]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_open.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bgpd: encap: add encap SAFI (RFC5512)
[mirror_frr.git] / bgpd / bgp_open.c
1 /* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
3
4 This file is part of GNU Zebra.
5
6 GNU Zebra is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
9 later version.
10
11 GNU Zebra is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GNU Zebra; see the file COPYING. If not, write to the Free
18 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19 02111-1307, USA. */
20
21 #include <zebra.h>
22
23 #include "linklist.h"
24 #include "prefix.h"
25 #include "stream.h"
26 #include "thread.h"
27 #include "log.h"
28 #include "command.h"
29 #include "memory.h"
30 #include "queue.h"
31
32 #include "lib/json.h"
33 #include "bgpd/bgpd.h"
34 #include "bgpd/bgp_attr.h"
35 #include "bgpd/bgp_debug.h"
36 #include "bgpd/bgp_fsm.h"
37 #include "bgpd/bgp_packet.h"
38 #include "bgpd/bgp_open.h"
39 #include "bgpd/bgp_aspath.h"
40 #include "bgpd/bgp_vty.h"
41
42 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
43 negotiate remote peer supports extentions or not. But if
44 remote-peer doesn't supports negotiation process itself. We would
45 like to do manual configuration.
46
47 So there is many configurable point. First of all we want set each
48 peer whether we send capability negotiation to the peer or not.
49 Next, if we send capability to the peer we want to set my capabilty
50 inforation at each peer. */
51
52 void
53 bgp_capability_vty_out (struct vty *vty, struct peer *peer, u_char use_json, json_object *json_neigh)
54 {
55 char *pnt;
56 char *end;
57 struct capability_mp_data mpc;
58 struct capability_header *hdr;
59 json_object *json_cap = NULL;
60
61 if (use_json)
62 json_cap = json_object_new_object();
63
64 pnt = peer->notify.data;
65 end = pnt + peer->notify.length;
66
67 while (pnt < end)
68 {
69 if (pnt + sizeof (struct capability_mp_data) + 2 > end)
70 return;
71
72 hdr = (struct capability_header *)pnt;
73 if (pnt + hdr->length + 2 > end)
74 return;
75
76 memcpy (&mpc, pnt + 2, sizeof(struct capability_mp_data));
77
78 if (hdr->code == CAPABILITY_CODE_MP)
79 {
80 if (use_json)
81 {
82 switch (ntohs (mpc.afi))
83 {
84 case AFI_IP:
85 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv4");
86 break;
87 case AFI_IP6:
88 json_object_string_add(json_cap, "capabilityErrorMultiProtocolAfi", "IPv6");
89 break;
90 default:
91 json_object_int_add(json_cap, "capabilityErrorMultiProtocolAfiUnknown", ntohs (mpc.afi));
92 break;
93 }
94 switch (mpc.safi)
95 {
96 case SAFI_UNICAST:
97 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "unicast");
98 break;
99 case SAFI_MULTICAST:
100 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "multicast");
101 break;
102 case SAFI_MPLS_LABELED_VPN:
103 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "MPLS-labeled VPN");
104 break;
105 case SAFI_ENCAP:
106 json_object_string_add(json_cap, "capabilityErrorMultiProtocolSafi", "encap");
107 break;
108 default:
109 json_object_int_add(json_cap, "capabilityErrorMultiProtocolSafiUnknown", mpc.safi);
110 break;
111 }
112 }
113 else
114 {
115 vty_out (vty, " Capability error for: Multi protocol ");
116 switch (ntohs (mpc.afi))
117 {
118 case AFI_IP:
119 vty_out (vty, "AFI IPv4, ");
120 break;
121 case AFI_IP6:
122 vty_out (vty, "AFI IPv6, ");
123 break;
124 default:
125 vty_out (vty, "AFI Unknown %d, ", ntohs (mpc.afi));
126 break;
127 }
128 switch (mpc.safi)
129 {
130 case SAFI_UNICAST:
131 vty_out (vty, "SAFI Unicast");
132 break;
133 case SAFI_MULTICAST:
134 vty_out (vty, "SAFI Multicast");
135 break;
136 case SAFI_MPLS_LABELED_VPN:
137 vty_out (vty, "SAFI MPLS-labeled VPN");
138 break;
139 case SAFI_ENCAP:
140 vty_out (vty, "SAFI ENCAP");
141 break;
142 default:
143 vty_out (vty, "SAFI Unknown %d ", mpc.safi);
144 break;
145 }
146 vty_out (vty, "%s", VTY_NEWLINE);
147 }
148 }
149 else if (hdr->code >= 128)
150 {
151 if (use_json)
152 json_object_int_add(json_cap, "capabilityErrorVendorSpecificCapabilityCode", hdr->code);
153 else
154 vty_out (vty, " Capability error: vendor specific capability code %d",
155 hdr->code);
156 }
157 else
158 {
159 if (use_json)
160 json_object_int_add(json_cap, "capabilityErrorUnknownCapabilityCode", hdr->code);
161 else
162 vty_out (vty, " Capability error: unknown capability code %d",
163 hdr->code);
164 }
165 pnt += hdr->length + 2;
166 }
167 if (use_json)
168 json_object_object_add(json_neigh, "capabilityErrors", json_cap);
169 }
170
171 static void
172 bgp_capability_mp_data (struct stream *s, struct capability_mp_data *mpc)
173 {
174 mpc->afi = stream_getw (s);
175 mpc->reserved = stream_getc (s);
176 mpc->safi = stream_getc (s);
177 }
178
179 int
180 bgp_afi_safi_valid_indices (afi_t afi, safi_t *safi)
181 {
182 switch (afi)
183 {
184 case AFI_IP:
185 case AFI_IP6:
186 switch (*safi)
187 {
188 /* BGP MPLS-labeled VPN SAFI isn't contigious with others, remap */
189 case SAFI_MPLS_LABELED_VPN:
190 *safi = SAFI_MPLS_VPN;
191 case SAFI_UNICAST:
192 case SAFI_MULTICAST:
193 case SAFI_MPLS_VPN:
194 case SAFI_ENCAP:
195 return 1;
196 }
197 break;
198 }
199
200 zlog_debug ("unknown afi/safi (%u/%u)", afi, *safi);
201
202 return 0;
203 }
204
205 /* Set negotiated capability value. */
