diff options
| author | Daniil Baturin <daniil@baturin.org> | 2019-08-19 12:02:14 -0400 |
|---|---|---|
| committer | Daniil Baturin <daniil@baturin.org> | 2019-08-19 12:02:14 -0400 |
| commit | 39f3880b592e78a97a48f9280784664b32c51f9b (patch) | |
| tree | cf9b8434fe4f4058db5d31465d50b75860fe9677 | |
| parent | e93730641cbe4484568b0766330f7fc6c54478c6 (diff) | |
| parent | 464561c570804a5fe56ea8b9aae73b26bf1cc77f (diff) | |
| download | vyatta-cfg-quagga-39f3880b592e78a97a48f9280784664b32c51f9b.tar.gz vyatta-cfg-quagga-39f3880b592e78a97a48f9280784664b32c51f9b.zip | |
Merge branch 'current' into equuleus
9 files changed, 68 insertions, 5 deletions
diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index b39556af..9a816344 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -579,6 +579,10 @@ my %qcom = ( set => 'router bgp #3 ; neighbor #5 bfd', del => 'router bgp #3 ; no neighbor #5 bfd', }, + 'protocols bgp var neighbor var bfd check-control-plane-failure' => { + set => 'router bgp #3 ; neighbor #5 bfd check-control-plane-failure', + del => 'router bgp #3 ; no neighbor #5 bfd check-control-plane-failure', + }, 'protocols bgp var neighbor var password' => { set => 'router bgp #3 ; neighbor #5 password #7', del => 'router bgp #3 ; no neighbor #5 password', @@ -1160,7 +1164,7 @@ if ( ! -e "/usr/sbin/zebra" ) { my ( $pg, $as, $neighbor ); my ( $main, $peername, $isneighbor, $checkpeergroups, $checkpeergroups6, $checksource, - $isiBGPpeer, $wasiBGPpeer, $confedibgpasn, $listpeergroups, $checkremoteas); + $isiBGPpeer, $wasiBGPpeer, $confedibgpasn, $listpeergroups, $checkremoteas, $checkbfdpeer, $checkbfdgroup); GetOptions( "peergroup=s" => \$pg, @@ -1176,6 +1180,8 @@ GetOptions( "confed-iBGP-ASN-check=s" => \$confedibgpasn, "list-peer-groups" => \$listpeergroups, "check-remote-as=s" => \$checkremoteas, + "check-bfd-peer=s" => \$checkbfdpeer, + "check-peer-group-bfd=s" => \$checkbfdgroup, "main" => \$main, ); @@ -1190,6 +1196,8 @@ is_iBGP_peer($neighbor, $as) if ($isiBGPpeer); was_iBGP_peer($neighbor, $as) if ($wasiBGPpeer); list_peer_groups($as) if ($listpeergroups); check_remote_as($checkremoteas) if ($checkremoteas); +check_bfd_peer($checkbfdpeer) if ($checkbfdpeer); +check_bfd_group($checkbfdgroup, $as) if ($checkbfdgroup); exit 0; @@ -1707,6 +1715,44 @@ sub check_source { } } +# check if BFD peer exists for configured BGP peer +sub check_bfd_peer { + my $peer = shift; + my $config = new Vyatta::Config; + + # check for BFD peer configuration + my $bfd_exists = $config->exists("protocols bfd peer $peer"); + if (!$bfd_exists) { die "BFD peer need to be configured for using BFD protocol\n"; } +} + +# check if BFD peer exists for configured BGP peer-group +sub check_bfd_group { + my $group = shift; + my $as = shift; + my @group_neighbors = (); + my $config = new Vyatta::Config; + + # check if BFD enabled for peer-group and stop check if not + if (!$config->exists("protocols bgp $as peer-group $group bfd")) { + return 0; + } + + # get a list of all BGP neighbors in the defined group + my @all_neighbors = $config->listNodes("protocols bgp $as neighbor"); + foreach my $neighbor (@all_neighbors) { + if ($config->exists("protocols bgp $as neighbor $neighbor peer-group")) { + if ($config->returnValue("protocols bgp $as neighbor $neighbor peer-group") eq $group) { + push @group_neighbors, $neighbor; + } + } + } + + # check if BFD peer exist and raise error if not + foreach my $neighbor (@group_neighbors) { + if (!$config->exists("protocols bfd peer $neighbor")) { die "BFD peers need to be configured for all neighbors in peer-group $group before enabling for BGP\n"; } + } +} + sub main { # initialize the Quagga Config object with data from Vyatta config tree diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def index b733612e..84f13a6a 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def @@ -1,2 +1,5 @@ help: Neighbor as a IPv4-route reflector client -commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "remote-as must equal local-as" +commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \ + [ $VAR(../../../remote-as/@) != \"internal\" ] && \ + [ $VAR(../../../remote-as/@) != \"external\" ]; \ + then echo \"remote-as must equal local-as\"; exit 1; fi; " diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def index 5a9d78c3..c49ef8b9 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def @@ -1,2 +1,5 @@ help: Neighbor as a route reflector client -commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "protocols bgp $VAR(../../../../@) neighbor $VAR(../../../@) route-reflector-client: remote-as must equal local-as" +commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \ + [ $VAR(../../../remote-as/@) != \"internal\" ] && \ + [ $VAR(../../../remote-as/@) != \"external\" ]; \ + then echo \"protocols bgp $VAR(../../../../@) neighbor $VAR(../../../@) route-reflector-client: remote-as must equal local-as\"; exit 1; fi; " diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def new file mode 100644 index 00000000..fd4e1eef --- /dev/null +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def @@ -0,0 +1,2 @@ +help: Allow to write CBIT independence in BFD outgoing packets + and read both C-BIT value of BFD and lookup BGP peer status diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def index 284ce4d8..704ccb01 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def @@ -1 +1,2 @@ help: Enable Bidirectional Forwarding Detection (BFD) support +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-bfd-peer $VAR(../@)" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def index 5da142d6..b707f391 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def @@ -4,3 +4,4 @@ allowed: local -a params params=$( /opt/vyatta/sbin/vyatta-bgp.pl --list-peer-groups --as $VAR(../../@) ) echo -n ${params[@]##*/} commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"protocols bgp $VAR(../../@) peer-group $VAR(@)\" "; "protocols bgp $VAR(../../@) peer-group $VAR(@) doesn't exist" +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-peer-group-bfd $VAR(@) --as $VAR(../../@)" diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def index eff79b87..9c8cfe1d 100644 --- a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def +++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def @@ -1,2 +1,5 @@ help: Peer-group as a route reflector client -commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "remote-as must equal local-as" +commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \ + [ $VAR(../../../remote-as/@) != \"internal\" ] && \ + [ $VAR(../../../remote-as/@) != \"external\" ]; \ + then echo \"remote-as must equal local-as\"; exit 1; fi; " diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def index eff79b87..9c8cfe1d 100644 --- a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def +++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def @@ -1,2 +1,5 @@ help: Peer-group as a route reflector client -commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "remote-as must equal local-as" +commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \ + [ $VAR(../../../remote-as/@) != \"internal\" ] && \ + [ $VAR(../../../remote-as/@) != \"external\" ]; \ + then echo \"remote-as must equal local-as\"; exit 1; fi; " diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def index 284ce4d8..c76e88e4 100644 --- a/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def +++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def @@ -1 +1,2 @@ help: Enable Bidirectional Forwarding Detection (BFD) support +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-peer-group-bfd $VAR(../@) --as $VAR(../../@)" |