bgpd: Invalid NH's should send an apropriate reason code

RFC 4271 sec 6.3 p33, In the case of a BGP_NEXTHOP attribute with an
incorrect value, FRR is supposed to send a notification
and include 'Corresponding type, length and value of the NEXT_HOP
attribute in the notification data.

Fixes: #4997
Signed-off-by: Nikos <ntriantafillis@gmail.com>
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>

diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index cbfa166cf36620daa333b3a39d9375c7df7c12d3..68372b7840114acaa31c83242c54c4115afb4046 100644 (file)
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -1268,14 +1268,20 @@ bgp_attr_nexthop_valid(struct peer *peer, struct attr *attr)
        if ((IPV4_NET0(nexthop_h) || IPV4_NET127(nexthop_h)
             || IPV4_CLASS_DE(nexthop_h))
            && !BGP_DEBUG(allow_martians, ALLOW_MARTIANS)) {
+               uint8_t data[7]; /* type(2) + length(1) + nhop(4) */
                char buf[INET_ADDRSTRLEN];
 
                inet_ntop(AF_INET, &attr->nexthop.s_addr, buf,
                          INET_ADDRSTRLEN);
                flog_err(EC_BGP_ATTR_MARTIAN_NH, "Martian nexthop %s",
                         buf);
-               bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
-                               BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP);
+               data[0] = BGP_ATTR_FLAG_TRANS;
+               data[1] = BGP_ATTR_NEXT_HOP;
+               data[2] = BGP_ATTR_NHLEN_IPV4;
+               memcpy(&data[3], &attr->nexthop.s_addr, BGP_ATTR_NHLEN_IPV4);
+               bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
+                                         BGP_NOTIFY_UPDATE_INVAL_NEXT_HOP,
+                                         data, 7);
                return BGP_ATTR_PARSE_ERROR;
        }