FRR templates: provide a seqnum for the prefix lists

Instead of letting frr pick the sequence number, we provide it from
outside. This should make the configuration more deterministic and
offload some of the logic from FRR.

Signed-off-by: Federico Paolinelli <fpaoline@redhat.com>

internal/bgp/frr/templates/filters.tmpl

@@ -1,13 +1,15 @@
 {{- define "localpreffilter" -}}
-{{frrIPFamily .advertisement.IPFamily}} prefix-list {{localPrefPrefixList .neighbor .advertisement.LocalPref}} permit {{.advertisement.Prefix}}
+{{$localPrefixListName :=localPrefPrefixList .neighbor .advertisement.LocalPref}}
+{{frrIPFamily .advertisement.IPFamily}} prefix-list {{$localPrefixListName}} seq {{counter $localPrefixListName}} permit {{.advertisement.Prefix}}
 route-map {{.neighbor.ID}}-out permit {{counter .neighbor.ID}}
   match {{frrIPFamily .advertisement.IPFamily}} address prefix-list {{localPrefPrefixList .neighbor .advertisement.LocalPref}}
   set local-preference {{.advertisement.LocalPref}}
   on-match next
 {{- end -}}
 
 {{- define "communityfilter" -}}
-{{frrIPFamily .advertisement.IPFamily}} prefix-list {{communityPrefixList .neighbor .community}} permit {{.advertisement.Prefix}}
+{{$communityPrefixlistName :=communityPrefixList .neighbor .community}}
+{{frrIPFamily .advertisement.IPFamily}} prefix-list {{$communityPrefixlistName}} seq {{counter $communityPrefixlistName}} permit {{.advertisement.Prefix}}
 route-map {{.neighbor.ID}}-out permit {{counter .neighbor.ID}}
   match {{frrIPFamily .advertisement.IPFamily}} address prefix-list {{communityPrefixList .neighbor .community}}
   set community {{.community}} additive
@@ -43,20 +45,24 @@ route-map {{.neighbor.ID}}-in deny 20
 {{template "largecommunityfilter" dict "advertisement" $a "neighbor" $.neighbor "largecommunity" $lc}}
 {{- end }}
 {{/* this advertisement is allowed to the specific neighbor  */}}
-{{frrIPFamily $a.IPFamily}} prefix-list {{allowedPrefixList $.neighbor}} permit {{$a.Prefix}}
+{{$plistName:=allowedPrefixList $.neighbor}}
+ {{frrIPFamily $a.IPFamily}} prefix-list {{$plistName}} seq {{counter $plistName}} permit {{$a.Prefix}}
 {{- end }}
 
-route-map {{$.neighbor.ID}}-out permit {{counter $.neighbor.ID}}
-  match ip address prefix-list {{allowedPrefixList $.neighbor}}
-route-map {{$.neighbor.ID}}-out permit {{counter $.neighbor.ID}}
-  match ipv6 address prefix-list {{allowedPrefixList $.neighbor}}
 
 {{/* If the neighbor does not have an advertisement, we need to add a prefix to deny
 for when we have a prefix but a given peer is not selected for any prefixes */}}
+{{$plistName:=allowedPrefixList $.neighbor}}
 {{- if not .neighbor.HasV4Advertisements}}
-ip prefix-list {{allowedPrefixList $.neighbor }} deny any
+ip prefix-list {{$plistName}} seq {{counter $plistName}} deny any
 {{- end }}
 {{- if not .neighbor.HasV6Advertisements}}
-ipv6 prefix-list {{allowedPrefixList $.neighbor}} deny any
-{{- end -}}
+ipv6 prefix-list {{$plistName}} seq {{counter $plistName}} deny any
+{{- end }}
+
+route-map {{$.neighbor.ID}}-out permit {{counter $.neighbor.ID}}
+  match ip address prefix-list {{allowedPrefixList $.neighbor}}
+route-map {{$.neighbor.ID}}-out permit {{counter $.neighbor.ID}}
+  match ipv6 address prefix-list {{allowedPrefixList $.neighbor}}
+
 {{- end -}}

internal/bgp/frr/testdata/TestBFDWithSession.golden

@@ -5,15 +5,17 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
+
+
+
+ip prefix-list 10.2.2.254-pl-ipv4 seq 1 deny any
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
+
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-pl-ipv4
 route-map 10.2.2.254-out permit 2
   match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
-
-ip prefix-list 10.2.2.254-pl-ipv4 deny any
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
-
 router bgp 100
   no bgp ebgp-requires-policy
   no bgp network import-check

internal/bgp/frr/testdata/TestLargeCommunities.golden

@@ -5,36 +5,41 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
-ip prefix-list 10.2.2.254-300-ipv4-localpref-prefixes permit 172.16.1.10/24
+
+ip prefix-list 10.2.2.254-300-ipv4-localpref-prefixes seq 1 permit 172.16.1.10/24
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-300-ipv4-localpref-prefixes
   set local-preference 300
   on-match next
-ip prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 2
+
+ip prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes
   set community 3333:4444 additive
   on-match next
 ip prefix-list 10.2.2.254-large:1111:2222:3333-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 3
+route-map 10.2.2.254-out permit 2
   match ip address prefix-list 10.2.2.254-large:1111:2222:3333-ipv4-community-prefixes
   set large-community 1111:2222:3333 additive
   on-match next
 ip prefix-list 10.2.2.254-large:2222:3333:4444-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 4
+route-map 10.2.2.254-out permit 3
   match ip address prefix-list 10.2.2.254-large:2222:3333:4444-ipv4-community-prefixes
   set large-community 2222:3333:4444 additive
   on-match next
 
