]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #740 from donaldsharp/ospf_commands
[mirror_frr.git] / bgpd / bgp_packet.c
1 /* BGP packet management routine.
2 * Copyright (C) 1999 Kunihiro Ishiguro
3 *
4 * This file is part of GNU Zebra.
5 *
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
9 * later version.
10 *
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19 */
20
21 #include <zebra.h>
22
23 #include "thread.h"
24 #include "stream.h"
25 #include "network.h"
26 #include "prefix.h"
27 #include "command.h"
28 #include "log.h"
29 #include "memory.h"
30 #include "sockunion.h" /* for inet_ntop () */
31 #include "sockopt.h"
32 #include "linklist.h"
33 #include "plist.h"
34 #include "queue.h"
35 #include "filter.h"
36
37 #include "bgpd/bgpd.h"
38 #include "bgpd/bgp_table.h"
39 #include "bgpd/bgp_dump.h"
40 #include "bgpd/bgp_attr.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_fsm.h"
43 #include "bgpd/bgp_route.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_open.h"
46 #include "bgpd/bgp_aspath.h"
47 #include "bgpd/bgp_community.h"
48 #include "bgpd/bgp_ecommunity.h"
49 #include "bgpd/bgp_lcommunity.h"
50 #include "bgpd/bgp_network.h"
51 #include "bgpd/bgp_mplsvpn.h"
52 #include "bgpd/bgp_evpn.h"
53 #include "bgpd/bgp_advertise.h"
54 #include "bgpd/bgp_vty.h"
55 #include "bgpd/bgp_updgrp.h"
56 #include "bgpd/bgp_label.h"
57
58 /* Set up BGP packet marker and packet type. */
59 int
60 bgp_packet_set_marker (struct stream *s, u_char type)
61 {
62 int i;
63
64 /* Fill in marker. */
65 for (i = 0; i < BGP_MARKER_SIZE; i++)
66 stream_putc (s, 0xff);
67
68 /* Dummy total length. This field is should be filled in later on. */
69 stream_putw (s, 0);
70
71 /* BGP packet type. */
72 stream_putc (s, type);
73
74 /* Return current stream size. */
75 return stream_get_endp (s);
76 }
77
78 /* Set BGP packet header size entry. If size is zero then use current
79 stream size. */
80 int
81 bgp_packet_set_size (struct stream *s)
82 {
83 int cp;
84
85 /* Preserve current pointer. */
86 cp = stream_get_endp (s);
87 stream_putw_at (s, BGP_MARKER_SIZE, cp);
88
89 return cp;
90 }
91
92 /* Add new packet to the peer. */
93 void
94 bgp_packet_add (struct peer *peer, struct stream *s)
95 {
96 /* Add packet to the end of list. */
97 stream_fifo_push (peer->obuf, s);
98 }
99
100 /* Free first packet. */
101 static void
102 bgp_packet_delete (struct peer *peer)
103 {
104 stream_free (stream_fifo_pop (peer->obuf));
105 }
106
107 /* Check file descriptor whether connect is established. */
108 int
109 bgp_connect_check (struct peer *peer, int change_state)
110 {
111 int status;
112 socklen_t slen;
113 int ret;
114
115 /* Anyway I have to reset read and write thread. */
116 BGP_READ_OFF (peer->t_read);
117 BGP_WRITE_OFF (peer->t_write);
118
119 /* Check file descriptor. */
120 slen = sizeof (status);
121 ret = getsockopt(peer->fd, SOL_SOCKET, SO_ERROR, (void *) &status, &slen);
122
123 /* If getsockopt is fail, this is fatal error. */
124 if (ret < 0)
125 {
126 zlog_info ("can't get sockopt for nonblocking connect");
127 BGP_EVENT_ADD (peer, TCP_fatal_error);
128 return -1;
129 }
130
131 /* When status is 0 then TCP connection is established. */
132 if (status == 0)
133 {
134 BGP_EVENT_ADD (peer, TCP_connection_open);
135 return 1;
136 }
137 else
138 {
139 if (bgp_debug_neighbor_events(peer))
140 zlog_debug ("%s [Event] Connect failed (%s)",
141 peer->host, safe_strerror (errno));
142 if (change_state)
143 BGP_EVENT_ADD (peer, TCP_connection_open_failed);
144 return 0;
145 }
146 }
147
148 static struct stream *
149 bgp_update_packet_eor (struct peer *peer, afi_t afi, safi_t safi)
150 {
151 struct stream *s;
152 iana_afi_t pkt_afi;
153 safi_t pkt_safi;
154
155 if (DISABLE_BGP_ANNOUNCE)
156 return NULL;
157
158 if (bgp_debug_neighbor_events(peer))
159 zlog_debug ("send End-of-RIB for %s to %s", afi_safi_print (afi, safi), peer->host);
160
161 s = stream_new (BGP_MAX_PACKET_SIZE);
162
163 /* Make BGP update packet. */
164 bgp_packet_set_marker (s, BGP_MSG_UPDATE);
165
166 /* Unfeasible Routes Length */
167 stream_putw (s, 0);
168
169 if (afi == AFI_IP && safi == SAFI_UNICAST)
170 {
171 /* Total Path Attribute Length */
172 stream_putw (s, 0);
173 }
174 else
175 {
176 /* Convert AFI, SAFI to values for packet. */
177 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
178
179 /* Total Path Attribute Length */
180 stream_putw (s, 6);
181 stream_putc (s, BGP_ATTR_FLAG_OPTIONAL);
182 stream_putc (s, BGP_ATTR_MP_UNREACH_NLRI);
183 stream_putc (s, 3);
184 stream_putw (s, pkt_afi);
185 stream_putc (s, pkt_safi);
186 }
187
188 bgp_packet_set_size (s);
189 bgp_packet_add (peer, s);
190 return s;
191 }
192
193 /* Get next packet to be written. */
194 static struct stream *
195 bgp_write_packet (struct peer *peer)
196 {
197 struct stream *s = NULL;
198 struct peer_af *paf;
199 struct bpacket *next_pkt;
200 afi_t afi;
201 safi_t safi;
202
203 s = stream_fifo_head (peer->obuf);
204 if (s)
205 return s;
206
207 /*
208 * The code beyond this part deals with update packets, proceed only
209 * if peer is Established and updates are not on hold (as part of
210 * update-delay post processing).
211 */
212 if (peer->status != Established)
213 return NULL;
214
215 if (peer->bgp && peer->bgp->main_peers_update_hold)
216 return NULL;
217
218 for (afi = AFI_IP; afi < AFI_MAX; afi++)
219 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
220 {
221 paf = peer_af_find (peer, afi, safi);
222 if (!paf || !PAF_SUBGRP(paf))
223 continue;
224 next_pkt = paf->next_pkt_to_send;
225
226 /* Try to generate a packet for the peer if we are at the end of
227 * the list. Always try to push out WITHDRAWs first. */
228 if (!next_pkt || !next_pkt->buffer)
229 {
230 next_pkt = subgroup_withdraw_packet(PAF_SUBGRP(paf));
231 if (!next_pkt || !next_pkt->buffer)
232 subgroup_update_packet (PAF_SUBGRP(paf));
233 next_pkt = paf->next_pkt_to_send;
234 }
235
236 /* If we still don't have a packet to send to the peer, then
237 * try to find out out if we have to send eor or if not, skip to
238 * the next AFI, SAFI.
239 * Don't send the EOR prematurely... if the subgroup's coalesce
240 * timer is running, the adjacency-out structure is not created
241 * yet.
