]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bgpd: restore packet input limit
[mirror_frr.git] / bgpd / bgp_packet.c
1 /* BGP packet management routine.
2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
22
23 #include <zebra.h>
24 #include <sys/time.h>
25
26 #include "thread.h"
27 #include "stream.h"
28 #include "network.h"
29 #include "prefix.h"
30 #include "command.h"
31 #include "log.h"
32 #include "memory.h"
33 #include "sockunion.h" /* for inet_ntop () */
34 #include "sockopt.h"
35 #include "linklist.h"
36 #include "plist.h"
37 #include "queue.h"
38 #include "filter.h"
39
40 #include "bgpd/bgpd.h"
41 #include "bgpd/bgp_table.h"
42 #include "bgpd/bgp_dump.h"
43 #include "bgpd/bgp_attr.h"
44 #include "bgpd/bgp_debug.h"
45 #include "bgpd/bgp_fsm.h"
46 #include "bgpd/bgp_route.h"
47 #include "bgpd/bgp_packet.h"
48 #include "bgpd/bgp_open.h"
49 #include "bgpd/bgp_aspath.h"
50 #include "bgpd/bgp_community.h"
51 #include "bgpd/bgp_ecommunity.h"
52 #include "bgpd/bgp_lcommunity.h"
53 #include "bgpd/bgp_network.h"
54 #include "bgpd/bgp_mplsvpn.h"
55 #include "bgpd/bgp_evpn.h"
56 #include "bgpd/bgp_advertise.h"
57 #include "bgpd/bgp_vty.h"
58 #include "bgpd/bgp_updgrp.h"
59 #include "bgpd/bgp_label.h"
60 #include "bgpd/bgp_io.h"
61
62 /**
63 * Sets marker and type fields for a BGP message.
64 *
65 * @param s the stream containing the packet
66 * @param type the packet type
67 * @return the size of the stream
68 */
69 int bgp_packet_set_marker(struct stream *s, u_char type)
70 {
71 int i;
72
73 /* Fill in marker. */
74 for (i = 0; i < BGP_MARKER_SIZE; i++)
75 stream_putc(s, 0xff);
76
77 /* Dummy total length. This field is should be filled in later on. */
78 stream_putw(s, 0);
79
80 /* BGP packet type. */
81 stream_putc(s, type);
82
83 /* Return current stream size. */
84 return stream_get_endp(s);
85 }
86
87 /**
88 * Sets size field for a BGP message.
89 *
90 * Size field is set to the size of the stream passed.
91 *
92 * @param s the stream containing the packet
93 * @return the size of the stream
94 */
95 int bgp_packet_set_size(struct stream *s)
96 {
97 int cp;
98
99 /* Preserve current pointer. */
100 cp = stream_get_endp(s);
101 stream_putw_at(s, BGP_MARKER_SIZE, cp);
102
103 return cp;
104 }
105
106 /*
107 * Push a packet onto the beginning of the peer's output queue.
108 * This function acquires the peer's write mutex before proceeding.
109 */
110 static void bgp_packet_add(struct peer *peer, struct stream *s)
111 {
112 pthread_mutex_lock(&peer->io_mtx);
113 stream_fifo_push(peer->obuf, s);
114 pthread_mutex_unlock(&peer->io_mtx);
115 }
116
117 static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
118 safi_t safi)
119 {
120 struct stream *s;
121 iana_afi_t pkt_afi;
122 iana_safi_t pkt_safi;
123
124 if (DISABLE_BGP_ANNOUNCE)
125 return NULL;
126
127 if (bgp_debug_neighbor_events(peer))
128 zlog_debug("send End-of-RIB for %s to %s",
129 afi_safi_print(afi, safi), peer->host);
130
131 s = stream_new(BGP_MAX_PACKET_SIZE);
132
133 /* Make BGP update packet. */
134 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
135
136 /* Unfeasible Routes Length */
137 stream_putw(s, 0);
138
139 if (afi == AFI_IP && safi == SAFI_UNICAST) {
140 /* Total Path Attribute Length */
141 stream_putw(s, 0);
142 } else {
143 /* Convert AFI, SAFI to values for packet. */
144 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
145
146 /* Total Path Attribute Length */
147 stream_putw(s, 6);
148 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
149 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
150 stream_putc(s, 3);
151 stream_putw(s, pkt_afi);
152 stream_putc(s, pkt_safi);
153 }
154
155 bgp_packet_set_size(s);
156 return s;
157 }
158
159 /* Called when there is a change in the EOR(implicit or explicit) status of a
160 * peer. Ends the update-delay if all expected peers are done with EORs. */
161 void bgp_check_update_delay(struct bgp *bgp)
162 {
163 struct listnode *node, *nnode;
164 struct peer *peer = NULL;
165
166 if (bgp_debug_neighbor_events(peer))
167 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
168 bgp->established, bgp->restarted_peers,
169 bgp->implicit_eors, bgp->explicit_eors);
170
171 if (bgp->established
172 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
173 /*
174 * This is an extra sanity check to make sure we wait for all
175 * the eligible configured peers. This check is performed if
176 * establish wait timer is on, or establish wait option is not
177 * given with the update-delay command
178 */
179 if (bgp->t_establish_wait
180 || (bgp->v_establish_wait == bgp->v_update_delay))
181 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
182 if (CHECK_FLAG(peer->flags,
183 PEER_FLAG_CONFIG_NODE)
184 && !CHECK_FLAG(peer->flags,
185 PEER_FLAG_SHUTDOWN)
186 && !peer->update_delay_over) {
187 if (bgp_debug_neighbor_events(peer))
188 zlog_debug(
189 " Peer %s pending, continuing read-only mode",
190 peer->host);
191 return;
192 }
193 }
194
195 zlog_info(
196 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
197 bgp->restarted_peers, bgp->implicit_eors,
198 bgp->explicit_eors);
199 bgp_update_delay_end(bgp);
200 }
201 }
202
203 /*
204 * Called if peer is known to have restarted. The restart-state bit in
205 * Graceful-Restart capability is used for that
206 */
207 void bgp_update_restarted_peers(struct peer *peer)
208 {
209 if (!bgp_update_delay_active(peer->bgp))
210 return; /* BGP update delay has ended */
211 if (peer->update_delay_over)
212 return; /* This peer has already been considered */
213
214 if (bgp_debug_neighbor_events(peer))
215 zlog_debug("Peer %s: Checking restarted", peer->host);
216
217 if (peer->status == Established) {
218 peer->update_delay_over = 1;
219 peer->bgp->restarted_peers++;
220 bgp_check_update_delay(peer->bgp);
221 }
222 }
223
224 /*
225 * Called as peer receives a keep-alive. Determines if this occurence can be
226 * taken as an implicit EOR for this peer.
227 * NOTE: The very first keep-alive after the Established state of a peer is
228 * considered implicit EOR for the update-delay purposes
229 */
230 void bgp_update_implicit_eors(struct peer *peer)
231 {
232 if (!bgp_update_delay_active(peer->bgp))
233 return; /* BGP update delay has ended */
234 if (peer->update_delay_over)
235 return; /* This peer has already been considered */
236
237 if (bgp_debug_neighbor_events(peer))
238 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
239
240 if (peer->status == Established) {
241 peer->update_delay_over = 1;
242 peer->bgp->implicit_eors++;
243 bgp_check_update_delay(peer->bgp);
244 }
245 }
246
247 /*
248 * Should be called only when there is a change in the EOR_RECEIVED status
249 * for any afi/safi on a peer.
