]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_packet.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #4871 from vishaldhingra/ipv4_linklocal
[mirror_frr.git] / bgpd / bgp_packet.c
1 /* BGP packet management routine.
2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
4 * Copyright (C) 1999 Kunihiro Ishiguro
5 *
6 * This file is part of GNU Zebra.
7 *
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
11 * later version.
12 *
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 */
22
23 #include <zebra.h>
24 #include <sys/time.h>
25
26 #include "thread.h"
27 #include "stream.h"
28 #include "network.h"
29 #include "prefix.h"
30 #include "command.h"
31 #include "log.h"
32 #include "memory.h"
33 #include "sockunion.h" /* for inet_ntop () */
34 #include "sockopt.h"
35 #include "linklist.h"
36 #include "plist.h"
37 #include "queue.h"
38 #include "filter.h"
39 #include "lib_errors.h"
40
41 #include "bgpd/bgpd.h"
42 #include "bgpd/bgp_table.h"
43 #include "bgpd/bgp_dump.h"
44 #include "bgpd/bgp_attr.h"
45 #include "bgpd/bgp_debug.h"
46 #include "bgpd/bgp_errors.h"
47 #include "bgpd/bgp_fsm.h"
48 #include "bgpd/bgp_route.h"
49 #include "bgpd/bgp_packet.h"
50 #include "bgpd/bgp_open.h"
51 #include "bgpd/bgp_aspath.h"
52 #include "bgpd/bgp_community.h"
53 #include "bgpd/bgp_ecommunity.h"
54 #include "bgpd/bgp_lcommunity.h"
55 #include "bgpd/bgp_network.h"
56 #include "bgpd/bgp_mplsvpn.h"
57 #include "bgpd/bgp_evpn.h"
58 #include "bgpd/bgp_advertise.h"
59 #include "bgpd/bgp_vty.h"
60 #include "bgpd/bgp_updgrp.h"
61 #include "bgpd/bgp_label.h"
62 #include "bgpd/bgp_io.h"
63 #include "bgpd/bgp_keepalives.h"
64 #include "bgpd/bgp_flowspec.h"
65
66 DEFINE_HOOK(bgp_packet_dump,
67 (struct peer *peer, uint8_t type, bgp_size_t size,
68 struct stream *s),
69 (peer, type, size, s))
70
71 DEFINE_HOOK(bgp_packet_send,
72 (struct peer *peer, uint8_t type, bgp_size_t size,
73 struct stream *s),
74 (peer, type, size, s))
75
76 /**
77 * Sets marker and type fields for a BGP message.
78 *
79 * @param s the stream containing the packet
80 * @param type the packet type
81 * @return the size of the stream
82 */
83 int bgp_packet_set_marker(struct stream *s, uint8_t type)
84 {
85 int i;
86
87 /* Fill in marker. */
88 for (i = 0; i < BGP_MARKER_SIZE; i++)
89 stream_putc(s, 0xff);
90
91 /* Dummy total length. This field is should be filled in later on. */
92 stream_putw(s, 0);
93
94 /* BGP packet type. */
95 stream_putc(s, type);
96
97 /* Return current stream size. */
98 return stream_get_endp(s);
99 }
100
101 /**
102 * Sets size field for a BGP message.
103 *
104 * Size field is set to the size of the stream passed.
105 *
106 * @param s the stream containing the packet
107 * @return the size of the stream
108 */
109 int bgp_packet_set_size(struct stream *s)
110 {
111 int cp;
112
113 /* Preserve current pointer. */
114 cp = stream_get_endp(s);
115 stream_putw_at(s, BGP_MARKER_SIZE, cp);
116
117 return cp;
118 }
119
120 /*
121 * Push a packet onto the beginning of the peer's output queue.
122 * This function acquires the peer's write mutex before proceeding.
123 */
124 static void bgp_packet_add(struct peer *peer, struct stream *s)
125 {
126 pthread_mutex_lock(&peer->io_mtx);
127 stream_fifo_push(peer->obuf, s);
128 pthread_mutex_unlock(&peer->io_mtx);
129 }
130
131 static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
132 safi_t safi)
133 {
134 struct stream *s;
135 iana_afi_t pkt_afi;
136 iana_safi_t pkt_safi;
137
138 if (DISABLE_BGP_ANNOUNCE)
139 return NULL;
140
141 if (bgp_debug_neighbor_events(peer))
142 zlog_debug("send End-of-RIB for %s to %s",
143 get_afi_safi_str(afi, safi, false), peer->host);
144
145 s = stream_new(BGP_MAX_PACKET_SIZE);
146
147 /* Make BGP update packet. */
148 bgp_packet_set_marker(s, BGP_MSG_UPDATE);
149
150 /* Unfeasible Routes Length */
151 stream_putw(s, 0);
152
153 if (afi == AFI_IP && safi == SAFI_UNICAST) {
154 /* Total Path Attribute Length */
155 stream_putw(s, 0);
156 } else {
157 /* Convert AFI, SAFI to values for packet. */
158 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
159
160 /* Total Path Attribute Length */
161 stream_putw(s, 6);
162 stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
163 stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
164 stream_putc(s, 3);
165 stream_putw(s, pkt_afi);
166 stream_putc(s, pkt_safi);
167 }
168
169 bgp_packet_set_size(s);
170 return s;
171 }
172
173 /* Called when there is a change in the EOR(implicit or explicit) status of a
174 * peer. Ends the update-delay if all expected peers are done with EORs. */
175 void bgp_check_update_delay(struct bgp *bgp)
176 {
177 struct listnode *node, *nnode;
178 struct peer *peer = NULL;
179
180 if (bgp_debug_neighbor_events(peer))
181 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
182 bgp->established, bgp->restarted_peers,
183 bgp->implicit_eors, bgp->explicit_eors);
184
185 if (bgp->established
186 <= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
187 /*
188 * This is an extra sanity check to make sure we wait for all
189 * the eligible configured peers. This check is performed if
190 * establish wait timer is on, or establish wait option is not
191 * given with the update-delay command
192 */
193 if (bgp->t_establish_wait
194 || (bgp->v_establish_wait == bgp->v_update_delay))
195 for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
196 if (CHECK_FLAG(peer->flags,
197 PEER_FLAG_CONFIG_NODE)
198 && !CHECK_FLAG(peer->flags,
199 PEER_FLAG_SHUTDOWN)
200 && !peer->update_delay_over) {
201 if (bgp_debug_neighbor_events(peer))
202 zlog_debug(
203 " Peer %s pending, continuing read-only mode",
204 peer->host);
205 return;
206 }
207 }
208
209 zlog_info(
210 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
211 bgp->restarted_peers, bgp->implicit_eors,
212 bgp->explicit_eors);
213 bgp_update_delay_end(bgp);
214 }
215 }
216
217 /*
218 * Called if peer is known to have restarted. The restart-state bit in
219 * Graceful-Restart capability is used for that
220 */
221 void bgp_update_restarted_peers(struct peer *peer)
222 {
223 if (!bgp_update_delay_active(peer->bgp))
224 return; /* BGP update delay has ended */
225 if (peer->update_delay_over)
226 return; /* This peer has already been considered */
227
228 if (bgp_debug_neighbor_events(peer))
229 zlog_debug("Peer %s: Checking restarted", peer->host);
230
231 if (peer->status == Established) {
232 peer->update_delay_over = 1;
233 peer->bgp->restarted_peers++;
234 bgp_check_update_delay(peer->bgp);
235 }
236 }
237
238 /*
239 * Called as peer receives a keep-alive. Determines if this occurence can be
240 * taken as an implicit EOR for this peer.
241 * NOTE: The very first keep-alive after the Established state of a peer is
242 * considered implicit EOR for the update-delay purposes
243 */
244 void bgp_update_implicit_eors(struct peer *peer)
245 {
246 if (!bgp_update_delay_active(peer->bgp))
247 return; /* BGP update delay has ended */
248 if (peer->update_delay_over)
249 return; /* This peer has already been considered */
250
251 if (bgp_debug_neighbor_events(peer))
252 zlog_debug("Peer %s: Checking implicit EORs", peer->host);
253
254 if (peer->status == Established) {
255 peer->update_delay_over = 1;
256 peer->bgp->implicit_eors++;
257 bgp_check_update_delay(peer->bgp);
258 }
259 }
260
261 /*
262 * Should be called only when there is a change in the EOR_RECEIVED status
263 * for any afi/safi on a peer.
264 */
265 static void bgp_update_explicit_eors(struct peer *peer)
266 {
267 afi_t afi;
268 safi_t safi;
269
270 if (!bgp_update_delay_active(peer->bgp))
271 return; /* BGP update delay has ended */
272 if (peer->update_delay_over)
273 return; /* This peer has already been considered */
274
275 if (bgp_debug_neighbor_events(peer))
276 zlog_debug("Peer %s: Checking explicit EORs", peer->host);
277
278 for (afi = AFI_IP; afi < AFI_MAX; afi++)
279 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++) {
280 if (peer->afc_nego[afi][safi]
281 && !CHECK_FLAG(peer->af_sflags[afi][safi],
282 PEER_STATUS_EOR_RECEIVED)) {
283 if (bgp_debug_neighbor_events(peer))
284 zlog_debug(
285 " afi %d safi %d didn't receive EOR",
286 afi, safi);
287 return;
288 }
289 }
290
291 peer->update_delay_over = 1;
292 peer->bgp->explicit_eors++;
293 bgp_check_update_delay(peer->bgp);
294 }
295
296 /**
297 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
298 *
299 * mp_withdraw, if set, is used to nullify attr structure on most of the
300 * calling safi function and for evpn, passed as parameter
301 */
302 int bgp_nlri_parse(struct peer *peer, struct attr *attr,
303 struct bgp_nlri *packet, int mp_withdraw)
304 {
305 switch (packet->safi) {
306 case SAFI_UNICAST:
307 case SAFI_MULTICAST:
308 return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
309 packet);
310 case SAFI_LABELED_UNICAST:
311 return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
312 packet);
313 case SAFI_MPLS_VPN:
314 return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
315 packet);
316 case SAFI_EVPN:
317 return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
318 case SAFI_FLOWSPEC:
319 return bgp_nlri_parse_flowspec(peer, attr, packet, mp_withdraw);
320 }
321 return BGP_NLRI_PARSE_ERROR;
322 }
323
324 /*
325 * Checks a variety of conditions to determine whether the peer needs to be
326 * rescheduled for packet generation again, and does so if necessary.
