1 /* BGP packet management routine.
2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
4 * Copyright (C) 1999 Kunihiro Ishiguro
6 * This file is part of GNU Zebra.
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
33 #include "sockunion.h" /* for inet_ntop () */
39 #include "lib_errors.h"
41 #include "bgpd/bgpd.h"
42 #include "bgpd/bgp_table.h"
43 #include "bgpd/bgp_dump.h"
44 #include "bgpd/bgp_bmp.h"
45 #include "bgpd/bgp_attr.h"
46 #include "bgpd/bgp_debug.h"
47 #include "bgpd/bgp_errors.h"
48 #include "bgpd/bgp_fsm.h"
49 #include "bgpd/bgp_route.h"
50 #include "bgpd/bgp_packet.h"
51 #include "bgpd/bgp_open.h"
52 #include "bgpd/bgp_aspath.h"
53 #include "bgpd/bgp_community.h"
54 #include "bgpd/bgp_ecommunity.h"
55 #include "bgpd/bgp_lcommunity.h"
56 #include "bgpd/bgp_network.h"
57 #include "bgpd/bgp_mplsvpn.h"
58 #include "bgpd/bgp_evpn.h"
59 #include "bgpd/bgp_advertise.h"
60 #include "bgpd/bgp_vty.h"
61 #include "bgpd/bgp_updgrp.h"
62 #include "bgpd/bgp_label.h"
63 #include "bgpd/bgp_io.h"
64 #include "bgpd/bgp_keepalives.h"
65 #include "bgpd/bgp_flowspec.h"
66 #include "bgpd/bgp_trace.h"
68 DEFINE_HOOK(bgp_packet_dump
,
69 (struct peer
*peer
, uint8_t type
, bgp_size_t size
,
71 (peer
, type
, size
, s
))
73 DEFINE_HOOK(bgp_packet_send
,
74 (struct peer
*peer
, uint8_t type
, bgp_size_t size
,
76 (peer
, type
, size
, s
))
79 * Sets marker and type fields for a BGP message.
81 * @param s the stream containing the packet
82 * @param type the packet type
83 * @return the size of the stream
85 int bgp_packet_set_marker(struct stream
*s
, uint8_t type
)
90 for (i
= 0; i
< BGP_MARKER_SIZE
; i
++)
93 /* Dummy total length. This field is should be filled in later on. */
96 /* BGP packet type. */
99 /* Return current stream size. */
100 return stream_get_endp(s
);
104 * Sets size field for a BGP message.
106 * Size field is set to the size of the stream passed.
108 * @param s the stream containing the packet
109 * @return the size of the stream
111 int bgp_packet_set_size(struct stream
*s
)
115 /* Preserve current pointer. */
116 cp
= stream_get_endp(s
);
117 stream_putw_at(s
, BGP_MARKER_SIZE
, cp
);
123 * Push a packet onto the beginning of the peer's output queue.
124 * This function acquires the peer's write mutex before proceeding.
126 static void bgp_packet_add(struct peer
*peer
, struct stream
*s
)
128 frr_with_mutex(&peer
->io_mtx
) {
129 stream_fifo_push(peer
->obuf
, s
);
133 static struct stream
*bgp_update_packet_eor(struct peer
*peer
, afi_t afi
,
138 iana_safi_t pkt_safi
;
140 if (DISABLE_BGP_ANNOUNCE
)
143 if (bgp_debug_neighbor_events(peer
))
144 zlog_debug("send End-of-RIB for %s to %s",
145 get_afi_safi_str(afi
, safi
, false), peer
->host
);
147 s
= stream_new(BGP_MAX_PACKET_SIZE
);
149 /* Make BGP update packet. */
150 bgp_packet_set_marker(s
, BGP_MSG_UPDATE
);
152 /* Unfeasible Routes Length */
155 if (afi
== AFI_IP
&& safi
== SAFI_UNICAST
) {
156 /* Total Path Attribute Length */
159 /* Convert AFI, SAFI to values for packet. */
160 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
162 /* Total Path Attribute Length */
164 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
165 stream_putc(s
, BGP_ATTR_MP_UNREACH_NLRI
);
167 stream_putw(s
, pkt_afi
);
168 stream_putc(s
, pkt_safi
);
171 bgp_packet_set_size(s
);
175 /* Called when there is a change in the EOR(implicit or explicit) status of a
176 * peer. Ends the update-delay if all expected peers are done with EORs. */
177 void bgp_check_update_delay(struct bgp
*bgp
)
179 struct listnode
*node
, *nnode
;
180 struct peer
*peer
= NULL
;
182 if (bgp_debug_neighbor_events(peer
))
183 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
184 bgp
->established
, bgp
->restarted_peers
,
185 bgp
->implicit_eors
, bgp
->explicit_eors
);
188 <= bgp
->restarted_peers
+ bgp
->implicit_eors
+ bgp
->explicit_eors
) {
190 * This is an extra sanity check to make sure we wait for all
191 * the eligible configured peers. This check is performed if
192 * establish wait timer is on, or establish wait option is not
193 * given with the update-delay command
195 if (bgp
->t_establish_wait
196 || (bgp
->v_establish_wait
== bgp
->v_update_delay
))
197 for (ALL_LIST_ELEMENTS(bgp
->peer
, node
, nnode
, peer
)) {
198 if (CHECK_FLAG(peer
->flags
,
199 PEER_FLAG_CONFIG_NODE
)
200 && !CHECK_FLAG(peer
->flags
,
202 && !CHECK_FLAG(peer
->bgp
->flags
,
204 && !peer
->update_delay_over
) {
205 if (bgp_debug_neighbor_events(peer
))
207 " Peer %s pending, continuing read-only mode",
214 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
215 bgp
->restarted_peers
, bgp
->implicit_eors
,
217 bgp_update_delay_end(bgp
);
222 * Called if peer is known to have restarted. The restart-state bit in
223 * Graceful-Restart capability is used for that
225 void bgp_update_restarted_peers(struct peer
*peer
)
227 if (!bgp_update_delay_active(peer
->bgp
))
228 return; /* BGP update delay has ended */
229 if (peer
->update_delay_over
)
230 return; /* This peer has already been considered */
232 if (bgp_debug_neighbor_events(peer
))
233 zlog_debug("Peer %s: Checking restarted", peer
->host
);
235 if (peer
->status
== Established
) {
236 peer
->update_delay_over
= 1;
237 peer
->bgp
->restarted_peers
++;
238 bgp_check_update_delay(peer
->bgp
);
243 * Called as peer receives a keep-alive. Determines if this occurence can be
244 * taken as an implicit EOR for this peer.
245 * NOTE: The very first keep-alive after the Established state of a peer is
246 * considered implicit EOR for the update-delay purposes
248 void bgp_update_implicit_eors(struct peer
*peer
)
250 if (!bgp_update_delay_active(peer
->bgp
))
251 return; /* BGP update delay has ended */
252 if (peer
->update_delay_over
)
253 return; /* This peer has already been considered */
255 if (bgp_debug_neighbor_events(peer
))
256 zlog_debug("Peer %s: Checking implicit EORs", peer
->host
);
258 if (peer
->status
== Established
) {
259 peer
->update_delay_over
= 1;
260 peer
->bgp
->implicit_eors
++;
261 bgp_check_update_delay(peer
->bgp
);
266 * Should be called only when there is a change in the EOR_RECEIVED status
267 * for any afi/safi on a peer.
269 static void bgp_update_explicit_eors(struct peer
*peer
)
274 if (!bgp_update_delay_active(peer
->bgp
))
275 return; /* BGP update delay has ended */
276 if (peer
->update_delay_over
)
277 return; /* This peer has already been considered */
279 if (bgp_debug_neighbor_events(peer
))
280 zlog_debug("Peer %s: Checking explicit EORs", peer
->host
);
282 FOREACH_AFI_SAFI (afi
, safi
) {
283 if (peer
->afc_nego
[afi
][safi
]
284 && !CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
285 PEER_STATUS_EOR_RECEIVED
)) {
286 if (bgp_debug_neighbor_events(peer
))
288 " afi %d safi %d didn't receive EOR",
294 peer
->update_delay_over
= 1;
295 peer
->bgp
->explicit_eors
++;
296 bgp_check_update_delay(peer
->bgp
);
300 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
302 * mp_withdraw, if set, is used to nullify attr structure on most of the
303 * calling safi function and for evpn, passed as parameter
305 int bgp_nlri_parse(struct peer
*peer
, struct attr
*attr
,
306 struct bgp_nlri
*packet
, int mp_withdraw
)
308 switch (packet
->safi
) {
311 return bgp_nlri_parse_ip(peer
, mp_withdraw
? NULL
: attr
,
313 case SAFI_LABELED_UNICAST
:
314 return bgp_nlri_parse_label(peer
, mp_withdraw
? NULL
: attr
,
317 return bgp_nlri_parse_vpn(peer
, mp_withdraw
? NULL
: attr
,
320 return bgp_nlri_parse_evpn(peer
, attr
, packet
, mp_withdraw
);
322 return bgp_nlri_parse_flowspec(peer
, attr
, packet
, mp_withdraw
);
324 return BGP_NLRI_PARSE_ERROR
;
328 * Checks a variety of conditions to determine whether the peer needs to be
329 * rescheduled for packet generation again, and does so if necessary.
