]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #2055 from opensourcerouting/fix-pathspace
[mirror_frr.git] / bgpd / bgp_packet.c
1 /* BGP packet management routine.
2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
22
23 #include <zebra.h>
24 #include <sys/time.h>
25
26 #include "thread.h"
27 #include "stream.h"
28 #include "network.h"
29 #include "prefix.h"
30 #include "command.h"
31 #include "log.h"
32 #include "memory.h"
33 #include "sockunion.h" /* for inet_ntop () */
34 #include "sockopt.h"
35 #include "linklist.h"
36 #include "plist.h"
37 #include "queue.h"
38 #include "filter.h"
39
40 #include "bgpd/bgpd.h"
41 #include "bgpd/bgp_table.h"
42 #include "bgpd/bgp_dump.h"
43 #include "bgpd/bgp_attr.h"
44 #include "bgpd/bgp_debug.h"
45 #include "bgpd/bgp_fsm.h"
46 #include "bgpd/bgp_route.h"
47 #include "bgpd/bgp_packet.h"
48 #include "bgpd/bgp_open.h"
49 #include "bgpd/bgp_aspath.h"
50 #include "bgpd/bgp_community.h"
51 #include "bgpd/bgp_ecommunity.h"
52 #include "bgpd/bgp_lcommunity.h"
53 #include "bgpd/bgp_network.h"
54 #include "bgpd/bgp_mplsvpn.h"
55 #include "bgpd/bgp_evpn.h"
56 #include "bgpd/bgp_advertise.h"
57 #include "bgpd/bgp_vty.h"
58 #include "bgpd/bgp_updgrp.h"
59 #include "bgpd/bgp_label.h"
60 #include "bgpd/bgp_io.h"
61 #include "bgpd/bgp_keepalives.h"
62 #include "bgpd/bgp_flowspec.h"
63
64 /**
65 * Sets marker and type fields for a BGP message.
66 *
67 * @param s the stream containing the packet
68 * @param type the packet type
69 * @return the size of the stream
70 */
71 int bgp_packet_set_marker(struct stream *s, uint8_t type)
72 {
73 int i;
74
75 /* Fill in marker. */
76 for (i = 0; i < BGP_MARKER_SIZE; i++)
77 stream_putc(s, 0xff);
78
79 /* Dummy total length. This field is should be filled in later on. */
80 stream_putw(s, 0);
81
82 /* BGP packet type. */
83 stream_putc(s, type);
84
85 /* Return current stream size. */
86 return stream_get_endp(s);
87 }
88
89 /**
90 * Sets size field for a BGP message.
91 *
92 * Size field is set to the size of the stream passed.
93 *
94 * @param s the stream containing the packet
95 * @return the size of the stream
96 */
97 int bgp_packet_set_size(struct stream *s)
98 {
99 int cp;
100
101 /* Preserve current pointer. */
102 cp = stream_get_endp(s);
103 stream_putw_at(s, BGP_MARKER_SIZE, cp);
104
105 return cp;
106 }
107
108 /*
109 * Push a packet onto the beginning of the peer's output queue.
110 * This function acquires the peer's write mutex before proceeding.
111 */
112 static void bgp_packet_add(struct peer *peer, struct stream *s)
113 {
114 pthread_mutex_lock(&peer->io_mtx);
115 stream_fifo_push(peer->obuf, s);
116 pthread_mutex_unlock(&peer->io_mtx);
117 }
118
119 static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
120 safi_t safi)
121 {
122 struct stream *s;
123 iana_afi_t pkt_afi;
124 iana_safi_t pkt_safi;
125
126 if (DISABLE_BGP_ANNOUNCE)
127 return NULL;
128
129 if (bgp_debug_neighbor_events(peer))
130 zlog_debug("send End-of-RIB for %s to %s",
131 afi_safi_print(afi, safi), peer->host);
132
133 s = stream_new(BGP_MAX_PACKET_SIZE);
134
135 /* Make BGP update packet. */
136 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
137
138 /* Unfeasible Routes Length */
139 stream_putw(s, 0);
140
141 if (afi == AFI_IP && safi == SAFI_UNICAST) {
142 /* Total Path Attribute Length */
143 stream_putw(s, 0);
144 } else {
145 /* Convert AFI, SAFI to values for packet. */
146 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
147
148 /* Total Path Attribute Length */
149 stream_putw(s, 6);
150 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
151 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
152 stream_putc(s, 3);
153 stream_putw(s, pkt_afi);
154 stream_putc(s, pkt_safi);
155 }
156
157 bgp_packet_set_size(s);
158 return s;
159 }
160
161 /* Called when there is a change in the EOR(implicit or explicit) status of a
162 * peer. Ends the update-delay if all expected peers are done with EORs. */
163 void bgp_check_update_delay(struct bgp *bgp)
164 {
165 struct listnode *node, *nnode;
166 struct peer *peer = NULL;
167
168 if (bgp_debug_neighbor_events(peer))
169 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
170 bgp->established, bgp->restarted_peers,
171 bgp->implicit_eors, bgp->explicit_eors);
172
173 if (bgp->established
174 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
175 /*
176 * This is an extra sanity check to make sure we wait for all
177 * the eligible configured peers. This check is performed if
178 * establish wait timer is on, or establish wait option is not
179 * given with the update-delay command
180 */
181 if (bgp->t_establish_wait
182 || (bgp->v_establish_wait == bgp->v_update_delay))
183 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
184 if (CHECK_FLAG(peer->flags,
185 PEER_FLAG_CONFIG_NODE)
186 && !CHECK_FLAG(peer->flags,
187 PEER_FLAG_SHUTDOWN)
188 && !peer->update_delay_over) {
189 if (bgp_debug_neighbor_events(peer))
190 zlog_debug(
191 " Peer %s pending, continuing read-only mode",
192 peer->host);
193 return;
194 }
195 }
196
197 zlog_info(
198 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
199 bgp->restarted_peers, bgp->implicit_eors,
200 bgp->explicit_eors);
201 bgp_update_delay_end(bgp);
202 }
203 }
204
205 /*
206 * Called if peer is known to have restarted. The restart-state bit in
207 * Graceful-Restart capability is used for that
208 */
209 void bgp_update_restarted_peers(struct peer *peer)
210 {
211 if (!bgp_update_delay_active(peer->bgp))
212 return; /* BGP update delay has ended */
213 if (peer->update_delay_over)
214 return; /* This peer has already been considered */
215
216 if (bgp_debug_neighbor_events(peer))
217 zlog_debug("Peer %s: Checking restarted", peer->host);
218
219 if (peer->status == Established) {
220 peer->update_delay_over = 1;
221 peer->bgp->restarted_peers++;
222 bgp_check_update_delay(peer->bgp);
223 }
224 }
225
226 /*
227 * Called as peer receives a keep-alive. Determines if this occurence can be
228 * taken as an implicit EOR for this peer.
229 * NOTE: The very first keep-alive after the Established state of a peer is
230 * considered implicit EOR for the update-delay purposes
231 */
232 void bgp_update_implicit_eors(struct peer *peer)
233 {
234 if (!bgp_update_delay_active(peer->bgp))
235 return; /* BGP update delay has ended */
236 if (peer->update_delay_over)
237 return; /* This peer has already been considered */
238
239 if (bgp_debug_neighbor_events(peer))
240 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
241
242 if (peer->status == Established) {
243 peer->update_delay_over = 1;
244 peer->bgp->implicit_eors++;
245 bgp_check_update_delay(peer->bgp);
246 }
247 }
248
249 /*
250 * Should be called only when there is a change in the EOR_RECEIVED status
251 * for any afi/safi on a peer.
252 */
253 static void bgp_update_explicit_eors(struct peer *peer)
254 {
255 afi_t afi;
256 safi_t safi;
257
258 if (!bgp_update_delay_active(peer->bgp))
259 return; /* BGP update delay has ended */
260 if (peer->update_delay_over)
261 return; /* This peer has already been considered */
262
263 if (bgp_debug_neighbor_events(peer))
264 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
265
266 for (afi = AFI_IP; afi < AFI_MAX; afi++)
267 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
268 if (peer->afc_nego[afi][safi]
269 && !CHECK_FLAG(peer->af_sflags[afi][safi],
270 PEER_STATUS_EOR_RECEIVED)) {
271 if (bgp_debug_neighbor_events(peer))
272 zlog_debug(
273 " afi %d safi %d didnt receive EOR",
274 afi, safi);
275 return;
276 }
277 }
278
279 peer->update_delay_over = 1;
280 peer->bgp->explicit_eors++;
281 bgp_check_update_delay(peer->bgp);
282 }
283
284 /**
285 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
286 *
287 * mp_withdraw, if set, is used to nullify attr structure on most of the
288 * calling safi function and for evpn, passed as parameter
289 */
290 int bgp_nlri_parse(struct peer *peer, struct attr *attr,
291 struct bgp_nlri *packet, int mp_withdraw)
292 {
293 switch (packet->safi) {
294 case SAFI_UNICAST:
295 case SAFI_MULTICAST:
296 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
297 packet);
298 case SAFI_LABELED_UNICAST:
299 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
300 packet);
301 case SAFI_MPLS_VPN:
302 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
303 packet);
304 case SAFI_EVPN:
305 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
306 case SAFI_FLOWSPEC:
307 return bgp_nlri_parse_flowspec(peer, attr, packet, mp_withdraw);
308 }
309 return -1;
310 }
311
312 /*
313 * Checks a variety of conditions to determine whether the peer needs to be
314 * rescheduled for packet generation again, and does so if necessary.