242 */
243 if (!next_pkt || !next_pkt->buffer)
244 {
245 if (CHECK_FLAG (peer->cap, PEER_CAP_RESTART_RCV))
246 {
247 if (!(PAF_SUBGRP(paf))->t_coalesce &&
248 peer->afc_nego[afi][safi] && peer->synctime
249 && ! CHECK_FLAG (peer->af_sflags[afi][safi],
250 PEER_STATUS_EOR_SEND)
251 && safi != SAFI_EVPN)
252 {
253 SET_FLAG (peer->af_sflags[afi][safi],
254 PEER_STATUS_EOR_SEND);
255 return bgp_update_packet_eor (peer, afi, safi);
256 }
257 }
258 continue;
259 }
260
261
262 /*
263 * Found a packet template to send, overwrite packet with appropriate
264 * attributes from peer and advance peer
265 */
266 s = bpacket_reformat_for_peer (next_pkt, paf);
267 bpacket_queue_advance_peer (paf);
268 return s;
269 }
270
271 return NULL;
272 }
273
274 /* The next action for the peer from a write perspective */
275 static void
276 bgp_write_proceed_actions (struct peer *peer)
277 {
278 afi_t afi;
279 safi_t safi;
280 struct peer_af *paf;
281 struct bpacket *next_pkt;
282 int fullq_found = 0;
283 struct update_subgroup *subgrp;
284
285 if (stream_fifo_head (peer->obuf))
286 {
287 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
288 return;
289 }
290
291 for (afi = AFI_IP; afi < AFI_MAX; afi++)
292 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
293 {
294 paf = peer_af_find (peer, afi, safi);
295 if (!paf)
296 continue;
297 subgrp = paf->subgroup;
298 if (!subgrp)
299 continue;
300
301 next_pkt = paf->next_pkt_to_send;
302 if (next_pkt && next_pkt->buffer)
303 {
304 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
305 return;
306 }
307
308 /* No packets readily available for AFI/SAFI, are there subgroup packets
309 * that need to be generated? */
310 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
311 SUBGRP_PKTQ(subgrp)))
312 fullq_found = 1;
313 else if (subgroup_packets_to_build (subgrp))
314 {
315 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
316 return;
317 }
318
319 /* No packets to send, see if EOR is pending */
320 if (CHECK_FLAG (peer->cap, PEER_CAP_RESTART_RCV))
321 {
322 if (!subgrp->t_coalesce &&
323 peer->afc_nego[afi][safi] &&
324 peer->synctime &&
325 !CHECK_FLAG(peer->af_sflags[afi][safi],
326 PEER_STATUS_EOR_SEND) &&
327 safi != SAFI_MPLS_VPN)
328 {
329 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
330 return;
331 }
332
333 }
334 }
335 if (fullq_found)
336 {
337 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
338 return;
339 }
340 }
341
342 /* Write packet to the peer. */
343 int
344 bgp_write (struct thread *thread)
345 {
346 struct peer *peer;
347 u_char type;
348 struct stream *s;
349 int num;
350 int update_last_write = 0;
351 unsigned int count = 0;
352 unsigned int oc = 0;
353
354 /* Yes first of all get peer pointer. */
355 peer = THREAD_ARG (thread);
356 peer->t_write = NULL;
357
358 /* For non-blocking IO check. */
359 if (peer->status == Connect)
360 {
361 bgp_connect_check (peer, 1);
362 return 0;
363 }
364
365 s = bgp_write_packet (peer);
366 if (!s)
367 {
368 bgp_write_proceed_actions (peer);
369 return 0;
370 }
371
372 sockopt_cork (peer->fd, 1);
373
374 oc = peer->update_out;
375
376 /* Nonblocking write until TCP output buffer is full. */
377 do
378 {
379 int writenum;
380
381 /* Number of bytes to be sent. */
382 writenum = stream_get_endp (s) - stream_get_getp (s);
383
384 /* Call write() system call. */
385 num = write (peer->fd, STREAM_PNT (s), writenum);
386 if (num < 0)
387 {
388 /* write failed either retry needed or error */
389 if (ERRNO_IO_RETRY(errno))
390 break;
391
392 BGP_EVENT_ADD (peer, TCP_fatal_error);
393 return 0;
394 }
395
396 if (num != writenum)
397 {
398 /* Partial write */
399 stream_forward_getp (s, num);
400 break;
401 }
402
403 /* Retrieve BGP packet type. */
404 stream_set_getp (s, BGP_MARKER_SIZE + 2);
405 type = stream_getc (s);
406
407 switch (type)
408 {
409 case BGP_MSG_OPEN:
410 peer->open_out++;
411 break;
412 case BGP_MSG_UPDATE:
413 peer->update_out++;
414 break;
415 case BGP_MSG_NOTIFY:
416 peer->notify_out++;
417 /* Double start timer. */
418 peer->v_start *= 2;
419
420 /* Overflow check. */
421 if (peer->v_start >= (60 * 2))
422 peer->v_start = (60 * 2);
423
424 /* Flush any existing events */
425 BGP_EVENT_ADD (peer, BGP_Stop);
426 goto done;
427
428 case BGP_MSG_KEEPALIVE:
429 peer->keepalive_out++;
430 break;
431 case BGP_MSG_ROUTE_REFRESH_NEW:
432 case BGP_MSG_ROUTE_REFRESH_OLD:
433 peer->refresh_out++;
434 break;
435 case BGP_MSG_CAPABILITY:
436 peer->dynamic_cap_out++;
437 break;
438 }
439
440 /* OK we send packet so delete it. */
441 bgp_packet_delete (peer);
442 update_last_write = 1;
443 }
444 while (++count < peer->bgp->wpkt_quanta &&
445 (s = bgp_write_packet (peer)) != NULL);
446
447 bgp_write_proceed_actions (peer);
448
449 done:
450 /* Update last_update if UPDATEs were written. */
451 if (peer->update_out > oc)
452 peer->last_update = bgp_clock ();
453
454 /* If we TXed any flavor of packet update last_write */
455 if (update_last_write)
456 peer->last_write = bgp_clock ();
457
458 sockopt_cork (peer->fd, 0);
459 return 0;
460 }
461
462 /* This is only for sending NOTIFICATION message to neighbor. */
463 static int
464 bgp_write_notify (struct peer *peer)
465 {
466 int ret, val;
467 u_char type;
468 struct stream *s;
469
470 /* There should be at least one packet. */
471 s = stream_fifo_head (peer->obuf);
472 if (!s)
473 return 0;
474 assert (stream_get_endp (s) >= BGP_HEADER_SIZE);
475
476 /* Stop collecting data within the socket */
477 sockopt_cork (peer->fd, 0);
478
479 /* socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
480 * we only care about getting a clean shutdown at this point. */
481 ret = write (peer->fd, STREAM_DATA (s), stream_get_endp (s));
482
483 /* only connection reset/close gets counted as TCP_fatal_error, failure
484 * to write the entire NOTIFY doesn't get different FSM treatment */
485 if (ret <= 0)
486 {
487 BGP_EVENT_ADD (peer, TCP_fatal_error);
488 return 0;
489 }
490
491 /* Disable Nagle, make NOTIFY packet go out right away */
492 val = 1;
493 (void) setsockopt (peer->fd, IPPROTO_TCP, TCP_NODELAY,
494 (char *) &val, sizeof (val));
495
496 /* Retrieve BGP packet type. */
497 stream_set_getp (s, BGP_MARKER_SIZE + 2);
498 type = stream_getc (s);
499
500 assert (type == BGP_MSG_NOTIFY);
501
502 /* Type should be notify. */
503 peer->notify_out++;
504
505 /* Double start timer. */
506 peer->v_start *= 2;
507
508 /* Overflow check. */
509 if (peer->v_start >= (60 * 2))
510 peer->v_start = (60 * 2);
511
512 /* Handle Graceful Restart case where the state changes to
513 Connect instead of Idle */
514 BGP_EVENT_ADD (peer, BGP_Stop);
515
516 return 0;
517 }
518
519 /* Make keepalive packet and send it to the peer. */
520 void
521 bgp_keepalive_send (struct peer *peer)
522 {
523 struct stream *s;
524
525 s = stream_new (BGP_MAX_PACKET_SIZE);
526
527 /* Make keepalive packet. */
528 bgp_packet_set_marker (s, BGP_MSG_KEEPALIVE);
529
530 /* Set packet size. */
531 (void)bgp_packet_set_size (s);
532
533 /* Dump packet if debug option is set. */
534 /* bgp_packet_dump (s); */
535
536 if (bgp_debug_keepalive(peer))
537 zlog_debug ("%s sending KEEPALIVE", peer->host);
538
539 /* Add packet to the peer. */
540 bgp_packet_add (peer, s);
541
542 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
543 }
544
545 /* Make open packet and send it to the peer. */
546 void
547 bgp_open_send (struct peer *peer)
548 {
549 struct stream *s;
550 u_int16_t send_holdtime;
551 as_t local_as;
552
553 if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
554 send_holdtime = peer->holdtime;
555 else
556 send_holdtime = peer->bgp->default_holdtime;
557
558 /* local-as Change */
559 if (peer->change_local_as)
560 local_as = peer->change_local_as;
561 else
562 local_as = peer->local_as;
563
564 s = stream_new (BGP_MAX_PACKET_SIZE);
565
566 /* Make open packet. */
567 bgp_packet_set_marker (s, BGP_MSG_OPEN);
568
569 /* Set open packet values. */
570 stream_putc (s, BGP_VERSION_4); /* BGP version */
571 stream_putw (s, (local_as <= BGP_AS_MAX) ? (u_int16_t) local_as
572 : BGP_AS_TRANS);
573 stream_putw (s, send_holdtime); /* Hold Time */
574 stream_put_in_addr (s, &peer->local_id); /* BGP Identifier */
575
576 /* Set capability code. */
577 bgp_open_capability (s, peer);
578
579 /* Set BGP packet length. */
580 (void)bgp_packet_set_size (s);
581
582 if (bgp_debug_neighbor_events(peer))
583 zlog_debug ("%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
584 peer->host, BGP_VERSION_4, local_as,
585 send_holdtime, inet_ntoa (peer->local_id));
586
587 /* Dump packet if debug option is set. */
588 /* bgp_packet_dump (s); */
589
590 /* Add packet to the peer. */
591 bgp_packet_add (peer, s);
592
593 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
594 }
595
596 /* Send BGP notify packet with data potion. */
597 void
598 bgp_notify_send_with_data (struct peer *peer, u_char code, u_char sub_code,
599 u_char *data, size_t datalen)
600 {
601 struct stream *s;
602 int length;
603
604 /* Allocate new stream. */
605 s = stream_new (BGP_MAX_PACKET_SIZE);
606
607 /* Make nitify packet. */
608 bgp_packet_set_marker (s, BGP_MSG_NOTIFY);
609
610 /* Set notify packet values. */
611 stream_putc (s, code); /* BGP notify code */
612 stream_putc (s, sub_code); /* BGP notify sub_code */
613
614 /* If notify data is present. */
615 if (data)
616 stream_write (s, data, datalen);
617
618 /* Set BGP packet length. */
619 length = bgp_packet_set_size (s);
620
621 /* Add packet to the peer. */
622 stream_fifo_clean (peer->obuf);
623 bgp_packet_add (peer, s);
624
625 /* For debug */
626 {
627 struct bgp_notify bgp_notify;
628 int first = 0;
629 int i;
630 char c[4];
631
632 bgp_notify.code = code;
633 bgp_notify.subcode = sub_code;
634 bgp_notify.data = NULL;
635 bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE;
636 bgp_notify.raw_data = data;
637
638 peer->notify.code = bgp_notify.code;
639 peer->notify.subcode = bgp_notify.subcode;
640
641 if (bgp_notify.length)
642 {
643 bgp_notify.data = XMALLOC (MTYPE_TMP, bgp_notify.length * 3);
