Gitiles
Code Review Sign In
gerrit.opencord.org / quagga / 743dd42b3f5d4bc5f9a86b91364c67217f42c6d1
commit743dd42b3f5d4bc5f9a86b91364c67217f42c6d1[log] [tgz]
authorPaul Jakma <paul.jakma@hpe.com>Fri Sep 30 13:55:47 2016 +0100
committerPaul Jakma <paul.jakma@hpe.com>Tue Oct 04 13:07:56 2016 +0100
tree365a266a5e8b3602e359aeadfb921133a2c70c22
parentaf177b245ef3f092ecd0ae75cb75c2d797a7b139 [diff]
bgpd: Fix NHT race with Connect leading to test tool issues

* The NHT change:

   "bgpd, zebra: Use next hop tracking for connected routes too"

  introduces a race where bgp_connect_check can be called on a peer in
  Connect state before the TCP handshake has completed. If this happens,
  then the SO_ERROR sockopt to check the state of the socket is undefined
  or at least does not return a useful result - it returns 0, as with
  a connected socket. SO_ERROR should only be called on non-block sockets
  after the socket has been ready for writing.

  The net result is that bgpd can then incorrectly advance the peer FSM for
  the socket (also the main 'peer'), to OpenSent. As part of which, any
  incoming connection from the peer will pass through collision_detect and
  may be (incorrectly) closed, depending on the RIDs.

  This race is reliably hit with testing tools which wait to listen for
  incoming BGP connections from the RUT to know it is in Connect/Active, and
  which ignore the TCP connection (no SYN|ACK, no RST), and then launch their
  own connection.

  The fix is to better integrate the BGP FSM and the NHT update, to ensure
  connect_check is not called on peers in Connect state.

  Note: There may be no need at all for NHT to tickle FSM.

* bgpd.h: Add NHT_Update FSM event for NHT valid.

* bgp_fsm.c: (bgp_fsm_nht_update) There is no need to have a separate
  switch based FSM with its own event via an exported function.  Have
  NHT raise the NHT_Update even on the peer, instead of calling a
  side-channel function into a sub-FSM in the FSM.  No need to have
  code for BGP_Start, FSM can call that.  Actions for Connect and
  Active are the same and just lead to ConnectRetry_timer_expired
  event - so FSM can just call same transition func as that.

  No need to call bgp_connect_check on Connect, as Connect implies no
  connection.

  (FSM) Handle the NHT_Update event, replacing bgp_fsm_nht_update.
  Idle -> bgp_start, Connect and Active were doing the same as
  ConnectRetry_timer_expired so replicate those. Rest are No-Ops.

* bgp_nht.c: (evaluate_paths) Raise NHT_Update FSM event. Always valid.
* bgp_packet.{c,h}: (bgp_connect_check) NHT change now unnecessary, revert.
6 files changed
tree: 365a266a5e8b3602e359aeadfb921133a2c70c22
  1. .gitignore
  2. AUTHORS
  3. COPYING
  4. COPYING.LIB
  5. ChangeLog
  6. HACKING.md
  7. HACKING.pending
  8. INSTALL.quagga.txt
  9. Makefile.am
  10. NEWS
  11. README
  12. README.NetBSD
  13. REPORTING-BUGS
  14. SERVICES
  15. TODO
  16. bgpd/
  17. bootstrap.sh
  18. buildtest.sh
  19. common.am
  20. configure.ac
  21. doc/
  22. fpm/
  23. gdb/
  24. init/
  25. isisd/
  26. lib/
  27. m4/
  28. ospf6d/
  29. ospfclient/
  30. ospfd/
  31. pimd/
  32. pkgsrc/
  33. ports/
  34. qpb/
  35. redhat/
  36. ripd/
  37. ripngd/
  38. solaris/
  39. stamp-h.in
  40. tests/
  41. tools/
  42. update-autotools
  43. vtysh/
  44. watchquagga/
  45. zebra/