-ip prefix-list 10.2.2.254-pl-ipv4 permit 172.16.1.10/24
 
-route-map 10.2.2.254-out permit 5
-  match ip address prefix-list 10.2.2.254-pl-ipv4
-route-map 10.2.2.254-out permit 6
-  match ipv6 address prefix-list 10.2.2.254-pl-ipv4
+ ip prefix-list 10.2.2.254-pl-ipv4 seq 1 permit 172.16.1.10/24
+
+
+
 
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
 
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
+route-map 10.2.2.254-out permit 1
+  match ip address prefix-list 10.2.2.254-pl-ipv4
+route-map 10.2.2.254-out permit 2
+  match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
 router bgp 100
   no bgp ebgp-requires-policy

internal/bgp/frr/testdata/TestSingleAdvertisement.golden

@@ -5,31 +5,37 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
-ip prefix-list 10.2.2.254-300-ipv4-localpref-prefixes permit 172.16.1.10/24
+
+ip prefix-list 10.2.2.254-300-ipv4-localpref-prefixes seq 1 permit 172.16.1.10/24
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-300-ipv4-localpref-prefixes
   set local-preference 300
   on-match next
-ip prefix-list 10.2.2.254-1111:2222-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 2
+
+ip prefix-list 10.2.2.254-1111:2222-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-1111:2222-ipv4-community-prefixes
   set community 1111:2222 additive
   on-match next
-ip prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 3
+
+ip prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes
   set community 3333:4444 additive
   on-match next
 
-ip prefix-list 10.2.2.254-pl-ipv4 permit 172.16.1.10/24
 
-route-map 10.2.2.254-out permit 4
-  match ip address prefix-list 10.2.2.254-pl-ipv4
-route-map 10.2.2.254-out permit 5
-  match ipv6 address prefix-list 10.2.2.254-pl-ipv4
+ ip prefix-list 10.2.2.254-pl-ipv4 seq 1 permit 172.16.1.10/24
 
 
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
+
+
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
+
+route-map 10.2.2.254-out permit 1
+  match ip address prefix-list 10.2.2.254-pl-ipv4
+route-map 10.2.2.254-out permit 2
+  match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
 router bgp 100
   no bgp ebgp-requires-policy

internal/bgp/frr/testdata/TestSingleAdvertisementChange.golden

@@ -6,16 +6,19 @@ ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
 
-ip prefix-list 10.2.2.254-pl-ipv4 permit 172.16.1.11/24
+
+ ip prefix-list 10.2.2.254-pl-ipv4 seq 1 permit 172.16.1.11/24
+
+
+
+
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
 
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-pl-ipv4
 route-map 10.2.2.254-out permit 2
   match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
-
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
-
 router bgp 100
   no bgp ebgp-requires-policy
   no bgp network import-check

internal/bgp/frr/testdata/TestSingleAdvertisementChangeVRF.golden

@@ -6,16 +6,19 @@ ipv6 nht resolve-via-default
 route-map 10.2.2.254-red-in deny 20
 
 
-ip prefix-list 10.2.2.254-red-pl-ipv4 permit 172.16.1.11/24
+
+ ip prefix-list 10.2.2.254-red-pl-ipv4 seq 1 permit 172.16.1.11/24
+
+
+
+
+ipv6 prefix-list 10.2.2.254-red-pl-ipv4 seq 2 deny any
 
 route-map 10.2.2.254-red-out permit 1
   match ip address prefix-list 10.2.2.254-red-pl-ipv4
 route-map 10.2.2.254-red-out permit 2
   match ipv6 address prefix-list 10.2.2.254-red-pl-ipv4
 
-
-ipv6 prefix-list 10.2.2.254-red-pl-ipv4 deny any
-
 router bgp 100 vrf red
   no bgp ebgp-requires-policy
   no bgp network import-check

internal/bgp/frr/testdata/TestSingleAdvertisementNoRouterID.golden

@@ -6,16 +6,19 @@ ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
 
-ip prefix-list 10.2.2.254-pl-ipv4 permit 172.16.1.10/24
+
+ ip prefix-list 10.2.2.254-pl-ipv4 seq 1 permit 172.16.1.10/24
+
+
+
+
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
 
