summaryrefslogtreecommitdiff
path: root/src/conf_mode/protocols_bgp.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2022-03-26 09:25:02 +0100
committerChristian Poessinger <christian@poessinger.com>2022-03-26 09:25:02 +0100
commit772d05156aaa75c904fe340cfce024da00f187f4 (patch)
treef2e0bba051a825d02bdec50b9df26680266ae85f /src/conf_mode/protocols_bgp.py
parent1bfe09f90b9eca58f00cfae880e13e88c6dae894 (diff)
downloadvyos-1x-772d05156aaa75c904fe340cfce024da00f187f4.tar.gz
vyos-1x-772d05156aaa75c904fe340cfce024da00f187f4.zip
bgp: T4321: check neighbor IP addresses against VRF context
Diffstat (limited to 'src/conf_mode/protocols_bgp.py')
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py10
1 files changed, 8 insertions, 2 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 9e59177a8..64b113873 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -159,8 +159,14 @@ def verify(bgp):
# Only checks for ipv4 and ipv6 neighbors
# Check if neighbor address is assigned as system interface address
- if is_ip(peer) and is_addr_assigned(peer):
- raise ConfigError(f'Can not configure a local address as neighbor "{peer}"')
+ vrf = None
+ vrf_error_msg = f' in default VRF!'
+ if 'vrf' in bgp:
+ vrf = bgp['vrf']
+ vrf_error_msg = f' in VRF "{vrf}"!'
+
+ if is_ip(peer) and is_addr_assigned(peer, vrf):
+ raise ConfigError(f'Can not configure local address as neighbor "{peer}"{vrf_error_msg}')
elif is_interface(peer):
if 'peer_group' in peer_config:
raise ConfigError(f'peer-group must be set under the interface node of "{peer}"')