Merge pull request #15521 from opensourcerouting/fix/backport_1818186…

…432569d2bc3e4113945ff958c3ac4796b_10.0 bgpd: [10.0] Unset advertised capabilities if capability is disabled
FRRouting · Mar 19, 2024 · be0b868 · be0b868
2 parents 2437d09 + 6d31b86
commit be0b868
Show file tree

Hide file tree

Showing 8 changed files with 371 additions and 54 deletions.
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
@@ -1239,7 +1239,6 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 	/* Encode MP_EXT capability. */
 	switch (capability_code) {
 	case CAPABILITY_CODE_SOFT_VERSION:
-		SET_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_ADV);
 		stream_putc(s, action);
 		stream_putc(s, CAPABILITY_CODE_SOFT_VERSION);
 		cap_len = stream_get_endp(s);
@@ -1270,6 +1269,9 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 					   : "Removing",
 				   capability, iana_afi2str(pkt_afi),
 				   iana_safi2str(pkt_safi));
+
+		COND_FLAG(peer->cap, PEER_CAP_SOFT_VERSION_ADV,
+			  action == CAPABILITY_ACTION_SET);
 		break;
 	case CAPABILITY_CODE_MP:
 		stream_putc(s, action);
@@ -1289,11 +1291,6 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 				   iana_safi2str(pkt_safi));
 		break;
 	case CAPABILITY_CODE_RESTART:
-		if (!CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART) &&
-		    !CHECK_FLAG(peer->flags, PEER_FLAG_GRACEFUL_RESTART_HELPER))
-			return;
-
-		SET_FLAG(peer->cap, PEER_CAP_RESTART_ADV);
 		stream_putc(s, action);
 		stream_putc(s, CAPABILITY_CODE_RESTART);
 		cap_len = stream_get_endp(s);
@@ -1342,13 +1339,10 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 				   capability, iana_afi2str(pkt_afi),
 				   iana_safi2str(pkt_safi));
 
+		COND_FLAG(peer->cap, PEER_CAP_RESTART_ADV,
+			  action == CAPABILITY_ACTION_SET);
 		break;
 	case CAPABILITY_CODE_LLGR:
-		if (!CHECK_FLAG(peer->cap, PEER_CAP_RESTART_ADV))
-			return;
-
-		SET_FLAG(peer->cap, PEER_CAP_LLGR_ADV);
-
 		stream_putc(s, action);
 		stream_putc(s, CAPABILITY_CODE_LLGR);
 		cap_len = stream_get_endp(s);
@@ -1380,10 +1374,11 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 					   : "Removing",
 				   capability, iana_afi2str(pkt_afi),
 				   iana_safi2str(pkt_safi));
+
+		COND_FLAG(peer->cap, PEER_CAP_LLGR_ADV,
+			  action == CAPABILITY_ACTION_SET);
 		break;
 	case CAPABILITY_CODE_ADDPATH:
-		SET_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV);
-
 		FOREACH_AFI_SAFI (afi, safi) {
 			if (peer->afc[afi][safi]) {
 				addpath_afi_safi_count++;
@@ -1461,6 +1456,8 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 				   capability, iana_afi2str(pkt_afi),
 				   iana_safi2str(pkt_safi));
 
+		COND_FLAG(peer->cap, PEER_CAP_ADDPATH_ADV,
+			  action == CAPABILITY_ACTION_SET);
 		break;
 	case CAPABILITY_CODE_ORF:
 		/* Convert AFI, SAFI to values for packet. */
@@ -1534,43 +1531,42 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 				   iana_safi2str(pkt_safi));
 		break;
 	case CAPABILITY_CODE_FQDN:
-		if (CHECK_FLAG(peer->flags, PEER_FLAG_CAPABILITY_FQDN) &&
-		    hostname) {
-			SET_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV);
-			stream_putc(s, action);
-			stream_putc(s, CAPABILITY_CODE_FQDN);
-			cap_len = stream_get_endp(s);
-			stream_putc(s, 0); /* Capability Length */
-
-			len = strlen(hostname);
+		stream_putc(s, action);
+		stream_putc(s, CAPABILITY_CODE_FQDN);
+		cap_len = stream_get_endp(s);
+		stream_putc(s, 0); /* Capability Length */
+
+		len = strlen(hostname);
+		if (len > BGP_MAX_HOSTNAME)
+			len = BGP_MAX_HOSTNAME;
+
+		stream_putc(s, len);
+		stream_put(s, hostname, len);
+
+		if (domainname) {
+			len = strlen(domainname);
 			if (len > BGP_MAX_HOSTNAME)
 				len = BGP_MAX_HOSTNAME;
 
 			stream_putc(s, len);
-			stream_put(s, hostname, len);
-
-			if (domainname) {
-				len = strlen(domainname);
-				if (len > BGP_MAX_HOSTNAME)
-					len = BGP_MAX_HOSTNAME;
+			stream_put(s, domainname, len);
+		} else
+			stream_putc(s, 0);
 
