Giters

bibigon812 / bibigon812-quagga

This puppet module manages dynamic routing protocols.

Home Page:https://forge.puppet.com/bibigon812/quagga

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

puppet-modulequaggabgpospfpimroute-mapprefix-listas-pathcommunity-liststatic-route

Build Status

Table of Contents

  1. Module Description
  2. Notice
  3. Quick Start
  4. Zebra Options
  5. BGP
  6. OSPF
  7. PIM

Module Description

This module provides management of network protocols without restarting services. All resources make changes to the configuration of services using commands, as if you are doing this through the CLI.

Notice

  • If you use SELinux set the sebool for Quagga:
setsebool zebra_write_config on
  • If you have over 500k routes on CentOS set UseDNS no in /etc/ssh/sshd_config
  • If you have the FullView on CentOS turn off NetworkManager.
systemctl stop NetworkManager
systemctl mask NetworkManager
  • Use the default value for the default_ipv4_unicast property of the quagga_bgp_router resource type.
  • The correct way to delete route-map or prefix-list rules is to use the ensure: absent.
quagga::zebra::route_maps:
  ROUTE_MAP_IN:
    rules:
      1:
        ensure: absent
        action: deny
        match: ip address prefix-list ADVERTISED_PREFIXES

Quick Start

Include with default parameters:

include quagga

Zebra Options

SNMP

quagga::zebra::agentx: false

Forwarding

quagga::zebra::global_opts:
  ip_forwarding: true
  ipv6_forwarding: true

Interfaces

quagga::zebra::interfaces:
  eth0:
    ip_address:
      - 10.0.0.1/24
  lo:
    ip_address:
      - 10.255.255.1/32
      - 172.16.255.1/32

Routes

The prefix and the nexthop are namevars.

quagga::zebra::routes:
  192.168.0.0/24:
    ensure: present
    nexthop: 10.0.0.100
    distance: 250
  192.168.1.0/24 Null0:
    ensure: present
    distance: 250
  192.168.1.0/24 10.0.0.100:
    ensure: present
    option: reject
    distance: 200

Access-Lists

  • standard: 1-99, 1300-1999
  • extended: 100-199, 2000-2699
  • zebra: [[:alpha:]]+
quagga::zebra::access_lists:
  1:
    remark: Standard access-list
    rules:
      - permit 127.0.0.1
      - deny any
  100:
    remark: Extended access-list
    rules:
      - permit ip 10.0.0.0 0.0.0.255 any
      - permit ip any 10.0.0.0 0.0.0.255
      - deny ip any any
  zebra_list:
    remark: Zebra access-list
    rules:
      - permit 10.0.0.0/24
      - deny any

Prefix Lists

quagga::zebra::prefix_lists:
  CONNECTED_PREFIXES:
    rules:
      500:
        action: permit
        le: 32
        prefix: 10.255.255.0/24
  OSPF_PREFIXES:
    rules:
      10:
        action: permit
        prefix: 172.16.255.0/24

Route Maps

quagga::zebra::route_maps:
  BGP_FROM_OSPF:
    rules:
      10:
        action: permit
        match: ip address prefix-list OSPF_PREFIXES
  CONNECTED:
    rules:
      10:
        action: permit
        match: ip address prefix-list CONNECTED_PREFIXES

BGP

BGP SNMP

quagga::bgp::agentx: false

BGP Router

quagga::bgp::router:
  as_number: 65000
  default_ipv4_unicast: false
  import_check: true
  router_id: 10.0.0.1
  keepalive: 3
  holdtime: 9

BGP Address Families

quagga::bgp::address_families:
  ipv4_unicast:
    aggregate_address:
      - 1.1.1.0/24 summary-only
      - 1.1.2.0/24 summary-only
    maximum_ebgp_paths: 2
    maximum_ibgp_paths: 10
    networks:
      - 1.1.1.0/23
      - 1.1.3.0/24
  ipv4_multicast:
    networks:
      - 230.0.0.0/8
      - 231.0.0.0/8
  ipv6_unicast:
    aggregate_address:
      - 2001:db8:0:2::/64
      - 2001:db8:0:3::/64
    networks:
      - 2001:db8::/64
      - 2001:db8:0:1::/64
      - 2001:db8:0:2::/63

BGP Peers

quagga::bgp::peers:
  CLIENTS:
    passive: true
    address_families:
      ipv4_unicast:
        activate: true
        default_originate: true
  INTERNAL:
    remote_as: 65000
    password: QWRF$345!#@$
    update_source: 10.0.0.1
    address_families:
      ipv4_unicast:
        activate: true
        next_hop_self: true
  10.0.0.2:
    peer_group: INTERNAL
    address_families:
      ipv4_unicast:
        peer_group: INTERNAL
  10.0.0.3:
    peer_group: INTERNAL
    address_families:
      ipv4_unicast:
        peer_group: INTERNAL
  10.0.0.10:
    peer_group: INTERNAL
    address_families:
      ipv4_multicast:
        activate: true
  172.16.0.2:
    peer_group: CLIENTS
    remote_as: 65001
    address_families:
      ipv4_unicast:
        peer_group: CLIENTS

BGP AS-Paths

quagga::bgp::as_paths:
  FROM_AS100:
    rules:
      - permit _100$

BGP Community Lists

quagga::bgp::community_lists:
  100:
    rules:
      - permit 65000:101
      - permit 65000:102
      - permit 65000:103
  200:
    rules:
      - permit 65000:201
      - permit 65000:202

OSPF

OSPF SNMP

quagga::ospf::agentx: false

OSPF Router

quagga::ospf::router:
  distribute_list:
    - ACCESS_LIST out kernel
    - ACCESS_LIST out isis
  log_adjacency_changes: true
  opaque: false
  passive_interfaces:
    - eth0
    - eth1
  redistribute:
    - connected route-map CONNECTED
  rfc1583: false
  router_id: 10.0.0.1

OSPF Areas

quagga::ospf::areas:
  0.0.0.0:
    networks:
      - 172.16.0.0/24
      - 192.168.0.0/24
    ranges:
      1.1.1.1/32:
        substitute: 1.1.1.0/24
  0.0.0.1:
    networks:
      - 172.16.1.0/24
      - 192.168.1.0/24
    stub: true

OSPF Interfaces

quagga::ospf::interfaces:
  eth0:
    dead_interval: 8
    hello_interval: 2
    mtu_ignore: true
    priority: 100

PIM

PIM SNMP

quagga::pim::agentx: false

PIM Router

quagga::pim::router:
  ip_multicast_routing: true

PIM Interfaces

quagga::pim::interfaces:
  eth0:
    igmp: true
    multicast: true
    pim_ssm: true

About

This puppet module manages dynamic routing protocols.

https://forge.puppet.com/bibigon812/quagga

puppet-modulequaggabgpospfpimroute-mapprefix-listas-pathcommunity-liststatic-route

License:Apache License 2.0

Languages

Language:Ruby 93.3%Language:Puppet 6.6%Language:Dockerfile 0.1%