]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bgpd: Replace bgp_flag_* to [UN]SET/CHECK_FLAG macros
[mirror_frr.git] / bgpd / bgp_packet.c
1 /* BGP packet management routine.
2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
22
23 #include <zebra.h>
24 #include <sys/time.h>
25
26 #include "thread.h"
27 #include "stream.h"
28 #include "network.h"
29 #include "prefix.h"
30 #include "command.h"
31 #include "log.h"
32 #include "memory.h"
33 #include "sockunion.h" /* for inet_ntop () */
34 #include "sockopt.h"
35 #include "linklist.h"
36 #include "plist.h"
37 #include "queue.h"
38 #include "filter.h"
39 #include "lib_errors.h"
40
41 #include "bgpd/bgpd.h"
42 #include "bgpd/bgp_table.h"
43 #include "bgpd/bgp_dump.h"
44 #include "bgpd/bgp_bmp.h"
45 #include "bgpd/bgp_attr.h"
46 #include "bgpd/bgp_debug.h"
47 #include "bgpd/bgp_errors.h"
48 #include "bgpd/bgp_fsm.h"
49 #include "bgpd/bgp_route.h"
50 #include "bgpd/bgp_packet.h"
51 #include "bgpd/bgp_open.h"
52 #include "bgpd/bgp_aspath.h"
53 #include "bgpd/bgp_community.h"
54 #include "bgpd/bgp_ecommunity.h"
55 #include "bgpd/bgp_lcommunity.h"
56 #include "bgpd/bgp_network.h"
57 #include "bgpd/bgp_mplsvpn.h"
58 #include "bgpd/bgp_evpn.h"
59 #include "bgpd/bgp_advertise.h"
60 #include "bgpd/bgp_vty.h"
61 #include "bgpd/bgp_updgrp.h"
62 #include "bgpd/bgp_label.h"
63 #include "bgpd/bgp_io.h"
64 #include "bgpd/bgp_keepalives.h"
65 #include "bgpd/bgp_flowspec.h"
66
67 DEFINE_HOOK(bgp_packet_dump,
68 (struct peer *peer, uint8_t type, bgp_size_t size,
69 struct stream *s),
70 (peer, type, size, s))
71
72 DEFINE_HOOK(bgp_packet_send,
73 (struct peer *peer, uint8_t type, bgp_size_t size,
74 struct stream *s),
75 (peer, type, size, s))
76
77 /**
78 * Sets marker and type fields for a BGP message.
79 *
80 * @param s the stream containing the packet
81 * @param type the packet type
82 * @return the size of the stream
83 */
84 int bgp_packet_set_marker(struct stream *s, uint8_t type)
85 {
86 int i;
87
88 /* Fill in marker. */
89 for (i = 0; i < BGP_MARKER_SIZE; i++)
90 stream_putc(s, 0xff);
91
92 /* Dummy total length. This field is should be filled in later on. */
93 stream_putw(s, 0);
94
95 /* BGP packet type. */
96 stream_putc(s, type);
97
98 /* Return current stream size. */
99 return stream_get_endp(s);
100 }
101
102 /**
103 * Sets size field for a BGP message.
104 *
105 * Size field is set to the size of the stream passed.
106 *
107 * @param s the stream containing the packet
108 * @return the size of the stream
109 */
110 int bgp_packet_set_size(struct stream *s)
111 {
112 int cp;
113
114 /* Preserve current pointer. */
115 cp = stream_get_endp(s);
116 stream_putw_at(s, BGP_MARKER_SIZE, cp);
117
118 return cp;
119 }
120
121 /*
122 * Push a packet onto the beginning of the peer's output queue.
123 * This function acquires the peer's write mutex before proceeding.
124 */
125 static void bgp_packet_add(struct peer *peer, struct stream *s)
126 {
127 frr_with_mutex(&peer->io_mtx) {
128 stream_fifo_push(peer->obuf, s);
129 }
130 }
131
132 static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
133 safi_t safi)
134 {
135 struct stream *s;
136 iana_afi_t pkt_afi;
137 iana_safi_t pkt_safi;
138
139 if (DISABLE_BGP_ANNOUNCE)
140 return NULL;
141
142 if (bgp_debug_neighbor_events(peer))
143 zlog_debug("send End-of-RIB for %s to %s",
144 get_afi_safi_str(afi, safi, false), peer->host);
145
146 s = stream_new(BGP_MAX_PACKET_SIZE);
147
148 /* Make BGP update packet. */
149 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
150
151 /* Unfeasible Routes Length */
152 stream_putw(s, 0);
153
154 if (afi == AFI_IP && safi == SAFI_UNICAST) {
155 /* Total Path Attribute Length */
156 stream_putw(s, 0);
157 } else {
158 /* Convert AFI, SAFI to values for packet. */
159 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
160
161 /* Total Path Attribute Length */
162 stream_putw(s, 6);
163 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
164 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
165 stream_putc(s, 3);
166 stream_putw(s, pkt_afi);
167 stream_putc(s, pkt_safi);
168 }
169
170 bgp_packet_set_size(s);
171 return s;
172 }
173
174 /* Called when there is a change in the EOR(implicit or explicit) status of a
175 * peer. Ends the update-delay if all expected peers are done with EORs. */
176 void bgp_check_update_delay(struct bgp *bgp)
177 {
178 struct listnode *node, *nnode;
179 struct peer *peer = NULL;
180
181 if (bgp_debug_neighbor_events(peer))
182 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
183 bgp->established, bgp->restarted_peers,
184 bgp->implicit_eors, bgp->explicit_eors);
185
186 if (bgp->established
187 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
188 /*
189 * This is an extra sanity check to make sure we wait for all
190 * the eligible configured peers. This check is performed if
191 * establish wait timer is on, or establish wait option is not
192 * given with the update-delay command
193 */
194 if (bgp->t_establish_wait
195 || (bgp->v_establish_wait == bgp->v_update_delay))
196 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
197 if (CHECK_FLAG(peer->flags,
198 PEER_FLAG_CONFIG_NODE)
199 && !CHECK_FLAG(peer->flags,
200 PEER_FLAG_SHUTDOWN)
201 && !peer->update_delay_over) {
202 if (bgp_debug_neighbor_events(peer))
203 zlog_debug(
204 " Peer %s pending, continuing read-only mode",
205 peer->host);
206 return;
207 }
208 }
209
210 zlog_info(
211 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
212 bgp->restarted_peers, bgp->implicit_eors,
213 bgp->explicit_eors);
214 bgp_update_delay_end(bgp);
215 }
216 }
217
218 /*
219 * Called if peer is known to have restarted. The restart-state bit in
220 * Graceful-Restart capability is used for that
221 */
222 void bgp_update_restarted_peers(struct peer *peer)
223 {
224 if (!bgp_update_delay_active(peer->bgp))
225 return; /* BGP update delay has ended */
226 if (peer->update_delay_over)
227 return; /* This peer has already been considered */
228
229 if (bgp_debug_neighbor_events(peer))
230 zlog_debug("Peer %s: Checking restarted", peer->host);
231
232 if (peer->status == Established) {
233 peer->update_delay_over = 1;
234 peer->bgp->restarted_peers++;
235 bgp_check_update_delay(peer->bgp);
236 }
237 }
238
239 /*
240 * Called as peer receives a keep-alive. Determines if this occurence can be
241 * taken as an implicit EOR for this peer.
242 * NOTE: The very first keep-alive after the Established state of a peer is
243 * considered implicit EOR for the update-delay purposes
244 */
245 void bgp_update_implicit_eors(struct peer *peer)
246 {
247 if (!bgp_update_delay_active(peer->bgp))
248 return; /* BGP update delay has ended */
249 if (peer->update_delay_over)
250 return; /* This peer has already been considered */
251
252 if (bgp_debug_neighbor_events(peer))
253 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
254
255 if (peer->status == Established) {
256 peer->update_delay_over = 1;
257 peer->bgp->implicit_eors++;
258 bgp_check_update_delay(peer->bgp);
259 }
260 }
261
262 /*
263 * Should be called only when there is a change in the EOR_RECEIVED status
264 * for any afi/safi on a peer.
265 */
266 static void bgp_update_explicit_eors(struct peer *peer)
267 {
268 afi_t afi;
269 safi_t safi;
270
271 if (!bgp_update_delay_active(peer->bgp))
272 return; /* BGP update delay has ended */
273 if (peer->update_delay_over)
274 return; /* This peer has already been considered */
275
276 if (bgp_debug_neighbor_events(peer))
277 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
278
279 for (afi = AFI_IP; afi < AFI_MAX; afi++)
280 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
281 if (peer->afc_nego[afi][safi]
282 && !CHECK_FLAG(peer->af_sflags[afi][safi],
283 PEER_STATUS_EOR_RECEIVED)) {
284 if (bgp_debug_neighbor_events(peer))
285 zlog_debug(
286 " afi %d safi %d didn't receive EOR",
287 afi, safi);
288 return;
289 }
290 }
291
292 peer->update_delay_over = 1;
293 peer->bgp->explicit_eors++;
294 bgp_check_update_delay(peer->bgp);
295 }
296
297 /**
298 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
299 *
300 * mp_withdraw, if set, is used to nullify attr structure on most of the
301 * calling safi function and for evpn, passed as parameter
302 */
303 int bgp_nlri_parse(struct peer *peer, struct attr *attr,
304 struct bgp_nlri *packet, int mp_withdraw)
305 {
306 switch (packet->safi) {
307 case SAFI_UNICAST:
308 case SAFI_MULTICAST:
309 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
310 packet);
311 case SAFI_LABELED_UNICAST:
312 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
313 packet);
314 case SAFI_MPLS_VPN:
315 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
316 packet);
317 case SAFI_EVPN:
318 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
319 case SAFI_FLOWSPEC:
320 return bgp_nlri_parse_flowspec(peer, attr, packet, mp_withdraw);
321 }
322 return BGP_NLRI_PARSE_ERROR;
323 }
324
325 /*
326 * Checks a variety of conditions to determine whether the peer needs to be
327 * rescheduled for packet generation again, and does so if necessary.
