Move the config regress tests into own directory making space for additional

unittests and maybe more. bgpd needs more test coverage.
Discussed with bluhm@

diff --git a/regress/usr.sbin/bgpd/Makefile b/regress/usr.sbin/bgpd/Makefile
index 84bc623..7c49f20 100644 (file)
--- a/regress/usr.sbin/bgpd/Makefile
+++ b/regress/usr.sbin/bgpd/Makefile
@@ -1,37 +1,6 @@
-# $OpenBSD: Makefile,v 1.3 2018/09/06 15:55:30 benno Exp $
+# $OpenBSD: Makefile,v 1.4 2018/09/07 08:38:35 claudio Exp $
 
-BGPDTESTS=1 2
+SUBDIR += config
+#SUBDIR += unittests
 
-REGRESS_TARGETS = config
-
-.for n in ${BGPDTESTS}
-BGPD_TARGETS+=bgpd${n}
-BGPD_UPDATES+=bgpd${n}-update
-
-bgpd${n}:
-       bgpd -nv -f /dev/stdin < ${.CURDIR}/bgpd.conf.${n}.in | \
-           sed 's/router-id .*/router-id 127.0.0.1/' | \
-           diff -u ${.CURDIR}/bgpd.conf.${n}.ok /dev/stdin
-
-bgpd${n}-update:
-       bgpd -nv -f /dev/stdin < ${.CURDIR}/bgpd.conf.${n}.in | \
-           sed 's/router-id .*/router-id 127.0.0.1/' > \
-           ${.CURDIR}/bgpd.conf.${n}.ok
-.endfor
-
-config: bgpd-example bgpd-printconf ${BGPD_TARGETS}
-bgpd-update: ${BGPD_UPDATES}
-
-# check that the example configuration file we ship is ok
-bgpd-example:
-       bgpd -nf ${.CURDIR}/../../../etc/examples/bgpd.conf
-
-# check that the output of bgpd -nvv is parseable
-bgpd-printconf:
-       bgpd -nvf ${.CURDIR}/bgpd.conf.printconf | \
-           bgpd -nf /dev/stdin
-
-clean:
-       rm -f bgpd.conf.printconf.test
-
-.include <bsd.regress.mk>
+.include <bsd.subdir.mk>

diff --git a/regress/usr.sbin/bgpd/bgpd.conf.1.in b/regress/usr.sbin/bgpd/bgpd.conf.1.in
deleted file mode 100644 (file)
index 6806b1f..0000000
--- a/regress/usr.sbin/bgpd/bgpd.conf.1.in
+++ /dev/null
@@ -1,4 +0,0 @@
-# $OpenBSD: bgpd.conf.1.in,v 1.1 2017/10/05 08:19:24 phessler Exp $
-# Only test the bare minimum configuration
-
-AS 1

diff --git a/regress/usr.sbin/bgpd/bgpd.conf.1.ok b/regress/usr.sbin/bgpd/bgpd.conf.1.ok
deleted file mode 100644 (file)
index f341431..0000000
--- a/regress/usr.sbin/bgpd/bgpd.conf.1.ok
+++ /dev/null
@@ -1,13 +0,0 @@
-AS 1
-router-id 127.0.0.1
-socket "/var/run/bgpd.sock.0"
-holdtime min 3
-fib-priority 48
-
-
-rde rib Adj-RIB-In no evaluate
-rde rib Adj-RIB-Out no evaluate
-rde rib Loc-RIB rtable 0 fib-update yes
-
-
-

diff --git a/regress/usr.sbin/bgpd/bgpd.conf.2.in b/regress/usr.sbin/bgpd/bgpd.conf.2.in
deleted file mode 100644 (file)
index 9781468..0000000
--- a/regress/usr.sbin/bgpd/bgpd.conf.2.in
+++ /dev/null
@@ -1,12 +0,0 @@
-# $OpenBSD: bgpd.conf.2.in,v 1.1 2017/10/05 08:19:24 phessler Exp $
-# Test various community related filter parsing
-
-AS 1
-
-allow from any       community local-as:neighbor-as
-allow from any   ext-community rt 1:2
-allow from any   ext-community l2vid 192.0.2.1:2
-allow from any   ext-community ovs valid
-allow from any   ext-community ovs invalid
-allow from any   ext-community ovs not-found
-allow from any large-community local-as:neighbor-as:*

