def test_custom_bgp_communities_ok(self):
"""{}: custom BGP communities"""
clients_config = [
"clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222",
" ip: 192.0.2.21", " cfg:",
" attach_custom_communities:"
]
yaml_lines = clients_config + [
" - test1",
" - test2",
]
general = ConfigParserGeneral()
general._load_from_yaml("\n".join([
"cfg:", " rs_as: 999", " router_id: 192.0.2.2",
" custom_communities:", " test1:", " std: '1:1'"
]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(yaml_lines))
self._contains_err(
"The custom BGP community test2 referenced on client AS222 192.0.2.21 is not declared on the general configuration."
)
yaml_lines = clients_config + [
" - test1",
]
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(yaml_lines))
self._contains_err()
def test_include1(self):
"""{}: general config, 1 !include statement"""
cfg = ConfigParserGeneral()
cfg.file_dir = os.path.dirname(__file__)
cfg._load_from_yaml("cfg:\n"
" rs_as: 999\n"
" router_id: 192.0.2.2\n"
" !include yaml_include1.yml\n")
cfg.parse()
self.assertEqual(cfg["blackhole_filtering"]["policy_ipv6"],
"propagate-unchanged")
def test_include2_2levels(self):
"""{}: general config, 3 !include statements, 2 levels"""
cfg = ConfigParserGeneral()
cfg.file_dir = os.path.dirname(__file__)
cfg._load_from_yaml("cfg:\n"
" rs_as: 999\n"
" router_id: 192.0.2.2\n"
" !include yaml_include1.yml\n"
" !include yaml_include2.yml\n"
" !include yaml_include3.yml\n")
cfg.parse()
self.assertEqual(cfg["blackhole_filtering"]["policy_ipv6"],
"propagate-unchanged")
self.assertEqual(cfg["filtering"]["next_hop"]["policy"], "same-as")
self.assertEqual(cfg["filtering"]["ipv4_pref_len"]["min"], 1)
self.assertEqual(cfg["filtering"]["ipv4_pref_len"]["max"], 2)
self.assertEqual(cfg["filtering"]["ipv6_pref_len"]["min"], 1)
self.assertEqual(cfg["filtering"]["ipv6_pref_len"]["max"], 2)
def test_multiple_ip_addresses(self):
"""{}: clients with multiple IP addresses"""
clients_config = [
"clients:",
" - asn: 111",
" ip:",
" - '192.0.2.11'",
" - '2001:db8:1:1::11'",
" - asn: 222",
" ip:",
" - '192.0.2.21'",
" - '2001:db8:1:1::21'",
]
general = ConfigParserGeneral()
general._load_from_yaml("\n".join([
"cfg:",
" rs_as: 999",
" router_id: 192.0.2.2",
]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(clients_config))
self._contains_err()
# Duplicate address.
clients_config = [
"clients:",
" - asn: 111",
" ip:",
" - '192.0.2.11'",
" - '2001:db8:1:1::11'",
" - asn: 222",
" ip:",
" - '192.0.2.11'",
" - '2001:db8:1:1::21'",
]
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(clients_config))
self._contains_err("Duplicate IP address found: 192.0.2.11")
def test_global_only_option(self):
"""{}: global only option"""
clients_config = [
"clients:", " - asn: 222", " ip: 192.0.2.21", " cfg:",
" filtering:", " irrdb:",
" allow_longer_prefixes: True"
]
general = ConfigParserGeneral()
general._load_from_yaml("\n".join([
"cfg:",
" rs_as: 999",
" router_id: 192.0.2.2",
]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(clients_config))
self._contains_err(
"Unknown statement at 'clients.cfg.filtering.irrdb' level: 'allow_longer_prefixes'"
)
def test_blackhole_filtering_propagation(self):
"""{}: inherit from general cfg - blackhole filtering"""
clients_config = [
"clients:",
" - asn: 111",
" ip: 192.0.2.11",
" cfg:",
" blackhole_filtering:",
" - asn: 222",
" ip: 192.0.2.21",
" cfg:",
" blackhole_filtering:",
" announce_to_client: True",
" - asn: 333",
" ip: 192.0.2.31",
" cfg:",
" blackhole_filtering:",
" announce_to_client: False",
]
general = ConfigParserGeneral()
general._load_from_yaml("\n".join([
"cfg:",
" rs_as: 999",
" router_id: 192.0.2.2",
]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(clients_config))
self.cfg.parse()
self._contains_err()
self.assertIs(general["blackhole_filtering"]["announce_to_client"],
True)
client = self.cfg[0]
self.assertIs(
client["cfg"]["blackhole_filtering"]["announce_to_client"], True)
client = self.cfg[1]
self.assertIs(
client["cfg"]["blackhole_filtering"]["announce_to_client"], True)
client = self.cfg[2]
self.assertIs(
client["cfg"]["blackhole_filtering"]["announce_to_client"], False)
# ------------------------
general = ConfigParserGeneral()
general._load_from_yaml("\n".join([
"cfg:", " rs_as: 999", " router_id: 192.0.2.2",
" blackhole_filtering:", " announce_to_client: False"
]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join(clients_config))
self.cfg.parse()
self._contains_err()