315 *
316 * @param peer to check for rescheduling
317 */
318 static void bgp_write_proceed_actions(struct peer *peer)
319 {
320 afi_t afi;
321 safi_t safi;
322 struct peer_af *paf;
323 struct bpacket *next_pkt;
324 struct update_subgroup *subgrp;
325
326 FOREACH_AFI_SAFI (afi, safi) {
327 paf = peer_af_find(peer, afi, safi);
328 if (!paf)
329 continue;
330 subgrp = paf->subgroup;
331 if (!subgrp)
332 continue;
333
334 next_pkt = paf->next_pkt_to_send;
335 if (next_pkt && next_pkt->buffer) {
336 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
337 bgp_generate_updgrp_packets, 0);
338 return;
339 }
340
341 /* No packets readily available for AFI/SAFI, are there
342 * subgroup packets
343 * that need to be generated? */
344 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
345 SUBGRP_PKTQ(subgrp))
346 || subgroup_packets_to_build(subgrp)) {
347 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
348 bgp_generate_updgrp_packets, 0);
349 return;
350 }
351
352 /* No packets to send, see if EOR is pending */
353 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
354 if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
355 && peer->synctime
356 && !CHECK_FLAG(peer->af_sflags[afi][safi],
357 PEER_STATUS_EOR_SEND)
358 && safi != SAFI_MPLS_VPN) {
359 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
360 bgp_generate_updgrp_packets, 0);
361 return;
362 }
363 }
364 }
365 }
366
367 /*
368 * Generate advertisement information (withdraws, updates, EOR) from each
369 * update group a peer belongs to, encode this information into packets, and
370 * enqueue the packets onto the peer's output buffer.
371 */
372 int bgp_generate_updgrp_packets(struct thread *thread)
373 {
374 struct peer *peer = THREAD_ARG(thread);
375
376 struct stream *s;
377 struct peer_af *paf;
378 struct bpacket *next_pkt;
379 uint32_t wpq;
380 uint32_t generated = 0;
381 afi_t afi;
382 safi_t safi;
383
384 wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
385 memory_order_relaxed);
386
387 /*
388 * The code beyond this part deals with update packets, proceed only
389 * if peer is Established and updates are not on hold (as part of
390 * update-delay post processing).
391 */
392 if (peer->status != Established)
393 return 0;
394
395 if (peer->bgp->main_peers_update_hold)
396 return 0;
397
398 do {
399 s = NULL;
400 FOREACH_AFI_SAFI (afi, safi) {
401 paf = peer_af_find(peer, afi, safi);
402 if (!paf || !PAF_SUBGRP(paf))
403 continue;
404 next_pkt = paf->next_pkt_to_send;
405
406 /*
407 * Try to generate a packet for the peer if we are at
408 * the end of the list. Always try to push out
409 * WITHDRAWs first.
410 */
411 if (!next_pkt || !next_pkt->buffer) {
412 next_pkt = subgroup_withdraw_packet(
413 PAF_SUBGRP(paf));
414 if (!next_pkt || !next_pkt->buffer)
415 subgroup_update_packet(PAF_SUBGRP(paf));
416 next_pkt = paf->next_pkt_to_send;
417 }
418
419 /*
420 * If we still don't have a packet to send to the peer,
421 * then try to find out out if we have to send eor or
422 * if not, skip to the next AFI, SAFI. Don't send the
423 * EOR prematurely; if the subgroup's coalesce timer is
424 * running, the adjacency-out structure is not created
425 * yet.
426 */
427 if (!next_pkt || !next_pkt->buffer) {
428 if (CHECK_FLAG(peer->cap,
429 PEER_CAP_RESTART_RCV)) {
430 if (!(PAF_SUBGRP(paf))->t_coalesce
431 && peer->afc_nego[afi][safi]
432 && peer->synctime
433 && !CHECK_FLAG(
434 peer->af_sflags[afi]
435 [safi],
436 PEER_STATUS_EOR_SEND)) {
437 SET_FLAG(peer->af_sflags[afi]
438 [safi],
439 PEER_STATUS_EOR_SEND);
440
441 if ((s = bgp_update_packet_eor(
442 peer, afi,
443 safi))) {
444 bgp_packet_add(peer, s);
445 }
446 }
447 }
448 continue;
449 }
450
451
452 /* Found a packet template to send, overwrite
453 * packet with appropriate attributes from peer
454 * and advance peer */
455 s = bpacket_reformat_for_peer(next_pkt, paf);
456 bgp_packet_add(peer, s);
457 bpacket_queue_advance_peer(paf);
458 }
459 } while (s && (++generated < wpq));
460
461 if (generated)
462 bgp_writes_on(peer);
463
464 bgp_write_proceed_actions(peer);
465
466 return 0;
467 }
468
469 /*
470 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
471 */
472 void bgp_keepalive_send(struct peer *peer)
473 {
474 struct stream *s;
475
476 s = stream_new(BGP_MAX_PACKET_SIZE);
477
478 /* Make keepalive packet. */
479 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
480
481 /* Set packet size. */
482 (void)bgp_packet_set_size(s);
483
484 /* Dump packet if debug option is set. */
485 /* bgp_packet_dump (s); */
486
487 if (bgp_debug_keepalive(peer))
488 zlog_debug("%s sending KEEPALIVE", peer->host);
489
490 /* Add packet to the peer. */
491 bgp_packet_add(peer, s);
492
493 bgp_writes_on(peer);
494 }
495
496 /*
497 * Creates a BGP Open packet and appends it to the peer's output queue.
498 * Sets capabilities as necessary.
499 */
500 void bgp_open_send(struct peer *peer)
501 {
502 struct stream *s;
503 uint16_t send_holdtime;
504 as_t local_as;
505
506 if (PEER_OR_GROUP_TIMER_SET(peer))
507 send_holdtime = peer->holdtime;
508 else
509 send_holdtime = peer->bgp->default_holdtime;
510
511 /* local-as Change */
512 if (peer->change_local_as)
513 local_as = peer->change_local_as;
514 else
515 local_as = peer->local_as;
516
517 s = stream_new(BGP_MAX_PACKET_SIZE);
518
519 /* Make open packet. */
520 bgp_packet_set_marker(s, BGP_MSG_OPEN);
521
522 /* Set open packet values. */
523 stream_putc(s, BGP_VERSION_4); /* BGP version */
524 stream_putw(s, (local_as <= BGP_AS_MAX) ? (uint16_t)local_as
525 : BGP_AS_TRANS);
526 stream_putw(s, send_holdtime); /* Hold Time */
527 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
528
529 /* Set capability code. */
530 bgp_open_capability(s, peer);
531
532 /* Set BGP packet length. */
533 (void)bgp_packet_set_size(s);
534
535 if (bgp_debug_neighbor_events(peer))
536 zlog_debug(
537 "%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
538 peer->host, BGP_VERSION_4, local_as, send_holdtime,
539 inet_ntoa(peer->local_id));
540
541 /* Dump packet if debug option is set. */
542 /* bgp_packet_dump (s); */
543
544 /* Add packet to the peer. */
545 bgp_packet_add(peer, s);
546
547 bgp_writes_on(peer);
548 }
549
550 /*
551 * Writes NOTIFICATION message directly to a peer socket without waiting for
552 * the I/O thread.
553 *
554 * There must be exactly one stream on the peer->obuf FIFO, and the data within
555 * this stream must match the format of a BGP NOTIFICATION message.
556 * Transmission is best-effort.
557 *
558 * @requires peer->io_mtx
559 * @param peer
560 * @return 0
561 */
562 static int bgp_write_notify(struct peer *peer)
563 {
564 int ret, val;
565 uint8_t type;
566 struct stream *s;
567
568 /* There should be at least one packet. */
569 s = stream_fifo_pop(peer->obuf);
570
571 if (!s)
572 return 0;
573
574 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
575
576 /* Stop collecting data within the socket */
577 sockopt_cork(peer->fd, 0);
578
579 /*
580 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
581 * we only care about getting a clean shutdown at this point.
582 */
583 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
584
585 /*
586 * only connection reset/close gets counted as TCP_fatal_error, failure
587 * to write the entire NOTIFY doesn't get different FSM treatment
588 */
589 if (ret <= 0) {
590 stream_free(s);
591 BGP_EVENT_ADD(peer, TCP_fatal_error);
592 return 0;
593 }
594
595 /* Disable Nagle, make NOTIFY packet go out right away */
596 val = 1;
597 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
598 sizeof(val));
599
600 /* Retrieve BGP packet type. */
601 stream_set_getp(s, BGP_MARKER_SIZE + 2);
602 type = stream_getc(s);
603
604 assert(type == BGP_MSG_NOTIFY);
605
606 /* Type should be notify. */
607 atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
608 peer->notify_out++;
609
610 /* Double start timer. */
611 peer->v_start *= 2;
612
613 /* Overflow check. */
614 if (peer->v_start >= (60 * 2))
615 peer->v_start = (60 * 2);
616
617 /*
618 * Handle Graceful Restart case where the state changes to
619 * Connect instead of Idle
620 */
621 BGP_EVENT_ADD(peer, BGP_Stop);
622
623 stream_free(s);
624
625 return 0;
626 }
627
628 /*
629 * Creates a BGP Notify and appends it to the peer's output queue.
