From fa8524aad0a2010cdce9964ba5c36a9a0f47832c Mon Sep 17 00:00:00 2001
From: Louis Scalbert <louis.scalbert@6wind.com>
Date: Wed, 28 Feb 2024 14:12:19 +0100
Subject: [PATCH] topotest: add bgp_bmp_vrf topotest

Add test to check BMP in VRF.

Note that the following configuration works with interface r1-eth0
towards 192.0.2.10 (BMP collector) in the default VRF but not in vrf1.

> router bgp 65501 vrf vrf1
>  bmp targets bmp1
>   bmp connect 192.0.2.10 port 1789 min-retry 100 max-retry 10000

Also, for some reasons, the test works even without "bgpd: bmp loc-rib
peer up/down for vrfs" commit.

Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
---
 tests/topotests/bgp_bmp_vrf/__init__.py       |   0
 tests/topotests/bgp_bmp_vrf/r1/bgpd.conf      |  23 ++
 tests/topotests/bgp_bmp_vrf/r1/zebra.conf     |   7 +
 tests/topotests/bgp_bmp_vrf/r2/bgpd.conf      |  19 +
 tests/topotests/bgp_bmp_vrf/r2/zebra.conf     |   8 +
 .../topotests/bgp_bmp_vrf/test_bgp_bmp_vrf.py | 326 ++++++++++++++++++
 6 files changed, 383 insertions(+)
 create mode 100644 tests/topotests/bgp_bmp_vrf/__init__.py
 create mode 100644 tests/topotests/bgp_bmp_vrf/r1/bgpd.conf
 create mode 100644 tests/topotests/bgp_bmp_vrf/r1/zebra.conf
 create mode 100644 tests/topotests/bgp_bmp_vrf/r2/bgpd.conf
 create mode 100644 tests/topotests/bgp_bmp_vrf/r2/zebra.conf
 create mode 100644 tests/topotests/bgp_bmp_vrf/test_bgp_bmp_vrf.py

diff --git a/tests/topotests/bgp_bmp_vrf/__init__.py b/tests/topotests/bgp_bmp_vrf/__init__.py
new file mode 100644
index 000000000000..e69de29bb2d1
diff --git a/tests/topotests/bgp_bmp_vrf/r1/bgpd.conf b/tests/topotests/bgp_bmp_vrf/r1/bgpd.conf
new file mode 100644
index 000000000000..994cdbf68ea7
--- /dev/null
+++ b/tests/topotests/bgp_bmp_vrf/r1/bgpd.conf
@@ -0,0 +1,23 @@
+router bgp 65501 vrf vrf1
+ bgp router-id 192.168.0.1
+ bgp log-neighbor-changes
+ no bgp ebgp-requires-policy
+ neighbor 192.168.0.2 remote-as 65502
+ neighbor 192:168::2 remote-as 65502
+!
+ bmp targets bmp1
+  bmp connect 192.0.2.10 port 1789 min-retry 100 max-retry 10000
+ exit
+!
+
+ address-family ipv4 unicast
+  neighbor 192.168.0.2 activate
+  neighbor 192.168.0.2 soft-reconfiguration inbound
+  no neighbor 192:168::2 activate
+ exit-address-family
+!
+ address-family ipv6 unicast
+  neighbor 192:168::2 activate
+  neighbor 192:168::2 soft-reconfiguration inbound
+ exit-address-family
+!
diff --git a/tests/topotests/bgp_bmp_vrf/r1/zebra.conf b/tests/topotests/bgp_bmp_vrf/r1/zebra.conf
new file mode 100644
index 000000000000..0b523c9e18d8
--- /dev/null
+++ b/tests/topotests/bgp_bmp_vrf/r1/zebra.conf
@@ -0,0 +1,7 @@
+interface r1-eth0
+ ip address 192.0.2.1/24
+!
+interface r1-eth1
+ ip address 192.168.0.1/24
+ ipv6 address 192:168::1/64
+!
diff --git a/tests/topotests/bgp_bmp_vrf/r2/bgpd.conf b/tests/topotests/bgp_bmp_vrf/r2/bgpd.conf
new file mode 100644
index 000000000000..7c8255a17563
--- /dev/null
+++ b/tests/topotests/bgp_bmp_vrf/r2/bgpd.conf
@@ -0,0 +1,19 @@
+router bgp 65502
+ bgp router-id 192.168.0.2
+ bgp log-neighbor-changes
+ no bgp ebgp-requires-policy
+ no bgp network import-check
+ neighbor 192.168.0.1 remote-as 65501
+ neighbor 192:168::1 remote-as 65501
+!
