diff options
46 files changed, 768 insertions, 1726 deletions
diff --git a/data/templates/firewall/nftables-nat.tmpl b/data/templates/firewall/nftables-nat.tmpl index 8769c2384..770a24a95 100644 --- a/data/templates/firewall/nftables-nat.tmpl +++ b/data/templates/firewall/nftables-nat.tmpl @@ -1,87 +1,87 @@ #!/usr/sbin/nft -f {% macro nat_rule(rule, config, chain) %} -{% set comment = "" %} -{% set base_log = "" %} -{% set src_addr = "ip saddr " + config.source.address if config.source is defined and config.source.address is defined and config.source.address is not none %} -{% set dst_addr = "ip daddr " + config.destination.address if config.destination is defined and config.destination.address is defined and config.destination.address is not none %} +{% set comment = '' %} +{% set base_log = '' %} +{% set src_addr = 'ip saddr ' + config.source.address.replace('!','!= ') if config.source is defined and config.source.address is defined and config.source.address is not none %} +{% set dst_addr = 'ip daddr ' + config.destination.address.replace('!','!= ') if config.destination is defined and config.destination.address is defined and config.destination.address is not none %} {# negated port groups need special treatment, move != in front of { } group #} {% if config.source is defined and config.source.port is defined and config.source.port is not none and config.source.port.startswith('!=') %} -{% set src_port = "sport != { " + config.source.port.replace('!=','') +" }" %} +{% set src_port = 'sport != { ' + config.source.port.replace('!=','') + ' }' %} {% else %} -{% set src_port = "sport { " + config.source.port +" }" if config.source is defined and config.source.port is defined and config.source.port is not none %} +{% set src_port = 'sport { ' + config.source.port + ' }' if config.source is defined and config.source.port is defined and config.source.port is not none %} {% endif %} {# negated port groups need special treatment, move != in front of { } group #} {% if config.destination is defined and config.destination.port is defined and config.destination.port is not none and config.destination.port.startswith('!=') %} -{% set dst_port = "dport != { " + config.destination.port.replace('!=','') +" }" %} +{% set dst_port = 'dport != { ' + config.destination.port.replace('!=','') + ' }' %} {% else %} -{% set dst_port = "dport { " + config.destination.port +" }" if config.destination is defined and config.destination.port is defined and config.destination.port is not none %} -{% endif %} -{% if chain == "PREROUTING" %} -{% set comment = "DST-NAT-" + rule %} -{% set base_log = "[NAT-DST-" + rule %} -{% set interface = " iifname \"" + config.inbound_interface + "\"" if config.inbound_interface is defined and config.inbound_interface != 'any' else '' %} -{% set trns_addr = "dnat to " + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} -{% elif chain == "POSTROUTING" %} -{% set comment = "SRC-NAT-" + rule %} -{% set base_log = "[NAT-SRC-" + rule %} -{% set interface = " oifname \"" + config.outbound_interface + "\"" if config.outbound_interface is defined and config.outbound_interface != 'any' else '' %} +{% set dst_port = 'dport { ' + config.destination.port + ' }' if config.destination is defined and config.destination.port is defined and config.destination.port is not none %} +{% endif %} +{% if chain == 'PREROUTING' %} +{% set comment = 'DST-NAT-' + rule %} +{% set base_log = '[NAT-DST-' + rule %} +{% set interface = ' iifname "' + config.inbound_interface + '"' if config.inbound_interface is defined and config.inbound_interface != 'any' else '' %} +{% set trns_addr = 'dnat to ' + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} +{% elif chain == 'POSTROUTING' %} +{% set comment = 'SRC-NAT-' + rule %} +{% set base_log = '[NAT-SRC-' + rule %} +{% set interface = ' oifname "' + config.outbound_interface + '"' if config.outbound_interface is defined and config.outbound_interface != 'any' else '' %} {% if config.translation is defined and config.translation.address is defined and config.translation.address == 'masquerade' %} {% set trns_addr = config.translation.address %} {% if config.translation.port is defined and config.translation.port is not none %} -{% set trns_addr = trns_addr + " to " %} +{% set trns_addr = trns_addr + ' to ' %} {% endif %} {% else %} -{% set trns_addr = "snat to " + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} +{% set trns_addr = 'snat to ' + config.translation.address if config.translation is defined and config.translation.address is defined and config.translation.address is not none %} {% endif %} {% endif %} -{% set trns_port = ":" + config.translation.port if config.translation is defined and config.translation.port is defined and config.translation.port is not none %} +{% set trns_port = ':' + config.translation.port if config.translation is defined and config.translation.port is defined and config.translation.port is not none %} {# protocol has a default value thus it is always present #} -{% if config.protocol == "tcp_udp" %} -{% set protocol = "tcp" %} -{% set comment = comment + " tcp_udp" %} +{% if config.protocol == 'tcp_udp' %} +{% set protocol = 'tcp' %} +{% set comment = comment + ' tcp_udp' %} {% else %} {% set protocol = config.protocol %} {% endif %} {% if config.log is defined %} {% if config.exclude is defined %} -{% set log = base_log + "-EXCL]" %} +{% set log = base_log + '-EXCL]' %} {% elif config.translation is defined and config.translation.address is defined and config.translation.address == 'masquerade' %} -{% set log = base_log + "-MASQ]" %} +{% set log = base_log +'-MASQ]' %} {% else %} -{% set log = base_log + "]" %} +{% set log = base_log + ']' %} {% endif %} {% endif %} {% if config.exclude is defined %} -{# rule has been marked as "exclude" thus we simply return here #} -{% set trns_addr = "return" %} -{% set trns_port = "" %} +{# rule has been marked as 'exclude' thus we simply return here #} +{% set trns_addr = 'return' %} +{% set trns_port = '' %} {% endif %} -{% set output = "add rule ip nat " + chain + interface %} -{% if protocol != "all" %} -{% set output = output + " ip protocol " + protocol %} +{% set output = 'add rule ip nat ' + chain + interface %} +{% if protocol != 'all' %} +{% set output = output + ' ip protocol ' + protocol %} {% endif %} {% if src_addr %} -{% set output = output + " " + src_addr %} +{% set output = output + ' ' + src_addr %} {% endif %} {% if src_port %} -{% set output = output + " " + protocol + " " + src_port %} +{% set output = output + ' ' + protocol + ' ' + src_port %} {% endif %} {% if dst_addr %} -{% set output = output + " " + dst_addr %} +{% set output = output + ' ' + dst_addr %} {% endif %} {% if dst_port %} -{% set output = output + " " + protocol + " " + dst_port %} +{% set output = output + ' ' + protocol + ' ' + dst_port %} {% endif %} {# Count packets #} -{% set output = output + " counter" %} +{% set output = output + ' counter' %} {# Special handling of log option, we must repeat the entire rule before the #} {# NAT translation options are added, this is essential #} {% if log %} -{% set log_output = output + " log prefix \"" + log + "\" comment \"" + comment + "\"" %} +{% set log_output = output + ' log prefix "' + log + '" comment "' + comment + '"' %} {% endif %} {% if trns_addr %} -{% set output = output + " " + trns_addr %} +{% set output = output + ' ' + trns_addr %} {% endif %} {% if trns_port %} {# Do not add a whitespace here, translation port must be directly added after IP address #} @@ -89,15 +89,15 @@ {% set output = output + trns_port %} {% endif %} {% if comment %} -{% set output = output + " comment \"" + comment + "\"" %} +{% set output = output + ' comment "' + comment + '"' %} {% endif %} {{ log_output if log_output }} {{ output }} {# Special handling if protocol is tcp_udp, we must repeat the entire rule with udp as protocol #} -{% if config.protocol == "tcp_udp" %} +{% if config.protocol == 'tcp_udp' %} {# Beware of trailing whitespace, without it the comment tcp_udp will be changed to udp_udp #} -{{ log_output | replace("tcp ", "udp ") if log_output }} -{{ output | replace("tcp ", "udp ") }} +{{ log_output | replace('tcp ', 'udp ') if log_output }} +{{ output | replace('tcp ', 'udp ') }} {% endif %} {% endmacro %} @@ -105,7 +105,7 @@ flush table nat {% if helper_functions == 'remove' %} {# NAT if going to be disabled - remove rules and targets from nftables #} -{% set base_command = "delete rule ip raw" %} +{% set base_command = 'delete rule ip raw' %} {{ base_command }} PREROUTING handle {{ pre_ct_ignore }} {{ base_command }} OUTPUT handle {{ out_ct_ignore }} {{ base_command }} PREROUTING handle {{ pre_ct_conntrack }} @@ -117,7 +117,7 @@ delete chain ip raw NAT_CONNTRACK {# NAT if enabled - add targets to nftables #} add chain ip raw NAT_CONNTRACK add rule ip raw NAT_CONNTRACK counter accept -{% set base_command = "add rule ip raw" %} +{% set base_command = 'add rule ip raw' %} {{ base_command }} PREROUTING position {{ pre_ct_ignore }} counter jump VYATTA_CT_HELPER {{ base_command }} OUTPUT position {{ out_ct_ignore }} counter jump VYATTA_CT_HELPER {{ base_command }} PREROUTING position {{ pre_ct_conntrack }} counter jump NAT_CONNTRACK diff --git a/data/templates/frr/bgp.frr.tmpl b/data/templates/frr/bgp.frr.tmpl index 16355a1e5..a1ff368e9 100644 --- a/data/templates/frr/bgp.frr.tmpl +++ b/data/templates/frr/bgp.frr.tmpl @@ -152,7 +152,11 @@ router bgp {{ asn }} {% if protocol == 'table' %} redistribute table {{ address_family[af].redistribute[protocol].table }} {% else %} - redistribute {{ protocol }}{% if address_family[af].redistribute[protocol].metric is defined %} metric {{ address_family[af].redistribute[protocol].metric }}{% endif %}{% if address_family[af].redistribute[protocol].route_map is defined %} route-map {{ address_family[af].redistribute[protocol].route_map }}{% endif %} +{% set redistribution_protocol = protocol %} +{% if protocol == 'ospfv3' %} +{% set redistribution_protocol = 'ospf6' %} +{% endif %} + redistribute {{ redistribution_protocol }}{% if address_family[af].redistribute[protocol].metric is defined %} metric {{ address_family[af].redistribute[protocol].metric }}{% endif %}{% if address_family[af].redistribute[protocol].route_map is defined %} route-map {{ address_family[af].redistribute[protocol].route_map }}{% endif %} {####### we need this blank line!! #######} {% endif %} diff --git a/interface-definitions/include/accel-mtu-128-16384.xml.i b/interface-definitions/include/accel-mtu-128-16384.xml.i index 7ee483056..6bd089823 100644 --- a/interface-definitions/include/accel-mtu-128-16384.xml.i +++ b/interface-definitions/include/accel-mtu-128-16384.xml.i @@ -1,9 +1,11 @@ - <leafNode name="mtu"> - <properties> - <help>Maximum Transmission Unit (MTU) - default 1492</help> - <constraint> - <validator name="numeric" argument="--range 128-16384"/> - </constraint> - </properties> - <defaultValue>1492</defaultValue> - </leafNode> +<!