206 static int
207 bgp_capability_mp (struct peer *peer, struct capability_header *hdr)
208 {
209 struct capability_mp_data mpc;
210 struct stream *s = BGP_INPUT (peer);
211
212 /* Verify length is 4 */
213 if (hdr->length != 4)
214 {
215 zlog_warn("MP Cap: Received invalid length %d, non-multiple of 4",
216 hdr->length);
217 return -1;
218 }
219
220 bgp_capability_mp_data (s, &mpc);
221
222 if (bgp_debug_neighbor_events(peer))
223 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
224 peer->host, mpc.afi, mpc.safi);
225
226 if (!bgp_afi_safi_valid_indices (mpc.afi, &mpc.safi))
227 return -1;
228
229 /* Now safi remapped, and afi/safi are valid array indices */
230 peer->afc_recv[mpc.afi][mpc.safi] = 1;
231
232 if (peer->afc[mpc.afi][mpc.safi])
233 peer->afc_nego[mpc.afi][mpc.safi] = 1;
234 else
235 return -1;
236
237 return 0;
238 }
239
240 static void
241 bgp_capability_orf_not_support (struct peer *peer, afi_t afi, safi_t safi,
242 u_char type, u_char mode)
243 {
244 if (bgp_debug_neighbor_events(peer))
245 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
246 peer->host, afi, safi, type, mode);
247 }
248
249 static const struct message orf_type_str[] =
250 {
251 { ORF_TYPE_PREFIX, "Prefixlist" },
252 { ORF_TYPE_PREFIX_OLD, "Prefixlist (old)" },
253 };
254 static const int orf_type_str_max = array_size(orf_type_str);
255
256 static const struct message orf_mode_str[] =
257 {
258 { ORF_MODE_RECEIVE, "Receive" },
259 { ORF_MODE_SEND, "Send" },
260 { ORF_MODE_BOTH, "Both" },
261 };
262 static const int orf_mode_str_max = array_size(orf_mode_str);
263
264 static int
265 bgp_capability_orf_entry (struct peer *peer, struct capability_header *hdr)
266 {
267 struct stream *s = BGP_INPUT (peer);
268 struct capability_orf_entry entry;
269 afi_t afi;
270 safi_t safi;
271 u_char type;
272 u_char mode;
273 u_int16_t sm_cap = 0; /* capability send-mode receive */
274 u_int16_t rm_cap = 0; /* capability receive-mode receive */
275 int i;
276
277 /* ORF Entry header */
278 bgp_capability_mp_data (s, &entry.mpc);
279 entry.num = stream_getc (s);
280 afi = entry.mpc.afi;
281 safi = entry.mpc.safi;
282
283 if (bgp_debug_neighbor_events(peer))
284 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
285 peer->host, entry.mpc.afi, entry.mpc.safi);
286
287 /* Check AFI and SAFI. */
288 if (!bgp_afi_safi_valid_indices (entry.mpc.afi, &safi))
289 {
290 zlog_info ("%s Addr-family %d/%d not supported."
291 " Ignoring the ORF capability",
292 peer->host, entry.mpc.afi, entry.mpc.safi);
293 return 0;
294 }
295
296 /* validate number field */
297 if (CAPABILITY_CODE_ORF_LEN + (entry.num * 2) > hdr->length)
298 {
299 zlog_info ("%s ORF Capability entry length error,"
300 " Cap length %u, num %u",
301 peer->host, hdr->length, entry.num);
302 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
303 return -1;
304 }
305
306 for (i = 0 ; i < entry.num ; i++)
307 {
308 type = stream_getc(s);
309 mode = stream_getc(s);
310
311 /* ORF Mode error check */
312 switch (mode)
313 {
314 case ORF_MODE_BOTH:
315 case ORF_MODE_SEND:
316 case ORF_MODE_RECEIVE:
317 break;
318 default:
319 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
320 continue;
321 }
322 /* ORF Type and afi/safi error checks */
323 /* capcode versus type */
324 switch (hdr->code)
325 {
326 case CAPABILITY_CODE_ORF:
327 switch (type)
328 {
329 case ORF_TYPE_PREFIX:
330 break;
331 default:
332 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
333 continue;
334 }
335 break;
336 case CAPABILITY_CODE_ORF_OLD:
337 switch (type)
338 {
339 case ORF_TYPE_PREFIX_OLD:
340 break;
341 default:
342 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
343 continue;
344 }
345 break;
346 default:
347 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
348 continue;
349 }
350
351 /* AFI vs SAFI */
352 if (!((afi == AFI_IP && safi == SAFI_UNICAST)
353 || (afi == AFI_IP && safi == SAFI_MULTICAST)
354 || (afi == AFI_IP6 && safi == SAFI_UNICAST)))
355 {
356 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
357 continue;
358 }
359
360 if (bgp_debug_neighbor_events(peer))
361 zlog_debug ("%s OPEN has %s ORF capability"
362 " as %s for afi/safi: %d/%d",
363 peer->host, LOOKUP (orf_type_str, type),
364 LOOKUP (orf_mode_str, mode),
365 entry.mpc.afi, safi);
366
367 if (hdr->code == CAPABILITY_CODE_ORF)
368 {
369 sm_cap = PEER_CAP_ORF_PREFIX_SM_RCV;
370 rm_cap = PEER_CAP_ORF_PREFIX_RM_RCV;
371 }
372 else if (hdr->code == CAPABILITY_CODE_ORF_OLD)
373 {
374 sm_cap = PEER_CAP_ORF_PREFIX_SM_OLD_RCV;
375 rm_cap = PEER_CAP_ORF_PREFIX_RM_OLD_RCV;
376 }
377 else
378 {
379 bgp_capability_orf_not_support (peer, afi, safi, type, mode);
380 continue;
381 }
382
383 switch (mode)
384 {
385 case ORF_MODE_BOTH:
386 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
387 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
388 break;
389 case ORF_MODE_SEND:
390 SET_FLAG (peer->af_cap[afi][safi], sm_cap);
391 break;
392 case ORF_MODE_RECEIVE:
393 SET_FLAG (peer->af_cap[afi][safi], rm_cap);
394 break;
395 }
396 }
397 return 0;
398 }
399
400 static int
401 bgp_capability_restart (struct peer *peer, struct capability_header *caphdr)
402 {
403 struct stream *s = BGP_INPUT (peer);
404 u_int16_t restart_flag_time;
405 size_t end = stream_get_getp (s) + caphdr->length;
406
407 /* Verify length is a multiple of 4 */
