]> git.ipfire.org Git - thirdparty/bird.git/blob - proto/bgp/attrs.c
projects / thirdparty / bird.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge commit 'origin/master'
[thirdparty/bird.git] / proto / bgp / attrs.c
1 /*
2 * BIRD -- BGP Attributes
3 *
4 * (c) 2000 Martin Mares <mj@ucw.cz>
5 *
6 * Can be freely distributed and used under the terms of the GNU GPL.
7 */
8
9 #undef LOCAL_DEBUG
10
11 #include <stdlib.h>
12
13 #include "nest/bird.h"
14 #include "nest/iface.h"
15 #include "nest/protocol.h"
16 #include "nest/route.h"
17 #include "nest/attrs.h"
18 #include "conf/conf.h"
19 #include "lib/resource.h"
20 #include "lib/string.h"
21 #include "lib/unaligned.h"
22
23 #include "bgp.h"
24
25 /*
26 * UPDATE message error handling
27 *
28 * All checks from RFC 4271 6.3 are done as specified with these exceptions:
29 * - The semantic check of an IP address from NEXT_HOP attribute is missing.
30 * - Checks of some optional attribute values are missing.
31 * - Syntactic and semantic checks of NLRIs (done in DECODE_PREFIX())
32 * are probably inadequate.
33 *
34 * Loop detection based on AS_PATH causes updates to be withdrawn. RFC
35 * 4271 does not explicitly specifiy the behavior in that case.
36 *
37 * Loop detection related to route reflection (based on ORIGINATOR_ID
38 * and CLUSTER_LIST) causes updates to be withdrawn. RFC 4456 8
39 * specifies that such updates should be ignored, but that is generally
40 * a bad idea.
41 *
42 * Error checking of optional transitive attributes is done according to
43 * draft-ietf-idr-optional-transitive-03, but errors are handled always
44 * as withdraws.
45 *
46 * Unexpected AS_CONFED_* segments in AS_PATH are logged and removed,
47 * but unknown segments cause a session drop with Malformed AS_PATH
48 * error (see validate_path()). The behavior in such case is not
49 * explicitly specified by RFC 4271. RFC 5065 specifies that
50 * inconsistent AS_CONFED_* segments should cause a session drop, but
51 * implementations that pass invalid AS_CONFED_* segments are
52 * widespread.
53 *
54 * Error handling of AS4_* attributes is done as specified by
55 * draft-ietf-idr-rfc4893bis-03. There are several possible
56 * inconsistencies between AGGREGATOR and AS4_AGGREGATOR that are not
57 * handled by that draft, these are logged and ignored (see
58 * bgp_reconstruct_4b_attrs()).
59 */
60
61 static byte bgp_mandatory_attrs[] = { BA_ORIGIN, BA_AS_PATH
62 #ifndef IPV6
63 ,BA_NEXT_HOP
64 #endif
65 };
66
67 struct attr_desc {
68 char *name;
69 int expected_length;
70 int expected_flags;
71 int type;
72 int allow_in_ebgp;
73 int (*validate)(struct bgp_proto *p, byte *attr, int len);
74 void (*format)(eattr *ea, byte *buf, int buflen);
75 };
76
77 #define IGNORE -1
78 #define WITHDRAW -2
79
80 static int
81 bgp_check_origin(struct bgp_proto *p UNUSED, byte *a, int len UNUSED)
82 {
83 if (*a > 2)
84 return 6;
85 return 0;
86 }
87
88 static void
89 bgp_format_origin(eattr *a, byte *buf, int buflen UNUSED)
90 {
91 static char *bgp_origin_names[] = { "IGP", "EGP", "Incomplete" };
92
93 bsprintf(buf, bgp_origin_names[a->u.data]);
94 }
95
96 static int
97 path_segment_contains(byte *p, int bs, u32 asn)
98 {
99 int i;
100 int len = p[1];
101 p += 2;
102
103 for(i=0; i<len; i++)
104 {
105 u32 asn2 = (bs == 4) ? get_u32(p) : get_u16(p);
106 if (asn2 == asn)
107 return 1;
108 p += bs;
109 }
110
111 return 0;
112 }
113
114 /* Validates path attribute, removes AS_CONFED_* segments, and also returns path length */
115 static int
116 validate_path(struct bgp_proto *p, int as_path, int bs, byte *idata, unsigned int *ilength)
117 {
118 int res = 0;
119 u8 *a, *dst;
120 int len, plen, copy;
121
122 dst = a = idata;
123 len = *ilength;
124
125 while (len)
126 {
127 if (len < 2)
128 return -1;
129
130 plen = 2 + bs * a[1];
131 if (len < plen)
132 return -1;
133
134 switch (a[0])
135 {
136 case AS_PATH_SET:
137 copy = 1;
138 res++;
139 break;
140
141 case AS_PATH_SEQUENCE:
142 copy = 1;
143 res += a[1];
144 break;
145
146 case AS_PATH_CONFED_SEQUENCE:
147 case AS_PATH_CONFED_SET:
148 if (as_path && path_segment_contains(a, bs, p->remote_as))
149 {
150 log(L_WARN "%s: AS_CONFED_* segment with peer ASN found, misconfigured confederation?", p->p.name);
151 return -1;
152 }
153
154 log(L_WARN "%s: %s_PATH attribute contains AS_CONFED_* segment, skipping segment",
155 p->p.name, as_path ? "AS" : "AS4");
156 copy = 0;
157 break;
158
159 default:
160 return -1;
161 }
162
163 if (copy)
164 {
165 if (dst != a)
166 memmove(dst, a, plen);
167 dst += plen;
168 }
169
170 len -= plen;
171 a += plen;
172 }
173
174 *ilength = dst - idata;
175 return res;
176 }
177
178 static inline int
179 validate_as_path(struct bgp_proto *p, byte *a, int *len)
180 {
181 return validate_path(p, 1, p->as4_session ? 4 : 2, a, len);
182 }
183
184 static inline int
185 validate_as4_path(struct bgp_proto *p, struct adata *path)
186 {
187 return validate_path(p, 0, 4, path->data, &path->length);
188 }
189
190 static int
191 bgp_check_next_hop(struct bgp_proto *p UNUSED, byte *a, int len)
192 {
193 #ifdef IPV6
194 return IGNORE;
195 #else
196 ip_addr addr;
197
198 memcpy(&addr, a, len);
199 ipa_ntoh(addr);
200 if (ipa_classify(addr) & IADDR_HOST)
201 return 0;
202 else
203 return 8;
204 #endif
205 }
206
207 static void
208 bgp_format_next_hop(eattr *a, byte *buf, int buflen UNUSED)
209 {
210 ip_addr *ipp = (ip_addr *) a->u.ptr->data;
211 #ifdef IPV6
212 /* in IPv6, we might have two addresses in NEXT HOP */
213 if ((a->u.ptr->length == NEXT_HOP_LENGTH) && ipa_nonzero(ipp[1]))
214 {
215 bsprintf(buf, "%I %I", ipp[0], ipp[1]);
216 return;
217 }
218 #endif
219
220 bsprintf(buf, "%I", ipp[0]);
221 }
222
223 static int
224 bgp_check_aggregator(struct bgp_proto *p, byte *a UNUSED, int len)
225 {
226 int exp_len = p->as4_session ? 8 : 6;
227
228 return (len == exp_len) ? 0 : WITHDRAW;
229 }
230
231 static void
232 bgp_format_aggregator(eattr *a, byte *buf, int buflen UNUSED)
233 {
234 struct adata *ad = a->u.ptr;
235 byte *data = ad->data;
236 u32 as;
237
238 as = get_u32(data);
239 data += 4;
240
241 bsprintf(buf, "%d.%d.%d.%d AS%d", data[0], data[1], data[2], data[3], as);
242 }
243
244 static int
245 bgp_check_community(struct bgp_proto *p UNUSED, byte *a UNUSED, int len)