250 */
251 static void bgp_update_explicit_eors(struct peer *peer)
252 {
253 afi_t afi;
254 safi_t safi;
255
256 if (!bgp_update_delay_active(peer->bgp))
257 return; /* BGP update delay has ended */
258 if (peer->update_delay_over)
259 return; /* This peer has already been considered */
260
261 if (bgp_debug_neighbor_events(peer))
262 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
263
264 for (afi = AFI_IP; afi < AFI_MAX; afi++)
265 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
266 if (peer->afc_nego[afi][safi]
267 && !CHECK_FLAG(peer->af_sflags[afi][safi],
268 PEER_STATUS_EOR_RECEIVED)) {
269 if (bgp_debug_neighbor_events(peer))
270 zlog_debug(
271 " afi %d safi %d didnt receive EOR",
272 afi, safi);
273 return;
274 }
275 }
276
277 peer->update_delay_over = 1;
278 peer->bgp->explicit_eors++;
279 bgp_check_update_delay(peer->bgp);
280 }
281
282 /**
283 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
284 *
285 * mp_withdraw, if set, is used to nullify attr structure on most of the
286 * calling safi function and for evpn, passed as parameter
287 */
288 int bgp_nlri_parse(struct peer *peer, struct attr *attr,
289 struct bgp_nlri *packet, int mp_withdraw)
290 {
291 switch (packet->safi) {
292 case SAFI_UNICAST:
293 case SAFI_MULTICAST:
294 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
295 packet);
296 case SAFI_LABELED_UNICAST:
297 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
298 packet);
299 case SAFI_MPLS_VPN:
300 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
301 packet);
302 case SAFI_EVPN:
303 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
304 }
305 return -1;
306 }
307
308 /* The next action for the peer from a write perspective */
309 static void bgp_write_proceed_actions(struct peer *peer)
310 {
311 afi_t afi;
312 safi_t safi;
313 struct peer_af *paf;
314 struct bpacket *next_pkt;
315 struct update_subgroup *subgrp;
316
317 for (afi = AFI_IP; afi < AFI_MAX; afi++)
318 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
319 paf = peer_af_find(peer, afi, safi);
320 if (!paf)
321 continue;
322 subgrp = paf->subgroup;
323 if (!subgrp)
324 continue;
325
326 next_pkt = paf->next_pkt_to_send;
327 if (next_pkt && next_pkt->buffer) {
328 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
329 bgp_generate_updgrp_packets, 0);
330 return;
331 }
332
333 /* No packets readily available for AFI/SAFI, are there
334 * subgroup packets
335 * that need to be generated? */
336 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
337 SUBGRP_PKTQ(subgrp))
338 || subgroup_packets_to_build(subgrp)) {
339 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
340 bgp_generate_updgrp_packets, 0);
341 return;
342 }
343
344 /* No packets to send, see if EOR is pending */
345 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
346 if (!subgrp->t_coalesce
347 && peer->afc_nego[afi][safi]
348 && peer->synctime
349 && !CHECK_FLAG(peer->af_sflags[afi][safi],
350 PEER_STATUS_EOR_SEND)
351 && safi != SAFI_MPLS_VPN) {
352 BGP_TIMER_ON(
353 peer->t_generate_updgrp_packets,
354 bgp_generate_updgrp_packets, 0);
355 return;
356 }
357 }
358 }
359 }
360
361 /**
362 * Enqueue onto the peer's output buffer any packets which are pending for the
363 * update group it is a member of.
364 *
365 * XXX: Severely needs performance work.
366 */
367 int bgp_generate_updgrp_packets(struct thread *thread)
368 {
369 struct peer *peer = THREAD_ARG(thread);
370
371 struct stream *s;
372 struct peer_af *paf;
373 struct bpacket *next_pkt;
374 afi_t afi;
375 safi_t safi;
376
377 /*
378 * The code beyond this part deals with update packets, proceed only
379 * if peer is Established and updates are not on hold (as part of
380 * update-delay post processing).
381 */
382 if (peer->status != Established)
383 return 0;
384
385 if (peer->bgp && peer->bgp->main_peers_update_hold)
386 return 0;
387
388 do {
389 s = NULL;
390 for (afi = AFI_IP; afi < AFI_MAX; afi++)
391 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
392 paf = peer_af_find(peer, afi, safi);
393 if (!paf || !PAF_SUBGRP(paf))
394 continue;
395 next_pkt = paf->next_pkt_to_send;
396
397 /*
398 * Try to generate a packet for the peer if we
399 * are at the end of the list. Always try to
400 * push out WITHDRAWs first.
401 */
402 if (!next_pkt || !next_pkt->buffer) {
403 next_pkt = subgroup_withdraw_packet(
404 PAF_SUBGRP(paf));
405 if (!next_pkt || !next_pkt->buffer)
406 subgroup_update_packet(
407 PAF_SUBGRP(paf));
408 next_pkt = paf->next_pkt_to_send;
409 }
410
411 /*
412 * If we still don't have a packet to send to
413 * the peer, then try to find out out if we
414 * have to send eor or if not, skip to the next
415 * AFI, SAFI. Don't send the EOR prematurely...
416 * if the subgroup's coalesce timer is running,
417 * the adjacency-out structure is not created
418 * yet.
419 */
420 if (!next_pkt || !next_pkt->buffer) {
421 if (CHECK_FLAG(peer->cap,
422 PEER_CAP_RESTART_RCV)) {
423 if (!(PAF_SUBGRP(paf))
424 ->t_coalesce
425 && peer->afc_nego[afi][safi]
426 && peer->synctime
427 && !CHECK_FLAG(
428 peer->af_sflags
429 [afi]
430 [safi],
431 PEER_STATUS_EOR_SEND)) {
432 SET_FLAG(
433 peer->af_sflags
434 [afi]
435 [safi],
436 PEER_STATUS_EOR_SEND);
437
438 if ((s = bgp_update_packet_eor(
439 peer, afi,
440 safi))) {
441 bgp_packet_add(
442 peer,
443 s);
444 bgp_writes_on(
445 peer);
446 }
447 }
448 }
449 continue;
450 }
451
452
453 /* Found a packet template to send, overwrite
454 * packet with appropriate attributes from peer
455 * and advance peer */
456 s = bpacket_reformat_for_peer(next_pkt, paf);
457 bgp_packet_add(peer, s);
458 bgp_writes_on(peer);
459 bpacket_queue_advance_peer(paf);
460 }
461 } while (s);
462
463 bgp_write_proceed_actions(peer);
464
465 return 0;
466 }
467
468 /*
469 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
470 */
471 void bgp_keepalive_send(struct peer *peer)
472 {
473 struct stream *s;
474
475 s = stream_new(BGP_MAX_PACKET_SIZE);
476
477 /* Make keepalive packet. */
478 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
479
480 /* Set packet size. */
481 (void)bgp_packet_set_size(s);
482
483 /* Dump packet if debug option is set. */
484 /* bgp_packet_dump (s); */
485
486 if (bgp_debug_keepalive(peer))
487 zlog_debug("%s sending KEEPALIVE", peer->host);
488
489 /* Add packet to the peer. */
490 bgp_packet_add(peer, s);
491
492 bgp_writes_on(peer);
493 }
494
495 /*
496 * Creates a BGP Open packet and appends it to the peer's output queue.
497 * Sets capabilities as necessary.
498 */
499 void bgp_open_send(struct peer *peer)
500 {
501 struct stream *s;
502 u_int16_t send_holdtime;
503 as_t local_as;
504
505 if (PEER_OR_GROUP_TIMER_SET(peer))
506 send_holdtime = peer->holdtime;
507 else
508 send_holdtime = peer->bgp->default_holdtime;
509
510 /* local-as Change */
511 if (peer->change_local_as)
512 local_as = peer->change_local_as;
513 else
514 local_as = peer->local_as;
515
516 s = stream_new(BGP_MAX_PACKET_SIZE);
517
518 /* Make open packet. */
519 bgp_packet_set_marker(s, BGP_MSG_OPEN);
520
521 /* Set open packet values. */
522 stream_putc(s, BGP_VERSION_4); /* BGP version */
523 stream_putw(s,
524 (local_as <= BGP_AS_MAX) ? (u_int16_t)local_as
525 : BGP_AS_TRANS);
526 stream_putw(s, send_holdtime); /* Hold Time */
527 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
528
529 /* Set capability code. */
530 bgp_open_capability(s, peer);
531
532 /* Set BGP packet length. */
533 (void)bgp_packet_set_size(s);
534
535 if (bgp_debug_neighbor_events(peer))
536 zlog_debug(
537 "%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
538 peer->host, BGP_VERSION_4, local_as, send_holdtime,
539 inet_ntoa(peer->local_id));
540
541 /* Dump packet if debug option is set. */
542 /* bgp_packet_dump (s); */
543
544 /* Add packet to the peer. */
545 bgp_packet_add(peer, s);
546
547 bgp_writes_on(peer);
548 }
549
550 /* This is only for sending NOTIFICATION message to neighbor. */
551 static int bgp_write_notify(struct peer *peer)
552 {
553 int ret, val;
554 u_char type;
555 struct stream *s;
556
557 pthread_mutex_lock(&peer->io_mtx);
558 {
559 /* There should be at least one packet. */
560 s = stream_fifo_pop(peer->obuf);
561 if (!s)
562 return 0;
563 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
564 }
565 pthread_mutex_unlock(&peer->io_mtx);
566
567 /* Stop collecting data within the socket */
568 sockopt_cork(peer->fd, 0);
569
570 /*
571 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
572 * we only care about getting a clean shutdown at this point.
573 */
574 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
575
576 /*
577 * only connection reset/close gets counted as TCP_fatal_error, failure
578 * to write the entire NOTIFY doesn't get different FSM treatment
579 */
580 if (ret <= 0) {
581 stream_free(s);
582 BGP_EVENT_ADD(peer, TCP_fatal_error);
583 return 0;
584 }
585
586 /* Disable Nagle, make NOTIFY packet go out right away */
587 val = 1;
588 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
589 sizeof(val));
590
591 /* Retrieve BGP packet type. */
592 stream_set_getp(s, BGP_MARKER_SIZE + 2);
593 type = stream_getc(s);
594
595 assert(type == BGP_MSG_NOTIFY);
596
597 /* Type should be notify. */
598 peer->notify_out++;
599
600 /* Double start timer. */
601 peer->v_start *= 2;
602
603 /* Overflow check. */
604 if (peer->v_start >= (60 * 2))
605 peer->v_start = (60 * 2);
606
607 /*
608 * Handle Graceful Restart case where the state changes to
609 * Connect instead of Idle
610 */
611 BGP_EVENT_ADD(peer, BGP_Stop);
612
613 stream_free(s);
614
615 return 0;
616 }
617
618 /*
619 * Creates a BGP Notify and appends it to the peer's output queue.
