summaryrefslogtreecommitdiff
path: root/smoketest/config-tests/bgp-bfd-communities
blob: 6eee0137e6e88b9ba160edc531f8ff65664012b0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
set interfaces ethernet eth0 address '192.0.2.100/25'
set interfaces ethernet eth0 address '2001:db8::ffff/64'
set interfaces ethernet eth0 offload gro
set interfaces loopback lo
set policy large-community-list ANYCAST_ALL rule 10 action 'permit'
set policy large-community-list ANYCAST_ALL rule 10 description 'Allow all anycast from anywhere'
set policy large-community-list ANYCAST_ALL rule 10 regex '4242420696:100:.*'
set policy large-community-list ANYCAST_INT rule 10 action 'permit'
set policy large-community-list ANYCAST_INT rule 10 description 'Allow all anycast from int'
set policy large-community-list ANYCAST_INT rule 10 regex '4242420696:100:1'
set policy prefix-list BGP-BACKBONE-IN description 'Inbound backbone routes from other sites'
set policy prefix-list BGP-BACKBONE-IN rule 10 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 10 description 'Block default route'
set policy prefix-list BGP-BACKBONE-IN rule 10 prefix '0.0.0.0/0'
set policy prefix-list BGP-BACKBONE-IN rule 20 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 20 description 'Block int primary'
set policy prefix-list BGP-BACKBONE-IN rule 20 ge '21'
set policy prefix-list BGP-BACKBONE-IN rule 20 prefix '192.168.0.0/20'
set policy prefix-list BGP-BACKBONE-IN rule 30 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 30 description 'Block loopbacks'
set policy prefix-list BGP-BACKBONE-IN rule 30 ge '25'
set policy prefix-list BGP-BACKBONE-IN rule 30 prefix '192.168.253.0/24'
set policy prefix-list BGP-BACKBONE-IN rule 40 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 40 description 'Block backbone peering'
set policy prefix-list BGP-BACKBONE-IN rule 40 ge '25'
set policy prefix-list BGP-BACKBONE-IN rule 40 prefix '192.168.254.0/24'
set policy prefix-list BGP-BACKBONE-IN rule 999 action 'permit'
set policy prefix-list BGP-BACKBONE-IN rule 999 description 'Allow everything else'
set policy prefix-list BGP-BACKBONE-IN rule 999 ge '1'
set policy prefix-list BGP-BACKBONE-IN rule 999 prefix '0.0.0.0/0'
set policy prefix-list BGP-BACKBONE-OUT description 'Outbound backbone routes to other sites'
set policy prefix-list BGP-BACKBONE-OUT rule 10 action 'permit'
set policy prefix-list BGP-BACKBONE-OUT rule 10 description 'Int primary'
set policy prefix-list BGP-BACKBONE-OUT rule 10 ge '23'
set policy prefix-list BGP-BACKBONE-OUT rule 10 prefix '192.168.0.0/20'
set policy prefix-list GLOBAL description 'Globally redistributed routes'
set policy prefix-list GLOBAL rule 10 action 'permit'
set policy prefix-list GLOBAL rule 10 prefix '192.168.100.1/32'
set policy prefix-list GLOBAL rule 20 action 'permit'
set policy prefix-list GLOBAL rule 20 prefix '192.168.7.128/25'
set policy prefix-list6 BGP-BACKBONE-IN-V6 description 'Inbound backbone routes from other sites'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 10 action 'deny'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 10 description 'Block default route'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 10 prefix '::/0'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 action 'deny'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 description 'Block int primary'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 ge '53'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 prefix 'fd52:d62e:8011::/52'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 action 'deny'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 description 'Block peering and stuff'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 ge '53'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 prefix 'fd52:d62e:8011:f000::/52'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 action 'permit'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 description 'Allow everything else'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 ge '1'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 prefix '::/0'
set policy prefix-list6 BGP-BACKBONE-OUT-V6 description 'Outbound backbone routes to other sites'
set policy prefix-list6 BGP-BACKBONE-OUT-V6 rule 10 action 'permit'
set policy prefix-list6 BGP-BACKBONE-OUT-V6 rule 10 ge '64'
set policy prefix-list6 BGP-BACKBONE-OUT-V6 rule 10 prefix 'fd52:d62e:8011::/52'
set policy prefix-list6 GLOBAL-V6 description 'Globally redistributed routes'
set policy prefix-list6 GLOBAL-V6 rule 10 action 'permit'
set policy prefix-list6 GLOBAL-V6 rule 10 ge '64'