327 *
328 * @param peer to check for rescheduling
329 */
330 static void bgp_write_proceed_actions(struct peer *peer)
331 {
332 afi_t afi;
333 safi_t safi;
334 struct peer_af *paf;
335 struct bpacket *next_pkt;
336 struct update_subgroup *subgrp;
337
338 FOREACH_AFI_SAFI (afi, safi) {
339 paf = peer_af_find(peer, afi, safi);
340 if (!paf)
341 continue;
342 subgrp = paf->subgroup;
343 if (!subgrp)
344 continue;
345
346 next_pkt = paf->next_pkt_to_send;
347 if (next_pkt && next_pkt->buffer) {
348 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
349 bgp_generate_updgrp_packets, 0);
350 return;
351 }
352
353 /* No packets readily available for AFI/SAFI, are there
354 * subgroup packets
355 * that need to be generated? */
356 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
357 SUBGRP_PKTQ(subgrp))
358 || subgroup_packets_to_build(subgrp)) {
359 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
360 bgp_generate_updgrp_packets, 0);
361 return;
362 }
363
364 /* No packets to send, see if EOR is pending */
365 if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
366 if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
367 && peer->synctime
368 && !CHECK_FLAG(peer->af_sflags[afi][safi],
369 PEER_STATUS_EOR_SEND)
370 && safi != SAFI_MPLS_VPN) {
371 BGP_TIMER_ON(peer->t_generate_updgrp_packets,
372 bgp_generate_updgrp_packets, 0);
373 return;
374 }
375 }
376 }
377 }
378
379 /*
380 * Generate advertisement information (withdraws, updates, EOR) from each
381 * update group a peer belongs to, encode this information into packets, and
382 * enqueue the packets onto the peer's output buffer.
383 */
384 int bgp_generate_updgrp_packets(struct thread *thread)
385 {
386 struct peer *peer = THREAD_ARG(thread);
387
388 struct stream *s;
389 struct peer_af *paf;
390 struct bpacket *next_pkt;
391 uint32_t wpq;
392 uint32_t generated = 0;
393 afi_t afi;
394 safi_t safi;
395
396 wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
397 memory_order_relaxed);
398
399 /*
400 * The code beyond this part deals with update packets, proceed only
401 * if peer is Established and updates are not on hold (as part of
402 * update-delay post processing).
403 */
404 if (peer->status != Established)
405 return 0;
406
407 if (peer->bgp->main_peers_update_hold)
408 return 0;
409
410 do {
411 s = NULL;
412 FOREACH_AFI_SAFI (afi, safi) {
413 paf = peer_af_find(peer, afi, safi);
414 if (!paf || !PAF_SUBGRP(paf))
415 continue;
416 next_pkt = paf->next_pkt_to_send;
417
418 /*
419 * Try to generate a packet for the peer if we are at
420 * the end of the list. Always try to push out
421 * WITHDRAWs first.
422 */
423 if (!next_pkt || !next_pkt->buffer) {
424 next_pkt = subgroup_withdraw_packet(
425 PAF_SUBGRP(paf));
426 if (!next_pkt || !next_pkt->buffer)
427 subgroup_update_packet(PAF_SUBGRP(paf));
428 next_pkt = paf->next_pkt_to_send;
429 }
430
431 /*
432 * If we still don't have a packet to send to the peer,
433 * then try to find out out if we have to send eor or
434 * if not, skip to the next AFI, SAFI. Don't send the
435 * EOR prematurely; if the subgroup's coalesce timer is
436 * running, the adjacency-out structure is not created
437 * yet.
438 */
439 if (!next_pkt || !next_pkt->buffer) {
440 if (CHECK_FLAG(peer->cap,
441 PEER_CAP_RESTART_RCV)) {
442 if (!(PAF_SUBGRP(paf))->t_coalesce
443 && peer->afc_nego[afi][safi]
444 && peer->synctime
445 && !CHECK_FLAG(
446 peer->af_sflags[afi]
447 [safi],
448 PEER_STATUS_EOR_SEND)) {
449 SET_FLAG(peer->af_sflags[afi]
450 [safi],
451 PEER_STATUS_EOR_SEND);
452
453 if ((s = bgp_update_packet_eor(
454 peer, afi,
455 safi))) {
456 bgp_packet_add(peer, s);
457 }
458 }
459 }
460 continue;
461 }
462
463
464 /* Found a packet template to send, overwrite
465 * packet with appropriate attributes from peer
466 * and advance peer */
467 s = bpacket_reformat_for_peer(next_pkt, paf);
468 bgp_packet_add(peer, s);
469 bpacket_queue_advance_peer(paf);
470 }
471 } while (s && (++generated < wpq));
472
473 if (generated)
474 bgp_writes_on(peer);
475
476 bgp_write_proceed_actions(peer);
477
478 return 0;
479 }
480
481 /*
482 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
483 */
484 void bgp_keepalive_send(struct peer *peer)
485 {
486 struct stream *s;
487
488 s = stream_new(BGP_MAX_PACKET_SIZE);
489
490 /* Make keepalive packet. */
491 bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
492
493 /* Set packet size. */
494 (void)bgp_packet_set_size(s);
495
496 /* Dump packet if debug option is set. */
497 /* bgp_packet_dump (s); */
498
499 if (bgp_debug_keepalive(peer))
500 zlog_debug("%s sending KEEPALIVE", peer->host);
501
502 /* Add packet to the peer. */
503 bgp_packet_add(peer, s);
504
505 bgp_writes_on(peer);
506 }
507
508 /*
509 * Creates a BGP Open packet and appends it to the peer's output queue.
510 * Sets capabilities as necessary.
511 */
512 void bgp_open_send(struct peer *peer)
513 {
514 struct stream *s;
515 uint16_t send_holdtime;
516 as_t local_as;
517
518 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
519 send_holdtime = peer->holdtime;
520 else
521 send_holdtime = peer->bgp->default_holdtime;
522
523 /* local-as Change */
524 if (peer->change_local_as)
525 local_as = peer->change_local_as;
526 else
527 local_as = peer->local_as;
528
529 s = stream_new(BGP_MAX_PACKET_SIZE);
530
531 /* Make open packet. */
532 bgp_packet_set_marker(s, BGP_MSG_OPEN);
533
534 /* Set open packet values. */
535 stream_putc(s, BGP_VERSION_4); /* BGP version */
536 stream_putw(s, (local_as <= BGP_AS_MAX) ? (uint16_t)local_as
537 : BGP_AS_TRANS);
538 stream_putw(s, send_holdtime); /* Hold Time */
539 stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
540
541 /* Set capability code. */
542 bgp_open_capability(s, peer);
543
544 /* Set BGP packet length. */
545 (void)bgp_packet_set_size(s);
546
547 if (bgp_debug_neighbor_events(peer))
548 zlog_debug(
549 "%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
550 peer->host, BGP_VERSION_4, local_as, send_holdtime,
551 inet_ntoa(peer->local_id));
552
553 /* Dump packet if debug option is set. */
554 /* bgp_packet_dump (s); */
555 hook_call(bgp_packet_send, peer, BGP_MSG_OPEN, stream_get_endp(s), s);
556
557 /* Add packet to the peer. */
558 bgp_packet_add(peer, s);
559
560 bgp_writes_on(peer);
561 }
562
563 /*
564 * Writes NOTIFICATION message directly to a peer socket without waiting for
565 * the I/O thread.
566 *
567 * There must be exactly one stream on the peer->obuf FIFO, and the data within
568 * this stream must match the format of a BGP NOTIFICATION message.
569 * Transmission is best-effort.
570 *
571 * @requires peer->io_mtx
572 * @param peer
573 * @return 0
574 */
575 static int bgp_write_notify(struct peer *peer)
576 {
577 int ret, val;
578 uint8_t type;
579 struct stream *s;
580
581 /* There should be at least one packet. */
582 s = stream_fifo_pop(peer->obuf);
583
584 if (!s)
585 return 0;
586
587 assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
588
589 /* Stop collecting data within the socket */
590 sockopt_cork(peer->fd, 0);
591
592 /*
593 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
594 * we only care about getting a clean shutdown at this point.
595 */
596 ret = write(peer->fd, STREAM_DATA(s), stream_get_endp(s));
597
598 /*
599 * only connection reset/close gets counted as TCP_fatal_error, failure
600 * to write the entire NOTIFY doesn't get different FSM treatment
601 */
602 if (ret <= 0) {
603 stream_free(s);
604 BGP_EVENT_ADD(peer, TCP_fatal_error);
605 return 0;
606 }
607
608 /* Disable Nagle, make NOTIFY packet go out right away */
609 val = 1;
610 (void)setsockopt(peer->fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val,
611 sizeof(val));
612
613 /* Retrieve BGP packet type. */
614 stream_set_getp(s, BGP_MARKER_SIZE + 2);
615 type = stream_getc(s);
616
617 assert(type == BGP_MSG_NOTIFY);
618
619 /* Type should be notify. */
620 atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
621 peer->notify_out++;
622
623 /* Double start timer. */
624 peer->v_start *= 2;
625
626 /* Overflow check. */
627 if (peer->v_start >= (60 * 2))
628 peer->v_start = (60 * 2);
629
630 /*
631 * Handle Graceful Restart case where the state changes to
632 * Connect instead of Idle
633 */
634 BGP_EVENT_ADD(peer, BGP_Stop);
635
636 stream_free(s);
637
638 return 0;
639 }
640
641 /*
642 * Creates a BGP Notify and appends it to the peer's output queue.