620 *
621 * This function attempts to write the packet from the thread it is called
622 * from, to ensure the packet gets out ASAP.
623 *
624 * @param peer
625 * @param code BGP error code
626 * @param sub_code BGP error subcode
627 * @param data Data portion
628 * @param datalen length of data portion
629 */
630 void bgp_notify_send_with_data(struct peer *peer, u_char code, u_char sub_code,
631 u_char *data, size_t datalen)
632 {
633 struct stream *s;
634 int length;
635
636 /* Allocate new stream. */
637 s = stream_new(BGP_MAX_PACKET_SIZE);
638
639 /* Make notify packet. */
640 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
641
642 /* Set notify packet values. */
643 stream_putc(s, code); /* BGP notify code */
644 stream_putc(s, sub_code); /* BGP notify sub_code */
645
646 /* If notify data is present. */
647 if (data)
648 stream_write(s, data, datalen);
649
650 /* Set BGP packet length. */
651 length = bgp_packet_set_size(s);
652
653 /* wipe output buffer */
654 pthread_mutex_lock(&peer->io_mtx);
655 {
656 stream_fifo_clean(peer->obuf);
657 }
658 pthread_mutex_unlock(&peer->io_mtx);
659
660 /*
661 * If possible, store last packet for debugging purposes. This check is
662 * in place because we are sometimes called with a doppelganger peer,
663 * who tends to have a plethora of fields nulled out.
664 */
665 if (peer->curr && peer->last_reset_cause_size) {
666 size_t packetsize = stream_get_endp(peer->curr);
667 assert(packetsize <= peer->last_reset_cause_size);
668 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
669 peer->last_reset_cause_size = packetsize;
670 }
671
672 /* For debug */
673 {
674 struct bgp_notify bgp_notify;
675 int first = 0;
676 int i;
677 char c[4];
678
679 bgp_notify.code = code;
680 bgp_notify.subcode = sub_code;
681 bgp_notify.data = NULL;
682 bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE;
683 bgp_notify.raw_data = data;
684
685 peer->notify.code = bgp_notify.code;
686 peer->notify.subcode = bgp_notify.subcode;
687
688 if (bgp_notify.length) {
689 bgp_notify.data =
690 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
691 for (i = 0; i < bgp_notify.length; i++)
692 if (first) {
693 sprintf(c, " %02x", data[i]);
694 strcat(bgp_notify.data, c);
695 } else {
696 first = 1;
697 sprintf(c, "%02x", data[i]);
698 strcpy(bgp_notify.data, c);
699 }
700 }
701 bgp_notify_print(peer, &bgp_notify, "sending");
702
703 if (bgp_notify.data) {
704 XFREE(MTYPE_TMP, bgp_notify.data);
705 bgp_notify.data = NULL;
706 bgp_notify.length = 0;
707 }
708 }
709
710 /* peer reset cause */
711 if (code == BGP_NOTIFY_CEASE) {
712 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
713 peer->last_reset = PEER_DOWN_USER_RESET;
714 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
715 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
716 else
717 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
718 } else
719 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
720
721 /* Add packet to peer's output queue */
722 bgp_packet_add(peer, s);
723
724 bgp_write_notify(peer);
725 }
726
727 /*
728 * Creates a BGP Notify and appends it to the peer's output queue.
729 *
730 * This function attempts to write the packet from the thread it is called
731 * from, to ensure the packet gets out ASAP.
732 *
733 * @param peer
734 * @param code BGP error code
735 * @param sub_code BGP error subcode
736 */
737 void bgp_notify_send(struct peer *peer, u_char code, u_char sub_code)
738 {
739 bgp_notify_send_with_data(peer, code, sub_code, NULL, 0);
740 }
741
742 /*
743 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
744 *
745 * @param peer
746 * @param afi Address Family Identifier
747 * @param safi Subsequent Address Family Identifier
748 * @param orf_type Outbound Route Filtering type
749 * @param when_to_refresh Whether to refresh immediately or defer
750 * @param remove Whether to remove ORF for specified AFI/SAFI
751 */
752 void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
753 u_char orf_type, u_char when_to_refresh, int remove)
754 {
755 struct stream *s;
756 struct bgp_filter *filter;
757 int orf_refresh = 0;
758 iana_afi_t pkt_afi;
759 iana_safi_t pkt_safi;
760
761 if (DISABLE_BGP_ANNOUNCE)
762 return;
763
764 filter = &peer->filter[afi][safi];
765
766 /* Convert AFI, SAFI to values for packet. */
767 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
768
769 s = stream_new(BGP_MAX_PACKET_SIZE);
770
771 /* Make BGP update packet. */
772 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
773 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
774 else
775 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
776
777 /* Encode Route Refresh message. */
778 stream_putw(s, pkt_afi);
779 stream_putc(s, 0);
780 stream_putc(s, pkt_safi);
781
782 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
783 if (remove || filter->plist[FILTER_IN].plist) {
784 u_int16_t orf_len;
785 unsigned long orfp;
786
787 orf_refresh = 1;
788 stream_putc(s, when_to_refresh);
789 stream_putc(s, orf_type);
790 orfp = stream_get_endp(s);
791 stream_putw(s, 0);
792
793 if (remove) {
794 UNSET_FLAG(peer->af_sflags[afi][safi],
795 PEER_STATUS_ORF_PREFIX_SEND);
796 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
797 if (bgp_debug_neighbor_events(peer))
798 zlog_debug(
799 "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d",
800 peer->host, orf_type,
801 (when_to_refresh == REFRESH_DEFER
802 ? "defer"
803 : "immediate"),
804 pkt_afi, pkt_safi);
805 } else {
806 SET_FLAG(peer->af_sflags[afi][safi],
807 PEER_STATUS_ORF_PREFIX_SEND);
808 prefix_bgp_orf_entry(
809 s, filter->plist[FILTER_IN].plist,
810 ORF_COMMON_PART_ADD,
811 ORF_COMMON_PART_PERMIT,
812 ORF_COMMON_PART_DENY);
813 if (bgp_debug_neighbor_events(peer))
814 zlog_debug(
815 "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d",
816 peer->host, orf_type,
817 (when_to_refresh == REFRESH_DEFER
818 ? "defer"
819 : "immediate"),
820 pkt_afi, pkt_safi);
821 }
822
823 /* Total ORF Entry Len. */
824 orf_len = stream_get_endp(s) - orfp - 2;
825 stream_putw_at(s, orfp, orf_len);
826 }
827
828 /* Set packet size. */
829 (void)bgp_packet_set_size(s);
830
831 if (bgp_debug_neighbor_events(peer)) {
832 if (!orf_refresh)
833 zlog_debug("%s sending REFRESH_REQ for afi/safi: %d/%d",
834 peer->host, pkt_afi, pkt_safi);
835 }
836
837 /* Add packet to the peer. */
838 bgp_packet_add(peer, s);
839
840 bgp_writes_on(peer);
841 }
842
843 /*
844 * Create a BGP Capability packet and append it to the peer's output queue.
845 *
846 * @param peer
847 * @param afi Address Family Identifier
848 * @param safi Subsequent Address Family Identifier
849 * @param capability_code BGP Capability Code
850 * @param action Set or Remove capability
851 */
852 void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
853 int capability_code, int action)
854 {
855 struct stream *s;
856 iana_afi_t pkt_afi;
857 iana_safi_t pkt_safi;
858
859 /* Convert AFI, SAFI to values for packet. */
860 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
861
862 s = stream_new(BGP_MAX_PACKET_SIZE);
863
864 /* Make BGP update packet. */
865 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
866
867 /* Encode MP_EXT capability. */
868 if (capability_code == CAPABILITY_CODE_MP) {
869 stream_putc(s, action);
870 stream_putc(s, CAPABILITY_CODE_MP);
871 stream_putc(s, CAPABILITY_CODE_MP_LEN);
872 stream_putw(s, pkt_afi);
873 stream_putc(s, 0);
874 stream_putc(s, pkt_safi);
875
876 if (bgp_debug_neighbor_events(peer))
877 zlog_debug(
878 "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d",
879 peer->host,
880 action == CAPABILITY_ACTION_SET ? "Advertising"
881 : "Removing",
882 pkt_afi, pkt_safi);
883 }
884
885 /* Set packet size. */
886 (void)bgp_packet_set_size(s);
887
888 /* Add packet to the peer. */
889 bgp_packet_add(peer, s);
890
891 bgp_writes_on(peer);
892 }
893
894 /* RFC1771 6.8 Connection collision detection. */
895 static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
896 {
897 struct peer *peer;
898
899 /* Upon receipt of an OPEN message, the local system must examine
900 all of its connections that are in the OpenConfirm state. A BGP
901 speaker may also examine connections in an OpenSent state if it
902 knows the BGP Identifier of the peer by means outside of the
903 protocol. If among these connections there is a connection to a
904 remote BGP speaker whose BGP Identifier equals the one in the
905 OPEN message, then the local system performs the following
906 collision resolution procedure: */
907
908 if ((peer = new->doppelganger) != NULL) {
909 /* Do not accept the new connection in Established or Clearing
910 * states.