331 * @param peer to check for rescheduling
333 static void bgp_write_proceed_actions(struct peer
*peer
)
338 struct bpacket
*next_pkt
;
339 struct update_subgroup
*subgrp
;
341 FOREACH_AFI_SAFI (afi
, safi
) {
342 paf
= peer_af_find(peer
, afi
, safi
);
345 subgrp
= paf
->subgroup
;
349 next_pkt
= paf
->next_pkt_to_send
;
350 if (next_pkt
&& next_pkt
->buffer
) {
351 BGP_TIMER_ON(peer
->t_generate_updgrp_packets
,
352 bgp_generate_updgrp_packets
, 0);
356 /* No packets readily available for AFI/SAFI, are there
358 * that need to be generated? */
359 if (bpacket_queue_is_full(SUBGRP_INST(subgrp
),
361 || subgroup_packets_to_build(subgrp
)) {
362 BGP_TIMER_ON(peer
->t_generate_updgrp_packets
,
363 bgp_generate_updgrp_packets
, 0);
367 /* No packets to send, see if EOR is pending */
368 if (CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
)) {
369 if (!subgrp
->t_coalesce
&& peer
->afc_nego
[afi
][safi
]
371 && !CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
372 PEER_STATUS_EOR_SEND
)
373 && safi
!= SAFI_MPLS_VPN
) {
374 BGP_TIMER_ON(peer
->t_generate_updgrp_packets
,
375 bgp_generate_updgrp_packets
, 0);
383 * Generate advertisement information (withdraws, updates, EOR) from each
384 * update group a peer belongs to, encode this information into packets, and
385 * enqueue the packets onto the peer's output buffer.
387 int bgp_generate_updgrp_packets(struct thread
*thread
)
389 struct peer
*peer
= THREAD_ARG(thread
);
393 struct bpacket
*next_pkt
;
395 uint32_t generated
= 0;
399 wpq
= atomic_load_explicit(&peer
->bgp
->wpkt_quanta
,
400 memory_order_relaxed
);
403 * The code beyond this part deals with update packets, proceed only
404 * if peer is Established and updates are not on hold (as part of
405 * update-delay processing).
407 if (peer
->status
!= Established
)
410 if ((peer
->bgp
->main_peers_update_hold
)
411 || bgp_update_delay_active(peer
->bgp
))
414 if (peer
->t_routeadv
)
419 FOREACH_AFI_SAFI (afi
, safi
) {
420 paf
= peer_af_find(peer
, afi
, safi
);
421 if (!paf
|| !PAF_SUBGRP(paf
))
423 next_pkt
= paf
->next_pkt_to_send
;
426 * Try to generate a packet for the peer if we are at
427 * the end of the list. Always try to push out
430 if (!next_pkt
|| !next_pkt
->buffer
) {
431 next_pkt
= subgroup_withdraw_packet(
433 if (!next_pkt
|| !next_pkt
->buffer
)
434 subgroup_update_packet(PAF_SUBGRP(paf
));
435 next_pkt
= paf
->next_pkt_to_send
;
439 * If we still don't have a packet to send to the peer,
440 * then try to find out out if we have to send eor or
441 * if not, skip to the next AFI, SAFI. Don't send the
442 * EOR prematurely; if the subgroup's coalesce timer is
443 * running, the adjacency-out structure is not created
446 if (!next_pkt
|| !next_pkt
->buffer
) {
447 if (CHECK_FLAG(peer
->cap
,
448 PEER_CAP_RESTART_RCV
)) {
449 if (!(PAF_SUBGRP(paf
))->t_coalesce
450 && peer
->afc_nego
[afi
][safi
]
453 peer
->af_sflags
[afi
][safi
],
454 PEER_STATUS_EOR_SEND
)) {
455 /* If EOR is disabled,
456 * the message is not sent
458 if (BGP_SEND_EOR(peer
->bgp
, afi
,
464 PEER_STATUS_EOR_SEND
);
482 /* Update packet send time */
483 peer
->pkt_stime
[afi
][safi
] = monotime(NULL
);
485 /* Found a packet template to send, overwrite
486 * packet with appropriate attributes from peer
487 * and advance peer */
488 s
= bpacket_reformat_for_peer(next_pkt
, paf
);
489 bgp_packet_add(peer
, s
);
490 bpacket_queue_advance_peer(paf
);
492 } while (s
&& (++generated
< wpq
));
497 bgp_write_proceed_actions(peer
);
503 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
505 void bgp_keepalive_send(struct peer
*peer
)
509 s
= stream_new(BGP_MAX_PACKET_SIZE
);
511 /* Make keepalive packet. */
512 bgp_packet_set_marker(s
, BGP_MSG_KEEPALIVE
);
514 /* Set packet size. */
515 (void)bgp_packet_set_size(s
);
517 /* Dump packet if debug option is set. */
518 /* bgp_packet_dump (s); */
520 if (bgp_debug_keepalive(peer
))
521 zlog_debug("%s sending KEEPALIVE", peer
->host
);
523 /* Add packet to the peer. */
524 bgp_packet_add(peer
, s
);
530 * Creates a BGP Open packet and appends it to the peer's output queue.
531 * Sets capabilities as necessary.
533 void bgp_open_send(struct peer
*peer
)
536 uint16_t send_holdtime
;
539 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
))
540 send_holdtime
= peer
->holdtime
;
542 send_holdtime
= peer
->bgp
->default_holdtime
;
544 /* local-as Change */
545 if (peer
->change_local_as
)
546 local_as
= peer
->change_local_as
;
548 local_as
= peer
->local_as
;
550 s
= stream_new(BGP_MAX_PACKET_SIZE
);
552 /* Make open packet. */
553 bgp_packet_set_marker(s
, BGP_MSG_OPEN
);
555 /* Set open packet values. */
556 stream_putc(s
, BGP_VERSION_4
); /* BGP version */
557 stream_putw(s
, (local_as
<= BGP_AS_MAX
) ? (uint16_t)local_as
559 stream_putw(s
, send_holdtime
); /* Hold Time */
560 stream_put_in_addr(s
, &peer
->local_id
); /* BGP Identifier */
562 /* Set capability code. */
563 bgp_open_capability(s
, peer
);
565 /* Set BGP packet length. */
566 (void)bgp_packet_set_size(s
);
568 if (bgp_debug_neighbor_events(peer
))
570 "%s sending OPEN, version %d, my as %u, holdtime %d, id %pI4",
571 peer
->host
, BGP_VERSION_4
, local_as
, send_holdtime
,
574 /* Dump packet if debug option is set. */
575 /* bgp_packet_dump (s); */
576 hook_call(bgp_packet_send
, peer
, BGP_MSG_OPEN
, stream_get_endp(s
), s
);
578 /* Add packet to the peer. */
579 bgp_packet_add(peer
, s
);
585 * Writes NOTIFICATION message directly to a peer socket without waiting for
588 * There must be exactly one stream on the peer->obuf FIFO, and the data within
589 * this stream must match the format of a BGP NOTIFICATION message.
590 * Transmission is best-effort.
592 * @requires peer->io_mtx
596 static void bgp_write_notify(struct peer
*peer
)
602 /* There should be at least one packet. */
603 s
= stream_fifo_pop(peer
->obuf
);
608 assert(stream_get_endp(s
) >= BGP_HEADER_SIZE
);
610 /* Stop collecting data within the socket */
611 sockopt_cork(peer
->fd
, 0);
614 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
615 * we only care about getting a clean shutdown at this point.
617 ret
= write(peer
->fd
, STREAM_DATA(s
), stream_get_endp(s
));
620 * only connection reset/close gets counted as TCP_fatal_error, failure
621 * to write the entire NOTIFY doesn't get different FSM treatment
625 BGP_EVENT_ADD(peer
, TCP_fatal_error
);
629 /* Disable Nagle, make NOTIFY packet go out right away */
631 (void)setsockopt(peer
->fd
, IPPROTO_TCP
, TCP_NODELAY
, (char *)&val
,
634 /* Retrieve BGP packet type. */
635 stream_set_getp(s
, BGP_MARKER_SIZE
+ 2);
636 type
= stream_getc(s
);
638 assert(type
== BGP_MSG_NOTIFY
);
640 /* Type should be notify. */
641 atomic_fetch_add_explicit(&peer
->notify_out
, 1, memory_order_relaxed
);
644 /* Double start timer. */
647 /* Overflow check. */
648 if (peer
->v_start
>= (60 * 2))
649 peer
->v_start
= (60 * 2);
652 * Handle Graceful Restart case where the state changes to
653 * Connect instead of Idle
655 BGP_EVENT_ADD(peer
, BGP_Stop
);
661 * Creates a BGP Notify and appends it to the peer's output queue.
663 * This function attempts to write the packet from the thread it is called
664 * from, to ensure the packet gets out ASAP.
666 * This function may be called from multiple threads. Since the function
667 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
668 * call to prevent tampering from other threads.
670 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
671 * return, the peer structure *must* be reset; no assumptions about session
675 * @param code BGP error code
676 * @param sub_code BGP error subcode
677 * @param data Data portion
678 * @param datalen length of data portion
680 void bgp_notify_send_with_data(struct peer
*peer
, uint8_t code
,
681 uint8_t sub_code
, uint8_t *data
, size_t datalen
)
685 /* Lock I/O mutex to prevent other threads from pushing packets */
686 frr_mutex_lock_autounlock(&peer
->io_mtx
);
687 /* ============================================== */
689 /* Allocate new stream. */
690 s
= stream_new(BGP_MAX_PACKET_SIZE
);
692 /* Make notify packet. */
693 bgp_packet_set_marker(s
, BGP_MSG_NOTIFY
);
695 /* Set notify packet values. */
696 stream_putc(s
, code
); /* BGP notify code */
697 stream_putc(s
, sub_code
); /* BGP notify sub_code */
699 /* If notify data is present. */
701 stream_write(s
, data
, datalen
);
703 /* Set BGP packet length. */
704 bgp_packet_set_size(s
);
706 /* wipe output buffer */
707 stream_fifo_clean(peer
->obuf
);
710 * If possible, store last packet for debugging purposes. This check is
711 * in place because we are sometimes called with a doppelganger peer,
712 * who tends to have a plethora of fields nulled out.
