summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-07-18 17:54:16 +0200
committerChristian Poessinger <christian@poessinger.com>2022-07-18 17:58:05 +0200
commitfc395620cc8dd68063a4a563f1f0b7b4a84457c5 (patch)
tree4ca3ec756a24a6c48b2d5cc07ff87a5f71b789a7
parent8f20f18ad9b7724821f884c5109bdee7782c3a82 (diff)
downloadvyos-1x-fc395620cc8dd68063a4a563f1f0b7b4a84457c5.tar.gz
vyos-1x-fc395620cc8dd68063a4a563f1f0b7b4a84457c5.zip
bgp: T4490: check peer-group for AFI/SAFI before issuing warning
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group.
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py17
1 files changed, 14 insertions, 3 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 01f14df61..5aa643476 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -101,6 +101,17 @@ def verify_remote_as(peer_config, bgp_config):
return None
+def verify_afi(peer_config, bgp_config):
+ if 'address_family' in peer_config:
+ return True
+
+ if 'peer_group' in peer_config:
+ peer_group_name = peer_config['peer_group']
+ tmp = dict_search(f'peer_group.{peer_group_name}.address_family', bgp_config)
+ if tmp: return True
+
+ return False
+
def verify(bgp):
if not bgp or 'deleted' in bgp:
if 'dependent_vrfs' in bgp:
@@ -165,6 +176,9 @@ def verify(bgp):
if not verify_remote_as(peer_config, bgp):
raise ConfigError(f'Neighbor "{peer}" remote-as must be set!')
+ if not verify_afi(peer_config, bgp):
+ Warning(f'BGP neighbor "{peer}" requires address-family!')
+
# Peer-group member cannot override remote-as of peer-group
if 'peer_group' in peer_config:
peer_group = peer_config['peer_group']
@@ -199,9 +213,6 @@ def verify(bgp):
if 'source_interface' in peer_config['interface']:
raise ConfigError(f'"source-interface" option not allowed for neighbor "{peer}"')
- if 'address_family' not in peer_config:
- Warning(f'BGP neighbor "{peer}" requires address-family!')
-
for afi in ['ipv4_unicast', 'ipv4_multicast', 'ipv4_labeled_unicast', 'ipv4_flowspec',
'ipv6_unicast', 'ipv6_multicast', 'ipv6_labeled_unicast', 'ipv6_flowspec',
'l2vpn_evpn']: