1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 |
- #
- # FFRL upstream (Salt managed)
- #
- {%- set ifaces = salt['pillar.get']('node:ifaces', {}) %}
- {%- set sessions = salt['ffho_net.get_ffrl_bgp_config'](ifaces, proto) %}
- {%- set te_community_map_ffrl = salt['pillar.get']('te:community_map:' ~ grains['id'] ~ ':ffrl', [])|sort %}
- filter ffrl_in {
- if DRAIN_FULL = 1 then
- reject;
- if DRAIN_FFRL = 1 then
- reject;
- if net ~ [
- {%- if proto == 'v4'%}
- 0.0.0.0/0
- {%- else %}
- ::/0
- {%- endif %}
- ] then {
- # Rewrite BGP next hop to loopback IP so we don't have to
- # include transfer networks to AS201701 in IGP.
- bgp_next_hop = LO_IP;
- accept;
- }
- reject;
- };
- filter ffrl_out {
- if DRAIN_FULL = 1 then
- reject;
- if DRAIN_FFRL = 1 then
- reject;
- {%- if proto == 'v4'%}
- if proto != "p_nat" then
- reject;
- if net ~ [
- 185.66.194.84/31+, # FRA-IPs
- 185.66.195.94/31+ # BER-IPs
- {%- else %}
- if net ~ [
- 2a03:2260:2342::/48{48,56}
- {%- endif %}
- ] then {
- # Is there an export restriction for this route?
- if (EXPORT_RESTRICT ~ bgp_community) then {
- {%- for community in te_community_map_ffrl %}
- if ({{ community }} ~ bgp_community) then
- accept;
- {%- endfor %}
- }
- # No export restriction, go ahead
- else {
- accept;
- }
- }
- reject;
- };
- {%- if proto == 'v4' %}
- protocol direct p_nat {
- interface "nat";
- }
- {%- endif %}
- define AS_FFRL = 201701;
- template bgp as201701 {
- import filter ffrl_in;
- export filter ffrl_out;
- import keep filtered;
- local as 65132;
- preference 200;
- }
- {% for session in sessions|sort %}
- {%- set session_config = sessions.get (session) %}
- {%- set bgp_local_pref = session_config.get ('bgp_local_pref') %}
- protocol bgp {{ session }} from as201701 {
- source address {{ session_config.get ('local') }};
- neighbor {{ session_config.get ('neighbor') }} as AS_FFRL;
- {%- if bgp_local_pref %}
- default bgp_local_pref {{ bgp_local_pref }};
- {%- endif %}
- }
- {% endfor %}
|