644 for (i = 0; i < bgp_notify.length; i++)
645 if (first)
646 {
647 sprintf (c, " %02x", data[i]);
648 strcat (bgp_notify.data, c);
649 }
650 else
651 {
652 first = 1;
653 sprintf (c, "%02x", data[i]);
654 strcpy (bgp_notify.data, c);
655 }
656 }
657 bgp_notify_print (peer, &bgp_notify, "sending");
658
659 if (bgp_notify.data)
660 {
661 XFREE (MTYPE_TMP, bgp_notify.data);
662 bgp_notify.data = NULL;
663 bgp_notify.length = 0;
664 }
665 }
666
667 /* peer reset cause */
668 if (code == BGP_NOTIFY_CEASE)
669 {
670 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
671 peer->last_reset = PEER_DOWN_USER_RESET;
672 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
673 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
674 else
675 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
676 }
677 else
678 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
679
680 /* Call immediately. */
681 BGP_WRITE_OFF (peer->t_write);
682
683 bgp_write_notify (peer);
684 }
685
686 /* Send BGP notify packet. */
687 void
688 bgp_notify_send (struct peer *peer, u_char code, u_char sub_code)
689 {
690 bgp_notify_send_with_data (peer, code, sub_code, NULL, 0);
691 }
692
693 /* Send route refresh message to the peer. */
694 void
695 bgp_route_refresh_send (struct peer *peer, afi_t afi, safi_t safi,
696 u_char orf_type, u_char when_to_refresh, int remove)
697 {
698 struct stream *s;
699 struct bgp_filter *filter;
700 int orf_refresh = 0;
701 iana_afi_t pkt_afi;
702 safi_t pkt_safi;
703
704 if (DISABLE_BGP_ANNOUNCE)
705 return;
706
707 filter = &peer->filter[afi][safi];
708
709 /* Convert AFI, SAFI to values for packet. */
710 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
711
712 s = stream_new (BGP_MAX_PACKET_SIZE);
713
714 /* Make BGP update packet. */
715 if (CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV))
716 bgp_packet_set_marker (s, BGP_MSG_ROUTE_REFRESH_NEW);
717 else
718 bgp_packet_set_marker (s, BGP_MSG_ROUTE_REFRESH_OLD);
719
720 /* Encode Route Refresh message. */
721 stream_putw (s, pkt_afi);
722 stream_putc (s, 0);
723 stream_putc (s, pkt_safi);
724
725 if (orf_type == ORF_TYPE_PREFIX
726 || orf_type == ORF_TYPE_PREFIX_OLD)
727 if (remove || filter->plist[FILTER_IN].plist)
728 {
729 u_int16_t orf_len;
730 unsigned long orfp;
731
732 orf_refresh = 1;
733 stream_putc (s, when_to_refresh);
734 stream_putc (s, orf_type);
735 orfp = stream_get_endp (s);
736 stream_putw (s, 0);
737
738 if (remove)
739 {
740 UNSET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_PREFIX_SEND);
741 stream_putc (s, ORF_COMMON_PART_REMOVE_ALL);
742 if (bgp_debug_neighbor_events(peer))
743 zlog_debug ("%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d",
744 peer->host, orf_type,
745 (when_to_refresh == REFRESH_DEFER ? "defer" : "immediate"),
746 pkt_afi, pkt_safi);
747 }
748 else
749 {
750 SET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_PREFIX_SEND);
751 prefix_bgp_orf_entry (s, filter->plist[FILTER_IN].plist,
752 ORF_COMMON_PART_ADD, ORF_COMMON_PART_PERMIT,
753 ORF_COMMON_PART_DENY);
754 if (bgp_debug_neighbor_events(peer))
755 zlog_debug ("%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d",
756 peer->host, orf_type,
757 (when_to_refresh == REFRESH_DEFER ? "defer" : "immediate"),
758 pkt_afi, pkt_safi);
759 }
760
761 /* Total ORF Entry Len. */
762 orf_len = stream_get_endp (s) - orfp - 2;
763 stream_putw_at (s, orfp, orf_len);
764 }
765
766 /* Set packet size. */
767 (void)bgp_packet_set_size (s);
768
769 if (bgp_debug_neighbor_events(peer))
770 {
771 if (! orf_refresh)
772 zlog_debug ("%s sending REFRESH_REQ for afi/safi: %d/%d",
773 peer->host, pkt_afi, pkt_safi);
774 }
775
776 /* Add packet to the peer. */
777 bgp_packet_add (peer, s);
778
779 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
780 }
781
782 /* Send capability message to the peer. */
783 void
784 bgp_capability_send (struct peer *peer, afi_t afi, safi_t safi,
785 int capability_code, int action)
786 {
787 struct stream *s;
788 iana_afi_t pkt_afi;
789 safi_t pkt_safi;
790
791 /* Convert AFI, SAFI to values for packet. */
792 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
793
794 s = stream_new (BGP_MAX_PACKET_SIZE);
795
796 /* Make BGP update packet. */
797 bgp_packet_set_marker (s, BGP_MSG_CAPABILITY);
798
799 /* Encode MP_EXT capability. */
800 if (capability_code == CAPABILITY_CODE_MP)
801 {
802 stream_putc (s, action);
803 stream_putc (s, CAPABILITY_CODE_MP);
804 stream_putc (s, CAPABILITY_CODE_MP_LEN);
805 stream_putw (s, pkt_afi);
806 stream_putc (s, 0);
807 stream_putc (s, pkt_safi);
808
809 if (bgp_debug_neighbor_events(peer))
810 zlog_debug ("%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d",
811 peer->host, action == CAPABILITY_ACTION_SET ?
812 "Advertising" : "Removing", pkt_afi, pkt_safi);
813 }
814
815 /* Set packet size. */
816 (void)bgp_packet_set_size (s);
817
818 /* Add packet to the peer. */
819 bgp_packet_add (peer, s);
820
821 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
822 }
823
824 /* RFC1771 6.8 Connection collision detection. */
825 static int
826 bgp_collision_detect (struct peer *new, struct in_addr remote_id)
827 {
828 struct peer *peer;
829
830 /* Upon receipt of an OPEN message, the local system must examine
831 all of its connections that are in the OpenConfirm state. A BGP
832 speaker may also examine connections in an OpenSent state if it
833 knows the BGP Identifier of the peer by means outside of the
834 protocol. If among these connections there is a connection to a
835 remote BGP speaker whose BGP Identifier equals the one in the
836 OPEN message, then the local system performs the following
837 collision resolution procedure: */
838
839 if ((peer = new->doppelganger) != NULL)
840 {
841 /* Do not accept the new connection in Established or Clearing states.
842 * Note that a peer GR is handled by closing the existing connection
843 * upon receipt of new one.
844 */
845 if (peer->status == Established || peer->status == Clearing)
846 {
847 bgp_notify_send (new, BGP_NOTIFY_CEASE,
848 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
849 return (-1);
850 }
851 else if ((peer->status == OpenConfirm) || (peer->status == OpenSent))
852 {
853 /* 1. The BGP Identifier of the local system is compared to
854 the BGP Identifier of the remote system (as specified in
855 the OPEN message). */
856
857 if (ntohl (peer->local_id.s_addr) < ntohl (remote_id.s_addr))
858 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER))
859 {
860 /* 2. If the value of the local BGP Identifier is less
861 than the remote one, the local system closes BGP
862 connection that already exists (the one that is
863 already in the OpenConfirm state), and accepts BGP
864 connection initiated by the remote system. */
865 bgp_notify_send (peer, BGP_NOTIFY_CEASE,
866 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
867 return 1;
868 }
869 else
870 {
871 bgp_notify_send (new, BGP_NOTIFY_CEASE,
872 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
873 return -1;
874 }
875 else
876 {
877 /* 3. Otherwise, the local system closes newly created
878 BGP connection (the one associated with the newly
879 received OPEN message), and continues to use the
880 existing one (the one that is already in the
881 OpenConfirm state). */
882 if (CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER))
883 {
884 bgp_notify_send (peer, BGP_NOTIFY_CEASE,
885 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
886 return 1;
887 }
888 else
889 {
890 bgp_notify_send (new, BGP_NOTIFY_CEASE,
891 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
892 return -1;
893 }
894 }
895 }
896 }
897 return 0;
898 }
899
900 static int
901 bgp_open_receive (struct peer *peer, bgp_size_t size)
902 {
903 int ret;
904 u_char version;
905 u_char optlen;
906 u_int16_t holdtime;
907 u_int16_t send_holdtime;
908 as_t remote_as;
909 as_t as4 = 0;
910 struct in_addr remote_id;
911 int mp_capability;
912 u_int8_t notify_data_remote_as[2];
913 u_int8_t notify_data_remote_as4[4];
914 u_int8_t notify_data_remote_id[4];
915 u_int16_t *holdtime_ptr;
916
917 /* Parse open packet. */
918 version = stream_getc (peer->ibuf);
919 memcpy (notify_data_remote_as, stream_pnt (peer->ibuf), 2);
920 remote_as = stream_getw (peer->ibuf);
921 holdtime_ptr = (u_int16_t *)stream_pnt (peer->ibuf);
922 holdtime = stream_getw (peer->ibuf);
923 memcpy (notify_data_remote_id, stream_pnt (peer->ibuf), 4);
924 remote_id.s_addr = stream_get_ipv4 (peer->ibuf);
925
926 /* Receive OPEN message log */
927 if (bgp_debug_neighbor_events(peer))
928 zlog_debug ("%s rcv OPEN, version %d, remote-as (in open) %u,"
929 " holdtime %d, id %s",
930 peer->host, version, remote_as, holdtime,
931 inet_ntoa (remote_id));
932
933 /* BEGIN to read the capability here, but dont do it yet */
934 mp_capability = 0;
935 optlen = stream_getc (peer->ibuf);
936
937 if (optlen != 0)
938 {
939 /* If not enough bytes, it is an error. */
940 if (STREAM_READABLE(peer->ibuf) < optlen)
941 {
942 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
943 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
944 return -1;
945 }
946
947 /* We need the as4 capability value *right now* because
948 * if it is there, we have not got the remote_as yet, and without
949 * that we do not know which peer is connecting to us now.
950 */
951 as4 = peek_for_as4_capability (peer, optlen);
952 memcpy (notify_data_remote_as4, &as4, 4);
953 }
954
955 /* Just in case we have a silly peer who sends AS4 capability set to 0 */
956 if (CHECK_FLAG (peer->cap, PEER_CAP_AS4_RCV) && !as4)
957 {
958 zlog_err ("%s bad OPEN, got AS4 capability, but AS4 set to 0",
959 peer->host);
960 bgp_notify_send_with_data (peer,
961 BGP_NOTIFY_OPEN_ERR,
962 BGP_NOTIFY_OPEN_BAD_PEER_AS,
963 notify_data_remote_as4, 4);
964 return -1;
965 }
966
967 if (remote_as == BGP_AS_TRANS)
968 {
969 /* Take the AS4 from the capability. We must have received the
970 * capability now! Otherwise we have a asn16 peer who uses
971 * BGP_AS_TRANS, for some unknown reason.
