1 /* RIP version 1 and 2.
2 * Copyright (C) 2005 6WIND <alain.ritoux@6wind.com>
3 * Copyright (C) 1997, 98, 99 Kunihiro Ishiguro <kunihiro@zebra.org>
4 *
5 * This file is part of GNU Zebra.
6 *
7 * GNU Zebra is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2, or (at your option) any
10 * later version.
11 *
12 * GNU Zebra is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; see the file COPYING; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include <zebra.h>
23
24 #include "vrf.h"
25 #include "if.h"
26 #include "command.h"
27 #include "prefix.h"
28 #include "table.h"
29 #include "thread.h"
30 #include "memory.h"
31 #include "log.h"
32 #include "stream.h"
33 #include "filter.h"
34 #include "sockunion.h"
35 #include "sockopt.h"
36 #include "routemap.h"
37 #include "if_rmap.h"
38 #include "plist.h"
39 #include "distribute.h"
40 #ifdef CRYPTO_INTERNAL
41 #include "md5.h"
42 #endif
43 #include "keychain.h"
44 #include "privs.h"
45 #include "lib_errors.h"
46 #include "northbound_cli.h"
47 #include "network.h"
48
49 #include "ripd/ripd.h"
50 #include "ripd/rip_nb.h"
51 #include "ripd/rip_debug.h"
52 #include "ripd/rip_errors.h"
53 #include "ripd/rip_interface.h"
54
55 /* UDP receive buffer size */
56 #define RIP_UDP_RCV_BUF 41600
57
58 DEFINE_MGROUP(RIPD, "ripd")
59 DEFINE_MTYPE_STATIC(RIPD, RIP, "RIP structure")
60 DEFINE_MTYPE_STATIC(RIPD, RIP_VRF_NAME, "RIP VRF name")
61 DEFINE_MTYPE_STATIC(RIPD, RIP_INFO, "RIP route info")
62 DEFINE_MTYPE_STATIC(RIPD, RIP_DISTANCE, "RIP distance")
63
64 /* Prototypes. */
65 static void rip_output_process(struct connected *, struct sockaddr_in *, int,
66 uint8_t);
67 static int rip_triggered_update(struct thread *);
68 static int rip_update_jitter(unsigned long);
69 static void rip_distance_table_node_cleanup(struct route_table *table,
70 struct route_node *node);
71 static void rip_instance_enable(struct rip *rip, struct vrf *vrf, int sock);
72 static void rip_instance_disable(struct rip *rip);
73
74 static void rip_distribute_update(struct distribute_ctx *ctx,
75 struct distribute *dist);
76
77 static void rip_if_rmap_update(struct if_rmap_ctx *ctx,
78 struct if_rmap *if_rmap);
79
80 /* RIP output routes type. */
81 enum { rip_all_route, rip_changed_route };
82
83 /* RIP command strings. */
84 static const struct message rip_msg[] = {{RIP_REQUEST, "REQUEST"},
85 {RIP_RESPONSE, "RESPONSE"},
86 {RIP_TRACEON, "TRACEON"},
87 {RIP_TRACEOFF, "TRACEOFF"},
88 {RIP_POLL, "POLL"},
89 {RIP_POLL_ENTRY, "POLL ENTRY"},
90 {0}};
91
92 /* Generate rb-tree of RIP instances. */
rip_instance_compare(const struct rip * a,const struct rip * b)93 static inline int rip_instance_compare(const struct rip *a, const struct rip *b)
94 {
95 return strcmp(a->vrf_name, b->vrf_name);
96 }
97 RB_GENERATE(rip_instance_head, rip, entry, rip_instance_compare)
98
99 struct rip_instance_head rip_instances = RB_INITIALIZER(&rip_instances);
100
101 /* Utility function to set boradcast option to the socket. */
sockopt_broadcast(int sock)102 static int sockopt_broadcast(int sock)
103 {
104 int ret;
105 int on = 1;
106
107 ret = setsockopt(sock, SOL_SOCKET, SO_BROADCAST, (char *)&on,
108 sizeof(on));
109 if (ret < 0) {
110 zlog_warn("can't set sockopt SO_BROADCAST to socket %d", sock);
111 return -1;
112 }
113 return 0;
114 }
115
rip_route_rte(struct rip_info * rinfo)116 int rip_route_rte(struct rip_info *rinfo)
117 {
118 return (rinfo->type == ZEBRA_ROUTE_RIP
119 && rinfo->sub_type == RIP_ROUTE_RTE);
120 }
121
rip_info_new(void)122 static struct rip_info *rip_info_new(void)
123 {
124 return XCALLOC(MTYPE_RIP_INFO, sizeof(struct rip_info));
125 }
126
rip_info_free(struct rip_info * rinfo)127 void rip_info_free(struct rip_info *rinfo)
128 {
129 XFREE(MTYPE_RIP_INFO, rinfo);
130 }
131
rip_info_get_instance(const struct rip_info * rinfo)132 struct rip *rip_info_get_instance(const struct rip_info *rinfo)
133 {
134 return route_table_get_info(rinfo->rp->table);
135 }
136
137 /* RIP route garbage collect timer. */
rip_garbage_collect(struct thread * t)138 static int rip_garbage_collect(struct thread *t)
139 {
140 struct rip_info *rinfo;
141 struct route_node *rp;
142
143 rinfo = THREAD_ARG(t);
144 rinfo->t_garbage_collect = NULL;
145
146 /* Off timeout timer. */
147 RIP_TIMER_OFF(rinfo->t_timeout);
148
149 /* Get route_node pointer. */
150 rp = rinfo->rp;
151
152 /* Unlock route_node. */
153 listnode_delete(rp->info, rinfo);
154 if (list_isempty((struct list *)rp->info)) {
155 list_delete((struct list **)&rp->info);
156 route_unlock_node(rp);
157 }
158
159 /* Free RIP routing information. */
160 rip_info_free(rinfo);
161
162 return 0;
163 }
164
165 static void rip_timeout_update(struct rip *rip, struct rip_info *rinfo);
166
167 /* Add new route to the ECMP list.
168 * RETURN: the new entry added in the list, or NULL if it is not the first
169 * entry and ECMP is not allowed.
170 */
rip_ecmp_add(struct rip * rip,struct rip_info * rinfo_new)171 struct rip_info *rip_ecmp_add(struct rip *rip, struct rip_info *rinfo_new)
172 {
173 struct route_node *rp = rinfo_new->rp;
174 struct rip_info *rinfo = NULL;
175 struct list *list = NULL;
176
177 if (rp->info == NULL)
178 rp->info = list_new();
179 list = (struct list *)rp->info;
180
181 /* If ECMP is not allowed and some entry already exists in the list,
182 * do nothing. */
183 if (listcount(list) && !rip->ecmp)
184 return NULL;
185
186 rinfo = rip_info_new();
187 memcpy(rinfo, rinfo_new, sizeof(struct rip_info));
188 listnode_add(list, rinfo);
189
190 if (rip_route_rte(rinfo)) {
191 rip_timeout_update(rip, rinfo);
192 rip_zebra_ipv4_add(rip, rp);
193 }
194
195 /* Set the route change flag on the first entry. */
196 rinfo = listgetdata(listhead(list));
197 SET_FLAG(rinfo->flags, RIP_RTF_CHANGED);
198
199 /* Signal the output process to trigger an update (see section 2.5). */
200 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
201
202 return rinfo;
203 }
204
205 /* Replace the ECMP list with the new route.
206 * RETURN: the new entry added in the list
207 */
rip_ecmp_replace(struct rip * rip,struct rip_info * rinfo_new)208 struct rip_info *rip_ecmp_replace(struct rip *rip, struct rip_info *rinfo_new)
209 {
210 struct route_node *rp = rinfo_new->rp;
211 struct list *list = (struct list *)rp->info;
212 struct rip_info *rinfo = NULL, *tmp_rinfo = NULL;
213 struct listnode *node = NULL, *nextnode = NULL;
214
215 if (list == NULL || listcount(list) == 0)
216 return rip_ecmp_add(rip, rinfo_new);
217
218 /* Get the first entry */
219 rinfo = listgetdata(listhead(list));
220
221 /* Learnt route replaced by a local one. Delete it from zebra. */
222 if (rip_route_rte(rinfo) && !rip_route_rte(rinfo_new))
223 if (CHECK_FLAG(rinfo->flags, RIP_RTF_FIB))
224 rip_zebra_ipv4_delete(rip, rp);
225
226 /* Re-use the first entry, and delete the others. */
227 for (ALL_LIST_ELEMENTS(list, node, nextnode, tmp_rinfo))
228 if (tmp_rinfo != rinfo) {
229 RIP_TIMER_OFF(tmp_rinfo->t_timeout);
230 RIP_TIMER_OFF(tmp_rinfo->t_garbage_collect);
231 list_delete_node(list, node);
232 rip_info_free(tmp_rinfo);
233 }
234
235 RIP_TIMER_OFF(rinfo->t_timeout);
236 RIP_TIMER_OFF(rinfo->t_garbage_collect);
237 memcpy(rinfo, rinfo_new, sizeof(struct rip_info));
238
239 if (rip_route_rte(rinfo)) {
240 rip_timeout_update(rip, rinfo);
241 /* The ADD message implies an update. */
242 rip_zebra_ipv4_add(rip, rp);
243 }
244
245 /* Set the route change flag. */
246 SET_FLAG(rinfo->flags, RIP_RTF_CHANGED);
247
248 /* Signal the output process to trigger an update (see section 2.5). */
249 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
250
251 return rinfo;
252 }
253
254 /* Delete one route from the ECMP list.
255 * RETURN:
256 * null - the entry is freed, and other entries exist in the list
257 * the entry - the entry is the last one in the list; its metric is set
258 * to INFINITY, and the garbage collector is started for it
259 */
rip_ecmp_delete(struct rip * rip,struct rip_info * rinfo)260 struct rip_info *rip_ecmp_delete(struct rip *rip, struct rip_info *rinfo)
261 {
262 struct route_node *rp = rinfo->rp;
263 struct list *list = (struct list *)rp->info;
264
265 RIP_TIMER_OFF(rinfo->t_timeout);
266
267 if (listcount(list) > 1) {
268 /* Some other ECMP entries still exist. Just delete this entry.
269 */
270 RIP_TIMER_OFF(rinfo->t_garbage_collect);
271 listnode_delete(list, rinfo);
272 if (rip_route_rte(rinfo)
273 && CHECK_FLAG(rinfo->flags, RIP_RTF_FIB))
274 /* The ADD message implies the update. */
275 rip_zebra_ipv4_add(rip, rp);
276 rip_info_free(rinfo);
277 rinfo = NULL;
278 } else {
279 assert(rinfo == listgetdata(listhead(list)));
280
281 /* This is the only entry left in the list. We must keep it in
282 * the list for garbage collection time, with INFINITY metric.
283 */
284
285 rinfo->metric = RIP_METRIC_INFINITY;
286 RIP_TIMER_ON(rinfo->t_garbage_collect, rip_garbage_collect,
287 rip->garbage_time);
288
289 if (rip_route_rte(rinfo)
290 && CHECK_FLAG(rinfo->flags, RIP_RTF_FIB))
291 rip_zebra_ipv4_delete(rip, rp);
292 }
293
294 /* Set the route change flag on the first entry. */
295 rinfo = listgetdata(listhead(list));
296 SET_FLAG(rinfo->flags, RIP_RTF_CHANGED);
297
298 /* Signal the output process to trigger an update (see section 2.5). */
299 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
300
301 return rinfo;
302 }
303
304 /* Timeout RIP routes. */
rip_timeout(struct thread * t)305 static int rip_timeout(struct thread *t)
306 {
307 struct rip_info *rinfo = THREAD_ARG(t);
308 struct rip *rip = rip_info_get_instance(rinfo);
309
310 rip_ecmp_delete(rip, rinfo);
311
312 return 0;
313 }
314
rip_timeout_update(struct rip * rip,struct rip_info * rinfo)315 static void rip_timeout_update(struct rip *rip, struct rip_info *rinfo)
316 {
317 if (rinfo->metric != RIP_METRIC_INFINITY) {
318 RIP_TIMER_OFF(rinfo->t_timeout);
319 thread_add_timer(master, rip_timeout, rinfo, rip->timeout_time,
320 &rinfo->t_timeout);
321 }
322 }
323
rip_filter(int rip_distribute,struct prefix_ipv4 * p,struct rip_interface * ri)324 static int rip_filter(int rip_distribute, struct prefix_ipv4 *p,
325 struct rip_interface *ri)
326 {
327 struct distribute *dist;
328 struct access_list *alist;
329 struct prefix_list *plist;
330 int distribute = rip_distribute == RIP_FILTER_OUT ? DISTRIBUTE_V4_OUT
331 : DISTRIBUTE_V4_IN;
332 const char *inout = rip_distribute == RIP_FILTER_OUT ? "out" : "in";
333
334 /* Input distribute-list filtering. */
335 if (ri->list[rip_distribute]) {
336 if (access_list_apply(ri->list[rip_distribute],
337 (struct prefix *)p)
338 == FILTER_DENY) {
339 if (IS_RIP_DEBUG_PACKET)
340 zlog_debug("%s/%d filtered by distribute %s",
341 inet_ntoa(p->prefix), p->prefixlen,
342 inout);
343 return -1;
344 }
345 }
346 if (ri->prefix[rip_distribute]) {
347 if (prefix_list_apply(ri->prefix[rip_distribute],
348 (struct prefix *)p)
349 == PREFIX_DENY) {
350 if (IS_RIP_DEBUG_PACKET)
351 zlog_debug("%s/%d filtered by prefix-list %s",
352 inet_ntoa(p->prefix), p->prefixlen,
353 inout);
354 return -1;
355 }
356 }
357
358 /* All interface filter check. */
359 dist = distribute_lookup(ri->rip->distribute_ctx, NULL);
360 if (dist) {
361 if (dist->list[distribute]) {
362 alist = access_list_lookup(AFI_IP,
363 dist->list[distribute]);
364
365 if (alist) {
366 if (access_list_apply(alist, (struct prefix *)p)
367 == FILTER_DENY) {
368 if (IS_RIP_DEBUG_PACKET)
369 zlog_debug(
370 "%s/%d filtered by distribute %s",
371 inet_ntoa(p->prefix),
372 p->prefixlen, inout);
373 return -1;
374 }
375 }
376 }
377 if (dist->prefix[distribute]) {
378 plist = prefix_list_lookup(AFI_IP,
379 dist->prefix[distribute]);
380
381 if (plist) {
382 if (prefix_list_apply(plist, (struct prefix *)p)
383 == PREFIX_DENY) {
384 if (IS_RIP_DEBUG_PACKET)
385 zlog_debug(
386 "%s/%d filtered by prefix-list %s",
387 inet_ntoa(p->prefix),
388 p->prefixlen, inout);
389 return -1;
390 }
391 }
392 }
393 }
394 return 0;
395 }
396
397 /* Check nexthop address validity. */
rip_nexthop_check(struct rip * rip,struct in_addr * addr)398 static int rip_nexthop_check(struct rip *rip, struct in_addr *addr)
399 {
400 struct interface *ifp;
401 struct listnode *cnode;
402 struct connected *ifc;
403 struct prefix *p;
404
405 /* If nexthop address matches local configured address then it is
406 invalid nexthop. */
407
408 FOR_ALL_INTERFACES (rip->vrf, ifp) {
409 for (ALL_LIST_ELEMENTS_RO(ifp->connected, cnode, ifc)) {
410 p = ifc->address;
411
412 if (p->family == AF_INET
413 && IPV4_ADDR_SAME(&p->u.prefix4, addr))
414 return -1;
415 }
416 }
417 return 0;
418 }
419
420 /* RIP add route to routing table. */
rip_rte_process(struct rte * rte,struct sockaddr_in * from,struct interface * ifp)421 static void rip_rte_process(struct rte *rte, struct sockaddr_in *from,
422 struct interface *ifp)
423 {
424 struct rip *rip;
425 int ret;
426 struct prefix_ipv4 p;
427 struct route_node *rp;
428 struct rip_info *rinfo = NULL, newinfo;
429 struct rip_interface *ri;
430 struct in_addr *nexthop;
431 int same = 0;
432 unsigned char old_dist, new_dist;
433 struct list *list = NULL;
434 struct listnode *node = NULL;
435
436 /* Make prefix structure. */
437 memset(&p, 0, sizeof(struct prefix_ipv4));
438 p.family = AF_INET;
439 p.prefix = rte->prefix;
440 p.prefixlen = ip_masklen(rte->mask);
441
442 /* Make sure mask is applied. */
443 apply_mask_ipv4(&p);
444
445 ri = ifp->info;
446 rip = ri->rip;
447
448 /* Apply input filters. */
449 ret = rip_filter(RIP_FILTER_IN, &p, ri);
450 if (ret < 0)
451 return;
452
453 memset(&newinfo, 0, sizeof(newinfo));
454 newinfo.type = ZEBRA_ROUTE_RIP;
455 newinfo.sub_type = RIP_ROUTE_RTE;
456 newinfo.nh.gate.ipv4 = rte->nexthop;
457 newinfo.from = from->sin_addr;
458 newinfo.nh.ifindex = ifp->ifindex;
459 newinfo.nh.type = NEXTHOP_TYPE_IPV4_IFINDEX;
460 newinfo.metric = rte->metric;
461 newinfo.metric_out = rte->metric; /* XXX */
462 newinfo.tag = ntohs(rte->tag); /* XXX */
463
464 /* Modify entry according to the interface routemap. */
465 if (ri->routemap[RIP_FILTER_IN]) {
466 /* The object should be of the type of rip_info */
467 ret = route_map_apply(ri->routemap[RIP_FILTER_IN],
468 (struct prefix *)&p, RMAP_RIP, &newinfo);
469
470 if (ret == RMAP_DENYMATCH) {
471 if (IS_RIP_DEBUG_PACKET)
472 zlog_debug(
473 "RIP %s/%d is filtered by route-map in",
474 inet_ntoa(p.prefix), p.prefixlen);
475 return;
476 }
477
478 /* Get back the object */
479 rte->nexthop = newinfo.nexthop_out;
480 rte->tag = htons(newinfo.tag_out); /* XXX */
481 rte->metric = newinfo.metric_out; /* XXX: the routemap uses the
482 metric_out field */
483 }
484
485 /* Once the entry has been validated, update the metric by
486 adding the cost of the network on wich the message
487 arrived. If the result is greater than infinity, use infinity
488 (RFC2453 Sec. 3.9.2) */
489 /* Zebra ripd can handle offset-list in. */
490 ret = rip_offset_list_apply_in(&p, ifp, &rte->metric);
491
492 /* If offset-list does not modify the metric use interface's
493 metric. */
494 if (!ret)
495 rte->metric += ifp->metric ? ifp->metric : 1;
496
497 if (rte->metric > RIP_METRIC_INFINITY)
498 rte->metric = RIP_METRIC_INFINITY;
499
500 /* Set nexthop pointer. */
501 if (rte->nexthop.s_addr == 0)
502 nexthop = &from->sin_addr;
503 else
504 nexthop = &rte->nexthop;
505
506 /* Check if nexthop address is myself, then do nothing. */
507 if (rip_nexthop_check(rip, nexthop) < 0) {
508 if (IS_RIP_DEBUG_PACKET)
509 zlog_debug("Nexthop address %s is myself",
510 inet_ntoa(*nexthop));
511 return;
512 }
513
514 /* Get index for the prefix. */
515 rp = route_node_get(rip->table, (struct prefix *)&p);
516
517 newinfo.rp = rp;
518 newinfo.nh.gate.ipv4 = *nexthop;
519 newinfo.nh.type = NEXTHOP_TYPE_IPV4;
520 newinfo.metric = rte->metric;
521 newinfo.tag = ntohs(rte->tag);
522 newinfo.distance = rip_distance_apply(rip, &newinfo);
523
524 new_dist = newinfo.distance ? newinfo.distance
525 : ZEBRA_RIP_DISTANCE_DEFAULT;
526
527 /* Check to see whether there is already RIP route on the table. */
528 if ((list = rp->info) != NULL)
529 for (ALL_LIST_ELEMENTS_RO(list, node, rinfo)) {
530 /* Need to compare with redistributed entry or local
531 * entry */
532 if (!rip_route_rte(rinfo))
533 break;
534
535 if (IPV4_ADDR_SAME(&rinfo->from, &from->sin_addr)
536 && IPV4_ADDR_SAME(&rinfo->nh.gate.ipv4, nexthop))
537 break;
538
539 if (!listnextnode(node)) {
540 /* Not found in the list */
541
542 if (rte->metric > rinfo->metric) {
543 /* New route has a greater metric.
