From a0f6b5ed1c9fc00b56ad9e893726f77d1abcced9 Mon Sep 17 00:00:00 2001
From: DmitriyEshenko <snooppy@mail.ua>
Date: Sat, 3 Aug 2019 09:37:22 +0000
Subject: T1468 Fixing comparison type txt and type u32

---
 .../address-family/ipv4-unicast/route-reflector-client/node.def         | 2 +-
 .../address-family/ipv6-unicast/route-reflector-client/node.def         | 2 +-
 .../address-family/ipv4-unicast/route-reflector-client/node.def         | 2 +-
 .../address-family/ipv6-unicast/route-reflector-client/node.def         | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
index b733612e..1cf52947 100644
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
@@ -1,2 +1,2 @@
 help: Neighbor as a IPv4-route reflector client
-commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "remote-as must equal local-as"
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"remote-as must equal local-as\"; exit 1; fi; "
diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
index 5a9d78c3..7d6cf46d 100644
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
@@ -1,2 +1,2 @@
 help: Neighbor as a route reflector client
-commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "protocols bgp $VAR(../../../../@) neighbor $VAR(../../../@) route-reflector-client: remote-as must equal local-as"
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"protocols bgp $VAR(../../../../@) neighbor $VAR(../../../@) route-reflector-client: remote-as must equal local-as\"; exit 1; fi; "
diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
index eff79b87..fde76a74 100644
--- a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
@@ -1,2 +1,2 @@
 help: Peer-group as a route reflector client
-commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "remote-as must equal local-as"
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"remote-as must equal local-as\"; exit 1; fi; "
diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
index eff79b87..fde76a74 100644
--- a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
@@ -1,2 +1,2 @@
 help: Peer-group as a route reflector client
-commit:expression: $VAR(../../../../@) == $VAR(../../../remote-as/@); "remote-as must equal local-as"
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"remote-as must equal local-as\"; exit 1; fi; "
-- 
cgit v1.2.3


From 3a1680ceef8ffc25943be9e626fa9286e1fb2920 Mon Sep 17 00:00:00 2001
From: DmitriyEshenko <snooppy@mail.ua>
Date: Sat, 3 Aug 2019 11:11:50 +0000
Subject: T1468 Adding check for additional values internal and external

---
 .../address-family/ipv4-unicast/route-reflector-client/node.def      | 5 ++++-
 .../address-family/ipv6-unicast/route-reflector-client/node.def      | 5 ++++-
 .../address-family/ipv4-unicast/route-reflector-client/node.def      | 5 ++++-
 .../address-family/ipv6-unicast/route-reflector-client/node.def      | 5 ++++-
 4 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
index 1cf52947..84f13a6a 100644
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
@@ -1,2 +1,5 @@
 help: Neighbor as a IPv4-route reflector client
-commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"remote-as must equal local-as\"; exit 1; fi; "
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \
+                            [ $VAR(../../../remote-as/@) != \"internal\" ] && \
+                            [ $VAR(../../../remote-as/@) != \"external\" ]; \
+                        then echo \"remote-as must equal local-as\"; exit 1; fi; "
diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
index 7d6cf46d..c49ef8b9 100644
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
@@ -1,2 +1,5 @@
 help: Neighbor as a route reflector client
-commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"protocols bgp $VAR(../../../../@) neighbor $VAR(../../../@) route-reflector-client: remote-as must equal local-as\"; exit 1; fi; "
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \
+                            [ $VAR(../../../remote-as/@) != \"internal\" ] && \
+                            [ $VAR(../../../remote-as/@) != \"external\" ]; \
+                        then echo \"protocols bgp $VAR(../../../../@) neighbor $VAR(../../../@) route-reflector-client: remote-as must equal local-as\"; exit 1; fi; "
diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
index fde76a74..9c8cfe1d 100644
--- a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv4-unicast/route-reflector-client/node.def
@@ -1,2 +1,5 @@
 help: Peer-group as a route reflector client
-commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"remote-as must equal local-as\"; exit 1; fi; "
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \
+                            [ $VAR(../../../remote-as/@) != \"internal\" ] && \
+                            [ $VAR(../../../remote-as/@) != \"external\" ]; \
+                        then echo \"remote-as must equal local-as\"; exit 1; fi; "
diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
index fde76a74..9c8cfe1d 100644
--- a/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
+++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/address-family/ipv6-unicast/route-reflector-client/node.def
@@ -1,2 +1,5 @@
 help: Peer-group as a route reflector client
-commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ]; then echo \"remote-as must equal local-as\"; exit 1; fi; "
+commit:expression: exec "if [ $VAR(../../../../@) != $VAR(../../../remote-as/@) ] && \
+                            [ $VAR(../../../remote-as/@) != \"internal\" ] && \
+                            [ $VAR(../../../remote-as/@) != \"external\" ]; \
+                        then echo \"remote-as must equal local-as\"; exit 1; fi; "
-- 
cgit v1.2.3