972 */
973 if (as4 == BGP_AS_TRANS)
974 {
975 zlog_err ("%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
976 peer->host);
977 bgp_notify_send_with_data (peer,
978 BGP_NOTIFY_OPEN_ERR,
979 BGP_NOTIFY_OPEN_BAD_PEER_AS,
980 notify_data_remote_as4, 4);
981 return -1;
982 }
983
984 if (!as4 && BGP_DEBUG (as4, AS4))
985 zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
986 " Odd, but proceeding.", peer->host);
987 else if (as4 < BGP_AS_MAX && BGP_DEBUG (as4, AS4))
988 zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
989 "in 2-bytes, very odd peer.", peer->host, as4);
990 if (as4)
991 remote_as = as4;
992 }
993 else
994 {
995 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX */
996 /* If we have got the capability, peer->as4cap must match remote_as */
997 if (CHECK_FLAG (peer->cap, PEER_CAP_AS4_RCV)
998 && as4 != remote_as)
999 {
1000 /* raise error, log this, close session */
1001 zlog_err ("%s bad OPEN, got AS4 capability, but remote_as %u"
1002 " mismatch with 16bit 'myasn' %u in open",
1003 peer->host, as4, remote_as);
1004 bgp_notify_send_with_data (peer,
1005 BGP_NOTIFY_OPEN_ERR,
1006 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1007 notify_data_remote_as4, 4);
1008 return -1;
1009 }
1010 }
1011
1012 /* remote router-id check. */
1013 if (remote_id.s_addr == 0
1014 || IPV4_CLASS_DE (ntohl (remote_id.s_addr))
1015 || ntohl (peer->local_id.s_addr) == ntohl (remote_id.s_addr))
1016 {
1017 if (bgp_debug_neighbor_events(peer))
1018 zlog_debug ("%s bad OPEN, wrong router identifier %s",
1019 peer->host, inet_ntoa (remote_id));
1020 bgp_notify_send_with_data (peer,
1021 BGP_NOTIFY_OPEN_ERR,
1022 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1023 notify_data_remote_id, 4);
1024 return -1;
1025 }
1026
1027 /* Set remote router-id */
1028 peer->remote_id = remote_id;
1029
1030 /* Peer BGP version check. */
1031 if (version != BGP_VERSION_4)
1032 {
1033 u_int16_t maxver = htons(BGP_VERSION_4);
1034 /* XXX this reply may not be correct if version < 4 XXX */
1035 if (bgp_debug_neighbor_events(peer))
1036 zlog_debug ("%s bad protocol version, remote requested %d, local request %d",
1037 peer->host, version, BGP_VERSION_4);
1038 /* Data must be in network byte order here */
1039 bgp_notify_send_with_data (peer,
1040 BGP_NOTIFY_OPEN_ERR,
1041 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1042 (u_int8_t *) &maxver, 2);
1043 return -1;
1044 }
1045
1046 /* Check neighbor as number. */
1047 if (peer->as_type == AS_UNSPECIFIED)
1048 {
1049 if (bgp_debug_neighbor_events(peer))
1050 zlog_debug("%s bad OPEN, remote AS is unspecified currently", peer->host);
1051 bgp_notify_send_with_data(peer,
1052 BGP_NOTIFY_OPEN_ERR,
1053 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1054 notify_data_remote_as, 2);
1055 return -1;
1056 }
1057 else if (peer->as_type == AS_INTERNAL)
1058 {
1059 if (remote_as != peer->bgp->as)
1060 {
1061 if (bgp_debug_neighbor_events(peer))
1062 zlog_debug ("%s bad OPEN, remote AS is %u, internal specified",
1063 peer->host, remote_as);
1064 bgp_notify_send_with_data (peer,
1065 BGP_NOTIFY_OPEN_ERR,
1066 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1067 notify_data_remote_as, 2);
1068 return -1;
1069 }
1070 peer->as = peer->local_as;
1071 }
1072 else if (peer->as_type == AS_EXTERNAL)
1073 {
1074 if (remote_as == peer->bgp->as)
1075 {
1076 if (bgp_debug_neighbor_events(peer))
1077 zlog_debug ("%s bad OPEN, remote AS is %u, external specified",
1078 peer->host, remote_as);
1079 bgp_notify_send_with_data (peer,
1080 BGP_NOTIFY_OPEN_ERR,
1081 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1082 notify_data_remote_as, 2);
1083 return -1;
1084 }
1085 peer->as = remote_as;
1086 }
1087 else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as))
1088 {
1089 if (bgp_debug_neighbor_events(peer))
1090 zlog_debug ("%s bad OPEN, remote AS is %u, expected %u",
1091 peer->host, remote_as, peer->as);
1092 bgp_notify_send_with_data (peer,
1093 BGP_NOTIFY_OPEN_ERR,
1094 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1095 notify_data_remote_as, 2);
1096 return -1;
1097 }
1098
1099 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1100 calculate the value of the Hold Timer by using the smaller of its
1101 configured Hold Time and the Hold Time received in the OPEN message.
1102 The Hold Time MUST be either zero or at least three seconds. An
1103 implementation may reject connections on the basis of the Hold Time. */
1104
1105 if (holdtime < 3 && holdtime != 0)
1106 {
1107 bgp_notify_send_with_data (peer,
1108 BGP_NOTIFY_OPEN_ERR,
1109 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1110 (u_char *)holdtime_ptr, 2);
1111 return -1;
1112 }
1113
1114 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1115 would be one third of the Hold Time interval. KEEPALIVE messages
1116 MUST NOT be sent more frequently than one per second. An
1117 implementation MAY adjust the rate at which it sends KEEPALIVE
1118 messages as a function of the Hold Time interval. */
1119
1120 if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
1121 send_holdtime = peer->holdtime;
1122 else
1123 send_holdtime = peer->bgp->default_holdtime;
1124
1125 if (holdtime < send_holdtime)
1126 peer->v_holdtime = holdtime;
1127 else
1128 peer->v_holdtime = send_holdtime;
1129
1130 if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
1131 peer->v_keepalive = peer->keepalive;
1132 else
1133 peer->v_keepalive = peer->v_holdtime / 3;
1134
1135 /* Open option part parse. */
1136 if (optlen != 0)
1137 {
1138 if ((ret = bgp_open_option_parse (peer, optlen, &mp_capability)) < 0)
1139 return ret;
1140 }
1141 else
1142 {
1143 if (bgp_debug_neighbor_events(peer))
1144 zlog_debug ("%s rcvd OPEN w/ OPTION parameter len: 0",
1145 peer->host);
1146 }
1147
1148 /*
1149 * Assume that the peer supports the locally configured set of
1150 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1151 * capabilities, or if 'override-capability' is configured.
1152 */
1153 if (! mp_capability ||
1154 CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
1155 {
1156 peer->afc_nego[AFI_IP][SAFI_UNICAST] = peer->afc[AFI_IP][SAFI_UNICAST];
1157 peer->afc_nego[AFI_IP][SAFI_MULTICAST] = peer->afc[AFI_IP][SAFI_MULTICAST];
1158 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] = peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1159 peer->afc_nego[AFI_IP6][SAFI_UNICAST] = peer->afc[AFI_IP6][SAFI_UNICAST];
1160 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] = peer->afc[AFI_IP6][SAFI_MULTICAST];
1161 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] = peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1162 }
1163
1164 /* When collision is detected and this peer is closed. Retrun
1165 immidiately. */
1166 ret = bgp_collision_detect (peer, remote_id);
1167 if (ret < 0)
1168 return ret;
1169
1170 /* Get sockname. */
1171 if ((ret = bgp_getsockname (peer)) < 0)
1172 {
1173 zlog_err("%s: bgp_getsockname() failed for peer: %s", __FUNCTION__,
1174 peer->host);
1175 return (ret);
1176 }
1177
1178 /* Verify valid local address present based on negotiated address-families. */
1179 if (peer->afc_nego[AFI_IP][SAFI_UNICAST] ||
1180 peer->afc_nego[AFI_IP][SAFI_MULTICAST] ||
1181 peer->afc_nego[AFI_IP][SAFI_MPLS_VPN] ||
1182 peer->afc_nego[AFI_IP][SAFI_ENCAP])
1183 {
1184 if (!peer->nexthop.v4.s_addr)
1185 {
1186 #if defined (HAVE_CUMULUS)
1187 zlog_err ("%s: No local IPv4 addr resetting connection, fd %d",
1188 peer->host, peer->fd);
1189 bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1190 return -1;
1191 #endif
1192 }
1193 }
1194 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST] ||
1195 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] ||
1196 peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN] ||
1197 peer->afc_nego[AFI_IP6][SAFI_ENCAP])
1198 {
1199 if (IN6_IS_ADDR_UNSPECIFIED (&peer->nexthop.v6_global))
1200 {
1201 #if defined (HAVE_CUMULUS)
1202 zlog_err ("%s: No local IPv6 addr resetting connection, fd %d",
1203 peer->host, peer->fd);
1204 bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1205 return -1;
1206 #endif
1207 }
1208 }
1209 peer->rtt = sockopt_tcp_rtt (peer->fd);
1210
1211 if ((ret = bgp_event_update(peer, Receive_OPEN_message)) < 0)
1212 {
1213 zlog_err("%s: BGP event update failed for peer: %s", __FUNCTION__,
1214 peer->host);
1215 /* DD: bgp send notify and reset state */
1216 return (ret);
1217 }
1218
1219 peer->packet_size = 0;
1220 if (peer->ibuf)
1221 stream_reset (peer->ibuf);
1222
1223 return 0;
1224 }
1225
1226 /* Called when there is a change in the EOR(implicit or explicit) status of a peer.
