summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-01-07 17:01:55 +0100
committerChristian Poessinger <christian@poessinger.com>2021-01-07 17:01:55 +0100
commit1f82b771f685bbb493958cdeabf05549266f2aa8 (patch)
tree3887963f2f7d702316d75da600e3a7f852aeb929
parenta8e4317c61b1253fa02044cffc7a588d45259a5e (diff)
downloadvyos-1x-1f82b771f685bbb493958cdeabf05549266f2aa8.tar.gz
vyos-1x-1f82b771f685bbb493958cdeabf05549266f2aa8.zip
bgp: T2174: verify() existence of route-map and prefix-list
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py46
1 files changed, 42 insertions, 4 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index d0dfb55ec..678be5066 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -17,10 +17,11 @@
from sys import exit
from vyos.config import Config
-from vyos.util import call
-from vyos.util import dict_search
+from vyos.configdict import dict_merge
from vyos.template import render
from vyos.template import render_to_string
+from vyos.util import call
+from vyos.util import dict_search
from vyos import ConfigError
from vyos import frr
from vyos import airbag
@@ -42,6 +43,16 @@ def get_config():
if not conf.exists(base + ['route-map']):
call('vtysh -c \"conf t\" -c \"no ip protocol bgp\" ')
+ # We also need some additional information from the config,
+ # prefix-lists and route-maps for instance.
+ base = ['policy']
+ tmp = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
+ # As we only support one ASN (later checked in begin of verify()) we add the
+ # new information only to the first AS number
+ asn = next(iter(bgp))
+ # Merge policy dict into bgp dict
+ bgp[asn] = dict_merge(tmp, bgp[asn])
+
return bgp
def verify(bgp):
@@ -78,10 +89,37 @@ def verify(bgp):
# remote-as must be either set explicitly for the neighbor
# or for the entire peer-group
if 'remote_as' not in peer_config:
- peer_group = peer_config['peer_group']
- if 'remote_as' not in asn_config['peer_group'][peer_group]:
+ if 'peer_group' not in peer_config or 'remote_as' not in asn_config['peer_group'][peer_config['peer_group']]:
raise ConfigError('Remote AS must be set for neighbor or peer-group!')
+ for afi in ['ipv4_unicast', 'ipv6_unicast']:
+ # Bail out early if address family is not configured
+ if 'address_family' not in peer_config or afi not in peer_config['address_family']:
+ continue
+
+ afi_config = peer_config['address_family'][afi]
+ # Validate if configured Prefix list exists
+ if 'prefix_list' in afi_config:
+ for tmp in ['import', 'export']:
+ if tmp in afi_config['prefix_list']:
+ if afi == 'ipv4_unicast':
+ prefix_list = afi_config['prefix_list'][tmp]
+ if 'prefix_list' not in asn_config or prefix_list not in asn_config['prefix_list']:
+ raise ConfigError(f'prefix-list "{prefix_list}" used for "{tmp}" does not exist!')
+ if afi == 'ipv6_unicast':
+ prefix_list = afi_config['prefix_list6'][tmp]
+ if 'prefix_list6' not in asn_config or prefix_list not in asn_config['prefix_list6']:
+ raise ConfigError(f'prefix-list "{prefix_list}" used for "{tmp}" does not exist!')
+
+
+ if 'route_map' in afi_config:
+ for tmp in ['import', 'export']:
+ if tmp in afi_config['route_map']:
+ route_map = afi_config['route_map'][tmp]
+ if 'route_map' not in asn_config or route_map not in asn_config['route_map']:
+ raise ConfigError(f'route-map "{route_map}" used for "{tmp}" does not exist!')
+
+
return None
def generate(bgp):