911 * Note that a peer GR is handled by closing the existing
912 * connection
913 * upon receipt of new one.
914 */
915 if (peer->status == Established || peer->status == Clearing) {
916 bgp_notify_send(new, BGP_NOTIFY_CEASE,
917 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
918 return (-1);
919 } else if ((peer->status == OpenConfirm)
920 || (peer->status == OpenSent)) {
921 /* 1. The BGP Identifier of the local system is compared
922 to
923 the BGP Identifier of the remote system (as specified
924 in
925 the OPEN message). */
926
927 if (ntohl(peer->local_id.s_addr)
928 < ntohl(remote_id.s_addr))
929 if (!CHECK_FLAG(peer->sflags,
930 PEER_STATUS_ACCEPT_PEER)) {
931 /* 2. If the value of the local BGP
932 Identifier is less
933 than the remote one, the local system
934 closes BGP
935 connection that already exists (the
936 one that is
937 already in the OpenConfirm state),
938 and accepts BGP
939 connection initiated by the remote
940 system. */
941 bgp_notify_send(
942 peer, BGP_NOTIFY_CEASE,
943 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
944 return 1;
945 } else {
946 bgp_notify_send(
947 new, BGP_NOTIFY_CEASE,
948 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
949 return -1;
950 }
951 else {
952 /* 3. Otherwise, the local system closes newly
953 created
954 BGP connection (the one associated with the
955 newly
956 received OPEN message), and continues to use
957 the
958 existing one (the one that is already in the
959 OpenConfirm state). */
960 if (CHECK_FLAG(peer->sflags,
961 PEER_STATUS_ACCEPT_PEER)) {
962 bgp_notify_send(
963 peer, BGP_NOTIFY_CEASE,
964 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
965 return 1;
966 } else {
967 bgp_notify_send(
968 new, BGP_NOTIFY_CEASE,
969 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
970 return -1;
971 }
972 }
973 }
974 }
975 return 0;
976 }
977
978 /* Packet processing routines ---------------------------------------------- */
979 /*
980 * This is a family of functions designed to be called from
981 * bgp_process_packet(). These functions all share similar behavior and should
982 * adhere to the following invariants and restrictions:
983 *
984 * Return codes
985 * ------------
986 * The return code of any one of those functions should be one of the FSM event
987 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
988 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
989 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
990 * error and Receive_OPEN_message otherwise.
991 *
992 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
993 * defined below.
994 *
995 * Side effects
996 * ------------
997 * - May send NOTIFY messages
998 * - May not modify peer->status
999 * - May not call bgp_event_update()
1000 */
1001
1002 #define BGP_PACKET_NOOP 0
1003
1004 /**
1005 * Process BGP OPEN message for peer.
1006 *
1007 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1008 * and returns BGP_Stop.
1009 *
1010 * @param peer
1011 * @param size size of the packet
1012 * @return as in summary
1013 */
1014 static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1015 {
1016 int ret;
1017 u_char version;
1018 u_char optlen;
1019 u_int16_t holdtime;
1020 u_int16_t send_holdtime;
1021 as_t remote_as;
1022 as_t as4 = 0;
1023 struct in_addr remote_id;
1024 int mp_capability;
1025 u_int8_t notify_data_remote_as[2];
1026 u_int8_t notify_data_remote_as4[4];
1027 u_int8_t notify_data_remote_id[4];
1028 u_int16_t *holdtime_ptr;
1029
1030 /* Parse open packet. */
1031 version = stream_getc(peer->curr);
1032 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1033 remote_as = stream_getw(peer->curr);
1034 holdtime_ptr = (u_int16_t *)stream_pnt(peer->curr);
1035 holdtime = stream_getw(peer->curr);
1036 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1037 remote_id.s_addr = stream_get_ipv4(peer->curr);
1038
1039 /* Receive OPEN message log */
1040 if (bgp_debug_neighbor_events(peer))
1041 zlog_debug(
1042 "%s rcv OPEN, version %d, remote-as (in open) %u,"
1043 " holdtime %d, id %s",
1044 peer->host, version, remote_as, holdtime,
1045 inet_ntoa(remote_id));
1046
1047 /* BEGIN to read the capability here, but dont do it yet */
1048 mp_capability = 0;
1049 optlen = stream_getc(peer->curr);
1050
1051 if (optlen != 0) {
1052 /* If not enough bytes, it is an error. */
1053 if (STREAM_READABLE(peer->curr) < optlen) {
1054 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1055 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1056 return BGP_Stop;
1057 }
1058
1059 /* We need the as4 capability value *right now* because
1060 * if it is there, we have not got the remote_as yet, and
1061 * without
1062 * that we do not know which peer is connecting to us now.
1063 */
1064 as4 = peek_for_as4_capability(peer, optlen);
1065 memcpy(notify_data_remote_as4, &as4, 4);
1066 }
1067
1068 /* Just in case we have a silly peer who sends AS4 capability set to 0
1069 */
1070 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
1071 zlog_err("%s bad OPEN, got AS4 capability, but AS4 set to 0",
1072 peer->host);
1073 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1074 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1075 notify_data_remote_as4, 4);
1076 return BGP_Stop;
1077 }
1078
1079 if (remote_as == BGP_AS_TRANS) {
1080 /* Take the AS4 from the capability. We must have received the
1081 * capability now! Otherwise we have a asn16 peer who uses
1082 * BGP_AS_TRANS, for some unknown reason.
1083 */
1084 if (as4 == BGP_AS_TRANS) {
1085 zlog_err(
1086 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1087 peer->host);
1088 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1089 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1090 notify_data_remote_as4, 4);
1091 return BGP_Stop;
1092 }
1093
1094 if (!as4 && BGP_DEBUG(as4, AS4))
1095 zlog_debug(
1096 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
1097 " Odd, but proceeding.",
1098 peer->host);
1099 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1100 zlog_debug(
1101 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
1102 "in 2-bytes, very odd peer.",
1103 peer->host, as4);
1104 if (as4)
1105 remote_as = as4;
1106 } else {
1107 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1108 */
1109 /* If we have got the capability, peer->as4cap must match
1110 * remote_as */
1111 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1112 && as4 != remote_as) {
1113 /* raise error, log this, close session */
1114 zlog_err(
1115 "%s bad OPEN, got AS4 capability, but remote_as %u"
1116 " mismatch with 16bit 'myasn' %u in open",
1117 peer->host, as4, remote_as);
1118 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1119 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1120 notify_data_remote_as4, 4);
1121 return BGP_Stop;
1122 }
1123 }
1124
1125 /* remote router-id check. */
1126 if (remote_id.s_addr == 0 || IPV4_CLASS_DE(ntohl(remote_id.s_addr))
1127 || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) {
1128 if (bgp_debug_neighbor_events(peer))
1129 zlog_debug("%s bad OPEN, wrong router identifier %s",
1130 peer->host, inet_ntoa(remote_id));
1131 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1132 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1133 notify_data_remote_id, 4);
1134 return BGP_Stop;
1135 }
1136
1137 /* Set remote router-id */
1138 peer->remote_id = remote_id;
1139
1140 /* Peer BGP version check. */
1141 if (version != BGP_VERSION_4) {
1142 u_int16_t maxver = htons(BGP_VERSION_4);
1143 /* XXX this reply may not be correct if version < 4 XXX */
1144 if (bgp_debug_neighbor_events(peer))
1145 zlog_debug(
1146 "%s bad protocol version, remote requested %d, local request %d",
1147 peer->host, version, BGP_VERSION_4);
1148 /* Data must be in network byte order here */
1149 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1150 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1151 (u_int8_t *)&maxver, 2);
1152 return BGP_Stop;
1153 }
1154
1155 /* Check neighbor as number. */
1156 if (peer->as_type == AS_UNSPECIFIED) {
1157 if (bgp_debug_neighbor_events(peer))
1158 zlog_debug(
1159 "%s bad OPEN, remote AS is unspecified currently",
1160 peer->host);
1161 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1162 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1163 notify_data_remote_as, 2);
1164 return BGP_Stop;
1165 } else if (peer->as_type == AS_INTERNAL) {
1166 if (remote_as != peer->bgp->as) {
1167 if (bgp_debug_neighbor_events(peer))
1168 zlog_debug(
1169 "%s bad OPEN, remote AS is %u, internal specified",
1170 peer->host, remote_as);
1171 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1172 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1173 notify_data_remote_as, 2);
1174 return BGP_Stop;
1175 }
1176 peer->as = peer->local_as;
1177 } else if (peer->as_type == AS_EXTERNAL) {
1178 if (remote_as == peer->bgp->as) {
1179 if (bgp_debug_neighbor_events(peer))
1180 zlog_debug(
1181 "%s bad OPEN, remote AS is %u, external specified",
1182 peer->host, remote_as);
1183 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1184 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1185 notify_data_remote_as, 2);
1186 return BGP_Stop;
1187 }
1188 peer->as = remote_as;
1189 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1190 if (bgp_debug_neighbor_events(peer))
1191 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1192 peer->host, remote_as, peer->as);
1193 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1194 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1195 notify_data_remote_as, 2);
1196 return BGP_Stop;
1197 }
1198
1199 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1200 calculate the value of the Hold Timer by using the smaller of its
1201 configured Hold Time and the Hold Time received in the OPEN message.
