1 /* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
4 This file is part of GNU Zebra.
6 GNU Zebra is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
11 GNU Zebra is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Zebra; see the file COPYING. If not, write to the Free
18 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
31 #include "bgpd/bgpd.h"
32 #include "bgpd/bgp_attr.h"
33 #include "bgpd/bgp_debug.h"
34 #include "bgpd/bgp_fsm.h"
35 #include "bgpd/bgp_packet.h"
36 #include "bgpd/bgp_open.h"
37 #include "bgpd/bgp_aspath.h"
38 #include "bgpd/bgp_vty.h"
40 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
41 negotiate remote peer supports extentions or not. But if
42 remote-peer doesn't supports negotiation process itself. We would
43 like to do manual configuration.
45 So there is many configurable point. First of all we want set each
46 peer whether we send capability negotiation to the peer or not.
47 Next, if we send capability to the peer we want to set my capabilty
48 inforation at each peer. */
51 bgp_capability_vty_out (struct vty
*vty
, struct peer
*peer
)
55 struct capability_mp_data mpc
;
56 struct capability_header
*hdr
;
58 pnt
= peer
->notify
.data
;
59 end
= pnt
+ peer
->notify
.length
;
63 if (pnt
+ sizeof (struct capability_mp_data
) + 2 > end
)
66 hdr
= (struct capability_header
*)pnt
;
67 if (pnt
+ hdr
->length
+ 2 > end
)
70 memcpy (&mpc
, pnt
+ 2, sizeof(struct capability_mp_data
));
72 if (hdr
->code
== CAPABILITY_CODE_MP
)
74 vty_out (vty
, " Capability error for: Multi protocol ");
76 switch (ntohs (mpc
.afi
))
79 vty_out (vty
, "AFI IPv4, ");
82 vty_out (vty
, "AFI IPv6, ");
85 vty_out (vty
, "AFI Unknown %d, ", ntohs (mpc
.afi
));
91 vty_out (vty
, "SAFI Unicast");
94 vty_out (vty
, "SAFI Multicast");
96 case SAFI_UNICAST_MULTICAST
:
97 vty_out (vty
, "SAFI Unicast Multicast");
100 vty_out (vty
, "SAFI MPLS-VPN");
103 vty_out (vty
, "SAFI Unknown %d ", mpc
.safi
);
106 vty_out (vty
, "%s", VTY_NEWLINE
);
108 else if (hdr
->code
>= 128)
109 vty_out (vty
, " Capability error: vendor specific capability code %d",
112 vty_out (vty
, " Capability error: unknown capability code %d",
115 pnt
+= hdr
->length
+ 2;
120 bgp_capability_mp_data (struct stream
*s
, struct capability_mp_data
*mpc
)
122 mpc
->afi
= stream_getw (s
);
123 mpc
->reserved
= stream_getc (s
);
124 mpc
->safi
= stream_getc (s
);
128 bgp_afi_safi_valid_indices (afi_t afi
, safi_t
*safi
)
130 /* VPNvX are AFI specific */
131 if ((afi
== AFI_IP6
&& *safi
== BGP_SAFI_VPNV4
)
132 || (afi
== AFI_IP
&& *safi
== BGP_SAFI_VPNV6
))
134 zlog_warn ("Invalid afi/safi combination (%u/%u)", afi
, *safi
);
146 /* BGP VPNvX SAFI isn't contigious with others, remap */
149 *safi
= SAFI_MPLS_VPN
;
156 zlog_debug ("unknown afi/safi (%u/%u)", afi
, *safi
);
161 /* Set negotiated capability value. */
163 bgp_capability_mp (struct peer
*peer
, struct capability_header
*hdr
)
165 struct capability_mp_data mpc
;
166 struct stream
*s
= BGP_INPUT (peer
);
168 bgp_capability_mp_data (s
, &mpc
);
170 if (BGP_DEBUG (normal
