hphr
hphr copied to clipboard
faelix
Use SaltStack's peeringdb module to generate BGP peer information
Use the peeringdb.get_net function to retrieve:
-
namefor the name of the peer network as part of theneighbor 192.0.2.1 description -
info_prefixes4andinfo_prefixes6to auto-populate -
irr_as_setto generateauto-AS-ASSETNAMEprefix-lists and apply them to the peer
And use peeringdb.get_netixlan module with asn= and ixlan= to fetch all potential peers:
-
asnto pre-populate theremote-as -
nameof the IX as part of theneighbor 192.0.2.1 description -
ipaddr4andipaddr6for the peer router addresses
This could then auto-build the configuration for the peers, for example:
policy:
prefix-list:
auto-AS-BBC:
bgpq3:
IPv4: AS-BBC
IPv6: AS-BBC
protocols:
bgp:
41495:
neighbor:
"195.66.224.103":
remote-as: 2818
description: AS2818 (BBC) @ LINX LON1
address-family:
ipv4-unicast:
maximum-prefix: 100
prefix-list:
export: auto-AS-FAELIX
import: auto-AS-BBC
route-map:
import: LINXLON1-in-IPv4
export: TRANSIT-out-IPv4
soft-reconfiguration:
- inbound
"2001:7f8:4::b02:1":
remote-as: 2818
description: AS2818 (BBC) @ LINX LON1
address-family:
ipv6-unicast:
maximum-prefix: 100
prefix-list:
export: auto-AS-FAELIX
import: auto-AS-BBC
route-map:
import: LINXLON1-in-IPv6
export: TRANSIT-out-IPv6
soft-reconfiguration:
- inbound
Becomes:
protocols:
bgp:
41495:
neighbor:
# other non-PeeringDB neighbors
peeringdb:
default:
ipv4-unicast:
prefix-list:
export: auto-AS-FAELIX
import: hphr-DFZ-IPv4
route-map:
export: TRANSIT-out-IPv4
ipv6-unicast:
prefix-list:
export: auto-AS-FAELIX
import: hphr-DFZ-IPv6
route-map:
export: TRANSIT-out-IPv6
ix:
LINX LON1:
peeringdb_ixlan: 1927
asn:
2818: # BBC
# to override anything on a per-AF basis
address-family:
ipv4-unicast:
default-originate: True # XXX don't do in prod :)
# to override anything on a per-neighbor basis
neighbor:
"195.66.224.103":
password: letmepeer
Blocked: current versions of VyOS 1.3 do not appear to support the peeringdb module :(
salt@teleport:~/hphr/pillar$ salt dekker.d.faelix.net peeringdb.get_netixlan asn=41495 ixlan=1927
dekker.d.faelix.net:
'peeringdb.get_netixlan' is not available.
ERROR: Minions returned with non-zero exit code
This was added to VyOS in vyos-1.3-rolling-202004261005-amd64.iso and confirmed as working:
salt@teleport:~/hphr/salt$ salt coudreau.e.faelix.net peeringdb.get_netixlan asn=41495 ixlan=1927
coudreau.e.faelix.net:
----------
comment:
out:
|_
----------
asn:
41495
created:
2019-04-08T08:53:20Z
id:
48703
ipaddr4:
185.1.101.32
ipaddr6:
2001:7f8:bc::4:1495:1
is_rs_peer:
True
ix_id:
1927
ixlan_id:
1927
name:
Equinix Manchester: Equinix IX - MA Metro
net_id:
1947
notes:
operational:
True
speed:
1000
status:
ok
updated:
2020-02-19T04:08:28Z
result:
True