-- included start from accel-mtu-128-16384.xml.i --> +<leafNode name="mtu"> + <properties> + <help>Maximum Transmission Unit (MTU) - default 1492</help> + <constraint> + <validator name="numeric" argument="--range 128-16384"/> + </constraint> + </properties> + <defaultValue>1492</defaultValue> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-capability-orf.xml.i b/interface-definitions/include/bgp-afi-capability-orf.xml.i new file mode 100644 index 000000000..9bd265f93 --- /dev/null +++ b/interface-definitions/include/bgp-afi-capability-orf.xml.i @@ -0,0 +1,28 @@ +<!-- included start from bgp-afi-capability-orf.xml.i --> +<node name="orf"> + <properties> + <help>Advertise ORF capability to this peer</help> + </properties> + <children> + <node name="prefix-list"> + <properties> + <help>Advertise prefix-list ORF capability to this peer</help> + </properties> + <children> + <leafNode name="receive"> + <properties> + <help>Capability to receive the ORF</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="send"> + <properties> + <help>Capability to send the ORF</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> + </children> +</node> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-common.xml.i b/interface-definitions/include/bgp-afi-common.xml.i new file mode 100644 index 000000000..ea4eea591 --- /dev/null +++ b/interface-definitions/include/bgp-afi-common.xml.i @@ -0,0 +1,243 @@ +<!-- included start from bgp-afi-common.xml.i --> +<node name="allowas-in"> + <properties> + <help>Accept route that contains the local-as in the as-path</help> + </properties> + <children> + <leafNode name="number"> + <properties> + <help>Number of occurrences of AS number</help> + <valueHelp> + <format>u32:1-10</format> + <description>Number of times AS is allowed in path</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-10"/> + </constraint> + </properties> + </leafNode> + </children> +</node> +<leafNode name="as-override"> + <properties> + <help>AS for routes sent to this peer to be the local AS</help> + <valueless/> + </properties> +</leafNode> +<node name="attribute-unchanged"> + <properties> + <help>BGP attributes are sent unchanged</help> + </properties> + <children> + <leafNode name="as-path"> + <properties> + <help>Send AS path unchanged</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="med"> + <properties> + <help>Send multi-exit discriminator unchanged</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="next-hop"> + <properties> + <help>Send nexthop unchanged</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<node name="disable-send-community"> + <properties> + <help>Disable sending community attributes to this peer</help> + </properties> + <children> + <leafNode name="extended"> + <properties> + <help>Disable sending extended community attributes to this peer</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="standard"> + <properties> + <help>Disable sending standard community attributes to this peer</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<node name="default-originate"> + <properties> + <help>Originate default route to this peer</help> + </properties> + <children> + <leafNode name="route-map"> + <properties> + <help>route-map to specify criteria of the default route</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<node name="distribute-list"> + <properties> + <help>Access-list to filter route updates to/from this peer-group</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>Access-list to filter outgoing route updates to this peer-group</help> + <completionHelp> + <path>policy access-list</path> + </completionHelp> + <valueHelp> + <format>u32:1-65535</format> + <description>Access-list to filter outgoing route updates to this peer-group</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>Access-list to filter incoming route updates from this peer-group</help> + <completionHelp> + <path>policy access-list</path> + </completionHelp> + <valueHelp> + <format>u32:1-65535</format> + <description>Access-list to filter incoming route updates from this peer-group</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> + </leafNode> + </children> +</node> +<node name="filter-list"> + <properties> + <help>as-path-list to filter route updates to/from this peer</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>As-path-list to filter outgoing route updates to this peer</help> + <completionHelp> + <path>policy as-path-list</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>As-path-list to filter incoming route updates from this peer</help> + <completionHelp> + <path>policy as-path-list</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<leafNode name="maximum-prefix"> + <properties> + <help>Maximum number of prefixes to accept from this peer</help> + <valueHelp> + <format>u32:1-4294967295</format> + <description>Prefix limit</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-4294967295"/> + </constraint> + </properties> +</leafNode> +<node name="nexthop-self"> + <properties> + <help>Disable the next hop calculation for this peer</help> + </properties> + <children> + <leafNode name="force"> + <properties> + <help>Set the next hop to self for reflected routes</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<leafNode name="remove-private-as"> + <properties> + <help>Remove private AS numbers from AS path in outbound route updates</help> + <valueless/> + </properties> +</leafNode> +<node name="route-map"> + <properties> + <help>Route-map to filter route updates to/from this peer</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>Route-map to filter outgoing route updates</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>Route-map to filter incoming route updates</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<leafNode name="route-reflector-client"> + <properties> + <help>Peer is a route reflector client</help> + <valueless/> + </properties> +</leafNode> +<leafNode name="route-server-client"> + <properties> + <help>Peer is a route server client</help> + <valueless/> + </properties> +</leafNode> +<node name="soft-reconfiguration"> + <properties> + <help>Soft reconfiguration for peer</help> + </properties> + <children> + <leafNode name="inbound"> + <properties> + <help>Enable inbound soft reconfiguration</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<leafNode name="unsuppress-map"> + <properties> + <help>Route-map to selectively unsuppress suppressed routes</help> + <valueless/> + </properties> +</leafNode> +<leafNode name="weight"> + <properties> + <help>Default weight for routes from this peer</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Default weight</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-ipv4-prefix-list.xml.i b/interface-definitions/include/bgp-afi-ipv4-prefix-list.xml.i new file mode 100644 index 000000000..bbbada6bd --- /dev/null +++ b/interface-definitions/include/bgp-afi-ipv4-prefix-list.xml.i @@ -0,0 +1,25 @@ +<!-- included start from bgp-afi-ipv4-prefix-list.xml.i --> +<node name="prefix-list"> + <properties> + <help>IPv4-Prefix-list to filter route updates to/from this peer</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>IPv4-Prefix-list to filter outgoing route updates to this peer</help> + <completionHelp> + <path>policy prefix-list</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>IPv4-Prefix-list to filter incoming route updates from this peer</help> + <completionHelp> + <path>policy prefix-list</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-ipv6-capability-dynamic.xml.i b/interface-definitions/include/bgp-afi-ipv6-capability-dynamic.xml.i new file mode 100644 index 000000000..4bb5fa626 --- /dev/null +++ b/interface-definitions/include/bgp-afi-ipv6-capability-dynamic.xml.i @@ -0,0 +1,9 @@ +<!-- included start from bgp-afi-ipv6-capability-dynamic.xml.i --> +<!-- Capability dynamic in the afi ipv6 does nothing T3037 --> +<leafNode name="dynamic"> + <properties> + <help>Advertise dynamic capability to this neighbor</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-ipv6-nexthop-local.xml.i b/interface-definitions/include/bgp-afi-ipv6-nexthop-local.xml.i new file mode 100644 index 000000000..4778b392f --- /dev/null +++ b/interface-definitions/include/bgp-afi-ipv6-nexthop-local.xml.i @@ -0,0 +1,15 @@ +<!-- included start from bgp-afi-ipv6-nexthop-local.xml.i --> + <node name="nexthop-local"> + <properties> + <help>Nexthop attributes</help> + </properties> + <children> + <leafNode name="unchanged"> + <properties> + <help>Leave link-local nexthop unchanged for this peer</help> + <valueless/> + </properties> + </leafNode> + </children> + </node> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-ipv6-prefix-list.xml.i b/interface-definitions/include/bgp-afi-ipv6-prefix-list.xml.i new file mode 100644 index 000000000..8ae7837e9 --- /dev/null +++ b/interface-definitions/include/bgp-afi-ipv6-prefix-list.xml.i @@ -0,0 +1,25 @@ +<!-- included start from bgp-afi-ipv6-prefix-list.xml.i --> +<node name="prefix-list"> + <properties> + <help>Prefix-list to filter route updates to/from this peer</help> + </properties> + <children> + <leafNode name="export"> + <properties> + <help>Prefix-list to filter outgoing route updates to this peer</help> + <completionHelp> + <path>policy prefix-list6</path> + </completionHelp> + </properties> + </leafNode> + <leafNode name="import"> + <properties> + <help>Prefix-list to filter incoming route updates from this peer</help> + <completionHelp> + <path>policy prefix-list6</path> + </completionHelp> + </properties> + </leafNode> + </children> +</node> +<!-- included end --> diff --git a/interface-definitions/include/bgp-afi-peer-group.xml.i b/interface-definitions/include/bgp-afi-peer-group.xml.i new file mode 100644 index 000000000..c98a91030 --- /dev/null +++ b/interface-definitions/include/bgp-afi-peer-group.xml.i @@ -0,0 +1,7 @@ +<!-- included start from bgp-afi-peer-group.xml.i --> +<leafNode name="peer-group"> + <properties> + <help>Peer group used for this neighbor</help> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-capability.xml.i b/interface-definitions/include/bgp-capability.xml.i new file mode 100644 index 000000000..fbec4988b --- /dev/null +++ b/interface-definitions/include/bgp-capability.xml.i @@ -0,0 +1,21 @@ +<!