, NORMAL
))
171 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
172 peer
->host
, mpc
.afi
, mpc
.safi
);
174 if (!bgp_afi_safi_valid_indices (mpc
.afi
, &mpc
.safi
))
177 /* Now safi remapped, and afi/safi are valid array indices */
178 peer
->afc_recv
[mpc
.afi
][mpc
.safi
] = 1;
180 if (peer
->afc
[mpc
.afi
][mpc
.safi
])
181 peer
->afc_nego
[mpc
.afi
][mpc
.safi
] = 1;
189 bgp_capability_orf_not_support (struct peer
*peer
, afi_t afi
, safi_t safi
,
190 u_char type
, u_char mode
)
192 if (BGP_DEBUG (normal
, NORMAL
))
193 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
194 peer
->host
, afi
, safi
, type
, mode
);
197 static struct message orf_type_str
[] =
199 { ORF_TYPE_PREFIX
, "Prefixlist" },
200 { ORF_TYPE_PREFIX_OLD
, "Prefixlist (old)" },
202 static int orf_type_str_max
= sizeof(orf_type_str
)/sizeof(orf_type_str
[0]);
204 static struct message orf_mode_str
[] =
206 { ORF_MODE_RECEIVE
, "Receive" },
207 { ORF_MODE_SEND
, "Send" },
208 { ORF_MODE_BOTH
, "Both" },
210 static int orf_mode_str_max
= sizeof(orf_mode_str
)/sizeof(orf_mode_str
[0]);
213 bgp_capability_orf_entry (struct peer
*peer
, struct capability_header
*hdr
)
215 struct stream
*s
= BGP_INPUT (peer
);
216 struct capability_orf_entry entry
;
221 u_int16_t sm_cap
= 0; /* capability send-mode receive */
222 u_int16_t rm_cap
= 0; /* capability receive-mode receive */
225 /* ORF Entry header */
226 bgp_capability_mp_data (s
, &entry
.mpc
);
227 entry
.num
= stream_getc (s
);
229 safi
= entry
.mpc
.safi
;
231 if (BGP_DEBUG (normal
, NORMAL
))
232 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
233 peer
->host
, entry
.mpc
.afi
, entry
.mpc
.safi
);
235 /* Check AFI and SAFI. */
236 if (!bgp_afi_safi_valid_indices (entry
.mpc
.afi
, &safi
))
238 zlog_info ("%s Addr-family %d/%d not supported."
239 " Ignoring the ORF capability",
240 peer
->host
, entry
.mpc
.afi
, entry
.mpc
.safi
);
244 /* validate number field */
245 if (sizeof (struct capability_orf_entry
) + (entry
.num
* 2) > hdr
->length
)
247 zlog_info ("%s ORF Capability entry length error,"
248 " Cap length %u, num %u",
249 peer
->host
, hdr
->length
, entry
.num
);
250 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
254 for (i
= 0 ; i
< entry
.num
; i
++)
256 type
= stream_getc(s
);
257 mode
= stream_getc(s
);
259 /* ORF Mode error check */
264 case ORF_MODE_RECEIVE
:
267 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
270 /* ORF Type and afi/safi error checks */
271 /* capcode versus type */
274 case CAPABILITY_CODE_ORF
:
277 case ORF_TYPE_PREFIX
:
280 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
284 case CAPABILITY_CODE_ORF_OLD
:
287 case ORF_TYPE_PREFIX_OLD
:
290 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
295 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
300 if (!((afi
== AFI_IP
&& safi
== SAFI_UNICAST
)
301 || (afi
== AFI_IP
&& safi
== SAFI_MULTICAST
)
302 || (afi
== AFI_IP6
&& safi
== SAFI_UNICAST
)))
304 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
308 if (BGP_DEBUG (normal
, NORMAL
))
