2023-02-08 13:17:09 +01:00
|
|
|
// SPDX-License-Identifier: GPL-2.0-or-later
|
2002-12-13 21:15:29 +01:00
|
|
|
/* BGP packet management routine.
|
2017-04-18 20:11:43 +02:00
|
|
|
* Contains utility functions for constructing and consuming BGP messages.
|
|
|
|
|
* Copyright (C) 2017 Cumulus Networks
|
2017-05-13 10:25:29 +02:00
|
|
|
* Copyright (C) 1999 Kunihiro Ishiguro
|
|
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
#include <zebra.h>
|
2017-02-07 00:39:06 +01:00
|
|
|
#include <sys/time.h>
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2023-03-07 20:22:48 +01:00
|
|
|
#include "frrevent.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include "stream.h"
|
|
|
|
|
#include "network.h"
|
|
|
|
|
#include "prefix.h"
|
|
|
|
|
#include "command.h"
|
|
|
|
|
#include "log.h"
|
|
|
|
|
#include "memory.h"
|
|
|
|
|
#include "sockunion.h" /* for inet_ntop () */
|
2015-04-29 08:43:04 +02:00
|
|
|
#include "sockopt.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include "linklist.h"
|
|
|
|
|
#include "plist.h"
|
2015-05-20 03:03:47 +02:00
|
|
|
#include "queue.h"
|
2016-01-07 16:03:01 +01:00
|
|
|
#include "filter.h"
|
2018-06-19 20:42:55 +02:00
|
|
|
#include "lib_errors.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
#include "bgpd/bgpd.h"
|
|
|
|
|
#include "bgpd/bgp_table.h"
|
|
|
|
|
#include "bgpd/bgp_dump.h"
|
2019-02-15 10:12:10 +01:00
|
|
|
#include "bgpd/bgp_bmp.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include "bgpd/bgp_attr.h"
|
|
|
|
|
#include "bgpd/bgp_debug.h"
|
2018-06-15 23:08:53 +02:00
|
|
|
#include "bgpd/bgp_errors.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include "bgpd/bgp_fsm.h"
|
|
|
|
|
#include "bgpd/bgp_route.h"
|
|
|
|
|
#include "bgpd/bgp_packet.h"
|
|
|
|
|
#include "bgpd/bgp_open.h"
|
|
|
|
|
#include "bgpd/bgp_aspath.h"
|
|
|
|
|
#include "bgpd/bgp_community.h"
|
|
|
|
|
#include "bgpd/bgp_ecommunity.h"
|
2016-11-15 11:00:39 +01:00
|
|
|
#include "bgpd/bgp_lcommunity.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include "bgpd/bgp_network.h"
|
|
|
|
|
#include "bgpd/bgp_mplsvpn.h"
|
2016-09-05 11:07:25 +02:00
|
|
|
#include "bgpd/bgp_evpn.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
#include "bgpd/bgp_advertise.h"
|
2005-02-02 15:40:33 +01:00
|
|
|
#include "bgpd/bgp_vty.h"
|
2015-05-20 03:03:47 +02:00
|
|
|
#include "bgpd/bgp_updgrp.h"
|
2017-03-09 15:54:20 +01:00
|
|
|
#include "bgpd/bgp_label.h"
|
2017-04-18 20:11:43 +02:00
|
|
|
#include "bgpd/bgp_io.h"
|
2017-11-13 23:59:04 +01:00
|
|
|
#include "bgpd/bgp_keepalives.h"
|
2017-01-23 03:45:30 +01:00
|
|
|
#include "bgpd/bgp_flowspec.h"
|
2020-09-16 02:13:36 +02:00
|
|
|
#include "bgpd/bgp_trace.h"
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2019-04-24 17:19:09 +02:00
|
|
|
DEFINE_HOOK(bgp_packet_dump,
|
|
|
|
|
(struct peer *peer, uint8_t type, bgp_size_t size,
|
|
|
|
|
struct stream *s),
|
|
|
|
|
(peer, type, size, s));
|
|
|
|
|
|
2019-05-10 19:29:01 +02:00
|
|
|
DEFINE_HOOK(bgp_packet_send,
|
|
|
|
|
(struct peer *peer, uint8_t type, bgp_size_t size,
|
|
|
|
|
struct stream *s),
|
|
|
|
|
(peer, type, size, s));
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Sets marker and type fields for a BGP message.
|
|
|
|
|
*
|
|
|
|
|
* @param s the stream containing the packet
|
|
|
|
|
* @param type the packet type
|
|
|
|
|
* @return the size of the stream
|
|
|
|
|
*/
|
2018-03-27 21:13:34 +02:00
|
|
|
int bgp_packet_set_marker(struct stream *s, uint8_t type)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
/* Fill in marker. */
|
|
|
|
|
for (i = 0; i < BGP_MARKER_SIZE; i++)
|
|
|
|
|
stream_putc(s, 0xff);
|
|
|
|
|
|
|
|
|
|
/* Dummy total length. This field is should be filled in later on. */
|
|
|
|
|
stream_putw(s, 0);
|
|
|
|
|
|
|
|
|
|
/* BGP packet type. */
|
|
|
|
|
stream_putc(s, type);
|
|
|
|
|
|
|
|
|
|
/* Return current stream size. */
|
2005-02-09 16:51:56 +01:00
|
|
|
return stream_get_endp(s);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Sets size field for a BGP message.
|
|
|
|
|
*
|
|
|
|
|
* Size field is set to the size of the stream passed.
|
|
|
|
|
*
|
|
|
|
|
* @param s the stream containing the packet
|
|
|
|
|
*/
|
2021-11-29 20:23:53 +01:00
|
|
|
void bgp_packet_set_size(struct stream *s)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
int cp;
|
|
|
|
|
|
|
|
|
|
/* Preserve current pointer. */
|
2005-02-09 16:51:56 +01:00
|
|
|
cp = stream_get_endp(s);
|
|
|
|
|
stream_putw_at(s, BGP_MARKER_SIZE, cp);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Push a packet onto the beginning of the peer's output queue.
|
|
|
|
|
* This function acquires the peer's write mutex before proceeding.
|
|
|
|
|
*/
|
|
|
|
|
static void bgp_packet_add(struct peer *peer, struct stream *s)
|
|
|
|
|
{
|
2021-04-22 11:04:52 +02:00
|
|
|
intmax_t delta;
|
|
|
|
|
uint32_t holdtime;
|
2022-10-17 12:34:41 +02:00
|
|
|
intmax_t sendholdtime;
|
2021-04-22 11:04:52 +02:00
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
frr_with_mutex (&peer->connection->io_mtx) {
|
2021-04-22 11:04:52 +02:00
|
|
|
/* if the queue is empty, reset the "last OK" timestamp to
|
|
|
|
|
* now, otherwise if we write another packet immediately
|
|
|
|
|
* after it'll get confused
|
|
|
|
|
*/
|
2021-08-10 05:43:46 +02:00
|
|
|
if (!stream_fifo_count_safe(peer->connection->obuf))
|
2022-08-18 00:27:54 +02:00
|
|
|
peer->last_sendq_ok = monotime(NULL);
|
2021-04-22 11:04:52 +02:00
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
stream_fifo_push(peer->connection->obuf, s);
|
2021-04-22 11:04:52 +02:00
|
|
|
|
2022-08-18 00:27:54 +02:00
|
|
|
delta = monotime(NULL) - peer->last_sendq_ok;
|
2022-10-17 12:34:41 +02:00
|
|
|
|
|
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
|
|
|
|
|
holdtime = atomic_load_explicit(&peer->holdtime,
|
|
|
|
|
memory_order_relaxed);
|
|
|
|
|
else
|
|
|
|
|
holdtime = peer->bgp->default_holdtime;
|
|
|
|
|
|
|
|
|
|
sendholdtime = holdtime * 2;
|
2021-04-22 11:04:52 +02:00
|
|
|
|
|
|
|
|
/* Note that when we're here, we're adding some packet to the
|
|
|
|
|
* OutQ. That includes keepalives when there is nothing to
|
|
|
|
|
* do, so there's a guarantee we pass by here once in a while.
|
|
|
|
|
*
|
|
|
|
|
* That implies there is no need to go set up another separate
|
|
|
|
|
* timer that ticks down SendHoldTime, as we'll be here sooner
|
|
|
|
|
* or later anyway and will see the checks below failing.
|
|
|
|
|
*/
|
2022-05-20 14:16:24 +02:00
|
|
|
if (!holdtime) {
|
|
|
|
|
/* no holdtime, do nothing. */
|
2022-10-17 12:34:41 +02:00
|
|
|
} else if (delta > sendholdtime) {
|
2021-04-22 11:04:52 +02:00
|
|
|
flog_err(
|
|
|
|
|
EC_BGP_SENDQ_STUCK_PROPER,
|
2022-10-17 12:34:41 +02:00
|
|
|
"%pBP has not made any SendQ progress for 2 holdtimes (%jds), terminating session",
|
|
|
|
|
peer, sendholdtime);
|
2021-04-22 11:04:52 +02:00
|
|
|
BGP_EVENT_ADD(peer, TCP_fatal_error);
|
|
|
|
|
} else if (delta > (intmax_t)holdtime &&
|
2022-08-18 00:27:54 +02:00
|
|
|
monotime(NULL) - peer->last_sendq_warn > 5) {
|
2021-04-22 11:04:52 +02:00
|
|
|
flog_warn(
|
|
|
|
|
EC_BGP_SENDQ_STUCK_WARN,
|
2022-10-17 12:34:41 +02:00
|
|
|
"%pBP has not made any SendQ progress for 1 holdtime (%us), peer overloaded?",
|
|
|
|
|
peer, holdtime);
|
2022-08-18 00:27:54 +02:00
|
|
|
peer->last_sendq_warn = monotime(NULL);
|
2021-04-22 11:04:52 +02:00
|
|
|
}
|
2019-06-21 10:58:02 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2005-02-02 15:40:33 +01:00
|
|
|
static struct stream *bgp_update_packet_eor(struct peer *peer, afi_t afi,
|
|
|
|
|
safi_t safi)
|
|
|
|
|
{
|
|
|
|
|
struct stream *s;
|
2022-04-27 13:57:41 +02:00
|
|
|
iana_afi_t pkt_afi = IANA_AFI_IPV4;
|
|
|
|
|
iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2008-07-22 23:11:48 +02:00
|
|
|
if (DISABLE_BGP_ANNOUNCE)
|
|
|
|
|
return NULL;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2005-02-02 15:40:33 +01:00
|
|
|
zlog_debug("send End-of-RIB for %s to %s",
|
2019-08-27 03:48:53 +02:00
|
|
|
get_afi_safi_str(afi, safi, false), peer->host);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-02-25 18:46:49 +01:00
|
|
|
s = stream_new(peer->max_packet_size);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-02-02 15:40:33 +01:00
|
|
|
/* Make BGP update packet. */
|
|
|
|
|
bgp_packet_set_marker(s, BGP_MSG_UPDATE);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-02-02 15:40:33 +01:00
|
|
|
/* Unfeasible Routes Length */
|
|
|
|
|
stream_putw(s, 0);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-02-02 15:40:33 +01:00
|
|
|
if (afi == AFI_IP && safi == SAFI_UNICAST) {
|
|
|
|
|
/* Total Path Attribute Length */
|
|
|
|
|
stream_putw(s, 0);
|
|
|
|
|
} else {
|
2016-06-15 19:25:35 +02:00
|
|
|
/* Convert AFI, SAFI to values for packet. */
|
|
|
|
|
bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-02-02 15:40:33 +01:00
|
|
|
/* Total Path Attribute Length */
|
|
|
|
|
stream_putw(s, 6);
|
|
|
|
|
stream_putc(s, BGP_ATTR_FLAG_OPTIONAL);
|
|
|
|
|
stream_putc(s, BGP_ATTR_MP_UNREACH_NLRI);
|
|
|
|
|
stream_putc(s, 3);
|
2016-06-15 19:25:35 +02:00
|
|
|
stream_putw(s, pkt_afi);
|
|
|
|
|
stream_putc(s, pkt_safi);
|
2005-02-02 15:40:33 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2005-02-02 15:40:33 +01:00
|
|
|
bgp_packet_set_size(s);
|
2015-08-18 14:41:58 +02:00
|
|
|
return s;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/* Called when there is a change in the EOR(implicit or explicit) status of a
|
|
|
|
|
* peer. Ends the update-delay if all expected peers are done with EORs. */
|
|
|
|
|
void bgp_check_update_delay(struct bgp *bgp)
|
|
|
|
|
{
|
|
|
|
|
struct listnode *node, *nnode;
|
|
|
|
|
struct peer *peer = NULL;
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("Checking update delay, T: %d R: %d I:%d E: %d",
|
|
|
|
|
bgp->established, bgp->restarted_peers,
|
|
|
|
|
bgp->implicit_eors, bgp->explicit_eors);
|
|
|
|
|
|
|
|
|
|
if (bgp->established
|
|
|
|
|
<= bgp->restarted_peers + bgp->implicit_eors + bgp->explicit_eors) {
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* This is an extra sanity check to make sure we wait for all
|
|
|
|
|
* the eligible configured peers. This check is performed if
|
|
|
|
|
* establish wait timer is on, or establish wait option is not
|
|
|
|
|
* given with the update-delay command
|
|
|
|
|
*/
|
2017-06-10 03:01:56 +02:00
|
|
|
if (bgp->t_establish_wait
|
|
|
|
|
|| (bgp->v_establish_wait == bgp->v_update_delay))
|
|
|
|
|
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
|
|
|
|
|
if (CHECK_FLAG(peer->flags,
|
|
|
|
|
PEER_FLAG_CONFIG_NODE)
|
|
|
|
|
&& !CHECK_FLAG(peer->flags,
|
|
|
|
|
PEER_FLAG_SHUTDOWN)
|
2020-08-14 10:23:34 +02:00
|
|
|
&& !CHECK_FLAG(peer->bgp->flags,
|
|
|
|
|
BGP_FLAG_SHUTDOWN)
|
2017-06-10 03:01:56 +02:00
|
|
|
&& !peer->update_delay_over) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
" Peer %s pending, continuing read-only mode",
|
|
|
|
|
peer->host);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
zlog_info(
|
|
|
|
|
"Update delay ended, restarted: %d, EORs implicit: %d, explicit: %d",
|
|
|
|
|
bgp->restarted_peers, bgp->implicit_eors,
|
|
|
|
|
bgp->explicit_eors);
|
|
|
|
|
bgp_update_delay_end(bgp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* Called if peer is known to have restarted. The restart-state bit in
|
|
|
|
|
* Graceful-Restart capability is used for that
|
|
|
|
|
*/
|
2017-06-10 03:01:56 +02:00
|
|
|
void bgp_update_restarted_peers(struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
if (!bgp_update_delay_active(peer->bgp))
|
|
|
|
|
return; /* BGP update delay has ended */
|
|
|
|
|
if (peer->update_delay_over)
|
|
|
|
|
return; /* This peer has already been considered */
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("Peer %s: Checking restarted", peer->host);
|
|
|
|
|
|
2021-06-07 15:39:10 +02:00
|
|
|
if (peer_established(peer)) {
|
2017-06-10 03:01:56 +02:00
|
|
|
peer->update_delay_over = 1;
|
|
|
|
|
peer->bgp->restarted_peers++;
|
|
|
|
|
bgp_check_update_delay(peer->bgp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* Called as peer receives a keep-alive. Determines if this occurence can be
|
|
|
|
|
* taken as an implicit EOR for this peer.
|
|
|
|
|
* NOTE: The very first keep-alive after the Established state of a peer is
|
|
|
|
|
* considered implicit EOR for the update-delay purposes
|
|
|
|
|
*/
|
2017-06-10 03:01:56 +02:00
|
|
|
void bgp_update_implicit_eors(struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
if (!bgp_update_delay_active(peer->bgp))
|
|
|
|
|
return; /* BGP update delay has ended */
|
|
|
|
|
if (peer->update_delay_over)
|
|
|
|
|
return; /* This peer has already been considered */
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("Peer %s: Checking implicit EORs", peer->host);
|
|
|
|
|
|
2021-06-07 15:39:10 +02:00
|
|
|
if (peer_established(peer)) {
|
2017-06-10 03:01:56 +02:00
|
|
|
peer->update_delay_over = 1;
|
|
|
|
|
peer->bgp->implicit_eors++;
|
|
|
|
|
bgp_check_update_delay(peer->bgp);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* Should be called only when there is a change in the EOR_RECEIVED status
|
|
|
|
|
* for any afi/safi on a peer.
|
|
|
|
|
*/
|
2017-06-10 03:01:56 +02:00
|
|
|
static void bgp_update_explicit_eors(struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
afi_t afi;
|
|
|
|
|
safi_t safi;
|
|
|
|
|
|
|
|
|
|
if (!bgp_update_delay_active(peer->bgp))
|
|
|
|
|
return; /* BGP update delay has ended */
|
|
|
|
|
if (peer->update_delay_over)
|
|
|
|
|
return; /* This peer has already been considered */
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("Peer %s: Checking explicit EORs", peer->host);
|
|
|
|
|
|
2020-11-15 00:50:37 +01:00
|
|
|
FOREACH_AFI_SAFI (afi, safi) {
|
|
|
|
|
if (peer->afc_nego[afi][safi]
|
|
|
|
|
&& !CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_RECEIVED)) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
" afi %d safi %d didn't receive EOR",
|
|
|
|
|
afi, safi);
|
|
|
|
|
return;
|
2017-06-10 03:01:56 +02:00
|
|
|
}
|
2020-11-15 00:50:37 +01:00
|
|
|
}
|
2017-06-10 03:01:56 +02:00
|
|
|
|
|
|
|
|
peer->update_delay_over = 1;
|
|
|
|
|
peer->bgp->explicit_eors++;
|
|
|
|
|
bgp_check_update_delay(peer->bgp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers.
|
|
|
|
|
*
|
|
|
|
|
* mp_withdraw, if set, is used to nullify attr structure on most of the
|
|
|
|
|
* calling safi function and for evpn, passed as parameter
|
|
|
|
|
*/
|
|
|
|
|
int bgp_nlri_parse(struct peer *peer, struct attr *attr,
|
2023-04-05 21:25:57 +02:00
|
|
|
struct bgp_nlri *packet, bool mp_withdraw)
|
2017-06-10 03:01:56 +02:00
|
|
|
{
|
|
|
|
|
switch (packet->safi) {
|
|
|
|
|
case SAFI_UNICAST:
|
|
|
|
|
case SAFI_MULTICAST:
|
|
|
|
|
return bgp_nlri_parse_ip(peer, mp_withdraw ? NULL : attr,
|
|
|
|
|
packet);
|
|
|
|
|
case SAFI_LABELED_UNICAST:
|
|
|
|
|
return bgp_nlri_parse_label(peer, mp_withdraw ? NULL : attr,
|
|
|
|
|
packet);
|
|
|
|
|
case SAFI_MPLS_VPN:
|
|
|
|
|
return bgp_nlri_parse_vpn(peer, mp_withdraw ? NULL : attr,
|
|
|
|
|
packet);
|
|
|
|
|
case SAFI_EVPN:
|
|
|
|
|
return bgp_nlri_parse_evpn(peer, attr, packet, mp_withdraw);
|
2017-01-23 03:45:30 +01:00
|
|
|
case SAFI_FLOWSPEC:
|
|
|
|
|
return bgp_nlri_parse_flowspec(peer, attr, packet, mp_withdraw);
|
2017-06-10 03:01:56 +02:00
|
|
|
}
|
2019-04-15 22:53:20 +02:00
|
|
|
return BGP_NLRI_PARSE_ERROR;
|
2017-06-10 03:01:56 +02:00
|
|
|
}
|
|
|
|
|
|
2022-09-14 05:13:41 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Check if route-refresh request from peer is pending (received before EoR),
|
|
|
|
|
* and process it now.
|
|
|
|
|
*/
|
|
|
|
|
static void bgp_process_pending_refresh(struct peer *peer, afi_t afi,
|
|
|
|
|
safi_t safi)
|
|
|
|
|
{
|
|
|
|
|
if (CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_REFRESH_PENDING)) {
|
|
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_REFRESH_PENDING);
|
|
|
|
|
bgp_route_refresh_send(peer, afi, safi, 0, 0, 0,
|
|
|
|
|
BGP_ROUTE_REFRESH_BORR);
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
"%pBP sending route-refresh (BoRR) for %s/%s (for pending REQUEST)",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
|
|
|
|
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_BORR_SEND);
|
|
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EORR_SEND);
|
|
|
|
|
bgp_announce_route(peer, afi, safi, true);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-30 23:16:37 +01:00
|
|
|
/*
|
|
|
|
|
* Checks a variety of conditions to determine whether the peer needs to be
|
|
|
|
|
* rescheduled for packet generation again, and does so if necessary.
|
|
|
|
|
*
|
|
|
|
|
* @param peer to check for rescheduling
|
|
|
|
|
*/
|
2017-11-06 20:15:36 +01:00
|
|
|
static void bgp_write_proceed_actions(struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
afi_t afi;
|
|
|
|
|
safi_t safi;
|
|
|
|
|
struct peer_af *paf;
|
|
|
|
|
struct bpacket *next_pkt;
|
|
|
|
|
struct update_subgroup *subgrp;
|
2021-09-27 01:36:03 +02:00
|
|
|
enum bgp_af_index index;
|
2017-11-06 20:15:36 +01:00
|
|
|
|
2021-09-27 01:36:03 +02:00
|
|
|
for (index = BGP_AF_START; index < BGP_AF_MAX; index++) {
|
|
|
|
|
paf = peer->peer_af_array[index];
|
2017-11-30 22:58:37 +01:00
|
|
|
if (!paf)
|
|
|
|
|
continue;
|
2021-09-27 01:36:03 +02:00
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
subgrp = paf->subgroup;
|
|
|
|
|
if (!subgrp)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
next_pkt = paf->next_pkt_to_send;
|
|
|
|
|
if (next_pkt && next_pkt->buffer) {
|
2023-08-27 04:08:19 +02:00
|
|
|
BGP_TIMER_ON(peer->connection->t_generate_updgrp_packets,
|
2017-11-30 22:58:37 +01:00
|
|
|
bgp_generate_updgrp_packets, 0);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-11-06 20:15:36 +01:00
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
/* No packets readily available for AFI/SAFI, are there
|
|
|
|
|
* subgroup packets
|
|
|
|
|
* that need to be generated? */
|
|
|
|
|
if (bpacket_queue_is_full(SUBGRP_INST(subgrp),
|
|
|
|
|
SUBGRP_PKTQ(subgrp))
|
|
|
|
|
|| subgroup_packets_to_build(subgrp)) {
|
2023-08-27 04:08:19 +02:00
|
|
|
BGP_TIMER_ON(peer->connection->t_generate_updgrp_packets,
|
2017-11-30 22:58:37 +01:00
|
|
|
bgp_generate_updgrp_packets, 0);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-11-06 20:15:36 +01:00
|
|
|
|
2021-09-27 01:36:03 +02:00
|
|
|
afi = paf->afi;
|
|
|
|
|
safi = paf->safi;
|
|
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
/* No packets to send, see if EOR is pending */
|
|
|
|
|
if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)) {
|
|
|
|
|
if (!subgrp->t_coalesce && peer->afc_nego[afi][safi]
|
|
|
|
|
&& peer->synctime
|
|
|
|
|
&& !CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_SEND)
|
|
|
|
|
&& safi != SAFI_MPLS_VPN) {
|
2023-08-27 04:08:19 +02:00
|
|
|
BGP_TIMER_ON(peer->connection
|
|
|
|
|
->t_generate_updgrp_packets,
|
2017-11-06 20:15:36 +01:00
|
|
|
bgp_generate_updgrp_packets, 0);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-11-30 22:58:37 +01:00
|
|
|
}
|
2017-11-06 20:15:36 +01:00
|
|
|
}
|
|
|
|
|
|
2017-11-30 23:16:37 +01:00
|
|
|
/*
|
|
|
|
|
* Generate advertisement information (withdraws, updates, EOR) from each
|
|
|
|
|
* update group a peer belongs to, encode this information into packets, and
|
|
|
|
|
* enqueue the packets onto the peer's output buffer.
|
2017-04-18 20:11:43 +02:00
|
|
|
*/
|
2022-03-01 22:18:12 +01:00
|
|
|
void bgp_generate_updgrp_packets(struct event *thread)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2022-12-25 16:26:52 +01:00
|
|
|
struct peer *peer = EVENT_ARG(thread);
|
2017-04-18 20:11:43 +02:00
|
|
|
|
|
|
|
|
struct stream *s;
|
2015-05-20 03:03:47 +02:00
|
|
|
struct peer_af *paf;
|
|
|
|
|
struct bpacket *next_pkt;
|
2017-11-13 09:18:49 +01:00
|
|
|
uint32_t wpq;
|
|
|
|
|
uint32_t generated = 0;
|
2002-12-13 21:15:29 +01:00
|
|
|
afi_t afi;
|
|
|
|
|
safi_t safi;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-11-13 09:18:49 +01:00
|
|
|
wpq = atomic_load_explicit(&peer->bgp->wpkt_quanta,
|
|
|
|
|
memory_order_relaxed);
|
|
|
|
|
|
2015-05-20 03:03:47 +02:00
|
|
|
/*
|
|
|
|
|
* The code beyond this part deals with update packets, proceed only
|
|
|
|
|
* if peer is Established and updates are not on hold (as part of
|
2020-10-21 16:46:49 +02:00
|
|
|
* update-delay processing).
|
2015-05-20 03:03:47 +02:00
|
|
|
*/
|
2021-06-07 15:39:10 +02:00
|
|
|
if (!peer_established(peer))
|
2022-02-23 01:04:25 +01:00
|
|
|
return;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2020-10-21 16:46:49 +02:00
|
|
|
if ((peer->bgp->main_peers_update_hold)
|
|
|
|
|
|| bgp_update_delay_active(peer->bgp))
|
2022-02-23 01:04:25 +01:00
|
|
|
return;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2023-08-27 01:44:23 +02:00
|
|
|
if (peer->connection->t_routeadv)
|
2022-02-23 01:04:25 +01:00
|
|
|
return;
|
2020-06-05 11:54:57 +02:00
|
|
|
|
2023-01-19 17:43:12 +01:00
|
|
|
/*
|
|
|
|
|
* Since the following is a do while loop
|
|
|
|
|
* let's stop adding to the outq if we are
|
|
|
|
|
* already at the limit.
|
|
|
|
|
*/
|
2021-08-10 05:43:46 +02:00
|
|
|
if (peer->connection->obuf->count >= bm->outq_limit) {
|
2023-01-19 17:43:12 +01:00
|
|
|
bgp_write_proceed_actions(peer);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-18 20:11:43 +02:00
|
|
|
do {
|
2021-09-27 01:36:03 +02:00
|
|
|
enum bgp_af_index index;
|
|
|
|
|
|
2017-04-18 20:11:43 +02:00
|
|
|
s = NULL;
|
2021-09-27 01:36:03 +02:00
|
|
|
for (index = BGP_AF_START; index < BGP_AF_MAX; index++) {
|
|
|
|
|
paf = peer->peer_af_array[index];
|
2017-11-30 22:58:37 +01:00
|
|
|
if (!paf || !PAF_SUBGRP(paf))
|
|
|
|
|
continue;
|
2021-09-27 01:36:03 +02:00
|
|
|
|
|
|
|
|
afi = paf->afi;
|
|
|
|
|
safi = paf->safi;
|
2017-11-30 22:58:37 +01:00
|
|
|
next_pkt = paf->next_pkt_to_send;
|
2017-03-22 18:13:23 +01:00
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
/*
|
|
|
|
|
* Try to generate a packet for the peer if we are at
|
|
|
|
|
* the end of the list. Always try to push out
|
|
|
|
|
* WITHDRAWs first.
|
|
|
|
|
*/
|
|
|
|
|
if (!next_pkt || !next_pkt->buffer) {
|
|
|
|
|
next_pkt = subgroup_withdraw_packet(
|
|
|
|
|
PAF_SUBGRP(paf));
|
|
|
|
|
if (!next_pkt || !next_pkt->buffer)
|
|
|
|
|
subgroup_update_packet(PAF_SUBGRP(paf));
|
|
|
|
|
next_pkt = paf->next_pkt_to_send;
|
|
|
|
|
}
|
2017-03-22 18:13:23 +01:00
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
/*
|
|
|
|
|
* If we still don't have a packet to send to the peer,
|
|
|
|
|
* then try to find out out if we have to send eor or
|
|
|
|
|
* if not, skip to the next AFI, SAFI. Don't send the
|
|
|
|
|
* EOR prematurely; if the subgroup's coalesce timer is
|
|
|
|
|
* running, the adjacency-out structure is not created
|
|
|
|
|
* yet.
