bgp_packet.c 77 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716
  1. /* BGP packet management routine.
  2. Copyright (C) 1999 Kunihiro Ishiguro
  3. This file is part of GNU Zebra.
  4. GNU Zebra is free software; you can redistribute it and/or modify it
  5. under the terms of the GNU General Public License as published by the
  6. Free Software Foundation; either version 2, or (at your option) any
  7. later version.
  8. GNU Zebra is distributed in the hope that it will be useful, but
  9. WITHOUT ANY WARRANTY; without even the implied warranty of
  10. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  11. General Public License for more details.
  12. You should have received a copy of the GNU General Public License
  13. along with GNU Zebra; see the file COPYING. If not, write to the Free
  14. Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
  15. 02111-1307, USA. */
  16. #include <zebra.h>
  17. #include "thread.h"
  18. #include "stream.h"
  19. #include "network.h"
  20. #include "prefix.h"
  21. #include "command.h"
  22. #include "log.h"
  23. #include "memory.h"
  24. #include "sockunion.h" /* for inet_ntop () */
  25. #include "sockopt.h"
  26. #include "linklist.h"
  27. #include "plist.h"
  28. #include "filter.h"
  29. #include "bgpd/bgpd.h"
  30. #include "bgpd/bgp_table.h"
  31. #include "bgpd/bgp_dump.h"
  32. #include "bgpd/bgp_attr.h"
  33. #include "bgpd/bgp_debug.h"
  34. #include "bgpd/bgp_fsm.h"
  35. #include "bgpd/bgp_route.h"
  36. #include "bgpd/bgp_packet.h"
  37. #include "bgpd/bgp_open.h"
  38. #include "bgpd/bgp_aspath.h"
  39. #include "bgpd/bgp_community.h"
  40. #include "bgpd/bgp_ecommunity.h"
  41. #include "bgpd/bgp_network.h"
  42. #include "bgpd/bgp_mplsvpn.h"
  43. #include "bgpd/bgp_encap.h"
  44. #include "bgpd/bgp_advertise.h"
  45. #include "bgpd/bgp_vty.h"
  46. int stream_put_prefix (struct stream *, struct prefix *);
  47. /* Set up BGP packet marker and packet type. */
  48. static int
  49. bgp_packet_set_marker (struct stream *s, u_char type)
  50. {
  51. int i;
  52. /* Fill in marker. */
  53. for (i = 0; i < BGP_MARKER_SIZE; i++)
  54. stream_putc (s, 0xff);
  55. /* Dummy total length. This field is should be filled in later on. */
  56. stream_putw (s, 0);
  57. /* BGP packet type. */
  58. stream_putc (s, type);
  59. /* Return current stream size. */
  60. return stream_get_endp (s);
  61. }
  62. /* Set BGP packet header size entry. If size is zero then use current
  63. stream size. */
  64. static int
  65. bgp_packet_set_size (struct stream *s)
  66. {
  67. int cp;
  68. /* Preserve current pointer. */
  69. cp = stream_get_endp (s);
  70. stream_putw_at (s, BGP_MARKER_SIZE, cp);
  71. return cp;
  72. }
  73. /* Add new packet to the peer. */
  74. static void
  75. bgp_packet_add (struct peer *peer, struct stream *s)
  76. {
  77. /* Add packet to the end of list. */
  78. stream_fifo_push (peer->obuf, s);
  79. }
  80. /* Free first packet. */
  81. static void
  82. bgp_packet_delete (struct peer *peer)
  83. {
  84. stream_free (stream_fifo_pop (peer->obuf));
  85. }
  86. /* Check file descriptor whether connect is established. */
  87. static void
  88. bgp_connect_check (struct peer *peer)
  89. {
  90. int status;
  91. socklen_t slen;
  92. int ret;
  93. /* Anyway I have to reset read and write thread. */
  94. BGP_READ_OFF (peer->t_read);
  95. BGP_WRITE_OFF (peer->t_write);
  96. /* Check file descriptor. */
  97. slen = sizeof (status);
  98. ret = getsockopt(peer->fd, SOL_SOCKET, SO_ERROR, (void *) &status, &slen);
  99. /* If getsockopt is fail, this is fatal error. */
  100. if (ret < 0)
  101. {
  102. zlog (peer->log, LOG_INFO, "can't get sockopt for nonblocking connect");
  103. BGP_EVENT_ADD (peer, TCP_fatal_error);
  104. return;
  105. }
  106. /* When status is 0 then TCP connection is established. */
  107. if (status == 0)
  108. {
  109. BGP_EVENT_ADD (peer, TCP_connection_open);
  110. }
  111. else
  112. {
  113. if (BGP_DEBUG (events, EVENTS))
  114. plog_debug (peer->log, "%s [Event] Connect failed (%s)",
  115. peer->host, safe_strerror (errno));
  116. BGP_EVENT_ADD (peer, TCP_connection_open_failed);
  117. }
  118. }
  119. /* Make BGP update packet. */
  120. static struct stream *
  121. bgp_update_packet (struct peer *peer, afi_t afi, safi_t safi)
  122. {
  123. struct stream *s;
  124. struct stream *snlri;
  125. struct bgp_adj_out *adj;
  126. struct bgp_advertise *adv;
  127. struct stream *packet;
  128. struct bgp_node *rn = NULL;
  129. struct bgp_info *binfo = NULL;
  130. bgp_size_t total_attr_len = 0;
  131. unsigned long attrlen_pos = 0;
  132. int space_remaining = 0;
  133. int space_needed = 0;
  134. size_t mpattrlen_pos = 0;
  135. size_t mpattr_pos = 0;
  136. s = peer->work;
  137. stream_reset (s);
  138. snlri = peer->scratch;
  139. stream_reset (snlri);
  140. adv = BGP_ADV_FIFO_HEAD (&peer->sync[afi][safi]->update);
  141. while (adv)
  142. {
  143. assert (adv->rn);
  144. rn = adv->rn;
  145. adj = adv->adj;
  146. if (adv->binfo)
  147. binfo = adv->binfo;
  148. space_remaining = STREAM_CONCAT_REMAIN (s, snlri, STREAM_SIZE(s)) -
  149. BGP_MAX_PACKET_SIZE_OVERFLOW;
  150. space_needed = BGP_NLRI_LENGTH + bgp_packet_mpattr_prefix_size (afi, safi, &rn->p);
  151. /* When remaining space can't include NLRI and it's length. */
  152. if (space_remaining < space_needed)
  153. break;
  154. /* If packet is empty, set attribute. */
  155. if (stream_empty (s))
  156. {
  157. struct prefix_rd *prd = NULL;
  158. u_char *tag = NULL;
  159. struct peer *from = NULL;
  160. if (rn->prn)
  161. prd = (struct prefix_rd *) &rn->prn->p;
  162. if (binfo)
  163. {
  164. from = binfo->peer;
  165. if (binfo->extra)
  166. tag = binfo->extra->tag;
  167. }
  168. /* 1: Write the BGP message header - 16 bytes marker, 2 bytes length,
  169. * one byte message type.
  170. */
  171. bgp_packet_set_marker (s, BGP_MSG_UPDATE);
  172. /* 2: withdrawn routes length */
  173. stream_putw (s, 0);
  174. /* 3: total attributes length - attrlen_pos stores the position */
  175. attrlen_pos = stream_get_endp (s);
  176. stream_putw (s, 0);
  177. /* 4: if there is MP_REACH_NLRI attribute, that should be the first
  178. * attribute, according to draft-ietf-idr-error-handling. Save the
  179. * position.
  180. */
  181. mpattr_pos = stream_get_endp(s);
  182. /* 5: Encode all the attributes, except MP_REACH_NLRI attr. */
  183. total_attr_len = bgp_packet_attribute (NULL, peer, s,
  184. adv->baa->attr,
  185. ((afi == AFI_IP && safi == SAFI_UNICAST) ?
  186. &rn->p : NULL),
  187. afi, safi,
  188. from, prd, tag);
  189. space_remaining = STREAM_CONCAT_REMAIN (s, snlri, STREAM_SIZE(s)) -
  190. BGP_MAX_PACKET_SIZE_OVERFLOW;
  191. space_needed = BGP_NLRI_LENGTH + bgp_packet_mpattr_prefix_size (afi, safi, &rn->p);;
  192. /* If the attributes alone do not leave any room for NLRI then
  193. * return */
  194. if (space_remaining < space_needed)
  195. {
  196. zlog_err ("%s cannot send UPDATE, the attributes do not leave "
  197. "room for NLRI", peer->host);
  198. /* Flush the FIFO update queue */
  199. while (adv)
  200. adv = bgp_advertise_clean (peer, adv->adj, afi, safi);
  201. return NULL;
  202. }
  203. }
  204. if (afi == AFI_IP && safi == SAFI_UNICAST)
  205. stream_put_prefix (s, &rn->p);
  206. else
  207. {
  208. /* Encode the prefix in MP_REACH_NLRI attribute */
  209. struct prefix_rd *prd = NULL;
  210. u_char *tag = NULL;
  211. if (rn->prn)
  212. prd = (struct prefix_rd *) &rn->prn->p;
  213. if (binfo && binfo->extra)
  214. tag = binfo->extra->tag;
  215. if (stream_empty(snlri))
  216. mpattrlen_pos = bgp_packet_mpattr_start(snlri, afi, safi,
  217. adv->baa->attr);
  218. bgp_packet_mpattr_prefix(snlri, afi, safi, &rn->p, prd, tag);
  219. }
  220. if (BGP_DEBUG (update, UPDATE_OUT))
  221. {
  222. char buf[INET6_BUFSIZ];
  223. zlog (peer->log, LOG_DEBUG, "%s send UPDATE %s/%d",
  224. peer->host,
  225. inet_ntop (rn->p.family, &(rn->p.u.prefix), buf, INET6_BUFSIZ),
  226. rn->p.prefixlen);
  227. }
  228. /* Synchnorize attribute. */
  229. if (adj->attr)
  230. bgp_attr_unintern (&adj->attr);
  231. else
  232. peer->scount[afi][safi]++;
  233. adj->attr = bgp_attr_intern (adv->baa->attr);
  234. adv = bgp_advertise_clean (peer, adj, afi, safi);
  235. }
  236. if (! stream_empty (s))
  237. {
  238. if (!stream_empty(snlri))
  239. {
  240. bgp_packet_mpattr_end(snlri, mpattrlen_pos);
  241. total_attr_len += stream_get_endp(snlri);
  242. }
  243. /* set the total attribute length correctly */
  244. stream_putw_at (s, attrlen_pos, total_attr_len);
  245. if (!stream_empty(snlri))
  246. packet = stream_dupcat(s, snlri, mpattr_pos);
  247. else
  248. packet = stream_dup (s);
  249. bgp_packet_set_size (packet);
  250. bgp_packet_add (peer, packet);
  251. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  252. stream_reset (s);
  253. stream_reset (snlri);
  254. return packet;
  255. }
  256. return NULL;
  257. }
  258. static struct stream *
  259. bgp_update_packet_eor (struct peer *peer, afi_t afi, safi_t safi)
  260. {
  261. struct stream *s;
  262. if (DISABLE_BGP_ANNOUNCE)
  263. return NULL;
  264. if (BGP_DEBUG (normal, NORMAL))
  265. zlog_debug ("send End-of-RIB for %s to %s", afi_safi_print (afi, safi), peer->host);
  266. s = stream_new (BGP_MAX_PACKET_SIZE);
  267. /* Make BGP update packet. */
  268. bgp_packet_set_marker (s, BGP_MSG_UPDATE);
  269. /* Unfeasible Routes Length */
  270. stream_putw (s, 0);
  271. if (afi == AFI_IP && safi == SAFI_UNICAST)
  272. {
  273. /* Total Path Attribute Length */
  274. stream_putw (s, 0);
  275. }
  276. else
  277. {
  278. /* Total Path Attribute Length */
  279. stream_putw (s, 6);
  280. stream_putc (s, BGP_ATTR_FLAG_OPTIONAL);
  281. stream_putc (s, BGP_ATTR_MP_UNREACH_NLRI);
  282. stream_putc (s, 3);
  283. stream_putw (s, afi);
  284. stream_putc (s, safi);
  285. }
  286. bgp_packet_set_size (s);
  287. bgp_packet_add (peer, s);
  288. return s;
  289. }
  290. /* Make BGP withdraw packet. */
  291. /* For ipv4 unicast:
  292. 16-octet marker | 2-octet length | 1-octet type |
  293. 2-octet withdrawn route length | withdrawn prefixes | 2-octet attrlen (=0)
  294. */
  295. /* For other afi/safis:
  296. 16-octet marker | 2-octet length | 1-octet type |
  297. 2-octet withdrawn route length (=0) | 2-octet attrlen |
  298. mp_unreach attr type | attr len | afi | safi | withdrawn prefixes
  299. */
  300. static struct stream *
  301. bgp_withdraw_packet (struct peer *peer, afi_t afi, safi_t safi)
  302. {
  303. struct stream *s;
  304. struct stream *packet;
  305. struct bgp_adj_out *adj;