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-pl-ipv4
 route-map 10.2.2.254-out permit 2
   match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
-
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
-
 router bgp 100
   no bgp ebgp-requires-policy
   no bgp network import-check

internal/bgp/frr/testdata/TestSingleAdvertisementNonExistingPeer.golden

@@ -5,15 +5,17 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
+
+
+
+ip prefix-list 10.2.2.254-pl-ipv4 seq 1 deny any
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
+
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-pl-ipv4
 route-map 10.2.2.254-out permit 2
   match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
-
-ip prefix-list 10.2.2.254-pl-ipv4 deny any
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
-
 router bgp 100
   no bgp ebgp-requires-policy
   no bgp network import-check

internal/bgp/frr/testdata/TestSingleAdvertisementStop.golden

@@ -5,15 +5,17 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
+
+
+
+ip prefix-list 10.2.2.254-pl-ipv4 seq 1 deny any
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
+
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-pl-ipv4
 route-map 10.2.2.254-out permit 2
   match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
-
-ip prefix-list 10.2.2.254-pl-ipv4 deny any
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
-
 router bgp 100
   no bgp ebgp-requires-policy
   no bgp network import-check

internal/bgp/frr/testdata/TestSingleAdvertisementVRF.golden

@@ -5,31 +5,37 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-red-in deny 20
 
-ip prefix-list 10.2.2.254-red-300-ipv4-localpref-prefixes permit 172.16.1.10/24
+
+ip prefix-list 10.2.2.254-red-300-ipv4-localpref-prefixes seq 1 permit 172.16.1.10/24
 route-map 10.2.2.254-red-out permit 1
   match ip address prefix-list 10.2.2.254-red-300-ipv4-localpref-prefixes
   set local-preference 300
   on-match next
-ip prefix-list 10.2.2.254-red-1111:2222-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-red-out permit 2
+
+ip prefix-list 10.2.2.254-red-1111:2222-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-red-out permit 1
   match ip address prefix-list 10.2.2.254-red-1111:2222-ipv4-community-prefixes
   set community 1111:2222 additive
   on-match next
-ip prefix-list 10.2.2.254-red-3333:4444-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-red-out permit 3
+
+ip prefix-list 10.2.2.254-red-3333:4444-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-red-out permit 1
   match ip address prefix-list 10.2.2.254-red-3333:4444-ipv4-community-prefixes
   set community 3333:4444 additive
   on-match next
 
-ip prefix-list 10.2.2.254-red-pl-ipv4 permit 172.16.1.10/24
 
-route-map 10.2.2.254-red-out permit 4
-  match ip address prefix-list 10.2.2.254-red-pl-ipv4
-route-map 10.2.2.254-red-out permit 5
-  match ipv6 address prefix-list 10.2.2.254-red-pl-ipv4
+ ip prefix-list 10.2.2.254-red-pl-ipv4 seq 1 permit 172.16.1.10/24
 
 
-ipv6 prefix-list 10.2.2.254-red-pl-ipv4 deny any
+
+
+ipv6 prefix-list 10.2.2.254-red-pl-ipv4 seq 2 deny any
+
+route-map 10.2.2.254-red-out permit 1
+  match ip address prefix-list 10.2.2.254-red-pl-ipv4
+route-map 10.2.2.254-red-out permit 2
+  match ipv6 address prefix-list 10.2.2.254-red-pl-ipv4
 
 router bgp 100 vrf red
   no bgp ebgp-requires-policy

internal/bgp/frr/testdata/TestSingleAdvertisementWithPeerSelector.golden

@@ -5,31 +5,37 @@ ip nht resolve-via-default
 ipv6 nht resolve-via-default
 route-map 10.2.2.254-in deny 20
 
-ip prefix-list 10.2.2.254-300-ipv4-localpref-prefixes permit 172.16.1.10/24
+
+ip prefix-list 10.2.2.254-300-ipv4-localpref-prefixes seq 1 permit 172.16.1.10/24
 route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-300-ipv4-localpref-prefixes
   set local-preference 300
   on-match next
-ip prefix-list 10.2.2.254-1111:2222-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 2
+
+ip prefix-list 10.2.2.254-1111:2222-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-1111:2222-ipv4-community-prefixes
   set community 1111:2222 additive
   on-match next
-ip prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes permit 172.16.1.10/24
-route-map 10.2.2.254-out permit 3
+
+ip prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes seq 1 permit 172.16.1.10/24
+route-map 10.2.2.254-out permit 1
   match ip address prefix-list 10.2.2.254-3333:4444-ipv4-community-prefixes
   set community 3333:4444 additive
   on-match next
 
-ip prefix-list 10.2.2.254-pl-ipv4 permit 172.16.1.10/24
 
-route-map 10.2.2.254-out permit 4
-  match ip address prefix-list 10.2.2.254-pl-ipv4
-route-map 10.2.2.254-out permit 5
-  match ipv6 address prefix-list 10.2.2.254-pl-ipv4
+ ip prefix-list 10.2.2.254-pl-ipv4 seq 1 permit 172.16.1.10/24
 
 
-ipv6 prefix-list 10.2.2.254-pl-ipv4 deny any
+
+
+ipv6 prefix-list 10.2.2.254-pl-ipv4 seq 2 deny any
+
+route-map 10.2.2.254-out permit 1
+  match ip address prefix-list 10.2.2.254-pl-ipv4
+route-map 10.2.2.254-out permit 2
+  match ipv6 address prefix-list 10.2.2.254-pl-ipv4
 
 router bgp 100
   no bgp ebgp-requires-policy