1 /* BGP open message handling
2 Copyright (C) 1998, 1999 Kunihiro Ishiguro
4 This file is part of GNU Zebra.
6 GNU Zebra is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
11 GNU Zebra is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with GNU Zebra; see the file COPYING. If not, write to the Free
18 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
32 #include "bgpd/bgpd.h"
33 #include "bgpd/bgp_attr.h"
34 #include "bgpd/bgp_debug.h"
35 #include "bgpd/bgp_fsm.h"
36 #include "bgpd/bgp_packet.h"
37 #include "bgpd/bgp_open.h"
38 #include "bgpd/bgp_aspath.h"
39 #include "bgpd/bgp_vty.h"
41 /* BGP-4 Multiprotocol Extentions lead us to the complex world. We can
42 negotiate remote peer supports extentions or not. But if
43 remote-peer doesn't supports negotiation process itself. We would
44 like to do manual configuration.
46 So there is many configurable point. First of all we want set each
47 peer whether we send capability negotiation to the peer or not.
48 Next, if we send capability to the peer we want to set my capabilty
49 inforation at each peer. */
52 bgp_capability_vty_out (struct vty
*vty
, struct peer
*peer
)
56 struct capability_mp_data mpc
;
57 struct capability_header
*hdr
;
59 pnt
= peer
->notify
.data
;
60 end
= pnt
+ peer
->notify
.length
;
64 if (pnt
+ sizeof (struct capability_mp_data
) + 2 > end
)
67 hdr
= (struct capability_header
*)pnt
;
68 if (pnt
+ hdr
->length
+ 2 > end
)
71 memcpy (&mpc
, pnt
+ 2, sizeof(struct capability_mp_data
));
73 if (hdr
->code
== CAPABILITY_CODE_MP
)
75 vty_out (vty
, " Capability error for: Multi protocol ");
77 switch (ntohs (mpc
.afi
))
80 vty_out (vty
, "AFI IPv4, ");
83 vty_out (vty
, "AFI IPv6, ");
86 vty_out (vty
, "AFI Unknown %d, ", ntohs (mpc
.afi
));
92 vty_out (vty
, "SAFI Unicast");
95 vty_out (vty
, "SAFI Multicast");
97 case SAFI_MPLS_LABELED_VPN
:
98 vty_out (vty
, "SAFI MPLS-labeled VPN");
101 vty_out (vty
, "SAFI Unknown %d ", mpc
.safi
);
104 vty_out (vty
, "%s", VTY_NEWLINE
);
106 else if (hdr
->code
>= 128)
107 vty_out (vty
, " Capability error: vendor specific capability code %d",
110 vty_out (vty
, " Capability error: unknown capability code %d",
113 pnt
+= hdr
->length
+ 2;
118 bgp_capability_mp_data (struct stream
*s
, struct capability_mp_data
*mpc
)
120 mpc
->afi
= stream_getw (s
);
121 mpc
->reserved
= stream_getc (s
);
122 mpc
->safi
= stream_getc (s
);
126 bgp_afi_safi_valid_indices (afi_t afi
, safi_t
*safi
)
136 /* BGP MPLS-labeled VPN SAFI isn't contigious with others, remap */
137 case SAFI_MPLS_LABELED_VPN
:
138 *safi
= SAFI_MPLS_VPN
;
145 zlog_debug ("unknown afi/safi (%u/%u)", afi
, *safi
);
150 /* Set negotiated capability value. */
152 bgp_capability_mp (struct peer
*peer
, struct capability_header
*hdr
)
154 struct capability_mp_data mpc
;
155 struct stream
*s
= BGP_INPUT (peer
);
157 bgp_capability_mp_data (s
, &mpc
);
159 if (bgp_debug_neighbor_events(peer
))
160 zlog_debug ("%s OPEN has MP_EXT CAP for afi/safi: %u/%u",
161 peer
->host
, mpc
.afi
, mpc
.safi
);
163 if (!bgp_afi_safi_valid_indices (mpc
.afi
, &mpc
.safi
))
166 /* Now safi remapped, and afi/safi are valid array indices */
167 peer
->afc_recv
[mpc
.afi
][mpc
.safi
] = 1;
169 if (peer
->afc
[mpc
.afi
][mpc
.safi
])
170 peer
->afc_nego
[mpc
.afi
][mpc
.safi
] = 1;
178 bgp_capability_orf_not_support (struct peer
*peer
, afi_t afi
, safi_t safi
,
179 u_char type
, u_char mode
)
181 if (bgp_debug_neighbor_events(peer
))
182 zlog_debug ("%s Addr-family %d/%d has ORF type/mode %d/%d not supported",
183 peer
->host
, afi
, safi
, type
, mode
);
186 static const struct message orf_type_str
[] =
188 { ORF_TYPE_PREFIX
, "Prefixlist" },
189 { ORF_TYPE_PREFIX_OLD
, "Prefixlist (old)" },
191 static const int orf_type_str_max
= array_size(orf_type_str
);
193 static const struct message orf_mode_str
[] =
195 { ORF_MODE_RECEIVE
, "Receive" },
196 { ORF_MODE_SEND
, "Send" },
197 { ORF_MODE_BOTH
, "Both" },
199 static const int orf_mode_str_max
= array_size(orf_mode_str
);
202 bgp_capability_orf_entry (struct peer
*peer
, struct capability_header
*hdr
)
204 struct stream
*s
= BGP_INPUT (peer
);
205 struct capability_orf_entry entry
;
210 u_int16_t sm_cap
= 0; /* capability send-mode receive */
211 u_int16_t rm_cap
= 0; /* capability receive-mode receive */
214 /* ORF Entry header */
215 bgp_capability_mp_data (s
, &entry
.mpc
);
216 entry
.num
= stream_getc (s
);
218 safi
= entry
.mpc
.safi
;
220 if (bgp_debug_neighbor_events(peer
))
221 zlog_debug ("%s ORF Cap entry for afi/safi: %u/%u",
222 peer
->host
, entry
.mpc
.afi
, entry
.mpc
.safi
);
224 /* Check AFI and SAFI. */
225 if (!bgp_afi_safi_valid_indices (entry
.mpc
.afi
, &safi
))
227 zlog_info ("%s Addr-family %d/%d not supported."
