTES
); // MPLS Label / VXLAN VNI
3620 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3621 // Unicast tunnel endpoint IP address
3624 /* Unknown transit attribute. */
3626 stream_put(s
, attr
->transit
->val
, attr
->transit
->length
);
3628 /* Return total size of attribute. */
3629 return stream_get_endp(s
) - cp
;
3632 size_t bgp_packet_mpunreach_start(struct stream
*s
, afi_t afi
, safi_t safi
)
3634 unsigned long attrlen_pnt
;
3636 iana_safi_t pkt_safi
;
3638 /* Set extended bit always to encode the attribute length as 2 bytes */
3639 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_EXTLEN
);
3640 stream_putc(s
, BGP_ATTR_MP_UNREACH_NLRI
);
3642 attrlen_pnt
= stream_get_endp(s
);
3643 stream_putw(s
, 0); /* Length of this attribute. */
3645 /* Convert AFI, SAFI to values for packet. */
3646 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
3648 stream_putw(s
, pkt_afi
);
3649 stream_putc(s
, pkt_safi
);
3654 void bgp_packet_mpunreach_prefix(struct stream
*s
, struct prefix
*p
, afi_t afi
,
3655 safi_t safi
, struct prefix_rd
*prd
,
3656 mpls_label_t
*label
, uint32_t num_labels
,
3657 int addpath_encode
, uint32_t addpath_tx_id
,
3660 uint8_t wlabel
[3] = {0x80, 0x00, 0x00};
3662 if (safi
== SAFI_LABELED_UNICAST
) {
3663 label
= (mpls_label_t
*)wlabel
;
3667 bgp_packet_mpattr_prefix(s
, afi
, safi
, p
, prd
, label
, num_labels
,
3668 addpath_encode
, addpath_tx_id
, attr
);
3671 void bgp_packet_mpunreach_end(struct stream
*s
, size_t attrlen_pnt
)
3673 bgp_packet_mpattr_end(s
, attrlen_pnt
);
3676 /* Initialization of attribute. */
3677 void bgp_attr_init(void)
3689 void bgp_attr_finish(void)
3694 ecommunity_finish();
3695 lcommunity_finish();
3701 /* Make attribute packet. */
3702 void bgp_dump_routes_attr(struct stream
*s
, struct attr
*attr
,
3703 struct prefix
*prefix
)
3708 struct aspath
*aspath
;
3709 int addpath_encode
= 0;
3710 uint32_t addpath_tx_id
= 0;
3712 /* Remember current pointer. */
3713 cp
= stream_get_endp(s
);
3715 /* Place holder of length. */
3718 /* Origin attribute. */
3719 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3720 stream_putc(s
, BGP_ATTR_ORIGIN
);
3722 stream_putc(s
, attr
->origin
);
3724 aspath
= attr
->aspath
;
3726 stream_putc(s
, BGP_ATTR_FLAG_TRANS
| BGP_ATTR_FLAG_EXTLEN
);
3727 stream_putc(s
, BGP_ATTR_AS_PATH
);
3728 aspath_lenp
= stream_get_endp(s
);
3731 stream_putw_at(s
, aspath_lenp
, aspath_put(s
, aspath
, 1));
3733 /* Nexthop attribute. */
3734 /* If it's an IPv6 prefix, don't dump the IPv4 nexthop to save space */
3735 if (prefix
!= NULL
&& prefix
->family
!= AF_INET6
) {
3736 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3737 stream_putc(s
, BGP_ATTR_NEXT_HOP
);
3739 stream_put_ipv4(s
, attr
->nexthop
.s_addr
);
3742 /* MED attribute. */
3743 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_MULTI_EXIT_DISC
)) {
3744 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3745 stream_putc(s
, BGP_ATTR_MULTI_EXIT_DISC
);
3747 stream_putl(s
, attr
->med
);
3750 /* Local preference. */
3751 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF
)) {
3752 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3753 stream_putc(s
, BGP_ATTR_LOCAL_PREF
);
3755 stream_putl(s
, attr