544 * Discard it. */
545 route_unlock_node(rp);
546 return;
547 }
548
549 if (rte->metric < rinfo->metric)
550 /* New route has a smaller metric.
551 * Replace the ECMP list
552 * with the new one in below. */
553 break;
554
555 /* Metrics are same. We compare the distances.
556 */
557 old_dist = rinfo->distance
558 ? rinfo->distance
559 : ZEBRA_RIP_DISTANCE_DEFAULT;
560
561 if (new_dist > old_dist) {
562 /* New route has a greater distance.
563 * Discard it. */
564 route_unlock_node(rp);
565 return;
566 }
567
568 if (new_dist < old_dist)
569 /* New route has a smaller distance.
570 * Replace the ECMP list
571 * with the new one in below. */
572 break;
573
574 /* Metrics and distances are both same. Keep
575 * "rinfo" null and
576 * the new route is added in the ECMP list in
577 * below. */
578 }
579 }
580
581 if (rinfo) {
582 /* Local static route. */
583 if (rinfo->type == ZEBRA_ROUTE_RIP
584 && ((rinfo->sub_type == RIP_ROUTE_STATIC)
585 || (rinfo->sub_type == RIP_ROUTE_DEFAULT))
586 && rinfo->metric != RIP_METRIC_INFINITY) {
587 route_unlock_node(rp);
588 return;
589 }
590
591 /* Redistributed route check. */
592 if (rinfo->type != ZEBRA_ROUTE_RIP
593 && rinfo->metric != RIP_METRIC_INFINITY) {
594 old_dist = rinfo->distance;
595 /* Only routes directly connected to an interface
596 * (nexthop == 0)
597 * may have a valid NULL distance */
598 if (rinfo->nh.gate.ipv4.s_addr != 0)
599 old_dist = old_dist
600 ? old_dist
601 : ZEBRA_RIP_DISTANCE_DEFAULT;
602 /* If imported route does not have STRICT precedence,
603 mark it as a ghost */
604 if (new_dist <= old_dist
605 && rte->metric != RIP_METRIC_INFINITY)
606 rip_ecmp_replace(rip, &newinfo);
607
608 route_unlock_node(rp);
609 return;
610 }
611 }
612
613 if (!rinfo) {
614 if (rp->info)
615 route_unlock_node(rp);
616
617 /* Now, check to see whether there is already an explicit route
618 for the destination prefix. If there is no such route, add
619 this route to the routing table, unless the metric is
620 infinity (there is no point in adding a route which
621 unusable). */
622 if (rte->metric != RIP_METRIC_INFINITY)
623 rip_ecmp_add(rip, &newinfo);
624 } else {
625 /* Route is there but we are not sure the route is RIP or not.
626 */
627
628 /* If there is an existing route, compare the next hop address
629 to the address of the router from which the datagram came.
630 If this datagram is from the same router as the existing
631 route, reinitialize the timeout. */
632 same = (IPV4_ADDR_SAME(&rinfo->from, &from->sin_addr)
633 && (rinfo->nh.ifindex == ifp->ifindex));
634
635 old_dist = rinfo->distance ? rinfo->distance
636 : ZEBRA_RIP_DISTANCE_DEFAULT;
637
638 /* Next, compare the metrics. If the datagram is from the same
639 router as the existing route, and the new metric is different
640 than the old one; or, if the new metric is lower than the old
641 one, or if the tag has been changed; or if there is a route
642 with a lower administrave distance; or an update of the
643 distance on the actual route; do the following actions: */
644 if ((same && rinfo->metric != rte->metric)
645 || (rte->metric < rinfo->metric)
646 || ((same) && (rinfo->metric == rte->metric)
647 && (newinfo.tag != rinfo->tag))
648 || (old_dist > new_dist)
649 || ((old_dist != new_dist) && same)) {
650 if (listcount(list) == 1) {
651 if (newinfo.metric != RIP_METRIC_INFINITY)
652 rip_ecmp_replace(rip, &newinfo);
653 else
654 rip_ecmp_delete(rip, rinfo);
655 } else {
656 if (newinfo.metric < rinfo->metric)
657 rip_ecmp_replace(rip, &newinfo);
658 else if (newinfo.metric > rinfo->metric)
659 rip_ecmp_delete(rip, rinfo);
660 else if (new_dist < old_dist)
661 rip_ecmp_replace(rip, &newinfo);
662 else if (new_dist > old_dist)
663 rip_ecmp_delete(rip, rinfo);
664 else {
665 int update = CHECK_FLAG(rinfo->flags,
666 RIP_RTF_FIB)
667 ? 1
668 : 0;
669
670 assert(newinfo.metric
671 != RIP_METRIC_INFINITY);
672
673 RIP_TIMER_OFF(rinfo->t_timeout);
674 RIP_TIMER_OFF(rinfo->t_garbage_collect);
675 memcpy(rinfo, &newinfo,
676 sizeof(struct rip_info));
677 rip_timeout_update(rip, rinfo);
678
679 if (update)
680 rip_zebra_ipv4_add(rip, rp);
681
682 /* - Set the route change flag on the
683 * first entry. */
684 rinfo = listgetdata(listhead(list));
685 SET_FLAG(rinfo->flags, RIP_RTF_CHANGED);
686 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
687 }
688 }
689 } else /* same & no change */
690 rip_timeout_update(rip, rinfo);
691
692 /* Unlock tempolary lock of the route. */
693 route_unlock_node(rp);
694 }
695 }
696
697 /* Dump RIP packet */
rip_packet_dump(struct rip_packet * packet,int size,const char * sndrcv)698 static void rip_packet_dump(struct rip_packet *packet, int size,
699 const char *sndrcv)
700 {
701 caddr_t lim;
702 struct rte *rte;
703 const char *command_str;
704 char pbuf[BUFSIZ], nbuf[BUFSIZ];
705 uint8_t netmask = 0;
706 uint8_t *p;
707
708 /* Set command string. */
709 if (packet->command > 0 && packet->command < RIP_COMMAND_MAX)
710 command_str = lookup_msg(rip_msg, packet->command, NULL);
711 else
712 command_str = "unknown";
713
714 /* Dump packet header. */
715 zlog_debug("%s %s version %d packet size %d", sndrcv, command_str,
716 packet->version, size);
717
718 /* Dump each routing table entry. */
719 rte = packet->rte;
720
721 for (lim = (caddr_t)packet + size; (caddr_t)rte < lim; rte++) {
722 if (packet->version == RIPv2) {
723 netmask = ip_masklen(rte->mask);
724
725 if (rte->family == htons(RIP_FAMILY_AUTH)) {
726 if (rte->tag
727 == htons(RIP_AUTH_SIMPLE_PASSWORD)) {
728 p = (uint8_t *)&rte->prefix;
729
730 zlog_debug(
731 " family 0x%X type %d auth string: %s",
732 ntohs(rte->family),
733 ntohs(rte->tag), p);
734 } else if (rte->tag == htons(RIP_AUTH_MD5)) {
735 struct rip_md5_info *md5;
736
737 md5 = (struct rip_md5_info *)&packet
738 ->rte;
739
740 zlog_debug(
741 " family 0x%X type %d (MD5 authentication)",
742 ntohs(md5->family),
743 ntohs(md5->type));
744 zlog_debug(
745 " RIP-2 packet len %d Key ID %d Auth Data len %d",
746 ntohs(md5->packet_len),
747 md5->keyid, md5->auth_len);
748 zlog_debug(" Sequence Number %ld",
749 (unsigned long)ntohl(
750 md5->sequence));
751 } else if (rte->tag == htons(RIP_AUTH_DATA)) {
752 p = (uint8_t *)&rte->prefix;
753
754 zlog_debug(
755 " family 0x%X type %d (MD5 data)",
756 ntohs(rte->family),
757 ntohs(rte->tag));
758 zlog_debug(
759 " MD5: %02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
760 p[0], p[1], p[2], p[3], p[4],
761 p[5], p[6], p[7], p[8], p[9],
762 p[10], p[11], p[12], p[13],
763 p[14], p[15]);
764 } else {
765 zlog_debug(
766 " family 0x%X type %d (Unknown auth type)",
767 ntohs(rte->family),
768 ntohs(rte->tag));
769 }
770 } else
771 zlog_debug(
772 " %s/%d -> %s family %d tag %" ROUTE_TAG_PRI
773 " metric %ld",
774 inet_ntop(AF_INET, &rte->prefix, pbuf,
775 BUFSIZ),
776 netmask,
777 inet_ntop(AF_INET, &rte->nexthop, nbuf,
778 BUFSIZ),
779 ntohs(rte->family),
780 (route_tag_t)ntohs(rte->tag),
781 (unsigned long)ntohl(rte->metric));
782 } else {
783 zlog_debug(
784 " %s family %d tag %" ROUTE_TAG_PRI
785 " metric %ld",
786 inet_ntop(AF_INET, &rte->prefix, pbuf, BUFSIZ),
787 ntohs(rte->family),
788 (route_tag_t)ntohs(rte->tag),
789 (unsigned long)ntohl(rte->metric));
790 }
791 }
792 }
793
794 /* Check if the destination address is valid (unicast; not net 0
795 or 127) (RFC2453 Section 3.9.2 - Page 26). But we don't
796 check net 0 because we accept default route. */
rip_destination_check(struct in_addr addr)797 static int rip_destination_check(struct in_addr addr)
798 {
799 uint32_t destination;
800
801 /* Convert to host byte order. */
802 destination = ntohl(addr.s_addr);
803
804 if (IPV4_NET127(destination))
805 return 0;
806
807 /* Net 0 may match to the default route. */
808 if (IPV4_NET0(destination) && destination != 0)
809 return 0;
810
811 /* Unicast address must belong to class A, B, C. */
812 if (IN_CLASSA(destination))
813 return 1;
814 if (IN_CLASSB(destination))
815 return 1;
816 if (IN_CLASSC(destination))
817 return 1;
818
819 return 0;
820 }
821
822 /* RIP version 2 authentication. */
rip_auth_simple_password(struct rte * rte,struct sockaddr_in * from,struct interface * ifp)823 static int rip_auth_simple_password(struct rte *rte, struct sockaddr_in *from,
824 struct interface *ifp)
825 {
826 struct rip_interface *ri;
827 char *auth_str = (char *)rte + offsetof(struct rte, prefix);
828 int i;
829
830 /* reject passwords with zeros in the middle of the string */
831 for (i = strnlen(auth_str, 16); i < 16; i++) {
832 if (auth_str[i] != '\0')
833 return 0;
834 }
835
836 if (IS_RIP_DEBUG_EVENT)
837 zlog_debug("RIPv2 simple password authentication from %s",
838 inet_ntoa(from->sin_addr));
839
840 ri = ifp->info;
841
842 if (ri->auth_type != RIP_AUTH_SIMPLE_PASSWORD
843 || rte->tag != htons(RIP_AUTH_SIMPLE_PASSWORD))
844 return 0;
845
846 /* Simple password authentication. */
847 if (ri->auth_str) {
848 if (strncmp(auth_str, ri->auth_str, 16) == 0)
849 return 1;
850 }
851 if (ri->key_chain) {
852 struct keychain *keychain;
853 struct key *key;
854
855 keychain = keychain_lookup(ri->key_chain);
856 if (keychain == NULL || keychain->key == NULL)
857 return 0;
858
859 key = key_match_for_accept(keychain, auth_str);
860 if (key)
861 return 1;
862 }
863 return 0;
864 }
865
866 /* RIP version 2 authentication with MD5. */
rip_auth_md5(struct rip_packet * packet,struct sockaddr_in * from,int length,struct interface * ifp)867 static int rip_auth_md5(struct rip_packet *packet, struct sockaddr_in *from,
868 int length, struct interface *ifp)
869 {
870 struct rip_interface *ri;
871 struct rip_md5_info *md5;
872 struct rip_md5_data *md5data;
873 struct keychain *keychain;
874 struct key *key;
875 #ifdef CRYPTO_OPENSSL
876 EVP_MD_CTX *ctx;
877 #elif CRYPTO_INTERNAL
878 MD5_CTX ctx;
879 #endif
880 uint8_t digest[RIP_AUTH_MD5_SIZE];
881 uint16_t packet_len;
882 char auth_str[RIP_AUTH_MD5_SIZE] = {};
883
884 if (IS_RIP_DEBUG_EVENT)
885 zlog_debug("RIPv2 MD5 authentication from %s",
886 inet_ntoa(from->sin_addr));
887
888 ri = ifp->info;
889 md5 = (struct rip_md5_info *)&packet->rte;
890
891 /* Check auth type. */
892 if (ri->auth_type != RIP_AUTH_MD5 || md5->type != htons(RIP_AUTH_MD5))
893 return 0;
894
895 /* If the authentication length is less than 16, then it must be wrong
896 * for
897 * any interpretation of rfc2082. Some implementations also interpret
898 * this as RIP_HEADER_SIZE+ RIP_AUTH_MD5_SIZE, aka
899 * RIP_AUTH_MD5_COMPAT_SIZE.
900 */
901 if (!((md5->auth_len == RIP_AUTH_MD5_SIZE)
902 || (md5->auth_len == RIP_AUTH_MD5_COMPAT_SIZE))) {
903 if (IS_RIP_DEBUG_EVENT)
904 zlog_debug(
905 "RIPv2 MD5 authentication, strange authentication length field %d",
906 md5->auth_len);
907 return 0;
908 }
909
910 /* grab and verify check packet length */
911 packet_len = ntohs(md5->packet_len);
912
913 if (packet_len > (length - RIP_HEADER_SIZE - RIP_AUTH_MD5_SIZE)) {
914 if (IS_RIP_DEBUG_EVENT)
915 zlog_debug(
916 "RIPv2 MD5 authentication, packet length field %d greater than received length %d!",
917 md5->packet_len, length);
918 return 0;
919 }
920
921 /* retrieve authentication data */
922 md5data = (struct rip_md5_data *)(((uint8_t *)packet) + packet_len);
923
924 if (ri->key_chain) {
925 keychain = keychain_lookup(ri->key_chain);
926 if (keychain == NULL)
927 return 0;
928
929 key = key_lookup_for_accept(keychain, md5->keyid);
930 if (key == NULL || key->string == NULL)
931 return 0;
932
933 strlcpy(auth_str, key->string, sizeof(auth_str));
934 } else if (ri->auth_str)
935 strlcpy(auth_str, ri->auth_str, sizeof(auth_str));
936
937 if (auth_str[0] == 0)
938 return 0;
939
940 /* MD5 digest authentication. */
941 #ifdef CRYPTO_OPENSSL
942 unsigned int md5_size = RIP_AUTH_MD5_SIZE;
943 ctx = EVP_MD_CTX_new();
944 EVP_DigestInit(ctx, EVP_md5());
945 EVP_DigestUpdate(ctx, packet, packet_len + RIP_HEADER_SIZE);
946 EVP_DigestUpdate(ctx, auth_str, RIP_AUTH_MD5_SIZE);
947 EVP_DigestFinal(ctx, digest, &md5_size);
948 EVP_MD_CTX_free(ctx);
949 #elif CRYPTO_INTERNAL
950 memset(&ctx, 0, sizeof(ctx));
951 MD5Init(&ctx);
952 MD5Update(&ctx, packet, packet_len + RIP_HEADER_SIZE);
953 MD5Update(&ctx, auth_str, RIP_AUTH_MD5_SIZE);
954 MD5Final(digest, &ctx);
955 #endif
956
957 if (memcmp(md5data->digest, digest, RIP_AUTH_MD5_SIZE) == 0)
958 return packet_len;
959 else
960 return 0;
961 }
962
963 /* Pick correct auth string for sends, prepare auth_str buffer for use.
964 * (left justified and padded).
965 *
966 * presumes one of ri or key is valid, and that the auth strings they point
967 * to are nul terminated. If neither are present, auth_str will be fully
968 * zero padded.
