Example 1 with Route6FilterList
use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.
the class CiscoConfiguration method toVendorIndependentConfiguration.
@Override
public Configuration toVendorIndependentConfiguration() {
final Configuration c = new Configuration(_hostname, _vendor);
c.getVendorFamily().setCisco(_cf);
c.setRoles(_roles);
c.setDefaultInboundAction(LineAction.ACCEPT);
c.setDefaultCrossZoneAction(LineAction.ACCEPT);
c.setDnsServers(_dnsServers);
c.setDnsSourceInterface(_dnsSourceInterface);
c.setDomainName(_domainName);
c.setNormalVlanRange(new SubRange(VLAN_NORMAL_MIN_CISCO, VLAN_NORMAL_MAX_CISCO));
c.setTacacsServers(_tacacsServers);
c.setTacacsSourceInterface(_tacacsSourceInterface);
c.setNtpSourceInterface(_ntpSourceInterface);
if (_cf.getNtp() != null) {
c.setNtpServers(new TreeSet<>(_cf.getNtp().getServers().keySet()));
}
if (_cf.getLogging() != null) {
c.setLoggingSourceInterface(_cf.getLogging().getSourceInterface());
c.setLoggingServers(new TreeSet<>(_cf.getLogging().getHosts().keySet()));
}
c.setSnmpSourceInterface(_snmpSourceInterface);
processLines();
processFailoverSettings();
// remove line login authentication lists if they don't exist
for (Line line : _cf.getLines().values()) {
String list = line.getLoginAuthentication();
boolean found = false;
Aaa aaa = _cf.getAaa();
if (aaa != null) {
AaaAuthentication authentication = aaa.getAuthentication();
if (authentication != null) {
AaaAuthenticationLogin login = authentication.getLogin();
if (login != null && login.getLists().containsKey(list)) {
found = true;
}
}
}
if (!found) {
line.setLoginAuthentication(null);
}
}
// initialize vrfs
for (String vrfName : _vrfs.keySet()) {
c.getVrfs().put(vrfName, new org.batfish.datamodel.Vrf(vrfName));
}
// snmp server
if (_snmpServer != null) {
String snmpServerVrf = _snmpServer.getVrf();
c.getVrfs().get(snmpServerVrf).setSnmpServer(_snmpServer);
}
// convert as path access lists to vendor independent format
for (IpAsPathAccessList pathList : _asPathAccessLists.values()) {
AsPathAccessList apList = toAsPathAccessList(pathList);
c.getAsPathAccessLists().put(apList.getName(), apList);
}
// convert as-path-sets to vendor independent format
for (AsPathSet asPathSet : _asPathSets.values()) {
AsPathAccessList apList = toAsPathAccessList(asPathSet);
c.getAsPathAccessLists().put(apList.getName(), apList);
}
// convert standard/expanded community lists to community lists
for (StandardCommunityList scList : _standardCommunityLists.values()) {
ExpandedCommunityList ecList = scList.toExpandedCommunityList();
CommunityList cList = toCommunityList(ecList);
c.getCommunityLists().put(cList.getName(), cList);
}
for (ExpandedCommunityList ecList : _expandedCommunityLists.values()) {
CommunityList cList = toCommunityList(ecList);
c.getCommunityLists().put(cList.getName(), cList);
}
// convert prefix lists to route filter lists
for (PrefixList prefixList : _prefixLists.values()) {
RouteFilterList newRouteFilterList = toRouteFilterList(prefixList);
c.getRouteFilterLists().put(newRouteFilterList.getName(), newRouteFilterList);
}
// convert ipv6 prefix lists to route6 filter lists
for (Prefix6List prefixList : _prefix6Lists.values()) {
Route6FilterList newRouteFilterList = toRoute6FilterList(prefixList);
c.getRoute6FilterLists().put(newRouteFilterList.getName(), newRouteFilterList);
}
// convert standard/extended access lists to access lists or route filter
// lists
List<ExtendedAccessList> allACLs = new ArrayList<>();
for (StandardAccessList saList : _standardAccessLists.values()) {
ExtendedAccessList eaList = saList.toExtendedAccessList();
allACLs.add(eaList);
}
allACLs.addAll(_extendedAccessLists.values());
for (ExtendedAccessList eaList : allACLs) {
if (usedForRouting(eaList)) {
String msg = "used for routing";
StandardAccessList parent = eaList.getParent();
if (parent != null) {
parent.getReferers().put(this, msg);
} else {
eaList.getReferers().put(this, msg);
}
RouteFilterList rfList = toRouteFilterList(eaList);
c.getRouteFilterLists().put(rfList.getName(), rfList);
}
IpAccessList ipaList = toIpAccessList(eaList);
c.getIpAccessLists().put(ipaList.getName(), ipaList);
}
// convert standard/extended ipv6 access lists to ipv6 access lists or
// route6 filter
// lists
List<ExtendedIpv6AccessList> allIpv6ACLs = new ArrayList<>();
for (StandardIpv6AccessList saList : _standardIpv6AccessLists.values()) {
ExtendedIpv6AccessList eaList = saList.toExtendedIpv6AccessList();
allIpv6ACLs.add(eaList);
}
allIpv6ACLs.addAll(_extendedIpv6AccessLists.values());
for (ExtendedIpv6AccessList eaList : allIpv6ACLs) {
if (usedForRouting(eaList)) {
String msg = "used for routing";
StandardIpv6AccessList parent = eaList.getParent();
if (parent != null) {
parent.getReferers().put(this, msg);
} else {
eaList.getReferers().put(this, msg);
}
Route6FilterList rfList = toRoute6FilterList(eaList);
c.getRoute6FilterLists().put(rfList.getName(), rfList);
}
Ip6AccessList ipaList = toIp6AccessList(eaList);
c.getIp6AccessLists().put(ipaList.getName(), ipaList);
}
// convert route maps to policy maps
Set<RouteMap> routingRouteMaps = getRoutingRouteMaps();
for (RouteMap map : _routeMaps.values()) {
convertForPurpose(routingRouteMaps, map);
// convert route maps to RoutingPolicy objects
RoutingPolicy newPolicy = toRoutingPolicy(c, map);
c.getRoutingPolicies().put(newPolicy.getName(), newPolicy);
}
// convert RoutePolicy to RoutingPolicy
for (RoutePolicy routePolicy : _routePolicies.values()) {
RoutingPolicy routingPolicy = toRoutingPolicy(c, routePolicy);
c.getRoutingPolicies().put(routingPolicy.getName(), routingPolicy);
}
// convert interfaces
_interfaces.forEach((ifaceName, iface) -> {
org.batfish.datamodel.Interface newInterface = toInterface(iface, c.getIpAccessLists(), c);
String vrfName = iface.getVrf();
if (vrfName == null) {
throw new BatfishException("Missing vrf name for iface: '" + iface.getName() + "'");
}
c.getInterfaces().put(ifaceName, newInterface);
c.getVrfs().get(vrfName).getInterfaces().put(ifaceName, newInterface);
});
// apply vrrp settings to interfaces
applyVrrp(c);
// get IKE proposals
for (Entry<String, IsakmpPolicy> e : _isakmpPolicies.entrySet()) {
c.getIkeProposals().put(e.getKey(), e.getValue().getProposal());
}
addIkePoliciesAndGateways(c);
// ipsec proposals
