Skip to content

Commit

Permalink
tests: Check if allowas-in works when importing between local VRFs
Browse files Browse the repository at this point in the history
Signed-off-by: Donatas Abraitis <[email protected]>
  • Loading branch information
ton31337 committed Jan 8, 2025
1 parent 0dd1518 commit 929591c
Show file tree
Hide file tree
Showing 4 changed files with 225 additions and 0 deletions.
Empty file.
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
!
interface r1-eth0
ip address 192.168.179.4/24
exit
!
router bgp 65001
!
router bgp 65001 vrf CUSTOMER-A
bgp router-id 192.168.179.4
no bgp ebgp-requires-policy
no bgp network import-check
neighbor 192.168.179.5 remote-as external
!
address-family ipv4 unicast
neighbor 192.168.179.5 next-hop-self
neighbor 192.168.179.5 allowas-in 10
label vpn export auto
rd vpn export 100:1
rt vpn both 100:1 100:2
export vpn
import vpn
exit-address-family
!
router bgp 65001 vrf CUSTOMER-B
bgp router-id 192.168.0.1
no bgp ebgp-requires-policy
no bgp network import-check
!
address-family ipv4 unicast
label vpn export auto
rd vpn export 100:2
rt vpn import 100:1 100:2
export vpn
import vpn
exit-address-family
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
!
interface lo
ip address 10.10.10.10/32
!
interface r2-eth0
ip address 192.168.179.5/24
exit
!
interface r2-eth1
ip address 192.168.2.2/24
exit
!
router bgp 65002
!
router bgp 65002 vrf CUSTOMER-A
bgp router-id 192.168.179.5
no bgp ebgp-requires-policy
no bgp network import-check
neighbor 192.168.179.4 remote-as external
!
address-family ipv4 unicast
neighbor 192.168.179.4 next-hop-self
neighbor 192.168.179.4 route-map r1 out
label vpn export auto
rd vpn export 100:1
rt vpn import 100:1 100:2
export vpn
import vpn
exit-address-family
!
router bgp 65002 vrf CUSTOMER-B
bgp router-id 192.168.0.2
no bgp ebgp-requires-policy
no bgp network import-check
!
address-family ipv4 unicast
redistribute connected
network 10.10.10.10/32
label vpn export auto
rd vpn export 100:2
rt vpn both 100:2
export vpn
import vpn
exit-address-family
!
route-map r1 permit 10
set as-path prepend 65001
!
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
#!/usr/bin/env python
# SPDX-License-Identifier: ISC

#
# Copyright (c) 2024 by
# Donatas Abraitis <[email protected]>
#

import os
import sys
import json
import pytest
import functools

CWD = os.path.dirname(os.path.realpath(__file__))
sys.path.append(os.path.join(CWD, "../"))

# pylint: disable=C0413
from lib import topotest
from lib.topogen import Topogen, get_topogen

pytestmark = [pytest.mark.bgpd]


def build_topo(tgen):
tgen.add_router("r1")
tgen.add_router("r2")

switch = tgen.add_switch("s1")
switch.add_link(tgen.gears["r1"])
switch.add_link(tgen.gears["r2"])

switch = tgen.add_switch("s2")
switch.add_link(tgen.gears["r1"])

switch = tgen.add_switch("s3")
switch.add_link(tgen.gears["r2"])


def setup_module(mod):
tgen = Topogen(build_topo, mod.__name__)
tgen.start_topology()

r1 = tgen.gears["r1"]
r2 = tgen.gears["r2"]

r1.run("ip link add CUSTOMER-A type vrf table 1001")
r1.run("ip link set up dev CUSTOMER-A")
r1.run("ip link set r1-eth0 master CUSTOMER-A")

r1.run("ip link add CUSTOMER-B type vrf table 1002")
r1.run("ip link set up dev CUSTOMER-B")
r1.run("ip link set r1-eth1 master CUSTOMER-B")

r2.run("ip link add CUSTOMER-A type vrf table 1001")
r2.run("ip link set up dev CUSTOMER-A")
r2.run("ip link set r2-eth0 master CUSTOMER-A")

r2.run("ip link add CUSTOMER-B type vrf table 1002")
r2.run("ip link set up dev CUSTOMER-B")
r2.run("ip link set r2-eth1 master CUSTOMER-B")

router_list = tgen.routers()

for _, (rname, router) in enumerate(router_list.items(), 1):
router.load_frr_config(os.path.join(CWD, "{}/frr.conf".format(rname)))

tgen.start_router()


def teardown_module(mod):
tgen = get_topogen()
tgen.stop_topology()


def test_bgp_vpnv4_import_allowas_in_between_vrf():
tgen = get_topogen()

if tgen.routers_have_failure():
pytest.skip(tgen.errors)

r1 = tgen.gears["r1"]

def _bgp_converge():
output = json.loads(
r1.vtysh_cmd("show bgp vrf CUSTOMER-A ipv4 unicast 10.10.10.10/32 json")
)
expected = {
"paths": [
{
"aspath": {
"string": "65002 65001",
},
"valid": True,
}
]
}
return topotest.json_cmp(output, expected)

test_func = functools.partial(_bgp_converge)
_, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
assert result is None, "Failed to see 10.10.10.10/32 with a valid next-hop"

def _vrf_route_imported_to_vrf():
output = json.loads(
r1.vtysh_cmd("show ip route vrf CUSTOMER-B 10.10.10.10/32 json")
)
expected = {
"10.10.10.10/32": [
{
"protocol": "bgp",
"vrfName": "CUSTOMER-B",
"selected": True,
"installed": True,
"table": 1002,
"internalNextHopNum": 1,
"internalNextHopActiveNum": 1,
"nexthops": [
{
"fib": True,
"ip": "192.168.179.5",
"afi": "ipv4",
"interfaceName": "r1-eth0",
"vrf": "CUSTOMER-A",
"active": True,
}
],
}
]
}
return topotest.json_cmp(output, expected)

test_func = functools.partial(_vrf_route_imported_to_vrf)
_, result = topotest.run_and_expect(test_func, None, count=30, wait=1)
assert (
result is None
), "Failed to see 10.10.10.10/32 to be imported into CUSTOMER-B VRF (Zebra)"


if __name__ == "__main__":
args = ["-s"] + sys.argv[1:]
sys.exit(pytest.main(args))

0 comments on commit 929591c

Please sign in to comment.