[MediaWiki-commits] [Gerrit] operations...pybal[master]: Allow BGP socket to listen on specific IPs only

Wed, 09 Aug 2017 13:02:04 -0700 

Mark Bergsma has uploaded a new change for review. ( 
https://gerrit.wikimedia.org/r/370894 )

Change subject: Allow BGP socket to listen on specific IPs only
......................................................................

Allow BGP socket to listen on specific IPs only

Adds a global config option bgp_local_ips (default empty: all IPv4 and
all IPv6 IPs) which takes a set of IPs for BGP to bind to.

Error handling has been altered to log a critical message and raise
an exception if pybal fails to bind to one of the IP addresses,
instead of ignoring it.

Bug: T103882
Change-Id: I0e4a1cae515602eea8ab07bffb61b9009d5a995a
---
M pybal/bgpfailover.py
1 file changed, 15 insertions(+), 5 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/operations/debs/pybal 
refs/changes/94/370894/1

diff --git a/pybal/bgpfailover.py b/pybal/bgpfailover.py
index 5392bcb..f63b274 100755
--- a/pybal/bgpfailover.py
+++ b/pybal/bgpfailover.py
@@ -67,11 +67,21 @@
         else:
             BGPFailover.peerings.append(self.bgpPeering)
             reactor.addSystemEventTrigger('before', 'shutdown', 
self.closeSession, self.bgpPeering)
-            try:
-                # Try to listen on the BGP port, not fatal if fails
-                reactor.listenTCP(bgp.PORT, 
bgp.BGPServerFactory({self.bgpPeering.peerAddr: self.bgpPeering}))
-            except Exception:
-                pass
+
+            # Bind on the IPs listed in 'bgp_local_ips'. Default to
+            # localhost v4 and v6 if no IPs have been specified in the
+            # configuration.
+            bgp_local_ips = eval(configdict.get('bgp_local_ips', '["", ""]'))
+            # Try to listen on the BGP port, not fatal if fails
+            for ip in bgp_local_ips:
+                try:
+                    reactor.listenTCP(
+                        bgp.PORT,
+                        bgp.BGPServerFactory({self.bgpPeering.peerAddr: 
self.bgpPeering}),
+                        interface=ip)
+                except CannotListenError:
+                    log.critical("Could not listen for BGP connections on ip " 
+ ip)
+                    raise
 
     def closeSession(self, peering):
         log.info("Clearing session to {}".format(peering.peerAddr))

-- 
To view, visit https://gerrit.wikimedia.org/r/370894
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I0e4a1cae515602eea8ab07bffb61b9009d5a995a
Gerrit-PatchSet: 1
Gerrit-Project: operations/debs/pybal
Gerrit-Branch: master
Gerrit-Owner: Mark Bergsma <m...@wikimedia.org>

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to