diff options
| -rw-r--r-- | tests/topotests/bgp_soo/__init__.py | 0 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/cpe1/bgpd.conf | 10 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/cpe1/zebra.conf | 12 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/cpe2/bgpd.conf | 10 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/cpe2/zebra.conf | 9 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe1/bgpd.conf | 27 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe1/ldpd.conf | 10 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe1/ospfd.conf | 7 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe1/zebra.conf | 12 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe2/bgpd.conf | 31 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe2/ldpd.conf | 10 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe2/ospfd.conf | 7 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/pe2/zebra.conf | 12 | ||||
| -rw-r--r-- | tests/topotests/bgp_soo/test_bgp_soo.py | 186 |
14 files changed, 343 insertions, 0 deletions
diff --git a/tests/topotests/bgp_soo/__init__.py b/tests/topotests/bgp_soo/__init__.py new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/tests/topotests/bgp_soo/__init__.py diff --git a/tests/topotests/bgp_soo/cpe1/bgpd.conf b/tests/topotests/bgp_soo/cpe1/bgpd.conf new file mode 100644 index 0000000000..a8984d4e8b --- /dev/null +++ b/tests/topotests/bgp_soo/cpe1/bgpd.conf @@ -0,0 +1,10 @@ +router bgp 65000 + no bgp ebgp-requires-policy + neighbor 192.168.1.2 remote-as external + neighbor 192.168.1.2 timers 1 3 + neighbor 192.168.1.2 timers connect 1 + neighbor 10.0.0.2 remote-as internal + address-family ipv4 unicast + redistribute connected + exit-address-family +! diff --git a/tests/topotests/bgp_soo/cpe1/zebra.conf b/tests/topotests/bgp_soo/cpe1/zebra.conf new file mode 100644 index 0000000000..669cb91295 --- /dev/null +++ b/tests/topotests/bgp_soo/cpe1/zebra.conf @@ -0,0 +1,12 @@ +! +interface lo + ip address 172.16.255.1/32 +! +interface cpe1-eth0 + ip address 192.168.1.1/24 +! +interface cpe1-eth1 + ip address 10.0.0.1/24 +! +ip forwarding +! diff --git a/tests/topotests/bgp_soo/cpe2/bgpd.conf b/tests/topotests/bgp_soo/cpe2/bgpd.conf new file mode 100644 index 0000000000..19f7a24e2b --- /dev/null +++ b/tests/topotests/bgp_soo/cpe2/bgpd.conf @@ -0,0 +1,10 @@ +router bgp 65000 + no bgp ebgp-requires-policy + neighbor 192.168.2.2 remote-as external + neighbor 192.168.2.2 timers 1 3 + neighbor 192.168.2.2 timers connect 1 + neighbor 10.0.0.1 remote-as internal + address-family ipv4 unicast + redistribute connected + exit-address-family +! diff --git a/tests/topotests/bgp_soo/cpe2/zebra.conf b/tests/topotests/bgp_soo/cpe2/zebra.conf new file mode 100644 index 0000000000..52f36c06e8 --- /dev/null +++ b/tests/topotests/bgp_soo/cpe2/zebra.conf @@ -0,0 +1,9 @@ +! +interface cpe2-eth0 + ip address 192.168.2.1/24 +! +interface cpe2-eth1 + ip address 10.0.0.2/24 +! +ip forwarding +! diff --git a/tests/topotests/bgp_soo/pe1/bgpd.conf b/tests/topotests/bgp_soo/pe1/bgpd.conf new file mode 100644 index 0000000000..04a6857c7c --- /dev/null +++ b/tests/topotests/bgp_soo/pe1/bgpd.conf @@ -0,0 +1,27 @@ +router bgp 65001 + bgp router-id 10.10.10.10 + no bgp ebgp-requires-policy + no bgp default ipv4-unicast + neighbor 10.10.10.20 remote-as internal + neighbor 10.10.10.20 update-source 10.10.10.10 + address-family ipv4 vpn + neighbor 10.10.10.20 activate + exit-address-family +! +router bgp 65001 vrf RED + bgp router-id 192.168.1.2 + no bgp ebgp-requires-policy + neighbor 192.168.1.1 remote-as external + neighbor 192.168.1.1 timers 1 3 + neighbor 192.168.1.1 timers connect 1 + address-family ipv4 unicast + neighbor 192.168.1.1 as-override + neighbor 192.168.1.1 soo 65000:1 + label vpn export 1111 + rd vpn export 192.168.1.2:2 + rt vpn import 192.168.2.2:2 192.168.1.2:2 + rt vpn export 192.168.1.2:2 + export vpn + import vpn + exit-address-family +! diff --git a/tests/topotests/bgp_soo/pe1/ldpd.conf b/tests/topotests/bgp_soo/pe1/ldpd.conf new file mode 100644 index 0000000000..fb40f06fa7 --- /dev/null +++ b/tests/topotests/bgp_soo/pe1/ldpd.conf @@ -0,0 +1,10 @@ +mpls