From 507f6ac423403b57f375309b483c6ccc1c83ad06 Mon Sep 17 00:00:00 2001 From: aapostoliuk Date: Thu, 1 Sep 2022 16:39:46 +0300 Subject: policy: T4660: Changed CLI syntax in route-map set community Changed CLI syntax in route-map set community, set large-community, set extcommunity Allows to add multiple communities, large-communities and extcommunities in clear view. Added new well-known communities. Added non-transitive feature in extcommunities. Fixed community's validators. --- .../include/policy/community-clear.xml.i | 8 + .../include/policy/community-value-list.xml.i | 90 +++++++++ .../policy/extended-community-value-list.xml.i | 15 ++ .../policy/large-community-value-list.xml.i | 10 + .../include/version/policy-version.xml.i | 2 +- interface-definitions/policy.xml.in | 224 +++++++++------------ 6 files changed, 218 insertions(+), 131 deletions(-) create mode 100644 interface-definitions/include/policy/community-clear.xml.i create mode 100644 interface-definitions/include/policy/community-value-list.xml.i create mode 100644 interface-definitions/include/policy/extended-community-value-list.xml.i create mode 100644 interface-definitions/include/policy/large-community-value-list.xml.i (limited to 'interface-definitions') diff --git a/interface-definitions/include/policy/community-clear.xml.i b/interface-definitions/include/policy/community-clear.xml.i new file mode 100644 index 000000000..0fd57cdf0 --- /dev/null +++ b/interface-definitions/include/policy/community-clear.xml.i @@ -0,0 +1,8 @@ + + + + Completely remove communities attribute from a prefix + + + + diff --git a/interface-definitions/include/policy/community-value-list.xml.i b/interface-definitions/include/policy/community-value-list.xml.i new file mode 100644 index 000000000..8c665c5f0 --- /dev/null +++ b/interface-definitions/include/policy/community-value-list.xml.i @@ -0,0 +1,90 @@ + + + + local-as + no-advertise + no-export + internet + graceful-shutdown + accept-own + route-filter-translated-v4 + route-filter-v4 + route-filter-translated-v6 + route-filter-v6 + llgr-stale + no-llgr + accept-own-nexthop + blackhole + no-peer + + + + <AS:VAL> + Community number in <0-65535:0-65535> format + + + local-as + Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03 + + + no-advertise + Well-known communities value NO_ADVERTISE 0xFFFFFF02 + + + no-export + Well-known communities value NO_EXPORT 0xFFFFFF01 + + + internet + Well-known communities value 0 + + + graceful-shutdown + Well-known communities value GRACEFUL_SHUTDOWN 0xFFFF0000 + + + accept-own + Well-known communities value ACCEPT_OWN 0xFFFF0001 + + + route-filter-translated-v4 + Well-known communities value ROUTE_FILTER_TRANSLATED_v4 0xFFFF0002 + + + route-filter-v4 + Well-known communities value ROUTE_FILTER_v4 0xFFFF0003 + + + route-filter-translated-v6 + Well-known communities value ROUTE_FILTER_TRANSLATED_v6 0xFFFF0004 + + + route-filter-v6 + Well-known communities value ROUTE_FILTER_v6 0xFFFF0005 + + + llgr-stale + Well-known communities value LLGR_STALE 0xFFFF0006 + + + no-llgr + Well-known communities value NO_LLGR 0xFFFF0007 + + + accept-own-nexthop + Well-known communities value accept-own-nexthop 0xFFFF0008 + + + blackhole + Well-known communities value BLACKHOLE 0xFFFF029A + + + no-peer + Well-known communities value NOPEER 0xFFFFFF04 + + + + local-as|no-advertise|no-export|internet|graceful-shutdown|accept-own|route-filter-translated-v4|route-filter-v4|route-filter-translated-v6|route-filter-v6|llgr-stale|no-llgr|accept-own-nexthop|blackhole|no-peer + + + diff --git a/interface-definitions/include/policy/extended-community-value-list.xml.i b/interface-definitions/include/policy/extended-community-value-list.xml.i new file mode 100644 index 000000000..c79f78c67 --- /dev/null +++ b/interface-definitions/include/policy/extended-community-value-list.xml.i @@ -0,0 +1,15 @@ + + + ASN:NN + based on autonomous system number in format <0-65535:0-4294967295> + + + IP:NN + Based on a router-id IP address in format <IP:0-65535> + + + + +Should be in form: ASN:NN or IPADDR:NN where ASN is autonomous system number + + diff --git a/interface-definitions/include/policy/large-community-value-list.xml.i b/interface-definitions/include/policy/large-community-value-list.xml.i new file mode 100644 index 000000000..33b1f13a2 --- /dev/null +++ b/interface-definitions/include/policy/large-community-value-list.xml.i @@ -0,0 +1,10 @@ + + + Community in format <0-4294967295:0-4294967295:0-4294967295> + <GA:LDP1:LDP2> + + + + + + diff --git a/interface-definitions/include/version/policy-version.xml.i b/interface-definitions/include/version/policy-version.xml.i index 426173a19..89bde20c7 100644 --- a/interface-definitions/include/version/policy-version.xml.i +++ b/interface-definitions/include/version/policy-version.xml.i @@ -1,3 +1,3 @@ - + diff --git a/interface-definitions/policy.xml.in b/interface-definitions/policy.xml.in index e794c4b90..6c60276d5 100644 --- a/interface-definitions/policy.xml.in +++ b/interface-definitions/policy.xml.in @@ -1118,67 +1118,120 @@ - + - BGP communities matching a community-list + BGP community attribute - + + + Add communities to a prefix + #include + + + + + Set communities for a prefix + #include + + + #include + - BGP communities with a community-list + Remove communities defined in a list from a prefix policy community-list + Community-list txt - BGP communities with a community-list + + + + + BGP large community attribute + + + + + Add large communities to a prefix ; + #include + + + + + Set large communities for a prefix + #include + + + #include - Delete BGP communities matching the community-list - + Remove communities defined in a list from a prefix + + policy large-community-list + + + Community-list + txt + - + - Border Gateway Protocl (BGP) community attribute - - local-AS no-advertise no-export internet additive none - - - <aa:nn> - Community number in AA:NN format - - - local-AS - Well-known communities value NO_EXPORT_SUBCONFED 0xFFFFFF03 - - - no-advertise - Well-known communities value NO_ADVERTISE 0xFFFFFF02 - - - no-export - Well-known communities value NO_EXPORT 0xFFFFFF01 - - - internet - Well-known communities value 0 - - - additive - New value is appended to the existing value - - - none - No community attribute - + BGP extended community attribute - + + + + Bandwidth value in Mbps + + cumulative num-multipaths + + + u32:1-25600 + Bandwidth value in Mbps + + + cumulative + Cumulative bandwidth of all multipaths (outbound-only) + + + num-multipaths + Internally computed bandwidth based on number of multipaths (outbound-only) + + + + (cumulative|num-multipaths) + + + + + + The link bandwidth extended community is encoded as non-transitive + + + + + + Set route target value + #include + + + + + Set Site of Origin value + #include + + + #include + + Locally significant administrative distance @@ -1229,71 +1282,6 @@ - - - BGP extended community attribute - - - - - Bandwidth value in Mbps - - cumulative num-multipaths - - - u32:1-25600 - Bandwidth value in Mbps - - - cumulative - Cumulative bandwidth of all multipaths (outbound-only) - - - num-multipaths - Internally computed bandwidth based on number of multipaths (outbound-only) - - - - (cumulative|num-multipaths) - - - - - - Set route target value - - ASN:NN - based on autonomous system number - - - IP:NN - Based on a router-id IP address - - - (((\b(?:(?:2(?:[0-4][0-9]|5[0-5])|[0-1]?[0-9]?[0-9])\.){3}(?:(?:2([0-4][0-9]|5[0-5])|[0-1]?[0-9]?[0-9]))\b)|(\d+)):(\d+) ?)+ - - Should be in form: ASN:NN or IPADDR:NN where ASN is autonomous system number - - - - - Set Site of Origin value - - ASN:NN - based on autonomous system number - - - IP:NN - Based on a router-id IP address - - - ((?:[0-9]{1,3}\.){3}[0-9]{1,3}|\d+):\d+ - - Should be in form: ASN:NN or IPADDR:NN where ASN is autonomous system number - - - - Nexthop IP address @@ -1368,30 +1356,6 @@ - - - Set BGP large community value - - txt - ASN:nn:mm BGP large community - - - policy large-community-list - - - - - - Delete BGP communities matching the large community-list - - policy large-community-list - - - txt - BGP large community-list - - - BGP local preference attribute -- cgit v1.2.3 From 50f26c54d095420907a1d31168c162ad3c27ee36 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Thu, 6 Oct 2022 07:43:24 +0100 Subject: T4727: add support for RADIUS rate limiting to PPTP (#1570) --- data/templates/accel-ppp/pptp.config.j2 | 9 +++++++++ interface-definitions/vpn-pptp.xml.in | 1 + 2 files changed, 10 insertions(+) (limited to 'interface-definitions') diff --git a/data/templates/accel-ppp/pptp.config.j2 b/data/templates/accel-ppp/pptp.config.j2 index cc1a45d6b..442830b6b 100644 --- a/data/templates/accel-ppp/pptp.config.j2 +++ b/data/templates/accel-ppp/pptp.config.j2 @@ -93,6 +93,15 @@ bind={{ radius_source_address }} gw-ip-address={{ gw_ip }} {% endif %} +{% if radius_shaper_attr %} +[shaper] +verbose=1 +attr={{ radius_shaper_attr }} +{% if radius_shaper_vendor %} +vendor={{ radius_shaper_vendor }} +{% endif %} +{% endif %} + [cli] tcp=127.0.0.1:2003 diff --git a/interface-definitions/vpn-pptp.xml.in b/interface-definitions/vpn-pptp.xml.in index 28a53acb9..5e52965fd 100644 --- a/interface-definitions/vpn-pptp.xml.in +++ b/interface-definitions/vpn-pptp.xml.in @@ -110,6 +110,7 @@ #include #include + #include -- cgit v1.2.3 From 067cc12d0e6e52044df48f6f612cb4db1d4ad80c Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Thu, 6 Oct 2022 22:47:45 +0200 Subject: xml: T4722: radius: remove superfluous "default" help string vyos-1x automatically adds a "(default: ...)" hint to the CLI help if the XML tag is used. No need to specify this manually. --- .../include/accel-ppp/radius-additions-rate-limit.xml.i | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'interface-definitions') diff --git a/interface-definitions/include/accel-ppp/radius-additions-rate-limit.xml.i b/interface-definitions/include/accel-ppp/radius-additions-rate-limit.xml.i index c9ad0d3d4..738c0a634 100644 --- a/interface-definitions/include/accel-ppp/radius-additions-rate-limit.xml.i +++ b/interface-definitions/include/accel-ppp/radius-additions-rate-limit.xml.i @@ -6,7 +6,7 @@ - Specifies which RADIUS attribute contains rate information. (default is Filter-Id) + Specifies which RADIUS attribute contains rate information Filter-Id -- cgit v1.2.3