228 " Ignoring the ORF capability",
229 peer
->host
, entry
.mpc
.afi
, entry
.mpc
.safi
);
233 /* validate number field */
234 if (sizeof (struct capability_orf_entry
) + (entry
.num
* 2) > hdr
->length
)
236 zlog_info ("%s ORF Capability entry length error,"
237 " Cap length %u, num %u",
238 peer
->host
, hdr
->length
, entry
.num
);
239 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
243 for (i
= 0 ; i
< entry
.num
; i
++)
245 type
= stream_getc(s
);
246 mode
= stream_getc(s
);
248 /* ORF Mode error check */
253 case ORF_MODE_RECEIVE
:
256 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
259 /* ORF Type and afi/safi error checks */
260 /* capcode versus type */
263 case CAPABILITY_CODE_ORF
:
266 case ORF_TYPE_PREFIX
:
269 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
273 case CAPABILITY_CODE_ORF_OLD
:
276 case ORF_TYPE_PREFIX_OLD
:
279 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
284 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
289 if (!((afi
== AFI_IP
&& safi
== SAFI_UNICAST
)
290 || (afi
== AFI_IP
&& safi
== SAFI_MULTICAST
)
291 || (afi
== AFI_IP6
&& safi
== SAFI_UNICAST
)))
293 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
297 if (bgp_debug_neighbor_events(peer
))
298 zlog_debug ("%s OPEN has %s ORF capability"
299 " as %s for afi/safi: %d/%d",
300 peer
->host
, LOOKUP (orf_type_str
, type
),
301 LOOKUP (orf_mode_str
, mode
),
302 entry
.mpc
.afi
, safi
);
304 if (hdr
->code
== CAPABILITY_CODE_ORF
)
306 sm_cap
= PEER_CAP_ORF_PREFIX_SM_RCV
;
307 rm_cap
= PEER_CAP_ORF_PREFIX_RM_RCV
;
309 else if (hdr
->code
== CAPABILITY_CODE_ORF_OLD
)
311 sm_cap
= PEER_CAP_ORF_PREFIX_SM_OLD_RCV
;
312 rm_cap
= PEER_CAP_ORF_PREFIX_RM_OLD_RCV
;
316 bgp_capability_orf_not_support (peer
, afi
, safi
, type
, mode
);
323 SET_FLAG (peer
->af_cap
[afi
][safi
], sm_cap
);
324 SET_FLAG (peer
->af_cap
[afi
][safi
], rm_cap
);
327 SET_FLAG (peer
->af_cap
[afi
][safi
], sm_cap
);
329 case ORF_MODE_RECEIVE
:
330 SET_FLAG (peer
->af_cap
[afi
][safi
], rm_cap
);
338 bgp_capability_restart (struct peer
*peer
, struct capability_header
*caphdr
)
340 struct stream
*s
= BGP_INPUT (peer
);
341 u_int16_t restart_flag_time
;
343 size_t end
= stream_get_getp (s
) + caphdr
->length
;
345 SET_FLAG (peer
->cap
, PEER_CAP_RESTART_RCV
);
346 restart_flag_time
= stream_getw(s
);
347 if (CHECK_FLAG (restart_flag_time
, RESTART_R_BIT
))
349 SET_FLAG (peer
->cap
, PEER_CAP_RESTART_BIT_RCV
);
352 UNSET_FLAG (restart_flag_time
, 0xF000);
353 peer
->v_gr_restart
= restart_flag_time
;
355 if (bgp_debug_neighbor_events(peer
))
357 zlog_debug ("%s OPEN has Graceful Restart capability", peer
->host
);
358 zlog_debug ("%s Peer has%srestarted. Restart Time : %d",
359 peer
->host
, restart_bit
? " " : " not ",
363 while (stream_get_getp (s
) + 4 <= end
)
365 afi_t afi
= stream_getw (s
);
366 safi_t safi
= stream_getc (s
);
367 u_char flag
= stream_getc (s
);
369 if (!bgp_afi_safi_valid_indices (afi
, &safi
))
371 if (bgp_debug_neighbor_events(peer
))
372 zlog_debug ("%s Addr-family %d/%d(afi/safi) not supported."
373 " Ignore the Graceful Restart capability",
374 peer
->host
, afi
, safi
);
376 else if (!peer
->afc
[afi
][safi
])
378 if (bgp_debug_neighbor_events(peer
))
379 zlog_debug ("%s Addr-family %d/%d(afi/safi) not enabled."
