From 637e5ba492337fd9575a76c10f96c703e3e2d9d0 Mon Sep 17 00:00:00 2001 From: vivek Date: Sat, 19 Sep 2020 12:50:46 -0700 Subject: [PATCH 1/3] bgpd: Define function to check if performing graceful shutdown Signed-off-by: Vivek Venkatraman --- bgpd/bgp_attr.c | 8 ++++---- bgpd/bgp_route.c | 11 +++++------ bgpd/bgp_updgrp_adv.c | 2 +- bgpd/bgpd.h | 5 +++++ 4 files changed, 15 insertions(+), 11 deletions(-) diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c index 8817263cef..0821a724a6 100644 --- a/bgpd/bgp_attr.c +++ b/bgpd/bgp_attr.c @@ -954,7 +954,7 @@ struct attr *bgp_attr_aggregate_intern( /* If we are not shutting down ourselves and we are * aggregating a route that contains the GSHUT community we * need to remove that community when creating the aggregate */ - if (!CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN) + if (!bgp_in_graceful_shutdown(bgp) && community_include(community, gshut)) { community_del_val(community, &gshut); } @@ -973,7 +973,7 @@ struct attr *bgp_attr_aggregate_intern( attr.flag |= ATTR_FLAG_BIT(BGP_ATTR_LARGE_COMMUNITIES); } - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(&attr); attr.label_index = BGP_INVALID_LABEL_INDEX; @@ -1016,13 +1016,13 @@ struct attr *bgp_attr_aggregate_intern( return NULL; } - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(&attr_tmp); new = bgp_attr_intern(&attr_tmp); } else { - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(&attr); new = bgp_attr_intern(&attr); diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c index 626f766987..174c11fd34 100644 --- a/bgpd/bgp_route.c +++ b/bgpd/bgp_route.c @@ -2021,7 +2021,7 @@ bool subgroup_announce_check(struct bgp_dest *dest, struct bgp_path_info *pi, if (aspath_check_as_zero(attr->aspath)) return false; - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) { + if (bgp_in_graceful_shutdown(bgp)) { if (peer->sort == BGP_PEER_IBGP || peer->sort == BGP_PEER_CONFED) { attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF); @@ -3579,8 +3579,7 @@ int bgp_update(struct peer *peer, const struct prefix *p, uint32_t addpath_id, /* If graceful-shutdown is configured then add the GSHUT * community to all paths received from eBGP peers */ - } else if (CHECK_FLAG(peer->bgp->flags, - BGP_FLAG_GRACEFUL_SHUTDOWN)) + } else if (bgp_in_graceful_shutdown(peer->bgp)) bgp_attr_add_gshut_community(&new_attr); } @@ -5119,13 +5118,13 @@ void bgp_static_update(struct bgp *bgp, const struct prefix *p, return; } - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(&attr_tmp); attr_new = bgp_attr_intern(&attr_tmp); } else { - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(&attr); attr_new = bgp_attr_intern(&attr); @@ -7366,7 +7365,7 @@ void bgp_redistribute_add(struct bgp *bgp, struct prefix *p, } } - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(&attr_new); bn = bgp_afi_node_get(bgp->rib[afi][SAFI_UNICAST], afi, diff --git a/bgpd/bgp_updgrp_adv.c b/bgpd/bgp_updgrp_adv.c index 76bf2db05b..67fa9a3ea3 100644 --- a/bgpd/bgp_updgrp_adv.c +++ b/bgpd/bgp_updgrp_adv.c @@ -868,7 +868,7 @@ void subgroup_default_originate(struct update_subgroup *subgrp, int withdraw) } /* Advertise the default route */ - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + if (bgp_in_graceful_shutdown(bgp)) bgp_attr_add_gshut_community(new_attr); SET_FLAG(subgrp->sflags, diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h index 2aa0690025..6293c4136c 100644 --- a/bgpd/bgpd.h +++ b/bgpd/bgpd.h @@ -2157,6 +2157,11 @@ static inline void bgp_vrf_unlink(struct bgp *bgp, struct vrf *vrf) bgp->vrf_id = VRF_UNKNOWN; } +static inline bool bgp_in_graceful_shutdown(struct bgp *bgp) +{ + return !!CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN); +} + extern void bgp_unset_redist_vrf_bitmaps(struct bgp *, vrf_id_t); /* For benefit of rfapi */ From 05bd726cfeeb9f8207fbc85082b98507bcecda41 Mon Sep 17 00:00:00 2001 From: vivek Date: Sat, 19 Sep 2020 14:22:17 -0700 Subject: [PATCH 2/3] bgpd: Implement BGP-wide configuration for graceful shutdown Add support for a BGP-wide setting to enter and exit graceful shutdown. This will apply to all BGP peers across all BGP