From 7319866bc49c427c95b68c0a30c7f96e06e3421a Mon Sep 17 00:00:00 2001 From: Pier Carlo Chiodi Date: Tue, 10 Oct 2023 12:13:33 +0200 Subject: [PATCH] BIRD 2.13, OpenBGPD 8.2 --- .github/workflows/cicd.yml | 12 ++++---- pierky/arouteserver/builder.py | 6 ++-- pierky/arouteserver/tests/live_tests/bird.py | 4 +-- .../arouteserver/tests/live_tests/openbgpd.py | 14 +++++++-- templates/bird/clients.j2 | 9 +++--- templates/bird/common.j2 | 29 ++++++++++--------- templates/bird/macros.j2 | 4 +++ templates/fingerprints.yml | 6 ++-- utils/update_tests | 4 +-- 9 files changed, 52 insertions(+), 36 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index f5691861..3945f10d 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -76,10 +76,10 @@ jobs: run: | echo "$DOCKER_PASSWORD" | docker login --username "$DOCKER_USERNAME" --password-stdin docker pull pierky/bird:1.6.8 - docker pull pierky/bird:2.13 + docker pull pierky/bird:2.14 docker pull pierky/bird:3.0-alpha2 - docker pull pierky/openbgpd:7.8 docker pull pierky/openbgpd:8.0 + docker pull pierky/openbgpd:8.2 docker pull pierky/exabgp:4.2.7 docker pull nlnetlabs/routinator:v0.8.3 env: @@ -225,7 +225,7 @@ jobs: -e ROUTER_ID=192.0.2.124 \ -e LOCAL_PREFIXES=192.0.2.0/24,2001:db8::/32 \ -e DAEMON=openbgpd \ - -e VERSION=8.0 \ + -e VERSION=8.2 \ -e SECRET_PEERINGDB_API_KEY="${SECRET_PEERINGDB_API_KEY}" \ pierky/arouteserver:${{ matrix.docker-image.target_image }} env: @@ -237,7 +237,7 @@ jobs: -t \ --rm \ -v ~/arouteserver_configs/openbgpd.cfg:/etc/bgpd/bgpd.conf \ - pierky/openbgpd:8.0 \ + pierky/openbgpd:8.2 \ bgpd \ -f /etc/bgpd/bgpd.conf \ -d \ @@ -258,7 +258,7 @@ jobs: -v $(pwd)/examples/auto-config/bird-general.yml:/etc/arouteserver/general.yml:ro \ -v ~/arouteserver_configs:/root/arouteserver_configs \ -e DAEMON=bird \ - -e VERSION=2.13 \ + -e VERSION=2.14 \ -e SECRET_PEERINGDB_API_KEY="${SECRET_PEERINGDB_API_KEY}" \ pierky/arouteserver:${{ matrix.docker-image.target_image }} env: @@ -270,7 +270,7 @@ jobs: -t \ --rm \ -v ~/arouteserver_configs/bird.cfg:/etc/bird/bird.cfg \ - pierky/bird:2.13 \ + pierky/bird:2.14 \ bird \ -c /etc/bird/bird.cfg \ -d \ diff --git a/pierky/arouteserver/builder.py b/pierky/arouteserver/builder.py index 5bf5a3ea..150be9d9 100644 --- a/pierky/arouteserver/builder.py +++ b/pierky/arouteserver/builder.py @@ -875,9 +875,9 @@ class BIRDConfigBuilder(ConfigBuilder): AVAILABLE_VERSION = ["1.6.3", "1.6.4", "1.6.6", "1.6.7", "1.6.8", "2.0.7", "2.0.7+b962967e", "2.0.8", "2.0.9", - "2.0.10", "2.0.11", "2.13", + "2.0.10", "2.0.11", "2.13", "2.14", "3.0"] - DEFAULT_VERSION = "2.13" + DEFAULT_VERSION = "2.14" def validate_bgpspeaker_specific_configuration(self): res = True @@ -1051,7 +1051,7 @@ class OpenBGPDConfigBuilder(ConfigBuilder): LOCAL_FILES_BASE_DIR = "/etc/bgpd" AVAILABLE_VERSION = ["7.0", "7.1", "7.2", "7.3", "7.4", "7.5", "7.6", "7.7", - "7.8", "8.0"] + "7.8", "8.0", "8.2"] DEFAULT_VERSION = AVAILABLE_VERSION[-1] IGNORABLE_ISSUES = ConfigBuilder.IGNORABLE_ISSUES + \ diff --git a/pierky/arouteserver/tests/live_tests/bird.py b/pierky/arouteserver/tests/live_tests/bird.py index f01a4072..fa842f1a 100644 --- a/pierky/arouteserver/tests/live_tests/bird.py +++ b/pierky/arouteserver/tests/live_tests/bird.py @@ -331,11 +331,11 @@ def _birdcl(self, cmd): class BIRD2Instance(BIRDInstance): - DOCKER_IMAGE = "pierky/bird:2.13" + DOCKER_IMAGE = "pierky/bird:2.14" TAG = "bird2" - TARGET_VERSION = "2.13" + TARGET_VERSION = "2.14" def _get_start_cmd(self): return "bird -c /etc/bird/bird.conf -d" diff --git a/pierky/arouteserver/tests/live_tests/openbgpd.py b/pierky/arouteserver/tests/live_tests/openbgpd.py index 97698653..d99ce786 100644 --- a/pierky/arouteserver/tests/live_tests/openbgpd.py +++ b/pierky/arouteserver/tests/live_tests/openbgpd.py @@ -661,5 +661,15 @@ class OpenBGPD80PortableInstance(OpenBGPDPortableInstance): TARGET_VERSION = "8.0" -OpenBGPDPortablePreviousInstance = OpenBGPD78PortableInstance -OpenBGPDPortableLatestInstance = OpenBGPD80PortableInstance +class OpenBGPD82PortableInstance(OpenBGPDPortableInstance): + + DOCKER_IMAGE = "pierky/openbgpd:8.2" + + TAG = "openbgpd82p" + + BGP_SPEAKER_VERSION = "8.2" + TARGET_VERSION = "8.2" + + +OpenBGPDPortablePreviousInstance = OpenBGPD80PortableInstance +OpenBGPDPortableLatestInstance = OpenBGPD82PortableInstance diff --git a/templates/bird/clients.j2 b/templates/bird/clients.j2 index 87d4a7f2..b8cd1cdc 100644 --- a/templates/bird/clients.j2 +++ b/templates/bird/clients.j2 @@ -2,6 +2,7 @@ {% from 'macros.j2' import write_prefix_list_entry %} {% from 'macros.j2' import add_communities %} {% from 'macros.j2' import match_communities %} +{% from 'macros.j2' import bird_fnc_type %} {%- macro write_max_pref_action(action) -%} {% if action == "shutdown" %}disable; @@ -39,7 +40,7 @@ reject {{ err_msg }}; {% for client in clients|sort(attribute="id") if client.ip is current_ipver %} # AS-SET for {{ client.id }} -function origin_as_is_in_{{ client.id }}_as_set() { +function origin_as_is_in_{{ client.id }}_as_set(){{ bird_fnc_type("bool") }} { {% if client.cfg.filtering.irrdb.as_set_bundle_ids %} {% for as_set_bundle_id in client.cfg.filtering.irrdb.as_set_bundle_ids|sort %} {% if irrdb_info[as_set_bundle_id].asns %} @@ -54,7 +55,7 @@ function origin_as_is_in_{{ client.id }}_as_set() { } # R-SET for {{ client.id }} -function prefix_is_in_{{ client.id }}_as_set() { +function prefix_is_in_{{ client.id }}_as_set(){{ bird_fnc_type("bool") }} { {% if client.cfg.filtering.irrdb.as_set_bundle_ids %} {% for as_set_bundle_id in client.cfg.filtering.irrdb.as_set_bundle_ids|sort %} {% set this_ip_ver = client.ip|ipaddr_ver %} @@ -76,7 +77,7 @@ function prefix_is_in_{{ client.id }}_as_set() { return false; } -function next_hop_is_valid_for_{{ client.id }}() +function next_hop_is_valid_for_{{ client.id }}(){{ bird_fnc_type("bool") }} { # Checks if NEXT_HOP is one of those allowed for routes announced by {{ client.id }} {% if client.ip|ipaddr_ver == 6 and (client.ip|lower).startswith("fe80::") %} @@ -102,7 +103,7 @@ function next_hop_is_valid_for_{{ client.id }}() } {% if client.cfg.filtering.black_list_pref %} -function prefix_is_in_{{ client.id }}_blacklist() +function prefix_is_in_{{ client.id }}_blacklist(){{ bird_fnc_type("bool") }} prefix set {{ client.id }}_blacklist; { {{ client.id }}_blacklist = [ diff --git a/templates/bird/common.j2 b/templates/bird/common.j2 index ab60425c..3cecd910 100644 --- a/templates/bird/common.j2 +++ b/templates/bird/common.j2 @@ -3,13 +3,14 @@ {% from 'macros.j2' import match_communities with context %} {% from 'macros.j2' import add_communities %} {% from 'macros.j2' import match_rtt_communities %} +{% from 'macros.j2' import bird_fnc_type %} # --------------------------------------------------------- # COMMON {% if asn3216_map %} # Get the 16bit value used to represent a peer with a 32bit ASN. # Return 0 if no mapping exists for the peer. -function get_16bit_mapped_asn(int asn_32_bit) { +function get_16bit_mapped_asn(int asn_32_bit){{ bird_fnc_type("int") }} { case asn_32_bit { {% for asn in asn3216_map %} {% if asn3216_map[asn] %} @@ -23,7 +24,7 @@ function get_16bit_mapped_asn(int asn_32_bit) { # This function returns True if 'net' is a bogon prefix # or falls within a bogon prefix. -function prefix_is_bogon() +function prefix_is_bogon(){{ bird_fnc_type("bool") }} {% for this_ip_ver in list_ip_vers %} prefix set bogons_{{ this_ip_ver }}; {% endfor %} @@ -48,7 +49,7 @@ prefix set bogons_{{ this_ip_ver }}; # This function returns True if 'net' falls within a # prefix contained in the global blacklist (for example, # local networks) -function prefix_is_in_global_blacklist() +function prefix_is_in_global_blacklist(){{ bird_fnc_type("bool") }} {% for this_ip_ver in list_ip_vers %} {% set prefixes = cfg.filtering.global_black_list_pref|selectattr("prefix", "is_ipver", this_ip_ver )|list %} {% if prefixes|length > 0 %} @@ -79,7 +80,7 @@ prefix set global_blacklist_{{ this_ip_ver }}; # This function returns True if the length of 'net' prefix # falls within the range 'min'-'max' (included). -function prefix_len_is_valid (int pref_len_min; int pref_len_max) { +function prefix_len_is_valid (int pref_len_min; int pref_len_max){{ bird_fnc_type("bool") }} { if net.len < pref_len_min then return false; if net.len > pref_len_max then return false; return true; @@ -87,7 +88,7 @@ function prefix_len_is_valid (int pref_len_min; int pref_len_max) { # This function returns True if the AS_PATH contains one or # more private/reserved ASN. -function as_path_contains_invalid_asn() +function as_path_contains_invalid_asn(){{ bird_fnc_type("bool") }} int set invalid_asns; { # http://www.iana.org/assignments/as-numbers/as-numbers.xhtml @@ -111,7 +112,7 @@ int set invalid_asns; {% if rtt_based_functions_are_used %} # This function returns the RTT measured for the peer given in client_ip. # If the RTT is not available it returns 0. -function get_peer_rtt(ip client_ip) { +function get_peer_rtt(ip