From fd87ba0aee46dde00d6c59e9a21a2c6bc8a07368 Mon Sep 17 00:00:00 2001 From: pavel-shirshov Date: Tue, 24 Nov 2020 08:33:31 -0800 Subject: [PATCH] [bgpcfgd]: Add on-match next rule for set ipv6 next-hop prefer-global (#6011) * Add 'on-match next' after every 'set ipv6 next-hop prefer-global' * Check that 'set ipv6 next-hop prefer-global' rule has 'on-match' next --- .../bgpd/templates/general/policies.conf.j2 | 1 + .../bgpd/templates/internal/policies.conf.j2 | 1 + .../general/policies.conf/result_all.conf | 1 + .../general/policies.conf/result_base.conf | 1 + .../general/policies.conf/result_deny.conf | 1 + .../instance.conf/result_back_v4.conf | 4 ++-- .../instance.conf/result_back_v6.conf | 4 ++-- .../instance.conf/result_front_v4.conf | 4 ++-- .../instance.conf/result_front_v6.conf | 4 ++-- .../internal/peer-group.conf/result_back.conf | 4 ++-- .../peer-group.conf/result_front.conf | 4 ++-- .../internal/policies.conf/result_back.conf | 5 +++-- .../internal/policies.conf/result_front.conf | 5 +++-- .../tests/test_ipv6_nexthop_global.py | 20 ++++++++++++------- 14 files changed, 36 insertions(+), 23 deletions(-) diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2 index 04dbc3bc49..29498adcd9 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2 @@ -36,6 +36,7 @@ route-map TO_BGP_PEER_V4 permit 100 ! ! route-map FROM_BGP_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_PEER_V6 permit 100 diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 index d4db3a97d5..81d3b00411 100644 --- a/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 +++ b/dockers/docker-fpm-frr/frr/bgpd/templates/internal/policies.conf.j2 @@ -9,6 +9,7 @@ route-map TO_BGP_INTERNAL_PEER_V4 permit 100 ! ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all.conf b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all.conf index 79f6422961..e4f58f80c9 100644 --- a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all.conf +++ b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all.conf @@ -20,6 +20,7 @@ route-map FROM_BGP_PEER_V4 permit 100 route-map TO_BGP_PEER_V4 permit 100 ! route-map FROM_BGP_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_PEER_V6 permit 100 diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_base.conf b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_base.conf index 9572643522..8f7631caab 100644 --- a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_base.conf +++ b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_base.conf @@ -6,6 +6,7 @@ route-map FROM_BGP_PEER_V4 permit 100 route-map TO_BGP_PEER_V4 permit 100 ! route-map FROM_BGP_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_PEER_V6 permit 100 diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_deny.conf b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_deny.conf index f1427175e0..7f9137931e 100644 --- a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_deny.conf +++ b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_deny.conf @@ -20,6 +20,7 @@ route-map FROM_BGP_PEER_V4 permit 100 route-map TO_BGP_PEER_V4 permit 100 ! route-map FROM_BGP_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_PEER_V6 permit 100 diff --git a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v4.conf b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v4.conf index 9cf5e3d13c..fc7b82a64a 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v4.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v4.conf @@ -1,5 +1,5 @@ ! -! template: bgpd/templates/general/instance.conf.j2 +! template: bgpd/templates/internal/instance.conf.j2 ! neighbor 10.10.10.10 remote-as 555 neighbor 10.10.10.10 description remote_peer @@ -12,5 +12,5 @@ neighbor 10.10.10.10 activate exit-address-family ! -! end of template: bgpd/templates/general/instance.conf.j2 +! end of template: bgpd/templates/internal/instance.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v6.conf b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v6.conf index 41aa2ae7f8..74cececad9 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v6.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_back_v6.conf @@ -1,5 +1,5 @@ ! -! template: bgpd/templates/general/instance.conf.j2 +! template: bgpd/templates/internal/instance.conf.j2 ! neighbor fc::10 remote-as 555 neighbor fc::10 description remote_peer @@ -12,5 +12,5 @@ neighbor fc::10 activate exit-address-family ! -! end of template: bgpd/templates/general/instance.conf.j2 +! end of template: bgpd/templates/internal/instance.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v4.conf b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v4.conf index c327e417f0..95eb985b15 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v4.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v4.conf @@ -1,5 +1,5 @@ ! -! template: bgpd/templates/general/instance.conf.j2 +! template: bgpd/templates/internal/instance.conf.j2 ! neighbor 10.10.10.10 remote-as 555 neighbor 10.10.10.10 description remote_peer @@ -10,5 +10,5 @@ neighbor 10.10.10.10 activate exit-address-family ! -! end of template: bgpd/templates/general/instance.conf.j2 +! end of template: bgpd/templates/internal/instance.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v6.conf b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v6.conf index c730038233..a4a4648e48 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v6.