instances. Per-instance configuration is disallowed if the BGP-wide setting is in effect. Signed-off-by: Vivek Venkatraman --- bgpd/bgp_vty.c | 113 +++++++++++++++++++++++++++++++++++++++++------ bgpd/bgpd.h | 7 ++- doc/user/bgp.rst | 26 +++++++++++ 3 files changed, 132 insertions(+), 14 deletions(-) diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c index 505f743e29..005fad1409 100644 --- a/bgpd/bgp_vty.c +++ b/bgpd/bgp_vty.c @@ -2805,6 +2805,69 @@ DEFUN (no_bgp_graceful_restart_rib_stale_time, return CMD_SUCCESS; } +static inline void bgp_initiate_graceful_shut_unshut(struct vty *vty, + struct bgp *bgp) +{ + bgp_static_redo_import_check(bgp); + bgp_redistribute_redo(bgp); + bgp_clear_star_soft_out(vty, bgp->name); + bgp_clear_star_soft_in(vty, bgp->name); +} + +static int bgp_global_graceful_shutdown_config_vty(struct vty *vty) +{ + struct listnode *node, *nnode; + struct bgp *bgp; + bool vrf_cfg = false; + + if (CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)) + return CMD_SUCCESS; + + /* See if graceful-shutdown is set per-vrf and warn user to delete */ + for (ALL_LIST_ELEMENTS(bm->bgp, node, nnode, bgp)) { + if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) { + vty_out(vty, + "%% graceful-shutdown configuration found in vrf %s\n", + bgp->inst_type == BGP_INSTANCE_TYPE_DEFAULT ? + VRF_DEFAULT_NAME : bgp->name); + vrf_cfg = true; + } + } + + if (vrf_cfg) { + vty_out(vty, + "%%Failed: global graceful-shutdown not permitted\n"); + return CMD_WARNING; + } + + /* Set flag globally */ + SET_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN); + + /* Initiate processing for all BGP instances. */ + for (ALL_LIST_ELEMENTS(bm->bgp, node, nnode, bgp)) + bgp_initiate_graceful_shut_unshut(vty, bgp); + + return CMD_SUCCESS; +} + +static int bgp_global_graceful_shutdown_deconfig_vty(struct vty *vty) +{ + struct listnode *node, *nnode; + struct bgp *bgp; + + if (!CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)) + return CMD_SUCCESS; + + /* Unset flag globally */ + UNSET_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN); + + /* Initiate processing for all BGP instances. */ + for (ALL_LIST_ELEMENTS(bm->bgp, node, nnode, bgp)) + bgp_initiate_graceful_shut_unshut(vty, bgp); + + return CMD_SUCCESS; +} + /* "bgp graceful-shutdown" configuration */ DEFUN (bgp_graceful_shutdown, bgp_graceful_shutdown_cmd, @@ -2812,14 +2875,21 @@ DEFUN (bgp_graceful_shutdown, BGP_STR "Graceful shutdown parameters\n") { + if (vty->node == CONFIG_NODE) + return bgp_global_graceful_shutdown_config_vty(vty); + VTY_DECLVAR_CONTEXT(bgp, bgp); + /* if configured globally, per-instance config is not allowed */ + if (CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)) { + vty_out(vty, + "%%Failed: per-vrf graceful-shutdown config not permitted with global graceful-shutdown\n"); + return CMD_WARNING_CONFIG_FAILED; + } + if (!CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) { SET_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN); - bgp_static_redo_import_check(bgp); - bgp_redistribute_redo(bgp); - bgp_clear_star_soft_out(vty, bgp->name); - bgp_clear_star_soft_in(vty, bgp->name); + bgp_initiate_graceful_shut_unshut(vty, bgp); } return CMD_SUCCESS; @@ -2832,14 +2902,21 @@ DEFUN (no_bgp_graceful_shutdown, BGP_STR "Graceful shutdown parameters\n") { + if (vty->node == CONFIG_NODE) + return bgp_global_graceful_shutdown_deconfig_vty(vty); + VTY_DECLVAR_CONTEXT(bgp, bgp); + /* If configured globally, cannot remove from one bgp instance */ + if (CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)) { + vty_out(vty, + "%%Failed: bgp graceful-shutdown configured globally. Delete per-vrf not permitted\n"); + return CMD_WARNING_CONFIG_FAILED; + } + if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) { UNSET_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN); - bgp_static_redo_import_check(bgp); - bgp_redistribute_redo(bgp); - bgp_clear_star_soft_out(vty, bgp->name); - bgp_clear_star_soft_in(vty, bgp->name); + bgp_initiate_graceful_shut_unshut(vty, bgp); } return CMD_SUCCESS; @@ -6386,7 +6463,6 @@ DEFUN (no_bgp_set_route_map_delay_timer, return CMD_SUCCESS; } - /* neighbor