328 *
329 * @param peer to check for rescheduling
330 */
331 static void bgp_write_proceed_actions(struct peer *peer)
332 {
333 afi_t afi;
334 safi_t safi;
335 struct peer_af *paf;
336 struct bpacket *next_pkt;
337 struct update_subgroup *subgrp;
338
339 FOREACH_AFI_SAFI (afi, safi) {
340 paf = peer_af_find(peer, afi, safi);
341 if (!paf)
342 continue;
343 subgrp = paf->subgroup;
344 if (!subgrp)
345 continue;
346
347 next_pkt = paf->next_pkt_to_send;
348 if (next_pkt && next_pkt->buffer) {
349 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
350 bgp_generate_updgrp_packets, 0);
351 return;
352 }
353
354 /* No packets readily available for AFI/SAFI, are there
355 * subgroup packets
356 * that need to be generated? */
357 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
358 SUBGRP_PKTQ(subgrp))
359 || subgroup_packets_to_build(subgrp)) {
360 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
361 bgp_generate_updgrp_packets, 0);
362 return;
363 }
364
365 /* No packets to send, see if EOR is pending */
366 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
367 if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
368 && peer->synctime
369 && !CHECK_FLAG(peer->af_sflags[afi][safi],
370 PEER_STATUS_EOR_SEND)
371 && safi != SAFI_MPLS_VPN) {
372 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
373 bgp_generate_updgrp_packets, 0);
374 return;
375 }
376 }
377 }
378 }
379
380 /*
381 * Generate advertisement information (withdraws, updates, EOR) from each
382 * update group a peer belongs to, encode this information into packets, and
383 * enqueue the packets onto the peer's output buffer.
384 */
385 int bgp_generate_updgrp_packets(struct thread *thread)
386 {
387 struct peer *peer = THREAD_ARG(thread);
388
389 struct stream *s;
390 struct peer_af *paf;
391 struct bpacket *next_pkt;
392 uint32_t wpq;
393 uint32_t generated = 0;
394 afi_t afi;
395 safi_t safi;
396
397 wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
398 memory_order_relaxed);
399
400 /*
401 * The code beyond this part deals with update packets, proceed only
402 * if peer is Established and updates are not on hold (as part of
403 * update-delay post processing).
404 */
405 if (peer->status != Established)
406 return 0;
407
408 if (peer->bgp->main_peers_update_hold)
409 return 0;
410
411 do {
412 s = NULL;
413 FOREACH_AFI_SAFI (afi, safi) {
414 paf = peer_af_find(peer, afi, safi);
415 if (!paf || !PAF_SUBGRP(paf))
416 continue;
417 next_pkt = paf->next_pkt_to_send;
418
419 /*
420 * Try to generate a packet for the peer if we are at
421 * the end of the list. Always try to push out
422 * WITHDRAWs first.
423 */
424 if (!next_pkt || !next_pkt->buffer) {
425 next_pkt = subgroup_withdraw_packet(
426 PAF_SUBGRP(paf));
427 if (!next_pkt || !next_pkt->buffer)
428 subgroup_update_packet(PAF_SUBGRP(paf));
429 next_pkt = paf->next_pkt_to_send;
430 }
431
432 /*
433 * If we still don't have a packet to send to the peer,
434 * then try to find out out if we have to send eor or
435 * if not, skip to the next AFI, SAFI. Don't send the
436 * EOR prematurely; if the subgroup's coalesce timer is
437 * running, the adjacency-out structure is not created
438 * yet.
439 */
440 if (!next_pkt || !next_pkt->buffer) {
441 if (CHECK_FLAG(peer->cap,
442 PEER_CAP_RESTART_RCV)) {
443 if (!(PAF_SUBGRP(paf))->t_coalesce
444 && peer->afc_nego[afi][safi]
445 && peer->synctime
446 && !CHECK_FLAG(
447 peer->af_sflags[afi][safi],
448 PEER_STATUS_EOR_SEND)) {
449 /* If EOR is disabled,
450 * the message is not sent
451 */
452 if (BGP_SEND_EOR(peer->bgp, afi,
453 safi)) {
454 SET_FLAG(
455 peer->af_sflags
456 [afi]
457 [safi],
458 PEER_STATUS_EOR_SEND);
459
460 /* Update EOR
461 * send time
462 */
463 peer->eor_stime[afi]
464 [safi] =
465 monotime(NULL);
466
467 BGP_UPDATE_EOR_PKT(
468 peer, afi, safi,
469 s);
470 }
471 }
472 }
473 continue;
474 }
475
476 /* Update packet send time */
477 peer->pkt_stime[afi][safi] = monotime(NULL);
478
479 /* Found a packet template to send, overwrite
480 * packet with appropriate attributes from peer
481 * and advance peer */
482 s = bpacket_reformat_for_peer(next_pkt, paf);
483 bgp_packet_add(peer, s);
484 bpacket_queue_advance_peer(paf);
485 }
486 } while (s && (++generated < wpq));
487
488 if (generated)
489 bgp_writes_on(peer);
490
491 bgp_write_proceed_actions(peer);
492
493 return 0;
494 }
495
496 /*
497 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
498 */
499 void bgp_keepalive_send(struct peer *peer)
500 {
501 struct stream *s;
502
503 s = stream_new(BGP_MAX_PACKET_SIZE);
504
505 /* Make keepalive packet. */
506 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
507
508 /* Set packet size. */
509 (void)bgp_packet_set_size(s);
510
511 /* Dump packet if debug option is set. */
512 /* bgp_packet_dump (s); */
513
514 if (bgp_debug_keepalive(peer))
515 zlog_debug("%s sending KEEPALIVE", peer->host);
516
517 /* Add packet to the peer. */
518 bgp_packet_add(peer, s);
519
520 bgp_writes_on(peer);
521 }
522
523 /*
524 * Creates a BGP Open packet and appends it to the peer's output queue.
525 * Sets capabilities as necessary.
526 */
527 void bgp_open_send(struct peer *peer)
528 {
529 struct stream *s;
530 uint16_t send_holdtime;
531 as_t local_as;
532
533 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
534 send_holdtime = peer->holdtime;
535 else
536 send_holdtime = peer->bgp->default_holdtime;
537
538 /* local-as Change */
539 if (peer->change_local_as)
540 local_as = peer->change_local_as;
541 else
542 local_as = peer->local_as;
543
544 s = stream_new(BGP_MAX_PACKET_SIZE);
545
546 /* Make open packet. */
547 bgp_packet_set_marker(s, BGP_MSG_OPEN);
548
549 /* Set open packet values. */
550 stream_putc(s, BGP_VERSION_4); /* BGP version */
551 stream_putw(s, (local_as <= BGP_AS_MAX) ? (uint16_t)local_as
552 : BGP_AS_TRANS);
553 stream_putw(s, send_holdtime); /* Hold Time */
554 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
555
556 /* Set capability code. */
557 bgp_open_capability(s, peer);
558
559 /* Set BGP packet length. */
560 (void)bgp_packet_set_size(s);
561
562 if (bgp_debug_neighbor_events(peer))
563 zlog_debug(
564 "%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
565 peer->host, BGP_VERSION_4, local_as, send_holdtime,
566 inet_ntoa(peer->local_id));
567
568 /* Dump packet if debug option is set. */
569 /* bgp_packet_dump (s); */
570 hook_call(bgp_packet_send, peer, BGP_MSG_OPEN, stream_get_endp(s), s);
571
572 /* Add packet to the peer. */
573 bgp_packet_add(peer, s);
574
575 bgp_writes_on(peer);
576 }
577
578 /*
579 * Writes NOTIFICATION message directly to a peer socket without waiting for
580 * the I/O thread.
581 *
582 * There must be exactly one stream on the peer->obuf FIFO, and the data within
583 * this stream must match the format of a BGP NOTIFICATION message.
584 * Transmission is best-effort.
585 *
586 * @requires peer->io_mtx
587 * @param peer
588 * @return 0
589 */
590 static int bgp_write_notify(struct peer *peer)
591 {
592 int ret, val;
593 uint8_t type;
594 struct stream *s;
595
596 /* There should be at least one packet. */
597 s = stream_fifo_pop(peer->obuf);
598
599 if (!s)
600 return 0;
601
602 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
603
604 /* Stop collecting data within the socket */
605 sockopt_cork(peer->fd, 0);
606
607 /*
608 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
609 * we only care about getting a clean shutdown at this point.
610 */
611 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
612
613 /*
614 * only connection reset/close gets counted as TCP_fatal_error, failure
615 * to write the entire NOTIFY doesn't get different FSM treatment
616 */
617 if (ret <= 0) {
618 stream_free(s);
619 BGP_EVENT_ADD(peer, TCP_fatal_error);
620 return 0;
621 }
622
623 /* Disable Nagle, make NOTIFY packet go out right away */
624 val = 1;
625 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
626 sizeof(val));
627
628 /* Retrieve BGP packet type. */
629 stream_set_getp(s, BGP_MARKER_SIZE + 2);
630 type = stream_getc(s);
631
632 assert(type == BGP_MSG_NOTIFY);
633
634 /* Type should be notify. */
635 atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
636 peer->notify_out++;
637
638 /* Double start timer. */
639 peer->v_start *= 2;
640
641 /* Overflow check. */
642 if (peer->v_start >= (60 * 2))
643 peer->v_start = (60 * 2);
644
645 /*
646 * Handle Graceful Restart case where the state changes to
647 * Connect instead of Idle
648 */
649 BGP_EVENT_ADD(peer, BGP_Stop);
650
651 stream_free(s);
652
653 return 0;
654 }
655
656 /*
657 * Creates a BGP Notify and appends it to the peer's output queue.
658 *
659 * This function attempts to write the packet from the thread it is called
660 * from, to ensure the packet gets out ASAP.
661 *
662 * This function may be called from multiple threads. Since the function
663 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
664 * call to prevent tampering from other threads.
665 *
666 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
667 * return, the peer structure *must* be reset; no assumptions about session
668 * state are valid.
669 *
670 * @param peer
671 * @param code BGP error code
672 * @param sub_code BGP error subcode
673 * @param data Data portion
674 * @param datalen length of data portion
675 */
676 void bgp_notify_send_with_data(struct peer *peer, uint8_t code,
677 uint8_t sub_code, uint8_t *data, size_t datalen)
678 {
679 struct stream *s;
680
681 /* Lock I/O mutex to prevent other threads from pushing packets */
682 frr_mutex_lock_autounlock(&peer->io_mtx);
683 /* ============================================== */
684
685 /* Allocate new stream. */
686 s = stream_new(BGP_MAX_PACKET_SIZE);
687
688 /* Make notify packet. */
689 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
690
691 /* Set notify packet values. */
692 stream_putc(s, code); /* BGP notify code */
693 stream_putc(s, sub_code); /* BGP notify sub_code */
694
695 /* If notify data is present. */
696 if (data)
697 stream_write(s, data, datalen);
698
699 /* Set BGP packet length. */
700 bgp_packet_set_size(s);
701
702 /* wipe output buffer */
703 stream_fifo_clean(peer->obuf);
704
705 /*
706 * If possible, store last packet for debugging purposes. This check is
707 * in place because we are sometimes called with a doppelganger peer,
708 * who tends to have a plethora of fields nulled out.
709 */
710 if (peer->curr) {
711 size_t packetsize = stream_get_endp(peer->curr);
712 assert(packetsize <= sizeof(peer->last_reset_cause));
713 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
714 peer->last_reset_cause_size = packetsize;
715 }
716
717 /* For debug */
718 {
719 struct bgp_notify bgp_notify;
720 int first = 0;
721 int i;
722 char c[4];
723
724 bgp_notify.code = code;
725 bgp_notify.subcode = sub_code;
726 bgp_notify.data = NULL;
727 bgp_notify.length = datalen;
728 bgp_notify.raw_data = data;
729
730 peer->notify.code = bgp_notify.code;
731 peer->notify.subcode = bgp_notify.subcode;
732
733 if (bgp_notify.length && data) {
734 bgp_notify.data =
735 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
736 for (i = 0; i < bgp_notify.length; i++)
737 if (first) {
738 snprintf(c, sizeof(c), " %02x",
739 data[i]);
740
741 strlcat(bgp_notify.data, c,
742 bgp_notify.length);
743
744 } else {
745 first = 1;
746 snprintf(c, sizeof(c), "%02x", data[i]);
747
748 strlcpy(bgp_notify.data, c,
749 bgp_notify.length);
750 }
751 }
752 bgp_notify_print(peer, &bgp_notify, "sending");
753
754 if (bgp_notify.data) {
755 XFREE(MTYPE_TMP, bgp_notify.data);
756 bgp_notify.length = 0;
757 }
758 }
759
760 /* peer reset cause */
761 if (code == BGP_NOTIFY_CEASE) {
762 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
763 peer->last_reset = PEER_DOWN_USER_RESET;
764 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
765 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
766 else
767 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
768 } else
769 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
770
771 /* Add packet to peer's output queue */
772 stream_fifo_push(peer->obuf, s);
773
774 bgp_peer_gr_flags_update(peer);
775 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
776 peer->bgp->peer);
777
778 bgp_write_notify(peer);
779 }
780
781 /*
782 * Creates a BGP Notify and appends it to the peer's output queue.
783 *
784 * This function attempts to write the packet from the thread it is called
785 * from, to ensure the packet gets out ASAP.
786 *
787 * @param peer
788 * @param code BGP error code
789 * @param sub_code BGP error subcode
790 */
791 void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code)
792 {
793 bgp_notify_send_with_data(peer, code, sub_code, NULL, 0);
794 }
795
796 /*
797 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
798 *
799 * @param peer
800 * @param afi Address Family Identifier
801 * @param safi Subsequent Address Family Identifier
802 * @param orf_type Outbound Route Filtering type
803 * @param when_to_refresh Whether to refresh immediately or defer
804 * @param remove Whether to remove ORF for specified AFI/SAFI
805 */
806 void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
807 uint8_t orf_type, uint8_t when_to_refresh,
808 int remove)
809 {
810 struct stream *s;
811 struct bgp_filter *filter;
812 int orf_refresh = 0;
813 iana_afi_t pkt_afi;
814 iana_safi_t pkt_safi;
815
816 if (DISABLE_BGP_ANNOUNCE)
817 return;
818
819 filter = &peer->filter[afi][safi];
820
821 /* Convert AFI, SAFI to values for packet. */
822 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
823
824 s = stream_new(BGP_MAX_PACKET_SIZE);
825
826 /* Make BGP update packet. */
827 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
828 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
829 else
830 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
831
832 /* Encode Route Refresh message. */
833 stream_putw(s, pkt_afi);
834 stream_putc(s, 0);
835 stream_putc(s, pkt_safi);
836
837 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
838 if (remove || filter->plist[FILTER_IN].plist) {
839 uint16_t orf_len;
840 unsigned long orfp;
841
842 orf_refresh = 1;
843 stream_putc(s, when_to_refresh);
844 stream_putc(s, orf_type);
845 orfp = stream_get_endp(s);
846 stream_putw(s, 0);
847
848 if (remove) {
849 UNSET_FLAG(peer->af_sflags[afi][safi],
850 PEER_STATUS_ORF_PREFIX_SEND);
851 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
852 if (bgp_debug_neighbor_events(peer))
853 zlog_debug(
854 "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
855 peer->host, orf_type,
856 (when_to_refresh == REFRESH_DEFER
857 ? "defer"
858 : "immediate"),
859 iana_afi2str(pkt_afi),
860 iana_safi2str(pkt_safi));
861 } else {
862 SET_FLAG(peer->af_sflags[afi][safi],
863 PEER_STATUS_ORF_PREFIX_SEND);
864 prefix_bgp_orf_entry(
865 s, filter->plist[FILTER_IN].plist,
866 ORF_COMMON_PART_ADD,
867 ORF_COMMON_PART_PERMIT,
868 ORF_COMMON_PART_DENY);
869 if (bgp_debug_neighbor_events(peer))
870 zlog_debug(
871 "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
872 peer->host, orf_type,
873 (when_to_refresh == REFRESH_DEFER
874 ? "defer"
875 : "immediate"),
876 iana_afi2str(pkt_afi),
877 iana_safi2str(pkt_safi));
878 }
879
880 /* Total ORF Entry Len. */
881 orf_len = stream_get_endp(s) - orfp - 2;
882 stream_putw_at(s, orfp, orf_len);
883 }
884
885 /* Set packet size. */
886 (void)bgp_packet_set_size(s);
887
888 if (bgp_debug_neighbor_events(peer)) {
889 if (!orf_refresh)
890 zlog_debug("%s sending REFRESH_REQ for afi/safi: %s/%s",
891 peer->host, iana_afi2str(pkt_afi),
892 iana_safi2str(pkt_safi));
893 }
894
895 /* Add packet to the peer. */
896 bgp_packet_add(peer, s);
897
898 bgp_writes_on(peer);
899 }
900
901 /*
902 * Create a BGP Capability packet and append it to the peer's output queue.
903 *
904 * @param peer
905 * @param afi Address Family Identifier
906 * @param safi Subsequent Address Family Identifier
907 * @param capability_code BGP Capability Code
908 * @param action Set or Remove capability
909 */
910 void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
911 int capability_code, int action)
912 {
913 struct stream *s;
914 iana_afi_t pkt_afi;
915 iana_safi_t pkt_safi;
916
917 /* Convert AFI, SAFI to values for packet. */
918 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
919
920 s = stream_new(BGP_MAX_PACKET_SIZE);
921
922 /* Make BGP update packet. */
923 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
924
925 /* Encode MP_EXT capability. */
926 if (capability_code == CAPABILITY_CODE_MP) {
927 stream_putc(s, action);
928 stream_putc(s, CAPABILITY_CODE_MP);
929 stream_putc(s, CAPABILITY_CODE_MP_LEN);
930 stream_putw(s, pkt_afi);
931 stream_putc(s, 0);
932 stream_putc(s, pkt_safi);
933
934 if (bgp_debug_neighbor_events(peer))
935 zlog_debug(
936 "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
937 peer->host,
938 action == CAPABILITY_ACTION_SET ? "Advertising"
939 : "Removing",
940 iana_afi2str(pkt_afi), iana_safi2str(pkt_safi));
941 }
942
943 /* Set packet size. */
944 (void)bgp_packet_set_size(s);
945
946 /* Add packet to the peer. */
947 bgp_packet_add(peer, s);
948
949 bgp_writes_on(peer);
950 }
951
952 /* RFC1771 6.8 Connection collision detection. */
953 static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
954 {
955 struct peer *peer;
956
957 /* Upon receipt of an OPEN message, the local system must examine
958 all of its connections that are in the OpenConfirm state. A BGP
959 speaker may also examine connections in an OpenSent state if it
960 knows the BGP Identifier of the peer by means outside of the
961 protocol. If among these connections there is a connection to a
962 remote BGP speaker whose BGP Identifier equals the one in the
963 OPEN message, then the local system performs the following
964 collision resolution procedure: */
965
966 if ((peer = new->doppelganger) != NULL) {
967 /* Do not accept the new connection in Established or Clearing
968 * states.
969 * Note that a peer GR is handled by closing the existing
970 * connection
971 * upon receipt of new one.