246 {
247 return ((len % 4) == 0) ? 0 : WITHDRAW;
248 }
249
250
251 static int
252 bgp_check_cluster_list(struct bgp_proto *p UNUSED, byte *a UNUSED, int len)
253 {
254 return ((len % 4) == 0) ? 0 : 5;
255 }
256
257 static void
258 bgp_format_cluster_list(eattr *a, byte *buf, int buflen UNUSED)
259 {
260 int_set_format(a->u.ptr, 0, buf, buflen);
261 }
262
263 static int
264 bgp_check_reach_nlri(struct bgp_proto *p UNUSED, byte *a UNUSED, int len UNUSED)
265 {
266 #ifdef IPV6
267 p->mp_reach_start = a;
268 p->mp_reach_len = len;
269 #endif
270 return IGNORE;
271 }
272
273 static int
274 bgp_check_unreach_nlri(struct bgp_proto *p UNUSED, byte *a UNUSED, int len UNUSED)
275 {
276 #ifdef IPV6
277 p->mp_unreach_start = a;
278 p->mp_unreach_len = len;
279 #endif
280 return IGNORE;
281 }
282
283 static struct attr_desc bgp_attr_table[] = {
284 { NULL, -1, 0, 0, 0, /* Undefined */
285 NULL, NULL },
286 { "origin", 1, BAF_TRANSITIVE, EAF_TYPE_INT, 1, /* BA_ORIGIN */
287 bgp_check_origin, bgp_format_origin },
288 { "as_path", -1, BAF_TRANSITIVE, EAF_TYPE_AS_PATH, 1, /* BA_AS_PATH */
289 NULL, NULL }, /* is checked by validate_as_path() as a special case */
290 { "next_hop", 4, BAF_TRANSITIVE, EAF_TYPE_IP_ADDRESS, 1, /* BA_NEXT_HOP */
291 bgp_check_next_hop, bgp_format_next_hop },
292 { "med", 4, BAF_OPTIONAL, EAF_TYPE_INT, 1, /* BA_MULTI_EXIT_DISC */
293 NULL, NULL },
294 { "local_pref", 4, BAF_TRANSITIVE, EAF_TYPE_INT, 0, /* BA_LOCAL_PREF */
295 NULL, NULL },
296 { "atomic_aggr", 0, BAF_TRANSITIVE, EAF_TYPE_OPAQUE, 1, /* BA_ATOMIC_AGGR */
297 NULL, NULL },
298 { "aggregator", -1, BAF_OPTIONAL | BAF_TRANSITIVE, EAF_TYPE_OPAQUE, 1, /* BA_AGGREGATOR */
299 bgp_check_aggregator, bgp_format_aggregator },
300 { "community", -1, BAF_OPTIONAL | BAF_TRANSITIVE, EAF_TYPE_INT_SET, 1, /* BA_COMMUNITY */
301 bgp_check_community, NULL },
302 { "originator_id", 4, BAF_OPTIONAL, EAF_TYPE_ROUTER_ID, 0, /* BA_ORIGINATOR_ID */
303 NULL, NULL },
304 { "cluster_list", -1, BAF_OPTIONAL, EAF_TYPE_INT_SET, 0, /* BA_CLUSTER_LIST */
305 bgp_check_cluster_list, bgp_format_cluster_list },
306 { .name = NULL }, /* BA_DPA */
307 { .name = NULL }, /* BA_ADVERTISER */
308 { .name = NULL }, /* BA_RCID_PATH */
309 { "mp_reach_nlri", -1, BAF_OPTIONAL, EAF_TYPE_OPAQUE, 1, /* BA_MP_REACH_NLRI */
310 bgp_check_reach_nlri, NULL },
311 { "mp_unreach_nlri", -1, BAF_OPTIONAL, EAF_TYPE_OPAQUE, 1, /* BA_MP_UNREACH_NLRI */
312 bgp_check_unreach_nlri, NULL },
313 { .name = NULL }, /* BA_EXTENDED_COMM */
314 { "as4_path", -1, BAF_OPTIONAL | BAF_TRANSITIVE, EAF_TYPE_OPAQUE, 1, /* BA_AS4_PATH */
315 NULL, NULL },
316 { "as4_aggregator", -1, BAF_OPTIONAL | BAF_TRANSITIVE, EAF_TYPE_OPAQUE, 1, /* BA_AS4_PATH */
317 NULL, NULL }
318 };
319
320 /* BA_AS4_PATH is type EAF_TYPE_OPAQUE and not type EAF_TYPE_AS_PATH.
321 * It does not matter as this attribute does not appear on routes in the routing table.
322 */
323
324 #define ATTR_KNOWN(code) ((code) < ARRAY_SIZE(bgp_attr_table) && bgp_attr_table[code].name)
325
326 static inline struct adata *
327 bgp_alloc_adata(struct linpool *pool, unsigned len)
328 {
329 struct adata *ad = lp_alloc(pool, sizeof(struct adata) + len);
330 ad->length = len;
331 return ad;
332 }
333
334 static void
335 bgp_set_attr(eattr *e, unsigned attr, uintptr_t val)
336 {
337 ASSERT(ATTR_KNOWN(attr));
338 e->id = EA_CODE(EAP_BGP, attr);
339 e->type = bgp_attr_table[attr].type;
340 e->flags = bgp_attr_table[attr].expected_flags;
341 if (e->type & EAF_EMBEDDED)
342 e->u.data = val;
343 else
344 e->u.ptr = (struct adata *) val;
345 }
346
347 static byte *
348 bgp_set_attr_wa(eattr *e, struct linpool *pool, unsigned attr, unsigned len)
349 {
350 struct adata *ad = bgp_alloc_adata(pool, len);
351 bgp_set_attr(e, attr, (uintptr_t) ad);
352 return ad->data;
353 }
354
355 void
356 bgp_attach_attr(ea_list **to, struct linpool *pool, unsigned attr, uintptr_t val)
357 {
358 ea_list *a = lp_alloc(pool, sizeof(ea_list) + sizeof(eattr));
359 a->next = *to;
360 *to = a;
361 a->flags = EALF_SORTED;
362 a->count = 1;
363 bgp_set_attr(a->attrs, attr, val);
364 }
365
366 byte *
367 bgp_attach_attr_wa(ea_list **to, struct linpool *pool, unsigned attr, unsigned len)
368 {
369 struct adata *ad = bgp_alloc_adata(pool, len);
370 bgp_attach_attr(to, pool, attr, (uintptr_t) ad);
371 return ad->data;
372 }
373
374 static int
375 bgp_encode_attr_hdr(byte *dst, unsigned int flags, unsigned code, int len)
376 {
377 int wlen;
378
379 DBG("\tAttribute %02x (%d bytes, flags %02x)\n", code, len, flags);
380
381 if (len < 256)
382 {
383 *dst++ = flags;
384 *dst++ = code;
385 *dst++ = len;
386 wlen = 3;
387 }
388 else
389 {
390 *dst++ = flags | BAF_EXT_LEN;
391 *dst++ = code;
392 put_u16(dst, len);
393 wlen = 4;
394 }
395
396 return wlen;
397 }
398
399 static void
400 aggregator_convert_to_old(struct adata *aggr, byte *dst, int *new_used)
401 {
402 byte *src = aggr->data;
403 *new_used = 0;
404
405 u32 as = get_u32(src);
406 if (as > 0xFFFF)
407 {
408 as = AS_TRANS;
409 *new_used = 1;
410 }
411 put_u16(dst, as);
412
413 /* Copy IPv4 address */
414 memcpy(dst + 2, src + 4, 4);
415 }
416
417 static void
418 aggregator_convert_to_new(struct adata *aggr, byte *dst)
419 {
420 byte *src = aggr->data;
421
422 u32 as = get_u16(src);
423 put_u32(dst, as);
424
425 /* Copy IPv4 address */
426 memcpy(dst + 4, src + 2, 4);
427 }
428
429 static int
430 bgp_get_attr_len(eattr *a)
431 {
432 int len;
433 if (ATTR_KNOWN(EA_ID(a->id)))
434 {
435 int code = EA_ID(a->id);
436 struct attr_desc *desc = &bgp_attr_table[code];
437 len = desc->expected_length;
438 if (len < 0)
439 {
440 ASSERT(!(a->type & EAF_EMBEDDED));
441 len = a->u.ptr->length;
442 }
443 }
444 else
445 {
446 ASSERT((a->type & EAF_TYPE_MASK) == EAF_TYPE_OPAQUE);
447 len = a->u.ptr->length;
448 }
449
450 return len;
451 }
452
453 #define ADVANCE(w, r, l) do { r -= l; w += l; } while (0)
454
455 /**
456 * bgp_encode_attrs - encode BGP attributes
457 * @p: BGP instance
458 * @w: buffer
459 * @attrs: a list of extended attributes
460 * @remains: remaining space in the buffer
461 *
462 * The bgp_encode_attrs() function takes a list of extended attributes
463 * and converts it to its BGP representation (a part of an Update message).