1227 Ends the update-delay if all expected peers are done with EORs. */
1228 void
1229 bgp_check_update_delay(struct bgp *bgp)
1230 {
1231 struct listnode *node, *nnode;
1232 struct peer *peer = NULL;
1233
1234 if (bgp_debug_neighbor_events(peer))
1235 zlog_debug ("Checking update delay, T: %d R: %d I:%d E: %d", bgp->established,
1236 bgp->restarted_peers, bgp->implicit_eors, bgp->explicit_eors);
1237
1238 if (bgp->established <=
1239 bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors)
1240 {
1241 /* This is an extra sanity check to make sure we wait for all the
1242 eligible configured peers. This check is performed if establish wait
1243 timer is on, or establish wait option is not given with the
1244 update-delay command */
1245 if (bgp->t_establish_wait ||
1246 (bgp->v_establish_wait == bgp->v_update_delay))
1247 for (ALL_LIST_ELEMENTS (bgp->peer, node, nnode, peer))
1248 {
1249 if (CHECK_FLAG(peer->flags, PEER_FLAG_CONFIG_NODE)
1250 && !CHECK_FLAG (peer->flags, PEER_FLAG_SHUTDOWN)
1251 && !peer->update_delay_over)
1252 {
1253 if (bgp_debug_neighbor_events(peer))
1254 zlog_debug (" Peer %s pending, continuing read-only mode",
1255 peer->host);
1256 return;
1257 }
1258 }
1259
1260 zlog_info ("Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
1261 bgp->restarted_peers, bgp->implicit_eors, bgp->explicit_eors);
1262 bgp_update_delay_end(bgp);
1263 }
1264 }
1265
1266 /* Called if peer is known to have restarted. The restart-state bit in
1267 Graceful-Restart capability is used for that */
1268 void
1269 bgp_update_restarted_peers (struct peer *peer)
1270 {
1271 if (!bgp_update_delay_active(peer->bgp)) return; /* BGP update delay has ended */
1272 if (peer->update_delay_over) return; /* This peer has already been considered */
1273
1274 if (bgp_debug_neighbor_events(peer))
1275 zlog_debug ("Peer %s: Checking restarted", peer->host);
1276
1277 if (peer->status == Established)
1278 {
1279 peer->update_delay_over = 1;
1280 peer->bgp->restarted_peers++;
1281 bgp_check_update_delay(peer->bgp);
1282 }
1283 }
1284
1285 /* Called as peer receives a keep-alive. Determines if this occurence can be
1286 taken as an implicit EOR for this peer.
1287 NOTE: The very first keep-alive after the Established state of a peer is
1288 considered implicit EOR for the update-delay purposes */
1289 void
1290 bgp_update_implicit_eors (struct peer *peer)
1291 {
1292 if (!bgp_update_delay_active(peer->bgp)) return; /* BGP update delay has ended */
1293 if (peer->update_delay_over) return; /* This peer has already been considered */
1294
1295 if (bgp_debug_neighbor_events(peer))
1296 zlog_debug ("Peer %s: Checking implicit EORs", peer->host);
1297
1298 if (peer->status == Established)
1299 {
1300 peer->update_delay_over = 1;
1301 peer->bgp->implicit_eors++;
1302 bgp_check_update_delay(peer->bgp);
1303 }
1304 }
1305
1306 /* Should be called only when there is a change in the EOR_RECEIVED status
1307 for any afi/safi on a peer */
1308 static void
1309 bgp_update_explicit_eors (struct peer *peer)
1310 {
1311 afi_t afi;
1312 safi_t safi;
1313
1314 if (!bgp_update_delay_active(peer->bgp)) return; /* BGP update delay has ended */
1315 if (peer->update_delay_over) return; /* This peer has already been considered */
1316
1317 if (bgp_debug_neighbor_events(peer))
1318 zlog_debug ("Peer %s: Checking explicit EORs", peer->host);
1319
1320 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1321 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1322 {
1323 if (peer->afc_nego[afi][safi] &&
1324 !CHECK_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EOR_RECEIVED))
1325 {
1326 if (bgp_debug_neighbor_events(peer))
1327 zlog_debug (" afi %d safi %d didnt receive EOR", afi, safi);
1328 return;
1329 }
1330 }
1331
1332 peer->update_delay_over = 1;
1333 peer->bgp->explicit_eors++;
1334 bgp_check_update_delay(peer->bgp);
1335 }
1336
1337 /* Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers
1338 * mp_withdraw, if set, is used to nullify attr structure on most of the calling safi function
1339 * and for evpn, passed as parameter
1340 */
1341 int
1342 bgp_nlri_parse (struct peer *peer, struct attr *attr, struct bgp_nlri *packet, int mp_withdraw)
1343 {
1344 switch (packet->safi)
1345 {
1346 case SAFI_UNICAST:
1347 case SAFI_MULTICAST:
1348 return bgp_nlri_parse_ip (peer, mp_withdraw?NULL:attr, packet);
1349 case SAFI_LABELED_UNICAST:
1350 return bgp_nlri_parse_label (peer, mp_withdraw?NULL:attr, packet);
1351 case SAFI_MPLS_VPN:
1352 return bgp_nlri_parse_vpn (peer, mp_withdraw?NULL:attr, packet);
1353 case SAFI_EVPN:
1354 return bgp_nlri_parse_evpn (peer, attr, packet, mp_withdraw);
1355 }
1356 return -1;
1357 }
1358
1359 /* Parse BGP Update packet and make attribute object. */
1360 static int
1361 bgp_update_receive (struct peer *peer, bgp_size_t size)
1362 {
1363 int ret, nlri_ret;
1364 u_char *end;
1365 struct stream *s;
1366 struct attr attr;
1367 struct attr_extra extra;
1368 bgp_size_t attribute_len;
1369 bgp_size_t update_len;
1370 bgp_size_t withdraw_len;
1371
1372 enum NLRI_TYPES {
1373 NLRI_UPDATE,
1374 NLRI_WITHDRAW,
1375 NLRI_MP_UPDATE,
1376 NLRI_MP_WITHDRAW,
1377 NLRI_TYPE_MAX
1378 };
1379 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1380
1381 /* Status must be Established. */
1382 if (peer->status != Established)
1383 {
1384 zlog_err ("%s [FSM] Update packet received under status %s",
1385 peer->host, lookup_msg(bgp_status_msg, peer->status, NULL));
1386 bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
1387 return -1;
1388 }
1389
1390 /* Set initial values. */
1391 memset (&attr, 0, sizeof (struct attr));
1392 memset (&extra, 0, sizeof (struct attr_extra));
1393 extra.label_index = BGP_INVALID_LABEL_INDEX;
1394 memset (&nlris, 0, sizeof (nlris));
1395 attr.extra = &extra;
1396 memset (peer->rcvd_attr_str, 0, BUFSIZ);
1397 peer->rcvd_attr_printed = 0;
1398
1399 s = peer->ibuf;
1400 end = stream_pnt (s) + size;
1401
1402 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1403 Length is too large (i.e., if Unfeasible Routes Length + Total
1404 Attribute Length + 23 exceeds the message Length), then the Error
1405 Subcode is set to Malformed Attribute List. */
1406 if (stream_pnt (s) + 2 > end)
1407 {
1408 zlog_err ("%s [Error] Update packet error"
1409 " (packet length is short for unfeasible length)",
1410 peer->host);
1411 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1412 BGP_NOTIFY_UPDATE_MAL_ATTR);
1413 return -1;
1414 }
1415
1416 /* Unfeasible Route Length. */
1417 withdraw_len = stream_getw (s);
1418
1419 /* Unfeasible Route Length check. */
1420 if (stream_pnt (s) + withdraw_len > end)
1421 {
1422 zlog_err ("%s [Error] Update packet error"
1423 " (packet unfeasible length overflow %d)",
1424 peer->host, withdraw_len);
1425 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1426 BGP_NOTIFY_UPDATE_MAL_ATTR);
1427 return -1;
1428 }
1429
1430 /* Unfeasible Route packet format check. */
1431 if (withdraw_len > 0)
1432 {
1433 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1434 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1435 nlris[NLRI_WITHDRAW].nlri = stream_pnt (s);
1436 nlris[NLRI_WITHDRAW].length = withdraw_len;
1437 stream_forward_getp (s, withdraw_len);
1438 }
1439
1440 /* Attribute total length check. */
1441 if (stream_pnt (s) + 2 > end)
1442 {
1443 zlog_warn ("%s [Error] Packet Error"
1444 " (update packet is short for attribute length)",
1445 peer->host);
1446 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1447 BGP_NOTIFY_UPDATE_MAL_ATTR);
1448 return -1;
1449 }
1450
1451 /* Fetch attribute total length. */
1452 attribute_len = stream_getw (s);
1453
1454 /* Attribute length check. */
1455 if (stream_pnt (s) + attribute_len > end)
1456 {
1457 zlog_warn ("%s [Error] Packet Error"
1458 " (update packet attribute length overflow %d)",
1459 peer->host, attribute_len);
1460 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1461 BGP_NOTIFY_UPDATE_MAL_ATTR);
1462 return -1;
1463 }
1464
1465 /* Certain attribute parsing errors should not be considered bad enough
1466 * to reset the session for, most particularly any partial/optional
1467 * attributes that have 'tunneled' over speakers that don't understand
1468 * them. Instead we withdraw only the prefix concerned.
1469 *
1470 * Complicates the flow a little though..
1471 */
1472 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1473 /* This define morphs the update case into a withdraw when lower levels
1474 * have signalled an error condition where this is best.
