]> git.proxmox.com Git - mirror_frr.git/blob - bgpd/bgp_packet.c
projects / mirror_frr.git / blob
? search:


b5a03f2692e21a65a94a8630a7bfca8227e0201b
[mirror_frr.git] / bgpd / bgp_packet.c
1 /* BGP packet management routine.
2 Copyright (C) 1999 Kunihiro Ishiguro
3
4 This file is part of GNU Zebra.
5
6 GNU Zebra is free software; you can redistribute it and/or modify it
7 under the terms of the GNU General Public License as published by the
8 Free Software Foundation; either version 2, or (at your option) any
9 later version.
10
11 GNU Zebra is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with GNU Zebra; see the file COPYING. If not, write to the Free
18 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19 02111-1307, USA. */
20
21 #include <zebra.h>
22
23 #include "thread.h"
24 #include "stream.h"
25 #include "network.h"
26 #include "prefix.h"
27 #include "command.h"
28 #include "log.h"
29 #include "memory.h"
30 #include "sockunion.h" /* for inet_ntop () */
31 #include "sockopt.h"
32 #include "linklist.h"
33 #include "plist.h"
34 #include "queue.h"
35 #include "filter.h"
36
37 #include "bgpd/bgpd.h"
38 #include "bgpd/bgp_table.h"
39 #include "bgpd/bgp_dump.h"
40 #include "bgpd/bgp_attr.h"
41 #include "bgpd/bgp_debug.h"
42 #include "bgpd/bgp_fsm.h"
43 #include "bgpd/bgp_route.h"
44 #include "bgpd/bgp_packet.h"
45 #include "bgpd/bgp_open.h"
46 #include "bgpd/bgp_aspath.h"
47 #include "bgpd/bgp_community.h"
48 #include "bgpd/bgp_ecommunity.h"
49 #include "bgpd/bgp_lcommunity.h"
50 #include "bgpd/bgp_network.h"
51 #include "bgpd/bgp_mplsvpn.h"
52 #include "bgpd/bgp_evpn.h"
53 #include "bgpd/bgp_encap.h"
54 #include "bgpd/bgp_evpn.h"
55 #include "bgpd/bgp_advertise.h"
56 #include "bgpd/bgp_vty.h"
57 #include "bgpd/bgp_updgrp.h"
58 #include "bgpd/bgp_label.h"
59
60 /* Set up BGP packet marker and packet type. */
61 int
62 bgp_packet_set_marker (struct stream *s, u_char type)
63 {
64 int i;
65
66 /* Fill in marker. */
67 for (i = 0; i < BGP_MARKER_SIZE; i++)
68 stream_putc (s, 0xff);
69
70 /* Dummy total length. This field is should be filled in later on. */
71 stream_putw (s, 0);
72
73 /* BGP packet type. */
74 stream_putc (s, type);
75
76 /* Return current stream size. */
77 return stream_get_endp (s);
78 }
79
80 /* Set BGP packet header size entry. If size is zero then use current
81 stream size. */
82 int
83 bgp_packet_set_size (struct stream *s)
84 {
85 int cp;
86
87 /* Preserve current pointer. */
88 cp = stream_get_endp (s);
89 stream_putw_at (s, BGP_MARKER_SIZE, cp);
90
91 return cp;
92 }
93
94 /* Add new packet to the peer. */
95 void
96 bgp_packet_add (struct peer *peer, struct stream *s)
97 {
98 /* Add packet to the end of list. */
99 stream_fifo_push (peer->obuf, s);
100 }
101
102 /* Free first packet. */
103 static void
104 bgp_packet_delete (struct peer *peer)
105 {
106 stream_free (stream_fifo_pop (peer->obuf));
107 }
108
109 /* Check file descriptor whether connect is established. */
110 int
111 bgp_connect_check (struct peer *peer, int change_state)
112 {
113 int status;
114 socklen_t slen;
115 int ret;
116
117 /* Anyway I have to reset read and write thread. */
118 BGP_READ_OFF (peer->t_read);
119 BGP_WRITE_OFF (peer->t_write);
120
121 /* Check file descriptor. */
122 slen = sizeof (status);
123 ret = getsockopt(peer->fd, SOL_SOCKET, SO_ERROR, (void *) &status, &slen);
124
125 /* If getsockopt is fail, this is fatal error. */
126 if (ret < 0)
127 {
128 zlog_info ("can't get sockopt for nonblocking connect");
129 BGP_EVENT_ADD (peer, TCP_fatal_error);
130 return -1;
131 }
132
133 /* When status is 0 then TCP connection is established. */
134 if (status == 0)
135 {
136 BGP_EVENT_ADD (peer, TCP_connection_open);
137 return 1;
138 }
139 else
140 {
141 if (bgp_debug_neighbor_events(peer))
142 zlog_debug ("%s [Event] Connect failed (%s)",
143 peer->host, safe_strerror (errno));
144 if (change_state)
145 BGP_EVENT_ADD (peer, TCP_connection_open_failed);
146 return 0;
147 }
148 }
149
150 static struct stream *
151 bgp_update_packet_eor (struct peer *peer, afi_t afi, safi_t safi)
152 {
153 struct stream *s;
154 iana_afi_t pkt_afi;
155 safi_t pkt_safi;
156
157 if (DISABLE_BGP_ANNOUNCE)
158 return NULL;
159
160 if (bgp_debug_neighbor_events(peer))
161 zlog_debug ("send End-of-RIB for %s to %s", afi_safi_print (afi, safi), peer->host);
162
163 s = stream_new (BGP_MAX_PACKET_SIZE);
164
165 /* Make BGP update packet. */
166 bgp_packet_set_marker (s, BGP_MSG_UPDATE);
167
168 /* Unfeasible Routes Length */
169 stream_putw (s, 0);
170
171 if (afi == AFI_IP && safi == SAFI_UNICAST)
172 {
173 /* Total Path Attribute Length */
174 stream_putw (s, 0);
175 }
176 else
177 {
178 /* Convert AFI, SAFI to values for packet. */
179 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
180
181 /* Total Path Attribute Length */
182 stream_putw (s, 6);
183 stream_putc (s, BGP_ATTR_FLAG_OPTIONAL);
184 stream_putc (s, BGP_ATTR_MP_UNREACH_NLRI);
185 stream_putc (s, 3);
186 stream_putw (s, pkt_afi);
187 stream_putc (s, pkt_safi);
188 }
189
190 bgp_packet_set_size (s);
191 bgp_packet_add (peer, s);
192 return s;
193 }
194
195 /* Get next packet to be written. */
196 static struct stream *
197 bgp_write_packet (struct peer *peer)
198 {
199 struct stream *s = NULL;
200 struct peer_af *paf;
201 struct bpacket *next_pkt;
202 afi_t afi;
203 safi_t safi;
204
205 s = stream_fifo_head (peer->obuf);
206 if (s)
207 return s;
208
209 /*
210 * The code beyond this part deals with update packets, proceed only
211 * if peer is Established and updates are not on hold (as part of
212 * update-delay post processing).
213 */
214 if (peer->status != Established)
215 return NULL;
216
217 if (peer->bgp && peer->bgp->main_peers_update_hold)
218 return NULL;
219
220 for (afi = AFI_IP; afi < AFI_MAX; afi++)
221 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
222 {
223 paf = peer_af_find (peer, afi, safi);
224 if (!paf || !PAF_SUBGRP(paf))
225 continue;
226 next_pkt = paf->next_pkt_to_send;
227
228 /* Try to generate a packet for the peer if we are at the end of
229 * the list. Always try to push out WITHDRAWs first. */
230 if (!next_pkt || !next_pkt->buffer)
231 {
232 next_pkt = subgroup_withdraw_packet(PAF_SUBGRP(paf));
233 if (!next_pkt || !next_pkt->buffer)
234 subgroup_update_packet (PAF_SUBGRP(paf));
235 next_pkt = paf->next_pkt_to_send;
236 }
237
238 /* If we still don't have a packet to send to the peer, then
239 * try to find out out if we have to send eor or if not, skip to
240 * the next AFI, SAFI.
241 * Don't send the EOR prematurely... if the subgroup's coalesce
242 * timer is running, the adjacency-out structure is not created
243 * yet.