464 *
465 * Result: Length of the attribute block generated or -1 if not enough space.
466 */
467 unsigned int
468 bgp_encode_attrs(struct bgp_proto *p, byte *w, ea_list *attrs, int remains)
469 {
470 unsigned int i, code, flags;
471 byte *start = w;
472 int len, rv;
473
474 for(i=0; i<attrs->count; i++)
475 {
476 eattr *a = &attrs->attrs[i];
477 ASSERT(EA_PROTO(a->id) == EAP_BGP);
478 code = EA_ID(a->id);
479 #ifdef IPV6
480 /* When talking multiprotocol BGP, the NEXT_HOP attributes are used only temporarily. */
481 if (code == BA_NEXT_HOP)
482 continue;
483 #endif
484
485 /* When AS4-aware BGP speaker is talking to non-AS4-aware BGP speaker,
486 * we have to convert our 4B AS_PATH to 2B AS_PATH and send our AS_PATH
487 * as optional AS4_PATH attribute.
488 */
489 if ((code == BA_AS_PATH) && (! p->as4_session))
490 {
491 len = a->u.ptr->length;
492
493 if (remains < (len + 4))
494 goto err_no_buffer;
495
496 /* Using temporary buffer because don't know a length of created attr
497 * and therefore a length of a header. Perhaps i should better always
498 * use BAF_EXT_LEN. */
499
500 byte buf[len];
501 int new_used;
502 int nl = as_path_convert_to_old(a->u.ptr, buf, &new_used);
503
504 DBG("BGP: Encoding old AS_PATH\n");
505 rv = bgp_encode_attr_hdr(w, BAF_TRANSITIVE, BA_AS_PATH, nl);
506 ADVANCE(w, remains, rv);
507 memcpy(w, buf, nl);
508 ADVANCE(w, remains, nl);
509
510 if (! new_used)
511 continue;
512
513 if (remains < (len + 4))
514 goto err_no_buffer;
515
516 /* We should discard AS_CONFED_SEQUENCE or AS_CONFED_SET path segments
517 * here but we don't support confederations and such paths we already
518 * discarded in bgp_check_as_path().
519 */
520
521 DBG("BGP: Encoding AS4_PATH\n");
522 rv = bgp_encode_attr_hdr(w, BAF_OPTIONAL | BAF_TRANSITIVE, BA_AS4_PATH, len);
523 ADVANCE(w, remains, rv);
524 memcpy(w, a->u.ptr->data, len);
525 ADVANCE(w, remains, len);
526
527 continue;
528 }
529
530 /* The same issue with AGGREGATOR attribute */
531 if ((code == BA_AGGREGATOR) && (! p->as4_session))
532 {
533 int new_used;
534
535 len = 6;
536 if (remains < (len + 3))
537 goto err_no_buffer;
538
539 rv = bgp_encode_attr_hdr(w, BAF_OPTIONAL | BAF_TRANSITIVE, BA_AGGREGATOR, len);
540 ADVANCE(w, remains, rv);
541 aggregator_convert_to_old(a->u.ptr, w, &new_used);
542 ADVANCE(w, remains, len);
543
544 if (! new_used)
545 continue;
546
547 len = 8;
548 if (remains < (len + 3))
549 goto err_no_buffer;
550
551 rv = bgp_encode_attr_hdr(w, BAF_OPTIONAL | BAF_TRANSITIVE, BA_AS4_AGGREGATOR, len);
552 ADVANCE(w, remains, rv);
553 memcpy(w, a->u.ptr->data, len);
554 ADVANCE(w, remains, len);
555
556 continue;
557 }
558
559 /* Standard path continues here ... */
560
561 flags = a->flags & (BAF_OPTIONAL | BAF_TRANSITIVE | BAF_PARTIAL);
562 len = bgp_get_attr_len(a);
563
564 /* Skip empty int sets */
565 if (((a->type & EAF_TYPE_MASK) == EAF_TYPE_INT_SET) && (len == 0))
566 continue;
567
568 if (remains < len + 4)
569 goto err_no_buffer;
570
571 rv = bgp_encode_attr_hdr(w, flags, code, len);
572 ADVANCE(w, remains, rv);
573
574 switch (a->type & EAF_TYPE_MASK)
575 {
576 case EAF_TYPE_INT:
577 case EAF_TYPE_ROUTER_ID:
578 if (len == 4)
579 put_u32(w, a->u.data);
580 else
581 *w = a->u.data;
582 break;
583 case EAF_TYPE_IP_ADDRESS:
584 {
585 ip_addr ip = *(ip_addr *)a->u.ptr->data;
586 ipa_hton(ip);
587 memcpy(w, &ip, len);
588 break;
589 }
590 case EAF_TYPE_INT_SET:
591 {
592 u32 *z = (u32 *)a->u.ptr->data;
593 int i;
594 for(i=0; i<len; i+=4)
595 put_u32(w+i, *z++);
596 break;
597 }
598 case EAF_TYPE_OPAQUE:
599 case EAF_TYPE_AS_PATH:
600 memcpy(w, a->u.ptr->data, len);
601 break;
602 default:
603 bug("bgp_encode_attrs: unknown attribute type %02x", a->type);
604 }
605 ADVANCE(w, remains, len);
606 }
607 return w - start;
608
609 err_no_buffer:
610 return -1;
611 }
612
613 static void
614 bgp_init_prefix(struct fib_node *N)
615 {
616 struct bgp_prefix *p = (struct bgp_prefix *) N;
617 p->bucket_node.next = NULL;
618 }
619
620 static int
621 bgp_compare_u32(const u32 *x, const u32 *y)
622 {
623 return (*x < *y) ? -1 : (*x > *y) ? 1 : 0;
624 }
625
626 static void
627 bgp_normalize_set(u32 *dest, u32 *src, unsigned cnt)
628 {
629 memcpy(dest, src, sizeof(u32) * cnt);
630 qsort(dest, cnt, sizeof(u32), (int(*)(const void *, const void *)) bgp_compare_u32);
631 }
632
633 static void
634 bgp_rehash_buckets(struct bgp_proto *p)
635 {
636 struct bgp_bucket **old = p->bucket_hash;
637 struct bgp_bucket **new;
638 unsigned oldn = p->hash_size;
639 unsigned i, e, mask;
640 struct bgp_bucket *b;
641
642 p->hash_size = p->hash_limit;
643 DBG("BGP: Rehashing bucket table from %d to %d\n", oldn, p->hash_size);
644 p->hash_limit *= 4;
645 if (p->hash_limit >= 65536)
646 p->hash_limit = ~0;
647 new = p->bucket_hash = mb_allocz(p->p.pool, p->hash_size * sizeof(struct bgp_bucket *));
648 mask = p->hash_size - 1;
649 for (i=0; i<oldn; i++)
650 while (b = old[i])
651 {
652 old[i] = b->hash_next;
653 e = b->hash & mask;
654 b->hash_next = new[e];
655 if (b->hash_next)
656 b->hash_next->hash_prev = b;
657 b->hash_prev = NULL;
658 new[e] = b;
659 }
660 mb_free(old);
661 }
662
663 static struct bgp_bucket *
664 bgp_new_bucket(struct bgp_proto *p, ea_list *new, unsigned hash)
665 {
666 struct bgp_bucket *b;
667 unsigned ea_size = sizeof(ea_list) + new->count * sizeof(eattr);
668 unsigned ea_size_aligned = BIRD_ALIGN(ea_size, CPU_STRUCT_ALIGN);
669 unsigned size = sizeof(struct bgp_bucket) + ea_size;
670 unsigned i;
671 byte *dest;
672 unsigned index = hash & (p->hash_size - 1);
