From d6b0327c358319e4b3c2ba093ba64a88e4458906 Mon Sep 17 00:00:00 2001 From: Donatas Abraitis Date: Thu, 29 Sep 2022 19:09:13 +0300 Subject: [PATCH 1/2] bgpd: Allow using remote-as the same as local-as As an example, Arista EOS allows this behavior. Configuration something like: ``` neighbor PG peer-group neighbor PG remote-as 65001 neighbor PG local-as 65001 neighbor 192.168.10.124 peer-group PG ``` Or without peer-group. Signed-off-by: Donatas Abraitis --- bgpd/bgp_vty.c | 6 ------ bgpd/bgpd.c | 53 +++++++++++++++----------------------------------- bgpd/bgpd.h | 2 -- 3 files changed, 16 insertions(+), 45 deletions(-) diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index 82c9d9667c..e784702aab 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -873,9 +873,6 @@ int bgp_vty_return(struct vty *vty, enum bgp_create_error_code ret) case BGP_ERR_REMOVE_PRIVATE_AS: str = "remove-private-AS cannot be configured for IBGP peers"; break; - case BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP: - str = "Local-AS allowed only for EBGP peers"; - break; case BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS: str = "Cannot have local-as same as BGP AS number"; break; @@ -936,9 +933,6 @@ int bgp_vty_return(struct vty *vty, enum bgp_create_error_code ret) case BGP_ERR_AF_UNCONFIGURED: str = "AFI/SAFI specified is not currently configured."; break; - case BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS_REMOTE_AS: - str = "AS specified for local as is the same as the remote as and this is not allowed."; - break; case BGP_ERR_INVALID_AS: str = "Confederation AS specified is the same AS as our AS."; break; diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c index 749e46ebe9..433493384b 100644 --- a/bgpd/bgpd.c +++ b/bgpd/bgpd.c @@ -997,9 +997,15 @@ void peer_af_flag_inherit(struct peer *peer, afi_t afi, safi_t safi, static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer) { struct bgp *bgp; + as_t local_as; bgp = peer->bgp; + if (peer->change_local_as) + local_as = peer->change_local_as; + else + local_as = peer->local_as; + /* Peer-group */ if (CHECK_FLAG(peer->sflags, PEER_STATUS_GROUP)) { if (peer->as_type == AS_INTERNAL) @@ -1010,8 +1016,8 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer) else if (peer->as_type == AS_SPECIFIED && peer->as) { assert(bgp); - return (bgp->as == peer->as ? BGP_PEER_IBGP - : BGP_PEER_EBGP); + return (local_as == peer->as ? BGP_PEER_IBGP + : BGP_PEER_EBGP); } else { @@ -1028,17 +1034,17 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer) /* Normal peer */ if (bgp && CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) { - if (peer->local_as == 0) + if (local_as == 0) return BGP_PEER_INTERNAL; - if (peer->local_as == peer->as) { + if (local_as == peer->as) { if (bgp->as == bgp->confed_id) { - if (peer->local_as == bgp->as) + if (local_as == bgp->as) return BGP_PEER_IBGP; else return BGP_PEER_EBGP; } else { - if (peer->local_as == bgp->confed_id) + if (local_as == bgp->confed_id) return BGP_PEER_EBGP; else return BGP_PEER_IBGP; @@ -1056,8 +1062,7 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer) && (peer->group->conf->as_type != AS_UNSPECIFIED)) { if (peer->group->conf->as_type == AS_SPECIFIED) { - if (peer->local_as - == peer->group->conf->as) + if (local_as == peer->group->conf->as) return BGP_PEER_IBGP; else