Page MenuHomeVyOS Platform

tsantiago.work (Trae Santiago)
User

Projects

User does not belong to any projects.

User Details

User Since
Jun 9 2021, 7:09 PM (146 w, 16 h)

Recent Activity

Jun 10 2021

tsantiago.work added a comment to T2645: Editing route-map action requires adding a new rule.

@Viacheslav This is confirmed fixed, I'm guessing it got fixed during the period between reporting it and now.

Jun 10 2021, 4:46 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jun 9 2021

tsantiago.work added a comment to T3609: BGP Peer Group Changes Slow.

Here's the complete BGP policy config, since the route-maps include prefix-lists, AS paths, and large communities:

set policy prefix-list BGP-REDISTRIBUTE rule 10 action 'deny'
set policy prefix-list BGP-REDISTRIBUTE rule 10 description 'Block WDC07 peering'
set policy prefix-list BGP-REDISTRIBUTE rule 10 prefix '192.168.63.0/28'
set policy prefix-list BGP-REDISTRIBUTE rule 20 action 'permit'
set policy prefix-list BGP-REDISTRIBUTE rule 20 description 'Allow SL WDC07'
set policy prefix-list BGP-REDISTRIBUTE rule 20 ge '23'
set policy prefix-list BGP-REDISTRIBUTE rule 20 prefix '192.168.48.0/20'
set policy prefix-list BGP-REDISTRIBUTE rule 30 action 'permit'
set policy prefix-list BGP-REDISTRIBUTE rule 30 description 'Allow SL services'
set policy prefix-list BGP-REDISTRIBUTE rule 30 prefix '10.0.0.0/8'
set policy prefix-list BGP-REDISTRIBUTE rule 40 action 'permit'
set policy prefix-list BGP-REDISTRIBUTE rule 40 description 'Allow SL services'
set policy prefix-list BGP-REDISTRIBUTE rule 40 ge '9'
set policy prefix-list BGP-REDISTRIBUTE rule 40 prefix '10.0.0.0/8'
set policy prefix-list BGP-BACKBONE-DAL13 rule 10 action 'permit'
set policy prefix-list BGP-BACKBONE-DAL13 rule 10 description 'Allow DAL13'
set policy prefix-list BGP-BACKBONE-DAL13 rule 10 ge '23'
set policy prefix-list BGP-BACKBONE-DAL13 rule 10 prefix '192.168.16.0/20'
set policy prefix-list BGP-BACKBONE-IN description 'Inbound backbone routes from other sites'
set policy prefix-list BGP-BACKBONE-IN rule 10 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 10 description 'Block default route'
set policy prefix-list BGP-BACKBONE-IN rule 10 prefix '0.0.0.0/0'
set policy prefix-list BGP-BACKBONE-IN rule 20 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 20 description 'Block WDC07 primary'
set policy prefix-list BGP-BACKBONE-IN rule 20 ge '21'
set policy prefix-list BGP-BACKBONE-IN rule 20 prefix '192.168.48.0/20'
set policy prefix-list BGP-BACKBONE-IN rule 30 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 30 description 'Block loopbacks'
set policy prefix-list BGP-BACKBONE-IN rule 30 ge '25'
set policy prefix-list BGP-BACKBONE-IN rule 30 prefix '192.168.253.0/24'
set policy prefix-list BGP-BACKBONE-IN rule 40 action 'deny'
set policy prefix-list BGP-BACKBONE-IN rule 40 description 'Block backbone peering'
set policy prefix-list BGP-BACKBONE-IN rule 40 ge '25'
set policy prefix-list BGP-BACKBONE-IN rule 40 prefix '192.168.254.0/24'
set policy prefix-list BGP-BACKBONE-IN rule 999 action 'permit'
set policy prefix-list BGP-BACKBONE-IN rule 999 description 'Allow everything else'
set policy prefix-list BGP-BACKBONE-IN rule 999 ge '1'
set policy prefix-list BGP-BACKBONE-IN rule 999 prefix '0.0.0.0/0'
set policy prefix-list BGP-BACKBONE-INT rule 10 action 'permit'
set policy prefix-list BGP-BACKBONE-INT rule 10 description 'Allow int'
set policy prefix-list BGP-BACKBONE-INT rule 10 ge '23'
set policy prefix-list BGP-BACKBONE-INT rule 10 prefix '192.168.0.0/20'
set policy prefix-list6 BGP-BACKBONE-DAL13-V6 rule 10 action 'permit'
set policy prefix-list6 BGP-BACKBONE-DAL13-V6 rule 10 description 'Allow DAL13'
set policy prefix-list6 BGP-BACKBONE-DAL13-V6 rule 10 ge '64'
set policy prefix-list6 BGP-BACKBONE-DAL13-V6 rule 10 prefix 'fd52:d62e:8011:1000::/52'
set policy prefix-list6 BGP-BACKBONE-IN-V6 description 'Inbound backbone routes from other sites'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 10 action 'deny'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 10 description 'Block default route'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 10 prefix '::/0'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 action 'deny'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 description 'Block WDC07 primary'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 ge '53'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 20 prefix 'fd52:d62e:8011:2000::/52'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 action 'deny'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 description 'Block peering and stuff'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 ge '53'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 30 prefix 'fd52:d62e:8011:f000::/52'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 action 'permit'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 description 'Allow everything else'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 ge '1'
