tests: Test if RPKI extended community can be disabled between peers

author Donatas Abraitis <donatas@opensourcerouting.org>

Fri, 2 Feb 2024 08:47:20 +0000 (10:47 +0200)

committer Donatas Abraitis <donatas@opensourcerouting.org>

Wed, 7 Feb 2024 20:35:21 +0000 (22:35 +0200)
author Donatas Abraitis <donatas@opensourcerouting.org>
Fri, 2 Feb 2024 08:47:20 +0000 (10:47 +0200)
committer Donatas Abraitis <donatas@opensourcerouting.org>
Wed, 7 Feb 2024 20:35:21 +0000 (22:35 +0200)
diff --git a/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf b/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf

index 95b1e5bdc13f9e56d3b0d6eff3f93fd9470dae3e..87d72149727560ae47936d264b9461f6a3dbd988 100644 (file)
--- a/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf
+++ b/tests/topotests/bgp_rpki_topo1/r2/bgpd.conf
@@ -4,6 +4,12 @@ router bgp 65002
   neighbor 192.0.2.1 timers connect 1
   neighbor 192.0.2.1 ebgp-multihop 3
   neighbor 192.0.2.1 update-source 192.0.2.2
+ neighbor 192.168.4.4 remote-as internal
+ neighbor 192.168.4.4 timers 1 3
+ neighbor 192.168.4.4 timers connect 1
+ address-family ipv4 unicast
+  neighbor 192.168.4.4 next-hop-self
+ exit-address-family
  !
  router bgp 65002 vrf vrf10
   no bgp ebgp-requires-policy
diff --git a/tests/topotests/bgp_rpki_topo1/r2/zebra.conf b/tests/topotests/bgp_rpki_topo1/r2/zebra.conf

index d44a8a908836a7527c2bd3c164270d12792b43d2..785dbc6ce5db3891980c422e36f72c4c2d91f069 100644 (file)
--- a/tests/topotests/bgp_rpki_topo1/r2/zebra.conf
+++ b/tests/topotests/bgp_rpki_topo1/r2/zebra.conf
@@ -10,3 +10,6 @@ interface r2-eth0
  interface r2-eth1 vrf vrf10
   ip address 192.168.2.2/24
  !
+interface r2-eth2
+ ip address 192.168.4.2/24
+!
diff --git a/tests/topotests/bgp_rpki_topo1/r4/bgpd.conf b/tests/topotests/bgp_rpki_topo1/r4/bgpd.conf

new file mode 100644 (file)

index 0000000..80dc9ca
--- /dev/null
+++ b/tests/topotests/bgp_rpki_topo1/r4/bgpd.conf
@@ -0,0 +1,6 @@
+router bgp 65002
+ no bgp ebgp-requires-policy
+ neighbor 192.168.4.2 remote-as internal
+ neighbor 192.168.4.2 timers 1 3
+ neighbor 192.168.4.2 timers connect 1
+!
diff --git a/tests/topotests/bgp_rpki_topo1/r4/zebra.conf b/tests/topotests/bgp_rpki_topo1/r4/zebra.conf

new file mode 100644 (file)

index 0000000..ed793ae
--- /dev/null
+++ b/tests/topotests/bgp_rpki_topo1/r4/zebra.conf
@@ -0,0 +1,4 @@
+!
+interface r4-eth0
+ ip address 192.168.4.4/24
+!
diff --git a/tests/topotests/bgp_rpki_topo1/test_bgp_rpki_topo1.py b/tests/topotests/bgp_rpki_topo1/test_bgp_rpki_topo1.py

index 0416148b27dd43611c6380b8e3d340b7fb413641..a12204f240a948e90149d055771bb14834cd991c 100644 (file)
--- a/tests/topotests/bgp_rpki_topo1/test_bgp_rpki_topo1.py
+++ b/tests/topotests/bgp_rpki_topo1/test_bgp_rpki_topo1.py
@@ -22,7 +22,7 @@ pytestmark = [pytest.mark.bgpd]
  
  
  def build_topo(tgen):
-    for routern in range(1, 4):
+    for routern in range(1, 5):
          tgen.add_router("r{}".format(routern))
  
      switch = tgen.add_switch("s1")
@@ -33,6 +33,10 @@ def build_topo(tgen):
      switch.add_link(tgen.gears["r2"])
      switch.add_link(tgen.gears["r3"])
  
+    switch = tgen.add_switch("s3")
+    switch.add_link(tgen.gears["r2"])
+    switch.add_link(tgen.gears["r4"])
+
  
  def setup_module(mod):
      tgen = Topogen(build_topo, mod.__name__)
@@ -402,6 +406,48 @@ router bgp 65002 vrf vrf10
          assert result is None, "Unexpected prefixes RPKI state on {}".format(rname)
  
  
+def test_bgp_ecommunity_rpki():
+    tgen = get_topogen()
+
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    r2 = tgen.gears["r2"]
+    r4 = tgen.gears["r4"]
+
+    # Flush all the states what was before and try sending out the prefixes
+    # with RPKI extended community.
+    r2.vtysh_cmd("clear ip bgp 192.168.4.4 soft out")
+
+    def _bgp_check_ecommunity_rpki(community=None):
+        output = json.loads(r4.vtysh_cmd("show bgp ipv4 unicast 198.51.100.0/24 json"))
+        expected = {
+            "paths": [
+                {
+                    "extendedCommunity": community,
+                }
+            ]
+        }
+        return topotest.json_cmp(output, expected)
+
+    test_func = functools.partial(_bgp_check_ecommunity_rpki, {"string": "OVS:valid"})
+    _, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
+    assert result is None, "Didn't receive RPKI extended community"
+
+    r2.vtysh_cmd(
+        """
+    configure terminal
+     router bgp 65002
+      address-family ipv4 unicast
+       no neighbor 192.168.4.4 send-community extended rpki
+    """
+    )
+
+    test_func = functools.partial(_bgp_check_ecommunity_rpki)
+    _, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
+    assert result is None, "Received RPKI extended community"
+
+
  if __name__ == "__main__":
      args = ["-s"] + sys.argv[1:]
      sys.exit(pytest.main(args))
author	Donatas Abraitis <donatas@opensourcerouting.org>
	Fri, 2 Feb 2024 08:47:20 +0000 (10:47 +0200)
committer	Donatas Abraitis <donatas@opensourcerouting.org>
	Wed, 7 Feb 2024 20:35:21 +0000 (22:35 +0200)
tests/topotests/bgp_rpki_topo1/r2/bgpd.conf		patch \| blob \| history
tests/topotests/bgp_rpki_topo1/r2/zebra.conf		patch \| blob \| history
tests/topotests/bgp_rpki_topo1/r4/bgpd.conf	[new file with mode: 0644]	patch \| blob
tests/topotests/bgp_rpki_topo1/r4/zebra.conf	[new file with mode: 0644]	patch \| blob
tests/topotests/bgp_rpki_topo1/test_bgp_rpki_topo1.py		patch \| blob \| history