1 /* BGP open message handling
2 * Copyright (C) 1998, 1999 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
34 #include "bgpd/bgpd.h"
35 #include "bgpd/bgp_attr.h"
36 #include "bgpd/bgp_debug.h"
37 #include "bgpd/bgp_errors.h"
38 #include "bgpd/bgp_fsm.h"
39 #include "bgpd/bgp_packet.h"
40 #include "bgpd/bgp_open.h"
41 #include "bgpd/bgp_aspath.h"
42 #include "bgpd/bgp_vty.h"
43 #include "bgpd/bgp_memory.h"
45 static const struct message capcode_str
[] = {
46 {CAPABILITY_CODE_MP
, "MultiProtocol Extensions"},
47 {CAPABILITY_CODE_REFRESH
, "Route Refresh"},
48 {CAPABILITY_CODE_ORF
, "Cooperative Route Filtering"},
49 {CAPABILITY_CODE_RESTART
, "Graceful Restart"},
50 {CAPABILITY_CODE_AS4
, "4-octet AS number"},
51 {CAPABILITY_CODE_ADDPATH
, "AddPath"},
52 {CAPABILITY_CODE_DYNAMIC
, "Dynamic"},
53 {CAPABILITY_CODE_ENHE
, "Extended Next Hop Encoding"},
54 {CAPABILITY_CODE_DYNAMIC_OLD
, "Dynamic (Old)"},
55 {CAPABILITY_CODE_REFRESH_OLD
, "Route Refresh (Old)"},
56 {CAPABILITY_CODE_ORF_OLD
, "ORF (Old)"},
57 {CAPABILITY_CODE_FQDN
, "FQDN"},
58 {CAPABILITY_CODE_ENHANCED_RR
, "Enhanced Route Refresh"},
59 {CAPABILITY_CODE_EXT_MESSAGE
, "BGP Extended Message"},
60 {CAPABILITY_CODE_LLGR
, "Long-lived BGP Graceful Restart"},
63 /* Minimum sizes for length field of each cap (so not inc. the header) */
64 static const size_t cap_minsizes
[] = {
65 [CAPABILITY_CODE_MP
] = CAPABILITY_CODE_MP_LEN
,
66 [CAPABILITY_CODE_REFRESH
] = CAPABILITY_CODE_REFRESH_LEN
,
67 [CAPABILITY_CODE_ORF
] = CAPABILITY_CODE_ORF_LEN
,
68 [CAPABILITY_CODE_RESTART
] = CAPABILITY_CODE_RESTART_LEN
,
69 [CAPABILITY_CODE_AS4
] = CAPABILITY_CODE_AS4_LEN
,
70 [CAPABILITY_CODE_ADDPATH
] = CAPABILITY_CODE_ADDPATH_LEN
,
71 [CAPABILITY_CODE_DYNAMIC
] = CAPABILITY_CODE_DYNAMIC_LEN
,
72 [CAPABILITY_CODE_DYNAMIC_OLD
] = CAPABILITY_CODE_DYNAMIC_LEN
,
73 [CAPABILITY_CODE_ENHE
] = CAPABILITY_CODE_ENHE_LEN
,
74 [CAPABILITY_CODE_REFRESH_OLD
] = CAPABILITY_CODE_REFRESH_LEN
,
75 [CAPABILITY_CODE_ORF_OLD
] = CAPABILITY_CODE_ORF_LEN
,
76 [CAPABILITY_CODE_FQDN
] = CAPABILITY_CODE_MIN_FQDN_LEN
,
77 [CAPABILITY_CODE_ENHANCED_RR
] = CAPABILITY_CODE_ENHANCED_LEN
,
78 [CAPABILITY_CODE_EXT_MESSAGE
] = CAPABILITY_CODE_EXT_MESSAGE_LEN
,
79 [CAPABILITY_CODE_LLGR
] = CAPABILITY_CODE_LLGR_LEN
,
82 /* value the capability must be a multiple of.
83 * 0-data capabilities won't be checked against this.
84 * Other capabilities whose data doesn't fall on convenient boundaries for this
85 * table should be set to 1.
87 static const size_t cap_modsizes
[] = {
88 [CAPABILITY_CODE_MP
] = 4,
89 [CAPABILITY_CODE_REFRESH
] = 1,
90 [CAPABILITY_CODE_ORF
] = 1,
91 [CAPABILITY_CODE_RESTART
] = 1,
92 [CAPABILITY_CODE_AS4
] = 4,
93 [CAPABILITY_CODE_ADDPATH
] = 4,
94 [CAPABILITY_CODE_DYNAMIC
] = 1,
95 [CAPABILITY_CODE_DYNAMIC_OLD
] = 1,
96 [CAPABILITY_CODE_ENHE
] = 6,
97 [CAPABILITY_CODE_REFRESH_OLD
] = 1,
98 [CAPABILITY_CODE_ORF_OLD
] = 1,
99 [CAPABILITY_CODE_FQDN
] = 1,
100 [CAPABILITY_CODE_ENHANCED_RR
] = 1,
101 [CAPABILITY_CODE_EXT_MESSAGE
] = 1,
102 [CAPABILITY_CODE_LLGR
] = 1,
105 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
106 negotiate remote peer supports extentions or not. But if
107 remote-peer doesn't supports negotiation process itself. We would
108 like to do manual configuration.
110 So there is many configurable point. First of all we want set each
111 peer whether we send capability negotiation to the peer or not.
112 Next, if we send capability to the peer we want to set my capability
113 inforation at each peer. */
115 void bgp_capability_vty_out(struct vty
*vty
, struct peer
*peer
, bool use_json
,
116 json_object
*json_neigh
)
120 struct capability_mp_data mpc
;
121 struct capability_header
*hdr
;
122 json_object
*json_cap
= NULL
;
125 json_cap
= json_object_new_object();
127 pnt
= peer
->notify
.data
;
128 end
= pnt
+ peer
->notify
.length
;
131 if (pnt
+ sizeof(struct capability_mp_data
) + 2 > end
)
134 hdr
= (struct capability_header
*)pnt
;
135 if (pnt
+ hdr
->length
+ 2 > end
)
138 memcpy(&mpc
, pnt
+ 2, sizeof(struct capability_mp_data
));
140 if (hdr
->code
== CAPABILITY_CODE_MP
) {
144 (void)bgp_map_afi_safi_iana2int(ntohs(mpc
.afi
),
145 mpc
.safi
, &afi
, &safi
);
150 json_object_string_add(
152 "capabilityErrorMultiProtocolAfi",
156 json_object_string_add(
158 "capabilityErrorMultiProtocolAfi",
162 json_object_string_add(
164 "capabilityErrorMultiProtocolAfi",
170 "capabilityErrorMultiProtocolAfiUnknown",
176 json_object_string_add(
178 "capabilityErrorMultiProtocolSafi",
182 json_object_string_add(
184 "capabilityErrorMultiProtocolSafi",
187 case SAFI_LABELED_UNICAST
:
188 json_object_string_add(
190 "capabilityErrorMultiProtocolSafi",
194 json_object_string_add(
196 "capabilityErrorMultiProtocolSafi",
200 json_object_string_add(
202 "capabilityErrorMultiProtocolSafi",
206 json_object_string_add(
208 "capabilityErrorMultiProtocolSafi",
212 json_object_string_add(
214 "capabilityErrorMultiProtocolSafi",
220 "capabilityErrorMultiProtocolSafiUnknown",
226 " Capability error for: Multi protocol ");
229 vty_out(vty
, "AFI IPv4, ");
232 vty_out(vty
, "AFI IPv6, ");
235 vty_out(vty
, "AFI L2VPN, ");
238 vty_out(vty
, "AFI Unknown %d, ",
244 vty_out(vty
, "SAFI Unicast");
247 vty_out(vty
, "SAFI Multicast");
249 case SAFI_LABELED_UNICAST
:
250 vty_out(vty
, "SAFI Labeled-unicast");
253 vty_out(vty
, "SAFI MPLS-labeled VPN");
256 vty_out(vty
, "SAFI ENCAP");
259 vty_out(vty
, "SAFI FLOWSPEC");
262 vty_out(vty
, "SAFI EVPN");
265 vty_out(vty
, "SAFI Unknown %d ",
271 } else if (hdr
->code
>= 128) {
275 "capabilityErrorVendorSpecificCapabilityCode",
279 " Capability error: vendor specific capability code %d",
285 "capabilityErrorUnknownCapabilityCode",
289 " Capability error: unknown capability code %d",
292 pnt
+= hdr
->length
+ 2;
295 json_object_object_add(json_neigh
, "capabilityErrors",
299 static void bgp_capability_mp_data(struct stream
*s
,
300 struct capability_mp_data
*mpc
)
302 mpc
->afi
= stream_getw(s
);
303 mpc
->reserved
= stream_getc(s
);
304 mpc
->safi
= stream_getc(s
);
307 /* Set negotiated capability value. */
308 static int bgp_capability_mp(struct peer