244 */
245 if (!next_pkt || !next_pkt->buffer)
246 {
247 if (CHECK_FLAG (peer->cap, PEER_CAP_RESTART_RCV))
248 {
249 if (!(PAF_SUBGRP(paf))->t_coalesce &&
250 peer->afc_nego[afi][safi] && peer->synctime
251 && ! CHECK_FLAG (peer->af_sflags[afi][safi],
252 PEER_STATUS_EOR_SEND)
253 && safi != SAFI_EVPN)
254 {
255 SET_FLAG (peer->af_sflags[afi][safi],
256 PEER_STATUS_EOR_SEND);
257 return bgp_update_packet_eor (peer, afi, safi);
258 }
259 }
260 continue;
261 }
262
263
264 /*
265 * Found a packet template to send, overwrite packet with appropriate
266 * attributes from peer and advance peer
267 */
268 s = bpacket_reformat_for_peer (next_pkt, paf);
269 bpacket_queue_advance_peer (paf);
270 return s;
271 }
272
273 return NULL;
274 }
275
276 /* The next action for the peer from a write perspective */
277 static void
278 bgp_write_proceed_actions (struct peer *peer)
279 {
280 afi_t afi;
281 safi_t safi;
282 struct peer_af *paf;
283 struct bpacket *next_pkt;
284 int fullq_found = 0;
285 struct update_subgroup *subgrp;
286
287 if (stream_fifo_head (peer->obuf))
288 {
289 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
290 return;
291 }
292
293 for (afi = AFI_IP; afi < AFI_MAX; afi++)
294 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
295 {
296 paf = peer_af_find (peer, afi, safi);
297 if (!paf)
298 continue;
299 subgrp = paf->subgroup;
300 if (!subgrp)
301 continue;
302
303 next_pkt = paf->next_pkt_to_send;
304 if (next_pkt && next_pkt->buffer)
305 {
306 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
307 return;
308 }
309
310 /* No packets readily available for AFI/SAFI, are there subgroup packets
311 * that need to be generated? */
312 if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
313 SUBGRP_PKTQ(subgrp)))
314 fullq_found = 1;
315 else if (subgroup_packets_to_build (subgrp))
316 {
317 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
318 return;
319 }
320
321 /* No packets to send, see if EOR is pending */
322 if (CHECK_FLAG (peer->cap, PEER_CAP_RESTART_RCV))
323 {
324 if (!subgrp->t_coalesce &&
325 peer->afc_nego[afi][safi] &&
326 peer->synctime &&
327 !CHECK_FLAG(peer->af_sflags[afi][safi],
328 PEER_STATUS_EOR_SEND) &&
329 safi != SAFI_MPLS_VPN)
330 {
331 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
332 return;
333 }
334
335 }
336 }
337 if (fullq_found)
338 {
339 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
340 return;
341 }
342 }
343
344 /* Write packet to the peer. */
345 int
346 bgp_write (struct thread *thread)
347 {
348 struct peer *peer;
349 u_char type;
350 struct stream *s;
351 int num;
352 int update_last_write = 0;
353 unsigned int count = 0;
354 unsigned int oc = 0;
355
356 /* Yes first of all get peer pointer. */
357 peer = THREAD_ARG (thread);
358 peer->t_write = NULL;
359
360 /* For non-blocking IO check. */
361 if (peer->status == Connect)
362 {
363 bgp_connect_check (peer, 1);
364 return 0;
365 }
366
367 s = bgp_write_packet (peer);
368 if (!s)
369 {
370 bgp_write_proceed_actions (peer);
371 return 0;
372 }
373
374 sockopt_cork (peer->fd, 1);
375
376 oc = peer->update_out;
377
378 /* Nonblocking write until TCP output buffer is full. */
379 do
380 {
381 int writenum;
382
383 /* Number of bytes to be sent. */
384 writenum = stream_get_endp (s) - stream_get_getp (s);
385
386 /* Call write() system call. */
387 num = write (peer->fd, STREAM_PNT (s), writenum);
388 if (num < 0)
389 {
390 /* write failed either retry needed or error */
391 if (ERRNO_IO_RETRY(errno))
392 break;
393
394 BGP_EVENT_ADD (peer, TCP_fatal_error);
395 return 0;
396 }
397
398 if (num != writenum)
399 {
400 /* Partial write */
401 stream_forward_getp (s, num);
402 break;
403 }
404
405 /* Retrieve BGP packet type. */
406 stream_set_getp (s, BGP_MARKER_SIZE + 2);
407 type = stream_getc (s);
408
409 switch (type)
410 {
411 case BGP_MSG_OPEN:
412 peer->open_out++;
413 break;
414 case BGP_MSG_UPDATE:
415 peer->update_out++;
416 break;
417 case BGP_MSG_NOTIFY:
418 peer->notify_out++;
419 /* Double start timer. */
420 peer->v_start *= 2;
421
422 /* Overflow check. */
423 if (peer->v_start >= (60 * 2))
424 peer->v_start = (60 * 2);
425
426 /* Flush any existing events */
427 BGP_EVENT_ADD (peer, BGP_Stop);
428 goto done;
429
430 case BGP_MSG_KEEPALIVE:
431 peer->keepalive_out++;
432 break;
433 case BGP_MSG_ROUTE_REFRESH_NEW:
434 case BGP_MSG_ROUTE_REFRESH_OLD:
435 peer->refresh_out++;
436 break;
437 case BGP_MSG_CAPABILITY:
438 peer->dynamic_cap_out++;
439 break;
440 }
441
442 /* OK we send packet so delete it. */
443 bgp_packet_delete (peer);
444 update_last_write = 1;
445 }
446 while (++count < peer->bgp->wpkt_quanta &&
447 (s = bgp_write_packet (peer)) != NULL);
448
449 bgp_write_proceed_actions (peer);
450
451 done:
452 /* Update last_update if UPDATEs were written. */
453 if (peer->update_out > oc)
454 peer->last_update = bgp_clock ();
455
456 /* If we TXed any flavor of packet update last_write */
457 if (update_last_write)
458 peer->last_write = bgp_clock ();
459
460 sockopt_cork (peer->fd, 0);
461 return 0;
462 }
463
464 /* This is only for sending NOTIFICATION message to neighbor. */
465 static int
466 bgp_write_notify (struct peer *peer)
467 {
468 int ret, val;
469 u_char type;
470 struct stream *s;
471
472 /* There should be at least one packet. */
473 s = stream_fifo_head (peer->obuf);
474 if (!s)
475 return 0;
476 assert (stream_get_endp (s) >= BGP_HEADER_SIZE);
477
478 /* Stop collecting data within the socket */
479 sockopt_cork (peer->fd, 0);
480
481 /* socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
482 * we only care about getting a clean shutdown at this point. */
483 ret = write (peer->fd, STREAM_DATA (s), stream_get_endp (s));
484
485 /* only connection reset/close gets counted as TCP_fatal_error, failure
486 * to write the entire NOTIFY doesn't get different FSM treatment */
487 if (ret <= 0)
488 {
489 BGP_EVENT_ADD (peer, TCP_fatal_error);
490 return 0;
491 }
492
493 /* Disable Nagle, make NOTIFY packet go out right away */
494 val = 1;
495 (void) setsockopt (peer->fd, IPPROTO_TCP, TCP_NODELAY,
496 (char *) &val, sizeof (val));
497
498 /* Retrieve BGP packet type. */
499 stream_set_getp (s, BGP_MARKER_SIZE + 2);
500 type = stream_getc (s);
501
502 assert (type == BGP_MSG_NOTIFY);
503
504 /* Type should be notify. */
505 peer->notify_out++;
506
507 /* Double start timer. */
508 peer->v_start *= 2;
509
510 /* Overflow check. */
511 if (peer->v_start >= (60 * 2))
512 peer->v_start = (60 * 2);
513
514 /* Handle Graceful Restart case where the state changes to
515 Connect instead of Idle */
516 BGP_EVENT_ADD (peer, BGP_Stop);
517
518 return 0;
519 }
520
521 /* Make keepalive packet and send it to the peer. */
522 void
523 bgp_keepalive_send (struct peer *peer)
524 {
525 struct stream *s;
526
527 s = stream_new (BGP_MAX_PACKET_SIZE);
528
529 /* Make keepalive packet. */
530 bgp_packet_set_marker (s, BGP_MSG_KEEPALIVE);
531
532 /* Set packet size. */
533 (void)bgp_packet_set_size (s);
534
535 /* Dump packet if debug option is set. */
536 /* bgp_packet_dump (s); */
537
538 if (bgp_debug_keepalive(peer))
539 zlog_debug ("%s sending KEEPALIVE", peer->host);
540
541 /* Add packet to the peer. */
542 bgp_packet_add (peer, s);
543
544 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
545 }
546
547 /* Make open packet and send it to the peer. */
548 void
549 bgp_open_send (struct peer *peer)
550 {
551 struct stream *s;
552 u_int16_t send_holdtime;
553 as_t local_as;
554
555 if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
556 send_holdtime = peer->holdtime;
557 else
558 send_holdtime = peer->bgp->default_holdtime;
559
560 /* local-as Change */
561 if (peer->change_local_as)
562 local_as = peer->change_local_as;
563 else
564 local_as = peer->local_as;
565
566 s = stream_new (BGP_MAX_PACKET_SIZE);
567
568 /* Make open packet. */
569 bgp_packet_set_marker (s, BGP_MSG_OPEN);
570
571 /* Set open packet values. */
572 stream_putc (s, BGP_VERSION_4); /* BGP version */
573 stream_putw (s, (local_as <= BGP_AS_MAX) ? (u_int16_t) local_as
574 : BGP_AS_TRANS);
575 stream_putw (s, send_holdtime); /* Hold Time */
576 stream_put_in_addr (s, &peer->local_id); /* BGP Identifier */
577
578 /* Set capability code. */
579 bgp_open_capability (s, peer);
580
581 /* Set BGP packet length. */
582 (void)bgp_packet_set_size (s);
583
584 if (bgp_debug_neighbor_events(peer))
585 zlog_debug ("%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
586 peer->host, BGP_VERSION_4, local_as,
587 send_holdtime, inet_ntoa (peer->local_id));
588
589 /* Dump packet if debug option is set. */
590 /* bgp_packet_dump (s); */
591
592 /* Add packet to the peer. */
593 bgp_packet_add (peer, s);
594
595 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
596 }
597
598 /* Send BGP notify packet with data potion. */
599 void
600 bgp_notify_send_with_data (struct peer *peer, u_char code, u_char sub_code,
601 u_char *data, size_t datalen)
602 {
603 struct stream *s;
604 int length;
605
606 /* Allocate new stream. */
607 s = stream_new (BGP_MAX_PACKET_SIZE);
608
609 /* Make nitify packet. */
610 bgp_packet_set_marker (s, BGP_MSG_NOTIFY);
611
612 /* Set notify packet values. */
613 stream_putc (s, code); /* BGP notify code */
614 stream_putc (s, sub_code); /* BGP notify sub_code */
615
616 /* If notify data is present. */
617 if (data)
618 stream_write (s, data, datalen);
619
620 /* Set BGP packet length. */
621 length = bgp_packet_set_size (s);
622
623 /* Add packet to the peer. */
624 stream_fifo_clean (peer->obuf);
625 bgp_packet_add (peer, s);
626
627 /* For debug */
628 {
629 struct bgp_notify bgp_notify;
630 int first = 0;
631 int i;
632 char c[4];
633
634 bgp_notify.code = code;
635 bgp_notify.subcode = sub_code;
636 bgp_notify.data = NULL;
637 bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE;
638 bgp_notify.raw_data = data;
639
640 peer->notify.code = bgp_notify.code;
641 peer->notify.subcode = bgp_notify.subcode;
642
643 if (bgp_notify.length)
644 {
645 bgp_notify.data = XMALLOC (MTYPE_TMP, bgp_notify.length * 3);