diff --git a/regress/usr.sbin/bgpd/bgpd.conf.2.ok b/regress/usr.sbin/bgpd/bgpd.conf.2.ok
deleted file mode 100644 (file)
index c8f94ff..0000000
--- a/regress/usr.sbin/bgpd/bgpd.conf.2.ok
+++ /dev/null
@@ -1,20 +0,0 @@
-AS 1
-router-id 127.0.0.1
-socket "/var/run/bgpd.sock.0"
-holdtime min 3
-fib-priority 48
-
-
-rde rib Adj-RIB-In no evaluate
-rde rib Adj-RIB-Out no evaluate
-rde rib Loc-RIB rtable 0 fib-update yes
-
-
-
-allow from any community local-as:neighbor-as 
-allow from any ext-community rt 1:2 
-allow from any ext-community l2vid 192.0.2.1:2 
-allow from any ext-community ovs valid 
-allow from any ext-community ovs invalid 
-allow from any ext-community ovs not-found 
-allow from any large-community local-as:neighbor-as:* 

diff --git a/regress/usr.sbin/bgpd/bgpd.conf.example.ok b/regress/usr.sbin/bgpd/bgpd.conf.example.ok
deleted file mode 100644 (file)
index b0e0705..0000000
--- a/regress/usr.sbin/bgpd/bgpd.conf.example.ok
+++ /dev/null
@@ -1,137 +0,0 @@
-ASN = "65001"
-peer1 = "10.1.0.2"
-peer2 = "10.1.0.3"
-AS 65001
-router-id 127.0.0.1
-socket "/var/run/bgpd.sock.0"
-holdtime min 3
-fib-priority 48
-
-
-rde rib Adj-RIB-In no evaluate
-rde rib Adj-RIB-Out no evaluate
-rde rib Loc-RIB rtable 0 fib-update yes
-
-prefix-set "mynetworks" { 192.0.2.0/24  }
-
-
-neighbor 10.2.1.1 {
-       remote-as 65023
-       local-address 10.0.0.8
-       enforce neighbor-as yes
-       enforce local-as yes
-       ipsec esp in spi 1010 sha1 XXXXXX aes XXXXXX
-       ipsec esp out spi 1012 sha1 XXXXXX aes XXXXXX
-       announce IPv4 unicast
-}
-neighbor 10.0.0.0/24 {
-       descr "template for local peers"
-       enforce neighbor-as no
-       enforce local-as yes
-       announce IPv4 unicast
-}
-neighbor 10.0.2.0 {
-       descr "upstream2"
-       remote-as 65004
-       local-address 10.0.0.8
-       enforce neighbor-as yes
-       enforce local-as yes
-       ipsec ah ike
-       announce IPv4 unicast
-}
-neighbor 10.0.1.0 {
-       descr "upstream"
-       remote-as 65003
-       multihop 2
-       passive
-       local-address 10.0.0.8
-       holdtime 180
-       holdtime min 3
-       export none
-       enforce neighbor-as yes
-       enforce local-as yes
-       tcp md5sig
-       announce IPv4 unicast
-}
-group "peering AS65002" {
-       neighbor 10.1.0.2 {
-               descr "AS 65001 peer 1"
-               remote-as 65002
-               enforce neighbor-as yes
-               enforce local-as yes
-               tcp md5sig
-               announce IPv4 unicast
-       }
-       neighbor 10.1.0.3 {
-               descr "AS 65001 peer 2"
-               remote-as 65002
-               local-address 10.0.0.8
-               enforce neighbor-as yes
-               enforce local-as yes
-               ipsec esp ike
-               announce IPv4 unicast
-       }
-}
-
-group "peering AS65042" {
-       neighbor 10.2.0.2 {
-               descr "peering AS 65042"
-               remote-as 65042
-               local-address 10.0.0.8
-               enforce neighbor-as yes
-               enforce local-as yes
-               ipsec ah ike
-               announce IPv4 unicast
-       }
-       neighbor 10.2.0.1 {
-               descr "peering AS 65042"
-               remote-as 65042
-               local-address 10.0.0.8
-               enforce neighbor-as yes
-               enforce local-as yes
-               ipsec ah ike
-               announce IPv4 unicast
-       }
-}
-
-
-allow from ibgp 
-allow from any prefix 0.0.0.0/0 prefixlen 8 - 24 
-allow from any prefix ::/0 prefixlen 16 - 48 
-match from any community 65535:0 set { localpref 0 }
-allow from any prefix 23.128.0.0/10 prefixlen 24 - 28 
-deny from any prefix 0.0.0.0/8 prefixlen >= 8 
-deny from any prefix 10.0.0.0/8 prefixlen >= 8 
-deny from any prefix 100.64.0.0/10 prefixlen >= 10 
-deny from any prefix 127.0.0.0/8 prefixlen >= 8 
-deny from any prefix 169.254.0.0/16 prefixlen >= 16 
-deny from any prefix 172.16.0.0/12 prefixlen >= 12 
-deny from any prefix 192.0.2.0/24 prefixlen >= 24 
-deny from any prefix 192.88.99.0/24 prefixlen >= 24 
-deny from any prefix 192.168.0.0/16 prefixlen >= 16 
-deny from any prefix 198.18.0.0/15 prefixlen >= 15 
-deny from any prefix 198.51.100.0/24 prefixlen >= 24 
-deny from any prefix 203.0.113.0/24 prefixlen >= 24 
-deny from any prefix 224.0.0.0/4 prefixlen >= 4 
-deny from any prefix 240.0.0.0/4 prefixlen >= 4 
-deny from any prefix ::/8 prefixlen >= 8 
-deny from any prefix 100::/64 prefixlen >= 64 
-deny from any prefix 2001:2::/48 prefixlen >= 48 
-deny from any prefix 2001:10::/28 prefixlen >= 28 
-deny from any prefix 2001:db8::/32 prefixlen >= 32 
-deny from any prefix 2002::/16 prefixlen >= 16 
-deny from any prefix 3ffe::/16 prefixlen >= 16 
-deny from any prefix fc00::/7 prefixlen >= 7 
-deny from any prefix fe80::/10 prefixlen >= 10 
-deny from any prefix fec0::/10 prefixlen >= 10 
-deny from any prefix ff00::/8 prefixlen >= 8 
-deny from any AS 23456 
-deny from any AS 64496 - 64511 
-deny from any AS 64512 - 65534 
-deny from any AS 65535 
-deny from any AS 65536 - 65551 
-deny from any AS 65552 - 131071 
-deny from any AS 4200000000 - 4294967294 
-deny from any AS 4294967295 
-allow to ibgp 
-allow to ebgp prefix-set "mynetworks" large-community 65001:1:1 

