summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-01-16 14:55:48 +0100
committerChristian Breunig <christian@breunig.cc>2024-01-16 15:04:37 +0100
commit9febed1344e93815dc3a94047daa69967c3af160 (patch)
treead354f319e5cdd6520378c62254b9a1604019180
parentb303d7b0c612150dc733c330127121cc46eb0be4 (diff)
downloadvyos-1x-9febed1344e93815dc3a94047daa69967c3af160.tar.gz
vyos-1x-9febed1344e93815dc3a94047daa69967c3af160.zip
bgp: T5937: fix migration script for IPv6 AFI peer-group
Migrate "bgp <ASN> neighbor <NEIGH> address-family ipv6-unicast peer-group" to "bgp neighbor <NEIGH> peer-group"
-rw-r--r--smoketest/config-tests/bgp-medium-confederation73
-rw-r--r--smoketest/configs/bgp-medium-confederation247
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py5
-rwxr-xr-xsrc/migration-scripts/bgp/0-to-12
-rwxr-xr-xsrc/migration-scripts/bgp/1-to-212
5 files changed, 336 insertions, 3 deletions
diff --git a/smoketest/config-tests/bgp-medium-confederation b/smoketest/config-tests/bgp-medium-confederation
new file mode 100644
index 000000000..ea3c2d144
--- /dev/null
+++ b/smoketest/config-tests/bgp-medium-confederation
@@ -0,0 +1,73 @@
+set interfaces dummy dum0 address '1.1.1.1/32'
+set interfaces dummy dum0 address '2001:db8::1/128'
+set interfaces ethernet eth0 address 'fd52:100:200:fffe::1/64'
+set interfaces ethernet eth0 address '192.168.253.1/24'
+set interfaces ethernet eth1
+set interfaces ethernet eth2
+set policy route-map BGP-IN rule 10 action 'permit'
+set policy route-map BGP-OUT rule 10 action 'permit'
+set policy route-map BGP-REDISTRIBUTE rule 10 action 'deny'
+set policy route-map DEFAULT-ZEBRA-IN rule 10 action 'deny'
+set protocols bgp address-family ipv4-unicast redistribute connected route-map 'BGP-REDISTRIBUTE'
+set protocols bgp address-family ipv4-unicast redistribute static route-map 'BGP-REDISTRIBUTE'
+set protocols bgp address-family ipv6-unicast redistribute connected route-map 'BGP-REDISTRIBUTE'
+set protocols bgp neighbor 192.168.253.14 peer-group 'WDC07'
+set protocols bgp neighbor 192.168.253.16 peer-group 'WDC07'
+set protocols bgp neighbor 192.168.253.17 peer-group 'WDC07'
+set protocols bgp neighbor 192.168.253.18 peer-group 'WDC07'
+set protocols bgp neighbor 192.168.253.19 peer-group 'WDC07'
+set protocols bgp neighbor eth1 interface v6only peer-group 'BACKBONE'
+set protocols bgp neighbor eth1 interface v6only remote-as '666'
+set protocols bgp neighbor eth2 interface v6only peer-group 'BACKBONE'
+set protocols bgp neighbor eth2 interface v6only remote-as '666'
+set protocols bgp neighbor fd52:100:200:fffe::14 address-family ipv6-unicast
+set protocols bgp neighbor fd52:100:200:fffe::14 peer-group 'WDC07v6'
+set protocols bgp neighbor fd52:100:200:fffe::16 address-family ipv6-unicast
+set protocols bgp neighbor fd52:100:200:fffe::16 peer-group 'WDC07v6'
+set protocols bgp neighbor fd52:100:200:fffe::17 address-family ipv6-unicast
+set protocols bgp neighbor fd52:100:200:fffe::17 peer-group 'WDC07v6'
+set protocols bgp neighbor fd52:100:200:fffe::18 address-family ipv6-unicast
+set protocols bgp neighbor fd52:100:200:fffe::18 peer-group 'WDC07v6'
+set protocols bgp neighbor fd52:100:200:fffe::19 address-family ipv6-unicast
+set protocols bgp neighbor fd52:100:200:fffe::19 peer-group 'WDC07v6'
+set protocols bgp parameters bestpath as-path confed
+set protocols bgp parameters bestpath as-path multipath-relax
+set protocols bgp parameters confederation identifier '696'
+set protocols bgp parameters confederation peers '668'
+set protocols bgp parameters confederation peers '669'
+set protocols bgp parameters confederation peers '666'
+set protocols bgp parameters graceful-restart
+set protocols bgp parameters router-id '192.168.253.15'
+set protocols bgp peer-group BACKBONE address-family ipv4-unicast nexthop-self
+set protocols bgp peer-group BACKBONE address-family ipv4-unicast route-map export 'BGP-OUT'
+set protocols bgp peer-group BACKBONE address-family ipv4-unicast route-map import 'BGP-IN'
+set protocols bgp peer-group BACKBONE address-family ipv4-unicast soft-reconfiguration inbound