|
|
|
|
|
*/
|
|
|
|
|
if (!next_pkt || !next_pkt->buffer) {
|
2020-10-01 22:08:06 +02:00
|
|
|
if (!paf->t_announce_route) {
|
|
|
|
|
/* Make sure we supress BGP UPDATES
|
|
|
|
|
* for normal processing later again.
|
|
|
|
|
*/
|
2020-11-12 11:30:19 +01:00
|
|
|
UNSET_FLAG(paf->subgroup->sflags,
|
|
|
|
|
SUBGRP_STATUS_FORCE_UPDATES);
|
|
|
|
|
|
2020-10-01 22:08:06 +02:00
|
|
|
/* If route-refresh BoRR message was
|
|
|
|
|
* already sent and we are done with
|
|
|
|
|
* re-announcing tables for a decent
|
|
|
|
|
* afi/safi, we ready to send
|
|
|
|
|
* EoRR request.
|
|
|
|
|
*/
|
|
|
|
|
if (CHECK_FLAG(
|
|
|
|
|
peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_BORR_SEND)) {
|
|
|
|
|
bgp_route_refresh_send(
|
|
|
|
|
peer, afi, safi, 0, 0,
|
|
|
|
|
0,
|
|
|
|
|
BGP_ROUTE_REFRESH_EORR);
|
|
|
|
|
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi]
|
|
|
|
|
[safi],
|
|
|
|
|
PEER_STATUS_EORR_SEND);
|
|
|
|
|
UNSET_FLAG(
|
|
|
|
|
peer->af_sflags[afi]
|
|
|
|
|
[safi],
|
|
|
|
|
PEER_STATUS_BORR_SEND);
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(
|
|
|
|
|
peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP sending route-refresh (EoRR) for %s/%s",
|
|
|
|
|
peer,
|
2020-10-01 22:08:06 +02:00
|
|
|
afi2str(afi),
|
|
|
|
|
safi2str(safi));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
if (CHECK_FLAG(peer->cap,
|
2020-01-31 19:04:00 +01:00
|
|
|
PEER_CAP_RESTART_RCV)) {
|
2017-11-30 22:58:37 +01:00
|
|
|
if (!(PAF_SUBGRP(paf))->t_coalesce
|
2020-01-31 19:04:00 +01:00
|
|
|
&& peer->afc_nego[afi][safi]
|
|
|
|
|
&& peer->synctime
|
|
|
|
|
&& !CHECK_FLAG(
|
|
|
|
|
peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_SEND)) {
|
2019-10-24 12:21:18 +02:00
|
|
|
/* If EOR is disabled,
|
|
|
|
|
* the message is not sent
|
|
|
|
|
*/
|
2020-01-31 19:04:00 +01:00
|
|
|
if (BGP_SEND_EOR(peer->bgp, afi,
|
|
|
|
|
safi)) {
|
2019-10-24 12:21:18 +02:00
|
|
|
SET_FLAG(
|
2020-01-31 19:04:00 +01:00
|
|
|
peer->af_sflags
|
|
|
|
|
[afi]
|
|
|
|
|
[safi],
|
|
|
|
|
PEER_STATUS_EOR_SEND);
|
2019-10-24 12:21:18 +02:00
|
|
|
|
2019-10-24 16:59:43 +02:00
|
|
|
/* Update EOR
|
|
|
|
|
* send time
|
|
|
|
|
*/
|
2020-01-31 19:04:00 +01:00
|
|
|
peer->eor_stime[afi]
|
|
|
|
|
[safi] =
|
|
|
|
|
monotime(NULL);
|
2019-10-24 16:59:43 +02:00
|
|
|
|
2019-10-24 12:21:18 +02:00
|
|
|
BGP_UPDATE_EOR_PKT(
|
2020-01-31 19:04:00 +01:00
|
|
|
peer, afi, safi,
|
|
|
|
|
s);
|
2022-09-14 05:13:41 +02:00
|
|
|
bgp_process_pending_refresh(
|
|
|
|
|
peer, afi,
|
|
|
|
|
safi);
|
2017-04-18 20:11:43 +02:00
|
|
|
}
|
2017-03-22 18:13:23 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2017-11-30 22:58:37 +01:00
|
|
|
continue;
|
|
|
|
|
}
|
2019-10-24 16:59:43 +02:00
|
|
|
|
|
|
|
|
/* Update packet send time */
|
|
|
|
|
peer->pkt_stime[afi][safi] = monotime(NULL);
|
|
|
|
|
|
2017-11-30 22:58:37 +01:00
|
|
|
/* Found a packet template to send, overwrite
|
|
|
|
|
* packet with appropriate attributes from peer
|
|
|
|
|
* and advance peer */
|
|
|
|
|
s = bpacket_reformat_for_peer(next_pkt, paf);
|
|
|
|
|
bgp_packet_add(peer, s);
|
|
|
|
|
bpacket_queue_advance_peer(paf);
|
|
|
|
|
}
|
2023-01-19 17:43:12 +01:00
|
|
|
} while (s && (++generated < wpq) &&
|
2021-08-10 05:43:46 +02:00
|
|
|
(peer->connection->obuf->count <= bm->outq_limit));
|
2017-03-22 18:13:23 +01:00
|
|
|
|
2017-11-30 23:16:37 +01:00
|
|
|
if (generated)
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_writes_on(peer->connection);
|
2017-11-30 23:16:37 +01:00
|
|
|
|
2017-11-06 20:15:36 +01:00
|
|
|
bgp_write_proceed_actions(peer);
|
2017-03-22 18:13:23 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Creates a BGP Keepalive packet and appends it to the peer's output queue.
|
|
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
void bgp_keepalive_send(struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
struct stream *s;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-04-27 22:20:27 +02:00
|
|
|
s = stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Make keepalive packet. */
|
|
|
|
|
bgp_packet_set_marker(s, BGP_MSG_KEEPALIVE);
|
|
|
|
|
|
|
|
|
|
/* Set packet size. */
|
2021-11-29 20:23:53 +01:00
|
|
|
bgp_packet_set_size(s);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Dump packet if debug option is set. */
|
2015-05-20 03:12:17 +02:00
|
|
|
/* bgp_packet_dump (s); */
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_keepalive(peer))
|
2004-12-08 22:03:23 +01:00
|
|
|
zlog_debug("%s sending KEEPALIVE", peer->host);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Add packet to the peer. */
|
|
|
|
|
bgp_packet_add(peer, s);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_writes_on(peer->connection);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Creates a BGP Open packet and appends it to the peer's output queue.
|
|
|
|
|
* Sets capabilities as necessary.
|
|
|
|
|
*/
|
2023-08-27 03:31:54 +02:00
|
|
|
void bgp_open_send(struct peer_connection *connection)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
struct stream *s;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint16_t send_holdtime;
|
2002-12-13 21:15:29 +01:00
|
|
|
as_t local_as;
|
2023-08-27 03:31:54 +02:00
|
|
|
struct peer *peer = connection->peer;
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2018-06-13 02:34:43 +02:00
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
|
2002-12-13 21:15:29 +01:00
|
|
|
send_holdtime = peer->holdtime;
|
|
|
|
|
else
|
|
|
|
|
send_holdtime = peer->bgp->default_holdtime;
|
|
|
|
|
|
|
|
|
|
/* local-as Change */
|
|
|
|
|
if (peer->change_local_as)
|
|
|
|
|
local_as = peer->change_local_as;
|
|
|
|
|
else
|
|
|
|
|
local_as = peer->local_as;
|
|
|
|
|
|
2021-04-27 22:20:27 +02:00
|
|
|
s = stream_new(BGP_STANDARD_MESSAGE_MAX_PACKET_SIZE);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Make open packet. */
|
|
|
|
|
bgp_packet_set_marker(s, BGP_MSG_OPEN);
|
|
|
|
|
|
|
|
|
|
/* Set open packet values. */
|
|
|
|
|
stream_putc(s, BGP_VERSION_4); /* BGP version */
|
2018-03-27 21:13:34 +02:00
|
|
|
stream_putw(s, (local_as <= BGP_AS_MAX) ? (uint16_t)local_as
|
|
|
|
|
: BGP_AS_TRANS);
|
2002-12-13 21:15:29 +01:00
|
|
|
stream_putw(s, send_holdtime); /* Hold Time */
|
|
|
|
|
stream_put_in_addr(s, &peer->local_id); /* BGP Identifier */
|
|
|
|
|
|
2021-11-20 21:00:23 +01:00
|
|
|
/* Set capabilities */
|
|
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
|
|
|
|
|
(void)bgp_open_capability(s, peer, true);
|
|
|
|
|
} else {
|
|
|
|
|
struct stream *tmp = stream_new(STREAM_SIZE(s));
|
|
|
|
|
|
|
|
|
|
stream_copy(tmp, s);
|
|
|
|
|
if (bgp_open_capability(tmp, peer, false)
|
|
|
|
|
> BGP_OPEN_NON_EXT_OPT_LEN) {
|
|
|
|
|
stream_free(tmp);
|
|
|
|
|
(void)bgp_open_capability(s, peer, true);
|
|
|
|
|
} else {
|
|
|
|
|
stream_copy(s, tmp);
|
|
|
|
|
stream_free(tmp);
|
|
|
|
|
}
|
|
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Set BGP packet length. */
|
2021-11-29 20:23:53 +01:00
|
|
|
bgp_packet_set_size(s);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2009-04-30 15:16:22 +02:00
|
|
|
zlog_debug(
|
2020-10-15 21:33:09 +02:00
|
|
|
"%s sending OPEN, version %d, my as %u, holdtime %d, id %pI4",
|
2002-12-13 21:15:29 +01:00
|
|
|
peer->host, BGP_VERSION_4, local_as, send_holdtime,
|
2020-10-15 21:33:09 +02:00
|
|
|
&peer->local_id);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Dump packet if debug option is set. */
|
|
|
|
|
/* bgp_packet_dump (s); */
|
2019-05-10 19:29:01 +02:00
|
|
|
hook_call(bgp_packet_send, peer, BGP_MSG_OPEN, stream_get_endp(s), s);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Add packet to the peer. */
|
|
|
|
|
bgp_packet_add(peer, s);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2023-08-27 03:31:54 +02:00
|
|
|
bgp_writes_on(connection);
|
2017-05-02 02:37:45 +02:00
|
|
|
}
|
|
|
|
|
|
2017-12-18 19:19:22 +01:00
|
|
|
/*
|
|
|
|
|
* Writes NOTIFICATION message directly to a peer socket without waiting for
|
|
|
|
|
* the I/O thread.
|
|
|
|
|
*
|
2021-08-10 05:43:46 +02:00
|
|
|
* There must be exactly one stream on the peer->connection->obuf FIFO, and the
|
2021-04-30 20:55:40 +02:00
|
|
|
* data within this stream must match the format of a BGP NOTIFICATION message.
|
2017-12-18 19:19:22 +01:00
|
|
|
* Transmission is best-effort.
|
|
|
|
|
*
|
2021-08-10 05:43:46 +02:00
|
|
|
* @requires peer->connection->io_mtx
|
2017-12-18 19:19:22 +01:00
|
|
|
* @param peer
|
|
|
|
|
* @return 0
|
|
|
|
|
*/
|
2020-03-20 10:57:54 +01:00
|
|
|
static void bgp_write_notify(struct peer *peer)
|
2017-05-02 02:37:45 +02:00
|
|
|
{
|
|
|
|
|
int ret, val;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t type;
|
2017-05-02 02:37:45 +02:00
|
|
|
struct stream *s;
|
|
|
|
|
|
2017-12-18 19:19:22 +01:00
|
|
|
/* There should be at least one packet. */
|
2021-08-10 05:43:46 +02:00
|
|
|
s = stream_fifo_pop(peer->connection->obuf);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2017-12-01 19:41:27 +01:00
|
|
|
if (!s)
|
2020-03-20 10:57:54 +01:00
|
|
|
return;
|
2017-12-01 19:41:27 +01:00
|
|
|
|
|
|
|
|
assert(stream_get_endp(s) >= BGP_HEADER_SIZE);
|
|
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
|
|
|
|
|
* we only care about getting a clean shutdown at this point.
|
|
|
|
|
*/
|
2021-08-10 05:43:46 +02:00
|
|
|
ret = write(peer->connection->fd, STREAM_DATA(s), stream_get_endp(s));
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* only connection reset/close gets counted as TCP_fatal_error, failure
|
|
|
|
|
* to write the entire NOTIFY doesn't get different FSM treatment
|
|
|
|
|
*/
|
2017-05-02 02:37:45 +02:00
|
|
|
if (ret <= 0) {
|
2017-06-12 08:46:56 +02:00
|
|
|
stream_free(s);
|
2017-05-02 02:37:45 +02:00
|
|
|
BGP_EVENT_ADD(peer, TCP_fatal_error);
|
2020-03-20 10:57:54 +01:00
|
|
|
return;
|
2017-05-02 02:37:45 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Disable Nagle, make NOTIFY packet go out right away */
|
|
|
|
|
val = 1;
|
2021-08-10 05:43:46 +02:00
|
|
|
(void)setsockopt(peer->connection->fd, IPPROTO_TCP, TCP_NODELAY,
|
2021-04-30 20:55:40 +02:00
|
|
|
(char *)&val, sizeof(val));
|
2017-05-02 02:37:45 +02:00
|
|
|
|
|
|
|
|
/* Retrieve BGP packet type. */
|
|
|
|
|
stream_set_getp(s, BGP_MARKER_SIZE + 2);
|
|
|
|
|
type = stream_getc(s);
|
|
|
|
|
|
|
|
|
|
assert(type == BGP_MSG_NOTIFY);
|
|
|
|
|
|
|
|
|
|
/* Type should be notify. */
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->notify_out, 1, memory_order_relaxed);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
|
|
|
|
/* Double start timer. */
|
|
|
|
|
peer->v_start *= 2;
|
|
|
|
|
|
|
|
|
|
/* Overflow check. */
|
|
|
|
|
if (peer->v_start >= (60 * 2))
|
|
|
|
|
peer->v_start = (60 * 2);
|
|
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* Handle Graceful Restart case where the state changes to
|
|
|
|
|
* Connect instead of Idle
|
|
|
|
|
*/
|
2017-05-02 02:37:45 +02:00
|
|
|
BGP_EVENT_ADD(peer, BGP_Stop);
|
|
|
|
|
|
2017-06-12 08:46:56 +02:00
|
|
|
stream_free(s);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
/*
|
|
|
|
|
* Encapsulate an original BGP CEASE Notification into Hard Reset
|
|
|
|
|
*/
|
|
|
|
|
static uint8_t *bgp_notify_encapsulate_hard_reset(uint8_t code, uint8_t subcode,
|
|
|
|
|
uint8_t *data, size_t datalen)
|
|
|
|
|
{
|
|
|
|
|
uint8_t *message = XCALLOC(MTYPE_BGP_NOTIFICATION, datalen + 2);
|
|
|
|
|
|
|
|
|
|
/* ErrCode */
|
|
|
|
|
message[0] = code;
|
|
|
|
|
/* Subcode */
|
|
|
|
|
message[1] = subcode;
|
|
|
|
|
/* Data */
|
|
|
|
|
if (datalen)
|
|
|
|
|
memcpy(message + 2, data, datalen);
|
|
|
|
|
|
|
|
|
|
return message;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Decapsulate an original BGP CEASE Notification from Hard Reset
|
|
|
|
|
*/
|
|
|
|
|
struct bgp_notify bgp_notify_decapsulate_hard_reset(struct bgp_notify *notify)
|
|
|
|
|
{
|
|
|
|
|
struct bgp_notify bn = {};
|
|
|
|
|
|
|
|
|
|
bn.code = notify->raw_data[0];
|
|
|
|
|
bn.subcode = notify->raw_data[1];
|
|
|
|
|
bn.length = notify->length - 2;
|
|
|
|
|
|
2022-07-10 11:42:46 +02:00
|
|
|
bn.raw_data = XMALLOC(MTYPE_BGP_NOTIFICATION, bn.length);
|
2022-04-30 22:04:58 +02:00
|
|
|
memcpy(bn.raw_data, notify->raw_data + 2, bn.length);
|
|
|
|
|
|
|
|
|
|
return bn;
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-11 18:42:53 +02:00
|
|
|
/* Check if Graceful-Restart N-bit is exchanged */
|
|
|
|
|
bool bgp_has_graceful_restart_notification(struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
return CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV) &&
|
|
|
|
|
CHECK_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_ADV);
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
/*
|
|
|
|
|
* Check if to send BGP CEASE Notification/Hard Reset?
|
|
|
|
|
*/
|
2022-05-06 09:21:15 +02:00
|
|
|
bool bgp_notify_send_hard_reset(struct peer *peer, uint8_t code,
|
|
|
|
|
uint8_t subcode)
|
2022-04-30 22:04:58 +02:00
|
|
|
{
|
|
|
|
|
/* When the "N" bit has been exchanged, a Hard Reset message is used to
|
|
|
|
|
* indicate to the peer that the session is to be fully terminated.
|
|
|
|
|
*/
|
2022-05-11 18:42:53 +02:00
|
|
|
if (!bgp_has_graceful_restart_notification(peer))
|
2022-04-30 22:04:58 +02:00
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* https://datatracker.ietf.org/doc/html/rfc8538#section-5.1
|
|
|
|
|
*/
|
2022-05-06 09:21:15 +02:00
|
|
|
if (code == BGP_NOTIFY_CEASE) {
|
2022-04-30 22:04:58 +02:00
|
|
|
switch (subcode) {
|
|
|
|
|
case BGP_NOTIFY_CEASE_MAX_PREFIX:
|
|
|
|
|
case BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN:
|
|
|
|
|
case BGP_NOTIFY_CEASE_PEER_UNCONFIG:
|
|
|
|
|
case BGP_NOTIFY_CEASE_HARD_RESET:
|
2022-05-30 16:40:15 +02:00
|
|
|
case BGP_NOTIFY_CEASE_BFD_DOWN:
|
2022-04-30 22:04:58 +02:00
|
|
|
return true;
|
2022-05-06 09:21:15 +02:00
|
|
|
case BGP_NOTIFY_CEASE_ADMIN_RESET:
|
|
|
|
|
/* Provide user control:
|
|
|
|
|
* `bgp hard-adminstrative-reset`
|
|
|
|
|
*/
|
|
|
|
|
if (CHECK_FLAG(peer->bgp->flags,
|
|
|
|
|
BGP_FLAG_HARD_ADMIN_RESET))
|
|
|
|
|
return true;
|
|
|
|
|
else
|
|
|
|
|
return false;
|
2022-04-30 22:04:58 +02:00
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-06 09:21:15 +02:00
|
|
|
/*
|
|
|
|
|
* Check if received BGP CEASE Notification/Hard Reset?
|
|
|
|
|
*/
|
|
|
|
|
bool bgp_notify_received_hard_reset(struct peer *peer, uint8_t code,
|
|
|
|
|
uint8_t subcode)
|
|
|
|
|
{
|
|
|
|
|
/* When the "N" bit has been exchanged, a Hard Reset message is used to
|
|
|
|
|
* indicate to the peer that the session is to be fully terminated.
|
|
|
|
|
*/
|
2022-05-11 18:42:53 +02:00
|
|
|
if (!bgp_has_graceful_restart_notification(peer))
|
2022-05-06 09:21:15 +02:00
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
if (code == BGP_NOTIFY_CEASE && subcode == BGP_NOTIFY_CEASE_HARD_RESET)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Creates a BGP Notify and appends it to the peer's output queue.
|
|
|
|
|
*
|
2017-09-08 17:51:12 +02:00
|
|
|
* This function attempts to write the packet from the thread it is called
|
|
|
|
|
* from, to ensure the packet gets out ASAP.
|
2017-02-07 00:39:06 +01:00
|
|
|
*
|
2017-12-18 19:19:22 +01:00
|
|
|
* This function may be called from multiple threads. Since the function
|
|
|
|
|
* modifies I/O buffer(s) in the peer, these are locked for the duration of the
|
|
|
|
|
* call to prevent tampering from other threads.
|
|
|
|
|
*
|
|
|
|
|
* Delivery of the NOTIFICATION is attempted once and is best-effort. After
|
|
|
|
|
* return, the peer structure *must* be reset; no assumptions about session
|
|
|
|
|
* state are valid.
|
|
|
|
|
*
|
2017-02-07 00:39:06 +01:00
|
|
|
* @param peer
|
|
|
|
|
* @param code BGP error code
|
|
|
|
|
* @param sub_code BGP error subcode
|
|
|
|
|
* @param data Data portion
|
|
|
|
|
* @param datalen length of data portion
|
|
|
|
|
*/
|
2023-08-26 23:30:10 +02:00
|
|
|
static void bgp_notify_send_internal(struct peer_connection *connection,
|
|
|
|
|
uint8_t code, uint8_t sub_code,
|
|
|
|
|
uint8_t *data, size_t datalen,
|
|
|
|
|
bool use_curr)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
struct stream *s;
|
2023-08-26 23:30:10 +02:00
|
|
|
struct peer *peer = connection->peer;
|
2022-05-06 09:21:15 +02:00
|
|
|
bool hard_reset = bgp_notify_send_hard_reset(peer, code, sub_code);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-12-18 19:19:22 +01:00
|
|
|
/* Lock I/O mutex to prevent other threads from pushing packets */
|
2023-08-26 23:30:10 +02:00
|
|
|
frr_mutex_lock_autounlock(&connection->io_mtx);
|
2017-12-18 19:19:22 +01:00
|
|
|
/* ============================================== */
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Allocate new stream. */
|
2021-02-25 18:46:49 +01:00
|
|
|
s = stream_new(peer->max_packet_size);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/* Make notify packet. */
|
2002-12-13 21:15:29 +01:00
|
|
|
bgp_packet_set_marker(s, BGP_MSG_NOTIFY);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
/* Check if we should send Hard Reset Notification or not */
|
|
|
|
|
if (hard_reset) {
|
|
|
|
|
uint8_t *hard_reset_message = bgp_notify_encapsulate_hard_reset(
|
|
|
|
|
code, sub_code, data, datalen);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
/* Hard Reset encapsulates another NOTIFICATION message
|
|
|
|
|
* in its data portion.
|
|
|
|
|
*/
|
|
|
|
|
stream_putc(s, BGP_NOTIFY_CEASE);
|
|
|
|
|
stream_putc(s, BGP_NOTIFY_CEASE_HARD_RESET);
|
|
|
|
|
stream_write(s, hard_reset_message, datalen + 2);
|
|
|
|
|
|
|
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, hard_reset_message);
|
|
|
|
|
} else {
|
|
|
|
|
stream_putc(s, code);
|
|
|
|
|
stream_putc(s, sub_code);
|
|
|
|
|
if (data)
|
|
|
|
|
stream_write(s, data, datalen);
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Set BGP packet length. */
|
2018-04-11 22:22:23 +02:00
|
|
|
bgp_packet_set_size(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-05-02 02:37:45 +02:00
|
|
|
/* wipe output buffer */
|
2023-08-26 23:30:10 +02:00
|
|
|
stream_fifo_clean(connection->obuf);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* If possible, store last packet for debugging purposes. This check is
|
|
|
|
|
* in place because we are sometimes called with a doppelganger peer,
|
|
|
|
|
* who tends to have a plethora of fields nulled out.
|
2022-09-08 22:14:36 +02:00
|
|
|
*
|
|
|
|
|
* Some callers should not attempt this - the io pthread for example
|
|
|
|
|
* should not touch internals of the peer struct.
|
2017-09-08 17:51:12 +02:00
|
|
|
*/
|
2022-09-08 22:14:36 +02:00
|
|
|
if (use_curr && peer->curr) {
|
2017-06-10 03:01:56 +02:00
|
|
|
size_t packetsize = stream_get_endp(peer->curr);
|
2021-04-27 22:20:27 +02:00
|
|
|
assert(packetsize <= peer->max_packet_size);
|
2023-07-24 02:30:47 +02:00
|
|
|
if (peer->last_reset_cause)
|
|
|
|
|
stream_free(peer->last_reset_cause);
|
|
|
|
|
peer->last_reset_cause = stream_dup(peer->curr);
|
2017-06-10 03:01:56 +02:00
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* For debug */
|
|
|
|
|
{
|
|
|
|
|
struct bgp_notify bgp_notify;
|
|
|
|
|
int first = 0;
|
|
|
|
|
int i;
|
|
|
|
|
char c[4];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
bgp_notify.code = code;
|
|
|
|
|
bgp_notify.subcode = sub_code;
|
|
|
|
|
bgp_notify.data = NULL;
|
2018-04-11 18:54:42 +02:00
|
|
|
bgp_notify.length = datalen;
|
2017-01-25 04:03:38 +01:00
|
|
|
bgp_notify.raw_data = data;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-09-16 04:14:06 +02:00
|
|
|
peer->notify.code = bgp_notify.code;
|
|
|
|
|
peer->notify.subcode = bgp_notify.subcode;
|
2022-11-24 12:07:32 +01:00
|
|
|
peer->notify.length = bgp_notify.length;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2018-04-11 18:54:42 +02:00
|
|
|
if (bgp_notify.length && data) {
|
2022-11-24 12:07:32 +01:00
|
|
|
bgp_notify.data = XMALLOC(MTYPE_BGP_NOTIFICATION,
|
|
|
|
|
bgp_notify.length * 3);
|
2002-12-13 21:15:29 +01:00
|
|
|
for (i = 0; i < bgp_notify.length; i++)
|
|
|
|
|
if (first) {
|
2019-05-06 23:05:06 +02:00
|
|
|
snprintf(c, sizeof(c), " %02x",
|
|
|
|
|
data[i]);
|
2019-10-23 20:14:51 +02:00
|
|
|
|
2019-05-06 23:05:06 +02:00
|
|
|
strlcat(bgp_notify.data, c,
|
2019-11-25 16:18:15 +01:00
|
|
|
bgp_notify.length);
|
2019-10-23 20:14:51 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
} else {
|
|
|
|
|
first = 1;
|
2019-05-06 23:05:06 +02:00
|
|
|
snprintf(c, sizeof(c), "%02x", data[i]);
|
2019-10-23 20:14:51 +02:00
|
|
|
|
2019-05-06 23:05:06 +02:00
|
|
|
strlcpy(bgp_notify.data, c,
|
2019-11-25 16:18:15 +01:00
|
|
|
bgp_notify.length);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2022-04-30 22:04:58 +02:00
|
|
|
bgp_notify_print(peer, &bgp_notify, "sending", hard_reset);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (bgp_notify.data) {
|
2022-11-24 12:07:32 +01:00
|
|
|
if (data) {
|
|
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION,
|
|
|
|
|
peer->notify.data);
|
|
|
|
|
peer->notify.data = XCALLOC(
|
|
|
|
|
MTYPE_BGP_NOTIFICATION, datalen);
|
|
|
|
|
memcpy(peer->notify.data, data, datalen);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, bgp_notify.data);
|
2015-10-21 00:13:20 +02:00
|
|
|
bgp_notify.length = 0;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2004-05-20 11:19:34 +02:00
|
|
|
/* peer reset cause */
|
2015-09-16 04:14:06 +02:00
|
|
|
if (code == BGP_NOTIFY_CEASE) {
|
2004-05-20 11:19:34 +02:00
|
|
|
if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
|
2011-09-12 11:27:52 +02:00
|
|
|
peer->last_reset = PEER_DOWN_USER_RESET;
|
2022-11-04 14:40:52 +01:00
|
|
|
else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN) {
|
|
|
|
|
if (CHECK_FLAG(peer->sflags, PEER_STATUS_RTT_SHUTDOWN))
|
|
|
|
|
peer->last_reset = PEER_DOWN_RTT_SHUTDOWN;
|
|
|
|
|
else
|
|
|
|
|
peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
|
|
|
|
|
} else
|
2011-09-12 11:27:52 +02:00
|
|
|
peer->last_reset = PEER_DOWN_NOTIFY_SEND;
|
2015-09-16 04:14:06 +02:00
|
|
|
} else
|
|
|
|
|
peer->last_reset = PEER_DOWN_NOTIFY_SEND;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/* Add packet to peer's output queue */
|
2023-08-26 23:30:10 +02:00
|
|
|
stream_fifo_push(connection->obuf, s);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2019-10-23 21:12:10 +02:00
|
|
|
bgp_peer_gr_flags_update(peer);
|
2020-01-31 19:04:00 +01:00
|
|
|
BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
|
|
|
|
|
peer->bgp->peer);
|
2019-10-23 21:12:10 +02:00
|
|
|
|
2017-05-02 02:37:45 +02:00
|
|
|
bgp_write_notify(peer);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Creates a BGP Notify and appends it to the peer's output queue.