309 zlog_debug ("%s OPEN has %s ORF capability"
310 " as %s for afi/safi: %d/%d",
311 peer
->host
, LOOKUP (orf_type_str
, type
),
312 LOOKUP (orf_mode_str
, mode
),
313 entry
.mpc
.afi
, safi
);
315 if (hdr
->code
== CAPABILITY_CODE_ORF
)
317 sm_cap
= PEER_CAP_ORF_PREFIX_SM_RCV
;
318 rm_cap
= PEER_CAP_ORF_PREFIX_RM_RCV
;
320 else if (hdr
->code
== CAPABILITY_CODE_ORF_OLD
)
322 sm_cap
= PEER_CAP_ORF_PREFIX_SM_OLD_RCV
;
323 rm_cap
= PEER_CAP_ORF_PREFIX_RM_OLD_RCV
;
327 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
334 SET_FLAG (peer
->af_cap
[afi
][safi
], sm_cap
);
335 SET_FLAG (peer
->af_cap
[afi
][safi
], rm_cap
);
338 SET_FLAG (peer
->af_cap
[afi
][safi
], sm_cap
);
340 case ORF_MODE_RECEIVE
:
341 SET_FLAG (peer
->af_cap
[afi
][safi
], rm_cap
);
349 bgp_capability_orf (struct peer
*peer
, struct capability_header
*hdr
)
351 struct stream
*s
= BGP_INPUT (peer
);
352 size_t end
= stream_get_getp (s
) + hdr
->length
;
354 assert (stream_get_getp(s
) + sizeof(struct capability_orf_entry
) <= end
);
356 /* We must have at least one ORF entry, as the caller has already done
357 * minimum length validation for the capability code - for ORF there must
358 * at least one ORF entry (header and unknown number of pairs of bytes).
362 if (bgp_capability_orf_entry (peer
, hdr
) == -1)
365 while (stream_get_getp(s
) + sizeof(struct capability_orf_entry
) < end
);
371 bgp_capability_restart (struct peer
*peer
, struct capability_header
*caphdr
)
373 struct stream
*s
= BGP_INPUT (peer
);
374 u_int16_t restart_flag_time
;
376 size_t end
= stream_get_getp (s
) + caphdr
->length
;
378 SET_FLAG (peer
->cap
, PEER_CAP_RESTART_RCV
);
379 restart_flag_time
= stream_getw(s
);
380 if (CHECK_FLAG (restart_flag_time
, RESTART_R_BIT
))
382 UNSET_FLAG (restart_flag_time
, 0xF000);
383 peer
->v_gr_restart
= restart_flag_time
;
385 if (BGP_DEBUG (normal
, NORMAL
))
387 zlog_debug ("%s OPEN has Graceful Restart capability", peer
->host
);
388 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
389 peer
->host
, restart_bit
? " " : " not ",
393 while (stream_get_getp (s
) + 4 < end
)
395 afi_t afi
= stream_getw (s
);
396 safi_t safi
= stream_getc (s
);
397 u_char flag
= stream_getc (s
);
399 if (!bgp_afi_safi_valid_indices (afi
, &safi
))
401 if (BGP_DEBUG (normal
, NORMAL
))
402 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
403 " Ignore the Graceful Restart capability",
404 peer
->host
, afi
, safi
);
406 else if (!peer
->afc
[afi
][safi
])
408 if (BGP_DEBUG (normal
, NORMAL
))
409 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
410 " Ignore the Graceful Restart capability",
411 peer
->host
, afi
, safi
);
415 if (BGP_DEBUG (normal
, NORMAL
))
416 zlog_debug ("%s Address family %s is%spreserved", peer
->host
,
417 afi_safi_print (afi
, safi
),
418 CHECK_FLAG (peer
->af_cap
[afi
][safi
],
419 PEER_CAP_RESTART_AF_PRESERVE_RCV
)
422 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_RESTART_AF_RCV
);
423 if (CHECK_FLAG (flag
, RESTART_F_BIT
))
424 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_RESTART_AF_PRESERVE_RCV