interface */ static int peer_interface_vty(struct vty *vty, const char *ip_str, const char *str) @@ -15528,6 +15604,9 @@ int bgp_config_write(struct vty *vty) vty_out(vty, "\n"); } + if (CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)) + vty_out(vty, "bgp graceful-shutdown\n"); + /* BGP configuration. */ for (ALL_LIST_ELEMENTS(bm->bgp, mnode, mnnode, bgp)) { @@ -15679,6 +15758,14 @@ int bgp_config_write(struct vty *vty) /* coalesce time */ bgp_config_write_coalesce_time(vty, bgp); + /* BGP per-instance graceful-shutdown */ + /* BGP-wide settings and per-instance settings are mutually + * exclusive. + */ + if (!CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)) + if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) + vty_out(vty, " bgp graceful-shutdown\n"); + /* BGP graceful-restart. */ if (bgp->stalepath_time != BGP_DEFAULT_STALEPATH_TIME) vty_out(vty, @@ -15700,10 +15787,6 @@ int bgp_config_write(struct vty *vty) if (bgp_global_gr_mode_get(bgp) == GLOBAL_DISABLE) vty_out(vty, " bgp graceful-restart-disable\n"); - /* BGP graceful-shutdown */ - if (CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN)) - vty_out(vty, " bgp graceful-shutdown\n"); - /* BGP graceful-restart Preserve State F bit. */ if (CHECK_FLAG(bgp->flags, BGP_FLAG_GR_PRESERVE_FWD)) vty_out(vty, @@ -16046,6 +16129,10 @@ void bgp_vty_init(void) install_element(CONFIG_NODE, &bgp_global_update_delay_cmd); install_element(CONFIG_NODE, &no_bgp_global_update_delay_cmd); + /* global bgp graceful-shutdown command */ + install_element(CONFIG_NODE, &bgp_graceful_shutdown_cmd); + install_element(CONFIG_NODE, &no_bgp_graceful_shutdown_cmd); + /* Dummy commands (Currently not supported) */ install_element(BGP_NODE, &no_synchronization_cmd); install_element(BGP_NODE, &no_auto_summary_cmd); diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h index 6293c4136c..e282e461df 100644 --- a/bgpd/bgpd.h +++ b/bgpd/bgpd.h @@ -173,6 +173,9 @@ struct bgp_master { uint16_t v_update_delay; uint16_t v_establish_wait; + uint32_t flags; +#define BM_FLAG_GRACEFUL_SHUTDOWN (1 << 0) + bool terminating; /* global flag that sigint terminate seen */ QOBJ_FIELDS }; @@ -2159,7 +2162,9 @@ static inline void bgp_vrf_unlink(struct bgp *bgp, struct vrf *vrf) static inline bool bgp_in_graceful_shutdown(struct bgp *bgp) { - return !!CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN); + /* True if either set for this instance or globally */ + return (!!CHECK_FLAG(bgp->flags, BGP_FLAG_GRACEFUL_SHUTDOWN) || + !!CHECK_FLAG(bm->flags, BM_FLAG_GRACEFUL_SHUTDOWN)); } extern void bgp_unset_redist_vrf_bitmaps(struct bgp *, vrf_id_t); diff --git a/doc/user/bgp.rst b/doc/user/bgp.rst index 764428cb0a..723cb41f26 100644 --- a/doc/user/bgp.rst +++ b/doc/user/bgp.rst @@ -2732,6 +2732,32 @@ The following are available in the ``router bgp`` mode: at a time in a loop. This setting controls how many iterations the loop runs for. As with write-quanta, it is best to leave this setting on the default. +The following command is available in ``config`` mode as well as in the +``router bgp`` mode: + +.. index:: bgp graceful-shutdown +.. clicmd:: bgp graceful-shutdown + + The purpose of this command is to initiate BGP Graceful Shutdown which + is described in :rfc:`8326`. The use case for this is to minimize or + eliminate the amount of traffic loss in a network when a planned + maintenance activity such as software upgrade or hardware replacement + is to be performed on a router. The feature works by re-announcing + routes to eBGP peers with the GRACEFUL_SHUTDOWN community included. + Peers are then expected to treat such paths with the lowest preference. + This happens automatically on a receiver running FRR; with other + routing protocol stacks, an inbound policy may have to be configured. + In FRR, triggering graceful shutdown also results in announcing a + LOCAL_PREF of 0 to iBGP peers. + + Graceful shutdown can be configured per BGP instance or globally for + all of BGP. These two options are mutually exclusive. The no form of + the command causes graceful shutdown to be stopped, and routes will + be re-announced without the