*peer
, struct capability_header
*hdr
)
310 struct capability_mp_data mpc
;
311 struct stream
*s
= BGP_INPUT(peer
);
315 /* Verify length is 4 */
316 if (hdr
->length
!= 4) {
318 EC_BGP_CAPABILITY_INVALID_LENGTH
,
319 "MP Cap: Received invalid length %d, non-multiple of 4",
324 bgp_capability_mp_data(s
, &mpc
);
326 if (bgp_debug_neighbor_events(peer
))
327 zlog_debug("%s OPEN has %s capability for afi/safi: %s/%s",
328 peer
->host
, lookup_msg(capcode_str
, hdr
->code
, NULL
),
329 iana_afi2str(mpc
.afi
), iana_safi2str(mpc
.safi
));
331 /* Convert AFI, SAFI to internal values, check. */
332 if (bgp_map_afi_safi_iana2int(mpc
.afi
, mpc
.safi
, &afi
, &safi
))
335 /* Now safi remapped, and afi/safi are valid array indices */
336 peer
->afc_recv
[afi
][safi
] = 1;
338 if (peer
->afc
[afi
][safi
])
339 peer
->afc_nego
[afi
][safi
] = 1;
346 static void bgp_capability_orf_not_support(struct peer
*peer
, iana_afi_t afi
,
347 iana_safi_t safi
, uint8_t type
,
350 if (bgp_debug_neighbor_events(peer
))
352 "%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
353 peer
->host
, afi
, safi
, type
, mode
);
356 static const struct message orf_type_str
[] = {
357 {ORF_TYPE_PREFIX
, "Prefixlist"},
358 {ORF_TYPE_PREFIX_OLD
, "Prefixlist (old)"},
361 static const struct message orf_mode_str
[] = {{ORF_MODE_RECEIVE
, "Receive"},
362 {ORF_MODE_SEND
, "Send"},
363 {ORF_MODE_BOTH
, "Both"},
366 static int bgp_capability_orf_entry(struct peer
*peer
,
367 struct capability_header
*hdr
)
369 struct stream
*s
= BGP_INPUT(peer
);
370 struct capability_mp_data mpc
;
374 iana_safi_t pkt_safi
;
378 uint16_t sm_cap
= 0; /* capability send-mode receive */
379 uint16_t rm_cap
= 0; /* capability receive-mode receive */
382 /* ORF Entry header */
383 bgp_capability_mp_data(s
, &mpc
);
384 num
= stream_getc(s
);
388 if (bgp_debug_neighbor_events(peer
))
389 zlog_debug("%s ORF Cap entry for afi/safi: %s/%s", peer
->host
,
390 iana_afi2str(mpc
.afi
), iana_safi2str(mpc
.safi
));
392 /* Convert AFI, SAFI to internal values, check. */
393 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
395 "%s Addr-family %d/%d not supported. Ignoring the ORF capability",
396 peer
->host
, pkt_afi
, pkt_safi
);
403 /* validate number field */
404 if (CAPABILITY_CODE_ORF_LEN
+ (num
* 2) > hdr
->length
) {
406 "%s ORF Capability entry length error, Cap length %u, num %u",
407 peer
->host
, hdr
->length
, num
);
408 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
409 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
413 for (i
= 0; i
< num
; i
++) {
414 type
= stream_getc(s
);
415 mode
= stream_getc(s
);
417 /* ORF Mode error check */
421 case ORF_MODE_RECEIVE
:
424 bgp_capability_orf_not_support(peer
, pkt_afi
, pkt_safi
,
428 /* ORF Type and afi/safi error checks */
429 /* capcode versus type */
431 case CAPABILITY_CODE_ORF
:
433 case ORF_TYPE_PREFIX
:
436 bgp_capability_orf_not_support(
437 peer
, pkt_afi
, pkt_safi
, type
, mode
);
441 case CAPABILITY_CODE_ORF_OLD
:
443 case ORF_TYPE_PREFIX_OLD
:
446 bgp_capability_orf_not_support(
447 peer
, pkt_afi
, pkt_safi
, type
, mode
);
452 bgp_capability_orf_not_support(peer
, pkt_afi
, pkt_safi
,
458 if (!((afi
== AFI_IP
&& safi
== SAFI_UNICAST
)
459 || (afi
== AFI_IP
&& safi
== SAFI_MULTICAST
)
460 || (afi
== AFI_IP6
&& safi
== SAFI_UNICAST
))) {
461 bgp_capability_orf_not_support(peer
, pkt_afi
, pkt_safi
,
466 if (bgp_debug_neighbor_events(peer
))
468 "%s OPEN has %s ORF capability as %s for afi/safi: %s/%s",
470 lookup_msg(orf_type_str
, type
, NULL
),
471 lookup_msg(orf_mode_str
, mode
, NULL
),
472 iana_afi2str(pkt_afi
), iana_safi2str(pkt_safi
));
474 if (hdr
->code
== CAPABILITY_CODE_ORF
) {
475 sm_cap
= PEER_CAP_ORF_PREFIX_SM_RCV
;
476 rm_cap
= PEER_CAP_ORF_PREFIX_RM_RCV
;
477 } else if (hdr
->code
== CAPABILITY_CODE_ORF_OLD
) {
478 sm_cap
= PEER_CAP_ORF_PREFIX_SM_OLD_RCV
;
479 rm_cap
= PEER_CAP_ORF_PREFIX_RM_OLD_RCV
;
481 bgp_capability_orf_not_support(peer
, pkt_afi
, pkt_safi
,
488 SET_FLAG(peer
->af_cap
[afi
][safi
], sm_cap
);
489 SET_FLAG(peer
->af_cap
[afi
][safi
], rm_cap
);
492 SET_FLAG(peer
->af_cap
[afi
][safi
], sm_cap
);
494 case ORF_MODE_RECEIVE
:
495 SET_FLAG(peer
->af_cap
[afi
][safi
], rm_cap
);
502 static int bgp_capability_restart(struct peer
*peer
,
503 struct capability_header
*caphdr
)
505 struct stream
*s
= BGP_INPUT(peer
);
506 uint16_t restart_flag_time
;
507 size_t end
= stream_get_getp(s
) + caphdr
->length
;
509 /* Verify length is a multiple of 4 */
510 if ((caphdr
->length
- 2) % 4) {
512 EC_BGP_CAPABILITY_INVALID_LENGTH
,
513 "Restart Cap: Received invalid length %d, non-multiple of 4",
518 SET_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
);
519 restart_flag_time
= stream_getw(s
);
520 if (CHECK_FLAG(restart_flag_time
, RESTART_R_BIT
))
521 SET_FLAG(peer
->cap
, PEER_CAP_RESTART_BIT_RCV
);
523 UNSET_FLAG(peer
->cap
, PEER_CAP_RESTART_BIT_RCV
);
525 UNSET_FLAG(restart_flag_time
, 0xF000);
526 peer
->v_gr_restart
= restart_flag_time
;
528 if (bgp_debug_neighbor_events(peer
)) {
529 zlog_debug("%s Peer has%srestarted. Restart Time : %d",
531 CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_BIT_RCV
)
537 while (stream_get_getp(s
) + 4 <= end
) {
540 iana_afi_t pkt_afi
= stream_getw(s
);
541 iana_safi_t pkt_safi
= stream_getc(s
);
542 uint8_t flag
= stream_getc(s
);
544 /* Convert AFI, SAFI to internal values, check. */
545 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
546 if (bgp_debug_neighbor_events(peer
))
548 "%s Addr-family %s/%s(afi/safi) not supported. Ignore the Graceful Restart capability for this AFI/SAFI",
549 peer
->host
, iana_afi2str(pkt_afi
),
550 iana_safi2str(pkt_safi
));
551 } else if (!peer
->afc
[afi
][safi
]) {
552 if (bgp_debug_neighbor_events(peer
))
554 "%s Addr-family %s/%s(afi/safi) not enabled. Ignore the Graceful Restart capability",
555 peer
->host
, iana_afi2str(pkt_afi
),
556 iana_safi2str(pkt_safi
));
558 if (bgp_debug_neighbor_events(peer
))
560 "%s Address family %s is%spreserved",
561 peer
->host
, get_afi_safi_str(afi
, safi
, false),
563 peer
->af_cap
[afi
][safi
],
564 PEER_CAP_RESTART_AF_PRESERVE_RCV