969 *
970 */
rip_auth_prepare_str_send(struct rip_interface * ri,struct key * key,char * auth_str,int len)971 static void rip_auth_prepare_str_send(struct rip_interface *ri, struct key *key,
972 char *auth_str, int len)
973 {
974 assert(ri || key);
975
976 memset(auth_str, 0, len);
977 if (key && key->string)
978 strlcpy(auth_str, key->string, len);
979 else if (ri->auth_str)
980 strlcpy(auth_str, ri->auth_str, len);
981
982 return;
983 }
984
985 /* Write RIPv2 simple password authentication information
986 *
987 * auth_str is presumed to be 2 bytes and correctly prepared
988 * (left justified and zero padded).
989 */
rip_auth_simple_write(struct stream * s,char * auth_str,int len)990 static void rip_auth_simple_write(struct stream *s, char *auth_str, int len)
991 {
992 assert(s && len == RIP_AUTH_SIMPLE_SIZE);
993
994 stream_putw(s, RIP_FAMILY_AUTH);
995 stream_putw(s, RIP_AUTH_SIMPLE_PASSWORD);
996 stream_put(s, auth_str, RIP_AUTH_SIMPLE_SIZE);
997
998 return;
999 }
1000
1001 /* write RIPv2 MD5 "authentication header"
1002 * (uses the auth key data field)
1003 *
1004 * Digest offset field is set to 0.
1005 *
1006 * returns: offset of the digest offset field, which must be set when
1007 * length to the auth-data MD5 digest is known.
1008 */
rip_auth_md5_ah_write(struct stream * s,struct rip_interface * ri,struct key * key)1009 static size_t rip_auth_md5_ah_write(struct stream *s, struct rip_interface *ri,
1010 struct key *key)
1011 {
1012 size_t doff = 0;
1013
1014 assert(s && ri && ri->auth_type == RIP_AUTH_MD5);
1015
1016 /* MD5 authentication. */
1017 stream_putw(s, RIP_FAMILY_AUTH);
1018 stream_putw(s, RIP_AUTH_MD5);
1019
1020 /* MD5 AH digest offset field.
1021 *
1022 * Set to placeholder value here, to true value when RIP-2 Packet length
1023 * is known. Actual value is set in .....().
1024 */
1025 doff = stream_get_endp(s);
1026 stream_putw(s, 0);
1027
1028 /* Key ID. */
1029 if (key)
1030 stream_putc(s, key->index % 256);
1031 else
1032 stream_putc(s, 1);
1033
1034 /* Auth Data Len. Set 16 for MD5 authentication data. Older ripds
1035 * however expect RIP_HEADER_SIZE + RIP_AUTH_MD5_SIZE so we allow for
1036 * this
1037 * to be configurable.
1038 */
1039 stream_putc(s, ri->md5_auth_len);
1040
1041 /* Sequence Number (non-decreasing). */
1042 /* RFC2080: The value used in the sequence number is
1043 arbitrary, but two suggestions are the time of the
1044 message's creation or a simple message counter. */
1045 stream_putl(s, time(NULL));
1046
1047 /* Reserved field must be zero. */
1048 stream_putl(s, 0);
1049 stream_putl(s, 0);
1050
1051 return doff;
1052 }
1053
1054 /* If authentication is in used, write the appropriate header
1055 * returns stream offset to which length must later be written
1056 * or 0 if this is not required
1057 */
rip_auth_header_write(struct stream * s,struct rip_interface * ri,struct key * key,char * auth_str,int len)1058 static size_t rip_auth_header_write(struct stream *s, struct rip_interface *ri,
1059 struct key *key, char *auth_str, int len)
1060 {
1061 assert(ri->auth_type != RIP_NO_AUTH);
1062
1063 switch (ri->auth_type) {
1064 case RIP_AUTH_SIMPLE_PASSWORD:
1065 rip_auth_prepare_str_send(ri, key, auth_str, len);
1066 rip_auth_simple_write(s, auth_str, len);
1067 return 0;
1068 case RIP_AUTH_MD5:
1069 return rip_auth_md5_ah_write(s, ri, key);
1070 }
1071 assert(1);
1072 return 0;
1073 }
1074
1075 /* Write RIPv2 MD5 authentication data trailer */
rip_auth_md5_set(struct stream * s,struct rip_interface * ri,size_t doff,char * auth_str,int authlen)1076 static void rip_auth_md5_set(struct stream *s, struct rip_interface *ri,
1077 size_t doff, char *auth_str, int authlen)
1078 {
1079 unsigned long len;
1080 #ifdef CRYPTO_OPENSSL
1081 EVP_MD_CTX *ctx;
1082 #elif CRYPTO_INTERNAL
1083 MD5_CTX ctx;
1084 #endif
1085 unsigned char digest[RIP_AUTH_MD5_SIZE];
1086
1087 /* Make it sure this interface is configured as MD5
1088 authentication. */
1089 assert((ri->auth_type == RIP_AUTH_MD5)
1090 && (authlen == RIP_AUTH_MD5_SIZE));
1091 assert(doff > 0);
1092
1093 /* Get packet length. */
1094 len = stream_get_endp(s);
1095
1096 /* Check packet length. */
1097 if (len < (RIP_HEADER_SIZE + RIP_RTE_SIZE)) {
1098 flog_err(
1099 EC_RIP_PACKET,
1100 "rip_auth_md5_set(): packet length %ld is less than minimum length.",
1101 len);
1102 return;
1103 }
1104
1105 /* Set the digest offset length in the header */
1106 stream_putw_at(s, doff, len);
1107
1108 /* Set authentication data. */
1109 stream_putw(s, RIP_FAMILY_AUTH);
1110 stream_putw(s, RIP_AUTH_DATA);
1111
1112 /* Generate a digest for the RIP packet. */
1113 #ifdef CRYPTO_OPENSSL
1114 unsigned int md5_size = RIP_AUTH_MD5_SIZE;
1115 ctx = EVP_MD_CTX_new();
1116 EVP_DigestInit(ctx, EVP_md5());
1117 EVP_DigestUpdate(ctx, STREAM_DATA(s), stream_get_endp(s));
1118 EVP_DigestUpdate(ctx, auth_str, RIP_AUTH_MD5_SIZE);
1119 EVP_DigestFinal(ctx, digest, &md5_size);
1120 EVP_MD_CTX_free(ctx);
1121 #elif CRYPTO_INTERNAL
1122 memset(&ctx, 0, sizeof(ctx));
1123 MD5Init(&ctx);
1124 MD5Update(&ctx, STREAM_DATA(s), stream_get_endp(s));
1125 MD5Update(&ctx, auth_str, RIP_AUTH_MD5_SIZE);
1126 MD5Final(digest, &ctx);
1127 #endif
1128
1129 /* Copy the digest to the packet. */
1130 stream_write(s, digest, RIP_AUTH_MD5_SIZE);
1131 }
1132
1133 /* RIP routing information. */
rip_response_process(struct rip_packet * packet,int size,struct sockaddr_in * from,struct connected * ifc)1134 static void rip_response_process(struct rip_packet *packet, int size,
1135 struct sockaddr_in *from,
1136 struct connected *ifc)
1137 {
1138 struct rip_interface *ri = ifc->ifp->info;
1139 struct rip *rip = ri->rip;
1140 caddr_t lim;
1141 struct rte *rte;
1142 struct prefix_ipv4 ifaddr;
1143 struct prefix_ipv4 ifaddrclass;
1144 int subnetted;
1145
1146 memset(&ifaddr, 0, sizeof(ifaddr));
1147 /* We don't know yet. */
1148 subnetted = -1;
1149
1150 /* The Response must be ignored if it is not from the RIP
1151 port. (RFC2453 - Sec. 3.9.2)*/
1152 if (from->sin_port != htons(RIP_PORT_DEFAULT)) {
1153 zlog_info("response doesn't come from RIP port: %d",
1154 from->sin_port);
1155 rip_peer_bad_packet(rip, from);
1156 return;
1157 }
1158
1159 /* The datagram's IPv4 source address should be checked to see
1160 whether the datagram is from a valid neighbor; the source of the
1161 datagram must be on a directly connected network (RFC2453 - Sec.
1162 3.9.2) */
1163 if (if_lookup_address((void *)&from->sin_addr, AF_INET,
1164 rip->vrf->vrf_id)
1165 == NULL) {
1166 zlog_info(
1167 "This datagram doesn't came from a valid neighbor: %s",
1168 inet_ntoa(from->sin_addr));
1169 rip_peer_bad_packet(rip, from);
1170 return;
1171 }
1172
1173 /* It is also worth checking to see whether the response is from one
1174 of the router's own addresses. */
1175
1176 ; /* Alredy done in rip_read () */
1177
1178 /* Update RIP peer. */
1179 rip_peer_update(rip, from, packet->version);
1180
1181 /* Set RTE pointer. */
1182 rte = packet->rte;
1183
1184 for (lim = (caddr_t)packet + size; (caddr_t)rte < lim; rte++) {
1185 /* RIPv2 authentication check. */
1186 /* If the Address Family Identifier of the first (and only the
1187 first) entry in the message is 0xFFFF, then the remainder of
1188 the entry contains the authentication. */
1189 /* If the packet gets here it means authentication enabled */
1190 /* Check is done in rip_read(). So, just skipping it */
1191 if (packet->version == RIPv2 && rte == packet->rte
1192 && rte->family == htons(RIP_FAMILY_AUTH))
1193 continue;
1194
1195 if (rte->family != htons(AF_INET)) {
1196 /* Address family check. RIP only supports AF_INET. */
1197 zlog_info("Unsupported family %d from %s.",
1198 ntohs(rte->family),
1199 inet_ntoa(from->sin_addr));
1200 continue;
1201 }
1202
1203 /* - is the destination address valid (e.g., unicast; not net 0
1204 or 127) */
1205 if (!rip_destination_check(rte->prefix)) {
1206 zlog_info(
1207 "Network is net 0 or net 127 or it is not unicast network");
1208 rip_peer_bad_route(rip, from);
1209 continue;
1210 }
1211
1212 /* Convert metric value to host byte order. */
1213 rte->metric = ntohl(rte->metric);
1214
1215 /* - is the metric valid (i.e., between 1 and 16, inclusive) */
1216 if (!(rte->metric >= 1 && rte->metric <= 16)) {
1217 zlog_info("Route's metric is not in the 1-16 range.");
1218 rip_peer_bad_route(rip, from);
1219 continue;
1220 }
1221
1222 /* RIPv1 does not have nexthop value. */
1223 if (packet->version == RIPv1
1224 && rte->nexthop.s_addr != INADDR_ANY) {
1225 zlog_info("RIPv1 packet with nexthop value %s",
1226 inet_ntoa(rte->nexthop));
1227 rip_peer_bad_route(rip, from);
1228 continue;
1229 }
1230
1231 /* That is, if the provided information is ignored, a possibly
1232 sub-optimal, but absolutely valid, route may be taken. If
1233 the received Next Hop is not directly reachable, it should be
1234 treated as 0.0.0.0. */
1235 if (packet->version == RIPv2
1236 && rte->nexthop.s_addr != INADDR_ANY) {
1237 uint32_t addrval;
1238
1239 /* Multicast address check. */
1240 addrval = ntohl(rte->nexthop.s_addr);
1241 if (IN_CLASSD(addrval)) {
1242 zlog_info(
1243 "Nexthop %s is multicast address, skip this rte",
1244 inet_ntoa(rte->nexthop));
1245 continue;
1246 }
1247
1248 if (!if_lookup_address((void *)&rte->nexthop, AF_INET,
1249 rip->vrf->vrf_id)) {
1250 struct route_node *rn;
1251 struct rip_info *rinfo;
1252
1253 rn = route_node_match_ipv4(rip->table,
1254 &rte->nexthop);
1255
1256 if (rn) {
1257 rinfo = rn->info;
1258
1259 if (rinfo->type == ZEBRA_ROUTE_RIP
1260 && rinfo->sub_type
1261 == RIP_ROUTE_RTE) {
1262 if (IS_RIP_DEBUG_EVENT)
1263 zlog_debug(
1264 "Next hop %s is on RIP network. Set nexthop to the packet's originator",
1265 inet_ntoa(
1266 rte->nexthop));
1267 rte->nexthop = rinfo->from;
1268 } else {
1269 if (IS_RIP_DEBUG_EVENT)
1270 zlog_debug(
1271 "Next hop %s is not directly reachable. Treat it as 0.0.0.0",
1272 inet_ntoa(
1273 rte->nexthop));
1274 rte->nexthop.s_addr =
1275 INADDR_ANY;
1276 }
1277
1278 route_unlock_node(rn);
1279 } else {
1280 if (IS_RIP_DEBUG_EVENT)
1281 zlog_debug(
1282 "Next hop %s is not directly reachable. Treat it as 0.0.0.0",
1283 inet_ntoa(
1284 rte->nexthop));
1285 rte->nexthop.s_addr = INADDR_ANY;
1286 }
1287 }
1288 }
1289
1290 /* For RIPv1, there won't be a valid netmask.
1291
1292 This is a best guess at the masks. If everyone was using old
1293 Ciscos before the 'ip subnet zero' option, it would be almost
1294 right too :-)
1295
1296 Cisco summarize ripv1 advertisements to the classful boundary
1297 (/16 for class B's) except when the RIP packet does to inside
1298 the classful network in question. */
1299
1300 if ((packet->version == RIPv1
1301 && rte->prefix.s_addr != INADDR_ANY)
1302 || (packet->version == RIPv2
1303 && (rte->prefix.s_addr != INADDR_ANY
1304 && rte->mask.s_addr == INADDR_ANY))) {
1305 uint32_t destination;
1306
1307 if (subnetted == -1) {
1308 memcpy(&ifaddr, ifc->address,
1309 sizeof(struct prefix_ipv4));
1310 memcpy(&ifaddrclass, &ifaddr,
1311 sizeof(struct prefix_ipv4));
1312 apply_classful_mask_ipv4(&ifaddrclass);
1313 subnetted = 0;
1314 if (ifaddr.prefixlen > ifaddrclass.prefixlen)
1315 subnetted = 1;
1316 }
1317
1318 destination = ntohl(rte->prefix.s_addr);
1319
1320 if (IN_CLASSA(destination))
1321 masklen2ip(8, &rte->mask);
1322 else if (IN_CLASSB(destination))
1323 masklen2ip(16, &rte->mask);
1324 else if (IN_CLASSC(destination))
1325 masklen2ip(24, &rte->mask);
1326
1327 if (subnetted == 1)
1328 masklen2ip(ifaddrclass.prefixlen,
1329 (struct in_addr *)&destination);
1330 if ((subnetted == 1)
1331 && ((rte->prefix.s_addr & destination)
1332 == ifaddrclass.prefix.s_addr)) {
1333 masklen2ip(ifaddr.prefixlen, &rte->mask);
1334 if ((rte->prefix.s_addr & rte->mask.s_addr)
1335 != rte->prefix.s_addr)
1336 masklen2ip(32, &rte->mask);
1337 if (IS_RIP_DEBUG_EVENT)
1338 zlog_debug("Subnetted route %s",
1339 inet_ntoa(rte->prefix));
1340 } else {
1341 if ((rte->prefix.s_addr & rte->mask.s_addr)
1342 != rte->prefix.s_addr)
1343 continue;
1344 }
1345
1346 if (IS_RIP_DEBUG_EVENT) {
1347 zlog_debug("Resultant route %s",
1348 inet_ntoa(rte->prefix));
1349 zlog_debug("Resultant mask %s",
1350 inet_ntoa(rte->mask));
1351 }
1352 }
1353
1354 /* In case of RIPv2, if prefix in RTE is not netmask applied one
1355 ignore the entry. */
1356 if ((packet->version == RIPv2)
1357 && (rte->mask.s_addr != INADDR_ANY)
1358 && ((rte->prefix.s_addr & rte->mask.s_addr)
1359 != rte->prefix.s_addr)) {
1360 zlog_warn(
1361 "RIPv2 address %s is not mask /%d applied one",
1362 inet_ntoa(rte->prefix), ip_masklen(rte->mask));
1363 rip_peer_bad_route(rip, from);
1364 continue;
1365 }
1366
1367 /* Default route's netmask is ignored. */
1368 if (packet->version == RIPv2
1369 && (rte->prefix.s_addr == INADDR_ANY)
1370 && (rte->mask.s_addr != INADDR_ANY)) {
1371 if (IS_RIP_DEBUG_EVENT)
1372 zlog_debug(
1373 "Default route with non-zero netmask. Set zero to netmask");
1374 rte->mask.s_addr = INADDR_ANY;
1375 }
1376
1377 /* Routing table updates. */
1378 rip_rte_process(rte, from, ifc->ifp);
1379 }
1380 }
1381
1382 /* Make socket for RIP protocol. */
rip_create_socket(struct vrf * vrf)1383 int rip_create_socket(struct vrf *vrf)
1384 {
1385 int ret;
1386 int sock;
1387 struct sockaddr_in addr;
1388 const char *vrf_dev = NULL;
1389
1390 memset(&addr, 0, sizeof(struct sockaddr_in));
1391 addr.sin_family = AF_INET;
1392 addr.sin_addr.s_addr = INADDR_ANY;
1393 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
1394 addr.sin_len = sizeof(struct sockaddr_in);
1395 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
1396 /* sending port must always be the RIP port */
1397 addr.sin_port = htons(RIP_PORT_DEFAULT);
1398
1399 /* Make datagram socket. */
1400 if (vrf->vrf_id != VRF_DEFAULT)
1401 vrf_dev = vrf->name;
1402 frr_with_privs(&ripd_privs) {
1403 sock = vrf_socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP, vrf->vrf_id,
1404 vrf_dev);
1405 if (sock < 0) {
1406 flog_err_sys(EC_LIB_SOCKET,
1407 "Cannot create UDP socket: %s",
1408 safe_strerror(errno));
1409 return -1;
1410 }
1411 }
1412
1413 sockopt_broadcast(sock);
1414 sockopt_reuseaddr(sock);
1415 sockopt_reuseport(sock);
1416 setsockopt_ipv4_multicast_loop(sock, 0);
1417 #ifdef IPTOS_PREC_INTERNETCONTROL
1418 setsockopt_ipv4_tos(sock, IPTOS_PREC_INTERNETCONTROL);
1419 #endif
1420 setsockopt_so_recvbuf(sock, RIP_UDP_RCV_BUF);
1421
1422 frr_with_privs(&ripd_privs) {
1423 if ((ret = bind(sock, (struct sockaddr *)&addr, sizeof(addr)))
1424 < 0) {
1425 zlog_err("%s: Can't bind socket %d to %s port %d: %s",
1426 __func__, sock, inet_ntoa(addr.sin_addr),
1427 (int)ntohs(addr.sin_port),
1428 safe_strerror(errno));
1429
1430 close(sock);
1431 return ret;
1432 }
1433 }
1434
1435 return sock;
1436 }
1437
1438 /* RIP packet send to destination address, on interface denoted by
1439 * by connected argument. NULL to argument denotes destination should be
1440 * should be RIP multicast group
1441 */
rip_send_packet(uint8_t * buf,int size,struct sockaddr_in * to,struct connected * ifc)1442 static int rip_send_packet(uint8_t *buf, int size, struct sockaddr_in *to,
1443 struct connected *ifc)
1444 {
1445 struct rip_interface *ri;
1446 struct rip *rip;
1447 int ret;
1448 struct sockaddr_in sin;
1449 struct msghdr msg;
1450 struct iovec iov;
1451 #ifdef GNU_LINUX
1452 struct cmsghdr *cmsgptr;
1453 char adata[256] = {};
1454 struct in_pktinfo *pkt;
1455 #endif /* GNU_LINUX */
1456
1457 assert(ifc != NULL);
1458 ri = ifc->ifp->info;
1459 rip = ri->rip;
1460
1461 if (IS_RIP_DEBUG_PACKET) {
1462 #define ADDRESS_SIZE 20
1463 char dst[ADDRESS_SIZE];
1464
1465 if (to) {
1466 strlcpy(dst, inet_ntoa(to->sin_addr), sizeof(dst));
1467 } else {
1468 sin.sin_addr.s_addr = htonl(INADDR_RIP_GROUP);
1469 strlcpy(dst, inet_ntoa(sin.sin_addr), sizeof(dst));
1470 }
1471 #undef ADDRESS_SIZE
1472 zlog_debug("rip_send_packet %s > %s (%s)",
1473 inet_ntoa(ifc->address->u.prefix4), dst,
1474 ifc->ifp->name);
1475 }
1476
1477 if (CHECK_FLAG(ifc->flags, ZEBRA_IFA_SECONDARY)) {
1478 /*
1479 * ZEBRA_IFA_SECONDARY is set on linux when an interface is
1480 * configured
1481 * with multiple addresses on the same subnet: the first address
1482 * on the subnet is configured "primary", and all subsequent
1483 * addresses
1484 * on that subnet are treated as "secondary" addresses.