set policy prefix-list6 BGP-BACKBONE-IN-V6 rule 999 prefix '::/0'
set policy prefix-list6 BGP-BACKBONE-INT-V6 rule 10 action 'permit'
set policy prefix-list6 BGP-BACKBONE-INT-V6 rule 10 description 'Allow int'
set policy prefix-list6 BGP-BACKBONE-INT-V6 rule 10 ge '64'
set policy prefix-list6 BGP-BACKBONE-INT-V6 rule 10 prefix 'fd52:d62e:8011::/52'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 10 action 'deny'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 10 description 'Block WDC07 peering'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 10 prefix 'fd52:d62e:8011:23e3::/64'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 20 action 'permit'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 20 description 'Allow WDC07'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 20 ge '64'
set policy prefix-list6 BGP-REDISTRIBUTE-V6 rule 20 prefix 'fd52:d62e:8011:2000::/52'
set policy route-map BGP-REDISTRIBUTE rule 10 action 'permit'
set policy route-map BGP-REDISTRIBUTE rule 10 description 'Allow WDC07 and services IPv4'
set policy route-map BGP-REDISTRIBUTE rule 10 match ip address prefix-list 'BGP-REDISTRIBUTE'
set policy route-map BGP-REDISTRIBUTE rule 10 set origin 'igp'
set policy route-map BGP-REDISTRIBUTE rule 20 action 'permit'
set policy route-map BGP-REDISTRIBUTE rule 20 description 'Allow WDC07 and services IPv6'
set policy route-map BGP-REDISTRIBUTE rule 20 match ipv6 address prefix-list 'BGP-REDISTRIBUTE-V6'
set policy route-map BGP-REDISTRIBUTE rule 20 set origin 'igp'
set policy route-map BGP-BACKBONE-IN rule 10 action 'permit'
set policy route-map BGP-BACKBONE-IN rule 10 match ip address prefix-list 'BGP-BACKBONE-IN'
set policy route-map BGP-BACKBONE-IN rule 20 action 'permit'
set policy route-map BGP-BACKBONE-IN rule 20 match ipv6 address prefix-list 'BGP-BACKBONE-IN-V6'
set policy route-map BGP-BACKBONE-IN rule 30 action 'permit'
set policy route-map BGP-BACKBONE-IN rule 30 match large-community large-community-list 'ANYCAST_ALL'
set policy route-map BGP-BACKBONE-OUT rule 10 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 10 match large-community large-community-list 'ANYCAST_WDC07'
set policy route-map BGP-BACKBONE-OUT rule 10 set metric '+100'
set policy route-map BGP-BACKBONE-OUT rule 20 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 20 match as-path 'INT'
set policy route-map BGP-BACKBONE-OUT rule 20 match ip address prefix-list 'BGP-BACKBONE-INT'
set policy route-map BGP-BACKBONE-OUT rule 20 set metric '+100'
set policy route-map BGP-BACKBONE-OUT rule 30 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 30 match as-path 'INT'
set policy route-map BGP-BACKBONE-OUT rule 30 match ipv6 address prefix-list 'BGP-BACKBONE-INT-V6'
set policy route-map BGP-BACKBONE-OUT rule 30 set metric '+100'
set policy route-map BGP-BACKBONE-OUT rule 40 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 40 match as-path 'DAL13'
set policy route-map BGP-BACKBONE-OUT rule 40 match ip address prefix-list 'BGP-BACKBONE-DAL13'
set policy route-map BGP-BACKBONE-OUT rule 40 set metric '+100'
set policy route-map BGP-BACKBONE-OUT rule 50 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 50 match as-path 'DAL13'
set policy route-map BGP-BACKBONE-OUT rule 50 match ipv6 address prefix-list 'BGP-BACKBONE-DAL13-V6'
set policy route-map BGP-BACKBONE-OUT rule 50 set metric '+100'
set policy route-map BGP-BACKBONE-OUT rule 999 action 'permit'
set policy route-map BGP-BACKBONE-OUT rule 999 call 'BGP-REDISTRIBUTE'
set policy route-map BGP-BACKBONE-OUT rule 999 description 'Allow redistributed routes'
set policy as-path-list DAL13 rule 10 action 'permit'
set policy as-path-list DAL13 rule 10 description 'Alow anything from or via DAL13'
set policy as-path-list DAL13 rule 10 regex '.*4242420668.*'
set policy as-path-list INT rule 10 action 'permit'
set policy as-path-list INT rule 10 description 'Allow anything from or via int'
set policy as-path-list INT rule 10 regex '.*4242420666.*'
set policy large-community-list ANYCAST_ALL rule 10 action 'permit'
set policy large-community-list ANYCAST_ALL rule 10 description 'Allow all anycast from anywhere'
set policy large-community-list ANYCAST_ALL rule 10 regex '4242420696:100:.*'
set policy large-community-list ANYCAST_WDC07 rule 10 action 'permit'
set policy large-community-list ANYCAST_WDC07 rule 10 description 'Allow all anycast from wdc07'
set policy large-community-list ANYCAST_WDC07 rule 10 regex '4242420696:100:3'
Jun 9 2021, 7:27 PM · VyOS 1.3 Equuleus (1.3.0)