diff options
author | Christian Breunig <christian@breunig.cc> | 2024-04-04 18:59:00 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-04 18:59:00 +0200 |
commit | 9d94afcba122ae6d4620e21b3e1ef1555b7bb2e1 (patch) | |
tree | c23420acd3284912815a2162936481b26790c161 /src | |
parent | 7f077a0dfc410d974f891e34f0726809d4b1a5b1 (diff) | |
parent | 4e7ce772ea6af872a2234e981b152753c3187cec (diff) | |
download | vyos-1x-9d94afcba122ae6d4620e21b3e1ef1555b7bb2e1.tar.gz vyos-1x-9d94afcba122ae6d4620e21b3e1ef1555b7bb2e1.zip |
Merge pull request #3245 from vyos/mergify/bp/sagitta/pr-3238
bgp: T5943: BGP Peer-group members must be all internal or all external (backport #3238)
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/protocols_bgp.py | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 512fa26e9..2b16de775 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -285,6 +285,7 @@ def verify(bgp): elif tmp != 'default': raise ConfigError(f'{error_msg} "{tmp}"!') + peer_groups_context = dict() # Common verification for both peer-group and neighbor statements for neighbor in ['neighbor', 'peer_group']: # bail out early if there is no neighbor or peer-group statement @@ -301,6 +302,18 @@ def verify(bgp): raise ConfigError(f'Specified peer-group "{peer_group}" for '\ f'neighbor "{neighbor}" does not exist!') + if 'remote_as' in peer_config: + is_ibgp = True + if peer_config['remote_as'] != 'internal' and \ + peer_config['remote_as'] != bgp['system_as']: + is_ibgp = False + + if peer_group not in peer_groups_context: + peer_groups_context[peer_group] = is_ibgp + elif peer_groups_context[peer_group] != is_ibgp: + raise ConfigError(f'Peer-group members must be ' + f'all internal or all external') + if 'local_role' in peer_config: #Ensure Local Role has only one value. if len(peer_config['local_role']) > 1: |