)
568 SET_FLAG(peer
->af_cap
[afi
][safi
],
569 PEER_CAP_RESTART_AF_RCV
);
570 if (CHECK_FLAG(flag
, RESTART_F_BIT
))
571 SET_FLAG(peer
->af_cap
[afi
][safi
],
572 PEER_CAP_RESTART_AF_PRESERVE_RCV
);
578 static int bgp_capability_llgr(struct peer
*peer
,
579 struct capability_header
*caphdr
)
581 struct stream
*s
= BGP_INPUT(peer
);
582 size_t end
= stream_get_getp(s
) + caphdr
->length
;
584 SET_FLAG(peer
->cap
, PEER_CAP_LLGR_RCV
);
586 while (stream_get_getp(s
) + 4 <= end
) {
589 iana_afi_t pkt_afi
= stream_getw(s
);
590 iana_safi_t pkt_safi
= stream_getc(s
);
591 uint8_t flags
= stream_getc(s
);
592 uint32_t stale_time
= stream_get3(s
);
594 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
595 if (bgp_debug_neighbor_events(peer
))
597 "%s Addr-family %s/%s(afi/safi) not supported. Ignore the Long-lived Graceful Restart capability for this AFI/SAFI",
598 peer
->host
, iana_afi2str(pkt_afi
),
599 iana_safi2str(pkt_safi
));
600 } else if (!peer
->afc
[afi
][safi
]
601 || !CHECK_FLAG(peer
->af_cap
[afi
][safi
],
602 PEER_CAP_RESTART_AF_RCV
)) {
603 if (bgp_debug_neighbor_events(peer
))
605 "%s Addr-family %s/%s(afi/safi) not enabled. Ignore the Long-lived Graceful Restart capability",
606 peer
->host
, iana_afi2str(pkt_afi
),
607 iana_safi2str(pkt_safi
));
609 if (bgp_debug_neighbor_events(peer
))
611 "%s Addr-family %s/%s(afi/safi) Long-lived Graceful Restart capability stale time %u sec",
612 peer
->host
, iana_afi2str(pkt_afi
),
613 iana_safi2str(pkt_safi
), stale_time
);
615 peer
->llgr
[afi
][safi
].flags
= flags
;
616 peer
->llgr
[afi
][safi
].stale_time
=
617 MIN(stale_time
, peer
->bgp
->llgr_stale_time
);
618 SET_FLAG(peer
->af_cap
[afi
][safi
], PEER_CAP_LLGR_AF_RCV
);
625 /* Unlike other capability parsing routines, this one returns 0 on error */
626 static as_t
bgp_capability_as4(struct peer
*peer
, struct capability_header
*hdr
)
628 SET_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
);
630 if (hdr
->length
!= CAPABILITY_CODE_AS4_LEN
) {
631 flog_err(EC_BGP_PKT_OPEN
,
632 "%s AS4 capability has incorrect data length %d",
633 peer
->host
, hdr
->length
);
637 as_t as4
= stream_getl(BGP_INPUT(peer
));
639 if (BGP_DEBUG(as4
, AS4
))
641 "%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
646 static int bgp_capability_ext_message(struct peer
*peer
,
647 struct capability_header
*hdr
)
649 if (hdr
->length
!= CAPABILITY_CODE_EXT_MESSAGE_LEN
) {
652 "%s: BGP Extended Message capability has incorrect data length %d",
653 peer
->host
, hdr
->length
);
657 SET_FLAG(peer
->cap
, PEER_CAP_EXTENDED_MESSAGE_RCV
);
662 static int bgp_capability_addpath(struct peer
*peer
,
663 struct capability_header
*hdr
)
665 struct stream
*s
= BGP_INPUT(peer
);
666 size_t end
= stream_get_getp(s
) + hdr
->length
;
668 SET_FLAG(peer
->cap
, PEER_CAP_ADDPATH_RCV
);
670 /* Verify length is a multiple of 4 */
671 if (hdr
->length
% 4) {
673 EC_BGP_CAPABILITY_INVALID_LENGTH
,
674 "Add Path: Received invalid length %d, non-multiple of 4",
679 while (stream_get_getp(s
) + 4 <= end
) {
682 iana_afi_t pkt_afi
= stream_getw(s
);
683 iana_safi_t pkt_safi
= stream_getc(s
);
684 uint8_t send_receive
= stream_getc(s
);
686 if (bgp_debug_neighbor_events(peer
))
688 "%s OPEN has %s capability for afi/safi: %s/%s%s%s",
690 lookup_msg(capcode_str
, hdr
->code
, NULL
),
691 iana_afi2str(pkt_afi
), iana_safi2str(pkt_safi
),
692 (send_receive
& BGP_ADDPATH_RX
) ? ", receive"
694 (send_receive
& BGP_ADDPATH_TX
) ? ", transmit"
697 /* Convert AFI, SAFI to internal values, check. */
698 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
699 if (bgp_debug_neighbor_events(peer
))
701 "%s Addr-family %s/%s(afi/safi) not supported. Ignore the Addpath Attribute for this AFI/SAFI",
702 peer
->host
, iana_afi2str(pkt_afi
),
703 iana_safi2str(pkt_safi
));
705 } else if (!peer
->afc
[afi
][safi
]) {
706 if (bgp_debug_neighbor_events(peer
))
708 "%s Addr-family %s/%s(afi/safi) not enabled. Ignore the AddPath capability for this AFI/SAFI",
709 peer
->host
, iana_afi2str(pkt_afi
),
710 iana_safi2str(pkt_safi
));
714 if (send_receive
& BGP_ADDPATH_RX
)
715 SET_FLAG(peer
->af_cap
[afi
][safi
],
716 PEER_CAP_ADDPATH_AF_RX_RCV
);
718 if (send_receive
& BGP_ADDPATH_TX
)
719 SET_FLAG(peer
->af_cap
[afi
][safi
],
720 PEER_CAP_ADDPATH_AF_TX_RCV
);
726 static int bgp_capability_enhe(struct peer
*peer
, struct capability_header
*hdr
)
728 struct stream
*s
= BGP_INPUT(peer
);
729 size_t end
= stream_get_getp(s
) + hdr
->length
;
731 /* Verify length is a multiple of 4 */
732 if (hdr
->length
% 6) {
734 EC_BGP_CAPABILITY_INVALID_LENGTH
,
735 "Extended NH: Received invalid length %d, non-multiple of 6",
740 while (stream_get_getp(s
) + 6 <= end
) {
741 iana_afi_t pkt_afi
= stream_getw(s
);
743 iana_safi_t pkt_safi
= stream_getw(s
);
745 iana_afi_t pkt_nh_afi
= stream_getw(s
);
748 if (bgp_debug_neighbor_events(peer
))
750 "%s Received with afi/safi/next-hop afi: %s/%s/%u",
751 peer
->host
, iana_afi2str(pkt_afi
),
752 iana_safi2str(pkt_safi
), pkt_nh_afi
);
754 /* Convert AFI, SAFI to internal values, check. */
755 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
756 if (bgp_debug_neighbor_events(peer
))
758 "%s Addr-family %s/%s(afi/safi) not supported. Ignore the ENHE Attribute for this AFI/SAFI",
759 peer
->host
, iana_afi2str(pkt_afi
),
760 iana_safi2str(pkt_safi
));
764 /* RFC 5549 specifies use of this capability only for IPv4 AFI,
766 * the Nexthop AFI being IPv6. A future spec may introduce other
767 * possibilities, so we ignore other values with a log. Also,
769 * SAFI_UNICAST and SAFI_LABELED_UNICAST are currently supported
772 nh_afi
= afi_iana2int(pkt_nh_afi
);
774 if (afi
!= AFI_IP
|| nh_afi
!= AFI_IP6
775 || !(safi
== SAFI_UNICAST
|| safi
== SAFI_MPLS_VPN
776 || safi
== SAFI_LABELED_UNICAST
)) {
778 EC_BGP_CAPABILITY_INVALID_DATA
,
779 "%s Unexpected afi/safi/next-hop afi: %s/%s/%u in Extended Next-hop capability, ignoring",
780 peer
->host
, iana_afi2str(pkt_afi
),
781 iana_safi2str(pkt_safi
), pkt_nh_afi
);
785 SET_FLAG(peer
->af_cap
[afi
][safi
], PEER_CAP_ENHE_AF_RCV
);
787 if (CHECK_FLAG(peer
->af_cap
[afi
][safi
], PEER_CAP_ENHE_AF_ADV