|
|
|
|
|
*
|
2017-09-08 17:51:12 +02:00
|
|
|
* This function attempts to write the packet from the thread it is called
|
|
|
|
|
* from, to ensure the packet gets out ASAP.
|
2017-02-07 00:39:06 +01:00
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param code BGP error code
|
|
|
|
|
* @param sub_code BGP error subcode
|
|
|
|
|
*/
|
2023-08-26 23:30:10 +02:00
|
|
|
void bgp_notify_send(struct peer_connection *connection, uint8_t code,
|
|
|
|
|
uint8_t sub_code)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_internal(connection, code, sub_code, NULL, 0, true);
|
2022-09-08 22:14:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Enqueue notification; called from the main pthread, peer object access is ok.
|
|
|
|
|
*/
|
2023-08-26 23:30:10 +02:00
|
|
|
void bgp_notify_send_with_data(struct peer_connection *connection, uint8_t code,
|
2022-09-08 22:14:36 +02:00
|
|
|
uint8_t sub_code, uint8_t *data, size_t datalen)
|
|
|
|
|
{
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_internal(connection, code, sub_code, data, datalen,
|
|
|
|
|
true);
|
2022-09-08 22:14:36 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For use by the io pthread, queueing a notification but avoiding access to
|
|
|
|
|
* the peer object.
|
|
|
|
|
*/
|
|
|
|
|
void bgp_notify_io_invalid(struct peer *peer, uint8_t code, uint8_t sub_code,
|
|
|
|
|
uint8_t *data, size_t datalen)
|
|
|
|
|
{
|
|
|
|
|
/* Avoid touching the peer object */
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_internal(peer->connection, code, sub_code, data,
|
|
|
|
|
datalen, false);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Creates BGP Route Refresh packet and appends it to the peer's output queue.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param afi Address Family Identifier
|
|
|
|
|
* @param safi Subsequent Address Family Identifier
|
|
|
|
|
* @param orf_type Outbound Route Filtering type
|
|
|
|
|
* @param when_to_refresh Whether to refresh immediately or defer
|
|
|
|
|
* @param remove Whether to remove ORF for specified AFI/SAFI
|
2023-05-08 06:08:35 +02:00
|
|
|
* @param subtype BGP enhanced route refresh optional subtypes
|
2017-02-07 00:39:06 +01:00
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi,
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t orf_type, uint8_t when_to_refresh,
|
2020-10-01 22:08:06 +02:00
|
|
|
int remove, uint8_t subtype)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
|
|
|
|
struct stream *s;
|
|
|
|
|
struct bgp_filter *filter;
|
|
|
|
|
int orf_refresh = 0;
|
2022-04-27 13:57:41 +02:00
|
|
|
iana_afi_t pkt_afi = IANA_AFI_IPV4;
|
|
|
|
|
iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-06-15 19:25:35 +02:00
|
|
|
if (DISABLE_BGP_ANNOUNCE)
|
2002-12-13 21:15:29 +01:00
|
|
|
return;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
filter = &peer->filter[afi][safi];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Convert AFI, SAFI to values for packet. */
|
|
|
|
|
bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-02-25 18:46:49 +01:00
|
|
|
s = stream_new(peer->max_packet_size);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Make BGP update packet. */
|
2023-07-07 15:01:19 +02:00
|
|
|
if (CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_RCV))
|
2002-12-13 21:15:29 +01:00
|
|
|
bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_NEW);
|
|
|
|
|
else
|
|
|
|
|
bgp_packet_set_marker(s, BGP_MSG_ROUTE_REFRESH_OLD);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Encode Route Refresh message. */
|
2016-06-15 19:25:35 +02:00
|
|
|
stream_putw(s, pkt_afi);
|
2020-10-01 22:08:06 +02:00
|
|
|
if (subtype)
|
|
|
|
|
stream_putc(s, subtype);
|
|
|
|
|
else
|
|
|
|
|
stream_putc(s, 0);
|
2002-12-13 21:15:29 +01:00
|
|
|
stream_putc(s, pkt_safi);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2023-07-07 22:39:44 +02:00
|
|
|
if (orf_type == ORF_TYPE_PREFIX)
|
2002-12-13 21:15:29 +01:00
|
|
|
if (remove || filter->plist[FILTER_IN].plist) {
|
2018-03-27 21:13:34 +02:00
|
|
|
uint16_t orf_len;
|
2002-12-13 21:15:29 +01:00
|
|
|
unsigned long orfp;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
orf_refresh = 1;
|
|
|
|
|
stream_putc(s, when_to_refresh);
|
|
|
|
|
stream_putc(s, orf_type);
|
|
|
|
|
orfp = stream_get_endp(s);
|
|
|
|
|
stream_putw(s, 0);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (remove) {
|
|
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_ORF_PREFIX_SEND);
|
|
|
|
|
stream_putc(s, ORF_COMMON_PART_REMOVE_ALL);
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2004-12-08 22:03:23 +01:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %s/%s",
|
|
|
|
|
peer, orf_type,
|
2022-03-22 20:45:47 +01:00
|
|
|
(when_to_refresh ==
|
|
|
|
|
REFRESH_DEFER
|
2002-12-13 21:15:29 +01:00
|
|
|
? "defer"
|
|
|
|
|
: "immediate"),
|
2019-06-02 01:11:28 +02:00
|
|
|
iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
2002-12-13 21:15:29 +01:00
|
|
|
} else {
|
2005-02-09 16:51:56 +01:00
|
|
|
SET_FLAG(peer->af_sflags[afi][safi],
|
2002-12-13 21:15:29 +01:00
|
|
|
PEER_STATUS_ORF_PREFIX_SEND);
|
|
|
|
|
prefix_bgp_orf_entry(
|
|
|
|
|
s, filter->plist[FILTER_IN].plist,
|
|
|
|
|
ORF_COMMON_PART_ADD,
|
|
|
|
|
ORF_COMMON_PART_PERMIT,
|
2015-05-20 03:12:17 +02:00
|
|
|
ORF_COMMON_PART_DENY);
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2015-09-03 15:50:16 +02:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %s/%s",
|
|
|
|
|
peer, orf_type,
|
2022-03-22 20:45:47 +01:00
|
|
|
(when_to_refresh ==
|
|
|
|
|
REFRESH_DEFER
|
2002-12-13 21:15:29 +01:00
|
|
|
? "defer"
|
|
|
|
|
: "immediate"),
|
2019-06-02 01:11:28 +02:00
|
|
|
iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Total ORF Entry Len. */
|
2005-02-09 16:51:56 +01:00
|
|
|
orf_len = stream_get_endp(s) - orfp - 2;
|
|
|
|
|
stream_putw_at(s, orfp, orf_len);
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Set packet size. */
|
2021-11-29 20:23:53 +01:00
|
|
|
bgp_packet_set_size(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (bgp_debug_neighbor_events(peer)) {
|
|
|
|
|
if (!orf_refresh)
|
2022-03-22 20:45:47 +01:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP sending REFRESH_REQ for afi/safi: %s/%s",
|
|
|
|
|
peer, iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Add packet to the peer. */
|
2015-08-18 14:41:58 +02:00
|
|
|
bgp_packet_add(peer, s);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_writes_on(peer->connection);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-07 00:39:06 +01:00
|
|
|
/*
|
|
|
|
|
* Create a BGP Capability packet and append it to the peer's output queue.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param afi Address Family Identifier
|
|
|
|
|
* @param safi Subsequent Address Family Identifier
|
|
|
|
|
* @param capability_code BGP Capability Code
|
|
|
|
|
* @param action Set or Remove capability
|
|
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
|
|
|
|
|
int capability_code, int action)
|
|
|
|
|
{
|
|
|
|
|
struct stream *s;
|
2022-04-27 13:57:41 +02:00
|
|
|
iana_afi_t pkt_afi = IANA_AFI_IPV4;
|
|
|
|
|
iana_safi_t pkt_safi = IANA_SAFI_UNICAST;
|
2023-08-03 15:37:54 +02:00
|
|
|
unsigned long cap_len;
|
|
|
|
|
uint16_t len;
|
2023-08-29 09:02:14 +02:00
|
|
|
uint32_t gr_restart_time;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2023-08-05 22:00:55 +02:00
|
|
|
if (!peer_established(peer))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_RCV) &&
|
|
|
|
|
!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV))
|
|
|
|
|
return;
|
|
|
|
|
|
2016-06-15 19:25:35 +02:00
|
|
|
/* Convert AFI, SAFI to values for packet. */
|
|
|
|
|
bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi, &pkt_safi);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-02-25 18:46:49 +01:00
|
|
|
s = stream_new(peer->max_packet_size);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Make BGP update packet. */
|
|
|
|
|
bgp_packet_set_marker(s, BGP_MSG_CAPABILITY);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Encode MP_EXT capability. */
|
2023-08-03 15:37:54 +02:00
|
|
|
switch (capability_code) {
|
|
|
|
|
case CAPABILITY_CODE_SOFT_VERSION:
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_ADV);
|
|
|
|
|
stream_putc(s, action);
|
|
|
|
|
stream_putc(s, CAPABILITY_CODE_SOFT_VERSION);
|
|
|
|
|
cap_len = stream_get_endp(s);
|
|
|
|
|
stream_putc(s, 0); /* Capability Length */
|
|
|
|
|
|
|
|
|
|
/* The Capability Length SHOULD be no greater than 64.
|
|
|
|
|
* This is the limit to allow other capabilities as much
|
|
|
|
|
* space as they require.
|
|
|
|
|
*/
|
|
|
|
|
const char *soft_version = cmd_software_version_get();
|
|
|
|
|
|
|
|
|
|
len = strlen(soft_version);
|
|
|
|
|
if (len > BGP_MAX_SOFT_VERSION)
|
|
|
|
|
len = BGP_MAX_SOFT_VERSION;
|
|
|
|
|
|
|
|
|
|
stream_putc(s, len);
|
|
|
|
|
stream_put(s, soft_version, len);
|
|
|
|
|
|
|
|
|
|
/* Software Version capability Len. */
|
|
|
|
|
len = stream_get_endp(s) - cap_len - 1;
|
|
|
|
|
stream_putc_at(s, cap_len, len);
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("%pBP sending CAPABILITY has %s Software Version for afi/safi: %s/%s",
|
|
|
|
|
peer,
|
|
|
|
|
action == CAPABILITY_ACTION_SET
|
|
|
|
|
? "Advertising"
|
|
|
|
|
: "Removing",
|
|
|
|
|
iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
|
|
|
|
break;
|
|
|
|
|
case CAPABILITY_CODE_MP:
|
2002-12-13 21:15:29 +01:00
|
|
|
stream_putc(s, action);
|
|
|
|
|
stream_putc(s, CAPABILITY_CODE_MP);
|
|
|
|
|
stream_putc(s, CAPABILITY_CODE_MP_LEN);
|
2016-06-15 19:25:35 +02:00
|
|
|
stream_putw(s, pkt_afi);
|
2002-12-13 21:15:29 +01:00
|
|
|
stream_putc(s, 0);
|
2016-06-15 19:25:35 +02:00
|
|
|
stream_putc(s, pkt_safi);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2015-09-03 15:50:16 +02:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP sending CAPABILITY has %s MP_EXT CAP for afi/safi: %s/%s",
|
|
|
|
|
peer,
|
2002-12-13 21:15:29 +01:00
|
|
|
action == CAPABILITY_ACTION_SET ? "Advertising"
|
2016-06-15 19:25:35 +02:00
|
|
|
: "Removing",
|
2019-06-02 01:11:28 +02:00
|
|
|
iana_afi2str(pkt_afi), iana_safi2str(pkt_safi));
|
2023-08-03 15:37:54 +02:00
|
|
|
break;
|
2023-08-29 09:02:14 +02:00
|
|
|
case CAPABILITY_CODE_RESTART:
|
|
|
|
|
if (!CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART) &&
|
|
|
|
|
!CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART_HELPER))
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_RESTART_ADV);
|
|
|
|
|
stream_putc(s, action);
|
|
|
|
|
stream_putc(s, CAPABILITY_CODE_RESTART);
|
|
|
|
|
cap_len = stream_get_endp(s);
|
|
|
|
|
stream_putc(s, 0);
|
|
|
|
|
gr_restart_time = peer->bgp->restart_time;
|
|
|
|
|
|
|
|
|
|
if (peer->bgp->t_startup) {
|
|
|
|
|
SET_FLAG(gr_restart_time, GRACEFUL_RESTART_R_BIT);
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_R_BIT_ADV);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (CHECK_FLAG(peer->bgp->flags,
|
|
|
|
|
BGP_FLAG_GRACEFUL_NOTIFICATION)) {
|
|
|
|
|
SET_FLAG(gr_restart_time, GRACEFUL_RESTART_N_BIT);
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_ADV);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
stream_putw(s, gr_restart_time);
|
|
|
|
|
|
|
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART)) {
|
|
|
|
|
FOREACH_AFI_SAFI (afi, safi) {
|
|
|
|
|
if (!peer->afc[afi][safi])
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
bgp_map_afi_safi_int2iana(afi, safi, &pkt_afi,
|
|
|
|
|
&pkt_safi);
|
|
|
|
|
stream_putw(s, pkt_afi);
|
|
|
|
|
stream_putc(s, pkt_safi);
|
|
|
|
|
if (CHECK_FLAG(peer->bgp->flags,
|
|
|
|
|
BGP_FLAG_GR_PRESERVE_FWD))
|
|
|
|
|
stream_putc(s, GRACEFUL_RESTART_F_BIT);
|
|
|
|
|
else
|
|
|
|
|
stream_putc(s, 0);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Software Version capability Len. */
|
|
|
|
|
len = stream_get_endp(s) - cap_len - 1;
|
|
|
|
|
stream_putc_at(s, cap_len, len);
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("%pBP sending CAPABILITY has %s Graceful-Restart CAP for afi/safi: %s/%s",
|
|
|
|
|
peer,
|
|
|
|
|
action == CAPABILITY_ACTION_SET
|
|
|
|
|
? "Advertising"
|
|
|
|
|
: "Removing",
|
|
|
|
|
iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
|
|
|
|
|
|
|
|
|
break;
|
2023-08-03 15:58:40 +02:00
|
|
|
case CAPABILITY_CODE_REFRESH:
|
|
|
|
|
case CAPABILITY_CODE_ORF:
|
|
|
|
|
case CAPABILITY_CODE_AS4:
|
|
|
|
|
case CAPABILITY_CODE_DYNAMIC:
|
|
|
|
|
case CAPABILITY_CODE_ADDPATH:
|
|
|
|
|
case CAPABILITY_CODE_ENHANCED_RR:
|
|
|
|
|
case CAPABILITY_CODE_LLGR:
|
|
|
|
|
case CAPABILITY_CODE_FQDN:
|
|
|
|
|
case CAPABILITY_CODE_ENHE:
|
|
|
|
|
case CAPABILITY_CODE_EXT_MESSAGE:
|
2023-08-05 21:32:57 +02:00
|
|
|
break;
|
2023-08-03 15:58:40 +02:00
|
|
|
case CAPABILITY_CODE_ROLE:
|
2023-08-05 21:32:57 +02:00
|
|
|
if (peer->local_role != ROLE_UNDEFINED) {
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_ROLE_ADV);
|
|
|
|
|
stream_putc(s, action);
|
|
|
|
|
stream_putc(s, CAPABILITY_CODE_ROLE);
|
|
|
|
|
stream_putc(s, CAPABILITY_CODE_ROLE_LEN);
|
|
|
|
|
stream_putc(s, peer->local_role);
|
|
|
|
|
}
|
2023-08-03 15:58:40 +02:00
|
|
|
break;
|
2023-08-03 15:37:54 +02:00
|
|
|
default:
|
|
|
|
|
break;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Set packet size. */
|
2021-11-29 20:23:53 +01:00
|
|
|
bgp_packet_set_size(s);
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2016-06-15 19:25:35 +02:00
|
|
|
/* Add packet to the peer. */
|
|
|
|
|
bgp_packet_add(peer, s);
|
2017-05-02 02:37:45 +02:00
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_writes_on(peer->connection);
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* RFC1771 6.8 Connection collision detection. */
|
|
|
|
|
static int bgp_collision_detect(struct peer *new, struct in_addr remote_id)
|
2017-07-17 14:03:14 +02:00
|
|
|
{
|
2004-05-01 10:44:08 +02:00
|
|
|
struct peer *peer;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-05-01 01:08:27 +02:00
|
|
|
/*
|
|
|
|
|
* Upon receipt of an OPEN message, the local system must examine
|
|
|
|
|
* all of its connections that are in the OpenConfirm state. A BGP
|
|
|
|
|
* speaker may also examine connections in an OpenSent state if it
|
|
|
|
|
* knows the BGP Identifier of the peer by means outside of the
|
|
|
|
|
* protocol. If among these connections there is a connection to a
|
|
|
|
|
* remote BGP speaker whose BGP Identifier equals the one in the
|
|
|
|
|
* OPEN message, then the local system performs the following
|
|
|
|
|
* collision resolution procedure:
|
|
|
|
|
*/
|
|
|
|
|
peer = new->doppelganger;
|
|
|
|
|
if (peer == NULL)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Do not accept the new connection in Established or Clearing
|
|
|
|
|
* states. Note that a peer GR is handled by closing the existing
|
|
|
|
|
* connection upon receipt of new one.
|
|
|
|
|
*/
|
2021-08-10 05:43:46 +02:00
|
|
|
if (peer_established(peer) || peer->connection->status == Clearing) {
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(new->connection, BGP_NOTIFY_CEASE,
|
2021-05-01 01:08:27 +02:00
|
|
|
BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
if ((peer->connection->status != OpenConfirm) &&
|
|
|
|
|
(peer->connection->status != OpenSent))
|
2021-05-01 01:08:27 +02:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* 1. The BGP Identifier of the local system is
|
|
|
|
|
* compared to the BGP Identifier of the remote
|
|
|
|
|
* system (as specified in the OPEN message).
|
|
|
|
|
*
|
|
|
|
|
* If the BGP Identifiers of the peers
|
|
|
|
|
* involved in the connection collision
|
|
|
|
|
* are identical, then the connection
|
|
|
|
|
* initiated by the BGP speaker with the
|
|
|
|
|
* larger AS number is preserved.
|
|
|
|
|
*/
|
|
|
|
|
if (ntohl(peer->local_id.s_addr) < ntohl(remote_id.s_addr)
|
|
|
|
|
|| (ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)
|
|
|
|
|
&& peer->local_as < peer->as))
|
|
|
|
|
if (!CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)) {
|
|
|
|
|
/*
|
|
|
|
|
* 2. If the value of the local BGP
|
|
|
|
|
* Identifier is less than the remote one,
|
|
|
|
|
* the local system closes BGP connection
|
|
|
|
|
* that already exists (the one that is
|
|
|
|
|
* already in the OpenConfirm state),
|
|
|
|
|
* and accepts BGP connection initiated by
|
|
|
|
|
* the remote system.
|
|
|
|
|
*/
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2021-05-01 01:08:27 +02:00
|
|
|
BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
|
|
|
|
|
return 1;
|
|
|
|
|
} else {
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(new->connection, BGP_NOTIFY_CEASE,
|
2021-05-01 01:08:27 +02:00
|
|
|
BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
if (ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr)
|
|
|
|
|
&& peer->local_as == peer->as)
|
|
|
|
|
flog_err(EC_BGP_ROUTER_ID_SAME,
|
|
|
|
|
"Peer's router-id %pI4 is the same as ours",
|
|
|
|
|
&remote_id);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* 3. Otherwise, the local system closes newly
|
|
|
|
|
* created BGP connection (the one associated with the
|
|
|
|
|
* newly received OPEN message), and continues to use
|
|
|
|
|
* the existing one (the one that is already in the
|
|
|
|
|
* OpenConfirm state).
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
2021-05-01 01:08:27 +02:00
|
|
|
if (CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)) {
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2021-05-01 01:08:27 +02:00
|
|
|
BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
|
|
|
|
|
return 1;
|
|
|
|
|
} else {
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(new->connection, BGP_NOTIFY_CEASE,
|
2015-05-20 02:40:37 +02:00
|
|
|
BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
|
2020-02-09 13:21:56 +01:00
|
|
|
return -1;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/* Packet processing routines ---------------------------------------------- */
|
|
|
|
|
/*
|
|
|
|
|
* This is a family of functions designed to be called from
|
|
|
|
|
* bgp_process_packet(). These functions all share similar behavior and should
|
|
|
|
|
* adhere to the following invariants and restrictions:
|
|
|
|
|
*
|
|
|
|
|
* Return codes
|
|
|
|
|
* ------------
|
|
|
|
|
* The return code of any one of those functions should be one of the FSM event
|
|
|
|
|
* codes specified in bgpd.h. If a NOTIFY was sent, this event code MUST be
|
|
|
|
|
* BGP_Stop. Otherwise, the code SHOULD correspond to the function's expected
|
|
|
|
|
* packet type. For example, bgp_open_receive() should return BGP_Stop upon
|
|
|
|
|
* error and Receive_OPEN_message otherwise.
|
|
|
|
|
*
|
|
|
|
|
* If no action is necessary, the correct return code is BGP_PACKET_NOOP as
|
|
|
|
|
* defined below.
|
|
|
|
|
*
|
|
|
|
|
* Side effects
|
|
|
|
|
* ------------
|
|
|
|
|
* - May send NOTIFY messages
|
2021-08-10 05:43:46 +02:00
|
|
|
* - May not modify peer->connection->status
|
2017-06-10 03:01:56 +02:00
|
|
|
* - May not call bgp_event_update()
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#define BGP_PACKET_NOOP 0
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Process BGP OPEN message for peer.
|
|
|
|
|
*
|
|
|
|
|
* If any errors are encountered in the OPEN message, immediately sends NOTIFY
|
|
|
|
|
* and returns BGP_Stop.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
|
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
static int bgp_open_receive(struct peer *peer, bgp_size_t size)
|
2017-07-17 14:03:14 +02:00
|
|
|
{
|
|
|
|
|
int ret;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t version;
|
2021-11-20 21:00:23 +01:00
|
|
|
uint16_t optlen;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint16_t holdtime;
|
|
|
|
|
uint16_t send_holdtime;
|
2002-12-13 21:15:29 +01:00
|
|
|
as_t remote_as;
|
2019-06-12 23:17:26 +02:00
|
|
|
as_t as4 = 0, as4_be;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct in_addr remote_id;
|
|
|
|
|
int mp_capability;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t notify_data_remote_as[2];
|
|
|
|
|
uint8_t notify_data_remote_as4[4];
|
|
|
|
|
uint8_t notify_data_remote_id[4];
|
|
|
|
|
uint16_t *holdtime_ptr;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Parse open packet. */
|
2017-05-02 02:37:45 +02:00
|
|
|
version = stream_getc(peer->curr);
|
|
|
|
|
memcpy(notify_data_remote_as, stream_pnt(peer->curr), 2);
|
|
|
|
|
remote_as = stream_getw(peer->curr);
|
2018-03-27 21:13:34 +02:00
|
|
|
holdtime_ptr = (uint16_t *)stream_pnt(peer->curr);
|
2017-05-02 02:37:45 +02:00
|
|
|
holdtime = stream_getw(peer->curr);
|
|
|
|
|
memcpy(notify_data_remote_id, stream_pnt(peer->curr), 4);
|
|
|
|
|
remote_id.s_addr = stream_get_ipv4(peer->curr);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* BEGIN to read the capability here, but dont do it yet */
|
|
|
|
|
mp_capability = 0;
|
2017-05-02 02:37:45 +02:00
|
|
|
optlen = stream_getc(peer->curr);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-11-20 21:00:23 +01:00
|
|
|
/* Extended Optional Parameters Length for BGP OPEN Message */
|
|
|
|
|
if (optlen == BGP_OPEN_NON_EXT_OPT_LEN
|
|
|
|
|
|| CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
|
|
|
|
|
uint8_t opttype;
|
|
|
|
|
|
2022-11-02 18:24:48 +01:00
|
|
|
if (STREAM_READABLE(peer->curr) < 1) {
|
|
|
|
|
flog_err(
|
|
|
|
|
EC_BGP_PKT_OPEN,
|
|
|
|
|
"%s: stream does not have enough bytes for extended optional parameters",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2022-11-02 18:24:48 +01:00
|
|
|
BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-20 21:00:23 +01:00
|
|
|
opttype = stream_getc(peer->curr);
|
|
|
|
|
if (opttype == BGP_OPEN_NON_EXT_OPT_TYPE_EXTENDED_LENGTH) {
|
2022-11-02 18:24:48 +01:00
|
|
|
if (STREAM_READABLE(peer->curr) < 2) {
|
|
|
|
|
flog_err(
|
|
|
|
|
EC_BGP_PKT_OPEN,
|
|
|
|
|
"%s: stream does not have enough bytes to read the extended optional parameters optlen",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection,
|
|
|
|
|
BGP_NOTIFY_OPEN_ERR,
|
2022-11-02 18:24:48 +01:00
|
|
|
BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
2021-11-20 21:00:23 +01:00
|
|
|
optlen = stream_getw(peer->curr);
|
|
|
|
|
SET_FLAG(peer->sflags,
|
|
|
|
|
PEER_STATUS_EXT_OPT_PARAMS_LENGTH);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Receive OPEN message log */
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
"%s rcv OPEN%s, version %d, remote-as (in open) %u, holdtime %d, id %pI4",
|
|
|
|
|
peer->host,
|
|
|
|
|
CHECK_FLAG(peer->sflags,
|
|
|
|
|
PEER_STATUS_EXT_OPT_PARAMS_LENGTH)
|
|
|
|
|
? " (Extended)"
|
|
|
|
|
: "",
|
|
|
|
|
version, remote_as, holdtime, &remote_id);
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (optlen != 0) {
|
|
|
|
|
/* If not enough bytes, it is an error. */
|
2017-05-02 02:37:45 +02:00
|
|
|
if (STREAM_READABLE(peer->curr) < optlen) {
|
2021-11-20 21:00:23 +01:00
|
|
|
flog_err(EC_BGP_PKT_OPEN,
|
|
|
|
|
"%s: stream has not enough bytes (%u)",
|
|
|
|
|
peer->host, optlen);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2004-12-08 22:03:23 +01:00
|
|
|
/* We need the as4 capability value *right now* because
|
|
|
|
|
* if it is there, we have not got the remote_as yet, and
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
* without
|
2004-12-08 22:03:23 +01:00
|
|
|
* that we do not know which peer is connecting to us now.
