maz
/
bgprtrmgr-templates
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
BGP Router Manager templates for Voneus core and aggregation infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26 Commits
1 Branch
0 Tags
91 KiB
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
bgprtrmgr-templates/includes/junos-v21-core-router/protocols.j2

174 lines
6.8 KiB
Raw Permalink Blame History

{% macro bgp_neighbor(neighbor, neighbor_data, ibgp) %}
neighbor {{ neighbor }} {
description "{% if neighbor_data['relationship'] %}{{ neighbor['relationship']|safe_string }}: {% endif %}{% if neighbor_data['service_reference'] %}{{ neighbor_data['service_reference']|safe_string }} - {% endif %}{{ neighbor_data['description']|safe_string }}";
{% if 'local-as' in neighbor_data %}local-as {{ neighbor_data['local-as'] }};{% endif %}
peer-as {{ neighbor_data['remote-as'] }};
{% if neighbor_data.get('encrypted_password',None) or neighbor_data.get('password',None) %}authentication-key "{{ neighbor_data['encrypted_password'] or neighbor_data['password'] }}";{% endif %}
{% if neighbor_data.get('update-source',None) %}local-address {{ neighbor_data['update-source'].split("/")[0] }};{% endif %}
{% if neighbor_data.get('ebgp-multihop',0) > 1 %}multihop ttl {{ neighbor_data['ebgp-multihop'] }};{% endif %}
{% if neighbor_data.get('shutdown',False) %}shutdown;{% endif %}
{%- if neighbor_data['import-policies'] %}
import [ {% for policy in neighbor_data['import-policies'] %}{{ policy }} {% endfor %}];
{%- endif %}
{%- if neighbor_data['export-policies'] %}
export [ {% for policy in neighbor_data['export-policies'] %}{{ policy }} {% endfor %}];
{%- endif %}
{%- if neighbor|ipv4 %}
family inet {
unicast;
}
{% if- ibgp %}
family inet-vpn {
unicast;
}
family inet6-vpn {
unicast;
}
family l2vpn {
signaling;
}
{%- endif %}
{%- elif neighbor|ipv6 %}
family inet6 {
unicast;
}
{%- endif %}
{%- do asns_requiring_prefixes.append(neighbor_data['remote-as']) %}
}
{% endmacro %}
{{ "protocols"|progress }} {
mpls {
ipv6-tunneling;
icmp-tunneling;
{%- for interface in device_interfaces %}
{%- set tags = interface.tags|tags_to_map %}
{%- if 'core-isis-link' in tags %}
interface {{ interface.name }};
{%- elif 'isis-loopback' in tags %}
interface {{ interface.name }};
{%- endif %}
{%- endfor %}
}
bgp {
{%- set bgp_router = device|get_bgp_router() %}
/* PEERING MANAGER BGP ROUTER: {{ bgp_router }} */
precision-timers;
mtu-discovery;
log-updown;
ttl 255;
{%- if bgp_router %}
{%- for (bgp_group, neighbors) in bgp_router|get_bgp_groups_and_neighbors() %}
{%- if bgp_group %}
group {{ bgp_group.slug }} {
description "{{ bgp_group.name|safe_string }}"
ttl 255;
{% if bgp_group.import_routing_policies %}import [ {% for policy in bgp_group.import_routing_policies %}{{ policy.slug }} {% endfor %}]{% endif %};
{% if bgp_group.export_routing_policies %}export [ {% for policy in bgp_group.export_routing_policies %}{{ policy.slug }} {% endfor %}]{% endif %};
{%- endif %}
{%- for neighbor in neighbors %}
{%- set ibgp = ( bgp_router.local_autonomous_system.asn == neighbor.autonomous_system.asn ) %}
{{ bgp_neighbor(neighbor.ip_address.split("/")[0], neighbor|peer_to_neighbor_data(bgp_router), ibgp=ibgp) }}
{%- endfor %}
{%- if bgp_group %}
}
{%- endif %}
{%- endfor %}
{%- for (conn, neighbors) in bgp_router|get_bgp_internet_exchanges_and_neighbors() %}
group {{ conn.internet_exchange_point.slug }} {
description "{{ conn.internet_exchange_point.name|safe_string }}"
{%- for neighbor in neighbors %}
{%- set ibgp = ( bgp_router.local_autonomous_system.asn == neighbor.autonomous_system.asn ) %}
{{ bgp_neighbor(neighbor.ip_address.split("/")[0], neighbor|peer_to_neighbor_data(bgp_router), ibgp=ibgp) }}
{%- endfor %}
}
{%- endfor %}
{%- else %}
/* not this ASN {{ bgp_router.local_autonomous_system.asn }} */
{%- endif %}
group AGGREGATION-IPv4 {
family inet {
unicast;
}
import AGGREGATION-import;
export AGGREGATION-export;
peer-as-list AGGREGATION;
{% for prefix in 'aggregation-linknet'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv4 %}
allow {{ prefix.prefix }}; /* prefix.description */
{% endif %}{% endfor %}
}
group AGGREGATION-IPv6 {
family inet6 {
unicast;
}
import AGGREGATION-import;
export AGGREGATION-export;
peer-as-list AGGREGATION;
{% for prefix in 'aggregation-linknet'|get_netbox_tagged_prefixes %}{% if prefix.prefix|ipv6 %}
allow {{ prefix.prefix }}; /* prefix.description */
{% endif %}{% endfor %}
}
}
isis {
reference-bandwidth 100g;
lsp-lifetime 32767;
spf-options {
delay 50;
holddown 2000;
rapid-runs 1;
}
topologies ipv6-unicast;
level 1 disable;
level 2 {
authentication-key "$9$nR/0CAuOBEcyKcyVYoGq.p0B1EyVb2UjqUjHmPT/9vM8L7Vws4jiqxNds2ojiuOBIRSLX-ws4M8oGDjq.tuORclKvLX7VEc"; {# CaizoophoozahThaGhai5aicoo1okahl #}
authentication-type md5;
wide-metrics-only;
}
{%- for interface in device_interfaces %}
{%- set tags = interface.tags|tags_to_map %}
{%- if 'core-isis-link' in tags %}
interface {{ interface.name }} {
point-to-point;
level 1 disable;
level 2 {
metric 1;
ipv6-unicast-metric 1;
}
}
{%- elif 'isis-loopback' in tags %}
interface {{ interface.name }} {
level 1 disable;
}
{%- endif %}
{%- endfor %}
}
ldp {
track-igp-metric;
keepalive-interval 10;
keepalive-timeout 90;
{%- for interface in device_interfaces %}
{%- set tags = interface.tags|tags_to_map %}
{%- if 'core-isis-link' in tags %}
interface {{ interface.name }};
{%- elif 'isis-loopback' in tags %}
interface {{ interface.name }};
{%- endif %}
{%- endfor %}
}
}