380 " Ignore the Graceful Restart capability",
381 peer
->host
, afi
, safi
);
385 if (bgp_debug_neighbor_events(peer
))
386 zlog_debug ("%s Address family %s is%spreserved", peer
->host
,
387 afi_safi_print (afi
, safi
),
388 CHECK_FLAG (peer
->af_cap
[afi
][safi
],
389 PEER_CAP_RESTART_AF_PRESERVE_RCV
)
392 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_RESTART_AF_RCV
);
393 if (CHECK_FLAG (flag
, RESTART_F_BIT
))
394 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_RESTART_AF_PRESERVE_RCV
);
402 bgp_capability_as4 (struct peer
*peer
, struct capability_header
*hdr
)
404 SET_FLAG (peer
->cap
, PEER_CAP_AS4_RCV
);
406 if (hdr
->length
!= CAPABILITY_CODE_AS4_LEN
)
408 zlog_err ("%s AS4 capability has incorrect data length %d",
409 peer
->host
, hdr
->length
);
413 as_t as4
= stream_getl (BGP_INPUT(peer
));
415 if (BGP_DEBUG (as4
, AS4
))
416 zlog_debug ("%s [AS4] about to set cap PEER_CAP_AS4_RCV, got as4 %u",
422 bgp_capability_addpath (struct peer
*peer
, struct capability_header
*hdr
)
424 struct stream
*s
= BGP_INPUT (peer
);
425 size_t end
= stream_get_getp (s
) + hdr
->length
;
427 SET_FLAG (peer
->cap
, PEER_CAP_ADDPATH_RCV
);
429 while (stream_get_getp (s
) + 4 <= end
)
431 afi_t afi
= stream_getw (s
);
432 safi_t safi
= stream_getc (s
);
433 u_char send_receive
= stream_getc (s
);
435 if (bgp_debug_neighbor_events(peer
))
436 zlog_debug ("%s OPEN has AddPath CAP for afi/safi: %u/%u%s%s",
437 peer
->host
, afi
, safi
,
438 (send_receive
& BGP_ADDPATH_RX
) ? ", receive" : "",
439 (send_receive
& BGP_ADDPATH_TX
) ? ", transmit" : "");
441 if (!bgp_afi_safi_valid_indices (afi
, &safi
))
444 if (send_receive
& BGP_ADDPATH_RX
)
445 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ADDPATH_AF_RX_RCV
);
447 if (send_receive
& BGP_ADDPATH_TX
)
448 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ADDPATH_AF_TX_RCV
);
455 bgp_capability_hostname (struct peer
*peer
, struct capability_header
*hdr
)
457 struct stream
*s
= BGP_INPUT (peer
);
458 char str
[BGP_MAX_HOSTNAME
+1];
459 size_t end
= stream_get_getp (s
) + hdr
->length
;
462 SET_FLAG(peer
->cap
, PEER_CAP_HOSTNAME_RCV
);
464 len
= stream_getc(s
);
465 if (stream_get_getp(s
) + len
> end
)
467 zlog_warn("%s: Received malformed hostname capability from peer %s",
468 __FUNCTION__
, peer
->host
);
472 if (len
> BGP_MAX_HOSTNAME
)
474 stream_get(str
, s
, BGP_MAX_HOSTNAME
);
475 stream_forward_getp(s
, len
-BGP_MAX_HOSTNAME
);
476 len
= BGP_MAX_HOSTNAME
; /* to set the '\0' below */
479 stream_get(str
, s
, len
);
485 if (peer
->hostname
!= NULL
)
486 XFREE(MTYPE_HOST
, peer
->hostname
);
488 if (peer
->domainname
!= NULL
)
489 XFREE(MTYPE_HOST
, peer
->domainname
);
491 peer
->hostname
= XSTRDUP(MTYPE_HOST
, str
);
494 if (stream_get_getp(s
) +1 > end
)
496 zlog_warn("%s: Received invalid domain name len (hostname capability) from peer %s",
497 __FUNCTION__
, peer
->host
);
501 len
= stream_getc(s
);
502 if (stream_get_getp(s
) + len
> end
)
504 zlog_warn("%s: Received runt domain name (hostname capability) from peer %s",
505 __FUNCTION__
, peer
->host
);
509 if (len
> BGP_MAX_HOSTNAME
)
511 stream_get(str
, s
, BGP_MAX_HOSTNAME
);
512 stream_forward_getp(s
, len
-BGP_MAX_HOSTNAME
);
513 len
= BGP_MAX_HOSTNAME
; /* to set the '\0' below */
516 stream_get(str
, s
, len
);
521 peer
->domainname
= XSTRDUP(MTYPE_HOST
, str
);
524 if (bgp_debug_neighbor_events(peer
))
526 zlog_debug("%s received hostname %s, domainname %s",
527 peer
->host
, peer
->hostname
, peer
->domainname
);
534 bgp_capability_enhe (struct peer
*peer
, struct capability_header
*hdr
)
536 struct stream
*s
= BGP_INPUT (peer
);
537 size_t end
= stream_get_getp (s
) + hdr
->length
;
539 while (stream_get_getp (s
) + 6 <= end
)
541 afi_t afi
= stream_getw (s
);
542 safi_t safi
= stream_getw (s
);
543 afi_t nh_afi
= stream_getw (s
);
545 if (bgp_debug_neighbor_events(peer
))
546 zlog_debug ("%s Received with value triple (afi/safi/next-hop afi): %u/%u/%u",
547 peer
->host
, afi
, safi
, nh_afi
);
549 if (!bgp_afi_safi_valid_indices (afi
, &safi
))
552 if (afi
!= AFI_IP
|| nh_afi
!= AFI_IP6
)
554 zlog_warn ("%s Extended Next-hop capability, wrong afi/next-hop afi: %u/%u",
555 peer
->host
, afi
, nh_afi
);
559 /* Until SAFIs other than SAFI_UNICAST are supported */
560 if (safi
!= SAFI_UNICAST
)
561 zlog_warn ("%s Extended Next-hop capability came with unsupported SAFI: %u",
564 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ENHE_AF_RCV
);
566 if (CHECK_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ENHE_AF_ADV
))
567 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ENHE_AF_NEGO
);
570 SET_FLAG (peer
->cap
, PEER_CAP_ENHE_RCV
);
575 static const struct message capcode_str
[] =
577 { CAPABILITY_CODE_MP
, "MultiProtocol Extensions" },
578 { CAPABILITY_CODE_REFRESH
, "Route Refresh" },