self.assertTrue(
general["blackhole_filtering"]["announce_to_client"] is False)
client = self.cfg[0]
self.assertIs(
client["cfg"]["blackhole_filtering"]["announce_to_client"], False)
client = self.cfg[1]
self.assertIs(
client["cfg"]["blackhole_filtering"]["announce_to_client"], True)
client = self.cfg[2]
self.assertIs(
client["cfg"]["blackhole_filtering"]["announce_to_client"], False)
def test_inherit_from_general_cfg(self):
"""{}: inherit from general cfg"""
general = ConfigParserGeneral()
general._load_from_yaml("\n".join(
["cfg:", " rs_as: 999", " router_id: 192.0.2.2"]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join([
"clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222",
" ip: 192.0.2.21", " cfg:", " passive: False",
" prepend_rs_as: True", " add_path: True",
" filtering:", " irrdb:",
" enforce_origin_in_as_set: False",
" enforce_prefix_in_as_set: False",
" white_list_pref:", " - prefix: 192.0.2.0",
" length: 24", " white_list_asn:",
" - 11", " - 12",
" white_list_route:", " - prefix: 192.0.2.0",
" length: 24", " le: 32",
" asn: 65534", " rpki_bgp_origin_validation:",
" enabled: True", " reject_invalid: False",
" reject_invalid_as_in_as_path: False",
" max_as_path_len: 64", " ipv4_pref_len:",
" min: 1", " max: 2", " ipv6_pref_len:",
" min: 3", " max: 4",
" # test pre v0.6.0 format for next_hop",
" next_hop_policy: same-as", " max_prefix:",
" # test pre v0.13.0 format for peering_db",
" peering_db: False", " limit_ipv4: 10",
" limit_ipv6: 20", " reject_policy:",
" policy: tag", " graceful_shutdown:",
" enabled: True", " - asn: 333", " ip: 192.0.2.31",
" cfg:", " filtering:", " next_hop:",
" policy: 'authorized_addresses'",
" authorized_addresses_list:",
" - '192.0.2.31'", " - '192.0.2.32'",
" - '2001:db8:0:0::31'", " irrdb:",
" # testing optional ASN", " white_list_route:",
" - prefix: 192.0.2.0", " length: 24",
" le: 32"
]))
self.cfg.parse()
self._contains_err()
client = self.cfg[0]
self.assertEqual(client["cfg"]["passive"], True)
self.assertEqual(client["cfg"]["add_path"], False)
self.assertEqual(client["cfg"]["prepend_rs_as"], False)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["enforce_origin_in_as_set"],
True)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["enforce_prefix_in_as_set"],
True)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_pref"], None)
self.assertEqual(client["cfg"]["filtering"]["irrdb"]["white_list_asn"],
None)
self.assertEqual(
client["cfg"]["filtering"]["rpki_bgp_origin_validation"]
["enabled"], False)
self.assertEqual(
client["cfg"]["filtering"]["rpki_bgp_origin_validation"]
["reject_invalid"], True)
self.assertEqual(
client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], True)
self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 32)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 8)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"],
24)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"],
12)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"],
48)
self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"],
"strict")
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], None)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], None)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["peering_db"]["enabled"],
True)
self.assertEqual(client["cfg"]["filtering"]["reject_policy"]["policy"],
"reject")
client = self.cfg[1]
self.assertEqual(client["cfg"]["passive"], False)
self.assertEqual(client["cfg"]["add_path"], True)
self.assertEqual(client["cfg"]["prepend_rs_as"], True)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["enforce_origin_in_as_set"],
False)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["enforce_prefix_in_as_set"],
False)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_pref"][0]
["prefix"], "192.0.2.0")
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_pref"][0]
["length"], 24)
self.assertEqual(client["cfg"]["filtering"]["irrdb"]["white_list_asn"],
[11, 12])
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]
["prefix"], "192.0.2.0")
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]
["length"], 24)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["le"],
32)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["asn"],
65534)
self.assertEqual(
client["cfg"]["filtering"]["rpki_bgp_origin_validation"]
["enabled"], True)
self.assertEqual(
client["cfg"]["filtering"]["rpki_bgp_origin_validation"]
["reject_invalid"], False)
