summaryrefslogtreecommitdiff
path: root/src/conf_mode/protocols_bgp.py
AgeCommit message (Collapse)Author
2024-05-01Merge pull request #3392 from c-po/bgp-evpn-T6189Christian Breunig
bgp: T6189: L3VPN connectivity is broken after re-enabling VRF
2024-05-01bgp: T6189: explicitly call vtysh to remove VRF L3VNI configurationChristian Breunig
After e7bb65894 ("vrf: T6189: render FRR L3VNI configuration when creating VRF instance") we need to ensure that the VRF L3VNI configuration is removed in FRR prior to removing the BGP VRF instance. The reason is [1] where FRR only allows VRF BGP instance to be removed when there is NO VNI configured anymore. 1: https://github.com/FRRouting/frr/blob/064c3494527b9e84260410006768ed38e57e1de7/bgpd/bgp_vty.c#L1646-L1650
2024-04-24T5833: Not all AFIs compatible with VRF add verify checkViacheslav Hletenko
Not all FRR address-families compatibe with VRF ``` r4# conf t r4(config)# router bgp 65001 vrf bgp r4(config-router)# r4(config-router)# address-family ipv4 flowspec Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 labeled-unicast Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# r4(config-router)# address-family ipv4 vpn Only Unicast/Multicast/EVPN SAFIs supported in non-core instances. r4(config-router)# ``` Add verify AFI for VRF
2024-04-04bgp: T5943: BGP Peer-group members must be all internal or all externalkhramshinr
2024-03-29bgp: T6106: Valid commit error for route-reflector-client option defined in ↵khramshinr
peer-group changed exception condition Improved route_reflector_client test
2024-03-26bgp: T6106: fix test and verify()khramshinr
2024-02-01bgp: T5930: Denied using rt vpn 'export/import' with 'both' togetheraapostoliuk
Denied using command 'route-target vpn export/import' with 'both' together in bgp configuration.
2024-01-16bgp: T5937: fix migration script for IPv6 AFI peer-groupChristian Breunig
Migrate "bgp <ASN> neighbor <NEIGH> address-family ipv6-unicast peer-group" to "bgp neighbor <NEIGH> peer-group"
2024-01-14bgp: T591: add SRv6 per address-family SID supportChristian Breunig
set protocols bgp address-family ipv4-unicast sid vpn export <auto|1-1048575> set protocols bgp address-family ipv6-unicast sid vpn export <auto|1-1048575>
2024-01-12bgp: T5306: fix verify_remote_as() to support v6only interface with peer-groupChristian Breunig
To test: set protocols bgp neighbor eth0 interface v6only peer-group 'fabric' set protocols bgp peer-group fabric address-family ipv4-unicast set protocols bgp peer-group fabric address-family ipv6-unicast set protocols bgp peer-group fabric capability extended-nexthop set protocols bgp peer-group fabric remote-as 'external' set protocols bgp system-as 64496
2023-12-14T5823: Add recursive_defaults for BGP get_config dictionaryViacheslav Hletenko
Add recursive_defaults values for BGP "get_config" dictionary.
2023-12-14T4163: Add BGP Monitoring Protocol BMP featureViacheslav Hletenko
Add BMP feature. BMP (BGP Monitoring Protocol, RFC 7854) is used to send monitoring data from BGP routers to network management entities https://docs.frrouting.org/en/latest/bmp.html Example: set system frr bmp commit run restart bgp set protocols bgp system-as '65001' set protocols bgp neighbor 192.0.2.11 address-family ipv4-unicast set protocols bgp neighbor 192.0.2.11 remote-as '65001' set protocols bgp bmp mirror-buffer-limit '256000000' set protocols bgp bmp target foo address '127.0.0.1' set protocols bgp bmp target foo port '5000' set protocols bgp bmp target foo min-retry '1000' set protocols bgp bmp target foo max-retry '2000' set protocols bgp bmp target foo mirror set protocols bgp bmp target foo monitor ipv4-unicast post-policy set protocols bgp bmp target foo monitor ipv4-unicast pre-policy set protocols bgp bmp target foo monitor ipv6-unicast post-policy set protocols bgp bmp target foo monitor ipv6-unicast pre-policy
2023-12-11bgp: T591: add SRv6 support from FRRChristian Breunig
set protocols bgp sid vpn per-vrf export '99' set protocols bgp srv6 locator 'foo' set protocols bgp system-as '100' Will generate in FRR config router bgp 100 no bgp ebgp-requires-policy no bgp default ipv4-unicast no bgp network import-check ! segment-routing srv6 locator foo exit sid vpn per-vrf export 99 exit
2023-08-06T5195: move helpers from vyos.validate to vyos.utils packageChristian Breunig
2023-07-27T5127: vpnv4/vpnv6 : warning for router-idsrividya0208
2023-07-20bgp: T5328: Fixed verifying peer without AFI.aapostoliuk
Fixed verifying peer without AFI, if the peer is interface.