+set protocols bgp peer-group BACKBONE address-family ipv6-unicast nexthop-self
+set protocols bgp peer-group BACKBONE address-family ipv6-unicast route-map export 'BGP-OUT'
+set protocols bgp peer-group BACKBONE address-family ipv6-unicast route-map import 'BGP-IN'
+set protocols bgp peer-group BACKBONE address-family ipv6-unicast soft-reconfiguration inbound
+set protocols bgp peer-group BACKBONE capability extended-nexthop
+set protocols bgp peer-group WDC07 address-family ipv4-unicast default-originate
+set protocols bgp peer-group WDC07 address-family ipv4-unicast nexthop-self
+set protocols bgp peer-group WDC07 address-family ipv4-unicast route-map export 'BGP-OUT'
+set protocols bgp peer-group WDC07 address-family ipv4-unicast route-map import 'BGP-IN'
+set protocols bgp peer-group WDC07 address-family ipv4-unicast soft-reconfiguration inbound
+set protocols bgp peer-group WDC07 remote-as '670'
+set protocols bgp peer-group WDC07 update-source 'dum0'
+set protocols bgp peer-group WDC07v6 address-family ipv6-unicast default-originate
+set protocols bgp peer-group WDC07v6 address-family ipv6-unicast nexthop-self
+set protocols bgp peer-group WDC07v6 address-family ipv6-unicast route-map export 'BGP-OUT'
+set protocols bgp peer-group WDC07v6 address-family ipv6-unicast route-map import 'BGP-IN'
+set protocols bgp peer-group WDC07v6 address-family ipv6-unicast soft-reconfiguration inbound
+set protocols bgp peer-group WDC07v6 remote-as '670'
+set protocols bgp peer-group WDC07v6 update-source 'dum0'
+set protocols bgp system-as '670'
+set system config-management commit-revisions '200'
+set system console device ttyS0 speed '115200'
+set system domain-name 'vyos.net'
+set system host-name 'vyos'
+set system ip protocol bgp route-map 'DEFAULT-ZEBRA-IN'
+set system login user vyos authentication encrypted-password '$6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0'
+set system login user vyos authentication plaintext-password ''
+set system syslog global facility all level 'notice'
+set system syslog global facility local7 level 'debug'
diff --git a/smoketest/configs/bgp-medium-confederation b/smoketest/configs/bgp-medium-confederation
new file mode 100644
index 000000000..dfb944d09
--- /dev/null
+++ b/smoketest/configs/bgp-medium-confederation
@@ -0,0 +1,247 @@
+interfaces {
+ dummy dum0 {
+ address 1.1.1.1/32
+ address 2001:db8::1/128
+ }
+ ethernet eth0 {
+ address 192.168.253.1/24
+ address fd52:100:200:fffe::1/64
+ }
+ ethernet eth1 {
+ }
+ ethernet eth2 {
+ }
+}
+policy {
+ route-map BGP-IN {
+ rule 10 {
+ action permit
+ }
+ }
+ route-map BGP-OUT {
+ rule 10 {
+ action permit
+ }
+ }
+ route-map BGP-REDISTRIBUTE {
+ rule 10 {
+ action deny
+ }
+ }
+ route-map DEFAULT-ZEBRA-IN {
+ rule 10 {
+ action deny
+ }
+ }
+}
+protocols {
+ bgp 670 {
+ address-family {
+ ipv4-unicast {
+ redistribute {
+ connected {
+ route-map BGP-REDISTRIBUTE
+ }
+ static {
+ route-map BGP-REDISTRIBUTE
+ }
+ }
+ }
+ ipv6-unicast {
+ redistribute {
+ connected {
+ route-map BGP-REDISTRIBUTE
+ }
+ }
+ }
+ }
+ neighbor 192.168.253.14 {
+ peer-group WDC07
+ }
+ neighbor 192.168.253.16 {
+ peer-group WDC07
+ }
+ neighbor 192.168.253.17 {
+ peer-group WDC07
+ }
+ neighbor 192.168.253.18 {
+ peer-group WDC07
+ }
+ neighbor 192.168.253.19 {
+ peer-group WDC07
+ }
+ neighbor eth1 {
+ interface {
+ v6only {
+ peer-group BACKBONE
+ remote-as 666
+ }
+ }
+ }
+ neighbor eth2 {
+ interface {
+ v6only {
+ peer-group BACKBONE
+ remote-as 666
+ }
+ }
+ }
+ neighbor fd52:100:200:fffe::14 {
+ address-family {
+ ipv6-unicast {
+ peer-group WDC07v6
+ }
+ }
+ }
+ neighbor fd52:100:200:fffe::16 {
+ address-family {
+ ipv6-unicast {
+ peer-group WDC07v6
+ }
+ }
+ }
+ neighbor fd52:100:200:fffe::17 {
+ address-family {
+ ipv6-unicast {
+ peer-group WDC07v6
+ }
+ }
+ }
+ neighbor fd52:100:200:fffe::18 {
+ address-family {
+ ipv6-unicast {
+ peer-group WDC07v6
+ }
+ }
+ }
+ neighbor fd52:100:200:fffe::19 {
+ address-family {
+ ipv6-unicast {
+ peer-group WDC07v6
+ }
+ }
+ }
+ parameters {
+ bestpath {
+ as-path {
+ confed
+ multipath-relax
+ }
+ }
+ confederation {
+ identifier 696
+ peers 668
