From 309001265207c6cfc6cdee12a7ee723c08804334 Mon Sep 17 00:00:00 2001 From: Pier Carlo Chiodi Date: Tue, 10 Oct 2023 12:13:33 +0200 Subject: [PATCH] BIRD 2.13, OpenBGPD 8.2 --- .github/workflows/cicd.yml | 12 ++++---- pierky/arouteserver/builder.py | 6 ++-- pierky/arouteserver/tests/live_tests/bird.py | 4 +-- .../arouteserver/tests/live_tests/openbgpd.py | 14 ++++++++-- templates/bird/clients.j2 | 8 +++--- templates/bird/common.j2 | 28 +++++++++---------- templates/fingerprints.yml | 4 +-- utils/update_tests | 4 +-- 8 files changed, 45 insertions(+), 35 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index f5691861..3945f10d 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -76,10 +76,10 @@ jobs: run: | echo "$DOCKER_PASSWORD" | docker login --username "$DOCKER_USERNAME" --password-stdin docker pull pierky/bird:1.6.8 - docker pull pierky/bird:2.13 + docker pull pierky/bird:2.14 docker pull pierky/bird:3.0-alpha2 - docker pull pierky/openbgpd:7.8 docker pull pierky/openbgpd:8.0 + docker pull pierky/openbgpd:8.2 docker pull pierky/exabgp:4.2.7 docker pull nlnetlabs/routinator:v0.8.3 env: @@ -225,7 +225,7 @@ jobs: -e ROUTER_ID=192.0.2.124 \ -e LOCAL_PREFIXES=192.0.2.0/24,2001:db8::/32 \ -e DAEMON=openbgpd \ - -e VERSION=8.0 \ + -e VERSION=8.2 \ -e SECRET_PEERINGDB_API_KEY="${SECRET_PEERINGDB_API_KEY}" \ pierky/arouteserver:${{ matrix.docker-image.target_image }} env: @@ -237,7 +237,7 @@ jobs: -t \ --rm \ -v ~/arouteserver_configs/openbgpd.cfg:/etc/bgpd/bgpd.conf \ - pierky/openbgpd:8.0 \ + pierky/openbgpd:8.2 \ bgpd \ -f /etc/bgpd/bgpd.conf \ -d \ @@ -258,7 +258,7 @@ jobs: -v $(pwd)/examples/auto-config/bird-general.yml:/etc/arouteserver/general.yml:ro \ -v ~/arouteserver_configs:/root/arouteserver_configs \ -e DAEMON=bird \ - -e VERSION=2.13 \ + -e VERSION=2.14 \ -e SECRET_PEERINGDB_API_KEY="${SECRET_PEERINGDB_API_KEY}" \ pierky/arouteserver:${{ matrix.docker-image.target_image }} env: @@ -270,7 +270,7 @@ jobs: -t \ --rm \ -v ~/arouteserver_configs/bird.cfg:/etc/bird/bird.cfg \ - pierky/bird:2.13 \ + pierky/bird:2.14 \ bird \ -c /etc/bird/bird.cfg \ -d \ diff --git a/pierky/arouteserver/builder.py b/pierky/arouteserver/builder.py index 5bf5a3ea..150be9d9 100644 --- a/pierky/arouteserver/builder.py +++ b/pierky/arouteserver/builder.py @@ -875,9 +875,9 @@ class BIRDConfigBuilder(ConfigBuilder): AVAILABLE_VERSION = ["1.6.3", "1.6.4", "1.6.6", "1.6.7", "1.6.8", "2.0.7", "2.0.7+b962967e", "2.0.8", "2.0.9", - "2.0.10", "2.0.11", "2.13", + "2.0.10", "2.0.11", "2.13", "2.14", "3.0"] - DEFAULT_VERSION = "2.13" + DEFAULT_VERSION = "2.14" def validate_bgpspeaker_specific_configuration(self): res = True @@ -1051,7 +1051,7 @@ class OpenBGPDConfigBuilder(ConfigBuilder): LOCAL_FILES_BASE_DIR = "/etc/bgpd" AVAILABLE_VERSION = ["7.0", "7.1", "7.2", "7.3", "7.4", "7.5", "7.6", "7.7", - "7.8", "8.0"] + "7.8", "8.0", "8.2"] DEFAULT_VERSION = AVAILABLE_VERSION[-1] IGNORABLE_ISSUES = ConfigBuilder.IGNORABLE_ISSUES + \ diff --git a/pierky/arouteserver/tests/live_tests/bird.py b/pierky/arouteserver/tests/live_tests/bird.py index f01a4072..fa842f1a 100644 --- a/pierky/arouteserver/tests/live_tests/bird.py +++ b/pierky/arouteserver/tests/live_tests/bird.py @@ -331,11 +331,11 @@ def _birdcl(self, cmd): class BIRD2Instance(BIRDInstance): - DOCKER_IMAGE = "pierky/bird:2.13" + DOCKER_IMAGE = "pierky/bird:2.14" TAG = "bird2" - TARGET_VERSION = "2.13" + TARGET_VERSION = "2.14" def _get_start_cmd(self): return "bird -c /etc/bird/bird.conf -d" diff --git a/pierky/arouteserver/tests/live_tests/openbgpd.py b/pierky/arouteserver/tests/live_tests/openbgpd.py index 97698653..d99ce786 100644 --- a/pierky/arouteserver/tests/live_tests/openbgpd.py +++ b/pierky/arouteserver/tests/live_tests/openbgpd.py @@ -661,5 +661,15 @@ class OpenBGPD80PortableInstance(OpenBGPDPortableInstance): TARGET_VERSION = "8.0" -OpenBGPDPortablePreviousInstance = OpenBGPD78PortableInstance -OpenBGPDPortableLatestInstance = OpenBGPD80PortableInstance +class OpenBGPD82PortableInstance(OpenBGPDPortableInstance): + + DOCKER_IMAGE = "pierky/openbgpd:8.2" + + TAG = "openbgpd82p" + + BGP_SPEAKER_VERSION = "8.2" + TARGET_VERSION = "8.2" + + +OpenBGPDPortablePreviousInstance = OpenBGPD80PortableInstance +OpenBGPDPortableLatestInstance = OpenBGPD82PortableInstance diff --git a/templates/bird/clients.j2 b/templates/bird/clients.j2 index 87d4a7f2..968eb913 100644 --- a/templates/bird/clients.j2 +++ b/templates/bird/clients.j2 @@ -39,7 +39,7 @@ reject {{ err_msg }}; {% for client in clients|sort(attribute="id") if client.ip is current_ipver %} # AS-SET for {{ client.id }} -function origin_as_is_in_{{ client.id }}_as_set() { +function origin_as_is_in_{{ client.id }}_as_set(){% if "2.14"|target_version_ge %} -> bool{% endif %} { {% if client.cfg.filtering.irrdb.as_set_bundle_ids %} {% for as_set_bundle_id in client.cfg.filtering.irrdb.as_set_bundle_ids|sort %} {% if irrdb_info[as_set_bundle_id].asns %} @@ -54,7 +54,7 @@ function origin_as_is_in_{{ client.id }}_as_set() { } # R-SET for {{ client.id }} -function prefix_is_in_{{ client.id }}_as_set() { +function prefix_is_in_{{ client.id }}_as_set(){% if "2.14"|target_version_ge %} -> bool{% endif %} { {% if client.cfg.filtering.irrdb.as_set_bundle_ids %} {% for as_set_bundle_id in client.cfg.filtering.irrdb.as_set_bundle_ids|sort %} {% set this_ip_ver = client.ip|ipaddr_ver %} @@ -76,7 +76,7 @@ function prefix_is_in_{{ client.id }}_as_set() { return false; } -function next_hop_is_valid_for_{{ client.id }}() +function next_hop_is_valid_for_{{ client.id }}(){% if "2.14"|target_version_ge %} -> bool{% endif +%} { # Checks if NEXT_HOP is one of those allowed for routes announced by {{ client.id }} {% if client.ip|ipaddr_ver == 6 and (client.ip|lower).startswith("fe80::") %} @@ -102,7 +102,7 @@ function next_hop_is_valid_for_{{ client.id }}() } {% if client.cfg.filtering.black_list_pref %} -function prefix_is_in_{{ client.id }}_blacklist() +function prefix_is_in_{{ client.id }}_blacklist(){% if "2.14"|target_version_ge %} -> bool{% endif +%} prefix set {{ client.id }}_blacklist; { {{ client.id }}_blacklist = [ diff --git a/templates/bird/common.j2 b/templates/bird/common.j2 index ab60425c..0e7609d1 100644 --- a/templates/bird/common.j2 +++ b/templates/bird/common.j2 @@ -9,7 +9,7 @@ {% if asn3216_map %} # Get the 16bit value used to represent a peer with a 32bit ASN. # Return 0 if no mapping exists for the peer. -function get_16bit_mapped_asn(int asn_32_bit) { +function get_16bit_mapped_asn(int asn_32_bit){% if "2.14"|target_version_ge %} -> int{% endif %} { case asn_32_bit { {% for asn in asn3216_map %} {% if asn3216_map[asn] %} @@ -23,7 +23,7 @@ function get_16bit_mapped_asn(int asn_32_bit) { # This function returns True if 'net' is a bogon prefix # or falls within a bogon prefix. -function prefix_is_bogon() +function prefix_is_bogon(){% if "2.14"|target_version_ge %} -> bool{% endif +%} {% for this_ip_ver in list_ip_vers %} prefix set bogons_{{ this_ip_ver }}; {% endfor %} @@ -48,7 +48,7 @@ prefix set bogons_{{ this_ip_ver }}; # This function returns True if 'net' falls within a # prefix contained in the global blacklist (for example, # local networks) -function prefix_is_in_global_blacklist() +function prefix_is_in_global_blacklist(){% if "2.14"|target_version_ge %} -> bool{% endif +%} {% for this_ip_ver in list_ip_vers %} {% set prefixes = cfg.filtering.global_black_list_pref|selectattr("prefix", "is_ipver", this_ip_ver )|list %} {% if prefixes|length > 0 %} @@ -79,7 +79,7 @@ prefix set global_blacklist_{{ this_ip_ver }}; # This function returns True if the length of 'net' prefix # falls within the range 'min'-'max' (included). -function prefix_len_is_valid (int pref_len_min; int pref_len_max) { +function prefix_len_is_valid (int pref_len_min; int pref_len_max){% if "2.14"|target_version_ge %} -> bool{% endif %} { if net.len < pref_len_min then return false; if net.len > pref_len_max then return false; return true; @@ -87,7 +87,7 @@ function prefix_len_is_valid (int pref_len_min; int pref_len_max) { # This function returns True if the AS_PATH contains one or # more private/reserved ASN. -function as_path_contains_invalid_asn() +function as_path_contains_invalid_asn(){% if "2.14"|target_version_ge %} -> bool{% endif +%} int set invalid_asns; { # http://www.iana.org/assignments/as-numbers/as-numbers.xhtml @@ -111,7 +111,7 @@ int set invalid_asns; {% if rtt_based_functions_are_used %} # This function returns the RTT measured for the peer given in client_ip. # If the RTT is not available it returns 0. -function get_peer_rtt(ip client_ip) { +function get_peer_rtt(ip client_ip){% if "2.14"|target_version_ge %} -> int{% endif %} { case client_ip { {% for client in clients|sort(attribute="ip") if client.ip is current_ipver %} {% if "rtt" in client and client["rtt"]|get_normalized_rtt %} @@ -182,7 +182,7 @@ int mapped_16bit_asn; # This function verifies if the route is tagged with one of # the blackhole filtering communities. -function is_blackhole_filtering_request() +function is_blackhole_filtering_request(){% if "2.14"|target_version_ge %} -> bool{% endif +%} {% if asn3216_map %} int mapped_16bit_asn; {% endif %} @@ -242,7 +242,7 @@ function apply_blackhole_filtering_policy() { # This function verifies if the current route can be announced to # the given client on the basis of the attached control BGP # communities. -function route_can_be_announced_to(int peer_as; ip client_ip; string client_id) +function route_can_be_announced_to(int peer_as; ip client_ip; string client_id){% if "2.14"|target_version_ge %} -> bool{% endif +%} int client_rtt; {% if asn3216_map %} int mapped_16bit_asn; @@ -305,7 +305,7 @@ function do_prepend(int times) { # This function verifies if the current route matches one of the # control communities in charge of prepending client's ASN. -function apply_prepend(int peer_as; ip client_ip) +function apply_prepend(int peer_as; ip client_ip){% if "2.14"|target_version_ge %} -> bool{% endif +%} int client_rtt; {% if asn3216_map %} int mapped_16bit_asn; @@ -411,13 +411,13 @@ function perform_rpki_validation () { } # This function returns True if the route is INVALID. -function route_is_rpki_invalid () { +function route_is_rpki_invalid (){% if "2.14"|target_version_ge %} -> bool{% endif %} { return (unknown 0x4300, 0, 2) ~ bgp_ext_community; } # This function returns True if RPKI INVALID routes # should be announced to clients. -function announce_rpki_invalid_to_client(int