diff options
author | Cheeze-It <16260577+Cheeze-It@users.noreply.github.com> | 2021-04-15 05:18:22 -0600 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-15 13:18:22 +0200 |
commit | 1733ebf10aedafefbc17bd0660f6d43098b08d8a (patch) | |
tree | c64064a872f9a87334241b87139da2310a80c6fa | |
parent | 7a48396731ff41007c083440e2aae01dda747e72 (diff) | |
download | vyos-1x-1733ebf10aedafefbc17bd0660f6d43098b08d8a.tar.gz vyos-1x-1733ebf10aedafefbc17bd0660f6d43098b08d8a.zip |
bgp: T2771: add vpn, multicast, flowspec address families
In this commit we add more address families within
BGP. This should bring VyOS the ability to enable
the rest of the capabilities within FRR.
Co-authored-by: Cheeze_It <none@none.com>
14 files changed, 1049 insertions, 33 deletions
diff --git a/data/templates/frr/bgp.frr.tmpl b/data/templates/frr/bgp.frr.tmpl index 9b910a69f..dafe45f59 100644 --- a/data/templates/frr/bgp.frr.tmpl +++ b/data/templates/frr/bgp.frr.tmpl @@ -90,8 +90,24 @@ {% for afi, afi_config in config.address_family.items() %} {% if afi == 'ipv4_unicast' %} address-family ipv4 unicast +{% elif afi == 'ipv4_multicast' %} + address-family ipv4 multicast +{% elif afi == 'ipv4_labeled_unicast' %} + address-family ipv4 labeled-unicast +{% elif afi == 'ipv4_vpn' %} + address-family ipv4 vpn +{% elif afi == 'ipv4_flowspec' %} + address-family ipv4 flowspec {% elif afi == 'ipv6_unicast' %} address-family ipv6 unicast +{% elif afi == 'ipv6_multicast' %} + address-family ipv6 multicast +{% elif afi == 'ipv6_labeled_unicast' %} + address-family ipv6 labeled-unicast +{% elif afi == 'ipv6_vpn' %} + address-family ipv6 vpn +{% elif afi == 'ipv6_flowspec' %} + address-family ipv6 flowspec {% elif afi == 'l2vpn_evpn' %} address-family l2vpn evpn {% endif %} @@ -205,8 +221,24 @@ router bgp {{ local_as }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none ! {% if afi == 'ipv4_unicast' %} address-family ipv4 unicast +{% elif afi == 'ipv4_multicast' %} + address-family ipv4 multicast +{% elif afi == 'ipv4_labeled_unicast' %} + address-family ipv4 labeled-unicast +{% elif afi == 'ipv4_vpn' %} + address-family ipv4 vpn +{% elif afi == 'ipv4_flowspec' %} + address-family ipv4 flowspec {% elif afi == 'ipv6_unicast' %} address-family ipv6 unicast +{% elif afi == 'ipv6_multicast' %} + address-family ipv6 multicast +{% elif afi == 'ipv6_labeled_unicast' %} + address-family ipv6 labeled-unicast +{% elif afi == 'ipv6_vpn' %} + address-family ipv6 vpn +{% elif afi == 'ipv6_flowspec' %} + address-family ipv6 flowspec {% elif afi == 'l2vpn_evpn' %} address-family l2vpn evpn {% endif %} @@ -238,7 +270,7 @@ router bgp {{ local_as }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none {% endif %} {% if afi_config.network is defined and afi_config.network is not none %} {% for network in afi_config.network %} - network {{ network }}{% if afi_config.network[network].route_map is defined %} route-map {{ afi_config.network[network].route_map }}{% endif %}{% if afi_config.network[network].backdoor is defined %} backdoor{% endif %} + network {{ network }}{% if afi_config.network[network].route_map is defined %} route-map {{ afi_config.network[network].route_map }}{% endif %}{% if afi_config.network[network].backdoor is defined %} backdoor{% endif %}{% if afi_config.network[network].rd is defined and afi_config.network[network].label is defined%} rd {{ afi_config.network[network].rd }} label {{ afi_config.network[network].label }}{% endif %} {####### we need this blank line!! #######} {% endfor %} @@ -247,7 +279,22 @@ router bgp {{ local_as }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none {% for adv_afi, adv_afi_config in afi_config.advertise.items() %} {% if adv_afi_config.unicast is defined and adv_afi_config.unicast is not none %} advertise {{ adv_afi }} unicast {{ 'route-map ' + adv_afi_config.unicast.route_map if adv_afi_config.unicast.route_map is defined }} +{% endif %} +{% endfor %} +{% endif %} +{% if afi_config.distance is defined and afi_config.distance is not none %} +{% if afi_config.distance is defined and afi_config.distance.external is defined and afi_config.distance.internal is defined and afi_config.distance.local is defined %} + distance bgp {{ afi_config.distance.external }} {{ afi_config.distance.internal }} {{ afi_config.distance.local }} +{% endif %} +{% if afi_config.distance.prefix is defined and afi_config.distance.prefix is not none %} +{% for prefix in afi_config.distance.prefix %} + distance {{ afi_config.distance.prefix[prefix].distance }} {{ prefix }} +{% endfor %} +{% endif %} {% endif %} +{% if afi_config.local_install is defined and afi_config.local_install is not