643 *
644 * This function attempts to write the packet from the thread it is called
645 * from, to ensure the packet gets out ASAP.
646 *
647 * This function may be called from multiple threads. Since the function
648 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
649 * call to prevent tampering from other threads.
650 *
651 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
652 * return, the peer structure *must* be reset; no assumptions about session
653 * state are valid.
654 *
655 * @param peer
656 * @param code BGP error code
657 * @param sub_code BGP error subcode
658 * @param data Data portion
659 * @param datalen length of data portion
660 */
661 void bgp_notify_send_with_data(struct peer *peer, uint8_t code,
662 uint8_t sub_code, uint8_t *data, size_t datalen)
663 {
664 struct stream *s;
665
666 /* Lock I/O mutex to prevent other threads from pushing packets */
667 pthread_mutex_lock(&peer->io_mtx);
668 /* ============================================== */
669
670 /* Allocate new stream. */
671 s = stream_new(BGP_MAX_PACKET_SIZE);
672
673 /* Make notify packet. */
674 bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
675
676 /* Set notify packet values. */
677 stream_putc(s, code); /* BGP notify code */
678 stream_putc(s, sub_code); /* BGP notify sub_code */
679
680 /* If notify data is present. */
681 if (data)
682 stream_write(s, data, datalen);
683
684 /* Set BGP packet length. */
685 bgp_packet_set_size(s);
686
687 /* wipe output buffer */
688 stream_fifo_clean(peer->obuf);
689
690 /*
691 * If possible, store last packet for debugging purposes. This check is
692 * in place because we are sometimes called with a doppelganger peer,
693 * who tends to have a plethora of fields nulled out.
694 */
695 if (peer->curr) {
696 size_t packetsize = stream_get_endp(peer->curr);
697 assert(packetsize <= sizeof(peer->last_reset_cause));
698 memcpy(peer->last_reset_cause, peer->curr->data, packetsize);
699 peer->last_reset_cause_size = packetsize;
700 }
701
702 /* For debug */
703 {
704 struct bgp_notify bgp_notify;
705 int first = 0;
706 int i;
707 char c[4];
708
709 bgp_notify.code = code;
710 bgp_notify.subcode = sub_code;
711 bgp_notify.data = NULL;
712 bgp_notify.length = datalen;
713 bgp_notify.raw_data = data;
714
715 peer->notify.code = bgp_notify.code;
716 peer->notify.subcode = bgp_notify.subcode;
717
718 if (bgp_notify.length && data) {
719 bgp_notify.data =
720 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
721 for (i = 0; i < bgp_notify.length; i++)
722 if (first) {
723 snprintf(c, sizeof(c), " %02x",
724 data[i]);
725 strlcat(bgp_notify.data, c,
726 bgp_notify.length);
727 } else {
728 first = 1;
729 snprintf(c, sizeof(c), "%02x", data[i]);
730 strlcpy(bgp_notify.data, c,
731 bgp_notify.length);
732 }
733 }
734 bgp_notify_print(peer, &bgp_notify, "sending");
735
736 if (bgp_notify.data) {
737 XFREE(MTYPE_TMP, bgp_notify.data);
738 bgp_notify.data = NULL;
739 bgp_notify.length = 0;
740 }
741 }
742
743 /* peer reset cause */
744 if (code == BGP_NOTIFY_CEASE) {
745 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
746 peer->last_reset = PEER_DOWN_USER_RESET;
747 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
748 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
749 else
750 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
751 } else
752 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
753
754 /* Add packet to peer's output queue */
755 stream_fifo_push(peer->obuf, s);
756
757 bgp_write_notify(peer);
758
759 /* ============================================== */
760 pthread_mutex_unlock(&peer->io_mtx);
761 }
762
763 /*
764 * Creates a BGP Notify and appends it to the peer's output queue.
765 *
766 * This function attempts to write the packet from the thread it is called
767 * from, to ensure the packet gets out ASAP.
768 *
769 * @param peer
770 * @param code BGP error code
771 * @param sub_code BGP error subcode
772 */
773 void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code)
774 {
775 bgp_notify_send_with_data(peer, code, sub_code, NULL, 0);
776 }
777
778 /*
779 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
780 *
781 * @param peer
782 * @param afi Address Family Identifier
783 * @param safi Subsequent Address Family Identifier
784 * @param orf_type Outbound Route Filtering type
785 * @param when_to_refresh Whether to refresh immediately or defer
786 * @param remove Whether to remove ORF for specified AFI/SAFI
787 */
788 void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
789 uint8_t orf_type, uint8_t when_to_refresh,
790 int remove)
791 {
792 struct stream *s;
793 struct bgp_filter *filter;
794 int orf_refresh = 0;
795 iana_afi_t pkt_afi;
796 iana_safi_t pkt_safi;
797
798 if (DISABLE_BGP_ANNOUNCE)
799 return;
800
801 filter = &peer->filter[afi][safi];
802
803 /* Convert AFI, SAFI to values for packet. */
804 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
805
806 s = stream_new(BGP_MAX_PACKET_SIZE);
807
808 /* Make BGP update packet. */
809 if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_NEW_RCV))
810 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
811 else
812 bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
813
814 /* Encode Route Refresh message. */
815 stream_putw(s, pkt_afi);
816 stream_putc(s, 0);
817 stream_putc(s, pkt_safi);
818
819 if (orf_type == ORF_TYPE_PREFIX || orf_type == ORF_TYPE_PREFIX_OLD)
820 if (remove || filter->plist[FILTER_IN].plist) {
821 uint16_t orf_len;
822 unsigned long orfp;
823
824 orf_refresh = 1;
825 stream_putc(s, when_to_refresh);
826 stream_putc(s, orf_type);
827 orfp = stream_get_endp(s);
828 stream_putw(s, 0);
829
830 if (remove) {
831 UNSET_FLAG(peer->af_sflags[afi][safi],
832 PEER_STATUS_ORF_PREFIX_SEND);
833 stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
834 if (bgp_debug_neighbor_events(peer))
835 zlog_debug(
836 "%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
837 peer->host, orf_type,
838 (when_to_refresh == REFRESH_DEFER
839 ? "defer"
840 : "immediate"),
841 iana_afi2str(pkt_afi),
842 iana_safi2str(pkt_safi));
843 } else {
844 SET_FLAG(peer->af_sflags[afi][safi],
845 PEER_STATUS_ORF_PREFIX_SEND);
846 prefix_bgp_orf_entry(
847 s, filter->plist[FILTER_IN].plist,
848 ORF_COMMON_PART_ADD,
849 ORF_COMMON_PART_PERMIT,
850 ORF_COMMON_PART_DENY);
851 if (bgp_debug_neighbor_events(peer))
852 zlog_debug(
853 "%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
854 peer->host, orf_type,
855 (when_to_refresh == REFRESH_DEFER
856 ? "defer"
857 : "immediate"),
858 iana_afi2str(pkt_afi),
859 iana_safi2str(pkt_safi));
860 }
861
862 /* Total ORF Entry Len. */
863 orf_len = stream_get_endp(s) - orfp - 2;
864 stream_putw_at(s, orfp, orf_len);
865 }
866
867 /* Set packet size. */
868 (void)bgp_packet_set_size(s);
869
870 if (bgp_debug_neighbor_events(peer)) {
871 if (!orf_refresh)
872 zlog_debug("%s sending REFRESH_REQ for afi/safi: %s/%s",
873 peer->host, iana_afi2str(pkt_afi),
874 iana_safi2str(pkt_safi));
875 }
876
877 /* Add packet to the peer. */
878 bgp_packet_add(peer, s);
879
880 bgp_writes_on(peer);
881 }
882
883 /*
884 * Create a BGP Capability packet and append it to the peer's output queue.
885 *
886 * @param peer
887 * @param afi Address Family Identifier
888 * @param safi Subsequent Address Family Identifier
889 * @param capability_code BGP Capability Code
890 * @param action Set or Remove capability
891 */
892 void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
893 int capability_code, int action)
894 {
895 struct stream *s;
896 iana_afi_t pkt_afi;
897 iana_safi_t pkt_safi;
898
899 /* Convert AFI, SAFI to values for packet. */
900 bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
901
902 s = stream_new(BGP_MAX_PACKET_SIZE);
903
904 /* Make BGP update packet. */
905 bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
906
907 /* Encode MP_EXT capability. */
908 if (capability_code == CAPABILITY_CODE_MP) {
909 stream_putc(s, action);
910 stream_putc(s, CAPABILITY_CODE_MP);
911 stream_putc(s, CAPABILITY_CODE_MP_LEN);
912 stream_putw(s, pkt_afi);
913 stream_putc(s, 0);
914 stream_putc(s, pkt_safi);
915
916 if (bgp_debug_neighbor_events(peer))
917 zlog_debug(
918 "%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
919 peer->host,
920 action == CAPABILITY_ACTION_SET ? "Advertising"
921 : "Removing",
922 iana_afi2str(pkt_afi), iana_safi2str(pkt_safi));
923 }
924
925 /* Set packet size. */
926 (void)bgp_packet_set_size(s);
927
928 /* Add packet to the peer. */
929 bgp_packet_add(peer, s);
930
931 bgp_writes_on(peer);
932 }
933
934 /* RFC1771 6.8 Connection collision detection. */
935 static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
936 {
937 struct peer *peer;
938
939 /* Upon receipt of an OPEN message, the local system must examine
940 all of its connections that are in the OpenConfirm state. A BGP
941 speaker may also examine connections in an OpenSent state if it
942 knows the BGP Identifier of the peer by means outside of the
943 protocol. If among these connections there is a connection to a
944 remote BGP speaker whose BGP Identifier equals the one in the
945 OPEN message, then the local system performs the following
946 collision resolution procedure: */
947
948 if ((peer = new->doppelganger) != NULL) {
949 /* Do not accept the new connection in Established or Clearing
950 * states.