return BGP_PEER_EBGP; @@ -1073,9 +1078,8 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer) return (peer->as_type == AS_INTERNAL ? BGP_PEER_IBGP : BGP_PEER_EBGP); - return (peer->local_as == 0 - ? BGP_PEER_INTERNAL - : peer->local_as == peer->as ? BGP_PEER_IBGP + return (local_as == 0 ? BGP_PEER_INTERNAL + : local_as == peer->as ? BGP_PEER_IBGP : BGP_PEER_EBGP); } } @@ -1885,14 +1889,6 @@ void peer_as_change(struct peer *peer, as_t as, int as_specified) UNSET_FLAG(peer->af_flags[AFI_L2VPN][SAFI_EVPN], PEER_FLAG_REFLECTOR_CLIENT); } - - /* local-as reset */ - if (newtype != BGP_PEER_EBGP) { - peer->change_local_as = 0; - peer_flag_unset(peer, PEER_FLAG_LOCAL_AS); - peer_flag_unset(peer, PEER_FLAG_LOCAL_AS_NO_PREPEND); - peer_flag_unset(peer, PEER_FLAG_LOCAL_AS_REPLACE_AS); - } } /* If peer does not exist, create new one. If peer already exists, @@ -3018,17 +3014,6 @@ int peer_group_bind(struct bgp *bgp, union sockunion *su, struct peer *peer, /* ebgp-multihop reset */ if (gtype == BGP_PEER_IBGP) group->conf->ttl = MAXTTL; - - /* local-as reset */ - if (gtype != BGP_PEER_EBGP) { - group->conf->change_local_as = 0; - peer_flag_unset(group->conf, - PEER_FLAG_LOCAL_AS); - peer_flag_unset(group->conf, - PEER_FLAG_LOCAL_AS_NO_PREPEND); - peer_flag_unset(group->conf, - PEER_FLAG_LOCAL_AS_REPLACE_AS); - } } SET_FLAG(peer->flags, PEER_FLAG_CONFIG_NODE); @@ -6109,17 +6094,10 @@ int peer_local_as_set(struct peer *peer, as_t as, bool no_prepend, struct bgp *bgp = peer->bgp; struct peer *member; struct listnode *node, *nnode; - enum bgp_peer_sort ptype = peer_sort(peer); - - if (ptype != BGP_PEER_EBGP && ptype != BGP_PEER_INTERNAL) - return BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP; if (bgp->as == as) return BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS; - if (peer->as == as) - return BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS_REMOTE_AS; - /* Save previous flag states. */ old_no_prepend = !!CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND); @@ -6135,6 +6113,7 @@ int peer_local_as_set(struct peer *peer, as_t as, bool no_prepend, && old_replace_as == replace_as) return 0; peer->change_local_as = as; + (void)peer_sort(peer); /* Check if handling a regular peer. */ if (!CHECK_FLAG(peer->sflags, PEER_STATUS_GROUP)) { diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h index f6162f33e4..b6efac9a7f 100644 --- a/bgpd/bgpd.h +++ b/bgpd/bgpd.h @@ -2004,13 +2004,11 @@ enum bgp_create_error_code { BGP_ERR_AF_UNCONFIGURED = -15, BGP_ERR_SOFT_RECONFIG_UNCONFIGURED = -16, BGP_ERR_INSTANCE_MISMATCH = -17, - BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP = -18, BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS = -19, BGP_ERR_TCPSIG_FAILED = -20, BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK = -21, BGP_ERR_NO_IBGP_WITH_TTLHACK = -22, BGP_ERR_NO_INTERFACE_CONFIG = -23, - BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS_REMOTE_AS = -24, BGP_ERR_AS_OVERRIDE = -25, BGP_ERR_INVALID_DYNAMIC_NEIGHBORS_LIMIT = -26, BGP_ERR_DYNAMIC_NEIGHBORS_RANGE_EXISTS = -27, From f3bc47b735a198f3da082a1401aca30483c74da8 Mon Sep 17 00:00:00 2001 From: Donatas Abraitis Date: Thu, 29 Sep 2022 21:12:24 +0300 Subject: [PATCH 2/2] tests: Check if BGP works correctly when using local-as == remote-as Signed-off-by: Donatas Abraitis --- tests/topotests/bgp_local_as/__init__.py | 0 tests/topotests/bgp_local_as/r1/bgpd.conf | 14 ++ tests/topotests/bgp_local_as/r1/zebra.conf | 10 ++ tests/topotests/bgp_local_as/r2/bgpd.conf | 6 + tests/topotests/bgp_local_as/r2/zebra.conf | 4 + tests/topotests/bgp_local_as/r3/bgpd.conf | 6 + tests/topotests/bgp_local_as/r3/zebra.conf | 4 + .../bgp_local_as/test_bgp_local_as.py | 134 ++++++++++++++++++ 8 files changed, 178 insertions(+) create mode 100644 tests/topotests/bgp_local_as/__init__.py create mode 100644 tests/topotests/bgp_local_as/r1/bgpd.conf create mode 100644 tests/topotests/bgp_local_as/r1/zebra.conf create mode 100644 tests/topotests/bgp_local_as/r2/bgpd.conf create mode 100644 tests/topotests/bgp_local_as/r2/zebra.conf create mode 100644 tests/topotests/bgp_local_as/r3/bgpd.conf create mode 100644 tests/topotests/bgp_local_as/r3/zebra.conf create mode 100644 tests/topotests/bgp_local_as/test_bgp_local_as.py diff --git a/tests/topotests/bgp_local_as/__init__.py b/tests/topotests/bgp_local_as/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tests/topotests/bgp_local_as/r1/bgpd.conf b/tests/topotests/bgp_local_as/r1/bgpd.conf new file mode 100644 index 0000000000..fa147d8673 --- /dev/null +++ b/tests/topotests/bgp_local_as/r1/bgpd.conf @@ -0,0 +1,14 @@ +router bgp 65001 + no bgp ebgp-requires-policy + neighbor 192.168.1.2 remote-as 65002 + neighbor 192.168.1.2 local-as 65002 + neighbor 192.168.1.2 timers 1 3 + neighbor 192.168.1.2 timers connect 1 + neighbor PG peer-group + neighbor PG remote-as 65003 + neighbor PG local-as 65003 + neighbor 192.168.2.2 peer-group PG + address-family ipv4 + redistribute connected + exit-address-family +! diff --git a/tests/topotests/bgp_local_as/r1/zebra.conf b/tests/topotests/bgp_local_as/r1/zebra.conf new file mode 100644 index 0000000000..5b32faeb44 --- /dev/null +++ b/tests/topotests/bgp_local_as/r1/zebra.conf @@ -0,0 +1,10 @@ +! +interface lo + ip address 172.16.255.1/32 +! +interface r1-eth0 + ip address 192.168.1.1/24 +! +interface r1-eth1 + ip address 192.168.2.1/24 +! diff --git a/tests/topotests/bgp_local_as/r2/bgpd.conf b/tests/topotests/bgp_local_as/r2/bgpd.conf new file mode 100644 index 0000000000..9c25bdfdd3 --- /dev/null +++ b/tests/topotests/bgp_local_as/r2/bgpd.conf @@ -0,0 +1,6 @@ +router bgp 65002 + no bgp ebgp-requires-policy + neighbor 192.168.1.1 remote-as internal + neighbor 192.168.1.1 timers 1 3 + neighbor 192.168.1.1 timers connect 1 +! diff --git a/tests/topotests/bgp_local_as/r2/zebra.conf b/tests/topotests/bgp_local_as/r2/zebra.conf new file mode 100644 index 0000000000..0c95656663 --- /dev/null +++ b/tests/topotests/bgp_local_as/r2/zebra.conf @@ -0,0 +1,4 @@ +! +interface r2-eth0 + ip address 192.168.1.2/24 +! diff --git a/tests/topotests/bgp_local_as/r3/bgpd.conf b/tests/topotests/bgp_local_as/r3/bgpd.conf new file mode 100644 index 0000000000..54ccd90f3f --- /dev/null +++ b/tests/topotests/bgp_local_as/r3/bgpd.conf @@ -0,0 +1,6 @@ +router bgp 65003 + no bgp ebgp-requires-policy + neighbor 192.168.2.1 remote-as internal + neighbor 192.168.2.1 timers 1 3 + neighbor 192.168.2.1 timers connect 1 +! diff --git a/tests/topotests/bgp_local_as/r3/zebra.conf b/tests/topotests/bgp_local_as/r3/zebra.conf new file mode 100644 index 0000000000..d28deddfcd --- /dev/null +++ b/tests/topotests/bgp_local_as/r3/zebra.conf @@ -0,0 +1,4 @@ +! +interface r3-eth0 + ip address 192.168.2.2/24 +! diff --git a/tests/topotests/bgp_local_as/test_bgp_local_as.py b/tests/topotests/bgp_local_as/test_bgp_local_as.py new file mode 100644 index 0000000000..525d44220f --- /dev/null +++ b/tests/topotests/bgp_local_as/test_bgp_local_as.py @@ -0,0 +1,134 @@ +#!