646 for (i = 0; i < bgp_notify.length; i++)
647 if (first)
648 {
649 sprintf (c, " %02x", data[i]);
650 strcat (bgp_notify.data, c);
651 }
652 else
653 {
654 first = 1;
655 sprintf (c, "%02x", data[i]);
656 strcpy (bgp_notify.data, c);
657 }
658 }
659 bgp_notify_print (peer, &bgp_notify, "sending");
660
661 if (bgp_notify.data)
662 {
663 XFREE (MTYPE_TMP, bgp_notify.data);
664 bgp_notify.data = NULL;
665 bgp_notify.length = 0;
666 }
667 }
668
669 /* peer reset cause */
670 if (code == BGP_NOTIFY_CEASE)
671 {
672 if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
673 peer->last_reset = PEER_DOWN_USER_RESET;
674 else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
675 peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
676 else
677 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
678 }
679 else
680 peer->last_reset = PEER_DOWN_NOTIFY_SEND;
681
682 /* Call immediately. */
683 BGP_WRITE_OFF (peer->t_write);
684
685 bgp_write_notify (peer);
686 }
687
688 /* Send BGP notify packet. */
689 void
690 bgp_notify_send (struct peer *peer, u_char code, u_char sub_code)
691 {
692 bgp_notify_send_with_data (peer, code, sub_code, NULL, 0);
693 }
694
695 /* Send route refresh message to the peer. */
696 void
697 bgp_route_refresh_send (struct peer *peer, afi_t afi, safi_t safi,
698 u_char orf_type, u_char when_to_refresh, int remove)
699 {
700 struct stream *s;
701 struct bgp_filter *filter;
702 int orf_refresh = 0;
703 iana_afi_t pkt_afi;
704 safi_t pkt_safi;
705
706 if (DISABLE_BGP_ANNOUNCE)
707 return;
708
709 filter = &peer->filter[afi][safi];
710
711 /* Convert AFI, SAFI to values for packet. */
712 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
713
714 s = stream_new (BGP_MAX_PACKET_SIZE);
715
716 /* Make BGP update packet. */
717 if (CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV))
718 bgp_packet_set_marker (s, BGP_MSG_ROUTE_REFRESH_NEW);
719 else
720 bgp_packet_set_marker (s, BGP_MSG_ROUTE_REFRESH_OLD);
721
722 /* Encode Route Refresh message. */
723 stream_putw (s, pkt_afi);
724 stream_putc (s, 0);
725 stream_putc (s, pkt_safi);
726
727 if (orf_type == ORF_TYPE_PREFIX
728 || orf_type == ORF_TYPE_PREFIX_OLD)
729 if (remove || filter->plist[FILTER_IN].plist)
730 {
731 u_int16_t orf_len;
732 unsigned long orfp;
733
734 orf_refresh = 1;
735 stream_putc (s, when_to_refresh);
736 stream_putc (s, orf_type);
737 orfp = stream_get_endp (s);
738 stream_putw (s, 0);
739
740 if (remove)
741 {
742 UNSET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_PREFIX_SEND);
743 stream_putc (s, ORF_COMMON_PART_REMOVE_ALL);
744 if (bgp_debug_neighbor_events(peer))
745 zlog_debug ("%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d",
746 peer->host, orf_type,
747 (when_to_refresh == REFRESH_DEFER ? "defer" : "immediate"),
748 pkt_afi, pkt_safi);
749 }
750 else
751 {
752 SET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_PREFIX_SEND);
753 prefix_bgp_orf_entry (s, filter->plist[FILTER_IN].plist,
754 ORF_COMMON_PART_ADD, ORF_COMMON_PART_PERMIT,
755 ORF_COMMON_PART_DENY);
756 if (bgp_debug_neighbor_events(peer))
757 zlog_debug ("%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d",
758 peer->host, orf_type,
759 (when_to_refresh == REFRESH_DEFER ? "defer" : "immediate"),
760 pkt_afi, pkt_safi);
761 }
762
763 /* Total ORF Entry Len. */
764 orf_len = stream_get_endp (s) - orfp - 2;
765 stream_putw_at (s, orfp, orf_len);
766 }
767
768 /* Set packet size. */
769 (void)bgp_packet_set_size (s);
770
771 if (bgp_debug_neighbor_events(peer))
772 {
773 if (! orf_refresh)
774 zlog_debug ("%s sending REFRESH_REQ for afi/safi: %d/%d",
775 peer->host, pkt_afi, pkt_safi);
776 }
777
778 /* Add packet to the peer. */
779 bgp_packet_add (peer, s);
780
781 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
782 }
783
784 /* Send capability message to the peer. */
785 void
786 bgp_capability_send (struct peer *peer, afi_t afi, safi_t safi,
787 int capability_code, int action)
788 {
789 struct stream *s;
790 iana_afi_t pkt_afi;
791 safi_t pkt_safi;
792
793 /* Convert AFI, SAFI to values for packet. */
794 bgp_map_afi_safi_int2iana (afi, safi, &pkt_afi, &pkt_safi);
795
796 s = stream_new (BGP_MAX_PACKET_SIZE);
797
798 /* Make BGP update packet. */
799 bgp_packet_set_marker (s, BGP_MSG_CAPABILITY);
800
801 /* Encode MP_EXT capability. */
802 if (capability_code == CAPABILITY_CODE_MP)
803 {
804 stream_putc (s, action);
805 stream_putc (s, CAPABILITY_CODE_MP);
806 stream_putc (s, CAPABILITY_CODE_MP_LEN);
807 stream_putw (s, pkt_afi);
808 stream_putc (s, 0);
809 stream_putc (s, pkt_safi);
810
811 if (bgp_debug_neighbor_events(peer))
812 zlog_debug ("%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d",
813 peer->host, action == CAPABILITY_ACTION_SET ?
814 "Advertising" : "Removing", pkt_afi, pkt_safi);
815 }
816
817 /* Set packet size. */
818 (void)bgp_packet_set_size (s);
819
820 /* Add packet to the peer. */
821 bgp_packet_add (peer, s);
822
823 BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
824 }
825
826 /* RFC1771 6.8 Connection collision detection. */
827 static int
828 bgp_collision_detect (struct peer *new, struct in_addr remote_id)
829 {
830 struct peer *peer;
831
832 /* Upon receipt of an OPEN message, the local system must examine
833 all of its connections that are in the OpenConfirm state. A BGP
834 speaker may also examine connections in an OpenSent state if it
835 knows the BGP Identifier of the peer by means outside of the
836 protocol. If among these connections there is a connection to a
837 remote BGP speaker whose BGP Identifier equals the one in the
838 OPEN message, then the local system performs the following
839 collision resolution procedure: */
840
841 if ((peer = new->doppelganger) != NULL)
842 {
843 /* Do not accept the new connection in Established or Clearing states.
844 * Note that a peer GR is handled by closing the existing connection
845 * upon receipt of new one.
846 */
847 if (peer->status == Established || peer->status == Clearing)
848 {
849 bgp_notify_send (new, BGP_NOTIFY_CEASE,
850 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
851 return (-1);
852 }
853 else if ((peer->status == OpenConfirm) || (peer->status == OpenSent))
854 {
855 /* 1. The BGP Identifier of the local system is compared to
856 the BGP Identifier of the remote system (as specified in
857 the OPEN message). */
858
859 if (ntohl (peer->local_id.s_addr) < ntohl (remote_id.s_addr))
860 if (!CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER))
861 {
862 /* 2. If the value of the local BGP Identifier is less
863 than the remote one, the local system closes BGP
864 connection that already exists (the one that is
865 already in the OpenConfirm state), and accepts BGP
866 connection initiated by the remote system. */
867 bgp_notify_send (peer, BGP_NOTIFY_CEASE,
868 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
869 return 1;
870 }
871 else
872 {
873 bgp_notify_send (new, BGP_NOTIFY_CEASE,
874 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
875 return -1;
876 }
877 else
878 {
879 /* 3. Otherwise, the local system closes newly created
880 BGP connection (the one associated with the newly
881 received OPEN message), and continues to use the
882 existing one (the one that is already in the
883 OpenConfirm state). */
884 if (CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER))
885 {
886 bgp_notify_send (peer, BGP_NOTIFY_CEASE,
887 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
888 return 1;
889 }
890 else
891 {
892 bgp_notify_send (new, BGP_NOTIFY_CEASE,
893 BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
894 return -1;
895 }
896 }
897 }
898 }
899 return 0;
900 }
901
902 static int
903 bgp_open_receive (struct peer *peer, bgp_size_t size)
904 {
905 int ret;
906 u_char version;
907 u_char optlen;
908 u_int16_t holdtime;
909 u_int16_t send_holdtime;
910 as_t remote_as;
911 as_t as4 = 0;
912 struct in_addr remote_id;
913 int mp_capability;
914 u_int8_t notify_data_remote_as[2];
915 u_int8_t notify_data_remote_as4[4];
916 u_int8_t notify_data_remote_id[4];
917 u_int16_t *holdtime_ptr;
918
919 /* Parse open packet. */
920 version = stream_getc (peer->ibuf);
921 memcpy (notify_data_remote_as, stream_pnt (peer->ibuf), 2);
922 remote_as = stream_getw (peer->ibuf);
923 holdtime_ptr = (u_int16_t *)stream_pnt (peer->ibuf);
924 holdtime = stream_getw (peer->ibuf);
925 memcpy (notify_data_remote_id, stream_pnt (peer->ibuf), 4);
926 remote_id.s_addr = stream_get_ipv4 (peer->ibuf);
927
928 /* Receive OPEN message log */
929 if (bgp_debug_neighbor_events(peer))
930 zlog_debug ("%s rcv OPEN, version %d, remote-as (in open) %u,"
931 " holdtime %d, id %s",
932 peer->host, version, remote_as, holdtime,
933 inet_ntoa (remote_id));
934
935 /* BEGIN to read the capability here, but dont do it yet */
936 mp_capability = 0;
937 optlen = stream_getc (peer->ibuf);
938
939 if (optlen != 0)
940 {
941 /* If not enough bytes, it is an error. */
942 if (STREAM_READABLE(peer->ibuf) < optlen)
943 {
944 bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
945 BGP_NOTIFY_OPEN_MALFORMED_ATTR);
946 return -1;
947 }
948
949 /* We need the as4 capability value *right now* because
950 * if it is there, we have not got the remote_as yet, and without
951 * that we do not know which peer is connecting to us now.
952 */
953 as4 = peek_for_as4_capability (peer, optlen);
954 memcpy (notify_data_remote_as4, &as4, 4);
955 }
956
957 /* Just in case we have a silly peer who sends AS4 capability set to 0 */
958 if (CHECK_FLAG (peer->cap, PEER_CAP_AS4_RCV) && !as4)
959 {
960 zlog_err ("%s bad OPEN, got AS4 capability, but AS4 set to 0",
961 peer->host);
962 bgp_notify_send_with_data (peer,
963 BGP_NOTIFY_OPEN_ERR,
964 BGP_NOTIFY_OPEN_BAD_PEER_AS,
965 notify_data_remote_as4, 4);
966 return -1;
967 }
968
969 if (remote_as == BGP_AS_TRANS)
970 {
971 /* Take the AS4 from the capability. We must have received the
972 * capability now! Otherwise we have a asn16 peer who uses
973 * BGP_AS_TRANS, for some unknown reason.