set policy prefix-list6 GLOBAL-V6 rule 10 prefix 'fd52:d62e:8011:2::/63'
set policy route-map BGP-BACKBONE-IN rule 10 action 'permit'
set policy route-map BGP-BACKBONE-IN rule 10 match ip address prefix-list 'BGP-BACKBONE-IN'
set policy route-map BGP-BACKBONE-IN rule 20 action 'permit'
set policy route-map BGP-BACKBONE-IN rule 20 match ipv6 address prefix-list 'BGP-BACKBONE-IN-V6'
set policy route-map BGP-BACKBONE-IN rule 30 action 'permit'
set policy route-map BGP-BACKBONE-IN rule 30 match large-community large-community-list 'ANYCAST_ALL'
set policy route-map BGP-BACKBONE-OUT rule 10 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 10 match ip address prefix-list 'BGP-BACKBONE-OUT'
set policy route-map BGP-BACKBONE-OUT rule 20 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 20 match ipv6 address prefix-list 'BGP-BACKBONE-OUT-V6'
set policy route-map BGP-BACKBONE-OUT rule 30 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 30 match large-community large-community-list 'ANYCAST_INT'
set policy route-map BGP-BACKBONE-OUT rule 30 set as-path prepend '4242420666'
set policy route-map BGP-REDISTRIBUTE rule 10 action 'permit'
set policy route-map BGP-REDISTRIBUTE rule 10 description 'Prepend AS and allow VPN and modem'
set policy route-map BGP-REDISTRIBUTE rule 10 match ip address prefix-list 'GLOBAL'
set policy route-map BGP-REDISTRIBUTE rule 10 set as-path prepend '4242420666'
set policy route-map BGP-REDISTRIBUTE rule 20 action 'permit'
set policy route-map BGP-REDISTRIBUTE rule 20 description 'Allow VPN'
set policy route-map BGP-REDISTRIBUTE rule 20 match ipv6 address prefix-list 'GLOBAL-V6'
set protocols bfd peer 192.168.253.1 interval receive '50'
set protocols bfd peer 192.168.253.1 interval transmit '50'
set protocols bfd peer 192.168.253.1 multihop
set protocols bfd peer 192.168.253.1 source address '192.168.253.3'
set protocols bfd peer 192.168.253.2 interval receive '50'
set protocols bfd peer 192.168.253.2 interval transmit '50'
set protocols bfd peer 192.168.253.2 multihop
set protocols bfd peer 192.168.253.2 source address '192.168.253.3'
set protocols bfd peer 192.168.253.6 interval receive '50'
set protocols bfd peer 192.168.253.6 interval transmit '50'
set protocols bfd peer 192.168.253.6 multihop
set protocols bfd peer 192.168.253.6 source address '192.168.253.3'
set protocols bfd peer 192.168.253.7 interval receive '50'
set protocols bfd peer 192.168.253.7 interval transmit '50'
set protocols bfd peer 192.168.253.7 multihop
set protocols bfd peer 192.168.253.7 source address '192.168.253.3'
set protocols bfd peer 192.168.253.12 interval receive '100'
set protocols bfd peer 192.168.253.12 interval transmit '100'
set protocols bfd peer 192.168.253.12 multihop
set protocols bfd peer 192.168.253.12 source address '192.168.253.3'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:1 interval receive '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:1 interval transmit '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:1 multihop
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:1 source address 'fd52:d62e:8011:fffe:192:168:253:3'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:2 interval receive '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:2 interval transmit '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:2 multihop
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:2 source address 'fd52:d62e:8011:fffe:192:168:253:3'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:6 interval receive '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:6 interval transmit '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:6 multihop
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:6 source address 'fd52:d62e:8011:fffe:192:168:253:3'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:7 interval receive '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:7 interval transmit '50'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:7 multihop
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:7 source address 'fd52:d62e:8011:fffe:192:168:253:3'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:12 interval receive '100'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:12 interval transmit '100'
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:12 multihop
set protocols bfd peer fd52:d62e:8011:fffe:192:168:253:12 source address 'fd52:d62e:8011:fffe:192:168:253:3'
set protocols bgp address-family ipv4-unicast redistribute connected route-map 'BGP-REDISTRIBUTE'
set protocols bgp address-family ipv4-unicast redistribute static route-map 'BGP-REDISTRIBUTE'