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/instance.conf/result_front_v6.conf @@ -1,5 +1,5 @@ ! -! template: bgpd/templates/general/instance.conf.j2 +! template: bgpd/templates/internal/instance.conf.j2 ! neighbor fc::10 remote-as 555 neighbor fc::10 description remote_peer @@ -10,5 +10,5 @@ neighbor fc::10 activate exit-address-family ! -! end of template: bgpd/templates/general/instance.conf.j2 +! end of template: bgpd/templates/internal/instance.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf index 829cbba8b1..15076685eb 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_back.conf @@ -1,5 +1,5 @@ ! -! template: bgpd/templates/general/peer-group.conf.j2 +! template: bgpd/templates/internal/peer-group.conf.j2 ! neighbor INTERNAL_PEER_V4 peer-group neighbor INTERNAL_PEER_V6 peer-group @@ -16,5 +16,5 @@ neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out exit-address-family ! -! end of template: bgpd/templates/general/peer-group.conf.j2 +! end of template: bgpd/templates/internal/peer-group.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf index f23e009483..8f4aa450f5 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/peer-group.conf/result_front.conf @@ -1,5 +1,5 @@ ! -! template: bgpd/templates/general/peer-group.conf.j2 +! template: bgpd/templates/internal/peer-group.conf.j2 ! neighbor INTERNAL_PEER_V4 peer-group neighbor INTERNAL_PEER_V6 peer-group @@ -14,5 +14,5 @@ neighbor INTERNAL_PEER_V6 route-map TO_BGP_INTERNAL_PEER_V6 out exit-address-family ! -! end of template: bgpd/templates/general/peer-group.conf.j2 +! end of template: bgpd/templates/internal/peer-group.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf index def088028d..81bf0808f7 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_back.conf @@ -1,11 +1,12 @@ ! -! template: bgpd/templates/general/policies.conf.j2 +! template: bgpd/templates/internal/policies.conf.j2 ! route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 ! route-map TO_BGP_INTERNAL_PEER_V4 permit 100 ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 @@ -18,5 +19,5 @@ route-map FROM_BGP_INTERNAL_PEER_V4 permit 2 route-map FROM_BGP_INTERNAL_PEER_V6 permit 2 set originator-id 10.10.10.10 ! -! end of template: bgpd/templates/general/policies.conf.j2 +! end of template: bgpd/templates/internal/policies.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf index 9cc40fd8b7..94dc55a545 100644 --- a/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf +++ b/src/sonic-bgpcfgd/tests/data/internal/policies.conf/result_front.conf @@ -1,16 +1,17 @@ ! -! template: bgpd/templates/general/policies.conf.j2 +! template: bgpd/templates/internal/policies.conf.j2 ! route-map FROM_BGP_INTERNAL_PEER_V4 permit 100 ! route-map TO_BGP_INTERNAL_PEER_V4 permit 100 ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 1 + on-match next set ipv6 next-hop prefer-global ! route-map FROM_BGP_INTERNAL_PEER_V6 permit 100 ! route-map TO_BGP_INTERNAL_PEER_V6 permit 100 ! -! end of template: bgpd/templates/general/policies.conf.j2 +! end of template: bgpd/templates/internal/policies.conf.j2 ! diff --git a/src/sonic-bgpcfgd/tests/test_ipv6_nexthop_global.py b/src/sonic-bgpcfgd/tests/test_ipv6_nexthop_global.py index d1bb67ee9c..398c8a19f3 100644 --- a/src/sonic-bgpcfgd/tests/test_ipv6_nexthop_global.py +++ b/src/sonic-bgpcfgd/tests/test_ipv6_nexthop_global.py @@ -79,6 +79,7 @@ def extract_rm_from_peer_group(path, peer_group_name): def check_routemap_in_file(filename, route_map_name): route_map_re = re.compile(r'^route-map\s+%s\s+permit\s+(\d+)' % route_map_name) set_re = re.compile(r'set ipv6 next-hop prefer-global') + next_re = re.compile(r'on-match next') with open(filename) as fp: lines = [line.strip() for line in fp if not line.strip().startswith('!') and line.strip() != ''] found_entry = False @@ -86,9 +87,13 @@ def check_routemap_in_file(filename, route_map_name): route_map_entries = {} for line in lines: if found_entry: - route_map_entries[found_seq_no] = set_re.match(line) is not None - found_entry = False - found_seq_no = None + if set_re.match(line): + route_map_entries[found_seq_no][0] = True + elif next_re.match(line): + route_map_entries[found_seq_no][1] = True + else: + found_entry = False + found_seq_no = None if route_map_re.match(line): found_seq_no = None seq_n_txt = route_map_re.match(line).group(1) @@ -96,11 +101,12 @@ def check_routemap_in_file(filename, route_map_name): found_seq_no = int(seq_n_txt) assert found_seq_no not in route_map_entries, "Route-map has duplicate entries: %s - %d" % (route_map_name, found_seq_no) found_entry = True + route_map_entries[found_seq_no] = [False, False] results = [route_map_entries[seq] for seq in sorted(route_map_entries.keys())] - if (len(results)): - err_msg = "route-map %s doesn't have mandatory permit entry for 'set ipv6 next-hop prefer-global" % route_map_name - assert results[0], err_msg - return len(results) > 0 + err_msg = "route-map %s doesn't have mandatory permit entry for 'set ipv6 next-hop prefer-global" % route_map_name + assert len(results), err_msg + assert all(results[0]), "first ipv6 route-map entry doesn't have set ipv6 nexthop" + return True def check_routemap(path, route_map_name): result_files = load_results(path, "policies.conf")