def test_construct_nlri(self):
raw_hex = '\x0f\x05\x01\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93'
nlri_dict = {bgp_cons.BGPNLRI_FSPEC_DST_PORT: '=80|=8080|=8081|=8082|=8083'}
self.assertEqual(raw_hex, IPv4FlowSpec.construct_nlri(nlri_dict))
nlri_bin = b'\x0a\x01\x18\xc0\x55\x02\x02\x18\xc0\x55\x01'
nlri_list = {1: '192.85.2.0/24', 2: '192.85.1.0/24'}
self.assertEqual(nlri_bin, IPv4FlowSpec.construct_nlri(nlri_list))
def test_parse_construct_prefix(self):
prefix_bin = b'\x18\xc0\x55\x02'
prefix_str = '192.85.2.0/24'
self.assertEqual(prefix_bin, IPv4FlowSpec.construct_prefix(prefix_str))
self.assertEqual(prefix_str, IPv4FlowSpec.parse_prefix(prefix_bin)[0])
prefix_bin = b'\x13\xb8\x9d\xe0'
prefix_str = '184.157.224.0/19'
self.assertEqual(prefix_bin, IPv4FlowSpec.construct_prefix(prefix_str))
self.assertEqual(prefix_str, IPv4FlowSpec.parse_prefix(prefix_bin)[0])
def test_construct_operator_flag(self):
flag = {
'LEN': 1,
'EQ': 1,
'EOL': 1
}
self.assertEqual(0x81, IPv4FlowSpec.construct_operator_flag(flag))
flag = {
'EOL': 1,
'LEN': 2,
'AND': 1,
'LT': 1,
'EQ': 1
}
self.assertEqual(0xd5, IPv4FlowSpec.construct_operator_flag(flag))
def parse(cls, value):
try:
afi, safi, nexthop_length = struct.unpack('!HBB', value[0:4])
nexthop_bin = value[4:4 + nexthop_length]
nlri_bin = value[5 + nexthop_length:]
except Exception:
# error when lenght is wrong
raise excep.UpdateMessageError(
sub_error=bgp_cons.ERR_MSG_UPDATE_ATTR_LEN,
data=repr(value))
# Address Family IPv4
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST:
nlri = IPv4MPLSVPN.parse(nlri_bin)
elif safi == safn.SAFNUM_FSPEC_RULE:
# if nlri length is greater than 240 bytes, it is encoded over 2 bytes
if len(nlri_bin) >= 240:
nlri_bin = nlri_bin[2:]
else:
nlri_bin = nlri_bin[1:]
nlri = IPv4FlowSpec.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop_bin, nlri=nlri)
else:
nlri = repr(nlri_bin)
# # Address Family IPv6
elif afi == afn.AFNUM_INET6:
# IPv6 unicast
if safi == safn.SAFNUM_UNICAST:
