1 /* BGP packet management routine.
2 * Contains utility functions for constructing and consuming BGP messages.
3 * Copyright (C) 2017 Cumulus Networks
4 * Copyright (C) 1999 Kunihiro Ishiguro
6 * This file is part of GNU Zebra.
8 * GNU Zebra is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2, or (at your option) any
13 * GNU Zebra is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; see the file COPYING; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
33 #include "sockunion.h" /* for inet_ntop () */
39 #include "lib_errors.h"
41 #include "bgpd/bgpd.h"
42 #include "bgpd/bgp_table.h"
43 #include "bgpd/bgp_dump.h"
44 #include "bgpd/bgp_bmp.h"
45 #include "bgpd/bgp_attr.h"
46 #include "bgpd/bgp_debug.h"
47 #include "bgpd/bgp_errors.h"
48 #include "bgpd/bgp_fsm.h"
49 #include "bgpd/bgp_route.h"
50 #include "bgpd/bgp_packet.h"
51 #include "bgpd/bgp_open.h"
52 #include "bgpd/bgp_aspath.h"
53 #include "bgpd/bgp_community.h"
54 #include "bgpd/bgp_ecommunity.h"
55 #include "bgpd/bgp_lcommunity.h"
56 #include "bgpd/bgp_network.h"
57 #include "bgpd/bgp_mplsvpn.h"
58 #include "bgpd/bgp_evpn.h"
59 #include "bgpd/bgp_advertise.h"
60 #include "bgpd/bgp_vty.h"
61 #include "bgpd/bgp_updgrp.h"
62 #include "bgpd/bgp_label.h"
63 #include "bgpd/bgp_io.h"
64 #include "bgpd/bgp_keepalives.h"
65 #include "bgpd/bgp_flowspec.h"
66 #include "bgpd/bgp_trace.h"
68 DEFINE_HOOK(bgp_packet_dump
,
69 (struct peer
*peer
, uint8_t type
, bgp_size_t size
,
71 (peer
, type
, size
, s
));
73 DEFINE_HOOK(bgp_packet_send
,
74 (struct peer
*peer
, uint8_t type
, bgp_size_t size
,
76 (peer
, type
, size
, s
));
79 * Sets marker and type fields for a BGP message.
81 * @param s the stream containing the packet
82 * @param type the packet type
83 * @return the size of the stream
85 int bgp_packet_set_marker(struct stream
*s
, uint8_t type
)
90 for (i
= 0; i
< BGP_MARKER_SIZE
; i
++)
93 /* Dummy total length. This field is should be filled in later on. */
96 /* BGP packet type. */
99 /* Return current stream size. */
100 return stream_get_endp(s
);
104 * Sets size field for a BGP message.
106 * Size field is set to the size of the stream passed.
108 * @param s the stream containing the packet
110 void bgp_packet_set_size(struct stream
*s
)
114 /* Preserve current pointer. */
115 cp
= stream_get_endp(s
);
116 stream_putw_at(s
, BGP_MARKER_SIZE
, cp
);
120 * Push a packet onto the beginning of the peer's output queue.
121 * This function acquires the peer's write mutex before proceeding.
123 static void bgp_packet_add(struct peer
*peer
, struct stream
*s
)
127 intmax_t sendholdtime
;
129 frr_with_mutex (&peer
->io_mtx
) {
130 /* if the queue is empty, reset the "last OK" timestamp to
131 * now, otherwise if we write another packet immediately
132 * after it'll get confused
134 if (!stream_fifo_count_safe(peer
->obuf
))
135 peer
->last_sendq_ok
= monotime(NULL
);
137 stream_fifo_push(peer
->obuf
, s
);
139 delta
= monotime(NULL
) - peer
->last_sendq_ok
;
141 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
))
142 holdtime
= atomic_load_explicit(&peer
->holdtime
,
143 memory_order_relaxed
);
145 holdtime
= peer
->bgp
->default_holdtime
;
147 sendholdtime
= holdtime
* 2;
149 /* Note that when we're here, we're adding some packet to the
150 * OutQ. That includes keepalives when there is nothing to
151 * do, so there's a guarantee we pass by here once in a while.
153 * That implies there is no need to go set up another separate
154 * timer that ticks down SendHoldTime, as we'll be here sooner
155 * or later anyway and will see the checks below failing.
158 /* no holdtime, do nothing. */
159 } else if (delta
> sendholdtime
) {
161 EC_BGP_SENDQ_STUCK_PROPER
,
162 "%pBP has not made any SendQ progress for 2 holdtimes (%jds), terminating session",
164 BGP_EVENT_ADD(peer
, TCP_fatal_error
);
165 } else if (delta
> (intmax_t)holdtime
&&
166 monotime(NULL
) - peer
->last_sendq_warn
> 5) {
168 EC_BGP_SENDQ_STUCK_WARN
,
169 "%pBP has not made any SendQ progress for 1 holdtime (%us), peer overloaded?",
171 peer
->last_sendq_warn
= monotime(NULL
);
176 static struct stream
*bgp_update_packet_eor(struct peer
*peer
, afi_t afi
,
180 iana_afi_t pkt_afi
= IANA_AFI_IPV4
;
181 iana_safi_t pkt_safi
= IANA_SAFI_UNICAST
;
183 if (DISABLE_BGP_ANNOUNCE
)
186 if (bgp_debug_neighbor_events(peer
))
187 zlog_debug("send End-of-RIB for %s to %s",
188 get_afi_safi_str(afi
, safi
, false), peer
->host
);
190 s
= stream_new(peer
->max_packet_size
);
192 /* Make BGP update packet. */
193 bgp_packet_set_marker(s
, BGP_MSG_UPDATE
);
195 /* Unfeasible Routes Length */
198 if (afi
== AFI_IP
&& safi
== SAFI_UNICAST
) {
199 /* Total Path Attribute Length */
202 /* Convert AFI, SAFI to values for packet. */
203 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
205 /* Total Path Attribute Length */
207 stream_putc(s
, BGP_ATTR_FLAG_OPTIONAL
);
208 stream_putc(s
, BGP_ATTR_MP_UNREACH_NLRI
);
210 stream_putw(s
, pkt_afi
);
211 stream_putc(s
, pkt_safi
);
214 bgp_packet_set_size(s
);
218 /* Called when there is a change in the EOR(implicit or explicit) status of a
219 * peer. Ends the update-delay if all expected peers are done with EORs. */
220 void bgp_check_update_delay(struct bgp
*bgp
)
222 struct listnode
*node
, *nnode
;
223 struct peer
*peer
= NULL
;
225 if (bgp_debug_neighbor_events(peer
))
226 zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
227 bgp
->established
, bgp
->restarted_peers
,
228 bgp
->implicit_eors
, bgp
->explicit_eors
);
231 <= bgp
->restarted_peers
+ bgp
->implicit_eors
+ bgp
->explicit_eors
) {
233 * This is an extra sanity check to make sure we wait for all
234 * the eligible configured peers. This check is performed if
235 * establish wait timer is on, or establish wait option is not
236 * given with the update-delay command
238 if (bgp
->t_establish_wait
239 || (bgp
->v_establish_wait
== bgp
->v_update_delay
))
240 for (ALL_LIST_ELEMENTS(bgp
->peer
, node
, nnode
, peer
)) {
241 if (CHECK_FLAG(peer
->flags
,
242 PEER_FLAG_CONFIG_NODE
)
243 && !CHECK_FLAG(peer
->flags
,
245 && !CHECK_FLAG(peer
->bgp
->flags
,
247 && !peer
->update_delay_over
) {
248 if (bgp_debug_neighbor_events(peer
))
250 " Peer %s pending, continuing read-only mode",
257 "Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
258 bgp
->restarted_peers
, bgp
->implicit_eors
,
260 bgp_update_delay_end(bgp
);
265 * Called if peer is known to have restarted. The restart-state bit in
266 * Graceful-Restart capability is used for that
268 void bgp_update_restarted_peers(struct peer
*peer
)
270 if (!bgp_update_delay_active(peer
->bgp
))
271 return; /* BGP update delay has ended */
272 if (peer
->update_delay_over
)
273 return; /* This peer has already been considered */
275 if (bgp_debug_neighbor_events(peer
))
276 zlog_debug("Peer %s: Checking restarted", peer
->host
);
278 if (peer_established(peer
)) {
279 peer
->update_delay_over
= 1;
280 peer
->bgp
->restarted_peers
++;
281 bgp_check_update_delay(peer
->bgp
);
286 * Called as peer receives a keep-alive. Determines if this occurence can be
287 * taken as an implicit EOR for this peer.
288 * NOTE: The very first keep-alive after the Established state of a peer is
289 * considered implicit EOR for the update-delay purposes
291 void bgp_update_implicit_eors(struct peer
*peer
)
293 if (!bgp_update_delay_active(peer
->bgp
))
294 return; /* BGP update delay has ended */
295 if (peer
->update_delay_over
)
296 return; /* This peer has already been considered */
298 if (bgp_debug_neighbor_events(peer
))
299 zlog_debug("Peer %s: Checking implicit EORs", peer
->host
);
301 if (peer_established(peer
)) {
302 peer
->update_delay_over
= 1;
303 peer
->bgp
->implicit_eors
++;
304 bgp_check_update_delay(peer
->bgp
);
309 * Should be called only when there is a change in the EOR_RECEIVED status
310 * for any afi/safi on a peer.
312 static void bgp_update_explicit_eors(struct peer
*peer
)
317 if (!bgp_update_delay_active(peer
->bgp
))
318 return; /* BGP update delay has ended */
319 if (peer
->update_delay_over
)
320 return; /* This peer has already been considered */
322 if (bgp_debug_neighbor_events(peer
))
323 zlog_debug("Peer %s: Checking explicit EORs", peer
->host
);
325 FOREACH_AFI_SAFI (afi
, safi
) {
326 if (peer
->afc_nego
[afi
][safi
]
327 && !CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
328 PEER_STATUS_EOR_RECEIVED
)) {
329 if (bgp_debug_neighbor_events(peer
))
331 " afi %d safi %d didn't receive EOR",
337 peer
->update_delay_over
= 1;
338 peer
->bgp
->explicit_eors
++;
339 bgp_check_update_delay(peer
->bgp
);
343 * Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
345 * mp_withdraw, if set, is used to nullify attr structure on most of the
346 * calling safi function and for evpn, passed as parameter
348 int bgp_nlri_parse(struct peer
*peer
, struct attr
*attr
,
349 struct bgp_nlri
*packet
, int mp_withdraw
)
351 switch (packet
->safi
) {
354 return bgp_nlri_parse_ip(peer
, mp_withdraw
? NULL
: attr
,
356 case SAFI_LABELED_UNICAST
:
357 return bgp_nlri_parse_label(peer
, mp_withdraw
? NULL
: attr
,
360 return bgp_nlri_parse_vpn(peer
, mp_withdraw
? NULL
: attr
,
363 return bgp_nlri_parse_evpn(peer
, attr
, packet
, mp_withdraw
);
365 return bgp_nlri_parse_flowspec(peer
, attr
, packet
, mp_withdraw
);
367 return BGP_NLRI_PARSE_ERROR
;
372 * Check if route-refresh request from peer is pending (received before EoR),
373 * and process it now.
375 static void bgp_process_pending_refresh(struct peer
*peer
, afi_t afi
,
378 if (CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
379 PEER_STATUS_REFRESH_PENDING
)) {
380 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
381 PEER_STATUS_REFRESH_PENDING
);
382 bgp_route_refresh_send(peer
, afi
, safi
, 0, 0, 0,
383 BGP_ROUTE_REFRESH_BORR
);
384 if (bgp_debug_neighbor_events(peer
))
386 "%pBP sending route-refresh (BoRR) for %s/%s (for pending REQUEST)",
387 peer
, afi2str(afi
), safi2str(safi
));
389 SET_FLAG(peer
->af_sflags
[afi
][safi
], PEER_STATUS_BORR_SEND
);
390 UNSET_FLAG(peer
->af_sflags
[afi
][safi
], PEER_STATUS_EORR_SEND
);
391 bgp_announce_route(peer
, afi
, safi
, true);
396 * Checks a variety of conditions to determine whether the peer needs to be
397 * rescheduled for packet generation again, and does so if necessary.
