Table of Contents
Module Description
This module provides management of network protocols without restarting services. All resources make changes to the configuration of services using commands, as if you are doing this through the CLI.
Notice
- If you use SELinux set the sebool for Quagga:
setsebool zebra_write_config on
- If you have over 500k routes on CentOS set
UseDNS no
in/etc/ssh/sshd_config
- If you have the FullView on CentOS turn off
NetworkManager
.
systemctl stop NetworkManager
systemctl mask NetworkManager
- Use the default value for the
default_ipv4_unicast
property of thequagga_bgp_router
resource type. - The correct way to delete route-map or prefix-list rules is to use the
ensure: absent
.
quagga::zebra::route_maps:
ROUTE_MAP_IN:
rules:
1:
ensure: absent
action: deny
match: ip address prefix-list ADVERTISED_PREFIXES
Quick Start
Include with default parameters:
include quagga
Zebra Options
SNMP
quagga::zebra::agentx: false
Forwarding
quagga::zebra::global_opts:
ip_forwarding: true
ipv6_forwarding: true
Interfaces
quagga::zebra::interfaces:
eth0:
ip_address:
- 10.0.0.1/24
lo:
ip_address:
- 10.255.255.1/32
- 172.16.255.1/32
Routes
The prefix and the nexthop are namevars.
quagga::zebra::routes:
192.168.0.0/24:
ensure: present
nexthop: 10.0.0.100
distance: 250
192.168.1.0/24 Null0:
ensure: present
distance: 250
192.168.1.0/24 10.0.0.100:
ensure: present
option: reject
distance: 200
Access-Lists
- standard: 1-99, 1300-1999
- extended: 100-199, 2000-2699
- zebra: [[:alpha:]]+
quagga::zebra::access_lists:
1:
remark: Standard access-list
rules:
- permit 127.0.0.1
- deny any
100:
remark: Extended access-list
rules:
- permit ip 10.0.0.0 0.0.0.255 any
- permit ip any 10.0.0.0 0.0.0.255
- deny ip any any
zebra_list:
remark: Zebra access-list
rules:
- permit 10.0.0.0/24
- deny any
Prefix Lists
quagga::zebra::prefix_lists:
CONNECTED_PREFIXES:
rules:
500:
action: permit
le: 32
prefix: 10.255.255.0/24
OSPF_PREFIXES:
rules:
10:
action: permit
prefix: 172.16.255.0/24
Route Maps
quagga::zebra::route_maps:
BGP_FROM_OSPF:
rules:
10:
action: permit
match: ip address prefix-list OSPF_PREFIXES
CONNECTED:
rules:
10:
action: permit
match: ip address prefix-list CONNECTED_PREFIXES
BGP
BGP SNMP
quagga::bgp::agentx: false
BGP Router
quagga::bgp::router:
as_number: 65000
default_ipv4_unicast: false
import_check: true
router_id: 10.0.0.1
keepalive: 3
holdtime: 9
BGP Address Families
quagga::bgp::address_families:
ipv4_unicast:
aggregate_address:
- 1.1.1.0/24 summary-only
- 1.1.2.0/24 summary-only
maximum_ebgp_paths: 2
maximum_ibgp_paths: 10
networks:
- 1.1.1.0/23
- 1.1.3.0/24
ipv4_multicast:
networks:
- 230.0.0.0/8
- 231.0.0.0/8
ipv6_unicast:
aggregate_address:
- 2001:db8:0:2::/64
- 2001:db8:0:3::/64
networks:
- 2001:db8::/64
- 2001:db8:0:1::/64
- 2001:db8:0:2::/63
BGP Peers
quagga::bgp::peers:
CLIENTS:
passive: true
address_families:
ipv4_unicast:
activate: true
default_originate: true
INTERNAL:
remote_as: 65000
password: QWRF$345!#@$
update_source: 10.0.0.1
address_families:
ipv4_unicast:
activate: true
next_hop_self: true
10.0.0.2:
peer_group: INTERNAL
address_families:
ipv4_unicast:
peer_group: INTERNAL
10.0.0.3:
peer_group: INTERNAL
address_families:
ipv4_unicast:
peer_group: INTERNAL
10.0.0.10:
peer_group: INTERNAL
address_families:
ipv4_multicast:
activate: true
172.16.0.2:
peer_group: CLIENTS
remote_as: 65001
address_families:
ipv4_unicast:
peer_group: CLIENTS
BGP AS-Paths
quagga::bgp::as_paths:
FROM_AS100:
rules:
- permit _100$
BGP Community Lists
quagga::bgp::community_lists:
100:
rules:
- permit 65000:101
- permit 65000:102
- permit 65000:103
200:
rules:
- permit 65000:201
- permit 65000:202
OSPF
OSPF SNMP
quagga::ospf::agentx: false
OSPF Router
quagga::ospf::router:
distribute_list:
- ACCESS_LIST out kernel
- ACCESS_LIST out isis
log_adjacency_changes: true
opaque: false
passive_interfaces:
- eth0
- eth1
redistribute:
- connected route-map CONNECTED
rfc1583: false
router_id: 10.0.0.1
OSPF Areas
quagga::ospf::areas:
0.0.0.0:
networks:
- 172.16.0.0/24
- 192.168.0.0/24
ranges:
1.1.1.1/32:
substitute: 1.1.1.0/24
0.0.0.1:
networks:
- 172.16.1.0/24
- 192.168.1.0/24
stub: true
OSPF Interfaces
quagga::ospf::interfaces:
eth0:
dead_interval: 8
hello_interval: 2
mtu_ignore: true
priority: 100
PIM
PIM SNMP
quagga::pim::agentx: false
PIM Router
quagga::pim::router:
ip_multicast_routing: true
PIM Interfaces
quagga::pim::interfaces:
eth0:
igmp: true
multicast: true
pim_ssm: true