diff options
Diffstat (limited to 'data')
-rw-r--r-- | data/configd-include.json | 3 | ||||
-rw-r--r-- | data/templates/frr/bgpd.frr.j2 | 8 | ||||
-rw-r--r-- | data/templates/frr/policy.frr.j2 | 4 | ||||
-rw-r--r-- | data/templates/frr/static_routes_macro.j2 | 7 | ||||
-rw-r--r-- | data/templates/frr/staticd.frr.j2 | 2 | ||||
-rw-r--r-- | data/templates/frr/zebra.vrf.route-map.frr.j2 | 8 | ||||
-rw-r--r-- | data/templates/load-balancing/wlb.conf.j2 | 130 | ||||
-rw-r--r-- | data/templates/openvpn/server.conf.j2 | 2 |
8 files changed, 155 insertions, 9 deletions
diff --git a/data/configd-include.json b/data/configd-include.json index 2f1d39006..456211caa 100644 --- a/data/configd-include.json +++ b/data/configd-include.json @@ -85,5 +85,6 @@ "vpn_l2tp.py", "vpn_pptp.py", "vpn_sstp.py", -"vrf.py" +"vrf.py", +"vrf_vni.py" ] diff --git a/data/templates/frr/bgpd.frr.j2 b/data/templates/frr/bgpd.frr.j2 index b749be93f..7bd9efdce 100644 --- a/data/templates/frr/bgpd.frr.j2 +++ b/data/templates/frr/bgpd.frr.j2 @@ -419,16 +419,18 @@ router bgp {{ system_as }} {{ 'vrf ' ~ vrf if vrf is vyos_defined }} rd {{ vni_config.rd }} {% endif %} {% if vni_config.route_target.both is vyos_defined %} - route-target both {{ vni_config.route_target.both }} +{% for route_target in vni_config.route_target.both %} + route-target both {{ route_target }} +{% endfor %} {% endif %} {% if vni_config.route_target.export is vyos_defined %} {% for route_target in vni_config.route_target.export %} - route-target export {{ route_target }} + route-target export {{ route_target }} {% endfor %} {% endif %} {% if vni_config.route_target.import is vyos_defined %} {% for route_target in vni_config.route_target.import %} - route-target import {{ route_target }} + route-target import {{ route_target }} {% endfor %} {% endif %} exit-vni diff --git a/data/templates/frr/policy.frr.j2 b/data/templates/frr/policy.frr.j2 index 9b5e80aed..ed5876ae9 100644 --- a/data/templates/frr/policy.frr.j2 +++ b/data/templates/frr/policy.frr.j2 @@ -245,6 +245,10 @@ route-map {{ route_map }} {{ rule_config.action }} {{ rule }} {% if rule_config.match.peer is vyos_defined %} match peer {{ rule_config.match.peer }} {% endif %} +{% if rule_config.match.protocol is vyos_defined %} +{% set source_protocol = 'ospf6' if rule_config.match.protocol == 'ospfv3' else rule_config.match.protocol %} + match source-protocol {{ source_protocol }} +{% endif %} {% if rule_config.match.rpki is vyos_defined %} match rpki {{ rule_config.match.rpki }} {% endif %} diff --git a/data/templates/frr/static_routes_macro.j2 b/data/templates/frr/static_routes_macro.j2 index 1c64ac58b..8afd4a68a 100644 --- a/data/templates/frr/static_routes_macro.j2 +++ b/data/templates/frr/static_routes_macro.j2 @@ -18,7 +18,12 @@ {% endif %} {% if prefix_config.next_hop is vyos_defined and prefix_config.next_hop is not none %} {% for next_hop, next_hop_config in prefix_config.next_hop.items() if next_hop_config.disable is not defined %} -{{ ip_ipv6 }} route {{ prefix }} {{ next_hop }} {{ next_hop_config.interface if next_hop_config.interface is vyos_defined }} {{ next_hop_config.distance if next_hop_config.distance is vyos_defined }} {{ 'nexthop-vrf ' ~ next_hop_config.vrf if next_hop_config.vrf is vyos_defined }} {{ 'table ' ~ table if table is vyos_defined }} +{{ ip_ipv6 }} route {{ prefix }} {{ next_hop }} {{ next_hop_config.interface if next_hop_config.interface is vyos_defined }} {{ next_hop_config.distance if next_hop_config.distance is