for (Entry<String, IpsecTransformSet> e : _ipsecTransformSets.entrySet()) {
c.getIpsecProposals().put(e.getKey(), e.getValue().getProposal());
}
// ipsec policies
for (Entry<String, IpsecProfile> e : _ipsecProfiles.entrySet()) {
String name = e.getKey();
IpsecProfile profile = e.getValue();
IpsecPolicy policy = new IpsecPolicy(name);
policy.setPfsKeyGroup(profile.getPfsGroup());
String transformSetName = profile.getTransformSet();
if (c.getIpsecProposals().containsKey(transformSetName)) {
policy.getProposals().put(transformSetName, c.getIpsecProposals().get(transformSetName));
}
c.getIpsecPolicies().put(name, policy);
}
// ipsec vpns
for (Entry<String, Interface> e : _interfaces.entrySet()) {
String name = e.getKey();
Interface iface = e.getValue();
Tunnel tunnel = iface.getTunnel();
if (tunnel != null && tunnel.getMode() == TunnelMode.IPSEC) {
IpsecVpn ipsecVpn = new IpsecVpn(name, c);
ipsecVpn.setBindInterface(c.getInterfaces().get(name));
ipsecVpn.setIpsecPolicy(c.getIpsecPolicies().get(tunnel.getIpsecProfileName()));
Ip source = tunnel.getSource();
Ip destination = tunnel.getDestination();
if (source == null || destination == null) {
_w.redFlag("Can't match IkeGateway: tunnel source or destination is not set for " + name);
} else {
for (IkeGateway ikeGateway : c.getIkeGateways().values()) {
if (source.equals(ikeGateway.getLocalIp()) && destination.equals(ikeGateway.getAddress())) {
ipsecVpn.setIkeGateway(ikeGateway);
}
}
if (ipsecVpn.getIkeGateway() == null) {
_w.redFlag("Can't find matching IkeGateway for " + name);
}
}
c.getIpsecVpns().put(ipsecVpn.getName(), ipsecVpn);
}
}
// convert routing processes
_vrfs.forEach((vrfName, vrf) -> {
org.batfish.datamodel.Vrf newVrf = c.getVrfs().get(vrfName);
// add snmp trap servers to main list
if (newVrf.getSnmpServer() != null) {
c.getSnmpTrapServers().addAll(newVrf.getSnmpServer().getHosts().keySet());
}
// convert static routes
for (StaticRoute staticRoute : vrf.getStaticRoutes()) {
newVrf.getStaticRoutes().add(toStaticRoute(c, staticRoute));
}
// convert rip process
RipProcess ripProcess = vrf.getRipProcess();
if (ripProcess != null) {
org.batfish.datamodel.RipProcess newRipProcess = toRipProcess(ripProcess, vrfName, c, this);
newVrf.setRipProcess(newRipProcess);
}
// convert ospf process
OspfProcess ospfProcess = vrf.getOspfProcess();
if (ospfProcess != null) {
org.batfish.datamodel.OspfProcess newOspfProcess = toOspfProcess(ospfProcess, vrfName, c, this);
newVrf.setOspfProcess(newOspfProcess);
}
// convert isis process
IsisProcess isisProcess = vrf.getIsisProcess();
if (isisProcess != null) {
org.batfish.datamodel.IsisProcess newIsisProcess = toIsisProcess(isisProcess, c, this);
newVrf.setIsisProcess(newIsisProcess);
}
// convert bgp process
BgpProcess bgpProcess = vrf.getBgpProcess();
if (bgpProcess != null) {
org.batfish.datamodel.BgpProcess newBgpProcess = toBgpProcess(c, bgpProcess, vrfName);
c.getVrfs().get(vrfName).setBgpProcess(newBgpProcess);
}
});
// warn about references to undefined peer groups
for (Entry<String, Integer> e : _undefinedPeerGroups.entrySet()) {
String name = e.getKey();
int line = e.getValue();
undefined(CiscoStructureType.BGP_PEER_GROUP, name, CiscoStructureUsage.BGP_NEIGHBOR_STATEMENT, line);
}
// mark references to IPv4/6 ACLs that may not appear in data model
markAcls(CiscoStructureUsage.CLASS_MAP_ACCESS_GROUP);
markIpv4Acls(CiscoStructureUsage.CONTROL_PLANE_ACCESS_GROUP);
markAcls(CiscoStructureUsage.COPS_LISTENER_ACCESS_LIST);
markAcls(CiscoStructureUsage.CRYPTO_MAP_IPSEC_ISAKMP_ACL);
markAcls(CiscoStructureUsage.INTERFACE_IGMP_ACCESS_GROUP_ACL);
markIpv4Acls(CiscoStructureUsage.INTERFACE_IGMP_STATIC_GROUP_ACL);
markAcls(CiscoStructureUsage.INTERFACE_IP_INBAND_ACCESS_GROUP);
markIpv4Acls(CiscoStructureUsage.INTERFACE_IP_VERIFY_ACCESS_LIST);
markIpv4Acls(CiscoStructureUsage.INTERFACE_PIM_NEIGHBOR_FILTER);
markIpv4Acls(CiscoStructureUsage.IP_NAT_DESTINATION_ACCESS_LIST);
markIpv4Acls(CiscoStructureUsage.IP_NAT_SOURCE_ACCESS_LIST);
markAcls(CiscoStructureUsage.LINE_ACCESS_CLASS_LIST);
markIpv6Acls(CiscoStructureUsage.LINE_ACCESS_CLASS_LIST6);
markIpv4Acls(CiscoStructureUsage.MANAGEMENT_TELNET_ACCESS_GROUP);
markIpv4Acls(CiscoStructureUsage.MSDP_PEER_SA_LIST);
markIpv4Acls(CiscoStructureUsage.NTP_ACCESS_GROUP);
markIpv4Acls(CiscoStructureUsage.PIM_ACCEPT_REGISTER_ACL);
markIpv4Acls(CiscoStructureUsage.PIM_ACCEPT_RP_ACL);
markIpv4Acls(CiscoStructureUsage.PIM_RP_ADDRESS_ACL);
markIpv4Acls(CiscoStructureUsage.PIM_RP_ANNOUNCE_FILTER);
markIpv4Acls(CiscoStructureUsage.PIM_RP_CANDIDATE_ACL);
markIpv4Acls(CiscoStructureUsage.PIM_SEND_RP_ANNOUNCE_ACL);
markIpv4Acls(CiscoStructureUsage.PIM_SPT_THRESHOLD_ACL);
markAcls(CiscoStructureUsage.RIP_DISTRIBUTE_LIST);
markAcls(CiscoStructureUsage.ROUTER_ISIS_DISTRIBUTE_LIST_ACL);
markAcls(CiscoStructureUsage.SNMP_SERVER_FILE_TRANSFER_ACL);
markAcls(CiscoStructureUsage.SNMP_SERVER_TFTP_SERVER_LIST);
markAcls(CiscoStructureUsage.SNMP_SERVER_COMMUNITY_ACL);
markIpv4Acls(CiscoStructureUsage.SNMP_SERVER_COMMUNITY_ACL4);
markIpv6Acls(CiscoStructureUsage.SNMP_SERVER_COMMUNITY_ACL6);
markAcls(CiscoStructureUsage.SSH_ACL);
markIpv4Acls(CiscoStructureUsage.SSH_IPV4_ACL);
markIpv6Acls(CiscoStructureUsage.SSH_IPV6_ACL);
markAcls(CiscoStructureUsage.WCCP_GROUP_LIST);
markAcls(CiscoStructureUsage.WCCP_REDIRECT_LIST);
markAcls(CiscoStructureUsage.WCCP_SERVICE_LIST);
// mark references to mac-ACLs that may not appear in data model
// TODO: fill in
// mark references to route-maps that may not appear in data model
markRouteMaps(CiscoStructureUsage.BGP_REDISTRIBUTE_OSPFV3_MAP);
markRouteMaps(CiscoStructureUsage.BGP_ROUTE_MAP_OTHER);
markRouteMaps(CiscoStructureUsage.BGP_VRF_AGGREGATE_ROUTE_MAP);
markRouteMaps(CiscoStructureUsage.PIM_ACCEPT_REGISTER_ROUTE_MAP);
// Cable
markDepiClasses(CiscoStructureUsage.DEPI_TUNNEL_DEPI_CLASS);
markDepiTunnels(CiscoStructureUsage.CONTROLLER_DEPI_TUNNEL);
markDepiTunnels(CiscoStructureUsage.DEPI_TUNNEL_PROTECT_TUNNEL);
markDocsisPolicies(CiscoStructureUsage.DOCSIS_GROUP_DOCSIS_POLICY);
markDocsisPolicyRules(CiscoStructureUsage.DOCSIS_POLICY_DOCSIS_POLICY_RULE);
markServiceClasses(CiscoStructureUsage.QOS_ENFORCE_RULE_SERVICE_CLASS);
// L2tp
markL2tpClasses(CiscoStructureUsage.DEPI_TUNNEL_L2TP_CLASS);
// Vpn
