{% set conf_bgp = nbgp -%} {% for asn in nbgp -%} ! router bgp {{ asn }} no bgp default ipv4-unicast {#- set 'conf_bgp[asn].parameters' as bgp_params #} {%- set bgp_params = conf_bgp[asn].parameters %} {%- set bgp_afi = conf_bgp[asn].address_family %} {#- START Global ASN address-family section; set protocol bgp xxx address-family #} {%- if 'address_family' in conf_bgp[asn] %} {%- for type in bgp_afi %} {%- if type == "ipv4_unicast" %} ! address-family ipv4 unicast {%- if 'aggregate_address' in bgp_afi[type] %} {%- for ip in bgp_afi[type].aggregate_address %} {%- if ( ('as_set' in bgp_afi[type].aggregate_address[ip]) and ('summary_only' in bgp_afi[type].aggregate_address[ip] ) ) %} aggregate-address {{ ip }} as-set summary-only {%- elif 'as_set' in bgp_afi[type].aggregate_address[ip] %} aggregate-address {{ ip }} as-set {%- elif 'summary_only' in bgp_afi[type].aggregate_address[ip] %} aggregate-address {{ ip }} summary-only {%- else %} aggregate-address {{ ip }} {%- endif %} {%- endfor %} {%- endif %} {#- END aggregate address ipv4 #} {#- redistribute afi ipv4 #} {%- if 'redistribute' in bgp_afi[type] %} {%- for protocol in bgp_afi[type].redistribute %} {%- if ( ('route_map' in bgp_afi[type].redistribute[protocol]) and ('metric' in bgp_afi[type].redistribute[protocol] ) ) %} redistribute {{protocol}} metric {{bgp_afi[type].redistribute[protocol].metric}} route-map {{bgp_afi[type].redistribute[protocol].route_map}} {%- elif 'metric' in bgp_afi[type].redistribute[protocol] %} redistribute {{protocol}} metric {{bgp_afi[type].redistribute[protocol].metric}} {%- elif 'route_map' in bgp_afi[type].redistribute[protocol] %} redistribute {{protocol}} route-map {{bgp_afi[type].redistribute[protocol].route_map}} {%- elif 'table' in bgp_afi[type].redistribute %} redistribute table {{bgp_afi[type].redistribute.table}} {%- else %} redistribute {{protocol}} {%- endif %} {%- endfor %} {%- endif %} {#- END redistribute #} {%- if 'network' in bgp_afi[type] %} {%- for net in bgp_afi[type].network %} network {{ net }} {%- endfor %} {%- endif %} exit-address-family ! {%- endif %} {%- if type == "ipv6_unicast" %} ! address-family ipv6 unicast {%- if 'aggregate_address' in bgp_afi[type] %} {%- for ip in bgp_afi[type].aggregate_address %} {%- if ( ('as_set' in bgp_afi[type].aggregate_address[ip]) and ('summary_only' in bgp_afi[type].aggregate_address[ip] ) ) %} aggregate-address {{ ip }} as-set summary-only {%- elif 'as_set' in bgp_afi[type].aggregate_address[ip] %} aggregate-address {{ ip }} as-set {%- elif 'summary_only' in bgp_afi[type].aggregate_address[ip] %} aggregate-address {{ ip }} summary-only {%- else %} aggregate-address {{ ip }} {%- endif %} {%- endfor %} {%- endif %} {#- END aggregate address ipv6 #} {#- redistribute afi ipv6 #} {%- if 'redistribute' in bgp_afi[type] %} {%- for protocol in bgp_afi[type].redistribute %} {%- if ( ('route_map' in bgp_afi[type].redistribute[protocol]) and ('metric' in bgp_afi[type].redistribute[protocol] ) ) %} redistribute {{protocol}} metric {{bgp_afi[type].redistribute[protocol].metric}} route-map {{bgp_afi[type].redistribute[protocol].route_map}} {%- elif 'metric' in bgp_afi[type].redistribute[protocol] %} redistribute {{protocol}} metric {{bgp_afi[type].redistribute[protocol].metric}} {%- elif 'route_map' in bgp_afi[type].redistribute[protocol] %} redistribute {{protocol}} route-map {{bgp_afi[type].redistribute[protocol].route_map}} {%- elif 'table' in bgp_afi[type].redistribute %} redistribute table {{bgp_afi[type].redistribute.table}} {%- else %} redistribute {{protocol}} {%- endif %} {%- endfor %} {%- endif %} {#- END redistribute #} {%- if 'network' in bgp_afi[type] %} {%- for net in bgp_afi[type].network %} network {{ net }} {%- endfor %} {%- endif %} exit-address-family ! {%- endif %} {%- endfor %} {%- endif %} {#- END Global ASN address-family section; set protocols bgp 65001 address-family #} {#- set protocols nbgp xxxx maximum-paths ibgp x, Generated by default for afi_4 #} {#- We don't have this parameter in afi_6. But this is supported in the FRR #} {%- if 'maximum_paths' in conf_bgp[asn] %} {%- if 'ebgp' in conf_bgp[asn].maximum_paths %} ! address-family ipv4 unicast maximum-paths {{ conf_bgp[asn].maximum_paths.ebgp }} exit-address-family ! {%- endif %} {%- if 'ibgp' in conf_bgp[asn].maximum_paths %} ! address-family ipv4 unicast maximum-paths ibgp {{ conf_bgp[asn].maximum_paths.ibgp }} exit-address-family ! {%- endif %} {%- endif %} {#- START peer-group; set protocol bgp xxx peer-group #} {%- if 'peer_group' in conf_bgp[asn] %} {%- for pr_group in conf_bgp[asn].peer_group %} {%- set conf_peer_group = conf_bgp[asn].peer_group[pr_group] %} neighbor {{pr_group}} peer-group {#- First parameter for peer-group - remote-as #} {%- if 'remote_as' in conf_peer_group %} neighbor {{ pr_group }} remote-as {{ conf_peer_group.remote_as }} {%- endif %} {%- if 'bfd' in conf_peer_group %} neighbor {{ pr_group }} bfd {%- endif %} {%- if 'capability' in conf_peer_group %} {%- if 'dynamic' in conf_peer_group.capability %} neighbor {{ pr_group }} capability dynamic {%- endif %} {%- if 'extended_nexthop' in conf_peer_group.capability %} neighbor {{ pr_group }} capability extended-nexthop {%- endif %} {%- endif %} {%- if 'description' in conf_peer_group %} neighbor {{ pr_group }} description {{ conf_peer_group.description }} {%- endif %} {%- if 'disable_capability_negotiation' in conf_peer_group %} neighbor {{ pr_group }} disable-capability-negotiation {%- endif %} {#- https://phabricator.vyos.net/T2844. 'disable-send-community' only for afi #} {%- if 'disable_send_community' in conf_peer_group %} ! {%- endif %} {%- if 'ebgp_multihop' in conf_peer_group %} neighbor {{ pr_group }} ebgp-multihop {{conf_peer_group.ebgp_multihop}} {%- endif %} {%- if 'local_as' in conf_peer_group %} {%- for loc_asn in conf_peer_group.local_as %} {%- if 'no_prepend' in conf_peer_group.local_as[loc_asn] %} neighbor {{ pr_group }} local-as {{loc_asn}} no-prepend {%- else %} neighbor {{ pr_group }} local-as {{loc_asn}} {%- endif %} {%- endfor %} {%- endif %} {%- if 'override_capability' in conf_peer_group %} neighbor {{ pr_group }} override-capability {%- endif %} {%- if 'passive' in conf_peer_group %} neighbor {{ pr_group }} passive {%- endif %} {%- if 'password' in conf_peer_group %} neighbor {{ pr_group }} password {{ conf_peer_group.password }} {%- endif %} {%- if 'shutdown' in conf_peer_group %} neighbor {{ pr_group }} shutdown {%- endif %} {%- if 'ttl_security' in conf_peer_group %} {%- if 'hops' in conf_peer_group.ttl_security %} neighbor {{ pr_group }} ttl-security hops {{conf_peer_group.ttl_security.hops}} {%- endif %} {%- endif %} {%- if 'update_source' in conf_peer_group %} neighbor {{ pr_group }} update-source {{ conf_peer_group.update_source }} {%- endif %} {#- START peer-group afi; set protocols bgp xxx peer-group FOO address-family #} {%- if 'address_family' in conf_peer_group %} {%- for afi in conf_peer_group.address_family %} {%- if afi == "ipv4_unicast" %} ! address-family ipv4 unicast {%- if 'allowas_in' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'number' in conf_peer_group.address_family.ipv4_unicast.allowas_in %} neighbor {{ pr_group }} allowas-in {{ conf_peer_group.address_family.ipv4_unicast.allowas_in.number }} {%- else %} neighbor {{ pr_group }} allowas-in {%- endif %} {%- endif %} {#- START Single Params for peer-group; set protocols bgp xxx peer-group FOO address-family ipv4-unicast #} {%- if 'remove_private_as' in conf_peer_group.address_family.ipv4_unicast %} neighbor {{ pr_group }} remove-private-AS {%- endif %} {%- if 'route_reflector_client' in conf_peer_group.address_family.ipv4_unicast %} neighbor {{ pr_group }} route-reflector-client {%- endif %} {%- if 'weight' in conf_peer_group.address_family.ipv4_unicast %} neighbor {{ pr_group }} weight {{ conf_peer_group.address_family.ipv4_unicast.weight }} {%- endif %} {#- END single params for peer-group #} {%- if 'attribute_unchanged' in conf_peer_group.address_family.ipv4_unicast %} {%- if ( ('as_path' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged) and ('med' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged) ) %} neighbor {{ pr_group }} attribute-unchanged as-path med {%- elif ( ('as_path' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged) and ('next_hop' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged) ) %} neighbor {{ pr_group }} attribute-unchanged as-path next-hop {%- elif ( ('med' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged) and ('next_hop' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged) ) %} neighbor {{ pr_group }} attribute-unchanged med next-hop {%- elif 'as_path' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged %} neighbor {{ pr_group }} attribute-unchanged as-path {%- elif 'med' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged %} neighbor {{ pr_group }} attribute-unchanged med {%- elif 'next_hop' in conf_peer_group.address_family.ipv4_unicast.attribute_unchanged %} neighbor {{ pr_group }} attribute-unchanged next-hop {%- else %} neighbor {{ pr_group }} attribute-unchanged as-path next-hop med {%- endif %} {%- endif %} {#- END attribute-unchanged #} {%- if 'capability' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'receive' in conf_peer_group.address_family.ipv4_unicast.capability.orf.prefix_list %} neighbor {{ pr_group }} capability orf prefix-list receive {%- endif %} {%- if 'send' in conf_peer_group.address_family.ipv4_unicast.capability.orf.prefix_list %} neighbor {{ pr_group }} capability orf prefix-list send {%- endif %} {%- endif %} {%- if 'default_originate' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'route_map' in conf_peer_group.address_family.ipv4_unicast.default_originate %} neighbor {{ pr_group }} default-originate route-map {{ conf_peer_group.address_family.ipv4_unicast.default_originate.route_map }} {%- else %} neighbor {{ pr_group }} default-originate {%- endif %} {%- endif %} {%- if 'distribute_list' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv4_unicast.distribute_list %} neighbor {{ pr_group }} distribute-list {{conf_peer_group.address_family.ipv4_unicast.distribute_list.