408 if ((caphdr->length-2) % 4)
409 {
410 zlog_warn("Restart Cap: Received invalid length %d, non-multiple of 4",
411 caphdr->length);
412 return -1;
413 }
414
415 SET_FLAG (peer->cap, PEER_CAP_RESTART_RCV);
416 restart_flag_time = stream_getw(s);
417 if (CHECK_FLAG (restart_flag_time, RESTART_R_BIT))
418 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV);
419
420 UNSET_FLAG (restart_flag_time, 0xF000);
421 peer->v_gr_restart = restart_flag_time;
422
423 if (bgp_debug_neighbor_events(peer))
424 {
425 zlog_debug ("%s OPEN has Graceful Restart capability", peer->host);
426 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
427 peer->host,
428 CHECK_FLAG (peer->cap, PEER_CAP_RESTART_BIT_RCV) ? " "
429 : " not ",
430 peer->v_gr_restart);
431 }
432
433 while (stream_get_getp (s) + 4 <= end)
434 {
435 afi_t afi = stream_getw (s);
436 safi_t safi = stream_getc (s);
437 u_char flag = stream_getc (s);
438
439 if (!bgp_afi_safi_valid_indices (afi, &safi))
440 {
441 if (bgp_debug_neighbor_events(peer))
442 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
443 " Ignore the Graceful Restart capability for this AFI/SAFI",
444 peer->host, afi, safi);
445 }
446 else if (!peer->afc[afi][safi])
447 {
448 if (bgp_debug_neighbor_events(peer))
449 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
450 " Ignore the Graceful Restart capability",
451 peer->host, afi, safi);
452 }
453 else
454 {
455 if (bgp_debug_neighbor_events(peer))
456 zlog_debug ("%s Address family %s is%spreserved", peer->host,
457 afi_safi_print (afi, safi),
458 CHECK_FLAG (peer->af_cap[afi][safi],
459 PEER_CAP_RESTART_AF_PRESERVE_RCV)
460 ? " " : " not ");
461
462 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_RCV);
463 if (CHECK_FLAG (flag, RESTART_F_BIT))
464 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_RESTART_AF_PRESERVE_RCV);
465
466 }
467 }
468 return 0;
469 }
470
471 /* Unlike other capability parsing routines, this one returns 0 on error */
472 static as_t
473 bgp_capability_as4 (struct peer *peer, struct capability_header *hdr)
474 {
475 SET_FLAG (peer->cap, PEER_CAP_AS4_RCV);
476
477 if (hdr->length != CAPABILITY_CODE_AS4_LEN)
478 {
479 zlog_err ("%s AS4 capability has incorrect data length %d",
480 peer->host, hdr->length);
481 return 0;
482 }
483
484 as_t as4 = stream_getl (BGP_INPUT(peer));
485
486 if (BGP_DEBUG (as4, AS4))
487 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
488 peer->host, as4);
489 return as4;
490 }
491
492 static int
493 bgp_capability_addpath (struct peer *peer, struct capability_header *hdr)
494 {
495 struct stream *s = BGP_INPUT (peer);
496 size_t end = stream_get_getp (s) + hdr->length;
497
498 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_RCV);
499
500 /* Verify length is a multiple of 4 */
501 if (hdr->length % 4)
502 {
503 zlog_warn("Add Path: Received invalid length %d, non-multiple of 4",
504 hdr->length);
505 return -1;
506 }
507
508 while (stream_get_getp (s) + 4 <= end)
509 {
510 afi_t afi = stream_getw (s);
511 safi_t safi = stream_getc (s);
512 u_char send_receive = stream_getc (s);
513
514 if (bgp_debug_neighbor_events(peer))
515 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
516 peer->host, afi, safi,
517 (send_receive & BGP_ADDPATH_RX) ? ", receive" : "",
518 (send_receive & BGP_ADDPATH_TX) ? ", transmit" : "");
519
520 if (!bgp_afi_safi_valid_indices (afi, &safi))
521 {
522 if (bgp_debug_neighbor_events(peer))
523 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
524 " Ignore the Addpath Attribute for this AFI/SAFI",
525 peer->host, afi, safi);
526 continue;
527 }
528 else if (!peer->afc[afi][safi])
529 {
530 if (bgp_debug_neighbor_events(peer))
531 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
532 " Ignore the AddPath capability for this AFI/SAFI",
533 peer->host, afi, safi);
534 continue;
535 }
536
537 if (send_receive & BGP_ADDPATH_RX)
538 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_RCV);
539
540 if (send_receive & BGP_ADDPATH_TX)
541 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_RCV);
542 }
543
544 return 0;
545 }
546
547 static int
548 bgp_capability_enhe (struct peer *peer, struct capability_header *hdr)
549 {
550 struct stream *s = BGP_INPUT (peer);
551 size_t end = stream_get_getp (s) + hdr->length;
552
553 /* Verify length is a multiple of 4 */
554 if (hdr->length % 6)
555 {
556 zlog_warn("Extended NH: Received invalid length %d, non-multiple of 6",
557 hdr->length);
558 return -1;
559 }
560
561 while (stream_get_getp (s) + 6 <= end)
562 {
563 afi_t afi = stream_getw (s);
564 safi_t safi = stream_getw (s);
565 afi_t nh_afi = stream_getw (s);
566
567 if (bgp_debug_neighbor_events(peer))
568 zlog_debug ("%s Received with afi/safi/next-hop afi: %u/%u/%u",
569 peer->host, afi, safi, nh_afi);
570
571 if (!bgp_afi_safi_valid_indices (afi, &safi))
572 {
573 if (bgp_debug_neighbor_events(peer))
574 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
575 " Ignore the ENHE Attribute for this AFI/SAFI",
576 peer->host, afi, safi);
577 continue;
578 }
579
580 /* RFC 5549 specifies use of this capability only for IPv4 AFI, with
581 * the Nexthop AFI being IPv6. A future spec may introduce other
582 * possibilities, so we ignore other values with a log. Also, only
583 * Unicast SAFI is currently supported (and expected).