);
432 bgp_capability_as4 (struct peer
*peer
, struct capability_header
*hdr
)
434 as_t as4
= stream_getl (BGP_INPUT(peer
));
436 if (BGP_DEBUG (as4
, AS4
))
437 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
439 SET_FLAG (peer
->cap
, PEER_CAP_AS4_RCV
);
444 static struct message capcode_str
[] =
446 { CAPABILITY_CODE_MP
, "MultiProtocol Extensions" },
447 { CAPABILITY_CODE_REFRESH
, "Route Refresh" },
448 { CAPABILITY_CODE_ORF
, "Cooperative Route Filtering" },
449 { CAPABILITY_CODE_RESTART
, "Graceful Restart" },
450 { CAPABILITY_CODE_AS4
, "4-octet AS number" },
451 { CAPABILITY_CODE_DYNAMIC
, "Dynamic" },
452 { CAPABILITY_CODE_REFRESH_OLD
, "Route Refresh (Old)" },
453 { CAPABILITY_CODE_ORF_OLD
, "ORF (Old)" },
455 int capcode_str_max
= sizeof(capcode_str
)/sizeof(capcode_str
[0]);
457 /* Minimum sizes for length field of each cap (so not inc. the header) */
458 static size_t cap_minsizes
[] =
460 [CAPABILITY_CODE_MP
] = sizeof (struct capability_mp_data
),
461 [CAPABILITY_CODE_REFRESH
] = CAPABILITY_CODE_REFRESH_LEN
,
462 [CAPABILITY_CODE_ORF
] = sizeof (struct capability_orf_entry
),
463 [CAPABILITY_CODE_RESTART
] = sizeof (struct capability_gr
),
464 [CAPABILITY_CODE_AS4
] = CAPABILITY_CODE_AS4_LEN
,
465 [CAPABILITY_CODE_DYNAMIC
] = CAPABILITY_CODE_DYNAMIC_LEN
,
466 [CAPABILITY_CODE_REFRESH_OLD
] = CAPABILITY_CODE_REFRESH_LEN
,
467 [CAPABILITY_CODE_ORF_OLD
] = sizeof (struct capability_orf_entry
),
470 /* Parse given capability.
471 * XXX: This is reading into a stream, but not using stream API
474 bgp_capability_parse (struct peer
*peer
, size_t length
, u_char
**error
)
477 struct stream
*s
= BGP_INPUT (peer
);
478 size_t end
= stream_get_getp (s
) + length
;
480 assert (STREAM_READABLE (s
) >= length
);
482 while (stream_get_getp (s
) < end
)
485 u_char
*sp
= stream_pnt (s
);
486 struct capability_header caphdr
;
488 /* We need at least capability code and capability length. */
489 if (stream_get_getp(s
) + 2 > end
)
491 zlog_info ("%s Capability length error (< header)", peer
->host
);
492 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
496 caphdr
.code
= stream_getc (s
);
497 caphdr
.length
= stream_getc (s
);
498 start
= stream_get_getp (s
);
500 /* Capability length check sanity check. */
501 if (start
+ caphdr
.length
> end
)
503 zlog_info ("%s Capability length error (< length)", peer
->host
);
504 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
508 if (BGP_DEBUG (normal
, NORMAL
))
509 zlog_debug ("%s OPEN has %s capability (%u), length %u",
511 LOOKUP (capcode_str
, caphdr
.code
),
512 caphdr
.code
, caphdr
.length
);
514 /* Length sanity check, type-specific, for known capabilities */
517 case CAPABILITY_CODE_MP
:
518 case CAPABILITY_CODE_REFRESH
:
519 case CAPABILITY_CODE_REFRESH_OLD
:
520 case CAPABILITY_CODE_ORF
:
521 case CAPABILITY_CODE_ORF_OLD
:
522 case CAPABILITY_CODE_RESTART
:
523 case CAPABILITY_CODE_AS4
:
524 case CAPABILITY_CODE_DYNAMIC
:
526 if (caphdr
.length
< cap_minsizes
[caphdr
.code
])
528 zlog_info ("%s %s Capability length error: got %u,"