1485 * In order to avoid routing-table bloat on other rip listeners,
1486 * we do not send out RIP packets with ZEBRA_IFA_SECONDARY
1487 * source addrs.
1488 * XXX Since Linux is the only system for which the
1489 * ZEBRA_IFA_SECONDARY
1490 * flag is set, we would end up sending a packet for a
1491 * "secondary"
1492 * source address on non-linux systems.
1493 */
1494 if (IS_RIP_DEBUG_PACKET)
1495 zlog_debug("duplicate dropped");
1496 return 0;
1497 }
1498
1499 /* Make destination address. */
1500 memset(&sin, 0, sizeof(struct sockaddr_in));
1501 sin.sin_family = AF_INET;
1502 #ifdef HAVE_STRUCT_SOCKADDR_IN_SIN_LEN
1503 sin.sin_len = sizeof(struct sockaddr_in);
1504 #endif /* HAVE_STRUCT_SOCKADDR_IN_SIN_LEN */
1505
1506 /* When destination is specified, use it's port and address. */
1507 if (to) {
1508 sin.sin_port = to->sin_port;
1509 sin.sin_addr = to->sin_addr;
1510 } else {
1511 sin.sin_port = htons(RIP_PORT_DEFAULT);
1512 sin.sin_addr.s_addr = htonl(INADDR_RIP_GROUP);
1513
1514 rip_interface_multicast_set(rip->sock, ifc);
1515 }
1516
1517 memset(&msg, 0, sizeof(msg));
1518 msg.msg_name = (void *)&sin;
1519 msg.msg_namelen = sizeof(struct sockaddr_in);
1520 msg.msg_iov = &iov;
1521 msg.msg_iovlen = 1;
1522 iov.iov_base = buf;
1523 iov.iov_len = size;
1524
1525 #ifdef GNU_LINUX
1526 msg.msg_control = (void *)adata;
1527 msg.msg_controllen = CMSG_SPACE(sizeof(struct in_pktinfo));
1528
1529 cmsgptr = (struct cmsghdr *)adata;
1530 cmsgptr->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
1531 cmsgptr->cmsg_level = IPPROTO_IP;
1532 cmsgptr->cmsg_type = IP_PKTINFO;
1533 pkt = (struct in_pktinfo *)CMSG_DATA(cmsgptr);
1534 pkt->ipi_ifindex = ifc->ifp->ifindex;
1535 #endif /* GNU_LINUX */
1536
1537 ret = sendmsg(rip->sock, &msg, 0);
1538
1539 if (IS_RIP_DEBUG_EVENT)
1540 zlog_debug("SEND to %s.%d", inet_ntoa(sin.sin_addr),
1541 ntohs(sin.sin_port));
1542
1543 if (ret < 0)
1544 zlog_warn("can't send packet : %s", safe_strerror(errno));
1545
1546 return ret;
1547 }
1548
1549 /* Add redistributed route to RIP table. */
rip_redistribute_add(struct rip * rip,int type,int sub_type,struct prefix_ipv4 * p,struct nexthop * nh,unsigned int metric,unsigned char distance,route_tag_t tag)1550 void rip_redistribute_add(struct rip *rip, int type, int sub_type,
1551 struct prefix_ipv4 *p, struct nexthop *nh,
1552 unsigned int metric, unsigned char distance,
1553 route_tag_t tag)
1554 {
1555 int ret;
1556 struct route_node *rp = NULL;
1557 struct rip_info *rinfo = NULL, newinfo;
1558 struct list *list = NULL;
1559
1560 /* Redistribute route */
1561 ret = rip_destination_check(p->prefix);
1562 if (!ret)
1563 return;
1564
1565 rp = route_node_get(rip->table, (struct prefix *)p);
1566
1567 memset(&newinfo, 0, sizeof(struct rip_info));
1568 newinfo.type = type;
1569 newinfo.sub_type = sub_type;
1570 newinfo.metric = 1;
1571 newinfo.external_metric = metric;
1572 newinfo.distance = distance;
1573 if (tag <= UINT16_MAX) /* RIP only supports 16 bit tags */
1574 newinfo.tag = tag;
1575 newinfo.rp = rp;
1576 newinfo.nh = *nh;
1577
1578 if ((list = rp->info) != NULL && listcount(list) != 0) {
1579 rinfo = listgetdata(listhead(list));
1580
1581 if (rinfo->type == ZEBRA_ROUTE_CONNECT
1582 && rinfo->sub_type == RIP_ROUTE_INTERFACE
1583 && rinfo->metric != RIP_METRIC_INFINITY) {
1584 route_unlock_node(rp);
1585 return;
1586 }
1587
1588 /* Manually configured RIP route check. */
1589 if (rinfo->type == ZEBRA_ROUTE_RIP
1590 && ((rinfo->sub_type == RIP_ROUTE_STATIC)
1591 || (rinfo->sub_type == RIP_ROUTE_DEFAULT))) {
1592 if (type != ZEBRA_ROUTE_RIP
1593 || ((sub_type != RIP_ROUTE_STATIC)
1594 && (sub_type != RIP_ROUTE_DEFAULT))) {
1595 route_unlock_node(rp);
1596 return;
1597 }
1598 }
1599
1600 (void)rip_ecmp_replace(rip, &newinfo);
1601 route_unlock_node(rp);
1602 } else
1603 (void)rip_ecmp_add(rip, &newinfo);
1604
1605 if (IS_RIP_DEBUG_EVENT) {
1606 zlog_debug("Redistribute new prefix %s/%d",
1607 inet_ntoa(p->prefix), p->prefixlen);
1608 }
1609
1610 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
1611 }
1612
1613 /* Delete redistributed route from RIP table. */
rip_redistribute_delete(struct rip * rip,int type,int sub_type,struct prefix_ipv4 * p,ifindex_t ifindex)1614 void rip_redistribute_delete(struct rip *rip, int type, int sub_type,
1615 struct prefix_ipv4 *p, ifindex_t ifindex)
1616 {
1617 int ret;
1618 struct route_node *rp;
1619 struct rip_info *rinfo;
1620
1621 ret = rip_destination_check(p->prefix);
1622 if (!ret)
1623 return;
1624
1625 rp = route_node_lookup(rip->table, (struct prefix *)p);
1626 if (rp) {
1627 struct list *list = rp->info;
1628
1629 if (list != NULL && listcount(list) != 0) {
1630 rinfo = listgetdata(listhead(list));
1631 if (rinfo != NULL && rinfo->type == type
1632 && rinfo->sub_type == sub_type
1633 && rinfo->nh.ifindex == ifindex) {
1634 /* Perform poisoned reverse. */
1635 rinfo->metric = RIP_METRIC_INFINITY;
1636 RIP_TIMER_ON(rinfo->t_garbage_collect,
1637 rip_garbage_collect,
1638 rip->garbage_time);
1639 RIP_TIMER_OFF(rinfo->t_timeout);
1640 rinfo->flags |= RIP_RTF_CHANGED;
1641
1642 if (IS_RIP_DEBUG_EVENT)
1643 zlog_debug(
1644 "Poison %s/%d on the interface %s with an infinity metric [delete]",
1645 inet_ntoa(p->prefix),
1646 p->prefixlen,
1647 ifindex2ifname(
1648 ifindex,
1649 rip->vrf->vrf_id));
1650
1651 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
1652 }
1653 }
1654 route_unlock_node(rp);
1655 }
1656 }
1657
1658 /* Response to request called from rip_read ().*/
rip_request_process(struct rip_packet * packet,int size,struct sockaddr_in * from,struct connected * ifc)1659 static void rip_request_process(struct rip_packet *packet, int size,
1660 struct sockaddr_in *from, struct connected *ifc)
1661 {
1662 struct rip *rip;
1663 caddr_t lim;
1664 struct rte *rte;
1665 struct prefix_ipv4 p;
1666 struct route_node *rp;
1667 struct rip_info *rinfo;
1668 struct rip_interface *ri;
1669
1670 /* Does not reponse to the requests on the loopback interfaces */
1671 if (if_is_loopback(ifc->ifp))
1672 return;
1673
1674 /* Check RIP process is enabled on this interface. */
1675 ri = ifc->ifp->info;
1676 if (!ri->running)
1677 return;
1678 rip = ri->rip;
1679
1680 /* When passive interface is specified, suppress responses */
1681 if (ri->passive)
1682 return;
1683
1684 /* RIP peer update. */
1685 rip_peer_update(rip, from, packet->version);
1686
1687 lim = ((caddr_t)packet) + size;
1688 rte = packet->rte;
1689
1690 /* The Request is processed entry by entry. If there are no
1691 entries, no response is given. */
1692 if (lim == (caddr_t)rte)
1693 return;
1694
1695 /* There is one special case. If there is exactly one entry in the
1696 request, and it has an address family identifier of zero and a
1697 metric of infinity (i.e., 16), then this is a request to send the
1698 entire routing table. */
1699 if (lim == ((caddr_t)(rte + 1)) && ntohs(rte->family) == 0
1700 && ntohl(rte->metric) == RIP_METRIC_INFINITY) {
1701 /* All route with split horizon */
1702 rip_output_process(ifc, from, rip_all_route, packet->version);
1703 } else {
1704 if (ntohs(rte->family) != AF_INET)
1705 return;
1706
1707 /* Examine the list of RTEs in the Request one by one. For each
1708 entry, look up the destination in the router's routing
1709 database and, if there is a route, put that route's metric in
1710 the metric field of the RTE. If there is no explicit route
1711 to the specified destination, put infinity in the metric
1712 field. Once all the entries have been filled in, change the
1713 command from Request to Response and send the datagram back
1714 to the requestor. */
1715 p.family = AF_INET;
1716
1717 for (; ((caddr_t)rte) < lim; rte++) {
1718 p.prefix = rte->prefix;
1719 p.prefixlen = ip_masklen(rte->mask);
1720 apply_mask_ipv4(&p);
1721
1722 rp = route_node_lookup(rip->table, (struct prefix *)&p);
1723 if (rp) {
1724 rinfo = listgetdata(
1725 listhead((struct list *)rp->info));
1726 rte->metric = htonl(rinfo->metric);
1727 route_unlock_node(rp);
1728 } else
1729 rte->metric = htonl(RIP_METRIC_INFINITY);
1730 }
1731 packet->command = RIP_RESPONSE;
1732
1733 (void)rip_send_packet((uint8_t *)packet, size, from, ifc);
1734 }
1735 rip->counters.queries++;
1736 }
1737
1738 /* First entry point of RIP packet. */
rip_read(struct thread * t)1739 static int rip_read(struct thread *t)
1740 {
1741 struct rip *rip = THREAD_ARG(t);
1742 int sock;
1743 int ret;
1744 int rtenum;
1745 union rip_buf rip_buf;
1746 struct rip_packet *packet;
1747 struct sockaddr_in from;
1748 int len;
1749 int vrecv;
1750 socklen_t fromlen;
1751 struct interface *ifp = NULL;
1752 struct connected *ifc;
1753 struct rip_interface *ri;
1754 struct prefix p;
1755
1756 /* Fetch socket then register myself. */
1757 sock = THREAD_FD(t);
1758 rip->t_read = NULL;
1759
1760 /* Add myself to tne next event */
1761 rip_event(rip, RIP_READ, sock);
1762
1763 /* RIPd manages only IPv4. */
1764 memset(&from, 0, sizeof(struct sockaddr_in));
1765 fromlen = sizeof(struct sockaddr_in);
1766
1767 len = recvfrom(sock, (char *)&rip_buf.buf, sizeof(rip_buf.buf), 0,
1768 (struct sockaddr *)&from, &fromlen);
1769 if (len < 0) {
1770 zlog_info("recvfrom failed (VRF %s): %s", rip->vrf_name,
1771 safe_strerror(errno));
1772 return len;
1773 }
1774
1775 /* Check is this packet comming from myself? */
1776 if (if_check_address(rip, from.sin_addr)) {
1777 if (IS_RIP_DEBUG_PACKET)
1778 zlog_debug("ignore packet comes from myself (VRF %s)",
1779 rip->vrf_name);
1780 return -1;
1781 }
1782
1783 /* Which interface is this packet comes from. */
1784 ifc = if_lookup_address((void *)&from.sin_addr, AF_INET,
1785 rip->vrf->vrf_id);
1786 if (ifc)
1787 ifp = ifc->ifp;
1788
1789 /* RIP packet received */
1790 if (IS_RIP_DEBUG_EVENT)
1791 zlog_debug("RECV packet from %s port %d on %s (VRF %s)",
1792 inet_ntoa(from.sin_addr), ntohs(from.sin_port),
1793 ifp ? ifp->name : "unknown", rip->vrf_name);
1794
1795 /* If this packet come from unknown interface, ignore it. */
1796 if (ifp == NULL) {
1797 zlog_info(
1798 "rip_read: cannot find interface for packet from %s port %d (VRF %s)",
1799 inet_ntoa(from.sin_addr), ntohs(from.sin_port),
1800 rip->vrf_name);
1801 return -1;
1802 }
1803
1804 p.family = AF_INET;
1805 p.u.prefix4 = from.sin_addr;
1806 p.prefixlen = IPV4_MAX_BITLEN;
1807
1808 ifc = connected_lookup_prefix(ifp, &p);
1809
1810 if (ifc == NULL) {
1811 zlog_info(
1812 "rip_read: cannot find connected address for packet from %s port %d on interface %s (VRF %s)",
1813 inet_ntoa(from.sin_addr), ntohs(from.sin_port),
1814 ifp->name, rip->vrf_name);
1815 return -1;
1816 }
1817
1818 /* Packet length check. */
1819 if (len < RIP_PACKET_MINSIZ) {
1820 zlog_warn("packet size %d is smaller than minimum size %d", len,
1821 RIP_PACKET_MINSIZ);
1822 rip_peer_bad_packet(rip, &from);
1823 return len;
1824 }
1825 if (len > RIP_PACKET_MAXSIZ) {
1826 zlog_warn("packet size %d is larger than max size %d", len,
1827 RIP_PACKET_MAXSIZ);
1828 rip_peer_bad_packet(rip, &from);
1829 return len;
1830 }
1831
1832 /* Packet alignment check. */
1833 if ((len - RIP_PACKET_MINSIZ) % 20) {
1834 zlog_warn("packet size %d is wrong for RIP packet alignment",
1835 len);
1836 rip_peer_bad_packet(rip, &from);
1837 return len;
1838 }
1839
1840 /* Set RTE number. */
1841 rtenum = ((len - RIP_PACKET_MINSIZ) / 20);
1842
1843 /* For easy to handle. */
1844 packet = &rip_buf.rip_packet;
1845
1846 /* RIP version check. */
1847 if (packet->version == 0) {
1848 zlog_info("version 0 with command %d received.",
1849 packet->command);
1850 rip_peer_bad_packet(rip, &from);
1851 return -1;
1852 }
1853
1854 /* Dump RIP packet. */
1855 if (IS_RIP_DEBUG_RECV)
1856 rip_packet_dump(packet, len, "RECV");
1857
1858 /* RIP version adjust. This code should rethink now. RFC1058 says
1859 that "Version 1 implementations are to ignore this extra data and
1860 process only the fields specified in this document.". So RIPv3
1861 packet should be treated as RIPv1 ignoring must be zero field. */
1862 if (packet->version > RIPv2)
1863 packet->version = RIPv2;
1864
1865 /* Is RIP running or is this RIP neighbor ?*/
1866 ri = ifp->info;
1867 if (!ri->running && !rip_neighbor_lookup(rip, &from)) {
1868 if (IS_RIP_DEBUG_EVENT)
1869 zlog_debug("RIP is not enabled on interface %s.",
1870 ifp->name);
1871 rip_peer_bad_packet(rip, &from);
1872 return -1;
1873 }
1874
1875 /* RIP Version check. RFC2453, 4.6 and 5.1 */
1876 vrecv = ((ri->ri_receive == RI_RIP_UNSPEC) ? rip->version_recv
1877 : ri->ri_receive);
1878 if (vrecv == RI_RIP_VERSION_NONE
1879 || ((packet->version == RIPv1) && !(vrecv & RIPv1))
1880 || ((packet->version == RIPv2) && !(vrecv & RIPv2))) {
1881 if (IS_RIP_DEBUG_PACKET)
1882 zlog_debug(
1883 " packet's v%d doesn't fit to if version spec",
1884 packet->version);
1885 rip_peer_bad_packet(rip, &from);
1886 return -1;
1887 }
1888
1889 /* RFC2453 5.2 If the router is not configured to authenticate RIP-2
1890 messages, then RIP-1 and unauthenticated RIP-2 messages will be
1891 accepted; authenticated RIP-2 messages shall be discarded. */
1892 if ((ri->auth_type == RIP_NO_AUTH) && rtenum
1893 && (packet->version == RIPv2)
1894 && (packet->rte->family == htons(RIP_FAMILY_AUTH))) {
1895 if (IS_RIP_DEBUG_EVENT)
1896 zlog_debug(
1897 "packet RIPv%d is dropped because authentication disabled",
1898 packet->version);
1899 ripd_notif_send_auth_type_failure(ifp->name);
1900 rip_peer_bad_packet(rip, &from);
1901 return -1;
1902 }
1903
1904 /* RFC:
1905 If the router is configured to authenticate RIP-2 messages, then
1906 RIP-1 messages and RIP-2 messages which pass authentication
1907 testing shall be accepted; unauthenticated and failed
1908 authentication RIP-2 messages shall be discarded. For maximum
1909 security, RIP-1 messages should be ignored when authentication is
1910 in use (see section 4.1); otherwise, the routing information from
1911 authenticated messages will be propagated by RIP-1 routers in an
1912 unauthenticated manner.