584 */
585 if (afi != AFI_IP || safi != SAFI_UNICAST || nh_afi != AFI_IP6)
586 {
587 zlog_warn ("%s Unexpected afi/safi/next-hop afi: %u/%u/%u "
588 "in Extended Next-hop capability, ignoring",
589 peer->host, afi, safi, nh_afi);
590 continue;
591 }
592
593 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_RCV);
594
595 if (CHECK_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_ADV))
596 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ENHE_AF_NEGO);
597 }
598
599 SET_FLAG (peer->cap, PEER_CAP_ENHE_RCV);
600
601 return 0;
602 }
603
604 static int
605 bgp_capability_hostname (struct peer *peer, struct capability_header *hdr)
606 {
607 struct stream *s = BGP_INPUT (peer);
608 char str[BGP_MAX_HOSTNAME+1];
609 size_t end = stream_get_getp (s) + hdr->length;
610 u_char len;
611
612 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_RCV);
613
614 len = stream_getc(s);
615 if (stream_get_getp(s) + len > end)
616 {
617 zlog_warn("%s: Received malformed hostname capability from peer %s",
618 __FUNCTION__, peer->host);
619 return -1;
620 }
621
622 if (len > BGP_MAX_HOSTNAME)
623 {
624 stream_get(str, s, BGP_MAX_HOSTNAME);
625 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
626 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
627 }
628 else if (len)
629 stream_get(str, s, len);
630
631 if (len)
632 {
633 str[len] = '\0';
634
635 if (peer->hostname != NULL)
636 {
637 XFREE(MTYPE_HOST, peer->hostname);
638 peer->hostname = NULL;
639 }
640
641 if (peer->domainname != NULL)
642 {
643 XFREE(MTYPE_HOST, peer->domainname);
644 peer->domainname = NULL;
645 }
646
647 peer->hostname = XSTRDUP(MTYPE_HOST, str);
648 }
649
650 if (stream_get_getp(s) +1 > end)
651 {
652 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
653 __FUNCTION__, peer->host);
654 return -1;
655 }
656
657 len = stream_getc(s);
658 if (stream_get_getp(s) + len > end)
659 {
660 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
661 __FUNCTION__, peer->host);
662 return -1;
663 }
664
665 if (len > BGP_MAX_HOSTNAME)
666 {
667 stream_get(str, s, BGP_MAX_HOSTNAME);
668 stream_forward_getp(s, len-BGP_MAX_HOSTNAME);
669 len = BGP_MAX_HOSTNAME; /* to set the '\0' below */
670 }
671 else if (len)
672 stream_get(str, s, len);
673
674 if (len)
675 {
676 str[len] = '\0';
677 peer->domainname = XSTRDUP(MTYPE_HOST, str);
678 }
679
680 if (bgp_debug_neighbor_events(peer))
681 {
682 zlog_debug("%s received hostname %s, domainname %s",
683 peer->host, peer->hostname, peer->domainname);
684 }
685
686 return 0;
687 }
688
689 static const struct message capcode_str[] =
690 {
691 { CAPABILITY_CODE_MP, "MultiProtocol Extensions" },
692 { CAPABILITY_CODE_REFRESH, "Route Refresh" },
693 { CAPABILITY_CODE_ORF, "Cooperative Route Filtering" },
694 { CAPABILITY_CODE_RESTART, "Graceful Restart" },
695 { CAPABILITY_CODE_AS4, "4-octet AS number" },
696 { CAPABILITY_CODE_ADDPATH, "AddPath" },
697 { CAPABILITY_CODE_DYNAMIC, "Dynamic" },
698 { CAPABILITY_CODE_ENHE, "Extended Next Hop Encoding" },
699 { CAPABILITY_CODE_DYNAMIC_OLD, "Dynamic (Old)" },
700 { CAPABILITY_CODE_REFRESH_OLD, "Route Refresh (Old)" },
701 { CAPABILITY_CODE_ORF_OLD, "ORF (Old)" },
702 { CAPABILITY_CODE_FQDN, "FQDN" },
703 };
704 static const int capcode_str_max = array_size(capcode_str);
705
706 /* Minimum sizes for length field of each cap (so not inc. the header) */
707 static const size_t cap_minsizes[] =
708 {
709 [CAPABILITY_CODE_MP] = CAPABILITY_CODE_MP_LEN,
710 [CAPABILITY_CODE_REFRESH] = CAPABILITY_CODE_REFRESH_LEN,
711 [CAPABILITY_CODE_ORF] = CAPABILITY_CODE_ORF_LEN,
712 [CAPABILITY_CODE_RESTART] = CAPABILITY_CODE_RESTART_LEN,
713 [CAPABILITY_CODE_AS4] = CAPABILITY_CODE_AS4_LEN,
714 [CAPABILITY_CODE_ADDPATH] = CAPABILITY_CODE_ADDPATH_LEN,
715 [CAPABILITY_CODE_DYNAMIC] = CAPABILITY_CODE_DYNAMIC_LEN,
716 [CAPABILITY_CODE_DYNAMIC_OLD] = CAPABILITY_CODE_DYNAMIC_LEN,
717 [CAPABILITY_CODE_ENHE] = CAPABILITY_CODE_ENHE_LEN,
718 [CAPABILITY_CODE_REFRESH_OLD] = CAPABILITY_CODE_REFRESH_LEN,
719 [CAPABILITY_CODE_ORF_OLD] = CAPABILITY_CODE_ORF_LEN,
720 [CAPABILITY_CODE_FQDN] = CAPABILITY_CODE_MIN_FQDN_LEN,
721 };
722
723 /* value the capability must be a multiple of.
724 * 0-data capabilities won't be checked against this.
725 * Other capabilities whose data doesn't fall on convenient boundaries for this
726 * table should be set to 1.
727 */
728 static const size_t cap_modsizes[] =
729 {
730 [CAPABILITY_CODE_MP] = 4,
731 [CAPABILITY_CODE_REFRESH] = 1,
732 [CAPABILITY_CODE_ORF] = 1,
733 [CAPABILITY_CODE_RESTART] = 1,
734 [CAPABILITY_CODE_AS4] = 4,
735 [CAPABILITY_CODE_ADDPATH] = 4,
736 [CAPABILITY_CODE_DYNAMIC] = 1,
737 [CAPABILITY_CODE_DYNAMIC_OLD] = 1,
738 [CAPABILITY_CODE_ENHE] = 6,
739 [CAPABILITY_CODE_REFRESH_OLD] = 1,
740 [CAPABILITY_CODE_ORF_OLD] = 1,
741 [CAPABILITY_CODE_FQDN] = 1,
742 };
743
744 /**
745 * Parse given capability.
746 * XXX: This is reading into a stream, but not using stream API
747 *
748 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
749 * capabilities were encountered.
750 */
751 static int
752 bgp_capability_parse (struct peer *peer, size_t length, int *mp_capability,
753 u_char **error)
754 {
755 int ret;
756 struct stream *s = BGP_INPUT (peer);
757 size_t end = stream_get_getp (s) + length;
758
759 assert (STREAM_READABLE (s) >= length);
760
761 while (stream_get_getp (s) < end)
762 {
763 size_t start;
764 u_char *sp = stream_pnt (s);
765 struct capability_header caphdr;
766
767 ret = 0;
768 /* We need at least capability code and capability length. */
769 if (stream_get_getp(s) + 2 > end)
770 {
771 zlog_info ("%s Capability length error (< header)", peer->host);
772 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
773 return -1;
774 }
775
776 caphdr.code = stream_getc (s);
777 caphdr.length = stream_getc (s);
778 start = stream_get_getp (s);
779
780 /* Capability length check sanity check. */
781 if (start + caphdr.length > end)
782 {
783 zlog_info ("%s Capability length error (< length)", peer->host);
784 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
785 return -1;
786 }
787
788 if (bgp_debug_neighbor_events(peer))
789 zlog_debug ("%s OPEN has %s capability (%u), length %u",
790 peer->host,
791 LOOKUP (capcode_str, caphdr.code),
792 caphdr.code, caphdr.length);
793
794 /* Length sanity check, type-specific, for known capabilities */