-- included start from bgp-capability.xml.i --> +<node name="capability"> + <properties> + <help>Advertise capabilities to this peer-group</help> + </properties> + <children> + <leafNode name="dynamic"> + <properties> + <help>Advertise dynamic capability to this peer-group</help> + <valueless/> + </properties> + </leafNode> + <leafNode name="extended-nexthop"> + <properties> + <help>Advertise extended-nexthop capability to this neighbor</help> + <valueless/> + </properties> + </leafNode> + </children> +</node> +<!-- included end --> diff --git a/interface-definitions/include/bgp-description.xml.i b/interface-definitions/include/bgp-description.xml.i new file mode 100644 index 000000000..81be8fb97 --- /dev/null +++ b/interface-definitions/include/bgp-description.xml.i @@ -0,0 +1,8 @@ +<!-- included start from bgp-description.xml.i --> +<leafNode name="description"> + <properties> + <help>Description for this peer-group</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-disable-capability-negotiation.xml.i b/interface-definitions/include/bgp-disable-capability-negotiation.xml.i new file mode 100644 index 000000000..a43c6e8b9 --- /dev/null +++ b/interface-definitions/include/bgp-disable-capability-negotiation.xml.i @@ -0,0 +1,8 @@ +<!-- included start from bgp-disable-capability-negotiation.xml.i --> +<leafNode name="disable-capability-negotiation"> + <properties> + <help>Disable capability negotiation with this neighbor</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-disable-connected-check.xml.i b/interface-definitions/include/bgp-disable-connected-check.xml.i new file mode 100644 index 000000000..bb9098bf6 --- /dev/null +++ b/interface-definitions/include/bgp-disable-connected-check.xml.i @@ -0,0 +1,8 @@ +<!-- included start from bgp-disable-connected-check.xml.i --> +<leafNode name="disable-connected-check"> + <properties> + <help>Disable check to see if eBGP peer address is a connected route</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-ebgp-multihop.xml.i b/interface-definitions/include/bgp-ebgp-multihop.xml.i new file mode 100644 index 000000000..6459fcf47 --- /dev/null +++ b/interface-definitions/include/bgp-ebgp-multihop.xml.i @@ -0,0 +1,14 @@ +<!-- included start from bgp-ebgp-multihop.xml.i --> +<leafNode name="ebgp-multihop"> + <properties> + <help>Allow this EBGP neighbor to not be on a directly connected network</help> + <valueHelp> + <format>u32:1-255</format> + <description>Number of hops</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-255"/> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-local-as.xml.i b/interface-definitions/include/bgp-local-as.xml.i new file mode 100644 index 000000000..cf55ce476 --- /dev/null +++ b/interface-definitions/include/bgp-local-as.xml.i @@ -0,0 +1,22 @@ +<!-- included start from bgp-local-as.xml.i --> +<tagNode name="local-as"> + <properties> + <help>Local AS number [REQUIRED]</help> + <valueHelp> + <format>u32:1-4294967294</format> + <description>Local AS number</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-4294967294"/> + </constraint> + </properties> + <children> + <leafNode name="no-prepend"> + <properties> + <help>Disable prepending local-as to updates from EBGP peers</help> + <valueless/> + </properties> + </leafNode> + </children> +</tagNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i b/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i index c5a83f045..8f6cf06b1 100644 --- a/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i +++ b/interface-definitions/include/bgp-neighbor-afi-ipv4-unicast.xml.i @@ -4,283 +4,17 @@ <help>IPv4 BGP neighbor parameters</help> </properties> <children> - <node name="allowas-in"> - <properties> - <help>Accept a IPv4-route that contains the local-AS in the as-path</help> - </properties> - <children> - <leafNode name="number"> - <properties> - <help>Number of occurrences of AS number</help> - <valueHelp> - <format>u32:1-10</format> - <description>Number of times AS is allowed in path</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-10"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <leafNode name="as-override"> - <properties> - <help>AS for routes sent to this neighbor to be the local AS</help> - <valueless/> - </properties> - </leafNode> - <node name="attribute-unchanged"> - <properties> - <help>BGP attributes are sent unchanged (IPv4)</help> - </properties> - <children> - <leafNode name="as-path"> - <properties> - <help>Send AS path unchanged (IPv4)</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="med"> - <properties> - <help>Send multi-exit discriminator unchanged (IPv4)</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="next-hop"> - <properties> - <help>Send nexthop unchanged (IPv4)</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> <node name="capability"> <properties> <help>Advertise capabilities to this neighbor (IPv4)</help> </properties> <children> - <node name="orf"> - <properties> - <help>Advertise ORF capability to this neighbor</help> - </properties> - <children> - <node name="prefix-list"> - <properties> - <help>Advertise prefix-list ORF capability to this neighbor</help> - </properties> - <children> - <leafNode name="receive"> - <properties> - <help>Capability to receive the ORF</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="send"> - <properties> - <help>Capability to send the ORF</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - </children> - </node> - </children> - </node> - <node name="default-originate"> - <properties> - <help>Send default IPv4-route to this neighbor</help> - </properties> - <children> - <leafNode name="route-map"> - <properties> - <help>IPv4-Route-map to specify criteria of the default</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <node name="distribute-list"> - <properties> - <help>Access-list to filter IPv4-route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Access-list to filter outgoing IPv4-route updates to this neighbor</help> - <completionHelp> - <path>policy access-list</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter outgoing IPv4-route updates to this neighbor</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Access-list to filter incoming IPv4-route updates from this neighbor</help> - <completionHelp> - <path>policy access-list</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter incoming IPv4-route updates from this neighbor</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-afi-capability-orf.xml.i> </children> </node> - <node name="filter-list"> - <properties> - <help>As-path-list to filter IPv4-route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>As-path-list to filter outgoing IPv4-route updates to this neighbor</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>As-path-list to filter incoming IPv4-route updates from this neighbor</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="maximum-prefix"> - <properties> - <help>Maximum number of IPv4-prefixes to accept from this neighbor</help> - <valueHelp> - <format>u32:1-4294967295</format> - <description>Prefix limit</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967295"/> - </constraint> - </properties> - </leafNode> - <node name="nexthop-self"> - <properties> - <help>Nexthop for IPv4-routes sent to this neighbor to be the local router</help> - </properties> - <children> - <leafNode name="force"> - <properties> - <help>Set the next hop to self for reflected routes</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="prefix-list"> - <properties> - <help>IPv4-Prefix-list to filter route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>IPv4-Prefix-list to filter outgoing route updates to this neighbor</help> - <completionHelp> - <path>policy prefix-list</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>IPv4-Prefix-list to filter incoming route updates from this neighbor</help> - <completionHelp> - <path>policy prefix-list</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="remove-private-as"> - <properties> - <help>Remove private AS numbers from AS path in outbound IPv4-route updates</help> - <valueless/> - </properties> - </leafNode> - <node name="route-map"> - <properties> - <help>Route-map to filter IPv4-route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>IPv4-Route-map to filter outgoing route updates to this neighbor</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>IPv4-Route-map to filter incoming route updates from this neighbor</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="route-reflector-client"> - <properties> - <help>Neighbor as a IPv4-route reflector client</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="route-server-client"> - <properties> - <help>Neighbor is IPv4-route server client</help> - <valueless/> - </properties> - </leafNode> - <node name="soft-reconfiguration"> - <properties> - <help>Soft reconfiguration for neighbor (IPv4)</help> - </properties> - <children> - <leafNode name="inbound"> - <properties> - <help>Inbound soft reconfiguration for this neighbor [REQUIRED]</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="unsuppress-map"> - <properties> - <help>Route-map to selectively unsuppress suppressed IPv4-routes</help> - </properties> - </leafNode> - <leafNode name="weight"> - <properties> - <help>Default weight for routes from this neighbor</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Weight for routes from this neighbor</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-afi-peer-group.xml.i> + #include <include/bgp-afi-ipv4-prefix-list.xml.i> + #include <include/bgp-afi-common.xml.i> </children> </node> <!