630 *
631 * This function attempts to write the packet from the thread it is called
632 * from, to ensure the packet gets out ASAP.
633 *
634 * This function may be called from multiple threads. Since the function
635 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
636 * call to prevent tampering from other threads.
637 *
638 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
639 * return, the peer structure *must* be reset; no assumptions about session
640 * state are valid.
641 *
642 * @param peer
643 * @param code BGP error code
644 * @param sub_code BGP error subcode
645 * @param data Data portion
646 * @param datalen length of data portion
647 */
648 void bgp_notify_send_with_data(struct peer *peer, uint8_t code,
649 uint8_t sub_code, uint8_t *data, size_t datalen)
650 {
651 struct stream *s;
652
653 /* Lock I/O mutex to prevent other threads from pushing packets */
654 pthread_mutex_lock(&peer->io_mtx);
655 /* ============================================== */
656
657 /* Allocate new stream. */
658 s = stream_new(BGP_MAX_PACKET_SIZE);
659
660 /* Make notify packet. */
661 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
662
663 /* Set notify packet values. */
664 stream_putc(s, code); /* BGP notify code */
665 stream_putc(s, sub_code); /* BGP notify sub_code */
666
667 /* If notify data is present. */
668 if (data)
669 stream_write(s, data, datalen);
670
671 /* Set BGP packet length. */
672 bgp_packet_set_size(s);
673
674 /* wipe output buffer */
675 stream_fifo_clean(peer->obuf);
676
677 /*
678 * If possible, store last packet for debugging purposes. This check is
679 * in place because we are sometimes called with a doppelganger peer,
680 * who tends to have a plethora of fields nulled out.
681 */
682 if (peer->curr && peer->last_reset_cause_size) {
683 size_t packetsize = stream_get_endp(peer->curr);
684 assert(packetsize <= peer->last_reset_cause_size);
685 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
686 peer->last_reset_cause_size = packetsize;
687 }
688
689 /* For debug */
690 {
691 struct bgp_notify bgp_notify;
692 int first = 0;
693 int i;
694 char c[4];
695
696 bgp_notify.code = code;
697 bgp_notify.subcode = sub_code;
698 bgp_notify.data = NULL;
699 bgp_notify.length = datalen;
700 bgp_notify.raw_data = data;
701
702 peer->notify.code = bgp_notify.code;
703 peer->notify.subcode = bgp_notify.subcode;
704
705 if (bgp_notify.length && data) {
706 bgp_notify.data =
707 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
708 for (i = 0; i < bgp_notify.length; i++)
709 if (first) {
710 sprintf(c, " %02x", data[i]);
711 strcat(bgp_notify.data, c);
712 } else {
713 first = 1;
714 sprintf(c, "%02x", data[i]);
715 strcpy(bgp_notify.data, c);
716 }
717 }
718 bgp_notify_print(peer, &bgp_notify, "sending");
719
720 if (bgp_notify.data) {
721 XFREE(MTYPE_TMP, bgp_notify.data);
722 bgp_notify.data = NULL;
723 bgp_notify.length = 0;
724 }
725 }
726
727 /* peer reset cause */
728 if (code == BGP_NOTIFY_CEASE) {
729 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
730 peer->last_reset = PEER_DOWN_USER_RESET;
731 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
732 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
733 else
734 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
735 } else
736 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
737
738 /* Add packet to peer's output queue */
739 stream_fifo_push(peer->obuf, s);
740
741 bgp_write_notify(peer);
742
743 /* ============================================== */
744 pthread_mutex_unlock(&peer->io_mtx);
745 }
746
747 /*
748 * Creates a BGP Notify and appends it to the peer's output queue.
749 *
750 * This function attempts to write the packet from the thread it is called
751 * from, to ensure the packet gets out ASAP.
752 *
753 * @param peer
754 * @param code BGP error code
755 * @param sub_code BGP error subcode
756 */
757 void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code)
758 {
759 bgp_notify_send_with_data(peer, code, sub_code, NULL, 0);
760 }
761
762 /*
763 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
764 *
765 * @param peer
766 * @param afi Address Family Identifier
767 * @param safi Subsequent Address Family Identifier
768 * @param orf_type Outbound Route Filtering type
769 * @param when_to_refresh Whether to refresh immediately or defer
770 * @param remove Whether to remove ORF for specified AFI/SAFI
771 */
772 void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
773 uint8_t orf_type, uint8_t when_to_refresh,
774 int remove)
775 {
776 struct stream *s;
777 struct bgp_filter *filter;
778 int orf_refresh = 0;
779 iana_afi_t pkt_afi;
780 iana_safi_t pkt_safi;
781
782 if (DISABLE_BGP_ANNOUNCE)
783 return;
784
785 filter = &peer->filter[afi][safi];
786
787 /* Convert AFI, SAFI to values for packet. */
788 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
789
790 s = stream_new(BGP_MAX_PACKET_SIZE);
791
792 /* Make BGP update packet. */
793 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
794 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
795 else
796 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
797
798 /* Encode Route Refresh message. */
799 stream_putw(s, pkt_afi);
800 stream_putc(s, 0);
801 stream_putc(s, pkt_safi);
802
803 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
804 if (remove || filter->plist[FILTER_IN].plist) {
805 uint16_t orf_len;
806 unsigned long orfp;
807
808 orf_refresh = 1;
809 stream_putc(s, when_to_refresh);
810 stream_putc(s, orf_type);
811 orfp = stream_get_endp(s);
812 stream_putw(s, 0);
813
814 if (remove) {
815 UNSET_FLAG(peer->af_sflags[afi][safi],
816 PEER_STATUS_ORF_PREFIX_SEND);
817 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
818 if (bgp_debug_neighbor_events(peer))
819 zlog_debug(
820 "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d",
821 peer->host, orf_type,
822 (when_to_refresh == REFRESH_DEFER
823 ? "defer"
824 : "immediate"),
825 pkt_afi, pkt_safi);
826 } else {
827 SET_FLAG(peer->af_sflags[afi][safi],
828 PEER_STATUS_ORF_PREFIX_SEND);
829 prefix_bgp_orf_entry(
830 s, filter->plist[FILTER_IN].plist,
831 ORF_COMMON_PART_ADD,
832 ORF_COMMON_PART_PERMIT,
833 ORF_COMMON_PART_DENY);
834 if (bgp_debug_neighbor_events(peer))
835 zlog_debug(
836 "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d",
837 peer->host, orf_type,
838 (when_to_refresh == REFRESH_DEFER
839 ? "defer"
840 : "immediate"),
841 pkt_afi, pkt_safi);
842 }
843
844 /* Total ORF Entry Len. */
845 orf_len = stream_get_endp(s) - orfp - 2;
846 stream_putw_at(s, orfp, orf_len);
847 }
848
849 /* Set packet size. */
850 (void)bgp_packet_set_size(s);
851
852 if (bgp_debug_neighbor_events(peer)) {
853 if (!orf_refresh)
854 zlog_debug("%s sending REFRESH_REQ for afi/safi: %d/%d",
855 peer->host, pkt_afi, pkt_safi);
856 }
857
858 /* Add packet to the peer. */
859 bgp_packet_add(peer, s);
860
861 bgp_writes_on(peer);
862 }
863
864 /*
865 * Create a BGP Capability packet and append it to the peer's output queue.
866 *
867 * @param peer
868 * @param afi Address Family Identifier
869 * @param safi Subsequent Address Family Identifier
870 * @param capability_code BGP Capability Code
871 * @param action Set or Remove capability
872 */
873 void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
874 int capability_code, int action)
875 {
876 struct stream *s;
877 iana_afi_t pkt_afi;
878 iana_safi_t pkt_safi;
879
880 /* Convert AFI, SAFI to values for packet. */
881 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
882
883 s = stream_new(BGP_MAX_PACKET_SIZE);
884
885 /* Make BGP update packet. */
886 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
887
888 /* Encode MP_EXT capability. */
889 if (capability_code == CAPABILITY_CODE_MP) {
890 stream_putc(s, action);
891 stream_putc(s, CAPABILITY_CODE_MP);
892 stream_putc(s, CAPABILITY_CODE_MP_LEN);
893 stream_putw(s, pkt_afi);
894 stream_putc(s, 0);
895 stream_putc(s, pkt_safi);
896
897 if (bgp_debug_neighbor_events(peer))
898 zlog_debug(
899 "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d",
900 peer->host,
901 action == CAPABILITY_ACTION_SET ? "Advertising"
902 : "Removing",
903 pkt_afi, pkt_safi);
904 }
905
906 /* Set packet size. */
907 (void)bgp_packet_set_size(s);
908
909 /* Add packet to the peer. */
910 bgp_packet_add(peer, s);
911
912 bgp_writes_on(peer);
913 }
914
915 /* RFC1771 6.8 Connection collision detection. */
916 static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
917 {
918 struct peer *peer;
919
920 /* Upon receipt of an OPEN message, the local system must examine
921 all of its connections that are in the OpenConfirm state. A BGP
922 speaker may also examine connections in an OpenSent state if it
923 knows the BGP Identifier of the peer by means outside of the
924 protocol. If among these connections there is a connection to a
925 remote BGP speaker whose BGP Identifier equals the one in the
926 OPEN message, then the local system performs the following
927 collision resolution procedure: */
928
929 if ((peer = new->doppelganger) != NULL) {
930 /* Do not accept the new connection in Established or Clearing
931 * states.