795 switch (caphdr.code)
796 {
797 case CAPABILITY_CODE_MP:
798 case CAPABILITY_CODE_REFRESH:
799 case CAPABILITY_CODE_REFRESH_OLD:
800 case CAPABILITY_CODE_ORF:
801 case CAPABILITY_CODE_ORF_OLD:
802 case CAPABILITY_CODE_RESTART:
803 case CAPABILITY_CODE_AS4:
804 case CAPABILITY_CODE_ADDPATH:
805 case CAPABILITY_CODE_DYNAMIC:
806 case CAPABILITY_CODE_DYNAMIC_OLD:
807 case CAPABILITY_CODE_ENHE:
808 case CAPABILITY_CODE_FQDN:
809 /* Check length. */
810 if (caphdr.length < cap_minsizes[caphdr.code])
811 {
812 zlog_info ("%s %s Capability length error: got %u,"
813 " expected at least %u",
814 peer->host,
815 LOOKUP (capcode_str, caphdr.code),
816 caphdr.length,
817 (unsigned) cap_minsizes[caphdr.code]);
818 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
819 return -1;
820 }
821 if (caphdr.length
822 && caphdr.length % cap_modsizes[caphdr.code] != 0)
823 {
824 zlog_info ("%s %s Capability length error: got %u,"
825 " expected a multiple of %u",
826 peer->host,
827 LOOKUP (capcode_str, caphdr.code),
828 caphdr.length,
829 (unsigned) cap_modsizes[caphdr.code]);
830 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
831 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
832 return -1;
833 }
834 /* we deliberately ignore unknown codes, see below */
835 default:
836 break;
837 }
838
839 switch (caphdr.code)
840 {
841 case CAPABILITY_CODE_MP:
842 {
843 *mp_capability = 1;
844
845 /* Ignore capability when override-capability is set. */
846 if (! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
847 {
848 /* Set negotiated value. */
849 ret = bgp_capability_mp (peer, &caphdr);
850
851 /* Unsupported Capability. */
852 if (ret < 0)
853 {
854 /* Store return data. */
855 memcpy (*error, sp, caphdr.length + 2);
856 *error += caphdr.length + 2;
857 }
858 ret = 0; /* Don't return error for this */
859 }
860 }
861 break;
862 case CAPABILITY_CODE_REFRESH:
863 case CAPABILITY_CODE_REFRESH_OLD:
864 {
865 /* BGP refresh capability */
866 if (caphdr.code == CAPABILITY_CODE_REFRESH_OLD)
867 SET_FLAG (peer->cap, PEER_CAP_REFRESH_OLD_RCV);
868 else
869 SET_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV);
870 }
871 break;
872 case CAPABILITY_CODE_ORF:
873 case CAPABILITY_CODE_ORF_OLD:
874 ret = bgp_capability_orf_entry (peer, &caphdr);
875 break;
876 case CAPABILITY_CODE_RESTART:
877 ret = bgp_capability_restart (peer, &caphdr);
878 break;
879 case CAPABILITY_CODE_DYNAMIC:
880 case CAPABILITY_CODE_DYNAMIC_OLD:
881 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_RCV);
882 break;
883 case CAPABILITY_CODE_AS4:
884 /* Already handled as a special-case parsing of the capabilities
885 * at the beginning of OPEN processing. So we care not a jot
886 * for the value really, only error case.
887 */
888 if (!bgp_capability_as4 (peer, &caphdr))
889 ret = -1;
890 break;
891 case CAPABILITY_CODE_ADDPATH:
892 ret = bgp_capability_addpath (peer, &caphdr);
893 break;
894 case CAPABILITY_CODE_ENHE:
895 ret = bgp_capability_enhe (peer, &caphdr);
896 break;
897 case CAPABILITY_CODE_FQDN:
898 ret = bgp_capability_hostname (peer, &caphdr);
899 break;
900 default:
901 if (caphdr.code > 128)
902 {
903 /* We don't send Notification for unknown vendor specific
904 capabilities. It seems reasonable for now... */
905 zlog_warn ("%s Vendor specific capability %d",
906 peer->host, caphdr.code);
907 }
908 else
909 {
910 zlog_warn ("%s unrecognized capability code: %d - ignored",
911 peer->host, caphdr.code);
912 memcpy (*error, sp, caphdr.length + 2);
913 *error += caphdr.length + 2;
914 }
915 }
916
917 if (ret < 0)
918 {
919 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
920 return -1;
921 }
922 if (stream_get_getp(s) != (start + caphdr.length))
923 {
924 if (stream_get_getp(s) > (start + caphdr.length))
925 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
926 peer->host, LOOKUP (capcode_str, caphdr.code),
927 caphdr.length);
928 stream_set_getp (s, start + caphdr.length);
929 }
930 }
931 return 0;
932 }
933
934 static int
935 bgp_auth_parse (struct peer *peer, size_t length)
936 {
937 bgp_notify_send (peer,
938 BGP_NOTIFY_OPEN_ERR,
939 BGP_NOTIFY_OPEN_AUTH_FAILURE);
940 return -1;
941 }
942
943 static int
944 strict_capability_same (struct peer *peer)
945 {
946 int i, j;
947
948 for (i = AFI_IP; i < AFI_MAX; i++)
949 for (j = SAFI_UNICAST; j < SAFI_MAX; j++)
950 if (peer->afc[i][j] != peer->afc_nego[i][j])
951 return 0;
952 return 1;
953 }
954
955 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
956 * Returns 0 if no as4 found, as4cap value otherwise.
957 */
958 as_t
959 peek_for_as4_capability (struct peer *peer, u_char length)
960 {
961 struct stream *s = BGP_INPUT (peer);
962 size_t orig_getp = stream_get_getp (s);
963 size_t end = orig_getp + length;
964 as_t as4 = 0;
965
966 if (BGP_DEBUG (as4, AS4))
967 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
968 " peeking for as4",
969 peer->host, length);
970 /* the error cases we DONT handle, we ONLY try to read as4 out of
971 * correctly formatted options.
972 */
973 while (stream_get_getp(s) < end)
974 {
975 u_char opt_type;
976 u_char opt_length;
977
978 /* Check the length. */
979 if (stream_get_getp (s) + 2 > end)
980 goto end;
981
982 /* Fetch option type and length. */
983 opt_type = stream_getc (s);
984 opt_length = stream_getc (s);
985
986 /* Option length check. */
987 if (stream_get_getp (s) + opt_length > end)
988 goto end;
989
990 if (opt_type == BGP_OPEN_OPT_CAP)
991 {
992 unsigned long capd_start = stream_get_getp (s);
993 unsigned long capd_end = capd_start + opt_length;
994
995 assert (capd_end <= end);
996
997 while (stream_get_getp (s) < capd_end)
998 {
999 struct capability_header hdr;
1000
1001 if (stream_get_getp (s) + 2 > capd_end)
1002 goto end;
1003
1004 hdr.code = stream_getc (s);
1005 hdr.length = stream_getc (s);
1006
1007 if ((stream_get_getp(s) + hdr.length) > capd_end)
1008 goto end;
1009
1010 if (hdr.code == CAPABILITY_CODE_AS4)
1011 {
1012 if (BGP_DEBUG (as4, AS4))
1013 zlog_info ("[AS4] found AS4 capability, about to parse");
1014 as4 = bgp_capability_as4 (peer, &hdr);
1015
1016 goto end;
1017 }
1018 stream_forward_getp (s, hdr.length);
1019 }
1020 }
1021 }
1022
1023 end:
1024 stream_set_getp (s, orig_getp);
1025 return as4;
1026 }
1027
1028 /**
1029 * Parse open option.
