It's not allowed to install routes with zero distance, let's disallow this
for route-maps as well.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
When a route imported from l3vpn is analysed, the nexthop from default
VRF is looked up against a valid MPLS path. Generally, this is done on
backbones with a MPLS signalisation transport layer like LDP. Generally,
the BGP connection is multiple hops away. That scenario is already
working.
There is case where it is possible to run L3VPN over GRE interfaces, and
where there is no LSP path over that GRE interface: GRE is just here to
tunnel MPLS traffic. On that case, the nexthop given in the path does not
have MPLS path, but should be authorized to convey MPLS traffic provided
that the user permits it via a configuration command.
That commit introduces a new command that can be activated in route-map:
> set l3vpn next-hop encapsulation gre
That command authorizes the nexthop tracking engine to accept paths that
o have a GRE interface as output, independently of the presence of an LSP
path or not.
A configuration example is given below. When bgp incoming vpnv4 updates
are received, the nexthop of NLRI is 192.168.0.2. Based on nexthop
tracking service from zebra, BGP knows that the output interface to reach
192.168.0.2 is r1-gre0. Because that interface is not MPLS based, but is
a GRE tunnel, then the update will be using that nexthop to be installed.
interface r1-gre0
ip address 192.168.0.1/24
exit
router bgp 65500
bgp router-id 1.1.1.1
neighbor 192.168.0.2 remote-as 65500
!
address-family ipv4 unicast
no neighbor 192.168.0.2 activate
exit-address-family
!
address-family ipv4 vpn
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 route-map rmap in
exit-address-family
exit
!
router bgp 65500 vrf vrf1
bgp router-id 1.1.1.1
no bgp network import-check
!
address-family ipv4 unicast
network 10.201.0.0/24
redistribute connected
label vpn export 101
rd vpn export 444:1
rt vpn both 52:100
export vpn
import vpn
exit-address-family
exit
!
route-map rmap permit 1
set l3vpn next-hop encapsulation gre
exit
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Update the documentation with realms and how they
interact with nexthop groups that are installed into
the kernel.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Allow the end operator to match `match peer <PEERGROUPNAME>`
in a route-map. If the end operator defines interface
based peers and peer-groups that have names that overlap
the interface based peer will match first.
Fixes: #11316
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
For IPv4 matching, we have "match ip next-hop address A.B.C.D".
For IPv6 matching, we have "match ipv6 next-hop X:X::X:X".
To have consistency, let's add "address" keyword to IPv6 commands.
Old commands are preserved as hidden for backward compatibility.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Currently we have a "route-map optimization" command which is entered
from inside the route-map entry but actually applies to the whole
route-map. In addition, this command is not shown in the running-config
and not stored to the startup-config during "write".
Let's add a new command on the config node level to control this setting
and show it in the running-config to make possible to save it during
"write".
The old command is saved for the backward compatibility but hidden and
marked as deprecated.
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
These don't need to be documented, most of the time they are obvious,
when they aren't the behavior can just be described in the command
description.
Signed-off-by: Quentin Young <qlyoung@nvidia.com>
- Generate index entries automatically
- Remove manual command index entries
- Clean up a few other manual index entries
Signed-off-by: Quentin Young <qlyoung@nvidia.com>
Many index entries used '[no] xxx' or 'no xxx', some had both
positive and 'no' forms. Clean that up mostly - index positive
form of commands only.
Signed-off-by: Mark Stapp <mjs@voltanet.io>
Updated the user documentation to reflect changes made to routemaps "set
metric" VTY shell command.
Signed-off-by: David Schweizer <dschweizer@opensourcerouting.org>
Example configuration:
route-map SET_SR_POLICY permit 10
set sr-te color 1
!
router bgp 1
bgp router-id 1.1.1.1
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source lo
address-family ipv4 unicast
neighbor 2.2.2.2 next-hop-self
neighbor 2.2.2.2 route-map SET_SR_POLICY in
exit-address-family
!
!
Learned BGP routes from 2.2.2.2 are mapped to the SR-TE Policy
which is uniquely determined by the BGP nexthop (2.2.2.2 in this
case) and the SR-TE color in the route-map.
Co-authored-by: Renato Westphal <renato@opensourcerouting.org>
Co-authored-by: GalaxyGorilla <sascha@netdef.org>
Co-authored-by: Sebastien Merle <sebastien@netdef.org>
Signed-off-by: Sebastien Merle <sebastien@netdef.org>
this command is missing, compared with 'match ipv6 next-hop' command
available. Adding it by taking into account the backward compatible
effect when supposing that some people have configured acls with name
being an ipv4 address.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The commit includes the documentation for the newly introduced
commands to enable/disable the optimization.
Signed-off-by: NaveenThanikachalam <nthanikachal@vmware.com>
this table identifier can be used for policy routing. incoming entries
are locally exported to that local table identifier.
note that so that the user applies the new table identifier to all
entries, the user should flush local tables first.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Allow bgp to store and pass through a different distance than
normal for installing into the rib.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
The documentation says "match aspath" to match an AS path in a
route-map while the directive is "match as-path".
Signed-off-by: Vincent Bernat <vincent@bernat.ch>
This will allow the end-user to clear the counters associated
with the route-map. Subsuquent `show route-map ..` commands
will display counters since the last clear.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This corrects the route map documentation to add the missing "prefix-list"
keyword, which is necessary when matching against a prefix list (as opposed to
an access list).
Additionally, change hyphens for underscores in the variables the user is
supposed to substitute in those commands, to prevent any confusion with the
"prefix-list" keyword itself, and also to make it more consistent with the
other documented commands (which are already using underscores).
Signed-off-by: Tore Anderson <tore@redpill-linpro.com>
Add the documentation for match source-instance.
I also noticed that 'match source-protocol' was missing
add that in too.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
* Run sphinxcontrib-spelling over docs
* Correct spelling errors
* Compile a dictionary for future spellchecking efforts
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
* Ubuntu 18.04 build doc was not included in its toctree
* Duplicate definition of the same CLI command removed
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Automatically translated all Texinfo files to RST using a script found
on the GCC mailing list[0]. Some formatting manually corrected.
Also created index.rst for building as well as boilerplate Sphinx
conf.py and Makefile.
[0] https://gcc.gnu.org/ml/gcc-patches/2015-11/msg01095.html
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
