General route-maps and prefix_list manager fix

Muckthebuck · Muckthebuck · commit 949ebeeddcb7 · 2025-02-20T16:06:56.000+11:00
Signed-off-by: Mukul Chodhary &lt;70460358+Muckthebuck@users.noreply.github.com&gt;
diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/general/peer-group.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/general/peer-group.conf.j2
@@ -26,6 +26,10 @@
     neighbor PEER_V6 soft-reconfiguration inbound
     neighbor PEER_V6 route-map FROM_BGP_PEER_V6 in
     neighbor PEER_V6 route-map TO_BGP_PEER_V6 out
+{% if CONFIG_DB__DEVICE_METADATA['localhost']['type'] == 'SpineRouter' %}
+    table-map SELECTIVE_ROUTE_DOWNLOAD_V4
+    table-map SELECTIVE_ROUTE_DOWNLOAD_V6
+{% endif %}
   exit-address-family
 !
 ! end of template: bgpd/templates/general/peer-group.conf.j2
diff --git a/dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2 b/dockers/docker-fpm-frr/frr/bgpd/templates/general/policies.conf.j2
@@ -97,5 +97,44 @@ route-map TO_BGP_PEER_V6 permit 100
 !
 route-map CHECK_IDF_ISOLATION permit 10
 !
+!
+!
+{% if CONFIG_DB__DEVICE_METADATA and 'localhost' in CONFIG_DB__DEVICE_METADATA and 'type' in CONFIG_DB__DEVICE_METADATA['localhost'] and 'subtype' in CONFIG_DB__DEVICE_METADATA['localhost'] %}
+{% if CONFIG_DB__DEVICE_METADATA['localhost']['type'] == 'SpineRouter' and CONFIG_DB__DEVICE_METADATA['localhost']['subtype'] == 'UpstreamLC' %}
+bgp community-list standard ANCHOR_ROUTE_COMMUNITY permit {{ constants.bgp.anchor_route_community }}
+bgp community-list standard LOCAL_ANCHOR_ROUTE_COMMUNITY permit {{ constants.bgp.local_anchor_route_community }}
+bgp community-list standard ANCHOR_CONTRIBUTING_ROUTE_COMMUNITY permit {{ constants.bgp.anchor_contributing_route_community }}
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V4 deny 10
+  match community LOCAL_ANCHOR_ROUTE_COMMUNITY
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V4 permit 1000
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V6 deny 10
+  match community LOCAL_ANCHOR_ROUTE_COMMUNITY
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V6 permit 1000
+!
+route-map TAG_ANCHOR_COMMUNITY permit 10
+  set community {{ constants.bgp.local_anchor_route_community }} {{ constants.bgp.anchor_route_community }} additive
+!
+route-map TO_BGP_PEER_V6 permit 30
+  match ipv6 address prefix-list ANCHOR_CONTRIBUTING_ROUTES
+  set community {{ constants.bgp.anchor_contributing_route_community }} additive
+  on-match next
+!
+route-map TO_BGP_PEER_V6 permit 40
+  set comm-list LOCAL_ANCHOR_ROUTE_COMMUNITY delete
+!
+route-map TO_BGP_PEER_V4 permit 30
+  match ipv6 address prefix-list ANCHOR_CONTRIBUTING_ROUTES
+  set community {{ constants.bgp.anchor_contributing_route_community }} additive
+  on-match next
+!
+route-map TO_BGP_PEER_V4 permit 40
+  set comm-list LOCAL_ANCHOR_ROUTE_COMMUNITY delete
+!
+{% endif %}
+{% endif %}
 ! end of template: bgpd/templates/general/policies.conf.j2
 !
diff --git a/files/image_config/constants/constants.yml b/files/image_config/constants/constants.yml
@@ -9,6 +9,8 @@ constants:
     sentinel_community: 12345:12346
     internal_community_match_tag: 201
     local_anchor_route_community: 12345:555
+    anchor_route_community: 12345:666
+    anchor_contributing_route_community: 12345:777
     route_do_not_send_appdb_tag: 202
     route_eligible_for_fallback_to_default_tag: 203
     families:
diff --git a/src/sonic-bgpcfgd/bgpcfgd/managers_prefix_list.py b/src/sonic-bgpcfgd/bgpcfgd/managers_prefix_list.py
@@ -35,16 +35,20 @@ def generate_prefix_list_config(self, data, add):
         """
         cmd = "\n"
         metadata = self.directory.get_slot("CONFIG_DB", swsscommon.CFG_DEVICE_METADATA_TABLE_NAME)["localhost"]
-        bgp_asn = metadata["bgp_asn"]
-        localhost_type = metadata["type"]
-        subtype = metadata["subtype"]
+        try:
+            bgp_asn = metadata["bgp_asn"]
+            localhost_type = metadata["type"]
+            subtype = metadata["subtype"]
+        except KeyError as e:
+            log_warn(f"PrefixListMgr:: Missing metadata key: {e}")
+            return False
 
         if data["prefix_list_name"] != "ANCHOR_PREFIX":
             log_warn("PrefixListMgr:: Prefix list %s is not supported" % data["prefix_list_name"])
-            return
+            return False
         if localhost_type != "SpineRouter" or subtype != "UpstreamLC":
             log_warn("PrefixListMgr:: Prefix list %s is only supported on UpstreamLC of SpineRouter" % data["prefix_list_name"])
-            return
+            return False
 