# decode nexthop
# RFC 2545
# The value of the Length of Next Hop Network Address field on a
# MP_REACH_NLRI attribute shall be set to 16, when only a global
# address is present, or 32 if a link-local address is also included in
# the Next Hop field.
#
# The link-local address shall be included in the Next Hop field if and
# only if the BGP speaker shares a common subnet with the entity
# identified by the global IPv6 address carried in the Network Address
# of Next Hop field and the peer the route is being advertised to.
nexthop_addrlen = 16
has_link_local = False
nexthop = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin[:nexthop_addrlen]), 16)))
if len(nexthop_bin) == 2 * nexthop_addrlen:
# has link local address
has_link_local = True
linklocal_nexthop = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin[nexthop_addrlen:]), 16)))
nlri = IPv6Unicast.parse(nlri_bin)
if has_link_local:
return dict(afi_safi=(afi, safi), nexthop=nexthop, linklocal_nexthop=linklocal_nexthop, nlri=nlri)
else:
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
else:
nlri = repr(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop_bin, nlri=nlri_bin)
def parse(cls, value):
try:
afi, safi = struct.unpack('!HB', value[0:3])
except Exception:
raise excep.UpdateMessageError(
sub_error=bgp_cons.ERR_MSG_UPDATE_ATTR_LEN, data='')
nlri_bin = value[3:]
# for IPv4
if afi == afn.AFNUM_INET:
# VPNv4
if safi == safn.SAFNUM_LAB_VPNUNICAST:
nlri = IPv4MPLSVPN.parse(nlri_bin, iswithdraw=True)
return dict(afi_safi=(afi, safi), withdraw=nlri)
# BGP flow spec
elif safi == safn.SAFNUM_FSPEC_RULE:
# if nlri length is greater than 240 bytes, it is encoded over 2 bytes
withdraw_list = []
while nlri_bin:
length = ord(nlri_bin[0])
if length >> 4 == 0xf and len(nlri_bin) > 2:
length = struct.unpack('!H', nlri_bin[:2])[0]
nlri_tmp = nlri_bin[2:length + 2]
nlri_bin = nlri_bin[length + 2:]
else:
nlri_tmp = nlri_bin[1:length + 1]
nlri_bin = nlri_bin[length + 1:]
nlri = IPv4FlowSpec.parse(nlri_tmp)
if nlri:
withdraw_list.append(nlri)
return dict(afi_safi=(afi, safi), withdraw=withdraw_list)
else:
return dict(afi_safi=(afn.AFNUM_INET, safi),
withdraw=repr(nlri_bin))
# for ipv6
elif afi == afn.AFNUM_INET6:
# for ipv6 unicast
if safi == safn.SAFNUM_UNICAST:
return dict(afi_safi=(afi, safi),
withdraw=IPv6Unicast.parse(nlri_data=nlri_bin))
elif safi == safn.SAFNUM_LAB_VPNUNICAST:
return dict(afi_safi=(afi, safi),
withdraw=IPv6MPLSVPN.parse(value=nlri_bin,
iswithdraw=True))
else:
return dict(afi_safi=(afi, safi), withdraw=repr(nlri_bin))
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
# for evpn
if safi == safn.SAFNUM_EVPN:
return dict(afi_safi=(afi, safi),
withdraw=EVPN.parse(nlri_data=nlri_bin))
else:
return dict(afi_safi=(afi, safi), withdraw=repr(nlri_bin))
else:
return dict(afi_safi=(afi, safi), withdraw=repr(nlri_bin))
def test_parse(self):
raw_hex = '\x01\x18\x02\x02\x02\x02\x10\x03\x03\x03\x01\x00\x01\x2f\x01\x58' \
'\x01\x01\x01\x02\x01\x59\x81\x67\x05\x11\x1f\x92\x91\x1f\x93\x06\x01' \
'\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93\x07\x01\x02\x01' \
'\x03\x01\x05\x81\x06\x08\x81\x02\x09\x81\x28\x0a\x01\xfe\x03\xfe\xd5' \
'\x01\x2c\x0b\x01\x28\x81\x30\x0c\x81\x01'
self.assertEqual(
{1: '2.2.2.0/24', 2: '3.3.0.0/16', 3: '=0|=47|=88|=1|=2|=89|=103', 5: '=8082|=8083',