  306. struct bgp_advertise *adv;
  307. struct bgp_node *rn;
  308. bgp_size_t unfeasible_len;
  309. bgp_size_t total_attr_len;
  310. size_t mp_start = 0;
  311. size_t attrlen_pos = 0;
  312. size_t mplen_pos = 0;
  313. u_char first_time = 1;
  314. int space_remaining = 0;
  315. int space_needed = 0;
  316. s = peer->work;
  317. stream_reset (s);
  318. while ((adv = BGP_ADV_FIFO_HEAD (&peer->sync[afi][safi]->withdraw)) != NULL)
  319. {
  320. assert (adv->rn);
  321. adj = adv->adj;
  322. rn = adv->rn;
  323. space_remaining = STREAM_REMAIN (s) -
  324. BGP_MAX_PACKET_SIZE_OVERFLOW;
  325. space_needed = (BGP_NLRI_LENGTH + BGP_TOTAL_ATTR_LEN +
  326. bgp_packet_mpattr_prefix_size (afi, safi, &rn->p));
  327. if (space_remaining < space_needed)
  328. break;
  329. if (stream_empty (s))
  330. {
  331. bgp_packet_set_marker (s, BGP_MSG_UPDATE);
  332. stream_putw (s, 0); /* unfeasible routes length */
  333. }
  334. else
  335. first_time = 0;
  336. if (afi == AFI_IP && safi == SAFI_UNICAST)
  337. stream_put_prefix (s, &rn->p);
  338. else
  339. {
  340. struct prefix_rd *prd = NULL;
  341. if (rn->prn)
  342. prd = (struct prefix_rd *) &rn->prn->p;
  343. /* If first time, format the MP_UNREACH header */
  344. if (first_time)
  345. {
  346. attrlen_pos = stream_get_endp (s);
  347. /* total attr length = 0 for now. reevaluate later */
  348. stream_putw (s, 0);
  349. mp_start = stream_get_endp (s);
  350. mplen_pos = bgp_packet_mpunreach_start(s, afi, safi);
  351. }
  352. bgp_packet_mpunreach_prefix(s, &rn->p, afi, safi, prd, NULL);
  353. }
  354. if (BGP_DEBUG (update, UPDATE_OUT))
  355. {
  356. char buf[INET6_BUFSIZ];
  357. zlog (peer->log, LOG_DEBUG, "%s send UPDATE %s/%d -- unreachable",
  358. peer->host,
  359. inet_ntop (rn->p.family, &(rn->p.u.prefix), buf, INET6_BUFSIZ),
  360. rn->p.prefixlen);
  361. }
  362. peer->scount[afi][safi]--;
  363. bgp_adj_out_remove (rn, adj, peer, afi, safi);
  364. bgp_unlock_node (rn);
  365. }
  366. if (! stream_empty (s))
  367. {
  368. if (afi == AFI_IP && safi == SAFI_UNICAST)
  369. {
  370. unfeasible_len
  371. = stream_get_endp (s) - BGP_HEADER_SIZE - BGP_UNFEASIBLE_LEN;
  372. stream_putw_at (s, BGP_HEADER_SIZE, unfeasible_len);
  373. stream_putw (s, 0);
  374. }
  375. else
  376. {
  377. /* Set the mp_unreach attr's length */
  378. bgp_packet_mpunreach_end(s, mplen_pos);
  379. /* Set total path attribute length. */
  380. total_attr_len = stream_get_endp(s) - mp_start;
  381. stream_putw_at (s, attrlen_pos, total_attr_len);
  382. }
  383. bgp_packet_set_size (s);
  384. packet = stream_dup (s);
  385. bgp_packet_add (peer, packet);
  386. stream_reset (s);
  387. return packet;
  388. }
  389. return NULL;
  390. }
  391. void
  392. bgp_default_update_send (struct peer *peer, struct attr *attr,
  393. afi_t afi, safi_t safi, struct peer *from)
  394. {
  395. struct stream *s;
  396. struct prefix p;
  397. unsigned long pos;
  398. bgp_size_t total_attr_len;
  399. if (DISABLE_BGP_ANNOUNCE)
  400. return;
  401. if (afi == AFI_IP)
  402. str2prefix ("0.0.0.0/0", &p);
  403. else
  404. str2prefix ("::/0", &p);
  405. /* Logging the attribute. */
  406. if (BGP_DEBUG (update, UPDATE_OUT))
  407. {
  408. char attrstr[BUFSIZ];
  409. char buf[INET6_BUFSIZ];
  410. attrstr[0] = '\0';
  411. bgp_dump_attr (peer, attr, attrstr, BUFSIZ);
  412. zlog (peer->log, LOG_DEBUG, "%s send UPDATE %s/%d %s",
  413. peer->host, inet_ntop(p.family, &(p.u.prefix), buf, INET6_BUFSIZ),
  414. p.prefixlen, attrstr);
  415. }
  416. s = stream_new (BGP_MAX_PACKET_SIZE);
  417. /* Make BGP update packet. */
  418. bgp_packet_set_marker (s, BGP_MSG_UPDATE);
  419. /* Unfeasible Routes Length. */
  420. stream_putw (s, 0);
  421. /* Make place for total attribute length. */
  422. pos = stream_get_endp (s);
  423. stream_putw (s, 0);
  424. total_attr_len = bgp_packet_attribute (NULL, peer, s, attr, &p, afi, safi, from, NULL, NULL);
  425. /* Set Total Path Attribute Length. */
  426. stream_putw_at (s, pos, total_attr_len);
  427. /* NLRI set. */
  428. if (p.family == AF_INET && safi == SAFI_UNICAST)
  429. stream_put_prefix (s, &p);
  430. /* Set size. */
  431. bgp_packet_set_size (s);
  432. /* Dump packet if debug option is set. */
  433. #ifdef DEBUG
  434. /* bgp_packet_dump (packet); */
  435. #endif /* DEBUG */
  436. /* Add packet to the peer. */
  437. bgp_packet_add (peer, s);
  438. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  439. }
  440. void
  441. bgp_default_withdraw_send (struct peer *peer, afi_t afi, safi_t safi)
  442. {
  443. struct stream *s;
  444. struct prefix p;
  445. unsigned long attrlen_pos = 0;
  446. unsigned long cp;
  447. bgp_size_t unfeasible_len;
  448. bgp_size_t total_attr_len;
  449. size_t mp_start = 0;
  450. size_t mplen_pos = 0;
  451. if (DISABLE_BGP_ANNOUNCE)
  452. return;
  453. if (afi == AFI_IP)
  454. str2prefix ("0.0.0.0/0", &p);
  455. else
  456. str2prefix ("::/0", &p);
  457. total_attr_len = 0;
  458. if (BGP_DEBUG (update, UPDATE_OUT))
  459. {
  460. char buf[INET6_BUFSIZ];
  461. zlog (peer->log, LOG_DEBUG, "%s send UPDATE %s/%d -- unreachable",
  462. peer->host, inet_ntop(p.family, &(p.u.prefix), buf, INET6_BUFSIZ),
  463. p.prefixlen);
  464. }
  465. s = stream_new (BGP_MAX_PACKET_SIZE);
  466. /* Make BGP update packet. */
  467. bgp_packet_set_marker (s, BGP_MSG_UPDATE);
  468. /* Unfeasible Routes Length. */;
  469. cp = stream_get_endp (s);
  470. stream_putw (s, 0);
  471. /* Withdrawn Routes. */
  472. if (p.family == AF_INET && safi == SAFI_UNICAST)
  473. {
  474. stream_put_prefix (s, &p);
  475. unfeasible_len = stream_get_endp (s) - cp - 2;
  476. /* Set unfeasible len. */
  477. stream_putw_at (s, cp, unfeasible_len);
  478. /* Set total path attribute length. */
  479. stream_putw (s, 0);
  480. }
  481. else
  482. {
  483. attrlen_pos = stream_get_endp (s);
  484. stream_putw (s, 0);
  485. mp_start = stream_get_endp (s);
  486. mplen_pos = bgp_packet_mpunreach_start(s, afi, safi);
  487. bgp_packet_mpunreach_prefix(s, &p, afi, safi, NULL, NULL);
  488. /* Set the mp_unreach attr's length */
  489. bgp_packet_mpunreach_end(s, mplen_pos);
  490. /* Set total path attribute length. */
  491. total_attr_len = stream_get_endp(s) - mp_start;
  492. stream_putw_at (s, attrlen_pos, total_attr_len);
  493. }
  494. bgp_packet_set_size (s);
  495. /* Add packet to the peer. */
  496. bgp_packet_add (peer, s);
  497. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  498. }
  499. /* Get next packet to be written. */
  500. static struct stream *
  501. bgp_write_packet (struct peer *peer)
  502. {
  503. afi_t afi;
  504. safi_t safi;
  505. struct stream *s = NULL;
  506. struct bgp_advertise *adv;
  507. s = stream_fifo_head (peer->obuf);
  508. if (s)
  509. return s;
  510. for (afi = AFI_IP; afi < AFI_MAX; afi++)
  511. for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
  512. {
  513. adv = BGP_ADV_FIFO_HEAD (&peer->sync[afi][safi]->withdraw);
  514. if (adv)
  515. {
  516. s = bgp_withdraw_packet (peer, afi, safi);
  517. if (s)
  518. return s;
  519. }
  520. }
  521. for (afi = AFI_IP; afi < AFI_MAX; afi++)
  522. for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
  523. {
  524. adv = BGP_ADV_FIFO_HEAD (&peer->sync[afi][safi]->update);
  525. if (adv)
  526. {
  527. if (adv->binfo && adv->binfo->uptime < peer->synctime)
  528. {
  529. if (CHECK_FLAG (adv->binfo->peer->cap, PEER_CAP_RESTART_RCV)
  530. && CHECK_FLAG (adv->binfo->peer->cap, PEER_CAP_RESTART_ADV)
  531. && ! (CHECK_FLAG (adv->binfo->peer->cap,
  532. PEER_CAP_RESTART_BIT_RCV) &&
  533. CHECK_FLAG (adv->binfo->peer->cap,
  534. PEER_CAP_RESTART_BIT_ADV))
  535. && ! CHECK_FLAG (adv->binfo->flags, BGP_INFO_STALE)
  536. && safi != SAFI_MPLS_VPN)
  537. {
  538. if (CHECK_FLAG (adv->binfo->peer->af_sflags[afi][safi],
  539. PEER_STATUS_EOR_RECEIVED))
  540. s = bgp_update_packet (peer, afi, safi);
  541. }
  542. else
  543. s = bgp_update_packet (peer, afi, safi);
  544. }
  545. if (s)
  546. return s;
  547. }
  548. if (CHECK_FLAG (peer->cap, PEER_CAP_RESTART_RCV))
  549. {
  550. if (peer->afc_nego[afi][safi] && peer->synctime
  551. && ! CHECK_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_EOR_SEND)
  552. && safi != SAFI_MPLS_VPN)
  553. {
  554. SET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_EOR_SEND);
  555. return bgp_update_packet_eor (peer, afi, safi);
  556. }
  557. }
  558. }
  559. return NULL;
  560. }
  561. /* Is there partially written packet or updates we can send right
  562. now. */
  563. static int
  564. bgp_write_proceed (struct peer *peer)
  565. {
  566. afi_t afi;
  567. safi_t safi;
  568. struct bgp_advertise *adv;
  569. if (stream_fifo_head (peer->obuf))
  570. return 1;
  571. for (afi = AFI_IP; afi < AFI_MAX; afi++)
  572. for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
  573. if (FIFO_HEAD (&peer->sync[afi][safi]->withdraw))
  574. return 1;
  575. for (afi = AFI_IP; afi < AFI_MAX; afi++)
  576. for (safi = SAFI_UNICAST; safi < SAFI_MAX; safi++)
  577. if ((adv = BGP_ADV_FIFO_HEAD (&peer->sync[afi][safi]->update)) != NULL)
  578. if (adv->binfo->uptime < peer->synctime)
  579. return 1;
  580. return 0;
  581. }
  582. /* Write packet to the peer. */
  583. int
  584. bgp_write (struct thread *thread)
  585. {
  586. struct peer *peer;
  587. u_char type;
  588. struct stream *s;
  589. int num;
  590. unsigned int count = 0;
  591. /* Yes first of all get peer pointer. */
  592. peer = THREAD_ARG (thread);
  593. peer->t_write = NULL;
  594. /* For non-blocking IO check. */
  595. if (peer->status == Connect)
  596. {
  597. bgp_connect_check (peer);
  598. return 0;
  599. }
  600. s = bgp_write_packet (peer);
  601. if (!s)
  602. return 0; /* nothing to send */
  603. sockopt_cork (peer->fd, 1);
  604. /* Nonblocking write until TCP output buffer is full. */
  605. do
  606. {
  607. int writenum;
  608. /* Number of bytes to be sent. */
  609. writenum = stream_get_endp (s) - stream_get_getp (s);
  610. /* Call write() system call. */
  611. num = write (peer->fd, STREAM_PNT (s), writenum);
  612. if (num < 0)
  613. {
  614. /* write failed either retry needed or error */
  615. if (ERRNO_IO_RETRY(errno))
  616. break;
  617. BGP_EVENT_ADD (peer, TCP_fatal_error);
  618. return 0;
  619. }
  620. if (num != writenum)
  621. {
  622. /* Partial write */
  623. stream_forward_getp (s, num);
  624. break;
  625. }
  626. /* Retrieve BGP packet type. */
  627. stream_set_getp (s, BGP_MARKER_SIZE + 2);
  628. type = stream_getc (s);
  629. switch (type)
  630. {
  631. case BGP_MSG_OPEN:
  632. peer->open_out++;
  633. break;
  634. case BGP_MSG_UPDATE:
