forked from zentralwerk/network
implement the bgp container
This commit is contained in:
parent
99ac1559ef
commit
8d0bcc70dc
|
@ -67,6 +67,7 @@ hosts-inet:
|
||||||
priv14-gw: 172.20.72.24
|
priv14-gw: 172.20.72.24
|
||||||
priv15-gw: 172.20.72.25
|
priv15-gw: 172.20.72.25
|
||||||
priv16-gw: 172.20.72.26
|
priv16-gw: 172.20.72.26
|
||||||
|
bgp: 172.20.72.27
|
||||||
|
|
||||||
pub:
|
pub:
|
||||||
pub-gw: 172.20.76.1
|
pub-gw: 172.20.76.1
|
||||||
|
@ -108,6 +109,7 @@ hosts-inet:
|
||||||
c3d2:
|
c3d2:
|
||||||
c3d2-anon: 172.22.99.1
|
c3d2-anon: 172.22.99.1
|
||||||
c3d2-gw: 172.22.99.4
|
c3d2-gw: 172.22.99.4
|
||||||
|
bgp: 172.22.99.250
|
||||||
|
|
||||||
hosts-inet6:
|
hosts-inet6:
|
||||||
core:
|
core:
|
||||||
|
@ -119,6 +121,7 @@ hosts-inet6:
|
||||||
pub-gw: fd23:42:c3d2:581::8:2
|
pub-gw: fd23:42:c3d2:581::8:2
|
||||||
c3d2-gw: fd23:42:c3d2:581::c3d2:1
|
c3d2-gw: fd23:42:c3d2:581::c3d2:1
|
||||||
c3d2-anon: fd23:42:c3d2:581::c3d2:a
|
c3d2-anon: fd23:42:c3d2:581::c3d2:a
|
||||||
|
bgp: fd23:42:c3d2:581::c3d2:b
|
||||||
|
|
||||||
upstream1: fd23:42:c3d2:581::b:0
|
upstream1: fd23:42:c3d2:581::b:0
|
||||||
upstream2: fd23:42:c3d2:581::b:1
|
upstream2: fd23:42:c3d2:581::b:1
|
||||||
|
@ -182,3 +185,4 @@ hosts-inet6:
|
||||||
c3d2:
|
c3d2:
|
||||||
c3d2-anon: fd23:42:c3d2:523::c3d2:1
|
c3d2-anon: fd23:42:c3d2:523::c3d2:1
|
||||||
c3d2-gw: fd23:42:c3d2:523::c3d2:4
|
c3d2-gw: fd23:42:c3d2:523::c3d2:4
|
||||||
|
bgp: fd23:42:c3d2:523::c3d2:ff0b
|
||||||
|
|
|
@ -126,3 +126,11 @@ containers:
|
||||||
gw6: anon1
|
gw6: anon1
|
||||||
c3d2:
|
c3d2:
|
||||||
type: veth
|
type: veth
|
||||||
|
|
||||||
|
bgp:
|
||||||
|
interfaces:
|
||||||
|
core:
|
||||||
|
type: veth
|
||||||
|
gw: upstream1
|
||||||
|
c3d2:
|
||||||
|
type: veth
|
||||||
|
|
|
@ -0,0 +1,17 @@
|
||||||
|
zebra:
|
||||||
|
# dn42 routes for ospf[6] redistribute static
|
||||||
|
- ip route 172.20.0.0/14 blackhole
|
||||||
|
- ipv6 route fd00::/8 lo blackhole
|
||||||
|
|
||||||
|
ospf:
|
||||||
|
redistribute:
|
||||||
|
- static
|
||||||
|
|
||||||
|
bgp:
|
||||||
|
asn: 4242421127
|
||||||
|
|
||||||
|
peers:
|
||||||
|
'fe80::a800:42ff:fe7a:3246':
|
||||||
|
- remote-as 64699
|
||||||
|
- interface c3d2
|
||||||
|
- description dn42.hq.c3d2.de
|
|
@ -15,6 +15,8 @@ base:
|
||||||
- quagga.ospfd.gw
|
- quagga.ospfd.gw
|
||||||
'c3d2-gw or c3d2-anon':
|
'c3d2-gw or c3d2-anon':
|
||||||
- quagga.ospfd.gw
|
- quagga.ospfd.gw
|
||||||
|
'bgp':
|
||||||
|
- quagga.bgp
|
||||||
'anon1':
|
'anon1':
|
||||||
- vpn.anon1
|
- vpn.anon1
|
||||||
- upstream.anon1
|
- upstream.anon1
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
log file /var/log/quagga/bgpd.log
|
||||||
|
|
||||||
|