974 */
975 if (as4 == BGP_AS_TRANS)
976 {
977 zlog_err ("%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
978 peer->host);
979 bgp_notify_send_with_data (peer,
980 BGP_NOTIFY_OPEN_ERR,
981 BGP_NOTIFY_OPEN_BAD_PEER_AS,
982 notify_data_remote_as4, 4);
983 return -1;
984 }
985
986 if (!as4 && BGP_DEBUG (as4, AS4))
987 zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
988 " Odd, but proceeding.", peer->host);
989 else if (as4 < BGP_AS_MAX && BGP_DEBUG (as4, AS4))
990 zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
991 "in 2-bytes, very odd peer.", peer->host, as4);
992 if (as4)
993 remote_as = as4;
994 }
995 else
996 {
997 /* We may have a partner with AS4 who has an asno < BGP_AS_MAX */
998 /* If we have got the capability, peer->as4cap must match remote_as */
999 if (CHECK_FLAG (peer->cap, PEER_CAP_AS4_RCV)
1000 && as4 != remote_as)
1001 {
1002 /* raise error, log this, close session */
1003 zlog_err ("%s bad OPEN, got AS4 capability, but remote_as %u"
1004 " mismatch with 16bit 'myasn' %u in open",
1005 peer->host, as4, remote_as);
1006 bgp_notify_send_with_data (peer,
1007 BGP_NOTIFY_OPEN_ERR,
1008 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1009 notify_data_remote_as4, 4);
1010 return -1;
1011 }
1012 }
1013
1014 /* remote router-id check. */
1015 if (remote_id.s_addr == 0
1016 || IPV4_CLASS_DE (ntohl (remote_id.s_addr))
1017 || ntohl (peer->local_id.s_addr) == ntohl (remote_id.s_addr))
1018 {
1019 if (bgp_debug_neighbor_events(peer))
1020 zlog_debug ("%s bad OPEN, wrong router identifier %s",
1021 peer->host, inet_ntoa (remote_id));
1022 bgp_notify_send_with_data (peer,
1023 BGP_NOTIFY_OPEN_ERR,
1024 BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
1025 notify_data_remote_id, 4);
1026 return -1;
1027 }
1028
1029 /* Set remote router-id */
1030 peer->remote_id = remote_id;
1031
1032 /* Peer BGP version check. */
1033 if (version != BGP_VERSION_4)
1034 {
1035 u_int16_t maxver = htons(BGP_VERSION_4);
1036 /* XXX this reply may not be correct if version < 4 XXX */
1037 if (bgp_debug_neighbor_events(peer))
1038 zlog_debug ("%s bad protocol version, remote requested %d, local request %d",
1039 peer->host, version, BGP_VERSION_4);
1040 /* Data must be in network byte order here */
1041 bgp_notify_send_with_data (peer,
1042 BGP_NOTIFY_OPEN_ERR,
1043 BGP_NOTIFY_OPEN_UNSUP_VERSION,
1044 (u_int8_t *) &maxver, 2);
1045 return -1;
1046 }
1047
1048 /* Check neighbor as number. */
1049 if (peer->as_type == AS_UNSPECIFIED)
1050 {
1051 if (bgp_debug_neighbor_events(peer))
1052 zlog_debug("%s bad OPEN, remote AS is unspecified currently", peer->host);
1053 bgp_notify_send_with_data(peer,
1054 BGP_NOTIFY_OPEN_ERR,
1055 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1056 notify_data_remote_as, 2);
1057 return -1;
1058 }
1059 else if (peer->as_type == AS_INTERNAL)
1060 {
1061 if (remote_as != peer->bgp->as)
1062 {
1063 if (bgp_debug_neighbor_events(peer))
1064 zlog_debug ("%s bad OPEN, remote AS is %u, internal specified",
1065 peer->host, remote_as);
1066 bgp_notify_send_with_data (peer,
1067 BGP_NOTIFY_OPEN_ERR,
1068 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1069 notify_data_remote_as, 2);
1070 return -1;
1071 }
1072 peer->as = peer->local_as;
1073 }
1074 else if (peer->as_type == AS_EXTERNAL)
1075 {
1076 if (remote_as == peer->bgp->as)
1077 {
1078 if (bgp_debug_neighbor_events(peer))
1079 zlog_debug ("%s bad OPEN, remote AS is %u, external specified",
1080 peer->host, remote_as);
1081 bgp_notify_send_with_data (peer,
1082 BGP_NOTIFY_OPEN_ERR,
1083 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1084 notify_data_remote_as, 2);
1085 return -1;
1086 }
1087 peer->as = remote_as;
1088 }
1089 else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as))
1090 {
1091 if (bgp_debug_neighbor_events(peer))
1092 zlog_debug ("%s bad OPEN, remote AS is %u, expected %u",
1093 peer->host, remote_as, peer->as);
1094 bgp_notify_send_with_data (peer,
1095 BGP_NOTIFY_OPEN_ERR,
1096 BGP_NOTIFY_OPEN_BAD_PEER_AS,
1097 notify_data_remote_as, 2);
1098 return -1;
1099 }
1100
1101 /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
1102 calculate the value of the Hold Timer by using the smaller of its
1103 configured Hold Time and the Hold Time received in the OPEN message.
1104 The Hold Time MUST be either zero or at least three seconds. An
1105 implementation may reject connections on the basis of the Hold Time. */
1106
1107 if (holdtime < 3 && holdtime != 0)
1108 {
1109 bgp_notify_send_with_data (peer,
1110 BGP_NOTIFY_OPEN_ERR,
1111 BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
1112 (u_char *)holdtime_ptr, 2);
1113 return -1;
1114 }
1115
1116 /* From the rfc: A reasonable maximum time between KEEPALIVE messages
1117 would be one third of the Hold Time interval. KEEPALIVE messages
1118 MUST NOT be sent more frequently than one per second. An
1119 implementation MAY adjust the rate at which it sends KEEPALIVE
1120 messages as a function of the Hold Time interval. */
1121
1122 if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
1123 send_holdtime = peer->holdtime;
1124 else
1125 send_holdtime = peer->bgp->default_holdtime;
1126
1127 if (holdtime < send_holdtime)
1128 peer->v_holdtime = holdtime;
1129 else
1130 peer->v_holdtime = send_holdtime;
1131
1132 peer->v_keepalive = peer->v_holdtime / 3;
1133
1134 /* Open option part parse. */
1135 if (optlen != 0)
1136 {
1137 if ((ret = bgp_open_option_parse (peer, optlen, &mp_capability)) < 0)
1138 return ret;
1139 }
1140 else
1141 {
1142 if (bgp_debug_neighbor_events(peer))
1143 zlog_debug ("%s rcvd OPEN w/ OPTION parameter len: 0",
1144 peer->host);
1145 }
1146
1147 /*
1148 * Assume that the peer supports the locally configured set of
1149 * AFI/SAFIs if the peer did not send us any Mulitiprotocol
1150 * capabilities, or if 'override-capability' is configured.
1151 */
1152 if (! mp_capability ||
1153 CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
1154 {
1155 peer->afc_nego[AFI_IP][SAFI_UNICAST] = peer->afc[AFI_IP][SAFI_UNICAST];
1156 peer->afc_nego[AFI_IP][SAFI_MULTICAST] = peer->afc[AFI_IP][SAFI_MULTICAST];
1157 peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] = peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
1158 peer->afc_nego[AFI_IP6][SAFI_UNICAST] = peer->afc[AFI_IP6][SAFI_UNICAST];
1159 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] = peer->afc[AFI_IP6][SAFI_MULTICAST];
1160 peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] = peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
1161 }
1162
1163 /* When collision is detected and this peer is closed. Retrun
1164 immidiately. */
1165 ret = bgp_collision_detect (peer, remote_id);
1166 if (ret < 0)
1167 return ret;
1168
1169 /* Get sockname. */
1170 if ((ret = bgp_getsockname (peer)) < 0)
1171 {
1172 zlog_err("%s: bgp_getsockname() failed for peer: %s", __FUNCTION__,
1173 peer->host);
1174 return (ret);
1175 }
1176
1177 /* Verify valid local address present based on negotiated address-families. */
1178 if (peer->afc_nego[AFI_IP][SAFI_UNICAST] ||
1179 peer->afc_nego[AFI_IP][SAFI_MULTICAST] ||
1180 peer->afc_nego[AFI_IP][SAFI_MPLS_VPN] ||
1181 peer->afc_nego[AFI_IP][SAFI_ENCAP])
1182 {
1183 if (!peer->nexthop.v4.s_addr)
1184 {
1185 #if defined (HAVE_CUMULUS)
1186 zlog_err ("%s: No local IPv4 addr resetting connection, fd %d",
1187 peer->host, peer->fd);
1188 bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1189 return -1;
1190 #endif
1191 }
1192 }
1193 if (peer->afc_nego[AFI_IP6][SAFI_UNICAST] ||
1194 peer->afc_nego[AFI_IP6][SAFI_MULTICAST] ||
1195 peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN] ||
1196 peer->afc_nego[AFI_IP6][SAFI_ENCAP])
1197 {
1198 if (IN6_IS_ADDR_UNSPECIFIED (&peer->nexthop.v6_global))
1199 {
1200 #if defined (HAVE_CUMULUS)
1201 zlog_err ("%s: No local IPv6 addr resetting connection, fd %d",
1202 peer->host, peer->fd);
1203 bgp_notify_send (peer, BGP_NOTIFY_CEASE, BGP_NOTIFY_SUBCODE_UNSPECIFIC);
1204 return -1;
1205 #endif
1206 }
1207 }
1208 peer->rtt = sockopt_tcp_rtt (peer->fd);
1209
1210 if ((ret = bgp_event_update(peer, Receive_OPEN_message)) < 0)
1211 {
1212 zlog_err("%s: BGP event update failed for peer: %s", __FUNCTION__,
1213 peer->host);
1214 /* DD: bgp send notify and reset state */
1215 return (ret);
1216 }
1217
1218 peer->packet_size = 0;
1219 if (peer->ibuf)
1220 stream_reset (peer->ibuf);
1221
1222 return 0;
1223 }
1224
1225 /* Called when there is a change in the EOR(implicit or explicit) status of a peer.
