add community_affects route-map magic
This commit is contained in:
parent
9a619f1048
commit
45357cd561
100
vyos.conf.j2
100
vyos.conf.j2
@ -1357,7 +1357,105 @@ policy {
|
||||
}
|
||||
{% endfor %}{% endfor %}
|
||||
|
||||
|
||||
{% if 'community_affects_route_maps' in pillar and 'site_codes' in pillar and 'community_affects_prepend_asn' in pillar %}
|
||||
{% for route_map_prefix,community_suffixes in pillar.get('community_affects',{}).items() %}
|
||||
{% for community_suffix in community_suffixes %}
|
||||
{% for digit in "01239" %}
|
||||
community-list community_affects_65XX{{ digit }}_{{ community_suffix }} {
|
||||
{% for site_code in ['00'] + pillar['site_codes'] %}
|
||||
rule {{ loop.index }} {
|
||||
action 'permit'
|
||||
regex 65{{ site_code }}0:{{ community_suffix }}
|
||||
}
|
||||
{% endfor %}
|
||||
}
|
||||
{% endfor %}
|
||||
{% endfor %}
|
||||
{% for af in ['IPv4','IPv6'] %}
|
||||
{% for rm in pillar['community_affects_route_maps'] %}
|
||||
route-map {{ route_map_prefix }}-{{ rm }}-{{ af }} {
|
||||
{% for community_suffix in community_suffixes %}
|
||||
rule {{ loop.index*10 }} {
|
||||
match {
|
||||
community {
|
||||
community-list community_affects_65XX0_{{ community_suffix }}
|
||||
}
|
||||
}
|
||||
action deny
|
||||
}
|
||||
rule {{ loop.index*10 + 1 }} {
|
||||
match {
|
||||
community {
|
||||
community-list community_affects_65XX1_{{ community_suffix }}
|
||||
}
|
||||
}
|
||||
set {
|
||||
as-path-prepend "{{ pillar['community_affects_prepend_asn'] }}"
|
||||
}
|
||||
call {{ rm }}-{{ af }}
|
||||
action permit
|
||||
}
|
||||
rule {{ loop.index*10 + 2 }} {
|
||||
match {
|
||||
community {
|
||||
community-list community_affects_65XX2_{{ community_suffix }}
|
||||
}
|
||||
}
|
||||
set {
|
||||
as-path-prepend "{{ pillar['community_affects_prepend_asn'] }} {{ pillar['community_affects_prepend_asn'] }}"
|
||||
}
|
||||
call {{ rm }}-{{ af }}
|
||||
action permit
|
||||
}
|
||||
rule {{ loop.index*10 + 3 }} {
|
||||
match {
|
||||
community {
|
||||
community-list community_affects_65XX3_{{ community_suffix }}
|
||||
}
|
||||
}
|
||||
set {
|
||||
as-path-prepend "{{ pillar['community_affects_prepend_asn'] }} {{ pillar['community_affects_prepend_asn'] }} {{ pillar['community_affects_prepend_asn'] }}"
|
||||
}
|
||||
call {{ rm }}-{{ af }}
|
||||
action permit
|
||||
}
|
||||
rule {{ loop.index*10 + 9 }} {
|
||||
match {
|
||||
community {
|
||||
community-list community_affects_65XX9_{{ community_suffix }}
|
||||
}
|
||||
}
|
||||
set {
|
||||
community "additive no-export"
|
||||
}
|
||||
call {{ rm }}-{{ af }}
|
||||
action permit
|
||||
}
|
||||
{% endfor %}
|
||||
rule 65535 {
|
||||
match {
|
||||
{% if af == "IPv4" %}
|
||||
ip {
|
||||
address {
|
||||
prefix-list hphr-DFZ-IPv4
|
||||
}
|
||||
}
|
||||
{% elif af == "IPv6" %}
|
||||
ipv6 {
|
||||
address {
|
||||
prefix-list hphr-DFZ-IPv6
|
||||
}
|
||||
}
|
||||
{% endif %}
|
||||
}
|
||||
call {{ rm }}-{{ af }}
|
||||
action permit
|
||||
}
|
||||
}
|
||||
{% endfor %}
|
||||
{% endfor %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{% for prefix_list_name, prefix_data in salt['pillar.get']("policy:prefix-list",{}).items() %}
|
||||
prefix-list {{ prefix_list_name }} {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user