972 */
973 if (peer->status == Established || peer->status == Clearing) {
974 bgp_notify_send(new, BGP_NOTIFY_CEASE,
975 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
976 return (-1);
977 } else if ((peer->status == OpenConfirm)
978 || (peer->status == OpenSent)) {
979 /* 1. The BGP Identifier of the local system is compared
980 to
981 the BGP Identifier of the remote system (as specified
982 in
983 the OPEN message). */
984
985 if (ntohl(peer->local_id.s_addr)
986 < ntohl(remote_id.s_addr))
987 if (!CHECK_FLAG(peer->sflags,
988 PEER_STATUS_ACCEPT_PEER)) {
989 /* 2. If the value of the local BGP
990 Identifier is less
991 than the remote one, the local system
992 closes BGP
993 connection that already exists (the
994 one that is
995 already in the OpenConfirm state),
996 and accepts BGP
997 connection initiated by the remote
998 system. */
999 bgp_notify_send(
1000 peer, BGP_NOTIFY_CEASE,
1001 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1002 return 1;
1003 } else {
1004 bgp_notify_send(
1005 new, BGP_NOTIFY_CEASE,
1006 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1007 return -1;
1008 }
1009 else {
1010 /* 3. Otherwise, the local system closes newly
1011 created
1012 BGP connection (the one associated with the
1013 newly
1014 received OPEN message), and continues to use
1015 the
1016 existing one (the one that is already in the
1017 OpenConfirm state). */
1018 if (CHECK_FLAG(peer->sflags,
1019 PEER_STATUS_ACCEPT_PEER)) {
1020 bgp_notify_send(
1021 peer, BGP_NOTIFY_CEASE,
1022 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1023 return 1;
1024 } else {
1025 bgp_notify_send(
1026 new, BGP_NOTIFY_CEASE,
1027 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1028 return -1;
1029 }
1030 }
1031 }
1032 }
1033 return 0;
1034 }
1035
1036 /* Packet processing routines ---------------------------------------------- */
1037 /*
1038 * This is a family of functions designed to be called from
1039 * bgp_process_packet(). These functions all share similar behavior and should
1040 * adhere to the following invariants and restrictions:
1041 *
1042 * Return codes
1043 * ------------
1044 * The return code of any one of those functions should be one of the FSM event
1045 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1046 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1047 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1048 * error and Receive_OPEN_message otherwise.
1049 *
1050 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1051 * defined below.
1052 *
1053 * Side effects
1054 * ------------
1055 * - May send NOTIFY messages
1056 * - May not modify peer->status
1057 * - May not call bgp_event_update()
1058 */
1059
1060 #define BGP_PACKET_NOOP 0
1061
1062 /**
1063 * Process BGP OPEN message for peer.
1064 *
1065 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1066 * and returns BGP_Stop.
1067 *
1068 * @param peer
1069 * @param size size of the packet
1070 * @return as in summary
1071 */
1072 static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1073 {
1074 int ret;
1075 uint8_t version;
1076 uint8_t optlen;
1077 uint16_t holdtime;
1078 uint16_t send_holdtime;
1079 as_t remote_as;
1080 as_t as4 = 0, as4_be;
1081 struct in_addr remote_id;
1082 int mp_capability;
1083 uint8_t notify_data_remote_as[2];
1084 uint8_t notify_data_remote_as4[4];
1085 uint8_t notify_data_remote_id[4];
1086 uint16_t *holdtime_ptr;
1087
1088 /* Parse open packet. */
1089 version = stream_getc(peer->curr);
1090 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1091 remote_as = stream_getw(peer->curr);
1092 holdtime_ptr = (uint16_t *)stream_pnt(peer->curr);
1093 holdtime = stream_getw(peer->curr);
1094 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1095 remote_id.s_addr = stream_get_ipv4(peer->curr);
1096
1097 /* Receive OPEN message log */
1098 if (bgp_debug_neighbor_events(peer))
1099 zlog_debug(
1100 "%s rcv OPEN, version %d, remote-as (in open) %u,"
1101 " holdtime %d, id %s",
1102 peer->host, version, remote_as, holdtime,
1103 inet_ntoa(remote_id));
1104
1105 /* BEGIN to read the capability here, but dont do it yet */
1106 mp_capability = 0;
1107 optlen = stream_getc(peer->curr);
1108
1109 if (optlen != 0) {
1110 /* If not enough bytes, it is an error. */
1111 if (STREAM_READABLE(peer->curr) < optlen) {
1112 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1113 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1114 return BGP_Stop;
1115 }
1116
1117 /* We need the as4 capability value *right now* because
1118 * if it is there, we have not got the remote_as yet, and
1119 * without
1120 * that we do not know which peer is connecting to us now.
1121 */
1122 as4 = peek_for_as4_capability(peer, optlen);
1123 }
1124
1125 as4_be = htonl(as4);
1126 memcpy(notify_data_remote_as4, &as4_be, 4);
1127
1128 /* Just in case we have a silly peer who sends AS4 capability set to 0
1129 */
1130 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
1131 flog_err(EC_BGP_PKT_OPEN,
1132 "%s bad OPEN, got AS4 capability, but AS4 set to 0",
1133 peer->host);
1134 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1135 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1136 notify_data_remote_as4, 4);
1137 return BGP_Stop;
1138 }
1139
1140 if (remote_as == BGP_AS_TRANS) {
1141 /* Take the AS4 from the capability. We must have received the
1142 * capability now! Otherwise we have a asn16 peer who uses
1143 * BGP_AS_TRANS, for some unknown reason.
1144 */
1145 if (as4 == BGP_AS_TRANS) {
1146 flog_err(
1147 EC_BGP_PKT_OPEN,
1148 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1149 peer->host);
1150 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1151 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1152 notify_data_remote_as4, 4);
1153 return BGP_Stop;
1154 }
1155
1156 if (!as4 && BGP_DEBUG(as4, AS4))
1157 zlog_debug(
1158 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
1159 " Odd, but proceeding.",
1160 peer->host);
1161 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1162 zlog_debug(
1163 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
1164 "in 2-bytes, very odd peer.",
1165 peer->host, as4);
1166 if (as4)
1167 remote_as = as4;
1168 } else {
1169 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1170 */
1171 /* If we have got the capability, peer->as4cap must match
1172 * remote_as */
1173 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1174 && as4 != remote_as) {
1175 /* raise error, log this, close session */
1176 flog_err(
1177 EC_BGP_PKT_OPEN,
1178 "%s bad OPEN, got AS4 capability, but remote_as %u"
1179 " mismatch with 16bit 'myasn' %u in open",
1180 peer->host, as4, remote_as);
1181 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1182 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1183 notify_data_remote_as4, 4);
1184 return BGP_Stop;
1185 }
1186 }
1187
1188 /* remote router-id check. */
1189 if (remote_id.s_addr == INADDR_ANY
1190 || IPV4_CLASS_DE(ntohl(remote_id.s_addr))
1191 || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) {
1192 if (bgp_debug_neighbor_events(peer))
1193 zlog_debug("%s bad OPEN, wrong router identifier %s",
1194 peer->host, inet_ntoa(remote_id));
1195 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1196 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1197 notify_data_remote_id, 4);
1198 return BGP_Stop;
1199 }
1200
1201 /* Set remote router-id */
1202 peer->remote_id = remote_id;
1203
1204 /* Peer BGP version check. */
1205 if (version != BGP_VERSION_4) {
1206 uint16_t maxver = htons(BGP_VERSION_4);
1207 /* XXX this reply may not be correct if version < 4 XXX */
1208 if (bgp_debug_neighbor_events(peer))
1209 zlog_debug(
1210 "%s bad protocol version, remote requested %d, local request %d",
1211 peer->host, version, BGP_VERSION_4);
1212 /* Data must be in network byte order here */
1213 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1214 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1215 (uint8_t *)&maxver, 2);
1216 return BGP_Stop;
1217 }
1218
1219 /* Check neighbor as number. */
1220 if (peer->as_type == AS_UNSPECIFIED) {
1221 if (bgp_debug_neighbor_events(peer))
1222 zlog_debug(
1223 "%s bad OPEN, remote AS is unspecified currently",
1224 peer->host);
1225 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1226 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1227 notify_data_remote_as, 2);
1228 return BGP_Stop;
1229 } else if (peer->as_type == AS_INTERNAL) {
1230 if (remote_as != peer->bgp->as) {
1231 if (bgp_debug_neighbor_events(peer))
1232 zlog_debug(
1233 "%s bad OPEN, remote AS is %u, internal specified",
1234 peer->host, remote_as);
1235 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1236 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1237 notify_data_remote_as, 2);
1238 return BGP_Stop;
1239 }
1240 peer->as = peer->local_as;
1241 } else if (peer->as_type == AS_EXTERNAL) {
1242 if (remote_as == peer->bgp->as) {
1243 if (bgp_debug_neighbor_events(peer))
1244 zlog_debug(
1245 "%s bad OPEN, remote AS is %u, external specified",
1246 peer->host, remote_as);
1247 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1248 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1249 notify_data_remote_as, 2);
1250 return BGP_Stop;
1251 }
1252 peer->as = remote_as;
1253 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1254 if (bgp_debug_neighbor_events(peer))
1255 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1256 peer->host, remote_as, peer->as);
1257 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1258 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1259 notify_data_remote_as, 2);
1260 return BGP_Stop;
1261 }
1262
1263 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1264 calculate the value of the Hold Timer by using the smaller of its
1265 configured Hold Time and the Hold Time received in the OPEN message.
1266 The Hold Time MUST be either zero or at least three seconds. An
1267 implementation may reject connections on the basis of the Hold Time.