6: '=80|=8080|=8081|=8082|=8083', 7: '=2|=3|=5|=6', 8: '=2', 9: '=40', 10: '=254|>=254&<=300',
11: '=40|=48', 12: '=1'}, IPv4FlowSpec.parse(raw_hex))
def construct(cls, value):
"""Construct a attribute
:param value: python dictionary
{'afi_safi': (1,128),
'nexthop': {},
'nlri': []
"""
afi, safi = value['afi_safi']
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST: # MPLS VPN
pass
elif safi == safn.SAFNUM_FSPEC_RULE: # BGP Flow spec
try:
try:
nexthop = netaddr.IPAddress(value['nexthop']).packed
except netaddr.core.AddrFormatError:
nexthop = ''
nlri = IPv4FlowSpec.construct(value=value['nlri'])
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + \
struct.pack('!B', len(nexthop)) + nexthop + b'\x00' + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
except Exception as e:
raise excep.ConstructAttributeFailed(
reason='failed to construct attributes: %s' % e,
data=value
)
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family',
data=value)
# ipv6 unicast
elif afi == afn.AFNUM_INET6:
if safi == safn.SAFNUM_UNICAST:
nexthop_len = 16
nexthop_bin = netaddr.IPAddress(value['nexthop']).packed
if value.get('linklocal_nexthop'):
nexthop_len *= 2
nexthop_bin += netaddr.IPAddress(value['linklocal_nexthop']).packed
nlri_bin = IPv6Unicast.construct(nlri_list=value['nlri'])
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + struct.pack('!B', nexthop_len) + \
nexthop_bin + b'\x00' + nlri_bin
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID)\
+ struct.pack('!B', len(attr_value)) + attr_value
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family',
data=value)
def parse(cls, value):
try:
afi, safi = struct.unpack('!HB', value[0:3])
except Exception:
raise excep.UpdateMessageError(sub_error=bgp_cons.ERR_MSG_UPDATE_ATTR_LEN,
data='')
nlri_bin = value[3:]
# for IPv4
if afi == afn.AFNUM_INET:
# VPNv4
if safi == safn.SAFNUM_LAB_VPNUNICAST:
nlri = IPv4MPLSVPN.parse(nlri_bin, iswithdraw=True)
return dict(afi_safi=(afi, safi), withdraw=nlri)
# BGP flow spec
elif safi == safn.SAFNUM_FSPEC_RULE:
# if nlri length is greater than 240 bytes, it is encoded over 2 bytes
withdraw_list = []
while nlri_bin:
length = ord(nlri_bin[0])
if length >> 4 == 0xf and len(nlri_bin) > 2:
length = struct.unpack('!H', nlri_bin[:2])[0]
nlri_tmp = nlri_bin[2: length + 2]
nlri_bin = nlri_bin[length + 2:]
else:
nlri_tmp = nlri_bin[1: length + 1]
nlri_bin = nlri_bin[length + 1:]
nlri = IPv4FlowSpec.parse(nlri_tmp)
if nlri:
withdraw_list.append(nlri)
return dict(afi_safi=(afi, safi), withdraw=withdraw_list)
else:
return dict(afi_safi=(afn.AFNUM_INET, safi), withdraw=repr(nlri_bin))
# for ipv6
elif afi == afn.AFNUM_INET6:
# for ipv6 unicast
if safi == safn.SAFNUM_UNICAST:
return dict(afi_safi=(afi, safi), withdraw=IPv6Unicast.parse(nlri_data=nlri_bin))
elif safi == safn.SAFNUM_LAB_VPNUNICAST:
return dict(afi_safi=(afi, safi), withdraw=IPv6MPLSVPN.parse(value=nlri_bin, iswithdraw=True))
else:
return dict(afi_safi=(afi, safi), withdraw=repr(nlri_bin))
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
# for evpn
if safi == safn.SAFNUM_EVPN:
return dict(afi_safi=(afi, safi), withdraw=EVPN.parse(nlri_data=nlri_bin))
else:
return dict(afi_safi=(afi, safi), withdraw=repr(nlri_bin))
else:
return dict(afi_safi=(afi, safi), withdraw=repr(nlri_bin))
