|
|
@ -208,19 +208,33 @@ protocols {
|
|
|
|
{% if as_data['address-family'].get('ipv4-unicast',None) %}
|
|
|
|
{% if as_data['address-family'].get('ipv4-unicast',None) %}
|
|
|
|
ipv4-unicast {
|
|
|
|
ipv4-unicast {
|
|
|
|
redistribute {
|
|
|
|
redistribute {
|
|
|
|
{% for redistribute in as_data['address-family']['ipv4-unicast'].get('redistribute',[]) %}
|
|
|
|
{% for redistribute, redist_data in as_data['address-family']['ipv4-unicast'].get('redistribute',{}).items() %}
|
|
|
|
{{ redistribute }} {}
|
|
|
|
{{ redistribute }} {
|
|
|
|
|
|
|
|
{% if 'route-map' in redist_data %}route-map {{ redist_data['route-map'] }}{% endif %}
|
|
|
|
|
|
|
|
}
|
|
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
{% for network, network_data in as_data['address-family']['ipv4-unicast'].get('network',{}).items() %}
|
|
|
|
|
|
|
|
network {{ network }} {
|
|
|
|
|
|
|
|
{% if 'route-map' in network_data %}route-map {{ network_data['route-map'] }}{% endif %}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% if as_data['address-family'].get('ipv6-unicast',None) %}
|
|
|
|
{% if as_data['address-family'].get('ipv6-unicast',None) %}
|
|
|
|
ipv6-unicast {
|
|
|
|
ipv6-unicast {
|
|
|
|
redistribute {
|
|
|
|
redistribute {
|
|
|
|
{% for redistribute in as_data['address-family']['ipv6-unicast'].get('redistribute',[]) %}
|
|
|
|
{% for redistribute, redist_data in as_data['address-family']['ipv6-unicast'].get('redistribute',{}).items() %}
|
|
|
|
{{ redistribute }} {}
|
|
|
|
{{ redistribute }} {
|
|
|
|
|
|
|
|
{% if 'route-map' in redist_data %}route-map {{ redist_data['route-map'] }}{% endif %}
|
|
|
|
|
|
|
|
}
|
|
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
{% for network, network_data in as_data['address-family']['ipv6-unicast'].get('network',{}).items() %}
|
|
|
|
|
|
|
|
network {{ network }} {
|
|
|
|
|
|
|
|
{% if 'route-map' in network_data %}route-map {{ network_data['route-map'] }}{% endif %}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -255,6 +269,11 @@ protocols {
|
|
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
{% if 'allowas-in' in neighbor_data['address-family']['ipv4-unicast'] %}
|
|
|
|
|
|
|
|
allowas-in {
|
|
|
|
|
|
|
|
{# neighbor_data['address-family']['ipv4-unicast']['allowas-in'] #}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
{% if 'ipv6-unicast' in neighbor_data['address-family'] %}
|
|
|
|
{% if 'ipv6-unicast' in neighbor_data['address-family'] %}
|
|
|
@ -278,6 +297,11 @@ protocols {
|
|
|
|
{% endfor %}
|
|
|
|
{% endfor %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
{% if 'allowas-in' in neighbor_data['address-family']['ipv6-unicast'] %}
|
|
|
|
|
|
|
|
allowas-in {
|
|
|
|
|
|
|
|
{# neighbor_data['address-family']['ipv6-unicast']['allowas-in'] #}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
{% endif %}
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -748,6 +772,61 @@ policy {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% include "route-map/self.j2" %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% for community_list_name, cm_data in pillar['policy']['community-list'].items() %}
|
|
|
|
|
|
|
|
community-list {{ community_list_name }} {
|
|
|
|
|
|
|
|
{% for group in cm_data %}
|
|
|
|
|
|
|
|
rule {{ loop.index }} {
|
|
|
|
|
|
|
|
regex "{{ group['community'] }}"
|
|
|
|
|
|
|
|
action permit
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% for route_map_name, af_pg in pillar['policy']['route-map'].items() %}{% for af, prefix_groups in af_pg.items() %}
|
|
|
|
|
|
|
|
route-map {{ route_map_name }}-{{ af }} {
|
|
|
|
|
|
|
|
{% for group in prefix_groups %}
|
|
|
|
|
|
|
|
rule {{ loop.index }} {
|
|
|
|
|
|
|
|
match {
|
|
|
|
|
|
|
|
{% if 'match-prefix-list' in group %}
|
|
|
|
|
|
|
|
{% if af=="IPv4" %}ip{% elif af=="IPv6" %}ipv6{% endif %} {
|
|
|
|
|
|
|
|
address {
|
|
|
|
|
|
|
|
prefix-list {{ group['match-prefix-list'] }}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
{% if 'match-community' in group %}
|
|
|
|
|
|
|
|
community {
|
|
|
|
|
|
|
|
community-list {{ group['match-community'] }}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
action permit
|
|
|
|
|
|
|
|
{% if 'on-match' in group %}
|
|
|
|
|
|
|
|
on-match {
|
|
|
|
|
|
|
|
{{ group['on-match'] }}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
{% if 'continue' in group %}
|
|
|
|
|
|
|
|
continue {% if group['continue'] == 'next' %}{{ loop.index+1 }}{% else %}{{ group['continue'] }}{% endif %}
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
set {
|
|
|
|
|
|
|
|
{% if 'set-community' in group %}community {{ group['set-community'] }}{% endif %}
|
|
|
|
|
|
|
|
{% if 'set-local-preference' in group %}local-preference {{ group['set-local-preference'] }}{% endif %}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}{% endfor %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
{% for prefix_list_name, prefix_data in salt['pillar.get']("policy:prefix-list",{}).items() %}
|
|
|
|
{% for prefix_list_name, prefix_data in salt['pillar.get']("policy:prefix-list",{}).items() %}
|
|
|
|
prefix-list {{ prefix_list_name }} {
|
|
|
|
prefix-list {{ prefix_list_name }} {
|
|
|
|
{% if 'bgpq3' in prefix_data %}
|
|
|
|
{% if 'bgpq3' in prefix_data %}
|
|
|
@ -859,6 +938,21 @@ system {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
flow-accounting {
|
|
|
|
|
|
|
|
{% for iface_name, iface_data in pillar['netbox']['interfaces'].items() %}{% if salt['pillar.get']('interfaces:'+iface_name+':netflow') %}
|
|
|
|
|
|
|
|
interface {{ iface_name }}
|
|
|
|
|
|
|
|
{% endif %}{% endfor %}
|
|
|
|
|
|
|
|
netflow {
|
|
|
|
|
|
|
|
sampling-rate {{ pillar['netflow']['sampling-rate']}}
|
|
|
|
|
|
|
|
{% for server in pillar['netflow']['servers'] %}
|
|
|
|
|
|
|
|
server {{ server.split(":")[0] }} {
|
|
|
|
|
|
|
|
port {{ server.split(":")[1] }}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
version 9
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
host-name {{ grains['fqdn'] }}
|
|
|
|
host-name {{ grains['fqdn'] }}
|
|
|
|
|
|
|
|
|
|
|
|
ip {
|
|
|
|
ip {
|
|
|
|