-- included end --> diff --git a/interface-definitions/include/bgp-neighbor-afi-ipv6-unicast.xml.i b/interface-definitions/include/bgp-neighbor-afi-ipv6-unicast.xml.i index 61cdc6a1c..c7a6f8035 100644 --- a/interface-definitions/include/bgp-neighbor-afi-ipv6-unicast.xml.i +++ b/interface-definitions/include/bgp-neighbor-afi-ipv6-unicast.xml.i @@ -4,328 +4,19 @@ <help>IPv6 BGP neighbor parameters</help> </properties> <children> - <node name="allowas-in"> - <properties> - <help>Accept a IPv6-route that contains the local-AS in the as-path</help> - </properties> - <children> - <leafNode name="number"> - <properties> - <help>Number of occurrences of AS number</help> - <valueHelp> - <format>u32:1-10</format> - <description>Number of times AS is allowed in path</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-10"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <leafNode name="as-override"> - <properties> - <help>AS for routes sent to this neighbor to be the local AS</help> - <valueless/> - </properties> - </leafNode> - <node name="attribute-unchanged"> - <properties> - <help>BGP attributes are sent unchanged</help> - </properties> - <children> - <leafNode name="as-path"> - <properties> - <help>Send AS path unchanged</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="med"> - <properties> - <help>Send multi-exit discriminator unchanged</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="next-hop"> - <properties> - <help>Send nexthop unchanged</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> <node name="capability"> <properties> <help>Advertise capabilities to this neighbor (IPv6)</help> </properties> <children> - <!-- Capability dynamic in the afi ipv6 does nothing T3037 --> - <leafNode name="dynamic"> - <properties> - <help>Advertise dynamic capability to this neighbor</help> - <valueless/> - </properties> - </leafNode> - <node name="orf"> - <properties> - <help>Advertise ORF capability to this neighbor</help> - </properties> - <children> - <node name="prefix-list"> - <properties> - <help>Advertise prefix-list ORF capability to this neighbor</help> - </properties> - <children> - <leafNode name="receive"> - <properties> - <help>Capability to receive the ORF</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="send"> - <properties> - <help>Capability to send the ORF</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - </children> - </node> - </children> - </node> - <node name="default-originate"> - <properties> - <help>Send default IPv6-route to this neighbor</help> - </properties> - <children> - <leafNode name="route-map"> - <properties> - <help>Route-map to specify criteria of the default</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <node name="disable-send-community"> - <properties> - <help>Disable sending community attributes to this neighbor</help> - </properties> - <children> - <leafNode name="extended"> - <properties> - <help>Disable sending extended community attributes to this neighbor</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="standard"> - <properties> - <help>Disable sending standard community attributes to this neighbor</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="distribute-list"> - <properties> - <help>Access-list to filter route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Access-list to filter outgoing route updates to this neighbor</help> - <completionHelp> - <path>policy access-list6</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter outgoing route updates to this neighbor</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Access-list to filter incoming route updates from this neighbor</help> - <completionHelp> - <path>policy access-list6</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter incoming route updates from this neighbor</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-afi-capability-orf.xml.i> + #include <include/bgp-afi-ipv6-capability-dynamic.xml.i> </children> </node> - <node name="filter-list"> - <properties> - <help>As-path-list to filter route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>As-path-list to filter outgoing route updates to this neighbor</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>As-path-list to filter incoming route updates from this neighbor</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="maximum-prefix"> - <properties> - <help>Maximum number of prefixes to accept from this neighbor</help> - <valueHelp> - <format>u32:1-4294967295</format> - <description>Prefix limit</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967295"/> - </constraint> - </properties> - </leafNode> - <node name="nexthop-local"> - <properties> - <help>Nexthop attributes</help> - </properties> - <children> - <leafNode name="unchanged"> - <properties> - <help>Leave link-local nexthop unchanged for this peer</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="nexthop-self"> - <properties> - <help>Nexthop for IPv6-routes sent to this neighbor to be the local router</help> - </properties> - <children> - <leafNode name="force"> - <properties> - <help>Set the next hop to self for reflected routes</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="peer-group"> - <properties> - <help>IPv6 peer group for this peer</help> - </properties> - </leafNode> - <node name="prefix-list"> - <properties> - <help>Prefix-list to filter route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Prefix-list to filter outgoing route updates to this neighbor</help> - <completionHelp> - <path>policy prefix-list6</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Prefix-list to filter incoming route updates from this neighbor</help> - <completionHelp> - <path>policy prefix-list6</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="remove-private-as"> - <properties> - <help>Remove private AS numbers from AS path in outbound route updates</help> - <valueless/> - </properties> - </leafNode> - <node name="route-map"> - <properties> - <help>Route-map to filter route updates to/from this neighbor</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Route-map to filter outgoing route updates to this neighbor</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Route-map to filter incoming route updates from this neighbor</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="route-reflector-client"> - <properties> - <help>Neighbor as a IPv6-route reflector client</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="route-server-client"> - <properties> - <help>Neighbor is IPv6-route server client</help> - <valueless/> - </properties> - </leafNode> - <node name="soft-reconfiguration"> - <properties> - <help>Soft reconfiguration for neighbor (IPv6)</help> - </properties> - <children> - <leafNode name="inbound"> - <properties> - <help>Inbound soft reconfiguration for this neighbor [REQUIRED]</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="unsuppress-map"> - <properties> - <help>Route-map to selectively unsuppress suppressed IPv6-routes</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="weight"> - <properties> - <help>Default weight for routes from this neighbor</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Weight for routes from this neighbor</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-afi-peer-group.xml.i> + #include <include/bgp-afi-ipv6-nexthop-local.xml.i> + #include <include/bgp-afi-ipv6-prefix-list.xml.i> + #include <include/bgp-afi-common.xml.i> </children> </node> <!-- included end --> diff --git a/interface-definitions/include/bgp-override-capability.xml.i b/interface-definitions/include/bgp-override-capability.xml.i new file mode 100644 index 000000000..88c277c8b --- /dev/null +++ b/interface-definitions/include/bgp-override-capability.xml.i @@ -0,0 +1,8 @@ +<!-- included start from bgp-override-capability.xml.i --> +<leafNode name="override-capability"> + <properties> + <help>Ignore capability negotiation with specified neighbor</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-passive.xml.i b/interface-definitions/include/bgp-passive.xml.i new file mode 100644 index 000000000..ada961866 --- /dev/null +++ b/interface-definitions/include/bgp-passive.xml.i @@ -0,0 +1,8 @@ +<!-- included start from bgp-passive.xml.i --> +<leafNode name="passive"> + <properties> + <help>Do not initiate a session with this neighbor</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-password.xml.i b/interface-definitions/include/bgp-password.xml.i new file mode 100644 index 000000000..5b68a2d71 --- /dev/null +++ b/interface-definitions/include/bgp-password.xml.i @@ -0,0 +1,7 @@ +<!-- included start from bgp-password.xml.i --> +<leafNode name="password"> + <properties> + <help>BGP MD5 password</help> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-peer-group-afi-ipv4-unicast.xml.i b/interface-definitions/include/bgp-peer-group-afi-ipv4-unicast.xml.i index e34d9f774..cfa68e5f0 100644 --- a/interface-definitions/include/bgp-peer-group-afi-ipv4-unicast.xml.i +++ b/interface-definitions/include/bgp-peer-group-afi-ipv4-unicast.xml.i @@ -4,300 +4,16 @@ <help>IPv4 BGP peer group parameters</help> </properties> <children> - <node name="allowas-in"> - <properties> - <help>Accept a route that contains the local-AS in the as-path</help> - </properties> - <children> - <leafNode name="number"> - <properties> - <help>Number of occurrences of AS number</help> - <valueHelp> - <format>u32:1-10</format> - <description>Number of times AS is allowed in path</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-10"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <node name="attribute-unchanged"> - <properties> - <help>BGP attributes are sent unchanged</help> - </properties> - <children> - <leafNode name="as-path"> - <properties> - <help>Send AS path unchanged</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="med"> - <properties> - <help>Send multi-exit discriminator unchanged</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="next-hop"> - <properties> - <help>Send nexthop unchanged</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> <node name="capability"> <properties> <help>Advertise capabilities to this peer-group</help> </properties> <children> - <leafNode name="dynamic"> - <properties> - <help>Advertise dynamic capability to this peer-group</help> - <valueless/> - </properties> - </leafNode> - <node name="orf"> - <properties> - <help>Advertise ORF capability to this peer-group</help> - </properties> - <children> - <node name="prefix-list"> - <properties> - <help>Advertise prefix-list ORF capability to this peer-group</help> - </properties> - <children> - <leafNode name="receive"> - <properties> - <help>Capability to receive the ORF</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="send"> - <properties> - <help>Capability to send the ORF</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - </children> - </node> - </children> - </node> - <node name="default-originate"> - <properties> - <help>Send default route to this peer-group</help> - </properties> - <children> - <leafNode name="route-map"> - <properties> - <help>Route-map to specify criteria of the default</help> - </properties> - </leafNode> - </children> - </node> - <node name="disable-send-community"> - <properties> - <help>Disable sending community attributes to this peer-group</help> - </properties> - <children> - <leafNode