579 { CAPABILITY_CODE_ORF
, "Cooperative Route Filtering" },
580 { CAPABILITY_CODE_RESTART
, "Graceful Restart" },
581 { CAPABILITY_CODE_AS4
, "4-octet AS number" },
582 { CAPABILITY_CODE_ADDPATH
, "AddPath" },
583 { CAPABILITY_CODE_DYNAMIC
, "Dynamic" },
584 { CAPABILITY_CODE_ENHE
, "Extended Next Hop Encoding" },
585 { CAPABILITY_CODE_DYNAMIC_OLD
, "Dynamic (Old)" },
586 { CAPABILITY_CODE_REFRESH_OLD
, "Route Refresh (Old)" },
587 { CAPABILITY_CODE_ORF_OLD
, "ORF (Old)" },
588 { CAPABILITY_CODE_HOSTNAME
, "Hostname" },
590 static const int capcode_str_max
= array_size(capcode_str
);
592 /* Minimum sizes for length field of each cap (so not inc. the header) */
593 static const size_t cap_minsizes
[] =
595 [CAPABILITY_CODE_MP
] = sizeof (struct capability_mp_data
),
596 [CAPABILITY_CODE_REFRESH
] = CAPABILITY_CODE_REFRESH_LEN
,
597 [CAPABILITY_CODE_ORF
] = sizeof (struct capability_orf_entry
),
598 [CAPABILITY_CODE_RESTART
] = sizeof (struct capability_gr
),
599 [CAPABILITY_CODE_AS4
] = CAPABILITY_CODE_AS4_LEN
,
600 [CAPABILITY_CODE_ADDPATH
] = CAPABILITY_CODE_ADDPATH_LEN
,
601 [CAPABILITY_CODE_DYNAMIC
] = CAPABILITY_CODE_DYNAMIC_LEN
,
602 [CAPABILITY_CODE_DYNAMIC_OLD
] = CAPABILITY_CODE_DYNAMIC_LEN
,
603 [CAPABILITY_CODE_ENHE
] = CAPABILITY_CODE_ENHE_LEN
,
604 [CAPABILITY_CODE_REFRESH_OLD
] = CAPABILITY_CODE_REFRESH_LEN
,
605 [CAPABILITY_CODE_ORF_OLD
] = sizeof (struct capability_orf_entry
),
606 [CAPABILITY_CODE_HOSTNAME
] = CAPABILITY_CODE_MIN_HOSTNAME_LEN
,
610 * Parse given capability.
611 * XXX: This is reading into a stream, but not using stream API
613 * @param[out] mp_capability Set to 1 on return iff one or more Multiprotocol
614 * capabilities were encountered.
617 bgp_capability_parse (struct peer
*peer
, size_t length
, int *mp_capability
,
621 struct stream
*s
= BGP_INPUT (peer
);
622 size_t end
= stream_get_getp (s
) + length
;
624 assert (STREAM_READABLE (s
) >= length
);
626 while (stream_get_getp (s
) < end
)
629 u_char
*sp
= stream_pnt (s
);
630 struct capability_header caphdr
;
632 /* We need at least capability code and capability length. */
633 if (stream_get_getp(s
) + 2 > end
)
635 zlog_info ("%s Capability length error (< header)", peer
->host
);
636 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
640 caphdr
.code
= stream_getc (s
);
641 caphdr
.length
= stream_getc (s
);
642 start
= stream_get_getp (s
);
644 /* Capability length check sanity check. */
645 if (start
+ caphdr
.length
> end
)
647 zlog_info ("%s Capability length error (< length)", peer
->host
);
648 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
652 if (bgp_debug_neighbor_events(peer
))
653 zlog_debug ("%s OPEN has %s capability (%u), length %u",
655 LOOKUP (capcode_str
, caphdr
.code
),
656 caphdr
.code
, caphdr
.length
);
658 /* Length sanity check, type-specific, for known capabilities */
661 case CAPABILITY_CODE_MP
:
662 case CAPABILITY_CODE_REFRESH
:
663 case CAPABILITY_CODE_REFRESH_OLD
:
664 case CAPABILITY_CODE_ORF
:
665 case CAPABILITY_CODE_ORF_OLD
:
666 case CAPABILITY_CODE_RESTART
:
667 case CAPABILITY_CODE_AS4
:
668 case CAPABILITY_CODE_ADDPATH
:
669 case CAPABILITY_CODE_DYNAMIC
:
670 case CAPABILITY_CODE_DYNAMIC_OLD
:
671 case CAPABILITY_CODE_ENHE
:
672 case CAPABILITY_CODE_HOSTNAME
:
674 if (caphdr
.length
< cap_minsizes
[caphdr
.code
])
676 zlog_info ("%s %s Capability length error: got %u,"
677 " expected at least %u",
679 LOOKUP (capcode_str
, caphdr
.code
),
681 (unsigned) cap_minsizes
[caphdr
.code
]);
682 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
685 /* we deliberately ignore unknown codes, see below */
692 case CAPABILITY_CODE_MP
:
696 /* Ignore capability when override-capability is set. */
697 if (! CHECK_FLAG (peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
))
699 /* Set negotiated value. */
700 ret
= bgp_capability_mp (peer
, &caphdr
);
702 /* Unsupported Capability. */
705 /* Store return data. */
706 memcpy (*error
, sp
, caphdr
.length
+ 2);
707 *error
+= caphdr
.length
+ 2;
712 case CAPABILITY_CODE_REFRESH
:
713 case CAPABILITY_CODE_REFRESH_OLD
:
715 /* BGP refresh capability */
716 if (caphdr
.code
== CAPABILITY_CODE_REFRESH_OLD
)
717 SET_FLAG (peer
->cap
, PEER_CAP_REFRESH_OLD_RCV
);
719 SET_FLAG (peer
->cap
, PEER_CAP_REFRESH_NEW_RCV
);
722 case CAPABILITY_CODE_ORF
:
723 case CAPABILITY_CODE_ORF_OLD
:
724 if (bgp_capability_orf_entry (peer
, &caphdr
))
727 case CAPABILITY_CODE_RESTART
:
728 if (bgp_capability_restart (peer
, &caphdr
))
731 case CAPABILITY_CODE_DYNAMIC
:
732 case CAPABILITY_CODE_DYNAMIC_OLD
:
733 SET_FLAG (peer
->cap
, PEER_CAP_DYNAMIC_RCV
);
735 case CAPABILITY_CODE_AS4
:
736 /* Already handled as a special-case parsing of the capabilities
737 * at the beginning of OPEN processing. So we care not a jot
738 * for the value really, only error case.