GRACEFUL_SHUTDOWN community and/or with + the usual LOCAL_PREF value. Note that if this option is saved to + the startup configuration, graceful shutdown will remain in effect + across restarts of *bgpd* and will need to be explicitly disabled. + .. _bgp-displaying-bgp-information: Displaying BGP Information From 211a9d4b97bf5894f0c10cea229b18e42b3cb54f Mon Sep 17 00:00:00 2001 From: vivek Date: Sun, 20 Sep 2020 20:19:51 -0700 Subject: [PATCH 3/3] topotests: Add test for BGP graceful shutdown Signed-off-by: Vivek Venkatraman --- tests/topotests/bgp_gshut/__init__.py | 0 tests/topotests/bgp_gshut/r1/bgp_route_1.json | 12 + tests/topotests/bgp_gshut/r1/bgp_route_2.json | 17 + tests/topotests/bgp_gshut/r1/bgpd.conf | 10 + tests/topotests/bgp_gshut/r1/zebra.conf | 9 + tests/topotests/bgp_gshut/r2/bgp_sum_1.json | 15 + tests/topotests/bgp_gshut/r2/bgp_sum_2.json | 15 + tests/topotests/bgp_gshut/r2/bgpd.conf | 20 ++ tests/topotests/bgp_gshut/r2/zebra.conf | 13 + tests/topotests/bgp_gshut/r3/bgp_route_1.json | 9 + tests/topotests/bgp_gshut/r3/bgp_route_2.json | 16 + tests/topotests/bgp_gshut/r3/bgpd.conf | 11 + tests/topotests/bgp_gshut/r3/zebra.conf | 9 + tests/topotests/bgp_gshut/r4/bgpd.conf | 11 + tests/topotests/bgp_gshut/r4/zebra.conf | 9 + tests/topotests/bgp_gshut/r5/bgp_route_1.json | 9 + tests/topotests/bgp_gshut/r5/bgp_route_2.json | 16 + tests/topotests/bgp_gshut/r5/bgpd.conf | 7 + tests/topotests/bgp_gshut/r5/zebra.conf | 9 + tests/topotests/bgp_gshut/test_bgp_gshut.py | 313 ++++++++++++++++++ 20 files changed, 530 insertions(+) create mode 100644 tests/topotests/bgp_gshut/__init__.py create mode 100644 tests/topotests/bgp_gshut/r1/bgp_route_1.json create mode 100644 tests/topotests/bgp_gshut/r1/bgp_route_2.json create mode 100644 tests/topotests/bgp_gshut/r1/bgpd.conf create mode 100644 tests/topotests/bgp_gshut/r1/zebra.conf create mode 100644 tests/topotests/bgp_gshut/r2/bgp_sum_1.json create mode 100644 tests/topotests/bgp_gshut/r2/bgp_sum_2.json create mode 100644 tests/topotests/bgp_gshut/r2/bgpd.conf create mode 100644 tests/topotests/bgp_gshut/r2/zebra.conf create mode 100644 tests/topotests/bgp_gshut/r3/bgp_route_1.json create mode 100644 tests/topotests/bgp_gshut/r3/bgp_route_2.json create mode 100644 tests/topotests/bgp_gshut/r3/bgpd.conf create mode 100644 tests/topotests/bgp_gshut/r3/zebra.conf create mode 100644 tests/topotests/bgp_gshut/r4/bgpd.conf create mode 100644 tests/topotests/bgp_gshut/r4/zebra.conf create mode 100644 tests/topotests/bgp_gshut/r5/bgp_route_1.json create mode 100644 tests/topotests/bgp_gshut/r5/bgp_route_2.json create mode 100644 tests/topotests/bgp_gshut/r5/bgpd.conf create mode 100644 tests/topotests/bgp_gshut/r5/zebra.conf create mode 100644 tests/topotests/bgp_gshut/test_bgp_gshut.py diff --git a/tests/topotests/bgp_gshut/__init__.py b/tests/topotests/bgp_gshut/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/tests/topotests/bgp_gshut/r1/bgp_route_1.json b/tests/topotests/bgp_gshut/r1/bgp_route_1.json new file mode 100644 index 0000000000..f3921b215e --- /dev/null +++ b/tests/topotests/bgp_gshut/r1/bgp_route_1.json @@ -0,0 +1,12 @@ +{ + "prefix":"13.1.1.1\/32", + "paths":[ + { + "origin":"IGP", + "metric":0, + "locPrf":100, + "valid":true + } + ] +} + diff --git a/tests/topotests/bgp_gshut/r1/bgp_route_2.json b/tests/topotests/bgp_gshut/r1/bgp_route_2.json new file mode 100644 index 0000000000..754a0ed622 --- /dev/null +++ b/tests/topotests/bgp_gshut/r1/bgp_route_2.json @@ -0,0 +1,17 @@ +{ + "prefix":"13.1.1.1\/32", + "paths":[ + { + "origin":"IGP", + "metric":0, + "locPrf":0, + "valid":true, + "community":{ + "string":"graceful-shutdown", + "list":[ + "gracefulShutdown" + ] + } + } + ] +} diff --git a/tests/topotests/bgp_gshut/r1/bgpd.conf b/tests/topotests/bgp_gshut/r1/bgpd.conf new file mode 100644 index 0000000000..ab6f47a17d --- /dev/null +++ b/tests/topotests/bgp_gshut/r1/bgpd.conf @@ -0,0 +1,10 @@ +! exit1 +router bgp 65001 + no bgp ebgp-requires-policy + no bgp network import-check + neighbor 192.168.255.1 remote-as 65001 + neighbor 192.168.255.1 timers connect 10 + address-family ipv4 unicast + network 