diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-04-10 22:12:10 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-04-10 22:13:54 +0200 |
commit | bed52a360fef02f4a1573299fe8a4b059b59f831 (patch) | |
tree | a994edbd90839fdff092a9747143aac8fa4d84d9 | |
parent | 39c50dd3e52d69a3d51f62af8a99eb2184032d1f (diff) | |
download | vyos-1x-bed52a360fef02f4a1573299fe8a4b059b59f831.tar.gz vyos-1x-bed52a360fef02f4a1573299fe8a4b059b59f831.zip |
bgp: T3460: add verify() steps for local-as override
It is only possible to set one local-as override per BGP neighbor/peer-group.
In addition to this, the override AS number is not allowed to be the same as
the one from the global BGP process.
If this would still be the case frr-reload would error out:
> frr-reload output: 184 % Cannot have local-as same as BGP AS number
-rwxr-xr-x | src/conf_mode/protocols_bgp.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index a76aec30b..262bb4711 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -115,6 +115,16 @@ def verify(bgp): raise ConfigError(f'Specified peer-group "{peer_group}" for '\ f'neighbor "{neighbor}" does not exist!') + if 'local_as' in peer_config: + if len(peer_config['local_as']) > 1: + raise ConfigError('Only one local-as number may be specified!') + + # Neighbor local-as override can not be the same as the local-as + # we use for this BGP instane! + asn = list(peer_config['local_as'].keys())[0] + if asn == bgp['local_as']: + raise ConfigError('Cannot have local-as same as BGP AS number') + # ttl-security and ebgp-multihop can't be used in the same configration if 'ebgp_multihop' in peer_config and 'ttl_security' in peer_config: raise ConfigError('You can\'t set both ebgp-multihop and ttl-security hops') |