From 73ccafb61883dea3cf0ad355f1149288ee95c710 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 6 Jul 2010 17:30:04 -0700 Subject: fix for bug 5778 --- scripts/bgp/vyatta-bgp.pl | 56 ++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 53 insertions(+), 3 deletions(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index b2119dbc..c2f7b047 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1175,23 +1175,73 @@ sub check_remote_as { my @asns = $config->listNodes(); foreach my $as (@asns) { + # check remote-as if neighbors have been changed my @neighbors = $config->listNodes("$as neighbor"); foreach my $neighbor (@neighbors) { if ($config->isChanged("$as neighbor $neighbor")) { my $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); + + my ($peergroup, $peergroupas); + if ($config->exists("$as neighbor $neighbor peer-group")) { + $peergroup = $config->returnValue("$as neighbor $neighbor peer-group"); + if ($config->exists("$as peer-group $peergroup remote-as")) { + $peergroupas = $config->returnValue("$as peer-group $peergroup remote-as"); + } + } + if ($remoteas) { + if ($peergroupas) { + die "protocols bgp $as neighbor $neighbor: remote-as should not be defined in both neighbor and peer-group\n" + } return; } - my $peergroup = $config->returnValue("$as neighbor $neighbor peer-group"); + die "protocols bgp $as neighbor $neighbor: must define a remote-as or peer-group\n" unless $peergroup; - - my $peergroupas = $config->returnValue("$as peer-group $peergroup remote-as"); + die "protocols bgp $as neighbor $neighbor: must define a remote-as in neighbor or peer-group $peergroup\n" unless $peergroupas; } } + + # check remote-as if peer-groups have been changed + my @peergroups = $config->listNodes("$as peer-group"); + foreach my $peergroup (@peergroups) { + if ($config->isChanged("$as peer-group $peergroup")) { + + # if we delete the remote-as in the pg, make sure all neighbors have a remote-as defined + if ($config->isDeleted("$as peer-group $peergroup remote-as")) { + my @neighbors = $config->listNodes("$as neighbor"); + foreach my $neighbor (@neighbors) { + my $pgmembership = $config->returnValue("$as neighbor $neighbor peer-group"); + if ( (defined $pgmembership) && ("$pgmembership" eq "$peergroup") ) { + my $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); + if (! defined $remoteas) { + die "protocols bgp $as peer-group $neighbor: can't delete the remote-as in peer-group without setting remote-as in members\n" + } + } + } + } + + # remote-as can not be defined in both pg and neighbor at the same time + if ($config->isChanged("$as peer-group $peergroup remote-as")) { + my $pgremoteas = $config->returnValue("$as peer-group $peergroup remote-as"); + my @neighbors = $config->listNodes("$as neighbor"); + foreach my $neighbor (@neighbors) { + my $pgmembership = $config->returnValue("$as neighbor $neighbor peer-group"); + if ( (defined $pgmembership) && ("$pgmembership" eq "$peergroup") ) { + my $remoteas = $config->returnValue("$as neighbor $neighbor remote-as"); + if (defined $remoteas && defined $pgremoteas) { + die "protocols bgp $as peer-group $neighbor: must not define remote-as in both neighbor and peer-group\n" + } + } + } + } + + } + } # end foreach my $peergroup } + } # check that value is either an IPV4 address on system or an interface -- cgit v1.2.3