1268 */
1269
1270 if (holdtime < 3 && holdtime != 0) {
1271 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1272 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1273 (uint8_t *)holdtime_ptr, 2);
1274 return BGP_Stop;
1275 }
1276
1277 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1278 would be one third of the Hold Time interval. KEEPALIVE messages
1279 MUST NOT be sent more frequently than one per second. An
1280 implementation MAY adjust the rate at which it sends KEEPALIVE
1281 messages as a function of the Hold Time interval. */
1282
1283 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
1284 send_holdtime = peer->holdtime;
1285 else
1286 send_holdtime = peer->bgp->default_holdtime;
1287
1288 if (holdtime < send_holdtime)
1289 peer->v_holdtime = holdtime;
1290 else
1291 peer->v_holdtime = send_holdtime;
1292
1293 if ((CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
1294 && (peer->keepalive < peer->v_holdtime / 3))
1295 peer->v_keepalive = peer->keepalive;
1296 else
1297 peer->v_keepalive = peer->v_holdtime / 3;
1298
1299 /* Open option part parse. */
1300 if (optlen != 0) {
1301 if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability))
1302 < 0)
1303 return BGP_Stop;
1304 } else {
1305 if (bgp_debug_neighbor_events(peer))
1306 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1307 peer->host);
1308 }
1309
1310 /*
1311 * Assume that the peer supports the locally configured set of
1312 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1313 * capabilities, or if 'override-capability' is configured.
1314 */
1315 if (!mp_capability
1316 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1317 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1318 peer->afc[AFI_IP][SAFI_UNICAST];
1319 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1320 peer->afc[AFI_IP][SAFI_MULTICAST];
1321 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1322 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1323 peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] =
1324 peer->afc[AFI_IP][SAFI_FLOWSPEC];
1325 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1326 peer->afc[AFI_IP6][SAFI_UNICAST];
1327 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1328 peer->afc[AFI_IP6][SAFI_MULTICAST];
1329 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1330 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1331 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1332 peer->afc[AFI_L2VPN][SAFI_EVPN];
1333 peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] =
1334 peer->afc[AFI_IP6][SAFI_FLOWSPEC];
1335 }
1336
1337 /* When collision is detected and this peer is closed. Retrun
1338 immidiately. */
1339 ret = bgp_collision_detect(peer, remote_id);
1340 if (ret < 0)
1341 return BGP_Stop;
1342
1343 /* Get sockname. */
1344 if ((ret = bgp_getsockname(peer)) < 0) {
1345 flog_err_sys(EC_LIB_SOCKET,
1346 "%s: bgp_getsockname() failed for peer: %s",
1347 __FUNCTION__, peer->host);
1348 return BGP_Stop;
1349 }
1350
1351 /* Verify valid local address present based on negotiated
1352 * address-families. */
1353 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
1354 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1355 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1356 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1357 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
1358 if (peer->nexthop.v4.s_addr == INADDR_ANY) {
1359 #if defined(HAVE_CUMULUS)
1360 flog_err(
1361 EC_BGP_SND_FAIL,
1362 "%s: No local IPv4 addr resetting connection, fd %d",
1363 peer->host, peer->fd);
1364 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1365 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1366 return BGP_Stop;
1367 #endif
1368 }
1369 }
1370 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1371 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1372 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1373 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1374 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1375 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1376 #if defined(HAVE_CUMULUS)
1377 flog_err(
1378 EC_BGP_SND_FAIL,
1379 "%s: No local IPv6 addr resetting connection, fd %d",
1380 peer->host, peer->fd);
1381 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1382 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1383 return BGP_Stop;
1384 #endif
1385 }
1386 }
1387 peer->rtt = sockopt_tcp_rtt(peer->fd);
1388
1389 return Receive_OPEN_message;
1390 }
1391
1392 /**
1393 * Process BGP KEEPALIVE message for peer.
1394 *
1395 * @param peer
1396 * @param size size of the packet
1397 * @return as in summary
1398 */
1399 static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
1400 {
1401 if (bgp_debug_keepalive(peer))
1402 zlog_debug("%s KEEPALIVE rcvd", peer->host);
1403
1404 bgp_update_implicit_eors(peer);
1405
1406 return Receive_KEEPALIVE_message;
1407 }
1408
1409
1410 /**
1411 * Process BGP UPDATE message for peer.
1412 *
1413 * Parses UPDATE and creates attribute object.
1414 *
1415 * @param peer
1416 * @param size size of the packet
1417 * @return as in summary
1418 */
1419 static int bgp_update_receive(struct peer *peer, bgp_size_t size)
1420 {
1421 int ret, nlri_ret;
1422 uint8_t *end;
1423 struct stream *s;
1424 struct attr attr;
1425 bgp_size_t attribute_len;
1426 bgp_size_t update_len;
1427 bgp_size_t withdraw_len;
1428 bool restart = false;
1429
1430 enum NLRI_TYPES {
1431 NLRI_UPDATE,
1432 NLRI_WITHDRAW,
1433 NLRI_MP_UPDATE,
1434 NLRI_MP_WITHDRAW,
1435 NLRI_TYPE_MAX
1436 };
1437 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1438
1439 /* Status must be Established. */
1440 if (peer->status != Established) {
1441 flog_err(EC_BGP_INVALID_STATUS,
1442 "%s [FSM] Update packet received under status %s",
1443 peer->host,
1444 lookup_msg(bgp_status_msg, peer->status, NULL));
1445 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
1446 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1447 return BGP_Stop;
1448 }
1449
1450 /* Set initial values. */
1451 memset(&attr, 0, sizeof(struct attr));
1452 attr.label_index = BGP_INVALID_LABEL_INDEX;
1453 attr.label = MPLS_INVALID_LABEL;
1454 memset(&nlris, 0, sizeof(nlris));
1455 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1456 peer->rcvd_attr_printed = 0;
1457
1458 s = peer->curr;
1459 end = stream_pnt(s) + size;
1460
1461 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1462 Length is too large (i.e., if Unfeasible Routes Length + Total
1463 Attribute Length + 23 exceeds the message Length), then the Error
1464 Subcode is set to Malformed Attribute List. */
1465 if (stream_pnt(s) + 2 > end) {
1466 flog_err(EC_BGP_UPDATE_RCV,
1467 "%s [Error] Update packet error"
1468 " (packet length is short for unfeasible length)",
1469 peer->host);
1470 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1471 BGP_NOTIFY_UPDATE_MAL_ATTR);
1472 return BGP_Stop;
1473 }
1474
1475 /* Unfeasible Route Length. */
1476 withdraw_len = stream_getw(s);
1477
1478 /* Unfeasible Route Length check. */
1479 if (stream_pnt(s) + withdraw_len > end) {
1480 flog_err(EC_BGP_UPDATE_RCV,
1481 "%s [Error] Update packet error"
1482 " (packet unfeasible length overflow %d)",
1483 peer->host, withdraw_len);
1484 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1485 BGP_NOTIFY_UPDATE_MAL_ATTR);
1486 return BGP_Stop;
1487 }
1488
1489 /* Unfeasible Route packet format check. */
1490 if (withdraw_len > 0) {
1491 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1492 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1493 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1494 nlris[NLRI_WITHDRAW].length = withdraw_len;
1495 stream_forward_getp(s, withdraw_len);
1496 }
1497
1498 /* Attribute total length check. */
1499 if (stream_pnt(s) + 2 > end) {
1500 flog_warn(
1501 EC_BGP_UPDATE_PACKET_SHORT,
1502 "%s [Error] Packet Error (update packet is short for attribute length)",
1503 peer->host);
1504 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1505 BGP_NOTIFY_UPDATE_MAL_ATTR);
1506 return BGP_Stop;
1507 }
1508
1509 /* Fetch attribute total length. */
1510 attribute_len = stream_getw(s);
1511
1512 /* Attribute length check. */
1513 if (stream_pnt(s) + attribute_len > end) {
1514 flog_warn(
1515 EC_BGP_UPDATE_PACKET_LONG,
1516 "%s [Error] Packet Error (update packet attribute length overflow %d)",
1517 peer->host, attribute_len);
1518 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1519 BGP_NOTIFY_UPDATE_MAL_ATTR);
1520 return BGP_Stop;
1521 }
1522
1523 /* Certain attribute parsing errors should not be considered bad enough
1524 * to reset the session for, most particularly any partial/optional
1525 * attributes that have 'tunneled' over speakers that don't understand
1526 * them. Instead we withdraw only the prefix concerned.
1527 *
1528 * Complicates the flow a little though..
1529 */
1530 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1531 /* This define morphs the update case into a withdraw when lower levels
1532 * have signalled an error condition where this is best.
1533 */
1534 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1535
1536 /* Parse attribute when it exists. */
1537 if (attribute_len) {
1538 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1539 &nlris[NLRI_MP_UPDATE],
1540 &nlris[NLRI_MP_WITHDRAW]);
1541 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1542 bgp_attr_unintern_sub(&attr);
1543 return BGP_Stop;
1544 }
1545 }
1546
1547 /* Logging the attribute. */
1548 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1549 || BGP_DEBUG(update, UPDATE_IN)
1550 || BGP_DEBUG(update, UPDATE_PREFIX)) {
1551 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ);
1552
1553 peer->stat_upd_7606++;
1554
1555 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1556 flog_err(
1557 EC_BGP_UPDATE_RCV,
1558 "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1559 peer->host);
1560
1561 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
1562 zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host,
1563 peer->rcvd_attr_str);
1564 peer->rcvd_attr_printed = 1;
1565 }
1566 }
1567
1568 /* Network Layer Reachability Information. */
1569 update_len = end - stream_pnt(s);
1570
1571 if (update_len) {
1572 /* Set NLRI portion to structure. */
1573 nlris[NLRI_UPDATE].afi = AFI_IP;
1574 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1575 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1576 nlris[NLRI_UPDATE].length = update_len;
1577 stream_forward_getp(s, update_len);
1578
1579 if (CHECK_FLAG(attr.flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
1580 /*
1581 * We skipped nexthop attribute validation earlier so
1582 * validate the nexthop now.