2023-07-14T5195: vyos.util -> vyos.utils package refactoring (#2093)Christian Breunig
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process * T5195: use read_file and write_file implementation from vyos.utils.file Changed code automatically using: find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} + find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} + * T5195: move chmod* helpers to vyos.utils.permission * T5195: use colon_separated_to_dict from vyos.utils.dict * T5195: move is_systemd_service_* to vyos.utils.process * T5195: fix boot issues with missing imports * T5195: move dict_search_* helpers to vyos.utils.dict * T5195: move network helpers to vyos.utils.network * T5195: move commit_* helpers to vyos.utils.commit * T5195: move user I/O helpers to vyos.utils.io
2023-07-14bgp: T5338: bugfix MPLS VRF error handlingChristian Breunig
Commit 6e621e42f ("bgp: T5338: simplify XML and code handling") hat a wrong if branch when handling the check if an interface belongs to the proper VRF when MPLS forwarding is used. This has been fixed.
2023-07-12bgp: T5338: simplify XML and code handlingChristian Breunig
2023-07-11bgp: T5338: Added 'protocols bgp interface <int> mpls forwarding' featureaapostoliuk
Added 'protocols bgp interface <int> mpls forwarding' feature. It is possible to permit BGP install VPN prefixes without transport labels. This configuration will install VPN prefixes originated from an e-bgp session, and with the next-hop directly connected.
2023-04-27bgp: T5010: add verify() for L2VPN EVPN route-distinguisher and route-targetChristian Breunig
Without the change users might get confused as the setting is specified on the VyOS CLI but never makes it to FRR due to an internal FRR check.
2023-04-26bgp: T5181: FRR can not tear down VRF isntance if l3vni is still configuredChristian Breunig
Add verify() section to check if l3vni was removed in addition to the BGP process under any given VRF.
2023-04-13T5150: do not apply zebra route-map from routing-daemon config levelChristian Breunig
2023-03-27bgp: T5114: support configuring TCP keepalive messagesChristian Breunig
2023-02-04T4817 added support for RFC 9234Kyle McClammy
2023-01-06T4877: Added more checks if "import vrf" is used in bgpaapostoliuk
1. Fixed: If rd and route-target are used in VRF, can not use "import vrf" in the same VRF in the same AFI/SAFI. 2. Fixed: If rd and route-target is used in VRF, this VRF can not be in the list of command "import vrf" in the same AFI/SAFI but in other VRFs. 3. Fixed: Do not allow to delete vrf if it is used in import list of other vrfs. 4. Added smoketests to check "import vrf" issues.
2022-10-12bgp: T4744: Directly connected neighbors and ebgp-multihop checkViacheslav Hletenko
BGP directly connected neighbors (interface neighbors) do not compatible with ebgp-multihop option
2022-08-05bgp: T4257: bugfixes after renaming "local-as" to "system-as"Christian Poessinger
2022-08-04Merge https://github.com/Cheeze-It/vyos-1x into currentChristian Poessinger
* https://github.com/Cheeze-It/vyos-1x: bgp: T4257: Changing BGP "local-as" to "system-as"
2022-07-30bgp: T4257: Changing BGP "local-as" to "system-as"Cheeze_It
bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor. bgp: T4257: Changing BGP "local-as" to "system-as" bgp: T4257: Changing BGP "local-as" to "system-as" This change is to change the global BGP name for the node "local-as" to "system-as" This is needed so that there's less ambiguity with the local-as feature per neighbor.
