Permalink
Browse files

Initial commit on T64. (Bgp extcommunity list)

Conflicts:

	debian/changelog
  • Loading branch information...
dmbaturin committed Oct 12, 2017
1 parent 35fe121 commit 973afef2f599538ccda19a2befcf16e6730eaad2
View
@@ -17,7 +17,7 @@ vyatta-cfg-quagga (0.19.0+vyos1+helium9) unstable; urgency=low
* Bug #529: don't build packages for serial and dataplane interfaces.
* Remove reference to vyatta-unicast.
-- Daniil Baturin <daniil@baturin.org> Tue, 24 Mar 2015 22:39:00 +0100
-- Daniil Baturin <daniil@baturin.org> Tue, 24 Mar 2015 22:39:00 +0100
vyatta-cfg-quagga (0.19.0+vyos1+helium8) unstable; urgency=low
@@ -8,14 +8,15 @@
my $VTYSH = '/usr/bin/vtysh';
my $ACL_CONSUMERS_DIR = "/opt/vyatta/sbin/policy";
my ( $accesslist, $accesslist6, $aspathlist, $communitylist, $peer );
my ( $accesslist, $accesslist6, $aspathlist, $communitylist, $extcommunitylist, $peer );
my ( $routemap, $deleteroutemap, $listpolicy );
GetOptions(
"update-access-list=s" => \$accesslist,
"update-access-list6=s" => \$accesslist6,
"update-aspath-list=s" => \$aspathlist,
"update-community-list=s" => \$communitylist,
"update-extcommunity-list=s" => \$extcommunitylist,
"check-peer-syntax=s" => \$peer,
"check-routemap-action=s" => \$routemap,
"check-delete-routemap-action=s" => \$deleteroutemap,
@@ -26,6 +27,7 @@
update_access_list6($accesslist6) if ($accesslist6);
update_as_path($aspathlist) if ($aspathlist);
update_community_list($communitylist) if ($communitylist);
update_ext_community_list($extcommunitylist) if ($extcommunitylist);
check_peer_syntax($peer) if ($peer);
check_routemap_action($routemap) if ($routemap);
check_delete_routemap_action($deleteroutemap) if ($deleteroutemap);
@@ -56,6 +58,72 @@ sub is_community_list {
}
}
sub is_extcommunity_list {
my $list = shift;
my $count = `$VTYSH -c \"show ip extcommunity-list $list\" | grep -c $list`;
if ( $count > 0 ) {
return 1;
}
else {
return 0;
}
}
sub update_ext_community_list {
my $variant= shift;
my $name = shift;
my $config = new Vyatta::Config;
my @rules = ();
if($variant !~ /^standard|expanded$/ ) {
die
"set policy route extcommunity-list [ standard | expanded ] list-name rule rule-num action { deny | permit }
^^^^^^^^^^^^^^^^^^^^^^^\n";
};
my $cmdline="$VTYSH -c \"configure terminal\" ";
# remove the old rule
if ( is_extcommunity_list($name) ) {
$cmdline.= " -c \"no ip extcommunity-list $name\" ";
);
};
$config->setLevel("policy route extcommunity-list $variant $name ");
@rules = $config->listNodes();
foreach my $rule ( sort numerically @rules ) {
# set the action
my $action = $config->returnValue("$rule action");
die
"policy route extcommunity-list $variant $name rule $rule: You must specify an action\n"
unless $action;
# grab the regex
my $regex = $config->returnValue("$rule regex");
die "policy route extcommunity-list $variant $name rule $rule: You must specify a regex\n"
unless $regex;
if($variant eq 'standard') {
unless (($regex =~ /(.*):(.*)/) and (isIpAddress($1)or($1=~/^\d+$/) ) and ($2=~/^\d+$/)) {
die "for standard extcommunity-list regex should be either:
AS:VAL
This is a format to define AS based Extended Community value. AS part is 2 octets Global Administrator subfield in Extended Community value. VAL part is 4 octets Local Administrator subfield. 7675:100 represents AS 7675 policy value 100.
IP-Address:VAL
This is a format to define IP address based Extended Community value. IP-Address part is 4 octets Global Administrator subfield. VAL part is 2 octets Local Administrator subfield. 10.0.0.1:100 represents IP 10.0.0.1 policy value 100.
";
};
};
$cmdline.="-c \"ip extcommunity-list $name $action $regex\" ";
};
exit system($cmdline);
}
sub update_community_list {
my $num = shift;
my $config = new Vyatta::Config;
@@ -0,0 +1,2 @@
type: txt
help: Description for this community list
@@ -0,0 +1,8 @@
tag:
priority: 490
type: txt
help: Border Gateway Protocol (BGP) extended community-list filter
syntax:expression: pattern $VAR(@) "^[a-zA-Z0-9]+$" ; "Should be alphanumeric name"
end: /opt/vyatta/sbin/vyatta-policy.pl --update-community-list expanded $VAR(@)