11.1.1.1/32 + exit-address-family +! diff --git a/tests/topotests/bgp_gshut/r1/zebra.conf b/tests/topotests/bgp_gshut/r1/zebra.conf new file mode 100644 index 0000000000..9904bb4e16 --- /dev/null +++ b/tests/topotests/bgp_gshut/r1/zebra.conf @@ -0,0 +1,9 @@ +! exit1 +interface lo + ip address 172.16.255.254/32 +! +interface r1-eth0 + ip address 192.168.255.2/30 +! +ip forwarding +! diff --git a/tests/topotests/bgp_gshut/r2/bgp_sum_1.json b/tests/topotests/bgp_gshut/r2/bgp_sum_1.json new file mode 100644 index 0000000000..9d8948a1da --- /dev/null +++ b/tests/topotests/bgp_gshut/r2/bgp_sum_1.json @@ -0,0 +1,15 @@ +{ +"ipv4Unicast":{ + "peers":{ + "192.168.254.2":{ + "remoteAs":65003, + "state":"Established" + }, + "192.168.255.2":{ + "remoteAs":65001, + "state":"Established" + } + }, + "totalPeers":2 +} +} diff --git a/tests/topotests/bgp_gshut/r2/bgp_sum_2.json b/tests/topotests/bgp_gshut/r2/bgp_sum_2.json new file mode 100644 index 0000000000..7183db6315 --- /dev/null +++ b/tests/topotests/bgp_gshut/r2/bgp_sum_2.json @@ -0,0 +1,15 @@ +{ +"ipv4Unicast":{ + "peers":{ + "192.168.252.2":{ + "remoteAs":65005, + "state":"Established" + }, + "192.168.253.2":{ + "remoteAs":65004, + "state":"Established" + } + }, + "totalPeers":2 +} +} diff --git a/tests/topotests/bgp_gshut/r2/bgpd.conf b/tests/topotests/bgp_gshut/r2/bgpd.conf new file mode 100644 index 0000000000..b0ca4e6e21 --- /dev/null +++ b/tests/topotests/bgp_gshut/r2/bgpd.conf @@ -0,0 +1,20 @@ +! +router bgp 65001 + no bgp ebgp-requires-policy + timers bgp 3 9 + neighbor 192.168.255.2 remote-as 65001 + neighbor 192.168.254.2 remote-as 65003 + neighbor 192.168.255.2 timers connect 10 + neighbor 192.168.254.2 timers connect 10 + address-family ipv4 unicast + redistribute connected + exit-address-family +! +router bgp 65001 vrf vrf1 + no bgp ebgp-requires-policy + timers bgp 3 9 + neighbor 192.168.253.2 remote-as 65004 + neighbor 192.168.253.2 timers connect 10 + neighbor 192.168.252.2 remote-as 65005 + neighbor 192.168.252.2 timers connect 10 +! diff --git a/tests/topotests/bgp_gshut/r2/zebra.conf b/tests/topotests/bgp_gshut/r2/zebra.conf new file mode 100644 index 0000000000..0da0501dbf --- /dev/null +++ b/tests/topotests/bgp_gshut/r2/zebra.conf @@ -0,0 +1,13 @@ +! spine +interface r2-eth0 + ip address 192.168.255.1/30 +! +interface r2-eth1 + ip address 192.168.254.1/30 +! +interface r2-eth2 vrf vrf1 + ip address 192.168.253.1/30 +! +interface r2-eth3 vrf vrf1 + ip address 192.168.252.1/30 +! diff --git a/tests/topotests/bgp_gshut/r3/bgp_route_1.json b/tests/topotests/bgp_gshut/r3/bgp_route_1.json new file mode 100644 index 0000000000..94de01ad8a --- /dev/null +++ b/tests/topotests/bgp_gshut/r3/bgp_route_1.json @@ -0,0 +1,9 @@ +{ + "prefix":"11.1.1.1\/32", + "paths":[ + { + "origin":"IGP", + "valid":true + } + ] +} diff --git a/tests/topotests/bgp_gshut/r3/bgp_route_2.json b/tests/topotests/bgp_gshut/r3/bgp_route_2.json new file mode 100644 index 0000000000..f91826586d --- /dev/null +++ b/tests/topotests/bgp_gshut/r3/bgp_route_2.json @@ -0,0 +1,16 @@ +{ + "prefix":"11.1.1.1\/32", + "paths":[ + { + "origin":"IGP", + "locPrf":0, + "valid":true, + "community":{ + "string":"graceful-shutdown", + "list":[ + "gracefulShutdown" + ] + } + } + ] +} diff --git a/tests/topotests/bgp_gshut/r3/bgpd.conf b/tests/topotests/bgp_gshut/r3/bgpd.conf new file mode 100644 index 0000000000..5d7c0cd39a --- /dev/null +++ b/tests/topotests/bgp_gshut/r3/bgpd.conf @@ -0,0 +1,11 @@ +! +router bgp 65003 + no bgp ebgp-requires-policy + no bgp network import-check + timers bgp 3 9 + neighbor 192.168.254.1 remote-as 65001 + neighbor 192.168.254.1 timers connect 10 + address-family ipv4 unicast + network 13.1.1.1/32 + exit-address-family +! diff --git a/tests/topotests/bgp_gshut/r3/zebra.conf b/tests/topotests/bgp_gshut/r3/zebra.conf new file mode 100644 index 0000000000..f490d97afe --- /dev/null +++ b/tests/topotests/bgp_gshut/r3/zebra.conf @@ -0,0 +1,9 @@ +! exit2 +interface lo + ip address 172.16.254.254/32 +! +interface r3-eth0 + ip address 192.168.254.2/30 +! +ip forwarding +! diff --git a/tests/topotests/bgp_gshut/r4/bgpd.conf