def test_parse(self):
pass
raw_hex = '\x01\x18\x02\x02\x02\x02\x10\x03\x03\x03\x01\x00\x01\x2f\x01\x58' \
'\x01\x01\x01\x02\x01\x59\x81\x67\x05\x11\x1f\x92\x91\x1f\x93\x06\x01' \
'\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93\x07\x01\x02\x01' \
'\x03\x01\x05\x81\x06\x08\x81\x02\x09\x81\x28\x0a\x01\xfe\x03\xfe\xd5' \
'\x01\x2c\x0b\x01\x28\x81\x30\x0c\x81\x01'
self.assertEqual(
[{1: '2.2.2.0/24'}, {2: '3.3.0.0/16'}, {3: '=0 =47 =88 =1 =2 =89 =103'}, {5: '=8082 =8083'},
{6: '=80 =8080 =8081 =8082 =8083'}, {7: '=2 =3 =5 =6'}, {8: '=2'}, {9: '=40'}, {10: '=254 >=254&<=300'},
{11: '=40 =48'}, {12: '=1'}], IPv4FlowSpec.parse(raw_hex))
def parse(cls, value):
try:
afi, safi, nexthop_length = struct.unpack('!HBB', value[0:4])
nexthop_bin = value[4:4 + nexthop_length]
nlri_bin = value[5 + nexthop_length:]
except Exception:
# error when lenght is wrong
raise excep.UpdateMessageError(
sub_error=bgp_cons.ERR_MSG_UPDATE_ATTR_LEN, data=repr(value))
# Address Family IPv4
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST:
# MPLS VPN
# parse nexthop
rd_bin = nexthop_bin[0:8]
rd_type = struct.unpack('!H', rd_bin[0:2])[0]
rd_value_bin = rd_bin[2:]
if rd_type == 0:
asn, an = struct.unpack('!HI', rd_value_bin)
ipv4 = str(
netaddr.IPAddress(
int(binascii.b2a_hex(nexthop_bin[8:]), 16)))
nexthop = {'rd': '%s:%s' % (asn, an), 'str': ipv4}
# TODO(xiaoquwl) for other RD type decoding
else:
nexthop = repr(nexthop_bin[8:])
# parse nlri
nlri = IPv4MPLSVPN.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
elif safi == safn.SAFNUM_FSPEC_RULE:
# if nlri length is greater than 240 bytes, it is encoded over 2 bytes
if len(nlri_bin) >= 240:
nlri_bin = nlri_bin[2:]
else:
nlri_bin = nlri_bin[1:]
nlri = IPv4FlowSpec.parse(nlri_bin)
return dict(afi_safi=(afi, safi),
nexthop=nexthop_bin,
nlri=nlri)
else:
nlri = repr(nlri_bin)
# # Address Family IPv6
elif afi == afn.AFNUM_INET6:
# IPv6 unicast
if safi == safn.SAFNUM_UNICAST:
# decode nexthop
# RFC 2545
# The value of the Length of Next Hop Network Address field on a
# MP_REACH_NLRI attribute shall be set to 16, when only a global
# address is present, or 32 if a link-local address is also included in
# the Next Hop field.
#
# The link-local address shall be included in the Next Hop field if and
# only if the BGP speaker shares a common subnet with the entity
# identified by the global IPv6 address carried in the Network Address
# of Next Hop field and the peer the route is being advertised to.
nexthop_addrlen = 16
has_link_local = False
nexthop = str(
netaddr.IPAddress(
int(binascii.b2a_hex(nexthop_bin[:nexthop_addrlen]),
16)))
if len(nexthop_bin) == 2 * nexthop_addrlen:
# has link local address
has_link_local = True
linklocal_nexthop = str(
netaddr.IPAddress(
int(
binascii.b2a_hex(
nexthop_bin[nexthop_addrlen:]), 16)))
nlri = IPv6Unicast.parse(nlri_bin)
if has_link_local:
return dict(afi_safi=(afi, safi),
nexthop=nexthop,
linklocal_nexthop=linklocal_nexthop,
nlri=nlri)
else:
return dict(afi_safi=(afi, safi),
nexthop=nexthop,
nlri=nlri)
elif safi == safn.SAFNUM_LAB_VPNUNICAST:
# IPv6 MPLS VPN
# parse nexthop
rd_bin = nexthop_bin[0:8]
rd_type = struct.unpack('!H', rd_bin[0:2])[0]
rd_value_bin = rd_bin[2:]
if rd_type == 0:
asn, an = struct.unpack('!HI', rd_value_bin)
