Differentiate between error delay and connect/reconnect delay.
The difference is here to reject incoming connections in the first case.
This commit is contained in:
parent
2a04b045e4
commit
dd91e46765
2 changed files with 57 additions and 36 deletions
|
@ -73,8 +73,7 @@ static int bgp_counter; /* Number of protocol instances using the listening so
|
||||||
|
|
||||||
static void bgp_close(struct bgp_proto *p, int apply_md5);
|
static void bgp_close(struct bgp_proto *p, int apply_md5);
|
||||||
static void bgp_connect(struct bgp_proto *p);
|
static void bgp_connect(struct bgp_proto *p);
|
||||||
static void bgp_active(struct bgp_proto *p, int delay);
|
static void bgp_active(struct bgp_proto *p);
|
||||||
static void bgp_initiate(struct bgp_proto *p);
|
|
||||||
static void bgp_stop(struct bgp_proto *p);
|
static void bgp_stop(struct bgp_proto *p);
|
||||||
static sock *bgp_setup_listen_sk(void);
|
static sock *bgp_setup_listen_sk(void);
|
||||||
|
|
||||||
|
@ -113,10 +112,36 @@ bgp_open(struct bgp_proto *p)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
p->start_state = p->cf->capabilities ? BSS_CONNECT : BSS_CONNECT_NOCAP;
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
bgp_startup(struct bgp_proto *p)
|
||||||
|
{
|
||||||
|
BGP_TRACE(D_EVENTS, "Started");
|
||||||
|
p->start_state = p->cf->capabilities ? BSS_CONNECT : BSS_CONNECT_NOCAP;
|
||||||
|
bgp_active(p);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
bgp_startup_timeout(timer *t)
|
||||||
|
{
|
||||||
|
bgp_startup(t->data);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void
|
||||||
|
bgp_initiate(struct bgp_proto *p)
|
||||||
|
{
|
||||||
|
if (p->startup_delay)
|
||||||
|
{
|
||||||
|
BGP_TRACE(D_EVENTS, "Startup delayed by %d seconds", p->startup_delay);
|
||||||
|
bgp_start_timer(p->startup_timer, p->startup_delay);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
bgp_startup(p);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* bgp_close - close a BGP instance
|
* bgp_close - close a BGP instance
|
||||||
* @p: BGP instance
|
* @p: BGP instance
|
||||||
|
@ -293,7 +318,7 @@ bgp_decision(void *vp)
|
||||||
DBG("BGP: Decision start\n");
|
DBG("BGP: Decision start\n");
|
||||||
if ((p->p.proto_state == PS_START)
|
if ((p->p.proto_state == PS_START)
|
||||||
&& (p->outgoing_conn.state == BS_IDLE))
|
&& (p->outgoing_conn.state == BS_IDLE))
|
||||||
bgp_initiate(p);
|
bgp_active(p);
|
||||||
|
|
||||||
if ((p->p.proto_state == PS_STOP)
|
if ((p->p.proto_state == PS_STOP)
|
||||||
&& (p->outgoing_conn.state == BS_IDLE)
|
&& (p->outgoing_conn.state == BS_IDLE)
|
||||||
|
@ -473,8 +498,9 @@ bgp_setup_sk(struct bgp_proto *p, struct bgp_conn *conn, sock *s)
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
bgp_active(struct bgp_proto *p, int delay)
|
bgp_active(struct bgp_proto *p)
|
||||||
{
|
{
|
||||||
|
int delay = MIN(1, p->cf->start_delay_time);
|
||||||
struct bgp_conn *conn = &p->outgoing_conn;
|
struct bgp_conn *conn = &p->outgoing_conn;
|
||||||
|
|
||||||
BGP_TRACE(D_EVENTS, "Connect delayed by %d seconds", delay);
|
BGP_TRACE(D_EVENTS, "Connect delayed by %d seconds", delay);
|
||||||
|
@ -537,17 +563,6 @@ bgp_connect(struct bgp_proto *p) /* Enter Connect state and start establishing c
|
||||||
bgp_start_timer(conn->connect_retry_timer, p->cf->connect_retry_time);
|
bgp_start_timer(conn->connect_retry_timer, p->cf->connect_retry_time);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
|
||||||
bgp_initiate(struct bgp_proto *p)
|
|
||||||
{
|
|
||||||
unsigned delay = MAX(p->startup_delay, p->cf->start_delay_time);
|
|
||||||
|
|
||||||
if (delay)
|
|
||||||
bgp_active(p, delay);
|
|
||||||
else
|
|
||||||
bgp_connect(p);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* bgp_incoming_connection - handle an incoming connection
|
* bgp_incoming_connection - handle an incoming connection
|
||||||
* @sk: TCP socket
|
* @sk: TCP socket
|
||||||
|
@ -564,7 +579,6 @@ static int
|
||||||
bgp_incoming_connection(sock *sk, int dummy UNUSED)
|
bgp_incoming_connection(sock *sk, int dummy UNUSED)
|
||||||
{
|
{
|
||||||
struct proto_config *pc;
|
struct proto_config *pc;
|
||||||
int match = 0;
|
|
||||||
|
|
||||||
DBG("BGP: Incoming connection from %I port %d\n", sk->daddr, sk->dport);
|
DBG("BGP: Incoming connection from %I port %d\n", sk->daddr, sk->dport);