951 * Note that a peer GR is handled by closing the existing
952 * connection
953 * upon receipt of new one.
954 */
955 if (peer->status == Established || peer->status == Clearing) {
956 bgp_notify_send(new, BGP_NOTIFY_CEASE,
957 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
958 return (-1);
959 } else if ((peer->status == OpenConfirm)
960 || (peer->status == OpenSent)) {
961 /* 1. The BGP Identifier of the local system is compared
962 to
963 the BGP Identifier of the remote system (as specified
964 in
965 the OPEN message). */
966
967 if (ntohl(peer->local_id.s_addr)
968 < ntohl(remote_id.s_addr))
969 if (!CHECK_FLAG(peer->sflags,
970 PEER_STATUS_ACCEPT_PEER)) {
971 /* 2. If the value of the local BGP
972 Identifier is less
973 than the remote one, the local system
974 closes BGP
975 connection that already exists (the
976 one that is
977 already in the OpenConfirm state),
978 and accepts BGP
979 connection initiated by the remote
980 system. */
981 bgp_notify_send(
982 peer, BGP_NOTIFY_CEASE,
983 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
984 return 1;
985 } else {
986 bgp_notify_send(
987 new, BGP_NOTIFY_CEASE,
988 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
989 return -1;
990 }
991 else {
992 /* 3. Otherwise, the local system closes newly
993 created
994 BGP connection (the one associated with the
995 newly
996 received OPEN message), and continues to use
997 the
998 existing one (the one that is already in the
999 OpenConfirm state). */
1000 if (CHECK_FLAG(peer->sflags,
1001 PEER_STATUS_ACCEPT_PEER)) {
1002 bgp_notify_send(
1003 peer, BGP_NOTIFY_CEASE,
1004 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1005 return 1;
1006 } else {
1007 bgp_notify_send(
1008 new, BGP_NOTIFY_CEASE,
1009 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
1010 return -1;
1011 }
1012 }
1013 }
1014 }
1015 return 0;
1016 }
1017
1018 /* Packet processing routines ---------------------------------------------- */
1019 /*
1020 * This is a family of functions designed to be called from
1021 * bgp_process_packet(). These functions all share similar behavior and should
1022 * adhere to the following invariants and restrictions:
1023 *
1024 * Return codes
1025 * ------------
1026 * The return code of any one of those functions should be one of the FSM event
1027 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1028 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1029 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1030 * error and Receive_OPEN_message otherwise.
1031 *
1032 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1033 * defined below.
1034 *
1035 * Side effects
1036 * ------------
1037 * - May send NOTIFY messages
1038 * - May not modify peer->status
1039 * - May not call bgp_event_update()
1040 */
1041
1042 #define BGP_PACKET_NOOP 0
1043
1044 /**
1045 * Process BGP OPEN message for peer.
1046 *
1047 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1048 * and returns BGP_Stop.
1049 *
1050 * @param peer
1051 * @param size size of the packet
1052 * @return as in summary
1053 */
1054 static int bgp_open_receive(struct peer *peer, bgp_size_t size)
1055 {
1056 int ret;
1057 uint8_t version;
1058 uint8_t optlen;
1059 uint16_t holdtime;
1060 uint16_t send_holdtime;
1061 as_t remote_as;
1062 as_t as4 = 0, as4_be;
1063 struct in_addr remote_id;
1064 int mp_capability;
1065 uint8_t notify_data_remote_as[2];
1066 uint8_t notify_data_remote_as4[4];
1067 uint8_t notify_data_remote_id[4];
1068 uint16_t *holdtime_ptr;
1069
1070 /* Parse open packet. */
1071 version = stream_getc(peer->curr);
1072 memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
1073 remote_as = stream_getw(peer->curr);
1074 holdtime_ptr = (uint16_t *)stream_pnt(peer->curr);
1075 holdtime = stream_getw(peer->curr);
1076 memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
1077 remote_id.s_addr = stream_get_ipv4(peer->curr);
1078
1079 /* Receive OPEN message log */
1080 if (bgp_debug_neighbor_events(peer))
1081 zlog_debug(
1082 "%s rcv OPEN, version %d, remote-as (in open) %u,"
1083 " holdtime %d, id %s",
1084 peer->host, version, remote_as, holdtime,
1085 inet_ntoa(remote_id));
1086
1087 /* BEGIN to read the capability here, but dont do it yet */
1088 mp_capability = 0;
1089 optlen = stream_getc(peer->curr);
1090
1091 if (optlen != 0) {
1092 /* If not enough bytes, it is an error. */
1093 if (STREAM_READABLE(peer->curr) < optlen) {
1094 bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
1095 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
1096 return BGP_Stop;
1097 }
1098
1099 /* We need the as4 capability value *right now* because
1100 * if it is there, we have not got the remote_as yet, and
1101 * without
1102 * that we do not know which peer is connecting to us now.
1103 */
1104 as4 = peek_for_as4_capability(peer, optlen);
1105 }
1106
1107 as4_be = htonl(as4);
1108 memcpy(notify_data_remote_as4, &as4_be, 4);
1109
1110 /* Just in case we have a silly peer who sends AS4 capability set to 0
1111 */
1112 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
1113 flog_err(EC_BGP_PKT_OPEN,
1114 "%s bad OPEN, got AS4 capability, but AS4 set to 0",
1115 peer->host);
1116 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1117 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1118 notify_data_remote_as4, 4);
1119 return BGP_Stop;
1120 }
1121
1122 if (remote_as == BGP_AS_TRANS) {
1123 /* Take the AS4 from the capability. We must have received the
1124 * capability now! Otherwise we have a asn16 peer who uses
1125 * BGP_AS_TRANS, for some unknown reason.
1126 */
1127 if (as4 == BGP_AS_TRANS) {
1128 flog_err(
1129 EC_BGP_PKT_OPEN,
1130 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1131 peer->host);
1132 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1133 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1134 notify_data_remote_as4, 4);
1135 return BGP_Stop;
1136 }
1137
1138 if (!as4 && BGP_DEBUG(as4, AS4))
1139 zlog_debug(
1140 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
1141 " Odd, but proceeding.",
1142 peer->host);
1143 else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
1144 zlog_debug(
1145 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
1146 "in 2-bytes, very odd peer.",
1147 peer->host, as4);
1148 if (as4)
1149 remote_as = as4;
1150 } else {
1151 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1152 */
1153 /* If we have got the capability, peer->as4cap must match
1154 * remote_as */
1155 if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
1156 && as4 != remote_as) {
1157 /* raise error, log this, close session */
1158 flog_err(
1159 EC_BGP_PKT_OPEN,
1160 "%s bad OPEN, got AS4 capability, but remote_as %u"
1161 " mismatch with 16bit 'myasn' %u in open",
1162 peer->host, as4, remote_as);
1163 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1164 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1165 notify_data_remote_as4, 4);
1166 return BGP_Stop;
1167 }
1168 }
1169
1170 /* remote router-id check. */
1171 if (remote_id.s_addr == 0 || IPV4_CLASS_DE(ntohl(remote_id.s_addr))
1172 || ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)) {
1173 if (bgp_debug_neighbor_events(peer))
1174 zlog_debug("%s bad OPEN, wrong router identifier %s",
1175 peer->host, inet_ntoa(remote_id));
1176 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1177 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1178 notify_data_remote_id, 4);
1179 return BGP_Stop;
1180 }
1181
1182 /* Set remote router-id */
1183 peer->remote_id = remote_id;
1184
1185 /* Peer BGP version check. */
1186 if (version != BGP_VERSION_4) {
1187 uint16_t maxver = htons(BGP_VERSION_4);
1188 /* XXX this reply may not be correct if version < 4 XXX */
1189 if (bgp_debug_neighbor_events(peer))
1190 zlog_debug(
1191 "%s bad protocol version, remote requested %d, local request %d",
1192 peer->host, version, BGP_VERSION_4);
1193 /* Data must be in network byte order here */
1194 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1195 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1196 (uint8_t *)&maxver, 2);
1197 return BGP_Stop;
1198 }
1199
1200 /* Check neighbor as number. */
1201 if (peer->as_type == AS_UNSPECIFIED) {
1202 if (bgp_debug_neighbor_events(peer))
1203 zlog_debug(
1204 "%s bad OPEN, remote AS is unspecified currently",
1205 peer->host);
1206 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1207 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1208 notify_data_remote_as, 2);
1209 return BGP_Stop;
1210 } else if (peer->as_type == AS_INTERNAL) {
1211 if (remote_as != peer->bgp->as) {
1212 if (bgp_debug_neighbor_events(peer))
1213 zlog_debug(
1214 "%s bad OPEN, remote AS is %u, internal specified",
1215 peer->host, remote_as);
1216 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1217 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1218 notify_data_remote_as, 2);
1219 return BGP_Stop;
1220 }
1221 peer->as = peer->local_as;
1222 } else if (peer->as_type == AS_EXTERNAL) {
1223 if (remote_as == peer->bgp->as) {
1224 if (bgp_debug_neighbor_events(peer))
1225 zlog_debug(
1226 "%s bad OPEN, remote AS is %u, external specified",
1227 peer->host, remote_as);
1228 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1229 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1230 notify_data_remote_as, 2);
1231 return BGP_Stop;
1232 }
1233 peer->as = remote_as;
1234 } else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
1235 if (bgp_debug_neighbor_events(peer))
1236 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1237 peer->host, remote_as, peer->as);
1238 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1239 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1240 notify_data_remote_as, 2);
1241 return BGP_Stop;
1242 }
1243
1244 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1245 calculate the value of the Hold Timer by using the smaller of its
1246 configured Hold Time and the Hold Time received in the OPEN message.