ipv6 = str(
netaddr.IPAddress(
int(binascii.b2a_hex(nexthop_bin[8:]), 16)))
nexthop = {'rd': '%s:%s' % (asn, an), 'str': ipv6}
# TODO(xiaoquwl) for other RD type decoding
else:
nexthop = repr(nexthop_bin[8:])
# parse nlri
nlri = IPv6MPLSVPN.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
else:
return dict(afi_safi=(afi, safi),
nexthop=nexthop_bin,
nlri=nlri_bin)
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
if safi == safn.SAFNUM_EVPN:
nexthop = str(
netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin), 16)))
nlri = EVPN.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
else:
nlri = repr(nlri_bin)
else:
nlri = repr(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop_bin, nlri=nlri_bin)
def test_construct_nlri(self):
nlri_bin = b'\x0a\x01\x18\xc0\x55\x02\x02\x18\xc0\x55\x01'
nlri_list = [{1: '192.85.2.0/24'}, {2: '192.85.1.0/24'}]
self.assertEqual(nlri_bin, IPv4FlowSpec.construct_nlri(nlri_list))
def construct(cls, value):
"""Construct a attribute
:param value: python dictionary
{'afi_safi': (1,128),
'nexthop': {},
'nlri': []
"""
afi, safi = value['afi_safi']
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST: # MPLS VPN
nexthop_hex = cls.construct_mpls_vpn_nexthop(value['nexthop'])
nlri_hex = IPv4MPLSVPN.construct(value['nlri'])
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) +\
struct.pack('!B', len(nexthop_hex)) + nexthop_hex + b'\x00' + nlri_hex
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
elif safi == safn.SAFNUM_FSPEC_RULE: # BGP Flow spec
try:
try:
nexthop = netaddr.IPAddress(value['nexthop']).packed
except netaddr.core.AddrFormatError:
nexthop = ''
nlri = IPv4FlowSpec.construct(value=value['nlri'])
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + \
struct.pack('!B', len(nexthop)) + nexthop + b'\x00' + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
except Exception as e:
raise excep.ConstructAttributeFailed(
reason='failed to construct attributes: %s' % e,
data=value)
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family', data=value)
# ipv6 unicast
elif afi == afn.AFNUM_INET6:
if safi == safn.SAFNUM_LAB_VPNUNICAST: # MPLS VPN
nexthop_hex = cls.construct_mpls_vpn_nexthop(value['nexthop'])
nlri_hex = IPv6MPLSVPN.construct(value['nlri'])
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) +\
struct.pack('!B', len(nexthop_hex)) + nexthop_hex + b'\x00' + nlri_hex
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
elif safi == safn.SAFNUM_UNICAST:
nexthop_len = 16
nexthop_bin = netaddr.IPAddress(value['nexthop']).packed
if value.get('linklocal_nexthop'):
nexthop_len *= 2
nexthop_bin += netaddr.IPAddress(
value['linklocal_nexthop']).packed
nlri_bin = IPv6Unicast.construct(nlri_list=value['nlri'])
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + struct.pack('!B', nexthop_len) + \
nexthop_bin + b'\x00' + nlri_bin
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID)\
+ struct.pack('!B', len(attr_value)) + attr_value
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
if safi == safn.SAFNUM_EVPN:
nexthop_bin = netaddr.IPAddress(value['nexthop']).packed
nlri_bin = EVPN.construct(nlri_list=value['nlri'])
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + struct.pack('!B', len(nexthop_bin)) + \
nexthop_bin + b'\x00' + nlri_bin
