summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-21 18:44:49 +0100
committerChristian Poessinger <christian@poessinger.com>2021-01-21 18:44:49 +0100
commit891bb78c1222d7acdff14d56c6c5aad0139536f3 (patch)
treeffe274224b89f0226b03f6fd762677ccf0bd8c17
parenta80cd3058cb8d9a9152c8c205d41175056c6fa52 (diff)
downloadvyos-1x-891bb78c1222d7acdff14d56c6c5aad0139536f3.tar.gz
vyos-1x-891bb78c1222d7acdff14d56c6c5aad0139536f3.zip
bgp: T1875: validate() that peer-group specified via listen range exists
-rwxr-xr-xsmoketest/scripts/cli/test_protocols_bgp.py30
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py16
2 files changed, 40 insertions, 6 deletions
diff --git a/smoketest/scripts/cli/test_protocols_bgp.py b/smoketest/scripts/cli/test_protocols_bgp.py
index ccb9268fe..fef32741e 100755
--- a/smoketest/scripts/cli/test_protocols_bgp.py
+++ b/smoketest/scripts/cli/test_protocols_bgp.py
@@ -336,5 +336,35 @@ class TestProtocolsBGP(unittest.TestCase):
self.assertIn(f' aggregate-address {network} summary-only', frrconfig)
+ def test_bgp_06_listen_range(self):
+ # Implemented via T1875
+ limit = '64'
+ listen_ranges = ['192.0.2.0/25', '192.0.2.128/25']
+ peer_group = 'listenfoobar'
+ self.session.set(base_path + ['listen', 'limit', limit])
+ for prefix in listen_ranges:
+ self.session.set(base_path + ['listen', 'range', prefix])
+ # check validate() - peer-group must be defined for range/prefix
+ with self.assertRaises(ConfigSessionError):
+ self.session.commit()
+ self.session.set(base_path + ['listen', 'range', prefix, 'peer-group', peer_group])
+
+ # check validate() - peer-group does yet not exist!
+ with self.assertRaises(ConfigSessionError):
+ self.session.commit()
+ self.session.set(base_path + ['peer-group', peer_group, 'remote-as', ASN])
+
+ # commit changes
+ self.session.commit()
+
+ # Verify FRR bgpd configuration
+ frrconfig = getFRRBGPconfig()
+ self.assertIn(f'router bgp {ASN}', frrconfig)
+ self.assertIn(f' neighbor {peer_group} peer-group', frrconfig)
+ self.assertIn(f' neighbor {peer_group} remote-as {ASN}', frrconfig)
+ self.assertIn(f' bgp listen limit {limit}', frrconfig)
+ for prefix in listen_ranges:
+ self.assertIn(f' bgp listen range {prefix} peer-group {peer_group}', frrconfig)
+
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 39d367b97..2a1e5f50a 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -127,13 +127,17 @@ def verify(bgp):
route_map = afi_config['route_map'][tmp].replace('-', '_')
if dict_search(f'policy.route_map.{route_map}', asn_config) == None:
raise ConfigError(f'route-map "{route_map}" used for "{tmp}" does not exist!')
-
+
# Throw an error if a peer group is not configured for allow range
- if 'listen' in asn_config:
- if 'range' in asn_config['listen']:
- for prefix in asn_config['listen']['range']:
- if not 'peer_group' in asn_config['listen']['range'].get(prefix):
- raise ConfigError(f'Listen range for prefix "{prefix}" has no peer group configured.')
+ for prefix in dict_search('listen.range', asn_config) or []:
+ # we can not use dict_search() here as prefix contains dots ...
+ if 'peer_group' not in asn_config['listen']['range'][prefix]:
+ raise ConfigError(f'Listen range for prefix "{prefix}" has no peer group configured.')
+ else:
+ peer_group = asn_config['listen']['range'][prefix]['peer_group']
+ # the peer group must also exist
+ if not dict_search(f'peer_group.{peer_group}', asn_config):
+ raise ConfigError(f'Peer-group "{peer_group}" for listen range "{prefix}" does not exist!')
return None