implement the bgp container

salt-pillar/hosts/init.sls

@@ -67,6 +67,7 @@ hosts-inet:
     priv14-gw: 172.20.72.24
     priv15-gw: 172.20.72.25
     priv16-gw: 172.20.72.26
+    bgp: 172.20.72.27
 
   pub:
     pub-gw: 172.20.76.1
@@ -108,6 +109,7 @@ hosts-inet:
   c3d2:
     c3d2-anon: 172.22.99.1
     c3d2-gw: 172.22.99.4
+    bgp: 172.22.99.250
 
 hosts-inet6:
   core:
@@ -119,6 +121,7 @@ hosts-inet6:
     pub-gw: fd23:42:c3d2:581::8:2
     c3d2-gw: fd23:42:c3d2:581::c3d2:1
     c3d2-anon: fd23:42:c3d2:581::c3d2:a
+    bgp: fd23:42:c3d2:581::c3d2:b
 
     upstream1: fd23:42:c3d2:581::b:0
     upstream2: fd23:42:c3d2:581::b:1
@@ -182,3 +185,4 @@ hosts-inet6:
   c3d2:
     c3d2-anon: fd23:42:c3d2:523::c3d2:1
     c3d2-gw: fd23:42:c3d2:523::c3d2:4
+    bgp: fd23:42:c3d2:523::c3d2:ff0b

salt-pillar/lxc-containers/server1.sls

@@ -126,3 +126,11 @@ containers:
         gw6: anon1
       c3d2:
         type: veth
+
+  bgp:
+    interfaces:
+      core:
+        type: veth
+        gw: upstream1
+      c3d2:
+        type: veth

salt-pillar/quagga/bgp.sls

@@ -0,0 +1,17 @@
+zebra:
+  # dn42 routes for ospf[6] redistribute static
+  - ip route 172.20.0.0/14 blackhole
+  - ipv6 route fd00::/8 lo blackhole
+
+ospf:
+  redistribute:
+    - static
+
+bgp:
+  asn: 4242421127
+
+  peers:
+    'fe80::a800:42ff:fe7a:3246':
+      - remote-as 64699
+      - interface c3d2
+      - description dn42.hq.c3d2.de

salt-pillar/top.sls

@@ -15,6 +15,8 @@ base:
     - quagga.ospfd.gw
   'c3d2-gw or c3d2-anon':
     - quagga.ospfd.gw
+  'bgp':
+    - quagga.bgp
   'anon1':
     - vpn.anon1
     - upstream.anon1

salt/quagga/bgpd/bgpd.conf

@@ -0,0 +1,21 @@
+log file /var/log/quagga/bgpd.log
+
+{%- set id = salt['grains.get']('id') %}
+
+router bgp {{ pillar['bgp']['asn'] }}
+  bgp router-id {{ pillar['hosts-inet']['core'][id] }}
+
+  network 172.20.72.0/21
+
+{%- for addr, lines in pillar['bgp']['peers'].items() %}
+{%-   for line in lines %}
+  neighbor {{ addr }} {{ line }}
+{%-   endfor %}
+{%- endfor %}
+
+  address-family ipv6
+  network fd23:42:c3d2:500::/56
+{%- for addr, peer in pillar['bgp']['peers'].items() %}
+  neighbor {{ addr }} activate
+  neighbor {{ addr }} soft-reconfiguration inbound
+{%- endfor %}

salt/quagga/bgpd/bgpd.service

@@ -0,0 +1,11 @@
+[Unit]
+Requires = zebra.service
+After = network.target
+
+[Service]
+ExecStartPre = /bin/mkdir -p /var/run/quagga
+ExecStartPre = /bin/chown -R quagga:quagga /var/run/quagga/
+ExecStart = /usr/sbin/bgpd
+
+[Install]
+WantedBy = default.target

salt/quagga/bgpd/init.sls

@@ -0,0 +1,28 @@
+quagga-bgpd:
+  pkg.installed: []
+
+/etc/systemd/system/bgpd.service:
+  file.managed:
+    - source: salt://quagga/bgpd/bgpd.service
+
+/etc/quagga/bgpd.conf:
+  file.managed:
+    - source: salt://quagga/bgpd/bgpd.conf
+    - template: 'jinja'
+    - require:
+      - pkg: quagga-bgpd
+
+autostart-bgpd:
+  service.enabled:
+    - name: bgpd
+      require:
+        - file: /etc/systemd/system/bgpd.service
+        - file: /etc/quagga/bgpd.conf
+
+start-bgpd:
+  service.running:
+    - name: bgpd
+      require:
+        - service: autostart-bgpd
+      watch:
+        - file: /etc/quagga/bgpd.conf

salt/quagga/zebra/zebra.conf

@@ -15,5 +15,12 @@ interface {{ iface }}
 {%-   endif %}
 {%- endfor  %}
 
+{%- set conf = pillar.get('zebra') %}
+{%- if conf %}
+{%-   for line in conf %}
+  {{ line }}
+{%-   endfor %}
+{%- endif %}
+
 ip forwarding
 ipv6 forwarding

salt/top.sls

@@ -28,6 +28,13 @@ base:
     - quagga.zebra
     - quagga.ospfd
     - quagga.ospf6d
+  'bgp':
+    - no-ssh
+    - forwarding
+    - quagga.zebra
+    - quagga.ospfd
+    - quagga.ospf6d
+    - quagga.bgpd
   'upstream*':
     - no-ssh
     - forwarding