1: /*
2: * BIRD -- The Border Gateway Protocol
3: *
4: * (c) 2000 Martin Mares <mj@ucw.cz>
5: * (c) 2008--2016 Ondrej Zajicek <santiago@crfreenet.org>
6: * (c) 2008--2016 CZ.NIC z.s.p.o.
7: *
8: * Can be freely distributed and used under the terms of the GNU GPL.
9: */
10:
11: /**
12: * DOC: Border Gateway Protocol
13: *
14: * The BGP protocol is implemented in three parts: |bgp.c| which takes care of
15: * the connection and most of the interface with BIRD core, |packets.c| handling
16: * both incoming and outgoing BGP packets and |attrs.c| containing functions for
17: * manipulation with BGP attribute lists.
18: *
19: * As opposed to the other existing routing daemons, BIRD has a sophisticated
20: * core architecture which is able to keep all the information needed by BGP in
21: * the primary routing table, therefore no complex data structures like a
22: * central BGP table are needed. This increases memory footprint of a BGP router
23: * with many connections, but not too much and, which is more important, it
24: * makes BGP much easier to implement.
25: *
26: * Each instance of BGP (corresponding to a single BGP peer) is described by a
27: * &bgp_proto structure to which are attached individual connections represented
28: * by &bgp_connection (usually, there exists only one connection, but during BGP
29: * session setup, there can be more of them). The connections are handled
30: * according to the BGP state machine defined in the RFC with all the timers and
31: * all the parameters configurable.
32: *
33: * In incoming direction, we listen on the connection's socket and each time we
34: * receive some input, we pass it to bgp_rx(). It decodes packet headers and the
35: * markers and passes complete packets to bgp_rx_packet() which distributes the
36: * packet according to its type.
37: *
38: * In outgoing direction, we gather all the routing updates and sort them to
39: * buckets (&bgp_bucket) according to their attributes (we keep a hash table for
40: * fast comparison of &rta's and a &fib which helps us to find if we already
41: * have another route for the same destination queued for sending, so that we
42: * can replace it with the new one immediately instead of sending both
43: * updates). There also exists a special bucket holding all the route
44: * withdrawals which cannot be queued anywhere else as they don't have any
45: * attributes. If we have any packet to send (due to either new routes or the
46: * connection tracking code wanting to send a Open, Keepalive or Notification
47: * message), we call bgp_schedule_packet() which sets the corresponding bit in a
48: * @packet_to_send bit field in &bgp_conn and as soon as the transmit socket
49: * buffer becomes empty, we call bgp_fire_tx(). It inspects state of all the
50: * packet type bits and calls the corresponding bgp_create_xx() functions,
51: * eventually rescheduling the same packet type if we have more data of the same
52: * type to send.
53: *
54: * The processing of attributes consists of two functions: bgp_decode_attrs()
55: * for checking of the attribute blocks and translating them to the language of
56: * BIRD's extended attributes and bgp_encode_attrs() which does the
57: * converse. Both functions are built around a @bgp_attr_table array describing
58: * all important characteristics of all known attributes. Unknown transitive
59: * attributes are attached to the route as %EAF_TYPE_OPAQUE byte streams.
60: *
61: * BGP protocol implements graceful restart in both restarting (local restart)
62: * and receiving (neighbor restart) roles. The first is handled mostly by the
63: * graceful restart code in the nest, BGP protocol just handles capabilities,
64: * sets @gr_wait and locks graceful restart until end-of-RIB mark is received.
65: * The second is implemented by internal restart of the BGP state to %BS_IDLE
66: * and protocol state to %PS_START, but keeping the protocol up from the core
67: * point of view and therefore maintaining received routes. Routing table
68: * refresh cycle (rt_refresh_begin(), rt_refresh_end()) is used for removing
69: * stale routes after reestablishment of BGP session during graceful restart.
70: *
71: * Supported standards:
72: * RFC 4271 - Border Gateway Protocol 4 (BGP)
73: * RFC 1997 - BGP Communities Attribute
74: * RFC 2385 - Protection of BGP Sessions via TCP MD5 Signature
75: * RFC 2545 - Use of BGP Multiprotocol Extensions for IPv6
76: * RFC 2918 - Route Refresh Capability
77: * RFC 3107 - Carrying Label Information in BGP
78: * RFC 4360 - BGP Extended Communities Attribute
79: * RFC 4364 - BGP/MPLS IPv4 Virtual Private Networks
80: * RFC 4456 - BGP Route Reflection
81: * RFC 4486 - Subcodes for BGP Cease Notification Message
82: * RFC 4659 - BGP/MPLS IPv6 Virtual Private Networks
83: * RFC 4724 - Graceful Restart Mechanism for BGP
84: * RFC 4760 - Multiprotocol extensions for BGP
85: * RFC 4798 - Connecting IPv6 Islands over IPv4 MPLS
86: * RFC 5065 - AS confederations for BGP
87: * RFC 5082 - Generalized TTL Security Mechanism
88: * RFC 5492 - Capabilities Advertisement with BGP
89: * RFC 5549 - Advertising IPv4 NLRI with an IPv6 Next Hop
90: * RFC 5575 - Dissemination of Flow Specification Rules
91: * RFC 5668 - 4-Octet AS Specific BGP Extended Community
92: * RFC 6286 - AS-Wide Unique BGP Identifier
93: * RFC 6608 - Subcodes for BGP Finite State Machine Error
94: * RFC 6793 - BGP Support for 4-Octet AS Numbers
95: * RFC 7311 - Accumulated IGP Metric Attribute for BGP
96: * RFC 7313 - Enhanced Route Refresh Capability for BGP
97: * RFC 7606 - Revised Error Handling for BGP UPDATE Messages
98: * RFC 7911 - Advertisement of Multiple Paths in BGP
99: * RFC 7947 - Internet Exchange BGP Route Server
100: * RFC 8092 - BGP Large Communities Attribute
101: * RFC 8203 - BGP Administrative Shutdown Communication
102: * RFC 8212 - Default EBGP Route Propagation Behavior without Policies
103: * draft-ietf-idr-bgp-extended-messages-27
104: * draft-ietf-idr-ext-opt-param-07
105: * draft-uttaro-idr-bgp-persistence-04
106: */
107:
108: #undef LOCAL_DEBUG
109:
110: #include <stdlib.h>
111:
112: #include "nest/bird.h"
113: #include "nest/iface.h"
114: #include "nest/protocol.h"
115: #include "nest/route.h"
116: #include "nest/cli.h"
117: #include "nest/locks.h"
118: #include "conf/conf.h"
119: #include "filter/filter.h"
120: #include "lib/socket.h"
121: #include "lib/resource.h"
122: #include "lib/string.h"
123:
124: #include "bgp.h"
125:
126:
127: struct linpool *bgp_linpool; /* Global temporary pool */
128: struct linpool *bgp_linpool2; /* Global temporary pool for bgp_rt_notify() */
129: static list bgp_sockets; /* Global list of listening sockets */
130:
131:
132: static void bgp_connect(struct bgp_proto *p);
133: static void bgp_active(struct bgp_proto *p);
134: static void bgp_setup_conn(struct bgp_proto *p, struct bgp_conn *conn);
135: static void bgp_setup_sk(struct bgp_conn *conn, sock *s);
136: static void bgp_send_open(struct bgp_conn *conn);
137: static void bgp_update_bfd(struct bgp_proto *p, int use_bfd);
138:
139: static int bgp_incoming_connection(sock *sk, uint dummy UNUSED);
140: static void bgp_listen_sock_err(sock *sk UNUSED, int err);
141:
142: /**
143: * bgp_open - open a BGP instance
144: * @p: BGP instance
145: *
146: * This function allocates and configures shared BGP resources, mainly listening
147: * sockets. Should be called as the last step during initialization (when lock
148: * is acquired and neighbor is ready). When error, caller should change state to
149: * PS_DOWN and return immediately.
150: */
151: static int
152: bgp_open(struct bgp_proto *p)
153: {
154: struct bgp_socket *bs = NULL;
155: struct iface *ifa = p->cf->strict_bind ? p->cf->iface : NULL;
156: ip_addr addr = p->cf->strict_bind ? p->cf->local_ip :
157: (p->ipv4 ? IPA_NONE4 : IPA_NONE6);
158: uint port = p->cf->local_port;
159:
160: /* FIXME: Add some global init? */
161: if (!bgp_linpool)
162: init_list(&bgp_sockets);
163:
164: /* We assume that cf->iface is defined iff cf->local_ip is link-local */
165:
166: WALK_LIST(bs, bgp_sockets)
167: if (ipa_equal(bs->sk->saddr, addr) && (bs->sk->sport == port) &&
168: (bs->sk->iface == ifa) && (bs->sk->vrf == p->p.vrf))
169: {
170: bs->uc++;
171: p->sock = bs;
172: return 0;
173: }
174:
175: sock *sk = sk_new(proto_pool);
176: sk->type = SK_TCP_PASSIVE;
177: sk->ttl = 255;
178: sk->saddr = addr;
179: sk->sport = port;
180: sk->iface = ifa;
181: sk->vrf = p->p.vrf;
182: sk->flags = 0;
183: sk->tos = IP_PREC_INTERNET_CONTROL;
184: sk->rbsize = BGP_RX_BUFFER_SIZE;
185: sk->tbsize = BGP_TX_BUFFER_SIZE;
186: sk->rx_hook = bgp_incoming_connection;
187: sk->err_hook = bgp_listen_sock_err;
188:
189: if (sk_open(sk) < 0)
190: goto err;
191:
192: bs = mb_allocz(proto_pool, sizeof(struct bgp_socket));
193: bs->sk = sk;
194: bs->uc = 1;
195: p->sock = bs;
196: sk->data = bs;
197:
198: add_tail(&bgp_sockets, &bs->n);
199:
200: if (!bgp_linpool)
201: {
202: bgp_linpool = lp_new_default(proto_pool);
203: bgp_linpool2 = lp_new_default(proto_pool);
204: }
205:
206: return 0;
207:
208: err:
209: sk_log_error(sk, p->p.name);
210: log(L_ERR "%s: Cannot open listening socket", p->p.name);
211: rfree(sk);
212: return -1;
213: }
214:
215: /**
216: * bgp_close - close a BGP instance
217: * @p: BGP instance
218: *
219: * This function frees and deconfigures shared BGP resources.
220: */
221: static void
222: bgp_close(struct bgp_proto *p)
223: {
224: struct bgp_socket *bs = p->sock;
225:
226: ASSERT(bs && bs->uc);
227:
228: if (--bs->uc)
229: return;
230:
231: rfree(bs->sk);
232: rem_node(&bs->n);
233: mb_free(bs);
234:
235: if (!EMPTY_LIST(bgp_sockets))
236: return;
237:
238: rfree(bgp_linpool);
239: bgp_linpool = NULL;
240:
241: rfree(bgp_linpool2);
242: bgp_linpool2 = NULL;
243: }
244:
245: static inline int
246: bgp_setup_auth(struct bgp_proto *p, int enable)
247: {
248: if (p->cf->password)
249: {
250: int rv = sk_set_md5_auth(p->sock->sk,
251: p->cf->local_ip, p->cf->remote_ip, p->cf->iface,
252: enable ? p->cf->password : NULL, p->cf->setkey);
253:
254: if (rv < 0)
255: sk_log_error(p->sock->sk, p->p.name);
256:
257: return rv;
258: }
259: else
260: return 0;
261: }
262:
263: static inline struct bgp_channel *
264: bgp_find_channel(struct bgp_proto *p, u32 afi)
265: {
266: struct bgp_channel *c;
267: WALK_LIST(c, p->p.channels)
268: if (c->afi == afi)
269: return c;
270:
271: return NULL;
272: }
273:
274: static void
275: bgp_startup(struct bgp_proto *p)
276: {
277: BGP_TRACE(D_EVENTS, "Started");
278: p->start_state = BSS_CONNECT;
279:
280: if (!p->passive)
281: bgp_active(p);
282:
283: if (p->postponed_sk)
284: {
285: /* Apply postponed incoming connection */
286: bgp_setup_conn(p, &p->incoming_conn);
287: bgp_setup_sk(&p->incoming_conn, p->postponed_sk);
288: bgp_send_open(&p->incoming_conn);
289: p->postponed_sk = NULL;
290: }
291: }
292:
293: static void
294: bgp_startup_timeout(timer *t)
295: {
296: bgp_startup(t->data);
297: }
298:
299:
300: static void
301: bgp_initiate(struct bgp_proto *p)
302: {
303: int err_val;
304:
305: if (bgp_open(p) < 0)
306: { err_val = BEM_NO_SOCKET; goto err1; }
307:
308: if (bgp_setup_auth(p, 1) < 0)
309: { err_val = BEM_INVALID_MD5; goto err2; }
310:
311: if (p->cf->bfd)
312: bgp_update_bfd(p, p->cf->bfd);
313:
314: if (p->startup_delay)
315: {
316: p->start_state = BSS_DELAY;
317: BGP_TRACE(D_EVENTS, "Startup delayed by %d seconds due to errors", p->startup_delay);
318: bgp_start_timer(p->startup_timer, p->startup_delay);
319: }
320: else
321: bgp_startup(p);
322:
323: return;
324:
325: err2:
326: bgp_close(p);
327: err1:
328: p->p.disabled = 1;
329: bgp_store_error(p, NULL, BE_MISC, err_val);
330: proto_notify_state(&p->p, PS_DOWN);
331:
332: return;
333: }
334:
335: /**
336: * bgp_start_timer - start a BGP timer
337: * @t: timer
338: * @value: time (in seconds) to fire (0 to disable the timer)
339: *
340: * This functions calls tm_start() on @t with time @value and the amount of
341: * randomization suggested by the BGP standard. Please use it for all BGP
342: * timers.