2022-07-25bgp: T4560: neighbor/peer-group local-as option is only allowed for eBGPChristian Poessinger
2022-07-18bgp: T4490: check peer-group for AFI/SAFI before issuing warningChristian Poessinger
Commit 6cffe2aa82 ("bgp: T4490: Add informational message for peer withour AFI") only checked if an address-family is configured under the neighbor statement. This is not enough as the AFI can also be specified via a peer-group. Add a new verify_afi() helper that checks both the neighbor and the assigned peer-group.
2022-07-01bgp: T4490: use common vyos.base.Warning() wrapperChristian Poessinger
2022-06-28bgp: T4490: Add informational message for peer withour AFIViacheslav Hletenko
As we don't use addresss-family ipv4-unicast by default we should to send informational message about AFI for peer is required
2022-05-06bgp: T4385: verify() peer-group in interface based neighborsChristian Poessinger
2022-04-21bgp: T4385: peer-group member cannot override remote-as of peer-groupChristian Poessinger
2022-04-18bgp: T4368: AS specified for local-as can not be the same as remote-asChristian Poessinger
2022-04-14frr: T4353: fix Jinja2 linting errorsChristian Poessinger
2022-04-01bgp: T4332: addpath-tx-per-as requires BGP deterministic-med paramtere to be setChristian Poessinger
2022-03-26bgp: T4321: check neighbor IP addresses against VRF contextChristian Poessinger
2022-03-13bgp: T4290: Add verify source-interface for none ip neighborViacheslav Hletenko
When we use neighbor as interface we must not use option 'source-interface' for example: neighbor eth0 source-interface eth0 Such option can be used for IP/IPv6 neighbors
2021-12-12bgp: T3967: add support for conditional advertisementChristian Poessinger
The BGP conditional advertisement feature uses the non-exist-map or the exist-map and the advertise-map keywords of the neighbor advertise-map command in order to track routes by the route prefix. non-exist-map ============= * If a route prefix is not present in the output of non-exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is present in the output of non-exist-map command, then do not advertise the route specified by the addvertise-map command. exist-map ========= * If a route prefix is present in the output of exist-map command, then advertise the route specified by the advertise-map command. * If a route prefix is not present in the output of exist-map command, then do not advertise the route specified by the advertise-map command. This feature is useful when some prefixes are advertised to one of its peers only if the information from the other peer is not present (due to failure in peering session or partial reachability etc). The conditional BGP announcements are sent in addition to the normal announcements that a BGP router sends to its peer. CLI nodes can be found under: * set protocols bgp neighbor <ip> address-family <afi> conditional-advertisement * set protocols bgp peer-group <p> address-family <afi> conditional-advertisement
2021-12-04bgp: T4048: allow per VNI RD/RT configurationChristian Poessinger
2021-11-27frr: T3753: autosave config when calling commit_configuration()Christian Poessinger
2021-11-27bgp: T3753: adjust to new FRR 8.1 syntaxChristian Poessinger
2021-11-27frr: T3753: add default_add_before mnemonic for routing protocols to re-use codeChristian Poessinger
2021-09-04bgp: T3798: "replace-as" option can only be used when "no-prepend" is definedChristian Poessinger
Commit 5f1c1ae4 ("bgp: T3798: add support for neighbor local-as <n> replace-as") added support for a new CLI option when the local-as is changed for a specified neighbor or peer-group. There was an error in the CLI / design as the "replace-as" option can only be used when "no-prepend" is defined. Thus "no-prepend" became a <node> and the new "replace-as" leafNode is now a child of "no-prepend".
2021-09-03bgp: T3798: add support for neighbor local-as <n> replace-asChristian Poessinger
2021-08-20bgp: T3759: add IPv4/IPv6 unicast AFI route-map for VPN import/exportChristian Poessinger
This adds the following new commands: set protocols bgp address-family ipv4-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv4-unicast route-map vpn import foo-map-in set protocols bgp address-family ipv6-unicast route-map vpn export foo-map-out set protocols bgp address-family ipv6-unicast route-map vpn import foo-map-in
2021-08-18bgp: evpn: T1513: VNI rt and rd are only supported under EVPN VRFChristian Poessinger