673
674 /* Gather total size of non-inline attributes */
675 for (i=0; i<new->count; i++)
676 {
677 eattr *a = &new->attrs[i];
678 if (!(a->type & EAF_EMBEDDED))
679 size += BIRD_ALIGN(sizeof(struct adata) + a->u.ptr->length, CPU_STRUCT_ALIGN);
680 }
681
682 /* Create the bucket and hash it */
683 b = mb_alloc(p->p.pool, size);
684 b->hash_next = p->bucket_hash[index];
685 if (b->hash_next)
686 b->hash_next->hash_prev = b;
687 p->bucket_hash[index] = b;
688 b->hash_prev = NULL;
689 b->hash = hash;
690 add_tail(&p->bucket_queue, &b->send_node);
691 init_list(&b->prefixes);
692 memcpy(b->eattrs, new, ea_size);
693 dest = ((byte *)b->eattrs) + ea_size_aligned;
694
695 /* Copy values of non-inline attributes */
696 for (i=0; i<new->count; i++)
697 {
698 eattr *a = &b->eattrs->attrs[i];
699 if (!(a->type & EAF_EMBEDDED))
700 {
701 struct adata *oa = a->u.ptr;
702 struct adata *na = (struct adata *) dest;
703 memcpy(na, oa, sizeof(struct adata) + oa->length);
704 a->u.ptr = na;
705 dest += BIRD_ALIGN(sizeof(struct adata) + na->length, CPU_STRUCT_ALIGN);
706 }
707 }
708
709 /* If needed, rehash */
710 p->hash_count++;
711 if (p->hash_count > p->hash_limit)
712 bgp_rehash_buckets(p);
713
714 return b;
715 }
716
717 static struct bgp_bucket *
718 bgp_get_bucket(struct bgp_proto *p, net *n, ea_list *attrs, int originate)
719 {
720 ea_list *new;
721 unsigned i, cnt, hash, code;
722 eattr *a, *d;
723 u32 seen = 0;
724 struct bgp_bucket *b;
725
726 /* Merge the attribute list */
727 new = alloca(ea_scan(attrs));
728 ea_merge(attrs, new);
729 ea_sort(new);
730
731 /* Normalize attributes */
732 d = new->attrs;
733 cnt = new->count;
734 new->count = 0;
735 for(i=0; i<cnt; i++)
736 {
737 a = &new->attrs[i];
738 #ifdef LOCAL_DEBUG
739 {
740 byte buf[EA_FORMAT_BUF_SIZE];
741 ea_format(a, buf);
742 DBG("\t%s\n", buf);
743 }
744 #endif
745 if (EA_PROTO(a->id) != EAP_BGP)
746 continue;
747 code = EA_ID(a->id);
748 if (ATTR_KNOWN(code))
749 {
750 if (!bgp_attr_table[code].allow_in_ebgp && !p->is_internal)
751 continue;
752 /* The flags might have been zero if the attr was added by filters */
753 a->flags = (a->flags & BAF_PARTIAL) | bgp_attr_table[code].expected_flags;
754 if (code < 32)
755 seen |= 1 << code;
756 }
757 else
758 {
759 /* Don't re-export unknown non-transitive attributes */
760 if (!(a->flags & BAF_TRANSITIVE))
761 continue;
762 }
763 *d = *a;
764 if ((d->type & EAF_ORIGINATED) && !originate && (d->flags & BAF_TRANSITIVE) && (d->flags & BAF_OPTIONAL))
765 d->flags |= BAF_PARTIAL;
766 switch (d->type & EAF_TYPE_MASK)
767 {
768 case EAF_TYPE_INT_SET:
769 {
770 struct adata *z = alloca(sizeof(struct adata) + d->u.ptr->length);
771 z->length = d->u.ptr->length;
772 bgp_normalize_set((u32 *) z->data, (u32 *) d->u.ptr->data, z->length / 4);
773 d->u.ptr = z;
774 break;
775 }
776 default: ;
777 }
778 d++;
779 new->count++;
780 }
781
782 /* Hash */
783 hash = ea_hash(new);
784 for(b=p->bucket_hash[hash & (p->hash_size - 1)]; b; b=b->hash_next)
785 if (b->hash == hash && ea_same(b->eattrs, new))
786 {
787 DBG("Found bucket.\n");
788 return b;
789 }
790
791 /* Ensure that there are all mandatory attributes */
792 for(i=0; i<ARRAY_SIZE(bgp_mandatory_attrs); i++)
793 if (!(seen & (1 << bgp_mandatory_attrs[i])))
794 {
795 log(L_ERR "%s: Mandatory attribute %s missing in route %I/%d", p->p.name, bgp_attr_table[bgp_mandatory_attrs[i]].name, n->n.prefix, n->n.pxlen);
796 return NULL;
797 }
798
799 /* Check if next hop is valid */
800 a = ea_find(new, EA_CODE(EAP_BGP, BA_NEXT_HOP));
801 if (!a || ipa_equal(p->cf->remote_ip, *(ip_addr *)a->u.ptr->data))
802 {
803 log(L_ERR "%s: Invalid NEXT_HOP attribute in route %I/%d", p->p.name, n->n.prefix, n->n.pxlen);
804 return NULL;
805 }
806
807 /* Create new bucket */
808 DBG("Creating bucket.\n");
809 return bgp_new_bucket(p, new, hash);
810 }
811
812 void
813 bgp_free_bucket(struct bgp_proto *p, struct bgp_bucket *buck)
814 {
815 if (buck->hash_next)
816 buck->hash_next->hash_prev = buck->hash_prev;
817 if (buck->hash_prev)
818 buck->hash_prev->hash_next = buck->hash_next;
819 else
820 p->bucket_hash[buck->hash & (p->hash_size-1)] = buck->hash_next;
821 mb_free(buck);
822 }
823
824 void
825 bgp_rt_notify(struct proto *P, rtable *tbl UNUSED, net *n, rte *new, rte *old UNUSED, ea_list *attrs)
826 {
827 struct bgp_proto *p = (struct bgp_proto *) P;
828 struct bgp_bucket *buck;
829 struct bgp_prefix *px;
830
831 DBG("BGP: Got route %I/%d %s\n", n->n.prefix, n->n.pxlen, new ? "up" : "down");
832
833 if (new)
834 {
835 buck = bgp_get_bucket(p, n, attrs, new->attrs->source != RTS_BGP);
836 if (!buck) /* Inconsistent attribute list */
837 return;
838 }
839 else
840 {
841 if (!(buck = p->withdraw_bucket))
842 {
843 buck = p->withdraw_bucket = mb_alloc(P->pool, sizeof(struct bgp_bucket));
844 init_list(&buck->prefixes);
845 }
846 }
847 px = fib_get(&p->prefix_fib, &n->n.prefix, n->n.pxlen);
848 if (px->bucket_node.next)
849 {
850 DBG("\tRemoving old entry.\n");
851 rem_node(&px->bucket_node);
852 }
853 add_tail(&buck->prefixes, &px->bucket_node);
854 bgp_schedule_packet(p->conn, PKT_UPDATE);
855 }
856
857 static int
858 bgp_create_attrs(struct bgp_proto *p, rte *e, ea_list **attrs, struct linpool *pool)
859 {
860 ea_list *ea = lp_alloc(pool, sizeof(ea_list) + 4*sizeof(eattr));
861 rta *rta = e->attrs;
862 byte *z;
863
864 ea->next = *attrs;
865 *attrs = ea;
866 ea->flags = EALF_SORTED;
867 ea->count = 4;
868
869 bgp_set_attr(ea->attrs, BA_ORIGIN,
870 ((rta->source == RTS_OSPF_EXT1) || (rta->source == RTS_OSPF_EXT2)) ? ORIGIN_INCOMPLETE : ORIGIN_IGP);
