From 0f62519cd77f1cf38dee5b58377d0c347fe619bc Mon Sep 17 00:00:00 2001 From: ISHIDA Wataru Date: Tue, 9 May 2017 07:47:09 +0000 Subject: server: ignore routes when local AS is in AS_PATH RFC4271 9.1.2 Phase 2: Route Selection If the AS_PATH attribute of a BGP route contains an AS loop, the BGP route should be excluded from the Phase 2 decision function. AS loop detection is done by scanning the full AS path (as specified in the AS_PATH attribute), and checking that the autonomous system number of the local system does not appear in the AS path. Operations of a BGP speaker that is configured to accept routes with its own autonomous system number in the AS path are outside the scope of this document. Also this commit adds support for allow-own-as option to relax this. Signed-off-by: ISHIDA Wataru --- test/lib/base.py | 10 ++++- test/lib/gobgp.py | 4 ++ test/scenario_test/aspath_test.py | 92 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 104 insertions(+), 2 deletions(-) create mode 100644 test/scenario_test/aspath_test.py (limited to 'test') diff --git a/test/lib/base.py b/test/lib/base.py index 1f523c32..ef8e7ab7 100644 --- a/test/lib/base.py +++ b/test/lib/base.py @@ -300,12 +300,17 @@ class BGPContainer(Container): name = self.peers[peer]['neigh_addr'].split('/')[0] return name + def update_peer(self, peer, **kwargs): + if peer not in self.peers: + raise Exception('peer not exists') + self.add_peer(peer, **kwargs) + def add_peer(self, peer, passwd=None, vpn=False, is_rs_client=False, policies=None, passive=False, is_rr_client=False, cluster_id=None, flowspec=False, bridge='', reload_config=True, as2=False, graceful_restart=None, local_as=None, prefix_limit=None, - v6=False, llgr=None, vrf='', interface=''): + v6=False, llgr=None, vrf='', interface='', allow_as_in=0): neigh_addr = '' local_addr = '' it = itertools.product(self.ip_addrs, peer.ip_addrs) @@ -346,7 +351,8 @@ class BGPContainer(Container): 'local_as': local_as, 'prefix_limit': prefix_limit, 'llgr': llgr, - 'vrf': vrf} + 'vrf': vrf, + 'allow_as_in': allow_as_in} if self.is_running and reload_config: self.create_config() self.reload_config() diff --git a/test/lib/gobgp.py b/test/lib/gobgp.py index 14fbfe1f..15264bfb 100644 --- a/test/lib/gobgp.py +++ b/test/lib/gobgp.py @@ -357,6 +357,10 @@ class GoBGPContainer(BGPContainer): }, } + n['as-path-options'] = {'config': {}} + if info['allow_as_in'] > 0: + n['as-path-options']['config']['allow-own-as'] = info['allow_as_in'] + if ':' in info['local_addr']: n['transport']['config']['local-address'] = info['local_addr'].split('/')[0] diff --git a/test/scenario_test/aspath_test.py b/test/scenario_test/aspath_test.py new file mode 100644 index 00000000..699a1ab3 --- /dev/null +++ b/test/scenario_test/aspath_test.py @@ -0,0 +1,92 @@ +# Copyright (C) 2017 Nippon Telegraph and Telephone Corporation. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import + +import sys +import time +import unittest + +from fabric.api import local +import nose + +from lib.noseplugin import OptionParser, parser_option + +from lib import base +from lib.base import BGP_FSM_ESTABLISHED +from lib.gobgp import GoBGPContainer +from lib.quagga import QuaggaBGPContainer + + +class GoBGPTestBase(unittest.TestCase): + + @classmethod + def setUpClass(cls): + gobgp_ctn_image_name = parser_option.gobgp_image + base.TEST_PREFIX = parser_option.test_prefix + + g1 = GoBGPContainer(name='g1', asn=65001, router_id='192.168.0.1', + ctn_image_name=gobgp_ctn_image_name, + log_level=parser_option.gobgp_log_level) + q1 = QuaggaBGPContainer(name='q1', asn=65002, router_id='192.168.0.2') + g2 = GoBGPContainer(name='g2', asn=65001, router_id='192.168.0.3', + ctn_image_name=gobgp_ctn_image_name, + log_level=parser_option.gobgp_log_level) + ctns = [g1, g2, q1] + + initial_wait_time = max(ctn.run() for ctn in ctns) + + time.sleep(initial_wait_time) + + g1.add_peer(q1) + q1.add_peer(g1) + + q1.add_peer(g2) + g2.add_peer(q1) + + g1.add_route('10.0.0.0/24') + + cls.g1 = g1 + cls.g2 = g2 + cls.q1 = q1 + cls.ctns = {n.name: n for n in ctns} + + # test each neighbor state is turned establish + def test_01_neighbor_established(self): + self.g1.wait_for(expected_state=BGP_FSM_ESTABLISHED, peer=self.q1) + self.q1.wait_for(expected_state=BGP_FSM_ESTABLISHED, peer=self.g2) + + def test_02_check_reject_as_loop(self): + time.sleep(1) + self.assertTrue(len(self.g2.get_global_rib()) == 0) + + def test_03_update_peer(self): + self.g2.update_peer(self.q1, allow_as_in=10) + + self.q1.wait_for(expected_state=BGP_FSM_ESTABLISHED, peer=self.g2) + + def test_04_check_accept_as_loop(self): + time.sleep(1) + self.assertTrue(len(self.g2.get_global_rib()) == 1) + + +if __name__ == '__main__': + output = local("which docker 2>&1 > /dev/null ; echo $?", capture=True) + if int(output) is not 0: + print "docker not found" + sys.exit(1) + + nose.main(argv=sys.argv, addplugins=[OptionParser()], + defaultTest=sys.argv[0]) -- cgit v1.2.3