client_asn; ip client_ip; string client_id) { +function announce_rpki_invalid_to_client(int client_asn; ip client_ip; string client_id){% if "2.14"|target_version_ge %} -> bool{% endif %} { {% if "announce_rpki_invalid_to_client"|hook_is_set %} return hook_announce_rpki_invalid_to_client(client_asn, client_ip, client_id); {% else %} @@ -531,7 +531,7 @@ function perform_graceful_shutdown() { {% if cfg.filtering.irrdb.use_rpki_roas_as_route_objects.enabled %} # This function verifies if there is such a ROA for the # current route's origin ASN to validate the announced prefix. -function prefix_in_rpki_roas_as_route_objects() { +function prefix_in_rpki_roas_as_route_objects(){% if "2.14"|target_version_ge %} -> bool{% endif %} { {% if "2.0.0"|target_version_le %} case roa_check(RPKI) { ROA_VALID: return true; @@ -556,7 +556,7 @@ function prefix_in_rpki_roas_as_route_objects() { # Whois DB: if there is such an entry for the current route's # origin ASN to validate the announced prefix the function # returns True, otherwise False. -function prefix_in_arin_whois_db() { +function prefix_in_arin_whois_db(){% if "2.14"|target_version_ge %} -> bool{% endif %} { {% for this_ip_ver in list_ip_vers %} {% if "2.0"|target_version_ge %} if net.type = NET_IP{{ this_ip_ver }} then { @@ -582,7 +582,7 @@ function prefix_in_arin_whois_db() { # Whois DB: if there is such an entry for the current route's # origin ASN to validate the announced prefix the function # returns True, otherwise False. -function prefix_in_registrobr_whois_db() { +function prefix_in_registrobr_whois_db(){% if "2.14"|target_version_ge %} -> bool{% endif %} { {% for this_ip_ver in list_ip_vers %} {% if "2.0"|target_version_ge %} if net.type = NET_IP{{ this_ip_ver }} then { diff --git a/templates/fingerprints.yml b/templates/fingerprints.yml index 94c3e310..f84a7995 100644 --- a/templates/fingerprints.yml +++ b/templates/fingerprints.yml @@ -1,6 +1,6 @@ bird: - clients.j2: a0e0c8e7bec2170f2d2c24ba71732977205c2d53b1fa0eabeca99fe905f21ed37439b754f3dca88930c9f852e6bb9a5db8664d108970ef0106cfa2a7cca80b0c - common.j2: 358517dcf9f386c1483350ac4be6e7544d041ee1fcf87ff99503d2ec3655e3b5374dced5eab185e3f95d3d85529d0638876f74d7b3ffdcf0d233a5c42dabefaa + clients.j2: c45eada582301432b8454626a3d33c814466191d43f4a240b88cef4b028657a0a4170b02e5527633b3d1a4749a8373e5f585fa619088cb37af1fb6c0b35e9f74 + common.j2: a5e5797f195f587108ad1d486cf3e8cd80c5b4d64b90e793810f1acf4c12498962e1e952afb9fe1b4faa02ce0a87c9c57aa16e421b09a5f188082ff789409bbd header.j2: 25f219ef4d0a4ee64c18b338bc557c246c4759b438f31865a7483ebef8a9a3795e09c85ba301da24d7036b474f7936f7a9ed758f93d66bca36e0624c23729170 irrdb.j2: 4ff9a0dba41a02737c17a2497613f2dcc179a80b79714f18d61162e9503907cfd53765ab426036119e8bcb716d9d24a5380d724235373ae4ab7340d6c6eb074a macros.j2: a8703c36f8307c5c9f3d6e2fca5a4ba685599cf3bcfac14fa5a65f4eaabd878b35e3d75aa33f56f74dcb550d5b95e734ea2c3f33e99085795444d2a217f9ba32 diff --git a/utils/update_tests b/utils/update_tests index 3b34dff3..020cd255 100755 --- a/utils/update_tests +++ b/utils/update_tests @@ -110,10 +110,10 @@ fi echo "Pulling Docker images needed for the tests..." # To be kept in sync with .github/workflows/cicd.yml docker pull pierky/bird:1.6.8 -docker pull pierky/bird:2.13 +docker pull pierky/bird:2.14 docker pull pierky/bird:3.0-alpha2 -docker pull pierky/openbgpd:7.8 docker pull pierky/openbgpd:8.0 +docker pull pierky/openbgpd:8.2 docker pull pierky/exabgp:4.2.7 docker pull nlnetlabs/routinator:v0.8.3