ldp + router-id 10.10.10.10 + ! + address-family ipv4 + discovery transport-address 10.10.10.10 + ! + interface pe1-eth1 + ! + ! +! diff --git a/tests/topotests/bgp_soo/pe1/ospfd.conf b/tests/topotests/bgp_soo/pe1/ospfd.conf new file mode 100644 index 0000000000..34f0899c95 --- /dev/null +++ b/tests/topotests/bgp_soo/pe1/ospfd.conf @@ -0,0 +1,7 @@ +interface pe1-eth1 + ip ospf dead-interval 4 + ip ospf hello-interval 1 +! +router ospf + router-id 10.10.10.10 + network 0.0.0.0/0 area 0 diff --git a/tests/topotests/bgp_soo/pe1/zebra.conf b/tests/topotests/bgp_soo/pe1/zebra.conf new file mode 100644 index 0000000000..cc8ff1983a --- /dev/null +++ b/tests/topotests/bgp_soo/pe1/zebra.conf @@ -0,0 +1,12 @@ +! +interface lo + ip address 10.10.10.10/32 +! +interface pe1-eth0 vrf RED + ip address 192.168.1.2/24 +! +interface pe1-eth1 + ip address 10.0.1.1/24 +! +ip forwarding +! diff --git a/tests/topotests/bgp_soo/pe2/bgpd.conf b/tests/topotests/bgp_soo/pe2/bgpd.conf new file mode 100644 index 0000000000..efebc02f27 --- /dev/null +++ b/tests/topotests/bgp_soo/pe2/bgpd.conf @@ -0,0 +1,31 @@ +router bgp 65001 + bgp router-id 10.10.10.20 + no bgp ebgp-requires-policy + no bgp default ipv4-unicast + neighbor 10.10.10.10 remote-as internal + neighbor 10.10.10.10 update-source 10.10.10.20 + address-family ipv4 vpn + neighbor 10.10.10.10 activate + exit-address-family +! +router bgp 65001 vrf RED + bgp router-id 192.168.2.2 + no bgp ebgp-requires-policy + neighbor 192.168.2.1 remote-as external + neighbor 192.168.2.1 timers 1 3 + neighbor 192.168.2.1 timers connect 1 + address-family ipv4 unicast + neighbor 192.168.2.1 as-override + neighbor 192.168.2.1 route-map cpe2-in in + label vpn export 2222 + rd vpn export 192.168.2.2:2 + rt vpn import 192.168.2.2:2 192.168.1.2:2 + rt vpn export 192.168.2.2:2 + export vpn + import vpn + exit-address-family +! +! To prefer internal MPLS route over eBGP +route-map cpe2-in permit 10 + set local-preference 50 +exit diff --git a/tests/topotests/bgp_soo/pe2/ldpd.conf b/tests/topotests/bgp_soo/pe2/ldpd.conf new file mode 100644 index 0000000000..e2b5359993 --- /dev/null +++ b/tests/topotests/bgp_soo/pe2/ldpd.conf @@ -0,0 +1,10 @@ +mpls ldp + router-id 10.10.10.20 + ! + address-family ipv4 + discovery transport-address 10.10.10.20 + ! + interface pe2-eth0 + ! + ! +! diff --git a/tests/topotests/bgp_soo/pe2/ospfd.conf b/tests/topotests/bgp_soo/pe2/ospfd.conf new file mode 100644 index 0000000000..4c4b1374d1 --- /dev/null +++ b/tests/topotests/bgp_soo/pe2/ospfd.conf @@ -0,0 +1,7 @@ +interface pe2-eth0 + ip ospf dead-interval 4 + ip ospf hello-interval 1 +! +router ospf + router-id 10.10.10.20 + network 0.0.0.0/0 area 0 diff --git a/tests/topotests/bgp_soo/pe2/zebra.conf b/tests/topotests/bgp_soo/pe2/zebra.conf new file mode 100644 index 0000000000..8049a74601 --- /dev/null +++ b/tests/topotests/bgp_soo/pe2/zebra.conf @@ -0,0 +1,12 @@ +! +interface lo + ip address 10.10.10.20/32 +! +interface pe2-eth1 vrf RED + ip address 192.168.2.2/24 +! +interface pe2-eth0 + ip address 10.0.1.2/24 +! +ip forwarding +! diff --git a/tests/topotests/bgp_soo/test_bgp_soo.py b/tests/topotests/bgp_soo/test_bgp_soo.py new file mode 100644 index 0000000000..e3a7334c60 --- /dev/null +++ b/tests/topotests/bgp_soo/test_bgp_soo.py @@ -0,0 +1,186 @@ +#!/usr/bin/env python + +# +# Copyright (c) 2022 by +# Donatas Abraitis <donatas@opensourcerouting.org> +# +# Permission to use, copy, modify, and/or distribute this software +# for any purpose with or without fee is hereby granted, provided +# that the above copyright notice and this permission notice appear +# in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND NETDEF DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NETDEF BE LIABLE FOR +# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY +# DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS +# ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE +# OF THIS SOFTWARE. +# + +""" +Test if BGP SoO per neighbor works correctly. Routes having SoO +extended community MUST be rejected if the neighbor is configured +with soo (neighbor soo). +""" + +import os +import sys +import json +import pytest +import functools + +CWD = os.path.dirname(os.path.realpath(__file__)) +sys.path.append(os.path.join(CWD, "../")) + +# pylint: disable=C0413 +from lib import topotest +from lib.topogen import Topogen, TopoRouter, get_topogen +from lib.common_config import step + +pytestmark = [pytest.mark.bgpd] + + +def build_topo(tgen): + tgen.add_router("cpe1") + tgen.add_router("cpe2") + tgen.add_router("pe1") + tgen.add_router("pe2") + + switch = tgen.add_switch("s1") + switch.add_link(tgen.gears["cpe1"]) + switch.add_link(tgen.gears["pe1"]) + + switch = tgen.add_switch("s2") + switch.add_link(tgen.gears["pe1"]) + switch.add_link(tgen.gears["pe2"]) + + switch = tgen.add_switch("s3") + switch.add_link(tgen.gears["pe2"]) + switch.add_link(tgen.gears["cpe2"]) + + switch = tgen.add_switch("s4") + switch.add_link(tgen.gears["cpe2"]) + switch.add_link(tgen.gears["cpe1"]) + + +def setup_module(mod): + tgen = Topogen(build_topo, mod.__name__) + tgen.start_topology() + + pe1 = tgen.gears["pe1"] + pe2 = tgen.gears["pe2"] + + pe1.run("ip link add RED type vrf table 1001") + pe1.run("ip link set up dev RED") + pe2.run("ip link add RED type vrf table 1001") + pe2.run("ip link set up dev RED") + pe1.run("ip link set pe1-eth0 master RED") + pe2.run("ip link set pe2-eth1 master RED") + + pe1.run("sysctl -w net.ipv4.ip_forward=1") + pe2.run("sysctl -w net.ipv4.ip_forward=1") + pe1.run("sysctl -w net.mpls.conf.pe1-eth0.input=1") + pe2.run("sysctl -w net.mpls.conf.pe2-eth1.input=1") + + router_list = tgen.routers() + + for i, (rname, router) in enumerate(router_list.items(), 1): + router.load_config( + TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_BGP, os.path.join(CWD, "{}/bgpd.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_OSPF, os.path.join(CWD, "{}/ospfd.conf".format(rname)) + ) + router.load_config( + TopoRouter.RD_LDP, os.path.join(CWD, "{}/ldpd.conf".format(rname)) + ) + + tgen.start_router() + + +def teardown_module(mod): + tgen = get_topogen() + tgen.stop_topology() + + +def test_bgp_soo(): + tgen = get_topogen() + + pe2 = tgen.gears["pe2"] + + if tgen.routers_have_failure(): + pytest.skip(tgen.errors) + + def _bgp_soo_unconfigured(): + output = json.loads( + pe2.vtysh_cmd( + "show bgp vrf RED ipv4 unicast neighbors 192.168.2.1 advertised-routes json" + ) + ) + expected = {"advertisedRoutes": {"172.16.255.1/32": {"path": "65001"}}} + return topotest.json_cmp(output, expected) + + test_func = functools.partial(_bgp_soo_unconfigured) + _, result = topotest.run_and_expect(test_func, None, count=30, wait=0.5) + assert result is None, "Failed to see BGP convergence in pe2" + + step("Configure SoO (65000:1) for PE2 -- CPE2 session") + pe2.vtysh_cmd( + """ + configure terminal + router bgp 65001 vrf RED + address-family ipv4 unicast + neighbor 192.168.2.1 soo 65000:1 + """ + ) + + def _bgp_soo_configured(): + output = json.loads( + pe2.vtysh_cmd( + "show bgp vrf RED ipv4 unicast neighbors 192.168.2.1 advertised-routes json" + ) + ) + expected = {"advertisedRoutes": {"172.16.255.1/32": None}} + return topotest.json_cmp(output, expected) + + test_func = functools.partial(_bgp_soo_configured) + _, result = topotest.run_and_expect(test_func, None, count=30, wait=0.5) + assert result is None, "SoO filtering does not work from pe2" + + step("Configure SoO (65000:2) for PE2 -- CPE2 session") + pe2.vtysh_cmd( + """ + configure terminal + router bgp 65001 vrf RED + address-family ipv4 unicast + neighbor 192.168.2.1 soo 65000:2 + """ + ) + + test_func = functools.partial(_bgp_soo_unconfigured) + _, result = topotest.run_and_expect(test_func, None, count=30, wait=0.5) + assert result is None, "SoO filtering does not work from pe2" + + step("Unconfigure SoO for PE2 -- CPE2 session") + pe2.vtysh_cmd( + """ + configure terminal + router bgp 65001 vrf RED + address-family ipv4 unicast + no neighbor 192.168.2.1 soo + """ + ) + + test_func = functools.partial(_bgp_soo_unconfigured) + _, result = topotest.run_and_expect(test_func, None, count=30, wait=0.5) + assert result is None, "SoO filtering does not work from pe2" + + +if __name__ == "__main__": + args = ["-s"] + sys.argv[1:] + sys.exit(pytest.main(args)) |