extern struct zebra_privs_t bgpd_privs;
-static int bgp_bind(struct peer *);
+static char *bgp_get_bound_name(struct peer *peer);
/* BGP listening socket. */
struct bgp_listener {
peer->doppelganger = peer1;
peer1->doppelganger = peer;
peer->fd = bgp_sock;
- bgp_bind(peer);
+ vrf_bind(peer->bgp->vrf_id, bgp_sock, bgp_get_bound_name(peer));
bgp_fsm_change_status(peer, Active);
BGP_TIMER_OFF(peer->t_start); /* created in peer_create() */
}
/* BGP socket bind. */
-static int bgp_bind(struct peer *peer)
+static char *bgp_get_bound_name(struct peer *peer)
{
-#ifdef SO_BINDTODEVICE
- int ret;
- int myerrno;
char *name = NULL;
- /* If not bound to an interface or part of a VRF lite, we don't care. */
if ((peer->bgp->vrf_id == VRF_DEFAULT) &&
!peer->ifname && !peer->conf_if)
- return 0;
- if (vrf_is_mapped_on_netns(peer->bgp->vrf_id))
- return 0;
+ return NULL;
+
if (peer->su.sa.sa_family != AF_INET
&& peer->su.sa.sa_family != AF_INET6)
- return 0; // unexpected
+ return NULL; // unexpected
+ if (!peer)
+ return name;
/* For IPv6 peering, interface (unnumbered or link-local with interface)
* takes precedence over VRF. For IPv4 peering, explicit interface or
* VRF are the situations to bind.
else
name = peer->ifname ? peer->ifname : peer->bgp->name;
- if (!name)
- return 0;
-
- if (bgp_debug_neighbor_events(peer))
- zlog_debug("%s Binding to interface %s", peer->host, name);
-
- if (bgpd_privs.change(ZPRIVS_RAISE))
- zlog_err("bgp_bind: could not raise privs");
-
- ret = setsockopt(peer->fd, SOL_SOCKET, SO_BINDTODEVICE, name,
- strlen(name));
- myerrno = errno;
-
- if (bgpd_privs.change(ZPRIVS_LOWER))
- zlog_err("bgp_bind: could not lower privs");
-
- if (ret < 0) {
- if (bgp_debug_neighbor_events(peer))
- zlog_debug("bind to interface %s failed, errno=%d",
- name, myerrno);
- return ret;
- }
-#endif /* SO_BINDTODEVICE */
- return 0;
+ return name;
}
static int bgp_update_address(struct interface *ifp, const union sockunion *dst,
if (bgpd_privs.change(ZPRIVS_RAISE))
zlog_err("Can't raise privileges");
/* Make socket for the peer. */
- peer->fd = vrf_sockunion_socket(&peer->su, peer->bgp->vrf_id, NULL);
+ peer->fd = vrf_sockunion_socket(&peer->su, peer->bgp->vrf_id,
+ bgp_get_bound_name(peer));
if (bgpd_privs.change(ZPRIVS_LOWER))
zlog_err("Can't lower privileges");
if (peer->fd < 0)
if (peer->password)
bgp_md5_set_connect(peer->fd, &peer->su, peer->password);
- /* Bind socket. */
- bgp_bind(peer);
-
/* Update source bind. */
if (bgp_update_source(peer) < 0) {
return connect_error;
if (bgpd_privs.change(ZPRIVS_RAISE))
zlog_err("Can't raise privileges");
sock = vrf_socket(ainfo->ai_family, ainfo->ai_socktype,
- ainfo->ai_protocol, bgp->vrf_id, NULL);
+ ainfo->ai_protocol, bgp->vrf_id,
+ NULL);
if (bgpd_privs.change(ZPRIVS_LOWER))
zlog_err("Can't lower privileges");
if (sock < 0) {