vyos_defined }} {{ 'nexthop-vrf ' ~ next_hop_config.vrf if next_hop_config.vrf is vyos_defined }} {{ 'bfd profile ' ~ next_hop_config.bfd.profile if next_hop_config.bfd.profile is vyos_defined }} {{ 'table ' ~ table if table is vyos_defined }} +{% if next_hop_config.bfd.multi_hop.source is vyos_defined %} +{% for source, source_config in next_hop_config.bfd.multi_hop.source.items() %} +{{ ip_ipv6 }} route {{ prefix }} {{ next_hop }} bfd multi-hop source {{ source }} profile {{ source_config.profile }} +{% endfor %} +{% endif %} {% endfor %} {% endif %} {% endmacro %} diff --git a/data/templates/frr/staticd.frr.j2 b/data/templates/frr/staticd.frr.j2 index 55c05ceb7..992a0435c 100644 --- a/data/templates/frr/staticd.frr.j2 +++ b/data/templates/frr/staticd.frr.j2 @@ -37,7 +37,7 @@ vrf {{ vrf }} {% endfor %} {% endif %} {% if vrf is vyos_defined %} - exit-vrf +exit-vrf {% endif %} ! {# Policy route tables #} diff --git a/data/templates/frr/zebra.vrf.route-map.frr.j2 b/data/templates/frr/zebra.vrf.route-map.frr.j2 index eb6abd8e7..4e1206374 100644 --- a/data/templates/frr/zebra.vrf.route-map.frr.j2 +++ b/data/templates/frr/zebra.vrf.route-map.frr.j2 @@ -1,6 +1,10 @@ ! {% if name is vyos_defined %} {% for vrf, vrf_config in name.items() %} +{# code path required for vrf_vni.py as we will only render the required VR configuration and not all of them #} +{% if only_vrf is vyos_defined and vrf is not vyos_defined(only_vrf) %} +{% continue %} +{% endif %} vrf {{ vrf }} {% if vrf_config.ip.protocol is vyos_defined %} {% for protocol_name, protocol_config in vrf_config.ip.protocol.items() %} @@ -15,10 +19,10 @@ vrf {{ vrf }} ipv6 protocol {{ protocol_name }} route-map {{ protocol_config.route_map }} {% endfor %} {% endif %} -{% if vrf_config.vni is vyos_defined %} +{% if vrf_config.vni is vyos_defined and no_vni is not vyos_defined %} vni {{ vrf_config.vni }} {% endif %} +exit-vrf {% endfor %} - exit-vrf ! {% endif %} diff --git a/data/templates/load-balancing/wlb.conf.j2 b/data/templates/load-balancing/wlb.conf.j2 new file mode 100644 index 000000000..d3326b6b8 --- /dev/null +++ b/data/templates/load-balancing/wlb.conf.j2 @@ -0,0 +1,130 @@ +# Generated by /usr/libexec/vyos/conf_mode/load-balancing-wan.py + +{% if disable_source_nat is vyos_defined %} +disable-source-nat +{% endif %} +{% if enable_local_traffic is vyos_defined %} +enable-local-traffic +{% endif %} +{% if sticky_connections is vyos_defined %} +sticky-connections inbound +{% endif %} +{% if flush_connections is vyos_defined %} +flush-conntrack +{% endif %} +{% if hook is vyos_defined %} +hook "{{ hook }}" +{% endif %} +{% if interface_health is vyos_defined %} +health { +{% for interface, interface_config in interface_health.items() %} + interface {{ interface }} { +{% if interface_config.failure_count is vyos_defined %} + failure-ct {{ interface_config.failure_count }} +{% endif %} +{% if interface_config.success_count is vyos_defined %} + success-ct {{ interface_config.success_count }} +{% endif %} +{% if interface_config.nexthop is vyos_defined %} + nexthop {{ interface_config.nexthop }} +{% endif %} +{% if interface_config.test is vyos_defined %} +{% for test_rule, test_config in interface_config.test.items() %} + rule {{ test_rule }} { +{% if test_config.type is vyos_defined %} +{% set type_translate = {'ping': 'ping', 'ttl': 'udp', 'user-defined': 'user-defined'} %} + type {{ type_translate[test_config.type] }} { +{% if test_config.ttl_limit is vyos_defined and test_config.type == 'ttl' %} + ttl {{ test_config.ttl_limit }} +{% endif %} +{% if test_config.test_script is vyos_defined and test_config.type == 'user-defined' %} + test-script {{ test_config.test_script }} +{% endif %} +{% if test_config.target is vyos_defined %} + target {{ test_config.target }} +{% endif %} + resp-time {{ test_config.resp_time | int * 1000 }} + } +{% endif %} + } +{% endfor %} +{% endif %} + } +{% endfor %} +} +{% endif %} + +{% if rule is vyos_defined %} +{% for rule, rule_config in rule.items() %} +rule {{ rule }} { +{% if rule_config.exclude is vyos_defined %} + exclude +{% endif %} +{% if rule_config.failover is vyos_defined %} + failover +{% endif %} +{% if rule_config.limit is vyos_defined %} + limit { +{% if rule_config.limit.burst is vyos_defined %} + burst {{ rule_config.limit.burst }} +{% endif %} +{% if rule_config.limit.rate is vyos_defined %} + rate {{ rule_config.limit.rate }} +{% endif %} +{% if rule_config.limit.period is vyos_defined %} + period {{ rule_config.limit.period }} +{% endif %} +{% if rule_config.limit.threshold is vyos_defined %} + thresh {{ rule_config.limit.threshold }} +{% endif %} + } +{% endif %} +{% if rule_config.per_packet_balancing is vyos_defined %} + per-packet-balancing +{% endif %} +{% if rule_config.protocol is vyos_defined %} + protocol {{ rule_config.protocol }} +{% endif %} +{% if rule_config.destination is vyos_defined %} + destination { +{% if rule_config.destination.address is vyos_defined %} + address "{{ rule_config.destination.address }}" +{% endif %} +{% if rule_config.destination.port is vyos_defined %} +{% if '-' in rule_config.destination.port %} + port-ipt "-m multiport --dports {{ rule_config.destination.port | replace('-', ':') }}" +{% else %} + port-ipt " --dport {{ rule_config.destination.port }}" +{% endif %} +{% endif %} + } +{% endif %} +{% if rule_config.source is vyos_defined %} + source { +{% if rule_config.source.address is vyos_defined %} + address "{{ rule_config.source.address }}" +{% endif %} +{% if rule_config.source.port is vyos_defined %} +{% if '-' in rule_config.source.port %} + port-ipt "-m multiport --sports {{ rule_config.source.port | replace('-', ':') }}" +{% else %} + port.ipt " --sport {{ rule_config.source.port }}" +{% endif %} +{% endif %} + } +{% endif %} +{% if rule_config.inbound_interface is vyos_defined %} + inbound-interface {{ rule_config.inbound_interface }} +{% endif %} +{% if rule_config.interface is vyos_defined %} +{% for interface, interface_config in rule_config.interface.items() %} + interface {{ interface }} { +{% if interface_config.weight is vyos_defined %} + weight {{ interface_config.weight }} +{% endif %} + } +{% endfor %} +{% endif %} +} +{% endfor %} +{% endif %} diff --git a/data/templates/openvpn/server.conf.j2 b/data/templates/openvpn/server.conf.j2 index af866f2a6..6332ed9c2 100644 --- a/data/templates/openvpn/server.conf.j2 +++ b/data/templates/openvpn/server.conf.j2 @@ -98,7 +98,7 @@ server-ipv6 {{ subnet }} {% endif %} {% if server.client_ip_pool is vyos_defined and server.client_ip_pool.disable is not vyos_defined %} -ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }}{{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is vyos_defined }} +ifconfig-pool {{ server.client_ip_pool.start }} {{ server.client_ip_pool.stop }} {{ server.client_ip_pool.subnet_mask if server.client_ip_pool.subnet_mask is vyos_defined }} {% endif %} {% if server.max_connections is vyos_defined %} max-clients {{ server.max_connections }} |