markIpsecProfiles(CiscoStructureUsage.TUNNEL_PROTECTION_IPSEC_PROFILE);
markIpsecTransformSets(CiscoStructureUsage.IPSEC_PROFILE_TRANSFORM_SET);
markKeyrings(CiscoStructureUsage.ISAKMP_PROFILE_KEYRING);
// warn about unreferenced data structures
warnUnusedStructure(_asPathSets, CiscoStructureType.AS_PATH_SET);
warnUnusedCommunityLists();
warnUnusedStructure(_cf.getDepiClasses(), CiscoStructureType.DEPI_CLASS);
warnUnusedStructure(_cf.getDepiTunnels(), CiscoStructureType.DEPI_TUNNEL);
warnUnusedDocsisPolicies();
warnUnusedDocsisPolicyRules();
warnUnusedStructure(_asPathAccessLists, CiscoStructureType.AS_PATH_ACCESS_LIST);
warnUnusedIpAccessLists();
warnUnusedStructure(_ipsecProfiles, CiscoStructureType.IPSEC_PROFILE);
warnUnusedStructure(_ipsecTransformSets, CiscoStructureType.IPSEC_TRANSFORM_SET);
warnUnusedIpv6AccessLists();
warnUnusedKeyrings();
warnUnusedStructure(_cf.getL2tpClasses(), CiscoStructureType.L2TP_CLASS);
warnUnusedStructure(_macAccessLists, CiscoStructureType.MAC_ACCESS_LIST);
warnUnusedStructure(_natPools, CiscoStructureType.NAT_POOL);
warnUnusedStructure(_prefixLists, CiscoStructureType.PREFIX_LIST);
warnUnusedStructure(_prefix6Lists, CiscoStructureType.PREFIX6_LIST);
warnUnusedPeerGroups();
warnUnusedPeerSessions();
warnUnusedStructure(_routeMaps, CiscoStructureType.ROUTE_MAP);
warnUnusedServiceClasses();
c.simplifyRoutingPolicies();
c.computeRoutingPolicySources(_w);
return c;
}
Also used :
IpsecVpn(org.batfish.datamodel.IpsecVpn)
AaaAuthentication(org.batfish.datamodel.vendor_family.cisco.AaaAuthentication)
VendorConfiguration(org.batfish.vendor.VendorConfiguration)
Configuration(org.batfish.datamodel.Configuration)
ArrayList(java.util.ArrayList)
Aaa(org.batfish.datamodel.vendor_family.cisco.Aaa)
BatfishException(org.batfish.common.BatfishException)
AsPathAccessList(org.batfish.datamodel.AsPathAccessList)
CommunityList(org.batfish.datamodel.CommunityList)
CommunityListLine(org.batfish.datamodel.CommunityListLine)
Ip6AccessListLine(org.batfish.datamodel.Ip6AccessListLine)
Route6FilterLine(org.batfish.datamodel.Route6FilterLine)
Line(org.batfish.datamodel.vendor_family.cisco.Line)
RouteFilterLine(org.batfish.datamodel.RouteFilterLine)
AsPathAccessListLine(org.batfish.datamodel.AsPathAccessListLine)
IpAccessListLine(org.batfish.datamodel.IpAccessListLine)
IpsecPolicy(org.batfish.datamodel.IpsecPolicy)
IkeGateway(org.batfish.datamodel.IkeGateway)
IpAccessList(org.batfish.datamodel.IpAccessList)
Ip(org.batfish.datamodel.Ip)
SubRange(org.batfish.datamodel.SubRange)
Ip6AccessList(org.batfish.datamodel.Ip6AccessList)
RoutingPolicy(org.batfish.datamodel.routing_policy.RoutingPolicy)
Route6FilterList(org.batfish.datamodel.Route6FilterList)
BigInteger(java.math.BigInteger)
RouteFilterList(org.batfish.datamodel.RouteFilterList)
AaaAuthenticationLogin(org.batfish.datamodel.vendor_family.cisco.AaaAuthenticationLogin)
Example 2 with Route6FilterList
use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.
the class CiscoConfiguration method toRoute6FilterList.
private Route6FilterList toRoute6FilterList(ExtendedIpv6AccessList eaList) {
String name = eaList.getName();
Route6FilterList newList = new Route6FilterList(name);
List<Route6FilterLine> lines = new ArrayList<>();
for (ExtendedIpv6AccessListLine fromLine : eaList.getLines()) {
Route6FilterLine newLine = toRoute6FilterLine(fromLine);
lines.add(newLine);
}
newList.getLines().addAll(lines);
return newList;
}
Also used :
Route6FilterLine(org.batfish.datamodel.Route6FilterLine)
ArrayList(java.util.ArrayList)
Route6FilterList(org.batfish.datamodel.Route6FilterList)
Example 3 with Route6FilterList
use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.
the class CiscoConfiguration method toRoute6FilterList.
private Route6FilterList toRoute6FilterList(Prefix6List list) {
Route6FilterList newRouteFilterList = new Route6FilterList(list.getName());
for (Prefix6ListLine prefixListLine : list.getLines()) {
Route6FilterLine newRouteFilterListLine = new Route6FilterLine(prefixListLine.getAction(), prefixListLine.getPrefix(), prefixListLine.getLengthRange());
newRouteFilterList.addLine(newRouteFilterListLine);
}
return newRouteFilterList;
}
Also used :
Route6FilterLine(org.batfish.datamodel.Route6FilterLine)
Route6FilterList(org.batfish.datamodel.Route6FilterList)
Example 4 with Route6FilterList
use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.
the class PsFromRouteFilter method toBooleanExpr.
@Override
public BooleanExpr toBooleanExpr(JuniperConfiguration jc, Configuration c, Warnings warnings) {
RouteFilterList rfl = c.getRouteFilterLists().get(_routeFilterName);
Route6FilterList rfl6 = c.getRoute6FilterLists().get(_routeFilterName);
BooleanExpr match4 = null;
BooleanExpr match6 = null;
if (rfl != null) {
match4 = new MatchPrefixSet(new DestinationNetwork(), new NamedPrefixSet(_routeFilterName));
}
if (rfl6 != null) {
match6 = new MatchPrefix6Set(new DestinationNetwork6(), new NamedPrefix6Set(_routeFilterName));
}
if (match4 != null && match6 == null) {
return match4;
} else if (rfl == null && rfl6 != null) {
return match6;
} else if (rfl != null && rfl6 != null) {
Disjunction d = new Disjunction();
d.getDisjuncts().add(match4);
d.getDisjuncts().add(match6);
return d;
} else {
throw new VendorConversionException("missing route filter list: \"" + _routeFilterName + "\"");
}
}
Also used :
MatchPrefix6Set(org.batfish.datamodel.routing_policy.expr.MatchPrefix6Set)
VendorConversionException(org.batfish.common.VendorConversionException)
Disjunction(org.batfish.datamodel.routing_policy.expr.Disjunction)
DestinationNetwork(org.batfish.datamodel.routing_policy.expr.DestinationNetwork)
RouteFilterList(org.batfish.datamodel.RouteFilterList)
NamedPrefixSet(org.batfish.datamodel.routing_policy.expr.NamedPrefixSet)
MatchPrefixSet(org.batfish.datamodel.routing_policy.expr.MatchPrefixSet)
Route6FilterList(org.batfish.datamodel.Route6FilterList)
NamedPrefix6Set(org.batfish.datamodel.routing_policy.expr.NamedPrefix6Set)
BooleanExpr(org.batfish.datamodel.routing_policy.expr.BooleanExpr)
DestinationNetwork6(org.batfish.datamodel.routing_policy.expr.DestinationNetwork6)
Example 5 with Route6FilterList
use of org.batfish.datamodel.Route6FilterList in project batfish by batfish.
the class CiscoConfiguration method toBgpProcess.
