From f3ed5e7c57c123661b1b550823a467a34c161024 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 12 Mar 2021 19:49:18 +0100 Subject: vrf: bgp: T2271: create individual BGP process for specified VRF name The following VyOS CLI config vrf red { bgp 100 { neighbor 1.1.1.1 { peer-group foo } peer-group foo { passive password bar remote-as 200 } } } Will generaste the FRR configuration: ! router bgp 100 vrf red no bgp ebgp-requires-policy no bgp network import-check neighbor foo peer-group neighbor foo remote-as 200 neighbor foo password bar neighbor foo passive neighbor 1.1.1.1 peer-group foo ! --- data/templates/frr/bgp.frr.tmpl | 2 +- .../include/bgp/bgp-common-config.xml.i | 825 ++++++++++++++++++++ interface-definitions/protocols-bgp.xml.in | 829 +-------------------- interface-definitions/protocols-vrf.xml.in | 15 + src/conf_mode/protocols_bgp.py | 31 +- 5 files changed, 872 insertions(+), 830 deletions(-) create mode 100644 interface-definitions/include/bgp/bgp-common-config.xml.i diff --git a/data/templates/frr/bgp.frr.tmpl b/data/templates/frr/bgp.frr.tmpl index f7aeaeb9d..30e1ec082 100644 --- a/data/templates/frr/bgp.frr.tmpl +++ b/data/templates/frr/bgp.frr.tmpl @@ -185,7 +185,7 @@ {% endif %} {% endmacro %} ! -router bgp {{ asn }} +router bgp {{ asn }} {{ 'vrf ' + vrf if vrf is defined and vrf is not none }} {% if parameters is defined and parameters.ebgp_requires_policy is defined %} bgp ebgp-requires-policy {% else %} diff --git a/interface-definitions/include/bgp/bgp-common-config.xml.i b/interface-definitions/include/bgp/bgp-common-config.xml.i new file mode 100644 index 000000000..b474e5240 --- /dev/null +++ b/interface-definitions/include/bgp/bgp-common-config.xml.i @@ -0,0 +1,825 @@ + + + + BGP address-family parameters + + + + + IPv4 BGP settings + + + + + BGP aggregate network + + ipv4net + BGP aggregate network + + + + + + + #include + + + + + BGP network + + ipv4net + BGP network + + + + + + + + + Network as a backdoor route + + + + #include + + + #include + + + Redistribute routes from other protocols into BGP + + + + + Redistribute connected routes into BGP + + + #include + + + + + Redistribute IS-IS routes into BGP + + + #include + + + + + Redistribute kernel routes into BGP + + + #include + + + + + Redistribute OSPF routes into BGP + + + #include + + + + + Redistribute RIP routes into BGP + + + #include + + + + + Redistribute static routes into BGP + + + #include + + + + + Redistribute non-main Kernel Routing Table + + + + + + + + + IPv6 BGP settings + + + + + BGP aggregate network + + ipv6net + Aggregate network + + + + + + + #include + + + + + BGP network + + ipv6net + Aggregate network + + + + + + + + + AS-path hopcount limit + + u32:0-255 + AS path hop count limit + + + + + + + #include + + + #include + + + Redistribute routes from other protocols into BGP + + + + + Redistribute connected routes into BGP + + + #include + + + + + Redistribute kernel routes into BGP + + + #include + + + + + Redistribute OSPFv3 routes into BGP + + + #include + + + + + Redistribute RIPng routes into BGP + + + #include + + + + + Redistribute static routes into BGP + + + #include + + + + + Redistribute non-main Kernel Routing Table + + + + + + + + + L2VPN EVPN BGP settings + + + + + Advertise All local VNIs + + + + #include + + + EVPN system primary IP + + ipv4 + IP address + + + + + + + + + Auto derivation of Route Target (RFC8365) + + + + + + Specify handling for BUM packets + + + + + Do not flood any BUM packets + + + + + + Flood BUM packets using head-end replication + + + + + + + + VXLAN Network Identifier + + u32:1-16777215 + VNI number + + + + + + + #include + + + + + + + + + Listen for and accept BGP dynamic neighbors from range + + + + + Maximum number of dynamic neighbors that can be created + + u32:1-5000 + BGP neighbor limit + + + + + + + + + BGP dynamic neighbors listen range + + ipv4net + IPv4 dynamic neighbors listen range + + + ipv6net + IPv6 dynamic neighbors listen range + + + + + + + + #include + + + + + + + BGP neighbor + + ipv4 + BGP neighbor IP address + + + ipv6 + BGP neighbor IPv6 address + + + txt + Interface name + + + + + + + + + + + Parameters relating to IPv4 or IPv6 routes + + + #include + #include + #include + + + + + Minimum interval for sending routing updates + + u32:0-600 + Advertisement interval in seconds + + + + + + + #include + #include + #include + #include + #include + #include + + + Interface parameters + + + #include + #include + + + Enable BGP with v6 link-local only + + + #include + #include + + + + + #include + #include + #include + #include + #include + + + Neighbor BGP port + + u32:1-65535 + Neighbor BGP port number + + + + + + + #include + #include + + + Enable strict capability negotiation + + + + + + Neighbor timers + + + + + BGP connect timer for this neighbor + + u32:1-65535 + Connect timer in seconds + + + 0 + Disable connect timer + + + + + + + #include + #include + + + #include + #include + + + + + BGP parameters + + + + + Always compare MEDs from different neighbors + + + + + + Default bestpath selection mechanism + + + + + AS-path attribute comparison parameters + + + + + Compare AS-path lengths including confederation sets and sequences + + + + + + Ignore AS-path length in selecting a route + + + + + + Allow load sharing across routes that have different AS paths (but same length) + + + + + + + + Compare the router-id for identical EBGP paths + + + + + + MED attribute comparison parameters + + + + + Compare MEDs among confederation paths + + + + + + Treat missing route as a MED as the least preferred one + + + + + + + + + + Route-reflector cluster-id + + ipv4 + Route-reflector cluster-id + + + + + + + + + AS confederation parameters + + + + + Confederation AS identifier [REQUIRED] + + u32:1-4294967294 + Confederation AS id + + + + + + + + + Peer ASs in the BGP confederation + + u32:1-4294967294 + Peer AS number + + + + + + + + + + + Enable route-flap dampening + + + + + Half-life time for dampening [REQUIRED] + + u32:1-45 + Half-life penalty in minutes + + + + + + + + + Maximum duration to suppress a stable route [REQUIRED] + + u32:1-255 + Maximum suppress duration in minutes + + + + + + + + + Threshold to start reusing a route [REQUIRED] + + u32:1-20000 + Re-use penalty points + + + + + + + + + When to start suppressing a route [REQUIRED] + + u32:1-20000 + Start-suppress penalty points + + + + + + + + + + + BGP defaults + + + + + Default local preference + + u32 + Local preference + + + + + + + + + Deactivate IPv4 unicast for a peer by default + + + + + + + + Compare MEDs between different peers in the same AS + + + + + + Administratives distances for BGP routes + + + + + Global administratives distances for BGP routes + + + + + Administrative distance for external BGP routes + + u32:1-255 + Administrative distance for external BGP routes + + + + + + + + + Administrative distance for internal BGP routes + + u32:1-255 + Administrative distance for internal BGP routes + + + + + + + + + Administrative distance for local BGP routes + + u32:1-255 + Administrative distance for internal BGP routes + + + + + + + + + + + Administrative distance for a specific BGP prefix + + ipv4net + Administrative distance for a specific BGP prefix + + + + + + + + + Administrative distance for prefix + + u32:1-255 + Administrative distance for external BGP routes + + + + + + + + + + + + + Require in and out policy for eBGP peers (RFC8212) + + + + + + Graceful restart capability parameters + + + + + Maximum time to hold onto restarting neighbors stale paths + + u32:1-3600 + Hold time in seconds + + + + + + + + + + + Graceful shutdown + + + + + + Log neighbor up/down changes and reset reason + + + + + + Enable IGP route check for network statements + + + + + + Disable client to client route reflection + + + + + + Disable immediate session reset on peer link down event + + + + + + BGP router id + + ipv4 + BGP router id + + + + + + + + + + + BGP peer-group + + + + + BGP peer-group address-family parameters + + + #include + #include + #include + + + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + #include + + +#include + + + BGP protocol timers + + + #include + #include + + + diff --git a/interface-definitions/protocols-bgp.xml.in b/interface-definitions/protocols-bgp.xml.in index a6d2a24f4..cf897d04f 100644 --- a/interface-definitions/protocols-bgp.xml.in +++ b/interface-definitions/protocols-bgp.xml.in @@ -1,844 +1,21 @@ - Border Gateway Protocol (BGP) + 820 u32:1-4294967294 - AS number + Autonomous System Number - 820 - - - BGP address-family parameters - - - - - IPv4 BGP settings - - - - - BGP aggregate network - - ipv4net - BGP aggregate network - - - - - - - #include - - - - - BGP network - - ipv4net - BGP network - - - - - - - - - Network as a backdoor route - - - - #include - - - #include - - - Redistribute routes from other protocols into BGP - - - - - Redistribute connected routes into BGP - - - #include - - - - - Redistribute IS-IS routes into BGP - - - #include - - - - - Redistribute kernel routes into BGP - - - #include - - - - - Redistribute OSPF routes into BGP - - - #include - - - - - Redistribute RIP routes into BGP - - - #include - - - - - Redistribute static routes into BGP - - - #include - - - - - Redistribute non-main Kernel Routing Table - - - - - - - - - IPv6 BGP settings - - - - - BGP aggregate network - - ipv6net - Aggregate network - - - - - - - #include - - - - - BGP network - - ipv6net - Aggregate network - - - - - - - - - AS-path hopcount limit - - u32:0-255 - AS path hop count limit - - - - - - - #include - - - #include - - - Redistribute routes from other protocols into BGP - - - - - Redistribute connected routes into BGP - - - #include - - - - - Redistribute kernel routes into BGP - - - #include - - - - - Redistribute OSPFv3 routes into BGP - - - #include - - - - - Redistribute RIPng routes into BGP - - - #include - - - - - Redistribute static routes into BGP - - - #include - - - - - Redistribute non-main Kernel Routing Table - - - - - - - - - L2VPN EVPN BGP settings - - - - - Advertise All local VNIs - - - - #include - - - EVPN system primary IP - - ipv4 - IP address - - - - - - - - - Auto derivation of Route Target (RFC8365) - - - - - - Specify handling for BUM packets - - - - - Do not flood any BUM packets - - - - - - Flood BUM packets using head-end replication - - - - - - - - VXLAN Network Identifier - - u32:1-16777215 - VNI number - - - - - - - #include - - - - - - - - - Listen for and accept BGP dynamic neighbors from range - - - - - Maximum number of dynamic neighbors that can be created - - u32:1-5000 - BGP neighbor limit - - - - - - - - - BGP dynamic neighbors listen range - - ipv4net - IPv4 dynamic neighbors listen range - - - ipv6net - IPv6 dynamic neighbors listen range - - - - - - - - #include - - - - - - - BGP neighbor - - ipv4 - BGP neighbor IP address - - - ipv6 - BGP neighbor IPv6 address - - - txt - Interface name - - - - - - - - - - - Parameters relating to IPv4 or IPv6 routes - - - #include - #include - #include - - - - - Minimum interval for sending routing updates - - u32:0-600 - Advertisement interval in seconds - - - - - - - #include - #include - #include - #include - #include - #include - - - Interface parameters - - - #include - #include - - - Enable BGP with v6 link-local only - - - #include - #include - - - - - #include - #include - #include - #include - #include - - - Neighbor BGP port - - u32:1-65535 - Neighbor BGP port number - - - - - - - #include - #include - - - Enable strict capability negotiation - - - - - - Neighbor timers - - - - - BGP connect timer for this neighbor - - u32:1-65535 - Connect timer in seconds - - - 0 - Disable connect timer - - - - - - - #include - #include - - - #include - #include - - - - - BGP parameters - - - - - Always compare MEDs from different neighbors - - - - - - Default bestpath selection mechanism - - - - - AS-path attribute comparison parameters - - - - - Compare AS-path lengths including confederation sets and sequences - - - - - - Ignore AS-path length in selecting a route - - - - - - Allow load sharing across routes that have different AS paths (but same length) - - - - - - - - Compare the router-id for identical EBGP paths - - - - - - MED attribute comparison parameters - - - - - Compare MEDs among confederation paths - - - - - - Treat missing route as a MED as the least preferred one - - - - - - - - - - Route-reflector cluster-id - - ipv4 - Route-reflector cluster-id - - - - - - - - - AS confederation parameters - - - - - Confederation AS identifier [REQUIRED] - - u32:1-4294967294 - Confederation AS id - - - - - - - - - Peer ASs in the BGP confederation - - u32:1-4294967294 - Peer AS number - - - - - - - - - - - Enable route-flap dampening - - - - - Half-life time for dampening [REQUIRED] - - u32:1-45 - Half-life penalty in minutes - - - - - - - - - Maximum duration to suppress a stable route [REQUIRED] - - u32:1-255 - Maximum suppress duration in minutes - - - - - - - - - Threshold to start reusing a route [REQUIRED] - - u32:1-20000 - Re-use penalty points - - - - - - - - - When to start suppressing a route [REQUIRED] - - u32:1-20000 - Start-suppress penalty points - - - - - - - - - - - BGP defaults - - - - - Default local preference - - u32 - Local preference - - - - - - - - - Deactivate IPv4 unicast for a peer by default - - - - - - - - Compare MEDs between different peers in the same AS - - - - - - Administratives distances for BGP routes - - - - - Global administratives distances for BGP routes - - - - - Administrative distance for external BGP routes - - u32:1-255 - Administrative distance for external BGP routes - - - - - - - - - Administrative distance for internal BGP routes - - u32:1-255 - Administrative distance for internal BGP routes - - - - - - - - - Administrative distance for local BGP routes - - u32:1-255 - Administrative distance for internal BGP routes - - - - - - - - - - - Administrative distance for a specific BGP prefix - - ipv4net - Administrative distance for a specific BGP prefix - - - - - - - - - Administrative distance for prefix - - u32:1-255 - Administrative distance for external BGP routes - - - - - - - - - - - - - Require in and out policy for eBGP peers (RFC8212) - - - - - - Graceful restart capability parameters - - - - - Maximum time to hold onto restarting neighbors stale paths - - u32:1-3600 - Hold time in seconds - - - - - - - - - - - Graceful shutdown - - - - - - Log neighbor up/down changes and reset reason - - - - - - Enable IGP route check for network statements - - - - - - Disable client to client route reflection - - - - - - Disable immediate session reset on peer link down event - - - - - - BGP router id - - ipv4 - BGP router id - - - - - - - - - - - BGP peer-group - - - - - BGP peer-group address-family parameters - - - #include - #include - #include - - - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - #include - - - #include - - - BGP protocol timers - - - #include - #include - - + #include diff --git a/interface-definitions/protocols-vrf.xml.in b/interface-definitions/protocols-vrf.xml.in index e9ef5dc2a..e40edb16c 100644 --- a/interface-definitions/protocols-vrf.xml.in +++ b/interface-definitions/protocols-vrf.xml.in @@ -27,6 +27,21 @@ #include + + + Border Gateway Protocol (BGP) + + u32:1-4294967294 + Autonomous System Number + + + + + + + #include + + Open Shortest Path First (OSPF) diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py index 7dede74a1..34b829f08 100755 --- a/src/conf_mode/protocols_bgp.py +++ b/src/conf_mode/protocols_bgp.py @@ -17,9 +17,11 @@ import os from sys import exit +from sys import argv from vyos.config import Config from vyos.configdict import dict_merge +from vyos.configverify import verify_vrf from vyos.template import is_ip from vyos.template import render_to_string from vyos.util import call @@ -37,11 +39,25 @@ def get_config(config=None): conf = config else: conf = Config() - base = ['protocols', 'bgp'] + + vrf = None + if len(argv) > 1: + vrf = argv[1] + + base_path = ['protocols', 'bgp'] + + # eqivalent of the C foo ? 'a' : 'b' statement + base = vrf and ['protocols', 'vrf', vrf, 'bgp'] or base_path bgp = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True) + # Assign the name of our VRF context. This MUST be done before the return + # statement below, else on deletion we will delete the default instance + # instead of the VRF instance. + if vrf: bgp[asn]['vrf'] = vrf + # Bail out early if configuration tree does not exist if not conf.exists(base): + bgp.update({'deleted' : ''}) return bgp # We also need some additional information from the config, @@ -85,6 +101,9 @@ def verify(bgp): raise ConfigError('Only one BGP AS number can be defined!') for asn, asn_config in bgp.items(): + + verify_vrf(asn_config) + # Common verification for both peer-group and neighbor statements for neighbor in ['neighbor', 'peer_group']: # bail out early if there is no neighbor or peer-group statement @@ -175,7 +194,7 @@ def verify(bgp): return None def generate(bgp): - if not bgp: + if not bgp or 'deleted' in bgp: bgp['new_frr_config'] = '' return None @@ -191,7 +210,13 @@ def apply(bgp): # Save original configuration prior to starting any commit actions frr_cfg = frr.FRRConfig() frr_cfg.load_configuration(frr_daemon) - frr_cfg.modify_section(f'^router bgp \d+$', '') + + if 'vrf' in bgp: + vrf = bgp['vrf'] + frr_cfg.modify_section(f'^router bgp \d+ vrf {vrf}$', '') + else: + frr_cfg.modify_section('^router bgp \d+$', '') + frr_cfg.add_before(r'(ip prefix-list .*|route-map .*|line vty)', bgp['new_frr_config']) frr_cfg.commit_configuration(frr_daemon) -- cgit v1.2.3