399 * @param peer to check for rescheduling
401 static void bgp_write_proceed_actions(struct peer
*peer
)
406 struct bpacket
*next_pkt
;
407 struct update_subgroup
*subgrp
;
408 enum bgp_af_index index
;
410 for (index
= BGP_AF_START
; index
< BGP_AF_MAX
; index
++) {
411 paf
= peer
->peer_af_array
[index
];
415 subgrp
= paf
->subgroup
;
419 next_pkt
= paf
->next_pkt_to_send
;
420 if (next_pkt
&& next_pkt
->buffer
) {
421 BGP_TIMER_ON(peer
->t_generate_updgrp_packets
,
422 bgp_generate_updgrp_packets
, 0);
426 /* No packets readily available for AFI/SAFI, are there
428 * that need to be generated? */
429 if (bpacket_queue_is_full(SUBGRP_INST(subgrp
),
431 || subgroup_packets_to_build(subgrp
)) {
432 BGP_TIMER_ON(peer
->t_generate_updgrp_packets
,
433 bgp_generate_updgrp_packets
, 0);
440 /* No packets to send, see if EOR is pending */
441 if (CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
)) {
442 if (!subgrp
->t_coalesce
&& peer
->afc_nego
[afi
][safi
]
444 && !CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
445 PEER_STATUS_EOR_SEND
)
446 && safi
!= SAFI_MPLS_VPN
) {
447 BGP_TIMER_ON(peer
->t_generate_updgrp_packets
,
448 bgp_generate_updgrp_packets
, 0);
456 * Generate advertisement information (withdraws, updates, EOR) from each
457 * update group a peer belongs to, encode this information into packets, and
458 * enqueue the packets onto the peer's output buffer.
460 void bgp_generate_updgrp_packets(struct thread
*thread
)
462 struct peer
*peer
= THREAD_ARG(thread
);
466 struct bpacket
*next_pkt
;
468 uint32_t generated
= 0;
472 wpq
= atomic_load_explicit(&peer
->bgp
->wpkt_quanta
,
473 memory_order_relaxed
);
476 * The code beyond this part deals with update packets, proceed only
477 * if peer is Established and updates are not on hold (as part of
478 * update-delay processing).
480 if (!peer_established(peer
))
483 if ((peer
->bgp
->main_peers_update_hold
)
484 || bgp_update_delay_active(peer
->bgp
))
487 if (peer
->t_routeadv
)
491 enum bgp_af_index index
;
494 for (index
= BGP_AF_START
; index
< BGP_AF_MAX
; index
++) {
495 paf
= peer
->peer_af_array
[index
];
496 if (!paf
|| !PAF_SUBGRP(paf
))
501 next_pkt
= paf
->next_pkt_to_send
;
504 * Try to generate a packet for the peer if we are at
505 * the end of the list. Always try to push out
508 if (!next_pkt
|| !next_pkt
->buffer
) {
509 next_pkt
= subgroup_withdraw_packet(
511 if (!next_pkt
|| !next_pkt
->buffer
)
512 subgroup_update_packet(PAF_SUBGRP(paf
));
513 next_pkt
= paf
->next_pkt_to_send
;
517 * If we still don't have a packet to send to the peer,
518 * then try to find out out if we have to send eor or
519 * if not, skip to the next AFI, SAFI. Don't send the
520 * EOR prematurely; if the subgroup's coalesce timer is
521 * running, the adjacency-out structure is not created
524 if (!next_pkt
|| !next_pkt
->buffer
) {
525 if (!paf
->t_announce_route
) {
526 /* Make sure we supress BGP UPDATES
527 * for normal processing later again.
529 UNSET_FLAG(paf
->subgroup
->sflags
,
530 SUBGRP_STATUS_FORCE_UPDATES
);
532 /* If route-refresh BoRR message was
533 * already sent and we are done with
534 * re-announcing tables for a decent
535 * afi/safi, we ready to send
539 peer
->af_sflags
[afi
][safi
],
540 PEER_STATUS_BORR_SEND
)) {
541 bgp_route_refresh_send(
542 peer
, afi
, safi
, 0, 0,
544 BGP_ROUTE_REFRESH_EORR
);
546 SET_FLAG(peer
->af_sflags
[afi
]
548 PEER_STATUS_EORR_SEND
);
552 PEER_STATUS_BORR_SEND
);
554 if (bgp_debug_neighbor_events(
557 "%pBP sending route-refresh (EoRR) for %s/%s",
564 if (CHECK_FLAG(peer
->cap
,
565 PEER_CAP_RESTART_RCV
)) {
566 if (!(PAF_SUBGRP(paf
))->t_coalesce
567 && peer
->afc_nego
[afi
][safi
]
570 peer
->af_sflags
[afi
][safi
],
571 PEER_STATUS_EOR_SEND
)) {
572 /* If EOR is disabled,
573 * the message is not sent
575 if (BGP_SEND_EOR(peer
->bgp
, afi
,
581 PEER_STATUS_EOR_SEND
);
593 bgp_process_pending_refresh(
602 /* Update packet send time */
603 peer
->pkt_stime
[afi
][safi
] = monotime(NULL
);
605 /* Found a packet template to send, overwrite
606 * packet with appropriate attributes from peer
607 * and advance peer */
608 s
= bpacket_reformat_for_peer(next_pkt
, paf
);
609 bgp_packet_add(peer
, s
);
610 bpacket_queue_advance_peer(paf
);
612 } while (s
&& (++generated
< wpq
));
617 bgp_write_proceed_actions(peer
);
621 * Creates a BGP Keepalive packet and appends it to the peer's output queue.
623 void bgp_keepalive_send(struct peer
*peer
)
627 s
= stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE
);
629 /* Make keepalive packet. */
630 bgp_packet_set_marker(s
, BGP_MSG_KEEPALIVE
);
632 /* Set packet size. */
633 bgp_packet_set_size(s
);
635 /* Dump packet if debug option is set. */
636 /* bgp_packet_dump (s); */
638 if (bgp_debug_keepalive(peer
))
639 zlog_debug("%s sending KEEPALIVE", peer
->host
);
641 /* Add packet to the peer. */
642 bgp_packet_add(peer
, s
);
648 * Creates a BGP Open packet and appends it to the peer's output queue.
649 * Sets capabilities as necessary.
651 void bgp_open_send(struct peer
*peer
)
654 uint16_t send_holdtime
;
657 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
))
658 send_holdtime
= peer
->holdtime
;
660 send_holdtime
= peer
->bgp
->default_holdtime
;
662 /* local-as Change */
663 if (peer
->change_local_as
)
664 local_as
= peer
->change_local_as
;
666 local_as
= peer
->local_as
;
668 s
= stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE
);
670 /* Make open packet. */
671 bgp_packet_set_marker(s
, BGP_MSG_OPEN
);
673 /* Set open packet values. */
674 stream_putc(s
, BGP_VERSION_4
); /* BGP version */
675 stream_putw(s
, (local_as
<= BGP_AS_MAX
) ? (uint16_t)local_as
677 stream_putw(s
, send_holdtime
); /* Hold Time */
678 stream_put_in_addr(s
, &peer
->local_id
); /* BGP Identifier */
680 /* Set capabilities */
681 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_EXTENDED_OPT_PARAMS
)) {
682 (void)bgp_open_capability(s
, peer
, true);
684 struct stream
*tmp
= stream_new(STREAM_SIZE(s
));
687 if (bgp_open_capability(tmp
, peer
, false)
688 > BGP_OPEN_NON_EXT_OPT_LEN
) {
690 (void)bgp_open_capability(s
, peer
, true);
697 /* Set BGP packet length. */
698 bgp_packet_set_size(s
);
700 if (bgp_debug_neighbor_events(peer
))
702 "%s sending OPEN, version %d, my as %u, holdtime %d, id %pI4",
703 peer
->host
, BGP_VERSION_4
, local_as
, send_holdtime
,
706 /* Dump packet if debug option is set. */
707 /* bgp_packet_dump (s); */
708 hook_call(bgp_packet_send
, peer
, BGP_MSG_OPEN
, stream_get_endp(s
), s
);
710 /* Add packet to the peer. */
711 bgp_packet_add(peer
, s
);
717 * Writes NOTIFICATION message directly to a peer socket without waiting for
720 * There must be exactly one stream on the peer->obuf FIFO, and the data within
721 * this stream must match the format of a BGP NOTIFICATION message.
722 * Transmission is best-effort.
724 * @requires peer->io_mtx
728 static void bgp_write_notify(struct peer
*peer
)
734 /* There should be at least one packet. */
735 s
= stream_fifo_pop(peer
->obuf
);
740 assert(stream_get_endp(s
) >= BGP_HEADER_SIZE
);
743 * socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
744 * we only care about getting a clean shutdown at this point.
746 ret
= write(peer
->fd
, STREAM_DATA(s
), stream_get_endp(s
));
749 * only connection reset/close gets counted as TCP_fatal_error, failure
750 * to write the entire NOTIFY doesn't get different FSM treatment
754 BGP_EVENT_ADD(peer
, TCP_fatal_error
);
758 /* Disable Nagle, make NOTIFY packet go out right away */
760 (void)setsockopt(peer
->fd
, IPPROTO_TCP
, TCP_NODELAY
, (char *)&val
,
763 /* Retrieve BGP packet type. */
764 stream_set_getp(s
, BGP_MARKER_SIZE
+ 2);
765 type
= stream_getc(s
);
767 assert(type
== BGP_MSG_NOTIFY
);
769 /* Type should be notify. */
770 atomic_fetch_add_explicit(&peer
->notify_out
, 1, memory_order_relaxed
);
772 /* Double start timer. */
775 /* Overflow check. */
776 if (peer
->v_start
>= (60 * 2))
777 peer
->v_start
= (60 * 2);
780 * Handle Graceful Restart case where the state changes to
781 * Connect instead of Idle
783 BGP_EVENT_ADD(peer
, BGP_Stop
);
789 * Encapsulate an original BGP CEASE Notification into Hard Reset
791 static uint8_t *bgp_notify_encapsulate_hard_reset(uint8_t code
, uint8_t subcode
,
792 uint8_t *data
, size_t datalen
)
794 uint8_t *message
= XCALLOC(MTYPE_BGP_NOTIFICATION
, datalen
+ 2);
799 message
[1] = subcode
;
802 memcpy(message
+ 2, data
, datalen
);
808 * Decapsulate an original BGP CEASE Notification from Hard Reset
810 struct bgp_notify
bgp_notify_decapsulate_hard_reset(struct bgp_notify
*notify
)
812 struct bgp_notify bn
= {};
814 bn
.code
= notify
->raw_data
[0];
815 bn
.subcode
= notify
->raw_data
[1];
816 bn
.length
= notify
->length
- 2;
818 bn
.raw_data
= XMALLOC(MTYPE_BGP_NOTIFICATION
, bn
.length
);
819 memcpy(bn
.raw_data
, notify
->raw_data
+ 2, bn
.length
);
824 /* Check if Graceful-Restart N-bit is exchanged */
825 bool bgp_has_graceful_restart_notification(struct peer
*peer
)
827 return CHECK_FLAG(peer
->cap
, PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV
) &&
828 CHECK_FLAG(peer
->cap
, PEER_CAP_GRACEFUL_RESTART_N_BIT_ADV
);
832 * Check if to send BGP CEASE Notification/Hard Reset?
834 bool bgp_notify_send_hard_reset(struct peer
*peer
, uint8_t code
,
837 /* When the "N" bit has been exchanged, a Hard Reset message is used to
838 * indicate to the peer that the session is to be fully terminated.
840 if (!bgp_has_graceful_restart_notification(peer
))
844 * https://datatracker.ietf.org/doc/html/rfc8538#section-5.1
846 if (code
== BGP_NOTIFY_CEASE
) {
848 case BGP_NOTIFY_CEASE_MAX_PREFIX
:
849 case BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN
:
850 case BGP_NOTIFY_CEASE_PEER_UNCONFIG
:
851 case BGP_NOTIFY_CEASE_HARD_RESET
:
852 case BGP_NOTIFY_CEASE_BFD_DOWN
:
854 case BGP_NOTIFY_CEASE_ADMIN_RESET
:
855 /* Provide user control:
856 * `bgp hard-adminstrative-reset`
858 if (CHECK_FLAG(peer
->bgp
->flags
,
859 BGP_FLAG_HARD_ADMIN_RESET
))
872 * Check if received BGP CEASE Notification/Hard Reset?
874 bool bgp_notify_received_hard_reset(struct peer
*peer
, uint8_t code
,
877 /* When the "N" bit has been exchanged, a Hard Reset message is used to
878 * indicate to the peer that the session is to be fully terminated.
