[CI] Update router tests for new as112/bird2 and other improvements

Author: barryo

.env.ci

@@ -38,7 +38,7 @@ MAIL_MAILER=array
 
 QUEUE_CONNECTION=sync
 
-
+IXP_AS112_UI_ACTIVE=true
 
 # IP address and port of the first RPKI local cache:
 IXP_RPKI_RTR1_HOST=10.39.5.123

data/ci/ci_test_db.sql

@@ -325,7 +325,7 @@
                         {
                             "vlan_id": 1,
                             "ipv6": {
-                                "address": "2001:db8:1::8",
+                                "address": "2001:db8:1::b",
                                 "as_macro": "AS-IBIS",
                                 "routeserver": true,
                                 "mac_addresses": [],

data/ci/known-good/api-v4-member-export-1.0-unauth.json

@@ -3,7 +3,7 @@
 #
 # Do not edit this file, it will be overwritten.
 #
-# Generated: 2016-11-08 18:51:34
+# Generated: 2025-08-30 12:04:50
 #
 
 # For VLAN: Peering LAN 1 (Tag: 1, Database ID: 1)
@@ -122,3 +122,15 @@ protocol bgp pb_as1213_vli1_ipv4 {
 }
 
 
+protocol bgp pb_as65501_vli9_ipv4 {
+        description "AS65501 - SCIX Route Servers";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 10.1.0.8 as 65501;
+        import filter f_import_policy;
+        export where proto = "static_as112";
+        import limit 100000 action restart;
+        
+}
+
+

data/ci/known-good/ci-apiv4-as112-lan1-ipv4.conf

@@ -3,7 +3,7 @@
 #
 # Do not edit this file, it will be overwritten.
 #
-# Generated: 2016-11-08 18:51:42
+# Generated: 2025-08-30 12:05:11
 #
 
 # For VLAN: Peering LAN 1 (Tag: 1, Database ID: 1)
@@ -121,3 +121,15 @@ protocol bgp pb_as1213_vli1_ipv6 {
 }
 
 
+protocol bgp pb_as65501_vli9_ipv6 {
+        description "AS65501 - SCIX Route Servers";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 2001:db8:1::8 as 65501;
+        import filter f_import_policy;
+        export where proto = "static_as112";
+        import limit 100000 action restart;
+        
+}
+
+

data/ci/known-good/ci-apiv4-as112-lan1-ipv6.conf

@@ -3,7 +3,7 @@
 #
 # Do not edit this file, it will be overwritten.
 #
-# Generated: 2016-11-08 18:51:59
+# Generated: 2025-08-30 12:05:36
 #
 
 # For VLAN: Peering LAN 2 (Tag: 2, Database ID: 2)
@@ -98,3 +98,15 @@ protocol static static_as112 {
 
 
 
+protocol bgp pb_as1213_vli2_ipv4 {
+        description "AS1213 - HEAnet";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 10.2.0.11 as 1213;
+        import filter f_import_policy;
+        export where proto = "static_as112";
+        import limit 1000 action restart;
+        password "u5zSNJLAVT87RGXQ";
+}
+
+

data/ci/known-good/ci-apiv4-as112-lan2-ipv4.conf

@@ -3,7 +3,7 @@
 #
 # Do not edit this file, it will be overwritten.
 #
-# Generated: 2016-11-08 18:51:51
+# Generated: 2025-08-30 12:06:40
 #
 
 # For VLAN: Peering LAN 2 (Tag: 2, Database ID: 2)
@@ -109,3 +109,15 @@ protocol static static_as112 {
 
 
 
+protocol bgp pb_as1213_vli2_ipv6 {
+        description "AS1213 - HEAnet";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 2001:db8:2::11 as 1213;
+        import filter f_import_policy;
+        export where proto = "static_as112";
+        import limit 1000 action restart;
+        password "u5zSNJLAVT87RGXQ";
+}
+
+