name="extended"> - <properties> - <help>Disable sending extended community attributes to this peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="standard"> - <properties> - <help>Disable sending standard community attributes to this peer-group</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="distribute-list"> - <properties> - <help>Access-list to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Access-list to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy access-list</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter outgoing route updates to this peer-group</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Access-list to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy access-list</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter incoming route updates from this peer-group</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <node name="filter-list"> - <properties> - <help>As-path-list to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>As-path-list to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>As-path-list to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="maximum-prefix"> - <properties> - <help>Maximum number of prefixes to accept from this peer-group</help> - <valueHelp> - <format>u32:1-4294967295</format> - <description>Prefix limit</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967295"/> - </constraint> - </properties> - </leafNode> - <node name="nexthop-self"> - <properties> - <help>Nexthop for routes sent to this peer-group to be the local router</help> - </properties> - <children> - <leafNode name="force"> - <properties> - <help>Set the next hop to self for reflected routes</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="prefix-list"> - <properties> - <help>Prefix-list to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Prefix-list to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy prefix-list</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Prefix-list to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy prefix-list</path> - </completionHelp> - </properties> - </leafNode> + #include <include/bgp-afi-capability-orf.xml.i> </children> </node> - <leafNode name="remove-private-as"> - <properties> - <help>Remove private AS numbers from AS path in outbound route updates</help> - <valueless/> - </properties> - </leafNode> - <node name="route-map"> - <properties> - <help>Route-map to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Route-map to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Route-map to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="route-reflector-client"> - <properties> - <help>Peer-group as a route reflector client</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="route-server-client"> - <properties> - <help>Peer-group as route server client</help> - <valueless/> - </properties> - </leafNode> - <node name="soft-reconfiguration"> - <properties> - <help>Soft reconfiguration for peer-group</help> - </properties> - <children> - <leafNode name="inbound"> - <properties> - <help>Inbound soft reconfiguration for this peer-group [REQUIRED]</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="unsuppress-map"> - <properties> - <help>Route-map to selectively unsuppress suppressed routes</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="weight"> - <properties> - <help>Default weight for routes from this peer-group</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Weight for routes from this peer-group</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-afi-ipv4-prefix-list.xml.i> + #include <include/bgp-afi-common.xml.i> </children> </node> <!-- included end --> diff --git a/interface-definitions/include/bgp-peer-group-afi-ipv6-unicast.xml.i b/interface-definitions/include/bgp-peer-group-afi-ipv6-unicast.xml.i index 400193b7b..a062820ea 100644 --- a/interface-definitions/include/bgp-peer-group-afi-ipv6-unicast.xml.i +++ b/interface-definitions/include/bgp-peer-group-afi-ipv6-unicast.xml.i @@ -1,319 +1,21 @@ <!-- included start from bgp-peer-group-afi-ipv6-unicast.xml.i --> <node name="ipv6-unicast"> <properties> - <help>IPv6 BGP neighbor parameters</help> + <help>IPv6 BGP peer group parameters</help> </properties> <children> - <node name="allowas-in"> - <properties> - <help>Accept a IPv6-route that contains the local-AS in the as-path</help> - </properties> - <children> - <leafNode name="number"> - <properties> - <help>Number of occurrences of AS number</help> - <valueHelp> - <format>u32:1-10</format> - <description>Number of times AS is allowed in path</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-10"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <node name="attribute-unchanged"> - <properties> - <help>BGP attributes are sent unchanged</help> - </properties> - <children> - <leafNode name="as-path"> - <properties> - <help>Send AS path unchanged</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="med"> - <properties> - <help>Send multi-exit discriminator unchanged</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="next-hop"> - <properties> - <help>Send nexthop unchanged</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> <node name="capability"> <properties> <help>Advertise capabilities to this peer-group</help> </properties> <children> - <leafNode name="dynamic"> - <properties> - <help>Advertise dynamic capability to this peer-group</help> - <valueless/> - </properties> - </leafNode> - <node name="orf"> - <properties> - <help>Advertise ORF capability to this peer-group</help> - </properties> - <children> - <node name="prefix-list"> - <properties> - <help>Advertise prefix-list ORF capability to this peer-group</help> - </properties> - <children> - <leafNode name="receive"> - <properties> - <help>Capability to receive the ORF</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="send"> - <properties> - <help>Capability to send the ORF</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - </children> - </node> - </children> - </node> - <node name="default-originate"> - <properties> - <help>Send default route to this peer-group</help> - </properties> - <children> - <leafNode name="route-map"> - <properties> - <help>Route-map to specify criteria of the default</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <node name="disable-send-community"> - <properties> - <help>Disable sending community attributes to this peer-group</help> - </properties> - <children> - <leafNode name="extended"> - <properties> - <help>Disable sending extended community attributes to this peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="standard"> - <properties> - <help>Disable sending standard community attributes to this peer-group</help> - <valueless/> - </properties> - </leafNode> + #include <include/bgp-afi-capability-orf.xml.i> + #include <include/bgp-afi-ipv6-capability-dynamic.xml.i> </children> </node> - <node name="distribute-list"> - <properties> - <help>Access-list to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Access-list to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy access-list6</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter outgoing route updates to this peer-group</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Access-list to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy access-list6</path> - </completionHelp> - <valueHelp> - <format>u32:1-65535</format> - <description>Access-list to filter incoming route updates from this peer-group</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <node name="filter-list"> - <properties> - <help>As-path-list to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>As-path-list to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>As-path-list to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy as-path-list</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="maximum-prefix"> - <properties> - <help>Maximum number of prefixes to accept from this peer-group</help> - <valueHelp> - <format>u32:1-4294967295</format> - <description>Prefix limit</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967295"/> - </constraint> - </properties> - </leafNode> - <node name="nexthop-local"> - <properties> - <help>Nexthop attributes</help> - </properties> - <children> - <leafNode name="unchanged"> - <properties> - <help>Leave link-local nexthop unchanged for this peer</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="nexthop-self"> - <properties> - <help>Nexthop for routes sent to this peer-group to be the local router</help> - </properties> - <children> - <leafNode name="force"> - <properties> - <help>Set the next hop to self for reflected routes</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <node name="prefix-list"> - <properties> - <help>Prefix-list to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Prefix-list to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy prefix-list6</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Prefix-list to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy prefix-list6</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="remove-private-as"> - <properties> - <help>Remove private AS numbers from AS path in outbound route updates</help> - <valueless/> - </properties> - </leafNode> - <node name="route-map"> - <properties> - <help>Route-map to filter route updates to/from this peer-group</help> - </properties> - <children> - <leafNode name="export"> - <properties> - <help>Route-map to filter outgoing route updates to this peer-group</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - <leafNode name="import"> - <properties> - <help>Route-map to filter incoming route updates from this peer-group</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> - </children> - </node> - <leafNode name="route-reflector-client"> - <properties> - <help>Peer-group as a route reflector client</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="route-server-client"> - <properties> - <help>Peer-group as route server client</help> - <valueless/> - </properties> - </leafNode> - <node name="soft-reconfiguration"> - <properties> - <help>Soft reconfiguration for peer-group</help> - </properties> - <children> - <leafNode name="inbound"> - <properties> - <help>Inbound soft reconfiguration for this peer-group [REQUIRED]</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="unsuppress-map"> - <properties> - <help>Route-map to selectively unsuppress suppressed routes</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="weight"> - <properties> - <help>Default weight for routes from this peer-group</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Weight for routes from this peer-group</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-afi-ipv6-nexthop-local.xml.i> + #include <include/bgp-afi-ipv6-prefix-list.xml.i> + #include <include/bgp-afi-common.xml.i> </children> </node> <!