private org.batfish.datamodel.BgpProcess toBgpProcess(final Configuration c, BgpProcess proc, String vrfName) {
org.batfish.datamodel.BgpProcess newBgpProcess = new org.batfish.datamodel.BgpProcess();
org.batfish.datamodel.Vrf v = c.getVrfs().get(vrfName);
BgpTieBreaker tieBreaker = proc.getTieBreaker();
if (tieBreaker != null) {
newBgpProcess.setTieBreaker(tieBreaker);
}
MultipathEquivalentAsPathMatchMode multipathEquivalentAsPathMatchMode = proc.getAsPathMultipathRelax() ? MultipathEquivalentAsPathMatchMode.PATH_LENGTH : MultipathEquivalentAsPathMatchMode.EXACT_PATH;
newBgpProcess.setMultipathEquivalentAsPathMatchMode(multipathEquivalentAsPathMatchMode);
Integer maximumPaths = proc.getMaximumPaths();
Integer maximumPathsEbgp = proc.getMaximumPathsEbgp();
Integer maximumPathsIbgp = proc.getMaximumPathsIbgp();
boolean multipathEbgp = false;
boolean multipathIbgp = false;
if (maximumPaths != null && maximumPaths > 1) {
multipathEbgp = true;
multipathIbgp = true;
}
if (maximumPathsEbgp != null && maximumPathsEbgp > 1) {
multipathEbgp = true;
}
if (maximumPathsIbgp != null && maximumPathsIbgp > 1) {
multipathIbgp = true;
}
newBgpProcess.setMultipathEbgp(multipathEbgp);
newBgpProcess.setMultipathIbgp(multipathIbgp);
Map<Prefix, BgpNeighbor> newBgpNeighbors = newBgpProcess.getNeighbors();
int defaultMetric = proc.getDefaultMetric();
Ip bgpRouterId = getBgpRouterId(c, vrfName, proc);
MatchPrefixSet matchDefaultRoute = new MatchPrefixSet(new DestinationNetwork(), new ExplicitPrefixSet(new PrefixSpace(Collections.singleton(new PrefixRange(Prefix.ZERO, new SubRange(0, 0))))));
matchDefaultRoute.setComment("match default route");
MatchPrefix6Set matchDefaultRoute6 = new MatchPrefix6Set(new DestinationNetwork6(), new ExplicitPrefix6Set(new Prefix6Space(Collections.singleton(new Prefix6Range(Prefix6.ZERO, new SubRange(0, 0))))));
matchDefaultRoute.setComment("match default route");
newBgpProcess.setRouterId(bgpRouterId);
Set<BgpAggregateIpv4Network> summaryOnlyNetworks = new HashSet<>();
Set<BgpAggregateIpv6Network> summaryOnlyIpv6Networks = new HashSet<>();
List<BooleanExpr> attributeMapPrefilters = new ArrayList<>();
// add generated routes for aggregate ipv4 addresses
for (Entry<Prefix, BgpAggregateIpv4Network> e : proc.getAggregateNetworks().entrySet()) {
Prefix prefix = e.getKey();
BgpAggregateIpv4Network aggNet = e.getValue();
boolean summaryOnly = aggNet.getSummaryOnly();
int prefixLength = prefix.getPrefixLength();
SubRange prefixRange = new SubRange(prefixLength + 1, Prefix.MAX_PREFIX_LENGTH);
if (summaryOnly) {
summaryOnlyNetworks.add(aggNet);
}
// create generation policy for aggregate network
String generationPolicyName = "~AGGREGATE_ROUTE_GEN:" + vrfName + ":" + prefix + "~";
RoutingPolicy currentGeneratedRoutePolicy = new RoutingPolicy(generationPolicyName, c);
If currentGeneratedRouteConditional = new If();
currentGeneratedRoutePolicy.getStatements().add(currentGeneratedRouteConditional);
currentGeneratedRouteConditional.setGuard(new MatchPrefixSet(new DestinationNetwork(), new ExplicitPrefixSet(new PrefixSpace(Collections.singleton(new PrefixRange(prefix, prefixRange))))));
currentGeneratedRouteConditional.getTrueStatements().add(Statements.ReturnTrue.toStaticStatement());
c.getRoutingPolicies().put(generationPolicyName, currentGeneratedRoutePolicy);
GeneratedRoute.Builder gr = new GeneratedRoute.Builder();
gr.setNetwork(prefix);
gr.setAdmin(CISCO_AGGREGATE_ROUTE_ADMIN_COST);
gr.setGenerationPolicy(generationPolicyName);
gr.setDiscard(true);
// set attribute map for aggregate network
String attributeMapName = aggNet.getAttributeMap();
Conjunction applyCurrentAggregateAttributesConditions = new Conjunction();
applyCurrentAggregateAttributesConditions.getConjuncts().add(new MatchPrefixSet(new DestinationNetwork(), new ExplicitPrefixSet(new PrefixSpace(Collections.singleton(PrefixRange.fromPrefix(prefix))))));
applyCurrentAggregateAttributesConditions.getConjuncts().add(new MatchProtocol(RoutingProtocol.AGGREGATE));
BooleanExpr weInterior = BooleanExprs.True.toStaticBooleanExpr();
if (attributeMapName != null) {
int attributeMapLine = aggNet.getAttributeMapLine();
RouteMap attributeMap = _routeMaps.get(attributeMapName);
if (attributeMap != null) {
// need to apply attribute changes if this specific route is
// matched
weInterior = new CallExpr(attributeMapName);
attributeMap.getReferers().put(aggNet, "attribute-map of aggregate route: " + prefix);
gr.setAttributePolicy(attributeMapName);
} else {
undefined(CiscoStructureType.ROUTE_MAP, attributeMapName, CiscoStructureUsage.BGP_AGGREGATE_ATTRIBUTE_MAP, attributeMapLine);
}
}
v.getGeneratedRoutes().add(gr.build());
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(weInterior, OriginType.IGP);
applyCurrentAggregateAttributesConditions.getConjuncts().add(we);
attributeMapPrefilters.add(applyCurrentAggregateAttributesConditions);
}
// TODO: merge with above to make cleaner
for (Entry<Prefix6, BgpAggregateIpv6Network> e : proc.getAggregateIpv6Networks().entrySet()) {
Prefix6 prefix6 = e.getKey();
BgpAggregateIpv6Network aggNet = e.getValue();
boolean summaryOnly = aggNet.getSummaryOnly();
int prefixLength = prefix6.getPrefixLength();
SubRange prefixRange = new SubRange(prefixLength + 1, Prefix.MAX_PREFIX_LENGTH);
if (summaryOnly) {
summaryOnlyIpv6Networks.add(aggNet);
}
// create generation policy for aggregate network
String generationPolicyName = "~AGGREGATE_ROUTE6_GEN:" + vrfName + ":" + prefix6 + "~";
RoutingPolicy currentGeneratedRoutePolicy = new RoutingPolicy(generationPolicyName, c);
If currentGeneratedRouteConditional = new If();
currentGeneratedRoutePolicy.getStatements().add(currentGeneratedRouteConditional);
currentGeneratedRouteConditional.setGuard(new MatchPrefix6Set(new DestinationNetwork6(), new ExplicitPrefix6Set(new Prefix6Space(Collections.singleton(new Prefix6Range(prefix6, prefixRange))))));
currentGeneratedRouteConditional.getTrueStatements().add(Statements.ReturnTrue.toStaticStatement());
c.getRoutingPolicies().put(generationPolicyName, currentGeneratedRoutePolicy);