529 " expected at least %u",
531 LOOKUP (capcode_str
, caphdr
.code
),
532 caphdr
.length
, cap_minsizes
[caphdr
.code
]);
533 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
536 /* we deliberately ignore unknown codes, see below */
543 case CAPABILITY_CODE_MP
:
545 /* Ignore capability when override-capability is set. */
546 if (! CHECK_FLAG (peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
))
548 /* Set negotiated value. */
549 ret
= bgp_capability_mp (peer
, &caphdr
);
551 /* Unsupported Capability. */
554 /* Store return data. */
555 memcpy (*error
, sp
, caphdr
.length
+ 2);
556 *error
+= caphdr
.length
+ 2;
561 case CAPABILITY_CODE_REFRESH
:
562 case CAPABILITY_CODE_REFRESH_OLD
:
564 /* BGP refresh capability */
565 if (caphdr
.code
== CAPABILITY_CODE_REFRESH_OLD
)
566 SET_FLAG (peer
->cap
, PEER_CAP_REFRESH_OLD_RCV
);
568 SET_FLAG (peer
->cap
, PEER_CAP_REFRESH_NEW_RCV
);
571 case CAPABILITY_CODE_ORF
:
572 case CAPABILITY_CODE_ORF_OLD
:
573 if (bgp_capability_orf (peer
, &caphdr
))
576 case CAPABILITY_CODE_RESTART
:
577 if (bgp_capability_restart (peer
, &caphdr
))
580 case CAPABILITY_CODE_DYNAMIC
:
581 SET_FLAG (peer
->cap
, PEER_CAP_DYNAMIC_RCV
);
583 case CAPABILITY_CODE_AS4
:
584 /* Already handled as a special-case parsing of the capabilities
585 * at the beginning of OPEN processing. So we care not a jot
586 * for the value really, only error case.
588 if (!bgp_capability_as4 (peer
, &caphdr
))
592 if (caphdr
.code
> 128)
594 /* We don't send Notification for unknown vendor specific
595 capabilities. It seems reasonable for now... */
596 zlog_warn ("%s Vendor specific capability %d",
597 peer
->host
, caphdr
.code
);
601 zlog_warn ("%s unrecognized capability code: %d - ignored",
602 peer
->host
, caphdr
.code
);
603 memcpy (*error
, sp
, caphdr
.length
+ 2);
604 *error
+= caphdr
.length
+ 2;
607 if (stream_get_getp(s
) != (start
+ caphdr
.length
))
609 if (stream_get_getp(s
) > (start
+ caphdr
.length
))
610 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
611 peer
->host
, LOOKUP (capcode_str
, caphdr
.code
),
613 stream_set_getp (s
, start
+ caphdr
.length
);
620 bgp_auth_parse (struct peer
*peer
, size_t length
)
622 bgp_notify_send (peer
,
624 BGP_NOTIFY_OPEN_AUTH_FAILURE
);
629 strict_capability_same (struct peer
*peer
)
633 for (i
= AFI_IP
; i
< AFI_MAX
; i
++)
634 for (j
= SAFI_UNICAST
; j
< SAFI_MAX
; j
++)
635 if (peer
->afc
[i
][j
] != peer
->afc_nego
[i
][j
])
640 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
641 * Returns 0 if no as4 found, as4cap value otherwise.
644 peek_for_as4_capability (struct peer
*peer
, u_char length
)
646 struct stream
*s
= BGP_INPUT (peer
);
647 size_t orig_getp
= stream_get_getp (s
);
648 size_t end
= orig_getp
+ length
;
651 /* The full capability parser will better flag the error.. */
652 if (STREAM_READABLE(s
) < length
)
655 if (BGP_DEBUG (as4
, AS4
))
656 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
659 /* the error cases we DONT handle, we ONLY try to read as4 out of
660 * correctly formatted options.