880 if (!bgp_has_graceful_restart_notification(peer
))
883 if (code
== BGP_NOTIFY_CEASE
&& subcode
== BGP_NOTIFY_CEASE_HARD_RESET
)
890 * Creates a BGP Notify and appends it to the peer's output queue.
892 * This function attempts to write the packet from the thread it is called
893 * from, to ensure the packet gets out ASAP.
895 * This function may be called from multiple threads. Since the function
896 * modifies I/O buffer(s) in the peer, these are locked for the duration of the
897 * call to prevent tampering from other threads.
899 * Delivery of the NOTIFICATION is attempted once and is best-effort. After
900 * return, the peer structure *must* be reset; no assumptions about session
904 * @param code BGP error code
905 * @param sub_code BGP error subcode
906 * @param data Data portion
907 * @param datalen length of data portion
909 static void bgp_notify_send_internal(struct peer
*peer
, uint8_t code
,
910 uint8_t sub_code
, uint8_t *data
,
911 size_t datalen
, bool use_curr
)
914 bool hard_reset
= bgp_notify_send_hard_reset(peer
, code
, sub_code
);
916 /* Lock I/O mutex to prevent other threads from pushing packets */
917 frr_mutex_lock_autounlock(&peer
->io_mtx
);
918 /* ============================================== */
920 /* Allocate new stream. */
921 s
= stream_new(peer
->max_packet_size
);
923 /* Make notify packet. */
924 bgp_packet_set_marker(s
, BGP_MSG_NOTIFY
);
926 /* Check if we should send Hard Reset Notification or not */
928 uint8_t *hard_reset_message
= bgp_notify_encapsulate_hard_reset(
929 code
, sub_code
, data
, datalen
);
931 /* Hard Reset encapsulates another NOTIFICATION message
932 * in its data portion.
934 stream_putc(s
, BGP_NOTIFY_CEASE
);
935 stream_putc(s
, BGP_NOTIFY_CEASE_HARD_RESET
);
936 stream_write(s
, hard_reset_message
, datalen
+ 2);
938 XFREE(MTYPE_BGP_NOTIFICATION
, hard_reset_message
);
940 stream_putc(s
, code
);
941 stream_putc(s
, sub_code
);
943 stream_write(s
, data
, datalen
);
946 /* Set BGP packet length. */
947 bgp_packet_set_size(s
);
949 /* wipe output buffer */
950 stream_fifo_clean(peer
->obuf
);
953 * If possible, store last packet for debugging purposes. This check is
954 * in place because we are sometimes called with a doppelganger peer,
955 * who tends to have a plethora of fields nulled out.
957 * Some callers should not attempt this - the io pthread for example
958 * should not touch internals of the peer struct.
960 if (use_curr
&& peer
->curr
) {
961 size_t packetsize
= stream_get_endp(peer
->curr
);
962 assert(packetsize
<= peer
->max_packet_size
);
963 memcpy(peer
->last_reset_cause
, peer
->curr
->data
, packetsize
);
964 peer
->last_reset_cause_size
= packetsize
;
969 struct bgp_notify bgp_notify
;
974 bgp_notify
.code
= code
;
975 bgp_notify
.subcode
= sub_code
;
976 bgp_notify
.data
= NULL
;
977 bgp_notify
.length
= datalen
;
978 bgp_notify
.raw_data
= data
;
980 peer
->notify
.code
= bgp_notify
.code
;
981 peer
->notify
.subcode
= bgp_notify
.subcode
;
982 peer
->notify
.length
= bgp_notify
.length
;
984 if (bgp_notify
.length
&& data
) {
985 bgp_notify
.data
= XMALLOC(MTYPE_BGP_NOTIFICATION
,
986 bgp_notify
.length
* 3);
987 for (i
= 0; i
< bgp_notify
.length
; i
++)
989 snprintf(c
, sizeof(c
), " %02x",
992 strlcat(bgp_notify
.data
, c
,
997 snprintf(c
, sizeof(c
), "%02x", data
[i
]);
999 strlcpy(bgp_notify
.data
, c
,
1003 bgp_notify_print(peer
, &bgp_notify
, "sending", hard_reset
);
1005 if (bgp_notify
.data
) {
1007 XFREE(MTYPE_BGP_NOTIFICATION
,
1009 peer
->notify
.data
= XCALLOC(
1010 MTYPE_BGP_NOTIFICATION
, datalen
);
1011 memcpy(peer
->notify
.data
, data
, datalen
);
1014 XFREE(MTYPE_BGP_NOTIFICATION
, bgp_notify
.data
);
1015 bgp_notify
.length
= 0;
1019 /* peer reset cause */
1020 if (code
== BGP_NOTIFY_CEASE
) {
1021 if (sub_code
== BGP_NOTIFY_CEASE_ADMIN_RESET
)
1022 peer
->last_reset
= PEER_DOWN_USER_RESET
;
1023 else if (sub_code
== BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN
) {
1024 if (CHECK_FLAG(peer
->sflags
, PEER_STATUS_RTT_SHUTDOWN
))
1025 peer
->last_reset
= PEER_DOWN_RTT_SHUTDOWN
;
1027 peer
->last_reset
= PEER_DOWN_USER_SHUTDOWN
;
1029 peer
->last_reset
= PEER_DOWN_NOTIFY_SEND
;
1031 peer
->last_reset
= PEER_DOWN_NOTIFY_SEND
;
1033 /* Add packet to peer's output queue */
1034 stream_fifo_push(peer
->obuf
, s
);
1036 bgp_peer_gr_flags_update(peer
);
1037 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer
->bgp
,
1040 bgp_write_notify(peer
);
1044 * Creates a BGP Notify and appends it to the peer's output queue.
1046 * This function attempts to write the packet from the thread it is called
1047 * from, to ensure the packet gets out ASAP.
1050 * @param code BGP error code
1051 * @param sub_code BGP error subcode
1053 void bgp_notify_send(struct peer
*peer
, uint8_t code
, uint8_t sub_code
)
1055 bgp_notify_send_internal(peer
, code
, sub_code
, NULL
, 0, true);
1059 * Enqueue notification; called from the main pthread, peer object access is ok.
1061 void bgp_notify_send_with_data(struct peer
*peer
, uint8_t code
,
1062 uint8_t sub_code
, uint8_t *data
, size_t datalen
)
1064 bgp_notify_send_internal(peer
, code
, sub_code
, data
, datalen
, true);
1068 * For use by the io pthread, queueing a notification but avoiding access to
1071 void bgp_notify_io_invalid(struct peer
*peer
, uint8_t code
, uint8_t sub_code
,
1072 uint8_t *data
, size_t datalen
)
1074 /* Avoid touching the peer object */
1075 bgp_notify_send_internal(peer
, code
, sub_code
, data
, datalen
, false);
1079 * Creates BGP Route Refresh packet and appends it to the peer's output queue.
1082 * @param afi Address Family Identifier
1083 * @param safi Subsequent Address Family Identifier
1084 * @param orf_type Outbound Route Filtering type
1085 * @param when_to_refresh Whether to refresh immediately or defer
1086 * @param remove Whether to remove ORF for specified AFI/SAFI
1088 void bgp_route_refresh_send(struct peer
*peer
, afi_t afi
, safi_t safi
,
1089 uint8_t orf_type
, uint8_t when_to_refresh
,
1090 int remove
, uint8_t subtype
)
1093 struct bgp_filter
*filter
;
1094 int orf_refresh
= 0;
1095 iana_afi_t pkt_afi
= IANA_AFI_IPV4
;
1096 iana_safi_t pkt_safi
= IANA_SAFI_UNICAST
;
1098 if (DISABLE_BGP_ANNOUNCE
)
1101 filter
= &peer
->filter
[afi
][safi
];
1103 /* Convert AFI, SAFI to values for packet. */
1104 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
1106 s
= stream_new(peer
->max_packet_size
);
1108 /* Make BGP update packet. */
1109 if (CHECK_FLAG(peer
->cap
, PEER_CAP_REFRESH_NEW_RCV
))
1110 bgp_packet_set_marker(s
, BGP_MSG_ROUTE_REFRESH_NEW
);
1112 bgp_packet_set_marker(s
, BGP_MSG_ROUTE_REFRESH_OLD
);
1114 /* Encode Route Refresh message. */
1115 stream_putw(s
, pkt_afi
);
1117 stream_putc(s
, subtype
);
1120 stream_putc(s
, pkt_safi
);
1122 if (orf_type
== ORF_TYPE_PREFIX
|| orf_type
== ORF_TYPE_PREFIX_OLD
)
1123 if (remove
|| filter
->plist
[FILTER_IN
].plist
) {
1128 stream_putc(s
, when_to_refresh
);
1129 stream_putc(s
, orf_type
);
1130 orfp
= stream_get_endp(s
);
1134 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
1135 PEER_STATUS_ORF_PREFIX_SEND
);
1136 stream_putc(s
, ORF_COMMON_PART_REMOVE_ALL
);
1137 if (bgp_debug_neighbor_events(peer
))
1139 "%pBP sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
1145 iana_afi2str(pkt_afi
),
1146 iana_safi2str(pkt_safi
));
1148 SET_FLAG(peer
->af_sflags
[afi
][safi
],
1149 PEER_STATUS_ORF_PREFIX_SEND
);
1150 prefix_bgp_orf_entry(
1151 s
, filter
->plist
[FILTER_IN
].plist
,
1152 ORF_COMMON_PART_ADD
,
1153 ORF_COMMON_PART_PERMIT
,
1154 ORF_COMMON_PART_DENY
);
1155 if (bgp_debug_neighbor_events(peer
))
1157 "%pBP sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
1163 iana_afi2str(pkt_afi
),
1164 iana_safi2str(pkt_safi
));
1167 /* Total ORF Entry Len. */
1168 orf_len
= stream_get_endp(s
) - orfp
- 2;
1169 stream_putw_at(s
, orfp
, orf_len
);
1172 /* Set packet size. */
1173 bgp_packet_set_size(s
);
1175 if (bgp_debug_neighbor_events(peer
)) {
1178 "%pBP sending REFRESH_REQ for afi/safi: %s/%s",
1179 peer
, iana_afi2str(pkt_afi
),
1180 iana_safi2str(pkt_safi
));
1183 /* Add packet to the peer. */
1184 bgp_packet_add(peer
, s
);
1186 bgp_writes_on(peer
);
1190 * Create a BGP Capability packet and append it to the peer's output queue.
1193 * @param afi Address Family Identifier
1194 * @param safi Subsequent Address Family Identifier
1195 * @param capability_code BGP Capability Code
1196 * @param action Set or Remove capability
1198 void bgp_capability_send(struct peer
*peer
, afi_t afi
, safi_t safi
,
1199 int capability_code
, int action
)
1202 iana_afi_t pkt_afi
= IANA_AFI_IPV4
;
1203 iana_safi_t pkt_safi
= IANA_SAFI_UNICAST
;
1205 /* Convert AFI, SAFI to values for packet. */
1206 bgp_map_afi_safi_int2iana(afi
, safi
, &pkt_afi
, &pkt_safi
);
1208 s
= stream_new(peer
->max_packet_size
);
1210 /* Make BGP update packet. */
1211 bgp_packet_set_marker(s
, BGP_MSG_CAPABILITY
);
1213 /* Encode MP_EXT capability. */
1214 if (capability_code
== CAPABILITY_CODE_MP
) {
1215 stream_putc(s
, action
);
1216 stream_putc(s
, CAPABILITY_CODE_MP
);
1217 stream_putc(s
, CAPABILITY_CODE_MP_LEN
);
1218 stream_putw(s
, pkt_afi
);
1220 stream_putc(s
, pkt_safi
);
1222 if (bgp_debug_neighbor_events(peer
))
1224 "%pBP sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
1226 action
== CAPABILITY_ACTION_SET
? "Advertising"
1228 iana_afi2str(pkt_afi
), iana_safi2str(pkt_safi
));
1231 /* Set packet size. */
1232 bgp_packet_set_size(s
);
1234 /* Add packet to the peer. */
1235 bgp_packet_add(peer
, s
);
1237 bgp_writes_on(peer
);
1240 /* RFC1771 6.8 Connection collision detection. */
1241 static int bgp_collision_detect(struct peer
*new, struct in_addr remote_id
)
1246 * Upon receipt of an OPEN message, the local system must examine
1247 * all of its connections that are in the OpenConfirm state. A BGP
1248 * speaker may also examine connections in an OpenSent state if it
1249 * knows the BGP Identifier of the peer by means outside of the
1250 * protocol. If among these connections there is a connection to a
1251 * remote BGP speaker whose BGP Identifier equals the one in the
1252 * OPEN message, then the local system performs the following
1253 * collision resolution procedure:
1255 peer
= new->doppelganger
;
1260 * Do not accept the new connection in Established or Clearing
1261 * states. Note that a peer GR is handled by closing the existing
1262 * connection upon receipt of new one.