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv4_unicast.distribute_list %} neighbor {{ pr_group }} distribute-list {{conf_peer_group.address_family.ipv4_unicast.distribute_list.import}} in {%- endif %} {%- endif %} {%- if 'filter_list' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv4_unicast.filter_list %} neighbor {{ pr_group }} filter-list {{conf_peer_group.address_family.ipv4_unicast.filter_list.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv4_unicast.filter_list %} neighbor {{ pr_group }} filter-list {{conf_peer_group.address_family.ipv4_unicast.filter_list.import}} in {%- endif %} {%- endif %} {%- if 'maximum_prefix' in conf_peer_group.address_family.ipv4_unicast %} neighbor {{ pr_group }} maximum-prefix {{ conf_peer_group.address_family.ipv4_unicast.maximum_prefix }} {%- endif %} {#- https://phabricator.vyos.net/T1817 #} {%- if 'nexthop_self' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'force' in conf_peer_group.address_family.ipv4_unicast.nexthop_self %} neighbor {{ pr_group }} next-hop-self force neighbor {{ pr_group }} next-hop-self {%- else %} neighbor {{ pr_group }} next-hop-self {%- endif %} {%- endif %} {%- if 'route_server_client' in conf_peer_group.address_family.ipv4_unicast %} neighbor {{ pr_group }} route-server-client {%- endif %} {%- if 'route_map' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv4_unicast.route_map %} neighbor {{ pr_group }} route-map {{conf_peer_group.address_family.ipv4_unicast.route_map.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv4_unicast.route_map %} neighbor {{ pr_group }} route-map {{conf_peer_group.address_family.ipv4_unicast.route_map.import}} in {%- endif %} {%- endif %} {%- if 'prefix_list' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv4_unicast.prefix_list %} neighbor {{ pr_group }} prefix-list {{conf_peer_group.address_family.ipv4_unicast.prefix_list.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv4_unicast.prefix_list %} neighbor {{ pr_group }} prefix-list {{conf_peer_group.address_family.ipv4_unicast.prefix_list.import}} in {%- endif %} {%- endif %} {%- if 'soft_reconfiguration' in conf_peer_group.address_family.ipv4_unicast %} {%- if 'inbound' is defined %} neighbor {{ pr_group }} soft-reconfiguration inbound {%- endif %} {%- endif %} {%- if 'unsuppress_map' in conf_peer_group.address_family.ipv4_unicast %} neighbor {{ pr_group }} unsuppress-map {{conf_peer_group.address_family.ipv4_unicast.unsuppress_map}} {%- endif %} neighbor {{ pr_group }} activate exit-address-family ! {%- endif %} {%- if afi == "ipv6_unicast" %} ! address-family ipv6 unicast {%- if 'allowas_in' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'number' in conf_peer_group.address_family.ipv6_unicast.allowas_in %} neighbor {{ pr_group }} allowas-in {{ conf_peer_group.address_family.ipv6_unicast.allowas_in.number }} {%- else %} neighbor {{ pr_group }} allowas-in {%- endif %} {%- endif %} {#- START Single Params for peer-group afi6; set protocols bgp xxx peer-group FOO address-family ipv6-unicast #} {%- if 'remove_private_as' in conf_peer_group.address_family.ipv6_unicast %} neighbor {{ pr_group }} remove-private-AS {%- endif %} {%- if 'route_reflector_client' in conf_peer_group.address_family.ipv6_unicast %} neighbor {{ pr_group }} route-reflector-client {%- endif %} {%- if 'weight' in conf_peer_group.address_family.ipv6_unicast %} neighbor {{ pr_group }} weight {{ conf_peer_group.address_family.ipv6_unicast.weight }} {%- endif %} {#- END single params for peer-group afi6 #} {%- if 'attribute_unchanged' in conf_peer_group.address_family.ipv6_unicast %} {%- if ( ('as_path' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged) and ('med' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged) ) %} neighbor {{ pr_group }} attribute-unchanged as-path med {%- elif ( ('as_path' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged) and ('next_hop' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged) ) %} neighbor {{ pr_group }} attribute-unchanged as-path next-hop {%- elif ( ('med' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged) and ('next_hop' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged) ) %} neighbor {{ pr_group }} attribute-unchanged med next-hop {%- elif 