+ address-family ipv4 unicast
+  neighbor 192.168.0.1 activate
+  no neighbor 192:168::1 activate
+  redistribute connected
+ exit-address-family
+!
+ address-family ipv6 unicast
+  neighbor 192:168::1 activate
+  redistribute connected
+ exit-address-family
+!
diff --git a/tests/topotests/bgp_bmp_vrf/r2/zebra.conf b/tests/topotests/bgp_bmp_vrf/r2/zebra.conf
new file mode 100644
index 000000000000..9d82bfe2df5c
--- /dev/null
+++ b/tests/topotests/bgp_bmp_vrf/r2/zebra.conf
@@ -0,0 +1,8 @@
+interface r2-eth0
+ ip address 192.168.0.2/24
+ ipv6 address 192:168::2/64
+!
+interface r2-eth1
+ ip address 172.31.0.2/24
+ ipv6 address 172:31::2/64
+!
diff --git a/tests/topotests/bgp_bmp_vrf/test_bgp_bmp_vrf.py b/tests/topotests/bgp_bmp_vrf/test_bgp_bmp_vrf.py
new file mode 100644
index 000000000000..b683920d2e70
--- /dev/null
+++ b/tests/topotests/bgp_bmp_vrf/test_bgp_bmp_vrf.py
@@ -0,0 +1,326 @@
+#!/usr/bin/env python
+# SPDX-License-Identifier: ISC
+
+# Copyright 2023 6WIND S.A.
+# Authored by Farid Mihoub <farid.mihoub@6wind.com>
+#
+
+"""
+test_bgp_bmp.py: Test BGP BMP functionalities
+
+    +------+            +------+               +------+
+    |      |            |      |               |      |
+    | BMP1 |------------|  R1  |---------------|  R2  |
+    |      |            |      |               |      |
+    +------+            +------+               +------+
+
+Setup two routers R1 and R2 with one link configured with IPv4 and
+IPv6 addresses.
+Configure BGP in R1 and R2 to exchange prefixes from
+the latter to the first router.
+Setup a link between R1 and the BMP server, activate the BMP feature in R1
+and ensure the monitored BGP sessions logs are well present on the BMP server.
+"""
+
+from functools import partial
+from ipaddress import ip_network
+import json
+import os
+import platform
+import pytest
+import sys
+
+# Save the Current Working Directory to find configuration files.
+CWD = os.path.dirname(os.path.realpath(__file__))
+sys.path.append(os.path.join("../"))
+sys.path.append(os.path.join("../lib/"))
+
+# pylint: disable=C0413
+# Import topogen and topotest helpers
+from lib import topotest
+from lib.bgp import verify_bgp_convergence_from_running_config
+from lib.topogen import Topogen, TopoRouter, get_topogen
+from lib.topolog import logger
+
+pytestmark = [pytest.mark.bgpd]
+
+# remember the last sequence number of the logging messages
+SEQ = 0
+
+PRE_POLICY = "pre-policy"
+POST_POLICY = "post-policy"
+LOC_RIB = "loc-rib"
+
+
+def build_topo(tgen):
+    tgen.add_router("r1")
+    tgen.add_router("r2")
+    tgen.add_bmp_server("bmp1", ip="192.0.2.10", defaultRoute="via 192.0.2.1")
+
+    switch = tgen.add_switch("s1")
+    switch.add_link(tgen.gears["r1"])
+    switch.add_link(tgen.gears["bmp1"])
+
+    tgen.add_link(tgen.gears["r1"], tgen.gears["r2"], "r1-eth1", "r2-eth0")
+
+
+def setup_module(mod):
+    tgen = Topogen(build_topo, mod.__name__)
+    tgen.start_topology()
+
+    tgen.net["r1"].cmd(
+        """
+ip link add vrf1 type vrf table 10
+ip link set vrf1 up
+ip link set r1-eth1 master vrf1
+"""
+    )
+
+    for rname, router in tgen.routers().items():
+        router.load_config(
+            TopoRouter.RD_ZEBRA, os.path.join(CWD, "{}/zebra.conf".format(rname))
+        )
+        router.load_config(
+            TopoRouter.RD_BGP,
+            os.path.join(CWD, "{}/bgpd.conf".format(rname)),
+            "-M bmp",
+        )
+
+    tgen.start_router()
+
+    logger.info("starting BMP servers")
+    for bmp_name, server in tgen.get_bmp_servers().items():
+        server.start(log_file=os.path.join(tgen.logdir, bmp_name, "bmp.log"))
+
+
+def teardown_module(_mod):
+    tgen = get_topogen()
+    tgen.stop_topology()
+
+
+def test_bgp_convergence():
+    tgen = get_topogen()
+    if tgen.routers_have_failure():
+        pytest.skip(tgen.errors)
+
+    result = verify_bgp_convergence_from_running_config(tgen, dut="r1")
+    assert result is True, "BGP is not converging"
+
+
+def get_bmp_messages():
+    """
+    Read the BMP logging messages.
