diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-01-21 18:44:49 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-01-21 18:44:49 +0100 |
commit | 891bb78c1222d7acdff14d56c6c5aad0139536f3 (patch) | |
tree | ffe274224b89f0226b03f6fd762677ccf0bd8c17 | |
parent | a80cd3058cb8d9a9152c8c205d41175056c6fa52 (diff) | |
download | vyos-1x-891bb78c1222d7acdff14d56c6c5aad0139536f3.tar.gz vyos-1x-891bb78c1222d7acdff14d56c6c5aad0139536f3.zip |
bgp: T1875: validate() that peer-group specified via listen range exists
-rwxr-xr-x | smoketest/scripts/cli/test_protocols_bgp.py | 30 | ||||
-rwxr-xr-x | src/conf_mode/protocols_bgp.py | 16 |
2 files changed, 40 insertions, 6 deletions
diff --git a/smoketest/scripts/cli/test_protocols_bgp.py b/smoketest/scripts/cli/test_protocols_bgp.py index ccb9268fe..fef32741e 100755 --- a/smoketest/scripts/cli/test_protocols_bgp.py +++ b/smoketest/scripts/cli/test_protocols_bgp.py @@ -336,5 +336,35 @@ class TestProtocolsBGP(unittest.TestCase): self.assertIn(f' aggregate-address {network} summary-only', frrconfig) + def test_bgp_06_listen_range(self): + # Implemented via T1875 + limit = '64' + listen_ranges = ['192.0.2.0/25', '192.0.2.128/25'] + peer_group = 'listenfoobar' + self.session.set(base_path + ['listen', 'limit', limit]) + for prefix in listen_ranges: + self.session.set(base_path + ['listen', 'range', prefix]) + # check validate() - peer-group must be defined for range/prefix + with self.assertRaises(ConfigSessionError): + self.session.commit() + self.session.set(base_path + ['listen', 'range', prefix, 'peer-group', peer_group]) + + # check validate() - peer-group does yet not exist! + with self.assertRaises(ConfigSessionError): + self.session.commit() + self.session.set(base_path + ['peer-group', peer_group, 'remote-as', ASN]) + + # commit changes + self.session.commit() + + # Verify FRR bgpd configuration + frrconfig = getFRRBGPconfig() + self.assertIn(f'router bgp {ASN}', frrconfig) + self.assertIn(f' neighbor {peer_group} peer-group', frrconfig) + self.assertIn(f' neighbor {peer_group} remote-as {ASN}', frrconfig) + self.assertIn(f' bgp listen limit {limit}', frrconfig) + for prefix in listen_ranges: + self.assertIn(f' bgp listen range {prefix} peer-group {peer_group}', frrconfig) + if __name__ == '__main__': unittest.main(verbosity=2) diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 39d367b97..2a1e5f50a 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -127,13 +127,17 @@ def verify(bgp): route_map = afi_config['route_map'][tmp].replace('-', '_') if dict_search(f'policy.route_map.{route_map}', asn_config) == None: raise ConfigError(f'route-map "{route_map}" used for "{tmp}" does not exist!') - + # Throw an error if a peer group is not configured for allow range - if 'listen' in asn_config: - if 'range' in asn_config['listen']: - for prefix in asn_config['listen']['range']: - if not 'peer_group' in asn_config['listen']['range'].get(prefix): - raise ConfigError(f'Listen range for prefix "{prefix}" has no peer group configured.') + for prefix in dict_search('listen.range', asn_config) or []: + # we can not use dict_search() here as prefix contains dots ... + if 'peer_group' not in asn_config['listen']['range'][prefix]: + raise ConfigError(f'Listen range for prefix "{prefix}" has no peer group configured.') + else: + peer_group = asn_config['listen']['range'][prefix]['peer_group'] + # the peer group must also exist + if not dict_search(f'peer_group.{peer_group}', asn_config): + raise ConfigError(f'Peer-group "{peer_group}" for listen range "{prefix}" does not exist!') return None |