932 * Note that a peer GR is handled by closing the existing
933 * connection
934 * upon receipt of new one.
935 */
936 if (peer->status == Established || peer->status == Clearing) {
937 bgp_notify_send(new, BGP_NOTIFY_CEASE,
938 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
939 return (-1);
940 } else if ((peer->status == OpenConfirm)
941 || (peer->status == OpenSent)) {
942 /* 1. The BGP Identifier of the local system is compared
943 to
944 the BGP Identifier of the remote system (as specified
945 in
946 the OPEN message). */
947
948 if (ntohl(peer->local_id.s_addr)
949 < ntohl(remote_id.s_addr))
950 if (!CHECK_FLAG(peer->sflags,
951 PEER_STATUS_ACCEPT_PEER)) {
952 /* 2. If the value of the local BGP
953 Identifier is less
954 than the remote one, the local system
955 closes BGP
956 connection that already exists (the
957 one that is
958 already in the OpenConfirm state),
959 and accepts BGP
960 connection initiated by the remote
961 system. */
962 bgp_notify_send(
963 peer, BGP_NOTIFY_CEASE,
964 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
965 return 1;
966 } else {
967 bgp_notify_send(
968 new, BGP_NOTIFY_CEASE,
969 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
970 return -1;
971 }
972 else {
973 /* 3. Otherwise, the local system closes newly
974 created
975 BGP connection (the one associated with the
976 newly
977 received OPEN message), and continues to use
978 the
979 existing one (the one that is already in the
980 OpenConfirm state). */
981 if (CHECK_FLAG(peer->sflags,
982 PEER_STATUS_ACCEPT_PEER)) {
983 bgp_notify_send(
984 peer, BGP_NOTIFY_CEASE,
985 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
986 return 1;
987 } else {
988 bgp_notify_send(
989 new, BGP_NOTIFY_CEASE,
990 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
991 return -1;
992 }
993 }
994 }
995 }
996 return 0;
997 }
998
999 /* Packet processing routines ---------------------------------------------- */
1000 /*
1001 * This is a family of functions designed to be called from
1002 * bgp_process_packet(). These functions all share similar behavior and should
1003 * adhere to the following invariants and restrictions:
1004 *
1005 * Return codes
1006 * ------------
1007 * The return code of any one of those functions should be one of the FSM event
1008 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1009 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1010 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1011 * error and Receive_OPEN_message otherwise.
1012 *
1013 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1014 * defined below.
1015 *
1016 * Side effects
1017 * ------------
1018 * - May send NOTIFY messages
1019 * - May not modify peer->status
1020 * - May not call bgp_event_update()
1021 */
1022
1023 #define BGP_PACKET_NOOP 0
1024
1025 /**
1026 * Process BGP OPEN message for peer.
1027 *
1028 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1029 * and returns BGP_Stop.
1030 *
1031 * @param peer
1032 * @param size size of the packet
1033 * @return as in summary
1034 */
1035 static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1036 {
1037 int ret;
1038 uint8_t version;
1039 uint8_t optlen;
1040 uint16_t holdtime;
1041 uint16_t send_holdtime;
1042 as_t remote_as;
1043 as_t as4 = 0;
1044 struct in_addr remote_id;
1045 int mp_capability;
1046 uint8_t notify_data_remote_as[2];
1047 uint8_t notify_data_remote_as4[4];
1048 uint8_t notify_data_remote_id[4];
1049 uint16_t *holdtime_ptr;
1050
1051 /* Parse open packet. */
1052 version = stream_getc(peer->curr);
1053 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1054 remote_as = stream_getw(peer->curr);
1055 holdtime_ptr = (uint16_t *)stream_pnt(peer->curr);
1056 holdtime = stream_getw(peer->curr);
1057 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1058 remote_id.s_addr = stream_get_ipv4(peer->curr);
1059
1060 /* Receive OPEN message log */
1061 if (bgp_debug_neighbor_events(peer))
1062 zlog_debug(
1063 "%s rcv OPEN, version %d, remote-as (in open) %u,"
1064 " holdtime %d, id %s",
1065 peer->host, version, remote_as, holdtime,
1066 inet_ntoa(remote_id));
1067
1068 /* BEGIN to read the capability here, but dont do it yet */
1069 mp_capability = 0;
1070 optlen = stream_getc(peer->curr);
1071
1072 if (optlen != 0) {
1073 /* If not enough bytes, it is an error. */
1074 if (STREAM_READABLE(peer->curr) < optlen) {
1075 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1076 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1077 return BGP_Stop;
1078 }
1079
1080 /* We need the as4 capability value *right now* because
1081 * if it is there, we have not got the remote_as yet, and
1082 * without
1083 * that we do not know which peer is connecting to us now.
1084 */
1085 as4 = peek_for_as4_capability(peer, optlen);
1086 memcpy(notify_data_remote_as4, &as4, 4);
1087 }
1088
1089 /* Just in case we have a silly peer who sends AS4 capability set to 0
1090 */
1091 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
1092 zlog_err("%s bad OPEN, got AS4 capability, but AS4 set to 0",
1093 peer->host);
1094 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1095 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1096 notify_data_remote_as4, 4);
1097 return BGP_Stop;
1098 }
1099
1100 if (remote_as == BGP_AS_TRANS) {
1101 /* Take the AS4 from the capability. We must have received the
1102 * capability now! Otherwise we have a asn16 peer who uses
1103 * BGP_AS_TRANS, for some unknown reason.
1104 */
1105 if (as4 == BGP_AS_TRANS) {
1106 zlog_err(
1107 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1108 peer->host);
1109 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1110 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1111 notify_data_remote_as4, 4);
1112 return BGP_Stop;
1113 }
1114
1115 if (!as4 && BGP_DEBUG(as4, AS4))
1116 zlog_debug(
1117 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
1118 " Odd, but proceeding.",
1119 peer->host);
1120 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1121 zlog_debug(
1122 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
1123 "in 2-bytes, very odd peer.",
1124 peer->host, as4);
1125 if (as4)
1126 remote_as = as4;
1127 } else {
1128 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1129 */
1130 /* If we have got the capability, peer->as4cap must match
1131 * remote_as */
1132 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1133 && as4 != remote_as) {
1134 /* raise error, log this, close session */
1135 zlog_err(
1136 "%s bad OPEN, got AS4 capability, but remote_as %u"
1137 " mismatch with 16bit 'myasn' %u in open",
1138 peer->host, as4, remote_as);
1139 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1140 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1141 notify_data_remote_as4, 4);
1142 return BGP_Stop;
1143 }
1144 }
1145
1146 /* remote router-id check. */
1147 if (remote_id.s_addr == 0 || IPV4_CLASS_DE(ntohl(remote_id.s_addr))
1148 || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) {
1149 if (bgp_debug_neighbor_events(peer))
1150 zlog_debug("%s bad OPEN, wrong router identifier %s",
1151 peer->host, inet_ntoa(remote_id));
1152 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1153 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1154 notify_data_remote_id, 4);
1155 return BGP_Stop;
1156 }
1157
1158 /* Set remote router-id */
1159 peer->remote_id = remote_id;
1160
1161 /* Peer BGP version check. */
1162 if (version != BGP_VERSION_4) {
1163 uint16_t maxver = htons(BGP_VERSION_4);
1164 /* XXX this reply may not be correct if version < 4 XXX */
1165 if (bgp_debug_neighbor_events(peer))
1166 zlog_debug(
1167 "%s bad protocol version, remote requested %d, local request %d",
1168 peer->host, version, BGP_VERSION_4);
1169 /* Data must be in network byte order here */
1170 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1171 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1172 (uint8_t *)&maxver, 2);
1173 return BGP_Stop;
1174 }
1175
1176 /* Check neighbor as number. */
1177 if (peer->as_type == AS_UNSPECIFIED) {
1178 if (bgp_debug_neighbor_events(peer))
1179 zlog_debug(
1180 "%s bad OPEN, remote AS is unspecified currently",
1181 peer->host);
1182 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1183 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1184 notify_data_remote_as, 2);
1185 return BGP_Stop;
1186 } else if (peer->as_type == AS_INTERNAL) {
1187 if (remote_as != peer->bgp->as) {
1188 if (bgp_debug_neighbor_events(peer))
1189 zlog_debug(
1190 "%s bad OPEN, remote AS is %u, internal specified",
1191 peer->host, remote_as);
1192 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1193 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1194 notify_data_remote_as, 2);
1195 return BGP_Stop;
1196 }
1197 peer->as = peer->local_as;
1198 } else if (peer->as_type == AS_EXTERNAL) {
1199 if (remote_as == peer->bgp->as) {
1200 if (bgp_debug_neighbor_events(peer))
1201 zlog_debug(
1202 "%s bad OPEN, remote AS is %u, external specified",
1203 peer->host, remote_as);
1204 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1205 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1206 notify_data_remote_as, 2);
1207 return BGP_Stop;
1208 }
1209 peer->as = remote_as;
1210 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1211 if (bgp_debug_neighbor_events(peer))
1212 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1213 peer->host, remote_as, peer->as);
1214 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1215 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1216 notify_data_remote_as, 2);
1217 return BGP_Stop;
1218 }
1219
1220 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1221 calculate the value of the Hold Timer by using the smaller of its
1222 configured Hold Time and the Hold Time received in the OPEN message.