client_ip){{ bird_fnc_type("int") }} { case client_ip { {% for client in clients|sort(attribute="ip") if client.ip is current_ipver %} {% if "rtt" in client and client["rtt"]|get_normalized_rtt %} @@ -182,7 +183,7 @@ int mapped_16bit_asn; # This function verifies if the route is tagged with one of # the blackhole filtering communities. -function is_blackhole_filtering_request() +function is_blackhole_filtering_request(){{ bird_fnc_type("bool") }} {% if asn3216_map %} int mapped_16bit_asn; {% endif %} @@ -242,7 +243,7 @@ function apply_blackhole_filtering_policy() { # This function verifies if the current route can be announced to # the given client on the basis of the attached control BGP # communities. -function route_can_be_announced_to(int peer_as; ip client_ip; string client_id) +function route_can_be_announced_to(int peer_as; ip client_ip; string client_id){{ bird_fnc_type("bool") }} int client_rtt; {% if asn3216_map %} int mapped_16bit_asn; @@ -305,7 +306,7 @@ function do_prepend(int times) { # This function verifies if the current route matches one of the # control communities in charge of prepending client's ASN. -function apply_prepend(int peer_as; ip client_ip) +function apply_prepend(int peer_as; ip client_ip){{ bird_fnc_type("bool") }} int client_rtt; {% if asn3216_map %} int mapped_16bit_asn; @@ -411,13 +412,13 @@ function perform_rpki_validation () { } # This function returns True if the route is INVALID. -function route_is_rpki_invalid () { +function route_is_rpki_invalid (){{ bird_fnc_type("bool") }} { return (unknown 0x4300, 0, 2) ~ bgp_ext_community; } # This function returns True if RPKI INVALID routes # should be announced to clients. -function announce_rpki_invalid_to_client(int client_asn; ip client_ip; string client_id) { +function announce_rpki_invalid_to_client(int client_asn; ip client_ip; string client_id){{ bird_fnc_type("bool") }} { {% if "announce_rpki_invalid_to_client"|hook_is_set %} return hook_announce_rpki_invalid_to_client(client_asn, client_ip, client_id); {% else %} @@ -531,7 +532,7 @@ function perform_graceful_shutdown() { {% if cfg.filtering.irrdb.use_rpki_roas_as_route_objects.enabled %} # This function verifies if there is such a ROA for the # current route's origin ASN to validate the announced prefix. -function prefix_in_rpki_roas_as_route_objects() { +function prefix_in_rpki_roas_as_route_objects(){{ bird_fnc_type("bool") }} { {% if "2.0.0"|target_version_le %} case roa_check(RPKI) { ROA_VALID: return true; @@ -556,7 +557,7 @@ function prefix_in_rpki_roas_as_route_objects() { # Whois DB: if there is such an entry for the current route's # origin ASN to validate the announced prefix the function # returns True, otherwise False. -function prefix_in_arin_whois_db() { +function prefix_in_arin_whois_db(){{ bird_fnc_type("bool") }} { {% for this_ip_ver in list_ip_vers %} {% if "2.0"|target_version_ge %} if net.type = NET_IP{{ this_ip_ver }} then { @@ -582,7 +583,7 @@ function prefix_in_arin_whois_db() { # Whois