1226 Ends the update-delay if all expected peers are done with EORs. */
1227 void
1228 bgp_check_update_delay(struct bgp *bgp)
1229 {
1230 struct listnode *node, *nnode;
1231 struct peer *peer = NULL;
1232
1233 if (bgp_debug_neighbor_events(peer))
1234 zlog_debug ("Checking update delay, T: %d R: %d I:%d E: %d", bgp->established,
1235 bgp->restarted_peers, bgp->implicit_eors, bgp->explicit_eors);
1236
1237 if (bgp->established <=
1238 bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors)
1239 {
1240 /* This is an extra sanity check to make sure we wait for all the
1241 eligible configured peers. This check is performed if establish wait
1242 timer is on, or establish wait option is not given with the
1243 update-delay command */
1244 if (bgp->t_establish_wait ||
1245 (bgp->v_establish_wait == bgp->v_update_delay))
1246 for (ALL_LIST_ELEMENTS (bgp->peer, node, nnode, peer))
1247 {
1248 if (CHECK_FLAG(peer->flags, PEER_FLAG_CONFIG_NODE)
1249 && !CHECK_FLAG (peer->flags, PEER_FLAG_SHUTDOWN)
1250 && !peer->update_delay_over)
1251 {
1252 if (bgp_debug_neighbor_events(peer))
1253 zlog_debug (" Peer %s pending, continuing read-only mode",
1254 peer->host);
1255 return;
1256 }
1257 }
1258
1259 zlog_info ("Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
1260 bgp->restarted_peers, bgp->implicit_eors, bgp->explicit_eors);
1261 bgp_update_delay_end(bgp);
1262 }
1263 }
1264
1265 /* Called if peer is known to have restarted. The restart-state bit in
1266 Graceful-Restart capability is used for that */
1267 void
1268 bgp_update_restarted_peers (struct peer *peer)
1269 {
1270 if (!bgp_update_delay_active(peer->bgp)) return; /* BGP update delay has ended */
1271 if (peer->update_delay_over) return; /* This peer has already been considered */
1272
1273 if (bgp_debug_neighbor_events(peer))
1274 zlog_debug ("Peer %s: Checking restarted", peer->host);
1275
1276 if (peer->status == Established)
1277 {
1278 peer->update_delay_over = 1;
1279 peer->bgp->restarted_peers++;
1280 bgp_check_update_delay(peer->bgp);
1281 }
1282 }
1283
1284 /* Called as peer receives a keep-alive. Determines if this occurence can be
1285 taken as an implicit EOR for this peer.
1286 NOTE: The very first keep-alive after the Established state of a peer is
1287 considered implicit EOR for the update-delay purposes */
1288 void
1289 bgp_update_implicit_eors (struct peer *peer)
1290 {
1291 if (!bgp_update_delay_active(peer->bgp)) return; /* BGP update delay has ended */
1292 if (peer->update_delay_over) return; /* This peer has already been considered */
1293
1294 if (bgp_debug_neighbor_events(peer))
1295 zlog_debug ("Peer %s: Checking implicit EORs", peer->host);
1296
1297 if (peer->status == Established)
1298 {
1299 peer->update_delay_over = 1;
1300 peer->bgp->implicit_eors++;
1301 bgp_check_update_delay(peer->bgp);
1302 }
1303 }
1304
1305 /* Should be called only when there is a change in the EOR_RECEIVED status
1306 for any afi/safi on a peer */
1307 static void
1308 bgp_update_explicit_eors (struct peer *peer)
1309 {
1310 afi_t afi;
1311 safi_t safi;
1312
1313 if (!bgp_update_delay_active(peer->bgp)) return; /* BGP update delay has ended */
1314 if (peer->update_delay_over) return; /* This peer has already been considered */
1315
1316 if (bgp_debug_neighbor_events(peer))
1317 zlog_debug ("Peer %s: Checking explicit EORs", peer->host);
1318
1319 for (afi = AFI_IP; afi < AFI_MAX; afi++)
1320 for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
1321 {
1322 if (peer->afc_nego[afi][safi] &&
1323 !CHECK_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EOR_RECEIVED))
1324 {
1325 if (bgp_debug_neighbor_events(peer))
1326 zlog_debug (" afi %d safi %d didnt receive EOR", afi, safi);
1327 return;
1328 }
1329 }
1330
1331 peer->update_delay_over = 1;
1332 peer->bgp->explicit_eors++;
1333 bgp_check_update_delay(peer->bgp);
1334 }
1335
1336 /* Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers
1337 * mp_withdraw, if set, is used to nullify attr structure on most of the calling safi function
1338 * and for evpn, passed as parameter
1339 */
1340 int
1341 bgp_nlri_parse (struct peer *peer, struct attr *attr, struct bgp_nlri *packet, int mp_withdraw)
1342 {
1343 switch (packet->safi)
1344 {
1345 case SAFI_UNICAST:
1346 case SAFI_MULTICAST:
1347 return bgp_nlri_parse_ip (peer, mp_withdraw?NULL:attr, packet);
1348 case SAFI_LABELED_UNICAST:
1349 return bgp_nlri_parse_label (peer, mp_withdraw?NULL:attr, packet);
1350 case SAFI_MPLS_VPN:
1351 return bgp_nlri_parse_vpn (peer, mp_withdraw?NULL:attr, packet);
1352 case SAFI_ENCAP:
1353 return bgp_nlri_parse_encap (peer, mp_withdraw?NULL:attr, packet);
1354 case SAFI_EVPN:
1355 return bgp_nlri_parse_evpn (peer, attr, packet, mp_withdraw);
1356 }
1357 return -1;
1358 }
1359
1360 /* Parse BGP Update packet and make attribute object. */
1361 static int
1362 bgp_update_receive (struct peer *peer, bgp_size_t size)
1363 {
1364 int ret, nlri_ret;
1365 u_char *end;
1366 struct stream *s;
1367 struct attr attr;
1368 struct attr_extra extra;
1369 bgp_size_t attribute_len;
1370 bgp_size_t update_len;
1371 bgp_size_t withdraw_len;
1372
1373 enum NLRI_TYPES {
1374 NLRI_UPDATE,
1375 NLRI_WITHDRAW,
1376 NLRI_MP_UPDATE,
1377 NLRI_MP_WITHDRAW,
1378 NLRI_TYPE_MAX
1379 };
1380 struct bgp_nlri nlris[NLRI_TYPE_MAX];
1381
1382 /* Status must be Established. */
1383 if (peer->status != Established)
1384 {
1385 zlog_err ("%s [FSM] Update packet received under status %s",
1386 peer->host, LOOKUP (bgp_status_msg, peer->status));
1387 bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
1388 return -1;
1389 }
1390
1391 /* Set initial values. */
1392 memset (&attr, 0, sizeof (struct attr));
1393 memset (&extra, 0, sizeof (struct attr_extra));
1394 extra.label_index = BGP_INVALID_LABEL_INDEX;
1395 memset (&nlris, 0, sizeof (nlris));
1396 attr.extra = &extra;
1397 memset (peer->rcvd_attr_str, 0, BUFSIZ);
1398 peer->rcvd_attr_printed = 0;
1399
1400 s = peer->ibuf;
1401 end = stream_pnt (s) + size;
1402
1403 /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
1404 Length is too large (i.e., if Unfeasible Routes Length + Total
1405 Attribute Length + 23 exceeds the message Length), then the Error
1406 Subcode is set to Malformed Attribute List. */
1407 if (stream_pnt (s) + 2 > end)
1408 {
1409 zlog_err ("%s [Error] Update packet error"
1410 " (packet length is short for unfeasible length)",
1411 peer->host);
1412 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1413 BGP_NOTIFY_UPDATE_MAL_ATTR);
1414 return -1;
1415 }
1416
1417 /* Unfeasible Route Length. */
1418 withdraw_len = stream_getw (s);
1419
1420 /* Unfeasible Route Length check. */
1421 if (stream_pnt (s) + withdraw_len > end)
1422 {
1423 zlog_err ("%s [Error] Update packet error"
1424 " (packet unfeasible length overflow %d)",
1425 peer->host, withdraw_len);
1426 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1427 BGP_NOTIFY_UPDATE_MAL_ATTR);
1428 return -1;
1429 }
1430
1431 /* Unfeasible Route packet format check. */
1432 if (withdraw_len > 0)
1433 {
1434 nlris[NLRI_WITHDRAW].afi = AFI_IP;
1435 nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
1436 nlris[NLRI_WITHDRAW].nlri = stream_pnt (s);
1437 nlris[NLRI_WITHDRAW].length = withdraw_len;
1438 stream_forward_getp (s, withdraw_len);
1439 }
1440
1441 /* Attribute total length check. */
1442 if (stream_pnt (s) + 2 > end)
1443 {
1444 zlog_warn ("%s [Error] Packet Error"
1445 " (update packet is short for attribute length)",
1446 peer->host);
1447 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1448 BGP_NOTIFY_UPDATE_MAL_ATTR);
1449 return -1;
1450 }
1451
1452 /* Fetch attribute total length. */
1453 attribute_len = stream_getw (s);
1454
1455 /* Attribute length check. */
1456 if (stream_pnt (s) + attribute_len > end)
1457 {
1458 zlog_warn ("%s [Error] Packet Error"
1459 " (update packet attribute length overflow %d)",
1460 peer->host, attribute_len);
1461 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1462 BGP_NOTIFY_UPDATE_MAL_ATTR);
1463 return -1;
1464 }
1465
1466 /* Certain attribute parsing errors should not be considered bad enough
1467 * to reset the session for, most particularly any partial/optional
1468 * attributes that have 'tunneled' over speakers that don't understand
1469 * them. Instead we withdraw only the prefix concerned.
1470 *
1471 * Complicates the flow a little though..
1472 */
1473 bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
1474 /* This define morphs the update case into a withdraw when lower levels
1475 * have signalled an error condition where this is best.