))
788 SET_FLAG(peer
->af_cap
[afi
][safi
],
789 PEER_CAP_ENHE_AF_NEGO
);
792 SET_FLAG(peer
->cap
, PEER_CAP_ENHE_RCV
);
797 static int bgp_capability_hostname(struct peer
*peer
,
798 struct capability_header
*hdr
)
800 struct stream
*s
= BGP_INPUT(peer
);
801 char str
[BGP_MAX_HOSTNAME
+ 1];
802 size_t end
= stream_get_getp(s
) + hdr
->length
;
805 SET_FLAG(peer
->cap
, PEER_CAP_HOSTNAME_RCV
);
807 len
= stream_getc(s
);
808 if (stream_get_getp(s
) + len
> end
) {
810 EC_BGP_CAPABILITY_INVALID_DATA
,
811 "%s: Received malformed hostname capability from peer %s",
812 __func__
, peer
->host
);
816 if (len
> BGP_MAX_HOSTNAME
) {
817 stream_get(str
, s
, BGP_MAX_HOSTNAME
);
818 stream_forward_getp(s
, len
- BGP_MAX_HOSTNAME
);
819 len
= BGP_MAX_HOSTNAME
; /* to set the '\0' below */
821 stream_get(str
, s
, len
);
826 XFREE(MTYPE_BGP_PEER_HOST
, peer
->hostname
);
827 XFREE(MTYPE_BGP_PEER_HOST
, peer
->domainname
);
829 peer
->hostname
= XSTRDUP(MTYPE_BGP_PEER_HOST
, str
);
832 if (stream_get_getp(s
) + 1 > end
) {
834 EC_BGP_CAPABILITY_INVALID_DATA
,
835 "%s: Received invalid domain name len (hostname capability) from peer %s",
836 __func__
, peer
->host
);
840 len
= stream_getc(s
);
841 if (stream_get_getp(s
) + len
> end
) {
843 EC_BGP_CAPABILITY_INVALID_DATA
,
844 "%s: Received runt domain name (hostname capability) from peer %s",
845 __func__
, peer
->host
);
849 if (len
> BGP_MAX_HOSTNAME
) {
850 stream_get(str
, s
, BGP_MAX_HOSTNAME
);
851 stream_forward_getp(s
, len
- BGP_MAX_HOSTNAME
);
852 len
= BGP_MAX_HOSTNAME
; /* to set the '\0' below */
854 stream_get(str
, s
, len
);
859 XFREE(MTYPE_BGP_PEER_HOST
, peer
->domainname
);
861 peer
->domainname
= XSTRDUP(MTYPE_BGP_PEER_HOST
, str
);
864 if (bgp_debug_neighbor_events(peer
)) {
865 zlog_debug("%s received hostname %s, domainname %s", peer
->host
,
866 peer
->hostname
, peer
->domainname
);
873 * Parse given capability.
874 * XXX: This is reading into a stream, but not using stream API
876 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
877 * capabilities were encountered.
879 static int bgp_capability_parse(struct peer
*peer
, size_t length
,
880 int *mp_capability
, uint8_t **error
)
883 struct stream
*s
= BGP_INPUT(peer
);
884 size_t end
= stream_get_getp(s
) + length
;
885 uint16_t restart_flag_time
= 0;
887 assert(STREAM_READABLE(s
) >= length
);
889 while (stream_get_getp(s
) < end
) {
891 uint8_t *sp
= stream_pnt(s
);
892 struct capability_header caphdr
;
895 /* We need at least capability code and capability length. */
896 if (stream_get_getp(s
) + 2 > end
) {
897 zlog_info("%s Capability length error (< header)",
899 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
900 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
904 caphdr
.code
= stream_getc(s
);
905 caphdr
.length
= stream_getc(s
);
906 start
= stream_get_getp(s
);
908 /* Capability length check sanity check. */
909 if (start
+ caphdr
.length
> end
) {
910 zlog_info("%s Capability length error (< length)",
912 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
913 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
917 if (bgp_debug_neighbor_events(peer
))
918 zlog_debug("%s OPEN has %s capability (%u), length %u",
920 lookup_msg(capcode_str
, caphdr
.code
, NULL
),
921 caphdr
.code
, caphdr
.length
);
923 /* Length sanity check, type-specific, for known capabilities */
924 switch (caphdr
.code
) {
925 case CAPABILITY_CODE_MP
:
926 case CAPABILITY_CODE_REFRESH
:
927 case CAPABILITY_CODE_REFRESH_OLD
:
928 case CAPABILITY_CODE_ORF
:
929 case CAPABILITY_CODE_ORF_OLD
:
930 case CAPABILITY_CODE_RESTART
:
931 case CAPABILITY_CODE_AS4
:
932 case CAPABILITY_CODE_ADDPATH
:
933 case CAPABILITY_CODE_DYNAMIC
:
934 case CAPABILITY_CODE_DYNAMIC_OLD
:
935 case CAPABILITY_CODE_ENHE
:
936 case CAPABILITY_CODE_FQDN
:
937 case CAPABILITY_CODE_ENHANCED_RR
:
938 case CAPABILITY_CODE_EXT_MESSAGE
:
940 if (caphdr
.length
< cap_minsizes
[caphdr
.code
]) {
942 "%s %s Capability length error: got %u, expected at least %u",
944 lookup_msg(capcode_str
, caphdr
.code
,
947 (unsigned)cap_minsizes
[caphdr
.code
]);
948 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
949 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
953 && caphdr
.length
% cap_modsizes
[caphdr
.code
] != 0) {
955 "%s %s Capability length error: got %u, expected a multiple of %u",
957 lookup_msg(capcode_str
, caphdr
.code
,
960 (unsigned)cap_modsizes
[caphdr
.code
]);
961 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
962 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
965 /* we deliberately ignore unknown codes, see below */
970 switch (caphdr
.code
) {
971 case CAPABILITY_CODE_MP
: {
974 /* Ignore capability when override-capability is set. */
975 if (!CHECK_FLAG(peer
->flags
,
976 PEER_FLAG_OVERRIDE_CAPABILITY
)) {
977 /* Set negotiated value. */
978 ret
= bgp_capability_mp(peer
, &caphdr
);
980 /* Unsupported Capability. */
982 /* Store return data. */
983 memcpy(*error
, sp
, caphdr
.length
+ 2);
984 *error
+= caphdr
.length
+ 2;
986 ret
= 0; /* Don't return error for this */
989 case CAPABILITY_CODE_ENHANCED_RR
:
990 case CAPABILITY_CODE_REFRESH
:
991 case CAPABILITY_CODE_REFRESH_OLD
: {
992 /* BGP refresh capability */
993 if (caphdr
.code
== CAPABILITY_CODE_ENHANCED_RR
)
994 SET_FLAG(peer
->cap
, PEER_CAP_ENHANCED_RR_RCV
);
995 else if (caphdr
.code
== CAPABILITY_CODE_REFRESH_OLD
)
996 SET_FLAG(peer
->cap
, PEER_CAP_REFRESH_OLD_RCV
);
998 SET_FLAG(peer
->cap
, PEER_CAP_REFRESH_NEW_RCV
);
1000 case CAPABILITY_CODE_ORF
:
1001 case CAPABILITY_CODE_ORF_OLD
:
1002 ret
= bgp_capability_orf_entry(peer
, &caphdr
);
1004 case CAPABILITY_CODE_RESTART
:
1005 ret
= bgp_capability_restart(peer
, &caphdr
);
1007 case CAPABILITY_CODE_LLGR
:
1008 ret
= bgp_capability_llgr(peer
, &caphdr
);
1010 case CAPABILITY_CODE_DYNAMIC
:
1011 case CAPABILITY_CODE_DYNAMIC_OLD
:
1012 SET_FLAG(peer
->cap
, PEER_CAP_DYNAMIC_RCV
);
1014 case CAPABILITY_CODE_AS4
:
1015 /* Already handled as a special-case parsing of the
1017 * at the beginning of OPEN processing. So we care not a
1019 * for the value really, only error case.