715 size_t packetsize
= stream_get_endp(peer
->curr
);
716 assert(packetsize
<= sizeof(peer
->last_reset_cause
));
717 memcpy(peer
->last_reset_cause
, peer
->curr
->data
, packetsize
);
718 peer
->last_reset_cause_size
= packetsize
;
723 struct bgp_notify bgp_notify
;
728 bgp_notify
.code
= code
;
729 bgp_notify
.subcode
= sub_code
;
730 bgp_notify
.data
= NULL
;
731 bgp_notify
.length
= datalen
;
732 bgp_notify
.raw_data
= data
;
734 peer
->notify
.code
= bgp_notify
.code
;
735 peer
->notify
.subcode
= bgp_notify
.subcode
;
737 if (bgp_notify
.length
&& data
) {
739 XMALLOC(MTYPE_TMP
, bgp_notify
.length
* 3);
740 for (i
= 0; i
< bgp_notify
.length
; i
++)
742 snprintf(c
, sizeof(c
), " %02x",
745 strlcat(bgp_notify
.data
, c
,
750 snprintf(c
, sizeof(c
), "%02x", data
[i
]);
752 strlcpy(bgp_notify
.data
, c
,
756 bgp_notify_print(peer
, &bgp_notify
, "sending");
758 if (bgp_notify
.data
) {
759 XFREE(MTYPE_TMP
, bgp_notify
.data
);
760 bgp_notify
.length
= 0;
764 /* peer reset cause */
765 if (code
== BGP_NOTIFY_CEASE
) {
766 if (sub_code
== BGP_NOTIFY_CEASE_ADMIN_RESET
)
767 peer
->last_reset
= PEER_DOWN_USER_RESET
;
768 else if (sub_code
== BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN
)
769 peer
->last_reset
= PEER_DOWN_USER_SHUTDOWN
;
771 peer
->last_reset
= PEER_DOWN_NOTIFY_SEND
;
773 peer
->last_reset
= PEER_DOWN_NOTIFY_SEND
;
775 /* Add packet to peer's output queue */
776 stream_fifo_push(peer
->obuf
, s
);
778 bgp_peer_gr_flags_update(peer
);
779 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer
->bgp
,
782 bgp_write_notify(peer
);
786 * Creates a BGP Notify and appends it to the peer's output queue.
788 * This function attempts to write the packet from the thread it is called
789 * from, to ensure the packet gets out ASAP.
792 * @param code BGP error code
793 * @param sub_code BGP error subcode
795 void bgp_notify_send(struct peer
*peer
, uint8_t code
, uint8_t sub_code
)
797 bgp_notify_send_with_data(peer
, code
, sub_code
, NULL
, 0);
801 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
804 * @param afi Address Family Identifier
805 * @param safi Subsequent Address Family Identifier
806 * @param orf_type Outbound Route Filtering type
807 * @param when_to_refresh Whether to refresh immediately or defer
808 * @param remove Whether to remove ORF for specified AFI/SAFI
810 void bgp_route_refresh_send(struct peer
*peer
, afi_t afi
, safi_t safi
,
811 uint8_t orf_type
, uint8_t when_to_refresh
,
815 struct bgp_filter
*filter
;
818 iana_safi_t pkt_safi
;
820 if (DISABLE_BGP_ANNOUNCE
)
823 filter
= &peer
->filter
[afi
][safi
];
825 /* Convert AFI, SAFI to values for packet. */
826 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
828 s
= stream_new(BGP_MAX_PACKET_SIZE
);
830 /* Make BGP update packet. */
831 if (CHECK_FLAG(peer
->cap
, PEER_CAP_REFRESH_NEW_RCV
))
832 bgp_packet_set_marker(s
, BGP_MSG_ROUTE_REFRESH_NEW
);
834 bgp_packet_set_marker(s
, BGP_MSG_ROUTE_REFRESH_OLD
);
836 /* Encode Route Refresh message. */
837 stream_putw(s
, pkt_afi
);
839 stream_putc(s
, pkt_safi
);
841 if (orf_type
== ORF_TYPE_PREFIX
|| orf_type
== ORF_TYPE_PREFIX_OLD
)
842 if (remove
|| filter
->plist
[FILTER_IN
].plist
) {
847 stream_putc(s
, when_to_refresh
);
848 stream_putc(s
, orf_type
);
849 orfp
= stream_get_endp(s
);
853 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
854 PEER_STATUS_ORF_PREFIX_SEND
);
855 stream_putc(s
, ORF_COMMON_PART_REMOVE_ALL
);
856 if (bgp_debug_neighbor_events(peer
))
858 "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
859 peer
->host
, orf_type
,
860 (when_to_refresh
== REFRESH_DEFER
863 iana_afi2str(pkt_afi
),
864 iana_safi2str(pkt_safi
));
866 SET_FLAG(peer
->af_sflags
[afi
][safi
],
867 PEER_STATUS_ORF_PREFIX_SEND
);
868 prefix_bgp_orf_entry(
869 s
, filter
->plist
[FILTER_IN
].plist
,
871 ORF_COMMON_PART_PERMIT
,
872 ORF_COMMON_PART_DENY
);
873 if (bgp_debug_neighbor_events(peer
))
875 "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
876 peer
->host
, orf_type
,
877 (when_to_refresh
== REFRESH_DEFER
880 iana_afi2str(pkt_afi
),
881 iana_safi2str(pkt_safi
));
884 /* Total ORF Entry Len. */
885 orf_len
= stream_get_endp(s
) - orfp
- 2;
886 stream_putw_at(s
, orfp
, orf_len
);
889 /* Set packet size. */
890 (void)bgp_packet_set_size(s
);
892 if (bgp_debug_neighbor_events(peer
)) {
894 zlog_debug("%s sending REFRESH_REQ for afi/safi: %s/%s",
895 peer
->host
, iana_afi2str(pkt_afi
),
896 iana_safi2str(pkt_safi
));
899 /* Add packet to the peer. */
900 bgp_packet_add(peer
, s
);
906 * Create a BGP Capability packet and append it to the peer's output queue.
909 * @param afi Address Family Identifier
910 * @param safi Subsequent Address Family Identifier
911 * @param capability_code BGP Capability Code
912 * @param action Set or Remove capability
914 void bgp_capability_send(struct peer
*peer
, afi_t afi
, safi_t safi
,
915 int capability_code
, int action
)
919 iana_safi_t pkt_safi
;
921 /* Convert AFI, SAFI to values for packet. */
922 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
924 s
= stream_new(BGP_MAX_PACKET_SIZE
);
926 /* Make BGP update packet. */
927 bgp_packet_set_marker(s
, BGP_MSG_CAPABILITY
);
929 /* Encode MP_EXT capability. */
930 if (capability_code
== CAPABILITY_CODE_MP
) {
931 stream_putc(s
, action
);
932 stream_putc(s
, CAPABILITY_CODE_MP
);
933 stream_putc(s
, CAPABILITY_CODE_MP_LEN
);
934 stream_putw(s
, pkt_afi
);
936 stream_putc(s
, pkt_safi
);
938 if (bgp_debug_neighbor_events(peer
))
940 "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
942 action
== CAPABILITY_ACTION_SET
? "Advertising"
944 iana_afi2str(pkt_afi
), iana_safi2str(pkt_safi
));
947 /* Set packet size. */
948 (void)bgp_packet_set_size(s
);
950 /* Add packet to the peer. */
951 bgp_packet_add(peer
, s
);
956 /* RFC1771 6.8 Connection collision detection. */
957 static int bgp_collision_detect(struct peer
*new, struct in_addr remote_id
)
961 /* Upon receipt of an OPEN message, the local system must examine
962 all of its connections that are in the OpenConfirm state. A BGP
963 speaker may also examine connections in an OpenSent state if it
964 knows the BGP Identifier of the peer by means outside of the
965 protocol. If among these connections there is a connection to a
966 remote BGP speaker whose BGP Identifier equals the one in the
967 OPEN message, then the local system performs the following
968 collision resolution procedure: */
970 if ((peer
= new->doppelganger
) != NULL
) {
971 /* Do not accept the new connection in Established or Clearing
973 * Note that a peer GR is handled by closing the existing
975 * upon receipt of new one.
977 if (peer
->status
== Established
|| peer
->status
== Clearing
) {
978 bgp_notify_send(new, BGP_NOTIFY_CEASE
,
979 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
981 } else if ((peer
->status
== OpenConfirm
)
982 || (peer
->status
== OpenSent
)) {
983 /* 1. The BGP Identifier of the local system is
984 * compared to the BGP Identifier of the remote
985 * system (as specified in the OPEN message).
987 * If the BGP Identifiers of the peers
988 * involved in the connection collision
989 * are identical, then the connection
990 * initiated by the BGP speaker with the
991 * larger AS number is preserved.