         # Add the anchor prefix to the radian configuration
         data["bgp_asn"] = bgp_asn
@@ -56,6 +60,7 @@ def generate_prefix_list_config(self, data, add):
             cmd += self.templates["del_radian"].render(data=data)
             log_debug("PrefixListMgr:: Anchor prefix %s removed from radian configuration" % data["prefix"])	
         self.cfg_mgr.push(cmd)
+        return True
             
         
 
@@ -72,11 +77,11 @@ def set_handler(self, key, data):
             data["prefix"] = str(prefix.cidr)
             data["ipv"] = self.get_ip_type(prefix)
             # Generate the prefix list configuration
-            self.generate_prefix_list_config(data, add=True)
-            log_info("PrefixListMgr:: %s %s configuration generated" % (prefix_list_name, data["prefix"]))
+            if self.generate_prefix_list_config(data, add=True):
+                log_info("PrefixListMgr:: %s %s configuration generated" % (prefix_list_name, data["prefix"]))
 
-            self.directory.put(self.db_name, self.table_name, key, data)
-            log_info("PrefixListMgr:: set %s" % key)
+                self.directory.put(self.db_name, self.table_name, key, data)
+                log_info("PrefixListMgr:: set %s" % key)
         return True
 
     def del_handler(self, key):
@@ -92,10 +97,11 @@ def del_handler(self, key):
             data["prefix_list_name"] = prefix_list_name
             data["prefix"] = str(prefix.cidr)
             data["ipv"] = self.get_ip_type(prefix)
-            self.generate_prefix_list_config(data, add=False)
-            log_info("PrefixListMgr:: %s %s configuration deleted" % (prefix_list_name, data["prefix"]))
-            self.directory.remove(self.db_name, self.table_name, key)
-            log_info("PrefixListMgr:: deleted %s" % key)
+            # remove the prefix list configuration
+            if self.generate_prefix_list_config(data, add=False):
+                log_info("PrefixListMgr:: %s %s configuration deleted" % (prefix_list_name, data["prefix"]))
+                self.directory.remove(self.db_name, self.table_name, key)
+                log_info("PrefixListMgr:: deleted %s" % key)
         # Implement deletion logic if necessary
         return True
 
diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/param_all_chassis_pkt.json b/src/sonic-bgpcfgd/tests/data/general/policies.conf/param_all_chassis_pkt.json
@@ -5,10 +5,13 @@
             "allow_list": {
                 "enabled": true,
                 "drop_community": "12345:12345"
-	    },
-             "route_eligible_for_fallback_to_default_tag": "203",
-             "route_do_not_send_appdb_tag" : "202",
-	     "internal_fallback_community": "1111:2222"
+            },
+            "route_eligible_for_fallback_to_default_tag": "203",
+            "route_do_not_send_appdb_tag" : "202",
+            "internal_fallback_community": "1111:2222",
+            "local_anchor_route_community": "12345:555",
+            "anchor_route_community": "12345:666",
+            "anchor_contributing_route_community": "12345:777"
         }
     },
     "allow_list_default_action": "permit",
diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/param_all_voq.json b/src/sonic-bgpcfgd/tests/data/general/policies.conf/param_all_voq.json
@@ -5,10 +5,13 @@
             "allow_list": {
                 "enabled": true,
                 "drop_community": "12345:12345"
-	    },
-             "route_eligible_for_fallback_to_default_tag": "203",
-             "route_do_not_send_appdb_tag" : "202",
-	     "internal_fallback_community": "1111:2222"
+            },
+            "route_eligible_for_fallback_to_default_tag": "203",
+            "route_do_not_send_appdb_tag" : "202",
+            "internal_fallback_community": "1111:2222",
+            "local_anchor_route_community": "12345:555",
+            "anchor_route_community": "12345:666",
+            "anchor_contributing_route_community": "12345:777"
         }
     },
     "allow_list_default_action": "permit",
diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all_chassis_pkt.conf b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all_chassis_pkt.conf
@@ -1,13 +1,17 @@
 !
 ! template: bgpd/templates/general/policies.conf.j2
 !
+!
 ip prefix-list DEFAULT_IPV4 permit 0.0.0.0/0
 ipv6 prefix-list DEFAULT_IPV6 permit ::/0
 !
+!
+!
 ! please don't remove. 65535 entries are default rules
 ! which works when allow_list is enabled, but new configuration
 ! is not applied
 !
+!
 route-map ALLOW_LIST_DEPLOYMENT_ID_0_V4 permit 65535
   set community 12345:12345 additive
 !
@@ -45,13 +49,16 @@ route-map FROM_BGP_PEER_V6 permit 12
 !
 route-map FROM_BGP_PEER_V6 permit 13
   set tag 203
-  set community 1111:2222 additive                                                                                                                                         
+  set community 1111:2222 additive                                                                                                                                         !
+!
+!
 !
 route-map FROM_BGP_PEER_V4 permit 100
 !
 route-map TO_BGP_PEER_V4 permit 100
   call CHECK_IDF_ISOLATION
 !
+!
 route-map FROM_BGP_PEER_V6 permit 1
  on-match next
  set ipv6 next-hop prefer-global
@@ -63,5 +70,40 @@ route-map TO_BGP_PEER_V6 permit 100
 !
 route-map CHECK_IDF_ISOLATION permit 10
 !
-! end of template: bgpd/templates/general/policies.conf.j2
 !
+!
+bgp community-list standard ANCHOR_ROUTE_COMMUNITY permit 12345:666
+bgp community-list standard LOCAL_ANCHOR_ROUTE_COMMUNITY permit 12345:555
+bgp community-list standard ANCHOR_CONTRIBUTING_ROUTE_COMMUNITY permit 12345:777
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V4 deny 10
+  match community LOCAL_ANCHOR_ROUTE_COMMUNITY
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V4 permit 1000
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V6 deny 10
+  match community LOCAL_ANCHOR_ROUTE_COMMUNITY
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V6 permit 1000
+!
+route-map TAG_ANCHOR_COMMUNITY permit 10
+  set community 12345:555 12345:666 additive
+!
+route-map TO_BGP_PEER_V6 permit 30
+  match ipv6 address prefix-list ANCHOR_CONTRIBUTING_ROUTES
+  set community 12345:777 additive
+  on-match next
+!
+route-map TO_BGP_PEER_V6 permit 40
+  set comm-list LOCAL_ANCHOR_ROUTE_COMMUNITY delete
+!
+route-map TO_BGP_PEER_V4 permit 30
+  match ipv6 address prefix-list ANCHOR_CONTRIBUTING_ROUTES
+  set community 12345:777 additive
+  on-match next
+!
+route-map TO_BGP_PEER_V4 permit 40
+  set comm-list LOCAL_ANCHOR_ROUTE_COMMUNITY delete
+!
+! end of template: bgpd/templates/general/policies.conf.j2
+!
diff --git a/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all_voq.conf b/src/sonic-bgpcfgd/tests/data/general/policies.conf/result_all_voq.conf
@@ -1,13 +1,17 @@
 !
 ! template: bgpd/templates/general/policies.conf.j2
 !
+!
 ip prefix-list DEFAULT_IPV4 permit 0.0.0.0/0
 ipv6 prefix-list DEFAULT_IPV6 permit ::/0
 !
+!
+!
 ! please don't remove. 65535 entries are default rules
 ! which works when allow_list is enabled, but new configuration
 ! is not applied
 !
+!
 route-map ALLOW_LIST_DEPLOYMENT_ID_0_V4 permit 65535
   set community 12345:12345 additive
 !
@@ -45,13 +49,16 @@ route-map FROM_BGP_PEER_V6 permit 12
 !
 route-map FROM_BGP_PEER_V6 permit 13
   set tag 202
-  set community 1111:2222 additive                                                                                                                                         
+  set community 1111:2222 additive                                                                                                                                         !
+!
+!
 !
 route-map FROM_BGP_PEER_V4 permit 100
 !
 route-map TO_BGP_PEER_V4 permit 100
   call CHECK_IDF_ISOLATION
 !
+!
 route-map FROM_BGP_PEER_V6 permit 1
  on-match next
  set ipv6 next-hop prefer-global
@@ -63,5 +70,40 @@ route-map TO_BGP_PEER_V6 permit 100
 !
 route-map CHECK_IDF_ISOLATION permit 10
 !
+!
+!
+bgp community-list standard ANCHOR_ROUTE_COMMUNITY permit 12345:666
+bgp community-list standard LOCAL_ANCHOR_ROUTE_COMMUNITY permit 12345:555
+bgp community-list standard ANCHOR_CONTRIBUTING_ROUTE_COMMUNITY permit 12345:777
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V4 deny 10
+  match community LOCAL_ANCHOR_ROUTE_COMMUNITY
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V4 permit 1000
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V6 deny 10
+  match community LOCAL_ANCHOR_ROUTE_COMMUNITY
+!
+route-map SELECTIVE_ROUTE_DOWNLOAD_V6 permit 1000
+!
+route-map TAG_ANCHOR_COMMUNITY permit 10
+  set community 12345:555 12345:666 additive
+!
+route-map TO_BGP_PEER_V6 permit 30
+  match ipv6 address prefix-list ANCHOR_CONTRIBUTING_ROUTES
+  set community 12345:777 additive
+  on-match next
+!
+route-map TO_BGP_PEER_V6 permit 40
+  set comm-list LOCAL_ANCHOR_ROUTE_COMMUNITY delete
+!
+route-map TO_BGP_PEER_V4 permit 30
+  match ipv6 address prefix-list ANCHOR_CONTRIBUTING_ROUTES
+  set community 12345:777 additive
+  on-match next
+!
+route-map TO_BGP_PEER_V4 permit 40
+  set comm-list LOCAL_ANCHOR_ROUTE_COMMUNITY delete
+!
 ! end of template: bgpd/templates/general/policies.conf.j2
 !