  635. peer->update_out++;
  636. break;
  637. case BGP_MSG_NOTIFY:
  638. peer->notify_out++;
  639. /* Flush any existing events */
  640. BGP_EVENT_ADD (peer, BGP_Stop_with_error);
  641. goto done;
  642. case BGP_MSG_KEEPALIVE:
  643. peer->keepalive_out++;
  644. break;
  645. case BGP_MSG_ROUTE_REFRESH_NEW:
  646. case BGP_MSG_ROUTE_REFRESH_OLD:
  647. peer->refresh_out++;
  648. break;
  649. case BGP_MSG_CAPABILITY:
  650. peer->dynamic_cap_out++;
  651. break;
  652. }
  653. /* OK we send packet so delete it. */
  654. bgp_packet_delete (peer);
  655. }
  656. while (++count < BGP_WRITE_PACKET_MAX &&
  657. (s = bgp_write_packet (peer)) != NULL);
  658. if (bgp_write_proceed (peer))
  659. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  660. done:
  661. sockopt_cork (peer->fd, 0);
  662. return 0;
  663. }
  664. /* This is only for sending NOTIFICATION message to neighbor. */
  665. static int
  666. bgp_write_notify (struct peer *peer)
  667. {
  668. int ret, val;
  669. u_char type;
  670. struct stream *s;
  671. /* There should be at least one packet. */
  672. s = stream_fifo_head (peer->obuf);
  673. if (!s)
  674. return 0;
  675. assert (stream_get_endp (s) >= BGP_HEADER_SIZE);
  676. /* Stop collecting data within the socket */
  677. sockopt_cork (peer->fd, 0);
  678. /* socket is in nonblocking mode, if we can't deliver the NOTIFY, well,
  679. * we only care about getting a clean shutdown at this point. */
  680. ret = write (peer->fd, STREAM_DATA (s), stream_get_endp (s));
  681. /* only connection reset/close gets counted as TCP_fatal_error, failure
  682. * to write the entire NOTIFY doesn't get different FSM treatment */
  683. if (ret <= 0)
  684. {
  685. BGP_EVENT_ADD (peer, TCP_fatal_error);
  686. return 0;
  687. }
  688. /* Disable Nagle, make NOTIFY packet go out right away */
  689. val = 1;
  690. (void) setsockopt (peer->fd, IPPROTO_TCP, TCP_NODELAY,
  691. (char *) &val, sizeof (val));
  692. /* Retrieve BGP packet type. */
  693. stream_set_getp (s, BGP_MARKER_SIZE + 2);
  694. type = stream_getc (s);
  695. assert (type == BGP_MSG_NOTIFY);
  696. /* Type should be notify. */
  697. peer->notify_out++;
  698. BGP_EVENT_ADD (peer, BGP_Stop_with_error);
  699. return 0;
  700. }
  701. /* Make keepalive packet and send it to the peer. */
  702. void
  703. bgp_keepalive_send (struct peer *peer)
  704. {
  705. struct stream *s;
  706. int length;
  707. s = stream_new (BGP_MAX_PACKET_SIZE);
  708. /* Make keepalive packet. */
  709. bgp_packet_set_marker (s, BGP_MSG_KEEPALIVE);
  710. /* Set packet size. */
  711. length = bgp_packet_set_size (s);
  712. /* Dump packet if debug option is set. */
  713. /* bgp_packet_dump (s); */
  714. if (BGP_DEBUG (keepalive, KEEPALIVE))
  715. zlog_debug ("%s sending KEEPALIVE", peer->host);
  716. if (BGP_DEBUG (normal, NORMAL))
  717. zlog_debug ("%s send message type %d, length (incl. header) %d",
  718. peer->host, BGP_MSG_KEEPALIVE, length);
  719. /* Add packet to the peer. */
  720. bgp_packet_add (peer, s);
  721. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  722. }
  723. /* Make open packet and send it to the peer. */
  724. void
  725. bgp_open_send (struct peer *peer)
  726. {
  727. struct stream *s;
  728. int length;
  729. u_int16_t send_holdtime;
  730. as_t local_as;
  731. if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
  732. send_holdtime = peer->holdtime;
  733. else
  734. send_holdtime = peer->bgp->default_holdtime;
  735. /* local-as Change */
  736. if (peer->change_local_as)
  737. local_as = peer->change_local_as;
  738. else
  739. local_as = peer->local_as;
  740. s = stream_new (BGP_MAX_PACKET_SIZE);
  741. /* Make open packet. */
  742. bgp_packet_set_marker (s, BGP_MSG_OPEN);
  743. /* Set open packet values. */
  744. stream_putc (s, BGP_VERSION_4); /* BGP version */
  745. stream_putw (s, (local_as <= BGP_AS_MAX) ? (u_int16_t) local_as
  746. : BGP_AS_TRANS);
  747. stream_putw (s, send_holdtime); /* Hold Time */
  748. stream_put_in_addr (s, &peer->local_id); /* BGP Identifier */
  749. /* Set capability code. */
  750. bgp_open_capability (s, peer);
  751. /* Set BGP packet length. */
  752. length = bgp_packet_set_size (s);
  753. if (BGP_DEBUG (normal, NORMAL))
  754. zlog_debug ("%s sending OPEN, version %d, my as %u, holdtime %d, id %s",
  755. peer->host, BGP_VERSION_4, local_as,
  756. send_holdtime, inet_ntoa (peer->local_id));
  757. if (BGP_DEBUG (normal, NORMAL))
  758. zlog_debug ("%s send message type %d, length (incl. header) %d",
  759. peer->host, BGP_MSG_OPEN, length);
  760. /* Dump packet if debug option is set. */
  761. /* bgp_packet_dump (s); */
  762. /* Add packet to the peer. */
  763. bgp_packet_add (peer, s);
  764. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  765. }
  766. /* Send BGP notify packet with data potion. */
  767. void
  768. bgp_notify_send_with_data (struct peer *peer, u_char code, u_char sub_code,
  769. u_char *data, size_t datalen)
  770. {
  771. struct stream *s;
  772. int length;
  773. /* Allocate new stream. */
  774. s = stream_new (BGP_MAX_PACKET_SIZE);
  775. /* Make nitify packet. */
  776. bgp_packet_set_marker (s, BGP_MSG_NOTIFY);
  777. /* Set notify packet values. */
  778. stream_putc (s, code); /* BGP notify code */
  779. stream_putc (s, sub_code); /* BGP notify sub_code */
  780. /* If notify data is present. */
  781. if (data)
  782. stream_write (s, data, datalen);
  783. /* Set BGP packet length. */
  784. length = bgp_packet_set_size (s);
  785. /* Add packet to the peer. */
  786. stream_fifo_clean (peer->obuf);
  787. bgp_packet_add (peer, s);
  788. /* For debug */
  789. {
  790. struct bgp_notify bgp_notify;
  791. int first = 0;
  792. int i;
  793. char c[4];
  794. bgp_notify.code = code;
  795. bgp_notify.subcode = sub_code;
  796. bgp_notify.data = NULL;
  797. bgp_notify.length = length - BGP_MSG_NOTIFY_MIN_SIZE;
  798. if (bgp_notify.length)
  799. {
  800. bgp_notify.data = XMALLOC (MTYPE_TMP, bgp_notify.length * 3);
  801. for (i = 0; i < bgp_notify.length; i++)
  802. if (first)
  803. {
  804. sprintf (c, " %02x", data[i]);
  805. strcat (bgp_notify.data, c);
  806. }
  807. else
  808. {
  809. first = 1;
  810. sprintf (c, "%02x", data[i]);
  811. strcpy (bgp_notify.data, c);
  812. }
  813. }
  814. bgp_notify_print (peer, &bgp_notify, "sending");
  815. if (bgp_notify.data)
  816. {
  817. XFREE (MTYPE_TMP, bgp_notify.data);
  818. bgp_notify.data = NULL;
  819. bgp_notify.length = 0;
  820. }
  821. }
  822. if (BGP_DEBUG (normal, NORMAL))
  823. zlog_debug ("%s send message type %d, length (incl. header) %d",
  824. peer->host, BGP_MSG_NOTIFY, length);
  825. /* peer reset cause */
  826. if (sub_code != BGP_NOTIFY_CEASE_CONFIG_CHANGE)
  827. {
  828. if (sub_code == BGP_NOTIFY_CEASE_ADMIN_RESET)
  829. {
  830. peer->last_reset = PEER_DOWN_USER_RESET;
  831. zlog_info ("Notification sent to neighbor %s:%u: User reset",
  832. peer->host, sockunion_get_port (&peer->su));
  833. }
  834. else if (sub_code == BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN)
  835. {
  836. peer->last_reset = PEER_DOWN_USER_SHUTDOWN;
  837. zlog_info ("Notification sent to neighbor %s:%u shutdown",
  838. peer->host, sockunion_get_port (&peer->su));
  839. }
  840. else
  841. {
  842. peer->last_reset = PEER_DOWN_NOTIFY_SEND;
  843. zlog_info ("Notification sent to neighbor %s:%u: type %u/%u",
  844. peer->host, sockunion_get_port (&peer->su),
  845. code, sub_code);
  846. }
  847. }
  848. else
  849. zlog_info ("Notification sent to neighbor %s:%u: configuration change",
  850. peer->host, sockunion_get_port (&peer->su));
  851. /* Call immediately. */
  852. BGP_WRITE_OFF (peer->t_write);
  853. bgp_write_notify (peer);
  854. }
  855. /* Send BGP notify packet. */
  856. void
  857. bgp_notify_send (struct peer *peer, u_char code, u_char sub_code)
  858. {
  859. bgp_notify_send_with_data (peer, code, sub_code, NULL, 0);
  860. }
  861. /* Send route refresh message to the peer. */
  862. void
  863. bgp_route_refresh_send (struct peer *peer, afi_t afi, safi_t safi,
  864. u_char orf_type, u_char when_to_refresh, int remove)
  865. {
  866. struct stream *s;
  867. int length;
  868. struct bgp_filter *filter;
  869. int orf_refresh = 0;
  870. if (DISABLE_BGP_ANNOUNCE)
  871. return;
  872. filter = &peer->filter[afi][safi];
  873. /* Adjust safi code. */
  874. if (safi == SAFI_MPLS_VPN)
  875. safi = SAFI_MPLS_LABELED_VPN;
  876. s = stream_new (BGP_MAX_PACKET_SIZE);
  877. /* Make BGP update packet. */
  878. if (CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV))
  879. bgp_packet_set_marker (s, BGP_MSG_ROUTE_REFRESH_NEW);
  880. else
  881. bgp_packet_set_marker (s, BGP_MSG_ROUTE_REFRESH_OLD);
  882. /* Encode Route Refresh message. */
  883. stream_putw (s, afi);
  884. stream_putc (s, 0);
  885. stream_putc (s, safi);
  886. if (orf_type == ORF_TYPE_PREFIX
  887. || orf_type == ORF_TYPE_PREFIX_OLD)
  888. if (remove || filter->plist[FILTER_IN].plist)
  889. {
  890. u_int16_t orf_len;
  891. unsigned long orfp;
  892. orf_refresh = 1;
  893. stream_putc (s, when_to_refresh);
  894. stream_putc (s, orf_type);
  895. orfp = stream_get_endp (s);
  896. stream_putw (s, 0);
  897. if (remove)
  898. {
  899. UNSET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_PREFIX_SEND);
  900. stream_putc (s, ORF_COMMON_PART_REMOVE_ALL);
  901. if (BGP_DEBUG (normal, NORMAL))
  902. zlog_debug ("%s sending REFRESH_REQ to remove ORF(%d) (%s) for afi/safi: %d/%d",
  903. peer->host, orf_type,
  904. (when_to_refresh == REFRESH_DEFER ? "defer" : "immediate"),
  905. afi, safi);
  906. }
  907. else
  908. {
  909. SET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_PREFIX_SEND);
  910. prefix_bgp_orf_entry (s, filter->plist[FILTER_IN].plist,
  911. ORF_COMMON_PART_ADD, ORF_COMMON_PART_PERMIT,
  912. ORF_COMMON_PART_DENY);
  913. if (BGP_DEBUG (normal, NORMAL))
  914. zlog_debug ("%s sending REFRESH_REQ with pfxlist ORF(%d) (%s) for afi/safi: %d/%d",
  915. peer->host, orf_type,
  916. (when_to_refresh == REFRESH_DEFER ? "defer" : "immediate"),
  917. afi, safi);
  918. }
  919. /* Total ORF Entry Len. */
  920. orf_len = stream_get_endp (s) - orfp - 2;
  921. stream_putw_at (s, orfp, orf_len);
  922. }
  923. /* Set packet size. */
  924. length = bgp_packet_set_size (s);
  925. if (BGP_DEBUG (normal, NORMAL))
  926. {
  927. if (! orf_refresh)
  928. zlog_debug ("%s sending REFRESH_REQ for afi/safi: %d/%d",
  929. peer->host, afi, safi);
  930. zlog_debug ("%s send message type %d, length (incl. header) %d",
  931. peer->host, CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_NEW_RCV) ?