1475 */
1476 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1477
1478 /* Parse attribute when it exists. */
1479 if (attribute_len)
1480 {
1481 attr_parse_ret = bgp_attr_parse (peer, &attr, attribute_len,
1482 &nlris[NLRI_MP_UPDATE], &nlris[NLRI_MP_WITHDRAW]);
1483 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR)
1484 {
1485 bgp_attr_unintern_sub (&attr);
1486 return -1;
1487 }
1488 }
1489
1490 /* Logging the attribute. */
1491 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW ||
1492 BGP_DEBUG (update, UPDATE_IN) ||
1493 BGP_DEBUG (update, UPDATE_PREFIX))
1494 {
1495 ret = bgp_dump_attr (&attr, peer->rcvd_attr_str, BUFSIZ);
1496
1497 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1498 zlog_err ("%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1499 peer->host);
1500
1501 if (ret && bgp_debug_update(peer, NULL, NULL, 1))
1502 {
1503 zlog_debug ("%s rcvd UPDATE w/ attr: %s", peer->host, peer->rcvd_attr_str);
1504 peer->rcvd_attr_printed = 1;
1505 }
1506 }
1507
1508 /* Network Layer Reachability Information. */
1509 update_len = end - stream_pnt (s);
1510
1511 if (update_len)
1512 {
1513 /* Set NLRI portion to structure. */
1514 nlris[NLRI_UPDATE].afi = AFI_IP;
1515 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1516 nlris[NLRI_UPDATE].nlri = stream_pnt (s);
1517 nlris[NLRI_UPDATE].length = update_len;
1518 stream_forward_getp (s, update_len);
1519 }
1520
1521 if (BGP_DEBUG (update, UPDATE_IN))
1522 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1523 peer->host, withdraw_len, attribute_len, update_len);
1524
1525 /* Parse any given NLRIs */
1526 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++)
1527 {
1528 if (!nlris[i].nlri)
1529 continue;
1530
1531 /* NLRI is processed iff the peer if configured for the specific afi/safi */
1532 if (!peer->afc[nlris[i].afi][nlris[i].safi])
1533 {
1534 zlog_info ("%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1535 peer->host, nlris[i].afi, nlris[i].safi);
1536 continue;
1537 }
1538
1539 /* EoR handled later */
1540 if (nlris[i].length == 0)
1541 continue;
1542
1543 switch (i)
1544 {
1545 case NLRI_UPDATE:
1546 case NLRI_MP_UPDATE:
1547 nlri_ret = bgp_nlri_parse (peer, NLRI_ATTR_ARG, &nlris[i], 0);
1548 break;
1549 case NLRI_WITHDRAW:
1550 case NLRI_MP_WITHDRAW:
1551 nlri_ret = bgp_nlri_parse (peer, &attr, &nlris[i], 1);
1552 break;
1553 default:
1554 nlri_ret = -1;
1555 }
1556
1557 if (nlri_ret < 0)
1558 {
1559 zlog_err("%s [Error] Error parsing NLRI", peer->host);
1560 if (peer->status == Established)
1561 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1562 i <= NLRI_WITHDRAW ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1563 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1564 bgp_attr_unintern_sub (&attr);
1565 return -1;
1566 }
1567 }
1568
1569 /* EoR checks
1570 *
1571 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1572 * and MP EoR should have only an empty MP_UNREACH
1573 */
1574 if (!update_len && !withdraw_len
1575 && nlris[NLRI_MP_UPDATE].length == 0)
1576 {
1577 afi_t afi = 0;
1578 safi_t safi;
1579
1580 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already checked
1581 * update and withdraw NLRI lengths are 0.
1582 */
1583 if (!attribute_len)
1584 {
1585 afi = AFI_IP;
1586 safi = SAFI_UNICAST;
1587 }
1588 else if (attr.flag & ATTR_FLAG_BIT (BGP_ATTR_MP_UNREACH_NLRI)
1589 && nlris[NLRI_MP_WITHDRAW].length == 0)
1590 {
1591 afi = nlris[NLRI_MP_WITHDRAW].afi;
1592 safi = nlris[NLRI_MP_WITHDRAW].safi;
1593 }
1594
1595 if (afi && peer->afc[afi][safi])
1596 {
1597 /* End-of-RIB received */
1598 if (!CHECK_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_EOR_RECEIVED))
1599 {
1600 SET_FLAG (peer->af_sflags[afi][safi],
1601 PEER_STATUS_EOR_RECEIVED);
1602 bgp_update_explicit_eors(peer);
1603 }
1604
1605 /* NSF delete stale route */
1606 if (peer->nsf[afi][safi])
1607 bgp_clear_stale_route (peer, afi, safi);
1608
1609 if (bgp_debug_neighbor_events(peer))
1610 {
1611 zlog_debug ("rcvd End-of-RIB for %s from %s",
1612 afi_safi_print (afi, safi), peer->host);
1613 }
1614 }
1615 }
1616
1617 /* Everything is done. We unintern temporary structures which
1618 interned in bgp_attr_parse(). */
1619 bgp_attr_unintern_sub (&attr);
1620
1621 /* If peering is stopped due to some reason, do not generate BGP
1622 event. */
1623 if (peer->status != Established)
1624 return 0;
1625
1626 /* Increment packet counter. */
1627 peer->update_in++;
1628 peer->update_time = bgp_clock ();
1629
1630 /* Rearm holdtime timer */
1631 BGP_TIMER_OFF (peer->t_holdtime);
1632 bgp_timer_set (peer);
1633
1634 return 0;
1635 }
1636
1637 /* Notify message treatment function. */
1638 static void
1639 bgp_notify_receive (struct peer *peer, bgp_size_t size)
1640 {
1641 struct bgp_notify bgp_notify;
1642
1643 if (peer->notify.data)
1644 {
1645 XFREE (MTYPE_TMP, peer->notify.data);
1646 peer->notify.data = NULL;
1647 peer->notify.length = 0;
1648 }
1649
1650 bgp_notify.code = stream_getc (peer->ibuf);
1651 bgp_notify.subcode = stream_getc (peer->ibuf);
1652 bgp_notify.length = size - 2;
1653 bgp_notify.data = NULL;
1654
1655 /* Preserv notify code and sub code. */
1656 peer->notify.code = bgp_notify.code;
1657 peer->notify.subcode = bgp_notify.subcode;
1658 /* For further diagnostic record returned Data. */
1659 if (bgp_notify.length)
1660 {
1661 peer->notify.length = size - 2;
1662 peer->notify.data = XMALLOC (MTYPE_TMP, size - 2);
1663 memcpy (peer->notify.data, stream_pnt (peer->ibuf), size - 2);
1664 }
1665
1666 /* For debug */
1667 {
1668 int i;
1669 int first = 0;
1670 char c[4];
1671
1672 if (bgp_notify.length)
1673 {
1674 bgp_notify.data = XMALLOC (MTYPE_TMP, bgp_notify.length * 3);
1675 for (i = 0; i < bgp_notify.length; i++)
1676 if (first)
1677 {
1678 sprintf (c, " %02x", stream_getc (peer->ibuf));
1679 strcat (bgp_notify.data, c);
1680 }
1681 else
1682 {
1683 first = 1;
1684 sprintf (c, "%02x", stream_getc (peer->ibuf));
1685 strcpy (bgp_notify.data, c);
1686 }
1687 bgp_notify.raw_data = (u_char*)peer->notify.data;
1688 }
1689
1690 bgp_notify_print(peer, &bgp_notify, "received");
1691 if (bgp_notify.data)
1692 {
1693 XFREE (MTYPE_TMP, bgp_notify.data);
1694 bgp_notify.data = NULL;
1695 bgp_notify.length = 0;
1696 }
1697 }
1698
1699 /* peer count update */
1700 peer->notify_in++;
1701
1702 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1703
1704 /* We have to check for Notify with Unsupported Optional Parameter.
1705 in that case we fallback to open without the capability option.
1706 But this done in bgp_stop. We just mark it here to avoid changing
1707 the fsm tables. */
1708 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR &&
1709 bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM )
1710 UNSET_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1711
1712 BGP_EVENT_ADD (peer, Receive_NOTIFICATION_message);
1713 }
1714
1715 /* Keepalive treatment function -- get keepalive send keepalive */
1716 static void
1717 bgp_keepalive_receive (struct peer *peer, bgp_size_t size)
1718 {
1719 if (bgp_debug_keepalive(peer))
1720 zlog_debug ("%s KEEPALIVE rcvd", peer->host);
1721
1722 BGP_EVENT_ADD (peer, Receive_KEEPALIVE_message);
1723 }
1724
1725 /* Route refresh message is received. */
1726 static void
1727 bgp_route_refresh_receive (struct peer *peer, bgp_size_t size)
1728 {
1729 iana_afi_t pkt_afi;
1730 afi_t afi;
1731 safi_t pkt_safi, safi;
1732 struct stream *s;
1733 struct peer_af *paf;
1734 struct update_group *updgrp;
1735 struct peer *updgrp_peer;
1736
1737 /* If peer does not have the capability, send notification. */
1738 if (! CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_ADV))
1739 {
1740 zlog_err ("%s [Error] BGP route refresh is not enabled",
1741 peer->host);
1742 bgp_notify_send (peer,
1743 BGP_NOTIFY_HEADER_ERR,
1744 BGP_NOTIFY_HEADER_BAD_MESTYPE);
1745 return;
1746 }
1747
1748 /* Status must be Established. */
1749 if (peer->status != Established)
1750 {
1751 zlog_err ("%s [Error] Route refresh packet received under status %s",
1752 peer->host, lookup_msg(bgp_status_msg, peer->status, NULL));
1753 bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
1754 return;
1755 }
1756
1757 s = peer->ibuf;
1758
1759 /* Parse packet. */
1760 pkt_afi = stream_getw (s);
1761 (void)stream_getc (s);
1762 pkt_safi = stream_getc (s);
1763
1764 if (bgp_debug_update(peer, NULL, NULL, 0))
1765 zlog_debug ("%s rcvd REFRESH_REQ for afi/safi: %d/%d",
1766 peer->host, pkt_afi, pkt_safi);
1767
1768 /* Convert AFI, SAFI to internal values and check. */
1769 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
1770 {
1771 zlog_info ("%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored",
1772 peer->host, pkt_afi, pkt_safi);
1773 return;
1774 }
1775
1776 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1777 {
1778 u_char *end;
1779 u_char when_to_refresh;
1780 u_char orf_type;
1781 u_int16_t orf_len;
1782
1783 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) < 5)
1784 {
1785 zlog_info ("%s ORF route refresh length error", peer->host);
1786 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1787 return;
1788 }
1789
1790 when_to_refresh = stream_getc (s);
1791 end = stream_pnt (s) + (size - 5);
1792
1793 while ((stream_pnt (s) + 2) < end)
1794 {
1795 orf_type = stream_getc (s);
1796 orf_len = stream_getw (s);
1797
1798 /* orf_len in bounds? */
1799 if ((stream_pnt (s) + orf_len) > end)
1800 break; /* XXX: Notify instead?? */
1801 if (orf_type == ORF_TYPE_PREFIX
1802 || orf_type == ORF_TYPE_PREFIX_OLD)
1803 {
1804 uint8_t *p_pnt = stream_pnt (s);
1805 uint8_t *p_end = stream_pnt (s) + orf_len;
1806 struct orf_prefix orfp;
1807 u_char common = 0;
1808 u_int32_t seq;
1809 int psize;
1810 char name[BUFSIZ];
1811 int ret = CMD_SUCCESS;
1812
1813 if (bgp_debug_neighbor_events(peer))
1814 {
1815 zlog_debug ("%s rcvd Prefixlist ORF(%d) length %d",
1816 peer->host, orf_type, orf_len);
1817 }
1818
1819 /* we're going to read at least 1 byte of common ORF header,
1820 * and 7 bytes of ORF Address-filter entry from the stream
1821 */
1822 if (orf_len < 7)
1823 break;
1824
1825 /* ORF prefix-list name */
1826 sprintf (name, "%s.%d.%d", peer->host, afi, safi);
1827
1828 while (p_pnt < p_end)
1829 {
1830 /* If the ORF entry is malformed, want to read as much of it
1831 * as possible without going beyond the bounds of the entry,
1832 * to maximise debug information.