1202 The Hold Time MUST be either zero or at least three seconds. An
1203 implementation may reject connections on the basis of the Hold Time.
1204 */
1205
1206 if (holdtime < 3 && holdtime != 0) {
1207 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1208 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1209 (u_char *)holdtime_ptr, 2);
1210 return BGP_Stop;
1211 }
1212
1213 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1214 would be one third of the Hold Time interval. KEEPALIVE messages
1215 MUST NOT be sent more frequently than one per second. An
1216 implementation MAY adjust the rate at which it sends KEEPALIVE
1217 messages as a function of the Hold Time interval. */
1218
1219 if (PEER_OR_GROUP_TIMER_SET(peer))
1220 send_holdtime = peer->holdtime;
1221 else
1222 send_holdtime = peer->bgp->default_holdtime;
1223
1224 if (holdtime < send_holdtime)
1225 peer->v_holdtime = holdtime;
1226 else
1227 peer->v_holdtime = send_holdtime;
1228
1229 if ((PEER_OR_GROUP_TIMER_SET(peer))
1230 && (peer->keepalive < peer->v_holdtime / 3))
1231 peer->v_keepalive = peer->keepalive;
1232 else
1233 peer->v_keepalive = peer->v_holdtime / 3;
1234
1235 /* Open option part parse. */
1236 if (optlen != 0) {
1237 if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability))
1238 < 0)
1239 return BGP_Stop;
1240 } else {
1241 if (bgp_debug_neighbor_events(peer))
1242 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1243 peer->host);
1244 }
1245
1246 /*
1247 * Assume that the peer supports the locally configured set of
1248 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1249 * capabilities, or if 'override-capability' is configured.
1250 */
1251 if (!mp_capability
1252 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1253 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1254 peer->afc[AFI_IP][SAFI_UNICAST];
1255 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1256 peer->afc[AFI_IP][SAFI_MULTICAST];
1257 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1258 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1259 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1260 peer->afc[AFI_IP6][SAFI_UNICAST];
1261 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1262 peer->afc[AFI_IP6][SAFI_MULTICAST];
1263 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1264 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1265 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1266 peer->afc[AFI_L2VPN][SAFI_EVPN];
1267 }
1268
1269 /* When collision is detected and this peer is closed. Retrun
1270 immidiately. */
1271 ret = bgp_collision_detect(peer, remote_id);
1272 if (ret < 0)
1273 return BGP_Stop;
1274
1275 /* Get sockname. */
1276 if ((ret = bgp_getsockname(peer)) < 0) {
1277 zlog_err("%s: bgp_getsockname() failed for peer: %s",
1278 __FUNCTION__, peer->host);
1279 return BGP_Stop;
1280 }
1281
1282 /* Verify valid local address present based on negotiated
1283 * address-families. */
1284 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
1285 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1286 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1287 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1288 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
1289 if (!peer->nexthop.v4.s_addr) {
1290 #if defined(HAVE_CUMULUS)
1291 zlog_err(
1292 "%s: No local IPv4 addr resetting connection, fd %d",
1293 peer->host, peer->fd);
1294 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1295 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1296 return BGP_Stop;
1297 #endif
1298 }
1299 }
1300 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1301 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1302 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1303 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1304 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1305 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1306 #if defined(HAVE_CUMULUS)
1307 zlog_err(
1308 "%s: No local IPv6 addr resetting connection, fd %d",
1309 peer->host, peer->fd);
1310 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1311 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1312 return BGP_Stop;
1313 #endif
1314 }
1315 }
1316 peer->rtt = sockopt_tcp_rtt(peer->fd);
1317
1318 return Receive_OPEN_message;
1319 }
1320
1321 /**
1322 * Process BGP KEEPALIVE message for peer.
1323 *
1324 * @param peer
1325 * @param size size of the packet
1326 * @return as in summary
1327 */
1328 static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
1329 {
1330 if (bgp_debug_keepalive(peer))
1331 zlog_debug("%s KEEPALIVE rcvd", peer->host);
1332
1333 bgp_update_implicit_eors(peer);
1334
1335 return Receive_KEEPALIVE_message;
1336 }
1337
1338
1339 /**
1340 * Process BGP UPDATE message for peer.
1341 *
1342 * Parses UPDATE and creates attribute object.
1343 *
1344 * @param peer
1345 * @param size size of the packet
1346 * @return as in summary
1347 */
1348 static int bgp_update_receive(struct peer *peer, bgp_size_t size)
1349 {
1350 int ret, nlri_ret;
1351 u_char *end;
1352 struct stream *s;
1353 struct attr attr;
1354 bgp_size_t attribute_len;
1355 bgp_size_t update_len;
1356 bgp_size_t withdraw_len;
1357
1358 enum NLRI_TYPES {
1359 NLRI_UPDATE,
1360 NLRI_WITHDRAW,
1361 NLRI_MP_UPDATE,
1362 NLRI_MP_WITHDRAW,
1363 NLRI_TYPE_MAX
1364 };
1365 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1366
1367 /* Status must be Established. */
1368 if (peer->status != Established) {
1369 zlog_err("%s [FSM] Update packet received under status %s",
1370 peer->host,
1371 lookup_msg(bgp_status_msg, peer->status, NULL));
1372 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
1373 return BGP_Stop;
1374 }
1375
1376 /* Set initial values. */
1377 memset(&attr, 0, sizeof(struct attr));
1378 attr.label_index = BGP_INVALID_LABEL_INDEX;
1379 attr.label = MPLS_INVALID_LABEL;
1380 memset(&nlris, 0, sizeof(nlris));
1381 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1382 peer->rcvd_attr_printed = 0;
1383
1384 s = peer->curr;
1385 end = stream_pnt(s) + size;
1386
1387 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1388 Length is too large (i.e., if Unfeasible Routes Length + Total
1389 Attribute Length + 23 exceeds the message Length), then the Error
1390 Subcode is set to Malformed Attribute List. */
1391 if (stream_pnt(s) + 2 > end) {
1392 zlog_err(
1393 "%s [Error] Update packet error"
1394 " (packet length is short for unfeasible length)",
1395 peer->host);
1396 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1397 BGP_NOTIFY_UPDATE_MAL_ATTR);
1398 return BGP_Stop;
1399 }
1400
1401 /* Unfeasible Route Length. */
1402 withdraw_len = stream_getw(s);
1403
1404 /* Unfeasible Route Length check. */
1405 if (stream_pnt(s) + withdraw_len > end) {
1406 zlog_err(
1407 "%s [Error] Update packet error"
1408 " (packet unfeasible length overflow %d)",
1409 peer->host, withdraw_len);
1410 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1411 BGP_NOTIFY_UPDATE_MAL_ATTR);
1412 return BGP_Stop;
1413 }
1414
1415 /* Unfeasible Route packet format check. */
1416 if (withdraw_len > 0) {
1417 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1418 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1419 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1420 nlris[NLRI_WITHDRAW].length = withdraw_len;
1421 stream_forward_getp(s, withdraw_len);
1422 }
1423
1424 /* Attribute total length check. */
1425 if (stream_pnt(s) + 2 > end) {
1426 zlog_warn(
1427 "%s [Error] Packet Error"
1428 " (update packet is short for attribute length)",
1429 peer->host);
1430 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1431 BGP_NOTIFY_UPDATE_MAL_ATTR);
1432 return BGP_Stop;
1433 }
1434
1435 /* Fetch attribute total length. */
1436 attribute_len = stream_getw(s);
1437
1438 /* Attribute length check. */
1439 if (stream_pnt(s) + attribute_len > end) {
1440 zlog_warn(
1441 "%s [Error] Packet Error"
1442 " (update packet attribute length overflow %d)",
1443 peer->host, attribute_len);
1444 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1445 BGP_NOTIFY_UPDATE_MAL_ATTR);
1446 return BGP_Stop;
1447 }
1448
1449 /* Certain attribute parsing errors should not be considered bad enough
1450 * to reset the session for, most particularly any partial/optional
1451 * attributes that have 'tunneled' over speakers that don't understand
1452 * them. Instead we withdraw only the prefix concerned.
1453 *
1454 * Complicates the flow a little though..
1455 */
1456 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1457 /* This define morphs the update case into a withdraw when lower levels
1458 * have signalled an error condition where this is best.
