diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-02-14 11:54:53 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-02-14 11:54:53 +0100 |
commit | a2062824f21432031e65db0f16954f18aba19bec (patch) | |
tree | 34f37c4f86d6f74f5f6a86c03c2dfbfa6425d906 /src/conf_mode/protocols_bgp.py | |
parent | 081b747e2940ac042e39bac1f209d7df94a413bf (diff) | |
download | vyos-1x-a2062824f21432031e65db0f16954f18aba19bec.tar.gz vyos-1x-a2062824f21432031e65db0f16954f18aba19bec.zip |
bgp: T2387: route-reflector-client is only supported for iBGP peers
Diffstat (limited to 'src/conf_mode/protocols_bgp.py')
-rwxr-xr-x | src/conf_mode/protocols_bgp.py | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index a2c129149..9021d58c8 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -92,7 +92,7 @@ def verify(bgp): if 'peer_group' not in peer_config or 'remote_as' not in asn_config['peer_group'][ peer_config['peer_group'] ]: raise ConfigError('Remote AS must be set for neighbor or peer-group!') - for afi in ['ipv4_unicast', 'ipv6_unicast']: + for afi in ['ipv4_unicast', 'ipv6_unicast', 'l2vpn_evpn']: # Bail out early if address family is not configured if 'address_family' not in peer_config or afi not in peer_config['address_family']: continue @@ -123,6 +123,15 @@ def verify(bgp): if dict_search(f'policy.route_map.{route_map}', asn_config) == None: raise ConfigError(f'route-map "{route_map}" used for "{tmp}" does not exist!') + if 'route_reflector_client' in afi_config: + if 'remote_as' in peer_config and asn != peer_config['remote_as']: + raise ConfigError('route-reflector-client only supported for iBGP peers') + else: + peer_group_as = dict_search(f'peer_group.{peer_group}.remote_as', asn_config) + if 'peer_group' in peer_config and peer_group_as != None and peer_group_as != asn: + raise ConfigError('route-reflector-client only supported for iBGP peers') + + # Throw an error if a peer group is not configured for allow range for prefix in dict_search('listen.range', asn_config) or []: # we can not use dict_search() here as prefix contains dots ... |