{%- set id = salt['grains.get']('id') %}
|
||||||
|
|
||||||
|
router bgp {{ pillar['bgp']['asn'] }}
|
||||||
|
bgp router-id {{ pillar['hosts-inet']['core'][id] }}
|
||||||
|
|
||||||
|
network 172.20.72.0/21
|
||||||
|
|
||||||
|
{%- for addr, lines in pillar['bgp']['peers'].items() %}
|
||||||
|
{%- for line in lines %}
|
||||||
|
neighbor {{ addr }} {{ line }}
|
||||||
|
{%- endfor %}
|
||||||
|
{%- endfor %}
|
||||||
|
|
||||||
|
address-family ipv6
|
||||||
|
network fd23:42:c3d2:500::/56
|
||||||
|
{%- for addr, peer in pillar['bgp']['peers'].items() %}
|
||||||
|
neighbor {{ addr }} activate
|
||||||
|
neighbor {{ addr }} soft-reconfiguration inbound
|
||||||
|
{%- endfor %}
|
|
@ -0,0 +1,11 @@
|
||||||
|
[Unit]
|
||||||
|
Requires = zebra.service
|
||||||
|
After = network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStartPre = /bin/mkdir -p /var/run/quagga
|
||||||
|
ExecStartPre = /bin/chown -R quagga:quagga /var/run/quagga/
|
||||||
|
ExecStart = /usr/sbin/bgpd
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy = default.target
|
|
@ -0,0 +1,28 @@
|
||||||
|
quagga-bgpd:
|
||||||
|
pkg.installed: []
|
||||||
|
|
||||||
|
/etc/systemd/system/bgpd.service:
|
||||||
|
file.managed:
|
||||||
|
- source: salt://quagga/bgpd/bgpd.service
|
||||||
|
|
||||||
|
/etc/quagga/bgpd.conf:
|
||||||
|
file.managed:
|
||||||
|
- source: salt://quagga/bgpd/bgpd.conf
|
||||||
|
- template: 'jinja'
|
||||||
|
- require:
|
||||||
|
- pkg: quagga-bgpd
|
||||||
|
|
||||||
|
autostart-bgpd:
|
||||||
|
service.enabled:
|
||||||
|
- name: bgpd
|
||||||
|
require:
|
||||||
|
- file: /etc/systemd/system/bgpd.service
|
||||||
|
- file: /etc/quagga/bgpd.conf
|
||||||
|
|
||||||
|
start-bgpd:
|
||||||
|
service.running:
|
||||||
|
- name: bgpd
|
||||||
|
require:
|
||||||
|
- service: autostart-bgpd
|
||||||
|
watch:
|
||||||
|
- file: /etc/quagga/bgpd.conf
|
|
@ -15,5 +15,12 @@ interface {{ iface }}
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
||||||
|
{%- set conf = pillar.get('zebra') %}
|
||||||
|
{%- if conf %}
|
||||||
|
{%- for line in conf %}
|
||||||
|
{{ line }}
|
||||||
|
{%- endfor %}
|
||||||
|
{%- endif %}
|
||||||
|
|
||||||
ip forwarding
|
ip forwarding
|
||||||
ipv6 forwarding
|
ipv6 forwarding
|
||||||
|
|
|
@ -28,6 +28,13 @@ base:
|
||||||
- quagga.zebra
|
- quagga.zebra
|
||||||
- quagga.ospfd
|
- quagga.ospfd
|
||||||
- quagga.ospf6d
|
- quagga.ospf6d
|
||||||
|
'bgp':
|
||||||
|
- no-ssh
|
||||||
|
- forwarding
|
||||||
|
- quagga.zebra
|
||||||
|
- quagga.ospfd
|
||||||
|
- quagga.ospf6d
|
||||||
|
- quagga.bgpd
|
||||||
'upstream*':
|
'upstream*':
|
||||||
- no-ssh
|
- no-ssh
|
||||||
- forwarding
|
- forwarding
|
||||||
|
|
Loading…
Reference in New Issue