1476 */
1477 #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
1478
1479 /* Parse attribute when it exists. */
1480 if (attribute_len)
1481 {
1482 attr_parse_ret = bgp_attr_parse (peer, &attr, attribute_len,
1483 &nlris[NLRI_MP_UPDATE], &nlris[NLRI_MP_WITHDRAW]);
1484 if (attr_parse_ret == BGP_ATTR_PARSE_ERROR)
1485 {
1486 bgp_attr_unintern_sub (&attr);
1487 return -1;
1488 }
1489 }
1490
1491 /* Logging the attribute. */
1492 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW ||
1493 BGP_DEBUG (update, UPDATE_IN) ||
1494 BGP_DEBUG (update, UPDATE_PREFIX))
1495 {
1496 ret = bgp_dump_attr (&attr, peer->rcvd_attr_str, BUFSIZ);
1497
1498 if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
1499 zlog_err ("%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
1500 peer->host);
1501
1502 if (ret && bgp_debug_update(peer, NULL, NULL, 1))
1503 {
1504 zlog_debug ("%s rcvd UPDATE w/ attr: %s", peer->host, peer->rcvd_attr_str);
1505 peer->rcvd_attr_printed = 1;
1506 }
1507 }
1508
1509 /* Network Layer Reachability Information. */
1510 update_len = end - stream_pnt (s);
1511
1512 if (update_len)
1513 {
1514 /* Set NLRI portion to structure. */
1515 nlris[NLRI_UPDATE].afi = AFI_IP;
1516 nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
1517 nlris[NLRI_UPDATE].nlri = stream_pnt (s);
1518 nlris[NLRI_UPDATE].length = update_len;
1519 stream_forward_getp (s, update_len);
1520 }
1521
1522 if (BGP_DEBUG (update, UPDATE_IN))
1523 zlog_debug("%s rcvd UPDATE wlen %d attrlen %d alen %d",
1524 peer->host, withdraw_len, attribute_len, update_len);
1525
1526 /* Parse any given NLRIs */
1527 for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++)
1528 {
1529 if (!nlris[i].nlri)
1530 continue;
1531
1532 /* NLRI is processed iff the peer if configured for the specific afi/safi */
1533 if (!peer->afc[nlris[i].afi][nlris[i].safi])
1534 {
1535 zlog_info ("%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
1536 peer->host, nlris[i].afi, nlris[i].safi);
1537 continue;
1538 }
1539
1540 /* EoR handled later */
1541 if (nlris[i].length == 0)
1542 continue;
1543
1544 switch (i)
1545 {
1546 case NLRI_UPDATE:
1547 case NLRI_MP_UPDATE:
1548 nlri_ret = bgp_nlri_parse (peer, NLRI_ATTR_ARG, &nlris[i], 0);
1549 break;
1550 case NLRI_WITHDRAW:
1551 case NLRI_MP_WITHDRAW:
1552 nlri_ret = bgp_nlri_parse (peer, &attr, &nlris[i], 1);
1553 break;
1554 default:
1555 nlri_ret = -1;
1556 }
1557
1558 if (nlri_ret < 0)
1559 {
1560 zlog_err("%s [Error] Error parsing NLRI", peer->host);
1561 if (peer->status == Established)
1562 bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
1563 i <= NLRI_WITHDRAW ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
1564 : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
1565 bgp_attr_unintern_sub (&attr);
1566 return -1;
1567 }
1568 }
1569
1570 /* EoR checks
1571 *
1572 * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
1573 * and MP EoR should have only an empty MP_UNREACH
1574 */
1575 if (!update_len && !withdraw_len
1576 && nlris[NLRI_MP_UPDATE].length == 0)
1577 {
1578 afi_t afi = 0;
1579 safi_t safi;
1580
1581 /* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already checked
1582 * update and withdraw NLRI lengths are 0.
1583 */
1584 if (!attribute_len)
1585 {
1586 afi = AFI_IP;
1587 safi = SAFI_UNICAST;
1588 }
1589 else if (attr.flag & ATTR_FLAG_BIT (BGP_ATTR_MP_UNREACH_NLRI)
1590 && nlris[NLRI_MP_WITHDRAW].length == 0)
1591 {
1592 afi = nlris[NLRI_MP_WITHDRAW].afi;
1593 safi = nlris[NLRI_MP_WITHDRAW].safi;
1594 }
1595
1596 if (afi && peer->afc[afi][safi])
1597 {
1598 /* End-of-RIB received */
1599 if (!CHECK_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_EOR_RECEIVED))
1600 {
1601 SET_FLAG (peer->af_sflags[afi][safi],
1602 PEER_STATUS_EOR_RECEIVED);
1603 bgp_update_explicit_eors(peer);
1604 }
1605
1606 /* NSF delete stale route */
1607 if (peer->nsf[afi][safi])
1608 bgp_clear_stale_route (peer, afi, safi);
1609
1610 if (bgp_debug_neighbor_events(peer))
1611 {
1612 zlog_debug ("rcvd End-of-RIB for %s from %s",
1613 afi_safi_print (afi, safi), peer->host);
1614 }
1615 }
1616 }
1617
1618 /* Everything is done. We unintern temporary structures which
1619 interned in bgp_attr_parse(). */
1620 bgp_attr_unintern_sub (&attr);
1621
1622 /* If peering is stopped due to some reason, do not generate BGP
1623 event. */
1624 if (peer->status != Established)
1625 return 0;
1626
1627 /* Increment packet counter. */
1628 peer->update_in++;
1629 peer->update_time = bgp_clock ();
1630
1631 /* Rearm holdtime timer */
1632 BGP_TIMER_OFF (peer->t_holdtime);
1633 bgp_timer_set (peer);
1634
1635 return 0;
1636 }
1637
1638 /* Notify message treatment function. */
1639 static void
1640 bgp_notify_receive (struct peer *peer, bgp_size_t size)
1641 {
1642 struct bgp_notify bgp_notify;
1643
1644 if (peer->notify.data)
1645 {
1646 XFREE (MTYPE_TMP, peer->notify.data);
1647 peer->notify.data = NULL;
1648 peer->notify.length = 0;
1649 }
1650
1651 bgp_notify.code = stream_getc (peer->ibuf);
1652 bgp_notify.subcode = stream_getc (peer->ibuf);
1653 bgp_notify.length = size - 2;
1654 bgp_notify.data = NULL;
1655
1656 /* Preserv notify code and sub code. */
1657 peer->notify.code = bgp_notify.code;
1658 peer->notify.subcode = bgp_notify.subcode;
1659 /* For further diagnostic record returned Data. */
1660 if (bgp_notify.length)
1661 {
1662 peer->notify.length = size - 2;
1663 peer->notify.data = XMALLOC (MTYPE_TMP, size - 2);
1664 memcpy (peer->notify.data, stream_pnt (peer->ibuf), size - 2);
1665 }
1666
1667 /* For debug */
1668 {
1669 int i;
1670 int first = 0;
1671 char c[4];
1672
1673 if (bgp_notify.length)
1674 {
1675 bgp_notify.data = XMALLOC (MTYPE_TMP, bgp_notify.length * 3);
1676 for (i = 0; i < bgp_notify.length; i++)
1677 if (first)
1678 {
1679 sprintf (c, " %02x", stream_getc (peer->ibuf));
1680 strcat (bgp_notify.data, c);
1681 }
1682 else
1683 {
1684 first = 1;
1685 sprintf (c, "%02x", stream_getc (peer->ibuf));
1686 strcpy (bgp_notify.data, c);
1687 }
1688 bgp_notify.raw_data = (u_char*)peer->notify.data;
1689 }
1690
1691 bgp_notify_print(peer, &bgp_notify, "received");
1692 if (bgp_notify.data)
1693 {
1694 XFREE (MTYPE_TMP, bgp_notify.data);
1695 bgp_notify.data = NULL;
1696 bgp_notify.length = 0;
1697 }
1698 }
1699
1700 /* peer count update */
1701 peer->notify_in++;
1702
1703 peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
1704
1705 /* We have to check for Notify with Unsupported Optional Parameter.
1706 in that case we fallback to open without the capability option.
1707 But this done in bgp_stop. We just mark it here to avoid changing
1708 the fsm tables. */
1709 if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR &&
1710 bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM )
1711 UNSET_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
1712
1713 BGP_EVENT_ADD (peer, Receive_NOTIFICATION_message);
1714 }
1715
1716 /* Keepalive treatment function -- get keepalive send keepalive */
1717 static void
1718 bgp_keepalive_receive (struct peer *peer, bgp_size_t size)
1719 {
1720 if (bgp_debug_keepalive(peer))
1721 zlog_debug ("%s KEEPALIVE rcvd", peer->host);
1722
1723 BGP_EVENT_ADD (peer, Receive_KEEPALIVE_message);
1724 }
1725
1726 /* Route refresh message is received. */
1727 static void
1728 bgp_route_refresh_receive (struct peer *peer, bgp_size_t size)
1729 {
1730 iana_afi_t pkt_afi;
1731 afi_t afi;
1732 safi_t pkt_safi, safi;
1733 struct stream *s;
1734 struct peer_af *paf;
1735 struct update_group *updgrp;
1736 struct peer *updgrp_peer;
1737
1738 /* If peer does not have the capability, send notification. */
1739 if (! CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_ADV))
1740 {
1741 zlog_err ("%s [Error] BGP route refresh is not enabled",
1742 peer->host);
1743 bgp_notify_send (peer,
1744 BGP_NOTIFY_HEADER_ERR,
1745 BGP_NOTIFY_HEADER_BAD_MESTYPE);
1746 return;
1747 }
1748
1749 /* Status must be Established. */
1750 if (peer->status != Established)
1751 {
1752 zlog_err ("%s [Error] Route refresh packet received under status %s",
1753 peer->host, LOOKUP (bgp_status_msg, peer->status));
1754 bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
1755 return;
1756 }
1757
1758 s = peer->ibuf;
1759
1760 /* Parse packet. */
1761 pkt_afi = stream_getw (s);
1762 (void)stream_getc (s);
1763 pkt_safi = stream_getc (s);
1764
1765 if (bgp_debug_update(peer, NULL, NULL, 0))
1766 zlog_debug ("%s rcvd REFRESH_REQ for afi/safi: %d/%d",
1767 peer->host, pkt_afi, pkt_safi);
1768
1769 /* Convert AFI, SAFI to internal values and check. */
1770 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
1771 {
1772 zlog_info ("%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored",
1773 peer->host, pkt_afi, pkt_safi);
1774 return;
1775 }
1776
1777 if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
1778 {
1779 u_char *end;
1780 u_char when_to_refresh;
1781 u_char orf_type;
1782 u_int16_t orf_len;
1783
1784 if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) < 5)
1785 {
1786 zlog_info ("%s ORF route refresh length error", peer->host);
1787 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1788 return;
1789 }
1790
1791 when_to_refresh = stream_getc (s);
1792 end = stream_pnt (s) + (size - 5);
1793
1794 while ((stream_pnt (s) + 2) < end)
1795 {
1796 orf_type = stream_getc (s);
1797 orf_len = stream_getw (s);
1798
1799 /* orf_len in bounds? */
1800 if ((stream_pnt (s) + orf_len) > end)
1801 break; /* XXX: Notify instead?? */
1802 if (orf_type == ORF_TYPE_PREFIX
1803 || orf_type == ORF_TYPE_PREFIX_OLD)
1804 {
1805 uint8_t *p_pnt = stream_pnt (s);
1806 uint8_t *p_end = stream_pnt (s) + orf_len;
1807 struct orf_prefix orfp;
1808 u_char common = 0;
1809 u_int32_t seq;
1810 int psize;
1811 char name[BUFSIZ];
1812 int ret = CMD_SUCCESS;
1813
1814 if (bgp_debug_neighbor_events(peer))
1815 {
1816 zlog_debug ("%s rcvd Prefixlist ORF(%d) length %d",
1817 peer->host, orf_type, orf_len);
1818 }
1819
1820 /* we're going to read at least 1 byte of common ORF header,
1821 * and 7 bytes of ORF Address-filter entry from the stream
1822 */
1823 if (orf_len < 7)
1824 break;
1825
1826 /* ORF prefix-list name */
1827 sprintf (name, "%s.%d.%d", peer->host, afi, safi);
1828
1829 while (p_pnt < p_end)
1830 {
1831 /* If the ORF entry is malformed, want to read as much of it
1832 * as possible without going beyond the bounds of the entry,
1833 * to maximise debug information.