-- included end --> diff --git a/interface-definitions/include/bgp-peer-group.xml.i b/interface-definitions/include/bgp-peer-group.xml.i new file mode 100644 index 000000000..24585c1ce --- /dev/null +++ b/interface-definitions/include/bgp-peer-group.xml.i @@ -0,0 +1,7 @@ +<!-- included start from bgp-peer-group.xml.i --> +<leafNode name="peer-group"> + <properties> + <help>Peer group for this peer</help> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-remote-as.xml.i b/interface-definitions/include/bgp-remote-as.xml.i new file mode 100644 index 000000000..de3f4d2ad --- /dev/null +++ b/interface-definitions/include/bgp-remote-as.xml.i @@ -0,0 +1,27 @@ +<!-- included start from bgp-remote-as.xml.i --> +<leafNode name="remote-as"> + <properties> + <help>Neighbor BGP AS number [REQUIRED]</help> + <completionHelp> + <list>external internal</list> + </completionHelp> + <valueHelp> + <format>u32:1-4294967294</format> + <description>Neighbor AS number</description> + </valueHelp> + <valueHelp> + <format>external</format> + <description>Any AS different from the local AS</description> + </valueHelp> + <valueHelp> + <format>internal</format> + <description>Neighbor AS number</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-4294967294"/> + <regex>^(external|internal)$</regex> + </constraint> + <constraintErrorMessage>Invalid AS number</constraintErrorMessage> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-route-map.xml.i b/interface-definitions/include/bgp-route-map.xml.i new file mode 100644 index 000000000..18b092354 --- /dev/null +++ b/interface-definitions/include/bgp-route-map.xml.i @@ -0,0 +1,10 @@ +<!-- included start from bgp-route-map.xml.i --> +<leafNode name="route-map"> + <properties> + <help>Route-map to modify route attributes</help> + <completionHelp> + <path>policy route-map</path> + </completionHelp> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-shutdown.xml.i b/interface-definitions/include/bgp-shutdown.xml.i new file mode 100644 index 000000000..330120bba --- /dev/null +++ b/interface-definitions/include/bgp-shutdown.xml.i @@ -0,0 +1,8 @@ +<!-- included start from bgp-shutdown.xml.i --> +<leafNode name="shutdown"> + <properties> + <help>Administratively shut down peer-group</help> + <valueless/> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-timers-holdtime.xml.i b/interface-definitions/include/bgp-timers-holdtime.xml.i new file mode 100644 index 000000000..09924574b --- /dev/null +++ b/interface-definitions/include/bgp-timers-holdtime.xml.i @@ -0,0 +1,18 @@ +<!-- included start from bgp-timers-holdtime.xml.i --> +<leafNode name="holdtime"> + <properties> + <help>BGP hold timer for this neighbor</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Hold timer in seconds</description> + </valueHelp> + <valueHelp> + <format>0</format> + <description>Hold timer disabled</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 0-65535"/> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-timers-keepalive.xml.i b/interface-definitions/include/bgp-timers-keepalive.xml.i new file mode 100644 index 000000000..7d294c9d6 --- /dev/null +++ b/interface-definitions/include/bgp-timers-keepalive.xml.i @@ -0,0 +1,14 @@ +<!-- included start from bgp-timers-keepalive.xml.i --> +<leafNode name="keepalive"> + <properties> + <help>BGP keepalive interval for this neighbor</help> + <valueHelp> + <format>u32:1-65535</format> + <description>Keepalive interval in seconds (default 60)</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-65535"/> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/include/bgp-ttl-security.xml.i b/interface-definitions/include/bgp-ttl-security.xml.i new file mode 100644 index 000000000..3f4d1786d --- /dev/null +++ b/interface-definitions/include/bgp-ttl-security.xml.i @@ -0,0 +1,21 @@ +<!-- included start from bgp-ttl-security.xml.i --> +<node name="ttl-security"> + <properties> + <help>Ttl security mechanism</help> + </properties> + <children> + <leafNode name="hops"> + <properties> + <help>Number of the maximum number of hops to the BGP peer</help> + <valueHelp> + <format>u32:1-254</format> + <description>Number of hops</description> + </valueHelp> + <constraint> + <validator name="numeric" argument="--range 1-254"/> + </constraint> + </properties> + </leafNode> + </children> +</node> +<!-- included end --> diff --git a/interface-definitions/include/bgp-update-source.xml.i b/interface-definitions/include/bgp-update-source.xml.i new file mode 100644 index 000000000..c1db2e2c1 --- /dev/null +++ b/interface-definitions/include/bgp-update-source.xml.i @@ -0,0 +1,28 @@ +<!-- included start from bgp-update-source.xml.i --> +<leafNode name="update-source"> + <!-- Need to check format interfaces --> + <properties> + <help>Source IP of routing updates</help> + <completionHelp> + <script>${vyos_completion_dir}/list_local_ips.sh --both</script> + </completionHelp> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address of route source</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address of route source</description> + </valueHelp> + <valueHelp> + <format>txt</format> + <description>Interface as route source</description> + </valueHelp> + <constraint> + <validator name="ipv4-address"/> + <validator name="ipv6-address"/> + <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo$</regex> + </constraint> + </properties> +</leafNode> +<!-- included end --> diff --git a/interface-definitions/protocols-bgp.xml.in b/interface-definitions/protocols-bgp.xml.in index 27cbc919a..b9f67f188 100644 --- a/interface-definitions/protocols-bgp.xml.in +++ b/interface-definitions/protocols-bgp.xml.in @@ -59,14 +59,7 @@ <valueless/> </properties> </leafNode> - <leafNode name="route-map"> - <properties> - <help>Route-map to modify route attributes</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> + #include <include/bgp-route-map.xml.i> </children> </tagNode> <node name="redistribute"> @@ -167,14 +160,7 @@ </constraint> </properties> </leafNode> - <leafNode name="route-map"> - <properties> - <help>Route-map to modify route attributes</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> + #include <include/bgp-route-map.xml.i> </children> </tagNode> <node name="redistribute"> @@ -198,9 +184,9 @@ #include <include/bgp-afi-redistribute-metric-route-map.xml.i> </children> </node> - <node name="ospf"> + <node name="ospfv3"> <properties> - <help>Redistribute OSPF routes into BGP</help> + <help>Redistribute OSPFv3 routes into BGP</help> </properties> <children> #include <include/bgp-afi-redistribute-metric-route-map.xml.i> @@ -282,7 +268,7 @@ <constraint> <validator name="ipv4-address"/> <validator name="ipv6-address"/> - <regex>(br|bond|dum|en|eth|gnv|lo|peth|tun|vti|vxlan|wg|wlan)[0-9]+</regex> + <regex>^(br|bond|dum|en|eth|gnv|peth|tun|vti|vxlan|wg|wlan)[0-9]+|lo$</regex> </constraint> </properties> <children> @@ -320,42 +306,10 @@ </leafNode> </children> </node> - <node name="capability"> - <properties> - <help>Advertise capabilities to this neighbor</help> - </properties> - <children> - <leafNode name="dynamic"> - <properties> - <help>Advertise dynamic capability to this neighbor</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="extended-nexthop"> - <properties> - <help>Advertise extended-nexthop capability to this neighbor</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="description"> - <properties> - <help>Description for this neighbor</help> - </properties> - </leafNode> - <leafNode name="disable-capability-negotiation"> - <properties> - <help>Disable capability negotiation with this neighbor</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="disable-connected-check"> - <properties> - <help>Disable check to see if eBGP peer address is a connected route</help> - <valueless/> - </properties> - </leafNode> + #include <include/bgp-capability.xml.i> + #include <include/bgp-description.xml.i> + #include <include/bgp-disable-capability-negotiation.xml.i> + #include <include/bgp-disable-connected-check.xml.i> <node name="disable-send-community"> <properties> <help>Disable sending community attributes to this neighbor (IPv4)</help> @@ -375,134 +329,30 @@ </leafNode> </children> </node> - <leafNode name="ebgp-multihop"> - <properties> - <help>Allow this EBGP neighbor to not be on a directly connected network</help> - <valueHelp> - <format>u32:1-255</format> - <description>Number of hops</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-ebgp-multihop.xml.i> <node name="interface"> <properties> <help>Interface parameters</help> </properties> <children> - <leafNode name="peer-group"> - <properties> - <help>Peer group for this peer</help> - </properties> - </leafNode> - <leafNode name="remote-as"> - <properties> - <help>Neighbor BGP AS number [REQUIRED]</help> - <completionHelp> - <list>external internal</list> - </completionHelp> - <valueHelp> - <format>u32:1-4294967294</format> - <description>Neighbor AS number</description> - </valueHelp> - <valueHelp> - <format>external</format> - <description>Any AS different from the local AS</description> - </valueHelp> - <valueHelp> - <format>internal</format> - <description>Neighbor AS number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967294"/> - <regex>(external|internal)</regex> - </constraint> - <constraintErrorMessage>Invalid ASN value</constraintErrorMessage> - </properties> - </leafNode> + #include <include/bgp-peer-group.xml.i> + #include <include/bgp-remote-as.xml.i> <node name="v6only"> <properties> <help>Enable BGP with v6 link-local only</help> </properties> <children> - <leafNode name="peer-group"> - <properties> - <help>Peer group for this peer</help> - </properties> - </leafNode> - <leafNode name="remote-as"> - <properties> - <help>Neighbor BGP AS number [REQUIRED]</help> - <completionHelp> - <list>external internal</list> - </completionHelp> - <valueHelp> - <format>u32:1-4294967294</format> - <description>Neighbor AS number</description> - </valueHelp> - <valueHelp> - <format>external</format> - <description>Any AS different from the local AS</description> - </valueHelp> - <valueHelp> - <format>internal</format> - <description>Neighbor AS number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967294"/> - <regex>(external|internal)</regex> - </constraint> - <constraintErrorMessage>Invalid