'as_path' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged %} neighbor {{ pr_group }} attribute-unchanged as-path {%- elif 'med' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged %} neighbor {{ pr_group }} attribute-unchanged med {%- elif 'next_hop' in conf_peer_group.address_family.ipv6_unicast.attribute_unchanged %} neighbor {{ pr_group }} attribute-unchanged next-hop {%- else %} neighbor {{ pr_group }} attribute-unchanged as-path next-hop med {%- endif %} {%- endif %} {#- END attribute-unchanged ipv6 #} {%- if 'capability' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'receive' in conf_peer_group.address_family.ipv6_unicast.capability.orf.prefix_list %} neighbor {{ pr_group }} capability orf prefix-list receive {%- endif %} {%- if 'send' in conf_peer_group.address_family.ipv6_unicast.capability.orf.prefix_list %} neighbor {{ pr_group }} capability orf prefix-list send {%- endif %} {%- endif %} {%- if 'default_originate' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'route_map' in conf_peer_group.address_family.ipv6_unicast.default_originate %} neighbor {{ pr_group }} default-originate route-map {{ conf_peer_group.address_family.ipv6_unicast.default_originate.route_map }} {%- else %} neighbor {{ pr_group }} default-originate {%- endif %} {%- endif %} {%- if 'distribute_list' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv6_unicast.distribute_list %} neighbor {{ pr_group }} distribute-list {{conf_peer_group.address_family.ipv6_unicast.distribute_list.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv6_unicast.distribute_list %} neighbor {{ pr_group }} distribute-list {{conf_peer_group.address_family.ipv6_unicast.distribute_list.import}} in {%- endif %} {%- endif %} {%- if 'filter_list' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv6_unicast.filter_list %} neighbor {{ pr_group }} filter-list {{conf_peer_group.address_family.ipv6_unicast.filter_list.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv6_unicast.filter_list %} neighbor {{ pr_group }} filter-list {{conf_peer_group.address_family.ipv6_unicast.filter_list.import}} in {%- endif %} {%- endif %} {%- if 'maximum_prefix' in conf_peer_group.address_family.ipv6_unicast %} neighbor {{ pr_group }} maximum-prefix {{ conf_peer_group.address_family.ipv6_unicast.maximum_prefix }} {%- endif %} {#- https://phabricator.vyos.net/T1817 #} {%- if 'nexthop_self' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'force' in conf_peer_group.address_family.ipv6_unicast.nexthop_self %} neighbor {{ pr_group }} next-hop-self force neighbor {{ pr_group }} next-hop-self {%- else %} neighbor {{ pr_group }} next-hop-self {%- endif %} {%- endif %} {%- if 'route_server_client' in conf_peer_group.address_family.ipv6_unicast %} neighbor {{ pr_group }} route-server-client {%- endif %} {%- if 'route_map' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv6_unicast.route_map %} neighbor {{ pr_group }} route-map {{conf_peer_group.address_family.ipv6_unicast.route_map.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv6_unicast.route_map %} neighbor {{ pr_group }} route-map {{conf_peer_group.address_family.ipv6_unicast.route_map.import}} in {%- endif %} {%- endif %} {%- if 'prefix_list' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'export' in conf_peer_group.address_family.ipv6_unicast.prefix_list %} neighbor {{ pr_group }} prefix-list {{conf_peer_group.address_family.ipv6_unicast.prefix_list.export}} out {%- endif %} {%- if 'import' in conf_peer_group.address_family.ipv6_unicast.prefix_list %} neighbor {{ pr_group }} prefix-list {{conf_peer_group.address_family.ipv6_unicast.prefix_list.import}} in {%- endif %} {%- endif %} {%- if 'soft_reconfiguration' in conf_peer_group.address_family.ipv6_unicast %} {%- if 'inbound' is defined %} neighbor {{ pr_group }} soft-reconfiguration inbound {%- endif %} {%- endif %} {%- if 'unsuppress_map' in conf_peer_group.address_family.ipv6_unicast %} neighbor {{ pr_group }} unsuppress-map {{conf_peer_group.address_family.ipv6_unicast.unsuppress_map}} {%- endif %} neighbor {{ pr_group }} activate exit-address-family ! {%- endif %} {%- endfor %} {%- endif %} {#- END peer-group afi; set protocols bgp xxx peer-group FOO address-family #} {%- endfor %} {%- endif %} {#- END peer-group; set protocol bgp xxx peer-group #} {#- START peer section; set protocol bgp xxx neighbor #} {%- for peer in conf_bgp[asn].neighbor %} {#- set peer-group as conf_peer #} {%- set conf_peer = conf_bgp[asn].neighbor[peer] %} {#- First parameter for peer-group - remote-as #} {%- if 'remote_as' in conf_peer %} neighbor {{ peer }} remote-as {{ conf_peer.remote_as }} {%- endif %} {%- if 'advertisement_interval' in conf_peer %} neighbor {{ peer }} advertisement-interval {{ conf_peer.advertisement_interval }} {%- endif %} {%- if 