1223 The Hold Time MUST be either zero or at least three seconds. An
1224 implementation may reject connections on the basis of the Hold Time.
1225 */
1226
1227 if (holdtime < 3 && holdtime != 0) {
1228 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1229 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1230 (uint8_t *)holdtime_ptr, 2);
1231 return BGP_Stop;
1232 }
1233
1234 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1235 would be one third of the Hold Time interval. KEEPALIVE messages
1236 MUST NOT be sent more frequently than one per second. An
1237 implementation MAY adjust the rate at which it sends KEEPALIVE
1238 messages as a function of the Hold Time interval. */
1239
1240 if (PEER_OR_GROUP_TIMER_SET(peer))
1241 send_holdtime = peer->holdtime;
1242 else
1243 send_holdtime = peer->bgp->default_holdtime;
1244
1245 if (holdtime < send_holdtime)
1246 peer->v_holdtime = holdtime;
1247 else
1248 peer->v_holdtime = send_holdtime;
1249
1250 if ((PEER_OR_GROUP_TIMER_SET(peer))
1251 && (peer->keepalive < peer->v_holdtime / 3))
1252 peer->v_keepalive = peer->keepalive;
1253 else
1254 peer->v_keepalive = peer->v_holdtime / 3;
1255
1256 /* Open option part parse. */
1257 if (optlen != 0) {
1258 if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability))
1259 < 0)
1260 return BGP_Stop;
1261 } else {
1262 if (bgp_debug_neighbor_events(peer))
1263 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1264 peer->host);
1265 }
1266
1267 /*
1268 * Assume that the peer supports the locally configured set of
1269 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1270 * capabilities, or if 'override-capability' is configured.
1271 */
1272 if (!mp_capability
1273 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1274 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1275 peer->afc[AFI_IP][SAFI_UNICAST];
1276 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1277 peer->afc[AFI_IP][SAFI_MULTICAST];
1278 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1279 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1280 peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] =
1281 peer->afc[AFI_IP][SAFI_FLOWSPEC];
1282 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1283 peer->afc[AFI_IP6][SAFI_UNICAST];
1284 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1285 peer->afc[AFI_IP6][SAFI_MULTICAST];
1286 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1287 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1288 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1289 peer->afc[AFI_L2VPN][SAFI_EVPN];
1290 peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] =
1291 peer->afc[AFI_IP6][SAFI_FLOWSPEC];
1292 }
1293
1294 /* When collision is detected and this peer is closed. Retrun
1295 immidiately. */
1296 ret = bgp_collision_detect(peer, remote_id);
1297 if (ret < 0)
1298 return BGP_Stop;
1299
1300 /* Get sockname. */
1301 if ((ret = bgp_getsockname(peer)) < 0) {
1302 zlog_err("%s: bgp_getsockname() failed for peer: %s",
1303 __FUNCTION__, peer->host);
1304 return BGP_Stop;
1305 }
1306
1307 /* Verify valid local address present based on negotiated
1308 * address-families. */
1309 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
1310 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1311 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1312 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1313 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
1314 if (!peer->nexthop.v4.s_addr) {
1315 #if defined(HAVE_CUMULUS)
1316 zlog_err(
1317 "%s: No local IPv4 addr resetting connection, fd %d",
1318 peer->host, peer->fd);
1319 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1320 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1321 return BGP_Stop;
1322 #endif
1323 }
1324 }
1325 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1326 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1327 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1328 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1329 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1330 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1331 #if defined(HAVE_CUMULUS)
1332 zlog_err(
1333 "%s: No local IPv6 addr resetting connection, fd %d",
1334 peer->host, peer->fd);
1335 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1336 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1337 return BGP_Stop;
1338 #endif
1339 }
1340 }
1341 peer->rtt = sockopt_tcp_rtt(peer->fd);
1342
1343 return Receive_OPEN_message;
1344 }
1345
1346 /**
1347 * Process BGP KEEPALIVE message for peer.
1348 *
1349 * @param peer
1350 * @param size size of the packet
1351 * @return as in summary
1352 */
1353 static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
1354 {
1355 if (bgp_debug_keepalive(peer))
1356 zlog_debug("%s KEEPALIVE rcvd", peer->host);
1357
1358 bgp_update_implicit_eors(peer);
1359
1360 return Receive_KEEPALIVE_message;
1361 }
1362
1363
1364 /**
1365 * Process BGP UPDATE message for peer.
1366 *
1367 * Parses UPDATE and creates attribute object.
1368 *
1369 * @param peer
1370 * @param size size of the packet
1371 * @return as in summary
1372 */
1373 static int bgp_update_receive(struct peer *peer, bgp_size_t size)
1374 {
1375 int ret, nlri_ret;
1376 uint8_t *end;
1377 struct stream *s;
1378 struct attr attr;
1379 bgp_size_t attribute_len;
1380 bgp_size_t update_len;
1381 bgp_size_t withdraw_len;
1382
1383 enum NLRI_TYPES {
1384 NLRI_UPDATE,
1385 NLRI_WITHDRAW,
1386 NLRI_MP_UPDATE,
1387 NLRI_MP_WITHDRAW,
1388 NLRI_TYPE_MAX
1389 };
1390 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1391
1392 /* Status must be Established. */
1393 if (peer->status != Established) {
1394 zlog_err("%s [FSM] Update packet received under status %s",
1395 peer->host,
1396 lookup_msg(bgp_status_msg, peer->status, NULL));
1397 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
1398 return BGP_Stop;
1399 }
1400
1401 /* Set initial values. */
1402 memset(&attr, 0, sizeof(struct attr));
1403 attr.label_index = BGP_INVALID_LABEL_INDEX;
1404 attr.label = MPLS_INVALID_LABEL;
1405 memset(&nlris, 0, sizeof(nlris));
1406 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1407 peer->rcvd_attr_printed = 0;
1408
1409 s = peer->curr;
1410 end = stream_pnt(s) + size;
1411
1412 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1413 Length is too large (i.e., if Unfeasible Routes Length + Total
1414 Attribute Length + 23 exceeds the message Length), then the Error
1415 Subcode is set to Malformed Attribute List. */
1416 if (stream_pnt(s) + 2 > end) {
1417 zlog_err(
1418 "%s [Error] Update packet error"
1419 " (packet length is short for unfeasible length)",
1420 peer->host);
1421 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1422 BGP_NOTIFY_UPDATE_MAL_ATTR);
1423 return BGP_Stop;
1424 }
1425
1426 /* Unfeasible Route Length. */
1427 withdraw_len = stream_getw(s);
1428
1429 /* Unfeasible Route Length check. */
1430 if (stream_pnt(s) + withdraw_len > end) {
1431 zlog_err(
1432 "%s [Error] Update packet error"
1433 " (packet unfeasible length overflow %d)",
1434 peer->host, withdraw_len);
1435 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1436 BGP_NOTIFY_UPDATE_MAL_ATTR);
1437 return BGP_Stop;
1438 }
1439
1440 /* Unfeasible Route packet format check. */
1441 if (withdraw_len > 0) {
1442 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1443 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1444 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1445 nlris[NLRI_WITHDRAW].length = withdraw_len;
1446 stream_forward_getp(s, withdraw_len);
1447 }
1448
1449 /* Attribute total length check. */
1450 if (stream_pnt(s) + 2 > end) {
1451 zlog_warn(
1452 "%s [Error] Packet Error"
1453 " (update packet is short for attribute length)",
1454 peer->host);
1455 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1456 BGP_NOTIFY_UPDATE_MAL_ATTR);
1457 return BGP_Stop;
1458 }
1459
1460 /* Fetch attribute total length. */
1461 attribute_len = stream_getw(s);
1462
1463 /* Attribute length check. */
1464 if (stream_pnt(s) + attribute_len > end) {
1465 zlog_warn(
1466 "%s [Error] Packet Error"
1467 " (update packet attribute length overflow %d)",
1468 peer->host, attribute_len);
1469 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1470 BGP_NOTIFY_UPDATE_MAL_ATTR);
1471 return BGP_Stop;
1472 }
1473
1474 /* Certain attribute parsing errors should not be considered bad enough
1475 * to reset the session for, most particularly any partial/optional
1476 * attributes that have 'tunneled' over speakers that don't understand
1477 * them. Instead we withdraw only the prefix concerned.
1478 *
1479 * Complicates the flow a little though..
1480 */
1481 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1482 /* This define morphs the update case into a withdraw when lower levels
1483 * have signalled an error condition where this is best.