1833 */
1834 int ok;
1835 memset (&orfp, 0, sizeof (struct orf_prefix));
1836 common = *p_pnt++;
1837 /* after ++: p_pnt <= p_end */
1838 if (common & ORF_COMMON_PART_REMOVE_ALL)
1839 {
1840 if (bgp_debug_neighbor_events(peer))
1841 zlog_debug ("%s rcvd Remove-All pfxlist ORF request", peer->host);
1842 prefix_bgp_orf_remove_all (afi, name);
1843 break;
1844 }
1845 ok = ((u_int32_t)(p_end - p_pnt) >= sizeof(u_int32_t)) ;
1846 if (ok)
1847 {
1848 memcpy (&seq, p_pnt, sizeof (u_int32_t));
1849 p_pnt += sizeof (u_int32_t);
1850 orfp.seq = ntohl (seq);
1851 }
1852 else
1853 p_pnt = p_end ;
1854
1855 if ((ok = (p_pnt < p_end)))
1856 orfp.ge = *p_pnt++ ; /* value checked in prefix_bgp_orf_set() */
1857 if ((ok = (p_pnt < p_end)))
1858 orfp.le = *p_pnt++ ; /* value checked in prefix_bgp_orf_set() */
1859 if ((ok = (p_pnt < p_end)))
1860 orfp.p.prefixlen = *p_pnt++ ;
1861 orfp.p.family = afi2family (afi); /* afi checked already */
1862
1863 psize = PSIZE (orfp.p.prefixlen); /* 0 if not ok */
1864 if (psize > prefix_blen(&orfp.p)) /* valid for family ? */
1865 {
1866 ok = 0 ;
1867 psize = prefix_blen(&orfp.p) ;
1868 }
1869 if (psize > (p_end - p_pnt)) /* valid for packet ? */
1870 {
1871 ok = 0 ;
1872 psize = p_end - p_pnt ;
1873 }
1874
1875 if (psize > 0)
1876 memcpy (&orfp.p.u.prefix, p_pnt, psize);
1877 p_pnt += psize;
1878
1879 if (bgp_debug_neighbor_events(peer))
1880 {
1881 char buf[INET6_BUFSIZ];
1882
1883 zlog_debug ("%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
1884 peer->host,
1885 (common & ORF_COMMON_PART_REMOVE ? "Remove" : "Add"),
1886 (common & ORF_COMMON_PART_DENY ? "deny" : "permit"),
1887 orfp.seq,
1888 inet_ntop (orfp.p.family, &orfp.p.u.prefix, buf, INET6_BUFSIZ),
1889 orfp.p.prefixlen, orfp.ge, orfp.le,
1890 ok ? "" : " MALFORMED");
1891 }
1892
1893 if (ok)
1894 ret = prefix_bgp_orf_set (name, afi, &orfp,
1895 (common & ORF_COMMON_PART_DENY ? 0 : 1 ),
1896 (common & ORF_COMMON_PART_REMOVE ? 0 : 1));
1897
1898 if (!ok || (ok && ret != CMD_SUCCESS))
1899 {
1900 zlog_info ("%s Received misformatted prefixlist ORF."
1901 " Remove All pfxlist", peer->host);
1902 prefix_bgp_orf_remove_all (afi, name);
1903 break;
1904 }
1905 }
1906
1907 peer->orf_plist[afi][safi] = prefix_bgp_orf_lookup (afi, name);
1908 }
1909 stream_forward_getp (s, orf_len);
1910 }
1911 if (bgp_debug_neighbor_events(peer))
1912 zlog_debug ("%s rcvd Refresh %s ORF request", peer->host,
1913 when_to_refresh == REFRESH_DEFER ? "Defer" : "Immediate");
1914 if (when_to_refresh == REFRESH_DEFER)
1915 return;
1916 }
1917
1918 /* First update is deferred until ORF or ROUTE-REFRESH is received */
1919 if (CHECK_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_WAIT_REFRESH))
1920 UNSET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_WAIT_REFRESH);
1921
1922 paf = peer_af_find (peer, afi, safi);
1923 if (paf && paf->subgroup)
1924 {
1925 if (peer->orf_plist[afi][safi])
1926 {
1927 updgrp = PAF_UPDGRP(paf);
1928 updgrp_peer = UPDGRP_PEER(updgrp);
1929 updgrp_peer->orf_plist[afi][safi] = peer->orf_plist[afi][safi];
1930 }
1931
1932 /* If the peer is configured for default-originate clear the
1933 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will re-advertise the
1934 * default
1935 */
1936 if (CHECK_FLAG (paf->subgroup->sflags, SUBGRP_STATUS_DEFAULT_ORIGINATE))
1937 UNSET_FLAG (paf->subgroup->sflags, SUBGRP_STATUS_DEFAULT_ORIGINATE);
1938 }
1939
1940 /* Perform route refreshment to the peer */
1941 bgp_announce_route (peer, afi, safi);
1942 }
1943
1944 static int
1945 bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
1946 {
1947 u_char *end;
1948 struct capability_mp_data mpc;
1949 struct capability_header *hdr;
1950 u_char action;
1951 iana_afi_t pkt_afi;
1952 afi_t afi;
1953 safi_t pkt_safi, safi;
1954
1955 end = pnt + length;
1956
1957 while (pnt < end)
1958 {
1959 /* We need at least action, capability code and capability length. */
1960 if (pnt + 3 > end)
1961 {
1962 zlog_info ("%s Capability length error", peer->host);
1963 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1964 return -1;
1965 }
1966 action = *pnt;
1967 hdr = (struct capability_header *)(pnt + 1);
1968
1969 /* Action value check. */
1970 if (action != CAPABILITY_ACTION_SET
1971 && action != CAPABILITY_ACTION_UNSET)
1972 {
1973 zlog_info ("%s Capability Action Value error %d",
1974 peer->host, action);
1975 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1976 return -1;
1977 }
1978
1979 if (bgp_debug_neighbor_events(peer))
1980 zlog_debug ("%s CAPABILITY has action: %d, code: %u, length %u",
1981 peer->host, action, hdr->code, hdr->length);
1982
1983 /* Capability length check. */
1984 if ((pnt + hdr->length + 3) > end)
1985 {
1986 zlog_info ("%s Capability length error", peer->host);
1987 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1988 return -1;
1989 }
1990
1991 /* Fetch structure to the byte stream. */
1992 memcpy (&mpc, pnt + 3, sizeof (struct capability_mp_data));
1993
1994 /* We know MP Capability Code. */
1995 if (hdr->code == CAPABILITY_CODE_MP)
1996 {
1997 pkt_afi = ntohs (mpc.afi);
1998 pkt_safi = mpc.safi;
1999
2000 /* Ignore capability when override-capability is set. */
2001 if (CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
2002 continue;
2003
2004 /* Convert AFI, SAFI to internal values. */
2005 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
2006 {
2007 if (bgp_debug_neighbor_events(peer))
2008 zlog_debug ("%s Dynamic Capability MP_EXT afi/safi invalid "
2009 "(%u/%u)", peer->host, pkt_afi, pkt_safi);
2010 continue;
2011 }
2012
2013 /* Address family check. */
2014 if (bgp_debug_neighbor_events(peer))
2015 zlog_debug ("%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2016 peer->host,
2017 action == CAPABILITY_ACTION_SET
2018 ? "Advertising" : "Removing",
2019 pkt_afi, pkt_safi);
2020
2021 if (action == CAPABILITY_ACTION_SET)
2022 {
2023 peer->afc_recv[afi][safi] = 1;
2024 if (peer->afc[afi][safi])
2025 {
2026 peer->afc_nego[afi][safi] = 1;
2027 bgp_announce_route (peer, afi, safi);
2028 }
2029 }
2030 else
2031 {
2032 peer->afc_recv[afi][safi] = 0;
2033 peer->afc_nego[afi][safi] = 0;
2034
2035 if (peer_active_nego (peer))
2036 bgp_clear_route (peer, afi, safi);
2037 else
2038 BGP_EVENT_ADD (peer, BGP_Stop);
2039 }
2040 }
2041 else
2042 {
2043 zlog_warn ("%s unrecognized capability code: %d - ignored",
2044 peer->host, hdr->code);
2045 }
2046 pnt += hdr->length + 3;
2047 }
2048 return 0;
2049 }
2050
2051 /* Dynamic Capability is received.