none %} +{% for interface in afi_config.local_install.interface %} + local-install {{ interface }} {% endfor %} {% endif %} {% if afi_config.advertise_all_vni is defined %} @@ -378,8 +425,6 @@ router bgp {{ local_as }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none bgp deterministic-med {% endif %} {% if parameters.distance is defined and parameters.distance is not none %} - ! - address-family ipv4 unicast {% if parameters.distance.global is defined and parameters.distance.global.external is defined and parameters.distance.global.internal is defined and parameters.distance.global.local is defined %} distance bgp {{ parameters.distance.global.external }} {{ parameters.distance.global.internal }} {{ parameters.distance.global.local }} {% endif %} @@ -388,8 +433,6 @@ router bgp {{ local_as }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none distance {{ parameters.distance.prefix[prefix].distance }} {{ prefix }} {% endfor %} {% endif %} - exit-address-family - ! {% endif %} {% if parameters.graceful_restart is defined %} bgp graceful-restart {{ 'stalepath-time ' + parameters.graceful_restart.stalepath_time if parameters.graceful_restart.stalepath_time is defined }} @@ -420,4 +463,4 @@ router bgp {{ local_as }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none {% if route_map is defined and route_map is not none %} ip protocol bgp route-map {{ route_map }} {% endif %} -! +!
\ No newline at end of file diff --git a/interface-definitions/include/bgp/bgp-afi-common-flowspec.xml.i b/interface-definitions/include/bgp/bgp-afi-common-flowspec.xml.i new file mode 100644 index 000000000..bb9b0a966 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-afi-common-flowspec.xml.i @@ -0,0 +1,29 @@ +<!-- included start from bgp-afi-common-flowspec.xml.i --> +<node name="filter-list"> + <properties> + <help>as-path-list to filter route updates to/from this peer</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>As-path-list to filter outgoing route updates to this peer</help> + <completionHelp> + <path>policy as-path-list</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>As-path-list to filter incoming route updates from this peer</help> + <completionHelp> + <path>policy as-path-list</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +#include <include/bgp/bgp-afi-route-map.xml.i> +#include <include/bgp/bgp-afi-route-reflector-client.xml.i> +#include <include/bgp/bgp-afi-route-server-client.xml.i> +#include <include/bgp/bgp-afi-soft-reconfiguration.xml.i> +<!-- included end --> diff --git a/interface-definitions/include/bgp/bgp-afi-common-vpn.xml.i b/interface-definitions/include/bgp/bgp-afi-common-vpn.xml.i new file mode 100644 index 000000000..162a2c805 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-afi-common-vpn.xml.i @@ -0,0 +1,144 @@ +<!-- include start from bgp-afi-common-vpn.xml.i --> +<leafNode name="addpath-tx-all"> + <properties> + <help>Use addpath to advertise all paths to a neighbor</help> + <valueless/> + </properties> +</leafNode> +<leafNode name="addpath-tx-per-as"> + <properties> + <help>Use addpath to advertise the bestpath per each neighboring AS</help> + <valueless/> + </properties> +</leafNode> +#include <include/bgp/bgp-afi-allowas-in.xml.i> +<leafNode name="as-override"> + <properties> + <help>AS for routes sent to this peer to be the local AS</help> + <valueless/> + </properties> +</leafNode> +#include <include/bgp/bgp-afi-attribute-unchanged.xml.i> +<node name="disable-send-community"> + <properties> + <help>Disable sending community attributes to this peer</help> + </properties> + <children> + <leafNode name="extended"> + <properties> + <help>Disable sending extended community attributes to this peer</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="standard"> + <properties> + <help>Disable sending standard community attributes to this peer</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<node name="distribute-list"> + <properties> + <help>Access-list to filter route updates to/from this peer-group</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>Access-list to filter outgoing route updates to this peer-group</help> + <completionHelp> + <path>policy access-list</path> + </completionHelp> + <valueHelp> + <format>u32:1-65535</format> + <description>Access-list to filter outgoing route updates to this peer-group</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>Access-list to filter incoming route updates from this peer-group</help> + <completionHelp> + <path>policy access-list</path> + </completionHelp> + <valueHelp> + <format>u32:1-65535</format> + <description>Access-list to filter incoming route