/usr/bin/env python + +# +# Copyright (c) 2022 by +# Donatas Abraitis +# +# Permission to use, copy, modify, and/or distribute this software +# for any purpose with or without fee is hereby granted, provided +# that the above copyright notice and this permission notice appear +# in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY +# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE +# OF THIS SOFTWARE. +# + +""" + +""" + +import os +import sys +import json +import pytest +import functools + +CWD = os.path.dirname(os.path.realpath(__file__)) +sys.path.append(os.path.join(CWD, "../")) + +# pylint: disable=C0413 +from lib import topotest +from lib.topogen import Topogen, TopoRouter, get_topogen +from lib.common_config import step + +pytestmark = [pytest.mark.bgpd] + + +def build_topo(tgen): + for routern in range(1, 4): + tgen.add_router("r{}".format(routern)) + + switch = tgen.add_switch("s1") + switch.add_link(tgen.gears["r1"]) + switch.add_link(tgen.gears["r2"]) + + switch = tgen.add_switch("s2") + switch.add_link(tgen.gears["r1"]) + switch.add_link(tgen.gears["r3"]) + + +def setup_module(mod): + tgen = Topogen(build_topo, mod.__name__) + tgen.start_topology() + + router_list = tgen.routers() + + for i, (rname, router) in enumerate(router_list.items(), 1): + router.load_config( + TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format(rname)) + ) + + tgen.start_router() + + +def teardown_module(mod): + tgen = get_topogen() + tgen.stop_topology() + + +def test_bgp_local_as_same_remote_as(): + tgen = get_topogen() + + if tgen.routers_have_failure(): + pytest.skip(tgen.errors) + + def _bgp_check_local_as_same_remote_as(): + output = json.loads( + tgen.gears["r2"].vtysh_cmd("show bgp ipv4 unicast 172.16.255.1/32 json") + ) + expected = { + "paths": [ + { + "valid": True, + "aspath": {"string": "Local"}, + "nexthops": [{"ip": "192.168.1.1", "hostname": "r1"}], + } + ] + } + return topotest.json_cmp(output, expected) + + step("Check if iBGP works when local-as == remote-as") + test_func = functools.partial(_bgp_check_local_as_same_remote_as) + _, result = topotest.run_and_expect(test_func, None, count=60, wait=0.5) + assert result is None, "Failed to see BGP prefixes on R2" + + +def test_bgp_peer_group_local_as_same_remote_as(): + tgen = get_topogen() + + if tgen.routers_have_failure(): + pytest.skip(tgen.errors) + + def _bgp_check_local_as_same_remote_as(): + output = json.loads( + tgen.gears["r3"].vtysh_cmd("show bgp ipv4 unicast 172.16.255.1/32 json") + ) + expected = { + "paths": [ + { + "valid": True, + "aspath": {"string": "Local"}, + "nexthops": [{"ip": "192.168.2.1", "hostname": "r1"}], + } + ] + } + return topotest.json_cmp(output, expected) + + step("Initial BGP converge") + test_func = functools.partial(_bgp_check_local_as_same_remote_as) + _, result = topotest.run_and_expect(test_func, None, count=60, wait=0.5) + assert result is None, "Failed to see BGP prefixes on R3" + + +if __name__ == "__main__": + args = ["-s"] + sys.argv[1:] + sys.exit(pytest.main(args))