662 while (stream_get_getp(s
) < end
)
667 /* Check the length. */
668 if (stream_get_getp (s
) + 2 > end
)
671 /* Fetch option type and length. */
672 opt_type
= stream_getc (s
);
673 opt_length
= stream_getc (s
);
675 /* Option length check. */
676 if (stream_get_getp (s
) + opt_length
> end
)
679 if (opt_type
== BGP_OPEN_OPT_CAP
)
681 unsigned long capd_start
= stream_get_getp (s
);
682 unsigned long capd_end
= capd_start
+ opt_length
;
684 assert (capd_end
<= end
);
686 while (stream_get_getp (s
) < capd_end
)
688 struct capability_header hdr
;
690 if (stream_get_getp (s
) + 2 > capd_end
)
693 hdr
.code
= stream_getc (s
);
694 hdr
.length
= stream_getc (s
);
696 if ((stream_get_getp(s
) + hdr
.length
) > capd_end
)
699 if (hdr
.code
== CAPABILITY_CODE_AS4
)
701 if (hdr
.length
!= CAPABILITY_CODE_AS4_LEN
)
704 if (BGP_DEBUG (as4
, AS4
))
705 zlog_info ("[AS4] found AS4 capability, about to parse");
706 as4
= bgp_capability_as4 (peer
, &hdr
);
710 stream_forward_getp (s
, hdr
.length
);
716 stream_set_getp (s
, orig_getp
);
720 /* Parse open option */
722 bgp_open_option_parse (struct peer
*peer
, u_char length
, int *capability
)
726 u_char error_data
[BGP_MAX_PACKET_SIZE
];
727 struct stream
*s
= BGP_INPUT(peer
);
728 size_t end
= stream_get_getp (s
) + length
;
733 if (BGP_DEBUG (normal
, NORMAL
))
734 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
737 while (stream_get_getp(s
) < end
)
742 /* Must have at least an OPEN option header */
743 if (STREAM_READABLE(s
) < 2)
745 zlog_info ("%s Option length error", peer
->host
);
746 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
750 /* Fetch option type and length. */
751 opt_type
= stream_getc (s
);
752 opt_length
= stream_getc (s
);
754 /* Option length check. */
755 if (STREAM_READABLE (s
) < opt_length
)
757 zlog_info ("%s Option length error", peer
->host
);
758 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
762 if (BGP_DEBUG (normal
, NORMAL
))
763 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
764 peer
->host
, opt_type
,
765 opt_type
== BGP_OPEN_OPT_AUTH
? "Authentication" :
766 opt_type
== BGP_OPEN_OPT_CAP
? "Capability" : "Unknown",
771 case BGP_OPEN_OPT_AUTH
:
772 ret
= bgp_auth_parse (peer
, opt_length
);
774 case BGP_OPEN_OPT_CAP
:
775 ret
= bgp_capability_parse (peer
, opt_length
, &error
);
779 bgp_notify_send (peer
,
781 BGP_NOTIFY_OPEN_UNSUP_PARAM
);
786 /* Parse error. To accumulate all unsupported capability codes,
787 bgp_capability_parse does not return -1 when encounter
788 unsupported capability code. To detect that, please check
789 error and erro_data pointer, like below. */
794 /* All OPEN option is parsed. Check capability when strict compare
796 if (CHECK_FLAG (peer
->flags
, PEER_FLAG_STRICT_CAP_MATCH
))
798 /* If Unsupported Capability exists. */
799 if (error
!= error_data
)
801 bgp_notify_send_with_data (peer
,
803 BGP_NOTIFY_OPEN_UNSUP_CAPBL
,
804 error_data
, error
- error_data
);
808 /* Check local capability does not negotiated with remote
810 if (! strict_capability_same (peer
))
812 bgp_notify_send (peer
,
814 BGP_NOTIFY_OPEN_UNSUP_CAPBL
);
819 /* Check there is no common capability send Unsupported Capability
821 if (*capability
&& ! CHECK_FLAG (peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
))
823 if (! peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
]
824 && ! peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