'bfd' in conf_peer %} {%- if 'check_control_plane_failure' in conf_peer.bfd %} neighbor {{ peer }} bfd neighbor {{ peer }} bfd check-control-plane-failure {%- else %} neighbor {{ peer }} bfd {%- endif %} {%- endif %} {%- if 'capability' in conf_peer %} {%- if 'dynamic' in conf_peer.capability %} neighbor {{ peer }} capability dynamic {%- endif %} {%- if 'extended_nexthop' in conf_peer.capability %} neighbor {{ peer }} capability extended-nexthop {%- endif %} {%- endif %} {%- if 'description' in conf_peer %} neighbor {{ peer }} description {{ conf_peer.description }} {%- endif %} {%- if 'disable_capability_negotiation' in conf_peer %} neighbor {{ peer }} disable-capability-negotiation {%- endif %} {#- https://phabricator.vyos.net/T2844. 'disable-send-community' only for afi #} {%- if 'disable_send_community' in conf_peer %} ! {%- endif %} {%- if 'ebgp_multihop' in conf_peer %} neighbor {{ peer }} ebgp-multihop {{conf_peer.ebgp_multihop}} {%- endif %} {#- Need to check. 'Peer-group' needs to define before this section #} {%- if 'interface' in conf_peer %} {%- if 'peer_group' in conf_peer.interface %} neighbor {{ peer }} interface peer-group {{conf_peer.interface.peer_group}} {%- endif %} {%- if 'remote_as' in conf_peer.interface %} neighbor {{ peer }} interface remote-as {{conf_peer.interface.remote_as}} {%- endif %} {%- if 'v6only' in conf_peer.interface %} {%- if 'peer_group' in conf_peer.interface.v6only %} neighbor {{ peer }} peer-group {{conf_peer.interface.peer_group}} {%- endif %} {%- if 'remote_as' in conf_peer.interface.v6only %} neighbor {{ peer }} interface v6only remote-as {{conf_peer.interface.v6only.remote_as}} {%- endif %} {%- endif %} {%- endif %} {%- if 'local_as' in conf_peer %} {%- for loc_asn in conf_peer.local_as %} {%- if 'no_prepend' in conf_peer.local_as[loc_asn] %} neighbor {{ peer }} local-as {{loc_asn}} no-prepend {%- else %} neighbor {{ peer }} local-as {{loc_asn}} {%- endif %} {%- endfor %} {%- endif %} {%- if 'override_capability' in conf_peer %} neighbor {{ peer }} override-capability {%- endif %} {%- if 'passive' in conf_peer %} neighbor {{ peer }} passive {%- endif %} {%- if 'password' in conf_peer %} neighbor {{ peer }} password {{ conf_peer.password }} {%- endif %} {%- if 'peer_group' in conf_peer %} neighbor {{ peer }} peer-group {{ conf_peer.peer_group }} {%- endif %} {%- if 'port' in conf_peer %} neighbor {{ peer }} port {{ conf_peer.port }} {%- endif %} {%- if 'shutdown' in conf_peer %} neighbor {{ peer }} shutdown {%- endif %} {%- if 'strict_capability_match' in conf_peer %} neighbor {{ peer }} strict-capability-match {%- endif %} {#- set protocols bgp xxx neighbor x.x.x.x timers #} {%- if 'timers' in conf_peer %} {%- if ( ('connect' in conf_peer.timers) and ('holdtime' in conf_peer.timers) and ('keepalive' in conf_peer.timers ) ) %} neighbor {{ peer }} timers {{conf_peer.timers.keepalive}} {{conf_peer.timers.holdtime}} neighbor {{ peer }} timers connect {{conf_peer.timers.connect}} {%- elif ( ('holdtime' in conf_peer.timers) and ('keepalive' in conf_peer.timers ) ) %} neighbor {{ peer }} timers {{conf_peer.timers.keepalive}} {{conf_peer.timers.holdtime}} {%- elif 'connect' in conf_peer.timers %} neighbor {{ peer }} timers connect {{conf_peer.timers.connect}} {%- endif %} {%- endif %} {%- if 'ttl_security' in conf_peer %} {%- if 'hops' in conf_peer.ttl_security %} neighbor {{ peer }} ttl-security hops {{conf_peer.ttl_security.hops}} {%- endif %} {%- endif %} {%- if 'update_source' in conf_peer %} neighbor {{ peer }} update-source {{ conf_peer.update_source }} {%- endif %} {#- START address family for peer; set protocols bgp xxx neighbor x.x.x.x address-family ipvX-unicast #} {%- if 'address_family' in conf_peer %} {%- for afi in conf_peer.address_family %} {%- if afi == "ipv4_unicast" %} ! address-family ipv4 unicast {%- if 'allowas_in' in conf_peer.address_family.ipv4_unicast %} {%- if 'number' in conf_peer.address_family.ipv4_unicast.allowas_in %} neighbor {{ peer }} allowas-in {{ conf_peer.address_family.ipv4_unicast.allowas_in.number }} {%- else %} neighbor {{ peer }} allowas-in {%- endif %} {%- endif %} {#- START Single Params for neighbor; #} {%- if 'as_override' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} as-override {%- endif %} {%- if 'remove_private_as' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} remove-private-AS {%- endif %} {%- if 'route_reflector_client' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} route-reflector-client {%- endif %} {%- if 'weight' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} weight {{ conf_peer.address_family.ipv4_unicast.weight }} {%- endif %} {#- END single params for neighbor #} {%- if 'attribute_unchanged' in conf_peer.address_family.ipv4_unicast %} {%- if ( ('as_path' in