1913 */
1914 /* We make an exception for RIPv1 REQUEST packets, to which we'll
1915 * always reply regardless of authentication settings, because:
1916 *
1917 * - if there other authorised routers on-link, the REQUESTor can
1918 * passively obtain the routing updates anyway
1919 * - if there are no other authorised routers on-link, RIP can
1920 * easily be disabled for the link to prevent giving out information
1921 * on state of this routers RIP routing table..
1922 *
1923 * I.e. if RIPv1 has any place anymore these days, it's as a very
1924 * simple way to distribute routing information (e.g. to embedded
1925 * hosts / appliances) and the ability to give out RIPv1
1926 * routing-information freely, while still requiring RIPv2
1927 * authentication for any RESPONSEs might be vaguely useful.
1928 */
1929 if (ri->auth_type != RIP_NO_AUTH && packet->version == RIPv1) {
1930 /* Discard RIPv1 messages other than REQUESTs */
1931 if (packet->command != RIP_REQUEST) {
1932 if (IS_RIP_DEBUG_PACKET)
1933 zlog_debug(
1934 "RIPv1 dropped because authentication enabled");
1935 ripd_notif_send_auth_type_failure(ifp->name);
1936 rip_peer_bad_packet(rip, &from);
1937 return -1;
1938 }
1939 } else if (ri->auth_type != RIP_NO_AUTH) {
1940 const char *auth_desc;
1941
1942 if (rtenum == 0) {
1943 /* There definitely is no authentication in the packet.
1944 */
1945 if (IS_RIP_DEBUG_PACKET)
1946 zlog_debug(
1947 "RIPv2 authentication failed: no auth RTE in packet");
1948 ripd_notif_send_auth_type_failure(ifp->name);
1949 rip_peer_bad_packet(rip, &from);
1950 return -1;
1951 }
1952
1953 /* First RTE must be an Authentication Family RTE */
1954 if (packet->rte->family != htons(RIP_FAMILY_AUTH)) {
1955 if (IS_RIP_DEBUG_PACKET)
1956 zlog_debug(
1957 "RIPv2 dropped because authentication enabled");
1958 ripd_notif_send_auth_type_failure(ifp->name);
1959 rip_peer_bad_packet(rip, &from);
1960 return -1;
1961 }
1962
1963 /* Check RIPv2 authentication. */
1964 switch (ntohs(packet->rte->tag)) {
1965 case RIP_AUTH_SIMPLE_PASSWORD:
1966 auth_desc = "simple";
1967 ret = rip_auth_simple_password(packet->rte, &from, ifp);
1968 break;
1969
1970 case RIP_AUTH_MD5:
1971 auth_desc = "MD5";
1972 ret = rip_auth_md5(packet, &from, len, ifp);
1973 /* Reset RIP packet length to trim MD5 data. */
1974 len = ret;
1975 break;
1976
1977 default:
1978 ret = 0;
1979 auth_desc = "unknown type";
1980 if (IS_RIP_DEBUG_PACKET)
1981 zlog_debug(
1982 "RIPv2 Unknown authentication type %d",
1983 ntohs(packet->rte->tag));
1984 }
1985
1986 if (ret) {
1987 if (IS_RIP_DEBUG_PACKET)
1988 zlog_debug("RIPv2 %s authentication success",
1989 auth_desc);
1990 } else {
1991 if (IS_RIP_DEBUG_PACKET)
1992 zlog_debug("RIPv2 %s authentication failure",
1993 auth_desc);
1994 ripd_notif_send_auth_failure(ifp->name);
1995 rip_peer_bad_packet(rip, &from);
1996 return -1;
1997 }
1998 }
1999
2000 /* Process each command. */
2001 switch (packet->command) {
2002 case RIP_RESPONSE:
2003 rip_response_process(packet, len, &from, ifc);
2004 break;
2005 case RIP_REQUEST:
2006 case RIP_POLL:
2007 rip_request_process(packet, len, &from, ifc);
2008 break;
2009 case RIP_TRACEON:
2010 case RIP_TRACEOFF:
2011 zlog_info(
2012 "Obsolete command %s received, please sent it to routed",
2013 lookup_msg(rip_msg, packet->command, NULL));
2014 rip_peer_bad_packet(rip, &from);
2015 break;
2016 case RIP_POLL_ENTRY:
2017 zlog_info("Obsolete command %s received",
2018 lookup_msg(rip_msg, packet->command, NULL));
2019 rip_peer_bad_packet(rip, &from);
2020 break;
2021 default:
2022 zlog_info("Unknown RIP command %d received", packet->command);
2023 rip_peer_bad_packet(rip, &from);
2024 break;
2025 }
2026
2027 return len;
2028 }
2029
2030 /* Write routing table entry to the stream and return next index of
2031 the routing table entry in the stream. */
rip_write_rte(int num,struct stream * s,struct prefix_ipv4 * p,uint8_t version,struct rip_info * rinfo)2032 static int rip_write_rte(int num, struct stream *s, struct prefix_ipv4 *p,
2033 uint8_t version, struct rip_info *rinfo)
2034 {
2035 struct in_addr mask;
2036
2037 /* Write routing table entry. */
2038 if (version == RIPv1) {
2039 stream_putw(s, AF_INET);
2040 stream_putw(s, 0);
2041 stream_put_ipv4(s, p->prefix.s_addr);
2042 stream_put_ipv4(s, 0);
2043 stream_put_ipv4(s, 0);
2044 stream_putl(s, rinfo->metric_out);
2045 } else {
2046 masklen2ip(p->prefixlen, &mask);
2047
2048 stream_putw(s, AF_INET);
2049 stream_putw(s, rinfo->tag_out);
2050 stream_put_ipv4(s, p->prefix.s_addr);
2051 stream_put_ipv4(s, mask.s_addr);
2052 stream_put_ipv4(s, rinfo->nexthop_out.s_addr);
2053 stream_putl(s, rinfo->metric_out);
2054 }
2055
2056 return ++num;
2057 }
2058
2059 /* Send update to the ifp or spcified neighbor. */
rip_output_process(struct connected * ifc,struct sockaddr_in * to,int route_type,uint8_t version)2060 void rip_output_process(struct connected *ifc, struct sockaddr_in *to,
2061 int route_type, uint8_t version)
2062 {
2063 struct rip *rip;
2064 int ret;
2065 struct stream *s;
2066 struct route_node *rp;
2067 struct rip_info *rinfo;
2068 struct rip_interface *ri;
2069 struct prefix_ipv4 *p;
2070 struct prefix_ipv4 classfull;
2071 struct prefix_ipv4 ifaddrclass;
2072 struct key *key = NULL;
2073 /* this might need to made dynamic if RIP ever supported auth methods
2074 with larger key string sizes */
2075 char auth_str[RIP_AUTH_SIMPLE_SIZE];
2076 size_t doff = 0; /* offset of digest offset field */
2077 int num = 0;
2078 int rtemax;
2079 int subnetted = 0;
2080 struct list *list = NULL;
2081 struct listnode *listnode = NULL;
2082
2083 /* Logging output event. */
2084 if (IS_RIP_DEBUG_EVENT) {
2085 if (to)
2086 zlog_debug("update routes to neighbor %s",
2087 inet_ntoa(to->sin_addr));
2088 else
2089 zlog_debug("update routes on interface %s ifindex %d",
2090 ifc->ifp->name, ifc->ifp->ifindex);
2091 }
2092
2093 /* Get RIP interface. */
2094 ri = ifc->ifp->info;
2095 rip = ri->rip;
2096
2097 /* Set output stream. */
2098 s = rip->obuf;
2099
2100 /* Reset stream and RTE counter. */
2101 stream_reset(s);
2102 rtemax = RIP_MAX_RTE;
2103
2104 /* If output interface is in simple password authentication mode, we
2105 need space for authentication data. */
2106 if (ri->auth_type == RIP_AUTH_SIMPLE_PASSWORD)
2107 rtemax -= 1;
2108
2109 /* If output interface is in MD5 authentication mode, we need space
2110 for authentication header and data. */
2111 if (ri->auth_type == RIP_AUTH_MD5)
2112 rtemax -= 2;
2113
2114 /* If output interface is in simple password authentication mode
2115 and string or keychain is specified we need space for auth. data */
2116 if (ri->auth_type != RIP_NO_AUTH) {
2117 if (ri->key_chain) {
2118 struct keychain *keychain;
2119
2120 keychain = keychain_lookup(ri->key_chain);
2121 if (keychain)
2122 key = key_lookup_for_send(keychain);
2123 }
2124 /* to be passed to auth functions later */
2125 rip_auth_prepare_str_send(ri, key, auth_str, sizeof(auth_str));
2126 if (strlen(auth_str) == 0)
2127 return;
2128 }
2129
2130 if (version == RIPv1) {
2131 memcpy(&ifaddrclass, ifc->address, sizeof(struct prefix_ipv4));
2132 apply_classful_mask_ipv4(&ifaddrclass);
2133 subnetted = 0;
2134 if (ifc->address->prefixlen > ifaddrclass.prefixlen)
2135 subnetted = 1;
2136 }
2137
2138 for (rp = route_top(rip->table); rp; rp = route_next(rp))
2139 if ((list = rp->info) != NULL && listcount(list) != 0) {
2140 rinfo = listgetdata(listhead(list));
2141 /* For RIPv1, if we are subnetted, output subnets in our
2142 * network */
2143 /* that have the same mask as the output "interface".
2144 * For other */
2145 /* networks, only the classfull version is output. */
2146
2147 if (version == RIPv1) {
2148 p = (struct prefix_ipv4 *)&rp->p;
2149
2150 if (IS_RIP_DEBUG_PACKET)
2151 zlog_debug(
2152 "RIPv1 mask check, %s/%d considered for output",
2153 inet_ntoa(rp->p.u.prefix4),
2154 rp->p.prefixlen);
2155
2156 if (subnetted
2157 && prefix_match(
2158 (struct prefix *)&ifaddrclass,
2159 &rp->p)) {
2160 if ((ifc->address->prefixlen
2161 != rp->p.prefixlen)
2162 && (rp->p.prefixlen != 32))
2163 continue;
2164 } else {
2165 memcpy(&classfull, &rp->p,
2166 sizeof(struct prefix_ipv4));
2167 apply_classful_mask_ipv4(&classfull);
2168 if (rp->p.u.prefix4.s_addr != 0
2169 && classfull.prefixlen
2170 != rp->p.prefixlen)
2171 continue;
2172 }
2173 if (IS_RIP_DEBUG_PACKET)
2174 zlog_debug(
2175 "RIPv1 mask check, %s/%d made it through",
2176 inet_ntoa(rp->p.u.prefix4),
2177 rp->p.prefixlen);
2178 } else
2179 p = (struct prefix_ipv4 *)&rp->p;
2180
2181 /* Apply output filters. */
2182 ret = rip_filter(RIP_FILTER_OUT, p, ri);
2183 if (ret < 0)
2184 continue;
2185
2186 /* Changed route only output. */
2187 if (route_type == rip_changed_route
2188 && (!(rinfo->flags & RIP_RTF_CHANGED)))
2189 continue;
2190
2191 /* Split horizon. */
2192 /* if (split_horizon == rip_split_horizon) */
2193 if (ri->split_horizon == RIP_SPLIT_HORIZON) {
2194 /*
2195 * We perform split horizon for RIP and
2196 * connected route.
2197 * For rip routes, we want to suppress the route
2198 * if we would
2199 * end up sending the route back on the
2200 * interface that we
2201 * learned it from, with a higher metric. For
2202 * connected routes,
2203 * we suppress the route if the prefix is a
2204 * subset of the
2205 * source address that we are going to use for
2206 * the packet
2207 * (in order to handle the case when multiple
2208 * subnets are
2209 * configured on the same interface).
2210 */
2211 int suppress = 0;
2212 struct rip_info *tmp_rinfo = NULL;
2213 struct connected *tmp_ifc = NULL;
2214
2215 for (ALL_LIST_ELEMENTS_RO(list, listnode,
2216 tmp_rinfo))
2217 if (tmp_rinfo->type == ZEBRA_ROUTE_RIP
2218 && tmp_rinfo->nh.ifindex
2219 == ifc->ifp->ifindex) {
2220 suppress = 1;
2221 break;
2222 }
2223
2224 if (!suppress
2225 && rinfo->type == ZEBRA_ROUTE_CONNECT) {
2226 for (ALL_LIST_ELEMENTS_RO(
2227 ifc->ifp->connected,
2228 listnode, tmp_ifc))
2229 if (prefix_match(
2230 (struct prefix *)p,
2231 tmp_ifc->address)) {
2232 suppress = 1;
2233 break;
2234 }
2235 }
2236
2237 if (suppress)
2238 continue;
2239 }
2240
2241 /* Preparation for route-map. */
2242 rinfo->metric_set = 0;
2243 rinfo->nexthop_out.s_addr = 0;
2244 rinfo->metric_out = rinfo->metric;
2245 rinfo->tag_out = rinfo->tag;
2246 rinfo->ifindex_out = ifc->ifp->ifindex;
2247
2248 /* In order to avoid some local loops,
2249 * if the RIP route has a nexthop via this interface,
2250 * keep the nexthop,
2251 * otherwise set it to 0. The nexthop should not be
2252 * propagated
2253 * beyond the local broadcast/multicast area in order
2254 * to avoid an IGP multi-level recursive look-up.
2255 * see (4.4)
2256 */
2257 if (rinfo->nh.ifindex == ifc->ifp->ifindex)
2258 rinfo->nexthop_out = rinfo->nh.gate.ipv4;
2259
2260 /* Interface route-map */
2261 if (ri->routemap[RIP_FILTER_OUT]) {
2262 ret = route_map_apply(
2263 ri->routemap[RIP_FILTER_OUT],
2264 (struct prefix *)p, RMAP_RIP, rinfo);
2265
2266 if (ret == RMAP_DENYMATCH) {
2267 if (IS_RIP_DEBUG_PACKET)
2268 zlog_debug(
2269 "RIP %s/%d is filtered by route-map out",
2270 inet_ntoa(p->prefix),
2271 p->prefixlen);
2272 continue;
2273 }
2274 }
2275
2276 /* Apply redistribute route map - continue, if deny */
2277 if (rip->redist[rinfo->type].route_map.name
2278 && rinfo->sub_type != RIP_ROUTE_INTERFACE) {
2279 ret = route_map_apply(
2280 rip->redist[rinfo->type].route_map.map,
2281 (struct prefix *)p, RMAP_RIP, rinfo);
2282
2283 if (ret == RMAP_DENYMATCH) {
2284 if (IS_RIP_DEBUG_PACKET)
2285 zlog_debug(
2286 "%s/%d is filtered by route-map",
2287 inet_ntoa(p->prefix),
2288 p->prefixlen);
2289 continue;
2290 }
2291 }
2292
2293 /* When route-map does not set metric. */
2294 if (!rinfo->metric_set) {
2295 /* If redistribute metric is set. */
2296 if (rip->redist[rinfo->type].metric_config
2297 && rinfo->metric != RIP_METRIC_INFINITY) {
2298 rinfo->metric_out =
2299 rip->redist[rinfo->type].metric;
2300 } else {
2301 /* If the route is not connected or
2302 localy generated
2303 one, use default-metric value*/
2304 if (rinfo->type != ZEBRA_ROUTE_RIP
2305 && rinfo->type
2306 != ZEBRA_ROUTE_CONNECT
2307 && rinfo->metric
2308 != RIP_METRIC_INFINITY)
2309 rinfo->metric_out =
2310 rip->default_metric;
2311 }
2312 }
2313
2314 /* Apply offset-list */
2315 if (rinfo->metric != RIP_METRIC_INFINITY)
2316 rip_offset_list_apply_out(p, ifc->ifp,
2317 &rinfo->metric_out);
2318
2319 if (rinfo->metric_out > RIP_METRIC_INFINITY)
2320 rinfo->metric_out = RIP_METRIC_INFINITY;
2321
2322 /* Perform split-horizon with poisoned reverse
2323 * for RIP and connected routes.
2324 **/
2325 if (ri->split_horizon
2326 == RIP_SPLIT_HORIZON_POISONED_REVERSE) {
2327 /*
2328 * We perform split horizon for RIP and
2329 * connected route.
2330 * For rip routes, we want to suppress the route
2331 * if we would
2332 * end up sending the route back on the
2333 * interface that we
2334 * learned it from, with a higher metric. For
2335 * connected routes,
2336 * we suppress the route if the prefix is a
2337 * subset of the
2338 * source address that we are going to use for
2339 * the packet
2340 * (in order to handle the case when multiple
2341 * subnets are
2342 * configured on the same interface).