740 if (!bgp_capability_as4 (peer
, &caphdr
))
743 case CAPABILITY_CODE_ADDPATH
:
744 if (bgp_capability_addpath (peer
, &caphdr
))
747 case CAPABILITY_CODE_HOSTNAME
:
748 if (bgp_capability_hostname (peer
, &caphdr
))
751 case CAPABILITY_CODE_ENHE
:
752 if (bgp_capability_enhe (peer
, &caphdr
))
756 if (caphdr
.code
> 128)
758 /* We don't send Notification for unknown vendor specific
759 capabilities. It seems reasonable for now... */
760 zlog_warn ("%s Vendor specific capability %d",
761 peer
->host
, caphdr
.code
);
765 zlog_warn ("%s unrecognized capability code: %d - ignored",
766 peer
->host
, caphdr
.code
);
767 memcpy (*error
, sp
, caphdr
.length
+ 2);
768 *error
+= caphdr
.length
+ 2;
771 if (stream_get_getp(s
) != (start
+ caphdr
.length
))
773 if (stream_get_getp(s
) > (start
+ caphdr
.length
))
774 zlog_warn ("%s Cap-parser for %s read past cap-length, %u!",
775 peer
->host
, LOOKUP (capcode_str
, caphdr
.code
),
777 stream_set_getp (s
, start
+ caphdr
.length
);
784 bgp_auth_parse (struct peer
*peer
, size_t length
)
786 bgp_notify_send (peer
,
788 BGP_NOTIFY_OPEN_AUTH_FAILURE
);
793 strict_capability_same (struct peer
*peer
)
797 for (i
= AFI_IP
; i
< AFI_MAX
; i
++)
798 for (j
= SAFI_UNICAST
; j
< SAFI_MAX
; j
++)
799 if (peer
->afc
[i
][j
] != peer
->afc_nego
[i
][j
])
804 /* peek into option, stores ASN to *as4 if the AS4 capability was found.
805 * Returns 0 if no as4 found, as4cap value otherwise.
808 peek_for_as4_capability (struct peer
*peer
, u_char length
)
810 struct stream
*s
= BGP_INPUT (peer
);
811 size_t orig_getp
= stream_get_getp (s
);
812 size_t end
= orig_getp
+ length
;
815 /* The full capability parser will better flag the error.. */
816 if (STREAM_READABLE(s
) < length
)
819 if (BGP_DEBUG (as4
, AS4
))
820 zlog_info ("%s [AS4] rcv OPEN w/ OPTION parameter len: %u,"
823 /* the error cases we DONT handle, we ONLY try to read as4 out of
824 * correctly formatted options.
826 while (stream_get_getp(s
) < end
)
831 /* Check the length. */
832 if (stream_get_getp (s
) + 2 > end
)
835 /* Fetch option type and length. */
836 opt_type
= stream_getc (s
);
837 opt_length
= stream_getc (s
);
839 /* Option length check. */
840 if (stream_get_getp (s
) + opt_length
> end
)
843 if (opt_type
== BGP_OPEN_OPT_CAP
)
845 unsigned long capd_start
= stream_get_getp (s
);
846 unsigned long capd_end
= capd_start
+ opt_length
;
848 assert (capd_end
<= end
);
850 while (stream_get_getp (s
) < capd_end
)
852 struct capability_header hdr
;
854 if (stream_get_getp (s
) + 2 > capd_end
)
857 hdr
.code
= stream_getc (s
);
858 hdr
.length
= stream_getc (s
);
860 if ((stream_get_getp(s
) + hdr
.length
) > capd_end
)
863 if (hdr
.code
== CAPABILITY_CODE_AS4
)
865 if (BGP_DEBUG (as4
, AS4
))
866 zlog_info ("[AS4] found AS4 capability, about to parse");
867 as4
= bgp_capability_as4 (peer
, &hdr
);
871 stream_forward_getp (s
, hdr
.length
);
877 stream_set_getp (s
, orig_getp
);
884 * @param[out] mp_capability @see bgp_capability_parse() for semantics.