993 if (ntohl(peer
->local_id
.s_addr
)
994 < ntohl(remote_id
.s_addr
)
995 || (ntohl(peer
->local_id
.s_addr
)
996 == ntohl(remote_id
.s_addr
)
997 && peer
->local_as
< peer
->as
))
998 if (!CHECK_FLAG(peer
->sflags
,
999 PEER_STATUS_ACCEPT_PEER
)) {
1000 /* 2. If the value of the local BGP
1002 than the remote one, the local system
1004 connection that already exists (the
1006 already in the OpenConfirm state),
1008 connection initiated by the remote
1011 peer
, BGP_NOTIFY_CEASE
,
1012 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1016 new, BGP_NOTIFY_CEASE
,
1017 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1021 if (ntohl(peer
->local_id
.s_addr
)
1022 == ntohl(remote_id
.s_addr
)
1023 && peer
->local_as
== peer
->as
)
1025 EC_BGP_ROUTER_ID_SAME
,
1026 "Peer's router-id %pI4 is the same as ours",
1029 /* 3. Otherwise, the local system closes newly
1031 BGP connection (the one associated with the
1033 received OPEN message), and continues to use
1035 existing one (the one that is already in the
1036 OpenConfirm state). */
1037 if (CHECK_FLAG(peer
->sflags
,
1038 PEER_STATUS_ACCEPT_PEER
)) {
1040 peer
, BGP_NOTIFY_CEASE
,
1041 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1045 new, BGP_NOTIFY_CEASE
,
1046 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1055 /* Packet processing routines ---------------------------------------------- */
1057 * This is a family of functions designed to be called from
1058 * bgp_process_packet(). These functions all share similar behavior and should
1059 * adhere to the following invariants and restrictions:
1063 * The return code of any one of those functions should be one of the FSM event
1064 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1065 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1066 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1067 * error and Receive_OPEN_message otherwise.
1069 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1074 * - May send NOTIFY messages
1075 * - May not modify peer->status
1076 * - May not call bgp_event_update()
1079 #define BGP_PACKET_NOOP 0
1082 * Process BGP OPEN message for peer.
1084 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1085 * and returns BGP_Stop.
1088 * @param size size of the packet
1089 * @return as in summary
1091 static int bgp_open_receive(struct peer
*peer
, bgp_size_t size
)
1097 uint16_t send_holdtime
;
1099 as_t as4
= 0, as4_be
;
1100 struct in_addr remote_id
;
1102 uint8_t notify_data_remote_as
[2];
1103 uint8_t notify_data_remote_as4
[4];
1104 uint8_t notify_data_remote_id
[4];
1105 uint16_t *holdtime_ptr
;
1107 /* Parse open packet. */
1108 version
= stream_getc(peer
->curr
);
1109 memcpy(notify_data_remote_as
, stream_pnt(peer
->curr
), 2);
1110 remote_as
= stream_getw(peer
->curr
);
1111 holdtime_ptr
= (uint16_t *)stream_pnt(peer
->curr
);
1112 holdtime
= stream_getw(peer
->curr
);
1113 memcpy(notify_data_remote_id
, stream_pnt(peer
->curr
), 4);
1114 remote_id
.s_addr
= stream_get_ipv4(peer
->curr
);
1116 /* Receive OPEN message log */
1117 if (bgp_debug_neighbor_events(peer
))
1119 "%s rcv OPEN, version %d, remote-as (in open) %u, holdtime %d, id %pI4",
1120 peer
->host
, version
, remote_as
, holdtime
, &remote_id
);
1122 /* BEGIN to read the capability here, but dont do it yet */
1124 optlen
= stream_getc(peer
->curr
);
1127 /* If not enough bytes, it is an error. */
1128 if (STREAM_READABLE(peer
->curr
) < optlen
) {
1129 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1130 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1134 /* We need the as4 capability value *right now* because
1135 * if it is there, we have not got the remote_as yet, and
1137 * that we do not know which peer is connecting to us now.
1139 as4
= peek_for_as4_capability(peer
, optlen
);
1142 as4_be
= htonl(as4
);
1143 memcpy(notify_data_remote_as4
, &as4_be
, 4);
1145 /* Just in case we have a silly peer who sends AS4 capability set to 0
1147 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
) && !as4
) {
1148 flog_err(EC_BGP_PKT_OPEN
,
1149 "%s bad OPEN, got AS4 capability, but AS4 set to 0",
1151 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1152 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1153 notify_data_remote_as4
, 4);
1157 /* Codification of AS 0 Processing */
1158 if (remote_as
== BGP_AS_ZERO
) {
1159 flog_err(EC_BGP_PKT_OPEN
, "%s bad OPEN, got AS set to 0",
1161 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1162 BGP_NOTIFY_OPEN_BAD_PEER_AS
);
1166 if (remote_as
== BGP_AS_TRANS
) {
1167 /* Take the AS4 from the capability. We must have received the
1168 * capability now! Otherwise we have a asn16 peer who uses
1169 * BGP_AS_TRANS, for some unknown reason.
1171 if (as4
== BGP_AS_TRANS
) {
1174 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1176 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1177 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1178 notify_data_remote_as4
, 4);
1182 if (!as4
&& BGP_DEBUG(as4
, AS4
))
1184 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4. Odd, but proceeding.",
1186 else if (as4
< BGP_AS_MAX
&& BGP_DEBUG(as4
, AS4
))
1188 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits in 2-bytes, very odd peer.",
1193 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1195 /* If we have got the capability, peer->as4cap must match
1197 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)
1198 && as4
!= remote_as
) {
1199 /* raise error, log this, close session */
1202 "%s bad OPEN, got AS4 capability, but remote_as %u mismatch with 16bit 'myasn' %u in open",
1203 peer
->host
, as4
, remote_as
);
1204 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1205 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1206 notify_data_remote_as4
, 4);
1212 * If the BGP Identifier field of the OPEN message
1213 * is zero, or if it is the same as the BGP Identifier
1214 * of the local BGP speaker and the message is from an
1215 * internal peer, then the Error Subcode is set to
1216 * "Bad BGP Identifier".
1218 if (remote_id
.s_addr
== INADDR_ANY
1219 || (peer
->sort
== BGP_PEER_IBGP
1220 && ntohl(peer
->local_id
.s_addr
) == ntohl(remote_id
.s_addr
))) {
1221 if (bgp_debug_neighbor_events(peer
))
1222 zlog_debug("%s bad OPEN, wrong router identifier %pI4",
1223 peer
->host
, &remote_id
);
1224 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1225 BGP_NOTIFY_OPEN_BAD_BGP_IDENT
,
1226 notify_data_remote_id
, 4);
1230 /* Set remote router-id */
1231 peer
->remote_id
= remote_id
;
1233 /* Peer BGP version check. */
1234 if (version
!= BGP_VERSION_4
) {
1235 uint16_t maxver
= htons(BGP_VERSION_4
);
1236 /* XXX this reply may not be correct if version < 4 XXX */
1237 if (bgp_debug_neighbor_events(peer
))
1239 "%s bad protocol version, remote requested %d, local request %d",
1240 peer
->host
, version
, BGP_VERSION_4
);
1241 /* Data must be in network byte order here */
1242 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1243 BGP_NOTIFY_OPEN_UNSUP_VERSION
,
1244 (uint8_t *)&maxver
, 2);
1248 /* Check neighbor as number. */
1249 if (peer
->as_type
== AS_UNSPECIFIED
) {
1250 if (bgp_debug_neighbor_events(peer
))
1252 "%s bad OPEN, remote AS is unspecified currently",
1254 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1255 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1256 notify_data_remote_as
, 2);
1258 } else if (peer
->as_type
== AS_INTERNAL
) {
1259 if (remote_as
!= peer
->bgp
->as
) {
1260 if (bgp_debug_neighbor_events(peer
))
1262 "%s bad OPEN, remote AS is %u, internal specified",
1263 peer
->host
, remote_as
);
1264 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1265 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1266 notify_data_remote_as
, 2);
1269 peer
->as
= peer
->local_as
;
1270 } else if (peer
->as_type
== AS_EXTERNAL
) {
1271 if (remote_as
== peer
->bgp
->as
) {
1272 if (bgp_debug_neighbor_events(peer
))
1274 "%s bad OPEN, remote AS is %u, external specified",
1275 peer
->host
, remote_as
);
1276 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1277 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1278 notify_data_remote_as
, 2);
1281 peer
->as
= remote_as
;
1282 } else if ((peer
->as_type
== AS_SPECIFIED
) && (remote_as
!= peer
->as
)) {
1283 if (bgp_debug_neighbor_events(peer
))
1284 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1285 peer
->host
, remote_as
, peer
->as
);
1286 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1287 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1288 notify_data_remote_as
, 2);
1292 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1293 calculate the value of the Hold Timer by using the smaller of its
1294 configured Hold Time and the Hold Time received in the OPEN message.
1295 The Hold Time MUST be either zero or at least three seconds. An
1296 implementation may reject connections on the basis of the Hold Time.
1299 if (holdtime
< 3 && holdtime
!= 0) {
1300 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1301 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME
,
1302 (uint8_t *)holdtime_ptr
, 2);
1306 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1307 would be one third of the Hold Time interval. KEEPALIVE messages
1308 MUST NOT be sent more frequently than one per second. An
1309 implementation MAY adjust the rate at which it sends KEEPALIVE
1310 messages as a function of the Hold Time interval. */
1312 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
))
1313 send_holdtime
= peer
->holdtime
;
1315 send_holdtime
= peer
->bgp
->default_holdtime
;
1317 if (holdtime
< send_holdtime
)
1318 peer
->v_holdtime
= holdtime
;
1320 peer
->v_holdtime
= send_holdtime
;
1322 /* Set effective keepalive to 1/3 the effective holdtime.
