From a8ba925c1362ea0337e7e306e16a1413cc8c54c7 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Thu, 22 Jul 2010 17:17:20 -0700 Subject: 0.18.100+larkspur1 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index d696425c..c798d383 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur1) unstable; urgency=low + + * UNRELEASED + + -- An-Cheng Huang Thu, 22 Jul 2010 17:17:20 -0700 + vyatta-cfg-quagga (0.18.100) unstable; urgency=low * fix for bug 5893 -- cgit v1.2.3 From 5ae305002d35de573a34974104f13ebede556715 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 23 Jul 2010 13:07:44 -0700 Subject: fix for bug 5892 --- scripts/bgp/vyatta-bgp.pl | 83 +++++++++++++++++----- .../node.tag/neighbor/node.tag/local-as/node.def | 4 +- .../parameters/confederation/peers/node.def | 1 + 3 files changed, 67 insertions(+), 21 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 86ec1e14..d97a3e69 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1138,7 +1138,7 @@ my %qcom = ( ); my ( $pg, $as, $neighbor ); -my ( $main, $peername, $isneighbor, $checkpeergroups, $checksource, $checklocalas ); +my ( $main, $peername, $isneighbor, $checkpeergroups, $checksource, $isIBGPpeer, $checkforibgpasn); GetOptions( "peergroup=s" => \$pg, @@ -1148,16 +1148,19 @@ GetOptions( "check-neighbor-ip" => \$isneighbor, "check-peer-groups" => \$checkpeergroups, "check-source=s" => \$checksource, - "check-local-as" => \$checklocalas, + "is-iBGP" => \$isIBGPpeer, + "check-for-iBGP-ASN=s" => \$checkforibgpasn, "main" => \$main, ); -main() if ($main); -check_peergroup_name($peername) if ($peername); -check_neighbor_ip($neighbor) if ($isneighbor); -check_for_peer_groups( $pg, $as ) if ($checkpeergroups); -check_source($checksource) if ($checksource); -check_local_as($neighbor, $as) if ($checklocalas); +main() if ($main); +check_peergroup_name($peername) if ($peername); +check_neighbor_ip($neighbor) if ($isneighbor); +check_for_peer_groups( $pg, $as ) if ($checkpeergroups); +check_source($checksource) if ($checksource); +check_for_iBGP_ASN($as, $checkforibgpasn) if ($checkforibgpasn); +is_IBGP_peer($neighbor, $as) if ($isIBGPpeer); + exit 0; @@ -1293,23 +1296,67 @@ sub check_remote_as { } -# Verify that is local-as is used, the peer isn't in a confedration -sub check_local_as { +# check to see if this ASN will make a peer an iBGP peer +sub check_for_iBGP_ASN { + my ($as, $testas) = @_; + if ("$as" eq "$testas") { exit 1 ; } + + my $config = new Vyatta::Config; + $config->setLevel("protocols bgp $as"); + + my @neighbors = $config->listNodes('neighbor'); + foreach $neighbor (@neighbors) { + my $remoteas = $config->returnValue("neighbor $neighbor remote-as"); + if ("$testas" eq "$remoteas") { + exit 1; + } + } + + return; +} + +# is this peer an iBGP peer? +sub is_IBGP_peer { my ($neighbor, $as) = @_; my $config = new Vyatta::Config; + my @ibgp_as; + my $neighbor_as; $config->setLevel("protocols bgp $as"); + + # find my local ASN for this neighbor + # it's either explicitly defined or in the peer-group + if ($config->exists("neighbor $neighbor remote-as")) { + $neighbor_as = $config->returnValue("neighbor $neighbor remote-as"); + } + elsif ($config->exists("neighbor $neighbor peer-group")) { + my $peergroup = $config->returnValue("neighbor $neighbor peer-group"); + if ($config->exists("peer-group $peergroup remote-as")) { + my $peergroup = $config->returnValue("neighbor $neighbor peer-group"); + $neighbor_as = $config->returnValue("peer-group $peergroup remote-as"); + } + } + else { + print "Unable to determine primary ASN for neighbor $neighbor\n"; + exit 1; + } + + # now find my possible local ASNs. Confederation ASNs are first. if ($config->exists('parameters confederation peers')) { - my @peers = $config->returnValues('parameters confederation peers'); - my $remoteas = $config->returnValue("neighbor $neighbor remote-as"); - foreach my $peeras (@peers) { - if ("$peeras" eq "$remoteas") { - print "local-as can't be set for neighbors in a peer group\n"; - return 1; - } + @ibgp_as = $config->returnValues('parameters confederation peers'); + } + + # push router local ASN on the stack + push @ibgp_as, $as; + + # and compare neighbor local as to possible local ASNs + foreach my $localas (@ibgp_as) { + if ("$localas" eq "$neighbor_as") { + exit 1; } } - return 0; + + return; } # check that value is either an IPV4 address on system or an interface diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def index a60b9bb1..42fd3cec 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def @@ -4,6 +4,4 @@ help: Local AS number [REQUIRED] val_help: u32:1-4294967294; Local AS number syntax:expression: $VAR(@) >=1 && $VAR(@) <= 4294967294; "local-as must be between 1 and 4294967294" commit:expression: $VAR(@) != $VAR(../../@); "you can't set local-as the same as the router AS" -commit:expression: $VAR(../remote-as/@) != $VAR(../../@); "local-as can't be set on iBGP peers" -commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-local-as --neighbor $VAR(../@) --as $VAR(../../@)" - +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --is-iBGP --neighbor $VAR(../@) --as $VAR(../../@)"; "local-as can't be set on iBGP peers" diff --git a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def index 71c6b0a8..a5d5b671 100644 --- a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def +++ b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def @@ -3,3 +3,4 @@ type: u32 help: Peer ASs in the BGP confederation val_help: u32:1-4294967294; Peer AS number numbers (ex: "435 234") syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294; "confederation AS id must be between 1 and 4294967294" +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-for-iBGP-ASN $VAR(@) --as $VAR(../../../@)"; "can't set confederation ASN to $VAR(@). Delete neighbors with remote-as $VAR(@) first." -- cgit v1.2.3 From 25b624f8bb553b1524f0e303db5c7b19072e45d5 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 23 Jul 2010 13:08:16 -0700 Subject: 0.18.100+larkspur2 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index c798d383..caf42715 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur2) unstable; urgency=low + + * fix for bug 5892 + + -- Robert Bays Fri, 23 Jul 2010 13:08:15 -0700 + vyatta-cfg-quagga (0.18.100+larkspur1) unstable; urgency=low * UNRELEASED -- cgit v1.2.3 From 0773ce1032d07f7f74e2b41c0f160570a8ed66a1 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 15:40:27 -0700 Subject: fix for bug 5925 --- scripts/bgp/vyatta-bgp.pl | 3 ++- .../protocols/bgp/node.tag/parameters/confederation/peers/node.def | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index d97a3e69..a91d16e5 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1304,7 +1304,8 @@ sub check_for_iBGP_ASN { my $config = new Vyatta::Config; $config->setLevel("protocols bgp $as"); - my @neighbors = $config->listNodes('neighbor'); + #my @neighbors = $config->listNodes('neighbor'); + my @neighbors = $config->listOrigNodes('neighbor'); foreach $neighbor (@neighbors) { my $remoteas = $config->returnValue("neighbor $neighbor remote-as"); if ("$testas" eq "$remoteas") { diff --git a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def index a5d5b671..52823424 100644 --- a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def +++ b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def @@ -3,4 +3,4 @@ type: u32 help: Peer ASs in the BGP confederation val_help: u32:1-4294967294; Peer AS number numbers (ex: "435 234") syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294; "confederation AS id must be between 1 and 4294967294" -commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-for-iBGP-ASN $VAR(@) --as $VAR(../../../@)"; "can't set confederation ASN to $VAR(@). Delete neighbors with remote-as $VAR(@) first." +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-for-iBGP-ASN $VAR(@) --as $VAR(../../../@)"; "Can't set confederation peers ASN to $VAR(@). Delete any neighbors with remote-as $VAR(@) and/or change the local ASN first." -- cgit v1.2.3 From 3966df08824342315b4e31e3a60224bd6100ece7 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 15:50:08 -0700 Subject: fix for bug 5937 --- .../node.tag/address-family/ipv6-unicast/attribute-unchanged/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/attribute-unchanged/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/attribute-unchanged/node.def index fa360913..2678e539 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/attribute-unchanged/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/attribute-unchanged/node.def @@ -1,2 +1,2 @@ help: Send BGP attributes unchanged -commit:expression: $VAR(../../../../peer-group/) == ""; "you can't set attribute-unchanged for a neighbor in a peer-group" +commit:expression: $VAR(../../../peer-group/) == ""; "you can't set attribute-unchanged for a neighbor in a peer-group" -- cgit v1.2.3 From 9286a829aa9cb61ad4ffb7b726e16e069e98e931 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 15:53:44 -0700 Subject: 0.18.100+larkspur3 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index caf42715..a9683114 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg-quagga (0.18.100+larkspur3) unstable; urgency=low + + * fix for bug 5925 + * fix for bug 5937 + + -- Robert Bays Fri, 06 Aug 2010 15:53:44 -0700 + vyatta-cfg-quagga (0.18.100+larkspur2) unstable; urgency=low * fix for bug 5892 -- cgit v1.2.3 From 5023738b93a104ef33c502c78e2c21b4e61a0e90 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 16:43:16 -0700 Subject: larkspur specific fix for 5971 --- .../bgp/node.tag/peer-group/node.tag/.timers/holdtime/node.def | 7 +++++++ .../bgp/node.tag/peer-group/node.tag/.timers/keepalive/node.def | 5 +++++ .../protocols/bgp/node.tag/peer-group/node.tag/.timers/node.def | 5 +++++ .../bgp/node.tag/peer-group/node.tag/timers/holdtime/node.def | 7 ------- .../bgp/node.tag/peer-group/node.tag/timers/keepalive/node.def | 5 ----- .../protocols/bgp/node.tag/peer-group/node.tag/timers/node.def | 5 ----- 6 files changed, 17 insertions(+), 17 deletions(-) create mode 100644 templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/holdtime/node.def create mode 100644 templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/keepalive/node.def create mode 100644 templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/node.def delete mode 100644 templates/protocols/bgp/node.tag/peer-group/node.tag/timers/holdtime/node.def delete mode 100644 templates/protocols/bgp/node.tag/peer-group/node.tag/timers/keepalive/node.def delete mode 100644 templates/protocols/bgp/node.tag/peer-group/node.tag/timers/node.def diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/holdtime/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/holdtime/node.def new file mode 100644 index 00000000..d97fd47a --- /dev/null +++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/holdtime/node.def @@ -0,0 +1,7 @@ +type: u32 +default: 180 +help: BGP hold timer for this peer-group +val_help: u32:1-65535; Hold timer in seconds +val_help: 0; Disable