1 files changed, 43 insertions, 4 deletions

diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 00015023c..d90dfe45b 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2020-2023 VyOS maintainers and contributors
+# Copyright (C) 2020-2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -30,6 +30,7 @@ from vyos.template import render_to_string
 from vyos.utils.dict import dict_search
 from vyos.utils.network import get_interface_vrf
 from vyos.utils.network import is_addr_assigned
+from vyos.utils.process import process_named_running
 from vyos import ConfigError
 from vyos import frr
 from vyos import airbag
@@ -49,8 +50,13 @@ def get_config(config=None):
 
     # eqivalent of the C foo ? 'a' : 'b' statement
     base = vrf and ['vrf', 'name', vrf, 'protocols', 'bgp'] or base_path
-    bgp = conf.get_config_dict(base, key_mangling=('-', '_'),
-                               get_first_key=True, no_tag_node_value_mangle=True)
+    bgp = conf.get_config_dict(
+        base,
+        key_mangling=('-', '_'),
+        get_first_key=True,
+        no_tag_node_value_mangle=True,
+        with_recursive_defaults=True,
+    )
 
     bgp['dependent_vrfs'] = conf.get_config_dict(['vrf', 'name'],
                                                  key_mangling=('-', '_'),
@@ -93,6 +99,7 @@ def get_config(config=None):
     tmp = conf.get_config_dict(['policy'])
     # Merge policy dict into "regular" config dict
     bgp = dict_merge(tmp, bgp)
+
     return bgp
 
 
@@ -199,6 +206,10 @@ def verify_remote_as(peer_config, bgp_config):
         if 'v6only' in peer_config['interface']:
             if 'remote_as' in peer_config['interface']['v6only']:
                 return peer_config['interface']['v6only']['remote_as']
+            if 'peer_group' in peer_config['interface']['v6only']:
+                peer_group_name = peer_config['interface']['v6only']['peer_group']
+                tmp = dict_search(f'peer_group.{peer_group_name}.remote_as', bgp_config)
+                if tmp: return tmp
 
     return None
 
@@ -209,9 +220,12 @@ def verify_afi(peer_config, bgp_config):
 
     # If address_family configured under peer-group
     # if neighbor interface configured
-    peer_group_name = ''
+    peer_group_name = None
     if dict_search('interface.peer_group', peer_config):
         peer_group_name = peer_config['interface']['peer_group']
+    elif dict_search('interface.v6only.peer_group', peer_config):
+        peer_group_name = peer_config['interface']['v6only']['peer_group']
+
     # if neighbor IP configured.
     if 'peer_group' in peer_config:
         peer_group_name = peer_config['peer_group']
@@ -246,6 +260,19 @@ def verify(bgp):
     if 'system_as' not in bgp:
         raise ConfigError('BGP system-as number must be defined!')
 
+    # Verify BMP
+    if 'bmp' in bgp:
+        # check bmp flag "bgpd -d -F traditional --daemon -A 127.0.0.1 -M rpki -M bmp"
+        if not process_named_running('bgpd', 'bmp'):
+            raise ConfigError(
+                f'"bmp" flag is not found in bgpd. Configure "set system frr bmp" and restart bgp process'
+            )
+        # check bmp target
+        if 'target' in bgp['bmp']:
+            for target, target_config in bgp['bmp']['target'].items():
+                if 'address' not in target_config:
+                    raise ConfigError(f'BMP target "{target}" address must be defined!')
+
     # Verify vrf on interface and bgp section
     if 'interface' in bgp:
         for interface in bgp['interface']:
@@ -482,6 +509,14 @@ def verify(bgp):
                     if verify_vrf_as_import(vrf_name, afi, bgp['dependent_vrfs']):
                         raise ConfigError(
                             'Command "import vrf" conflicts with "route-target vpn both" command!')
+                    if dict_search('route_target.vpn.export', afi_config):
+                        raise ConfigError(
+                            'Command "route-target vpn export" conflicts '\
+                            'with "route-target vpn both" command!')
+                    if dict_search('route_target.vpn.import', afi_config):
+                        raise ConfigError(
+                            'Command "route-target vpn import" conflicts '\
+                            'with "route-target vpn both" command!')
 
                 if dict_search('route_target.vpn.import', afi_config):
                     if verify_vrf_as_import(vrf_name, afi, bgp['dependent_vrfs']):
@@ -518,6 +553,10 @@ def verify(bgp):
                     tmp = dict_search(f'route_map.vpn.{export_import}', afi_config)
                     if tmp: verify_route_map(tmp, bgp)
 
+                # per-vrf sid and per-af sid are mutually exclusive
+                if 'sid' in afi_config and 'sid' in bgp:
+                    raise ConfigError('SID per VRF and SID per address-family are mutually exclusive!')
+
             # Checks only required for L2VPN EVPN
             if afi in ['l2vpn_evpn']:
                 if 'vni' in afi_config: