Merge pull request #12040 from opensourcerouting/fix/bgp_local_as_remote_as

bgpd: Allow using remote-as the same as local-as

bgpd/bgp_vty.c

@@ -873,9 +873,6 @@ int bgp_vty_return(struct vty *vty, enum bgp_create_error_code ret)
 	case BGP_ERR_REMOVE_PRIVATE_AS:
 		str = "remove-private-AS cannot be configured for IBGP peers";
 		break;
-	case BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP:
-		str = "Local-AS allowed only for EBGP peers";
-		break;
 	case BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS:
 		str = "Cannot have local-as same as BGP AS number";
 		break;
@@ -936,9 +933,6 @@ int bgp_vty_return(struct vty *vty, enum bgp_create_error_code ret)
 	case BGP_ERR_AF_UNCONFIGURED:
 		str = "AFI/SAFI specified is not currently configured.";
 		break;
-	case BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS_REMOTE_AS:
-		str = "AS specified for local as is the same as the remote as and this is not allowed.";
-		break;
 	case BGP_ERR_INVALID_AS:
 		str = "Confederation AS specified is the same AS as our AS.";
 		break;

bgpd/bgpd.c

@@ -997,9 +997,15 @@ void peer_af_flag_inherit(struct peer *peer, afi_t afi, safi_t safi,
 static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer)
 {
 	struct bgp *bgp;
+	as_t local_as;
 
 	bgp = peer->bgp;
 
+	if (peer->change_local_as)
+		local_as = peer->change_local_as;
+	else
+		local_as = peer->local_as;
+
 	/* Peer-group */
 	if (CHECK_FLAG(peer->sflags, PEER_STATUS_GROUP)) {
 		if (peer->as_type == AS_INTERNAL)
@@ -1010,7 +1016,7 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer)
 
 		else if (peer->as_type == AS_SPECIFIED && peer->as) {
 			assert(bgp);
-			return (bgp->as == peer->as ? BGP_PEER_IBGP
+			return (local_as == peer->as ? BGP_PEER_IBGP
 						     : BGP_PEER_EBGP);
 		}
 
@@ -1028,17 +1034,17 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer)
 
 	/* Normal peer */
 	if (bgp && CHECK_FLAG(bgp->config, BGP_CONFIG_CONFEDERATION)) {
-		if (peer->local_as == 0)
+		if (local_as == 0)
 			return BGP_PEER_INTERNAL;
 
-		if (peer->local_as == peer->as) {
+		if (local_as == peer->as) {
 			if (bgp->as == bgp->confed_id) {
-				if (peer->local_as == bgp->as)
+				if (local_as == bgp->as)
 					return BGP_PEER_IBGP;
 				else
 					return BGP_PEER_EBGP;
 			} else {
-				if (peer->local_as == bgp->confed_id)
+				if (local_as == bgp->confed_id)
 					return BGP_PEER_EBGP;
 				else
 					return BGP_PEER_IBGP;
@@ -1056,8 +1062,7 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer)
 			    && (peer->group->conf->as_type != AS_UNSPECIFIED)) {
 				if (peer->group->conf->as_type
 				    == AS_SPECIFIED) {
-					if (peer->local_as
+					if (local_as == peer->group->conf->as)
-					    == peer->group->conf->as)
 						return BGP_PEER_IBGP;
 					else
 						return BGP_PEER_EBGP;
@@ -1073,9 +1078,8 @@ static inline enum bgp_peer_sort peer_calc_sort(struct peer *peer)
 			return (peer->as_type == AS_INTERNAL ? BGP_PEER_IBGP
 							     : BGP_PEER_EBGP);
 
-		return (peer->local_as == 0
+		return (local_as == 0 ? BGP_PEER_INTERNAL
-				? BGP_PEER_INTERNAL
+				      : local_as == peer->as ? BGP_PEER_IBGP
-				: peer->local_as == peer->as ? BGP_PEER_IBGP
 							     : BGP_PEER_EBGP);
 	}
 }
@@ -1885,14 +1889,6 @@ void peer_as_change(struct peer *peer, as_t as, int as_specified)
 		UNSET_FLAG(peer->af_flags[AFI_L2VPN][SAFI_EVPN],
 			   PEER_FLAG_REFLECTOR_CLIENT);
 	}
-
-	/* local-as reset */
-	if (newtype != BGP_PEER_EBGP) {
-		peer->change_local_as = 0;
-		peer_flag_unset(peer, PEER_FLAG_LOCAL_AS);
-		peer_flag_unset(peer, PEER_FLAG_LOCAL_AS_NO_PREPEND);
-		peer_flag_unset(peer, PEER_FLAG_LOCAL_AS_REPLACE_AS);
-	}
 }
 