1323 * Use configured keeplive when < effective keepalive.
1325 peer
->v_keepalive
= peer
->v_holdtime
/ 3;
1326 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
)) {
1327 if (peer
->keepalive
&& peer
->keepalive
< peer
->v_keepalive
)
1328 peer
->v_keepalive
= peer
->keepalive
;
1330 if (peer
->bgp
->default_keepalive
1331 && peer
->bgp
->default_keepalive
< peer
->v_keepalive
)
1332 peer
->v_keepalive
= peer
->bgp
->default_keepalive
;
1335 /* Open option part parse. */
1337 if (bgp_open_option_parse(peer
, optlen
, &mp_capability
) < 0)
1340 if (bgp_debug_neighbor_events(peer
))
1341 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1346 * Assume that the peer supports the locally configured set of
1347 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1348 * capabilities, or if 'override-capability' is configured.
1351 || CHECK_FLAG(peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
)) {
1352 peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
] =
1353 peer
->afc
[AFI_IP
][SAFI_UNICAST
];
1354 peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
] =
1355 peer
->afc
[AFI_IP
][SAFI_MULTICAST
];
1356 peer
->afc_nego
[AFI_IP
][SAFI_LABELED_UNICAST
] =
1357 peer
->afc
[AFI_IP
][SAFI_LABELED_UNICAST
];
1358 peer
->afc_nego
[AFI_IP
][SAFI_FLOWSPEC
] =
1359 peer
->afc
[AFI_IP
][SAFI_FLOWSPEC
];
1360 peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
] =
1361 peer
->afc
[AFI_IP6
][SAFI_UNICAST
];
1362 peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
] =
1363 peer
->afc
[AFI_IP6
][SAFI_MULTICAST
];
1364 peer
->afc_nego
[AFI_IP6
][SAFI_LABELED_UNICAST
] =
1365 peer
->afc
[AFI_IP6
][SAFI_LABELED_UNICAST
];
1366 peer
->afc_nego
[AFI_L2VPN
][SAFI_EVPN
] =
1367 peer
->afc
[AFI_L2VPN
][SAFI_EVPN
];
1368 peer
->afc_nego
[AFI_IP6
][SAFI_FLOWSPEC
] =
1369 peer
->afc
[AFI_IP6
][SAFI_FLOWSPEC
];
1372 /* When collision is detected and this peer is closed.
1373 * Return immediately.
1375 ret
= bgp_collision_detect(peer
, remote_id
);
1380 if (bgp_getsockname(peer
) < 0) {
1381 flog_err_sys(EC_LIB_SOCKET
,
1382 "%s: bgp_getsockname() failed for peer: %s",
1383 __func__
, peer
->host
);
1387 /* Verify valid local address present based on negotiated
1388 * address-families. */
1389 if (peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
]
1390 || peer
->afc_nego
[AFI_IP
][SAFI_LABELED_UNICAST
]
1391 || peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
]
1392 || peer
->afc_nego
[AFI_IP
][SAFI_MPLS_VPN
]
1393 || peer
->afc_nego
[AFI_IP
][SAFI_ENCAP
]) {
1394 if (peer
->nexthop
.v4
.s_addr
== INADDR_ANY
) {
1395 #if defined(HAVE_CUMULUS)
1396 zlog_warn("%s: No local IPv4 addr, BGP routing may not work",
1401 if (peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
]
1402 || peer
->afc_nego
[AFI_IP6
][SAFI_LABELED_UNICAST
]
1403 || peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
]
1404 || peer
->afc_nego
[AFI_IP6
][SAFI_MPLS_VPN
]
1405 || peer
->afc_nego
[AFI_IP6
][SAFI_ENCAP
]) {
1406 if (IN6_IS_ADDR_UNSPECIFIED(&peer
->nexthop
.v6_global
)) {
1407 #if defined(HAVE_CUMULUS)
1408 zlog_warn("%s: No local IPv6 address, BGP routing may not work",
1413 peer
->rtt
= sockopt_tcp_rtt(peer
->fd
);
1415 return Receive_OPEN_message
;
1419 * Process BGP KEEPALIVE message for peer.
1422 * @param size size of the packet
1423 * @return as in summary
1425 static int bgp_keepalive_receive(struct peer
*peer
, bgp_size_t size
)
1427 if (bgp_debug_keepalive(peer
))
1428 zlog_debug("%s KEEPALIVE rcvd", peer
->host
);
1430 bgp_update_implicit_eors(peer
);
1432 peer
->rtt
= sockopt_tcp_rtt(peer
->fd
);
1434 /* If the peer's RTT is higher than expected, shutdown
1435 * the peer automatically.
1437 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_RTT_SHUTDOWN
)
1438 && peer
->rtt
> peer
->rtt_expected
) {
1440 peer
->rtt_keepalive_rcv
++;
1442 if (peer
->rtt_keepalive_rcv
> peer
->rtt_keepalive_conf
) {
1444 "%s shutdown due to high round-trip-time (%dms > %dms)",
1445 peer
->host
, peer
->rtt
, peer
->rtt_expected
);
1446 peer_flag_set(peer
, PEER_FLAG_SHUTDOWN
);
1449 if (peer
->rtt_keepalive_rcv
)
1450 peer
->rtt_keepalive_rcv
--;
1453 return Receive_KEEPALIVE_message
;
1458 * Process BGP UPDATE message for peer.
1460 * Parses UPDATE and creates attribute object.
1463 * @param size size of the packet
1464 * @return as in summary
1466 static int bgp_update_receive(struct peer
*peer
, bgp_size_t size
)
1472 bgp_size_t attribute_len
;
1473 bgp_size_t update_len
;
1474 bgp_size_t withdraw_len
;
1475 bool restart
= false;
1484 struct bgp_nlri nlris
[NLRI_TYPE_MAX
];
1486 /* Status must be Established. */
1487 if (peer
->status
!= Established
) {
1488 flog_err(EC_BGP_INVALID_STATUS
,
1489 "%s [FSM] Update packet received under status %s",
1491 lookup_msg(bgp_status_msg
, peer
->status
, NULL
));
1492 bgp_notify_send(peer
, BGP_NOTIFY_FSM_ERR
,
1493 bgp_fsm_error_subcode(peer
->status
));
1497 /* Set initial values. */
1498 memset(&attr
, 0, sizeof(struct attr
));
1499 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
1500 attr
.label
= MPLS_INVALID_LABEL
;
1501 memset(&nlris
, 0, sizeof(nlris
));
1502 memset(peer
->rcvd_attr_str
, 0, BUFSIZ
);
1503 peer
->rcvd_attr_printed
= 0;
1506 end
= stream_pnt(s
) + size
;
1508 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1509 Length is too large (i.e., if Unfeasible Routes Length + Total
1510 Attribute Length + 23 exceeds the message Length), then the Error
1511 Subcode is set to Malformed Attribute List. */
1512 if (stream_pnt(s
) + 2 > end
) {
1513 flog_err(EC_BGP_UPDATE_RCV
,
1514 "%s [Error] Update packet error (packet length is short for unfeasible length)",
1516 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1517 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1521 /* Unfeasible Route Length. */
1522 withdraw_len
= stream_getw(s
);
1524 /* Unfeasible Route Length check. */
1525 if (stream_pnt(s
) + withdraw_len
> end
) {
1526 flog_err(EC_BGP_UPDATE_RCV
,
1527 "%s [Error] Update packet error (packet unfeasible length overflow %d)",
1528 peer
->host
, withdraw_len
);
1529 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1530 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1534 /* Unfeasible Route packet format check. */
1535 if (withdraw_len
> 0) {
1536 nlris
[NLRI_WITHDRAW
].afi
= AFI_IP
;
1537 nlris
[NLRI_WITHDRAW
].safi
= SAFI_UNICAST
;
1538 nlris
[NLRI_WITHDRAW
].nlri
= stream_pnt(s
);
1539 nlris
[NLRI_WITHDRAW
].length
= withdraw_len
;
1540 stream_forward_getp(s
, withdraw_len
);
1543 /* Attribute total length check. */
1544 if (stream_pnt(s
) + 2 > end
) {
1546 EC_BGP_UPDATE_PACKET_SHORT
,
1547 "%s [Error] Packet Error (update packet is short for attribute length)",
1549 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1550 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1554 /* Fetch attribute total length. */
1555 attribute_len
= stream_getw(s
);
1557 /* Attribute length check. */
1558 if (stream_pnt(s
) + attribute_len
> end
) {
1560 EC_BGP_UPDATE_PACKET_LONG
,
1561 "%s [Error] Packet Error (update packet attribute length overflow %d)",
1562 peer
->host
, attribute_len
);
1563 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1564 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1568 /* Certain attribute parsing errors should not be considered bad enough
1569 * to reset the session for, most particularly any partial/optional
1570 * attributes that have 'tunneled' over speakers that don't understand
1571 * them. Instead we withdraw only the prefix concerned.
1573 * Complicates the flow a little though..
1575 bgp_attr_parse_ret_t attr_parse_ret
= BGP_ATTR_PARSE_PROCEED
;
1576 /* This define morphs the update case into a withdraw when lower levels
1577 * have signalled an error condition where this is best.