DB: if there is such an entry for the current route's # origin ASN to validate the announced prefix the function # returns True, otherwise False. -function prefix_in_registrobr_whois_db() { +function prefix_in_registrobr_whois_db(){{ bird_fnc_type("bool") }} { {% for this_ip_ver in list_ip_vers %} {% if "2.0"|target_version_ge %} if net.type = NET_IP{{ this_ip_ver }} then { diff --git a/templates/bird/macros.j2 b/templates/bird/macros.j2 index ac95da1d..9f957b2d 100644 --- a/templates/bird/macros.j2 +++ b/templates/bird/macros.j2 @@ -1,3 +1,7 @@ +{% macro bird_fnc_type(return_type) %} +{% if "2.14"|target_version_ge and "3.0.0"|target_version_le %} -> {{ return_type }}{% endif %} +{% endmacro %} + {% macro write_prefix_list_entry(entry) %} {{ entry.prefix }}/{{ entry.length -}} {%- if not entry.exact -%} diff --git a/templates/fingerprints.yml b/templates/fingerprints.yml index 94c3e310..dd44f28e 100644 --- a/templates/fingerprints.yml +++ b/templates/fingerprints.yml @@ -1,9 +1,9 @@ bird: - clients.j2: a0e0c8e7bec2170f2d2c24ba71732977205c2d53b1fa0eabeca99fe905f21ed37439b754f3dca88930c9f852e6bb9a5db8664d108970ef0106cfa2a7cca80b0c - common.j2: 358517dcf9f386c1483350ac4be6e7544d041ee1fcf87ff99503d2ec3655e3b5374dced5eab185e3f95d3d85529d0638876f74d7b3ffdcf0d233a5c42dabefaa + clients.j2: 87e945e73ea2fee187092b66aa3a7ef266ae655e2863d919e9c34f7d73f419418948caa217a73bc7f0c7a2b1a39313dbb8c3d2551e4b393983066def64eb00bd + common.j2: 1888f590f24415b2df86b3f86f4a36ca8c348ae6e5ddfac664e1663928fd5093863b605d5165b4075da38df5bb041f1cbeebee9991efc1be02eb4a696d95e420 header.j2: 25f219ef4d0a4ee64c18b338bc557c246c4759b438f31865a7483ebef8a9a3795e09c85ba301da24d7036b474f7936f7a9ed758f93d66bca36e0624c23729170 irrdb.j2: 4ff9a0dba41a02737c17a2497613f2dcc179a80b79714f18d61162e9503907cfd53765ab426036119e8bcb716d9d24a5380d724235373ae4ab7340d6c6eb074a - macros.j2: a8703c36f8307c5c9f3d6e2fca5a4ba685599cf3bcfac14fa5a65f4eaabd878b35e3d75aa33f56f74dcb550d5b95e734ea2c3f33e99085795444d2a217f9ba32 + macros.j2: 7e31fd370b22dfbce858a568b874cbf3478f837bd1d8bb31ddf6685df4ad5de75481d981af2d0ee2d55ccec663d9dc6ba0d64f3cd9790755770ac48b0123ec3d main.j2: ed32987ac71837a00e6065f135198080e493e9a92d41b056c608c9fb6821bd896f492f6b3ed2242c31b3c9ae868e9dd705d681b4e1dbe8aa63a1ec1706972cf0 rpki.j2: 1f4d7c5120e148651e3855ef38737cd8f32951bdc35c4fbbaee5e14e6ab77ab6ddf861b39d5268f52a270b9786268efc45b6f34f3c09e5494b987b2f697b9540 html: diff --git a/utils/update_tests b/utils/update_tests index 3b34dff3..020cd255 100755 --- a/utils/update_tests +++ b/utils/update_tests @@ -110,10 +110,10 @@ fi echo "Pulling Docker images needed for the tests..." # To be kept in sync with .github/workflows/cicd.yml docker pull pierky/bird:1.6.8 -docker pull pierky/bird:2.13 +docker pull pierky/bird:2.14 docker pull pierky/bird:3.0-alpha2 -docker pull pierky/openbgpd:7.8 docker pull pierky/openbgpd:8.0 +docker pull pierky/openbgpd:8.2 docker pull pierky/exabgp:4.2.7 docker pull nlnetlabs/routinator:v0.8.3