1021 if (!bgp_capability_as4(peer
, &caphdr
))
1024 case CAPABILITY_CODE_ADDPATH
:
1025 ret
= bgp_capability_addpath(peer
, &caphdr
);
1027 case CAPABILITY_CODE_ENHE
:
1028 ret
= bgp_capability_enhe(peer
, &caphdr
);
1030 case CAPABILITY_CODE_EXT_MESSAGE
:
1031 ret
= bgp_capability_ext_message(peer
, &caphdr
);
1033 case CAPABILITY_CODE_FQDN
:
1034 ret
= bgp_capability_hostname(peer
, &caphdr
);
1037 if (caphdr
.code
> 128) {
1038 /* We don't send Notification for unknown vendor
1040 capabilities. It seems reasonable for now...
1042 flog_warn(EC_BGP_CAPABILITY_VENDOR
,
1043 "%s Vendor specific capability %d",
1044 peer
->host
, caphdr
.code
);
1047 EC_BGP_CAPABILITY_UNKNOWN
,
1048 "%s unrecognized capability code: %d - ignored",
1049 peer
->host
, caphdr
.code
);
1050 memcpy(*error
, sp
, caphdr
.length
+ 2);
1051 *error
+= caphdr
.length
+ 2;
1056 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1057 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1060 if (stream_get_getp(s
) != (start
+ caphdr
.length
)) {
1061 if (stream_get_getp(s
) > (start
+ caphdr
.length
))
1063 EC_BGP_CAPABILITY_INVALID_LENGTH
,
1064 "%s Cap-parser for %s read past cap-length, %u!",
1066 lookup_msg(capcode_str
, caphdr
.code
,
1069 stream_set_getp(s
, start
+ caphdr
.length
);
1072 if (!CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
)) {
1073 UNSET_FLAG(restart_flag_time
, 0xF000);
1074 peer
->v_gr_restart
= restart_flag_time
;
1080 static int bgp_auth_parse(struct peer
*peer
, size_t length
)
1082 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1083 BGP_NOTIFY_OPEN_AUTH_FAILURE
);
1087 static bool strict_capability_same(struct peer
*peer
)
1091 for (i
= AFI_IP
; i
< AFI_MAX
; i
++)
1092 for (j
= SAFI_UNICAST
; j
< SAFI_MAX
; j
++)
1093 if (peer
->afc
[i
][j
] != peer
->afc_nego
[i
][j
])
1098 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
1099 * Returns 0 if no as4 found, as4cap value otherwise.
1101 as_t
peek_for_as4_capability(struct peer
*peer
, uint16_t length
)
1103 struct stream
*s
= BGP_INPUT(peer
);
1104 size_t orig_getp
= stream_get_getp(s
);
1105 size_t end
= orig_getp
+ length
;
1108 if (BGP_DEBUG(as4
, AS4
))
1110 "%s [AS4] rcv OPEN w/ OPTION parameter len: %u, peeking for as4",
1111 peer
->host
, length
);
1112 /* the error cases we DONT handle, we ONLY try to read as4 out of
1113 * correctly formatted options.
1115 while (stream_get_getp(s
) < end
) {
1117 uint16_t opt_length
;
1119 /* Check the length. */
1120 if (stream_get_getp(s
) + 2 > end
)
1123 /* Fetch option type and length. */
1124 opt_type
= stream_getc(s
);
1125 opt_length
= BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer
)
1129 /* Option length check. */
1130 if (stream_get_getp(s
) + opt_length
> end
)
1133 if (opt_type
== BGP_OPEN_OPT_CAP
) {
1134 unsigned long capd_start
= stream_get_getp(s
);
1135 unsigned long capd_end
= capd_start
+ opt_length
;
1137 assert(capd_end
<= end
);
1139 while (stream_get_getp(s
) < capd_end
) {
1140 struct capability_header hdr
;
1142 if (stream_get_getp(s
) + 2 > capd_end
)
1145 hdr
.code
= stream_getc(s
);
1146 hdr
.length
= stream_getc(s
);
1148 if ((stream_get_getp(s
) + hdr
.length
)
1152 if (hdr
.code
== CAPABILITY_CODE_AS4
) {
1153 if (BGP_DEBUG(as4
, AS4
))
1155 "[AS4] found AS4 capability, about to parse");
1156 as4
= bgp_capability_as4(peer
, &hdr
);
1160 stream_forward_getp(s
, hdr
.length
);
1166 stream_set_getp(s
, orig_getp
);
1171 * Parse open option.