GeneratedRoute6 gr = new GeneratedRoute6(prefix6, CISCO_AGGREGATE_ROUTE_ADMIN_COST);
gr.setGenerationPolicy(generationPolicyName);
gr.setDiscard(true);
v.getGeneratedIpv6Routes().add(gr);
// set attribute map for aggregate network
String attributeMapName = aggNet.getAttributeMap();
if (attributeMapName != null) {
int attributeMapLine = aggNet.getAttributeMapLine();
RouteMap attributeMap = _routeMaps.get(attributeMapName);
if (attributeMap != null) {
attributeMap.getReferers().put(aggNet, "attribute-map of aggregate ipv6 route: " + prefix6);
gr.setAttributePolicy(attributeMapName);
} else {
undefined(CiscoStructureType.ROUTE_MAP, attributeMapName, CiscoStructureUsage.BGP_AGGREGATE_ATTRIBUTE_MAP, attributeMapLine);
}
}
}
/*
* Create common bgp export policy. This policy encompasses network
* statements, aggregate-address with/without summary-only, redistribution
* from other protocols, and default-origination
*/
String bgpCommonExportPolicyName = "~BGP_COMMON_EXPORT_POLICY:" + vrfName + "~";
RoutingPolicy bgpCommonExportPolicy = new RoutingPolicy(bgpCommonExportPolicyName, c);
c.getRoutingPolicies().put(bgpCommonExportPolicyName, bgpCommonExportPolicy);
List<Statement> bgpCommonExportStatements = bgpCommonExportPolicy.getStatements();
// create policy for denying suppressed summary-only networks
if (summaryOnlyNetworks.size() > 0) {
If suppressSummaryOnly = new If();
bgpCommonExportStatements.add(suppressSummaryOnly);
suppressSummaryOnly.setComment("Suppress summarized of summary-only aggregate-address networks");
String matchSuppressedSummaryOnlyRoutesName = "~MATCH_SUPPRESSED_SUMMARY_ONLY:" + vrfName + "~";
RouteFilterList matchSuppressedSummaryOnlyRoutes = new RouteFilterList(matchSuppressedSummaryOnlyRoutesName);
c.getRouteFilterLists().put(matchSuppressedSummaryOnlyRoutesName, matchSuppressedSummaryOnlyRoutes);
for (BgpAggregateIpv4Network summaryOnlyNetwork : summaryOnlyNetworks) {
Prefix prefix = summaryOnlyNetwork.getPrefix();
int prefixLength = prefix.getPrefixLength();
RouteFilterLine line = new RouteFilterLine(LineAction.ACCEPT, prefix, new SubRange(prefixLength + 1, Prefix.MAX_PREFIX_LENGTH));
matchSuppressedSummaryOnlyRoutes.addLine(line);
}
suppressSummaryOnly.setGuard(new MatchPrefixSet(new DestinationNetwork(), new NamedPrefixSet(matchSuppressedSummaryOnlyRoutesName)));
suppressSummaryOnly.getTrueStatements().add(Statements.ReturnFalse.toStaticStatement());
}
If preFilter = new If();
bgpCommonExportStatements.add(preFilter);
bgpCommonExportStatements.add(Statements.ReturnFalse.toStaticStatement());
Disjunction preFilterConditions = new Disjunction();
preFilter.setGuard(preFilterConditions);
preFilter.getTrueStatements().add(Statements.ReturnTrue.toStaticStatement());
preFilterConditions.getDisjuncts().addAll(attributeMapPrefilters);
// create redistribution origination policies
// redistribute rip
BgpRedistributionPolicy redistributeRipPolicy = proc.getRedistributionPolicies().get(RoutingProtocol.RIP);
if (redistributeRipPolicy != null) {
BooleanExpr weInterior = BooleanExprs.True.toStaticBooleanExpr();
Conjunction exportRipConditions = new Conjunction();
exportRipConditions.setComment("Redistribute RIP routes into BGP");
exportRipConditions.getConjuncts().add(new MatchProtocol(RoutingProtocol.RIP));
String mapName = redistributeRipPolicy.getRouteMap();
if (mapName != null) {
int mapLine = redistributeRipPolicy.getRouteMapLine();
RouteMap redistributeRipRouteMap = _routeMaps.get(mapName);
if (redistributeRipRouteMap != null) {
redistributeRipRouteMap.getReferers().put(proc, "RIP redistribution route-map");
weInterior = new CallExpr(mapName);
} else {
undefined(CiscoStructureType.ROUTE_MAP, mapName, CiscoStructureUsage.BGP_REDISTRIBUTE_RIP_MAP, mapLine);
}
}
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(weInterior, OriginType.INCOMPLETE);
exportRipConditions.getConjuncts().add(we);
preFilterConditions.getDisjuncts().add(exportRipConditions);
}
// redistribute static
BgpRedistributionPolicy redistributeStaticPolicy = proc.getRedistributionPolicies().get(RoutingProtocol.STATIC);
if (redistributeStaticPolicy != null) {
BooleanExpr weInterior = BooleanExprs.True.toStaticBooleanExpr();
Conjunction exportStaticConditions = new Conjunction();
exportStaticConditions.setComment("Redistribute static routes into BGP");
exportStaticConditions.getConjuncts().add(new MatchProtocol(RoutingProtocol.STATIC));
String mapName = redistributeStaticPolicy.getRouteMap();
if (mapName != null) {
int mapLine = redistributeStaticPolicy.getRouteMapLine();
RouteMap redistributeStaticRouteMap = _routeMaps.get(mapName);
if (redistributeStaticRouteMap != null) {
redistributeStaticRouteMap.getReferers().put(proc, "static redistribution route-map");
weInterior = new CallExpr(mapName);
} else {
undefined(CiscoStructureType.ROUTE_MAP, mapName, CiscoStructureUsage.BGP_REDISTRIBUTE_STATIC_MAP, mapLine);
}
}
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(weInterior, OriginType.INCOMPLETE);
exportStaticConditions.getConjuncts().add(we);
preFilterConditions.getDisjuncts().add(exportStaticConditions);
}
// redistribute connected
BgpRedistributionPolicy redistributeConnectedPolicy = proc.getRedistributionPolicies().get(RoutingProtocol.CONNECTED);
if (redistributeConnectedPolicy != null) {
BooleanExpr weInterior = BooleanExprs.True.toStaticBooleanExpr();
Conjunction exportConnectedConditions = new Conjunction();
exportConnectedConditions.setComment("Redistribute connected routes into BGP");
exportConnectedConditions.getConjuncts().add(new MatchProtocol(RoutingProtocol.CONNECTED));
String mapName = redistributeConnectedPolicy.getRouteMap();
if (mapName != null) {
int mapLine = redistributeConnectedPolicy.getRouteMapLine();
RouteMap redistributeConnectedRouteMap = _routeMaps.get(mapName);
if (redistributeConnectedRouteMap != null) {
redistributeConnectedRouteMap.getReferers().put(proc, "connected redistribution route-map");
weInterior = new CallExpr(mapName);
} else {
undefined(CiscoStructureType.ROUTE_MAP, mapName, CiscoStructureUsage.BGP_REDISTRIBUTE_CONNECTED_MAP, mapLine);
}
}