1583 */
1584 if (bgp_attr_nexthop_valid(peer, &attr) < 0) {
1585 bgp_attr_unintern_sub(&attr);
1586 return BGP_Stop;
1587 }
1588 }
1589 }
1590
1591 if (BGP_DEBUG(update, UPDATE_IN))
1592 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1593 peer->host, withdraw_len, attribute_len, update_len);
1594
1595 /* Parse any given NLRIs */
1596 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
1597 if (!nlris[i].nlri)
1598 continue;
1599
1600 /* NLRI is processed iff the peer if configured for the specific
1601 * afi/safi */
1602 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
1603 zlog_info(
1604 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1605 peer->host, nlris[i].afi, nlris[i].safi);
1606 continue;
1607 }
1608
1609 /* EoR handled later */
1610 if (nlris[i].length == 0)
1611 continue;
1612
1613 switch (i) {
1614 case NLRI_UPDATE:
1615 case NLRI_MP_UPDATE:
1616 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
1617 &nlris[i], 0);
1618 break;
1619 case NLRI_WITHDRAW:
1620 case NLRI_MP_WITHDRAW:
1621 nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1);
1622 break;
1623 default:
1624 nlri_ret = BGP_NLRI_PARSE_ERROR;
1625 }
1626
1627 if (nlri_ret < BGP_NLRI_PARSE_OK
1628 && nlri_ret != BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW) {
1629 flog_err(EC_BGP_UPDATE_RCV,
1630 "%s [Error] Error parsing NLRI", peer->host);
1631 if (peer->status == Established)
1632 bgp_notify_send(
1633 peer, BGP_NOTIFY_UPDATE_ERR,
1634 i <= NLRI_WITHDRAW
1635 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1636 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1637 bgp_attr_unintern_sub(&attr);
1638 return BGP_Stop;
1639 }
1640 }
1641
1642 /* EoR checks
1643 *
1644 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1645 * and MP EoR should have only an empty MP_UNREACH
1646 */
1647 if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
1648 || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
1649 afi_t afi = 0;
1650 safi_t safi;
1651 struct graceful_restart_info *gr_info;
1652
1653 /* Restarting router */
1654 if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer)
1655 && BGP_PEER_RESTARTING_MODE(peer))
1656 restart = true;
1657
1658 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1659 * checked
1660 * update and withdraw NLRI lengths are 0.
1661 */
1662 if (!attribute_len) {
1663 afi = AFI_IP;
1664 safi = SAFI_UNICAST;
1665 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
1666 && nlris[NLRI_MP_WITHDRAW].length == 0) {
1667 afi = nlris[NLRI_MP_WITHDRAW].afi;
1668 safi = nlris[NLRI_MP_WITHDRAW].safi;
1669 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
1670 afi = nlris[NLRI_MP_UPDATE].afi;
1671 safi = nlris[NLRI_MP_UPDATE].safi;
1672 }
1673
1674 if (afi && peer->afc[afi][safi]) {
1675 struct vrf *vrf = vrf_lookup_by_id(peer->bgp->vrf_id);
1676
1677 /* End-of-RIB received */
1678 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
1679 PEER_STATUS_EOR_RECEIVED)) {
1680 SET_FLAG(peer->af_sflags[afi][safi],
1681 PEER_STATUS_EOR_RECEIVED);
1682 bgp_update_explicit_eors(peer);
1683 /* Update graceful restart information */
1684 gr_info = &(peer->bgp->gr_info[afi][safi]);
1685 if (restart)
1686 gr_info->eor_received++;
1687 /* If EOR received from all peers and selection
1688 * deferral timer is running, cancel the timer
1689 * and invoke the best path calculation
1690 */
1691 if (gr_info->eor_required
1692 == gr_info->eor_received) {
1693 if (bgp_debug_neighbor_events(peer))
1694 zlog_debug(
1695 "%s %d, %s %d",
1696 "EOR REQ",
1697 gr_info->eor_required,
1698 "EOR RCV",
1699 gr_info->eor_received);
1700 BGP_TIMER_OFF(
1701 gr_info->t_select_deferral);
1702 gr_info->eor_required = 0;
1703 gr_info->eor_received = 0;
1704 /* Best path selection */
1705 if (bgp_best_path_select_defer(
1706 peer->bgp, afi, safi)
1707 < 0)
1708 return BGP_Stop;
1709 }
1710 }
1711
1712 /* NSF delete stale route */
1713 if (peer->nsf[afi][safi])
1714 bgp_clear_stale_route(peer, afi, safi);
1715
1716 zlog_info(
1717 "%s: rcvd End-of-RIB for %s from %s in vrf %s",
1718 __func__, get_afi_safi_str(afi, safi, false),
1719 peer->host, vrf ? vrf->name : VRF_DEFAULT_NAME);
1720 }
1721 }
1722
1723 /* Everything is done. We unintern temporary structures which
1724 interned in bgp_attr_parse(). */
1725 bgp_attr_unintern_sub(&attr);
1726
1727 peer->update_time = bgp_clock();
1728
1729 /* Rearm holdtime timer */
1730 BGP_TIMER_OFF(peer->t_holdtime);
1731 bgp_timer_set(peer);
1732
1733 return Receive_UPDATE_message;
1734 }
1735
1736 /**
1737 * Process BGP NOTIFY message for peer.
1738 *
1739 * @param peer
1740 * @param size size of the packet
1741 * @return as in summary
1742 */
1743 static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
1744 {
1745 struct bgp_notify bgp_notify;
1746
1747 if (peer->notify.data) {
1748 XFREE(MTYPE_TMP, peer->notify.data);
1749 peer->notify.length = 0;
1750 }
1751
1752 bgp_notify.code = stream_getc(peer->curr);
1753 bgp_notify.subcode = stream_getc(peer->curr);
1754 bgp_notify.length = size - 2;
1755 bgp_notify.data = NULL;
1756
1757 /* Preserv notify code and sub code. */
1758 peer->notify.code = bgp_notify.code;
1759 peer->notify.subcode = bgp_notify.subcode;
1760 /* For further diagnostic record returned Data. */
1761 if (bgp_notify.length) {
1762 peer->notify.length = size - 2;
1763 peer->notify.data = XMALLOC(MTYPE_TMP, size - 2);
1764 memcpy(peer->notify.data, stream_pnt(peer->curr), size - 2);
1765 }
1766
1767 /* For debug */
1768 {
1769 int i;
1770 int first = 0;
1771 char c[4];
1772
1773 if (bgp_notify.length) {
1774 bgp_notify.data =
1775 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
1776 for (i = 0; i < bgp_notify.length; i++)
1777 if (first) {
1778 snprintf(c, sizeof(c), " %02x",
1779 stream_getc(peer->curr));
1780
1781 strlcat(bgp_notify.data, c,
1782 bgp_notify.length * 3);
1783
1784 } else {
1785 first = 1;
1786 snprintf(c, sizeof(c), "%02x",
1787 stream_getc(peer->curr));
1788
1789 strlcpy(bgp_notify.data, c,
1790 bgp_notify.length * 3);
1791 }
1792 bgp_notify.raw_data = (uint8_t *)peer->notify.data;
1793 }
1794
1795 bgp_notify_print(peer, &bgp_notify, "received");
1796 if (bgp_notify.data) {
1797 XFREE(MTYPE_TMP, bgp_notify.data);
1798 bgp_notify.length = 0;
1799 }
1800 }
1801
1802 /* peer count update */
1803 atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
1804
1805 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1806
1807 /* We have to check for Notify with Unsupported Optional Parameter.
1808 in that case we fallback to open without the capability option.
1809 But this done in bgp_stop. We just mark it here to avoid changing
1810 the fsm tables. */
1811 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR
1812 && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
1813 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1814
1815 bgp_peer_gr_flags_update(peer);
1816 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
1817 peer->bgp->peer);
1818
1819 return Receive_NOTIFICATION_message;
1820 }
1821
1822 /**
1823 * Process BGP ROUTEREFRESH message for peer.