1247 The Hold Time MUST be either zero or at least three seconds. An
1248 implementation may reject connections on the basis of the Hold Time.
1249 */
1250
1251 if (holdtime < 3 && holdtime != 0) {
1252 bgp_notify_send_with_data(peer, BGP_NOTIFY_OPEN_ERR,
1253 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1254 (uint8_t *)holdtime_ptr, 2);
1255 return BGP_Stop;
1256 }
1257
1258 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1259 would be one third of the Hold Time interval. KEEPALIVE messages
1260 MUST NOT be sent more frequently than one per second. An
1261 implementation MAY adjust the rate at which it sends KEEPALIVE
1262 messages as a function of the Hold Time interval. */
1263
1264 if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
1265 send_holdtime = peer->holdtime;
1266 else
1267 send_holdtime = peer->bgp->default_holdtime;
1268
1269 if (holdtime < send_holdtime)
1270 peer->v_holdtime = holdtime;
1271 else
1272 peer->v_holdtime = send_holdtime;
1273
1274 if ((CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
1275 && (peer->keepalive < peer->v_holdtime / 3))
1276 peer->v_keepalive = peer->keepalive;
1277 else
1278 peer->v_keepalive = peer->v_holdtime / 3;
1279
1280 /* Open option part parse. */
1281 if (optlen != 0) {
1282 if ((ret = bgp_open_option_parse(peer, optlen, &mp_capability))
1283 < 0)
1284 return BGP_Stop;
1285 } else {
1286 if (bgp_debug_neighbor_events(peer))
1287 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1288 peer->host);
1289 }
1290
1291 /*
1292 * Assume that the peer supports the locally configured set of
1293 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1294 * capabilities, or if 'override-capability' is configured.
1295 */
1296 if (!mp_capability
1297 || CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
1298 peer->afc_nego[AFI_IP][SAFI_UNICAST] =
1299 peer->afc[AFI_IP][SAFI_UNICAST];
1300 peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
1301 peer->afc[AFI_IP][SAFI_MULTICAST];
1302 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
1303 peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1304 peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] =
1305 peer->afc[AFI_IP][SAFI_FLOWSPEC];
1306 peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
1307 peer->afc[AFI_IP6][SAFI_UNICAST];
1308 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
1309 peer->afc[AFI_IP6][SAFI_MULTICAST];
1310 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
1311 peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1312 peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
1313 peer->afc[AFI_L2VPN][SAFI_EVPN];
1314 peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] =
1315 peer->afc[AFI_IP6][SAFI_FLOWSPEC];
1316 }
1317
1318 /* When collision is detected and this peer is closed. Retrun
1319 immidiately. */
1320 ret = bgp_collision_detect(peer, remote_id);
1321 if (ret < 0)
1322 return BGP_Stop;
1323
1324 /* Get sockname. */
1325 if ((ret = bgp_getsockname(peer)) < 0) {
1326 flog_err_sys(EC_LIB_SOCKET,
1327 "%s: bgp_getsockname() failed for peer: %s",
1328 __FUNCTION__, peer->host);
1329 return BGP_Stop;
1330 }
1331
1332 /* Verify valid local address present based on negotiated
1333 * address-families. */
1334 if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
1335 || peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
1336 || peer->afc_nego[AFI_IP][SAFI_MULTICAST]
1337 || peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
1338 || peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
1339 if (!peer->nexthop.v4.s_addr) {
1340 #if defined(HAVE_CUMULUS)
1341 flog_err(
1342 EC_BGP_SND_FAIL,
1343 "%s: No local IPv4 addr resetting connection, fd %d",
1344 peer->host, peer->fd);
1345 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1346 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1347 return BGP_Stop;
1348 #endif
1349 }
1350 }
1351 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
1352 || peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
1353 || peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
1354 || peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
1355 || peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
1356 if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global)) {
1357 #if defined(HAVE_CUMULUS)
1358 flog_err(
1359 EC_BGP_SND_FAIL,
1360 "%s: No local IPv6 addr resetting connection, fd %d",
1361 peer->host, peer->fd);
1362 bgp_notify_send(peer, BGP_NOTIFY_CEASE,
1363 BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1364 return BGP_Stop;
1365 #endif
1366 }
1367 }
1368 peer->rtt = sockopt_tcp_rtt(peer->fd);
1369
1370 return Receive_OPEN_message;
1371 }
1372
1373 /**
1374 * Process BGP KEEPALIVE message for peer.
1375 *
1376 * @param peer
1377 * @param size size of the packet
1378 * @return as in summary
1379 */
1380 static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
1381 {
1382 if (bgp_debug_keepalive(peer))
1383 zlog_debug("%s KEEPALIVE rcvd", peer->host);
1384
1385 bgp_update_implicit_eors(peer);
1386
1387 return Receive_KEEPALIVE_message;
1388 }
1389
1390
1391 /**
1392 * Process BGP UPDATE message for peer.
1393 *
1394 * Parses UPDATE and creates attribute object.
1395 *
1396 * @param peer
1397 * @param size size of the packet
1398 * @return as in summary
1399 */
1400 static int bgp_update_receive(struct peer *peer, bgp_size_t size)
1401 {
1402 int ret, nlri_ret;
1403 uint8_t *end;
1404 struct stream *s;
1405 struct attr attr;
1406 bgp_size_t attribute_len;
1407 bgp_size_t update_len;
1408 bgp_size_t withdraw_len;
1409
1410 enum NLRI_TYPES {
1411 NLRI_UPDATE,
1412 NLRI_WITHDRAW,
1413 NLRI_MP_UPDATE,
1414 NLRI_MP_WITHDRAW,
1415 NLRI_TYPE_MAX
1416 };
1417 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1418
1419 /* Status must be Established. */
1420 if (peer->status != Established) {
1421 flog_err(EC_BGP_INVALID_STATUS,
1422 "%s [FSM] Update packet received under status %s",
1423 peer->host,
1424 lookup_msg(bgp_status_msg, peer->status, NULL));
1425 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
1426 return BGP_Stop;
1427 }
1428
1429 /* Set initial values. */
1430 memset(&attr, 0, sizeof(struct attr));
1431 attr.label_index = BGP_INVALID_LABEL_INDEX;
1432 attr.label = MPLS_INVALID_LABEL;
1433 memset(&nlris, 0, sizeof(nlris));
1434 memset(peer->rcvd_attr_str, 0, BUFSIZ);
1435 peer->rcvd_attr_printed = 0;
1436
1437 s = peer->curr;
1438 end = stream_pnt(s) + size;
1439
1440 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1441 Length is too large (i.e., if Unfeasible Routes Length + Total
1442 Attribute Length + 23 exceeds the message Length), then the Error
1443 Subcode is set to Malformed Attribute List. */
1444 if (stream_pnt(s) + 2 > end) {
1445 flog_err(EC_BGP_UPDATE_RCV,
1446 "%s [Error] Update packet error"
1447 " (packet length is short for unfeasible length)",
1448 peer->host);
1449 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1450 BGP_NOTIFY_UPDATE_MAL_ATTR);
1451 return BGP_Stop;
1452 }
1453
1454 /* Unfeasible Route Length. */
1455 withdraw_len = stream_getw(s);
1456
1457 /* Unfeasible Route Length check. */
1458 if (stream_pnt(s) + withdraw_len > end) {
1459 flog_err(EC_BGP_UPDATE_RCV,
1460 "%s [Error] Update packet error"
1461 " (packet unfeasible length overflow %d)",
1462 peer->host, withdraw_len);
1463 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1464 BGP_NOTIFY_UPDATE_MAL_ATTR);
1465 return BGP_Stop;
1466 }
1467
1468 /* Unfeasible Route packet format check. */
1469 if (withdraw_len > 0) {
1470 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1471 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1472 nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
1473 nlris[NLRI_WITHDRAW].length = withdraw_len;
1474 stream_forward_getp(s, withdraw_len);
1475 }
1476
1477 /* Attribute total length check. */
1478 if (stream_pnt(s) + 2 > end) {
1479 flog_warn(
1480 EC_BGP_UPDATE_PACKET_SHORT,
1481 "%s [Error] Packet Error (update packet is short for attribute length)",
1482 peer->host);
1483 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1484 BGP_NOTIFY_UPDATE_MAL_ATTR);
1485 return BGP_Stop;
1486 }
1487
1488 /* Fetch attribute total length. */
1489 attribute_len = stream_getw(s);
1490
1491 /* Attribute length check. */
1492 if (stream_pnt(s) + attribute_len > end) {
1493 flog_warn(
1494 EC_BGP_UPDATE_PACKET_LONG,
1495 "%s [Error] Packet Error (update packet attribute length overflow %d)",
1496 peer->host, attribute_len);
1497 bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
1498 BGP_NOTIFY_UPDATE_MAL_ATTR);
1499 return BGP_Stop;
1500 }
1501
1502 /* Certain attribute parsing errors should not be considered bad enough
1503 * to reset the session for, most particularly any partial/optional
1504 * attributes that have 'tunneled' over speakers that don't understand
1505 * them. Instead we withdraw only the prefix concerned.
1506 *
1507 * Complicates the flow a little though..
1508 */
1509 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1510 /* This define morphs the update case into a withdraw when lower levels
1511 * have signalled an error condition where this is best.