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(weInterior, OriginType.INCOMPLETE);
exportConnectedConditions.getConjuncts().add(we);
preFilterConditions.getDisjuncts().add(exportConnectedConditions);
}
// redistribute ospf
BgpRedistributionPolicy redistributeOspfPolicy = proc.getRedistributionPolicies().get(RoutingProtocol.OSPF);
if (redistributeOspfPolicy != null) {
BooleanExpr weInterior = BooleanExprs.True.toStaticBooleanExpr();
Conjunction exportOspfConditions = new Conjunction();
exportOspfConditions.setComment("Redistribute OSPF routes into BGP");
exportOspfConditions.getConjuncts().add(new MatchProtocol(RoutingProtocol.OSPF));
String mapName = redistributeOspfPolicy.getRouteMap();
if (mapName != null) {
int mapLine = redistributeOspfPolicy.getRouteMapLine();
RouteMap redistributeOspfRouteMap = _routeMaps.get(mapName);
if (redistributeOspfRouteMap != null) {
redistributeOspfRouteMap.getReferers().put(proc, "ospf redistribution route-map");
weInterior = new CallExpr(mapName);
} else {
undefined(CiscoStructureType.ROUTE_MAP, mapName, CiscoStructureUsage.BGP_REDISTRIBUTE_OSPF_MAP, mapLine);
}
}
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(weInterior, OriginType.INCOMPLETE);
exportOspfConditions.getConjuncts().add(we);
preFilterConditions.getDisjuncts().add(exportOspfConditions);
}
// cause ip peer groups to inherit unset fields from owning named peer
// group if it exists, and then always from process master peer group
Set<LeafBgpPeerGroup> leafGroups = new LinkedHashSet<>();
leafGroups.addAll(proc.getIpPeerGroups().values());
leafGroups.addAll(proc.getIpv6PeerGroups().values());
leafGroups.addAll(proc.getDynamicIpPeerGroups().values());
leafGroups.addAll(proc.getDynamicIpv6PeerGroups().values());
for (LeafBgpPeerGroup lpg : leafGroups) {
lpg.inheritUnsetFields(proc, this);
}
_unusedPeerGroups = new TreeMap<>();
int fakePeerCounter = -1;
// peer groups / peer templates
for (Entry<String, NamedBgpPeerGroup> e : proc.getNamedPeerGroups().entrySet()) {
String name = e.getKey();
NamedBgpPeerGroup namedPeerGroup = e.getValue();
if (!namedPeerGroup.getInherited()) {
_unusedPeerGroups.put(name, namedPeerGroup.getDefinitionLine());
Ip fakeIp = new Ip(fakePeerCounter);
IpBgpPeerGroup fakePg = new IpBgpPeerGroup(fakeIp);
fakePg.setGroupName(name);
fakePg.setActive(false);
fakePg.setShutdown(true);
leafGroups.add(fakePg);
fakePg.inheritUnsetFields(proc, this);
fakePeerCounter--;
}
namedPeerGroup.inheritUnsetFields(proc, this);
}
// separate because peer sessions can inherit from other peer sessions
_unusedPeerSessions = new TreeMap<>();
int fakeGroupCounter = 1;
for (NamedBgpPeerGroup namedPeerGroup : proc.getPeerSessions().values()) {
namedPeerGroup.getParentSession(proc, this).inheritUnsetFields(proc, this);
}
for (Entry<String, NamedBgpPeerGroup> e : proc.getPeerSessions().entrySet()) {
String name = e.getKey();
NamedBgpPeerGroup namedPeerGroup = e.getValue();
if (!namedPeerGroup.getInherited()) {
_unusedPeerSessions.put(name, namedPeerGroup.getDefinitionLine());
String fakeNamedPgName = "~FAKE_PG_" + fakeGroupCounter + "~";
NamedBgpPeerGroup fakeNamedPg = new NamedBgpPeerGroup(fakeNamedPgName, -1);
fakeNamedPg.setPeerSession(name);
proc.getNamedPeerGroups().put(fakeNamedPgName, fakeNamedPg);
Ip fakeIp = new Ip(fakePeerCounter);
IpBgpPeerGroup fakePg = new IpBgpPeerGroup(fakeIp);
fakePg.setGroupName(fakeNamedPgName);
fakePg.setActive(false);
fakePg.setShutdown(true);
leafGroups.add(fakePg);
fakePg.inheritUnsetFields(proc, this);
fakeGroupCounter++;
fakePeerCounter--;
}
}
// create origination prefilter from listed advertised networks
proc.getIpNetworks().forEach((prefix, bgpNetwork) -> {
String mapName = bgpNetwork.getRouteMapName();
BooleanExpr weExpr = BooleanExprs.True.toStaticBooleanExpr();
if (mapName != null) {
int mapLine = bgpNetwork.getRouteMapLine();
RouteMap routeMap = _routeMaps.get(mapName);
if (routeMap != null) {
weExpr = new CallExpr(mapName);
routeMap.getReferers().put(proc, "bgp ipv4 advertised network route-map");
} else {
undefined(CiscoStructureType.ROUTE_MAP, mapName, CiscoStructureUsage.BGP_NETWORK_ORIGINATION_ROUTE_MAP, mapLine);
}
}
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(weExpr, OriginType.IGP);
Conjunction exportNetworkConditions = new Conjunction();
PrefixSpace space = new PrefixSpace();
space.addPrefix(prefix);
exportNetworkConditions.getConjuncts().add(new MatchPrefixSet(new DestinationNetwork(), new ExplicitPrefixSet(space)));
exportNetworkConditions.getConjuncts().add(new Not(new MatchProtocol(RoutingProtocol.BGP)));
exportNetworkConditions.getConjuncts().add(new Not(new MatchProtocol(RoutingProtocol.IBGP)));
// TODO: ban aggregates?
exportNetworkConditions.getConjuncts().add(new Not(new MatchProtocol(RoutingProtocol.AGGREGATE)));
exportNetworkConditions.getConjuncts().add(we);
preFilterConditions.getDisjuncts().add(exportNetworkConditions);
});
String localFilter6Name = "~BGP_NETWORK6_NETWORKS_FILTER:" + vrfName + "~";
Route6FilterList localFilter6 = new Route6FilterList(localFilter6Name);
proc.getIpv6Networks().forEach((prefix6, bgpNetwork6) -> {
int prefixLen = prefix6.getPrefixLength();
Route6FilterLine line = new Route6FilterLine(LineAction.ACCEPT, prefix6, new SubRange(prefixLen, prefixLen));
localFilter6.addLine(line);
String mapName = bgpNetwork6.getRouteMapName();
if (mapName != null) {
int mapLine = bgpNetwork6.getRouteMapLine();
RouteMap routeMap = _routeMaps.get(mapName);
if (routeMap != null) {
routeMap.getReferers().put(proc, "bgp ipv6 advertised network route-map");
BooleanExpr we = bgpRedistributeWithEnvironmentExpr(new CallExpr(mapName), OriginType.IGP);
Conjunction exportNetwork6Conditions = new Conjunction();
Prefix6Space space6 = new Prefix6Space();
space6.addPrefix6(prefix6);
exportNetwork6Conditions.getConjuncts().add(new MatchPrefix6Set(new DestinationNetwork6(), new ExplicitPrefix6Set(space6)));
exportNetwork6Conditions.getConjuncts().add(new Not(new MatchProtocol(RoutingProtocol.BGP)));
exportNetwork6Conditions.getConjuncts().add(new Not(new MatchProtocol(RoutingProtocol.IBGP)));
// TODO: ban aggregates?