2343 */
2344 struct rip_info *tmp_rinfo = NULL;
2345 struct connected *tmp_ifc = NULL;
2346
2347 for (ALL_LIST_ELEMENTS_RO(list, listnode,
2348 tmp_rinfo))
2349 if (tmp_rinfo->type == ZEBRA_ROUTE_RIP
2350 && tmp_rinfo->nh.ifindex
2351 == ifc->ifp->ifindex)
2352 rinfo->metric_out =
2353 RIP_METRIC_INFINITY;
2354
2355 if (rinfo->metric_out != RIP_METRIC_INFINITY
2356 && rinfo->type == ZEBRA_ROUTE_CONNECT) {
2357 for (ALL_LIST_ELEMENTS_RO(
2358 ifc->ifp->connected,
2359 listnode, tmp_ifc))
2360 if (prefix_match(
2361 (struct prefix *)p,
2362 tmp_ifc->address)) {
2363 rinfo->metric_out =
2364 RIP_METRIC_INFINITY;
2365 break;
2366 }
2367 }
2368 }
2369
2370 /* Prepare preamble, auth headers, if needs be */
2371 if (num == 0) {
2372 stream_putc(s, RIP_RESPONSE);
2373 stream_putc(s, version);
2374 stream_putw(s, 0);
2375
2376 /* auth header for !v1 && !no_auth */
2377 if ((ri->auth_type != RIP_NO_AUTH)
2378 && (version != RIPv1))
2379 doff = rip_auth_header_write(
2380 s, ri, key, auth_str,
2381 RIP_AUTH_SIMPLE_SIZE);
2382 }
2383
2384 /* Write RTE to the stream. */
2385 num = rip_write_rte(num, s, p, version, rinfo);
2386 if (num == rtemax) {
2387 if (version == RIPv2
2388 && ri->auth_type == RIP_AUTH_MD5)
2389 rip_auth_md5_set(s, ri, doff, auth_str,
2390 RIP_AUTH_SIMPLE_SIZE);
2391
2392 ret = rip_send_packet(STREAM_DATA(s),
2393 stream_get_endp(s), to,
2394 ifc);
2395
2396 if (ret >= 0 && IS_RIP_DEBUG_SEND)
2397 rip_packet_dump((struct rip_packet *)
2398 STREAM_DATA(s),
2399 stream_get_endp(s),
2400 "SEND");
2401 num = 0;
2402 stream_reset(s);
2403 }
2404 }
2405
2406 /* Flush unwritten RTE. */
2407 if (num != 0) {
2408 if (version == RIPv2 && ri->auth_type == RIP_AUTH_MD5)
2409 rip_auth_md5_set(s, ri, doff, auth_str,
2410 RIP_AUTH_SIMPLE_SIZE);
2411
2412 ret = rip_send_packet(STREAM_DATA(s), stream_get_endp(s), to,
2413 ifc);
2414
2415 if (ret >= 0 && IS_RIP_DEBUG_SEND)
2416 rip_packet_dump((struct rip_packet *)STREAM_DATA(s),
2417 stream_get_endp(s), "SEND");
2418 stream_reset(s);
2419 }
2420
2421 /* Statistics updates. */
2422 ri->sent_updates++;
2423 }
2424
2425 /* Send RIP packet to the interface. */
rip_update_interface(struct connected * ifc,uint8_t version,int route_type)2426 static void rip_update_interface(struct connected *ifc, uint8_t version,
2427 int route_type)
2428 {
2429 struct interface *ifp = ifc->ifp;
2430 struct rip_interface *ri = ifp->info;
2431 struct sockaddr_in to;
2432
2433 /* When RIP version is 2 and multicast enable interface. */
2434 if (version == RIPv2 && !ri->v2_broadcast && if_is_multicast(ifp)) {
2435 if (IS_RIP_DEBUG_EVENT)
2436 zlog_debug("multicast announce on %s ", ifp->name);
2437
2438 rip_output_process(ifc, NULL, route_type, version);
2439 return;
2440 }
2441
2442 /* If we can't send multicast packet, send it with unicast. */
2443 if (if_is_broadcast(ifp) || if_is_pointopoint(ifp)) {
2444 if (ifc->address->family == AF_INET) {
2445 /* Destination address and port setting. */
2446 memset(&to, 0, sizeof(struct sockaddr_in));
2447 if (ifc->destination)
2448 /* use specified broadcast or peer destination
2449 * addr */
2450 to.sin_addr = ifc->destination->u.prefix4;
2451 else if (ifc->address->prefixlen < IPV4_MAX_PREFIXLEN)
2452 /* calculate the appropriate broadcast address
2453 */
2454 to.sin_addr.s_addr = ipv4_broadcast_addr(
2455 ifc->address->u.prefix4.s_addr,
2456 ifc->address->prefixlen);
2457 else
2458 /* do not know where to send the packet */
2459 return;
2460 to.sin_port = htons(RIP_PORT_DEFAULT);
2461
2462 if (IS_RIP_DEBUG_EVENT)
2463 zlog_debug("%s announce to %s on %s",
2464 CONNECTED_PEER(ifc) ? "unicast"
2465 : "broadcast",
2466 inet_ntoa(to.sin_addr), ifp->name);
2467
2468 rip_output_process(ifc, &to, route_type, version);
2469 }
2470 }
2471 }
2472
2473 /* Update send to all interface and neighbor. */
rip_update_process(struct rip * rip,int route_type)2474 static void rip_update_process(struct rip *rip, int route_type)
2475 {
2476 struct listnode *ifnode, *ifnnode;
2477 struct connected *connected;
2478 struct interface *ifp;
2479 struct rip_interface *ri;
2480 struct route_node *rp;
2481 struct sockaddr_in to;
2482 struct prefix *p;
2483
2484 /* Send RIP update to each interface. */
2485 FOR_ALL_INTERFACES (rip->vrf, ifp) {
2486 if (if_is_loopback(ifp))
2487 continue;
2488
2489 if (!if_is_operative(ifp))
2490 continue;
2491
2492 /* Fetch RIP interface information. */
2493 ri = ifp->info;
2494
2495 /* When passive interface is specified, suppress announce to the
2496 interface. */
2497 if (ri->passive)
2498 continue;
2499
2500 if (ri->running) {
2501 /*
2502 * If there is no version configuration in the
2503 * interface,
2504 * use rip's version setting.
2505 */
2506 int vsend = ((ri->ri_send == RI_RIP_UNSPEC)
2507 ? rip->version_send
2508 : ri->ri_send);
2509
2510 if (IS_RIP_DEBUG_EVENT)
2511 zlog_debug("SEND UPDATE to %s ifindex %d",
2512 ifp->name, ifp->ifindex);
2513
2514 /* send update on each connected network */
2515 for (ALL_LIST_ELEMENTS(ifp->connected, ifnode, ifnnode,
2516 connected)) {
2517 if (connected->address->family == AF_INET) {
2518 if (vsend & RIPv1)
2519 rip_update_interface(
2520 connected, RIPv1,
2521 route_type);
2522 if ((vsend & RIPv2)
2523 && if_is_multicast(ifp))
2524 rip_update_interface(
2525 connected, RIPv2,
2526 route_type);
2527 }
2528 }
2529 }
2530 }
2531
2532 /* RIP send updates to each neighbor. */
2533 for (rp = route_top(rip->neighbor); rp; rp = route_next(rp))
2534 if (rp->info != NULL) {
2535 p = &rp->p;
2536
2537 connected = if_lookup_address(&p->u.prefix4, AF_INET,
2538 rip->vrf->vrf_id);
2539 if (!connected) {
2540 zlog_warn(
2541 "Neighbor %s doesn't have connected interface!",
2542 inet_ntoa(p->u.prefix4));
2543 continue;
2544 }
2545
2546 /* Set destination address and port */
2547 memset(&to, 0, sizeof(struct sockaddr_in));
2548 to.sin_addr = p->u.prefix4;
2549 to.sin_port = htons(RIP_PORT_DEFAULT);
2550
2551 /* RIP version is rip's configuration. */
2552 rip_output_process(connected, &to, route_type,
2553 rip->version_send);
2554 }
2555 }
2556
2557 /* RIP's periodical timer. */
rip_update(struct thread * t)2558 static int rip_update(struct thread *t)
2559 {
2560 struct rip *rip = THREAD_ARG(t);
2561
2562 /* Clear timer pointer. */
2563 rip->t_update = NULL;
2564
2565 if (IS_RIP_DEBUG_EVENT)
2566 zlog_debug("update timer fire!");
2567
2568 /* Process update output. */
2569 rip_update_process(rip, rip_all_route);
2570
2571 /* Triggered updates may be suppressed if a regular update is due by
2572 the time the triggered update would be sent. */
2573 RIP_TIMER_OFF(rip->t_triggered_interval);
2574 rip->trigger = 0;
2575
2576 /* Register myself. */
2577 rip_event(rip, RIP_UPDATE_EVENT, 0);
2578
2579 return 0;
2580 }
2581
2582 /* Walk down the RIP routing table then clear changed flag. */
rip_clear_changed_flag(struct rip * rip)2583 static void rip_clear_changed_flag(struct rip *rip)
2584 {
2585 struct route_node *rp;
2586 struct rip_info *rinfo = NULL;
2587 struct list *list = NULL;
2588 struct listnode *listnode = NULL;
2589
2590 for (rp = route_top(rip->table); rp; rp = route_next(rp))
2591 if ((list = rp->info) != NULL)
2592 for (ALL_LIST_ELEMENTS_RO(list, listnode, rinfo)) {
2593 UNSET_FLAG(rinfo->flags, RIP_RTF_CHANGED);
2594 /* This flag can be set only on the first entry.
2595 */
2596 break;
2597 }
2598 }
2599
2600 /* Triggered update interval timer. */
rip_triggered_interval(struct thread * t)2601 static int rip_triggered_interval(struct thread *t)
2602 {
2603 struct rip *rip = THREAD_ARG(t);
2604
2605 rip->t_triggered_interval = NULL;
2606
2607 if (rip->trigger) {
2608 rip->trigger = 0;
2609 rip_triggered_update(t);
2610 }
2611 return 0;
2612 }
2613
2614 /* Execute triggered update. */
rip_triggered_update(struct thread * t)2615 static int rip_triggered_update(struct thread *t)
2616 {
2617 struct rip *rip = THREAD_ARG(t);
2618 int interval;
2619
2620 /* Clear thred pointer. */
2621 rip->t_triggered_update = NULL;
2622
2623 /* Cancel interval timer. */
2624 RIP_TIMER_OFF(rip->t_triggered_interval);
2625 rip->trigger = 0;
2626
2627 /* Logging triggered update. */
2628 if (IS_RIP_DEBUG_EVENT)
2629 zlog_debug("triggered update!");
2630
2631 /* Split Horizon processing is done when generating triggered
2632 updates as well as normal updates (see section 2.6). */
2633 rip_update_process(rip, rip_changed_route);
2634
2635 /* Once all of the triggered updates have been generated, the route
2636 change flags should be cleared. */
2637 rip_clear_changed_flag(rip);
2638
2639 /* After a triggered update is sent, a timer should be set for a
2640 random interval between 1 and 5 seconds. If other changes that
2641 would trigger updates occur before the timer expires, a single
2642 update is triggered when the timer expires. */
2643 interval = (frr_weak_random() % 5) + 1;
2644
2645 rip->t_triggered_interval = NULL;
2646 thread_add_timer(master, rip_triggered_interval, rip, interval,
2647 &rip->t_triggered_interval);
2648
2649 return 0;
2650 }
2651
2652 /* Withdraw redistributed route. */
rip_redistribute_withdraw(struct rip * rip,int type)2653 void rip_redistribute_withdraw(struct rip *rip, int type)
2654 {
2655 struct route_node *rp;
2656 struct rip_info *rinfo = NULL;
2657 struct list *list = NULL;
2658
2659 for (rp = route_top(rip->table); rp; rp = route_next(rp))
2660 if ((list = rp->info) != NULL) {
2661 rinfo = listgetdata(listhead(list));
2662 if (rinfo->type == type
2663 && rinfo->sub_type != RIP_ROUTE_INTERFACE) {
2664 /* Perform poisoned reverse. */
2665 rinfo->metric = RIP_METRIC_INFINITY;
2666 RIP_TIMER_ON(rinfo->t_garbage_collect,
2667 rip_garbage_collect,
2668 rip->garbage_time);
2669 RIP_TIMER_OFF(rinfo->t_timeout);
2670 rinfo->flags |= RIP_RTF_CHANGED;
2671
2672 if (IS_RIP_DEBUG_EVENT) {
2673 struct prefix_ipv4 *p =
2674 (struct prefix_ipv4 *)&rp->p;
2675
2676 zlog_debug(
2677 "Poisone %s/%d on the interface %s with an infinity metric [withdraw]",
2678 inet_ntoa(p->prefix),
2679 p->prefixlen,
2680 ifindex2ifname(
2681 rinfo->nh.ifindex,
2682 rip->vrf->vrf_id));
2683 }
2684
2685 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
2686 }
2687 }
2688 }
2689
rip_lookup_by_vrf_id(vrf_id_t vrf_id)2690 struct rip *rip_lookup_by_vrf_id(vrf_id_t vrf_id)
2691 {
2692 struct vrf *vrf;
2693
2694 vrf = vrf_lookup_by_id(vrf_id);
2695 if (!vrf)
2696 return NULL;
2697
2698 return vrf->info;
2699 }
2700
rip_lookup_by_vrf_name(const char * vrf_name)2701 struct rip *rip_lookup_by_vrf_name(const char *vrf_name)
2702 {
2703 struct rip rip;
2704
2705 rip.vrf_name = (char *)vrf_name;
2706
2707 return RB_FIND(rip_instance_head, &rip_instances, &rip);
2708 }
2709
2710 /* Create new RIP instance and set it to global variable. */
rip_create(const char * vrf_name,struct vrf * vrf,int socket)2711 struct rip *rip_create(const char *vrf_name, struct vrf *vrf, int socket)
2712 {
2713 struct rip *rip;
2714
2715 rip = XCALLOC(MTYPE_RIP, sizeof(struct rip));
2716 rip->vrf_name = XSTRDUP(MTYPE_RIP_VRF_NAME, vrf_name);
2717
2718 /* Set initial value. */
2719 rip->ecmp = yang_get_default_bool("%s/allow-ecmp", RIP_INSTANCE);
2720 rip->default_metric =
2721 yang_get_default_uint8("%s/default-metric", RIP_INSTANCE);
2722 rip->distance =
2723 yang_get_default_uint8("%s/distance/default", RIP_INSTANCE);
2724 rip->passive_default =
2725 yang_get_default_bool("%s/passive-default", RIP_INSTANCE);
2726 rip->garbage_time = yang_get_default_uint32("%s/timers/flush-interval",
2727 RIP_INSTANCE);
2728 rip->timeout_time = yang_get_default_uint32(
2729 "%s/timers/holddown-interval", RIP_INSTANCE);
2730 rip->update_time = yang_get_default_uint32("%s/timers/update-interval",
2731 RIP_INSTANCE);
2732 rip->version_send =
2733 yang_get_default_enum("%s/version/send", RIP_INSTANCE);
2734 rip->version_recv =
2735 yang_get_default_enum("%s/version/receive", RIP_INSTANCE);
2736
2737 /* Initialize RIP data structures. */
2738 rip->table = route_table_init();
2739 route_table_set_info(rip->table, rip);
2740 rip->neighbor = route_table_init();
2741 rip->peer_list = list_new();
2742 rip->peer_list->cmp = (int (*)(void *, void *))rip_peer_list_cmp;
2743 rip->peer_list->del = rip_peer_list_del;
2744 rip->distance_table = route_table_init();
2745 rip->distance_table->cleanup = rip_distance_table_node_cleanup;
2746 rip->enable_interface = vector_init(1);
2747 rip->enable_network = route_table_init();
2748 rip->passive_nondefault = vector_init(1);
2749 rip->offset_list_master = list_new();
2750 rip->offset_list_master->cmp = (int (*)(void *, void *))offset_list_cmp;
2751 rip->offset_list_master->del = (void (*)(void *))offset_list_free;
2752
2753 /* Distribute list install. */
2754 rip->distribute_ctx = distribute_list_ctx_create(vrf);
2755 distribute_list_add_hook(rip->distribute_ctx, rip_distribute_update);
2756 distribute_list_delete_hook(rip->distribute_ctx, rip_distribute_update);
2757
2758 /* if rmap install. */
2759 rip->if_rmap_ctx = if_rmap_ctx_create(vrf_name);
2760 if_rmap_hook_add(rip->if_rmap_ctx, rip_if_rmap_update);
2761 if_rmap_hook_delete(rip->if_rmap_ctx, rip_if_rmap_update);
2762
2763 /* Make output stream. */
2764 rip->obuf = stream_new(1500);
2765
2766 /* Enable the routing instance if possible. */
2767 if (vrf && vrf_is_enabled(vrf))
2768 rip_instance_enable(rip, vrf, socket);
2769 else {
2770 rip->vrf = NULL;
2771 rip->sock = -1;
2772 }
2773
2774 RB_INSERT(rip_instance_head, &rip_instances, rip);
2775
2776 return rip;
2777 }
2778
2779 /* Sned RIP request to the destination. */
rip_request_send(struct sockaddr_in * to,struct interface * ifp,uint8_t version,struct connected * connected)2780 int rip_request_send(struct sockaddr_in *to, struct interface *ifp,
2781 uint8_t version, struct connected *connected)
2782 {
2783 struct rte *rte;
2784 struct rip_packet rip_packet;
2785 struct listnode *node, *nnode;
2786
2787 memset(&rip_packet, 0, sizeof(rip_packet));
2788
2789 rip_packet.command = RIP_REQUEST;
2790 rip_packet.version = version;
2791 rte = rip_packet.rte;
2792 rte->metric = htonl(RIP_METRIC_INFINITY);
2793
2794 if (connected) {
2795 /*
2796 * connected is only sent for ripv1 case, or when
2797 * interface does not support multicast. Caller loops
2798 * over each connected address for this case.
2799 */
2800 if (rip_send_packet((uint8_t *)&rip_packet, sizeof(rip_packet),
2801 to, connected)
2802 != sizeof(rip_packet))
2803 return -1;
2804 else
2805 return sizeof(rip_packet);
2806 }
2807
2808 /* send request on each connected network */
2809 for (ALL_LIST_ELEMENTS(ifp->connected, node, nnode, connected)) {
2810 struct prefix_ipv4 *p;
2811
2812 p = (struct prefix_ipv4 *)connected->address;
2813
2814 if (p->family != AF_INET)
2815 continue;
2816
2817 if (rip_send_packet((uint8_t *)&rip_packet, sizeof(rip_packet),
2818 to, connected)
2819 != sizeof(rip_packet))
2820 return -1;
2821 }
2822 return sizeof(rip_packet);
2823 }
2824
rip_update_jitter(unsigned long time)2825 static int rip_update_jitter(unsigned long time)
2826 {
2827 #define JITTER_BOUND 4
2828 /* We want to get the jitter to +/- 1/JITTER_BOUND the interval.