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
as4 = peek_for_as4_capability(peer, optlen);
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-12 23:17:26 +02:00
|
|
|
as4_be = htonl(as4);
|
|
|
|
|
memcpy(notify_data_remote_as4, &as4_be, 4);
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Just in case we have a silly peer who sends AS4 capability set to 0
|
|
|
|
|
*/
|
2015-05-20 03:12:17 +02:00
|
|
|
if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV) && !as4) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_PKT_OPEN,
|
2018-09-13 21:38:57 +02:00
|
|
|
"%s bad OPEN, got AS4 capability, but AS4 set to 0",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 03:12:17 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
2015-05-20 03:03:52 +02:00
|
|
|
notify_data_remote_as4, 4);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2020-03-10 06:35:35 +01:00
|
|
|
/* Codification of AS 0 Processing */
|
|
|
|
|
if (remote_as == BGP_AS_ZERO) {
|
|
|
|
|
flog_err(EC_BGP_PKT_OPEN, "%s bad OPEN, got AS set to 0",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2020-03-10 06:35:35 +01:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
if (remote_as == BGP_AS_TRANS) {
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Take the AS4 from the capability. We must have received the
|
|
|
|
|
* capability now! Otherwise we have a asn16 peer who uses
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
* BGP_AS_TRANS, for some unknown reason.
|
2002-12-13 21:15:29 +01:00
|
|
|
*/
|
2015-08-18 14:41:58 +02:00
|
|
|
if (as4 == BGP_AS_TRANS) {
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_PKT_OPEN,
|
2015-08-18 14:41:58 +02:00
|
|
|
"%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection,
|
|
|
|
|
BGP_NOTIFY_OPEN_ERR,
|
2015-08-18 14:41:58 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
2015-05-20 03:03:52 +02:00
|
|
|
notify_data_remote_as4, 4);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
if (!as4 && BGP_DEBUG(as4, AS4))
|
2015-09-03 15:50:16 +02:00
|
|
|
zlog_debug(
|
2020-03-27 12:35:23 +01:00
|
|
|
"%s [AS4] OPEN remote_as is AS_TRANS, but no AS4. Odd, but proceeding.",
|
2004-05-01 10:44:08 +02:00
|
|
|
peer->host);
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
else if (as4 < BGP_AS_MAX && BGP_DEBUG(as4, AS4))
|
2015-09-03 15:50:16 +02:00
|
|
|
zlog_debug(
|
2020-03-27 12:35:23 +01:00
|
|
|
"%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits in 2-bytes, very odd peer.",
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
peer->host, as4);
|
2017-07-17 14:03:14 +02:00
|
|
|
if (as4)
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
remote_as = as4;
|
2017-07-17 14:03:14 +02:00
|
|
|
} else {
|
2004-05-01 10:44:08 +02:00
|
|
|
/* We may have a partner with AS4 who has an asno < BGP_AS_MAX
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
/* If we have got the capability, peer->as4cap must match
|
|
|
|
|
* remote_as */
|
|
|
|
|
if (CHECK_FLAG(peer->cap, PEER_CAP_AS4_RCV)
|
|
|
|
|
&& as4 != remote_as) {
|
2004-05-01 10:44:08 +02:00
|
|
|
/* raise error, log this, close session */
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_PKT_OPEN,
|
2020-03-27 12:35:23 +01:00
|
|
|
"%s bad OPEN, got AS4 capability, but remote_as %u mismatch with 16bit 'myasn' %u in open",
|
2004-05-01 10:44:08 +02:00
|
|
|
peer->host, as4, remote_as);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection,
|
|
|
|
|
BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 03:03:52 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
|
|
|
|
notify_data_remote_as4, 4);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2014-06-04 06:53:35 +02:00
|
|
|
|
2020-03-22 21:22:47 +01:00
|
|
|
/* rfc6286:
|
|
|
|
|
* If the BGP Identifier field of the OPEN message
|
|
|
|
|
* is zero, or if it is the same as the BGP Identifier
|
|
|
|
|
* of the local BGP speaker and the message is from an
|
|
|
|
|
* internal peer, then the Error Subcode is set to
|
|
|
|
|
* "Bad BGP Identifier".
|
|
|
|
|
*/
|
2020-02-06 07:49:02 +01:00
|
|
|
if (remote_id.s_addr == INADDR_ANY
|
2020-03-22 21:22:47 +01:00
|
|
|
|| (peer->sort == BGP_PEER_IBGP
|
|
|
|
|
&& ntohl(peer->local_id.s_addr) == ntohl(remote_id.s_addr))) {
|
2002-12-13 21:15:29 +01:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2020-10-15 21:33:09 +02:00
|
|
|
zlog_debug("%s bad OPEN, wrong router identifier %pI4",
|
|
|
|
|
peer->host, &remote_id);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
|
|
|
|
|
notify_data_remote_id, 4);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Peer BGP version check. */
|
2015-05-20 02:40:37 +02:00
|
|
|
if (version != BGP_VERSION_4) {
|
2018-03-27 21:13:34 +02:00
|
|
|
uint16_t maxver = htons(BGP_VERSION_4);
|
2015-05-20 02:40:37 +02:00
|
|
|
/* XXX this reply may not be correct if version < 4 XXX */
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2015-09-03 15:50:16 +02:00
|
|
|
zlog_debug(
|
2015-05-20 02:40:37 +02:00
|
|
|
"%s bad protocol version, remote requested %d, local request %d",
|
|
|
|
|
peer->host, version, BGP_VERSION_4);
|
|
|
|
|
/* Data must be in network byte order here */
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 02:40:37 +02:00
|
|
|
BGP_NOTIFY_OPEN_UNSUP_VERSION,
|
2018-03-27 21:13:34 +02:00
|
|
|
(uint8_t *)&maxver, 2);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2015-05-20 02:40:37 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Check neighbor as number. */
|
2015-05-20 02:40:37 +02:00
|
|
|
if (peer->as_type == AS_UNSPECIFIED) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
"%s bad OPEN, remote AS is unspecified currently",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 02:40:37 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
|
|
|
|
notify_data_remote_as, 2);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2015-05-20 02:40:37 +02:00
|
|
|
} else if (peer->as_type == AS_INTERNAL) {
|
2015-05-20 03:04:25 +02:00
|
|
|
if (remote_as != peer->bgp->as) {
|
2015-05-20 02:40:37 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
"%s bad OPEN, remote AS is %u, internal specified",
|
|
|
|
|
peer->host, remote_as);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection,
|
|
|
|
|
BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 02:40:37 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
|
|
|
|
notify_data_remote_as, 2);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2015-05-20 02:40:37 +02:00
|
|
|
}
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->as = peer->local_as;
|
2015-05-20 02:40:37 +02:00
|
|
|
} else if (peer->as_type == AS_EXTERNAL) {
|
|
|
|
|
if (remote_as == peer->bgp->as) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2015-09-03 15:50:16 +02:00
|
|
|
zlog_debug(
|
2015-05-20 02:40:37 +02:00
|
|
|
"%s bad OPEN, remote AS is %u, external specified",
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->host, remote_as);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection,
|
|
|
|
|
BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 02:40:37 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
|
|
|
|
notify_data_remote_as, 2);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2015-05-20 02:40:37 +02:00
|
|
|
}
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->as = remote_as;
|
2002-12-13 21:15:29 +01:00
|
|
|
} else if ((peer->as_type == AS_SPECIFIED) && (remote_as != peer->as)) {
|
2015-05-20 03:04:25 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2009-04-30 15:16:22 +02:00
|
|
|
zlog_debug("%s bad OPEN, remote AS is %u, expected %u",
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->host, remote_as, peer->as);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 03:04:25 +02:00
|
|
|
BGP_NOTIFY_OPEN_BAD_PEER_AS,
|
|
|
|
|
notify_data_remote_as, 2);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2004-05-01 10:44:08 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2021-05-01 01:24:40 +02:00
|
|
|
/*
|
|
|
|
|
* When collision is detected and this peer is closed.
|
|
|
|
|
* Return immediately.
|
|
|
|
|
*/
|
|
|
|
|
ret = bgp_collision_detect(peer, remote_id);
|
|
|
|
|
if (ret < 0)
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
|
|
|
|
|
/* Get sockname. */
|
|
|
|
|
if (bgp_getsockname(peer) < 0) {
|
|
|
|
|
flog_err_sys(EC_LIB_SOCKET,
|
|
|
|
|
"%s: bgp_getsockname() failed for peer: %s",
|
|
|
|
|
__func__, peer->host);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Set remote router-id */
|
|
|
|
|
peer->remote_id = remote_id;
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
|
2015-05-20 03:12:17 +02:00
|
|
|
calculate the value of the Hold Timer by using the smaller of its
|
2002-12-13 21:15:29 +01:00
|
|
|
configured Hold Time and the Hold Time received in the OPEN message.
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
The Hold Time MUST be either zero or at least three seconds. An
|
|
|
|
|
implementation may reject connections on the basis of the Hold Time.
|
|
|
|
|
*/
|
2017-07-17 14:03:14 +02:00
|
|
|
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
if (holdtime < 3 && holdtime != 0) {
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2021-08-14 07:32:40 +02:00
|
|
|
BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
|
|
|
|
|
(uint8_t *)holdtime_ptr, 2);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Send notification message when Hold Time received in the OPEN message
|
|
|
|
|
* is smaller than configured minimum Hold Time. */
|
|
|
|
|
if (holdtime < peer->bgp->default_min_holdtime
|
|
|
|
|
&& peer->bgp->default_min_holdtime != 0) {
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send_with_data(peer->connection, BGP_NOTIFY_OPEN_ERR,
|
2015-05-20 03:03:52 +02:00
|
|
|
BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
|
2018-03-27 21:13:34 +02:00
|
|
|
(uint8_t *)holdtime_ptr, 2);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
[bgpd] Merge AS4 support
2007-10-14 Paul Jakma <paul.jakma@sun.com>
* NEWS: Note that MRT dumps are now version 2
* (general) Merge in Juergen Kammer's AS4 patch.
2007-09-27 Paul Jakma <paul.jakma@sun.com>
* bgp_aspath.c: (assegment_normalise) remove duplicates from
from sets.
(aspath_reconcile_as4) disregard a broken part of the RFC around
error handling in path reconciliation.
* aspath_test.c: Test dupe-weeding from sets.
Test that reconciliation merges AS_PATH and AS4_PATH where
former is shorter than latter.
2007-09-26 Paul Jakma <paul.jakma@sun.com>
* aspath_test.c: Test AS4_PATH reconcilation where length
of AS_PATH and AS4_PATH is same.
2007-09-25 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (peek_for_as4_capability) Fix to work.
* bgp_packet.c: (bgp_open_receive) Fix sanity check of as4.
* tests/bgp_capability_test.c: (general) Extend tests to validate
peek_for_as4_capability.
Add test of full OPEN Option block, with multiple capabilities,
both as a series of Option, and a single option.
Add some crap to beginning of stream, to prevent code depending
on getp == 0.
2007-09-18 Paul Jakma <paul.jakma@sun.com>
* bgp_open.c: (bgp_capability_as4) debug printf inline with others.
(peek_for_as4_capability) There's no need to signal failure, as
failure is better dealt with through full capability parser -
just return the AS4, simpler.
* bgp_packet.c: (bgp_open_receive) Update to match
peek_for_as4_capability change.
Allow use of BGP_AS_TRANS by 2b speakers.
Use NOTIFY_OPEN_ERR rather than CEASE for OPEN parsing errors.
(bgp_capability_msg_parse) missing argument to debug print
(bgp_capability_receive) missing return values.
* tests/bgp_capability_test.c: (parse_test) update for changes to
peek_for_as4_capability
2007-07-25 Paul Jakma <paul.jakma@sun.com>
* Remove 2-byte size macros, just make existing macros take
argument to indicate which size to use.
Adjust all users - typically they want '1'.
* bgp_aspath.c: (aspath_has_as4) New, return 1 if there are any
as4's in a path.
(aspath_put) Return the number of bytes actually written, to
fix the bug Juergen noted: Splitting of segments will change
the number of bytes written from that already written to the
AS_PATH header.
(aspath_snmp_pathseg) Pass 2-byte flag to aspath_put. SNMP
is still defined as 2b.
(aspath_aggregate) fix latent bug.
(aspath_reconcile_as4) AS_PATH+NEW_AS_PATH reconciliation
function.
(aspath_key_make) Hash the AS_PATH string, rather than
just taking the addition of assegment ASes as the hash value,
hopefully sligthly more collision resistant.
(bgp_attr_munge_as4_attrs) Collide the NEW_ attributes
together with the OLD 2-byte forms, code Juergen
had in bgp_attr_parse but re-organised a bit.
(bgp_attr_parse) Bunch of code from Juergen moves
to previous function.
(bgp_packet_attribute) Compact significantly by
just /always/ using extended-length attr header.
Fix bug Juergen noted, by using aspath_put's
(new) returned size value for the attr header rather
than the (guesstimate) of aspath_size() - the two could
differ when aspath_put had to split large segments, unlikely
this bug was ever hit in the 'wild'.
(bgp_dump_routes_attr) Always use extended-len and
use aspath_put return for header length. Output 4b ASN
for AS_PATH and AGGREGATOR.
* bgp_ecommunity.c: (ecommunity_{hash_make,cmp}) fix
hash callback declarations to match prototypes.
(ecommunity_gettoken) Updated for ECOMMUNITY_ENCODE_AS4,
complete rewrite of Juergen's changes (no asdot support)
* bgp_open.c: (bgp_capability_as4) New, does what it says
on the tin.
(peek_for_as4_capability) Rewritten to use streams and
bgp_capability_as4.
* bgp_packet.c: (bgp_open_send) minor edit
checked (in the abstract at least) with Juergen.
Changes are to be more accepting, e.g, allow AS_TRANS on
a 2-byte session.
* (general) Update all commands to use CMD_AS_RANGE.
* bgp_vty.c: (bgp_clear) Fix return vals to use CMD_..
Remove stuff replicated by VTY_GET_LONG
(bgp_clear_vty) Return bgp_clear directly to vty.
* tests/aspath_test.c: Exercise 32bit parsing. Test reconcile
function.
* tests/ecommunity_test.c: New, test AS4 ecommunity changes,
positive test only at this time, error cases not tested yet.
2007-07-25 Juergen Kammer <j.kammer@eurodata.de>
* (general) AS4 support.
* bgpd.h: as_t changes to 4-bytes.
* bgp_aspath.h: Add BGP_AS4_MAX and BGP_AS_TRANS defines.
* bgp_aspath.c: AS_VALUE_SIZE becomes 4-byte, AS16_VALUE_SIZE
added for 2-byte.
Add AS16 versions of length calc macros.
(aspath_count_numas) New, count number of ASes.
(aspath_has_as4) New, return 1 if there are any as4's in a
path.
(assegments_parse) Interpret assegment as 4 or 2 byte,
according to how the caller instructs us, with a new
argument.
(aspath_parse) Add use32bit argument to pass to
assegments_parse. Adjust all its callers to pass 1, unless
otherwise noted.
(assegment_data_put) Adjust to be able to write 2 or 4 byte
AS, according to new use32bit argument.
(aspath_put) Adjust to write 2 or 4.
(aspath_gettoken) Use a long for passed in asno.
* bgp_attr.c: (attr_str) Add BGP_ATTR_AS4_PATH and
BGP_ATTR_AS4_AGGREGATOR.
(bgp_attr_aspath) Call aspath_parse with right 2/4 arg, as
determined by received-capability flag.
(bgp_attr_aspath_check) New, code previously in attr_aspath
but moved to new func so it can be run after NEW_AS_PATH
reconciliation.
(bgp_attr_as4_path) New, handle NEW_AS_PATH.
(bgp_attr_aggregator) Adjust to cope with 2/4 byte ASes.
(bgp_attr_as4_aggregator) New, read NEW_AGGREGATOR.
(bgp_attr_parse) Add handoffs to previous parsers for the two
new AS4 NEW_ attributes.
Various checks added for NEW/OLD reconciliation.
(bgp_packet_attribute) Support 2/4 for AS_PATH and
AGGREGATOR, detect when NEW_ attrs need to be sent.
* bgp_debug.{c,h}: Add 'debug bgp as4'.
* bgp_dump.c: MRTv2 support, unconditionally enabled, which
supports AS4. Based on patches from Erik (RIPE?).
* bgp_ecommunity.c: (ecommunity_ecom2str) ECOMMUNITY_ENCODE_AS4
support.
* bgp_open.c: (peek_for_as4_capability) New, peek for AS4
capability prior to full capability parsing, so we know which
ASN to use for struct peer lookup.
(bgp_open_capability) Always send AS4 capability.
* bgp_packet.c: (bgp_open_send) AS4 handling for AS field
(bgp_open_receive) Peek for AS4 capability first, and figure
out which AS to believe.
* bgp_vty.c: (bgp_show_peer) Print AS4 cap
* tests/aspath_test.c: Support asn32 changes, call aspath_parse
with 16 bit.
* vtysh/extract.pl: AS4 compatibility for router bgp ASNUMBER
* vtysh/extract.pl.in: AS4 compatibility for router bgp ASNUMBER
* vtysh/vtysh.c: AS4 compatibility for router bgp ASNUMBER
2007-10-15 00:32:21 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* From the rfc: A reasonable maximum time between KEEPALIVE messages
|
2015-05-20 03:03:56 +02:00
|
|
|
would be one third of the Hold Time interval. KEEPALIVE messages
|
|
|
|
|
MUST NOT be sent more frequently than one per second. An
|
|
|
|
|
implementation MAY adjust the rate at which it sends KEEPALIVE
|
2015-05-20 02:58:12 +02:00
|
|
|
messages as a function of the Hold Time interval. */
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2018-06-13 02:34:43 +02:00
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER))
|
2002-12-13 21:15:29 +01:00
|
|
|
send_holdtime = peer->holdtime;
|
2012-12-07 22:25:00 +01:00
|
|
|
else
|
2002-12-13 21:15:29 +01:00
|
|
|
send_holdtime = peer->bgp->default_holdtime;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2012-12-07 22:25:00 +01:00
|
|
|
if (holdtime < send_holdtime)
|
|
|
|
|
peer->v_holdtime = holdtime;
|
|
|
|
|
else
|
2002-12-13 21:15:29 +01:00
|
|
|
peer->v_holdtime = send_holdtime;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2020-09-23 20:16:50 +02:00
|
|
|
/* Set effective keepalive to 1/3 the effective holdtime.
|
|
|
|
|
* Use configured keeplive when < effective keepalive.
|
|
|
|
|
*/
|
|
|
|
|
peer->v_keepalive = peer->v_holdtime / 3;
|
|
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_TIMER)) {
|
|
|
|
|
if (peer->keepalive && peer->keepalive < peer->v_keepalive)
|
|
|
|
|
peer->v_keepalive = peer->keepalive;
|
|
|
|
|
} else {
|
|
|
|
|
if (peer->bgp->default_keepalive
|
|
|
|
|
&& peer->bgp->default_keepalive < peer->v_keepalive)
|
|
|
|
|
peer->v_keepalive = peer->bgp->default_keepalive;
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Add BGP Software Version Capability
Implement: https://datatracker.ietf.org/doc/html/draft-abraitis-bgp-version-capability
Tested with GoBGP:
```
% ./gobgp neighbor 192.168.10.124
BGP neighbor is 192.168.10.124, remote AS 65001
BGP version 4, remote router ID 200.200.200.202
BGP state = ESTABLISHED, up for 00:01:49
BGP OutQ = 0, Flops = 0
Hold time is 3, keepalive interval is 1 seconds
Configured hold time is 90, keepalive interval is 30 seconds
Neighbor capabilities:
multiprotocol:
ipv4-unicast: advertised and received
ipv6-unicast: advertised
route-refresh: advertised and received
extended-nexthop: advertised
Local: nlri: ipv4-unicast, nexthop: ipv6
UnknownCapability(6): received
UnknownCapability(9): received
graceful-restart: advertised and received
Local: restart time 10 sec
ipv6-unicast
ipv4-unicast
Remote: restart time 120 sec, notification flag set
ipv4-unicast, forward flag set
4-octet-as: advertised and received
add-path: received
Remote:
ipv4-unicast: receive
enhanced-route-refresh: received
long-lived-graceful-restart: advertised and received
Local:
ipv6-unicast, restart time 10 sec
ipv4-unicast, restart time 20 sec
Remote:
ipv4-unicast, restart time 0 sec, forward flag set
fqdn: advertised and received
Local:
name: donatas-pc, domain:
Remote:
name: spine1-debian-11, domain:
software-version: advertised and received
Local:
GoBGP/3.10.0
Remote:
FRRouting/8.5-dev-MyOwnFRRVersion-gdc92f44a45-dirt
cisco-route-refresh: received
Message statistics:
```
FRR side:
```
root@spine1-debian-11:~# vtysh -c 'show bgp neighbor 192.168.10.17 json' | \
> jq '."192.168.10.17".neighborCapabilities.softwareVersion.receivedSoftwareVersion'
"GoBGP/3.10.0"
root@spine1-debian-11:~#
```
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-02-25 08:00:23 +01:00
|
|
|
/* If another side disabled sending Software Version capability,
|
|
|
|
|
* we MUST drop the previous from showing in the outputs to avoid
|
|
|
|
|
* stale information and due to security reasons.
|
|
|
|
|
*/
|
|
|
|
|
if (peer->soft_version)
|
|
|
|
|
XFREE(MTYPE_BGP_SOFT_VERSION, peer->soft_version);
|
|
|
|
|
|
2015-09-03 15:50:16 +02:00
|
|
|
/* Open option part parse. */
|
|
|
|
|
if (optlen != 0) {
|
2020-02-24 14:29:15 +01:00
|
|
|
if (bgp_open_option_parse(peer, optlen, &mp_capability) < 0)
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2015-09-03 15:50:16 +02:00
|
|
|
} else {
|
2015-05-20 03:04:25 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug("%s rcvd OPEN w/ OPTION parameter len: 0",
|
|
|
|
|
peer->host);
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
|
|
|
|
/*
|
2015-05-20 03:04:25 +02:00
|
|
|
* Assume that the peer supports the locally configured set of
|
|
|
|
|
* AFI/SAFIs if the peer did not send us any Mulitiprotocol
|
|
|
|
|
* capabilities, or if 'override-capability' is configured.
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
2015-05-20 03:04:25 +02:00
|
|
|
if (!mp_capability
|
|
|
|
|
|| CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY)) {
|
2002-12-13 21:15:29 +01:00
|
|
|
peer->afc_nego[AFI_IP][SAFI_UNICAST] =
|
|
|
|
|
peer->afc[AFI_IP][SAFI_UNICAST];
|
|
|
|
|
peer->afc_nego[AFI_IP][SAFI_MULTICAST] =
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->afc[AFI_IP][SAFI_MULTICAST];
|
2017-03-09 15:54:20 +01:00
|
|
|
peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST] =
|
|
|
|
|
peer->afc[AFI_IP][SAFI_LABELED_UNICAST];
|
2017-01-23 03:45:30 +01:00
|
|
|
peer->afc_nego[AFI_IP][SAFI_FLOWSPEC] =
|
|
|
|
|
peer->afc[AFI_IP][SAFI_FLOWSPEC];
|
2002-12-13 21:15:29 +01:00
|
|
|
peer->afc_nego[AFI_IP6][SAFI_UNICAST] =
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->afc[AFI_IP6][SAFI_UNICAST];
|
|
|
|
|
peer->afc_nego[AFI_IP6][SAFI_MULTICAST] =
|
|
|
|
|
peer->afc[AFI_IP6][SAFI_MULTICAST];
|
|
|
|
|
peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST] =
|
|
|
|
|
peer->afc[AFI_IP6][SAFI_LABELED_UNICAST];
|
2017-05-15 23:28:38 +02:00
|
|
|
peer->afc_nego[AFI_L2VPN][SAFI_EVPN] =
|
2015-05-20 03:04:25 +02:00
|
|
|
peer->afc[AFI_L2VPN][SAFI_EVPN];
|
2017-01-23 03:45:30 +01:00
|
|
|
peer->afc_nego[AFI_IP6][SAFI_FLOWSPEC] =
|
|
|
|
|
peer->afc[AFI_IP6][SAFI_FLOWSPEC];
|
2015-05-20 03:04:25 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2012-02-19 19:19:52 +01:00
|
|
|
/* Verify valid local address present based on negotiated
|
|
|
|
|
* address-families. */
|
2002-12-13 21:15:29 +01:00
|
|
|
if (peer->afc_nego[AFI_IP][SAFI_UNICAST]
|
2017-07-18 14:54:50 +02:00
|
|
|
|| peer->afc_nego[AFI_IP][SAFI_LABELED_UNICAST]
|
2002-12-13 21:15:29 +01:00
|
|
|
|| peer->afc_nego[AFI_IP][SAFI_MULTICAST]
|
|
|
|
|
|| peer->afc_nego[AFI_IP][SAFI_MPLS_VPN]
|
2017-03-09 15:54:20 +01:00
|
|
|
|| peer->afc_nego[AFI_IP][SAFI_ENCAP]) {
|
2020-02-06 07:49:02 +01:00
|
|
|
if (peer->nexthop.v4.s_addr == INADDR_ANY) {
|
2015-05-20 02:40:37 +02:00
|
|
|
#if defined(HAVE_CUMULUS)
|
2020-11-20 14:00:08 +01:00
|
|
|
zlog_warn("%s: No local IPv4 addr, BGP routing may not work",
|
|
|
|
|
peer->host);
|
2016-09-09 17:02:54 +02:00
|
|
|
#endif
|
2015-08-29 20:40:32 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (peer->afc_nego[AFI_IP6][SAFI_UNICAST]
|
2017-07-18 14:54:50 +02:00
|
|
|
|| peer->afc_nego[AFI_IP6][SAFI_LABELED_UNICAST]
|
2016-06-11 20:36:42 +02:00
|
|
|
|| peer->afc_nego[AFI_IP6][SAFI_MULTICAST]
|
2016-01-12 19:42:02 +01:00
|
|
|
|| peer->afc_nego[AFI_IP6][SAFI_MPLS_VPN]
|
|
|
|
|
|| peer->afc_nego[AFI_IP6][SAFI_ENCAP]) {
|
2023-08-03 03:15:02 +02:00
|
|
|
if (IN6_IS_ADDR_UNSPECIFIED(&peer->nexthop.v6_global) &&
|
|
|
|
|
!bm->v6_with_v4_nexthops) {
|
|
|
|
|
flog_err(EC_BGP_SND_FAIL,
|
|
|
|
|
"%s: No local IPv6 address, and zebra does not support V6 routing with v4 nexthops, BGP routing for V6 will not work",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2023-08-03 03:15:02 +02:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
|
|
|
|
return BGP_Stop;
|
2015-08-29 20:40:32 +02:00
|
|
|
}
|
|
|
|
|
}
|
2021-08-10 05:43:46 +02:00
|
|
|
peer->rtt = sockopt_tcp_rtt(peer->connection->fd);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
return Receive_OPEN_message;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Process BGP KEEPALIVE message for peer.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
|
|
|
|
*/
|
|
|
|
|
static int bgp_keepalive_receive(struct peer *peer, bgp_size_t size)
|
bgpd: bgpd-update-delay.patch
COMMAND:
'update-delay <max-delay in seconds> [<establish-wait in seconds>]'
DESCRIPTION:
This feature is used to enable read-only mode on BGP process restart or when
BGP process is cleared using 'clear ip bgp *'. When applicable, read-only mode
would begin as soon as the first peer reaches Established state and a timer
for <max-delay> seconds is started.
During this mode BGP doesn't run any best-path or generate any updates to its
peers. This mode continues until:
1. All the configured peers, except the shutdown peers, have sent explicit EOR
(End-Of-RIB) or an implicit-EOR. The first keep-alive after BGP has reached
Established is considered an implicit-EOR.
If the <establish-wait> optional value is given, then BGP will wait for
peers to reach establish from the begining of the update-delay till the
establish-wait period is over, i.e. the minimum set of established peers for
which EOR is expected would be peers established during the establish-wait
window, not necessarily all the configured neighbors.
2. max-delay period is over.
On hitting any of the above two conditions, BGP resumes the decision process
and generates updates to its peers.
Default <max-delay> is 0, i.e. the feature is off by default.
This feature can be useful in reducing CPU/network used as BGP restarts/clears.
Particularly useful in the topologies where BGP learns a prefix from many peers.
Intermediate bestpaths are possible for the same prefix as peers get established
and start receiving updates at different times. This feature should offer a
value-add if the network has a high number of such prefixes.
IMPLEMENTATION OBJECTIVES:
Given this is an optional feature, minimized the code-churn. Used existing
constructs wherever possible (existing queue-plug/unplug were used to achieve
delay and resume of best-paths/update-generation). As a result, no new
data-structure(s) had to be defined and allocated. When the feature is disabled,
the new node is not exercised for the most part.