exportNetwork6Conditions.getConjuncts().add(new Not(new MatchProtocol(RoutingProtocol.AGGREGATE)));
exportNetwork6Conditions.getConjuncts().add(we);
preFilterConditions.getDisjuncts().add(exportNetwork6Conditions);
} else {
undefined(CiscoStructureType.ROUTE_MAP, mapName, CiscoStructureUsage.BGP_NETWORK6_ORIGINATION_ROUTE_MAP, mapLine);
}
}
});
c.getRoute6FilterLists().put(localFilter6Name, localFilter6);
MatchProtocol isEbgp = new MatchProtocol(RoutingProtocol.BGP);
MatchProtocol isIbgp = new MatchProtocol(RoutingProtocol.IBGP);
preFilterConditions.getDisjuncts().add(isEbgp);
preFilterConditions.getDisjuncts().add(isIbgp);
for (LeafBgpPeerGroup lpg : leafGroups) {
// update source
String updateSourceInterface = lpg.getUpdateSource();
boolean ipv4 = lpg.getNeighborPrefix() != null;
Ip updateSource = getUpdateSource(c, vrfName, lpg, updateSourceInterface, ipv4);
RoutingPolicy importPolicy = null;
String inboundRouteMapName = lpg.getInboundRouteMap();
if (inboundRouteMapName != null) {
int inboundRouteMapLine = lpg.getInboundRouteMapLine();
importPolicy = c.getRoutingPolicies().get(inboundRouteMapName);
if (importPolicy == null) {
undefined(CiscoStructureType.ROUTE_MAP, inboundRouteMapName, CiscoStructureUsage.BGP_INBOUND_ROUTE_MAP, inboundRouteMapLine);
} else {
RouteMap inboundRouteMap = _routeMaps.get(inboundRouteMapName);
inboundRouteMap.getReferers().put(lpg, "inbound route-map for leaf peer-group: " + lpg.getName());
}
}
String inboundRoute6MapName = lpg.getInboundRoute6Map();
RoutingPolicy importPolicy6 = null;
if (inboundRoute6MapName != null) {
int inboundRoute6MapLine = lpg.getInboundRoute6MapLine();
importPolicy6 = c.getRoutingPolicies().get(inboundRoute6MapName);
if (importPolicy6 == null) {
undefined(CiscoStructureType.ROUTE_MAP, inboundRoute6MapName, CiscoStructureUsage.BGP_INBOUND_ROUTE6_MAP, inboundRoute6MapLine);
} else {
RouteMap inboundRouteMap = _routeMaps.get(inboundRoute6MapName);
inboundRouteMap.getReferers().put(lpg, "inbound route-map for leaf peer-group: " + lpg.getName());
}
}
String peerExportPolicyName = "~BGP_PEER_EXPORT_POLICY:" + vrfName + ":" + lpg.getName() + "~";
RoutingPolicy peerExportPolicy = new RoutingPolicy(peerExportPolicyName, c);
if (lpg.getActive() && !lpg.getShutdown()) {
c.getRoutingPolicies().put(peerExportPolicyName, peerExportPolicy);
}
if (lpg.getNextHopSelf() != null && lpg.getNextHopSelf()) {
peerExportPolicy.getStatements().add(new SetNextHop(new SelfNextHop(), false));
}
if (lpg.getRemovePrivateAs() != null && lpg.getRemovePrivateAs()) {
peerExportPolicy.getStatements().add(Statements.RemovePrivateAs.toStaticStatement());
}
If peerExportConditional = new If();
peerExportConditional.setComment("peer-export policy main conditional: exitAccept if true / exitReject if false");
peerExportPolicy.getStatements().add(peerExportConditional);
Conjunction peerExportConditions = new Conjunction();
peerExportConditional.setGuard(peerExportConditions);
peerExportConditional.getTrueStatements().add(Statements.ExitAccept.toStaticStatement());
peerExportConditional.getFalseStatements().add(Statements.ExitReject.toStaticStatement());
Disjunction localOrCommonOrigination = new Disjunction();
peerExportConditions.getConjuncts().add(localOrCommonOrigination);
localOrCommonOrigination.getDisjuncts().add(new CallExpr(bgpCommonExportPolicyName));
String outboundRouteMapName = lpg.getOutboundRouteMap();
if (outboundRouteMapName != null) {
int outboundRouteMapLine = lpg.getOutboundRouteMapLine();
RouteMap outboundRouteMap = _routeMaps.get(outboundRouteMapName);
if (outboundRouteMap == null) {
undefined(CiscoStructureType.ROUTE_MAP, outboundRouteMapName, CiscoStructureUsage.BGP_OUTBOUND_ROUTE_MAP, outboundRouteMapLine);
} else {
outboundRouteMap.getReferers().put(lpg, "outbound route-map for leaf peer-group: " + lpg.getName());
peerExportConditions.getConjuncts().add(new CallExpr(outboundRouteMapName));
}
}
String outboundRoute6MapName = lpg.getOutboundRoute6Map();
if (outboundRoute6MapName != null) {
int outboundRoute6MapLine = lpg.getOutboundRoute6MapLine();
RouteMap outboundRoute6Map = _routeMaps.get(outboundRoute6MapName);
if (outboundRoute6Map == null) {
undefined(CiscoStructureType.ROUTE_MAP, outboundRoute6MapName, CiscoStructureUsage.BGP_OUTBOUND_ROUTE6_MAP, outboundRoute6MapLine);
} else {
outboundRoute6Map.getReferers().put(lpg, "outbound ipv6 route-map for leaf peer-group: " + lpg.getName());
}
}
// set up default export policy for this peer group
GeneratedRoute.Builder defaultRoute = null;
GeneratedRoute6.Builder defaultRoute6 = null;
if (lpg.getDefaultOriginate()) {
if (ipv4) {
localOrCommonOrigination.getDisjuncts().add(matchDefaultRoute);
} else {
localOrCommonOrigination.getDisjuncts().add(matchDefaultRoute6);
}
defaultRoute = new GeneratedRoute.Builder();
defaultRoute.setNetwork(Prefix.ZERO);
defaultRoute.setAdmin(MAX_ADMINISTRATIVE_COST);
defaultRoute6 = new GeneratedRoute6.Builder();
defaultRoute6.setNetwork(Prefix6.ZERO);
defaultRoute6.setAdmin(MAX_ADMINISTRATIVE_COST);
String defaultOriginateMapName = lpg.getDefaultOriginateMap();
if (defaultOriginateMapName != null) {
// originate contingent on
// generation policy
int defaultOriginateMapLine = lpg.getDefaultOriginateMapLine();
RoutingPolicy defaultRouteGenerationPolicy = c.getRoutingPolicies().get(defaultOriginateMapName);
if (defaultRouteGenerationPolicy == null) {
undefined(CiscoStructureType.ROUTE_MAP, defaultOriginateMapName, CiscoStructureUsage.BGP_DEFAULT_ORIGINATE_ROUTE_MAP, defaultOriginateMapLine);
} else {
RouteMap defaultRouteGenerationRouteMap = _routeMaps.get(defaultOriginateMapName);
defaultRouteGenerationRouteMap.getReferers().put(lpg, "default route generation policy for leaf peer-group: " + lpg.getName());
defaultRoute.setGenerationPolicy(defaultOriginateMapName);
}
} else {
String defaultRouteGenerationPolicyName = "~BGP_DEFAULT_ROUTE_GENERATION_POLICY:" + vrfName + ":" + lpg.getName() + "~";
RoutingPolicy defaultRouteGenerationPolicy = new RoutingPolicy(defaultRouteGenerationPolicyName, c);
If defaultRouteGenerationConditional = new If();
defaultRouteGenerationPolicy.getStatements().add(defaultRouteGenerationConditional);
if (ipv4) {
defaultRouteGenerationConditional.setGuard(matchDefaultRoute);
} else {
defaultRouteGenerationConditional.setGuard(matchDefaultRoute6);
}
defaultRouteGenerationConditional.getTrueStatements().add(Statements.ReturnTrue.toStaticStatement());
if (lpg.getActive() && !lpg.getShutdown()) {
c.getRoutingPolicies().put(defaultRouteGenerationPolicyName, defaultRouteGenerationPolicy);
}
if (ipv4) {
defaultRoute.setGenerationPolicy(defaultRouteGenerationPolicyName);
} else {
defaultRoute6.setGenerationPolicy(defaultRouteGenerationPolicyName);
}
}
}
Ip clusterId = lpg.getClusterId();
if (clusterId == null) {
clusterId = bgpRouterId;
}
boolean routeReflectorClient = lpg.getRouteReflectorClient();
boolean sendCommunity = lpg.getSendCommunity();
boolean additionalPathsReceive = lpg.getAdditionalPathsReceive();
boolean additionalPathsSelectAll = lpg.getAdditionalPathsSelectAll();
boolean additionalPathsSend = lpg.getAdditionalPathsSend();
boolean advertiseInactive = lpg.getAdvertiseInactive();
boolean ebgpMultihop = lpg.getEbgpMultihop();
boolean allowasIn = lpg.getAllowAsIn();