1173 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1175 int bgp_open_option_parse(struct peer
*peer
, uint16_t length
,
1180 uint8_t error_data
[BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE
];
1181 struct stream
*s
= BGP_INPUT(peer
);
1182 size_t end
= stream_get_getp(s
) + length
;
1186 if (bgp_debug_neighbor_events(peer
))
1187 zlog_debug("%s rcv OPEN w/ OPTION parameter len: %u",
1188 peer
->host
, length
);
1190 /* Unset any previously received GR capability. */
1191 UNSET_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
);
1193 while (stream_get_getp(s
) < end
) {
1195 uint16_t opt_length
;
1197 /* Must have at least an OPEN option header */
1198 if (STREAM_READABLE(s
) < 2) {
1199 zlog_info("%s Option length error", peer
->host
);
1200 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1201 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1205 /* Fetch option type and length. */
1206 opt_type
= stream_getc(s
);
1207 opt_length
= BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer
)
1211 /* Option length check. */
1212 if (STREAM_READABLE(s
) < opt_length
) {
1213 zlog_info("%s Option length error (%d)", peer
->host
,
1215 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1216 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1220 if (bgp_debug_neighbor_events(peer
))
1222 "%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1223 peer
->host
, opt_type
,
1224 opt_type
== BGP_OPEN_OPT_AUTH
1226 : opt_type
== BGP_OPEN_OPT_CAP
1232 case BGP_OPEN_OPT_AUTH
:
1233 ret
= bgp_auth_parse(peer
, opt_length
);
1235 case BGP_OPEN_OPT_CAP
:
1236 ret
= bgp_capability_parse(peer
, opt_length
,
1237 mp_capability
, &error
);
1240 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1241 BGP_NOTIFY_OPEN_UNSUP_PARAM
);
1246 /* Parse error. To accumulate all unsupported capability codes,
1247 bgp_capability_parse does not return -1 when encounter
1248 unsupported capability code. To detect that, please check
1249 error and erro_data pointer, like below. */
1254 /* All OPEN option is parsed. Check capability when strict compare
1256 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_STRICT_CAP_MATCH
)) {
1257 /* If Unsupported Capability exists. */
1258 if (error
!= error_data
) {
1259 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1260 BGP_NOTIFY_OPEN_UNSUP_CAPBL
,
1262 error
- error_data
);
1266 /* Check local capability does not negotiated with remote
1268 if (!strict_capability_same(peer
)) {
1269 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1270 BGP_NOTIFY_OPEN_UNSUP_CAPBL
);
1275 /* Extended Message Support */
1276 peer
->max_packet_size
=
1277 (CHECK_FLAG(peer
->cap
, PEER_CAP_EXTENDED_MESSAGE_RCV
)
1278 && CHECK_FLAG(peer
->cap
, PEER_CAP_EXTENDED_MESSAGE_ADV
))
1279 ? BGP_EXTENDED_MESSAGE_MAX_PACKET_SIZE
1280 : BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE
;
1282 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1285 && !CHECK_FLAG(peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
)) {
1286 if (!peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
]
1287 && !peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
]
1288 && !peer
->afc_nego
[AFI_IP
][SAFI_LABELED_UNICAST
]
1289 && !peer
->afc_nego
[AFI_IP
][SAFI_MPLS_VPN
]
1290 && !peer
->afc_nego
[AFI_IP
][SAFI_ENCAP
]
1291 && !peer
->afc_nego
[AFI_IP
][SAFI_FLOWSPEC
]
1292 && !peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
]
1293 && !peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
]
1294 && !peer
->afc_nego
[AFI_IP6
][SAFI_LABELED_UNICAST
]
1295 && !peer
->afc_nego
[AFI_IP6
][SAFI_MPLS_VPN
]
1296 && !peer
->afc_nego
[AFI_IP6
][SAFI_ENCAP
]
1297 && !peer
->afc_nego
[AFI_IP6
][SAFI_FLOWSPEC
]
1298 && !peer
->afc_nego
[AFI_L2VPN
][SAFI_EVPN
]) {
1299 flog_err(EC_BGP_PKT_OPEN
,
1300 "%s [Error] Configured AFI/SAFIs do not overlap with received MP capabilities",
1303 if (error
!= error_data
)
1304 bgp_notify_send_with_data(
1305 peer
, BGP_NOTIFY_OPEN_ERR
,
1306 BGP_NOTIFY_OPEN_UNSUP_CAPBL
, error_data
,
1307 error
- error_data
);
1309 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1310 BGP_NOTIFY_OPEN_UNSUP_CAPBL
);
1317 static void bgp_open_capability_orf(struct stream
*s
, struct peer
*peer
,
1318 afi_t afi
, safi_t safi
, uint8_t code
,
1319 bool ext_opt_params
)
1325 unsigned long numberp
;
1326 int number_of_orfs
= 0;
1328 iana_safi_t pkt_safi
;
1330 /* Convert AFI, SAFI to values for packet. */
1331 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
1333 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1334 capp
= stream_get_endp(s
); /* Set Capability Len Pointer */
1335 ext_opt_params
? stream_putw(s
, 0)
1336 : stream_putc(s
, 0); /* Capability Length */
1337 stream_putc(s
, code
); /* Capability Code */
1338 orfp
= stream_get_endp(s
); /* Set ORF Len Pointer */
1339 stream_putc(s
, 0); /* ORF Length */
1340 stream_putw(s
, pkt_afi
);
1342 stream_putc(s
, pkt_safi
);
1343 numberp
= stream_get_endp(s
); /* Set Number Pointer */
1344 stream_putc(s
, 0); /* Number of ORFs */
1346 /* Address Prefix ORF */
1347 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
1348 || CHECK_FLAG(peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
)) {
1349 stream_putc(s
, (code
== CAPABILITY_CODE_ORF
1351 : ORF_TYPE_PREFIX_OLD
));
1353 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
],
1354 PEER_FLAG_ORF_PREFIX_SM
)
1355 && CHECK_FLAG(peer
->af_flags
[afi
][safi
],
1356 PEER_FLAG_ORF_PREFIX_RM
)) {
1357 SET_FLAG(peer
->af_cap
[afi
][safi
],
1358 PEER_CAP_ORF_PREFIX_SM_ADV
);
1359 SET_FLAG(peer
->af_cap
[afi
][safi
],
1360 PEER_CAP_ORF_PREFIX_RM_ADV
);
1361 stream_putc(s
, ORF_MODE_BOTH
);
1362 } else if (CHECK_FLAG(peer
->af_flags
[afi
][safi
],
1363 PEER_FLAG_ORF_PREFIX_SM
)) {
1364 SET_FLAG(peer
->af_cap
[afi
][safi
],
1365 PEER_CAP_ORF_PREFIX_SM_ADV
);
1366 stream_putc(s
, ORF_MODE_SEND
);
1368 SET_FLAG(peer
->af_cap
[afi
][safi
],
1369 PEER_CAP_ORF_PREFIX_RM_ADV
);
1370 stream_putc(s
, ORF_MODE_RECEIVE
);
1375 /* Total Number of ORFs. */
1376 stream_putc_at(s
, numberp
, number_of_orfs
);
1378 /* Total ORF Len. */
1379 orf_len
= stream_get_endp(s
) - orfp
- 1;
1380 stream_putc_at(s
, orfp