343: */
344: void
345: bgp_start_timer(timer *t, uint value)
346: {
347: if (value)
348: {
349: /* The randomization procedure is specified in RFC 4271 section 10 */
350: btime time = value S;
351: btime randomize = random() % ((time / 4) + 1);
352: tm_start(t, time - randomize);
353: }
354: else
355: tm_stop(t);
356: }
357:
358: /**
359: * bgp_close_conn - close a BGP connection
360: * @conn: connection to close
361: *
362: * This function takes a connection described by the &bgp_conn structure, closes
363: * its socket and frees all resources associated with it.
364: */
365: void
366: bgp_close_conn(struct bgp_conn *conn)
367: {
368: // struct bgp_proto *p = conn->bgp;
369:
370: DBG("BGP: Closing connection\n");
371: conn->packets_to_send = 0;
372: conn->channels_to_send = 0;
373: rfree(conn->connect_timer);
374: conn->connect_timer = NULL;
375: rfree(conn->keepalive_timer);
376: conn->keepalive_timer = NULL;
377: rfree(conn->hold_timer);
378: conn->hold_timer = NULL;
379: rfree(conn->tx_ev);
380: conn->tx_ev = NULL;
381: rfree(conn->sk);
382: conn->sk = NULL;
383:
384: mb_free(conn->local_caps);
385: conn->local_caps = NULL;
386: mb_free(conn->remote_caps);
387: conn->remote_caps = NULL;
388: }
389:
390:
391: /**
392: * bgp_update_startup_delay - update a startup delay
393: * @p: BGP instance
394: *
395: * This function updates a startup delay that is used to postpone next BGP
396: * connect. It also handles disable_after_error and might stop BGP instance
397: * when error happened and disable_after_error is on.
398: *
399: * It should be called when BGP protocol error happened.
400: */
401: void
402: bgp_update_startup_delay(struct bgp_proto *p)
403: {
404: const struct bgp_config *cf = p->cf;
405:
406: DBG("BGP: Updating startup delay\n");
407:
408: if (p->last_proto_error && ((current_time() - p->last_proto_error) >= cf->error_amnesia_time S))
409: p->startup_delay = 0;
410:
411: p->last_proto_error = current_time();
412:
413: if (cf->disable_after_error)
414: {
415: p->startup_delay = 0;
416: p->p.disabled = 1;
417: return;
418: }
419:
420: if (!p->startup_delay)
421: p->startup_delay = cf->error_delay_time_min;
422: else
423: p->startup_delay = MIN(2 * p->startup_delay, cf->error_delay_time_max);
424: }
425:
426: static void
427: bgp_graceful_close_conn(struct bgp_conn *conn, int subcode, byte *data, uint len)
428: {
429: switch (conn->state)
430: {
431: case BS_IDLE:
432: case BS_CLOSE:
433: return;
434:
435: case BS_CONNECT:
436: case BS_ACTIVE:
437: bgp_conn_enter_idle_state(conn);
438: return;
439:
440: case BS_OPENSENT:
441: case BS_OPENCONFIRM:
442: case BS_ESTABLISHED:
443: if (subcode < 0)
444: {
445: bgp_conn_enter_close_state(conn);
446: bgp_schedule_packet(conn, NULL, PKT_SCHEDULE_CLOSE);
447: }
448: else
449: bgp_error(conn, 6, subcode, data, len);
450: return;
451:
452: default:
453: bug("bgp_graceful_close_conn: Unknown state %d", conn->state);
454: }
455: }
456:
457: static void
458: bgp_down(struct bgp_proto *p)
459: {
460: if (p->start_state > BSS_PREPARE)
461: {
462: bgp_setup_auth(p, 0);
463: bgp_close(p);
464: }
465:
466: BGP_TRACE(D_EVENTS, "Down");
467: proto_notify_state(&p->p, PS_DOWN);
468: }
469:
470: static void
471: bgp_decision(void *vp)
472: {
473: struct bgp_proto *p = vp;
474:
475: DBG("BGP: Decision start\n");
476: if ((p->p.proto_state == PS_START) &&
477: (p->outgoing_conn.state == BS_IDLE) &&
478: (p->incoming_conn.state != BS_OPENCONFIRM) &&
479: !p->passive)
480: bgp_active(p);
481:
482: if ((p->p.proto_state == PS_STOP) &&
483: (p->outgoing_conn.state == BS_IDLE) &&
484: (p->incoming_conn.state == BS_IDLE))
485: bgp_down(p);
486: }
487:
488: static struct bgp_proto *
489: bgp_spawn(struct bgp_proto *pp, ip_addr remote_ip)
490: {
491: struct symbol *sym;
492: char fmt[SYM_MAX_LEN];
493:
494: bsprintf(fmt, "%s%%0%dd", pp->cf->dynamic_name, pp->cf->dynamic_name_digits);
495:
496: /* This is hack, we would like to share config, but we need to copy it now */
497: new_config = config;
498: cfg_mem = config->mem;
499: conf_this_scope = config->root_scope;
500: sym = cf_default_name(fmt, &(pp->dynamic_name_counter));
501: proto_clone_config(sym, pp->p.cf);
502: new_config = NULL;
503: cfg_mem = NULL;
504:
505: /* Just pass remote_ip to bgp_init() */
506: ((struct bgp_config *) sym->proto)->remote_ip = remote_ip;
507:
508: return (void *) proto_spawn(sym->proto, 0);
509: }
510:
511: void
512: bgp_stop(struct bgp_proto *p, int subcode, byte *data, uint len)
513: {
514: proto_notify_state(&p->p, PS_STOP);
515: bgp_graceful_close_conn(&p->outgoing_conn, subcode, data, len);
516: bgp_graceful_close_conn(&p->incoming_conn, subcode, data, len);
517: ev_schedule(p->event);
518: }
519:
520: static inline void
521: bgp_conn_set_state(struct bgp_conn *conn, uint new_state)
522: {
523: if (conn->bgp->p.mrtdump & MD_STATES)
524: bgp_dump_state_change(conn, conn->state, new_state);
525:
526: conn->state = new_state;
527: }
528:
529: void
530: bgp_conn_enter_openconfirm_state(struct bgp_conn *conn)
531: {
532: /* Really, most of the work is done in bgp_rx_open(). */
533: bgp_conn_set_state(conn, BS_OPENCONFIRM);
534: }
535:
536: static const struct bgp_af_caps dummy_af_caps = { };
537: static const struct bgp_af_caps basic_af_caps = { .ready = 1 };
538:
539: void
540: bgp_conn_enter_established_state(struct bgp_conn *conn)
541: {
542: struct bgp_proto *p = conn->bgp;
543: struct bgp_caps *local = conn->local_caps;
544: struct bgp_caps *peer = conn->remote_caps;
545: struct bgp_channel *c;
546:
547: BGP_TRACE(D_EVENTS, "BGP session established");
548:
549: /* For multi-hop BGP sessions */
550: if (ipa_zero(p->local_ip))
551: p->local_ip = conn->sk->saddr;
552:
553: /* For promiscuous sessions */
554: if (!p->remote_as)
555: p->remote_as = conn->received_as;
556:
557: /* In case of LLv6 is not valid during BGP start */
558: if (ipa_zero(p->link_addr) && p->neigh && p->neigh->iface && p->neigh->iface->llv6)
559: p->link_addr = p->neigh->iface->llv6->ip;
560:
561: conn->sk->fast_rx = 0;
562:
563: p->conn = conn;
564: p->last_error_class = 0;
565: p->last_error_code = 0;
566:
567: p->as4_session = conn->as4_session;
568:
569: p->route_refresh = peer->route_refresh;
570: p->enhanced_refresh = local->enhanced_refresh && peer->enhanced_refresh;
571:
572: /* Whether we may handle possible GR/LLGR of peer (it has some AF GR-able) */
573: p->gr_ready = p->llgr_ready = 0; /* Updated later */
574:
575: /* Whether peer is ready to handle our GR recovery */
576: int peer_gr_ready = peer->gr_aware && !(peer->gr_flags & BGP_GRF_RESTART);
577:
578: if (p->gr_active_num)
579: tm_stop(p->gr_timer);
580:
581: /* Number of active channels */
582: int num = 0;
583:
584: /* Summary state of ADD_PATH RX for active channels */
585: uint summary_add_path_rx = 0;
586:
587: WALK_LIST(c, p->p.channels)
588: {
589: const struct bgp_af_caps *loc = bgp_find_af_caps(local, c->afi);
590: const struct bgp_af_caps *rem = bgp_find_af_caps(peer, c->afi);
591:
592: /* Use default if capabilities were not announced */
593: if (!local->length && (c->afi == BGP_AF_IPV4))
594: loc = &basic_af_caps;
595:
596: if (!peer->length && (c->afi == BGP_AF_IPV4))
597: rem = &basic_af_caps;
598:
599: /* Ignore AFIs that were not announced in multiprotocol capability */
600: if (!loc || !loc->ready)
601: loc = &dummy_af_caps;
602:
603: if (!rem || !rem->ready)
604: rem = &dummy_af_caps;
605:
606: int active = loc->ready && rem->ready;
607: c->c.disabled = !active;
608: c->c.reloadable = p->route_refresh || c->cf->import_table;
609:
610: c->index = active ? num++ : 0;
611:
612: c->feed_state = BFS_NONE;
613: c->load_state = BFS_NONE;
614:
615: /* Channels where peer may do GR */
616: uint gr_ready = active && local->gr_aware && rem->gr_able;
617: uint llgr_ready = active && local->llgr_aware && rem->llgr_able;
618:
619: c->gr_ready = gr_ready || llgr_ready;
620: p->gr_ready = p->gr_ready || c->gr_ready;
621: p->llgr_ready = p->llgr_ready || llgr_ready;
622:
623: /* Remember last LLGR stale time */
624: c->stale_time = local->llgr_aware ? rem->llgr_time : 0;
625:
626: /* Channels not able to recover gracefully */
627: if (p->p.gr_recovery && (!active || !peer_gr_ready))
628: channel_graceful_restart_unlock(&c->c);
629:
630: /* Channels waiting for local convergence */
631: if (p->p.gr_recovery && loc->gr_able && peer_gr_ready)
632: c->c.gr_wait = 1;
633:
634: /* Channels where regular graceful restart failed */
635: if ((c->gr_active == BGP_GRS_ACTIVE) &&
636: !(active && rem->gr_able && (rem->gr_af_flags & BGP_GRF_FORWARDING)))
637: bgp_graceful_restart_done(c);
638:
639: /* Channels where regular long-lived restart failed */
640: if ((c->gr_active == BGP_GRS_LLGR) &&
641: !(active && rem->llgr_able && (rem->gr_af_flags & BGP_LLGRF_FORWARDING)))
642: bgp_graceful_restart_done(c);
643:
644: /* GR capability implies that neighbor will send End-of-RIB */
645: if (peer->gr_aware)
646: c->load_state = BFS_LOADING;
647:
648: c->ext_next_hop = c->cf->ext_next_hop && (bgp_channel_is_ipv6(c) || rem->ext_next_hop);
649: c->add_path_rx = (loc->add_path & BGP_ADD_PATH_RX) && (rem->add_path & BGP_ADD_PATH_TX);
650: c->add_path_tx = (loc->add_path & BGP_ADD_PATH_TX) && (rem->add_path & BGP_ADD_PATH_RX);
651:
652: if (active)
653: summary_add_path_rx |= !c->add_path_rx ? 1 : 2;
654:
655: /* Update RA mode */
656: if (c->add_path_tx)
657: c->c.ra_mode = RA_ANY;
658: else if (c->cf->secondary)
659: c->c.ra_mode = RA_ACCEPTED;
660: else
661: c->c.ra_mode = RA_OPTIMAL;
662: }
663:
664: p->afi_map = mb_alloc(p->p.pool, num * sizeof(u32));
665: p->channel_map = mb_alloc(p->p.pool, num * sizeof(void *));
666: p->channel_count = num;
667: p->summary_add_path_rx = summary_add_path_rx;
668:
669: WALK_LIST(c, p->p.channels)
670: {
671: if (c->c.disabled)
672: continue;
673:
674: p->afi_map[c->index] = c->afi;
675: p->channel_map[c->index] = c;
676: }
677:
678: /* proto_notify_state() will likely call bgp_feed_begin(), setting c->feed_state */
679:
680: bgp_conn_set_state(conn, BS_ESTABLISHED);
681: proto_notify_state(&p->p, PS_UP);
682: }
683:
684: static void
685: bgp_conn_leave_established_state(struct bgp_proto *p)
686: {
687: BGP_TRACE(D_EVENTS, "BGP session closed");
688: p->conn = NULL;
689:
690: if (p->p.proto_state == PS_UP)
691: bgp_stop(p, 0, NULL, 0);
692: }
693:
694: void
695: bgp_conn_enter_close_state(struct bgp_conn *conn)
696: {
697: struct bgp_proto *p = conn->bgp;
698: int os = conn->state;
699:
700: bgp_conn_set_state(conn, BS_CLOSE);
701: tm_stop(conn->keepalive_timer);
702: conn->sk->rx_hook = NULL;
703:
704: /* Timeout for CLOSE state, if we cannot send notification soon then we just hangup */
705: bgp_start_timer(conn->hold_timer, 10);
706:
707: if (os == BS_ESTABLISHED)
708: bgp_conn_leave_established_state(p);
709: }
710:
711: void
712: bgp_conn_enter_idle_state(struct bgp_conn *conn)
713: {
714: struct bgp_proto *p = conn->bgp;
715: int os = conn->state;
716:
717: bgp_close_conn(conn);
718: bgp_conn_set_state(conn, BS_IDLE);
719: ev_schedule(p->event);
720:
721: if (os == BS_ESTABLISHED)
722: bgp_conn_leave_established_state(p);
723: }
724:
725: /**
726: * bgp_handle_graceful_restart - handle detected BGP graceful restart
727: * @p: BGP instance
728: *
729: * This function is called when a BGP graceful restart of the neighbor is
730: * detected (when the TCP connection fails or when a new TCP connection
731: * appears). The function activates processing of the restart - starts routing
732: * table refresh cycle and activates BGP restart timer. The protocol state goes
733: * back to %PS_START, but changing BGP state back to %BS_IDLE is left for the
734: * caller.