1459 */
1460 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1461
1462 /* Parse attribute when it exists. */
1463 if (attribute_len) {
1464 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1465 &nlris[NLRI_MP_UPDATE],
1466 &nlris[NLRI_MP_WITHDRAW]);
1467 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1468 bgp_attr_unintern_sub(&attr);
1469 return BGP_Stop;
1470 }
1471 }
1472
1473 /* Logging the attribute. */
1474 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1475 || BGP_DEBUG(update, UPDATE_IN)
1476 || BGP_DEBUG(update, UPDATE_PREFIX)) {
1477 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ);
1478
1479 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1480 zlog_err(
1481 "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1482 peer->host);
1483
1484 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
1485 zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host,
1486 peer->rcvd_attr_str);
1487 peer->rcvd_attr_printed = 1;
1488 }
1489 }
1490
1491 /* Network Layer Reachability Information. */
1492 update_len = end - stream_pnt(s);
1493
1494 if (update_len) {
1495 /* Set NLRI portion to structure. */
1496 nlris[NLRI_UPDATE].afi = AFI_IP;
1497 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1498 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1499 nlris[NLRI_UPDATE].length = update_len;
1500 stream_forward_getp(s, update_len);
1501 }
1502
1503 if (BGP_DEBUG(update, UPDATE_IN))
1504 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1505 peer->host, withdraw_len, attribute_len, update_len);
1506
1507 /* Parse any given NLRIs */
1508 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
1509 if (!nlris[i].nlri)
1510 continue;
1511
1512 /* NLRI is processed iff the peer if configured for the specific
1513 * afi/safi */
1514 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
1515 zlog_info(
1516 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1517 peer->host, nlris[i].afi, nlris[i].safi);
1518 continue;
1519 }
1520
1521 /* EoR handled later */
1522 if (nlris[i].length == 0)
1523 continue;
1524
1525 switch (i) {
1526 case NLRI_UPDATE:
1527 case NLRI_MP_UPDATE:
1528 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
1529 &nlris[i], 0);
1530 break;
1531 case NLRI_WITHDRAW:
1532 case NLRI_MP_WITHDRAW:
1533 nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1);
1534 break;
1535 default:
1536 nlri_ret = -1;
1537 }
1538
1539 if (nlri_ret < 0) {
1540 zlog_err("%s [Error] Error parsing NLRI", peer->host);
1541 if (peer->status == Established)
1542 bgp_notify_send(
1543 peer, BGP_NOTIFY_UPDATE_ERR,
1544 i <= NLRI_WITHDRAW
1545 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1546 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1547 bgp_attr_unintern_sub(&attr);
1548 return BGP_Stop;
1549 }
1550 }
1551
1552 /* EoR checks
1553 *
1554 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1555 * and MP EoR should have only an empty MP_UNREACH
1556 */
1557 if ((!update_len && !withdraw_len &&
1558 nlris[NLRI_MP_UPDATE].length == 0) ||
1559 (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
1560 afi_t afi = 0;
1561 safi_t safi;
1562
1563 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1564 * checked
1565 * update and withdraw NLRI lengths are 0.
1566 */
1567 if (!attribute_len) {
1568 afi = AFI_IP;
1569 safi = SAFI_UNICAST;
1570 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
1571 && nlris[NLRI_MP_WITHDRAW].length == 0) {
1572 afi = nlris[NLRI_MP_WITHDRAW].afi;
1573 safi = nlris[NLRI_MP_WITHDRAW].safi;
1574 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
1575 afi = nlris[NLRI_MP_UPDATE].afi;
1576 safi = nlris[NLRI_MP_UPDATE].safi;
1577 }
1578
1579 if (afi && peer->afc[afi][safi]) {
1580 /* End-of-RIB received */
1581 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
1582 PEER_STATUS_EOR_RECEIVED)) {
1583 SET_FLAG(peer->af_sflags[afi][safi],
1584 PEER_STATUS_EOR_RECEIVED);
1585 bgp_update_explicit_eors(peer);
1586 }
1587
1588 /* NSF delete stale route */
1589 if (peer->nsf[afi][safi])
1590 bgp_clear_stale_route(peer, afi, safi);
1591
1592 if (bgp_debug_neighbor_events(peer)) {
1593 zlog_debug("rcvd End-of-RIB for %s from %s",
1594 afi_safi_print(afi, safi),
1595 peer->host);
1596 }
1597 }
1598 }
1599
1600 /* Everything is done. We unintern temporary structures which
1601 interned in bgp_attr_parse(). */
1602 bgp_attr_unintern_sub(&attr);
1603
1604 peer->update_time = bgp_clock();
1605
1606 /* Rearm holdtime timer */
1607 BGP_TIMER_OFF(peer->t_holdtime);
1608 bgp_timer_set(peer);
1609
1610 return Receive_UPDATE_message;
1611 }
1612
1613 /**
1614 * Process BGP NOTIFY message for peer.
1615 *
1616 * @param peer
1617 * @param size size of the packet
1618 * @return as in summary
1619 */
1620 static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
1621 {
1622 struct bgp_notify bgp_notify;
1623
1624 if (peer->notify.data) {
1625 XFREE(MTYPE_TMP, peer->notify.data);
1626 peer->notify.data = NULL;
1627 peer->notify.length = 0;
1628 }
1629
1630 bgp_notify.code = stream_getc(peer->curr);
1631 bgp_notify.subcode = stream_getc(peer->curr);
1632 bgp_notify.length = size - 2;
1633 bgp_notify.data = NULL;
1634
1635 /* Preserv notify code and sub code. */
1636 peer->notify.code = bgp_notify.code;
1637 peer->notify.subcode = bgp_notify.subcode;
1638 /* For further diagnostic record returned Data. */
1639 if (bgp_notify.length) {
1640 peer->notify.length = size - 2;
1641 peer->notify.data = XMALLOC(MTYPE_TMP, size - 2);
1642 memcpy(peer->notify.data, stream_pnt(peer->curr), size - 2);
1643 }
1644
1645 /* For debug */
1646 {
1647 int i;
1648 int first = 0;
1649 char c[4];
1650
1651 if (bgp_notify.length) {
1652 bgp_notify.data =
1653 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
1654 for (i = 0; i < bgp_notify.length; i++)
1655 if (first) {
1656 sprintf(c, " %02x",
1657 stream_getc(peer->curr));
1658 strcat(bgp_notify.data, c);
1659 } else {
1660 first = 1;
1661 sprintf(c, "%02x",
1662 stream_getc(peer->curr));
1663 strcpy(bgp_notify.data, c);
1664 }
1665 bgp_notify.raw_data = (u_char *)peer->notify.data;
1666 }
1667
1668 bgp_notify_print(peer, &bgp_notify, "received");
1669 if (bgp_notify.data) {
1670 XFREE(MTYPE_TMP, bgp_notify.data);
1671 bgp_notify.data = NULL;
1672 bgp_notify.length = 0;
1673 }
1674 }
1675
1676 /* peer count update */
1677 peer->notify_in++;
1678
1679 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1680
1681 /* We have to check for Notify with Unsupported Optional Parameter.
1682 in that case we fallback to open without the capability option.
1683 But this done in bgp_stop. We just mark it here to avoid changing
1684 the fsm tables. */
1685 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR
1686 && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
1687 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1688
1689 return Receive_NOTIFICATION_message;
1690 }
1691
1692 /**
1693 * Process BGP ROUTEREFRESH message for peer.
1694 *
1695 * @param peer
1696 * @param size size of the packet
1697 * @return as in summary
1698 */
1699 static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
1700 {
1701 iana_afi_t pkt_afi;
1702 afi_t afi;
1703 iana_safi_t pkt_safi;
1704 safi_t safi;
1705 struct stream *s;
1706 struct peer_af *paf;
1707 struct update_group *updgrp;
1708 struct peer *updgrp_peer;
1709
1710 /* If peer does not have the capability, send notification. */
1711 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
1712 zlog_err("%s [Error] BGP route refresh is not enabled",
1713 peer->host);
1714 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
1715 BGP_NOTIFY_HEADER_BAD_MESTYPE);
1716 return BGP_Stop;
1717 }
1718
1719 /* Status must be Established. */
1720 if (peer->status != Established) {
1721 zlog_err(
1722 "%s [Error] Route refresh packet received under status %s",
1723 peer->host,
1724 lookup_msg(bgp_status_msg, peer->status, NULL));
1725 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
1726 return BGP_Stop;
1727 }
1728
1729 s = peer->curr;
1730
1731 /* Parse packet. */
1732 pkt_afi = stream_getw(s);
1733 (void)stream_getc(s);
1734 pkt_safi = stream_getc(s);
1735
1736 if (bgp_debug_update(peer, NULL, NULL, 0))
1737 zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %d/%d",
1738 peer->host, pkt_afi, pkt_safi);
1739
1740 /* Convert AFI, SAFI to internal values and check. */
1741 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1742 zlog_info(
1743 "%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored",
1744 peer->host, pkt_afi, pkt_safi);
1745 return BGP_PACKET_NOOP;
1746 }
1747
1748 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
1749 u_char *end;
1750 u_char when_to_refresh;
1751 u_char orf_type;
1752 u_int16_t orf_len;
1753
1754 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1755 < 5) {
1756 zlog_info("%s ORF route refresh length error",
1757 peer->host);
1758 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
1759 return BGP_Stop;
1760 }
1761
1762 when_to_refresh = stream_getc(s);
1763 end = stream_pnt(s) + (size - 5);
1764
1765 while ((stream_pnt(s) + 2) < end) {
1766 orf_type = stream_getc(s);
1767 orf_len = stream_getw(s);
1768
1769 /* orf_len in bounds? */
1770 if ((stream_pnt(s) + orf_len) > end)
1771 break; /* XXX: Notify instead?? */
1772 if (orf_type == ORF_TYPE_PREFIX
1773 || orf_type == ORF_TYPE_PREFIX_OLD) {
1774 uint8_t *p_pnt = stream_pnt(s);
1775 uint8_t *p_end = stream_pnt(s) + orf_len;
1776 struct orf_prefix orfp;
1777 u_char common = 0;
1778 u_int32_t seq;
1779 int psize;
1780 char name[BUFSIZ];
1781 int ret = CMD_SUCCESS;
1782
1783 if (bgp_debug_neighbor_events(peer)) {
1784 zlog_debug(
1785 "%s rcvd Prefixlist ORF(%d) length %d",
1786 peer->host, orf_type, orf_len);
1787 }
1788
1789 /* we're going to read at least 1 byte of common
1790 * ORF header,
1791 * and 7 bytes of ORF Address-filter entry from
1792 * the stream
1793 */
1794 if (orf_len < 7)
1795 break;
1796
1797 /* ORF prefix-list name */
1798 sprintf(name, "%s.%d.%d", peer->host, afi,
1799 safi);
1800
1801 while (p_pnt < p_end) {
1802 /* If the ORF entry is malformed, want
1803 * to read as much of it
1804 * as possible without going beyond the
1805 * bounds of the entry,
1806 * to maximise debug information.