  932. BGP_MSG_ROUTE_REFRESH_NEW : BGP_MSG_ROUTE_REFRESH_OLD, length);
  933. }
  934. /* Add packet to the peer. */
  935. bgp_packet_add (peer, s);
  936. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  937. }
  938. /* Send capability message to the peer. */
  939. void
  940. bgp_capability_send (struct peer *peer, afi_t afi, safi_t safi,
  941. int capability_code, int action)
  942. {
  943. struct stream *s;
  944. int length;
  945. /* Adjust safi code. */
  946. if (safi == SAFI_MPLS_VPN)
  947. safi = SAFI_MPLS_LABELED_VPN;
  948. s = stream_new (BGP_MAX_PACKET_SIZE);
  949. /* Make BGP update packet. */
  950. bgp_packet_set_marker (s, BGP_MSG_CAPABILITY);
  951. /* Encode MP_EXT capability. */
  952. if (capability_code == CAPABILITY_CODE_MP)
  953. {
  954. stream_putc (s, action);
  955. stream_putc (s, CAPABILITY_CODE_MP);
  956. stream_putc (s, CAPABILITY_CODE_MP_LEN);
  957. stream_putw (s, afi);
  958. stream_putc (s, 0);
  959. stream_putc (s, safi);
  960. if (BGP_DEBUG (normal, NORMAL))
  961. zlog_debug ("%s sending CAPABILITY has %s MP_EXT CAP for afi/safi: %d/%d",
  962. peer->host, action == CAPABILITY_ACTION_SET ?
  963. "Advertising" : "Removing", afi, safi);
  964. }
  965. /* Set packet size. */
  966. length = bgp_packet_set_size (s);
  967. /* Add packet to the peer. */
  968. bgp_packet_add (peer, s);
  969. if (BGP_DEBUG (normal, NORMAL))
  970. zlog_debug ("%s send message type %d, length (incl. header) %d",
  971. peer->host, BGP_MSG_CAPABILITY, length);
  972. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  973. }
  974. /* RFC1771 6.8 Connection collision detection. */
  975. static int
  976. bgp_collision_detect (struct peer *new, struct in_addr remote_id)
  977. {
  978. struct peer *peer;
  979. struct listnode *node, *nnode;
  980. struct bgp *bgp;
  981. bgp = bgp_get_default ();
  982. if (! bgp)
  983. return 0;
  984. /* Upon receipt of an OPEN message, the local system must examine
  985. all of its connections that are in the OpenConfirm state. A BGP
  986. speaker may also examine connections in an OpenSent state if it
  987. knows the BGP Identifier of the peer by means outside of the
  988. protocol. If among these connections there is a connection to a
  989. remote BGP speaker whose BGP Identifier equals the one in the
  990. OPEN message, then the local system performs the following
  991. collision resolution procedure: */
  992. for (ALL_LIST_ELEMENTS (bgp->peer, node, nnode, peer))
  993. {
  994. if (peer == new)
  995. continue;
  996. if (!sockunion_same (&peer->su, &new->su))
  997. continue;
  998. /* Unless allowed via configuration, a connection collision with an
  999. existing BGP connection that is in the Established state causes
  1000. closing of the newly created connection. */
  1001. if (peer->status == Established)
  1002. {
  1003. /* GR may do things slightly differently to classic RFC . Punt to
  1004. * open_receive, see below
  1005. */
  1006. if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
  1007. continue;
  1008. if (new->fd >= 0)
  1009. {
  1010. if (BGP_DEBUG (events, EVENTS))
  1011. zlog_debug ("%s:%u Existing Established peer, sending NOTIFY",
  1012. new->host, sockunion_get_port (&new->su));
  1013. bgp_notify_send (new, BGP_NOTIFY_CEASE,
  1014. BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
  1015. }
  1016. return -1;
  1017. }
  1018. /* Note: Quagga historically orders explicitly only on the processing
  1019. * of the Opens, treating 'new' as the passive, inbound and connection
  1020. * and 'peer' as the active outbound connection.
  1021. */
  1022. /* The local_id is always set, so we can match the given remote-ID
  1023. * from the OPEN against both OpenConfirm and OpenSent peers.
  1024. */
  1025. if (peer->status == OpenConfirm || peer->status == OpenSent)
  1026. {
  1027. struct peer *out = peer;
  1028. struct peer *in = new;
  1029. int ret_close_out = 1, ret_close_in = -1;
  1030. if (!CHECK_FLAG (new->sflags, PEER_STATUS_ACCEPT_PEER))
  1031. {
  1032. out = new;
  1033. ret_close_out = -1;
  1034. in = peer;
  1035. ret_close_in = 1;
  1036. }
  1037. /* 1. The BGP Identifier of the local system is compared to
  1038. the BGP Identifier of the remote system (as specified in
  1039. the OPEN message). */
  1040. if (ntohl (peer->local_id.s_addr) < ntohl (remote_id.s_addr))
  1041. {
  1042. /* 2. If the value of the local BGP Identifier is less
  1043. than the remote one, the local system closes BGP
  1044. connection that already exists (the one that is
  1045. already in the OpenConfirm state), and accepts BGP
  1046. connection initiated by the remote system. */
  1047. if (out->fd >= 0)
  1048. {
  1049. if (BGP_DEBUG (events, EVENTS))
  1050. zlog_debug ("%s Collision resolution, remote ID higher,"
  1051. " closing outbound", peer->host);
  1052. bgp_notify_send (out, BGP_NOTIFY_CEASE,
  1053. BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
  1054. }
  1055. return ret_close_out;
  1056. }
  1057. else
  1058. {
  1059. /* 3. Otherwise, the local system closes newly created
  1060. BGP connection (the one associated with the newly
  1061. received OPEN message), and continues to use the
  1062. existing one (the one that is already in the
  1063. OpenConfirm state). */
  1064. if (in->fd >= 0)
  1065. {
  1066. if (BGP_DEBUG (events, EVENTS))
  1067. zlog_debug ("%s Collision resolution, local ID higher,"
  1068. " closing inbound", peer->host);
  1069. bgp_notify_send (in, BGP_NOTIFY_CEASE,
  1070. BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
  1071. }
  1072. return ret_close_in;
  1073. }
  1074. }
  1075. }
  1076. return 0;
  1077. }
  1078. static int
  1079. bgp_open_receive (struct peer *peer, bgp_size_t size)
  1080. {
  1081. int ret;
  1082. u_char version;
  1083. u_char optlen;
  1084. u_int16_t holdtime;
  1085. u_int16_t send_holdtime;
  1086. as_t remote_as;
  1087. as_t as4 = 0;
  1088. struct peer *realpeer;
  1089. struct in_addr remote_id;
  1090. int mp_capability;
  1091. u_int8_t notify_data_remote_as[2];
  1092. u_int8_t notify_data_remote_id[4];
  1093. realpeer = NULL;
  1094. /* Parse open packet. */
  1095. version = stream_getc (peer->ibuf);
  1096. memcpy (notify_data_remote_as, stream_pnt (peer->ibuf), 2);
  1097. remote_as = stream_getw (peer->ibuf);
  1098. holdtime = stream_getw (peer->ibuf);
  1099. memcpy (notify_data_remote_id, stream_pnt (peer->ibuf), 4);
  1100. remote_id.s_addr = stream_get_ipv4 (peer->ibuf);
  1101. /* Receive OPEN message log */
  1102. if (BGP_DEBUG (normal, NORMAL))
  1103. zlog_debug ("%s rcv OPEN, version %d, remote-as (in open) %u,"
  1104. " holdtime %d, id %s, %sbound connection",
  1105. peer->host, version, remote_as, holdtime,
  1106. inet_ntoa (remote_id),
  1107. CHECK_FLAG(peer->sflags, PEER_STATUS_ACCEPT_PEER)
  1108. ? "in" : "out");
  1109. /* BEGIN to read the capability here, but dont do it yet */
  1110. mp_capability = 0;
  1111. optlen = stream_getc (peer->ibuf);
  1112. if (optlen != 0)
  1113. {
  1114. /* We need the as4 capability value *right now* because
  1115. * if it is there, we have not got the remote_as yet, and without
  1116. * that we do not know which peer is connecting to us now.
  1117. */
  1118. as4 = peek_for_as4_capability (peer, optlen);
  1119. }
  1120. /* Just in case we have a silly peer who sends AS4 capability set to 0 */
  1121. if (CHECK_FLAG (peer->cap, PEER_CAP_AS4_RCV) && !as4)
  1122. {
  1123. zlog_err ("%s bad OPEN, got AS4 capability, but AS4 set to 0",
  1124. peer->host);
  1125. bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
  1126. BGP_NOTIFY_OPEN_BAD_PEER_AS);
  1127. return -1;
  1128. }
  1129. if (remote_as == BGP_AS_TRANS)
  1130. {
  1131. /* Take the AS4 from the capability. We must have received the
  1132. * capability now! Otherwise we have a asn16 peer who uses
  1133. * BGP_AS_TRANS, for some unknown reason.
  1134. */
  1135. if (as4 == BGP_AS_TRANS)
  1136. {
  1137. zlog_err ("%s [AS4] NEW speaker using AS_TRANS for AS4, not allowed",
  1138. peer->host);
  1139. bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
  1140. BGP_NOTIFY_OPEN_BAD_PEER_AS);
  1141. return -1;
  1142. }
  1143. if (!as4 && BGP_DEBUG (as4, AS4))
  1144. zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but no AS4."
  1145. " Odd, but proceeding.", peer->host);
  1146. else if (as4 < BGP_AS_MAX && BGP_DEBUG (as4, AS4))
  1147. zlog_debug ("%s [AS4] OPEN remote_as is AS_TRANS, but AS4 (%u) fits "
  1148. "in 2-bytes, very odd peer.", peer->host, as4);
  1149. if (as4)
  1150. remote_as = as4;
  1151. }
  1152. else
  1153. {
  1154. /* We may have a partner with AS4 who has an asno < BGP_AS_MAX */
  1155. /* If we have got the capability, peer->as4cap must match remote_as */
  1156. if (CHECK_FLAG (peer->cap, PEER_CAP_AS4_RCV)
  1157. && as4 != remote_as)
  1158. {
  1159. /* raise error, log this, close session */
  1160. zlog_err ("%s bad OPEN, got AS4 capability, but remote_as %u"
  1161. " mismatch with 16bit 'myasn' %u in open",
  1162. peer->host, as4, remote_as);
  1163. bgp_notify_send (peer, BGP_NOTIFY_OPEN_ERR,
  1164. BGP_NOTIFY_OPEN_BAD_PEER_AS);
  1165. return -1;
  1166. }
  1167. }
  1168. /* Lookup peer from Open packet. */
  1169. if (CHECK_FLAG (peer->sflags, PEER_STATUS_ACCEPT_PEER))
  1170. {
  1171. int as = 0;
  1172. realpeer = peer_lookup_with_open (&peer->su, remote_as, &remote_id, &as);
  1173. if (! realpeer)
  1174. {
  1175. /* Peer's source IP address is check in bgp_accept(), so this
  1176. must be AS number mismatch or remote-id configuration
  1177. mismatch. */
  1178. if (as)
  1179. {
  1180. if (BGP_DEBUG (normal, NORMAL))
  1181. zlog_debug ("%s bad OPEN, wrong router identifier %s",
  1182. peer->host, inet_ntoa (remote_id));
  1183. bgp_notify_send_with_data (peer, BGP_NOTIFY_OPEN_ERR,
  1184. BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
  1185. notify_data_remote_id, 4);
  1186. }
  1187. else
  1188. {
  1189. if (BGP_DEBUG (normal, NORMAL))
  1190. zlog_debug ("%s bad OPEN, remote AS is %u, expected %u",
  1191. peer->host, remote_as, peer->as);
  1192. bgp_notify_send_with_data (peer, BGP_NOTIFY_OPEN_ERR,
  1193. BGP_NOTIFY_OPEN_BAD_PEER_AS,
  1194. notify_data_remote_as, 2);
  1195. }
  1196. return -1;
  1197. }
  1198. }
  1199. /* When collision is detected and this peer is closed. Retrun
  1200. immidiately. */
  1201. ret = bgp_collision_detect (peer, remote_id);
  1202. if (ret < 0)
  1203. return ret;
  1204. /* Bit hacky */
  1205. if (CHECK_FLAG (peer->sflags, PEER_STATUS_ACCEPT_PEER))
  1206. {
  1207. /* Connection FSM state is intertwined with our peer configuration
  1208. * (the RFC encourages this a bit). At _this_ point we have a
  1209. * 'realpeer' which represents the configuration and any earlier FSM
  1210. * (outbound, unless the remote side has opened two connections to
  1211. * us), and a 'peer' which here represents an inbound connection that
  1212. * has not yet been reconciled with a 'realpeer'.