diff --git a/regress/usr.sbin/bgpd/bgpd.conf.printconf b/regress/usr.sbin/bgpd/bgpd.conf.printconf
deleted file mode 100644 (file)
index f02a136..0000000
--- a/regress/usr.sbin/bgpd/bgpd.conf.printconf
+++ /dev/null
@@ -1,91 +0,0 @@
-ASN = "65001"
-AS 65001
-router-id 127.0.0.1
-socket "/var/run/bgpd.sock.0"
-holdtime min 3
-fib-priority 48
-network 192.0.2.0/24 set { large-community 65001:1:1  }
-network 2001:db8:abcd::/48 set { large-community 65001:1:1  }
-
-
-rde rib Adj-RIB-In no evaluate
-rde rib Adj-RIB-Out no evaluate
-rde rib Loc-RIB rtable 0 fib-update yes
-
-prefix-set "mynetworks" { 2001:db8:abcd::/48 192.0.2.0/24  }
-prefix-set "mynetworks_orlonger" { 2001:db8:abcd::/48 or-longer 192.0.2.0/24 or-longer  }
-prefix-set "bogons" { ff00::/8 or-longer fec0::/10 or-longer fe80::/10 or-longer fc00::/7 or-longer 3ffe::/16 or-longer 2002::/16 or-longer 2001:db8::/32 or-longer 2001:10::/28 or-longer 2001:2::/48 or-longer 100::/64 or-longer ::/8 or-longer 240.0.0.0/4 or-longer 224.0.0.0/4 or-longer 203.0.113.0/24 or-longer 198.51.100.0/24 or-longer 198.18.0.0/15 or-longer 192.168.0.0/16 or-longer 192.88.99.0/24 or-longer 192.0.2.0/24 or-longer 172.16.0.0/12 or-longer 169.254.0.0/16 or-longer 127.0.0.0/8 or-longer 100.64.0.0/10 or-longer 10.0.0.0/8 or-longer 0.0.0.0/8 or-longer  }
-
-
-group "ibgp mesh v4" {
-       neighbor 192.0.2.3 {
-               remote-as 65001
-               local-address 192.0.2.1
-               enforce neighbor-as no
-               enforce local-as yes
-               announce IPv4 unicast
-       }
-       neighbor 192.0.2.2 {
-               remote-as 65001
-               local-address 192.0.2.1
-               enforce neighbor-as no
-               enforce local-as yes
-               announce IPv4 unicast
-       }
-}
-
-group "ibgp mesh v6" {
-       neighbor 2001:db8:abcd::3 {
-               remote-as 65001
-               local-address 2001:db8:abcd::1
-               enforce neighbor-as no
-               enforce local-as yes
-               announce IPv6 unicast
-       }
-       neighbor 2001:db8:abcd::2 {
-               remote-as 65001
-               local-address 2001:db8:abcd::1
-               enforce neighbor-as no
-               enforce local-as yes
-               announce IPv6 unicast
-       }
-}
-
-group "upstreams" {
-       neighbor 198.51.100.0 {
-               descr "IPv4 Transit provider B"
-               remote-as 65123
-               enforce neighbor-as yes
-               enforce local-as yes
-               announce IPv4 unicast
-       }
-       neighbor 203.0.113.1 {
-               descr "IPv4 Transit Provider A"
-               remote-as 65002
-               enforce neighbor-as yes
-               enforce local-as yes
-               announce IPv4 unicast
-       }
-       neighbor 2001:db8:666::2 {
-               descr "IPv6 Transit provider B"
-               remote-as 65123
-               enforce neighbor-as yes
-               enforce local-as yes
-               announce IPv6 unicast
-       }
-}
-
-
-allow to ebgp prefix-set "mynetworks" large-community 65001:1:1 
-deny quick from ebgp prefix-set "mynetworks_orlonger" 
-allow from ibgp 
-allow to ibgp 
-match from ebgp set { community delete 65001:*  }
-match from ebgp set { large-community delete 65001:*:*  }
-allow from any prefix 0.0.0.0/0 prefixlen 8 - 24 
-allow from any prefix ::/0 prefixlen 16 - 48 
-match from any community 65535:0 set { localpref 0 }
-deny quick from any prefix-set "bogons" 
-deny quick from any AS 23456 
-deny quick from any AS 64496 - 131071 
-deny quick from any AS 4200000000 - 4294967295 