1834 */
1835 int ok;
1836 memset (&orfp, 0, sizeof (struct orf_prefix));
1837 common = *p_pnt++;
1838 /* after ++: p_pnt <= p_end */
1839 if (common & ORF_COMMON_PART_REMOVE_ALL)
1840 {
1841 if (bgp_debug_neighbor_events(peer))
1842 zlog_debug ("%s rcvd Remove-All pfxlist ORF request", peer->host);
1843 prefix_bgp_orf_remove_all (afi, name);
1844 break;
1845 }
1846 ok = ((u_int32_t)(p_end - p_pnt) >= sizeof(u_int32_t)) ;
1847 if (ok)
1848 {
1849 memcpy (&seq, p_pnt, sizeof (u_int32_t));
1850 p_pnt += sizeof (u_int32_t);
1851 orfp.seq = ntohl (seq);
1852 }
1853 else
1854 p_pnt = p_end ;
1855
1856 if ((ok = (p_pnt < p_end)))
1857 orfp.ge = *p_pnt++ ; /* value checked in prefix_bgp_orf_set() */
1858 if ((ok = (p_pnt < p_end)))
1859 orfp.le = *p_pnt++ ; /* value checked in prefix_bgp_orf_set() */
1860 if ((ok = (p_pnt < p_end)))
1861 orfp.p.prefixlen = *p_pnt++ ;
1862 orfp.p.family = afi2family (afi); /* afi checked already */
1863
1864 psize = PSIZE (orfp.p.prefixlen); /* 0 if not ok */
1865 if (psize > prefix_blen(&orfp.p)) /* valid for family ? */
1866 {
1867 ok = 0 ;
1868 psize = prefix_blen(&orfp.p) ;
1869 }
1870 if (psize > (p_end - p_pnt)) /* valid for packet ? */
1871 {
1872 ok = 0 ;
1873 psize = p_end - p_pnt ;
1874 }
1875
1876 if (psize > 0)
1877 memcpy (&orfp.p.u.prefix, p_pnt, psize);
1878 p_pnt += psize;
1879
1880 if (bgp_debug_neighbor_events(peer))
1881 {
1882 char buf[INET6_BUFSIZ];
1883
1884 zlog_debug ("%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
1885 peer->host,
1886 (common & ORF_COMMON_PART_REMOVE ? "Remove" : "Add"),
1887 (common & ORF_COMMON_PART_DENY ? "deny" : "permit"),
1888 orfp.seq,
1889 inet_ntop (orfp.p.family, &orfp.p.u.prefix, buf, INET6_BUFSIZ),
1890 orfp.p.prefixlen, orfp.ge, orfp.le,
1891 ok ? "" : " MALFORMED");
1892 }
1893
1894 if (ok)
1895 ret = prefix_bgp_orf_set (name, afi, &orfp,
1896 (common & ORF_COMMON_PART_DENY ? 0 : 1 ),
1897 (common & ORF_COMMON_PART_REMOVE ? 0 : 1));
1898
1899 if (!ok || (ok && ret != CMD_SUCCESS))
1900 {
1901 zlog_info ("%s Received misformatted prefixlist ORF."
1902 " Remove All pfxlist", peer->host);
1903 prefix_bgp_orf_remove_all (afi, name);
1904 break;
1905 }
1906 }
1907
1908 peer->orf_plist[afi][safi] = prefix_bgp_orf_lookup (afi, name);
1909 }
1910 stream_forward_getp (s, orf_len);
1911 }
1912 if (bgp_debug_neighbor_events(peer))
1913 zlog_debug ("%s rcvd Refresh %s ORF request", peer->host,
1914 when_to_refresh == REFRESH_DEFER ? "Defer" : "Immediate");
1915 if (when_to_refresh == REFRESH_DEFER)
1916 return;
1917 }
1918
1919 /* First update is deferred until ORF or ROUTE-REFRESH is received */
1920 if (CHECK_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_WAIT_REFRESH))
1921 UNSET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_WAIT_REFRESH);
1922
1923 paf = peer_af_find (peer, afi, safi);
1924 if (paf && paf->subgroup)
1925 {
1926 if (peer->orf_plist[afi][safi])
1927 {
1928 updgrp = PAF_UPDGRP(paf);
1929 updgrp_peer = UPDGRP_PEER(updgrp);
1930 updgrp_peer->orf_plist[afi][safi] = peer->orf_plist[afi][safi];
1931 }
1932
1933 /* If the peer is configured for default-originate clear the
1934 * SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will re-advertise the
1935 * default
1936 */
1937 if (CHECK_FLAG (paf->subgroup->sflags, SUBGRP_STATUS_DEFAULT_ORIGINATE))
1938 UNSET_FLAG (paf->subgroup->sflags, SUBGRP_STATUS_DEFAULT_ORIGINATE);
1939 }
1940
1941 /* Perform route refreshment to the peer */
1942 bgp_announce_route (peer, afi, safi);
1943 }
1944
1945 static int
1946 bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
1947 {
1948 u_char *end;
1949 struct capability_mp_data mpc;
1950 struct capability_header *hdr;
1951 u_char action;
1952 iana_afi_t pkt_afi;
1953 afi_t afi;
1954 safi_t pkt_safi, safi;
1955
1956 end = pnt + length;
1957
1958 while (pnt < end)
1959 {
1960 /* We need at least action, capability code and capability length. */
1961 if (pnt + 3 > end)
1962 {
1963 zlog_info ("%s Capability length error", peer->host);
1964 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1965 return -1;
1966 }
1967 action = *pnt;
1968 hdr = (struct capability_header *)(pnt + 1);
1969
1970 /* Action value check. */
1971 if (action != CAPABILITY_ACTION_SET
1972 && action != CAPABILITY_ACTION_UNSET)
1973 {
1974 zlog_info ("%s Capability Action Value error %d",
1975 peer->host, action);
1976 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1977 return -1;
1978 }
1979
1980 if (bgp_debug_neighbor_events(peer))
1981 zlog_debug ("%s CAPABILITY has action: %d, code: %u, length %u",
1982 peer->host, action, hdr->code, hdr->length);
1983
1984 /* Capability length check. */
1985 if ((pnt + hdr->length + 3) > end)
1986 {
1987 zlog_info ("%s Capability length error", peer->host);
1988 bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
1989 return -1;
1990 }
1991
1992 /* Fetch structure to the byte stream. */
1993 memcpy (&mpc, pnt + 3, sizeof (struct capability_mp_data));
1994
1995 /* We know MP Capability Code. */
1996 if (hdr->code == CAPABILITY_CODE_MP)
1997 {
1998 pkt_afi = ntohs (mpc.afi);
1999 pkt_safi = mpc.safi;
2000
2001 /* Ignore capability when override-capability is set. */
2002 if (CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
2003 continue;
2004
2005 /* Convert AFI, SAFI to internal values. */
2006 if (bgp_map_afi_safi_iana2int (pkt_afi, pkt_safi, &afi, &safi))
2007 {
2008 if (bgp_debug_neighbor_events(peer))
2009 zlog_debug ("%s Dynamic Capability MP_EXT afi/safi invalid "
2010 "(%u/%u)", peer->host, pkt_afi, pkt_safi);
2011 continue;
2012 }
2013
2014 /* Address family check. */
2015 if (bgp_debug_neighbor_events(peer))
2016 zlog_debug ("%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
2017 peer->host,
2018 action == CAPABILITY_ACTION_SET
2019 ? "Advertising" : "Removing",
2020 pkt_afi, pkt_safi);
2021
2022 if (action == CAPABILITY_ACTION_SET)
2023 {
2024 peer->afc_recv[afi][safi] = 1;
2025 if (peer->afc[afi][safi])
2026 {
2027 peer->afc_nego[afi][safi] = 1;
2028 bgp_announce_route (peer, afi, safi);
2029 }
2030 }
2031 else
2032 {
2033 peer->afc_recv[afi][safi] = 0;
2034 peer->afc_nego[afi][safi] = 0;
2035
2036 if (peer_active_nego (peer))
2037 bgp_clear_route (peer, afi, safi);
2038 else
2039 BGP_EVENT_ADD (peer, BGP_Stop);
2040 }
2041 }
2042 else
2043 {
2044 zlog_warn ("%s unrecognized capability code: %d - ignored",
2045 peer->host, hdr->code);
2046 }
2047 pnt += hdr->length + 3;
2048 }
2049 return 0;
2050 }
2051
2052 /* Dynamic Capability is received.