  1213. *
  1214. * As 'peer' has just sent an OPEN that reconciliation must now
  1215. * happen, as only the 'realpeer' can ever proceed to Established.
  1216. *
  1217. * bgp_collision_detect should have resolved any collisions with
  1218. * realpeers that are in states OpenSent, OpenConfirm or Established,
  1219. * and may have sent a notify on the 'realpeer' connection.
  1220. * bgp_accept will have rejected any connections where the 'realpeer'
  1221. * is in Idle or >Established (though, that status may have changed
  1222. * since).
  1223. *
  1224. * Need to finish off any reconciliation here, and ensure that
  1225. * 'realpeer' is left holding any needed state from the appropriate
  1226. * connection (fd, buffers, etc.), and any state from the other
  1227. * connection is cleaned up.
  1228. */
  1229. /* Is realpeer in some globally-down state, that precludes any and all
  1230. * connections (Idle, Clearing, Deleted, etc.)?
  1231. */
  1232. if (realpeer->status == Idle || realpeer->status > Established)
  1233. {
  1234. if (BGP_DEBUG (events, EVENTS))
  1235. zlog_debug ("%s peer status is %s, closing the new connection",
  1236. realpeer->host,
  1237. LOOKUP (bgp_status_msg, realpeer->status));
  1238. return -1;
  1239. }
  1240. /* GR does things differently, and prefers any new connection attempts
  1241. * over an Established one (why not just rely on KEEPALIVE and avoid
  1242. * having to special case this?) */
  1243. if (realpeer->status == Established
  1244. && CHECK_FLAG (realpeer->sflags, PEER_STATUS_NSF_MODE))
  1245. {
  1246. realpeer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
  1247. SET_FLAG (realpeer->sflags, PEER_STATUS_NSF_WAIT);
  1248. }
  1249. else if (ret == 0)
  1250. {
  1251. /* If we're here, RFC collision-detect did not reconcile the
  1252. * connections, and the 'realpeer' is still available. So
  1253. * 'realpeer' must be 'Active' or 'Connect'.
  1254. *
  1255. * According to the RFC we should just let this connection (of the
  1256. * accepted 'peer') continue on to Established if the other
  1257. * onnection (the 'realpeer') is in a more larval state, and
  1258. * reconcile them when OPEN is sent on the 'realpeer'.
  1259. *
  1260. * However, the accepted 'peer' must be reconciled with 'peer' at
  1261. * this point, due to the implementation, if 'peer' is to be able
  1262. * to proceed. So it should be allowed to go to Established, as
  1263. * long as the 'realpeer' was in Active or Connect state - which
  1264. * /should/ be the case if we're here.
  1265. *
  1266. * So we should only need to sanity check that that is the case
  1267. * here, and allow the code to get on with transferring the 'peer'
  1268. * connection state over.
  1269. */
  1270. if (realpeer->status != Active && realpeer->status != Connect)
  1271. {
  1272. if (BGP_DEBUG (events, EVENTS))
  1273. zlog_warn ("%s real peer status should be Active or Connect,"
  1274. " but is %s",
  1275. realpeer->host,
  1276. LOOKUP (bgp_status_msg, realpeer->status));
  1277. bgp_notify_send (realpeer, BGP_NOTIFY_CEASE,
  1278. BGP_NOTIFY_CEASE_COLLISION_RESOLUTION);
  1279. }
  1280. }
  1281. if (BGP_DEBUG (events, EVENTS))
  1282. zlog_debug ("%s:%u [Event] Transfer accept BGP peer to real (state %s)",
  1283. peer->host, sockunion_get_port (&peer->su),
  1284. LOOKUP (bgp_status_msg, realpeer->status));
  1285. bgp_stop (realpeer);
  1286. /* Transfer file descriptor. */
  1287. realpeer->fd = peer->fd;
  1288. peer->fd = -1;
  1289. /* Transfer input buffer. */
  1290. stream_free (realpeer->ibuf);
  1291. realpeer->ibuf = peer->ibuf;
  1292. realpeer->packet_size = peer->packet_size;
  1293. peer->ibuf = NULL;
  1294. /* Transfer output buffer, there may be an OPEN queued to send */
  1295. stream_fifo_free (realpeer->obuf);
  1296. realpeer->obuf = peer->obuf;
  1297. peer->obuf = NULL;
  1298. bool open_deferred
  1299. = CHECK_FLAG (peer->sflags, PEER_STATUS_OPEN_DEFERRED);
  1300. /* Transfer status. */
  1301. realpeer->status = peer->status;
  1302. bgp_stop (peer);
  1303. /* peer pointer change */
  1304. peer = realpeer;
  1305. if (peer->fd < 0)
  1306. {
  1307. zlog_err ("bgp_open_receive peer's fd is negative value %d",
  1308. peer->fd);
  1309. return -1;
  1310. }
  1311. BGP_READ_ON (peer->t_read, bgp_read, peer->fd);
  1312. if (stream_fifo_head (peer->obuf))
  1313. BGP_WRITE_ON (peer->t_write, bgp_write, peer->fd);
  1314. /* hack: we may defer OPEN on accept peers, when there seems to be a
  1315. * realpeer in progress, when an accept peer connection is opened. This
  1316. * is to avoid interoperability issues, with test/conformance tools
  1317. * particularly. See bgp_fsm.c::bgp_connect_success
  1318. *
  1319. * If OPEN was deferred there, then we must send it now.
  1320. */
  1321. if (open_deferred)
  1322. bgp_open_send (peer);
  1323. }
  1324. /* remote router-id check. */
  1325. if (remote_id.s_addr == 0
  1326. || IPV4_CLASS_DE (ntohl (remote_id.s_addr))
  1327. || ntohl (peer->local_id.s_addr) == ntohl (remote_id.s_addr))
  1328. {
  1329. if (BGP_DEBUG (normal, NORMAL))
  1330. zlog_debug ("%s bad OPEN, wrong router identifier %s",
  1331. peer->host, inet_ntoa (remote_id));
  1332. bgp_notify_send_with_data (peer,
  1333. BGP_NOTIFY_OPEN_ERR,
  1334. BGP_NOTIFY_OPEN_BAD_BGP_IDENT,
  1335. notify_data_remote_id, 4);
  1336. return -1;
  1337. }
  1338. /* Set remote router-id */
  1339. peer->remote_id = remote_id;
  1340. /* Peer BGP version check. */
  1341. if (version != BGP_VERSION_4)
  1342. {
  1343. u_int16_t maxver = htons(BGP_VERSION_4);
  1344. /* XXX this reply may not be correct if version < 4 XXX */
  1345. if (BGP_DEBUG (normal, NORMAL))
  1346. zlog_debug ("%s bad protocol version, remote requested %d, local request %d",
  1347. peer->host, version, BGP_VERSION_4);
  1348. /* Data must be in network byte order here */
  1349. bgp_notify_send_with_data (peer,
  1350. BGP_NOTIFY_OPEN_ERR,
  1351. BGP_NOTIFY_OPEN_UNSUP_VERSION,
  1352. (u_int8_t *) &maxver, 2);
  1353. return -1;
  1354. }
  1355. /* Check neighbor as number. */
  1356. if (remote_as != peer->as)
  1357. {
  1358. if (BGP_DEBUG (normal, NORMAL))
  1359. zlog_debug ("%s bad OPEN, remote AS is %u, expected %u",
  1360. peer->host, remote_as, peer->as);
  1361. bgp_notify_send_with_data (peer,
  1362. BGP_NOTIFY_OPEN_ERR,
  1363. BGP_NOTIFY_OPEN_BAD_PEER_AS,
  1364. notify_data_remote_as, 2);
  1365. return -1;
  1366. }
  1367. /* From the rfc: Upon receipt of an OPEN message, a BGP speaker MUST
  1368. calculate the value of the Hold Timer by using the smaller of its
  1369. configured Hold Time and the Hold Time received in the OPEN message.
  1370. The Hold Time MUST be either zero or at least three seconds. An
  1371. implementation may reject connections on the basis of the Hold Time. */
  1372. if (holdtime < 3 && holdtime != 0)
  1373. {
  1374. uint16_t netholdtime = htons (holdtime);
  1375. bgp_notify_send_with_data (peer,
  1376. BGP_NOTIFY_OPEN_ERR,
  1377. BGP_NOTIFY_OPEN_UNACEP_HOLDTIME,
  1378. (u_int8_t *) &netholdtime, 2);
  1379. return -1;
  1380. }
  1381. /* From the rfc: A reasonable maximum time between KEEPALIVE messages
  1382. would be one third of the Hold Time interval. KEEPALIVE messages
  1383. MUST NOT be sent more frequently than one per second. An
  1384. implementation MAY adjust the rate at which it sends KEEPALIVE
  1385. messages as a function of the Hold Time interval. */
  1386. if (CHECK_FLAG (peer->config, PEER_CONFIG_TIMER))
  1387. send_holdtime = peer->holdtime;
  1388. else
  1389. send_holdtime = peer->bgp->default_holdtime;
  1390. if (holdtime < send_holdtime)
  1391. peer->v_holdtime = holdtime;
  1392. else
  1393. peer->v_holdtime = send_holdtime;
  1394. peer->v_keepalive = peer->v_holdtime / 3;
  1395. /* Open option part parse. */
  1396. if (optlen != 0)
  1397. {
  1398. if ((ret = bgp_open_option_parse (peer, optlen, &mp_capability)) < 0)
  1399. {
  1400. bgp_notify_send (peer,
  1401. BGP_NOTIFY_OPEN_ERR,
  1402. BGP_NOTIFY_OPEN_UNSPECIFIC);
  1403. return ret;
  1404. }
  1405. }
  1406. else
  1407. {
  1408. if (BGP_DEBUG (normal, NORMAL))
  1409. zlog_debug ("%s rcvd OPEN w/ OPTION parameter len: 0",
  1410. peer->host);
  1411. }
  1412. /*
  1413. * Assume that the peer supports the locally configured set of
  1414. * AFI/SAFIs if the peer did not send us any Mulitiprotocol
  1415. * capabilities, or if 'override-capability' is configured.