updates from this peer-group</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + </children> +</node> +<node name="filter-list"> + <properties> + <help>as-path-list to filter route updates to/from this peer</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>As-path-list to filter outgoing route updates to this peer</help> + <completionHelp> + <path>policy as-path-list</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>As-path-list to filter incoming route updates from this peer</help> + <completionHelp> + <path>policy as-path-list</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<leafNode name="maximum-prefix"> + <properties> + <help>Maximum number of prefixes to accept from this peer</help> + <valueHelp> + <format>u32:1-4294967295</format> + <description>Prefix limit</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-4294967295"/> + </constraint> + </properties> +</leafNode> +#include <include/bgp/bgp-afi-nexthop-self.xml.i> +<leafNode name="remove-private-as"> + <properties> + <help>Remove private AS numbers from AS path in outbound route updates</help> + <valueless/> + </properties> +</leafNode> +#include <include/bgp/bgp-afi-route-map.xml.i> +#include <include/bgp/bgp-afi-route-reflector-client.xml.i> +#include <include/bgp/bgp-afi-route-server-client.xml.i> +#include <include/bgp/bgp-afi-soft-reconfiguration.xml.i> +<leafNode name="unsuppress-map"> + <properties> + <help>Route-map to selectively unsuppress suppressed routes</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + </properties> +</leafNode> +<leafNode name="weight"> + <properties> + <help>Default weight for routes from this peer</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Default weight</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp/bgp-common-config.xml.i b/interface-definitions/include/bgp/bgp-common-config.xml.i index 813da097c..66843a55f 100644 --- a/interface-definitions/include/bgp/bgp-common-config.xml.i +++ b/interface-definitions/include/bgp/bgp-common-config.xml.i @@ -24,6 +24,75 @@ #include <include/bgp/bgp-afi-aggregate-address.xml.i>
</children>
</tagNode>
+ <node name="distance">
+ <properties>
+ <help>Administrative distances for BGP routes</help>
+ </properties>
+ <children>
+ <leafNode name="external">
+ <properties>
+ <help>eBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>eBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="internal">
+ <properties>
+ <help>iBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>iBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="local">
+ <properties>
+ <help>Locally originated BGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Locally originated BGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <tagNode name="prefix">
+ <properties>
+ <help>Administrative distance for a specific BGP prefix</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Administrative distance for a specific BGP prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="distance">
+ <properties>
+ <help>Administrative distance for prefix</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Administrative distance for external BGP routes</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
<tagNode name="network">
<properties>
<help>BGP network</help>
@@ -108,6 +177,229 @@ </node>
</children>
</node>
+ <node name="ipv4-multicast">
+ <properties>
+ <help>Multicast IPv4 BGP settings</help>
+ </properties>
+ <children>
+ <tagNode name="aggregate-address">
+ <properties>
+ <help>BGP aggregate network/prefix</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>BGP aggregate network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/bgp/bgp-afi-aggregate-address.xml.i>
+ </children>
+ </tagNode>
+ <node name="distance">
+ <properties>
+ <help>Administrative distances for BGP routes</help>
+ </properties>
+ <children>
+ <leafNode name="external">
+ <properties>
+ <help>eBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>eBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="internal">
+ <properties>
+ <help>iBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>iBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="local">
+ <properties>
+ <help>Locally originated BGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Locally originated BGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <tagNode name="prefix">
+ <properties>
+ <help>Administrative distance for a specific BGP prefix</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Administrative distance for a specific BGP prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="distance">
+ <properties>
