summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCheeze_It <none@none.com>2020-12-08 20:00:40 -0700
committerCheeze_It <none@none.com>2020-12-08 20:00:40 -0700
commitf0543d5d28d500409b2d35abefd8df5d2c2504a6 (patch)
treeb8cdbeebcbb2a59d07ecefadf52772c0400d4dc7
parent345db48254e2ba94680510d08e85c08d5a6dae37 (diff)
downloadvyos-1x-f0543d5d28d500409b2d35abefd8df5d2c2504a6.tar.gz
vyos-1x-f0543d5d28d500409b2d35abefd8df5d2c2504a6.zip
mpls-conf: T915: Add LDP import and export control
In this commit we added the ability to control import and export of LDP FECs. This allows for an operator to specify which to filter on ingress, and which to not announce on egress.
-rw-r--r--data/templates/frr/ldpd.frr.tmpl68
-rw-r--r--interface-definitions/protocols-mpls.xml.in145
2 files changed, 201 insertions, 12 deletions
diff --git a/data/templates/frr/ldpd.frr.tmpl b/data/templates/frr/ldpd.frr.tmpl
index 86342b3eb..81343671c 100644
--- a/data/templates/frr/ldpd.frr.tmpl
+++ b/data/templates/frr/ldpd.frr.tmpl
@@ -34,13 +34,11 @@ neighbor {{neighbors}} session holdtime {{ldp.neighbor[neighbors].session_holdti
{% if ldp.discovery.transport_ipv4_address is defined %}
address-family ipv4
{% if ldp.allocation is defined %}
-{% if ldp.allocation.ipv4 is defined %}
-{% if ldp.allocation.ipv4.access_list is defined %}
+{% if ldp.allocation.ipv4 is defined %}
+{% if ldp.allocation.ipv4.access_list is defined %}
label local allocate for {{ ldp.allocation.ipv4.access_list }}
+{% endif %}
{% endif %}
-label local allocate host-routes
-{% endif %}
-label local allocate host-routes
{% else %}
label local allocate host-routes
{% endif %}
@@ -56,9 +54,33 @@ discovery hello interval {{ ldp.discovery.hello_ipv4_interval }}
{% if ldp.discovery.session_ipv4_holdtime is defined %}
session holdtime {{ ldp.discovery.session_ipv4_holdtime }}
{% endif %}
+{% if ldp.import is defined %}
+{% if ldp.import.ipv4 is defined %}
+{% if ldp.import.ipv4.import_filter is defined %}
+{% if ldp.import.ipv4.import_filter.filter_access_list is defined %}
+{% if ldp.import.ipv4.import_filter.neighbor_access_list is defined %}
+label remote accept for {{ ldp.import.ipv4.import_filter.filter_access_list }} from {{ ldp.import.ipv4.import_filter.neighbor_access_list }}
+{% else %}
+label remote accept for {{ ldp.import.ipv4.import_filter.filter_access_list }}
+{% endif %}
+{% endif %}
+{% endif %}
+{% endif %}
+{% endif %}
{% if ldp.export is defined %}
-{% if ldp.export.ipv4.explicit_null is defined %}
+{% if ldp.export.ipv4 is defined %}
+{% if ldp.export.ipv4.explicit_null is defined %}
label local advertise explicit-null
+{% endif %}
+{% if ldp.export.ipv4.export_filter is defined %}
+{% if ldp.export.ipv4.export_filter.filter_access_list is defined %}
+{% if ldp.export.ipv4.export_filter.neighbor_access_list is defined %}
+label local advertise for {{ ldp.export.ipv4.export_filter.filter_access_list }} to {{ ldp.export.ipv4.export_filter.neighbor_access_list }}
+{% else %}
+label local advertise for {{ ldp.export.ipv4.export_filter.filter_access_list }}
+{% endif %}
+{% endif %}
+{% endif %}
{% endif %}
{% endif %}
{% if ldp.targeted_neighbor is defined %}
@@ -88,13 +110,11 @@ no address-family ipv4
{% if ldp.discovery.transport_ipv6_address is defined %}
address-family ipv6
{% if ldp.allocation is defined %}
-{% if ldp.allocation.ipv6 is defined %}
-{% if ldp.allocation.ipv6.access_list6 is defined %}
+{% if ldp.allocation.ipv6 is defined %}
+{% if ldp.allocation.ipv6.access_list6 is defined %}
label local allocate for {{ ldp.allocation.ipv6.access_list6 }}
+{% endif %}
{% endif %}
-label local allocate host-routes
-{% endif %}
-label local allocate host-routes
{% else %}
label local allocate host-routes
{% endif %}
@@ -110,9 +130,33 @@ discovery hello interval {{ ldp.discovery.hello_ipv6_interval }}
{% if ldp.discovery.session_ipv6_holdtime is defined %}
session holdtime {{ ldp.discovery.session_ipv6_holdtime }}
{% endif %}
+{% if ldp.import is defined %}
+{% if ldp.import.ipv6 is defined %}