735: */
736: void
737: bgp_handle_graceful_restart(struct bgp_proto *p)
738: {
739: ASSERT(p->conn && (p->conn->state == BS_ESTABLISHED) && p->gr_ready);
740:
741: BGP_TRACE(D_EVENTS, "Neighbor graceful restart detected%s",
742: p->gr_active_num ? " - already pending" : "");
743:
744: p->gr_active_num = 0;
745:
746: struct bgp_channel *c;
747: WALK_LIST(c, p->p.channels)
748: {
749: /* FIXME: perhaps check for channel state instead of disabled flag? */
750: if (c->c.disabled)
751: continue;
752:
753: if (c->gr_ready)
754: {
755: p->gr_active_num++;
756:
757: switch (c->gr_active)
758: {
759: case BGP_GRS_NONE:
760: c->gr_active = BGP_GRS_ACTIVE;
761: rt_refresh_begin(c->c.table, &c->c);
762: break;
763:
764: case BGP_GRS_ACTIVE:
765: rt_refresh_end(c->c.table, &c->c);
766: rt_refresh_begin(c->c.table, &c->c);
767: break;
768:
769: case BGP_GRS_LLGR:
770: rt_refresh_begin(c->c.table, &c->c);
771: rt_modify_stale(c->c.table, &c->c);
772: break;
773: }
774: }
775: else
776: {
777: /* Just flush the routes */
778: rt_refresh_begin(c->c.table, &c->c);
779: rt_refresh_end(c->c.table, &c->c);
780: }
781:
782: /* Reset bucket and prefix tables */
783: bgp_free_bucket_table(c);
784: bgp_free_prefix_table(c);
785: bgp_init_bucket_table(c);
786: bgp_init_prefix_table(c);
787: c->packets_to_send = 0;
788: }
789:
790: /* p->gr_ready -> at least one active channel is c->gr_ready */
791: ASSERT(p->gr_active_num > 0);
792:
793: proto_notify_state(&p->p, PS_START);
794: tm_start(p->gr_timer, p->conn->remote_caps->gr_time S);
795: }
796:
797: /**
798: * bgp_graceful_restart_done - finish active BGP graceful restart
799: * @c: BGP channel
800: *
801: * This function is called when the active BGP graceful restart of the neighbor
802: * should be finished for channel @c - either successfully (the neighbor sends
803: * all paths and reports end-of-RIB for given AFI/SAFI on the new session) or
804: * unsuccessfully (the neighbor does not support BGP graceful restart on the new
805: * session). The function ends the routing table refresh cycle.
806: */
807: void
808: bgp_graceful_restart_done(struct bgp_channel *c)
809: {
810: struct bgp_proto *p = (void *) c->c.proto;
811:
812: ASSERT(c->gr_active);
813: c->gr_active = 0;
814: p->gr_active_num--;
815:
816: if (!p->gr_active_num)
817: BGP_TRACE(D_EVENTS, "Neighbor graceful restart done");
818:
819: tm_stop(c->stale_timer);
820: rt_refresh_end(c->c.table, &c->c);
821: }
822:
823: /**
824: * bgp_graceful_restart_timeout - timeout of graceful restart 'restart timer'
825: * @t: timer
826: *
827: * This function is a timeout hook for @gr_timer, implementing BGP restart time
828: * limit for reestablisment of the BGP session after the graceful restart. When
829: * fired, we just proceed with the usual protocol restart.
830: */
831:
832: static void
833: bgp_graceful_restart_timeout(timer *t)
834: {
835: struct bgp_proto *p = t->data;
836:
837: BGP_TRACE(D_EVENTS, "Neighbor graceful restart timeout");
838:
839: if (p->llgr_ready)
840: {
841: struct bgp_channel *c;
842: WALK_LIST(c, p->p.channels)
843: {
844: /* Channel is not in GR and is already flushed */
845: if (!c->gr_active)
846: continue;
847:
848: /* Channel is already in LLGR from past restart */
849: if (c->gr_active == BGP_GRS_LLGR)
850: continue;
851:
852: /* Channel is in GR, but does not support LLGR -> stop GR */
853: if (!c->stale_time)
854: {
855: bgp_graceful_restart_done(c);
856: continue;
857: }
858:
859: /* Channel is in GR, and supports LLGR -> start LLGR */
860: c->gr_active = BGP_GRS_LLGR;
861: tm_start(c->stale_timer, c->stale_time S);
862: rt_modify_stale(c->c.table, &c->c);
863: }
864: }
865: else
866: bgp_stop(p, 0, NULL, 0);
867: }
868:
869: static void
870: bgp_long_lived_stale_timeout(timer *t)
871: {
872: struct bgp_channel *c = t->data;
873: struct bgp_proto *p = (void *) c->c.proto;
874:
875: BGP_TRACE(D_EVENTS, "Long-lived stale timeout");
876:
877: bgp_graceful_restart_done(c);
878: }
879:
880:
881: /**
882: * bgp_refresh_begin - start incoming enhanced route refresh sequence
883: * @c: BGP channel
884: *
885: * This function is called when an incoming enhanced route refresh sequence is
886: * started by the neighbor, demarcated by the BoRR packet. The function updates
887: * the load state and starts the routing table refresh cycle. Note that graceful
888: * restart also uses routing table refresh cycle, but RFC 7313 and load states
889: * ensure that these two sequences do not overlap.
890: */
891: void
892: bgp_refresh_begin(struct bgp_channel *c)
893: {
894: struct bgp_proto *p = (void *) c->c.proto;
895:
896: if (c->load_state == BFS_LOADING)
897: { log(L_WARN "%s: BEGIN-OF-RR received before END-OF-RIB, ignoring", p->p.name); return; }
898:
899: c->load_state = BFS_REFRESHING;
900: rt_refresh_begin(c->c.table, &c->c);
901:
902: if (c->c.in_table)
903: rt_refresh_begin(c->c.in_table, &c->c);
904: }
905:
906: /**
907: * bgp_refresh_end - finish incoming enhanced route refresh sequence
908: * @c: BGP channel
909: *
910: * This function is called when an incoming enhanced route refresh sequence is
911: * finished by the neighbor, demarcated by the EoRR packet. The function updates
912: * the load state and ends the routing table refresh cycle. Routes not received
913: * during the sequence are removed by the nest.
914: */
915: void
916: bgp_refresh_end(struct bgp_channel *c)
917: {
918: struct bgp_proto *p = (void *) c->c.proto;
919:
920: if (c->load_state != BFS_REFRESHING)
921: { log(L_WARN "%s: END-OF-RR received without prior BEGIN-OF-RR, ignoring", p->p.name); return; }
922:
923: c->load_state = BFS_NONE;
924: rt_refresh_end(c->c.table, &c->c);
925:
926: if (c->c.in_table)
927: rt_prune_sync(c->c.in_table, 0);
928: }
929:
930:
931: static void
932: bgp_send_open(struct bgp_conn *conn)
933: {
934: DBG("BGP: Sending open\n");
935: conn->sk->rx_hook = bgp_rx;
936: conn->sk->tx_hook = bgp_tx;
937: tm_stop(conn->connect_timer);
938: bgp_prepare_capabilities(conn);
939: bgp_schedule_packet(conn, NULL, PKT_OPEN);
940: bgp_conn_set_state(conn, BS_OPENSENT);
941: bgp_start_timer(conn->hold_timer, conn->bgp->cf->initial_hold_time);
942: }
943:
944: static void
945: bgp_connected(sock *sk)
946: {
947: struct bgp_conn *conn = sk->data;
948: struct bgp_proto *p = conn->bgp;
949:
950: BGP_TRACE(D_EVENTS, "Connected");
951: bgp_send_open(conn);
952: }
953:
954: static void
955: bgp_connect_timeout(timer *t)
956: {
957: struct bgp_conn *conn = t->data;
958: struct bgp_proto *p = conn->bgp;
959:
960: DBG("BGP: connect_timeout\n");
961: if (p->p.proto_state == PS_START)
962: {
963: bgp_close_conn(conn);
964: bgp_connect(p);
965: }
966: else
967: bgp_conn_enter_idle_state(conn);
968: }
969:
970: static void
971: bgp_sock_err(sock *sk, int err)
972: {
973: struct bgp_conn *conn = sk->data;
974: struct bgp_proto *p = conn->bgp;
975:
976: /*
977: * This error hook may be called either asynchronously from main
978: * loop, or synchronously from sk_send(). But sk_send() is called
979: * only from bgp_tx() and bgp_kick_tx(), which are both called
980: * asynchronously from main loop. Moreover, they end if err hook is
981: * called. Therefore, we could suppose that it is always called
982: * asynchronously.