]
825 && ! peer
->afc_nego
[AFI_IP
][SAFI_MPLS_VPN
]
826 && ! peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
]
827 && ! peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
])
829 plog_err (peer
->log
, "%s [Error] No common capability", peer
->host
);
831 if (error
!= error_data
)
833 bgp_notify_send_with_data (peer
,
835 BGP_NOTIFY_OPEN_UNSUP_CAPBL
,
836 error_data
, error
- error_data
);
838 bgp_notify_send (peer
,
840 BGP_NOTIFY_OPEN_UNSUP_CAPBL
);
848 bgp_open_capability_orf (struct stream
*s
, struct peer
*peer
,
849 afi_t afi
, safi_t safi
, u_char code
)
855 unsigned long numberp
;
856 int number_of_orfs
= 0;
858 if (safi
== SAFI_MPLS_VPN
)
859 safi
= BGP_SAFI_VPNV4
;
861 stream_putc (s
, BGP_OPEN_OPT_CAP
);
862 capp
= stream_get_endp (s
); /* Set Capability Len Pointer */
863 stream_putc (s
, 0); /* Capability Length */
864 stream_putc (s
, code
); /* Capability Code */
865 orfp
= stream_get_endp (s
); /* Set ORF Len Pointer */
866 stream_putc (s
, 0); /* ORF Length */
867 stream_putw (s
, afi
);
869 stream_putc (s
, safi
);
870 numberp
= stream_get_endp (s
); /* Set Number Pointer */
871 stream_putc (s
, 0); /* Number of ORFs */
873 /* Address Prefix ORF */
874 if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
875 || CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
))
877 stream_putc (s
, (code
== CAPABILITY_CODE_ORF
?
878 ORF_TYPE_PREFIX
: ORF_TYPE_PREFIX_OLD
));
880 if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
881 && CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
))
883 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_SM_ADV
);
884 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_RM_ADV
);
885 stream_putc (s
, ORF_MODE_BOTH
);
887 else if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
))
889 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_SM_ADV
);
890 stream_putc (s
, ORF_MODE_SEND
);
894 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_RM_ADV
);
895 stream_putc (s
, ORF_MODE_RECEIVE
);
900 /* Total Number of ORFs. */
901 stream_putc_at (s
, numberp
, number_of_orfs
);
904 orf_len
= stream_get_endp (s
) - orfp
- 1;
905 stream_putc_at (s
, orfp
, orf_len
);
907 /* Total Capability Len. */
908 cap_len
= stream_get_endp (s
) - capp
- 1;
909 stream_putc_at (s
, capp
, cap_len
);
912 /* Fill in capability open option to the packet. */
914 bgp_open_capability (struct stream
*s
, struct peer
*peer
)
922 /* Remember current pointer for Opt Parm Len. */
923 cp
= stream_get_endp (s
);
928 /* Do not send capability. */
929 if (! CHECK_FLAG (peer
->sflags
, PEER_STATUS_CAPABILITY_OPEN
)
930 || CHECK_FLAG (peer
->flags
, PEER_FLAG_DONT_CAPABILITY
))
934 if (peer
->afc
[AFI_IP
][SAFI_UNICAST
])
936 peer
->afc_adv
[AFI_IP
][SAFI_UNICAST
] = 1;
937 stream_putc (s
, BGP_OPEN_OPT_CAP
);
938 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
939 stream_putc (s
, CAPABILITY_CODE_MP
);
940 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
941 stream_putw (s
, AFI_IP
);
943 stream_putc (s
, SAFI_UNICAST
);
945 /* IPv4 multicast. */
946 if (peer
->afc
[AFI_IP
][SAFI_MULTICAST
])
948 peer
->afc_adv
[AFI_IP
][SAFI_MULTICAST
] = 1;
949 stream_putc (s
, BGP_OPEN_OPT_CAP
);
950 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
951 stream_putc (s
, CAPABILITY_CODE_MP
);
952 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
953 stream_putw (s
, AFI_IP
);
955 stream_putc (s