+    """
+    messages = []
+    tgen = get_topogen()
+    text_output = tgen.gears["bmp1"].run(
+        "cat {}".format(os.path.join(tgen.logdir, "bmp1", "bmp.log"))
+    )
+
+    for m in text_output.splitlines():
+        # some output in the bash can break the message decoding
+        try:
+            messages.append(json.loads(m))
+        except Exception as e:
+            logger.warning(str(e) + " message: {}".format(str(m)))
+            continue
+
+    if not messages:
+        logger.error("Bad BMP log format, check your BMP server")
+
+    return messages
+
+
+def check_for_prefixes(expected_prefixes, bmp_log_type, policy, labels=None):
+    """
+    Check for the presence of the given prefixes in the BMP server logs with
+    the given message type and the set policy.
+    """
+    global SEQ
+    # we care only about the new messages
+    messages = [
+        m for m in sorted(get_bmp_messages(), key=lambda d: d["seq"]) if m["seq"] > SEQ
+    ]
+
+    # get the list of pairs (prefix, policy, seq) for the given message type
+    prefixes = [
+        m["ip_prefix"]
+        for m in messages
+        if "ip_prefix" in m.keys()
+        and "bmp_log_type" in m.keys()
+        and m["bmp_log_type"] == bmp_log_type
+        and m["policy"] == policy
+        and (
+            labels is None
+            or (
+                m["ip_prefix"] in labels.keys() and m["label"] == labels[m["ip_prefix"]]
+            )
+        )
+    ]
+
+    # check for prefixes
+    for ep in expected_prefixes:
+        if ep not in prefixes:
+            msg = "The prefix {} is not present in the {} log messages."
+            logger.debug(msg.format(ep, bmp_log_type))
+            return False
+
+    SEQ = messages[-1]["seq"]
+    return True
+
+
+def check_for_peer_message(expected_peers, bmp_log_type):
+    """
+    Check for the presence of a peer up message for the peer
+    """
+    global SEQ
+    # we care only about the new messages
+    messages = [
+        m for m in sorted(get_bmp_messages(), key=lambda d: d["seq"]) if m["seq"] > SEQ
+    ]
+
+    # get the list of pairs (prefix, policy, seq) for the given message type
+    peers = [
+        m["peer_ip"]
+        for m in messages
+        if "peer_ip" in m.keys() and m["bmp_log_type"] == bmp_log_type
+    ]
+
+    # check for prefixes
+    for ep in expected_peers:
+        if ep not in peers:
+            msg = "The peer {} is not present in the {} log messages."
+            logger.debug(msg.format(ep, bmp_log_type))
+            return False
+
+    SEQ = messages[-1]["seq"]
+    return True
+
+
+def set_bmp_policy(tgen, node, asn, target, safi, policy, vrf=None):
+    """
+    Configure the bmp policy.
+    """
+    vrf = " vrf {}".format(vrf) if vrf else ""
+    cmd = [
+        "con t\n",
+        "router bgp {}{}\n".format(asn, vrf),
+        "bmp targets {}\n".format(target),
+        "bmp monitor ipv4 {} {}\n".format(safi, policy),
+        "bmp monitor ipv6 {} {}\n".format(safi, policy),
+        "end\n",
+    ]
+    tgen.gears[node].vtysh_cmd("".join(cmd))
+
+
+def configure_prefixes(tgen, node, asn, safi, prefixes, vrf=None, update=True):
+    """
+    Configure the bgp prefixes.