1807 */
1808 int ok;
1809 memset(&orfp, 0,
1810 sizeof(struct orf_prefix));
1811 common = *p_pnt++;
1812 /* after ++: p_pnt <= p_end */
1813 if (common
1814 & ORF_COMMON_PART_REMOVE_ALL) {
1815 if (bgp_debug_neighbor_events(
1816 peer))
1817 zlog_debug(
1818 "%s rcvd Remove-All pfxlist ORF request",
1819 peer->host);
1820 prefix_bgp_orf_remove_all(afi,
1821 name);
1822 break;
1823 }
1824 ok = ((u_int32_t)(p_end - p_pnt)
1825 >= sizeof(u_int32_t));
1826 if (ok) {
1827 memcpy(&seq, p_pnt,
1828 sizeof(u_int32_t));
1829 p_pnt += sizeof(u_int32_t);
1830 orfp.seq = ntohl(seq);
1831 } else
1832 p_pnt = p_end;
1833
1834 if ((ok = (p_pnt < p_end)))
1835 orfp.ge =
1836 *p_pnt++; /* value
1837 checked in
1838 prefix_bgp_orf_set()
1839 */
1840 if ((ok = (p_pnt < p_end)))
1841 orfp.le =
1842 *p_pnt++; /* value
1843 checked in
1844 prefix_bgp_orf_set()
1845 */
1846 if ((ok = (p_pnt < p_end)))
1847 orfp.p.prefixlen = *p_pnt++;
1848 orfp.p.family = afi2family(
1849 afi); /* afi checked already */
1850
1851 psize = PSIZE(
1852 orfp.p.prefixlen); /* 0 if not
1853 ok */
1854 if (psize
1855 > prefix_blen(
1856 &orfp.p)) /* valid for
1857 family ? */
1858 {
1859 ok = 0;
1860 psize = prefix_blen(&orfp.p);
1861 }
1862 if (psize
1863 > (p_end - p_pnt)) /* valid for
1864 packet ? */
1865 {
1866 ok = 0;
1867 psize = p_end - p_pnt;
1868 }
1869
1870 if (psize > 0)
1871 memcpy(&orfp.p.u.prefix, p_pnt,
1872 psize);
1873 p_pnt += psize;
1874
1875 if (bgp_debug_neighbor_events(peer)) {
1876 char buf[INET6_BUFSIZ];
1877
1878 zlog_debug(
1879 "%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
1880 peer->host,
1881 (common & ORF_COMMON_PART_REMOVE
1882 ? "Remove"
1883 : "Add"),
1884 (common & ORF_COMMON_PART_DENY
1885 ? "deny"
1886 : "permit"),
1887 orfp.seq,
1888 inet_ntop(
1889 orfp.p.family,
1890 &orfp.p.u.prefix,
1891 buf,
1892 INET6_BUFSIZ),
1893 orfp.p.prefixlen,
1894 orfp.ge, orfp.le,
1895 ok ? "" : " MALFORMED");
1896 }
1897
1898 if (ok)
1899 ret = prefix_bgp_orf_set(
1900 name, afi, &orfp,
1901 (common & ORF_COMMON_PART_DENY
1902 ? 0
1903 : 1),
1904 (common & ORF_COMMON_PART_REMOVE
1905 ? 0
1906 : 1));
1907
1908 if (!ok || (ok && ret != CMD_SUCCESS)) {
1909 zlog_info(
1910 "%s Received misformatted prefixlist ORF."
1911 " Remove All pfxlist",
1912 peer->host);
1913 prefix_bgp_orf_remove_all(afi,
1914 name);
1915 break;
1916 }
1917 }
1918
1919 peer->orf_plist[afi][safi] =
1920 prefix_bgp_orf_lookup(afi, name);
1921 }
1922 stream_forward_getp(s, orf_len);
1923 }
1924 if (bgp_debug_neighbor_events(peer))
1925 zlog_debug("%s rcvd Refresh %s ORF request", peer->host,
1926 when_to_refresh == REFRESH_DEFER
1927 ? "Defer"
1928 : "Immediate");
1929 if (when_to_refresh == REFRESH_DEFER)
1930 return BGP_PACKET_NOOP;
1931 }
1932
1933 /* First update is deferred until ORF or ROUTE-REFRESH is received */
1934 if (CHECK_FLAG(peer->af_sflags[afi][safi],
1935 PEER_STATUS_ORF_WAIT_REFRESH))
1936 UNSET_FLAG(peer->af_sflags[afi][safi],
1937 PEER_STATUS_ORF_WAIT_REFRESH);
1938
1939 paf = peer_af_find(peer, afi, safi);
1940 if (paf && paf->subgroup) {
1941 if (peer->orf_plist[afi][safi]) {
1942 updgrp = PAF_UPDGRP(paf);
1943 updgrp_peer = UPDGRP_PEER(updgrp);
1944 updgrp_peer->orf_plist[afi][safi] =
1945 peer->orf_plist[afi][safi];
1946 }
1947
1948 /* If the peer is configured for default-originate clear the
1949 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
1950 * re-advertise the
1951 * default
1952 */
1953 if (CHECK_FLAG(paf->subgroup->sflags,
1954 SUBGRP_STATUS_DEFAULT_ORIGINATE))
1955 UNSET_FLAG(paf->subgroup->sflags,
1956 SUBGRP_STATUS_DEFAULT_ORIGINATE);
1957 }
1958
1959 /* Perform route refreshment to the peer */
1960 bgp_announce_route(peer, afi, safi);
1961
1962 /* No FSM action necessary */
1963 return BGP_PACKET_NOOP;
1964 }
1965
1966 /**
1967 * Parse BGP CAPABILITY message for peer.
1968 *
1969 * @param peer
1970 * @param size size of the packet
1971 * @return as in summary
1972 */
1973 static int bgp_capability_msg_parse(struct peer *peer, u_char *pnt,
1974 bgp_size_t length)
1975 {
1976 u_char *end;
1977 struct capability_mp_data mpc;
1978 struct capability_header *hdr;
1979 u_char action;
1980 iana_afi_t pkt_afi;
1981 afi_t afi;
1982 iana_safi_t pkt_safi;
1983 safi_t safi;
1984
1985 end = pnt + length;
1986
1987 while (pnt < end) {
1988 /* We need at least action, capability code and capability
1989 * length. */
1990 if (pnt + 3 > end) {
1991 zlog_info("%s Capability length error", peer->host);
1992 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
1993 return BGP_Stop;
1994 }
1995 action = *pnt;
1996 hdr = (struct capability_header *)(pnt + 1);
1997
1998 /* Action value check. */
1999 if (action != CAPABILITY_ACTION_SET
2000 && action != CAPABILITY_ACTION_UNSET) {
2001 zlog_info("%s Capability Action Value error %d",
2002 peer->host, action);
2003 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2004 return BGP_Stop;
2005 }
2006
2007 if (bgp_debug_neighbor_events(peer))
2008 zlog_debug(
2009 "%s CAPABILITY has action: %d, code: %u, length %u",
2010 peer->host, action, hdr->code, hdr->length);
2011
2012 /* Capability length check. */
2013 if ((pnt + hdr->length + 3) > end) {
2014 zlog_info("%s Capability length error", peer->host);
2015 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2016 return BGP_Stop;
2017 }
2018
2019 /* Fetch structure to the byte stream. */
2020 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
2021 pnt += hdr->length + 3;
2022
2023 /* We know MP Capability Code. */
2024 if (hdr->code == CAPABILITY_CODE_MP) {
2025 pkt_afi = ntohs(mpc.afi);
2026 pkt_safi = mpc.safi;
2027
2028 /* Ignore capability when override-capability is set. */
2029 if (CHECK_FLAG(peer->flags,
2030 PEER_FLAG_OVERRIDE_CAPABILITY))
2031 continue;
2032
2033 /* Convert AFI, SAFI to internal values. */
2034 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2035 &safi)) {
2036 if (bgp_debug_neighbor_events(peer))
2037 zlog_debug(
2038 "%s Dynamic Capability MP_EXT afi/safi invalid "
2039 "(%u/%u)",
2040 peer->host, pkt_afi, pkt_safi);
2041 continue;
2042 }
2043
2044 /* Address family check. */
2045 if (bgp_debug_neighbor_events(peer))
2046 zlog_debug(
2047 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2048 peer->host,
2049 action == CAPABILITY_ACTION_SET
2050 ? "Advertising"
2051 : "Removing",
2052 pkt_afi, pkt_safi);
2053
2054 if (action == CAPABILITY_ACTION_SET) {
2055 peer->afc_recv[afi][safi] = 1;
2056 if (peer->afc[afi][safi]) {
2057 peer->afc_nego[afi][safi] = 1;
2058 bgp_announce_route(peer, afi, safi);
2059 }
2060 } else {
2061 peer->afc_recv[afi][safi] = 0;
2062 peer->afc_nego[afi][safi] = 0;
2063
2064 if (peer_active_nego(peer))
2065 bgp_clear_route(peer, afi, safi);
2066 else
2067 return BGP_Stop;
2068 }
2069 } else {
2070 zlog_warn(
2071 "%s unrecognized capability code: %d - ignored",
2072 peer->host, hdr->code);
2073 }
2074 }
2075
2076 /* No FSM action necessary */
2077 return BGP_PACKET_NOOP;
2078 }
2079
2080 /**
2081 * Parse BGP CAPABILITY message for peer.