2053 *
2054 * This is exported for unit-test purposes
2055 */
2056 int
2057 bgp_capability_receive (struct peer *peer, bgp_size_t size)
2058 {
2059 u_char *pnt;
2060
2061 /* Fetch pointer. */
2062 pnt = stream_pnt (peer->ibuf);
2063
2064 if (bgp_debug_neighbor_events(peer))
2065 zlog_debug ("%s rcv CAPABILITY", peer->host);
2066
2067 /* If peer does not have the capability, send notification. */
2068 if (! CHECK_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV))
2069 {
2070 zlog_err ("%s [Error] BGP dynamic capability is not enabled",
2071 peer->host);
2072 bgp_notify_send (peer,
2073 BGP_NOTIFY_HEADER_ERR,
2074 BGP_NOTIFY_HEADER_BAD_MESTYPE);
2075 return -1;
2076 }
2077
2078 /* Status must be Established. */
2079 if (peer->status != Established)
2080 {
2081 zlog_err ("%s [Error] Dynamic capability packet received under status %s",
2082 peer->host, LOOKUP (bgp_status_msg, peer->status));
2083 bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
2084 return -1;
2085 }
2086
2087 /* Parse packet. */
2088 return bgp_capability_msg_parse (peer, pnt, size);
2089 }
2090
2091 /* BGP read utility function. */
2092 static int
2093 bgp_read_packet (struct peer *peer)
2094 {
2095 int nbytes;
2096 int readsize;
2097
2098 readsize = peer->packet_size - stream_get_endp (peer->ibuf);
2099
2100 /* If size is zero then return. */
2101 if (! readsize)
2102 return 0;
2103
2104 /* Read packet from fd. */
2105 nbytes = stream_read_try (peer->ibuf, peer->fd, readsize);
2106
2107 /* If read byte is smaller than zero then error occured. */
2108 if (nbytes < 0)
2109 {
2110 /* Transient error should retry */
2111 if (nbytes == -2)
2112 return -1;
2113
2114 zlog_err ("%s [Error] bgp_read_packet error: %s",
2115 peer->host, safe_strerror (errno));
2116
2117 if (peer->status == Established)
2118 {
2119 if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
2120 {
2121 peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
2122 SET_FLAG (peer->sflags, PEER_STATUS_NSF_WAIT);
2123 }
2124 else
2125 peer->last_reset = PEER_DOWN_CLOSE_SESSION;
2126 }
2127
2128 BGP_EVENT_ADD (peer, TCP_fatal_error);
2129 return -1;
2130 }
2131
2132 /* When read byte is zero : clear bgp peer and return */
2133 if (nbytes == 0)
2134 {
2135 if (bgp_debug_neighbor_events(peer))
2136 zlog_debug ("%s [Event] BGP connection closed fd %d",
2137 peer->host, peer->fd);
2138
2139 if (peer->status == Established)
2140 {
2141 if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
2142 {
2143 peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
2144 SET_FLAG (peer->sflags, PEER_STATUS_NSF_WAIT);
2145 }
2146 else
2147 peer->last_reset = PEER_DOWN_CLOSE_SESSION;
2148 }
2149
2150 BGP_EVENT_ADD (peer, TCP_connection_closed);
2151 return -1;
2152 }
2153
2154 /* We read partial packet. */
2155 if (stream_get_endp (peer->ibuf) != peer->packet_size)
2156 return -1;
2157
2158 return 0;
2159 }
2160
2161 /* Marker check. */
2162 static int
2163 bgp_marker_all_one (struct stream *s, int length)
2164 {
2165 int i;
2166
2167 for (i = 0; i < length; i++)
2168 if (s->data[i] != 0xff)
2169 return 0;
2170
2171 return 1;
2172 }
2173
2174 /* Starting point of packet process function. */
2175 int
2176 bgp_read (struct thread *thread)
2177 {
2178 int ret;
2179 u_char type = 0;
2180 struct peer *peer;
2181 bgp_size_t size;
2182 char notify_data_length[2];
2183 u_int32_t notify_out;
2184
2185 /* Yes first of all get peer pointer. */
2186 peer = THREAD_ARG (thread);
2187 peer->t_read = NULL;
2188
2189 /* Note notify_out so we can check later to see if we sent another one */
2190 notify_out = peer->notify_out;
2191
2192 /* For non-blocking IO check. */
2193 if (peer->status == Connect)
2194 {
2195 bgp_connect_check (peer, 1);
2196 goto done;
2197 }
2198 else
2199 {
2200 if (peer->fd < 0)
2201 {
2202 zlog_err ("bgp_read peer's fd is negative value %d", peer->fd);
2203 return -1;
2204 }
2205 BGP_READ_ON (peer->t_read, bgp_read, peer->fd);
2206 }
2207
2208 /* Read packet header to determine type of the packet */
2209 if (peer->packet_size == 0)
2210 peer->packet_size = BGP_HEADER_SIZE;
2211
2212 if (stream_get_endp (peer->ibuf) < BGP_HEADER_SIZE)
2213 {
2214 ret = bgp_read_packet (peer);
2215
2216 /* Header read error or partial read packet. */
2217 if (ret < 0)
2218 goto done;
2219
2220 /* Get size and type. */
2221 stream_forward_getp (peer->ibuf, BGP_MARKER_SIZE);
2222 memcpy (notify_data_length, stream_pnt (peer->ibuf), 2);
2223 size = stream_getw (peer->ibuf);
2224 type = stream_getc (peer->ibuf);
2225
2226 /* Marker check */
2227 if (((type == BGP_MSG_OPEN) || (type == BGP_MSG_KEEPALIVE))
2228 && ! bgp_marker_all_one (peer->ibuf, BGP_MARKER_SIZE))
2229 {
2230 bgp_notify_send (peer,
2231 BGP_NOTIFY_HEADER_ERR,
2232 BGP_NOTIFY_HEADER_NOT_SYNC);
2233 goto done;
2234 }
2235
2236 /* BGP type check. */
2237 if (type != BGP_MSG_OPEN && type != BGP_MSG_UPDATE
2238 && type != BGP_MSG_NOTIFY && type != BGP_MSG_KEEPALIVE
2239 && type != BGP_MSG_ROUTE_REFRESH_NEW
2240 && type != BGP_MSG_ROUTE_REFRESH_OLD
2241 && type != BGP_MSG_CAPABILITY)
2242 {
2243 if (bgp_debug_neighbor_events(peer))
2244 zlog_debug ("%s unknown message type 0x%02x",
2245 peer->host, type);
2246 bgp_notify_send_with_data (peer,
2247 BGP_NOTIFY_HEADER_ERR,
2248 BGP_NOTIFY_HEADER_BAD_MESTYPE,
2249 &type, 1);
2250 goto done;
2251 }
2252 /* Mimimum packet length check. */
2253 if ((size < BGP_HEADER_SIZE)
2254 || (size > BGP_MAX_PACKET_SIZE)
2255 || (type == BGP_MSG_OPEN && size < BGP_MSG_OPEN_MIN_SIZE)
2256 || (type == BGP_MSG_UPDATE && size < BGP_MSG_UPDATE_MIN_SIZE)
2257 || (type == BGP_MSG_NOTIFY && size < BGP_MSG_NOTIFY_MIN_SIZE)
2258 || (type == BGP_MSG_KEEPALIVE && size != BGP_MSG_KEEPALIVE_MIN_SIZE)
2259 || (type == BGP_MSG_ROUTE_REFRESH_NEW && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE)
2260 || (type == BGP_MSG_ROUTE_REFRESH_OLD && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE)
2261 || (type == BGP_MSG_CAPABILITY && size < BGP_MSG_CAPABILITY_MIN_SIZE))
2262 {
2263 if (bgp_debug_neighbor_events(peer))
2264 zlog_debug ("%s bad message length - %d for %s",
2265 peer->host, size,
2266 type == 128 ? "ROUTE-REFRESH" :
2267 bgp_type_str[(int) type]);
2268 bgp_notify_send_with_data (peer,
2269 BGP_NOTIFY_HEADER_ERR,
2270 BGP_NOTIFY_HEADER_BAD_MESLEN,
2271 (u_char *) notify_data_length, 2);
2272 goto done;
2273 }
2274
2275 /* Adjust size to message length. */
2276 peer->packet_size = size;
2277 }
2278
2279 ret = bgp_read_packet (peer);
2280 if (ret < 0)
2281 goto done;
2282
2283 /* Get size and type again. */
2284 (void)stream_getw_from (peer->ibuf, BGP_MARKER_SIZE);
2285 type = stream_getc_from (peer->ibuf, BGP_MARKER_SIZE + 2);
2286
2287 /* BGP packet dump function. */
2288 bgp_dump_packet (peer, type, peer->ibuf);
2289
2290 size = (peer->packet_size - BGP_HEADER_SIZE);
2291
2292 /* Read rest of the packet and call each sort of packet routine */
2293 switch (type)
2294 {
2295 case BGP_MSG_OPEN:
2296 peer->open_in++;
2297 bgp_open_receive (peer, size); /* XXX return value ignored! */
2298 break;
2299 case BGP_MSG_UPDATE:
2300 peer->readtime = monotime (NULL);
2301 bgp_update_receive (peer, size);
2302 break;
2303 case BGP_MSG_NOTIFY:
2304 bgp_notify_receive (peer, size);
2305 break;
2306 case BGP_MSG_KEEPALIVE:
2307 peer->readtime = monotime (NULL);
2308 bgp_keepalive_receive (peer, size);
2309 break;
2310 case BGP_MSG_ROUTE_REFRESH_NEW:
2311 case BGP_MSG_ROUTE_REFRESH_OLD:
2312 peer->refresh_in++;
2313 bgp_route_refresh_receive (peer, size);
2314 break;
2315 case BGP_MSG_CAPABILITY:
2316 peer->dynamic_cap_in++;
2317 bgp_capability_receive (peer, size);
2318 break;
2319 }
2320
2321 /* If reading this packet caused us to send a NOTIFICATION then store a copy
2322 * of the packet for troubleshooting purposes
2323 */
2324 if (notify_out < peer->notify_out)
2325 {
2326 memcpy(peer->last_reset_cause, peer->ibuf->data, peer->packet_size);
2327 peer->last_reset_cause_size = peer->packet_size;
2328 notify_out = peer->notify_out;
2329 }
2330
2331 /* Clear input buffer. */
2332 peer->packet_size = 0;
2333 if (peer->ibuf)
2334 stream_reset (peer->ibuf);
2335
2336 done:
2337 /* If reading this packet caused us to send a NOTIFICATION then store a copy
2338 * of the packet for troubleshooting purposes
2339 */
2340 if (notify_out < peer->notify_out)
2341 {
2342 memcpy(peer->last_reset_cause, peer->ibuf->data, peer->packet_size);
2343 peer->last_reset_cause_size = peer->packet_size;
2344 }
2345
2346 return 0;
2347 }
FRRouting mirror