1512 */
1513 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1514
1515 /* Parse attribute when it exists. */
1516 if (attribute_len) {
1517 attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
1518 &nlris[NLRI_MP_UPDATE],
1519 &nlris[NLRI_MP_WITHDRAW]);
1520 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
1521 bgp_attr_unintern_sub(&attr);
1522 return BGP_Stop;
1523 }
1524 }
1525
1526 /* Logging the attribute. */
1527 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
1528 || BGP_DEBUG(update, UPDATE_IN)
1529 || BGP_DEBUG(update, UPDATE_PREFIX)) {
1530 ret = bgp_dump_attr(&attr, peer->rcvd_attr_str, BUFSIZ);
1531
1532 peer->stat_upd_7606++;
1533
1534 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1535 flog_err(
1536 EC_BGP_UPDATE_RCV,
1537 "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1538 peer->host);
1539
1540 if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
1541 zlog_debug("%s rcvd UPDATE w/ attr: %s", peer->host,
1542 peer->rcvd_attr_str);
1543 peer->rcvd_attr_printed = 1;
1544 }
1545 }
1546
1547 /* Network Layer Reachability Information. */
1548 update_len = end - stream_pnt(s);
1549
1550 if (update_len) {
1551 /* Set NLRI portion to structure. */
1552 nlris[NLRI_UPDATE].afi = AFI_IP;
1553 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1554 nlris[NLRI_UPDATE].nlri = stream_pnt(s);
1555 nlris[NLRI_UPDATE].length = update_len;
1556 stream_forward_getp(s, update_len);
1557
1558 if (CHECK_FLAG(attr.flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
1559 /*
1560 * We skipped nexthop attribute validation earlier so
1561 * validate the nexthop now.
1562 */
1563 if (bgp_attr_nexthop_valid(peer, &attr) < 0) {
1564 bgp_attr_unintern_sub(&attr);
1565 return BGP_Stop;
1566 }
1567 }
1568 }
1569
1570 if (BGP_DEBUG(update, UPDATE_IN))
1571 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1572 peer->host, withdraw_len, attribute_len, update_len);
1573
1574 /* Parse any given NLRIs */
1575 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
1576 if (!nlris[i].nlri)
1577 continue;
1578
1579 /* NLRI is processed iff the peer if configured for the specific
1580 * afi/safi */
1581 if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
1582 zlog_info(
1583 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1584 peer->host, nlris[i].afi, nlris[i].safi);
1585 continue;
1586 }
1587
1588 /* EoR handled later */
1589 if (nlris[i].length == 0)
1590 continue;
1591
1592 switch (i) {
1593 case NLRI_UPDATE:
1594 case NLRI_MP_UPDATE:
1595 nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
1596 &nlris[i], 0);
1597 break;
1598 case NLRI_WITHDRAW:
1599 case NLRI_MP_WITHDRAW:
1600 nlri_ret = bgp_nlri_parse(peer, &attr, &nlris[i], 1);
1601 break;
1602 default:
1603 nlri_ret = BGP_NLRI_PARSE_ERROR;
1604 }
1605
1606 if (nlri_ret < BGP_NLRI_PARSE_OK
1607 && nlri_ret != BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW) {
1608 flog_err(EC_BGP_UPDATE_RCV,
1609 "%s [Error] Error parsing NLRI", peer->host);
1610 if (peer->status == Established)
1611 bgp_notify_send(
1612 peer, BGP_NOTIFY_UPDATE_ERR,
1613 i <= NLRI_WITHDRAW
1614 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1615 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1616 bgp_attr_unintern_sub(&attr);
1617 return BGP_Stop;
1618 }
1619 }
1620
1621 /* EoR checks
1622 *
1623 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1624 * and MP EoR should have only an empty MP_UNREACH
1625 */
1626 if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
1627 || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
1628 afi_t afi = 0;
1629 safi_t safi;
1630
1631 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
1632 * checked
1633 * update and withdraw NLRI lengths are 0.
1634 */
1635 if (!attribute_len) {
1636 afi = AFI_IP;
1637 safi = SAFI_UNICAST;
1638 } else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
1639 && nlris[NLRI_MP_WITHDRAW].length == 0) {
1640 afi = nlris[NLRI_MP_WITHDRAW].afi;
1641 safi = nlris[NLRI_MP_WITHDRAW].safi;
1642 } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
1643 afi = nlris[NLRI_MP_UPDATE].afi;
1644 safi = nlris[NLRI_MP_UPDATE].safi;
1645 }
1646
1647 if (afi && peer->afc[afi][safi]) {
1648 struct vrf *vrf = vrf_lookup_by_id(peer->bgp->vrf_id);
1649
1650 /* End-of-RIB received */
1651 if (!CHECK_FLAG(peer->af_sflags[afi][safi],
1652 PEER_STATUS_EOR_RECEIVED)) {
1653 SET_FLAG(peer->af_sflags[afi][safi],
1654 PEER_STATUS_EOR_RECEIVED);
1655 bgp_update_explicit_eors(peer);
1656 }
1657
1658 /* NSF delete stale route */
1659 if (peer->nsf[afi][safi])
1660 bgp_clear_stale_route(peer, afi, safi);
1661
1662 zlog_info("%%NOTIFICATION: rcvd End-of-RIB for %s from %s in vrf %s",
1663 get_afi_safi_str(afi, safi, false), peer->host,
1664 vrf ? vrf->name : VRF_DEFAULT_NAME);
1665 }
1666 }
1667
1668 /* Everything is done. We unintern temporary structures which
1669 interned in bgp_attr_parse(). */
1670 bgp_attr_unintern_sub(&attr);
1671
1672 peer->update_time = bgp_clock();
1673
1674 /* Rearm holdtime timer */
1675 BGP_TIMER_OFF(peer->t_holdtime);
1676 bgp_timer_set(peer);
1677
1678 return Receive_UPDATE_message;
1679 }
1680
1681 /**
1682 * Process BGP NOTIFY message for peer.
1683 *
1684 * @param peer
1685 * @param size size of the packet
1686 * @return as in summary
1687 */
1688 static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
1689 {
1690 struct bgp_notify bgp_notify;
1691
1692 if (peer->notify.data) {
1693 XFREE(MTYPE_TMP, peer->notify.data);
1694 peer->notify.data = NULL;
1695 peer->notify.length = 0;
1696 }
1697
1698 bgp_notify.code = stream_getc(peer->curr);
1699 bgp_notify.subcode = stream_getc(peer->curr);
1700 bgp_notify.length = size - 2;
1701 bgp_notify.data = NULL;
1702
1703 /* Preserv notify code and sub code. */
1704 peer->notify.code = bgp_notify.code;
1705 peer->notify.subcode = bgp_notify.subcode;
1706 /* For further diagnostic record returned Data. */
1707 if (bgp_notify.length) {
1708 peer->notify.length = size - 2;
1709 peer->notify.data = XMALLOC(MTYPE_TMP, size - 2);
1710 memcpy(peer->notify.data, stream_pnt(peer->curr), size - 2);
1711 }
1712
1713 /* For debug */
1714 {
1715 int i;
1716 int first = 0;
1717 char c[4];
1718
1719 if (bgp_notify.length) {
1720 bgp_notify.data =
1721 XMALLOC(MTYPE_TMP, bgp_notify.length * 3);
1722 for (i = 0; i < bgp_notify.length; i++)
1723 if (first) {
1724 snprintf(c, sizeof(c), " %02x",
1725 stream_getc(peer->curr));
1726 strlcat(bgp_notify.data, c,
1727 bgp_notify.length);
1728 } else {
1729 first = 1;
1730 snprintf(c, sizeof(c), "%02x",
1731 stream_getc(peer->curr));
1732 strlcpy(bgp_notify.data, c,
1733 bgp_notify.length);
1734 }
1735 bgp_notify.raw_data = (uint8_t *)peer->notify.data;
1736 }
1737
1738 bgp_notify_print(peer, &bgp_notify, "received");
1739 if (bgp_notify.data) {
1740 XFREE(MTYPE_TMP, bgp_notify.data);
1741 bgp_notify.data = NULL;
1742 bgp_notify.length = 0;
1743 }
1744 }
1745
1746 /* peer count update */
1747 atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
1748
1749 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1750
1751 /* We have to check for Notify with Unsupported Optional Parameter.
1752 in that case we fallback to open without the capability option.
1753 But this done in bgp_stop. We just mark it here to avoid changing
1754 the fsm tables. */
1755 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR
1756 && bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
1757 UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1758
1759 return Receive_NOTIFICATION_message;
1760 }
1761
1762 /**
1763 * Process BGP ROUTEREFRESH message for peer.
