x/vmware-nsx
Code Issues Proposed changes

NSXv BGP: Adding IP address check for ESG BGP peer

Browse Source 
This patch adds a check that specified BGP peer ip address matches one
of the corresponding ESG interfaces.

Change-Id: Id106e7560cf314d5a24559581d5586183c862a5f
This commit is contained in:
Roey Chen 2017-05-25 03:34:40 -07:00
parent b99b129132
commit d996c63b9f
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
vmware_nsx/extensions/edge_service_gateway_bgp_peer.py
View File

@ -65,6 +65,11 @@ class ExternalSubnetHasGW(nexception.InvalidInput):
"BGP on the network.") "BGP on the network.")
class EsgInternalIfaceDoesNotMatch(nexception.InvalidInput):
message = _("Given BGP peer IP address doesn't match "
"any interface on ESG '%(esg_id)s'")
class Edge_service_gateway_bgp_peer(extensions.ExtensionDescriptor): class Edge_service_gateway_bgp_peer(extensions.ExtensionDescriptor):
"""Extension class to allow identifying of-peer with specificN SXv edge """Extension class to allow identifying of-peer with specificN SXv edge
service gateway. service gateway.

9
vmware_nsx/services/dynamic_routing/nsx_v/driver.py
View File

@ -249,6 +249,15 @@ class NSXvBgpDriver(object):
raise ext_esg_peer.EsgRemoteASDoNotMatch(remote_as=remote_as, raise ext_esg_peer.EsgRemoteASDoNotMatch(remote_as=remote_as,
esg_id=esg_id, esg_id=esg_id,
esg_as=esg_as) esg_as=esg_as)
h, resp = self._nsxv.vcns.get_interfaces(esg_id)
for iface in resp['vnics']:
address_groups = iface['addressGroups']['addressGroups']
matching_iface = [ag for ag in address_groups
if ag['primaryAddress'] == bgp_peer['peer_ip']]
if matching_iface:
break
else:
raise ext_esg_peer.EsgInternalIfaceDoesNotMatch(esg_id=esg_id)
def create_bgp_peer(self, context, bgp_peer): def create_bgp_peer(self, context, bgp_peer):
bgp_peer = bgp_peer['bgp_peer'] bgp_peer = bgp_peer['bgp_peer']