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID)\
+ struct.pack('!B', len(attr_value)) + attr_value
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family', data=value)
def test_parse_nlri_icmp_code(self):
raw_hex = '\x08\x81\x02'
self.assertEqual([{bgp_cons.BGPNLRI_FSPEC_ICMP_CD: '=2'}], IPv4FlowSpec.parse(raw_hex))
def test_construct_prefix(self):
prefix_bin = b'\x18\xc0\x55\x02'
prefix_str = '192.85.2.0/24'
self.assertEqual(prefix_bin, IPv4FlowSpec.construct_prefix(prefix_str))
def test_parse_nlri_ip_protocol(self):
raw_hex = '\x03\x01\x00\x01\x2f\x01\x58\x01\x01\x01\x02\x01\x59\x81\x67'
self.assertEqual(
{bgp_cons.BGPNLRI_FSPEC_IP_PROTO: '=0 =47 =88 =1 =2 =89 =103'},
IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_des_port(self):
raw_hex = '\x05\x01\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93'
self.assertEqual({bgp_cons.BGPNLRI_FSPEC_DST_PORT: '=80|=8080|=8081|=8082|=8083'},
IPv4FlowSpec.parse(raw_hex))
def construct(cls, value):
"""Construct a attribute
:param value: python dictionary
{'afi_safi': (1,128),
'withdraw': []
"""
afi, safi = value['afi_safi']
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST: # MPLS VPN
nlri = IPv4MPLSVPN.construct(value['withdraw'], iswithdraw=True)
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
else:
return None
elif safi == safn.SAFNUM_FSPEC_RULE:
try:
nlri_list = value.get('withdraw') or []
if not nlri_list:
return None
nlri_hex = b''
for nlri in nlri_list:
nlri_hex += IPv4FlowSpec.construct(value=nlri)
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri_hex
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
except Exception:
raise excep.ConstructAttributeFailed(
reason='failed to construct attributes',
data=value
)
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family',
data=value)
elif afi == afn.AFNUM_INET6:
if safi == safn.SAFNUM_UNICAST:
nlri = IPv6Unicast.construct(nlri_list=value['withdraw'])
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
elif safi == safn.SAFNUM_LAB_VPNUNICAST:
nlri = IPv6MPLSVPN.construct(value=value['withdraw'], iswithdraw=True)
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
else:
return None
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
# for evpn
if safi == safn.SAFNUM_EVPN:
nlri = EVPN.construct(nlri_list=value['withdraw'])
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
else:
return None
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family',
data=value)
def test_parse_nlri_ip_protocol(self):
raw_hex = '\x03\x01\x00\x01\x2f\x01\x58\x01\x01\x01\x02\x01\x59\x81\x67'
self.assertEqual([{bgp_cons.BGPNLRI_FSPEC_IP_PROTO: '=0 =47 =88 =1 =2 =89 =103'}], IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_icmp_type(self):
raw_hex = '\x07\x01\x02\x01\x03\x01\x05\x81\x06'
self.assertEqual({bgp_cons.BGPNLRI_FSPEC_ICMP_TP: '=2 =3 =5 =6'},
IPv4FlowSpec.parse(raw_hex))
def test_construct_prefix(self):
prefix_bin = b'\x18\xc0\x55\x02'
prefix_str = '192.85.2.0/24'
self.assertEqual(prefix_bin, IPv4FlowSpec.construct_prefix(prefix_str))
def test_parse_nlri_des_port(self):
raw_hex = '\x05\x01\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93'
self.assertEqual({bgp_cons.BGPNLRI_FSPEC_DST_PORT: '=80 =8080 =8081 =8082 =8083'},
IPv4FlowSpec.parse(raw_hex))
def construct(cls, value):