1264 if (peer_established(peer
) || peer
->status
== Clearing
) {
1265 bgp_notify_send(new, BGP_NOTIFY_CEASE
,
1266 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1270 if ((peer
->status
!= OpenConfirm
) && (peer
->status
!= OpenSent
))
1274 * 1. The BGP Identifier of the local system is
1275 * compared to the BGP Identifier of the remote
1276 * system (as specified in the OPEN message).
1278 * If the BGP Identifiers of the peers
1279 * involved in the connection collision
1280 * are identical, then the connection
1281 * initiated by the BGP speaker with the
1282 * larger AS number is preserved.
1284 if (ntohl(peer
->local_id
.s_addr
) < ntohl(remote_id
.s_addr
)
1285 || (ntohl(peer
->local_id
.s_addr
) == ntohl(remote_id
.s_addr
)
1286 && peer
->local_as
< peer
->as
))
1287 if (!CHECK_FLAG(peer
->sflags
, PEER_STATUS_ACCEPT_PEER
)) {
1289 * 2. If the value of the local BGP
1290 * Identifier is less than the remote one,
1291 * the local system closes BGP connection
1292 * that already exists (the one that is
1293 * already in the OpenConfirm state),
1294 * and accepts BGP connection initiated by
1295 * the remote system.
1297 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
1298 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1301 bgp_notify_send(new, BGP_NOTIFY_CEASE
,
1302 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1306 if (ntohl(peer
->local_id
.s_addr
) == ntohl(remote_id
.s_addr
)
1307 && peer
->local_as
== peer
->as
)
1308 flog_err(EC_BGP_ROUTER_ID_SAME
,
1309 "Peer's router-id %pI4 is the same as ours",
1313 * 3. Otherwise, the local system closes newly
1314 * created BGP connection (the one associated with the
1315 * newly received OPEN message), and continues to use
1316 * the existing one (the one that is already in the
1317 * OpenConfirm state).
1319 if (CHECK_FLAG(peer
->sflags
, PEER_STATUS_ACCEPT_PEER
)) {
1320 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
1321 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1324 bgp_notify_send(new, BGP_NOTIFY_CEASE
,
1325 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION
);
1331 /* Packet processing routines ---------------------------------------------- */
1333 * This is a family of functions designed to be called from
1334 * bgp_process_packet(). These functions all share similar behavior and should
1335 * adhere to the following invariants and restrictions:
1339 * The return code of any one of those functions should be one of the FSM event
1340 * codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
1341 * BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
1342 * packet type. For example, bgp_open_receive() should return BGP_Stop upon
1343 * error and Receive_OPEN_message otherwise.
1345 * If no action is necessary, the correct return code is BGP_PACKET_NOOP as
1350 * - May send NOTIFY messages
1351 * - May not modify peer->status
1352 * - May not call bgp_event_update()
1355 #define BGP_PACKET_NOOP 0
1358 * Process BGP OPEN message for peer.
1360 * If any errors are encountered in the OPEN message, immediately sends NOTIFY
1361 * and returns BGP_Stop.
1364 * @param size size of the packet
1365 * @return as in summary
1367 static int bgp_open_receive(struct peer
*peer
, bgp_size_t size
)
1373 uint16_t send_holdtime
;
1375 as_t as4
= 0, as4_be
;
1376 struct in_addr remote_id
;
1378 uint8_t notify_data_remote_as
[2];
1379 uint8_t notify_data_remote_as4
[4];
1380 uint8_t notify_data_remote_id
[4];
1381 uint16_t *holdtime_ptr
;
1383 /* Parse open packet. */
1384 version
= stream_getc(peer
->curr
);
1385 memcpy(notify_data_remote_as
, stream_pnt(peer
->curr
), 2);
1386 remote_as
= stream_getw(peer
->curr
);
1387 holdtime_ptr
= (uint16_t *)stream_pnt(peer
->curr
);
1388 holdtime
= stream_getw(peer
->curr
);
1389 memcpy(notify_data_remote_id
, stream_pnt(peer
->curr
), 4);
1390 remote_id
.s_addr
= stream_get_ipv4(peer
->curr
);
1392 /* BEGIN to read the capability here, but dont do it yet */
1394 optlen
= stream_getc(peer
->curr
);
1396 /* Extended Optional Parameters Length for BGP OPEN Message */
1397 if (optlen
== BGP_OPEN_NON_EXT_OPT_LEN
1398 || CHECK_FLAG(peer
->flags
, PEER_FLAG_EXTENDED_OPT_PARAMS
)) {
1401 if (STREAM_READABLE(peer
->curr
) < 1) {
1404 "%s: stream does not have enough bytes for extended optional parameters",
1406 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1407 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1411 opttype
= stream_getc(peer
->curr
);
1412 if (opttype
== BGP_OPEN_NON_EXT_OPT_TYPE_EXTENDED_LENGTH
) {
1413 if (STREAM_READABLE(peer
->curr
) < 2) {
1416 "%s: stream does not have enough bytes to read the extended optional parameters optlen",
1418 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1419 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1422 optlen
= stream_getw(peer
->curr
);
1423 SET_FLAG(peer
->sflags
,
1424 PEER_STATUS_EXT_OPT_PARAMS_LENGTH
);
1428 /* Receive OPEN message log */
1429 if (bgp_debug_neighbor_events(peer
))
1431 "%s rcv OPEN%s, version %d, remote-as (in open) %u, holdtime %d, id %pI4",
1433 CHECK_FLAG(peer
->sflags
,
1434 PEER_STATUS_EXT_OPT_PARAMS_LENGTH
)
1437 version
, remote_as
, holdtime
, &remote_id
);
1440 /* If not enough bytes, it is an error. */
1441 if (STREAM_READABLE(peer
->curr
) < optlen
) {
1442 flog_err(EC_BGP_PKT_OPEN
,
1443 "%s: stream has not enough bytes (%u)",
1444 peer
->host
, optlen
);
1445 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1446 BGP_NOTIFY_OPEN_MALFORMED_ATTR
);
1450 /* We need the as4 capability value *right now* because
1451 * if it is there, we have not got the remote_as yet, and
1453 * that we do not know which peer is connecting to us now.
1455 as4
= peek_for_as4_capability(peer
, optlen
);
1458 as4_be
= htonl(as4
);
1459 memcpy(notify_data_remote_as4
, &as4_be
, 4);
1461 /* Just in case we have a silly peer who sends AS4 capability set to 0
1463 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
) && !as4
) {
1464 flog_err(EC_BGP_PKT_OPEN
,
1465 "%s bad OPEN, got AS4 capability, but AS4 set to 0",
1467 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1468 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1469 notify_data_remote_as4
, 4);
1473 /* Codification of AS 0 Processing */
1474 if (remote_as
== BGP_AS_ZERO
) {
1475 flog_err(EC_BGP_PKT_OPEN
, "%s bad OPEN, got AS set to 0",
1477 bgp_notify_send(peer
, BGP_NOTIFY_OPEN_ERR
,
1478 BGP_NOTIFY_OPEN_BAD_PEER_AS
);
1482 if (remote_as
== BGP_AS_TRANS
) {
1483 /* Take the AS4 from the capability. We must have received the
1484 * capability now! Otherwise we have a asn16 peer who uses
1485 * BGP_AS_TRANS, for some unknown reason.
1487 if (as4
== BGP_AS_TRANS
) {
1490 "%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
1492 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1493 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1494 notify_data_remote_as4
, 4);
1498 if (!as4
&& BGP_DEBUG(as4
, AS4
))
1500 "%s [AS4] OPEN remote_as is AS_TRANS, but no AS4. Odd, but proceeding.",
1502 else if (as4
< BGP_AS_MAX
&& BGP_DEBUG(as4
, AS4
))
1504 "%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits in 2-bytes, very odd peer.",
1509 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX
1511 /* If we have got the capability, peer->as4cap must match
1513 if (CHECK_FLAG(peer
->cap
, PEER_CAP_AS4_RCV
)
1514 && as4
!= remote_as
) {
1515 /* raise error, log this, close session */
1518 "%s bad OPEN, got AS4 capability, but remote_as %u mismatch with 16bit 'myasn' %u in open",
1519 peer
->host
, as4
, remote_as
);
1520 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1521 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1522 notify_data_remote_as4
, 4);
1528 * If the BGP Identifier field of the OPEN message
1529 * is zero, or if it is the same as the BGP Identifier
1530 * of the local BGP speaker and the message is from an
1531 * internal peer, then the Error Subcode is set to
1532 * "Bad BGP Identifier".
1534 if (remote_id
.s_addr
== INADDR_ANY
1535 || (peer
->sort
== BGP_PEER_IBGP
1536 && ntohl(peer
->local_id
.s_addr
) == ntohl(remote_id
.s_addr
))) {
1537 if (bgp_debug_neighbor_events(peer
))
1538 zlog_debug("%s bad OPEN, wrong router identifier %pI4",
1539 peer
->host
, &remote_id
);
1540 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1541 BGP_NOTIFY_OPEN_BAD_BGP_IDENT
,
1542 notify_data_remote_id
, 4);
1546 /* Peer BGP version check. */
1547 if (version
!= BGP_VERSION_4
) {
1548 uint16_t maxver
= htons(BGP_VERSION_4
);
1549 /* XXX this reply may not be correct if version < 4 XXX */
1550 if (bgp_debug_neighbor_events(peer
))
1552 "%s bad protocol version, remote requested %d, local request %d",
1553 peer
->host
, version
, BGP_VERSION_4
);
1554 /* Data must be in network byte order here */
1555 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1556 BGP_NOTIFY_OPEN_UNSUP_VERSION
,
1557 (uint8_t *)&maxver
, 2);
1561 /* Check neighbor as number. */
1562 if (peer
->as_type
== AS_UNSPECIFIED
) {
1563 if (bgp_debug_neighbor_events(peer
))
1565 "%s bad OPEN, remote AS is unspecified currently",
1567 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1568 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1569 notify_data_remote_as
, 2);
1571 } else if (peer
->as_type
== AS_INTERNAL
) {
1572 if (remote_as
!= peer
->bgp
->as
) {
1573 if (bgp_debug_neighbor_events(peer
))
1575 "%s bad OPEN, remote AS is %u, internal specified",
1576 peer
->host
, remote_as
);
1577 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1578 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1579 notify_data_remote_as
, 2);
1582 peer
->as
= peer
->local_as
;
1583 } else if (peer
->as_type
== AS_EXTERNAL
) {
1584 if (remote_as
== peer
->bgp
->as
) {
1585 if (bgp_debug_neighbor_events(peer
))
1587 "%s bad OPEN, remote AS is %u, external specified",
1588 peer
->host
, remote_as
);
1589 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1590 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1591 notify_data_remote_as
, 2);
1594 peer
->as
= remote_as
;
1595 } else if ((peer
->as_type
== AS_SPECIFIED
) && (remote_as
!= peer
->as
)) {
1596 if (bgp_debug_neighbor_events(peer
))
1597 zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
1598 peer
->host
, remote_as
, peer
->as
);
1599 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1600 BGP_NOTIFY_OPEN_BAD_PEER_AS
,
1601 notify_data_remote_as
, 2);
1606 * When collision is detected and this peer is closed.
1607 * Return immediately.
1609 ret
= bgp_collision_detect(peer
, remote_id
);
1614 if (bgp_getsockname(peer
) < 0) {
1615 flog_err_sys(EC_LIB_SOCKET
,
1616 "%s: bgp_getsockname() failed for peer: %s",
1617 __func__
, peer
->host
);
1621 /* Set remote router-id */
1622 peer
->remote_id
= remote_id
;
1624 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1625 calculate the value of the Hold Timer by using the smaller of its
1626 configured Hold Time and the Hold Time received in the OPEN message.
1627 The Hold Time MUST be either zero or at least three seconds. An
1628 implementation may reject connections on the basis of the Hold Time.