 /* If peer does not exist, create new one.  If peer already exists,
@@ -3018,17 +3014,6 @@ int peer_group_bind(struct bgp *bgp, union sockunion *su, struct peer *peer,
 			/* ebgp-multihop reset */
 			if (gtype == BGP_PEER_IBGP)
 				group->conf->ttl = MAXTTL;
-
-			/* local-as reset */
-			if (gtype != BGP_PEER_EBGP) {
-				group->conf->change_local_as = 0;
-				peer_flag_unset(group->conf,
-						PEER_FLAG_LOCAL_AS);
-				peer_flag_unset(group->conf,
-						PEER_FLAG_LOCAL_AS_NO_PREPEND);
-				peer_flag_unset(group->conf,
-						PEER_FLAG_LOCAL_AS_REPLACE_AS);
-			}
 		}
 
 		SET_FLAG(peer->flags, PEER_FLAG_CONFIG_NODE);
@@ -6109,17 +6094,10 @@ int peer_local_as_set(struct peer *peer, as_t as, bool no_prepend,
 	struct bgp *bgp = peer->bgp;
 	struct peer *member;
 	struct listnode *node, *nnode;
-	enum bgp_peer_sort ptype = peer_sort(peer);
-
-	if (ptype != BGP_PEER_EBGP && ptype != BGP_PEER_INTERNAL)
-		return BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP;
 
 	if (bgp->as == as)
 		return BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS;
 
-	if (peer->as == as)
-		return BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS_REMOTE_AS;
-
 	/* Save previous flag states. */
 	old_no_prepend =
 		!!CHECK_FLAG(peer->flags, PEER_FLAG_LOCAL_AS_NO_PREPEND);
@@ -6135,6 +6113,7 @@ int peer_local_as_set(struct peer *peer, as_t as, bool no_prepend,
 	    && old_replace_as == replace_as)
 		return 0;
 	peer->change_local_as = as;
+	(void)peer_sort(peer);
 
 	/* Check if handling a regular peer. */
 	if (!CHECK_FLAG(peer->sflags, PEER_STATUS_GROUP)) {

bgpd/bgpd.h

@@ -2004,13 +2004,11 @@ enum bgp_create_error_code {
 	BGP_ERR_AF_UNCONFIGURED = -15,
 	BGP_ERR_SOFT_RECONFIG_UNCONFIGURED = -16,
 	BGP_ERR_INSTANCE_MISMATCH = -17,
-	BGP_ERR_LOCAL_AS_ALLOWED_ONLY_FOR_EBGP = -18,
 	BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS = -19,
 	BGP_ERR_TCPSIG_FAILED = -20,
 	BGP_ERR_NO_EBGP_MULTIHOP_WITH_TTLHACK = -21,
 	BGP_ERR_NO_IBGP_WITH_TTLHACK = -22,
 	BGP_ERR_NO_INTERFACE_CONFIG = -23,
-	BGP_ERR_CANNOT_HAVE_LOCAL_AS_SAME_AS_REMOTE_AS = -24,
 	BGP_ERR_AS_OVERRIDE = -25,
 	BGP_ERR_INVALID_DYNAMIC_NEIGHBORS_LIMIT = -26,
 	BGP_ERR_DYNAMIC_NEIGHBORS_RANGE_EXISTS = -27,

tests/topotests/bgp_local_as/r1/bgpd.conf

@@ -0,0 +1,14 @@
+router bgp 65001
+ no bgp ebgp-requires-policy
+ neighbor 192.168.1.2 remote-as 65002
+ neighbor 192.168.1.2 local-as 65002
+ neighbor 192.168.1.2 timers 1 3
+ neighbor 192.168.1.2 timers connect 1
+ neighbor PG peer-group
+ neighbor PG remote-as 65003
+ neighbor PG local-as 65003
+ neighbor 192.168.2.2 peer-group PG
+ address-family ipv4
+  redistribute connected
+ exit-address-family
+!

tests/topotests/bgp_local_as/r1/zebra.conf

@@ -0,0 +1,10 @@
+!
+interface lo
+ ip address 172.16.255.1/32
+!
+interface r1-eth0
+ ip address 192.168.1.1/24
+!
+interface r1-eth1
+ ip address 192.168.2.1/24
+!

tests/topotests/bgp_local_as/r2/bgpd.conf

@@ -0,0 +1,6 @@
+router bgp 65002
+ no bgp ebgp-requires-policy
+ neighbor 192.168.1.1 remote-as internal
+ neighbor 192.168.1.1 timers 1 3
+ neighbor 192.168.1.1 timers connect 1
+!

