# # FFRL upstream (Salt managed) # {%- set ifaces = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':ifaces', {}) %} {%- set sessions = salt['ffho_net.get_ffrl_bgp_config'](ifaces, proto) %} {%- set te_community_map_ffrl = salt['pillar.get']('te:community_map:' ~ grains['id'] ~ ':ffrl', [])|sort %} filter ffrl_in { if DRAIN_FULL = 1 then reject; if DRAIN_FFRL = 1 then reject; if net ~ [ {%- if proto == 'v4'%} 0.0.0.0/0 {%- else %} ::/0 {%- endif %} ] then { # Rewrite BGP next hop to loopback IP so we don't have to # include transfer networks to AS201701 in IGP. bgp_next_hop = LO_IP; accept; } reject; }; filter ffrl_out { if DRAIN_FULL = 1 then reject; if DRAIN_FFRL = 1 then reject; {%- if proto == 'v4'%} if proto != "p_nat" then reject; if net ~ [ 185.66.194.84/31+, # FRA-IPs 185.66.195.94/31+ # BER-IPs {%- else %} if net ~ [ 2a03:2260:2342::/48{48,56} {%- endif %} ] then { # Is there an export restriction for this route? if (EXPORT_RESTRICT ~ bgp_community) then { {%- for community in te_community_map_ffrl %} if ({{ community }} ~ bgp_community) then accept; {%- endfor %} } # No export restriction, go ahead else { accept; } } reject; }; {%- if proto == 'v4' %} protocol direct p_nat { interface "nat"; } {%- endif %} define AS_FFRL = 201701; template bgp as201701 { import filter ffrl_in; export filter ffrl_out; import keep filtered; local as 65132; preference 200; } {% for session in sessions|sort %} {%- set session_config = sessions.get (session) %} {%- set bgp_local_pref = session_config.get ('bgp_local_pref') %} protocol bgp {{ session }} from as201701 { source address {{ session_config.get ('local') }}; neighbor {{ session_config.get ('neighbor') }} as AS_FFRL; {%- if bgp_local_pref %} default bgp_local_pref {{ bgp_local_pref }}; {%- endif %} } {% endfor %}