1631 if (holdtime
< 3 && holdtime
!= 0) {
1632 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1633 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME
,
1634 (uint8_t *)holdtime_ptr
, 2);
1638 /* Send notification message when Hold Time received in the OPEN message
1639 * is smaller than configured minimum Hold Time. */
1640 if (holdtime
< peer
->bgp
->default_min_holdtime
1641 && peer
->bgp
->default_min_holdtime
!= 0) {
1642 bgp_notify_send_with_data(peer
, BGP_NOTIFY_OPEN_ERR
,
1643 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME
,
1644 (uint8_t *)holdtime_ptr
, 2);
1648 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1649 would be one third of the Hold Time interval. KEEPALIVE messages
1650 MUST NOT be sent more frequently than one per second. An
1651 implementation MAY adjust the rate at which it sends KEEPALIVE
1652 messages as a function of the Hold Time interval. */
1654 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
))
1655 send_holdtime
= peer
->holdtime
;
1657 send_holdtime
= peer
->bgp
->default_holdtime
;
1659 if (holdtime
< send_holdtime
)
1660 peer
->v_holdtime
= holdtime
;
1662 peer
->v_holdtime
= send_holdtime
;
1664 /* Set effective keepalive to 1/3 the effective holdtime.
1665 * Use configured keeplive when < effective keepalive.
1667 peer
->v_keepalive
= peer
->v_holdtime
/ 3;
1668 if (CHECK_FLAG(peer
->flags
, PEER_FLAG_TIMER
)) {
1669 if (peer
->keepalive
&& peer
->keepalive
< peer
->v_keepalive
)
1670 peer
->v_keepalive
= peer
->keepalive
;
1672 if (peer
->bgp
->default_keepalive
1673 && peer
->bgp
->default_keepalive
< peer
->v_keepalive
)
1674 peer
->v_keepalive
= peer
->bgp
->default_keepalive
;
1677 /* Open option part parse. */
1679 if (bgp_open_option_parse(peer
, optlen
, &mp_capability
) < 0)
1682 if (bgp_debug_neighbor_events(peer
))
1683 zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
1688 * Assume that the peer supports the locally configured set of
1689 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1690 * capabilities, or if 'override-capability' is configured.
1693 || CHECK_FLAG(peer
->flags
, PEER_FLAG_OVERRIDE_CAPABILITY
)) {
1694 peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
] =
1695 peer
->afc
[AFI_IP
][SAFI_UNICAST
];
1696 peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
] =
1697 peer
->afc
[AFI_IP
][SAFI_MULTICAST
];
1698 peer
->afc_nego
[AFI_IP
][SAFI_LABELED_UNICAST
] =
1699 peer
->afc
[AFI_IP
][SAFI_LABELED_UNICAST
];
1700 peer
->afc_nego
[AFI_IP
][SAFI_FLOWSPEC
] =
1701 peer
->afc
[AFI_IP
][SAFI_FLOWSPEC
];
1702 peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
] =
1703 peer
->afc
[AFI_IP6
][SAFI_UNICAST
];
1704 peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
] =
1705 peer
->afc
[AFI_IP6
][SAFI_MULTICAST
];
1706 peer
->afc_nego
[AFI_IP6
][SAFI_LABELED_UNICAST
] =
1707 peer
->afc
[AFI_IP6
][SAFI_LABELED_UNICAST
];
1708 peer
->afc_nego
[AFI_L2VPN
][SAFI_EVPN
] =
1709 peer
->afc
[AFI_L2VPN
][SAFI_EVPN
];
1710 peer
->afc_nego
[AFI_IP6
][SAFI_FLOWSPEC
] =
1711 peer
->afc
[AFI_IP6
][SAFI_FLOWSPEC
];
1714 /* Verify valid local address present based on negotiated
1715 * address-families. */
1716 if (peer
->afc_nego
[AFI_IP
][SAFI_UNICAST
]
1717 || peer
->afc_nego
[AFI_IP
][SAFI_LABELED_UNICAST
]
1718 || peer
->afc_nego
[AFI_IP
][SAFI_MULTICAST
]
1719 || peer
->afc_nego
[AFI_IP
][SAFI_MPLS_VPN
]
1720 || peer
->afc_nego
[AFI_IP
][SAFI_ENCAP
]) {
1721 if (peer
->nexthop
.v4
.s_addr
== INADDR_ANY
) {
1722 #if defined(HAVE_CUMULUS)
1723 zlog_warn("%s: No local IPv4 addr, BGP routing may not work",
1728 if (peer
->afc_nego
[AFI_IP6
][SAFI_UNICAST
]
1729 || peer
->afc_nego
[AFI_IP6
][SAFI_LABELED_UNICAST
]
1730 || peer
->afc_nego
[AFI_IP6
][SAFI_MULTICAST
]
1731 || peer
->afc_nego
[AFI_IP6
][SAFI_MPLS_VPN
]
1732 || peer
->afc_nego
[AFI_IP6
][SAFI_ENCAP
]) {
1733 if (IN6_IS_ADDR_UNSPECIFIED(&peer
->nexthop
.v6_global
)) {
1734 #if defined(HAVE_CUMULUS)
1735 zlog_warn("%s: No local IPv6 address, BGP routing may not work",
1740 peer
->rtt
= sockopt_tcp_rtt(peer
->fd
);
1742 return Receive_OPEN_message
;
1746 * Process BGP KEEPALIVE message for peer.
1749 * @param size size of the packet
1750 * @return as in summary
1752 static int bgp_keepalive_receive(struct peer
*peer
, bgp_size_t size
)
1754 if (bgp_debug_keepalive(peer
))
1755 zlog_debug("%s KEEPALIVE rcvd", peer
->host
);
1757 bgp_update_implicit_eors(peer
);
1759 peer
->rtt
= sockopt_tcp_rtt(peer
->fd
);
1761 /* If the peer's RTT is higher than expected, shutdown
1762 * the peer automatically.
1764 if (!CHECK_FLAG(peer
->flags
, PEER_FLAG_RTT_SHUTDOWN
))
1765 return Receive_KEEPALIVE_message
;
1767 if (peer
->rtt
> peer
->rtt_expected
) {
1768 peer
->rtt_keepalive_rcv
++;
1770 if (peer
->rtt_keepalive_rcv
> peer
->rtt_keepalive_conf
) {
1771 char rtt_shutdown_reason
[BUFSIZ
] = {};
1774 rtt_shutdown_reason
,
1775 sizeof(rtt_shutdown_reason
),
1776 "shutdown due to high round-trip-time (%dms > %dms, hit %u times)",
1777 peer
->rtt
, peer
->rtt_expected
,
1778 peer
->rtt_keepalive_rcv
);
1779 zlog_warn("%s %s", peer
->host
, rtt_shutdown_reason
);
1780 SET_FLAG(peer
->sflags
, PEER_STATUS_RTT_SHUTDOWN
);
1781 peer_tx_shutdown_message_set(peer
, rtt_shutdown_reason
);
1782 peer_flag_set(peer
, PEER_FLAG_SHUTDOWN
);
1785 if (peer
->rtt_keepalive_rcv
)
1786 peer
->rtt_keepalive_rcv
--;
1789 return Receive_KEEPALIVE_message
;
1792 static void bgp_refresh_stalepath_timer_expire(struct thread
*thread
)
1794 struct peer_af
*paf
;
1796 paf
= THREAD_ARG(thread
);
1798 afi_t afi
= paf
->afi
;
1799 safi_t safi
= paf
->safi
;
1800 struct peer
*peer
= paf
->peer
;
1802 peer
->t_refresh_stalepath
= NULL
;
1804 if (peer
->nsf
[afi
][safi
])
1805 bgp_clear_stale_route(peer
, afi
, safi
);
1807 if (bgp_debug_neighbor_events(peer
))
1809 "%pBP route-refresh (BoRR) timer expired for afi/safi: %d/%d",
1812 bgp_timer_set(peer
);
1816 * Process BGP UPDATE message for peer.
1818 * Parses UPDATE and creates attribute object.
1821 * @param size size of the packet
1822 * @return as in summary
1824 static int bgp_update_receive(struct peer
*peer
, bgp_size_t size
)
1830 bgp_size_t attribute_len
;
1831 bgp_size_t update_len
;
1832 bgp_size_t withdraw_len
;
1833 bool restart
= false;
1842 struct bgp_nlri nlris
[NLRI_TYPE_MAX
];
1844 /* Status must be Established. */
1845 if (!peer_established(peer
)) {
1846 flog_err(EC_BGP_INVALID_STATUS
,
1847 "%s [FSM] Update packet received under status %s",
1849 lookup_msg(bgp_status_msg
, peer
->status
, NULL
));
1850 bgp_notify_send(peer
, BGP_NOTIFY_FSM_ERR
,
1851 bgp_fsm_error_subcode(peer
->status
));
1855 /* Set initial values. */
1856 memset(&attr
, 0, sizeof(attr
));
1857 attr
.label_index
= BGP_INVALID_LABEL_INDEX
;
1858 attr
.label
= MPLS_INVALID_LABEL
;
1859 memset(&nlris
, 0, sizeof(nlris
));
1860 memset(peer
->rcvd_attr_str
, 0, BUFSIZ
);
1861 peer
->rcvd_attr_printed
= 0;
1864 end
= stream_pnt(s
) + size
;
1866 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1867 Length is too large (i.e., if Unfeasible Routes Length + Total
1868 Attribute Length + 23 exceeds the message Length), then the Error
1869 Subcode is set to Malformed Attribute List. */
1870 if (stream_pnt(s
) + 2 > end
) {
1871 flog_err(EC_BGP_UPDATE_RCV
,
1872 "%s [Error] Update packet error (packet length is short for unfeasible length)",
1874 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1875 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1879 /* Unfeasible Route Length. */
1880 withdraw_len
= stream_getw(s
);
1882 /* Unfeasible Route Length check. */
1883 if (stream_pnt(s
) + withdraw_len
> end
) {
1884 flog_err(EC_BGP_UPDATE_RCV
,
1885 "%s [Error] Update packet error (packet unfeasible length overflow %d)",
1886 peer
->host
, withdraw_len
);
1887 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1888 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1892 /* Unfeasible Route packet format check. */
1893 if (withdraw_len
> 0) {
1894 nlris
[NLRI_WITHDRAW
].afi
= AFI_IP
;
1895 nlris
[NLRI_WITHDRAW
].safi
= SAFI_UNICAST
;
1896 nlris
[NLRI_WITHDRAW
].nlri
= stream_pnt(s
);
1897 nlris
[NLRI_WITHDRAW
].length
= withdraw_len
;
1898 stream_forward_getp(s
, withdraw_len
);
1901 /* Attribute total length check. */
1902 if (stream_pnt(s
) + 2 > end
) {
1904 EC_BGP_UPDATE_PACKET_SHORT
,
1905 "%s [Error] Packet Error (update packet is short for attribute length)",
1907 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1908 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1912 /* Fetch attribute total length. */
1913 attribute_len
= stream_getw(s
);
1915 /* Attribute length check. */
1916 if (stream_pnt(s
) + attribute_len
> end
) {
1918 EC_BGP_UPDATE_PACKET_LONG
,
1919 "%s [Error] Packet Error (update packet attribute length overflow %d)",
1920 peer
->host
, attribute_len
);
1921 bgp_notify_send(peer
, BGP_NOTIFY_UPDATE_ERR
,
1922 BGP_NOTIFY_UPDATE_MAL_ATTR
);
1926 /* Certain attribute parsing errors should not be considered bad enough
1927 * to reset the session for, most particularly any partial/optional
1928 * attributes that have 'tunneled' over speakers that don't understand
1929 * them. Instead we withdraw only the prefix concerned.
1931 * Complicates the flow a little though..
1933 enum bgp_attr_parse_ret attr_parse_ret
= BGP_ATTR_PARSE_PROCEED
;
1934 /* This define morphs the update case into a withdraw when lower levels
1935 * have signalled an error condition where this is best.