data/ci/known-good/ci-apiv4-as112-lan2-ipv6.conf

@@ -0,0 +1,201 @@
+#
+# Bird AS112 configuration generated by IXP Manager
+#
+# Do not edit this file, it will be overwritten.
+#
+# Generated: 2025-08-30 11:54:58
+#
+
+# For VLAN: Peering LAN 1 (Tag: 1, Database ID: 1)
+
+# standardise time formats:
+timeformat base         iso long;
+timeformat log          iso long;
+timeformat protocol     iso long;
+timeformat route        iso long;
+
+
+log "/var/log/bird/b2-as112-lan1-ipv4.log" all;
+log syslog name "bird-b2-as112-lan1-ipv4" all;
+
+define routerasn     = 112;
+define routeraddress = 192.0.2.6;
+
+router id 192.0.2.6;
+
+protocol kernel {
+    ipv4 {
+        export all;
+    };
+    scan time 60;
+}
+
+protocol device {
+    scan time 10;
+}
+
+# These function excludes weird networks
+#  rfc1918, class D, class E, too long and too short prefixes
+function avoid_martians() -> bool
+prefix set martians;
+{
+    
+        martians = [
+            0.0.0.0/32-,            # rfc5735 Special Use IPv4 Addresses
+            0.0.0.0/0{25,32},       # Filter small prefixes
+            0.0.0.0/0{0,7},         # rfc1122 Requirements for Internet Hosts -- Communication Layers 3.2.1.3
+            10.0.0.0/8+,            # rfc1918 Address Allocation for Private Internets
+            100.64.0.0/10+,         # rfc6598 IANA-Reserved IPv4 Prefix for Shared Address Space
+            127.0.0.0/8+,           # rfc1122 Requirements for Internet Hosts -- Communication Layers 3.2.1.3
+            169.254.0.0/16+,        # rfc3927 Dynamic Configuration of IPv4 Link-Local Addresses
+            172.16.0.0/12+,         # rfc1918 Address Allocation for Private Internets
+            192.0.0.0/24+,          # rfc6890 Special-Purpose Address Registries
+            192.0.2.0/24+,          # rfc5737 IPv4 Address Blocks Reserved for Documentation
+            192.168.0.0/16+,        # rfc1918 Address Allocation for Private Internets
+            198.18.0.0/15+,         # rfc2544 Benchmarking Methodology for Network Interconnect Devices
+            198.51.100.0/24+,       # rfc5737 IPv4 Address Blocks Reserved for Documentation
+            203.0.113.0/24+,        # rfc5737 IPv4 Address Blocks Reserved for Documentation
+            224.0.0.0/4+,           # rfc1112 Host Extensions for IP Multicasting
+            240.0.0.0/4+            # rfc6890 Special-Purpose Address Registries
+        ];
+
+    
+    # Avoid RFC1918 and similar networks
+    if ( net ~ martians ) then {
+        return false;
+    }
+
+    return true;
+}
+
+
+# This protocol defines the routes we want to export for AS112
+
+protocol static static_as112 {
+
+
+    ipv4;
+    route 192.175.48.0/24 blackhole;
+    route 192.31.196.0/24 blackhole;
+
+
+}
+
+##
+## AS112 client configuration
+##
+
+
+
+########################################################################################
+########################################################################################
+#
+# RPKI protocol configuration
+#
+########################################################################################
+########################################################################################
+
+
+roa4 table t_roa;
+
+protocol rpki rpki1 {
+
+    roa4 { table t_roa; };
+
+    remote "10.39.5.123" port 3323;
+
+    retry keep 90;
+    refresh keep 900;
+    expire keep 172800;
+}
+
+    
+protocol rpki rpki2 {
+
+    roa4 { table t_roa; };
+
+    remote "10.39.5.124" port 3323;
+
+    retry keep 90;
+    refresh keep 900;
+    expire keep 172800;
+}
+
+    
+
+
+
+function fn_import ( int remote_as )
+{
+    if !(avoid_martians()) then {
+        return false;
+    }
+
+    # Belt and braces: must have at least one ASN in the path
+    if( bgp_path.len < 1 ) then {
+        return false;
+    }
+
+    # Belt and braces: no one needs an ASN path with > 64 hops, that's just broken
+    if( bgp_path.len > 64 ) then {
+        return false;
+    }
+
+    
+    # RPKI check
+    if( roa_check( t_roa, net, bgp_path.last_nonaggregated ) = ROA_INVALID ) then {
+        return false;
+    } else if( roa_check( t_roa, net, bgp_path.last_nonaggregated ) = ROA_VALID ) then {
+        return true;
+    }
+
+    
+    return true;
+}
+
+
+protocol bgp pb_as42_vli3_ipv4 {
+        description "AS42 - PCH DNS";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 10.1.0.36 as 42;
+        strict bind yes;
+        ipv4 {
+            import where fn_import( 42 );
+            import limit 2000 action restart;
+            export where proto = "static_as112";
+        };
+        
+}
+
+
+protocol bgp pb_as1213_vli1_ipv4 {
+        description "AS1213 - HEAnet";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 10.1.0.10 as 1213;
+        strict bind yes;
+        ipv4 {
+            import where fn_import( 1213 );
+            import limit 1000 action restart;
+            export where proto = "static_as112";
+        };
+        
+}
+
+
+protocol bgp pb_as65501_vli9_ipv4 {
+        description "AS65501 - SCIX Route Servers";
+        local as routerasn;
+        source address routeraddress;
+        neighbor 10.1.0.8 as 65501;
+        strict bind yes;
+        ipv4 {
+            # peer is route server at own IXP => prefixes already validated by route server
+            import all;
+            export where proto = "static_as112";
+        };
+        
+}
+
+