1484 */
1485 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1486
1487 /* Parse attribute when it exists. */
1488 if (attribute_len) {
1489 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1490 &nlris[NLRI_MP_UPDATE],
1491 &nlris[NLRI_MP_WITHDRAW]);
1492 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1493 bgp_attr_unintern_sub(&attr);
1494 return BGP_Stop;
1495 }
1496 }
1497
1498 /* Logging the attribute. */
1499 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1500 || BGP_DEBUG(update, UPDATE_IN)
1501 || BGP_DEBUG(update, UPDATE_PREFIX)) {
1502 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ);
1503
1504 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1505 zlog_err(
1506 "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1507 peer->host);
1508
1509 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
1510 zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host,
1511 peer->rcvd_attr_str);
1512 peer->rcvd_attr_printed = 1;
1513 }
1514 }
1515
1516 /* Network Layer Reachability Information. */
1517 update_len = end - stream_pnt(s);
1518
1519 if (update_len) {
1520 /* Set NLRI portion to structure. */
1521 nlris[NLRI_UPDATE].afi = AFI_IP;
1522 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1523 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1524 nlris[NLRI_UPDATE].length = update_len;
1525 stream_forward_getp(s, update_len);
1526 }
1527
1528 if (BGP_DEBUG(update, UPDATE_IN))
1529 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1530 peer->host, withdraw_len, attribute_len, update_len);
1531
1532 /* Parse any given NLRIs */
1533 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
1534 if (!nlris[i].nlri)
1535 continue;
1536
1537 /* NLRI is processed iff the peer if configured for the specific
1538 * afi/safi */
1539 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
1540 zlog_info(
1541 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1542 peer->host, nlris[i].afi, nlris[i].safi);
1543 continue;
1544 }
1545
1546 /* EoR handled later */
1547 if (nlris[i].length == 0)
1548 continue;
1549
1550 switch (i) {
1551 case NLRI_UPDATE:
1552 case NLRI_MP_UPDATE:
1553 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
1554 &nlris[i], 0);
1555 break;
1556 case NLRI_WITHDRAW:
1557 case NLRI_MP_WITHDRAW:
1558 nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1);
1559 break;
1560 default:
1561 nlri_ret = -1;
1562 }
1563
1564 if (nlri_ret < 0) {
1565 zlog_err("%s [Error] Error parsing NLRI", peer->host);
1566 if (peer->status == Established)
1567 bgp_notify_send(
1568 peer, BGP_NOTIFY_UPDATE_ERR,
1569 i <= NLRI_WITHDRAW
1570 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1571 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1572 bgp_attr_unintern_sub(&attr);
1573 return BGP_Stop;
1574 }
1575 }
1576
1577 /* EoR checks
1578 *
1579 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1580 * and MP EoR should have only an empty MP_UNREACH
1581 */
1582 if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
1583 || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
1584 afi_t afi = 0;
1585 safi_t safi;
1586
1587 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1588 * checked
1589 * update and withdraw NLRI lengths are 0.
1590 */
1591 if (!attribute_len) {
1592 afi = AFI_IP;
1593 safi = SAFI_UNICAST;
1594 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
1595 && nlris[NLRI_MP_WITHDRAW].length == 0) {
1596 afi = nlris[NLRI_MP_WITHDRAW].afi;
1597 safi = nlris[NLRI_MP_WITHDRAW].safi;
1598 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
1599 afi = nlris[NLRI_MP_UPDATE].afi;
1600 safi = nlris[NLRI_MP_UPDATE].safi;
1601 }
1602
1603 if (afi && peer->afc[afi][safi]) {
1604 /* End-of-RIB received */
1605 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
1606 PEER_STATUS_EOR_RECEIVED)) {
1607 SET_FLAG(peer->af_sflags[afi][safi],
1608 PEER_STATUS_EOR_RECEIVED);
1609 bgp_update_explicit_eors(peer);
1610 }
1611
1612 /* NSF delete stale route */
1613 if (peer->nsf[afi][safi])
1614 bgp_clear_stale_route(peer, afi, safi);
1615
1616 if (bgp_debug_neighbor_events(peer)) {
1617 zlog_debug("rcvd End-of-RIB for %s from %s",
1618 afi_safi_print(afi, safi),
1619 peer->host);
1620 }
1621 }
1622 }
1623
1624 /* Everything is done. We unintern temporary structures which
1625 interned in bgp_attr_parse(). */
1626 bgp_attr_unintern_sub(&attr);
1627
1628 peer->update_time = bgp_clock();
1629
1630 /* Rearm holdtime timer */
1631 BGP_TIMER_OFF(peer->t_holdtime);
1632 bgp_timer_set(peer);
1633
1634 return Receive_UPDATE_message;
1635 }
1636
1637 /**
1638 * Process BGP NOTIFY message for peer.
1639 *
1640 * @param peer
1641 * @param size size of the packet
1642 * @return as in summary
1643 */
1644 static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
1645 {
1646 struct bgp_notify bgp_notify;
1647
1648 if (peer->notify.data) {
1649 XFREE(MTYPE_TMP, peer->notify.data);
1650 peer->notify.data = NULL;
1651 peer->notify.length = 0;
1652 }
1653
1654 bgp_notify.code = stream_getc(peer->curr);
1655 bgp_notify.subcode = stream_getc(peer->curr);
1656 bgp_notify.length = size - 2;
1657 bgp_notify.data = NULL;
1658
1659 /* Preserv notify code and sub code. */
1660 peer->notify.code = bgp_notify.code;
1661 peer->notify.subcode = bgp_notify.subcode;
1662 /* For further diagnostic record returned Data. */
1663 if (bgp_notify.length) {
1664 peer->notify.length = size - 2;
1665 peer->notify.data = XMALLOC(MTYPE_TMP, size - 2);
1666 memcpy(peer->notify.data, stream_pnt(peer->curr), size - 2);
1667 }
1668
1669 /* For debug */
1670 {
1671 int i;
1672 int first = 0;
1673 char c[4];
1674
1675 if (bgp_notify.length) {
1676 bgp_notify.data =
1677 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
1678 for (i = 0; i < bgp_notify.length; i++)
1679 if (first) {
1680 sprintf(c, " %02x",
1681 stream_getc(peer->curr));
1682 strcat(bgp_notify.data, c);
1683 } else {
1684 first = 1;
1685 sprintf(c, "%02x",
1686 stream_getc(peer->curr));
1687 strcpy(bgp_notify.data, c);
1688 }
1689 bgp_notify.raw_data = (uint8_t *)peer->notify.data;
1690 }
1691
1692 bgp_notify_print(peer, &bgp_notify, "received");
1693 if (bgp_notify.data) {
1694 XFREE(MTYPE_TMP, bgp_notify.data);
1695 bgp_notify.data = NULL;
1696 bgp_notify.length = 0;
1697 }
1698 }
1699
1700 /* peer count update */
1701 atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
1702
1703 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1704
1705 /* We have to check for Notify with Unsupported Optional Parameter.
1706 in that case we fallback to open without the capability option.
1707 But this done in bgp_stop. We just mark it here to avoid changing
1708 the fsm tables. */
1709 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR
1710 && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
1711 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1712
1713 return Receive_NOTIFICATION_message;
1714 }
1715
1716 /**
1717 * Process BGP ROUTEREFRESH message for peer.
1718 *
1719 * @param peer
1720 * @param size size of the packet
1721 * @return as in summary
1722 */
1723 static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
1724 {
1725 iana_afi_t pkt_afi;
1726 afi_t afi;
1727 iana_safi_t pkt_safi;
1728 safi_t safi;
1729 struct stream *s;
1730 struct peer_af *paf;
1731 struct update_group *updgrp;
1732 struct peer *updgrp_peer;
1733
1734 /* If peer does not have the capability, send notification. */
1735 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
1736 zlog_err("%s [Error] BGP route refresh is not enabled",
1737 peer->host);
1738 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
1739 BGP_NOTIFY_HEADER_BAD_MESTYPE);
1740 return BGP_Stop;
1741 }
1742
1743 /* Status must be Established. */
1744 if (peer->status != Established) {
1745 zlog_err(
1746 "%s [Error] Route refresh packet received under status %s",
1747 peer->host,
1748 lookup_msg(bgp_status_msg, peer->status, NULL));
1749 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
1750 return BGP_Stop;
1751 }
1752
1753 s = peer->curr;
1754
1755 /* Parse packet. */
1756 pkt_afi = stream_getw(s);
1757 (void)stream_getc(s);
1758 pkt_safi = stream_getc(s);
1759
1760 if (bgp_debug_update(peer, NULL, NULL, 0))
1761 zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %d/%d",
1762 peer->host, pkt_afi, pkt_safi);
1763
1764 /* Convert AFI, SAFI to internal values and check. */
1765 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1766 zlog_info(
1767 "%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored",
1768 peer->host, pkt_afi, pkt_safi);
1769 return BGP_PACKET_NOOP;
1770 }
1771
1772 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
1773 uint8_t *end;
1774 uint8_t when_to_refresh;
1775 uint8_t orf_type;
1776 uint16_t orf_len;
1777
1778 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1779 < 5) {
1780 zlog_info("%s ORF route refresh length error",
1781 peer->host);
1782 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
1783 return BGP_Stop;
1784 }
1785
1786 when_to_refresh = stream_getc(s);
1787 end = stream_pnt(s) + (size - 5);
1788
1789 while ((stream_pnt(s) + 2) < end) {
1790 orf_type = stream_getc(s);
1791 orf_len = stream_getw(s);
1792
1793 /* orf_len in bounds? */
1794 if ((stream_pnt(s) + orf_len) > end)
1795 break; /* XXX: Notify instead?? */
1796 if (orf_type == ORF_TYPE_PREFIX
1797 || orf_type == ORF_TYPE_PREFIX_OLD) {
1798 uint8_t *p_pnt = stream_pnt(s);
1799 uint8_t *p_end = stream_pnt(s) + orf_len;
1800 struct orf_prefix orfp;
1801 uint8_t common = 0;
1802 uint32_t seq;
1803 int psize;
1804 char name[BUFSIZ];
1805 int ret = CMD_SUCCESS;
1806
1807 if (bgp_debug_neighbor_events(peer)) {
1808 zlog_debug(
1809 "%s rcvd Prefixlist ORF(%d) length %d",
1810 peer->host, orf_type, orf_len);
1811 }
1812
1813 /* we're going to read at least 1 byte of common
1814 * ORF header,
1815 * and 7 bytes of ORF Address-filter entry from
1816 * the stream
1817 */
1818 if (orf_len < 7)
1819 break;
1820
1821 /* ORF prefix-list name */
1822 sprintf(name, "%s.%d.%d", peer->host, afi,
1823 safi);
1824
1825 while (p_pnt < p_end) {
1826 /* If the ORF entry is malformed, want
1827 * to read as much of it
1828 * as possible without going beyond the
1829 * bounds of the entry,
1830 * to maximise debug information.