diff --git a/regress/usr.sbin/bgpd/config/Makefile b/regress/usr.sbin/bgpd/config/Makefile
new file mode 100644 (file)
index 0000000..adaac53
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/Makefile
@@ -0,0 +1,34 @@
+# $OpenBSD: Makefile,v 1.1 2018/09/07 08:38:35 claudio Exp $
+
+BGPDTESTS=1 2
+
+REGRESS_TARGETS = config
+
+.for n in ${BGPDTESTS}
+BGPD_TARGETS+=bgpd${n}
+BGPD_UPDATES+=bgpd${n}-update
+
+bgpd${n}:
+       bgpd -nv -f /dev/stdin < ${.CURDIR}/bgpd.conf.${n}.in | \
+           sed 's/router-id .*/router-id 127.0.0.1/' | \
+           diff -u ${.CURDIR}/bgpd.conf.${n}.ok /dev/stdin
+
+bgpd${n}-update:
+       bgpd -nv -f /dev/stdin < ${.CURDIR}/bgpd.conf.${n}.in | \
+           sed 's/router-id .*/router-id 127.0.0.1/' > \
+           ${.CURDIR}/bgpd.conf.${n}.ok
+.endfor
+
+config: bgpd-example bgpd-printconf ${BGPD_TARGETS}
+bgpd-update: ${BGPD_UPDATES}
+
+# check that the example configuration file we ship is ok
+bgpd-example:
+       bgpd -nf ${.CURDIR}/../../../../etc/examples/bgpd.conf
+
+# check that the output of bgpd -nvv is parseable
+bgpd-printconf:
+       bgpd -nvf ${.CURDIR}/bgpd.conf.printconf | \
+           bgpd -nf /dev/stdin
+
+.include <bsd.regress.mk>