887 bgp_open_option_parse (struct peer
*peer
, u_char length
, int *mp_capability
)
891 u_char error_data
[BGP_MAX_PACKET_SIZE
];
892 struct stream
*s
= BGP_INPUT(peer
);
893 size_t end
= stream_get_getp (s
) + length
;
898 if (bgp_debug_neighbor_events(peer
))
899 zlog_debug ("%s rcv OPEN w/ OPTION parameter len: %u",
902 while (stream_get_getp(s
) < end
)
907 /* Must have at least an OPEN option header */
908 if (STREAM_READABLE(s
) < 2)
910 zlog_info ("%s Option length error", peer
->host
);
911 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
915 /* Fetch option type and length. */
916 opt_type
= stream_getc (s
);
917 opt_length
= stream_getc (s
);
919 /* Option length check. */
920 if (STREAM_READABLE (s
) < opt_length
)
922 zlog_info ("%s Option length error", peer
->host
);
923 bgp_notify_send (peer
, BGP_NOTIFY_CEASE
, 0);
927 if (bgp_debug_neighbor_events(peer
))
928 zlog_debug ("%s rcvd OPEN w/ optional parameter type %u (%s) len %u",
929 peer
->host
, opt_type
,
930 opt_type
== BGP_OPEN_OPT_AUTH
? "Authentication" :
931 opt_type
== BGP_OPEN_OPT_CAP
? "Capability" : "Unknown",
936 case BGP_OPEN_OPT_AUTH
:
937 ret
= bgp_auth_parse (peer
, opt_length
);
939 case BGP_OPEN_OPT_CAP
:
940 ret
= bgp_capability_parse (peer
, opt_length
, mp_capability
, &error
);
943 bgp_notify_send (peer
,
945 BGP_NOTIFY_OPEN_UNSUP_PARAM
);
950 /* Parse error. To accumulate all unsupported capability codes,
951 bgp_capability_parse does not return -1 when encounter
952 unsupported capability code. To detect that, please check
953 error and erro_data pointer, like below. */
958 /* All OPEN option is parsed. Check capability when strict compare
960 if (CHECK_FLAG (peer
->flags
, PEER_FLAG_STRICT_CAP_MATCH
))
962 /* If Unsupported Capability exists. */
963 if (error
!= error_data
)
965 bgp_notify_send_with_data (peer
,
967 BGP_NOTIFY_OPEN_UNSUP_CAPBL
,
968 error_data
, error
- error_data
);
972 /* Check local capability does not negotiated with remote
974 if (! strict_capability_same (peer
))
976 bgp_notify_send (peer
,
978 BGP_NOTIFY_OPEN_UNSUP_CAPBL
);
983 /* Check there are no common AFI/SAFIs and send Unsupported Capability
985 if (*mp_capability
&&
986 ! CHECK_FLAG (peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
))
988 if (! peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
]
989 && ! peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
]
990 && ! peer
->afc_nego
[AFI_IP
][SAFI_MPLS_VPN
]
991 && ! peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
]
992 && ! peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
])
994 zlog_err ("%s [Error] Configured AFI/SAFIs do not "
995 "overlap with received MP capabilities",
998 if (error
!= error_data
)
999 bgp_notify_send_with_data (peer
,
1000 BGP_NOTIFY_OPEN_ERR
,
1001 BGP_NOTIFY_OPEN_UNSUP_CAPBL
,
1002 error_data
, error
- error_data
);
1004 bgp_notify_send (peer
,
1005 BGP_NOTIFY_OPEN_ERR
,
1006 BGP_NOTIFY_OPEN_UNSUP_CAPBL
);
1014 bgp_open_capability_orf (struct stream
*s
, struct peer
*peer
,
1015 afi_t afi
, safi_t safi
, u_char code
)
1021 unsigned long numberp
;
1022 int number_of_orfs
= 0;
1024 if (safi
== SAFI_MPLS_VPN
)
1025 safi
= SAFI_MPLS_LABELED_VPN
;
1027 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1028 capp
= stream_get_endp (s
); /* Set Capability Len Pointer */
1029 stream_putc (s
, 0); /* Capability Length */
1030 stream_putc (s
, code
); /* Capability Code */
1031 orfp
= stream_get_endp (s
); /* Set ORF Len Pointer */
1032 stream_putc (s
, 0); /* ORF Length */
1033 stream_putw (s
, afi
);
1035 stream_putc (s
, safi
);
1036 numberp
= stream_get_endp (s
); /* Set Number Pointer */
1037 stream_putc (s
, 0); /* Number of ORFs */
1039 /* Address Prefix ORF */
1040 if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
1041 || CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
))
1043 stream_putc (s
, (code
== CAPABILITY_CODE_ORF
?