1579 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1581 /* Parse attribute when it exists. */
1582 if (attribute_len
) {
1583 attr_parse_ret
= bgp_attr_parse(peer
, &attr
, attribute_len
,
1584 &nlris
[NLRI_MP_UPDATE
],
1585 &nlris
[NLRI_MP_WITHDRAW
]);
1586 if (attr_parse_ret
== BGP_ATTR_PARSE_ERROR
) {
1587 bgp_attr_unintern_sub(&attr
);
1592 /* Logging the attribute. */
1593 if (attr_parse_ret
== BGP_ATTR_PARSE_WITHDRAW
1594 || BGP_DEBUG(update
, UPDATE_IN
)
1595 || BGP_DEBUG(update
, UPDATE_PREFIX
)) {
1596 ret
= bgp_dump_attr(&attr
, peer
->rcvd_attr_str
,
1597 sizeof(peer
->rcvd_attr_str
));
1599 peer
->stat_upd_7606
++;
1601 if (attr_parse_ret
== BGP_ATTR_PARSE_WITHDRAW
)
1604 "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1607 if (ret
&& bgp_debug_update(peer
, NULL
, NULL
, 1)) {
1608 zlog_debug("%s rcvd UPDATE w/ attr: %s", peer
->host
,
1609 peer
->rcvd_attr_str
);
1610 peer
->rcvd_attr_printed
= 1;
1614 /* Network Layer Reachability Information. */
1615 update_len
= end
- stream_pnt(s
);
1618 /* Set NLRI portion to structure. */
1619 nlris
[NLRI_UPDATE
].afi
= AFI_IP
;
1620 nlris
[NLRI_UPDATE
].safi
= SAFI_UNICAST
;
1621 nlris
[NLRI_UPDATE
].nlri
= stream_pnt(s
);
1622 nlris
[NLRI_UPDATE
].length
= update_len
;
1623 stream_forward_getp(s
, update_len
);
1625 if (CHECK_FLAG(attr
.flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
))) {
1627 * We skipped nexthop attribute validation earlier so
1628 * validate the nexthop now.
1630 if (bgp_attr_nexthop_valid(peer
, &attr
) < 0) {
1631 bgp_attr_unintern_sub(&attr
);
1637 if (BGP_DEBUG(update
, UPDATE_IN
))
1638 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1639 peer
->host
, withdraw_len
, attribute_len
, update_len
);
1641 /* Parse any given NLRIs */
1642 for (int i
= NLRI_UPDATE
; i
< NLRI_TYPE_MAX
; i
++) {
1646 /* NLRI is processed iff the peer if configured for the specific
1648 if (!peer
->afc
[nlris
[i
].afi
][nlris
[i
].safi
]) {
1650 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1651 peer
->host
, nlris
[i
].afi
, nlris
[i
].safi
);
1655 /* EoR handled later */
1656 if (nlris
[i
].length
== 0)
1661 case NLRI_MP_UPDATE
:
1662 nlri_ret
= bgp_nlri_parse(peer
, NLRI_ATTR_ARG
,
1666 case NLRI_MP_WITHDRAW
:
1667 nlri_ret
= bgp_nlri_parse(peer
, &attr
, &nlris
[i
], 1);
1670 nlri_ret
= BGP_NLRI_PARSE_ERROR
;
1673 if (nlri_ret
< BGP_NLRI_PARSE_OK
1674 && nlri_ret
!= BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW
) {
1675 flog_err(EC_BGP_UPDATE_RCV
,
1676 "%s [Error] Error parsing NLRI", peer
->host
);
1677 if (peer
->status
== Established
)
1679 peer
, BGP_NOTIFY_UPDATE_ERR
,
1681 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1682 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
);
1683 bgp_attr_unintern_sub(&attr
);
1690 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1691 * and MP EoR should have only an empty MP_UNREACH
1693 if ((!update_len
&& !withdraw_len
&& nlris
[NLRI_MP_UPDATE
].length
== 0)
1694 || (attr_parse_ret
== BGP_ATTR_PARSE_EOR
)) {
1697 struct graceful_restart_info
*gr_info
;
1699 /* Restarting router */
1700 if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer
)
1701 && BGP_PEER_RESTARTING_MODE(peer
))
1704 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1706 * update and withdraw NLRI lengths are 0.
1708 if (!attribute_len
) {
1710 safi
= SAFI_UNICAST
;
1711 } else if (attr
.flag
& ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
)
1712 && nlris
[NLRI_MP_WITHDRAW
].length
== 0) {
1713 afi
= nlris
[NLRI_MP_WITHDRAW
].afi
;
1714 safi
= nlris
[NLRI_MP_WITHDRAW
].safi
;
1715 } else if (attr_parse_ret
== BGP_ATTR_PARSE_EOR
) {
1716 afi
= nlris
[NLRI_MP_UPDATE
].afi
;
1717 safi
= nlris
[NLRI_MP_UPDATE
].safi
;
1720 if (afi
&& peer
->afc
[afi
][safi
]) {
1721 struct vrf
*vrf
= vrf_lookup_by_id(peer
->bgp
->vrf_id
);
1723 /* End-of-RIB received */
1724 if (!CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
1725 PEER_STATUS_EOR_RECEIVED
)) {
1726 SET_FLAG(peer
->af_sflags
[afi
][safi
],
1727 PEER_STATUS_EOR_RECEIVED
);
1728 bgp_update_explicit_eors(peer
);
1729 /* Update graceful restart information */
1730 gr_info
= &(peer
->bgp
->gr_info
[afi
][safi
]);
1732 gr_info
->eor_received
++;
1733 /* If EOR received from all peers and selection
1734 * deferral timer is running, cancel the timer
1735 * and invoke the best path calculation
1737 if (gr_info
->eor_required
1738 == gr_info
->eor_received
) {
1739 if (bgp_debug_neighbor_events(peer
))
1743 gr_info
->eor_required
,
1745 gr_info
->eor_received
);
1747 gr_info
->t_select_deferral
);
1748 gr_info
->eor_required
= 0;
1749 gr_info
->eor_received
= 0;
1750 /* Best path selection */
1751 if (bgp_best_path_select_defer(
1752 peer
->bgp
, afi
, safi
)
1758 /* NSF delete stale route */
1759 if (peer
->nsf
[afi
][safi
])
1760 bgp_clear_stale_route(peer
, afi
, safi
);
1763 "%s: rcvd End-of-RIB for %s from %s in vrf %s",
1764 __func__
, get_afi_safi_str(afi
, safi
, false),
1765 peer
->host
, vrf
? vrf
->name
: VRF_DEFAULT_NAME
);
1769 /* Everything is done. We unintern temporary structures which
1770 interned in bgp_attr_parse(). */
1771 bgp_attr_unintern_sub(&attr
);
1773 peer
->update_time
= bgp_clock();
1775 /* Notify BGP Conditional advertisement scanner process */
1776 peer
->advmap_table_change
= true;
1778 return Receive_UPDATE_message
;
1782 * Process BGP NOTIFY message for peer.
1785 * @param size size of the packet
1786 * @return as in summary
1788 static int bgp_notify_receive(struct peer
*peer
, bgp_size_t size
)
1790 struct bgp_notify bgp_notify
;
1792 if (peer
->notify
.data
) {
1793 XFREE(MTYPE_TMP
, peer
->notify
.data
);
1794 peer
->notify
.length
= 0;
1797 bgp_notify
.code
= stream_getc(peer
->curr
);
1798 bgp_notify
.subcode
= stream_getc(peer
->curr
);
1799 bgp_notify
.length
= size
- 2;
1800 bgp_notify
.data
= NULL
;
1802 /* Preserv notify code and sub code. */
1803 peer
->notify
.code
= bgp_notify
.code
;
1804 peer
->notify
.subcode
= bgp_notify
.subcode
;
1805 /* For further diagnostic record returned Data. */
1806 if (bgp_notify
.length
) {
1807 peer
->notify
.length
= size
- 2;
1808 peer
->notify
.data
= XMALLOC(MTYPE_TMP
, size
- 2);
1809 memcpy(peer
->notify
.data
, stream_pnt(peer
->curr
), size
- 2);
1818 if (bgp_notify
.length
) {
1820 XMALLOC(MTYPE_TMP
, bgp_notify
.length
* 3);
1821 for (i
= 0; i
< bgp_notify
.length
; i
++)
1823 snprintf(c
, sizeof(c
), " %02x",
1824 stream_getc(peer
->curr
));
1826 strlcat(bgp_notify
.data
, c
,
1827 bgp_notify
.length
* 3);
1831 snprintf(c
, sizeof(c
), "%02x",
1832 stream_getc(peer
->curr
));
1834 strlcpy(bgp_notify
.data
, c
,
1835 bgp_notify
.length
* 3);
1837 bgp_notify
.raw_data
= (uint8_t *)peer
->notify
.data
;
1840 bgp_notify_print(peer
, &bgp_notify
, "received");
1841 if (bgp_notify
.data
) {
1842 XFREE(MTYPE_TMP
, bgp_notify
.data
);
1843 bgp_notify
.length
= 0;
1847 /* peer count update */
1848 atomic_fetch_add_explicit(&peer
->notify_in
, 1, memory_order_relaxed
);
1850 peer
->last_reset
= PEER_DOWN_NOTIFY_RECEIVED
;
1852 /* We have to check for Notify with Unsupported Optional Parameter.
1853 in that case we fallback to open without the capability option.
1854 But this done in bgp_stop. We just mark it here to avoid changing
1856 if (bgp_notify
.code
== BGP_NOTIFY_OPEN_ERR
1857 && bgp_notify
.subcode
== BGP_NOTIFY_OPEN_UNSUP_PARAM
)
1858 UNSET_FLAG(peer
->sflags
, PEER_STATUS_CAPABILITY_OPEN
);
1860 bgp_peer_gr_flags_update(peer
);
1861 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer
->bgp
,
1864 return Receive_NOTIFICATION_message
;
1868 * Process BGP ROUTEREFRESH message for peer.