@@ -0,0 +1,6 @@
tag:
type: u32
help: create a rule for this BGP extended community list
val_help: u32:1-65535; Extended community-list rule number
syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535"
@@ -0,0 +1,6 @@
type: txt
help: Action to take on routes matching this rule [REQUIRED]
val_help: permit; Permit matching routes
val_help: deny; Deny matching routes
syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny"
@@ -0,0 +1,2 @@
type: txt
help: Description for this rule
@@ -0,0 +1,5 @@
type: txt
help: Extended community regexp.
val_help: Extended community list regular expression
commit:expression: $VAR(../action/@) != ""; "You must specify an action"
@@ -0,0 +1,7 @@
tag:
priority: 480
type: txt
help: Border Gateway Protocol (BGP) extended communities attribute. Usefull for implementing network policy for MPLS VPN/BGP by restricting routes according to their Route Target or Site of Origin.
val_help: Type of extended community. standard or expanded.
syntax:expression: pattern $VAR(@) "^standard|expanded$" ; "Should be either standard or expanded"
@@ -0,0 +1,2 @@
type: txt
help: Description for this community list
@@ -0,0 +1,8 @@
tag:
priority: 485
type: txt
help: Border Gateway Protocol (BGP) extended community-list filter
syntax:expression: pattern $VAR(@) "^[a-zA-Z0-9]+$" ; "Should be alphanumeric name"
end: /opt/vyatta/sbin/vyatta-policy.pl --update-community-list standard $VAR(@)
@@ -0,0 +1,6 @@
tag:
type: u32
help: create a rule for this BGP extended community list
val_help: u32:1-65535; Extended community-list rule number
syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535"
@@ -0,0 +1,6 @@
type: txt
help: Action to take on routes matching this rule [REQUIRED]
val_help: permit; Permit matching routes
val_help: deny; Deny matching routes
syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny"
@@ -0,0 +1,2 @@
type: txt
help: Description for this rule
@@ -0,0 +1,7 @@
type: txt
help: Extended community value. Should be either AS:VAL or IP-Address:VAL
val_help: Community list regular expression
syntax:expression: pattern $VAR(@) "^([0-9]*)|([0-9]{1-3}\.[0-9]{1-3}\.[0-9]{1-3}\.[0-9]{1-3}):[0-9]*$"
commit:expression: $VAR(../action/@) != ""; "You must specify an action"
@@ -0,0 +1,15 @@
type: txt
help: BGP extended community to match
val_help: Extended community name
commit:expression: $VAR(../../action/) != ""; "You must specify an action"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy extcommunity-list $VAR(@)\" ";"extended community list $VAR(@) doesn't exist"
update: vtysh -c "configure terminal" \
-c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \
-c "match extcommunity $VAR(@)"
delete: vtysh -c "configure terminal" \
-c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \
-c "no match extcommunity $VAR(@)"
@@ -0,0 +1,14 @@
type: txt
help: Set route target value
val_help: ASN:nn_or_IP_address:nn VPN extended community
syntax:expression: pattern $VAR(@) "\d+:\d+(\.\d+\.\d+\.\d+):\d+" ; "Should be in form: ASN:nn_or_IP_address:nn where ASN is autonomous system number"
commit:expression: $VAR(../../action/) != ""; "you must specify an action"
update: vtysh -c "configure terminal" \
-c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \
-c "set extcommunity rt $VAR(@)"
delete: vtysh -c "configure terminal" \
-c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \
-c "no set extcommunity rt"
@@ -0,0 +1,14 @@
type: txt
help: Set Site of Origin value.
val_help: ASN:nn_or_IP_address:nn VPN extended community
syntax:expression: pattern $VAR(@) "\d+:\d+(\.\d+\.\d+\.\d+):\d+" ; "Should be in form: ASN:nn_or_IP_address:nn where ASN is autonomous system number"
commit:expression: $VAR(../../action/) != ""; "you must specify an action"
update: vtysh -c "configure terminal" \
-c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \
-c "set extcommunity soo $VAR(@)"
delete: vtysh -c "configure terminal" \
-c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \
-c "no set extcommunity soo"

0 comments on commit 973afef

Please sign in to comment.