-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #17435 from opensourcerouting/fix/bgp_allow_0.0.0.…
…0_if_multiple_nlris_exist bgpd: Validate both nexthop information (NEXTHOP and NLRI)
- Loading branch information
Showing
6 changed files
with
198 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
[exabgp.api] | ||
encoder = text | ||
highres = false | ||
respawn = false | ||
socket = '' | ||
|
||
[exabgp.bgp] | ||
openwait = 60 | ||
|
||
[exabgp.cache] | ||
attributes = true | ||
nexthops = true | ||
|
||
[exabgp.daemon] | ||
daemonize = true | ||
pid = '/var/run/exabgp/exabgp.pid' | ||
user = 'exabgp' | ||
##daemonize = false | ||
|
||
[exabgp.log] | ||
all = false | ||
configuration = true | ||
daemon = true | ||
destination = '/var/log/exabgp.log' | ||
enable = true | ||
level = INFO | ||
message = false | ||
network = true | ||
packets = false | ||
parser = false | ||
processes = true | ||
reactor = true | ||
rib = false | ||
routes = false | ||
short = false | ||
timers = false | ||
|
||
[exabgp.pdb] | ||
enable = false | ||
|
||
[exabgp.profile] | ||
enable = false | ||
file = '' | ||
|
||
[exabgp.reactor] | ||
speed = 1.0 | ||
|
||
[exabgp.tcp] | ||
acl = false | ||
bind = '' | ||
delay = 0 | ||
once = false | ||
port = 179 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
neighbor fc00::1 { | ||
router-id 10.0.0.2; | ||
local-address fc00::2; | ||
local-as 65002; | ||
peer-as 65001; | ||
group-updates false; | ||
|
||
family { | ||
ipv4 unicast; | ||
ipv6 unicast; | ||
} | ||
|
||
static { | ||
route 2001:db8:100::/64 { | ||
next-hop 0.0.0.0; | ||
next-hop fc00::2; | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
! | ||
interface r1-eth0 | ||
ip address fc00::1/64 | ||
! | ||
router bgp 65001 | ||
bgp router-id 10.0.0.1 | ||
no bgp default ipv4-unicast | ||
no bgp ebgp-requires-policy | ||
neighbor fc00::2 remote-as external | ||
neighbor fc00::2 timers 3 10 | ||
address-family ipv6 | ||
neighbor fc00::2 activate | ||
exit-address-family | ||
! |
90 changes: 90 additions & 0 deletions
90
tests/topotests/bgp_invalid_nexthop/test_bgp_invalid_nexthop.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
#!/usr/bin/env python | ||
# SPDX-License-Identifier: ISC | ||
|
||
# | ||
# Copyright (c) 2024 by | ||
# Donatas Abraitis <[email protected]> | ||
# | ||
|
||
""" | ||
""" | ||
|
||
import os | ||
import sys | ||
import json | ||
import pytest | ||
import functools | ||
|
||
CWD = os.path.dirname(os.path.realpath(__file__)) | ||
sys.path.append(os.path.join(CWD, "../")) | ||
|
||
# pylint: disable=C0413 | ||
from lib import topotest | ||
from lib.topogen import Topogen, get_topogen | ||
|
||
pytestmark = [pytest.mark.bgpd] | ||
|
||
|
||
def build_topo(tgen): | ||
r1 = tgen.add_router("r1") | ||
peer1 = tgen.add_exabgp_peer("peer1", ip="fc00::2/64", defaultRoute="via fc00::1") | ||
|
||
switch = tgen.add_switch("s1") | ||
switch.add_link(r1) | ||
switch.add_link(peer1) | ||
|
||
|
||
def setup_module(mod): | ||
tgen = Topogen(build_topo, mod.__name__) | ||
tgen.start_topology() | ||
|
||
for _, (rname, router) in enumerate(tgen.routers().items(), 1): | ||
router.load_frr_config(os.path.join(CWD, "{}/frr.conf".format(rname))) | ||
|
||
tgen.start_router() | ||
|
||
peer = tgen.gears["peer1"] | ||
peer.start(os.path.join(CWD, "peer1"), os.path.join(CWD, "exabgp.env")) | ||
|
||
|
||
def teardown_module(mod): | ||
tgen = get_topogen() | ||
tgen.stop_topology() | ||
|
||
|
||
def test_bgp_invalid_nexthop(): | ||
tgen = get_topogen() | ||
|
||
if tgen.routers_have_failure(): | ||
pytest.skip(tgen.errors) | ||
|
||
r1 = tgen.gears["r1"] | ||
|
||
def _bgp_converge(): | ||
output = json.loads(r1.vtysh_cmd("show bgp ipv6 unicast json")) | ||
expected = { | ||
"routes": { | ||
"2001:db8:100::/64": [ | ||
{"valid": True, "nexthops": [{"ip": "fc00::2", "afi": "ipv6"}]} | ||
] | ||
} | ||
} | ||
return topotest.json_cmp(output, expected) | ||
|
||
test_func = functools.partial(_bgp_converge) | ||
_, result = topotest.run_and_expect(test_func, None, count=30, wait=1) | ||
assert result is None, "2001:db8:100::/64 does not have a valid nexthop" | ||
|
||
|
||
def test_memory_leak(): | ||
"Run the memory leak test and report results." | ||
tgen = get_topogen() | ||
if not tgen.is_memleak_enabled(): | ||
pytest.skip("Memory leak test/report is disabled") | ||
|
||
tgen.report_memory_leaks() | ||
|
||
|
||
if __name__ == "__main__": | ||
args = ["-s"] + sys.argv[1:] | ||
sys.exit(pytest.main(args)) |