1764 *
1765 * @param peer
1766 * @param size size of the packet
1767 * @return as in summary
1768 */
1769 static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
1770 {
1771 iana_afi_t pkt_afi;
1772 afi_t afi;
1773 iana_safi_t pkt_safi;
1774 safi_t safi;
1775 struct stream *s;
1776 struct peer_af *paf;
1777 struct update_group *updgrp;
1778 struct peer *updgrp_peer;
1779
1780 /* If peer does not have the capability, send notification. */
1781 if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
1782 flog_err(EC_BGP_NO_CAP,
1783 "%s [Error] BGP route refresh is not enabled",
1784 peer->host);
1785 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
1786 BGP_NOTIFY_HEADER_BAD_MESTYPE);
1787 return BGP_Stop;
1788 }
1789
1790 /* Status must be Established. */
1791 if (peer->status != Established) {
1792 flog_err(
1793 EC_BGP_INVALID_STATUS,
1794 "%s [Error] Route refresh packet received under status %s",
1795 peer->host,
1796 lookup_msg(bgp_status_msg, peer->status, NULL));
1797 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
1798 return BGP_Stop;
1799 }
1800
1801 s = peer->curr;
1802
1803 /* Parse packet. */
1804 pkt_afi = stream_getw(s);
1805 (void)stream_getc(s);
1806 pkt_safi = stream_getc(s);
1807
1808 if (bgp_debug_update(peer, NULL, NULL, 0))
1809 zlog_debug("%s rcvd REFRESH_REQ for afi/safi: %s/%s",
1810 peer->host, iana_afi2str(pkt_afi),
1811 iana_safi2str(pkt_safi));
1812
1813 /* Convert AFI, SAFI to internal values and check. */
1814 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
1815 zlog_info(
1816 "%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
1817 peer->host, iana_afi2str(pkt_afi),
1818 iana_safi2str(pkt_safi));
1819 return BGP_PACKET_NOOP;
1820 }
1821
1822 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
1823 uint8_t *end;
1824 uint8_t when_to_refresh;
1825 uint8_t orf_type;
1826 uint16_t orf_len;
1827
1828 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1829 < 5) {
1830 zlog_info("%s ORF route refresh length error",
1831 peer->host);
1832 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
1833 return BGP_Stop;
1834 }
1835
1836 when_to_refresh = stream_getc(s);
1837 end = stream_pnt(s) + (size - 5);
1838
1839 while ((stream_pnt(s) + 2) < end) {
1840 orf_type = stream_getc(s);
1841 orf_len = stream_getw(s);
1842
1843 /* orf_len in bounds? */
1844 if ((stream_pnt(s) + orf_len) > end)
1845 break; /* XXX: Notify instead?? */
1846 if (orf_type == ORF_TYPE_PREFIX
1847 || orf_type == ORF_TYPE_PREFIX_OLD) {
1848 uint8_t *p_pnt = stream_pnt(s);
1849 uint8_t *p_end = stream_pnt(s) + orf_len;
1850 struct orf_prefix orfp;
1851 uint8_t common = 0;
1852 uint32_t seq;
1853 int psize;
1854 char name[BUFSIZ];
1855 int ret = CMD_SUCCESS;
1856
1857 if (bgp_debug_neighbor_events(peer)) {
1858 zlog_debug(
1859 "%s rcvd Prefixlist ORF(%d) length %d",
1860 peer->host, orf_type, orf_len);
1861 }
1862
1863 /* we're going to read at least 1 byte of common
1864 * ORF header,
1865 * and 7 bytes of ORF Address-filter entry from
1866 * the stream
1867 */
1868 if (orf_len < 7)
1869 break;
1870
1871 /* ORF prefix-list name */
1872 sprintf(name, "%s.%d.%d", peer->host, afi,
1873 safi);
1874
1875 while (p_pnt < p_end) {
1876 /* If the ORF entry is malformed, want
1877 * to read as much of it
1878 * as possible without going beyond the
1879 * bounds of the entry,
1880 * to maximise debug information.
1881 */
1882 int ok;
1883 memset(&orfp, 0,
1884 sizeof(struct orf_prefix));
1885 common = *p_pnt++;
1886 /* after ++: p_pnt <= p_end */
1887 if (common
1888 & ORF_COMMON_PART_REMOVE_ALL) {
1889 if (bgp_debug_neighbor_events(
1890 peer))
1891 zlog_debug(
1892 "%s rcvd Remove-All pfxlist ORF request",
1893 peer->host);
1894 prefix_bgp_orf_remove_all(afi,
1895 name);
1896 break;
1897 }
1898 ok = ((uint32_t)(p_end - p_pnt)
1899 >= sizeof(uint32_t));
1900 if (ok) {
1901 memcpy(&seq, p_pnt,
1902 sizeof(uint32_t));
1903 p_pnt += sizeof(uint32_t);
1904 orfp.seq = ntohl(seq);
1905 } else
1906 p_pnt = p_end;
1907
1908 if ((ok = (p_pnt < p_end)))
1909 orfp.ge =
1910 *p_pnt++; /* value
1911 checked in
1912 prefix_bgp_orf_set()
1913 */
1914 if ((ok = (p_pnt < p_end)))
1915 orfp.le =
1916 *p_pnt++; /* value
1917 checked in
1918 prefix_bgp_orf_set()
1919 */
1920 if ((ok = (p_pnt < p_end)))
1921 orfp.p.prefixlen = *p_pnt++;
1922 orfp.p.family = afi2family(
1923 afi); /* afi checked already */
1924
1925 psize = PSIZE(
1926 orfp.p.prefixlen); /* 0 if not
1927 ok */
1928 if (psize
1929 > prefix_blen(
1930 &orfp.p)) /* valid for
1931 family ? */
1932 {
1933 ok = 0;
1934 psize = prefix_blen(&orfp.p);
1935 }
1936 if (psize
1937 > (p_end - p_pnt)) /* valid for
1938 packet ? */
1939 {
1940 ok = 0;
1941 psize = p_end - p_pnt;
1942 }
1943
1944 if (psize > 0)
1945 memcpy(&orfp.p.u.prefix, p_pnt,
1946 psize);
1947 p_pnt += psize;
1948
1949 if (bgp_debug_neighbor_events(peer)) {
1950 char buf[INET6_BUFSIZ];
1951
1952 zlog_debug(
1953 "%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
1954 peer->host,
1955 (common & ORF_COMMON_PART_REMOVE
1956 ? "Remove"
1957 : "Add"),
1958 (common & ORF_COMMON_PART_DENY
1959 ? "deny"
1960 : "permit"),
1961 orfp.seq,
1962 inet_ntop(
1963 orfp.p.family,
1964 &orfp.p.u.prefix,
1965 buf,
1966 INET6_BUFSIZ),
1967 orfp.p.prefixlen,
1968 orfp.ge, orfp.le,
1969 ok ? "" : " MALFORMED");
1970 }
1971
1972 if (ok)
1973 ret = prefix_bgp_orf_set(
1974 name, afi, &orfp,
1975 (common & ORF_COMMON_PART_DENY
1976 ? 0
1977 : 1),
1978 (common & ORF_COMMON_PART_REMOVE
1979 ? 0
1980 : 1));
1981
1982 if (!ok || (ok && ret != CMD_SUCCESS)) {
1983 zlog_info(
1984 "%s Received misformatted prefixlist ORF."
1985 " Remove All pfxlist",
1986 peer->host);
1987 prefix_bgp_orf_remove_all(afi,
1988 name);
1989 break;
1990 }
1991 }
1992
1993 peer->orf_plist[afi][safi] =
1994 prefix_bgp_orf_lookup(afi, name);
1995 }
1996 stream_forward_getp(s, orf_len);
1997 }
1998 if (bgp_debug_neighbor_events(peer))
1999 zlog_debug("%s rcvd Refresh %s ORF request", peer->host,
2000 when_to_refresh == REFRESH_DEFER
2001 ? "Defer"
2002 : "Immediate");
2003 if (when_to_refresh == REFRESH_DEFER)
2004 return BGP_PACKET_NOOP;
2005 }
2006
2007 /* First update is deferred until ORF or ROUTE-REFRESH is received */
2008 if (CHECK_FLAG(peer->af_sflags[afi][safi],
2009 PEER_STATUS_ORF_WAIT_REFRESH))
2010 UNSET_FLAG(peer->af_sflags[afi][safi],
2011 PEER_STATUS_ORF_WAIT_REFRESH);
2012
2013 paf = peer_af_find(peer, afi, safi);
2014 if (paf && paf->subgroup) {
2015 if (peer->orf_plist[afi][safi]) {
2016 updgrp = PAF_UPDGRP(paf);
2017 updgrp_peer = UPDGRP_PEER(updgrp);
2018 updgrp_peer->orf_plist[afi][safi] =
2019 peer->orf_plist[afi][safi];
2020 }
2021
2022 /* If the peer is configured for default-originate clear the
2023 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
2024 * re-advertise the
2025 * default
2026 */
2027 if (CHECK_FLAG(paf->subgroup->sflags,
2028 SUBGRP_STATUS_DEFAULT_ORIGINATE))
2029 UNSET_FLAG(paf->subgroup->sflags,
2030 SUBGRP_STATUS_DEFAULT_ORIGINATE);
2031 }
2032
2033 /* Perform route refreshment to the peer */
2034 bgp_announce_route(peer, afi, safi);
2035
2036 /* No FSM action necessary */
2037 return BGP_PACKET_NOOP;
2038 }
2039
2040 /**
2041 * Parse BGP CAPABILITY message for peer.
2042 *
2043 * @param peer
2044 * @param size size of the packet
2045 * @return as in summary
2046 */
2047 static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
2048 bgp_size_t length)
2049 {
2050 uint8_t *end;
2051 struct capability_mp_data mpc;
2052 struct capability_header *hdr;
2053 uint8_t action;
2054 iana_afi_t pkt_afi;
2055 afi_t afi;
2056 iana_safi_t pkt_safi;
2057 safi_t safi;
2058
2059 end = pnt + length;
2060
2061 while (pnt < end) {
2062 /* We need at least action, capability code and capability
2063 * length. */
2064 if (pnt + 3 > end) {
2065 zlog_info("%s Capability length error", peer->host);
2066 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2067 return BGP_Stop;
2068 }
2069 action = *pnt;
2070 hdr = (struct capability_header *)(pnt + 1);
2071
2072 /* Action value check. */
2073 if (action != CAPABILITY_ACTION_SET
2074 && action != CAPABILITY_ACTION_UNSET) {
2075 zlog_info("%s Capability Action Value error %d",
2076 peer->host, action);
2077 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2078 return BGP_Stop;
2079 }
2080
2081 if (bgp_debug_neighbor_events(peer))
2082 zlog_debug(
2083 "%s CAPABILITY has action: %d, code: %u, length %u",
2084 peer->host, action, hdr->code, hdr->length);
2085
2086 /* Capability length check. */
2087 if ((pnt + hdr->length + 3) > end) {
2088 zlog_info("%s Capability length error", peer->host);
2089 bgp_notify_send(peer, BGP_NOTIFY_CEASE, 0);
2090 return BGP_Stop;
2091 }
2092
2093 /* Fetch structure to the byte stream. */
2094 memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
2095 pnt += hdr->length + 3;
2096
2097 /* We know MP Capability Code. */
2098 if (hdr->code == CAPABILITY_CODE_MP) {
2099 pkt_afi = ntohs(mpc.afi);
2100 pkt_safi = mpc.safi;
2101
2102 /* Ignore capability when override-capability is set. */
2103 if (CHECK_FLAG(peer->flags,
2104 PEER_FLAG_OVERRIDE_CAPABILITY))
2105 continue;
2106
2107 /* Convert AFI, SAFI to internal values. */
2108 if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
2109 &safi)) {
2110 if (bgp_debug_neighbor_events(peer))
2111 zlog_debug(
2112 "%s Dynamic Capability MP_EXT afi/safi invalid "
2113 "(%s/%s)",
2114 peer->host,
2115 iana_afi2str(pkt_afi),
2116 iana_safi2str(pkt_safi));
2117 continue;
2118 }
2119
2120 /* Address family check. */
2121 if (bgp_debug_neighbor_events(peer))
2122 zlog_debug(
2123 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2124 peer->host,
2125 action == CAPABILITY_ACTION_SET
2126 ? "Advertising"
2127 : "Removing",
2128 pkt_afi, pkt_safi);
2129
2130 if (action == CAPABILITY_ACTION_SET) {
2131 peer->afc_recv[afi][safi] = 1;
2132 if (peer->afc[afi][safi]) {
2133 peer->afc_nego[afi][safi] = 1;
2134 bgp_announce_route(peer, afi, safi);
2135 }
2136 } else {
2137 peer->afc_recv[afi][safi] = 0;
2138 peer->afc_nego[afi][safi] = 0;
2139
2140 if (peer_active_nego(peer))
2141 bgp_clear_route(peer, afi, safi);
2142 else
2143 return BGP_Stop;
2144 }
2145 } else {
2146 flog_warn(
2147 EC_BGP_UNRECOGNIZED_CAPABILITY,
2148 "%s unrecognized capability code: %d - ignored",
2149 peer->host, hdr->code);
2150 }
2151 }
2152
2153 /* No FSM action necessary */
2154 return BGP_PACKET_NOOP;
2155 }
2156
2157 /**
2158 * Parse BGP CAPABILITY message for peer.