b/tests/topotests/bgp_gshut/r4/bgpd.conf new file mode 100644 index 0000000000..375f3830aa --- /dev/null +++ b/tests/topotests/bgp_gshut/r4/bgpd.conf @@ -0,0 +1,11 @@ +! +router bgp 65004 + no bgp ebgp-requires-policy + no bgp network import-check + timers bgp 3 9 + neighbor 192.168.253.1 remote-as 65001 + neighbor 192.168.253.1 timers connect 10 + address-family ipv4 unicast + network 14.1.1.1/32 + exit-address-family +! diff --git a/tests/topotests/bgp_gshut/r4/zebra.conf b/tests/topotests/bgp_gshut/r4/zebra.conf new file mode 100644 index 0000000000..baba04c160 --- /dev/null +++ b/tests/topotests/bgp_gshut/r4/zebra.conf @@ -0,0 +1,9 @@ +! exit2 +interface lo + ip address 172.16.253.254/32 +! +interface r4-eth0 + ip address 192.168.253.2/30 +! +ip forwarding +! diff --git a/tests/topotests/bgp_gshut/r5/bgp_route_1.json b/tests/topotests/bgp_gshut/r5/bgp_route_1.json new file mode 100644 index 0000000000..4e6fd79742 --- /dev/null +++ b/tests/topotests/bgp_gshut/r5/bgp_route_1.json @@ -0,0 +1,9 @@ +{ + "prefix":"14.1.1.1\/32", + "paths":[ + { + "origin":"IGP", + "valid":true + } + ] +} diff --git a/tests/topotests/bgp_gshut/r5/bgp_route_2.json b/tests/topotests/bgp_gshut/r5/bgp_route_2.json new file mode 100644 index 0000000000..980d8deab7 --- /dev/null +++ b/tests/topotests/bgp_gshut/r5/bgp_route_2.json @@ -0,0 +1,16 @@ +{ + "prefix":"14.1.1.1\/32", + "paths":[ + { + "origin":"IGP", + "locPrf":0, + "valid":true, + "community":{ + "string":"graceful-shutdown", + "list":[ + "gracefulShutdown" + ] + } + } + ] +} diff --git a/tests/topotests/bgp_gshut/r5/bgpd.conf b/tests/topotests/bgp_gshut/r5/bgpd.conf new file mode 100644 index 0000000000..15b49f5a5b --- /dev/null +++ b/tests/topotests/bgp_gshut/r5/bgpd.conf @@ -0,0 +1,7 @@ +! +router bgp 65005 + no bgp ebgp-requires-policy + timers bgp 3 9 + neighbor 192.168.252.1 remote-as 65001 + neighbor 192.168.252.1 timers connect 10 +! diff --git a/tests/topotests/bgp_gshut/r5/zebra.conf b/tests/topotests/bgp_gshut/r5/zebra.conf new file mode 100644 index 0000000000..c4cbd5216b --- /dev/null +++ b/tests/topotests/bgp_gshut/r5/zebra.conf @@ -0,0 +1,9 @@ +! exit1 +interface lo + ip address 172.16.252.254/32 +! +interface r5-eth0 + ip address 192.168.252.2/30 +! +ip forwarding +! diff --git a/tests/topotests/bgp_gshut/test_bgp_gshut.py b/tests/topotests/bgp_gshut/test_bgp_gshut.py new file mode 100644 index 0000000000..7f8cf17a5c --- /dev/null +++ b/tests/topotests/bgp_gshut/test_bgp_gshut.py @@ -0,0 +1,313 @@ +#!/usr/bin/env python + +# +# test_bgp_gshut.py +# Part of NetDEF Topology Tests +# +# Copyright (c) 2020 by +# Vivek Venkatraman +# +# Permission to use, copy, modify, and/or distribute this software +# for any purpose with or without fee is hereby granted, provided +# that the above copyright notice and this permission notice appear +# in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY +# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE +# OF THIS SOFTWARE. +# + +""" +Test the ability to initiate and stop BGP graceful shutdown. +Test both the vrf-specific and global configuration and operation. + +r1 +| +r2----r3 +| \ +| \ +r4 r5 + + +r2 is UUT and peers with r1 and r3 in default bgp instance and +with r4 and r5 in vrf vrf1. +r1-r2 peering is iBGP and the other peerings are eBGP. + +Check r2 initial convergence in default table +Define update-delay with max-delay in the default bgp instance on r2 +Shutdown peering on r1 toward r2 so that delay timers can be exercised +Clear bgp neighbors on r2 and then check for the 'in progress' indicator +Check that r2 only installs route learned from r4 after the max-delay timer expires +Define update-delay with max-delay and estabish-wait and check json output showing set +Clear neighbors on r2 and check that r3 installs route from r4 after establish-wait time +Remove update-delay timer on r2 to verify that it goes back to normal behavior +Clear neighbors on r2 and check that route install time on r2 does not delay +Define global bgp update-delay with max-delay and establish-wait on r2 +Check that r2 default instance and vrf1 have the max-delay and establish set +Clear neighbors on r2 