diff options
Diffstat (limited to 'src/conf_mode/protocols_bgp.py')
| -rwxr-xr-x | src/conf_mode/protocols_bgp.py | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 01f14df61..7d3687094 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -101,6 +101,17 @@ def verify_remote_as(peer_config, bgp_config): return None +def verify_afi(peer_config, bgp_config): + if 'address_family' in peer_config: + return True + + if 'peer_group' in peer_config: + peer_group_name = peer_config['peer_group'] + tmp = dict_search(f'peer_group.{peer_group_name}.address_family', bgp_config) + if tmp: return True + + return False + def verify(bgp): if not bgp or 'deleted' in bgp: if 'dependent_vrfs' in bgp: @@ -165,6 +176,9 @@ def verify(bgp): if not verify_remote_as(peer_config, bgp): raise ConfigError(f'Neighbor "{peer}" remote-as must be set!') + if not verify_afi(peer_config, bgp): + Warning(f'BGP neighbor "{peer}" requires address-family!') + # Peer-group member cannot override remote-as of peer-group if 'peer_group' in peer_config: peer_group = peer_config['peer_group'] @@ -199,8 +213,11 @@ def verify(bgp): if 'source_interface' in peer_config['interface']: raise ConfigError(f'"source-interface" option not allowed for neighbor "{peer}"') - if 'address_family' not in peer_config: - Warning(f'BGP neighbor "{peer}" requires address-family!') + # Local-AS allowed only for EBGP peers + if 'local_as' in peer_config: + remote_as = verify_remote_as(peer_config, bgp) + if remote_as == bgp['local_as']: + raise ConfigError(f'local-as configured for "{peer}", allowed only for eBGP peers!') for afi in ['ipv4_unicast', 'ipv4_multicast', 'ipv4_labeled_unicast', 'ipv4_flowspec', 'ipv6_unicast', 'ipv6_multicast', 'ipv6_labeled_unicast', 'ipv6_flowspec', |