tests/topotests/bgp_local_as/r2/zebra.conf

@@ -0,0 +1,4 @@
+!
+interface r2-eth0
+ ip address 192.168.1.2/24
+!

tests/topotests/bgp_local_as/r3/bgpd.conf

@@ -0,0 +1,6 @@
+router bgp 65003
+ no bgp ebgp-requires-policy
+ neighbor 192.168.2.1 remote-as internal
+ neighbor 192.168.2.1 timers 1 3
+ neighbor 192.168.2.1 timers connect 1
+!

tests/topotests/bgp_local_as/r3/zebra.conf

@@ -0,0 +1,4 @@
+!
+interface r3-eth0
+ ip address 192.168.2.2/24
+!

tests/topotests/bgp_local_as/test_bgp_local_as.py

@@ -0,0 +1,134 @@
+#!/usr/bin/env python
+
+#
+# Copyright (c) 2022 by
+# Donatas Abraitis <donatas@opensourcerouting.org>
+#
+# Permission to use, copy, modify, and/or distribute this software
+# for any purpose with or without fee is hereby granted, provided
+# that the above copyright notice and this permission notice appear
+# in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY
+# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
+# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE
+# OF THIS SOFTWARE.
+#
+
+"""
+
+"""
+
+import os
+import sys
+import json
+import pytest
+import functools
+
+CWD = os.path.dirname(os.path.realpath(__file__))
+sys.path.append(os.path.join(CWD, "../"))
+
+# pylint: disable=C0413
+from lib import topotest
+from lib.topogen import Topogen, TopoRouter, get_topogen
+from lib.common_config import step
+
+pytestmark = [pytest.mark.bgpd]
+
+
+def build_topo(tgen):
+    for routern in range(1, 4):
+        tgen.add_router("r{}".format(routern))
+
+    switch = tgen.add_switch("s1")
+    switch.add_link(tgen.gears["r1"])
+    switch.add_link(tgen.gears["r2"])
+
+    switch = tgen.add_switch("s2")
+    switch.add_link(tgen.gears["r1"])
+    switch.add_link(tgen.gears["r3"])
+
+
+def setup_module(mod):
+    tgen = Topogen(build_topo, mod.__name__)
+    tgen.start_topology()
+
+    router_list = tgen.routers()
+
+    for i, (rname, router) in enumerate(router_list.items(), 1):
+        router.load_config(
+            TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname))
+        )
+        router.load_config(
+            TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format(rname))
+        )
+
+    tgen.start_router()
+
+
+def teardown_module(mod):
+    tgen = get_topogen()
+    tgen.stop_topology()
+
+
+def test_bgp_local_as_same_remote_as():
+    tgen = get_topogen()
+
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    def _bgp_check_local_as_same_remote_as():
+        output = json.loads(
+            tgen.gears["r2"].vtysh_cmd("show bgp ipv4 unicast 172.16.255.1/32 json")
+        )
+        expected = {
+            "paths": [
+                {
+                    "valid": True,
+                    "aspath": {"string": "Local"},
+                    "nexthops": [{"ip": "192.168.1.1", "hostname": "r1"}],
+                }
+            ]
+        }
+        return topotest.json_cmp(output, expected)
+
+    step("Check if iBGP works when local-as == remote-as")
+    test_func = functools.partial(_bgp_check_local_as_same_remote_as)
+    _, result = topotest.run_and_expect(test_func, None, count=60, wait=0.5)
+    assert result is None, "Failed to see BGP prefixes on R2"
+
+
+def test_bgp_peer_group_local_as_same_remote_as():
+    tgen = get_topogen()
+
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    def _bgp_check_local_as_same_remote_as():
+        output = json.loads(
+            tgen.gears["r3"].vtysh_cmd("show bgp ipv4 unicast 172.16.255.1/32 json")
+        )
+        expected = {
+            "paths": [
+                {
+                    "valid": True,
+                    "aspath": {"string": "Local"},
+                    "nexthops": [{"ip": "192.168.2.1", "hostname": "r1"}],
+                }
+            ]
+        }
+        return topotest.json_cmp(output, expected)
+
+    step("Initial BGP converge")
+    test_func = functools.partial(_bgp_check_local_as_same_remote_as)
+    _, result = topotest.run_and_expect(test_func, None, count=60, wait=0.5)
+    assert result is None, "Failed to see BGP prefixes on R3"
+
+
+if __name__ == "__main__":
+    args = ["-s"] + sys.argv[1:]
+    sys.exit(pytest.main(args))