+ peers 669
+ peers 666
+ }
+ default {
+ no-ipv4-unicast
+ }
+ graceful-restart {
+ }
+ router-id 192.168.253.15
+ }
+ peer-group BACKBONE {
+ address-family {
+ ipv4-unicast {
+ nexthop-self {
+ }
+ route-map {
+ export BGP-OUT
+ import BGP-IN
+ }
+ soft-reconfiguration {
+ inbound
+ }
+ }
+ ipv6-unicast {
+ nexthop-self {
+ }
+ route-map {
+ export BGP-OUT
+ import BGP-IN
+ }
+ soft-reconfiguration {
+ inbound
+ }
+ }
+ }
+ capability {
+ extended-nexthop
+ }
+ }
+ peer-group WDC07 {
+ address-family {
+ ipv4-unicast {
+ default-originate {
+ }
+ nexthop-self {
+ }
+ route-map {
+ export BGP-OUT
+ import BGP-IN
+ }
+ soft-reconfiguration {
+ inbound
+ }
+ }
+ }
+ remote-as 670
+ update-source dum0
+ }
+ peer-group WDC07v6 {
+ address-family {
+ ipv6-unicast {
+ default-originate {
+ }
+ nexthop-self {
+ }
+ route-map {
+ export BGP-OUT
+ import BGP-IN
+ }
+ soft-reconfiguration {
+ inbound
+ }
+ }
+ }
+ remote-as 670
+ update-source dum0
+ }
+ route-map DEFAULT-ZEBRA-IN
+ }
+}
+system {
+ config-management {
+ commit-revisions 200
+ }
+ console {
+ device ttyS0 {
+ speed 115200
+ }
+ }
+ domain-name vyos.net
+ host-name vyos
+ login {
+ user vyos {
+ authentication {
+ encrypted-password $6$O5gJRlDYQpj$MtrCV9lxMnZPMbcxlU7.FI793MImNHznxGoMFgm3Q6QP3vfKJyOSRCt3Ka/GzFQyW1yZS4NS616NLHaIPPFHc0
+ plaintext-password ""
+ }
+ }
+ }
+ syslog {
+ global {
+ facility all {
+ level notice
+ }
+ facility protocols {
+ level debug
+ }
+ }
+ }
+}
+
+// Warning: Do not remove the following line.
+// vyos-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:container@1:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@22:ipoe-server@1:ipsec@5:isis@1:l2tp@3:lldp@1:mdns@1:nat@5:ntp@1:pppoe-server@5:pptp@2:qos@1:quagga@8:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@21:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1"
+// Release version: 1.3.5
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index e8bb11828..f6f3370c3 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -220,9 +220,12 @@ def verify_afi(peer_config, bgp_config):
# If address_family configured under peer-group
# if neighbor interface configured
- peer_group_name = ''
+ peer_group_name = None
if dict_search('interface.peer_group', peer_config):
peer_group_name = peer_config['interface']['peer_group']
+ elif dict_search('interface.v6only.peer_group', peer_config):
+ peer_group_name = peer_config['interface']['v6only']['peer_group']
+
# if neighbor IP configured.
if 'peer_group' in peer_config:
peer_group_name = peer_config['peer_group']
diff --git a/src/migration-scripts/bgp/0-to-1 b/src/migration-scripts/bgp/0-to-1
index 03c45107b..5b8e8a163 100755
--- a/src/migration-scripts/bgp/0-to-1
+++ b/src/migration-scripts/bgp/0-to-1
@@ -14,7 +14,7 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-# T3417: migrate IS-IS tagNode to node as we can only have one IS-IS process
+# T3417: migrate BGP tagNode to node as we can only have one BGP process
from sys import argv
from sys import exit
diff --git a/src/migration-scripts/bgp/1-to-2 b/src/migration-scripts/bgp/1-to-2
index 96b939b47..a40d86e67 100755
--- a/src/migration-scripts/bgp/1-to-2
+++ b/src/migration-scripts/bgp/1-to-2
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2021-2022 VyOS maintainers and contributors
+# Copyright (C) 2021-2024 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -15,6 +15,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# T3741: no-ipv4-unicast is now enabled by default
+# T5937: Migrate IPv6 BGP Neighbor Peer Groups
from sys import argv
from sys import exit
@@ -66,6 +67,15 @@ else:
if not config.exists(afi_ipv4):
config.set(afi_ipv4)
+# Migrate IPv6 AFI peer-group
+if config.exists(base + ['neighbor']):
+ for neighbor in config.list_nodes(base + ['neighbor']):
+ tmp_path = base + ['neighbor', neighbor, 'address-family', 'ipv6-unicast', 'peer-group']
+ if config.exists(tmp_path):
+ peer_group = config.return_value(tmp_path)
+ config.set(base + ['neighbor', neighbor, 'peer-group'], value=peer_group)
+ config.delete(tmp_path)
+
try:
with open(file_name, 'w') as f:
f.write(config.to_string())