+ <help>Administrative distance for prefix</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Administrative distance for external BGP routes</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <tagNode name="network">
+ <properties>
+ <help>Import BGP network/prefix into multicast IPv4 RIB</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Multicast IPv4 BGP network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="backdoor">
+ <properties>
+ <help>Use BGP network/prefix as a backdoor route</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ #include <include/route-map.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <node name="ipv4-labeled-unicast">
+ <properties>
+ <help>Labeled Unicast IPv4 BGP settings</help>
+ </properties>
+ <children>
+ <tagNode name="aggregate-address">
+ <properties>
+ <help>BGP aggregate network/prefix</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>BGP aggregate network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/bgp/bgp-afi-aggregate-address.xml.i>
+ </children>
+ </tagNode>
+ <tagNode name="network">
+ <properties>
+ <help>Import BGP network/prefix into labeled unicast IPv4 RIB</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Labeled Unicast IPv4 BGP network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="backdoor">
+ <properties>
+ <help>Use BGP network/prefix as a backdoor route</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ #include <include/route-map.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <node name="ipv4-flowspec">
+ <properties>
+ <help>Flowspec IPv4 BGP settings</help>
+ </properties>
+ <children>
+ <node name="local-install">
+ <properties>
+ <help>Apply local policy routing to interface</help>
+ </properties>
+ <children>
+ <leafNode name="interface">
+ <properties>
+ <help>Interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
+ <node name="ipv4-vpn">
+ <properties>
+ <help>Unicast VPN IPv4 BGP settings</help>
+ </properties>
+ <children>
+ <tagNode name="network">
+ <properties>
+ <help>Import BGP network/prefix into unicast VPN IPv4 RIB</help>
+ <valueHelp>
+ <format>ipv4net</format>
+ <description>Unicast VPN IPv4 BGP network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv4-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="rd">
+ <properties>
+ <help>Route Distinguisher</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Route Distinguisher, asn:xxx</description>
+ </valueHelp>
+ <constraint>
+ <regex>^[0-9]{1,10}:[0-9]{1,5}$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="label">
+ <properties>
+ <help>MPLS label value assigned to route</help>
+ <valueHelp>
+ <format>u32:0-1048575</format>
+ <description>MPLS label value</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-1048575"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
<node name="ipv6-unicast">
<properties>
<help>IPv6 BGP settings</help>
@@ -128,6 +420,75 @@ #include <include/bgp/bgp-afi-aggregate-address.xml.i>
</children>
</tagNode>
+ <node name="distance">
+ <properties>
+ <help>Administrative distances for BGP routes</help>
+ </properties>
+ <children>
+ <leafNode name="external">
+ <properties>
+ <help>eBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>eBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="internal">
+ <properties>
+ <help>iBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>iBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="local">
+ <properties>
+ <help>Locally originated BGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Locally originated BGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <tagNode name="prefix">
+ <properties>
+ <help>Administrative distance for a specific BGP prefix</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Administrative distance for a specific BGP prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="distance">
+ <properties>
+ <help>Administrative distance for prefix</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Administrative distance for external BGP routes</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
<tagNode name="network">
<properties>
<help>BGP network</help>
@@ -210,6 +571,235 @@ </node>
</children>
</node>
+ <node name="ipv6-multicast">
+ <properties>
+ <help>Multicast IPv6 BGP settings</help>
+ </properties>
+ <children>
+ <tagNode name="aggregate-address">
+ <properties>
+ <help>BGP aggregate network/prefix</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>BGP aggregate network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/bgp/bgp-afi-aggregate-address.xml.i>
+ </children>
+ </tagNode>
+ <node name="distance">
+ <properties>
+ <help>Administrative distances for BGP routes</help>