+    """
+    withdraw = "no " if not update else ""
+    vrf = " vrf {}".format(vrf) if vrf else ""
+    for p in prefixes:
+        ip = ip_network(p)
+        cmd = [
+            "conf t\n",
+            "router bgp {}{}\n".format(asn, vrf),
+            "address-family ipv{} {}\n".format(ip.version, safi),
+            "{}network {}\n".format(withdraw, ip),
+            "exit-address-family\n",
+        ]
+        logger.debug("setting prefix: ipv{} {} {}".format(ip.version, safi, ip))
+        tgen.gears[node].vtysh_cmd("".join(cmd))
+
+
+def unicast_prefixes(policy):
+    """
+    Setup the BMP  monitor policy, Add and withdraw ipv4/v6 prefixes.
+    Check if the previous actions are logged in the BMP server with the right
+    message type and the right policy.
+    """
+    tgen = get_topogen()
+    set_bmp_policy(tgen, "r1", 65501, "bmp1", "unicast", policy, vrf="vrf1")
+
+    prefixes = ["172.31.0.15/32", "2111::1111/128"]
+    # add prefixes
+    configure_prefixes(tgen, "r2", 65502, "unicast", prefixes)
+
+    logger.info("checking for updated prefixes")
+    # check
+    test_func = partial(check_for_prefixes, prefixes, "update", policy)
+    success, _ = topotest.run_and_expect(test_func, True, wait=0.5)
+    assert success, "Checking the updated prefixes has been failed !."
+
+    # withdraw prefixes
+    configure_prefixes(tgen, "r2", 65502, "unicast", prefixes, update=False)
+    logger.info("checking for withdrawed prefxies")
+    # check
+    test_func = partial(check_for_prefixes, prefixes, "withdraw", policy)
+    success, _ = topotest.run_and_expect(test_func, True, wait=0.5)
+    assert success, "Checking the withdrawed prefixes has been failed !."
+
+
+def test_bmp_server_logging():
+    """
+    Assert the logging of the bmp server.
+    """
+
+    def check_for_log_file():
+        tgen = get_topogen()
+        output = tgen.gears["bmp1"].run(
+            "ls {}".format(os.path.join(tgen.logdir, "bmp1"))
+        )
+        if "bmp.log" not in output:
+            return False
+        return True
+
+    success, _ = topotest.run_and_expect(check_for_log_file, True, wait=0.5)
+    assert success, "The BMP server is not logging"
+
+
+def test_peer_up():
+    """
+    Checking for BMP peers up messages
+    """
+
+    peers = ["192.168.0.2", "192:168::2"]
+
+    logger.info("checking for BMP peers up messages")
+
+    test_func = partial(check_for_peer_message, peers, "peer up")
+    success, _ = topotest.run_and_expect(test_func, True, wait=0.5)
+    assert success, "Checking the updated prefixes has been failed !."
+
+
+def test_bmp_bgp_unicast():
+    """
+    Add/withdraw bgp unicast prefixes and check the bmp logs.
+    """
+    logger.info("*** Unicast prefixes pre-policy logging ***")
+    unicast_prefixes(PRE_POLICY)
+    logger.info("*** Unicast prefixes post-policy logging ***")
+    unicast_prefixes(POST_POLICY)
+    logger.info("*** Unicast prefixes loc-rib logging ***")
+    unicast_prefixes(LOC_RIB)
+
+
+def test_peer_down():
+    """
+    Checking for BMP peers down messages
+    """
+    tgen = get_topogen()
+
+    tgen.gears["r2"].vtysh_cmd("clear bgp *")
+
+    peers = ["192.168.0.2", "192:168::2"]
+
+    logger.info("checking for BMP peers down messages")
+
+    test_func = partial(check_for_peer_message, peers, "peer down")
+    success, _ = topotest.run_and_expect(test_func, True, wait=0.5)
+    assert success, "Checking the updated prefixes has been failed !."
+
+
+if __name__ == "__main__":
+    args = ["-s"] + sys.argv[1:]
+    sys.exit(pytest.main(args))