->local_pref
);
3758 /* Atomic aggregate. */
3759 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_ATOMIC_AGGREGATE
)) {
3760 stream_putc(s
, BGP_ATTR_FLAG_TRANS
);
3761 stream_putc(s
, BGP_ATTR_ATOMIC_AGGREGATE
);
3766 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_AGGREGATOR
)) {
3767 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
);
3768 stream_putc(s
, BGP_ATTR_AGGREGATOR
);
3770 stream_putl(s
, attr
->aggregator_as
);
3771 stream_put_ipv4(s
, attr
->aggregator_addr
.s_addr
);
3774 /* Community attribute. */
3775 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_COMMUNITIES
)) {
3776 if (attr
->community
->size
* 4 > 255) {
3778 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3779 | BGP_ATTR_FLAG_EXTLEN
);
3780 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3781 stream_putw(s
, attr
->community
->size
* 4);
3784 BGP_ATTR_FLAG_OPTIONAL
3785 | BGP_ATTR_FLAG_TRANS
);
3786 stream_putc(s
, BGP_ATTR_COMMUNITIES
);
3787 stream_putc(s
, attr
->community
->size
* 4);
3789 stream_put(s
, attr
->community
->val
, attr
->community
->size
* 4);
3792 /* Large Community attribute. */
3793 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES
)) {
3794 if (lcom_length(attr
->lcommunity
) > 255) {
3796 BGP_ATTR_FLAG_OPTIONAL
| BGP_ATTR_FLAG_TRANS
3797 | BGP_ATTR_FLAG_EXTLEN
);
3798 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3799 stream_putw(s
, lcom_length(attr
->lcommunity
));
3802 BGP_ATTR_FLAG_OPTIONAL
3803 | BGP_ATTR_FLAG_TRANS
);
3804 stream_putc(s
, BGP_ATTR_LARGE_COMMUNITIES
);
3805 stream_putc(s
, lcom_length(attr
->lcommunity
));
3808 stream_put(s
, attr
->lcommunity
->val
,
3809 lcom_length(attr
->lcommunity
));
3812 /* Add a MP_NLRI attribute to dump the IPv6 next hop */
3813 if (prefix
!= NULL
&& prefix
->family
== AF_INET6
3814 && (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL
3815 || attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
)) {
3818 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
3819 stream_putc(s
, BGP_ATTR_MP_REACH_NLRI
);
3820 sizep
= stream_get_endp(s
);
3823 stream_putc(s
, 0); /* Marker: Attribute length. */
3824 stream_putw(s
, AFI_IP6
); /* AFI */
3825 stream_putc(s
, SAFI_UNICAST
); /* SAFI */
3828 stream_putc(s
, attr
->mp_nexthop_len
);
3829 stream_put(s
, &attr
->mp_nexthop_global
, IPV6_MAX_BYTELEN
);
3830 if (attr
->mp_nexthop_len
== BGP_ATTR_NHLEN_IPV6_GLOBAL_AND_LL
)
3831 stream_put(s
, &attr
->mp_nexthop_local
,
3838 stream_put_prefix_addpath(s
, prefix
, addpath_encode
,
3841 /* Set MP attribute length. */
3842 stream_putc_at(s
, sizep
, (stream_get_endp(s
) - sizep
) - 1);
3846 if (attr
->flag
& ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID
)) {
3847 if (attr
->label_index
!= BGP_INVALID_LABEL_INDEX
) {
3849 BGP_ATTR_FLAG_OPTIONAL
3850 | BGP_ATTR_FLAG_TRANS
);
3851 stream_putc(s
, BGP_ATTR_PREFIX_SID
);
3853 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX
);
3854 stream_putc(s
, BGP_PREFIX_SID_LABEL_INDEX_LENGTH
);
3855 stream_putc(s
, 0); // reserved
3856 stream_putw(s
, 0); // flags
3857 stream_putl(s
, attr
->label_index
);
3861 /* Return total size of attribute. */
3862 len
= stream_get_endp(s
) - cp
- 2;
3863 stream_putw_at(s
, cp
, len
);