1030 *
1031 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
1032 */
1033 int
1034 bgp_open_option_parse (struct peer *peer, u_char length, int *mp_capability)
1035 {
1036 int ret = 0;
1037 u_char *error;
1038 u_char error_data[BGP_MAX_PACKET_SIZE];
1039 struct stream *s = BGP_INPUT(peer);
1040 size_t end = stream_get_getp (s) + length;
1041
1042 error = error_data;
1043
1044 if (bgp_debug_neighbor_events(peer))
1045 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
1046 peer->host, length);
1047
1048 while (stream_get_getp(s) < end)
1049 {
1050 u_char opt_type;
1051 u_char opt_length;
1052
1053 /* Must have at least an OPEN option header */
1054 if (STREAM_READABLE(s) < 2)
1055 {
1056 zlog_info ("%s Option length error", peer->host);
1057 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1058 return -1;
1059 }
1060
1061 /* Fetch option type and length. */
1062 opt_type = stream_getc (s);
1063 opt_length = stream_getc (s);
1064
1065 /* Option length check. */
1066 if (STREAM_READABLE (s) < opt_length)
1067 {
1068 zlog_info ("%s Option length error", peer->host);
1069 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR, BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1070 return -1;
1071 }
1072
1073 if (bgp_debug_neighbor_events(peer))
1074 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
1075 peer->host, opt_type,
1076 opt_type == BGP_OPEN_OPT_AUTH ? "Authentication" :
1077 opt_type == BGP_OPEN_OPT_CAP ? "Capability" : "Unknown",
1078 opt_length);
1079
1080 switch (opt_type)
1081 {
1082 case BGP_OPEN_OPT_AUTH:
1083 ret = bgp_auth_parse (peer, opt_length);
1084 break;
1085 case BGP_OPEN_OPT_CAP:
1086 ret = bgp_capability_parse (peer, opt_length, mp_capability, &error);
1087 break;
1088 default:
1089 bgp_notify_send (peer,
1090 BGP_NOTIFY_OPEN_ERR,
1091 BGP_NOTIFY_OPEN_UNSUP_PARAM);
1092 ret = -1;
1093 break;
1094 }
1095
1096 /* Parse error. To accumulate all unsupported capability codes,
1097 bgp_capability_parse does not return -1 when encounter
1098 unsupported capability code. To detect that, please check
1099 error and erro_data pointer, like below. */
1100 if (ret < 0)
1101 return -1;
1102 }
1103
1104 /* All OPEN option is parsed. Check capability when strict compare
1105 flag is enabled.*/
1106 if (CHECK_FLAG (peer->flags, PEER_FLAG_STRICT_CAP_MATCH))
1107 {
1108 /* If Unsupported Capability exists. */
1109 if (error != error_data)
1110 {
1111 bgp_notify_send_with_data (peer,
1112 BGP_NOTIFY_OPEN_ERR,
1113 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1114 error_data, error - error_data);
1115 return -1;
1116 }
1117
1118 /* Check local capability does not negotiated with remote
1119 peer. */
1120 if (! strict_capability_same (peer))
1121 {
1122 bgp_notify_send (peer,
1123 BGP_NOTIFY_OPEN_ERR,
1124 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1125 return -1;
1126 }
1127 }
1128
1129 /* Check there are no common AFI/SAFIs and send Unsupported Capability
1130 error. */
1131 if (*mp_capability &&
1132 ! CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
1133 {
1134 if (! peer->afc_nego[AFI_IP][SAFI_UNICAST]
1135 && ! peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1136 && ! peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1137 && ! peer->afc_nego[AFI_IP][SAFI_ENCAP]
1138 && ! peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1139 && ! peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1140 && ! peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1141 && ! peer->afc_nego[AFI_IP6][SAFI_ENCAP])
1142 {
1143 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
1144 "overlap with received MP capabilities",
1145 peer->host);
1146
1147 if (error != error_data)
1148 bgp_notify_send_with_data (peer,
1149 BGP_NOTIFY_OPEN_ERR,
1150 BGP_NOTIFY_OPEN_UNSUP_CAPBL,
1151 error_data, error - error_data);
1152 else
1153 bgp_notify_send (peer,
1154 BGP_NOTIFY_OPEN_ERR,
1155 BGP_NOTIFY_OPEN_UNSUP_CAPBL);
1156 return -1;
1157 }
1158 }
1159 return 0;
1160 }
1161
1162 static void
1163 bgp_open_capability_orf (struct stream *s, struct peer *peer,
1164 afi_t afi, safi_t safi, u_char code)
1165 {
1166 u_char cap_len;
1167 u_char orf_len;
1168 unsigned long capp;
1169 unsigned long orfp;
1170 unsigned long numberp;
1171 int number_of_orfs = 0;
1172
1173 if (safi == SAFI_MPLS_VPN)
1174 safi = SAFI_MPLS_LABELED_VPN;
1175
1176 stream_putc (s, BGP_OPEN_OPT_CAP);
1177 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1178 stream_putc (s, 0); /* Capability Length */
1179 stream_putc (s, code); /* Capability Code */
1180 orfp = stream_get_endp (s); /* Set ORF Len Pointer */
1181 stream_putc (s, 0); /* ORF Length */
1182 stream_putw (s, afi);
1183 stream_putc (s, 0);
1184 stream_putc (s, safi);
1185 numberp = stream_get_endp (s); /* Set Number Pointer */
1186 stream_putc (s, 0); /* Number of ORFs */
1187
1188 /* Address Prefix ORF */
1189 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1190 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1191 {
1192 stream_putc (s, (code == CAPABILITY_CODE_ORF ?