+ </properties>
+ <children>
+ <leafNode name="external">
+ <properties>
+ <help>eBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>eBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="internal">
+ <properties>
+ <help>iBGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>iBGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="local">
+ <properties>
+ <help>Locally originated BGP routes administrative distance</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Locally originated BGP routes administrative distance</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <tagNode name="prefix">
+ <properties>
+ <help>Administrative distance for a specific BGP prefix</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Administrative distance for a specific BGP prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="distance">
+ <properties>
+ <help>Administrative distance for prefix</help>
+ <valueHelp>
+ <format>u32:1-255</format>
+ <description>Administrative distance for external BGP routes</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <tagNode name="network">
+ <properties>
+ <help>Import BGP network/prefix into multicast IPv6 RIB</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Multicast IPv6 BGP network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="path-limit">
+ <properties>
+ <help>AS-path hopcount limit</help>
+ <valueHelp>
+ <format>u32:0-255</format>
+ <description>AS path hop count limit</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-255"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ #include <include/route-map.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <node name="ipv6-labeled-unicast">
+ <properties>
+ <help>Labeled Unicast IPv6 BGP settings</help>
+ </properties>
+ <children>
+ <tagNode name="aggregate-address">
+ <properties>
+ <help>BGP aggregate network/prefix</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>BGP aggregate network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ #include <include/bgp/bgp-afi-aggregate-address.xml.i>
+ </children>
+ </tagNode>
+ <tagNode name="network">
+ <properties>
+ <help>Import BGP network/prefix into labeled unicast IPv6 RIB</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Labeled Unicast IPv6 BGP network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="backdoor">
+ <properties>
+ <help>Use BGP network/prefix as a backdoor route</help>
+ <valueless/>
+ </properties>
+ </leafNode>
+ #include <include/route-map.xml.i>
+ </children>
+ </tagNode>
+ </children>
+ </node>
+ <node name="ipv6-flowspec">
+ <properties>
+ <help>Flowspec IPv6 BGP settings</help>
+ </properties>
+ <children>
+ <node name="local-install">
+ <properties>
+ <help>Apply local policy routing to interface</help>
+ </properties>
+ <children>
+ <leafNode name="interface">
+ <properties>
+ <help>Interface</help>
+ <completionHelp>
+ <script>${vyos_completion_dir}/list_interfaces.py</script>
+ </completionHelp>
+ <multi/>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
+ <node name="ipv6-vpn">
+ <properties>
+ <help>Unicast VPN IPv6 BGP settings</help>
+ </properties>
+ <children>
+ <tagNode name="network">
+ <properties>
+ <help>Import BGP network/prefix into unicast VPN IPv6 RIB</help>
+ <valueHelp>
+ <format>ipv6net</format>
+ <description>Unicast VPN IPv6 BGP network/prefix</description>
+ </valueHelp>
+ <constraint>
+ <validator name="ipv6-prefix"/>
+ </constraint>
+ </properties>
+ <children>
+ <leafNode name="rd">
+ <properties>
+ <help>Route Distinguisher</help>
+ <valueHelp>
+ <format>txt</format>
+ <description>Route Distinguisher, asn:xxx</description>
+ </valueHelp>
+ <constraint>
+ <regex>^[0-9]{1,10}:[0-9]{1,5}$</regex>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="label">
+ <properties>
+ <help>MPLS label value assigned to route</help>
+ <valueHelp>
+ <format>u32:0-1048575</format>
+ <description>MPLS label value</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 0-1048575"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </tagNode>
+ </children>
+ </node>
<node name="l2vpn-evpn">
<properties>
<help>L2VPN EVPN BGP settings</help>
@@ -303,7 +893,7 @@ </node>
<node name="listen">
<properties>
- <help>BGP dynamic neighbors listen commands</help>
+ <help>Listen for and accept BGP dynamic neighbors from range</help>
</properties>
<children>
<leafNode name="limit">
@@ -320,7 +910,7 @@ </leafNode>
<tagNode name="range">
<properties>
- <help>Dynamic neighbors listen range</help>
+ <help>BGP dynamic neighbors listen range</help>
<valueHelp>
<format>ipv4net</format>
<description>IPv4 dynamic neighbors listen range</description>