set protocols bgp address-family ipv6-unicast redistribute connected route-map 'BGP-REDISTRIBUTE'
set protocols bgp neighbor 192.168.253.1 peer-group 'INT'
set protocols bgp neighbor 192.168.253.2 peer-group 'INT'
set protocols bgp neighbor 192.168.253.6 peer-group 'DAL13'
set protocols bgp neighbor 192.168.253.7 peer-group 'DAL13'
set protocols bgp neighbor 192.168.253.12 address-family ipv4-unicast route-map export 'BGP-BACKBONE-OUT'
set protocols bgp neighbor 192.168.253.12 address-family ipv4-unicast route-map import 'BGP-BACKBONE-IN'
set protocols bgp neighbor 192.168.253.12 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp neighbor 192.168.253.12 bfd
set protocols bgp neighbor 192.168.253.12 ebgp-multihop '2'
set protocols bgp neighbor 192.168.253.12 remote-as '4242420669'
set protocols bgp neighbor 192.168.253.12 update-source 'dum0'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:1 peer-group 'INTv6'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:2 peer-group 'INTv6'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:6 peer-group 'DAL13v6'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:7 peer-group 'DAL13v6'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 address-family ipv6-unicast route-map export 'BGP-BACKBONE-OUT'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 address-family ipv6-unicast route-map import 'BGP-BACKBONE-IN'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 bfd
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 ebgp-multihop '2'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 remote-as '4242420669'
set protocols bgp neighbor fd52:d62e:8011:fffe:192:168:253:12 update-source 'dum0'
set protocols bgp parameters confederation identifier '4242420696'
set protocols bgp parameters confederation peers '4242420668'
set protocols bgp parameters confederation peers '4242420669'
set protocols bgp parameters distance global external '220'
set protocols bgp parameters distance global internal '220'
set protocols bgp parameters distance global local '220'
set protocols bgp parameters graceful-restart
set protocols bgp peer-group DAL13 address-family ipv4-unicast route-map export 'BGP-BACKBONE-OUT'
set protocols bgp peer-group DAL13 address-family ipv4-unicast route-map import 'BGP-BACKBONE-IN'
set protocols bgp peer-group DAL13 address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp peer-group DAL13 bfd
set protocols bgp peer-group DAL13 ebgp-multihop '2'
set protocols bgp peer-group DAL13 remote-as '4242420668'
set protocols bgp peer-group DAL13 update-source 'dum0'
set protocols bgp peer-group DAL13v6 address-family ipv6-unicast route-map export 'BGP-BACKBONE-OUT'
set protocols bgp peer-group DAL13v6 address-family ipv6-unicast route-map import 'BGP-BACKBONE-IN'
set protocols bgp peer-group DAL13v6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp peer-group DAL13v6 bfd
set protocols bgp peer-group DAL13v6 ebgp-multihop '2'
set protocols bgp peer-group DAL13v6 remote-as '4242420668'
set protocols bgp peer-group DAL13v6 update-source 'dum0'
set protocols bgp peer-group INT address-family ipv4-unicast default-originate
set protocols bgp peer-group INT address-family ipv4-unicast soft-reconfiguration inbound
set protocols bgp peer-group INT bfd
set protocols bgp peer-group INT remote-as '4242420666'
set protocols bgp peer-group INT update-source 'dum0'
set protocols bgp peer-group INTv6 address-family ipv6-unicast default-originate
set protocols bgp peer-group INTv6 address-family ipv6-unicast soft-reconfiguration inbound
set protocols bgp peer-group INTv6 bfd
set protocols bgp peer-group INTv6 remote-as '4242420666'
set protocols bgp peer-group INTv6 update-source 'dum0'
set protocols bgp system-as '4242420666'
set service ntp allow-client address '0.0.0.0/0'
set service ntp allow-client address '::/0'
set service ntp server 0.pool.ntp.org
set service ntp server 1.pool.ntp.org
set service ntp server 2.pool.ntp.org
set system config-management commit-revisions '200'
set system conntrack modules ftp
set system conntrack modules h323
set system conntrack modules nfs
set system conntrack modules pptp
set system conntrack modules sip
set system conntrack modules sqlnet
set system conntrack modules tftp
set system console device ttyS0 speed '115200'
set system host-name 'vyos'
set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/'
set system login user vyos authentication plaintext-password ''
set system syslog global facility all level 'info'
set system syslog global facility local7 level 'debug'
set system time-zone 'Europe/Berlin'