-				stream_putc(s, len);
-				stream_put(s, domainname, len);
-			} else
-				stream_putc(s, 0);
+		len = stream_get_endp(s) - cap_len - 1;
+		stream_putc_at(s, cap_len, len);
 
-			len = stream_get_endp(s) - cap_len - 1;
-			stream_putc_at(s, cap_len, len);
+		if (bgp_debug_neighbor_events(peer))
+			zlog_debug("%pBP sending CAPABILITY has %s %s for afi/safi: %s/%s",
+				   peer,
+				   action == CAPABILITY_ACTION_SET
+					   ? "Advertising"
+					   : "Removing",
+				   capability, iana_afi2str(pkt_afi),
+				   iana_safi2str(pkt_safi));
 
-			if (bgp_debug_neighbor_events(peer))
-				zlog_debug("%pBP sending CAPABILITY has %s %s for afi/safi: %s/%s",
-					   peer,
-					   action == CAPABILITY_ACTION_SET
-						   ? "Advertising"
-						   : "Removing",
-					   capability, iana_afi2str(pkt_afi),
-					   iana_safi2str(pkt_safi));
-		}
+		COND_FLAG(peer->cap, PEER_CAP_HOSTNAME_ADV,
+			  action == CAPABILITY_ACTION_SET);
 		break;
 	case CAPABILITY_CODE_REFRESH:
 	case CAPABILITY_CODE_AS4:
@@ -1580,13 +1576,12 @@ void bgp_capability_send(struct peer *peer, afi_t afi, safi_t safi,
 	case CAPABILITY_CODE_EXT_MESSAGE:
 		break;
 	case CAPABILITY_CODE_ROLE:
-		if (peer->local_role != ROLE_UNDEFINED) {
-			SET_FLAG(peer->cap, PEER_CAP_ROLE_ADV);
-			stream_putc(s, action);
-			stream_putc(s, CAPABILITY_CODE_ROLE);
-			stream_putc(s, CAPABILITY_CODE_ROLE_LEN);
-			stream_putc(s, peer->local_role);
-		}
+		stream_putc(s, action);
+		stream_putc(s, CAPABILITY_CODE_ROLE);
+		stream_putc(s, CAPABILITY_CODE_ROLE_LEN);
+		stream_putc(s, peer->local_role);
+		COND_FLAG(peer->cap, PEER_CAP_ROLE_ADV,
+			  action == CAPABILITY_ACTION_SET);
 		break;
 	default:
 		break;

diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
@@ -3260,6 +3260,8 @@ DEFUN (bgp_graceful_restart_disable,
 	GR_DISABLE)
 {
 	int ret = BGP_GR_FAILURE;
+	struct listnode *node, *nnode;
+	struct peer *peer;
 
 	if (BGP_DEBUG(graceful_restart, GRACEFUL_RESTART))
 		zlog_debug(
@@ -3278,6 +3280,15 @@ DEFUN (bgp_graceful_restart_disable,
 	vty_out(vty,
 		"Graceful restart configuration changed, reset all peers to take effect\n");
 
+	for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer)) {
+		bgp_capability_send(peer, AFI_IP, SAFI_UNICAST,
+				    CAPABILITY_CODE_RESTART,
+				    CAPABILITY_ACTION_UNSET);
+		bgp_capability_send(peer, AFI_IP, SAFI_UNICAST,
+				    CAPABILITY_CODE_LLGR,
+				    CAPABILITY_ACTION_UNSET);
+	}
+
 	return bgp_vty_return(vty, ret);
 }
 

diff --git a/tests/topotests/bgp_dynamic_capability/test_bgp_dynamic_capability_addpath.py b/tests/topotests/bgp_dynamic_capability/test_bgp_dynamic_capability_addpath.py
@@ -135,7 +135,7 @@ def _bgp_check_if_addpath_rx_tx_and_session_not_reset():
     step("Disable Addpath capability RX and check if it's exchanged dynamically")
 
     # Clear message stats to check if we receive a notification or not after we
-    # change the settings fo LLGR.
+    # disable addpath-rx.
     r1.vtysh_cmd("clear bgp 192.168.1.2 message-stats")
     r2.vtysh_cmd(
         """
@@ -174,6 +174,46 @@ def _bgp_check_if_addpath_tx_and_session_not_reset():
     _, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
     assert result is None, "Session was reset after disabling Addpath RX flags"
 