boolean disablePeerAsCheck = lpg.getDisablePeerAsCheck();
String inboundPrefixListName = lpg.getInboundPrefixList();
if (inboundPrefixListName != null) {
int inboundPrefixListLine = lpg.getInboundPrefixListLine();
ReferenceCountedStructure inboundPrefixList;
if (ipv4) {
inboundPrefixList = _prefixLists.get(inboundPrefixListName);
} else {
inboundPrefixList = _prefix6Lists.get(inboundPrefixListName);
}
if (inboundPrefixList != null) {
inboundPrefixList.getReferers().put(lpg, "inbound prefix-list for neighbor: '" + lpg.getName() + "'");
} else {
if (ipv4) {
undefined(CiscoStructureType.PREFIX_LIST, inboundPrefixListName, CiscoStructureUsage.BGP_INBOUND_PREFIX_LIST, inboundPrefixListLine);
} else {
undefined(CiscoStructureType.PREFIX6_LIST, inboundPrefixListName, CiscoStructureUsage.BGP_INBOUND_PREFIX6_LIST, inboundPrefixListLine);
}
}
}
String outboundPrefixListName = lpg.getOutboundPrefixList();
if (outboundPrefixListName != null) {
int outboundPrefixListLine = lpg.getOutboundPrefixListLine();
ReferenceCountedStructure outboundPrefixList;
if (ipv4) {
outboundPrefixList = _prefixLists.get(outboundPrefixListName);
} else {
outboundPrefixList = _prefix6Lists.get(outboundPrefixListName);
}
if (outboundPrefixList != null) {
outboundPrefixList.getReferers().put(lpg, "outbound prefix-list for neighbor: '" + lpg.getName() + "'");
} else {
if (ipv4) {
undefined(CiscoStructureType.PREFIX_LIST, outboundPrefixListName, CiscoStructureUsage.BGP_OUTBOUND_PREFIX_LIST, outboundPrefixListLine);
} else {
undefined(CiscoStructureType.PREFIX6_LIST, outboundPrefixListName, CiscoStructureUsage.BGP_OUTBOUND_PREFIX6_LIST, outboundPrefixListLine);
}
}
}
String description = lpg.getDescription();
if (lpg.getActive() && !lpg.getShutdown()) {
if (lpg.getRemoteAs() == null) {
_w.redFlag("No remote-as set for peer: " + lpg.getName());
continue;
}
Integer pgLocalAs = lpg.getLocalAs();
int localAs = pgLocalAs != null ? pgLocalAs : proc.getName();
BgpNeighbor newNeighbor;
if (lpg instanceof IpBgpPeerGroup) {
IpBgpPeerGroup ipg = (IpBgpPeerGroup) lpg;
Ip neighborAddress = ipg.getIp();
newNeighbor = new BgpNeighbor(neighborAddress, c);
} else if (lpg instanceof DynamicIpBgpPeerGroup) {
DynamicIpBgpPeerGroup dpg = (DynamicIpBgpPeerGroup) lpg;
Prefix neighborAddressRange = dpg.getPrefix();
newNeighbor = new BgpNeighbor(neighborAddressRange, c);
} else if (lpg instanceof Ipv6BgpPeerGroup || lpg instanceof DynamicIpv6BgpPeerGroup) {
// TODO: implement ipv6 bgp neighbors
continue;
} else {
throw new VendorConversionException("Invalid BGP leaf neighbor type");
}
newBgpNeighbors.put(newNeighbor.getPrefix(), newNeighbor);
newNeighbor.setAdditionalPathsReceive(additionalPathsReceive);
newNeighbor.setAdditionalPathsSelectAll(additionalPathsSelectAll);
newNeighbor.setAdditionalPathsSend(additionalPathsSend);
newNeighbor.setAdvertiseInactive(advertiseInactive);
newNeighbor.setAllowLocalAsIn(allowasIn);
newNeighbor.setAllowRemoteAsOut(disablePeerAsCheck);
newNeighbor.setRouteReflectorClient(routeReflectorClient);
newNeighbor.setClusterId(clusterId.asLong());
newNeighbor.setDefaultMetric(defaultMetric);
newNeighbor.setDescription(description);
newNeighbor.setEbgpMultihop(ebgpMultihop);
if (defaultRoute != null) {
newNeighbor.getGeneratedRoutes().add(defaultRoute.build());
}
newNeighbor.setGroup(lpg.getGroupName());
if (importPolicy != null) {
newNeighbor.setImportPolicy(inboundRouteMapName);
}
newNeighbor.setLocalAs(localAs);
newNeighbor.setLocalIp(updateSource);
newNeighbor.setExportPolicy(peerExportPolicyName);
newNeighbor.setRemoteAs(lpg.getRemoteAs());
newNeighbor.setSendCommunity(sendCommunity);
newNeighbor.setVrf(vrfName);
}
}
return newBgpProcess;
}
Also used :
MatchPrefix6Set(org.batfish.datamodel.routing_policy.expr.MatchPrefix6Set)
LinkedHashSet(java.util.LinkedHashSet)
NamedPrefixSet(org.batfish.datamodel.routing_policy.expr.NamedPrefixSet)
ExplicitPrefix6Set(org.batfish.datamodel.routing_policy.expr.ExplicitPrefix6Set)
ArrayList(java.util.ArrayList)
DestinationNetwork6(org.batfish.datamodel.routing_policy.expr.DestinationNetwork6)
CallExpr(org.batfish.datamodel.routing_policy.expr.CallExpr)
SetNextHop(org.batfish.datamodel.routing_policy.statement.SetNextHop)
BooleanExpr(org.batfish.datamodel.routing_policy.expr.BooleanExpr)
LinkedHashSet(java.util.LinkedHashSet)
HashSet(java.util.HashSet)
PrefixSpace(org.batfish.datamodel.PrefixSpace)
GeneratedRoute6(org.batfish.datamodel.GeneratedRoute6)
MatchProtocol(org.batfish.datamodel.routing_policy.expr.MatchProtocol)
VendorConversionException(org.batfish.common.VendorConversionException)
Route6FilterLine(org.batfish.datamodel.Route6FilterLine)
Disjunction(org.batfish.datamodel.routing_policy.expr.Disjunction)
Not(org.batfish.datamodel.routing_policy.expr.Not)
ExplicitPrefixSet(org.batfish.datamodel.routing_policy.expr.ExplicitPrefixSet)
BgpTieBreaker(org.batfish.datamodel.BgpTieBreaker)
GeneratedRoute(org.batfish.datamodel.GeneratedRoute)
If(org.batfish.datamodel.routing_policy.statement.If)
Ip(org.batfish.datamodel.Ip)
Prefix(org.batfish.datamodel.Prefix)
SelfNextHop(org.batfish.datamodel.routing_policy.expr.SelfNextHop)
MultipathEquivalentAsPathMatchMode(org.batfish.datamodel.MultipathEquivalentAsPathMatchMode)
BgpNeighbor(org.batfish.datamodel.BgpNeighbor)
Conjunction(org.batfish.datamodel.routing_policy.expr.Conjunction)
ReferenceCountedStructure(org.batfish.common.util.ReferenceCountedStructure)
SubRange(org.batfish.datamodel.SubRange)
RouteFilterLine(org.batfish.datamodel.RouteFilterLine)
PrefixRange(org.batfish.datamodel.PrefixRange)
CallStatement(org.batfish.datamodel.routing_policy.statement.CallStatement)
Statement(org.batfish.datamodel.routing_policy.statement.Statement)
MatchPrefixSet(org.batfish.datamodel.routing_policy.expr.MatchPrefixSet)
RoutingPolicy(org.batfish.datamodel.routing_policy.RoutingPolicy)
Route6FilterList(org.batfish.datamodel.Route6FilterList)
Prefix6Space(org.batfish.datamodel.Prefix6Space)
Prefix6Range(org.batfish.datamodel.Prefix6Range)
BigInteger(java.math.BigInteger)
DestinationNetwork(org.batfish.datamodel.routing_policy.expr.DestinationNetwork)
RouteFilterList(org.batfish.datamodel.RouteFilterList)
Prefix6(org.batfish.datamodel.Prefix6)
Aggregations
Route6FilterList (org.batfish.datamodel.Route6FilterList)7
ArrayList (java.util.ArrayList)4
Route6FilterLine (org.batfish.datamodel.Route6FilterLine)4
RouteFilterList (org.batfish.datamodel.RouteFilterList)4
Ip (org.batfish.datamodel.Ip)3
SubRange (org.batfish.datamodel.SubRange)3
RoutingPolicy (org.batfish.datamodel.routing_policy.RoutingPolicy)3
BooleanExpr (org.batfish.datamodel.routing_policy.expr.BooleanExpr)3
DestinationNetwork6 (org.batfish.datamodel.routing_policy.expr.DestinationNetwork6)3
Disjunction (org.batfish.datamodel.routing_policy.expr.Disjunction)3
MatchPrefix6Set (org.batfish.datamodel.routing_policy.expr.MatchPrefix6Set)3
BigInteger (java.math.BigInteger)2
HashSet (java.util.HashSet)2
VendorConversionException (org.batfish.common.VendorConversionException)2
Configuration (org.batfish.datamodel.Configuration)2
Ip6AccessList (org.batfish.datamodel.Ip6AccessList)2
IpAccessList (org.batfish.datamodel.IpAccessList)2
Prefix (org.batfish.datamodel.Prefix)2
RouteFilterLine (org.batfish.datamodel.RouteFilterLine)2
LinkedHashMap (java.util.LinkedHashMap)1