"""Construct a attribute
:param value: python dictionary
{'afi_safi': (1,128),
'withdraw': []
"""
afi, safi = value['afi_safi']
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST: # MPLS VPN
nlri = IPv4MPLSVPN.construct(value['withdraw'], iswithdraw=True)
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
else:
return None
elif safi == safn.SAFNUM_FSPEC_RULE:
try:
nlri_list = value.get('withdraw') or []
if not nlri_list:
return None
nlri_hex = b''
for nlri in nlri_list:
nlri_hex += IPv4FlowSpec.construct(value=nlri)
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri_hex
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
except Exception:
raise excep.ConstructAttributeFailed(
reason='failed to construct attributes',
data=value
)
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family',
data=value)
elif afi == afn.AFNUM_INET6:
if safi == safn.SAFNUM_UNICAST:
nlri = IPv6Unicast.construct(nlri_list=value['withdraw'])
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
elif safi == safn.SAFNUM_LAB_VPNUNICAST:
nlri = IPv6MPLSVPN.construct(value=value['withdraw'], iswithdraw=True)
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
else:
return None
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
# for evpn
if safi == safn.SAFNUM_EVPN:
nlri = EVPN.construct(nlri_list=value['withdraw'])
if nlri:
attr_value = struct.pack('!H', afi) + struct.pack('!B', safi) + nlri
return struct.pack('!B', cls.FLAG) + struct.pack('!B', cls.ID) \
+ struct.pack('!B', len(attr_value)) + attr_value
else:
return None
else:
raise excep.ConstructAttributeFailed(
reason='unsupport this sub address family',
data=value)
def parse(cls, value):
try:
afi, safi, nexthop_length = struct.unpack('!HBB', value[0:4])
nexthop_bin = value[4:4 + nexthop_length]
nlri_bin = value[5 + nexthop_length:]
except Exception:
# error when lenght is wrong
raise excep.UpdateMessageError(
sub_error=bgp_cons.ERR_MSG_UPDATE_ATTR_LEN,
data=repr(value))
# Address Family IPv4
if afi == afn.AFNUM_INET:
if safi == safn.SAFNUM_LAB_VPNUNICAST:
# MPLS VPN
# parse nexthop
rd_bin = nexthop_bin[0:8]
rd_type = struct.unpack('!H', rd_bin[0:2])[0]
rd_value_bin = rd_bin[2:]
if rd_type == 0:
asn, an = struct.unpack('!HI', rd_value_bin)
ipv4 = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin[8:]), 16)))
nexthop = {'rd': '%s:%s' % (asn, an), 'str': ipv4}
# TODO(xiaoquwl) for other RD type decoding
else:
nexthop = repr(nexthop_bin[8:])
# parse nlri
nlri = IPv4MPLSVPN.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
elif safi == safn.SAFNUM_FSPEC_RULE:
# if nlri length is greater than 240 bytes, it is encoded over 2 bytes
nlri_list = []
while nlri_bin:
length = ord(nlri_bin[0])
if length >> 4 == 0xf and len(nlri_bin) > 2:
length = struct.unpack('!H', nlri_bin[:2])[0]
nlri_tmp = nlri_bin[2: length + 2]
nlri_bin = nlri_bin[length + 2:]
else:
nlri_tmp = nlri_bin[1: length + 1]
nlri_bin = nlri_bin[length + 1:]
nlri = IPv4FlowSpec.parse(nlri_tmp)
if nlri:
nlri_list.append(nlri)
if nexthop_bin:
nexthop = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin), 16)))
else:
nexthop = ''
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri_list)
else:
nlri = repr(nlri_bin)
# # Address Family IPv6
elif afi == afn.AFNUM_INET6:
# IPv6 unicast
if safi == safn.SAFNUM_UNICAST:
# decode nexthop
# RFC 2545
# The value of the Length of Next Hop Network Address field on a
# MP_REACH_NLRI attribute shall be set to 16, when only a global
# address is present, or 32 if a link-local address is also included in
# the Next Hop field.
#
# The link-local address shall be included in the Next Hop field if and
# only if the BGP speaker shares a common subnet with the entity
# identified by the global IPv6 address carried in the Network Address
# of Next Hop field and the peer the route is being advertised to.
nexthop_addrlen = 16
has_link_local = False
nexthop = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin[:nexthop_addrlen]), 16)))
if len(nexthop_bin) == 2 * nexthop_addrlen:
# has link local address
has_link_local = True
linklocal_nexthop = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin[nexthop_addrlen:]), 16)))
nlri = IPv6Unicast.parse(nlri_bin)
if has_link_local:
return dict(afi_safi=(afi, safi), nexthop=nexthop, linklocal_nexthop=linklocal_nexthop, nlri=nlri)
else:
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
elif safi == safn.SAFNUM_LAB_VPNUNICAST:
# IPv6 MPLS VPN
# parse nexthop
rd_bin = nexthop_bin[0:8]
rd_type = struct.unpack('!H', rd_bin[0:2])[0]
rd_value_bin = rd_bin[2:]
if rd_type == 0:
asn, an = struct.unpack('!HI', rd_value_bin)
ipv6 = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin[8:]), 16)))
nexthop = {'rd': '%s:%s' % (asn, an), 'str': ipv6}
# TODO(xiaoquwl) for other RD type decoding
else:
nexthop = repr(nexthop_bin[8:])
# parse nlri
nlri = IPv6MPLSVPN.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
else:
return dict(afi_safi=(afi, safi), nexthop=nexthop_bin, nlri=nlri_bin)
# for l2vpn
elif afi == afn.AFNUM_L2VPN:
if safi == safn.SAFNUM_EVPN:
nexthop = str(netaddr.IPAddress(int(binascii.b2a_hex(nexthop_bin), 16)))
nlri = EVPN.parse(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop, nlri=nlri)
else:
nlri = repr(nlri_bin)
else:
nlri = repr(nlri_bin)
return dict(afi_safi=(afi, safi), nexthop=nexthop_bin, nlri=nlri_bin)
def test_parse_nlri_prefix(self):
raw_hex = b'\x01\x18\x6e\x01\x01'
self.assertEqual({bgp_cons.BGPNLRI_FSPEC_DST_PFIX: '110.1.1.0/24'},
IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_src_port(self):
raw_hex = '\x06\x01\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93'
self.assertEqual([{bgp_cons.BGPNLRI_FSPEC_SRC_PORT: '=80 =8080 =8081 =8082 =8083'}],
IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_packet_length(self):
raw_hex = '\x0a\x01\xfe\x03\xfe\xd5\x01\x2c'
self.assertEqual({bgp_cons.BGPNLRI_FSPEC_PCK_LEN: '=254 >=254&<=300'},
IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_icmp_type(self):
raw_hex = '\x07\x01\x02\x01\x03\x01\x05\x81\x06'
self.assertEqual([{bgp_cons.BGPNLRI_FSPEC_ICMP_TP: '=2 =3 =5 =6'}], IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_src_port(self):
raw_hex = '\x06\x01\x50\x11\x1f\x90\x11\x1f\x91\x11\x1f\x92\x91\x1f\x93'
self.assertEqual(
{bgp_cons.BGPNLRI_FSPEC_SRC_PORT: '=80 =8080 =8081 =8082 =8083'},
IPv4FlowSpec.parse(raw_hex))
def test_construct_operators(self):
operators = '=80|=8080|=8083'
operators_bin = b'\x01\x50\x11\x1f\x90\x91\x1f\x93'
self.assertEqual(operators_bin, IPv4FlowSpec.construct_operators(operators))
def test_parse_nlri_icmp_code(self):
raw_hex = '\x08\x81\x02'
self.assertEqual({bgp_cons.BGPNLRI_FSPEC_ICMP_CD: '=2'},
IPv4FlowSpec.parse(raw_hex))
def test_parse_nlri_prefix(self):
raw_hex = '\x01\x18\x6e\x01\x01'
self.assertEqual([{bgp_cons.BGPNLRI_FSPEC_DST_PFIX: '110.1.1.0/24'}], IPv4FlowSpec.parse(raw_hex))
def test_construct_nlri(self):
nlri_bin = b'\x0a\x01\x18\xc0\x55\x02\x02\x18\xc0\x55\x01'
nlri_list = {1: '192.85.2.0/24', 2: '192.85.1.0/24'}
self.assertEqual(nlri_bin, IPv4FlowSpec.construct_nlri(nlri_list))
def test_parse_nlri_packet_length(self):
raw_hex = '\x0a\x01\xfe\x03\xfe\xd5\x01\x2c'
self.assertEqual([{bgp_cons.BGPNLRI_FSPEC_PCK_LEN: '=254 >=254&<=300'}], IPv4FlowSpec.parse(raw_hex))