2052 *
2053 * This is exported for unit-test purposes
2054 */
2055 int
2056 bgp_capability_receive (struct peer *peer, bgp_size_t size)
2057 {
2058 u_char *pnt;
2059
2060 /* Fetch pointer. */
2061 pnt = stream_pnt (peer->ibuf);
2062
2063 if (bgp_debug_neighbor_events(peer))
2064 zlog_debug ("%s rcv CAPABILITY", peer->host);
2065
2066 /* If peer does not have the capability, send notification. */
2067 if (! CHECK_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV))
2068 {
2069 zlog_err ("%s [Error] BGP dynamic capability is not enabled",
2070 peer->host);
2071 bgp_notify_send (peer,
2072 BGP_NOTIFY_HEADER_ERR,
2073 BGP_NOTIFY_HEADER_BAD_MESTYPE);
2074 return -1;
2075 }
2076
2077 /* Status must be Established. */
2078 if (peer->status != Established)
2079 {
2080 zlog_err ("%s [Error] Dynamic capability packet received under status %s",
2081 peer->host, lookup_msg(bgp_status_msg, peer->status, NULL));
2082 bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
2083 return -1;
2084 }
2085
2086 /* Parse packet. */
2087 return bgp_capability_msg_parse (peer, pnt, size);
2088 }
2089
2090 /* BGP read utility function. */
2091 static int
2092 bgp_read_packet (struct peer *peer)
2093 {
2094 int nbytes;
2095 int readsize;
2096
2097 readsize = peer->packet_size - stream_get_endp (peer->ibuf);
2098
2099 /* If size is zero then return. */
2100 if (! readsize)
2101 return 0;
2102
2103 /* Read packet from fd. */
2104 nbytes = stream_read_try (peer->ibuf, peer->fd, readsize);
2105
2106 /* If read byte is smaller than zero then error occured. */
2107 if (nbytes < 0)
2108 {
2109 /* Transient error should retry */
2110 if (nbytes == -2)
2111 return -1;
2112
2113 zlog_err ("%s [Error] bgp_read_packet error: %s",
2114 peer->host, safe_strerror (errno));
2115
2116 if (peer->status == Established)
2117 {
2118 if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
2119 {
2120 peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
2121 SET_FLAG (peer->sflags, PEER_STATUS_NSF_WAIT);
2122 }
2123 else
2124 peer->last_reset = PEER_DOWN_CLOSE_SESSION;
2125 }
2126
2127 BGP_EVENT_ADD (peer, TCP_fatal_error);
2128 return -1;
2129 }
2130
2131 /* When read byte is zero : clear bgp peer and return */
2132 if (nbytes == 0)
2133 {
2134 if (bgp_debug_neighbor_events(peer))
2135 zlog_debug ("%s [Event] BGP connection closed fd %d",
2136 peer->host, peer->fd);
2137
2138 if (peer->status == Established)
2139 {
2140 if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
2141 {
2142 peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
2143 SET_FLAG (peer->sflags, PEER_STATUS_NSF_WAIT);
2144 }
2145 else
2146 peer->last_reset = PEER_DOWN_CLOSE_SESSION;
2147 }
2148
2149 BGP_EVENT_ADD (peer, TCP_connection_closed);
2150 return -1;
2151 }
2152
2153 /* We read partial packet. */
2154 if (stream_get_endp (peer->ibuf) != peer->packet_size)
2155 return -1;
2156
2157 return 0;
2158 }
2159
2160 /* Marker check. */
2161 static int
2162 bgp_marker_all_one (struct stream *s, int length)
2163 {
2164 int i;
2165
2166 for (i = 0; i < length; i++)
2167 if (s->data[i] != 0xff)
2168 return 0;
2169
2170 return 1;
2171 }
2172
2173 /* Starting point of packet process function. */
2174 int
2175 bgp_read (struct thread *thread)
2176 {
2177 int ret;
2178 u_char type = 0;
2179 struct peer *peer;
2180 bgp_size_t size;
2181 char notify_data_length[2];
2182 u_int32_t notify_out;
2183
2184 /* Yes first of all get peer pointer. */
2185 peer = THREAD_ARG (thread);
2186 peer->t_read = NULL;
2187
2188 /* Note notify_out so we can check later to see if we sent another one */
2189 notify_out = peer->notify_out;
2190
2191 /* For non-blocking IO check. */
2192 if (peer->status == Connect)
2193 {
2194 bgp_connect_check (peer, 1);
2195 goto done;
2196 }
2197 else
2198 {
2199 if (peer->fd < 0)
2200 {
2201 zlog_err ("bgp_read peer's fd is negative value %d", peer->fd);
2202 return -1;
2203 }
2204 BGP_READ_ON (peer->t_read, bgp_read, peer->fd);
2205 }
2206
2207 /* Read packet header to determine type of the packet */
2208 if (peer->packet_size == 0)
2209 peer->packet_size = BGP_HEADER_SIZE;
2210
2211 if (stream_get_endp (peer->ibuf) < BGP_HEADER_SIZE)
2212 {
2213 ret = bgp_read_packet (peer);
2214
2215 /* Header read error or partial read packet. */
2216 if (ret < 0)
2217 goto done;
2218
2219 /* Get size and type. */
2220 stream_forward_getp (peer->ibuf, BGP_MARKER_SIZE);
2221 memcpy (notify_data_length, stream_pnt (peer->ibuf), 2);
2222 size = stream_getw (peer->ibuf);
2223 type = stream_getc (peer->ibuf);
2224
2225 /* Marker check */
2226 if (((type == BGP_MSG_OPEN) || (type == BGP_MSG_KEEPALIVE))
2227 && ! bgp_marker_all_one (peer->ibuf, BGP_MARKER_SIZE))
2228 {
2229 bgp_notify_send (peer,
2230 BGP_NOTIFY_HEADER_ERR,
2231 BGP_NOTIFY_HEADER_NOT_SYNC);
2232 goto done;
2233 }
2234
2235 /* BGP type check. */
2236 if (type != BGP_MSG_OPEN && type != BGP_MSG_UPDATE
2237 && type != BGP_MSG_NOTIFY && type != BGP_MSG_KEEPALIVE
2238 && type != BGP_MSG_ROUTE_REFRESH_NEW
2239 && type != BGP_MSG_ROUTE_REFRESH_OLD
2240 && type != BGP_MSG_CAPABILITY)
2241 {
2242 if (bgp_debug_neighbor_events(peer))
2243 zlog_debug ("%s unknown message type 0x%02x",
2244 peer->host, type);
2245 bgp_notify_send_with_data (peer,
2246 BGP_NOTIFY_HEADER_ERR,
2247 BGP_NOTIFY_HEADER_BAD_MESTYPE,
2248 &type, 1);
2249 goto done;
2250 }
2251 /* Mimimum packet length check. */
2252 if ((size < BGP_HEADER_SIZE)
2253 || (size > BGP_MAX_PACKET_SIZE)
2254 || (type == BGP_MSG_OPEN && size < BGP_MSG_OPEN_MIN_SIZE)
2255 || (type == BGP_MSG_UPDATE && size < BGP_MSG_UPDATE_MIN_SIZE)
2256 || (type == BGP_MSG_NOTIFY && size < BGP_MSG_NOTIFY_MIN_SIZE)
2257 || (type == BGP_MSG_KEEPALIVE && size != BGP_MSG_KEEPALIVE_MIN_SIZE)
2258 || (type == BGP_MSG_ROUTE_REFRESH_NEW && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE)
2259 || (type == BGP_MSG_ROUTE_REFRESH_OLD && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE)
2260 || (type == BGP_MSG_CAPABILITY && size < BGP_MSG_CAPABILITY_MIN_SIZE))
2261 {
2262 if (bgp_debug_neighbor_events(peer))
2263 zlog_debug ("%s bad message length - %d for %s",
2264 peer->host, size,
2265 type == 128 ? "ROUTE-REFRESH" :
2266 bgp_type_str[(int) type]);
2267 bgp_notify_send_with_data (peer,
2268 BGP_NOTIFY_HEADER_ERR,
2269 BGP_NOTIFY_HEADER_BAD_MESLEN,
2270 (u_char *) notify_data_length, 2);
2271 goto done;
2272 }
2273
2274 /* Adjust size to message length. */
2275 peer->packet_size = size;
2276 }
2277
2278 ret = bgp_read_packet (peer);
2279 if (ret < 0)
2280 goto done;
2281
2282 /* Get size and type again. */
2283 (void)stream_getw_from (peer->ibuf, BGP_MARKER_SIZE);
2284 type = stream_getc_from (peer->ibuf, BGP_MARKER_SIZE + 2);
2285
2286 /* BGP packet dump function. */
2287 bgp_dump_packet (peer, type, peer->ibuf);
2288
2289 size = (peer->packet_size - BGP_HEADER_SIZE);
2290
2291 /* Read rest of the packet and call each sort of packet routine */
2292 switch (type)
2293 {
2294 case BGP_MSG_OPEN:
2295 peer->open_in++;
2296 bgp_open_receive (peer, size); /* XXX return value ignored! */
2297 break;
2298 case BGP_MSG_UPDATE:
2299 peer->readtime = monotime (NULL);
2300 bgp_update_receive (peer, size);
2301 break;
2302 case BGP_MSG_NOTIFY:
2303 bgp_notify_receive (peer, size);
2304 break;
2305 case BGP_MSG_KEEPALIVE:
2306 peer->readtime = monotime (NULL);
2307 bgp_keepalive_receive (peer, size);
2308 break;
2309 case BGP_MSG_ROUTE_REFRESH_NEW:
2310 case BGP_MSG_ROUTE_REFRESH_OLD:
2311 peer->refresh_in++;
2312 bgp_route_refresh_receive (peer, size);
2313 break;
2314 case BGP_MSG_CAPABILITY:
2315 peer->dynamic_cap_in++;
2316 bgp_capability_receive (peer, size);
2317 break;
2318 }
2319
2320 /* If reading this packet caused us to send a NOTIFICATION then store a copy
2321 * of the packet for troubleshooting purposes
2322 */
2323 if (notify_out < peer->notify_out)
2324 {
2325 memcpy(peer->last_reset_cause, peer->ibuf->data, peer->packet_size);
2326 peer->last_reset_cause_size = peer->packet_size;
2327 notify_out = peer->notify_out;
2328 }
2329
2330 /* Clear input buffer. */
2331 peer->packet_size = 0;
2332 if (peer->ibuf)
2333 stream_reset (peer->ibuf);
2334
2335 done:
2336 /* If reading this packet caused us to send a NOTIFICATION then store a copy
2337 * of the packet for troubleshooting purposes
2338 */
2339 if (notify_out < peer->notify_out)
2340 {
2341 memcpy(peer->last_reset_cause, peer->ibuf->data, peer->packet_size);
2342 peer->last_reset_cause_size = peer->packet_size;
2343 }
2344
2345 return 0;
2346 }
FRRouting mirror