1824 *
1825 * @param peer
1826 * @param size size of the packet
1827 * @return as in summary
1828 */
1829 static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
1830 {
1831 iana_afi_t pkt_afi;
1832 afi_t afi;
1833 iana_safi_t pkt_safi;
1834 safi_t safi;
1835 struct stream *s;
1836 struct peer_af *paf;
1837 struct update_group *updgrp;
1838 struct peer *updgrp_peer;
1839
1840 /* If peer does not have the capability, send notification. */
1841 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
1842 flog_err(EC_BGP_NO_CAP,
1843 "%s [Error] BGP route refresh is not enabled",
1844 peer->host);
1845 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
1846 BGP_NOTIFY_HEADER_BAD_MESTYPE);
1847 return BGP_Stop;
1848 }
1849
1850 /* Status must be Established. */
1851 if (peer->status != Established) {
1852 flog_err(
1853 EC_BGP_INVALID_STATUS,
1854 "%s [Error] Route refresh packet received under status %s",
1855 peer->host,
1856 lookup_msg(bgp_status_msg, peer->status, NULL));
1857 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
1858 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1859 return BGP_Stop;
1860 }
1861
1862 s = peer->curr;
1863
1864 /* Parse packet. */
1865 pkt_afi = stream_getw(s);
1866 (void)stream_getc(s);
1867 pkt_safi = stream_getc(s);
1868
1869 if (bgp_debug_update(peer, NULL, NULL, 0))
1870 zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %s/%s",
1871 peer->host, iana_afi2str(pkt_afi),
1872 iana_safi2str(pkt_safi));
1873
1874 /* Convert AFI, SAFI to internal values and check. */
1875 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1876 zlog_info(
1877 "%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
1878 peer->host, iana_afi2str(pkt_afi),
1879 iana_safi2str(pkt_safi));
1880 return BGP_PACKET_NOOP;
1881 }
1882
1883 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
1884 uint8_t *end;
1885 uint8_t when_to_refresh;
1886 uint8_t orf_type;
1887 uint16_t orf_len;
1888
1889 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1890 < 5) {
1891 zlog_info("%s ORF route refresh length error",
1892 peer->host);
1893 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1894 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1895 return BGP_Stop;
1896 }
1897
1898 when_to_refresh = stream_getc(s);
1899 end = stream_pnt(s) + (size - 5);
1900
1901 while ((stream_pnt(s) + 2) < end) {
1902 orf_type = stream_getc(s);
1903 orf_len = stream_getw(s);
1904
1905 /* orf_len in bounds? */
1906 if ((stream_pnt(s) + orf_len) > end)
1907 break; /* XXX: Notify instead?? */
1908 if (orf_type == ORF_TYPE_PREFIX
1909 || orf_type == ORF_TYPE_PREFIX_OLD) {
1910 uint8_t *p_pnt = stream_pnt(s);
1911 uint8_t *p_end = stream_pnt(s) + orf_len;
1912 struct orf_prefix orfp;
1913 uint8_t common = 0;
1914 uint32_t seq;
1915 int psize;
1916 char name[BUFSIZ];
1917 int ret = CMD_SUCCESS;
1918
1919 if (bgp_debug_neighbor_events(peer)) {
1920 zlog_debug(
1921 "%s rcvd Prefixlist ORF(%d) length %d",
1922 peer->host, orf_type, orf_len);
1923 }
1924
1925 /* we're going to read at least 1 byte of common
1926 * ORF header,
1927 * and 7 bytes of ORF Address-filter entry from
1928 * the stream
1929 */
1930 if (orf_len < 7)
1931 break;
1932
1933 /* ORF prefix-list name */
1934 sprintf(name, "%s.%d.%d", peer->host, afi,
1935 safi);
1936
1937 while (p_pnt < p_end) {
1938 /* If the ORF entry is malformed, want
1939 * to read as much of it
1940 * as possible without going beyond the
1941 * bounds of the entry,
1942 * to maximise debug information.
1943 */
1944 int ok;
1945 memset(&orfp, 0,
1946 sizeof(struct orf_prefix));
1947 common = *p_pnt++;
1948 /* after ++: p_pnt <= p_end */
1949 if (common
1950 & ORF_COMMON_PART_REMOVE_ALL) {
1951 if (bgp_debug_neighbor_events(
1952 peer))
1953 zlog_debug(
1954 "%s rcvd Remove-All pfxlist ORF request",
1955 peer->host);
1956 prefix_bgp_orf_remove_all(afi,
1957 name);
1958 break;
1959 }
1960 ok = ((uint32_t)(p_end - p_pnt)
1961 >= sizeof(uint32_t));
1962 if (ok) {
1963 memcpy(&seq, p_pnt,
1964 sizeof(uint32_t));
1965 p_pnt += sizeof(uint32_t);
1966 orfp.seq = ntohl(seq);
1967 } else
1968 p_pnt = p_end;
1969
1970 if ((ok = (p_pnt < p_end)))
1971 orfp.ge =
1972 *p_pnt++; /* value
1973 checked in
1974 prefix_bgp_orf_set()
1975 */
1976 if ((ok = (p_pnt < p_end)))
1977 orfp.le =
1978 *p_pnt++; /* value
1979 checked in
1980 prefix_bgp_orf_set()
1981 */
1982 if ((ok = (p_pnt < p_end)))
1983 orfp.p.prefixlen = *p_pnt++;
1984 orfp.p.family = afi2family(
1985 afi); /* afi checked already */
1986
1987 psize = PSIZE(
1988 orfp.p.prefixlen); /* 0 if not
1989 ok */
1990 if (psize
1991 > prefix_blen(
1992 &orfp.p)) /* valid for
1993 family ? */
1994 {
1995 ok = 0;
1996 psize = prefix_blen(&orfp.p);
1997 }
1998 if (psize
1999 > (p_end - p_pnt)) /* valid for
2000 packet ? */
2001 {
2002 ok = 0;
2003 psize = p_end - p_pnt;
2004 }
2005
2006 if (psize > 0)
2007 memcpy(&orfp.p.u.prefix, p_pnt,
2008 psize);
2009 p_pnt += psize;
2010
2011 if (bgp_debug_neighbor_events(peer)) {
2012 char buf[INET6_BUFSIZ];
2013
2014 zlog_debug(
2015 "%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
2016 peer->host,
2017 (common & ORF_COMMON_PART_REMOVE
2018 ? "Remove"
2019 : "Add"),
2020 (common & ORF_COMMON_PART_DENY
2021 ? "deny"
2022 : "permit"),
2023 orfp.seq,
2024 inet_ntop(
2025 orfp.p.family,
2026 &orfp.p.u.prefix,
2027 buf,
2028 INET6_BUFSIZ),
2029 orfp.p.prefixlen,
2030 orfp.ge, orfp.le,
2031 ok ? "" : " MALFORMED");
2032 }
2033
2034 if (ok)
2035 ret = prefix_bgp_orf_set(
2036 name, afi, &orfp,
2037 (common & ORF_COMMON_PART_DENY
2038 ? 0
2039 : 1),
2040 (common & ORF_COMMON_PART_REMOVE
2041 ? 0
2042 : 1));
2043
2044 if (!ok || (ok && ret != CMD_SUCCESS)) {
2045 zlog_info(
2046 "%s Received misformatted prefixlist ORF."
2047 " Remove All pfxlist",
2048 peer->host);
2049 prefix_bgp_orf_remove_all(afi,
2050 name);
2051 break;
2052 }
2053 }
2054
2055 peer->orf_plist[afi][safi] =
2056 prefix_bgp_orf_lookup(afi, name);
2057 }
2058 stream_forward_getp(s, orf_len);
2059 }
2060 if (bgp_debug_neighbor_events(peer))
2061 zlog_debug("%s rcvd Refresh %s ORF request", peer->host,
2062 when_to_refresh == REFRESH_DEFER
2063 ? "Defer"
2064 : "Immediate");
2065 if (when_to_refresh == REFRESH_DEFER)
2066 return BGP_PACKET_NOOP;
2067 }
2068
2069 /* First update is deferred until ORF or ROUTE-REFRESH is received */
2070 if (CHECK_FLAG(peer->af_sflags[afi][safi],
2071 PEER_STATUS_ORF_WAIT_REFRESH))
2072 UNSET_FLAG(peer->af_sflags[afi][safi],
2073 PEER_STATUS_ORF_WAIT_REFRESH);
2074
2075 paf = peer_af_find(peer, afi, safi);
2076 if (paf && paf->subgroup) {
2077 if (peer->orf_plist[afi][safi]) {
2078 updgrp = PAF_UPDGRP(paf);
2079 updgrp_peer = UPDGRP_PEER(updgrp);
2080 updgrp_peer->orf_plist[afi][safi] =
2081 peer->orf_plist[afi][safi];
2082 }
2083
2084 /* If the peer is configured for default-originate clear the
2085 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
2086 * re-advertise the
2087 * default
2088 */
2089 if (CHECK_FLAG(paf->subgroup->sflags,
2090 SUBGRP_STATUS_DEFAULT_ORIGINATE))
2091 UNSET_FLAG(paf->subgroup->sflags,
2092 SUBGRP_STATUS_DEFAULT_ORIGINATE);
2093 }
2094
2095 /* Perform route refreshment to the peer */
2096 bgp_announce_route(peer, afi, safi);
2097
2098 /* No FSM action necessary */
2099 return BGP_PACKET_NOOP;
2100 }
2101
2102 /**
2103 * Parse BGP CAPABILITY message for peer.
2104 *
2105 * @param peer
2106 * @param size size of the packet
2107 * @return as in summary
2108 */
2109 static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
2110 bgp_size_t length)
2111 {
2112 uint8_t *end;
2113 struct capability_mp_data mpc;
2114 struct capability_header *hdr;
2115 uint8_t action;
2116 iana_afi_t pkt_afi;
2117 afi_t afi;
2118 iana_safi_t pkt_safi;
2119 safi_t safi;
2120
2121 end = pnt + length;
2122
2123 while (pnt < end) {
2124 /* We need at least action, capability code and capability
2125 * length. */
2126 if (pnt + 3 > end) {
2127 zlog_info("%s Capability length error", peer->host);
2128 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2129 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
2130 return BGP_Stop;
2131 }
2132 action = *pnt;
2133 hdr = (struct capability_header *)(pnt + 1);
2134
2135 /* Action value check. */
2136 if (action != CAPABILITY_ACTION_SET
2137 && action != CAPABILITY_ACTION_UNSET) {
2138 zlog_info("%s Capability Action Value error %d",
2139 peer->host, action);
2140 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2141 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
2142 return BGP_Stop;
2143 }
2144
2145 if (bgp_debug_neighbor_events(peer))
2146 zlog_debug(
2147 "%s CAPABILITY has action: %d, code: %u, length %u",
2148 peer->host, action, hdr->code, hdr->length);
2149
2150 /* Capability length check. */
2151 if ((pnt + hdr->length + 3) > end) {
2152 zlog_info("%s Capability length error", peer->host);
2153 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
2154 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
2155 return BGP_Stop;
2156 }
2157
2158 /* Fetch structure to the byte stream. */
2159 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
2160 pnt += hdr->length + 3;
2161
2162 /* We know MP Capability Code. */
2163 if (hdr->code == CAPABILITY_CODE_MP) {
2164 pkt_afi = ntohs(mpc.afi);
2165 pkt_safi = mpc.safi;
2166
2167 /* Ignore capability when override-capability is set. */
2168 if (CHECK_FLAG(peer->flags,
2169 PEER_FLAG_OVERRIDE_CAPABILITY))
2170 continue;
2171
2172 /* Convert AFI, SAFI to internal values. */
2173 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2174 &safi)) {
2175 if (bgp_debug_neighbor_events(peer))
2176 zlog_debug(
2177 "%s Dynamic Capability MP_EXT afi/safi invalid "
2178 "(%s/%s)",
2179 peer->host,
2180 iana_afi2str(pkt_afi),
2181 iana_safi2str(pkt_safi));
2182 continue;
2183 }
2184
2185 /* Address family check. */
2186 if (bgp_debug_neighbor_events(peer))
2187 zlog_debug(
2188 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2189 peer->host,
2190 action == CAPABILITY_ACTION_SET
2191 ? "Advertising"
2192 : "Removing",
2193 pkt_afi, pkt_safi);
2194
2195 if (action == CAPABILITY_ACTION_SET) {
2196 peer->afc_recv[afi][safi] = 1;
2197 if (peer->afc[afi][safi]) {
2198 peer->afc_nego[afi][safi] = 1;
2199 bgp_announce_route(peer, afi, safi);
2200 }
2201 } else {
2202 peer->afc_recv[afi][safi] = 0;
2203 peer->afc_nego[afi][safi] = 0;
2204
2205 if (peer_active_nego(peer))
2206 bgp_clear_route(peer, afi, safi);
2207 else
2208 return BGP_Stop;
2209 }
2210 } else {
2211 flog_warn(
2212 EC_BGP_UNRECOGNIZED_CAPABILITY,
2213 "%s unrecognized capability code: %d - ignored",
2214 peer->host, hdr->code);
2215 }
2216 }
2217
2218 /* No FSM action necessary */
2219 return BGP_PACKET_NOOP;
2220 }
2221
2222 /**
2223 * Parse BGP CAPABILITY message for peer.