From 464561c570804a5fe56ea8b9aae73b26bf1cc77f Mon Sep 17 00:00:00 2001
From: zdc <zdc@users.noreply.github.com>
Date: Mon, 12 Aug 2019 22:54:03 +0300
Subject: [bfd] T1183: Added some new functionality for BFD in BGP: (#34)

* added option "check-control-plane-failure" for BFD in BGP neighbors
* added configuration check for checking if BFD peer is already configured before applying bfd option to BGP neighbor
* added configuration check for checking if BFD peers are already configured for all members in peer-group before applying bfd option to BGP peer-group
---
 scripts/bgp/vyatta-bgp.pl                          | 48 +++++++++++++++++++++-
 .../bfd/check-control-plane-failure/node.def       |  2 +
 .../bgp/node.tag/neighbor/node.tag/bfd/node.def    |  1 +
 .../node.tag/neighbor/node.tag/peer-group/node.def |  1 +
 .../bgp/node.tag/peer-group/node.tag/bfd/node.def  |  1 +
 5 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def

diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl
index b39556af..9a816344 100755
--- a/scripts/bgp/vyatta-bgp.pl
+++ b/scripts/bgp/vyatta-bgp.pl
@@ -579,6 +579,10 @@ my %qcom = (
       set => 'router bgp #3 ; neighbor #5 bfd',
       del => 'router bgp #3 ; no neighbor #5 bfd',
   },
+  'protocols bgp var neighbor var bfd check-control-plane-failure' => {
+      set => 'router bgp #3 ; neighbor #5 bfd check-control-plane-failure',
+      del => 'router bgp #3 ; no neighbor #5 bfd check-control-plane-failure',
+  },
   'protocols bgp var neighbor var password' => {
       set => 'router bgp #3 ; neighbor #5 password #7',
       del => 'router bgp #3 ; no neighbor #5 password',
@@ -1160,7 +1164,7 @@ if ( ! -e "/usr/sbin/zebra" ) {
 
 my ( $pg, $as, $neighbor );
 my ( $main, $peername, $isneighbor, $checkpeergroups, $checkpeergroups6, $checksource, 
-     $isiBGPpeer, $wasiBGPpeer, $confedibgpasn, $listpeergroups, $checkremoteas);
+     $isiBGPpeer, $wasiBGPpeer, $confedibgpasn, $listpeergroups, $checkremoteas, $checkbfdpeer, $checkbfdgroup);
 
 GetOptions(
     "peergroup=s"             => \$pg,
@@ -1176,6 +1180,8 @@ GetOptions(
     "confed-iBGP-ASN-check=s" => \$confedibgpasn,
     "list-peer-groups"        => \$listpeergroups,
     "check-remote-as=s"       => \$checkremoteas,
+    "check-bfd-peer=s"        => \$checkbfdpeer,
+    "check-peer-group-bfd=s"  => \$checkbfdgroup,
     "main"                    => \$main,
 );
 