diff --git a/regress/usr.sbin/bgpd/config/bgpd.conf.1.in b/regress/usr.sbin/bgpd/config/bgpd.conf.1.in
new file mode 100644 (file)
index 0000000..d4f0c29
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/bgpd.conf.1.in
@@ -0,0 +1,4 @@
+# $OpenBSD: bgpd.conf.1.in,v 1.1 2018/09/07 08:38:35 claudio Exp $
+# Only test the bare minimum configuration
+
+AS 1

diff --git a/regress/usr.sbin/bgpd/config/bgpd.conf.1.ok b/regress/usr.sbin/bgpd/config/bgpd.conf.1.ok
new file mode 100644 (file)
index 0000000..f341431
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/bgpd.conf.1.ok
@@ -0,0 +1,13 @@
+AS 1
+router-id 127.0.0.1
+socket "/var/run/bgpd.sock.0"
+holdtime min 3
+fib-priority 48
+
+
+rde rib Adj-RIB-In no evaluate
+rde rib Adj-RIB-Out no evaluate
+rde rib Loc-RIB rtable 0 fib-update yes
+
+
+

diff --git a/regress/usr.sbin/bgpd/config/bgpd.conf.2.in b/regress/usr.sbin/bgpd/config/bgpd.conf.2.in
new file mode 100644 (file)
index 0000000..c349315
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/bgpd.conf.2.in
@@ -0,0 +1,12 @@
+# $OpenBSD: bgpd.conf.2.in,v 1.1 2018/09/07 08:38:35 claudio Exp $
+# Test various community related filter parsing
+
+AS 1
+
+allow from any       community local-as:neighbor-as
+allow from any   ext-community rt 1:2
+allow from any   ext-community l2vid 192.0.2.1:2
+allow from any   ext-community ovs valid
+allow from any   ext-community ovs invalid
+allow from any   ext-community ovs not-found
+allow from any large-community local-as:neighbor-as:*

diff --git a/regress/usr.sbin/bgpd/config/bgpd.conf.2.ok b/regress/usr.sbin/bgpd/config/bgpd.conf.2.ok
new file mode 100644 (file)
index 0000000..c8f94ff
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/bgpd.conf.2.ok
@@ -0,0 +1,20 @@
+AS 1
+router-id 127.0.0.1
+socket "/var/run/bgpd.sock.0"
+holdtime min 3
+fib-priority 48
+
+
+rde rib Adj-RIB-In no evaluate
+rde rib Adj-RIB-Out no evaluate
+rde rib Loc-RIB rtable 0 fib-update yes
+
+
+
+allow from any community local-as:neighbor-as 
+allow from any ext-community rt 1:2 
+allow from any ext-community l2vid 192.0.2.1:2 
+allow from any ext-community ovs valid 
+allow from any ext-community ovs invalid 
+allow from any ext-community ovs not-found 
+allow from any large-community local-as:neighbor-as:* 