, orf_len
);
1382 /* Total Capability Len. */
1383 cap_len
= stream_get_endp(s
) - capp
- 1;
1384 ext_opt_params
? stream_putw_at(s
, capp
, cap_len
)
1385 : stream_putc_at(s
, capp
, cap_len
);
1388 static void bgp_peer_send_gr_capability(struct stream
*s
, struct peer
*peer
,
1389 bool ext_opt_params
)
1395 iana_safi_t pkt_safi
;
1396 uint32_t restart_time
;
1397 unsigned long capp
= 0;
1398 unsigned long rcapp
= 0;
1400 if (!CHECK_FLAG(peer
->flags
, PEER_FLAG_GRACEFUL_RESTART
)
1401 && !CHECK_FLAG(peer
->flags
, PEER_FLAG_GRACEFUL_RESTART_HELPER
))
1404 if (BGP_DEBUG(graceful_restart
, GRACEFUL_RESTART
))
1405 zlog_debug("[BGP_GR] Sending helper Capability for Peer :%s :",
1408 SET_FLAG(peer
->cap
, PEER_CAP_RESTART_ADV
);
1409 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1410 capp
= stream_get_endp(s
); /* Set Capability Len Pointer */
1411 ext_opt_params
? stream_putw(s
, 0)
1412 : stream_putc(s
, 0); /* Capability Length */
1413 stream_putc(s
, CAPABILITY_CODE_RESTART
);
1414 /* Set Restart Capability Len Pointer */
1415 rcapp
= stream_get_endp(s
);
1417 restart_time
= peer
->bgp
->restart_time
;
1418 if (peer
->bgp
->t_startup
) {
1419 SET_FLAG(restart_time
, RESTART_R_BIT
);
1420 SET_FLAG(peer
->cap
, PEER_CAP_RESTART_BIT_ADV
);
1422 if (BGP_DEBUG(graceful_restart
, GRACEFUL_RESTART
))
1423 zlog_debug("[BGP_GR] Sending R-Bit for Peer :%s :",
1427 stream_putw(s
, restart_time
);
1429 /* Send address-family specific graceful-restart capability
1430 * only when GR config is present
1432 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_GRACEFUL_RESTART
)) {
1433 if (CHECK_FLAG(peer
->bgp
->flags
, BGP_FLAG_GR_PRESERVE_FWD
)
1434 && BGP_DEBUG(graceful_restart
, GRACEFUL_RESTART
))
1435 zlog_debug("[BGP_GR] F bit Set");
1437 FOREACH_AFI_SAFI (afi
, safi
) {
1438 if (!peer
->afc
[afi
][safi
])
1441 if (BGP_DEBUG(graceful_restart
, GRACEFUL_RESTART
))
1443 "[BGP_GR] Sending GR Capability for AFI :%d :, SAFI :%d:",
1446 /* Convert AFI, SAFI to values for
1449 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
,
1451 stream_putw(s
, pkt_afi
);
1452 stream_putc(s
, pkt_safi
);
1453 if (CHECK_FLAG(peer
->bgp
->flags
,
1454 BGP_FLAG_GR_PRESERVE_FWD
))
1455 stream_putc(s
, RESTART_F_BIT
);
1461 /* Total Graceful restart capability Len. */
1462 len
= stream_get_endp(s
) - rcapp
- 1;
1463 stream_putc_at(s
, rcapp
, len
);
1465 /* Total Capability Len. */
1466 len
= stream_get_endp(s
) - capp
- 1;
1467 ext_opt_params
? stream_putw_at(s
, capp
, len
- 1)
1468 : stream_putc_at(s
, capp
, len
);
1471 static void bgp_peer_send_llgr_capability(struct stream
*s
, struct peer
*peer
,
1472 bool ext_opt_params
)
1478 iana_safi_t pkt_safi
;
1479 unsigned long capp
= 0;
1480 unsigned long rcapp
= 0;
1482 if (!CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_ADV
))
1485 SET_FLAG(peer
->cap
, PEER_CAP_LLGR_ADV
);
1487 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1488 capp
= stream_get_endp(s
); /* Set Capability Len Pointer */
1489 ext_opt_params
? stream_putw(s
, 0)
1490 : stream_putc(s
, 0); /* Capability Length */
1491 stream_putc(s
, CAPABILITY_CODE_LLGR
);
1493 rcapp
= stream_get_endp(s
);
1496 FOREACH_AFI_SAFI (afi
, safi
) {
1497 if (!peer
->afc
[afi
][safi
])
1500 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
1502 stream_putw(s
, pkt_afi
);
1503 stream_putc(s
, pkt_safi
);
1504 stream_putc(s
, LLGR_F_BIT
);
1505 stream_put3(s
, peer
->bgp
->llgr_stale_time
);
1507 SET_FLAG(peer
->af_cap
[afi
][safi
], PEER_CAP_LLGR_AF_ADV
);
1510 /* Total Long-lived Graceful Restart capability Len. */
1511 len
= stream_get_endp(s
) - rcapp
- 1;
1512 stream_putc_at(s
, rcapp
, len
);
1514 /* Total Capability Len. */
1515 len
= stream_get_endp(s
) - capp
- 1;
1516 ext_opt_params
? stream_putw_at(s
, capp
, len
- 1)
1517 : stream_putc_at(s
, capp
, len
);
1520 /* Fill in capability open option to the packet. */
1521 uint16_t bgp_open_capability(struct stream
*s
, struct peer
*peer
,
1522 bool ext_opt_params
)
1525 unsigned long cp
, capp
, rcapp
, eopl
= 0;
1529 iana_safi_t pkt_safi
;
1531 uint8_t afi_safi_count
= 0;
1532 int adv_addpath_tx
= 0;
1534 /* Non-Ext OP Len. */
1535 cp
= stream_get_endp(s
);
1538 if (ext_opt_params
) {
1539 /* Non-Ext OP Len. */
1540 stream_putc_at(s
, cp
, BGP_OPEN_NON_EXT_OPT_LEN
);
1542 /* Non-Ext OP Type */
1543 stream_putc(s
, BGP_OPEN_NON_EXT_OPT_TYPE_EXTENDED_LENGTH
);
1545 /* Extended Opt. Parm. Length */
1546 eopl
= stream_get_endp(s
);
1550 /* Do not send capability. */
1551 if (!CHECK_FLAG(peer
->sflags
, PEER_STATUS_CAPABILITY_OPEN
)
1552 || CHECK_FLAG(peer
->flags
, PEER_FLAG_DONT_CAPABILITY
))
1555 /* MP capability for configured AFI, SAFI */
1556 FOREACH_AFI_SAFI (afi
, safi
) {
1557 if (peer
->afc
[afi
][safi
]) {
1558 /* Convert AFI, SAFI to values for packet. */
1559 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
,
1562 peer
->afc_adv
[afi
][safi
] = 1;
1563 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1565 ? stream_putw(s
, CAPABILITY_CODE_MP_LEN
+ 2)
1566 : stream_putc(s
, CAPABILITY_CODE_MP_LEN
+ 2);
1567 stream_putc(s
, CAPABILITY_CODE_MP
);
1568 stream_putc(s
, CAPABILITY_CODE_MP_LEN
);
1569 stream_putw(s
, pkt_afi
);
1571 stream_putc(s
, pkt_safi
);
1573 /* Extended nexthop capability - currently
1574 * supporting RFC-5549 for
1575 * Link-Local peering only
1577 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_CAPABILITY_ENHE
)
1578 && peer
->su
.sa
.sa_family
== AF_INET6
1580 && (safi
== SAFI_UNICAST
|| safi
== SAFI_MPLS_VPN
1581 || safi
== SAFI_LABELED_UNICAST
)) {
1582 /* RFC 5549 Extended Next Hop Encoding
1584 SET_FLAG(peer
->cap
, PEER_CAP_ENHE_ADV
);
1585 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1588 CAPABILITY_CODE_ENHE_LEN
1591 CAPABILITY_CODE_ENHE_LEN
1593 stream_putc(s
, CAPABILITY_CODE_ENHE
);
1594 stream_putc(s
, CAPABILITY_CODE_ENHE_LEN
);
1596 SET_FLAG(peer
->af_cap
[AFI_IP
][safi
],
1597 PEER_CAP_ENHE_AF_ADV
);
1598 stream_putw(s
, pkt_afi
);
1599 stream_putw(s
, pkt_safi
);
1600 stream_putw(s
, afi_int2iana(AFI_IP6
));
1602 if (CHECK_FLAG(peer
->af_cap
[afi
][safi
],
1603 PEER_CAP_ENHE_AF_RCV
))
1604 SET_FLAG(peer
->af_cap
[afi
][safi
