From 132ae74c2d3d9d1ca5ce1336f6300472343d0992 Mon Sep 17 00:00:00 2001
From: Marek Isalski <maz@hexes.tenebrae.faelix.org>
Date: Sun, 27 Dec 2020 22:07:23 +0000
Subject: [PATCH] newer versions of VyOS reject config with same prefix+length

---
 vyos.conf.j2 | 15 ++-------------
 1 file changed, 2 insertions(+), 13 deletions(-)

diff --git a/vyos.conf.j2 b/vyos.conf.j2
index 55e23a8..0959334 100644
--- a/vyos.conf.j2
+++ b/vyos.conf.j2
@@ -660,11 +660,6 @@ policy {
             le 32
             action permit
         }
-        rule 65535 {
-            prefix 0.0.0.0/0
-            le 32
-            action deny
-        }
     }
 
     prefix-list hphr-DFZ-DEFAULT-IPv4 {
@@ -850,11 +845,6 @@ policy {
             le 32
             action permit
         }
-        rule 65535 {
-            prefix 0.0.0.0/0
-            le 32
-            action deny
-        }
     }
 
     prefix-list6 hphr-NO-IPv6 {
@@ -1347,9 +1337,8 @@ policy {
     {% for prefix_list_name, prefix_data in peeringdb_prefixlist_4.items() %}
     prefix-list {{ prefix_list_name }} {
         {% if prefix_data['as-set'] %}
-            {% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -A -4 -S ' + prefix_data["sources"] + ' -j ' + prefix_data["as-set"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %}
+            {% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -m 24 -R 24 -A -4 -S ' + prefix_data["sources"] + ' -j ' + prefix_data["as-set"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %}
             {#% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -A -4 -j ' + prefix_data["as-set"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %#}
-            /* {{ '/tmp/bgpq3 -A -4 -j ' + prefix_data["as-set"] }} */
             {% for prefix in jsonblob.NN %}
                 rule {{ loop.index }} {
                     action permit
@@ -1370,7 +1359,7 @@ policy {
     {% for prefix_list_name, prefix_data in salt['pillar.get']("policy:prefix-list",{}).items() %}
     prefix-list6 {{ prefix_list_name }} {
         {% if 'bgpq3' in prefix_data %}
-            {% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -A -6 -j ' + prefix_data["bgpq3"]["IPv6"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %}
+            {% set jsonblob = salt['cmd.run']('/tmp/bgpq3 -m 64 -R 64 -A -6 -j ' + prefix_data["bgpq3"]["IPv6"], env={'BIND_ADDR':pillar['loopback']['IPv4'], 'BIND_ADDR6':pillar['loopback']['IPv6'], 'LD_PRELOAD':'/tmp/bind.so'})|load_json %}
             {% for prefix in jsonblob.NN %}
             rule {{ loop.index }} {
                 action permit