diff --git a/regress/usr.sbin/bgpd/config/bgpd.conf.example.ok b/regress/usr.sbin/bgpd/config/bgpd.conf.example.ok
new file mode 100644 (file)
index 0000000..b0e0705
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/bgpd.conf.example.ok
@@ -0,0 +1,137 @@
+ASN = "65001"
+peer1 = "10.1.0.2"
+peer2 = "10.1.0.3"
+AS 65001
+router-id 127.0.0.1
+socket "/var/run/bgpd.sock.0"
+holdtime min 3
+fib-priority 48
+
+
+rde rib Adj-RIB-In no evaluate
+rde rib Adj-RIB-Out no evaluate
+rde rib Loc-RIB rtable 0 fib-update yes
+
+prefix-set "mynetworks" { 192.0.2.0/24  }
+
+
+neighbor 10.2.1.1 {
+       remote-as 65023
+       local-address 10.0.0.8
+       enforce neighbor-as yes
+       enforce local-as yes
+       ipsec esp in spi 1010 sha1 XXXXXX aes XXXXXX
+       ipsec esp out spi 1012 sha1 XXXXXX aes XXXXXX
+       announce IPv4 unicast
+}
+neighbor 10.0.0.0/24 {
+       descr "template for local peers"
+       enforce neighbor-as no
+       enforce local-as yes
+       announce IPv4 unicast
+}
+neighbor 10.0.2.0 {
+       descr "upstream2"
+       remote-as 65004
+       local-address 10.0.0.8
+       enforce neighbor-as yes
+       enforce local-as yes
+       ipsec ah ike
+       announce IPv4 unicast
+}
+neighbor 10.0.1.0 {
+       descr "upstream"
+       remote-as 65003
+       multihop 2
+       passive
+       local-address 10.0.0.8
+       holdtime 180
+       holdtime min 3
+       export none
+       enforce neighbor-as yes
+       enforce local-as yes
+       tcp md5sig
+       announce IPv4 unicast
+}
+group "peering AS65002" {
+       neighbor 10.1.0.2 {
+               descr "AS 65001 peer 1"
+               remote-as 65002
+               enforce neighbor-as yes
+               enforce local-as yes
+               tcp md5sig
+               announce IPv4 unicast
+       }
+       neighbor 10.1.0.3 {
+               descr "AS 65001 peer 2"
+               remote-as 65002
+               local-address 10.0.0.8
+               enforce neighbor-as yes
+               enforce local-as yes
+               ipsec esp ike
+               announce IPv4 unicast
+       }
+}
+
+group "peering AS65042" {
+       neighbor 10.2.0.2 {
+               descr "peering AS 65042"
+               remote-as 65042
+               local-address 10.0.0.8
+               enforce neighbor-as yes
+               enforce local-as yes
+               ipsec ah ike
+               announce IPv4 unicast
+       }
+       neighbor 10.2.0.1 {
+               descr "peering AS 65042"
+               remote-as 65042
+               local-address 10.0.0.8
+               enforce neighbor-as yes
+               enforce local-as yes
+               ipsec ah ike
+               announce IPv4 unicast
+       }
+}
+
+
+allow from ibgp 
+allow from any prefix 0.0.0.0/0 prefixlen 8 - 24 
+allow from any prefix ::/0 prefixlen 16 - 48 
+match from any community 65535:0 set { localpref 0 }
+allow from any prefix 23.128.0.0/10 prefixlen 24 - 28 
+deny from any prefix 0.0.0.0/8 prefixlen >= 8 
+deny from any prefix 10.0.0.0/8 prefixlen >= 8 
+deny from any prefix 100.64.0.0/10 prefixlen >= 10 
+deny from any prefix 127.0.0.0/8 prefixlen >= 8 
+deny from any prefix 169.254.0.0/16 prefixlen >= 16 
+deny from any prefix 172.16.0.0/12 prefixlen >= 12 
+deny from any prefix 192.0.2.0/24 prefixlen >= 24 
+deny from any prefix 192.88.99.0/24 prefixlen >= 24 
+deny from any prefix 192.168.0.0/16 prefixlen >= 16 
+deny from any prefix 198.18.0.0/15 prefixlen >= 15 
+deny from any prefix 198.51.100.0/24 prefixlen >= 24 
+deny from any prefix 203.0.113.0/24 prefixlen >= 24 
+deny from any prefix 224.0.0.0/4 prefixlen >= 4 
+deny from any prefix 240.0.0.0/4 prefixlen >= 4 
+deny from any prefix ::/8 prefixlen >= 8 
+deny from any prefix 100::/64 prefixlen >= 64 
+deny from any prefix 2001:2::/48 prefixlen >= 48 
+deny from any prefix 2001:10::/28 prefixlen >= 28 
+deny from any prefix 2001:db8::/32 prefixlen >= 32 
+deny from any prefix 2002::/16 prefixlen >= 16 
+deny from any prefix 3ffe::/16 prefixlen >= 16 
+deny from any prefix fc00::/7 prefixlen >= 7 
+deny from any prefix fe80::/10 prefixlen >= 10 
+deny from any prefix fec0::/10 prefixlen >= 10 
+deny from any prefix ff00::/8 prefixlen >= 8 
+deny from any AS 23456 
+deny from any AS 64496 - 64511 
+deny from any AS 64512 - 65534 
+deny from any AS 65535 
+deny from any AS 65536 - 65551 
+deny from any AS 65552 - 131071 
+deny from any AS 4200000000 - 4294967294 
+deny from any AS 4294967295 
+allow to ibgp 
+allow to ebgp prefix-set "mynetworks" large-community 65001:1:1 