Signed-off-by: Vipin Kumar <vipin@cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Dinesh Dutt <ddutt@cumulusnetworks.com>
2015-05-20 02:40:33 +02:00
|
|
|
{
|
2017-06-10 03:01:56 +02:00
|
|
|
if (bgp_debug_keepalive(peer))
|
|
|
|
|
zlog_debug("%s KEEPALIVE rcvd", peer->host);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
bgp_update_implicit_eors(peer);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-08-10 05:43:46 +02:00
|
|
|
peer->rtt = sockopt_tcp_rtt(peer->connection->fd);
|
2020-07-25 08:10:15 +02:00
|
|
|
|
2020-07-25 08:10:56 +02:00
|
|
|
/* If the peer's RTT is higher than expected, shutdown
|
|
|
|
|
* the peer automatically.
|
|
|
|
|
*/
|
2022-11-04 14:40:52 +01:00
|
|
|
if (!CHECK_FLAG(peer->flags, PEER_FLAG_RTT_SHUTDOWN))
|
|
|
|
|
return Receive_KEEPALIVE_message;
|
2020-07-25 08:10:56 +02:00
|
|
|
|
2022-11-04 14:40:52 +01:00
|
|
|
if (peer->rtt > peer->rtt_expected) {
|
2020-07-25 08:10:56 +02:00
|
|
|
peer->rtt_keepalive_rcv++;
|
|
|
|
|
|
|
|
|
|
if (peer->rtt_keepalive_rcv > peer->rtt_keepalive_conf) {
|
2022-11-04 14:40:52 +01:00
|
|
|
char rtt_shutdown_reason[BUFSIZ] = {};
|
|
|
|
|
|
|
|
|
|
snprintfrr(
|
|
|
|
|
rtt_shutdown_reason,
|
|
|
|
|
sizeof(rtt_shutdown_reason),
|
|
|
|
|
"shutdown due to high round-trip-time (%dms > %dms, hit %u times)",
|
|
|
|
|
peer->rtt, peer->rtt_expected,
|
|
|
|
|
peer->rtt_keepalive_rcv);
|
|
|
|
|
zlog_warn("%s %s", peer->host, rtt_shutdown_reason);
|
|
|
|
|
SET_FLAG(peer->sflags, PEER_STATUS_RTT_SHUTDOWN);
|
|
|
|
|
peer_tx_shutdown_message_set(peer, rtt_shutdown_reason);
|
2020-07-25 08:10:56 +02:00
|
|
|
peer_flag_set(peer, PEER_FLAG_SHUTDOWN);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (peer->rtt_keepalive_rcv)
|
|
|
|
|
peer->rtt_keepalive_rcv--;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
return Receive_KEEPALIVE_message;
|
bgpd: bgpd-update-delay.patch
COMMAND:
'update-delay <max-delay in seconds> [<establish-wait in seconds>]'
DESCRIPTION:
This feature is used to enable read-only mode on BGP process restart or when
BGP process is cleared using 'clear ip bgp *'. When applicable, read-only mode
would begin as soon as the first peer reaches Established state and a timer
for <max-delay> seconds is started.
During this mode BGP doesn't run any best-path or generate any updates to its
peers. This mode continues until:
1. All the configured peers, except the shutdown peers, have sent explicit EOR
(End-Of-RIB) or an implicit-EOR. The first keep-alive after BGP has reached
Established is considered an implicit-EOR.
If the <establish-wait> optional value is given, then BGP will wait for
peers to reach establish from the begining of the update-delay till the
establish-wait period is over, i.e. the minimum set of established peers for
which EOR is expected would be peers established during the establish-wait
window, not necessarily all the configured neighbors.
2. max-delay period is over.
On hitting any of the above two conditions, BGP resumes the decision process
and generates updates to its peers.
Default <max-delay> is 0, i.e. the feature is off by default.
This feature can be useful in reducing CPU/network used as BGP restarts/clears.
Particularly useful in the topologies where BGP learns a prefix from many peers.
Intermediate bestpaths are possible for the same prefix as peers get established
and start receiving updates at different times. This feature should offer a
value-add if the network has a high number of such prefixes.
IMPLEMENTATION OBJECTIVES:
Given this is an optional feature, minimized the code-churn. Used existing
constructs wherever possible (existing queue-plug/unplug were used to achieve
delay and resume of best-paths/update-generation). As a result, no new
data-structure(s) had to be defined and allocated. When the feature is disabled,
the new node is not exercised for the most part.
Signed-off-by: Vipin Kumar <vipin@cumulusnetworks.com>
Reviewed-by: Pradosh Mohapatra <pmohapat@cumulusnetworks.com>
Dinesh Dutt <ddutt@cumulusnetworks.com>
2015-05-20 02:40:33 +02:00
|
|
|
}
|
|
|
|
|
|
2022-03-01 22:18:12 +01:00
|
|
|
static void bgp_refresh_stalepath_timer_expire(struct event *thread)
|
2020-10-01 22:08:06 +02:00
|
|
|
{
|
|
|
|
|
struct peer_af *paf;
|
|
|
|
|
|
2022-12-25 16:26:52 +01:00
|
|
|
paf = EVENT_ARG(thread);
|
2020-10-01 22:08:06 +02:00
|
|
|
|
|
|
|
|
afi_t afi = paf->afi;
|
|
|
|
|
safi_t safi = paf->safi;
|
|
|
|
|
struct peer *peer = paf->peer;
|
|
|
|
|
|
|
|
|
|
peer->t_refresh_stalepath = NULL;
|
|
|
|
|
|
|
|
|
|
if (peer->nsf[afi][safi])
|
|
|
|
|
bgp_clear_stale_route(peer, afi, safi);
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2022-03-22 20:45:47 +01:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP route-refresh (BoRR) timer expired for afi/safi: %d/%d",
|
|
|
|
|
peer, afi, safi);
|
2020-10-01 22:08:06 +02:00
|
|
|
|
2023-08-27 02:56:20 +02:00
|
|
|
bgp_timer_set(peer->connection);
|
2020-10-01 22:08:06 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Process BGP UPDATE message for peer.
|
|
|
|
|
*
|
|
|
|
|
* Parses UPDATE and creates attribute object.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
2016-09-05 11:07:25 +02:00
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
static int bgp_update_receive(struct peer *peer, bgp_size_t size)
|
|
|
|
|
{
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
int ret, nlri_ret;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t *end;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct stream *s;
|
|
|
|
|
struct attr attr;
|
|
|
|
|
bgp_size_t attribute_len;
|
|
|
|
|
bgp_size_t update_len;
|
|
|
|
|
bgp_size_t withdraw_len;
|
2019-10-23 20:14:51 +02:00
|
|
|
bool restart = false;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
enum NLRI_TYPES {
|
|
|
|
|
NLRI_UPDATE,
|
|
|
|
|
NLRI_WITHDRAW,
|
|
|
|
|
NLRI_MP_UPDATE,
|
|
|
|
|
NLRI_MP_WITHDRAW,
|
|
|
|
|
NLRI_TYPE_MAX
|
|
|
|
|
};
|
|
|
|
|
struct bgp_nlri nlris[NLRI_TYPE_MAX];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Status must be Established. */
|
2021-06-07 15:39:10 +02:00
|
|
|
if (!peer_established(peer)) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_INVALID_STATUS,
|
2018-09-13 21:38:57 +02:00
|
|
|
"%s [FSM] Update packet received under status %s",
|
|
|
|
|
peer->host,
|
2021-08-10 05:43:46 +02:00
|
|
|
lookup_msg(bgp_status_msg, peer->connection->status,
|
2021-06-03 23:13:52 +02:00
|
|
|
NULL));
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_FSM_ERR,
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_fsm_error_subcode(peer->connection->status));
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Set initial values. */
|
2022-05-11 12:16:44 +02:00
|
|
|
memset(&attr, 0, sizeof(attr));
|
2017-06-06 19:20:38 +02:00
|
|
|
attr.label_index = BGP_INVALID_LABEL_INDEX;
|
|
|
|
|
attr.label = MPLS_INVALID_LABEL;
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
memset(&nlris, 0, sizeof(nlris));
|
2015-05-20 02:58:12 +02:00
|
|
|
memset(peer->rcvd_attr_str, 0, BUFSIZ);
|
|
|
|
|
peer->rcvd_attr_printed = 0;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-05-02 02:37:45 +02:00
|
|
|
s = peer->curr;
|
2002-12-13 21:15:29 +01:00
|
|
|
end = stream_pnt(s) + size;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
|
|
|
|
|
Length is too large (i.e., if Unfeasible Routes Length + Total
|
|
|
|
|
Attribute Length + 23 exceeds the message Length), then the Error
|
|
|
|
|
Subcode is set to Malformed Attribute List. */
|
|
|
|
|
if (stream_pnt(s) + 2 > end) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_UPDATE_RCV,
|
2020-03-27 12:35:23 +01:00
|
|
|
"%s [Error] Update packet error (packet length is short for unfeasible length)",
|
2018-09-13 21:38:57 +02:00
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_UPDATE_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_UPDATE_MAL_ATTR);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Unfeasible Route Length. */
|
|
|
|
|
withdraw_len = stream_getw(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Unfeasible Route Length check. */
|
|
|
|
|
if (stream_pnt(s) + withdraw_len > end) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_UPDATE_RCV,
|
2020-03-27 12:35:23 +01:00
|
|
|
"%s [Error] Update packet error (packet unfeasible length overflow %d)",
|
2018-09-13 21:38:57 +02:00
|
|
|
peer->host, withdraw_len);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_UPDATE_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_UPDATE_MAL_ATTR);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Unfeasible Route packet format check. */
|
|
|
|
|
if (withdraw_len > 0) {
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
nlris[NLRI_WITHDRAW].afi = AFI_IP;
|
|
|
|
|
nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
|
|
|
|
|
nlris[NLRI_WITHDRAW].nlri = stream_pnt(s);
|
|
|
|
|
nlris[NLRI_WITHDRAW].length = withdraw_len;
|
2005-02-09 16:51:56 +01:00
|
|
|
stream_forward_getp(s, withdraw_len);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Attribute total length check. */
|
|
|
|
|
if (stream_pnt(s) + 2 > end) {
|
2018-08-24 18:26:43 +02:00
|
|
|
flog_warn(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_UPDATE_PACKET_SHORT,
|
2018-08-24 18:26:43 +02:00
|
|
|
"%s [Error] Packet Error (update packet is short for attribute length)",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_UPDATE_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_UPDATE_MAL_ATTR);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Fetch attribute total length. */
|
|
|
|
|
attribute_len = stream_getw(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Attribute length check. */
|
|
|
|
|
if (stream_pnt(s) + attribute_len > end) {
|
2018-08-24 18:26:43 +02:00
|
|
|
flog_warn(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_UPDATE_PACKET_LONG,
|
2018-08-24 18:26:43 +02:00
|
|
|
"%s [Error] Packet Error (update packet attribute length overflow %d)",
|
|
|
|
|
peer->host, attribute_len);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_UPDATE_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_UPDATE_MAL_ATTR);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Implement revised error handling for partial optional/trans. attributes
* BGP error handling generally boils down to "reset session". This was fine
when all BGP speakers pretty much understood all BGP messages. However
the increasing deployment of new attribute types has shown this approach
to cause problems, in particular where a new attribute type is "tunneled"
over some speakers which do not understand it, and then arrives at a speaker
which does but considers it malformed (e.g. corruption along the way, or
because of early implementation bugs/interop issues).
To mitigate this drafts before the IDR (likely to be adopted) propose to
treat errors in partial (i.e. not understood by neighbour), optional
transitive attributes, when received from eBGP peers, as withdrawing only
the NLRIs in the affected UPDATE, rather than causing the entire session
to be reset. See:
http://tools.ietf.org/html/draft-scudder-idr-optional-transitive
* bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length
OR an error" return value with an error code - instead taking
pointer to result structure as arg.
(aspath_parse) adjust to suit previous change, but here NULL really
does mean error in the external interface.
* bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated
value to indicate return result.
(bgp_attr_unintern_sub) cleans up just the members of an attr, but not the
attr itself, for benefit of those who use a stack-local attr.
* bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern
(bgp_attr_unintern) as previous.
(bgp_attr_malformed) helper function to centralise decisions on how to
handle errors in attributes.
(bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed.
(bgp_attr_aspathlimit) Subcode for error specifc to this attr should be
BGP_NOTIFY_UPDATE_OPT_ATTR_ERR.
(bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path.
(bgp_attr_parse) Adjust to deal with the additional error level that
bgp_attr_ parsers can raise, and also similarly return appropriate
error back up to (bgp_update_receive). Try to avoid leaking as4_path.
* bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW
error level from bgp_attr_parse, which should lead to a withdraw, by
making the attribute parameter in call to (bgp_nlri_parse) conditional
on the error, so the update case morphs also into a withdraw.
Use bgp_attr_unintern_sub from above, instead of doing this itself.
Fix error case returns which were not calling bgp_attr_unintern_sub
and probably leaking memory.
* tests/aspath_test.c: Fix to work for null return with bad segments
2010-11-23 17:35:42 +01:00
|
|
|
/* Certain attribute parsing errors should not be considered bad enough
|
|
|
|
|
* to reset the session for, most particularly any partial/optional
|
|
|
|
|
* attributes that have 'tunneled' over speakers that don't understand
|
|
|
|
|
* them. Instead we withdraw only the prefix concerned.
|
|
|
|
|
*
|
|
|
|
|
* Complicates the flow a little though..
|
|
|
|
|
*/
|
2022-04-12 10:40:11 +02:00
|
|
|
enum bgp_attr_parse_ret attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
|
bgpd: Implement revised error handling for partial optional/trans. attributes
* BGP error handling generally boils down to "reset session". This was fine
when all BGP speakers pretty much understood all BGP messages. However
the increasing deployment of new attribute types has shown this approach
to cause problems, in particular where a new attribute type is "tunneled"
over some speakers which do not understand it, and then arrives at a speaker
which does but considers it malformed (e.g. corruption along the way, or
because of early implementation bugs/interop issues).
To mitigate this drafts before the IDR (likely to be adopted) propose to
treat errors in partial (i.e. not understood by neighbour), optional
transitive attributes, when received from eBGP peers, as withdrawing only
the NLRIs in the affected UPDATE, rather than causing the entire session
to be reset. See:
http://tools.ietf.org/html/draft-scudder-idr-optional-transitive
* bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length
OR an error" return value with an error code - instead taking
pointer to result structure as arg.
(aspath_parse) adjust to suit previous change, but here NULL really
does mean error in the external interface.
* bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated
value to indicate return result.
(bgp_attr_unintern_sub) cleans up just the members of an attr, but not the
attr itself, for benefit of those who use a stack-local attr.
* bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern
(bgp_attr_unintern) as previous.
(bgp_attr_malformed) helper function to centralise decisions on how to
handle errors in attributes.
(bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed.
(bgp_attr_aspathlimit) Subcode for error specifc to this attr should be
BGP_NOTIFY_UPDATE_OPT_ATTR_ERR.
(bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path.
(bgp_attr_parse) Adjust to deal with the additional error level that
bgp_attr_ parsers can raise, and also similarly return appropriate
error back up to (bgp_update_receive). Try to avoid leaking as4_path.
* bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW
error level from bgp_attr_parse, which should lead to a withdraw, by
making the attribute parameter in call to (bgp_nlri_parse) conditional
on the error, so the update case morphs also into a withdraw.
Use bgp_attr_unintern_sub from above, instead of doing this itself.
Fix error case returns which were not calling bgp_attr_unintern_sub
and probably leaking memory.
* tests/aspath_test.c: Fix to work for null return with bad segments
2010-11-23 17:35:42 +01:00
|
|
|
/* This define morphs the update case into a withdraw when lower levels
|
|
|
|
|
* have signalled an error condition where this is best.
|
|
|
|
|
*/
|
|
|
|
|
#define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
|
2002-12-13 21:15:29 +01:00
|
|
|
|
|
|
|
|
/* Parse attribute when it exists. */
|
|
|
|
|
if (attribute_len) {
|
bgpd: Implement revised error handling for partial optional/trans. attributes
* BGP error handling generally boils down to "reset session". This was fine
when all BGP speakers pretty much understood all BGP messages. However
the increasing deployment of new attribute types has shown this approach
to cause problems, in particular where a new attribute type is "tunneled"
over some speakers which do not understand it, and then arrives at a speaker
which does but considers it malformed (e.g. corruption along the way, or
because of early implementation bugs/interop issues).
To mitigate this drafts before the IDR (likely to be adopted) propose to
treat errors in partial (i.e. not understood by neighbour), optional
transitive attributes, when received from eBGP peers, as withdrawing only
the NLRIs in the affected UPDATE, rather than causing the entire session
to be reset. See:
http://tools.ietf.org/html/draft-scudder-idr-optional-transitive
* bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length
OR an error" return value with an error code - instead taking
pointer to result structure as arg.
(aspath_parse) adjust to suit previous change, but here NULL really
does mean error in the external interface.
* bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated
value to indicate return result.
(bgp_attr_unintern_sub) cleans up just the members of an attr, but not the
attr itself, for benefit of those who use a stack-local attr.
* bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern
(bgp_attr_unintern) as previous.
(bgp_attr_malformed) helper function to centralise decisions on how to
handle errors in attributes.
(bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed.
(bgp_attr_aspathlimit) Subcode for error specifc to this attr should be
BGP_NOTIFY_UPDATE_OPT_ATTR_ERR.
(bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path.
(bgp_attr_parse) Adjust to deal with the additional error level that
bgp_attr_ parsers can raise, and also similarly return appropriate
error back up to (bgp_update_receive). Try to avoid leaking as4_path.
* bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW
error level from bgp_attr_parse, which should lead to a withdraw, by
making the attribute parameter in call to (bgp_nlri_parse) conditional
on the error, so the update case morphs also into a withdraw.
Use bgp_attr_unintern_sub from above, instead of doing this itself.
Fix error case returns which were not calling bgp_attr_unintern_sub
and probably leaking memory.
* tests/aspath_test.c: Fix to work for null return with bad segments
2010-11-23 17:35:42 +01:00
|
|
|
attr_parse_ret = bgp_attr_parse(peer, &attr, attribute_len,
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
&nlris[NLRI_MP_UPDATE],
|
|
|
|
|
&nlris[NLRI_MP_WITHDRAW]);
|
bgpd: Implement revised error handling for partial optional/trans. attributes
* BGP error handling generally boils down to "reset session". This was fine
when all BGP speakers pretty much understood all BGP messages. However
the increasing deployment of new attribute types has shown this approach
to cause problems, in particular where a new attribute type is "tunneled"
over some speakers which do not understand it, and then arrives at a speaker
which does but considers it malformed (e.g. corruption along the way, or
because of early implementation bugs/interop issues).
To mitigate this drafts before the IDR (likely to be adopted) propose to
treat errors in partial (i.e. not understood by neighbour), optional
transitive attributes, when received from eBGP peers, as withdrawing only
the NLRIs in the affected UPDATE, rather than causing the entire session
to be reset. See:
http://tools.ietf.org/html/draft-scudder-idr-optional-transitive
* bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length
OR an error" return value with an error code - instead taking
pointer to result structure as arg.
(aspath_parse) adjust to suit previous change, but here NULL really
does mean error in the external interface.
* bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated
value to indicate return result.
(bgp_attr_unintern_sub) cleans up just the members of an attr, but not the
attr itself, for benefit of those who use a stack-local attr.
* bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern
(bgp_attr_unintern) as previous.
(bgp_attr_malformed) helper function to centralise decisions on how to
handle errors in attributes.
(bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed.
(bgp_attr_aspathlimit) Subcode for error specifc to this attr should be
BGP_NOTIFY_UPDATE_OPT_ATTR_ERR.
(bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path.
(bgp_attr_parse) Adjust to deal with the additional error level that
bgp_attr_ parsers can raise, and also similarly return appropriate
error back up to (bgp_update_receive). Try to avoid leaking as4_path.
* bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW
error level from bgp_attr_parse, which should lead to a withdraw, by
making the attribute parameter in call to (bgp_nlri_parse) conditional
on the error, so the update case morphs also into a withdraw.
Use bgp_attr_unintern_sub from above, instead of doing this itself.
Fix error case returns which were not calling bgp_attr_unintern_sub
and probably leaking memory.
* tests/aspath_test.c: Fix to work for null return with bad segments
2010-11-23 17:35:42 +01:00
|
|
|
if (attr_parse_ret == BGP_ATTR_PARSE_ERROR) {
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
bgp_attr_unintern_sub(&attr);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Logging the attribute. */
|
2015-05-20 02:58:12 +02:00
|
|
|
if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
|
|
|
|
|
|| BGP_DEBUG(update, UPDATE_IN)
|
2014-06-04 01:00:51 +02:00
|
|
|
|| BGP_DEBUG(update, UPDATE_PREFIX)) {
|
2020-08-18 20:43:07 +02:00
|
|
|
ret = bgp_dump_attr(&attr, peer->rcvd_attr_str,
|
|
|
|
|
sizeof(peer->rcvd_attr_str));
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2019-04-24 21:40:50 +02:00
|
|
|
peer->stat_upd_7606++;
|
|
|
|
|
|
bgpd: Implement revised error handling for partial optional/trans. attributes
* BGP error handling generally boils down to "reset session". This was fine
when all BGP speakers pretty much understood all BGP messages. However
the increasing deployment of new attribute types has shown this approach
to cause problems, in particular where a new attribute type is "tunneled"
over some speakers which do not understand it, and then arrives at a speaker
which does but considers it malformed (e.g. corruption along the way, or
because of early implementation bugs/interop issues).
To mitigate this drafts before the IDR (likely to be adopted) propose to
treat errors in partial (i.e. not understood by neighbour), optional
transitive attributes, when received from eBGP peers, as withdrawing only
the NLRIs in the affected UPDATE, rather than causing the entire session
to be reset. See:
http://tools.ietf.org/html/draft-scudder-idr-optional-transitive
* bgp_aspath.c: (assegments_parse) Replace the "NULL means valid, 0-length
OR an error" return value with an error code - instead taking
pointer to result structure as arg.
(aspath_parse) adjust to suit previous change, but here NULL really
does mean error in the external interface.
* bgp_attr.h (bgp_attr_parse) use an explictly typed and enumerated
value to indicate return result.
(bgp_attr_unintern_sub) cleans up just the members of an attr, but not the
attr itself, for benefit of those who use a stack-local attr.
* bgp_attr.c: (bgp_attr_unintern_sub) split out from bgp_attr_unintern
(bgp_attr_unintern) as previous.
(bgp_attr_malformed) helper function to centralise decisions on how to
handle errors in attributes.
(bgp_attr_{aspathlimit,origin,etc..}) Use bgp_attr_malformed.
(bgp_attr_aspathlimit) Subcode for error specifc to this attr should be
BGP_NOTIFY_UPDATE_OPT_ATTR_ERR.
(bgp_attr_as4_path) be more rigorous about checks, ala bgp_attr_as_path.
(bgp_attr_parse) Adjust to deal with the additional error level that
bgp_attr_ parsers can raise, and also similarly return appropriate
error back up to (bgp_update_receive). Try to avoid leaking as4_path.
* bgp_packet.c: (bgp_update_receive) Adjust to deal with BGP_ATTR_PARSE_WITHDRAW
error level from bgp_attr_parse, which should lead to a withdraw, by
making the attribute parameter in call to (bgp_nlri_parse) conditional
on the error, so the update case morphs also into a withdraw.
Use bgp_attr_unintern_sub from above, instead of doing this itself.
Fix error case returns which were not calling bgp_attr_unintern_sub
and probably leaking memory.
* tests/aspath_test.c: Fix to work for null return with bad segments
2010-11-23 17:35:42 +01:00
|
|
|
if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_UPDATE_RCV,
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
|
|
|
|
|
peer);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 03:03:47 +02:00
|
|
|
if (ret && bgp_debug_update(peer, NULL, NULL, 1)) {
|
2022-03-31 14:59:06 +02:00
|
|
|
zlog_debug("%pBP rcvd UPDATE w/ attr: %s", peer,
|
2015-05-20 02:58:12 +02:00
|
|
|
peer->rcvd_attr_str);
|
|
|
|
|
peer->rcvd_attr_printed = 1;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Network Layer Reachability Information. */
|
|
|
|
|
update_len = end - stream_pnt(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Do not process NLRIs if the attribute length is zero
```
3 0x00007f423aa42476 in __GI_raise (sig=sig@entry=11) at ../sysdeps/posix/raise.c:26
4 0x00007f423aef9740 in core_handler (signo=11, siginfo=0x7fffc414deb0, context=<optimized out>) at lib/sigevent.c:246
5 <signal handler called>
6 0x0000564dea2fc71e in route_set_aspath_prepend (rule=0x564debd66d50, prefix=0x7fffc414ea30, object=0x7fffc414e400)
at bgpd/bgp_routemap.c:2258
7 0x00007f423aeec7e0 in route_map_apply_ext (map=<optimized out>, prefix=prefix@entry=0x7fffc414ea30,
match_object=match_object@entry=0x7fffc414e400, set_object=set_object@entry=0x7fffc414e400, pref=pref@entry=0x0) at lib/routemap.c:2690
8 0x0000564dea2d277e in bgp_input_modifier (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, attr=attr@entry=0x7fffc414e770,
afi=afi@entry=AFI_IP, safi=safi@entry=SAFI_UNICAST, rmap_name=rmap_name@entry=0x0, label=0x0, num_labels=0, dest=0x564debdd5130)
at bgpd/bgp_route.c:1772
9 0x0000564dea2df762 in bgp_update (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, addpath_id=addpath_id@entry=0,
attr=0x7fffc414eb50, afi=afi@entry=AFI_IP, safi=<optimized out>, safi@entry=SAFI_UNICAST, type=9, sub_type=0, prd=0x0, label=0x0,
num_labels=0, soft_reconfig=0, evpn=0x0) at bgpd/bgp_route.c:4374
10 0x0000564dea2e2047 in bgp_nlri_parse_ip (peer=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50, packet=0x7fffc414eaf0)
at bgpd/bgp_route.c:6249
11 0x0000564dea2c5a58 in bgp_nlri_parse (peer=peer@entry=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50,
packet=packet@entry=0x7fffc414eaf0, mp_withdraw=mp_withdraw@entry=false) at bgpd/bgp_packet.c:339
12 0x0000564dea2c5d66 in bgp_update_receive (peer=peer@entry=0x7f4238f59010, size=size@entry=109) at bgpd/bgp_packet.c:2024
13 0x0000564dea2c901d in bgp_process_packet (thread=<optimized out>) at bgpd/bgp_packet.c:2933
14 0x00007f423af0bf71 in event_call (thread=thread@entry=0x7fffc414ee40) at lib/event.c:1995
15 0x00007f423aebb198 in frr_run (master=0x564deb73c670) at lib/libfrr.c:1213
16 0x0000564dea261b83 in main (argc=<optimized out>, argv=<optimized out>) at bgpd/bgp_main.c:505
```
With the configuration:
```
frr version 9.1-dev-MyOwnFRRVersion
frr defaults traditional
hostname ip-172-31-13-140
log file /tmp/debug.log
log syslog
service integrated-vtysh-config
!
debug bgp keepalives
debug bgp neighbor-events
debug bgp updates in
debug bgp updates out
!
router bgp 100
bgp router-id 9.9.9.9
no bgp ebgp-requires-policy
bgp bestpath aigp
neighbor 172.31.2.47 remote-as 200
!
address-family ipv4 unicast
neighbor 172.31.2.47 default-originate
neighbor 172.31.2.47 route-map RM_IN in
exit-address-family
exit
!
route-map RM_IN permit 10
set as-path prepend 200
exit
!
```
The issue is that we try to process NLRIs even if the attribute length is 0.
Later bgp_update() will handle route-maps and a crash occurs because all the
attributes are NULL, including aspath, where we dereference.
According to the RFC 4271:
A value of 0 indicates that neither the Network Layer
Reachability Information field nor the Path Attribute field is
present in this UPDATE message.
But with a fuzzed UPDATE message this can be faked. I think it's reasonable
to skip processing NLRIs if both update_len and attribute_len are 0.