1193 ORF_TYPE_PREFIX : ORF_TYPE_PREFIX_OLD));
1194
1195 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1196 && CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1197 {
1198 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1199 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1200 stream_putc (s, ORF_MODE_BOTH);
1201 }
1202 else if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM))
1203 {
1204 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_SM_ADV);
1205 stream_putc (s, ORF_MODE_SEND);
1206 }
1207 else
1208 {
1209 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ORF_PREFIX_RM_ADV);
1210 stream_putc (s, ORF_MODE_RECEIVE);
1211 }
1212 number_of_orfs++;
1213 }
1214
1215 /* Total Number of ORFs. */
1216 stream_putc_at (s, numberp, number_of_orfs);
1217
1218 /* Total ORF Len. */
1219 orf_len = stream_get_endp (s) - orfp - 1;
1220 stream_putc_at (s, orfp, orf_len);
1221
1222 /* Total Capability Len. */
1223 cap_len = stream_get_endp (s) - capp - 1;
1224 stream_putc_at (s, capp, cap_len);
1225 }
1226
1227 /* Fill in capability open option to the packet. */
1228 void
1229 bgp_open_capability (struct stream *s, struct peer *peer)
1230 {
1231 u_char len;
1232 unsigned long cp, capp, rcapp;
1233 afi_t afi;
1234 safi_t safi;
1235 as_t local_as;
1236 u_int32_t restart_time;
1237 u_char afi_safi_count = 0;
1238 struct utsname names;
1239 int adv_addpath_tx = 0;
1240
1241 /* Remember current pointer for Opt Parm Len. */
1242 cp = stream_get_endp (s);
1243
1244 /* Opt Parm Len. */
1245 stream_putc (s, 0);
1246
1247 /* Do not send capability. */
1248 if (! CHECK_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN)
1249 || CHECK_FLAG (peer->flags, PEER_FLAG_DONT_CAPABILITY))
1250 return;
1251
1252 /* IPv4 unicast. */
1253 if (peer->afc[AFI_IP][SAFI_UNICAST])
1254 {
1255 peer->afc_adv[AFI_IP][SAFI_UNICAST] = 1;
1256 stream_putc (s, BGP_OPEN_OPT_CAP);
1257 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1258 stream_putc (s, CAPABILITY_CODE_MP);
1259 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1260 stream_putw (s, AFI_IP);
1261 stream_putc (s, 0);
1262 stream_putc (s, SAFI_UNICAST);
1263 }
1264 /* IPv4 multicast. */
1265 if (peer->afc[AFI_IP][SAFI_MULTICAST])
1266 {
1267 peer->afc_adv[AFI_IP][SAFI_MULTICAST] = 1;
1268 stream_putc (s, BGP_OPEN_OPT_CAP);
1269 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1270 stream_putc (s, CAPABILITY_CODE_MP);
1271 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1272 stream_putw (s, AFI_IP);
1273 stream_putc (s, 0);
1274 stream_putc (s, SAFI_MULTICAST);
1275 }
1276 /* IPv4 VPN */
1277 if (peer->afc[AFI_IP][SAFI_MPLS_VPN])
1278 {
1279 peer->afc_adv[AFI_IP][SAFI_MPLS_VPN] = 1;
1280 stream_putc (s, BGP_OPEN_OPT_CAP);
1281 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1282 stream_putc (s, CAPABILITY_CODE_MP);
1283 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1284 stream_putw (s, AFI_IP);
1285 stream_putc (s, 0);
1286 stream_putc (s, SAFI_MPLS_LABELED_VPN);
1287 }
1288 /* ENCAP */
1289 if (peer->afc[AFI_IP][SAFI_ENCAP])
1290 {
1291 peer->afc_adv[AFI_IP][SAFI_ENCAP] = 1;
1292 stream_putc (s, BGP_OPEN_OPT_CAP);
1293 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1294 stream_putc (s, CAPABILITY_CODE_MP);
1295 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1296 stream_putw (s, AFI_IP);
1297 stream_putc (s, 0);
1298 stream_putc (s, SAFI_ENCAP);
1299 }
1300 #ifdef HAVE_IPV6
1301 /* Currently supporting RFC-5549 for Link-Local peering only */
1302 if (CHECK_FLAG (peer->flags, PEER_FLAG_CAPABILITY_ENHE) &&
1303 peer->su.sa.sa_family == AF_INET6 &&
1304 IN6_IS_ADDR_LINKLOCAL(&peer->su.sin6.sin6_addr))
1305 {
1306 /* RFC 5549 Extended Next Hop Encoding */
1307 SET_FLAG (peer->cap, PEER_CAP_ENHE_ADV);
1308 stream_putc (s, BGP_OPEN_OPT_CAP);
1309 stream_putc (s, CAPABILITY_CODE_ENHE_LEN + 2);
1310 stream_putc (s, CAPABILITY_CODE_ENHE);
1311 stream_putc (s, CAPABILITY_CODE_ENHE_LEN);
1312 /* Currently supporting for SAFI_UNICAST only */
1313 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_ADV);
1314 stream_putw (s, AFI_IP);
1315 stream_putw (s, SAFI_UNICAST);
1316 stream_putw (s, AFI_IP6);
1317
1318 if (CHECK_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_RCV))
1319 SET_FLAG (peer->af_cap[AFI_IP][SAFI_UNICAST], PEER_CAP_ENHE_AF_NEGO);
1320 }
1321 /* IPv6 unicast. */
1322 if (peer->afc[AFI_IP6][SAFI_UNICAST])
1323 {
1324 peer->afc_adv[AFI_IP6][SAFI_UNICAST] = 1;
1325 stream_putc (s, BGP_OPEN_OPT_CAP);
1326 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1327 stream_putc (s, CAPABILITY_CODE_MP);
1328 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1329 stream_putw (s, AFI_IP6);
1330 stream_putc (s, 0);
1331 stream_putc (s, SAFI_UNICAST);
1332 }
1333 /* IPv6 multicast. */
1334 if (peer->afc[AFI_IP6][SAFI_MULTICAST])
1335 {
1336 peer->afc_adv[AFI_IP6][SAFI_MULTICAST] = 1;
1337 stream_putc (s, BGP_OPEN_OPT_CAP);
1338 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1339 stream_putc (s, CAPABILITY_CODE_MP);
1340 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1341 stream_putw (s, AFI_IP6);
1342 stream_putc (s, 0);
1343 stream_putc (s, SAFI_MULTICAST);
1344 }
1345 /* IPv6 VPN. */
1346 if (peer->afc[AFI_IP6][SAFI_MPLS_VPN])
1347 {
1348 peer->afc_adv[AFI_IP6][SAFI_MPLS_VPN] = 1;
1349 stream_putc (s, BGP_OPEN_OPT_CAP);
1350 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1351 stream_putc (s, CAPABILITY_CODE_MP);
1352 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1353 stream_putw (s, AFI_IP6);
1354 stream_putc (s, 0);
1355 stream_putc (s, SAFI_MPLS_LABELED_VPN);
1356 }
1357 /* IPv6 ENCAP. */
1358 if (peer->afc[AFI_IP6][SAFI_ENCAP])
1359 {
1360 peer->afc_adv[AFI_IP6][SAFI_ENCAP] = 1;
1361 stream_putc (s, BGP_OPEN_OPT_CAP);
1362 stream_putc (s, CAPABILITY_CODE_MP_LEN + 2);
1363 stream_putc (s, CAPABILITY_CODE_MP);
1364 stream_putc (s, CAPABILITY_CODE_MP_LEN);
1365 stream_putw (s, AFI_IP6);
1366 stream_putc (s, 0);
1367 stream_putc (s, SAFI_ENCAP);
1368 }
1369 #endif /* HAVE_IPV6 */
1370
1371 /* Route refresh. */
1372 SET_FLAG (peer->cap, PEER_CAP_REFRESH_ADV);