1044 ORF_TYPE_PREFIX
: ORF_TYPE_PREFIX_OLD
));
1046 if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
1047 && CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
))
1049 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_SM_ADV
);
1050 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_RM_ADV
);
1051 stream_putc (s
, ORF_MODE_BOTH
);
1053 else if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
))
1055 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_SM_ADV
);
1056 stream_putc (s
, ORF_MODE_SEND
);
1060 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ORF_PREFIX_RM_ADV
);
1061 stream_putc (s
, ORF_MODE_RECEIVE
);
1066 /* Total Number of ORFs. */
1067 stream_putc_at (s
, numberp
, number_of_orfs
);
1069 /* Total ORF Len. */
1070 orf_len
= stream_get_endp (s
) - orfp
- 1;
1071 stream_putc_at (s
, orfp
, orf_len
);
1073 /* Total Capability Len. */
1074 cap_len
= stream_get_endp (s
) - capp
- 1;
1075 stream_putc_at (s
, capp
, cap_len
);
1078 /* Fill in capability open option to the packet. */
1080 bgp_open_capability (struct stream
*s
, struct peer
*peer
)
1083 unsigned long cp
, capp
, rcapp
;
1087 u_int32_t restart_time
;
1088 u_char afi_safi_count
= 0;
1089 struct utsname names
;
1091 /* Remember current pointer for Opt Parm Len. */
1092 cp
= stream_get_endp (s
);
1097 /* Do not send capability. */
1098 if (! CHECK_FLAG (peer
->sflags
, PEER_STATUS_CAPABILITY_OPEN
)
1099 || CHECK_FLAG (peer
->flags
, PEER_FLAG_DONT_CAPABILITY
))
1103 if (peer
->afc
[AFI_IP
][SAFI_UNICAST
])
1105 peer
->afc_adv
[AFI_IP
][SAFI_UNICAST
] = 1;
1106 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1107 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
1108 stream_putc (s
, CAPABILITY_CODE_MP
);
1109 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
1110 stream_putw (s
, AFI_IP
);
1112 stream_putc (s
, SAFI_UNICAST
);
1114 /* IPv4 multicast. */
1115 if (peer
->afc
[AFI_IP
][SAFI_MULTICAST
])
1117 peer
->afc_adv
[AFI_IP
][SAFI_MULTICAST
] = 1;
1118 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1119 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
1120 stream_putc (s
, CAPABILITY_CODE_MP
);
1121 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
1122 stream_putw (s
, AFI_IP
);
1124 stream_putc (s
, SAFI_MULTICAST
);
1127 if (peer
->afc
[AFI_IP
][SAFI_MPLS_VPN
])
1129 peer
->afc_adv
[AFI_IP
][SAFI_MPLS_VPN
] = 1;
1130 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1131 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
1132 stream_putc (s
, CAPABILITY_CODE_MP
);
1133 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
1134 stream_putw (s
, AFI_IP
);
1136 stream_putc (s
, SAFI_MPLS_LABELED_VPN
);
1139 /* Currently supporting RFC-5549 for Link-Local peering only */
1140 if (CHECK_FLAG (peer
->flags
, PEER_FLAG_CAPABILITY_ENHE
) &&
1141 peer
->su
.sa
.sa_family
== AF_INET6
&&
1142 IN6_IS_ADDR_LINKLOCAL(&peer
->su
.sin6
.sin6_addr
))
1144 /* RFC 5549 Extended Next Hop Encoding */
1145 SET_FLAG (peer
->cap
, PEER_CAP_ENHE_ADV
);
1146 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1147 stream_putc (s
, CAPABILITY_CODE_ENHE_LEN
+ 2);
1148 stream_putc (s
, CAPABILITY_CODE_ENHE
);
1149 stream_putc (s
, CAPABILITY_CODE_ENHE_LEN
);
1150 /* Currently supporting for SAFI_UNICAST only */
1151 SET_FLAG (peer
->af_cap
[AFI_IP
][SAFI_UNICAST
], PEER_CAP_ENHE_AF_ADV
);
1152 stream_putw (s
, AFI_IP
);
1153 stream_putw (s
, SAFI_UNICAST
);
1154 stream_putw (s
, AFI_IP6
);
1156 if (CHECK_FLAG (peer
->af_cap
[AFI_IP
][SAFI_UNICAST
], PEER_CAP_ENHE_AF_RCV
))
1157 SET_FLAG (peer
->af_cap
[AFI_IP
][SAFI_UNICAST
], PEER_CAP_ENHE_AF_NEGO
);
1160 if (peer
->afc
[AFI_IP6
][SAFI_UNICAST
])
1162 peer
->afc_adv
[AFI_IP6
][SAFI_UNICAST
] = 1;
1163 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1164 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
1165 stream_putc (s
, CAPABILITY_CODE_MP
);
1166 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
1167 stream_putw (s
, AFI_IP6
);
1169 stream_putc (s
, SAFI_UNICAST
);
1171 /* IPv6 multicast. */
1172 if (peer
->afc
[AFI_IP6
][SAFI_MULTICAST
])
1174 peer
->afc_adv
[AFI_IP6
][SAFI_MULTICAST
] = 1;
1175 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1176 stream_putc (s
, CAPABILITY_CODE_MP_LEN
+ 2);
1177 stream_putc (s
, CAPABILITY_CODE_MP
);
1178 stream_putc (s
, CAPABILITY_CODE_MP_LEN
);
1179 stream_putw (s
, AFI_IP6
);
1181 stream_putc (s
, SAFI_MULTICAST
);
1183 #endif /* HAVE_IPV6 */
1185 /* Route refresh. */
1186 SET_FLAG (peer
->cap
, PEER_CAP_REFRESH_ADV
);
1187 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1188 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
+ 2);
1189 stream_putc (s
, CAPABILITY_CODE_REFRESH_OLD
);
1190 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
);
1191 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1192 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
+ 2);
1193 stream_putc (s
, CAPABILITY_CODE_REFRESH
);
1194 stream_putc (s
, CAPABILITY_CODE_REFRESH_LEN
);
1197 SET_FLAG (peer
->cap
, PEER_CAP_AS4_ADV
);
1198 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1199 stream_putc (s
, CAPABILITY_CODE_AS4_LEN
+ 2);
1200 stream_putc (s
, CAPABILITY_CODE_AS4
);
1201 stream_putc (s
, CAPABILITY_CODE_AS4_LEN
);
1202 if ( peer
->change_local_as
)
1203 local_as
= peer
->change_local_as
;
1205 local_as
= peer
->local_as
;
1206 stream_putl (s
, local_as
);
1209 * For now we will only advertise RX support. TX support will be added later.