1871 * @param size size of the packet
1872 * @return as in summary
1874 static int bgp_route_refresh_receive(struct peer
*peer
, bgp_size_t size
)
1878 iana_safi_t pkt_safi
;
1881 struct peer_af
*paf
;
1882 struct update_group
*updgrp
;
1883 struct peer
*updgrp_peer
;
1885 /* If peer does not have the capability, send notification. */
1886 if (!CHECK_FLAG(peer
->cap
, PEER_CAP_REFRESH_ADV
)) {
1887 flog_err(EC_BGP_NO_CAP
,
1888 "%s [Error] BGP route refresh is not enabled",
1890 bgp_notify_send(peer
, BGP_NOTIFY_HEADER_ERR
,
1891 BGP_NOTIFY_HEADER_BAD_MESTYPE
);
1895 /* Status must be Established. */
1896 if (peer
->status
!= Established
) {
1898 EC_BGP_INVALID_STATUS
,
1899 "%s [Error] Route refresh packet received under status %s",
1901 lookup_msg(bgp_status_msg
, peer
->status
, NULL
));
1902 bgp_notify_send(peer
, BGP_NOTIFY_FSM_ERR
,
1903 bgp_fsm_error_subcode(peer
->status
));
1910 pkt_afi
= stream_getw(s
);
1911 (void)stream_getc(s
);
1912 pkt_safi
= stream_getc(s
);
1914 if (bgp_debug_update(peer
, NULL
, NULL
, 0))
1915 zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %s/%s",
1916 peer
->host
, iana_afi2str(pkt_afi
),
1917 iana_safi2str(pkt_safi
));
1919 /* Convert AFI, SAFI to internal values and check. */
1920 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
1922 "%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
1923 peer
->host
, iana_afi2str(pkt_afi
),
1924 iana_safi2str(pkt_safi
));
1925 return BGP_PACKET_NOOP
;
1928 if (size
!= BGP_MSG_ROUTE_REFRESH_MIN_SIZE
- BGP_HEADER_SIZE
) {
1930 uint8_t when_to_refresh
;
1934 if (size
- (BGP_MSG_ROUTE_REFRESH_MIN_SIZE
- BGP_HEADER_SIZE
)
1936 zlog_info("%s ORF route refresh length error",
1938 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
1939 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
1943 when_to_refresh
= stream_getc(s
);
1944 end
= stream_pnt(s
) + (size
- 5);
1946 while ((stream_pnt(s
) + 2) < end
) {
1947 orf_type
= stream_getc(s
);
1948 orf_len
= stream_getw(s
);
1950 /* orf_len in bounds? */
1951 if ((stream_pnt(s
) + orf_len
) > end
)
1952 break; /* XXX: Notify instead?? */
1953 if (orf_type
== ORF_TYPE_PREFIX
1954 || orf_type
== ORF_TYPE_PREFIX_OLD
) {
1955 uint8_t *p_pnt
= stream_pnt(s
);
1956 uint8_t *p_end
= stream_pnt(s
) + orf_len
;
1957 struct orf_prefix orfp
;
1962 int ret
= CMD_SUCCESS
;
1964 if (bgp_debug_neighbor_events(peer
)) {
1966 "%s rcvd Prefixlist ORF(%d) length %d",
1967 peer
->host
, orf_type
, orf_len
);
1970 /* we're going to read at least 1 byte of common
1972 * and 7 bytes of ORF Address-filter entry from
1978 /* ORF prefix-list name */
1979 snprintf(name
, sizeof(name
), "%s.%d.%d",
1980 peer
->host
, afi
, safi
);
1982 while (p_pnt
< p_end
) {
1983 /* If the ORF entry is malformed, want
1984 * to read as much of it
1985 * as possible without going beyond the
1986 * bounds of the entry,
1987 * to maximise debug information.
1991 sizeof(struct orf_prefix
));
1993 /* after ++: p_pnt <= p_end */
1995 & ORF_COMMON_PART_REMOVE_ALL
) {
1996 if (bgp_debug_neighbor_events(
1999 "%s rcvd Remove-All pfxlist ORF request",
2001 prefix_bgp_orf_remove_all(afi
,
2005 ok
= ((uint32_t)(p_end
- p_pnt
)
2006 >= sizeof(uint32_t));
2010 p_pnt
+= sizeof(uint32_t);
2011 orfp
.seq
= ntohl(seq
);
2015 /* val checked in prefix_bgp_orf_set */
2019 /* val checked in prefix_bgp_orf_set */
2023 if ((ok
= (p_pnt
< p_end
)))
2024 orfp
.p
.prefixlen
= *p_pnt
++;
2026 /* afi checked already */
2027 orfp
.p
.family
= afi2family(afi
);
2030 psize
= PSIZE(orfp
.p
.prefixlen
);
2031 /* valid for family ? */
2032 if (psize
> prefix_blen(&orfp
.p
)) {
2034 psize
= prefix_blen(&orfp
.p
);
2036 /* valid for packet ? */
2037 if (psize
> (p_end
- p_pnt
)) {
2039 psize
= p_end
- p_pnt
;
2043 memcpy(&orfp
.p
.u
.prefix
, p_pnt
,
2047 if (bgp_debug_neighbor_events(peer
)) {
2048 char buf
[INET6_BUFSIZ
];
2051 "%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
2053 (common
& ORF_COMMON_PART_REMOVE
2056 (common
& ORF_COMMON_PART_DENY
2067 ok
? "" : " MALFORMED");
2071 ret
= prefix_bgp_orf_set(
2073 (common
& ORF_COMMON_PART_DENY
2076 (common
& ORF_COMMON_PART_REMOVE
2080 if (!ok
|| (ok
&& ret
!= CMD_SUCCESS
)) {
2082 "%s Received misformatted prefixlist ORF. Remove All pfxlist",
2084 prefix_bgp_orf_remove_all(afi
,
2090 peer
->orf_plist
[afi
][safi
] =
2091 prefix_bgp_orf_lookup(afi
, name
);
2093 stream_forward_getp(s
, orf_len
);
2095 if (bgp_debug_neighbor_events(peer
))
2096 zlog_debug("%s rcvd Refresh %s ORF request", peer
->host
,
2097 when_to_refresh
== REFRESH_DEFER
2100 if (when_to_refresh
== REFRESH_DEFER
)
2101 return BGP_PACKET_NOOP
;
2104 /* First update is deferred until ORF or ROUTE-REFRESH is received */
2105 if (CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
2106 PEER_STATUS_ORF_WAIT_REFRESH
))
2107 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
2108 PEER_STATUS_ORF_WAIT_REFRESH
);
2110 paf
= peer_af_find(peer
, afi
, safi
);
2111 if (paf
&& paf
->subgroup
) {
2112 if (peer
->orf_plist
[afi
][safi
]) {
2113 updgrp
= PAF_UPDGRP(paf
);
2114 updgrp_peer
= UPDGRP_PEER(updgrp
);
2115 updgrp_peer
->orf_plist
[afi
][safi
] =
2116 peer
->orf_plist
[afi
][safi
];
2119 /* If the peer is configured for default-originate clear the
2120 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
2124 if (CHECK_FLAG(paf
->subgroup
->sflags
,
2125 SUBGRP_STATUS_DEFAULT_ORIGINATE
))
2126 UNSET_FLAG(paf
->subgroup
->sflags
,
2127 SUBGRP_STATUS_DEFAULT_ORIGINATE
);
2130 /* Perform route refreshment to the peer */
2131 bgp_announce_route(peer
, afi
, safi
);
2133 /* No FSM action necessary */
2134 return BGP_PACKET_NOOP
;
2138 * Parse BGP CAPABILITY message for peer.
2141 * @param size size of the packet
2142 * @return as in summary
2144 static int bgp_capability_msg_parse(struct peer
*peer
, uint8_t *pnt
,
2148 struct capability_mp_data mpc
;
2149 struct capability_header
*hdr
;
2153 iana_safi_t pkt_safi
;
2159 /* We need at least action, capability code and capability
2161 if (pnt
+ 3 > end
) {
2162 zlog_info("%s Capability length error", peer
->host
);
2163 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2164 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2168 hdr
= (struct capability_header
*)(pnt
+ 1);
2170 /* Action value check. */
2171 if (action
!= CAPABILITY_ACTION_SET
2172 && action
!= CAPABILITY_ACTION_UNSET
) {
2173 zlog_info("%s Capability Action Value error %d",
2174 peer
->host
, action
);
2175 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2176 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2180 if (bgp_debug_neighbor_events(peer
))
2182 "%s CAPABILITY has action: %d, code: %u, length %u",
2183 peer
->host
, action
, hdr
->code
, hdr
->length
);
2185 /* Capability length check. */
2186 if ((pnt
+ hdr
->length
+ 3) > end
) {
2187 zlog_info("%s Capability length error", peer
->host
);
2188 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2189 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2193 /* Fetch structure to the byte stream. */
2194 memcpy(&mpc
, pnt
+ 3, sizeof(struct capability_mp_data
));
2195 pnt
+= hdr
->length
+ 3;
2197 /* We know MP Capability Code. */
2198 if (hdr
->code
== CAPABILITY_CODE_MP
) {
2199 pkt_afi
= ntohs(mpc
.afi
);
2200 pkt_safi
= mpc
.safi
;
2202 /* Ignore capability when override-capability is set. */
2203 if (CHECK_FLAG(peer
->flags
,
2204 PEER_FLAG_OVERRIDE_CAPABILITY
))
2207 /* Convert AFI, SAFI to internal values. */
2208 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
,
2210 if (bgp_debug_neighbor_events(peer
))
2212 "%s Dynamic Capability MP_EXT afi/safi invalid (%s/%s)",
2214 iana_afi2str(pkt_afi
),
2215 iana_safi2str(pkt_safi
));
2219 /* Address family check. */
2220 if (bgp_debug_neighbor_events(peer
))
2222 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
2224 action
== CAPABILITY_ACTION_SET
2227 iana_afi2str(pkt_afi
),
2228 iana_safi2str(pkt_safi
));
2230 if (action
== CAPABILITY_ACTION_SET
) {
2231 peer
->afc_recv
[afi
][safi
] = 1;
2232 if (peer
->afc
[afi
][safi
]) {
2233 peer
->afc_nego
[afi
][safi
] = 1;
2234 bgp_announce_route(peer
, afi
, safi
);
2237 peer
->afc_recv
[afi
][safi
] = 0;
2238 peer
->afc_nego
[afi
][safi
] = 0;
2240 if (peer_active_nego(peer
))
2241 bgp_clear_route(peer
, afi
, safi
);
2247 EC_BGP_UNRECOGNIZED_CAPABILITY
,
2248 "%s unrecognized capability code: %d - ignored",
2249 peer
->host
, hdr
->code
);
2253 /* No FSM action necessary */
2254 return BGP_PACKET_NOOP
;
2258 * Parse BGP CAPABILITY message for peer.