and check route-install time is after the establish-wait timer + +Note that the keepalive/hold times were changed to 3/9 and the connect retry timer +to 10 to improve the odds the convergence timing in this test case is useful in the +event of packet loss. +""" + +import os +import re +import sys +import json +import time +import pytest +import functools +import platform +from functools import partial + +CWD = os.path.dirname(os.path.realpath(__file__)) +sys.path.append(os.path.join(CWD, "../")) + +# pylint: disable=C0413 +from lib import topotest +from lib.topogen import Topogen, TopoRouter, get_topogen +from lib.topolog import logger +from mininet.topo import Topo + + +class TemplateTopo(Topo): + def build(self, *_args, **_opts): + tgen = get_topogen(self) + + for routern in range(1, 6): + tgen.add_router("r{}".format(routern)) + + switch = tgen.add_switch("s1") + switch.add_link(tgen.gears["r1"]) + switch.add_link(tgen.gears["r2"]) + + switch = tgen.add_switch("s2") + switch.add_link(tgen.gears["r2"]) + switch.add_link(tgen.gears["r3"]) + + switch = tgen.add_switch("s3") + switch.add_link(tgen.gears["r2"]) + switch.add_link(tgen.gears["r4"]) + + switch = tgen.add_switch("s4") + switch.add_link(tgen.gears["r2"]) + switch.add_link(tgen.gears["r5"]) + +def _run_cmd_and_check(router, cmd, results_file, retries=100, intvl=0.5): + json_file = "{}/{}".format(CWD, results_file) + expected = json.loads(open(json_file).read()) + test_func = partial(topotest.router_json_cmp, router, cmd, expected) + return topotest.run_and_expect(test_func, None, retries, intvl) + +def setup_module(mod): + tgen = Topogen(TemplateTopo, mod.__name__) + tgen.start_topology() + + router_list = tgen.routers() + krel = platform.release() + if topotest.version_cmp(krel, "4.5") < 0: + tgen.errors = "Linux kernel version of at least 4.5 needed for bgp-gshut tests" + pytest.skip(tgen.errors) + + # Configure vrf and its slaves in the kernel on r2 + r2 = tgen.gears["r2"] + r2.run("ip link add vrf1 type vrf table 1000") + r2.run("ip link set vrf1 up") + r2.run("ip link set r2-eth2 master vrf1") + r2.run("ip link set r2-eth3 master vrf1") + + # Load FRR config and initialize all routers + for i, (rname, router) in enumerate(router_list.items(), 1): + router.load_config( + TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format(rname)) + ) + + tgen.start_router() + + # Basic peering test to see if things are ok + _, result = _run_cmd_and_check(r2, 'show ip bgp summary json', 'r2/bgp_sum_1.json') + assertmsg = 'R2: Basic sanity test after init failed -- global peerings not up' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r2, 'show ip bgp vrf vrf1 summary json', 'r2/bgp_sum_2.json') + assertmsg = 'R2: Basic sanity test after init failed -- VRF peerings not up' + assert result is None, assertmsg + + +def teardown_module(mod): + tgen = get_topogen() + tgen.stop_topology() + + +def test_bgp_gshut(): + tgen = get_topogen() + + if tgen.routers_have_failure(): + pytest.skip(tgen.errors) + + r1 = tgen.gears["r1"] + r2 = tgen.gears["r2"] + r3 = tgen.gears["r3"] + r4 = tgen.gears["r4"] + r5 = tgen.gears["r5"] + + + # Verify initial route states + logger.info('\nVerify initial route states') + + _, result = _run_cmd_and_check(r1, 'show ip bgp 13.1.1.1/32 json', 'r1/bgp_route_1.json') + assertmsg = 'R1: Route 13.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r3, 'show ip bgp 11.1.1.1/32 json', 'r3/bgp_route_1.json') + assertmsg = 'R3: Route 11.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r5, 'show ip bgp 14.1.1.1/32 json', 'r5/bgp_route_1.json') + assertmsg = 'R5: Route 14.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + logger.info('\nInitial route states are as expected') + + + #"Test #1: Enable BGP-wide graceful-shutdown on R2 and check routes on peers" + logger.info('\nTest #1: Enable BGP-wide graceful-shutdown on R2 and check routes on peers') + + r2.vtysh_cmd( + """ + configure terminal + bgp graceful-shutdown + """ + ) + + # R1, R3 and R5 should see routes from R2 with GSHUT. In addition, + # R1 should see LOCAL_PREF of 0 + _, result = _run_cmd_and_check(r1, 'show ip bgp 13.1.1.1/32 json', 'r1/bgp_route_2.json') + assertmsg = 'R1: Route 13.