1211 for (afi
= AFI_IP
; afi
< AFI_MAX
; afi
++)
1212 for (safi
= SAFI_UNICAST
; safi
< SAFI_MAX
; safi
++)
1213 if (peer
->afc
[afi
][safi
])
1216 SET_FLAG (peer
->cap
, PEER_CAP_ADDPATH_ADV
);
1217 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1218 stream_putc (s
, (CAPABILITY_CODE_ADDPATH_LEN
* afi_safi_count
) + 2);
1219 stream_putc (s
, CAPABILITY_CODE_ADDPATH
);
1220 stream_putc (s
, CAPABILITY_CODE_ADDPATH_LEN
* afi_safi_count
);
1222 for (afi
= AFI_IP
; afi
< AFI_MAX
; afi
++)
1223 for (safi
= SAFI_UNICAST
; safi
< SAFI_MAX
; safi
++)
1224 if (peer
->afc
[afi
][safi
])
1226 stream_putw (s
, afi
);
1227 stream_putc (s
, safi
);
1228 stream_putc (s
, BGP_ADDPATH_RX
);
1229 SET_FLAG (peer
->af_cap
[afi
][safi
], PEER_CAP_ADDPATH_AF_RX_ADV
);
1232 /* ORF capability. */
1233 for (afi
= AFI_IP
; afi
< AFI_MAX
; afi
++)
1234 for (safi
= SAFI_UNICAST
; safi
< SAFI_MAX
; safi
++)
1235 if (CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_SM
)
1236 || CHECK_FLAG (peer
->af_flags
[afi
][safi
], PEER_FLAG_ORF_PREFIX_RM
))
1238 bgp_open_capability_orf (s
, peer
, afi
, safi
, CAPABILITY_CODE_ORF_OLD
);
1239 bgp_open_capability_orf (s
, peer
, afi
, safi
, CAPABILITY_CODE_ORF
);
1242 /* Dynamic capability. */
1243 if (CHECK_FLAG (peer
->flags
, PEER_FLAG_DYNAMIC_CAPABILITY
))
1245 SET_FLAG (peer
->cap
, PEER_CAP_DYNAMIC_ADV
);
1246 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1247 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2);
1248 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_OLD
);
1249 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_LEN
);
1250 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1251 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_LEN
+ 2);
1252 stream_putc (s
, CAPABILITY_CODE_DYNAMIC
);
1253 stream_putc (s
, CAPABILITY_CODE_DYNAMIC_LEN
);
1256 /* Hostname capability */
1258 if (names
.nodename
[0] != '\0')
1260 SET_FLAG(peer
->cap
, PEER_CAP_HOSTNAME_ADV
);
1261 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1262 rcapp
= stream_get_endp(s
); /* Ptr to length placeholder */
1263 stream_putc(s
, 0); /* dummy len for now */
1264 stream_putc (s
, CAPABILITY_CODE_HOSTNAME
);
1265 capp
= stream_get_endp(s
);
1266 stream_putc(s
, 0); /* dummy len for now */
1267 len
= strlen(names
.nodename
);
1268 if (len
> BGP_MAX_HOSTNAME
)
1269 len
= BGP_MAX_HOSTNAME
;
1271 stream_putc(s
, len
);
1272 stream_put(s
, names
.nodename
, len
);
1274 if ((names
.domainname
[0] != '\0') &&
1275 (strcmp(names
.domainname
, "(none)") != 0))
1277 len
= strlen(names
.domainname
);
1278 if (len
> BGP_MAX_HOSTNAME
)
1279 len
= BGP_MAX_HOSTNAME
;
1281 stream_putc(s
, len
);
1282 stream_put(s
, names
.domainname
, len
);
1287 stream_putc(s
, 0); /* 0 length */
1290 /* Set the lengths straight */
1291 len
= stream_get_endp(s
) - rcapp
- 1;
1292 stream_putc_at(s
, rcapp
, len
);
1293 len
= stream_get_endp(s
) - capp
- 1;
1294 stream_putc_at(s
, capp
, len
);
1296 if (bgp_debug_neighbor_events(peer
))
1297 zlog_debug("%s Sending hostname cap with hn = %s, dn = %s",
1298 peer
->host
, names
.nodename
, names
.domainname
);
1301 /* Sending base graceful-restart capability irrespective of the config */
1302 SET_FLAG (peer
->cap
, PEER_CAP_RESTART_ADV
);
1303 stream_putc (s
, BGP_OPEN_OPT_CAP
);
1304 capp
= stream_get_endp (s
); /* Set Capability Len Pointer */
1305 stream_putc (s
, 0); /* Capability Length */
1306 stream_putc (s
, CAPABILITY_CODE_RESTART
);
1307 rcapp
= stream_get_endp (s
); /* Set Restart Capability Len Pointer */
1309 restart_time
= peer
->bgp
->restart_time
;
1310 if (peer
->bgp
->t_startup
)
1312 SET_FLAG (restart_time
, RESTART_R_BIT
);
1313 SET_FLAG (peer
->cap
, PEER_CAP_RESTART_BIT_ADV
);
1315 stream_putw (s
, restart_time
);
1317 /* Send address-family specific graceful-restart capability only when GR config
1319 if (bgp_flag_check (peer
->bgp
, BGP_FLAG_GRACEFUL_RESTART
))
1321 for (afi
= AFI_IP
; afi
< AFI_MAX
; afi
++)
1322 for (safi
= SAFI_UNICAST
; safi
< SAFI_MAX
; safi
++)
1323 if (peer
->afc
[afi
][safi
])
1325 stream_putw (s
, afi
);
1326 stream_putc (s
, safi
);
1327 stream_putc (s
, 0); //Forwarding is not retained as of now.
1331 /* Total Graceful restart capability Len. */
1332 len
= stream_get_endp (s
) - rcapp
- 1;
1333 stream_putc_at (s
, rcapp
, len
);
1335 /* Total Capability Len. */
1336 len
= stream_get_endp (s
) - capp
- 1;
1337 stream_putc_at (s
, capp
, len
);
1339 /* Total Opt Parm Len. */
1340 len
= stream_get_endp (s
) - cp
- 1;
1341 stream_putc_at (s
, cp
, len
);