maz
/
bgprtrmgr-templates
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

got core-to-agg working

master
Marek Isalski 3 years ago
parent
9882b515b5
commit
ccb2561dd5
3 changed files with 119 additions and 3 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +30
    -3
      README.txt
  2. +61
    -0
      includes/junos-v21-core-router/policy-options.j2
  3. +28
    -0
      includes/junos-v21-core-router/protocols.j2

+ 30
- 3
README.txt
View File

@ -1,5 +1,32 @@
# IPv6 Address Plan
2a04:1840::/29 Business Static /48-/52 (was acquired from FibreWiFi)
2a0b:8640::/29 Residential /56 (was acquired from Dyfed IT) Accept IPv6 /40-/48 from Aggregation
2a0d:a0c0::/29 Acquired from LonsdaleNET (will become like 2a0b:8640::/29 if required)
2a10:f0c0::/29 Core and Loopbacks (not announced to DFZ)
2a10:f0c0::/48 Core Linknets and Loopbacks
2a01:f0c0:0001:0001:0067::/80 Linknets from cr1.tn2 (1 from 193.162.44.1) via NNC067 to Aggregation
2a01:f0c0:0002:0002:0068::/80 Linknets from cr1.ld5 (2 from 193.162.44.2) via NNC068 to Aggregation
2a01:f0c0:0003:0003:0069::/80 Linknets from cr1.ma1 (3 from 193.162.44.3) via NNC069 to Aggregation
2a01:f0c0:0004:0004:0070::/80 Linknets from cr1.pue (4 from 193.162.44.4) via NNC070 to Aggregation
2a01:f0c0:ssss:cccc:nnnn:yyyy:zzzz:1/112 ssss = site
cccc = core router
nnnn = NNI number
yyyy = outer VLAN tag (S-tag, probably 0)
zzzz = inner VLAN tag (C-tag, Neos usual VLAN tagging)
::c001 = core
::a001 = agg
# Communities
59811:2 => routes learned from ASNs that Voneus meets at 2 (or more) locations
59811:666 => /24 = only send to Voxility 59811:666 => /24 = only send to Voxility
/32 = announce to RTBH on ixs/upstreams/UTRS /32 = announce to RTBH on ixs/upstreams/UTRS
65535:666 => COMMUNITY-AS59811-BLACKHOLE 65535:666 => COMMUNITY-AS59811-BLACKHOLE
59811:6500x => originated from site 59811:6500x => originated from site
@ -45,9 +72,9 @@ LOCAL PREFERENCES
200 => transit 200 => transit
300 => transit (up-pref) 300 => transit (up-pref)
400 => peering (de-pref)
500 => peering
600 => peering (up-pref)
400 => peering (de-pref) - default for IX route-servers
500 => peering - default for direct sessions over IX
600 => peering (up-pref) - default for PNI
700 => downstream (de-pref) 700 => downstream (de-pref)
800 => downstream 800 => downstream

+ 61
- 0
includes/junos-v21-core-router/policy-options.j2
View File

@ -426,6 +426,65 @@
then reject; then reject;
} }
policy-statement AGGREGATION-import {
term 40 {
from {
{% for prefix in 'accept-ipv4-32-from-aggregation'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv4 %}
route-filter {{ prefix.prefix }} prefix-length-range /32-/32;
{% endif %}{% endfor %}
{% for prefix in 'accept-ipv4-32-from-aggregation'|get_netbox_tagged_aggregates %}{% if prefix.prefix|ipv4 %}
route-filter {{ prefix.prefix }} prefix-length-range /32-/32;
{% endif %}{% endfor %}
}
then accept;
}
term 61 {
from {
{% for prefix in 'accept-ipv6-40-48-from-aggregation'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv6 %}
route-filter {{ prefix.prefix }} prefix-length-range /40-/48;
{% endif %}{% endfor %}
{% for prefix in 'accept-ipv6-40-48-from-aggregation'|get_netbox_tagged_aggregates %}{% if prefix.prefix|ipv6 %}
route-filter {{ prefix.prefix }} prefix-length-range /40-/48;
{% endif %}{% endfor %}
}
then accept;
}
term 62 {
from {
{% for prefix in 'accept-ipv6-48-52-from-aggregation'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv6 %}
route-filter {{ prefix.prefix }} prefix-length-range /48-/52;
{% endif %}{% endfor %}
{% for prefix in 'accept-ipv6-48-52-from-aggregation'|get_netbox_tagged_aggregates %}{% if prefix.prefix|ipv6 %}
route-filter {{ prefix.prefix }} prefix-length-range /48-/52;
{% endif %}{% endfor %}
}
then accept;
}
then reject;
}
policy-statement AGGREGATION-export {
term 4 {
from {
route-filter 0.0.0.0/0 exact;
}
then {
next-hop self;
accept;
}
}
term 6 {
from {
route-filter ::/0 exact;
}
then {
next-hop self;
accept;
}
}
then reject;
}
{% for community in ''|get_bgp_communities %} {% for community in ''|get_bgp_communities %}
community {{ community.slug }} members {% if " " in community.value %}[ {{ community.value }} ]{% else %}{{ community.value }}{% endif %};{% endfor %} community {{ community.slug }} members {% if " " in community.value %}[ {{ community.value }} ]{% else %}{{ community.value }}{% endif %};{% endfor %}
@ -438,6 +497,8 @@
as-path FAELIX-DEPREFER "41495 .*"; as-path FAELIX-DEPREFER "41495 .*";
} }
as-list AGGREGATION members[ {% for asn in 'aggregation-linknet'|get_netbox_tagged_asns %}{{ asn.asn }} {% endfor %}];
{% for asn in asns_requiring_prefixes|unique %} {% for asn in asns_requiring_prefixes|unique %}
{% set prefixes = asn|get_prefixes_for_asn %} {% set prefixes = asn|get_prefixes_for_asn %}
policy-statement AS{{ asn }}-import-IPv4 { policy-statement AS{{ asn }}-import-IPv4 {

+ 28
- 0
includes/junos-v21-core-router/protocols.j2
View File

@ -95,6 +95,34 @@
{%- else %} {%- else %}
/* not this ASN {{ bgp_router.local_autonomous_system.asn }} */ /* not this ASN {{ bgp_router.local_autonomous_system.asn }} */
{%- endif %} {%- endif %}
group AGGREGATION-IPv4 {
family inet {
unicast;
}
import AGGREGATION-import;
export AGGREGATION-export;
peer-as-list AGGREGATION;
{% for prefix in 'aggregation-linknet'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv4 %}
allow {{ prefix.prefix }}; /* prefix.description */
{% endif %}{% endfor %}
}
group AGGREGATION-IPv6 {
family inet6 {
unicast;
}
import AGGREGATION-import;
export AGGREGATION-export;
peer-as-list AGGREGATION;
{% for prefix in 'aggregation-linknet'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv6 %}
allow {{ prefix.prefix }}; /* prefix.description */
{% endif %}{% endfor %}
}
} }
isis { isis {
reference-bandwidth 100g; reference-bandwidth 100g;

Write Preview
Loading…
Cancel
Save