983: */
984:
985: bgp_store_error(p, conn, BE_SOCKET, err);
986:
987: if (err)
988: BGP_TRACE(D_EVENTS, "Connection lost (%M)", err);
989: else
990: BGP_TRACE(D_EVENTS, "Connection closed");
991:
992: if ((conn->state == BS_ESTABLISHED) && p->gr_ready)
993: bgp_handle_graceful_restart(p);
994:
995: bgp_conn_enter_idle_state(conn);
996: }
997:
998: static void
999: bgp_hold_timeout(timer *t)
1000: {
1001: struct bgp_conn *conn = t->data;
1002: struct bgp_proto *p = conn->bgp;
1003:
1004: DBG("BGP: Hold timeout\n");
1005:
1006: /* We are already closing the connection - just do hangup */
1007: if (conn->state == BS_CLOSE)
1008: {
1009: BGP_TRACE(D_EVENTS, "Connection stalled");
1010: bgp_conn_enter_idle_state(conn);
1011: return;
1012: }
1013:
1014: /* If there is something in input queue, we are probably congested
1015: and perhaps just not processed BGP packets in time. */
1016:
1017: if (sk_rx_ready(conn->sk) > 0)
1018: bgp_start_timer(conn->hold_timer, 10);
1019: else if ((conn->state == BS_ESTABLISHED) && p->llgr_ready)
1020: {
1021: BGP_TRACE(D_EVENTS, "Hold timer expired");
1022: bgp_handle_graceful_restart(p);
1023: bgp_conn_enter_idle_state(conn);
1024: }
1025: else
1026: bgp_error(conn, 4, 0, NULL, 0);
1027: }
1028:
1029: static void
1030: bgp_keepalive_timeout(timer *t)
1031: {
1032: struct bgp_conn *conn = t->data;
1033:
1034: DBG("BGP: Keepalive timer\n");
1035: bgp_schedule_packet(conn, NULL, PKT_KEEPALIVE);
1036:
1037: /* Kick TX a bit faster */
1038: if (ev_active(conn->tx_ev))
1039: ev_run(conn->tx_ev);
1040: }
1041:
1042: static void
1043: bgp_setup_conn(struct bgp_proto *p, struct bgp_conn *conn)
1044: {
1045: conn->sk = NULL;
1046: conn->bgp = p;
1047:
1048: conn->packets_to_send = 0;
1049: conn->channels_to_send = 0;
1050: conn->last_channel = 0;
1051: conn->last_channel_count = 0;
1052:
1053: conn->connect_timer = tm_new_init(p->p.pool, bgp_connect_timeout, conn, 0, 0);
1054: conn->hold_timer = tm_new_init(p->p.pool, bgp_hold_timeout, conn, 0, 0);
1055: conn->keepalive_timer = tm_new_init(p->p.pool, bgp_keepalive_timeout, conn, 0, 0);
1056:
1057: conn->tx_ev = ev_new_init(p->p.pool, bgp_kick_tx, conn);
1058: }
1059:
1060: static void
1061: bgp_setup_sk(struct bgp_conn *conn, sock *s)
1062: {
1063: s->data = conn;
1064: s->err_hook = bgp_sock_err;
1065: s->fast_rx = 1;
1066: conn->sk = s;
1067: }
1068:
1069: static void
1070: bgp_active(struct bgp_proto *p)
1071: {
1072: int delay = MAX(1, p->cf->connect_delay_time);
1073: struct bgp_conn *conn = &p->outgoing_conn;
1074:
1075: BGP_TRACE(D_EVENTS, "Connect delayed by %d seconds", delay);
1076: bgp_setup_conn(p, conn);
1077: bgp_conn_set_state(conn, BS_ACTIVE);
1078: bgp_start_timer(conn->connect_timer, delay);
1079: }
1080:
1081: /**
1082: * bgp_connect - initiate an outgoing connection
1083: * @p: BGP instance
1084: *
1085: * The bgp_connect() function creates a new &bgp_conn and initiates
1086: * a TCP connection to the peer. The rest of connection setup is governed
1087: * by the BGP state machine as described in the standard.
1088: */
1089: static void
1090: bgp_connect(struct bgp_proto *p) /* Enter Connect state and start establishing connection */
1091: {
1092: struct bgp_conn *conn = &p->outgoing_conn;
1093: int hops = p->cf->multihop ? : 1;
1094:
1095: DBG("BGP: Connecting\n");
1096: sock *s = sk_new(p->p.pool);
1097: s->type = SK_TCP_ACTIVE;
1098: s->saddr = p->local_ip;
1099: s->daddr = p->remote_ip;
1100: s->dport = p->cf->remote_port;
1101: s->iface = p->neigh ? p->neigh->iface : NULL;
1102: s->vrf = p->p.vrf;
1103: s->ttl = p->cf->ttl_security ? 255 : hops;
1104: s->rbsize = p->cf->enable_extended_messages ? BGP_RX_BUFFER_EXT_SIZE : BGP_RX_BUFFER_SIZE;
1105: s->tbsize = p->cf->enable_extended_messages ? BGP_TX_BUFFER_EXT_SIZE : BGP_TX_BUFFER_SIZE;
1106: s->tos = IP_PREC_INTERNET_CONTROL;
1107: s->password = p->cf->password;
1108: s->tx_hook = bgp_connected;
1109: BGP_TRACE(D_EVENTS, "Connecting to %I%J from local address %I%J",
1110: s->daddr, ipa_is_link_local(s->daddr) ? p->cf->iface : NULL,
1111: s->saddr, ipa_is_link_local(s->saddr) ? s->iface : NULL);
1112: bgp_setup_conn(p, conn);
1113: bgp_setup_sk(conn, s);
1114: bgp_conn_set_state(conn, BS_CONNECT);
1115:
1116: if (sk_open(s) < 0)
1117: goto err;
1118:
1119: /* Set minimal receive TTL if needed */
1120: if (p->cf->ttl_security)
1121: if (sk_set_min_ttl(s, 256 - hops) < 0)
1122: goto err;
1123:
1124: DBG("BGP: Waiting for connect success\n");
1125: bgp_start_timer(conn->connect_timer, p->cf->connect_retry_time);
1126: return;
1127:
1128: err:
1129: sk_log_error(s, p->p.name);
1130: bgp_sock_err(s, 0);
1131: return;
1132: }
1133:
1134: static inline int bgp_is_dynamic(struct bgp_proto *p)
1135: { return ipa_zero(p->remote_ip); }
1136:
1137: /**
1138: * bgp_find_proto - find existing proto for incoming connection
1139: * @sk: TCP socket
1140: *
1141: */
1142: static struct bgp_proto *
1143: bgp_find_proto(sock *sk)
1144: {
1145: struct bgp_proto *best = NULL;
1146: struct bgp_proto *p;
1147:
1148: /* sk->iface is valid only if src or dst address is link-local */
1149: int link = ipa_is_link_local(sk->saddr) || ipa_is_link_local(sk->daddr);
1150:
1151: WALK_LIST(p, proto_list)
1152: if ((p->p.proto == &proto_bgp) &&
1153: (ipa_equal(p->remote_ip, sk->daddr) || bgp_is_dynamic(p)) &&
1154: (!p->cf->remote_range || ipa_in_netX(sk->daddr, p->cf->remote_range)) &&
1155: (p->p.vrf == sk->vrf) &&
1156: (p->cf->local_port == sk->sport) &&
1157: (!link || (p->cf->iface == sk->iface)) &&
1158: (ipa_zero(p->cf->local_ip) || ipa_equal(p->cf->local_ip, sk->saddr)))
1159: {
1160: best = p;
1161:
1162: if (!bgp_is_dynamic(p))
1163: break;
1164: }
1165:
1166: return best;
1167: }
1168:
1169: /**
1170: * bgp_incoming_connection - handle an incoming connection
1171: * @sk: TCP socket
1172: * @dummy: unused
1173: *
1174: * This function serves as a socket hook for accepting of new BGP
1175: * connections. It searches a BGP instance corresponding to the peer
1176: * which has connected and if such an instance exists, it creates a
1177: * &bgp_conn structure, attaches it to the instance and either sends
1178: * an Open message or (if there already is an active connection) it
1179: * closes the new connection by sending a Notification message.
1180: */
1181: static int
1182: bgp_incoming_connection(sock *sk, uint dummy UNUSED)
1183: {
1184: struct bgp_proto *p;
1185: int acc, hops;
1186:
1187: DBG("BGP: Incoming connection from %I port %d\n", sk->daddr, sk->dport);
1188: p = bgp_find_proto(sk);
1189: if (!p)
1190: {
1191: log(L_WARN "BGP: Unexpected connect from unknown address %I%J (port %d)",
1192: sk->daddr, ipa_is_link_local(sk->daddr) ? sk->iface : NULL, sk->dport);
1193: rfree(sk);
1194: return 0;
1195: }
1196:
1197: /*
1198: * BIRD should keep multiple incoming connections in OpenSent state (for
1199: * details RFC 4271 8.2.1 par 3), but it keeps just one. Duplicate incoming
1200: * connections are rejected istead. The exception is the case where an
1201: * incoming connection triggers a graceful restart.