diff --git a/regress/usr.sbin/bgpd/config/bgpd.conf.printconf b/regress/usr.sbin/bgpd/config/bgpd.conf.printconf
new file mode 100644 (file)
index 0000000..f02a136
--- /dev/null
+++ b/regress/usr.sbin/bgpd/config/bgpd.conf.printconf
@@ -0,0 +1,91 @@
+ASN = "65001"
+AS 65001
+router-id 127.0.0.1
+socket "/var/run/bgpd.sock.0"
+holdtime min 3
+fib-priority 48
+network 192.0.2.0/24 set { large-community 65001:1:1  }
+network 2001:db8:abcd::/48 set { large-community 65001:1:1  }
+
+
+rde rib Adj-RIB-In no evaluate
+rde rib Adj-RIB-Out no evaluate
+rde rib Loc-RIB rtable 0 fib-update yes
+
+prefix-set "mynetworks" { 2001:db8:abcd::/48 192.0.2.0/24  }
+prefix-set "mynetworks_orlonger" { 2001:db8:abcd::/48 or-longer 192.0.2.0/24 or-longer  }
+prefix-set "bogons" { ff00::/8 or-longer fec0::/10 or-longer fe80::/10 or-longer fc00::/7 or-longer 3ffe::/16 or-longer 2002::/16 or-longer 2001:db8::/32 or-longer 2001:10::/28 or-longer 2001:2::/48 or-longer 100::/64 or-longer ::/8 or-longer 240.0.0.0/4 or-longer 224.0.0.0/4 or-longer 203.0.113.0/24 or-longer 198.51.100.0/24 or-longer 198.18.0.0/15 or-longer 192.168.0.0/16 or-longer 192.88.99.0/24 or-longer 192.0.2.0/24 or-longer 172.16.0.0/12 or-longer 169.254.0.0/16 or-longer 127.0.0.0/8 or-longer 100.64.0.0/10 or-longer 10.0.0.0/8 or-longer 0.0.0.0/8 or-longer  }
+
+
+group "ibgp mesh v4" {
+       neighbor 192.0.2.3 {
+               remote-as 65001
+               local-address 192.0.2.1
+               enforce neighbor-as no
+               enforce local-as yes
+               announce IPv4 unicast
+       }
+       neighbor 192.0.2.2 {
+               remote-as 65001
+               local-address 192.0.2.1
+               enforce neighbor-as no
+               enforce local-as yes
+               announce IPv4 unicast
+       }
+}
+
+group "ibgp mesh v6" {
+       neighbor 2001:db8:abcd::3 {
+               remote-as 65001
+               local-address 2001:db8:abcd::1
+               enforce neighbor-as no
+               enforce local-as yes
+               announce IPv6 unicast
+       }
+       neighbor 2001:db8:abcd::2 {
+               remote-as 65001
+               local-address 2001:db8:abcd::1
+               enforce neighbor-as no
+               enforce local-as yes
+               announce IPv6 unicast
+       }
+}
+
+group "upstreams" {
+       neighbor 198.51.100.0 {
+               descr "IPv4 Transit provider B"
+               remote-as 65123
+               enforce neighbor-as yes
+               enforce local-as yes
+               announce IPv4 unicast
+       }
+       neighbor 203.0.113.1 {
+               descr "IPv4 Transit Provider A"
+               remote-as 65002
+               enforce neighbor-as yes
+               enforce local-as yes
+               announce IPv4 unicast
+       }
+       neighbor 2001:db8:666::2 {
+               descr "IPv6 Transit provider B"
+               remote-as 65123
+               enforce neighbor-as yes
+               enforce local-as yes
+               announce IPv6 unicast
+       }
+}
+
+
+allow to ebgp prefix-set "mynetworks" large-community 65001:1:1 
+deny quick from ebgp prefix-set "mynetworks_orlonger" 
+allow from ibgp 
+allow to ibgp 
+match from ebgp set { community delete 65001:*  }
+match from ebgp set { large-community delete 65001:*:*  }
+allow from any prefix 0.0.0.0/0 prefixlen 8 - 24 
+allow from any prefix ::/0 prefixlen 16 - 48 
+match from any community 65535:0 set { localpref 0 }
+deny quick from any prefix-set "bogons" 
+deny quick from any AS 23456 
+deny quick from any AS 64496 - 131071 
+deny quick from any AS 4200000000 - 4294967295