bgpd: Disallow ebgp-multihop on swpX peers

Disallow setting ebgp-multihop on peers directly
connected via an interface.

Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>

2 files changed, 7 insertions, 0 deletions

diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
index 5dff63e8c2..b1a3116be3 100644
--- a/bgpd/bgp_vty.c
+++ b/bgpd/bgp_vty.c
@@ -304,6 +304,9 @@ bgp_vty_return (struct vty *vty, int ret)
     case BGP_ERR_INVALID_FOR_DYNAMIC_PEER:
       str = "Operation not allowed on a dynamic neighbor";
       break;
+    case BGP_ERR_INVALID_FOR_DIRECT_PEER:
+      str = "Operation not allowed on a directly connected neighbor";
+      break;
     }
   if (str)
     {
@@ -4434,6 +4437,9 @@ peer_ebgp_multihop_set_vty (struct vty *vty, const char *ip_str,
   if (! peer)
     return CMD_WARNING;
 
+  if (peer->conf_if)
+    return bgp_vty_return (vty, BGP_ERR_INVALID_FOR_DIRECT_PEER);
+
   if (! ttl_str)
     ttl = MAXTTL;
   else
diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h
index 0c6aa6b21a..2acdaed331 100644
--- a/bgpd/bgpd.h
+++ b/bgpd/bgpd.h
@@ -1120,6 +1120,7 @@ enum bgp_clear_type
 #define BGP_ERR_DYNAMIC_NEIGHBORS_RANGE_NOT_FOUND -31
 #define BGP_ERR_INVALID_FOR_DYNAMIC_PEER        -32
 #define BGP_ERR_MAX                             -33
+#define BGP_ERR_INVALID_FOR_DIRECT_PEER         -34
 
 /*
  * Enumeration of different policy kinds a peer can be configured with.