, SAFI_MULTICAST
);
958 if (peer
->afc
[AFI_IP
][SAFI_MPLS_VPN
])
960 peer
->afc_adv
[AFI_IP
][SAFI_MPLS_VPN
] = 1;
961 stream_putc (s
, BGP_OPEN_OPT_CAP
);
962 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
963 stream_putc (s
, CAPABILITY_CODE_MP
);
964 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
965 stream_putw (s
, AFI_IP
);
967 stream_putc (s
, BGP_SAFI_VPNV4
);
971 if (peer
->afc
[AFI_IP6
][SAFI_UNICAST
])
973 peer
->afc_adv
[AFI_IP6
][SAFI_UNICAST
] = 1;
974 stream_putc (s
, BGP_OPEN_OPT_CAP
);
975 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
976 stream_putc (s
, CAPABILITY_CODE_MP
);
977 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
978 stream_putw (s
, AFI_IP6
);
980 stream_putc (s
, SAFI_UNICAST
);
982 /* IPv6 multicast. */
983 if (peer
->afc
[AFI_IP6
][SAFI_MULTICAST
])
985 peer
->afc_adv
[AFI_IP6
][SAFI_MULTICAST
] = 1;
986 stream_putc (s
, BGP_OPEN_OPT_CAP
);
987 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
988 stream_putc (s
, CAPABILITY_CODE_MP
);
989 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
990 stream_putw (s
, AFI_IP6
);
992 stream_putc (s
, SAFI_MULTICAST
);
994 #endif /* HAVE_IPV6 */
997 SET_FLAG (peer
->cap
, PEER_CAP_REFRESH_ADV
);
998 stream_putc (s
, BGP_OPEN_OPT_CAP
);
999 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
+ 2);
1000 stream_putc (s
, CAPABILITY_CODE_REFRESH_OLD
);
1001 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
);
1002 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1003 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
+ 2);
1004 stream_putc (s
, CAPABILITY_CODE_REFRESH
);
1005 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
);
1008 SET_FLAG (peer
->cap
, PEER_CAP_AS4_ADV
);
1009 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1010 stream_putc (s
, CAPABILITY_CODE_AS4_LEN
+ 2);
1011 stream_putc (s
, CAPABILITY_CODE_AS4
);
1012 stream_putc (s
, CAPABILITY_CODE_AS4_LEN
);
1013 if ( peer
->change_local_as
)
1014 local_as
= peer
->change_local_as
;
1016 local_as
= peer
->local_as
;
1017 stream_putl (s
, local_as
);
1019 /* ORF capability. */
1020 for (afi
= AFI_IP
; afi
< AFI_MAX
; afi
++)
1021 for (safi
= SAFI_UNICAST
; safi
< SAFI_MAX
; safi
++)
1022 if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
1023 || CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
))
1025 bgp_open_capability_orf (s
, peer
, afi
, safi
, CAPABILITY_CODE_ORF_OLD
);
1026 bgp_open_capability_orf (s
, peer
, afi
, safi
, CAPABILITY_CODE_ORF
);
1029 /* Dynamic capability. */
1030 if (CHECK_FLAG (peer
->flags
, PEER_FLAG_DYNAMIC_CAPABILITY
))
1032 SET_FLAG (peer
->cap
, PEER_CAP_DYNAMIC_ADV
);
1033 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1034 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2);
1035 stream_putc (s
, CAPABILITY_CODE_DYNAMIC
);
1036 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_LEN
);
1039 /* Graceful restart capability */
1040 if (bgp_flag_check (peer
->bgp
, BGP_FLAG_GRACEFUL_RESTART
))
1042 SET_FLAG (peer
->cap
, PEER_CAP_RESTART_ADV
);
1043 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1044 stream_putc (s
, CAPABILITY_CODE_RESTART_LEN
+ 2);
1045 stream_putc (s
, CAPABILITY_CODE_RESTART
);
1046 stream_putc (s
, CAPABILITY_CODE_RESTART_LEN
);
1047 stream_putw (s
, peer
->bgp
->restart_time
);
1050 /* Total Opt Parm Len. */
1051 len
= stream_get_endp (s
) - cp
- 1;
1052 stream_putc_at (s
, cp
, len
);