1831 */
1832 int ok;
1833 memset(&orfp, 0,
1834 sizeof(struct orf_prefix));
1835 common = *p_pnt++;
1836 /* after ++: p_pnt <= p_end */
1837 if (common
1838 & ORF_COMMON_PART_REMOVE_ALL) {
1839 if (bgp_debug_neighbor_events(
1840 peer))
1841 zlog_debug(
1842 "%s rcvd Remove-All pfxlist ORF request",
1843 peer->host);
1844 prefix_bgp_orf_remove_all(afi,
1845 name);
1846 break;
1847 }
1848 ok = ((uint32_t)(p_end - p_pnt)
1849 >= sizeof(uint32_t));
1850 if (ok) {
1851 memcpy(&seq, p_pnt,
1852 sizeof(uint32_t));
1853 p_pnt += sizeof(uint32_t);
1854 orfp.seq = ntohl(seq);
1855 } else
1856 p_pnt = p_end;
1857
1858 if ((ok = (p_pnt < p_end)))
1859 orfp.ge =
1860 *p_pnt++; /* value
1861 checked in
1862 prefix_bgp_orf_set()
1863 */
1864 if ((ok = (p_pnt < p_end)))
1865 orfp.le =
1866 *p_pnt++; /* value
1867 checked in
1868 prefix_bgp_orf_set()
1869 */
1870 if ((ok = (p_pnt < p_end)))
1871 orfp.p.prefixlen = *p_pnt++;
1872 orfp.p.family = afi2family(
1873 afi); /* afi checked already */
1874
1875 psize = PSIZE(
1876 orfp.p.prefixlen); /* 0 if not
1877 ok */
1878 if (psize
1879 > prefix_blen(
1880 &orfp.p)) /* valid for
1881 family ? */
1882 {
1883 ok = 0;
1884 psize = prefix_blen(&orfp.p);
1885 }
1886 if (psize
1887 > (p_end - p_pnt)) /* valid for
1888 packet ? */
1889 {
1890 ok = 0;
1891 psize = p_end - p_pnt;
1892 }
1893
1894 if (psize > 0)
1895 memcpy(&orfp.p.u.prefix, p_pnt,
1896 psize);
1897 p_pnt += psize;
1898
1899 if (bgp_debug_neighbor_events(peer)) {
1900 char buf[INET6_BUFSIZ];
1901
1902 zlog_debug(
1903 "%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
1904 peer->host,
1905 (common & ORF_COMMON_PART_REMOVE
1906 ? "Remove"
1907 : "Add"),
1908 (common & ORF_COMMON_PART_DENY
1909 ? "deny"
1910 : "permit"),
1911 orfp.seq,
1912 inet_ntop(
1913 orfp.p.family,
1914 &orfp.p.u.prefix,
1915 buf,
1916 INET6_BUFSIZ),
1917 orfp.p.prefixlen,
1918 orfp.ge, orfp.le,
1919 ok ? "" : " MALFORMED");
1920 }
1921
1922 if (ok)
1923 ret = prefix_bgp_orf_set(
1924 name, afi, &orfp,
1925 (common & ORF_COMMON_PART_DENY
1926 ? 0
1927 : 1),
1928 (common & ORF_COMMON_PART_REMOVE
1929 ? 0
1930 : 1));
1931
1932 if (!ok || (ok && ret != CMD_SUCCESS)) {
1933 zlog_info(
1934 "%s Received misformatted prefixlist ORF."
1935 " Remove All pfxlist",
1936 peer->host);
1937 prefix_bgp_orf_remove_all(afi,
1938 name);
1939 break;
1940 }
1941 }
1942
1943 peer->orf_plist[afi][safi] =
1944 prefix_bgp_orf_lookup(afi, name);
1945 }
1946 stream_forward_getp(s, orf_len);
1947 }
1948 if (bgp_debug_neighbor_events(peer))
1949 zlog_debug("%s rcvd Refresh %s ORF request", peer->host,
1950 when_to_refresh == REFRESH_DEFER
1951 ? "Defer"
1952 : "Immediate");
1953 if (when_to_refresh == REFRESH_DEFER)
1954 return BGP_PACKET_NOOP;
1955 }
1956
1957 /* First update is deferred until ORF or ROUTE-REFRESH is received */
1958 if (CHECK_FLAG(peer->af_sflags[afi][safi],
1959 PEER_STATUS_ORF_WAIT_REFRESH))
1960 UNSET_FLAG(peer->af_sflags[afi][safi],
1961 PEER_STATUS_ORF_WAIT_REFRESH);
1962
1963 paf = peer_af_find(peer, afi, safi);
1964 if (paf && paf->subgroup) {
1965 if (peer->orf_plist[afi][safi]) {
1966 updgrp = PAF_UPDGRP(paf);
1967 updgrp_peer = UPDGRP_PEER(updgrp);
1968 updgrp_peer->orf_plist[afi][safi] =
1969 peer->orf_plist[afi][safi];
1970 }
1971
1972 /* If the peer is configured for default-originate clear the
1973 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
1974 * re-advertise the
1975 * default
1976 */
1977 if (CHECK_FLAG(paf->subgroup->sflags,
1978 SUBGRP_STATUS_DEFAULT_ORIGINATE))
1979 UNSET_FLAG(paf->subgroup->sflags,
1980 SUBGRP_STATUS_DEFAULT_ORIGINATE);
1981 }
1982
1983 /* Perform route refreshment to the peer */
1984 bgp_announce_route(peer, afi, safi);
1985
1986 /* No FSM action necessary */
1987 return BGP_PACKET_NOOP;
1988 }
1989
1990 /**
1991 * Parse BGP CAPABILITY message for peer.
1992 *
1993 * @param peer
1994 * @param size size of the packet
1995 * @return as in summary
1996 */
1997 static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
1998 bgp_size_t length)
1999 {
2000 uint8_t *end;
2001 struct capability_mp_data mpc;
2002 struct capability_header *hdr;
2003 uint8_t action;
2004 iana_afi_t pkt_afi;
2005 afi_t afi;
2006 iana_safi_t pkt_safi;
2007 safi_t safi;
2008
2009 end = pnt + length;
2010
2011 while (pnt < end) {
2012 /* We need at least action, capability code and capability
2013 * length. */
2014 if (pnt + 3 > end) {
2015 zlog_info("%s Capability length error", peer->host);
2016 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2017 return BGP_Stop;
2018 }
2019 action = *pnt;
2020 hdr = (struct capability_header *)(pnt + 1);
2021
2022 /* Action value check. */
2023 if (action != CAPABILITY_ACTION_SET
2024 && action != CAPABILITY_ACTION_UNSET) {
2025 zlog_info("%s Capability Action Value error %d",
2026 peer->host, action);
2027 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2028 return BGP_Stop;
2029 }
2030
2031 if (bgp_debug_neighbor_events(peer))
2032 zlog_debug(
2033 "%s CAPABILITY has action: %d, code: %u, length %u",
2034 peer->host, action, hdr->code, hdr->length);
2035
2036 /* Capability length check. */
2037 if ((pnt + hdr->length + 3) > end) {
2038 zlog_info("%s Capability length error", peer->host);
2039 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2040 return BGP_Stop;
2041 }
2042
2043 /* Fetch structure to the byte stream. */
2044 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
2045 pnt += hdr->length + 3;
2046
2047 /* We know MP Capability Code. */
2048 if (hdr->code == CAPABILITY_CODE_MP) {
2049 pkt_afi = ntohs(mpc.afi);
2050 pkt_safi = mpc.safi;
2051
2052 /* Ignore capability when override-capability is set. */
2053 if (CHECK_FLAG(peer->flags,
2054 PEER_FLAG_OVERRIDE_CAPABILITY))
2055 continue;
2056
2057 /* Convert AFI, SAFI to internal values. */
2058 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2059 &safi)) {
2060 if (bgp_debug_neighbor_events(peer))
2061 zlog_debug(
2062 "%s Dynamic Capability MP_EXT afi/safi invalid "
2063 "(%u/%u)",
2064 peer->host, pkt_afi, pkt_safi);
2065 continue;
2066 }
2067
2068 /* Address family check. */
2069 if (bgp_debug_neighbor_events(peer))
2070 zlog_debug(
2071 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2072 peer->host,
2073 action == CAPABILITY_ACTION_SET
2074 ? "Advertising"
2075 : "Removing",
2076 pkt_afi, pkt_safi);
2077
2078 if (action == CAPABILITY_ACTION_SET) {
2079 peer->afc_recv[afi][safi] = 1;
2080 if (peer->afc[afi][safi]) {
2081 peer->afc_nego[afi][safi] = 1;
2082 bgp_announce_route(peer, afi, safi);
2083 }
2084 } else {
2085 peer->afc_recv[afi][safi] = 0;
2086 peer->afc_nego[afi][safi] = 0;
2087
2088 if (peer_active_nego(peer))
2089 bgp_clear_route(peer, afi, safi);
2090 else
2091 return BGP_Stop;
2092 }
2093 } else {
2094 zlog_warn(
2095 "%s unrecognized capability code: %d - ignored",
2096 peer->host, hdr->code);
2097 }
2098 }
2099
2100 /* No FSM action necessary */
2101 return BGP_PACKET_NOOP;
2102 }
2103
2104 /**
2105 * Parse BGP CAPABILITY message for peer.