hold timer + +syntax:expression: $VAR(@) == 0 || ($VAR(@) >= 4 && $VAR(@) <= 65535); "Holdtime interval must be 0 or between 4 and 65535" diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/keepalive/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/keepalive/node.def new file mode 100644 index 00000000..5562c9f8 --- /dev/null +++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/keepalive/node.def @@ -0,0 +1,5 @@ +type: u32 +default: 60 +help: BGP keepalive interval for this peer-group +val_help: u32:1-65535; Keepalive interval in seconds +syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Keepalive interval must be between 1 and 65535" diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/node.def new file mode 100644 index 00000000..362c7f15 --- /dev/null +++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/.timers/node.def @@ -0,0 +1,5 @@ +help: Peer-group timers +# TODO: fix this. Can set connect &&|| (keepalive && holdtime) +commit:expression: $VAR(./keepalive/) != ""; "you must set a keepalive interval" +commit:expression: $VAR(./holdtime/) != ""; "you must set a holdtime interval" + diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/holdtime/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/holdtime/node.def deleted file mode 100644 index d97fd47a..00000000 --- a/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/holdtime/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -default: 180 -help: BGP hold timer for this peer-group -val_help: u32:1-65535; Hold timer in seconds -val_help: 0; Disable hold timer - -syntax:expression: $VAR(@) == 0 || ($VAR(@) >= 4 && $VAR(@) <= 65535); "Holdtime interval must be 0 or between 4 and 65535" diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/keepalive/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/keepalive/node.def deleted file mode 100644 index 5562c9f8..00000000 --- a/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/keepalive/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: u32 -default: 60 -help: BGP keepalive interval for this peer-group -val_help: u32:1-65535; Keepalive interval in seconds -syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "Keepalive interval must be between 1 and 65535" diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/node.def deleted file mode 100644 index 362c7f15..00000000 --- a/templates/protocols/bgp/node.tag/peer-group/node.tag/timers/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Peer-group timers -# TODO: fix this. Can set connect &&|| (keepalive && holdtime) -commit:expression: $VAR(./keepalive/) != ""; "you must set a keepalive interval" -commit:expression: $VAR(./holdtime/) != ""; "you must set a holdtime interval" - -- cgit v1.2.3 From 41a8dcfe2d3086319c3f717eeff5b9fe467e25d6 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 16:43:27 -0700 Subject: 0.18.100+larkspur4 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index a9683114..d47ff8ba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur4) unstable; urgency=low + + * larkspur specific fix for 5971 + + -- Robert Bays Fri, 06 Aug 2010 16:43:26 -0700 + vyatta-cfg-quagga (0.18.100+larkspur3) unstable; urgency=low * fix for bug 5925 -- cgit v1.2.3 From 7e526aa0bfdcafa1d2ae878d680fe568220ecc52 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 16:55:45 -0700 Subject: fix for bug 5973 --- scripts/bgp/vyatta-bgp.pl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index a91d16e5..bf289511 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -118,18 +118,18 @@ my %qcom = ( noerr => 'set', }, 'protocols bgp var address-family ipv6-unicast redistribute ospfv3' => { - set => 'router bgp #3 ; address-family ipv6 ; redistribute ospfv3', - del => 'router bgp #3 ; address-family ipv6 ; no redistribute ospfv3', + set => 'router bgp #3 ; address-family ipv6 ; redistribute ospf6', + del => 'router bgp #3 ; address-family ipv6 ; no redistribute ospf6', noerr => 'set', }, 'protocols bgp var address-family ipv6-unicast redistribute ospfv3 metric' => { - set => 'router bgp #3 ; address-family ipv6 ; redistribute ospfv3 metric #9', - del => 'router bgp #3 ; address-family ipv6 ; no redistribute ospfv3 metric #9', + set => 'router bgp #3 ; address-family ipv6 ; redistribute ospf6 metric #9', + del => 'router bgp #3 ; address-family ipv6 ; no redistribute ospf6 metric #9', noerr => 'set', }, 'protocols bgp var address-family ipv6-unicast redistribute ospfv3 route-map' => { - set => 'router bgp #3 ; address-family ipv6 ; redistribute ospfv3 route-map #9', - del => 'router bgp #3 ; address-family ipv6 ; no redistribute ospfv3 route-map #9', + set => 'router bgp #3 ; address-family ipv6 ; redistribute ospf6 route-map #9', + del => 'router bgp #3 ; address-family ipv6 ; no redistribute ospf6 route-map #9', noerr => 'set', }, 'protocols bgp var address-family ipv6-unicast redistribute ripng' => { -- cgit v1.2.3 From f601e02da4b71c1779046db24ed8b31ff733a519 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 6 Aug 2010 16:56:22 -0700 Subject: 0.18.100+larkspur5 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index d47ff8ba..9a602e0c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur5) unstable; urgency=low + + * fix for bug 5973 + + -- Robert Bays Fri, 06 Aug 2010 16:56:21 -0700 + vyatta-cfg-quagga (0.18.100+larkspur4) unstable; urgency=low * larkspur specific fix for 5971 -- cgit v1.2.3 From 57a3d8e42d6ead50cecac01e4f384ec3c84d95b9 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 10 Aug 2010 11:12:40 -0700 