self.assertEqual(
client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], False)
self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 64)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 1)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 2)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 3)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 4)
self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"],
"same-as")
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], 10)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], 20)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["peering_db"]["enabled"],
False)
self.assertEqual(client["cfg"]["filtering"]["reject_policy"]["policy"],
"tag")
self.assertEqual(client["cfg"]["graceful_shutdown"]["enabled"], True)
client = self.cfg[2]
self.assertEqual(client["cfg"]["filtering"]["next_hop"]["policy"],
"authorized_addresses")
self.assertEqual(
client["cfg"]["filtering"]["next_hop"]
["authorized_addresses_list"],
["192.0.2.31", "192.0.2.32", "2001:db8:0:0::31"])
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]
["prefix"], "192.0.2.0")
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]
["length"], 24)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["le"],
32)
self.assertEqual(
client["cfg"]["filtering"]["irrdb"]["white_list_route"][0]["asn"],
None)
def test_inherit_from_general_cfg(self):
"""{}: inherit from general cfg"""
general = ConfigParserGeneral()
general._load_from_yaml("\n".join(
["cfg:", " rs_as: 999", " router_id: 192.0.2.2"]))
general.parse()
self.cfg = ConfigParserClients(general_cfg=general)
self.cfg._load_from_yaml("\n".join([
"clients:", " - asn: 111", " ip: 192.0.2.11", " - asn: 222",
" ip: 192.0.2.21", " cfg:", " passive: False",
" prepend_rs_as: True", " add_path: True",
" filtering:", " rpsl:",
" enforce_origin_in_as_set: False",
" enforce_prefix_in_as_set: False", " rpki:",
" enabled: True",
" reject_invalid_as_in_as_path: False",
" max_as_path_len: 64", " ipv4_pref_len:",
" min: 1", " max: 2", " ipv6_pref_len:",
" min: 3", " max: 4",
" next_hop_policy: same-as", " max_prefix:",
" peering_db: False", " limit_ipv4: 10",
" limit_ipv6: 20"
]))
self.cfg.parse()
self._contains_err()
client = self.cfg[0]
self.assertEqual(client["cfg"]["passive"], True)
self.assertEqual(client["cfg"]["add_path"], False)
self.assertEqual(client["cfg"]["prepend_rs_as"], False)
self.assertEqual(
client["cfg"]["filtering"]["rpsl"]["enforce_origin_in_as_set"],
True)
self.assertEqual(
client["cfg"]["filtering"]["rpsl"]["enforce_prefix_in_as_set"],
True)
self.assertEqual(client["cfg"]["filtering"]["rpki"]["enabled"], False)
self.assertEqual(
client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], True)
self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 32)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 8)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"],
24)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"],
12)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"],
48)
self.assertEqual(client["cfg"]["filtering"]["next_hop_policy"],
"strict")
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], None)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], None)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["peering_db"], True)
client = self.cfg[1]
self.assertEqual(client["cfg"]["passive"], False)
self.assertEqual(client["cfg"]["add_path"], True)
self.assertEqual(client["cfg"]["prepend_rs_as"], True)
self.assertEqual(
client["cfg"]["filtering"]["rpsl"]["enforce_origin_in_as_set"],
False)
self.assertEqual(
client["cfg"]["filtering"]["rpsl"]["enforce_prefix_in_as_set"],
False)
self.assertEqual(client["cfg"]["filtering"]["rpki"]["enabled"], True)
self.assertEqual(
client["cfg"]["filtering"]["reject_invalid_as_in_as_path"], False)
self.assertEqual(client["cfg"]["filtering"]["max_as_path_len"], 64)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["min"], 1)
self.assertEqual(client["cfg"]["filtering"]["ipv4_pref_len"]["max"], 2)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["min"], 3)
self.assertEqual(client["cfg"]["filtering"]["ipv6_pref_len"]["max"], 4)
self.assertEqual(client["cfg"]["filtering"]["next_hop_policy"],
"same-as")
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv4"], 10)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["limit_ipv6"], 20)
self.assertEqual(
client["cfg"]["filtering"]["max_prefix"]["peering_db"], False)