],
1605 PEER_CAP_ENHE_AF_NEGO
);
1610 /* Route refresh. */
1611 SET_FLAG(peer
->cap
, PEER_CAP_REFRESH_ADV
);
1612 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1613 ext_opt_params
? stream_putw(s
, CAPABILITY_CODE_REFRESH_LEN
+ 2)
1614 : stream_putc(s
, CAPABILITY_CODE_REFRESH_LEN
+ 2);
1615 stream_putc(s
, CAPABILITY_CODE_REFRESH_OLD
);
1616 stream_putc(s
, CAPABILITY_CODE_REFRESH_LEN
);
1617 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1618 ext_opt_params
? stream_putw(s
, CAPABILITY_CODE_REFRESH_LEN
+ 2)
1619 : stream_putc(s
, CAPABILITY_CODE_REFRESH_LEN
+ 2);
1620 stream_putc(s
, CAPABILITY_CODE_REFRESH
);
1621 stream_putc(s
, CAPABILITY_CODE_REFRESH_LEN
);
1623 /* Enhanced Route Refresh. */
1624 SET_FLAG(peer
->cap
, PEER_CAP_ENHANCED_RR_ADV
);
1625 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1626 ext_opt_params
? stream_putw(s
, CAPABILITY_CODE_ENHANCED_LEN
+ 2)
1627 : stream_putc(s
, CAPABILITY_CODE_ENHANCED_LEN
+ 2);
1628 stream_putc(s
, CAPABILITY_CODE_ENHANCED_RR
);
1629 stream_putc(s
, CAPABILITY_CODE_ENHANCED_LEN
);
1632 SET_FLAG(peer
->cap
, PEER_CAP_AS4_ADV
);
1633 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1634 ext_opt_params
? stream_putw(s
, CAPABILITY_CODE_AS4_LEN
+ 2)
1635 : stream_putc(s
, CAPABILITY_CODE_AS4_LEN
+ 2);
1636 stream_putc(s
, CAPABILITY_CODE_AS4
);
1637 stream_putc(s
, CAPABILITY_CODE_AS4_LEN
);
1638 if (peer
->change_local_as
)
1639 local_as
= peer
->change_local_as
;
1641 local_as
= peer
->local_as
;
1642 stream_putl(s
, local_as
);
1644 /* Extended Message Support */
1645 SET_FLAG(peer
->cap
, PEER_CAP_EXTENDED_MESSAGE_ADV
);
1646 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1647 ext_opt_params
? stream_putw(s
, CAPABILITY_CODE_EXT_MESSAGE_LEN
+ 2)
1648 : stream_putc(s
, CAPABILITY_CODE_EXT_MESSAGE_LEN
+ 2);
1649 stream_putc(s
, CAPABILITY_CODE_EXT_MESSAGE
);
1650 stream_putc(s
, CAPABILITY_CODE_EXT_MESSAGE_LEN
);
1653 FOREACH_AFI_SAFI (afi
, safi
) {
1654 if (peer
->afc
[afi
][safi
]) {
1657 /* Only advertise addpath TX if a feature that
1660 if (peer
->addpath_type
[afi
][safi
] != BGP_ADDPATH_NONE
)
1665 SET_FLAG(peer
->cap
, PEER_CAP_ADDPATH_ADV
);
1666 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1668 ? stream_putw(s
, (CAPABILITY_CODE_ADDPATH_LEN
* afi_safi_count
)
1670 : stream_putc(s
, (CAPABILITY_CODE_ADDPATH_LEN
* afi_safi_count
)
1672 stream_putc(s
, CAPABILITY_CODE_ADDPATH
);
1673 stream_putc(s
, CAPABILITY_CODE_ADDPATH_LEN
* afi_safi_count
);
1675 FOREACH_AFI_SAFI (afi
, safi
) {
1676 if (peer
->afc
[afi
][safi
]) {
1677 bool adv_addpath_rx
=
1678 !CHECK_FLAG(peer
->af_flags
[afi
][safi
],
1679 PEER_FLAG_DISABLE_ADDPATH_RX
);
1682 /* Convert AFI, SAFI to values for packet. */
1683 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
,
1686 stream_putw(s
, pkt_afi
);
1687 stream_putc(s
, pkt_safi
);
1689 if (adv_addpath_rx
) {
1690 SET_FLAG(flags
, BGP_ADDPATH_RX
);
1691 SET_FLAG(peer
->af_cap
[afi
][safi
],
1692 PEER_CAP_ADDPATH_AF_RX_ADV
);
1694 UNSET_FLAG(peer
->af_cap
[afi
][safi
],
1695 PEER_CAP_ADDPATH_AF_RX_ADV
);
1698 if (adv_addpath_tx
) {
1699 SET_FLAG(flags
, BGP_ADDPATH_TX
);
1700 SET_FLAG(peer
->af_cap
[afi
][safi
],
1701 PEER_CAP_ADDPATH_AF_TX_ADV
);
1703 UNSET_FLAG(peer
->af_cap
[afi
][safi
],
1704 PEER_CAP_ADDPATH_AF_TX_ADV
);
1707 stream_putc(s
, flags
);
1711 /* ORF capability. */
1712 FOREACH_AFI_SAFI (afi
, safi
) {
1713 if (CHECK_FLAG(peer
->af_flags
[afi
][safi
],
1714 PEER_FLAG_ORF_PREFIX_SM
)
1715 || CHECK_FLAG(peer
->af_flags
[afi
][safi
],
1716 PEER_FLAG_ORF_PREFIX_RM
)) {
1717 bgp_open_capability_orf(s
, peer
, afi
, safi
,
1718 CAPABILITY_CODE_ORF_OLD
,
1720 bgp_open_capability_orf(s
, peer
, afi
, safi
,
1721 CAPABILITY_CODE_ORF
,
1726 /* Dynamic capability. */
1727 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_DYNAMIC_CAPABILITY
)) {
1728 SET_FLAG(peer
->cap
, PEER_CAP_DYNAMIC_ADV
);
1729 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1731 ? stream_putw(s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2)
1732 : stream_putc(s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2);
1733 stream_putc(s
, CAPABILITY_CODE_DYNAMIC_OLD
);
1734 stream_putc(s
, CAPABILITY_CODE_DYNAMIC_LEN
);
1735 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1737 ? stream_putw(s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2)
1738 : stream_putc(s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2);
1739 stream_putc(s
, CAPABILITY_CODE_DYNAMIC
);
1740 stream_putc(s
, CAPABILITY_CODE_DYNAMIC_LEN
);
1743 /* Hostname capability */
1744 if (cmd_hostname_get()) {
1745 SET_FLAG(peer
->cap
, PEER_CAP_HOSTNAME_ADV
);
1746 stream_putc(s
, BGP_OPEN_OPT_CAP
);
1747 rcapp
= stream_get_endp(s
); /* Ptr to length placeholder */
1748 ext_opt_params
? stream_putw(s
, 0)
1749 : stream_putc(s
, 0); /* Capability Length */
1750 stream_putc(s
, CAPABILITY_CODE_FQDN
);
1751 capp
= stream_get_endp(s
);
1752 stream_putc(s
, 0); /* dummy len for now */
1753 len
= strlen(cmd_hostname_get());
1754 if (len
> BGP_MAX_HOSTNAME
)
1755 len
= BGP_MAX_HOSTNAME
;
1757 stream_putc(s
, len
);
1758 stream_put(s
, cmd_hostname_get(), len
);
1759 if (cmd_domainname_get()) {
1760 len
= strlen(cmd_domainname_get());
1761 if (len
> BGP_MAX_HOSTNAME
)
1762 len
= BGP_MAX_HOSTNAME
;
1764 stream_putc(s
, len
);
1765 stream_put(s
, cmd_domainname_get(), len
);
1767 stream_putc(s
, 0); /* 0 length */
1769 /* Set the lengths straight */
1770 len
= stream_get_endp(s
) - rcapp
- 1;
1771 ext_opt_params
? stream_putw_at(s
, rcapp
, len
- 1)
1772 : stream_putc_at(s
, rcapp
, len
);
1774 len
= stream_get_endp(s
) - capp
- 1;
1775 stream_putc_at(s
, capp
, len
);
1777 if (bgp_debug_neighbor_events(peer
))
1779 "%s Sending hostname cap with hn = %s, dn = %s",
1780 peer
->host
, cmd_hostname_get(),
1781 cmd_domainname_get());
1784 bgp_peer_send_gr_capability(s
, peer
, ext_opt_params
);
1785 bgp_peer_send_llgr_capability(s
, peer
, ext_opt_params
);
1787 /* Total Opt Parm Len. */
1788 len
= stream_get_endp(s
) - cp
- 1;
1790 if (ext_opt_params
) {
1791 len
= stream_get_endp(s
) - eopl
- 2;
1792 stream_putw_at(s
, eopl
, len
);
1794 stream_putc_at(s
, cp
, len
);