2106 *
2107 * Exported for unit testing.
2108 *
2109 * @param peer
2110 * @param size size of the packet
2111 * @return as in summary
2112 */
2113 int bgp_capability_receive(struct peer *peer, bgp_size_t size)
2114 {
2115 uint8_t *pnt;
2116
2117 /* Fetch pointer. */
2118 pnt = stream_pnt(peer->curr);
2119
2120 if (bgp_debug_neighbor_events(peer))
2121 zlog_debug("%s rcv CAPABILITY", peer->host);
2122
2123 /* If peer does not have the capability, send notification. */
2124 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
2125 zlog_err("%s [Error] BGP dynamic capability is not enabled",
2126 peer->host);
2127 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2128 BGP_NOTIFY_HEADER_BAD_MESTYPE);
2129 return BGP_Stop;
2130 }
2131
2132 /* Status must be Established. */
2133 if (peer->status != Established) {
2134 zlog_err(
2135 "%s [Error] Dynamic capability packet received under status %s",
2136 peer->host,
2137 lookup_msg(bgp_status_msg, peer->status, NULL));
2138 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
2139 return BGP_Stop;
2140 }
2141
2142 /* Parse packet. */
2143 return bgp_capability_msg_parse(peer, pnt, size);
2144 }
2145
2146 /**
2147 * Processes a peer's input buffer.
2148 *
2149 * This function sidesteps the event loop and directly calls bgp_event_update()
2150 * after processing each BGP message. This is necessary to ensure proper
2151 * ordering of FSM events and unifies the behavior that was present previously,
2152 * whereby some of the packet handling functions would update the FSM and some
2153 * would not, making event flow difficult to understand. Please think twice
2154 * before hacking this.
2155 *
2156 * Thread type: THREAD_EVENT
2157 * @param thread
2158 * @return 0
2159 */
2160 int bgp_process_packet(struct thread *thread)
2161 {
2162 /* Yes first of all get peer pointer. */
2163 struct peer *peer; // peer
2164 uint32_t rpkt_quanta_old; // how many packets to read
2165 int fsm_update_result; // return code of bgp_event_update()
2166 int mprc; // message processing return code
2167
2168 peer = THREAD_ARG(thread);
2169 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2170 memory_order_relaxed);
2171 fsm_update_result = 0;
2172
2173 /* Guard against scheduled events that occur after peer deletion. */
2174 if (peer->status == Deleted || peer->status == Clearing)
2175 return 0;
2176
2177 unsigned int processed = 0;
2178
2179 while (processed < rpkt_quanta_old) {
2180 uint8_t type = 0;
2181 bgp_size_t size;
2182 char notify_data_length[2];
2183
2184 pthread_mutex_lock(&peer->io_mtx);
2185 {
2186 peer->curr = stream_fifo_pop(peer->ibuf);
2187 }
2188 pthread_mutex_unlock(&peer->io_mtx);
2189
2190 if (peer->curr == NULL) // no packets to process, hmm...
2191 return 0;
2192
2193 /* skip the marker and copy the packet length */
2194 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2195 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2196
2197 /* read in the packet length and type */
2198 size = stream_getw(peer->curr);
2199 type = stream_getc(peer->curr);
2200
2201 /* BGP packet dump function. */
2202 bgp_dump_packet(peer, type, peer->curr);
2203
2204 /* adjust size to exclude the marker + length + type */
2205 size -= BGP_HEADER_SIZE;
2206
2207 /* Read rest of the packet and call each sort of packet routine
2208 */
2209 switch (type) {
2210 case BGP_MSG_OPEN:
2211 atomic_fetch_add_explicit(&peer->open_in, 1,
2212 memory_order_relaxed);
2213 mprc = bgp_open_receive(peer, size);
2214 if (mprc == BGP_Stop)
2215 zlog_err(
2216 "%s: BGP OPEN receipt failed for peer: %s",
2217 __FUNCTION__, peer->host);
2218 break;
2219 case BGP_MSG_UPDATE:
2220 atomic_fetch_add_explicit(&peer->update_in, 1,
2221 memory_order_relaxed);
2222 peer->readtime = monotime(NULL);
2223 mprc = bgp_update_receive(peer, size);
2224 if (mprc == BGP_Stop)
2225 zlog_err(
2226 "%s: BGP UPDATE receipt failed for peer: %s",
2227 __FUNCTION__, peer->host);
2228 break;
2229 case BGP_MSG_NOTIFY:
2230 atomic_fetch_add_explicit(&peer->notify_in, 1,
2231 memory_order_relaxed);
2232 mprc = bgp_notify_receive(peer, size);
2233 if (mprc == BGP_Stop)
2234 zlog_err(
2235 "%s: BGP NOTIFY receipt failed for peer: %s",
2236 __FUNCTION__, peer->host);
2237 break;
2238 case BGP_MSG_KEEPALIVE:
2239 peer->readtime = monotime(NULL);
2240 atomic_fetch_add_explicit(&peer->keepalive_in, 1,
2241 memory_order_relaxed);
2242 mprc = bgp_keepalive_receive(peer, size);
2243 if (mprc == BGP_Stop)
2244 zlog_err(
2245 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2246 __FUNCTION__, peer->host);
2247 break;
2248 case BGP_MSG_ROUTE_REFRESH_NEW:
2249 case BGP_MSG_ROUTE_REFRESH_OLD:
2250 atomic_fetch_add_explicit(&peer->refresh_in, 1,
2251 memory_order_relaxed);
2252 mprc = bgp_route_refresh_receive(peer, size);
2253 if (mprc == BGP_Stop)
2254 zlog_err(
2255 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2256 __FUNCTION__, peer->host);
2257 break;
2258 case BGP_MSG_CAPABILITY:
2259 atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
2260 memory_order_relaxed);
2261 mprc = bgp_capability_receive(peer, size);
2262 if (mprc == BGP_Stop)
2263 zlog_err(
2264 "%s: BGP CAPABILITY receipt failed for peer: %s",
2265 __FUNCTION__, peer->host);
2266 break;
2267 default:
2268 /*
2269 * The message type should have been sanitized before
2270 * we ever got here. Receipt of a message with an
2271 * invalid header at this point is indicative of a
2272 * security issue.
2273 */
2274 assert (!"Message of invalid type received during input processing");
2275 }
2276
2277 /* delete processed packet */
2278 stream_free(peer->curr);
2279 peer->curr = NULL;
2280 processed++;
2281
2282 /* Update FSM */
2283 if (mprc != BGP_PACKET_NOOP)
2284 fsm_update_result = bgp_event_update(peer, mprc);
2285 else
2286 continue;
2287
2288 /*
2289 * If peer was deleted, do not process any more packets. This
2290 * is usually due to executing BGP_Stop or a stub deletion.
2291 */
2292 if (fsm_update_result == FSM_PEER_TRANSFERRED
2293 || fsm_update_result == FSM_PEER_STOPPED)
2294 break;
2295 }
2296
2297 if (fsm_update_result != FSM_PEER_TRANSFERRED
2298 && fsm_update_result != FSM_PEER_STOPPED) {
2299 pthread_mutex_lock(&peer->io_mtx);
2300 {
2301 // more work to do, come back later
2302 if (peer->ibuf->count > 0)
2303 thread_add_timer_msec(
2304 bm->master, bgp_process_packet, peer, 0,
2305 &peer->t_process_packet);
2306 }
2307 pthread_mutex_unlock(&peer->io_mtx);
2308 }
2309
2310 return 0;
2311 }
FRRouting mirror