2082 *
2083 * Exported for unit testing.
2084 *
2085 * @param peer
2086 * @param size size of the packet
2087 * @return as in summary
2088 */
2089 int bgp_capability_receive(struct peer *peer, bgp_size_t size)
2090 {
2091 u_char *pnt;
2092
2093 /* Fetch pointer. */
2094 pnt = stream_pnt(peer->curr);
2095
2096 if (bgp_debug_neighbor_events(peer))
2097 zlog_debug("%s rcv CAPABILITY", peer->host);
2098
2099 /* If peer does not have the capability, send notification. */
2100 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
2101 zlog_err("%s [Error] BGP dynamic capability is not enabled",
2102 peer->host);
2103 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2104 BGP_NOTIFY_HEADER_BAD_MESTYPE);
2105 return BGP_Stop;
2106 }
2107
2108 /* Status must be Established. */
2109 if (peer->status != Established) {
2110 zlog_err(
2111 "%s [Error] Dynamic capability packet received under status %s",
2112 peer->host,
2113 lookup_msg(bgp_status_msg, peer->status, NULL));
2114 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
2115 return BGP_Stop;
2116 }
2117
2118 /* Parse packet. */
2119 return bgp_capability_msg_parse(peer, pnt, size);
2120 }
2121
2122 /**
2123 * Processes a peer's input buffer.
2124 *
2125 * This function sidesteps the event loop and directly calls bgp_event_update()
2126 * after processing each BGP message. This is necessary to ensure proper
2127 * ordering of FSM events and unifies the behavior that was present previously,
2128 * whereby some of the packet handling functions would update the FSM and some
2129 * would not, making event flow difficult to understand. Please think twice
2130 * before hacking this.
2131 *
2132 * Thread type: THREAD_EVENT
2133 * @param thread
2134 * @return 0
2135 */
2136 int bgp_process_packet(struct thread *thread)
2137 {
2138 /* Yes first of all get peer pointer. */
2139 struct peer *peer; // peer
2140 uint32_t rpkt_quanta_old; // how many packets to read
2141 int fsm_update_result; // return code of bgp_event_update()
2142 int mprc; // message processing return code
2143
2144 peer = THREAD_ARG(thread);
2145 /*
2146 * This functionality is presently disabled. Unfortunately due to the
2147 * way bgpd is structured, reading more than one packet per input cycle
2148 * severely impacts convergence time. This is because advancing the
2149 * state of the routing table based on prefixes learned from one peer
2150 * prior to all (or at least most) peers being established and placed
2151 * into an update-group will make UPDATE generation starve
2152 * bgp_accept(), delaying convergence. This is a deficiency that needs
2153 * to be fixed elsewhere in the codebase, but for now our hand is
2154 * forced.
2155 */
2156 #if 0
2157 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2158 memory_order_relaxed);
2159 #endif
2160 rpkt_quanta_old = 1;
2161 fsm_update_result = 0;
2162
2163 /* Guard against scheduled events that occur after peer deletion. */
2164 if (peer->status == Deleted || peer->status == Clearing)
2165 return 0;
2166
2167 unsigned int processed = 0;
2168
2169 while (processed < rpkt_quanta_old) {
2170 u_char type = 0;
2171 bgp_size_t size;
2172 char notify_data_length[2];
2173
2174 pthread_mutex_lock(&peer->io_mtx);
2175 {
2176 peer->curr = stream_fifo_pop(peer->ibuf);
2177 }
2178 pthread_mutex_unlock(&peer->io_mtx);
2179
2180 if (peer->curr == NULL) // no packets to process, hmm...
2181 return 0;
2182
2183 /* skip the marker and copy the packet length */
2184 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2185 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2186
2187 /* read in the packet length and type */
2188 size = stream_getw(peer->curr);
2189 type = stream_getc(peer->curr);
2190
2191 /* BGP packet dump function. */
2192 bgp_dump_packet(peer, type, peer->curr);
2193
2194 /* adjust size to exclude the marker + length + type */
2195 size -= BGP_HEADER_SIZE;
2196
2197 /* Read rest of the packet and call each sort of packet routine
2198 */
2199 switch (type) {
2200 case BGP_MSG_OPEN:
2201 peer->open_in++;
2202 mprc = bgp_open_receive(peer, size);
2203 if (mprc == BGP_Stop)
2204 zlog_err(
2205 "%s: BGP OPEN receipt failed for peer: %s",
2206 __FUNCTION__, peer->host);
2207 break;
2208 case BGP_MSG_UPDATE:
2209 peer->update_in++;
2210 peer->readtime = monotime(NULL);
2211 mprc = bgp_update_receive(peer, size);
2212 if (mprc == BGP_Stop)
2213 zlog_err(
2214 "%s: BGP UPDATE receipt failed for peer: %s",
2215 __FUNCTION__, peer->host);
2216 break;
2217 case BGP_MSG_NOTIFY:
2218 peer->notify_in++;
2219 mprc = bgp_notify_receive(peer, size);
2220 if (mprc == BGP_Stop)
2221 zlog_err(
2222 "%s: BGP NOTIFY receipt failed for peer: %s",
2223 __FUNCTION__, peer->host);
2224 break;
2225 case BGP_MSG_KEEPALIVE:
2226 peer->readtime = monotime(NULL);
2227 peer->keepalive_in++;
2228 mprc = bgp_keepalive_receive(peer, size);
2229 if (mprc == BGP_Stop)
2230 zlog_err(
2231 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2232 __FUNCTION__, peer->host);
2233 break;
2234 case BGP_MSG_ROUTE_REFRESH_NEW:
2235 case BGP_MSG_ROUTE_REFRESH_OLD:
2236 peer->refresh_in++;
2237 mprc = bgp_route_refresh_receive(peer, size);
2238 if (mprc == BGP_Stop)
2239 zlog_err(
2240 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2241 __FUNCTION__, peer->host);
2242 break;
2243 case BGP_MSG_CAPABILITY:
2244 peer->dynamic_cap_in++;
2245 mprc = bgp_capability_receive(peer, size);
2246 if (mprc == BGP_Stop)
2247 zlog_err(
2248 "%s: BGP CAPABILITY receipt failed for peer: %s",
2249 __FUNCTION__, peer->host);
2250 break;
2251 default:
2252 /*
2253 * The message type should have been sanitized before
2254 * we ever got here. Receipt of a message with an
2255 * invalid header at this point is indicative of a
2256 * security issue.
2257 */
2258 assert (!"Message of invalid type received during input processing");
2259 }
2260
2261 /* delete processed packet */
2262 stream_free(peer->curr);
2263 peer->curr = NULL;
2264 processed++;
2265
2266 /* Update FSM */
2267 if (mprc != BGP_PACKET_NOOP)
2268 fsm_update_result = bgp_event_update(peer, mprc);
2269 else
2270 continue;
2271
2272 /*
2273 * If peer was deleted, do not process any more packets. This
2274 * is usually due to executing BGP_Stop or a stub deletion.
2275 */
2276 if (fsm_update_result == FSM_PEER_TRANSFERRED
2277 || fsm_update_result == FSM_PEER_STOPPED)
2278 break;
2279 }
2280
2281 if (fsm_update_result != FSM_PEER_TRANSFERRED
2282 && fsm_update_result != FSM_PEER_STOPPED) {
2283 pthread_mutex_lock(&peer->io_mtx);
2284 {
2285 // more work to do, come back later
2286 if (peer->ibuf->count > 0)
2287 thread_add_timer_msec(
2288 bm->master, bgp_process_packet, peer, 0,
2289 &peer->t_process_packet);
2290 }
2291 pthread_mutex_unlock(&peer->io_mtx);
2292 }
2293
2294 return 0;
2295 }
FRRouting mirror