12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 |
- #
- # FFRL upstream (Salt maanged)
- #
- {%- set ifaces = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':ifaces', {}) %}
- {%- set sessions = salt['ffho_net.get_ffrl_bgp_config'](ifaces, proto) %}
- {%- set te_community_map_ffrl = salt['pillar.get']('te:community_map:' ~ grains['id'] ~ ':ffrl', [])|sort %}
- filter ffrl_in {
- if net ~ [
- {%- if proto == 'v4'%}
- 0.0.0.0/0
- {%- else %}
- ::/0
- {%- endif %}
- ] then {
- # Rewrite BGP next hop to loopback IP so we don't have to
- # include transfer networks to AS201701 in IGP.
- bgp_next_hop = LO_IP;
- accept;
- }
- reject;
- };
- filter ffrl_out {
- {%- if proto == 'v4'%}
- if proto != "p_nat" then
- reject;
- if net ~ [
- 185.66.194.80/29+,
- 185.66.194.84/31+, # FRA-IPs
- 185.66.195.94/31+ # BER-IPs
- {%- else %}
- if net ~ [
- 2a03:2260:2342::/48{48,56}
- {%- endif %}
- ] then {
- # Is there an export restriction for this route?
- if (EXPORT_RESTRICT ~ bgp_community) then {
- {%- for community in te_community_map_ffrl %}
- if ({{ community }} ~ bgp_community) then
- accept;
- {%- endfor %}
- }
- # No export restriction, go ahead
- else {
- accept;
- }
- }
- reject;
- };
- {%- if proto == 'v4' %}
- protocol direct p_nat {
- interface "nat";
- }
- {%- endif %}
- define AS_FFRL = 201701;
- template bgp as201701 {
- import filter ffrl_in;
- export filter ffrl_out;
- local as 65132;
- preference 200;
- }
- {% for session in sessions|sort %}
- {%- set session_config = sessions.get (session) %}
- {%- set bgp_local_pref = session_config.get ('bgp_local_pref') %}
- protocol bgp {{ session }} from as201701 {
- source address {{ session_config.get ('local') }};
- neighbor {{ session_config.get ('neighbor') }} as AS_FFRL;
- {%- if bgp_local_pref %}
- default bgp_local_pref {{ bgp_local_pref }};
- {%- endif %}
- }
- {% endfor %}
|