  1416. */
  1417. if (! mp_capability ||
  1418. CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
  1419. {
  1420. peer->afc_nego[AFI_IP][SAFI_UNICAST] = peer->afc[AFI_IP][SAFI_UNICAST];
  1421. peer->afc_nego[AFI_IP][SAFI_MULTICAST] = peer->afc[AFI_IP][SAFI_MULTICAST];
  1422. peer->afc_nego[AFI_IP6][SAFI_UNICAST] = peer->afc[AFI_IP6][SAFI_UNICAST];
  1423. peer->afc_nego[AFI_IP6][SAFI_MULTICAST] = peer->afc[AFI_IP6][SAFI_MULTICAST];
  1424. }
  1425. /* Get sockname. */
  1426. bgp_getsockname (peer);
  1427. peer->rtt = sockopt_tcp_rtt (peer->fd);
  1428. BGP_EVENT_ADD (peer, Receive_OPEN_message);
  1429. peer->packet_size = 0;
  1430. if (peer->ibuf)
  1431. stream_reset (peer->ibuf);
  1432. return 0;
  1433. }
  1434. /* Frontend for NLRI parsing, to fan-out to AFI/SAFI specific parsers */
  1435. int
  1436. bgp_nlri_parse (struct peer *peer, struct attr *attr, struct bgp_nlri *packet)
  1437. {
  1438. switch (packet->safi)
  1439. {
  1440. case SAFI_UNICAST:
  1441. case SAFI_MULTICAST:
  1442. return bgp_nlri_parse_ip (peer, attr, packet);
  1443. case SAFI_MPLS_VPN:
  1444. case SAFI_MPLS_LABELED_VPN:
  1445. return bgp_nlri_parse_vpn (peer, attr, packet);
  1446. case SAFI_ENCAP:
  1447. return bgp_nlri_parse_encap (peer, attr, packet);
  1448. }
  1449. return -1;
  1450. }
  1451. /* Parse BGP Update packet and make attribute object. */
  1452. static int
  1453. bgp_update_receive (struct peer *peer, bgp_size_t size)
  1454. {
  1455. int ret, nlri_ret;
  1456. u_char *end;
  1457. struct stream *s;
  1458. struct attr attr;
  1459. struct attr_extra extra;
  1460. bgp_size_t attribute_len;
  1461. bgp_size_t update_len;
  1462. bgp_size_t withdraw_len;
  1463. int i;
  1464. enum NLRI_TYPES {
  1465. NLRI_UPDATE,
  1466. NLRI_WITHDRAW,
  1467. NLRI_MP_UPDATE,
  1468. NLRI_MP_WITHDRAW,
  1469. NLRI_TYPE_MAX,
  1470. };
  1471. struct bgp_nlri nlris[NLRI_TYPE_MAX];
  1472. /* Status must be Established. */
  1473. if (peer->status != Established)
  1474. {
  1475. zlog_err ("%s [FSM] Update packet received under status %s",
  1476. peer->host, LOOKUP (bgp_status_msg, peer->status));
  1477. bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
  1478. return -1;
  1479. }
  1480. /* Set initial values. */
  1481. memset (&attr, 0, sizeof (struct attr));
  1482. memset (&extra, 0, sizeof (struct attr_extra));
  1483. memset (&nlris, 0, sizeof nlris);
  1484. attr.extra = &extra;
  1485. s = peer->ibuf;
  1486. end = stream_pnt (s) + size;
  1487. /* RFC1771 6.3 If the Unfeasible Routes Length or Total Attribute
  1488. Length is too large (i.e., if Unfeasible Routes Length + Total
  1489. Attribute Length + 23 exceeds the message Length), then the Error
  1490. Subcode is set to Malformed Attribute List. */
  1491. if (stream_pnt (s) + 2 > end)
  1492. {
  1493. zlog_err ("%s [Error] Update packet error"
  1494. " (packet length is short for unfeasible length)",
  1495. peer->host);
  1496. bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
  1497. BGP_NOTIFY_UPDATE_MAL_ATTR);
  1498. return -1;
  1499. }
  1500. /* Unfeasible Route Length. */
  1501. withdraw_len = stream_getw (s);
  1502. /* Unfeasible Route Length check. */
  1503. if (stream_pnt (s) + withdraw_len > end)
  1504. {
  1505. zlog_err ("%s [Error] Update packet error"
  1506. " (packet unfeasible length overflow %d)",
  1507. peer->host, withdraw_len);
  1508. bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
  1509. BGP_NOTIFY_UPDATE_MAL_ATTR);
  1510. return -1;
  1511. }
  1512. /* Unfeasible Route packet format check. */
  1513. if (withdraw_len > 0)
  1514. {
  1515. nlris[NLRI_WITHDRAW].afi = AFI_IP;
  1516. nlris[NLRI_WITHDRAW].safi = SAFI_UNICAST;
  1517. nlris[NLRI_WITHDRAW].nlri = stream_pnt (s);
  1518. nlris[NLRI_WITHDRAW].length = withdraw_len;
  1519. if (BGP_DEBUG (packet, PACKET_RECV))
  1520. zlog_debug ("%s [Update:RECV] Unfeasible NLRI received", peer->host);
  1521. stream_forward_getp (s, withdraw_len);
  1522. }
  1523. /* Attribute total length check. */
  1524. if (stream_pnt (s) + 2 > end)
  1525. {
  1526. zlog_warn ("%s [Error] Packet Error"
  1527. " (update packet is short for attribute length)",
  1528. peer->host);
  1529. bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
  1530. BGP_NOTIFY_UPDATE_MAL_ATTR);
  1531. return -1;
  1532. }
  1533. /* Fetch attribute total length. */
  1534. attribute_len = stream_getw (s);
  1535. /* Attribute length check. */
  1536. if (stream_pnt (s) + attribute_len > end)
  1537. {
  1538. zlog_warn ("%s [Error] Packet Error"
  1539. " (update packet attribute length overflow %d)",
  1540. peer->host, attribute_len);
  1541. bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
  1542. BGP_NOTIFY_UPDATE_MAL_ATTR);
  1543. return -1;
  1544. }
  1545. /* Certain attribute parsing errors should not be considered bad enough
  1546. * to reset the session for, most particularly any partial/optional
  1547. * attributes that have 'tunneled' over speakers that don't understand
  1548. * them. Instead we withdraw only the prefix concerned.
  1549. *
  1550. * Complicates the flow a little though..
  1551. */
  1552. bgp_attr_parse_ret_t attr_parse_ret = BGP_ATTR_PARSE_PROCEED;
  1553. /* This define morphs the update case into a withdraw when lower levels
  1554. * have signalled an error condition where this is best.
  1555. */
  1556. #define NLRI_ATTR_ARG (attr_parse_ret != BGP_ATTR_PARSE_WITHDRAW ? &attr : NULL)
  1557. /* Parse attribute when it exists. */
  1558. if (attribute_len)
  1559. {
  1560. attr_parse_ret = bgp_attr_parse (peer, &attr, attribute_len,
  1561. &nlris[NLRI_MP_UPDATE], &nlris[NLRI_MP_WITHDRAW]);
  1562. if (attr_parse_ret == BGP_ATTR_PARSE_ERROR)
  1563. {
  1564. bgp_attr_unintern_sub (&attr);
  1565. bgp_attr_flush (&attr);
  1566. return -1;
  1567. }
  1568. }
  1569. /* Logging the attribute. */
  1570. if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW
  1571. || BGP_DEBUG (update, UPDATE_IN))
  1572. {
  1573. char attrstr[BUFSIZ];
  1574. attrstr[0] = '\0';
  1575. ret= bgp_dump_attr (peer, &attr, attrstr, BUFSIZ);
  1576. int lvl = (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
  1577. ? LOG_ERR : LOG_DEBUG;
  1578. if (attr_parse_ret == BGP_ATTR_PARSE_WITHDRAW)
  1579. zlog (peer->log, LOG_ERR,
  1580. "%s rcvd UPDATE with errors in attr(s)!! Withdrawing route.",
  1581. peer->host);
  1582. if (ret)
  1583. zlog (peer->log, lvl, "%s rcvd UPDATE w/ attr: %s",
  1584. peer->host, attrstr);
  1585. }
  1586. /* Network Layer Reachability Information. */
  1587. update_len = end - stream_pnt (s);
  1588. if (update_len)
  1589. {
  1590. /* Set NLRI portion to structure. */
  1591. nlris[NLRI_UPDATE].afi = AFI_IP;
  1592. nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
  1593. nlris[NLRI_UPDATE].nlri = stream_pnt (s);
  1594. nlris[NLRI_UPDATE].length = update_len;
  1595. stream_forward_getp (s, update_len);
  1596. }
  1597. /* Parse any given NLRIs */
  1598. for (i = NLRI_UPDATE; i < NLRI_TYPE_MAX; i++)
  1599. {
  1600. if (!nlris[i].nlri) continue;
  1601. /* We use afi and safi as indices into tables and what not. It would
  1602. * be impossible, at this time, to support unknown afi/safis. And
  1603. * anyway, the peer needs to be configured to enable the afi/safi
  1604. * explicitly which requires UI support.
  1605. *
  1606. * Ignore unknown afi/safi NLRIs.
  1607. *
  1608. * Note: this means nlri[x].afi/safi still can not be trusted for
  1609. * indexing later in this function!
  1610. *
  1611. * Note2: This will also remap the wire code-point for VPN safi to the
  1612. * internal safi_t point, as needs be.
  1613. */
  1614. if (!bgp_afi_safi_valid_indices (nlris[i].afi, &nlris[i].safi))
  1615. {
  1616. plog_info (peer->log,
  1617. "%s [Info] UPDATE with unsupported AFI/SAFI %u/%u",
  1618. peer->host, nlris[i].afi, nlris[i].safi);
  1619. continue;
  1620. }
  1621. /* NLRI is processed only when the peer is configured specific
  1622. Address Family and Subsequent Address Family. */
  1623. if (!peer->afc[nlris[i].afi][nlris[i].safi])
  1624. {
  1625. plog_info (peer->log,
  1626. "%s [Info] UPDATE for non-enabled AFI/SAFI %u/%u",
  1627. peer->host, nlris[i].afi, nlris[i].safi);
  1628. continue;
  1629. }
  1630. /* EoR handled later */
  1631. if (nlris[i].length == 0)
  1632. continue;
  1633. switch (i)
  1634. {
  1635. case NLRI_UPDATE:
  1636. case NLRI_MP_UPDATE:
  1637. nlri_ret = bgp_nlri_parse (peer, NLRI_ATTR_ARG, &nlris[i]);
  1638. break;
  1639. case NLRI_WITHDRAW:
  1640. case NLRI_MP_WITHDRAW:
  1641. nlri_ret = bgp_nlri_parse (peer, NULL, &nlris[i]);
  1642. }
  1643. if (nlri_ret < 0)
  1644. {
  1645. plog_err (peer->log,
  1646. "%s [Error] Error parsing NLRI", peer->host);
  1647. if (peer->status == Established)
  1648. bgp_notify_send (peer, BGP_NOTIFY_UPDATE_ERR,
  1649. i <= NLRI_WITHDRAW
  1650. ? BGP_NOTIFY_UPDATE_INVAL_NETWORK
  1651. : BGP_NOTIFY_UPDATE_OPT_ATTR_ERR);
  1652. bgp_attr_unintern_sub (&attr);
  1653. return -1;
  1654. }
  1655. }
  1656. /* EoR checks.
  1657. *
  1658. * Non-MP IPv4/Unicast EoR is a completely empty UPDATE
  1659. * and MP EoR should have only an empty MP_UNREACH
  1660. */
  1661. if (!update_len && !withdraw_len
  1662. && nlris[NLRI_MP_UPDATE].length == 0)
  1663. {
  1664. afi_t afi = 0;
  1665. safi_t safi;
  1666. /* Non-MP IPv4/Unicast is a completely empty UPDATE - already
  1667. * checked update and withdraw NLRI lengths are 0.
  1668. */
  1669. if (!attribute_len)
  1670. {
  1671. afi = AFI_IP;
  1672. safi = SAFI_UNICAST;
  1673. }
  1674. /* otherwise MP AFI/SAFI is an empty update, other than an empty
  1675. * MP_UNREACH_NLRI attr (with an AFI/SAFI we recognise).
  1676. */
  1677. else if (attr.flag == BGP_ATTR_MP_UNREACH_NLRI
  1678. && nlris[NLRI_MP_WITHDRAW].length == 0
  1679. && bgp_afi_safi_valid_indices (nlris[NLRI_MP_WITHDRAW].afi,
  1680. &nlris[NLRI_MP_WITHDRAW].safi))
  1681. {
  1682. afi = nlris[NLRI_MP_WITHDRAW].afi;
  1683. safi = nlris[NLRI_MP_WITHDRAW].safi;
  1684. }
  1685. if (afi && peer->afc[afi][safi])
  1686. {
  1687. /* End-of-RIB received */
  1688. SET_FLAG (peer->af_sflags[afi][safi],
  1689. PEER_STATUS_EOR_RECEIVED);
  1690. /* NSF delete stale route */
  1691. if (peer->nsf[afi][safi])
  1692. bgp_clear_stale_route (peer, afi, safi);
  1693. if (BGP_DEBUG (normal, NORMAL))
  1694. zlog (peer->log, LOG_DEBUG, "rcvd End-of-RIB for %s from %s",
  1695. peer->host, afi_safi_print (afi, safi));
  1696. }
  1697. }
  1698. /* Everything is done. We unintern temporary structures which
  1699. interned in bgp_attr_parse(). */
  1700. bgp_attr_unintern_sub (&attr);
  1701. bgp_attr_flush (&attr);
  1702. /* If peering is stopped due to some reason, do not generate BGP
  1703. event. */
  1704. if (peer->status != Established)
  1705. return 0;
  1706. /* Increment packet counter. */
  1707. peer->update_in++;
  1708. peer->update_time = bgp_clock ();
  1709. /* Rearm holdtime timer */
  1710. BGP_TIMER_OFF (peer->t_holdtime);
  1711. bgp_timer_set (peer);
  1712. return 0;
  1713. }
  1714. /* Notify message treatment function. */
  1715. static void
  1716. bgp_notify_receive (struct peer *peer, bgp_size_t size)
  1717. {
  1718. struct bgp_notify bgp_notify;
  1719. if (peer->notify.data)
  1720. {
  1721. XFREE (MTYPE_TMP, peer->notify.data);
  1722. peer->notify.data = NULL;
  1723. peer->notify.length = 0;
  1724. }
  1725. bgp_notify.code = stream_getc (peer->ibuf);
  1726. bgp_notify.subcode = stream_getc (peer->ibuf);
  1727. bgp_notify.length = size - 2;
  1728. bgp_notify.data = NULL;
  1729. /* Preserv notify code and sub code. */
  1730. peer->notify.code = bgp_notify.code;
  1731. peer->notify.subcode = bgp_notify.subcode;
  1732. /* For further diagnostic record returned Data. */
  1733. if (bgp_notify.length)
  1734. {
  1735. peer->notify.length = size - 2;
  1736. peer->notify.data = XMALLOC (MTYPE_TMP, size - 2);
  1737. memcpy (peer->notify.data, stream_pnt (peer->ibuf), size - 2);
  1738. }
  1739. /* For debug */
  1740. {
  1741. int i;
  1742. int first = 0;
  1743. char c[4];
  1744. if (bgp_notify.length)
  1745. {
  1746. bgp_notify.data = XMALLOC (MTYPE_TMP, bgp_notify.length * 3);
  1747. for (i = 0; i < bgp_notify.length; i++)
  1748. if (first)
  1749. {
  1750. sprintf (c, " %02x", stream_getc (peer->ibuf));
  1751. strcat (bgp_notify.data, c);
  1752. }
  1753. else
  1754. {
  1755. first = 1;
  1756. sprintf (c, "%02x", stream_getc (peer->ibuf));
  1757. strcpy (bgp_notify.data, c);
  1758. }
  1759. }
  1760. bgp_notify_print(peer, &bgp_notify, "received");
  1761. if (bgp_notify.data)
  1762. {
  1763. XFREE (MTYPE_TMP, bgp_notify.data);
  1764. bgp_notify.data = NULL;
  1765. bgp_notify.length = 0;
  1766. }
  1767. }
  1768. /* peer count update */
  1769. peer->notify_in++;
  1770. if (peer->status == Established)
  1771. peer->last_reset = PEER_DOWN_NOTIFY_RECEIVED;
  1772. /* We have to check for Notify with Unsupported Optional Parameter.
