bgp: T2771: add vpn, multicast, flowspec address families

In this commit we add more address families within BGP. This should bring VyOS the ability to enable the rest of the capabilities within FRR. Co-authored-by: Cheeze_It <none@none.com>
author: Cheeze-It <16260577+Cheeze-It@users.noreply.github.com> 2021-04-15 05:18:22 -0600
committer: GitHub <noreply@github.com> 2021-04-15 13:18:22 +0200
commit: 1733ebf10aedafefbc17bd0660f6d43098b08d8a (patch)
tree: c64064a872f9a87334241b87139da2310a80c6fa /src/conf_mode
parent: 7a48396731ff41007c083440e2aae01dda747e72 (diff)
download: vyos-1x-1733ebf10aedafefbc17bd0660f6d43098b08d8a.tar.gz
vyos-1x-1733ebf10aedafefbc17bd0660f6d43098b08d8a.zip
1 files changed, 39 insertions, 1 deletions
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 6b83087bf..001108ede 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -127,6 +127,10 @@ def verify(bgp):
             if 'ebgp_multihop' in peer_config and 'ttl_security' in peer_config:
                 raise ConfigError('You can\'t set both ebgp-multihop and ttl-security hops')
 
+            # Check if neighbor has both override capability and strict capability match configured at the same time.
+            if 'override_capability' in peer_config and 'strict_capability_match' in peer_config:
+                raise ConfigError(f'Neighbor "{peer}" cannot have both override-capability and strict-capability-match configured at the same time!')
+
             # Check spaces in the password
             if 'password' in peer_config and ' ' in peer_config['password']:
                 raise ConfigError('You can\'t use spaces in the password')
@@ -148,11 +152,21 @@ def verify(bgp):
                     if 'remote_as' in peer_config:
                         raise ConfigError(f'remote-as must be set under the interface node of "{peer}"')
 
-            for afi in ['ipv4_unicast', 'ipv6_unicast', 'l2vpn_evpn']:
+            for afi in ['ipv4_unicast', 'ipv4_multicast', 'ipv4_labeled_unicast', 'ipv4_flowspec',
+                        'ipv6_unicast', 'ipv6_multicast', 'ipv6_labeled_unicast', 'ipv6_flowspec',
+                        'l2vpn_evpn']:
                 # Bail out early if address family is not configured
                 if 'address_family' not in peer_config or afi not in peer_config['address_family']:
                     continue
 
+                # Check if neighbor has both ipv4 unicast and ipv4 labeled unicast configured at the same time.
+                if 'ipv4_unicast' in peer_config['address_family'] and 'ipv4_labeled_unicast' in peer_config['address_family']:
+                    raise ConfigError(f'Neighbor "{peer}" cannot have both ipv4-unicast and ipv4-labeled-unicast configured at the same time!')
+                    
+                # Check if neighbor has both ipv6 unicast and ipv6 labeled unicast configured at the same time.
+                if 'ipv6_unicast' in peer_config['address_family'] and 'ipv6_labeled_unicast' in peer_config['address_family']:
+                    raise ConfigError(f'Neighbor "{peer}" cannot have both ipv6-unicast and ipv6-labeled-unicast configured at the same time!')
+
                 afi_config = peer_config['address_family'][afi]
                 # Validate if configured Prefix list exists
                 if 'prefix_list' in afi_config:
@@ -192,6 +206,30 @@ def verify(bgp):
         if not verify_remote_as(bgp['listen']['range'][prefix], bgp):
             raise ConfigError(f'Peer-group "{peer_group}" requires remote-as to be set!')
 
+    # Throw an error if the global administrative distance parameters aren't all filled out.
+    if dict_search('parameters.distance', bgp) == None:
+        pass
+    else:
+        if dict_search('parameters.distance.global', bgp):
+            for key in ['external', 'internal', 'local']:
+                if dict_search(f'parameters.distance.global.{key}', bgp) == None:
+                    raise ConfigError('Missing mandatory configuration option for '\
+                                     f'global administrative distance {key}!')
+        
+    # Throw an error if the address family specific administrative distance parameters aren't all filled out.
+    if dict_search('address_family', bgp) == None:
+        pass
+    else:
+        for address_family_name in dict_search('address_family', bgp):
+            if dict_search(f'address_family.{address_family_name}.distance', bgp) == None:
+                pass
+            else:
+                for key in ['external', 'internal', 'local']:
+                    if dict_search(f'address_family.{address_family_name}.distance.{key}', bgp) == None:
+                        address_family_name = address_family_name.replace('_', '-')
+                        raise ConfigError('Missing mandatory configuration option for '\
+                                         f'{address_family_name} administrative distance {key}!')
+
     return None
 
 def generate(bgp):
author	Cheeze-It <16260577+Cheeze-It@users.noreply.github.com>	2021-04-15 05:18:22 -0600
committer	GitHub <noreply@github.com>	2021-04-15 13:18:22 +0200
commit	1733ebf10aedafefbc17bd0660f6d43098b08d8a (patch)
tree	c64064a872f9a87334241b87139da2310a80c6fa /src/conf_mode
parent	7a48396731ff41007c083440e2aae01dda747e72 (diff)
download	vyos-1x-1733ebf10aedafefbc17bd0660f6d43098b08d8a.tar.gz vyos-1x-1733ebf10aedafefbc17bd0660f6d43098b08d8a.zip