@@ -381,6 +971,14 @@ <children>
#include <include/bgp/bgp-neighbor-afi-ipv4-unicast.xml.i>
#include <include/bgp/bgp-neighbor-afi-ipv6-unicast.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv4-labeled-unicast.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv6-labeled-unicast.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv4-vpn.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv6-vpn.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv4-flowspec.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv6-flowspec.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv4-multicast.xml.i>
+ #include <include/bgp/bgp-neighbor-afi-ipv6-multicast.xml.i>
#include <include/bgp/bgp-neighbor-afi-l2vpn-evpn.xml.i>
</children>
</node>
@@ -856,4 +1454,4 @@ #include <include/bgp/bgp-timers-keepalive.xml.i>
</children>
</node>
-<!-- include end -->
+<!-- include end -->
\ No newline at end of file diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-flowspec.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-flowspec.xml.i new file mode 100644 index 000000000..732ff1773 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-flowspec.xml.i @@ -0,0 +1,11 @@ +<!-- included start from bgp-neighbor-afi-ipv4-flowspec.xml.i --> +<node name="ipv4-flowspec"> + <properties> + <help>IPv4 Flow Specification BGP neighbor parameters</help> + </properties> + <children> + #include <include/bgp/bgp-afi-ipv4-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common-flowspec.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-labeled-unicast.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-labeled-unicast.xml.i new file mode 100644 index 000000000..9baf5380d --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-labeled-unicast.xml.i @@ -0,0 +1,19 @@ +<!-- included start from bgp-neighbor-afi-ipv4-labeled-unicast.xml.i --> +<node name="ipv4-labeled-unicast"> + <properties> + <help>IPv4 Labeled Unicast BGP neighbor parameters</help> + </properties> + <children> + <node name="capability"> + <properties> + <help>Advertise capabilities to this neighbor (IPv4)</help> + </properties> + <children> + #include <include/bgp/bgp-afi-capability-orf.xml.i> + </children> + </node> + #include <include/bgp/bgp-afi-ipv4-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-multicast.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-multicast.xml.i new file mode 100644 index 000000000..073e5a868 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-multicast.xml.i @@ -0,0 +1,19 @@ +<!-- included start from bgp-neighbor-afi-ipv4-multicast.xml.i --> +<node name="ipv4-multicast"> + <properties> + <help>IPv4 Multicast BGP neighbor parameters</help> + </properties> + <children> + <node name="capability"> + <properties> + <help>Advertise capabilities to this neighbor (IPv4)</help> + </properties> + <children> + #include <include/bgp/bgp-afi-capability-orf.xml.i> + </children> + </node> + #include <include/bgp/bgp-afi-ipv4-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-vpn.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-vpn.xml.i new file mode 100644 index 000000000..1ce7028b8 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv4-vpn.xml.i @@ -0,0 +1,11 @@ +<!-- included start from bgp-neighbor-afi-ipv4-vpn.xml.i --> +<node name="ipv4-vpn"> + <properties> + <help>IPv4 VPN BGP neighbor parameters</help> + </properties> + <children> + #include <include/bgp/bgp-afi-ipv4-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common-vpn.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-flowspec.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-flowspec.xml.i new file mode 100644 index 000000000..3fbf785ce --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-flowspec.xml.i @@ -0,0 +1,11 @@ +<!-- included start from bgp-neighbor-afi-ipv6-flowspec.xml.i --> +<node name="ipv6-flowspec"> + <properties> + <help>IPv6 Flow Specification BGP neighbor parameters</help> + </properties> + <children> + #include <include/bgp/bgp-afi-ipv6-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common-flowspec.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-labeled-unicast.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-labeled-unicast.xml.i new file mode 100644 index 000000000..1f84e7afb --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-labeled-unicast.xml.i @@ -0,0 +1,20 @@ +<!-- included start from bgp-neighbor-afi-ipv6-labeled-unicast.xml.i --> +<node name="ipv6-labeled-unicast"> + <properties> + <help>IPv6 Labeled Unicast BGP neighbor parameters</help> + </properties> + <children> + <node name="capability"> + <properties> + <help>Advertise capabilities to this neighbor (IPv6)</help> + </properties> + <children> + #include <include/bgp/bgp-afi-capability-orf.xml.i> + </children> + </node> + #include <include/bgp/bgp-afi-ipv6-nexthop-local.xml.i> + #include <include/bgp/bgp-afi-ipv6-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-multicast.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-multicast.xml.i new file mode 100644 index 000000000..e49465ed2 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-multicast.xml.i @@ -0,0 +1,12 @@ +<!-- included start from bgp-neighbor-afi-ipv6-multicast.xml.i --> +<node name="ipv6-multicast"> + <properties> + <help>IPv6 Multicast BGP neighbor parameters</help> + </properties> + <children> + #include <include/bgp/bgp-afi-ipv6-nexthop-local.xml.i> + #include <include/bgp/bgp-afi-ipv6-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common.xml.i> + </children> +</node> +<!-- include end --> diff --git a/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-vpn.xml.i b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-vpn.xml.i new file mode 100644 index 000000000..9a7a22418 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-neighbor-afi-ipv6-vpn.xml.i @@ -0,0 +1,12 @@ +<!-- included start from bgp-neighbor-afi-ipv6-vpn.xml.i --> +<node name="ipv6-vpn"> + <properties> + <help>IPv6 VPN BGP neighbor parameters</help> + </properties> + <children> + #include <include/bgp/bgp-afi-ipv6-nexthop-local.xml.i> + #include <include/bgp/bgp-afi-ipv6-prefix-list.xml.i> + #include <include/bgp/bgp-afi-common-vpn.xml.i> + </children> +</node> +<!-- include end --> diff --git a/smoketest/scripts/cli/test_protocols_bgp.py b/smoketest/scripts/cli/test_protocols_bgp.py index bce74a7b2..8ed0f7228 100755 --- a/smoketest/scripts/cli/test_protocols_bgp.py +++ b/smoketest/scripts/cli/test_protocols_bgp.py @@ -547,7 +547,76 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase): self.assertIn(f' advertise-default-gw', vniconfig) self.assertIn(f' advertise-svi-ip', vniconfig) - def test_bgp_08_vrf_simple(self): + def test_bgp_08_zebra_route_map(self): + # Implemented because of T3328 + self.cli_set(base_path + ['route-map', route_map_in]) + # commit changes + self.cli_commit() + + # Verify FRR configuration + zebra_route_map = f'ip protocol bgp route-map {route_map_in}' + frrconfig = self.getFRRconfig(zebra_route_map) + self.assertIn(zebra_route_map, frrconfig) + + # Remove the route-map again + self.cli_delete(base_path + ['route-map']) + # commit changes + self.cli_commit() + + # Verify FRR configuration + frrconfig = self.getFRRconfig(zebra_route_map) + self.assertNotIn(zebra_route_map, frrconfig) + + def test_bgp_09_distance_and_flowspec(self): + distance_external = '25' + distance_internal = '30' + distance_local = '35' + distance_v4_prefix = '169.254.0.0/32' + distance_v6_prefix = '2001::/128' + distance_prefix_value = '110' + distance_families = ['ipv4-unicast', 'ipv6-unicast','ipv4-multicast', 'ipv6-multicast'] + verify_families = ['ipv4 unicast', 'ipv6 unicast','ipv4 multicast', 'ipv6 multicast'] + flowspec_families = ['address-family ipv4 flowspec', 'address-family ipv6 flowspec'] + flowspec_int = 'lo' + + # Per family distance support + for family in distance_families: + self.cli_set(base_path + ['address-family', family, 'distance', 'external', distance_external]) + self.cli_set(base_path + ['address-family', family, 'distance', 'internal', distance_internal]) + self.cli_set(base_path + ['address-family', family, 'distance', 'local', distance_local]) + if 'ipv4' in family: + self.cli_set(base_path + ['address-family', family, 'distance', + 'prefix', distance_v4_prefix, 'distance', distance_prefix_value]) + if 'ipv6' in family: + self.cli_set(base_path + ['address-family', family, 'distance', + 'prefix', distance_v6_prefix, 'distance', distance_prefix_value]) + + # IPv4 flowspec interface check + self.cli_set(base_path + ['address-family', 'ipv4-flowspec', 'local-install', 'interface', flowspec_int]) + + # IPv6 flowspec interface check + self.cli_set(base_path + ['address-family', 'ipv6-flowspec', 'local-install', 'interface', flowspec_int]) + + # Commit changes + self.cli_commit() + + # Verify FRR distances configuration + frrconfig = self.getFRRconfig(f'router bgp {ASN}') + self.assertIn(f'router bgp {ASN}', frrconfig) + for family in verify_families: + self.assertIn(f'address-family {family}', frrconfig) + self.assertIn(f'distance bgp {distance_external} {distance_internal} {distance_local}', frrconfig) + if 'ipv4' in family: + self.assertIn(f'distance {distance_prefix_value} {distance_v4_prefix}', frrconfig) + if 'ipv6' in family: + self.assertIn(f'distance {distance_prefix_value} {distance_v6_prefix}', frrconfig) + + # Verify FRR flowspec configuration + for family in flowspec_families: + self.assertIn(f'{family}', frrconfig) + self.assertIn(f'local-install {flowspec_int}', frrconfig) + + def test_bgp_10_vrf_simple(self): router_id = '127.0.0.3' vrfs = ['red', 'green', 'blue'] @@ -571,26 +640,6 @@ class TestProtocolsBGP(VyOSUnitTestSHIM.TestCase): self.assertIn(f'router bgp {ASN} vrf {vrf}', frrconfig) self.assertIn(f' bgp router-id {router_id}', frrconfig) - - def test_bgp_09_zebra_route_map(self): - # Implemented because of T3328 - self.cli_set(base_path + ['route-map', route_map_in]) - # commit changes - self.cli_commit() - - # Verify FRR configuration - zebra_route_map = f'ip protocol bgp route-map {route_map_in}' - frrconfig = self.getFRRconfig(zebra_route_map) - self.assertIn(zebra_route_map, frrconfig) - - # Remove the route-map again - self.cli_delete(base_path + ['route-map']) - # commit changes - self.cli_commit() - - # Verify FRR configuration - frrconfig = self.getFRRconfig(zebra_route_map) - self.assertNotIn(zebra_route_map, frrconfig) - + if __name__ == '__main__': - unittest.main(verbosity=2) + unittest.main(verbosity=2)
\ No newline at end of file diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 6b83087bf..001108ede 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -127,6 +127,10 @@ def verify(bgp): if 'ebgp_multihop' in peer_config and 'ttl_security' in peer_config: raise ConfigError('You can\'t set both ebgp-multihop and ttl-security hops') + # Check if neighbor has both override capability and strict capability match configured at the same time. + if 'override_capability' in peer_config and 'strict_capability_match' in peer_config: + raise ConfigError(f'Neighbor "{peer}" cannot have both override-capability and strict-capability-match configured at the same time!') + # Check spaces in the password if 'password' in peer_config and ' ' in peer_config['password']: raise ConfigError('You can\'t use spaces in the password') @@ -148,11 +152,21 @@ def verify(bgp): if 'remote_as' in peer_config: raise ConfigError(f'remote-as must be set under the interface node of "{peer}"') - for afi in ['ipv4_unicast', 'ipv6_unicast', 'l2vpn_evpn']: + for afi in ['ipv4_unicast', 'ipv4_multicast', 'ipv4_labeled_unicast', 'ipv4_flowspec', + 'ipv6_unicast', 'ipv6_multicast', 'ipv6_labeled_unicast', 'ipv6_flowspec', + 'l2vpn_evpn']: # Bail out early if address family is not configured if 'address_family' not in peer_config or afi not in peer_config['address_family']: continue + # Check if neighbor has both ipv4 unicast and ipv4 labeled unicast configured at the same time. + if 'ipv4_unicast' in peer_config['address_family'] and 'ipv4_labeled_unicast' in peer_config['address_family']: + raise ConfigError(f'Neighbor "{peer}" cannot have both ipv4-unicast and ipv4-labeled-unicast configured at the same time!') + + # Check if neighbor has both ipv6 unicast and ipv6 labeled unicast configured at the same time. + if 'ipv6_unicast' in peer_config['address_family'] and 'ipv6_labeled_unicast' in peer_config['address_family']: + raise ConfigError(f'Neighbor "{peer}" cannot have both ipv6-unicast and ipv6-labeled-unicast configured at the same time!') + afi_config = peer_config['address_family'][afi] # Validate if configured Prefix list exists if 'prefix_list' in afi_config: @@ -192,6 +206,30 @@ def verify(bgp): if not verify_remote_as(bgp['listen']['range'][prefix], bgp): raise ConfigError(f'Peer-group "{peer_group}" requires remote-as to be set!') + # Throw an error if the global administrative distance parameters aren't all filled out. + if dict_search('parameters.distance', bgp) == None: + pass + else: + if dict_search('parameters.distance.global', bgp): + for key in ['external', 'internal', 'local']: + if dict_search(f'parameters.distance.global.{key}', bgp) == None: + raise ConfigError('Missing mandatory configuration option for '\ + f'global administrative distance {key}!') + + # Throw an error if the address family specific administrative distance parameters aren't all filled out. + if dict_search('address_family', bgp) == None: + pass + else: + for address_family_name in dict_search('address_family', bgp): + if dict_search(f'address_family.{address_family_name}.distance', bgp) == None: + pass + else: + for key in ['external', 'internal', 'local']: + if dict_search(f'address_family.{address_family_name}.distance.{key}', bgp) == None: + address_family_name = address_family_name.replace('_', '-') + raise ConfigError('Missing mandatory configuration option for '\ + f'{address_family_name} administrative distance {key}!') + return None def generate(bgp): |