1937 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1939 /* Parse attribute when it exists. */
1940 if (attribute_len
) {
1941 attr_parse_ret
= bgp_attr_parse(peer
, &attr
, attribute_len
,
1942 &nlris
[NLRI_MP_UPDATE
],
1943 &nlris
[NLRI_MP_WITHDRAW
]);
1944 if (attr_parse_ret
== BGP_ATTR_PARSE_ERROR
) {
1945 bgp_attr_unintern_sub(&attr
);
1950 /* Logging the attribute. */
1951 if (attr_parse_ret
== BGP_ATTR_PARSE_WITHDRAW
1952 || BGP_DEBUG(update
, UPDATE_IN
)
1953 || BGP_DEBUG(update
, UPDATE_PREFIX
)) {
1954 ret
= bgp_dump_attr(&attr
, peer
->rcvd_attr_str
,
1955 sizeof(peer
->rcvd_attr_str
));
1957 peer
->stat_upd_7606
++;
1959 if (attr_parse_ret
== BGP_ATTR_PARSE_WITHDRAW
)
1962 "%pBP rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1965 if (ret
&& bgp_debug_update(peer
, NULL
, NULL
, 1)) {
1966 zlog_debug("%pBP rcvd UPDATE w/ attr: %s", peer
,
1967 peer
->rcvd_attr_str
);
1968 peer
->rcvd_attr_printed
= 1;
1972 /* Network Layer Reachability Information. */
1973 update_len
= end
- stream_pnt(s
);
1976 /* Set NLRI portion to structure. */
1977 nlris
[NLRI_UPDATE
].afi
= AFI_IP
;
1978 nlris
[NLRI_UPDATE
].safi
= SAFI_UNICAST
;
1979 nlris
[NLRI_UPDATE
].nlri
= stream_pnt(s
);
1980 nlris
[NLRI_UPDATE
].length
= update_len
;
1981 stream_forward_getp(s
, update_len
);
1983 if (CHECK_FLAG(attr
.flag
, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI
))) {
1985 * We skipped nexthop attribute validation earlier so
1986 * validate the nexthop now.
1988 if (bgp_attr_nexthop_valid(peer
, &attr
) < 0) {
1989 bgp_attr_unintern_sub(&attr
);
1995 if (BGP_DEBUG(update
, UPDATE_IN
))
1996 zlog_debug("%pBP rcvd UPDATE wlen %d attrlen %d alen %d", peer
,
1997 withdraw_len
, attribute_len
, update_len
);
1999 /* Parse any given NLRIs */
2000 for (int i
= NLRI_UPDATE
; i
< NLRI_TYPE_MAX
; i
++) {
2004 /* NLRI is processed iff the peer if configured for the specific
2006 if (!peer
->afc
[nlris
[i
].afi
][nlris
[i
].safi
]) {
2008 "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
2009 peer
->host
, nlris
[i
].afi
, nlris
[i
].safi
);
2013 /* EoR handled later */
2014 if (nlris
[i
].length
== 0)
2019 case NLRI_MP_UPDATE
:
2020 nlri_ret
= bgp_nlri_parse(peer
, NLRI_ATTR_ARG
,
2024 case NLRI_MP_WITHDRAW
:
2025 nlri_ret
= bgp_nlri_parse(peer
, &attr
, &nlris
[i
], 1);
2028 nlri_ret
= BGP_NLRI_PARSE_ERROR
;
2031 if (nlri_ret
< BGP_NLRI_PARSE_OK
2032 && nlri_ret
!= BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW
) {
2033 flog_err(EC_BGP_UPDATE_RCV
,
2034 "%s [Error] Error parsing NLRI", peer
->host
);
2035 if (peer_established(peer
))
2037 peer
, BGP_NOTIFY_UPDATE_ERR
,
2039 ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
2040 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR
);
2041 bgp_attr_unintern_sub(&attr
);
2048 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
2049 * and MP EoR should have only an empty MP_UNREACH
2051 if ((!update_len
&& !withdraw_len
&& nlris
[NLRI_MP_UPDATE
].length
== 0)
2052 || (attr_parse_ret
== BGP_ATTR_PARSE_EOR
)) {
2055 struct graceful_restart_info
*gr_info
;
2057 /* Restarting router */
2058 if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer
)
2059 && BGP_PEER_RESTARTING_MODE(peer
))
2062 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
2064 * update and withdraw NLRI lengths are 0.
2066 if (!attribute_len
) {
2068 safi
= SAFI_UNICAST
;
2069 } else if (attr
.flag
& ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI
)
2070 && nlris
[NLRI_MP_WITHDRAW
].length
== 0) {
2071 afi
= nlris
[NLRI_MP_WITHDRAW
].afi
;
2072 safi
= nlris
[NLRI_MP_WITHDRAW
].safi
;
2073 } else if (attr_parse_ret
== BGP_ATTR_PARSE_EOR
) {
2074 afi
= nlris
[NLRI_MP_UPDATE
].afi
;
2075 safi
= nlris
[NLRI_MP_UPDATE
].safi
;
2078 if (afi
&& peer
->afc
[afi
][safi
]) {
2079 struct vrf
*vrf
= vrf_lookup_by_id(peer
->bgp
->vrf_id
);
2081 /* End-of-RIB received */
2082 if (!CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
2083 PEER_STATUS_EOR_RECEIVED
)) {
2084 SET_FLAG(peer
->af_sflags
[afi
][safi
],
2085 PEER_STATUS_EOR_RECEIVED
);
2086 bgp_update_explicit_eors(peer
);
2087 /* Update graceful restart information */
2088 gr_info
= &(peer
->bgp
->gr_info
[afi
][safi
]);
2090 gr_info
->eor_received
++;
2091 /* If EOR received from all peers and selection
2092 * deferral timer is running, cancel the timer
2093 * and invoke the best path calculation
2095 if (gr_info
->eor_required
2096 == gr_info
->eor_received
) {
2097 if (bgp_debug_neighbor_events(peer
))
2101 gr_info
->eor_required
,
2103 gr_info
->eor_received
);
2104 if (gr_info
->t_select_deferral
) {
2105 void *info
= THREAD_ARG(
2106 gr_info
->t_select_deferral
);
2107 XFREE(MTYPE_TMP
, info
);
2109 THREAD_OFF(gr_info
->t_select_deferral
);
2110 gr_info
->eor_required
= 0;
2111 gr_info
->eor_received
= 0;
2112 /* Best path selection */
2113 bgp_best_path_select_defer(peer
->bgp
,
2118 /* NSF delete stale route */
2119 if (peer
->nsf
[afi
][safi
])
2120 bgp_clear_stale_route(peer
, afi
, safi
);
2123 "%s: rcvd End-of-RIB for %s from %s in vrf %s",
2124 __func__
, get_afi_safi_str(afi
, safi
, false),
2125 peer
->host
, vrf
? vrf
->name
: VRF_DEFAULT_NAME
);
2129 /* Everything is done. We unintern temporary structures which
2130 interned in bgp_attr_parse(). */
2131 bgp_attr_unintern_sub(&attr
);
2133 peer
->update_time
= monotime(NULL
);
2135 /* Notify BGP Conditional advertisement scanner process */
2136 peer
->advmap_table_change
= true;
2138 return Receive_UPDATE_message
;
2142 * Process BGP NOTIFY message for peer.
2145 * @param size size of the packet
2146 * @return as in summary
2148 static int bgp_notify_receive(struct peer
*peer
, bgp_size_t size
)
2150 struct bgp_notify outer
= {};
2151 struct bgp_notify inner
= {};
2152 bool hard_reset
= false;
2154 if (peer
->notify
.data
) {
2155 XFREE(MTYPE_BGP_NOTIFICATION
, peer
->notify
.data
);
2156 peer
->notify
.length
= 0;
2157 peer
->notify
.hard_reset
= false;
2160 outer
.code
= stream_getc(peer
->curr
);
2161 outer
.subcode
= stream_getc(peer
->curr
);
2162 outer
.length
= size
- 2;
2164 outer
.raw_data
= NULL
;
2166 outer
.raw_data
= XMALLOC(MTYPE_BGP_NOTIFICATION
, outer
.length
);
2167 memcpy(outer
.raw_data
, stream_pnt(peer
->curr
), outer
.length
);
2171 bgp_notify_received_hard_reset(peer
, outer
.code
, outer
.subcode
);
2172 if (hard_reset
&& outer
.length
) {
2173 inner
= bgp_notify_decapsulate_hard_reset(&outer
);
2174 peer
->notify
.hard_reset
= true;
2179 /* Preserv notify code and sub code. */
2180 peer
->notify
.code
= inner
.code
;
2181 peer
->notify
.subcode
= inner
.subcode
;
2182 /* For further diagnostic record returned Data. */
2184 peer
->notify
.length
= inner
.length
;
2186 XMALLOC(MTYPE_BGP_NOTIFICATION
, inner
.length
);
2187 memcpy(peer
->notify
.data
, inner
.raw_data
, inner
.length
);
2197 inner
.data
= XMALLOC(MTYPE_BGP_NOTIFICATION
,
2199 for (i
= 0; i
< inner
.length
; i
++)
2201 snprintf(c
, sizeof(c
), " %02x",
2202 stream_getc(peer
->curr
));
2204 strlcat(inner
.data
, c
,
2209 snprintf(c
, sizeof(c
), "%02x",
2210 stream_getc(peer
->curr
));
2212 strlcpy(inner
.data
, c
,
2217 bgp_notify_print(peer
, &inner
, "received", hard_reset
);
2219 XFREE(MTYPE_BGP_NOTIFICATION
, inner
.data
);
2223 XFREE(MTYPE_BGP_NOTIFICATION
, outer
.data
);
2224 XFREE(MTYPE_BGP_NOTIFICATION
, outer
.raw_data
);
2226 /* If this is a Hard Reset notification, we MUST free
2227 * the inner (encapsulated) notification too.
2230 XFREE(MTYPE_BGP_NOTIFICATION
, inner
.raw_data
);
2235 /* peer count update */
2236 atomic_fetch_add_explicit(&peer
->notify_in
, 1, memory_order_relaxed
);
2238 peer
->last_reset
= PEER_DOWN_NOTIFY_RECEIVED
;
2240 /* We have to check for Notify with Unsupported Optional Parameter.
2241 in that case we fallback to open without the capability option.
2242 But this done in bgp_stop. We just mark it here to avoid changing
2244 if (inner
.code
== BGP_NOTIFY_OPEN_ERR
&&
2245 inner
.subcode
== BGP_NOTIFY_OPEN_UNSUP_PARAM
)
2246 UNSET_FLAG(peer
->sflags
, PEER_STATUS_CAPABILITY_OPEN
);
2248 /* If Graceful-Restart N-bit (Notification) is exchanged,
2249 * and it's not a Hard Reset, let's retain the routes.
2251 if (bgp_has_graceful_restart_notification(peer
) && !hard_reset
&&
2252 CHECK_FLAG(peer
->sflags
, PEER_STATUS_NSF_MODE
))
2253 SET_FLAG(peer
->sflags
, PEER_STATUS_NSF_WAIT
);
2255 bgp_peer_gr_flags_update(peer
);
2256 BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer
->bgp
,
2259 return Receive_NOTIFICATION_message
;
2263 * Process BGP ROUTEREFRESH message for peer.
2266 * @param size size of the packet
2267 * @return as in summary
2269 static int bgp_route_refresh_receive(struct peer
*peer
, bgp_size_t size
)
2273 iana_safi_t pkt_safi
;
2276 struct peer_af
*paf
;
2277 struct update_group
*updgrp
;
2278 struct peer
*updgrp_peer
;
2280 bool force_update
= false;
2281 bgp_size_t msg_length
=
2282 size
- (BGP_MSG_ROUTE_REFRESH_MIN_SIZE
- BGP_HEADER_SIZE
);
2284 /* If peer does not have the capability, send notification. */
2285 if (!CHECK_FLAG(peer
->cap
, PEER_CAP_REFRESH_ADV
)) {
2286 flog_err(EC_BGP_NO_CAP
,
2287 "%s [Error] BGP route refresh is not enabled",
2289 bgp_notify_send(peer
, BGP_NOTIFY_HEADER_ERR
,
2290 BGP_NOTIFY_HEADER_BAD_MESTYPE
);
2294 /* Status must be Established. */
2295 if (!peer_established(peer
)) {
2297 EC_BGP_INVALID_STATUS
,
2298 "%s [Error] Route refresh packet received under status %s",
2300 lookup_msg(bgp_status_msg
, peer
->status
, NULL
));
2301 bgp_notify_send(peer
, BGP_NOTIFY_FSM_ERR
,
2302 bgp_fsm_error_subcode(peer
->status
));
2309 pkt_afi
= stream_getw(s
);
2310 subtype
= stream_getc(s
);
2311 pkt_safi
= stream_getc(s
);
2313 /* Convert AFI, SAFI to internal values and check. */
2314 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
, &safi
)) {
2316 "%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
2317 peer
->host
, iana_afi2str(pkt_afi
),
2318 iana_safi2str(pkt_safi
));
2319 return BGP_PACKET_NOOP
;
2322 if (size
!= BGP_MSG_ROUTE_REFRESH_MIN_SIZE
- BGP_HEADER_SIZE
) {
2324 uint8_t when_to_refresh
;
2329 /* If the length, excluding the fixed-size message
2330 * header, of the received ROUTE-REFRESH message with
2331 * Message Subtype 1 and 2 is not 4, then the BGP
2332 * speaker MUST send a NOTIFICATION message with the
2333 * Error Code of "ROUTE-REFRESH Message Error" and the
2334 * subcode of "Invalid Message Length".