+{% if ldp.import.ipv6.import_filter is defined %}
+{% if ldp.import.ipv6.import_filter.filter_access_list6 is defined %}
+{% if ldp.import.ipv6.import_filter.neighbor_access_list6 is defined %}
+label remote accept for {{ ldp.import.ipv6.import_filter.filter_access_list6 }} from {{ ldp.import.ipv6.import_filter.neighbor_access_list6 }}
+{% else %}
+label remote accept for {{ ldp.import.ipv6.import_filter.filter_access_list6 }}
+{% endif %}
+{% endif %}
+{% endif %}
+{% endif %}
+{% endif %}
{% if ldp.export is defined %}
-{% if ldp.export.ipv6.explicit_null is defined %}
+{% if ldp.export.ipv6 is defined %}
+{% if ldp.export.ipv6.explicit_null is defined %}
label local advertise explicit-null
+{% endif %}
+{% if ldp.export.ipv6.export_filter is defined %}
+{% if ldp.export.ipv6.export_filter.filter_access_list6 is defined %}
+{% if ldp.export.ipv6.export_filter.neighbor_access_list6 is defined %}
+label local advertise for {{ ldp.export.ipv6.export_filter.filter_access_list6 }} to {{ ldp.export.ipv6.export_filter.neighbor_access_list6 }}
+{% else %}
+label local advertise for {{ ldp.export.ipv6.export_filter.filter_access_list6 }}
+{% endif %}
+{% endif %}
+{% endif %}
{% endif %}
{% endif %}
{% if ldp.targeted_neighbor is defined %}
diff --git a/interface-definitions/protocols-mpls.xml.in b/interface-definitions/protocols-mpls.xml.in
index e91db12de..c903b69bd 100644
--- a/interface-definitions/protocols-mpls.xml.in
+++ b/interface-definitions/protocols-mpls.xml.in
@@ -367,6 +367,37 @@
<valueless/>
</properties>
</leafNode>
+ <node name="export-filter">
+ <properties>
+ <help>Forwarding equivalence class (FEC) export filter</help>
+ </properties>
+ <children>
+ <leafNode name="filter-access-list">
+ <properties>
+ <help>Access-list number to apply FEC filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="neighbor-access-list">
+ <properties>
+ <help>Access-list number for IPv4 neighbor selection to apply filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
</children>
</node>
<node name="ipv6">
@@ -380,6 +411,120 @@
<valueless/>
</properties>
</leafNode>
+ <node name="export-filter">
+ <properties>
+ <help>Forwarding equivalence class (FEC) export filter</help>
+ </properties>
+ <children>
+ <leafNode name="filter-access-list6">
+ <properties>
+ <help>Access-list6 number to apply FEC filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="neighbor-access-list6">
+ <properties>
+ <help>Access-list6 number for IPv6 neighbor selection to apply filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
+ </children>
+ </node>
+ <node name="import">
+ <properties>
+ <help>Import parameters</help>
+ </properties>
+ <children>
+ <node name="ipv4">
+ <properties>
+ <help>IPv4 parameters</help>
+ </properties>
+ <children>
+ <node name="import-filter">
+ <properties>
+ <help>Forwarding equivalence class (FEC) import filter</help>
+ </properties>
+ <children>
+ <leafNode name="filter-access-list">
+ <properties>
+ <help>Access-list number to apply FEC filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="neighbor-access-list">
+ <properties>
+ <help>Access-list number for IPv4 neighbor selection to apply filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+ </children>
+ </node>
+ <node name="ipv6">
+ <properties>
+ <help>IPv6 parameters</help>
+ </properties>
+ <children>
+ <node name="import-filter">
+ <properties>
+ <help>Forwarding equivalence class (FEC) export filter</help>
+ </properties>
+ <children>
+ <leafNode name="filter-access-list6">
+ <properties>
+ <help>Access-list6 number to apply FEC filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ <leafNode name="neighbor-access-list6">
+ <properties>
+ <help>Access-list6 number for IPv6 neighbor selection to apply filtering</help>
+ <valueHelp>
+ <format>1-2699</format>
+ <description>Access list number</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-2699"/>
+ </constraint>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
</children>
</node>
</children>