871
872 if (p->is_internal)
873 bgp_set_attr_wa(ea->attrs+1, pool, BA_AS_PATH, 0);
874 else
875 {
876 z = bgp_set_attr_wa(ea->attrs+1, pool, BA_AS_PATH, 6);
877 z[0] = AS_PATH_SEQUENCE;
878 z[1] = 1; /* 1 AS */
879 put_u32(z+2, p->local_as);
880 }
881
882 /* iBGP -> use gw, eBGP multi-hop -> use source_addr,
883 eBGP single-hop -> use gw if on the same iface */
884 z = bgp_set_attr_wa(ea->attrs+2, pool, BA_NEXT_HOP, NEXT_HOP_LENGTH);
885 if (p->cf->next_hop_self ||
886 rta->dest != RTD_ROUTER ||
887 ipa_equal(rta->gw, IPA_NONE) ||
888 ipa_has_link_scope(rta->gw) ||
889 (!p->is_internal && (!p->neigh || (rta->iface != p->neigh->iface))))
890 set_next_hop(z, p->source_addr);
891 else
892 set_next_hop(z, rta->gw);
893
894 bgp_set_attr(ea->attrs+3, BA_LOCAL_PREF, p->cf->default_local_pref);
895
896 return 0; /* Leave decision to the filters */
897 }
898
899
900 static inline int
901 bgp_as_path_loopy(struct bgp_proto *p, rta *a)
902 {
903 eattr *e = ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_AS_PATH));
904 return (e && as_path_is_member(e->u.ptr, p->local_as));
905 }
906
907 static inline int
908 bgp_originator_id_loopy(struct bgp_proto *p, rta *a)
909 {
910 eattr *e = ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_ORIGINATOR_ID));
911 return (e && (e->u.data == p->local_id));
912 }
913
914 static inline int
915 bgp_cluster_list_loopy(struct bgp_proto *p, rta *a)
916 {
917 eattr *e = ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_CLUSTER_LIST));
918 return (e && p->rr_client && int_set_contains(e->u.ptr, p->rr_cluster_id));
919 }
920
921
922 static inline void
923 bgp_path_prepend(rte *e, ea_list **attrs, struct linpool *pool, u32 as)
924 {
925 eattr *a = ea_find(e->attrs->eattrs, EA_CODE(EAP_BGP, BA_AS_PATH));
926 bgp_attach_attr(attrs, pool, BA_AS_PATH, (uintptr_t) as_path_prepend(pool, a->u.ptr, as));
927 }
928
929 static inline void
930 bgp_cluster_list_prepend(rte *e, ea_list **attrs, struct linpool *pool, u32 cid)
931 {
932 eattr *a = ea_find(e->attrs->eattrs, EA_CODE(EAP_BGP, BA_CLUSTER_LIST));
933 bgp_attach_attr(attrs, pool, BA_CLUSTER_LIST, (uintptr_t) int_set_add(pool, a ? a->u.ptr : NULL, cid));
934 }
935
936 static int
937 bgp_update_attrs(struct bgp_proto *p, rte *e, ea_list **attrs, struct linpool *pool, int rr)
938 {
939 eattr *a;
940
941 if (!p->is_internal && !p->rs_client)
942 {
943 bgp_path_prepend(e, attrs, pool, p->local_as);
944
945 /* The MULTI_EXIT_DISC attribute received from a neighboring AS MUST NOT be
946 * propagated to other neighboring ASes.
947 * Perhaps it would be better to undefine it.
948 */
949 a = ea_find(e->attrs->eattrs, EA_CODE(EAP_BGP, BA_MULTI_EXIT_DISC));
950 if (a)
951 bgp_attach_attr(attrs, pool, BA_MULTI_EXIT_DISC, 0);
952 }
953
954 /* iBGP -> keep next_hop, eBGP multi-hop -> use source_addr,
955 eBGP single-hop -> keep next_hop if on the same iface */
956 a = ea_find(e->attrs->eattrs, EA_CODE(EAP_BGP, BA_NEXT_HOP));
957 if (a && !p->cf->next_hop_self &&
958 (p->is_internal || (p->neigh && (e->attrs->iface == p->neigh->iface))))
959 {
960 /* Leave the original next hop attribute, will check later where does it point */
961 }
962 else
963 {
964 /* Need to create new one */
965 byte *b = bgp_attach_attr_wa(attrs, pool, BA_NEXT_HOP, NEXT_HOP_LENGTH);
966 set_next_hop(b, p->source_addr);
967 }
968
969 if (rr)
970 {
971 /* Handling route reflection, RFC 4456 */
972 struct bgp_proto *src = (struct bgp_proto *) e->attrs->proto;
973
974 a = ea_find(e->attrs->eattrs, EA_CODE(EAP_BGP, BA_ORIGINATOR_ID));
975 if (!a)
976 bgp_attach_attr(attrs, pool, BA_ORIGINATOR_ID, src->remote_id);
977
978 /* We attach proper cluster ID according to whether the route is entering or leaving the cluster */
979 bgp_cluster_list_prepend(e, attrs, pool, src->rr_client ? src->rr_cluster_id : p->rr_cluster_id);
980
981 /* Two RR clients with different cluster ID, hmmm */
982 if (src->rr_client && p->rr_client && (src->rr_cluster_id != p->rr_cluster_id))
983 bgp_cluster_list_prepend(e, attrs, pool, p->rr_cluster_id);
984 }
985
986 return 0; /* Leave decision to the filters */
987 }
988
989 static int
990 bgp_community_filter(struct bgp_proto *p, rte *e)
991 {
992 eattr *a;
993 struct adata *d;
994
995 /* Check if we aren't forbidden to export the route by communities */
996 a = ea_find(e->attrs->eattrs, EA_CODE(EAP_BGP, BA_COMMUNITY));
997 if (a)
998 {
999 d = a->u.ptr;
1000 if (int_set_contains(d, BGP_COMM_NO_ADVERTISE))
1001 {
1002 DBG("\tNO_ADVERTISE\n");
1003 return 1;
1004 }
1005 if (!p->is_internal &&
1006 (int_set_contains(d, BGP_COMM_NO_EXPORT) ||
1007 int_set_contains(d, BGP_COMM_NO_EXPORT_SUBCONFED)))
1008 {
1009 DBG("\tNO_EXPORT\n");
1010 return 1;
1011 }
1012 }
1013
1014 return 0;
1015 }
1016
1017 int
1018 bgp_import_control(struct proto *P, rte **new, ea_list **attrs, struct linpool *pool)
1019 {
1020 rte *e = *new;
1021 struct bgp_proto *p = (struct bgp_proto *) P;
1022 struct bgp_proto *new_bgp = (e->attrs->proto->proto == &proto_bgp) ? (struct bgp_proto *) e->attrs->proto : NULL;
1023
1024 if (p == new_bgp) /* Poison reverse updates */
1025 return -1;
1026 if (new_bgp)
1027 {
1028 /* We should check here for cluster list loop, because the receiving BGP instance
1029 might have different cluster ID */
1030 if (bgp_cluster_list_loopy(p, e->attrs))
1031 return -1;
1032
1033 if (p->cf->interpret_communities && bgp_community_filter(p, e))
1034 return -1;
1035
1036 if (p->local_as == new_bgp->local_as && p->is_internal && new_bgp->is_internal)