2336 if (msg_length
!= 4) {
2338 "%s Enhanced Route Refresh message length error",
2341 peer
, BGP_NOTIFY_ROUTE_REFRESH_ERR
,
2342 BGP_NOTIFY_ROUTE_REFRESH_INVALID_MSG_LEN
);
2345 /* When the BGP speaker receives a ROUTE-REFRESH message
2346 * with a "Message Subtype" field other than 0, 1, or 2,
2347 * it MUST ignore the received ROUTE-REFRESH message.
2351 "%s Enhanced Route Refresh invalid subtype",
2355 if (msg_length
< 5) {
2356 zlog_info("%s ORF route refresh length error",
2358 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2359 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2363 when_to_refresh
= stream_getc(s
);
2364 end
= stream_pnt(s
) + (size
- 5);
2366 while ((stream_pnt(s
) + 2) < end
) {
2367 orf_type
= stream_getc(s
);
2368 orf_len
= stream_getw(s
);
2370 /* orf_len in bounds? */
2371 if ((stream_pnt(s
) + orf_len
) > end
)
2372 break; /* XXX: Notify instead?? */
2373 if (orf_type
== ORF_TYPE_PREFIX
2374 || orf_type
== ORF_TYPE_PREFIX_OLD
) {
2375 uint8_t *p_pnt
= stream_pnt(s
);
2376 uint8_t *p_end
= stream_pnt(s
) + orf_len
;
2377 struct orf_prefix orfp
;
2382 int ret
= CMD_SUCCESS
;
2384 if (bgp_debug_neighbor_events(peer
)) {
2386 "%pBP rcvd Prefixlist ORF(%d) length %d",
2387 peer
, orf_type
, orf_len
);
2390 /* ORF prefix-list name */
2391 snprintf(name
, sizeof(name
), "%s.%d.%d",
2392 peer
->host
, afi
, safi
);
2394 /* we're going to read at least 1 byte of common
2396 * and 7 bytes of ORF Address-filter entry from
2399 if (*p_pnt
& ORF_COMMON_PART_REMOVE_ALL
) {
2400 if (bgp_debug_neighbor_events(peer
))
2402 "%pBP rcvd Remove-All pfxlist ORF request",
2404 prefix_bgp_orf_remove_all(afi
, name
);
2411 while (p_pnt
< p_end
) {
2412 /* If the ORF entry is malformed, want
2413 * to read as much of it
2414 * as possible without going beyond the
2415 * bounds of the entry,
2416 * to maximise debug information.
2419 memset(&orfp
, 0, sizeof(orfp
));
2421 /* after ++: p_pnt <= p_end */
2422 ok
= ((uint32_t)(p_end
- p_pnt
)
2423 >= sizeof(uint32_t));
2427 p_pnt
+= sizeof(uint32_t);
2428 orfp
.seq
= ntohl(seq
);
2432 /* val checked in prefix_bgp_orf_set */
2436 /* val checked in prefix_bgp_orf_set */
2440 if ((ok
= (p_pnt
< p_end
)))
2441 orfp
.p
.prefixlen
= *p_pnt
++;
2443 /* afi checked already */
2444 orfp
.p
.family
= afi2family(afi
);
2447 psize
= PSIZE(orfp
.p
.prefixlen
);
2448 /* valid for family ? */
2449 if (psize
> prefix_blen(&orfp
.p
)) {
2451 psize
= prefix_blen(&orfp
.p
);
2453 /* valid for packet ? */
2454 if (psize
> (p_end
- p_pnt
)) {
2456 psize
= p_end
- p_pnt
;
2460 memcpy(&orfp
.p
.u
.prefix
, p_pnt
,
2464 if (bgp_debug_neighbor_events(peer
)) {
2465 char buf
[INET6_BUFSIZ
];
2468 "%pBP rcvd %s %s seq %u %s/%d ge %d le %d%s",
2470 (common
& ORF_COMMON_PART_REMOVE
2473 (common
& ORF_COMMON_PART_DENY
2484 ok
? "" : " MALFORMED");
2488 ret
= prefix_bgp_orf_set(
2490 (common
& ORF_COMMON_PART_DENY
2493 (common
& ORF_COMMON_PART_REMOVE
2497 if (!ok
|| (ok
&& ret
!= CMD_SUCCESS
)) {
2499 "%pBP Received misformatted prefixlist ORF. Remove All pfxlist",
2501 prefix_bgp_orf_remove_all(afi
,
2507 peer
->orf_plist
[afi
][safi
] =
2508 prefix_bgp_orf_lookup(afi
, name
);
2510 stream_forward_getp(s
, orf_len
);
2512 if (bgp_debug_neighbor_events(peer
))
2513 zlog_debug("%pBP rcvd Refresh %s ORF request", peer
,
2514 when_to_refresh
== REFRESH_DEFER
2517 if (when_to_refresh
== REFRESH_DEFER
)
2518 return BGP_PACKET_NOOP
;
2521 /* First update is deferred until ORF or ROUTE-REFRESH is received */
2522 if (CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
2523 PEER_STATUS_ORF_WAIT_REFRESH
))
2524 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
2525 PEER_STATUS_ORF_WAIT_REFRESH
);
2527 paf
= peer_af_find(peer
, afi
, safi
);
2528 if (paf
&& paf
->subgroup
) {
2529 if (peer
->orf_plist
[afi
][safi
]) {
2530 updgrp
= PAF_UPDGRP(paf
);
2531 updgrp_peer
= UPDGRP_PEER(updgrp
);
2532 updgrp_peer
->orf_plist
[afi
][safi
] =
2533 peer
->orf_plist
[afi
][safi
];
2536 /* Avoid supressing duplicate routes later
2537 * when processing in subgroup_announce_table().
2539 force_update
= true;
2541 /* If the peer is configured for default-originate clear the
2542 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
2546 if (CHECK_FLAG(paf
->subgroup
->sflags
,
2547 SUBGRP_STATUS_DEFAULT_ORIGINATE
))
2548 UNSET_FLAG(paf
->subgroup
->sflags
,
2549 SUBGRP_STATUS_DEFAULT_ORIGINATE
);
2552 if (subtype
== BGP_ROUTE_REFRESH_BORR
) {
2553 /* A BGP speaker that has received the Graceful Restart
2554 * Capability from its neighbor MUST ignore any BoRRs for
2555 * an <AFI, SAFI> from the neighbor before the speaker
2556 * receives the EoR for the given <AFI, SAFI> from the
2559 if (CHECK_FLAG(peer
->cap
, PEER_CAP_RESTART_RCV
)
2560 && !CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
2561 PEER_STATUS_EOR_RECEIVED
)) {
2562 if (bgp_debug_neighbor_events(peer
))
2564 "%pBP rcvd route-refresh (BoRR) for %s/%s before EoR",
2565 peer
, afi2str(afi
), safi2str(safi
));
2566 return BGP_PACKET_NOOP
;
2569 if (peer
->t_refresh_stalepath
) {
2570 if (bgp_debug_neighbor_events(peer
))
2572 "%pBP rcvd route-refresh (BoRR) for %s/%s, whereas BoRR already received",
2573 peer
, afi2str(afi
), safi2str(safi
));
2574 return BGP_PACKET_NOOP
;
2577 SET_FLAG(peer
->af_sflags
[afi
][safi
], PEER_STATUS_BORR_RECEIVED
);
2578 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
2579 PEER_STATUS_EORR_RECEIVED
);
2581 /* When a BGP speaker receives a BoRR message from
2582 * a peer, it MUST mark all the routes with the given
2583 * Address Family Identifier and Subsequent Address
2584 * Family Identifier, <AFI, SAFI> [RFC2918], from
2585 * that peer as stale.
2587 if (peer_active_nego(peer
)) {
2588 SET_FLAG(peer
->af_sflags
[afi
][safi
],
2589 PEER_STATUS_ENHANCED_REFRESH
);
2590 bgp_set_stale_route(peer
, afi
, safi
);
2593 if (peer_established(peer
))
2594 thread_add_timer(bm
->master
,
2595 bgp_refresh_stalepath_timer_expire
,
2596 paf
, peer
->bgp
->stalepath_time
,
2597 &peer
->t_refresh_stalepath
);
2599 if (bgp_debug_neighbor_events(peer
))
2601 "%pBP rcvd route-refresh (BoRR) for %s/%s, triggering timer for %u seconds",
2602 peer
, afi2str(afi
), safi2str(safi
),
2603 peer
->bgp
->stalepath_time
);
2604 } else if (subtype
== BGP_ROUTE_REFRESH_EORR
) {
2605 if (!peer
->t_refresh_stalepath
) {
2607 "%pBP rcvd route-refresh (EoRR) for %s/%s, whereas no BoRR received",
2608 peer
, afi2str(afi
), safi2str(safi
));
2609 return BGP_PACKET_NOOP
;
2612 THREAD_OFF(peer
->t_refresh_stalepath
);
2614 SET_FLAG(peer
->af_sflags
[afi
][safi
], PEER_STATUS_EORR_RECEIVED
);
2615 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
2616 PEER_STATUS_BORR_RECEIVED
);
2618 if (bgp_debug_neighbor_events(peer
))
2620 "%pBP rcvd route-refresh (EoRR) for %s/%s, stopping BoRR timer",
2621 peer
, afi2str(afi
), safi2str(safi
));
2623 if (peer
->nsf
[afi
][safi
])
2624 bgp_clear_stale_route(peer
, afi
, safi
);
2626 if (bgp_debug_neighbor_events(peer
))
2628 "%pBP rcvd route-refresh (REQUEST) for %s/%s",
2629 peer
, afi2str(afi
), safi2str(safi
));
2631 /* In response to a "normal route refresh request" from the
2632 * peer, the speaker MUST send a BoRR message.
2634 if (CHECK_FLAG(peer
->cap
, PEER_CAP_ENHANCED_RR_RCV
)) {
2635 /* For a BGP speaker that supports the BGP Graceful
2636 * Restart, it MUST NOT send a BoRR for an <AFI, SAFI>
2637 * to a neighbor before it sends the EoR for the
2638 * <AFI, SAFI> to the neighbor.
2640 if (!CHECK_FLAG(peer
->af_sflags
[afi
][safi
],
2641 PEER_STATUS_EOR_SEND
)) {
2642 if (bgp_debug_neighbor_events(peer
))
2644 "%pBP rcvd route-refresh (REQUEST) for %s/%s before EoR",
2647 /* Can't send BoRR now, postpone after EoR */
2648 SET_FLAG(peer
->af_sflags
[afi
][safi
],
2649 PEER_STATUS_REFRESH_PENDING
);
2650 return BGP_PACKET_NOOP
;
2653 bgp_route_refresh_send(peer
, afi
, safi
, 0, 0, 0,
2654 BGP_ROUTE_REFRESH_BORR
);
2656 if (bgp_debug_neighbor_events(peer
))
2658 "%pBP sending route-refresh (BoRR) for %s/%s",
2659 peer
, afi2str(afi
), safi2str(safi
));
2661 /* Set flag Ready-To-Send to know when we can send EoRR
2664 SET_FLAG(peer
->af_sflags
[afi
][safi
],
2665 PEER_STATUS_BORR_SEND
);
2666 UNSET_FLAG(peer
->af_sflags
[afi
][safi
],
2667 PEER_STATUS_EORR_SEND
);
2671 /* Perform route refreshment to the peer */
2672 bgp_announce_route(peer
, afi
, safi
, force_update
);
2674 /* No FSM action necessary */
2675 return BGP_PACKET_NOOP
;
2679 * Parse BGP CAPABILITY message for peer.