Subject: rename function to be more descriptive of the actual use --- scripts/bgp/vyatta-bgp.pl | 11 ++++++----- .../bgp/node.tag/parameters/confederation/peers/node.def | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index bf289511..7e276231 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1138,7 +1138,7 @@ my %qcom = ( ); my ( $pg, $as, $neighbor ); -my ( $main, $peername, $isneighbor, $checkpeergroups, $checksource, $isIBGPpeer, $checkforibgpasn); +my ( $main, $peername, $isneighbor, $checkpeergroups, $checksource, $isIBGPpeer, $confedibgpasn); GetOptions( "peergroup=s" => \$pg, @@ -1149,7 +1149,7 @@ GetOptions( "check-peer-groups" => \$checkpeergroups, "check-source=s" => \$checksource, "is-iBGP" => \$isIBGPpeer, - "check-for-iBGP-ASN=s" => \$checkforibgpasn, + "confed-iBGP-ASN-check=s" => \$confedibgpasn, "main" => \$main, ); @@ -1158,7 +1158,7 @@ check_peergroup_name($peername) if ($peername); check_neighbor_ip($neighbor) if ($isneighbor); check_for_peer_groups( $pg, $as ) if ($checkpeergroups); check_source($checksource) if ($checksource); -check_for_iBGP_ASN($as, $checkforibgpasn) if ($checkforibgpasn); +confed_iBGP_ASN($as, $confedibgpasn) if ($confedibgpasn); is_IBGP_peer($neighbor, $as) if ($isIBGPpeer); @@ -1296,8 +1296,9 @@ sub check_remote_as { } -# check to see if this ASN will make a peer an iBGP peer -sub check_for_iBGP_ASN { +# check to see if adding this ASN to confederations +# will make a peer an iBGP peer +sub confed_iBGP_ASN { my ($as, $testas) = @_; if ("$as" eq "$testas") { exit 1 ; } diff --git a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def index 52823424..e806b5d7 100644 --- a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def +++ b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def @@ -3,4 +3,4 @@ type: u32 help: Peer ASs in the BGP confederation val_help: u32:1-4294967294; Peer AS number numbers (ex: "435 234") syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294; "confederation AS id must be between 1 and 4294967294" -commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-for-iBGP-ASN $VAR(@) --as $VAR(../../../@)"; "Can't set confederation peers ASN to $VAR(@). Delete any neighbors with remote-as $VAR(@) and/or change the local ASN first." +commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --confed-iBGP-ASN-check $VAR(@) --as $VAR(../../../@)"; "Can't set confederation peers ASN to $VAR(@). Delete any neighbors with remote-as $VAR(@) and/or change the local ASN first." -- cgit v1.2.3 From b3f09c88499ccabe79085b0c3621c830ee5be3ae Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 10 Aug 2010 15:49:57 -0700 Subject: fix for bug 5939 --- scripts/bgp/vyatta-bgp.pl | 187 ++++++++++++++++++++++++++++++++-------------- 1 file changed, 132 insertions(+), 55 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 7e276231..9cbde833 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1030,7 +1030,7 @@ my %qcom = ( }, 'protocols bgp var peer-group var timers' => { set => 'router bgp #3 ; neighbor #5 timers @keepalive @holdtime', - del => 'router bgp #3 ; no neighbor #5', + del => 'router bgp #3 ; no neighbor #5 timers', }, 'protocols bgp var peer-group var timers connect' => { set => 'router bgp #3 ; neighbor #5 timers connect #8', @@ -1138,7 +1138,7 @@ my %qcom = ( ); my ( $pg, $as, $neighbor ); -my ( $main, $peername, $isneighbor, $checkpeergroups, $checksource, $isIBGPpeer, $confedibgpasn); +my ( $main, $peername, $isneighbor, $checkpeergroups, $checksource, $isiBGPpeer, $wasiBGPpeer, $confedibgpasn); GetOptions( "peergroup=s" => \$pg, @@ -1148,7 +1148,8 @@ GetOptions( "check-neighbor-ip" => \$isneighbor, "check-peer-groups" => \$checkpeergroups, "check-source=s" => \$checksource, - "is-iBGP" => \$isIBGPpeer, + "is-iBGP" => \$isiBGPpeer, + "was-iBGP" => \$wasiBGPpeer, "confed-iBGP-ASN-check=s" => \$confedibgpasn, "main" => \$main, ); @@ -1159,7 +1160,8 @@ check_neighbor_ip($neighbor) if ($isneighbor); check_for_peer_groups( $pg, $as ) if ($checkpeergroups); check_source($checksource) if ($checksource); confed_iBGP_ASN($as, $confedibgpasn) if ($confedibgpasn); -is_IBGP_peer($neighbor, $as) if ($isIBGPpeer); +is_iBGP_peer($neighbor, $as) if ($isiBGPpeer); +was_iBGP_peer($neighbor, $as) if ($wasiBGPpeer); exit 0; @@ -1219,46 +1221,56 @@ sub check_for_peer_groups { } } -# check that changed neighbors have a remote-as or peer-group defined -sub check_remote_as { +# function to verify changing remote-as from/to i/eBGP +# there are two types of parameter checks we need to do. The first should happen +# when the affected parameter is created/changed. Those checks should happen in +# the syntax and commit statements in the node.defs for those specific params since +# they can be updated individually. The params should be checked again if the remote-as +# changes. +# This funtion handles changes in the remote-as and/or peer-group +sub bgp_type_change { + my ($neighbor, $as, $ntype) =@_; my $config = new Vyatta::Config; $config->setLevel('protocols bgp'); - my @asns = $config->listNodes(); - foreach my $as (@asns) { - # check remote-as if neighbors have been changed - my @neighbors = $config->listNodes("$as neighbor"); - foreach my $neighbor (@neighbors) { - next unless $config->isChanged("$as neighbor $neighbor"); + if ( ("$ntype" ne "neighbor") && ("$ntype" ne "peer-group") ) { + return -1; + } - my $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); - my ($peergroup, $peergroupas); - if ($config->exists("$as neighbor $neighbor peer-group")) { - $peergroup = $config->returnValue("$as neighbor $neighbor peer-group"); - if ($config->exists("$as peer-group $peergroup remote-as")) { - $peergroupas = $config->returnValue("$as peer-group $peergroup remote-as"); - } - } + # check if changing from iBGP to eBGP + if ( (iBGP_peer(1, $neighbor, $as, $ntype)) && (! iBGP_peer(0, $neighbor, $as, $ntype)) ) { + if ($config->exists("$as $ntype $neighbor route-reflector-client")) { + return "can not set route-reflector-client and an eBGP remote-as at the same time\n"; + } + } - if ($remoteas) { - if ($peergroupas) { - die "protocols bgp $as neighbor $neighbor: remote-as should not be defined in both neighbor and peer-group\n" - } - return; - } + # check if changing from eBGP to iBGP + if ( (! iBGP_peer(1, $neighbor, $as, $ntype)) && (iBGP_peer(0, $neighbor, $as, $ntype)) ) { + if ($config->exists("$as $ntype $neighbor ebgp-multihop")) { + return "can not set ebgp-multihop and an iBGP remote-as at the same time\n"; + } + if ($config->exists("$as $ntype $neighbor ttl-security")) { + return "can not set ttl-security and an iBGP remote-as at the same time\n"; + } + if ($config->exists("$as $ntype $neighbor local-as")) { + return "can not set local-as and an iBGP remote-as at the same time\n"; + } + } +} - die "protocols bgp $as neighbor $neighbor: must define a remote-as or peer-group\n" - unless $peergroup; - - die "protocols bgp $as neighbor $neighbor: must define a remote-as in neighbor or peer-group $peergroup\n" - unless $peergroupas; +# check that changed neighbors have a remote-as or peer-group defined +# and that all permutations of parameters and BGP type are correct +sub check_remote_as { + my $config = new Vyatta::Config; + $config->setLevel('protocols bgp'); - } - + my @asns = $config->listNodes(); + foreach my $as (@asns) { # check remote-as if peer-groups have been changed my @peergroups = $config->listNodes("$as peer-group"); foreach my $peergroup (@peergroups) { - next unless $config->isChanged("$as peer-group $peergroup"); + next unless ( $config->isChanged("$as peer-group $peergroup remote-as") || + $config->isDeleted("$as peer-group $peergroup remote-as") ); # if we delete the remote-as in the pg, make sure all neighbors have a remote-as defined if ($config->isDeleted("$as peer-group $peergroup remote-as")) { @@ -1268,14 +1280,19 @@ sub check_remote_as { if ( (defined $pgmembership) && ("$pgmembership" eq "$peergroup") ) { my $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); if (! defined $remoteas) { - die "protocols bgp $as peer-group $neighbor: can't delete the remote-as in peer-group without setting remote-as in members\n" + die "[protocols bgp $as peer-group $neighbor]\n can't delete the remote-as in peer-group without setting remote-as in member neighbors\n" } } } } - # remote-as can not be defined in both pg and neighbor at the same time + # if remote-as has changed, check that the change is valid if ($config->isChanged("$as peer-group $peergroup remote-as")) { + # check asn type change + my $error = bgp_type_change($peergroup, $as, "peer-group"); + if ($error) { die "[protocols bgp $as peer-group $peergroup]\n $error\n"; } + + # remote-as can not be defined in both pg and neighbor at the same time my $pgremoteas = $config->returnValue("$as peer-group $peergroup remote-as"); my @neighbors = $config->listNodes("$as neighbor"); foreach my $neighbor (@neighbors) { @@ -1283,17 +1300,51 @@ sub check_remote_as { if ( (defined $pgmembership) && ("$pgmembership" eq "$peergroup") ) { my $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); if (defined $remoteas && defined $pgremoteas) { - die "protocols bgp $as peer-group $neighbor: must not define remote-as in both neighbor and peer-group\n" + die "[protocols bgp $as peer-group $neighbor]\n must not define remote-as in both neighbor and peer-group\n" } } } + } - } + } ## end foreach my $peergroup (@peergroups) - } # end foreach my $peergroup + # check neighbor if remote-as or peer-group has been changed + my @neighbors = $config->listNodes("$as neighbor"); + foreach my $neighbor (@neighbors) { + next unless ( $config->isChanged("$as neighbor $neighbor remote-as") || + $config->isDeleted("$as neighbor $neighbor remote-as") || + $config->isChanged("$as neighbor $neighbor peer-group") || + $config->isDeleted("$as neighbor $neighbor peer-group") ); - } + # First check that we have a remote-as defined in the neighbor or that + # the neighbor is a member of a peer-group that has a remote-as defined + my ($remoteas, $peergroup, $peergroupas); + $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); + if ($config->exists("$as neighbor $neighbor peer-group")) { + $peergroup = $config->returnValue("$as neighbor $neighbor peer-group"); + if ($config->exists("$as peer-group $peergroup remote-as")) { + $peergroupas = $config->returnValue("$as peer-group $peergroup remote-as"); + } + } + + die "[protocols bgp $as neighbor $neighbor]\n must define a remote-as or peer-group\n" + unless ($peergroup || $remoteas); + + if ($peergroup) { + die "[protocols bgp $as neighbor $neighbor]\n remote-as should not be defined in both neighbor and peer-group\n" + if ($remoteas && $peergroupas); + + die "[protocols bgp $as neighbor $neighbor]\n must define a remote-as in neighbor or peer-group $peergroup\n" + unless ($peergroupas); + } + + # now check if changing remote-as type from/to i/eBGP + my $error = bgp_type_change($neighbor, $as, "neighbor"); + if ($error) { die "[protocols bgp $as neighbor $neighbor]\n $error\n"; } + } ## end