def _validate_open_msg(self, open_msg): """Validates BGP OPEN message according from application context. Parsing modules takes care of validating OPEN message that need no context. But here we validate it according to current application settings. RTC or RR/ERR are MUST capability if peer does not support either one of them we have to end session. """ assert open_msg.type == BGP_MSG_OPEN # Validate remote ASN. remote_asnum = open_msg.my_as # Since 4byte AS is not yet supported, we validate AS as old style AS. if (not is_valid_old_asn(remote_asnum) or remote_asnum != self._peer.remote_as): raise bgp.BadPeerAs() # Validate bgp version number. if open_msg.version != BGP_VERSION_NUM: raise bgp.UnsupportedVersion(BGP_VERSION_NUM) adv_caps = open_msg.opt_param for cap in adv_caps: if cap.cap_code == BGP_CAP_ROUTE_REFRESH: rr_cap_adv = cap elif cap.cap_code == BGP_CAP_ENHANCED_ROUTE_REFRESH: err_cap_adv = cap # If either RTC or RR/ERR are MUST capability if peer does not support # either one of them we have to end session as we have to request peer # to send prefixes for new VPNs that may be created automatically. # TODO(PH): Check with experts if error is suitable in this case if not (rr_cap_adv or err_cap_adv or self._check_route_fmly_adv(open_msg, RF_RTC_UC)): raise bgp.UnsupportedOptParam()
def _validate_open_msg(self, open_msg): """Validates BGP OPEN message according from application context. Parsing modules takes care of validating OPEN message that need no context. But here we validate it according to current application settings. RTC or RR/ERR are MUST capability if peer does not support either one of them we have to end session. """ assert open_msg.TYPE_CODE == Open.TYPE_CODE # Validate remote ASN. remote_asnum = open_msg.asnum # Since 4byte AS is not yet supported, we validate AS as old style AS. if (not is_valid_old_asn(remote_asnum) or remote_asnum != self._peer.remote_as): raise exceptions.BadPeerAs() # Validate bgp version number. if open_msg.version != BGP_VERSION_NUM: raise exceptions.UnsupportedVersion(BGP_VERSION_NUM) adv_caps = open_msg.caps rr_cap_adv = adv_caps.get(RouteRefreshCap.CODE) err_cap_adv = adv_caps.get(EnhancedRouteRefreshCap.CODE) # If either RTC or RR/ERR are MUST capability if peer does not support # either one of them we have to end session as we have to request peer # to send prefixes for new VPNs that may be created automatically. # TODO(PH): Check with experts if error is suitable in this case if not (rr_cap_adv or err_cap_adv or self._check_route_fmly_adv(open_msg, RF_RTC_UC)): raise exceptions.UnsupportedOptParam()
def validate_local_as(asn): if asn is None: raise MissingRequiredConf(conf_name=LOCAL_AS) if not is_valid_old_asn(asn): raise ConfigValueError(desc='Invalid local_as configuration value: %s' % asn) return asn
def validate_local_as(asn): if asn is None: raise MissingRequiredConf(conf_name=LOCAL_AS) if not is_valid_old_asn(asn): raise ConfigValueError( desc='Invalid local_as configuration value: %s' % asn) return asn
def __init__(self, origin_as, route_target): Nlri.__init__(self) # If given is not default_as and default_rt if not (origin_as is RtNlri.DEFAULT_AS and route_target is RtNlri.DEFAULT_RT): # We validate them if (not is_valid_old_asn(origin_as) or not is_valid_ext_comm_attr(route_target)): raise ValueError('Invalid params.') self._origin_as = origin_as self._route_target = route_target
def _validate_open_msg(self, open_msg): """Validates BGP OPEN message according from application context. Parsing modules takes care of validating OPEN message that need no context. But here we validate it according to current application settings. RTC or RR/ERR are MUST capability if peer does not support either one of them we have to end session. """ assert open_msg.type == BGP_MSG_OPEN # Validate remote ASN. remote_asnum = open_msg.my_as # Since 4byte AS is not yet supported, we validate AS as old style AS. if (not is_valid_old_asn(remote_asnum) or remote_asnum != self._peer.remote_as): raise bgp.BadPeerAs() # Validate bgp version number. if open_msg.version != BGP_VERSION_NUM: raise bgp.UnsupportedVersion(BGP_VERSION_NUM)
def __init__(self, version, asnum, holdtime, bgpid, caps, unrec_params=None): # Validate arguments. if version < 1: raise ValueError('Invalid version number %s' % version) if not is_valid_old_asn(asnum): raise ValueError('Invalid AS number %s' % asnum) if holdtime <= 2: raise ValueError('Holdtime has to be greater than 2 sec.') if not caps: raise ValueError('Invalid capabilities.') if not is_valid_ipv4(bgpid): raise ValueError('Invalid bgp ID, should be valid IPv4, ' 'but given %s' % bgpid) BgpMessage.__init__(self) self._version = version self._holdtime = holdtime self._asnum = asnum self._bgpid = bgpid self._caps = caps self._unrec_params = unrec_params if not unrec_params: self._unrec_params = OrderedDict()
def test_is_valid_old_asn_negative(self): eq_(False, validation.is_valid_old_asn(-1))
def test_is_valid_old_asn(self): ok_(validation.is_valid_old_asn(65000))
def validate_remote_as(asn): if not is_valid_old_asn(asn): raise ConfigValueError(desc="Invalid remote as value %s" % asn) return asn
def validate_cap_rtc_as(rtc_as): if not is_valid_old_asn(rtc_as): raise ConfigValueError(desc='Invalid RTC AS configuration value: %s' % rtc_as) return rtc_as
def test_is_valid_old_asn_over(self): eq_(False, validation.is_valid_old_asn(0xffff + 1))
def test_is_valid_old_asn_over(self): eq_(False, validation.is_valid_old_asn(0xFFFF + 1))
def validate_remote_as(asn): if not is_valid_old_asn(asn): raise ConfigValueError(desc='Invalid remote as value %s' % asn) return asn