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-08-22 21:52:04 +02:00
|
|
|
if (update_len && attribute_len) {
|
2016-01-27 17:37:33 +01:00
|
|
|
/* Set NLRI portion to structure. */
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
nlris[NLRI_UPDATE].afi = AFI_IP;
|
|
|
|
|
nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
|
|
|
|
|
nlris[NLRI_UPDATE].nlri = stream_pnt(s);
|
|
|
|
|
nlris[NLRI_UPDATE].length = update_len;
|
2005-02-09 16:51:56 +01:00
|
|
|
stream_forward_getp(s, update_len);
|
2019-05-09 09:02:16 +02:00
|
|
|
|
|
|
|
|
if (CHECK_FLAG(attr.flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI))) {
|
|
|
|
|
/*
|
|
|
|
|
* We skipped nexthop attribute validation earlier so
|
|
|
|
|
* validate the nexthop now.
|
|
|
|
|
*/
|
|
|
|
|
if (bgp_attr_nexthop_valid(peer, &attr) < 0) {
|
|
|
|
|
bgp_attr_unintern_sub(&attr);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (BGP_DEBUG(update, UPDATE_IN))
|
2022-03-31 14:59:06 +02:00
|
|
|
zlog_debug("%pBP rcvd UPDATE wlen %d attrlen %d alen %d", peer,
|
|
|
|
|
withdraw_len, attribute_len, update_len);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
/* Parse any given NLRIs */
|
|
|
|
|
for (int i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++) {
|
2016-04-22 13:48:49 +02:00
|
|
|
if (!nlris[i].nlri)
|
|
|
|
|
continue;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
/* NLRI is processed iff the peer if configured for the specific
|
|
|
|
|
* afi/safi */
|
|
|
|
|
if (!peer->afc[nlris[i].afi][nlris[i].safi]) {
|
2017-07-17 14:03:14 +02:00
|
|
|
zlog_info(
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
"%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
|
|
|
|
|
peer->host, nlris[i].afi, nlris[i].safi);
|
2016-04-22 13:48:49 +02:00
|
|
|
continue;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
/* EoR handled later */
|
|
|
|
|
if (nlris[i].length == 0)
|
2016-04-22 13:48:49 +02:00
|
|
|
continue;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
switch (i) {
|
|
|
|
|
case NLRI_UPDATE:
|
|
|
|
|
case NLRI_MP_UPDATE:
|
2016-09-05 11:07:25 +02:00
|
|
|
nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
|
|
|
|
|
&nlris[i], 0);
|
2017-07-17 14:03:14 +02:00
|
|
|
break;
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
case NLRI_WITHDRAW:
|
|
|
|
|
case NLRI_MP_WITHDRAW:
|
2023-01-24 09:32:13 +01:00
|
|
|
nlri_ret = bgp_nlri_parse(peer, NLRI_ATTR_ARG,
|
|
|
|
|
&nlris[i], 1);
|
2017-07-17 14:03:14 +02:00
|
|
|
break;
|
|
|
|
|
default:
|
2019-04-15 22:53:20 +02:00
|
|
|
nlri_ret = BGP_NLRI_PARSE_ERROR;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2019-04-15 22:53:20 +02:00
|
|
|
if (nlri_ret < BGP_NLRI_PARSE_OK
|
|
|
|
|
&& nlri_ret != BGP_NLRI_PARSE_ERROR_PREFIX_OVERFLOW) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_UPDATE_RCV,
|
2018-09-13 21:38:57 +02:00
|
|
|
"%s [Error] Error parsing NLRI", peer->host);
|
2021-06-07 15:39:10 +02:00
|
|
|
if (peer_established(peer))
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection,
|
|
|
|
|
BGP_NOTIFY_UPDATE_ERR,
|
|
|
|
|
i <= NLRI_WITHDRAW
|
|
|
|
|
? BGP_NOTIFY_UPDATE_INVAL_NETWORK
|
|
|
|
|
: BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
|
2014-06-04 01:00:51 +02:00
|
|
|
bgp_attr_unintern_sub(&attr);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
/* EoR checks
|
2017-07-17 14:03:14 +02:00
|
|
|
*
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
* Non-MP IPv4/Unicast EoR is a completely empty UPDATE
|
|
|
|
|
* and MP EoR should have only an empty MP_UNREACH
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
2017-10-26 05:07:21 +02:00
|
|
|
if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0)
|
|
|
|
|
|| (attr_parse_ret == BGP_ATTR_PARSE_EOR)) {
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
afi_t afi = 0;
|
|
|
|
|
safi_t safi;
|
2019-10-23 20:14:51 +02:00
|
|
|
struct graceful_restart_info *gr_info;
|
|
|
|
|
|
|
|
|
|
/* Restarting router */
|
2020-01-31 19:04:00 +01:00
|
|
|
if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer)
|
|
|
|
|
&& BGP_PEER_RESTARTING_MODE(peer))
|
2019-10-23 20:14:51 +02:00
|
|
|
restart = true;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
/* Non-MP IPv4/Unicast is a completely emtpy UPDATE - already
|
2010-05-14 14:38:39 +02:00
|
|
|
* checked
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
* update and withdraw NLRI lengths are 0.
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
if (!attribute_len) {
|
|
|
|
|
afi = AFI_IP;
|
|
|
|
|
safi = SAFI_UNICAST;
|
2016-10-21 20:05:54 +02:00
|
|
|
} else if (attr.flag & ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)
|
2016-06-15 19:25:35 +02:00
|
|
|
&& nlris[NLRI_MP_WITHDRAW].length == 0) {
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
afi = nlris[NLRI_MP_WITHDRAW].afi;
|
|
|
|
|
safi = nlris[NLRI_MP_WITHDRAW].safi;
|
2017-10-26 05:07:21 +02:00
|
|
|
} else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) {
|
|
|
|
|
afi = nlris[NLRI_MP_UPDATE].afi;
|
|
|
|
|
safi = nlris[NLRI_MP_UPDATE].safi;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
if (afi && peer->afc[afi][safi]) {
|
2018-12-22 01:16:52 +01:00
|
|
|
struct vrf *vrf = vrf_lookup_by_id(peer->bgp->vrf_id);
|
|
|
|
|
|
2016-01-12 19:41:55 +01:00
|
|
|
/* End-of-RIB received */
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
if (!CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_RECEIVED)) {
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_RECEIVED);
|
2016-01-12 19:41:55 +01:00
|
|
|
bgp_update_explicit_eors(peer);
|
2019-10-23 20:14:51 +02:00
|
|
|
/* Update graceful restart information */
|
|
|
|
|
gr_info = &(peer->bgp->gr_info[afi][safi]);
|
|
|
|
|
if (restart)
|
|
|
|
|
gr_info->eor_received++;
|
|
|
|
|
/* If EOR received from all peers and selection
|
|
|
|
|
* deferral timer is running, cancel the timer
|
|
|
|
|
* and invoke the best path calculation
|
|
|
|
|
*/
|
2020-01-31 19:04:00 +01:00
|
|
|
if (gr_info->eor_required
|
|
|
|
|
== gr_info->eor_received) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
"%s %d, %s %d",
|
2019-10-23 20:14:51 +02:00
|
|
|
"EOR REQ",
|
|
|
|
|
gr_info->eor_required,
|
|
|
|
|
"EOR RCV",
|
|
|
|
|
gr_info->eor_received);
|
2022-09-21 12:18:06 +02:00
|
|
|
if (gr_info->t_select_deferral) {
|
2022-12-25 16:26:52 +01:00
|
|
|
void *info = EVENT_ARG(
|
2022-09-21 12:18:06 +02:00
|
|
|
gr_info->t_select_deferral);
|
|
|
|
|
XFREE(MTYPE_TMP, info);
|
|
|
|
|
}
|
2022-12-25 16:26:52 +01:00
|
|
|
EVENT_OFF(gr_info->t_select_deferral);
|
2019-10-23 20:14:51 +02:00
|
|
|
gr_info->eor_required = 0;
|
|
|
|
|
gr_info->eor_received = 0;
|
|
|
|
|
/* Best path selection */
|
2022-08-03 17:43:01 +02:00
|
|
|
bgp_best_path_select_defer(peer->bgp,
|
|
|
|
|
afi, safi);
|
2019-10-23 20:14:51 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
bgpd: Regularise bgp_update_receive, add missing notifies and checks
* bgp_packet.c: (bgp_update_receive) Lots of repeated code, doing same
thing for each AFI/SAFI. Except when it doesn't, e.g. the IPv4/VPN
case was missing the EoR bgp_clear_stale_route call - the only action
really needed for EoR.
Make this function a lot more regular, using common, AFI/SAFI
independent blocks so far as possible.
Replace the 4 separate bgp_nlris with an array, indexed by an enum.
The distinct blocks that handle calling bgp_nlri_parse for each
different AFI/SAFI can now be replaced with a loop.
Transmogrify the nlri SAFI from the SAFI_MPLS_LABELED_VPN code-point
used on the wire, to the SAFI_MPLS_VPN safi_t enum we use internally
as early as possible.
The existing code was not necessarily sending a NOTIFY for NLRI
parsing errors, if they arose via bgp_nlri_sanity_check. Send the
correct NOTIFY - INVAL_NETWORK for the classic NLRIs and OPT_ATTR_ERR
for the MP ones.
EoR can now be handled in one block. The existing code seemed broken
for EoR recognition in a number of ways:
1. A v4/unicast EoR should be an empty UPDATE. However, it seemed
to be treating an UPDATE with attributes, inc. MP REACH/UNREACH,
but no classic NLRIs, as a v4/uni EoR.
2. For other AFI/SAFIs, it was treating UPDATEs with no classic
withraw and with a zero-length MP withdraw as EoRs. However, that
would mean an UPDATE packet _with_ update NLRIs and a 0-len MP
withdraw could be classed as an EoR.
This seems to be loose coding leading to ambiguous protocol
situations and likely incorrect behaviour, rather than simply being
liberal. Be more strict about checking that an UPDATE really is an
EoR and definitely is not trying to update any NLRIs.
This same loose EoR parsing was noted by Chris Hall previously on
list.
(bgp_nlri_parse) Front end NLRI parse function, to fan-out to the correct
parser for the AFI/SAFI.
* bgp_route.c: (bgp_nlri_sanity_check) We try convert NLRI safi to
internal code-point ASAP, adjust switch for that. Leave the wire
code point in for defensive coding.
(bgp_nlri_parse) rename to bgp_nlri_parse_ip.
* tests/bgp_mp_attr_test.c: Can just use bgp_nlri_parse frontend.
2016-02-04 14:27:04 +01:00
|
|
|
/* NSF delete stale route */
|
|
|
|
|
if (peer->nsf[afi][safi])
|
|
|
|
|
bgp_clear_stale_route(peer, afi, safi);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-12-20 22:03:09 +01:00
|
|
|
zlog_info(
|
|
|
|
|
"%s: rcvd End-of-RIB for %s from %s in vrf %s",
|
|
|
|
|
__func__, get_afi_safi_str(afi, safi, false),
|
|
|
|
|
peer->host, vrf ? vrf->name : VRF_DEFAULT_NAME);
|
|
|
|
|
}
|
2014-06-04 01:00:51 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
/* Everything is done. We unintern temporary structures which
|
|
|
|
|
interned in bgp_attr_parse(). */
|
2016-02-04 18:00:18 +01:00
|
|
|
bgp_attr_unintern_sub(&attr);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-08-18 00:27:54 +02:00
|
|
|
peer->update_time = monotime(NULL);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
bgpd: conditional advertisement - other match rules support
Sample Configuration with prefix-list and community match rules
---------------------------------------------------------------
R1 ------- R2(DUT) ------- R3
Router2# show running-config
Building configuration...
Current configuration:
!
frr version 7.6-dev-MyOwnFRRVersion
frr defaults traditional
hostname router
log file /var/log/frr/bgpd.log
log syslog informational
hostname Router2
service integrated-vtysh-config
!
debug bgp updates in
debug bgp updates out
!
debug route-map
!
ip route 20.20.0.0/16 blackhole
ipv6 route 2001:db8::200/128 blackhole
!
interface enp0s9
ip address 10.10.10.2/24
!
interface enp0s10
ip address 10.10.20.2/24
!
interface lo
ip address 2.2.2.2/32
!
router bgp 2
bgp log-neighbor-changes
no bgp ebgp-requires-policy
neighbor 10.10.10.1 remote-as 1
neighbor 10.10.20.3 remote-as 3
!
address-family ipv4 unicast
neighbor 10.10.10.1 soft-reconfiguration inbound
neighbor 10.10.20.3 soft-reconfiguration inbound
neighbor 10.10.20.3 advertise-map ADV-MAP non-exist-map EXIST-MAP
exit-address-family
!
ip prefix-list DEFAULT seq 5 permit 1.1.1.5/32
ip prefix-list DEFAULT seq 10 permit 1.1.1.1/32
ip prefix-list EXIST seq 5 permit 10.10.10.10/32
ip prefix-list DEFAULT-ROUTE seq 5 permit 0.0.0.0/0
ip prefix-list IP1 seq 5 permit 10.139.224.0/20
ip prefix-list T2 seq 5 permit 1.1.1.5/32
!
bgp community-list standard DC-ROUTES seq 5 permit 64952:3008
bgp community-list standard DC-ROUTES seq 10 permit 64671:501
bgp community-list standard DC-ROUTES seq 15 permit 64950:3009
bgp community-list standard DEFAULT-ROUTE seq 5 permit 65013:200
!
route-map ADV-MAP permit 10
match ip address prefix-list IP1
!
route-map ADV-MAP permit 20
match community DC-ROUTES
!
route-map EXIST-MAP permit 10
match community DEFAULT-ROUTE
match ip address prefix-list DEFAULT-ROUTE
!
line vty
!
end
Router2#
Router2# show ip bgp 0.0.0.0
BGP routing table entry for 0.0.0.0/0
Paths: (1 available, best #1, table default)
Advertised to non peer-group peers:
10.10.10.1 10.10.20.3
1
10.10.10.1 from 10.10.10.1 (10.139.224.1)
Origin IGP, metric 0, valid, external, best (First path received)
Community: 64848:3011 65011:200 65013:200
Last update: Tue Oct 6 02:39:42 2020
Router2#
Sample output with non-exist-map when default route present in table
--------------------------------------------------------------------
Router2# show ip bgp
BGP table version is 4, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0/0 10.10.10.1 0 0 1 i
*> 1.1.1.1/32 10.10.10.1 0 0 1 i
*> 1.1.1.5/32 10.10.10.1 0 0 1 i
*> 10.139.224.0/20 10.10.10.1 0 0 1 ?
Displayed 4 routes and 4 total paths
Router2# show ip bgp neighbors 10.10.20.3 advertised-routes
BGP table version is 4, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0/0 0.0.0.0 0 1 i
*> 1.1.1.5/32 0.0.0.0 0 1 i <<<<<<<<< non-exist-map : 0.0.0.0/0 is present so, 10.139.224.0/20 not advertised
Total number of prefixes 2
Sample output with non-exist-map when default route not present in table
------------------------------------------------------------------------
Router2# show ip bgp
BGP table version is 5, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 10.10.10.1 0 0 1 i
*> 1.1.1.5/32 10.10.10.1 0 0 1 i
*> 10.139.224.0/20 10.10.10.1 0 0 1 ?
Displayed 3 routes and 3 total paths
Router2#
Router2#
Router2# show ip bgp neighbors 10.10.20.3 advertised-routes
BGP table version is 5, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 1 i
*> 1.1.1.5/32 0.0.0.0 0 1 i
*> 10.139.224.0/20 0.0.0.0 0 1 ? <<<<<<<<< non-exist-map : 0.0.0.0/0 is not present so, 10.139.224.0/20 advertised
Total number of prefixes 3
Router2#
Sample output with exist-map when default route present in table
--------------------------------------------------------------------
Router2# show ip bgp
BGP table version is 8, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0/0 10.10.10.1 0 0 1 i
*> 1.1.1.1/32 10.10.10.1 0 0 1 i
*> 1.1.1.5/32 10.10.10.1 0 0 1 i
*> 10.139.224.0/20 10.10.10.1 0 0 1 ?
Displayed 4 routes and 4 total paths
Router2#
Router2#
Router2#
Router2#
Router2# show ip bgp neighbors 10.10.20.3 advertised-routes
BGP table version is 8, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0/0 0.0.0.0 0 1 i
*> 1.1.1.1/32 0.0.0.0 0 1 i
*> 1.1.1.5/32 0.0.0.0 0 1 i
*> 10.139.224.0/20 0.0.0.0 0 1 ? <<<<<<<<< exist-map : 0.0.0.0/0 is present so, 10.139.224.0/20 advertised
Total number of prefixes 4
Router2#
Sample output with exist-map when default route not present in table
--------------------------------------------------------------------
Router2# show ip bgp
BGP table version is 9, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 10.10.10.1 0 0 1 i
*> 1.1.1.5/32 10.10.10.1 0 0 1 i
*> 10.139.224.0/20 10.10.10.1 0 0 1 ?
Displayed 3 routes and 3 total paths
Router2#
Router2#
Router2#
Router2# show ip bgp neighbors 10.10.20.3 advertised-routes
BGP table version is 9, local router ID is 2.2.2.2, vrf id 0
Default local pref 100, local AS 2
Status codes: s suppressed, d damped, h history, * valid, > best, = multipath,
i internal, r RIB-failure, S Stale, R Removed
Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.5/32 0.0.0.0 0 1 i <<<<<<<<< exist-map : 0.0.0.0/0 is not present so, 10.139.224.0/20 not advertised
Total number of prefixes 1
Router2#
Signed-off-by: Madhuri Kuruganti <k.madhuri@samsung.com>
2020-10-05 19:40:56 +02:00
|
|
|
/* Notify BGP Conditional advertisement scanner process */
|
|
|
|
|
peer->advmap_table_change = true;
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
return Receive_UPDATE_message;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Process BGP NOTIFY message for peer.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
|
|
|
|
*/
|
|
|
|
|
static int bgp_notify_receive(struct peer *peer, bgp_size_t size)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2022-05-04 12:27:47 +02:00
|
|
|
struct bgp_notify outer = {};
|
|
|
|
|
struct bgp_notify inner = {};
|
2022-04-30 22:04:58 +02:00
|
|
|
bool hard_reset = false;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (peer->notify.data) {
|
2022-04-30 22:04:58 +02:00
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, peer->notify.data);
|
2002-12-13 21:15:29 +01:00
|
|
|
peer->notify.length = 0;
|
2022-05-10 08:25:59 +02:00
|
|
|
peer->notify.hard_reset = false;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
outer.code = stream_getc(peer->curr);
|
|
|
|
|
outer.subcode = stream_getc(peer->curr);
|
|
|
|
|
outer.length = size - 2;
|
|
|
|
|
outer.data = NULL;
|
|
|
|
|
outer.raw_data = NULL;
|
|
|
|
|
if (outer.length) {
|
|
|
|
|
outer.raw_data = XMALLOC(MTYPE_BGP_NOTIFICATION, outer.length);
|
|
|
|
|
memcpy(outer.raw_data, stream_pnt(peer->curr), outer.length);
|
|
|
|
|
}
|
|
|
|
|
|
2022-05-06 09:21:15 +02:00
|
|
|
hard_reset =
|
|
|
|
|
bgp_notify_received_hard_reset(peer, outer.code, outer.subcode);
|
2022-04-30 22:04:58 +02:00
|
|
|
if (hard_reset && outer.length) {
|
|
|
|
|
inner = bgp_notify_decapsulate_hard_reset(&outer);
|
|
|
|
|
peer->notify.hard_reset = true;
|
|
|
|
|
} else {
|
|
|
|
|
inner = outer;
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Preserv notify code and sub code. */
|
2022-04-30 22:04:58 +02:00
|
|
|
peer->notify.code = inner.code;
|
|
|
|
|
peer->notify.subcode = inner.subcode;
|
2002-12-13 21:15:29 +01:00
|
|
|
/* For further diagnostic record returned Data. */
|
2022-04-30 22:04:58 +02:00
|
|
|
if (inner.length) {
|
|
|
|
|
peer->notify.length = inner.length;
|
|
|
|
|
peer->notify.data =
|
|
|
|
|
XMALLOC(MTYPE_BGP_NOTIFICATION, inner.length);
|
|
|
|
|
memcpy(peer->notify.data, inner.raw_data, inner.length);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* For debug */
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
int first = 0;
|
|
|
|
|
char c[4];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
if (inner.length) {
|
|
|
|
|
inner.data = XMALLOC(MTYPE_BGP_NOTIFICATION,
|
|
|
|
|
inner.length * 3);
|
|
|
|
|
for (i = 0; i < inner.length; i++)
|
2002-12-13 21:15:29 +01:00
|
|
|
if (first) {
|
2019-05-06 23:05:06 +02:00
|
|
|
snprintf(c, sizeof(c), " %02x",
|
2017-05-02 02:37:45 +02:00
|
|
|
stream_getc(peer->curr));
|
2019-10-23 20:14:51 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
strlcat(inner.data, c,
|
|
|
|
|
inner.length * 3);
|
2019-10-23 20:14:51 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
} else {
|
|
|
|
|
first = 1;
|
2019-05-06 23:05:06 +02:00
|
|
|
snprintf(c, sizeof(c), "%02x",
|
|
|
|
|
stream_getc(peer->curr));
|
2019-10-23 20:14:51 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
strlcpy(inner.data, c,
|
|
|
|
|
inner.length * 3);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-04-30 22:04:58 +02:00
|
|
|
bgp_notify_print(peer, &inner, "received", hard_reset);
|
2022-05-04 12:27:47 +02:00
|
|
|
if (inner.length) {
|
2022-04-30 22:04:58 +02:00
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, inner.data);
|
|
|
|
|
inner.length = 0;
|
|
|
|
|
}
|
|
|
|
|
if (outer.length) {
|
|
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, outer.data);
|
2022-05-04 12:27:47 +02:00
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, outer.raw_data);
|
2022-07-10 11:42:46 +02:00
|
|
|
|
|
|
|
|
/* If this is a Hard Reset notification, we MUST free
|
|
|
|
|
* the inner (encapsulated) notification too.
|
|
|
|
|
*/
|
|
|
|
|
if (hard_reset)
|
|
|
|
|
XFREE(MTYPE_BGP_NOTIFICATION, inner.raw_data);
|
2022-04-30 22:04:58 +02:00
|
|
|
outer.length = 0;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2015-10-21 00:13:20 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* peer count update */
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->notify_in, 1, memory_order_relaxed);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-09-16 04:14:06 +02:00
|
|
|
peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* We have to check for Notify with Unsupported Optional Parameter.
|
|
|
|
|
in that case we fallback to open without the capability option.
|
|
|
|
|
But this done in bgp_stop. We just mark it here to avoid changing
|
|
|
|
|
the fsm tables. */
|
2022-04-30 22:04:58 +02:00
|
|
|
if (inner.code == BGP_NOTIFY_OPEN_ERR &&
|
|
|
|
|
inner.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM)
|
2002-12-13 21:15:29 +01:00
|
|
|
UNSET_FLAG(peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-05-11 18:42:53 +02:00
|
|
|
/* If Graceful-Restart N-bit (Notification) is exchanged,
|
|
|
|
|
* and it's not a Hard Reset, let's retain the routes.
|
|
|
|
|
*/
|
|
|
|
|
if (bgp_has_graceful_restart_notification(peer) && !hard_reset &&
|
|
|
|
|
CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE))
|
|
|
|
|
SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT);
|
|
|
|
|
|
2019-10-23 21:12:10 +02:00
|
|
|
bgp_peer_gr_flags_update(peer);
|
2020-01-31 19:04:00 +01:00
|
|
|
BGP_GR_ROUTER_DETECT_AND_SEND_CAPABILITY_TO_ZEBRA(peer->bgp,
|
|
|
|
|
peer->bgp->peer);
|
2019-10-23 21:12:10 +02:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
return Receive_NOTIFICATION_message;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Process BGP ROUTEREFRESH message for peer.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
|
|
|
|
*/
|
|
|
|
|
static int bgp_route_refresh_receive(struct peer *peer, bgp_size_t size)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2017-01-18 03:01:56 +01:00
|
|
|
iana_afi_t pkt_afi;
|
2002-12-13 21:15:29 +01:00
|
|
|
afi_t afi;
|
2017-08-01 02:06:40 +02:00
|
|
|
iana_safi_t pkt_safi;
|
|
|
|
|
safi_t safi;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct stream *s;
|
2015-05-20 03:04:05 +02:00
|
|
|
struct peer_af *paf;
|
2015-11-04 17:31:33 +01:00
|
|
|
struct update_group *updgrp;
|
|
|
|
|
struct peer *updgrp_peer;
|
2020-10-01 22:08:06 +02:00
|
|
|
uint8_t subtype;
|
2021-10-01 16:32:57 +02:00
|
|
|
bool force_update = false;
|
2020-10-01 22:08:06 +02:00
|
|
|
bgp_size_t msg_length =
|
|
|
|
|
size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* If peer does not have the capability, send notification. */
|
|
|
|
|
if (!CHECK_FLAG(peer->cap, PEER_CAP_REFRESH_ADV)) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_NO_CAP,
|
2018-09-13 21:38:57 +02:00
|
|
|
"%s [Error] BGP route refresh is not enabled",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_HEADER_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_HEADER_BAD_MESTYPE);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Status must be Established. */
|
2021-06-07 15:39:10 +02:00
|
|
|
if (!peer_established(peer)) {
|
2021-06-03 23:13:52 +02:00
|
|
|
flog_err(EC_BGP_INVALID_STATUS,
|
|
|
|
|
"%s [Error] Route refresh packet received under status %s",
|
|
|
|
|
peer->host,
|
2021-08-10 05:43:46 +02:00
|
|
|
lookup_msg(bgp_status_msg, peer->connection->status,
|
2021-06-03 23:13:52 +02:00
|
|
|
NULL));
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_FSM_ERR,
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_fsm_error_subcode(peer->connection->status));
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2017-05-02 02:37:45 +02:00
|
|
|
s = peer->curr;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-06-15 19:25:35 +02:00
|
|
|
/* Parse packet. */
|
|
|
|
|
pkt_afi = stream_getw(s);
|
2020-10-01 22:08:06 +02:00
|
|
|
subtype = stream_getc(s);
|
2016-06-15 19:25:35 +02:00
|
|
|
pkt_safi = stream_getc(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Convert AFI, SAFI to internal values and check. */
|
|
|
|
|
if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi, &safi)) {
|
2017-07-17 14:03:14 +02:00
|
|
|
zlog_info(
|
2019-06-02 01:11:28 +02:00
|
|
|
"%s REFRESH_REQ for unrecognized afi/safi: %s/%s - ignored",
|
|
|
|
|
peer->host, iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_PACKET_NOOP;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) {
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t *end;
|
|
|
|
|
uint8_t when_to_refresh;
|
|
|
|
|
uint8_t orf_type;
|
|
|
|
|
uint16_t orf_len;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2020-10-01 22:08:06 +02:00
|
|
|
if (subtype) {
|
|
|
|
|
/* If the length, excluding the fixed-size message
|
|
|
|
|
* header, of the received ROUTE-REFRESH message with
|
|
|
|
|
* Message Subtype 1 and 2 is not 4, then the BGP
|
|
|
|
|
* speaker MUST send a NOTIFICATION message with the
|
|
|
|
|
* Error Code of "ROUTE-REFRESH Message Error" and the
|
|
|
|
|
* subcode of "Invalid Message Length".
|
|
|
|
|
*/
|
|
|
|
|
if (msg_length != 4) {
|
|
|
|
|
zlog_err(
|
|
|
|
|
"%s Enhanced Route Refresh message length error",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection,
|
|
|
|
|
BGP_NOTIFY_ROUTE_REFRESH_ERR,
|
|
|
|
|
BGP_NOTIFY_ROUTE_REFRESH_INVALID_MSG_LEN);
|
2020-10-01 22:08:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* When the BGP speaker receives a ROUTE-REFRESH message
|
|
|
|
|
* with a "Message Subtype" field other than 0, 1, or 2,
|
|
|
|
|
* it MUST ignore the received ROUTE-REFRESH message.
|
|
|
|
|
*/
|
|
|
|
|
if (subtype > 2)
|
|
|
|
|
zlog_err(
|
|
|
|
|
"%s Enhanced Route Refresh invalid subtype",
|
|
|
|
|
peer->host);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (msg_length < 5) {
|
2004-12-08 22:03:23 +01:00
|
|
|
zlog_info("%s ORF route refresh length error",
|
2002-12-13 21:15:29 +01:00
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2019-11-10 16:54:37 +01:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2007-12-22 17:49:52 +01:00
|
|
|
when_to_refresh = stream_getc(s);
|
|
|
|
|
end = stream_pnt(s) + (size - 5);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2007-12-22 17:49:52 +01:00
|
|
|
while ((stream_pnt(s) + 2) < end) {
|
|
|
|
|
orf_type = stream_getc(s);
|
2002-12-13 21:15:29 +01:00
|
|
|
orf_len = stream_getw(s);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2007-12-22 17:49:52 +01:00
|
|
|
/* orf_len in bounds? */
|
|
|
|
|
if ((stream_pnt(s) + orf_len) > end)
|
|
|
|
|
break; /* XXX: Notify instead?? */
|
2023-07-07 22:39:44 +02:00
|
|
|
if (orf_type == ORF_TYPE_PREFIX) {
|
2002-12-13 21:15:29 +01:00
|
|
|
uint8_t *p_pnt = stream_pnt(s);
|
Fix most compiler warnings in default GCC build.