ASN value</constraintErrorMessage> - </properties> - </leafNode> + #include <include/bgp-peer-group.xml.i> + #include <include/bgp-remote-as.xml.i> </children> </node> </children> </node> - <tagNode name="local-as"> - <properties> - <help>Local AS number</help> - <valueHelp> - <format>u32:1-4294967294</format> - <description>Local AS number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967294"/> - </constraint> - </properties> - <children> - <leafNode name="no-prepend"> - <properties> - <help>Disable prepending local-as to updates from EBGP peers</help> - <valueless/> - </properties> - </leafNode> - </children> - </tagNode> - <leafNode name="override-capability"> - <properties> - <help>Ignore capability negotiation with specified neighbor</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="passive"> - <properties> - <help>Do not initiate a session with this neighbor</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="password"> - <properties> - <help>BGP MD5 password</help> - </properties> - </leafNode> - <leafNode name="peer-group"> - <properties> - <help>IPv4 peer group for this peer</help> - </properties> - </leafNode> + #include <include/bgp-local-as.xml.i> + #include <include/bgp-override-capability.xml.i> + #include <include/bgp-passive.xml.i> + #include <include/bgp-password.xml.i> + #include <include/bgp-peer-group.xml.i> <leafNode name="port"> <properties> <help>Neighbor BGP port</help> @@ -515,37 +365,8 @@ </constraint> </properties> </leafNode> - <leafNode name="remote-as"> - <properties> - <help>Neighbor BGP AS number [REQUIRED]</help> - <completionHelp> - <list>external internal</list> - </completionHelp> - <valueHelp> - <format>u32:1-4294967294</format> - <description>Neighbor AS number</description> - </valueHelp> - <valueHelp> - <format>external</format> - <description>Any AS different from the local AS</description> - </valueHelp> - <valueHelp> - <format>internal</format> - <description>Neighbor AS number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967294"/> - <regex>(external|internal)</regex> - </constraint> - <constraintErrorMessage>Invalid ASN value</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="shutdown"> - <properties> - <help>Administratively shut down neighbor</help> - <valueless/> - </properties> - </leafNode> + #include <include/bgp-remote-as.xml.i> + #include <include/bgp-shutdown.xml.i> <leafNode name="strict-capability-match"> <properties> <help>Enable strict capability negotiation</help> @@ -573,78 +394,12 @@ </constraint> </properties> </leafNode> - <leafNode name="holdtime"> - <properties> - <help>BGP hold timer for this neighbor</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Hold timer in seconds</description> - </valueHelp> - <valueHelp> - <format>0</format> - <description>Hold timer disabled</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="keepalive"> - <properties> - <help>BGP keepalive interval for this neighbor</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Keepalive interval in seconds (default 60)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <node name="ttl-security"> - <properties> - <help>Ttl security mechanism for this BGP peer</help> - </properties> - <children> - <leafNode name="hops"> - <properties> - <help>Number of the maximum number of hops to the BGP peer</help> - <valueHelp> - <format>u32:1-254</format> - <description>Number of hops</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-254"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-timers-holdtime.xml.i> + #include <include/bgp-timers-keepalive.xml.i> </children> </node> - <leafNode name="update-source"> - <!-- Need to check format interfaces --> - <properties> - <help>Source IP of routing updates</help> - <valueHelp> - <format>ipv4</format> - <description>IPv4 address of route source</description> - </valueHelp> - <valueHelp> - <format>ipv6</format> - <description>IPv6 address of route source</description> - </valueHelp> - <valueHelp> - <format>txt</format> - <description>Interface as route source</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - <validator name="ipv6-address"/> - <regex>(br|bond|dum|en|eth|gnv|lo|peth|tun|vti|vxlan|wg|wlan)[0-9]+</regex> - </constraint> - </properties> - </leafNode> + #include <include/bgp-ttl-security.xml.i> + #include <include/bgp-update-source.xml.i> </children> </tagNode> <node name="parameters"> @@ -997,208 +752,29 @@ <valueless/> </properties> </leafNode> - <node name="capability"> - <properties> - <help>Advertise capabilities to this peer-group</help> - </properties> - <children> - <leafNode name="dynamic"> - <properties> - <help>Advertise dynamic capability to this peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="extended-nexthop"> - <properties> - <help>Advertise extended-nexthop capability to this neighbor</help> - <valueless/> - </properties> - </leafNode> - </children> - </node> - <leafNode name="description"> - <properties> - <help>Description for this peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="disable-capability-negotiation"> - <properties> - <help>Disable capability negotiation with this peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="disable-connected-check"> - <properties> - <help>Disable check to see if eBGP peer address is a connected route</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="ebgp-multihop"> - <properties> - <help>Allow this EBGP peer-group to not be on a directly connected network</help> - <valueHelp> - <format>u32:1-255</format> - <description>Number of hops</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-255"/> - </constraint> - </properties> - </leafNode> - <tagNode name="local-as"> - <properties> - <help>Local AS number [REQUIRED]</help> - <valueHelp> - <format>u32:1-4294967294</format> - <description>Local AS number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967294"/> - </constraint> - </properties> - <children> - <leafNode name="no-prepend"> - <properties> - <help>Disable prepending local-as to updates from EBGP peers</help> - <valueless/> - </properties> - </leafNode> - </children> - </tagNode> - <leafNode name="override-capability"> - <properties> - <help>Ignore capability negotiation with specified peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="passive"> - <properties> - <help>Do not intiate a session with this peer-group</help> - <valueless/> - </properties> - </leafNode> - <leafNode name="password"> - <properties> - <help>BGP MD5 password</help> - </properties> - </leafNode> - <leafNode name="remote-as"> - <properties> - <help>Neighbor BGP AS number [REQUIRED]</help> - <completionHelp> - <list>external internal</list> - </completionHelp> - <valueHelp> - <format>u32:1-4294967294</format> - <description>Neighbor AS number</description> - </valueHelp> - <valueHelp> - <format>external</format> - <description>Any AS different from the local AS</description> - </valueHelp> - <valueHelp> - <format>internal</format> - <description>Neighbor AS number</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-4294967294"/> - <regex>(external|internal)</regex> - </constraint> - <constraintErrorMessage>Invalid ASN value</constraintErrorMessage> - </properties> - </leafNode> - <leafNode name="shutdown"> - <properties> - <help>Administratively shut down peer-group</help> - <valueless/> - </properties> - </leafNode> - <node name="ttl-security"> - <properties> - <help>Ttl security mechanism</help> - </properties> - <children> - <leafNode name="hops"> - <properties> - <help>Number of the maximum number of hops to the BGP peer</help> - <valueHelp> - <format>u32:1-254</format> - <description>Number of hops</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-254"/> - </constraint> - </properties> - </leafNode> - </children> - </node> - <leafNode name="update-source"> - <!-- Need to check format interfaces --> - <properties> - <help>Source IP of routing updates</help> - <valueHelp> - <format>ipv4</format> - <description>IPv4 address of route source</description> - </valueHelp> - <valueHelp> - <format>ipv6</format> - <description>IPv6 address of route source</description> - </valueHelp> - <valueHelp> - <format>txt</format> - <description>Interface as route source</description> - </valueHelp> - <constraint> - <validator name="ipv4-address"/> - <validator name="ipv6-address"/> - <regex>(br|bond|dum|en|eth|gnv|lo|peth|tun|vti|vxlan|wg|wlan)[0-9]+</regex> - </constraint> - </properties> - </leafNode> + #include <include/bgp-capability.xml.i> + #include <include/bgp-description.xml.i> + #include <include/bgp-disable-capability-negotiation.xml.i> + #include <include/bgp-disable-connected-check.xml.i> + #include <include/bgp-ebgp-multihop.xml.i> + #include <include/bgp-local-as.xml.i> + #include <include/bgp-override-capability.xml.i> + #include <include/bgp-passive.xml.i> + #include <include/bgp-password.xml.i> + #include <include/bgp-remote-as.xml.i> + #include <include/bgp-shutdown.xml.i> + #include <include/bgp-ttl-security.xml.i> + #include <include/bgp-update-source.xml.i> </children> </tagNode> - <leafNode name="route-map"> - <properties> - <help>Filter routes installed in local route map</help> - <completionHelp> - <path>policy route-map</path> - </completionHelp> - </properties> - </leafNode> + #include <include/bgp-route-map.xml.i> <node name="timers"> <properties> <help>BGP protocol timers</help> </properties> <children> - <leafNode name="holdtime"> - <properties> - <help>BGP holdtime interval</help> - <valueHelp> - <format>u32:4-65535</format> - <description>Hold-time in seconds (default 180)</description> - </valueHelp> - <valueHelp> - <format>0</format> - <description>Do not hold routes</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 0-65535"/> - </constraint> - </properties> - </leafNode> - <leafNode name="keepalive"> - <properties> - <help>Keepalive interval</help> - <valueHelp> - <format>u32:1-65535</format> - <description>Keep-alive time in seconds (default 60)</description> - </valueHelp> - <constraint> - <validator name="numeric" argument="--range 1-65535"/> - </constraint> - </properties> - </leafNode> + #include <include/bgp-timers-holdtime.xml.i> + #include <include/bgp-timers-keepalive.xml.i> </children> </node> </children> diff --git a/python/vyos/ifconfig/interface.py b/python/vyos/ifconfig/interface.py index 4c05ac613..ba0a8adc0 100644 --- a/python/vyos/ifconfig/interface.py +++ b/python/vyos/ifconfig/interface.py @@ -79,6 +79,14 @@ class Interface(Control): 'shellcmd': 'ip -json link