1037 {
1038 /* Redistribution of internal routes with IBGP */
1039 if (p->rr_client || new_bgp->rr_client)
1040 /* Route reflection, RFC 4456 */
1041 return bgp_update_attrs(p, e, attrs, pool, 1);
1042 else
1043 return -1;
1044 }
1045 else
1046 return bgp_update_attrs(p, e, attrs, pool, 0);
1047 }
1048 else
1049 return bgp_create_attrs(p, e, attrs, pool);
1050 }
1051
1052 static inline u32
1053 bgp_get_neighbor(rte *r)
1054 {
1055 eattr *e = ea_find(r->attrs->eattrs, EA_CODE(EAP_BGP, BA_AS_PATH));
1056 u32 as;
1057
1058 if (e && as_path_get_first(e->u.ptr, &as))
1059 return as;
1060 else
1061 return ((struct bgp_proto *) r->attrs->proto)->remote_as;
1062 }
1063
1064 static inline int
1065 rte_resolvable(rte *rt)
1066 {
1067 int rd = rt->attrs->dest;
1068 return (rd == RTD_ROUTER) || (rd == RTD_DEVICE) || (rd == RTD_MULTIPATH);
1069 }
1070
1071 int
1072 bgp_rte_better(rte *new, rte *old)
1073 {
1074 struct bgp_proto *new_bgp = (struct bgp_proto *) new->attrs->proto;
1075 struct bgp_proto *old_bgp = (struct bgp_proto *) old->attrs->proto;
1076 eattr *x, *y;
1077 u32 n, o;
1078
1079 /* RFC 4271 9.1.2.1. Route resolvability test */
1080 n = rte_resolvable(new);
1081 o = rte_resolvable(old);
1082 if (n > o)
1083 return 1;
1084 if (n < o)
1085 return 0;
1086
1087 /* Start with local preferences */
1088 x = ea_find(new->attrs->eattrs, EA_CODE(EAP_BGP, BA_LOCAL_PREF));
1089 y = ea_find(old->attrs->eattrs, EA_CODE(EAP_BGP, BA_LOCAL_PREF));
1090 n = x ? x->u.data : new_bgp->cf->default_local_pref;
1091 o = y ? y->u.data : old_bgp->cf->default_local_pref;
1092 if (n > o)
1093 return 1;
1094 if (n < o)
1095 return 0;
1096
1097 /* RFC 4271 9.1.2.2. a) Use AS path lengths */
1098 if (new_bgp->cf->compare_path_lengths || old_bgp->cf->compare_path_lengths)
1099 {
1100 x = ea_find(new->attrs->eattrs, EA_CODE(EAP_BGP, BA_AS_PATH));
1101 y = ea_find(old->attrs->eattrs, EA_CODE(EAP_BGP, BA_AS_PATH));
1102 n = x ? as_path_getlen(x->u.ptr) : AS_PATH_MAXLEN;
1103 o = y ? as_path_getlen(y->u.ptr) : AS_PATH_MAXLEN;
1104 if (n < o)
1105 return 1;
1106 if (n > o)
1107 return 0;
1108 }
1109
1110 /* RFC 4271 9.1.2.2. b) Use origins */
1111 x = ea_find(new->attrs->eattrs, EA_CODE(EAP_BGP, BA_ORIGIN));
1112 y = ea_find(old->attrs->eattrs, EA_CODE(EAP_BGP, BA_ORIGIN));
1113 n = x ? x->u.data : ORIGIN_INCOMPLETE;
1114 o = y ? y->u.data : ORIGIN_INCOMPLETE;
1115 if (n < o)
1116 return 1;
1117 if (n > o)
1118 return 0;
1119
1120 /* RFC 4271 9.1.2.2. c) Compare MED's */
1121 /* This is noncompliant. Proper RFC 4271 path selection cannot be
1122 * interpreted as finding the best path in some ordering.
1123 * Therefore, it cannot be implemented in BIRD without some ugly
1124 * hacks. This is just an approximation, which in specific
1125 * situations may lead to persistent routing loops, because it is
1126 * nondeterministic - it depends on the order in which routes
1127 * appeared. But it is also the same behavior as used by default in
1128 * Cisco routers, so it is probably not a big issue.
1129 */
1130 if (new_bgp->cf->med_metric || old_bgp->cf->med_metric ||
1131 (bgp_get_neighbor(new) == bgp_get_neighbor(old)))
1132 {
1133 x = ea_find(new->attrs->eattrs, EA_CODE(EAP_BGP, BA_MULTI_EXIT_DISC));
1134 y = ea_find(old->attrs->eattrs, EA_CODE(EAP_BGP, BA_MULTI_EXIT_DISC));
1135 n = x ? x->u.data : new_bgp->cf->default_med;
1136 o = y ? y->u.data : old_bgp->cf->default_med;
1137 if (n < o)
1138 return 1;
1139 if (n > o)
1140 return 0;
1141 }
1142
1143 /* RFC 4271 9.1.2.2. d) Prefer external peers */
1144 if (new_bgp->is_internal > old_bgp->is_internal)
1145 return 0;
1146 if (new_bgp->is_internal < old_bgp->is_internal)
1147 return 1;
1148
1149 /* RFC 4271 9.1.2.2. e) Compare IGP metrics */
1150 n = new_bgp->cf->igp_metric ? new->attrs->igp_metric : 0;
1151 o = old_bgp->cf->igp_metric ? old->attrs->igp_metric : 0;
1152 if (n < o)
1153 return 1;
1154 if (n > o)
1155 return 0;
1156
1157 /* RFC 4271 9.1.2.2. f) Compare BGP identifiers */
1158 /* RFC 4456 9. a) Use ORIGINATOR_ID instead of local neighor ID */
1159 x = ea_find(new->attrs->eattrs, EA_CODE(EAP_BGP, BA_ORIGINATOR_ID));
1160 y = ea_find(old->attrs->eattrs, EA_CODE(EAP_BGP, BA_ORIGINATOR_ID));
1161 n = x ? x->u.data : new_bgp->remote_id;
1162 o = y ? y->u.data : old_bgp->remote_id;
1163
1164 /* RFC 5004 - prefer older routes */
1165 /* (if both are external and from different peer) */
1166 if ((new_bgp->cf->prefer_older || old_bgp->cf->prefer_older) &&
1167 !new_bgp->is_internal && n != o)
1168 return 0;
1169
1170 /* rest of RFC 4271 9.1.2.2. f) */
1171 if (n < o)
1172 return 1;
1173 if (n > o)
1174 return 0;
1175
1176 /* RFC 4456 9. b) Compare cluster list lengths */
1177 x = ea_find(new->attrs->eattrs, EA_CODE(EAP_BGP, BA_CLUSTER_LIST));
1178 y = ea_find(old->attrs->eattrs, EA_CODE(EAP_BGP, BA_CLUSTER_LIST));
1179 n = x ? int_set_get_size(x->u.ptr) : 0;
1180 o = y ? int_set_get_size(y->u.ptr) : 0;
1181 if (n < o)
1182 return 1;
1183 if (n > o)
1184 return 0;
1185
1186 /* RFC 4271 9.1.2.2. g) Compare peer IP adresses */
1187 return (ipa_compare(new_bgp->cf->remote_ip, old_bgp->cf->remote_ip) < 0);
1188 }
1189
1190 static struct adata *
1191 bgp_aggregator_convert_to_new(struct adata *old, struct linpool *pool)
1192 {
1193 struct adata *newa = lp_alloc(pool, sizeof(struct adata) + 8);
1194 newa->length = 8;
1195 aggregator_convert_to_new(old, newa->data);
1196 return newa;
1197 }
1198
1199
1200 /* Take last req_as ASNs from path old2 (in 2B format), convert to 4B format
1201 * and append path old4 (in 4B format).
