-
Notifications
You must be signed in to change notification settings - Fork 228
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Only reject routes with neighbor's router-id for ibgp #541
Conversation
Re-add me as reviewer when ready for review. |
interface Loopback0 | ||
ip address 1.0.0.1/32 | ||
! | ||
interface Loopback1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could this interface be superfluous? Is it used any differently than Loopback0?
router-id 2.0.0.1 | ||
neighbor 10.12.0.2 remote-as 2 | ||
network 1.0.0.1/32 | ||
network 1.0.0.2/32 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See earlier comment about Loopback1.
assertTrue(r2aPrefixes.contains(r1Loopback0Prefix)); | ||
assertTrue(r2aPrefixes.contains(r1Loopback1Prefix)); | ||
assertTrue(r2bPrefixes.contains(r1Loopback0Prefix)); | ||
assertTrue(r2bPrefixes.contains(r1Loopback1Prefix)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do we learn from the presence of the advertised prefixes on r2b
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please address comments about unnecessary structures and iBGP connection discipline.
|
||
@Test | ||
public void testEbgpAcceptSameNeighborID() throws IOException { | ||
String testrigName = "ibgp-only-reject-routerid-match"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The name of this testrig is not meaningfully different from the name of the other testrig. Perhaps name them after the test function names?
router bgp 1 | ||
!!! This router ID is the same as r3 | ||
router-id 9.9.9.9 | ||
neighbor 10.12.0.2 remote-as 2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please peer on loopbacks for iBGP. Use static routes for each loopback that must be reached as a neighbor address.
ip routing | ||
! | ||
route-map 1-to-2 permit 200 | ||
route-map 3-to-2 permit 200 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These route-maps and their applications in the bgp stanza serve no purpose.
router bgp 1 | ||
!!! This router ID is the same as r3 | ||
router-id 9.9.9.9 | ||
neighbor 10.14.0.4 remote-as 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use loopbacks to establish iBGP sessions. Add static routes to those loopbacks wherever they are referred to. The next hop should be the physical interface address of the neighbor.
! | ||
router bgp 1 | ||
router-id 2.2.2.2 | ||
neighbor 10.24.0.4 remote-as 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use loopbacks to establish iBGP sessions. Add static routes to those loopbacks wherever they are referred to. The next hop should be the physical interface address of the neighbor.
router bgp 1 | ||
!!! same ID as r1 | ||
router-id 9.9.9.9 | ||
neighbor 10.34.0.4 remote-as 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use loopbacks to establish iBGP sessions. Add static routes to those loopbacks wherever they are referred to. The next hop should be the physical interface address of the neighbor.
! | ||
router bgp 1 | ||
router-id 4.4.4.4 | ||
neighbor 10.14.0.1 remote-as 1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use loopbacks to establish iBGP sessions. Add static routes to those loopbacks wherever they are referred to. The next hop should be the physical interface address of the neighbor.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Almost ready.. just a couple more simple changes needed.
interface Loopback0 | ||
ip address 3.0.0.3/32 | ||
! | ||
ip route 2.0.0.1/32 10.22.0.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not necessary for eBGP.
ip routing | ||
! | ||
route-map 1-to-2 permit 200 | ||
route-map 3-to-2 permit 200 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove these route-maps and their references below.
! | ||
!ip route 1.0.0.1/32 10.14.0.1 | ||
!ip route 2.0.0.1/32 10.24.0.2 | ||
!ip route 3.0.0.1/32 10.34.0.3 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These routes should not be commented.
…es as highlighted by Ari.
Looks good. Sending to @dhalperi for review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor suggestions.
@@ -820,7 +820,8 @@ public int propagateBgpRoutes(Map<String, Node> nodes, Map<Ip, Set<String>> ipOw | |||
|
|||
Ip remoteOriginatorIp = bgpRemoteRoute.getOriginatorIp(); | |||
// don't accept routes whose originator ip is my BGP id |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
update comment? external BGP routes?
Prefix r1Loopback0Prefix = new Prefix("1.0.0.1/32"); | ||
Prefix r3Loopback0Prefix = new Prefix("3.0.0.3/32"); | ||
// Ensure that r3loopback was accepted by r1 | ||
assertTrue(r1Prefixes.contains(r3Loopback0Prefix)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
assertThat(r1Prefixes, contains(r3Loopback0prefix))
Will produce better error messages.
(e.g.,
"Expecting an iterable containing X, but was an iterable: [a,b,c]"
// Ensure that the prefix is accepted by r2, because router ids are different | ||
assertTrue(r2Prefixes.contains(r1AdvertisedPrefix)); | ||
// Ensure that the prefix is rejected by r3, because router ids are the same | ||
assertFalse(r3Prefixes.contains(r1AdvertisedPrefix)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same assert questions as before
SortedSet<AbstractRoute> r2Routes = routes.get("r2").get(Configuration.DEFAULT_VRF_NAME); | ||
SortedSet<AbstractRoute> r3Routes = routes.get("r3").get(Configuration.DEFAULT_VRF_NAME); | ||
Set<Prefix> r2Prefixes = r2Routes.stream().map(r -> r.getNetwork()).collect(Collectors.toSet()); | ||
Set<Prefix> r3Prefixes = r3Routes.stream().map(r -> r.getNetwork()).collect(Collectors.toSet()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Style advice: I like to structure my tests into 2/3 clear sections.
- Initialization ("nothing interesting here") and constants.
- The actual code that is under test. As short as possible.
- Assertions. (perhaps merged with 2, if 2 is one line.)
I usually have whitespace and/or comments between them.
Also, make use of helpers for any common code. (see makeFlow
, makeAcl
, etc.)
An example: fd022f5#diff-7ee7600d68323ad23eae06bf4434516cR71
I learned this over time as a pattern that makes tests readable -- all the "background" is at the top and all the "tests" are at the bottom. Whitespace helps.
Feel free to go your own way.
@progwriter Please add tests. (Not ready for review).