Fix lots of warnings. Some const and type-pun breaks strict-aliasing
warnings left but much reduced.
* bgp_advertise.h: (struct bgp_advertise_fifo) is functionally identical to
(struct fifo), so just use that. Makes it clearer the beginning of
(struct bgp_advertise) is compatible with with (struct fifo), which seems
to be enough for gcc.
Add a BGP_ADV_FIFO_HEAD macro to contain the right cast to try shut up
type-punning breaks strict aliasing warnings.
* bgp_packet.c: Use BGP_ADV_FIFO_HEAD.
(bgp_route_refresh_receive) fix an interesting logic error in
(!ok || (ret != BLAH)) where ret is only well-defined if ok.
* bgp_vty.c: Peer commands should use bgp_vty_return to set their return.
* jhash.{c,h}: Can take const on * args without adding issues & fix warnings.
* libospf.h: LSA sequence numbers use the unsigned range of values, and
constants need to be set to unsigned, or it causes warnings in ospf6d.
* md5.h: signedness of caddr_t is implementation specific, change to an
explicit (uint_8 *), fix sign/unsigned comparison warnings.
* vty.c: (vty_log_fixed) const on level is well-intentioned, but not going
to fly given iov_base.
* workqueue.c: ALL_LIST_ELEMENTS_RO tests for null pointer, which is always
true for address of static variable. Correct but pointless warning in
this case, but use a 2nd pointer to shut it up.
* ospf6_route.h: Add a comment about the use of (struct prefix) to stuff 2
different 32 bit IDs into in (struct ospf6_route), and the resulting
type-pun strict-alias breakage warnings this causes. Need to use 2
different fields to fix that warning?
general:
* remove unused variables, other than a few cases where they serve a
sufficiently useful documentary purpose (e.g. for code that needs
fixing), or they're required dummies. In those cases, try mark them as
unused.
* Remove dead code that can't be reached.
* Quite a few 'no ...' forms of vty commands take arguments, but do not
check the argument matches the command being negated. E.g., should
'distance X <prefix>' succeed if previously 'distance Y <prefix>' was set?
Or should it be required that the distance match the previously configured
distance for the prefix?
Ultimately, probably better to be strict about this. However, changing
from slack to strict might expose problems in command aliases and tools.
* Fix uninitialised use of variables.
* Fix sign/unsigned comparison warnings by making signedness of types consistent.
* Mark functions as static where their use is restricted to the same compilation
unit.
* Add required headers
* Move constants defined in headers into code.
* remove dead, unused functions that have no debug purpose.
(cherry picked from commit 7aa9dcef80b2ce50ecaa77653d87c8b84e009c49)
Conflicts:
bgpd/bgp_advertise.h
bgpd/bgp_mplsvpn.c
bgpd/bgp_nexthop.c
bgpd/bgp_packet.c
bgpd/bgp_route.c
bgpd/bgp_routemap.c
bgpd/bgp_vty.c
lib/command.c
lib/if.c
lib/jhash.c
lib/workqueue.c
ospf6d/ospf6_lsa.c
ospf6d/ospf6_neighbor.h
ospf6d/ospf6_spf.c
ospf6d/ospf6_top.c
ospfd/ospf_api.c
zebra/router-id.c
zebra/rt_netlink.c
zebra/rt_netlink.h
2014-09-19 15:42:23 +02:00
|
|
|
uint8_t *p_end = stream_pnt(s) + orf_len;
|
2002-12-13 21:15:29 +01:00
|
|
|
struct orf_prefix orfp;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t common = 0;
|
|
|
|
|
uint32_t seq;
|
2002-12-13 21:15:29 +01:00
|
|
|
int psize;
|
|
|
|
|
char name[BUFSIZ];
|
2015-05-20 03:12:17 +02:00
|
|
|
int ret = CMD_SUCCESS;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer)) {
|
2016-02-04 18:00:18 +01:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd Prefixlist ORF(%d) length %d",
|
|
|
|
|
peer, orf_type, orf_len);
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2022-08-05 14:06:00 +02:00
|
|
|
/* ORF prefix-list name */
|
|
|
|
|
snprintf(name, sizeof(name), "%s.%d.%d",
|
|
|
|
|
peer->host, afi, safi);
|
|
|
|
|
|
2010-05-14 14:38:39 +02:00
|
|
|
/* we're going to read at least 1 byte of common
|
2007-12-22 17:49:52 +01:00
|
|
|
* ORF header,
|
2010-05-14 14:38:39 +02:00
|
|
|
* and 7 bytes of ORF Address-filter entry from
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
* the stream
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
2023-08-20 21:15:27 +02:00
|
|
|
if (p_pnt < p_end &&
|
|
|
|
|
*p_pnt & ORF_COMMON_PART_REMOVE_ALL) {
|
2022-08-05 14:06:00 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
|
|
|
|
"%pBP rcvd Remove-All pfxlist ORF request",
|
|
|
|
|
peer);
|
|
|
|
|
prefix_bgp_orf_remove_all(afi, name);
|
2017-07-17 14:03:14 +02:00
|
|
|
break;
|
2022-08-05 14:06:00 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2022-08-05 14:06:00 +02:00
|
|
|
if (orf_len < 7)
|
|
|
|
|
break;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
while (p_pnt < p_end) {
|
2010-05-14 14:38:39 +02:00
|
|
|
/* If the ORF entry is malformed, want
|
|
|
|
|
* to read as much of it
|
|
|
|
|
* as possible without going beyond the
|
|
|
|
|
* bounds of the entry,
|
|
|
|
|
* to maximise debug information.
|
|
|
|
|
*/
|
2011-04-11 17:31:43 +02:00
|
|
|
int ok;
|
2022-05-11 12:16:44 +02:00
|
|
|
memset(&orfp, 0, sizeof(orfp));
|
2002-12-13 21:15:29 +01:00
|
|
|
common = *p_pnt++;
|
2010-05-14 14:38:39 +02:00
|
|
|
/* after ++: p_pnt <= p_end */
|
2018-03-27 21:13:34 +02:00
|
|
|
ok = ((uint32_t)(p_end - p_pnt)
|
|
|
|
|
>= sizeof(uint32_t));
|
2011-12-13 18:11:39 +01:00
|
|
|
if (ok) {
|
2011-04-11 17:31:43 +02:00
|
|
|
memcpy(&seq, p_pnt,
|
2018-03-27 21:13:34 +02:00
|
|
|
sizeof(uint32_t));
|
|
|
|
|
p_pnt += sizeof(uint32_t);
|
2011-04-11 17:31:43 +02:00
|
|
|
orfp.seq = ntohl(seq);
|
2010-05-14 14:38:39 +02:00
|
|
|
} else
|
|
|
|
|
p_pnt = p_end;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2020-02-24 15:08:54 +01:00
|
|
|
/* val checked in prefix_bgp_orf_set */
|
2020-02-24 14:29:15 +01:00
|
|
|
if (p_pnt < p_end)
|
2020-02-24 15:08:54 +01:00
|
|
|
orfp.ge = *p_pnt++;
|
|
|
|
|
|
|
|
|
|
/* val checked in prefix_bgp_orf_set */
|
2020-02-24 14:29:15 +01:00
|
|
|
if (p_pnt < p_end)
|
2020-02-24 15:08:54 +01:00
|
|
|
orfp.le = *p_pnt++;
|
|
|
|
|
|
2010-05-14 14:38:39 +02:00
|
|
|
if ((ok = (p_pnt < p_end)))
|
|
|
|
|
orfp.p.prefixlen = *p_pnt++;
|
2020-02-24 15:08:54 +01:00
|
|
|
|
|
|
|
|
/* afi checked already */
|
|
|
|
|
orfp.p.family = afi2family(afi);
|
|
|
|
|
|
|
|
|
|
/* 0 if not ok */
|
|
|
|
|
psize = PSIZE(orfp.p.prefixlen);
|
|
|
|
|
/* valid for family ? */
|
|
|
|
|
if (psize > prefix_blen(&orfp.p)) {
|
2010-05-14 14:38:39 +02:00
|
|
|
ok = 0;
|
|
|
|
|
psize = prefix_blen(&orfp.p);
|
|
|
|
|
}
|
2020-02-24 15:08:54 +01:00
|
|
|
/* valid for packet ? */
|
|
|
|
|
if (psize > (p_end - p_pnt)) {
|
2010-05-14 14:38:39 +02:00
|
|
|
ok = 0;
|
|
|
|
|
psize = p_end - p_pnt;
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2010-05-14 14:38:39 +02:00
|
|
|
if (psize > 0)
|
|
|
|
|
memcpy(&orfp.p.u.prefix, p_pnt,
|
|
|
|
|
psize);
|
2002-12-13 21:15:29 +01:00
|
|
|
p_pnt += psize;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer)) {
|
2012-05-07 18:52:53 +02:00
|
|
|
char buf[INET6_BUFSIZ];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2012-05-07 18:52:53 +02:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd %s %s seq %u %s/%d ge %d le %d%s",
|
|
|
|
|
peer,
|
2012-05-07 18:52:53 +02:00
|
|
|
(common & ORF_COMMON_PART_REMOVE
|
|
|
|
|
? "Remove"
|
|
|
|
|
: "Add"),
|
|
|
|
|
(common & ORF_COMMON_PART_DENY
|
|
|
|
|
? "deny"
|
|
|
|
|
: "permit"),
|
|
|
|
|
orfp.seq,
|
|
|
|
|
inet_ntop(
|
|
|
|
|
orfp.p.family,
|
|
|
|
|
&orfp.p.u.prefix,
|
|
|
|
|
buf,
|
|
|
|
|
INET6_BUFSIZ),
|
|
|
|
|
orfp.p.prefixlen,
|
|
|
|
|
orfp.ge, orfp.le,
|
|
|
|
|
ok ? "" : " MALFORMED");
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2010-05-14 14:38:39 +02:00
|
|
|
if (ok)
|
2011-04-11 17:31:43 +02:00
|
|
|
ret = prefix_bgp_orf_set(
|
|
|
|
|
name, afi, &orfp,
|
|
|
|
|
(common & ORF_COMMON_PART_DENY
|
|
|
|
|
? 0
|
|
|
|
|
: 1),
|
|
|
|
|
(common & ORF_COMMON_PART_REMOVE
|
|
|
|
|
? 0
|
|
|
|
|
: 1));
|
2017-07-17 14:03:14 +02:00
|
|
|
|
Fix most compiler warnings in default GCC build.
Fix lots of warnings. Some const and type-pun breaks strict-aliasing
warnings left but much reduced.
* bgp_advertise.h: (struct bgp_advertise_fifo) is functionally identical to
(struct fifo), so just use that. Makes it clearer the beginning of
(struct bgp_advertise) is compatible with with (struct fifo), which seems
to be enough for gcc.
Add a BGP_ADV_FIFO_HEAD macro to contain the right cast to try shut up
type-punning breaks strict aliasing warnings.
* bgp_packet.c: Use BGP_ADV_FIFO_HEAD.
(bgp_route_refresh_receive) fix an interesting logic error in
(!ok || (ret != BLAH)) where ret is only well-defined if ok.
* bgp_vty.c: Peer commands should use bgp_vty_return to set their return.
* jhash.{c,h}: Can take const on * args without adding issues & fix warnings.
* libospf.h: LSA sequence numbers use the unsigned range of values, and
constants need to be set to unsigned, or it causes warnings in ospf6d.
* md5.h: signedness of caddr_t is implementation specific, change to an
explicit (uint_8 *), fix sign/unsigned comparison warnings.
* vty.c: (vty_log_fixed) const on level is well-intentioned, but not going
to fly given iov_base.
* workqueue.c: ALL_LIST_ELEMENTS_RO tests for null pointer, which is always
true for address of static variable. Correct but pointless warning in
this case, but use a 2nd pointer to shut it up.
* ospf6_route.h: Add a comment about the use of (struct prefix) to stuff 2
different 32 bit IDs into in (struct ospf6_route), and the resulting
type-pun strict-alias breakage warnings this causes. Need to use 2
different fields to fix that warning?
general:
* remove unused variables, other than a few cases where they serve a
sufficiently useful documentary purpose (e.g. for code that needs
fixing), or they're required dummies. In those cases, try mark them as
unused.
* Remove dead code that can't be reached.
* Quite a few 'no ...' forms of vty commands take arguments, but do not
check the argument matches the command being negated. E.g., should
'distance X <prefix>' succeed if previously 'distance Y <prefix>' was set?
Or should it be required that the distance match the previously configured
distance for the prefix?
Ultimately, probably better to be strict about this. However, changing
from slack to strict might expose problems in command aliases and tools.
* Fix uninitialised use of variables.
* Fix sign/unsigned comparison warnings by making signedness of types consistent.
* Mark functions as static where their use is restricted to the same compilation
unit.
* Add required headers
* Move constants defined in headers into code.
* remove dead, unused functions that have no debug purpose.
(cherry picked from commit 7aa9dcef80b2ce50ecaa77653d87c8b84e009c49)
Conflicts:
bgpd/bgp_advertise.h
bgpd/bgp_mplsvpn.c
bgpd/bgp_nexthop.c
bgpd/bgp_packet.c
bgpd/bgp_route.c
bgpd/bgp_routemap.c
bgpd/bgp_vty.c
lib/command.c
lib/if.c
lib/jhash.c
lib/workqueue.c
ospf6d/ospf6_lsa.c
ospf6d/ospf6_neighbor.h
ospf6d/ospf6_spf.c
ospf6d/ospf6_top.c
ospfd/ospf_api.c
zebra/router-id.c
zebra/rt_netlink.c
zebra/rt_netlink.h
2014-09-19 15:42:23 +02:00
|
|
|
if (!ok || (ok && ret != CMD_SUCCESS)) {
|
2015-05-20 02:58:12 +02:00
|
|
|
zlog_info(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP Received misformatted prefixlist ORF. Remove All pfxlist",
|
|
|
|
|
peer);
|
2015-04-13 10:21:35 +02:00
|
|
|
prefix_bgp_orf_remove_all(afi,
|
|
|
|
|
name);
|
2002-12-13 21:15:29 +01:00
|
|
|
break;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-04 17:31:33 +01:00
|
|
|
peer->orf_plist[afi][safi] =
|
|
|
|
|
prefix_bgp_orf_lookup(afi, name);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2005-02-09 16:51:56 +01:00
|
|
|
stream_forward_getp(s, orf_len);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2022-03-31 14:59:06 +02:00
|
|
|
zlog_debug("%pBP rcvd Refresh %s ORF request", peer,
|
2002-12-13 21:15:29 +01:00
|
|
|
when_to_refresh == REFRESH_DEFER
|
|
|
|
|
? "Defer"
|
|
|
|
|
: "Immediate");
|
|
|
|
|
if (when_to_refresh == REFRESH_DEFER)
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_PACKET_NOOP;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
2015-11-04 17:31:33 +01:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* First update is deferred until ORF or ROUTE-REFRESH is received */
|
2015-11-04 17:31:33 +01:00
|
|
|
if (CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_ORF_WAIT_REFRESH))
|
2002-12-13 21:15:29 +01:00
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_ORF_WAIT_REFRESH);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-11-04 17:31:33 +01:00
|
|
|
paf = peer_af_find(peer, afi, safi);
|
|
|
|
|
if (paf && paf->subgroup) {
|
|
|
|
|
if (peer->orf_plist[afi][safi]) {
|
|
|
|
|
updgrp = PAF_UPDGRP(paf);
|
|
|
|
|
updgrp_peer = UPDGRP_PEER(updgrp);
|
|
|
|
|
updgrp_peer->orf_plist[afi][safi] =
|
2005-02-09 16:51:56 +01:00
|
|
|
peer->orf_plist[afi][safi];
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2020-11-12 11:30:19 +01:00
|
|
|
/* Avoid supressing duplicate routes later
|
|
|
|
|
* when processing in subgroup_announce_table().
|
|
|
|
|
*/
|
2021-10-01 16:32:57 +02:00
|
|
|
force_update = true;
|
2020-11-12 11:30:19 +01:00
|
|
|
|
2005-02-09 16:51:56 +01:00
|
|
|
/* If the peer is configured for default-originate clear the
|
|
|
|
|
* SUBGRP_STATUS_DEFAULT_ORIGINATE flag so that we will
|
2015-11-04 17:31:33 +01:00
|
|
|
* re-advertise the
|
|
|
|
|
* default
|
2017-07-17 14:03:14 +02:00
|
|
|
*/
|
2005-02-09 16:51:56 +01:00
|
|
|
if (CHECK_FLAG(paf->subgroup->sflags,
|
2015-11-04 17:31:33 +01:00
|
|
|
SUBGRP_STATUS_DEFAULT_ORIGINATE))
|
2005-02-09 16:51:56 +01:00
|
|
|
UNSET_FLAG(paf->subgroup->sflags,
|
|
|
|
|
SUBGRP_STATUS_DEFAULT_ORIGINATE);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2020-10-01 22:08:06 +02:00
|
|
|
if (subtype == BGP_ROUTE_REFRESH_BORR) {
|
|
|
|
|
/* A BGP speaker that has received the Graceful Restart
|
|
|
|
|
* Capability from its neighbor MUST ignore any BoRRs for
|
|
|
|
|
* an <AFI, SAFI> from the neighbor before the speaker
|
|
|
|
|
* receives the EoR for the given <AFI, SAFI> from the
|
|
|
|
|
* neighbor.
|
|
|
|
|
*/
|
|
|
|
|
if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV)
|
|
|
|
|
&& !CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_RECEIVED)) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (BoRR) for %s/%s before EoR",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
2020-10-01 22:08:06 +02:00
|
|
|
return BGP_PACKET_NOOP;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (peer->t_refresh_stalepath) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (BoRR) for %s/%s, whereas BoRR already received",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
2020-10-01 22:08:06 +02:00
|
|
|
return BGP_PACKET_NOOP;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_BORR_RECEIVED);
|
|
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EORR_RECEIVED);
|
|
|
|
|
|
|
|
|
|
/* When a BGP speaker receives a BoRR message from
|
|
|
|
|
* a peer, it MUST mark all the routes with the given
|
|
|
|
|
* Address Family Identifier and Subsequent Address
|
|
|
|
|
* Family Identifier, <AFI, SAFI> [RFC2918], from
|
|
|
|
|
* that peer as stale.
|
|
|
|
|
*/
|
|
|
|
|
if (peer_active_nego(peer)) {
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_ENHANCED_REFRESH);
|
|
|
|
|
bgp_set_stale_route(peer, afi, safi);
|
|
|
|
|
}
|
|
|
|
|
|
2021-06-07 15:39:10 +02:00
|
|
|
if (peer_established(peer))
|
2022-05-20 20:19:08 +02:00
|
|
|
event_add_timer(bm->master,
|
|
|
|
|
bgp_refresh_stalepath_timer_expire, paf,
|
|
|
|
|
peer->bgp->stalepath_time,
|
|
|
|
|
&peer->t_refresh_stalepath);
|
2020-10-01 22:08:06 +02:00
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (BoRR) for %s/%s, triggering timer for %u seconds",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi),
|
2020-10-01 22:08:06 +02:00
|
|
|
peer->bgp->stalepath_time);
|
|
|
|
|
} else if (subtype == BGP_ROUTE_REFRESH_EORR) {
|
|
|
|
|
if (!peer->t_refresh_stalepath) {
|
|
|
|
|
zlog_err(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (EoRR) for %s/%s, whereas no BoRR received",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
2020-10-01 22:08:06 +02:00
|
|
|
return BGP_PACKET_NOOP;
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-25 16:26:52 +01:00
|
|
|
EVENT_OFF(peer->t_refresh_stalepath);
|
2020-10-01 22:08:06 +02:00
|
|
|
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi], PEER_STATUS_EORR_RECEIVED);
|
|
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_BORR_RECEIVED);
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (EoRR) for %s/%s, stopping BoRR timer",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
2020-10-01 22:08:06 +02:00
|
|
|
|
|
|
|
|
if (peer->nsf[afi][safi])
|
|
|
|
|
bgp_clear_stale_route(peer, afi, safi);
|
|
|
|
|
} else {
|
2020-11-19 21:22:43 +01:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2022-03-22 20:45:47 +01:00
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (REQUEST) for %s/%s",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
2020-11-19 21:22:43 +01:00
|
|
|
|
2020-10-01 22:08:06 +02:00
|
|
|
/* In response to a "normal route refresh request" from the
|
|
|
|
|
* peer, the speaker MUST send a BoRR message.
|
|
|
|
|
*/
|
|
|
|
|
if (CHECK_FLAG(peer->cap, PEER_CAP_ENHANCED_RR_RCV)) {
|
|
|
|
|
/* For a BGP speaker that supports the BGP Graceful
|
|
|
|
|
* Restart, it MUST NOT send a BoRR for an <AFI, SAFI>
|
|
|
|
|
* to a neighbor before it sends the EoR for the
|
|
|
|
|
* <AFI, SAFI> to the neighbor.
|
|
|
|
|
*/
|
|
|
|
|
if (!CHECK_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EOR_SEND)) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP rcvd route-refresh (REQUEST) for %s/%s before EoR",
|
|
|
|
|
peer, afi2str(afi),
|
|
|
|
|
safi2str(safi));
|
2022-09-14 05:13:41 +02:00
|
|
|
/* Can't send BoRR now, postpone after EoR */
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_REFRESH_PENDING);
|
2020-10-01 22:08:06 +02:00
|
|
|
return BGP_PACKET_NOOP;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bgp_route_refresh_send(peer, afi, safi, 0, 0, 0,
|
|
|
|
|
BGP_ROUTE_REFRESH_BORR);
|
|
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
|
|
|
|
zlog_debug(
|
2022-03-31 14:59:06 +02:00
|
|
|
"%pBP sending route-refresh (BoRR) for %s/%s",
|
|
|
|
|
peer, afi2str(afi), safi2str(safi));
|
2020-10-01 22:08:06 +02:00
|
|
|
|
|
|
|
|
/* Set flag Ready-To-Send to know when we can send EoRR
|
|
|
|
|
* message.
