Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bgp: T5943: BGP Peer-group members must be all internal or all external #3238

Merged
merged 1 commit into from
Apr 4, 2024
Merged

bgp: T5943: BGP Peer-group members must be all internal or all external #3238

merged 1 commit into from
Apr 4, 2024

Conversation

HollyGurza
Copy link
Contributor

Change Summary

Added validation of remote-as for all group members

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Code style update (formatting, renaming)
  • Refactoring (no functional changes)
  • Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
  • Other (please describe):

Related Task(s)

Related PR(s)

Component(s) name

Proposed changes

How to test

all internal:

conf
del protocols bgp
set protocols bgp system-as 64512
set protocols bgp neighbor 192.0.2.2 peer-group SMOKETEST
set protocols bgp neighbor 192.0.2.2 remote-as 64512
set protocols bgp peer-group SMOKETEST address-family ipv4-unicast
set protocols bgp neighbor 192.0.2.3 peer-group SMOKETEST
set protocols bgp neighbor 192.0.2.3 remote-as 64513
commit
set protocols bgp neighbor 192.0.2.3 remote-as 64512
commit

all external:

conf
del protocols bgp
set protocols bgp system-as 64512
set protocols bgp neighbor 192.0.2.2 peer-group SMOKETEST
set protocols bgp neighbor 192.0.2.2 remote-as 64512
set protocols bgp peer-group SMOKETEST address-family ipv4-unicast
set protocols bgp neighbor 192.0.2.3 peer-group SMOKETEST
set protocols bgp neighbor 192.0.2.3 remote-as 64513
commit
set protocols bgp neighbor 192.0.2.2 remote-as 64514
commit

Smoketest result

vyos@vyos:~$ python3 /usr/libexec/vyos/tests/smoke/cli/test_protocols_bgp.py
test_bgp_01_simple (__main__.TestProtocolsBGP.test_bgp_01_simple) ... 
BGP system-as number must be defined!

ok
test_bgp_02_neighbors (__main__.TestProtocolsBGP.test_bgp_02_neighbors) ... 
Must either speficy exist-map or non-exist-map when conditionally-
advertise is in use!

ok
test_bgp_03_peer_groups (__main__.TestProtocolsBGP.test_bgp_03_peer_groups) ... 
Must either speficy exist-map or non-exist-map when conditionally-
advertise is in use!

ok
test_bgp_04_afi_ipv4 (__main__.TestProtocolsBGP.test_bgp_04_afi_ipv4) ... ok
test_bgp_05_afi_ipv6 (__main__.TestProtocolsBGP.test_bgp_05_afi_ipv6) ... ok
test_bgp_06_listen_range (__main__.TestProtocolsBGP.test_bgp_06_listen_range) ... 
Listen range for prefix "192.0.2.0/25" has no peer group configured.


Peer-group "listenfoobar" for listen range "192.0.2.0/25" does not
exist!


Peer-group "listenfoobar" for listen range "192.0.2.0/25" does not
exist!

ok
test_bgp_07_l2vpn_evpn (__main__.TestProtocolsBGP.test_bgp_07_l2vpn_evpn) ... ok
test_bgp_09_distance_and_flowspec (__main__.TestProtocolsBGP.test_bgp_09_distance_and_flowspec) ... ok
test_bgp_10_vrf_simple (__main__.TestProtocolsBGP.test_bgp_10_vrf_simple) ... ok
test_bgp_11_confederation (__main__.TestProtocolsBGP.test_bgp_11_confederation) ... ok
test_bgp_12_v6_link_local (__main__.TestProtocolsBGP.test_bgp_12_v6_link_local) ... ok
test_bgp_13_vpn (__main__.TestProtocolsBGP.test_bgp_13_vpn) ... 
WARNING: BGP "router-id" is required when using "rd" and "route-
target"!


WARNING: BGP "router-id" is required when using "rd" and "route-
target"!

ok
test_bgp_14_remote_as_peer_group_override (__main__.TestProtocolsBGP.test_bgp_14_remote_as_peer_group_override) ... 
WARNING: BGP neighbor "192.0.2.1" requires address-family!


Peer-group member "192.0.2.1" cannot override remote-as of peer-group
"bar"!


WARNING: BGP neighbor "192.0.2.1" requires address-family!


WARNING: BGP neighbor "eth0" requires address-family!


Peer-group member "eth0" cannot override remote-as of peer-group "bar"!


WARNING: BGP neighbor "192.0.2.1" requires address-family!


WARNING: BGP neighbor "eth0" requires address-family!


Peer-group member "eth0" cannot override remote-as of peer-group "bar"!


WARNING: BGP neighbor "192.0.2.1" requires address-family!


WARNING: BGP neighbor "eth0" requires address-family!

ok
test_bgp_15_local_as_ebgp (__main__.TestProtocolsBGP.test_bgp_15_local_as_ebgp) ... 
WARNING: BGP neighbor "192.0.2.99" requires address-family!


local-as configured for "192.0.2.99", allowed only for eBGP peers!


WARNING: BGP neighbor "192.0.2.99" requires address-family!

ok
test_bgp_16_import_rd_rt_compatibility (__main__.TestProtocolsBGP.test_bgp_16_import_rd_rt_compatibility) ... 
WARNING: BGP "router-id" is required when using "rd" and "route-
target"!