  1773. in that case we fallback to open without the capability option.
  1774. But this done in bgp_stop. We just mark it here to avoid changing
  1775. the fsm tables. */
  1776. if (bgp_notify.code == BGP_NOTIFY_OPEN_ERR &&
  1777. bgp_notify.subcode == BGP_NOTIFY_OPEN_UNSUP_PARAM )
  1778. UNSET_FLAG (peer->sflags, PEER_STATUS_CAPABILITY_OPEN);
  1779. BGP_EVENT_ADD (peer, Receive_NOTIFICATION_message);
  1780. }
  1781. /* Keepalive treatment function -- get keepalive send keepalive */
  1782. static void
  1783. bgp_keepalive_receive (struct peer *peer, bgp_size_t size)
  1784. {
  1785. if (BGP_DEBUG (keepalive, KEEPALIVE))
  1786. zlog_debug ("%s KEEPALIVE rcvd", peer->host);
  1787. BGP_EVENT_ADD (peer, Receive_KEEPALIVE_message);
  1788. }
  1789. /* Route refresh message is received. */
  1790. static void
  1791. bgp_route_refresh_receive (struct peer *peer, bgp_size_t size)
  1792. {
  1793. afi_t afi;
  1794. safi_t safi;
  1795. struct stream *s;
  1796. /* If peer does not have the capability, send notification. */
  1797. if (! CHECK_FLAG (peer->cap, PEER_CAP_REFRESH_ADV))
  1798. {
  1799. plog_err (peer->log, "%s [Error] BGP route refresh is not enabled",
  1800. peer->host);
  1801. bgp_notify_send (peer,
  1802. BGP_NOTIFY_HEADER_ERR,
  1803. BGP_NOTIFY_HEADER_BAD_MESTYPE);
  1804. return;
  1805. }
  1806. /* Status must be Established. */
  1807. if (peer->status != Established)
  1808. {
  1809. plog_err (peer->log,
  1810. "%s [Error] Route refresh packet received under status %s",
  1811. peer->host, LOOKUP (bgp_status_msg, peer->status));
  1812. bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
  1813. return;
  1814. }
  1815. s = peer->ibuf;
  1816. /* Parse packet. */
  1817. afi = stream_getw (s);
  1818. /* reserved byte */
  1819. stream_getc (s);
  1820. safi = stream_getc (s);
  1821. if (BGP_DEBUG (normal, NORMAL))
  1822. zlog_debug ("%s rcvd REFRESH_REQ for afi/safi: %d/%d",
  1823. peer->host, afi, safi);
  1824. /* Check AFI and SAFI. */
  1825. if ((afi != AFI_IP && afi != AFI_IP6)
  1826. || (safi != SAFI_UNICAST && safi != SAFI_MULTICAST
  1827. && safi != SAFI_MPLS_LABELED_VPN))
  1828. {
  1829. if (BGP_DEBUG (normal, NORMAL))
  1830. {
  1831. zlog_debug ("%s REFRESH_REQ for unrecognized afi/safi: %d/%d - ignored",
  1832. peer->host, afi, safi);
  1833. }
  1834. return;
  1835. }
  1836. /* Adjust safi code. */
  1837. if (safi == SAFI_MPLS_LABELED_VPN)
  1838. safi = SAFI_MPLS_VPN;
  1839. if (size != BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE)
  1840. {
  1841. u_char *end;
  1842. u_char when_to_refresh;
  1843. u_char orf_type;
  1844. u_int16_t orf_len;
  1845. if (size - (BGP_MSG_ROUTE_REFRESH_MIN_SIZE - BGP_HEADER_SIZE) < 5)
  1846. {
  1847. zlog_info ("%s ORF route refresh length error", peer->host);
  1848. bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
  1849. return;
  1850. }
  1851. when_to_refresh = stream_getc (s);
  1852. end = stream_pnt (s) + (size - 5);
  1853. while ((stream_pnt (s) + 2) < end)
  1854. {
  1855. orf_type = stream_getc (s);
  1856. orf_len = stream_getw (s);
  1857. /* orf_len in bounds? */
  1858. if ((stream_pnt (s) + orf_len) > end)
  1859. break; /* XXX: Notify instead?? */
  1860. if (orf_type == ORF_TYPE_PREFIX
  1861. || orf_type == ORF_TYPE_PREFIX_OLD)
  1862. {
  1863. uint8_t *p_pnt = stream_pnt (s);
  1864. uint8_t *p_end = stream_pnt (s) + orf_len;
  1865. struct orf_prefix orfp;
  1866. u_char common = 0;
  1867. u_int32_t seq;
  1868. int psize;
  1869. char name[BUFSIZ];
  1870. int ret;
  1871. if (BGP_DEBUG (normal, NORMAL))
  1872. {
  1873. zlog_debug ("%s rcvd Prefixlist ORF(%d) length %d",
  1874. peer->host, orf_type, orf_len);
  1875. }
  1876. /* we're going to read at least 1 byte of common ORF header,
  1877. * and 7 bytes of ORF Address-filter entry from the stream
  1878. */
  1879. if (orf_len < 7)
  1880. break;
  1881. /* ORF prefix-list name */
  1882. sprintf (name, "%s.%d.%d", peer->host, afi, safi);
  1883. while (p_pnt < p_end)
  1884. {
  1885. /* If the ORF entry is malformed, want to read as much of it
  1886. * as possible without going beyond the bounds of the entry,
  1887. * to maximise debug information.
  1888. */
  1889. int ok;
  1890. memset (&orfp, 0, sizeof (struct orf_prefix));
  1891. common = *p_pnt++;
  1892. /* after ++: p_pnt <= p_end */
  1893. if (common & ORF_COMMON_PART_REMOVE_ALL)
  1894. {
  1895. if (BGP_DEBUG (normal, NORMAL))
  1896. zlog_debug ("%s rcvd Remove-All pfxlist ORF request", peer->host);
  1897. prefix_bgp_orf_remove_all (afi, name);
  1898. break;
  1899. }
  1900. ok = ((size_t)(p_end - p_pnt) >= sizeof(u_int32_t)) ;
  1901. if (ok)
  1902. {
  1903. memcpy (&seq, p_pnt, sizeof (u_int32_t));
  1904. p_pnt += sizeof (u_int32_t);
  1905. orfp.seq = ntohl (seq);
  1906. }
  1907. else
  1908. p_pnt = p_end ;
  1909. if ((ok = (p_pnt < p_end)))
  1910. orfp.ge = *p_pnt++ ; /* value checked in prefix_bgp_orf_set() */
  1911. if ((ok = (p_pnt < p_end)))
  1912. orfp.le = *p_pnt++ ; /* value checked in prefix_bgp_orf_set() */
  1913. if ((ok = (p_pnt < p_end)))
  1914. orfp.p.prefixlen = *p_pnt++ ;
  1915. orfp.p.family = afi2family (afi); /* afi checked already */
  1916. psize = PSIZE (orfp.p.prefixlen); /* 0 if not ok */
  1917. if (psize > prefix_blen(&orfp.p)) /* valid for family ? */
  1918. {
  1919. ok = 0 ;
  1920. psize = prefix_blen(&orfp.p) ;
  1921. }
  1922. if (psize > (p_end - p_pnt)) /* valid for packet ? */
  1923. {
  1924. ok = 0 ;
  1925. psize = p_end - p_pnt ;
  1926. }
  1927. if (psize > 0)
  1928. memcpy (&orfp.p.u.prefix, p_pnt, psize);
  1929. p_pnt += psize;
  1930. if (BGP_DEBUG (normal, NORMAL))
  1931. {
  1932. char buf[INET6_BUFSIZ];
  1933. zlog_debug ("%s rcvd %s %s seq %u %s/%d ge %d le %d%s",
  1934. peer->host,
  1935. (common & ORF_COMMON_PART_REMOVE ? "Remove" : "Add"),
  1936. (common & ORF_COMMON_PART_DENY ? "deny" : "permit"),
  1937. orfp.seq,
  1938. inet_ntop (orfp.p.family, &orfp.p.u.prefix, buf, INET6_BUFSIZ),
  1939. orfp.p.prefixlen, orfp.ge, orfp.le,
  1940. ok ? "" : " MALFORMED");
  1941. }
  1942. if (ok)
  1943. ret = prefix_bgp_orf_set (name, afi, &orfp,
  1944. (common & ORF_COMMON_PART_DENY ? 0 : 1 ),
  1945. (common & ORF_COMMON_PART_REMOVE ? 0 : 1));
  1946. if (!ok || (ok && ret != CMD_SUCCESS))
  1947. {
  1948. if (BGP_DEBUG (normal, NORMAL))
  1949. zlog_debug ("%s Received misformatted prefixlist ORF."
  1950. " Remove All pfxlist", peer->host);
  1951. prefix_bgp_orf_remove_all (afi, name);
  1952. break;
  1953. }
  1954. }
  1955. peer->orf_plist[afi][safi] =
  1956. prefix_bgp_orf_lookup (afi, name);
  1957. }
  1958. stream_forward_getp (s, orf_len);
  1959. }
  1960. if (BGP_DEBUG (normal, NORMAL))
  1961. zlog_debug ("%s rcvd Refresh %s ORF request", peer->host,
  1962. when_to_refresh == REFRESH_DEFER ? "Defer" : "Immediate");
  1963. if (when_to_refresh == REFRESH_DEFER)
  1964. return;
  1965. }
  1966. /* First update is deferred until ORF or ROUTE-REFRESH is received */
  1967. if (CHECK_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_WAIT_REFRESH))
  1968. UNSET_FLAG (peer->af_sflags[afi][safi], PEER_STATUS_ORF_WAIT_REFRESH);
  1969. /* Perform route refreshment to the peer */
  1970. bgp_announce_route (peer, afi, safi);
  1971. }
  1972. static int
  1973. bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
  1974. {
  1975. u_char *end;
  1976. struct capability_mp_data mpc;
  1977. struct capability_header *hdr;
  1978. u_char action;
  1979. afi_t afi;
  1980. safi_t safi;
  1981. end = pnt + length;
  1982. /* XXX: Streamify this */
  1983. for (; pnt < end; pnt += hdr->length + 3)
  1984. {
  1985. /* We need at least action, capability code and capability length. */
  1986. if (pnt + 3 > end)
  1987. {
  1988. zlog_info ("%s Capability length error", peer->host);
  1989. bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
  1990. return -1;
  1991. }
  1992. action = *pnt;
  1993. hdr = (struct capability_header *)(pnt + 1);
  1994. /* Action value check. */
  1995. if (action != CAPABILITY_ACTION_SET
  1996. && action != CAPABILITY_ACTION_UNSET)
  1997. {
  1998. zlog_info ("%s Capability Action Value error %d",
  1999. peer->host, action);
  2000. bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
  2001. return -1;
  2002. }
  2003. if (BGP_DEBUG (normal, NORMAL))
  2004. zlog_debug ("%s CAPABILITY has action: %d, code: %u, length %u",
  2005. peer->host, action, hdr->code, hdr->length);
  2006. /* Capability length check. */
  2007. if ((pnt + hdr->length + 3) > end)
  2008. {
  2009. zlog_info ("%s Capability length error", peer->host);
  2010. bgp_notify_send (peer, BGP_NOTIFY_CEASE, 0);
  2011. return -1;
  2012. }
  2013. /* Fetch structure to the byte stream. */
  2014. memcpy (&mpc, pnt + 3, sizeof (struct capability_mp_data));
  2015. /* We know MP Capability Code. */
  2016. if (hdr->code == CAPABILITY_CODE_MP)
  2017. {
  2018. afi = ntohs (mpc.afi);
  2019. safi = mpc.safi;
  2020. /* Ignore capability when override-capability is set. */
  2021. if (CHECK_FLAG (peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
  2022. continue;
  2023. if (!bgp_afi_safi_valid_indices (afi, &safi))
  2024. {
  2025. if (BGP_DEBUG (normal, NORMAL))
  2026. zlog_debug ("%s Dynamic Capability MP_EXT afi/safi invalid "
  2027. "(%u/%u)", peer->host, afi, safi);
  2028. continue;
  2029. }
  2030. /* Address family check. */
  2031. if (BGP_DEBUG (normal, NORMAL))
  2032. zlog_debug ("%s CAPABILITY has %s MP_EXT CAP for afi/safi: %u/%u",
  2033. peer->host,
  2034. action == CAPABILITY_ACTION_SET
  2035. ? "Advertising" : "Removing",
  2036. ntohs(mpc.afi) , mpc.safi);
  2037. if (action == CAPABILITY_ACTION_SET)
  2038. {
  2039. peer->afc_recv[afi][safi] = 1;
  2040. if (peer->afc[afi][safi])
  2041. {
  2042. peer->afc_nego[afi][safi] = 1;
  2043. bgp_announce_route (peer, afi, safi);
  2044. }
  2045. }
  2046. else
  2047. {
  2048. peer->afc_recv[afi][safi] = 0;
  2049. peer->afc_nego[afi][safi] = 0;
  2050. if (peer_active_nego (peer))
  2051. bgp_clear_route (peer, afi, safi, BGP_CLEAR_ROUTE_NORMAL);
  2052. else
  2053. BGP_EVENT_ADD (peer, BGP_Stop);
  2054. }
  2055. }
  2056. else
  2057. {
  2058. zlog_warn ("%s unrecognized capability code: %d - ignored",
  2059. peer->host, hdr->code);
  2060. }
  2061. }
  2062. return 0;
  2063. }
  2064. /* Dynamic Capability is received.