1202 */
1203 static struct adata *
1204 bgp_merge_as_paths(struct adata *old2, struct adata *old4, int req_as, struct linpool *pool)
1205 {
1206 byte buf[old2->length * 2];
1207
1208 int ol = as_path_convert_to_new(old2, buf, req_as);
1209 int nl = ol + (old4 ? old4->length : 0);
1210
1211 struct adata *newa = lp_alloc(pool, sizeof(struct adata) + nl);
1212 newa->length = nl;
1213 memcpy(newa->data, buf, ol);
1214 if (old4) memcpy(newa->data + ol, old4->data, old4->length);
1215
1216 return newa;
1217 }
1218
1219 static int
1220 as4_aggregator_valid(struct adata *aggr)
1221 {
1222 return aggr->length == 8;
1223 }
1224
1225
1226 /* Reconstruct 4B AS_PATH and AGGREGATOR according to RFC 4893 4.2.3 */
1227 static void
1228 bgp_reconstruct_4b_atts(struct bgp_proto *p, rta *a, struct linpool *pool)
1229 {
1230 eattr *p2 =ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_AS_PATH));
1231 eattr *p4 =ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_AS4_PATH));
1232 eattr *a2 =ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_AGGREGATOR));
1233 eattr *a4 =ea_find(a->eattrs, EA_CODE(EAP_BGP, BA_AS4_AGGREGATOR));
1234 int a4_removed = 0;
1235
1236 if (a4 && !as4_aggregator_valid(a4->u.ptr))
1237 {
1238 log(L_WARN "%s: AS4_AGGREGATOR attribute is invalid, skipping attribute", p->p.name);
1239 a4 = NULL;
1240 a4_removed = 1;
1241 }
1242
1243 if (a2)
1244 {
1245 u32 a2_as = get_u16(a2->u.ptr->data);
1246
1247 if (a4)
1248 {
1249 if (a2_as != AS_TRANS)
1250 {
1251 /* Routes were aggregated by old router and therefore AS4_PATH
1252 * and AS4_AGGREGATOR is invalid
1253 *
1254 * Convert AS_PATH and AGGREGATOR to 4B format and finish.
1255 */
1256
1257 a2->u.ptr = bgp_aggregator_convert_to_new(a2->u.ptr, pool);
1258 p2->u.ptr = bgp_merge_as_paths(p2->u.ptr, NULL, AS_PATH_MAXLEN, pool);
1259
1260 return;
1261 }
1262 else
1263 {
1264 /* Common case, use AS4_AGGREGATOR attribute */
1265 a2->u.ptr = a4->u.ptr;
1266 }
1267 }
1268 else
1269 {
1270 /* Common case, use old AGGREGATOR attribute */
1271 a2->u.ptr = bgp_aggregator_convert_to_new(a2->u.ptr, pool);
1272
1273 if ((a2_as == AS_TRANS) && !a4_removed)
1274 log(L_WARN "%s: AGGREGATOR attribute contain AS_TRANS, but AS4_AGGREGATOR is missing", p->p.name);
1275 }
1276 }
1277 else
1278 if (a4)
1279 log(L_WARN "%s: AS4_AGGREGATOR attribute received, but AGGREGATOR attribute is missing", p->p.name);
1280
1281 int p2_len = as_path_getlen_int(p2->u.ptr, 2);
1282 int p4_len = p4 ? validate_as4_path(p, p4->u.ptr) : -1;
1283
1284 if (p4 && (p4_len < 0))
1285 log(L_WARN "%s: AS4_PATH attribute is malformed, skipping attribute", p->p.name);
1286
1287 if ((p4_len <= 0) || (p2_len < p4_len))
1288 p2->u.ptr = bgp_merge_as_paths(p2->u.ptr, NULL, AS_PATH_MAXLEN, pool);
1289 else
1290 p2->u.ptr = bgp_merge_as_paths(p2->u.ptr, p4->u.ptr, p2_len - p4_len, pool);
1291 }
1292
1293 static void
1294 bgp_remove_as4_attrs(struct bgp_proto *p, rta *a)
1295 {
1296 unsigned id1 = EA_CODE(EAP_BGP, BA_AS4_PATH);
1297 unsigned id2 = EA_CODE(EAP_BGP, BA_AS4_AGGREGATOR);
1298 ea_list **el = &(a->eattrs);
1299
1300 /* We know that ea_lists constructed in bgp_decode attrs have one attribute per ea_list struct */
1301 while (*el != NULL)
1302 {
1303 unsigned fid = (*el)->attrs[0].id;
1304
1305 if ((fid == id1) || (fid == id2))
1306 {
1307 *el = (*el)->next;
1308 if (p->as4_session)
1309 log(L_WARN "%s: Unexpected AS4_* attributes received", p->p.name);
1310 }
1311 else
1312 el = &((*el)->next);
1313 }
1314 }
1315
1316 /**
1317 * bgp_decode_attrs - check and decode BGP attributes
1318 * @conn: connection
1319 * @attr: start of attribute block
1320 * @len: length of attribute block
1321 * @pool: linear pool to make all the allocations in
1322 * @mandatory: 1 iff presence of mandatory attributes has to be checked
1323 *
1324 * This function takes a BGP attribute block (a part of an Update message), checks
1325 * its consistency and converts it to a list of BIRD route attributes represented
1326 * by a &rta.