2829 Given that, we cannot let time be less than JITTER_BOUND seconds.
2830 The RIPv2 RFC says jitter should be small compared to
2831 update_time. We consider 1/JITTER_BOUND to be small.
2832 */
2833
2834 int jitter_input = time;
2835 int jitter;
2836
2837 if (jitter_input < JITTER_BOUND)
2838 jitter_input = JITTER_BOUND;
2839
2840 jitter = (((frr_weak_random() % ((jitter_input * 2) + 1))
2841 - jitter_input));
2842
2843 return jitter / JITTER_BOUND;
2844 }
2845
rip_event(struct rip * rip,enum rip_event event,int sock)2846 void rip_event(struct rip *rip, enum rip_event event, int sock)
2847 {
2848 int jitter = 0;
2849
2850 switch (event) {
2851 case RIP_READ:
2852 rip->t_read = NULL;
2853 thread_add_read(master, rip_read, rip, sock, &rip->t_read);
2854 break;
2855 case RIP_UPDATE_EVENT:
2856 RIP_TIMER_OFF(rip->t_update);
2857 jitter = rip_update_jitter(rip->update_time);
2858 thread_add_timer(master, rip_update, rip,
2859 sock ? 2 : rip->update_time + jitter,
2860 &rip->t_update);
2861 break;
2862 case RIP_TRIGGERED_UPDATE:
2863 if (rip->t_triggered_interval)
2864 rip->trigger = 1;
2865 else
2866 thread_add_event(master, rip_triggered_update, rip, 0,
2867 &rip->t_triggered_update);
2868 break;
2869 default:
2870 break;
2871 }
2872 }
2873
2874 #if 0
2875 static void
2876 rip_update_default_metric (void)
2877 {
2878 struct route_node *np;
2879 struct rip_info *rinfo = NULL;
2880 struct list *list = NULL;
2881 struct listnode *listnode = NULL;
2882
2883 for (np = route_top (rip->table); np; np = route_next (np))
2884 if ((list = np->info) != NULL)
2885 for (ALL_LIST_ELEMENTS_RO (list, listnode, rinfo))
2886 if (rinfo->type != ZEBRA_ROUTE_RIP && rinfo->type != ZEBRA_ROUTE_CONNECT)
2887 rinfo->metric = rip->default_metric;
2888 }
2889 #endif
2890
rip_distance_new(void)2891 struct rip_distance *rip_distance_new(void)
2892 {
2893 return XCALLOC(MTYPE_RIP_DISTANCE, sizeof(struct rip_distance));
2894 }
2895
rip_distance_free(struct rip_distance * rdistance)2896 void rip_distance_free(struct rip_distance *rdistance)
2897 {
2898 if (rdistance->access_list)
2899 free(rdistance->access_list);
2900 XFREE(MTYPE_RIP_DISTANCE, rdistance);
2901 }
2902
rip_distance_table_node_cleanup(struct route_table * table,struct route_node * node)2903 static void rip_distance_table_node_cleanup(struct route_table *table,
2904 struct route_node *node)
2905 {
2906 struct rip_distance *rdistance;
2907
2908 rdistance = node->info;
2909 if (rdistance)
2910 rip_distance_free(rdistance);
2911 }
2912
2913 /* Apply RIP information to distance method. */
rip_distance_apply(struct rip * rip,struct rip_info * rinfo)2914 uint8_t rip_distance_apply(struct rip *rip, struct rip_info *rinfo)
2915 {
2916 struct route_node *rn;
2917 struct prefix_ipv4 p;
2918 struct rip_distance *rdistance;
2919 struct access_list *alist;
2920
2921 memset(&p, 0, sizeof(struct prefix_ipv4));
2922 p.family = AF_INET;
2923 p.prefix = rinfo->from;
2924 p.prefixlen = IPV4_MAX_BITLEN;
2925
2926 /* Check source address. */
2927 rn = route_node_match(rip->distance_table, (struct prefix *)&p);
2928 if (rn) {
2929 rdistance = rn->info;
2930 route_unlock_node(rn);
2931
2932 if (rdistance->access_list) {
2933 alist = access_list_lookup(AFI_IP,
2934 rdistance->access_list);
2935 if (alist == NULL)
2936 return 0;
2937 if (access_list_apply(alist, &rinfo->rp->p)
2938 == FILTER_DENY)
2939 return 0;
2940
2941 return rdistance->distance;
2942 } else
2943 return rdistance->distance;
2944 }
2945
2946 if (rip->distance)
2947 return rip->distance;
2948
2949 return 0;
2950 }
2951
rip_distance_show(struct vty * vty,struct rip * rip)2952 static void rip_distance_show(struct vty *vty, struct rip *rip)
2953 {
2954 struct route_node *rn;
2955 struct rip_distance *rdistance;
2956 int header = 1;
2957 char buf[BUFSIZ];
2958
2959 vty_out(vty, " Distance: (default is %u)\n",
2960 rip->distance ? rip->distance : ZEBRA_RIP_DISTANCE_DEFAULT);
2961
2962 for (rn = route_top(rip->distance_table); rn; rn = route_next(rn))
2963 if ((rdistance = rn->info) != NULL) {
2964 if (header) {
2965 vty_out(vty,
2966 " Address Distance List\n");
2967 header = 0;
2968 }
2969 snprintf(buf, sizeof(buf), "%s/%d",
2970 inet_ntoa(rn->p.u.prefix4), rn->p.prefixlen);
2971 vty_out(vty, " %-20s %4d %s\n", buf,
2972 rdistance->distance,
2973 rdistance->access_list ? rdistance->access_list
2974 : "");
2975 }
2976 }
2977
2978 /* Update ECMP routes to zebra when ECMP is disabled. */
rip_ecmp_disable(struct rip * rip)2979 void rip_ecmp_disable(struct rip *rip)
2980 {
2981 struct route_node *rp;
2982 struct rip_info *rinfo, *tmp_rinfo;
2983 struct list *list;
2984 struct listnode *node, *nextnode;
2985
2986 for (rp = route_top(rip->table); rp; rp = route_next(rp))
2987 if ((list = rp->info) != NULL && listcount(list) > 1) {
2988 rinfo = listgetdata(listhead(list));
2989 if (!rip_route_rte(rinfo))
2990 continue;
2991
2992 /* Drop all other entries, except the first one. */
2993 for (ALL_LIST_ELEMENTS(list, node, nextnode, tmp_rinfo))
2994 if (tmp_rinfo != rinfo) {
2995 RIP_TIMER_OFF(tmp_rinfo->t_timeout);
2996 RIP_TIMER_OFF(
2997 tmp_rinfo->t_garbage_collect);
2998 list_delete_node(list, node);
2999 rip_info_free(tmp_rinfo);
3000 }
3001
3002 /* Update zebra. */
3003 rip_zebra_ipv4_add(rip, rp);
3004
3005 /* Set the route change flag. */
3006 SET_FLAG(rinfo->flags, RIP_RTF_CHANGED);
3007
3008 /* Signal the output process to trigger an update. */
3009 rip_event(rip, RIP_TRIGGERED_UPDATE, 0);
3010 }
3011 }
3012
3013 /* Print out routes update time. */
rip_vty_out_uptime(struct vty * vty,struct rip_info * rinfo)3014 static void rip_vty_out_uptime(struct vty *vty, struct rip_info *rinfo)
3015 {
3016 time_t clock;
3017 struct tm tm;
3018 #define TIME_BUF 25
3019 char timebuf[TIME_BUF];
3020 struct thread *thread;
3021
3022 if ((thread = rinfo->t_timeout) != NULL) {
3023 clock = thread_timer_remain_second(thread);
3024 gmtime_r(&clock, &tm);
3025 strftime(timebuf, TIME_BUF, "%M:%S", &tm);
3026 vty_out(vty, "%5s", timebuf);
3027 } else if ((thread = rinfo->t_garbage_collect) != NULL) {
3028 clock = thread_timer_remain_second(thread);
3029 gmtime_r(&clock, &tm);
3030 strftime(timebuf, TIME_BUF, "%M:%S", &tm);
3031 vty_out(vty, "%5s", timebuf);
3032 }
3033 }
3034
rip_route_type_print(int sub_type)3035 static const char *rip_route_type_print(int sub_type)
3036 {
3037 switch (sub_type) {
3038 case RIP_ROUTE_RTE:
3039 return "n";
3040 case RIP_ROUTE_STATIC:
3041 return "s";
3042 case RIP_ROUTE_DEFAULT:
3043 return "d";
3044 case RIP_ROUTE_REDISTRIBUTE:
3045 return "r";
3046 case RIP_ROUTE_INTERFACE:
3047 return "i";
3048 default:
3049 return "?";
3050 }
3051 }
3052
3053 DEFUN (show_ip_rip,
3054 show_ip_rip_cmd,
3055 "show ip rip [vrf NAME]",
3056 SHOW_STR
3057 IP_STR
3058 "Show RIP routes\n"
3059 VRF_CMD_HELP_STR)
3060 {
3061 struct rip *rip;
3062 struct route_node *np;
3063 struct rip_info *rinfo = NULL;
3064 struct list *list = NULL;
3065 struct listnode *listnode = NULL;
3066 const char *vrf_name;
3067 int idx = 0;
3068
3069 if (argv_find(argv, argc, "vrf", &idx))
3070 vrf_name = argv[idx + 1]->arg;
3071 else
3072 vrf_name = VRF_DEFAULT_NAME;
3073
3074 rip = rip_lookup_by_vrf_name(vrf_name);
3075 if (!rip) {
3076 vty_out(vty, "%% RIP instance not found\n");
3077 return CMD_SUCCESS;
3078 }
3079 if (!rip->enabled) {
3080 vty_out(vty, "%% RIP instance is disabled\n");
3081 return CMD_SUCCESS;
3082 }
3083
3084 vty_out(vty,
3085 "Codes: R - RIP, C - connected, S - Static, O - OSPF, B - BGP\n"
3086 "Sub-codes:\n"
3087 " (n) - normal, (s) - static, (d) - default, (r) - redistribute,\n"
3088 " (i) - interface\n\n"
3089 " Network Next Hop Metric From Tag Time\n");
3090
3091 for (np = route_top(rip->table); np; np = route_next(np))
3092 if ((list = np->info) != NULL)
3093 for (ALL_LIST_ELEMENTS_RO(list, listnode, rinfo)) {
3094 int len;
3095
3096 len = vty_out(
3097 vty, "%c(%s) %s/%d",
3098 /* np->lock, For debugging. */
3099 zebra_route_char(rinfo->type),
3100 rip_route_type_print(rinfo->sub_type),
3101 inet_ntoa(np->p.u.prefix4),
3102 np->p.prefixlen);
3103
3104 len = 24 - len;
3105
3106 if (len > 0)
3107 vty_out(vty, "%*s", len, " ");
3108
3109 switch (rinfo->nh.type) {
3110 case NEXTHOP_TYPE_IPV4:
3111 case NEXTHOP_TYPE_IPV4_IFINDEX:
3112 vty_out(vty, "%-20s %2d ",
3113 inet_ntoa(rinfo->nh.gate.ipv4),
3114 rinfo->metric);
3115 break;
3116 case NEXTHOP_TYPE_IFINDEX:
3117 vty_out(vty,
3118 "0.0.0.0 %2d ",
3119 rinfo->metric);
3120 break;
3121 case NEXTHOP_TYPE_BLACKHOLE:
3122 vty_out(vty,
3123 "blackhole %2d ",
3124 rinfo->metric);
3125 break;
3126 case NEXTHOP_TYPE_IPV6:
3127 case NEXTHOP_TYPE_IPV6_IFINDEX:
3128 vty_out(vty,
3129 "V6 Address Hidden %2d ",
3130 rinfo->metric);
3131 break;
3132 }
3133
3134 /* Route which exist in kernel routing table. */
3135 if ((rinfo->type == ZEBRA_ROUTE_RIP)
3136 && (rinfo->sub_type == RIP_ROUTE_RTE)) {
3137 vty_out(vty, "%-15s ",
3138 inet_ntoa(rinfo->from));
3139 vty_out(vty, "%3" ROUTE_TAG_PRI " ",
3140 (route_tag_t)rinfo->tag);
3141 rip_vty_out_uptime(vty, rinfo);
3142 } else if (rinfo->metric
3143 == RIP_METRIC_INFINITY) {
3144 vty_out(vty, "self ");
3145 vty_out(vty, "%3" ROUTE_TAG_PRI " ",
3146 (route_tag_t)rinfo->tag);
3147 rip_vty_out_uptime(vty, rinfo);
3148 } else {
3149 if (rinfo->external_metric) {
3150 len = vty_out(
3151 vty, "self (%s:%d)",
3152 zebra_route_string(
3153 rinfo->type),
3154 rinfo->external_metric);
3155 len = 16 - len;
3156 if (len > 0)
3157 vty_out(vty, "%*s", len,
3158 " ");
3159 } else
3160 vty_out(vty,
3161 "self ");
3162 vty_out(vty, "%3" ROUTE_TAG_PRI,
3163 (route_tag_t)rinfo->tag);
3164 }
3165
3166 vty_out(vty, "\n");
3167 }
3168 return CMD_SUCCESS;
3169 }
3170
3171 /* Vincent: formerly, it was show_ip_protocols_rip: "show ip protocols" */
3172 DEFUN (show_ip_rip_status,
3173 show_ip_rip_status_cmd,
3174 "show ip rip [vrf NAME] status",
3175 SHOW_STR
3176 IP_STR
3177 "Show RIP routes\n"
3178 VRF_CMD_HELP_STR
3179 "IP routing protocol process parameters and statistics\n")
3180 {
3181 struct rip *rip;
3182 struct interface *ifp;
3183 struct rip_interface *ri;
3184 extern const struct message ri_version_msg[];
3185 const char *send_version;
3186 const char *receive_version;
3187 const char *vrf_name;
3188 int idx = 0;
3189
3190 if (argv_find(argv, argc, "vrf", &idx))
3191 vrf_name = argv[idx + 1]->arg;
3192 else
3193 vrf_name = VRF_DEFAULT_NAME;
3194
3195 rip = rip_lookup_by_vrf_name(vrf_name);
3196 if (!rip) {
3197 vty_out(vty, "%% RIP instance not found\n");
3198 return CMD_SUCCESS;
3199 }
3200 if (!rip->enabled) {
3201 vty_out(vty, "%% RIP instance is disabled\n");
3202 return CMD_SUCCESS;
3203 }
3204
3205 vty_out(vty, "Routing Protocol is \"rip\"\n");
3206 vty_out(vty, " Sending updates every %u seconds with +/-50%%,",
3207 rip->update_time);
3208 vty_out(vty, " next due in %lu seconds\n",
3209 thread_timer_remain_second(rip->t_update));
3210 vty_out(vty, " Timeout after %u seconds,", rip->timeout_time);
3211 vty_out(vty, " garbage collect after %u seconds\n", rip->garbage_time);
3212
3213 /* Filtering status show. */
3214 config_show_distribute(vty, rip->distribute_ctx);
3215
3216 /* Default metric information. */
3217 vty_out(vty, " Default redistribution metric is %u\n",
3218 rip->default_metric);
3219
3220 /* Redistribute information. */
3221 vty_out(vty, " Redistributing:");
3222 rip_show_redistribute_config(vty, rip);
3223 vty_out(vty, "\n");
3224
3225 vty_out(vty, " Default version control: send version %s,",
3226 lookup_msg(ri_version_msg, rip->version_send, NULL));
3227 if (rip->version_recv == RI_RIP_VERSION_1_AND_2)
3228 vty_out(vty, " receive any version \n");
3229 else
3230 vty_out(vty, " receive version %s \n",
3231 lookup_msg(ri_version_msg, rip->version_recv, NULL));
3232
3233 vty_out(vty, " Interface Send Recv Key-chain\n");
3234
3235 FOR_ALL_INTERFACES (rip->vrf, ifp) {
3236 ri = ifp->info;
3237
3238 if (!ri->running)
3239 continue;
3240
3241 if (ri->enable_network || ri->enable_interface) {
3242 if (ri->ri_send == RI_RIP_UNSPEC)
3243 send_version =
3244 lookup_msg(ri_version_msg,
3245 rip->version_send, NULL);
3246 else
3247 send_version = lookup_msg(ri_version_msg,
3248 ri->ri_send, NULL);
3249
3250 if (ri->ri_receive == RI_RIP_UNSPEC)
3251 receive_version =
3252 lookup_msg(ri_version_msg,
3253 rip->version_recv, NULL);
3254 else
3255 receive_version = lookup_msg(
3256 ri_version_msg, ri->ri_receive, NULL);
3257
3258 vty_out(vty, " %-17s%-3s %-3s %s\n", ifp->name,
3259 send_version, receive_version,
3260 ri->key_chain ? ri->key_chain : "");
3261 }
3262 }
3263
3264 vty_out(vty, " Routing for Networks:\n");
3265 rip_show_network_config(vty, rip);
3266
3267 {
3268 int found_passive = 0;
3269 FOR_ALL_INTERFACES (rip->vrf, ifp) {
3270 ri = ifp->info;
3271
3272 if ((ri->enable_network || ri->enable_interface)
3273 && ri->passive) {
3274 if (!found_passive) {
3275 vty_out(vty,
3276 " Passive Interface(s):\n");
3277 found_passive = 1;
3278 }
3279 vty_out(vty, " %s\n", ifp->name);
3280 }
3281 }
3282 }
3283
3284 vty_out(vty, " Routing Information Sources:\n");
3285 vty_out(vty,
3286 " Gateway BadPackets BadRoutes Distance Last Update\n");
3287 rip_peer_display(vty, rip);
3288
3289 rip_distance_show(vty, rip);
3290
3291 return CMD_SUCCESS;
3292 }
3293
3294 /* RIP configuration write function. */
config_write_rip(struct vty * vty)3295 static int config_write_rip(struct vty *vty)
3296 {
3297 struct rip *rip;
3298 int write = 0;
3299
3300 RB_FOREACH(rip, rip_instance_head, &rip_instances) {
3301 char xpath[XPATH_MAXLEN];
3302 struct lyd_node *dnode;
3303
3304 snprintf(xpath, sizeof(xpath),
3305 "/frr-ripd:ripd/instance[vrf='%s']", rip->vrf_name);
3306
3307 dnode = yang_dnode_get(running_config->dnode, xpath);
3308 assert(dnode);
3309
3310 nb_cli_show_dnode_cmds(vty, dnode, false);
3311
3312 /* Distribute configuration. */
3313 config_write_distribute(vty, rip->distribute_ctx);
3314
3315 /* Interface routemap configuration */
3316 config_write_if_rmap(vty, rip->if_rmap_ctx);
3317
3318 write = 1;
3319 }
3320
3321 return write;
3322 }
3323
3324 static int config_write_rip(struct vty *vty);
3325 /* RIP node structure. */
3326 static struct cmd_node rip_node = {
3327 .name = "rip",
3328 .node = RIP_NODE,
3329 .parent_node = CONFIG_NODE,
3330 .prompt = "%s(config-router)# ",
3331 .config_write = config_write_rip,
3332 };
3333
3334 /* Distribute-list update functions. */
rip_distribute_update(struct distribute_ctx * ctx,struct distribute * dist)3335 static void rip_distribute_update(struct distribute_ctx *ctx,
3336 struct distribute *dist)
3337 {
3338 struct interface *ifp;
3339 struct rip_interface *ri;
3340 struct access_list *alist;
3341 struct prefix_list *plist;
3342
3343 if (!ctx->vrf || !dist->ifname)
3344 return;
3345
3346 ifp = if_lookup_by_name(dist->ifname, ctx->vrf->vrf_id);
3347 if (ifp == NULL)
3348 return;
3349
3350 ri = ifp->info;
3351
3352 if (dist->list[DISTRIBUTE_V4_IN]) {
3353 alist = access_list_lookup(AFI_IP,
3354 dist->list[DISTRIBUTE_V4_IN]);
3355 if (alist)
3356 ri->list[RIP_FILTER_IN] = alist;
3357 else
3358 ri->list[RIP_FILTER_IN] = NULL;
3359 } else
3360 ri->list[RIP_FILTER_IN] = NULL;
3361
3362 if (dist->list[DISTRIBUTE_V4_OUT]) {
3363 alist = access_list_lookup(AFI_IP,
3364 dist->list[DISTRIBUTE_V4_OUT]);
3365 if (alist)
3366 ri->list[RIP_FILTER_OUT] = alist;
3367 else
3368 ri->list[RIP_FILTER_OUT] = NULL;
3369 } else
3370 ri->list[RIP_FILTER_OUT] = NULL;
3371
3372 if (dist->prefix[DISTRIBUTE_V4_IN]) {
3373 plist = prefix_list_lookup(AFI_IP,
3374 dist->prefix[DISTRIBUTE_V4_IN]);
3375 if (plist)
3376 ri->prefix[RIP_FILTER_IN] = plist;
3377 else
3378 ri->prefix[RIP_FILTER_IN] = NULL;
3379 } else
3380 ri->prefix[RIP_FILTER_IN] = NULL;
3381
3382 if (dist->prefix[DISTRIBUTE_V4_OUT]) {
3383 plist = prefix_list_lookup(AFI_IP,
3384 dist->prefix[DISTRIBUTE_V4_OUT]);
3385 if (plist)
3386 ri->prefix[RIP_FILTER_OUT] = plist;
3387 else
3388 ri->prefix[RIP_FILTER_OUT] = NULL;
3389 } else
3390 ri->prefix[RIP_FILTER_OUT] = NULL;
3391 }
3392
rip_distribute_update_interface(struct interface * ifp)3393 void rip_distribute_update_interface(struct interface *ifp)
3394 {
3395 struct rip_interface *ri = ifp->info;
3396 struct rip *rip = ri->rip;
3397 struct distribute *dist;
3398
3399 if (!rip)
3400 return;
3401 dist = distribute_lookup(rip->distribute_ctx, ifp->name);
3402 if (dist)
3403 rip_distribute_update(rip->distribute_ctx, dist);
3404 }
3405
3406 /* Update all interface's distribute list. */
3407 /* ARGSUSED */
rip_distribute_update_all(struct prefix_list * notused)3408 static void rip_distribute_update_all(struct prefix_list *notused)
3409 {
3410 struct vrf *vrf = vrf_lookup_by_id(VRF_DEFAULT);
3411 struct interface *ifp;
3412
3413 FOR_ALL_INTERFACES (vrf, ifp)
3414 rip_distribute_update_interface(ifp);
3415 }
3416 /* ARGSUSED */
rip_distribute_update_all_wrapper(struct access_list * notused)3417 static void rip_distribute_update_all_wrapper(struct access_list *notused)
3418 {
3419 rip_distribute_update_all(NULL);
3420 }
3421
3422 /* Delete all added rip route. */
rip_clean(struct rip * rip)3423 void rip_clean(struct rip *rip)
3424 {
3425 rip_interfaces_clean(rip);
3426
3427 if (rip->enabled)
3428 rip_instance_disable(rip);
3429
3430 stream_free(rip->obuf);
3431
3432 for (int i = 0; i < ZEBRA_ROUTE_MAX; i++)
3433 if (rip->redist[i].route_map.name)
3434 free(rip->redist[i].route_map.name);
3435
3436 route_table_finish(rip->table);
3437 route_table_finish(rip->neighbor);
3438 list_delete(&rip->peer_list);
3439 distribute_list_delete(&rip->distribute_ctx);
3440 if_rmap_ctx_delete(rip->if_rmap_ctx);
3441
3442 rip_clean_network(rip);
3443 rip_passive_nondefault_clean(rip);
3444 vector_free(rip->enable_interface);
3445 route_table_finish(rip->enable_network);
3446 vector_free(rip->passive_nondefault);
3447 list_delete(&rip->offset_list_master);
3448 route_table_finish(rip->distance_table);
3449
3450 RB_REMOVE(rip_instance_head, &rip_instances, rip);
3451 XFREE(MTYPE_RIP_VRF_NAME, rip->vrf_name);
3452 XFREE(MTYPE_RIP, rip);
3453 }
3454
rip_if_rmap_update(struct if_rmap_ctx * ctx,struct if_rmap * if_rmap)3455 static void rip_if_rmap_update(struct if_rmap_ctx *ctx,
3456 struct if_rmap *if_rmap)
3457 {
3458 struct interface *ifp = NULL;
3459 struct rip_interface *ri;
3460 struct route_map *rmap;
3461 struct vrf *vrf = NULL;
3462
3463 if (ctx->name)
3464 vrf = vrf_lookup_by_name(ctx->name);
3465 if (vrf)
3466 ifp = if_lookup_by_name(if_rmap->ifname, vrf->vrf_id);
3467 if (ifp == NULL)
3468 return;
3469
3470 ri = ifp->info;
3471 if (if_rmap->routemap[IF_RMAP_IN]) {
3472 rmap = route_map_lookup_by_name(if_rmap->routemap[IF_RMAP_IN]);
3473 if (rmap)
3474 ri->routemap[IF_RMAP_IN] = rmap;
3475 else
3476 ri->routemap[IF_RMAP_IN] = NULL;
3477 } else
3478 ri->routemap[RIP_FILTER_IN] = NULL;
3479
3480 if (if_rmap->routemap[IF_RMAP_OUT]) {
3481 rmap = route_map_lookup_by_name(if_rmap->routemap[IF_RMAP_OUT]);
3482 if (rmap)
3483 ri->routemap[IF_RMAP_OUT] = rmap;
3484 else
3485 ri->routemap[IF_RMAP_OUT] = NULL;
3486 } else
3487 ri->routemap[RIP_FILTER_OUT] = NULL;
3488 }
3489
rip_if_rmap_update_interface(struct interface * ifp)3490 void rip_if_rmap_update_interface(struct interface *ifp)
3491 {
3492 struct rip_interface *ri = ifp->info;
3493 struct rip *rip = ri->rip;
3494 struct if_rmap *if_rmap;
3495 struct if_rmap_ctx *ctx;
3496
3497 if (!rip)
3498 return;
3499 ctx = rip->if_rmap_ctx;
3500 if (!ctx)
3501 return;
3502 if_rmap = if_rmap_lookup(ctx, ifp->name);
3503 if (if_rmap)
3504 rip_if_rmap_update(ctx, if_rmap);
3505 }
3506
rip_routemap_update_redistribute(struct rip * rip)3507 static void rip_routemap_update_redistribute(struct rip *rip)
3508 {
3509 for (int i = 0; i < ZEBRA_ROUTE_MAX; i++) {
3510 if (rip->redist[i].route_map.name) {
3511 rip->redist[i].route_map.map = route_map_lookup_by_name(
3512 rip->redist[i].route_map.name);
3513 route_map_counter_increment(
3514 rip->redist[i].route_map.map);
3515 }
3516 }
3517 }
3518
3519 /* ARGSUSED */
rip_routemap_update(const char * notused)3520 static void rip_routemap_update(const char *notused)
3521 {
3522 struct vrf *vrf = vrf_lookup_by_id(VRF_DEFAULT);
3523 struct rip *rip;
3524 struct interface *ifp;
3525
3526 FOR_ALL_INTERFACES (vrf, ifp)
3527 rip_if_rmap_update_interface(ifp);
3528
3529 rip = vrf->info;
3530 if (rip)
3531 rip_routemap_update_redistribute(rip);
3532 }
3533
3534 /* Link RIP instance to VRF. */
rip_vrf_link(struct rip * rip,struct vrf * vrf)3535 static void rip_vrf_link(struct rip *rip, struct vrf *vrf)
3536 {
3537 struct interface *ifp;
3538
3539 rip->vrf = vrf;
3540 rip->distribute_ctx->vrf = vrf;
3541 vrf->info = rip;
3542
3543 FOR_ALL_INTERFACES (vrf, ifp)
3544 rip_interface_sync(ifp);
3545 }
3546
3547 /* Unlink RIP instance from VRF. */
rip_vrf_unlink(struct rip * rip,struct vrf * vrf)3548 static void rip_vrf_unlink(struct rip *rip, struct vrf *vrf)
3549 {
3550 struct interface *ifp;
3551
3552 rip->vrf = NULL;
3553 rip->distribute_ctx->vrf = NULL;
3554 vrf->info = NULL;
3555
3556 FOR_ALL_INTERFACES (vrf, ifp)
3557 rip_interface_sync(ifp);
3558 }
3559
rip_instance_enable(struct rip * rip,struct vrf * vrf,int sock)3560 static void rip_instance_enable(struct rip *rip, struct vrf *vrf, int sock)
3561 {
3562 rip->sock = sock;
3563
3564 rip_vrf_link(rip, vrf);
3565 rip->enabled = true;
3566
3567 /* Resend all redistribute requests. */
3568 rip_redistribute_enable(rip);
3569
3570 /* Create read and timer thread. */
3571 rip_event(rip, RIP_READ, rip->sock);
3572 rip_event(rip, RIP_UPDATE_EVENT, 1);
3573
3574 rip_zebra_vrf_register(vrf);
3575 }
3576
rip_instance_disable(struct rip * rip)3577 static void rip_instance_disable(struct rip *rip)
3578 {
3579 struct vrf *vrf = rip->vrf;
3580 struct route_node *rp;
3581
3582 /* Clear RIP routes */
3583 for (rp = route_top(rip->table); rp; rp = route_next(rp)) {
3584 struct rip_info *rinfo;
3585 struct list *list;
3586 struct listnode *listnode;
3587
3588 if ((list = rp->info) == NULL)
3589 continue;
3590
3591 rinfo = listgetdata(listhead(list));
3592 if (rip_route_rte(rinfo))
3593 rip_zebra_ipv4_delete(rip, rp);
3594
3595 for (ALL_LIST_ELEMENTS_RO(list, listnode, rinfo)) {
3596 RIP_TIMER_OFF(rinfo->t_timeout);
3597 RIP_TIMER_OFF(rinfo->t_garbage_collect);
3598 rip_info_free(rinfo);
3599 }
3600 list_delete(&list);
3601 rp->info = NULL;
3602 route_unlock_node(rp);
3603 }
3604
3605 /* Flush all redistribute requests. */
3606 rip_redistribute_disable(rip);
3607
3608 /* Cancel RIP related timers. */
3609 RIP_TIMER_OFF(rip->t_update);
3610 RIP_TIMER_OFF(rip->t_triggered_update);
3611 RIP_TIMER_OFF(rip->t_triggered_interval);
3612
3613 /* Cancel read thread. */
3614 THREAD_READ_OFF(rip->t_read);
3615
3616 /* Close RIP socket. */
3617 close(rip->sock);
3618 rip->sock = -1;
3619
3620 /* Clear existing peers. */
3621 list_delete_all_node(rip->peer_list);
3622
3623 rip_zebra_vrf_deregister(vrf);
3624
3625 rip_vrf_unlink(rip, vrf);
3626 rip->enabled = false;
3627 }
3628
rip_vrf_new(struct vrf * vrf)3629 static int rip_vrf_new(struct vrf *vrf)
3630 {
3631 if (IS_RIP_DEBUG_EVENT)
3632 zlog_debug("%s: VRF created: %s(%u)", __func__, vrf->name,
3633 vrf->vrf_id);
3634
3635 return 0;
3636 }
3637
rip_vrf_delete(struct vrf * vrf)3638 static int rip_vrf_delete(struct vrf *vrf)
3639 {
3640 if (IS_RIP_DEBUG_EVENT)
3641 zlog_debug("%s: VRF deleted: %s(%u)", __func__, vrf->name,
3642 vrf->vrf_id);
3643
3644 return 0;
3645 }
3646
rip_vrf_enable(struct vrf * vrf)3647 static int rip_vrf_enable(struct vrf *vrf)
3648 {
3649 struct rip *rip;
3650 int socket;
3651
3652 rip = rip_lookup_by_vrf_name(vrf->name);
3653 if (!rip) {
3654 char *old_vrf_name = NULL;
3655
3656 rip = (struct rip *)vrf->info;
3657 if (!rip)
3658 return 0;
3659 /* update vrf name */
3660 if (rip->vrf_name)
3661 old_vrf_name = rip->vrf_name;
3662 rip->vrf_name = XSTRDUP(MTYPE_RIP_VRF_NAME, vrf->name);
3663 /*
3664 * HACK: Change the RIP VRF in the running configuration directly,
3665 * bypassing the northbound layer. This is necessary to avoid deleting
3666 * the RIP and readding it in the new VRF, which would have
3667 * several implications.
3668 */
3669 if (yang_module_find("frr-ripd") && old_vrf_name) {
3670 struct lyd_node *rip_dnode;
3671 char oldpath[XPATH_MAXLEN];
3672 char newpath[XPATH_MAXLEN];
3673
3674 rip_dnode = yang_dnode_get(
3675 running_config->dnode,
3676 "/frr-ripd:ripd/instance[vrf='%s']/vrf",
3677 old_vrf_name);
3678 if (rip_dnode) {
3679 yang_dnode_get_path(rip_dnode->parent, oldpath,
3680 sizeof(oldpath));
3681 yang_dnode_change_leaf(rip_dnode, vrf->name);
3682 yang_dnode_get_path(rip_dnode->parent, newpath,
3683 sizeof(newpath));
3684 nb_running_move_tree(oldpath, newpath);
3685 running_config->version++;
3686 }
3687 }
3688 XFREE(MTYPE_RIP_VRF_NAME, old_vrf_name);
3689 }
3690 if (!rip || rip->enabled)
3691 return 0;
3692
3693 if (IS_RIP_DEBUG_EVENT)
3694 zlog_debug("%s: VRF %s(%u) enabled", __func__, vrf->name,
3695 vrf->vrf_id);
3696
3697 /* Activate the VRF RIP instance. */
3698 if (!rip->enabled) {
3699 socket = rip_create_socket(vrf);
3700 if (socket < 0)
3701 return -1;
3702
3703 rip_instance_enable(rip, vrf, socket);
3704 }
3705
3706 return 0;
3707 }
3708
rip_vrf_disable(struct vrf * vrf)3709 static int rip_vrf_disable(struct vrf *vrf)
3710 {
3711 struct rip *rip;
3712
3713 rip = rip_lookup_by_vrf_name(vrf->name);
3714 if (!rip || !rip->enabled)
3715 return 0;
3716
3717 if (IS_RIP_DEBUG_EVENT)
3718 zlog_debug("%s: VRF %s(%u) disabled", __func__, vrf->name,
3719 vrf->vrf_id);
3720
3721 /* Deactivate the VRF RIP instance. */
3722 if (rip->enabled)
3723 rip_instance_disable(rip);
3724
3725 return 0;
3726 }
3727
rip_vrf_init(void)3728 void rip_vrf_init(void)
3729 {
3730 vrf_init(rip_vrf_new, rip_vrf_enable, rip_vrf_disable, rip_vrf_delete,
3731 rip_vrf_enable);
3732 }
3733
rip_vrf_terminate(void)3734 void rip_vrf_terminate(void)
3735 {
3736 vrf_terminate();
3737 }
3738
3739 /* Allocate new rip structure and set default value. */
rip_init(void)3740 void rip_init(void)
3741 {
3742 /* Install top nodes. */
3743 install_node(&rip_node);
3744
3745 /* Install rip commands. */
3746 install_element(VIEW_NODE, &show_ip_rip_cmd);
3747 install_element(VIEW_NODE, &show_ip_rip_status_cmd);
3748
3749 install_default(RIP_NODE);
3750
3751 /* Debug related init. */
3752 rip_debug_init();
3753
3754 /* Access list install. */
3755 access_list_init();
3756 access_list_add_hook(rip_distribute_update_all_wrapper);
3757 access_list_delete_hook(rip_distribute_update_all_wrapper);
3758
3759 /* Prefix list initialize.*/
3760 prefix_list_init();
3761 prefix_list_add_hook(rip_distribute_update_all);
3762 prefix_list_delete_hook(rip_distribute_update_all);
3763
3764 /* Distribute list install. */
3765 distribute_list_init(RIP_NODE);
3766
3767 /* Route-map */
3768 rip_route_map_init();
3769
3770 route_map_add_hook(rip_routemap_update);
3771 route_map_delete_hook(rip_routemap_update);
3772
3773 if_rmap_init(RIP_NODE);
3774 }
3775