2159 *
2160 * Exported for unit testing.
2161 *
2162 * @param peer
2163 * @param size size of the packet
2164 * @return as in summary
2165 */
2166 int bgp_capability_receive(struct peer *peer, bgp_size_t size)
2167 {
2168 uint8_t *pnt;
2169
2170 /* Fetch pointer. */
2171 pnt = stream_pnt(peer->curr);
2172
2173 if (bgp_debug_neighbor_events(peer))
2174 zlog_debug("%s rcv CAPABILITY", peer->host);
2175
2176 /* If peer does not have the capability, send notification. */
2177 if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
2178 flog_err(EC_BGP_NO_CAP,
2179 "%s [Error] BGP dynamic capability is not enabled",
2180 peer->host);
2181 bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR,
2182 BGP_NOTIFY_HEADER_BAD_MESTYPE);
2183 return BGP_Stop;
2184 }
2185
2186 /* Status must be Established. */
2187 if (peer->status != Established) {
2188 flog_err(
2189 EC_BGP_NO_CAP,
2190 "%s [Error] Dynamic capability packet received under status %s",
2191 peer->host,
2192 lookup_msg(bgp_status_msg, peer->status, NULL));
2193 bgp_notify_send(peer, BGP_NOTIFY_FSM_ERR, 0);
2194 return BGP_Stop;
2195 }
2196
2197 /* Parse packet. */
2198 return bgp_capability_msg_parse(peer, pnt, size);
2199 }
2200
2201 /**
2202 * Processes a peer's input buffer.
2203 *
2204 * This function sidesteps the event loop and directly calls bgp_event_update()
2205 * after processing each BGP message. This is necessary to ensure proper
2206 * ordering of FSM events and unifies the behavior that was present previously,
2207 * whereby some of the packet handling functions would update the FSM and some
2208 * would not, making event flow difficult to understand. Please think twice
2209 * before hacking this.
2210 *
2211 * Thread type: THREAD_EVENT
2212 * @param thread
2213 * @return 0
2214 */
2215 int bgp_process_packet(struct thread *thread)
2216 {
2217 /* Yes first of all get peer pointer. */
2218 struct peer *peer; // peer
2219 uint32_t rpkt_quanta_old; // how many packets to read
2220 int fsm_update_result; // return code of bgp_event_update()
2221 int mprc; // message processing return code
2222
2223 peer = THREAD_ARG(thread);
2224 rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
2225 memory_order_relaxed);
2226 fsm_update_result = 0;
2227
2228 /* Guard against scheduled events that occur after peer deletion. */
2229 if (peer->status == Deleted || peer->status == Clearing)
2230 return 0;
2231
2232 unsigned int processed = 0;
2233
2234 while (processed < rpkt_quanta_old) {
2235 uint8_t type = 0;
2236 bgp_size_t size;
2237 char notify_data_length[2];
2238
2239 pthread_mutex_lock(&peer->io_mtx);
2240 {
2241 peer->curr = stream_fifo_pop(peer->ibuf);
2242 }
2243 pthread_mutex_unlock(&peer->io_mtx);
2244
2245 if (peer->curr == NULL) // no packets to process, hmm...
2246 return 0;
2247
2248 /* skip the marker and copy the packet length */
2249 stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
2250 memcpy(notify_data_length, stream_pnt(peer->curr), 2);
2251
2252 /* read in the packet length and type */
2253 size = stream_getw(peer->curr);
2254 type = stream_getc(peer->curr);
2255
2256 hook_call(bgp_packet_dump, peer, type, size, peer->curr);
2257
2258 /* adjust size to exclude the marker + length + type */
2259 size -= BGP_HEADER_SIZE;
2260
2261 /* Read rest of the packet and call each sort of packet routine
2262 */
2263 switch (type) {
2264 case BGP_MSG_OPEN:
2265 atomic_fetch_add_explicit(&peer->open_in, 1,
2266 memory_order_relaxed);
2267 mprc = bgp_open_receive(peer, size);
2268 if (mprc == BGP_Stop)
2269 flog_err(
2270 EC_BGP_PKT_OPEN,
2271 "%s: BGP OPEN receipt failed for peer: %s",
2272 __FUNCTION__, peer->host);
2273 break;
2274 case BGP_MSG_UPDATE:
2275 atomic_fetch_add_explicit(&peer->update_in, 1,
2276 memory_order_relaxed);
2277 peer->readtime = monotime(NULL);
2278 mprc = bgp_update_receive(peer, size);
2279 if (mprc == BGP_Stop)
2280 flog_err(
2281 EC_BGP_UPDATE_RCV,
2282 "%s: BGP UPDATE receipt failed for peer: %s",
2283 __FUNCTION__, peer->host);
2284 break;
2285 case BGP_MSG_NOTIFY:
2286 atomic_fetch_add_explicit(&peer->notify_in, 1,
2287 memory_order_relaxed);
2288 mprc = bgp_notify_receive(peer, size);
2289 if (mprc == BGP_Stop)
2290 flog_err(
2291 EC_BGP_NOTIFY_RCV,
2292 "%s: BGP NOTIFY receipt failed for peer: %s",
2293 __FUNCTION__, peer->host);
2294 break;
2295 case BGP_MSG_KEEPALIVE:
2296 peer->readtime = monotime(NULL);
2297 atomic_fetch_add_explicit(&peer->keepalive_in, 1,
2298 memory_order_relaxed);
2299 mprc = bgp_keepalive_receive(peer, size);
2300 if (mprc == BGP_Stop)
2301 flog_err(
2302 EC_BGP_KEEP_RCV,
2303 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2304 __FUNCTION__, peer->host);
2305 break;
2306 case BGP_MSG_ROUTE_REFRESH_NEW:
2307 case BGP_MSG_ROUTE_REFRESH_OLD:
2308 atomic_fetch_add_explicit(&peer->refresh_in, 1,
2309 memory_order_relaxed);
2310 mprc = bgp_route_refresh_receive(peer, size);
2311 if (mprc == BGP_Stop)
2312 flog_err(
2313 EC_BGP_RFSH_RCV,
2314 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2315 __FUNCTION__, peer->host);
2316 break;
2317 case BGP_MSG_CAPABILITY:
2318 atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
2319 memory_order_relaxed);
2320 mprc = bgp_capability_receive(peer, size);
2321 if (mprc == BGP_Stop)
2322 flog_err(
2323 EC_BGP_CAP_RCV,
2324 "%s: BGP CAPABILITY receipt failed for peer: %s",
2325 __FUNCTION__, peer->host);
2326 break;
2327 default:
2328 /* Suppress uninitialized variable warning */
2329 mprc = 0;
2330 (void)mprc;
2331 /*
2332 * The message type should have been sanitized before
2333 * we ever got here. Receipt of a message with an
2334 * invalid header at this point is indicative of a
2335 * security issue.
2336 */
2337 assert (!"Message of invalid type received during input processing");
2338 }
2339
2340 /* delete processed packet */
2341 stream_free(peer->curr);
2342 peer->curr = NULL;
2343 processed++;
2344
2345 /* Update FSM */
2346 if (mprc != BGP_PACKET_NOOP)
2347 fsm_update_result = bgp_event_update(peer, mprc);
2348 else
2349 continue;
2350
2351 /*
2352 * If peer was deleted, do not process any more packets. This
2353 * is usually due to executing BGP_Stop or a stub deletion.
2354 */
2355 if (fsm_update_result == FSM_PEER_TRANSFERRED
2356 || fsm_update_result == FSM_PEER_STOPPED)
2357 break;
2358 }
2359
2360 if (fsm_update_result != FSM_PEER_TRANSFERRED
2361 && fsm_update_result != FSM_PEER_STOPPED) {
2362 pthread_mutex_lock(&peer->io_mtx);
2363 {
2364 // more work to do, come back later
2365 if (peer->ibuf->count > 0)
2366 thread_add_timer_msec(
2367 bm->master, bgp_process_packet, peer, 0,
2368 &peer->t_process_packet);
2369 }
2370 pthread_mutex_unlock(&peer->io_mtx);
2371 }
2372
2373 return 0;
2374 }
FRRouting mirror