1327 */
1328 struct rta *
1329 bgp_decode_attrs(struct bgp_conn *conn, byte *attr, unsigned int len, struct linpool *pool, int mandatory)
1330 {
1331 struct bgp_proto *bgp = conn->bgp;
1332 rta *a = lp_alloc(pool, sizeof(struct rta));
1333 unsigned int flags, code, l, i, type;
1334 int errcode;
1335 byte *z, *attr_start;
1336 byte seen[256/8];
1337 ea_list *ea;
1338 struct adata *ad;
1339 int withdraw = 0;
1340
1341 bzero(a, sizeof(rta));
1342 a->proto = &bgp->p;
1343 a->source = RTS_BGP;
1344 a->scope = SCOPE_UNIVERSE;
1345 a->cast = RTC_UNICAST;
1346 /* a->dest = RTD_ROUTER; -- set in bgp_set_next_hop() */
1347 a->from = bgp->cf->remote_ip;
1348
1349 /* Parse the attributes */
1350 bzero(seen, sizeof(seen));
1351 DBG("BGP: Parsing attributes\n");
1352 while (len)
1353 {
1354 if (len < 2)
1355 goto malformed;
1356 attr_start = attr;
1357 flags = *attr++;
1358 code = *attr++;
1359 len -= 2;
1360 if (flags & BAF_EXT_LEN)
1361 {
1362 if (len < 2)
1363 goto malformed;
1364 l = get_u16(attr);
1365 attr += 2;
1366 len -= 2;
1367 }
1368 else
1369 {
1370 if (len < 1)
1371 goto malformed;
1372 l = *attr++;
1373 len--;
1374 }
1375 if (l > len)
1376 goto malformed;
1377 len -= l;
1378 z = attr;
1379 attr += l;
1380 DBG("Attr %02x %02x %d\n", code, flags, l);
1381 if (seen[code/8] & (1 << (code%8)))
1382 goto malformed;
1383 if (ATTR_KNOWN(code))
1384 {
1385 struct attr_desc *desc = &bgp_attr_table[code];
1386 if (desc->expected_length >= 0 && desc->expected_length != (int) l)
1387 { errcode = 5; goto err; }
1388 if ((desc->expected_flags ^ flags) & (BAF_OPTIONAL | BAF_TRANSITIVE))
1389 { errcode = 4; goto err; }
1390 if (!desc->allow_in_ebgp && !bgp->is_internal)
1391 continue;
1392 if (desc->validate)
1393 {
1394 errcode = desc->validate(bgp, z, l);
1395 if (errcode > 0)
1396 goto err;
1397 if (errcode == IGNORE)
1398 continue;
1399 if (errcode <= WITHDRAW)
1400 {
1401 log(L_WARN "%s: Attribute %s is malformed, withdrawing update",
1402 bgp->p.name, desc->name);
1403 withdraw = 1;
1404 }
1405 }
1406 else if (code == BA_AS_PATH)
1407 {
1408 /* Special case as it might also trim the attribute */
1409 if (validate_as_path(bgp, z, &l) < 0)
1410 { errcode = 11; goto err; }
1411 }
1412 type = desc->type;
1413 }
1414 else /* Unknown attribute */
1415 {
1416 if (!(flags & BAF_OPTIONAL))
1417 { errcode = 2; goto err; }
1418 type = EAF_TYPE_OPAQUE;
1419 }
1420
1421 // Only OPTIONAL and TRANSITIVE attributes may have non-zero PARTIAL flag
1422 // if (!((flags & BAF_OPTIONAL) && (flags & BAF_TRANSITIVE)) && (flags & BAF_PARTIAL))
1423 // { errcode = 4; goto err; }
1424
1425 seen[code/8] |= (1 << (code%8));
1426 ea = lp_alloc(pool, sizeof(ea_list) + sizeof(eattr));
1427 ea->next = a->eattrs;
1428 a->eattrs = ea;
1429 ea->flags = 0;
1430 ea->count = 1;
1431 ea->attrs[0].id = EA_CODE(EAP_BGP, code);
1432 ea->attrs[0].flags = flags;
1433 ea->attrs[0].type = type;
1434 if (type & EAF_EMBEDDED)
1435 ad = NULL;
1436 else
1437 {
1438 ad = lp_alloc(pool, sizeof(struct adata) + l);
1439 ea->attrs[0].u.ptr = ad;
1440 ad->length = l;
1441 memcpy(ad->data, z, l);
1442 }
1443 switch (type)
1444 {
1445 case EAF_TYPE_ROUTER_ID:
1446 case EAF_TYPE_INT:
1447 if (l == 1)
1448 ea->attrs[0].u.data = *z;
1449 else
1450 ea->attrs[0].u.data = get_u32(z);
1451 break;
1452 case EAF_TYPE_IP_ADDRESS:
1453 ipa_ntoh(*(ip_addr *)ad->data);
1454 break;
1455 case EAF_TYPE_INT_SET:
1456 {
1457 u32 *z = (u32 *) ad->data;
1458 for(i=0; i<ad->length/4; i++)
1459 z[i] = ntohl(z[i]);
1460 break;
1461 }
1462 }
1463 }
1464
1465 if (withdraw)
1466 goto withdraw;
1467
1468 #ifdef IPV6
1469 /* If we received MP_REACH_NLRI we should check mandatory attributes */
1470 if (bgp->mp_reach_len != 0)
1471 mandatory = 1;
1472 #endif
1473
1474 /* If there is no (reachability) NLRI, we should exit now */
1475 if (! mandatory)
1476 return a;
1477
1478 /* Check if all mandatory attributes are present */
1479 for(i=0; i < ARRAY_SIZE(bgp_mandatory_attrs); i++)
1480 {
1481 code = bgp_mandatory_attrs[i];
1482 if (!(seen[code/8] & (1 << (code%8))))
1483 {
1484 bgp_error(conn, 3, 3, &bgp_mandatory_attrs[i], 1);
1485 return NULL;
1486 }
1487 }
1488
1489 /* When receiving attributes from non-AS4-aware BGP speaker,
1490 * we have to reconstruct 4B AS_PATH and AGGREGATOR attributes
1491 */
1492 if (! bgp->as4_session)
1493 bgp_reconstruct_4b_atts(bgp, a, pool);
1494
1495 bgp_remove_as4_attrs(bgp, a);
1496
1497 /* If the AS path attribute contains our AS, reject the routes */
1498 if (bgp_as_path_loopy(bgp, a))
1499 goto withdraw;
1500
1501 /* Two checks for IBGP loops caused by route reflection, RFC 4456 */
1502 if (bgp_originator_id_loopy(bgp, a) ||
1503 bgp_cluster_list_loopy(bgp, a))
1504 goto withdraw;
1505
1506 /* If there's no local preference, define one */
1507 if (!(seen[0] & (1 << BA_LOCAL_PREF)))
1508 bgp_attach_attr(&a->eattrs, pool, BA_LOCAL_PREF, bgp->cf->default_local_pref);
1509
1510 return a;
1511
1512 withdraw:
1513 return NULL;
1514
1515 malformed:
1516 bgp_error(conn, 3, 1, NULL, 0);
1517 return NULL;
1518
1519 err:
1520 bgp_error(conn, 3, errcode, attr_start, z+l-attr_start);
1521 return NULL;
1522 }
1523
1524 int
1525 bgp_get_attr(eattr *a, byte *buf, int buflen)
1526 {
1527 unsigned int i = EA_ID(a->id);
1528 struct attr_desc *d;
1529
1530 if (ATTR_KNOWN(i))
1531 {
1532 d = &bgp_attr_table[i];
1533 buf += bsprintf(buf, "%s", d->name);
1534 if (d->format)
1535 {
1536 *buf++ = ':';
1537 *buf++ = ' ';
1538 d->format(a, buf, buflen);
1539 return GA_FULL;
1540 }
1541 return GA_NAME;
1542 }
1543 bsprintf(buf, "%02x%s", i, (a->flags & BAF_TRANSITIVE) ? " [t]" : "");
1544 return GA_NAME;
1545 }
1546
1547 void
1548 bgp_attr_init(struct bgp_proto *p)
1549 {
1550 p->hash_size = 256;
1551 p->hash_limit = p->hash_size * 4;
1552 p->bucket_hash = mb_allocz(p->p.pool, p->hash_size * sizeof(struct bgp_bucket *));
1553 init_list(&p->bucket_queue);
1554 p->withdraw_bucket = NULL;
1555 fib_init(&p->prefix_fib, p->p.pool, sizeof(struct bgp_prefix), 0, bgp_init_prefix);
1556 }
1557
1558 void
1559 bgp_get_route_info(rte *e, byte *buf, ea_list *attrs)
1560 {
1561 eattr *p = ea_find(attrs, EA_CODE(EAP_BGP, BA_AS_PATH));
1562 eattr *o = ea_find(attrs, EA_CODE(EAP_BGP, BA_ORIGIN));
1563 u32 origas;
1564
1565 buf += bsprintf(buf, " (%d", e->pref);
1566 if (e->attrs->hostentry)
1567 {
1568 if (!rte_resolvable(e))
1569 buf += bsprintf(buf, "/-");
1570 else if (e->attrs->igp_metric >= IGP_METRIC_UNKNOWN)
1571 buf += bsprintf(buf, "/?");
1572 else
1573 buf += bsprintf(buf, "/%d", e->attrs->igp_metric);
1574 }
1575 buf += bsprintf(buf, ") [");
1576
1577 if (p && as_path_get_last(p->u.ptr, &origas))
1578 buf += bsprintf(buf, "AS%u", origas);
1579 if (o)
1580 buf += bsprintf(buf, "%c", "ie?"[o->u.data]);
1581 strcpy(buf, "]");
1582 }
Mirror of https://gitlab.labs.nic.cz/labs/bird.git