+    # Clear message stats to check if we receive a notification or not after we
+    # disable Addpath capability.
+    r1.vtysh_cmd("clear bgp 192.168.1.2 message-stats")
+    r1.vtysh_cmd(
+        """
+    configure terminal
+    router bgp
+     address-family ipv4 unicast
+      no neighbor 192.168.1.2 addpath-tx-all-paths
+    """
+    )
+
+    def _bgp_check_if_addpath_capability_is_absent():
+        output = json.loads(r1.vtysh_cmd("show bgp neighbor json"))
+        expected = {
+            "192.168.1.2": {
+                "bgpState": "Established",
+                "neighborCapabilities": {
+                    "dynamic": "advertisedAndReceived",
+                    "addPath": {
+                        "ipv4Unicast": {
+                            "txAdvertisedAndReceived": None,
+                            "txAdvertised": None,
+                            "rxAdvertised": True,
+                        }
+                    },
+                },
+                "messageStats": {
+                    "notificationsRecv": 0,
+                },
+            }
+        }
+        return topotest.json_cmp(output, expected)
+
+    test_func = functools.partial(
+        _bgp_check_if_addpath_capability_is_absent,
+    )
+    _, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
+    assert result is None, "Failed to disable Addpath capability"
+
 
 if __name__ == "__main__":
     args = ["-s"] + sys.argv[1:]

diff --git a/tests/topotests/bgp_dynamic_capability/test_bgp_dynamic_capability_fqdn.py b/tests/topotests/bgp_dynamic_capability/test_bgp_dynamic_capability_fqdn.py
@@ -0,0 +1,122 @@
+#!/usr/bin/env python
+# SPDX-License-Identifier: ISC
+
+# Copyright (c) 2024 by
+# Donatas Abraitis <[email protected]>
+#
+
+"""
+Test if fqdn capability is exchanged dynamically.
+"""
+
+import os
+import re
+import sys
+import json
+import pytest
+import functools
+
+pytestmark = pytest.mark.bgpd
+
+CWD = os.path.dirname(os.path.realpath(__file__))
+sys.path.append(os.path.join(CWD, "../"))
+
+# pylint: disable=C0413
+from lib import topotest
+from lib.topogen import Topogen, TopoRouter, get_topogen
+from lib.common_config import step
+
+pytestmark = [pytest.mark.bgpd]
+
+
+def setup_module(mod):
+    topodef = {"s1": ("r1", "r2")}
+    tgen = Topogen(topodef, mod.__name__)
+    tgen.start_topology()
+
+    router_list = tgen.routers()
+
+    for _, (rname, router) in enumerate(router_list.items(), 1):
+        router.load_frr_config(os.path.join(CWD, "{}/frr.conf".format(rname)))
+
+    tgen.start_router()
+
+
+def teardown_module(mod):
+    tgen = get_topogen()
+    tgen.stop_topology()
+
+
+def test_bgp_dynamic_capability_fqdn():
+    tgen = get_topogen()
+
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    r1 = tgen.gears["r1"]
+    r2 = tgen.gears["r2"]
+
+    def _bgp_converge():
+        output = json.loads(r1.vtysh_cmd("show bgp neighbor json"))
+        expected = {
+            "192.168.1.2": {
+                "bgpState": "Established",
+                "neighborCapabilities": {
+                    "dynamic": "advertisedAndReceived",
+                    "hostName": {
+                        "advHostName": "r1",
+                        "rcvHostName": "r2",
+                    },
+                },
+            }
+        }
+        return topotest.json_cmp(output, expected)
+
+    test_func = functools.partial(
+        _bgp_converge,
+    )
+    _, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
+    assert result is None, "Can't converge"
+
+    step("Disable fqdn capability and check if it's exchanged dynamically")
+
+    # Clear message stats to check if we receive a notification or not after we
+    # disable fqdn capability.
+    r1.vtysh_cmd("clear bgp 192.168.1.2 message-stats")
+    r1.vtysh_cmd(
+        """
+    configure terminal
+    router bgp
+      no neighbor 192.168.1.2 capability fqdn
+    """
+    )
+
+    def _bgp_check_if_fqdn_capability_is_absent():
+        output = json.loads(r1.vtysh_cmd("show bgp neighbor json"))
+        expected = {
+            "192.168.1.2": {
+                "bgpState": "Established",
+                "neighborCapabilities": {
+                    "dynamic": "advertisedAndReceived",
+                    "hostName": {
+                        "advHostName": None,
+                        "rcvHostName": "r2",
+                    },
+                },
+                "messageStats": {
+                    "notificationsRecv": 0,
+                },
+            }
+        }
+        return topotest.json_cmp(output, expected)
+
+    test_func = functools.partial(
+        _bgp_check_if_fqdn_capability_is_absent,
+    )
+    _, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
+    assert result is None, "Failed to disable fqdn capability"
+
+
+if __name__ == "__main__":
+    args = ["-s"] + sys.argv[1:]
+    sys.exit(pytest.main(args))