conf_peer.address_family.ipv4_unicast.attribute_unchanged) and ('med' in conf_peer.address_family.ipv4_unicast.attribute_unchanged) ) %} neighbor {{ peer }} attribute-unchanged as-path med {%- elif ( ('as_path' in conf_peer.address_family.ipv4_unicast.attribute_unchanged) and ('next_hop' in conf_peer.address_family.ipv4_unicast.attribute_unchanged) ) %} neighbor {{ peer }} attribute-unchanged as-path next-hop {%- elif ( ('med' in conf_peer.address_family.ipv4_unicast.attribute_unchanged) and ('next_hop' in conf_peer.address_family.ipv4_unicast.attribute_unchanged) ) %} neighbor {{ peer }} attribute-unchanged med next-hop {%- elif 'as_path' in conf_peer.address_family.ipv4_unicast.attribute_unchanged %} neighbor {{ peer }} attribute-unchanged as-path {%- elif 'med' in conf_peer.address_family.ipv4_unicast.attribute_unchanged %} neighbor {{ peer }} attribute-unchanged med {%- elif 'next_hop' in conf_peer.address_family.ipv4_unicast.attribute_unchanged %} neighbor {{ peer }} attribute-unchanged next-hop {%- else %} neighbor {{ peer }} attribute-unchanged as-path next-hop med {%- endif %} {%- endif %} {#- END attribute-unchanged #} {%- if 'capability' in conf_peer.address_family.ipv4_unicast %} {%- if 'receive' in conf_peer.address_family.ipv4_unicast.capability.orf.prefix_list %} neighbor {{ peer }} capability orf prefix-list receive {%- endif %} {%- if 'send' in conf_peer.address_family.ipv4_unicast.capability.orf.prefix_list %} neighbor {{ peer }} capability orf prefix-list send {%- endif %} {%- endif %} {%- if 'default_originate' in conf_peer.address_family.ipv4_unicast %} {%- if 'route_map' in conf_peer.address_family.ipv4_unicast.default_originate %} neighbor {{ peer }} default-originate route-map {{ conf_peer.address_family.ipv4_unicast.default_originate.route_map }} {%- else %} neighbor {{ peer }} default-originate {%- endif %} {%- endif %} {%- if 'distribute_list' in conf_peer.address_family.ipv4_unicast %} {%- if 'export' in conf_peer.address_family.ipv4_unicast.distribute_list %} neighbor {{ peer }} distribute-list {{conf_peer.address_family.ipv4_unicast.distribute_list.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv4_unicast.distribute_list %} neighbor {{ peer }} distribute-list {{conf_peer.address_family.ipv4_unicast.distribute_list.import}} in {%- endif %} {%- endif %} {%- if 'filter_list' in conf_peer.address_family.ipv4_unicast %} {%- if 'export' in conf_peer.address_family.ipv4_unicast.filter_list %} neighbor {{ peer }} filter-list {{conf_peer.address_family.ipv4_unicast.filter_list.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv4_unicast.filter_list %} neighbor {{ peer }} filter-list {{conf_peer.address_family.ipv4_unicast.filter_list.import}} in {%- endif %} {%- endif %} {%- if 'maximum_prefix' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} maximum-prefix {{ conf_peer.address_family.ipv4_unicast.maximum_prefix }} {%- endif %} {#- https://phabricator.vyos.net/T1817 #} {%- if 'nexthop_self' in conf_peer.address_family.ipv4_unicast %} {%- if 'force' in conf_peer.address_family.ipv4_unicast.nexthop_self %} neighbor {{ peer }} next-hop-self force neighbor {{ peer }} next-hop-self {%- else %} neighbor {{ peer }} next-hop-self {%- endif %} {%- endif %} {%- if 'route_server_client' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} route-server-client {%- endif %} {%- if 'route_map' in conf_peer.address_family.ipv4_unicast %} {%- if 'export' in conf_peer.address_family.ipv4_unicast.route_map %} neighbor {{ peer }} route-map {{conf_peer.address_family.ipv4_unicast.route_map.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv4_unicast.route_map %} neighbor {{ peer }} route-map {{conf_peer.address_family.ipv4_unicast.route_map.import}} in {%- endif %} {%- endif %} {%- if 'prefix_list' in conf_peer.address_family.ipv4_unicast %} {%- if 'export' in conf_peer.address_family.ipv4_unicast.prefix_list %} neighbor {{ peer }} prefix-list {{conf_peer.address_family.ipv4_unicast.prefix_list.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv4_unicast.prefix_list %} neighbor {{ peer }} prefix-list {{conf_peer.address_family.ipv4_unicast.prefix_list.import}} in {%- endif %} {%- endif %} {%- if 'soft_reconfiguration' in conf_peer.address_family.ipv4_unicast %} {%- if 'inbound' is defined %} neighbor {{ peer }} soft-reconfiguration inbound {%- endif %} {%- endif %} {%- if 'unsuppress_map' in conf_peer.address_family.ipv4_unicast %} neighbor {{ peer }} unsuppress-map {{conf_peer.address_family.ipv4_unicast.unsuppress_map}} {%- endif %} neighbor {{ peer }} activate exit-address-family ! {%- endif %} {%- if afi == "ipv6_unicast" %} ! address-family ipv6 unicast {%- if 'allowas_in' in conf_peer.address_family.ipv6_unicast %} {%- if 'number' in conf_peer.address_family.ipv6_unicast.allowas_in %} neighbor {{ peer }} allowas-in {{ conf_peer.address_family.ipv6_unicast.allowas_in.number }} {%- else %} neighbor {{ peer }} allowas-in {%- endif %} {%- endif %} {#- START Single Params for neighbor #} {%- if 'as_override' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} as-override {%- endif %} {%- if 'remove_private_as' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} remove-private-AS {%- endif %} {%- if 'route_reflector_client' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} route-reflector-client {%- endif %} {%- if 'weight' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} weight {{ conf_peer.address_family.ipv6_unicast.weight }} {%- endif %} {#- END single params for neighbor #} {%- if 'attribute_unchanged' in conf_peer.address_family.ipv6_unicast %} {%- if ( ('as_path' in conf_peer.address_family.ipv6_unicast.attribute_unchanged) and ('med' in conf_peer.address_family.ipv6_unicast.attribute_unchanged) ) %} neighbor {{ peer }} attribute-unchanged as-path med {%- elif ( ('as_path' in conf_peer.address_family.ipv6_unicast.attribute_unchanged) and ('next_hop' in conf_peer.address_family.ipv6_unicast.attribute_unchanged) ) %} neighbor {{ peer }} attribute-unchanged as-path next-hop {%- elif ( ('med' in conf_peer.address_family.ipv6_unicast.attribute_unchanged) and ('next_hop' in conf_peer.address_family.ipv6_unicast.attribute_unchanged) ) %} neighbor {{ peer }} attribute-unchanged med next-hop {%- elif 'as_path' in conf_peer.address_family.ipv6_unicast.attribute_unchanged %} neighbor {{ peer }} attribute-unchanged as-path {%- elif 'med' in conf_peer.address_family.ipv6_unicast.attribute_unchanged %} neighbor {{ peer }} attribute-unchanged med {%- elif 'next_hop' in conf_peer.address_family.ipv6_unicast.attribute_unchanged %} neighbor {{ peer }} attribute-unchanged next-hop {%- else %} neighbor {{ peer }} attribute-unchanged as-path next-hop med {%- endif %} {%- endif %} {#- END attribute-unchanged #} {%- if 'capability' in conf_peer.address_family.ipv6_unicast %} {%- if 'receive' in conf_peer.address_family.ipv6_unicast.capability.orf.prefix_list %} neighbor {{ peer }} capability orf prefix-list receive {%- endif %} {%- if 'send' in conf_peer.address_family.ipv6_unicast.capability.orf.prefix_list %} neighbor {{ peer }} capability orf prefix-list send {%- endif %} {%- endif %} {%- if 'default_originate' in conf_peer.address_family.ipv6_unicast %} {%- if 'route_map' in conf_peer.address_family.ipv6_unicast.default_originate %} neighbor {{ peer }} default-originate route-map {{ conf_peer.address_family.ipv6_unicast.default_originate.route_map }} {%- else %} neighbor {{ peer }} default-originate {%- endif %} {%- endif %} {%- if 'distribute_list' in conf_peer.address_family.ipv6_unicast %} {%- if 'export' in conf_peer.address_family.ipv6_unicast.distribute_list %} neighbor {{ peer }} distribute-list {{conf_peer.address_family.ipv6_unicast.distribute_list.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv6_unicast.distribute_list %} neighbor {{ peer }} distribute-list {{conf_peer.address_family.ipv6_unicast.distribute_list.import}} in {%- endif %} {%- endif %} {%- if 'filter_list' in conf_peer.address_family.ipv6_unicast %} {%- if 'export' in conf_peer.address_family.ipv6_unicast.filter_list %} neighbor {{ peer }} filter-list {{conf_peer.address_family.ipv6_unicast.filter_list.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv6_unicast.filter_list %} neighbor {{ peer }} filter-list {{conf_peer.address_family.ipv6_unicast.filter_list.import}} in {%- endif %} {%- endif %} {%- if 'maximum_prefix' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} maximum-prefix {{ conf_peer.address_family.ipv6_unicast.maximum_prefix }} {%- endif %} {#- https://phabricator.vyos.net/T1817 #} {%- if 'nexthop_self' in conf_peer.address_family.ipv6_unicast %} {%- if 'force' in conf_peer.address_family.ipv6_unicast.nexthop_self %} neighbor {{ peer }} next-hop-self force neighbor {{ peer }} next-hop-self {%- else %} neighbor {{ peer }} next-hop-self {%- endif %} {%- endif %} {%- if 'route_server_client' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} route-server-client {%- endif %} {%- if 'route_map' in conf_peer.address_family.ipv6_unicast %} {%- if 'export' in conf_peer.address_family.ipv6_unicast.route_map %} neighbor {{ peer }} route-map {{conf_peer.address_family.ipv6_unicast.route_map.