|
|
|
|
|
*/
|
|
|
|
|
SET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_BORR_SEND);
|
|
|
|
|
UNSET_FLAG(peer->af_sflags[afi][safi],
|
|
|
|
|
PEER_STATUS_EORR_SEND);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Perform route refreshment to the peer */
|
2021-10-01 16:32:57 +02:00
|
|
|
bgp_announce_route(peer, afi, safi, force_update);
|
2017-06-10 03:01:56 +02:00
|
|
|
|
|
|
|
|
/* No FSM action necessary */
|
|
|
|
|
return BGP_PACKET_NOOP;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2023-08-29 09:02:14 +02:00
|
|
|
static void bgp_dynamic_capability_graceful_restart(uint8_t *pnt, int action,
|
|
|
|
|
struct capability_header *hdr,
|
|
|
|
|
struct peer *peer)
|
|
|
|
|
{
|
|
|
|
|
#define GRACEFUL_RESTART_CAPABILITY_PER_AFI_SAFI_SIZE 4
|
|
|
|
|
uint16_t gr_restart_flag_time;
|
|
|
|
|
uint8_t *data = pnt + 3;
|
|
|
|
|
uint8_t *end = pnt + hdr->length;
|
2023-08-30 16:29:11 +02:00
|
|
|
size_t len = end - data;
|
2023-08-29 09:02:14 +02:00
|
|
|
|
|
|
|
|
if (action == CAPABILITY_ACTION_SET) {
|
2023-08-30 16:29:11 +02:00
|
|
|
if (len < sizeof(gr_restart_flag_time)) {
|
|
|
|
|
zlog_err("%pBP: Received invalid Graceful-Restart capability length %d",
|
|
|
|
|
peer, hdr->length);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-29 09:02:14 +02:00
|
|
|
SET_FLAG(peer->cap, PEER_CAP_RESTART_RCV);
|
|
|
|
|
ptr_get_be16(data, &gr_restart_flag_time);
|
|
|
|
|
data += sizeof(gr_restart_flag_time);
|
|
|
|
|
|
|
|
|
|
if (CHECK_FLAG(gr_restart_flag_time, GRACEFUL_RESTART_R_BIT))
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_R_BIT_RCV);
|
|
|
|
|
else
|
|
|
|
|
UNSET_FLAG(peer->cap,
|
|
|
|
|
PEER_CAP_GRACEFUL_RESTART_R_BIT_RCV);
|
|
|
|
|
|
|
|
|
|
if (CHECK_FLAG(gr_restart_flag_time, GRACEFUL_RESTART_N_BIT))
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV);
|
|
|
|
|
else
|
|
|
|
|
UNSET_FLAG(peer->cap,
|
|
|
|
|
PEER_CAP_GRACEFUL_RESTART_N_BIT_RCV);
|
|
|
|
|
|
|
|
|
|
UNSET_FLAG(gr_restart_flag_time, 0xF000);
|
|
|
|
|
peer->v_gr_restart = gr_restart_flag_time;
|
|
|
|
|
|
|
|
|
|
while (data + GRACEFUL_RESTART_CAPABILITY_PER_AFI_SAFI_SIZE <=
|
|
|
|
|
end) {
|
|
|
|
|
afi_t afi;
|
|
|
|
|
safi_t safi;
|
|
|
|
|
iana_afi_t pkt_afi;
|
|
|
|
|
iana_safi_t pkt_safi;
|
|
|
|
|
struct graceful_restart_af graf;
|
|
|
|
|
|
|
|
|
|
memcpy(&graf, data, sizeof(graf));
|
|
|
|
|
pkt_afi = ntohs(graf.afi);
|
|
|
|
|
pkt_safi = safi_int2iana(graf.safi);
|
|
|
|
|
|
|
|
|
|
/* Convert AFI, SAFI to internal values, check. */
|
|
|
|
|
if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
|
|
|
|
|
&safi)) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2023-08-30 16:30:27 +02:00
|
|
|
zlog_debug("%pBP: Addr-family %s/%s(afi/safi) not supported. Ignore the Graceful Restart capability for this AFI/SAFI",
|
|
|
|
|
peer, iana_afi2str(pkt_afi),
|
2023-08-29 09:02:14 +02:00
|
|
|
iana_safi2str(pkt_safi));
|
|
|
|
|
} else if (!peer->afc[afi][safi]) {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2023-08-30 16:30:27 +02:00
|
|
|
zlog_debug("%pBP: Addr-family %s/%s(afi/safi) not enabled. Ignore the Graceful Restart capability",
|
|
|
|
|
peer, iana_afi2str(pkt_afi),
|
2023-08-29 09:02:14 +02:00
|
|
|
iana_safi2str(pkt_safi));
|
|
|
|
|
} else {
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2023-08-30 16:30:27 +02:00
|
|
|
zlog_debug("%pBP: Address family %s is%spreserved",
|
|
|
|
|
peer,
|
2023-08-29 09:02:14 +02:00
|
|
|
get_afi_safi_str(afi, safi,
|
|
|
|
|
false),
|
|
|
|
|
CHECK_FLAG(peer->af_cap[afi]
|
|
|
|
|
[safi],
|
|
|
|
|
PEER_CAP_RESTART_AF_PRESERVE_RCV)
|
|
|
|
|
? " "
|
|
|
|
|
: " not ");
|
|
|
|
|
|
|
|
|
|
SET_FLAG(peer->af_cap[afi][safi],
|
|
|
|
|
PEER_CAP_RESTART_AF_RCV);
|
|
|
|
|
if (CHECK_FLAG(graf.flag,
|
|
|
|
|
GRACEFUL_RESTART_F_BIT))
|
|
|
|
|
SET_FLAG(peer->af_cap[afi][safi],
|
|
|
|
|
PEER_CAP_RESTART_AF_PRESERVE_RCV);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data += GRACEFUL_RESTART_CAPABILITY_PER_AFI_SAFI_SIZE;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
UNSET_FLAG(peer->cap, PEER_CAP_RESTART_RCV);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Parse BGP CAPABILITY message for peer.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
|
|
|
|
*/
|
2018-03-27 21:13:34 +02:00
|
|
|
static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
|
2002-12-13 21:15:29 +01:00
|
|
|
bgp_size_t length)
|
|
|
|
|
{
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t *end;
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
struct capability_mp_data mpc;
|
|
|
|
|
struct capability_header *hdr;
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t action;
|
2017-01-18 03:01:56 +01:00
|
|
|
iana_afi_t pkt_afi;
|
2002-12-13 21:15:29 +01:00
|
|
|
afi_t afi;
|
2017-08-01 02:06:40 +02:00
|
|
|
iana_safi_t pkt_safi;
|
|
|
|
|
safi_t safi;
|
2023-08-03 15:37:54 +02:00
|
|
|
char soft_version[BGP_MAX_SOFT_VERSION + 1] = {};
|
2023-08-29 12:31:22 +02:00
|
|
|
const char *capability;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
end = pnt + length;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
while (pnt < end) {
|
|
|
|
|
/* We need at least action, capability code and capability
|
|
|
|
|
* length. */
|
|
|
|
|
if (pnt + 3 > end) {
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_err("%pBP: Capability length error", peer);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2019-11-10 16:54:37 +01:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
action = *pnt;
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
hdr = (struct capability_header *)(pnt + 1);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Action value check. */
|
|
|
|
|
if (action != CAPABILITY_ACTION_SET
|
|
|
|
|
&& action != CAPABILITY_ACTION_UNSET) {
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_err("%pBP: Capability Action Value error %d", peer,
|
|
|
|
|
action);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2019-11-10 16:54:37 +01:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_debug("%pBP: CAPABILITY has action: %d, code: %u, length %u",
|
|
|
|
|
peer, action, hdr->code, hdr->length);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Capability length check. */
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
if ((pnt + hdr->length + 3) > end) {
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_err("%pBP: Capability length error", peer);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
|
2019-11-10 16:54:37 +01:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2023-08-03 15:37:54 +02:00
|
|
|
/* Ignore capability when override-capability is set. */
|
|
|
|
|
if (CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
|
|
|
|
|
continue;
|
|
|
|
|
|
2023-08-29 12:31:22 +02:00
|
|
|
capability = lookup_msg(capcode_str, hdr->code, "Unknown");
|
|
|
|
|
|
2023-08-03 15:37:54 +02:00
|
|
|
switch (hdr->code) {
|
|
|
|
|
case CAPABILITY_CODE_SOFT_VERSION:
|
|
|
|
|
if (action == CAPABILITY_ACTION_SET) {
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2023-08-03 15:37:54 +02:00
|
|
|
memcpy(&soft_version, pnt + 3, hdr->length);
|
|
|
|
|
soft_version[hdr->length] = '\0';
|
|
|
|
|
|
|
|
|
|
XFREE(MTYPE_BGP_SOFT_VERSION,
|
|
|
|
|
peer->soft_version);
|
|
|
|
|
peer->soft_version =
|
|
|
|
|
XSTRDUP(MTYPE_BGP_SOFT_VERSION,
|
|
|
|
|
soft_version);
|
|
|
|
|
} else {
|
|
|
|
|
UNSET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_RCV);
|
|
|
|
|
XFREE(MTYPE_BGP_SOFT_VERSION,
|
|
|
|
|
peer->soft_version);
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case CAPABILITY_CODE_MP:
|
|
|
|
|
if (hdr->length < sizeof(struct capability_mp_data)) {
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_err("%pBP: Capability (%s) structure is not properly filled out, expected at least %zu bytes but header length specified is %d",
|
|
|
|
|
peer, capability,
|
|
|
|
|
sizeof(struct capability_mp_data),
|
|
|
|
|
hdr->length);
|
2023-08-03 15:37:54 +02:00
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
|
2016-06-15 19:25:35 +02:00
|
|
|
pkt_afi = ntohs(mpc.afi);
|
|
|
|
|
pkt_safi = mpc.safi;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2016-06-15 19:25:35 +02:00
|
|
|
/* Convert AFI, SAFI to internal values. */
|
|
|
|
|
if (bgp_map_afi_safi_iana2int(pkt_afi, pkt_safi, &afi,
|
|
|
|
|
&safi)) {
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_debug("%pBP: Dynamic Capability %s afi/safi invalid (%s/%s)",
|
|
|
|
|
peer, capability,
|
|
|
|
|
iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
continue;
|
|
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Address family check. */
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_debug("%pBP: CAPABILITY has %s %s CAP for afi/safi: %s/%s",
|
|
|
|
|
peer,
|
|
|
|
|
action == CAPABILITY_ACTION_SET
|
|
|
|
|
? "Advertising"
|
|
|
|
|
: "Removing",
|
|
|
|
|
capability, iana_afi2str(pkt_afi),
|
|
|
|
|
iana_safi2str(pkt_safi));
|
2017-07-17 14:03:14 +02:00
|
|
|
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
if (action == CAPABILITY_ACTION_SET) {
|
|
|
|
|
peer->afc_recv[afi][safi] = 1;
|
|
|
|
|
if (peer->afc[afi][safi]) {
|
|
|
|
|
peer->afc_nego[afi][safi] = 1;
|
2021-10-01 16:32:57 +02:00
|
|
|
bgp_announce_route(peer, afi, safi,
|
|
|
|
|
false);
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
peer->afc_recv[afi][safi] = 0;
|
|
|
|
|
peer->afc_nego[afi][safi] = 0;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
if (peer_active_nego(peer))
|
2015-11-10 16:29:12 +01:00
|
|
|
bgp_clear_route(peer, afi, safi);
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
else
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2023-08-03 15:37:54 +02:00
|
|
|
break;
|
2023-08-29 09:02:14 +02:00
|
|
|
case CAPABILITY_CODE_RESTART:
|
|
|
|
|
if ((hdr->length - 2) % 4) {
|
|
|
|
|
zlog_err("%pBP: Received invalid Graceful-Restart capability length %d",
|
|
|
|
|
peer, hdr->length);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection,
|
|
|
|
|
BGP_NOTIFY_CEASE,
|
2023-08-29 09:02:14 +02:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bgp_dynamic_capability_graceful_restart(pnt, action,
|
|
|
|
|
hdr, peer);
|
|
|
|
|
break;
|
2023-08-03 15:58:40 +02:00
|
|
|
case CAPABILITY_CODE_REFRESH:
|
|
|
|
|
case CAPABILITY_CODE_ORF:
|
|
|
|
|
case CAPABILITY_CODE_AS4:
|
|
|
|
|
case CAPABILITY_CODE_DYNAMIC:
|
|
|
|
|
case CAPABILITY_CODE_ADDPATH:
|
|
|
|
|
case CAPABILITY_CODE_ENHANCED_RR:
|
|
|
|
|
case CAPABILITY_CODE_LLGR:
|
|
|
|
|
case CAPABILITY_CODE_FQDN:
|
|
|
|
|
case CAPABILITY_CODE_ENHE:
|
|
|
|
|
case CAPABILITY_CODE_EXT_MESSAGE:
|
2023-08-05 21:32:57 +02:00
|
|
|
break;
|
2023-08-03 15:58:40 +02:00
|
|
|
case CAPABILITY_CODE_ROLE:
|
2023-08-05 21:32:57 +02:00
|
|
|
if (hdr->length != CAPABILITY_CODE_ROLE_LEN) {
|
2023-08-29 12:31:22 +02:00
|
|
|
zlog_err("%pBP: Capability (%s) length error",
|
|
|
|
|
peer, capability);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection,
|
|
|
|
|
BGP_NOTIFY_CEASE,
|
2023-08-05 21:32:57 +02:00
|
|
|
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
|
|
|
|
|
return BGP_Stop;
|
|
|
|
|
}
|
2023-08-29 09:10:04 +02:00
|
|
|
|
2023-08-05 21:32:57 +02:00
|
|
|
uint8_t role;
|
|
|
|
|
|
2023-08-29 09:10:04 +02:00
|
|
|
if (action == CAPABILITY_ACTION_SET) {
|
|
|
|
|
SET_FLAG(peer->cap, PEER_CAP_ROLE_RCV);
|
|
|
|
|
memcpy(&role, pnt + 3, sizeof(role));
|
2023-08-05 21:32:57 +02:00
|
|
|
|
2023-08-29 09:10:04 +02:00
|
|
|
peer->remote_role = role;
|
|
|
|
|
} else {
|
|
|
|
|
UNSET_FLAG(peer->cap, PEER_CAP_ROLE_RCV);
|
2023-08-30 11:33:16 +02:00
|
|
|
peer->remote_role = ROLE_UNDEFINED;
|
2023-08-29 09:10:04 +02:00
|
|
|
}
|
2023-08-03 15:58:40 +02:00
|
|
|
break;
|
2023-08-03 15:37:54 +02:00
|
|
|
default:
|
2023-08-29 12:31:22 +02:00
|
|
|
flog_warn(EC_BGP_UNRECOGNIZED_CAPABILITY,
|
|
|
|
|
"%pBP: unrecognized capability code: %d - ignored",
|
|
|
|
|
peer, hdr->code);
|
2023-08-03 15:37:54 +02:00
|
|
|
break;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2023-08-03 15:37:54 +02:00
|
|
|
|
|
|
|
|
pnt += hdr->length + 3;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-06-10 03:01:56 +02:00
|
|
|
|
|
|
|
|
/* No FSM action necessary */
|
|
|
|
|
return BGP_PACKET_NOOP;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Parse BGP CAPABILITY message for peer.
|
2009-06-18 13:34:43 +02:00
|
|
|
*
|
2017-06-10 03:01:56 +02:00
|
|
|
* Exported for unit testing.
|
|
|
|
|
*
|
|
|
|
|
* @param peer
|
|
|
|
|
* @param size size of the packet
|
|
|
|
|
* @return as in summary
|
2009-06-18 13:34:43 +02:00
|
|
|
*/
|
2002-12-13 21:15:29 +01:00
|
|
|
int bgp_capability_receive(struct peer *peer, bgp_size_t size)
|
|
|
|
|
{
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t *pnt;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Fetch pointer. */
|
2017-05-02 02:37:45 +02:00
|
|
|
pnt = stream_pnt(peer->curr);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2015-05-20 02:58:12 +02:00
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2004-12-08 22:03:23 +01:00
|
|
|
zlog_debug("%s rcv CAPABILITY", peer->host);
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* If peer does not have the capability, send notification. */
|
|
|
|
|
if (!CHECK_FLAG(peer->cap, PEER_CAP_DYNAMIC_ADV)) {
|
2018-09-13 20:23:42 +02:00
|
|
|
flog_err(EC_BGP_NO_CAP,
|
2018-09-13 21:38:57 +02:00
|
|
|
"%s [Error] BGP dynamic capability is not enabled",
|
|
|
|
|
peer->host);
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_HEADER_ERR,
|
2002-12-13 21:15:29 +01:00
|
|
|
BGP_NOTIFY_HEADER_BAD_MESTYPE);
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Status must be Established. */
|
2021-06-07 15:39:10 +02:00
|
|
|
if (!peer_established(peer)) {
|
2021-06-03 23:13:52 +02:00
|
|
|
flog_err(EC_BGP_NO_CAP,
|
|
|
|
|
"%s [Error] Dynamic capability packet received under status %s",
|
|
|
|
|
peer->host,
|
2021-08-10 05:43:46 +02:00
|
|
|
lookup_msg(bgp_status_msg, peer->connection->status,
|
2021-06-03 23:13:52 +02:00
|
|
|
NULL));
|
2023-08-26 23:30:10 +02:00
|
|
|
bgp_notify_send(peer->connection, BGP_NOTIFY_FSM_ERR,
|
2021-08-10 05:43:46 +02:00
|
|
|
bgp_fsm_error_subcode(peer->connection->status));
|
2017-06-10 03:01:56 +02:00
|
|
|
return BGP_Stop;
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2002-12-13 21:15:29 +01:00
|
|
|
/* Parse packet. */
|
[bgpd] cleanup, compact and consolidate capability parsing code
2007-07-26 Paul Jakma <paul.jakma@sun.com>
* (general) Clean up and compact capability parsing slightly.
Consolidate validation of length and logging of generic TLV, and
memcpy of capability data, thus removing such from cap specifc
code (not always present or correct).
* bgp_open.h: Add structures for the generic capability TLV header
and for the data formats of the various specific capabilities we
support. Hence remove the badly named, or else misdefined, struct
capability.
* bgp_open.c: (bgp_capability_vty_out) Use struct capability_mp_data.
Do the length checks *before* memcpy()'ing based on that length
(stored capability - should have been validated anyway on input,
but..).
(bgp_afi_safi_valid_indices) new function to validate (afi,safi)
which is about to be used as index into arrays, consolidates
several instances of same, at least one of which appeared to be
incomplete..
(bgp_capability_mp) Much condensed.
(bgp_capability_orf_entry) New, process one ORF entry
(bgp_capability_orf) Condensed. Fixed to process all ORF entries.
(bgp_capability_restart) Condensed, and fixed to use a
cap-specific type, rather than abusing capability_mp.
(struct message capcode_str) added to aid generic logging.
(size_t cap_minsizes[]) added to aid generic validation of
capability length field.
(bgp_capability_parse) Generic logging and validation of TLV
consolidated here. Code compacted as much as possible.
* bgp_packet.c: (bgp_open_receive) Capability parsers now use
streams, so no more need here to manually fudge the input stream
getp.
(bgp_capability_msg_parse) use struct capability_mp_data. Validate
lengths /before/ memcpy. Use bgp_afi_safi_valid_indices.
(bgp_capability_receive) Exported for use by test harness.
* bgp_vty.c: (bgp_show_summary) fix conversion warning
(bgp_show_peer) ditto
* bgp_debug.h: Fix storage 'extern' after type 'const'.
* lib/log.c: (mes_lookup) warning about code not being in
same-number array slot should be debug, not warning. E.g. BGP
has several discontigious number spaces, allocating from
different parts of a space is not uncommon (e.g. IANA
assigned versus vendor-assigned code points in some number
space).
2007-08-06 17:21:45 +02:00
|
|
|
return bgp_capability_msg_parse(peer, pnt, size);
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
2014-06-04 06:53:35 +02:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/**
|
|
|
|
|
* Processes a peer's input buffer.
|
|
|
|
|
*
|
|
|
|
|
* This function sidesteps the event loop and directly calls bgp_event_update()
|
|
|
|
|
* after processing each BGP message. This is necessary to ensure proper
|
|
|
|
|
* ordering of FSM events and unifies the behavior that was present previously,
|
|
|
|
|
* whereby some of the packet handling functions would update the FSM and some
|
|
|
|
|
* would not, making event flow difficult to understand. Please think twice
|
|
|
|
|
* before hacking this.
|
|
|
|
|
*
|
2022-12-25 16:26:52 +01:00
|
|
|
* Thread type: EVENT_EVENT
|
2017-06-10 03:01:56 +02:00
|
|
|
* @param thread
|
|
|
|
|
* @return 0
|
|
|
|
|
*/
|
2022-03-01 22:18:12 +01:00
|
|
|
void bgp_process_packet(struct event *thread)
|
2002-12-13 21:15:29 +01:00
|
|
|
{
|
2017-05-02 02:37:45 +02:00
|
|
|
/* Yes first of all get peer pointer. */
|
2017-06-10 03:01:56 +02:00
|
|
|
struct peer *peer; // peer
|
2021-04-30 22:39:40 +02:00
|
|
|
struct peer_connection *connection;
|
2017-06-10 03:01:56 +02:00
|
|
|
uint32_t rpkt_quanta_old; // how many packets to read
|
|
|
|
|
int fsm_update_result; // return code of bgp_event_update()
|
|
|
|
|
int mprc; // message processing return code
|
2017-06-05 22:14:47 +02:00
|
|
|
|
2021-04-30 22:39:40 +02:00
|
|
|
connection = EVENT_ARG(thread);
|
|
|
|
|
peer = connection->peer;
|
2017-06-05 22:14:47 +02:00
|
|
|
rpkt_quanta_old = atomic_load_explicit(&peer->bgp->rpkt_quanta,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-26 17:50:35 +02:00
|
|
|
fsm_update_result = 0;
|
2017-06-05 22:14:47 +02:00
|
|
|
|
2017-05-02 02:37:45 +02:00
|
|
|
/* Guard against scheduled events that occur after peer deletion. */
|
2021-08-10 05:43:46 +02:00
|
|
|
if (connection->status == Deleted || connection->status == Clearing)
|
2022-02-23 01:04:25 +01:00
|
|
|
return;
|
2002-12-13 21:15:29 +01:00
|
|
|
|
2017-06-05 22:14:47 +02:00
|
|
|
unsigned int processed = 0;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-06-05 22:14:47 +02:00
|
|
|
while (processed < rpkt_quanta_old) {
|
2018-03-27 21:13:34 +02:00
|
|
|
uint8_t type = 0;
|
2017-06-02 03:52:39 +02:00
|
|
|
bgp_size_t size;
|
|
|
|
|
char notify_data_length[2];
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2021-04-30 22:39:40 +02:00
|
|
|
frr_with_mutex (&connection->io_mtx) {
|
|
|
|
|
peer->curr = stream_fifo_pop(connection->ibuf);
|
2017-06-02 03:52:39 +02:00
|
|
|
}
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-06-02 03:52:39 +02:00
|
|
|
if (peer->curr == NULL) // no packets to process, hmm...
|
2022-02-23 01:04:25 +01:00
|
|
|
return;
|
2017-07-17 14:03:14 +02:00
|
|
|
|
2017-06-02 03:52:39 +02:00
|
|
|
/* skip the marker and copy the packet length */
|
|
|
|
|
stream_forward_getp(peer->curr, BGP_MARKER_SIZE);
|
|
|
|
|
memcpy(notify_data_length, stream_pnt(peer->curr), 2);
|
|
|
|
|
|
|
|
|
|
/* read in the packet length and type */
|
|
|
|
|
size = stream_getw(peer->curr);
|
|
|
|
|
type = stream_getc(peer->curr);
|
|
|
|
|
|
2019-04-24 17:19:09 +02:00
|
|
|
hook_call(bgp_packet_dump, peer, type, size, peer->curr);
|
2017-06-02 03:52:39 +02:00
|
|
|
|
|
|
|
|
/* adjust size to exclude the marker + length + type */
|
|
|
|
|
size -= BGP_HEADER_SIZE;
|
|
|
|
|
|
|
|
|
|
/* Read rest of the packet and call each sort of packet routine
|
|
|
|
|
*/
|
|
|
|
|
switch (type) {
|
|
|
|
|
case BGP_MSG_OPEN:
|
2020-09-29 00:13:27 +02:00
|
|
|
frrtrace(2, frr_bgp, open_process, peer, size);
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->open_in, 1,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-10 03:01:56 +02:00
|
|
|
mprc = bgp_open_receive(peer, size);
|
|
|
|
|
if (mprc == BGP_Stop)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_PKT_OPEN,
|
2017-06-10 03:01:56 +02:00
|
|
|
"%s: BGP OPEN receipt failed for peer: %s",
|
2020-03-17 13:57:42 +01:00
|
|
|
__func__, peer->host);
|
2017-06-02 03:52:39 +02:00
|
|
|
break;
|
|
|
|
|
case BGP_MSG_UPDATE:
|
2020-09-29 00:13:27 +02:00
|
|
|
frrtrace(2, frr_bgp, update_process, peer, size);
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->update_in, 1,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-02 03:52:39 +02:00
|
|
|
peer->readtime = monotime(NULL);
|
2017-06-10 03:01:56 +02:00
|
|
|
mprc = bgp_update_receive(peer, size);
|
|
|
|
|
if (mprc == BGP_Stop)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_UPDATE_RCV,
|
2017-06-10 03:01:56 +02:00
|
|
|
"%s: BGP UPDATE receipt failed for peer: %s",
|
2020-03-17 13:57:42 +01:00
|
|
|
__func__, peer->host);
|
2017-06-02 03:52:39 +02:00
|
|
|
break;
|
|
|
|
|
case BGP_MSG_NOTIFY:
|
2020-09-29 00:13:27 +02:00
|
|
|
frrtrace(2, frr_bgp, notification_process, peer, size);
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->notify_in, 1,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-10 03:01:56 +02:00
|
|
|
mprc = bgp_notify_receive(peer, size);
|
|
|
|
|
if (mprc == BGP_Stop)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_NOTIFY_RCV,
|
2017-06-10 03:01:56 +02:00
|
|
|
"%s: BGP NOTIFY receipt failed for peer: %s",
|
2020-03-17 13:57:42 +01:00
|
|
|
__func__, peer->host);
|
2017-06-02 03:52:39 +02:00
|
|
|
break;
|
|
|
|
|
case BGP_MSG_KEEPALIVE:
|
2020-09-29 00:13:27 +02:00
|
|
|
frrtrace(2, frr_bgp, keepalive_process, peer, size);
|
2017-06-02 03:52:39 +02:00
|
|
|
peer->readtime = monotime(NULL);
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->keepalive_in, 1,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-10 03:01:56 +02:00
|
|
|
mprc = bgp_keepalive_receive(peer, size);
|
|
|
|
|
if (mprc == BGP_Stop)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_KEEP_RCV,
|
2017-06-10 03:01:56 +02:00
|
|
|
"%s: BGP KEEPALIVE receipt failed for peer: %s",
|
2020-03-17 13:57:42 +01:00
|
|
|
__func__, peer->host);
|
2017-06-02 03:52:39 +02:00
|
|
|
break;
|
|
|
|
|
case BGP_MSG_ROUTE_REFRESH_NEW:
|
|
|
|
|
case BGP_MSG_ROUTE_REFRESH_OLD:
|
2020-09-29 00:13:27 +02:00
|
|
|
frrtrace(2, frr_bgp, refresh_process, peer, size);
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->refresh_in, 1,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-10 03:01:56 +02:00
|
|
|
mprc = bgp_route_refresh_receive(peer, size);
|
|
|
|
|
if (mprc == BGP_Stop)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_RFSH_RCV,
|
2017-06-10 03:01:56 +02:00
|
|
|
"%s: BGP ROUTEREFRESH receipt failed for peer: %s",
|
2020-03-17 13:57:42 +01:00
|
|
|
__func__, peer->host);
|
2017-06-02 03:52:39 +02:00
|
|
|
break;
|
|
|
|
|
case BGP_MSG_CAPABILITY:
|
2020-09-29 00:13:27 +02:00
|
|
|
frrtrace(2, frr_bgp, capability_process, peer, size);
|
2018-01-09 21:38:17 +01:00
|
|
|
atomic_fetch_add_explicit(&peer->dynamic_cap_in, 1,
|
|
|
|
|
memory_order_relaxed);
|
2017-06-10 03:01:56 +02:00
|
|
|
mprc = bgp_capability_receive(peer, size);
|
|
|
|
|
if (mprc == BGP_Stop)
|
2018-08-03 20:03:29 +02:00
|
|
|
flog_err(
|
2018-09-13 20:23:42 +02:00
|
|
|
EC_BGP_CAP_RCV,
|
2017-06-10 03:01:56 +02:00
|
|
|
"%s: BGP CAPABILITY receipt failed for peer: %s",
|
2020-03-17 13:57:42 +01:00
|
|
|
__func__, peer->host);
|
2017-06-02 03:52:39 +02:00
|
|
|
break;
|
2017-06-26 17:50:35 +02:00
|
|
|
default:
|
2019-05-06 20:22:56 +02:00
|
|
|
/* Suppress uninitialized variable warning */
|
|
|
|
|
mprc = 0;
|
2019-05-09 18:04:07 +02:00
|
|
|
(void)mprc;
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* The message type should have been sanitized before
|
|
|
|
|
* we ever got here. Receipt of a message with an
|
|
|
|
|
* invalid header at this point is indicative of a
|
|
|
|
|
* security issue.
|
|
|
|
|
*/
|
2017-06-26 17:50:35 +02:00
|
|
|
assert (!"Message of invalid type received during input processing");
|
2017-06-02 03:52:39 +02:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/* delete processed packet */
|
|
|
|
|
stream_free(peer->curr);
|
|
|
|
|
peer->curr = NULL;
|
|
|
|
|
processed++;
|
2017-06-02 03:52:39 +02:00
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
/* Update FSM */
|
|
|
|
|
if (mprc != BGP_PACKET_NOOP)
|
|
|
|
|
fsm_update_result = bgp_event_update(peer, mprc);
|
2017-06-26 17:50:35 +02:00
|
|
|
else
|
|
|
|
|
continue;
|
2017-06-10 03:01:56 +02:00
|
|
|
|
2017-09-08 17:51:12 +02:00
|
|
|
/*
|
|
|
|
|
* If peer was deleted, do not process any more packets. This
|
|
|
|
|
* is usually due to executing BGP_Stop or a stub deletion.
|
|
|
|
|
*/
|
2017-06-10 03:01:56 +02:00
|
|
|
if (fsm_update_result == FSM_PEER_TRANSFERRED
|
|
|
|
|
|| fsm_update_result == FSM_PEER_STOPPED)
|
|
|
|
|
break;
|
2017-07-17 14:03:14 +02:00
|
|
|
}
|
|
|
|
|
|
2017-06-10 03:01:56 +02:00
|
|
|
if (fsm_update_result != FSM_PEER_TRANSFERRED
|
|
|
|
|
&& fsm_update_result != FSM_PEER_STOPPED) {
|
2021-04-30 22:39:40 +02:00
|
|
|
frr_with_mutex (&connection->io_mtx) {
|
2017-09-08 17:51:12 +02:00
|
|
|
// more work to do, come back later
|
2021-04-30 22:39:40 +02:00
|
|
|
if (connection->ibuf->count > 0)
|
2022-05-20 20:19:08 +02:00
|
|
|
event_add_event(bm->master, bgp_process_packet,
|
2021-04-30 22:39:40 +02:00
|
|
|
connection, 0,
|
2021-08-10 05:01:32 +02:00
|
|
|
&connection->t_process_packet);
|
2017-06-10 03:01:56 +02:00
|
|
|
}
|
2002-12-13 21:15:29 +01:00
|
|
|
}
|
|
|
|
|
}
|
2019-10-24 16:59:43 +02:00
|
|
|
|
|
|
|
|
/* Send EOR when routes are processed by selection deferral timer */
|
|
|
|
|
void bgp_send_delayed_eor(struct bgp *bgp)
|
|
|
|
|
{
|
|
|
|
|
struct peer *peer;
|
|
|
|
|
struct listnode *node, *nnode;
|
|
|
|
|
|
|
|
|
|
/* EOR message sent in bgp_write_proceed_actions */
|
|
|
|
|
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer))
|
|
|
|
|
bgp_write_proceed_actions(peer);
|
|
|
|
|
}
|
2021-03-09 17:13:41 +01:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Task callback to handle socket error encountered in the io pthread. We avoid
|
|
|
|
|
* having the io pthread try to enqueue fsm events or mess with the peer
|
|
|
|
|
* struct.
|
|
|
|
|
*/
|
2022-03-01 22:18:12 +01:00
|
|
|
void bgp_packet_process_error(struct event *thread)
|
2021-03-09 17:13:41 +01:00
|
|
|
{
|
2021-04-30 22:39:40 +02:00
|
|
|
struct peer_connection *connection;
|
2021-03-09 17:13:41 +01:00
|
|
|
struct peer *peer;
|
|
|
|
|
int code;
|
|
|
|
|
|
2021-04-30 22:39:40 +02:00
|
|
|
connection = EVENT_ARG(thread);
|
|
|
|
|
peer = connection->peer;
|
2022-12-25 16:26:52 +01:00
|
|
|
code = EVENT_VAL(thread);
|
2021-03-09 17:13:41 +01:00
|
|
|
|
|
|
|
|
if (bgp_debug_neighbor_events(peer))
|
2021-04-30 20:55:40 +02:00
|
|
|
zlog_debug("%s [Event] BGP error %d on fd %d", peer->host, code,
|
2021-04-30 22:39:40 +02:00
|
|
|
connection->fd);
|
2021-03-09 17:13:41 +01:00
|
|
|
|
|
|
|
|
/* Closed connection or error on the socket */
|
2021-06-07 15:39:10 +02:00
|
|
|
if (peer_established(peer)) {
|
2021-03-09 17:13:41 +01:00
|
|
|
if ((CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART)
|
|
|
|
|
|| CHECK_FLAG(peer->flags,
|
|
|
|
|
PEER_FLAG_GRACEFUL_RESTART_HELPER))
|
|
|
|
|
&& CHECK_FLAG(peer->sflags, PEER_STATUS_NSF_MODE)) {
|
|
|
|
|
peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
|
|
|
|
|
SET_FLAG(peer->sflags, PEER_STATUS_NSF_WAIT);
|
|
|
|
|
} else
|
|
|
|
|
peer->last_reset = PEER_DOWN_CLOSE_SESSION;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bgp_event_update(peer, code);
|
|
|
|
|
}
|