summaryrefslogtreecommitdiff
path: root/src/conf_mode/protocols_bgp.py
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-02-14 11:54:53 +0100
committerChristian Poessinger <christian@poessinger.com>2021-02-14 11:54:53 +0100
commita2062824f21432031e65db0f16954f18aba19bec (patch)
tree34f37c4f86d6f74f5f6a86c03c2dfbfa6425d906 /src/conf_mode/protocols_bgp.py
parent081b747e2940ac042e39bac1f209d7df94a413bf (diff)
downloadvyos-1x-a2062824f21432031e65db0f16954f18aba19bec.tar.gz
vyos-1x-a2062824f21432031e65db0f16954f18aba19bec.zip
bgp: T2387: route-reflector-client is only supported for iBGP peers
Diffstat (limited to 'src/conf_mode/protocols_bgp.py')
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index a2c129149..9021d58c8 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -92,7 +92,7 @@ def verify(bgp):
if 'peer_group' not in peer_config or 'remote_as' not in asn_config['peer_group'][ peer_config['peer_group'] ]:
raise ConfigError('Remote AS must be set for neighbor or peer-group!')
- for afi in ['ipv4_unicast', 'ipv6_unicast']:
+ for afi in ['ipv4_unicast', 'ipv6_unicast', 'l2vpn_evpn']:
# Bail out early if address family is not configured
if 'address_family' not in peer_config or afi not in peer_config['address_family']:
continue
@@ -123,6 +123,15 @@ def verify(bgp):
if dict_search(f'policy.route_map.{route_map}', asn_config) == None:
raise ConfigError(f'route-map "{route_map}" used for "{tmp}" does not exist!')
+ if 'route_reflector_client' in afi_config:
+ if 'remote_as' in peer_config and asn != peer_config['remote_as']:
+ raise ConfigError('route-reflector-client only supported for iBGP peers')
+ else:
+ peer_group_as = dict_search(f'peer_group.{peer_group}.remote_as', asn_config)
+ if 'peer_group' in peer_config and peer_group_as != None and peer_group_as != asn:
+ raise ConfigError('route-reflector-client only supported for iBGP peers')
+
+
# Throw an error if a peer group is not configured for allow range
for prefix in dict_search('listen.range', asn_config) or []:
# we can not use dict_search() here as prefix contains dots ...