|
||||||
WALK_LIST(pc, config->protos)
|
WALK_LIST(pc, config->protos)
|
||||||
|
@ -573,15 +587,16 @@ bgp_incoming_connection(sock *sk, int dummy UNUSED)
|
||||||
struct bgp_proto *p = (struct bgp_proto *) pc->proto;
|
struct bgp_proto *p = (struct bgp_proto *) pc->proto;
|
||||||
if (ipa_equal(p->cf->remote_ip, sk->daddr))
|
if (ipa_equal(p->cf->remote_ip, sk->daddr))
|
||||||
{
|
{
|
||||||
match = 1;
|
/* We are in proper state and there is no other incoming connection */
|
||||||
if ((p->p.proto_state == PS_START || p->p.proto_state == PS_UP) && (p->start_state > BSS_PREPARE))
|
int acc = (p->p.proto_state == PS_START || p->p.proto_state == PS_UP) &&
|
||||||
{
|
(p->start_state >= BSS_CONNECT) && (!p->incoming_conn.sk);
|
||||||
BGP_TRACE(D_EVENTS, "Incoming connection from %I port %d", sk->daddr, sk->dport);
|
|
||||||
if (p->incoming_conn.sk)
|
BGP_TRACE(D_EVENTS, "Incoming connection from %I (port %d) %s",
|
||||||
{
|
sk->daddr, sk->dport, acc ? "accepted" : "rejected");
|
||||||
DBG("BGP: But one incoming connection already exists, how is that possible?\n");
|
|
||||||
break;
|
if (!acc)
|
||||||
}
|
goto err;
|
||||||
|
|
||||||
bgp_setup_conn(p, &p->incoming_conn);
|
bgp_setup_conn(p, &p->incoming_conn);
|
||||||
bgp_setup_sk(p, &p->incoming_conn, sk);
|
bgp_setup_sk(p, &p->incoming_conn, sk);
|
||||||
sk_set_ttl(sk, p->cf->multihop ? : 1);
|
sk_set_ttl(sk, p->cf->multihop ? : 1);
|
||||||
|
@ -589,9 +604,9 @@ bgp_incoming_connection(sock *sk, int dummy UNUSED)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
if (!match)
|
log(L_WARN "BGP: Unexpected connect from unknown address %I (port %d)", sk->daddr, sk->dport);
|
||||||
log(L_AUTH "BGP: Unauthorized connect from %I port %d", sk->daddr, sk->dport);
|
err:
|
||||||
rfree(sk);
|
rfree(sk);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -730,6 +745,10 @@ bgp_start(struct proto *P)
|
||||||
p->event->hook = bgp_decision;
|
p->event->hook = bgp_decision;
|
||||||
p->event->data = p;
|
p->event->data = p;
|
||||||
|
|
||||||
|
p->startup_timer = tm_new(p->p.pool);
|
||||||
|
p->startup_timer->hook = bgp_startup_timeout;
|
||||||
|
p->startup_timer->data = p;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Before attempting to create the connection, we need to lock the
|
* Before attempting to create the connection, we need to lock the
|
||||||
* port, so that are sure we're the only instance attempting to talk
|
* port, so that are sure we're the only instance attempting to talk
|
||||||
|
|
|
@ -82,6 +82,7 @@ struct bgp_proto {
|
||||||
ip_addr local_addr; /* Address of the local end of the link to next_hop */
|
ip_addr local_addr; /* Address of the local end of the link to next_hop */
|
||||||
ip_addr source_addr; /* Address used as advertised next hop, usually local_addr */
|
ip_addr source_addr; /* Address used as advertised next hop, usually local_addr */
|
||||||
struct event *event; /* Event for respawning and shutting process */
|
struct event *event; /* Event for respawning and shutting process */
|
||||||
|
struct timer *startup_timer; /* Timer used to delay protocol startup due to previous errors (startup_delay) */
|
||||||
struct bgp_bucket **bucket_hash; /* Hash table of attribute buckets */
|
struct bgp_bucket **bucket_hash; /* Hash table of attribute buckets */
|
||||||
unsigned int hash_size, hash_count, hash_limit;
|
unsigned int hash_size, hash_count, hash_limit;
|
||||||
struct fib prefix_fib; /* Prefixes to be sent */
|
struct fib prefix_fib; /* Prefixes to be sent */
|
||||||
|
@ -241,8 +242,9 @@ void bgp_log_error(struct bgp_proto *p, char *msg, unsigned code, unsigned subco
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define BSS_PREPARE 0 /* Used before ordinary BGP started, i. e. waiting for lock */
|
#define BSS_PREPARE 0 /* Used before ordinary BGP started, i. e. waiting for lock */
|
||||||
#define BSS_CONNECT 1 /* Ordinary BGP connecting */
|
#define BSS_DELAY 1 /* Startup delay due to previous errors */
|
||||||
#define BSS_CONNECT_NOCAP 2 /* Legacy BGP connecting (without capabilities) */
|
#define BSS_CONNECT 2 /* Ordinary BGP connecting */
|
||||||
|
#define BSS_CONNECT_NOCAP 3 /* Legacy BGP connecting (without capabilities) */
|
||||||
|
|
||||||
/* Error classes */
|
/* Error classes */
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue