diff options
| author | Satoshi Fujimoto <satoshi.fujimoto7@gmail.com> | 2017-09-20 13:32:25 +0900 |
|---|---|---|
| committer | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2017-11-07 21:53:46 +0900 |
| commit | 9d90d038a703f9e37e6fae4c1d035e889161a9c4 (patch) | |
| tree | 2b49e9837efb26715cf170d448cd70697e978f73 /server | |
| parent | e541ede1b5e4d08aaa3fffd1ee13744cc1b69c59 (diff) | |
packet/bgp: Add Validation for BGP Confederations
RFC 5065 says that:
"It is a error for a BGP speaker to receive an update message from a
confederation peer that is not in the same Member-AS that does not
have AS_CONFED_SEQUENCE as the first segment."
Signed-off-by: Satoshi Fujimoto <satoshi.fujimoto7@gmail.com>
Diffstat (limited to 'server')
| -rw-r--r-- | server/fsm.go | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/server/fsm.go b/server/fsm.go index e28ceee2..aaa13922 100644 --- a/server/fsm.go +++ b/server/fsm.go @@ -856,17 +856,17 @@ func (h *FSMHandler) recvMessageWithError() (*FsmMsg, error) { fmsg.MsgType = FSM_MSG_ROUTE_REFRESH case bgp.BGP_MSG_UPDATE: body := m.Body.(*bgp.BGPUpdate) - confedCheck := !config.IsConfederationMember(h.fsm.gConf, h.fsm.pConf) && config.IsEBGPPeer(h.fsm.gConf, h.fsm.pConf) + isEBGP := h.fsm.pConf.IsEBGPPeer(h.fsm.gConf) + isConfed := h.fsm.pConf.IsConfederationMember(h.fsm.gConf) fmsg.payload = make([]byte, len(headerBuf)+len(bodyBuf)) copy(fmsg.payload, headerBuf) copy(fmsg.payload[len(headerBuf):], bodyBuf) - ok, err := bgp.ValidateUpdateMsg(body, h.fsm.rfMap, confedCheck) + ok, err := bgp.ValidateUpdateMsg(body, h.fsm.rfMap, isEBGP, isConfed) if !ok { handling = h.handlingError(m, err, useRevisedError) } - if handling == bgp.ERROR_HANDLING_SESSION_RESET { log.WithFields(log.Fields{ "Topic": "Peer", |