diff options
| author | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2015-03-06 15:36:21 +0900 |
|---|---|---|
| committer | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2015-03-06 15:36:21 +0900 |
| commit | a085ce2d338e9a79b98d0f9ea24c5b80bccdf0e1 (patch) | |
| tree | 8bbb9d6b0d8866f20f411f60943344ab241ae202 | |
| parent | ea6446b4ef6e461837ed4f94216fe4fadf2964fa (diff) | |
server: check route refresh afi and safi
If it's not valid, log a warning and ignore.
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
| -rw-r--r-- | packet/bgp.go | 4 | ||||
| -rw-r--r-- | packet/validate.go | 6 | ||||
| -rw-r--r-- | server/peer.go | 10 |
3 files changed, 15 insertions, 5 deletions
diff --git a/packet/bgp.go b/packet/bgp.go index debce3e5..3a27bce0 100644 --- a/packet/bgp.go +++ b/packet/bgp.go @@ -955,7 +955,7 @@ func (n *RouteTargetMembershipNLRI) String() string { return fmt.Sprintf("%d:%s/%d", n.AS, n.RouteTarget.String(), n.Len()*8) } -func rfshift(afi uint16, safi uint8) RouteFamily { +func AfiSafiToRouteFamily(afi uint16, safi uint8) RouteFamily { return RouteFamily(int(afi)<<16 | int(safi)) } @@ -1008,7 +1008,7 @@ func GetRouteFamily(name string) (RouteFamily, error) { } func routeFamilyPrefix(afi uint16, safi uint8) (prefix AddrPrefixInterface, err error) { - switch rfshift(afi, safi) { + switch AfiSafiToRouteFamily(afi, safi) { case RF_IPv4_UC: prefix = NewIPAddrPrefix(0, "") case RF_IPv6_UC: diff --git a/packet/validate.go b/packet/validate.go index b412ee8d..80d51a9e 100644 --- a/packet/validate.go +++ b/packet/validate.go @@ -76,7 +76,7 @@ func ValidateAttribute(a PathAttributeInterface, rfs []RouteFamily) (bool, error checkPrefix := func(l []AddrPrefixInterface) bool { for _, prefix := range l { - rf := rfshift(prefix.AFI(), prefix.SAFI()) + rf := AfiSafiToRouteFamily(prefix.AFI(), prefix.SAFI()) if isRfSupported(rf, rfs) == false { return false } @@ -86,7 +86,7 @@ func ValidateAttribute(a PathAttributeInterface, rfs []RouteFamily) (bool, error switch p := a.(type) { case *PathAttributeMpUnreachNLRI: - rf := rfshift(p.AFI, p.SAFI) + rf := AfiSafiToRouteFamily(p.AFI, p.SAFI) if isRfSupported(rf, rfs) == false { return false, NewMessageError(0, 0, nil, fmt.Sprintf("Address-family rf %d not avalible for session", rf)) } @@ -94,7 +94,7 @@ func ValidateAttribute(a PathAttributeInterface, rfs []RouteFamily) (bool, error return false, NewMessageError(0, 0, nil, fmt.Sprintf("Address-family rf %d not avalible for session", rf)) } case *PathAttributeMpReachNLRI: - rf := rfshift(p.AFI, p.SAFI) + rf := AfiSafiToRouteFamily(p.AFI, p.SAFI) if isRfSupported(rf, rfs) == false { return false, NewMessageError(0, 0, nil, fmt.Sprintf("Address-family rf %d not avalible for session", rf)) } diff --git a/server/peer.go b/server/peer.go index 91d7894b..8f456b83 100644 --- a/server/peer.go +++ b/server/peer.go @@ -132,6 +132,16 @@ func (peer *Peer) handleBGPmessage(m *bgp.BGPMessage) { } case bgp.BGP_MSG_ROUTE_REFRESH: + rr := m.Body.(*bgp.BGPRouteRefresh) + rf := bgp.AfiSafiToRouteFamily(rr.AFI, rr.SAFI) + if peer.rf != rf { + log.WithFields(log.Fields{ + "Topic": "Peer", + "Key": peer.peerConfig.NeighborAddress, + "Data": rf, + }).Warn("Route family isn't supported") + return + } if _, ok := peer.capMap[bgp.BGP_CAP_ROUTE_REFRESH]; ok { pathList := peer.adjRib.GetOutPathList(peer.rf) peer.sendMessages(table.CreateUpdateMsgFromPaths(pathList)) |