2682 * @param size size of the packet
2683 * @return as in summary
2685 static int bgp_capability_msg_parse(struct peer
*peer
, uint8_t *pnt
,
2689 struct capability_mp_data mpc
;
2690 struct capability_header
*hdr
;
2694 iana_safi_t pkt_safi
;
2700 /* We need at least action, capability code and capability
2702 if (pnt
+ 3 > end
) {
2703 zlog_info("%s Capability length error", peer
->host
);
2704 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2705 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2709 hdr
= (struct capability_header
*)(pnt
+ 1);
2711 /* Action value check. */
2712 if (action
!= CAPABILITY_ACTION_SET
2713 && action
!= CAPABILITY_ACTION_UNSET
) {
2714 zlog_info("%s Capability Action Value error %d",
2715 peer
->host
, action
);
2716 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2717 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2721 if (bgp_debug_neighbor_events(peer
))
2723 "%s CAPABILITY has action: %d, code: %u, length %u",
2724 peer
->host
, action
, hdr
->code
, hdr
->length
);
2726 if (hdr
->length
< sizeof(struct capability_mp_data
)) {
2728 "%pBP Capability structure is not properly filled out, expected at least %zu bytes but header length specified is %d",
2729 peer
, sizeof(struct capability_mp_data
),
2734 /* Capability length check. */
2735 if ((pnt
+ hdr
->length
+ 3) > end
) {
2736 zlog_info("%s Capability length error", peer
->host
);
2737 bgp_notify_send(peer
, BGP_NOTIFY_CEASE
,
2738 BGP_NOTIFY_SUBCODE_UNSPECIFIC
);
2742 /* Fetch structure to the byte stream. */
2743 memcpy(&mpc
, pnt
+ 3, sizeof(struct capability_mp_data
));
2744 pnt
+= hdr
->length
+ 3;
2746 /* We know MP Capability Code. */
2747 if (hdr
->code
== CAPABILITY_CODE_MP
) {
2748 pkt_afi
= ntohs(mpc
.afi
);
2749 pkt_safi
= mpc
.safi
;
2751 /* Ignore capability when override-capability is set. */
2752 if (CHECK_FLAG(peer
->flags
,
2753 PEER_FLAG_OVERRIDE_CAPABILITY
))
2756 /* Convert AFI, SAFI to internal values. */
2757 if (bgp_map_afi_safi_iana2int(pkt_afi
, pkt_safi
, &afi
,
2759 if (bgp_debug_neighbor_events(peer
))
2761 "%s Dynamic Capability MP_EXT afi/safi invalid (%s/%s)",
2763 iana_afi2str(pkt_afi
),
2764 iana_safi2str(pkt_safi
));
2768 /* Address family check. */
2769 if (bgp_debug_neighbor_events(peer
))
2771 "%s CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
2773 action
== CAPABILITY_ACTION_SET
2776 iana_afi2str(pkt_afi
),
2777 iana_safi2str(pkt_safi
));
2779 if (action
== CAPABILITY_ACTION_SET
) {
2780 peer
->afc_recv
[afi
][safi
] = 1;
2781 if (peer
->afc
[afi
][safi
]) {
2782 peer
->afc_nego
[afi
][safi
] = 1;
2783 bgp_announce_route(peer
, afi
, safi
,
2787 peer
->afc_recv
[afi
][safi
] = 0;
2788 peer
->afc_nego
[afi
][safi
] = 0;
2790 if (peer_active_nego(peer
))
2791 bgp_clear_route(peer
, afi
, safi
);
2797 EC_BGP_UNRECOGNIZED_CAPABILITY
,
2798 "%s unrecognized capability code: %d - ignored",
2799 peer
->host
, hdr
->code
);
2803 /* No FSM action necessary */
2804 return BGP_PACKET_NOOP
;
2808 * Parse BGP CAPABILITY message for peer.
2810 * Exported for unit testing.
2813 * @param size size of the packet
2814 * @return as in summary
2816 int bgp_capability_receive(struct peer
*peer
, bgp_size_t size
)
2820 /* Fetch pointer. */
2821 pnt
= stream_pnt(peer
->curr
);
2823 if (bgp_debug_neighbor_events(peer
))
2824 zlog_debug("%s rcv CAPABILITY", peer
->host
);
2826 /* If peer does not have the capability, send notification. */
2827 if (!CHECK_FLAG(peer
->cap
, PEER_CAP_DYNAMIC_ADV
)) {
2828 flog_err(EC_BGP_NO_CAP
,
2829 "%s [Error] BGP dynamic capability is not enabled",
2831 bgp_notify_send(peer
, BGP_NOTIFY_HEADER_ERR
,
2832 BGP_NOTIFY_HEADER_BAD_MESTYPE
);
2836 /* Status must be Established. */
2837 if (!peer_established(peer
)) {
2840 "%s [Error] Dynamic capability packet received under status %s",
2842 lookup_msg(bgp_status_msg
, peer
->status
, NULL
));
2843 bgp_notify_send(peer
, BGP_NOTIFY_FSM_ERR
,
2844 bgp_fsm_error_subcode(peer
->status
));
2849 return bgp_capability_msg_parse(peer
, pnt
, size
);
2853 * Processes a peer's input buffer.
2855 * This function sidesteps the event loop and directly calls bgp_event_update()
2856 * after processing each BGP message. This is necessary to ensure proper
2857 * ordering of FSM events and unifies the behavior that was present previously,
2858 * whereby some of the packet handling functions would update the FSM and some
2859 * would not, making event flow difficult to understand. Please think twice
2860 * before hacking this.
2862 * Thread type: THREAD_EVENT
2866 void bgp_process_packet(struct thread
*thread
)
2868 /* Yes first of all get peer pointer. */
2869 struct peer
*peer
; // peer
2870 uint32_t rpkt_quanta_old
; // how many packets to read
2871 int fsm_update_result
; // return code of bgp_event_update()
2872 int mprc
; // message processing return code
2874 peer
= THREAD_ARG(thread
);
2875 rpkt_quanta_old
= atomic_load_explicit(&peer
->bgp
->rpkt_quanta
,
2876 memory_order_relaxed
);
2877 fsm_update_result
= 0;
2879 /* Guard against scheduled events that occur after peer deletion. */
2880 if (peer
->status
== Deleted
|| peer
->status
== Clearing
)
2883 unsigned int processed
= 0;
2885 while (processed
< rpkt_quanta_old
) {
2888 char notify_data_length
[2];
2890 frr_with_mutex (&peer
->io_mtx
) {
2891 peer
->curr
= stream_fifo_pop(peer
->ibuf
);
2894 if (peer
->curr
== NULL
) // no packets to process, hmm...
2897 /* skip the marker and copy the packet length */
2898 stream_forward_getp(peer
->curr
, BGP_MARKER_SIZE
);
2899 memcpy(notify_data_length
, stream_pnt(peer
->curr
), 2);
2901 /* read in the packet length and type */
2902 size
= stream_getw(peer
->curr
);
2903 type
= stream_getc(peer
->curr
);
2905 hook_call(bgp_packet_dump
, peer
, type
, size
, peer
->curr
);
2907 /* adjust size to exclude the marker + length + type */
2908 size
-= BGP_HEADER_SIZE
;
2910 /* Read rest of the packet and call each sort of packet routine
2914 frrtrace(2, frr_bgp
, open_process
, peer
, size
);
2915 atomic_fetch_add_explicit(&peer
->open_in
, 1,
2916 memory_order_relaxed
);
2917 mprc
= bgp_open_receive(peer
, size
);
2918 if (mprc
== BGP_Stop
)
2921 "%s: BGP OPEN receipt failed for peer: %s",
2922 __func__
, peer
->host
);
2924 case BGP_MSG_UPDATE
:
2925 frrtrace(2, frr_bgp
, update_process
, peer
, size
);
2926 atomic_fetch_add_explicit(&peer
->update_in
, 1,
2927 memory_order_relaxed
);
2928 peer
->readtime
= monotime(NULL
);
2929 mprc
= bgp_update_receive(peer
, size
);
2930 if (mprc
== BGP_Stop
)
2933 "%s: BGP UPDATE receipt failed for peer: %s",
2934 __func__
, peer
->host
);
2936 case BGP_MSG_NOTIFY
:
2937 frrtrace(2, frr_bgp
, notification_process
, peer
, size
);
2938 atomic_fetch_add_explicit(&peer
->notify_in
, 1,
2939 memory_order_relaxed
);
2940 mprc
= bgp_notify_receive(peer
, size
);
2941 if (mprc
== BGP_Stop
)
2944 "%s: BGP NOTIFY receipt failed for peer: %s",
2945 __func__
, peer
->host
);
2947 case BGP_MSG_KEEPALIVE
:
2948 frrtrace(2, frr_bgp
, keepalive_process
, peer
, size
);
2949 peer
->readtime
= monotime(NULL
);
2950 atomic_fetch_add_explicit(&peer
->keepalive_in
, 1,
2951 memory_order_relaxed
);
2952 mprc
= bgp_keepalive_receive(peer
, size
);
2953 if (mprc
== BGP_Stop
)
2956 "%s: BGP KEEPALIVE receipt failed for peer: %s",
2957 __func__
, peer
->host
);
2959 case BGP_MSG_ROUTE_REFRESH_NEW
:
2960 case BGP_MSG_ROUTE_REFRESH_OLD
:
2961 frrtrace(2, frr_bgp
, refresh_process
, peer
, size
);
2962 atomic_fetch_add_explicit(&peer
->refresh_in
, 1,
2963 memory_order_relaxed
);
2964 mprc
= bgp_route_refresh_receive(peer
, size
);
2965 if (mprc
== BGP_Stop
)
2968 "%s: BGP ROUTEREFRESH receipt failed for peer: %s",
2969 __func__
, peer
->host
);
2971 case BGP_MSG_CAPABILITY
:
2972 frrtrace(2, frr_bgp
, capability_process
, peer
, size
);
2973 atomic_fetch_add_explicit(&peer
->dynamic_cap_in
, 1,
2974 memory_order_relaxed
);
2975 mprc
= bgp_capability_receive(peer
, size
);
2976 if (mprc
== BGP_Stop
)
2979 "%s: BGP CAPABILITY receipt failed for peer: %s",
2980 __func__
, peer
->host
);
2983 /* Suppress uninitialized variable warning */
2987 * The message type should have been sanitized before
2988 * we ever got here. Receipt of a message with an
2989 * invalid header at this point is indicative of a
2992 assert (!"Message of invalid type received during input processing");
2995 /* delete processed packet */
2996 stream_free(peer
->curr
);
3001 if (mprc
!= BGP_PACKET_NOOP
)
3002 fsm_update_result
= bgp_event_update(peer
, mprc
);
3007 * If peer was deleted, do not process any more packets. This
3008 * is usually due to executing BGP_Stop or a stub deletion.
3010 if (fsm_update_result
== FSM_PEER_TRANSFERRED
3011 || fsm_update_result
== FSM_PEER_STOPPED
)
3015 if (fsm_update_result
!= FSM_PEER_TRANSFERRED
3016 && fsm_update_result
!= FSM_PEER_STOPPED
) {
3017 frr_with_mutex (&peer
->io_mtx
) {
3018 // more work to do, come back later
3019 if (peer
->ibuf
->count
> 0)
3021 bm
->master
, bgp_process_packet
, peer
, 0,
3022 &peer
->t_process_packet
);
3027 /* Send EOR when routes are processed by selection deferral timer */
3028 void bgp_send_delayed_eor(struct bgp
*bgp
)
3031 struct listnode
*node
, *nnode
;
3033 /* EOR message sent in bgp_write_proceed_actions */
3034 for (ALL_LIST_ELEMENTS(bgp
->peer
, node
, nnode
, peer
))
3035 bgp_write_proceed_actions(peer
);
3039 * Task callback to handle socket error encountered in the io pthread. We avoid
3040 * having the io pthread try to enqueue fsm events or mess with the peer
3043 void bgp_packet_process_error(struct thread
*thread
)
3048 peer
= THREAD_ARG(thread
);
3049 code
= THREAD_VAL(thread
);
3051 if (bgp_debug_neighbor_events(peer
))
3052 zlog_debug("%s [Event] BGP error %d on fd %d",
3053 peer
->host
, code
, peer
->fd
);
3055 /* Closed connection or error on the socket */
3056 if (peer_established(peer
)) {
3057 if ((CHECK_FLAG(peer
->flags
, PEER_FLAG_GRACEFUL_RESTART
)
3058 || CHECK_FLAG(peer
->flags
,
3059 PEER_FLAG_GRACEFUL_RESTART_HELPER
))
3060 && CHECK_FLAG(peer
->sflags
, PEER_STATUS_NSF_MODE
)) {
3061 peer
->last_reset
= PEER_DOWN_NSF_CLOSE_SESSION
;
3062 SET_FLAG(peer
->sflags
, PEER_STATUS_NSF_WAIT
);
3064 peer
->last_reset
= PEER_DOWN_CLOSE_SESSION
;
3067 bgp_event_update(peer
, code
);