1202: */
1203:
1204: acc = (p->p.proto_state == PS_START || p->p.proto_state == PS_UP) &&
1205: (p->start_state >= BSS_CONNECT) && (!p->incoming_conn.sk);
1206:
1207: if (p->conn && (p->conn->state == BS_ESTABLISHED) && p->gr_ready)
1208: {
1209: bgp_store_error(p, NULL, BE_MISC, BEM_GRACEFUL_RESTART);
1210: bgp_handle_graceful_restart(p);
1211: bgp_conn_enter_idle_state(p->conn);
1212: acc = 1;
1213:
1214: /* There might be separate incoming connection in OpenSent state */
1215: if (p->incoming_conn.state > BS_ACTIVE)
1216: bgp_close_conn(&p->incoming_conn);
1217: }
1218:
1219: BGP_TRACE(D_EVENTS, "Incoming connection from %I%J (port %d) %s",
1220: sk->daddr, ipa_is_link_local(sk->daddr) ? sk->iface : NULL,
1221: sk->dport, acc ? "accepted" : "rejected");
1222:
1223: if (!acc)
1224: {
1225: rfree(sk);
1226: return 0;
1227: }
1228:
1229: hops = p->cf->multihop ? : 1;
1230:
1231: if (sk_set_ttl(sk, p->cf->ttl_security ? 255 : hops) < 0)
1232: goto err;
1233:
1234: if (p->cf->ttl_security)
1235: if (sk_set_min_ttl(sk, 256 - hops) < 0)
1236: goto err;
1237:
1238: if (p->cf->enable_extended_messages)
1239: {
1240: sk->rbsize = BGP_RX_BUFFER_EXT_SIZE;
1241: sk->tbsize = BGP_TX_BUFFER_EXT_SIZE;
1242: sk_reallocate(sk);
1243: }
1244:
1245: /* For dynamic BGP, spawn new instance and postpone the socket */
1246: if (bgp_is_dynamic(p))
1247: {
1248: p = bgp_spawn(p, sk->daddr);
1249: p->postponed_sk = sk;
1250: rmove(sk, p->p.pool);
1251: return 0;
1252: }
1253:
1254: rmove(sk, p->p.pool);
1255: bgp_setup_conn(p, &p->incoming_conn);
1256: bgp_setup_sk(&p->incoming_conn, sk);
1257: bgp_send_open(&p->incoming_conn);
1258: return 0;
1259:
1260: err:
1261: sk_log_error(sk, p->p.name);
1262: log(L_ERR "%s: Incoming connection aborted", p->p.name);
1263: rfree(sk);
1264: return 0;
1265: }
1266:
1267: static void
1268: bgp_listen_sock_err(sock *sk UNUSED, int err)
1269: {
1270: if (err == ECONNABORTED)
1271: log(L_WARN "BGP: Incoming connection aborted");
1272: else
1273: log(L_ERR "BGP: Error on listening socket: %M", err);
1274: }
1275:
1276: static void
1277: bgp_start_neighbor(struct bgp_proto *p)
1278: {
1279: /* Called only for single-hop BGP sessions */
1280:
1281: if (ipa_zero(p->local_ip))
1282: p->local_ip = p->neigh->ifa->ip;
1283:
1284: if (ipa_is_link_local(p->local_ip))
1285: p->link_addr = p->local_ip;
1286: else if (p->neigh->iface->llv6)
1287: p->link_addr = p->neigh->iface->llv6->ip;
1288:
1289: bgp_initiate(p);
1290: }
1291:
1292: static void
1293: bgp_neigh_notify(neighbor *n)
1294: {
1295: struct bgp_proto *p = (struct bgp_proto *) n->proto;
1296: int ps = p->p.proto_state;
1297:
1298: if (n != p->neigh)
1299: return;
1300:
1301: if ((ps == PS_DOWN) || (ps == PS_STOP))
1302: return;
1303:
1304: int prepare = (ps == PS_START) && (p->start_state == BSS_PREPARE);
1305:
1306: if (n->scope <= 0)
1307: {
1308: if (!prepare)
1309: {
1310: BGP_TRACE(D_EVENTS, "Neighbor lost");
1311: bgp_store_error(p, NULL, BE_MISC, BEM_NEIGHBOR_LOST);
1312: /* Perhaps also run bgp_update_startup_delay(p)? */
1313: bgp_stop(p, 0, NULL, 0);
1314: }
1315: }
1316: else if (p->cf->check_link && !(n->iface->flags & IF_LINK_UP))
1317: {
1318: if (!prepare)
1319: {
1320: BGP_TRACE(D_EVENTS, "Link down");
1321: bgp_store_error(p, NULL, BE_MISC, BEM_LINK_DOWN);
1322: if (ps == PS_UP)
1323: bgp_update_startup_delay(p);
1324: bgp_stop(p, 0, NULL, 0);
1325: }
1326: }
1327: else
1328: {
1329: if (prepare)
1330: {
1331: BGP_TRACE(D_EVENTS, "Neighbor ready");
1332: bgp_start_neighbor(p);
1333: }
1334: }
1335: }
1336:
1337: static void
1338: bgp_bfd_notify(struct bfd_request *req)
1339: {
1340: struct bgp_proto *p = req->data;
1341: int ps = p->p.proto_state;
1342:
1343: if (req->down && ((ps == PS_START) || (ps == PS_UP)))
1344: {
1345: BGP_TRACE(D_EVENTS, "BFD session down");
1346: bgp_store_error(p, NULL, BE_MISC, BEM_BFD_DOWN);
1347:
1348: if (p->cf->bfd == BGP_BFD_GRACEFUL)
1349: {
1350: /* Trigger graceful restart */
1351: if (p->conn && (p->conn->state == BS_ESTABLISHED) && p->gr_ready)
1352: bgp_handle_graceful_restart(p);
1353:
1354: if (p->incoming_conn.state > BS_IDLE)
1355: bgp_conn_enter_idle_state(&p->incoming_conn);
1356:
1357: if (p->outgoing_conn.state > BS_IDLE)
1358: bgp_conn_enter_idle_state(&p->outgoing_conn);
1359: }
1360: else
1361: {
1362: /* Trigger session down */
1363: if (ps == PS_UP)
1364: bgp_update_startup_delay(p);
1365: bgp_stop(p, 0, NULL, 0);
1366: }
1367: }
1368: }
1369:
1370: static void
1371: bgp_update_bfd(struct bgp_proto *p, int use_bfd)
1372: {
1373: if (use_bfd && !p->bfd_req && !bgp_is_dynamic(p))
1374: p->bfd_req = bfd_request_session(p->p.pool, p->remote_ip, p->local_ip,
1375: p->cf->multihop ? NULL : p->neigh->iface,
1376: p->p.vrf, bgp_bfd_notify, p);
1377:
1378: if (!use_bfd && p->bfd_req)
1379: {
1380: rfree(p->bfd_req);
1381: p->bfd_req = NULL;
1382: }
1383: }
1384:
1385: static void
1386: bgp_reload_routes(struct channel *C)
1387: {
1388: struct bgp_proto *p = (void *) C->proto;
1389: struct bgp_channel *c = (void *) C;
1390:
1391: ASSERT(p->conn && (p->route_refresh || c->c.in_table));
1392:
1393: if (c->c.in_table)
1394: channel_schedule_reload(C);
1395: else
1396: bgp_schedule_packet(p->conn, c, PKT_ROUTE_REFRESH);
1397: }
1398:
1399: static void
1400: bgp_feed_begin(struct channel *C, int initial)
1401: {
1402: struct bgp_proto *p = (void *) C->proto;
1403: struct bgp_channel *c = (void *) C;
1404:
1405: /* This should not happen */
1406: if (!p->conn)
1407: return;
1408:
1409: if (initial && p->cf->gr_mode)
1410: c->feed_state = BFS_LOADING;
1411:
1412: /* It is refeed and both sides support enhanced route refresh */
1413: if (!initial && p->enhanced_refresh)
1414: {
1415: /* BoRR must not be sent before End-of-RIB */
1416: if (c->feed_state == BFS_LOADING || c->feed_state == BFS_LOADED)
1417: return;
1418:
1419: c->feed_state = BFS_REFRESHING;
1420: bgp_schedule_packet(p->conn, c, PKT_BEGIN_REFRESH);
1421: }
1422: }
1423:
1424: static void
1425: bgp_feed_end(struct channel *C)
1426: {
1427: struct bgp_proto *p = (void *) C->proto;
1428: struct bgp_channel *c = (void *) C;
1429:
1430: /* This should not happen */
1431: if (!p->conn)
1432: return;
1433:
1434: /* Non-demarcated feed ended, nothing to do */
1435: if (c->feed_state == BFS_NONE)
1436: return;
1437:
1438: /* Schedule End-of-RIB packet */
1439: if (c->feed_state == BFS_LOADING)
1440: c->feed_state = BFS_LOADED;
1441:
1442: /* Schedule EoRR packet */
1443: if (c->feed_state == BFS_REFRESHING)
1444: c->feed_state = BFS_REFRESHED;
1445:
1446: /* Kick TX hook */
1447: bgp_schedule_packet(p->conn, c, PKT_UPDATE);
1448: }
1449:
1450:
1451: static void
1452: bgp_start_locked(struct object_lock *lock)
1453: {
1454: struct bgp_proto *p = lock->data;
1455: const struct bgp_config *cf = p->cf;
1456:
1457: if (p->p.proto_state != PS_START)
1458: {
1459: DBG("BGP: Got lock in different state %d\n", p->p.proto_state);
1460: return;
1461: }
1462:
1463: DBG("BGP: Got lock\n");
1464:
1465: if (cf->multihop || bgp_is_dynamic(p))
1466: {
1467: /* Multi-hop sessions do not use neighbor entries */
1468: bgp_initiate(p);
1469: return;
1470: }
1471:
1472: neighbor *n = neigh_find(&p->p, p->remote_ip, cf->iface, NEF_STICKY);
1473: if (!n)
1474: {
1475: log(L_ERR "%s: Invalid remote address %I%J", p->p.name, p->remote_ip, cf->iface);
1476: /* As we do not start yet, we can just disable protocol */
1477: p->p.disabled = 1;
1478: bgp_store_error(p, NULL, BE_MISC, BEM_INVALID_NEXT_HOP);
1479: proto_notify_state(&p->p, PS_DOWN);
1480: return;
1481: }
1482:
1483: p->neigh = n;
1484:
1485: if (n->scope <= 0)
1486: BGP_TRACE(D_EVENTS, "Waiting for %I%J to become my neighbor", p->remote_ip, cf->iface);
1487: else if (p->cf->check_link && !(n->iface->flags & IF_LINK_UP))
1488: BGP_TRACE(D_EVENTS, "Waiting for link on %s", n->iface->name);
1489: else
1490: bgp_start_neighbor(p);
1491: }
1492:
1493: static int
1494: bgp_start(struct proto *P)
1495: {
1496: struct bgp_proto *p = (struct bgp_proto *) P;
1497: const struct bgp_config *cf = p->cf;
1498:
1499: p->local_ip = cf->local_ip;
1500: p->local_as = cf->local_as;
1501: p->remote_as = cf->remote_as;
1502: p->public_as = cf->local_as;
1503:
1504: /* For dynamic BGP childs, remote_ip is already set */
1505: if (ipa_nonzero(cf->remote_ip))
1506: p->remote_ip = cf->remote_ip;
1507:
1508: /* Confederation ID is used for truly external peers */
1509: if (p->cf->confederation && !p->is_interior)
1510: p->public_as = cf->confederation;
1511:
1512: p->passive = cf->passive || bgp_is_dynamic(p);
1513:
1514: p->start_state = BSS_PREPARE;
1515: p->outgoing_conn.state = BS_IDLE;
1516: p->incoming_conn.state = BS_IDLE;
1517: p->neigh = NULL;
1518: p->bfd_req = NULL;
1519: p->postponed_sk = NULL;
1520: p->gr_ready = 0;
1521: p->gr_active_num = 0;
1522:
1523: p->event = ev_new_init(p->p.pool, bgp_decision, p);
1524: p->startup_timer = tm_new_init(p->p.pool, bgp_startup_timeout, p, 0, 0);
1525: p->gr_timer = tm_new_init(p->p.pool, bgp_graceful_restart_timeout, p, 0, 0);
1526:
1527: p->local_id = proto_get_router_id(P->cf);
1528: if (p->rr_client)
1529: p->rr_cluster_id = p->cf->rr_cluster_id ? p->cf->rr_cluster_id : p->local_id;
1530:
1531: p->remote_id = 0;
1532: p->link_addr = IPA_NONE;
1533:
1534: /* Lock all channels when in GR recovery mode */
1535: if (p->p.gr_recovery && p->cf->gr_mode)
1536: {
1537: struct bgp_channel *c;
1538: WALK_LIST(c, p->p.channels)
1539: channel_graceful_restart_lock(&c->c);
1540: }
1541:
1542: /*
1543: * Before attempting to create the connection, we need to lock the port,
1544: * so that we are the only instance attempting to talk with that neighbor.
1545: */
1546: struct object_lock *lock;
1547: lock = p->lock = olock_new(P->pool);
1548: lock->addr = p->remote_ip;
1549: lock->port = p->cf->remote_port;
1550: lock->iface = p->cf->iface;
1551: lock->vrf = p->cf->iface ? NULL : p->p.vrf;
1552: lock->type = OBJLOCK_TCP;
1553: lock->hook = bgp_start_locked;
1554: lock->data = p;
1555:
1556: /* For dynamic BGP, we use inst 1 to avoid collisions with regular BGP */
1557: if (bgp_is_dynamic(p))
1558: {
1559: lock->addr = net_prefix(p->cf->remote_range);
1560: lock->inst = 1;
1561: }
1562:
1563: olock_acquire(lock);
1564:
1565: return PS_START;
1566: }
1567:
1568: extern int proto_restart;
1569:
1570: static int
1571: bgp_shutdown(struct proto *P)
1572: {
1573: struct bgp_proto *p = (struct bgp_proto *) P;
1574: int subcode = 0;
1575:
1576: char *message = NULL;
1577: byte *data = NULL;
1578: uint len = 0;
1579:
1580: BGP_TRACE(D_EVENTS, "Shutdown requested");
1581:
1582: switch (P->down_code)
1583: {
1584: case PDC_CF_REMOVE:
1585: case PDC_CF_DISABLE:
1586: subcode = 3; // Errcode 6, 3 - peer de-configured
1587: break;
1588:
1589: case PDC_CF_RESTART:
1590: subcode = 6; // Errcode 6, 6 - other configuration change
1591: break;
1592:
1593: case PDC_CMD_DISABLE:
1594: case PDC_CMD_SHUTDOWN:
1595: shutdown:
1596: subcode = 2; // Errcode 6, 2 - administrative shutdown
1597: message = P->message;
1598: break;
1599:
1600: case PDC_CMD_RESTART:
1601: subcode = 4; // Errcode 6, 4 - administrative reset
1602: message = P->message;
1603: break;
1604:
1605: case PDC_CMD_GR_DOWN:
1606: if ((p->cf->gr_mode != BGP_GR_ABLE) &&
1607: (p->cf->llgr_mode != BGP_LLGR_ABLE))
1608: goto shutdown;
1609:
1610: subcode = -1; // Do not send NOTIFICATION, just close the connection
1611: break;
1612:
1613: case PDC_RX_LIMIT_HIT:
1614: case PDC_IN_LIMIT_HIT:
1615: subcode = 1; // Errcode 6, 1 - max number of prefixes reached
1616: /* log message for compatibility */
1617: log(L_WARN "%s: Route limit exceeded, shutting down", p->p.name);
1618: goto limit;
1619:
1620: case PDC_OUT_LIMIT_HIT:
1621: subcode = proto_restart ? 4 : 2; // Administrative reset or shutdown
1622:
1623: limit:
1624: bgp_store_error(p, NULL, BE_AUTO_DOWN, BEA_ROUTE_LIMIT_EXCEEDED);
1625: if (proto_restart)
1626: bgp_update_startup_delay(p);
1627: else
1628: p->startup_delay = 0;
1629: goto done;
1630: }
1631:
1632: bgp_store_error(p, NULL, BE_MAN_DOWN, 0);
1633: p->startup_delay = 0;
1634:
1635: /* RFC 8203 - shutdown communication */
1636: if (message)
1637: {
1638: uint msg_len = strlen(message);
1639: msg_len = MIN(msg_len, 255);
1640:
1641: /* Buffer will be freed automatically by protocol shutdown */
1642: data = mb_alloc(p->p.pool, msg_len + 1);
1643: len = msg_len + 1;
1644:
1645: data[0] = msg_len;
1646: memcpy(data+1, message, msg_len);
1647: }
1648:
1649: done:
1650: bgp_stop(p, subcode, data, len);
1651: return p->p.proto_state;
1652: }
1653:
1654: static struct proto *
1655: bgp_init(struct proto_config *CF)
1656: {
1657: struct proto *P = proto_new(CF);
1658: struct bgp_proto *p = (struct bgp_proto *) P;
1659: struct bgp_config *cf = (struct bgp_config *) CF;
1660:
1661: P->rt_notify = bgp_rt_notify;
1662: P->preexport = bgp_preexport;
1663: P->neigh_notify = bgp_neigh_notify;
1664: P->reload_routes = bgp_reload_routes;
1665: P->feed_begin = bgp_feed_begin;
1666: P->feed_end = bgp_feed_end;
1667: P->rte_better = bgp_rte_better;
1668: P->rte_mergable = bgp_rte_mergable;
1669: P->rte_recalculate = cf->deterministic_med ? bgp_rte_recalculate : NULL;
1670: P->rte_modify = bgp_rte_modify_stale;
1671:
1672: p->cf = cf;
1673: p->is_internal = (cf->local_as == cf->remote_as);
1674: p->is_interior = p->is_internal || cf->confederation_member;
1675: p->rs_client = cf->rs_client;
1676: p->rr_client = cf->rr_client;
1677:
1678: p->ipv4 = ipa_nonzero(cf->remote_ip) ?