2224 *
2225 * Exported for unit testing.
2226 *
2227 * @param peer
2228 * @param size size of the packet
2229 * @return as in summary
2230 */
2231 int bgp_capability_receive(struct peer *peer, bgp_size_t size)
2232 {
2233 uint8_t *pnt;
2234
2235 /* Fetch pointer. */
2236 pnt = stream_pnt(peer->curr);
2237
2238 if (bgp_debug_neighbor_events(peer))
2239 zlog_debug("%s rcv CAPABILITY", peer->host);
2240
2241 /* If peer does not have the capability, send notification. */
2242 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
2243 flog_err(EC_BGP_NO_CAP,
2244 "%s [Error] BGP dynamic capability is not enabled",
2245 peer->host);
2246 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2247 BGP_NOTIFY_HEADER_BAD_MESTYPE);
2248 return BGP_Stop;
2249 }
2250
2251 /* Status must be Established. */
2252 if (peer->status != Established) {
2253 flog_err(
2254 EC_BGP_NO_CAP,
2255 "%s [Error] Dynamic capability packet received under status %s",
2256 peer->host,
2257 lookup_msg(bgp_status_msg, peer->status, NULL));
2258 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR,
2259 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
2260 return BGP_Stop;
2261 }
2262
2263 /* Parse packet. */
2264 return bgp_capability_msg_parse(peer, pnt, size);
2265 }
2266
2267 /**
2268 * Processes a peer's input buffer.
2269 *
2270 * This function sidesteps the event loop and directly calls bgp_event_update()
2271 * after processing each BGP message. This is necessary to ensure proper
2272 * ordering of FSM events and unifies the behavior that was present previously,
2273 * whereby some of the packet handling functions would update the FSM and some
2274 * would not, making event flow difficult to understand. Please think twice
2275 * before hacking this.
2276 *
2277 * Thread type: THREAD_EVENT
2278 * @param thread
2279 * @return 0
2280 */
2281 int bgp_process_packet(struct thread *thread)
2282 {
2283 /* Yes first of all get peer pointer. */
2284 struct peer *peer; // peer
2285 uint32_t rpkt_quanta_old; // how many packets to read
2286 int fsm_update_result; // return code of bgp_event_update()
2287 int mprc; // message processing return code
2288
2289 peer = THREAD_ARG(thread);
2290 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2291 memory_order_relaxed);
2292 fsm_update_result = 0;
2293
2294 /* Guard against scheduled events that occur after peer deletion. */
2295 if (peer->status == Deleted || peer->status == Clearing)
2296 return 0;
2297
2298 unsigned int processed = 0;
2299
2300 while (processed < rpkt_quanta_old) {
2301 uint8_t type = 0;
2302 bgp_size_t size;
2303 char notify_data_length[2];
2304
2305 frr_with_mutex(&peer->io_mtx) {
2306 peer->curr = stream_fifo_pop(peer->ibuf);
2307 }
2308
2309 if (peer->curr == NULL) // no packets to process, hmm...
2310 return 0;
2311
2312 /* skip the marker and copy the packet length */
2313 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2314 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2315
2316 /* read in the packet length and type */
2317 size = stream_getw(peer->curr);
2318 type = stream_getc(peer->curr);
2319
2320 hook_call(bgp_packet_dump, peer, type, size, peer->curr);
2321
2322 /* adjust size to exclude the marker + length + type */
2323 size -= BGP_HEADER_SIZE;
2324
2325 /* Read rest of the packet and call each sort of packet routine
2326 */
2327 switch (type) {
2328 case BGP_MSG_OPEN:
2329 atomic_fetch_add_explicit(&peer->open_in, 1,
2330 memory_order_relaxed);
2331 mprc = bgp_open_receive(peer, size);
2332 if (mprc == BGP_Stop)
2333 flog_err(
2334 EC_BGP_PKT_OPEN,
2335 "%s: BGP OPEN receipt failed for peer: %s",
2336 __FUNCTION__, peer->host);
2337 break;
2338 case BGP_MSG_UPDATE:
2339 atomic_fetch_add_explicit(&peer->update_in, 1,
2340 memory_order_relaxed);
2341 peer->readtime = monotime(NULL);
2342 mprc = bgp_update_receive(peer, size);
2343 if (mprc == BGP_Stop)
2344 flog_err(
2345 EC_BGP_UPDATE_RCV,
2346 "%s: BGP UPDATE receipt failed for peer: %s",
2347 __FUNCTION__, peer->host);
2348 break;
2349 case BGP_MSG_NOTIFY:
2350 atomic_fetch_add_explicit(&peer->notify_in, 1,
2351 memory_order_relaxed);
2352 mprc = bgp_notify_receive(peer, size);
2353 if (mprc == BGP_Stop)
2354 flog_err(
2355 EC_BGP_NOTIFY_RCV,
2356 "%s: BGP NOTIFY receipt failed for peer: %s",
2357 __FUNCTION__, peer->host);
2358 break;
2359 case BGP_MSG_KEEPALIVE:
2360 peer->readtime = monotime(NULL);
2361 atomic_fetch_add_explicit(&peer->keepalive_in, 1,
2362 memory_order_relaxed);
2363 mprc = bgp_keepalive_receive(peer, size);
2364 if (mprc == BGP_Stop)
2365 flog_err(
2366 EC_BGP_KEEP_RCV,
2367 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2368 __FUNCTION__, peer->host);
2369 break;
2370 case BGP_MSG_ROUTE_REFRESH_NEW:
2371 case BGP_MSG_ROUTE_REFRESH_OLD:
2372 atomic_fetch_add_explicit(&peer->refresh_in, 1,
2373 memory_order_relaxed);
2374 mprc = bgp_route_refresh_receive(peer, size);
2375 if (mprc == BGP_Stop)
2376 flog_err(
2377 EC_BGP_RFSH_RCV,
2378 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2379 __FUNCTION__, peer->host);
2380 break;
2381 case BGP_MSG_CAPABILITY:
2382 atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
2383 memory_order_relaxed);
2384 mprc = bgp_capability_receive(peer, size);
2385 if (mprc == BGP_Stop)
2386 flog_err(
2387 EC_BGP_CAP_RCV,
2388 "%s: BGP CAPABILITY receipt failed for peer: %s",
2389 __FUNCTION__, peer->host);
2390 break;
2391 default:
2392 /* Suppress uninitialized variable warning */
2393 mprc = 0;
2394 (void)mprc;
2395 /*
2396 * The message type should have been sanitized before
2397 * we ever got here. Receipt of a message with an
2398 * invalid header at this point is indicative of a
2399 * security issue.
2400 */
2401 assert (!"Message of invalid type received during input processing");
2402 }
2403
2404 /* delete processed packet */
2405 stream_free(peer->curr);
2406 peer->curr = NULL;
2407 processed++;
2408
2409 /* Update FSM */
2410 if (mprc != BGP_PACKET_NOOP)
2411 fsm_update_result = bgp_event_update(peer, mprc);
2412 else
2413 continue;
2414
2415 /*
2416 * If peer was deleted, do not process any more packets. This
2417 * is usually due to executing BGP_Stop or a stub deletion.
2418 */
2419 if (fsm_update_result == FSM_PEER_TRANSFERRED
2420 || fsm_update_result == FSM_PEER_STOPPED)
2421 break;
2422 }
2423
2424 if (fsm_update_result != FSM_PEER_TRANSFERRED
2425 && fsm_update_result != FSM_PEER_STOPPED) {
2426 frr_with_mutex(&peer->io_mtx) {
2427 // more work to do, come back later
2428 if (peer->ibuf->count > 0)
2429 thread_add_timer_msec(
2430 bm->master, bgp_process_packet, peer, 0,
2431 &peer->t_process_packet);
2432 }
2433 }
2434
2435 return 0;
2436 }
2437
2438 /* Send EOR when routes are processed by selection deferral timer */
2439 void bgp_send_delayed_eor(struct bgp *bgp)
2440 {
2441 struct peer *peer;
2442 struct listnode *node, *nnode;
2443
2444 /* EOR message sent in bgp_write_proceed_actions */
2445 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer))
2446 bgp_write_proceed_actions(peer);
2447 }
FRRouting mirror