1373 stream_putc (s, BGP_OPEN_OPT_CAP);
1374 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1375 stream_putc (s, CAPABILITY_CODE_REFRESH_OLD);
1376 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1377 stream_putc (s, BGP_OPEN_OPT_CAP);
1378 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN + 2);
1379 stream_putc (s, CAPABILITY_CODE_REFRESH);
1380 stream_putc (s, CAPABILITY_CODE_REFRESH_LEN);
1381
1382 /* AS4 */
1383 SET_FLAG (peer->cap, PEER_CAP_AS4_ADV);
1384 stream_putc (s, BGP_OPEN_OPT_CAP);
1385 stream_putc (s, CAPABILITY_CODE_AS4_LEN + 2);
1386 stream_putc (s, CAPABILITY_CODE_AS4);
1387 stream_putc (s, CAPABILITY_CODE_AS4_LEN);
1388 if ( peer->change_local_as )
1389 local_as = peer->change_local_as;
1390 else
1391 local_as = peer->local_as;
1392 stream_putl (s, local_as );
1393
1394 /* AddPath */
1395 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1396 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1397 if (peer->afc[afi][safi])
1398 {
1399 afi_safi_count++;
1400
1401 /* Only advertise addpath TX if a feature that will use it is
1402 * configured */
1403 if (CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_ALL_PATHS) ||
1404 CHECK_FLAG(peer->af_flags[afi][safi], PEER_FLAG_ADDPATH_TX_BESTPATH_PER_AS))
1405 adv_addpath_tx = 1;
1406 }
1407
1408 SET_FLAG (peer->cap, PEER_CAP_ADDPATH_ADV);
1409 stream_putc (s, BGP_OPEN_OPT_CAP);
1410 stream_putc (s, (CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count) + 2);
1411 stream_putc (s, CAPABILITY_CODE_ADDPATH);
1412 stream_putc (s, CAPABILITY_CODE_ADDPATH_LEN * afi_safi_count);
1413
1414 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1415 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1416 if (peer->afc[afi][safi])
1417 {
1418 stream_putw (s, afi);
1419 stream_putc (s, safi);
1420
1421 if (adv_addpath_tx)
1422 {
1423 stream_putc (s, BGP_ADDPATH_RX|BGP_ADDPATH_TX);
1424 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1425 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1426 }
1427 else
1428 {
1429 stream_putc (s, BGP_ADDPATH_RX);
1430 SET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_RX_ADV);
1431 UNSET_FLAG (peer->af_cap[afi][safi], PEER_CAP_ADDPATH_AF_TX_ADV);
1432 }
1433 }
1434
1435 /* ORF capability. */
1436 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1437 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1438 if (CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_SM)
1439 || CHECK_FLAG (peer->af_flags[afi][safi], PEER_FLAG_ORF_PREFIX_RM))
1440 {
1441 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF_OLD);
1442 bgp_open_capability_orf (s, peer, afi, safi, CAPABILITY_CODE_ORF);
1443 }
1444
1445 /* Dynamic capability. */
1446 if (CHECK_FLAG (peer->flags, PEER_FLAG_DYNAMIC_CAPABILITY))
1447 {
1448 SET_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV);
1449 stream_putc (s, BGP_OPEN_OPT_CAP);
1450 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1451 stream_putc (s, CAPABILITY_CODE_DYNAMIC_OLD);
1452 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1453 stream_putc (s, BGP_OPEN_OPT_CAP);
1454 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN + 2);
1455 stream_putc (s, CAPABILITY_CODE_DYNAMIC);
1456 stream_putc (s, CAPABILITY_CODE_DYNAMIC_LEN);
1457 }
1458
1459 /* Hostname capability */
1460 uname(&names);
1461 if (names.nodename[0] != '\0')
1462 {
1463 SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
1464 stream_putc (s, BGP_OPEN_OPT_CAP);
1465 rcapp = stream_get_endp(s); /* Ptr to length placeholder */
1466 stream_putc(s, 0); /* dummy len for now */
1467 stream_putc (s, CAPABILITY_CODE_FQDN);
1468 capp = stream_get_endp(s);
1469 stream_putc(s, 0); /* dummy len for now */
1470 len = strlen(names.nodename);
1471 if (len > BGP_MAX_HOSTNAME)
1472 len = BGP_MAX_HOSTNAME;
1473
1474 stream_putc(s, len);
1475 stream_put(s, names.nodename, len);
1476 #ifdef _GNU_SOURCE
1477 if ((names.domainname[0] != '\0') &&
1478 (strcmp(names.domainname, "(none)") != 0))
1479 {
1480 len = strlen(names.domainname);
1481 if (len > BGP_MAX_HOSTNAME)
1482 len = BGP_MAX_HOSTNAME;
1483
1484 stream_putc(s, len);
1485 stream_put(s, names.domainname, len);
1486 }
1487 else
1488 #endif
1489 {
1490 stream_putc(s, 0); /* 0 length */
1491 }
1492
1493 /* Set the lengths straight */
1494 len = stream_get_endp(s) - rcapp - 1;
1495 stream_putc_at(s, rcapp, len);
1496 len = stream_get_endp(s) - capp - 1;
1497 stream_putc_at(s, capp, len);
1498
1499 if (bgp_debug_neighbor_events(peer))
1500 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1501 peer->host, names.nodename, names.domainname);
1502 }
1503
1504 /* Sending base graceful-restart capability irrespective of the config */
1505 SET_FLAG (peer->cap, PEER_CAP_RESTART_ADV);
1506 stream_putc (s, BGP_OPEN_OPT_CAP);
1507 capp = stream_get_endp (s); /* Set Capability Len Pointer */
1508 stream_putc (s, 0); /* Capability Length */
1509 stream_putc (s, CAPABILITY_CODE_RESTART);
1510 rcapp = stream_get_endp (s); /* Set Restart Capability Len Pointer */
1511 stream_putc (s, 0);
1512 restart_time = peer->bgp->restart_time;
1513 if (peer->bgp->t_startup)
1514 {
1515 SET_FLAG (restart_time, RESTART_R_BIT);
1516 SET_FLAG (peer->cap, PEER_CAP_RESTART_BIT_ADV);
1517 }
1518 stream_putw (s, restart_time);
1519
1520 /* Send address-family specific graceful-restart capability only when GR config
1521 is present */
1522 if (bgp_flag_check (peer->bgp, BGP_FLAG_GRACEFUL_RESTART))
1523 {
1524 for (afi = AFI_IP ; afi < AFI_MAX ; afi++)
1525 for (safi = SAFI_UNICAST ; safi < SAFI_MAX ; safi++)
1526 if (peer->afc[afi][safi])
1527 {
1528 stream_putw (s, afi);
1529 stream_putc (s, safi);
1530 stream_putc (s, 0); //Forwarding is not retained as of now.
1531 }
1532 }
1533
1534 /* Total Graceful restart capability Len. */
1535 len = stream_get_endp (s) - rcapp - 1;
1536 stream_putc_at (s, rcapp, len);
1537
1538 /* Total Capability Len. */
1539 len = stream_get_endp (s) - capp - 1;
1540 stream_putc_at (s, capp, len);
1541
1542 /* Total Opt Parm Len. */
1543 len = stream_get_endp (s) - cp - 1;
1544 stream_putc_at (s, cp, len);
1545 }
FRRouting mirror