1679: ipa_is_ip4(cf->remote_ip) :
1680: (cf->remote_range && (cf->remote_range->type == NET_IP4));
1681:
1682: p->remote_ip = cf->remote_ip;
1683: p->remote_as = cf->remote_as;
1684:
1685: /* Hack: We use cf->remote_ip just to pass remote_ip from bgp_spawn() */
1686: if (cf->c.parent)
1687: cf->remote_ip = IPA_NONE;
1688:
1689: /* Add all channels */
1690: struct bgp_channel_config *cc;
1691: WALK_LIST(cc, CF->channels)
1692: proto_add_channel(P, &cc->c);
1693:
1694: return P;
1695: }
1696:
1697: static void
1698: bgp_channel_init(struct channel *C, struct channel_config *CF)
1699: {
1700: struct bgp_channel *c = (void *) C;
1701: struct bgp_channel_config *cf = (void *) CF;
1702:
1703: c->cf = cf;
1704: c->afi = cf->afi;
1705: c->desc = cf->desc;
1706:
1707: if (cf->igp_table_ip4)
1708: c->igp_table_ip4 = cf->igp_table_ip4->table;
1709:
1710: if (cf->igp_table_ip6)
1711: c->igp_table_ip6 = cf->igp_table_ip6->table;
1712: }
1713:
1714: static int
1715: bgp_channel_start(struct channel *C)
1716: {
1717: struct bgp_proto *p = (void *) C->proto;
1718: struct bgp_channel *c = (void *) C;
1719: ip_addr src = p->local_ip;
1720:
1721: if (c->igp_table_ip4)
1722: rt_lock_table(c->igp_table_ip4);
1723:
1724: if (c->igp_table_ip6)
1725: rt_lock_table(c->igp_table_ip6);
1726:
1727: c->pool = p->p.pool; // XXXX
1728: bgp_init_bucket_table(c);
1729: bgp_init_prefix_table(c);
1730:
1731: if (c->cf->import_table)
1732: channel_setup_in_table(C);
1733:
1734: if (c->cf->export_table)
1735: channel_setup_out_table(C);
1736:
1737: c->stale_timer = tm_new_init(c->pool, bgp_long_lived_stale_timeout, c, 0, 0);
1738:
1739: c->next_hop_addr = c->cf->next_hop_addr;
1740: c->link_addr = IPA_NONE;
1741: c->packets_to_send = 0;
1742:
1743: /* Try to use source address as next hop address */
1744: if (ipa_zero(c->next_hop_addr))
1745: {
1746: if (bgp_channel_is_ipv4(c) && (ipa_is_ip4(src) || c->ext_next_hop))
1747: c->next_hop_addr = src;
1748:
1749: if (bgp_channel_is_ipv6(c) && (ipa_is_ip6(src) || c->ext_next_hop))
1750: c->next_hop_addr = src;
1751: }
1752:
1753: /* Use preferred addresses associated with interface / source address */
1754: if (ipa_zero(c->next_hop_addr))
1755: {
1756: /* We know the iface for single-hop, we make lookup for multihop */
1757: struct neighbor *nbr = p->neigh ?: neigh_find(&p->p, src, NULL, 0);
1758: struct iface *iface = nbr ? nbr->iface : NULL;
1759:
1760: if (bgp_channel_is_ipv4(c) && iface && iface->addr4)
1761: c->next_hop_addr = iface->addr4->ip;
1762:
1763: if (bgp_channel_is_ipv6(c) && iface && iface->addr6)
1764: c->next_hop_addr = iface->addr6->ip;
1765: }
1766:
1767: /* Exit if no feasible next hop address is found */
1768: if (ipa_zero(c->next_hop_addr))
1769: {
1770: log(L_WARN "%s: Missing next hop address", p->p.name);
1771: return 0;
1772: }
1773:
1774: /* Set link-local address for IPv6 single-hop BGP */
1775: if (ipa_is_ip6(c->next_hop_addr) && p->neigh)
1776: {
1777: c->link_addr = p->link_addr;
1778:
1779: if (ipa_zero(c->link_addr))
1780: log(L_WARN "%s: Missing link-local address", p->p.name);
1781: }
1782:
1783: /* Link local address is already in c->link_addr */
1784: if (ipa_is_link_local(c->next_hop_addr))
1785: c->next_hop_addr = IPA_NONE;
1786:
1787: return 0; /* XXXX: Currently undefined */
1788: }
1789:
1790: static void
1791: bgp_channel_shutdown(struct channel *C)
1792: {
1793: struct bgp_channel *c = (void *) C;
1794:
1795: c->next_hop_addr = IPA_NONE;
1796: c->link_addr = IPA_NONE;
1797: c->packets_to_send = 0;
1798: }
1799:
1800: static void
1801: bgp_channel_cleanup(struct channel *C)
1802: {
1803: struct bgp_channel *c = (void *) C;
1804:
1805: if (c->igp_table_ip4)
1806: rt_unlock_table(c->igp_table_ip4);
1807:
1808: if (c->igp_table_ip6)
1809: rt_unlock_table(c->igp_table_ip6);
1810:
1811: c->index = 0;
1812:
1813: /* Cleanup rest of bgp_channel starting at pool field */
1814: memset(&(c->pool), 0, sizeof(struct bgp_channel) - OFFSETOF(struct bgp_channel, pool));
1815: }
1816:
1817: static inline struct bgp_channel_config *
1818: bgp_find_channel_config(struct bgp_config *cf, u32 afi)
1819: {
1820: struct bgp_channel_config *cc;
1821:
1822: WALK_LIST(cc, cf->c.channels)
1823: if (cc->afi == afi)
1824: return cc;
1825:
1826: return NULL;
1827: }
1828:
1829: struct rtable_config *
1830: bgp_default_igp_table(struct bgp_config *cf, struct bgp_channel_config *cc, u32 type)
1831: {
1832: struct bgp_channel_config *cc2;
1833: struct rtable_config *tab;
1834:
1835: /* First, try table connected by the channel */
1836: if (cc->c.table->addr_type == type)
1837: return cc->c.table;
1838:
1839: /* Find paired channel with the same SAFI but the other AFI */
1840: u32 afi2 = cc->afi ^ 0x30000;
1841: cc2 = bgp_find_channel_config(cf, afi2);
1842:
1843: /* Second, try IGP table configured in the paired channel */
1844: if (cc2 && (tab = (type == NET_IP4) ? cc2->igp_table_ip4 : cc2->igp_table_ip6))
1845: return tab;
1846:
1847: /* Third, try table connected by the paired channel */
1848: if (cc2 && (cc2->c.table->addr_type == type))
1849: return cc2->c.table;
1850:
1851: /* Last, try default table of given type */
1852: if (tab = cf->c.global->def_tables[type])
1853: return tab;
1854:
1855: cf_error("Undefined IGP table");
1856: }
1857:
1858:
1859: void
1860: bgp_postconfig(struct proto_config *CF)
1861: {
1862: struct bgp_config *cf = (void *) CF;
1863:
1864: /* Do not check templates at all */
1865: if (cf->c.class == SYM_TEMPLATE)
1866: return;
1867:
1868:
1869: /* Handle undefined remote_as, zero should mean unspecified external */
1870: if (!cf->remote_as && (cf->peer_type == BGP_PT_INTERNAL))
1871: cf->remote_as = cf->local_as;
1872:
1873: int internal = (cf->local_as == cf->remote_as);
1874: int interior = internal || cf->confederation_member;
1875:
1876: /* EBGP direct by default, IBGP multihop by default */
1877: if (cf->multihop < 0)
1878: cf->multihop = internal ? 64 : 0;
1879:
1880: /* LLGR mode default based on GR mode */
1881: if (cf->llgr_mode < 0)
1882: cf->llgr_mode = cf->gr_mode ? BGP_LLGR_AWARE : 0;
1883:
1884: /* Link check for single-hop BGP by default */
1885: if (cf->check_link < 0)
1886: cf->check_link = !cf->multihop;
1887:
1888:
1889: if (!cf->local_as)
1890: cf_error("Local AS number must be set");
1891:
1892: if (ipa_zero(cf->remote_ip) && !cf->remote_range)
1893: cf_error("Neighbor must be configured");
1894:
1895: if (ipa_zero(cf->local_ip) && cf->strict_bind)
1896: cf_error("Local address must be configured for strict bind");
1897:
1898: if (!cf->remote_as && !cf->peer_type)
1899: cf_error("Remote AS number (or peer type) must be set");
1900:
1901: if ((cf->peer_type == BGP_PT_INTERNAL) && !internal)
1902: cf_error("IBGP cannot have different ASNs");
1903:
1904: if ((cf->peer_type == BGP_PT_EXTERNAL) && internal)
1905: cf_error("EBGP cannot have the same ASNs");
1906:
1907: if (!cf->iface && (ipa_is_link_local(cf->local_ip) ||
1908: ipa_is_link_local(cf->remote_ip)))
1909: cf_error("Link-local addresses require defined interface");
1910:
1911: if (!(cf->capabilities && cf->enable_as4) && (cf->remote_as > 0xFFFF))
1912: cf_error("Neighbor AS number out of range (AS4 not available)");
1913:
1914: if (!internal && cf->rr_client)
1915: cf_error("Only internal neighbor can be RR client");
1916:
1917: if (internal && cf->rs_client)
1918: cf_error("Only external neighbor can be RS client");
1919:
1920: if (!cf->confederation && cf->confederation_member)
1921: cf_error("Confederation ID must be set for member sessions");
1922:
1923: if (cf->multihop && (ipa_is_link_local(cf->local_ip) ||