foreach my $neighbor (@neighbors) + + } ## end foreach my $as (@asns) } # check to see if adding this ASN to confederations @@ -1317,35 +1368,60 @@ sub confed_iBGP_ASN { return; } -# is this peer an iBGP peer? -sub is_IBGP_peer { +sub is_iBGP_peer { + my ($neighbor, $as) = @_; + + my $return = iBGP_peer(0, $neighbor, $as, "neighbor"); + if ($return > 0) { exit 1; } + elsif ($return < 0) { print "Unable to determine original ASN for neighbhor $neighbor\n"; } + exit 0; +} + +sub was_iBGP_peer { my ($neighbor, $as) = @_; + + if (iBGP_peer(1, $neighbor, $as, "neighbor") >= 1) { exit 1; } + exit 0; +} + +# is this peer an iBGP peer? +sub iBGP_peer { + my ($orig, $neighbor, $as, $ntype) = @_; my $config = new Vyatta::Config; my @ibgp_as; my $neighbor_as; $config->setLevel("protocols bgp $as"); + my $exists = sub { $config->exists(@_) }; + my $returnValue = sub { $config->returnValue(@_) }; + my $returnValues = sub { $config->returnValues(@_) }; + + if ($orig) { + $exists = sub { $config->existsOrig(@_) }; + $returnValue = sub { $config->returnOrigValue(@_) }; + $returnValues = sub { $config->returnOrigValues(@_) }; + } + # find my local ASN for this neighbor # it's either explicitly defined or in the peer-group - if ($config->exists("neighbor $neighbor remote-as")) { - $neighbor_as = $config->returnValue("neighbor $neighbor remote-as"); + if ($exists->("$ntype $neighbor remote-as")) { + $neighbor_as = $returnValue->("$ntype $neighbor remote-as"); } - elsif ($config->exists("neighbor $neighbor peer-group")) { - my $peergroup = $config->returnValue("neighbor $neighbor peer-group"); - if ($config->exists("peer-group $peergroup remote-as")) { - my $peergroup = $config->returnValue("neighbor $neighbor peer-group"); - $neighbor_as = $config->returnValue("peer-group $peergroup remote-as"); + elsif ( ("$ntype" eq "neighbor") && ($exists->("neighbor $neighbor peer-group")) ) { + my $peergroup = $returnValue->("neighbor $neighbor peer-group"); + if ($exists->("peer-group $peergroup remote-as")) { + my $peergroup = $returnValue->("neighbor $neighbor peer-group"); + $neighbor_as = $returnValue->("peer-group $peergroup remote-as"); } } else { - print "Unable to determine primary ASN for neighbor $neighbor\n"; - exit 1; + return -1; } # now find my possible local ASNs. Confederation ASNs are first. - if ($config->exists('parameters confederation peers')) { - @ibgp_as = $config->returnValues('parameters confederation peers'); + if ($exists->('parameters confederation peers')) { + @ibgp_as = $returnValues->('parameters confederation peers'); } # push router local ASN on the stack @@ -1354,11 +1430,11 @@ sub is_IBGP_peer { # and compare neighbor local as to possible local ASNs foreach my $localas (@ibgp_as) { if ("$localas" eq "$neighbor_as") { - exit 1; + return 1; } } - return; + return 0; } # check that value is either an IPV4 address on system or an interface @@ -1385,6 +1461,7 @@ sub main { #$qconfig->_reInitialize(); # check that all changed neighbors have a proper remote-as or peer-group defined + # and that migrations to/from iBGP eBGP are valid check_remote_as(); # deletes with priority -- cgit v1.2.3 From 6698df8345b411b8e33265bc82cfeb08a5c59bef Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 10 Aug 2010 15:55:23 -0700 Subject: 0.18.100+larkspur6 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 9a602e0c..fcd6ee71 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg-quagga (0.18.100+larkspur6) unstable; urgency=low + + * rename function to be more descriptive of the actual use + * fix for bug 5939 + + -- Robert Bays Tue, 10 Aug 2010 15:55:22 -0700 + vyatta-cfg-quagga (0.18.100+larkspur5) unstable; urgency=low * fix for bug 5973 -- cgit v1.2.3 From bd7d722092948eaf9609b79b822a032604d2dd55 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 10 Aug 2010 16:40:37 -0700 Subject: fix for bug 6021 --- scripts/bgp/vyatta-bgp.pl | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 9cbde833..3bfb4cc0 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1316,6 +1316,13 @@ sub check_remote_as { $config->isChanged("$as neighbor $neighbor peer-group") || $config->isDeleted("$as neighbor $neighbor peer-group") ); + if ($config->isDeleted("$as neighbor $neighbor remote-as")) { + my @neighbor_params = undef; + @neighbor_params = $config->listNodes("$as neighbor $neighbor"); + die "[protocols bgp $as neighbor $neighbor]\n must delete the neighbor first if changing the remote-as\n" + if (@neighbor_params); + } + # First check that we have a remote-as defined in the neighbor or that # the neighbor is a member of a peer-group that has a remote-as defined my ($remoteas, $peergroup, $peergroupas); @@ -1330,13 +1337,11 @@ sub check_remote_as { die "[protocols bgp $as neighbor $neighbor]\n must define a remote-as or peer-group\n" unless ($peergroup || $remoteas); - if ($peergroup) { - die "[protocols bgp $as neighbor $neighbor]\n remote-as should not be defined in both neighbor and peer-group\n" - if ($remoteas && $peergroupas); - - die "[protocols bgp $as neighbor $neighbor]\n must define a remote-as in neighbor or peer-group $peergroup\n" - unless ($peergroupas); - } + die "[protocols bgp $as neighbor $neighbor]\n remote-as should not be defined in both neighbor and peer-group\n" + if ($remoteas && $peergroupas); + + die "[protocols bgp $as neighbor $neighbor]\n must define a remote-as in neighbor or peer-group $peergroup\n" + if ( (! $remoteas) && (! $peergroupas) ); # now check if changing remote-as type from/to i/eBGP my $error = bgp_type_change($neighbor, $as, "neighbor"); -- cgit v1.2.3 From 21858a3f00d9fcbdd4d6f627f28bb139c76ab82f Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 10 Aug 2010 17:46:01 -0700 Subject: fix for bug 4393 --- .../bgp/node.tag/neighbor/node.tag/distribute-list/export/node.def | 1 + .../bgp/node.tag/neighbor/node.tag/distribute-list/import/node.def | 1 + .../bgp/node.tag/neighbor/node.tag/prefix-list/export/node.def | 1 + .../bgp/node.tag/neighbor/node.tag/prefix-list/import/node.def | 2 +- 4 files changed, 4 insertions(+), 1 deletion(-) diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/export/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/export/node.def index 6e1360a5..d2c3a492 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/export/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/export/node.def @@ -8,3 +8,4 @@ allowed: local -a params echo -n ${params[@]##*/} commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) doesn't exist" commit:expression: $VAR(../../prefix-list/export/) == ""; "you can't set both a prefix-list and a distribute list" +commit:expression: $VAR(../../peer-group/) == ""; "distribute-lists can't be set for members of a peer-group" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/import/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/import/node.def index 05c38e66..41faaf35 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/import/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/import/node.def @@ -8,3 +8,4 @@ allowed: local -a params echo -n ${params[@]##*/} commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) doesn't exist" commit:expression: $VAR(../../prefix-list/import/) == ""; "you can't set both a prefix-list and a distribute list" +commit:expression: $VAR(../../peer-group/) == ""; "distribute-lists can't be set for members of a peer-group" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/export/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/export/node.def index 8e84af9d..cd084876 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/export/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/export/node.def @@ -4,4 +4,5 @@ allowed: local -a params params=$( /opt/vyatta/sbin/vyatta-policy.pl --list-policy prefix-list ) echo -n ${params[@]##*/} commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) doesn't exist" +commit:expression: $VAR(../../peer-group/) == ""; "prefix-lists can't be set for members of a peer-group" commit:expression: $VAR(../../distribute-list/export/) == ""; "you can't set both a prefix-list and a distribute list" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/import/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/import/node.def index baa56b2e..5fc93a3a 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/import/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/import/node.def @@ -4,5 +4,5 @@ allowed: local -a params params=$( /opt/vyatta/sbin/vyatta-policy.pl --list-policy prefix-list ) echo -n ${params[@]##*/} commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) doesn't exist" +commit:expression: $VAR(../../peer-group/) == ""; "prefix-lists can't be set for members of a peer-group" commit:expression: $VAR(../../distribute-list/import/) == ""; "you can't set both a prefix-list and a distribute list" - -- cgit v1.2.3 From 2630c9e4380121e166f0a3d8ffb4d7609c0eb982 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 10 Aug 2010 17:47:04 -0700 Subject: 0.18.100+larkspur7 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index fcd6ee71..a991f93e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg-quagga (0.18.100+larkspur7) unstable; urgency=low + + * fix for bug 6021 + * fix for bug 4393 + + -- Robert Bays Tue, 10 Aug 2010 17:47:04 -0700 + vyatta-cfg-quagga (0.18.100+larkspur6) unstable; urgency=low * rename function to be more descriptive of the actual use -- cgit v1.2.3 From 1f3b94d092ebdb9d682b66911738b6ce506f7b04 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 12 Aug 2010 08:45:50 -0400 Subject: Add missing step for peer group ttl-security Bug 5809 --- scripts/bgp/vyatta-bgp.pl | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 3bfb4cc0..a26501e0 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1036,6 +1036,10 @@ my %qcom = ( set => 'router bgp #3 ; neighbor #5 timers connect #8', del => 'router bgp #3 ; no neighbor #5 timers connect #8', }, + 'protocols bgp var peer-group var ttl-security' => { + set => undef, + del => undef, + }, 'protocols bgp var peer-group var ttl-security hops' => { set => 'router bgp #3 ; neighbor #5 ttl-security hops #8', del => 'router bgp #3 ; no neighbor #5 ttl-security hops #8', -- cgit v1.2.3 From f39572bdcd0917d340faa7bd5a2224854f0a5e8a Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 12 Aug 2010 05:51:29 -0700 Subject: 0.18.100+larkspur8 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index a991f93e..55755311 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur8) unstable; urgency=low + + * Add missing step for peer group ttl-security + + -- Stephen Hemminger Thu, 12 Aug 2010 05:51:29 -0700 + vyatta-cfg-quagga (0.18.100+larkspur7) unstable; urgency=low * fix for bug 6021 -- cgit v1.2.3 From 8e5c84d12fd839a97e92bf0fe476780613149af8 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Thu, 12 Aug 2010 10:47:48 -0700 Subject: fix for bug 6041 --- scripts/bgp/vyatta-bgp.pl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 3bfb4cc0..bc7e684b 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1239,7 +1239,8 @@ sub bgp_type_change { # check if changing from iBGP to eBGP if ( (iBGP_peer(1, $neighbor, $as, $ntype)) && (! iBGP_peer(0, $neighbor, $as, $ntype)) ) { - if ($config->exists("$as $ntype $neighbor route-reflector-client")) { + if ( $config->exists("$as $ntype $neighbor route-reflector-client") || + $config->exists("$as $ntype $neighbor address-family ipv6-unicast route-reflector-client") ) { return "can not set route-reflector-client and an eBGP remote-as at the same time\n"; } } -- cgit v1.2.3 From 493f06c66621e7c652a95a0084d911d6901ef406 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Thu, 12 Aug 2010 10:58:10 -0700 Subject: 0.18.100+larkspur9 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 55755311..cd990d0a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur9) unstable; urgency=low + + * fix for bug 6041 + + -- Robert Bays Thu, 12 Aug 2010 10:58:10 -0700 + vyatta-cfg-quagga (0.18.100+larkspur8) unstable; urgency=low * Add missing step for peer group ttl-security -- cgit v1.2.3 From 78681dc9134ae490fb67ba1fd1f627114fcdc0b5 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Thu, 12 Aug 2010 18:27:40 -0700 Subject: fix for bug 6034 --- lib/Vyatta/Quagga/Config.pm | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/lib/Vyatta/Quagga/Config.pm b/lib/Vyatta/Quagga/Config.pm index bf45c891..a24838f1 100644 --- a/lib/Vyatta/Quagga/Config.pm +++ b/lib/Vyatta/Quagga/Config.pm @@ -342,9 +342,8 @@ sub _qtree { $qcom = $_qcomref; - # It's ugly that I have to create a new Vyatta config object every time, - # but something gets messed up on the stack if I don't. not sure - # what yet. would love to reference a global config and just reset Level. + # Would love to reference a global config and just reset Levels, + # but Vyatta::Config isn't recursion safe. my $config = new Vyatta::Config; $config->setLevel($level); @@ -356,7 +355,28 @@ sub _qtree { else { $vtysh = \%_vtyshdel; @nodes = $config->listDeleted(); - } + + # handle special case for multi-nodes values being deleted + # listDeleted() doesn't return the node as deleted if it is a multi + # unless all values are deleted. + # TODO: fix listDeleted() in Config.pm + # This is really, really fugly. + my @all_nodes = $config->listNodes(); + foreach my $node (@all_nodes) { + my @array = split /\s+/, $level; + push @array, $node; + my ($multi, $text, $default) = $config->parseTmpl(\@array); + if ($multi) { + my @orig_values = $config->returnOrigValues("$node"); + my @new_values = $config->returnValues("$node"); + my %chash = $config->compareValueLists(\@orig_values, \@new_values); + if ($chash{'deleted'}) { + push @nodes, $node; + } + } + } + + } ## end else { if ($_DEBUG) { print "DEBUG: _qtree - action: $action\tlevel: $level\n"; } -- cgit v1.2.3 From 8e1d84ff4bba498f362e59770fe8b03bb1275c7c Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Thu, 12 Aug 2010 18:30:59 -0700 Subject: fix for bug 6049 --- .../protocols/bgp/node.tag/parameters/confederation/peers/node.def | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def index e806b5d7..7e165489 100644 --- a/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def +++ b/templates/protocols/bgp/node.tag/parameters/confederation/peers/node.def @@ -1,6 +1,6 @@ multi: type: u32 help: Peer ASs in the BGP confederation -val_help: u32:1-4294967294; Peer AS number numbers (ex: "435 234") +val_help: u32:1-4294967294; Peer AS number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294; "confederation AS id must be between 1 and 4294967294" commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --confed-iBGP-ASN-check $VAR(@) --as $VAR(../../../@)"; "Can't set confederation peers ASN to $VAR(@). Delete any neighbors with remote-as $VAR(@) and/or change the local ASN first." -- cgit v1.2.3 From b275b4e089bce42d1f558e03aa195af94d6c3ad5 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Thu, 12 Aug 2010 18:31:11 -0700 Subject: 0.18.100+larkspur10 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index cd990d0a..527c9832 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg-quagga (0.18.100+larkspur10) unstable; urgency=low + + * fix for bug 6034 + * fix for bug 6049 + + -- Robert Bays Thu, 12 Aug 2010 18:31:11 -0700 + vyatta-cfg-quagga (0.18.100+larkspur9) unstable; urgency=low * fix for bug 6041 -- cgit v1.2.3 From ea4cc868c80dcc16dd50d199cd4b761d0c4a6a74 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Mon, 16 Aug 2010 11:49:51 -0700 Subject: fix for bug 6054 --- lib/Vyatta/Quagga/Config.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Vyatta/Quagga/Config.pm b/lib/Vyatta/Quagga/Config.pm index a24838f1..90a3d4d0 100644 --- a/lib/Vyatta/Quagga/Config.pm +++ b/lib/Vyatta/Quagga/Config.pm @@ -370,7 +370,7 @@ sub _qtree { my @orig_values = $config->returnOrigValues("$node"); my @new_values = $config->returnValues("$node"); my %chash = $config->compareValueLists(\@orig_values, \@new_values); - if ($chash{'deleted'}) { + if (${$chash{'deleted'}}[0]) { push @nodes, $node; } } -- cgit v1.2.3 From a785fe685d9fa0edd813e2a53f1ebbc227ba2c7f Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Mon, 16 Aug 2010 11:50:06 -0700 Subject: 0.18.100+larkspur11 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 527c9832..921d7744 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg-quagga (0.18.100+larkspur11) unstable; urgency=low + + * fix for bug 6054 + + -- Robert Bays Mon, 16 Aug 2010 11:50:05 -0700 + vyatta-cfg-quagga (0.18.100+larkspur10) unstable; urgency=low * fix for bug 6034 -- cgit v1.2.3