2260 * Exported for unit testing.
2263 * @param size size of the packet
2264 * @return as in summary
2266 int bgp_capability_receive(struct peer
*peer
, bgp_size_t size
)
2270 /* Fetch pointer. */
2271 pnt
= stream_pnt(peer
->curr
);
2273 if (bgp_debug_neighbor_events(peer
))
2274 zlog_debug("%s rcv CAPABILITY", peer
->host
);
2276 /* If peer does not have the capability, send notification. */
2277 if (!CHECK_FLAG(peer
->cap
, PEER_CAP_DYNAMIC_ADV
)) {
2278 flog_err(EC_BGP_NO_CAP
,
2279 "%s [Error] BGP dynamic capability is not enabled",
2281 bgp_notify_send(peer
, BGP_NOTIFY_HEADER_ERR
,
2282 BGP_NOTIFY_HEADER_BAD_MESTYPE
);
2286 /* Status must be Established. */
2287 if (peer
->status
!= Established
) {
2290 "%s [Error] Dynamic capability packet received under status %s",
2292 lookup_msg(bgp_status_msg
, peer
->status
, NULL
));
2293 bgp_notify_send(peer
, BGP_NOTIFY_FSM_ERR
,
2294 bgp_fsm_error_subcode(peer
->status
));
2299 return bgp_capability_msg_parse(peer
, pnt
, size
);
2303 * Processes a peer's input buffer.
2305 * This function sidesteps the event loop and directly calls bgp_event_update()
2306 * after processing each BGP message. This is necessary to ensure proper
2307 * ordering of FSM events and unifies the behavior that was present previously,
2308 * whereby some of the packet handling functions would update the FSM and some
2309 * would not, making event flow difficult to understand. Please think twice
2310 * before hacking this.
2312 * Thread type: THREAD_EVENT
2316 int bgp_process_packet(struct thread
*thread
)
2318 /* Yes first of all get peer pointer. */
2319 struct peer
*peer
; // peer
2320 uint32_t rpkt_quanta_old
; // how many packets to read
2321 int fsm_update_result
; // return code of bgp_event_update()
2322 int mprc
; // message processing return code
2324 peer
= THREAD_ARG(thread
);
2325 rpkt_quanta_old
= atomic_load_explicit(&peer
->bgp
->rpkt_quanta
,
2326 memory_order_relaxed
);
2327 fsm_update_result
= 0;
2329 /* Guard against scheduled events that occur after peer deletion. */
2330 if (peer
->status
== Deleted
|| peer
->status
== Clearing
)
2333 unsigned int processed
= 0;
2335 while (processed
< rpkt_quanta_old
) {
2338 char notify_data_length
[2];
2340 frr_with_mutex(&peer
->io_mtx
) {
2341 peer
->curr
= stream_fifo_pop(peer
->ibuf
);
2344 if (peer
->curr
== NULL
) // no packets to process, hmm...
2347 /* skip the marker and copy the packet length */
2348 stream_forward_getp(peer
->curr
, BGP_MARKER_SIZE
);
2349 memcpy(notify_data_length
, stream_pnt(peer
->curr
), 2);
2351 /* read in the packet length and type */
2352 size
= stream_getw(peer
->curr
);
2353 type
= stream_getc(peer
->curr
);
2355 hook_call(bgp_packet_dump
, peer
, type
, size
, peer
->curr
);
2357 /* adjust size to exclude the marker + length + type */
2358 size
-= BGP_HEADER_SIZE
;
2360 /* Read rest of the packet and call each sort of packet routine
2364 frrtrace(2, frr_bgp
, open_process
, peer
, size
);
2365 atomic_fetch_add_explicit(&peer
->open_in
, 1,
2366 memory_order_relaxed
);
2367 mprc
= bgp_open_receive(peer
, size
);
2368 if (mprc
== BGP_Stop
)
2371 "%s: BGP OPEN receipt failed for peer: %s",
2372 __func__
, peer
->host
);
2374 case BGP_MSG_UPDATE
:
2375 frrtrace(2, frr_bgp
, update_process
, peer
, size
);
2376 atomic_fetch_add_explicit(&peer
->update_in
, 1,
2377 memory_order_relaxed
);
2378 peer
->readtime
= monotime(NULL
);
2379 mprc
= bgp_update_receive(peer
, size
);
2380 if (mprc
== BGP_Stop
)
2383 "%s: BGP UPDATE receipt failed for peer: %s",
2384 __func__
, peer
->host
);
2386 case BGP_MSG_NOTIFY
:
2387 frrtrace(2, frr_bgp
, notification_process
, peer
, size
);
2388 atomic_fetch_add_explicit(&peer
->notify_in
, 1,
2389 memory_order_relaxed
);
2390 mprc
= bgp_notify_receive(peer
, size
);
2391 if (mprc
== BGP_Stop
)
2394 "%s: BGP NOTIFY receipt failed for peer: %s",
2395 __func__
, peer
->host
);
2397 case BGP_MSG_KEEPALIVE
:
2398 frrtrace(2, frr_bgp
, keepalive_process
, peer
, size
);
2399 peer
->readtime
= monotime(NULL
);
2400 atomic_fetch_add_explicit(&peer
->keepalive_in
, 1,
2401 memory_order_relaxed
);
2402 mprc
= bgp_keepalive_receive(peer
, size
);
2403 if (mprc
== BGP_Stop
)
2406 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2407 __func__
, peer
->host
);
2409 case BGP_MSG_ROUTE_REFRESH_NEW
:
2410 case BGP_MSG_ROUTE_REFRESH_OLD
:
2411 frrtrace(2, frr_bgp
, refresh_process
, peer
, size
);
2412 atomic_fetch_add_explicit(&peer
->refresh_in
, 1,
2413 memory_order_relaxed
);
2414 mprc
= bgp_route_refresh_receive(peer
, size
);
2415 if (mprc
== BGP_Stop
)
2418 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2419 __func__
, peer
->host
);
2421 case BGP_MSG_CAPABILITY
:
2422 frrtrace(2, frr_bgp
, capability_process
, peer
, size
);
2423 atomic_fetch_add_explicit(&peer
->dynamic_cap_in
, 1,
2424 memory_order_relaxed
);
2425 mprc
= bgp_capability_receive(peer
, size
);
2426 if (mprc
== BGP_Stop
)
2429 "%s: BGP CAPABILITY receipt failed for peer: %s",
2430 __func__
, peer
->host
);
2433 /* Suppress uninitialized variable warning */
2437 * The message type should have been sanitized before
2438 * we ever got here. Receipt of a message with an
2439 * invalid header at this point is indicative of a
2442 assert (!"Message of invalid type received during input processing");
2445 /* delete processed packet */
2446 stream_free(peer
->curr
);
2451 if (mprc
!= BGP_PACKET_NOOP
)
2452 fsm_update_result
= bgp_event_update(peer
, mprc
);
2457 * If peer was deleted, do not process any more packets. This
2458 * is usually due to executing BGP_Stop or a stub deletion.
2460 if (fsm_update_result
== FSM_PEER_TRANSFERRED
2461 || fsm_update_result
== FSM_PEER_STOPPED
)
2465 if (fsm_update_result
!= FSM_PEER_TRANSFERRED
2466 && fsm_update_result
!= FSM_PEER_STOPPED
) {
2467 frr_with_mutex(&peer
->io_mtx
) {
2468 // more work to do, come back later
2469 if (peer
->ibuf
->count
> 0)
2470 thread_add_timer_msec(
2471 bm
->master
, bgp_process_packet
, peer
, 0,
2472 &peer
->t_process_packet
);
2479 /* Send EOR when routes are processed by selection deferral timer */
2480 void bgp_send_delayed_eor(struct bgp
*bgp
)
2483 struct listnode
*node
, *nnode
;
2485 /* EOR message sent in bgp_write_proceed_actions */
2486 for (ALL_LIST_ELEMENTS(bgp
->peer
, node
, nnode
, peer
))
2487 bgp_write_proceed_actions(peer
);