1924: ipa_is_link_local(cf->remote_ip)))
1925: cf_error("Multihop BGP cannot be used with link-local addresses");
1926:
1927: if (cf->multihop && cf->iface)
1928: cf_error("Multihop BGP cannot be bound to interface");
1929:
1930: if (cf->multihop && cf->check_link)
1931: cf_error("Multihop BGP cannot depend on link state");
1932:
1933: if (cf->multihop && cf->bfd && ipa_zero(cf->local_ip))
1934: cf_error("Multihop BGP with BFD requires specified local address");
1935:
1936: if (!cf->gr_mode && cf->llgr_mode)
1937: cf_error("Long-lived graceful restart requires basic graceful restart");
1938:
1939:
1940: struct bgp_channel_config *cc;
1941: WALK_LIST(cc, CF->channels)
1942: {
1943: /* Handle undefined import filter */
1944: if (cc->c.in_filter == FILTER_UNDEF)
1945: if (interior)
1946: cc->c.in_filter = FILTER_ACCEPT;
1947: else
1948: cf_error("EBGP requires explicit import policy");
1949:
1950: /* Handle undefined export filter */
1951: if (cc->c.out_filter == FILTER_UNDEF)
1952: if (interior)
1953: cc->c.out_filter = FILTER_REJECT;
1954: else
1955: cf_error("EBGP requires explicit export policy");
1956:
1957: /* Disable after error incompatible with restart limit action */
1958: if ((cc->c.in_limit.action == PLA_RESTART) && cf->disable_after_error)
1959: cc->c.in_limit.action = PLA_DISABLE;
1960:
1961: /* Different default based on rr_client, rs_client */
1962: if (cc->next_hop_keep == 0xff)
1963: cc->next_hop_keep = cf->rr_client ? NH_IBGP : (cf->rs_client ? NH_ALL : NH_NO);
1964:
1965: /* Different default based on rs_client */
1966: if (!cc->missing_lladdr)
1967: cc->missing_lladdr = cf->rs_client ? MLL_IGNORE : MLL_SELF;
1968:
1969: /* Different default for gw_mode */
1970: if (!cc->gw_mode)
1971: cc->gw_mode = cf->multihop ? GW_RECURSIVE : GW_DIRECT;
1972:
1973: /* Defaults based on proto config */
1974: if (cc->gr_able == 0xff)
1975: cc->gr_able = (cf->gr_mode == BGP_GR_ABLE);
1976:
1977: if (cc->llgr_able == 0xff)
1978: cc->llgr_able = (cf->llgr_mode == BGP_LLGR_ABLE);
1979:
1980: if (cc->llgr_time == ~0U)
1981: cc->llgr_time = cf->llgr_time;
1982:
1983: /* AIGP enabled by default on interior sessions */
1984: if (cc->aigp == 0xff)
1985: cc->aigp = interior;
1986:
1987: /* Default values of IGP tables */
1988: if ((cc->gw_mode == GW_RECURSIVE) && !cc->desc->no_igp)
1989: {
1990: if (!cc->igp_table_ip4 && (bgp_cc_is_ipv4(cc) || cc->ext_next_hop))
1991: cc->igp_table_ip4 = bgp_default_igp_table(cf, cc, NET_IP4);
1992:
1993: if (!cc->igp_table_ip6 && (bgp_cc_is_ipv6(cc) || cc->ext_next_hop))
1994: cc->igp_table_ip6 = bgp_default_igp_table(cf, cc, NET_IP6);
1995:
1996: if (cc->igp_table_ip4 && bgp_cc_is_ipv6(cc) && !cc->ext_next_hop)
1997: cf_error("Mismatched IGP table type");
1998:
1999: if (cc->igp_table_ip6 && bgp_cc_is_ipv4(cc) && !cc->ext_next_hop)
2000: cf_error("Mismatched IGP table type");
2001: }
2002:
2003: if (cf->multihop && (cc->gw_mode == GW_DIRECT))
2004: cf_error("Multihop BGP cannot use direct gateway mode");
2005:
2006: if ((cc->gw_mode == GW_RECURSIVE) && cc->c.table->sorted)
2007: cf_error("BGP in recursive mode prohibits sorted table");
2008:
2009: if (cf->deterministic_med && cc->c.table->sorted)
2010: cf_error("BGP with deterministic MED prohibits sorted table");
2011:
2012: if (cc->secondary && !cc->c.table->sorted)
2013: cf_error("BGP with secondary option requires sorted table");
2014: }
2015: }
2016:
2017: static int
2018: bgp_reconfigure(struct proto *P, struct proto_config *CF)
2019: {
2020: struct bgp_proto *p = (void *) P;
2021: const struct bgp_config *new = (void *) CF;
2022: const struct bgp_config *old = p->cf;
2023:
2024: if (proto_get_router_id(CF) != p->local_id)
2025: return 0;
2026:
2027: int same = !memcmp(((byte *) old) + sizeof(struct proto_config),
2028: ((byte *) new) + sizeof(struct proto_config),
2029: // password item is last and must be checked separately
2030: OFFSETOF(struct bgp_config, password) - sizeof(struct proto_config))
2031: && !bstrcmp(old->password, new->password)
2032: && ((!old->remote_range && !new->remote_range)
2033: || (old->remote_range && new->remote_range && net_equal(old->remote_range, new->remote_range)))
2034: && !bstrcmp(old->dynamic_name, new->dynamic_name)
2035: && (old->dynamic_name_digits == new->dynamic_name_digits);
2036:
2037: /* FIXME: Move channel reconfiguration to generic protocol code ? */
2038: struct channel *C, *C2;
2039: struct bgp_channel_config *cc;
2040:
2041: WALK_LIST(C, p->p.channels)
2042: C->stale = 1;
2043:
2044: WALK_LIST(cc, new->c.channels)
2045: {
2046: C = (struct channel *) bgp_find_channel(p, cc->afi);
2047: same = proto_configure_channel(P, &C, &cc->c) && same;
2048:
2049: if (C)
2050: C->stale = 0;
2051: }
2052:
2053: WALK_LIST_DELSAFE(C, C2, p->p.channels)
2054: if (C->stale)
2055: same = proto_configure_channel(P, &C, NULL) && same;
2056:
2057:
2058: if (same && (p->start_state > BSS_PREPARE))
2059: bgp_update_bfd(p, new->bfd);
2060:
2061: /* We should update our copy of configuration ptr as old configuration will be freed */
2062: if (same)
2063: p->cf = new;
2064:
2065: /* Reset name counter */
2066: p->dynamic_name_counter = 0;
2067:
2068: return same;
2069: }
2070:
2071: #define IGP_TABLE(cf, sym) ((cf)->igp_table_##sym ? (cf)->igp_table_##sym ->table : NULL )
2072:
2073: static int
2074: bgp_channel_reconfigure(struct channel *C, struct channel_config *CC, int *import_changed, int *export_changed)
2075: {
2076: struct bgp_proto *p = (void *) C->proto;
2077: struct bgp_channel *c = (void *) C;
2078: struct bgp_channel_config *new = (void *) CC;
2079: struct bgp_channel_config *old = c->cf;
2080:
2081: if ((new->secondary != old->secondary) ||
2082: (new->gr_able != old->gr_able) ||
2083: (new->llgr_able != old->llgr_able) ||
2084: (new->llgr_time != old->llgr_time) ||
2085: (new->ext_next_hop != old->ext_next_hop) ||
2086: (new->add_path != old->add_path) ||
2087: (new->import_table != old->import_table) ||
2088: (new->export_table != old->export_table) ||
2089: (IGP_TABLE(new, ip4) != IGP_TABLE(old, ip4)) ||
2090: (IGP_TABLE(new, ip6) != IGP_TABLE(old, ip6)))
2091: return 0;
2092:
2093: if (new->mandatory && !old->mandatory && (C->channel_state != CS_UP))
2094: return 0;
2095:
2096: if ((new->gw_mode != old->gw_mode) ||
2097: (new->aigp != old->aigp) ||
2098: (new->cost != old->cost))
2099: {
2100: /* import_changed itself does not force ROUTE_REFRESH when import_table is active */
2101: if (c->c.in_table && (c->c.channel_state == CS_UP))
2102: bgp_schedule_packet(p->conn, c, PKT_ROUTE_REFRESH);
2103:
2104: *import_changed = 1;
2105: }
2106:
2107: if (!ipa_equal(new->next_hop_addr, old->next_hop_addr) ||
2108: (new->next_hop_self != old->next_hop_self) ||
2109: (new->next_hop_keep != old->next_hop_keep) ||
2110: (new->missing_lladdr != old->missing_lladdr) ||
2111: (new->aigp != old->aigp) ||
2112: (new->aigp_originate != old->aigp_originate))
2113: *export_changed = 1;
2114:
2115: c->cf = new;
2116: return 1;
2117: }
2118:
2119: static void
2120: bgp_copy_config(struct proto_config *dest UNUSED, struct proto_config *src UNUSED)
2121: {
2122: /* Just a shallow copy */
2123: }
2124:
2125:
2126: /**
2127: * bgp_error - report a protocol error
2128: * @c: connection
2129: * @code: error code (according to the RFC)
2130: * @subcode: error sub-code
2131: * @data: data to be passed in the Notification message
2132: * @len: length of the data
2133: *
2134: * bgp_error() sends a notification packet to tell the other side that a protocol
2135: * error has occurred (including the data considered erroneous if possible) and
2136: * closes the connection.
2137: */
2138: void
2139: bgp_error(struct bgp_conn *c, uint code, uint subcode, byte *data, int len)
2140: {
2141: struct bgp_proto *p = c->bgp;
2142:
2143: if (c->state == BS_CLOSE)
2144: return;
2145:
2146: bgp_log_error(p, BE_BGP_TX, "Error", code, subcode, data, ABS(len));
2147: bgp_store_error(p, c, BE_BGP_TX, (code << 16) | subcode);
2148: bgp_conn_enter_close_state(c);
2149:
2150: c->notify_code = code;
2151: c->notify_subcode = subcode;
2152: c->notify_data = data;
2153: c->notify_size = (len > 0) ? len : 0;
2154: bgp_schedule_packet(c, NULL, PKT_NOTIFICATION);
2155:
2156: if (code != 6)
2157: {
2158: bgp_update_startup_delay(p);
2159: bgp_stop(p, 0, NULL, 0);
2160: }
2161: }
2162:
2163: /**
2164: * bgp_store_error - store last error for status report
2165: * @p: BGP instance
2166: * @c: connection
2167: * @class: error class (BE_xxx constants)
2168: * @code: error code (class specific)
2169: *
2170: * bgp_store_error() decides whether given error is interesting enough
2171: * and store that error to last_error variables of @p
2172: */
2173: void
2174: bgp_store_error(struct bgp_proto *p, struct bgp_conn *c, u8 class, u32 code)
2175: {
2176: /* During PS_UP, we ignore errors on secondary connection */
2177: if ((p->p.proto_state == PS_UP) && c && (c != p->conn))
2178: return;
2179:
2180: /* During PS_STOP, we ignore any errors, as we want to report
2181: * the error that caused transition to PS_STOP
2182: */
2183: if (p->p.proto_state == PS_STOP)
2184: return;
2185:
2186: p->last_error_class = class;
2187: p->last_error_code = code;
2188: }
2189:
2190: static char *bgp_state_names[] = { "Idle", "Connect", "Active", "OpenSent", "OpenConfirm", "Established", "Close" };
2191: static char *bgp_err_classes[] = { "", "Error: ", "Socket: ", "Received: ", "BGP Error: ", "Automatic shutdown: ", ""};
2192: static char *bgp_misc_errors[] = { "", "Neighbor lost", "Invalid next hop", "Kernel MD5 auth failed", "No listening socket", "Link down", "BFD session down", "Graceful restart"};
2193: static char *bgp_auto_errors[] = { "", "Route limit exceeded"};
2194: static char *bgp_gr_states[] = { "None", "Regular", "Long-lived"};
2195:
2196: static const char *
2197: bgp_last_errmsg(struct bgp_proto *p)
2198: {
2199: switch (p->last_error_class)
2200: {
2201: case BE_MISC:
2202: return bgp_misc_errors[p->last_error_code];
2203: case BE_SOCKET:
2204: return (p->last_error_code == 0) ? "Connection closed" : strerror(p->last_error_code);
2205: case BE_BGP_RX:
2206: case BE_BGP_TX:
2207: return bgp_error_dsc(p->last_error_code >> 16, p->last_error_code & 0xFF);
2208: case BE_AUTO_DOWN:
2209: return bgp_auto_errors[p->last_error_code];
2210: default:
2211: return "";
2212: }
2213: }
2214:
2215: static const char *
2216: bgp_state_dsc(struct bgp_proto *p)
2217: {
2218: if (p->p.proto_state == PS_DOWN)
2219: return "Down";
2220:
2221: int state = MAX(p->incoming_conn.state, p->outgoing_conn.state);
2222: if ((state == BS_IDLE) && (p->start_state >= BSS_CONNECT) && p->passive)
2223: return "Passive";
2224:
2225: return bgp_state_names[state];
2226: }
2227:
2228: static void
2229: bgp_get_status(struct proto *P, byte *buf)
2230: {
2231: struct bgp_proto *p = (struct bgp_proto *) P;
2232:
2233: const char *err1 = bgp_err_classes[p->last_error_class];
2234: const char *err2 = bgp_last_errmsg(p);
2235:
2236: if (P->proto_state == PS_DOWN)
2237: bsprintf(buf, "%s%s", err1, err2);
2238: else
2239: bsprintf(buf, "%-14s%s%s", bgp_state_dsc(p), err1, err2);
2240: }
2241:
2242: static void
2243: bgp_show_afis(int code, char *s, u32 *afis, uint count)
2244: {
2245: buffer b;
2246: LOG_BUFFER_INIT(b);
2247:
2248: buffer_puts(&b, s);
2249:
2250: for (u32 *af = afis; af < (afis + count); af++)
2251: {
2252: const struct bgp_af_desc *desc = bgp_get_af_desc(*af);
2253: if (desc)
2254: buffer_print(&b, " %s", desc->name);
2255: else
2256: buffer_print(&b, " <%u/%u>", BGP_AFI(*af), BGP_SAFI(*af));
2257: }
2258:
2259: if (b.pos == b.end)
2260: strcpy(b.end - 32, " ... <too long>");
2261:
2262: cli_msg(code, b.start);
2263: }
2264:
2265: static void
2266: bgp_show_capabilities(struct bgp_proto *p UNUSED, struct bgp_caps *caps)
2267: {
2268: struct bgp_af_caps *ac;
2269: uint any_mp_bgp = 0;
2270: uint any_gr_able = 0;
2271: uint any_add_path = 0;
2272: uint any_ext_next_hop = 0;
2273: uint any_llgr_able = 0;
2274: u32 *afl1 = alloca(caps->af_count * sizeof(u32));
2275: u32 *afl2 = alloca(caps->af_count * sizeof(u32));
2276: uint afn1, afn2;
2277:
2278: WALK_AF_CAPS(caps, ac)
2279: {
2280: any_mp_bgp |= ac->ready;
2281: any_gr_able |= ac->gr_able;
2282: any_add_path |= ac->add_path;
2283: any_ext_next_hop |= ac->ext_next_hop;
2284: any_llgr_able |= ac->llgr_able;
2285: }
2286:
2287: if (any_mp_bgp)
2288: {
2289: cli_msg(-1006, " Multiprotocol");
2290:
2291: afn1 = 0;
2292: WALK_AF_CAPS(caps, ac)
2293: if (ac->ready)
2294: afl1[afn1++] = ac->afi;
2295:
2296: bgp_show_afis(-1006, " AF announced:", afl1, afn1);
2297: }
2298:
2299: if (caps->route_refresh)
2300: cli_msg(-1006, " Route refresh");
2301:
2302: if (any_ext_next_hop)
2303: {
2304: cli_msg(-1006, " Extended next hop");
2305:
2306: afn1 = 0;
2307: WALK_AF_CAPS(caps, ac)
2308: if (ac->ext_next_hop)
2309: afl1[afn1++] = ac->afi;
2310:
2311: bgp_show_afis(-1006, " IPv6 nexthop:", afl1, afn1);
2312: }
2313:
2314: if (caps->ext_messages)
2315: cli_msg(-1006, " Extended message");
2316:
2317: if (caps->gr_aware)
2318: cli_msg(-1006, " Graceful restart");
2319:
2320: if (any_gr_able)
2321: {
2322: /* Continues from gr_aware */
2323: cli_msg(-1006, " Restart time: %u", caps->gr_time);
2324: if (caps->gr_flags & BGP_GRF_RESTART)
2325: cli_msg(-1006, " Restart recovery");
2326:
2327: afn1 = afn2 = 0;
2328: WALK_AF_CAPS(caps, ac)
2329: {
2330: if (ac->gr_able)
2331: afl1[afn1++] = ac->afi;
2332:
2333: if (ac->gr_af_flags & BGP_GRF_FORWARDING)
2334: afl2[afn2++] = ac->afi;
2335: }
2336:
2337: bgp_show_afis(-1006, " AF supported:", afl1, afn1);
2338: bgp_show_afis(-1006, " AF preserved:", afl2, afn2);
2339: }
2340:
2341: if (caps->as4_support)
2342: cli_msg(-1006, " 4-octet AS numbers");
2343:
2344: if (any_add_path)
2345: {
2346: cli_msg(-1006, " ADD-PATH");
2347:
2348: afn1 = afn2 = 0;
2349: WALK_AF_CAPS(caps, ac)
2350: {
2351: if (ac->add_path & BGP_ADD_PATH_RX)
2352: afl1[afn1++] = ac->afi;
2353:
2354: if (ac->add_path & BGP_ADD_PATH_TX)
2355: afl2[afn2++] = ac->afi;
2356: }
2357:
2358: bgp_show_afis(-1006, " RX:", afl1, afn1);
2359: bgp_show_afis(-1006, " TX:", afl2, afn2);
2360: }
2361:
2362: if (caps->enhanced_refresh)
2363: cli_msg(-1006, " Enhanced refresh");
2364:
2365: if (caps->llgr_aware)
2366: cli_msg(-1006, " Long-lived graceful restart");
2367:
2368: if (any_llgr_able)
2369: {
2370: u32 stale_time = 0;
2371:
2372: afn1 = afn2 = 0;
2373: WALK_AF_CAPS(caps, ac)
2374: {
2375: stale_time = MAX(stale_time, ac->llgr_time);
2376:
2377: if (ac->llgr_able && ac->llgr_time)
2378: afl1[afn1++] = ac->afi;
2379:
2380: if (ac->llgr_flags & BGP_GRF_FORWARDING)
2381: afl2[afn2++] = ac->afi;
2382: }
2383:
2384: /* Continues from llgr_aware */
2385: cli_msg(-1006, " LL stale time: %u", stale_time);
2386:
2387: bgp_show_afis(-1006, " AF supported:", afl1, afn1);
2388: bgp_show_afis(-1006, " AF preserved:", afl2, afn2);
2389: }
2390: }
2391:
2392: static void
2393: bgp_show_proto_info(struct proto *P)
2394: {
2395: struct bgp_proto *p = (struct bgp_proto *) P;
2396:
2397: cli_msg(-1006, " BGP state: %s", bgp_state_dsc(p));
2398:
2399: if (bgp_is_dynamic(p) && p->cf->remote_range)
2400: cli_msg(-1006, " Neighbor range: %N", p->cf->remote_range);
2401: else
2402: cli_msg(-1006, " Neighbor address: %I%J", p->remote_ip, p->cf->iface);
2403:
2404: cli_msg(-1006, " Neighbor AS: %u", p->remote_as);
2405: cli_msg(-1006, " Local AS: %u", p->cf->local_as);
2406:
2407: if (p->gr_active_num)
2408: cli_msg(-1006, " Neighbor graceful restart active");
2409:
2410: if (P->proto_state == PS_START)
2411: {
2412: struct bgp_conn *oc = &p->outgoing_conn;
2413:
2414: if ((p->start_state < BSS_CONNECT) &&
2415: (tm_active(p->startup_timer)))
2416: cli_msg(-1006, " Error wait: %t/%u",
2417: tm_remains(p->startup_timer), p->startup_delay);
2418:
2419: if ((oc->state == BS_ACTIVE) &&
2420: (tm_active(oc->connect_timer)))
2421: cli_msg(-1006, " Connect delay: %t/%u",
2422: tm_remains(oc->connect_timer), p->cf->connect_delay_time);
2423:
2424: if (p->gr_active_num && tm_active(p->gr_timer))
2425: cli_msg(-1006, " Restart timer: %t/-",
2426: tm_remains(p->gr_timer));
2427: }
2428: else if (P->proto_state == PS_UP)
2429: {
2430: cli_msg(-1006, " Neighbor ID: %R", p->remote_id);
2431: cli_msg(-1006, " Local capabilities");
2432: bgp_show_capabilities(p, p->conn->local_caps);
2433: cli_msg(-1006, " Neighbor capabilities");
2434: bgp_show_capabilities(p, p->conn->remote_caps);
2435: cli_msg(-1006, " Session: %s%s%s%s%s",
2436: p->is_internal ? "internal" : "external",
2437: p->cf->multihop ? " multihop" : "",
2438: p->rr_client ? " route-reflector" : "",
2439: p->rs_client ? " route-server" : "",
2440: p->as4_session ? " AS4" : "");
2441: cli_msg(-1006, " Source address: %I", p->local_ip);
2442: cli_msg(-1006, " Hold timer: %t/%u",
2443: tm_remains(p->conn->hold_timer), p->conn->hold_time);
2444: cli_msg(-1006, " Keepalive timer: %t/%u",
2445: tm_remains(p->conn->keepalive_timer), p->conn->keepalive_time);
2446: }
2447:
2448: if ((p->last_error_class != BE_NONE) &&
2449: (p->last_error_class != BE_MAN_DOWN))
2450: {
2451: const char *err1 = bgp_err_classes[p->last_error_class];
2452: const char *err2 = bgp_last_errmsg(p);
2453: cli_msg(-1006, " Last error: %s%s", err1, err2);
2454: }
2455:
2456: {
2457: struct bgp_channel *c;
2458: WALK_LIST(c, p->p.channels)
2459: {
2460: channel_show_info(&c->c);
2461:
2462: if (p->gr_active_num)
2463: cli_msg(-1006, " Neighbor GR: %s", bgp_gr_states[c->gr_active]);
2464:
2465: if (c->stale_timer && tm_active(c->stale_timer))
2466: cli_msg(-1006, " LL stale timer: %t/-", tm_remains(c->stale_timer));
2467:
2468: if (c->c.channel_state == CS_UP)
2469: {
2470: if (ipa_zero(c->link_addr))
2471: cli_msg(-1006, " BGP Next hop: %I", c->next_hop_addr);
2472: else
2473: cli_msg(-1006, " BGP Next hop: %I %I", c->next_hop_addr, c->link_addr);
2474: }
2475:
2476: if (c->igp_table_ip4)
2477: cli_msg(-1006, " IGP IPv4 table: %s", c->igp_table_ip4->name);
2478:
2479: if (c->igp_table_ip6)
2480: cli_msg(-1006, " IGP IPv6 table: %s", c->igp_table_ip6->name);
2481: }
2482: }
2483: }
2484:
2485: struct channel_class channel_bgp = {
2486: .channel_size = sizeof(struct bgp_channel),
2487: .config_size = sizeof(struct bgp_channel_config),
2488: .init = bgp_channel_init,
2489: .start = bgp_channel_start,
2490: .shutdown = bgp_channel_shutdown,
2491: .cleanup = bgp_channel_cleanup,
2492: .reconfigure = bgp_channel_reconfigure,
2493: };
2494:
2495: struct protocol proto_bgp = {
2496: .name = "BGP",
2497: .template = "bgp%d",
2498: .class = PROTOCOL_BGP,
2499: .preference = DEF_PREF_BGP,
2500: .channel_mask = NB_IP | NB_VPN | NB_FLOW,
2501: .proto_size = sizeof(struct bgp_proto),
2502: .config_size = sizeof(struct bgp_config),
2503: .postconfig = bgp_postconfig,
2504: .init = bgp_init,
2505: .start = bgp_start,
2506: .shutdown = bgp_shutdown,
2507: .reconfigure = bgp_reconfigure,
2508: .copy_config = bgp_copy_config,
2509: .get_status = bgp_get_status,
2510: .get_attr = bgp_get_attr,
2511: .get_route_info = bgp_get_route_info,
2512: .show_proto_info = bgp_show_proto_info
2513: };
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to bgp.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / bird2 / proto / bgp