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r3, 'show ip bgp 11.1.1.1/32 json', 'r3/bgp_route_2.json') + assertmsg = 'R3: Route 11.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r5, 'show ip bgp 14.1.1.1/32 json', 'r5/bgp_route_2.json') + assertmsg = 'R5: Route 14.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + logger.info('\nTest #1: Successful, routes have GSHUT and/or LPREF of 0 as expected') + + + #"Test #2: Turn off BGP-wide graceful-shutdown on R2 and check routes on peers" + logger.info('\nTest #2: Turn off BGP-wide graceful-shutdown on R2 and check routes on peers') + + r2.vtysh_cmd( + """ + configure terminal + no bgp graceful-shutdown + """ + ) + + # R1, R3 and R5 should see routes from R2 with their original attributes + _, result = _run_cmd_and_check(r1, 'show ip bgp 13.1.1.1/32 json', 'r1/bgp_route_1.json') + assertmsg = 'R1: Route 13.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r3, 'show ip bgp 11.1.1.1/32 json', 'r3/bgp_route_1.json') + assertmsg = 'R3: Route 11.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r5, 'show ip bgp 14.1.1.1/32 json', 'r5/bgp_route_1.json') + assertmsg = 'R5: Route 14.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + logger.info('\nTest #2: Successful, routes have their original attributes with default LPREF and without GSHUT') + + + #"Test #3: Enable graceful-shutdown on R2 only in VRF1 and check routes on peers" + logger.info('\nTest #3: Enable graceful-shutdown on R2 only in VRF1 and check routes on peers') + + r2.vtysh_cmd( + """ + configure terminal + router bgp 65001 vrf vrf1 + bgp graceful-shutdown + """ + ) + + # R1 and R3 should see no change to their routes + _, result = _run_cmd_and_check(r1, 'show ip bgp 13.1.1.1/32 json', 'r1/bgp_route_1.json') + assertmsg = 'R1: Route 13.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r3, 'show ip bgp 11.1.1.1/32 json', 'r3/bgp_route_1.json') + assertmsg = 'R3: Route 11.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + # R5 should see routes from R2 with GSHUT. + _, result = _run_cmd_and_check(r5, 'show ip bgp 14.1.1.1/32 json', 'r5/bgp_route_2.json') + assertmsg = 'R5: Route 14.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + logger.info('\nTest #3: Successful, only VRF peers like R5 see routes with GSHUT') + + + #"Test #4: Try to enable BGP-wide graceful-shutdown on R2 while it is configured in VRF1" + logger.info('\nTest #4: Try to enable BGP-wide graceful-shutdown on R2 while it is configured in VRF1') + + ret = r2.vtysh_cmd( + """ + configure terminal + bgp graceful-shutdown + """ + ) + + # This should fail + assertmsg = 'R2: BGP-wide graceful-shutdown config not rejected even though it is enabled in VRF1' + assert re.search("global graceful-shutdown not permitted", ret) is not None, assertmsg + + logger.info('\nTest #4: Successful, BGP-wide graceful-shutdown rejected as it is enabled in VRF') + + + #"Test #5: Turn off graceful-shutdown on R2 in VRF1 and check routes on peers" + logger.info('\nTest #5: Turn off graceful-shutdown on R2 in VRF1 and check routes on peers') + + r2.vtysh_cmd( + """ + configure terminal + router bgp 65001 vrf vrf1 + no bgp graceful-shutdown + """ + ) + + # R1 and R3 should see no change to their routes + _, result = _run_cmd_and_check(r1, 'show ip bgp 13.1.1.1/32 json', 'r1/bgp_route_1.json') + assertmsg = 'R1: Route 13.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + _, result = _run_cmd_and_check(r3, 'show ip bgp 11.1.1.1/32 json', 'r3/bgp_route_1.json') + assertmsg = 'R3: Route 11.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + # R5 should see routes from R2 with original attributes. + _, result = _run_cmd_and_check(r5, 'show ip bgp 14.1.1.1/32 json', 'r5/bgp_route_1.json') + assertmsg = 'R5: Route 14.1.1.1/32 not present or has unexpected params' + assert result is None, assertmsg + + + logger.info('\nTest #5: Successful, routes have their original attributes with default LPREF and without GSHUT') + + + #tgen.mininet_cli() + +if __name__ == "__main__": + args = ["-s"] + sys.argv[1:] + sys.exit(pytest.main(args))