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv6_unicast.route_map %} neighbor {{ peer }} route-map {{conf_peer.address_family.ipv6_unicast.route_map.import}} in {%- endif %} {%- endif %} {%- if 'prefix_list' in conf_peer.address_family.ipv6_unicast %} {%- if 'export' in conf_peer.address_family.ipv6_unicast.prefix_list %} neighbor {{ peer }} prefix-list {{conf_peer.address_family.ipv6_unicast.prefix_list.export}} out {%- endif %} {%- if 'import' in conf_peer.address_family.ipv6_unicast.prefix_list %} neighbor {{ peer }} prefix-list {{conf_peer.address_family.ipv6_unicast.prefix_list.import}} in {%- endif %} {%- endif %} {%- if 'soft_reconfiguration' in conf_peer.address_family.ipv6_unicast %} {%- if 'inbound' is defined %} neighbor {{ peer }} soft-reconfiguration inbound {%- endif %} {%- endif %} {%- if 'unsuppress_map' in conf_peer.address_family.ipv6_unicast %} neighbor {{ peer }} unsuppress-map {{conf_peer.address_family.ipv6_unicast.unsuppress_map}} {%- endif %} neighbor {{ peer }} activate exit-address-family ! {%- endif %} {%- endfor %} {%- endif %} {#- END address family for peer #} {%- endfor %} {#- END peer section; set protocols bgp xxx neighbor #} {#- START parameters section; set protocol bgp xxx parameters #} {%- if 'always_compare_med' in bgp_params %} bgp always-compare-med {%- endif %} {%- if 'bestpath' in bgp_params %} {%- if 'compare_routerid' in bgp_params.bestpath %} bgp bestpath compare-routerid {%- endif %} {%- if 'as_path' in bgp_params.bestpath %} {%- if 'confed' in bgp_params.bestpath.as_path %} bgp bestpath as-path confed {%- endif %} {%- if 'ignore' in bgp_params.bestpath.as_path %} bgp bestpath as-path ignore {%- endif %} {%- if 'multipath_relax' in bgp_params.bestpath.as_path %} bgp bestpath as-path multipath-relax {%- endif %} {%- endif %} {%- if 'med' in bgp_params.bestpath %} {%- if ( ('confed' in bgp_params.bestpath.med) and ('missing_as_worst' in bgp_params.bestpath.med ) ) %} bgp bestpath med confed missing-as-worst {%- elif 'confed' in bgp_params.bestpath.med %} bgp bestpath med confed {%- elif 'missing_as_worst' in bgp_params.bestpath.med %} bgp bestpath med missing-as-worst {%- endif%} {%- endif %} {%- endif %} {%- if 'cluster_id' in bgp_params %} bgp cluster-id {{ bgp_params.cluster_id }} {%- endif %} {%- if 'confederation' in bgp_params %} {%- if 'identifier' in bgp_params.confederation %} bgp confederation identifier {{ bgp_params.confederation.identifier }} {%- endif %} {%- if 'peers' in bgp_params.confederation %} bgp confederation peers {{ bgp_params.confederation.peers }} {%- endif %} {%- endif %} {#- Doesn't work in current FRR configuration; vtysh (bgp dampening 16 751 2001 61) #} {%- if 'dampening' in bgp_params %} {%- if ( ('half_life' in bgp_params.dampening) and ('max_suppress_time' in bgp_params.dampening) and ('re_use' in bgp_params.dampening) and ('start_suppress_time' in bgp_params.dampening ) ) %} bgp dampening {{ bgp_params.dampening.half_life }} {{ bgp_params.dampening.re_use }} {{ bgp_params.dampening.start_suppress_time }} {{ bgp_params.dampening.max_suppress_time }} {%- endif %} {%- endif %} {%- if 'default' in bgp_params %} {%- if 'local_pref' in bgp_params.default %} bgp default local-preference {{ bgp_params.default.local_pref }} {%- endif %} {#- We use this is parameter as default in template (5-th string) #} {%- if 'no_ipv4_unicast' in bgp_params.default %} no bgp default ipv4-unicast {%- endif %} {%- endif %} {%- if 'deterministic_med' in bgp_params %} bgp deterministic-med {%- endif %} {%- if 'distance' in bgp_params %} {%- if 'global' in bgp_params.distance %} {%- if ( ('external' in bgp_params.distance.global) and ('internal' in bgp_params.distance.global) and ('local' in bgp_params.distance.global ) ) %} ! address-family ipv4 unicast distance bgp {{ bgp_params.distance.global.external }} {{ bgp_params.distance.global.internal }} {{ bgp_params.distance.global.local }} exit-address-family ! {%- endif %} {%- endif %} {%- if 'prefix' in bgp_params.distance %} ! address-family ipv4 unicast {%- for prfx in bgp_params.distance.prefix %} distance {{ bgp_params.distance.prefix[prfx].distance }} {{ prfx }} {%- endfor %} exit-address-family ! {%- endif %} {%- endif %} {%- if 'graceful_restart' in bgp_params %} {%- if 'stalepath_time' in bgp_params.graceful_restart %} bgp graceful-restart stalepath-time {{ bgp_params.graceful_restart.stalepath_time }} {%- endif %} {%- endif %} {%- if 'log_neighbor_changes' in bgp_params %} bgp log-neighbor-changes {%- endif %} {%- if 'network_import_check' in bgp_params %} bgp network import-check {%- endif %} {%- if 'no_client_to_client_reflection' in bgp_params %} no bgp client-to-client reflection {%- endif %} {%- if 'no_fast_external_failover' in bgp_params %} no bgp fast-external-failover {%- endif %} {#- END parameters; set protocols bgp xxx parameters #} {%- if 'timers' in conf_bgp[asn] %} {%- if ( ('holdtime' in conf_bgp[asn].timers) and ('keepalive' in conf_bgp[asn].timers ) ) %} timers bgp {{conf_bgp[asn].timers.keepalive}} {{conf_bgp[asn].timers.holdtime}} {%- endif %} {%- endif %} {%- if 'route_map' in conf_bgp[asn] %} ! ip protocol bgp route-map {{conf_bgp[asn].route_map}} {%- endif %} ! {%- endfor -%} {#- END asn; router bgp xxx #}