@@ -1190,6 +1196,8 @@ is_iBGP_peer($neighbor, $as)          	    if ($isiBGPpeer);
 was_iBGP_peer($neighbor, $as)               if ($wasiBGPpeer);
 list_peer_groups($as)                       if ($listpeergroups);
 check_remote_as($checkremoteas)             if ($checkremoteas);
+check_bfd_peer($checkbfdpeer)               if ($checkbfdpeer);
+check_bfd_group($checkbfdgroup, $as)        if ($checkbfdgroup);
 
 exit 0;
 
@@ -1707,6 +1715,44 @@ sub check_source {
     }
 }
 
+# check if BFD peer exists for configured BGP peer
+sub check_bfd_peer {
+  my $peer = shift;
+  my $config = new Vyatta::Config;
+
+  # check for BFD peer configuration
+  my $bfd_exists = $config->exists("protocols bfd peer $peer");
+  if (!$bfd_exists) { die "BFD peer need to be configured for using BFD protocol\n"; }
+}
+
+# check if BFD peer exists for configured BGP peer-group
+sub check_bfd_group {
+  my $group = shift;
+  my $as = shift;
+  my @group_neighbors = ();
+  my $config = new Vyatta::Config;
+
+  # check if BFD enabled for peer-group and stop check if not
+  if (!$config->exists("protocols bgp $as peer-group $group bfd")) {
+    return 0;
+  }
+
+  # get a list of all BGP neighbors in the defined group
+  my @all_neighbors = $config->listNodes("protocols bgp $as neighbor");
+  foreach my $neighbor (@all_neighbors) {
+    if ($config->exists("protocols bgp $as neighbor $neighbor peer-group")) {
+      if ($config->returnValue("protocols bgp $as neighbor $neighbor peer-group") eq $group) {
+        push @group_neighbors, $neighbor;
+      }
+    }
+  }
+
+  # check if BFD peer exist and raise error if not
+  foreach my $neighbor (@group_neighbors) {
+    if (!$config->exists("protocols bfd peer $neighbor")) { die "BFD peers need to be configured for all neighbors in peer-group $group before enabling for BGP\n"; }
+  }
+}
+
 sub main 
 {
    # initialize the Quagga Config object with data from Vyatta config tree
diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def
new file mode 100644
index 00000000..fd4e1eef
--- /dev/null
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/check-control-plane-failure/node.def
@@ -0,0 +1,2 @@
+help:	Allow to write CBIT independence in BFD outgoing packets
+		and read both C-BIT value of BFD and lookup BGP peer status
diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def
index 284ce4d8..704ccb01 100644
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/bfd/node.def
@@ -1 +1,2 @@
 help: Enable Bidirectional Forwarding Detection (BFD) support
+commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-bfd-peer $VAR(../@)"
diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def
index 5da142d6..b707f391 100644
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def
+++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def
@@ -4,3 +4,4 @@ allowed: local -a params
         params=$( /opt/vyatta/sbin/vyatta-bgp.pl --list-peer-groups --as $VAR(../../@) )
         echo -n ${params[@]##*/}
 commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"protocols bgp $VAR(../../@) peer-group $VAR(@)\" "; "protocols bgp $VAR(../../@) peer-group $VAR(@) doesn't exist"
+commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-peer-group-bfd $VAR(@) --as $VAR(../../@)"
diff --git a/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def b/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def
index 284ce4d8..c76e88e4 100644
--- a/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def
+++ b/templates/protocols/bgp/node.tag/peer-group/node.tag/bfd/node.def
@@ -1 +1,2 @@
 help: Enable Bidirectional Forwarding Detection (BFD) support
+commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-peer-group-bfd $VAR(../@) --as $VAR(../../@)"
-- 
cgit v1.2.3