From 4ab467017e922b6b32565952523051862e636e4e Mon Sep 17 00:00:00 2001 From: Abhinay Ramesh Date: Thu, 8 Apr 2021 10:28:35 +0000 Subject: bgpd: Support tcp-mss for bgp neighbors Problem Statement: ================= In scale setup BGP sessions start flapping. RCA: ==== In virtualized environment there are multiple places where MTU need to be set. If there are some places were MTU is not set properly then there is chances that BGP packets get fragmented, in scale setup this will lead to BGP session flap. Fix: ==== A new tcp option is provided as part of this implementation, which can be configured per neighbor and helps to set the TCP max segment size. User need to derive the path MTU between the BGP neighbors and set that value as part of tcp-mss setting. 1. CLI Configuration: [no] neighbor tcp-mss (1-65535) 2. Running config frr# show running-config router bgp 100 neighbor 198.51.100.2 tcp-mss 150 => new entry neighbor 2001:DB8::2 tcp-mss 400 => new entry 3. Show command frr# show bgp neighbors 198.51.100.2 BGP neighbor is 198.51.100.2, remote AS 100, local AS 100, internal link Hostname: frr Configured tcp-mss is 150, synced tcp-mss is 138 => new display 4. Show command json output frr# show bgp neighbors 2001:DB8::2 json { "2001:DB8::2":{ "remoteAs":100, "bgpTimerKeepAliveIntervalMsecs":60000, "bgpTcpMssConfigured":400, => new entry "bgpTcpMssSynced":388, => new entry Risk: ===== Low - This is a config driven feature and it sets the max segment size for the TCP session between BGP peers. Tests Executed: =============== Have done manual testing with three router topology. 1. Executed basic config and un config scenarios 2. Verified if the config is updated in running config during config and no config operation 3. Verified the show command output in both CLI format and JSON format. 4. Verified if TCP SYN messages carry the max segment size in their initial packets. 5. Verified the behaviour during clear bgp session. 6. done packet capture to see if the new segment size takes effect. Signed-off-by: Abhinay Ramesh --- lib/sockopt.c | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) (limited to 'lib/sockopt.c') diff --git a/lib/sockopt.c b/lib/sockopt.c index b624fe2230..98bfda5079 100644 --- a/lib/sockopt.c +++ b/lib/sockopt.c @@ -667,3 +667,39 @@ int sockopt_tcp_signature(int sock, union sockunion *su, const char *password) { return sockopt_tcp_signature_ext(sock, su, 0, password); } + +/* set TCP mss value to socket */ +int sockopt_tcp_mss_set(int sock, int tcp_maxseg) +{ + int ret = 0; + socklen_t tcp_maxseg_len = sizeof(tcp_maxseg); + + ret = setsockopt(sock, IPPROTO_TCP, TCP_MAXSEG, &tcp_maxseg, + tcp_maxseg_len); + if (ret != 0) { + flog_err_sys(EC_LIB_SYSTEM_CALL, + "%s failed: setsockopt(%d): %s", __func__, sock, + safe_strerror(errno)); + } + + return ret; +} + +/* get TCP mss value synced by socket */ +int sockopt_tcp_mss_get(int sock) +{ + int ret = 0; + int tcp_maxseg = 0; + socklen_t tcp_maxseg_len = sizeof(tcp_maxseg); + + ret = getsockopt(sock, IPPROTO_TCP, TCP_MAXSEG, &tcp_maxseg, + &tcp_maxseg_len); + if (ret != 0) { + flog_err_sys(EC_LIB_SYSTEM_CALL, + "%s failed: getsockopt(%d): %s", __func__, sock, + safe_strerror(errno)); + return 0; + } + + return tcp_maxseg; +} -- cgit v1.2.3