show dev {ifname}', 'format': lambda j: 'up' if 'UP' in jmespath.search('[*].flags | [0]', json.loads(j)) else 'down', }, + 'alias': { + 'shellcmd': 'ip -json -detail link list dev {ifname}', + 'format': lambda j: jmespath.search('[*].ifalias | [0]', json.loads(j)), + }, + 'mac': { + 'shellcmd': 'ip -json -detail link list dev {ifname}', + 'format': lambda j: jmespath.search('[*].address | [0]', json.loads(j)), + }, 'min_mtu': { 'shellcmd': 'ip -json -detail link list dev {ifname}', 'format': lambda j: jmespath.search('[*].min_mtu | [0]', json.loads(j)), @@ -87,6 +95,14 @@ class Interface(Control): 'shellcmd': 'ip -json -detail link list dev {ifname}', 'format': lambda j: jmespath.search('[*].max_mtu | [0]', json.loads(j)), }, + 'mtu': { + 'shellcmd': 'ip -json -detail link list dev {ifname}', + 'format': lambda j: jmespath.search('[*].mtu | [0]', json.loads(j)), + }, + 'oper_state': { + 'shellcmd': 'ip -json -detail link list dev {ifname}', + 'format': lambda j: jmespath.search('[*].operstate | [0]', json.loads(j)), + }, } _command_set = { @@ -94,40 +110,25 @@ class Interface(Control): 'validate': lambda v: assert_list(v, ['up', 'down']), 'shellcmd': 'ip link set dev {ifname} {value}', }, + 'alias': { + 'convert': lambda name: name if name else '', + 'shellcmd': 'ip link set dev {ifname} alias "{value}"', + }, 'mac': { 'validate': assert_mac, 'shellcmd': 'ip link set dev {ifname} address {value}', }, + 'mtu': { + 'validate': assert_mtu, + 'shellcmd': 'ip link set dev {ifname} mtu {value}', + }, 'vrf': { 'convert': lambda v: f'master {v}' if v else 'nomaster', 'shellcmd': 'ip link set dev {ifname} {value}', }, } - _sysfs_get = { - 'alias': { - 'location': '/sys/class/net/{ifname}/ifalias', - }, - 'mac': { - 'location': '/sys/class/net/{ifname}/address', - }, - 'mtu': { - 'location': '/sys/class/net/{ifname}/mtu', - }, - 'oper_state':{ - 'location': '/sys/class/net/{ifname}/operstate', - }, - } - _sysfs_set = { - 'alias': { - 'convert': lambda name: name if name else '\0', - 'location': '/sys/class/net/{ifname}/ifalias', - }, - 'mtu': { - 'validate': assert_mtu, - 'location': '/sys/class/net/{ifname}/mtu', - }, 'arp_cache_tmo': { 'convert': lambda tmo: (int(tmo) * 1000), 'location': '/proc/sys/net/ipv4/neigh/{ifname}/base_reachable_time_ms', diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py index 8b04eb337..36b085c7f 100644 --- a/smoketest/scripts/cli/base_interfaces_test.py +++ b/smoketest/scripts/cli/base_interfaces_test.py @@ -57,6 +57,7 @@ class BasicInterfaceTest: _test_vlan = False _test_qinq = False _test_ipv6 = False + _test_ipv6_pd = False _test_mirror = False _base_path = [] @@ -367,7 +368,7 @@ class BasicInterfaceTest: def test_dhcpv6pd_auto_sla_id(self): - if not self._test_ipv6: + if not self._test_ipv6_pd: self.skipTest('not enabled') prefix_len = '56' @@ -423,7 +424,7 @@ class BasicInterfaceTest: self.session.delete(['interfaces', section, delegatee]) def test_dhcpv6pd_manual_sla_id(self): - if not self._test_ipv6: + if not self._test_ipv6_pd: self.skipTest('not enabled') prefix_len = '56' diff --git a/smoketest/scripts/cli/test_interfaces_bonding.py b/smoketest/scripts/cli/test_interfaces_bonding.py index d73ff09e9..f42ec3e9b 100755 --- a/smoketest/scripts/cli/test_interfaces_bonding.py +++ b/smoketest/scripts/cli/test_interfaces_bonding.py @@ -27,10 +27,11 @@ from vyos.util import read_file class BondingInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): self._test_ip = True + self._test_ipv6 = True + self._test_ipv6_pd = True self._test_mtu = True self._test_vlan = True self._test_qinq = True - self._test_ipv6 = True self._base_path = ['interfaces', 'bonding'] self._interfaces = ['bond0'] self._mirror_interfaces = ['dum21354'] diff --git a/smoketest/scripts/cli/test_interfaces_bridge.py b/smoketest/scripts/cli/test_interfaces_bridge.py index d47d236d0..03d8f6e9c 100755 --- a/smoketest/scripts/cli/test_interfaces_bridge.py +++ b/smoketest/scripts/cli/test_interfaces_bridge.py @@ -30,6 +30,7 @@ class BridgeInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): self._test_ip = True self._test_ipv6 = True + self._test_ipv6_pd = True self._test_vlan = True self._test_qinq = True self._base_path = ['interfaces', 'bridge'] diff --git a/smoketest/scripts/cli/test_interfaces_ethernet.py b/smoketest/scripts/cli/test_interfaces_ethernet.py index 6a0bdf150..42c1f15df 100755 --- a/smoketest/scripts/cli/test_interfaces_ethernet.py +++ b/smoketest/scripts/cli/test_interfaces_ethernet.py @@ -37,10 +37,11 @@ def get_wpa_supplicant_value(interface, key): class EthernetInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): self._test_ip = True + self._test_ipv6 = True + self._test_ipv6_pd = True self._test_mtu = True self._test_vlan = True self._test_qinq = True - self._test_ipv6 = True self._base_path = ['interfaces', 'ethernet'] self._mirror_interfaces = ['dum21354'] diff --git a/smoketest/scripts/cli/test_interfaces_geneve.py b/smoketest/scripts/cli/test_interfaces_geneve.py index 98f55210f..12cded400 100755 --- a/smoketest/scripts/cli/test_interfaces_geneve.py +++ b/smoketest/scripts/cli/test_interfaces_geneve.py @@ -21,6 +21,8 @@ from base_interfaces_test import BasicInterfaceTest class GeneveInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): + self._test_ip = True + self._test_ipv6 = True self._base_path = ['interfaces', 'geneve'] self._options = { 'gnv0': ['vni 10', 'remote 127.0.1.1'], diff --git a/smoketest/scripts/cli/test_interfaces_l2tpv3.py b/smoketest/scripts/cli/test_interfaces_l2tpv3.py index c756bfdd5..81af6d7f4 100755 --- a/smoketest/scripts/cli/test_interfaces_l2tpv3.py +++ b/smoketest/scripts/cli/test_interfaces_l2tpv3.py @@ -22,6 +22,8 @@ from vyos.util import cmd class GeneveInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): + self._test_ip = True + self._test_ipv6 = True self._base_path = ['interfaces', 'l2tpv3'] self._options = { 'l2tpeth10': ['local-ip 127.0.0.1', 'remote-ip 127.10.10.10', diff --git a/smoketest/scripts/cli/test_interfaces_macsec.py b/smoketest/scripts/cli/test_interfaces_macsec.py index d9635951f..89743e5fd 100755 --- a/smoketest/scripts/cli/test_interfaces_macsec.py +++ b/smoketest/scripts/cli/test_interfaces_macsec.py @@ -33,6 +33,8 @@ def get_config_value(interface, key): class MACsecInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): super().setUp() + self._test_ip = True + self._test_ipv6 = True self._base_path = ['interfaces', 'macsec'] self._options = { 'macsec0': ['source-interface eth0', 'security cipher gcm-aes-128'] } diff --git a/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py b/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py index 85e5e70bd..10bd7ca34 100755 --- a/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py +++ b/smoketest/scripts/cli/test_interfaces_pseudo_ethernet.py @@ -22,6 +22,7 @@ class PEthInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): self._test_ip = True self._test_ipv6 = True + self._test_ipv6_pd = True self._test_mtu = True self._test_vlan = True self._test_qinq = True diff --git a/smoketest/scripts/cli/test_interfaces_tunnel.py b/smoketest/scripts/cli/test_interfaces_tunnel.py index 6115f0a07..f67b813af 100755 --- a/smoketest/scripts/cli/test_interfaces_tunnel.py +++ b/smoketest/scripts/cli/test_interfaces_tunnel.py @@ -63,6 +63,7 @@ def tunnel_conf(interface): class TunnelInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): self._test_ip = True + self._test_ipv6 = True self._test_mtu = True self._base_path = ['interfaces', 'tunnel'] self.local_v4 = '192.0.2.1' @@ -203,4 +204,4 @@ class TunnelInterfaceTest(BasicInterfaceTest.BaseTest): self.session.commit() if __name__ == '__main__': - unittest.main(verbosity=2, failfast=True) + unittest.main(verbosity=2) diff --git a/smoketest/scripts/cli/test_interfaces_vxlan.py b/smoketest/scripts/cli/test_interfaces_vxlan.py index a9b0fc5a1..a726aa610 100755 --- a/smoketest/scripts/cli/test_interfaces_vxlan.py +++ b/smoketest/scripts/cli/test_interfaces_vxlan.py @@ -21,6 +21,8 @@ from base_interfaces_test import BasicInterfaceTest class VXLANInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): + self._test_ip = True + self._test_ipv6 = True self._test_mtu = True self._base_path = ['interfaces', 'vxlan'] self._options = { diff --git a/smoketest/scripts/cli/test_interfaces_wireless.py b/smoketest/scripts/cli/test_interfaces_wireless.py index ffaa7d523..51d97f032 100755 --- a/smoketest/scripts/cli/test_interfaces_wireless.py +++ b/smoketest/scripts/cli/test_interfaces_wireless.py @@ -33,6 +33,7 @@ def get_config_value(interface, key): class WirelessInterfaceTest(BasicInterfaceTest.BaseTest): def setUp(self): + self._test_ip = True self._base_path = ['interfaces', 'wireless'] self._options = { 'wlan0': ['physical-device phy0', 'ssid VyOS-WIFI-0', diff --git a/smoketest/scripts/cli/test_interfaces_wirelessmodem.py b/smoketest/scripts/cli/test_interfaces_wirelessmodem.py index 45cd069f4..696a6946b 100755 --- a/smoketest/scripts/cli/test_interfaces_wirelessmodem.py +++ b/smoketest/scripts/cli/test_interfaces_wirelessmodem.py @@ -40,7 +40,7 @@ class WWANInterfaceTest(unittest.TestCase): self.session.commit() del self.session - def test_wlm_1(self): + def test_wwan(self): for interface in self._interfaces: self.session.set(base_path + [interface, 'no-peer-dns']) self.session.set(base_path + [interface, 'connect-on-demand']) diff --git a/smoketest/scripts/cli/test_nat.py b/smoketest/scripts/cli/test_nat.py index b82805661..b5702d691 100755 --- a/smoketest/scripts/cli/test_nat.py +++ b/smoketest/scripts/cli/test_nat.py @@ -155,6 +155,18 @@ class TestNAT(unittest.TestCase): self.session.set(src_path + ['rule', rule, 'translation', 'address', 'masquerade']) self.session.commit() + def test_dnat_negated_addresses(self): + # T3186: negated addresses are not accepted by nftables + rule = '1000' + self.session.set(dst_path + ['rule', rule, 'destination', 'address', '!192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'destination', 'port', '53']) + self.session.set(dst_path + ['rule', rule, 'inbound-interface', 'eth0']) + self.session.set(dst_path + ['rule', rule, 'protocol', 'tcp_udp']) + self.session.set(dst_path + ['rule', rule, 'source', 'address', '!192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'translation', 'address', '192.0.2.1']) + self.session.set(dst_path + ['rule', rule, 'translation', 'port', '53']) + self.session.commit() + def test_nat_no_rules(self): # T3206: deleting all rules but keep the direction 'destination' or # 'source' resulteds in KeyError: 'rule'. |