  2065. *
  2066. * This is exported for unit-test purposes
  2067. */
  2068. int
  2069. bgp_capability_receive (struct peer *peer, bgp_size_t size)
  2070. {
  2071. u_char *pnt;
  2072. /* Fetch pointer. */
  2073. pnt = stream_pnt (peer->ibuf);
  2074. if (BGP_DEBUG (normal, NORMAL))
  2075. zlog_debug ("%s rcv CAPABILITY", peer->host);
  2076. /* If peer does not have the capability, send notification. */
  2077. if (! CHECK_FLAG (peer->cap, PEER_CAP_DYNAMIC_ADV))
  2078. {
  2079. plog_err (peer->log, "%s [Error] BGP dynamic capability is not enabled",
  2080. peer->host);
  2081. bgp_notify_send (peer,
  2082. BGP_NOTIFY_HEADER_ERR,
  2083. BGP_NOTIFY_HEADER_BAD_MESTYPE);
  2084. return -1;
  2085. }
  2086. /* Status must be Established. */
  2087. if (peer->status != Established)
  2088. {
  2089. plog_err (peer->log,
  2090. "%s [Error] Dynamic capability packet received under status %s", peer->host, LOOKUP (bgp_status_msg, peer->status));
  2091. bgp_notify_send (peer, BGP_NOTIFY_FSM_ERR, 0);
  2092. return -1;
  2093. }
  2094. /* Parse packet. */
  2095. return bgp_capability_msg_parse (peer, pnt, size);
  2096. }
  2097. /* BGP read utility function. */
  2098. static int
  2099. bgp_read_packet (struct peer *peer)
  2100. {
  2101. int nbytes;
  2102. int readsize;
  2103. readsize = peer->packet_size - stream_get_endp (peer->ibuf);
  2104. /* If size is zero then return. */
  2105. if (! readsize)
  2106. return 0;
  2107. /* Read packet from fd. */
  2108. nbytes = stream_read_try (peer->ibuf, peer->fd, readsize);
  2109. /* If read byte is smaller than zero then error occurred. */
  2110. if (nbytes < 0)
  2111. {
  2112. /* Transient error should retry */
  2113. if (nbytes == -2)
  2114. return -1;
  2115. plog_err (peer->log, "%s [Error] bgp_read_packet error: %s",
  2116. peer->host, safe_strerror (errno));
  2117. if (peer->status == Established)
  2118. {
  2119. if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
  2120. {
  2121. peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
  2122. SET_FLAG (peer->sflags, PEER_STATUS_NSF_WAIT);
  2123. }
  2124. else
  2125. peer->last_reset = PEER_DOWN_CLOSE_SESSION;
  2126. }
  2127. BGP_EVENT_ADD (peer, TCP_fatal_error);
  2128. return -1;
  2129. }
  2130. /* When read byte is zero : clear bgp peer and return */
  2131. if (nbytes == 0)
  2132. {
  2133. if (BGP_DEBUG (events, EVENTS))
  2134. plog_debug (peer->log, "%s [Event] BGP connection closed fd %d",
  2135. peer->host, peer->fd);
  2136. if (peer->status == Established)
  2137. {
  2138. if (CHECK_FLAG (peer->sflags, PEER_STATUS_NSF_MODE))
  2139. {
  2140. peer->last_reset = PEER_DOWN_NSF_CLOSE_SESSION;
  2141. SET_FLAG (peer->sflags, PEER_STATUS_NSF_WAIT);
  2142. }
  2143. else
  2144. peer->last_reset = PEER_DOWN_CLOSE_SESSION;
  2145. }
  2146. BGP_EVENT_ADD (peer, TCP_connection_closed);
  2147. return -1;
  2148. }
  2149. /* We read partial packet. */
  2150. if (stream_get_endp (peer->ibuf) != peer->packet_size)
  2151. return -1;
  2152. return 0;
  2153. }
  2154. /* Marker check. */
  2155. static int
  2156. bgp_marker_all_one (struct stream *s, int length)
  2157. {
  2158. int i;
  2159. for (i = 0; i < length; i++)
  2160. if (s->data[i] != 0xff)
  2161. return 0;
  2162. return 1;
  2163. }
  2164. /* Recent thread time.
  2165. On same clock base as bgp_clock (MONOTONIC)
  2166. but can be time of last context switch to bgp_read thread. */
  2167. static time_t
  2168. bgp_recent_clock (void)
  2169. {
  2170. return recent_relative_time().tv_sec;
  2171. }
  2172. /* Starting point of packet process function. */
  2173. int
  2174. bgp_read (struct thread *thread)
  2175. {
  2176. int ret;
  2177. u_char type = 0;
  2178. struct peer *peer;
  2179. bgp_size_t size;
  2180. char notify_data_length[2];
  2181. /* Yes first of all get peer pointer. */
  2182. peer = THREAD_ARG (thread);
  2183. peer->t_read = NULL;
  2184. /* For non-blocking IO check. */
  2185. if (peer->status == Connect)
  2186. {
  2187. bgp_connect_check (peer);
  2188. goto done;
  2189. }
  2190. else
  2191. {
  2192. if (peer->fd < 0)
  2193. {
  2194. zlog_err ("bgp_read peer's fd is negative value %d", peer->fd);
  2195. return -1;
  2196. }
  2197. BGP_READ_ON (peer->t_read, bgp_read, peer->fd);
  2198. }
  2199. /* Read packet header to determine type of the packet */
  2200. if (peer->packet_size == 0)
  2201. peer->packet_size = BGP_HEADER_SIZE;
  2202. if (stream_get_endp (peer->ibuf) < BGP_HEADER_SIZE)
  2203. {
  2204. ret = bgp_read_packet (peer);
  2205. /* Header read error or partial read packet. */
  2206. if (ret < 0)
  2207. goto done;
  2208. /* Get size and type. */
  2209. stream_forward_getp (peer->ibuf, BGP_MARKER_SIZE);
  2210. memcpy (notify_data_length, stream_pnt (peer->ibuf), 2);
  2211. size = stream_getw (peer->ibuf);
  2212. type = stream_getc (peer->ibuf);
  2213. if (BGP_DEBUG (normal, NORMAL) && type != 2 && type != 0)
  2214. zlog_debug ("%s rcv message type %d, length (excl. header) %d",
  2215. peer->host, type, size - BGP_HEADER_SIZE);
  2216. /* Marker check */
  2217. if (((type == BGP_MSG_OPEN) || (type == BGP_MSG_KEEPALIVE))
  2218. && ! bgp_marker_all_one (peer->ibuf, BGP_MARKER_SIZE))
  2219. {
  2220. bgp_notify_send (peer,
  2221. BGP_NOTIFY_HEADER_ERR,
  2222. BGP_NOTIFY_HEADER_NOT_SYNC);
  2223. goto done;
  2224. }
  2225. /* BGP type check. */
  2226. if (type != BGP_MSG_OPEN && type != BGP_MSG_UPDATE
  2227. && type != BGP_MSG_NOTIFY && type != BGP_MSG_KEEPALIVE
  2228. && type != BGP_MSG_ROUTE_REFRESH_NEW
  2229. && type != BGP_MSG_ROUTE_REFRESH_OLD
  2230. && type != BGP_MSG_CAPABILITY)
  2231. {
  2232. if (BGP_DEBUG (normal, NORMAL))
  2233. plog_debug (peer->log,
  2234. "%s unknown message type 0x%02x",
  2235. peer->host, type);
  2236. bgp_notify_send_with_data (peer,
  2237. BGP_NOTIFY_HEADER_ERR,
  2238. BGP_NOTIFY_HEADER_BAD_MESTYPE,
  2239. &type, 1);
  2240. goto done;
  2241. }
  2242. /* Mimimum packet length check. */
  2243. if ((size < BGP_HEADER_SIZE)
  2244. || (size > BGP_MAX_PACKET_SIZE)
  2245. || (type == BGP_MSG_OPEN && size < BGP_MSG_OPEN_MIN_SIZE)
  2246. || (type == BGP_MSG_UPDATE && size < BGP_MSG_UPDATE_MIN_SIZE)
  2247. || (type == BGP_MSG_NOTIFY && size < BGP_MSG_NOTIFY_MIN_SIZE)
  2248. || (type == BGP_MSG_KEEPALIVE && size != BGP_MSG_KEEPALIVE_MIN_SIZE)
  2249. || (type == BGP_MSG_ROUTE_REFRESH_NEW && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE)
  2250. || (type == BGP_MSG_ROUTE_REFRESH_OLD && size < BGP_MSG_ROUTE_REFRESH_MIN_SIZE)
  2251. || (type == BGP_MSG_CAPABILITY && size < BGP_MSG_CAPABILITY_MIN_SIZE))
  2252. {
  2253. if (BGP_DEBUG (normal, NORMAL))
  2254. plog_debug (peer->log,
  2255. "%s bad message length - %d for %s",
  2256. peer->host, size,
  2257. type == 128 ? "ROUTE-REFRESH" :
  2258. bgp_type_str[(int) type]);
  2259. bgp_notify_send_with_data (peer,
  2260. BGP_NOTIFY_HEADER_ERR,
  2261. BGP_NOTIFY_HEADER_BAD_MESLEN,
  2262. (u_char *) notify_data_length, 2);
  2263. goto done;
  2264. }
  2265. /* Adjust size to message length. */
  2266. peer->packet_size = size;
  2267. }
  2268. ret = bgp_read_packet (peer);
  2269. if (ret < 0)
  2270. goto done;
  2271. /* Get size and type again. */
  2272. size = stream_getw_from (peer->ibuf, BGP_MARKER_SIZE);
  2273. type = stream_getc_from (peer->ibuf, BGP_MARKER_SIZE + 2);
  2274. /* BGP packet dump function. */
  2275. bgp_dump_packet (peer, type, peer->ibuf);
  2276. size = (peer->packet_size - BGP_HEADER_SIZE);
  2277. /* Read rest of the packet and call each sort of packet routine */
  2278. switch (type)
  2279. {
  2280. case BGP_MSG_OPEN:
  2281. peer->open_in++;
  2282. bgp_open_receive (peer, size); /* XXX return value ignored! */
  2283. break;
  2284. case BGP_MSG_UPDATE:
  2285. peer->readtime = bgp_recent_clock ();
  2286. bgp_update_receive (peer, size);
  2287. break;
  2288. case BGP_MSG_NOTIFY:
  2289. bgp_notify_receive (peer, size);
  2290. break;
  2291. case BGP_MSG_KEEPALIVE:
  2292. peer->readtime = bgp_recent_clock ();
  2293. bgp_keepalive_receive (peer, size);
  2294. break;
  2295. case BGP_MSG_ROUTE_REFRESH_NEW:
  2296. case BGP_MSG_ROUTE_REFRESH_OLD:
  2297. peer->refresh_in++;
  2298. bgp_route_refresh_receive (peer, size);
  2299. break;
  2300. case BGP_MSG_CAPABILITY:
  2301. peer->dynamic_cap_in++;
  2302. bgp_capability_receive (peer, size);
  2303. break;
  2304. }
  2305. /* Clear input buffer. */
  2306. peer->packet_size = 0;
  2307. if (peer->ibuf)
  2308. stream_reset (peer->ibuf);
  2309. done:
  2310. if (CHECK_FLAG (peer->sflags, PEER_STATUS_ACCEPT_PEER))
  2311. {
  2312. if (BGP_DEBUG (events, EVENTS))
  2313. zlog_debug ("%s [Event] Accepting BGP peer delete", peer->host);
  2314. peer_delete (peer);
  2315. }
  2316. return 0;
  2317. }