Please unconfigure "import vrf" commands before using vpn commands in
the same VRF!

ok
test_bgp_17_import_rd_rt_compatibility (__main__.TestProtocolsBGP.test_bgp_17_import_rd_rt_compatibility) ... 
Command "import vrf" conflicts with "rd vpn export" command!

ok
test_bgp_18_deleting_import_vrf (__main__.TestProtocolsBGP.test_bgp_18_deleting_import_vrf) ... 
Cannot delete VRF instance "red", unconfigure "import vrf" commands!

ok
test_bgp_19_deleting_default_vrf (__main__.TestProtocolsBGP.test_bgp_19_deleting_default_vrf) ... 
Cannot delete default BGP instance, dependent VRF instance(s) exist!

ok
test_bgp_20_import_rd_rt_compatibility (__main__.TestProtocolsBGP.test_bgp_20_import_rd_rt_compatibility) ... 
WARNING: BGP "router-id" is required when using "rd" and "route-
target"!


Please unconfigure import vrf commands before using vpn commands in
dependent VRFs!

ok
test_bgp_21_import_unspecified_vrf (__main__.TestProtocolsBGP.test_bgp_21_import_unspecified_vrf) ... 
VRF "test" does not exist!

ok
test_bgp_22_interface_mpls_forwarding (__main__.TestProtocolsBGP.test_bgp_22_interface_mpls_forwarding) ... ok
test_bgp_23_vrf_interface_mpls_forwarding (__main__.TestProtocolsBGP.test_bgp_23_vrf_interface_mpls_forwarding) ... ok
test_bgp_24_srv6_sid (__main__.TestProtocolsBGP.test_bgp_24_srv6_sid) ... 
SID per VRF and SID per address-family are mutually exclusive!

ok
test_bgp_25_ipv4_labeled_unicast_peer_group (__main__.TestProtocolsBGP.test_bgp_25_ipv4_labeled_unicast_peer_group) ... ok
test_bgp_26_ipv6_labeled_unicast_peer_group (__main__.TestProtocolsBGP.test_bgp_26_ipv6_labeled_unicast_peer_group) ... ok
test_bgp_27_route_reflector_client (__main__.TestProtocolsBGP.test_bgp_27_route_reflector_client) ... 
route-reflector-client only supported for iBGP peers

ok
test_bgp_28_peer_group_member_all_internal_or_external (__main__.TestProtocolsBGP.test_bgp_28_peer_group_member_all_internal_or_external) ... 
Peer-group members must be all internal or all external


Peer-group members must be all internal or all external

ok
test_bgp_99_bmp (__main__.TestProtocolsBGP.test_bgp_99_bmp) ... 
"bmp" flag is not found in bgpd. Configure "set system frr bmp" and
restart bgp process


WARNING: You need to reboot the router (preferred) or restart FRR to
apply changes in modules settings


BMP target "instance-bmp" address must be defined!

ok

----------------------------------------------------------------------
Ran 28 tests in 165.039s

OK

Checklist:

  • I have read the CONTRIBUTING document
  • I have linked this PR to one or more Phabricator Task(s)
  • I have run the components SMOKETESTS if applicable
  • My commit headlines contain a valid Task id
  • My change requires a change to the documentation
  • I have updated the documentation accordingly

@vyosbot vyosbot requested review from a team, dmbaturin, sarthurdev, zdc, jestabro, sever-sever and c-po and removed request for a team April 3, 2024 08:40
c-po
c-po requested changes Apr 4, 2024
View reviewed changes
src/conf_mode/protocols_bgp.py Outdated
if peer_config['remote_as'] != 'internal' and \
peer_config['remote_as'] != bgp['system_as']:
is_ibgp = False
if peer_groups_context.get(peer_group) is None:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use if peer_group not in peer_groups_context: to keep a consistent style accross this complex file.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

src/conf_mode/protocols_bgp.py Outdated
is_ibgp = False
if peer_groups_context.get(peer_group) is None:
peer_groups_context[peer_group] = is_ibgp
elif peer_groups_context.get(peer_group) != is_ibgp:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please us: elif peer_groups_context[peer_group] != is_ibgp: to keep a consistent style accross this complex file.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@HollyGurza HollyGurza requested a review from c-po April 4, 2024 07:40
@dmbaturin
Copy link
Member

@Mergifyio backport sagitta

@mergify Mergify
Copy link
Contributor

mergify bot commented Apr 4, 2024
edited
Loading

backport sagitta

✅ Backports have been created

@dmbaturin dmbaturin merged commit eedc83e into vyos:current Apr 4, 2024
6 of 7 checks passed
@mergify mergify bot mentioned this pull request Apr 4, 2024
Merged
12 tasks
c-po added a commit that referenced this pull request Apr 4, 2024
@c-po
Merge pull request #3245 from vyos/mergify/bp/sagitta/pr-3238
9d94afc 
bgp: T5943: BGP Peer-group members must be all internal or all external (backport #3238)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmbaturin dmbaturin Awaiting requested review from dmbaturin dmbaturin was automatically assigned from vyos/reviewers

@sarthurdev sarthurdev Awaiting requested review from sarthurdev sarthurdev was automatically assigned from vyos/reviewers

@zdc zdc Awaiting requested review from zdc zdc was automatically assigned from vyos/reviewers

@jestabro jestabro Awaiting requested review from jestabro jestabro was automatically assigned from vyos/reviewers

@sever-sever sever-sever Awaiting requested review from sever-sever sever-sever was automatically assigned from vyos/reviewers

@c-po c-po Awaiting requested review from c-po c-po is a code owner

Assignees

@HollyGurza HollyGurza

Labels
current
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@HollyGurza @dmbaturin @c-po